Unreviewed, rolling out r145435.
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2013-03-11  Sheriff Bot  <webkit.review.bot@gmail.com>
2
3         Unreviewed, rolling out r145435.
4         http://trac.webkit.org/changeset/145435
5         https://bugs.webkit.org/show_bug.cgi?id=112082
6
7         Still does not compile (Requested by jamesr on #webkit).
8
9         * Modules/indexeddb/IDBBackingStore.cpp:
10         (WebCore::IDBBackingStore::getObjectStores):
11         (WebCore::IDBBackingStore::createObjectStore):
12         (WebCore::IDBBackingStore::deleteObjectStore):
13         (WebCore::IDBBackingStore::getRecord):
14         (WebCore::IDBBackingStore::putRecord):
15         (WebCore::IDBBackingStore::clearObjectStore):
16         (WebCore::IDBBackingStore::deleteRecord):
17         (WebCore::IDBBackingStore::getKeyGeneratorCurrentNumber):
18         (WebCore::IDBBackingStore::maybeUpdateKeyGeneratorCurrentNumber):
19         (WebCore::IDBBackingStore::keyExistsInObjectStore):
20         (WebCore::IDBBackingStore::getIndexes):
21         (WebCore::IDBBackingStore::createIndex):
22         (WebCore::IDBBackingStore::deleteIndex):
23         (WebCore::IDBBackingStore::putIndexDataForRecord):
24         (WebCore::IDBBackingStore::findKeyInIndex):
25         (WebCore::IDBBackingStore::getPrimaryKeyViaIndex):
26         (WebCore::IDBBackingStore::keyExistsInIndex):
27         (WebCore::indexCursorOptions):
28         * Modules/indexeddb/IDBBackingStore.h:
29         (IDBBackingStore):
30         * Modules/indexeddb/IDBDatabaseBackendImpl.cpp:
31         (WebCore::DeleteIndexOperation::create):
32         (WebCore::DeleteIndexOperation::DeleteIndexOperation):
33         (DeleteIndexOperation):
34         (WebCore::IDBDatabaseBackendImpl::openInternal):
35         (WebCore::IDBDatabaseBackendImpl::deleteIndex):
36         (WebCore::DeleteIndexOperation::perform):
37         (WebCore::DeleteRangeOperation::perform):
38         (WebCore::ClearOperation::perform):
39         * Modules/indexeddb/IDBLevelDBCoding.cpp:
40         (WebCore::IDBLevelDBCoding::KeyPrefix::KeyPrefix):
41         (WebCore::IDBLevelDBCoding::KeyPrefix::encode):
42         (WebCore::IDBLevelDBCoding::SchemaVersionKey::encode):
43         (WebCore::IDBLevelDBCoding::MaxDatabaseIdKey::encode):
44         (WebCore::IDBLevelDBCoding::DataVersionKey::encode):
45         (WebCore::IDBLevelDBCoding::DatabaseFreeListKey::encode):
46         (WebCore::IDBLevelDBCoding::DatabaseNameKey::encode):
47         (WebCore::IDBLevelDBCoding::DatabaseMetaDataKey::encode):
48         (WebCore::IDBLevelDBCoding::ObjectStoreMetaDataKey::encode):
49         (WebCore::IDBLevelDBCoding::IndexMetaDataKey::encode):
50         (WebCore::IDBLevelDBCoding::ObjectStoreFreeListKey::encode):
51         (WebCore::IDBLevelDBCoding::IndexFreeListKey::encode):
52         (WebCore::IDBLevelDBCoding::ObjectStoreNamesKey::encode):
53         (WebCore::IDBLevelDBCoding::IndexNamesKey::encode):
54         (WebCore::IDBLevelDBCoding::ObjectStoreDataKey::encode):
55         (WebCore::IDBLevelDBCoding::ExistsEntryKey::encode):
56         * Modules/indexeddb/IDBLevelDBCoding.h:
57         (IDBLevelDBCoding):
58         (KeyPrefix):
59         * Modules/indexeddb/IDBObjectStoreBackendImpl.cpp:
60         (WebCore::IDBObjectStoreBackendImpl::IndexWriter::writeIndexKeys):
61
62 2013-03-11  Alec Flett  <alecflett@chromium.org>
63
64         IndexedDB: Protect against key prefix overflows
65         https://bugs.webkit.org/show_bug.cgi?id=111138
66
67         Reviewed by Tony Chang.
68
69         This reworks the boundary checking for all databaseId,
70         objectStoreId, and indexId, including negative and
71         zero-based ids. All entrypoints into IDBLevelDBCoding
72         are protected with explicit checks and all internal
73         uses of KeyPrefix are protected with ASSERTs in the
74         various constructors.
75
76         Tests: WebKit unit tests IDBBackingStoreTest.cpp in WebKit/chromium
77
78         * Modules/indexeddb/IDBBackingStore.h: Make all public methods boolean-based for errors.
79         * Modules/indexeddb/IDBLevelDBCoding.h: Add methods for checking databaseId, objectStoreId, and indexId.
80
81 2013-03-11  Philip Rogers  <pdr@google.com>
82
83         Replace static_cast<SVGStyledElement> with toSVGStyledElement()
84         https://bugs.webkit.org/show_bug.cgi?id=111651
85
86         Reviewed by Abhishek Arya.
87
88         toSVGStyledElement is preferred over static_cast<SVGStyledElement*> because bad casts
89         can be caught on our testing infrastructure. This patch replaces all
90         static_cast<SVGStyledElement> instances with toSVGStyledElement.
91
92         Additionally, this patch renames SVGElement::isStyled to SVGElement::isSVGStyledElement to
93         remove a confusing overlap with html styled elements. This name differs slighly from the
94         other is*() functions in SVGElement but this will be resolved up with webkit.org/b/107386.
95
96         No new tests as this is covered with existing tests.
97
98         * rendering/svg/RenderSVGModelObject.cpp:
99         (WebCore::getElementCTM):
100         * rendering/svg/RenderSVGResourceClipper.cpp:
101         (WebCore::RenderSVGResourceClipper::drawContentIntoMaskImage):
102         (WebCore::RenderSVGResourceClipper::calculateClipContentRepaintRect):
103         (WebCore::RenderSVGResourceClipper::hitTestClipContent):
104         * rendering/svg/RenderSVGResourceMasker.cpp:
105         (WebCore::RenderSVGResourceMasker::drawContentIntoMaskImage):
106         (WebCore::RenderSVGResourceMasker::calculateMaskContentRepaintRect):
107         * rendering/svg/RenderSVGResourcePattern.cpp:
108         (WebCore::RenderSVGResourcePattern::createTileImage):
109         * rendering/svg/SVGRenderSupport.cpp:
110         (WebCore::SVGRenderSupport::layoutChildren):
111         * rendering/svg/SVGResources.cpp:
112         (WebCore::registerPendingResource):
113         * svg/SVGAnimationElement.cpp:
114         (WebCore::SVGAnimationElement::isTargetAttributeCSSProperty):
115         (WebCore::SVGAnimationElement::computeCSSPropertyValue):
116         (WebCore::SVGAnimationElement::adjustForInheritance):
117         (WebCore::inheritsFromProperty):
118         * svg/SVGElement.cpp:
119         (WebCore::collectInstancesForSVGElement):
120         (WebCore::SVGElement::isAnimatableAttribute):
121         * svg/SVGElement.h:
122         (WebCore::SVGElement::isSVGStyledElement):
123         * svg/SVGElementInstance.cpp:
124         (WebCore::SVGElementInstance::invalidateAllInstancesOfElement):
125         (WebCore::SVGElementInstance::InstanceUpdateBlocker::InstanceUpdateBlocker):
126         * svg/SVGLocatable.cpp:
127         (WebCore::SVGLocatable::computeCTM):
128         * svg/SVGStyledElement.cpp:
129         (WebCore::SVGStyledElement::updateRelativeLengthsInformation):
130         * svg/SVGStyledElement.h:
131         (WebCore::SVGStyledElement::isSVGStyledElement):
132         * svg/SVGUseElement.cpp:
133         (WebCore::SVGUseElement::selfHasRelativeLengths):
134         * svg/graphics/filters/SVGFEImage.cpp:
135         (WebCore::FEImage::platformApplySoftware):
136
137 2013-03-11  Tim Horton  <timothy_horton@apple.com>
138
139         PDFPlugin: Make scrolling between pages in non-continuous modes work
140         https://bugs.webkit.org/show_bug.cgi?id=111415
141         <rdar://problem/12555320>
142
143         Reviewed by Alexey Proskuryakov.
144
145         * WebCore.exp.in: Export ScrollableArea::scrollToOffsetWithoutAnimation.
146
147 2013-03-11  Mark Lam  <mark.lam@apple.com>
148
149         Remove the use of the quotaMap cache in DatabaseTracker.
150         https://bugs.webkit.org/show_bug.cgi?id=111805.
151
152         Reviewed by Geoffrey Garen.
153
154         This change is needed because using the quotaMap cache can result in
155         an inaccurate read (in a multi-process system) on what database files
156         are actually present on the filesystem. Instead of using the quotaMap
157         cache, we rely on the tracker database and query it every time we need
158         the origin/quota information.
159
160         No new tests.
161
162         * Modules/webdatabase/DatabaseTracker.cpp:
163         (WebCore::DatabaseTracker::hasAdequateQuotaForOrigin):
164         (WebCore::DatabaseTracker::hasEntryForOriginNoLock):
165         (WebCore::DatabaseTracker::origins):
166         (WebCore::DatabaseTracker::quotaForOriginNoLock):
167         (WebCore::DatabaseTracker::setQuota):
168         (WebCore::DatabaseTracker::addDatabase):
169         (WebCore::DatabaseTracker::deleteOrigin):
170         * Modules/webdatabase/DatabaseTracker.h:
171
172 2013-03-11  Morten Stenshorne  <mstensho@opera.com>
173
174         Don't rely on the fact that StaticPosition happens to be defined as 0
175         https://bugs.webkit.org/show_bug.cgi?id=110123
176
177         Also made the expression slightly less convoluted.
178
179         Reviewed by Alexey Proskuryakov.
180
181         No new tests. This is just code cleanup.
182
183         * rendering/RenderObject.cpp:
184         (WebCore::RenderObject::containingBlock):
185
186 2013-03-11  Adam Barth  <abarth@webkit.org>
187
188         Unreviewed attempt to fix build after http://trac.webkit.org/changeset/145421.
189
190         * html/HTMLPlugInImageElement.cpp:
191
192 2013-03-05  Ojan Vafai  <ojan@chromium.org>
193
194         Intrinsic width keyword values don't work for tables
195         https://bugs.webkit.org/show_bug.cgi?id=111515
196
197         Reviewed by Julien Chaffraix.
198
199         Tests: fast/css-intrinsic-dimensions/css-tables.html
200                fast/css-intrinsic-dimensions/tables.html
201
202         * rendering/RenderBox.cpp:
203         (WebCore::RenderBox::computeIntrinsicLogicalWidthUsing):
204         (WebCore::RenderBox::computeLogicalWidthInRegionUsing):
205         (WebCore::RenderBox::computeReplacedLogicalWidthUsing):
206         (WebCore::RenderBox::computePositionedLogicalWidthUsing):
207         * rendering/RenderBox.h:
208         Pass in the border and padding as an argument since RenderTable needs
209         to pass in a different value. Unfortunately, the math doesn't work out right
210         in the positioned/replaced cases if we just pass 0. We need to pass in the correct
211         border and padding and then subtract it from the result.
212
213         * rendering/RenderTable.cpp:
214         (WebCore::RenderTable::updateLogicalWidth):
215         Compute intrinsic widths as well as specified ones. Down the road
216         we may want to consider having intrinsic width values return true for
217         isSpecified.
218
219         (WebCore::RenderTable::convertStyleLogicalWidthToComputedWidth):
220         Compute intrinsic widths as well.
221
222         (WebCore::RenderTable::computeIntrinsicLogicalWidths):
223         Implement this method so that the RenderBox::computeIntrinsicLogicalWidthUsing
224         gets the right intrinsic values instead of the preferred values.
225
226         (WebCore::RenderTable::computePreferredLogicalWidths):
227         * rendering/RenderTable.h:
228
229 2013-03-11  Stephen Chenney  <schenney@chromium.org>
230
231         HTMLInputElement can delete an ImageLoader while it's still needed
232         https://bugs.webkit.org/show_bug.cgi?id=110621
233
234         Reviewed by Darin Adler.
235
236         ImageLoader objects may fire events for HTMLInputElements that are of
237         type ImageInputType that own the loader. These events may cause script
238         to run that changes the type of the input element and hence causes the
239         ImageLoader to be deleted, while the image loader is still processing
240         the event dispatch. Bad things ensue.
241
242         This change moves ownership of the ImageLoader from the ImageInputType
243         onto the HTMLImageElement which is already protected from deletion during
244         event processing.
245
246         Test: fast/forms/image/image-error-event-modifies-type-crash.html
247
248         * html/HTMLInputElement.cpp:
249         (WebCore::HTMLInputElement::imageLoader): Method to return the
250           ImageLoader, creating it if not already created.
251         * html/HTMLInputElement.h:
252         (WebCore::HTMLInputElement::hasImageLoader): Return true if the
253           ImageLoader has been created.
254         (HTMLInputElement): Define ImageLoader access methods and the OwnPtr
255           for the HTMLImageLoader.
256         * html/ImageInputType.cpp:
257         (WebCore::ImageInputType::srcAttributeChanged): Use the element's ImageLoader.
258         (WebCore::ImageInputType::attach): Use the element's ImageLoader.
259         (WebCore::ImageInputType::willMoveToNewOwnerDocument): Use the element's ImageLoader.
260         (WebCore::ImageInputType::height): Use the element's ImageLoader.
261         (WebCore::ImageInputType::width): Use the element's ImageLoader.
262         * html/ImageInputType.h:
263         (ImageInputType): Remove the declaration of the ImageLoader.
264
265 2013-03-11  Alok Priyadarshi  <alokp@chromium.org>
266
267         Revert "Mark GraphicsLayers as opaque when possible"
268
269         This reverts commit 0a4d3c2d8a0373aa9e5bd9209885137a13a7f0e0.
270
271         REGRESSION (r143626): http://chainlove.com shows garbage tiles on Mac
272         https://bugs.webkit.org/show_bug.cgi?id=112043
273
274         Unreviewed, rolling out r143626.
275
276         * rendering/RenderBox.cpp:
277         * rendering/RenderBox.h:
278         (RenderBox):
279         * rendering/RenderBoxModelObject.h:
280         (RenderBoxModelObject):
281         * rendering/RenderLayer.cpp:
282         * rendering/RenderLayer.h:
283         (RenderLayer):
284         * rendering/RenderLayerBacking.cpp:
285         (WebCore::RenderLayerBacking::updateGraphicsLayerGeometry):
286         * rendering/RenderLayerModelObject.h:
287         (RenderLayerModelObject):
288
289 2013-03-11  Dean Jackson  <dino@apple.com>
290
291         Plugins created during user gestures (or soon after) should not be snapshotted
292         https://bugs.webkit.org/show_bug.cgi?id=111975
293
294         Reviewed by Tim Horton.
295
296         There are sites which create plugins in response to user actions, such as clicking
297         on an image that is acting like a poster frame. In those cases we should never snapshot.
298
299         There are some other sites which also create plugins in response to user actions,
300         but don't necessarily create the content themselves. Instead they run some script
301         that injects an iframe, and the frame loads a plugin. In order to make sure we don't
302         snapshot in those cases, we're adding the concept of a blessed plugin. Anything that
303         is created soon after a *handled* user gesture is not snapshotted. To do this we
304         mark a timestamp in the document when we've called an event listener for a user
305         gesture. The plugin element then compares its creation time with the most recent
306         user action time.
307
308         * dom/Document.cpp:
309         (WebCore::Document::Document): Initialise new timestamp.
310         (WebCore::Document::resetLastHandledUserGestureTimestamp): Sets the member variable
311             to the current time.
312         * dom/Document.h:
313         (WebCore::Document::lastHandledUserGestureTimestamp): Getter.
314
315         * dom/EventTarget.cpp:
316         (WebCore::EventTarget::fireEventListeners): If there were some event listeners and
317             we were processing a user gesture, then reset the timestamp in the document.
318
319         * html/HTMLPlugInImageElement.cpp:
320         (WebCore::HTMLPlugInImageElement::HTMLPlugInImageElement): Remember if we were created
321             during a user gesture.
322         (WebCore::HTMLPlugInImageElement::subframeLoaderWillCreatePlugIn): Start the plugin
323             if we were created during a user gesture, or if we are close enough in time
324             to a listener that fired in relation to a user gesture.
325         * html/HTMLPlugInImageElement.h: New private member flag indicating if we were
326             in a user gesture when constructed.
327
328 2013-03-11  Jeffrey Pfau  <jpfau@apple.com>
329
330         List cache partitions as units instead of as their contents
331         https://bugs.webkit.org/show_bug.cgi?id=111909
332
333         Reviewed by Maciej Stachowiak.
334
335         Not possible to test with current automated test tools, must be tested manually.
336
337         * loader/cache/MemoryCache.cpp:
338         (WebCore::MemoryCache::getOriginsWithCache): List a cache item as a member of a partition, if possible
339
340 2013-03-11  Alexey Proskuryakov  <ap@apple.com>
341
342         Chromium build fix. Forked files strike again.
343
344         * platform/network/chromium/ResourceHandle.cpp:
345         (WebCore::ResourceHandle::firstRequest):
346
347 2013-03-11  James Robinson  <jamesr@chromium.org>
348
349         Fix typo from r145399. Rubber stamped by Abhishek Arya.
350
351         * rendering/svg/RenderSVGViewportContainer.h:
352         (WebCore::toRenderSVGViewportContainer):
353
354 2013-03-11  Hans Muller  <hmuller@adobe.com>
355
356         [CSS Exclusions] Refactor the ExclusionPolygon class to enable storing multiple boundaries
357         https://bugs.webkit.org/show_bug.cgi?id=111766
358
359         Reviewed by Dirk Schulze.
360
361         Refactored the ExclusionPolygon class to enable adding support for shape-margin and shape-padding.
362         Extracted a new FloatPolygon class which is now used by ExclusionPolygon to represent the shape's
363         boundary. It will be used to add m_paddedPolygon and m_marginPolygon members to ExclusionPolygon
364         in a subsequent patch.
365
366         No new tests. This is strictly a refactoring of the existing code.
367
368         * CMakeLists.txt:
369         * GNUmakefile.list.am:
370         * WebCore.gypi:
371         * WebCore.vcproj/WebCore.vcproj:
372         * WebCore.xcodeproj/project.pbxproj:
373         * platform/graphics/FloatPolygon.cpp: Factored out of Source/WebCore/rendering/ExclusionPolygon.cpp.
374         (WebCore::determinant):
375         (WebCore::areCollinearPoints):
376         (WebCore::areCoincidentPoints):
377         (WebCore::isPointOnLineSegment):
378         (WebCore::nextVertexIndex):
379         (WebCore::FloatPolygon::FloatPolygon):
380         (WebCore::FloatPolygon::findNextEdgeVertexIndex):
381         (WebCore::FloatPolygon::overlappingEdges):
382         (WebCore::leftSide):
383         (WebCore::FloatPolygon::contains):
384         (WebCore::VertexPair::overlapsRect):
385         (WebCore::VertexPair::intersection):
386         * platform/graphics/FloatPolygon.h: Factored out of Source/WebCore/rendering/ExclusionPolygon.h.
387         (FloatPolygon):
388         (WebCore::FloatPolygon::vertexAt):
389         (WebCore::FloatPolygon::numberOfVertices):
390         (WebCore::FloatPolygon::fillRule):
391         (WebCore::FloatPolygon::edgeAt):
392         (WebCore::FloatPolygon::numberOfEdges):
393         (WebCore::FloatPolygon::boundingBox):
394         (WebCore::FloatPolygon::isEmpty):
395         (VertexPair):
396         (WebCore::VertexPair::~VertexPair):
397         (WebCore::VertexPair::minX):
398         (WebCore::VertexPair::minY):
399         (WebCore::VertexPair::maxX):
400         (WebCore::VertexPair::maxY):
401         (FloatPolygonEdge):
402         (WebCore::FloatPolygonEdge::previousEdge):
403         (WebCore::FloatPolygonEdge::nextEdge):
404         (WebCore::FloatPolygonEdge::polygon):
405         (WebCore::FloatPolygonEdge::vertexIndex1):
406         (WebCore::FloatPolygonEdge::vertexIndex2):
407         (WebCore::FloatPolygonEdge::edgeIndex):
408         * rendering/ExclusionPolygon.cpp: Now depends on FloatPolygon.
409         (EdgeIntersection):
410         (WebCore::leftSide):
411         (WebCore::computeXIntersection):
412         (WebCore::getVertexIntersectionVertices):
413         (WebCore::computeXIntersections):
414         (WebCore::computeOverlappingEdgeXProjections):
415         (WebCore::ExclusionPolygon::getExcludedIntervals):
416         (WebCore::ExclusionPolygon::getIncludedIntervals):
417         (WebCore::firstFitRectInPolygon):
418         (WebCore::ExclusionPolygon::firstIncludedIntervalLogicalTop):
419         * rendering/ExclusionPolygon.h: Now depends on FloatPolygon.
420         (WebCore::OffsetPolygonEdge::OffsetPolygonEdge):
421         (ExclusionPolygon):
422         (WebCore::ExclusionPolygon::ExclusionPolygon):
423
424 2013-03-11  Alexey Proskuryakov  <ap@apple.com>
425
426         Roll out part of r144671.
427
428         ResourceHandle::firstRequest() should not be const(), because it returns a
429         non-const reference.        
430
431         * platform/network/ResourceHandle.cpp:
432         (WebCore::ResourceHandle::firstRequest):
433         * platform/network/ResourceHandle.h:
434
435 2013-01-30  Jer Noble  <jer.noble@apple.com>
436
437         Mac: Cmd-w should close full screen window.
438         https://bugs.webkit.org/show_bug.cgi?id=108406
439
440         Reviewed by Darin Adler.
441
442         Pass performClose: requests on to the owning window controller.
443
444         * platform/mac/WebCoreFullScreenWindow.mm:
445         (-[WebCoreFullScreenWindow performClose:]):
446
447 2013-03-11  Xiyuan Xia  <xiyuan@chromium.org>
448
449         [Chromium] chromium/linux breaks expectation of select popup background due to bad UA css rules
450         https://bugs.webkit.org/show_bug.cgi?id=111873
451
452         Reviewed by Tony Chang.
453
454         On linux the default <select> background color is too dark to use as the
455         popup background color.  Last fixes:
456         https://bugs.webkit.org/show_bug.cgi?id=54115 and
457         https://bugs.webkit.org/show_bug.cgi?id=56023
458         attempt to fix the problem by applying a lighter background using
459         special <option> selector. This breaks expectations of some websites.
460
461         This CL reverts the bad UA css rules above and provides the lighter
462         background color if <select> and <option> elements are using the default
463         background.
464
465         No new tests, this tests <select> popups and can be verified by ManualTests/select-scroll.html.
466
467         * css/themeChromiumLinux.css:
468         (select):
469         * platform/PopupMenuStyle.h:
470         (WebCore::PopupMenuStyle::PopupMenuStyle):
471         (WebCore::PopupMenuStyle::backgroundColorType):
472         (PopupMenuStyle):
473         * platform/chromium/PopupListBox.cpp:
474         (WebCore::PopupListBox::paintRow):
475         * rendering/RenderMenuList.cpp:
476         (WebCore::RenderMenuList::itemStyle):
477         (WebCore::RenderMenuList::getItemBackgroundColor):
478         * rendering/RenderMenuList.h:
479         (RenderMenuList):
480         * rendering/RenderSearchField.cpp:
481         (WebCore::RenderSearchField::menuStyle):
482         * rendering/RenderThemeChromiumDefault.cpp:
483         (WebCore::RenderThemeChromiumDefault::systemColor):
484
485 2013-03-11  James Robinson  <jamesr@chromium.org>
486
487         Compile fix. Rubber-stamp by Eric Seidel.
488
489         * html/shadow/MediaControlElements.cpp:
490         (WebCore::MediaControlTextTrackContainerElement::updateDisplay):
491
492 2013-03-11  Dima Gorbik  <dgorbik@apple.com>
493
494         Fix build for r145397 (part 2)
495
496         Unreviewed.
497
498         * html/track/TextTrackCue.cpp:
499         (WebCore::TextTrackCue::getDisplayTree):
500
501 2013-03-11  Dima Gorbik  <dgorbik@apple.com>
502
503         Fix build for r145397
504
505         Unreviewed.
506
507         * html/shadow/MediaControls.cpp:
508         (WebCore::MediaControls::createTextTrackDisplay):
509         * html/shadow/MediaControlsChromium.cpp:
510         (WebCore::MediaControlsChromium::createTextTrackDisplay):
511         * html/shadow/MediaControlsGtk.cpp:
512         (WebCore::MediaControlsGtk::createTextTrackDisplay):
513
514 2013-03-11  Abhishek Arya  <inferno@chromium.org>
515
516         Add ASSERT_WITH_SECURITY_IMPLICATION to catch bad casts.
517         https://bugs.webkit.org/show_bug.cgi?id=112060
518
519         Reviewed by Eric Seidel.
520
521         * Modules/geolocation/Geolocation.cpp:
522         (WebCore::Geolocation::document):
523         * accessibility/AccessibilityMenuList.h:
524         (WebCore::toAccessibilityMenuList):
525         * accessibility/AccessibilityNodeObject.h:
526         (WebCore::toAccessibilityNodeObject):
527         * accessibility/AccessibilityRenderObject.h:
528         (WebCore::toAccessibilityRenderObject):
529         * accessibility/AccessibilitySVGRoot.h:
530         (WebCore::toAccessibilitySVGRoot):
531         * accessibility/AccessibilitySpinButton.h:
532         (WebCore::toAccessibilitySpinButton):
533         (WebCore::toAccessibilitySpinButtonPart):
534         * accessibility/AccessibilityTable.h:
535         (WebCore::toAccessibilityTable):
536         * css/StyleRule.h:
537         (WebCore::toStyleRuleMedia):
538         (WebCore::toStyleRuleSupports):
539         (WebCore::toStyleRuleRegion):
540         * dom/EventContext.h:
541         (WebCore::toTouchEventContext):
542         * fileapi/File.h:
543         (WebCore::toFile):
544         * html/HTMLElement.cpp:
545         (WebCore::HTMLElement::insertAdjacentElement):
546         (WebCore::contextElementForInsertion):
547         * html/HTMLMediaElement.h:
548         (WebCore::toMediaElement):
549         * html/HTMLMeterElement.h:
550         (WebCore::toHTMLMeterElement):
551         * html/HTMLOptionElement.cpp:
552         (WebCore::toHTMLOptionElement):
553         * html/HTMLProgressElement.cpp:
554         (WebCore::HTMLProgressElement::renderProgress):
555         * html/HTMLProgressElement.h:
556         (WebCore::toHTMLProgressElement):
557         * html/HTMLSelectElement.h:
558         (WebCore::toHTMLSelectElement):
559         * html/HTMLTableCellElement.cpp:
560         (WebCore::toHTMLTableCellElement):
561         * html/HTMLTextFormControlElement.h:
562         (WebCore::toHTMLTextFormControlElement):
563         * html/PluginDocument.h:
564         (WebCore::toPluginDocument):
565         * html/shadow/DetailsMarkerControl.cpp:
566         (WebCore::DetailsMarkerControl::summaryElement):
567         * html/shadow/HTMLContentElement.h:
568         (WebCore::toHTMLContentElement):
569         * html/shadow/HTMLShadowElement.h:
570         (WebCore::toHTMLShadowElement):
571         * html/shadow/TextFieldDecorationElement.cpp:
572         (WebCore::TextFieldDecorationElement::hostInput):
573         * page/DOMWindow.cpp:
574         (WebCore::DOMWindow::document):
575         * rendering/InlineTextBox.h:
576         (WebCore::toInlineTextBox):
577         * rendering/RenderHTMLCanvas.h:
578         (WebCore::toRenderHTMLCanvas):
579         * rendering/RenderScrollbar.h:
580         (WebCore::toRenderScrollbar):
581         * rendering/RenderTextFragment.h:
582         (WebCore::toRenderTextFragment):
583         * rendering/mathml/RenderMathMLOperator.h:
584         (WebCore::toRenderMathMLOperator):
585         * rendering/svg/RenderSVGTextPath.h:
586         (WebCore::toRenderSVGTextPath):
587         * rendering/svg/RenderSVGViewportContainer.h:
588         (WebCore::toRenderSVGViewportContainer):
589         * svg/graphics/SVGImageChromeClient.h:
590         (WebCore::toSVGImageChromeClient):
591
592 2013-03-11  Adam Barth  <abarth@webkit.org>
593
594         Factor HTMLTreeBuilderSimulator out of BackgroundHTMLParser
595         https://bugs.webkit.org/show_bug.cgi?id=112057
596
597         Reviewed by Eric Seidel.
598
599         Simulating the HTML tree builder is a separate concern from parsing on
600         the background thread. We plan to re-use the tree builder simulator for
601         the view-source parser, for example. Also, having the simulator as a
602         separate object will make it easier to fix
603         https://bugs.webkit.org/show_bug.cgi?id=109764.
604
605         * CMakeLists.txt:
606         * GNUmakefile.list.am:
607         * Target.pri:
608         * WebCore.gypi:
609         * WebCore.vcproj/WebCore.vcproj:
610         * html/parser/BackgroundHTMLParser.cpp:
611         (WebCore):
612         (WebCore::BackgroundHTMLParser::BackgroundHTMLParser):
613         (WebCore::BackgroundHTMLParser::pumpTokenizer):
614         * html/parser/BackgroundHTMLParser.h:
615         (BackgroundHTMLParser):
616
617 2013-02-26  Dima Gorbik  <dgorbik@apple.com>
618
619         Not all properties apply to the '::cue' pseudo-element
620         https://bugs.webkit.org/show_bug.cgi?id=110705
621
622         Reviewed by Eric Carlson.
623
624         Background properties are not inherited and they were not applied to right elements.
625         Now we apply all ::cue properties to WebVTT cue background box, which -webkit-media-text-track-all-nodes
626         container was corresponding to. Now it has 'cue' pseudoId instead of '-webkit-media-text-track-all-nodes'.
627         Property filtering is turned off for user agent rules so that we are still able to apply filtered rules
628         to this container internally. m_cueContainer is removed because it is no longer needed.
629         m_allDocumentNodes container was renamed to m_cueBackgroundBox.
630
631         Existing tests modified to cover this case.
632
633         * css/RuleSet.h:
634         (WebCore::RuleData::propertyWhitelistType): disable filtering for UA rules.
635         * css/StyleResolver.cpp:
636         (WebCore::StyleResolver::sortAndTransferMatchedRules): pass the UA scope to propertyWhitelistType().
637         * css/mediaControls.css: rename -webkit-media-text-track-all-nodes to 'cue'
638         (video::cue): 
639         * html/shadow/MediaControlElements.cpp:
640         (WebCore::MediaControlTextTrackContainerElement::updateDisplay):
641         * html/shadow/MediaControlElements.h:
642         (MediaControlTextTrackContainerElement):
643         * html/shadow/MediaControls.cpp:
644         (WebCore::MediaControls::createTextTrackDisplay):
645         * html/shadow/MediaControlsChromium.cpp:
646         (WebCore::MediaControlsChromium::createTextTrackDisplay):
647         * html/shadow/MediaControlsGtk.cpp:
648         (WebCore::MediaControlsGtk::createTextTrackDisplay):
649         * html/track/TextTrackCue.cpp:
650         (WebCore::TextTrackCue::TextTrackCue):
651         (WebCore::TextTrackCue::updateDisplayTree):
652         (WebCore::TextTrackCue::getDisplayTree):
653         * html/track/TextTrackCue.h:
654         (WebCore::TextTrackCue::element):
655         * page/CaptionUserPreferencesMac.mm:
656         (WebCore::CaptionUserPreferencesMac::captionsStyleSheetOverride):
657
658 2013-03-11  Tim Horton  <timothy_horton@apple.com>
659
660         ChromeClient.h doesn’t need to include RenderSnapshottedPlugIn
661         https://bugs.webkit.org/show_bug.cgi?id=111981
662
663         Reviewed by Kentaro Hara.
664
665         * page/ChromeClient.h: Remove the extraneous #include.
666
667 2013-03-11  David Hyatt  <hyatt@apple.com>
668
669         Vertical writing doesn't work with form controls.
670         https://bugs.webkit.org/show_bug.cgi?id=70211
671
672         Reviewed by Simon Fraser.
673
674         This is just some basic plumbing work to make textfields and
675         textareas work with vertical writing modes. This patch leaves the
676         html.css override alone, so authors can't enable vertical
677         writing yet.
678         
679         The changes consist of converting uses of x/y/width/height to
680         logicalLeft/Top/Width/Height.
681       
682         * rendering/RenderBoxModelObject.h:
683         (WebCore::RenderBoxModelObject::paddingLogicalLeft):
684         (WebCore::RenderBoxModelObject::paddingLogicalRight):
685         (RenderBoxModelObject):
686         (WebCore::RenderBoxModelObject::marginLogicalHeight):
687         (WebCore::RenderBoxModelObject::marginLogicalWidth):
688         * rendering/RenderSearchField.cpp:
689         (WebCore::RenderSearchField::computeControlLogicalHeight):
690         (WebCore::RenderSearchField::computeLogicalHeightLimit):
691         (WebCore::RenderSearchField::centerContainerIfNeeded):
692         * rendering/RenderSearchField.h:
693         (RenderSearchField):
694         * rendering/RenderTextControl.cpp:
695         (WebCore::RenderTextControl::textBlockLogicalHeight):
696         (WebCore::RenderTextControl::textBlockLogicalWidth):
697         (WebCore::RenderTextControl::computeLogicalHeight):
698         (WebCore::RenderTextControl::computeIntrinsicLogicalWidths):
699         (WebCore::RenderTextControl::computePreferredLogicalWidths):
700         * rendering/RenderTextControl.h:
701         (RenderTextControl):
702         * rendering/RenderTextControlMultiLine.cpp:
703         (WebCore::RenderTextControlMultiLine::preferredContentLogicalWidth):
704         (WebCore::RenderTextControlMultiLine::computeControlLogicalHeight):
705         (WebCore::RenderTextControlMultiLine::layoutSpecialExcludedChild):
706         * rendering/RenderTextControlMultiLine.h:
707         (RenderTextControlMultiLine):
708         * rendering/RenderTextControlSingleLine.cpp:
709         (WebCore::RenderTextControlSingleLine::RenderTextControlSingleLine):
710         (WebCore::RenderTextControlSingleLine::paint):
711         (WebCore::RenderTextControlSingleLine::computeLogicalHeightLimit):
712         (WebCore::RenderTextControlSingleLine::layout):
713         (WebCore::RenderTextControlSingleLine::styleDidChange):
714         (WebCore::RenderTextControlSingleLine::preferredContentLogicalWidth):
715         (WebCore::RenderTextControlSingleLine::computeControlLogicalHeight):
716         (WebCore::RenderTextControlSingleLine::createInnerTextStyle):
717         * rendering/RenderTextControlSingleLine.h:
718         (RenderTextControlSingleLine):
719         * rendering/style/RenderStyle.h:
720
721 2013-03-11  Tim Horton  <timothy_horton@apple.com>
722
723         TiledBacking scrolling coverage can be unfairly limited for clients who do scrolling outside the web view
724         https://bugs.webkit.org/show_bug.cgi?id=111958
725         <rdar://problem/13356896>
726
727         Reviewed by Darin Adler.
728
729         Don't limit TiledBacking coverage if the client has opted into using
730         its exposed rect to allow scrolling above the web view.
731
732         * platform/graphics/TiledBacking.h:
733         * platform/graphics/ca/mac/TileController.h:
734         * rendering/RenderLayerBacking.cpp:
735         (WebCore::RenderLayerBacking::adjustTiledBackingCoverage):
736
737 2013-03-11  Rajeev Sarvaria  <rsarvaria@blackberry.com>
738
739         GetnUniform*vEXT (Robustness extension) passed incorrect parameter in WebGLRenderingContext
740         https://bugs.webkit.org/show_bug.cgi?id=111450
741
742         Reviewed by Rob Buis.
743
744         Bufsize argument corrected to size in bytes instead of number of integers or floats.
745
746         * html/canvas/WebGLRenderingContext.cpp:
747         (WebCore):
748         (WebCore::WebGLRenderingContext::getUniform):
749
750 2013-03-11  Sheriff Bot  <webkit.review.bot@gmail.com>
751
752         Unreviewed, rolling out r145375.
753         http://trac.webkit.org/changeset/145375
754         https://bugs.webkit.org/show_bug.cgi?id=112050
755
756         Does not compile (Requested by jamesr on #webkit).
757
758         * Modules/indexeddb/IDBBackingStore.cpp:
759         (WebCore::IDBBackingStore::getObjectStores):
760         (WebCore::IDBBackingStore::createObjectStore):
761         (WebCore::IDBBackingStore::deleteObjectStore):
762         (WebCore::IDBBackingStore::getRecord):
763         (WebCore::IDBBackingStore::putRecord):
764         (WebCore::IDBBackingStore::clearObjectStore):
765         (WebCore::IDBBackingStore::deleteRecord):
766         (WebCore::IDBBackingStore::getKeyGeneratorCurrentNumber):
767         (WebCore::IDBBackingStore::maybeUpdateKeyGeneratorCurrentNumber):
768         (WebCore::IDBBackingStore::keyExistsInObjectStore):
769         (WebCore::IDBBackingStore::getIndexes):
770         (WebCore::IDBBackingStore::createIndex):
771         (WebCore::IDBBackingStore::deleteIndex):
772         (WebCore::IDBBackingStore::putIndexDataForRecord):
773         (WebCore::IDBBackingStore::findKeyInIndex):
774         (WebCore::IDBBackingStore::getPrimaryKeyViaIndex):
775         (WebCore::IDBBackingStore::keyExistsInIndex):
776         (WebCore::indexCursorOptions):
777         * Modules/indexeddb/IDBBackingStore.h:
778         (IDBBackingStore):
779         * Modules/indexeddb/IDBDatabaseBackendImpl.cpp:
780         (WebCore::DeleteIndexOperation::create):
781         (WebCore::DeleteIndexOperation::DeleteIndexOperation):
782         (DeleteIndexOperation):
783         (WebCore::IDBDatabaseBackendImpl::openInternal):
784         (WebCore::IDBDatabaseBackendImpl::deleteIndex):
785         (WebCore::DeleteIndexOperation::perform):
786         (WebCore::DeleteRangeOperation::perform):
787         (WebCore::ClearOperation::perform):
788         * Modules/indexeddb/IDBLevelDBCoding.cpp:
789         (WebCore::IDBLevelDBCoding::KeyPrefix::KeyPrefix):
790         (WebCore::IDBLevelDBCoding::KeyPrefix::encode):
791         (WebCore::IDBLevelDBCoding::SchemaVersionKey::encode):
792         (WebCore::IDBLevelDBCoding::MaxDatabaseIdKey::encode):
793         (WebCore::IDBLevelDBCoding::DataVersionKey::encode):
794         (WebCore::IDBLevelDBCoding::DatabaseFreeListKey::encode):
795         (WebCore::IDBLevelDBCoding::DatabaseNameKey::encode):
796         (WebCore::IDBLevelDBCoding::DatabaseMetaDataKey::encode):
797         (WebCore::IDBLevelDBCoding::ObjectStoreMetaDataKey::encode):
798         (WebCore::IDBLevelDBCoding::IndexMetaDataKey::encode):
799         (WebCore::IDBLevelDBCoding::ObjectStoreFreeListKey::encode):
800         (WebCore::IDBLevelDBCoding::IndexFreeListKey::encode):
801         (WebCore::IDBLevelDBCoding::ObjectStoreNamesKey::encode):
802         (WebCore::IDBLevelDBCoding::IndexNamesKey::encode):
803         (WebCore::IDBLevelDBCoding::ObjectStoreDataKey::encode):
804         (WebCore::IDBLevelDBCoding::ExistsEntryKey::encode):
805         * Modules/indexeddb/IDBLevelDBCoding.h:
806         (IDBLevelDBCoding):
807         (KeyPrefix):
808         * Modules/indexeddb/IDBObjectStoreBackendImpl.cpp:
809         (WebCore::IDBObjectStoreBackendImpl::IndexWriter::writeIndexKeys):
810
811 2013-03-11  Adam Klein  <adamk@chromium.org>
812
813         MutationCallback should be a WebIDL 'callback', not a [Callback] interface
814         https://bugs.webkit.org/show_bug.cgi?id=91406
815
816         Reviewed by Adam Barth.
817
818         Spec: http://dom.spec.whatwg.org/#mutationcallback
819
820         Besides no longer calling handleEvent methods on passed-in objects,
821         throw a TypeError if a non-function is passed to the MutationObserver constructor.
822         This is per WebIDL: http://www.w3.org/TR/WebIDL/#es-callback-function
823
824         Updated MutationObserver constructor tests to exercise TypeError-throwing behavior.
825
826         * bindings/js/JSMutationCallback.cpp:
827         (WebCore::JSMutationCallback::call): Call the callback directly instead of handing off to JSCallbackData; make return value void.
828         Use jsArray() to convert from WTF::Vector -> JSArray.
829         * bindings/js/JSMutationCallback.h:
830         (JSMutationCallback): Rename handleEvent() to call(), make it void.
831         * bindings/js/JSMutationObserverCustom.cpp:
832         (WebCore::JSMutationObserverConstructor::constructJSMutationObserver): Throw if passed a non-function.
833         * bindings/v8/V8MutationCallback.cpp:
834         (WebCore::V8MutationCallback::V8MutationCallback): Take a v8::Function instead of a v8::Object.
835         (WebCore::V8MutationCallback::call): Call the callback directly instead of handing off to invokeCallback(); make return value void.
836         Use v8Array() to convert form WTF::Vector -> JSArray.
837         * bindings/v8/V8MutationCallback.h:
838         (WebCore::V8MutationCallback::create): Take a v8::Function instead of a v8::Object.
839         (V8MutationCallback): ditto
840         * bindings/v8/custom/V8MutationObserverCustom.cpp:
841         (WebCore::V8MutationObserver::constructorCustom): Throw if passed a non-function, cast to a v8::Function when constructing callback.
842         * dom/MutationCallback.h:
843         (WebCore): Remove unnecessary typedef.
844         (MutationCallback): Rename handleEvent() to call(), make it void.
845         * dom/MutationObserver.cpp:
846         (WebCore::MutationObserver::deliver): Update MutationCallback method name.
847
848 2013-03-11  Julien Chaffraix  <jchaffraix@webkit.org>
849
850         [CSS Grid Layout] Handle spanning grid items over specified grid tracks
851         https://bugs.webkit.org/show_bug.cgi?id=111918
852
853         Reviewed by Tony Chang.
854
855         This change updates the containing block override logic to handle multiple
856         spanned tracks. This makes the multiple specified grid tracks case work and
857         will enable us to handle the minmax case once the computation logic has been
858         updated.
859
860         Test: fast/css-grid-layout/grid-item-spanning-resolution.html
861
862         * rendering/RenderGrid.cpp:
863         (WebCore::RenderGrid::logicalContentHeightForChild):
864         (WebCore::RenderGrid::layoutGridItems):
865         Updated these functions to use gridAreaBreadthForChild.
866
867         (WebCore::RenderGrid::gridAreaBreadthForChild):
868         Added this helper function to handle multiple spanned grid tracks.
869
870         * rendering/RenderGrid.h: Added the previous function.
871
872 2013-03-11  Philip Rogers  <pdr@google.com>
873
874         Replace SVG's static_cast<SVGElement> with toSVGElement()
875         https://bugs.webkit.org/show_bug.cgi?id=111651
876
877         Reviewed by Abhishek Arya.
878
879         toSVGElement is preferred over static_cast because bad casts can be caught on
880         our testing infrastructure. This patch replaces all static_cast<SVGElement>
881         instances with toSVGElement.
882
883         No new tests as this is just a refactoring.
884
885         * css/CSSCursorImageValue.cpp:
886         (WebCore::CSSCursorImageValue::updateIfSVGCursorIsUsed):
887         * css/StyleResolver.cpp:
888         (WebCore::StyleResolver::matchAllRules):
889         (WebCore::StyleResolver::locateCousinList):
890         (WebCore::StyleResolver::canShareStyleWithElement):
891         (WebCore::StyleResolver::locateSharedStyle):
892         * dom/Element.cpp:
893         (WebCore::Element::synchronizeAllAttributes):
894         (WebCore::Element::synchronizeAttribute):
895         * rendering/svg/RenderSVGModelObject.cpp:
896         (WebCore::getElementCTM):
897         (WebCore::RenderSVGModelObject::checkIntersection):
898         (WebCore::RenderSVGModelObject::checkEnclosure):
899         * rendering/svg/RenderSVGResource.cpp:
900         (WebCore::removeFromCacheAndInvalidateDependencies):
901         * rendering/svg/RenderSVGResourceClipper.cpp:
902         (WebCore::RenderSVGResourceClipper::pathOnlyClipping):
903         (WebCore::RenderSVGResourceClipper::drawContentIntoMaskImage):
904         (WebCore::RenderSVGResourceClipper::calculateClipContentRepaintRect):
905         (WebCore::RenderSVGResourceClipper::hitTestClipContent):
906         * rendering/svg/RenderSVGResourceFilter.cpp:
907         (WebCore::RenderSVGResourceFilter::buildPrimitives):
908         * rendering/svg/RenderSVGResourceMasker.cpp:
909         (WebCore::RenderSVGResourceMasker::drawContentIntoMaskImage):
910         (WebCore::RenderSVGResourceMasker::calculateMaskContentRepaintRect):
911         * rendering/svg/RenderSVGResourcePattern.cpp:
912         (WebCore::RenderSVGResourcePattern::createTileImage):
913         * rendering/svg/RenderSVGShape.cpp:
914         (WebCore::RenderSVGShape::strokeWidth):
915         * rendering/svg/RenderSVGText.cpp:
916         (WebCore::RenderSVGText::strokeBoundingBox):
917         * rendering/svg/SVGRenderSupport.cpp:
918         (WebCore::SVGRenderSupport::layoutChildren):
919         (WebCore::SVGRenderSupport::applyStrokeStyleToContext):
920         * rendering/svg/SVGRenderTreeAsText.cpp:
921         (WebCore::writeSVGPaintingResource):
922         (WebCore::writeStyle):
923         (WebCore::operator<<):
924         * rendering/svg/SVGResources.cpp:
925         (WebCore::SVGResources::buildCachedResources):
926         * rendering/svg/SVGTextLayoutEngine.cpp:
927         (WebCore::SVGTextLayoutEngine::layoutTextOnLineOrPath):
928         * svg/SVGAElement.cpp:
929         (WebCore::SVGAElement::createRenderer):
930         * svg/SVGAnimationElement.cpp:
931         (WebCore::SVGAnimationElement::adjustForInheritance):
932         * svg/SVGElement.cpp:
933         (WebCore::SVGElement::viewportElement):
934         (WebCore::SVGElement::haveLoadedRequiredResources):
935         (WebCore::SVGElement::sendSVGLoadEventIfPossible):
936         (WebCore::SVGElement::childShouldCreateRenderer):
937         * svg/SVGElement.h:
938         (WebCore::toSVGElement):
939         (WebCore):
940         * svg/SVGFEImageElement.cpp:
941         (WebCore::SVGFEImageElement::buildPendingResource):
942         * svg/SVGFilterElement.cpp:
943         (WebCore::SVGFilterElement::childShouldCreateRenderer):
944         * svg/SVGGradientElement.cpp:
945         (WebCore::SVGGradientElement::buildStops):
946         * svg/SVGLocatable.cpp:
947         (WebCore::SVGLocatable::nearestViewportElement):
948         (WebCore::SVGLocatable::farthestViewportElement):
949         (WebCore::SVGLocatable::computeCTM):
950         * svg/SVGMPathElement.cpp:
951         (WebCore::SVGMPathElement::buildPendingResource):
952         * svg/SVGSVGElement.cpp:
953         (WebCore::SVGSVGElement::collectIntersectionOrEnclosureList):
954         * svg/SVGStyledElement.cpp:
955         (WebCore::SVGStyledElement::updateRelativeLengthsInformation):
956         * svg/SVGSwitchElement.cpp:
957         (WebCore::SVGSwitchElement::childShouldCreateRenderer):
958         * svg/SVGTextPathElement.cpp:
959         (WebCore::SVGTextPathElement::buildPendingResource):
960         * svg/SVGUseElement.cpp:
961         (WebCore::SVGUseElement::buildPendingResource):
962         (WebCore::SVGUseElement::toClipPath):
963         (WebCore::SVGUseElement::rendererClipChild):
964         (WebCore::SVGUseElement::buildInstanceTree):
965         (WebCore::SVGUseElement::hasCycleUseReferencing):
966         (WebCore::SVGUseElement::expandUseElementsInShadowTree):
967         (WebCore::SVGUseElement::associateInstancesWithShadowTreeElements):
968         * svg/SVGViewSpec.cpp:
969         (WebCore::SVGViewSpec::viewTarget):
970         * svg/animation/SVGSMILElement.cpp:
971         (WebCore::SVGSMILElement::buildPendingResource):
972         * svg/graphics/filters/SVGFEImage.cpp:
973         (WebCore::FEImage::platformApplySoftware):
974
975 2013-03-11  Carlos Garcia Campos  <cgarcia@igalia.com>
976
977         [SOUP] ResourceRequest::updateSoupMessage doesn't update the URI of the soup message
978         https://bugs.webkit.org/show_bug.cgi?id=112040
979
980         Reviewed by Gustavo Noronha Silva.
981
982         * platform/network/soup/ResourceRequestSoup.cpp:
983         (WebCore::ResourceRequest::updateSoupMessage): Update the soup
984         message URI with the ResourceRequest URL.
985
986 2013-03-11  Alec Flett  <alecflett@chromium.org>
987
988         IndexedDB: Protect against key prefix overflows
989         https://bugs.webkit.org/show_bug.cgi?id=111138
990
991         Reviewed by Tony Chang.
992
993         This reworks the boundary checking for all databaseId,
994         objectStoreId, and indexId, including negative and
995         zero-based ids. All entrypoints into IDBLevelDBCoding
996         are protected with explicit checks and all internal
997         uses of KeyPrefix are protected with ASSERTs in the
998         various constructors.
999
1000         Tests: WebKit unit tests IDBBackingStoreTest.cpp in WebKit/chromium
1001
1002         * Modules/indexeddb/IDBBackingStore.h: Make all public methods boolean-based for errors.
1003         * Modules/indexeddb/IDBLevelDBCoding.h: Add methods for checking databaseId, objectStoreId, and indexId.
1004
1005 2013-03-11  Xan Lopez  <xlopez@igalia.com>
1006
1007         [BlackBerry] PlatformBlackBerry.cmake: create thin AR archives
1008         https://bugs.webkit.org/show_bug.cgi?id=110580
1009
1010         Reviewed by Rob Buis.
1011
1012         Otherwise libwebcore.a goes beyond the 4Gb file size limit and the
1013         link phase fails.
1014
1015         * PlatformBlackBerry.cmake:
1016
1017 2013-03-11  Pavel Feldman  <pfeldman@chromium.org>
1018
1019         Web Inspector: fix styles toolbar in the vertical mode.
1020         Not reviewed: swapped two lines.
1021
1022         * inspector/front-end/ElementsPanel.js:
1023         (WebInspector.ElementsPanel.prototype._splitVertically):
1024
1025 2013-03-11  Andrey Lushnikov  <lushnikov@chromium.org>
1026
1027         Web Inspector: [CodeMirror] add token highlight feature
1028         https://bugs.webkit.org/show_bug.cgi?id=112009
1029
1030         Reviewed by Pavel Feldman.
1031
1032         Handle CodeMirror's "cursorActivity" event, check selection for being
1033         a word and highlight all its occurrences via CodeMirror.addOverlay method.
1034
1035         No new tests.
1036
1037         * inspector/front-end/CodeMirrorTextEditor.js:
1038         (WebInspector.CodeMirrorTextEditor):
1039         (WebInspector.CodeMirrorTextEditor.TokenHighlighter):
1040         (WebInspector.CodeMirrorTextEditor.TokenHighlighter.prototype._cursorChange):
1041         (WebInspector.CodeMirrorTextEditor.TokenHighlighter.prototype._isWord):
1042         (WebInspector.CodeMirrorTextEditor.TokenHighlighter.prototype._removeHighlight):
1043         (WebInspector.CodeMirrorTextEditor.TokenHighlighter.prototype._addHighlight.nextToken):
1044         (WebInspector.CodeMirrorTextEditor.TokenHighlighter.prototype._addHighlight):
1045         * inspector/front-end/cm/cmdevtools.css:
1046         (.cm-token-highlight):
1047
1048 2013-03-11  Andrey Lushnikov  <lushnikov@chromium.org>
1049
1050         Web Inspector: [CodeMirror] set indentation size according to devtools settings
1051         https://bugs.webkit.org/show_bug.cgi?id=111717
1052
1053         Reviewed by Pavel Feldman.
1054
1055         Set up codemirror indent size according to devtools settings.
1056
1057         No new tests.
1058
1059         * inspector/front-end/CodeMirrorTextEditor.js:
1060         (.get if):
1061         (WebInspector.CodeMirrorTextEditor):
1062
1063 2013-03-11  Yury Semikhatsky  <yurys@chromium.org>
1064
1065         Web Inspector: add per image statistics to the native memory snapshot
1066         https://bugs.webkit.org/show_bug.cgi?id=112011
1067
1068         Reviewed by Pavel Feldman.
1069
1070         Added per-image statistics to the native memory distribution table.
1071
1072         * inspector/front-end/HeapSnapshotProxy.js:
1073         (WebInspector.HeapSnapshotWorker):
1074         (WebInspector.HeapSnapshotWorker.prototype.createLoader):
1075         (WebInspector.HeapSnapshotWorker.prototype.wrapCallback):
1076         (WebInspector.HeapSnapshotWorker.prototype.callFactoryMethod):
1077         (WebInspector.HeapSnapshotProxyObject.prototype.callFactoryMethod): the method now accepts
1078         proxy constructor function instead of its name. This eliminates unnecessary function lookup.
1079         (WebInspector.HeapSnapshotLoaderProxy):
1080         (WebInspector.HeapSnapshotLoaderProxy.prototype.close):
1081         (WebInspector.HeapSnapshotProxy.prototype.createEdgesProvider):
1082         (WebInspector.HeapSnapshotProxy.prototype.createRetainingEdgesProvider):
1083         (WebInspector.HeapSnapshotProxy.prototype.createAddedNodesProvider):
1084         (WebInspector.HeapSnapshotProxy.prototype.createDeletedNodesProvider):
1085         (WebInspector.HeapSnapshotProxy.prototype.createNodesProvider):
1086         (WebInspector.HeapSnapshotProxy.prototype.createNodesProviderForClass):
1087         (WebInspector.HeapSnapshotProxy.prototype.createNodesProviderForDominator):
1088         (WebInspector.NativeHeapSnapshotProxy):
1089         (WebInspector.NativeHeapSnapshotProxy.prototype.images):
1090         * inspector/front-end/HeapSnapshotView.js:
1091         (WebInspector.HeapProfileHeader.prototype.snapshotProxyConstructor):
1092         (WebInspector.HeapProfileHeader.prototype._setupWorker):
1093         * inspector/front-end/NativeHeapSnapshot.js:
1094         (WebInspector.NativeHeapSnapshot.prototype.images):
1095         * inspector/front-end/NativeMemorySnapshotView.js:
1096         (WebInspector.NativeSnapshotNode):
1097         (WebInspector.NativeSnapshotNode.prototype._createSizeCell):
1098         (WebInspector.NativeSnapshotNode.prototype._populate):
1099         (WebInspector.NativeSnapshotNode.prototype._addChildrenFromGraph):
1100         (WebInspector.NativeSnapshotNode.prototype._addImageDetails.didLoad.didReceiveImages):
1101         (WebInspector.NativeSnapshotNode.prototype._addImageDetails):
1102         (WebInspector.NativeSnapshotProfileHeader.prototype.snapshotProxyConstructor):
1103
1104 2013-03-11  Allan Sandfeld Jensen  <allan.jensen@digia.com>
1105
1106         [Qt] Enable tiled shadow blur for inset box shadows
1107         https://bugs.webkit.org/show_bug.cgi?id=111736
1108
1109         Reviewed by Noam Rosenthal.
1110
1111         Paint inset box-shadows using the optimized tiled shadow blur, instead of
1112         applying shadow blur to the entire painted rect.
1113
1114         This optimizes the default CSS on common pastebin sites.
1115
1116         Tested by existing tests.
1117
1118         * platform/graphics/GraphicsContext.cpp:
1119         * platform/graphics/ShadowBlur.cpp:
1120         (WebCore::ShadowBlur::drawInsetShadowWithTiling):
1121             Must set fill color before calling clearShadow, as that might clear m_color.
1122         (WebCore::ShadowBlur::drawLayerPieces):
1123             Ditto.
1124         * platform/graphics/qt/GraphicsContextQt.cpp:
1125         (WebCore::GraphicsContext::fillPath):
1126         (WebCore::GraphicsContext::fillRectWithRoundedHole):
1127
1128 2013-03-11  Alberto Garcia  <agarcia@igalia.com>
1129
1130         [BlackBerry] GraphicsLayer: rename notifySyncRequired to notifyFlushRequired
1131         https://bugs.webkit.org/show_bug.cgi?id=111997
1132
1133         Reviewed by Rob Buis.
1134
1135         This changed in r130439 but the old name was introduced again by
1136         mistake in r144465.
1137
1138         * platform/graphics/blackberry/GraphicsLayerBlackBerry.h:
1139         (WebCore::GraphicsLayerBlackBerry::notifyFlushRequired):
1140         * platform/graphics/blackberry/LayerWebKitThread.cpp:
1141         (WebCore::LayerWebKitThread::setNeedsCommit):
1142
1143 2013-03-11  Kent Tamura  <tkent@chromium.org>
1144
1145         Inappropriate validation message for required number/date input elements
1146         https://bugs.webkit.org/show_bug.cgi?id=111982
1147
1148         Reviewed by Kentaro Hara.
1149
1150         For validation message, badInput messages should take precedence
1151         over valueMissing messages because users already filled out the
1152         field with a bad value.
1153
1154         Tests: Update fast/forms/validationMessage.html
1155
1156         * html/InputType.cpp:
1157         (WebCore::InputType::validationMessage):
1158         Check badInput first.
1159
1160 2013-03-11  Yury Semikhatsky  <yurys@chromium.org>
1161
1162         Web Inspector: extract common parts of native profiles
1163         https://bugs.webkit.org/show_bug.cgi?id=111965
1164
1165         Reviewed by Alexander Pavlov.
1166
1167         Extracted common parts of native profiles into NativeProfileTypeBase. Memory
1168         domain dispatcher is now a separate class as it is shared by two native memory
1169         profile types.
1170
1171         Both native memory profile types now capture native heap graph.
1172
1173         * inspector/front-end/NativeMemorySnapshotView.js:
1174         (WebInspector.MemoryAgentDispatcher.instance):
1175         (WebInspector.NativeProfileTypeBase.prototype.buttonClicked.didReceiveMemorySnapshot):
1176         (WebInspector.NativeProfileTypeBase.prototype.buttonClicked):
1177         (WebInspector.NativeSnapshotProfileType):
1178         (WebInspector.NativeSnapshotProfileHeader.prototype._didReceiveMemorySnapshot):
1179         (WebInspector.NativeMemoryProfileType):
1180         (WebInspector.NativeMemoryProfileHeader.prototype._updateSnapshotStatus):
1181         (WebInspector.NativeMemoryProfileHeader.prototype._didReceiveMemorySnapshot):
1182
1183 2013-03-11  Sheriff Bot  <webkit.review.bot@gmail.com>
1184
1185         Unreviewed, rolling out r145349.
1186         http://trac.webkit.org/changeset/145349
1187         https://bugs.webkit.org/show_bug.cgi?id=111966
1188
1189         Missing code history of Element,PageRuleCollector. (Requested
1190         by tasak on #webkit).
1191
1192         * CMakeLists.txt:
1193         * GNUmakefile.list.am:
1194         * Target.pri:
1195         * WebCore.gypi:
1196         * WebCore.xcodeproj/project.pbxproj:
1197         * css/CSSAllInOne.cpp:
1198         * css/DocumentRuleSets.cpp:
1199         (WebCore::ShadowDistributedRules::collectMatchRequests):
1200         * css/DocumentRuleSets.h:
1201         * css/ElementRuleCollector.cpp: Removed.
1202         * css/ElementRuleCollector.h: Removed.
1203         * css/PageRuleCollector.cpp: Removed.
1204         * css/PageRuleCollector.h: Removed.
1205         * css/StyleResolver.cpp:
1206         (WebCore::leftToRightDeclaration):
1207         (WebCore):
1208         (WebCore::rightToLeftDeclaration):
1209         (WebCore::StyleResolver::State::ensureRuleList):
1210         (WebCore::StyleResolver::State::clear):
1211         (WebCore::StyleResolver::addMatchedProperties):
1212         (WebCore::StyleResolver::addElementStyleProperties):
1213         (MatchingUARulesScope):
1214         (WebCore::MatchingUARulesScope::MatchingUARulesScope):
1215         (WebCore::MatchingUARulesScope::~MatchingUARulesScope):
1216         (WebCore::MatchingUARulesScope::isMatchingUARules):
1217         (WebCore::StyleResolver::collectMatchingRules):
1218         (WebCore::StyleResolver::collectMatchingRulesForRegion):
1219         (WebCore::StyleResolver::sortAndTransferMatchedRules):
1220         (WebCore::StyleResolver::matchScopedAuthorRules):
1221         (WebCore::StyleResolver::matchHostRules):
1222         (WebCore::StyleResolver::matchAuthorRules):
1223         (WebCore::StyleResolver::matchUserRules):
1224         (WebCore::StyleResolver::matchUARules):
1225         (WebCore::StyleResolver::collectMatchingRulesForList):
1226         (WebCore::compareRules):
1227         (WebCore::StyleResolver::sortMatchedRules):
1228         (WebCore::StyleResolver::matchAllRules):
1229         (WebCore::StyleResolver::State::initForStyleResolve):
1230         (WebCore::StyleResolver::styleSharingCandidateMatchesRuleSet):
1231         (WebCore::StyleResolver::styleForElement):
1232         (WebCore::StyleResolver::styleForKeyframe):
1233         (WebCore::StyleResolver::pseudoStyleForElement):
1234         (WebCore::StyleResolver::styleForPage):
1235         (WebCore::StyleResolver::pseudoStyleRulesForElement):
1236         (WebCore::StyleResolver::ruleMatches):
1237         (WebCore::StyleResolver::checkRegionSelector):
1238         (WebCore::comparePageRules):
1239         (WebCore::StyleResolver::matchPageRules):
1240         (WebCore::checkPageSelectorComponents):
1241         (WebCore::StyleResolver::matchPageRulesForList):
1242         (WebCore::StyleResolver::isLeftPage):
1243         (WebCore::StyleResolver::isFirstPage):
1244         (WebCore::StyleResolver::pageName):
1245         * css/StyleResolver.h:
1246         (WebCore::MatchRequest::MatchRequest):
1247         (MatchRequest):
1248         (StyleResolver):
1249         (MatchResult):
1250         (WebCore::StyleResolver::State::State):
1251         (State):
1252         (WebCore::StyleResolver::State::takeRuleList):
1253         (WebCore::StyleResolver::State::setSameOriginOnly):
1254         (WebCore::StyleResolver::State::isSameOriginOnly):
1255         (WebCore::StyleResolver::State::pseudoStyleRequest):
1256         (WebCore::StyleResolver::State::setMode):
1257         (WebCore::StyleResolver::State::mode):
1258         (WebCore::StyleResolver::State::matchedRules):
1259         (WebCore::StyleResolver::State::addMatchedRule):
1260         * inspector/InspectorCSSAgent.cpp:
1261         (WebCore::InspectorCSSAgent::willMatchRule):
1262         * inspector/InspectorCSSAgent.h:
1263         (WebCore):
1264         (InspectorCSSAgent):
1265         * inspector/InspectorInstrumentation.cpp:
1266         (WebCore):
1267         (WebCore::InspectorInstrumentation::willMatchRuleImpl):
1268         * inspector/InspectorInstrumentation.h:
1269         (WebCore):
1270         (InspectorInstrumentation):
1271         (WebCore::InspectorInstrumentation::willMatchRule):
1272
1273 2013-03-11  Marja Hölttä  <marja@chromium.org>
1274
1275         [V8] Fix V8InjectedScriptManager
1276         https://bugs.webkit.org/show_bug.cgi?id=111968
1277
1278         Reviewed by Kentaro Hara.
1279
1280         This is needed to make the inspector work after templates for main world
1281         and non-main worlds are separated (bug 111724).
1282
1283         No new tests (no changes in functionality).
1284
1285         * bindings/v8/custom/V8InjectedScriptManager.cpp:
1286         (WebCore::InjectedScriptManager::canAccessInspectedWindow):
1287
1288 2013-03-11  Hayato Ito  <hayato@chromium.org>
1289
1290         Make sure that CSSSelector::setValue() is never called after parsing its pseudoType.
1291         https://bugs.webkit.org/show_bug.cgi?id=111957
1292
1293         Reviewed by Hajime Morrita.
1294
1295         It'd be nice to have an assertion here since
1296         CSSSelector::pseudoType() will never parse a new value after it
1297         parses a value and m_pseudoType is set to non-PseudoNotParsed.
1298
1299         No new tests (no change in behaviour).
1300
1301         * css/CSSSelector.h:
1302         (WebCore::CSSSelector::setValue):
1303
1304 2013-03-11  Takashi Sakamoto  <tasak@google.com>
1305
1306         [Refactoring] Implement RuleCollector
1307         https://bugs.webkit.org/show_bug.cgi?id=109916
1308
1309         Reviewed by Antti Koivisto.
1310
1311         Implemented rule collector for an element and collector for a page.
1312         Not all members in class State are required entire while resolving
1313         a style.
1314
1315         No new tests, because just refactoring.
1316
1317         * CMakeLists.txt:
1318         * GNUmakefile.list.am:
1319         * Target.pri:
1320         * WebCore.gypi:
1321         * WebCore.xcodeproj/project.pbxproj:
1322         * css/CSSAllInOne.cpp:
1323         Added ElementRuleCollector and PageRuleCollector.
1324         * css/DocumentRuleSets.cpp:
1325         (WebCore::ShadowDistributedRules::collectMatchRequests):
1326         Since behaviorAtBoundary is a state owned by ElementRuleCollector,
1327         removed from here.
1328         * css/DocumentRuleSets.h:
1329         (WebCore::ShadowDistributedRules::isEmpty):
1330         Added to quickly check whether there exist any ShadowDistributedRules
1331         or not.
1332         * css/ElementRuleCollector.cpp: Copied from Source/WebCore/css/StyleResolver.cpp.
1333         (WebCore):
1334         (WebCore::ElementRuleCollector::matchedResult):
1335         (WebCore::ElementRuleCollector::matchedRuleList):
1336         (WebCore::ElementRuleCollector::addMatchedRule):
1337         (WebCore::ElementRuleCollector::clearMatchedRules):
1338         (WebCore::ElementRuleCollector::ensureRuleList):
1339         (WebCore::ElementRuleCollector::addElementStyleProperties):
1340         (WebCore::ElementRuleCollector::collectMatchingRules):
1341         (WebCore::ElementRuleCollector::collectMatchingRulesForRegion):
1342         (WebCore::ElementRuleCollector::sortAndTransferMatchedRules):
1343         (WebCore::ElementRuleCollector::matchScopedAuthorRules):
1344         (WebCore::ElementRuleCollector::matchHostRules):
1345         (WebCore::ElementRuleCollector::matchShadowDistributedRules):
1346         (WebCore::ElementRuleCollector::matchAuthorRules):
1347         (WebCore::ElementRuleCollector::matchUserRules):
1348         (WebCore::ElementRuleCollector::matchUARules):
1349         (WebCore::ElementRuleCollector::ruleMatches):
1350         (WebCore::ElementRuleCollector::collectMatchingRulesForList):
1351         (WebCore::ElementRuleCollector::sortMatchedRules):
1352         (WebCore::ElementRuleCollector::matchAllRules):
1353         Moved these methods from StyleResolver to this class.
1354         (WebCore::ElementRuleCollector::hasAnyMatchingRules):
1355         This method is used for checking whether a given element can share
1356         a cache.
1357         * css/ElementRuleCollector.h: Copied from Source/WebCore/css/StyleResolver.h.
1358         (WebCore):
1359         (WebCore::ElementRuleCollector::ElementRuleCollector):
1360         Use styleResolver instance to initialize its member variables, i.e.
1361         SelectorFilter, RuleSets, InspectorCSSOMWrappers, and
1362         StyleScopedResolver.
1363         (ElementRuleCollector):
1364         (WebCore::ElementRuleCollector::setMode):
1365         (WebCore::ElementRuleCollector::setPseudoStyleRequest):
1366         (WebCore::ElementRuleCollector::setSameOriginOnly):
1367         (WebCore::ElementRuleCollector::setRegionForStyling):
1368         Mode, SameOriginOnly, RegionForStyling are only used while collecting
1369         matched rules.
1370         (WebCore::ElementRuleCollector::setMedium):
1371         Need to know which default stylesheet should be looked up.
1372         (WebCore::ElementRuleCollector::document):
1373         * css/PageRuleCollector.cpp: Copied from Source/WebCore/css/StyleResolver.cpp.
1374         (WebCore::comparePageRules):
1375         (WebCore::PageRuleCollector::isLeftPage):
1376         (WebCore::PageRuleCollector::isFirstPage):
1377         (WebCore::PageRuleCollector::pageName):
1378         (WebCore::PageRuleCollector::matchAllPageRules):
1379         (WebCore::PageRuleCollector::matchPageRules):
1380         (WebCore::checkPageSelectorComponents):
1381         (WebCore::PageRuleCollector::matchPageRulesForList):
1382         Moved from StyleResolver.
1383         * css/PageRuleCollector.h: Copied from Source/WebCore/css/StyleResolver.h.
1384         (WebCore):
1385         (WebCore::PageRuleCollector::PageRuleCollector):
1386         (PageRuleCollector):
1387         (WebCore::PageRuleCollector::matchedResult):
1388         * css/StyleResolver.cpp:
1389         (WebCore):
1390         (WebCore::StyleResolver::State::clear):
1391         (WebCore::StyleResolver::MatchResult::addMatchedProperties):
1392         (WebCore::StyleResolver::State::initForStyleResolve):
1393         (WebCore::StyleResolver::styleSharingCandidateMatchesRuleSet):
1394         (WebCore::StyleResolver::styleForElement):
1395         (WebCore::StyleResolver::styleForKeyframe):
1396         (WebCore::StyleResolver::pseudoStyleForElement):
1397         (WebCore::StyleResolver::styleForPage):
1398         (WebCore::StyleResolver::pseudoStyleRulesForElement):
1399         (WebCore::StyleResolver::applyMatchedProperties):
1400         * css/StyleResolver.h:
1401         (WebCore::MatchRequest::MatchRequest):
1402         Removed behaviorAtBoundary. Instead, ElementRuleCollector have the
1403         state.
1404         (MatchRequest):
1405         (WebCore::StyleResolver::selectorFilter):
1406         Added to obtain SelectorFilter in ElementRuleCollector's constructor.
1407         (StyleResolver):
1408         (MatchResult):
1409         (WebCore::StyleResolver::State::State):
1410         To pass ASSERT in StyleResolver::applyProperties, need to keep
1411         m_regionForStyling.
1412         (State):
1413         (WebCore::StyleResolver::State::regionForStyling):
1414         (WebCore::StyleResolver::State::useSVGZoomRules):
1415         (WebCore::StyleResolver::hasSelectorForId):
1416         (WebCore):
1417         (WebCore::checkRegionSelector):
1418         * inspector/InspectorCSSAgent.cpp:
1419         (WebCore::InspectorCSSAgent::willMatchRule):
1420         Removed StyleResolver from its parameter list. Instead, added
1421         InspectorCSSOMWrappers and DocumentStyleSheetCollection.
1422         * inspector/InspectorCSSAgent.h:
1423         (WebCore):
1424         (InspectorCSSAgent):
1425         * inspector/InspectorInstrumentation.cpp:
1426         (WebCore):
1427         (WebCore::InspectorInstrumentation::willMatchRuleImpl):
1428         * inspector/InspectorInstrumentation.h:
1429         (WebCore):
1430         (InspectorInstrumentation):
1431         (WebCore::InspectorInstrumentation::willMatchRule):
1432
1433 2013-03-11  Mike West  <mkwst@chromium.org>
1434
1435         XSSAuditor doesn't need a copy of the original document's body.
1436         https://bugs.webkit.org/show_bug.cgi?id=111946
1437
1438         Reviewed by Darin Adler.
1439
1440         The XSSAuditor currently copies the original HTTP body of the document
1441         that's being audited in order to include it into a violation report if
1442         reflected XSS is detected. We don't actually need to do this, as we
1443         have access to the original request information from inside the
1444         XSSAuditorDelegate where the report is generated.
1445         XSSAuditorDelegate::didBlockScript ASSERTs that it's running on the
1446         main thread, so it should be safe to reach through the document's
1447         loader to get that information directly, rather than passing it from
1448         thread to thread via XSSInfo object properties.
1449
1450         * html/parser/XSSAuditor.h:
1451         * html/parser/XSSAuditor.cpp:
1452         (WebCore::XSSAuditor::init):
1453         (WebCore::XSSAuditor::filterToken):
1454         (WebCore::XSSAuditor::isSafeToSendToAnotherThread):
1455         * html/parser/XSSAuditorDelegate.h:
1456         (WebCore::XSSInfo::create):
1457         (WebCore::XSSInfo::XSSInfo):
1458         * html/parser/XSSAuditorDelegate.cpp:
1459         (WebCore::XSSInfo::isSafeToSendToAnotherThread):
1460             Drop the XSSInfo and XSSAuditor properties that held an
1461             isolatedCopy of the the original HTTP body. Depending on the
1462             document's size, this could be a significant savings.
1463         (WebCore::XSSAuditorDelegate::didBlockScript):
1464             Reach into the document's loader's original request in order to
1465             grab the body as a String, and feed that into the violation report
1466             object.
1467
1468             As a drive-by, this patch creates a FrameLoader* temporary
1469             variable to minimize repetition in this area of the code. We use
1470             the loader a few times, but should only have to grab it once.
1471
1472 2013-03-11  Silvia Pfeiffer  <silviapf@chromium.org>
1473
1474         [Chromium] REGRESSION: Closed Captions button not showing properly
1475         https://bugs.webkit.org/show_bug.cgi?id=109871
1476
1477         Reviewed by Jer Noble.
1478
1479         No new tests - covered by existing tests.
1480
1481         Most of the patch was in the meantime covered by a patch to
1482         https://bugs.webkit.org/show_bug.cgi?id=111109 .
1483         This changes a static Chromium-only function name to be consistent with
1484         parent class function names.
1485
1486         * rendering/RenderMediaControlsChromium.cpp:
1487         (WebCore::paintMediaToggleClosedCaptionsButton):
1488         (WebCore::RenderMediaControlsChromium::paintMediaControlsPart):
1489         Rename paintMediaClosedCaptionsButton to paintMediaToggleClosedCaptionsButton.
1490
1491 2013-03-11  Tim Horton  <timothy_horton@apple.com>
1492
1493         RenderSnapshottedPlugIn paints in PaintPhaseBlockBackground instead of PaintPhaseForeground
1494         https://bugs.webkit.org/show_bug.cgi?id=111962
1495         <rdar://problem/13289335>
1496
1497         Reviewed by Dean Jackson.
1498
1499         RenderSnapshottedPlugIn should paint its snapshot during the foreground
1500         painting phase, instead of BlockBackground, to match normal plugin painting.
1501
1502         * rendering/RenderSnapshottedPlugIn.cpp:
1503         (WebCore::RenderSnapshottedPlugIn::paint):
1504
1505 2013-03-07  Alexander Pavlov  <apavlov@chromium.org>
1506
1507         Web Inspector: [Elements] XSLT transformation result from the xml-stylesheet PI not rendered
1508         https://bugs.webkit.org/show_bug.cgi?id=111313
1509
1510         Reviewed by Vsevolod Vlasov.
1511
1512         Frame document update upon XSL transformation was never instrumented.
1513         This change instruments the Document::applyXSLTransform() method to that end.
1514
1515         Test: http/tests/inspector/styles/xsl-transformed.xml
1516
1517         * dom/Document.cpp:
1518         (WebCore::Document::applyXSLTransform): Instrumented.
1519         * inspector/InspectorDOMAgent.cpp:
1520         (WebCore::InspectorDOMAgent::frameDocumentUpdated): Invoked upon applyXSLTransform().
1521         * inspector/InspectorDOMAgent.h:
1522         * inspector/InspectorInstrumentation.cpp:
1523         (WebCore::InspectorInstrumentation::frameDocumentUpdatedImpl): Added.
1524         * inspector/InspectorInstrumentation.h:
1525         (WebCore::InspectorInstrumentation::didCommitLoad): Drive-by: simplified.
1526         (WebCore::InspectorInstrumentation::frameDocumentUpdated): Added.
1527
1528 2013-03-10  Matt Falkenhagen  <falken@chromium.org>
1529
1530         Implement inert subtrees needed for modal <dialog>
1531         https://bugs.webkit.org/show_bug.cgi?id=110952
1532
1533         Reviewed by Hajime Morrita.
1534
1535         This changes Node::disabled() to return true when a modal dialog is
1536         open and the node is not in the dialog.
1537
1538         Reusing disabled for inertness is useful because then event
1539         targeting and focus control automatically have the desired behavior:
1540         inert nodes are skipped over.
1541
1542         Tests: fast/dom/HTMLDialogElement/closed-dialog-does-not-block-mouse-events.html
1543                fast/dom/HTMLDialogElement/modal-dialog-blocks-mouse-events.html
1544                fast/dom/HTMLDialogElement/non-modal-dialog-does-not-block-mouse-events.html
1545
1546         * dom/Document.h:
1547         (WebCore::Document::activeModalDialog): Returns the topmost element in the top layer.
1548         Since now the only elements in the top layer are modal dialogs, it is the active modal dialog.
1549         * dom/Node.cpp:
1550         (WebCore):
1551         (WebCore::Node::isInert): As per the spec, a node that is not an ancestor or descendant of the modal dialog is inert.
1552         (WebCore::Node::disabled): Return false when inert.
1553         * dom/Node.h:
1554         * html/HTMLFormControlElement.cpp:
1555         (WebCore::HTMLFormControlElement::disabled): Fall back to the superclass so inert is taken into account.
1556
1557 2013-03-10  Glenn Adams  <glenn@skynav.com>
1558
1559         Line breaking opportunities at the end of a text node are missed
1560         https://bugs.webkit.org/show_bug.cgi?id=17427
1561
1562         Reviewed by Darin Adler.
1563
1564         When initializing context for determining next break position,
1565         reuse last two characters from previous text node(s) within block.
1566         This additional state is stored in the current LazyLineBreakIterator
1567         as an optimization to prevent having to add two new parameters to
1568         isBreakable().
1569
1570         At present, this fixes only the ASCII shortcut code path, but
1571         does not yet handle the non-ASCII path. Since the ASCII path is
1572         the most performant critical, the handling of this latter path
1573         will be addressed by webkit.org/b/105692.
1574
1575         Additionally test for case where last two characters context
1576         is derived from distinct nodes, possibly with intervening empty
1577         inline node(s).
1578
1579         Test: fast/text/line-break-between-text-nodes.html
1580
1581         * platform/text/TextBreakIterator.h:
1582         (WebCore::LazyLineBreakIterator::LazyLineBreakIterator):
1583         (WebCore::LazyLineBreakIterator::lastCharacter):
1584         (WebCore::LazyLineBreakIterator::secondToLastCharacter):
1585         (WebCore::LazyLineBreakIterator::setLastTwoCharacters):
1586         (WebCore::LazyLineBreakIterator::resetLastTwoCharacters):
1587         (WebCore::LazyLineBreakIterator::updateLastTwoCharacters):
1588         (LazyLineBreakIterator):
1589         Add state variables to retain last two characters of previous text node(s)
1590         for reuse when initializing nextBreakPosition<>() context.
1591         * rendering/RenderBlockLineLayout.cpp:
1592         (WebCore::RenderBlock::layoutRunsAndFloatsInRange):
1593         (WebCore::RenderBlock::LineBreaker::nextSegmentBreak):
1594         Record and reset retained last two characters of previous text node(s) as
1595         appropriate.
1596         * rendering/break_lines.cpp:
1597         (WebCore::nextBreakablePosition):
1598         Use state variables holding retained last two characters of previous text node(s)
1599         for when initializing nextBreakPosition<>() context.
1600
1601 2013-03-10  Darin Adler  <darin@apple.com>
1602
1603         NetworkStorageSession leaks its CFURLStorageSessionRef
1604         https://bugs.webkit.org/show_bug.cgi?id=111950
1605         <rdar://problem/13384134>
1606
1607         Reviewed by Sam Weinig.
1608
1609         * platform/network/NetworkStorageSession.h:
1610         Change the argument type of the constructor to a RetainPtr.
1611         * platform/network/cf/NetworkStorageSessionCFNet.cpp:
1612         (WebCore::NetworkStorageSession::NetworkStorageSession): Changed
1613         the argument type to a RetainPtr.
1614         (WebCore::NetworkStorageSession::switchToNewTestingSession): Added
1615         calls to adoptCF to adopt the value returned by wkCreatePrivateStorageSession.
1616         (WebCore::NetworkStorageSession::createPrivateBrowsingSession): Ditto.
1617         (WebCore::NetworkStorageSession::cookieStorage): Changed to use adoptCF
1618         instead of the RetainPtr constructor with AdoptCF since the former is
1619         far easier to read.
1620
1621 2013-03-10  Jason Anderssen  <janderssen@gmail.com>
1622
1623         Conformance Test 1.0.3 (Beta) function: bufferData undefined value failed.
1624         https://bugs.webkit.org/show_bug.cgi?id=111641
1625
1626         Reviewed by Dean Jackson.
1627
1628         The WebGL specification requires that a size of 0 is not valid. In javascript, passing in undefined 
1629         as a parameter to a long long is the same as passing in 0, so we must check for this incorrect
1630         value and fail. 
1631         The test suite in Kronos 1.0.3 failed, test to verify conformance is as follows:
1632         https://www.khronos.org/registry/webgl/sdk/tests/conformance/more/functions/bufferDataBadArgs.html.
1633
1634         * html/canvas/WebGLRenderingContext.cpp:
1635         (WebCore::WebGLRenderingContext::bufferData):
1636         Synthesize error and returned if size is 0.
1637
1638 2013-03-10  Andreas Kling  <akling@apple.com>
1639
1640         SVGDocumentExtensions should use OwnPtr for pending resource maps.
1641         <http://webkit.org/b/111943>
1642
1643         Reviewed by Anders Carlsson.
1644
1645         * svg/SVGDocumentExtensions.cpp:
1646         (WebCore::SVGDocumentExtensions::~SVGDocumentExtensions):
1647         (WebCore::SVGDocumentExtensions::addPendingResource):
1648         (WebCore::SVGDocumentExtensions::isElementPendingResources):
1649         (WebCore::SVGDocumentExtensions::removeElementFromPendingResources):
1650         (WebCore::SVGDocumentExtensions::removePendingResource):
1651         (WebCore::SVGDocumentExtensions::removePendingResourceForRemoval):
1652         (WebCore::SVGDocumentExtensions::markPendingResourcesForRemoval):
1653         * svg/SVGDocumentExtensions.h:
1654         (SVGDocumentExtensions):
1655
1656 2013-03-10  Tim Horton  <timothy_horton@apple.com>
1657
1658         Add a heuristic to determine the “primary” snapshotted plugin
1659         https://bugs.webkit.org/show_bug.cgi?id=111932
1660         <rdar://problem/13270208>
1661
1662         Reviewed by Dean Jackson.
1663
1664         * WebCore.exp.in: Export a few things.
1665         * html/HTMLPlugInImageElement.cpp:
1666         (WebCore::HTMLPlugInImageElement::HTMLPlugInImageElement):
1667         (WebCore::classNameForShadowRoot): If we've been informed that we are the primary snapshotted plugin, add the 'primary' class.
1668         (WebCore::HTMLPlugInImageElement::setIsPrimarySnapshottedPlugIn): Added
1669         (WebCore::HTMLPlugInImageElement::updateSnapshotInfo): Hand classNameForShadowRoot our primary-ness.
1670         * html/HTMLPlugInImageElement.h:
1671         (HTMLPlugInImageElement): Add storage for m_isPrimarySnapshottedPlugIn.
1672
1673 2013-03-10  Mike West  <mkwst@chromium.org>
1674
1675         XSSAuditor doesn't need a copy of the original document URL.
1676         https://bugs.webkit.org/show_bug.cgi?id=111944
1677
1678         Reviewed by Adam Barth.
1679
1680         When creating an XSSInfo object in response to detecting reflected XSS
1681         on a page, the Auditor was passing in a copy of the document's
1682         original URL for reporting. It doesn't look like we need this, as
1683         XSSInfo's only consumer, XSSAuditorDelegate, runs on the main thread
1684         with access to the document. We can obtain access to the same
1685         information by reading the URL directly from the delegate's Document
1686         object if and when we need it.
1687
1688         * html/parser/XSSAuditorDelegate.cpp:
1689         (WebCore::XSSAuditorDelegate::didBlockScript):
1690             Read the document's URL directly in order to create a violation
1691             report.
1692         (WebCore::XSSInfo::isSafeToSendToAnotherThread):
1693         * html/parser/XSSAuditorDelegate.h:
1694         (WebCore::XSSInfo::create):
1695         (WebCore::XSSInfo::XSSInfo):
1696         * html/parser/XSSAuditor.cpp:
1697         (WebCore::XSSAuditor::init):
1698         (WebCore::XSSAuditor::filterToken):
1699         (WebCore::XSSAuditor::isSafeToSendToAnotherThread):
1700         * html/parser/XSSAuditor.h:
1701             Remove the copied original URL from both XSSInfo objects and the
1702             XSSAuditor.
1703
1704 2013-03-10  Andreas Kling  <akling@apple.com>
1705
1706         GlyphMetricsMap should use OwnPtr.
1707         <http://webkit.org/b/111937>
1708
1709         Reviewed by Anders Carlsson.
1710
1711         Use OwnPtr instead of raw pointer + deleteAllValues().
1712
1713         * platform/graphics/GlyphMetricsMap.h:
1714         (GlyphMetricsMap):
1715         (WebCore::::locatePageSlowCase):
1716
1717 2013-03-10  Eric Carlson  <eric.carlson@apple.com>
1718
1719         Allow iOS port to use InbandTextTrackPrivateAVF
1720         https://bugs.webkit.org/show_bug.cgi?id=111933
1721
1722         Reviewed by Dean Jackson.
1723
1724         * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp:
1725         (WebCore::InbandTextTrackPrivateAVF::processCue): Drive-by cleanup.
1726         * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.h:
1727
1728 2013-03-09  Eric Carlson  <eric.carlson@apple.com>
1729
1730         Enable platform code to implement text track menu
1731         https://bugs.webkit.org/show_bug.cgi?id=111924
1732
1733         Reviewed by Dean Jackson.
1734
1735         No new tests, the new code isn't enabled in any ports yet.
1736
1737         * WebCore.xcodeproj/project.pbxproj: Add PlatformTextTrack.h and PlatformTextTrackMenu.h.
1738
1739         * html/HTMLAudioElement.cpp:
1740         (WebCore::HTMLAudioElement::createForJSConstructor): scheduleLoad -> scheduleDelayedAction.
1741
1742         * html/HTMLMediaElement.cpp:
1743         (WebCore::HTMLMediaElement::HTMLMediaElement): Deal with scheduleLoad to scheduleDelayedAction rename.
1744         (WebCore::HTMLMediaElement::parseAttribute): Ditto.
1745         (WebCore::HTMLMediaElement::finishParsingChildren): Ditto.
1746         (WebCore::HTMLMediaElement::insertedInto): Ditto.
1747         (WebCore::HTMLMediaElement::scheduleDelayedAction): Ditto.
1748         (WebCore::HTMLMediaElement::scheduleNextSourceChild): Ditto.
1749         (WebCore::HTMLMediaElement::loadTimerFired): Ditto.
1750         (WebCore::HTMLMediaElement::textTrackModeChanged): Notify platform menu of track change.
1751         (WebCore::HTMLMediaElement::playInternal): Deal with scheduleLoad to scheduleDelayedAction rename.
1752         (WebCore::HTMLMediaElement::pauseInternal): Ditto.
1753         (WebCore::HTMLMediaElement::mediaPlayerDidAddTrack): Ditto. Call addTrack() instead of appending 
1754             the track directly.
1755         (WebCore::HTMLMediaElement::setSelectedTextTrack): Deal with platform menu changing the
1756             selected track.
1757         (WebCore::HTMLMediaElement::platformTextTracks): Return an array of PlatformTracks representing
1758             the current text tracks.
1759         (WebCore::HTMLMediaElement::notifyMediaPlayerOfTextTrackChanges): Notify the platform menu
1760             that the list of text tracks has changed.
1761         (WebCore::HTMLMediaElement::platformTextTrackMenu): Return the platform track menu, if any.
1762         (WebCore::HTMLMediaElement::closeCaptionTracksChanged): 
1763         (WebCore::HTMLMediaElement::addTrack): Call addTrack() instead of appending the track directly.
1764         (WebCore::HTMLMediaElement::removeTrack): Call closeCaptionTracksChanged.
1765         (WebCore::HTMLMediaElement::addTextTrack): Call addTrack() instead of appending the track directly.
1766         (WebCore::HTMLMediaElement::didAddTrack): Ditto.
1767         (WebCore::HTMLMediaElement::didRemoveTrack): Deal with scheduleLoad to scheduleDelayedAction rename.
1768         (WebCore::HTMLMediaElement::sourceWasAdded): Ditto.
1769         (WebCore::HTMLMediaElement::clearMediaPlayer): Forget the platform track menu.
1770         (WebCore::HTMLMediaElement::resume): Deal with scheduleLoad to scheduleDelayedAction rename.
1771         * html/HTMLMediaElement.h:
1772
1773         * html/track/InbandTextTrack.h: scheduleLoad -> scheduleDelayedAction.
1774
1775         * html/track/TextTrack.cpp:
1776         (WebCore::TextTrack::platformTextTrack): Create a PlatformTextTrack.
1777         * html/track/TextTrack.h:
1778
1779         * platform/graphics/MediaPlayer.cpp:
1780         (WebCore::MediaPlayer::implementsTextTrackControls): New, player private passthrough.
1781         (WebCore::MediaPlayer::textTrackMenu): Ditto.
1782         * platform/graphics/MediaPlayer.h:
1783         * platform/graphics/MediaPlayerPrivate.h:
1784
1785         * platform/graphics/PlatformTextTrack.h: Added.
1786
1787         * platform/graphics/PlatformTextTrackMenu.h: Added.
1788
1789 2013-03-09  Eric Carlson  <eric.carlson@apple.com>
1790
1791         Video size calculated incorrectly when PLUGIN_PROXY_FOR_VIDEO
1792         https://bugs.webkit.org/show_bug.cgi?id=111912
1793
1794         Reviewed by Dean Jackson.
1795
1796         * html/shadow/MediaControlElements.cpp:
1797         (WebCore::MediaControlTextTrackContainerElement::updateSizes): We use RenderPart when
1798             PLUGIN_PROXY_FOR_VIDEO is defined, not RenderVideo.
1799
1800 2013-03-09  Sebastian Dröge  <sebastian.droege@collabora.co.uk>
1801
1802         Fix offset handling in GStreamer WebKitWebSource.
1803         https://bugs.webkit.org/show_bug.cgi?id=111888
1804
1805         Reviewed by Philippe Normand.
1806
1807         * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
1808         (webKitWebSrcSeekDataCb):
1809         (StreamingClient::didReceiveData):
1810         The offset handling in WebKitWebSource was completely wrong
1811         before and caused wrong offsets to be set on the GStreamer buffers
1812         after a seek.
1813
1814         Apart from that there was also a race condition that happens
1815         when a downstream element causes seeks in very short succession
1816         and is switching between two different parts of the stream.
1817
1818 2013-03-09  Keishi Hattori  <keishi@webkit.org>
1819
1820         Month transition animation is missing in some places
1821         https://bugs.webkit.org/show_bug.cgi?id=111908
1822
1823         Reviewed by Kent Tamura.
1824
1825         Month transition animation was missing when navigating using keyboard
1826         shortcuts and when navigation was trigger by selecting.
1827
1828         Added tests to calendar-picker/*-picker-key-operations.html.
1829
1830         * Resources/pagepopups/calendarPicker.js:
1831         (Animator): Added annotations.
1832         (Animator.prototype.isRunning): Returns true of the animation is running. Used by test.
1833         (ScrollView.prototype.scrollAnimator): Returns the scroll animator. Used by test.
1834         (CalendarPicker):
1835         (CalendarPicker.prototype.onYearListViewDidSelectMonth): Use CalendarPicker.NavigationBehavior enum instead of bool.
1836         (CalendarPicker.prototype.setSelection): Ditto.
1837         (CalendarPicker.prototype._moveHighlight): Ditto.
1838         (CalendarPicker.prototype.onCalendarTableKeyDown): Ditto.
1839         (CalendarPicker.prototype.onBodyKeyDown): Ditto.
1840
1841 2013-03-09  Dean Jackson  <dino@apple.com>
1842
1843         Can't build w/o accelerated compositing
1844         https://bugs.webkit.org/show_bug.cgi?id=111891
1845
1846         Patch originally came from Tobias Mueller <tobiasmue@gnome.org>
1847
1848         Unreviewed build fix for platforms without ACCELERATED_COMPOSITING enabled, due
1849         to r145057.
1850
1851         * dom/PseudoElement.cpp:
1852         (WebCore::PseudoElement::~PseudoElement): Wrap the call to pseudoElementDestroyed in
1853             USE(ACCELERATED_COMPOSITING)
1854
1855 2013-03-07  Robert Hogan  <robert@webkit.org>
1856
1857         REGRESSION(r140907): Incorrect baseline for cells with media content during load
1858         https://bugs.webkit.org/show_bug.cgi?id=108357
1859
1860         Reviewed by Julien Chaffraix.
1861
1862         If a cell has replaced content, the intrinsic height of its content can change between layouts. If that's the case then the intrinsic padding we used
1863         for layout (the padding required to push the contents of the cell down to the row's baseline) is included in the new height and baseline and makes both
1864         of them wrong. So if a cell's content's intrinsic height has changed push the new content up into the intrinsic padding and relayout so that the rest of
1865         table and row layout can use the correct baseline and height for this cell.
1866
1867         Tests: fast/css/vertical-align-baseline-rowspan-012.html
1868                http/tests/css/vertical-align-baseline-after-image-load-2.html
1869                http/tests/css/vertical-align-baseline-after-image-load-3.html
1870                http/tests/css/vertical-align-baseline-after-image-load.html
1871
1872         * rendering/RenderTableCell.cpp:
1873         (WebCore::RenderTableCell::layout):
1874         * rendering/RenderTableCell.h:
1875         (WebCore::RenderTableCell::isBaselineAligned):
1876         * rendering/RenderTableSection.cpp:
1877         (WebCore::RenderTableSection::calcRowLogicalHeight):
1878         (WebCore::RenderTableSection::layoutRows):
1879
1880 2013-03-08  Chris Fleizach  <cfleizach@apple.com>
1881
1882         REGRESSION: Intermittent crash in SpeechSynthesis::didFinishSpeaking
1883         https://bugs.webkit.org/show_bug.cgi?id=111613
1884
1885         Reviewed by Ryosuke Niwa.
1886
1887         This crash happens when the mock synthesizer utterance variable gets cleared
1888         before the speakingFinished timer happens. I don't see how that could happen
1889         but I was able to make a similar problem happen when cancel is called twice.
1890
1891         This adds in a few more asserts and common sense checks. I'm hoping it will
1892         illuminate the problem further.
1893
1894         * platform/mock/PlatformSpeechSynthesizerMock.cpp:
1895         (WebCore::PlatformSpeechSynthesizerMock::speakingFinished):
1896         (WebCore::PlatformSpeechSynthesizerMock::speak):
1897         (WebCore::PlatformSpeechSynthesizerMock::cancel):
1898
1899 2013-03-08  David Kilzer  <ddkilzer@apple.com>
1900
1901         BUILD FIX: Make WebCore link for iOS
1902
1903         * WebCore.exp.in:
1904         - Add ENABLE(RUBBER_BAND) for FrameView::setWantsLayerForTopOverHangArea(bool)
1905           and FrameView::setWantsLayerForBottomOverHangArea(bool).
1906         - Move FloatPoint::FloatPoint(_NSPoint const&) to !PLATFORM(IOS)
1907           section.
1908
1909 2013-03-08  Julien Chaffraix  <jchaffraix@webkit.org>
1910
1911         [CSS Grid Layout] Resolve grid-{end|after} integer against the end|after edge
1912         https://bugs.webkit.org/show_bug.cgi?id=111885
1913
1914         Reviewed by Tony Chang.
1915
1916         The current code resolves grid-end (resp. grid-after) <integer>'s format against the start
1917         (resp. before) axis. The specification changed so that they are resolved against their matching
1918         axis.
1919
1920         Test: fast/css-grid-layout/grid-auto-flow-resolution.html
1921
1922         * rendering/RenderGrid.cpp:
1923         (WebCore::RenderGrid::maximumIndexInDirection):
1924         Updated the code to do the grid sizing measurement without resolveGridPositionsFromStyle. That's required
1925         as resolveGridPositionsFromStyle requires the grid to be sized.
1926
1927         (WebCore::RenderGrid::placeItemsOnGrid):
1928         Added a comment about not recomputing after grid growth. This issue was raised to www-style
1929         (http://lists.w3.org/Archives/Public/www-style/2013Mar/0182.html).
1930
1931         (WebCore::RenderGrid::resolveGridPositionsFromStyle):
1932         Added an ASSERT now that we don't call it during grid construction. Also added some code to pass
1933         the side of the GridPosition we give to resolveGridPositionFromStyle.
1934
1935         (WebCore::RenderGrid::resolveGridPositionFromStyle):
1936         Updated the code to resolve the grid position against the right side.
1937
1938         * rendering/RenderGrid.h:
1939         Added GridPositionSide and updated resolveGridPositionFromStyle's signature.
1940
1941 2013-03-08  Sheriff Bot  <webkit.review.bot@gmail.com>
1942
1943         Unreviewed, rolling out r142015.
1944         http://trac.webkit.org/changeset/142015
1945         https://bugs.webkit.org/show_bug.cgi?id=111904
1946
1947         The change caused 2 major regressions (bug 111091 and bug
1948         111595) and Pravin doesn't have time to investigate them
1949         (Requested by jchaffraix on #webkit).
1950
1951         * dom/Node.cpp:
1952         (WebCore::Node::diff):
1953         * rendering/RenderBlock.cpp:
1954         (WebCore::RenderBlock::childBecameNonInline):
1955         (WebCore):
1956         * rendering/RenderBlock.h:
1957         (RenderBlock):
1958         * rendering/RenderBoxModelObject.h:
1959         (WebCore::RenderBoxModelObject::childBecameNonInline):
1960         (RenderBoxModelObject):
1961         * rendering/RenderInline.cpp:
1962         (WebCore::RenderInline::childBecameNonInline):
1963         (WebCore):
1964         * rendering/RenderInline.h:
1965         (RenderInline):
1966         * rendering/RenderObject.cpp:
1967         (WebCore):
1968         (WebCore::RenderObject::handleDynamicFloatPositionChange):
1969         (WebCore::RenderObject::styleWillChange):
1970         (WebCore::RenderObject::styleDidChange):
1971         * rendering/RenderObject.h:
1972         (RenderObject):
1973
1974 2013-03-08  Dean Jackson  <dino@apple.com>
1975
1976         Don't snapshot Java plugins
1977         https://bugs.webkit.org/show_bug.cgi?id=111899
1978
1979         Reviewed by Tim Horton.
1980
1981         Export MIMETypeRegistry::isJavaAppletMIMEType symbol.
1982
1983         * WebCore.exp.in:
1984
1985 2013-03-08  Rafael Weinstein  <rafaelw@chromium.org>
1986
1987         [HTMLTemplateElement] processTemplateEndTag() needs to check for template in html scope
1988         https://bugs.webkit.org/show_bug.cgi?id=111880
1989
1990         Reviewed by Eric Seidel.
1991
1992         Currently, </template> handling exits with an error if there is not a template tag "in scope"
1993         which will be true if there is a table (for instance) below a template. This makes it so that
1994         the search (correctly) examines the entire element stack.
1995
1996         Tests added to html5lib testing library.
1997
1998         * html/parser/HTMLTreeBuilder.cpp:
1999         (WebCore::HTMLTreeBuilder::processTemplateEndTag):
2000
2001 2013-03-08  Eric Seidel  <eric@webkit.org>
2002
2003         BackgroundHTMLParser should be able to atomize well-known strings
2004         https://bugs.webkit.org/show_bug.cgi?id=107337
2005
2006         Reviewed by Adam Barth.
2007
2008         Testing this patch easily requires applying bug 107236 locally
2009         to remove all the rendering noise from Parser/html-threaded-parser.html.
2010
2011         This patch adds a new class HTMLIdentifier which allows us to avoid
2012         allocating strings for known tag/attribute names from HTMLNames.
2013
2014         There is still a lot of meat on this bone, but I think it's important to
2015         land something "smallish" to start and iterate from there.
2016
2017         This took Parser/html-threaded-parser.html from:
2018         median= 443.726500002 ms, stdev= 7.25002679952 ms, min= 430.244000047 ms, max= 455.511000007 ms
2019         to:
2020         median= 427.849500004 ms, stdev= 9.96967058292 ms, min= 417.914000049 ms, max= 461.528000014 ms
2021         on my MBP.
2022
2023         * CMakeLists.txt:
2024         * GNUmakefile.list.am:
2025         * Target.pri:
2026         * WebCore.gypi:
2027         * WebCore.vcproj/WebCore.vcproj:
2028         * WebCore.vcxproj/WebCore.vcxproj:
2029         * html/parser/AtomicHTMLToken.h:
2030         (WebCore::AtomicHTMLToken::AtomicHTMLToken):
2031         * html/parser/BackgroundHTMLParser.cpp:
2032         (WebCore::tokenExitsForeignContent):
2033         (WebCore::tokenExitsSVG):
2034         (WebCore::tokenExitsMath):
2035         (WebCore::BackgroundHTMLParser::simulateTreeBuilder):
2036         * html/parser/CSSPreloadScanner.cpp:
2037         (WebCore::CSSPreloadScanner::scan):
2038         * html/parser/CSSPreloadScanner.h:
2039         (WebCore):
2040         (CSSPreloadScanner):
2041         * html/parser/CompactHTMLToken.cpp:
2042         (SameSizeAsCompactHTMLToken):
2043         (WebCore::CompactHTMLToken::CompactHTMLToken):
2044         * html/parser/CompactHTMLToken.h:
2045         (WebCore::CompactHTMLToken::Attribute::Attribute):
2046         (Attribute):
2047         (WebCore::CompactHTMLToken::data):
2048         (WebCore::CompactHTMLToken::publicIdentifier):
2049         (CompactHTMLToken):
2050         * html/parser/HTMLDocumentParser.cpp:
2051         (WebCore::HTMLDocumentParser::startBackgroundParser):
2052         * html/parser/HTMLIdentifier.cpp: Added.
2053         (WebCore):
2054         (WebCore::identifierTable):
2055         (WebCore::HTMLIdentifier::hasIndex):
2056         (WebCore::HTMLIdentifier::findIndex):
2057         (WebCore::nameForIndex):
2058         (WebCore::HTMLIdentifier::asString):
2059         (WebCore::HTMLIdentifier::asStringImpl):
2060         (WebCore::HTMLIdentifier::addNames):
2061         (WebCore::HTMLIdentifier::init):
2062         * html/parser/HTMLIdentifier.h: Added.
2063         (WebCore):
2064         (HTMLIdentifier):
2065         (WebCore::HTMLIdentifier::HTMLIdentifier):
2066         (WebCore::HTMLIdentifier::isSafeToSendToAnotherThread):
2067         * html/parser/HTMLParserIdioms.cpp:
2068         (WebCore::threadSafeEqual):
2069         (WebCore::threadSafeMatch):
2070         * html/parser/HTMLParserIdioms.h:
2071         (WebCore):
2072         (WebCore::threadSafeHTMLNamesMatch):
2073         * html/parser/HTMLPreloadScanner.cpp:
2074         (WebCore::TokenPreloadScanner::tagIdFor):
2075         (WebCore::TokenPreloadScanner::StartTagScanner::match):
2076         (TokenPreloadScanner::StartTagScanner):
2077         (WebCore::TokenPreloadScanner::StartTagScanner::processAttribute):
2078         * html/parser/HTMLPreloadScanner.h:
2079
2080 2013-03-08  Brandon Jones  <bajones@google.com>
2081
2082         Check to ensure MultisampleRenderbuffer creation succeeds
2083         https://bugs.webkit.org/show_bug.cgi?id=111780
2084
2085         Reviewed by Dean Jackson.
2086
2087         On OSX systems using AMD graphics chips the allocation of large
2088         Multisample Renderbuffers in Chromium would fail without any indication
2089         of failure. Attempting to draw to the buffer resulted in garbage being
2090         rendered onscreen. This could be reproduced by opening a full-page
2091         WebGL app and pressing (Command + "-") several times. This patch adds an
2092         additional check during DrawingBuffer resize to verify that the resized
2093         buffer is valid. 
2094
2095         * platform/graphics/gpu/DrawingBuffer.cpp:
2096         (WebCore):
2097         (WebCore::DrawingBuffer::checkBufferIntegrity):
2098         (WebCore::DrawingBuffer::reset):
2099         * platform/graphics/gpu/DrawingBuffer.h:
2100         (DrawingBuffer):
2101
2102 2013-03-08  Harald Alvestrand  <hta@chromium.org>
2103
2104         Implemented new API for RTCStatsReport object.
2105         https://bugs.webkit.org/show_bug.cgi?id=110333
2106
2107         Removed RTCStatsElement object, moved its interface to
2108         RTCStatsReport. Preserved some interfaces for
2109         backwards compatibility; will be removed in a later patch.
2110
2111         Reviewed by Adam Barth.
2112
2113         Tested by extensions to RTCPeerConnection-stats test.
2114
2115         * Modules/mediastream/RTCStatsElement.cpp: Removed.
2116         * Modules/mediastream/RTCStatsElement.h: Removed.
2117         * Modules/mediastream/RTCStatsElement.idl: Removed.
2118         * Modules/mediastream/RTCStatsReport.cpp:
2119         (WebCore::RTCStatsReport::create):
2120         (WebCore::RTCStatsReport::RTCStatsReport):
2121         (WebCore):
2122         (WebCore::RTCStatsReport::names):
2123         (WebCore::RTCStatsReport::local):
2124         (WebCore::RTCStatsReport::remote):
2125         (WebCore::RTCStatsReport::addStatistic):
2126         (WebCore::RTCStatsReport::addElement):
2127         * Modules/mediastream/RTCStatsReport.h:
2128         (RTCStatsReport):
2129         (WebCore::RTCStatsReport::timestamp):
2130         (WebCore::RTCStatsReport::id):
2131         (WebCore::RTCStatsReport::stat):
2132         * Modules/mediastream/RTCStatsReport.idl:
2133         * Modules/mediastream/RTCStatsResponse.cpp:
2134         (WebCore::RTCStatsResponse::namedItem):
2135         (WebCore):
2136         (WebCore::RTCStatsResponse::addReport):
2137         (WebCore::RTCStatsResponse::addStatistic):
2138         * Modules/mediastream/RTCStatsResponse.h:
2139         (RTCStatsResponse):
2140         * Modules/mediastream/RTCStatsResponse.idl:
2141         * WebCore.gypi:
2142         * platform/chromium/support/WebRTCStatsResponse.cpp:
2143         (WebKit::WebRTCStatsResponse::addReport):
2144         (WebKit):
2145         (WebKit::WebRTCStatsResponse::addStatistic):
2146         (WebKit::WebRTCStatsResponse::addElement):
2147         * platform/mediastream/RTCStatsResponseBase.h:
2148         (RTCStatsResponseBase):
2149
2150 2013-03-08  Eric Seidel  <eric@webkit.org>
2151
2152         Free up background parser's checkpoints when speculation succeeds
2153         https://bugs.webkit.org/show_bug.cgi?id=110547
2154
2155         Reviewed by Adam Barth.
2156
2157         This should be a memory (and possible perf) win while parsing
2158         pages, as we will no longer hold multiple copies of every
2159         source byte during the whole parse.
2160
2161         Many LayoutTests exercise this code path, and I've manually (debugger and printf)
2162         that we're hitting this code, but we'll have to wait for the memory/perf bots
2163         to tell us if this shows up as a win.
2164
2165         We only bother to message the parser at the end of a speculation chain, so as not
2166         to send too many messages to the background parser.
2167
2168         * html/parser/BackgroundHTMLInputStream.cpp:
2169         (WebCore::BackgroundHTMLInputStream::BackgroundHTMLInputStream):
2170         (WebCore::BackgroundHTMLInputStream::invalidateCheckpointsUpThrough):
2171         (WebCore):
2172         (WebCore::BackgroundHTMLInputStream::rewindTo):
2173         * html/parser/BackgroundHTMLInputStream.h:
2174         (BackgroundHTMLInputStream):
2175         (Checkpoint):
2176         (WebCore::BackgroundHTMLInputStream::Checkpoint::isNull):
2177         (WebCore::BackgroundHTMLInputStream::Checkpoint::clear):
2178         * html/parser/BackgroundHTMLParser.cpp:
2179         (WebCore::BackgroundHTMLParser::passedCheckpoint):
2180         (WebCore):
2181         * html/parser/BackgroundHTMLParser.h:
2182         (BackgroundHTMLParser):
2183         * html/parser/HTMLDocumentParser.cpp:
2184         (WebCore::HTMLDocumentParser::pumpPendingSpeculations):
2185
2186 2013-03-08  Chandra Shekar Vallala  <brk376@motorola.com>
2187
2188         [chromium] Keydown event for 'shift+alt' returns win keycode instead of 'alt'
2189         https://bugs.webkit.org/show_bug.cgi?id=111112
2190
2191         Reviewed by Tony Chang.
2192
2193         Return windows keycode of Alt incase of GDK_META_L, GDK_META_R. This matches
2194         the firefox behaviour in linux platform.
2195
2196         Added Manual Test : ManualTests/shift-alt-key-event.html
2197         Try press Shift then alt key. The test passes if the shiftKey, altKey values
2198         of JSKeyEvent are true and keycode/which is 18.
2199
2200         * platform/chromium/KeyCodeConversionGtk.cpp:
2201         (WebCore::windowsKeyCodeForKeyEvent):
2202
2203 2013-03-08  Mike West  <mkwst@chromium.org>
2204
2205         CSP: 'eval()' is blocked in report-only mode.
2206         https://bugs.webkit.org/show_bug.cgi?id=111867
2207
2208         Reviewed by Adam Barth.
2209
2210         Setting a 'Content-Security-Policy-Report-Only' header should not have
2211         any effect on what a page actually executes. Currently, however, setting
2212         a 'script-src' directive that doesn't whitelist 'unsafe-eval' actually
2213         blocks 'eval()' on the page. This patch fixes that by checking whether
2214         we're in report-only mode before turning 'eval()' off inside the script
2215         engine.
2216
2217         This leaves us in a weird state, however. We don't currently have any
2218         mechanism of explaining to the VM that we just want to be notified of
2219         'eval()' usage. I've filed http://wkbug.com/111869 to cover this
2220         aspect.
2221
2222         Test: http/tests/security/contentSecurityPolicy/eval-allowed-in-report-only-mode.html
2223
2224         * page/ContentSecurityPolicy.cpp:
2225         (WebCore::ContentSecurityPolicy::didReceiveHeader):
2226             For each policy we parse, check that we're only turning off eval in
2227             the VM when we're in enforce mode. If we're in report-only mode,
2228             skip it.
2229
2230 2013-03-08  Christian Biesinger  <cbiesinger@chromium.org>
2231
2232         REGRESSION (r143643): <button> should support ::first-line and ::first-letter
2233         https://bugs.webkit.org/show_bug.cgi?id=111782
2234
2235         Reviewed by Ojan Vafai.
2236
2237         Test: fast/forms/button-first-line-first-letter.html
2238
2239         * rendering/RenderBlock.cpp:
2240         (WebCore::RenderBlock::firstLineBlock):
2241         (WebCore::findFirstLetterBlock):
2242         Add isRenderButton to the first-line and first-letter checks that
2243         don't allow ::first-* styles for flexbox.
2244
2245 2013-03-08  Geoffrey Garen  <ggaren@apple.com>
2246
2247         Removed an out-of-date comment from SharedTimer
2248         https://bugs.webkit.org/show_bug.cgi?id=111875
2249
2250         Reviewed by Mark Hahnenberg.
2251
2252         Even if we surround each call to an ObjC interface with an autorelease
2253         pool, it's still nice to have one at top-level entry points like
2254         timers, to avoid turning a single mistake into a long-term leak.
2255
2256         * platform/ios/SharedTimerIOS.mm:
2257         (WebCore::timerFired):
2258         * platform/mac/SharedTimerMac.mm:
2259         (WebCore::timerFired):
2260
2261 2013-03-08  Benjamin Poulain  <benjamin@webkit.org>
2262
2263         [Mac] Add a feature flag for 'view-mode' Media Feature, disable it on Mac
2264         https://bugs.webkit.org/show_bug.cgi?id=111297
2265
2266         Reviewed by Kenneth Rohde Christiansen.
2267
2268         The 'view-mode' Media Feature spec is implemented in WebCore but
2269         there is no WebKit support for it on Mac.
2270         Because of this, we always lie and report a windowed view mode.
2271
2272         This patch add a feature flag for the feature and disable it on
2273         Mac so that we stop reporting incorrect default values.
2274
2275         * WebCore.exp.in:
2276         * css/CSSValueKeywords.in:
2277         * css/MediaFeatureNames.h:
2278         (MediaFeatureNames):
2279         * css/MediaQueryEvaluator.cpp:
2280         * css/MediaQueryExp.cpp:
2281         (WebCore::featureWithCSSValueID):
2282         (WebCore::featureWithoutValue):
2283         * page/Page.cpp:
2284         (WebCore::Page::Page):
2285         * page/Page.h:
2286         (Page):
2287
2288 2013-03-08  Ryosuke Niwa  <rniwa@webkit.org>
2289
2290         After sending message, Mail changes formatting
2291         https://bugs.webkit.org/show_bug.cgi?id=111360
2292
2293         Reviewed by Enrica Casucci.
2294
2295         Added makeInsertedContentRoundTrippableWithHTMLTreeBuilder to move prohibited children (e.g. p, h1, etc...)
2296         out of paragraph elements to run immediately after the fragment insertion. This function splits trees and
2297         moves prohibited children out of paragraph elements to keep the tree isomorphic under HTML serialization and
2298         parsing. Unfortunately, there are many other DOM tree constructs we need to fix to make the subtree truly
2299         isomorphic but this is a step forward.
2300
2301         Test: editing/pasteboard/pasting-into-p-should-not-nest-p.html
2302
2303         * editing/ReplaceSelectionCommand.cpp:
2304         (WebCore::isProhibitedParagraphChild): Added. Matches the list at
2305         https://dvcs.w3.org/hg/editing/raw-file/57abe6d3cb60/editing.html#prohibited-paragraph-child
2306         except main element, which is currently missing in the specification.
2307         (WebCore::ReplaceSelectionCommand::makeInsertedContentRoundTrippableWithHTMLTreeBuilder): Added.
2308         (WebCore::ReplaceSelectionCommand::moveNodeOutOfAncestor): Added.
2309         (WebCore::ReplaceSelectionCommand::doApply): Call moveProhibitedChildrenOutOfParagraphElements.
2310
2311         * editing/ReplaceSelectionCommand.h:
2312         (ReplaceSelectionCommand):
2313
2314 2013-03-08  Eric Seidel  <eric@webkit.org>
2315
2316         AtomicHTMLToken should not be heap allocated or RefCounted
2317         https://bugs.webkit.org/show_bug.cgi?id=111250
2318
2319         Reviewed by Adam Barth.
2320
2321         It was clearly an oversight on our part to ever make AtomicHTMLToken ref-counted.
2322         We don't need the actual "token" saved, just enough of it to recreate a fake token.
2323
2324         This removed many more mallocs than I thought it would, for a nice little speed win.
2325         Before:
2326         median= 450.482999993 ms, stdev= 7.2381436538 ms, min= 436.084999994 ms, max= 464.968999964 ms
2327         After:
2328         median= 436.41600004 ms, stdev= 5.71435647554 ms, min= 427.160999971 ms, max= 446.753000026 ms
2329
2330         * html/parser/AtomicHTMLToken.h:
2331         (AtomicHTMLToken):
2332         * html/parser/HTMLConstructionSite.cpp:
2333         (WebCore::HTMLConstructionSite::createElementFromSavedToken):
2334         * html/parser/HTMLDocumentParser.cpp:
2335         (WebCore::HTMLDocumentParser::constructTreeFromHTMLToken):
2336         (WebCore::HTMLDocumentParser::constructTreeFromCompactHTMLToken):
2337         * html/parser/HTMLElementStack.cpp:
2338         (WebCore::HTMLElementStack::isHTMLIntegrationPoint):
2339         * html/parser/HTMLFormattingElementList.cpp:
2340         (WebCore):
2341         (WebCore::HTMLFormattingElementList::tryToEnsureNoahsArkConditionQuickly):
2342         (WebCore::HTMLFormattingElementList::ensureNoahsArkCondition):
2343         * html/parser/HTMLStackItem.h:
2344         (WebCore::HTMLStackItem::create):
2345         (WebCore::HTMLStackItem::localName):
2346         (WebCore::HTMLStackItem::attributes):
2347         (WebCore::HTMLStackItem::getAttributeItem):
2348         (HTMLStackItem):
2349         (WebCore::HTMLStackItem::hasLocalName):
2350         (WebCore::HTMLStackItem::hasTagName):
2351         (WebCore::HTMLStackItem::HTMLStackItem):
2352         * html/parser/HTMLTreeBuilder.cpp:
2353         (WebCore::HTMLTreeBuilder::processFakeStartTag):
2354         (WebCore::HTMLTreeBuilder::processFakeEndTag):
2355         (WebCore::HTMLTreeBuilder::processFakePEndTagIfPInButtonScope):
2356         (WebCore::HTMLTreeBuilder::processStartTagForInBody):
2357         (WebCore::HTMLTreeBuilder::processStartTag):
2358         (WebCore::HTMLTreeBuilder::processEndTagForInBody):
2359         (WebCore::HTMLTreeBuilder::processEndTag):
2360         (WebCore::HTMLTreeBuilder::defaultForBeforeHTML):
2361         (WebCore::HTMLTreeBuilder::defaultForBeforeHead):
2362         (WebCore::HTMLTreeBuilder::defaultForInHead):
2363         (WebCore::HTMLTreeBuilder::defaultForInHeadNoscript):
2364         (WebCore::HTMLTreeBuilder::defaultForAfterHead):
2365         * html/parser/TextDocumentParser.cpp:
2366         (WebCore::TextDocumentParser::insertFakePreElement):
2367
2368 2013-03-08  Roger Fong  <roger_fong@apple.com>
2369
2370         Makefile fixes.
2371
2372         * WebCore.vcxproj/WebCore.make:
2373
2374 2013-03-07  Emil A Eklund  <eae@chromium.org>
2375
2376         [sub-pixel] Rounding error in table cell height calculation causes unnecessary scrollbar
2377         https://bugs.webkit.org/show_bug.cgi?id=111794
2378
2379         Reviewed by Levi Weintraub.
2380         
2381         In RenderTableCell::logicalHeightForRowSizing the
2382         adjustedLogicalHeight is calculated from the logicalHeight and
2383         intrinsic padding and is then returned and floored. This can
2384         cause cause the cell to be slightly smaller (0.5px) than the
2385         element it contains.
2386
2387         Test: fast/sub-pixel/table-cell-height.html
2388
2389         * rendering/RenderTableCell.h:
2390         (WebCore::RenderTableCell::logicalHeightForRowSizing):
2391         Change to use pixelSnapped version of logicalHeight method and
2392         change signature to return int as the only caller immediately
2393         down-casts the result to an int.
2394
2395 2013-03-08  Christian Biesinger  <cbiesinger@chromium.org>
2396
2397         RenderFullScreen needs to clear override sizes when exiting full screen
2398         https://bugs.webkit.org/show_bug.cgi?id=111775
2399
2400         Reviewed by Ojan Vafai.
2401
2402         Test: fullscreen/full-screen-with-flex-item.html
2403
2404         * rendering/RenderFullScreen.cpp:
2405         (RenderFullScreen::unwrapRenderer):
2406         RenderFullScreen is a flexbox, so it will potentially set override
2407         sizes on its children while in fullscreen mode. When we exit
2408         fullscreen mode, we need to clear this override size, otherwise the
2409         the leftover override size may affect layout. See the testcase for an
2410         example.
2411
2412 2013-03-08  Julien Chaffraix  <jchaffraix@webkit.org>
2413
2414         [CSS Grid Layout] Handle 2 positions with one 'auto' properly
2415         https://bugs.webkit.org/show_bug.cgi?id=111653
2416
2417         Reviewed by Tony Chang.
2418
2419         The rendering code was making the assumption that we have one position.
2420         Thus it couldn't fully match what the specification wants as the 2 opposite
2421         positions are required to resolve either position in several cases (e.g.
2422         1 / span 2, auto / 'c').
2423
2424         This change introduces resolveGridPositionsFromStyle to do both opposite
2425         positions resolution in one pass and thus handling more cases.
2426
2427         Test: fast/css-grid-layout/grid-item-spanning-resolution.html
2428
2429         * rendering/RenderGrid.cpp:
2430         (WebCore::RenderGrid::maximumIndexInDirection):
2431         (WebCore::RenderGrid::placeItemsOnGrid):
2432         (WebCore::RenderGrid::placeSpecifiedMajorAxisItemsOnGrid):
2433         (WebCore::RenderGrid::placeAutoMajorAxisItemOnGrid):
2434         Updated the above functions to rely on resolveGridPositionsFromStyle.
2435
2436         (WebCore::RenderGrid::resolveGridPositionsFromStyle):
2437         Added this new function that handle the correct resolution.
2438
2439         (WebCore::RenderGrid::resolveGridPositionFromStyle):
2440         Updated the ASSERT to match the new code flow.
2441
2442         * rendering/RenderGrid.h:
2443         (WebCore::RenderGrid::GridSpan::GridSpan):
2444         Introduced this new struct to hold the 2 positions along one axis.
2445
2446 2013-03-08  Dominic Cooney  <dominicc@chromium.org>
2447
2448         RenderTextControlSingleLine should not assume that its text element has a renderer
2449         https://bugs.webkit.org/show_bug.cgi?id=111826
2450
2451         Reviewed by Ojan Vafai.
2452
2453         Tests: fast/forms/search/search-autoscroll-hidden-decoration-container-crash.html
2454                fast/forms/search/search-hide-decoration-container-crash.html
2455                fast/forms/search/search-scroll-hidden-decoration-container-crash.html
2456
2457         * rendering/RenderTextControlSingleLine.cpp:
2458         (WebCore::RenderTextControlSingleLine::layout):
2459         (WebCore::RenderTextControlSingleLine::controlClipRect):
2460         (WebCore::RenderTextControlSingleLine::autoscroll):
2461         (WebCore::RenderTextControlSingleLine::scroll):
2462
2463 2013-03-08  Joshua Bell  <jsbell@chromium.org>
2464
2465         IndexedDB: Use WeakPtr for Factory-to-BackingStore reference
2466         https://bugs.webkit.org/show_bug.cgi?id=111459
2467
2468         Reviewed by Adam Barth.
2469
2470         IDBFactoryBackendImpl maintains a map of backing stores - if another database in the same
2471         origin is opened, the backing store instance must be re-used). This was a map to raw
2472         pointers so that the backing store can be collected when all database references are
2473         dropped. The map was maintained manually by passing the factory to the IDBBackingStore which
2474         would add/remove itself on creation/destruction.
2475
2476         Replace this with a HashMap<WeakPtr<T>>. This simplifies the plumbing; map entries
2477         "leak" but are purged on subsequent opens.
2478
2479         Added webkit_unit_test (Chromium port) to verify refcounts.
2480
2481         * Modules/indexeddb/IDBBackingStore.cpp:
2482         (WebCore::IDBBackingStore::IDBBackingStore): No need to notify factory of lifetime.
2483         (WebCore::IDBBackingStore::~IDBBackingStore): Ditto.
2484         (WebCore::IDBBackingStore::open): Ditto.
2485         * Modules/indexeddb/IDBBackingStore.h: No reference to the factory, but...
2486         (WebCore::IDBBackingStore::createWeakPtr): Do need to expose weak pointers for the factory to hold.
2487         * Modules/indexeddb/IDBFactoryBackendImpl.cpp:
2488         (WebCore::cleanWeakMap): Helper function to scrub a HashMap<WeakPtr<T>> of empty pointers.
2489         May move to WTF when we've learned how general it is, or come up with a dedicated WeakPtrHashMap type.
2490         (WebCore::IDBFactoryBackendImpl::openBackingStore): WeakPtr fu.
2491         * Modules/indexeddb/IDBFactoryBackendImpl.h:
2492         (IDBFactoryBackendImpl): Remove plumbing methods.
2493
2494 2013-03-08  John Mellor  <johnme@chromium.org>
2495
2496         @media queries do not take zooming into account
2497         https://bugs.webkit.org/show_bug.cgi?id=53186
2498
2499         Reviewed by Kenneth Rohde Christiansen.
2500
2501         Fixes @media width and height to take into account full page zoom, by
2502         adding code to MediaQueryEvaluator's width/heightMediaFeatureEval,
2503         corresponding to the existing code in Element::clientWidth which makes
2504         document.documentElement.clientWidth take into account page zoom.
2505
2506         Test: fast/media/mq-width-pagezoom.html
2507
2508         * css/MediaQueryEvaluator.cpp:
2509         (WebCore::heightMediaFeatureEval):
2510         (WebCore::widthMediaFeatureEval):
2511
2512 2013-03-08  Carlos Garcia Campos  <cgarcia@igalia.com>
2513
2514         [BlackBerry] Add stubs for DNSResolveQueue platform specific methods
2515         https://bugs.webkit.org/show_bug.cgi?id=111841
2516
2517         Reviewed by Rob Buis.
2518
2519         Add empty implementations of
2520         DNSResolveQueue::platformProxyIsEnabledInSystemPreferences() and
2521         DNSResolveQueue::platformResolve() to DNSBlackBerry.cpp to make it
2522         build.
2523
2524         * platform/network/blackberry/DNSBlackBerry.cpp:
2525         (WebCore::DNSResolveQueue::platformProxyIsEnabledInSystemPreferences):
2526         (WebCore::DNSResolveQueue::platformResolve):
2527
2528 2013-03-08  Glenn Hartmann  <hartmanng@chromium.org>
2529
2530        Adding a hook to collect data for a Google UMA histogram to track when
2531        m_needsCompositedScrolling is turned on and off.
2532        https://bugs.webkit.org/show_bug.cgi?id=111725
2533
2534        Reviewed by Julien Chaffraix.
2535
2536        We want to keep track of this information to quantify the effects of a
2537        few patches that will cause us to opt in to composited scrolling.
2538        Specifically, we want to measure the effects of
2539        https://bugs.webkit.org/show_bug.cgi?id=109302,
2540        https://bugs.webkit.org/show_bug.cgi?id=109966,
2541        https://bugs.webkit.org/show_bug.cgi?id=109591, and
2542        https://bugs.webkit.org/show_bug.cgi?id=107618.
2543
2544        We do this by measuring a per-layer boolean value, and comparing the
2545        ratio between number of layers opted in and number of layers that remain
2546        uncomposited. We hope the relative number of layers opting in will
2547        increase after the relevant patches land and are enabled.
2548
2549        Unfortunately implementing extra statistics is impractical at the
2550        moment since most of the actionable relevant data is expensive to
2551        compute. For example, it would be useful to know if the layers that opt
2552        out do so because of invisible or non-overlapping layers that cause a
2553        potential stacking container's children to be discontiguous, because we
2554        would potentially be able to mitigate the problem. However, this would
2555        add considerable overhead to perform overlap testing just to gather
2556        data.
2557
2558        No new tests (no change in behaviour).
2559
2560        * rendering/RenderLayer.cpp:
2561        (WebCore::RenderLayer::updateNeedsCompositedScrolling):
2562
2563 2013-03-08  Alberto Garcia  <agarcia@igalia.com>
2564
2565         [BlackBerry] GraphicsContext: rename addRoundedRectClip to clipRoundedRect
2566         https://bugs.webkit.org/show_bug.cgi?id=111852
2567
2568         Reviewed by Rob Buis.
2569
2570         This changed in r139353.
2571
2572         * platform/graphics/blackberry/GraphicsContextBlackBerry.cpp:
2573         (WebCore::GraphicsContext::clipRoundedRect):
2574
2575 2013-03-08  Alberto Garcia  <agarcia@igalia.com>
2576
2577         [BlackBerry] Add BlendMode parameter to GraphicsContext::setPlatformCompositeOperation
2578         https://bugs.webkit.org/show_bug.cgi?id=111840
2579
2580         Reviewed by Rob Buis.
2581
2582         This parameter was added in r137011.
2583
2584         * platform/graphics/blackberry/GraphicsContextBlackBerry.cpp:
2585         (WebCore::GraphicsContext::setPlatformCompositeOperation):
2586
2587 2013-03-08  Alberto Garcia  <agarcia@igalia.com>
2588
2589         [BlackBerry] Remove unused GraphicsContext::addInnerRoundedRectClip()
2590         https://bugs.webkit.org/show_bug.cgi?id=111838
2591
2592         Reviewed by Rob Buis.
2593
2594         This was removed in r139138.
2595
2596         * platform/graphics/blackberry/GraphicsContextBlackBerry.cpp:
2597
2598 2013-03-08  Alberto Garcia  <agarcia@igalia.com>
2599
2600         [BlackBerry] GraphicsContext: add fillRule parameter to clip() and canvasClip()
2601         https://bugs.webkit.org/show_bug.cgi?id=111836
2602
2603         Reviewed by Rob Buis.
2604
2605         This parameter was added in r139967.
2606
2607         * platform/graphics/blackberry/PathBlackBerry.cpp:
2608         (WebCore):
2609         (WebCore::GraphicsContext::clip):
2610         (WebCore::GraphicsContext::canvasClip):
2611
2612 2013-03-08  Vsevolod Vlasov  <vsevik@chromium.org>
2613
2614         Web Inspector: Get rid of file system ids and use file pathes as uri for file based uiSourceCodes.
2615         https://bugs.webkit.org/show_bug.cgi?id=111753
2616
2617         Reviewed by Pavel Feldman.
2618
2619         * inspector/front-end/FileSystemMapping.js:
2620         (WebInspector.FileSystemMappingImpl):
2621         (WebInspector.FileSystemMappingImpl.prototype._loadFromSettings.get this):
2622         (WebInspector.FileSystemMappingImpl.prototype._loadFromSettings):
2623         (WebInspector.FileSystemMappingImpl.prototype._saveToSettings):
2624         (WebInspector.FileSystemMappingImpl.prototype.set addFileSystemMapping):
2625         (WebInspector.FileSystemMappingImpl.prototype.removeFileSystemMapping):
2626         (WebInspector.FileSystemMappingImpl.prototype.fileSystemPaths):
2627         (WebInspector.FileSystemMappingImpl.prototype.fileSystemPathForPrefix):
2628         * inspector/front-end/FileSystemProjectDelegate.js:
2629         (WebInspector.FileSystemProjectDelegate.projectId):
2630         (WebInspector.FileSystemProjectDelegate.prototype.id):
2631         (WebInspector.FileSystemProjectDelegate.prototype.fileSystemPath):
2632         (WebInspector.FileSystemWorkspaceProvider):
2633         (WebInspector.FileSystemWorkspaceProvider.prototype._fileSystemAdded):
2634         (WebInspector.FileSystemWorkspaceProvider.prototype._fileSystemRemoved):
2635         (WebInspector.FileSystemWorkspaceProvider.prototype.fileSystemPath):
2636         * inspector/front-end/IsolatedFileSystemManager.js:
2637         (WebInspector.IsolatedFileSystemManager.prototype._innerAddFileSystem):
2638         (WebInspector.IsolatedFileSystemManager.prototype._fileSystemRemoved):
2639         * inspector/front-end/Workspace.js:
2640         (WebInspector.Workspace.prototype.uiSourceCodeForURL):
2641
2642 2013-03-08  Vsevolod Vlasov  <vsevik@chromium.org>
2643
2644         Web Inspector: Polish TabbedEditorContaner and ScriptsNavigator behavior.
2645         https://bugs.webkit.org/show_bug.cgi?id=111732
2646
2647         Reviewed by Pavel Feldman.
2648
2649         Resources matching inspectedPageURL are always expanded in NavigatorView now.
2650         Snippets tab in scripts navigator is not automatically opened anymore.
2651         Cleared saved TabbedEditorContainer history because it might have been corrupted due to errors in earlier versions.
2652         Snippets are not revealed in TabbedEditorContainer anymore unless they were actually selected by user or there is no other tabs opened.
2653
2654         * inspector/front-end/NavigatorView.js:
2655         (WebInspector.NavigatorView):
2656         (WebInspector.NavigatorView.prototype.addUISourceCode):
2657         (WebInspector.NavigatorView.prototype._inspectedURLChanged):
2658         (WebInspector.NavigatorView.prototype.revealUISourceCode):
2659         (WebInspector.NavigatorView.prototype.removeUISourceCode):
2660         (WebInspector.NavigatorFolderTreeElement.prototype.onattach):
2661         (WebInspector.NavigatorUISourceCodeTreeNode.prototype.uiSourceCode):
2662         (WebInspector.NavigatorUISourceCodeTreeNode.prototype.reveal):
2663         * inspector/front-end/ScriptsNavigator.js:
2664         (WebInspector.ScriptsNavigator.prototype.revealUISourceCode):
2665         * inspector/front-end/ScriptsPanel.js:
2666         (WebInspector.ScriptsPanel.prototype._showFile):
2667         * inspector/front-end/Settings.js:
2668         (WebInspector.VersionController.prototype._updateVersionFrom1To2):
2669         * inspector/front-end/TabbedEditorContainer.js:
2670         (WebInspector.TabbedEditorContainer.prototype.addUISourceCode.tabId.this._tabIds.get this):
2671         (WebInspector.TabbedEditorContainer.prototype.addUISourceCode):
2672         (WebInspector.TabbedEditorContainer.History.prototype._rebuildItemIndex):
2673
2674 2013-03-08  Vsevolod Vlasov  <vsevik@chromium.org>
2675
2676         Web Inspector: Add shortcut for running a snippet.
2677         https://bugs.webkit.org/show_bug.cgi?id=111680
2678
2679         Reviewed by Pavel Feldman.
2680
2681         Added Ctrl/Cmd+Enter as a shortcut for running a snippet.
2682
2683         * inspector/front-end/SnippetJavaScriptSourceFrame.js:
2684         (WebInspector.SnippetJavaScriptSourceFrame):
2685         (WebInspector.SnippetJavaScriptSourceFrame.prototype._runButtonClicked):
2686         (WebInspector.SnippetJavaScriptSourceFrame.prototype._runSnippet):
2687         (WebInspector.SnippetJavaScriptSourceFrame.prototype._onKeyDown):
2688
2689 2013-03-08  Philip Rogers  <pdr@google.com>
2690
2691         Prevent infinite loop in SVG use cycle detection
2692         https://bugs.webkit.org/show_bug.cgi?id=111822
2693
2694         Reviewed by Stephen Chenney.
2695
2696         SVG use cycle detection depended on idForStyleResolution() which differs from
2697         getIdAttribute() in quirks mode. During use tree cycle detection, this difference
2698         resulted in an infinite loop because idForStyleResolution() used lower-cased id
2699         attributes. This patch removes an existing fixme for this and switches to using
2700         getIdAttribute().
2701
2702         Test: svg/custom/use-cycle-detection.html
2703
2704         * svg/SVGUseElement.cpp:
2705         (WebCore::SVGUseElement::hasCycleUseReferencing):
2706
2707 2013-03-08  Yuki Sekiguchi  <yuki.sekiguchi@access-company.com>
2708
2709         When we set word-wrap: break-word and xml:space="preserve" to svg text element, the text is collapsed.
2710         https://bugs.webkit.org/show_bug.cgi?id=111675
2711
2712         Reviewed by Stephen Chenney.
2713
2714         RenderSVGText define its size when it laid out its first line at SVGRootInlineBox::computePerCharacterLayoutInformation().
2715
2716         In the following spec, SVG don't perform automatic line break or word wrapping.
2717         http://www.w3.org/TR/SVG/text.html#Introduction
2718         > SVG performs no automatic line breaking or word wrapping.
2719         However, when we set word-wrap: break-word and xml:space="preserve" to svg text element, RenderBlock::LineBreaker::nextLineBreak() breaks the text.
2720         This make single character lines and make RenderSVGText narrow.
2721
2722         We must ignore word-wrap property to make the text a single line.
2723
2724         We always disable break words and break all in nextLineBreak() when the object is SVGInlineText.
2725
2726         Test: svg/text/preserve-break-word.html
2727
2728         * rendering/RenderBlockLineLayout.cpp:
2729         (WebCore::RenderBlock::LineBreaker::nextSegmentBreak): Disable break words and break all when we process SVG Text.
2730
2731 2013-03-08  Allan Sandfeld Jensen  <allan.jensen@digia.com>
2732
2733         [Qt] HTML5 video - sound volume bar out of widget
2734         https://bugs.webkit.org/show_bug.cgi?id=108213
2735
2736         Reviewed by Jocelyn Turcotte.
2737
2738         Since we use Safari shadow DOM for media controls, follow
2739         the overall layout of Safari media control CSS.
2740
2741         * css/mediaControlsQt.css:
2742         (audio::-webkit-media-controls-panel, video::-webkit-media-controls-panel):
2743         (audio::-webkit-media-controls-mute-button, video::-webkit-media-controls-mute-button):
2744         (audio::-webkit-media-controls-play-button, video::-webkit-media-controls-play-button):
2745         (audio::-webkit-media-controls-timeline-container, video::-webkit-media-controls-timeline-container):
2746         (audio::-webkit-media-controls-current-time-display, video::-webkit-media-controls-current-time-display):
2747         (audio::-webkit-media-controls-time-remaining-display, video::-webkit-media-controls-time-remaining-display):
2748         (audio::-webkit-media-controls-timeline, video::-webkit-media-controls-timeline):
2749         (audio::-webkit-media-controls-volume-slider-container, video::-webkit-media-controls-volume-slider-container):
2750         (audio::-webkit-media-controls-volume-slider, video::-webkit-media-controls-volume-slider):
2751         (audio::-webkit-media-controls-seek-back-button, video::-webkit-media-controls-seek-back-button):
2752         (audio::-webkit-media-controls-seek-forward-button, video::-webkit-media-controls-seek-forward-button):
2753         (audio::-webkit-media-controls-rewind-button, video::-webkit-media-controls-rewind-button):
2754         (audio::-webkit-media-controls-return-to-realtime-button, video::-webkit-media-controls-return-to-realtime-button):
2755         (audio::-webkit-media-controls-toggle-closed-captions-button, video::-webkit-media-controls-toggle-closed-captions-button):
2756
2757 2013-03-08  Allan Sandfeld Jensen  <allan.jensen@digia.com>
2758
2759         [Qt] Doesn't build with QtMultimedia
2760         https://bugs.webkit.org/show_bug.cgi?id=111847
2761
2762         Reviewed by Jocelyn Turcotte.
2763
2764         Fix include.
2765
2766         * platform/graphics/qt/MediaPlayerPrivateQt.h:
2767
2768 2013-03-08  Huang Dongsung  <luxtella@company100.net>
2769
2770         [EFL][Qt] REGRESSION(r144787): A fixed element lags when scrolling and wheeling.
2771         https://bugs.webkit.org/show_bug.cgi?id=111829
2772
2773         Reviewed by Noam Rosenthal.
2774
2775         Currently, flagsChanged deals with all boolean flags. It introduces this bug
2776         because when another flag (i.e. preserves3D) is changed, fixedToViewport is set
2777         to false. So this patch updates all flags when at least one flag is changed.
2778
2779         In addition, this patch amends isScrollable code to match other flags.
2780
2781         This patch can only be tested manually since there is no automated
2782         testing facilities for in-motion touch.
2783         Test: ManualTests/fixed-position.html
2784               ManualTests/nested-fixed-position.html
2785
2786         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
2787         (WebCore::CoordinatedGraphicsLayer::setScrollableArea):
2788         (WebCore::CoordinatedGraphicsLayer::syncLayerState):
2789         * platform/graphics/texmap/coordinated/CoordinatedGraphicsScene.cpp:
2790         (WebCore::CoordinatedGraphicsScene::setLayerState):
2791         * platform/graphics/texmap/coordinated/CoordinatedGraphicsState.h:
2792         (WebCore::CoordinatedGraphicsLayerState::CoordinatedGraphicsLayerState):
2793
2794 2013-03-07  Dean Jackson  <dino@apple.com>
2795
2796         Remove dead label code in snapshotted plugin
2797         https://bugs.webkit.org/show_bug.cgi?id=111781
2798
2799         Reviewed by Tim Horton.
2800
2801         Since ports can use the shadow tree to do label display,
2802         there is no need for the hardcoded timers in RenderSnapshottedPlugin.
2803
2804         * rendering/RenderSnapshottedPlugIn.cpp: Remove label flags and timers.
2805         (WebCore::RenderSnapshottedPlugIn::RenderSnapshottedPlugIn):
2806         (WebCore::RenderSnapshottedPlugIn::~RenderSnapshottedPlugIn):
2807         (WebCore::RenderSnapshottedPlugIn::updateSnapshot):
2808         (WebCore::RenderSnapshottedPlugIn::handleEvent):
2809         * rendering/RenderSnapshottedPlugIn.h:
2810         (RenderSnapshottedPlugIn):
2811
2812 2013-03-07  Dean Jackson  <dino@apple.com>
2813
2814         Implement a custom appearance for the snapshotted plugin background
2815         https://bugs.webkit.org/show_bug.cgi?id=108368
2816
2817         Reviewed by Tim Horton.
2818
2819         After https://bugs.webkit.org/show_bug.cgi?id=108284 (r142507), a
2820         snapshotted plugin was no longer drawing the background of the
2821         label blurred. Since the snapshot content was now a shadow tree,
2822         it wasn't feasible to pre-blur a region of the snapshot: the label
2823         could be any size and in any location, with ports being able to
2824         override the appearance through their UA style sheet.
2825
2826         Instead we now use one of the elements in the tree, the snapshot-overlay,
2827         as a hook where ports can add any effect they want. This could be simply
2828         a border, or a transparent mask, or even a CSS filter. We introduce a custom
2829         CSS appearance "snapshotted-plugin-overlay", which could be added to the
2830         element in the injected UA stylesheet. This calls into RenderTheme in
2831         the same way that custom controls do.
2832
2833         Meanwhile, in RenderThemeMac, we implement the appearance by drawing the
2834         content of the plugin snapshot into the background of the element. That
2835         way we can add effects in CSS.
2836
2837         Test: plugins/snapshot-appearance.html
2838
2839         * css/CSSPrimitiveValueMappings.h:
2840         (WebCore::CSSPrimitiveValue::CSSPrimitiveValue): Handle SnapshottedPluginOverlayPart.
2841         * css/CSSValueKeywords.in: New appearance value snapshotted-plugin-overlay.
2842         * platform/ThemeTypes.h: New value SnapshottedPluginOverlayPart.
2843         * html/HTMLPlugInElement.h:
2844         (WebCore::toHTMLPlugInElement): Add safer casting helpers.
2845         * html/HTMLPlugInImageElement.h:
2846         (WebCore::toHTMLPlugInImageElement): Ditto.
2847         * rendering/RenderSnapshottedPlugIn.cpp: Remove the code for handling
2848             the blur directly in the renderer.
2849         (WebCore::RenderSnapshottedPlugIn::paint): Simplify the paint logic since we're
2850             no longer trying to blur here.
2851         (WebCore::RenderSnapshottedPlugIn::paintSnapshot): Ditto.
2852         * rendering/RenderSnapshottedPlugIn.h: Remove the methods that were trying
2853             to blur the image directly.
2854         * rendering/RenderTheme.cpp:
2855         (WebCore::RenderTheme::paint): Call paintSnapshottedPluginOverlay.
2856         * rendering/RenderTheme.h:
2857         (WebCore::RenderTheme::paintSnapshottedPluginOverlay): New virtual method with default implementation.
2858         * rendering/RenderThemeMacShared.h:
2859         (RenderThemeMacShared): Override paintSnapshottedPluginOverlay.
2860         * rendering/RenderThemeMacShared.mm:
2861         (WebCore::RenderThemeMacShared::paintSnapshottedPluginOverlay): Implement a custom render path
2862             that takes the snapshot image from the node's parent, and draws it into the background.
2863             Along the way make sure we're actually using the right type of element (an HTMLPlugInImageElement).
2864
2865 2013-03-08  Sergio Villar Senin  <svillar@igalia.com>
2866
2867         Improve drag&drop of list items in contentEditable divs
2868         https://bugs.webkit.org/show_bug.cgi?id=111556
2869
2870         Reviewed by Ryosuke Niwa.
2871
2872         A single fully selected <li> should generate the same markup as if
2873         we were selecting some of them, i.e., we should preserve the list
2874         structure and appearance.
2875
2876         Test: editing/selection/drag-list-item.html
2877
2878         * editing/htmlediting.cpp:
2879         (WebCore::isListItem): modified constness.
2880         * editing/htmlediting.h:
2881         (WebCore): ditto.
2882         * editing/markup.cpp:
2883         (WebCore::highestAncestorToWrapMarkup):
2884
2885 2013-03-08  Alberto Garcia  <agarcia@igalia.com>
2886
2887         [BlackBerry] LayerTiler: rename currentFrameHasAlpha as currentFrameKnownToBeOpaque
2888         https://bugs.webkit.org/show_bug.cgi?id=111828
2889
2890         Reviewed by Carlos Garcia Campos.
2891
2892         This changed in r141637.
2893
2894         * platform/graphics/blackberry/LayerTiler.cpp:
2895         (WebCore::LayerTiler::updateTextureContentsIfNeeded):
2896
2897 2013-03-08  Antoine Quint  <graouts@apple.com>
2898
2899         Fix a couple of typos.
2900
2901         Unreviewed.
2902
2903         * inspector/Inspector.json:
2904
2905 2013-03-08  Carlos Garcia Campos  <cgarcia@igalia.com>
2906
2907         [BlackBerry] Use OwnPtr for CredentialBackingStore members
2908         https://bugs.webkit.org/show_bug.cgi?id=111737
2909
2910         Reviewed by Rob Buis.
2911
2912         It simplifies the code a bit.
2913
2914         * platform/network/blackberry/CredentialBackingStore.cpp:
2915         (WebCore::CredentialBackingStore::~CredentialBackingStore):
2916         (WebCore::CredentialBackingStore::open):
2917         (WebCore::CredentialBackingStore::certMgrWrapper):
2918         * platform/network/blackberry/CredentialBackingStore.h:
2919         (CredentialBackingStore):
2920
2921 2013-03-07  Gavin Barraclough  <barraclough@apple.com>
2922
2923         MemoryPressureHandler should fully flush the WebCore & NS URL caches
2924         https://bugs.webkit.org/show_bug.cgi?id=111827
2925
2926         Rubber Stamped by Geoff Garen
2927
2928         When the handler is fired we should free as much memory as possible.
2929
2930         * platform/mac/MemoryPressureHandlerMac.mm:
2931         (WebCore::MemoryPressureHandler::releaseMemory):
2932             - fully flush the WebCore & NS URL caches
2933
2934 2013-03-07  Keishi Hattori  <keishi@webkit.org>
2935
2936         Update calendar picker UI
2937         https://bugs.webkit.org/show_bug.cgi?id=109439
2938
2939         Reviewed by Kent Tamura.
2940
2941         This patch changes the calendar picker UI.
2942
2943         Added tests to existing calendar picker tests.
2944         Test: platform/chromium/fast/forms/calendar-picker/calendar-picker-appearance-month-popup.html
2945
2946         * Resources/pagepopups/calendarPicker.css:
2947         (body):
2948         (.rtl):
2949         (.scroll-view):
2950         (.scroll-view-content):
2951         (.list-cell):
2952         (.list-cell.hidden):
2953         (.day-cell):
2954         (.week-number-cell):
2955         (.day-cell.today):
2956         (.day-cell.highlighted):
2957         (.day-cell.highlighted.disabled):
2958         (.day-cell.selected):
2959         (.day-cell.disabled):
2960         (.day-cell.current-month):
2961         (.calendar-table-view):
2962         (.preparing .calendar-table-view:focus):
2963         (.week-day-label):
2964         (.week-number-label):
2965         (.calendar-table-header-view):
2966         (.calendar-picker):
2967         (.calendar-header-view):
2968         (.calendar-title):
2969         (.rtl .calendar-title):
2970         (.month-popup-button:disabled):
2971         (.month-popup-button):
2972         (.month-popup-button .disclosure-triangle):
2973         (.month-popup-button .disclosure-triangle svg):
2974         (.today-button::after):
2975         (.calendar-navigation-button):
2976         (.year-list-view):
2977         (.year-list-cell):
2978         (.year-list-cell .label):
2979         (.year-list-cell .month-chooser):
2980         (.month-buttons-row):
2981         (.month-button):
2982         (.month-button.highlighted):
2983         (.scrubby-scroll-bar):
2984         (.scrubby-scroll-thumb):
2985         (.month-popup-view):
2986         (.year-list-view .scrubby-scroll-bar):
2987         (.rtl .year-list-view .scrubby-scroll-bar):
2988         * Resources/pagepopups/calendarPicker.js:
2989         (setGlobalParams): Sets the global params.
2990         (initialize):
2991         (openCalendarPicker):
2992         (CalendarHeaderView.prototype.onNavigationButtonClick): Fix typo.
2993         (CalendarPicker):
2994         (CalendarPicker.prototype.onWindowResize): We want to have the "preparing" class applied
2995         to cancel css transitions while setting up the calendar picker so we can avoid flaky pixel tests.
2996         (CalendarPicker.prototype.onYearListViewDidHide): The user clicked on a month so hide the month popup.
2997         (CalendarPicker.prototype.onYearListViewDidSelectMonth): Change the current month in response to the month popup.
2998         (CalendarPicker.prototype.attachTo): We want the calendar table focused when the calendar picker first opens.
2999         (CalendarPicker.prototype.cleanup): Clean up any event listeners or elements attached to nodes outside of this.element.
3000         (CalendarPicker.prototype.onMonthPopupButtonClick): Open the month popup in response to the month popup button being clicked.
3001         (CalendarPicker.prototype._setConfig): Configures the calendar picker.
3002         (CalendarPicker.prototype.currentMonth): The currently shown month.
3003         (CalendarPicker.prototype.setCurrentMonth): Scrolls the calendar table to the given month. Use the navigation behavior param to specify if you want a transition animation.
3004         (CalendarPicker.prototype.adjustHeight): Adjusts the height so its just tall enough to fit the current month. If the month picker is open, fit that.
3005         (CalendarPicker.prototype.selection): Currently selected date range.
3006         (CalendarPicker.prototype.highlight): Currently highlighted date range.
3007         (CalendarPicker.prototype.firstVisibleDay): Returns the first visible day ignoring scroll animation (i.e. this is the first visible day when the scroll animation is done).
3008         (CalendarPicker.prototype.lastVisibleDay): Returns the last visible day ignoring scroll animation.
3009         (CalendarPicker.prototype.selectRangeContainingDay): Sets the selection to the date range containing the given day.
3010         (CalendarPicker.prototype.highlightRangeContainingDay): Sets the highlight to the date range containing the given day.
3011         (CalendarPicker.prototype.setSelection): Sets the selection to the given date range.
3012         (CalendarPicker.prototype._setHighlight): Sets the highlight to the given date range.
3013         (CalendarPicker.prototype._stepMismatch): Just moving.
3014         (CalendarPicker.prototype._outOfRange): Ditto.
3015         (CalendarPicker.prototype.isValid): Returns true if the given date range is a valid selection.
3016         (CalendarPicker.prototype.isValidDay): Returns true if the day is part of a valid selection.
3017         (CalendarPicker.prototype._moveHighlight): Moves the highlight to the given date range if possible. Returns true if it succeeds.
3018         (CalendarPicker.prototype.onCalendarTableKeyDown): Handles the arrow keys, etc.
3019         (CalendarPicker.prototype.width):
3020         (CalendarPicker.prototype.height):
3021         (CalendarPicker.prototype.setHeight):
3022         (CalendarPicker.prototype.onBodyKeyDown): Handles esc/m/y/d.
3023         * Resources/pagepopups/chromium/calendarPickerChromium.css:
3024         (.calendar-table-view:focus):
3025         (.preparing .calendar-table-view:focus):
3026
3027 2013-03-07  Seokju Kwon  <seokju.kwon@gmail.com>
3028
3029         Web Inspector: Remove unused return value after r122962
3030         https://bugs.webkit.org/show_bug.cgi?id=111821
3031
3032         Reviewed by Pavel Feldman.
3033
3034         No new tests.
3035
3036         * inspector/front-end/ConsolePanel.js:
3037         (WebInspector.ConsolePanel.prototype.jumpToPreviousSearchResult):
3038         * inspector/front-end/ElementsPanel.js:
3039         (WebInspector.ElementsPanel.prototype.jumpToPreviousSearchResult):
3040         * inspector/front-end/ScriptsPanel.js:
3041         (WebInspector.ScriptsPanel.prototype.jumpToPreviousSearchResult):
3042
3043 2013-03-07  Sheriff Bot  <webkit.review.bot@gmail.com>
3044
3045         Unreviewed, rolling out r145166.
3046         http://trac.webkit.org/changeset/145166
3047         https://bugs.webkit.org/show_bug.cgi?id=111819
3048
3049         build break - no symbol
3050         webkit_support::CreateScopedTempDirectory() (Requested by
3051         hayato on #webkit).
3052
3053         * Modules/indexeddb/IDBBackingStore.cpp:
3054         (WebCore::IDBBackingStore::IDBBackingStore):
3055         (WebCore::IDBBackingStore::~IDBBackingStore):
3056         (WebCore::IDBBackingStore::open):
3057         * Modules/indexeddb/IDBBackingStore.h:
3058         (WebCore):
3059         (IDBBackingStore):
3060         * Modules/indexeddb/IDBFactoryBackendImpl.cpp:
3061         (WebCore::IDBFactoryBackendImpl::addIDBBackingStore):
3062         (WebCore):
3063         (WebCore::IDBFactoryBackendImpl::removeIDBBackingStore):
3064         (WebCore::IDBFactoryBackendImpl::openBackingStore):
3065         * Modules/indexeddb/IDBFactoryBackendImpl.h:
3066         (IDBFactoryBackendImpl):
3067
3068 2013-03-07  Hajime Morrita  <morrita@google.com>
3069
3070         Custom Elements: CustomElement constructor shouldn't share function instance
3071         https://bugs.webkit.org/show_bug.cgi?id=111807
3072
3073         Reviewed by Kentaro Hara.
3074
3075         Adaptor functions of custom elements unintentionally share the instance.
3076         This fix gives new one for each.
3077
3078         Test: Updated fast/dom/custom/document-register-basic.html
3079
3080         * bindings/v8/V8AdaptorFunction.cpp:
3081         (WebCore::V8AdaptorFunction::wrap):
3082
3083 2013-03-07  Jared Wyles  <wyles@adobe.com>
3084
3085         Reading border radius from style property returns in wrong order.
3086         https://bugs.webkit.org/show_bug.cgi?id=110853
3087
3088         Reviewed by Ryosuke Niwa
3089         
3090         Updating the order of border-radius to return in the order specified
3091         in http://www.w3.org/TR/css3-background/#the-border-radius
3092
3093         Tests updated in LayoutTests/fast/borders/border-radius-parsing.html 
3094         Changed the expectations in LayoutTests/inspector/elements/elements-panel-styles-expected.txt 
3095         
3096         Compat information -
3097         jQuery's css function favours using getComputedStyle for elements so that should not be impacted.
3098         Zepto does check for the element on style first so may be a slight concern there.
3099
3100         * css/StylePropertyShorthand.cpp:
3101         (WebCore::borderRadiusShorthand):
3102
3103 2013-03-07  Andreas Kling  <akling@apple.com>
3104
3105         Resizing Cappuccino is very laggy on WebKit since Safari 5.1
3106         <http://webkit.org/b/71354>
3107         <rdar://problem/10565998>
3108
3109         Reviewed by Anders Carlsson.
3110
3111         * WebCore.exp.in: Export FloatPoint(const NSPoint&)
3112
3113 2013-03-07  Andreas Kling  <akling@apple.com>
3114
3115         Remove desktop version of -webkit-text-size-adjust property.
3116         <http://webkit.org/b/56543>
3117         <rdar://problem/9150203>
3118
3119         Reviewed by Simon Fraser.
3120
3121         This property existed to support a number of Apple-internal clients of WebKit.
3122         We no longer need this property, and since it's clashing with a mobile version of the
3123         same property with different meaning, let's remove it altogether from the desktop build.
3124
3125         * css/CSSComputedStyleDeclaration.cpp:
3126         (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
3127         * css/CSSParser.cpp:
3128         (WebCore::isValidKeywordPropertyAndValue):
3129         (WebCore::isKeywordPropertyID):
3130         (WebCore::CSSParser::parseValue):
3131         * css/CSSPrimitiveValue.cpp:
3132         (WebCore::CSSPrimitiveValue::computeLengthDouble):
3133         * css/CSSProperty.cpp:
3134         (WebCore::CSSProperty::isInheritedProperty):
3135         * css/CSSPropertyNames.in:
3136         * css/StyleBuilder.cpp:
3137         (WebCore::ApplyPropertyLineHeight::applyValue):
3138         * css/StyleResolver.cpp:
3139         (WebCore::StyleResolver::updateFont):
3140         (WebCore::StyleResolver::applyProperties):
3141         (WebCore::StyleResolver::applyProperty):
3142         * css/StyleResolver.h:
3143         (StyleResolver):
3144         * css/svg.css:
3145         * editing/EditingStyle.cpp:
3146         * inspector/front-end/inspector.css:
3147         (#console-messages):
3148         * inspector/front-end/resourcesPanel.css:
3149         (.storage-view.query):
3150         * rendering/style/RenderStyle.cpp:
3151         (WebCore::RenderStyle::diff):
3152         * rendering/style/RenderStyle.h:
3153         * rendering/style/StyleRareInheritedData.cpp:
3154         (WebCore::StyleRareInheritedData::StyleRareInheritedData):
3155         (WebCore::StyleRareInheritedData::operator==):
3156         * rendering/style/StyleRareInheritedData.h:
3157         (StyleRareInheritedData):
3158
3159 2013-03-07  Joshua Bell  <jsbell@chromium.org>
3160
3161         IndexedDB: Use WeakPtr for Factory-to-BackingStore reference
3162         https://bugs.webkit.org/show_bug.cgi?id=111459
3163
3164         Reviewed by Adam Barth.
3165
3166         IDBFactoryBackendImpl maintains a map of backing stores - if another database in the same
3167         origin is opened, the backing store instance must be re-used). This was a map to raw
3168         pointers so that the backing store can be collected when all database references are
3169         dropped. The map was maintained manually by passing the factory to the IDBBackingStore which
3170         would add/remove itself on creation/destruction.
3171
3172         Replace this with a HashMap<WeakPtr<>>. This simplifies the plumbing; map entries
3173         "leak" but are purged on subsequent opens.
3174
3175         Added webkit_unit_test (Chromium port) to verify refcounts.
3176
3177         * Modules/indexeddb/IDBBackingStore.cpp:
3178         (WebCore::IDBBackingStore::IDBBackingStore): No need to notify factory of lifetime.
3179         (WebCore::IDBBackingStore::~IDBBackingStore): Ditto.
3180         (WebCore::IDBBackingStore::open): Ditto.
3181         * Modules/indexeddb/IDBBackingStore.h: No reference to the factory, but...
3182         (WebCore::IDBBackingStore::createWeakPtr): Do need to expose weak pointers for the factory to hold.
3183         * Modules/indexeddb/IDBFactoryBackendImpl.cpp:
3184         (WebCore::cleanWeakMap): Helper function to scrub a HashMap<WeakPtr<T>> of empty pointers.
3185         May move to WTF when we've learned how general it is, or come up with a dedicated WeakPtrHashMap type.
3186         (WebCore::IDBFactoryBackendImpl::openBackingStore): WeakPtr fu.
3187         * Modules/indexeddb/IDBFactoryBackendImpl.h:
3188         (IDBFactoryBackendImpl): Remove plumbing methods.
3189
3190 2013-03-07  Otto Derek Cheung  <otcheung@rim.com>
3191
3192         [BlackBerry] RefCounting ParsedCookie to avoid SegFaults
3193         https://bugs.webkit.org/show_bug.cgi?id=111761
3194
3195         Reviewed by Rob Buis.
3196
3197         Making necessary changes to ref count the ParsedCookie object.
3198
3199         Tested using the opera cookie test suite and the BB Browser cookie test suite.
3200         Tested using the browser, visiting popular sites such as facebook, reddit, google etc
3201         to ensure cookie functionality isn't changed.
3202
3203         * loader/blackberry/CookieJarBlackBerry.cpp:
3204         (WebCore::getRawCookies):
3205         * platform/blackberry/CookieDatabaseBackingStore/CookieDatabaseBackingStore.cpp:
3206         (WebCore::CookieDatabaseBackingStore::insert):
3207         (WebCore::CookieDatabaseBackingStore::update):
3208         (WebCore::CookieDatabaseBackingStore::remove):
3209         (WebCore::CookieDatabaseBackingStore::getCookiesFromDatabase):
3210         (WebCore::CookieDatabaseBackingStore::invokeGetCookiesWithLimit):
3211         (WebCore::CookieDatabaseBackingStore::invokeSendChangesToDatabase):
3212         (WebCore::CookieDatabaseBackingStore::addToChangeQueue):
3213         * platform/blackberry/CookieDatabaseBackingStore/CookieDatabaseBackingStore.h:
3214         (CookieDatabaseBackingStore):
3215         * platform/blackberry/CookieManager.cpp:
3216         (WebCore::cookieSorter):
3217         (WebCore::CookieManager::setCookies):
3218         (WebCore::CookieManager::getCookie):
3219         (WebCore::CookieManager::generateHtmlFragmentForCookies):
3220         (WebCore::CookieManager::getRawCookies):
3221         (WebCore::CookieManager::checkAndTreatCookie):
3222         (WebCore::CookieManager::addCookieToMap):
3223         (WebCore::CookieManager::getBackingStoreCookies):
3224         (WebCore::CookieManager::findOrCreateCookieMap):
3225         (WebCore::CookieManager::removeCookieWithName):
3226         (WebCore::CookieManager::cookieLimitCleanUp):
3227         * platform/blackberry/CookieManager.h:
3228         * platform/blackberry/CookieMap.cpp:
3229         (WebCore::CookieMap::addOrReplaceCookie):
3230         (WebCore::CookieMap::removeCookieAtIndex):
3231         (WebCore::CookieMap::removeCookie):
3232         (WebCore::CookieMap::getAllCookies):
3233         (WebCore::CookieMap::removeOldestCookie):
3234         (WebCore::CookieMap::deleteAllCookiesAndDomains):
3235         (WebCore::CookieMap::getAllChildCookies):
3236         * platform/blackberry/CookieMap.h:
3237         (CookieMap):
3238         * platform/blackberry/CookieParser.cpp:
3239         (WebCore):
3240         (WebCore::CookieParser::parse):
3241         (WebCore::CookieParser::parseOneCookie):
3242         * platform/blackberry/CookieParser.h:
3243         (CookieParser):
3244         * platform/blackberry/ParsedCookie.cpp:
3245         * platform/blackberry/ParsedCookie.h:
3246         (ParsedCookie):
3247         (WebCore::ParsedCookie::create):
3248
3249 2013-03-07  Aaron Colwell  <acolwell@chromium.org>
3250
3251         Heap-use-after-free in WebCore::HTMLMediaElement::~HTMLMediaElement
3252         https://bugs.webkit.org/show_bug.cgi?id=110623
3253
3254         Reviewed by Kentaro Hara.
3255
3256         Test: http/tests/misc/delete-frame-during-readystatechange-with-gc-after-video-removal.html
3257
3258         * bindings/v8/V8GCController.cpp: Fix MinorGCWrapperVisitor so it doesn't collect ActiveDOMObjects
3259                                           that have pending activity.
3260         * html/HTMLAudioElement.h:
3261         (HTMLAudioElement): Removed hasPendingActivity() now that this is handled by the base class.
3262         * html/HTMLAudioElement.idl: Removed ActiveDOMObject annotation since HTMLMediaElement now has it.
3263         * html/HTMLMediaElement.cpp:
3264         (WebCore::HTMLMediaElement::hasPendingActivity): Update implementation to return true if the media
3265                                                          has audio and is playing. This brings the code into
3266                                                          compliance with the detached element behavior outlined
3267                                                          in the HTML5 spec.
3268         * html/HTMLMediaElement.idl: Added ActiveDOMObject annotation so that all derived classes are
3269                                      considered ActiveDOMObjects.
3270
3271 2013-03-07  Jeffrey Pfau  <jpfau@apple.com>
3272
3273         CFNetwork cache partitioning does not work properly on subdomains
3274         https://bugs.webkit.org/show_bug.cgi?id=111772
3275
3276         Reviewed by David Kilzer.
3277
3278         Ensure that the cache partitioning is done over the top privately-controlled domain for the NSURLRequest.
3279
3280         Not possible to test with current automated test tools, must be tested manually.
3281
3282         * loader/cache/MemoryCache.cpp: Remove extraneous calls to partitionName
3283         (WebCore):
3284         (WebCore::MemoryCache::add):
3285         (WebCore::MemoryCache::revalidationSucceeded):
3286         (WebCore::MemoryCache::resourceForRequest):
3287         (WebCore::MemoryCache::evict):
3288         (WebCore::MemoryCache::removeResourcesWithOrigin):
3289         * platform/network/cf/ResourceRequest.h: Put top privately-controlled domain reduction code into ResourceRequest::partitionName
3290         (ResourceRequest):
3291         (WebCore::ResourceRequest::cachePartition):
3292         (WebCore::ResourceRequest::setCachePartition): Pre-process the partition name
3293         * platform/network/cf/ResourceRequestCFNet.cpp:
3294         (WebCore):
3295         (WebCore::ResourceRequest::partitionName):
3296         * platform/network/mac/ResourceRequestMac.mm:
3297         (WebCore::ResourceRequest::doUpdatePlatformRequest): Use a UTF-8 version of the cache partition name
3298
3299 2013-03-07  Kenneth Russell  <kbr@google.com>
3300
3301         Compute WebGL context attributes from DrawingBuffer when it is used
3302         https://bugs.webkit.org/show_bug.cgi?id=111666
3303
3304         Reviewed by James Robinson.
3305
3306         Fixed computation of antialias flag when DrawingBuffer is used.
3307
3308         No new tests; covered by existing tests. Ran WebGL conformance
3309         tests on desktop Linux and Android to test.
3310
3311         * html/canvas/WebGLRenderingContext.cpp:
3312         (WebCore):
3313         (WebCore::WebGLRenderingContext::getContextAttributes):
3314             Query DrawingBuffer, when used, for antialias flag.
3315
3316 2013-03-07  Beth Dakin  <bdakin@apple.com>
3317
3318         Need API to draw custom overhang area
3319         https://bugs.webkit.org/show_bug.cgi?id=111679
3320         -and corresponding-
3321         <rdar://problem/13291415>
3322
3323         Reviewed by Simon Fraser.
3324
3325         This will allow clients to put custom images into the top or bottom overhang area.
3326
3327         New FrameView API takes a bool indicating whether the client wants a top/bottom 
3328         overhang layer. If the bool is true, the overhang layer will be returned. 
3329         * WebCore.exp.in:
3330         * page/FrameView.cpp:
3331         (WebCore::FrameView::setWantsLayerForTopOverHangArea):
3332         (WebCore::FrameView::setWantsLayerForBottomOverHangArea):
3333         * page/FrameView.h:
3334         (FrameView):
3335
3336         Keep member variables for the top and bottom overhang layers. Create them if 
3337         necessary, and update them if the root layer changes.
3338         * rendering/RenderLayerCompositor.cpp:
3339         (WebCore::RenderLayerCompositor::updateRootLayerPosition):
3340         (WebCore::RenderLayerCompositor::updateLayerForTopOverhangArea):
3341         (WebCore::RenderLayerCompositor::updateLayerForBottomOverhangArea):
3342         (WebCore::RenderLayerCompositor::reportMemoryUsage):
3343         * rendering/RenderLayerCompositor.h:
3344         (RenderLayerCompositor):
3345
3346 2013-03-07  Gavin Barraclough  <barraclough@apple.com>
3347
3348         Reduce page cache size on Mac
3349         https://bugs.webkit.org/show_bug.cgi?id=111795
3350
3351         Rubber stamped by Geoff Garen
3352
3353         5 entries is unnecessarily large; research show 3 should suffice.
3354         On a low memory warning we should clear this completely.
3355
3356         * platform/mac/MemoryPressureHandlerMac.mm:
3357         (WebCore::MemoryPressureHandler::releaseMemory):
3358             - clear the page cache completely
3359
3360 2013-03-07  Simon Fraser  <simon.fraser@apple.com>
3361
3362         Rename Mac's TileCache to TileController, and WebTileCacheLayer to WebTiledBackingLayer
3363         https://bugs.webkit.org/show_bug.cgi?id=111779
3364
3365         Reviewed by Tim Horton.
3366         
3367         "TileCache" was a name conflict in downstream code, so rename it to TileController.
3368         The layer that has a TileController is now a WebTiledBackingLayer (which fits with
3369         the TiledBacking API that TileController exposes).
3370         
3371         Also renamed the flags in PlatformCALayer to match.
3372
3373         Rename only, no behavior change.
3374
3375         * WebCore.xcodeproj/project.pbxproj:
3376         * page/scrolling/mac/ScrollingTreeScrollingNodeMac.mm:
3377         (WebCore::ScrollingTreeScrollingNodeMac::logExposedUnfilledArea):
3378         * platform/graphics/GraphicsLayerClient.h:
3379         (WebCore::GraphicsLayerClient::shouldUseTiledBacking):
3380         * platform/graphics/ca/GraphicsLayerCA.cpp:
3381         (WebCore::GraphicsLayerCA::GraphicsLayerCA):
3382         (WebCore::GraphicsLayerCA::recursiveCommitChanges):
3383         (WebCore::GraphicsLayerCA::platformCALayerShowRepaintCounter):
3384         (WebCore::GraphicsLayerCA::platformCALayerDidCreateTiles):
3385         (WebCore::GraphicsLayerCA::updateVisibleRect):
3386         (WebCore::GraphicsLayerCA::getDebugBorderInfo):
3387         (WebCore::GraphicsLayerCA::requiresTiledLayer):
3388         (WebCore::GraphicsLayerCA::swapFromOrToTiledLayer):
3389         * platform/graphics/ca/GraphicsLayerCA.h:
3390         * platform/graphics/ca/PlatformCALayer.h:
3391         (WebCore::PlatformCALayer::usesTiledBackingLayer):
3392         * platform/graphics/ca/mac/PlatformCALayerMac.mm:
3393         (PlatformCALayer::PlatformCALayer):
3394         (PlatformCALayer::~PlatformCALayer):
3395         (PlatformCALayer::tiledBacking):
3396         * platform/graphics/ca/mac/TileController.h: Renamed from Source/WebCore/platform/graphics/ca/mac/TileCache.h.
3397         * platform/graphics/ca/mac/WebTileLayer.h:
3398         (TileController):
3399         * platform/graphics/ca/mac/WebTileLayer.mm:
3400         (-[WebTileLayer drawInContext:]):
3401         (-[WebTileLayer setTileController:WebCore::]):
3402         (-[WebTileLayer logFilledFreshTile]):
3403         * platform/graphics/ca/mac/WebTiledBackingLayer.h: Renamed from Source/WebCore/platform/graphics/ca/mac/WebTileCacheLayer.h.
3404         * platform/graphics/ca/mac/WebTiledBackingLayer.mm: Renamed from Source/WebCore/platform/graphics/ca/mac/WebTileCacheLayer.mm.
3405         * platform/graphics/mac/WebLayer.mm:
3406         (drawLayerContents):
3407         * rendering/RenderLayerBacking.cpp:
3408         (WebCore::RenderLayerBacking::RenderLayerBacking):
3409         (WebCore::RenderLayerBacking::shouldUseTiledBacking):
3410         (WebCore::RenderLayerBacking::adjustTiledBackingCoverage):
3411         (WebCore::RenderLayerBacking::createPrimaryGraphicsLayer):
3412         * rendering/RenderLayerBacking.h:
3413         (WebCore::RenderLayerBacking::usingTiledBacking):
3414         (RenderLayerBacking):
3415         (WebCore::RenderLayerBacking::hasTiledBackingFlatteningLayer):
3416         * rendering/RenderLayerCompositor.cpp:
3417         (WebCore::RenderLayerCompositor::frameViewDidLayout):
3418         (WebCore::RenderLayerCompositor::rootFixedBackgroundsChanged):
3419         (WebCore::RenderLayerCompositor::supportsFixedRootBackgroundCompositing):
3420
3421 2013-03-07  Alexey Proskuryakov  <ap@apple.com>
3422
3423         FormData should allow setting filename to empty
3424         https://bugs.webkit.org/show_bug.cgi?id=111687
3425
3426         Reviewed by Brady Eidson.
3427
3428         Tests: http/tests/local/formdata/send-form-data-with-empty-blob-filename.html
3429                http/tests/local/formdata/send-form-data-with-empty-file-filename.html
3430
3431         * platform/network/FormData.cpp: (WebCore::FormData::appendKeyValuePairItems):
3432         Missing value is a null string. If the string is empty, we should treat is as
3433         authoritative.
3434
3435 2013-03-07  David Hyatt  <hyatt@apple.com>
3436
3437         REGRESSION: fast/border/border-fit-2.html needs updating
3438         https://bugs.webkit.org/show_bug.cgi?id=111776
3439
3440         Reviewed by Simon Fraser.
3441
3442