9cc5dfd183d19ba8d4577c0c2984569fb64e1220
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2018-05-15  Yusuke Suzuki  <utatane.tea@gmail.com>
2
3         [JSC] Check TypeInfo first before calling getCallData when we would like to check whether given object is a function
4         https://bugs.webkit.org/show_bug.cgi?id=185601
5
6         Reviewed by Saam Barati.
7
8         No behavior change.
9
10         * Modules/plugins/QuickTimePluginReplacement.mm:
11         (WebCore::QuickTimePluginReplacement::ensureReplacementScriptInjected):
12         * bindings/js/JSCustomElementRegistryCustom.cpp:
13         (WebCore::getCustomElementCallback):
14         * bindings/js/JSDOMConstructorBase.h:
15         * bindings/js/JSDOMConvertCallbacks.h:
16         (WebCore::Converter<IDLCallbackFunction<T>>::convert):
17         * bindings/js/JSDOMPromise.cpp:
18         (WebCore::DOMPromise::whenSettled):
19         * bindings/js/ReadableStream.cpp:
20         (WebCore::ReadableStream::pipeTo):
21         (WebCore::ReadableStream::tee):
22         * bindings/js/ReadableStreamDefaultController.cpp:
23         (WebCore::ReadableStreamDefaultController::invoke):
24         * bindings/scripts/CodeGeneratorJS.pm:
25         (GenerateHeader):
26         (GenerateOverloadDispatcher):
27         * bindings/scripts/test/JS/JSTestObj.h:
28         * bindings/scripts/test/JS/JSTestPluginInterface.h:
29         * bridge/objc/objc_runtime.h:
30         * bridge/runtime_method.h:
31         * bridge/runtime_object.h:
32         * html/HTMLMediaElement.cpp:
33         (WebCore::HTMLMediaElement::ensureMediaControlsInjectedScript):
34         * testing/Internals.cpp:
35         (WebCore::Internals::parserMetaData):
36         (WebCore::Internals::cloneArrayBuffer):
37
38 2018-05-15  Matt Baker  <mattbaker@apple.com>
39
40         Web Inspector: element details hanger in inspector overlay should have better placement logic
41         https://bugs.webkit.org/show_bug.cgi?id=128482
42         <rdar://problem/16020709>
43
44         Reviewed by Timothy Hatcher.
45
46         When determining the best position for the hovered element details "tooltip",
47         perform placement tests in view space, not canvas space, and account for the
48         top content inset.
49
50         * inspector/InspectorOverlayPage.js:
51         (reset): Drive by fix: added missing `.height`.
52         (_drawElementTitle):
53
54 2018-05-15  Commit Queue  <commit-queue@webkit.org>
55
56         Unreviewed, rolling out r231765.
57         https://bugs.webkit.org/show_bug.cgi?id=185668
58
59         the layout test added with this change is very flaky
60         (Requested by realdawei on #webkit).
61
62         Reverted changeset:
63
64         "REGRESSION (r230574): Interrupted hardware transitions don't
65         behave correctly"
66         https://bugs.webkit.org/show_bug.cgi?id=185299
67         https://trac.webkit.org/changeset/231765
68
69 2018-05-15  Devin Rousso  <webkit@devinrousso.com>
70
71         Web Inspector: Add rulers and guides
72         https://bugs.webkit.org/show_bug.cgi?id=32263
73         <rdar://problem/19281564>
74
75         Reviewed by Matt Baker.
76
77         This patch is purely a visual change for WebInspector, and doesn't affect anything else.
78
79         * inspector/InspectorOverlay.h:
80         * inspector/InspectorOverlay.cpp:
81         (WebCore::InspectorOverlay::update):
82         (WebCore::InspectorOverlay::reset):
83         (WebCore::InspectorOverlay::drawGutter): Deleted.
84
85         * inspector/InspectorOverlayPage.html:
86         * inspector/InspectorOverlayPage.js:
87         (Bounds): Added.
88         (Bounds.prototype.get minX): Added.
89         (Bounds.prototype.get minY): Added.
90         (Bounds.prototype.get maxX): Added.
91         (Bounds.prototype.get maxY): Added.
92         (Bounds.prototype.update): Added.
93         (drawNodeHighlight):
94         (drawQuadHighlight):
95         (reset):
96         (_isolateActions): Added.
97         (_quadToPath): Added.
98         (_quadToPath.parseQuadPoint): Added.
99         (_drawOutlinedQuad): Added.
100         (_drawPath): Added.
101         (_drawPath.parsePoints): Added.
102         (_drawOutlinedQuadWithClip): Added.
103         (_drawElementTitle):
104         (_drawShapeHighlight):
105         (_drawFragmentHighlight):
106         (_drawRulers): Added.
107         (quadToPath): Deleted.
108         (drawOutlinedQuad): Deleted.
109         (pathCommand): Deleted.
110         (drawPath): Deleted.
111         (drawOutlinedQuadWithClip): Deleted.
112         (drawGutter): Deleted.
113         * inspector/InspectorOverlayPage.css:
114         (#log): Added.
115         (#right-gutter): Deleted.
116         (#bottom-gutter): Deleted.
117
118 2018-05-15  Jer Noble  <jer.noble@apple.com>
119
120         Media continues loading after rendered invisible (removed from DOM; scrolled off screen)
121         https://bugs.webkit.org/show_bug.cgi?id=185487
122
123         Reviewed by Eric Carlson.
124
125         Test: media/video-buffering-allowed.html
126
127         When a media element is removed from the dom (e.g. through innerHTML=""), it doesn't
128         necessarily stop loading media data; it will continue to do so until its destructor is
129         called through garbage collection. Similarly, when a media element is rendered not-visible
130         by being scrolled off-screen or being made display:none, media loading continues. There
131         are legitimate use cases for out-of-DOM media loading, so only temporarily block loading
132         when the element transitions out of the document. Similarly, only block loading for non-visible
133         media elements when returning from the "page is hidden" state, and only until the media
134         element is asked to play or is otherwise made visible.
135
136         Note: this refactors a lot of code out of PlatformMediaSession and into MediaElementSession,
137         since this code is specific to "media elements".
138
139         * html/HTMLMediaElement.cpp:
140         (WebCore::HTMLMediaElement::HTMLMediaElement):
141         (WebCore::HTMLMediaElement::insertedIntoAncestor):
142         (WebCore::HTMLMediaElement::removedFromAncestor):
143         (WebCore::HTMLMediaElement::playInternal):
144         (WebCore::HTMLMediaElement::stopWithoutDestroyingMediaPlayer):
145         (WebCore::HTMLMediaElement::resume):
146         (WebCore::HTMLMediaElement::visibilityStateChanged):
147         (WebCore::HTMLMediaElement::createMediaPlayer):
148         (WebCore::HTMLMediaElement::setShouldBufferData):
149         (WebCore::HTMLMediaElement::purgeBufferedDataIfPossible):
150         (WebCore::HTMLMediaElement::isVisibleInViewportChanged):
151         (WebCore::HTMLMediaElement::fullscreenModeChanged):
152         (WebCore::HTMLMediaElement::setInActiveDocument):
153         * html/HTMLMediaElement.h:
154         (WebCore::HTMLMediaElement::shouldBufferData const):
155         (WebCore::HTMLMediaElement::elementIsHidden const):
156         * html/MediaElementSession.cpp:
157         (WebCore::MediaElementSession::MediaElementSession):
158         (WebCore::MediaElementSession::clientWillBeginAutoplaying):
159         (WebCore::MediaElementSession::clientWillBeginPlayback):
160         (WebCore::MediaElementSession::clientWillPausePlayback):
161         (WebCore::MediaElementSession::visibilityChanged):
162         (WebCore::MediaElementSession::isVisibleInViewportChanged):
163         (WebCore::MediaElementSession::inActiveDocumentChanged):
164         (WebCore::MediaElementSession::scheduleClientDataBufferingCheck):
165         (WebCore::MediaElementSession::clientDataBufferingTimerFired):
166         (WebCore::MediaElementSession::updateClientDataBuffering):
167         (WebCore::MediaElementSession::dataBufferingPermitted const):
168         (WebCore::MediaElementSession::wantsToObserveViewportVisibilityForAutoplay const):
169         * html/MediaElementSession.h:
170         * platform/audio/PlatformMediaSession.cpp:
171         (WebCore::PlatformMediaSession::PlatformMediaSession):
172         (WebCore::PlatformMediaSession::clientWillBeginAutoplaying):
173         (WebCore::PlatformMediaSession::clientWillBeginPlayback):
174         (WebCore::PlatformMediaSession::clientWillPausePlayback):
175         (): Deleted.
176         (WebCore::PlatformMediaSession::visibilityChanged): Deleted.
177         (WebCore::PlatformMediaSession::scheduleClientDataBufferingCheck): Deleted.
178         (WebCore::PlatformMediaSession::clientDataBufferingTimerFired): Deleted.
179         (WebCore::PlatformMediaSession::updateClientDataBuffering): Deleted.
180         (WebCore::PlatformMediaSession::isHidden const): Deleted.
181         * platform/audio/PlatformMediaSession.h:
182         (WebCore::PlatformMediaSessionClient::setShouldBufferData): Deleted.
183         (WebCore::PlatformMediaSessionClient::elementIsHidden const): Deleted.
184         * platform/audio/PlatformMediaSessionManager.cpp:
185         (WebCore::PlatformMediaSessionManager::sessionCanLoadMedia const): Deleted.
186         * platform/audio/PlatformMediaSessionManager.h:
187         * platform/audio/ios/MediaSessionManagerIOS.h:
188         * platform/audio/ios/MediaSessionManagerIOS.mm:
189         (WebCore::MediaSessionManageriOS::sessionCanLoadMedia const): Deleted.
190         * rendering/RenderVideo.cpp:
191         (WebCore::RenderVideo::willBeDestroyed):
192         * testing/Internals.cpp:
193         (WebCore::Internals::elementShouldBufferData):
194         * testing/Internals.h:
195         * testing/Internals.idl:
196
197 2018-05-15  Charles Vazac  <cvazac@gmail.com>
198
199         Add the PerformanceServerTiming Interface which makes Server-Timing header timing values available to JavaScript running in the browser.
200         https://bugs.webkit.org/show_bug.cgi?id=175569
201
202         Reviewed by Youenn Fablet.
203
204         Tests were imported from web-platform-tests: WebKit/LayoutTests/imported/w3c/web-platform-tests/server-timing/*
205
206         * Sources.txt: Added references to HeaderFieldTokenizer.cpp, ServerTiming.cpp, and ServerTimingParser.cpp.
207         * WebCore.xcodeproj/project.pbxproj: Added various files.
208         * loader/HeaderFieldTokenizer.cpp: Added.
209         (WebCore::HeaderFieldTokenizer::HeaderFieldTokenizer): Added class for tokenizing header values.
210         (WebCore::HeaderFieldTokenizer::consume): Added method to consume a specified character.
211         (WebCore::HeaderFieldTokenizer::consumeQuotedString): Added method to consume a quote-string.
212         (WebCore::HeaderFieldTokenizer::consumeToken): Added a method to consume a token.
213         (WebCore::HeaderFieldTokenizer::consumeTokenOrQuotedString): Added method to consume a quote-string or quote-string, depending on net character.
214         (WebCore::HeaderFieldTokenizer::skipSpaces): Added method to skip whitespace.
215         (WebCore::HeaderFieldTokenizer::consumeBeforeAnyCharMatch): Added method to advance the cursor up until any of a list of characters.
216         * loader/HeaderFieldTokenizer.h: Added.
217         * loader/HTTPHeaderField.cpp: Expose isTokenCharacter and isWhitespace.
218         * loader/HTTPHeaderField.h: Expose isTokenCharacter and isWhitespace.
219         * loader/PolicyChecker.cpp: Added #include so source compiled on my machine.
220         * loader/ResourceTiming.cpp:
221         (WebCore::ResourceTiming::ResourceTiming): Added call to initServerTiming to parse the header.
222         (WebCore::ResourceTiming::initServerTiming): Added method to parse the header.
223         (WebCore::ResourceTiming::populateServerTiming): Added method to populate the server timing entries on a PerformanceResourceTiming object.
224         (WebCore::ResourceTiming::isolatedCopy const): Added code to copy over the server timing entries.
225         * loader/ResourceTiming.h:
226         (WebCore::ResourceTiming::ResourceTiming): Accept collection of server timing entries in c'tor.
227         * loader/ServerTiming.cpp: Added.
228         (WebCore::ServerTiming::setParameter): Set named parameters, ignoring unrecognized or duplicates.
229         (WebCore::ServerTiming::isolatedCopy const): Return a new pointer to the object.
230         * loader/ServerTiming.h: Added.
231         (WebCore::ServerTiming::ServerTiming): Added struct for the data needed by a server timing entry.
232         (WebCore::ServerTiming::name const): Added name field of a server timing entry.
233         (WebCore::ServerTiming::duration const): Added duration field of a server timing entry.
234         (WebCore::ServerTiming::description const): Added description field of a server timing entry.
235         * loader/ServerTimingParser.cpp: Added.
236         (WebCore::ServerTimingParser::parseServerTiming): Parses the header generating a collection of server timing structs.
237         * loader/ServerTimingParser.h: Added.
238         * loader/WorkerThreadableLoader.h: Fix build.
239         * page/Performance.cpp:
240         (WebCore::Performance::addResourceTiming): Fixed a typo.
241         * page/PerformanceResourceTiming.cpp:
242         (WebCore::PerformanceResourceTiming::PerformanceResourceTiming): Given a ResourceTiming object, populate our collection of PerformanceServerTiming objects.
243         * page/PerformanceResourceTiming.h: Added serverTiming member and getter.
244         * page/PerformanceResourceTiming.idl: Added serverTiming member to interface.
245         * platform/network/HTTPHeaderNames.in: Added "Server-Timing" to the header enum.
246         * platform/network/ResourceResponseBase.cpp: Added "Server-Timing" to isSafeCrossOriginResponseHeader whitelist.
247
248 2018-05-15  Brady Eidson  <beidson@apple.com>
249
250         Fix crash after a Worker terminates but there are still IDB transactions the server is trying to open for it.
251         <rdar://problem/33744241> and https://bugs.webkit.org/show_bug.cgi?id=185653
252
253         Reviewed by Andy Estes.
254
255         Test: storage/indexeddb/modern/worker-transaction-open-after-worker-stop.html
256
257         * Modules/indexeddb/client/IDBConnectionProxy.cpp:
258         (WebCore::IDBClient::IDBConnectionProxy::didStartTransaction): It's okay to not be able to find a pending TX
259           that the server has started. e.g. When it was a WebWorker that asked for the TX but it has since terminated.
260
261 2018-05-15  Thomas Klausner  <tk@giga.or.at>
262
263         Add missing header to fix build.
264         https://bugs.webkit.org/show_bug.cgi?id=185378
265
266         Reviewed by Michael Catanzaro.
267
268         * platform/network/soup/SoupNetworkSession.h:
269
270 2018-05-15  Carlos Alberto Lopez Perez  <clopez@igalia.com>
271
272         [WPE] Build failure with RPi userland drivers and gstreamer-gl
273         https://bugs.webkit.org/show_bug.cgi?id=185639
274
275         Reviewed by Philippe Normand.
276
277         When building for the RPi with userland drivers (dispmanx) override the
278         value of GST_GL_HAVE_GLSYNC to 1 to avoid that the gstreamer-gl headers
279         try to redefine the GLsync type that is already defined in libepoxy.
280
281         Defining __gl2_h_ is also needed to avoid other conflicting type
282         definitions that happen between libepoxy and RPi GLES2 userland
283         headers when the gstreamer-gl headers are included.
284
285         The issue doesn't happen with 1.14.0, so a check for that is added
286         as well.
287
288         No new tests, no behavior change. It is a build fix.
289
290         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
291
292 2018-05-15  Michael Catanzaro  <mcatanzaro@igalia.com>
293
294         Unreviewed, rolling out r230749
295
296         This did not work as desired.
297
298         * platform/UserAgentQuirks.cpp:
299         (WebCore::urlRequiresMacintoshPlatform):
300
301 2018-05-15  Dirk Schulze  <krit@webkit.org>
302
303         Add new SVGDOM SVGFEBLEND constants
304         https://bugs.webkit.org/show_bug.cgi?id=185581
305
306         Reviewed by Simon Fraser.
307
308         Provide new SVG DOM constants for the new blend modes added to feBlend.
309
310         https://drafts.fxtf.org/filter-effects-1/#InterfaceSVGFEBlendElement
311
312         * platform/graphics/GraphicsTypes.cpp:
313         (WebCore::blendModeName):
314         * platform/graphics/GraphicsTypes.h:
315         * svg/SVGFEBlendElement.h:
316         (WebCore::SVGPropertyTraits<BlendMode>::highestEnumValue):
317         (WebCore::SVGPropertyTraits<BlendMode>::toString):
318         * svg/SVGFEBlendElement.idl:
319
320 2018-05-15  Antoine Quint  <graouts@apple.com>
321
322         [Web Animations] Expose Web Animations CSS integration as an experimental feature
323         https://bugs.webkit.org/show_bug.cgi?id=185647
324
325         Reviewed by Dean Jackson.
326
327         Make the Web Animations CSS integration flag an experimental feature, and only indicate that it is on if the Web Animations
328         experimental feature is also enabled.
329
330         * dom/Document.cpp:
331         (WebCore::Document::didBecomeCurrentDocumentInFrame):
332         (WebCore::Document::resume):
333         * dom/Element.cpp:
334         (WebCore::Element::removedFromAncestor):
335         * dom/PseudoElement.cpp:
336         (WebCore::PseudoElement::clearHostElement):
337         * history/CachedFrame.cpp:
338         (WebCore::CachedFrameBase::restore):
339         * page/Frame.cpp:
340         (WebCore::Frame::clearTimers):
341         * page/FrameView.cpp:
342         (WebCore::FrameView::didDestroyRenderTree):
343         * page/Page.cpp:
344         (WebCore::Page::handleLowModePowerChange):
345         (WebCore::Page::setIsVisibleInternal):
346         (WebCore::Page::hiddenPageCSSAnimationSuspensionStateChanged):
347         * page/RuntimeEnabledFeatures.h:
348         (WebCore::RuntimeEnabledFeatures::setWebAnimationsCSSIntegrationEnabled):
349         (WebCore::RuntimeEnabledFeatures::webAnimationsCSSIntegrationEnabled const):
350         (WebCore::RuntimeEnabledFeatures::setCSSAnimationsAndCSSTransitionsBackedByWebAnimationsEnabled): Deleted.
351         (WebCore::RuntimeEnabledFeatures::cssAnimationsAndCSSTransitionsBackedByWebAnimationsEnabled const): Deleted.
352         * rendering/RenderLayer.cpp:
353         (WebCore::RenderLayer::currentTransform const):
354         (WebCore::RenderLayer::calculateClipRects const):
355         * rendering/RenderLayerBacking.cpp:
356         (WebCore::RenderLayerBacking::updateGeometry):
357         * rendering/RenderLayerCompositor.cpp:
358         (WebCore::RenderLayerCompositor::requiresCompositingForAnimation const):
359         (WebCore::RenderLayerCompositor::isRunningTransformAnimation const):
360         * rendering/updating/RenderTreeUpdater.cpp:
361         (WebCore::RenderTreeUpdater::tearDownRenderers):
362         * style/StyleTreeResolver.cpp:
363         (WebCore::Style::TreeResolver::createAnimatedElementUpdate):
364         * testing/InternalSettings.cpp:
365         (WebCore::InternalSettings::webAnimationsCSSIntegrationEnabled):
366         (WebCore::InternalSettings::cssAnimationsAndCSSTransitionsBackedByWebAnimationsEnabled): Deleted.
367         * testing/InternalSettings.h:
368         * testing/InternalSettings.idl:
369         * testing/Internals.cpp:
370         (WebCore::Internals::numberOfActiveAnimations const):
371         (WebCore::Internals::animationsAreSuspended const):
372         (WebCore::Internals::animationsInterval const):
373         (WebCore::Internals::suspendAnimations const):
374         (WebCore::Internals::resumeAnimations const):
375
376 2018-05-15  David Kilzer  <ddkilzer@apple.com>
377
378         Fix -Wreturn-std-move warnings in WebKit found by new clang compiler
379         <https://webkit.org/b/185621>
380
381         Reviewed by Youenn Fablet.
382
383         Fix warnings like the following:
384
385             In file included from DerivedSources/WebCore/unified-sources/UnifiedSource139.cpp:5:
386             ./Modules/mediastream/PeerConnectionBackend.cpp:412:16: error: local variable 'sdp' will be copied despite being returned by name [-Werror,-Wreturn-std-move]
387                     return sdp;
388                            ^~~
389             ./Modules/mediastream/PeerConnectionBackend.cpp:412:16: note: call 'std::move' explicitly to avoid copying
390                     return sdp;
391                            ^~~
392                            std::move(sdp)
393             1 error generated.
394
395         * Modules/mediastream/PeerConnectionBackend.cpp:
396         (WebCore::PeerConnectionBackend::filterSDP const):
397         * accessibility/AccessibilityObject.cpp:
398         (WebCore::rangeClosestToRange):
399         * bindings/js/JSDOMConvertSequences.h:
400         (WebCore::Detail::GenericSequenceConverter::convert):
401         (WebCore::Detail::NumericSequenceConverter::convertArray):
402         * bindings/js/JSDOMConvertStrings.cpp:
403         (WebCore::stringToByteString):
404         (WebCore::stringToUSVString):
405         - Use WTFMove() in return statements to fix the warnings.
406
407 2018-05-14  Dean Jackson  <dino@apple.com>
408
409         Download and present System Preview
410         https://bugs.webkit.org/show_bug.cgi?id=185459
411         <rdar://problem/40079228>
412
413         Reviewed by Tim Horton.
414
415         If an <a> is a system preview, tell the resource request about it.
416
417         * html/HTMLAnchorElement.cpp:
418         (WebCore::HTMLAnchorElement::handleClick):
419
420 2018-05-15  Antti Koivisto  <antti@apple.com>
421
422         animation-play-state: paused causes very high cpu load because of style invalidation loop
423         https://bugs.webkit.org/show_bug.cgi?id=182436
424         <rdar://problem/37182562>
425
426         Reviewed by Dean Jackson.
427
428         Test: animations/animation-playstate-paused-style-resolution.html
429
430         If the style of an element with 'animation-play-state: paused' is recomputed so it stays
431         paused we would enter zero-duration animation timer loop.
432
433         * page/animation/AnimationBase.cpp:
434         (WebCore::AnimationBase::updateStateMachine):
435
436         Don't move to AnimationState::PausedWaitResponse unless we get AnimationStateInput::StyleAvailable
437         (matching the comments). Otherwise just stay in the existing paused state.
438
439         Remove AnimationStateInput::StartAnimation from assertion as the case can't happen.
440
441 2018-05-14  Youenn Fablet  <youenn@apple.com>
442
443         readableStreamDefaultControllerError should return early if stream is not readable
444         https://bugs.webkit.org/show_bug.cgi?id=185602
445
446         Reviewed by Chris Dumez.
447
448         Return early if stream is not readable in @readableStreamDefaultControllerError.
449         Update call sites to no longer check for ReadableStream state.
450         Covered by unflaked and rebased tests.
451
452         * Modules/streams/ReadableStreamDefaultController.js:
453         (error):
454         * Modules/streams/ReadableStreamInternals.js:
455         (readableStreamDefaultControllerError):
456         (readableStreamDefaultControllerCallPullIfNeeded):
457
458 2018-05-14  Zalan Bujtas  <zalan@apple.com>
459
460         [LFC] Implement width computation for non-replaced block level inflow elements.
461         https://bugs.webkit.org/show_bug.cgi?id=185641
462
463         Reviewed by Sam Weinig.
464
465         Block level inflow elements participate in block formatting context.
466
467         * layout/FormattingContext.cpp:
468         (WebCore::Layout::FormattingContext::computeWidth const):
469         * layout/FormattingContext.h:
470         * layout/blockformatting/BlockFormattingContext.cpp:
471         (WebCore::Layout::BlockFormattingContext::computeInFlowWidth const):
472         * layout/blockformatting/BlockFormattingContext.h:
473         * layout/inlineformatting/InlineFormattingContext.cpp:
474         (WebCore::Layout::InlineFormattingContext::computeInFlowWidth const):
475         * layout/inlineformatting/InlineFormattingContext.h:
476
477 2018-05-14  Wenson Hsieh  <wenson_hsieh@apple.com>
478
479         Unreviewed, fix the iOS build after r231779
480
481         Also address a minor in-person review comment by returning "extrazoom" instead of the empty string.
482
483         * page/DisabledAdaptations.cpp:
484         (WebCore::extraZoomModeAdaptationName):
485
486 2018-05-14  Zalan Bujtas  <zalan@apple.com>
487
488         [LFC] FormattingContext:computeOutOfFlowNonReplacedHeight/Width should use the computed margins/paddings/borders
489         https://bugs.webkit.org/show_bug.cgi?id=185633
490
491         Reviewed by Sam Weinig.
492
493         By the time we start computing height and width, DisplayBox should already have the computed values for margin/padding/border.
494
495         * layout/FormattingContext.cpp:
496         (WebCore::Layout::FormattingContext::computeOutOfFlowNonReplacedHeight const):
497         (WebCore::Layout::FormattingContext::computeOutOfFlowNonReplacedWidth const):
498         * layout/displaytree/DisplayBox.h:
499         (WebCore::Display::Box::paddingTop const):
500         (WebCore::Display::Box::paddingLeft const):
501         (WebCore::Display::Box::paddingBottom const):
502         (WebCore::Display::Box::paddingRight const):
503         (WebCore::Display::Box::borderTop const):
504         (WebCore::Display::Box::borderLeft const):
505         (WebCore::Display::Box::borderBottom const):
506         (WebCore::Display::Box::borderRight const):
507
508 2018-05-14  Wenson Hsieh  <wenson_hsieh@apple.com>
509
510         [Extra zoom mode] Google search results are excessively zoomed in
511         https://bugs.webkit.org/show_bug.cgi?id=185347
512         <rdar://problem/39999778>
513
514         Reviewed by Tim Horton.
515
516         It turns out that basing minimum layout size and shrink-to-fit behaviors off of the `shrink-to-fit` viewport
517         argument poses compatibility risks with web pages that already specify `shrink-to-fit` to opt out of default
518         viewport shrinking behaviors in 1/3 multitasking mode on iPad.
519
520         One way to resolve this is to introduce a new viewport meta content attribute to disable viewport heuristics in
521         extra zoom mode. However, combined shrink-to-fit and minimum device width behaviors are difficult to describe
522         using a single backwards-compatible viewport meta content attribute, and the need to suppress the default
523         behavior of `shrink-to-fit=no` if such an attribute is not disabled further muddles our viewport story.
524
525         After some internal deliberation, we’ve decided to experiment with a new meta tag named "disabled-adaptations".
526         The content of this meta tag is a comma-separated list of adaptation names; if an adaptation name matches a
527         known adaptation type (for instance, extra zoom mode), we disable the class of behaviors used to adapt web
528         content. The first and only known adaptation type is extra zoom mode, which affects `shrink-to-fit` and layout
529         size adjustments.
530
531         See per-method changes below for more details.
532
533         Test: fast/viewport/extrazoom/viewport-disable-extra-zoom-adaptations.html
534
535         * Sources.txt:
536         * WebCore.xcodeproj/project.pbxproj:
537         * dom/Document.cpp:
538         (WebCore::Document::processDisabledAdaptations):
539         * dom/Document.h:
540         (WebCore::Document::disabledAdaptations const):
541
542         Add disabled adaptations to Document. Changes to disabled adaptations are not propagated if the parsed disabled
543         adaptation types don't change; upon changing adaptation types, notify the client to adjust for the new disabled
544         adaptations (currently, this only affects the viewport configuration).
545
546         * dom/ViewportArguments.h:
547         * html/HTMLMetaElement.cpp:
548         (WebCore::HTMLMetaElement::process):
549         * html/parser/HTMLPreloadScanner.cpp:
550         (WebCore::TokenPreloadScanner::StartTagScanner::StartTagScanner):
551         (WebCore::TokenPreloadScanner::StartTagScanner::processAttributes):
552         (WebCore::TokenPreloadScanner::StartTagScanner::processAttribute):
553         * loader/FrameLoader.cpp:
554         (WebCore::FrameLoader::commitProvisionalLoad):
555
556         Restore the set of disabled adaptations when restoring a page from the cache.
557
558         * page/Chrome.cpp:
559         (WebCore::Chrome::dispatchDisabledAdaptationsDidChange const):
560         * page/Chrome.h:
561         * page/ChromeClient.h:
562
563         Add plumbing for changes to the set of disabled adaptations.
564
565         * page/DisabledAdaptations.cpp: Added.
566         (WebCore::extraZoomModeAdaptationName):
567         * page/DisabledAdaptations.h: Added.
568
569         Introduce a header containing a new enum for the extra zoom mode adaptation, as well as a helper function to
570         return the extra zoom mode adaptation name.
571
572         * page/Page.cpp:
573         (WebCore::Page::disabledAdaptations const):
574
575         Returns the mainframe's set of adaptations to disable.
576
577         * page/Page.h:
578         * page/RemoteFrame.h:
579         * page/RuntimeEnabledFeatures.h:
580         (WebCore::RuntimeEnabledFeatures::setDisabledAdaptationsMetaTagEnabled):
581         (WebCore::RuntimeEnabledFeatures::disabledAdaptationsMetaTagEnabled const):
582
583         Add a new runtime feature to gate handling the "disabled-adaptations" meta tag.
584
585         * page/ViewportConfiguration.cpp:
586         (WebCore::shouldOverrideShrinkToFitArgument):
587         (WebCore::needsUpdateAfterChangingDisabledAdaptations):
588         (WebCore::ViewportConfiguration::setDisabledAdaptations):
589         (WebCore::ViewportConfiguration::shouldOverrideDeviceWidthAndShrinkToFit const):
590
591         Consult whether or not extra zoom mode adaptations are disabled, instead of the shrink-to-fit attribute value.
592
593         (WebCore::ViewportConfiguration::updateConfiguration):
594         * page/ViewportConfiguration.h:
595
596         Add an OptionSet of disabled adaptation types to ViewportConfiguration. Updates to the adaptation type are
597         propagated to the ViewportConfiguration from Document, through the ChromeClient and the client layer (refer to
598         changes in WebKit). Once the OptionSet is changed, we recompute the viewport configuration only if needed by the
599         platform.
600
601         (WebCore::ViewportConfiguration::viewLayoutSize const):
602         (WebCore::ViewportConfiguration::disabledAdaptations const):
603         * page/WindowFeatures.cpp:
604         (WebCore::parseDisabledAdaptations):
605         * page/WindowFeatures.h:
606
607         Add a new helper to parse the meta content of a "disabled-adaptations" tag as an OptionSet of disabled
608         adaptation types. The string is parsed by first splitting on the comma character, and then iterating over lower
609         case, whitespace-stripped tokens to look for known adaptation names. So far, only extra zoom mode is supported.
610
611         * testing/Internals.cpp:
612         (WebCore::Internals::extraZoomModeAdaptationName const):
613         * testing/Internals.h:
614         * testing/Internals.idl:
615
616         Expose the extra zoom mode adaptation name to the DOM, only when running layout tests.
617
618 2018-05-14  Joanmarie Diggs  <jdiggs@igalia.com>
619
620         AX: Listbox and Combobox roles embedded in labels should participate in name calculation
621         https://bugs.webkit.org/show_bug.cgi?id=185521
622
623         Reviewed by Chris Fleizach.
624
625         Take selected children into account when computing the name in accessibleNameForNode.
626         Add ListBox to the roles for which accessibleNameDerivesFromContent returns false so
627         that native select elements with size > 1 are treated the same way as ARIA listbox.
628         Also add ListBox to the roles which are treated as controls when used in ARIA. Finally,
629         prevent labels which contain unrelated controls from being used as an AXTitleUIElement.
630         This causes us to build a string from the label and its descendants, ensuring the latter
631         participate in the name calculation.
632
633         Test: accessibility/text-alternative-calculation-from-listbox.html
634
635         * accessibility/AccessibilityLabel.cpp:
636         (WebCore::childrenContainUnrelatedControls):
637         (WebCore::AccessibilityLabel::containsUnrelatedControls const):
638         * accessibility/AccessibilityLabel.h:
639         * accessibility/AccessibilityNodeObject.cpp:
640         (WebCore::accessibleNameForNode):
641         * accessibility/AccessibilityObject.cpp:
642         (WebCore::AccessibilityObject::accessibleNameDerivesFromContent const):
643         (WebCore::AccessibilityObject::isARIAControl):
644         * accessibility/AccessibilityRenderObject.cpp:
645         (WebCore::AccessibilityRenderObject::exposesTitleUIElement const):
646         (WebCore::AccessibilityRenderObject::computeAccessibilityIsIgnored const):
647
648 2018-05-14  Antoine Quint  <graouts@apple.com>
649
650         [Web Animations] Tests using the new animation engine may crash under WebCore::FrameView::didDestroyRenderTree when using internals methods
651         https://bugs.webkit.org/show_bug.cgi?id=185612
652         <rdar://problem/39579344>
653
654         Reviewed by Dean Jackson.
655
656         Add a new internals.pseudoElement() method to obtain a pseudo element matching a given pseudo-id. This is necessary to be able to move off
657         internals.pauseTransitionAtTimeOnPseudoElement() and internals.pauseAnimationAtTimeOnPseudoElement() for Web Animations testing.
658
659         * testing/Internals.cpp:
660         (WebCore::Internals::pseudoElement):
661         * testing/Internals.h:
662         * testing/Internals.idl:
663
664 2018-05-14  Antoine Quint  <graouts@apple.com>
665
666         REGRESSION (r230574): Interrupted hardware transitions don't behave correctly
667         https://bugs.webkit.org/show_bug.cgi?id=185299
668         <rdar://problem/39630230>
669
670         Reviewed by Simon Fraser.
671
672         In r230574, the fix for webkit.org/b/184518, we changed the processing order in GraphicsLayerCA::updateAnimations() to first
673         process m_uncomittedAnimations and then m_animationsToProcess, so we are guaranteed animations exist before we attempt to pause
674         or seek them. This broke interrupting and resuming hardware animations (such as an interrupted CSS Transition or an animation
675         running in a non-visible tab) since a pause operation recorded _before_ an animation was added would be paused anyway since
676         the animation was now first added, and then paused. The fix is simply to clear any pending AnimationProcessingAction for a
677         newly-uncommitted animation.
678
679         Test: transitions/interrupted-transition-hardware.html
680
681         * platform/graphics/ca/GraphicsLayerCA.cpp:
682         (WebCore::GraphicsLayerCA::createAnimationFromKeyframes):
683         (WebCore::GraphicsLayerCA::appendToUncommittedAnimations):
684         (WebCore::GraphicsLayerCA::createTransformAnimationsFromKeyframes):
685         * platform/graphics/ca/GraphicsLayerCA.h:
686         (WebCore::GraphicsLayerCA::LayerPropertyAnimation::LayerPropertyAnimation):
687
688 2018-05-14  Thibault Saunier  <tsaunier@igalia.com>
689
690         [GStreamer] Fix style issue in MediaPlayerPrivateGStreamerBase
691         https://bugs.webkit.org/show_bug.cgi?id=185510
692
693         Reviewed by Philippe Normand.
694
695         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:629:  More than one command on the same line  [whitespace/newline] [4]
696         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:684:  More than one command on the same line  [whitespace/newline] [4]
697         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:807:  More than one command on the same line  [whitespace/newline] [4]
698
699         Indentation and style issue fixed only.
700
701         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
702         (WebCore::MediaPlayerPrivateGStreamerBase::volumeChangedCallback):
703         (WebCore::MediaPlayerPrivateGStreamerBase::muteChangedCallback):
704         (WebCore::MediaPlayerPrivateGStreamerBase::triggerRepaint):
705
706 2018-05-14  Zalan Bujtas  <zalan@apple.com>
707
708         [LFC] Implement height computation for non-replaced out of flow elements.
709         https://bugs.webkit.org/show_bug.cgi?id=185585
710
711         Reviewed by Antti Koivisto.
712
713         * layout/FormattingContext.cpp:
714         (WebCore::Layout::FormattingContext::computeHeight const):
715         (WebCore::Layout::FormattingContext::computeOutOfFlowHeight const):
716         (WebCore::Layout::FormattingContext::layoutOutOfFlowDescendants const):
717         (WebCore::Layout::FormattingContext::computeOutOfFlowNonReplacedHeight const):
718         (WebCore::Layout::FormattingContext::computeHeightForBlockFormattingContextRootWithAutoHeight const):
719         * layout/FormattingContext.h:
720         * layout/blockformatting/BlockFormattingContext.h:
721         * layout/displaytree/DisplayBox.h:
722
723 2018-05-14  Manuel Rego Casasnovas  <rego@igalia.com>
724
725         Renaming of overrides in LayoutBox
726         https://bugs.webkit.org/show_bug.cgi?id=185609
727
728         Reviewed by Javier Fernandez.
729
730         The names of the methods for the overrides were not consistent,
731         this patch fixes it by using the same structure in all the cases.
732
733         No new tests, no change of behavior.
734
735         * rendering/GridLayoutFunctions.cpp:
736         (WebCore::GridLayoutFunctions::hasOverrideContainingBlockContentSizeForChild):
737         * rendering/GridTrackSizingAlgorithm.cpp:
738         (WebCore::GridTrackSizingAlgorithmStrategy::logicalHeightForChild const):
739         * rendering/RenderBlock.cpp:
740         (WebCore::RenderBlock::computeChildPreferredLogicalWidths const):
741         (WebCore::RenderBlock::availableLogicalHeightForPercentageComputation const):
742         * rendering/RenderBlockFlow.cpp:
743         (WebCore::RenderBlockFlow::fitBorderToLinesIfNeeded):
744         * rendering/RenderBlockLineLayout.cpp:
745         (WebCore::RenderBlockFlow::updateRubyForJustifiedText):
746         * rendering/RenderBox.cpp:
747         (WebCore::RenderBox::willBeDestroyed):
748         (WebCore::RenderBox::hasOverrideContentLogicalHeight const):
749         (WebCore::RenderBox::hasOverrideContentLogicalWidth const):
750         (WebCore::RenderBox::setOverrideContentLogicalHeight):
751         (WebCore::RenderBox::setOverrideContentLogicalWidth):
752         (WebCore::RenderBox::clearOverrideContentLogicalHeight):
753         (WebCore::RenderBox::clearOverrideContentLogicalWidth):
754         (WebCore::RenderBox::clearOverrideContentSize):
755         (WebCore::RenderBox::overrideContentLogicalWidth const):
756         (WebCore::RenderBox::overrideContentLogicalHeight const):
757         (WebCore::RenderBox::overrideContainingBlockContentLogicalWidth const):
758         (WebCore::RenderBox::overrideContainingBlockContentLogicalHeight const):
759         (WebCore::RenderBox::hasOverrideContainingBlockContentLogicalWidth const):
760         (WebCore::RenderBox::hasOverrideContainingBlockContentLogicalHeight const):
761         (WebCore::RenderBox::setOverrideContainingBlockContentLogicalWidth):
762         (WebCore::RenderBox::setOverrideContainingBlockContentLogicalHeight):
763         (WebCore::RenderBox::clearOverrideContainingBlockContentSize):
764         (WebCore::RenderBox::clearOverrideContainingBlockContentLogicalHeight):
765         (WebCore::RenderBox::containingBlockLogicalWidthForContent const):
766         (WebCore::RenderBox::containingBlockLogicalHeightForContent const):
767         (WebCore::RenderBox::perpendicularContainingBlockLogicalHeight const):
768         (WebCore::RenderBox::computeLogicalWidthInFragment const):
769         (WebCore::RenderBox::computeLogicalHeight const):
770         (WebCore::RenderBox::computePercentageLogicalHeight const):
771         (WebCore::RenderBox::computeReplacedLogicalHeightUsing const):
772         (WebCore::RenderBox::availableLogicalHeightUsing const):
773         (WebCore::RenderBox::containingBlockLogicalWidthForPositioned const):
774         (WebCore::RenderBox::containingBlockLogicalHeightForPositioned const):
775         * rendering/RenderBox.h:
776         * rendering/RenderBoxModelObject.cpp:
777         (WebCore::RenderBoxModelObject::hasAutoHeightOrContainingBlockWithAutoHeight const):
778         * rendering/RenderDeprecatedFlexibleBox.cpp:
779         (WebCore::contentWidthForChild):
780         (WebCore::contentHeightForChild):
781         (WebCore::gatherFlexChildrenInfo):
782         (WebCore::RenderDeprecatedFlexibleBox::layoutHorizontalBox):
783         (WebCore::RenderDeprecatedFlexibleBox::layoutVerticalBox):
784         (WebCore::RenderDeprecatedFlexibleBox::applyLineClamp):
785         (WebCore::RenderDeprecatedFlexibleBox::clearLineClamp):
786         * rendering/RenderFlexibleBox.cpp:
787         (WebCore::RenderFlexibleBox::computeInnerFlexBaseSizeForChild):
788         (WebCore::RenderFlexibleBox::crossSizeForPercentageResolution):
789         (WebCore::RenderFlexibleBox::mainSizeForPercentageResolution):
790         (WebCore::RenderFlexibleBox::constructFlexItem):
791         (WebCore::RenderFlexibleBox::setOverrideMainAxisContentSizeForChild):
792         (WebCore::RenderFlexibleBox::applyStretchAlignmentToChild):
793         * rendering/RenderFullScreen.cpp:
794         (WebCore::RenderFullScreen::unwrapRenderer):
795         * rendering/RenderGrid.cpp:
796         (WebCore::RenderGrid::layoutBlock):
797         (WebCore::RenderGrid::layoutGridItems):
798         (WebCore::RenderGrid::applyStretchAlignmentToChildIfNeeded):
799         * rendering/RenderRubyBase.cpp:
800         (WebCore::RenderRubyBase::adjustInlineDirectionLineBounds const):
801         * rendering/RenderTableCell.cpp:
802         (WebCore::RenderTableCell::setOverrideContentLogicalHeightFromRowHeight):
803         * rendering/RenderTableCell.h:
804         * rendering/RenderTableSection.cpp:
805         (WebCore::RenderTableSection::calcRowLogicalHeight):
806         (WebCore::RenderTableSection::relayoutCellIfFlexed):
807
808 2018-05-14  Zalan Bujtas  <zalan@apple.com>
809
810         [LFC] Implement width computation for non-replaced out of flow elements.
811         https://bugs.webkit.org/show_bug.cgi?id=185598
812
813         Reviewed by Antti Koivisto.
814
815         * layout/FormattingContext.cpp:
816         (WebCore::Layout::FormattingContext::computeWidth const):
817         (WebCore::Layout::FormattingContext::computeOutOfFlowWidth const):
818         (WebCore::Layout::FormattingContext::layoutOutOfFlowDescendants const):
819         (WebCore::Layout::FormattingContext::computeOutOfFlowNonReplacedWidth const):
820         (WebCore::Layout::FormattingContext::shrinkToFitWidth const):
821         * layout/FormattingContext.h:
822         * layout/blockformatting/BlockFormattingContext.cpp:
823         (WebCore::Layout::BlockFormattingContext::layout const):
824         * layout/displaytree/DisplayBox.h:
825
826 2018-05-14  Zan Dobersek  <zdobersek@igalia.com>
827
828         Drop the m_compositorTexture member variable in TextureMapperGC3DPlatformLayer.
829         It's not used at all inside the class or outside it.
830
831         Rubber-stamped by Michael Catanzaro.
832
833         * platform/graphics/texmap/TextureMapperGC3DPlatformLayer.h:
834
835 2018-05-14  Zan Dobersek  <zdobersek@igalia.com>
836
837         [GTK] REGRESSION(r231170) Build broken with Clang 5.0
838         https://bugs.webkit.org/show_bug.cgi?id=185198
839
840         Reviewed by Michael Catanzaro.
841
842         Avoid gperf files using the register keyword which has been made
843         reserved and as such unusable in C++17.
844
845         * css/makeSelectorPseudoClassAndCompatibilityElementMap.py:
846         * css/makeSelectorPseudoElementsMap.py:
847         * css/makeprop.pl:
848         * css/makevalues.pl:
849         * platform/ColorData.gperf:
850         * platform/ReferrerPolicy.h: With std::optional forward declaration
851         gone, explicitly include the WTF Optional.h header.
852         * platform/Theme.h: Ditto.
853         * platform/network/create-http-header-name-table:
854
855 2018-05-14  Commit Queue  <commit-queue@webkit.org>
856
857         Unreviewed, rolling out r219515.
858         https://bugs.webkit.org/show_bug.cgi?id=185603
859
860         It sometimes makes AudioUnitInitialize call to fail in
861         CoreAudioCaptureSource (Requested by youenn on #webkit).
862
863         Reverted changeset:
864
865         "Remove CoreAudioCaptureSource speaker configuration"
866         https://bugs.webkit.org/show_bug.cgi?id=174512
867         https://trac.webkit.org/changeset/219515
868
869 2018-05-13  Dirk Schulze  <krit@webkit.org>
870
871         Implement SVGGeometryElement's isPointInFill and isPointInStroke
872         https://bugs.webkit.org/show_bug.cgi?id=185580
873
874         Reviewed by Antti Koivisto.
875
876         Implement isPointInFill and isPointInStroke methods for
877         SVGGeometryElement interface from SVG2.
878
879         https://svgwg.org/svg2-draft/types.html#InterfaceSVGGeometryElement
880
881         Tests: svg/dom/SVGGeometry-isPointInFill.xhtml
882                svg/dom/SVGGeometry-isPointInStroke.xhtml
883
884         * rendering/svg/RenderSVGEllipse.cpp:
885         (WebCore::RenderSVGEllipse::shapeDependentStrokeContains): Flag
886                 to switch between local and "global" coordinate space for hit testing.
887         * rendering/svg/RenderSVGEllipse.h:
888         * rendering/svg/RenderSVGPath.cpp:
889         (WebCore::RenderSVGPath::shapeDependentStrokeContains): Flag
890                 to switch between local and "global" coordinate space for hit testing.
891         * rendering/svg/RenderSVGPath.h:
892         * rendering/svg/RenderSVGRect.cpp:
893         (WebCore::RenderSVGRect::shapeDependentStrokeContains): Flag
894                 to switch between local and "global" coordinate space for hit testing.
895         * rendering/svg/RenderSVGRect.h:
896         * rendering/svg/RenderSVGShape.cpp:
897         (WebCore::RenderSVGShape::shapeDependentStrokeContains): Flag
898                 to switch between local and "global" coordinate space for hit testing.
899         (WebCore::RenderSVGShape::isPointInFill): Take the winding rule given by
900                 `fill-rule` to test if a given point is in the fill area of a path.
901         (WebCore::RenderSVGShape::isPointInStroke): Take stroke properties into
902                 account to check if a point is on top of the stroke area.
903         * rendering/svg/RenderSVGShape.h:
904         * svg/SVGGeometryElement.cpp:
905         (WebCore::SVGGeometryElement::isPointInFill):
906         (WebCore::SVGGeometryElement::isPointInStroke):
907         (WebCore::SVGGeometryElement::createElementRenderer): Deleted. This is getting implemented
908                 by inheriting classes. No need to create RenderSVGPath here.
909         * svg/SVGGeometryElement.h:
910         * svg/SVGGeometryElement.idl:
911
912 2018-05-12  Zalan Bujtas  <zalan@apple.com>
913
914         Use WeakPtr for m_enclosingPaginationLayer in RenderLayer
915         https://bugs.webkit.org/show_bug.cgi?id=185566
916         <rdar://problem/36486052>
917
918         Reviewed by Simon Fraser.
919
920         Since RenderLayer does not own the enclosing pagination layout, it should
921         construct a weak pointer instead of holding on to a raw pointer.
922
923         Unable to create a reliably reproducible test case.
924
925         * page/mac/EventHandlerMac.mm:
926         (WebCore::scrollableAreaForEventTarget):
927         (WebCore::scrollableAreaForContainerNode):
928         (WebCore::EventHandler::platformPrepareForWheelEvents):
929         * platform/ScrollableArea.h:
930         (WebCore::ScrollableArea::weakPtrFactory const):
931         (WebCore::ScrollableArea::createWeakPtr): Deleted.
932         * rendering/RenderLayer.cpp:
933         (WebCore::RenderLayer::RenderLayer):
934         (WebCore::RenderLayer::updatePagination):
935         * rendering/RenderLayer.h:
936
937 2018-05-11  Daniel Bates  <dabates@apple.com>
938
939         X-Frame-Options: SAMEORIGIN needs to check all ancestor frames
940         https://bugs.webkit.org/show_bug.cgi?id=185567
941         <rdar://problem/40175008>
942
943         Reviewed by Brent Fulgham.
944
945         Change the behavior of "X-Frame-Options: SAMEORIGIN" to ensure that all ancestors frames
946         are same-origin with the document that delivered this header. This prevents an intermediary
947         malicious frame from clickjacking a child frame whose document is same-origin with the top-
948         level frame. It also makes the behavior of X-Frame-Options in WebKit more closely match
949         the behavior of X-Frame-Options in other browsers, including Chrome and Firefox.
950         
951         Currently a document delivered with "X-Frame-Options: SAMEORIGIN" must only be same-origin
952         with the top-level frame's document in order to be displayed. This prevents clickjacking by
953         a malicious page that embeds a page delivered with "X-Frame-Options: SAMEORIGIN". However,
954         it does not protect against clickjacking of the "X-Frame-Options: SAMEORIGIN" page (victim)
955         if embedded by an intermediate malicious iframe, say a "rogue ad", that was embedded in a
956         document same origin with the victim page. We should protect against such attacks. 
957
958         Tests: http/tests/security/XFrameOptions/x-frame-options-ancestors-same-origin-allow.html
959                http/tests/security/XFrameOptions/x-frame-options-ancestors-same-origin-deny.html
960
961         * loader/FrameLoader.cpp:
962         (WebCore::FrameLoader::shouldInterruptLoadForXFrameOptions):
963
964 2018-05-11  Daniel Bates  <dabates@apple.com>
965
966         [iOS] Text decoration of dragged content does not paint with opacity
967         https://bugs.webkit.org/show_bug.cgi?id=185551
968         <rdar://problem/40166867>
969
970         Reviewed by Wenson Hsieh.
971
972         Respect alpha when painting the text decoration for dragged content.
973
974         * rendering/InlineTextBox.cpp:
975         (WebCore::InlineTextBox::MarkedTextStyle::areDecorationMarkedTextStylesEqual): Consider alpha when
976         comparing decoration styles for equality so that we do not coalesce styles with differing alpha.
977         (WebCore::InlineTextBox::paintMarkedTextDecoration): Respect alpha when painting dragged content.
978
979 2018-05-11  Nan Wang  <n_wang@apple.com>
980
981         AX: In role=dialog elements with aria-modal=true VoiceOver iOS/macOS can't manually focus or read dialog paragraph description text inside the modal.
982         https://bugs.webkit.org/show_bug.cgi?id=185219
983         <rdar://problem/39920009>
984
985         Reviewed by Chris Fleizach.
986
987         The text node descendants of a modal dialog are ignored. Fixed it by using AccessibilityObject's 
988         node() to determine if it's the descendant of the modal dialog node.
989
990         Test: accessibility/aria-modal-text-descendants.html
991
992         * accessibility/AccessibilityObject.cpp:
993         (WebCore::AccessibilityObject::isModalDescendant const):
994
995 2018-05-11  Ryosuke Niwa  <rniwa@webkit.org>
996
997         Tapping after CSS-based table casues an infinite loop in wordRangeFromPosition
998         https://bugs.webkit.org/show_bug.cgi?id=185465
999         <rdar://problem/35263057>
1000
1001         Reviewed by Antti Koivisto.
1002
1003         The bug was caused by TextIterator not emitting a line break when exiting a CSS-based table when an element
1004         with `display: table-row` has an invisible text node. Specifically, TextIterator::exitNode is never called on
1005         an element with `table-cell: row` when m_node is a text node with whitespaces which appears after an element
1006         with `display: table-cell`.
1007
1008         For example, for a tree structure like:
1009         table-row (R)
1010           table-cell (C)
1011             "text" (1)
1012           " " (2)
1013         Getting out of (C) would result in moving onto (2) without generating a line break for (R).
1014
1015         When this happens in nextBoundary as it tries to find the end of the last word in the table cell, we end up
1016         finding the end of the document as the end of the word. As a result, nextWordBoundaryInDirection, the caller
1017         of nextBoundary, ends up infinite looping between the positon at the end of the document and the position
1018         immediately before the last word in the last table cell when it traverses words backwards.
1019
1020         This patch fixes the hang by addressing this root cause in TextIterator. Namely, TextIterator now generates
1021         a line break when exiting a block while walking up ancestors in TextIterator::advance().
1022
1023         Tests: editing/selection/tapping-in-table-at-end-of-document.html
1024                editing/text-iterator/table-at-end-of-document.html
1025
1026         * editing/TextIterator.cpp:
1027         (WebCore::TextIterator::advance): Fixed the bug.
1028         (WebCore::shouldEmitNewlineAfterNode): Do generate a new line at the end of a document when we're trying to
1029         generate every visible poitions even there are no renderers beyond this point. e.g. a position inside the
1030         last cell of a table at the end of a document hits this condition.
1031         (WebCore::shouldEmitExtraNewlineForNode): Don't emit a line break when the render box's height is 0px
1032         to avoid generating many empty lines for empty paragraph and header elements (this function is used to generate
1033         a blank line between p's and h1/h2/...'s).
1034         (WebCore::TextIterator::exitNode):
1035
1036 2018-05-11  Dean Jackson  <dino@apple.com>
1037
1038         System preview badge doesn't show on <picture> elements
1039         https://bugs.webkit.org/show_bug.cgi?id=185559
1040         <rdar://problem/40150066>
1041
1042         Reviewed by Tim Horton.
1043
1044         We should also identify <img>s that are the child of a <picture>
1045         contained inside the appropriate <a> element.
1046
1047         Tested internally, since the badge is platform specific.
1048
1049         * html/HTMLImageElement.cpp:
1050         (WebCore::HTMLImageElement::isSystemPreviewImage const): Add logic
1051         to look for <picture> parents.
1052
1053 2018-05-11  Chris Dumez  <cdumez@apple.com>
1054
1055         REGRESSION (async policy delegate): Revoking an object URL immediately after triggering download breaks file download
1056         https://bugs.webkit.org/show_bug.cgi?id=185531
1057         <rdar://problem/39909589>
1058
1059         Reviewed by Geoffrey Garen.
1060
1061         Whenever we start an asynchronous navigation policy decision for a blob URL, create a temporary
1062         blob URL pointing to the same data, and update the request's URL. This way, if the page's JS revokes
1063         the URL during the policy decision, the load will still succeed.
1064
1065         Test: fast/dom/HTMLAnchorElement/anchor-file-blob-download-then-revoke.html
1066
1067         * loader/DocumentLoader.cpp:
1068         (WebCore::DocumentLoader::willSendRequest):
1069         * loader/FrameLoader.cpp:
1070         (WebCore::FrameLoader::loadURL):
1071         (WebCore::FrameLoader::load):
1072         (WebCore::FrameLoader::loadPostRequest):
1073         * loader/PolicyChecker.cpp:
1074         (WebCore::PolicyChecker::extendBlobURLLifetimeIfNecessary const):
1075         (WebCore::PolicyChecker::checkNavigationPolicy):
1076         (WebCore::PolicyChecker::checkNewWindowPolicy):
1077         * loader/PolicyChecker.h:
1078
1079 2018-05-11  Antti Koivisto  <antti@apple.com>
1080
1081         LinkLoader fails to remove CachedResourceClient in some cases
1082         https://bugs.webkit.org/show_bug.cgi?id=185553
1083         <rdar://problem/36879656>
1084
1085         Reviewed by Geoffrey Garen.
1086
1087         Test: http/tests/preload/link-preload-client-remove.html
1088
1089         * loader/LinkLoader.cpp:
1090         (WebCore::LinkLoader::loadLink):
1091
1092         If there is a link preload already in progress, we fail to clear the client for the ongoing load.
1093         This may leave the CachedResource client map in a bad state.
1094
1095 2018-05-11  Charles Vazac  <cvazac@gmail.com>
1096
1097         Runtime feature flag for Server-Timing
1098         https://bugs.webkit.org/show_bug.cgi?id=184758
1099
1100         Reviewed by Youenn Fablet.
1101
1102         * Source/WebCore/CMakeLists.txt: Added reference to PerformanceServerTiming.idl.
1103         * Source/WebCore/DerivedSources.make: Added reference to PerformanceServerTiming.idl.
1104         * Source/WebCore/Sources.txt: Added reference to PerformanceServerTiming.cpp and JSPerformanceServerTiming.cpp.
1105         * Source/WebCore/WebCore.xcodeproj/project.pbxproj: Added references to PerformanceServerTiming.cpp, PerformanceServerTiming.h, and PerformanceServerTiming.idl.
1106         * Source/WebCore/bindings/js/WebCoreBuiltinNames.h: Added PerformanceServerTiming.
1107         * Source/WebCore/page/PerformanceResourceTiming.h: Added serverTiming member.
1108         * Source/WebCore/page/PerformanceResourceTiming.idl: Added serverTiming attribute.
1109         * Source/WebCore/page/PerformanceServerTiming.cpp: Added.
1110         * Source/WebCore/page/PerformanceServerTiming.h: Added.
1111         * Source/WebCore/page/PerformanceServerTiming.idl: Added.
1112
1113 2018-05-11  Brady Eidson  <beidson@apple.com>
1114
1115         Make sure history navigations reuse the existing process when necessary.
1116         <rdar://problem/39746516> and https://bugs.webkit.org/show_bug.cgi?id=185532
1117
1118         Reviewed by Ryosuke Niwa.
1119
1120         Covered by new API tests.
1121
1122         In WebCore-land, make sure *all* NavigationActions to a back/forward item are tagged with
1123         the item identifier.
1124
1125         * history/HistoryItem.cpp:
1126         (WebCore::HistoryItem::HistoryItem):
1127         (WebCore::HistoryItem::logString const):
1128         * history/HistoryItem.h:
1129
1130         * loader/FrameLoader.cpp:
1131         (WebCore::FrameLoader::loadDifferentDocumentItem):
1132
1133         * loader/NavigationAction.cpp:
1134         (WebCore::NavigationAction::setTargetBackForwardItem):
1135
1136         * loader/NavigationAction.h:
1137         (WebCore::NavigationAction::targetBackForwardItemIdentifier const):
1138
1139 2018-05-11  Yacine Bandou  <yacine.bandou_ext@softathome.com>
1140
1141         [EME][GStreamer] Handle the protection event in MediaPlayerPrivate
1142         https://bugs.webkit.org/show_bug.cgi?id=185535
1143
1144         Reviewed by Xabier Rodriguez-Calvar.
1145
1146         This patch is based on this calvaris's commit
1147         https://github.com/WebPlatformForEmbedded/WPEWebKit/commit/d966168b0d2b65f9ca9415426e26d3752c78b03e
1148
1149         It adds a handler for the protection event in MediaPalyerPrivateGStreamerBase, it extracts the InitData from the event
1150         and sends the encrypted event to JS via HTMLMediaElement.
1151         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
1152         (WebCore::MediaPlayerPrivateGStreamerBase::initializationDataEncountered):
1153         (WebCore::MediaPlayerPrivateGStreamerBase::handleProtectionEvent):
1154         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
1155         * platform/graphics/gstreamer/eme/GStreamerEMEUtilities.h: Add a new type InitData.
1156
1157 2018-05-11  Basuke Suzuki  <Basuke.Suzuki@sony.com>
1158
1159         [Curl] Make the cipher suites, the signing algorithms and the curve lists configurable.
1160         https://bugs.webkit.org/show_bug.cgi?id=185139
1161
1162         Add interface to configure the cipher suites, the signing algorithms and the curve lists 
1163         used by OpenSSL and libcurl to exchange, to sign or to verify keys.
1164
1165         Reviewed by Youenn Fablet.
1166
1167         No new tests in public. Have tested internally.
1168
1169         * platform/network/curl/CurlContext.cpp:
1170         (WebCore::CurlHandle::setSslCipherList):
1171         * platform/network/curl/CurlContext.h:
1172         * platform/network/curl/CurlRequest.cpp:
1173         (WebCore::CurlRequest::setupTransfer):
1174         (WebCore::CurlRequest::willSetupSslCtx):
1175         * platform/network/curl/CurlSSLHandle.cpp:
1176         (WebCore::CurlSSLHandle::getCACertPathEnv):
1177         * platform/network/curl/CurlSSLHandle.h:
1178         (WebCore::CurlSSLHandle::getCipherList const):
1179         (WebCore::CurlSSLHandle::getSignatureAlgorithmsList const):
1180         (WebCore::CurlSSLHandle::getCurvesList const):
1181         (WebCore::CurlSSLHandle::setCipherList):
1182         (WebCore::CurlSSLHandle::setSignatureAlgorithmsList):
1183         (WebCore::CurlSSLHandle::setCurvesList):
1184         (WebCore::CurlSSLHandle::getCACertPath const):
1185         (WebCore::CurlSSLHandle::setCACertPath):
1186         * platform/network/curl/CurlSSLVerifier.cpp:
1187         (WebCore::CurlSSLVerifier::CurlSSLVerifier):
1188
1189 2018-05-10  Daniel Bates  <dabates@apple.com>
1190
1191         Use PlatformStrategies to switch between WebKit and WebKitLegacy checking of CSP frame-ancestors and X-Frame-Options
1192         https://bugs.webkit.org/show_bug.cgi?id=185412
1193
1194         Reviewed by Ryosuke Niwa.
1195
1196         Consolidate the knowledge on how to determine whether security checks were performed on a ResourceResponse
1197         into LoaderStrategy::havePerformedSecurityChecks() (default implementation returns false) and query it
1198         to determine whether CSP frame-ancestors and X-Frame-Options need to be checked for a ResourceResponse.
1199
1200         Additionally, rename LoaderStrategy::isDoingLoadingSecurityChecks() to shouldPerformSecurityChecks()
1201         for consistency with havePerformedSecurityChecks(). Querying shouldPerformSecurityChecks() answers the
1202         question of whether the loader strategy is responsible for performing security checks when building up
1203         a ResourceRequest to have the loader strategy load. And LoaderStrategy::havePerformedSecurityChecks()
1204         is used to determine whether the loader strategy performed these security checks for a given ResourceResponse.
1205
1206         * inspector/agents/InspectorNetworkAgent.cpp:
1207         (WebCore::InspectorNetworkAgent::didReceiveResponse):
1208         (WebCore::InspectorNetworkAgent::didFinishLoading):
1209         (WebCore::isResponseProbablyComingFromNetworkProcess): Deleted.
1210         * loader/DocumentLoader.cpp:
1211         (WebCore::DocumentLoader::responseReceived):
1212         * loader/DocumentThreadableLoader.cpp:
1213         (WebCore::shouldPerformSecurityChecks):
1214         (WebCore::DocumentThreadableLoader::shouldSetHTTPHeadersToKeep const):
1215         (WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequest):
1216         (WebCore::DocumentThreadableLoader::makeSimpleCrossOriginAccessRequest):
1217         (WebCore::DocumentThreadableLoader::redirectReceived):
1218         (WebCore::DocumentThreadableLoader::didFail):
1219         (WebCore::DocumentThreadableLoader::loadRequest):
1220         (WebCore::isDoingSecurityChecksInNetworkProcess): Deleted.
1221         (WebCore::isResponseComingFromNetworkProcess): Deleted.
1222         * loader/LoaderStrategy.cpp:
1223         * loader/LoaderStrategy.h:
1224         * page/Settings.yaml: Remove setting networkProcessCSPFrameAncestorsCheckingEnabled as we now make
1225         use of the loader strategy to determine whether to perform CSP frame-ancestors and X-Frame-Options
1226         checking in DocumentLoader.
1227         * platform/network/ResourceResponseBase.h:
1228         (WebCore::ResourceResponseBase::setSource): Added an ASSERT to catch the programming error of setting
1229         source to ResourceResponse::Source::Unknown. This source type represents an uninitialized ResourceResponse.
1230
1231 2018-05-10  Tim Horton  <timothy_horton@apple.com>
1232
1233         Lookup sometimes shows a second yellow highlight on top of WebKit's TextIndicator
1234         https://bugs.webkit.org/show_bug.cgi?id=185538
1235         <rdar://problem/38817825>
1236
1237         Reviewed by Sam Weinig.
1238
1239         * editing/mac/DictionaryLookup.mm:
1240         (WebCore::showPopupOrCreateAnimationController):
1241         Options can be nil, in which case we can't mutableCopy it and add
1242         LUTermOptionDisableSearchTermIndicator. Instead, create a new dictionary,
1243         and add the items from options, if it's not nil.
1244
1245 2018-05-10  Matt Baker  <mattbaker@apple.com>
1246
1247         Web Inspector: ASSERT_NOT_REACHED in PageDebuggerAgent::didAddEventListener when page adds attribute event listener
1248         https://bugs.webkit.org/show_bug.cgi?id=181580
1249         <rdar://problem/36461309>
1250
1251         Reviewed by Brian Burg.
1252
1253         EventTarget should pass newly added EventListeners to InspectorInstrumentation,
1254         instead of PageDebuggerAgent assuming the last item in the EventListenerVector
1255         is the most recently added listener. This assumption does not hold when
1256         the new listener replaces an existing listener.
1257
1258         * dom/EventTarget.cpp:
1259         (WebCore::EventTarget::addEventListener):
1260         (WebCore::EventTarget::setAttributeEventListener):
1261
1262         * inspector/InspectorInstrumentation.cpp:
1263         (WebCore::InspectorInstrumentation::didAddEventListenerImpl):
1264
1265         * inspector/InspectorInstrumentation.h:
1266         (WebCore::InspectorInstrumentation::didAddEventListener):
1267
1268         * inspector/agents/page/PageDebuggerAgent.cpp:
1269         (WebCore::PageDebuggerAgent::didAddEventListener):
1270         * inspector/agents/page/PageDebuggerAgent.h:
1271
1272 2018-05-10  Chris Dumez  <cdumez@apple.com>
1273
1274         'Cross-Origin-Options header implementation follow-up
1275         https://bugs.webkit.org/show_bug.cgi?id=185520
1276
1277         Reviewed by Ryosuke Niwa.
1278
1279         * dom/Document.cpp:
1280         * dom/Document.h:
1281         * loader/FrameLoader.cpp:
1282         (WebCore::FrameLoader::didBeginDocument):
1283         Using isNull() check is sufficient here as the header parsing
1284         function will do the right thing when passed the empty string.
1285         Also set the options directly on the window instead of the
1286         document. The window is guaranteed to have been constructed
1287         by then because didBeginDocument() is called DocumentWriter::begin()
1288         which calls Document::createDOMWindow() or Document::takeDOMWindowFrom().
1289
1290         * page/AbstractDOMWindow.cpp:
1291         (WebCore::AbstractDOMWindow::AbstractDOMWindow):
1292         * page/AbstractDOMWindow.h:
1293         * page/DOMWindow.cpp:
1294         (WebCore::DOMWindow::DOMWindow):
1295         (WebCore::DOMWindow::didSecureTransitionTo):
1296         * page/RemoteDOMWindow.cpp:
1297         (WebCore::RemoteDOMWindow::RemoteDOMWindow):
1298         * page/RemoteDOMWindow.h:
1299         CrossOriginOptions are now stored only on the Window, not the Document.
1300
1301         * platform/network/HTTPParsers.cpp:
1302         (WebCore::parseCrossOriginOptionsHeader):
1303         Drop strippedHeader local variable as it is not strictly needed.
1304
1305 2018-05-10  Tim Horton  <timothy_horton@apple.com>
1306
1307         Fix the build after r231393
1308         https://bugs.webkit.org/show_bug.cgi?id=185519
1309         <rdar://problem/40131741>
1310
1311         Reviewed by Simon Fraser.
1312
1313         * Configurations/WebCore.xcconfig:
1314
1315 2018-05-10  Eric Carlson  <eric.carlson@apple.com>
1316
1317         Log missing cues correctly
1318         https://bugs.webkit.org/show_bug.cgi?id=185499
1319         <rdar://problem/40113821>
1320
1321         Reviewed by Daniel Bates.
1322
1323         No new tests, tested manually.
1324
1325         * html/track/InbandGenericTextTrack.cpp:
1326         (WebCore::InbandGenericTextTrack::removeGenericCue): Log the cue we searched for, not
1327         the NULL cue.
1328
1329 2018-05-10  Zalan Bujtas  <zalan@apple.com>
1330
1331         [LFC] Implement height computation for non-replaced inflow elements.
1332         https://bugs.webkit.org/show_bug.cgi?id=185474
1333
1334         Reviewed by Antti Koivisto.
1335
1336         Initial implementation. Does not cover all the cases.
1337
1338         * layout/FormattingContext.cpp:
1339         (WebCore::Layout::FormattingContext::computeHeight const):
1340         * layout/FormattingContext.h:
1341         * layout/blockformatting/BlockFormattingContext.cpp:
1342         (WebCore::Layout::BlockFormattingContext::layout const):
1343         (WebCore::Layout::BlockFormattingContext::computeInFlowHeight const):
1344         (WebCore::Layout::BlockFormattingContext::computeInFlowNonReplacedHeight const):
1345         * layout/blockformatting/BlockFormattingContext.h:
1346         * layout/blockformatting/BlockMarginCollapse.cpp:
1347         (WebCore::Layout::collapsedMarginBottomFromLastChild):
1348         (WebCore::Layout::BlockMarginCollapse::isMarginBottomCollapsedWithParent):
1349         (WebCore::Layout::BlockMarginCollapse::isMarginTopCollapsedWithParentMarginBottom):
1350         (WebCore::Layout::isMarginBottomCollapsedWithParent): Deleted.
1351         * layout/blockformatting/BlockMarginCollapse.h:
1352         * layout/inlineformatting/InlineFormattingContext.cpp:
1353         (WebCore::Layout::InlineFormattingContext::computeInFlowHeight const):
1354         * layout/inlineformatting/InlineFormattingContext.h:
1355         * layout/layouttree/LayoutBox.cpp:
1356         (WebCore::Layout::Box::isReplaced const):
1357         * layout/layouttree/LayoutBox.h:
1358
1359 2018-05-10  Thibault Saunier  <tsaunier@igalia.com>
1360
1361         [GTK] Implement ImageBuffer::toBGRAData
1362         https://bugs.webkit.org/show_bug.cgi?id=185511
1363
1364         Reviewed by Michael Catanzaro.
1365
1366         This was never implemented but will be required for the MediaStream API
1367         tests.
1368
1369         * platform/graphics/ImageBuffer.cpp:
1370         (WebCore::ImageBuffer::toBGRAData const):
1371         * platform/graphics/cg/ImageBufferCG.cpp:
1372         (WebCore::ImageBuffer::toBGRAData const):
1373         * platform/graphics/gtk/ImageBufferGtk.cpp:
1374         (WebCore::ImageBuffer::toBGRAData const):
1375
1376 2018-05-10  Yacine Bandou  <yacine.bandou_ext@softathome.com>
1377
1378         [EME][GStreamer] Add a handler for GStreamer protection event
1379         https://bugs.webkit.org/show_bug.cgi?id=185245
1380
1381         Reviewed by Xabier Rodriguez-Calvar.
1382
1383         Qtdemux sends the protection event when encountered a new PSSH box (encrypted content).
1384
1385         The Decryptor is moved from AppendPipeline to PlaybackPipeline (see https://bugs.webkit.org/show_bug.cgi?id=181855),
1386         thus the protection event is no longer handled because the Decryptor is not in the same pipeline as qtdemux.
1387
1388         AppendPipeline: httpsrc-->qtdemux-->appsink
1389         PlaybackPipeline: appsrc-->parser--> decryptor-->decoder-->sink
1390
1391         This patch attaches a probe to the sink pad of the appsink in the appendPipeline in order to
1392         catch and manage the protection event.
1393
1394         * platform/graphics/gstreamer/mse/AppendPipeline.cpp:
1395         (WebCore::AppendPipeline::AppendPipeline):
1396         (WebCore::AppendPipeline::~AppendPipeline):
1397         (WebCore::appendPipelineAppsinkPadEventProbe):
1398         * platform/graphics/gstreamer/mse/AppendPipeline.h:
1399         (WebCore::AppendPipeline::playerPrivate):
1400
1401 2018-05-10  Yacine Bandou  <yacine.bandou_ext@softathome.com>
1402
1403         [EME][GStreamer] Move the decryptor from AppendPipeline to PlaybackPipeline.
1404         https://bugs.webkit.org/show_bug.cgi?id=181855
1405
1406         Reviewed by Xabier Rodriguez-Calvar.
1407
1408         The goal of this move is to handle the limitation of SVP (Secure Video Path) memory size.
1409
1410         When the decryptor is in the AppendPipeline and we use SVP, we buffer in MediaSource queue
1411         the decrypted GstBuffers that are in SVP memory.
1412         This behavior cause an out-of-memory error, because we are limited in SVP memory size.
1413
1414         By moving the decryptor in PlaybackPipeline, we avoid to buffer the decrypted GstBuffers
1415         which use the SVP memory and we buffer the encrypted GstBuffers that are in system memory.
1416
1417         This new architecture also allows to start the buffering before obtaining the DRM license
1418         and it makes easier to manage dynamic change of the license or Key.
1419
1420         The decryptor is auto plugged by GStreamer playbin in PlaybackPipeline.
1421
1422         SVP: Secure Video Path also named trusted or protected video path, it is a memory which is
1423         protected by a hardware access control engine, it is not accessible to other unauthorised
1424         software or hardware components.
1425
1426         Tests:
1427             media/encrypted-media/clearKey/clearKey-cenc-audio-playback-mse.html
1428             media/encrypted-media/clearKey/clearKey-cenc-video-playback-mse.html
1429
1430         * platform/graphics/gstreamer/eme/WebKitCommonEncryptionDecryptorGStreamer.cpp:
1431         (webkitMediaCommonEncryptionDecryptSinkEventHandler):
1432         * platform/graphics/gstreamer/mse/AppendPipeline.cpp:
1433         (WebCore::dumpAppendState):
1434         (WebCore::AppendPipeline::AppendPipeline):
1435         (WebCore::AppendPipeline::handleNeedContextSyncMessage):
1436         (WebCore::AppendPipeline::handleAppsrcNeedDataReceived):
1437         (WebCore::AppendPipeline::setAppendState):
1438         (WebCore::AppendPipeline::parseDemuxerSrcPadCaps):
1439         (WebCore::AppendPipeline::appsinkNewSample):
1440         (WebCore::AppendPipeline::connectDemuxerSrcPadToAppsinkFromAnyThread):
1441         (WebCore::AppendPipeline::disconnectDemuxerSrcPadFromAppsinkFromAnyThread):
1442         (WebCore::appendPipelineElementMessageCallback): Deleted.
1443         (WebCore::AppendPipeline::handleElementMessage): Deleted.
1444         (WebCore::AppendPipeline::dispatchPendingDecryptionStructure): Deleted.
1445         (WebCore::AppendPipeline::dispatchDecryptionStructure): Deleted.
1446         * platform/graphics/gstreamer/mse/AppendPipeline.h:
1447         * platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:
1448         (WebCore::MediaPlayerPrivateGStreamerMSE::attemptToDecryptWithInstance):
1449         * platform/graphics/gstreamer/mse/PlaybackPipeline.cpp:
1450
1451 2018-05-09  Nan Wang  <n_wang@apple.com>
1452
1453         AX: VoiceOver iframe scrolling focus jumping bug
1454         https://bugs.webkit.org/show_bug.cgi?id=176615
1455         <rdar://problem/34333067>
1456
1457         Reviewed by Chris Fleizach.
1458
1459         Scrolling to make elements visible is not working correctly for elements inside an
1460         offscreen iframe. Fixed it by using RenderLayer::scrollRectToVisible() to handle
1461         scrolling more properly.
1462
1463         Test: accessibility/scroll-to-make-visible-iframe-offscreen.html
1464
1465         * accessibility/AccessibilityObject.cpp:
1466         (WebCore::AccessibilityObject::scrollToMakeVisible const):
1467
1468 2018-05-09  Joanmarie Diggs  <jdiggs@igalia.com>
1469
1470         AX: accessibleNameForNode should simplify whitespace when using innerText
1471         https://bugs.webkit.org/show_bug.cgi?id=185498
1472
1473         Reviewed by Chris Fleizach.
1474
1475         Test: accessibility/text-alternative-calculation-from-unrendered-table.html
1476
1477         Call simplifyWhiteSpace() before returning the innerText value.
1478
1479         * accessibility/AccessibilityNodeObject.cpp:
1480         (WebCore::accessibleNameForNode):
1481
1482 2018-05-09  Chris Dumez  <cdumez@apple.com>
1483
1484         Add initial support for 'Cross-Origin-Options' HTTP response header
1485         https://bugs.webkit.org/show_bug.cgi?id=184996
1486         <rdar://problem/39664620>
1487
1488         Reviewed by Geoff Garen.
1489
1490         Add initial support for 'Cross-Origin-Options' HTTP response header behind an experimental
1491         feature flag, on by default. When the HTTP server services this HTTP response header for a
1492         main resource, we'll set these options on the corresponding Document. This will impact the
1493         behavior of the Document's associated Window API when cross-origin.
1494
1495         The HTTP header has 3 possible values:
1496         - allow: This is the default. Regular cross-origin Window API is available.
1497         - allow-postmessage: Only postMessage() is available on a cross-origin window, trying to
1498           access anything else will throw a SecurityError.
1499         - deny: Trying to do anything with a cross-origin window will throw a SecurityError.
1500
1501         The header has no effect when accessing same origin windows.
1502
1503         Note that on cross-origin access from Window A to Window B, we check the cross-origin
1504         options for both Window A and Window B and use the lowest common denominator as effective
1505         cross-origin options for the access. So if Window A has 'Cross-Origin-Options: deny' and
1506         tries to call postMessage() on Window B which has 'Cross-Origin-Options: allow-postmessage',
1507         we will throw a SecurityError. This is because Window A's more restrictive options (deny)
1508         apply.
1509
1510         Tests: http/wpt/cross-origin-options/allow-postmessage-from-deny.html
1511                http/wpt/cross-origin-options/allow-postmessage.html
1512                http/wpt/cross-origin-options/cross-origin-options-header.html
1513
1514         * bindings/js/JSDOMBindingSecurity.cpp:
1515         (WebCore::BindingSecurity::shouldAllowAccessToDOMWindowGivenMinimumCrossOriginOptions):
1516         * bindings/js/JSDOMBindingSecurity.h:
1517         * bindings/js/JSDOMWindowCustom.cpp:
1518         (WebCore::effectiveCrossOriginOptionsForAccess):
1519         (WebCore::jsDOMWindowGetOwnPropertySlotRestrictedAccess):
1520         (WebCore::JSDOMWindow::getOwnPropertySlot):
1521         (WebCore::JSDOMWindow::getOwnPropertySlotByIndex):
1522         (WebCore::addCrossOriginWindowPropertyNames):
1523         (WebCore::addScopedChildrenIndexes):
1524         (WebCore::addCrossOriginWindowOwnPropertyNames):
1525         (WebCore::JSDOMWindow::getOwnPropertyNames):
1526         * bindings/js/JSDOMWindowCustom.h:
1527         * bindings/js/JSRemoteDOMWindowCustom.cpp:
1528         (WebCore::JSRemoteDOMWindow::getOwnPropertySlot):
1529         (WebCore::JSRemoteDOMWindow::getOwnPropertySlotByIndex):
1530         (WebCore::JSRemoteDOMWindow::getOwnPropertyNames):
1531         * bindings/scripts/CodeGeneratorJS.pm:
1532         (GenerateAttributeGetterBodyDefinition):
1533         (GetCrossOriginsOptionsFromExtendedAttributeValue):
1534         (GenerateAttributeSetterBodyDefinition):
1535         (GenerateOperationBodyDefinition):
1536         * bindings/scripts/IDLAttributes.json:
1537         * dom/Document.cpp:
1538         (WebCore::Document::setCrossOriginOptions):
1539         * dom/Document.h:
1540         (WebCore::Document::crossOriginOptions const):
1541         * loader/FrameLoader.cpp:
1542         (WebCore::FrameLoader::didBeginDocument):
1543         * page/AbstractDOMWindow.cpp:
1544         (WebCore::AbstractDOMWindow::AbstractDOMWindow):
1545         * page/AbstractDOMWindow.h:
1546         (WebCore::AbstractDOMWindow::crossOriginOptions):
1547         (WebCore::AbstractDOMWindow::setCrossOriginOptions):
1548         * page/DOMWindow.cpp:
1549         (WebCore::DOMWindow::DOMWindow):
1550         (WebCore::DOMWindow::didSecureTransitionTo):
1551         * page/DOMWindow.idl:
1552         * page/Frame.h:
1553         * page/RemoteDOMWindow.cpp:
1554         (WebCore::RemoteDOMWindow::RemoteDOMWindow):
1555         * page/RemoteDOMWindow.h:
1556         * page/Settings.yaml:
1557         * platform/network/HTTPHeaderNames.in:
1558         * platform/network/HTTPParsers.cpp:
1559         (WebCore::parseCrossOriginOptionsHeader):
1560         * platform/network/HTTPParsers.h:
1561
1562 2018-05-09  Ryosuke Niwa  <rniwa@webkit.org>
1563
1564         Release assert in TreeScopeOrderedMap::remove via HTMLImageElement::removedFromAncestor
1565         https://bugs.webkit.org/show_bug.cgi?id=185493
1566
1567         Reviewed by Brent Fulgham.
1568
1569         Fixed the bug that HTMLImageElement::removedFromAncestor and HTMLMapElement::removedFromAncestor
1570         were calling removeImageElementByUsemap on the document instead of the shadow tree from which it was removed.
1571
1572         Test: fast/images/imagemap-in-shadow-tree-removed.html
1573
1574         * html/HTMLImageElement.cpp:
1575         (WebCore::HTMLImageElement::removedFromAncestor):
1576         * html/HTMLMapElement.cpp:
1577         (WebCore::HTMLMapElement::removedFromAncestor):
1578
1579 2018-05-09  Joanmarie Diggs  <jdiggs@igalia.com>
1580
1581         AX: Hidden nodes which are not directly referenced should not participate name/description from content
1582         https://bugs.webkit.org/show_bug.cgi?id=185478
1583
1584         Reviewed by Chris Fleizach.
1585
1586         Add a check to AccessibilityNodeObject::textUnderElement() and return early
1587         if the node is hidden, not referenced by aria-labelledby or aria-describedby,
1588         not an HTMLLabelElement, and not fallback content for an HTMLCanvasElement.
1589
1590         Test: accessibility/text-alternative-calculation-hidden-nodes.html
1591
1592         * accessibility/AccessibilityNodeObject.cpp:
1593         (WebCore::AccessibilityNodeObject::textUnderElement const):
1594
1595 2018-05-09  Eric Carlson  <eric.carlson@apple.com>
1596
1597         Update MediaSession to use release logging
1598         https://bugs.webkit.org/show_bug.cgi?id=185376
1599         <rdar://problem/40022203>
1600
1601         Reviewed by Youenn Fablet.
1602
1603         No new tests, tested manually.
1604
1605         * Modules/mediastream/MediaStream.h: hostingDocument() doesn't need to return a const Document.
1606         * Modules/webaudio/AudioContext.cpp:
1607         (WebCore::AudioContext::hostingDocument const): Ditto.
1608         * Modules/webaudio/AudioContext.h:
1609
1610         * html/HTMLMediaElement.h: Ditto.
1611
1612         * html/MediaElementSession.cpp:
1613         (WebCore::MediaElementSession::MediaElementSession):
1614         (WebCore::MediaElementSession::addBehaviorRestriction):
1615         (WebCore::MediaElementSession::removeBehaviorRestriction):
1616         (WebCore::MediaElementSession::dataLoadingPermitted const):
1617         (WebCore::MediaElementSession::fullscreenPermitted const):
1618         (WebCore::MediaElementSession::pageAllowsDataLoading const):
1619         (WebCore::MediaElementSession::pageAllowsPlaybackAfterResuming const):
1620         (WebCore::MediaElementSession::canShowControlsManager const):
1621         (WebCore::MediaElementSession::showPlaybackTargetPicker):
1622         (WebCore::MediaElementSession::hasWirelessPlaybackTargets const):
1623         (WebCore::MediaElementSession::wirelessVideoPlaybackDisabled const):
1624         (WebCore::MediaElementSession::setWirelessVideoPlaybackDisabled):
1625         (WebCore::MediaElementSession::setHasPlaybackTargetAvailabilityListeners):
1626         (WebCore::MediaElementSession::externalOutputDeviceAvailableDidChange):
1627         (WebCore::MediaElementSession::setShouldPlayToPlaybackTarget):
1628         (WebCore::MediaElementSession::mediaEngineUpdated):
1629         (WebCore::MediaElementSession::willLog const): Deleted.
1630         (WebCore::MediaElementSession::logger const): Deleted.
1631         (WebCore::MediaElementSession::logIdentifier const): Deleted.
1632         (WebCore::MediaElementSession::logChannel const): Deleted.
1633         * html/MediaElementSession.h:
1634
1635         * platform/audio/PlatformMediaSession.cpp:
1636         (WebCore::nextLogIdentifier):
1637         (WebCore::convertEnumerationToString):
1638         (WebCore::PlatformMediaSession::PlatformMediaSession):
1639         (WebCore::PlatformMediaSession::setState):
1640         (WebCore::PlatformMediaSession::beginInterruption):
1641         (WebCore::PlatformMediaSession::endInterruption):
1642         (WebCore::PlatformMediaSession::clientWillBeginAutoplaying):
1643         (WebCore::PlatformMediaSession::clientWillPausePlayback):
1644         (WebCore::PlatformMediaSession::pauseSession):
1645         (WebCore::PlatformMediaSession::stopSession):
1646         (WebCore::PlatformMediaSession::clientDataBufferingTimerFired):
1647         (WebCore::PlatformMediaSession::logChannel const):
1648         (WebCore::stateName): Deleted.
1649         (WebCore::interruptionName): Deleted.
1650         * platform/audio/PlatformMediaSession.h:
1651         (WTF::LogArgument<WebCore::PlatformMediaSession::State>::toString):
1652         (WTF::LogArgument<WebCore::PlatformMediaSession::InterruptionType>::toString):
1653
1654 2018-05-09  Thibault Saunier  <tsaunier@igalia.com>
1655
1656         [GStreamer] Never call updateTracks if running on legacy pipeline
1657         https://bugs.webkit.org/show_bug.cgi?id=184581
1658
1659         This makes sure failling code path is never reached in the conditions where it should not have been reached.
1660
1661         Reviewed by Philippe Normand.
1662
1663         Re enables all tests that were disabled after fixing.
1664
1665         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
1666         (WebCore::MediaPlayerPrivateGStreamer::handleMessage):
1667
1668 2018-05-09  Daniel Bates  <dabates@apple.com>
1669
1670         REGRESSION (r231479): http/tests/appcache/x-frame-options-prevents-framing.php is timing out
1671         https://bugs.webkit.org/show_bug.cgi?id=185443
1672         <rdar://problem/40100660>
1673
1674         Reviewed by Andy Estes.
1675
1676         Following r231479 when using WebKit2 and Restricted HTTP Response Access is enabled (enabled in
1677         WebKitTestRunner) we only check the CSP frame-ancestors directive and X-Frame-Options in
1678         NetworkProcess. We need to check these security requirements in WebContent process whenever
1679         we are performing a substitute data load, such as for app cache, as these loads do not go
1680         through NetworkProcess.
1681
1682         * loader/DocumentLoader.cpp:
1683         (WebCore::DocumentLoader::responseReceived):
1684
1685 2018-05-09  Justin Fan  <justin_fan@apple.com>
1686
1687         Hooked up ASTC support in WebGL; requires OpenGL ES 3 context to work. 
1688         https://bugs.webkit.org/show_bug.cgi?id=185272
1689         <rdar://problem/15745737>
1690
1691         Reviewed by Dean Jackson.
1692
1693         Also added in Khronos' ASTC test from version 1.0.4 beta of their conformance test suite,
1694         although again, this requires OpenGL ES 3 context for WebKit to detect proper support.
1695
1696         Test: fast/canvas/webgl/webgl-compressed-texture-astc.html
1697
1698         * DerivedSources.make:
1699         * Sources.txt:
1700         * WebCore.xcodeproj/project.pbxproj:
1701         * bindings/js/JSDOMConvertWebGL.cpp:
1702         (WebCore::convertToJSValue):
1703         * html/canvas/WebGL2RenderingContext.cpp:
1704         (WebCore::WebGL2RenderingContext::getExtension):
1705         (WebCore::WebGL2RenderingContext::getSupportedExtensions):
1706         * html/canvas/WebGLCompressedTextureASTC.cpp: Added.
1707         (WebCore::WebGLCompressedTextureASTC::WebGLCompressedTextureASTC):
1708         (WebCore::WebGLCompressedTextureASTC::getName const):
1709         (WebCore::WebGLCompressedTextureASTC::supported):
1710         (WebCore::WebGLCompressedTextureASTC::getSupportedProfiles):
1711         * html/canvas/WebGLCompressedTextureASTC.h: Added.
1712         * html/canvas/WebGLCompressedTextureASTC.idl: Added.
1713         * html/canvas/WebGLExtension.h:
1714         * html/canvas/WebGLRenderingContext.cpp:
1715         (WebCore::WebGLRenderingContext::getExtension):
1716         (WebCore::WebGLRenderingContext::getSupportedExtensions):
1717         * html/canvas/WebGLRenderingContextBase.cpp:
1718         (WebCore::WebGLRenderingContextBase::validateCompressedTexFuncData):
1719         (WebCore::WebGLRenderingContextBase::validateCompressedTexDimensions):
1720         * html/canvas/WebGLRenderingContextBase.h:
1721         * platform/graphics/Extensions3D.h:
1722
1723 2018-05-09  Youenn Fablet  <youenn@apple.com>
1724
1725         Allow WebResourceLoader to cancel a load served from a service worker
1726         https://bugs.webkit.org/show_bug.cgi?id=185274
1727
1728         Reviewed by Chris Dumez.
1729
1730         Add support for cancelling a fetch from WebProcess to service worker process.
1731         Use FetchIdentifier instead of uint64_t.
1732
1733         * Modules/fetch/FetchIdentifier.h: Added.
1734         * WebCore.xcodeproj/project.pbxproj:
1735         * workers/service/context/ServiceWorkerFetch.h:
1736         * workers/service/context/ServiceWorkerThreadProxy.cpp:
1737         (WebCore::ServiceWorkerThreadProxy::startFetch):
1738         (WebCore::ServiceWorkerThreadProxy::cancelFetch):
1739         * workers/service/context/ServiceWorkerThreadProxy.h:
1740
1741 2018-05-09  Thibault Saunier  <tsaunier@igalia.com>
1742
1743         [GStreamer] Fix style issue in MediaPlayerPrivateGStreamer
1744         https://bugs.webkit.org/show_bug.cgi?id=185479
1745
1746         Reviewed by Philippe Normand.
1747
1748         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:114:  Multi line control clauses should use braces.  [whitespace/braces] [4]
1749         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:194:  Multi line control clauses should use braces.  [whitespace/braces] [4]
1750         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:398:  One line control clauses should not use braces.  [whitespace/braces] [4]
1751         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:440:  One line control clauses should not use braces.  [whitespace/braces] [4]
1752         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:806:  More than one command on the same line  [whitespace/newline] [4]
1753         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:869:  More than one command on the same line  [whitespace/newline] [4]
1754         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:880:  More than one command on the same line  [whitespace/newline] [4]
1755         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:940:  More than one command on the same line  [whitespace/newline] [4]
1756         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:1102:  Multi line control clauses should use braces.  [whitespace/braces] [4]
1757         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:1109:  Multi line control clauses should use braces.  [whitespace/braces] [4]
1758
1759         Indentation and style issue fixed only.
1760
1761         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
1762         (WebCore::MediaPlayerPrivateGStreamer::registerMediaEngine):
1763         (WebCore::MediaPlayerPrivateGStreamer::~MediaPlayerPrivateGStreamer):
1764         (WebCore::MediaPlayerPrivateGStreamer::changePipelineState):
1765         (WebCore::MediaPlayerPrivateGStreamer::play):
1766         (WebCore::MediaPlayerPrivateGStreamer::videoChangedCallback):
1767         (WebCore::MediaPlayerPrivateGStreamer::videoSinkCapsChangedCallback):
1768         (WebCore::MediaPlayerPrivateGStreamer::audioChangedCallback):
1769         (WebCore::MediaPlayerPrivateGStreamer::textChangedCallback):
1770         (WebCore::MediaPlayerPrivateGStreamer::buffered const):
1771         (WebCore::MediaPlayerPrivateGStreamer::loadNextLocation):
1772
1773 2018-05-09  Daniel Bates  <dabates@apple.com>
1774
1775         REGRESSION (r231479): com.apple.WebCore crash in WebCore::DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied()
1776         https://bugs.webkit.org/show_bug.cgi?id=185475
1777         <rdar://problem/40093853>
1778
1779         Reviewed by Andy Estes.
1780
1781         DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() must extends its lifetime
1782         until completion as dispatching a DOM load event at the associated frame can cause JavaScript execution
1783         that can do anything, including destroying the loader that dispatched the event.
1784
1785         Following r231479 DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() is now
1786         invoked by both DocumentLoader::responseReceived() and WebResourceLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied().
1787         The latter only can happen when using WebKit2 and the experimental feature Restricted HTTP Response Access
1788         is enabled (RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess()). Unlike DocumentLoader::responseReceived()
1789         WebResourceLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() does not take out a ref
1790         on the DocumentLoader before invoking DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied().
1791         Therefore, DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() can cause its
1792         own destruction as a result of dispatching a DOM load event at the frame. We should take out a ref on
1793         the DocumentLoader when executing DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied().
1794
1795         * loader/DocumentLoader.cpp:
1796         (WebCore::DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied):
1797
1798 2018-05-09  Tim Horton  <timothy_horton@apple.com>
1799
1800         Fix the build by ignoring some deprecation warnings
1801
1802         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
1803         (WebCore::MediaPlayerPrivateAVFoundationObjC::setShouldDisableSleep):
1804
1805 2018-05-09  Michael Catanzaro  <mcatanzaro@igalia.com>
1806
1807         [WPE] Build cleanly with GCC 8 and ICU 60
1808         https://bugs.webkit.org/show_bug.cgi?id=185462
1809
1810         Reviewed by Carlos Alberto Lopez Perez.
1811
1812         * PlatformGTK.cmake: Include directories are in the wrong place.
1813         * accessibility/AXObjectCache.cpp: Silence -Wclass-memaccess problems and leave warnings.
1814         (WebCore::AXObjectCache::startOrEndTextMarkerDataForRange):
1815         (WebCore::AXObjectCache::textMarkerDataForCharacterOffset):
1816         (WebCore::AXObjectCache::textMarkerDataForVisiblePosition):
1817         (WebCore::AXObjectCache::textMarkerDataForFirstPositionInTextControl):
1818         * css/CSSFontFace.cpp: Silence -Wfallthrough
1819         (WebCore::CSSFontFace::fontLoadTiming const):
1820         * css/CSSSelectorList.cpp: Silence -Wclass-memaccess, this one is intentional.
1821         (WebCore::CSSSelectorList::adoptSelectorVector):
1822         * editing/TextIterator.cpp: Silence ICU deprecation warnings.
1823         * platform/Length.h:
1824         (WebCore::Length::operator=): More -Wclass-memaccess, looks benign.
1825         * platform/graphics/Gradient.cpp:
1826         (WebCore::Gradient::hash const): -Wclass-memaccess again. Leave a warning.
1827         * platform/graphics/SurrogatePairAwareTextIterator.cpp: Silence ICU deprecation warnings.
1828         * platform/graphics/cairo/FontCairoHarfbuzzNG.cpp:
1829         (WebCore::FontCascade::fontForCombiningCharacterSequence const): Silence ICU deprecation.
1830         * platform/graphics/freetype/FontCustomPlatformDataFreeType.cpp:
1831         (WebCore::FontCustomPlatformData::FontCustomPlatformData): Silence -Wcast-function-type.
1832         * platform/graphics/freetype/SimpleFontDataFreeType.cpp:
1833         (WebCore::Font::canRenderCombiningCharacterSequence const): Silence ICU deprecation.
1834         * platform/graphics/gstreamer/GstAllocatorFastMalloc.cpp:
1835         (gstAllocatorFastMallocMemUnmap): Fix -Wcast-function-type.
1836         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
1837         (WebCore::MediaPlayerPrivateGStreamer::updateTracks): Fix bad printf.
1838         (WebCore::MediaPlayerPrivateGStreamer::enableTrack): Another bad printf.
1839         (WebCore::findHLSQueue): Fix -Wcast-function-type.
1840         * platform/graphics/gstreamer/eme/WebKitClearKeyDecryptorGStreamer.cpp:
1841         (webKitMediaClearKeyDecryptorDecrypt): Fix another bad printf.
1842         * platform/network/soup/SocketStreamHandleImplSoup.cpp: Silence -Wcast-function-type.
1843         (WebCore::SocketStreamHandleImpl::beginWaitingForSocketWritability):
1844         * platform/text/TextEncoding.cpp: Silence ICU deprecration.
1845
1846 2018-05-08  Simon Fraser  <simon.fraser@apple.com>
1847
1848         SVG lighting colors need to be converted into linearSRGB
1849         https://bugs.webkit.org/show_bug.cgi?id=181196
1850
1851         Reviewed by Darin Adler.
1852
1853         Address post-commit comments. Don't make a Color that contains linearRGB components,
1854         but use FloatComponents instead. Since these FloatComponents are in the 0-1 range,
1855         FELighting::setPixelInternal() needs to multiply by 255 since the output pixels are
1856         8-bit 0-255.
1857         
1858         Change linearToSRGBColorComponent() and sRGBToLinearColorComponent() to do math in
1859         floats without promoting to doubles.
1860
1861         * platform/graphics/ColorUtilities.cpp:
1862         (WebCore::FloatComponents::FloatComponents):
1863         (WebCore::linearToSRGBColorComponent):
1864         (WebCore::sRGBToLinearColorComponent):
1865         (WebCore::sRGBColorToLinearComponents):
1866         (WebCore::linearToSRGBColor): Deleted.
1867         (WebCore::sRGBToLinearColor): Deleted.
1868         * platform/graphics/ColorUtilities.h:
1869         * platform/graphics/filters/FELighting.cpp:
1870         (WebCore::FELighting::setPixelInternal):
1871         (WebCore::FELighting::drawLighting):
1872
1873 2018-05-09  Timothy Hatcher  <timothy@apple.com>
1874
1875         Use StyleColor::Options in more places.
1876
1877         https://bugs.webkit.org/show_bug.cgi?id=185458
1878         rdar://problem/39853798
1879
1880         Add UseDefaultAppearance to StyleColor::Options, to avoid passing yet another
1881         boolean on some of these functions.
1882
1883         Reviewed by Tim Horton.
1884
1885         * css/MediaQueryEvaluator.cpp:
1886         * css/StyleColor.h:
1887         * dom/Document.cpp:
1888         (WebCore::Document::useDefaultAppearance const):
1889         (WebCore::Document::styleColorOptions const):
1890         * dom/Document.h:
1891         * platform/Theme.cpp:
1892         (WebCore::Theme::paint):
1893         * platform/Theme.h:
1894         * platform/mac/LocalDefaultSystemAppearance.h:
1895         * platform/mac/LocalDefaultSystemAppearance.mm:
1896         (WebCore::LocalDefaultSystemAppearance::LocalDefaultSystemAppearance):
1897         (WebCore::LocalDefaultSystemAppearance::~LocalDefaultSystemAppearance):
1898         * platform/mac/ThemeMac.h:
1899         * platform/mac/ThemeMac.mm:
1900         (WebCore::paintToggleButton):
1901         (WebCore::paintButton):
1902         (WebCore::ThemeMac::ensuredView):
1903         (WebCore::ThemeMac::drawCellOrFocusRingWithViewIntoContext):
1904         (WebCore::ThemeMac::paint):
1905         (-[WebCoreThemeView initWithUseSystemAppearance:]): Deleted.
1906         * platform/wpe/ThemeWPE.cpp:
1907         (WebCore::ThemeWPE::paint):
1908         * platform/wpe/ThemeWPE.h:
1909         * rendering/RenderListBox.cpp:
1910         (WebCore::RenderListBox::paintItemBackground):
1911         * rendering/RenderTheme.cpp:
1912         (WebCore::RenderTheme::paint):
1913         (WebCore::RenderTheme::inactiveListBoxSelectionBackgroundColor const):
1914         (WebCore::RenderTheme::platformInactiveListBoxSelectionBackgroundColor const):
1915         * rendering/RenderTheme.h:
1916         * rendering/RenderThemeGtk.cpp:
1917         (WebCore::RenderThemeGtk::platformInactiveListBoxSelectionBackgroundColor const):
1918         * rendering/RenderThemeGtk.h:
1919         * rendering/RenderThemeMac.h:
1920         * rendering/RenderThemeMac.mm:
1921         (WebCore::RenderThemeMac::documentViewFor const):
1922         (WebCore::RenderThemeMac::platformInactiveListBoxSelectionBackgroundColor const):
1923         (WebCore::RenderThemeMac::systemColor const):
1924         (WebCore::RenderThemeMac::paintCellAndSetFocusedElementNeedsRepaintIfNecessary):
1925         (WebCore::RenderThemeMac::paintSliderThumb):
1926
1927 2018-05-09  Yacine Bandou  <yacine.bandou_ext@softathome.com>
1928
1929         [EME][GStreamer] Crash when the mediaKeys are created before loading the media in debug conf
1930         https://bugs.webkit.org/show_bug.cgi?id=185244
1931
1932         Reviewed by Xabier Rodriguez-Calvar.
1933
1934         The function "MediaPlayerPrivateGStreamerBase::cdmInstanceAttached" is expected to be called once,
1935         so there is an ASSERT(!m_cdmInstance).
1936         But when the MediaKeys are created before loading the media, the cdminstance is created and attached
1937         to the MediaPlayerPrivate via "MediaPlayerPrivateGStreamerBase::cdmInstanceAttached" before loading
1938         the media, then when the media is loading, the function "MediaPlayerPrivateGStreamerBase::cdmInstanceAttached"
1939         will be called several times via the function "mediaEngineWasUpdated" wich is called for each change
1940         in the MediaElement state, thus the WebProcess crashes in the ASSERT(!m_cdmInstance).
1941
1942         This commit avoid the crash by replacing the assert with a simple check.
1943
1944         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
1945         (WebCore::MediaPlayerPrivateGStreamerBase::cdmInstanceAttached):
1946         (WebCore::MediaPlayerPrivateGStreamerBase::cdmInstanceDetached):
1947
1948 2018-05-09  Antti Koivisto  <antti@apple.com>
1949
1950         Add OptionSet::operator& and operator bool
1951         https://bugs.webkit.org/show_bug.cgi?id=185306
1952
1953         Reviewed by Anders Carlsson.
1954
1955         Use it in a few places.
1956
1957         * loader/FrameLoader.cpp:
1958         (WebCore::FrameLoader::reload):
1959         * rendering/RenderLayerCompositor.cpp:
1960         (WebCore::RenderLayerCompositor::logReasonsForCompositing):
1961         (WebCore::RenderLayerCompositor::updateScrollCoordinatedLayer):
1962
1963 2018-05-08  Dean Jackson  <dino@apple.com>
1964
1965         Disable system preview link fetching
1966         https://bugs.webkit.org/show_bug.cgi?id=185463
1967
1968         Reviewed by Jon Lee.
1969
1970         Temporarily disable system preview detection when a link
1971         is clicked.
1972
1973         * html/HTMLAnchorElement.cpp:
1974         (WebCore::HTMLAnchorElement::handleClick):
1975
1976 2018-05-08  Wenson Hsieh  <wenson_hsieh@apple.com>
1977
1978         Unreviewed, fix the internal iOS build
1979
1980         Add a missing import statement in an implementation file.
1981
1982         * editing/cocoa/WebContentReaderCocoa.mm:
1983
1984 2018-05-08  Ryan Haddad  <ryanhaddad@apple.com>
1985
1986         Unreviewed, rolling out r231486.
1987
1988         Caused service worker LayoutTest failures on macOS Debug WK2.
1989
1990         Reverted changeset:
1991
1992         "Allow WebResourceLoader to cancel a load served from a
1993         service worker"
1994         https://bugs.webkit.org/show_bug.cgi?id=185274
1995         https://trac.webkit.org/changeset/231486
1996
1997 2018-05-08  Wenson Hsieh  <wenson_hsieh@apple.com>
1998
1999         Consolidate WebContentReaderIOS and WebContentReaderMac into WebContentReaderCocoa
2000         https://bugs.webkit.org/show_bug.cgi?id=185340
2001
2002         Reviewed by Tim Horton.
2003
2004         WebContentReader::readURL is currently the only method implemented separately in iOS and macOS platform
2005         WebContentReader files. The implementation across macOS and iOS is nearly identical (with some exceptions with
2006         the way iOS handles file URLs and plain text editing), so we can merge these into a single method
2007         WebContentReaderCocoa and delete WebContentReaderIOS and WebContentReaderMac.
2008
2009         This also has the added bonus of fixing a latent bug in WebContentReaderMac, wherein URLs written to the
2010         pasteboard using -[NSPasteboard writeObjects:] are currently pasted as empty anchor elements. In this case, the
2011         link title isn't made explicit, so the `title` passed in to WebContentReader::readURL is empty. On iOS, we have
2012         code to fall back to pasting the absolute string of the URL if the title is empty, but on macOS, we'll just use
2013         this empty string as the title of the anchor.
2014
2015         Test: PasteMixedContent.PasteURLWrittenToPasteboardUsingWriteObjects
2016
2017         * SourcesCocoa.txt:
2018         * WebCore.xcodeproj/project.pbxproj:
2019         * editing/cocoa/WebContentReaderCocoa.mm:
2020         (WebCore::WebContentReader::readURL):
2021         * editing/ios/WebContentReaderIOS.mm: Removed.
2022         * editing/mac/WebContentReaderMac.mm: Removed.
2023
2024 2018-05-08  Zalan Bujtas  <zalan@apple.com>
2025
2026         [Simple line layout] Cache run resolver.
2027         https://bugs.webkit.org/show_bug.cgi?id=185411
2028
2029         Reviewed by Antti Koivisto.
2030
2031         This patch caches the run resolver on the [SimpleLine]Layout object. 
2032         In certain cases, when the block container has thousands of elements (foobar1<br>foobar2<br>.....foobar9999<br>),
2033         constructing the resolver (and its dependencies) in a repeating fashion could hang the WebProcess.
2034
2035         Covered by existing tests.
2036
2037         * rendering/SimpleLineLayout.cpp:
2038         (WebCore::SimpleLineLayout::create):
2039         (WebCore::SimpleLineLayout::Layout::create):
2040         (WebCore::SimpleLineLayout::Layout::Layout):
2041         * rendering/SimpleLineLayout.h:
2042         (WebCore::SimpleLineLayout::Layout::runResolver const):
2043         * rendering/SimpleLineLayoutFunctions.cpp:
2044         (WebCore::SimpleLineLayout::paintFlow):
2045         (WebCore::SimpleLineLayout::hitTestFlow):
2046         (WebCore::SimpleLineLayout::collectFlowOverflow):
2047         (WebCore::SimpleLineLayout::computeBoundingBox):
2048         (WebCore::SimpleLineLayout::computeFirstRunLocation):
2049         (WebCore::SimpleLineLayout::collectAbsoluteRects):
2050         (WebCore::SimpleLineLayout::collectAbsoluteQuads):
2051         (WebCore::SimpleLineLayout::textOffsetForPoint):
2052         (WebCore::SimpleLineLayout::collectAbsoluteQuadsForRange):
2053         (WebCore::SimpleLineLayout::generateLineBoxTree):
2054         * rendering/SimpleLineLayoutResolver.cpp:
2055         (WebCore::SimpleLineLayout::LineResolver::LineResolver):
2056         * rendering/SimpleLineLayoutResolver.h:
2057         (WebCore::SimpleLineLayout::lineResolver):
2058
2059 2018-05-08  Brent Fulgham  <bfulgham@apple.com>
2060
2061         Switch some RELEASE_ASSERTS to plain debug ASSERTS in PlatformScreenMac.mm
2062         https://bugs.webkit.org/show_bug.cgi?id=185451
2063         <rdar://problem/39620348>
2064
2065         Reviewed by Zalan Bujtas.
2066
2067         Change a set of RELEASE_ASSERTS used to prevent accessing NSScreen related functions in the
2068         PlatformScreenMac implementation to less expensive Debug ASSERTS.
2069
2070         No change in behavior.
2071
2072         * platform/mac/PlatformScreenMac.mm:
2073         (WebCore::screenHasInvertedColors):
2074         (WebCore::screenDepth):
2075         (WebCore::screenDepthPerComponent):
2076         (WebCore::screenRectForDisplay):
2077         (WebCore::screenRect):
2078         (WebCore::screenAvailableRect):
2079         (WebCore::screenColorSpace):
2080         (WebCore::screenSupportsExtendedColor):
2081
2082 2018-05-08  Daniel Bates  <dabates@apple.com>
2083
2084         Resign Strong Password appearance when text field value changes
2085         https://bugs.webkit.org/show_bug.cgi?id=185433
2086         <rdar://problem/39958508>
2087
2088         Reviewed by Ryosuke Niwa.
2089
2090         Remove the Strong Password decoration when the text field's value changes to avoid interfering
2091         with web sites that allow a person to clear the password field.
2092
2093         Tests: fast/forms/auto-fill-button/auto-fill-strong-password-button-when-maxlength-changes.html
2094                fast/forms/auto-fill-button/auto-fill-strong-password-button-when-minlength-changes.html
2095                fast/forms/auto-fill-button/hide-auto-fill-strong-password-button-when-value-changes.html
2096
2097         * html/HTMLInputElement.cpp:
2098         (WebCore::HTMLInputElement::resignStrongPasswordAppearance): Extracted from HTMLInputElement::updateType().
2099         (WebCore::HTMLInputElement::updateType): Extract out logic to resign the Strong Password appearance
2100         into a function that can be shared by this function and HTMLInputElement::setValue().
2101         (WebCore::HTMLInputElement::setValue): Resign the Strong Password appearance if this field was
2102         changed programmatically (i.e. no DOM change event was dispatched).
2103         * html/HTMLInputElement.h:
2104
2105 2018-05-08  Jer Noble  <jer.noble@apple.com>
2106
2107         Unreviewed build fix; add missing function definition.
2108
2109         * html/HTMLMediaElement.h:
2110         (WebCore::HTMLMediaElement::didPassCORSAccessCheck const):
2111
2112 2018-05-08  Jer Noble  <jer.noble@apple.com>
2113
2114         Mute MediaElementSourceNode when tainted.
2115         https://bugs.webkit.org/show_bug.cgi?id=184866
2116
2117         Reviewed by Eric Carlson.
2118
2119         Test: http/tests/security/webaudio-render-remote-audio-blocked-no-crossorigin.html
2120
2121         * Modules/webaudio/AudioContext.cpp:
2122         (WebCore::AudioContext::wouldTaintOrigin const):
2123         * Modules/webaudio/AudioContext.h:
2124         * Modules/webaudio/MediaElementAudioSourceNode.cpp:
2125         (WebCore::MediaElementAudioSourceNode::setFormat):
2126         (WebCore::MediaElementAudioSourceNode::wouldTaintOrigin):
2127         (WebCore::MediaElementAudioSourceNode::process):
2128         * Modules/webaudio/MediaElementAudioSourceNode.h:
2129
2130 2018-05-08  Eric Carlson  <eric.carlson@apple.com>
2131
2132         Log rtcstats as JSON
2133         https://bugs.webkit.org/show_bug.cgi?id=185437
2134         <rdar://problem/40065332>
2135
2136         Reviewed by Youenn Fablet.
2137
2138         * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
2139         (WebCore::RTCStatsLogger::RTCStatsLogger): Create a wrapper class so we don't have to add a
2140         toJSONString method to libwebrtc.
2141         (WebCore::RTCStatsLogger::toJSONString const): Log stats as JSON.
2142         (WebCore::LibWebRTCMediaEndpoint::OnStatsDelivered): Don't use the LOGIDENTIFIER macro because
2143         it doesn't work well inside of a lambda.
2144         (WTF::LogArgument<WebCore::RTCStatsLogger>::toString): Move into .cpp file because it is only
2145         used here.
2146         * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.h:
2147         (WTF::LogArgument<webrtc::RTCStats>::toString): Deleted. Move to .cpp file.
2148
2149 2018-05-08  Dean Jackson  <dino@apple.com>
2150
2151         System Preview links should trigger a download
2152         https://bugs.webkit.org/show_bug.cgi?id=185439
2153         <rdar://problem/40065545>
2154
2155         Reviewed by Jon Lee.
2156
2157         Add a new field to FrameLoadRequest, which then is copied
2158         into ResourceRequest, identifying if the link clicked
2159         is a system preview.
2160
2161         * html/HTMLAnchorElement.cpp:
2162         (WebCore::HTMLAnchorElement::handleClick): Look for isSystemPreviewLink().
2163         * loader/FrameLoadRequest.cpp:
2164         (WebCore::FrameLoadRequest::FrameLoadRequest):
2165         * loader/FrameLoadRequest.h: New property.
2166         (WebCore::FrameLoadRequest::FrameLoadRequest):
2167         (WebCore::FrameLoadRequest::isSystemPreview const):
2168         * loader/FrameLoader.cpp:
2169         (WebCore::FrameLoader::urlSelected):
2170         (WebCore::FrameLoader::loadURL):
2171         * loader/FrameLoader.h:
2172         * platform/network/ResourceRequestBase.cpp:
2173         (WebCore::ResourceRequestBase::isSystemPreview const):
2174         (WebCore::ResourceRequestBase::setSystemPreview):
2175         * platform/network/ResourceRequestBase.h:
2176
2177 2018-05-08  Commit Queue  <commit-queue@webkit.org>
2178
2179         Unreviewed, rolling out r231491.
2180         https://bugs.webkit.org/show_bug.cgi?id=185434
2181
2182         Setting the Created key on a cookie does not work yet, due a
2183         bug in CFNetwork (Requested by ggaren on #webkit).
2184
2185         Reverted changeset:
2186
2187         "[WKHTTPCookieStore getAllCookies] returns inconsistent
2188         creation time"
2189         https://bugs.webkit.org/show_bug.cgi?id=185041
2190         https://trac.webkit.org/changeset/231491
2191
2192 2018-05-08  Sihui Liu  <sihui_liu@apple.com>
2193
2194         [WKHTTPCookieStore getAllCookies] returns inconsistent creation time
2195         https://bugs.webkit.org/show_bug.cgi?id=185041
2196         <rdar://problem/34684214>
2197
2198         Reviewed by Geoffrey Garen.
2199
2200         Set creationtime property when creating Cookie object to keep consistency after conversion.
2201
2202         New API test: WebKit.WKHTTPCookieStoreCreationTime.
2203
2204         * platform/network/cocoa/CookieCocoa.mm:
2205         (WebCore::Cookie::operator NSHTTPCookie * const):
2206
2207 2018-05-08  Eric Carlson  <eric.carlson@apple.com>
2208
2209         Text track cue logging should include cue text
2210         https://bugs.webkit.org/show_bug.cgi?id=185353
2211         <rdar://problem/40003565>
2212
2213         Reviewed by Brent Fulgham.
2214
2215         No new tests, tested manually.
2216
2217         * html/track/VTTCue.cpp:
2218         (WebCore::VTTCue::toJSON const):
2219         * platform/graphics/InbandTextTrackPrivateClient.h:
2220         (WebCore::GenericCueData::toJSONString const):
2221         * platform/graphics/iso/ISOVTTCue.cpp:
2222         (WebCore::ISOWebVTTCue::toJSONString const):
2223
2224 2018-05-08  Sam Weinig  <sam@webkit.org>
2225
2226         More cleanup of XMLHttpRequestUpload
2227         https://bugs.webkit.org/show_bug.cgi?id=185409
2228
2229         Reviewed by Alex Christensen.
2230
2231         - Remove unneeded #includes
2232         - Rename m_xmlHttpRequest to m_request
2233         - Make some overloaded some methods private, and mark them as final rather
2234           than override.
2235
2236         * xml/XMLHttpRequestUpload.cpp:
2237         (WebCore::XMLHttpRequestUpload::XMLHttpRequestUpload):
2238         * xml/XMLHttpRequestUpload.h:
2239
2240 2018-05-08  Zalan Bujtas  <zalan@apple.com>
2241
2242         [LFC] Start using BlockMarginCollapse
2243         https://bugs.webkit.org/show_bug.cgi?id=185424
2244
2245         Reviewed by Antti Koivisto.
2246
2247         BlockMarginCollapse could be all static.
2248
2249         * layout/blockformatting/BlockFormattingContext.cpp:
2250         (WebCore::Layout::BlockFormattingContext::marginTop const):
2251         (WebCore::Layout::BlockFormattingContext::marginBottom const):
2252         * layout/blockformatting/BlockMarginCollapse.cpp:
2253         (WebCore::Layout::isMarginTopCollapsedWithSibling):
2254         (WebCore::Layout::isMarginBottomCollapsedWithSibling):
2255         (WebCore::Layout::isMarginTopCollapsedWithParent):
2256         (WebCore::Layout::isMarginBottomCollapsedWithParent):
2257         (WebCore::Layout::collapsedMarginTopFromFirstChild):
2258         (WebCore::Layout::collapsedMarginBottomFromLastChild):
2259         (WebCore::Layout::nonCollapsedMarginTop):
2260         (WebCore::Layout::nonCollapsedMarginBottom):
2261         (WebCore::Layout::BlockMarginCollapse::marginTop):
2262         (WebCore::Layout::BlockMarginCollapse::marginBottom):
2263         (WebCore::Layout::BlockMarginCollapse::BlockMarginCollapse): Deleted.
2264         (WebCore::Layout::BlockMarginCollapse::marginTop const): Deleted.
2265         (WebCore::Layout::BlockMarginCollapse::marginBottom const): Deleted.
2266         (WebCore::Layout::BlockMarginCollapse::isMarginTopCollapsedWithSibling const): Deleted.
2267         (WebCore::Layout::BlockMarginCollapse::isMarginBottomCollapsedWithSibling const): Deleted.
2268         (WebCore::Layout::BlockMarginCollapse::isMarginTopCollapsedWithParent const): Deleted.
2269         (WebCore::Layout::BlockMarginCollapse::isMarginBottomCollapsedWithParent const): Deleted.
2270         (WebCore::Layout::BlockMarginCollapse::nonCollapsedMarginTop const): Deleted.
2271         (WebCore::Layout::BlockMarginCollapse::nonCollapsedMarginBottom const): Deleted.
2272         (WebCore::Layout::BlockMarginCollapse::collapsedMarginTopFromFirstChild const): Deleted.
2273         (WebCore::Layout::BlockMarginCollapse::collapsedMarginBottomFromLastChild const): Deleted.
2274         (WebCore::Layout::BlockMarginCollapse::hasAdjoiningMarginTopAndBottom const): Deleted.
2275         * layout/blockformatting/BlockMarginCollapse.h:
2276
2277 2018-05-08  Youenn Fablet  <youenn@apple.com>
2278
2279         Allow WebResourceLoader to cancel a load served from a service worker
2280         https://bugs.webkit.org/show_bug.cgi?id=185274
2281
2282         Reviewed by Chris Dumez.
2283
2284         Add support for cancelling a fetch from WebProcess to service worker process.
2285         Use FetchIdentifier instead of uint64_t.
2286
2287         * Modules/fetch/FetchIdentifier.h: Added.
2288         * WebCore.xcodeproj/project.pbxproj:
2289         * workers/service/context/ServiceWorkerFetch.h:
2290         * workers/service/context/ServiceWorkerThreadProxy.cpp:
2291         (WebCore::ServiceWorkerThreadProxy::startFetch):
2292         (WebCore::ServiceWorkerThreadProxy::cancelFetch):
2293         * workers/service/context/ServiceWorkerThreadProxy.h:
2294
2295 2018-05-08  Said Abou-Hallawa  <sabouhallawa@apple.com>
2296
2297         feTurbulence is not rendered correctly on Retina display
2298         https://bugs.webkit.org/show_bug.cgi?id=183798
2299
2300         Reviewed by Simon Fraser.
2301
2302         On 2x display the feTurbulence filter creates a scaled ImageBuffer but
2303         processes only the unscaled size. This is a remaining work of r168577 and
2304         is very similar to what was done for the feMorphology filter in r188271.
2305
2306         Test: fast/hidpi/filters-turbulence.html
2307
2308         * platform/graphics/filters/FETurbulence.cpp:
2309         (WebCore::FETurbulence::fillRegion const):
2310         (WebCore::FETurbulence::platformApplySoftware):
2311
2312 2018-05-07  Zalan Bujtas  <zalan@apple.com>
2313
2314         [LFC] Add FormattingContext::layoutOutOfFlowDescendants implementation
2315         https://bugs.webkit.org/show_bug.cgi?id=185377
2316
2317         Reviewed by Antti Koivisto.
2318
2319         Also, remove FormattingContext's m_layoutContext member and pass it in to ::layout() instead.
2320         In theory LayoutContext is needed only during ::layout() call. 
2321
2322         * layout/FormattingContext.cpp:
2323         (WebCore::Layout::FormattingContext::layoutOutOfFlowDescendants const):
2324         * layout/FormattingContext.h:
2325         (WebCore::Layout::FormattingContext::layoutContext const):
2326         * layout/LayoutContext.cpp:
2327         (WebCore::Layout::LayoutContext::updateLayout):
2328         * layout/blockformatting/BlockFormattingContext.cpp:
2329         (WebCore::Layout::BlockFormattingContext::layout const):
2330         * layout/blockformatting/BlockFormattingContext.h:
2331         * layout/inlineformatting/InlineFormattingContext.cpp:
2332         (WebCore::Layout::InlineFormattingContext::layout const):
2333         * layout/inlineformatting/InlineFormattingContext.h:
2334
2335 2018-05-07  Daniel Bates  <dabates@apple.com>
2336
2337         Check X-Frame-Options and CSP frame-ancestors in network process
2338         https://bugs.webkit.org/show_bug.cgi?id=185410
2339         <rdar://problem/37733934>
2340
2341         Reviewed by Ryosuke Niwa.
2342
2343         * WebCore.xcodeproj/project.pbxproj: Make PingLoader.h a private header so that we can include it in WebKit.
2344         * loader/DocumentLoader.cpp:
2345         (WebCore::DocumentLoader::responseReceived): Only check CSP frame-ancestors and X-Frame-Options here if
2346         we are not checking them in the NetworkProcess and HTTP response access is restricted. I code is otherwise kept
2347         unchanged. There may be opportunities to clean this code up more and share more of it. We should look into this
2348         in subsequent bugs.
2349         * loader/DocumentLoader.h: Change visibility of stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() from
2350         private to public and export it so that we can call it from the WebKit.
2351         * loader/PingLoader.h:
2352         * page/Settings.yaml: Add a new setting called networkProcessCSPFrameAncestorsCheckingEnabled (defaults: false)
2353         and is hardcoded in WebPage.cpp to be enabled. This setting is used to determine if we will be using the NetworkProcess.
2354         Ideally we wouldn't have this setting and just key off RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess().
2355         However RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess() is always enabled in WebKit Legacy
2356         at the time of writing (why?). And, strangely, RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess()
2357         is conditionally enabled in WebKit. For now, we add a new setting, networkProcessCSPFrameAncestorsCheckingEnabled,
2358         to determine if CSP checking should be performed in NetworkProcess. For checking to actually happen in NetworkProcess
2359         and not in DocumentLoader::responseReceived() RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess()
2360         will also need to be enabled.
2361         * page/csp/ContentSecurityPolicy.cpp:
2362         (WebCore::ContentSecurityPolicy::allowFrameAncestors const): Added a variant that takes a vector of ancestor origins.
2363         * page/csp/ContentSecurityPolicy.h:
2364         * page/csp/ContentSecurityPolicyDirectiveList.cpp:
2365         (WebCore::checkFrameAncestors): Ditto.
2366         (WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForFrameAncestorOrigins const): Ditto.
2367         * page/csp/ContentSecurityPolicyDirectiveList.h: Export constructor so that we can invoke it from NetworkResourceLoader::shouldInterruptLoadForCSPFrameAncestorsOrXFrameOptions().
2368         * page/csp/ContentSecurityPolicyResponseHeaders.h:
2369         * platform/network/HTTPParsers.h: Export XFrameOptionsDisposition() so that we can use in WebKit.
2370
2371 2018-05-07  Daniel Bates  <dabates@apple.com>
2372
2373         Abstract logic to log console messages and send CSP violation reports into a client
2374         https://bugs.webkit.org/show_bug.cgi?id=185393
2375         <rdar://problem/40036053>
2376
2377         Reviewed by Brent Fulgham.
2378
2379         First pass at adding infrastructure to supporting CSP reporting from NetworkProcess and workers.
2380         Replaces the existing ContentSecurityPolicy constructor that takes a Frame with one that
2381         takes a ContentSecurityPolicyClient to delegate to for logging and sending reports. We will look
2382         to remove ContentSecurityPolicy constructor that takes a ScriptExecutionContext in a follow up.
2383
2384         Standardize on instantiating a ContentSecurityPolicy with the full URL to resource that it protects
2385         instead of taking only the SecurityOrigin of this URL. By taking the full URL the ContentSecurityPolicy
2386         object is now capable of resolving a relative report URL without needing a Document/ScriptExecutionContext.
2387
2388         We are underutilizing the CSPInfo struct and ContentSecurityPolicyClient::willSendCSPViolationReport()
2389         delegate callback in this patch. We will make use of this functionality in a subsequent patch to
2390         support collecting script state (e.g. source line number) when reporting CSP violations in worker
2391         threads. We also no longer go through the unnecessary motions to try to collect script state for a
2392         frame-ancestors violation (since DocumentLoader extends ContentSecurityPolicyClient and does not
2393         implement ContentSecurityPolicyClient::willSendCSPViolationReport()). The frame-ancestors directive
2394         is checked before a document is parsed and executes script; => there will never be any script state
2395         to collect; => it is not necessary to try to collect it as we currently do.
2396
2397         * Sources.txt: Add file ContentSecurityPolicyClient.cpp. See the remarks for ContentSecurityPolicyClient.cpp
2398         below on why we have this file.
2399         * WebCore.xcodeproj/project.pbxproj: Add files ContentSecurityPolicyClient.{h, cpp}.
2400         * dom/Document.cpp:
2401         (WebCore::Document::initSecurityContext): Pass the URL of the protected document.
2402         * loader/DocumentLoader.cpp:
2403         (WebCore::DocumentLoader::responseReceived): Ditto.
2404         (WebCore::DocumentLoader::addConsoleMessage): Added.
2405         (WebCore::DocumentLoader::sendCSPViolationReport): Added.
2406         (WebCore::DocumentLoader::dispatchSecurityPolicyViolationEvent): Added.
2407         * loader/DocumentLoader.h:
2408         * loader/FrameLoaderClient.h: Fix typo in comment.
2409         * loader/WorkerThreadableLoader.cpp:
2410         (WebCore::WorkerThreadableLoader::MainThreadBridge::MainThreadBridge): Pass the URL of the worker script.
2411         * page/csp/ContentSecurityPolicy.cpp:
2412         (WebCore::ContentSecurityPolicy::ContentSecurityPolicy): Added overload that takes a URL&& and an optional
2413         ContentSecurityPolicyClient*.
2414         (WebCore::ContentSecurityPolicy::deprecatedURLForReporting const): Extracted and simplified stripURLForUseInReport()
2415         into this member function.
2416         (WebCore::ContentSecurityPolicy::reportViolation const): Modified to make use of the client, if we have
2417         one and removed code for handling a ContentSecurityPolicy that was instantiated with a Frame.
2418         (WebCore::ContentSecurityPolicy::logToConsole const): Ditto.
2419         (WebCore::stripURLForUseInReport): Deleted; incorporated into ContentSecurityPolicy::deprecatedURLForReporting().
2420         * page/csp/ContentSecurityPolicy.h:
2421         * page/csp/ContentSecurityPolicyClient.cpp: Added. This file exists so that we can define the virtual
2422         destructor out-of-line and export this abstract class so as to avoid the need for the vtable to be
2423         defined in the translation unit of each derived class.
2424         * page/csp/ContentSecurityPolicyClient.h: Added.
2425         * page/csp/ContentSecurityPolicySource.cpp:
2426         (WebCore::ContentSecurityPolicySource::operator SecurityOriginData const): Added.
2427         * page/csp/ContentSecurityPolicySource.h:
2428         * workers/WorkerGlobalScope.cpp:
2429         (WebCore::WorkerGlobalScope::WorkerGlobalScope): Instantiate the ContentSecurityPolicy object with the
2430         URL of the worker script.
2431
2432 2018-05-07  Simon Fraser  <simon.fraser@apple.com>
2433
2434         CSS filters which reference SVG filters fail to respect the "color-interpolation-filters" of the filter
2435         https://bugs.webkit.org/show_bug.cgi?id=185343
2436
2437         Reviewed by Dean Jackson.
2438
2439         Test: css3/filters/color-interpolation-filters.html
2440         
2441         When applying CSS reference filters, apply the value of "color-interpolation-filters" for the
2442         referenced filter effect element, just as we do for SVG filters.
2443
2444         * rendering/FilterEffectRenderer.cpp:
2445         (WebCore::FilterEffectRenderer::buildReferenceFilter):
2446
2447 2018-05-07  Daniel Bates  <dabates@apple.com>
2448
2449         CSP status-code incorrect for document blocked due to violation of its frame-ancestors directive
2450         https://bugs.webkit.org/show_bug.cgi?id=185366
2451         <rdar://problem/40035116>
2452
2453         Reviewed by Brent Fulgham.
2454
2455         Fixes an issue where the status-code in the sent CSP report for an HTTP document blocked because
2456         its frame-ancestors directive was violated would be the status code of the previously loaded
2457         document in the frame. If the previously loaded document was about:blank then this would be 0.
2458
2459         Currently whenever we send a CSP report we ask the document's loader (Document::loader()) for the
2460         HTTP status code for the last response. Document::loader() returns the loader for the last committed
2461         document its frame. For a frame-ancestors violation, a CSP report is sent before the document
2462         that had the frame-ancestors directive has been committed and after it has been associate with a frame.
2463         As a result we are in are in a transient transition state for the frame and hence the last response
2464         for new document's loader (Document::loader()) is actually the last response of the previously loaded
2465         document in the frame. Instead we need to take care to tell CSP about the HTTP status code for the
2466         response associated with the document the CSP came from.
2467
2468         * dom/Document.cpp:
2469         (WebCore::Document::processHttpEquiv):
2470         (WebCore::Document::initSecurityContext):
2471         Pass the HTTP status code to CSP.
2472
2473         * page/csp/ContentSecurityPolicy.cpp:
2474         (WebCore::ContentSecurityPolicy::copyStateFrom):
2475         (WebCore::ContentSecurityPolicy::responseHeaders const):
2476         (WebCore::ContentSecurityPolicy::didReceiveHeaders):
2477         (WebCore::ContentSecurityPolicy::didReceiveHeader):
2478         (WebCore::ContentSecurityPolicy::reportViolation const):
2479         * page/csp/ContentSecurityPolicy.h:
2480         Modify existing functions to take the HTTP status code, store it in a instance variable,
2481         and reference this variable when reporting a violation.
2482
2483         * page/csp/ContentSecurityPolicyResponseHeaders.cpp:
2484         (WebCore::ContentSecurityPolicyResponseHeaders::ContentSecurityPolicyResponseHeaders):
2485         (WebCore::ContentSecurityPolicyResponseHeaders::isolatedCopy const):
2486         * page/csp/ContentSecurityPolicyResponseHeaders.h:
2487         (WebCore::ContentSecurityPolicyResponseHeaders::encode const):
2488         (WebCore::ContentSecurityPolicyResponseHeaders::decode):
2489         Store the HTTP status code along with the response headers.
2490
2491 2018-05-07  Daniel Bates  <dabates@apple.com>
2492
2493         CSP referrer incorrect for document blocked due to violation of its frame-ancestors directive
2494         https://bugs.webkit.org/show_bug.cgi?id=185380
2495
2496         Reviewed by Brent Fulgham.
2497
2498         Similar to <https://bugs.webkit.org/show_bug.cgi?id=185366>, fixes an issue where the referrer
2499         in the sent CSP report for an HTTP document blocked because its frame-ancestors directive was
2500         violated would be the referrer of the previously loaded document in the frame.
2501
2502         Currently whenever we send a CSP report we ask the document's loader (Document::loader()) for
2503         the referrer for the last request. Document::loader() returns the loader for the last committed
2504         document in its frame. For a frame-ancestors violation, a CSP report is sent before the document
2505         that had the frame-ancestors directive has been committed and after it has been associate with a
2506         frame. As a result we are in a transient transition state for the frame and hence the last request
2507         for the new document's loader (Document::loader()) is actually the last request of the previously
2508         loaded document in the frame. Instead we need to take care to tell CSP about the referrer for the
2509         request associated with the document the CSP came from.
2510
2511         * loader/DocumentLoader.cpp:
2512         (WebCore::DocumentLoader::responseReceived):
2513
2514 2018-05-07  Brent Fulgham  <bfulgham@apple.com>
2515
2516         Add experimental feature to prompt for Storage Access API use
2517         https://bugs.webkit.org/show_bug.cgi?id=185335
2518         <rdar://problem/39994649>
2519
2520         Reviewed by Alex Christensen and Youenn Fablet.
2521
2522         Create a new experimental feature that gates the ability of WebKit clients to prompt the user when
2523         Storage Access API is invoked.
2524
2525         Currently this feature doesn't have any user-visible impact.
2526
2527         * page/RuntimeEnabledFeatures.h:
2528         (WebCore::RuntimeEnabledFeatures::setStorageAccessPromptsEnabled):
2529         (WebCore::RuntimeEnabledFeatures::storageAccessPromptsEnabled const):
2530         * testing/InternalSettings.cpp:
2531         (WebCore::InternalSettings::Backup::Backup):
2532         (WebCore::InternalSettings::Backup::restoreTo):
2533         (WebCore::InternalSettings::setStorageAccessPromptsEnabled):
2534         * testing/InternalSettings.h:
2535         * testing/InternalSettings.idl:
2536
2537 2018-05-07  Chris Dumez  <cdumez@apple.com>
2538
2539         Stop using an iframe's id as fallback if its name attribute is not set
2540         https://bugs.webkit.org/show_bug.cgi?id=11388
2541
2542         Reviewed by Geoff Garen.
2543
2544         WebKit had logic to use an iframe's id as fallback name when its name
2545         content attribute is not set. This behavior was not standard and did not
2546         match other browsers:
2547         - https://html.spec.whatwg.org/#attr-iframe-name
2548
2549         Gecko / Trident never behaved this way. Blink was aligned with us until
2550         they started to match the specification in:
2551         - https://bugs.chromium.org/p/chromium/issues/detail?id=347169
2552
2553         This WebKit quirk was causing some Web-compatibility issues because it
2554         would affect the behavior of Window's name property getter when trying
2555         to look up an iframe by id. Because of Window's named property getter
2556         behavior [1], we would return the frame's contentWindow instead of the
2557         iframe element itself.
2558
2559         [1] https://html.spec.whatwg.org/multipage/window-object.html#named-access-on-the-window-object
2560
2561         Test: fast/dom/Window/named-getter-frame-id.html
2562
2563         * html/HTMLFrameElementBase.cpp:
2564         (WebCore::HTMLFrameElementBase::openURL):
2565         (WebCore::HTMLFrameElementBase::parseAttribute):
2566         (WebCore::HTMLFrameElementBase::didFinishInsertingNode):
2567         * html/HTMLFrameElementBase.h:
2568
2569 2018-05-07  Chris Dumez  <cdumez@apple.com>
2570
2571         ASSERT(!childItemWithTarget(child->target())) is hit in HistoryItem::addChildItem()
2572         https://bugs.webkit.org/show_bug.cgi?id=185322
2573
2574         Reviewed by Geoff Garen.
2575
2576         We generate unique names for Frame to be used in HistoryItem. Those names not only
2577         need to be unique, they also need to be repeatable to avoid layout tests flakiness
2578         and for things like restoring form state from a HistoryItem.
2579
2580         The previously generated frame names were relying on the Frame's index among a
2581         parent Frame's children. The issue was that we could end up with duplicate names
2582         because one could insert a Frame *before* an existing one. This is because the code
2583         would not take care of updating existing Frames' unique name on frame tree mutation.
2584
2585         Updating frame tree names on mutation would be inefficient and is also not necessary.
2586         The approach chosen in this patch is to stop using the Frame's index and instead rely
2587         on an increasing counter stored on the top-frame's FrameTree. To make the names
2588         repeatable, we reset the counter on page navigation.
2589
2590         * page/Frame.cpp:
2591         (WebCore::Frame::setDocument):
2592         * page/FrameTree.cpp:
2593         (WebCore::FrameTree::uniqueChildName const):
2594         (WebCore::FrameTree::generateUniqueName const):
2595         * page/FrameTree.h:
2596         (WebCore::FrameTree::resetFrameIdentifiers):
2597
2598 2018-05-07  Yacine Bandou  <yacine.bandou_ext@softathome.com>
2599
2600         [EME][GStreamer] Fix wrong subsample parsing on r227067
2601         https://bugs.webkit.org/show_bug.cgi?id=185382
2602
2603         Reviewed by Philippe Normand.
2604
2605         The initialization of sampleIndex should be moved outside of the loop.
2606         Without this patch we will have a bad log and the check of the subsample
2607         count will be useless.
2608
2609         * platform/graphics/gstreamer/eme/WebKitClearKeyDecryptorGStreamer.cpp:
2610         (webKitMediaClearKeyDecryptorDecrypt):
2611
2612 2018-05-07  Daniel Bates  <dabates@apple.com>
2613
2614         CSP should be passed the referrer
2615         https://bugs.webkit.org/show_bug.cgi?id=185367
2616
2617         Reviewed by Per Arne Vollan.
2618
2619         As a step towards formalizing a CSP delegate object and removing the dependencies
2620         on ScriptExecutionContext and Frame, we should pass the document's referrer directly
2621         instead of indirectly obtaining it from the ScriptExecutionContext or Frame used
2622         to instantiate the ContentSecurityPolicy object.
2623
2624         * dom/Document.cpp:
2625         (WebCore::Document::processHttpEquiv): Pass the document's referrer.
2626         (WebCore::Document::initSecurityContext): Ditto.
2627         (WebCore::Document::applyQuickLookSandbox): Ditto.
2628         * loader/DocumentLoader.cpp:
2629         (WebCore::DocumentLoader::responseReceived): Ditto.
2630         * loader/FrameLoader.cpp:
2631         (WebCore::FrameLoader::didBeginDocument): Ditto.
2632         * page/csp/ContentSecurityPolicy.cpp:
2633         (WebCore::ContentSecurityPolicy::copyStateFrom): We pass a null string for the referrer
2634         to didReceiveHeader() as a placeholder since it requires the referrer be given to it. We
2635         fix up the referrer (m_referrer) after copying all the policy headers.
2636         (WebCore::ContentSecurityPolicy::didReceiveHeaders): Ditto.
2637         (WebCore::ContentSecurityPolicy::didReceiveHeader): Modified to take a referrer and WTFMove()s
2638         it into an instance variable (m_referrer).
2639         (WebCore::ContentSecurityPolicy::reportViolation const): Modified to use the stored referrer.
2640         * page/csp/ContentSecurityPolicy.h:
2641         * workers/WorkerGlobalScope.cpp:
2642         (WebCore::WorkerGlobalScope::applyContentSecurityPolicyResponseHeaders): Pass a null string
2643         for the referrer as a worker does not have a referrer.
2644
2645 2018-05-07  Daniel Bates  <dabates@apple.com>
2646
2647         CSP should only notify Inspector to pause the debugger on the first policy to violate a directive
2648         https://bugs.webkit.org/show_bug.cgi?id=185364
2649
2650         Reviewed by Brent Fulgham.
2651
2652         Notify Web Inspector that a script was blocked on the first enforced CSP policy that it
2653         violates.
2654
2655         A page can have more than one enforced Content Security Policy. Currently for inline
2656         scripts, inline event handlers, JavaScript URLs, and eval() that are blocked by CSP
2657         we notify Web Inspector that it was blocked for each CSP policy that blocked it. When
2658         Web Inspector is notified it pauses script execution. It does not seem very meaningful
2659         to pause script execution on the same script for each CSP policy that blocked it.
2660         Therefore, only tell Web Inspector that a script was blocked for the first enforced CSP
2661         policy that blocked it.
2662
2663         * page/csp/ContentSecurityPolicy.cpp:
2664         (WebCore::ContentSecurityPolicy::allowJavaScriptURLs const):
2665         (WebCore::ContentSecurityPolicy::allowInlineEventHandlers const):
2666         (WebCore::ContentSecurityPolicy::allowInlineScript const):
2667         (WebCore::ContentSecurityPolicy::allowEval const):
2668
2669 2018-05-07  Daniel Bates  <dabates@apple.com>
2670
2671         Substitute CrossOriginPreflightResultCache::clear() for CrossOriginPreflightResultCache::empty()
2672         https://bugs.webkit.org/show_bug.cgi?id=185170
2673
2674         Reviewed by Per Arne Vollan.
2675
2676         Rename CrossOriginPreflightResultCache::empty() to CrossOriginPreflightResultCache::clear() make
2677         it consistent with the terminology we use in WebKit to signify a function that clears a collection.
2678         A member function named "empty" is expected to return an instance of a class in its "empty state".
2679         For example, StringImpl::empty() returns a StringImpl instance that represents the empty string.
2680         However CrossOriginPreflightResultCache::empty() clears out the cache in-place. We should rename
2681         this function to better describe its purpose.
2682
2683         * loader/CrossOriginPreflightResultCache.cpp:
2684         (WebCore::CrossOriginPreflightResultCache::clear):
2685         (WebCore::CrossOriginPreflightResultCache::empty): Deleted.
2686         * loader/CrossOriginPreflightResultCache.h:
2687
2688 2018-05-06  Dean Jackson  <dino@apple.com>
2689
2690         WebGL: Reset simulated values after validation fails
2691         https://bugs.webkit.org/show_bug.cgi?id=185363
2692         <rdar://problem/39733417>
2693
2694         Reviewed by Anders Carlsson.
2695
2696         While fixing a previous bug, I forgot to reset some values
2697         when validation fails. This caused a bug where a subsequent
2698         invalid call might use those values and escape detection.
2699
2700         Test: fast/canvas/webgl/index-validation-with-subsequent-draws.html
2701
2702         * html/canvas/WebGLRenderingContextBase.cpp:
2703         (WebCore::WebGLRenderingContextBase::simulateVertexAttrib0): Reset the
2704         sizes when validation fails.
2705         * html/canvas/WebGLRenderingContextBase.h:
2706
2707 2018-05-07  Ms2ger  <Ms2ger@igalia.com>
2708
2709         Support negative sw/sh values in createImageBitmap().
2710         https://bugs.webkit.org/show_bug.cgi?id=184449
2711
2712         Reviewed by Dean Jackson.
2713
2714         Tests: LayoutTests/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-drawImage.html
2715                LayoutTests/http/wpt/2dcontext/imagebitmap/createImageBitmap.html
2716
2717         * html/ImageBitmap.cpp:
2718         (WebCore::ImageBitmap::createPromise): handle negative values per spec.
2719
2720 2018-05-07  Brian Burg  <bburg@apple.com>
2721
2722         Web Inspector: opt out of process swap on navigation if a Web Inspector frontend is connected
2723         https://bugs.webkit.org/show_bug.cgi?id=184861
2724         <rdar://problem/39153768>
2725
2726         Reviewed by Timothy Hatcher.
2727
2728         Notify the client of the current connection count whenever a frontend connects or disconnects.
2729
2730         Covered by new API test.
2731
2732         * inspector/InspectorClient.h:
2733         (WebCore::InspectorClient::frontendCountChanged):
2734         * inspector/InspectorController.cpp:
2735         (WebCore::InspectorController::connectFrontend):
2736         (WebCore::InspectorController::disconnectFrontend):
2737         (WebCore::InspectorController::disconnectAllFrontends):
2738         * inspector/InspectorController.h:
2739
2740 2018-05-07  Eric Carlson  <eric.carlson@apple.com>
2741
2742         Text track cue logging should include cue text
2743         https://bugs.webkit.org/show_bug.cgi?id=185353
2744         <rdar://problem/40003565>
2745
2746         Reviewed by Youenn Fablet.
2747
2748         No new tests, tested manually.
2749
2750         * html/track/VTTCue.cpp:
2751         (WebCore::VTTCue::toJSONString const): Use toJSON.
2752         (WebCore::VTTCue::toJSON const): New.
2753         * html/track/VTTCue.h:
2754
2755         * platform/graphics/InbandTextTrackPrivateClient.h:
2756         (WebCore::GenericCueData::toJSONString const): Log m_content.
2757
2758         * platform/graphics/iso/ISOVTTCue.cpp:
2759         (WebCore::ISOWebVTTCue::toJSONString const): Log m_cueText.
2760
2761 2018-05-06  Zalan Bujtas  <zalan@apple.com>
2762
2763         [LFC] Add assertions for stale Display::Box geometry
2764         https://bugs.webkit.org/show_bug.cgi?id=185357
2765
2766         Reviewed by Antti Koivisto.
2767
2768         Ensure that we don't access stale geometry of other boxes during layout.
2769         For example, in order to layout a block child we need the containing block's content box top/left and width (but not the height)
2770
2771         * layout/displaytree/DisplayBox.h:
2772         (WebCore::Display::Box::invalidateTop):
2773         (WebCore::Display::Box::invalidateLeft):
2774         (WebCore::Display::Box::invalidateWidth):
2775         (WebCore::Display::Box::invalidateHeight):
2776         (WebCore::Display::Box::hasValidPosition const):
2777         (WebCore::Display::Box::hasValidSize const):
2778         (WebCore::Display::Box::hasValidGeometry const):
2779         (WebCore::Display::Box::invalidatePosition):
2780         (WebCore::Display::Box::invalidateSize):
2781         (WebCore::Display::Box::setHasValidPosition):
2782         (WebCore::Display::Box::setHasValidSize):
2783         (WebCore::Display::Box::setHasValidGeometry):
2784         (WebCore::Display::Box::rect const):
2785         (WebCore::Display::Box::top const):
2786         (WebCore::Display::Box::left const):
2787         (WebCore::Display::Box::bottom const):
2788         (WebCore::Display::Box::right const):
2789         (WebCore::Display::Box::topLeft const):
2790         (WebCore::Display::Box::bottomRight const):
2791         (WebCore::Display::Box::size const):
2792         (WebCore::Display::Box::width const):
2793         (WebCore::Display::Box::height const):
2794         (WebCore::Display::Box::setRect):
2795         (WebCore::Display::Box::setTopLeft):
2796         (WebCore::Display::Box::setTop):
2797         (WebCore::Display::Box::setLeft):
2798         (WebCore::Display::Box::setSize):
2799         (WebCore::Display::Box::setWidth):
2800         (WebCore::Display::Box::setHeight):
2801
2802 2018-05-06  Zalan Bujtas  <zalan@apple.com>
2803
2804         [LFC] Add BlockFormattingContext::computeStaticPosition
2805         https://bugs.webkit.org/show_bug.cgi?id=185352
2806
2807         Reviewed by Antti Koivisto.
2808
2809         This is the core logic for positioning inflow boxes in a block formatting context (very naive though).
2810
2811         * layout/blockformatting/BlockFormattingContext.cpp:
2812         (WebCore::Layout::BlockFormattingContext::computeStaticPosition const):
2813         * layout/displaytree/DisplayBox.h:
2814
2815 2018-05-05  Sam Weinig  <sam@webkit.org>
2816
2817         Cleanup XMLHttpRequestUpload a little
2818         https://bugs.webkit.org/show_bug.cgi?id=185344
2819
2820         Reviewed by Yusuke Suzuki.
2821
2822         * bindings/js/JSXMLHttpRequestCustom.cpp:
2823         (WebCore::JSXMLHttpRequest::visitAdditionalChildren):
2824         Use auto to reduce redundancy.
2825
2826         * xml/XMLHttpRequest.cpp:
2827         (WebCore::XMLHttpRequest::upload):
2828         * xml/XMLHttpRequest.h:
2829         Switch upload() to return a reference.
2830         
2831         * xml/XMLHttpRequestUpload.cpp:
2832         (WebCore::XMLHttpRequestUpload::XMLHttpRequestUpload):
2833         (WebCore::XMLHttpRequestUpload::dispatchProgressEvent):
2834         * xml/XMLHttpRequestUpload.h:
2835         Cleanup formatting, modernize and switch XMLHttpRequest member from a pointer
2836         to a reference.
2837
2838 2018-05-05  Dean Jackson  <dino@apple.com>
2839
2840         Draw a drop-shadow behind the system preview badge
2841         https://bugs.webkit.org/show_bug.cgi?id=185356
2842         <rdar://problem/40004936>
2843
2844         Reviewed by Wenson Hsieh.
2845
2846         Draw a very subtle drop-shadow under the system
2847         preview badge so that it is more visible on a pure
2848         white background.
2849
2850         I also moved some code around to make it more clear
2851         and improved comments.
2852
2853         * rendering/RenderThemeIOS.mm:
2854         (WebCore::RenderThemeIOS::paintSystemPreviewBadge):
2855
2856 2018-05-04  Wenson Hsieh  <wenson_hsieh@apple.com>
2857
2858         [iOS] Multiple links in Mail are dropped in a single line, and are difficult to tell apart
2859         https://bugs.webkit.org/show_bug.cgi?id=185289
2860         <rdar://problem/35756912>
2861
2862         Reviewed by Tim Horton and Darin Adler.
2863
2864         When inserting multiple URLs as individual items in a single drop, we currently separate each item with a space
2865         (see r217284). However, it still seems difficult to tell dropped links apart. This patch makes some slight
2866         tweaks to WebContentReader::readURL so that it inserts line breaks before dropped URLs, if the dropped URL isn't
2867         the first item to be inserted in the resulting document fragment.
2868
2869         Augments existing API tests in DataInteractionTests.
2870
2871         * editing/ios/WebContentReaderIOS.mm:
2872
2873         Additionally remove some extraneous header imports from this implementation file.
2874
2875         (WebCore::WebContentReader::readURL):
2876
2877 2018-05-02  Dean Jackson  <dino@apple.com>
2878
2879         Use IOSurfaces for CoreImage operations where possible
2880         https://bugs.webkit.org/show_bug.cgi?id=185230
2881         <rdar://problem/39926929>
2882
2883         Reviewed by Jon Lee.
2884
2885         On iOS hardware, we can use IOSurfaces as a rendering destination
2886         for CoreImage, which means we're keeping data on the GPU
2887         for rendering.
2888
2889         As a drive-by fix, I used a convenience method for Gaussian blurs.
2890
2891         * rendering/RenderThemeIOS.mm:
2892         (WebCore::RenderThemeIOS::paintSystemPreviewBadge):
2893
2894 2018-05-04  Tim Horton  <timothy_horton@apple.com>
2895
2896         Shift to a lower-level framework for simplifying URLs
2897         https://bugs.webkit.org/show_bug.cgi?id=185334
2898
2899         Reviewed by Dan Bernstein.
2900
2901         * Configurations/WebCore.xcconfig:
2902         * platform/mac/DragImageMac.mm:
2903         (WebCore::LinkImageLayout::LinkImageLayout):
2904
2905 2018-05-03  Ryosuke Niwa  <rniwa@webkit.org>
2906
2907         Release assert in ScriptController::canExecuteScripts via HTMLMediaElement::~HTMLMediaElement()
2908         https://bugs.webkit.org/show_bug.cgi?id=185288
2909
2910         Reviewed by Jer Noble.
2911
2912         The crash is caused by HTMLMediaElement::~HTMLMediaElement canceling the resource load via CachedResource
2913         which ends up calling FrameLoader::checkCompleted() and fire load event on the document synchronously.
2914         Speculatively fix the crash by scheduling the check instead.
2915
2916         In long term, ResourceLoader::cancel should never fire load event synchronously: webkit.org/b/185284.
2917
2918         Unfortunately, no new tests since I can't get MediaResource to get destructed at the right time.
2919
2920         * html/HTMLMediaElement.cpp:
2921         (WebCore::HTMLMediaElement::isRunningDestructor): Added to detect this specific case.
2922         (WebCore::HTMLMediaElementDestructorScope): Added.
2923         (WebCore::HTMLMediaElementDestructorScope::HTMLMediaElementDestructorScope): Added.
2924         (WebCore::HTMLMediaElementDestructorScope::~HTMLMediaElementDestructorScope): Added.
2925         (WebCore::HTMLMediaElement::~HTMLMediaElement): Instantiate HTMLMediaElement.
2926         * html/HTMLMediaElement.h:
2927         * loader/FrameLoader.cpp:
2928         (WebCore::FrameLoader::checkCompleted): Call scheduleCheckCompleted instead of synchronously calling
2929         checkCompleted if we're in the middle of destructing a HTMLMediaElement.
2930
2931 2018-05-04  Ryosuke Niwa  <rniwa@webkit.org>
2932
2933         Rename DocumentOrderedMap to TreeScopeOrderedMap
2934         https://bugs.webkit.org/show_bug.cgi?id=185290
2935
2936         Reviewed by Zalan Bujtas.
2937
2938         Renamed the class since it's almost always a mistake to use this class as a member variable of Document.
2939
2940         * Sources.txt:
2941         * WebCore.xcodeproj/project.pbxproj:
2942         * dom/MouseRelatedEvent.cpp: Include the forgotten DOMWindow.h. Unified build files bit us here.
2943         * dom/TreeScope.cpp:
2944         (WebCore::TreeScope::addElementById):
2945         (WebCore::TreeScope::addElementByName):
2946         (WebCore::TreeScope::addImageMap):
2947         (WebCore::TreeScope::addImageElementByUsemap):
2948         (WebCore::TreeScope::labelElementForId):
2949         * dom/TreeScope.h:
2950         * dom/TreeScopeOrderedMap.cpp: Renamed from DocumentOrderedMap.cpp
2951         * dom/TreeScopeOrderedMap.h: Renamed from DocumentOrderedMap.h
2952         * html/HTMLDocument.h:
2953
2954 2018-05-04  Don Olmstead  <don.olmstead@sony.com>
2955
2956         [Win][WebKit] Fix forwarding headers for Windows build
2957         https://bugs.webkit.org/show_bug.cgi?id=184412
2958
2959         Reviewed by Alex Christensen.
2960
2961         No new tests. No change in behavior.
2962
2963         * PlatformWin.cmake:
2964
2965 2018-05-04  Zalan Bujtas  <zalan@apple.com>
2966
2967         [Simple line layout] Add support for line layout box generation with multiple text renderers.
2968         https://bugs.webkit.org/show_bug.cgi?id=185276
2969
2970         Reviewed by Antti Koivisto.
2971
2972         Covered by existing tests.
2973
2974         * rendering/SimpleLineLayoutFunctions.cpp:
2975         (WebCore::SimpleLineLayout::canUseForLineBoxTree):
2976         (WebCore::SimpleLineLayout::generateLineBoxTree):
2977         * rendering/SimpleLineLayoutResolver.cpp:
2978         (WebCore::SimpleLineLayout::RunResolver::Run::renderer const):
2979         (WebCore::SimpleLineLayout::RunResolver::Run::localStart const):
2980         (WebCore::SimpleLineLayout::RunResolver::Run::localEnd const):
2981         * rendering/SimpleLineLayoutResolver.h:
2982
2983 2018-05-04  Timothy Hatcher  <timothy@apple.com>
2984
2985         Deprecate legacy WebView and friends
2986         https://bugs.webkit.org/show_bug.cgi?id=185279
2987         rdar://problem/33268700
2988
2989         Reviewed by Tim Horton.
2990
2991         * Configurations/WebCore.xcconfig:
2992         Added BUILDING_WEBKIT define to disable the deprecation macros.
2993         * bridge/objc/WebScriptObject.h:
2994         Added deprecation macros to WebScriptObject and WebUndefined.
2995         * platform/cocoa/WebKitAvailability.h:
2996         Added more macros and a way to disable deprecation warnings for
2997         WebKit build and in clients like Safari.
2998
2999 2018-05-04  Eric Carlson  <eric.carlson@apple.com>
3000
3001         Log media time range as JSON
3002         https://bugs.webkit.org/show_bug.cgi?id=185321
3003         <rdar://problem/39986746>
3004
3005         Reviewed by Youenn Fablet.
3006
3007         No new tests, tested manually.
3008
3009         * html/HTMLMediaElement.cpp:
3010         (WebCore::HTMLMediaElement::addPlayedRange): Log as time range.
3011         (WebCore::HTMLMediaElement::visibilityStateChanged): Cleanup.
3012
3013         * platform/graphics/MediaPlayer.h:
3014         (WTF::LogArgument<MediaTime>::toString):
3015         (WTF::LogArgument<MediaTimeRange>::toString):
3016
3017         * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp:
3018         (WebCore::InbandTextTrackPrivateAVF::processAttributedStrings): Log error as time range.
3019
3020 2018-05-04  Zalan Bujtas  <zalan@apple.com>
3021
3022         Use the containing block to compute the pagination gap when the container is inline.
3023         https://bugs.webkit.org/show_bug.cgi?id=184724
3024         <rdar://problem/39521800>
3025
3026         Reviewed by Simon Fraser.
3027
3028         Test: fast/overflow/page-overflow-with-inline-body-crash.html
3029
3030         * page/FrameView.cpp:
3031         (WebCore::FrameView::applyPaginationToViewport):
3032
3033 2018-05-04  Tim Horton  <timothy_horton@apple.com>
3034
3035         Don't use GSFont* in minimal simulator mode
3036         https://bugs.webkit.org/show_bug.cgi?id=185320
3037         <rdar://problem/39734478>
3038
3039         Reviewed by Beth Dakin.
3040
3041         * page/cocoa/MemoryReleaseCocoa.mm:
3042         (WebCore::platformReleaseMemory):
3043
3044 2018-05-04  Chris Dumez  <cdumez@apple.com>
3045
3046         Unreviewed, rolling out r231331.
3047
3048         Caused a few tests to assert
3049
3050         Reverted changeset:
3051
3052         "Stop using an iframe's id as fallback if its name attribute
3053         is not set"
3054         https://bugs.webkit.org/show_bug.cgi?id=11388
3055         https://trac.webkit.org/changeset/231331
3056
3057 2018-05-04  Youenn Fablet  <youenn@apple.com>
3058
3059         Use more references in updateTracksOfType
3060         https://bugs.webkit.org/show_bug.cgi?id=185305
3061
3062         Reviewed by Eric Carlson.
3063
3064         No change of behavior.
3065
3066         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
3067         (WebCore::updateTracksOfType):
3068         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateTracks):
3069
3070 2018-05-04  Myles C. Maxfield  <mmaxfield@apple.com>
3071
3072         Text shaping in the simple path is flipped in the y direction
3073         https://bugs.webkit.org/show_bug.cgi?id=185062
3074         <rdar://problem/39778678>
3075
3076         Reviewed by Simon Fraser.
3077
3078         Shaping in our simple codepath occurs in an "increasing-y-goes-up" coordinate system, but our painting
3079         code uses an "increasing-y-goes-down" coordinate system. We weren't fixing up the coordinate systems
3080         because we never noticed. This is because the simple codepath is only designed for kerning and ligatures,
3081         neither of which move glyphs vertically in the common case.
3082
3083         Test: fast/text/vertical-displacement-simple-codepath.html
3084
3085         * platform/graphics/Font.cpp:
3086         (WebCore::Font::applyTransforms const):
3087         * platform/graphics/WidthIterator.cpp:
3088         (WebCore::WidthIterator::applyFontTransforms):
3089
3090 2018-05-04  Chris Nardi  <cnardi@chromium.org>
3091
3092         Serialize all URLs with double-quotes per CSSOM spec
3093         https://bugs.webkit.org/show_bug.cgi?id=184935
3094
3095         Reviewed by Antti Koivisto.
3096
3097         According to https://drafts.csswg.org/cssom/#serialize-a-url, all URLs should be serialized as strings,
3098         which means they should have double quotes around the text of the URL. Update our implementation to match
3099         this (and Firefox/Chrome). Also remove isCSSTokenizerURL() as this method is no longer needed.
3100
3101         Tests: Many LayoutTests updated to use double quotes.
3102
3103         * css/CSSMarkup.cpp:
3104         (WebCore::serializeString): Remove FIXME as this was already fixed in a previous patch.
3105         (WebCore::serializeURL): Remove FIXME and update implementation.
3106
3107 2018-05-04  Youenn Fablet  <youenn@apple.com>
3108
3109         LayoutTests/fast/mediastream/change-tracks-media-stream-being-played.html is crashing after r231304
3110         https://bugs.webkit.org/show_bug.cgi?id=185303
3111
3112         Reviewed by Eric Carlson.
3113
3114         We need to stop observing the audio track like we do for video track once we are no longer interested in it.
3115         Covered by test no longer crashing.
3116
3117         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
3118         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateTracks):
3119
3120 2018-05-04  Zalan Bujtas  <zalan@apple.com>
3121
3122         [LFC] Set the invalidation root as the result of style change.
3123         https://bugs.webkit.org/show_bug.cgi?id=185301
3124
3125         Reviewed by Antti Koivisto.
3126
3127         Compute/propagate the update type on the ancestor chain and return the invalidation root
3128         so that LayoutContext could use it as the entry point for the next layout frame.
3129
3130         * layout/LayoutContext.cpp:
3131         (WebCore::Layout::LayoutContext::updateLayout):
3132         (WebCore::Layout::LayoutContext::styleChanged):
3133         * layout/LayoutContext.h: order is not important.
3134         * layout/blockformatting/BlockInvalidation.cpp:
3135         (WebCore::Layout::invalidationStopsAtFormattingContextBoundary):
3136         (WebCore::Layout::computeUpdateType):
3137         (WebCore::Layout::computeUpdateTypeForAncestor):
3138         (WebCore::Layout::BlockInvalidation::invalidate):
3139         * layout/blockformatting/BlockInvalidation.h:
3140         * layout/inlineformatting/InlineInvalidation.cpp:
3141         (WebCore::Layout::InlineInvalidation::invalidate):
3142         * layout/inlineformatting/InlineInvalidation.h:
3143
3144 2018-05-04  Youenn Fablet  <youenn@apple.com>
3145
3146         PeerConnection should have its connectionState closed even if doing gathering
3147         https://bugs.webkit.org/show_bug.cgi?id=185267
3148
3149         Reviewed by Darin Adler.
3150
3151         Test: webrtc/addICECandidate-closed.html
3152
3153         In case m_iceConnectionState is closed, m_connectionState should also be set to closed
3154         and RTCPeerConnection should be closed so as to reject any other call.
3155
3156         * Modules/mediastream/RTCPeerConnection.cpp:
3157         (WebCore::RTCPeerConnection::close):
3158         (WebCore::RTCPeerConnection::updateConnectionState):
3159
3160 2018-05-04  Yacine Bandou  <yacine.bandou_ext@softathome.com>
3161
3162         [MSE][GStreamer] Delete properly the stream from the WebKitMediaSource
3163         https://bugs.webkit.org/show_bug.cgi?id=185242
3164
3165         Reviewed by Xabier Rodriguez-Calvar.
3166
3167         When the sourceBuffer is removed from mediasource, the appropriate stream is not
3168         properly deleted from WebKitMediaSource, because the appsrc and parser elements
3169         of the stream are not removed from the WebKitMediaSource bin.
3170
3171         This patch avoids the regression of r231089, see https://bugs.webkit.org/show_bug.cgi?id=185071
3172
3173         * platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamer.cpp:
3174         (webKitMediaSrcFreeStream):
3175
3176 2018-05-04  Carlos Garcia Campos  <cgarcia@igalia.com>
3177
3178         [GTK] Epiphany (GNOME Web) says "Error downloading: Service Unavailable." when trying to download an image from discogs.com
3179         https://bugs.webkit.org/show_bug.cgi?id=174730
3180
3181         Reviewed by Michael Catanzaro.
3182
3183         Export ResourceRequestBase::hasHTTPHeaderField().
3184
3185         * platform/network/ResourceRequestBase.h:
3186
3187 2018-05-03  Yusuke Suzuki  <utatane.tea@gmail.com>
3188
3189         Use subprocess.call instead of os.system to handle path with spaces
3190         https://bugs.webkit.org/show_bug.cgi?id=185291
3191
3192         Reviewed by Darin Adler.
3193
3194         If gperf path includes spaces, these python scripts fail to execute gperf.
3195         We use subprocess module instead of os.system to invoke gperf.
3196
3197         * css/makeSelectorPseudoClassAndCompatibilityElementMap.py:
3198         * css/makeSelectorPseudoElementsMap.py:
3199         * platform/network/create-http-header-name-table:
3200
3201 2018-05-03  Yusuke Suzuki  <utatane.tea@gmail.com>
3202
3203         Unreviewed, attempt to fix WinCairo build failure
3204         https://bugs.webkit.org/show_bug.cgi?id=185218
3205
3206         * platform/text/win/LocaleWin.cpp:
3207         (WebCore::LocaleWin::getLocaleInfoString):
3208
3209 2018-05-03  Filip Pizlo  <fpizlo@apple.com>
3210
3211         Strings should not be allocated in a gigacage
3212         https://bugs.webkit.org/show_bug.cgi?id=185218
3213
3214         Reviewed by Saam Barati.
3215
3216         No new tests because no new behavior.
3217
3218         * Modules/indexeddb/server/IDBSerialization.cpp:
3219         (WebCore::decodeKey):
3220         * bindings/js/SerializedScriptValue.cpp:
3221         (WebCore::CloneDeserializer::readString):
3222         * html/canvas/CanvasRenderingContext2D.cpp:
3223         (WebCore::normalizeSpaces):
3224         * html/parser/HTMLTreeBuilder.cpp:
3225         (WebCore::HTMLTreeBuilder::ExternalCharacterTokenBuffer::takeRemainingWhitespace):
3226         * platform/URLParser.cpp:
3227         (WebCore::percentEncodeByte):
3228         (WebCore::serializeURLEncodedForm):
3229         (WebCore::URLParser::serialize):
3230         * platform/URLParser.h:
3231         * platform/graphics/FourCC.cpp:
3232         (WebCore::FourCC::toString const):
3233         * platform/graphics/ca/GraphicsLayerCA.cpp:
3234         (WebCore::GraphicsLayerCA::ReplicaState::cloneID const):
3235         * platform/text/LocaleICU.cpp:
3236         (WebCore::LocaleICU::decimalSymbol):
3237         (WebCore::LocaleICU::decimalTextAttribute):
3238         (WebCore::getDateFormatPattern):
3239         (WebCore::LocaleICU::createLabelVector):
3240         (WebCore::getFormatForSkeleton):
3241         * platform/win/FileSystemWin.cpp:
3242         (WebCore::FileSystem::getFinalPathName):
3243         (WebCore::FileSystem::pathByAppendingComponent):
3244         (WebCore::FileSystem::storageDirectory):
3245
3246 2018-05-02  Brent Fulgham  <bfulgham@apple.com>
3247
3248         Widgets should hold a WeakPtr to their parents
3249         https://bugs.webkit.org/show_bug.cgi?id=185239
3250         <rdar://problem/39741250>
3251
3252         Reviewed by Zalan Bujtas.
3253
3254         * platform/ScrollView.h:
3255         (WebCore::ScrollView::weakPtrFactory): Added.
3256         * platform/Widget.cpp:
3257         (WebCore::Widget::init): Don't perform an unnecessary assignment.
3258         (WebCore::Widget::setParent): Grab a WeakPtr to the parent ScrollView.
3259         * platform/Widget.h:
3260         (WebCore::Widget::parent const): Change type to a WeakPtr.
3261
3262 2018-05-03  Yusuke Suzuki  <utatane.tea@gmail.com>
3263
3264         Use pointer instead of std::optional<T&>
3265         https://bugs.webkit.org/show_bug.cgi?id=185186
3266
3267         Reviewed by Alex Christensen.
3268
3269         std::optional<T&> is not accepted in C++17 spec.
3270         In this patch, we replace it with T*, which is well-aligned to
3271         WebKit's convention.
3272
3273         * Modules/mediastream/RTCPeerConnection.cpp:
3274         (WebCore::iceServersFromConfiguration):
3275         (WebCore::RTCPeerConnection::initializeConfiguration):
3276         (WebCore::RTCPeerConnection::setConfiguration):
3277         * css/parser/CSSParser.cpp:
3278         (WebCore::CSSParser::parseSystemColor):
3279         * css/parser/CSSParser.h:
3280         * dom/DatasetDOMStringMap.cpp:
3281         (WebCore::DatasetDOMStringMap::item const):
3282         (WebCore::DatasetDOMStringMap::namedItem const):
3283         (WebCore:: const): Deleted.
3284         * dom/DatasetDOMStringMap.h:
3285         * dom/Element.cpp:
3286         (WebCore::Element::insertAdjacentHTML):
3287         * dom/Element.h:
3288         * html/canvas/CanvasStyle.cpp:
3289         (WebCore::parseColor):
3290         * inspector/DOMEditor.cpp:
3291         * platform/network/curl/CurlFormDataStream.cpp:
3292         (WebCore::CurlFormDataStream::getPostData):
3293         (): Deleted.
3294         * platform/network/curl/CurlFormDataStream.h:
3295         * platform/network/curl/CurlRequest.cpp:
3296         (WebCore::CurlRequest::setupPOST):
3297         * testing/MockCDMFactory.cpp:
3298         (WebCore::MockCDMFactory::keysForSessionWithID const):
3299         (WebCore::MockCDMInstance::updateLicense):
3300         (WebCore:: const): Deleted.
3301         * testing/MockCDMFactory.h:
3302
3303 2018-05-03  Chris Dumez  <cdumez@apple.com>
3304
3305         Stop using an iframe's id as fallback if its name attribute is not set
3306         https://bugs.webkit.org/show_bug.cgi?id=11388
3307
3308         Reviewed by Geoff Garen.
3309
3310         WebKit had logic to use an iframe's id as fallback name when its name
3311         content attribute is not set. This behavior was not standard and did not
3312         match other browsers:
3313         - https://html.spec.whatwg.org/#attr-iframe-name
3314
3315         Gecko / Trident never behaved this way. Blink was aligned with us until
3316         they started to match the specification in:
3317         - https://bugs.chromium.org/p/chromium/issues/detail?id=347169
3318
3319         This WebKit quirk was causing some Web-compatibility issues because it
3320         would affect the behavior of Window's name property getter when trying
3321         to look up an iframe by id. Because of Window's named property getter
3322         behavior [1], we would return the frame's contentWindow instead of the
3323         iframe element itself.
3324
3325         [1] https://html.spec.whatwg.org/multipage/window-object.html#named-access-on-the-window-object
3326
3327         Test: fast/dom/Window/named-getter-frame-id.html
3328
3329         * html/HTMLFrameElementBase.cpp:
3330         (WebCore::HTMLFrameElementBase::openURL):
3331         (WebCore::HTMLFrameElementBase::parseAttribute):
3332         (WebCore::HTMLFrameElementBase::didFinishInsertingNode):
3333         * html/HTMLFrameElementBase.h:
3334
3335 2018-05-03  Eric Carlson  <eric.carlson@apple.com>
3336
3337         [iOS] Internal text and audio tracks not in fullscreen menu
3338         https://bugs.webkit.org/show_bug.cgi?id=185268
3339         <rdar://problem/38673440>
3340
3341         Reviewed by Jer Noble.
3342
3343         * platform/cocoa/PlaybackSessionModelMediaElement.mm:
3344         (WebCore::PlaybackSessionModelMediaElement::setMediaElement): 'addtrack' and 'removetrack'
3345         events are fired at the track lists, not the media element.
3346
3347 2018-05-03  Ryosuke Niwa  <rniwa@webkit.org>
3348
3349         Using image map inside a shadow tree results hits a release assert in DocumentOrderedMap::add
3350         https://bugs.webkit.org/show_bug.cgi?id=185238
3351
3352         Reviewed by Antti Koivisto.
3353
3354         The bug was caused by DocumentOrderedMap for the image elements with usemap being stored in Document
3355         even if those image elements were in a shadow tree. Fixed the bug by moving the map to TreeScope.
3356
3357         Test: fast/images/imagemap-in-nested-shadow-tree.html
3358               fast/images/imagemap-in-shadow-tree.html
3359
3360         * dom/Document.cpp:
3361         (WebCore::Document::addImageElementByUsemap): Moved to TreeScope.
3362         (WebCore::Document::removeImageElementByUsemap): Ditto.
3363         (WebCore::Document::imageElementByUsemap const): Ditto.
3364         * dom/Document.h:
3365         * dom/TreeScope.cpp:
3366         (WebCore::TreeScope::destroyTreeScopeData): Clear m_imagesByUsemap as well as m_elementsByName.
3367         (WebCore::TreeScope::getImageMap const): Removed the code to parse usemap. RenderImage::imageMap()
3368         which used to call this function with the raw value of the usemap content attribute now calls it
3369         via HTMLImageElement::associatedMapElement(), which uses the parsed usemap.
3370         (WebCore::TreeScope::addImageElementByUsemap): Moved from Document.
3371         (WebCore::TreeScope::removeImageElementByUsemap): Ditto.
3372         (WebCore::TreeScope::imageElementByUsemap const): Ditto.
3373         * dom/TreeScope.h:
3374         * html/HTMLImageElement.cpp:
3375         (WebCore::HTMLImageElement::parseAttribute):
3376         (WebCore::HTMLImageElement::insertedIntoAncestor): This image element can be associated with a map element
3377         if it's connected to a document.
3378         (WebCore::HTMLImageElement::removedFromAncestor):
3379         (WebCore::HTMLImageElement::associatedMapElement const):
3380         * html/HTMLImageElement.h:
3381         * html/HTMLMapElement.cpp:
3382         (WebCore::HTMLMapElement::imageElement):
3383         * rendering/RenderImage.cpp:
3384         (WebCore::RenderImage::imageMap const):
3385
3386 2018-05-03  Justin Fan  <justin_fan@apple.com>
3387
3388         [WebGL] Add runtime flag for enabling ASTC support in WebGL
3389         https://bugs.webkit.org/show_bug.cgi?id=184840
3390
3391         Reviewed by Myles C. Maxfield.
3392
3393         Added runtime flag for ASTC support in WebGL, to turn on/off when extension is implemented.
3394
3395         * page/RuntimeEnabledFeatures.h:
3396         (WebCore::RuntimeEnabledFeatures::setWebGLCompressedTextureASTCSupportEnabled):
3397         (WebCore::RuntimeEnabledFeatures::webGLCompressedTextureASTCSupportEnabled const):
3398
3399 2018-05-03  Chris Nardi  <cnardi@chromium.org>
3400
3401         Remove [NoInterfaceObject] from DOMRectList
3402         https://bugs.webkit.org/show_bug.cgi?id=185255
3403
3404         Reviewed by Chris Dumez.
3405
3406         In https://github.com/w3c/fxtf-drafts/issues/233, [NoInterfaceObject] was removed
3407         from DOMRectList. Remove it from our implementation to match the spec, as well as
3408         Chrome and Firefox.
3409
3410         Updated web platform tests IDL test for the Geometry spec.
3411
3412         * dom/DOMRectList.idl:
3413
3414 2018-05-03  Chris Dumez  <cdumez@apple.com>
3415
3416         REGRESSION(iOS 11.3): Crashes in TimerBase::~TimerBase() in Tencent x5gamehelper
3417         https://bugs.webkit.org/show_bug.cgi?id=185073
3418         <rdar://problem/39821223>
3419
3420         Reviewed by Alexey Proskuryakov.
3421
3422         The following changes were made:
3423         - Make sure SocketStream callbacks are always scheduled on the right runloop:
3424           WebThreadRunLoop() on WebKitLegacy iOS, loaderRunLoop() on Windows and
3425           main runloop otherwise.
3426         - When the SocketStream callbacks are called, unconditionally call callOnMainThreadAndWait()
3427           before calling methods on the SocketStream client. Previously, this code path
3428           was specific to Windows but there is no reason to have platform-specific code here.
3429           callOnMainThreadAndWait() calls the function right away if we're already on the main
3430           thread, which will be the case on other platform than Windows.
3431
3432         * platform/network/cf/SocketStreamHandleImplCFNet.cpp:
3433         (WebCore::callbacksRunLoop):
3434         (WebCore::callbacksRunLoopMode):
3435         (WebCore::SocketStreamHandleImpl::scheduleStreams):
3436         (WebCore::SocketStreamHandleImpl::pacExecutionCallback):
3437         (WebCore::SocketStreamHandleImpl::executePACFileURL):
3438         (WebCore::SocketStreamHandleImpl::removePACRunLoopSource):
3439         (WebCore::SocketStreamHandleImpl::readStreamCallback):
3440         (WebCore::SocketStreamHandleImpl::writeStreamCallback):
3441         (WebCore::SocketStreamHandleImpl::platformClose):
3442
3443 2018-05-03  Zalan Bujtas  <zalan@apple.com>
3444
3445         [LFC] Enable multiple layout roots for incremental layout.
3446         https://bugs.webkit.org/show_bug.cgi?id=185185
3447
3448         Reviewed by Antti Koivisto.
3449
3450         With certain type of style changes, we can stop the box invalidation at the formatting context boundary.
3451         When multiple boxes need updating in different formatting contexts, instead of marking the parent containing block chain all
3452         the way up to a common ancestor, we could just work with a list of layout entry points per layout frame.
3453
3454         * layout/FormattingState.h:
3455         * layout/LayoutContext.cpp:
3456         (WebCore::Layout::LayoutContext::updateLayout):
3457         (WebCore::Layout::LayoutContext::addLayoutEntryPoint):
3458         * layout/LayoutContext.h:
3459
3460 2018-05-03  Zalan Bujtas  <zalan@apple.com>
3461
3462         [LFC] Box invalidation logic should go to dedicated classes.
3463         https://bugs.webkit.org/show_bug.cgi?id=185249
3464
3465         Reviewed by Antti Koivisto.
3466
3467         Each formatting context can initiate a different type of invalidation when
3468         style attribute changes in a box.
3469
3470         * Sources.txt:
3471         * WebCore.xcodeproj/project.pbxproj:
3472         * layout/FormattingState.cpp:
3473         (WebCore::Layout::FormattingState::FormattingState):
3474         * layout/FormattingState.h:
3475         (WebCore::Layout::FormattingState::isBlockFormattingState const):
3476         (WebCore::Layout::FormattingState::isInlineFormattingState const):
3477         * layout/LayoutContext.cpp:
3478         (WebCore::Layout::LayoutContext::styleChanged):
3479         (WebCore::Layout::LayoutContext::markNeedsUpdate):
3480         * layout/LayoutContext.h:
3481         * layout/blockformatting/BlockFormattingState.cpp:
3482         (WebCore::Layout::BlockFormattingState::BlockFormattingState):
3483         * layout/blockformatting/BlockFormattingState.h:
3484         * layout/blockformatting/BlockInvalidation.cpp: Copied from Source/WebCore/layout/blockformatting/BlockFormattingState.cpp.
3485         (WebCore::Layout::BlockInvalidation::invalidate):
3486         * layout/blockformatting/BlockInvalidation.h: Copied from Source/WebCore/layout/inlineformatting/InlineFormattingState.h.
3487         * layout/inlineformatting/InlineFormattingState.cpp:
3488         (WebCore::Layout::InlineFormattingState::InlineFormattingState):
3489         * layout/inlineformatting/InlineFormattingState.h:
3490         * layout/inlineformatting/InlineInvalidation.cpp: Copied from Source/WebCore/layout/inlineformatting/InlineFormattingState.cpp.
3491         (WebCore::Layout::InlineInvalidation::invalidate):
3492         * layout/inlineformatting/InlineInvalidation.h: Copied from Source/WebCore/layout/blockformatting/BlockFormattingState.h.
3493
3494 2018-05-03  Michael Catanzaro  <mcatanzaro@igalia.com>
3495
3496         WebKit should send fake macOS user agent to docs.google.com
3497         https://bugs.webkit.org/show_bug.cgi?id=185165
3498
3499         Reviewed by Carlos Garcia Campos.
3500
3501         * platform/UserAgentQuirks.cpp:
3502         (WebCore::urlRequiresMacintoshPlatform):
3503         (WebCore::urlRequiresLinuxDesktopPlatform):
3504
3505 2018-05-03  Commit Queue  <commit-queue@webkit.org>
3506
3507         Unreviewed, rolling out r231223 and r231288.
3508         https://bugs.webkit.org/show_bug.cgi?id=185256
3509
3510         The change in r231223 breaks internal builds, and r231288 is a
3511         dependent change. (Requested by ryanhaddad on #webkit).
3512
3513         Reverted changesets:
3514
3515         "Use default std::optional if it is provided"
3516         https://bugs.webkit.org/show_bug.cgi?id=185159
3517         https://trac.webkit.org/changeset/231223
3518
3519         "Use pointer instead of
3520         std::optional<std::reference_wrapper<>>"
3521         https://bugs.webkit.org/show_bug.cgi?id=185186
3522         https://trac.webkit.org/changeset/231288
3523
3524 2018-05-03  Ryan Haddad  <ryanhaddad@apple.com>
3525
3526         Unreviewed, rolling out r231253.
3527
3528         The API test added with this change is crashing on the bots.
3529
3530         Reverted changeset:
3531
3532         "Web Inspector: opt out of process swap on navigation if a Web
3533         Inspector frontend is connected"
3534         https://bugs.webkit.org/show_bug.cgi?id=184861
3535         https://trac.webkit.org/changeset/231253
3536
3537 2018-05-03  Youenn Fablet  <youenn@apple.com>
3538
3539         A MediaStream being played should allow removing some of its tracks
3540         https://bugs.webkit.org/show_bug.cgi?id=185233
3541
3542         Reviewed by Eric Carlson.
3543
3544         Update the tracks out of the for loop.
3545         Test: fast/mediastream/change-tracks-media-stream-being-played.html
3546
3547         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
3548         (WebCore::updateTracksOfType):
3549
3550 2018-05-03  Miguel Gomez  <magomez@igalia.com>
3551
3552         WebCore::TextureMapperLayer object used after freed
3553         https://bugs.webkit.org/show_bug.cgi?id=184729
3554
3555         Reviewed by Michael Catanzaro.
3556
3557         Replace the raw pointers with WeakPtr for effectTarget, maskLayer and replicaLayer
3558         inside TextureMapperLayer.
3559
3560         * platform/graphics/texmap/TextureMapperLayer.cpp:
3561         (WebCore::TextureMapperLayer::~TextureMapperLayer):
3562         (WebCore::TextureMapperLayer::setMaskLayer):
3563         (WebCore::TextureMapperLayer::setReplicaLayer):
3564         * platform/graphics/texmap/TextureMapperLayer.h:
3565
3566 2018-05-03  Basuke Suzuki  <Basuke.Suzuki@sony.com>
3567
3568         [Curl] Add OpenSSL/LibreSSL multi-threading support
3569         https://bugs.webkit.org/show_bug.cgi?id=185138
3570
3571         The older OpenSSL manual says the locking_function and threadid_function should
3572         be set when use it in multi-threading environment. This applies to LibreSSL also.
3573         https://www.openssl.org/docs/man1.0.2/crypto/threads.html
3574
3575         For unix and other similar os, the default threadId_function implementation is
3576         good enough. We'll set custom callback only for Windows OS.
3577
3578         Note it's not required for OpenSSL 1.1.0 and after.
3579         https://www.openssl.org/blog/blog/2017/02/21/threads/
3580
3581         Reviewed by Per Arne Vollan.
3582
3583         * platform/network/curl/CurlSSLHandle.cpp:
3584         (WebCore::CurlSSLHandle::CurlSSLHandle):
3585         (WebCore::CurlSSLHandle::ThreadSupport::ThreadSupport):
3586         (WebCore::CurlSSLHandle::ThreadSupport::lockingCallback):
3587         (WebCore::CurlSSLHandle::ThreadSupport::threadIdCallback):
3588         * platform/network/curl/CurlSSLHandle.h:
3589         (WebCore::CurlSSLHandle::ThreadSupport::setup):
3590         (WebCore::CurlSSLHandle::ThreadSupport::singleton):
3591         (WebCore::CurlSSLHandle::ThreadSupport::lock):
3592         (WebCore::CurlSSLHandle::ThreadSupport::unlock):
3593
3594 2018-05-02  Ryosuke Niwa  <rniwa@webkit.org>
3595
3596         Remove superfluous check for a null attribute value check in Element::removeAttributeInternal
3597         https://bugs.webkit.org/show_bug.cgi?id=185227
3598
3599         Reviewed by Chris Dumez.
3600
3601         Removed the check. The attribute value string can never be null.
3602
3603         * dom/Element.cpp:
3604         (WebCore::Element::removeAttributeInternal):
3605
3606 2018-05-02  Zalan Bujtas  <zalan@apple.com>
3607
3608         [LFC] Implement LayoutContext::createDisplayBox
3609         https://bugs.webkit.org/show_bug.cgi?id=185158
3610
3611         Reviewed by Antti Koivisto.
3612
3613         Now compute*() functions take both the const layout and the corresponding non-const display boxes.
3614         Display boxes are owned by the LayoutContext and they don't form a tree structure (only implicitly through the layout tree).
3615         (This might need to change in the future if we decide to arrange them in some sort of painting order)
3616
3617         * layout/FloatingContext.cpp:
3618         (WebCore::Layout::FloatingContext::computePosition):
3619         * layout/FloatingContext.h:
3620         * layout/FormattingContext.cpp:
3621         (WebCore::Layout::FormattingContext::computeStaticPosition const):
3622         (WebCore::Layout::FormattingContext::computeInFlowPositionedPosition const):
3623         (WebCore::Layout::FormattingContext::computeOutOfFlowPosition const):
3624         (WebCore::Layout::FormattingContext::computeWidth const):
3625         (WebCore::Layout::FormattingContext::computeHeight const):
3626         (WebCore::Layout::FormattingContext::computeOutOfFlowWidth const):
3627         (WebCore::Layout::FormattingContext::computeFloatingWidth const):
3628         (WebCore::Layout::FormattingContext::computeOutOfFlowHeight const):
3629         (WebCore::Layout::FormattingContext::computeFloatingHeight const):
3630         * layout/FormattingContext.h:
3631         * layout/LayoutContext.cpp:
3632         (WebCore::Layout::LayoutContext::createDisplayBox):
3633         * layout/LayoutContext.h:
3634         (WebCore::Layout::LayoutContext::displayBoxForLayoutBox const):
3635         * layout/blockformatting/BlockFormattingContext.cpp:
3636         (WebCore::Layout::BlockFormattingContext::layout const):
3637         (WebCore::Layout::BlockFormattingContext::computeStaticPosition const):
3638         (WebCore::Layout::BlockFormattingContext::computeInFlowWidth const):
3639         (WebCore::Layout::BlockFormattingContext::computeInFlowHeight const):
3640         * layout/blockformatting/BlockFormattingContext.h:
3641         * layout/displaytree/DisplayBox.h:
3642         (WebCore::Display::Box::parent const): Deleted.
3643         (WebCore::Display::Box::nextSibling const): Deleted.
3644         (WebCore::Display::Box::previousSibling const): Deleted.
3645         (WebCore::Display::Box::firstChild const): Deleted.
3646         (WebCore::Display::Box::lastChild const): Deleted.
3647         (WebCore::Display::Box::setParent): Deleted.
3648         (WebCore::Display::Box::setNextSibling): Deleted.
3649         (WebCore::Display::Box::setPreviousSibling): Deleted.
3650         (WebCore::Display::Box::setFirstChild): Deleted.
3651         (WebCore::Display::Box::setLastChild): Deleted.
3652         (): Deleted.
3653         * layout/inlineformatting/InlineFormattingContext.cpp:
3654         (WebCore::Layout::InlineFormattingContext::computeInFlowWidth const):
3655         (WebCore::Layout::InlineFormattingContext::computeInFlowHeight const):
3656         * layout/inlineformatting/InlineFormattingContext.h:
3657
3658 2018-05-02  Said Abou-Hallawa  <sabouhallawa@apple.com>
3659
3660         Hiding then showing an <object> of type image makes the underlaying image disappear
3661         https://bugs.webkit.org/show_bug.cgi?id=185216
3662         <rdar://problem/39055630>
3663
3664         Reviewed by Youenn Fablet.
3665
3666         Ensure the HTMLPlugInImageElement updates the RenderImageResource of its
3667         RenderImage with the CachedImage of its ImageLoader when the RenderImage
3668         is recreated.
3669
3670         Test: fast/images/object-image-hide-show.html
3671
3672         * html/HTMLPlugInImageElement.cpp:
3673         (WebCore::HTMLPlugInImageElement::didAttachRenderers):
3674         This is very similar to what we do in HTMLImageElement::didAttachRenderers().
3675
3676
3677 2018-05-02  Brent Fulgham  <bfulgham@apple.com>
3678
3679         Use RetainPtr for form input type
3680         https://bugs.webkit.org/show_bug.cgi?id=185210
3681         <rdar://problem/39734040>
3682
3683         Reviewed by Ryosuke Niwa.
3684
3685         Refactor our HTMLInputElement class to store its InputType member as a RefPtr.
3686
3687         Test: fast/forms/access-key-mutation-2.html.
3688
3689         * html/HTMLInputElement.cpp:
3690         (WebCore::HTMLInputElement::HTMLInputElement):
3691         (WebCore::HTMLInputElement::didAddUserAgentShadowRoot):
3692         (WebCore::HTMLInputElement::accessKeyAction):
3693         (WebCore::HTMLInputElement::parseAttribute):
3694         (WebCore::HTMLInputElement::appendFormData):
3695         * html/HTMLInputElement.h:
3696         * html/InputType.cpp:
3697         (WebCore::createInputType):
3698         (WebCore::InputType::create):
3699         (WebCore::InputType::createText):
3700         * html/InputType.h:
3701
3702 2018-05-01  Yusuke Suzuki  <utatane.tea@gmail.com>
3703
3704         Use pointer instead of std::optional<std::reference_wrapper<>>
3705         https://bugs.webkit.org/show_bug.cgi?id=185186
3706
3707         Reviewed by Alex Christensen.
3708
3709         std::optional<T&> is not accepted in C++17 spec. So we replaced it
3710         with std::optional<std::reference_wrapper<T>>.
3711
3712         In this patch, we replace it with T*, which is well-aligned to
3713         WebKit's convention.
3714
3715         * Modules/mediastream/RTCPeerConnection.cpp:
3716         (WebCore::iceServersFromConfiguration):
3717         (WebCore::RTCPeerConnection::initializeConfiguration):
3718         (WebCore::RTCPeerConnection::setConfiguration):
3719         * css/parser/CSSParser.cpp:
3720         (WebCore::CSSParser::parseSystemColor):
3721         * css/parser/CSSParser.h:
3722         * dom/DatasetDOMStringMap.cpp:
3723         (WebCore::DatasetDOMStringMap::item const):
3724         (WebCore::DatasetDOMStringMap::namedItem const):
3725         * dom/DatasetDOMStringMap.h:
3726         * dom/Element.cpp:
3727         (WebCore::Element::insertAdjacentHTML):
3728         * dom/Element.h:
3729         * html/canvas/CanvasStyle.cpp:
3730         (WebCore::parseColor):
3731         * inspector/DOMEditor.cpp:
3732         * platform/network/curl/CurlFormDataStream.cpp:
3733         (WebCore::CurlFormDataStream::getPostData):
3734         * platform/network/curl/CurlFormDataStream.h:
3735         * platform/network/curl/CurlRequest.cpp:
3736         (WebCore::CurlRequest::setupPOST):
3737         * testing/MockCDMFactory.cpp:
3738         (WebCore::MockCDMFactory::keysForSessionWithID const):
3739         (WebCore::MockCDMInstance::updateLicense):
3740         * testing/MockCDMFactory.h:
3741
3742 2018-05-02  Keith Rollin  <krollin@apple.com>
3743
3744         Add facility for tracking times and results of page and resource loading
3745         https://bugs.webkit.org/show_bug.cgi?id=184838
3746         <rdar://problem/36548974>
3747
3748         Reviewed by Brent Fulgham.
3749
3750         Update FrameProgressTracker to send the necessary page load start/stop
3751         signals so that we can track the entire page load at a network level.
3752         Add an empty override of the pure virtual
3753         LoaderStrategy::pageLoadCompleted method.
3754
3755         No new tests. There is no testable effect from these changes. On
3756         Cocoa, measurable changes take place in another (non-WebKit) process.
3757         On non-Cocoa systems, this facility is currently disabled.
3758
3759         * loader/FrameLoader.cpp:
3760         (WebCore::FrameLoader::FrameProgressTracker::progressCompleted):
3761         * loader/LoaderStrategy.h:
3762
3763 2018-05-02  Aditya Keerthi  <akeerthi@apple.com>
3764
3765         Can't copy and paste URLs that have no title into Mail (macOS)
3766         https://bugs.webkit.org/show_bug.cgi?id=185205
3767         <rdar://problem/36352406>
3768
3769         Reviewed by Tim Horton.
3770
3771         The pasteboardURL generated has an empty title for URLs without titles. Currently, the pasteboardURL.title is being saved to the pasteboard.
3772
3773         To fix the error, we check whether the title is empty and instead save the lastPathComponent to the pasteboard. This matches current behavior as the fallback title.
3774
3775         Augmented WebKitLegacy.ContextMenuCanCopyURL test
3776
3777         * platform/mac/PasteboardMac.mm:
3778         (WebCore::writeURLForTypes):
3779
3780 2018-05-01  Ryosuke Niwa  <rniwa@webkit.org>
3781
3782         REGRESSION(r225868): Release assert when removing an SVGUseElement from Document::m_svgUseElements
3783         https://bugs.webkit.org/show_bug.cgi?id=182188
3784         <rdar://problem/36689240>
3785
3786         Reviewed by Antti Koivisto.
3787
3788         Fixed the crash by removing up the release assert.
3789
3790         The crash is likely caused by re-entrancy to Document::resolveStyle during SVGUseElement::updateShadowTree.
3791         Because Document::resolveStyle invokes updateShadowTree on SVG use elements in Document::m_svgUseElements
3792         without clearing the map, the nested call to resolveStyle ends up calling updateShadowTree() for all elements
3793         in m_svgUseElements and removing them all from the map. When the stack frame eventually comes back to the outer
3794         invocation of Document::resolveStyle, updateShadowTree gets invoked for the second time on SVG use elements
3795         whose shadow tree had already been updated within the inner invocation to updateShadowTree, and release-asserts.
3796
3797         There is an alternative fix: avoid calling updateShadowTree on a svg element when shadowTreeNeedsUpdate returns
3798         true on the element in resolveStyle. However, removing the release assert is a sure way to fix the crash so
3799         this patch opts for that fix instead especially since we don't have any reproducible test case for this crash.
3800
3801         This release assertion was added in r225868 as a cautious measure to catch any use-after-frees of SVGUseElement's
3802         since m_svgUseElements stored raw pointes to SVG use elements but this crash is not an indicative of any UAF,
3803         and there is no evidence that r225868 has led to new UAFs even after five months.
3804
3805         No new tests. I couldn't find a way to trigger a nested style update inside SVGUseElement::updateShadowTree.
3806
3807         * dom/Document.cpp:
3808         (WebCore::Document::removeSVGUseElement):
3809
3810 2018-05-02  Dirk Schulze  <dschulze@chromium.org>
3811
3812         getCharNumAtPosition should take DOMPointInit as argument
3813         https://bugs.webkit.org/show_bug.cgi?id=184695
3814
3815         Reviewed by Antti Koivisto.
3816
3817         Extend existing tests for getCharNumAtPosition.
3818
3819         * svg/SVGTextContentElement.cpp:
3820         (WebCore::SVGTextContentElement::getCharNumAtPosition):
3821         * svg/SVGTextContentElement.h:
3822         * svg/SVGTextContentElement.idl: Use DOMPointInit argument.
3823
3824 2018-05-02  Youenn Fablet  <youenn@apple.com>
3825
3826         Use NetworkLoadChecker for navigation loads
3827         https://bugs.webkit.org/show_bug.cgi?id=184892
3828         <rdar://problem/39652686>
3829
3830         Reviewed by Chris Dumez.
3831
3832         Sanitize headers according response tainting.
3833         If tainting is basic, it means same origin load in which case we only filter Cookie related headers.
3834         If tainting is Opaque, we filter all uncommon headers.
3835         If tainting is CORS, we filter all uncommon headers except the one explicitely allowed by CORS headers.
3836         Covered by updated test.
3837
3838         * platform/network/ResourceResponseBase.cpp:
3839         (WebCore::ResourceResponseBase::sanitizeHTTPHeaderFieldsAccordingToTainting):
3840         (WebCore::ResourceResponseBase::sanitizeHTTPHeaderFields):
3841         * platform/network/ResourceResponseBase.h:
3842
3843 2018-05-02  Myles C. Maxfield  <mmaxfield@apple.com>
3844
3845         Collection fragment identifiers don't use PostScript names
3846         https://bugs.webkit.org/show_bug.cgi?id=184624
3847         <rdar://problem/39432089>
3848
3849         Reviewed by Simon Fraser.
3850
3851         In a previous version of the CSS Fonts spec, there was text saying that items in font collections
3852         should be 1-indexed (so the first item would be MyFonts.ttc#1). However, this is unfortunate because
3853         inserting an item into the middle of a collection would throw off all content that uses the file.
3854         Instead, the spec has since changed to use PostScript names (so the content instead would say
3855         MyFonts.ttc#MyFont-Regular).
3856
3857         Test: fast/text/font-collection.html
3858
3859         * css/CSSFontFaceSource.cpp:
3860         (WebCore::CSSFontFaceSource::load):
3861         * loader/cache/CachedFont.cpp:
3862         (WebCore::CachedFont::calculateItemInCollection const):
3863         (WebCore::CachedFont::ensureCustomFontData):
3864         (WebCore::CachedFont::createCustomFontData):
3865         (WebCore::CachedFont::calculateIndex const): Deleted.
3866         * loader/cache/CachedFont.h:
3867         * platform/graphics/mac/FontCustomPlatformData.cpp:
3868         (WebCore::createFontCustomPlatformData):
3869         * platform/graphics/mac/FontCustomPlatformData.h:
3870
3871 2018-05-02  Brian Burg  <bburg@apple.com>
3872
3873         Web Inspector: opt out of process swap on navigation if a Web Inspector frontend is connected
3874         https://bugs.webkit.org/show_bug.cgi?id=184861
3875         <rdar://problem/39153768>
3876
3877         Reviewed by Ryosuke Niwa.
3878
3879         Notify the client of the current connection count whenever a frontend connects or disconnects.
3880
3881         Covered by new API test.
3882
3883         * inspector/InspectorClient.h:
3884         (WebCore::InspectorClient::frontendCountChanged):
3885         * inspector/InspectorController.cpp:
3886         (WebCore::InspectorController::connectFrontend):
3887         (WebCore::InspectorController::disconnectFrontend):
3888         (WebCore::InspectorController::disconnectAllFrontends):
3889         * inspector/InspectorController.h:
3890
3891 2018-05-02  Carlos Alberto Lopez Perez  <clopez@igalia.com>
3892
3893         [GStreamer] Remove unneeded include of gstgldisplay_wayland.h after r228866 and r229022
3894         https://bugs.webkit.org/show_bug.cgi?id=185207
3895
3896         Reviewed by Michael Catanzaro.
3897
3898         Remove unneeded include of gstgldisplay_wayland.h
3899
3900         No new tests, no change in behaviour.
3901
3902         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
3903
3904 2018-05-02  Chris Dumez  <cdumez@apple.com>
3905
3906         document.open() event listener removal is not immediate
3907         https://bugs.webkit.org/show_bug.cgi?id=185191
3908
3909         Reviewed by Darin Adler.
3910
3911         We need to make sure we set the 'wasremoved' flag on RegisteredEventListeners
3912         whenever they get removed from the EventListenerMap. We were doing so correctly
3913         in EventListenerMap:remove() but not EventListenerMap::clear(). This patch
3914         updates clear() accordingly.
3915
3916         The reason we need to set this flag is that RegisteredEventListeners is RefCounted
3917         and EventTarget::fireEventListeners() may be currently running and calling
3918         each listener one by one, holding a reference to all listener of a given event.
3919
3920         Test: fast/dom/Document/document-open-removes-all-listeners.html
3921
3922         * dom/EventListenerMap.cpp:
3923         (WebCore::EventListenerMap::clear):
3924
3925 2018-05-02  Zalan Bujtas <zalan@apple.com>
3926
3927         Use WeakPtr in GridCell
3928         https://bugs.webkit.org/show_bug.cgi?id=185180
3929         <rdar://problem/39432165>
3930
3931         Reviewed by Antti Koivisto.
3932
3933         Since GridCell does not own the renderers, it should
3934         construct weak pointers.
3935
3936         Unable to create a reliably reproducible test case.
3937
3938         * rendering/Grid.cpp:
3939         (WebCore::Grid::insert):
3940         (WebCore::GridIterator::nextGridItem):
3941         * rendering/Grid.h:
3942         * rendering/RenderGrid.cpp:
3943         (WebCore::RenderGrid::firstLineBaseline const):
3944
3945 2018-05-02  Eric Carlson  <eric.carlson@apple.com>
3946
3947         [iOS] Provide audio route information when invoking AirPlay picker
3948         https://bugs.webkit.org/show_bug.cgi?id=185199
3949         <rdar://problem/39853103>
3950
3951         Reviewed by Jer Noble.
3952
3953         No new tests, this requires a specific hardware setup.
3954
3955         * dom/Document.cpp:
3956         (WebCore::Document::showPlaybackTargetPicker): Pass route sharing policy and routing context UID.
3957         * dom/Document.h:
3958
3959         * html/MediaElementSession.cpp:
3960         (WebCore::MediaElementSession::showPlaybackTargetPicker): Ditto.
3961
3962         * loader/EmptyClients.h:
3963         * page/ChromeClient.h:
3964
3965         * page/Page.cpp:
3966         (WebCore::Page::showPlaybackTargetPicker): Ditto.
3967         * page/Page.h:
3968
3969         * platform/audio/AudioSession.cpp:
3970         (WebCore::AudioSession::routeSharingPolicy const): Empty implementation for non-iOS ports.
3971         (WebCore::routingContextUID const): Ditto.
3972         * platform/audio/AudioSession.h:
3973
3974         * platform/audio/ios/AudioSessionIOS.mm:
3975         (WebCore::AudioSession::routeSharingPolicy const): Return the route sharing policy.
3976         (WebCore::AudioSession::routingContextUID const): Return the route context UID.
3977
3978 2018-05-02  Dean Jackson  <dino@apple.com>
3979
3980         Draw SystemPreview badge to specification on iOS
3981         https://bugs.webkit.org/show_bug.cgi?id=185203
3982         <rdar://problem/39908855>
3983
3984         Reviewed by Tim Horton.
3985
3986         Use CoreImage to render a badge with a blurred background,
3987         at particular sizes.
3988
3989         This will be tested internally while we're getting artwork
3990         from WebKitAdditions.
3991
3992         * Configurations/WebCore.xcconfig: Link against CoreImage.
3993         * rendering/RenderThemeIOS.