9fa9620e8941e0d5a79debac192b05c296e22b2d
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2012-05-11  Sheriff Bot  <webkit.review.bot@gmail.com>
2
3         Unreviewed, rolling out r116527.
4         http://trac.webkit.org/changeset/116527
5         https://bugs.webkit.org/show_bug.cgi?id=86199
6
7         Causing crashes on ClusterFuzz (Requested by inferno-sec on
8         #webkit).
9
10         * rendering/RenderScrollbar.cpp:
11         (WebCore::RenderScrollbar::updateScrollbarPart):
12         * rendering/RenderScrollbarPart.h:
13
14 2012-05-11  Yoshifumi Inoue  <yosin@chromium.org>
15
16         [Forms] Move ValidityState methods implementation to another place
17         https://bugs.webkit.org/show_bug.cgi?id=86058
18
19         Reviewed by Kent Tamura.
20
21         This patch changes ValidityState class for limiting scope of
22         number/range input type related methods for introducing decimal
23         arithmetic.
24
25         Methods related to validation are moved from ValidateState to
26         input, select and textarea elements with virtual method based
27         dispatching via FormAssociateElement instead of tag name
28         dispatching so far for code simplification.
29
30         No new tests. This patch doesn't change behavior.
31
32         * html/FormAssociatedElement.cpp:
33         (WebCore::FormAssociatedElement::customError): Added. Called from ValidateState. Returns custom error mssage in member variable.
34         (WebCore::FormAssociatedElement::patternMismatch): Added.  Called from ValidateState. This is default implementation.
35         (WebCore::FormAssociatedElement::rangeOverflow): Added.  Called from ValidateState. This is default implementation.
36         (WebCore::FormAssociatedElement::rangeUnderflow): Added.  Called from ValidateState. This is default implementation.
37         (WebCore::FormAssociatedElement::stepMismatch): Added.  Called from ValidateState. This is default implementation.
38         (WebCore::FormAssociatedElement::tooLong): Added.  Called from ValidateState. This is default implementation.
39         (WebCore::FormAssociatedElement::typeMismatch): Added.  Called from ValidateState. This is default implementation.
40         (WebCore::FormAssociatedElement::valid): Added.  Called from ValidateState. This is default implementation.
41         (WebCore::FormAssociatedElement::valueMissing): Added.  Called from ValidateState. This is default implementation.
42         (WebCore::FormAssociatedElement::customValidationMessage): Added.  Called from ValidateState. This is default implementation.
43         (WebCore::FormAssociatedElement::validationMessage): Added.  Called from ValidateState. This is default implementation.
44         (WebCore::FormAssociatedElement::setCustomValidity): Added.  set custom error message.
45         * html/FormAssociatedElement.h:
46         (FormAssociatedElement): Added new instance value m_customValidationMessage.
47         * html/HTMLFormControlElement.cpp:
48         (WebCore::HTMLFormControlElement::setCustomValidity): Changed. Calls base class setCustomValidity.
49         * html/HTMLFormControlElement.h:
50         (HTMLFormControlElement):
51         * html/HTMLInputElement.cpp:
52         (WebCore::HTMLInputElement::isValidValue): Call m_inputType methods instead of HTMLInputElement's.
53         (WebCore::HTMLInputElement::tooLong): Call m_inputType methods instead of HTMLInputElement's.
54         (WebCore):
55         (WebCore::HTMLInputElement::typeMismatch): Move implementation to InputType.
56         (WebCore::HTMLInputElement::valueMissing):  Move implementation to InputType.
57         (WebCore::HTMLInputElement::patternMismatch): Move implementation to InputType.
58         (WebCore::HTMLInputElement::rangeUnderflow): Move implementation to InputType.
59         (WebCore::HTMLInputElement::rangeOverflow): Move implementation to InputType.
60         (WebCore::HTMLInputElement::validationMessage): Move implementation to InputType.
61         (WebCore::HTMLInputElement::stepMismatch): Move implementation to InputType.
62         (WebCore::HTMLInputElement::isInRange): Call m_inputType methods instead of HTMLInputElement's.
63         (WebCore::HTMLInputElement::isOutOfRange): Call m_inputType methods instead of HTMLInputElement's.
64         * html/HTMLInputElement.h:
65         (HTMLInputElement): Make tooLong method private.
66         * html/HTMLObjectElement.h: Add "virtual" and "OVERRIDE".
67         * html/HTMLSelectElement.cpp:
68         (WebCore::HTMLSelectElement::validationMessage): Added. Implementation for HTMLSelectElement.
69         (WebCore::HTMLSelectElement::valueMissing): Added. Implementation for HTMLSelectElement.
70         * html/HTMLSelectElement.h:
71         (HTMLSelectElement):  Added entries for newly added methods.
72         * html/HTMLTextAreaElement.cpp:
73         (WebCore::HTMLTextAreaElement::validationMessage): Added. Implementation for HTMLTextAreaElement.
74         (WebCore::HTMLTextAreaElement::valueMissing): Added. Implementation for HTMLTextAreaElement.
75         (WebCore::HTMLTextAreaElement::tooLong): Added. Implementation for HTMLTextAreaElement.
76         * html/HTMLTextAreaElement.h:
77         (HTMLTextAreaElement): Added entries for newly added methods. Change tooLong and valueMissing private.
78         * html/InputType.cpp:
79         (WebCore::InputType::stepMismatch): Change method signature.
80         (WebCore::InputType::alignValueForStep):  Changed for calling InputClass instead of HTMLINputElement.
81         (WebCore::InputType::stepUpFromRenderer):  Added. Moved from HTMLInputElement.
82         (WebCore::InputType::validationMessage): Added.  Moved from HTMLInputElement.
83         * html/InputType.h:
84         (InputType): Added entries for newly added methods and update methods signature.
85         * html/ValidityState.cpp: Move actual implementation to FormAssociatedElement and derived classes for localizing implementation change of elements and input types.
86         (WebCore::ValidityState::validationMessage): Changed to call FormAssociatedElement's method.
87         (WebCore::ValidityState::valueMissing): Changed to call FormAssociatedElement's method.
88         (WebCore::ValidityState::typeMismatch): Changed to call FormAssociatedElement's method.
89         (WebCore::ValidityState::patternMismatch): Changed to call FormAssociatedElement's method.
90         (WebCore::ValidityState::tooLong): Changed to call FormAssociatedElement's method.
91         (WebCore::ValidityState::rangeUnderflow): Changed to call FormAssociatedElement's method.
92         (WebCore::ValidityState::rangeOverflow): Changed to call FormAssociatedElement's method.
93         (WebCore::ValidityState::stepMismatch): Changed to call FormAssociatedElement's method.
94         (WebCore::ValidityState::customError): Changed to call FormAssociatedElement's method.
95         (WebCore::ValidityState::valid):
96         * html/ValidityState.h:
97         (ValidityState): Remove custom validation message related things.
98
99 2012-05-11  Kent Tamura  <tkent@chromium.org>
100
101         Fix a build error without SVG, introduced by tab-size support.
102
103         * css/StyleResolver.cpp:
104         (WebCore::StyleResolver::collectMatchingRulesForList):
105
106 2012-05-11  Shinya Kawanaka  <shinyak@chromium.org>
107
108         [Refactoring] Move Selection from DOMWindow to TreeScope.
109         https://bugs.webkit.org/show_bug.cgi?id=82699
110
111         Reviewed by Ryosuke Niwa.
112
113         Since ShadowRoot will also manage its own version of DOMSelection, we would like to
114         share the code among Document and DOMSelection. This patch moves DOMSelection from DOMWindow to TreeScope
115         so that ShadowRoot can also use it.
116
117         No new tests, should covered by existing tests.
118
119         * dom/Document.cpp:
120         (WebCore::Document::updateFocusAppearanceTimerFired):
121         * dom/Document.h:
122         (Document):
123         * dom/ShadowRoot.cpp:
124         (WebCore::ShadowRoot::selection):
125         * dom/TreeScope.cpp:
126         (WebCore::TreeScope::~TreeScope):
127         (WebCore::TreeScope::getSelection):
128         (WebCore):
129         * dom/TreeScope.h:
130         (WebCore):
131         (TreeScope):
132         * page/DOMSelection.cpp:
133         (WebCore::DOMSelection::DOMSelection):
134         (WebCore::DOMSelection::clearTreeScope):
135         (WebCore):
136         * page/DOMSelection.h:
137         (WebCore):
138         (WebCore::DOMSelection::create):
139         (DOMSelection):
140         * page/DOMWindow.cpp:
141         (WebCore::DOMWindow::~DOMWindow):
142         (WebCore::DOMWindow::clearDOMWindowProperties):
143         (WebCore::DOMWindow::getSelection):
144         * page/DOMWindow.h:
145         (DOMWindow):
146
147 2012-05-04  Yury Semikhatsky  <yurys@chromium.org>
148
149         Web Inspector: console should allow JS execution in the context of an isolated world
150         https://bugs.webkit.org/show_bug.cgi?id=85612
151
152         Reviewed by Pavel Feldman.
153
154         Added an option to select not only a frame but also isolated world in which
155         to perform evaluation of the code typed into the console.
156
157         Each execution context can be identified using it injected script id. We call it
158         execution context id in the protocol. Runtime agent is extended with an event that
159         is sent when new ExecutionContext is created. The event tracking can be enabled/disabled
160         using setReportExecutionContextCreation command.
161
162         * bindings/js/ScriptController.cpp:
163         (WebCore):
164         (WebCore::isolatedWorldToSecurityOriginMap):
165         * bindings/js/ScriptController.h:
166         (ScriptController):
167         * bindings/js/ScriptState.cpp:
168         (WebCore::isolatedWorldScriptState):
169         (WebCore):
170         * bindings/js/ScriptState.h:
171         (WebCore):
172         * bindings/v8/ScriptController.cpp:
173         (WebCore):
174         (WebCore::ScriptController::isolatedWorldToSecurityOriginMap):
175         * bindings/v8/ScriptController.h:
176         (ScriptController):
177         * bindings/v8/ScriptState.cpp:
178         (WebCore::isolatedWorldScriptState):
179         (WebCore):
180         * bindings/v8/ScriptState.h:
181         (WebCore):
182         * bindings/v8/V8IsolatedContext.cpp:
183         (WebCore::V8IsolatedContext::setSecurityOrigin):
184         * bindings/v8/V8Proxy.cpp:
185         (WebCore::V8Proxy::setIsolatedWorldSecurityOrigin):
186         (WebCore::V8Proxy::isolatedWorldContext):
187         (WebCore):
188         (WebCore::V8Proxy::isolatedWorldToSecurityOriginMap):
189         * bindings/v8/V8Proxy.h:
190         (V8Proxy):
191         * inspector/CodeGeneratorInspector.py:
192         (DomainNameFixes):
193         * inspector/Inspector.json:
194         * inspector/InspectorInstrumentation.cpp:
195         (WebCore::InspectorInstrumentation::didCreateIsolatedContextImpl):
196         (WebCore):
197         * inspector/InspectorInstrumentation.h:
198         (WebCore):
199         (InspectorInstrumentation):
200         (WebCore::InspectorInstrumentation::didCreateIsolatedContext):
201         * inspector/InspectorRuntimeAgent.cpp:
202         (WebCore::InspectorRuntimeAgent::evaluate):
203         * inspector/InspectorRuntimeAgent.h:
204         (InspectorRuntimeAgent):
205         * inspector/InstrumentingAgents.h:
206         (WebCore):
207         (WebCore::InstrumentingAgents::InstrumentingAgents):
208         (WebCore::InstrumentingAgents::pageRuntimeAgent):
209         (WebCore::InstrumentingAgents::setPageRuntimeAgent):
210         (InstrumentingAgents):
211         * inspector/PageRuntimeAgent.cpp:
212         (PageRuntimeAgentState):
213         (WebCore):
214         (WebCore::PageRuntimeAgent::PageRuntimeAgent):
215         (WebCore::PageRuntimeAgent::setFrontend):
216         (WebCore::PageRuntimeAgent::clearFrontend):
217         (WebCore::PageRuntimeAgent::restore):
218         (WebCore::PageRuntimeAgent::setReportExecutionContextCreation):
219         (WebCore::PageRuntimeAgent::didCreateExecutionContext):
220         (WebCore::PageRuntimeAgent::getScriptStateForEval):
221         * inspector/PageRuntimeAgent.h:
222         (WebCore):
223         (PageRuntimeAgent):
224         * inspector/WorkerRuntimeAgent.cpp:
225         (WebCore::WorkerRuntimeAgent::setReportExecutionContextCreation):
226         (WebCore::WorkerRuntimeAgent::getScriptStateForEval):
227         * inspector/WorkerRuntimeAgent.h:
228         (WorkerRuntimeAgent):
229         * inspector/front-end/ConsoleView.js:
230         (WebInspector.ConsoleView.prototype.get statusBarItems):
231         (WebInspector.ConsoleView.prototype.addContext):
232         (WebInspector.ConsoleView.prototype.removeContext):
233         (WebInspector.ConsoleView.prototype._updateIsolatedWorldSelector):
234         (WebInspector.ConsoleView.prototype._contextUpdated):
235         (WebInspector.ConsoleView.prototype._addedExecutionContext):
236         (WebInspector.ConsoleView.prototype._currentEvaluationContextId):
237         (WebInspector.ConsoleView.prototype._currentEvaluationContext):
238         (WebInspector.ConsoleView.prototype._currentIsolatedWorldId):
239         (WebInspector.ConsoleView.prototype.evalInInspectedWindow):
240         * inspector/front-end/ExtensionPanel.js:
241         (WebInspector.ExtensionSidebarPane.prototype.setExpression):
242         * inspector/front-end/ExtensionServer.js:
243         (WebInspector.ExtensionServer.prototype._onEvaluateOnInspectedPage):
244         * inspector/front-end/JavaScriptContextManager.js:
245         (WebInspector.JavaScriptContextManager):
246         (WebInspector.JavaScriptContextManager.prototype._didLoadCachedResources):
247         (WebInspector.JavaScriptContextManager.prototype.isolatedContextCreated):
248         (WebInspector.RuntimeDispatcher):
249         (WebInspector.RuntimeDispatcher.prototype.isolatedContextCreated):
250         (WebInspector.ExecutionContext):
251         (WebInspector.ExecutionContext.comparator):
252         (WebInspector.FrameEvaluationContext):
253         (WebInspector.FrameEvaluationContext.prototype._frameNavigated):
254         (WebInspector.FrameEvaluationContext.prototype._addExecutionContext):
255         (WebInspector.FrameEvaluationContext.prototype._ensureMainWorldContextAdded):
256         (WebInspector.FrameEvaluationContext.prototype.isolatedContexts):
257
258 2012-05-11  Andrey Kosyakov  <caseq@chromium.org>
259
260         Web Inspector: use div, not span as a parent element for ElementsTreeOutline in Audits panel
261         https://bugs.webkit.org/show_bug.cgi?id=86188
262
263         Reviewed by Yury Semikhatsky.
264
265         We need to use <div>, not <span> as a container for ElementsTreeOutline, as latter accesses its parent offsetWidth
266         within _treeElementFromEvent(), which returns 0 for inline elements.
267
268         * inspector/front-end/AuditFormatters.js:
269         (WebInspector.AuditFormatters.node.onNodeAvailable):
270         (WebInspector.AuditFormatters.node):
271
272 2012-05-11  Antti Koivisto  <antti@apple.com>
273
274         Inline Node::traverseNextNode
275         https://bugs.webkit.org/show_bug.cgi?id=85844
276
277         Reviewed by Ryosuke Niwa.
278         
279         Inline traverseNextNode and traverseNextSibling to reduce entry/exit overhead and allow better code generation
280         for many hot loops.
281
282         In this version only the firstChild()/nextSibling() tests are inlined and the ancestor traversal is not.
283         
284         Performance bots will tell if this was worthwhile.
285
286         * dom/ContainerNode.h:
287         (WebCore::Node::traverseNextNode):
288         (WebCore):
289         (WebCore::Node::traverseNextSibling):
290         * dom/Node.cpp:
291         (WebCore::Node::traverseNextAncestorSibling):
292         * dom/Node.h:
293         (Node):
294         * bindings/v8/RetainedDOMInfo.cpp:
295
296 2012-05-07  Yury Semikhatsky  <yurys@chromium.org>
297
298         Web Inspector: get rid of InspectorAgent::emitCommitLoadIfNeeded method
299         https://bugs.webkit.org/show_bug.cgi?id=85708
300
301         Reviewed by Pavel Feldman.
302
303         Instead of calling emitCommitLoadIfNeeded after all agents are restored
304         required actions are performed directly in the restore() methods.
305
306         * inspector/InspectorAgent.cpp:
307         * inspector/InspectorAgent.h:
308         (WebCore::InspectorAgent::didCommitLoadFired):
309         * inspector/InspectorController.cpp:
310         (WebCore::InspectorController::InspectorController):
311         (WebCore::InspectorController::restoreInspectorStateFromCookie):
312         * inspector/InspectorDatabaseAgent.cpp:
313         (WebCore::InspectorDatabaseAgent::restore):
314         * inspector/InspectorPageAgent.cpp:
315         (WebCore::InspectorPageAgent::create):
316         (WebCore::InspectorPageAgent::InspectorPageAgent):
317         (WebCore::InspectorPageAgent::restore):
318         * inspector/InspectorPageAgent.h:
319         (WebCore):
320         * inspector/InspectorResourceAgent.cpp:
321         (WebCore::InspectorResourceAgent::restore):
322
323 2012-05-10  Andrey Kosyakov  <caseq@chromium.org>
324
325         Web Inspector: [Extensions API] add audit formatters for remote objects and DOM elements
326         https://bugs.webkit.org/show_bug.cgi?id=86108
327
328         Reviewed by Pavel Feldman.
329
330        - added two new formatters to AuditResults object of webInspector.audits API;
331
332         * inspector/front-end/AuditFormatters.js:
333         (WebInspector.AuditFormatters.resourceLink):
334         (WebInspector.AuditFormatters.object.onEvaluate):
335         (WebInspector.AuditFormatters.object): format as a remote object property list;
336         (WebInspector.AuditFormatters.node.onNodeAvailable):
337         (WebInspector.AuditFormatters.node.onEvaluate):
338         (WebInspector.AuditFormatters.node): format as a DOM elements sub-tree;
339         (WebInspector.AuditFormatters.Utilities.evaluate): common expression evaluation logic for both new formatters;
340         * inspector/front-end/ExtensionAPI.js:
341         (injectedExtensionAPI.AuditResultImpl):
342         * inspector/front-end/auditsPanel.css:
343         (.audit-result-tree ol.outline-disclosure):
344         (.audit-result-tree .section .header):
345         (.audit-result-tree .section .header::before):
346
347 2012-05-11  Sheriff Bot  <webkit.review.bot@gmail.com>
348
349         Unreviewed, rolling out r116727.
350         http://trac.webkit.org/changeset/116727
351         https://bugs.webkit.org/show_bug.cgi?id=86181
352
353         Build error on Chromium-Android (Requested by tkent on
354         #webkit).
355
356         * platform/graphics/MediaPlayer.cpp:
357         (WebCore::MediaPlayer::enterFullscreen):
358         (WebCore):
359         * platform/graphics/MediaPlayer.h:
360         (MediaPlayer):
361         * platform/graphics/MediaPlayerPrivate.h:
362         (WebCore::MediaPlayerPrivateInterface::enterFullscreen):
363         (MediaPlayerPrivateInterface):
364
365 2012-05-11  Sheriff Bot  <webkit.review.bot@gmail.com>
366
367         Unreviewed, rolling out r116731.
368         http://trac.webkit.org/changeset/116731
369         https://bugs.webkit.org/show_bug.cgi?id=86178
370
371         Build failure on Chromium-mac (Requested by tkent on #webkit).
372
373         * platform/graphics/chromium/LayerRendererChromium.cpp:
374         (WebCore::LayerRendererChromium::create):
375         (WebCore::LayerRendererChromium::LayerRendererChromium):
376         (WebCore::LayerRendererChromium::initializeSharedObjects):
377         * platform/graphics/chromium/LayerRendererChromium.h:
378         (LayerRendererChromium):
379         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
380         (WebCore::CCLayerTreeHostImpl::initializeLayerRenderer):
381         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.h:
382         (CCLayerTreeHostImpl):
383         * platform/graphics/chromium/cc/CCSingleThreadProxy.cpp:
384         (UnthrottledTextureUploader):
385         (WebCore::UnthrottledTextureUploader::create):
386         (WebCore::UnthrottledTextureUploader::~UnthrottledTextureUploader):
387         (WebCore::UnthrottledTextureUploader::isBusy):
388         (WebCore::UnthrottledTextureUploader::beginUploads):
389         (WebCore::UnthrottledTextureUploader::endUploads):
390         (WebCore::UnthrottledTextureUploader::uploadTexture):
391         (WebCore::UnthrottledTextureUploader::UnthrottledTextureUploader):
392         (WebCore):
393         (WebCore::CCSingleThreadProxy::initializeLayerRenderer):
394         (WebCore::CCSingleThreadProxy::recreateContext):
395         * platform/graphics/chromium/cc/CCThreadProxy.cpp:
396         (WebCore):
397         (UnthrottledTextureUploader):
398         (WebCore::UnthrottledTextureUploader::create):
399         (WebCore::UnthrottledTextureUploader::~UnthrottledTextureUploader):
400         (WebCore::UnthrottledTextureUploader::isBusy):
401         (WebCore::UnthrottledTextureUploader::beginUploads):
402         (WebCore::UnthrottledTextureUploader::endUploads):
403         (WebCore::UnthrottledTextureUploader::uploadTexture):
404         (WebCore::UnthrottledTextureUploader::UnthrottledTextureUploader):
405         (WebCore::CCThreadProxy::initializeLayerRendererOnImplThread):
406         (WebCore::CCThreadProxy::recreateContextOnImplThread):
407
408 2012-05-10  David Reveman  <reveman@chromium.org>
409
410         [Chromium] Move instantiation of texture uploader to LayerRendererChromium.
411         https://bugs.webkit.org/show_bug.cgi?id=85893
412
413         Reviewed by Adrienne Walker.
414
415         Move instantiation of texture uploader to LayerRendererChromium and
416         allow CCProxy to decide between a throttled or unthrottled uploader
417         using a flag passed to the LayerRendererChromium constructor.
418
419         * platform/graphics/chromium/LayerRendererChromium.cpp:
420         (WebCore::LayerRendererChromium::create):
421         (WebCore::LayerRendererChromium::LayerRendererChromium):
422         (WebCore::LayerRendererChromium::initializeSharedObjects):
423         * platform/graphics/chromium/LayerRendererChromium.h:
424         (LayerRendererChromium):
425         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
426         (WebCore::CCLayerTreeHostImpl::initializeLayerRenderer):
427         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.h:
428         (CCLayerTreeHostImpl):
429         * platform/graphics/chromium/cc/CCSingleThreadProxy.cpp:
430         (WebCore::CCSingleThreadProxy::initializeLayerRenderer):
431         (WebCore::CCSingleThreadProxy::recreateContext):
432         * platform/graphics/chromium/cc/CCThreadProxy.cpp:
433         (WebCore::CCThreadProxy::initializeLayerRendererOnImplThread):
434         (WebCore::CCThreadProxy::recreateContextOnImplThread):
435
436 2012-05-10  MORITA Hajime  <morrita@google.com>
437
438         ElementShadow should minimize the usage of "ShadowRoot" name
439         https://bugs.webkit.org/show_bug.cgi?id=85970
440
441         Reviewed by Dimitri Glazkov.
442
443         This change cleans two out dated assumptions which brought in at
444         early stage of Shadow DOM implementation.
445
446         - Removed Element::hasShadowRoot(): shadow existence can be checked by Element::shadow().
447         - Made ElementShadow::removeAllShadowRoots() private: we no longer allow ShadowRoot removal.
448           It can only happens at the ElementShadow destruction.
449
450         Most of changes in element implementations are basically simple
451         replacement from hasShadowRoot() to shadow().
452
453         No new tests. Covered by existing tests.
454
455         * WebCore.exp.in:
456         * dom/ContainerNodeAlgorithms.h:
457         (WebCore::ChildFrameDisconnector::collectDescendant):
458         * dom/ComposedShadowTreeWalker.cpp:
459         (WebCore::ComposedShadowTreeWalker::traverseChild):
460         * dom/Document.cpp:
461         (WebCore::Document::buildAccessKeyMap):
462         * dom/Element.cpp:
463         (WebCore::Element::recalcStyle):
464         (WebCore::Element::ensureShadowRoot):
465         (WebCore::Element::childrenChanged):
466         * dom/Element.h:
467         (Element):
468         (WebCore::isShadowHost):
469         (WebCore):
470         * dom/ElementShadow.cpp:
471         (WebCore::ElementShadow::~ElementShadow):
472         (WebCore::ElementShadow::removeAllShadowRoots):
473         * dom/ElementShadow.h:
474         (ElementShadow):
475         (WebCore::ElementShadow::host):
476         * dom/EventDispatcher.cpp:
477         * dom/Node.cpp:
478         (WebCore::oldestShadowRootFor):
479         * dom/NodeRenderingContext.cpp:
480         (WebCore::NodeRenderingContext::NodeRenderingContext):
481         * dom/ShadowRoot.cpp:
482         (WebCore::ShadowRoot::create):
483         * html/ColorInputType.cpp:
484         (WebCore::ColorInputType::createShadowSubtree):
485         * html/FileInputType.cpp:
486         (WebCore::FileInputType::createShadowSubtree):
487         (WebCore::FileInputType::multipleAttributeChanged):
488         * html/HTMLDetailsElement.cpp:
489         (WebCore::HTMLDetailsElement::createShadowSubtree):
490         * html/HTMLInputElement.cpp:
491         (WebCore::HTMLInputElement::createShadowSubtree):
492         * html/HTMLKeygenElement.cpp:
493         (WebCore::HTMLKeygenElement::HTMLKeygenElement):
494         (WebCore::HTMLKeygenElement::shadowSelect):
495         * html/HTMLMediaElement.cpp:
496         (WebCore::HTMLMediaElement::hasMediaControls):
497         * html/HTMLMeterElement.cpp:
498         (WebCore::HTMLMeterElement::createShadowSubtree):
499         * html/HTMLProgressElement.cpp:
500         (WebCore::HTMLProgressElement::createShadowSubtree):
501         * html/HTMLSummaryElement.cpp:
502         (WebCore::HTMLSummaryElement::createShadowSubtree):
503         * html/HTMLTextAreaElement.cpp:
504         (WebCore::HTMLTextAreaElement::createShadowSubtree):
505         * html/InputType.cpp:
506         (WebCore::InputType::destroyShadowSubtree):
507         * html/RangeInputType.cpp:
508         (WebCore::RangeInputType::handleMouseDownEvent):
509         (WebCore::RangeInputType::createShadowSubtree):
510         * html/TextFieldInputType.cpp:
511         (WebCore::TextFieldInputType::createShadowSubtree):
512         * html/shadow/SliderThumbElement.cpp:
513         (WebCore::trackLimiterElementOf):
514         * inspector/InspectorDOMAgent.cpp:
515         (WebCore::InspectorDOMAgent::unbind):
516         (WebCore::InspectorDOMAgent::buildObjectForNode):
517         * page/FocusController.cpp:
518         (WebCore):
519         * rendering/RenderFileUploadControl.cpp:
520         (WebCore::RenderFileUploadControl::uploadButton):
521         * svg/SVGTRefElement.cpp:
522         (WebCore::SVGTRefElement::updateReferencedText):
523         (WebCore::SVGTRefElement::detachTarget):
524         * testing/Internals.cpp:
525         (WebCore::Internals::ensureShadowRoot):
526         (WebCore::Internals::youngestShadowRoot):
527         (WebCore::Internals::oldestShadowRoot):
528         * testing/Internals.h:
529         (Internals):
530         * testing/Internals.idl:
531
532 2012-05-10  Gyuyoung Kim  <gyuyoung.kim@samsung.com>
533
534         Move resumeAnimations to use Internals interface
535         https://bugs.webkit.org/show_bug.cgi?id=86063
536
537         Reviewed by Alexey Proskuryakov.
538
539         Add resumeAnimations functions, because it is able to work in the
540         cross-port way through the Internals interface.
541
542         No new tests, since we are improving here the infra-structure for testing
543         a specific method.
544
545         * testing/Internals.cpp:
546         (WebCore::Internals::resumeAnimations):
547         (WebCore):
548         * testing/Internals.h:
549         (Internals):
550         * testing/Internals.idl:
551
552 2012-05-10  Min Qin  <qinmin@google.com>
553
554         split MediaPlayer::enterFullscreen into 2 seperate functions
555         https://bugs.webkit.org/show_bug.cgi?id=86052
556
557         Reviewed by Benjamin Poulain.
558
559         It is confusing that enterFullscreen returns a boolean while exitFullscreen does
560         not do the same. And ios does not need the return value.
561         So remove the return value on enterFullscreen and make a seperate canEnterFullscreen()
562         function for android.
563         No tests as there are no behavior change, just refactoring.
564
565         * platform/graphics/MediaPlayer.cpp:
566         (WebCore::MediaPlayer::enterFullscreen):
567         (WebCore):
568         (WebCore::MediaPlayer::canEnterFullscreen):
569         * platform/graphics/MediaPlayer.h:
570         (MediaPlayer):
571         * platform/graphics/MediaPlayerPrivate.h:
572         (WebCore::MediaPlayerPrivateInterface::enterFullscreen):
573         (MediaPlayerPrivateInterface):
574         (WebCore::MediaPlayerPrivateInterface::canEnterFullscreen):
575
576 2012-05-10  Sheriff Bot  <webkit.review.bot@gmail.com>
577
578         Unreviewed, rolling out r116715.
579         http://trac.webkit.org/changeset/116715
580         https://bugs.webkit.org/show_bug.cgi?id=86172
581
582         Broke http/tests/security/cross-frame-access-selection.html
583         (Requested by tkent on #webkit).
584
585         * dom/Document.cpp:
586         (WebCore):
587         (WebCore::Document::getSelection):
588         * dom/Document.h:
589         (Document):
590         * dom/ShadowRoot.cpp:
591         (WebCore::ShadowRoot::selection):
592         * dom/TreeScope.cpp:
593         (WebCore::TreeScope::~TreeScope):
594         * dom/TreeScope.h:
595         (WebCore):
596         (TreeScope):
597         * page/DOMSelection.cpp:
598         (WebCore::DOMSelection::DOMSelection):
599         * page/DOMSelection.h:
600         (WebCore):
601         (WebCore::DOMSelection::create):
602         (DOMSelection):
603         * page/DOMWindow.cpp:
604         (WebCore::DOMWindow::~DOMWindow):
605         (WebCore::DOMWindow::clearDOMWindowProperties):
606         (WebCore::DOMWindow::getSelection):
607         * page/DOMWindow.h:
608         (DOMWindow):
609
610 2012-05-10  Hajime Morrita  <morrita@google.com>
611
612         WebKit should support tab-size.
613         https://bugs.webkit.org/show_bug.cgi?id=52994
614
615         - Added boilerplate for "tab-size" CSS property.
616         - Added RenderStye::tabSize() as a RareInheritedData.
617         - Replaced TextRun::m_allowTabs into TextRun::m_tabSize.
618
619         Reviewed by Simon Fraser.
620
621         Tests: fast/css/tab-size-expected.html
622                fast/css/tab-size.html
623
624         * css/CSSComputedStyleDeclaration.cpp:
625         (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
626         * css/CSSParser.cpp:
627         (WebCore::CSSParser::parseValue):
628         * css/CSSProperty.cpp:
629         (WebCore::CSSProperty::isInheritedProperty):
630         * css/CSSPropertyNames.in:
631         * css/CSSStyleSelector.cpp:
632         (WebCore::CSSStyleSelector::applyProperty):
633         * html/canvas/CanvasRenderingContext2D.cpp:
634         (WebCore::CanvasRenderingContext2D::drawTextInternal):
635         * platform/chromium/PopupListBox.cpp:
636         (WebCore::PopupListBox::paintRow):
637         * platform/graphics/Font.h:
638         (WebCore::Font::tabWidth):
639         * platform/graphics/TextRun.h:
640         (WebCore::TextRun::TextRun):
641         (WebCore::TextRun::allowTabs):
642         (WebCore::TextRun::tabSize):
643         (WebCore::TextRun::setTabSize):
644         * platform/graphics/WidthIterator.cpp:
645         (WebCore::WidthIterator::advance):
646         * platform/graphics/mac/ComplexTextController.cpp:
647         (WebCore::ComplexTextController::adjustGlyphsAndAdvances):
648         * platform/win/PopupMenuWin.cpp:
649         (WebCore::PopupMenuWin::paint):
650         * rendering/InlineTextBox.cpp:
651         (WebCore::InlineTextBox::constructTextRun):
652         * rendering/RenderBlock.cpp:
653         (WebCore::RenderBlock::constructTextRun):
654         * rendering/RenderBlockLineLayout.cpp:
655         (WebCore::textWidth):
656         (WebCore::tryHyphenating):
657         * rendering/RenderText.cpp:
658         (WebCore::RenderText::widthFromCache):
659         (WebCore::RenderText::computePreferredLogicalWidths):
660         (WebCore::RenderText::width):
661         * rendering/RenderText.h:
662         * rendering/style/RenderStyle.cpp:
663         (WebCore::RenderStyle::diff):
664         * rendering/style/RenderStyle.h:
665         (WebCore::RenderStyleBitfields::tabSize):
666         (WebCore::RenderStyleBitfields::collapsedTabSize):
667         (WebCore::RenderStyleBitfields::setTabSize):
668         (WebCore::RenderStyleBitfields::initialTabSize):
669         * rendering/style/StyleRareInheritedData.cpp:
670         (WebCore::StyleRareInheritedData::StyleRareInheritedData):
671         (WebCore::StyleRareInheritedData::operator==):
672         * rendering/style/StyleRareInheritedData.h:
673         * rendering/svg/SVGInlineTextBox.cpp:
674         (WebCore::SVGInlineTextBox::constructTextRun):
675         * rendering/svg/SVGTextMetrics.cpp:
676         (WebCore::constructTextRun):
677
678 2012-05-10  Antoine Labour  <piman@chromium.org>
679
680         Sync with impl thread when removing references to external textures
681         https://bugs.webkit.org/show_bug.cgi?id=86054
682
683         We want to ensure the client side is safe to release textures, so we
684         sync with the impl thread when:
685         - we change the texture (and we had one)
686         - the layer is removed from the tree (and we had a texture)
687         - the layer is destroyed (and we had a texture)
688
689         Reviewed by James Robinson.
690
691         Test: TextureLayerChromiumTest.
692
693         * platform/graphics/chromium/TextureLayerChromium.cpp:
694         (WebCore::TextureLayerChromium::~TextureLayerChromium):
695         (WebCore::TextureLayerChromium::setTextureId):
696         (WebCore::TextureLayerChromium::setLayerTreeHost):
697         (WebCore):
698         * platform/graphics/chromium/TextureLayerChromium.h:
699         (TextureLayerChromium):
700
701 2012-05-10  Kent Tamura  <tkent@chromium.org>
702
703         [Chromium] attempt to build fix for Chromium-mac.
704         r116697 introduced an override of a system function. It's intentional
705         and WebCoreTextFieldCell should be in the whitelist.
706
707         * WebCore.gyp/WebCore.gyp:
708
709 2012-05-10  Anders Carlsson  <andersca@apple.com>
710
711         PDF files won't scroll in Safari when using Adobe plug-in
712         https://bugs.webkit.org/show_bug.cgi?id=86167
713         <rdar://problem/11389719>
714
715         Reviewed by Sam Weinig.
716
717         * page/scrolling/ScrollingCoordinator.cpp:
718         (WebCore::computeNonFastScrollableRegion):
719         Loop over the frame view children looking for plug-in views that want wheel events
720         and add them to the non-fast scrollable region. Ideally, the plug-ins should be added
721         to the set of scrollable areas, but PluginView in WebKit2 is not a ScrollableArea yet.
722
723         * plugins/PluginViewBase.h:
724         (PluginViewBase):
725         (WebCore::PluginViewBase::wantsWheelEvents):
726
727 2012-05-10  Alexey Proskuryakov  <ap@apple.com>
728
729         Crash in 3rd party WebKit apps that disable cache at a wrong time
730         https://bugs.webkit.org/show_bug.cgi?id=86027
731         <rdar://problem/10615880>
732
733         Reviewed by Antti Koivisto.
734
735         Added an API test.
736
737         The fix is to use CachedResourceHandle throughout MemoryCache, which will certainly
738         keep the resource alive. Also removed earlier fixes.
739
740         * css/CSSImageSetValue.cpp: (WebCore::CSSImageSetValue::cachedImageSet):
741         * css/CSSImageValue.cpp: (WebCore::CSSImageValue::cachedImage):
742         * css/WebKitCSSShaderValue.cpp: (WebCore::WebKitCSSShaderValue::cachedShader):
743         * history/PageCache.cpp: (WebCore::PageCache::releaseAutoreleasedPagesNow):
744         * loader/ImageLoader.cpp: (WebCore::ImageLoader::updateFromElement):
745         * loader/TextTrackLoader.cpp: (WebCore::TextTrackLoader::load):
746         * loader/cache/CachedResourceLoader.cpp:
747         (WebCore::CachedResourceLoader::requestImage):
748         (WebCore::CachedResourceLoader::requestFont):
749         (WebCore::CachedResourceLoader::requestTextTrack):
750         (WebCore::CachedResourceLoader::requestShader):
751         (WebCore::CachedResourceLoader::requestCSSStyleSheet):
752         (WebCore::CachedResourceLoader::requestUserCSSStyleSheet):
753         (WebCore::CachedResourceLoader::requestScript):
754         (WebCore::CachedResourceLoader::requestXSLStyleSheet):
755         (WebCore::CachedResourceLoader::requestSVGDocument):
756         (WebCore::CachedResourceLoader::requestLinkResource):
757         (WebCore::CachedResourceLoader::requestRawResource):
758         (WebCore::CachedResourceLoader::requestResource):
759         (WebCore::CachedResourceLoader::revalidateResource):
760         (WebCore::CachedResourceLoader::loadResource):
761         (WebCore::CachedResourceLoader::requestPreload):
762         * loader/cache/CachedResourceLoader.h: (CachedResourceLoader):
763         * loader/cache/MemoryCache.h: (WebCore::MemoryCache::setPruneEnabled):
764
765         * loader/cache/CachedResourceHandle.h:
766         (WebCore::CachedResourceHandle::CachedResourceHandle):
767         (WebCore::CachedResourceHandle::operator=):
768         Teach CachedResourceHandle how to make CachedResourceHandle<CachedResource> from
769         a handle to subclass.
770
771 2012-05-10  Tien-Ren Chen  <trchen@chromium.org>
772
773         Eliminate duplicated code for culled line box in RenderInline
774         https://bugs.webkit.org/show_bug.cgi?id=85725
775
776         This patch extracts the common part of culledInlineBoundingBox() /
777         culledInlineAbsoluteRects() / culledInlineAbsoluteQuads() to become a
778         template function generateCulledLineBoxRects(). The template function
779         accepts a new parameter, GeneratorContext functor, which will be
780         invoked everytime a new line box rect has been generated. The generated
781         rect will be in local coordinate. The functor will be responsible for
782         appropriate transformation, then appending to vector or union with
783         existing bounding box.
784
785         Reviewed by Eric Seidel.
786
787         No new tests. No change in behavior.
788
789         * rendering/RenderInline.cpp:
790         (WebCore):
791         (WebCore::RenderInline::generateLineBoxRects):
792         (WebCore::RenderInline::generateCulledLineBoxRects):
793         (WebCore::RenderInline::absoluteRects):
794         (WebCore::RenderInline::absoluteQuads):
795         (WebCore::RenderInline::linesBoundingBox):
796         (WebCore::RenderInline::culledInlineVisualOverflowBoundingBox):
797         (WebCore::RenderInline::addFocusRingRects):
798         * rendering/RenderInline.h:
799         (RenderInline):
800
801 2012-05-10  Abhishek Arya  <inferno@chromium.org>
802
803         Crash in swapInNodePreservingAttributesAndChildren.
804         https://bugs.webkit.org/show_bug.cgi?id=85197
805  
806         Reviewed by Ryosuke Niwa.
807  
808         Keep the children in a ref vector before adding them to newNode.
809         They can get destroyed due to mutation events.
810
811         No new tests because we don't have a reduction.
812
813         * editing/ReplaceNodeWithSpanCommand.cpp:
814         (WebCore::swapInNodePreservingAttributesAndChildren):
815
816 2012-05-10  Shinya Kawanaka  <shinyak@chromium.org>
817
818         [Refactoring] Move Selection from DOMWindow to TreeScope.
819         https://bugs.webkit.org/show_bug.cgi?id=82699
820
821         Reviewed by Ryosuke Niwa.
822
823         Since ShadowRoot will also manage its own version of DOMSelection, we would like to
824         share the code among Document and DOMSelection. This patch moves DOMSelection from DOMWindow to TreeScope
825         so that ShadowRoot can also use it.
826
827         No new tests, should covered by existing tests.
828
829         * dom/Document.cpp:
830         (WebCore::Document::updateFocusAppearanceTimerFired):
831         * dom/Document.h:
832         (Document):
833         * dom/ShadowRoot.cpp:
834         (WebCore::ShadowRoot::selection):
835         * do/mTreeScope.cpp:
836         (WebCore::TreeScope::~TreeScope):
837         (WebCore::TreeScope::getSelection):
838         (WebCore):
839         * dom/TreeScope.h:
840         (WebCore):
841         (TreeScope):
842         * page/DOMSelection.cpp:
843         (WebCore::DOMSelection::DOMSelection):
844         (WebCore::DOMSelection::clearTreeScope):
845         (WebCore):
846         * page/DOMSelection.h:
847         (WebCore):
848         (WebCore::DOMSelection::create):
849         (DOMSelection):
850         (WebCore::DOMSelection::frame):
851         * page/DOMWindow.cpp:
852         (WebCore::DOMWindow::~DOMWindow):
853         (WebCore::DOMWindow::clearDOMWindowProperties):
854         (WebCore::DOMWindow::getSelection):
855         * page/DOMWindow.h:
856         (DOMWindow):
857
858 2012-05-10  Kent Tamura  <tkent@chromium.org>
859
860         Unreviewed, rolling out r116594.
861         http://trac.webkit.org/changeset/116594
862         https://bugs.webkit.org/show_bug.cgi?id=86013
863
864         r116594 might have made some composition tests flaky.
865
866         * platform/graphics/chromium/LayerChromium.cpp:
867         (WebCore::LayerChromium::addAnimation):
868         * platform/graphics/chromium/cc/CCLayerAnimationController.cpp:
869         (WebCore::CCLayerAnimationController::pushNewAnimationsToImplThread):
870         * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
871         (WebCore::CCLayerTreeHost::finishCommitOnImplThread):
872         (WebCore::CCLayerTreeHost::didBecomeInvisibleOnImplThread):
873         * platform/graphics/chromium/cc/CCLayerTreeHost.h:
874         (CCLayerTreeHost):
875         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
876         (WebCore::CCLayerTreeHostImpl::CCLayerTreeHostImpl):
877         * platform/graphics/chromium/cc/CCProxy.h:
878         (CCProxy):
879         * platform/graphics/chromium/cc/CCSingleThreadProxy.cpp:
880         (WebCore::CCSingleThreadProxy::CCSingleThreadProxy):
881         (WebCore::CCSingleThreadProxy::doComposite):
882         * platform/graphics/chromium/cc/CCSingleThreadProxy.h:
883         (WebCore):
884         * platform/graphics/chromium/cc/CCThreadProxy.h:
885         (CCThreadProxy):
886
887 2012-05-10  Michael Nordman  <michaeln@google.com>
888
889         [chromium] DomStorage events handling needs TLC (2)
890         https://bugs.webkit.org/show_bug.cgi?id=85221
891         Alter the StorageArea virtual interface such that the mutators no longer
892         return old values. This is to allow implementations of the interface to operate
893         more asynchronously.
894
895         Reviewed by Adam Barth.
896
897         No new tests. Existing tests cover this.
898
899         * storage/StorageArea.h: Alter the interface so the mutators no longer return previous values
900         * storage/StorageAreaImpl.cpp:
901         (WebCore::StorageAreaImpl::disabledByPrivateBrowsingInFrame):  removed an unneeded PLATFORM(CHROMIUM) guard
902         (WebCore::StorageAreaImpl::setItem): no longer return the old value
903         (WebCore::StorageAreaImpl::removeItem): no longer return the old value
904         (WebCore::StorageAreaImpl::clear): no longer return whether something was cleared
905         * storage/StorageAreaImpl.h: match StorageArea's virtual interface
906
907 2012-05-10  Beth Dakin  <bdakin@apple.com>
908
909         https://bugs.webkit.org/show_bug.cgi?id=86158
910         Overlay scrollbars without layers never paint in overflow regions in 
911         tiled drawing mode
912         -and corresponding-
913         <rdar://problem/11289546>
914
915         Reviewed by Darin Adler.
916
917         RenderLayers paint scrollbars that do not have their own layers by 
918         running a second pass through the layer tree after the layer tree has 
919         painted. This ensures that the scrollbars always paint on top of 
920         content. However, this mechanism was relying on 
921         FrameView::paintContents() as a choke-point for all painting to 
922         trigger the second painting pass. That is not a reasonable choke-point 
923         in tiled drawing, so this patch adds similar code to 
924         RenderLayerBacking.
925
926         Only opt into the second painting pass for scrollbars that do not have 
927         their own layers.
928         * rendering/RenderLayer.cpp:
929         (WebCore::RenderLayer::paintOverflowControls):
930         
931         A layer that paints into its backing cannot return early here if it 
932         has overlay scrollbars to paint.
933         (WebCore::RenderLayer::paintLayer):
934         
935         This replicates code in FrameView::paintContents(). After painting the 
936         owning layer, do a second pass if there are overlay scrollbars to 
937         paint.
938         * rendering/RenderLayerBacking.cpp:
939         (WebCore::RenderLayerBacking::paintIntoLayer):
940
941 2012-05-10  Anders Carlsson  <andersca@apple.com>
942
943         Well, at least fixing the GTK+ build is something!
944
945         * platform/gtk/LocalizedStringsGtk.cpp:
946         (WebCore::insecurePluginVersionText):
947         (WebCore):
948
949 2012-05-10  Anders Carlsson  <andersca@apple.com>
950
951         Add insecurePluginVersionText stubs.
952
953         * platform/blackberry/LocalizedStringsBlackBerry.cpp:
954         (WebCore::insecurePluginVersionText):
955         (WebCore):
956         * platform/efl/LocalizedStringsEfl.cpp:
957         (WebCore::insecurePluginVersionText):
958         (WebCore):
959         * platform/qt/LocalizedStringsQt.cpp:
960         (WebCore::insecurePluginVersionText):
961         (WebCore):
962
963 2012-05-10  Sheriff Bot  <webkit.review.bot@gmail.com>
964
965         Unreviewed, rolling out r116677.
966         http://trac.webkit.org/changeset/116677
967         https://bugs.webkit.org/show_bug.cgi?id=86159
968
969         This patch causes linker error to some mac bots (Requested by
970         jianli_ on #webkit).
971
972         * WebCore.exp.in:
973         * dom/ContainerNode.h:
974         * dom/Node.cpp:
975         (WebCore::Node::traverseNextNode):
976         (WebCore::Node::traverseNextSibling):
977         * dom/Node.h:
978         (Node):
979
980 2012-05-10  Abhishek Arya  <inferno@chromium.org>
981
982         Crash in FontCache::releaseFontData due to infinite float size.
983         https://bugs.webkit.org/show_bug.cgi?id=86110
984
985         Reviewed by Andreas Kling.
986
987         New callers always forget to clamp the font size, which overflows
988         to infinity on multiplication. It is best to clamp it at the end
989         to avoid getting greater than std::numeric_limits<float>::max().
990
991         Test: fast/css/large-font-size-crash.html
992
993         * platform/graphics/FontDescription.h:
994         (WebCore::FontDescription::setComputedSize):
995         (WebCore::FontDescription::setSpecifiedSize):
996
997 2012-05-10  Beth Dakin  <bdakin@apple.com>
998
999         https://bugs.webkit.org/show_bug.cgi?id=82131
1000         [Mac] REGRESSION (r110480): Text field that specifies background-color 
1001         (or is auto-filled) gets un-themed border
1002         -and corresponding-
1003         <rdar://problem/11115221>
1004
1005         Reviewed by Maciej Stachowiak.
1006
1007         This change rolls out r110480 which is what caused styled text fields 
1008         to get the un-themed border, and it does a bunch of work to make sure 
1009         we get the pretty, new version of the NSTextField art whenever 
1010         possible. We do this differently for post-Lion OS's since there is now 
1011         a way to opt into it all the time. Lion and SnowLeopard can only use 
1012         the new art in HiDPI mode when the background color of the text field 
1013         is just white.
1014
1015         RenderThemeMac::textField() takes a boolean paramter used to determine 
1016         if the new gradient will be used.
1017         * rendering/RenderThemeMac.h:
1018         (RenderThemeMac):
1019         
1020         This is the post-Lion workaround. This code has no effect on Lion and 
1021         SnowLeopard. This allows up to opt into a version of [NSTextField drawWithFrame:] that will only draw the frame of the text field; without this, it will draw the frame and the background, which creates a number of problems with styled text fields and text fields in HiDPI. There is a less comprehesive workaround for Lion and SnowLeopard in place in RenderThemeMac::textField().
1022         * rendering/RenderThemeMac.mm:
1023         (-[WebCoreTextFieldCell _coreUIDrawOptionsWithFrame:inView:includeFocus:]):
1024         
1025         This is the roll-out of r110480.
1026         (WebCore::RenderThemeMac::isControlStyled):
1027         
1028         See the comments for a full explanation, but this is mostly code for 
1029         Lion and SnowLeopard to determine if we can opt into the new artwork.
1030         (WebCore::RenderThemeMac::paintTextField):
1031         (WebCore::RenderThemeMac::textField):
1032
1033 2012-05-10  Anders Carlsson  <andersca@apple.com>
1034
1035         WebKit1: Add a way to blacklist specific plug-ins/plug-in versions
1036         https://bugs.webkit.org/show_bug.cgi?id=86150
1037         <rdar://problem/9551196>
1038
1039         Reviewed by Sam Weinig.
1040
1041         * English.lproj/Localizable.strings:
1042         Update.
1043
1044         * loader/SubframeLoader.cpp:
1045         (WebCore::SubframeLoader::loadPlugin):
1046         It is possible that the client has already set the unavailability reason so don't try to set it twice.
1047
1048         * platform/LocalizedStrings.cpp:
1049         (WebCore::insecurePluginVersionText):
1050         * platform/LocalizedStrings.h:
1051         Add insecure plug-in version text.
1052
1053         * rendering/RenderEmbeddedObject.cpp:
1054         (WebCore::RenderEmbeddedObject::unavailablePluginReplacementText):
1055         * rendering/RenderEmbeddedObject.h:
1056         Add InsecurePluginVersion unavailability reason.
1057
1058 2012-05-10  Eric Seidel  <eric@webkit.org>
1059
1060         Make IFRAME_SEAMLESS child documents inherit styles from their parent iframe element
1061         https://bugs.webkit.org/show_bug.cgi?id=85940
1062
1063         Reviewed by Ojan Vafai.
1064
1065         The HTML5 <iframe seamless> spec says:
1066         In a CSS-supporting user agent: the user agent must, for the purpose of CSS property
1067         inheritance only, treat the root element of the active document of the iframe
1068         element's nested browsing context as being a child of the iframe element.
1069         (Thus inherited properties on the root element of the document in the
1070         iframe will inherit the computed values of those properties on the iframe
1071         element instead of taking their initial values.)
1072
1073         Initially I implemented this support to the letter of the spec. However, doing so I learned
1074         that WebKit has a RenderStyle for the Document Node, not just the root element of the document.
1075         In this RenderStyle on the Document, we add a bunch of per-document styles from settings
1076         including designMode.
1077
1078         This change makes StyleResolver::styleForDocument inherit style from the parent iframe's
1079         style, before applying any of these per-document styles.  This may or may not be correct
1080         depending on what behavior we want for rtl-ordering, page-zoom, locale, design mode, etc.
1081         For now, we continue to treat the iframe's document as independent in these regards, and
1082         the settings on that document override those inherited from the iframe.
1083
1084         Also, intially when making this work, I added redirects in recalcStyle and scheduleStyleRecalc
1085         from the child document to the parent document in the case of seamless (since the parent
1086         document effectively manages the style resolve and layout of the child in seamless mode).
1087         However, I was not able to find a test which depended on this code change, so in this final patch
1088         I have removed both of these modifications and replaced them with FIXMEs.  Based on discussions
1089         with Ojan and James Robinson, I believe both of those changes may eventually be wanted.
1090
1091         This change basically does 3 things:
1092         1.  Makes StyleResolver::styleForDocument inherit from the parent iframe.
1093         2.  Makes any recalcStyle calls on the iframe propogate down into the child document (HTMLIFrameElement::didRecalcStyle).
1094         3.  Makes Document::recalcStyle aware of the fact that the Document's style *can* change
1095             for reasons other than recalcStyle(Force).
1096
1097         I'm open to more testing suggestions, if reviewers have settings on the Document's style
1098         that you want to make sure we inherit from the parent iframe, or don't inherit, etc.
1099         I view this as a complete solution to this aspect of the current <iframe seamless> spec,
1100         but likely not the last code we will write for this aspect of the seamless feature. :)
1101
1102         Tested by fast/frames/seamlesss/seamless-css-cascade.html and seamless-designMode.html
1103
1104         * css/StyleResolver.cpp:
1105         (WebCore::StyleResolver::collectMatchingRulesForList):
1106         * dom/Document.cpp:
1107         (WebCore::Document::scheduleStyleRecalc):
1108         (WebCore::Document::recalcStyle):
1109         * html/HTMLIFrameElement.cpp:
1110         (WebCore::HTMLIFrameElement::HTMLIFrameElement):
1111         (WebCore::HTMLIFrameElement::didRecalcStyle):
1112         (WebCore):
1113         * html/HTMLIFrameElement.h:
1114         (HTMLIFrameElement):
1115
1116 2012-05-10  Julien Chaffraix  <jchaffraix@webkit.org>
1117
1118         Crash in computedCSSPadding* functions due to RenderImage::imageDimensionsChanged called during attachment
1119         https://bugs.webkit.org/show_bug.cgi?id=85912
1120
1121         Reviewed by Eric Seidel.
1122
1123         Tests: fast/images/link-body-content-imageDimensionChanged-crash.html
1124                fast/images/script-counter-imageDimensionChanged-crash.html
1125
1126         The bug comes from CSS generated images that could end up calling imageDimensionsChanged during attachment. As the
1127         rest of the code (e.g. computedCSSPadding*) would assumes that we are already inserted in the tree, we would crash.
1128
1129         The solution is to bail out in this case as newly inserted RenderObject will trigger layout later on and properly
1130         handle what we would be doing as part of imageDimensionChanged (the only exception being updating our intrinsic
1131         size which should be done as part of imageDimensionsChanged).
1132
1133         * rendering/RenderImage.cpp:
1134         (WebCore::RenderImage::imageDimensionsChanged):
1135
1136 2012-05-10  Adam Barth  <abarth@webkit.org>
1137
1138         ASSERT in BidiResolver<Iterator, Run>::commitExplicitEmbedding makes running debug builds annoying
1139         https://bugs.webkit.org/show_bug.cgi?id=86140
1140
1141         Reviewed by Eric Seidel.
1142
1143         The correct fix here is to resolve
1144         https://bugs.webkit.org/show_bug.cgi?id=76574, but in the mean time,
1145         this ASSERT is annoying.
1146
1147         * platform/text/BidiResolver.h:
1148         (WebCore::::commitExplicitEmbedding):
1149
1150 2012-05-10  Mark Pilgrim  <pilgrim@chromium.org>
1151
1152         [Chromium] Call addTraceEvent and getTraceCategoryEnabledFlag directly
1153         https://bugs.webkit.org/show_bug.cgi?id=85399
1154
1155         Reviewed by Adam Barth.
1156
1157         Part of a refactoring series. See tracking bug 82948.
1158
1159         * CMakeLists.txt:
1160         * GNUmakefile.list.am:
1161         * Target.pri:
1162         * WebCore.gypi:
1163         * WebCore.vcproj/WebCore.vcproj:
1164         * WebCore.xcodeproj/project.pbxproj:
1165         * platform/EventTracer.cpp: Added.
1166         (WebCore):
1167         (WebCore::EventTracer::getTraceCategoryEnabledFlag):
1168         (WebCore::EventTracer::addTraceEvent):
1169         * platform/EventTracer.h: Added.
1170         (WebCore):
1171         (EventTracer):
1172         * platform/chromium/EventTracerChromium.cpp: Added.
1173         (WebCore):
1174         (WebCore::EventTracer::getTraceCategoryEnabledFlag):
1175         (WebCore::EventTracer::addTraceEvent):
1176         * platform/chromium/PlatformSupport.h:
1177         * platform/chromium/TraceEvent.h:
1178
1179 2012-05-10  Adam Barth  <abarth@webkit.org>
1180
1181         ScrollView::fixedVisibleContentRect should be public
1182         https://bugs.webkit.org/show_bug.cgi?id=86147
1183
1184         Reviewed by Eric Seidel.
1185
1186         Some code in the WebKit layer of OS(ANDROID) uses this function. That
1187         could will be upstreamed in a later patch. For now, this patch just
1188         makes this function public so that we remove the diff to this file.
1189
1190         * platform/ScrollView.h:
1191         (WebCore::ScrollView::fixedVisibleContentRect):
1192         (WebCore::ScrollView::delegatesScrollingDidChange):
1193
1194 2012-05-10  Anders Carlsson  <andersca@apple.com>
1195
1196         Rename the missing plug-in indicator to the unavailable plug-in indicator
1197         https://bugs.webkit.org/show_bug.cgi?id=86136
1198
1199         Reviewed by Sam Weinig.
1200
1201         Since the indicator is shown for more than just missing plug-ins, generalize it and use a plug-in unavailability
1202         reason enum to make it easier to extend. Also, pass the unavailability reason to the ChromeClient member functions.
1203
1204         * WebCore.exp.in:
1205         * html/HTMLEmbedElement.cpp:
1206         (WebCore::HTMLEmbedElement::updateWidget):
1207         * html/HTMLObjectElement.cpp:
1208         (WebCore::HTMLObjectElement::updateWidget):
1209         * html/HTMLPlugInElement.cpp:
1210         (WebCore::HTMLPlugInElement::defaultEventHandler):
1211         * html/HTMLPlugInImageElement.cpp:
1212         (WebCore::HTMLPlugInImageElement::updateWidgetIfNecessary):
1213         * loader/SubframeLoader.cpp:
1214         (WebCore::SubframeLoader::loadPlugin):
1215         * page/ChromeClient.h:
1216         (WebCore::ChromeClient::shouldUnavailablePluginMessageBeButton):
1217         (WebCore::ChromeClient::unavailablePluginButtonClicked):
1218         * page/FrameView.cpp:
1219         (WebCore::FrameView::updateWidget):
1220         * rendering/RenderEmbeddedObject.cpp:
1221         (WebCore::RenderEmbeddedObject::RenderEmbeddedObject):
1222         (WebCore::RenderEmbeddedObject::setPluginUnavailabilityReason):
1223         (WebCore::RenderEmbeddedObject::showsUnavailablePluginIndicator):
1224         (WebCore::RenderEmbeddedObject::setUnavailablePluginIndicatorIsPressed):
1225         (WebCore::RenderEmbeddedObject::paint):
1226         (WebCore::RenderEmbeddedObject::paintReplaced):
1227         (WebCore::RenderEmbeddedObject::getReplacementTextGeometry):
1228         (WebCore::RenderEmbeddedObject::unavailablePluginReplacementText):
1229         (WebCore):
1230         (WebCore::RenderEmbeddedObject::isInUnavailablePluginIndicator):
1231         (WebCore::shouldUnavailablePluginMessageBeButton):
1232         (WebCore::RenderEmbeddedObject::handleUnavailablePluginIndicatorEvent):
1233         (WebCore::RenderEmbeddedObject::getCursor):
1234         * rendering/RenderEmbeddedObject.h:
1235         (RenderEmbeddedObject):
1236
1237 2012-05-10  Brady Eidson  <beidson@apple.com>
1238
1239         <rdar://problem/10972577> and https://bugs.webkit.org/show_bug.cgi?id=80170
1240         Contents of noscript elements turned into strings in WebArchives
1241
1242         Reviewed by Andy Estes.
1243
1244         There's a much deeper question about how innerHTML of <noscript> is expected to work in 
1245         both a scripting and non-scripting environment that we should pursue separately.
1246
1247         But for webarchives, we can solve this by filtering out the <noscript> elements completely 
1248         if scripting is enabled.
1249
1250         Test: webarchive/ignore-noscript-if-scripting-enabled.html
1251
1252         * WebCore.exp.in:
1253
1254         Add arguments to createMarkup and MarkupAccumulator methods to pass a Vector of QualifiedNames
1255         that should be filtered from the resulting markup:
1256         * editing/MarkupAccumulator.cpp:
1257         (WebCore::MarkupAccumulator::serializeNodes):
1258         (WebCore::MarkupAccumulator::serializeNodesWithNamespaces):
1259         * editing/MarkupAccumulator.h:
1260         * editing/markup.cpp:
1261         (WebCore::createMarkup):
1262         * editing/markup.h:
1263
1264         If scripting is enabled, add the noscriptTag to the tag names to filter:
1265         * loader/archive/cf/LegacyWebArchive.cpp:
1266         (WebCore::LegacyWebArchive::create):
1267
1268 2012-05-10  Abhishek Arya  <inferno@chromium.org>
1269
1270         Crash due to floats not removed from first-letter element.
1271         https://bugs.webkit.org/show_bug.cgi?id=86019
1272
1273         Reviewed by Julien Chaffraix.
1274
1275         Move clearing logic of a floating/positioned object from removeChild
1276         to removeChildNode. There are lot of places which use removeChildNode
1277         directly and hence the object is not removed from the floating or
1278         positioned objects list.
1279
1280         Test: fast/block/float/float-not-removed-from-first-letter.html
1281
1282         * rendering/RenderObject.cpp:
1283         (WebCore::RenderObject::removeChild):
1284         * rendering/RenderObjectChildList.cpp:
1285         (WebCore::RenderObjectChildList::removeChildNode):
1286
1287 2012-05-10  Andreas Kling  <kling@webkit.org>
1288
1289         Remove empty ElementAttributeData destructor.
1290         <http://webkit.org/b/86126>
1291
1292         Reviewed by Antti Koivisto.
1293
1294         * dom/ElementAttributeData.cpp:
1295         * dom/ElementAttributeData.h:
1296
1297 2012-05-10  Yury Semikhatsky  <yurys@chromium.org>
1298
1299         Web Inspector: heap snapshot comparison view is broken
1300         https://bugs.webkit.org/show_bug.cgi?id=86102
1301
1302         Reviewed by Pavel Feldman.
1303
1304         Pass HeapSnapshotProxy instead of undefined to the profile load callback. Added
1305         compiler annotations to avoid such errors in the future.
1306
1307         * inspector/front-end/HeapSnapshotView.js:
1308
1309 2012-05-10  Zan Dobersek  <zandobersek@gmail.com>
1310
1311         [GTK] ENABLE_IFRAME_SEAMLESS support
1312         https://bugs.webkit.org/show_bug.cgi?id=85843
1313
1314         Reviewed by Eric Seidel.
1315
1316         Export the ENABLE_IFRAME_SEAMLESS feature define when the feature is
1317         enabled.
1318
1319         No new tests - all the related tests should now be passing.
1320
1321         * GNUmakefile.am:
1322
1323 2012-05-10  Antti Koivisto  <antti@apple.com>
1324
1325         Inline Node::traverseNextNode
1326         https://bugs.webkit.org/show_bug.cgi?id=85844
1327
1328         Reviewed by Ryosuke Niwa.
1329         
1330         Inline traverseNextNode and traverseNextSibling to reduce entry/exit overhead and allow better code generation
1331         for many hot loops.
1332
1333         In this version only the firstChild()/nextSibling() tests are inlined and the ancestor traversal is not.
1334         
1335         Performance bots will tell if this was worthwhile.
1336
1337         * dom/ContainerNode.h:
1338         (WebCore::Node::traverseNextNode):
1339         (WebCore):
1340         (WebCore::Node::traverseNextSibling):
1341         * dom/Node.cpp:
1342         (WebCore::Node::traverseNextAncestorSibling):
1343         * dom/Node.h:
1344         (Node):
1345
1346 2012-05-10  Tommy Widenflycht  <tommyw@google.com>
1347
1348         MediaStream API: Fix MediaHints parsing
1349         https://bugs.webkit.org/show_bug.cgi?id=86098
1350
1351         Reviewed by Adam Barth.
1352
1353         Not currently testable. Working on a series of patches that will fix that.
1354
1355         * Modules/mediastream/PeerConnection00.cpp:
1356         (WebCore::PeerConnection00::createMediaHints):
1357
1358 2012-05-10  Tommy Widenflycht  <tommyw@google.com>
1359
1360         [chromium] MediaStream API: Fix the ExtraData functionality in WebMediaStreamDescriptor
1361         https://bugs.webkit.org/show_bug.cgi?id=86087
1362
1363         Reviewed by Adam Barth.
1364
1365         Not easy to test but I have added code that excercises this to WebUserMediaClientMock (in DumpRenderTree).
1366
1367         * platform/chromium/support/WebMediaStreamDescriptor.cpp:
1368         (WebKit::WebMediaStreamDescriptor::setExtraData):
1369
1370 2012-05-10  Pavel Feldman  <pfeldman@chromium.org>
1371
1372         Web Inspector: search title is shown beside the search field (not under) in the vertical mode.
1373         https://bugs.webkit.org/show_bug.cgi?id=86120
1374
1375         Reviewed by Yury Semikhatsky.
1376
1377         This change makes search title render as placeholder at all times.
1378         It also adjusts the size of the search field when navigation arrows appear.
1379
1380         * inspector/front-end/SearchController.js:
1381         (WebInspector.SearchController):
1382         (WebInspector.SearchController.prototype.updateSearchLabel):
1383         (WebInspector.SearchController.prototype._updateSearchNavigationButtonState):
1384         (WebInspector.SearchController.prototype._createSearchNavigationButton):
1385         * inspector/front-end/inspector.css:
1386         (#toolbar-search-item):
1387         (.with-navigation-buttons #search):
1388         (.toolbar-search-navigation-label):
1389         (.with-navigation-buttons .toolbar-search-navigation-label):
1390         * inspector/front-end/inspector.html:
1391
1392 2012-05-10  Varun Jain  <varunjain@google.com>
1393
1394         [chromium] Trigger context menu for long press gesture
1395         https://bugs.webkit.org/show_bug.cgi?id=85919
1396
1397         Reviewed by Adam Barth.
1398
1399         Test: fast/events/touch/gesture/context-menu-on-long-press.html
1400
1401         * page/EventHandler.cpp:
1402         (WebCore):
1403         (WebCore::EventHandler::sendContextMenuEventForGesture):
1404         * page/EventHandler.h:
1405         (EventHandler):
1406
1407 2012-05-10  Abhishek Arya  <inferno@chromium.org>
1408
1409         Crash in ApplyStyleCommand::joinChildTextNodes.
1410         https://bugs.webkit.org/show_bug.cgi?id=85939
1411
1412         Reviewed by Ryosuke Niwa.
1413
1414         Test: editing/style/apply-style-join-child-text-nodes-crash.html
1415
1416         * editing/ApplyStyleCommand.cpp:
1417         (WebCore::ApplyStyleCommand::applyRelativeFontStyleChange): add conditions
1418         to bail out if our start and end position nodes are removed due to 
1419         mutation events in joinChildTextNodes.
1420         (WebCore::ApplyStyleCommand::applyInlineStyle): this executes after
1421         applyRelativeFontStyleChange in ApplyStyleCommand::doApply. So, need
1422         to bail out if our start and end position nodes are removed due to
1423         mutation events.
1424         (WebCore::ApplyStyleCommand::joinChildTextNodes): hold all the children
1425         in a ref vector to prevent them from getting destroyed due to mutation events.
1426
1427 2012-05-10  Erik Arvidsson  <arv@chromium.org>
1428
1429         Unreviewed, rebaselined run-bindings-tests results.
1430
1431         * bindings/scripts/test/JS/JSTestEventTarget.cpp:
1432         (WebCore::jsTestEventTargetPrototypeFunctionAddEventListener):
1433         (WebCore::jsTestEventTargetPrototypeFunctionRemoveEventListener):
1434         * bindings/scripts/test/JS/JSTestObj.cpp:
1435         (WebCore::jsTestObjPrototypeFunctionAddEventListener):
1436         (WebCore::jsTestObjPrototypeFunctionRemoveEventListener):
1437         * bindings/scripts/test/V8/V8TestException.cpp:
1438         (WebCore::V8TestException::wrapSlow):
1439         * bindings/scripts/test/V8/V8TestException.h:
1440         (WebCore::V8TestException::wrap):
1441
1442 2012-05-10  Abhishek Arya  <inferno@chromium.org>
1443
1444         Crash in InsertParagraphSeparatorCommand::doApply.
1445         https://bugs.webkit.org/show_bug.cgi?id=84995
1446
1447         Reviewed by Ryosuke Niwa.
1448
1449         Test: editing/inserting/insert-paragraph-seperator-crash.html
1450
1451         * editing/DeleteSelectionCommand.cpp:
1452         (WebCore::DeleteSelectionCommand::mergeParagraphs): no need of static cast, since
1453         type of enclosingBlock returned is already Element*.
1454         * editing/IndentOutdentCommand.cpp:
1455         (WebCore::IndentOutdentCommand::tryIndentingAsListItem): no need of static cast, since
1456         type of enclosingBlock returned is already Element*.
1457         * editing/InsertParagraphSeparatorCommand.cpp:
1458         (WebCore::InsertParagraphSeparatorCommand::doApply): RefPtr startBlock to guard against
1459         mutation events.
1460         * editing/htmlediting.cpp:
1461         (WebCore::enclosingBlock): make sure type of enclosingNode is an element before doing
1462         the static cast. This was already failing in a couple of layout tests. Also, isBlock
1463         check already exists in the function call to enclosingNodeOfType, so don't need it
1464         again on enclosingNode's renderer.
1465         * editing/htmlediting.h: 
1466         (WebCore):
1467
1468 2012-05-10  Allan Sandfeld Jensen  <allan.jensen@nokia.com>
1469
1470         TouchAdjustment doesn't correct for scroll-offsets.
1471         https://bugs.webkit.org/show_bug.cgi?id=86083
1472
1473         Reviewed by Kenneth Rohde Christiansen.
1474
1475         Already tested by: touchadjustment/scroll-delegation
1476
1477         * page/EventHandler.cpp:
1478         (WebCore::EventHandler::bestClickableNodeForTouchPoint):
1479         (WebCore::EventHandler::bestZoomableAreaForTouchPoint):
1480         * page/TouchAdjustment.cpp:
1481         (WebCore::TouchAdjustment::findNodeWithLowestDistanceMetric):
1482         * testing/Internals.cpp:
1483         (WebCore::Internals::bestZoomableAreaForTouchPoint):
1484
1485 2012-05-10  Konrad Piascik  <kpiascik@rim.com>
1486
1487         Fix typo in filename
1488         https://bugs.webkit.org/show_bug.cgi?id=86095
1489
1490         Reviewed by Andreas Kling.
1491
1492         * UseJSC.cmake:
1493
1494 2012-05-10  Stephen Chenney  <schenney@chromium.org>
1495
1496         SVG Filters allow invalid elements as children
1497         https://bugs.webkit.org/show_bug.cgi?id=83979
1498
1499         Reviewed by Nikolas Zimmermann.
1500
1501         According to the SVG spec, there are numerous restrictions on the
1502         content of nodes (that is, their children). Specific to this problem,
1503         SVGFilter elements may only contain SVGFilterPrimitive elements, and
1504         those may only contain animation related elements. This patch enforces
1505         the restriction on filters in the render tree, thus preventing us from
1506         having (for instance) content that is inside a filter yet filtered by
1507         the filter.
1508
1509         Manual test: ManualTests/bugzilla-83979.svg
1510
1511         * svg/SVGFilterElement.cpp:
1512         (WebCore::SVGFilterElement::childShouldCreateRenderer): Added to only allow renderers for fe* children
1513         (WebCore):
1514         * svg/SVGFilterElement.h:
1515         (SVGFilterElement):
1516         * svg/SVGFilterPrimitiveStandardAttributes.h: Do not allow any children at all for fe* elements.
1517         (SVGFilterPrimitiveStandardAttributes):
1518
1519 2012-05-10  Joe Thomas  <joethomas@motorola.com>
1520
1521         [CSS3 Backgrounds and Borders] Add background-size to the background shorthand
1522         https://bugs.webkit.org/show_bug.cgi?id=27577
1523
1524         Reviewed by Alexis Menard.
1525
1526         Added CSSPropertyBackgroundSize to the background shorthand propery. Added the logic for parsing background-size.
1527         bakground-size appears after background-position followed by a '/'.
1528         The specification related to this change is http://www.w3.org/TR/css3-background/#the-background
1529
1530         Tests: fast/backgrounds/background-shorthand-with-backgroundSize-style.html
1531                fast/backgrounds/size/backgroundSize-in-background-shorthand.html
1532
1533         * css/CSSComputedStyleDeclaration.cpp:
1534         (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
1535         (WebCore::CSSComputedStyleDeclaration::getBackgroundShorthandValue):
1536         (WebCore):
1537         * css/CSSComputedStyleDeclaration.h:
1538         (CSSComputedStyleDeclaration):
1539         * css/CSSParser.cpp:
1540         (WebCore::CSSParser::parseValue):
1541         (WebCore::CSSParser::parseFillShorthand):
1542         * css/StylePropertySet.cpp:
1543         (WebCore::StylePropertySet::getLayeredShorthandValue):
1544         * css/StylePropertyShorthand.cpp:
1545         (WebCore):
1546         (WebCore::backgroundShorthand):
1547
1548 2012-05-10  MORITA Hajime <morrita@google.com>
1549
1550         Node::InDetachFlag could be removed.
1551         https://bugs.webkit.org/show_bug.cgi?id=85963
1552
1553         Reviewed by Antti Koivisto.
1554
1555         Removed Node::inDetach() since it can never true
1556         on the only call site setFocusedNode().
1557
1558         No new test. Covered by existing tests.
1559
1560         * dom/Document.cpp:
1561         (WebCore::Document::setFocusedNode):
1562         * dom/Node.cpp:
1563         (WebCore::Node::detach):
1564         * dom/Node.h:
1565         (WebCore):
1566         (Node):
1567
1568 2012-05-10  Keishi Hattori  <keishi@webkit.org>
1569
1570         Crash in HTMLFormControlElement::m_fieldSetAncestor
1571         https://bugs.webkit.org/show_bug.cgi?id=86070
1572
1573         Reviewed by Kent Tamura.
1574
1575         No new tests.
1576
1577         The previous patch r115990 didn't completely resolve the crash (Bug 85453)
1578         We don't have a reproducible test case, so we are reverting to the old code for setting m_fieldSetAncestor.
1579
1580         * html/HTMLFormControlElement.cpp:
1581         (WebCore::HTMLFormControlElement::HTMLFormControlElement):
1582         (WebCore::HTMLFormControlElement::updateFieldSetAndLegendAncestor):
1583         (WebCore::HTMLFormControlElement::insertedInto): Set m_dataListAncestorState to Unknown because ancestor has changed. Call setNeedsWillValidateCheck because style might need to be updated.
1584         (WebCore::HTMLFormControlElement::removedFrom):
1585         (WebCore::HTMLFormControlElement::disabled):
1586         (WebCore::HTMLFormControlElement::recalcWillValidate):
1587         (WebCore::HTMLFormControlElement::willValidate):
1588         (WebCore::HTMLFormControlElement::setNeedsWillValidateCheck):
1589         * html/HTMLFormControlElement.h:
1590         (HTMLFormControlElement): Added m_dataListAncestorState.
1591
1592 2012-05-10  Sam D  <dsam2912@gmail.com>
1593
1594         Web Inspector: rename InspectorBackendStub.js to InspectorBackendCommands.js
1595         https://bugs.webkit.org/show_bug.cgi?id=72306
1596
1597         Changed name for InspectorBackendStub.js to
1598         InspectorBackendCommands.js
1599
1600         Reviewed by Yury Semikhatsky.
1601
1602         No new tests required. File name is changed.
1603
1604         * DerivedSources.pri:
1605         * GNUmakefile.am:
1606         * Target.pri:
1607         * WebCore.gyp/WebCore.gyp:
1608         * WebCore.gypi:
1609         * WebCore.vcproj/copyWebCoreResourceFiles.cmd:
1610         * WebCore.xcodeproj/project.pbxproj:
1611         * gyp/copy-inspector-resources.sh:
1612         * inspector/CodeGeneratorInspector.py:
1613         * inspector/front-end/InspectorBackendCommands.qrc: Added.
1614         * inspector/front-end/InspectorBackendStub.qrc: Removed.
1615         * inspector/front-end/inspector.html:
1616
1617 2012-05-10  Alexis Menard  <alexis.menard@openbossa.org>
1618
1619         [Qt] Avoid string conversions to construct a QUrl when using Qt5.
1620         https://bugs.webkit.org/show_bug.cgi?id=86006
1621
1622         Reviewed by Kenneth Rohde Christiansen.
1623
1624         In Qt5, the QUrl constructor can handle the string directly, even in UTF-16 because the
1625         constructor QUrl(QString) has been fixed. Unfortunately we still need to use the old
1626         code path when building with Qt4.
1627
1628         No new tests : it's a performance improvement which should be covered by tests.
1629
1630         * platform/qt/KURLQt.cpp:
1631         (WebCore::KURL::operator QUrl):
1632
1633 2012-05-10  Noel Gordon  <noel.gordon@gmail.com>
1634
1635         [chromium] REGRESSION(r107389) Visible line artifacts on some JPEG images
1636         https://bugs.webkit.org/show_bug.cgi?id=85772
1637
1638         Reviewed by Kent Tamura.
1639
1640         On some JPEG images, vertical and horizontal lines artifacts might appear in image
1641         regions with very high frequency color variation when using DCT_IFAST decodes. Use
1642         DCT_IFAST on small screen devices only (Chromium Android).
1643
1644         No new tests. Covered by existing tests.
1645
1646         * platform/image-decoders/jpeg/JPEGImageDecoder.cpp:
1647         (dctMethod): Permit DCT_IFAST decoding for Chromium Android only.
1648
1649 2012-05-10  Kenneth Rohde Christiansen  <kenneth@webkit.org>
1650
1651         [Qt] Implement fit-to-width behaviour
1652         https://bugs.webkit.org/show_bug.cgi?id=86085
1653
1654         Reviewed by Simon Hausmann.
1655
1656         Add a method to get the minimum scale factor that contains the content
1657         without showing any chrome background.
1658
1659         * dom/ViewportArguments.cpp:
1660         (WebCore::computeMinimumScaleFactorForContentContained):
1661         (WebCore):
1662         * dom/ViewportArguments.h:
1663         (WebCore):
1664
1665 2012-05-10  MORITA Hajime  <morrita@google.com>
1666
1667         Remove support for Node::willRemove()
1668         https://bugs.webkit.org/show_bug.cgi?id=55209
1669
1670         Reviewed by Ryosuke Niwa.
1671
1672         This change de-virtualizes Node::willRemove(), gains
1673         5% speedup on Dromaeo dom-modify.
1674
1675         Originally there were 5 willRemove() overrides:
1676         - Element
1677         - HTMLStyleElement
1678         - HTMLSourceElement
1679         - HTMLTrackElement
1680         - HTMLFrameOwnerElement
1681
1682         For first 4 items, this change moves their implementations to
1683         Node::removedFrom() overrides.
1684
1685         Then HTMLFrameOwnerElement is the only class which needs the
1686         notification.  Because it emits the "unload" event, it needs some
1687         notification _before_ its removal. To handle that, this change
1688         introduces ChildFrameDisconnector which collects
1689         corresponding decendant elements and disconnect their content frame.
1690
1691         Even though this approach doesn't kill pre-removal tree traversal
1692         completely, it's a bit more efficient due to the de-virtualization.
1693
1694         No new tests. Covered by existing test.
1695
1696         * dom/ContainerNode.cpp:
1697         (WebCore::willRemoveChild): Replaced willRemove() call with ChildFrameDisconnector.
1698         (WebCore::willRemoveChildren): Ditto.
1699         (WebCore::ContainerNode::disconnectDescendantFrames): Added. Used from FrameLoader to replace Document::willRemove() call.
1700         (WebCore):
1701         * dom/ContainerNode.h:
1702         (ContainerNode):
1703         * dom/ContainerNodeAlgorithms.cpp:
1704         (WebCore::ChildFrameDisconnector::collectDescendant):
1705         (WebCore):
1706         (WebCore::ChildFrameDisconnector::Target::disconnect):
1707         * dom/ContainerNodeAlgorithms.h:
1708         (ChildFrameDisconnector):
1709         (Target):
1710         (WebCore::ChildFrameDisconnector::Target::Target):
1711         (WebCore::ChildFrameDisconnector::Target::isValid):
1712         (WebCore):
1713         (WebCore::ChildFrameDisconnector::ChildFrameDisconnector):
1714         (WebCore::ChildFrameDisconnector::collectDescendant):
1715         (WebCore::ChildFrameDisconnector::disconnect):
1716         * dom/Element.cpp:
1717         (WebCore::Element::removedFrom):
1718         * dom/Element.h:
1719         * dom/ElementShadow.cpp:
1720         * dom/ElementShadow.h:
1721         (ElementShadow):
1722         * dom/Node.cpp:
1723         * dom/Node.h: Added IsFrameOwnerElement flag to de-virtualize IsFrameOwnerElement().
1724         (WebCore::Node::isFrameOwnerElement): De-virtualized.
1725         (Node):
1726         * html/HTMLElement.h:
1727         (HTMLElement):
1728         (WebCore::HTMLElement::HTMLElement):
1729         * html/HTMLFrameOwnerElement.cpp:
1730         (WebCore::HTMLFrameOwnerElement::HTMLFrameOwnerElement):
1731         (WebCore::HTMLFrameOwnerElement::disconnectContentFrame): Extracted from original willRemove().
1732         * html/HTMLFrameOwnerElement.h:
1733         (HTMLFrameOwnerElement):
1734         (WebCore::toFrameOwnerElement):
1735         (WebCore):
1736         * html/HTMLMediaElement.cpp:
1737         (WebCore::HTMLMediaElement::sourceWasRemoved): Renamed from sourceWillBeRemoved(), dealing with the timing change.
1738         * html/HTMLMediaElement.h:
1739         (HTMLMediaElement):
1740         (WebCore::isMediaElement):
1741         (WebCore):
1742         (WebCore::toMediaElement):
1743         * html/HTMLSourceElement.cpp:
1744         (WebCore::HTMLSourceElement::removedFrom): Moved some code from willRemove().
1745         * html/HTMLSourceElement.h:
1746         (HTMLSourceElement):
1747         * html/HTMLStyleElement.cpp:
1748         (WebCore::HTMLStyleElement::removedFrom):
1749         (WebCore):
1750         * html/HTMLStyleElement.h:
1751         (HTMLStyleElement):
1752         * html/HTMLTrackElement.cpp:
1753         (WebCore::HTMLTrackElement::removedFrom): Moved some code from willRemove().
1754         * html/HTMLTrackElement.h:
1755         (HTMLTrackElement):
1756         * loader/FrameLoader.cpp:
1757         (WebCore::FrameLoader::clear):
1758
1759 2012-05-10  Kinuko Yasuda  <kinuko@chromium.org>
1760
1761         Change the return type of Entry.toURL() back to String from KURL
1762         https://bugs.webkit.org/show_bug.cgi?id=85858
1763
1764         Reviewed by Ryosuke Niwa.
1765
1766         I once changed it from String to KURL in r116273 but it turned out that
1767         it involves implicit conversion and may incur extra overhead.
1768         This partly reverts r116273 while keeping some internal functions
1769         returning KURL as it's what we initially create as and is more
1770         convenient to operate on.
1771
1772         No new tests; no functional or visible changes.
1773
1774         * Modules/filesystem/EntryBase.cpp:
1775         (WebCore::EntryBase::toURL):
1776         * Modules/filesystem/EntryBase.h:
1777         (EntryBase):
1778
1779 2012-05-10  Alexander Pavlov  <apavlov@chromium.org>
1780
1781         Web Inspector: Autocomplete for CSS property values in the Styles pane behaving incorrectly
1782         https://bugs.webkit.org/show_bug.cgi?id=85784
1783
1784         Reviewed by Vsevolod Vlasov.
1785
1786         Before executing the number increment/decrement within CSS property value, the current word is checked
1787         for being a valid suggestion for the current property, and if it is, the numeric change is skipped
1788         in favor of the suggested property value switch by a suggest box.
1789
1790         * inspector/front-end/StylesSidebarPane.js:
1791
1792 2012-05-10  Abhishek Arya  <inferno@chromium.org>
1793
1794         Make DOMCharacterDataModified a scoped event (similar to r73690).
1795         https://bugs.webkit.org/show_bug.cgi?id=85920
1796
1797         Reviewed by Ryosuke Niwa.
1798
1799         DOMCharacterDataModified was missing in the list of already scoped
1800         DOM mutation events like DOMSubtreeModified, DOMNodeInserted, etc.
1801         It helps to delay event dispatches until the completion of each call
1802         of EditCommand::doApply. This has been useful in the past and helped to 
1803         prevent unexpected DOM tree mutations while the editing command is executing.
1804
1805         * dom/CharacterData.cpp:
1806         (WebCore::CharacterData::dispatchModifiedEvent):
1807
1808 2012-05-10  Alexandre Elias  <aelias@google.com>
1809
1810         Default to null value for HistoryItem::m_pageScaleFactor
1811         https://bugs.webkit.org/show_bug.cgi?id=84385
1812
1813         Reviewed by Adam Barth.
1814
1815         Previously, HistoryItem::m_pageScaleFactor defaulted to a value
1816         of 1, making it impossible to determine whether this value was never
1817         set, or intentionally set to 1.  This patch introduces a default value
1818         of 0 and makes restoreScrollPositionAndViewState not touch the page
1819         scale factor if this value is still present at time of reload.
1820
1821         This is a no-op change for common navigation scenarios.  The
1822         motivation for this change is the corner case of syncing history items
1823         from a desktop browser to a mobile device.  In that case, we need a
1824         way to specify that the history item does not contain a
1825         pageScaleFactor so that the mobile device does not display the page
1826         overly zoomed in.
1827
1828         No new tests.
1829
1830         * history/HistoryItem.cpp:
1831         (WebCore::HistoryItem::HistoryItem):
1832         * loader/HistoryController.cpp:
1833         (WebCore::HistoryController::restoreScrollPositionAndViewState):
1834
1835 2012-05-10  Csaba Osztrogon√°c  <ossy@webkit.org>
1836
1837         Use suitable viewport values when a Mobile DTD is used.
1838         https://bugs.webkit.org/show_bug.cgi?id=85425
1839
1840         Unreviewed debug buildfix after r116571.
1841
1842         * dom/Document.cpp:
1843         (WebCore::Document::setDocType):
1844
1845 2012-05-10  Yoshifumi Inoue  <yosin@chromium.org>
1846
1847         [Forms] Move step related methods to InputType class from HTMLInputElement class
1848         https://bugs.webkit.org/show_bug.cgi?id=85978
1849
1850         Reviewed by Kent Tamura.
1851
1852         This patch is part of re-factoring of HTMLInputElement.cpp for numeric input type.
1853         In this patch, we move implementation of getAllowedValueStep and stepUp/stepUpFromRenderer
1854         to InputType class because of these are for DateTime/Number/Range.
1855
1856         Following patches will change implementation of getAllowedValueStep to use StepRange and
1857         remove step related methods, defaultStep, stepScaleFactor, and so on.
1858
1859         No new tests. This patch should not change behavior.
1860
1861         * html/HTMLInputElement.cpp:
1862         (WebCore):
1863         (WebCore::HTMLInputElement::getAllowedValueStep):
1864         (WebCore::HTMLInputElement::stepUp):
1865         (WebCore::HTMLInputElement::stepDown):
1866         (WebCore::HTMLInputElement::stepUpFromRenderer):
1867         * html/HTMLInputElement.h:
1868         (HTMLInputElement):
1869         * html/InputType.cpp:
1870         (WebCore::InputType::applyStep):
1871         (WebCore):
1872         (WebCore::InputType::alignValueForStep):
1873         (WebCore::InputType::getAllowedValueStep):
1874         (WebCore::InputType::getAllowedValueStepWithDecimalPlaces):
1875         (WebCore::InputType::stepUp):
1876         (WebCore::InputType::stepUpFromRenderer):
1877         * html/InputType.h:
1878         (InputType):
1879
1880 2012-05-09  Kent Tamura  <tkent@chromium.org>
1881
1882         Calendar Picker: Fix a crash by changing input type.
1883         https://bugs.webkit.org/show_bug.cgi?id=86007
1884
1885         Reviewed by Hajime Morita.
1886
1887         Manual test: forms/calendar-picker-crash-by-type-change.html
1888
1889         * html/shadow/CalendarPickerElement.cpp:
1890         (WebCore::CalendarPickerElement::~CalendarPickerElement):
1891         Added. Make sure the popup is closed.
1892         * html/shadow/CalendarPickerElement.h:
1893         (CalendarPickerElement): Add declaration of the destructor.
1894
1895 2012-05-09  Gyuyoung Kim  <gyuyoung.kim@samsung.com>
1896
1897         Move suspendAnimations to use Internals interface.
1898         https://bugs.webkit.org/show_bug.cgi?id=85986
1899
1900         Reviewed by Ryosuke Niwa.
1901
1902         Add suspendAnimations functions, because it is able to work in the
1903         cross-port way through the Internals interface.
1904
1905         No new tests, since we are improving here the infra-structure for testing
1906         a specific method.
1907
1908         * testing/Internals.cpp:
1909         (WebCore::Internals::suspendAnimations):
1910         (WebCore):
1911         * testing/Internals.h:
1912         (Internals):
1913         * testing/Internals.idl:
1914
1915 2012-05-09  Charlie Reis  <creis@chromium.org>
1916
1917         Add dispatchMessageEventWithOriginCheck to DOMWindow
1918         https://bugs.webkit.org/show_bug.cgi?id=85815
1919
1920         Reviewed by Adam Barth.
1921
1922         Useful for ports that support cross-process postMessage.
1923         No new tests, since covered by existing postMessage tests.
1924
1925         * page/DOMWindow.cpp:
1926         (WebCore::DOMWindow::postMessageTimerFired):
1927         (WebCore):
1928         (WebCore::DOMWindow::dispatchMessageEventWithOriginCheck):
1929         * page/DOMWindow.h:
1930         (WebCore):
1931         (DOMWindow):
1932
1933 2012-05-09  Jason Liu  <jason.liu@torchmobile.com.cn>
1934
1935         [BlackBerry] Cookie parsing issue. If the cookie value provided was (") then the browser creates a session cookie instead.
1936         https://bugs.webkit.org/show_bug.cgi?id=85775
1937
1938         Reviewed by Rob Buis.
1939
1940         Make CookieParser::parseOneCookie handle (cookiename="cookievalue;expires=xxxx) correctly.
1941         This cookie's value is "cookievalue not "cookievalue;expires=xxxx.
1942
1943         Test: http/tests/cookies/single-quoted-value.html
1944
1945         * platform/blackberry/CookieParser.cpp:
1946         (WebCore::CookieParser::parseOneCookie):
1947
1948 2012-05-09  Raymond Liu  <raymond.liu@intel.com>
1949
1950         Add multi-channels support for CopyWithGainFrom in AudioBus
1951         https://bugs.webkit.org/show_bug.cgi?id=80675
1952
1953         Reviewed by Chris Rogers.
1954
1955         * platform/audio/AudioBus.cpp:
1956         (WebCore):
1957         (WebCore::AudioBus::AudioBus):
1958         (WebCore::AudioBus::copyWithGainFrom):
1959         * platform/audio/AudioBus.h:
1960         (AudioBus):
1961
1962 2012-05-09  Jessie Berlin  <jberlin@apple.com>
1963
1964         Crash using the new WKBundleDOMWindowExtensions APIs.
1965         https://bugs.webkit.org/show_bug.cgi?id=85888
1966
1967         Reviewed by Brady Eidson.
1968
1969         WKBundlePageWillDestroyGlobalObjectForDOMWindowExtensionCallback was only being invoked when
1970         the WKPage was destroyed, and then only for the child frames. In addition, the
1971         DOMWindowExtension was holding onto a destroyed DOMWindow and attempting to unregister from
1972         when the WK2 wrapper object was attempting to destroy the DOMWindowExtension.
1973
1974         The underlying issue here was that the DOMWindowProperties were getting disconnectFrame
1975         and willDetachPage called on them at the wrong times.
1976
1977         Rename DOMWindowProperty::disconnectFrame and reconnectFrame to disconnectFrameForPageCache
1978         and reconnectFrameFromPageCache for clarity.
1979
1980         Only invoke DOMWindowProperty::disconnectFrameForPageCache when the frame is going into the
1981         page cache.
1982
1983         In the cases where the DOMWindow is getting destroyed, the frame is being destroyed, or the
1984         DOMWindow is getting cleared because the frame is being navigated, invoke
1985         DOMWindowProperty::willDestroyGlobalObjectInFrame instead of disconnectFrame.
1986
1987         Invoke DOMWindowProperty::willDetachGlobalObjectFromFrame when a document is being detached
1988         because the frame has been detached (e.g. fast/storage/storage-detached-iframe.html) and
1989         won't be immediately destroyed.
1990
1991         Invoke DOMWindowProperty::willDestroyGlobalObjectInCachedFrame when a cached frame is
1992         being destroyed.
1993
1994         New WK2 API Test: DOMWindowExtensionNoCache.
1995
1996         * Modules/indexeddb/DOMWindowIndexedDatabase.cpp:
1997         (WebCore::DOMWindowIndexedDatabase::disconnectFrameForPageCache):
1998         Updated for disconnectFrame rename.
1999         (WebCore::DOMWindowIndexedDatabase::reconnectFrameFromPageCache):
2000         Updated for reconnectFrame rename.
2001         (WebCore::DOMWindowIndexedDatabase::willDestroyGlobalObjectInCachedFrame):
2002         Get rid of the suspended IDBFactory.
2003         (WebCore::DOMWindowIndexedDatabase::willDestroyGlobalObjectInFrame):
2004         Get rid of the IDBFactory.
2005         (WebCore::DOMWindowIndexedDatabase::willDetachGlobalObjectFromFrame):
2006         Ditto.
2007         * Modules/indexeddb/DOMWindowIndexedDatabase.h:
2008
2009         * dom/Document.cpp:
2010         (WebCore::Document::prepareForDestruction):
2011         Tell the DOMWindow before detaching the Document.
2012         * dom/Document.h:
2013
2014         * history/CachedFrame.cpp:
2015         (WebCore::CachedFrame::destroy):
2016         Tell the DOMWindow.
2017
2018         * loader/FrameLoader.cpp:
2019         (WebCore::FrameLoader::clear):
2020         Use Document::prepareForDestruction so that the DOMWindow is told about the main frame
2021         navigation before detaching the Document.
2022
2023         * loader/appcache/DOMApplicationCache.cpp:
2024         (WebCore::DOMApplicationCache::disconnectFrameForPageCache):
2025         Updated for the disconnectFrame rename.
2026         (WebCore::DOMApplicationCache::reconnectFrameFromPageCache):
2027         Updated for the reconnectFrame rename.
2028         (WebCore::DOMApplicationCache::willDestroyGlobalObjectInFrame):
2029         Cover the cases formerly covered by disconnectFrame (which was sometimes being called when
2030         called when the frame was destroyed).
2031         * loader/appcache/DOMApplicationCache.h:
2032
2033         * notifications/DOMWindowNotifications.cpp:
2034         (WebCore::DOMWindowNotifications::disconnectFrameForPageCache):
2035         Updated for the disconnectFrame rename.
2036         (WebCore::DOMWindowNotifications::reconnectFrameFromPageCache):
2037         Updated for the reconnectFrame rename.
2038         (WebCore::DOMWindowNotifications::willDestroyGlobalObjectInCachedFrame):
2039         Get rid of the suspended notification center.
2040         (WebCore::DOMWindowNotifications::willDestroyGlobalObjectInFrame):
2041         Get rid of the notification center.
2042         (WebCore::DOMWindowNotifications::willDetachGlobalObjectFromFrame):
2043         Do not allow use of the notification center by detached frames.
2044         * notifications/DOMWindowNotifications.h:
2045
2046         * page/DOMWindow.cpp:
2047         (WebCore::DOMWindow::clearDOMWindowProperties):
2048         Do not call disconnectDOMWindowProperties. It is now the responsibility of the callers to
2049         tell the DOMWindowProperties the correct cause of being cleared.
2050         (WebCore::DOMWindow::~DOMWindow):
2051         Make sure the DOMWindowProperties still know that the DOMWindow is going away.
2052         (WebCore::DOMWindow::frameDestroyed):
2053         Invoke willDestroyGlobalObjectInFrame on the DOMWindowProperties.
2054         (WebCore::DOMWindow::willDetachPage):
2055         It is no longer necessary to tell the DOMWindowProperties anything here.
2056         (WebCore::DOMWindow::willDestroyCachedFrame):
2057         Tell the DOMWindowProperties.
2058         (WebCore::DOMWindow::willDestroyDocumentInFrame):
2059         Ditto.
2060         (WebCore::DOMWindow::willDetachDocumentFromFrame):
2061         Ditto.
2062         (WebCore::DOMWindow::clear):
2063         Ditto.
2064         (WebCore::DOMWindow::disconnectDOMWindowProperties):
2065         Updated for the disconnectFrame rename.
2066         (WebCore::DOMWindow::reconnectDOMWindowProperties):
2067         Ditto.
2068         * page/DOMWindow.h:
2069
2070         * page/DOMWindowExtension.cpp:
2071         (WebCore::DOMWindowExtension::DOMWindowExtension):
2072         Move the responsibility for tracking the disconnected DOMWindow to DOMWindowProperty, since
2073         DOMWindowProperty will need it to unregister the property when a cached frame is destroyed.
2074         (WebCore::DOMWindowExtension::disconnectFrameForPageCache):
2075         Remove the code to check for disconnectFrame being called twice - it is now only called when
2076         a frame goes into the page cache.
2077         Let the DOMWindowProperty keep track of the disconnected DOMWindow.
2078         (WebCore::DOMWindowExtension::reconnectFrameFromPageCache):
2079         Let the DOMWindowProperty keep track of the disconnected DOMWindow.
2080         (WebCore::DOMWindowExtension::willDestroyGlobalObjectInCachedFrame):
2081         Dispatch the willDestroyGlobalObjectForDOMWindowExtension callback.
2082         (WebCore::DOMWindowExtension::willDestroyGlobalObjectInFrame):
2083         Ditto, but only if the callback hasn't already been sent because the frame has been detached.
2084         (WebCore::DOMWindowExtension::willDetachGlobalObjectFromFrame):
2085         Send the callback because nothing interesting can be done in the frame once it has been
2086         detached.
2087         * page/DOMWindowExtension.h:
2088
2089         * page/DOMWindowProperty.cpp:
2090         (WebCore::DOMWindowProperty::DOMWindowProperty):
2091         Keep track of the disconnected DOMWindow so it can be used to unregister the property when a
2092         cached frame is destroyed.
2093         (WebCore::DOMWindowProperty::~DOMWindowProperty):
2094         Also unregister the property when a DOMWindowProperty for a cached frame is destroyed.
2095         (WebCore::DOMWindowProperty::disconnectFrameForPageCache):
2096         Keep track of the disconnected DOMWindow.
2097         (WebCore::DOMWindowProperty::reconnectFrameFromPageCache):
2098         Ditto.
2099         (WebCore::DOMWindowProperty::willDestroyGlobalObjectInCachedFrame):
2100         Unregister the property from the disconnected DOMWindow.
2101         (WebCore::DOMWindowProperty::willDestroyGlobalObjectInFrame):
2102         Unregister the property from the DOMWindow and stop keeping track of the frame.
2103         (WebCore::DOMWindowProperty::willDetachGlobalObjectFromFrame):
2104         Do not set m_frame to 0 because detached frames still have access to the DOMWindow, even if
2105         they can't do anything meaningful with it.
2106         * page/DOMWindowProperty.h:
2107
2108         * page/Frame.cpp:
2109         (WebCore::Frame::setView):
2110         Tell the DOMWindow that the Document is being detached so it can tell the
2111         DOMWindowProperties.
2112
2113         * page/PointerLock.cpp:
2114         (WebCore::PointerLock::disconnectFrameForPageCache):
2115         Updated for disconnectFrame rename.
2116         (WebCore::PointerLock::willDestroyGlobalObjectInFrame):
2117         Cover the cases formerly covered by disconnectFrame (which was sometimes being called when
2118         called when the frame was destroyed).
2119         * page/PointerLock.h:
2120
2121 2012-05-09  Ian Vollick  <vollick@chromium.org>
2122
2123         [chromium] Ensure animations get ticked at least once when added.
2124         https://bugs.webkit.org/show_bug.cgi?id=86013
2125
2126         Reviewed by James Robinson.
2127
2128         Tested in
2129           CCLayerTreeHostTestTickAnimationWhileBackgrounded.runSingleThreaded
2130           CCLayerTreeHostTestAddAnimationWithTimingFunction.runSingleThreaded
2131           CCLayerTreeHostTestSynchronizeAnimationStartTimes.runSingleThreaded
2132           CCLayerTreeHostTestAnimationFinishedEvents.runSingleThreaded
2133
2134         * platform/graphics/chromium/LayerChromium.cpp:
2135         (WebCore::LayerChromium::addAnimation):
2136         * platform/graphics/chromium/cc/CCLayerAnimationController.cpp:
2137         (WebCore::CCLayerAnimationController::pushNewAnimationsToImplThread):
2138         * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
2139         (WebCore::CCLayerTreeHost::finishCommitOnImplThread):
2140         (WebCore::CCLayerTreeHost::didAddAnimation):
2141         (WebCore):
2142         (WebCore::CCLayerTreeHost::didBecomeInvisibleOnImplThread):
2143         * platform/graphics/chromium/cc/CCLayerTreeHost.h:
2144         (CCLayerTreeHost):
2145         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
2146         (WebCore::CCLayerTreeHostImpl::CCLayerTreeHostImpl):
2147         * platform/graphics/chromium/cc/CCProxy.h:
2148         (CCProxy):
2149         * platform/graphics/chromium/cc/CCSingleThreadProxy.cpp:
2150         (CCSingleThreadProxyAnimationTimer):
2151         (WebCore::CCSingleThreadProxyAnimationTimer::create):
2152         (WebCore::CCSingleThreadProxyAnimationTimer::CCSingleThreadProxyAnimationTimer):
2153         (WebCore):
2154         (WebCore::CCSingleThreadProxy::CCSingleThreadProxy):
2155         (WebCore::CCSingleThreadProxy::didAddAnimation):
2156         (WebCore::CCSingleThreadProxy::doComposite):
2157         * platform/graphics/chromium/cc/CCSingleThreadProxy.h:
2158         (WebCore):
2159         * platform/graphics/chromium/cc/CCThreadProxy.h:
2160
2161 2012-05-09  Adam Barth  <abarth@webkit.org>
2162
2163         Implement HTML Media Capture
2164         https://bugs.webkit.org/show_bug.cgi?id=85958
2165
2166         Reviewed by Eric Seidel.
2167
2168         This patch begins the implementation of
2169         http://www.w3.org/TR/html-media-capture/ by adding the capture
2170         attribute to HTMLInputElement.
2171
2172         Test: fast/forms/file/file-input-capture.html
2173
2174         * html/FileInputType.cpp:
2175         (WebCore::FileInputType::handleDOMActivateEvent):
2176         * html/HTMLAttributeNames.in:
2177         * html/HTMLInputElement.cpp:
2178         (WebCore):
2179         (WebCore::HTMLInputElement::capture):
2180         (WebCore::HTMLInputElement::setCapture):
2181         * html/HTMLInputElement.h:
2182         (HTMLInputElement):
2183         * html/HTMLInputElement.idl:
2184         * platform/FileChooser.h:
2185         (FileChooserSettings):
2186
2187 2012-05-09  Charles Wei  <charles.wei@torchmobile.com.cn>
2188
2189         [BlackBerry]  Refactor data scheme support
2190         https://bugs.webkit.org/show_bug.cgi?id=85938
2191
2192         Reviewed by Rob Buis.
2193
2194         We will create a DataStream in our platform repository,
2195         so that can be wrapped up by NetworkJob for webkit rendering,
2196         and by DownloadStream for downloading.
2197
2198         Refactor, no new tests.
2199
2200         * platform/network/blackberry/NetworkJob.cpp:
2201         (WebCore::NetworkJob::NetworkJob):
2202         (WebCore::NetworkJob::initialize):
2203         (WebCore::NetworkJob::cancelJob):
2204         (WebCore::NetworkJob::sendResponseIfNeeded):
2205         * platform/network/blackberry/NetworkJob.h:
2206         (NetworkJob):
2207         * platform/network/blackberry/NetworkManager.cpp:
2208         (WebCore::NetworkManager::startJob):
2209
2210 2012-05-09  Dana Jansens  <danakj@chromium.org>
2211
2212         [chromium] Don't draw when canDraw() is false
2213         https://bugs.webkit.org/show_bug.cgi?id=85829
2214
2215         Reviewed by Adrienne Walker.
2216
2217         This is based on the work of Daniel Sievers in bug
2218         https://bugs.webkit.org/show_bug.cgi?id=82680. When canDraw() is false,
2219         we should not call drawLayers() or prepareToDraw() in both Single- and
2220         Multi-Threaded mode.
2221
2222         drawLayers() is crashing in single threaded mode, and this attempts to
2223         prevent it from being called with invalid state. While making it behave
2224         properly in single-threaded mode, it seems appropriate to unrevert the
2225         parts of 82680 that made threaded mode behave similarly appropriately.
2226
2227         A single-threaded test is not included since LTHTests is unable to run
2228         in single-threaded mode at this time (pending work from Ian Vollick). So
2229         we test in threaded mode only with a note to include a single thread
2230         version.
2231
2232         Tests: CCLayerTreeHostTestCanDrawBlocksDrawing.runMultiThread
2233
2234         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
2235         (WebCore::CCLayerTreeHostImpl::prepareToDraw):
2236         (WebCore::CCLayerTreeHostImpl::drawLayers):
2237         * platform/graphics/chromium/cc/CCSingleThreadProxy.cpp:
2238         (WebCore::CCSingleThreadProxy::doComposite):
2239         * platform/graphics/chromium/cc/CCThreadProxy.cpp:
2240         (WebCore::CCThreadProxy::scheduledActionDrawAndSwapInternal):
2241
2242 2012-05-09  Martin Robinson  <mrobinson@igalia.com>
2243
2244         [Cairo] GLContextGLX releases the context with an uninitialized display
2245         https://bugs.webkit.org/show_bug.cgi?id=86039
2246
2247         Reviewed by Philippe Normand.
2248
2249         No new tests. This does not change behavior on most machines, but has
2250         the potential to prevent a pretty nasty crash on others.
2251
2252         Use the shared display to release GLX contexts instead of the uninitialized
2253         m_display member.
2254
2255         * platform/graphics/glx/GLContextGLX.cpp:
2256         (WebCore::GLContextGLX::~GLContextGLX): Release the display with the shared
2257         display.
2258         * platform/graphics/glx/GLContextGLX.h:
2259         (GLContextGLX): Remove the m_display member.
2260
2261 2012-05-09  Tony Gentilcore  <tonyg@chromium.org>
2262
2263         Subresources loaded after a reload completes shouldn't be revalidated.
2264         https://bugs.webkit.org/show_bug.cgi?id=84614
2265
2266         Based on patch by Darin Fisher.
2267
2268         Reviewed by Darin Fisher.
2269
2270         Tests: http/tests/cache/loaded-from-cache-after-reload-within-iframe.html
2271                http/tests/cache/loaded-from-cache-after-reload.html
2272
2273         * loader/FrameLoader.cpp:
2274         (WebCore::FrameLoader::checkLoadCompleteForThisFrame): Reset m_loadType after the load completes.
2275
2276 2012-05-09  Erik Arvidsson  <arv@chromium.org>
2277
2278         [V8] Fix issue where V8BindingPerContextData could keep the context object alive
2279         https://bugs.webkit.org/show_bug.cgi?id=86036
2280
2281         Reviewed by Kentaro Hara.
2282
2283         This is a partial revert of http://trac.webkit.org/changeset/114320/. This keeps
2284         the layout tests that were introduced since it turns out that
2285         http://trac.webkit.org/changeset/114989 fixes the tests too.
2286
2287         Covered by: http/tests/security/isolatedWorld/context-destroy.html
2288
2289         * bindings/v8/V8IsolatedContext.cpp:
2290         (WebCore::V8IsolatedContext::destroy):
2291
2292 2012-05-09  Anders Carlsson  <andersca@apple.com>
2293
2294         Speed up some parts of TileCache drawing
2295         https://bugs.webkit.org/show_bug.cgi?id=86033
2296         <rdar://problem/10919373>
2297
2298         Reviewed by Sam Weinig.
2299
2300         * platform/graphics/ca/mac/TileCache.mm:
2301         (WebCore::TileCache::tileCoverageRect):
2302         If we can't have scrollbars, there's not much need to extend the tile coverage rect outside of the visible rect, since it's
2303         unlikely that we'll do any form of scrolling here.
2304
2305         (WebCore::TileCache::revalidateTiles):
2306         Don't update the tile layer frame if it's big enough to contain the tile size. Also, if there are no new tiles created,
2307         don't call platformCALayerDidCreateTiles since that will trigger an extra layer flush.
2308
2309 2012-05-09  Alexandre Elias  <aelias@google.com>
2310
2311         setPageScaleFactor should setScrollPosition if scale is unchanged
2312         https://bugs.webkit.org/show_bug.cgi?id=84400
2313
2314         Reviewed by Adam Barth.
2315
2316         Previously, setPageScaleFactor forgot about its "origin" argument if
2317         the page scale factor is unchanged.  This has proven undesirable in
2318         practice because, for example, a single pinch gesture may zoom in and
2319         back out to the original page scale factor, but at a different scroll
2320         offset.
2321
2322         New test case added to scale-and-scroll-body-expected.txt
2323
2324         * page/Page.cpp:
2325         (WebCore::Page::setPageScaleFactor):
2326
2327 2012-05-09  Hugo Parente Lima  <hugo.lima@openbossa.org>
2328
2329         Use suitable viewport values on XHTML-MP pages.
2330         https://bugs.webkit.org/show_bug.cgi?id=85425
2331
2332         Reviewed by Kenneth Rohde Christiansen.
2333
2334         Tests: fast/viewport/viewport-legacy-xhtmlmp-misplaced-doctype.html
2335                fast/viewport/viewport-legacy-xhtmlmp-ordering.html
2336                fast/viewport/viewport-legacy-xhtmlmp.html
2337
2338         Use device-width and device-height as viewport size on
2339         XHTML-MP pages if the use feature LEGACY_VIEWPORT_ADAPTION
2340         is set according as the non normative section of
2341         http://www.w3.org/TR/css-device-adapt/
2342
2343         * dom/Document.cpp:
2344         (WebCore::Document::setDocType):
2345
2346 2012-05-09  Beth Dakin  <bdakin@apple.com>
2347
2348         https://bugs.webkit.org/show_bug.cgi?id=86025
2349         RTL and vertical text documents do no scroll properly with the new 
2350         tiled scrolling model
2351         -and corresponding-
2352         <rdar://problem/11077589>
2353
2354         Reviewed by Dan Bernstein.
2355         
2356         Most of the fix here is just to teach the scrolling tree about the 
2357         scroll origin.
2358         * page/scrolling/ScrollingCoordinator.cpp:
2359         (WebCore::ScrollingCoordinator::frameViewLayoutUpdated):
2360         (WebCore::ScrollingCoordinator::setScrollParameters):
2361         * page/scrolling/ScrollingCoordinator.h:
2362         (ScrollParameters):
2363         * page/scrolling/ScrollingTreeNode.cpp:
2364         (WebCore::ScrollingTreeNode::update):
2365         * page/scrolling/ScrollingTreeNode.h:
2366         (WebCore::ScrollingTreeNode::scrollOrigin):
2367         (ScrollingTreeNode):
2368         * page/scrolling/ScrollingTreeState.cpp:
2369         (WebCore::ScrollingTreeState::setScrollOrigin):
2370         (WebCore):
2371         * page/scrolling/ScrollingTreeState.h:
2372         (WebCore::ScrollingTreeState::scrollOrigin):
2373         (ScrollingTreeState):
2374         * page/scrolling/mac/ScrollingTreeNodeMac.mm:
2375         (WebCore::ScrollingTreeNodeMac::scrollPosition):
2376         (WebCore::ScrollingTreeNodeMac::setScrollLayerPosition):
2377         (WebCore::ScrollingTreeNodeMac::minimumScrollPosition):
2378         (WebCore::ScrollingTreeNodeMac::maximumScrollPosition):
2379         * rendering/RenderLayerCompositor.cpp:
2380         (WebCore::RenderLayerCompositor::frameViewDidScroll):
2381
2382         Teaching the scrolling tree about the scroll origin revealed this pre-
2383         existing bug. layoutOverflowRect() is not the right rect to use since 
2384         it is not writing-mode savvy. unscaledDocumentRect() is the right rect 
2385         for the view's bounds.
2386         * rendering/RenderLayerBacking.cpp:
2387         (WebCore::RenderLayerBacking::updateCompositedBounds):
2388
2389 2012-05-09  Rob Buis  <rwlbuis@webkit.org>
2390
2391         Cleanup SVGElement.cpp
2392         https://bugs.webkit.org/show_bug.cgi?id=86004
2393
2394         Reviewed by Eric Seidel.
2395
2396         Remove unneeded includes. We do not need to check attr in SVGElement::attributeChanged,
2397         lower layers assume it is non-null and we do not call attributeChanged in SVG.
2398
2399         * svg/SVGElement.cpp:
2400         (WebCore::SVGElement::attributeChanged):
2401         (WebCore::SVGElement::isAnimatableAttribute):
2402
2403 2012-05-09  Jochen Eisinger  <jochen@chromium.org>
2404
2405         When creating a new page during a navigation, prime the initial document with the correct referrer policy
2406         https://bugs.webkit.org/show_bug.cgi?id=86001
2407
2408         Reviewed by Adam Barth.
2409
2410         Test: http/tests/security/referrer-policy-redirect-link.html
2411
2412         * dom/Document.h:
2413         (WebCore::Document::setReferrerPolicy):
2414         * loader/FrameLoader.cpp:
2415         (WebCore::FrameLoader::continueLoadAfterNewWindowPolicy):
2416
2417 2012-05-09  Alec Flett  <alecflett@chromium.org>
2418
2419         IndexedDB: call abort handler when there are problems committing
2420         https://bugs.webkit.org/show_bug.cgi?id=85841
2421
2422         Reviewed by Ojan Vafai.
2423
2424         No new tests. Every existing test that calls commit() is testing
2425         the success side of this, and this only throws when there are
2426         LevelDB errors, which is exactly what we're trying to diagnose
2427         with this patch.
2428
2429         * Modules/indexeddb/IDBBackingStore.h:
2430         (Transaction):
2431         * Modules/indexeddb/IDBLevelDBBackingStore.cpp:
2432         (WebCore::IDBLevelDBBackingStore::deleteDatabase):
2433         (WebCore::IDBLevelDBBackingStore::Transaction::commit):
2434         * Modules/indexeddb/IDBLevelDBBackingStore.h:
2435         (Transaction):
2436         * Modules/indexeddb/IDBTransactionBackendImpl.cpp:
2437         (WebCore::IDBTransactionBackendImpl::commit):
2438
2439 2012-05-09  Mark Pilgrim  <pilgrim@chromium.org>
2440
2441         [Chromium] Remove PlatformSupport::loadPlatformImageResource, call loadResource directly
2442         https://bugs.webkit.org/show_bug.cgi?id=84417
2443
2444         Reviewed by Adam Barth.
2445
2446         Part of a refactoring series. See tracking bug 82948.
2447
2448         * WebCore.gyp/WebCore.gyp:
2449         * WebCore.gypi:
2450         * platform/chromium/PlatformSupport.h:
2451         (PlatformSupport):
2452         * platform/graphics/chromium/ImageChromium.cpp:
2453         (WebCore::Image::loadPlatformResource):
2454         * platform/graphics/chromium/ImageChromiumMac.mm: Removed.
2455
2456 2012-05-09  Rob Buis  <rbuis@rim.com>
2457
2458         Remove some isSVGFoo methods
2459         https://bugs.webkit.org/show_bug.cgi?id=86009
2460
2461         Reviewed by Eric Seidel.
2462
2463         These are not used at the moment and were probably just copy and pasted from
2464         isSVGFoo methods in RenderObject.h.
2465
2466         * rendering/RenderObject.h:
2467         * rendering/svg/RenderSVGEllipse.h:
2468         (RenderSVGEllipse):
2469         * rendering/svg/RenderSVGRect.h:
2470         (RenderSVGRect):
2471         * rendering/svg/RenderSVGShape.h:
2472
2473 2012-05-09  Ian Vollick  <vollick@chromium.org>
2474
2475         [chromium] Add impl-thread support for fill-mode and direction css animation properties
2476         https://bugs.webkit.org/show_bug.cgi?id=77662
2477
2478         Reviewed by James Robinson.
2479
2480         Adds support for accelerating css animations with -webkit-animation-fill-mode,
2481         and -webkit-animation-direction properties.
2482
2483         Tested in:
2484           CCActiveAnimationTest.TrimTimeAlternating
2485           CCLayerAnimationControllerTest.createReversedAnimation
2486           CCLayerAnimationControllerTest.createAlternatingAnimation
2487           CCLayerAnimationControllerTest.createReversedAlternatingAnimation
2488
2489         * platform/graphics/chromium/cc/CCActiveAnimation.cpp:
2490         (WebCore::CCActiveAnimation::CCActiveAnimation):
2491         (WebCore::CCActiveAnimation::trimTimeToCurrentIteration):
2492         (WebCore::CCActiveAnimation::cloneForImplThread):
2493         * platform/graphics/chromium/cc/CCActiveAnimation.h:
2494         (CCActiveAnimation):
2495         (WebCore::CCActiveAnimation::alternatesDirection):
2496         (WebCore::CCActiveAnimation::setAlternatesDirection):
2497         * platform/graphics/chromium/cc/CCLayerAnimationController.cpp:
2498
2499 2012-05-09  Ken Buchanan  <kenrb@chromium.org>
2500
2501         Crash from removal of a line break object
2502         https://bugs.webkit.org/show_bug.cgi?id=85997
2503
2504         Reviewed by David Hyatt.
2505
2506         Regression from r115343. That replaced a call to setNeedsLayout()
2507         with a separate call that used a different bit during linebox
2508         invalidation after renderer child removal. There are special cases
2509         where layout isn't marked on parent nodes just from the removal, so
2510         line dirtying needs to explicitly mark ancestors for layout.
2511
2512         * rendering/RenderObject.h:
2513         (WebCore::RenderObject::setAncestorLineBoxDirty):
2514
2515 2012-05-09  Levi Weintraub  <leviw@chromium.org>
2516
2517         Fix performance regression for floats caused by LayoutUnit change
2518         https://bugs.webkit.org/show_bug.cgi?id=85834
2519
2520         Reviewed by Ojan Vafai.
2521
2522         Refactoring FractionalLayout types to alleviate performance issues. Explicitly
2523         inlining constructor and operator functions in FractionalLayoutUnit, as well as
2524         pixelSnappedIntSize and pixelSnappedIntRect (particularly hot code paths). Also
2525         further simplifying round and ceil functions when sub-pixel layout is not enabled.
2526
2527         pixelSnappedIntSize was the only function defined in FractionalLayoutSize.cpp,
2528         so it is removed.
2529
2530         No new tests. No change in functionality.
2531
2532         * CMakeLists.txt:
2533         * GNUmakefile.list.am:
2534         * Target.pri:
2535         * WebCore.gypi:
2536         * WebCore.vcproj/WebCore.vcproj:
2537         * WebCore.xcodeproj/project.pbxproj:
2538         * platform/FractionalLayoutUnit.h:
2539         (WebCore::FractionalLayoutUnit::FractionalLayoutUnit):
2540         (FractionalLayoutUnit):
2541         (WebCore::FractionalLayoutUnit::toInt):
2542         (WebCore::FractionalLayoutUnit::toFloat):
2543         (WebCore::FractionalLayoutUnit::toDouble):
2544         (WebCore::FractionalLayoutUnit::toUnsigned):
2545         (WebCore::FractionalLayoutUnit::operator int):
2546         (WebCore::FractionalLayoutUnit::operator unsigned):
2547         (WebCore::FractionalLayoutUnit::operator float):
2548         (WebCore::FractionalLayoutUnit::operator double):
2549         (WebCore::FractionalLayoutUnit::operator bool):
2550         (WebCore::FractionalLayoutUnit::ceil):
2551         (WebCore::FractionalLayoutUnit::round):
2552         * platform/graphics/FractionalLayoutRect.cpp:
2553         (WebCore):
2554         * platform/graphics/FractionalLayoutRect.h:
2555         (WebCore::FractionalLayoutRect::pixelSnappedSize):
2556         (WebCore::pixelSnappedIntRect):
2557         (WebCore):
2558         * platform/graphics/FractionalLayoutSize.cpp: Removed.
2559         * platform/graphics/FractionalLayoutSize.h:
2560         (WebCore):
2561         * rendering/LayoutTypes.h:
2562         (WebCore::pixelSnappedIntSize):
2563         (WebCore):
2564
2565 2012-05-09  Abhishek Arya  <inferno@chromium.org>
2566
2567         Crash in ReplaceSelectionCommand::performTrivialReplace
2568         https://bugs.webkit.org/show_bug.cgi?id=85943
2569
2570         Reviewed by Ryosuke Niwa.
2571
2572         RefPtr nodeAfterInsertionPos to guard against mutation events.
2573
2574         Test: editing/inserting/insert-html-crash.html
2575
2576         * editing/ReplaceSelectionCommand.cpp:
2577         (WebCore::ReplaceSelectionCommand::performTrivialReplace):
2578
2579 2012-05-03  Shawn Singh  <shawnsingh@chromium.org>
2580
2581         Hit testing is incorrect in some cases with perspective transforms
2582         https://bugs.webkit.org/show_bug.cgi?id=79136
2583
2584         Reviewed by Simon Fraser.
2585
2586         Tests: transforms/3d/hit-testing/coplanar-with-camera.html
2587                transforms/3d/hit-testing/perspective-clipped.html
2588
2589         * platform/graphics/transforms/TransformationMatrix.cpp:
2590         (WebCore::TransformationMatrix::projectPoint): Fix a
2591         divide-by-zero error so that values do not become Inf or Nan. Also
2592         fix an overflow error by using a large, but not-too-large constant
2593         to represent infinity.
2594
2595         (WebCore::TransformationMatrix::projectQuad): Fix an error where
2596         incorrect quads were being returned. Incorrect quads can occur
2597         when projectPoint clamped==true after returning.
2598
2599 2012-05-09  Caio Marcelo de Oliveira Filho  <caio.oliveira@openbossa.org>
2600
2601         Simplify CSSParser::parseSimpleLengthValue()
2602         https://bugs.webkit.org/show_bug.cgi?id=85910
2603
2604         Reviewed by Alexis Menard.
2605
2606         Various small improvements to this function, mainly:
2607         - Move the check if the property ID accepts a simple length as early as possible;
2608         - Remove the check for the characters{8,16} pointers since they'll be valid (we ASSERT that);
2609         - Use a template to avoid duplicate code for 8 and 16 bit characters.
2610
2611         * css/CSSParser.cpp:
2612         (WebCore):
2613         (WebCore::parseSimpleLength):
2614         (WebCore::parseSimpleLengthValue):
2615
2616 2012-05-09  Ami Fischman  <fischman@chromium.org>
2617
2618         [chromium] Support multiple buffered time ranges
2619         https://bugs.webkit.org/show_bug.cgi?id=85926
2620
2621         Reviewed by Eric Carlson.
2622
2623         Preserve existing rendering of a single rect even in the presence of multiple buffered regions.
2624
2625         No new tests as this change has no functional effects.
2626
2627         * rendering/RenderMediaControlsChromium.cpp:
2628         (WebCore::paintMediaSlider):
2629
2630 2012-05-09  Dana Jansens  <danakj@chromium.org>
2631
2632         Early-out and avoid any copying when possible for Region operations
2633         https://bugs.webkit.org/show_bug.cgi?id=85260
2634
2635         Reviewed by Anders Carlsson.
2636
2637         For an empty region, any intersection or subtraction will not modify
2638         the region, so we can simply return instead of creating a new Shape
2639         and replacing the current empty Shape.
2640
2641         When a region is united with a region it contains, the orignal
2642         containing region is the result. So, if A.unite(B) and A.contains(B)
2643         then A does not need to change at all and we can return without making
2644         a copy of A's shape. When A is a rect, we can do this test even more
2645         simply.
2646
2647         We also remove redundant checks from trySimpleOperation() methods, where
2648         the test is already done in the Region calling site.
2649
2650         This change improves the performance of the Region overlap testing for
2651         composited layers, and allows us to avoid unnecessary copies of the
2652         Region during unite. With a layout test (attached to bug #81087), that
2653         creates a Region from the union of 225 composited layers, as well as
2654         600 overlapping layers above them, this change decreases the running
2655         time of the test by 3.2% by avoiding a copy of the entire Region for
2656         each insertion that does not change the resulting Region.
2657
2658         Unit tests: RegionTest.unite
2659
2660         * platform/graphics/Region.cpp:
2661         (WebCore::Region::Shape::UnionOperation::trySimpleOperation):
2662         (WebCore::Region::Shape::IntersectOperation::trySimpleOperation):
2663         (WebCore::Region::Shape::SubtractOperation::trySimpleOperation):
2664         (WebCore::Region::intersect):
2665         (WebCore::Region::unite):
2666         (WebCore::Region::subtract):
2667         * platform/graphics/Region.h:
2668         (WebCore::Region::isRect):
2669         (WebCore::Region::Shape::isRect):
2670
2671 2012-05-09  Tommy Widenflycht  <tommyw@google.com>
2672
2673         MediaStream API: SessionDescription::addCandidate should not crash for malformed input
2674         https://bugs.webkit.org/show_bug.cgi?id=85988
2675
2676         Reviewed by Adam Barth.
2677
2678         Sending null would crash the browser. Added safeguards in both the bindings and the native code.
2679
2680         Test: fast/mediastream/SessionDescription.html
2681
2682         * Modules/mediastream/SessionDescription.cpp:
2683         (WebCore::SessionDescription::addCandidate):
2684         * Modules/mediastream/SessionDescription.h:
2685         (SessionDescription):
2686         * Modules/mediastream/SessionDescription.idl:
2687
2688 2012-05-09  Tommy Widenflycht  <tommyw@google.com>
2689
2690         MediaStream API: Adding the possibility of port specific information in MediaStreamDescriptor
2691         https://bugs.webkit.org/show_bug.cgi?id=85794
2692
2693         Reviewed by Adam Barth.
2694
2695         To facilitate for ports I have added an ExtraData field that can be used for whatever purpose is needed.
2696
2697         No behavioral changes.
2698
2699         * platform/chromium/support/WebMediaStreamDescriptor.cpp:
2700         (ExtraDataContainer):
2701         (WebKit::ExtraDataContainer::ExtraDataContainer):
2702         (WebKit::ExtraDataContainer::extraData):
2703         (WebKit):
2704         (WebKit::WebMediaStreamDescriptor::extraData):
2705         (WebKit::WebMediaStreamDescriptor::setExtraData):
2706         * platform/mediastream/MediaStreamDescriptor.h:
2707         (ExtraData):
2708         (WebCore::MediaStreamDescriptor::ExtraData::~ExtraData):
2709         (MediaStreamDescriptor):
2710         (WebCore::MediaStreamDescriptor::extraData):
2711         (WebCore::MediaStreamDescriptor::setExtraData):
2712
2713 2012-05-09  Takashi Sakamoto  <tasak@google.com>
2714
2715         Crash in WebCore::RenderBoxModelObject::paddingLeft
2716         https://bugs.webkit.org/show_bug.cgi?id=83889
2717
2718         Reviewed by Abhishek Arya.
2719
2720         RenderScrollbar creates RenderScrollbarPart without any parent
2721         renderers. However, if the scrollbar has percent padding styles,
2722         non-null parent renderer is required. So after creating/destroying
2723         RenderScrollbarPart instances, set owningRenderer(creating)/0
2724         (destroying) as its parent renderer.
2725
2726         Test: scrollbars/scrollbar-percent-padding-crash.html
2727               scrollbars/scrollbar-percent-padding-crash-expected.txt
2728
2729         * rendering/RenderScrollbar.cpp:
2730         (WebCore::RenderScrollbar::updateScrollbarPart):
2731         Added setParent after creating/destroying RenderScrollbarPart.
2732         * rendering/RenderScrollbarPart.cpp:
2733         Made RenderScollbar friend, because setParent is protected and
2734         RenderScrollbar is not inherited from class RenderObject.
2735
2736 2012-05-09  Takashi Sakamoto  <tasak@google.com>
2737
2738         ShadowRoot needs applyAuthorStyles
2739         https://bugs.webkit.org/show_bug.cgi?id=78472
2740
2741         Reviewed by Hajime Morita.
2742
2743         Implemented applyAuthorStyles attribute defined in the following spec:
2744         http://dvcs.w3.org/hg/webcomponents/raw-file/tip/spec/shadow/index.html#shadow-root-attributes
2745         Since applyAuthorSheets attribute has been already implemented,
2746         renamed all applyAuthorSheets to applyAuthorStyles and
2747         added applyAuthorStyles to ShadowRoot.idl.
2748         Currently, changing dynamically applyAuthorStyles doesn't work. I will fix this isse in bugs:84215: https://bugs.webkit.org/show_bug.cgi?id=84251
2749
2750         Test: fast/dom/shadow/shadow-root-applyAuthorStyles.html
2751               fast/dom/shadow/shadow-root-applyAuthorStyles-expected.html
2752
2753         * css/StyleResolver.cpp:
2754         (WebCore::StyleResolver::collectMatchingRulesForList):
2755         * dom/ShadowRoot.cpp:
2756         (WebCore::ShadowRoot::ShadowRoot):
2757         (WebCore::ShadowRoot::applyAuthorStyles):
2758         (WebCore::ShadowRoot::setApplyAuthorStyles):
2759         * dom/ShadowRoot.h:
2760         * dom/TreeScope.cpp:
2761         (WebCore::TreeScope::applyAuthorStyles):
2762         * dom/TreeScope.h:
2763         (TreeScope):
2764         Changed all applyAuthorSheets to applyAuthorSytles.
2765         (ShadowRoot):
2766         * dom/ShadowRoot.idl:
2767         Added a new attribute, boolean applyAuthorStyles.
2768
2769 2012-05-09  Yoshifumi Inoue  <yosin@chromium.org>
2770
2771         [Chromium][Forms] HTMLOptionsCollection doesn't have indexed properties on property enumeration
2772         https://bugs.webkit.org/show_bug.cgi?id=85937
2773
2774         Reviewed by Kentaro Hara.
2775
2776         This patch adds numeric indices to properties in enumeration to HTMLOptionsCollection V8 binding
2777         to changes Objects.keys in ECMAScript5 and for-in statement behavior for compatibility with
2778         Firefox 12, IE9, Opera 11, and Safari 5.
2779
2780         Test: fast/forms/select/options-indexed-properties.html
2781
2782         * bindings/scripts/CodeGeneratorV8.pm:
2783         (GenerateImplementationIndexer): Set $hasEnumerator true for interface HTMLOptionsCollection
2784
2785 2012-05-09  Shinya Kawanaka  <shinyak@chromium.org>
2786
2787         Position should be able to have ShadowRoot as a container.
2788         https://bugs.webkit.org/show_bug.cgi?id=82021
2789
2790         Reviewed by Ryosuke Niwa.
2791
2792         Since Position could not take a shadow root as a container node, pointing the direct children
2793         of a shadow root was difficult.
2794
2795         This patch makes it enabled, and fixes a lot of crashes caused by that limitation.
2796         Also, we confirm that ShadowRoot is not exposed to JavaScript layer.
2797
2798         Currently this change is only enabled if shadow dom flag is enabled, since we cannot
2799         prove this change does not destroy the existing behavior. However, this change is really required
2800         to fix other editing bugs in Shadow DOM. A bunch of patches and tests will be added to
2801         fix other editing bugs and they will check this patch does not break editing.
2802         We will also add a fuzzer to check the stability of editing in Shadow DOM later, and it will
2803         also help to confirm the patch will not break the editing.
2804
2805         Tests: editing/shadow/doubleclick-on-meter-in-shadow-crash.html
2806                editing/shadow/rightclick-on-meter-in-shadow-crash.html
2807                editing/shadow/shadow-selection-not-exported.html
2808
2809         * dom/Position.cpp:
2810         (WebCore::Position::Position):
2811         (WebCore::Position::containerNode):
2812         (WebCore::Position::parentAnchoredEquivalent):
2813         (WebCore::Position::previous):
2814         (WebCore::Position::next):
2815         (WebCore::Position::atStartOfTree):
2816         (WebCore::Position::atEndOfTree):
2817         (WebCore::Position::findParent):
2818         * dom/Position.h:
2819         (WebCore):
2820         (WebCore::positionInParentBeforeNode):
2821         (WebCore::positionInParentAfterNode):
2822
2823 2012-05-09  Zoltan Horvath  <zoltan@webkit.org>
2824
2825         [Qt] Build fix when using libpng version != 1.2
2826         https://bugs.webkit.org/show_bug.cgi?id=85614
2827
2828         Reviewed by Eric Seidel.
2829
2830         Don't enforce the version of libpng when passing the option to the linker.
2831
2832         No new tests, no intended functionality change.
2833
2834         * WebCore.pri:
2835
2836 2012-05-09  Oli Lan  <olilan@chromium.org>
2837
2838         Add identifying methods for date/time input types.
2839
2840         This patch adds methods isDateField(), isDateTimeField(), isDateTimeLocalField(),
2841         isMonthField(), isTimeField() and isWeekField() to InputType and the appropriate
2842         HTMLInputElement classes, to allow date/time input types to be identified.
2843
2844         The new methods match the existing methods for types such as email, search and number.
2845
2846         https://bugs.webkit.org/show_bug.cgi?id=78746
2847
2848         Reviewed by Kent Tamura.
2849
2850         A new test WebViewTest.TextInputType has been added in WebKit/chromium/tests that calls
2851         through to these methods via WebViewImpl.textInputType().
2852
2853         * html/DateInputType.cpp:
2854         (WebCore::DateInputType::isDateField):
2855         (WebCore):
2856         * html/DateInputType.h:
2857         (DateInputType):
2858         * html/DateTimeInputType.cpp:
2859         (WebCore::DateTimeInputType::isDateTimeField):
2860         (WebCore):
2861         * html/DateTimeInputType.h:
2862         (DateTimeInputType):
2863         * html/DateTimeLocalInputType.cpp:
2864         (WebCore::DateTimeLocalInputType::isDateTimeLocalField):
2865         (WebCore):
2866         * html/DateTimeLocalInputType.h:
2867         (DateTimeLocalInputType):
2868         * html/HTMLInputElement.cpp:
2869         (WebCore::HTMLInputElement::isDateField):
2870         (WebCore):
2871         (WebCore::HTMLInputElement::isDateTimeField):
2872         (WebCore::HTMLInputElement::isDateTimeLocalField):
2873         (WebCore::HTMLInputElement::isMonthField):
2874         (WebCore::HTMLInputElement::isTimeField):
2875         (WebCore::HTMLInputElement::isWeekField):
2876         * html/HTMLInputElement.h:
2877         (HTMLInputElement):
2878         * html/InputType.cpp:
2879         (WebCore::InputType::isDateField):
2880         (WebCore):
2881         (WebCore::InputType::isDateTimeField):
2882         (WebCore::InputType::isDateTimeLocalField):
2883         (WebCore::InputType::isMonthField):
2884         (WebCore::InputType::isTimeField):
2885         (WebCore::InputType::isWeekField):
2886         * html/InputType.h:
2887         (InputType):
2888         * html/MonthInputType.cpp:
2889         (WebCore::MonthInputType::isMonthField):
2890         (WebCore):
2891         * html/MonthInputType.h:
2892         (MonthInputType):
2893         * html/TimeInputType.cpp:
2894         (WebCore::TimeInputType::isTimeField):
2895         (WebCore):
2896         * html/TimeInputType.h:
2897         (TimeInputType):
2898         * html/WeekInputType.cpp:
2899         (WebCore::WeekInputType::isWeekField):
2900         (WebCore):
2901         * html/WeekInputType.h:
2902         (WeekInputType):
2903
2904 2012-05-09  Nikolas Zimmermann  <nzimmermann@rim.com>
2905
2906         REGRESSION(r105057): Infinite loop inside SVGTextLayoutEngine::currentLogicalCharacterMetrics
2907         https://bugs.webkit.org/show_bug.cgi?id=83405
2908
2909         Reviewed by Darin Adler.
2910
2911         Dynamically adding tspans carrying position information in the x/y/dx/dy/rotate lists is broken.
2912         To avoid mistakes like this in future, simplify the calling code in RenderSVGInlineText and centralize
2913         the managment of all caches (text positioning element cache / metrics map / layout attributes) in
2914         RenderSVGText. This avoids the hack in SVGRootInlineBox::computePerCharacterLayoutInformation() which
2915         called textRoot->rebuildLayoutAttributes(), which was used to fix previous security issues with this code.
2916         Instead correctly handle destruction of RenderSVGInlineText in RenderSVGText, keeping the m_layoutAttributes
2917         synchronized with the current state of the render tree. Fixes highcharts problems.
2918
2919         Tests: svg/text/add-tspan-position-bug.html
2920                svg/text/modify-tspan-position-bug.html
2921
2922         * rendering/svg/RenderSVGInline.cpp:
2923         (WebCore::RenderSVGInline::addChild):
2924         * rendering/svg/RenderSVGInlineText.cpp:
2925         (WebCore::RenderSVGInlineText::willBeDestroyed):
2926         (WebCore::RenderSVGInlineText::setTextInternal):
2927         (WebCore::RenderSVGInlineText::styleDidChange):
2928         * rendering/svg/RenderSVGText.cpp:
2929         (WebCore::recursiveUpdateMetrics):
2930         (WebCore::RenderSVGText::subtreeChildAdded):
2931         (WebCore::RenderSVGText::subtreeChildWillBeDestroyed):
2932         (WebCore::recursiveCollectLayoutAttributes):
2933         (WebCore::checkLayoutAttributesConsistency):
2934         (WebCore::RenderSVGText::subtreeChildWasDestroyed):
2935         (WebCore::RenderSVGText::subtreeStyleChanged):
2936         (WebCore::RenderSVGText::subtreeTextChanged):
2937         (WebCore::RenderSVGText::layout):
2938         (WebCore::RenderSVGText::addChild):
2939         (WebCore::RenderSVGText::rebuildAllLayoutAttributes):
2940         (WebCore::RenderSVGText::rebuildLayoutAttributes):
2941         * rendering/svg/RenderSVGText.h:
2942         (WebCore::RenderSVGText::layoutAttributes):
2943         * rendering/svg/SVGRootInlineBox.cpp:
2944         (WebCore::SVGRootInlineBox::computePerCharacterLayoutInformation):
2945         * rendering/svg/SVGTextLayoutAttributesBuilder.cpp:
2946         (WebCore::SVGTextLayoutAttributesBuilder::buildLayoutAttributes):
2947
2948 2012-05-08  Dongwoo Im  <dw.im@samsung.com>
2949
2950         NavigatorRegisterProtocolHandler can call ChromeClient directly.
2951         https://bugs.webkit.org/show_bug.cgi?id=85944
2952
2953         Reviewed by Adam Barth.
2954
2955         Covered by fast/dom/register-protocol-handler.html
2956
2957         * page/Chrome.cpp: Remove registerProtocolHandler function.
2958         * page/Chrome.h: Remove registerProtocolHandler prototype.
2959         (Chrome):
2960         * page/NavigatorRegisterProtocolHandler.cpp: Call ChromeClient::registerProtocolHandler directly.
2961         (WebCore::NavigatorRegisterProtocolHandler::registerProtocolHandler):
2962
2963 2012-05-08  Mario Sanchez Prada  <msanchez@igalia.com>
2964
2965         Coding style issues present in RenderFrameSet.cpp
2966         https://bugs.webkit.org/show_bug.cgi?id=85955
2967
2968         Reviewed by Eric Seidel.
2969
2970         Just fixed those coding style issues.
2971
2972         * rendering/RenderFrameSet.cpp:
2973         (WebCore::RenderFrameSet::GridAxis::resize):
2974         (WebCore::RenderFrameSet::layOutAxis):
2975         (WebCore::RenderFrameSet::continueResizing):
2976
2977 2012-05-08  Jon Lee  <jonlee@apple.com>
2978
2979         Unreviewed build fix.
2980
2981         * platform/mac/WebCoreSystemInterface.h:
2982
2983 2012-05-08  Jason Liu  <jason.liu@torchmobile.com.cn>
2984
2985         [BlackBerry] Auth credentials set in private mode are reused in public mode.
2986         https://bugs.webkit.org/show_bug.cgi?id=84697
2987
2988         Reviewed by Rob Buis.
2989
2990         Add setPrivateMode function for CredentialStorage.
2991
2992         Now, we only save credentials in memory and CredentialBackingStore isn't enabled.
2993         When we set private mode from on to off, we clear all these temporary credentials.
2994
2995         We have to change Private Browsing to test, so have to write a manual test case.
2996         Test: ManualTests/blackberry/http-auth-private-mode-changed.html
2997
2998         * network/CredentialStorage.cpp:
2999         (WebCore::CredentialStorage::setPrivateMode):
3000         (WebCore):
3001         * platform/network/CredentialStorage.h:
3002         (CredentialStorage):
3003
3004 2012-05-08  Rakesh KN  <rakesh.kn@motorola.com>
3005
3006         RadioNodeList support in HTMLFormElement::elements
3007         https://bugs.webkit.org/show_bug.cgi?id=81854
3008
3009         Reviewed by Ryosuke Niwa.
3010
3011         Implement RadioNodeList support spec'ed at
3012         http://www.whatwg.org/specs/web-apps/current-work/multipage/common-dom-interfaces.html#radionodelist
3013
3014         Test: fast/forms/form-collection-radio-node-list.html
3015
3016         * CMakeLists.txt:
3017         Added entries for new files.
3018         * DerivedSources.cpp: Ditto.
3019         * DerivedSources.make: Ditto.
3020         * DerivedSources.pri: Ditto.
3021         * GNUmakefile.list.am: Ditto.
3022         * Target.pri: Ditto.
3023         * WebCore.gypi: Ditto.
3024         * WebCore.vcproj/WebCore.vcproj: Ditto.
3025         * WebCore.xcodeproj/project.pbxproj: Ditto.
3026         * bindings/js/JSHTMLCollectionCustom.cpp:
3027         (WebCore::getNamedItems):
3028         Modified to create RadioNodeList object when FormControlCollection has more than
3029         one element of same name/id.
3030         * bindings/scripts/CodeGeneratorJS.pm:
3031         (GenerateImplementation):
3032         Added code to include Node.h and JSNode.h in JSRadioNodeElement.cpp.
3033         * bindings/v8/custom/V8HTMLCollectionCustom.cpp:
3034         (WebCore::getNamedItems):
3035         Modified to create RadioNodeList object when FormControlCollection has more than
3036         one element of same name/id.
3037         * dom/Node.cpp:
3038         (WebCore::Node::invalidateNodeListsCacheAfterAttributeChanged):
3039         Invalidate lists even for change in id, type, checked attributes.
3040         (WebCore::NodeListsNodeData::invalidateCachesThatDependOnAttributes):
3041         Invalidate radioNodeList cache.
3042         (WebCore::NodeListsNodeData::isEmpty):
3043         Changes for radioNodeList.
3044         (WebCore::Node::radioNodeList):
3045         Creates if needed a RadioNodeList and adds it to the cache.
3046         (WebCore::Node::removeCachedRadioNodeList):
3047         Removes a cached radioNodeList.
3048         * dom/Node.h: Ditto
3049         * dom/NodeRareData.h:
3050         (WebCore):
3051         (NodeListsNodeData):
3052         Added radioNodeList list.
3053         * html/CollectionType.h:
3054         Added new FormControls type.
3055         * html/HTMLCollection.cpp:
3056         (WebCore::HTMLCollection::shouldIncludeChildren):
3057         (WebCore::HTMLCollection::isAcceptableElement):
3058         Handle FormControls collection type.
3059         * html/HTMLFormCollection.cpp:
3060         (WebCore::HTMLFormCollection::HTMLFormCollection):
3061         Contruct collection of FormControls type.
3062         * html/RadioNodeList.cpp: Added.
3063         (WebCore):
3064         (WebCore::RadioNodeList::RadioNodeList):
3065         (WebCore::RadioNodeList::~RadioNodeList):
3066         (WebCore::toRadioButtonInputElement):
3067         (WebCore::RadioNodeList::value):
3068         (WebCore::RadioNodeList::setValue):
3069         (WebCore::RadioNodeList::nodeMatches):
3070         * html/RadioNodeList.h: Added.
3071         (WebCore):
3072         (RadioNodeList):
3073         (WebCore::RadioNodeList::create):
3074         RadioNodeList implementation.
3075         * html/RadioNodeList.idl: Added.
3076         Idl for generating RadioNodeList JS/V8 bindings.
3077
3078 2012-05-08  Benjamin Poulain  <bpoulain@apple.com>
3079
3080         [JSC] Regression: addEventListener() and removeEventListener() raise an exception on missing args
3081         https://bugs.webkit.org/show_bug.cgi?id=85928
3082
3083         Reviewed by Geoffrey Garen.
3084
3085         The functions addEventListener() and removeEventListener() raise an exception if there are missin arguments.
3086         This behavior breaks existing content.
3087
3088         This patch change the code generator of JavaScript core to have an exception for addEventListener() and removeEventListener().
3089         For those function, we do not raise an exception on missin argument.
3090
3091         This patch does not modify the V8 code generator because such exceptions are already in place there.
3092
3093         Tests: fast/dom/Window/window-legacy-event-listener.html
3094                fast/dom/XMLHttpRequest-legacy-event-listener.html
3095                fast/dom/node-legacy-event-listener.html
3096
3097         * bindings/scripts/CodeGeneratorJS.pm:
3098         (GenerateImplementation):
3099
3100 2012-05-08  Chris Rogers  <crogers@google.com>
3101
3102         AudioParam should directly be given context in create() method
3103         https://bugs.webkit.org/show_bug.cgi?id=85905
3104
3105         Reviewed by James Robinson.
3106
3107         No new tests.  This is a low-level re-factoring and is covered by existing tests.
3108
3109         * Modules/webaudio/AudioBufferSourceNode.cpp:
3110         (WebCore::AudioBufferSourceNode::AudioBufferSourceNode):
3111         * Modules/webaudio/AudioGain.h:
3112         (WebCore::AudioGain::create):
3113         (WebCore::AudioGain::AudioGain):
3114         * Modules/webaudio/AudioGainNode.cpp:
3115         (WebCore::AudioGainNode::AudioGainNode):
3116         * Modules/webaudio/AudioPannerNode.cpp:
3117         (WebCore::AudioPannerNode::AudioPannerNode):
3118         * Modules/webaudio/AudioParam.h:
3119         (WebCore::AudioParam::create):
3120         (AudioParam):
3121         (WebCore::AudioParam::AudioParam):
3122         * Modules/webaudio/BiquadFilterNode.cpp:
3123         (WebCore::BiquadFilterNode::BiquadFilterNode):
3124         * Modules/webaudio/BiquadProcessor.cpp:
3125         (WebCore::BiquadProcessor::BiquadProcessor):
3126         * Modules/webaudio/BiquadProcessor.h:
3127         * Modules/webaudio/DelayNode.cpp:
3128         (WebCore::DelayNode::DelayNode):
3129         * Modules/webaudio/DelayProcessor.cpp:
3130         (WebCore::DelayProcessor::DelayProcessor):
3131         * Modules/webaudio/DelayProcessor.h:
3132         (DelayProcessor):
3133         * Modules/webaudio/DynamicsCompressorNode.cpp:
3134         (WebCore::DynamicsCompressorNode::DynamicsCompressorNode):
3135         * Modules/webaudio/Oscillator.cpp:
3136         (WebCore::Oscillator::Oscillator):
3137
3138 2012-05-08  Dana Jansens  <danakj@chromium.org>
3139
3140         [chromium] Show borders for partial-draw-culled quads to visualize culling behaviour
3141         https://bugs.webkit.org/show_bug.cgi?id=85414
3142
3143         Reviewed by Adrienne Walker.
3144
3145         The borders are brown, and are only shown when the quad's visible rect
3146         is non-empty and is different from the quad's original rect.
3147
3148         Adds a flag to CCQuadCuller constructor, to enable showing debug borders
3149         around what it leaves after culling (when it culls anything in a quad
3150         at all).
3151
3152         * platform/graphics/chromium/cc/CCDrawQuad.h:
3153         (WebCore::CCDrawQuad::isDebugQuad):
3154         (WebCore::CCDrawQuad::sharedQuadState):
3155         (CCDrawQuad):
3156         * platform/graphics/chromium/cc/CCQuadCuller.cpp:
3157         (WebCore):
3158         (WebCore::CCQuadCuller::CCQuadCuller):
3159         (WebCore::appendQuadInternal):
3160         (WebCore::CCQuadCuller::append):
3161         (WebCore::CCQuadCuller::appendSurface):
3162         (WebCore::CCQuadCuller::appendReplica):
3163         * platform/graphics/chromium/cc/CCQuadCuller.h:
3164         (CCQuadCuller):
3165         * platform/graphics/chromium/cc/CCRenderPass.cpp:
3166         (WebCore::CCRenderPass::appendQuadsForLayer):
3167         (WebCore::CCRenderPass::appendQuadsForRenderSurfaceLayer):
3168
3169 2012-05-08  Julien Chaffraix  <jchaffraix@webkit.org>
3170
3171         Move RenderLayers z-index lists dirtying to post style change
3172         https://bugs.webkit.org/show_bug.cgi?id=85437
3173
3174         Reviewed by Darin Adler.
3175
3176         No expected change in behavior.
3177
3178         This change moves the z-order lists to RenderLayer::styleChanged. As part of this
3179         change, also added proper handling of stacking context transition. This enabled
3180         us to tighten more of the dirtyZOrderLists / clearZOrderLists code.
3181
3182         * rendering/RenderBoxModelObject.cpp:
3183         (WebCore::RenderBoxModelObject::styleWillChange):
3184         Removed this code, moved to updateStackingContextsAfterStyleChange.
3185
3186         * rendering/RenderLayer.cpp:
3187         (WebCore::RenderLayer::RenderLayer):
3188         Only stacking contexts start with dirty z-order lists.
3189
3190         (WebCore::RenderLayer::dirtyZOrderLists):
3191         Added an ASSERT.
3192
3193         (WebCore::RenderLayer::updateStackingContextsAfterStyleChange):
3194         Refactored the code to handle the transition between stacking context status.
3195
3196         (WebCore::RenderLayer::styleChanged):
3197         Added a call to updateStackingContextsAfterStyleChange.
3198
3199         * rendering/RenderLayer.h:
3200         (WebCore::RenderLayer::isStackingContext):
3201         Added a call to the next function.
3202
3203         (WebCore::RenderLayer::layerWithStyleIsStackingContext):
3204         Factored the isStackingContext logic here so that we can reuse it inside
3205         updateStackingContextsAfterStyleChange.
3206
3207         (WebCore::RenderLayer::clearZOrderLists):
3208         Added an ASSERT.
3209
3210 2012-05-08  Abhishek Arya  <inferno@chromium.org>
3211
3212         Crash due to owning renderer not removed from custom scrollbar.
3213         https://bugs.webkit.org/show_bug.cgi?id=80610
3214
3215         Reviewed by Eric Seidel.
3216
3217         Test: scrollbars/scrollbar-owning-renderer-crash.html
3218
3219         Changed RenderScrollbar to keep pointer to owning node, instead of the
3220         renderer. Renderer can get destroyed without informing the scrollbar, causing
3221         crashes later. Remove code from r94107 since it is not needed anymore and saves
3222         times when RenderBox is getting destroyed.
3223
3224         * page/FrameView.cpp:
3225         (WebCore::FrameView::createScrollbar): pass renderer's node.
3226         * page/FrameView.h:
3227         * rendering/RenderBox.cpp:
3228         (WebCore::RenderBox::willBeDestroyed): no longer need this. came originally from r94107.
3229         * rendering/RenderLayer.cpp:
3230         (WebCore::RenderLayer::createScrollbar): pass renderer's node.
3231         (WebCore::RenderLayer::destroyScrollbar): no longer need to clear owning renderer.
3232         * rendering/RenderListBox.cpp:
3233         (WebCore::RenderListBox::createScrollbar): pass renderer's node.
3234         * rendering/RenderMenuList.cpp:
3235         (WebCore::RenderMenuList::createScrollbar): pass renderer's node.
3236         * rendering/RenderScrollbar.cpp:
3237         (WebCore::RenderScrollbar::createCustomScrollbar): Store owner node instead of renderer.
3238         (WebCore::RenderScrollbar::RenderScrollbar): Store owner node instead of renderer.
3239         (WebCore::RenderScrollbar::owningRenderer): calculate owning renderer from owner node.
3240         * rendering/RenderScrollbar.h:
3241         (RenderScrollbar):
3242         * rendering/RenderTextControlSingleLine.cpp:
3243         (WebCore::RenderTextControlSingleLine::createScrollbar): pass renderer's node.
3244
3245 2012-05-08  Jon Lee  <jonlee@apple.com>
3246
3247         Safari warns that it needs to resend the form in an iFrame when going back
3248         https://bugs.webkit.org/show_bug.cgi?id=82658
3249         <rdar://problem/11292558>
3250
3251         Reviewed by Darin Adler.
3252
3253         Test: http/tests/loading/post-in-iframe-with-back-navigation.html
3254
3255         * WebCore.exp.in: Add _wkCFURLRequestAllowAllPostCaching.
3256         * platform/mac/WebCoreSystemInterface.h: Add wkCFURLRequestAllowAllPostCaching.
3257         * platform/mac/WebCoreSystemInterface.mm: Add wkCFURLRequestAllowAllPostCaching.
3258         * platform/network/cf/ResourceRequestCFNet.cpp:
3259         (WebCore::ResourceRequest::doUpdatePlatformRequest): Set the bit to cache all POST responses.
3260         * platform/network/mac/ResourceRequestMac.mm:
3261         (WebCore::ResourceRequest::doUpdatePlatformRequest): Set the bit to cache all POST responses.
3262
3263 2012-05-08  Dana Jansens  <danakj@chromium.org>
3264
3265         [chromium] Reflections with masks should not occlude
3266         https://bugs.webkit.org/show_bug.cgi?id=85927
3267
3268         Reviewed by James Robinson.
3269
3270         When a surface does not have a mask, we make both it and its reflection
3271         occlude the things below them. However, if the reflection has a mask
3272         applied to it, then we should not consider it as occluding.
3273
3274         Adds replicaHasMask() to the render surface classes so we can test if
3275         the mask is present.
3276
3277         Unit Tests: CCOcclusionTrackerTestReplicaWithMask
3278
3279         * platform/graphics/chromium/RenderSurfaceChromium.cpp:
3280         (WebCore::RenderSurfaceChromium::hasMask):
3281         This is unusued right now, but will allow us to remove a FIXME from
3282         CCOcclusionTracker::finishedTargetRenderSurface().
3283         (WebCore):
3284         (WebCore::RenderSurfaceChromium::replicaHasMask):
3285         * platform/graphics/chromium/RenderSurfaceChromium.h:
3286         (RenderSurfaceChromium):
3287         * platform/graphics/chromium/cc/CCOcclusionTracker.cpp:
3288         (WebCore::::leaveToTargetRenderSurface):
3289         * platform/graphics/chromium/cc/CCRenderSurface.cpp:
3290         (WebCore::CCRenderSurface::hasMask):
3291         This is unusued right now, but will allow us to remove a FIXME from
3292         CCOcclusionTracker::finishedTargetRenderSurface().
3293         (WebCore):
3294         (WebCore::CCRenderSurface::replicaHasMask):
3295         * platform/graphics/chromium/cc/CCRenderSurface.h:
3296         (CCRenderSurface):
3297
3298 2012-05-08  Eric Seidel  <eric@webkit.org>
3299
3300         Add stylesheet inheritance support to IFRAME_SEAMLESS
3301         https://bugs.webkit.org/show_bug.cgi?id=85914
3302
3303         Reviewed by Ojan Vafai.
3304
3305         This work is already guarded by IFRAME_SEAMLESS, as
3306         Document::shouldDisplaySeamlesslyWithParent always returns false
3307         when IFRAME_SEAMLESS is off.
3308
3309         This makes the child document use all author stylesheets from all parent documents,
3310         per the seamless spec:
3311         http://www.whatwg.org/specs/web-apps/current-work/#attr-iframe-seamless
3312
3313         This support is slightly inefficient as every time a sheet is added
3314         to a parent document, the child document must do a full style selector recalc.
3315         Normally author sheet additions have a fast-path which avoids the full selector recalc,
3316         but such is not possible in the seamless case as we're inserting the parents sheets
3317         earlier in the child's cascade (instead of just appending them to the end of the list).
3318
3319         The test covers both the static inheritance as well as addition of a stylesheet
3320         to the parent and testing that it caused a recalc of the child.
3321
3322         Covered by fast/frames/seamless/seamless-css-cascade.html
3323
3324         * css/StyleResolver.cpp:
3325         (WebCore::StyleResolver::StyleResolver):
3326         (WebCore::StyleResolver::addStylesheetsFromSeamlessParents):
3327         (WebCore):
3328         * css/StyleResolver.h:
3329         (StyleResolver):
3330         * dom/Document.cpp:
3331         (WebCore::Document::seamlessParentUpdatedStylesheets):
3332         (WebCore):
3333         (WebCore::Document::notifySeamlessChildDocumentsOfStylesheetUpdate):
3334         (WebCore::Document::updateActiveStylesheets):
3335         * dom/Document.h:
3336         (Document):
3337
3338 2012-05-08  Raphael Kubo da Costa  <rakuco@webkit.org>
3339
3340         [CMake] FindGStreamer: Fix the build with static WebCore.
3341         https://bugs.webkit.org/show_bug.cgi?id=85930
3342
3343         Reviewed by Daniel Bates.
3344
3345         No new tests, build fix.
3346
3347         Building WebCore statically was failing because files in
3348         WebCore/platform/gstreamer when ENABLE_VIDEO was set required
3349         gstreamer-base, which was not being linked to after r116453.
3350
3351         Fix that by looking for gstreamer-base, requiring and linking
3352         against it if GStreamer is used.
3353
3354         * PlatformEfl.cmake: Link to GSTREAMER_LIBRARIES and
3355         GSTREAMER_BASE_LIBRARIES, and include GSTREAMER_INCLUDE_DIRS and
3356         GSTREAMER_BASE_INCLUDE_DIRS.
3357
3358 2012-05-08  Raymond Toy  <rtoy@google.com>
3359
3360         JavaScriptAudioNode should not ASSERT if number of input channels is 0
3361         https://bugs.webkit.org/show_bug.cgi?id=85818
3362
3363         Reviewed by Eric Seidel.
3364
3365         Test: webaudio/javascriptaudionode-zero-input-channels.html
3366
3367         * Modules/webaudio/JavaScriptAudioNode.cpp:
3368         (WebCore::JavaScriptAudioNode::process): Update buffersAreGood.
3369         (WebCore::JavaScriptAudioNode::fireProcessEvent): Remove ASSERT.
3370
3371 2012-05-08  Dana Jansens  <danakj@chromium.org>
3372
3373         Region reads past end of spans
3374         https://bugs.webkit.org/show_bug.cgi?id=85909
3375
3376         Reviewed by Anders Carlsson.
3377
3378         Region currently checks aSpan == aSpanEnd as the indicator that
3379         we passed all the spans. When aSpan < aSpanEnd, it uses aSpan+1
3380         to find the height of the span.
3381
3382         If aSpan == aSpanEnd - 1, then aSpan+1 == aSpanEnd. This does not
3383         represent a valid span, since aSpanEnd is past the end of the
3384         array, not the last element in the array. The loop should terminate
3385         in this case.
3386
3387         Checking aSegment != aSegmentEnd is acceptable in the inner loop since
3388         it increments by two each time (segments come in pairs, while spans
3389         come in singles).
3390
3391         Test: RegionTest.ReadPastFullSpanVectorInIntersectsTest
3392
3393         * platform/graphics/Region.cpp:
3394         (WebCore::Region::Shape::compareShapes):
3395
3396 2012-05-08  Philip Rogers  <pdr@google.com>
3397
3398         Prevent crash in animated lists
3399         https://bugs.webkit.org/show_bug.cgi?id=85382
3400
3401         Reviewed by Nikolas Zimmermann.
3402
3403         Animated lists blindly assign the last list value to m_toAtEndOfDurationType
3404         in SVGAnimationElement::startedActiveInterval. If the last list value's length
3405         is larger or smaller than the animated "to" length, we crash.
3406
3407         This change prevents accessing values off the end of toAtEndOfDuration by adding
3408         a check for this case. It may seem inefficient to perform this check on every
3409         animation update but the "to" value can change (in cardinality) while animating.
3410
3411         I checked each of the other animation types (e.g., SVGAnimatedAngle,
3412         SVGAnimatedBoolean, etc.) and was only able to hit this style of crash
3413         in the three types modified in this change:
3414         SVGAnimatedLengthList, SVGAnimatedNumberList, and SVGAnimatedPointList.
3415
3416         Tests: svg/animations/animate-linear-discrete-additive-b-expected.svg
3417                svg/animations/animate-linear-discrete-additive-b.svg
3418                svg/animations/animate-linear-discrete-additive-c-expected.svg
3419                svg/animations/animate-linear-discrete-additive-c.svg
3420                svg/animations/animate-linear-discrete-additive-expected.svg
3421                svg/animations/animate-linear-discrete-additive.svg
3422                svg/animations/animate-list-crash.svg
3423
3424         * svg/SVGAnimatedLengthList.cpp:
3425         (WebCore::SVGAnimatedLengthListAnimator::calculateAnimatedValue):
3426         * svg/SVGAnimatedNumberList.cpp:
3427         (WebCore::SVGAnimatedNumberListAnimator::calculateAnimatedValue):
3428         * svg/SVGAnimatedPointList.cpp:
3429         (WebCore::SVGAnimatedPointListAnimator::calculateAnimatedValue):
3430
3431 2012-05-08  Rafael Weinstein  <rafaelw@chromium.org>
3432
3433         HTMLElementStack::hasOnlyHTMLElementsInScope is no longer called
3434         https://bugs.webkit.org/show_bug.cgi?id=85908
3435
3436         Reviewed by Eric Seidel.
3437
3438         This patch just removes the dead code.
3439
3440         No tests needed. Cleanup only.
3441
3442         * html/parser/HTMLElementStack.cpp:
3443         * html/parser/HTMLElementStack.h:
3444         (HTMLElementStack):
3445
3446 2012-05-08  W. James MacLean  <wjmaclean@chromium.org>
3447
3448         [chromium] Create LinkHighlightLayerChromium class to provide link-highlight preview animations for GraphicsLayerChromium.
3449         https://bugs.webkit.org/show_bug.cgi?id=85084
3450
3451         Reviewed by James Robinson.
3452
3453         Unit test provided.
3454
3455         Creates a layer delegate class to provide link highlight animations for link-preview feature.
3456         These are added to a GraphicsLayerChromium via provided methods. Moves dispensing of animation
3457         ids into a separate class.
3458
3459         * WebCore.gypi:
3460         * platform/graphics/chromium/AnimationIdVendor.cpp: Added.
3461         (WebCore):
3462         (WebCore::AnimationIdVendor::getNextAnimationId):
3463         (WebCore::AnimationIdVendor::getNextGroupId):
3464         * platform/graphics/chromium/AnimationIdVendor.h: Added.
3465         (WebCore):
3466         (AnimationIdVendor):
3467         * platform/graphics/chromium/GraphicsLayerChromium.cpp:
3468         (WebCore::GraphicsLayerChromium::willBeDestroyed):
3469         (WebCore::GraphicsLayerChromium::updateNames):
3470         (WebCore::GraphicsLayerChromium::addAnimation):
3471         (WebCore::GraphicsLayerChromium::addLinkHighlight):
3472         (WebCore):
3473         (WebCore::GraphicsLayerChromium::didFinishLinkHighlight):
3474         (WebCore::GraphicsLayerChromium::updateChildList):
3475         (WebCore::GraphicsLayerChromium::mapAnimationNameToId):
3476         * platform/graphics/chromium/GraphicsLayerChromium.h:
3477         (WebCore):
3478         (GraphicsLayerChromium):
3479         * platform/graphics/chromium/LinkHighlight.cpp: Added.
3480         (WebCore):
3481         (WebCore::LinkHighlight::create):
3482         (WebCore::LinkHighlight::LinkHighlight):
3483         (WebCore::LinkHighlight::~LinkHighlight):
3484         (WebCore::LinkHighlight::contentLayer):
3485         (WebCore::LinkHighlight::paintContents):
3486         (WebCore::LinkHighlight::notifyAnimationStarted):
3487         (WebCore::LinkHighlight::notifyAnimationFinished):
3488         * platform/graphics/chromium/LinkHighlight.h: Added.
3489         (WebCore):
3490         (LinkHighlight):
3491
3492 2012-05-08  Raphael Kubo da Costa  <rakuco@webkit.org>
3493
3494         [CMake] Rewrite FindGStreamer.cmake.
3495         https://bugs.webkit.org/show_bug.cgi?id=85857
3496
3497         Reviewed by Daniel Bates.
3498
3499         No new tests, build system change.
3500
3501         We are currently kind of duplicating the same
3502         FindGStreamer-Foo.cmake file whenever a new GStreamer plugin needs
3503         to be found. Besides this approach not scaling very well, it
3504         relies on pkg-config for version checking, uses the LibFindMacros
3505         package that we should deprecate and all the find files could be
3506         merged into one, with users using the COMPONENTS feature of the
3507         FIND_PACKAGE() call to find the desired plugins.
3508
3509         FindGStreamer.cmake has then been rewritten to take all that into
3510         account:
3511         - The LibFindMacros.cmake package is not used anymore.
3512         - Version check is performed in the CMake file itself by parsing
3513         the gstversion.h header.
3514         - All GStreamer plugins are searched and the COMPONENTS keyword
3515         used in the FIND_PACKAGE() call is used to check which plugins are
3516         required.
3517         - The plugins-base and base GStreamer plugins are not searched, as
3518         they were not used anywhere in the build system.
3519
3520         * PlatformEfl.cmake: Update GStreamer-related variable names.
3521
3522 2012-05-08  Mikhail Pozdnyakov  <mikhail.pozdnyakov@intel.com>
3523
3524         [EFL] Handling of numeric-pad keys in EFL's PlatformKeyboardEvent
3525         https://bugs.webkit.org/show_bug.cgi?id=85479
3526
3527         Reviewed by Gustavo Noronha Silva.
3528
3529         EFL's PlatformKeyboardEvent::isKeypad() now returns meaningful value.
3530         Added numeric-pad keys to the Key Map and Windows Key Map.
3531
3532         No new tests.
3533
3534         * platform/efl/EflKeyboardUtilities.cpp:
3535         (WebCore::createKeyMap):
3536         (WebCore::createWindowsKeyMap):
3537         * platform/efl/PlatformKeyboardEventEfl.cpp:
3538         (WebCore::PlatformKeyboardEvent::PlatformKeyboardEvent):
3539
3540 2012-05-04  Nikolas Zimmermann  <nzimmermann@rim.com>
3541
3542         Tie lifetime of SVGAnimateElement::m_animatedType to the duration of the animation
3543         https://bugs.webkit.org/show_bug.cgi?id=85627
3544
3545         Reviewed by Antti Koivisto.
3546
3547         Example:
3548         <rect width="10" height="100">
3549             <animate attributeName="width" from="10" to="100" begin="2s" dur="4s" fill="remove"/>
3550         </rect>
3551
3552         At t=0s the <animate> element receives its first interval: begin=2s, end=6s.
3553         At this point we've created the 'OwnPtr<SVGAnimatedType> m_animatedType' in
3554         SVGAnimateElement, which holds the current animated value of the target type.
3555         In this example it contains a SVGLength with '10' as value at t=0s.
3556
3557         Calling "rect.width.animVal.value" will return the value currently contained in the
3558         m_animatedType from the SVGAnimateElement, even though the animation didn't begin
3559         yet. This is fine, as the animVal equals to the baseVal, as long as no animation is
3560         running.
3561
3562         At t=6s you'd expect that the whole 'animVal' object is destructed again, as it's no
3563         longer needed, as animVal will be equal to baseVal again, but the current code keeps
3564         the animVal alive, and just resets it to the baseVal. The animVals will be destructed
3565         once the animate element leaves the tree.
3566
3567         CSS animations suffer from the same problem, we never remove the animated SMIL properties
3568         but we only reset them to the base value. This makes integration with CSS Animations and
3569         CSS Transitions harder, so this needs to be changed.
3570
3571         This patch starts tracking the start/end of an animation chain properly, to destruct
3572         the animation effect for non-frozen animations at the end of their duration. This has to
3573         work properly together with seeking (SVGSVGElement.setCurrentTime), as our testing relies
3574         on the ability to drive the SMIL timeline from script.
3575
3576         Tests: svg/animations/list-wrapper-assertion-expected.svg
3577                svg/animations/list-wrapper-assertion.svg
3578
3579         * svg/SVGAnimateElement.cpp:
3580         (WebCore::SVGAnimateElement::resetAnimatedType):
3581         (WebCore::applyCSSPropertyToTarget):
3582         (WebCore::removeCSSPropertyFromTarget):
3583         (WebCore::applyCSSPropertyToTargetAndInstances):
3584         (WebCore::removeCSSPropertyFromTargetAndInstances):
3585         (WebCore::notifyTargetAboutAnimValChange):
3586         (WebCore::notifyTargetAndInstancesAboutAnimValChange):
3587         (WebCore::SVGAnimateElement::clearAnimatedType):
3588         (WebCore::SVGAnimateElement::applyResultsToTarget):
3589         (WebCore::SVGAnimateElement::targetElementWillChange):
3590         * svg/SVGAnimateElement.h:
3591         (SVGAnimateElement):
3592         * svg/SVGAnimateMotionElement.cpp:
3593         (WebCore::SVGAnimateMotionElement::resetAnimatedType):
3594         (WebCore::SVGAnimateMotionElement::clearAnimatedType):
3595         * svg/SVGAnimateMotionElement.h:
3596         (SVGAnimateMotionElement):
3597         * svg/SVGAnimationElement.cpp:
3598         * svg/SVGAnimationElement.h:
3599         * svg/animation/SMILTimeContainer.cpp:
3600         (WebCore::SMILTimeContainer::updateAnimations):
3601         * svg/animation/SVGSMILElement.cpp:
3602         (WebCore::SVGSMILElement::reset):
3603         (WebCore::SVGSMILElement::targetElementWillChange):
3604         (WebCore::SVGSMILElement::determineActiveState):
3605         (WebCore::SVGSMILElement::progress):
3606         * svg/animation/SVGSMILElement.h:
3607         (SVGSMILElement):
3608         * svg/properties/SVGAnimatedListPropertyTearOff.h:
3609             Remove svgAttributeChanged() calls from animationEnded/animValDidChange.
3610             Callers are now required to notify the target about changes. There are cases
3611             where we want to call animValDidChange without invoking svgAttributeChanged().
3612             That is supported now.
3613         (WebCore::SVGAnimatedListPropertyTearOff::animationEnded):
3614         (WebCore::SVGAnimatedListPropertyTearOff::animValDidChange):
3615         * svg/properties/SVGAnimatedProperty.h: Ditto.
3616         (WebCore::SVGAnimatedProperty::commitChange): Add safety guard.
3617         * svg/properties/SVGAnimatedPropertyTearOff.h: Ditto.
3618         (WebCore::SVGAnimatedPropertyTearOff::animationEnded):
3619         (WebCore::SVGAnimatedPropertyTearOff::animValDidChange):
3620         * svg/properties/SVGAnimatedStaticPropertyTearOff.h: Ditto.
3621         (WebCore::SVGAnimatedStaticPropertyTearOff::animationEnded):
3622         (WebCore::SVGAnimatedStaticPropertyTearOff::animValDidChange):
3623
3624 2012-05-08  Ryuan Choi  <ryuan.choi@samsung.com>
3625
3626         [EFL][DRT]Do not create ScrollbarEfl when mockScrollbar is enabled.
3627         https://bugs.webkit.org/show_bug.cgi?id=81315
3628
3629         Reviewed by Chang Shu.
3630
3631         ScrollbarEfl creates custom scrollbars as separated layer and they are
3632         not related to ScrollbarTheme.
3633         So, DRT/Efl creates custom scrollbars on webview which paints mockScrollbar.
3634
3635         This patch prevents creating custom scrollbars when mockScrollbar is enabled.
3636
3637         Because DRT/Efl only renders the webview now, expected results are same
3638         until Bug 79853 is landed.
3639
3640         * platform/efl/ScrollbarEfl.cpp:
3641         (Scrollbar::createNativeScrollbar):
3642
3643 2012-05-08  Timothy Hatcher  <timothy@apple.com>
3644
3645         Fix the SOFT_LINK_STAGED_FRAMEWORK_OPTIONAL macro so it passes the full path to dlopen.
3646
3647         dyld only considers libraries in the versioned framework path if their install name
3648         matches the library that it is attempting to load. The path we were passing to
3649         dlopen lacked the Versions/A component of the path so dyld did not recognize that
3650         we wanted it to use the staged version if it is newer.
3651
3652         <rdar://problem/11406517>
3653
3654         Reviewed by Mark Rowe.
3655
3656         * platform/mac/SoftLinking.h: Have SOFT_LINK_STAGED_FRAMEWORK_OPTIONAL take the
3657         framework version as an argument and use it when constructing the path to dlopen.
3658
3659 2012-05-08  Rafael Brandao  <rafael.lobo@openbossa.org>
3660
3661         Build fix for Qt Snowleopard Release
3662         https://bugs.webkit.org/show_bug.cgi?id=85895
3663
3664         Reviewed by Alexis Menard.
3665
3666         The enum value JSUint8ClampedArray conflicted with the JSUint8ClampedArray class.
3667         I've added the 'Type' suffix to the enum value to make their names different.
3668
3669         No new tests needed.
3670
3671         * bridge/qt/qt_runtime_qt4.cpp:
3672         (JSC::Bindings::valueRealType):
3673         (JSC::Bindings::convertValueToQVariant):
3674
3675 2012-05-08  Shezan Baig  <shezbaig.wk@gmail.com>
3676
3677         offsetLeft broken within CSS3 columns
3678         https://bugs.webkit.org/show_bug.cgi?id=34875
3679
3680         Reviewed by Julien Chaffraix.
3681
3682         Reimplement offsetLeft and offsetTop in terms of a new method called
3683         'offsetTopLeft'. The new method starts from a reference point (the
3684         top-left coordinate of a box or inline) and adjusts this reference
3685         point for columns as we traverse each parent. Note that the reference
3686         point needs to be adjusted in both dimensions, even though offsetLeft
3687         and offsetTop return only one of them.
3688
3689         A new method called 'offsetForColumns' was added to RenderObject. This
3690         method is similar to adjustForColumns, except that it returns the
3691         offset instead of modifying a reference. This method is necessary to
3692         simplify the implementation of offsetTopLeft.
3693
3694         Tests: fast/block/positioning/offsetLeft-offsetTop-multicolumn-expected.txt
3695                fast/block/positioning/offsetLeft-offsetTop-multicolumn.html
3696
3697         * rendering/RenderBox.h:
3698         (RenderBox):
3699         Override offsetLeft and offsetTop.
3700         * rendering/RenderBox.cpp:
3701         (WebCore::RenderBox::offsetLeft):
3702         Implemented in terms of RenderBoxModelObject::offsetTopLeft, using
3703         topLeftLocation as startPoint.
3704         (WebCore::RenderBox::offsetTop):
3705         Implemented in terms of RenderBoxModelObject::offsetTopLeft, using
3706         topLeftLocation as startPoint.
3707         * rendering/RenderBoxModelObject.cpp:
3708         (WebCore::RenderBoxModelObject::offsetTopLeft):
3709         New method to compute offsetLeft and offsetTop simultaneously, and
3710         adjusting for columns at each parent.
3711         (WebCore::RenderBoxModelObject::offsetLeft):
3712         Reimplemented in terms of offsetTopLeft.
3713         (WebCore::RenderBoxModelObject::offsetTop):
3714         Reimplemented in terms of offsetTopLeft.
3715         * rendering/RenderBoxModelObject.h:
3716         (RenderBoxModelObject):
3717         Declare new offsetTopLeft method.
3718         * rendering/RenderInline.cpp:
3719         (WebCore::RenderInline::offsetLeft):
3720         Reimplemented in terms of RenderBoxModelObject::offsetTopLeft.
3721         (WebCore::RenderInline::offsetTop):
3722         Reimplemented in terms of RenderBoxModelObject::offsetTopLeft.
3723         * rendering/RenderObject.h:
3724         (RenderObject):
3725         (WebCore::RenderObject::offsetForColumns):
3726         New helper method to simplify implementation of offsetTopLeft.
3727
3728 2012-03-31  Robert Hogan  <robert@webkit.org>
3729
3730         CSS 2.1 failure: first-letter-nested-004.htm fails
3731         https://bugs.webkit.org/show_bug.cgi?id=72987
3732
3733         Reviewed by Eric Seidel.
3734
3735         When styling first-letter check each sibling and drill into its inlines until we find either (i) a text node 
3736         that is not all whitespace, or (ii) a line break.
3737
3738         This makes our rendering of the following tests compatible with FF and Opera. Our current behaviour is also conformant
3739         since the spec allows UAs to style just one element:
3740             css2.1/20110323/first-letter-quote-002.htm
3741             css2.1/20110323/first-letter-quote-003.htm
3742             css2.1/20110323/first-letter-quote-004.htm
3743             css2.1/20110323/first-letter-quote-005.htm
3744
3745         This fixes the following two tests. We now drill into the descendants of an element styled with :first-letter looking
3746         for text to style:
3747             css2.1/20110323/first-letter-nested-004.htm
3748             css2.1/20110323/first-letter-nested-006.htm
3749
3750         This patch changes our rendering of first-letter-dynamic-001.htm as we now render adjacent quotes in the second line as 
3751         green. This is consistent with the spec, which allows this behaviour but does not require it. It's the 'right' behaviour
3752         since it is consistent with the rendering of such quotes in a single element with :first-letter style.
3753
3754         * rendering/RenderBlock.cpp:
3755         (WebCore::RenderBlock::findLastObjectWithFirstLetterText): Iterate through the child's siblings looking for the last
3756           object to be styled :first-letter.
3757         (WebCore::RenderBlock::findLastObjectAfterFirstLetterPunctuation): Style any leading punctuation as first-letter, drill
3758           down into the child's descendants looking for text if necessary.
3759         (WebCore::RenderBlock::updateFirstLetter): Refactor to drill into sibling's children looking for inlines
3760          that should be styled as first-letter.
3761         (WebCore::RenderBlock::addFirstLetter): Split out from updateFirstLetter so that it can be used when a
3762          descendant node inside a sibling is found in findLastObjectWithFirstLetterText() needs to be styled as first-letter.
3763         * rendering/RenderBlock.h:
3764
3765 2012-05-08  Sheriff Bot  <webkit.review.bot@gmail.com>
3766
3767         Unreviewed, rolling out r116402.
3768         http://trac.webkit.org/changeset/116402
3769         https://bugs.webkit.org/show_bug.cgi?id=85898
3770
3771         Caused a 3% regression on Chromium's bloat-http test on Linux
3772         (Requested by ojan_gardening on #webkit).
3773
3774         * WebCore.exp.in:
3775         * bindings/v8/RetainedDOMInfo.cpp:
3776         * dom/ContainerNode.h:
3777         * dom/Node.cpp:
3778         (WebCore::Node::traverseNextNode):
3779         (WebCore):
3780         (WebCore::Node::traverseNextSibling):
3781         * dom/Node.h:
3782         (Node):
3783
3784 2012-05-08  Hironori Bono  <hbono@chromium.org>
3785
3786         [Chromium] Fix the position of an RTL resizer
3787         https://bugs.webkit.org/show_bug.cgi?id=80640
3788
3789         Reviewed by Tony Chang.
3790
3791         When rendering an RTL resizer, my r110073 renders it at the same position as the
3792         one used for rendering a LTR resizer. Unfortunately, this code renders the RTL
3793         resizer image at an incorrect position on Mac and Linux. This change uses the
3794         correct formula to calculate the position of an RTL resizer.
3795
3796         Test: platform/chromium/scrollbars/rtl-resizer-position.html
3797
3798         * rendering/RenderLayer.cpp:
3799         (WebCore::RenderLayer::drawPlatformResizerImage):
3800
3801 2012-05-08  Andreas Kling  <kling@webkit.org>
3802
3803         Element: isURLAttribute() should take a const Attribute&.
3804         <http://webkit.org/b/85890>
3805
3806         Reviewed by Anders Carlsson.
3807
3808         Change isURLAttribute(Attribute*) to isURLAttribute(const Attribute&) to enforce
3809         the fact that the Attribute can't be null, and shouldn't be mutated, at compile-time.
3810         Also sprinkle OVERRIDE while we're at it.
3811
3812         * dom/Element.cpp:
3813         (WebCore::Element::getURLAttribute):
3814         (WebCore::Element::getNonEmptyURLAttribute):
3815         * dom/Element.h:
3816         (WebCore::Element::isURLAttribute):
3817         * editing/MarkupAccumulator.cpp:
3818         (WebCore::MarkupAccumulator::appendQuotedURLAttributeValue):
3819         (WebCore::MarkupAccumulator::appendAttribute):
3820         * editing/markup.cpp:
3821         (WebCore::completeURLs):
3822         * html/HTMLAnchorElement.cpp:
3823         (WebCore::HTMLAnchorElement::isURLAttribute):
3824         * html/HTMLAnchorElement.h:
3825         * html/HTMLBaseElement.cpp:
3826         (WebCore::HTMLBaseElement::isURLAttribute):
3827         * html/HTMLBaseElement.h:
3828         * html/HTMLBodyElement.cpp:
3829         (WebCore::HTMLBodyElement::isURLAttribute):
3830         * html/HTMLBodyElement.h:
3831         * html/HTMLButtonElement.cpp:
3832         (WebCore::HTMLButtonElement::isURLAttribute):
3833         * html/HTMLButtonElement.h:
3834         * html/HTMLElement.cpp:
3835         (WebCore::HTMLElement::isURLAttribute):
3836         * html/HTMLElement.h:
3837         * html/HTMLEmbedElement.cpp:
3838         (WebCore::HTMLEmbedElement::isURLAttribute):
3839         * html/HTMLEmbedElement.h:
3840         * html/HTMLFormElement.cpp:
3841         (WebCore::HTMLFormElement::isURLAttribute):
3842         * html/HTMLFormElement.h:
3843         * html/HTMLFrameElementBase.cpp:
3844         (WebCore::HTMLFrameElementBase::isURLAttribute):
3845         * html/HTMLFrameElementBase.h:
3846         (HTMLFrameElementBase):
3847         * html/HTMLHtmlElement.cpp:
3848         (WebCore::HTMLHtmlElement::isURLAttribute):
3849         * html/HTMLHtmlElement.h:
3850         * html/HTMLImageElement.cpp:
3851         (WebCore::HTMLImageElement::isURLAttribute):
3852         * html/HTMLImageElement.h:
3853         * html/HTMLInputElement.cpp:
3854         (WebCore::HTMLInputElement::isURLAttribute):
3855         * html/HTMLInputElement.h:
3856         * html/HTMLLinkElement.cpp:
3857         (WebCore::HTMLLinkElement::isURLAttribute):
3858         * html/HTMLLinkElement.h:
3859         * html/HTMLMediaElement.cpp:
3860         (WebCore::HTMLMediaElement::isURLAttribute):
3861         * html/HTMLMediaElement.h:
3862         * html/HTMLModElement.cpp:
3863         (WebCore::HTMLModElement::isURLAttribute):
3864         * html/HTMLModElement.h:
3865         * html/HTMLObjectElement.cpp:
3866         (WebCore::HTMLObjectElement::isURLAttribute):
3867         * html/HTMLObjectElement.h:
3868         * html/HTMLParamElement.cpp:
3869         (WebCore::HTMLParamElement::isURLAttribute):
3870         * html/HTMLParamElement.h:
3871         * html/HTMLQuoteElement.cpp:
3872         (WebCore::HTMLQuoteElement::isURLAttribute):
3873         * html/HTMLQuoteElement.h:
3874         * html/HTMLScriptElement.cpp:
3875         (WebCore::HTMLScriptElement::isURLAttribute):
3876         * html/HTMLScriptElement.h:
3877         * html/HTMLSourceElement.cpp:
3878         (WebCore::HTMLSourceElement::isURLAttribute):
3879         * html/HTMLSourceElement.h:
3880         * html/HTMLTableCellElement.cpp:
3881         (WebCore::HTMLTableCellElement::isURLAttribute):
3882         * html/HTMLTableCellElement.h:
3883         * html/HTMLTableElement.cpp:
3884         (WebCore::HTMLTableElement::isURLAttribute):
3885         * html/HTMLTableElement.h:
3886         * html/HTMLTrackElement.cpp:
3887         (WebCore::HTMLTrackElement::isURLAttribute):
3888         * html/HTMLTrackElement.h:
3889         * html/HTMLVideoElement.cpp:
3890         (WebCore::HTMLVideoElement::isURLAttribute):
3891         * html/HTMLVideoElement.h:
3892         * svg/SVGScriptElement.cpp:
3893         (WebCore::SVGScriptElement::isURLAttribute):
3894         * svg/SVGScriptElement.h:
3895
3896 2012-05-08  Stephen Chenney  <schenney@chromium.org>
3897
3898         Shrink ElementAttributeData by factoring out Attr object count.
3899         https://bugs.webkit.org/show_bug.cgi?id=85825
3900
3901         Unreviewed build fix.
3902
3903         * dom/ElementAttributeData.cpp:
3904         (WebCore::attrListForElement): Was returning false instead of 0 for a pointer value. Now returns 0.
3905
3906 2012-05-08  Andreas Kling  <kling@webkit.org>
3907
3908         Element: Merge idAttributeChanged() into attributeChanged().
3909         <http://webkit.org/b/85885>
3910
3911         Reviewed by Antti Koivisto.
3912
3913         No new tests, code churn only.
3914
3915         * dom/Element.h:
3916         * dom/Element.cpp:
3917         (WebCore::Element::attributeChanged): There's no need for this to be a standalone function anymore.
3918
3919 2012-05-08  Andreas Kling  <kling@webkit.org>
3920
3921         Shrink ElementAttributeData by factoring out Attr object count.
3922         <http://webkit.org/b/85825>
3923
3924         Reviewed by Antti Koivisto.
3925
3926         Stop tracking the number of Attr objects that point to a given Element on the
3927         Element itself and manage this by having a global hashmap of Element => AttrList,
3928         where AttrList is a vector of (pointers to) the associated Attr objects.
3929
3930         This shrinks ElementAttributeData by one integer, effectively reducing memory
3931         consumption by ~530kB when viewing the full HTML5 spec at <http://whatwg.org/c>.
3932
3933         * dom/ElementAttributeData.h:
3934         (ElementAttributeData):
3935
3936             Remove m_attrCount...
3937
3938         * dom/Node.h:
3939         (WebCore::Node::hasAttrList):
3940         (WebCore::Node::setHasAttrList):
3941         (WebCore::Node::clearHasAttrList):
3942
3943             ...replacing it with a Node flag that tells us whether there's an Attr
3944             object map for this Node (only applies to Elements.)
3945
3946         * dom/ElementAttributeData.cpp:
3947         (WebCore::attrListMap):
3948         (WebCore::attrListForElement):
3949         (WebCore::ensureAttrListForElement):
3950         (WebCore::removeAttrListForElement):
3951         (WebCore::ElementAttributeData::attrIfExists):
3952         (WebCore::ElementAttributeData::ensureAttr):
3953         (WebCore::ElementAttributeData::setAttr):
3954         (WebCore::ElementAttributeData::removeAttr):
3955         (WebCore::ElementAttributeData::detachAttributesFromElement):
3956
3957             Map Element => per-Element AttrList in a global hash.
3958
3959 2012-05-08  Chris Guan  <chris.guan@torchmobile.com.cn>
3960
3961         [Blackberry] remove m_isRequestedByPlugin in ResourceRequest
3962         https://bugs.webkit.org/show_bug.cgi?id=84559
3963
3964         Reviewed by Antonio Gomes.
3965
3966         ResourceRequest is a network level abstraction, and it should
3967         not know anything about web concepts such as plug-ins, and Blackberry
3968         does not need m_isRequestedByPlugin any longer, So clean up all related
3969         code.
3970
3971         Tested on a website of http://edition.cnn.com, a new window should be
3972         opened only when user has a singe tap gesture on a plugin element.
3973
3974         * platform/network/blackberry/ResourceRequest.h:
3975         (WebCore::ResourceRequest::ResourceRequest):
3976         (ResourceRequest):
3977         (CrossThreadResourceRequestData):
3978         * platform/network/blackberry/ResourceRequestBlackBerry.cpp:
3979         (WebCore::ResourceRequest::doPlatformCopyData):
3980         (WebCore::ResourceRequest::doPlatformAdopt):
3981
3982 2012-05-03  Alexander Pavlov  <apavlov@chromium.org>
3983
3984         Extra line-breaks added when copying from source.
3985         https://bugs.webkit.org/show_bug.cgi?id=85282
3986
3987         Reviewed by Ryosuke Niwa.
3988
3989         The code used to replace any \n by \r\n, even the one that had a preceding \r, resulting in \r\r\n.
3990         This change introduces a check for the preceding \r when replacing \n's.
3991
3992         Test: platform/win/editing/pasteboard/pasting-crlf-isnt-translated-to-crcrlf-win.html
3993
3994         * platform/chromium/ClipboardUtilitiesChromium.cpp:
3995         (WebCore::replaceNewlinesWithWindowsStyleNewlines):
3996         * platform/win/ClipboardUtilitiesWin.cpp:
3997         (WebCore::replaceNewlinesWithWindowsStyleNewlines):
3998
3999 2012-05-08  Adam Barth  <abarth@webkit.org>
4000
4001         OS(ANDROID) JNI AttachCurrentThread take JNIEnv** as a parameter, not void**
4002         https://bugs.webkit.org/show_bug.cgi?id=85869
4003
4004         Reviewed by Eric Seidel.
4005
4006         According to
4007         http://docs.oracle.com/javase/1.5.0/docs/guide/jni/spec/invocation.html,
4008         AttachCurrentThread takes a JNIEnv** rather than a void**.  Apparently,
4009         most implementations actually take a void**.  The OS(ANDROID)
4010         implementation, however, actually takes an JNIEnv**.  This patch
4011         introduces a typedef to give each implementation what it desires.
4012
4013         * bridge/jni/JNIUtility.cpp:
4014         (JSC::Bindings::getJNIEnv):
4015
4016 2012-05-08  Balazs Kelemen  <kbalazs@webkit.org>
4017
4018         [Qt] X11 plugins need to be reworked for Qt5+WK1
4019         https://bugs.webkit.org/show_bug.cgi?id=80691
4020
4021         Reviewed by Simon Hausmann.
4022
4023         Implement basic windowless plugin support with Qt5.
4024         The solution is the same that has been chosen for
4025         WebKit2. We get the content drawed by the plugin
4026         from the X server as an image, create a QImage
4027         from it and paint it to the window surface with QPainter.
4028         Performance is sufficient for basic video playback.
4029
4030         No new tests, covered by existing plugin tests.
4031
4032         * Target.pri:
4033         * WebCore.pri:
4034         * platform/qt/QWebPageClient.h:
4035         (QWebPageClient):
4036         * plugins/PluginView.h:
4037         (PluginView):
4038         * plugins/qt/PluginPackageQt.cpp:
4039         (WebCore::PluginPackage::isPluginBlacklisted):
4040         Blacklist plugins that are incompatible with Qt5.
4041         The only one I know about currently is skypebuttons
4042         but the list can be extended in the future.
4043         (WebCore):
4044         (WebCore::PluginPackage::load):
4045         * plugins/qt/PluginViewQt.cpp:
4046         (X11Environment):
4047         (WebCore):
4048         (WebCore::x11Display):
4049         (WebCore::x11Screen):
4050         (WebCore::rootWindowID):
4051         (WebCore::displayDepth):
4052         (WebCore::syncX):
4053         (WebCore::PluginView::platformPageClient): Added a safe
4054         convenience getter for the QWebpageClient.
4055         (WebCore::PluginView::updatePluginWidget):
4056         (WebCore::PluginView::setFocus):
4057         (WebCore::setupGraphicsExposeEvent):
4058         (WebCore::PluginView::paintUsingXPixmap):
4059         (WebCore::setSharedXEventFields):