Ignore case in the check for security origin inheritance
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2016-06-17  John Wilander  <wilander@apple.com>
2
3         Ignore case in the check for security origin inheritance
4         https://bugs.webkit.org/show_bug.cgi?id=158878
5
6         Reviewed by Alex Christensen.
7
8         Darin Adler commented in https://bugs.webkit.org/show_bug.cgi?id=158855:
9         "Are these comparisons intentionally case sensitive? Shouldn’t they ignore ASCII 
10         case? We could use equalIgnoringASCIICase and equalLettersIgnoringASCIICase for 
11         those two lines instead of using ==. URL::parse normalizes letters in the scheme 
12         and host by using toASCIILower, but does not normalize letters elsewhere in the 
13         URL, such as in the "blank" or "srcdoc" in the above URLs."
14
15         Test: http/tests/dom/window-open-about-uppercase-blank-and-access-document.html
16
17         * platform/URL.cpp:
18         (WebCore::URL::shouldInheritSecurityOriginFromOwner):
19
20 2016-06-17  Hyungwook Lee  <hyungwook.lee@navercorp.com>
21
22         Fix compilation errors when we enable DUMP_NODE_STATISTICS in Node.h
23         https://bugs.webkit.org/show_bug.cgi?id=158868
24
25         Reviewed by Alex Christensen.
26
27         Fix compilation errors in Node.cpp when we enable DUMP_NODE_STATISTICS
28
29         * dom/Node.cpp:
30         (WebCore::Node::dumpStatistics):
31
32 2016-06-17  Per Arne Vollan  <pvollan@apple.com>
33
34         [Win] Scrolling in popup menu scrolls past last entry.
35         https://bugs.webkit.org/show_bug.cgi?id=158870
36
37         Reviewed by Brent Fulgham.
38
39         When the popup has a scrollbar, the content size is not equal to the popup window size.
40   
41         * platform/win/PopupMenuWin.cpp:
42         (WebCore::PopupMenuWin::contentsSize):
43
44 2016-06-17  Frederic Wang  <fwang@igalia.com>
45
46         Refactor RenderMathMLRoot layout function to avoid using flexbox
47         https://bugs.webkit.org/show_bug.cgi?id=153987
48
49         Reviewed by Brent Fulgham.
50
51         No new tests, already covered by existing tests.
52         A case for RTL root has been added to roots.xhtml.
53
54         We reimplement RenderMathMLRoot without any flexbox or anonymous.
55         The anonymous RenderMathMLRadicalOperator used to draw the radical sign is replaced with
56         the MathOperator class introduced in bug 152244.
57         msqrt (row of children under a square root) is now implemented directly in RenderMathMLRoot,
58         so RenderMathMLSquareRoot is removed and RenderMathMLRoot now inherits from RenderMathMLRow.
59
60         * CMakeLists.txt: Remove files for RenderMathMLRadicalOperator and RenderMathMLSquareRoot.
61         * WebCore.xcodeproj/project.pbxproj: ditto.
62         * accessibility/AccessibilityRenderObject.cpp: Update code now that we do not use any
63         radical wrappers.
64         (WebCore::AccessibilityRenderObject::isMathRow): Now that RenderMathMLRoot inherits from
65         RenderMathMLRow, we must exclude MathRoot or otherwise some accessibility code may treat
66         roots as rows.
67         (WebCore::AccessibilityRenderObject::mathRadicandObject): Return the first child for
68         Root/SquareRoot or nullptr.
69         (WebCore::AccessibilityRenderObject::mathRootIndexObject): Return the second child for
70         Root and nullptr for SquareRoot.
71         * mathml/MathMLInlineContainerElement.cpp:
72         (WebCore::MathMLInlineContainerElement::childrenChanged): We no longer need a special case
73         for msqrt, it is treated as a normal RenderMathMLRow.
74         (WebCore::MathMLInlineContainerElement::createElementRenderer): Make msqrt create a
75         RenderMathMLRoot object.
76         * rendering/RenderObject.h:
77         (WebCore::RenderObject::isRenderMathMLRadicalOperator): Deleted.
78         * rendering/mathml/RenderMathMLBlock.cpp:
79         (WebCore::RenderMathMLBlock::mirrorIfNeeded): New function to mirror a child horizontal
80         offset according to the parent width.
81         (WebCore::RenderMathMLBlock::renderName):
82         * rendering/mathml/RenderMathMLBlock.h:
83         (WebCore::RenderMathMLBlock::mirrorIfNeeded): Moved from RenderMathMLScripts, just forward
84         call to the other mirrorIfNeeded function.
85         * rendering/mathml/RenderMathMLOperator.cpp: We no longer need this trailingSpaceError hack.
86         (WebCore::RenderMathMLOperator::trailingSpaceError): Deleted.
87         * rendering/mathml/RenderMathMLOperator.h: ditto.
88         * rendering/mathml/RenderMathMLRadicalOperator.cpp: Removed. The radical sign is now drawn
89         with a MathOperator.
90         * rendering/mathml/RenderMathMLRadicalOperator.h: Removed.
91         * rendering/mathml/RenderMathMLRoot.cpp: Complete refactoring to avoid using flexbox and
92         anonymous wrappers.
93         (WebCore::RenderMathMLRoot::RenderMathMLRoot): Set m_kind parameters to distinguish between
94         square root and general root and set the MathOperator member to draw the radical sign.
95         (WebCore::RenderMathMLRoot::isValid): Helper function to verify whether the child list is valid.
96         (WebCore::RenderMathMLRoot::getBase): Get the base of an mroot.
97         (WebCore::RenderMathMLRoot::getIndex): Get the index of an mroot.
98         (WebCore::RenderMathMLRoot::styleDidChange): Be sure to keep the style of the
99         MathOperator in sync with ours ; no need to skip empty roots.
100         (WebCore::RenderMathMLRoot::updateFromElement): Call the function from the new parent class ;
101         no need to skip empty roots.
102         (WebCore::RenderMathMLRoot::updateStyle): Remove the isEmpty ASSERT as it is valid to have
103         empty square root. Set the m_kernBeforeDegree, m_kernBeforeDegree members.
104         No need to set style for anonymous.
105         (WebCore::RenderMathMLRoot::computePreferredLogicalWidths): Implement this function.
106         (WebCore::RenderMathMLRoot::layoutBlock): Implement this function.
107         (WebCore::RenderMathMLRoot::paintChildren): Implement this function.
108         (WebCore::RenderMathMLRoot::paint): Remove the trailingSpaceError hack ;
109         paint the radical sign via MathOperator::paint
110         (WebCore::RenderMathMLRoot::baseWrapper): Deleted.
111         (WebCore::RenderMathMLRoot::radicalWrapper): Deleted.
112         (WebCore::RenderMathMLRoot::indexWrapper): Deleted.
113         (WebCore::RenderMathMLRoot::radicalOperator): Deleted.
114         (WebCore::RenderMathMLRoot::restructureWrappers): Deleted.
115         (WebCore::RenderMathMLRoot::addChild): Deleted.
116         (WebCore::RenderMathMLRoot::firstLineBaseline): Deleted.
117         (WebCore::RenderMathMLRoot::layout): Deleted.
118         (WebCore::RenderMathMLRootWrapper::createAnonymousWrapper): Deleted.
119         (WebCore::RenderMathMLRootWrapper::removeChildWithoutRestructuring): Deleted.
120         (WebCore::RenderMathMLRootWrapper::removeChild): Deleted.
121         * rendering/mathml/RenderMathMLRoot.h: Make RenderMathMLRoot inherit from RenderMathMLRow.
122         Make RenderMathMLRoot support <msqrt>.
123         Remove all the anonymous wrapper stuff and instead use a MathOperator for the radical symbol.
124         Update function declaration to implement layout without flexbox and add some helper functions.
125         * rendering/mathml/RenderMathMLRow.cpp: Allow to get the exact metrics of the chid row,
126         for use in RenderMathMLRoot.
127         (WebCore::RenderMathMLRow::computeLineVerticalStretch): rename parameters.
128         (WebCore::RenderMathMLRow::layoutRowItems): Set parameters to the final ascent, descent and
129         logical width of the chid row. Set the temporary logical width for RenderMathRoot before
130         laying the children out.
131         (WebCore::RenderMathMLRow::layoutBlock): Rename parameters ; add a dummy logicalWidth
132         parameter.
133         * rendering/mathml/RenderMathMLRow.h: Make some functions accessible or overridable by
134         RenderMathMLRoot. Make layoutRowItems return the final ascent, descent and logical width
135         after the chid row is laid out.
136         * rendering/mathml/RenderMathMLScripts.cpp: Move mirrorIfNeeded to RenderMathMLBlock.
137         (WebCore::RenderMathMLScripts::mirrorIfNeeded): Deleted.
138         * rendering/mathml/RenderMathMLScripts.h: Move mirrorIfNeeded to RenderMathMLBlock.
139         * rendering/mathml/RenderMathMLSquareRoot.cpp: Removed.
140         * rendering/mathml/RenderMathMLSquareRoot.h: Removed.
141         * rendering/mathml/MathOperator.cpp:
142         (WebCore::MathOperator::paint): Apply a mirroring scale transform to radical symbol
143         in RTL direction.
144
145 2016-06-17  Chris Dumez  <cdumez@apple.com>
146
147         Drop some unnecessary header includes
148         https://bugs.webkit.org/show_bug.cgi?id=158864
149
150         Reviewed by Alexey Proskuryakov.
151
152         Drop some unnecessary header includes to try and reduce build times.
153
154         * WebCore.xcodeproj/project.pbxproj:
155         * accessibility/AccessibilityList.cpp:
156         * css/CSSComputedStyleDeclaration.cpp:
157         * css/MediaQueryMatcher.cpp:
158         * css/StyleMedia.cpp:
159         * css/TransformFunctions.cpp:
160         * dom/NodeRenderStyle.h:
161         * dom/PseudoElement.h:
162         (isType): Deleted.
163         * html/HTMLTitleElement.cpp:
164         * html/shadow/MediaControlElementTypes.h:
165         * html/shadow/MediaControls.cpp:
166         * inspector/InspectorDOMAgent.h:
167         * inspector/InspectorLayerTreeAgent.h:
168         * inspector/InspectorPageAgent.cpp:
169         * page/scrolling/AsyncScrollingCoordinator.cpp:
170         * page/scrolling/ScrollingCoordinator.h:
171         * rendering/BidiRun.h:
172         * rendering/BorderEdge.h:
173         * rendering/RenderElement.h:
174         * rendering/RenderObject.h:
175         (WebCore::AnnotatedRegionValue::operator==): Deleted.
176         (WebCore::AnnotatedRegionValue::operator!=): Deleted.
177         * rendering/RenderObjectEnums.h: Added.
178         * rendering/RenderTheme.h:
179         * rendering/SimpleLineLayoutFlowContents.h:
180         * rendering/SimpleLineLayoutTextFragmentIterator.h:
181         * rendering/TextPainter.h:
182         * rendering/style/RenderStyle.h:
183         (WebCore::pseudoElementRendererIsNeeded):
184         * rendering/style/ShapeValue.cpp:
185         * rendering/style/ShapeValue.h:
186         * style/ClassChangeInvalidation.cpp:
187         * style/ClassChangeInvalidation.h:
188         * style/InlineTextBoxStyle.h:
189         * style/StyleUpdate.cpp:
190
191 2016-06-17  Andreas Kling  <akling@apple.com>
192
193         [iOS] Throw away linked code when navigating to a new page.
194         <https://webkit.org/b/153851>
195
196         Reviewed by Antti Koivisto.
197
198         When navigating to a new page, tell JSC to throw out any linked code it has lying around.
199         Linked code is tied to a specific global object, and as we're creating a new one for the
200         new page, none of it is useful to us here.
201
202         In the event that the user navigates back, the cost of relinking some code will be far
203         lower than the memory cost of keeping all of it around.
204
205         This was in-tree before but was rolled out due to regressing JSBench. It was a slowdown
206         due to the benchmark harness using top-level navigations to drive the tests.
207         This new version avoids that problem by only throwing out code if we haven't navigated
208         in the last 2 seconds. This also prevents excessive work in response to redirects.
209
210         I've also moved this into MemoryPressureHandler so we don't make a mess in FrameLoader.
211
212         * loader/FrameLoader.cpp:
213         (WebCore::FrameLoader::commitProvisionalLoad):
214         * platform/MemoryPressureHandler.cpp:
215         (WebCore::MemoryPressureHandler::jettisonExpensiveObjectsOnTopLevelNavigation):
216         * platform/MemoryPressureHandler.h:
217
218 2016-06-17  Youenn Fablet  <youenn.fablet@crf.canon.fr>
219
220         CORS preflight with a non-200 response should be a preflight failure
221         https://bugs.webkit.org/show_bug.cgi?id=111008
222
223         Reviewed by Darin Adler.
224
225         Covered by rebased tests.
226
227         * Modules/fetch/FetchResponse.h: Making use of ResourceResponse::isSuccessful.
228         * loader/CrossOriginPreflightChecker.cpp:
229         (WebCore::CrossOriginPreflightChecker::validatePreflightResponse): Checking that response status is code is
230         successful. If not, calling preflight failure callback.
231         (WebCore::CrossOriginPreflightChecker::startPreflight): Putting in manual redirection mode so that redirection
232         responses are processed as other responses.
233         * loader/ResourceLoaderOptions.h:
234         (WebCore::ResourceLoaderOptions::fetchOptions): Adding a non-const getter and fixing const getter to return a
235         const reference.
236         (WebCore::ResourceLoaderOptions::setFetchOptions): Passing options by reference.
237         * platform/network/ResourceResponseBase.cpp:
238         (WebCore::ResourceResponseBase::isSuccessful): Utility function.
239         * platform/network/ResourceResponseBase.h:
240
241 2016-06-17  Frederic Wang  <fwang@igalia.com>
242
243         MathOperator: Add fallback mechanisms for stretching and mirroring radical symbols
244         https://bugs.webkit.org/show_bug.cgi?id=156836
245
246         Reviewed by Sergio Villar Senin.
247
248         Some platforms do not have OpenType MATH fonts pre-installed and thus can not draw stretchy
249         operators using size variants or glyph assembly. This is especially problematic for the
250         radical symbol which is used to write roots. Currently, we have some fallback code to draw
251         that symbol using graphical primitives but it is a bit complex and makes the style of radical
252         inconsistent with the font used. We solve these issues by just scaling the base glyph via a
253         scale transform. Such scale transform is also used to mirror the radical symbol so that we
254         have some support for right-to-left roots until we can do glyph-level mirroring
255         via the OpenType rtlm feature.
256
257         Test: mathml/radical-fallback.html
258
259         * rendering/mathml/MathOperator.cpp: Add a constant for the code point U+221A of the radical.
260         (WebCore::MathOperator::reset): In general, we don't need any vertical scaling for radical
261         symbols so m_radicalVerticalScale is initialized to 1.
262         (WebCore::MathOperator::calculateStretchyData): If we don't have a font with a MATH table and we
263         try streching a radical, then we update the vertical metrics to match the target size and
264         set m_radicalVerticalScale to the value necessary to make the base glyph scaled to that size.
265         (WebCore::MathOperator::paint): For a radical operator, we may apply a scale transform of
266         parameters (radicalHorizontalScale, m_radicalVerticalScale) in order to support RTL
267         mirroring or vertical stretching.
268         * rendering/mathml/MathOperator.h: We add a m_radicalVerticalScale member to indicate the
269         scaling to apply to the base radical glyph when the stretchy fallback is necessary.
270         (WebCore::MathOperator::isStretched): The operator is also considered stretched when the
271         m_radicalVerticalScale is applied to the base size.
272         * rendering/mathml/RenderMathMLRadicalOperator.cpp: Remove code specific to the old fallback mechanism.
273         * rendering/mathml/RenderMathMLRadicalOperator.h: Ditto.
274
275 2016-06-16  Commit Queue  <commit-queue@webkit.org>
276
277         Unreviewed, rolling out r202147.
278         https://bugs.webkit.org/show_bug.cgi?id=158867
279
280         Broke scrolling tests on iOS Simulator (Requested by ap on
281         #webkit).
282
283         Reverted changeset:
284
285         "Focus event dispatched in iframe causes parent document to
286         scroll incorrectly"
287         https://bugs.webkit.org/show_bug.cgi?id=158629
288         http://trac.webkit.org/changeset/202147
289
290 2016-06-16  Benjamin Poulain  <bpoulain@apple.com>
291
292         :in-range & :out-of-range CSS pseudo-classes shouldn't match disabled or readonly inputs
293         https://bugs.webkit.org/show_bug.cgi?id=156530
294
295         Reviewed by Simon Fraser.
296
297         Elements should only match :in-range and :out-of-range
298         when they are candidate for constraint validation.
299
300         Tests: fast/css/pseudo-in-range-on-disabled-input-basics.html
301                fast/css/pseudo-in-range-on-readonly-input-basics.html
302                fast/css/pseudo-in-range-out-of-range-on-disabled-input-trivial.html
303                fast/css/pseudo-out-of-range-on-disabled-input-basics.html
304                fast/css/pseudo-out-of-range-on-readonly-input-basics.html
305                fast/selectors/in-range-out-of-range-style-update.html
306
307         * html/BaseDateAndTimeInputType.cpp:
308         (WebCore::BaseDateAndTimeInputType::minOrMaxAttributeChanged):
309         * html/NumberInputType.cpp:
310         (WebCore::NumberInputType::minOrMaxAttributeChanged):
311         I forgot to handle style update in r202143.
312         This is covered by the new style invalidation test.
313
314         * html/BaseDateAndTimeInputType.h:
315         * html/HTMLInputElement.cpp:
316         (WebCore::HTMLInputElement::isInRange):
317         (WebCore::HTMLInputElement::isOutOfRange):
318
319 2016-06-16  Frederic Wang  <fwang@igalia.com>
320
321         Add separate MathOperator for selection/measuring/drawing of stretchy operators
322         https://bugs.webkit.org/show_bug.cgi?id=152244
323
324         Reviewed by Brent Fulgham.
325
326         We complete the class to select, measure and draw stretchy operators that is independent
327         from RenderMathMLOperator. That way, we will be able use stretchy operator without having
328         to introduce & manage anonymous RenderMathMLOperator's
329         (e.g for <mroot>, <msqrt> and <mfenced>).
330
331         No new tests, already covered by existing tests.
332
333         * rendering/mathml/MathOperator.cpp:
334         (WebCore::ascentForGlyph): Add this helper function to get glyph ascent.
335         (WebCore::descentForGlyph): Add this helper function to get glyph descent.
336         (WebCore::MathOperator::reset): Initialize all the data and calculate ascent/descent of the
337         base glyph.
338         (WebCore::MathOperator::setSizeVariant): Set the width/ascent/descent.
339         (WebCore::MathOperator::setGlyphAssembly): Ditto.
340         (WebCore::MathOperator::calculateDisplayStyleLargeOperator): Remove the STIX Word hack and
341         change m_maxPreferredWidth to use the actual width instead.
342         (WebCore::MathOperator::stretchTo): New functions to execute the actual operator streching.
343         (WebCore::MathOperator::fillWithVerticalExtensionGlyph): Add a FIXME for bug 155434.
344         (WebCore::MathOperator::fillWithHorizontalExtensionGlyph): Align all the glyph baselines on
345         the same axis, given by m_ascent.
346         Add a FIXME for bug 155434.
347         (WebCore::MathOperator::paintHorizontalGlyphAssembly): Ditto.
348         (WebCore::MathOperator::paint): Public function to do the painting.
349         (WebCore::MathOperator::paintVerticalGlyphAssembly): Deleted.
350         * rendering/mathml/MathOperator.h: Update declarations and make most of the members private.
351         (WebCore::MathOperator::ascent): Function to expose m_ascent.
352         (WebCore::MathOperator::descent): Function to expose m_descent.
353         * rendering/mathml/RenderMathMLOperator.cpp:
354         (WebCore::RenderMathMLOperator::stretchTo): Forward the stretching call to MathOperator.
355         (WebCore::RenderMathMLOperator::computePreferredLogicalWidths): Unfold advanceForGlyph
356         since we delete RenderMathMLOperator::advanceForGlyph. Just rely on
357         MathOperator::maxPreferredWidth to determine the preferred width of stretchy operators.
358         For horizontal operators, we just use the width of the base glyph.
359         Finally, we remove the dirty flag on preferred logical width.
360         (WebCore::RenderMathMLOperator::rebuildTokenContent): Reinit the MathOperator instance.
361         (WebCore::RenderMathMLOperator::updateFromElement): Force more updates of
362         RenderMathMLOperator to avoid test breakage.
363         (WebCore::RenderMathMLOperator::styleDidChange): Call MathOperator::reset to take into
364         account style change.
365         (WebCore::RenderMathMLOperator::updateStyle): Remove unused code.
366         (WebCore::RenderMathMLOperator::firstLineBaseline): Use MathOperator::ascent() function.
367         (WebCore::RenderMathMLOperator::computeLogicalHeight): Use MathOperator::ascent() and
368         MathOperator::descent() functions to calculate the height.
369         (WebCore::RenderMathMLOperator::paint): Only stretched operators are treated specially.
370         We center horizontal operator and forward the paint() call to MathOperator.
371         (WebCore::RenderMathMLOperator::trailingSpaceError): The error is now just the difference
372         between the values returned by MathOperator::maxPreferredWidth() and
373         MathOperator::width().
374         (WebCore::boundsForGlyph): Deleted.
375         (WebCore::heightForGlyph): Deleted.
376         (WebCore::advanceWidthForGlyph): Deleted.
377         (WebCore::RenderMathMLOperator::updateStyle): Deleted.
378
379 2016-06-16  Jiewen Tan  <jiewen_tan@apple.com>
380
381         CSP: Content Security Policy should allow '*' to match the originating page's scheme
382         https://bugs.webkit.org/show_bug.cgi?id=158811
383         <rdar://problem/26819568>
384
385         Reviewed by Daniel Bates.
386
387         Tests: security/contentSecurityPolicy/image-with-file-url-allowed-by-img-src-star.html
388                security/contentSecurityPolicy/link-with-file-url-allowed-by-style-src-star.html
389                security/contentSecurityPolicy/script-with-file-url-allowed-by-script-src-star.html
390                security/contentSecurityPolicy/video-with-file-url-allowed-by-media-src-star.html
391
392         * page/csp/ContentSecurityPolicySourceList.cpp:
393         (WebCore::ContentSecurityPolicySourceList::isProtocolAllowedByStar):
394
395 2016-06-16  Chris Dumez  <cdumez@apple.com>
396
397         Add HTTPHeaderMap::set() overload taking a NSString*
398         https://bugs.webkit.org/show_bug.cgi?id=158857
399
400         Reviewed by Darin Adler.
401
402         Add HTTPHeaderMap::set() overloading taking a NSString* in addition to
403         the one taking a CFStringRef. It is useful for the Cocoa implementation
404         of ResourceRequest::doUpdateResourceRequest().
405
406         * platform/network/HTTPHeaderMap.h:
407         (WebCore::HTTPHeaderMap::set):
408
409 2016-06-16  Joseph Pecoraro  <pecoraro@apple.com>
410
411         Web Inspector: console.profile should use the new Sampling Profiler
412         https://bugs.webkit.org/show_bug.cgi?id=153499
413         <rdar://problem/24352431>
414
415         Reviewed by Timothy Hatcher.
416
417         Test: inspector/timeline/setInstruments-programmatic-capture.html
418
419         * inspector/InspectorTimelineAgent.cpp:
420         (WebCore::InspectorTimelineAgent::startFromConsole):
421         (WebCore::InspectorTimelineAgent::stopFromConsole):
422         (WebCore::InspectorTimelineAgent::mainFrameStartedLoading):
423         (WebCore::InspectorTimelineAgent::startProgrammaticCapture):
424         (WebCore::InspectorTimelineAgent::stopProgrammaticCapture):
425         (WebCore::InspectorTimelineAgent::toggleInstruments):
426         (WebCore::InspectorTimelineAgent::toggleScriptProfilerInstrument):
427         (WebCore::InspectorTimelineAgent::toggleHeapInstrument):
428         (WebCore::InspectorTimelineAgent::toggleMemoryInstrument):
429         (WebCore::InspectorTimelineAgent::toggleTimelineInstrument):
430         * inspector/InspectorTimelineAgent.h:
431         Web implementation of console.profile/profileEnd.
432         Make helpers for startings / stopping instruments.
433
434 2016-06-16  John Wilander  <wilander@apple.com>
435
436         Restrict security origin inheritance to empty, about:blank, and about:srcdoc URLs
437         https://bugs.webkit.org/show_bug.cgi?id=158855
438         <rdar://problem/26142632>
439
440         Reviewed by Alex Christensen.
441
442         Tests: http/tests/dom/window-open-about-blank-and-access-document.html
443                http/tests/dom/window-open-about-webkit-org-and-access-document.html
444
445         Document.cpp previously checked whether a document should inherit its owner's 
446         security origin by checking if the URL is either empty or blank. URL.cpp in 
447         turn only checks if the protocol is "about:" in the isBlankURL() function. 
448         Thus all about:* URLs inherited security origin. This patch restricts 
449         security origin inheritance to empty, about:blank, and about:srcdoc URLs.
450
451         Quotes and links from the WHATWG spec regarding about:srcdoc:
452
453         7.1 Browsing contexts
454         A browsing context can have a creator browsing context, the browsing context 
455         that was responsible for its creation. If a browsing context has a parent 
456         browsing context, then that is its creator browsing context. Otherwise, if the 
457         browsing context has an opener browsing context, then that is its creator 
458         browsing context. Otherwise, the browsing context has no creator browsing 
459         context.
460         https://html.spec.whatwg.org/multipage/browsers.html#concept-document-bc
461
462         7.1.1 Nested browsing contexts
463         Certain elements (for example, iframe elements) can instantiate further 
464         browsing contexts. These are called nested browsing contexts. If a browsing 
465         context P has a Document D with an element E that nests another browsing 
466         context C inside it, then C is said to be nested through D, and E is said to 
467         be the browsing context container of C. If the browsing context container 
468         element E is in the Document D, then P is said to be the parent browsing 
469         context of C and C is said to be a child browsing context of P. Otherwise, 
470         the nested browsing context C has no parent browsing context.
471         https://html.spec.whatwg.org/multipage/browsers.html#nested-browsing-context
472
473         4.8.5 The iframe element
474         The iframe element represents a nested browsing context.
475         ...
476         If the srcdoc attribute is specified
477             Navigate the element's child browsing context to a new response whose 
478             url list consists of about:srcdoc ...
479         https://html.spec.whatwg.org/multipage/embedded-content.html#attr-iframe-srcdoc
480
481         * dom/Document.cpp:
482         (WebCore::Document::initSecurityContext):
483             Now uses the URL::shouldInheritSecurityOriginFromOwner() function instead.
484         (WebCore::Document::initContentSecurityPolicy):
485             Now uses the URL::shouldInheritSecurityOriginFromOwner() function instead.
486         (WebCore::shouldInheritSecurityOriginFromOwner): Deleted.
487             Moved to URL::shouldInheritSecurityOriginFromOwner() and restricted the check.
488         * platform/URL.cpp:
489         (WebCore::URL::shouldInheritSecurityOriginFromOwner):
490         * platform/URL.h:
491             Moved the function from Document and restricted the check to only allow
492             security origin inheritance for empty, about:blank, and about:srcdoc URLs.
493
494 2016-06-16  Simon Fraser  <simon.fraser@apple.com>
495
496         [iOS] Focus event dispatched in iframe causes parent document to scroll incorrectly
497         https://bugs.webkit.org/show_bug.cgi?id=158629
498         rdar://problem/26521616
499
500         Reviewed by Enrica Casucci.
501
502         When focussing elements in iframes, the page could scroll to an incorrect location.
503         This happened because code in Element::focus() tried to disable scrolling on focus,
504         but did so only for the current frame, so ancestor frames got programmatically scrolled.
505         On iOS we handle the scrolling in the UI process, so never want the web process to
506         do programmatic scrolling.
507
508         Fix by changing the focus and cache restore code to use SelectionRevealMode::DoNotReveal,
509         rather than manually prohibiting frame scrolling.
510
511         Tests: fast/forms/ios/focus-input-in-iframe.html
512                fast/forms/ios/programmatic-focus-input-in-iframe.html
513
514         * dom/Element.cpp:
515         (WebCore::Element::focus):
516         * history/CachedPage.cpp:
517         (WebCore::CachedPage::restore):
518
519 2016-06-16  Zalan Bujtas  <zalan@apple.com>
520
521         [New Block-Inside-Inline Model] Do not attempt to re-run margin collapsing on the block sequence.
522         https://bugs.webkit.org/show_bug.cgi?id=158854
523
524         Reviewed by David Hyatt.
525
526         Test: fast/block/inside-inlines/crash-on-first-line-change.html
527
528         * rendering/RenderBlockLineLayout.cpp:
529         (WebCore::RenderBlockFlow::marginCollapseLinesFromStart):
530
531 2016-06-16  Ting-Wei Lan  <lantw44@gmail.com>
532
533         Include cstdlib before using std::atexit
534         https://bugs.webkit.org/show_bug.cgi?id=158681
535
536         Reviewed by Brent Fulgham.
537
538         * platform/graphics/PlatformDisplay.cpp:
539
540 2016-06-16  Chris Dumez  <cdumez@apple.com>
541
542         Use StringView::toAtomicString() in HTMLImageElement::setBestFitURLAndDPRFromImageCandidate()
543         https://bugs.webkit.org/show_bug.cgi?id=158853
544
545         Reviewed by Brent Fulgham.
546
547         Use StringView::toAtomicString() in HTMLImageElement::setBestFitURLAndDPRFromImageCandidate()
548         as m_bestFitImageURL data member is an AtomicString. This avoids constructing a String and
549         then atomizing it.
550
551         * html/HTMLImageElement.cpp:
552         (WebCore::HTMLImageElement::setBestFitURLAndDPRFromImageCandidate):
553
554 2016-06-16  Benjamin Poulain  <bpoulain@apple.com>
555
556         :in-range & :out-of-range CSS pseudo-classes shouldn't match inputs without range limitations
557         https://bugs.webkit.org/show_bug.cgi?id=156558
558
559         Reviewed by Simon Fraser.
560
561         The pseudo selectors :in-range and :out-of-range should only
562         apply if:
563         -minimum/maximum are defined for the input type
564         -the input value is/is-not suffering from underflow/overflow.
565
566         Only certain types have a valid minimum and maximum:
567         -number
568         -range
569         -date
570         -month
571         -week
572         -time
573         -datetime-local
574
575         Of those, only one has a default minimum and maximum: range.
576         For all the others, the minimum or maximum is only defined
577         if the min/max attribute is defined and valid.
578
579         This patch addresses these constraints for number and range.
580         The date types range validation is severely broken and is
581         left untouched. It really needs a clean rewrite.
582
583         Tests: fast/css/pseudo-in-range-basics.html
584                fast/css/pseudo-in-range-out-of-range-trivial.html
585                fast/css/pseudo-out-of-range-basics.html
586
587         * html/DateInputType.cpp:
588         (WebCore::DateInputType::createStepRange):
589         * html/DateTimeInputType.cpp:
590         (WebCore::DateTimeInputType::createStepRange):
591         * html/DateTimeLocalInputType.cpp:
592         (WebCore::DateTimeLocalInputType::createStepRange):
593         * html/InputType.cpp:
594         (WebCore::InputType::isInRange):
595         (WebCore::InputType::isOutOfRange):
596         Notice the isEmpty() shortcut.
597         A value can only overflow/underflow if it is not empty.
598
599         * html/MonthInputType.cpp:
600         (WebCore::MonthInputType::createStepRange):
601         * html/NumberInputType.cpp:
602         (WebCore::NumberInputType::createStepRange):
603         * html/RangeInputType.cpp:
604         (WebCore::RangeInputType::createStepRange):
605         * html/StepRange.cpp:
606         (WebCore::StepRange::StepRange):
607         * html/StepRange.h:
608         (WebCore::StepRange::hasRangeLimitations):
609         * html/WeekInputType.cpp:
610         (WebCore::WeekInputType::createStepRange):
611
612 2016-06-16  Anders Carlsson  <andersca@apple.com>
613
614         Fix macOS Sierra build
615         https://bugs.webkit.org/show_bug.cgi?id=158849
616
617         Reviewed by Tim Horton.
618
619         Add WebCore:: qualifiers for IOSurface, to avoid conflicts with the IOSurface Objective-C class.
620         
621         Also, add an asLayerContents() getter that will return an id that's suitable for setting 
622         as the contents of a CALayer.
623
624         * platform/graphics/cocoa/IOSurface.h:
625         * platform/graphics/cocoa/IOSurface.mm:
626
627 2016-06-16  Andreas Kling  <akling@apple.com>
628
629         REGRESSION(r196217): 3% JSBench regression on iPhone 5.
630         <https://webkit.org/b/158848>
631         <rdar://problem/26609622>
632
633         Unreviewed rollout.
634
635         Don't jettison linked code on every top-level navigation as that was hurting JSBench on iPhone 5.
636
637         * loader/FrameLoader.cpp:
638         (WebCore::FrameLoader::commitProvisionalLoad):
639
640 2016-06-16  Adam Bergkvist  <adam.bergkvist@ericsson.com>
641
642         WebRTC: Check type of this in RTCPeerConnection JS built-in functions
643         https://bugs.webkit.org/show_bug.cgi?id=151303
644
645         Reviewed by Youenn Fablet.
646
647         Check type of 'this' in RTCPeerConnection JS built-in functions.
648
649         Test: fast/mediastream/RTCPeerConnection-js-built-ins-check-this.html
650
651         * Modules/mediastream/RTCPeerConnection.js:
652         (createOffer):
653         (createAnswer):
654         (setLocalDescription):
655         (setRemoteDescription):
656         (addIceCandidate):
657         (getStats):
658         Reject if 'this' isn't of type RTCPeerConnection.
659         * Modules/mediastream/RTCPeerConnectionInternals.js:
660         (isRTCPeerConnection):
661         Add helper function to perform type check. Needs further robustifying.
662
663 2016-06-16  Myles C. Maxfield  <mmaxfield@apple.com>
664
665         Sporadic crash in HashTableAddResult following CSSValuePool::createFontFamilyValue
666         https://bugs.webkit.org/show_bug.cgi?id=158297
667
668         Reviewed by Darin Adler.
669
670         In an effort to reduce the flash of unstyled content, we force all elements
671         to have display: none during an external stylesheet load. We do this by
672         ignoring the CSS cascade and forcing all elements to have a placeholder style
673         which hardcodes display: none. (This is necessary to make elements created by
674         script during the stylesheet load not flash.)
675
676         This style is exposed to web content via getComputedStyle(), which means it
677         needs to maintain the invariant that font-families can never be null strings.
678         We enforce this by forcing the font-family to be the standard font name.
679
680         Test: fast/text/placeholder-renderstyle-null-font.html
681
682         * style/StyleTreeResolver.cpp:
683         (WebCore::Style::ensurePlaceholderStyle):
684
685 2016-06-16  Chris Dumez  <cdumez@apple.com>
686
687         Avoid some temporary String allocations for common HTTP headers in ResourceResponse::platformLazyInit()
688         https://bugs.webkit.org/show_bug.cgi?id=158827
689
690         Reviewed by Darin Adler.
691
692         Add a HTTPHeaderMap::set() overload taking in a CFStringRef. The
693         implementation has a fast path which gets the internal characters
694         of the CFStringRef when possible and constructs a StringView for
695         it in order to call findHTTPHeaderName(). As a result, we avoid
696         allocating a temporary String when findHTTPHeaderName() succeeds.
697
698         This new HTTPHeaderMap::set() overload is called from both the
699         CF and Cocoa implementations of ResourceResponse::platformLazyInit().
700
701         I have confirmed locally on both Mac and iOS that the fast path
702         is used ~93% of the time. CFStringGetCStringPtr() returns null in
703         rare cases, causing the regular code path to be used.
704
705         * platform/network/HTTPHeaderMap.cpp:
706         (WebCore::HTTPHeaderMap::set):
707         * platform/network/HTTPHeaderMap.h:
708
709 2016-06-15  Zalan Bujtas  <zalan@apple.com>
710
711         Decouple the percent height and positioned descendants maps.
712         https://bugs.webkit.org/show_bug.cgi?id=158773
713
714         Reviewed by David Hyatt and Chris Dumez.
715
716         We track renderers with percent height across multiple containers using
717         HashMap<const RenderBox*, std::unique_ptr<HashSet<const RenderBlock*>>>.
718         We also use the same data structure to track positioned descendants.
719         However a positioned renderer can have only one containing block so tracking it
720         with a 1:many type is defective.
721         It allows multiple inserts for positioned descendants, which could lead to
722         inconsistent layout state as the rendering logic expects these type of renderers
723         with only one containing block.
724         This patch decouples percent height and positioned tracking by introducing
725         the PositionedDescendantsMap class. This class is responsible for tracking
726         the positioned descendants inbetween layouts.
727
728         No change in functionality.
729
730         Tests: fast/block/positioning/change-containing-block-for-absolute-positioned.html
731                fast/block/positioning/change-containing-block-for-fixed-positioned.html
732
733         * rendering/RenderBlock.cpp:
734         (WebCore::insertIntoTrackedRendererMaps):
735         (WebCore::removeFromTrackedRendererMaps):
736         (WebCore::PositionedDescendantsMap::addDescendant): Add more defensive ASSERT_NOT_REACHED
737         to the double insert branch when webkit.org/b/158772 gets fixed.
738         (WebCore::PositionedDescendantsMap::removeDescendant):
739         (WebCore::PositionedDescendantsMap::removeContainingBlock):
740         (WebCore::PositionedDescendantsMap::positionedRenderers):
741         (WebCore::positionedDescendantsMap):
742         (WebCore::removeBlockFromPercentageDescendantAndContainerMaps):
743         (WebCore::RenderBlock::~RenderBlock):
744         (WebCore::RenderBlock::positionedObjects):
745         (WebCore::RenderBlock::insertPositionedObject):
746         (WebCore::RenderBlock::removePositionedObject):
747         (WebCore::RenderBlock::addPercentHeightDescendant):
748         (WebCore::RenderBlock::removePercentHeightDescendant):
749         (WebCore::RenderBlock::percentHeightDescendants):
750         (WebCore::RenderBlock::checkPositionedObjectsNeedLayout):
751         (WebCore::removeBlockFromDescendantAndContainerMaps): Deleted.
752         * rendering/RenderBlock.h:
753
754 2016-06-15  David Kilzer  <ddkilzer@apple.com>
755
756         Move SoftLinking.h to platform/cococa from platform/mac
757         <https://webkit.org/b/158825>
758
759         Reviewed by Andy Estes.
760
761         * PlatformMac.cmake: Update for new directory.
762         * WebCore.xcodeproj/project.pbxproj: Ditto.
763         * platform/cocoa/SoftLinking.h: Renamed from Source/WebCore/platform/mac/SoftLinking.h.
764
765 2016-06-15  Chris Dumez  <cdumez@apple.com>
766
767         [Cocoa] Clean up / optimize ResourceResponse::platformLazyInit(InitLevel)
768         https://bugs.webkit.org/show_bug.cgi?id=158809
769
770         Reviewed by Darin Adler.
771
772         Clean up / optimize ResourceResponse::platformLazyInit(InitLevel).
773
774         * platform/network/HTTPParsers.cpp:
775         (WebCore::extractReasonPhraseFromHTTPStatusLine):
776         * platform/network/HTTPParsers.h:
777         Have extractReasonPhraseFromHTTPStatusLine() return an AtomicString as the
778         Reason is stored as an AtomicString on ResourceResponse. Have the
779         implementation use StringView::subString()::toAtomicString().
780
781         * platform/network/cocoa/ResourceResponseCocoa.mm:
782         (WebCore::stripLeadingAndTrailingDoubleQuote):
783         Move the stripLeadingAndTrailingDoubleQuote logic from platformLazyInit()
784         to its own function. Have it use StringView::subString()::toAtomicString()
785         to avoid unnecessarily atomizing the textEncodingName that has surrounding
786         double-quotes.
787
788         (WebCore::initializeHTTPHeaders):
789         Move HTTP headers initialization to its own function for clarity.
790
791         (WebCore::extractHTTPStatusText):
792         Move HTTP status Text extraction to its own function for clarity.
793
794         (WebCore::ResourceResponse::platformLazyInit):
795         - The function is streamlined a bit because most of the logic was moved
796           into separate functions.
797         - Drop unnecessary (initLevel >= CommonFieldsOnly) check in the first
798           if case and replace with an assertion. This function is always called
799           with CommonFieldsOnly or above (AllFields).
800         - Drop unnecessary (m_initLevel < AllFields) check in the second if
801           case as this is always true. If not, we would have returned early
802           at the beginning of the function when checking
803           m_initLevel >= initLevel.
804         - Use AutodrainedPool instead of NSAutoreleasePool for convenience and have
805           only 1 pool instead of 2.
806         - Drop unnecessary copyNSURLResponseStatusLine() function and call directly
807           CFHTTPMessageCopyResponseStatusLine() since we already have a
808           CFHTTPMessageRef at the call site.
809
810 2016-06-15  Tim Horton  <timothy_horton@apple.com>
811
812         <attachment> elements jump around a lot around when subtitle text changes slightly
813         https://bugs.webkit.org/show_bug.cgi?id=158818
814         <rdar://problem/24450270>
815
816         Reviewed by Simon Fraser.
817
818         Test: fast/attachment/attachment-subtitle-resize.html
819
820         * rendering/RenderAttachment.cpp:
821         (WebCore::RenderAttachment::layout):
822         * rendering/RenderAttachment.h:
823         * rendering/RenderThemeMac.mm:
824         (WebCore::AttachmentLayout::AttachmentLayout):
825         (WebCore::RenderThemeMac::paintAttachment):
826         In order to avoid changes to the centered subtitle text causing the whole
827         attachment to bounce around a lot, make it so that attachment width can only
828         increase, never decrease, and round the subtitle's width up to the nearest
829         increment of 10px when determining its affect on the whole element's width.
830         Also, center the attachment in its element, instead of left-aligning it,
831         so that the extra width we may have is evenly distributed between the two sides.
832
833 2016-06-15  Ryan Haddad  <ryanhaddad@apple.com>
834
835         Reset bindings test results after r202105
836
837         Unreviewed test gardening.
838
839         * bindings/scripts/test/JS/JSTestObj.cpp:
840
841 2016-06-15  Adam Bergkvist  <adam.bergkvist@ericsson.com>
842
843         WebRTC: (Refactor) Align the structure of RTCPeerConnection.idl with the header file
844         https://bugs.webkit.org/show_bug.cgi?id=158779
845
846         Reviewed by Eric Carlson.
847
848         Restructure RTCPeerConnection.idl to make it easer to read and extend in the future.
849
850         No change in behavior.
851
852         * Modules/mediastream/RTCPeerConnection.idl:
853
854 2016-06-15  Chris Dumez  <cdumez@apple.com>
855
856         Drop some unnecessary header includes
857         https://bugs.webkit.org/show_bug.cgi?id=158788
858
859         Reviewed by Alexey Proskuryakov.
860
861         Drop some unnecessary header includes in headers to speed up build time.
862
863         * Modules/encryptedmedia/MediaKeySession.cpp:
864         * Modules/gamepad/GamepadManager.cpp:
865         * Modules/indexeddb/IDBDatabase.cpp:
866         * Modules/indexeddb/IDBOpenDBRequest.cpp:
867         * Modules/indexeddb/IDBRequest.cpp:
868         * Modules/indexeddb/IDBTransaction.cpp:
869         * Modules/mediasource/MediaSource.cpp:
870         * Modules/mediasource/SourceBuffer.cpp:
871         * Modules/mediasource/SourceBufferList.cpp:
872         * Modules/mediastream/MediaStream.cpp:
873         * Modules/mediastream/MediaStreamTrack.cpp:
874         * Modules/speech/SpeechSynthesis.cpp:
875         * Modules/webaudio/AudioScheduledSourceNode.cpp:
876         * Modules/webaudio/ScriptProcessorNode.cpp:
877         * bindings/scripts/CodeGeneratorJS.pm:
878         (GenerateImplementation):
879         * dom/CharacterData.cpp:
880         * dom/ContainerNode.cpp:
881         * dom/DOMNamedFlowCollection.cpp:
882         * dom/DeviceMotionController.cpp:
883         * dom/DeviceOrientationController.cpp:
884         * dom/Document.cpp:
885         * dom/Document.h:
886         * dom/DocumentEventQueue.cpp:
887         * dom/DocumentOrderedMap.h:
888         * dom/Element.cpp:
889         * dom/Event.cpp:
890         * dom/EventDispatcher.cpp:
891         * dom/EventTarget.cpp:
892         * dom/EventTarget.h:
893         * dom/KeyboardEvent.cpp:
894         * dom/MessageEvent.cpp:
895         * dom/MessagePort.cpp:
896         * dom/ScriptElement.cpp:
897         * dom/ScriptExecutionContext.cpp:
898         * dom/ScriptExecutionContext.h:
899         * dom/SecurityContext.h:
900         * dom/SimulatedClick.cpp:
901         * dom/TextEvent.cpp:
902         * dom/WebKitNamedFlow.cpp:
903         * editing/FrameSelection.cpp:
904         * fileapi/FileReader.cpp:
905         * html/HTMLLinkElement.cpp:
906         * html/HTMLPlugInImageElement.cpp:
907         * html/HTMLStyleElement.cpp:
908         * html/HTMLSummaryElement.cpp:
909         * html/HTMLTrackElement.cpp:
910         * html/HTMLVideoElement.cpp:
911         * html/InputType.cpp:
912         * html/MediaController.cpp:
913         * html/TextFieldInputType.cpp:
914         * html/canvas/WebGLRenderingContextBase.cpp:
915         * html/parser/HTMLScriptRunner.cpp:
916         * html/shadow/MediaControlElementTypes.cpp:
917         * html/shadow/MediaControls.cpp:
918         * html/shadow/MediaControlsApple.cpp:
919         * html/shadow/SliderThumbElement.cpp:
920         * html/shadow/mac/ImageControlsButtonElementMac.cpp:
921         * inspector/InspectorIndexedDBAgent.cpp:
922         * loader/DocumentLoader.cpp:
923         * loader/ImageLoader.cpp:
924         * loader/PolicyChecker.cpp:
925         * mathml/MathMLSelectElement.cpp:
926         * page/DOMWindow.h:
927         * page/EventSource.cpp:
928         * page/FrameView.cpp:
929         * page/Performance.cpp:
930         * page/csp/ContentSecurityPolicy.cpp:
931         * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
932         * platform/network/HTTPHeaderMap.h:
933         * platform/network/ResourceHandle.cpp:
934         * rendering/RenderEmbeddedObject.cpp:
935         * rendering/RenderSnapshottedPlugIn.cpp:
936         * svg/SVGSVGElement.cpp:
937         * svg/SVGUseElement.cpp:
938         * svg/animation/SVGSMILElement.cpp:
939         * workers/WorkerGlobalScope.h:
940         * xml/XMLHttpRequest.cpp:
941         * xml/XMLHttpRequestProgressEventThrottle.cpp:
942         * xml/XMLHttpRequestUpload.cpp:
943
944 2016-06-15  Antti Koivisto  <antti@apple.com>
945
946         GoogleMaps transit schedule explorer comes up blank initially
947         https://bugs.webkit.org/show_bug.cgi?id=158803
948         rdar://problem/25818080
949
950         Reviewed by Andreas Kling.
951
952         In case we had something like
953
954         .foo bar { ... }
955
956         and later a new stylesheet was added dynamically that contained
957
958         .foo baz { ... }
959
960         we would fail to add the new rules to the descendant invalidation rule sets for ".foo". This could
961         cause some style invalidations to be missed.
962
963         * css/DocumentRuleSets.cpp:
964         (WebCore::DocumentRuleSets::collectFeatures):
965
966         Reset the ancestorClassRules and ancestorAttributeRulesForHTML rule set caches when new style sheets
967         are added (==collectFeatures is called).
968
969 2016-06-15  Javier Fernandez  <jfernandez@igalia.com>
970
971         [css-sizing] Item borders are missing with 'min-width:-webkit-fill-available' and zero available width
972         https://bugs.webkit.org/show_bug.cgi?id=158258
973
974         Reviewed by Darin Adler.
975
976         The "fill-available" size is defined as the containing block's size less
977         the box's border and padding size. However, when used for min-width we
978         should ensure we don't get negative values as result of logical width
979         computation.
980
981         http://www.w3.org/TR/css-sizing-3/#fill-available-sizing
982
983         This patch ensure fill-available value computed value will be always
984         greater than box's boder and padding width.
985
986         Test: fast/css-intrinsic-dimensions/fill-available-with-zero-width.html
987
988         * rendering/RenderBox.cpp:
989         (WebCore::RenderBox::computeIntrinsicLogicalWidthUsing):
990
991 2016-06-15  Alex Christensen  <achristensen@webkit.org>
992
993         Fix 2d canvas transform after r192900
994         https://bugs.webkit.org/show_bug.cgi?id=158725
995         rdar://problem/26774230
996
997         Reviewed by Dean Jackson.
998
999         Test: fast/canvas/canvas-transform-inverse.html
1000
1001         * html/canvas/CanvasRenderingContext2D.cpp:
1002         (WebCore::CanvasRenderingContext2D::transform):
1003         r192900 was intended to have no change in behavior, but I made a typo.
1004         We need to apply the inverse of the original transform to the path to be correct.
1005         This affects transforms applied to the canvas during the creation of a path.
1006
1007 2016-06-15  Eric Carlson  <eric.carlson@apple.com>
1008
1009         [iOS] Make HTMLMediaElement.muted mutable
1010         https://bugs.webkit.org/show_bug.cgi?id=158787
1011         <rdar://problem/24452567>
1012
1013         Reviewed by Dean Jackson.
1014
1015         Tests: media/audio-playback-restriction-removed-muted.html
1016                media/audio-playback-restriction-removed-track-enabled.html
1017
1018         * html/HTMLMediaElement.cpp:
1019         (WebCore::HTMLMediaElement::audioTrackEnabledChanged): Remove most behavior restrictions if
1020           the track state was changed as a result of a user gesture.
1021         (WebCore::HTMLMediaElement::setMuted): Ditto.
1022         (WebCore::HTMLMediaElement::removeBehaviorsRestrictionsAfterFirstUserGesture): Add mask 
1023           parameter so caller can choose which restrictions are removed.
1024         * html/HTMLMediaElement.h:
1025
1026         * html/MediaElementSession.cpp:
1027         (WebCore::restrictionName): Drive-by fix: remove duplicate label.
1028         * html/MediaElementSession.h:
1029
1030         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
1031         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
1032         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayer): Set muted on AVPlayer if setMuted
1033           was called before the player was created.
1034         (WebCore::MediaPlayerPrivateAVFoundationObjC::setVolume): Drive-by fix: return early if there
1035           is no AVPlayer, not if we won't have metadata yet.
1036         (WebCore::MediaPlayerPrivateAVFoundationObjC::setMuted): New.
1037
1038 2016-06-15  Romain Bellessort  <romain.bellessort@crf.canon.fr>
1039
1040         Enabling Shadow DOM for all platforms
1041         https://bugs.webkit.org/show_bug.cgi?id=158738
1042
1043         Reviewed by Ryosuke Niwa.
1044
1045         No new tests (no new behavior to be tested).
1046
1047         Removed Shadow DOM from options (enabled by default)
1048         (comprises removal of corresponding preprocessor directives)
1049
1050         * Configurations/FeatureDefines.xcconfig:
1051         * DerivedSources.make:
1052         * bindings/generic/RuntimeEnabledFeatures.h:
1053         * bindings/js/JSDocumentFragmentCustom.cpp:
1054         * bindings/js/JSNodeCustom.cpp:
1055         * css/CSSGrammar.y.in:
1056         * css/CSSParser.cpp:
1057         * css/CSSParserValues.cpp:
1058         * css/CSSParserValues.h:
1059         * css/CSSSelector.cpp:
1060         * css/CSSSelector.h:
1061         * css/ElementRuleCollector.cpp:
1062         * css/ElementRuleCollector.h:
1063         * css/RuleSet.cpp:
1064         * css/RuleSet.h:
1065         * css/SelectorChecker.cpp:
1066         * css/SelectorChecker.h:
1067         * css/SelectorPseudoClassAndCompatibilityElementMap.in:
1068         * css/StyleResolver.cpp:
1069         * cssjit/SelectorCompiler.cpp:
1070         * dom/ComposedTreeAncestorIterator.h:
1071         * dom/ComposedTreeIterator.cpp:
1072         * dom/ComposedTreeIterator.h:
1073         * dom/ContainerNode.cpp:
1074         * dom/Document.cpp:
1075         * dom/Document.h:
1076         * dom/Element.cpp:
1077         * dom/Element.h:
1078         * dom/Element.idl:
1079         * dom/Event.idl:
1080         * dom/EventPath.cpp:
1081         * dom/Node.cpp:
1082         * dom/Node.h:
1083         * dom/NonDocumentTypeChildNode.idl:
1084         * dom/ShadowRoot.cpp:
1085         * dom/ShadowRoot.h:
1086         * dom/ShadowRoot.idl:
1087         * dom/SlotAssignment.cpp:
1088         * dom/SlotAssignment.h:
1089         * html/HTMLSlotElement.cpp:
1090         * html/HTMLSlotElement.h:
1091         * html/HTMLSlotElement.idl:
1092         * html/HTMLTagNames.in:
1093         * page/FocusController.cpp:
1094         * style/StyleSharingResolver.cpp:
1095         * style/StyleTreeResolver.cpp:
1096
1097 2016-06-15  Andreas Kling  <akling@apple.com>
1098
1099         [Cocoa] Add two notify listeners for poking the garbage collector.
1100         <https://webkit.org/b/158783>
1101
1102         Reviewed by Antti Koivisto.
1103
1104         Add two new notify listeners:
1105
1106         - com.apple.WebKit.fullGC
1107
1108             Trigger a full garbage collection in the main WebCore VM immediately.
1109
1110         - com.apple.WebKit.deleteAllCode
1111
1112             Throw away all of JSC's linked and unlinked code, and do a full GC.
1113
1114         These will make it easier to diagnose memory growth issues by having a lever that
1115         eliminates many of the large object graphs without going after behavior-changing things
1116         like the memory cache.
1117
1118         * platform/MemoryPressureHandler.cpp:
1119         (WebCore::MemoryPressureHandler::platformInitialize):
1120         * platform/MemoryPressureHandler.h:
1121         * platform/cocoa/MemoryPressureHandlerCocoa.mm:
1122         (WebCore::MemoryPressureHandler::platformInitialize):
1123
1124 2016-06-15  Antti Koivisto  <antti@apple.com>
1125
1126         Vary:Cookie validation doesn't work in private browsing
1127         https://bugs.webkit.org/show_bug.cgi?id=158616
1128         <rdar://problem/26755067>
1129
1130         Reviewed by Andreas Kling.
1131
1132         There wasn't a way to get cookie based on SessionID from WebCore.
1133
1134         * platform/CookiesStrategy.h:
1135
1136             Add a cookie retrival function that takes SessionID instead of NetworkStorageSession.
1137
1138         * platform/network/CacheValidation.cpp:
1139         (WebCore::headerValueForVary):
1140
1141             Use it.
1142
1143         (WebCore::verifyVaryingRequestHeaders):
1144
1145 2016-06-15  Per Arne Vollan  <pvollan@apple.com>
1146
1147         [Win] The test accessibility/selected-text-range-aria-elements.html is failing.
1148         https://bugs.webkit.org/show_bug.cgi?id=158732
1149
1150         Reviewed by Brent Fulgham.
1151
1152         Implement support for getting selected text range.
1153
1154         * accessibility/win/AccessibilityObjectWrapperWin.cpp:
1155         (WebCore::AccessibilityObjectWrapper::accessibilityAttributeValue):
1156
1157 2016-06-14  Myles C. Maxfield  <mmaxfield@apple.com>
1158
1159         Addressing post-review comments after r201971
1160         https://bugs.webkit.org/show_bug.cgi?id=158450
1161
1162         Unreviewed.
1163
1164         * css/CSSFontFaceSet.cpp:
1165         (WebCore::CSSFontFaceSet::add):
1166         (WebCore::CSSFontFaceSet::remove):
1167
1168 2016-06-14  Myles C. Maxfield  <mmaxfield@apple.com>
1169
1170         Honor bidi unicode codepoints
1171         https://bugs.webkit.org/show_bug.cgi?id=149170
1172         <rdar://problem/26527378>
1173
1174         Reviewed by Simon Fraser.
1175
1176         BidiResolver doesn't have any concept of isolate Unicode code points, so produces
1177         unexpected output when they are present. Fix by considering such code points as
1178         whitespace in the bidi algorithm. This is a stop-gap measure until we can support
1179         the codepoints fully in our Bidi algorithm.
1180
1181         Test: fast/text/isolate-ignore.html
1182
1183         * platform/graphics/Font.cpp:
1184         (WebCore::createAndFillGlyphPage):
1185         * platform/text/BidiResolver.h:
1186         (WebCore::Subclass>::createBidiRunsForLine):
1187
1188 2016-06-14  Antoine Quint  <graouts@apple.com>
1189
1190         [iOS] Play glyph is pixelated when the page zoom is large
1191         https://bugs.webkit.org/show_bug.cgi?id=158770
1192         <rdar://problem/26092124>
1193
1194         Reviewed by Dean Jackson.
1195
1196         Use the same technique that we use to scale the video controls by using a combination
1197         of CSS "zoom" and "transform" properties to have the video play glyph scaled at its
1198         native size regardless of page zoom.
1199
1200         * Modules/mediacontrols/mediaControlsiOS.js:
1201         (ControllerIOS.prototype.set pageScaleFactor):
1202
1203 2016-06-14  Chris Dumez  <cdumez@apple.com>
1204
1205         Regression(r201534): Compile time greatly regressed
1206         https://bugs.webkit.org/show_bug.cgi?id=158765
1207         <rdar://problem/26587342>
1208
1209         Reviewed by Darin Adler.
1210
1211         Compile time greatly regressed by r201534 due to Document.h now including
1212         TextAutoSizing.h. Move the TextAutoSizingTraits back to Document.h to
1213         restore pre-r201534 behavior.
1214
1215         * WebCore.xcodeproj/project.pbxproj:
1216         * dom/Document.cpp:
1217         (WebCore::TextAutoSizingTraits::constructDeletedValue):
1218         (WebCore::TextAutoSizingTraits::isDeletedValue):
1219         * dom/Document.h:
1220         * rendering/TextAutoSizing.h:
1221         (WebCore::TextAutoSizingTraits::constructDeletedValue): Deleted.
1222         (WebCore::TextAutoSizingTraits::isDeletedValue): Deleted.
1223
1224 2016-06-14  Antoine Quint  <graouts@apple.com>
1225
1226         Inline media controls cut off PiP and fullscreen buttons on cnn.com
1227         https://bugs.webkit.org/show_bug.cgi?id=158766
1228         <rdar://problem/24175161>
1229
1230         Reviewed by Dean Jackson.
1231
1232         The display of the picture-in-picture and fullscreen buttons are dependent on the availability
1233         of video tracks through a call to hasVideo(). We need to ensure that the display properties of
1234         both those buttons are updated when the number of video tracks has changed since the controls
1235         may be populated prior to the availability of video tracks.
1236
1237         * Modules/mediacontrols/mediaControlsApple.js:
1238         (Controller.prototype.updateHasVideo):
1239
1240 2016-06-14  Joseph Pecoraro  <pecoraro@apple.com>
1241
1242         Web Inspector: Rename Timeline.setAutoCaptureInstruments to Timeline.setInstruments
1243         https://bugs.webkit.org/show_bug.cgi?id=158762
1244
1245         Reviewed by Timothy Hatcher.
1246
1247         Test: inspector/timeline/setInstruments-errors.html
1248
1249         * inspector/InspectorTimelineAgent.cpp:
1250         (WebCore::InspectorTimelineAgent::willDestroyFrontendAndBackend):
1251         (WebCore::InspectorTimelineAgent::setInstruments):
1252         (WebCore::InspectorTimelineAgent::mainFrameStartedLoading):
1253         (WebCore::InspectorTimelineAgent::setAutoCaptureInstruments): Deleted.
1254         * inspector/InspectorTimelineAgent.h:
1255
1256 2016-06-14  Dean Jackson  <dino@apple.com>
1257
1258         decompose4 return value is unchecked, leading to potentially uninitialized data.
1259         https://bugs.webkit.org/show_bug.cgi?id=158761
1260         <rdar://problem/17526268>
1261
1262         Reviewed by Simon Fraser.
1263
1264         WebCore::decompose4 could return early without initializing data.
1265         I now initialize it, but I also started checking the return
1266         value at all the call sites to make sure everything is sensible.
1267
1268         Test: transforms/undecomposable.html
1269
1270         * platform/graphics/transforms/PerspectiveTransformOperation.cpp:
1271         (WebCore::PerspectiveTransformOperation::blend):
1272         * platform/graphics/transforms/RotateTransformOperation.cpp:
1273         (WebCore::RotateTransformOperation::blend):
1274         * platform/graphics/transforms/TransformationMatrix.cpp:
1275         (WebCore::decompose4):
1276         (WebCore::TransformationMatrix::blend4):
1277         * platform/graphics/transforms/TransformationMatrix.h:
1278
1279 2016-06-14  Benjamin Poulain  <bpoulain@apple.com>
1280
1281         Add the unprefixed version of the pseudo element ::placeholder
1282         https://bugs.webkit.org/show_bug.cgi?id=158653
1283
1284         Reviewed by Dean Jackson.
1285
1286         Test: fast/forms/placeholder-pseudo-element-with-webkit-prefix.html
1287
1288         The pseudo element ::-webkit-input-placeholder is stupidly popular
1289         which forces other engines to support this exact name.
1290
1291         The pseudo-element spec provides a new standard name we can adopt
1292         to drop the prefix: https://drafts.csswg.org/css-pseudo-4/#placeholder-pseudo
1293
1294         This patch does just that, make ::placeholder the standard name to select
1295         the placeholder element in the shadow dom of input elements.
1296
1297         Unlike pseudo classes, we did not have any support for prefixes and aliasing.
1298         I want to keep the absurdly efficient matching we currently use for styling
1299         because style updates are more common than stylesheet updates.
1300         With that constraint in mind, the value of CSSSelector has to be the unprefixed
1301         version for both forms of input.
1302
1303         This leaves us with the problem of displaying the CSSSelector for CSSOM.
1304         To differentiate the legacy form from the standard form, I added
1305         a new type of PseudoElement: PseudoElementWebKitCustomLegacyPrefixed.
1306         When parsing, PseudoElementWebKitCustomLegacyPrefixed let us replace
1307         the original value "-webkit-input-placeholder" by the standard value.
1308         When creating the selectorText for CSSOM, PseudoElementWebKitCustomLegacyPrefixed
1309         let us replace the standard for by the legacy form.
1310
1311         * css/CSSParserValues.cpp:
1312         (WebCore::CSSParserSelector::parsePseudoElementSelector):
1313         * css/CSSSelector.cpp:
1314         (WebCore::CSSSelector::pseudoId):
1315         (WebCore::CSSSelector::selectorText):
1316         * css/CSSSelector.h:
1317         (WebCore::CSSSelector::isCustomPseudoElement):
1318         (WebCore::CSSSelector::isWebKitCustomPseudoElement):
1319         * css/SelectorChecker.cpp:
1320         (WebCore::SelectorChecker::matchRecursively):
1321         * css/SelectorPseudoElementTypeMap.in:
1322         * css/html.css:
1323         (::placeholder):
1324         (input::placeholder, isindex::placeholder):
1325         (textarea::placeholder):
1326         (::-webkit-input-placeholder): Deleted.
1327         (input::-webkit-input-placeholder, isindex::-webkit-input-placeholder): Deleted.
1328         (textarea::-webkit-input-placeholder): Deleted.
1329         * features.json:
1330         * html/shadow/TextControlInnerElements.cpp:
1331         (WebCore::TextControlPlaceholderElement::TextControlPlaceholderElement):
1332
1333 2016-06-14  Doug Russell  <d_russell@apple.com>
1334
1335         AX: Form label text should be exposed as static text if it contains only static text
1336         https://bugs.webkit.org/show_bug.cgi?id=158634
1337
1338         Reviewed by Chris Fleizach.
1339
1340         Use AccessibilityLabel to represent HTMLLabelElement to assistive technology.
1341         AccessibilityLabel::containsOnlyStaticText() searches label subtree to evaluate 
1342         if all children are static text.
1343         AccessibilityLabel::stringValue() consults containsOnlyStaticText() and returns
1344         textUnderElement() if true.
1345         WebAccessibilityObjectWrapperMac consults containsOnlyStaticText() and substitutes
1346         StaticTextRole for LabelRole if true.
1347         Cache containsOnlyStaticText() in the common case when updating children.
1348
1349         Tests: accessibility/mac/label-element-all-text-string-value.html
1350                accessibility/mac/label-element-with-link-string-value.html
1351
1352         * CMakeLists.txt:
1353         * WebCore.xcodeproj/project.pbxproj:
1354         * accessibility/AXObjectCache.cpp:
1355         (WebCore::createFromRenderer):
1356         * accessibility/AccessibilityAllInOne.cpp:
1357         * accessibility/AccessibilityLabel.cpp: Added.
1358         (WebCore::AccessibilityLabel::AccessibilityLabel):
1359         (WebCore::AccessibilityLabel::~AccessibilityLabel):
1360         (WebCore::AccessibilityLabel::create):
1361         (WebCore::AccessibilityLabel::computeAccessibilityIsIgnored):
1362         (WebCore::AccessibilityLabel::stringValue):
1363         (WebCore::childrenContainOnlyStaticText):
1364         (WebCore::AccessibilityLabel::containsOnlyStaticText):
1365         (WebCore::AccessibilityLabel::updateChildrenIfNecessary):
1366         (WebCore::AccessibilityLabel::clearChildren):
1367         (WebCore::AccessibilityLabel::insertChild):
1368         * accessibility/AccessibilityLabel.h: Added.
1369         * accessibility/AccessibilityObject.h:
1370         (WebCore::AccessibilityObject::isLabel):
1371         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
1372         (-[WebAccessibilityObjectWrapper role]):
1373
1374 2016-06-14  Commit Queue  <commit-queue@webkit.org>
1375
1376         Unreviewed, rolling out r202057.
1377         https://bugs.webkit.org/show_bug.cgi?id=158749
1378
1379         This change broke the Windows build. (Requested by ryanhaddad
1380         on #webkit).
1381
1382         Reverted changeset:
1383
1384         "Honor bidi unicode codepoints"
1385         https://bugs.webkit.org/show_bug.cgi?id=149170
1386         http://trac.webkit.org/changeset/202057
1387
1388 2016-06-14  Myles C. Maxfield  <mmaxfield@apple.com>
1389
1390         Honor bidi unicode codepoints
1391         https://bugs.webkit.org/show_bug.cgi?id=149170
1392         <rdar://problem/26527378>
1393
1394         Reviewed by Simon Fraser.
1395
1396         BidiResolver doesn't have any concept of isolate Unicode code points, so produces
1397         unexpected output when they are present. Fix by considering such code points as
1398         whitespace in the bidi algorithm. This is a stop-gap measure until we can support
1399         the codepoints fully in our Bidi algorithm.
1400
1401         Test: fast/text/isolate-ignore.html
1402
1403         * platform/graphics/Font.cpp:
1404         (WebCore::createAndFillGlyphPage):
1405         * platform/text/BidiResolver.h:
1406         (WebCore::Subclass>::createBidiRunsForLine):
1407
1408 2016-06-14  Commit Queue  <commit-queue@webkit.org>
1409
1410         Unreviewed, rolling out r200455.
1411         https://bugs.webkit.org/show_bug.cgi?id=158740
1412
1413         hangs twitter/facebook (Requested by mcatanzaro on #webkit).
1414
1415         Reverted changeset:
1416
1417         "[GStreamer] Adaptive streaming issues"
1418         https://bugs.webkit.org/show_bug.cgi?id=144040
1419         http://trac.webkit.org/changeset/200455
1420
1421 2016-06-14  Nael Ouedraogo  <nael.ouedraogo@crf.canon.fr>
1422
1423         WebRTC: RTCPeerConnection::addTrack() should throw InvalidAccessError instead of InvalidModificationError.
1424         https://bugs.webkit.org/show_bug.cgi?id=158735
1425
1426         Reviewed by Eric Carlson.
1427
1428         Throw InvalidAccessError instead of InvalidModificationError when track already exists in connection's
1429         set of senders as per specification (https://w3c.github.io/webrtc-pc/#dom-rtcpeerconnection-addtrack).
1430
1431         Updated existing test results: fast/mediastream/RTCPeerConnection-add-removeTrack-expected.txt
1432
1433         * Modules/mediastream/RTCPeerConnection.cpp:
1434         (WebCore::RTCPeerConnection::addTrack):
1435
1436 2016-06-14  Adam Bergkvist  <adam.bergkvist@ericsson.com>
1437
1438         WebRTC: Imlement MediaEndpointPeerConnection::addIceCandidate()
1439         https://bugs.webkit.org/show_bug.cgi?id=158690
1440
1441         Reviewed by Eric Carlson.
1442
1443         Implement MediaEndpointPeerConnection::addIceCandidate() that is the MediaEndpoint
1444         implementation of RTCPeerConnection.addIceCandidate() [1].
1445
1446         [1] https://w3c.github.io/webrtc-pc/archives/20160513/webrtc.html#dom-peerconnection-addicecandidate
1447
1448         Test: fast/mediastream/RTCPeerConnection-addIceCandidate.html
1449
1450         * Modules/mediastream/MediaEndpointPeerConnection.cpp:
1451         (WebCore::MediaEndpointPeerConnection::addIceCandidate):
1452         (WebCore::MediaEndpointPeerConnection::addIceCandidateTask):
1453         Implemented.
1454         * Modules/mediastream/MediaEndpointPeerConnection.h:
1455         * platform/mediastream/MediaEndpoint.h:
1456         Use mid instead of mdescIndex to identify the target media description in the backend.
1457         * platform/mock/MockMediaEndpoint.cpp:
1458         Update mock method signature accordingly.
1459         (WebCore::MockMediaEndpoint::addRemoteCandidate):
1460         * platform/mock/MockMediaEndpoint.h:
1461
1462 2016-06-14  Zalan Bujtas  <zalan@apple.com>
1463
1464         Make RenderBlock::insertInto/RemoveFromTrackedRendererMaps functions static.
1465         https://bugs.webkit.org/show_bug.cgi?id=158722
1466
1467         Reviewed by Simon Fraser.
1468
1469         These functions manipulate static tracker hashmaps. They don't need to be on RenderBlock.
1470         This is also in preparation for decoupling positioned descendant tracking from descendent percentage height handling.
1471         (gPositionedDescendantsMap and gPercentHeightDescendantsMap) 
1472
1473         No change in functionality.
1474
1475         * rendering/RenderBlock.cpp:
1476         (WebCore::insertIntoTrackedRendererMaps):
1477         (WebCore::removeFromTrackedRendererMaps):
1478         (WebCore::removeBlockFromDescendantAndContainerMaps):
1479         (WebCore::RenderBlock::insertPositionedObject):
1480         (WebCore::RenderBlock::addPercentHeightDescendant):
1481         (WebCore::RenderBlock::insertIntoTrackedRendererMaps): Deleted.
1482         (WebCore::RenderBlock::removeFromTrackedRendererMaps): Deleted.
1483         * rendering/RenderBlock.h:
1484
1485 2016-06-14  Adam Bergkvist  <adam.bergkvist@ericsson.com>
1486
1487         WebRTC: Add media setup test where media is set up in one direction at a time
1488         https://bugs.webkit.org/show_bug.cgi?id=158691
1489
1490         Reviewed by Eric Carlson.
1491
1492         Add test for setting up media in one direction at a time. This requires a change in sdp.js
1493         to allow an SDP that doesn't contain a stream id or track id (representing
1494         a track being sent). In this test, the first answer doesn't contain any sending media.
1495
1496         Test: fast/mediastream/RTCPeerConnection-media-setup-two-dialogs.html
1497
1498         * Modules/mediastream/sdp.js:
1499
1500 2016-06-14  Chris Dumez  <cdumez@apple.com>
1501
1502         [Cocoa] Avoid extra copy of headers dictionary in ResourceResponse::platformLazyInit()
1503         https://bugs.webkit.org/show_bug.cgi?id=158717
1504
1505         Reviewed by Alex Christensen.
1506
1507         Avoid extra copy of headers dictionary in ResourceResponse::platformLazyInit() by
1508         calling CFHTTPMessageCopyAllHeaderFields() instead of [NSURLResponse allHeaderFields].
1509
1510         CFHTTPMessageCopyAllHeaderFields() creates only 1 copy while
1511         [NSURLResponse allHeaderFields] creates 2 (see <rdar://problem/26778863>).
1512
1513         * platform/network/cocoa/ResourceResponseCocoa.mm:
1514         (WebCore::addToHTTPHeaderMap):
1515         (WebCore::ResourceResponse::platformLazyInit):
1516
1517 2016-06-14  David Kilzer  <ddkilzer@apple.com>
1518
1519         REGRESSION (r151608): Leak of QTMovieLayer or AVPlayerLayer in -[WebVideoFullscreenController setVideoElement:]
1520         <https://webkit.org/b/158729>
1521
1522         Reviewed by Eric Carlson.
1523
1524         * platform/mac/WebVideoFullscreenController.mm:
1525         (-[WebVideoFullscreenController setVideoElement:]): Use
1526         RetainPtr<> to prevent leaks.
1527         * platform/mac/WebVideoFullscreenHUDWindowController.mm:
1528         Drive-by fix to remove unused <wtf/RetainPtr.h> import.
1529
1530 2016-06-14  Nael Ouedraogo  <nael.ouedraogo@crf.canon.fr>
1531
1532         The vector of mediastreams should be passed via a reference to RTCPeerConnection::addTrack()
1533         https://bugs.webkit.org/show_bug.cgi?id=158701
1534
1535         Pass vector of mediastreams by reference.
1536
1537         Reviewed by Youenn Fablet.
1538
1539         * Modules/mediastream/RTCPeerConnection.cpp:
1540         (WebCore::RTCPeerConnection::addTrack):
1541         * Modules/mediastream/RTCPeerConnection.h:
1542
1543 2016-06-14  Ryosuke Niwa  <rniwa@webkit.org>
1544
1545         Crash inside firstPositionInNode in checkLoadCompleteForThisFrame
1546         https://bugs.webkit.org/show_bug.cgi?id=158724
1547
1548         Reviewed by Alex Christensen.
1549
1550         Added null checks for document and document element since they could be nullptr here.
1551
1552         * loader/FrameLoader.cpp:
1553         (WebCore::FrameLoader::checkLoadCompleteForThisFrame):
1554
1555 2016-06-13  Gavin & Ellie Barraclough  <barraclough@apple.com>
1556
1557         Remove hasStaticPropertyTable (part 3: JSLocation::putDelegate)
1558         https://bugs.webkit.org/show_bug.cgi?id=158431
1559
1560         Unreviewed build fix.
1561
1562         * bindings/js/JSLocationCustom.cpp:
1563         (WebCore::JSLocation::putDelegate):
1564
1565 2016-06-13  Gavin & Ellie Barraclough  <barraclough@apple.com>
1566
1567         Remove hasStaticPropertyTable (part 4: JSHTMLDocument & JSStorage)
1568         https://bugs.webkit.org/show_bug.cgi?id=158431
1569
1570         Reviewed by Chris Dumez.
1571
1572         All uses of hasStaticPropertyTable flag generated by bindings are wrong.
1573
1574         JSHTMLDocument & JSStorage contain a number of static_asserts claiming that
1575         various methods do not support static properties. These asserts were likely
1576         correct at the time they were added, as JSObject::getOwnPropertySlot and
1577         JSObject::deleteProperty did not support getting / deleting static value.
1578         This is no longer the case, and these asserts are now incorrect.
1579
1580         * bindings/js/JSHTMLDocumentCustom.cpp:
1581         (WebCore::JSHTMLDocument::getOwnPropertySlot):
1582         * bindings/js/JSStorageCustom.cpp:
1583         (WebCore::JSStorage::deleteProperty):
1584         (WebCore::JSStorage::deletePropertyByIndex):
1585         (WebCore::JSStorage::putDelegate):
1586             - remove incorrect static_asserts.
1587
1588 2016-06-13  Gavin & Ellie Barraclough  <barraclough@apple.com>
1589
1590         Remove hasStaticPropertyTable (part 3: JSLocation::putDelegate)
1591         https://bugs.webkit.org/show_bug.cgi?id=158431
1592
1593         Reviewed by Geoff Garen.
1594
1595         All uses of hasStaticPropertyTable flag generated by bindings are wrong.
1596
1597         JSLocation::putDelegate checks the static property table redundantly.
1598
1599         In the case of same origin access, if the property is not in the static
1600         table the method will call JSObject::put and return true (indicating the
1601         delegate handled the put). If the property is in the static table, the
1602         method will return false (indicating the the delegate did not handle the
1603         access) - in which case the calling function will call JSObject::put.
1604         Checking for the property in the static table is redundant - same origin
1605         access does not require any special handling, and should just always
1606         return false & let the caller handle the put.
1607
1608         In the case of cross origin access, if the property is not in the static
1609         table we return true (indicating the access was handled, and silently
1610         blocking it). If it is a static property, we check the name, and if the
1611         name is not 'href' we also return true, silently blocking. In the case
1612         that the name is 'href' we'll return false, indicating to the caller
1613         that the access was not handled by the delegate, resulting in it taking
1614         place. The additional check of the static table is redundant, since we
1615         only have special behaviour in the case of 'href'. (Moreover it is
1616         unnecesszarily fragile, since if we made a change such that 'href' was no
1617         longer implemented as a static property with would fail.)
1618
1619         - for same origin, always return false.
1620         - for cross origin, return false for 'href', otherwise return true.
1621
1622         * bindings/js/JSLocationCustom.cpp:
1623         (WebCore::JSLocation::putDelegate):
1624             - restructure & remove static table check.
1625
1626 2016-06-13  Gavin & Ellie Barraclough  <barraclough@apple.com>
1627
1628         Remove hasStaticPropertyTable (part 2: JSPluginElement)
1629         https://bugs.webkit.org/show_bug.cgi?id=158431
1630
1631         Reviewed by Chris Dumez.
1632
1633         All uses of hasStaticPropertyTable flag generated by bindings are wrong.
1634
1635         The check in pluginElementCustomGetOwnPropertySlot was somewhat dubious in the
1636         first place (for types with static properties it would give precedence to both
1637         static and also property storage properties; for types without static properties
1638         it would check neither - an odd asymetry in the case of values in the storage
1639         array, and was depending on an implementation detail that could change).
1640
1641         This is all now redundant anyway. None of these types have static properties.
1642         All properties are now corretcly on the prototype (which is handled appropriately
1643         below). This is just dead code.
1644
1645         * bindings/js/JSPluginElementFunctions.h:
1646         (WebCore::pluginElementCustomGetOwnPropertySlot):
1647             - remove dead code.
1648
1649 2016-06-13  Gavin & Ellie Barraclough  <barraclough@apple.com>
1650
1651         Remove hasStaticPropertyTable (part 1: DOM bindings)
1652         https://bugs.webkit.org/show_bug.cgi?id=158431
1653
1654         Reviewed by Chris Dumez.
1655
1656         All uses of hasStaticPropertyTable flag generated by bindings are wrong.
1657
1658         * bindings/js/JSDOMBinding.h:
1659         (WebCore::getStaticValueSlotEntryWithoutCaching): Deleted.
1660         (WebCore::getStaticValueSlotEntryWithoutCaching<JSDOMObject>): Deleted.
1661             - this method is not used anywhere.
1662
1663 2016-06-13  Adam Bergkvist  <adam.bergkvist@ericsson.com>
1664
1665         WebRTC: Imlement MediaEndpointPeerConnection::replaceTrack()
1666         https://bugs.webkit.org/show_bug.cgi?id=158688
1667
1668         Reviewed by Eric Carlson.
1669
1670         Implement MediaEndpointPeerConnection::replaceTrack() that is the MediaEndpoint implementation
1671         of RTCRtpSender.replaceTrack() [1].
1672
1673         [1] https://w3c.github.io/webrtc-pc/archives/20160513/webrtc.html#dom-rtcrtpsender-replacetrack
1674
1675         Updated fast/mediastream/RTCRtpSender-replaceTrack.html
1676
1677         * Modules/mediastream/MediaEndpointPeerConnection.cpp:
1678         (WebCore::MediaEndpointPeerConnection::replaceTrack):
1679         (WebCore::MediaEndpointPeerConnection::replaceTrackTask):
1680         Implemented.
1681         * Modules/mediastream/MediaEndpointPeerConnection.h:
1682         * Modules/mediastream/PeerConnectionBackend.h:
1683         * Modules/mediastream/RTCPeerConnection.cpp:
1684         (WebCore::RTCPeerConnection::replaceTrack):
1685         * Modules/mediastream/RTCPeerConnection.h:
1686         Move the MediaStreamTrack instance of sending a reference to it. This change is the main
1687         reason many files are touched by this change.
1688         * Modules/mediastream/RTCRtpSender.h:
1689         * Modules/mediastream/RTCRtpSender.idl:
1690         * platform/mediastream/MediaEndpoint.h:
1691         Use mid instead of mdescIndex to identify the media description in the backend.
1692         * platform/mock/MockMediaEndpoint.cpp:
1693         (WebCore::MockMediaEndpoint::replaceSendSource):
1694         * platform/mock/MockMediaEndpoint.h:
1695
1696 2016-06-13  Joseph Pecoraro  <pecoraro@apple.com>
1697
1698         window.onerror should pass the ErrorEvent's 'error' property as the 5th argument to the event handler
1699         https://bugs.webkit.org/show_bug.cgi?id=55092
1700         <rdar://problem/25731279>
1701
1702         Reviewed by Dean Jackson.
1703
1704         This includes the actual Error in window.error / ErrorEvent:
1705         https://html.spec.whatwg.org/multipage/webappapis.html#the-errorevent-interface
1706
1707         This is useful for scripts to be able to get an error stack
1708         from uncaught exceptions, by checking the error itself.
1709
1710         Tests: fast/events/window-onerror17.html
1711                http/tests/security/cross-origin-script-error-event-redirected.html
1712                http/tests/security/cross-origin-script-error-event.html
1713                http/tests/security/script-crossorigin-error-event-information.html
1714                http/tests/security/script-no-crossorigin-error-event-should-be-sanitized.html
1715                userscripts/window-onerror-for-isolated-world-3.html
1716
1717         * CMakeLists.txt:
1718         * WebCore.xcodeproj/project.pbxproj:
1719         * bindings/js/JSBindingsAllInOne.cpp:
1720         Add new custom error event file.
1721
1722         * bindings/js/JSDOMBinding.cpp:
1723         (WebCore::reportException):
1724         Include the JSC::Exception when reporting exceptions, so the error value is available.
1725         
1726         * bindings/js/JSErrorEventCustom.cpp:
1727         (WebCore::JSErrorEvent::error):
1728         Sanitized access to the ErrorEvent's error property to prevent leaking objects
1729         across isolated world boundaries. This is like CustomEvent's data property.
1730
1731         * bindings/js/JSErrorHandler.cpp:
1732         (WebCore::JSErrorHandler::handleEvent):
1733         * bindings/js/JSErrorHandler.h:
1734         Include the error object as the 4th argument to the window.onerror event handler.
1735
1736         * dom/ScriptExecutionContext.cpp:
1737         (WebCore::ScriptExecutionContext::sanitizeScriptError):
1738         (WebCore::ScriptExecutionContext::reportException):
1739         (WebCore::ScriptExecutionContext::dispatchErrorEvent):
1740         * dom/ScriptExecutionContext.h:
1741         Include the error object in the ErrorEvent constructed when dispatching error events.
1742
1743         * dom/ErrorEvent.cpp:
1744         (WebCore::ErrorEvent::ErrorEvent):
1745         (WebCore::ErrorEvent::sanitizedErrorValue):
1746         (WebCore::ErrorEvent::trySerializeError):
1747         * dom/ErrorEvent.h:
1748         * dom/ErrorEvent.idl:
1749         Include an any "error" property on the ErrorEvent, and allow it in initialization.
1750
1751         * bindings/js/WorkerScriptController.cpp:
1752         (WebCore::WorkerScriptController::evaluate):
1753         * workers/WorkerMessagingProxy.cpp:
1754         (WebCore::WorkerMessagingProxy::postExceptionToWorkerObject):
1755         Within the Worker world, the error is included in the event.
1756         When re-dispatching the error on the world object in the world that spawned the
1757         Worker the event does not include an error object. This matches other browsers
1758         right now, but could be improved to have the same cross world serialization
1759         as isolated worlds have with the error data.
1760
1761         * dom/CustomEvent.h:
1762         Remove unimplemented stale method.
1763
1764 2016-06-13  Dean Jackson  <dino@apple.com>
1765
1766         SVG elements don't blend correctly into HTML
1767         https://bugs.webkit.org/show_bug.cgi?id=158718
1768         <rdar://problem/26782004>
1769
1770         Reviewed by Antoine Quint.
1771
1772         We were not creating any transparency layers for the root SVG nodes.
1773         This is ok if the SVG is the root document, because it is the backdrop.
1774         However, if it is inline SVG, it needs to apply the operation in
1775         order to composite into the document.
1776
1777         Test: svg/css/mix-blend-mode-with-inline-svg.html
1778
1779         * rendering/RenderLayer.cpp:
1780         (WebCore::RenderLayer::beginTransparencyLayers):
1781
1782 2016-06-13  Brady Eidson  <beidson@apple.com>
1783
1784         storage/indexeddb/modern/leaks-1.html leaks the database connection handle.
1785         https://bugs.webkit.org/show_bug.cgi?id=158643
1786
1787         Reviewed by Alex Christensen.
1788
1789         Tested by changes to existing test.
1790
1791         * Modules/indexeddb/IDBDatabase.cpp:
1792         (WebCore::IDBDatabase::hasPendingActivity):
1793         
1794         * dom/EventTarget.h:
1795         (WebCore::EventTarget::eventTargetData):
1796         (WebCore::EventTarget::hasEventListeners):
1797
1798
1799 2016-06-13  Enrica Casucci  <enrica@apple.com>
1800
1801         REGRESSION(r201956): Failure to initialize new internal settings produced random test failures in release.
1802         https://bugs.webkit.org/show_bug.cgi?id=158713
1803         rdar://26769957
1804
1805         Reviewed by Simon Fraser.
1806
1807         Failed to initialize the new member variable in both Settings and InternalSettings classes.
1808
1809         * page/Settings.cpp:
1810         (WebCore::Settings::Settings):
1811         * testing/InternalSettings.cpp:
1812         (WebCore::InternalSettings::Backup::Backup):
1813
1814 2016-06-13  Chris Dumez  <cdumez@apple.com>
1815
1816         Drop HipChat hack introduced in r197548
1817         https://bugs.webkit.org/show_bug.cgi?id=158711
1818
1819         Reviewed by Geoffrey Garen.
1820
1821         Drop HipChat hack introduced in r197548. This hack is no longer needed
1822         as the bug was fixed in HipChat since then:
1823         https://support.atlassian.com/servicedesk/customer/portal/32/HCP-7532
1824
1825         I have confirmed locally that the latest version (4.0.12.665) is able
1826         to connect without the hack.
1827
1828         * bindings/js/JSLocationCustom.cpp:
1829         (WebCore::JSLocation::putDelegate): Deleted.
1830         * platform/RuntimeApplicationChecks.h:
1831         * platform/RuntimeApplicationChecks.mm:
1832         (WebCore::MacApplication::isHipChat): Deleted.
1833
1834 2016-06-13  Chris Fleizach  <cfleizach@apple.com>
1835
1836         AX: CrashTracer: com.apple.WebKit.WebContent at WebCore::AccessibilityRenderObject::remoteSVGRootElement const + 227
1837         https://bugs.webkit.org/show_bug.cgi?id=158685
1838
1839         Reviewed by David Kilzer.
1840
1841         Crash reports show a null access at a line that tries to dereference a pointer. 
1842         I still don't have a way to layout test this, as it seems tied to tear down of the main document.
1843
1844         * accessibility/AccessibilityRenderObject.cpp:
1845         (WebCore::AccessibilityRenderObject::remoteSVGRootElement):
1846
1847 2016-06-13  Jeremy Jones  <jeremyj@apple.com>
1848
1849         Use two video layer solution only on mac.
1850         https://bugs.webkit.org/show_bug.cgi?id=158705
1851         rdar://problem/26776360
1852
1853         Reviewed by Jer Noble.
1854
1855         Two video layer solution is only useful on the mac to prevent flicker, so don't do it elsewhere.
1856
1857         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
1858         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerLayer):
1859
1860 2016-06-13  Jeremy Jones  <jeremyj@apple.com>
1861
1862         Decrease PiP flicker by not removing window prematurely.
1863         https://bugs.webkit.org/show_bug.cgi?id=158436
1864         <rdar://problem/19052639>
1865
1866         Reviewed by Darin Adler.
1867
1868         UIWindow shouldn't be removed until cleanupFullscreen, so the video layer has a chance
1869         to be reparented in the DOM first.
1870
1871         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
1872         (WebVideoFullscreenInterfaceAVKit::didStopPictureInPicture):
1873
1874 2016-06-13  Alex Christensen  <achristensen@webkit.org>
1875
1876         Add WebSocketProvider stub
1877         https://bugs.webkit.org/show_bug.cgi?id=158702
1878
1879         Reviewed by Brady Eidson.
1880
1881         No new tests.  No change in behavior.
1882
1883         * WebCore.xcodeproj/project.pbxproj:
1884         * dom/DocumentMarkerController.cpp:
1885         * dom/ScriptedAnimationController.cpp:
1886         * html/HTMLMediaElement.cpp:
1887         * html/MediaDocument.cpp:
1888         * html/shadow/MediaControlElements.cpp:
1889         * html/shadow/MediaControls.cpp:
1890         * html/shadow/MediaControls.h:
1891         * html/shadow/MediaControlsApple.cpp:
1892         * inspector/InspectorInstrumentation.cpp:
1893         * inspector/InspectorInstrumentation.h:
1894         * inspector/InspectorOverlay.cpp:
1895         (WebCore::InspectorOverlay::overlayPage):
1896         * loader/EmptyClients.h:
1897         * loader/FrameLoader.cpp:
1898         * loader/FrameLoader.h:
1899         * loader/appcache/ApplicationCacheHost.cpp:
1900         * loader/cache/CachedResource.cpp:
1901         * page/FrameView.cpp:
1902         * page/Page.cpp:
1903         (WebCore::Page::Page):
1904         * page/Page.h:
1905         (WebCore::Page::applicationCacheStorage):
1906         (WebCore::Page::databaseProvider):
1907         (WebCore::Page::socketProvider):
1908         (WebCore::Page::storageNamespaceProvider):
1909         * page/PageConfiguration.cpp:
1910         (WebCore::PageConfiguration::PageConfiguration):
1911         * page/PageConfiguration.h:
1912         * page/ResourceUsageOverlay.cpp:
1913         * page/SocketProvider.h: Added.
1914         (WebCore::SocketProvider::~SocketProvider):
1915         * page/cocoa/ResourceUsageOverlayCocoa.mm:
1916         * rendering/RenderElement.cpp:
1917         * rendering/RenderLayerBacking.cpp:
1918         * style/StyleResolveForDocument.cpp:
1919         * style/StyleTreeResolver.cpp:
1920         * svg/graphics/SVGImage.cpp:
1921         (WebCore::SVGImage::dataChanged):
1922         * testing/MockPageOverlayClient.cpp:
1923
1924 2016-06-13  Brady Eidson  <beidson@apple.com>
1925
1926         Crashes in WebCore::IDBServer::UniqueIDBDatabase::executeNextDatabaseTask.
1927         <rdar://problem/26768449> and https://bugs.webkit.org/show_bug.cgi?id=158696
1928
1929         Reviewed by David Kilzer.
1930
1931         No new tests (Covered by all existing tests in Gmalloc/ASAN configs).
1932
1933         * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
1934         (WebCore::IDBServer::UniqueIDBDatabase::executeNextDatabaseTask):
1935         (WebCore::IDBServer::UniqueIDBDatabase::executeNextDatabaseTaskReply):
1936
1937 2016-06-13  Brady Eidson  <beidson@apple.com>
1938
1939         Modern IDB: IDBOpenDBRequest objects leak.
1940         https://bugs.webkit.org/show_bug.cgi?id=158694
1941
1942         Reviewed by Alex Christensen.
1943
1944         No new tests (Currently have no testing strategy for guaranteeing lifetime of WebCore DOM objects)
1945
1946         * Modules/indexeddb/client/IDBConnectionProxy.cpp:
1947         (WebCore::IDBClient::IDBConnectionProxy::completeOpenDBRequest): At this point we never need the
1948             request again, so remove it from the map.
1949
1950 2016-06-13  Chris Dumez  <cdumez@apple.com>
1951
1952         Make sure HTTPHeaderMap gets a move constructor / assignment operator
1953         https://bugs.webkit.org/show_bug.cgi?id=158695
1954         <rdar://problem/26729511>
1955
1956         Reviewed by Alex Christensen.
1957
1958         Make sure HTTPHeaderMap gets a move constructor / assignment operator.
1959         It was not getting an implicit one because of its user-declared
1960         destructor. This patch drops the user-declared destructor so that
1961         HTTPHeaderMap now gets an implicit move constructor / assignment
1962         operator.
1963
1964         Not having a move constructor / assignment operator is an issue because
1965         we rely on HTTPHeaderMap::isolatedCopy() / WTFMove() since r201623 to
1966         pass HTTPHeaderMap across thread.
1967
1968         * platform/network/HTTPHeaderMap.cpp:
1969         (WebCore::HTTPHeaderMap::~HTTPHeaderMap): Deleted.
1970         * platform/network/HTTPHeaderMap.h:
1971
1972 2016-06-13  Nael Ouedraogo  <nael.ouedraogo@crf.canon.fr>
1973
1974         Remove useless parameter from GenerateParametersCheck signature
1975         https://bugs.webkit.org/show_bug.cgi?id=158692
1976
1977         Reviewed by Chris Dumez.
1978
1979         Remove one parameter which is passed to GenerateParametersCheck
1980         but never used in the caller code.
1981
1982         * bindings/scripts/CodeGeneratorJS.pm:
1983         (GenerateImplementation):
1984         (GenerateParametersCheck):
1985         (GenerateConstructorDefinition):
1986
1987 2016-06-13  Nael Ouedraogo  <nael.ouedraogo@crf.canon.fr>
1988
1989         Improve code generator for functions with variadic parameters
1990         https://bugs.webkit.org/show_bug.cgi?id=158529
1991
1992         Reviewed by Darin Adler.
1993
1994         JS bindings code of functions with variadic parameters is improved.
1995
1996         Functions with variadic parameters are skipped for ObjC and GObject code generators.
1997
1998         * bindings/scripts/CodeGeneratorGObject.pm:
1999         (SkipFunction): Skip functions with variadic parameters.
2000         * bindings/scripts/CodeGeneratorJS.pm:
2001         (GenerateParametersCheck):
2002         * bindings/scripts/CodeGeneratorObjC.pm:
2003         (SkipFunction): Skip functions with variadic parameters.
2004         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
2005         (webkit_dom_test_obj_any): Deleted.
2006         (webkit_dom_test_obj_attach_shadow_root): Deleted.
2007         (webkit_dom_test_obj_get_read_only_long_attr): Deleted.
2008         (webkit_dom_test_obj_get_read_only_string_attr): Deleted.
2009         * bindings/scripts/test/GObject/WebKitDOMTestObj.h:
2010         * bindings/scripts/test/JS/JSTestObj.cpp:
2011         (WebCore::jsTestObjPrototypeFunctionOverloadedMethod12):
2012         (WebCore::jsTestObjPrototypeFunctionVariadicStringMethod):
2013         (WebCore::jsTestObjPrototypeFunctionVariadicDoubleMethod):
2014         (WebCore::jsTestObjPrototypeFunctionVariadicNodeMethod):
2015         * bindings/scripts/test/ObjC/DOMTestObj.h:
2016         * bindings/scripts/test/ObjC/DOMTestObj.mm:
2017
2018 2016-06-12  Zalan Bujtas  <zalan@apple.com>
2019
2020         Cleanup RenderBlock::removePositionedObjects
2021         https://bugs.webkit.org/show_bug.cgi?id=158670
2022
2023         Reviewed by Simon Fraser.
2024
2025         No change in functionality.
2026
2027         * rendering/RenderBlock.cpp:
2028         (WebCore::RenderBlock::insertPositionedObject):
2029         (WebCore::RenderBlock::removePositionedObject):
2030         (WebCore::RenderBlock::removePositionedObjects):
2031         * rendering/RenderBlock.h:
2032
2033 2016-06-12  Zalan Bujtas  <zalan@apple.com>
2034
2035         Remove positioned descendants when RenderBlock is no longer a containing block.
2036         https://bugs.webkit.org/show_bug.cgi?id=158655
2037         <rdar://problem/26510032>
2038
2039         Reviewed by Simon Fraser.
2040
2041         Normally the RenderView is the containing block for fixed positioned renderers.
2042         However when a renderer acquires some transform related properties, it becomes the containing
2043         block for all the fixed positioned renderers in its descendant tree.
2044         When the last transform related property is removed, the renderer is no longer a containing block
2045         and we need to remove all these positioned renderers from the descendant tracker map (gPositionedDescendantsMap).
2046         They will be inserted back into the tracker map during the next layout (either under the RenderView or
2047         under the next transformed renderer in the ancestor chain).
2048
2049         Test: fast/block/fixed-position-reparent-when-transition-is-removed.html
2050
2051         * rendering/RenderBlock.cpp:
2052         (WebCore::RenderBlock::removePositionedObjectsIfNeeded):
2053
2054 2016-06-11  Myles C. Maxfield  <mmaxfield@apple.com>
2055
2056         Addressing post-review comments after r201978.
2057         https://bugs.webkit.org/show_bug.cgi?id=158649
2058         <rdar://problem/13258122>
2059
2060         Unreviewed.
2061
2062         * platform/graphics/FontCache.cpp:
2063         (WebCore::FontCache::alternateFamilyName):
2064         * platform/graphics/cocoa/FontCacheCoreText.cpp:
2065         (WebCore::FontCache::platformAlternateFamilyName):
2066
2067 2016-06-11  Darin Adler  <darin@apple.com>
2068
2069         Tighten code to build set of tag names
2070         https://bugs.webkit.org/show_bug.cgi?id=158662
2071
2072         Reviewed by Alexey Proskuryakov.
2073
2074         * dom/Element.cpp:
2075         (WebCore::canAttachAuthorShadowRoot): Use an array of pointers that the loader
2076         can initialize as part of loading the library, rather than an array that needs
2077         to be initialized with code at runtime.
2078
2079 2016-06-11  Myles C. Maxfield  <mmaxfield@apple.com>
2080
2081         [Win] [EFL] Build fix after r201978.
2082         https://bugs.webkit.org/show_bug.cgi?id=158649
2083         <rdar://problem/13258122>
2084
2085         Unreviewed
2086
2087         * platform/graphics/freetype/FontCacheFreeType.cpp:
2088         (WebCore::FontCache::platformAlternateFamilyName):
2089         * platform/graphics/win/FontCacheWin.cpp:
2090
2091 2016-06-11  Myles C. Maxfield  <mmaxfield@apple.com>
2092
2093         [Cocoa] Map commonly used Chinese Windows font names to names present on Cocoa operating systems
2094         https://bugs.webkit.org/show_bug.cgi?id=158649
2095         <rdar://problem/13258122>
2096
2097         Reviewed by Darin Adler.
2098
2099         There are many Chinese websites which hardcode Windows font names.
2100         We should map these to fonts which best match them on Cocoa operating
2101         systems. We can do this by using our existing fallback font name
2102         infrastructure.
2103
2104         Tests: fast/text/chinese-font-name-aliases-2.html
2105                fast/text/chinese-font-name-aliases.html
2106
2107         * platform/graphics/FontCache.cpp:
2108         (WebCore::FontCache::alternateFamilyName):
2109         (WebCore::alternateFamilyName): Deleted.
2110         * platform/graphics/FontCache.h:
2111         * platform/graphics/cocoa/FontCacheCoreText.cpp:
2112         (WebCore::FontCache::platformAlternateFamilyName):
2113         * platform/graphics/freetype/FontCacheFreeType.cpp:
2114         (WebCore::FontCache::platformAlternateFamilyName):
2115         * platform/graphics/win/FontCacheWin.cpp:
2116         (WebCore::FontCache::platformAlternateFamilyName):
2117
2118 2016-06-11  Commit Queue  <commit-queue@webkit.org>
2119
2120         Unreviewed, rolling out r201967, r201968, and r201972.
2121         https://bugs.webkit.org/show_bug.cgi?id=158665
2122
2123         Caused flaky failures on IndexedDB tests (Requested by ap on
2124         #webkit).
2125
2126         Reverted changesets:
2127
2128         "Vary:Cookie validation doesn't work in private browsing"
2129         https://bugs.webkit.org/show_bug.cgi?id=158616
2130         http://trac.webkit.org/changeset/201967
2131
2132         "Build fix."
2133         http://trac.webkit.org/changeset/201968
2134
2135         "WinCairo build fix attempt."
2136         http://trac.webkit.org/changeset/201972
2137
2138 2016-06-11  Konstantin Tokarev  <annulen@yandex.ru>
2139
2140         Fixed compilation of LocaleICU with ENABLE(DATE_AND_TIME_INPUT_TYPES)
2141         https://bugs.webkit.org/show_bug.cgi?id=158659
2142
2143         Reviewed by Darin Adler.
2144
2145         No new tests needed.
2146
2147         * platform/text/LocaleICU.cpp:
2148         (WebCore::getFormatForSkeleton):
2149         (WebCore::LocaleICU::monthFormat):
2150         (WebCore::LocaleICU::shortMonthFormat):
2151
2152 2016-06-11  Antti Koivisto  <antti@apple.com>
2153
2154         WinCairo build fix attempt.
2155
2156         * platform/network/NetworkStorageSession.cpp:
2157         * platform/network/NetworkStorageSession.h:
2158         * platform/network/NetworkStorageSessionStub.cpp:
2159         (WebCore::NetworkStorageSession::NetworkStorageSession):
2160         (WebCore::NetworkStorageSession::context):
2161         (WebCore::NetworkStorageSession::createPrivateBrowsingSession):
2162         (WebCore::NetworkStorageSession::switchToNewTestingSession):
2163         (WebCore::NetworkStorageSession::~NetworkStorageSession): Deleted.
2164         (WebCore::defaultSession): Deleted.
2165         (WebCore::NetworkStorageSession::defaultStorageSession): Deleted.
2166
2167 2016-06-11  Myles C. Maxfield  <mmaxfield@apple.com>
2168
2169         Deleting a CSSOM style rule invalidates any previously-added FontFaces
2170         https://bugs.webkit.org/show_bug.cgi?id=158450
2171
2172         Reviewed by Darin Adler.
2173
2174         This patch has two pieces: updating the CSSOM when the FontFace changes, and
2175         updating the FontFace when the CSSOM changes.
2176
2177         1: Updating the CSSOM when the FontFace changes: CSSFontFaces already have a RefPtr
2178         to their StyleRuleFontFace which represents their CSS-connection. When changing a
2179         property of the CSSFontFace, we simply reach into the StyleRule and update it to
2180         match. Our existing infrastructure of invalidation due to the attribute changes
2181         makes sure that all the necessary updates occur.
2182
2183         2. Updating the FontFace when the CSSOM changes: If the CSSOM changes in a trivial
2184         way (for example, a new @font-face is appended to the end of the last <style>
2185         element), we can handle it directly. However, when something more invasive occurs,
2186         we end up clearing the entire CSSFontSelector, and then adding all the style rules
2187         from scratch. This involves three steps:
2188             a) CSSFontSelector::buildStarted() is run, which means "we're about to start
2189                building up all the @font-face rules from scratch." We take this opportunity
2190                to purge as many fonts as possible. This is valuable because, for example,
2191                this function gets run when the page gets put into the page cache, so we
2192                want to destroy as much as possible. Not everything can be purged, however -
2193                only CSS-connected fonts which have never been inspected by script are
2194                purgeable. We don't allow fonts inspected by script to be purged because
2195                purging might result in a font appearing from JavaScript to transition from
2196                a success -> failure state, which we don't allow.
2197             b) Upon style recalc (possibly asynchronously) CSSFontSelector::addFontFaceRule()
2198                is called for each @font-face rule. We actually detect that we're in the
2199                middle of a style rebuild, and defer this step.
2200             c) When we're done adding all the font face rules, we call
2201                CSSFontSelector::buildCompleted(). This is where we compare the newly built-
2202                up list of font faces with what existed previously (as remembered in
2203                CSSFontSelector::buildStarted()) in order to detect font faces which were
2204                deleted from the document. Fonts which were newly added to the document
2205                are handled naturally.
2206                Fonts which have a property modified on them are created as if they were new.
2207                However, instead of simply adding the CSSFontFace, we search for the existing
2208                CSSFontFace (by CSS connection pointer) and tell the existing FontFace to
2209                adopt this new CSSFontFace. This means that the JavaScript object will just
2210                pick up any newly-written values in the CSSOM. It also means that the
2211                "status" attribute of the JavaScript object is reset, but this is expected
2212                and allowed by the spec. (For example, if you change the "src" attribute of
2213                an @font-face block via the CSSOM, all bets are off when you inspect the
2214                FontFace JS object representing that block.)
2215
2216         Test: fast/text/font-face-set-cssom.html
2217
2218         * css/CSSFontFace.cpp:
2219         (WebCore::CSSFontFace::CSSFontFace):
2220         (WebCore::CSSFontFace::setFamilies):
2221         (WebCore::CSSFontFace::setStyle):
2222         (WebCore::CSSFontFace::setWeight):
2223         (WebCore::CSSFontFace::setUnicodeRange):
2224         (WebCore::CSSFontFace::setVariantLigatures):
2225         (WebCore::CSSFontFace::setVariantPosition):
2226         (WebCore::CSSFontFace::setVariantCaps):
2227         (WebCore::CSSFontFace::setVariantNumeric):
2228         (WebCore::CSSFontFace::setVariantAlternates):
2229         (WebCore::CSSFontFace::setVariantEastAsian):
2230         (WebCore::CSSFontFace::setFeatureSettings):
2231         (WebCore::CSSFontFace::initializeWrapper):
2232         (WebCore::CSSFontFace::wrapper):
2233         (WebCore::CSSFontFace::setWrapper):
2234         (WebCore::CSSFontFace::purgeable):
2235         (WebCore::CSSFontFace::updateStyleIfNeeded):
2236         * css/CSSFontFace.h:
2237         * css/CSSFontFaceSet.cpp:
2238         (WebCore::CSSFontFaceSet::remove):
2239         (WebCore::CSSFontFaceSet::containsCSSConnection):
2240         (WebCore::CSSFontFaceSet::purge):
2241         * css/CSSFontFaceSet.h:
2242         * css/CSSFontSelector.cpp:
2243         (WebCore::CSSFontSelector::buildStarted):
2244         (WebCore::CSSFontSelector::buildCompleted):
2245         (WebCore::CSSFontSelector::addFontFaceRule):
2246         * css/CSSFontSelector.h:
2247         * css/FontFace.cpp:
2248         (WebCore::FontFace::family):
2249         (WebCore::FontFace::style):
2250         (WebCore::FontFace::weight):
2251         (WebCore::FontFace::unicodeRange):
2252         (WebCore::FontFace::variant):
2253         (WebCore::FontFace::featureSettings):
2254         (WebCore::FontFace::adopt):
2255         * css/FontFace.h:
2256
2257 2016-06-11  Chris Dumez  <cdumez@apple.com>
2258
2259         WorkerNavigator is missing some attributes
2260         https://bugs.webkit.org/show_bug.cgi?id=158593
2261         <rdar://problem/26731334>
2262
2263         Reviewed by Darin Adler.
2264
2265         Add attributes that are missing on WorkerNavigator:
2266         - appCodeName
2267         - hardwareConcurrency
2268         - language
2269         - product
2270         - productSub
2271         - vendor
2272         - vendorSub
2273
2274         Firefox and Chrome already expose those attributes.
2275
2276         Relevant specification:
2277         https://html.spec.whatwg.org/multipage/workers.html#the-workernavigator-object
2278
2279         This patch also refactors the IDL to match the specification more
2280         closely and promote sharing between Navigator and WorkerNavigator.
2281
2282         No new tests, updated existing test.
2283
2284         * CMakeLists.txt:
2285         * DerivedSources.make:
2286         Add new supplemental IDL files.
2287
2288         * page/Navigator.cpp:
2289         * page/Navigator.h:
2290         Moved language() / hardwareConcurrency() from Navigator to NavigatorBase
2291         so that it can be used by NavigatorWorker as well.
2292
2293         * page/NavigatorBase.h:
2294         * page/NavigatorBase.cpp:
2295         (WebCore::NavigatorBase::language):
2296         The implementation still calls defaultLanguage() but I updated it to be
2297         thread safe on all platforms.
2298
2299         (WebCore::NavigatorBase::hardwareConcurrency):
2300         Use std::call_once() for thread safety.
2301
2302         * page/Navigator.idl:
2303         * page/NavigatorConcurrentHardware.idl: Copied from Source/WebCore/page/WorkerNavigator.idl.
2304         * page/NavigatorID.idl: Copied from Source/WebCore/page/WorkerNavigator.idl.
2305         * page/NavigatorLanguage.idl: Copied from Source/WebCore/page/WorkerNavigator.idl.
2306         * page/NavigatorOnLine.idl: Copied from Source/WebCore/page/WorkerNavigator.idl.
2307         * page/WorkerNavigator.idl:
2308         Move several attributes to their own supplemental interfaces to match
2309         the specification and promote sharing with WorkerNavigator.
2310
2311         * platform/Language.cpp:
2312         (WebCore::userPreferredLanguages):
2313         * platform/Language.h:
2314         Made thread-safe on all platforms.
2315
2316 2016-06-11  Antti Koivisto  <antti@apple.com>
2317
2318         Build fix.
2319
2320         * platform/network/cf/NetworkStorageSessionCFNet.cpp:
2321         (WebCore::NetworkStorageSession::switchToNewTestingSession):
2322
2323 2016-06-10  Antti Koivisto  <antti@apple.com>
2324
2325         Vary:Cookie validation doesn't work in private browsing
2326         https://bugs.webkit.org/show_bug.cgi?id=158616
2327         rdar://problem/26755067
2328
2329         Reviewed by Darin Adler.
2330
2331         This wasn't implemented because there was no way to get NetworkStorageSession from
2332         a SessionID on WebCore side.
2333
2334         The patch adds a simple WebCore level weak map that allows getting NetworkStorageSessions
2335         from SessionID. This seemed like the cleanest way to do this without a big refactoring
2336         around the currently WebKit2 level SessionTracker.
2337
2338         * CMakeLists.txt:
2339         * WebCore.xcodeproj/project.pbxproj:
2340         * platform/network/CacheValidation.cpp:
2341         (WebCore::headerValueForVary):
2342
2343             Get NetworkStorageSession from SessionID for cookies
2344
2345         (WebCore::verifyVaryingRequestHeaders):
2346         * platform/network/NetworkStorageSession.cpp: Added.
2347
2348             Add platform independent .cpp for NetworkStorageSession.
2349             Implement a weak map for SessionID -> NetworkStorageSession.
2350
2351         (WebCore::sessionsMap):
2352         (WebCore::NetworkStorageSession::NetworkStorageSession):
2353         (WebCore::NetworkStorageSession::~NetworkStorageSession):
2354         (WebCore::NetworkStorageSession::forSessionID):
2355
2356             Get NetworkStorageSession for sessionID.
2357
2358         * platform/network/NetworkStorageSession.h:
2359         (WebCore::NetworkStorageSession::sessionID):
2360         (WebCore::NetworkStorageSession::credentialStorage):
2361         * platform/network/cf/NetworkStorageSessionCFNet.cpp:
2362         (WebCore::NetworkStorageSession::NetworkStorageSession):
2363
2364             Call to common constructor.
2365
2366         (WebCore::defaultNetworkStorageSession):
2367         * platform/network/soup/NetworkStorageSessionSoup.cpp:
2368         (WebCore::NetworkStorageSession::NetworkStorageSession):
2369
2370             Call to common constructor.
2371
2372         (WebCore::defaultSession):
2373         (WebCore::NetworkStorageSession::~NetworkStorageSession): Deleted.
2374
2375 2016-06-10  Ada Chan  <adachan@apple.com>
2376
2377         Use the video element's video box when getting the inline video rect in WebVideoFullscreenManager
2378         https://bugs.webkit.org/show_bug.cgi?id=158351
2379         <rdar://problem/26567938>
2380
2381         Reviewed by Darin Adler.
2382
2383         * WebCore.xcodeproj/project.pbxproj:
2384         Change the visibility of RenderVideo.h and RenderMedia.h since we'll be importing RenderVideo.h from WebKit2.
2385         * rendering/RenderVideo.h:
2386
2387 2016-06-10  Benjamin Poulain  <bpoulain@apple.com>
2388
2389         Add support for passive event listeners on touch events
2390         https://bugs.webkit.org/show_bug.cgi?id=158601
2391
2392         Reviewed by Simon Fraser.
2393
2394         This patch wires "passive" state of EventTarget to the delivery of touch
2395         events in WebKit2.
2396
2397         Instead of having a NonFastScrollableRegion, we have a pair of regions
2398         in EventTrackingRegions.
2399         The "asynchronousDispatchRegion" tracks the area for which all event
2400         listeners are passive. For those, events should be dispatched asynchronously.
2401         The "synchronousDispatchRegion" tracks the area for which there is at
2402         least one active event listener. Events have to be dispatched synchronously
2403         for correctness.
2404
2405         Tests: fast/events/touch/ios/tap-with-active-listener-on-elements.html
2406                fast/events/touch/ios/tap-with-active-listener-on-window.html
2407                fast/events/touch/ios/tap-with-passive-listener-on-elements.html
2408                fast/events/touch/ios/tap-with-passive-listener-on-window.html
2409
2410         * WebCore.xcodeproj/project.pbxproj:
2411         * dom/Document.cpp:
2412         (WebCore::Document::wheelEventHandlersChanged):
2413         (WebCore::Document::Document): Deleted.
2414         * dom/Document.h:
2415
2416         * dom/EventListenerMap.cpp:
2417         (WebCore::EventListenerMap::containsActive):
2418         If a Target has multiple listener for an event type, we want to know
2419         if any of them is active.
2420
2421         * dom/EventListenerMap.h:
2422         * dom/EventTarget.cpp:
2423         (WebCore::EventTarget::hasActiveEventListeners):
2424         (WebCore::EventTarget::hasActiveTouchEventListeners):
2425         * dom/EventTarget.h:
2426
2427         * page/DebugPageOverlays.cpp:
2428         (WebCore::NonFastScrollableRegionOverlay::updateRegion):
2429         I did not change the debug overlays.
2430         The NonFastScrollable area is the region for which events needs
2431         synchronous dispatch. Everything else should scroll without delay.
2432
2433         * page/FrameView.cpp:
2434         (WebCore::FrameView::scrollableAreaSetChanged):
2435         * page/Page.cpp:
2436         (WebCore::Page::nonFastScrollableRects):
2437         * page/scrolling/AsyncScrollingCoordinator.cpp:
2438         (WebCore::AsyncScrollingCoordinator::setEventTrackingRegionsDirty):
2439         (WebCore::AsyncScrollingCoordinator::willCommitTree):
2440         (WebCore::AsyncScrollingCoordinator::updateEventTrackingRegions):
2441         (WebCore::AsyncScrollingCoordinator::frameViewLayoutUpdated):
2442         (WebCore::AsyncScrollingCoordinator::frameViewEventTrackingRegionsChanged):
2443         (WebCore::AsyncScrollingCoordinator::scrollingStateTreeAsText):
2444         (WebCore::AsyncScrollingCoordinator::setNonFastScrollableRegionDirty): Deleted.
2445         (WebCore::AsyncScrollingCoordinator::updateNonFastScrollableRegion): Deleted.
2446         (WebCore::AsyncScrollingCoordinator::frameViewNonFastScrollableRegionChanged): Deleted.
2447         * page/scrolling/AsyncScrollingCoordinator.h:
2448         (WebCore::AsyncScrollingCoordinator::eventTrackingRegionsDirty):
2449         (WebCore::AsyncScrollingCoordinator::nonFastScrollableRegionDirty): Deleted.
2450
2451         * page/scrolling/ScrollingCoordinator.cpp:
2452         (WebCore::ScrollingCoordinator::absoluteEventTrackingRegionsForFrame):
2453         (WebCore::ScrollingCoordinator::absoluteEventTrackingRegions):
2454         (WebCore::ScrollingCoordinator::absoluteNonFastScrollableRegionForFrame): Deleted.
2455         (WebCore::ScrollingCoordinator::absoluteNonFastScrollableRegion): Deleted.
2456         I intentionally left the Wheel event with synchronous dispatch.
2457         This use case will need its own set of tests.
2458
2459         * page/scrolling/ScrollingCoordinator.h:
2460         (WebCore::ScrollingCoordinator::frameViewEventTrackingRegionsChanged):
2461         (WebCore::ScrollingCoordinator::frameViewNonFastScrollableRegionChanged): Deleted.
2462         * page/scrolling/ScrollingStateFrameScrollingNode.cpp:
2463         (WebCore::ScrollingStateFrameScrollingNode::ScrollingStateFrameScrollingNode):
2464         (WebCore::ScrollingStateFrameScrollingNode::setEventTrackingRegions):
2465         (WebCore::ScrollingStateFrameScrollingNode::dumpProperties):
2466         (WebCore::ScrollingStateFrameScrollingNode::setNonFastScrollableRegion): Deleted.
2467         * page/scrolling/ScrollingStateFrameScrollingNode.h:
2468         * page/scrolling/ScrollingTree.cpp:
2469         (WebCore::ScrollingTree::shouldHandleWheelEventSynchronously):
2470         (WebCore::ScrollingTree::commitNewTreeState):
2471         (WebCore::ScrollingTree::eventTrackingTypeForPoint):
2472         (WebCore::ScrollingTree::isPointInNonFastScrollableRegion): Deleted.
2473         * page/scrolling/ScrollingTree.h:
2474         * page/scrolling/mac/ScrollingCoordinatorMac.mm:
2475         (WebCore::ScrollingCoordinatorMac::scheduleTreeStateCommit):
2476         * platform/EventTrackingRegions.h: Added.
2477         (WebCore::EventTrackingRegions::isEmpty):
2478         (WebCore::EventTrackingRegions::trackingTypeForPoint):
2479         (WebCore::operator==):
2480
2481 2016-06-10  Enrica Casucci  <enrica@apple.com>
2482
2483         REGRESSION(r198177): Cannot paste an image when the pasteboard format is mime type.
2484         https://bugs.webkit.org/show_bug.cgi?id=158590
2485         rdar://problem/25471371
2486
2487         Reviewed by Darin Adler.
2488
2489         When creating a fragment from an image resource, the resource needs to
2490         be added to the document loader before setting the src attribute to the
2491         image element, otherwise loading is triggered and the loading fails.
2492         In r198177 the order of the operations was changed causing the bug.
2493         This patch adds support to test the scenario where the image in the pasteboard
2494         is available only as mime type (not WebArchive or RTFD), a situation that occurs
2495         more frequently on iOS.
2496
2497         Test: editing/pasteboard/image-in-iframe.html
2498
2499         * editing/ios/EditorIOS.mm:
2500         (WebCore::Editor::createFragmentForImageResourceAndAddResource):
2501         * editing/mac/EditorMac.mm:
2502         (WebCore::Editor::WebContentReader::readWebArchive):
2503         (WebCore::Editor::WebContentReader::readRTFD):
2504         (WebCore::Editor::WebContentReader::readRTF):
2505         (WebCore::Editor::createFragmentForImageResourceAndAddResource):
2506         * page/Settings.cpp:
2507         (WebCore::Settings::setImagesEnabled):
2508         (WebCore::Settings::setPreferMimeTypeForImages):
2509         (WebCore::Settings::setForcePendingWebGLPolicy):
2510         * page/Settings.h:
2511         (WebCore::Settings::areImagesEnabled):
2512         (WebCore::Settings::preferMimeTypeForImages):
2513         (WebCore::Settings::arePluginsEnabled):
2514         * testing/InternalSettings.cpp:
2515         (WebCore::InternalSettings::Backup::restoreTo):
2516         (WebCore::InternalSettings::setLangAttributeAwareFormControlUIEnabled):
2517         (WebCore::InternalSettings::setPreferMimeTypeForImages):
2518         (WebCore::InternalSettings::setImagesEnabled):
2519         * testing/InternalSettings.h:
2520         * testing/InternalSettings.idl:
2521
2522 2016-06-10  Alex Christensen  <achristensen@webkit.org>
2523
2524         Fix WinCairo build after r201943
2525
2526         * platform/network/curl/MultipartHandle.cpp:
2527         (WebCore::MultipartHandle::didReceiveResponse):
2528         * platform/network/curl/ResourceHandleManager.cpp:
2529         (WebCore::handleLocalReceiveResponse):
2530         (WebCore::headerCallback):
2531         (WebCore::ResourceHandleManager::dispatchSynchronousJob):
2532
2533 2016-06-10  Alex Christensen  <achristensen@webkit.org>
2534
2535         handleDataURL is only used by curl
2536         https://bugs.webkit.org/show_bug.cgi?id=158636
2537
2538         Reviewed by Tim Horton.
2539
2540         * CMakeLists.txt:
2541         * platform/network/DataURL.cpp: Removed.
2542         * platform/network/DataURL.h: Removed.
2543         * platform/network/curl/ResourceHandleManager.cpp:
2544         (WebCore::ResourceHandleManager::startScheduledJobs):
2545         (WebCore::handleDataURL):
2546         (WebCore::ResourceHandleManager::dispatchSynchronousJob):
2547
2548 2016-06-10  Alex Christensen  <achristensen@webkit.org>
2549
2550         Reduce ResourceResponse copying
2551         https://bugs.webkit.org/show_bug.cgi?id=158232
2552
2553         Reviewed by Darin Adler.
2554
2555         No new tests.  No change in behavior except removing an unnecessary copy on cocoa platforms.
2556
2557         * loader/ResourceLoader.cpp:
2558         (WebCore::ResourceLoader::didSendData):
2559         (WebCore::ResourceLoader::didReceiveResponse):
2560         * loader/ResourceLoader.h:
2561         * loader/appcache/ApplicationCacheGroup.cpp:
2562         (WebCore::ApplicationCacheGroup::createResourceHandle):
2563         (WebCore::ApplicationCacheGroup::didReceiveResponse):
2564         * loader/appcache/ApplicationCacheGroup.h:
2565         * platform/graphics/PlatformMediaResourceLoader.h:
2566         (WebCore::PlatformMediaResourceClient::~PlatformMediaResourceClient):
2567         (WebCore::PlatformMediaResourceClient::responseReceived):
2568         (WebCore::PlatformMediaResourceClient::redirectReceived):
2569         (WebCore::PlatformMediaResourceClient::shouldCacheResponse):
2570         (WebCore::PlatformMediaResourceClient::dataSent):
2571         * platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.h:
2572         * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
2573         (ResourceHandleStreamingClient::willSendRequest):
2574         (ResourceHandleStreamingClient::didReceiveResponse):
2575         * platform/network/BlobResourceHandle.cpp:
2576         (WebCore::BlobResourceHandle::notifyResponseOnSuccess):
2577         (WebCore::BlobResourceHandle::notifyResponseOnError):
2578         (WebCore::BlobResourceHandle::notifyReceiveData):
2579         * platform/network/DataURL.cpp:
2580         (WebCore::handleDataURL):
2581         * platform/network/PingHandle.h:
2582         (WebCore::PingHandle::PingHandle):
2583         * platform/network/ResourceHandleClient.cpp:
2584         (WebCore::ResourceHandleClient::willSendRequestAsync):
2585         (WebCore::ResourceHandleClient::didReceiveResponseAsync):
2586         * platform/network/ResourceHandleClient.h:
2587         (WebCore::ResourceHandleClient::didSendData):
2588         (WebCore::ResourceHandleClient::didReceiveResponse):
2589         (WebCore::ResourceHandleClient::didReceiveData):
2590         * platform/network/ResourceResponseBase.cpp:
2591         (WebCore::ResourceResponseBase::ResourceResponseBase):
2592         (WebCore::ResourceResponseBase::includeCertificateInfo):
2593         (WebCore::ResourceResponseBase::suggestedFilename):
2594         (WebCore::ResourceResponseBase::certificateInfo): Deleted.
2595         * platform/network/ResourceResponseBase.h:
2596         (WebCore::ResourceResponseBase::certificateInfo):
2597         (WebCore::ResourceResponseBase::encode):
2598         (WebCore::ResourceResponseBase::decode):
2599         (WebCore::ResourceResponseBase::containsCertificateInfo): Deleted.
2600         * platform/network/SynchronousLoaderClient.cpp:
2601         (WebCore::SynchronousLoaderClient::canAuthenticateAgainstProtectionSpace):
2602         (WebCore::SynchronousLoaderClient::didReceiveResponse):
2603         (WebCore::SynchronousLoaderClient::didReceiveData):
2604         * platform/network/SynchronousLoaderClient.h:
2605         * platform/network/cf/ResourceHandleCFURLConnectionDelegateWithOperationQueue.cpp:
2606         (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didReceiveResponse):
2607         * platform/network/cf/SynchronousResourceHandleCFURLConnectionDelegate.cpp:
2608         (WebCore::SynchronousResourceHandleCFURLConnectionDelegate::didReceiveResponse):
2609         (WebCore::SynchronousResourceHandleCFURLConnectionDelegate::didReceiveData):
2610         * platform/network/mac/WebCoreResourceHandleAsDelegate.mm:
2611         (-[WebCoreResourceHandleAsDelegate connection:didReceiveResponse:]):
2612         * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:
2613         (-[WebCoreResourceHandleAsOperationQueueDelegate connection:didReceiveResponse:]):
2614         * platform/network/soup/ResourceHandleSoup.cpp:
2615         (WebCore::nextMultipartResponsePartCallback):
2616         (WebCore::sendRequestCallback):
2617
2618 2016-06-09  Ryosuke Niwa  <rniwa@webkit.org>
2619
2620         Add SPI to disable spellchecking on auto-fillable text fields
2621         https://bugs.webkit.org/show_bug.cgi?id=158611
2622
2623         Reviewed by Anders Carlsson.
2624
2625         Added a boolean flag m_isSpellCheckingEnabled to HTMLInputElement. This flag defaults to true, and can be set
2626         to false by WebKit2 C API.
2627
2628         * editing/Editor.cpp:
2629         (WebCore::Editor::isSpellCheckingEnabledFor): Fixed a bug that we were calling isSpellCheckingEnabled on
2630         the div inside an input element's shadow tree instead of the input element itself.
2631         * html/HTMLInputElement.cpp:
2632         (WebCore::HTMLInputElement::HTMLInputElement): Initialize m_spellcheckEnabled to true (it's a bit field).
2633         (WebCore::HTMLInputElement::isSpellCheckingEnabled): Added. Return false if m_spellcheckEnabled is false.
2634         * html/HTMLInputElement.h:
2635         (WebCore::HTMLInputElement::setSpellcheckEnabled): Added.
2636
2637 2016-06-10  Alex Christensen  <achristensen@webkit.org>
2638
2639         Introduce WTF::UniqueRef
2640         https://bugs.webkit.org/show_bug.cgi?id=158596
2641
2642         Reviewed by Brady Eidson.
2643
2644         No new tests.  No change in behavior.
2645
2646         * inspector/InspectorOverlay.cpp:
2647         (WebCore::InspectorOverlay::overlayPage):
2648         * loader/EmptyClients.cpp:
2649         (WebCore::fillWithEmptyClients):
2650         * page/Page.cpp:
2651         (WebCore::Page::Page):
2652         * page/Page.h:
2653         (WebCore::Page::canStartMedia):
2654         (WebCore::Page::editorClient):
2655         (WebCore::Page::plugInClient):
2656         (WebCore::Page::mainFrame):
2657         (WebCore::Page::groupPtr): Deleted.
2658         * page/PageConfiguration.cpp:
2659         (WebCore::PageConfiguration::PageConfiguration):
2660         * page/PageConfiguration.h:
2661         * svg/graphics/SVGImage.cpp:
2662         (WebCore::SVGImage::dataChanged):
2663
2664 2016-06-10  Joseph Pecoraro  <pecoraro@apple.com>
2665
2666         Web Inspector: Cleanup InspectorIndexedDBAgent a bit
2667         https://bugs.webkit.org/show_bug.cgi?id=158598
2668
2669         Reviewed by Darin Adler.
2670
2671         * inspector/InspectorIndexedDBAgent.cpp:
2672
2673 2016-06-10  Youenn Fablet  <youenn.fablet@crf.canon.fr>
2674
2675         Origin header is not included in CORS requests for preloaded cross-origin resources
2676         https://bugs.webkit.org/show_bug.cgi?id=155761
2677         <rdar://problem/25351850>
2678
2679         Reviewed by Alex Christensen.
2680
2681         Making HTML preloader fully aware of crossorigin attribute value.
2682         Introducing CachedResourceRequest::setAsPotentiallyCrossOrigin as a helper routine to activate CORS mode.
2683         Making HTMLLinkElement and HTMLResourcePreloader use that routine.
2684         Making TokenPreloadScanner store the crossorigin attribute value in preload requests.
2685         Making TokenPreloadScanner store the crossorigin attribute value for link elements.
2686
2687         Test: http/tests/security/cross-origin-css-9.html
2688
2689         * html/HTMLLinkElement.cpp:
2690         (WebCore::HTMLLinkElement::process):
2691         * html/parser/HTMLPreloadScanner.cpp:
2692         (WebCore::TokenPreloadScanner::StartTagScanner::createPreloadRequest):
2693         (WebCore::TokenPreloadScanner::StartTagScanner::processAttribute):
2694         * html/parser/HTMLResourcePreloader.cpp:
2695         (WebCore::crossOriginModeAllowsCookies):
2696         (WebCore::PreloadRequest::resourceRequest):
2697         * html/parser/HTMLResourcePreloader.h:
2698         (WebCore::PreloadRequest::setCrossOriginMode):
2699         (WebCore::PreloadRequest::PreloadRequest): Deleted.
2700         (WebCore::PreloadRequest::resourceType): Deleted.
2701         * loader/cache/CachedResourceRequest.cpp:
2702         (WebCore::CachedResourceRequest::setAsPotentiallyCrossOrigin):
2703         * loader/cache/CachedResourceRequest.h:
2704
2705 2016-06-10  Chris Dumez  <cdumez@apple.com>
2706
2707         ErrorEvent / ProgressEvent should be exposed to workers
2708         https://bugs.webkit.org/show_bug.cgi?id=158606
2709
2710         Reviewed by Brady Eidson.
2711
2712         ErrorEvent / ProgressEvent should be exposed to workers:
2713         - https://html.spec.whatwg.org/multipage/webappapis.html#errorevent
2714         - https://xhr.spec.whatwg.org/#interface-progressevent
2715
2716         Firefox and Chrome both already expose those.
2717
2718         No new tests, rebaselined existing test.
2719
2720         * dom/ErrorEvent.idl:
2721         * dom/ProgressEvent.idl:
2722
2723 2016-06-10  Chris Dumez  <cdumez@apple.com>
2724
2725         MessagePort should be exposed to workers
2726         https://bugs.webkit.org/show_bug.cgi?id=158607
2727
2728         Reviewed by Brady Eidson.
2729
2730         MessagePort should be exposed to workers:
2731         https://html.spec.whatwg.org/multipage/comms.html#messageport
2732
2733         Firefox and Chrome both already expose it.
2734
2735         No new tests, rebaselined existing test.
2736
2737         * dom/MessagePort.idl:
2738
2739 2016-06-10  Youenn Fablet  <youenn.fablet@crf.canon.fr>
2740
2741         Move preflight check code outside of DocumentThreadableLoader
2742         https://bugs.webkit.org/show_bug.cgi?id=158425
2743
2744         Reviewed by Darin Adler.
2745
2746         Moving preflight check code in its own class.
2747         This allows code to be easier to read, use/reuse and update.
2748
2749         Behavior should be the same as before except in the case of a preflight response
2750         being a 3XX redirect response.
2751         Before this patch, the 3XX response was directly passed to the code processing regular responses.
2752         To keep compatibility with existing tests, a didFailRedirectCheck callback is called.
2753         This should be change to a preflight failure.
2754
2755         Covered by existing tests.
2756
2757         * CMakeLists.txt:
2758         * WebCore.xcodeproj/project.pbxproj:
2759         * loader/CrossOriginPreflightChecker.cpp: Added.
2760         (WebCore::CrossOriginPreflightChecker::CrossOriginPreflightChecker):
2761         (WebCore::CrossOriginPreflightChecker::~CrossOriginPreflightChecker):
2762         (WebCore::CrossOriginPreflightChecker::handleLoadingFailure):
2763         (WebCore::CrossOriginPreflightChecker::validatePreflightResponse):
2764         (WebCore::CrossOriginPreflightChecker::notifyFinished):
2765         (WebCore::CrossOriginPreflightChecker::startPreflight):
2766         (WebCore::CrossOriginPreflightChecker::doPreflight):
2767         (WebCore::CrossOriginPreflightChecker::redirectReceived):
2768         (WebCore::CrossOriginPreflightChecker::setDefersLoading):
2769         (WebCore::CrossOriginPreflightChecker::isXMLHttpRequest):
2770         * loader/CrossOriginPreflightChecker.h: Added.
2771         * loader/DocumentThreadableLoader.cpp:
2772         (WebCore::DocumentThreadableLoader::create):
2773         (WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequest):
2774         (WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequestWithPreflight):
2775         (WebCore::DocumentThreadableLoader::setDefersLoading):
2776         (WebCore::DocumentThreadableLoader::clearResource):
2777         (WebCore::DocumentThreadableLoader::didReceiveResponse):
2778         (WebCore::DocumentThreadableLoader::didReceiveData):
2779         (WebCore::DocumentThreadableLoader::notifyFinished):
2780         (WebCore::DocumentThreadableLoader::didFinishLoading):
2781         (WebCore::DocumentThreadableLoader::didFail):
2782         (WebCore::DocumentThreadableLoader::preflightSuccess):
2783         (WebCore::DocumentThreadableLoader::preflightFailure):
2784         (WebCore::DocumentThreadableLoader::loadRequest):
2785         (WebCore::DocumentThreadableLoader::responseReceived): Deleted.
2786         (WebCore::DocumentThreadableLoader::dataReceived): Deleted.
2787         (WebCore::DocumentThreadableLoader::isAllowedByContentSecurityPolicy): Deleted.
2788         * loader/DocumentThreadableLoader.h:
2789         (WebCore::DocumentThreadableLoader::options):
2790         (WebCore::DocumentThreadableLoader::isLoading):
2791         (WebCore::DocumentThreadableLoader::document):
2792
2793 2016-06-10  Adam Bergkvist  <adam.bergkvist@ericsson.com>
2794
2795         WebRTC: Imlement MediaEndpointPeerConnection::createAnswer()
2796         https://bugs.webkit.org/show_bug.cgi?id=158566
2797
2798         Reviewed by Eric Carlson.
2799
2800         Add the MediaEndpointPeerConnection implementation of RTCPeerConnection.createAnswer [1].
2801         createAnswer() creates a 'reply' to an remote offer set with setRemoteDescription(),
2802         completes the offer/answer dialog and brings the RTCPeerConnection back to the 'stable'
2803         signaling state.
2804
2805         [1] https://w3c.github.io/webrtc-pc/archives/20160513/webrtc.html#dom-rtcpeerconnection-createanswer
2806
2807         Test: fast/mediastream/RTCPeerConnection-inspect-answer.html
2808
2809         * Modules/mediastream/MediaEndpointPeerConnection.cpp:
2810         (WebCore::MediaEndpointPeerConnection::createOfferTask):
2811         Align creation of RTCSessionDescription with createAnswerTask.
2812         (WebCore::MediaEndpointPeerConnection::createAnswer):
2813         (WebCore::MediaEndpointPeerConnection::createAnswerTask):
2814         Add Implementation.
2815         * Modules/mediastream/MediaEndpointPeerConnection.h:
2816
2817 2016-06-08  Sergio Villar Senin  <svillar@igalia.com>
2818
2819         [css-grid] CRASH when getting the computed style of a grid with only absolutely positioned children
2820         https://bugs.webkit.org/show_bug.cgi?id=158537
2821
2822         Reviewed by Darin Adler.
2823
2824         Absolute positioning occurs after layout of the grid and its in-flow contents, and does not
2825         contribute to the sizing of any grid tracks or affect the size/configuration of the grid in
2826         any way. This means that we should treat as empty any grid whose only children are
2827         absolutely positioned items.
2828
2829         Since r201510 empty grids are no longer internally represented by a 1x1 matrix. As we were
2830         not considering grids-with-only-absolutely-positioned-children as empty, we were trying to
2831         access some invalid position in the internal representation of the grid triggering an ASSERT
2832         in debug builds and a crash in release.
2833
2834         Test: fast/css-grid-layout/grid-only-abspos-item-computed-style-crash.html
2835
2836         * css/CSSComputedStyleDeclaration.cpp:
2837         (WebCore::valueForGridTrackList):
2838
2839 2016-06-10  Chris Dumez  <cdumez@apple.com>
2840
2841         DOMException should be exposed to workers
2842         https://bugs.webkit.org/show_bug.cgi?id=158608
2843
2844         Reviewed by Alex Christensen.
2845
2846         DOMException should be exposed to workers:
2847         https://heycam.github.io/webidl/#es-DOMException-call
2848
2849         Both Firefox and Chrome expose DOMException to workers already.
2850
2851         No new tests, rebaselined existing test.
2852
2853         * dom/DOMCoreException.idl:
2854
2855 2016-06-09  Alex Christensen  <achristensen@webkit.org>
2856
2857         Fix CMake build.
2858
2859         * PlatformMac.cmake:
2860
2861 2016-06-09  Alex Christensen  <achristensen@webkit.org>
2862
2863         Fix AppleWin build after r201901.
2864         https://bugs.webkit.org/show_bug.cgi?id=119839
2865
2866         * platform/graphics/ca/win/PlatformCALayerWin.cpp:
2867         (PlatformCALayerWin::backingStoreAttached):
2868         (PlatformCALayerWin::userInteractionEnabled):
2869         (PlatformCALayerWin::setUserInteractionEnabled):
2870         (PlatformCALayerWin::geometryFlipped):
2871         * platform/graphics/ca/win/PlatformCALayerWin.h:
2872
2873 2016-06-09  Chris Fleizach  <cfleizach@apple.com>
2874
2875         AX: VoiceOver Unable to View Download Progress or Completion Status for Mail Attachments
2876         https://bugs.webkit.org/show_bug.cgi?id=158581
2877
2878         Reviewed by Darin Adler.
2879
2880         Update attachment element accessibility so that:
2881            1) the action name comes first to match UI
2882            2) on iOS, it has the updates frequently trait
2883
2884         Make sure this test now runs on iOS as well.
2885
2886         Modified tests: accessibility/attachment-element.html
2887
2888         * accessibility/AccessibilityAttachment.cpp:
2889         (WebCore::AccessibilityAttachment::accessibilityText):
2890         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
2891         (-[WebAccessibilityObjectWrapper accessibilityCanFuzzyHitTest]):
2892         (-[WebAccessibilityObjectWrapper accessibilityTraits]):
2893         (-[WebAccessibilityObjectWrapper accessibilityValue]):
2894         (-[WebAccessibilityObjectWrapper accessibilityIsAttachmentElement]):
2895         (-[WebAccessibilityObjectWrapper accessibilityIsComboBox]):
2896
2897 2016-06-09  Alex Christensen  <achristensen@webkit.org>
2898
2899         Clean up WebCore.vcxproj after switching to CMake.
2900
2901         * WebCore.vcxproj/QTMovieWin: Removed.
2902         * WebCore.vcxproj/QTMovieWin/QTMovieWinCairoDebug.props: Removed.
2903         * WebCore.vcxproj/QTMovieWin/QTMovieWinCairoRelease.props: Removed.
2904         * WebCore.vcxproj/QTMovieWin/QTMovieWinCommon.props: Removed.
2905         * WebCore.vcxproj/QTMovieWin/QTMovieWinDebug.props: Removed.
2906         * WebCore.vcxproj/QTMovieWin/QTMovieWinPostBuild.cmd: Removed.
2907         * WebCore.vcxproj/QTMovieWin/QTMovieWinPreBuild.cmd: Removed.
2908         * WebCore.vcxproj/QTMovieWin/QTMovieWinPreLink.cmd: Removed.
2909         * WebCore.vcxproj/QTMovieWin/QTMovieWinProduction.props: Removed.
2910         * WebCore.vcxproj/QTMovieWin/QTMovieWinRelease.props: Removed.
2911         * WebCore.vcxproj/xcopy.excludes: Removed.
2912
2913 2016-06-09  Zalan Bujtas  <zalan@apple.com>
2914
2915         Hairline borders do not show up on 3x displays.
2916         https://bugs.webkit.org/show_bug.cgi?id=158604
2917         <rdar://problem/26511679>
2918
2919         Reviewed by Simon Fraser.
2920
2921         On a 3x display, when we convert a 1/3px hairline border from float
2922         to LayoutUnit and pixel floor the result, we end up with a 0px width border.
2923         It's because float to LayoutUnit is lossy and since the current kFixedPointDenominator % 3 != 0,
2924         flooring LayoutUnit(1/3px) ends up being 0px. (float: 1/3 -> LayoutUnit: (1/3 - 1/kFixedPointDenominator) -> floor: 0)
2925         This patch eliminates the (unnecessary) float -> LayoutUnit - float conversion on border width.   
2926
2927         Test: fast/borders/hidpi-3x-input-hairline-border.html
2928
2929         * rendering/BorderEdge.cpp:
2930         (WebCore::BorderEdge::BorderEdge):
2931         * rendering/BorderEdge.h:
2932
2933 2016-06-09  Commit Queue  <commit-queue@webkit.org>
2934
2935         Unreviewed, rolling out r201887.
2936         https://bugs.webkit.org/show_bug.cgi?id=158610
2937
2938         This change caused LayoutTest crashes under GuardMalloc and
2939         ASan (Requested by ryanhaddad on #webkit).
2940
2941         Reverted changeset:
2942
2943         "Deleting a CSSOM style rule invalidates any previously-added
2944         FontFaces"
2945         https://bugs.webkit.org/show_bug.cgi?id=158450
2946         http://trac.webkit.org/changeset/201887
2947
2948 2016-06-09  Chris Dumez  <cdumez@apple.com>
2949
2950         Address Darin's review comment on r201898.
2951         https://bugs.webkit.org/show_bug.cgi?id=158576
2952
2953         Reviewed by Darin Adler.
2954
2955         * page/Base64Utilities.h:
2956
2957 2016-06-09  Antoine Quint  <graouts@apple.com>
2958
2959         [iOS] -webkit-overflow-scrolling: touch; ignores pointer-events: none;
2960         https://bugs.webkit.org/show_bug.cgi?id=119839
2961         <rdar://problem/9671514>
2962
2963         Reviewed by Simon Fraser.
2964
2965         Propagate a "userInteractionEnabled" flag from the Web process which is used to turn off
2966         user interaction on a UIScrollView created for -webkit-overflow-scrolling: touch.
2967
2968         Test: fast/scrolling/ios/touch-scroll-pointer-events-none.html
2969
2970         * platform/graphics/GraphicsLayer.cpp:
2971         (WebCore::GraphicsLayer::GraphicsLayer):
2972         * platform/graphics/GraphicsLayer.h:
2973         (WebCore::GraphicsLayer::userInteractionEnabled):
2974         (WebCore::GraphicsLayer::setUserInteractionEnabled):
2975         * platform/graphics/ca/GraphicsLayerCA.cpp:
2976         (WebCore::GraphicsLayerCA::setUserInteractionEnabled):
2977         (WebCore::GraphicsLayerCA::commitLayerChangesBeforeSublayers):
2978         (WebCore::GraphicsLayerCA::updateUserInteractionEnabled):
2979         * platform/graphics/ca/GraphicsLayerCA.h:
2980         * platform/graphics/ca/PlatformCALayer.h:
2981         * platform/graphics/ca/cocoa/PlatformCALayerCocoa.h:
2982         * platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm:
2983         (PlatformCALayerCocoa::userInteractionEnabled):
2984         (PlatformCALayerCocoa::setUserInteractionEnabled):
2985         * rendering/RenderLayerBacking.cpp:
2986         (WebCore::RenderLayerBacking::updateAfterDescendants):
2987
2988 2016-06-09  Chris Dumez  <cdumez@apple.com>
2989
2990         WorkerNavigator property should exist on WorkerGlobalScope
2991         https://bugs.webkit.org/show_bug.cgi?id=158574
2992         <rdar://problem/26725108>
2993
2994         Reviewed by Darin Adler.
2995
2996         WorkerNavigator property should exist on WorkerGlobalScope:
2997         https://html.spec.whatwg.org/multipage/workers.html#the-workernavigator-object
2998
2999         Fixing this gets the number of failures on http://w3c-test.org/workers/interfaces.worker
3000         from 34 to 23.
3001
3002         No new tests, rebaselined existing test.
3003
3004         * page/WorkerNavigator.idl:
3005
3006 2016-06-09  Chris Dumez  <cdumez@apple.com>
3007
3008         atob() / btoa() API should be exposed to workers
3009         https://bugs.webkit.org/show_bug.cgi?id=158576
3010         <rdar://problem/26729340>
3011
3012         Reviewed by Sam Weinig.
3013
3014         Expose atob() / btoa() API to workers as per:
3015         https://html.spec.whatwg.org/multipage/webappapis.html#windoworworkerglobalscope
3016
3017         This aligns our behavior with Firefox and Chrome as well.
3018
3019         Test: fast/workers/atob-btoa.html
3020
3021         * CMakeLists.txt:
3022         * DerivedSources.cpp:
3023         * DerivedSources.make:
3024         * PlatformMac.cmake:
3025         * WebCore.xcodeproj/project.pbxproj:
3026         * page/Base64Utilities.cpp: Added.
3027         (WebCore::Base64Utilities::btoa):
3028         (WebCore::Base64Utilities::atob):
3029         * page/Base64Utilities.h: Added.
3030         * page/DOMWindow.cpp:
3031         (WebCore::DOMWindow::find): Deleted.
3032         (WebCore::DOMWindow::offscreenBuffering): Deleted.
3033         (WebCore::DOMWindow::outerHeight): Deleted.
3034         (WebCore::DOMWindow::outerWidth): Deleted.
3035         * page/DOMWindow.h:
3036         * page/DOMWindow.idl:
3037         * page/WindowBase64.idl: Removed.
3038         * page/WindowOrWorkerGlobalScope.idl: Renamed from Source/WebCore/page/WindowTimers.idl.
3039         * workers/WorkerGlobalScope.h:
3040         * workers/WorkerGlobalScope.idl:
3041
3042 2016-06-09  John Wilander  <wilander@apple.com>
3043
3044         Restrict HTTP/0.9 responses to default ports and cancel HTTP/0.9 resource loads if the document was loaded with another HTTP protocol
3045         https://bugs.webkit.org/show_bug.cgi?id=158589
3046         <rdar://problem/25757454>
3047
3048         Reviewed by Brent Fulgham.
3049
3050         No new tests. Our layout test environment does not allow for headerless responses
3051         nor does it allow you to set an explicit HTTP/0.9 status header in PHP. I have
3052         manually tested this change with a Python socket setup doing both headerless and
3053         HTTP/0.9 header tests for positive and negative cases.
3054
3055         * loader/DocumentLoader.cpp:
3056         (WebCore::DocumentLoader::responseReceived):
3057             Cancel loads if the request was made to a non-default port.
3058         * loader/ResourceLoader.cpp:
3059         (WebCore::ResourceLoader::didReceiveResponse):
3060             Cancel loads if the request was made to a non-default port or if the document
3061             was loaded with another protocol. Cancelation is handled as a fail so as to
3062             fire the onerror event and allow sites to handle it gracefully.
3063
3064 2016-06-09  Alex Christensen  <achristensen@webkit.org>
3065
3066         Clean up EditorClient lifetime
3067         https://bugs.webkit.org/show_bug.cgi?id=158588
3068
3069         Reviewed by Anders Carlsson.
3070
3071         No new tests.  This patch does two things, all of which do not change behavior:
3072         1. Use a std::unique_ptr<EditorClient> owned by the Page instead of allocating
3073         with new in WebKit/WebKit2 and deleting in WebEditorClient::pageDestroyed.
3074         2. Give the Page a PageConfiguration&& instead of a PageConfiguration& in its constructor.
3075
3076         * inspector/InspectorOverlay.cpp:
3077         (WebCore::InspectorOverlay::overlayPage):
3078         * loader/EmptyClients.cpp:
3079         (WebCore::fillWithEmptyClients):
3080         * loader/EmptyClients.h:
3081         (WebCore::EmptyEditorClient::EmptyEditorClient):
3082         (WebCore::EmptyEditorClient::~EmptyEditorClient):
3083         * page/EditorClient.h:
3084         (WebCore::EditorClient::~EditorClient):
3085         * page/Page.cpp:
3086         (WebCore::Page::Page):
3087         (WebCore::Page::~Page):
3088         (WebCore::Page::setViewMode):
3089         (WebCore::Page::clearUndoRedoOperations):
3090         (WebCore::Page::inLowQualityImageInterpolationMode):
3091         (WebCore::Page::invalidateStylesForAllLinks):
3092         (WebCore::Page::invalidateStylesForLink):
3093         (WebCore::Page::invalidateInjectedStyleSheetCacheInAllFrames):
3094         (WebCore::Page::setDebugger):
3095         (WebCore::Page::setIsVisibleInternal):
3096         (WebCore::Page::setAllowsMediaDocumentInlinePlayback):
3097         * page/Page.h:
3098         (WebCore::Page::canStartMedia):
3099         (WebCore::Page::editorClient):
3100         (WebCore::Page::plugInClient):
3101         (WebCore::Page::mainFrame):
3102         (WebCore::Page::group):
3103         * page/PageConfiguration.cpp:
3104         * page/PageConfiguration.h:
3105         * page/mac/PageMac.mm:
3106         (WebCore::Page::addSchedulePair):
3107         (WebCore::Page::removeSchedulePair):
3108         * svg/graphics/SVGImage.cpp:
3109         (WebCore::SVGImage::dataChanged):
3110
3111 2016-06-09  Joseph Pecoraro  <pecoraro@apple.com>
3112
3113         REGRESSION: Web Inspector: IndexedDB does not show ObjectStore data
3114         https://bugs.webkit.org/show_bug.cgi?id=158592
3115         <rdar://problem/26730696>
3116
3117         Reviewed by Timothy Hatcher.
3118
3119         * inspector/InspectorIndexedDBAgent.cpp:
3120         (WebCore::DataLoader::execute):
3121         Ensure the IDBTransaction is active when attempting to open a cursor.
3122
3123         (WebCore::OpenCursorCallback::handleEvent):
3124         End, when the cursor result is empty, like we do for script results.
3125
3126 2016-06-09  Antoine Quint  <graouts@apple.com>
3127
3128         Changing canvas height immediately after page load does not relayout canvas
3129         https://bugs.webkit.org/show_bug.cgi?id=156097
3130
3131         Reviewed by Zalan Bujtas.
3132
3133         Promote the logic use to identify whether we should perform a layout after a change of
3134         intrinsic size from RenderImage to RenderReplaced such that RenderCanvas may use it
3135         in canvasSizeChanged() and correctly update its layout in the case where the width
3136         or height attribute is updated and there are no explicit sizing performed with CSS.
3137         Additionally, this will also account for the object-fix property to only perform
3138         a layout if necessary.
3139
3140         Test: fast/canvas/canvas-css-size-after-height-change-with-display-flex.html
3141
3142         * rendering/RenderHTMLCanvas.cpp:
3143         (WebCore::RenderHTMLCanvas::canvasSizeChanged):
3144         * rendering/RenderImage.cpp:
3145         (WebCore::RenderImage::repaintOrMarkForLayout):
3146         * rendering/RenderReplaced.cpp:
3147         (WebCore::RenderReplaced::setNeedsLayoutIfNeededAfterIntrinsicSizeChange):
3148         * rendering/RenderReplaced.h:
3149
3150 2016-06-09  Myles C. Maxfield  <mmaxfield@apple.com>
3151
3152         Deleting a CSSOM style rule invalidates any previously-added FontFaces
3153         https://bugs.webkit.org/show_bug.cgi?id=158450
3154
3155         Reviewed by Darin Adler.
3156
3157         This patch has two pieces: updating the CSSOM when the FontFace changes, and
3158         updating the FontFace when the CSSOM changes.
3159
3160         1: Updating the CSSOM when the FontFace changes: CSSFontFaces already have a RefPtr
3161         to their StyleRuleFontFace which represents their CSS-connection. When changing a
3162         property of the CSSFontFace, we simply reach into the StyleRule and update it to
3163         match. Our existing infrastructure of invalidation due to the attribute changes
3164         makes sure that all the necessary updates occur.
3165
3166         2. Updating the FontFace when the CSSOM changes: If the CSSOM changes in a trivial
3167         way (for example, a new @font-face is appended to the end of the last <style>
3168         element), we can handle it directly. However, when something more invasive occurs,
3169         we end up clearing the entire CSSFontSelector, and then adding all the style rules
3170         from scratch. This involves three steps:
3171             a) CSSFontSelector::buildStarted() is run, which means "we're about to start
3172                building up all the @font-face rules from scratch." We take this opportunity
3173                to purge as many fonts as possible. This is valuable because, for example,
3174                this function gets run when the page gets put into the page cache, so we
3175                want to destroy as much as possible. Not everything can be purged, however -
3176                only CSS-connected fonts which have never been inspected by script are
3177                purgeable. We don't allow fonts inspected by script to be purged because
3178                purging might result in a font appearing from JavaScript to transition from
3179                a success -> failure state, which we don't allow.
3180             b) Upon style recalc (possibly asynchronously) CSSFontSelector::addFontFaceRule()
3181                is called for each @font-face rule. We actually detect that we're in the
3182                middle of a style rebuild, and defer this step.
3183             c) When we're done adding all the font face rules, we call
3184                CSSFontSelector::buildCompleted(). This is where we compare the newly built-
3185                up list of font faces with what existed previously (as remembered in
3186                CSSFontSelector::buildStarted()) in order to detect font faces which were
3187                deleted from the document. Fonts which were newly added to the document
3188                are handled naturally.
3189                Fonts which have a property modified on them are created as if they were new.
3190                However, instead of simply adding the CSSFontFace, we search for the existing
3191                CSSFontFace (by CSS connection pointer) and tell the existing FontFace to
3192                adopt this new CSSFontFace. This means that the JavaScript object will just
3193                pick up any newly-written values in the CSSOM. It also means that the
3194                "status" attribute of the JavaScript object is reset, but this is expected
3195                and allowed by the spec. (For example, if you change the "src" attribute of
3196                an @font-face block via the CSSOM, all bets are off when you inspect the
3197                FontFace JS object representing that block.)
3198
3199         Test: fast/text/font-face-set-cssom.html
3200
3201         * css/CSSFontFace.cpp:
3202         (WebCore::CSSFontFace::CSSFontFace):
3203         (WebCore::CSSFontFace::setFamilies):
3204         (WebCore::CSSFontFace::setStyle):
3205         (WebCore::CSSFontFace::setWeight):
3206         (WebCore::CSSFontFace::setUnicodeRange):
3207         (WebCore::CSSFontFace::setVariantLigatures):
3208         (WebCore::CSSFontFace::setVariantPosition):
3209         (WebCore::CSSFontFace::setVariantCaps):
3210         (WebCore::CSSFontFace::setVariantNumeric):
3211         (WebCore::CSSFontFace::setVariantAlternates):
3212         (WebCore::CSSFontFace::setVariantEastAsian):
3213         (WebCore::CSSFontFace::setFeatureSettings):
3214         (WebCore::CSSFontFace::initializeWrapper):
3215         (WebCore::CSSFontFace::wrapper):
3216         (WebCore::CSSFontFace::setWrapper):
3217         (WebCore::CSSFontFace::purgeable):
3218         (WebCore::CSSFontFace::updateStyleIfNeeded):
3219         * css/CSSFontFace.h:
3220         * css/CSSFontFaceSet.cpp:
3221         (WebCore::CSSFontFaceSet::remove):
3222         (WebCore::CSSFontFaceSet::containsCSSConnection):
3223         (WebCore::CSSFontFaceSet::purge):
3224         * css/CSSFontFaceSet.h:
3225         * css/CSSFontSelector.cpp:
3226         (WebCore::CSSFontSelector::buildStarted):
3227         (WebCore::CSSFontSelector::buildCompleted):
3228         (WebCore::CSSFontSelector::addFontFaceRule):
3229         * css/CSSFontSelector.h:
3230         * css/FontFace.cpp:
3231         (WebCore::FontFace::family):
3232         (WebCore::FontFace::style):
3233         (WebCore::FontFace::weight):
3234         (WebCore::FontFace::unicodeRange):
3235         (WebCore::FontFace::variant):
3236         (WebCore::FontFace::featureSettings):
3237         (WebCore::FontFace::adopt):
3238         * css/FontFace.h:
3239
3240 2016-06-09  Andy Estes  <aestes@apple.com>
3241
3242         Define printing{Minimum,Maximum}ShrinkFactor in only one place
3243         https://bugs.webkit.org/show_bug.cgi?id=158580
3244
3245         Reviewed by Tim Horton.
3246
3247         * page/PrintContext.cpp: Removed printingMinimumShrinkFactor and printingMaximumShrinkFactor.
3248         (WebCore::PrintContext::begin): Used minimumShrinkFactor() and maximumShrinkFactor() instead
3249         of printingMinimumShrinkFactor and printingMaximumShrinkFactor.
3250         (WebCore::PrintContext::computeAutomaticScaleFactor): Ditto.
3251         * page/PrintContext.h:
3252         (WebCore::PrintContext::minimumShrinkFactor): Added to return the same value as
3253         printingMinimumShrinkFactor.
3254         (WebCore::PrintContext::maximumShrinkFactor): Added to return the same value as
3255         printingMaximumShrinkFactor.
3256
3257 2016-06-09  Eric Carlson  <eric.carlson@apple.com>
3258
3259         Don't show the caption menu if a video has only forced tracks
3260         https://bugs.webkit.org/show_bug.cgi?id=158573
3261         <rdar://problem/24632384>
3262
3263         Reviewed by Jer Noble.
3264
3265         Test: media/controls/forced-tracks-only.html
3266
3267         * Modules/mediacontrols/mediaControlsApple.js:
3268         (Controller.prototype.updateCaptionButton): Don't show the button of there are no user-selectable
3269           text or audio tracks.
3270
3271         * page/CaptionUserPreferencesMediaAF.cpp:
3272         (WebCore::CaptionUserPreferencesMediaAF::sortedTrackListForMenu): Return an empty Vector if
3273           there are no user-selectable tracks.
3274
3275 2016-06-09  Jer Noble  <jer.noble@apple.com>
3276
3277         Pass through play state and toggle state to the WebPlaybackControlsManager
3278         https://bugs.webkit.org/show_bug.cgi?id=158578
3279         <rdar://problem/25045616>
3280
3281         Reviewed by Beth Dakin.
3282
3283         Pass through the isPlaying portion of setRate() and allow toggling when a model is present.
3284
3285         * platform/mac/WebPlaybackControlsManager.h:
3286         * platform/mac/WebPlaybackControlsManager.mm:
3287         * platform/mac/WebPlaybackSessionInterfaceMac.mm:
3288         (WebCore::WebPlaybackSessionInterfaceMac::setRate):
3289         (WebCore::WebPlaybackSessionInterfaceMac::setPlayBackControlsManager):
3290
3291 2016-06-09  Frederic Wang  <fred.wang@free.fr>
3292
3293         RenderMathOperator: Move calculation of preferred width into MathOperator
3294         https://bugs.webkit.org/show_bug.cgi?id=157071
3295
3296         Reviewed by Brent Fulgham.
3297
3298         No new tests, behavior is not change.
3299
3300         * rendering/mathml/MathOperator.cpp:
3301         (WebCore::MathOperator::setOperator): Introduce a style parameter and call reset.
3302         (WebCore::MathOperator::reset): New helper function to reset the operator.
3303         For now we only set the width of the base glyph and the preferred max width.
3304         (WebCore::MathOperator::calculateDisplayStyleLargeOperator): Calculate the m_maxPreferredWidth.
3305         (WebCore::MathOperator::calculateStretchyData): Change the signature of the function and directly set m_maxPreferredWidth.
3306         * rendering/mathml/MathOperator.h: Add m_maxPreferredWidth member and update some declarations.
3307         (WebCore::MathOperator::width): New helper function.
3308         (WebCore::MathOperator::maxPreferredWidth): New helper function.
3309         * rendering/mathml/RenderMathMLOperator.cpp:
3310         (WebCore::RenderMathMLOperator::computePreferredLogicalWidths): This function performs wrong
3311         operations that will be fixed in bug 152244 when we update the tests.
3312         For now, let's just use maxPreferredWidth() for non-horizontal operators.
3313         (WebCore::RenderMathMLOperator::updateStyle): Use the new signature of the functions.
3314
3315 2016-06-09  Alex Christensen  <achristensen@webkit.org>
3316
3317         Clean up WebSocket code
3318         https://bugs.webkit.org/show_bug.cgi?id=158551
3319
3320         Reviewed by Darin Adler.
3321
3322         No new tests.  There is no change in behavior.
3323         There seems to be no reason why SocketStreamHandle should be an AuthenticationClient.
3324
3325         * Modules/websockets/ThreadableWebSocketChannel.h:
3326         * Modules/websockets/ThreadableWebSocketChannelClientWrapper.cpp:
3327         (WebCore::ThreadableWebSocketChannelClientWrapper::setSendRequestResult):
3328         (WebCore::ThreadableWebSocketChannelClientWrapper::bufferedAmount):
3329         (WebCore::ThreadableWebSocketChannelClientWrapper::setBufferedAmount):
3330         (WebCore::ThreadableWebSocketChannelClientWrapper::didReceiveBinaryData):
3331         (WebCore::ThreadableWebSocketChannelClientWrapper::didUpdateBufferedAmount):
3332         (WebCore::ThreadableWebSocketChannelClientWrapper::didStartClosingHandshake):
3333         (WebCore::ThreadableWebSocketChannelClientWrapper::didClose):
3334         * Modules/websockets/ThreadableWebSocketChannelClientWrapper.h:
3335         * Modules/websockets/WebSocket.cpp:
3336         (WebCore::joinStrings):
3337         (WebCore::saturateAdd):
3338         (WebCore::WebSocket::send):
3339         (WebCore::WebSocket::readyState):
3340         (WebCore::WebSocket::bufferedAmount):
3341         (WebCore::WebSocket::didReceiveBinaryData):
3342         (WebCore::WebSocket::didReceiveMessageError):
3343         (WebCore::WebSocket::didUpdateBufferedAmount):
3344         (WebCore::WebSocket::didStartClosingHandshake):
3345         (WebCore::WebSocket::didClose):
3346         * Modules/websockets/WebSocket.h:
3347         * Modules/websockets/WebSocketChannel.cpp:
3348         (WebCore::WebSocketChannel::WebSocketChannel):
3349         (WebCore::WebSocketChannel::~WebSocketChannel):
3350         (WebCore::WebSocketChannel::send):
3351         (WebCore::WebSocketChannel::bufferedAmount):
3352         (WebCore::WebSocketChannel::resume):
3353         (WebCore::WebSocketChannel::willOpenSocketStream):
3354         (WebCore::WebSocketChannel::didOpenSocketStream):
3355         (WebCore::WebSocketChannel::didCloseSocketStream):
3356         (WebCore::WebSocketChannel::didReceiveSocketStreamData):
3357         (WebCore::WebSocketChannel::didUpdateBufferedAmount):
3358         (WebCore::WebSocketChannel::didFailSocketStream):
3359         (WebCore::WebSocketChannel::didStartLoading):
3360         (WebCore::WebSocketChannel::appendToBuffer):
3361         (WebCore::WebSocketChannel::processBuffer):
3362         (WebCore::WebSocketChannel::resumeTimerFired):
3363         (WebCore::WebSocketChannel::startClosingHandshake):
3364         (WebCore::WebSocketChannel::didReceiveAuthenticationChallenge): Deleted.
3365         (WebCore::WebSocketChannel::didCancelAuthenticationChallenge): Deleted.
3366         * Modules/websockets/WebSocketChannel.h:
3367         * Modules/websockets/WebSocketChannelClient.h:
3368         (WebCore::WebSocketChannelClient::~WebSocketChannelClient):
3369         (WebCore::WebSocketChannelClient::didConnect):
3370         (WebCore::WebSocketChannelClient::didReceiveMessage):
3371         (WebCore::WebSocketChannelClient::didReceiveBinaryData):
3372         (WebCore::WebSocketChannelClient::didReceiveMessageError):
3373         (WebCore::WebSocketChannelClient::didUpdateBufferedAmount):
3374         (WebCore::WebSocketChannelClient::didStartClosingHandshake):
3375         (WebCore::WebSocketChannelClient::didClose):
3376         (WebCore::WebSocketChannelClient::WebSocketChannelClient):
3377         * Modules/websockets/WorkerThreadableWebSocketChannel.cpp:
3378         (WebCore::WorkerThreadableWebSocketChannel::send):
3379         (WebCore::WorkerThreadableWebSocketChannel::bufferedAmount):
3380         (WebCore::WorkerThreadableWebSocketChannel::Peer::bufferedAmount):
3381         (WebCore::WorkerThreadableWebSocketChannel::Peer::didReceiveBinaryData):
3382         (WebCore::WorkerThreadableWebSocketChannel::Peer::didUpdateBufferedAmount):
3383         (WebCore::WorkerThreadableWebSocketChannel::Peer::didStartClosingHandshake):
3384         (WebCore::WorkerThreadableWebSocketChannel::Peer::didClose):
3385         (WebCore::WorkerThreadableWebSocketChannel::Bridge::send):
3386         (WebCore::WorkerThreadableWebSocketChannel::Bridge::bufferedAmount):
3387         * Modules/websockets/WorkerThreadableWebSocketChannel.h:
3388         * platform/network/BlobData.cpp:
3389         (WebCore::BlobData::appendData):
3390         (WebCore::BlobData::appendFile):
3391         * platform/network/BlobData.h:
3392         (WebCore::BlobDataItem::BlobDataItem):
3393         * platform/network/BlobRegistry.h:
3394         * platform/network/BlobRegistryImpl.cpp:
3395         (WebCore::BlobRegistryImpl::appendStorageItems):
3396         (WebCore::BlobRegistryImpl::registerFileBlobURL):
3397         (WebCore::BlobRegistryImpl::registerBlobURL):
3398         (WebCore::BlobRegistryImpl::registerBlobURLOptionallyFileBacked):
3399         (WebCore::BlobRegistryImpl::registerBlobURLForSlice):
3400         * platform/network/BlobRegistryImpl.h:
3401         * platform/network/SocketStreamHandleBase.cpp:
3402         (WebCore::SocketStreamHandleBase::send):
3403         (WebCore::SocketStreamHandleBase::disconnect):
3404         (WebCore::SocketStreamHandleBase::sendPendingData):
3405         * platform/network/SocketStreamHandleBase.h:
3406         * platform/network/SocketStreamHandleClient.h:
3407         (WebCore::SocketStreamHandleClient::~SocketStreamHandleClient):
3408         (WebCore::SocketStreamHandleClient::willOpenSocketStream):
3409         (WebCore::SocketStreamHandleClient::didOpenSocketStream):
3410         (WebCore::SocketStreamHandleClient::didCloseSocketStream):
3411         (WebCore::SocketStreamHandleClient::didReceiveSocketStreamData):
3412         (WebCore::SocketStreamHandleClient::didUpdateBufferedAmount):
3413         (WebCore::SocketStreamHandleClient::didFailSocketStream):
3414         (WebCore::SocketStreamHandleClient::didReceiveAuthenticationChallenge): Deleted.
3415         (WebCore::SocketStreamHandleClient::didCancelAuthenticationChallenge): Deleted.
3416         * platform/network/cf/SocketStreamHandle.h:
3417         (WebCore::SocketStreamHandle::create):
3418         (WebCore::SocketStreamHandle::refAuthenticationClient): Deleted.
3419         (WebCore::SocketStreamHandle::derefAuthenticationClient): Deleted.
3420         * platform/network/cf/SocketStreamHandleCFNet.cpp:
3421         (WebCore::SocketStreamHandle::SocketStreamHandle):
3422         (WebCore::SocketStreamHandle::addCONNECTCredentials):
3423         (WebCore::SocketStreamHandle::copyCFStreamDescription):
3424         (WebCore::SocketStreamHandle::readStreamCallback):
3425       &n