RenderBox::haveSameDirection is used only by table items.
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2016-07-25  Zalan Bujtas  <zalan@apple.com>
2
3         RenderBox::haveSameDirection is used only by table items.
4         https://bugs.webkit.org/show_bug.cgi?id=160141
5
6         Reviewed by Simon Fraser.
7
8         Remove RenderBox::haveSameDirection() since it's used only by RenderTable*
9         classes. The new stand alone function (with 2 arguments) now checks if both of
10         the objects are valid. 
11
12         No change in functionality.
13
14         * rendering/RenderBox.h:
15         (WebCore::RenderBox::hasSameDirectionAs): Deleted.
16         * rendering/RenderTable.cpp:
17         (WebCore::RenderTable::tableStartBorderAdjoiningCell):
18         (WebCore::RenderTable::tableEndBorderAdjoiningCell):
19         * rendering/RenderTable.h:
20         (WebCore::haveSameDirection):
21         * rendering/RenderTableCell.cpp:
22         (WebCore::RenderTableCell::hasStartBorderAdjoiningTable):
23         (WebCore::RenderTableCell::hasEndBorderAdjoiningTable):
24         * rendering/RenderTableCell.h:
25         (WebCore::RenderTableCell::borderAdjoiningTableStart):
26         (WebCore::RenderTableCell::borderAdjoiningTableEnd):
27         * rendering/RenderTableRow.h:
28         (WebCore::RenderTableRow::borderAdjoiningTableStart):
29         (WebCore::RenderTableRow::borderAdjoiningTableEnd):
30         * rendering/RenderTableSection.cpp:
31         (WebCore::RenderTableSection::borderAdjoiningStartCell):
32         (WebCore::RenderTableSection::borderAdjoiningEndCell):
33         (WebCore::RenderTableSection::firstRowCellAdjoiningTableStart):
34         (WebCore::RenderTableSection::firstRowCellAdjoiningTableEnd):
35         * rendering/RenderTableSection.h:
36         (WebCore::RenderTableSection::borderAdjoiningTableStart):
37         (WebCore::RenderTableSection::borderAdjoiningTableEnd):
38
39 2016-07-25  Chris Dumez  <cdumez@apple.com>
40
41         ClientRect properties should be on the prototype
42         https://bugs.webkit.org/show_bug.cgi?id=160165
43
44         Reviewed by Geoffrey Garen.
45
46         Move ClientRect properties from the instance to the prototype. This
47         matches the specification, Firefox and Chrome.
48
49         Also add a serializer to ClientRect in order to match the specification:
50         - https://drafts.fxtf.org/geometry/Overview.html#domrectreadonly
51         - https://heycam.github.io/webidl/#es-serializer
52
53         This avoids breaking content that relies on JSON.stringify() to
54         serialize ClientRect objects.
55
56         Tests: fast/css/ClientRect-attributes-prototype.html
57                fast/css/ClientRect-serialization.html
58
59         * CMakeLists.txt:
60         * WebCore.xcodeproj/project.pbxproj:
61         * bindings/js/JSBindingsAllInOne.cpp:
62         * bindings/js/JSClientRectCustom.cpp: Added.
63         (WebCore::JSClientRect::toJSON):
64         * bindings/scripts/CodeGeneratorJS.pm:
65         * dom/ClientRect.idl:
66
67 2016-07-25  Chris Dumez  <cdumez@apple.com>
68
69         Parameters to DOMImplementation.createDocumentType() should be mandatory and non-nullable
70         https://bugs.webkit.org/show_bug.cgi?id=160167
71
72         Reviewed by Ryosuke Niwa.
73
74         Parameters to DOMImplementation.createDocumentType() should be mandatory
75         and non-nullable:
76         - https://dom.spec.whatwg.org/#domimplementation
77
78         Firefox and Chrome both agree with the specification. However, those
79         parameters were nullable and optional in WebKit.
80
81         Test: fast/dom/DOMImplementation/createDocumentType-parameters.html
82
83         * dom/DOMImplementation.idl:
84
85 2016-07-25  Wenson Hsieh  <wenson_hsieh@apple.com>
86
87         Media controls should not be displayed for a video until it starts playing
88         https://bugs.webkit.org/show_bug.cgi?id=160092
89         <rdar://problem/26986673>
90
91         Reviewed by Beth Dakin.
92
93         For videos that have never played back yet, we should not show media controls. To ensure this
94         behavior, we ensure that the playback behavior restriction is set upon creating the media
95         element. This restriction is then removed when the media element begins to play.
96
97         Added two new WebKit API tests.
98
99         * html/HTMLMediaElement.cpp:
100         (WebCore::HTMLMediaElement::HTMLMediaElement):
101
102 2016-07-25  Jiewen Tan  <jiewen_tan@apple.com>
103
104         Rename SubtleCrypto to WebKitSubtleCrypto
105         https://bugs.webkit.org/show_bug.cgi?id=160067
106         <rdar://problem/27483617>
107
108         Reviewed by Brent Fulgham.
109
110         Tests: crypto/webkitSubtle/gc-2.html
111                crypto/webkitSubtle/gc-3.html
112                crypto/webkitSubtle/gc.html
113
114         Rename Class SubtleCrypto to WebKitSubtleCrypto, and Crypto.subtle to Crypto.webkitSubtle in order
115         to let the new implementation to reuse the name SubtleCrypto. This renaming should match what our
116         current JSBindings use, and therefore should not introduce any change of behavoir.
117
118         * CMakeLists.txt:
119         Revise project files for for new file names.
120         * DerivedSources.cpp:
121         * DerivedSources.make:
122         * PlatformEfl.cmake:
123         * PlatformGTK.cmake:
124         * PlatformMac.cmake:
125         * WebCore.xcodeproj/project.pbxproj:
126         Revise project files for for new file names.
127         * bindings/js/JSWebKitSubtleCryptoCustom.cpp: Renamed from Source/WebCore/bindings/js/JSSubtleCryptoCustom.cpp.
128         * crypto/WebKitSubtleCrypto.cpp: Renamed from Source/WebCore/crypto/SubtleCrypto.cpp.
129         * crypto/WebKitSubtleCrypto.h: Renamed from Source/WebCore/crypto/SubtleCrypto.h.
130         * crypto/WebKitSubtleCrypto.idl: Renamed from Source/WebCore/crypto/SubtleCrypto.idl.
131         * page/Crypto.cpp:
132         (WebCore::Crypto::webkitSubtle):
133         (WebCore::Crypto::subtle): Deleted.
134         * page/Crypto.h:
135         * page/Crypto.idl:
136
137 2016-07-25  Brady Eidson  <beidson@apple.com>
138
139         Allow LocalStorage by default for file URLs.
140         https://bugs.webkit.org/show_bug.cgi?id=160169
141
142         Reviewed by Brent Fulgham.
143
144         Test: storage/domstorage/localstorage/file-can-access.html
145
146         * page/SecurityOrigin.cpp:
147         (WebCore::SecurityOrigin::canAccessStorage): Remove the m_universalAccess check for local URLs.
148
149 2016-07-25  Nan Wang  <n_wang@apple.com>
150
151         AX: AccessibilityRenderObject is adding duplicated children when CSS first-letter is being used.
152         https://bugs.webkit.org/show_bug.cgi?id=160155
153
154         Reviewed by Chris Fleizach.
155
156         We were adding the same text node twice if CSS first-letter selector was being used. Added a
157         check for the inline continuation so that we only add it once. 
158
159         Test: accessibility/mac/css-first-letter-children.html
160
161         * accessibility/AccessibilityRenderObject.cpp:
162         (WebCore::firstChildConsideringContinuation):
163
164 2016-07-25  Wenson Hsieh  <wenson_hsieh@apple.com>
165
166         Media controls on apple.com don't disappear when movie finishes playing
167         https://bugs.webkit.org/show_bug.cgi?id=160068
168         <rdar://problem/26668526>
169
170         Reviewed by Darin Adler.
171
172         When a video ends, it should cause media controls to hide. While current logic
173         mostly accounts for this, it does not account for programmatic seeks causing
174         the video to lose its 'ended' status before querying for whether or not to
175         show media controls.
176
177         Three new API tests: large-video-seek-after-ending.html
178         large-video-hides-controls-after-seek-to-end.html
179         large-video-seek-to-beginning-and-play-after-ending.html
180
181         * html/HTMLMediaElement.cpp:
182         (WebCore::HTMLMediaElement::mediaPlayerTimeChanged):
183         (WebCore::HTMLMediaElement::setPlaying):
184         * html/MediaElementSession.cpp:
185         (WebCore::MediaElementSession::canControlControlsManager):
186         * html/MediaElementSession.h:
187
188 2016-07-25  Frederic Wang  <fwang@igalia.com>
189
190         Introduce a MathMLOperatorElement class
191         https://bugs.webkit.org/show_bug.cgi?id=160034
192
193         Reviewed by Darin Adler.
194
195         No new tests, rendering is unchaned.
196
197         * CMakeLists.txt: Add MathMLOperatorElement to the build file.
198         * WebCore.xcodeproj/project.pbxproj: Ditto.
199         * mathml/MathMLAllInOne.cpp: Ditto.
200         * mathml/MathMLOperatorElement.cpp: New DOM class for <mo> element.
201         (WebCore::MathMLOperatorElement::MathMLOperatorElement):
202         (WebCore::MathMLOperatorElement::create):
203         (WebCore::MathMLOperatorElement::parseAttribute): Handle mo attributes.
204         (WebCore::MathMLOperatorElement::createElementRenderer): Create RenderMathMLOperator.
205         * mathml/MathMLOperatorElement.h: Declare a class deriving from MathMLTextElement.
206         * mathml/MathMLTextElement.cpp: Remove all the RenderMathMLOperator parts.
207         (WebCore::MathMLTextElement::MathMLTextElement): Remove inline keyword so that the class can
208         be overriden.
209         (WebCore::MathMLTextElement::parseAttribute): Remove code handled in MathMLOperatorElement.
210         (WebCore::MathMLTextElement::createElementRenderer): Ditto.
211         * mathml/MathMLTextElement.h: Make class and members overridable.
212         * mathml/mathtags.in: Map mo to MathMLOperatorElement.
213         * rendering/mathml/RenderMathMLOperator.cpp:
214         (WebCore::RenderMathMLOperator::RenderMathMLOperator): Make the constructor take a
215         MathMLOperatorElement.
216         * rendering/mathml/RenderMathMLOperator.h: Ditto.
217
218 2016-07-25  Darin Adler  <darin@apple.com>
219
220         Speed up make process slightly by improving "list of files" idiom
221         https://bugs.webkit.org/show_bug.cgi?id=160164
222
223         Reviewed by Mark Lam.
224
225         * DerivedSources.make: Change rules that build lists of files to only run when
226         DerivedSources.make has been modified since the last time they were run. Since the
227         list of files are inside this file, this is safe, and this is faster than always
228         comparing and regenerating the file containing the list of files each time.
229
230 2016-07-24  Wenson Hsieh  <wenson_hsieh@apple.com>
231
232         The web process hangs when computing elements-based snap points for a container with large max scroll offset
233         https://bugs.webkit.org/show_bug.cgi?id=152605
234         <rdar://problem/25353661>
235
236         Reviewed by Simon Fraser.
237
238         Fixes a bug in the computation of axis snap points. The ScrollSnapPoints object, which tracks
239         snap points along a particular axis, has two flags, hasRepeat and usesElements. For elements-
240         based snapping, both flags would be turned on, since StyleBuilderConverter::convertScrollSnapPoints
241         short-circuits for elements-based snapping and does not default usesRepeat to false. To address this,
242         we make ScrollSnapPoints not repeat(100%) by default.
243
244         Test: css3/scroll-snap/scroll-snap-elements-container-larger-than-children.html
245
246         * css/StyleBuilderConverter.h:
247         (WebCore::StyleBuilderConverter::convertScrollSnapPoints): Deleted.
248         * rendering/style/StyleScrollSnapPoints.cpp:
249         (WebCore::ScrollSnapPoints::ScrollSnapPoints):
250
251 2016-07-25  Carlos Garcia Campos  <cgarcia@igalia.com>
252
253         REGRESSION(r200931): Invalid cast in highestAncestorToWrapMarkup()
254         https://bugs.webkit.org/show_bug.cgi?id=160163
255
256         Reviewed by Michael Catanzaro.
257
258         Since r200931 the result of enclosingNodeOfType() in highestAncestorToWrapMarkup() is downcasted to Element, but
259         the result of enclosingNodeOfType() can be a Node that is not an Element, in this case is Text. The cast is not
260         needed at all since that node is passed to editingIgnoresContent() and selectionFromContentsOfNode() and both
261         receive a Node not an Element.
262
263         * editing/markup.cpp:
264         (WebCore::highestAncestorToWrapMarkup): Remove invalid cast.
265
266 2016-07-25  Carlos Garcia Campos  <cgarcia@igalia.com>
267
268         [Coordinated Graphics] ASSERTION FAILED: m_coordinator->isFlushingLayerChanges() in fast/repaint/animation-after-layer-scroll.html
269         https://bugs.webkit.org/show_bug.cgi?id=160156
270
271         Reviewed by Michael Catanzaro.
272
273         So, we fixed an assertion in r203663, but now is hitting the next one. As explained in bug #160142, flush
274         compositing state can be triggered in tests by RenderLayerCompositor::layerTreeAsText(), without the coordinator
275         even noticing it, so the assert can be just removed.
276
277         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
278         (WebCore::CoordinatedGraphicsLayer::flushCompositingStateForThisLayerOnly): Remove incorrect assert.
279
280 2016-07-25  Zalan Bujtas  <zalan@apple.com>
281
282         EllipsisBox ctor's isVertical parameter should read isHorizontal.
283         https://bugs.webkit.org/show_bug.cgi?id=160153
284
285         Reviewed by Andreas Kling.
286
287         It indicates whether the ellipsis box is horizontal. (both the callsites
288         and the parent class use isHorizontal)
289
290         No change in functionality.
291
292         * rendering/EllipsisBox.cpp:
293         (WebCore::EllipsisBox::EllipsisBox):
294         * rendering/EllipsisBox.h:
295
296 2016-07-25  Sergio Villar Senin  <svillar@igalia.com>
297
298         [css-grid] Implement repeat(auto-fit)
299         https://bugs.webkit.org/show_bug.cgi?id=159771
300
301         Reviewed by Darin Adler.
302
303         The auto-fit keyword works exactly as the already implemented auto-fill except that all
304         empty tracks collapse (became 0px). Absolutely positioned items do not participate on the
305         layout of the grid so they are not considered (a grid with only absolutely positioned items
306         is considered an empty grid).
307
308         Whenever a track collapses the gutters on either side do also collapse. When a collapsed
309         track's gutters collapse, they coincide exactly. If one side of a collapsed track does not
310         have a gutter then collapsing its gutters results in no gutter on either "side" of the
311         collapsed track.
312
313         In practice this means that is not possible to know the gap between 2 consecutive auto
314         repeat tracks without examining some others whenever there are collapsed tracks.
315
316         Uncommented the auto-fit cases from Mozilla tests. They have to be adapted as the reftest
317         machinery requires all the content to be rendered in the original 800x600 viewport.
318
319         Tests: fast/css-grid-layout/grid-auto-fit-columns.html
320         fast/css-grid-layout/grid-auto-fit-rows.html
321         fast/css-grid-layout/mozilla/grid-repeat-auto-fill-fit-005-part-1.html
322         fast/css-grid-layout/mozilla/grid-repeat-auto-fill-fit-005-part-2.html
323
324         * css/CSSComputedStyleDeclaration.cpp:
325         (WebCore::valueForGridTrackList): Use the newly added trackSizesForComputedStyle().
326         * rendering/RenderGrid.cpp:
327         (WebCore::RenderGrid::computeTrackBasedLogicalHeight):
328         (WebCore::RenderGrid::computeTrackSizesForDirection):
329         (WebCore::RenderGrid::isEmptyAutoRepeatTrack):
330         (WebCore::RenderGrid::gridGapForDirection): Returns the gap directly from the style.
331         (WebCore::RenderGrid::guttersSize): Computes the gap between a startLine and an
332         endLine. This method may need to inspect some other surrounding tracks to compute the gap.
333         (WebCore::RenderGrid::computeIntrinsicLogicalWidths):
334         (WebCore::RenderGrid::computeIntrinsicLogicalHeight):
335         (WebCore::RenderGrid::computeUsedBreadthOfGridTracks):
336         (WebCore::RenderGrid::gridTrackSize):
337         (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForItems):
338         (WebCore::RenderGrid::computeAutoRepeatTracksCount):
339         (WebCore::RenderGrid::computeEmptyTracksForAutoRepeat): Returns a Vector with the auto
340         repeat tracks that are going to be collapsed because they're empty.
341         (WebCore::RenderGrid::placeItemsOnGrid):
342         (WebCore::RenderGrid::trackSizesForComputedStyle): Used by ComputedStyle logic to print the
343         size of tracks. Added in order to hide the actual contents of m_columnPositions and
344         m_rowPositions to the outter world.
345         (WebCore::RenderGrid::offsetAndBreadthForPositionedChild):
346         (WebCore::RenderGrid::gridAreaBreadthForChild):
347         (WebCore::RenderGrid::populateGridPositionsForDirection): Added some extra code to compute
348         gaps as they cannot be directly added between tracks in case of having collapsed tracks.
349         (WebCore::RenderGrid::columnAxisOffsetForChild):
350         (WebCore::RenderGrid::rowAxisOffsetForChild):
351         (WebCore::RenderGrid::offsetBetweenTracks): Deleted.
352         * rendering/RenderGrid.h: Made some API private. Added new required methods/attributes.
353
354         * css/CSSComputedStyleDeclaration.cpp:
355         (WebCore::valueForGridTrackList):
356         * rendering/RenderGrid.cpp:
357         (WebCore::RenderGrid::computeTrackBasedLogicalHeight):
358         (WebCore::RenderGrid::computeTrackSizesForDirection):
359         (WebCore::RenderGrid::hasAutoRepeatEmptyTracks):
360         (WebCore::RenderGrid::isEmptyAutoRepeatTrack):
361         (WebCore::RenderGrid::gridGapForDirection):
362         (WebCore::RenderGrid::guttersSize):
363         (WebCore::RenderGrid::computeIntrinsicLogicalWidths):
364         (WebCore::RenderGrid::computeIntrinsicLogicalHeight):
365         (WebCore::RenderGrid::computeUsedBreadthOfGridTracks):
366         (WebCore::RenderGrid::gridTrackSize):
367         (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForItems):
368         (WebCore::RenderGrid::computeAutoRepeatTracksCount):
369         (WebCore::RenderGrid::computeEmptyTracksForAutoRepeat):
370         (WebCore::RenderGrid::placeItemsOnGrid):
371         (WebCore::RenderGrid::trackSizesForComputedStyle):
372         (WebCore::RenderGrid::offsetAndBreadthForPositionedChild):
373         (WebCore::RenderGrid::assumedRowsSizeForOrthogonalChild):
374         (WebCore::RenderGrid::gridAreaBreadthForChild):
375         (WebCore::RenderGrid::populateGridPositionsForDirection):
376         (WebCore::RenderGrid::columnAxisOffsetForChild):
377         (WebCore::RenderGrid::rowAxisOffsetForChild):
378         (WebCore::RenderGrid::offsetBetweenTracks): Deleted.
379         * rendering/RenderGrid.h:
380
381 2016-07-24  Frederic Wang  <fwang@igalia.com>
382
383         Move parsing of display, displaystyle and mathvariant attributes into MathML element classes
384         https://bugs.webkit.org/show_bug.cgi?id=159623
385
386         Reviewed by Brent Fulgham.
387
388         No new tests, already covered by existing tests.
389
390         * mathml/MathMLElement.cpp:
391         (WebCore::MathMLElement::parseMathVariantAttribute): Move helper function to parse the
392         mathvariant attribute.
393         (WebCore::MathMLElement::getSpecifiedDisplayStyle): Helper function to set the displaystyle
394         value from the attribute specified on the MathML element.
395         (WebCore::MathMLElement::getSpecifiedMathVariant): Helper function to set the mathvariant
396         value from the attribute specified on the MathML element.
397         * mathml/MathMLElement.h: Move the enum for mathvariant values and declare new members.
398         (WebCore::MathMLElement::acceptsDisplayStyleAttribute): Indicate whether the element accepts
399         displaystyle attribute (false for most of them).
400         (WebCore::MathMLElement::acceptsMathVariantAttribute): Indicate whether the element accepts
401         mathvariant attribute (false for most of them).
402         * mathml/MathMLInlineContainerElement.cpp:
403         (WebCore::MathMLInlineContainerElement::acceptsDisplayStyleAttribute): Add mstyle and mtable
404         to the list of elements accepting the displaystyle attribute.
405         (WebCore::MathMLInlineContainerElement::acceptsMathVariantAttribute): Add mstyle to the list
406         of elements accepting the mathvariant attribute.
407         (WebCore::MathMLInlineContainerElement::parseAttribute): Mark displaystyle and mathvariant
408         dirty if necessary. Also use the new accepts*Attribute function.
409         * mathml/MathMLInlineContainerElement.h: Declare overridden accepts*Attribute members.
410         * mathml/MathMLMathElement.cpp:
411         (WebCore::MathMLMathElement::getSpecifiedDisplayStyle): Override acceptsDisplayStyleAttribute
412         so that the display attribute is also used to set the default value if the displaystyle
413         attribute is absent.
414         (WebCore::MathMLMathElement::parseAttribute): Mark displaystyle and mathvariant dirty if
415         necessary. We directly MathMLElement::parseAttribute to avoid duplicate work.
416         * mathml/MathMLMathElement.h: Add the math tag to the list of elements accepting the
417         displaystyle and mathvariant attributes. Declare overridden getSpecifiedDisplayStyle.
418         * mathml/MathMLTextElement.cpp:
419         (WebCore::MathMLTextElement::parseAttribute): Mark mathvariant as dirty.
420         * mathml/MathMLTextElement.h: Add token elements to the list of elements accepting the
421         mathvariant attribute.
422         * rendering/mathml/MathMLStyle.cpp:
423         (WebCore::MathMLStyle::updateStyleIfNeeded): Use the new MathMLElement::MathVariant enum.
424         (WebCore::MathMLStyle::resolveMathMLStyle):  We no longer parse the display value to
425         initialize the default value on the math tag, because this is handled in
426         getSpecifiedDisplayStyle. In general, we also just call getSpecifiedDisplayStyle and
427         getSpecifiedMathVariant on the MathML elements instead of parsing the displaystyle and
428         mathvariant attributes here.
429         (WebCore::MathMLStyle::parseMathVariant): Deleted. This is moved into MathMLElement.
430         * rendering/mathml/MathMLStyle.h: Use the new MathMLElement::MathVariant enum.
431         * rendering/mathml/RenderMathMLToken.cpp: Ditto.
432         (WebCore::mathVariant): Ditto.
433         (WebCore::RenderMathMLToken::updateMathVariantGlyph): Ditto.
434
435 2016-07-25  Carlos Garcia Campos  <cgarcia@igalia.com>
436
437         Unreviewed. Remove unneeded header includes from CoordinatedGraphicsLayer.
438
439         Not only thjey are not needed, they are a layer violation, CoordinatedGraphicsLayer shouldn't know anything
440         about Page, Frame and FrameView.
441
442         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
443         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
444
445 2016-07-24  Youenn Fablet  <youenn@apple.com>
446
447         [Fetch API] Request should be created with any HeadersInit data
448         https://bugs.webkit.org/show_bug.cgi?id=159672
449
450         Reviewed by Sam Weinig.
451
452         Made Request use JSBuiltinConstructor.
453         This allows initializing newly created Request with a JS built-in function, initializeFetchRequest.
454         initializeFetchRequest can call @fillFetchHeaders internal built-in to handle any HeadersInit data.
455         Future effort should be made to migrate more initialization code in initializeFetchRequest.
456
457         Made window and worker fetch function as a JS built-in.
458         This becomes more handy as these new functions can construct the Request object.
459         They can then call a single private function that takes a Request object as input.
460         Updated DOMWindowFetch and WorkerGlobalScopeFetch code accordingly.
461
462         To enable this, the binding generator is updated to support runtime-enabled JS built-in functions and
463         private functions atttached to global objects.
464
465         Covered by existing and modified tests.
466         Binding generator test covered by updated binding tests.
467
468         * CMakeLists.txt: Adding DOMWindowFetch.js, FetchRequest.js and WorkerGlobalScopeFetch.js built-in files.
469         * DerivedSources.make: Ditto.
470         * Modules/fetch/DOMWindowFetch.cpp: Removed overloaded fetch and updated according new signature.
471         (WebCore::DOMWindowFetch::fetch):
472         * Modules/fetch/DOMWindowFetch.h: Ditto.
473         * Modules/fetch/DOMWindowFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
474         * Modules/fetch/DOMWindowFetch.js: Added.
475         (fetch):
476         * Modules/fetch/FetchHeaders.h:
477         (WebCore::FetchHeaders::setGuard): Used by FetchRequest when initializing headers.
478         * Modules/fetch/FetchRequest.cpp: 
479         (WebCore::buildHeaders): Removed as implemented in JS.
480         (WebCore::FetchRequest::initializeOptions): Added to handle most of the dictionary initialization.
481         (WebCore::FetchRequest::initializeWith): Method called from built-in constructor function.
482         (WebCore::FetchRequest::setBody): Corresponding to @setBody private method.
483         (WebCore::buildBody): Deleted.
484         * Modules/fetch/FetchRequest.h:
485         * Modules/fetch/FetchRequest.idl:
486         * Modules/fetch/FetchRequest.js: Added.
487         (initializeFetchRequest): Implements fetch Request(input, init) constructor.
488         * Modules/fetch/FetchResponse.cpp:
489         (WebCore::FetchResponse::fetch): Removed the construction of FetchRequest in fetch method since it is done by JS built-in code.
490         * Modules/fetch/FetchResponse.h:
491         * Modules/fetch/WorkerGlobalScopeFetch.cpp: Removed overloaded fetch and updated according new signature.
492         (WebCore::WorkerGlobalScopeFetch::fetch):
493         * Modules/fetch/WorkerGlobalScopeFetch.h: Ditto.
494         * Modules/fetch/WorkerGlobalScopeFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
495         * Modules/fetch/WorkerGlobalScopeFetch.js: Added.
496         (fetch):
497         * bindings/js/WebCoreBuiltinNames.h: Adding fetchRequest, setBody and Request private identifiers.
498         * bindings/scripts/CodeGenerator.pm:
499         (WK_lcfirst): Replacing dOM by dom.
500         * bindings/scripts/CodeGeneratorJS.pm:
501         (GenerateImplementation): Adding support for runtime-enabled built-in methods and private methods.
502         * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
503         (WebCore::JSTestGlobalObject::finishCreation):
504         (WebCore::jsTestGlobalObjectInstanceFunctionTestPrivateFunction):
505         * bindings/scripts/test/ObjC/DOMTestGlobalObject.mm:
506         (-[DOMTestGlobalObject testJSBuiltinFunction]):
507         * bindings/scripts/test/TestGlobalObject.idl: Adding tests for runtime-enabled global built-in methods and private methods.
508
509 2016-07-24  Nan Wang  <n_wang@apple.com>
510
511         AX: Video Controls: Volume cannot be adjusted using VO.
512         https://bugs.webkit.org/show_bug.cgi?id=160107
513
514         Reviewed by Dean Jackson.
515
516         The volume slider in video tag had 0.01 step which caused the screen reader adjusting it slowly.
517         Changed the step to 0.05 and added the aria-valuetext attribute to the slider, so that the value
518         is spoken in percentage. 
519
520         Test: accessibility/mac/video-volume-slider-accessibility.html
521
522         * Modules/mediacontrols/mediaControlsApple.js:
523         (Controller.prototype.createControls):
524         (Controller.prototype.handleVolumeSliderInput):
525         (Controller.prototype.updateVolume):
526
527 2016-07-24  David Kilzer  <ddkilzer@apple.com>
528
529         REGRESSION (r203106): Crash in WebCore::MathMLElement::parseMathMLLength()
530         <https://webkit.org/b/160111>
531         <rdar://problem/27506489>
532
533         Reviewed by Chris Dumez.
534
535         Test: mathml/mpadded-crash.html
536
537         * mathml/MathMLElement.cpp:
538         (WebCore::skipLeadingAndTrailingWhitespace): Change to take
539         StringView parameter instead of String to avoid creating a
540         temporary String that's released on return.
541
542 2016-07-24  Carlos Garcia Campos  <cgarcia@igalia.com>
543
544         [Coordinated Graphics] ASSERTION FAILED: !m_flushingLayers in fast/repaint/animation-after-layer-scroll.html
545         https://bugs.webkit.org/show_bug.cgi?id=160142
546
547         Reviewed by Michael Catanzaro.
548
549         This only happens in layout tests, because it happens when RenderLayerCompositor::layerTreeAsText() is
550         called. The thing is that CoordinatedGraphicsLayer::flushCompositingState() calls notifyFlushRequired() that
551         checks if the coordinator is flusing layers and if not it calls RenderLayerCompositor::notifyFlushRequired() and
552         returns early. This normally works because the coodinator is the one starting the layer flush, so that when
553         RenderLayerCompositor::flushPendingLayerChanges() is called the coordinator is always flusing layers. But
554         RenderLayerCompositor::layerTreeAsText() calls RenderLayerCompositor::flushPendingLayerChanges() directly, so at
555         that moment the coordinator is not flusing layers, what causes that
556         CoordinatedGraphicsLayer::flushCompositingState() ends up calling RenderLayerCompositor::notifyFlushRequired()
557         that schedules a new flush while flusing layers causing the
558         assertion. CoordinatedGraphicsLayer::flushCompositingState() is always called from
559         CompositingCoordinator::flushPendingLayerChanges() or RenderLayerCompositor::flushPendingLayerChanges() so we
560         never need to call RenderLayerCompositor::notifyFlushRequired() from there.
561
562         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
563         (WebCore::CoordinatedGraphicsLayer::notifyFlushRequired): This is void now since the return value is not checked anywhere.
564         (WebCore::CoordinatedGraphicsLayer::flushCompositingState): Remove the call to notifyFlushRequired().
565         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
566
567 2016-07-24  Darin Adler  <darin@apple.com>
568
569         Adding a new WebCore JavaScript built-in source file does not trigger rebuild of WebCoreJSBuiltins*
570         https://bugs.webkit.org/show_bug.cgi?id=160115
571
572         Reviewed by Youenn Fablet.
573
574         * DerivedSources.make: Added a missing dependency so the rule that builds WebCore_BUILTINS_WRAPPERS
575         kicks in when the list of WebCore_BUILTINS_SOURCES is modified. Also added another missing dependency
576         so that changes to the JavaScript built-ins Python scripts will also trigger WebCore_BUILTINS_WRAPPERS.
577
578         * make-generated-sources.sh: Removed. Was unused.
579
580 2016-07-23  Zalan Bujtas  <zalan@apple.com>
581
582         Stop isEmpty() from leaking out of SVG.
583         https://bugs.webkit.org/show_bug.cgi?id=160121
584
585         Reviewed by Simon Fraser.
586
587         It's unclear what isEmpty() actually means and it doesn't bring any value to Render* classes.
588
589         No change in functionality.
590
591         * editing/CompositeEditCommand.cpp:
592         (WebCore::CompositeEditCommand::addBlockPlaceholderIfNeeded):
593         * rendering/RenderElement.h:
594         * rendering/RenderListItem.cpp:
595         (WebCore::RenderListItem::isEmpty): Deleted.
596         * rendering/RenderListItem.h:
597         * rendering/RenderObject.h:
598         (WebCore::RenderObject::isEmpty): Deleted.
599         * rendering/RenderRubyRun.cpp:
600         (WebCore::RenderRubyRun::removeChild):
601         (WebCore::RenderRubyRun::isEmpty): Deleted.
602         * rendering/RenderRubyRun.h:
603         * rendering/mathml/RenderMathMLFenced.cpp:
604         (WebCore::RenderMathMLFenced::updateFromElement):
605         (WebCore::RenderMathMLFenced::addChild):
606         * rendering/mathml/RenderMathMLRoot.cpp:
607         (WebCore::RenderMathMLRoot::paint):
608         * rendering/svg/RenderSVGShape.h:
609
610 2016-07-23  Zalan Bujtas  <zalan@apple.com>
611
612         table*BorderAdjoiningCell and borderAdjoiningCell* should take reference instead of RenderTableCell*.
613         https://bugs.webkit.org/show_bug.cgi?id=160123
614
615         Reviewed by Simon Fraser.
616
617         No change in functionality.
618
619         * rendering/RenderTable.cpp:
620         (WebCore::RenderTable::tableStartBorderAdjoiningCell):
621         (WebCore::RenderTable::tableEndBorderAdjoiningCell):
622         * rendering/RenderTable.h:
623         * rendering/RenderTableCell.cpp:
624         (WebCore::RenderTableCell::computeCollapsedStartBorder):
625         (WebCore::RenderTableCell::computeCollapsedEndBorder):
626         * rendering/RenderTableCell.h:
627         (WebCore::RenderTableCell::borderAdjoiningCellBefore):
628         (WebCore::RenderTableCell::borderAdjoiningCellAfter):
629         * rendering/RenderTableCol.cpp:
630         (WebCore::RenderTableCol::borderAdjoiningCellStartBorder):
631         (WebCore::RenderTableCol::borderAdjoiningCellEndBorder):
632         (WebCore::RenderTableCol::borderAdjoiningCellBefore):
633         (WebCore::RenderTableCol::borderAdjoiningCellAfter):
634         * rendering/RenderTableCol.h:
635         * rendering/RenderTableRow.cpp:
636         (WebCore::RenderTableRow::borderAdjoiningStartCell):
637         (WebCore::RenderTableRow::borderAdjoiningEndCell):
638         * rendering/RenderTableRow.h:
639         * rendering/RenderTableSection.cpp:
640         (WebCore::RenderTableSection::borderAdjoiningStartCell):
641         (WebCore::RenderTableSection::borderAdjoiningEndCell):
642         * rendering/RenderTableSection.h:
643
644 2016-07-23  Zalan Bujtas  <zalan@apple.com>
645
646         Remove unused enum and stale comment from RenderObject.
647         https://bugs.webkit.org/show_bug.cgi?id=160122
648
649         Reviewed by Simon Fraser.
650
651         No change in functionality.
652
653         * rendering/RenderBox.h:
654
655 2016-07-23  Carlos Garcia Campos  <cgarcia@igalia.com>
656
657         [Coordinated Graphics] Lots of flaky tests
658         https://bugs.webkit.org/show_bug.cgi?id=160118
659
660         Reviewed by Michael Catanzaro.
661
662         Since the GTK+ ported to threaded compositor (coordinated graphics) there are a lot of flaky tests in the
663         bots. In manu of the cases the diff shows a different size in the FrameView layer.
664
665         This happens for tests run in the same WTR after fast/fixed-layout/fixed-layout.html. This is what happens:
666
667          1.- Test fast/fixed-layout/fixed-layout.html runs and sets fixed layout to true and fixed layout size to 400x400
668          2.- When it finishes TestController::resetStateToConsistentValues() is called.
669          3.- Blank URL is loaded after state has been updated
670          4.- Then Reset message is handled in the web process and Internals::resetToConsistentState() resets the fixed
671              layout state and size.
672          5.- onresize happens and the handler set in fast/fixed-layout/fixed-layout.html is invoked setting the fixed
673              layout to true and size to 400x400 again.
674          6.- about_blank is then loaded with the fixed layout enabled, as well as other tests after this one.
675
676         In addition to this, coordinated graphics uses a fixedVisibleContentRect in ScrollView that is never reset.
677
678         * platform/ScrollView.cpp:
679         (WebCore::ScrollView::unscaledVisibleContentSizeIncludingObscuredArea): Only use m_fixedVisibleContentRect when
680         fixed layout is enabled.
681         (WebCore::ScrollView::unscaledUnobscuredVisibleContentSize): Ditto.
682         (WebCore::ScrollView::visibleContentRectInternal): Ditto.
683         * testing/Internals.cpp:
684         (WebCore::Internals::resetToConsistentState): Reset also the m_fixedVisibleContentRect.
685
686 2016-07-23  Carlos Garcia Campos  <cgarcia@igalia.com>
687
688         [Coordinated Graphics] Test imported/blink/svg/custom/svg-image-layers-crash.html crashes
689         https://bugs.webkit.org/show_bug.cgi?id=160078
690
691         Reviewed by Michael Catanzaro.
692
693         This is a merge of Blink r155373.
694         https://chromiumcodereview.appspot.com/20789004
695
696         Disable accelerated compositing for SVGImage content layers. SVGImageChromeClient does not support it.
697
698         Fixes imported/blink/svg/custom/svg-image-layers-crash.html.
699
700         * svg/graphics/SVGImage.cpp:
701         (WebCore::SVGImage::dataChanged):
702
703 2016-07-23  Commit Queue  <commit-queue@webkit.org>
704
705         Unreviewed, rolling out r203641.
706         https://bugs.webkit.org/show_bug.cgi?id=160116
707
708         It broke make-based builds (Requested by youenn on #webkit).
709
710         Reverted changeset:
711
712         "[Fetch API] Request should be created with any HeadersInit
713         data"
714         https://bugs.webkit.org/show_bug.cgi?id=159672
715         http://trac.webkit.org/changeset/203641
716
717 2016-07-23  Youenn Fablet  <youenn@apple.com>
718
719         [Fetch API] Request should be created with any HeadersInit data
720         https://bugs.webkit.org/show_bug.cgi?id=159672
721
722         Reviewed by Sam Weinig.
723
724         Made Request use JSBuiltinConstructor.
725         This allows initializing newly created Request with a JS built-in function, initializeFetchRequest.
726         initializeFetchRequest can call @fillFetchHeaders internal built-in to handle any HeadersInit data.
727         Future effort should be made to migrate more initialization code in initializeFetchRequest.
728
729         Made window and worker fetch function as a JS built-in.
730         This becomes more handy as these new functions can construct the Request object.
731         They can then call a single private function that takes a Request object as input.
732         Updated DOMWindowFetch and WorkerGlobalScopeFetch code accordingly.
733
734         To enable this, the binding generator is updated to support runtime-enabled JS built-in functions and
735         private functions atttached to global objects.
736
737         Covered by existing and modified tests.
738         Binding generator test covered by updated binding tests.
739
740         * CMakeLists.txt: Adding DOMWindowFetch.js, FetchRequest.js and WorkerGlobalScopeFetch.js built-in files.
741         * DerivedSources.make: Ditto.
742         * Modules/fetch/DOMWindowFetch.cpp: Removed overloaded fetch and updated according new signature.
743         (WebCore::DOMWindowFetch::fetch):
744         * Modules/fetch/DOMWindowFetch.h: Ditto.
745         * Modules/fetch/DOMWindowFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
746         * Modules/fetch/DOMWindowFetch.js: Added.
747         (fetch):
748         * Modules/fetch/FetchHeaders.h:
749         (WebCore::FetchHeaders::setGuard): Used by FetchRequest when initializing headers.
750         * Modules/fetch/FetchRequest.cpp: 
751         (WebCore::buildHeaders): Removed as implemented in JS.
752         (WebCore::FetchRequest::initializeOptions): Added to handle most of the dictionary initialization.
753         (WebCore::FetchRequest::initializeWith): Method called from built-in constructor function.
754         (WebCore::FetchRequest::setBody): Corresponding to @setBody private method.
755         (WebCore::buildBody): Deleted.
756         * Modules/fetch/FetchRequest.h:
757         * Modules/fetch/FetchRequest.idl:
758         * Modules/fetch/FetchRequest.js: Added.
759         (initializeFetchRequest): Implements fetch Request(input, init) constructor.
760         * Modules/fetch/FetchResponse.cpp:
761         (WebCore::FetchResponse::fetch): Removed the construction of FetchRequest in fetch method since it is done by JS built-in code.
762         * Modules/fetch/FetchResponse.h:
763         * Modules/fetch/WorkerGlobalScopeFetch.cpp: Removed overloaded fetch and updated according new signature.
764         (WebCore::WorkerGlobalScopeFetch::fetch):
765         * Modules/fetch/WorkerGlobalScopeFetch.h: Ditto.
766         * Modules/fetch/WorkerGlobalScopeFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
767         * Modules/fetch/WorkerGlobalScopeFetch.js: Added.
768         (fetch):
769         * bindings/js/WebCoreBuiltinNames.h: Adding fetchRequest, setBody and Request private identifiers.
770         * bindings/scripts/CodeGenerator.pm:
771         (WK_lcfirst): Replacing dOM by dom.
772         * bindings/scripts/CodeGeneratorJS.pm:
773         (GenerateImplementation): Adding support for runtime-enabled built-in methods and private methods.
774         * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
775         (WebCore::JSTestGlobalObject::finishCreation):
776         (WebCore::jsTestGlobalObjectInstanceFunctionTestPrivateFunction):
777         * bindings/scripts/test/ObjC/DOMTestGlobalObject.mm:
778         (-[DOMTestGlobalObject testJSBuiltinFunction]):
779         * bindings/scripts/test/TestGlobalObject.idl: Adding tests for runtime-enabled global built-in methods and private methods.
780
781 2016-07-23  Frederic Wang  <fwang@igalia.com>
782
783         Reset font-style on the <math> element
784         https://bugs.webkit.org/show_bug.cgi?id=160074
785
786         Reviewed by Darin Adler.
787
788         Mathematical formulas with italic font-style render poorly (slanted operators, mathvariant
789         italic etc). We align on Gecko and make the user agent stylesheet reset the font-style to
790         'normal' by default. This addresses the concrete use case of formula inside theorem or
791         proposition statements, which are often written in italic.
792
793         Test: mathml/presentation/math-font-style.html
794
795         * css/mathml.css:
796         (math): Reset the font-style to normal.
797
798 2016-07-23  Frederic Wang  <fwang@igalia.com>
799
800         [MathML] PaintInfo state is not properly restored after applyTransform.
801         https://bugs.webkit.org/show_bug.cgi?id=160077
802
803         Reviewed by Simon Fraser.
804
805         PaintInfo::applyTransform modifies PaintInfo::rect and the original state is not properly
806         restored by GraphicsContextStateSaver. To avoid some weird rendering bugs in MathOperator
807         and RenderMathMLMenclose, we follow what is done in SVG renderers and make a copy of the
808         original PaintInfo before applying the transform.
809
810         Test: mathml/presentation/bug160077.html
811
812         * rendering/mathml/MathOperator.cpp:
813         (WebCore::MathOperator::paint):
814         * rendering/mathml/RenderMathMLMenclose.cpp:
815         (WebCore::RenderMathMLMenclose::paint):
816
817 2016-07-23  Youenn Fablet  <youenn@apple.com>
818
819         [Fetch API] Fetch response stream should enqueue Uint8Array
820         https://bugs.webkit.org/show_bug.cgi?id=160083
821
822         Reviewed by Sam Weinig.
823
824         Covered by updated tests.
825
826         Before enqueuing, ReadableStreamController::enqueue will convert ArrayBuffer as Uint8Array.
827         It also returns a boolean whether the operation is successful or not.
828
829         If returned value is false, calling code will stop loading or if everything is loaded it will refrain from closing the stream.
830         The enqueuing should be succesful except in OutOfMemory cases. This case is not yet handled in test cases.
831
832         Updated the code to remove templated enqueuing as Fetch has no use of it.
833
834         * Modules/fetch/FetchBody.cpp:
835         (WebCore::FetchBody::consumeAsStream): Do not close the stream if enqueuing failed.
836         * Modules/fetch/FetchBodyOwner.cpp:
837         (WebCore::FetchBodyOwner::blobChunk): Stop blob loading if enqueuing failed.
838         * Modules/fetch/FetchResponse.cpp:
839         (WebCore::FetchResponse::BodyLoader::didReceiveData): Stop resource loading if enqueuing failed.
840         (WebCore::FetchResponse::consumeBodyAsStream): Ditto.
841         * Modules/fetch/FetchResponseSource.h:
842         * bindings/js/ReadableStreamController.h:
843         (WebCore::ReadableStreamController::enqueue):
844         (WebCore::ReadableStreamController::enqueue<RefPtr<JSC::ArrayBuffer>>): Deleted.
845
846 2016-07-22  Youenn Fablet  <youenn@apple.com>
847
848         Use a private property to implement FetchResponse.body getter
849         https://bugs.webkit.org/show_bug.cgi?id=159808
850
851         Reviewed by Sam Weinig.
852
853         Covered by existing test sets.
854
855         Previously, body was handled as a CachedAttribute.
856         Using a private property will allow direct use of this property from JS built-ins which will allow easier
857         handling of ReadableStream cloning in Response.clone.
858         Also, this allows removing some binding custom code.
859
860         Updated redirect and error static methods to take NewObject keyword, as this removes a search into cached wrappers.
861         Ditto for createReadableStreamSource.
862
863         * CMakeLists.txt: Removing JSFetchResponseCustom.cpp.
864         * Modules/fetch/FetchResponse.idl: Adding createReadableStreamSource and isDisturbed private functions.
865         Making body getter a JSBuiltin.
866         * Modules/fetch/FetchResponse.js:
867         (body): Adding getter which will call createReadableStreamSource if needed.
868         * WebCore.xcodeproj/project.pbxproj: Removing JSFetchResponseCustom.cpp.
869         * bindings/js/JSFetchResponseCustom.cpp: Removed.
870         * bindings/js/ReadableStreamController.cpp:
871         (WebCore::createReadableStream): Deleted.
872         (WebCore::getReadableStreamReader): Deleted.
873         * bindings/js/ReadableStreamController.h: Removing unneeded ReadableStream helper routine now that they can be
874         handled within JS built-in code.
875         * bindings/js/WebCoreBuiltinNames.h: Adding @createReadableStreamSource, @isDisturbed  and @Response identifiers.
876
877 2016-07-22  Zalan Bujtas  <zalan@apple.com>
878
879         Handle cases when IOSurface initialization fails.
880         https://bugs.webkit.org/show_bug.cgi?id=160006
881         <rdar://problem/27495102>
882
883         Reviewed by Tim Horton and Simon Fraser.
884
885         This is an additional fix to r203514 to check if IOSurface initialization was successful.
886
887         Unable to test.
888
889         * platform/graphics/cg/ImageBufferCG.cpp:
890         (WebCore::ImageBuffer::ImageBuffer):
891         * platform/graphics/cocoa/IOSurface.h: Merge 2 c'tors.
892         * platform/graphics/cocoa/IOSurface.mm: Remove redundant IOSurface::create() code.  
893         (WebCore::IOSurface::create):
894         (WebCore::IOSurface::createFromImage):
895         (WebCore::IOSurface::IOSurface):
896         (WebCore::IOSurface::convertToFormat):
897
898 2016-07-22  Wenson Hsieh  <wenson_hsieh@apple.com>
899
900         Media controls should be displayed for media in media documents
901         https://bugs.webkit.org/show_bug.cgi?id=160104
902         <rdar://problem/27438936>
903
904         Reviewed by Myles C. Maxfield.
905
906         Make videos that would otherwise not have been large enough or have the right
907         aspect ratio cause media controls to appear. This is because media elements in
908         a media document are implied to be main content.
909
910         Added a new API test.
911
912         * html/MediaElementSession.cpp:
913         (WebCore::MediaElementSession::canControlControlsManager):
914
915 2016-07-22  Myles C. Maxfield  <mmaxfield@apple.com>
916
917         All dancers with bunny ears are female
918         https://bugs.webkit.org/show_bug.cgi?id=160102
919         <rdar://problem/27453479>
920
921         Reviewed by Simon Fraser.
922
923         In r203330 I added support for new emoji group candidates. I accidentally
924         missed one of the new emoji code points.
925
926         Tests: editing/deleting/delete-emoji.html:
927                fast/text/emoji-gender-2-9.html:
928                fast/text/emoji-gender-9.html:
929                fast/text/emoji-gender-fe0f-9.html:
930
931         * platform/text/CharacterProperties.h:
932         (WebCore::isEmojiGroupCandidate):
933
934 2016-07-22  Chris Dumez  <cdumez@apple.com>
935
936         Parameter to HTMLCollection.item() / namedItem() should be mandatory
937         https://bugs.webkit.org/show_bug.cgi?id=160099
938
939         Reviewed by Sam Weinig.
940
941         Parameter to HTMLCollection.item() / namedItem() should be mandatory:
942         - https://dom.spec.whatwg.org/#interface-htmlcollection
943         - https://html.spec.whatwg.org/multipage/infrastructure.html#htmlformcontrolscollection
944         - https://html.spec.whatwg.org/multipage/infrastructure.html#the-htmloptionscollection-interface
945
946         Firefox and Chrome agree with the specification.
947
948         No new tests, rebaselined existing tests.
949
950         * bindings/js/JSHTMLFormControlsCollectionCustom.cpp:
951         (WebCore::JSHTMLFormControlsCollection::namedItem):
952         * html/HTMLCollection.idl:
953         * html/HTMLFormControlsCollection.idl:
954         * html/HTMLOptionsCollection.idl:
955
956 2016-07-22  Chris Dumez  <cdumez@apple.com>
957
958         First parameter to Window.getComputedStyle() should be mandatory and non-nullable
959         https://bugs.webkit.org/show_bug.cgi?id=160097
960
961         Reviewed by Ryosuke Niwa.
962
963         First parameter to Window.getComputedStyle() should be mandatory and
964         non-nullable:
965         - https://drafts.csswg.org/cssom/#extensions-to-the-window-interface
966
967         Firefox and Chrome agree with the specification.
968
969         Test: fast/dom/Window/getComputedStyle-missing-parameter.html
970
971         * css/CSSComputedStyleDeclaration.cpp:
972         (WebCore::ComputedStyleExtractor::ComputedStyleExtractor):
973         (WebCore::CSSComputedStyleDeclaration::CSSComputedStyleDeclaration):
974         (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
975         (WebCore::CSSComputedStyleDeclaration::copyProperties):
976         (WebCore::CSSComputedStyleDeclaration::length):
977         (WebCore::CSSComputedStyleDeclaration::item):
978         (WebCore::CSSComputedStyleDeclaration::getPropertyValue):
979         * css/CSSComputedStyleDeclaration.h:
980         * dom/Document.idl:
981         * inspector/InspectorCSSAgent.cpp:
982         (WebCore::InspectorCSSAgent::getComputedStyleForNode):
983         * page/DOMWindow.cpp:
984         (WebCore::DOMWindow::getComputedStyle):
985         * page/DOMWindow.h:
986         * page/DOMWindow.idl:
987         * testing/Internals.cpp:
988         (WebCore::Internals::computedStyleIncludingVisitedInfo):
989         * testing/Internals.h:
990         * testing/Internals.idl:
991
992 2016-07-22  Brady Eidson  <beidson@apple.com>
993
994         Removing IndexedDatabases that have stored blobs doesn't remove the blob files.
995         https://bugs.webkit.org/show_bug.cgi?id=160089
996
997         Reviewed by Darin Adler.
998
999         Tested by API test IndexedDB.StoreBlobThenDelete.
1000
1001         Blob filenames exist in the IDB directory with the name "[0-9]+.blob".
1002         
1003         That is, one or more digits, followed by ".blob".
1004         
1005         So when we delete an IndexedDB.sqlite3 and related files, we should delete those blob files as well.
1006         
1007         * Modules/indexeddb/server/IDBServer.cpp:
1008         (WebCore::IDBServer::removeAllDatabasesForOriginPath):
1009
1010 2016-07-22  Chris Dumez  <cdumez@apple.com>
1011
1012         Fix default parameter values for window.alert() / prompt() / confirm()
1013         https://bugs.webkit.org/show_bug.cgi?id=160085
1014
1015         Reviewed by Ryosuke Niwa.
1016
1017         Fix default parameter values for window.alert() / prompt() / confirm() to
1018         match the specification:
1019         - https://html.spec.whatwg.org/multipage/browsers.html#the-window-object
1020
1021         They should default to the empty string, not the string "undefined".
1022
1023         Firefox and chrome agree with the specification.
1024
1025         No new tests, updated existing test.
1026
1027         * page/DOMWindow.h:
1028         * page/DOMWindow.idl:
1029
1030 2016-07-22  Daniel Bates  <dabates@apple.com>
1031
1032         CSP: object-src and plugin-types directives are not respected for plugin replacements
1033         https://bugs.webkit.org/show_bug.cgi?id=159761
1034         <rdar://problem/27365724>
1035
1036         Reviewed by Brent Fulgham.
1037
1038         Apply the Content Security Policy (CSP) object-src and plugin-types directives to content that will
1039         load with a plugin replacement.
1040
1041         Tests: security/contentSecurityPolicy/object-src-none-blocks-quicktime-plugin-replacement.html
1042                security/contentSecurityPolicy/object-src-none-blocks-youtube-plugin-replacement.html
1043                security/contentSecurityPolicy/plugins-types-allows-quicktime-plugin-replacement.html
1044                security/contentSecurityPolicy/plugins-types-allows-youtube-plugin-replacement.html
1045                security/contentSecurityPolicy/plugins-types-blocks-quicktime-plugin-replacement-without-mime-type.html
1046                security/contentSecurityPolicy/plugins-types-blocks-quicktime-plugin-replacement.html
1047                security/contentSecurityPolicy/plugins-types-blocks-youtube-plugin-replacement-without-mime-type.html
1048                security/contentSecurityPolicy/plugins-types-blocks-youtube-plugin-replacement.html
1049
1050         * html/HTMLPlugInImageElement.cpp:
1051         (WebCore::HTMLPlugInImageElement::allowedToLoadPluginContent): Added.
1052         (WebCore::HTMLPlugInImageElement::requestObject): Only request loading plugin content if we
1053         are allowed to load such content.
1054         * html/HTMLPlugInImageElement.h:
1055         * loader/SubframeLoader.cpp:
1056         (WebCore::SubframeLoader::pluginIsLoadable): Removed code to check CSP as we will check CSP
1057         earlier in HTMLPlugInImageElement::requestObject().
1058         (WebCore::SubframeLoader::requestPlugin): Ditto.
1059         (WebCore::SubframeLoader::isPluginContentAllowedByContentSecurityPolicy): Deleted; moved implementation
1060         to HTMLPlugInImageElement::allowedToLoadPluginContent().
1061         (WebCore::SubframeLoader::requestObject): Deleted.
1062         * loader/SubframeLoader.h:
1063         * page/csp/ContentSecurityPolicy.cpp:
1064         (WebCore::ContentSecurityPolicy::upgradeInsecureRequestIfNeeded): Changed signature from a non-const
1065         function to a const function since these functions do not modify |this|.
1066         * page/csp/ContentSecurityPolicy.h: 
1067
1068 2016-07-22  Chris Dumez  <cdumez@apple.com>
1069
1070         Parameters to Node.replaceChild() / insertBefore() should be mandatory
1071         https://bugs.webkit.org/show_bug.cgi?id=160091
1072
1073         Reviewed by Darin Adler.
1074
1075         Parameters to Node.replaceChild() / insertBefore() should be mandatory:
1076         - https://dom.spec.whatwg.org/#node
1077
1078         The compatibility risk should be low since Firefox and Chrome both agree
1079         with the specification and because it does not make much sense to omit
1080         parameters when using this API.
1081
1082         No new tests, rebaselined existing tests.
1083
1084         * bindings/js/JSNodeCustom.cpp:
1085         (WebCore::JSNode::insertBefore):
1086         (WebCore::JSNode::replaceChild):
1087
1088 2016-07-22  Chris Dumez  <cdumez@apple.com>
1089
1090         Parameter to Node.contains() should be mandatory
1091         https://bugs.webkit.org/show_bug.cgi?id=160084
1092
1093         Reviewed by Darin Adler.
1094
1095         Parameter to Node.contains() should be mandatory as per the
1096         specification:
1097         - https://dom.spec.whatwg.org/#node
1098
1099         The compatibility risk should be low because both Firefox and Chrome
1100         both agree with the specification. Also, it does not make much sense
1101         to call this API without parameter.
1102
1103         No new tests, rebaselined existing tests.
1104
1105         * dom/Node.idl:
1106
1107 2016-07-22  Said Abou-Hallawa  <sabouhallawa@apple.com>
1108
1109         [iOS] REGRESSION(203378): PDFDocumentImage::updateCachedImageIfNeeded() uses the unscaled size when deciding whether to cache the PDF image
1110         https://bugs.webkit.org/show_bug.cgi?id=159933
1111
1112         Reviewed by Simon Fraser.
1113
1114         We need to use the scaled size when deciding whether to cache the PDF image
1115         or not. This is because ImageBuffer takes the display resolution into account
1116         which gives higher resolution for the image when zooming.
1117
1118         * platform/graphics/cg/PDFDocumentImage.cpp:
1119         (WebCore::PDFDocumentImage::updateCachedImageIfNeeded):
1120
1121 2016-07-22  Chris Dumez  <cdumez@apple.com>
1122
1123         First parameter to getElementById() should be mandatory
1124         https://bugs.webkit.org/show_bug.cgi?id=160087
1125
1126         Reviewed by Darin Adler.
1127
1128         First parameter to getElementById() should be mandatory:
1129         - https://dom.spec.whatwg.org/#nonelementparentnode
1130         - https://www.w3.org/TR/SVG/struct.html#InterfaceSVGSVGElement
1131
1132         Both Firefox and Chrome agree with the specification.
1133
1134         Test: svg/dom/SVGSVGElement-getElementById.html
1135
1136         * dom/NonElementParentNode.idl:
1137         * svg/SVGSVGElement.idl:
1138
1139 2016-07-22  Chris Dumez  <cdumez@apple.com>
1140
1141         Parameter to Node.lookupPrefix() / lookupNamespaceURI() / isDefaultNamespace() should be mandatory
1142         https://bugs.webkit.org/show_bug.cgi?id=160086
1143
1144         Reviewed by Darin Adler.
1145
1146         Parameter to Node.lookupPrefix() / lookupNamespaceURI() / isDefaultNamespace()
1147         should be mandatory:
1148         - https://dom.spec.whatwg.org/#node
1149
1150         Firefox and Chrome both agree with the specification.
1151
1152         No new tests, rebaselined existing tests.
1153
1154         * dom/Node.idl:
1155
1156 2016-07-22  Chris Dumez  <cdumez@apple.com>
1157
1158         Parameter to Node.compareDocumentPosition() should be mandatory and non-nullable
1159         https://bugs.webkit.org/show_bug.cgi?id=160071
1160
1161         Reviewed by Ryosuke Niwa.
1162
1163         
1164         Parameter to Node.compareDocumentPosition() should be mandatory and
1165         non-nullable:
1166         - https://dom.spec.whatwg.org/#interface-node
1167
1168         Firefox and Chrome agree with the specification so the compatibility
1169         risk should be low. Also, it does not make much sense to call this
1170         operation without parameter.
1171
1172         No new tests, rebaselined existing tests.
1173
1174         * accessibility/AccessibilityObject.cpp:
1175         (WebCore::rangeClosestToRange):
1176         * dom/AuthorStyleSheets.cpp:
1177         (WebCore::AuthorStyleSheets::addStyleSheetCandidateNode):
1178         * dom/Node.cpp:
1179         (WebCore::compareDetachedElementsPosition):
1180         (WebCore::Node::compareDocumentPosition):
1181         * dom/Node.h:
1182         * dom/Node.idl:
1183         * dom/Position.h:
1184         (WebCore::operator<):
1185         * html/HTMLFormElement.cpp:
1186         (WebCore::HTMLFormElement::formElementIndexWithFormAttribute):
1187         (WebCore::HTMLFormElement::formElementIndex):
1188         * rendering/RenderNamedFlowThread.cpp:
1189         (WebCore::RenderNamedFlowThread::nextRendererForElement):
1190         (WebCore::compareRenderNamedFlowFragments):
1191         (WebCore::RenderNamedFlowThread::registerNamedFlowContentElement):
1192
1193 2016-07-22  Konstantin Tokarev  <annulen@yandex.ru>
1194
1195         [cmake] Removed obsolete plugins/win directory
1196         https://bugs.webkit.org/show_bug.cgi?id=160081
1197
1198         Reviewed by Per Arne Vollan.
1199
1200         It was removed in r178219.
1201
1202         No new tests needed.
1203
1204         * PlatformWin.cmake:
1205
1206 2016-07-22  Youenn Fablet  <youenn@apple.com>
1207
1208         run-builtins-generator-tests should be able to test WebCore builtins wrapper with more than one file
1209         https://bugs.webkit.org/show_bug.cgi?id=159921
1210
1211         Reviewed by Brian Burg.
1212
1213         Covered by existing and added built-ins tests.
1214
1215         Updating built system according ---wrappers-only new meaning.
1216         builtin generator is now called for each individual built-in file plus once for WebCore wrapper files.
1217         WebCore wrapper files allow handling things like conditionally guarded features.
1218         They also remove the need to use built-ins macros outside generated code.
1219
1220         * CMakeLists.txt:
1221         * DerivedSources.make:
1222
1223 2016-07-21  Frederic Wang  <fwang@igalia.com>
1224
1225         Move parsing of accentunder and accent attributes from renderer to element classes
1226         https://bugs.webkit.org/show_bug.cgi?id=159625
1227
1228         Reviewed by Brent Fulgham.
1229
1230         We introduce a new MathMLUnderOverElement that is used for elements munder, mover and
1231         munderover in order to create RenderMathMLUnderOver and parse and expose the values of the
1232         accent and accentunder attributes. This is one more step toward moving MathML attribute
1233         parsing to the DOM (bug 156536). We also do minor clean-up for this and previous renderer
1234         classes that no longer do attribute parsing: the MathMLNames namespace is no longer necessary
1235         and constructors can take a more accurate element type.
1236
1237         No new tests, already covered by existing test.
1238
1239         * CMakeLists.txt: Add MathMLUnderOverElement files.
1240         * WebCore.xcodeproj/project.pbxproj: Ditto.
1241         * mathml/MathMLAllInOne.cpp: Ditto.
1242         * mathml/MathMLElement.cpp:
1243         (WebCore::MathMLElement::cachedBooleanAttribute): Add parsing of boolean attributes.
1244         * mathml/MathMLElement.h: New type and helper functions for boolean attributes.
1245         * mathml/MathMLInlineContainerElement.cpp:
1246         (WebCore::MathMLInlineContainerElement::createElementRenderer): Remove handling of
1247         under/over/underover elements.
1248         * mathml/MathMLScriptsElement.cpp:
1249         (WebCore::MathMLScriptsElement::MathMLScriptsElement): Remove inline keyword to avoid link
1250         errors now that MathMLUnderOverElement overrides that class.
1251         * mathml/MathMLScriptsElement.h: Allow MathMLUnderOverElement to override this class.
1252         * mathml/MathMLUnderOverElement.cpp:
1253         (WebCore::MathMLUnderOverElement::MathMLUnderOverElement):
1254         (WebCore::MathMLUnderOverElement::create):
1255         (WebCore::MathMLUnderOverElement::accent): Helper function to access the accent value.
1256         (WebCore::MathMLUnderOverElement::accentUnder): Helper function to access the accentunder value.
1257         (WebCore::MathMLUnderOverElement::parseAttribute): Make accent and accentunder dirty.
1258         (WebCore::MathMLUnderOverElement::createElementRenderer): Create RenderMathMLUnderOver
1259         * mathml/MathMLUnderOverElement.h:
1260         * mathml/mathtags.in: Map under/over/underover to MathMLUnderOverElement.
1261         * rendering/mathml/RenderMathMLFraction.cpp: Remove MathMLNames and make the constructor
1262         take a MathMLFractionElement.
1263         (WebCore::RenderMathMLFraction::RenderMathMLFraction):
1264         * rendering/mathml/RenderMathMLFraction.h:
1265         * rendering/mathml/RenderMathMLPadded.cpp: Remove MathMLNames and make the constructor
1266         take a MathMLPaddedElement.
1267         (WebCore::RenderMathMLPadded::RenderMathMLPadded):
1268         * rendering/mathml/RenderMathMLPadded.h:
1269         * rendering/mathml/RenderMathMLScripts.cpp: Remove MathMLNames and make the constructor
1270         take a MathMLScriptsElement. Also rename scriptsElement() to element().
1271         (WebCore::RenderMathMLScripts::RenderMathMLScripts):
1272         (WebCore::RenderMathMLScripts::element):
1273         (WebCore::RenderMathMLScripts::getScriptMetricsAndLayoutIfNeeded):
1274         (WebCore::RenderMathMLScripts::scriptsElement): Deleted.
1275         * rendering/mathml/RenderMathMLScripts.h:
1276         * rendering/mathml/RenderMathMLUnderOver.cpp: Remove MathMLNames and make the constructor
1277         take a RenderMathMLUnderOver.
1278         (WebCore::RenderMathMLUnderOver::RenderMathMLUnderOver):
1279         (WebCore::RenderMathMLUnderOver::element):
1280         (WebCore::RenderMathMLUnderOver::hasAccent): Use the helper functions for accent and accentunder.
1281         * rendering/mathml/RenderMathMLUnderOver.h:
1282
1283 2016-07-21  Chris Dumez  <cdumez@apple.com>
1284
1285         Parameter to Node.isSameNode() / isEqualNode() should be mandatory
1286         https://bugs.webkit.org/show_bug.cgi?id=160070
1287
1288         Reviewed by Ryosuke Niwa.
1289
1290         Parameter to Node.isSameNode() / isEqualNode() should be mandatory as
1291         per the specification:
1292         - https://dom.spec.whatwg.org/#interface-node
1293
1294         Chrome and Firefox agree with the specification (although Firefox does
1295         not support isSameNode()).
1296
1297         No new tests, rebaselined existing tests.
1298
1299         * dom/Node.idl:
1300
1301 2016-07-21  Chris Dumez  <cdumez@apple.com>
1302
1303         Parameter to Document.createEvent() should be mandatory
1304         https://bugs.webkit.org/show_bug.cgi?id=160065
1305
1306         Reviewed by Darin Adler.
1307
1308         Parameter to Document.createEvent() should be mandatory as per the
1309         specification:
1310         - https://dom.spec.whatwg.org/#document
1311
1312         We already throw anyway when the parameter is omitted because we use
1313         "undefined" as event type, which is invalid. However, we throw the
1314         wrong exception.
1315
1316         Firefox and Chrome agree with the specification here.
1317
1318         No new tests, rebaselined existing tests.
1319
1320         * dom/Document.idl:
1321
1322 2016-07-21  Brian Burg  <bburg@apple.com>
1323
1324         REGRESSION(r62549): Objective-C DOM bindings sometimes fail to regenerate when CodeGenerator.pm is modified
1325         https://bugs.webkit.org/show_bug.cgi?id=160031
1326
1327         Reviewed by Darin Adler.
1328
1329         This bug was caused by a refactoring 6 years ago. Not all uses of a variable
1330         were renamed, so the ObjC bindings target pattern was not specifying any
1331         build scripts as target dependencies.
1332
1333         * DerivedSources.make: Standardize on {COMMON,JS,DOM}_BINDINGS_SCRIPTS.
1334
1335 2016-07-21  Darin Adler  <darin@apple.com>
1336
1337         Remove unneeded content attribute name "playsinline"
1338         https://bugs.webkit.org/show_bug.cgi?id=160069
1339
1340         Reviewed by Chris Dumez.
1341
1342         * html/HTMLVideoElement.idl: Removed explicit content attribute name on Reflect
1343         attribute since it is the same as the name that the code generator will generate.
1344
1345 2016-07-21  Chris Dumez  <cdumez@apple.com>
1346
1347         Make parameters to Element.getElementsBy*() operations mandatory
1348         https://bugs.webkit.org/show_bug.cgi?id=160060
1349
1350         Reviewed by Darin Adler.
1351
1352         Make parameters to Element.getElementsBy*() operations mandatory to
1353         match the specification:
1354         - https://dom.spec.whatwg.org/#interface-element
1355
1356         Firefox and Chrome agree with the specification so the compatibility
1357         risk should be low.
1358
1359         It makes very little sense to call these operations without parameter,
1360         especially considering WebKit uses the string "undefined" if the
1361         parameter is omitted.
1362
1363         No new tests, rebaselined existing tests.
1364
1365         * dom/Element.idl:
1366
1367 2016-07-21  Chris Dumez  <cdumez@apple.com>
1368
1369         Make parameters mandatory for attribute-related API on Element
1370         https://bugs.webkit.org/show_bug.cgi?id=160059
1371
1372         Reviewed by Ryosuke Niwa.
1373
1374         Make parameters mandatory for attribute-related API on Element to match
1375         the specification:
1376         - https://dom.spec.whatwg.org/#element
1377
1378         Firefox and Chrome agree with the specification. Calling this API
1379         without the parameters does not make much sense, especially considering
1380         WebKit uses the string "undefined" when the parameter is omitted.
1381
1382         No new tests, rebaselined existing tests.
1383
1384         * dom/Element.idl:
1385
1386 2016-07-21  Myles C. Maxfield  <mmaxfield@apple.com>
1387
1388         Remove support for deprecated SPI inlineMediaPlaybackRequiresPlaysInlineAttribute
1389         https://bugs.webkit.org/show_bug.cgi?id=160066
1390
1391         Reviewed by Dean Jackson.
1392
1393         r203520 deprecated inlineMediaPlaybackRequiresPlaysInlineAttribute in favor of
1394         allowsInlineMediaPlaybackWithPlaysInlineAttribute and
1395         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute. The old
1396         inlineMediaPlaybackRequiresPlaysInlineAttribute is SPI and was never released
1397         to the public. Therefore, it can be removed safely.
1398
1399         No new tests because there is no behavior change.
1400
1401         * page/Settings.cpp:
1402         * page/Settings.in:
1403         * testing/InternalSettings.cpp:
1404         (WebCore::InternalSettings::Backup::Backup): Deleted.
1405         (WebCore::InternalSettings::Backup::restoreTo): Deleted.
1406         (WebCore::InternalSettings::setInlineMediaPlaybackRequiresPlaysInlineAttribute): Deleted.
1407         * testing/InternalSettings.h:
1408         * testing/InternalSettings.idl:
1409
1410 2016-07-21  Dean Jackson  <dino@apple.com>
1411
1412         REGRESSION (r202927): The internal size of the ImageBuffer is scaled twice by the context scaleFactor
1413         https://bugs.webkit.org/show_bug.cgi?id=159981
1414         <rdar://problem/27429465>
1415
1416         Reviewed by Myles Maxfield.
1417
1418         The change to propagate color spaces through ImageBuffers created an
1419         alternate version of createCompatibleBuffer. This version accidentally
1420         attempted to take the display resolution (i.e. hidpi) into account
1421         when creating the buffer, which meant it was being applied twice.
1422
1423         The fix is simply to remove that logic. The caller of the method
1424         will take the resolution into account, the same way they did
1425         with the old createCompatibleBuffer method.
1426
1427         Test: fast/hidpi/pdf-image-scaled.html
1428
1429         * platform/graphics/cg/ImageBufferCG.cpp:
1430         (WebCore::ImageBuffer::createCompatibleBuffer): Don't calculate
1431         a resolution - just use the value of 1.0.
1432
1433 2016-07-21  John Wilander  <wilander@apple.com>
1434
1435         Block mixed content synchronous XHR
1436         https://bugs.webkit.org/show_bug.cgi?id=105462
1437         <rdar://problem/13666424>
1438
1439         Reviewed by Brent Fulgham.
1440
1441         Test: http/tests/security/mixedContent/insecure-xhr-sync-in-main-frame.html
1442
1443         * loader/DocumentThreadableLoader.cpp:
1444         (WebCore::DocumentThreadableLoader::loadRequest):
1445
1446 2016-07-21  Chris Dumez  <cdumez@apple.com>
1447
1448         Make parameters to Document.getElementsBy*() operations mandatory
1449         https://bugs.webkit.org/show_bug.cgi?id=160050
1450
1451         Reviewed by Daniel Bates.
1452
1453         Make parameters to Document.getElementsBy*() operations mandatory to
1454         match the specification:
1455         - https://dom.spec.whatwg.org/#interface-document
1456
1457         Firefox and Chrome agree with the specification so the compatibility
1458         risk should be low.
1459
1460         It makes very little sense to call these operations without parameter,
1461         especially considering WebKit uses the string "undefined" if the
1462         parameter is omitted.
1463
1464         No new tests, rebaselined existing tests.
1465
1466         * dom/Document.idl:
1467
1468 2016-07-21  Nan Wang  <n_wang@apple.com>
1469
1470         AX: aria-label not being used correctly in accessible name calculation of heading
1471         https://bugs.webkit.org/show_bug.cgi?id=160009
1472
1473         Reviewed by Chris Fleizach.
1474
1475         Actually we are exposing the correct information for heading objects. On macOS, 
1476         VoiceOver should handle the logic that picks the right information to speak.
1477         On iOS, VoiceOver is speaking the static text child instead of the heading object.
1478         So we should set the accessibilityLabel of the static text based on the parent's 
1479         alternate label.
1480
1481         Test: accessibility/ios-simulator/heading-with-aria-label.html
1482
1483         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
1484         (-[WebAccessibilityObjectWrapper _accessibilityTraitsFromAncestors]):
1485
1486 2016-07-21  Saam Barati  <sbarati@apple.com>
1487
1488         op_add/ValueAdd should be an IC in all JIT tiers
1489         https://bugs.webkit.org/show_bug.cgi?id=159649
1490
1491         Reviewed by Benjamin Poulain.
1492
1493         * ForwardingHeaders/jit/JITMathICForwards.h: Added.
1494
1495 2016-07-21  Chris Dumez  <cdumez@apple.com>
1496
1497         Make parameters mandatory for Document.create*() operations
1498         https://bugs.webkit.org/show_bug.cgi?id=160047
1499
1500         Reviewed by Ryosuke Niwa.
1501
1502         Make parameters mandatory for Document.create*() operations:
1503         createTextNode(), createComment(), createCDataSection(),
1504         createAttribute() and createProcessingInstruction().
1505
1506         This matches the specification:
1507         - https://dom.spec.whatwg.org/#interface-document
1508
1509         Firefox and Chrome both agree with the specification so the
1510         compatibility risk should be low. Also WebKit uses the string
1511         "undefined" when the parameter is omitted, which is not very
1512         helpful.
1513
1514         No new tests, rebaselined existing tests.
1515
1516         * dom/Document.idl:
1517
1518 2016-07-21  Chris Dumez  <cdumez@apple.com>
1519
1520         Fix null handling of SVGAngle/SVGLength.valueAsString attribute
1521         https://bugs.webkit.org/show_bug.cgi?id=160025
1522
1523         Reviewed by Ryosuke Niwa.
1524
1525         Fix null handling of SVGAngle/SVGLength.valueAsString attribute
1526         to match the specification:
1527         - https://www.w3.org/TR/SVG2/types.html#InterfaceSVGAngle
1528         - https://www.w3.org/TR/SVG2/types.html#InterfaceSVGLength
1529
1530         In particular, this patch drops [TreatNullAs=EmptyString] IDL
1531         extended attribute from this attribute. This is not supposed
1532         to change behavior given that both "" and "null" are invalid
1533         numbers and the specification says to throw a SYNTAX_ERR in
1534         this case.
1535
1536         However, WebKit currently ignores assignments to "" instead
1537         of throwing. As a result, assigning to null will now throw
1538         instead of being ignored. The compatibility risk should be
1539         low because both Firefox and Chrome throw when assigning
1540         null.
1541
1542         I did not change the behavior when assigning to "" because
1543         it is a bit out of scope for this patch and browsers to not
1544         seem to agree:
1545         - Firefox throws
1546         - Chrome set value to "0"
1547         - WebKit ignores the assignment
1548
1549         The specification seems to agree with Firefox as far as I
1550         can tell given that "" is not a valid number as per:
1551         - https://www.w3.org/TR/css3-values/#numbers
1552
1553         Test: svg/dom/valueAsString-null.html
1554
1555         * svg/SVGAngle.idl:
1556         * svg/SVGLength.idl:
1557
1558 2016-07-21  Chris Dumez  <cdumez@apple.com>
1559
1560         Fix null handling of HTMLFontElement.color
1561         https://bugs.webkit.org/show_bug.cgi?id=160036
1562
1563         Reviewed by Ryosuke Niwa.
1564
1565         Fix null handling of HTMLFontElement.color to match the specification:
1566         - https://html.spec.whatwg.org/#htmlfontelement
1567
1568         We are supposed to treat null as the empty string. Both Firefox and
1569         Chrome agree with the specification.
1570
1571         No new tests, rebaselined existing tests.
1572
1573         * html/HTMLFontElement.idl:
1574
1575 2016-07-21  Chris Dumez  <cdumez@apple.com>
1576
1577         Fix null handling for several HTMLTableElement attributes
1578         https://bugs.webkit.org/show_bug.cgi?id=160041
1579
1580         Reviewed by Ryosuke Niwa.
1581
1582         Fix null handling for several HTMLTableElement attributes to match the
1583         specification:
1584         - https://html.spec.whatwg.org/#HTMLTableElement-partial
1585
1586         The attributes in question are 'bicolor', 'cellSpacing' and
1587         'cellPadding'. We are supposed to treat null as the empty string for
1588         these attributes.
1589
1590         Firefox and Chrome both agree with the specification.
1591
1592         No new tests, rebaselined existing tests.
1593
1594         * html/HTMLTableElement.idl:
1595
1596 2016-07-21  Chris Dumez  <cdumez@apple.com>
1597
1598         Fix null handling for HTMLObjectElement.border
1599         https://bugs.webkit.org/show_bug.cgi?id=160040
1600
1601         Reviewed by Ryosuke Niwa.
1602
1603         Fix null handling for HTMLObjectElement.border to match the specification:
1604         - https://html.spec.whatwg.org/#HTMLObjectElement-partial
1605
1606         We are supposed to treat null as the empty string.
1607
1608         Both Firefox and Chrome agree with the specification.
1609
1610         No new tests, rebaselined existing tests.
1611
1612         * html/HTMLObjectElement.idl:
1613
1614 2016-07-21  Chris Dumez  <cdumez@apple.com>
1615
1616         Fix null handling for td.bgColor / tr.bgColor
1617         https://bugs.webkit.org/show_bug.cgi?id=160043
1618
1619         Reviewed by Ryosuke Niwa.
1620
1621         Fix null handling for td.bgColor / tr.bgColor to match the
1622         specification:
1623         - https://html.spec.whatwg.org/#HTMLTableCellElement-partial
1624         - https://html.spec.whatwg.org/#HTMLTableRowElement-partial
1625
1626         We are supposed to treat null as the empty string.
1627
1628         Firefox and Chrome both agree with the specification.
1629
1630         No new tests, rebaselined existing tests.
1631
1632         * html/HTMLTableCellElement.idl:
1633         * html/HTMLTableRowElement.idl:
1634
1635 2016-07-21  Chris Dumez  <cdumez@apple.com>
1636
1637         Fix null handling for several HTMLBodyElement attributes
1638         https://bugs.webkit.org/show_bug.cgi?id=160044
1639
1640         Reviewed by Ryosuke Niwa.
1641
1642         Fix null handling for several HTMLBodyElement attributes to match the
1643         specification:
1644         - https://html.spec.whatwg.org/#HTMLBodyElement-partial
1645
1646         The attributes in question are: 'text', 'link', 'vlink', 'alink' and
1647         'bgcolor'.
1648
1649         We are supposed to treat null as the empty string for these attributes.
1650
1651         Firefox and Chrome both agree with the specification.
1652
1653         No new tests, rebaselined existing tests.
1654
1655         * html/HTMLBodyElement.idl:
1656
1657 2016-07-21  Chris Dumez  <cdumez@apple.com>
1658
1659         Fix null handling for HTMLIFrameElement.marginWidth / marginHeight
1660         https://bugs.webkit.org/show_bug.cgi?id=160037
1661
1662         Reviewed by Ryosuke Niwa.
1663
1664         Fix null handling for HTMLIFrameElement.marginWidth / marginHeight to
1665         match the specification:
1666         - https://html.spec.whatwg.org/#HTMLIFrameElement-partial
1667
1668         We are supposed to treat null as the empty string. Both Firefox and
1669         Chrome agree with the specification.
1670
1671         No new tests, rebaselined existing tests.
1672
1673         * html/HTMLIFrameElement.idl:
1674
1675 2016-07-21  Chris Dumez  <cdumez@apple.com>
1676
1677         Fix null handling for HTMLImageElement.border
1678         https://bugs.webkit.org/show_bug.cgi?id=160039
1679
1680         Reviewed by Ryosuke Niwa.
1681
1682         Fix null handling for HTMLImageElement.border to match the specification:
1683         - https://html.spec.whatwg.org/#HTMLImageElement-partial
1684
1685         We are supposed to treat null as the empty string.
1686
1687         Both Firefox and Chrome agree with the specification.
1688
1689         No new tests, rebaselined existing tests.
1690
1691         * html/HTMLImageElement.idl:
1692
1693 2016-07-21  Daniel Bates  <dabates@apple.com>
1694
1695         REGRESSION: Plugin replaced YouTube Flash videos always have the same width
1696         https://bugs.webkit.org/show_bug.cgi?id=159998
1697         <rdar://problem/27462285>
1698
1699         Reviewed by Simon Fraser.
1700
1701         Fixes an issue where the width of a plugin replaced YouTube video loaded via an HTML embed
1702         element would always have the same width regardless of value of the width attribute.
1703
1704         For YouTube Flash videos the YouTube plugin replacement substitutes a shadow DOM subtree
1705         for the default renderer of an HTML embed element. The root of this shadow DOM subtree
1706         is an HTML div element. Currently we set inline styles on this <div> when it is instantiated.
1707         In particular, we set inline display and position to "inline-block" and "relative", respectively,
1708         and set an invalid height and width (we specify a font weight value instead of a CSS length value
1709         - this causes an ASSERT_NOT_REACHED() assertion failure in StyleBuilderConverter::convertLengthSizing()
1710         in a debug build). These styles never worked as intended and we ultimately created an inline
1711         renderer (ignoring display "inline-block") that had auto width and height. Instead it is sufficient
1712         to remove all these inline styles and create a RenderBlockFlow renderer for this <div> so that it
1713         renders as a block, non-replaced element to achieve the intended illusion that the <embed> is a
1714         single element.
1715
1716         * html/shadow/YouTubeEmbedShadowElement.cpp: Remove unused header HTMLEmbedElement.h and include
1717         header RenderBlockFlow.h. Also update copyright in license block.
1718         (WebCore::YouTubeEmbedShadowElement::YouTubeEmbedShadowElement): Remove inline styles as these
1719         never worked as intended.
1720         (WebCore::YouTubeEmbedShadowElement::createElementRenderer): Override; create a block-flow
1721         renderer for us so that we layout as a block, non-replaced element.
1722         * html/shadow/YouTubeEmbedShadowElement.h:
1723
1724 2016-07-21  Myles C. Maxfield  <mmaxfield@apple.com>
1725
1726         [iPhone] Playing a video on tudou.com plays only sound, no video
1727         https://bugs.webkit.org/show_bug.cgi?id=159967
1728         <rdar://problem/26964090>
1729
1730         Reviewed by Jon Lee, Jeremy Jones, and Anders Carlsson.
1731
1732         WebKit recently starting honoring the playsinline and webkit-playsinline
1733         attribute on iPhones. However, because these attributes previously did
1734         nothing, some sites (such as Todou) were setting them on their content
1735         and expecting that they are not honored. In this specific case, the
1736         video is absolutely positioned to be 1 pixel x 1 pixel.
1737
1738         Previously, with iOS 9, apps could set the allowsInlineMediaPlayback
1739         property on their WKWebView, which would honor the webkit-playsinline
1740         attribute. Safari on iPhones didn't do this.
1741
1742         In order to not break these existing apps, it's important that the
1743         allowsInlineMediaPlayback preference still allows webkit-playsinline
1744         videos to play inline in apps using WKWebView. However, in Safari, these
1745         videos should play fullscreen. (Todou videos have webkit-playsinline
1746         but not playsinline.)
1747
1748         Therefore, in Safari, videos with playsinline should be inline, but
1749         videos with webkit-playsinline should be fullscreen. In apps using
1750         WKWebViews, if the app sets allowsInlineMediaPlayback, then videos with
1751         playsinline should be inline, and videos with webkit-playsinline should
1752         also be inline. Videos on iPad and Mac should all be inline by default.
1753
1754         We can create some truth tables for the cases which need to be covered:
1755
1756         All apps on Mac / iPad:
1757         Presence of playsinline | Presence of webkit-playsinline | Result
1758         ========================|================================|===========
1759         Not present             | Not present                    | Inline
1760         Present                 | Not present                    | Inline
1761         Not Present             | Present                        | Inline
1762         Present                 | Present                        | Inline
1763
1764         Safari on iPhone:
1765         Presence of playsinline | Presence of webkit-playsinline | Result
1766         ========================|================================|===========
1767         Not present             | Not present                    | Fullscreen
1768         Present                 | Not present                    | Inline
1769         Not Present             | Present                        | Fullscreen
1770         Present                 | Present                        | Inline
1771
1772         App on iPhone which sets allowsInlineMediaPlayback:
1773         Presence of playsinline | Presence of webkit-playsinline | Result
1774         ========================|================================|===========
1775         Not present             | Not present                    | Fullscreen
1776         Present                 | Not present                    | Inline
1777         Not Present             | Present                        | Inline
1778         Present                 | Present                        | Inline
1779
1780         The way to distinguish Safari from another app is to create an SPI
1781         boolean preference which Safari can set. This is already how the
1782         iPhone and iPad are differentiated using the requiresPlayInlineAttribute
1783         which Safari sets but other apps don't. However, this preference is
1784         no longer sufficient because Safari should now be discriminating
1785         between the playsinline and webkit-playsinline attributes. Therefore,
1786         this preference should be extended to two boolean preferences, which
1787         this patch adds:
1788
1789         allowsInlineMediaPlaybackWithPlaysInlineAttribute
1790         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute
1791
1792         Safari on iPhone will set
1793         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to true,
1794         and allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to
1795         false. Other apps on iPhone will get their defaults values (because they
1796         are SPI) which means they will both be true. On iPad and Mac, apps will
1797         use the defaults values where both are false.
1798
1799         This patch adds support for these two preferences, but does not remove
1800         the existing inlineMediaPlaybackRequiresPlaysInlineAttribute preference.
1801         I will remove the exising preference as soon as I update Safari to migrate
1802         off of it.
1803
1804         Test: media/video-playsinline.html
1805
1806         * html/MediaElementSession.cpp:
1807         (WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):
1808         * page/Settings.cpp:
1809         * page/Settings.in:
1810         * testing/InternalSettings.cpp:
1811         (WebCore::InternalSettings::Backup::Backup):
1812         (WebCore::InternalSettings::Backup::restoreTo):
1813         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithPlaysInlineAttribute):
1814         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute):
1815         * testing/InternalSettings.h:
1816         * testing/InternalSettings.idl:
1817
1818 2016-07-21  Ryosuke Niwa  <rniwa@webkit.org>
1819
1820         Crash accessing null renderer inside WebCore::DeleteSelectionCommand::doApply
1821         https://bugs.webkit.org/show_bug.cgi?id=160011
1822
1823         Reviewed by Chris Dumez.
1824
1825         Add a null pointer check for renderer() call.
1826
1827         Unfortunately no new tests since we don't have a reproduction.
1828
1829         * editing/DeleteSelectionCommand.cpp:
1830         (WebCore::DeleteSelectionCommand::doApply):
1831
1832 2016-07-21  Chris Dumez  <cdumez@apple.com>
1833
1834         The 2 first parameters to DOMImplementation.createDocument() should be mandatory
1835         https://bugs.webkit.org/show_bug.cgi?id=160030
1836
1837         Reviewed by Sam Weinig.
1838
1839         The 2 first parameters to DOMImplementation.createDocument() should be mandatory
1840         as per the specification:
1841         - https://dom.spec.whatwg.org/#domimplementation
1842
1843         Firefox and Chrome both agree with the specification. However, those
1844         parameters were marked as optional in WebKit. Calling this function
1845         without parameters would create a document element whose tag is the
1846         string "undefined", which does not seem helpful. This patch thus
1847         aligns our behavior with the specification and other browsers.
1848
1849         No new tests, rebaselined existing tests.
1850
1851         * dom/DOMImplementation.idl:
1852
1853 2016-07-21  Chris Dumez  <cdumez@apple.com>
1854
1855         Kill legacy valueToStringWithNullCheck() utility function
1856         https://bugs.webkit.org/show_bug.cgi?id=159991
1857
1858         Reviewed by Sam Weinig.
1859
1860         Kill legacy valueToStringWithNullCheck() utility function. Treating null as
1861         a null string is legacy behavior so drop this function so that people are
1862         not tempted to use it. We should be using either:
1863         1. JSValue::toWTFString() for non-nullable DOMStrings
1864         2. valueToStringWithUndefinedOrNullCheck() for nullable DOMStrings
1865         3. valueToStringTreatingNullAsEmptyString() for strings with [TreatNullAs=EmptyString]
1866
1867         No new tests, no web-exposed behavior change.
1868
1869         * bindings/js/JSDOMBinding.cpp:
1870         (WebCore::valueToStringWithNullCheck): Deleted.
1871         * bindings/js/JSDOMBinding.h:
1872         * bindings/js/JSHTMLFrameElementCustom.cpp:
1873         (WebCore::JSHTMLFrameElement::setLocation):
1874         * html/HTMLFrameElement.idl:
1875
1876 2016-07-21  Zalan Bujtas  <zalan@apple.com>
1877
1878         Do not keep invalid IOSurface in ImageBufferData.
1879         https://bugs.webkit.org/show_bug.cgi?id=160005
1880         <rdar://problem/27208636>
1881
1882         Reviewed by Simon Fraser.
1883
1884         When we fail to initialize the IOSurface for the accelerated context, we switch over to
1885         the non-accelerated code path. Since ImageBufferData::surface is used to indicate whether
1886         the graphics context is in accelerated mode, we need to reset it when the initialization fails.
1887
1888         Unable to create a test case.
1889
1890         * platform/graphics/cg/ImageBufferCG.cpp:
1891         (WebCore::ImageBuffer::ImageBuffer):
1892
1893 2016-07-21  Chris Dumez  <cdumez@apple.com>
1894
1895         playsInline IDL attribute has the wrong casing
1896         https://bugs.webkit.org/show_bug.cgi?id=160029
1897         <rdar://problem/27474031>
1898
1899         Reviewed by Jon Lee.
1900
1901         Fix case from video.playsinline to video.playsInline in order to match
1902         the specification:
1903         - https://html.spec.whatwg.org/multipage/embedded-content.html#the-video-element:dom-video-playsinline
1904
1905         It still reflects the "playsinline" content attribute though, as per
1906         the specification:
1907         - https://html.spec.whatwg.org/multipage/embedded-content.html#dom-video-playsinline
1908
1909         No new tests, updated existing test.
1910
1911         * html/HTMLVideoElement.idl:
1912
1913 2016-07-21  Chris Dumez  <cdumez@apple.com>
1914
1915         Drop [TreatNullAs=EmptyString] from CanvasRenderingContext2D.globalCompositeOperation
1916         https://bugs.webkit.org/show_bug.cgi?id=160026
1917
1918         Reviewed by Sam Weinig.
1919
1920         Drop [TreatNullAs=EmptyString] from CanvasRenderingContext2D.globalCompositeOperation
1921         attribute as it does not match the specification:
1922         - https://html.spec.whatwg.org/multipage/scripting.html#canvascompositing
1923
1924         It does not change web-exposed behavior because assigning to "" or "null"
1925         gets ignored as those are not valid operations.
1926
1927         Test: fast/canvas/context-globalCompositeOperation-null.html
1928
1929         * html/canvas/CanvasRenderingContext2D.idl:
1930
1931 2016-07-21  Carlos Garcia Campos  <cgarcia@igalia.com>
1932
1933         [GTK][Threaded Compositor] Overlay scrollbars shouldn't be a requirement of the threaded compositor
1934         https://bugs.webkit.org/show_bug.cgi?id=160020
1935
1936         Reviewed by Michael Catanzaro.
1937
1938         It has been a requirement only because we didn't really know why frame scrollbars were not rendered when using
1939         the threaded compositor. The reason is that RenderView doesn't use layers for FrameView scrollbars by default,
1940         unless using overlay scrollbars. When using the threaded compositor we really need layers for the FrameView
1941         scrollbars even when not using overlay scrollbars.
1942
1943         * platform/gtk/ScrollbarThemeGtk.cpp:
1944         (WebCore::ScrollbarThemeGtk::ScrollbarThemeGtk): Stop enforcing overlay scrollbars when threaded compositor is enabled.
1945         * rendering/RenderLayerCompositor.cpp:
1946         (WebCore::RenderLayerCompositor::shouldCompositeOverflowControls): Always use layers for scrollbars when
1947         threaded compositor is enabled.
1948
1949 2016-07-21  Carlos Garcia Campos  <cgarcia@igalia.com>
1950
1951         [Cairo] Fix a crash in fast/canvas/canvas-getImageData-invalid-result-buffer-crash.html
1952         https://bugs.webkit.org/show_bug.cgi?id=160014
1953
1954         Reviewed by Michael Catanzaro.
1955
1956         In r202887 some null checks were added for JSArray::createUninitialized (and related) but not for the
1957         ImageBuffer cairo implementation.
1958
1959         * platform/graphics/cairo/ImageBufferCairo.cpp:
1960         (WebCore::getImageData): Return early if Uint8ClampedArray::createUninitialized() returns nullptr.
1961
1962 2016-07-21  Miguel Gomez  <magomez@igalia.com>
1963
1964         [GTK] The GSTREAMER_GL path in MediaPlayerPrivateGStreamerBase::paintToTextureMapper() is missing a mutex lock
1965         https://bugs.webkit.org/show_bug.cgi?id=160018
1966
1967         Reviewed by Philippe Normand.
1968
1969         Lock the video sample mutex while accessing it.
1970
1971         Covered by existent tests.
1972
1973         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
1974         (WebCore::MediaPlayerPrivateGStreamerBase::paintToTextureMapper):
1975
1976 2016-07-21  Miguel Gomez  <magomez@igalia.com>
1977
1978         [Threaded Compositor] Flickering when zooming in/out in maps.google.com
1979         https://bugs.webkit.org/show_bug.cgi?id=154069
1980
1981         Reviewed by Carlos Garcia Campos.
1982
1983         Add a new extra buffer to GraphicsContext3D when using the Threaded Compositor,
1984         so it doesn't have to reuse the buffers that are still waiting for composition.
1985
1986         Covered by existing tests.
1987
1988         * platform/graphics/GraphicsContext3D.h:
1989         Add a new texture to use for the rendering. Remove the compositor fbo we were using.
1990         * platform/graphics/cairo/GraphicsContext3DCairo.cpp:
1991         (WebCore::GraphicsContext3D::GraphicsContext3D):
1992         Initialize the new texture and remove the previous fbo related code.
1993         (WebCore::GraphicsContext3D::~GraphicsContext3D):
1994         Properly destroy the new texture and remove the previous fbo related code.
1995         * platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:
1996         (WebCore::GraphicsContext3D::reshapeFBOs):
1997         Allocate the new texture and remove the previous fbo allocation.
1998         * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
1999         (WebCore::GraphicsContext3D::prepareTexture):
2000         Use a single fbo with three textures instead of two fbos with a texture each.
2001         Rotate the three textures usage so:
2002         - m_texture becomes m_compositorTexture to be pushed to the compositor.
2003         - m_intermediateTexture becomes m_texture to receive the next rendering.
2004         - m_compositorTexture becomes m_intermediateTexture.
2005         And add a glFlush() to ensure that the gl commands are sent to the pipeline.
2006         * platform/graphics/opengl/GraphicsContext3DOpenGLES.cpp:
2007         (WebCore::GraphicsContext3D::reshapeFBOs):
2008         Allocate the new texture.
2009
2010 2016-07-21  Carlos Garcia Campos  <cgarcia@igalia.com>
2011
2012         [GTK][Threaded Compositor] Web view background colors don't work
2013         https://bugs.webkit.org/show_bug.cgi?id=159465
2014
2015         Reviewed by Michael Catanzaro.
2016
2017         * rendering/RenderLayerBacking.cpp:
2018         (WebCore::RenderLayerBacking::createPrimaryGraphicsLayer): Initialize frame view layer opacity for platforms not
2019         using the tiled cache layer.
2020
2021 2016-07-20  Youenn Fablet  <youenn@apple.com>
2022
2023         [XHR] Cache response JS object in case of arraybuffer and blob response types
2024         https://bugs.webkit.org/show_bug.cgi?id=128903
2025
2026         Reviewed by Alex Christensen.
2027
2028         Covered by existing and modified tests.
2029
2030         Making response getter a JS builtin that caches response in @response private slot.
2031         Handling invalidation of cached response with @responseCacheIsValid new private method.
2032         Handling creation of cached response with @retrieveResponse new private method which reuses most of
2033         JSXMLHttpRequest::response previous code.
2034
2035         Caching of responses is activated whenever load ended without any error for blob and arraybuffer response types.
2036
2037         Caching of response for document is also activated in case the response getter is used but not if responseXML getter is used.
2038
2039         * CMakeLists.txt: Adding XMLHttpRequest.js.
2040         * DerivedSources.make: Ditto.
2041         * bindings/js/JSXMLHttpRequestCustom.cpp:
2042         (WebCore::JSXMLHttpRequest::retrieveResponse): Implements creation of to-be-cached response.
2043         (WebCore::JSXMLHttpRequest::response): Deleted.
2044         * bindings/js/WebCoreBuiltinNames.h: Adding new private names.
2045         * xml/XMLHttpRequest.cpp:
2046         (WebCore::XMLHttpRequest::didCacheResponse): Renamed from didCacheResponseJSON as all response types are now cached.
2047         (WebCore::XMLHttpRequest::didCacheResponseJSON): Deleted.
2048         * xml/XMLHttpRequest.h:
2049         * xml/XMLHttpRequest.idl:
2050
2051 2016-07-20  Youenn Fablet  <youenn@apple.com>
2052
2053         Remove crossOriginRequestPolicy from ThreadableLoaderOptions
2054         https://bugs.webkit.org/show_bug.cgi?id=159417
2055
2056         Reviewed by Alex Christensen.
2057
2058         No observable change.
2059
2060         * Modules/fetch/FetchLoader.cpp:
2061         (WebCore::FetchLoader::start): DenyCrossOriginRequests -> FetchOptions::Mode::SameOrigin.
2062         * fileapi/FileReaderLoader.cpp:
2063         (WebCore::FileReaderLoader::start): DenyCrossOriginRequests -> FetchOptions::Mode::SameOrigin.
2064         * inspector/InspectorNetworkAgent.cpp:
2065         (WebCore::InspectorNetworkAgent::loadResource): AllowCrossOriginRequests -> FetchOptions::Mode::NoCors.
2066         * loader/DocumentThreadableLoader.cpp:
2067         (WebCore::DocumentThreadableLoader::DocumentThreadableLoader): Ditto.
2068         (WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequest): UseAccessControl -> FetchOptions::Mode::Cors.
2069         (WebCore::DocumentThreadableLoader::redirectReceived): Ditto.
2070         (WebCore::DocumentThreadableLoader::didReceiveResponse): Ditto.
2071         (WebCore::DocumentThreadableLoader::loadRequest): Use NoCors as option passed to ResourceLoader. This allows
2072         desactivating ResourceLoader CORS checks as they are done in DocumentThreadableLoader right now. In the future,
2073         these checks should be moved to ResourceLoader and DocumentThreadableLoader should directly pass the fetch mode
2074         option.
2075         (WebCore::DocumentThreadableLoader::isAllowedRedirect): AllowCrossOriginRequests -> FetchOptions::Mode::NoCors.
2076         * loader/ThreadableLoader.cpp:
2077         (WebCore::ThreadableLoaderOptions::ThreadableLoaderOptions): Removing CrossOriginRequestPolicy.
2078         * loader/ThreadableLoader.h: Ditto.
2079         * loader/WorkerThreadableLoader.cpp:
2080         (WebCore::LoaderTaskOptions::LoaderTaskOptions): Ditto.
2081         * page/EventSource.cpp:
2082         (WebCore::EventSource::connect): UseAccessControl -> FetchOptions::Mode::Cors.
2083         * workers/Worker.cpp:
2084         (WebCore::Worker::create): DenyCrossOriginRequests -> FetchOptions::Mode::SameOrigin.
2085         * workers/WorkerGlobalScope.cpp:
2086         (WebCore::WorkerGlobalScope::importScripts): AllowCrossOriginRequests -> FetchOptions::Mode::NoCors.
2087         * workers/WorkerScriptLoader.cpp:
2088         (WebCore::WorkerScriptLoader::loadSynchronously):
2089         (WebCore::WorkerScriptLoader::loadAsynchronously):
2090         * workers/WorkerScriptLoader.h:
2091         * xml/XMLHttpRequest.cpp:
2092         (WebCore::XMLHttpRequest::createRequest):
2093
2094 2016-07-20  Chris Dumez  <cdumez@apple.com>
2095
2096         Fix null handling of several Document attributes
2097         https://bugs.webkit.org/show_bug.cgi?id=159997
2098
2099         Reviewed by Ryosuke Niwa.
2100
2101         Fix null handling of the following Document attributes: title, cookie
2102         and domain.
2103
2104         In WebKit, they were all marked as [TreatNullAs=EmptyString], which
2105         does not match the specification:
2106         - https://html.spec.whatwg.org/multipage/dom.html#document
2107
2108         Details for each attribute:
2109         - title: null is now treated as the string "null", thus setting the
2110           document title to "null". This matches Firefox and Chrome.
2111         - cookie: adds a "null" cookie instead of being a no-op. This matches
2112                   both Firefox and Chrome.
2113         - domain: Calls setDomain(String("null")) instead of
2114                   setDomain(String()). This throws an exception because "null"
2115                   is not a suffix of the effective domain name. The behavior
2116                   is the same in Firefox and Chrome. Previously, we were
2117                   already throwing an exception since setting the domain to
2118                   the empty string throws, as per the specification.
2119
2120         Test: http/tests//dom/document-attributes-null-handling.html
2121
2122         * dom/Document.idl:
2123
2124 2016-07-20  Commit Queue  <commit-queue@webkit.org>
2125
2126         Unreviewed, rolling out r203471.
2127         https://bugs.webkit.org/show_bug.cgi?id=160003
2128
2129         many iOS-simulator tests are failing (Requested by litherum on
2130         #webkit).
2131
2132         Reverted changeset:
2133
2134         "[iPhone] Playing a video on tudou.com plays only sound, no
2135         video"
2136         https://bugs.webkit.org/show_bug.cgi?id=159967
2137         http://trac.webkit.org/changeset/203471
2138
2139 2016-07-19  Ryosuke Niwa  <rniwa@webkit.org>
2140
2141         iOS: Cannot paste images in RTF content
2142         https://bugs.webkit.org/show_bug.cgi?id=159964
2143         <rdar://problem/27442806>
2144
2145         Reviewed by Enrica Casucci.
2146
2147         The bug was caused by setDefersLoading(true) not deferring image loading for the parsed fragment.
2148         Worked around this bug by disabling image loading while parsing the document fragment.
2149
2150         * editing/ios/EditorIOS.mm:
2151         (WebCore::Editor::createFragmentAndAddResources):
2152
2153 2016-07-20  Brady Eidson  <beidson@apple.com>
2154
2155         Address a small FIXME in IDB code.
2156         https://bugs.webkit.org/show_bug.cgi?id=159999
2157
2158         Reviewed by Andy Estes.
2159
2160         No new tests (No behavior change).
2161
2162         * Modules/indexeddb/IDBRequest.cpp:
2163         (WebCore::IDBRequest::IDBRequest):
2164         
2165         * Modules/indexeddb/shared/IDBResourceIdentifier.cpp:
2166         (WebCore::IDBResourceIdentifier::IDBResourceIdentifier): Deleted.
2167         * Modules/indexeddb/shared/IDBResourceIdentifier.h:
2168
2169 2016-07-20  Brady Eidson  <beidson@apple.com>
2170
2171         Remove some "modernFoo"s from IndexedDB code.
2172         https://bugs.webkit.org/show_bug.cgi?id=159985
2173
2174         Reviewed by Andy Estes.
2175
2176         No new tests (No known behavior change).
2177
2178         * Modules/indexeddb/IDBCursor.cpp:
2179         (WebCore::IDBCursor::IDBCursor):
2180         (WebCore::IDBCursor::~IDBCursor):
2181         (WebCore::IDBCursor::sourcesDeleted):
2182         (WebCore::IDBCursor::effectiveObjectStore):
2183         (WebCore::IDBCursor::transaction):
2184         (WebCore::IDBCursor::direction):
2185         (WebCore::IDBCursor::update):
2186         (WebCore::IDBCursor::advance):
2187         (WebCore::IDBCursor::continueFunction):
2188         (WebCore::IDBCursor::uncheckedIterateCursor):
2189         (WebCore::IDBCursor::deleteFunction):
2190         (WebCore::IDBCursor::setGetResult):
2191         
2192         * Modules/indexeddb/IDBIndex.cpp:
2193         (WebCore::IDBIndex::IDBIndex):
2194         (WebCore::IDBIndex::~IDBIndex):
2195         (WebCore::IDBIndex::hasPendingActivity):
2196         (WebCore::IDBIndex::name):
2197         (WebCore::IDBIndex::objectStore):
2198         (WebCore::IDBIndex::keyPath):
2199         (WebCore::IDBIndex::unique):
2200         (WebCore::IDBIndex::multiEntry):
2201         (WebCore::IDBIndex::openCursor):
2202         (WebCore::IDBIndex::doCount):
2203         (WebCore::IDBIndex::openKeyCursor):
2204         (WebCore::IDBIndex::doGet):
2205         (WebCore::IDBIndex::doGetKey):
2206         (WebCore::IDBIndex::markAsDeleted):
2207         * Modules/indexeddb/IDBIndex.h:
2208         
2209         * Modules/indexeddb/IDBObjectStore.cpp:
2210         (WebCore::IDBObjectStore::transaction):
2211         (WebCore::IDBObjectStore::deleteFunction): Deleted.
2212         (WebCore::IDBObjectStore::modernDelete): Deleted.
2213         * Modules/indexeddb/IDBObjectStore.h:
2214         
2215         * bindings/js/JSIDBIndexCustom.cpp:
2216         (WebCore::JSIDBIndex::visitAdditionalChildren):
2217
2218 2016-07-20  Chris Dumez  <cdumez@apple.com>
2219
2220         Stop using valueToStringWithNullCheck() in JSCSSStyleDeclaration::putDelegate()
2221         https://bugs.webkit.org/show_bug.cgi?id=159982
2222
2223         Reviewed by Ryosuke Niwa.
2224
2225         valueToStringWithNullCheck() treats null as the null String() which is
2226         legacy / non standard behavior. The specification says we should treat
2227         null as the empty string:
2228         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-camel-cased-attribute
2229
2230         Therefore, we should be using valueToStringTreatingNullAsEmptyString() instead.
2231
2232         In practice, there is no web-exposed behavior change because
2233         MutableStyleProperties::setProperty() removes the property wether the
2234         value is the null String or the empty String.
2235
2236         This behavior is correct since the specification says that we should
2237         remove the property if the value is the empty string:
2238         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-setproperty (step 4)
2239
2240         I added test coverage to make sure we behave according to specification.
2241         This test is passing in Firefox, Chrome and in WebKit (before and after
2242         my change).
2243
2244         Test: fast/css/CSSStyleDeclaration-property-setter.html
2245
2246         * bindings/js/JSCSSStyleDeclarationCustom.cpp:
2247         (WebCore::JSCSSStyleDeclaration::putDelegate):
2248
2249 2016-07-20  Chris Dumez  <cdumez@apple.com>
2250
2251         Fix null handling of HTMLFrameElement.marginWidth / marginHeight
2252         https://bugs.webkit.org/show_bug.cgi?id=159987
2253
2254         Reviewed by Ryosuke Niwa.
2255
2256         Fix null handling of HTMLFrameElement.marginWidth / marginHeight:
2257         - https://html.spec.whatwg.org/multipage/obsolete.html#htmlframeelement
2258
2259         We are supposed to treat null as the empty string but we treat it as
2260         the string "null".
2261
2262         Firefox and Chrome both match the specification.
2263
2264         No new tests, updated existing tests.
2265
2266         * html/HTMLFrameElement.idl:
2267
2268 2016-07-20  Wenson Hsieh  <wenson_hsieh@apple.com>
2269
2270         Pausing autoplayed media should not remove all restrictions for that media element
2271         https://bugs.webkit.org/show_bug.cgi?id=159988
2272
2273         Reviewed by Jon Lee.
2274
2275         Localizes the removal of behavior restrictions introduced in r203464 upon pausing an
2276         autoplaying video to just affect the hiding or showing of the media controller. This
2277         prevents pages from using Javascript to start playing autoplaying videos that have
2278         been paused by the user.
2279
2280         * html/HTMLMediaElement.cpp:
2281         (WebCore::HTMLMediaElement::pause):
2282
2283 2016-07-20  Myles C. Maxfield  <mmaxfield@apple.com>
2284
2285         [iPhone] Playing a video on tudou.com plays only sound, no video
2286         https://bugs.webkit.org/show_bug.cgi?id=159967
2287         <rdar://problem/26964090>
2288
2289         Reviewed by Jon Lee.
2290
2291         WebKit recently starting honoring the playsinline and webkit-playsinline
2292         attribute on iPhones. However, because these attributes previously did
2293         nothing, some sites (such as Todou) were setting them on their content
2294         and expecting that they are not honored. In this specific case, the
2295         video is absolutely positioned to be 1 pixel x 1 pixel.
2296
2297         Previously, with iOS 9, apps could set the allowsInlineMediaPlayback
2298         property on their WKWebView, which would honor the webkit-playsinline
2299         attribute. Safari on iPhones didn't do this.
2300
2301         In order to not break these existing apps, it's important that the
2302         allowsInlineMediaPlayback preference still allows webkit-playsinline
2303         videos to play inline in apps using WKWebView. However, in Safari, these
2304         videos should play fullscreen. (Todou videos have webkit-playsinline
2305         but not playsinline.)
2306
2307         Therefore, in Safari, videos with playsinline should be inline, but
2308         videos with webkit-playsinline should be fullscreen. In apps using
2309         WKWebViews, if the app sets allowsInlineMediaPlayback, then videos with
2310         playsinline should be inline, and videos with webkit-playsinline should
2311         also be inline. Videos on iPad and Mac should all be inline by default.
2312
2313         We can create some truth tables for the cases which need to be covered:
2314
2315         All apps on Mac / iPad:
2316         Presence of playsinline | Presence of webkit-playsinline | Result
2317         ========================|================================|===========
2318         Not present             | Not present                    | Inline
2319         Present                 | Not present                    | Inline
2320         Not Present             | Present                        | Inline
2321         Present                 | Present                        | Inline
2322
2323         Safari on iPhone:
2324         Presence of playsinline | Presence of webkit-playsinline | Result
2325         ========================|================================|===========
2326         Not present             | Not present                    | Fullscreen
2327         Present                 | Not present                    | Inline
2328         Not Present             | Present                        | Fullscreen
2329         Present                 | Present                        | Inline
2330
2331         App on iPhone which sets allowsInlineMediaPlayback:
2332         Presence of playsinline | Presence of webkit-playsinline | Result
2333         ========================|================================|===========
2334         Not present             | Not present                    | Fullscreen
2335         Present                 | Not present                    | Inline
2336         Not Present             | Present                        | Inline
2337         Present                 | Present                        | Inline
2338
2339         The way to distinguish Safari from another app is to create an SPI
2340         boolean preference which Safari can set. This is already how the
2341         iPhone and iPad are differentiated using the requiresPlayInlineAttribute
2342         which Safari sets but other apps don't. However, this preference is
2343         no longer sufficient because Safari should now be discriminating
2344         between the playsinline and webkit-playsinline attributes. Therefore,
2345         this preference should be extended to two boolean preferences, which
2346         this patch adds:
2347
2348         allowsInlineMediaPlaybackWithPlaysInlineAttribute
2349         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute
2350
2351         Safari on iPhone will set
2352         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to true,
2353         and allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to
2354         false. Other apps on iPhone will get their defaults values (because they
2355         are SPI) which means they will both be true. On iPad and Mac, apps will
2356         use the defaults values where both are false.
2357
2358         This patch adds support for these two preferences, but does not remove
2359         the existing inlineMediaPlaybackRequiresPlaysInlineAttribute preference.
2360         I will remove the exising preference as soon as I update Safari to migrate
2361         off of it.
2362
2363         Test: media/video-playsinline.html
2364
2365         * html/MediaElementSession.cpp:
2366         (WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):
2367         * page/Settings.cpp:
2368         * page/Settings.in:
2369         * testing/InternalSettings.cpp:
2370         (WebCore::InternalSettings::Backup::Backup):
2371         (WebCore::InternalSettings::Backup::restoreTo):
2372         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithPlaysInlineAttribute):
2373         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute):
2374         * testing/InternalSettings.h:
2375         * testing/InternalSettings.idl:
2376
2377 2016-07-20  Chris Dumez  <cdumez@apple.com>
2378
2379         Get rid of custom bindings code for XMLHttpRequest.open()
2380         https://bugs.webkit.org/show_bug.cgi?id=159984
2381
2382         Reviewed by Ryosuke Niwa.
2383
2384         Get rid of custom bindings code for XMLHttpRequest.open() as the
2385         bindings generator is able to generate it.
2386
2387         Relevant specification:
2388         - https://xhr.spec.whatwg.org/#xmlhttprequest
2389
2390         The issue is that legacy content prevents treating the 'async' argument
2391         being undefined identical from it being omitted. However, this can be
2392         achieved by using overloading in IDL, like in the specification.
2393
2394         No new tests, already covered by the following tests:
2395         - http/tests/xmlhttprequest/basic-auth.html
2396         - http/tests/xmlhttprequest/open-async-overload.html
2397
2398         * bindings/js/JSXMLHttpRequestCustom.cpp:
2399         (WebCore::SendFunctor::SendFunctor): Deleted.
2400         (WebCore::SendFunctor::line): Deleted.
2401         (WebCore::SendFunctor::column): Deleted.
2402         (WebCore::SendFunctor::url): Deleted.
2403         (WebCore::SendFunctor::operator()): Deleted.
2404         * xml/XMLHttpRequest.cpp:
2405         (WebCore::XMLHttpRequest::open):
2406         * xml/XMLHttpRequest.h:
2407         * xml/XMLHttpRequest.idl:
2408
2409 2016-07-20  Rawinder Singh  <rawinder.singh-webkit@cisra.canon.com.au>
2410
2411         Mark overriden methods in WebCore/svg final classes as final
2412         https://bugs.webkit.org/show_bug.cgi?id=159966
2413
2414         Reviewed by Michael Catanzaro.
2415
2416         Update WebCore/svg classes so that overriden methods in final classes are marked final.
2417
2418         * svg/SVGAElement.h:
2419         * svg/SVGAltGlyphDefElement.h:
2420         * svg/SVGAltGlyphItemElement.h:
2421         * svg/SVGAnimateTransformElement.h:
2422         * svg/SVGAnimatedColor.h:
2423         * svg/SVGCircleElement.h:
2424         * svg/SVGClipPathElement.h:
2425         * svg/SVGCursorElement.h:
2426         * svg/SVGDefsElement.h:
2427         * svg/SVGDescElement.h:
2428         * svg/SVGEllipseElement.h:
2429         * svg/SVGFEMergeNodeElement.h:
2430         * svg/SVGFilterElement.h:
2431         * svg/SVGFontElement.h:
2432         * svg/SVGFontFaceElement.h:
2433         * svg/SVGFontFaceFormatElement.h:
2434         * svg/SVGFontFaceNameElement.h:
2435         * svg/SVGFontFaceSrcElement.h:
2436         * svg/SVGFontFaceUriElement.h:
2437         * svg/SVGForeignObjectElement.h:
2438         * svg/SVGGElement.h:
2439         * svg/SVGGlyphElement.h:
2440         * svg/SVGGlyphRefElement.h:
2441         * svg/SVGHKernElement.h:
2442         * svg/SVGImageElement.h:
2443         * svg/SVGLineElement.h:
2444         * svg/SVGMPathElement.h:
2445         * svg/SVGMaskElement.h:
2446         * svg/SVGMetadataElement.h:
2447         * svg/SVGMissingGlyphElement.h:
2448         * svg/SVGPathBuilder.h:
2449         * svg/SVGPathByteStreamBuilder.h:
2450         * svg/SVGPathByteStreamSource.h:
2451         * svg/SVGPathElement.h:
2452         * svg/SVGPathSegArcAbs.h:
2453         * svg/SVGPathSegArcRel.h:
2454         * svg/SVGPathSegClosePath.h:
2455         * svg/SVGPathSegCurvetoCubicAbs.h:
2456         * svg/SVGPathSegCurvetoCubicRel.h:
2457         * svg/SVGPathSegCurvetoCubicSmoothAbs.h:
2458         * svg/SVGPathSegCurvetoCubicSmoothRel.h:
2459         * svg/SVGPathSegCurvetoQuadraticAbs.h:
2460         * svg/SVGPathSegCurvetoQuadraticRel.h:
2461         * svg/SVGPathSegCurvetoQuadraticSmoothAbs.h:
2462         * svg/SVGPathSegCurvetoQuadraticSmoothRel.h:
2463         * svg/SVGPathSegLinetoAbs.h:
2464         * svg/SVGPathSegLinetoHorizontalAbs.h:
2465         * svg/SVGPathSegLinetoHorizontalRel.h:
2466         * svg/SVGPathSegLinetoRel.h:
2467         * svg/SVGPathSegLinetoVerticalAbs.h:
2468         * svg/SVGPathSegLinetoVerticalRel.h:
2469         * svg/SVGPathSegListBuilder.h:
2470         * svg/SVGPathSegListSource.h:
2471         * svg/SVGPathSegMovetoAbs.h:
2472         * svg/SVGPathSegMovetoRel.h:
2473         * svg/SVGPathStringSource.h:
2474         * svg/SVGPathTraversalStateBuilder.h:
2475         * svg/SVGPatternElement.h:
2476         * svg/SVGRectElement.h:
2477         * svg/SVGScriptElement.h:
2478         * svg/SVGStopElement.h:
2479         * svg/SVGStyleElement.h:
2480         * svg/SVGSwitchElement.h:
2481         * svg/SVGTRefElement.cpp:
2482         * svg/SVGTitleElement.h:
2483         * svg/SVGToOTFFontConversion.cpp:
2484         * svg/SVGUnknownElement.h:
2485         * svg/SVGVKernElement.h:
2486         * svg/SVGViewElement.h:
2487         * svg/SVGZoomEvent.h:
2488         * svg/animation/SVGSMILElement.cpp:
2489         * svg/graphics/SVGImage.h:
2490         * svg/graphics/SVGImageClients.h:
2491         * svg/graphics/SVGImageForContainer.h:
2492         * svg/graphics/filters/SVGFEImage.h:
2493         * svg/graphics/filters/SVGFilter.h:
2494         * svg/properties/SVGAnimatedEnumerationPropertyTearOff.h:
2495         * svg/properties/SVGAnimatedPathSegListPropertyTearOff.h:
2496         * svg/properties/SVGAnimatedPropertyTearOff.h:
2497         * svg/properties/SVGAnimatedTransformListPropertyTearOff.h:
2498         * svg/properties/SVGMatrixTearOff.h:
2499         * svg/properties/SVGPathSegListPropertyTearOff.h:
2500
2501 2016-07-20  Brady Eidson  <beidson@apple.com>
2502
2503         Transition most IDB interfaces from ScriptExecutionContext to ExecState.
2504         https://bugs.webkit.org/show_bug.cgi?id=159975
2505
2506         Reviewed by Alex Christensen.
2507
2508         No new tests (No known behavior change).
2509
2510         * Modules/indexeddb/IDBCursor.cpp:
2511         (WebCore::IDBCursor::continueFunction):
2512         (WebCore::IDBCursor::deleteFunction):
2513         * Modules/indexeddb/IDBCursor.h:
2514         * Modules/indexeddb/IDBCursor.idl:
2515
2516         * Modules/indexeddb/IDBDatabase.idl:
2517
2518         * Modules/indexeddb/IDBFactory.cpp:
2519         (WebCore::IDBFactory::cmp):
2520         * Modules/indexeddb/IDBFactory.h:
2521         * Modules/indexeddb/IDBFactory.idl:
2522
2523         * Modules/indexeddb/IDBIndex.cpp:
2524         (WebCore::IDBIndex::openCursor):
2525         (WebCore::IDBIndex::count):
2526         (WebCore::IDBIndex::doCount):
2527         (WebCore::IDBIndex::openKeyCursor):
2528         (WebCore::IDBIndex::get):
2529         (WebCore::IDBIndex::doGet):
2530         (WebCore::IDBIndex::getKey):
2531         (WebCore::IDBIndex::doGetKey):
2532         * Modules/indexeddb/IDBIndex.h:
2533         * Modules/indexeddb/IDBIndex.idl:
2534
2535         * Modules/indexeddb/IDBKeyRange.cpp:
2536         (WebCore::IDBKeyRange::only): Deleted.
2537         * Modules/indexeddb/IDBKeyRange.h:
2538
2539         * Modules/indexeddb/IDBObjectStore.cpp:
2540         (WebCore::IDBObjectStore::openCursor):
2541         (WebCore::IDBObjectStore::get):
2542         (WebCore::IDBObjectStore::putOrAdd):
2543         (WebCore::IDBObjectStore::deleteFunction):
2544         (WebCore::IDBObjectStore::doDelete):
2545         (WebCore::IDBObjectStore::modernDelete):
2546         (WebCore::IDBObjectStore::clear):
2547         (WebCore::IDBObjectStore::createIndex):
2548         (WebCore::IDBObjectStore::count):
2549         (WebCore::IDBObjectStore::doCount):
2550         * Modules/indexeddb/IDBObjectStore.h:
2551         * Modules/indexeddb/IDBObjectStore.idl:
2552
2553         * Modules/indexeddb/IDBTransaction.cpp:
2554         (WebCore::IDBTransaction::requestOpenCursor):
2555         (WebCore::IDBTransaction::doRequestOpenCursor):
2556         (WebCore::IDBTransaction::requestGetRecord):
2557         (WebCore::IDBTransaction::requestGetValue):
2558         (WebCore::IDBTransaction::requestGetKey):
2559         (WebCore::IDBTransaction::requestIndexRecord):
2560         (WebCore::IDBTransaction::requestCount):
2561         (WebCore::IDBTransaction::requestDeleteRecord):
2562         (WebCore::IDBTransaction::requestClearObjectStore):
2563         (WebCore::IDBTransaction::requestPutOrAdd):
2564         * Modules/indexeddb/IDBTransaction.h:
2565
2566         * inspector/InspectorIndexedDBAgent.cpp:
2567
2568 2016-07-20  Wenson Hsieh  <wenson_hsieh@apple.com>
2569
2570         Media controls don't appear when pausing a small autoplaying video
2571         https://bugs.webkit.org/show_bug.cgi?id=159972
2572         <rdar://problem/27180657>
2573
2574         Reviewed by Beth Dakin.
2575
2576         When pausing an autoplaying video, remove behavior restrictions for the
2577         initial user gesture and show media controls.
2578
2579         New WebKit API test. See VideoControlsManagerSingleSmallAutoplayingVideo.
2580
2581         * html/HTMLMediaElement.cpp:
2582         (WebCore::HTMLMediaElement::pause):
2583
2584 2016-07-20  Chris Dumez  <cdumez@apple.com>
2585
2586         Fix null handling of HTMLMediaElement.mediaGroup
2587         https://bugs.webkit.org/show_bug.cgi?id=159974
2588
2589         Reviewed by Eric Carlson.
2590
2591         Fix null handling of HTMLMediaElement.mediaGroup to match the specification:
2592         - https://www.w3.org/TR/html5/embedded-content-0.html#media-elements
2593
2594         null is supposed to be treated as the String "null". This patch aligns
2595         our behavior with the specification. I tested Firefox and Chrome but both
2596         do not have this attribute on HTMLMediaElement.
2597
2598         Also remove support for [TreatNullAs=LegacyNullString] from our bindings
2599         generator as HTMLMediaElement.mediaGroup was the last user.
2600
2601         No new tests, rebaselined existing test.
2602
2603         * bindings/scripts/CodeGeneratorJS.pm:
2604         (JSValueToNative):
2605         * bindings/scripts/IDLAttributes.txt:
2606         * html/HTMLMediaElement.idl:
2607
2608 2016-07-20  Chris Dumez  <cdumez@apple.com>
2609
2610         CSSStyleDeclaration.setProperty() should be able to unset "important" on a property
2611         https://bugs.webkit.org/show_bug.cgi?id=159959
2612
2613         Reviewed by Alexey Proskuryakov.
2614
2615         CSSStyleDeclaration.setProperty() should be able to unsert "important"
2616         on a property as per the latest specification:
2617         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-setproperty
2618         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-camel-cased-attribute
2619
2620         Firefox and Chrome match the specification here but WebKit was ignoring calls
2621         to setProperty() if there is already an "important" property wit this name
2622         and if the new property does not have the "important" flag set.
2623
2624         This behavior was added a long time ago via Bug 60007. However, it does not
2625         match the latest specification or other browsers.
2626
2627         Test: fast/css/CSSStyleDeclaration-setProperty-unset-important.html
2628
2629         * css/StyleProperties.cpp:
2630         (WebCore::MutableStyleProperties::addParsedProperty):
2631         Drop code that was added via Bug 60007 as this behavior no longer matches the
2632         specification or other browsers. The layout test added in Bug 60007 fails in
2633         other browsers and was updated in this patch to match the specification.
2634
2635 2016-07-20  Commit Queue  <commit-queue@webkit.org>
2636
2637         Unreviewed, rolling out r203423.
2638         https://bugs.webkit.org/show_bug.cgi?id=159977
2639
2640         The test for this change is failing on Mac Release WK2
2641         (Requested by ryanhaddad on #webkit).
2642
2643         Reverted changeset:
2644
2645         "HTMLVideoElement frames do not update on iOS when src is a
2646         MediaStream blob"
2647         https://bugs.webkit.org/show_bug.cgi?id=159833
2648         http://trac.webkit.org/changeset/203423
2649
2650 2016-07-20  Chris Dumez  <cdumez@apple.com>
2651
2652         Fix null handling of HTMLSelectElement.value attribute
2653         https://bugs.webkit.org/show_bug.cgi?id=159925
2654
2655         Reviewed by Benjamin Poulain.
2656
2657         Fix null handling of HTMLSelectElement.value attribute:
2658         - https://html.spec.whatwg.org/multipage/forms.html#htmlselectelement
2659
2660         We were treating null as the null String which would end up setting
2661         selectedIndex to -1. However, we should treat null as the String "null"
2662         which would set the selectedIndex to the index of the <option> element
2663         whose value is "null".
2664
2665         Firefox and Chrome match the specification.
2666
2667         Test: fast/dom/HTMLSelectElement/value-null-handling.html
2668
2669         * html/HTMLSelectElement.cpp:
2670         (WebCore::HTMLSelectElement::setValue):
2671         * html/HTMLSelectElement.idl:
2672
2673 2016-07-20  Chris Dumez  <cdumez@apple.com>
2674
2675         PostResolutionCallbackDisabler can resume pending requests while a ResourceLoadSuspender is alive
2676         https://bugs.webkit.org/show_bug.cgi?id=159962
2677         <rdar://problem/21439264>
2678
2679         Reviewed by David Kilzer.
2680
2681         PostResolutionCallbackDisabler can resume pending requests while a ResourceLoadSuspender
2682         is alive. We have both PostResolutionCallbackDisabler and ResourceLoadSuspender that
2683         call LoaderStrategy::suspendPendingRequests() / LoaderStrategy::resumePendingRequests().
2684         However, PostResolutionCallbackDisabler and ResourceLoadSuspender are not aware of each
2685         other. It is therefore possible for a PostResolutionCallbackDisabler object to get
2686         destroyed, causing LoaderStrategy::resumePendingRequests() to be called while a
2687         ResourceLoadSuspender object is alive.
2688
2689         This leads to hard to investigate crashes where we end up re-entering WebKit and killing
2690         the style resolver.
2691
2692         This patch drops ResourceLoadSuspender and uses PostResolutionCallbackDisabler instead.
2693         There was only one user of ResourceLoadSuspender and PostResolutionCallbackDisabler
2694         is better because it manages a resolutionNestingDepth counter internally to make sure
2695         it only calls LoaderStrategy::resumePendingRequests() once all
2696         PostResolutionCallbackDisabler instances are destroyed.
2697
2698         No new tests, there is no easy way to reproduce the crashes.
2699
2700         * dom/Document.cpp:
2701         (WebCore::Document::styleForElementIgnoringPendingStylesheets):
2702         * loader/LoaderStrategy.cpp:
2703         (WebCore::ResourceLoadSuspender::ResourceLoadSuspender): Deleted.
2704         (WebCore::ResourceLoadSuspender::~ResourceLoadSuspender): Deleted.
2705         * loader/LoaderStrategy.h:
2706
2707 2016-07-19  Youenn Fablet  <youenn@apple.com>
2708
2709         [Fetch API] Add a JS builtin to implement https://fetch.spec.whatwg.org/#concept-headers-fill
2710         https://bugs.webkit.org/show_bug.cgi?id=159932
2711
2712         Reviewed by Alex Christensen.
2713
2714         Covered by existing tests.
2715
2716         Refactoring Headers initializeWith to use the new built-in internal that implements
2717         https://fetch.spec.whatwg.org/#concept-headers-fill.
2718
2719         Refactoring Response constructor to put more checks in the JS builtin fucntion called within constructor.
2720         Making use of the new built-in internal that implements https://fetch.spec.whatwg.org/#concept-headers-fill.
2721
2722         * CMakeLists.txt: Adding FetchHeadersInternals.js
2723         * DerivedSources.make: Ditto.
2724         * Modules/fetch/FetchHeaders.js:
2725         (initializeFetchHeaders): Using fillFetchHeaders new built-in internal.
2726         * Modules/fetch/FetchInternals.js: Added.
2727         (fillFetchHeaders):
2728         * Modules/fetch/FetchResponse.cpp: Refactoring to do more in the JS built-in. Splitting of initializeWith so
2729         that the checks are done in the order defined by the spec.
2730         (WebCore::FetchResponse::setStatus):
2731         (WebCore::FetchResponse::initializeWith):
2732         (WebCore::isNullBodyStatus): Deleted.
2733         * Modules/fetch/FetchResponse.h:
2734         * Modules/fetch/FetchResponse.idl:
2735         * Modules/fetch/FetchResponse.js:
2736         (initializeFetchResponse): New built-in internal.
2737         * WebCore.xcodeproj/project.pbxproj:
2738         * bindings/js/WebCoreBuiltinNames.h:
2739
2740 2016-07-19  Chris Dumez  <cdumez@apple.com>
2741
2742         Fix null handling of SVGScriptElement.type attribute
2743         https://bugs.webkit.org/show_bug.cgi?id=159927
2744
2745         Reviewed by Benjamin Poulain.
2746
2747         Fix null handling of SVGScriptElement.type attribute:
2748         - https://www.w3.org/TR/SVG2/interact.html#InterfaceSVGScriptElement
2749
2750         We were treating null as the null String which would end up removing
2751         the 'type' content attribute. However, we should treat null as the
2752         String "null".
2753
2754         Firefox and Chrome match the specification.
2755
2756         No new tests, updated existing test.
2757
2758         * svg/SVGScriptElement.idl:
2759
2760 2016-07-19  Chris Dumez  <cdumez@apple.com>
2761
2762         Fix null handling of several HTMLDocument attributes
2763         https://bugs.webkit.org/show_bug.cgi?id=159923
2764
2765         Reviewed by Benjamin Poulain.
2766
2767         Fix null handling of several HTMLDocument attributes:
2768         - https://html.spec.whatwg.org/multipage/dom.html#document
2769         - https://html.spec.whatwg.org/multipage/obsolete.html#document-partial
2770
2771         In particular, null handling was incorrect in WebKit for 'dir',
2772         'bgColor', 'fgColor', 'alinkColor', 'linkColor' and 'vlinkColor'.
2773
2774         Firefox and Chrome match the specification.
2775
2776         Test: fast/dom/HTMLDocument/null-handling.html
2777
2778         * html/HTMLDocument.idl:
2779
2780 2016-07-19  Chris Dumez  <cdumez@apple.com>
2781
2782         Document.createElementNS() / createAttributeNS() parameters should be mandatory
2783         https://bugs.webkit.org/show_bug.cgi?id=159938
2784
2785         Reviewed by Benjamin Poulain.
2786
2787         Document.createElementNS() / createAttributeNS() parameters should be mandatory:
2788         - https://dom.spec.whatwg.org/#document
2789
2790         They were optional in WebKit. However, Firefox and Chrome both match the
2791         specification.
2792
2793         No new tests, rebaselined existing tests.
2794
2795         * dom/Document.idl:
2796
2797 2016-07-19  Benjamin Poulain  <bpoulain@apple.com>
2798
2799         Use getElementById for attribute matching if the attribute name is html's id
2800         https://bugs.webkit.org/show_bug.cgi?id=159960
2801
2802         Reviewed by Chris Dumez.
2803
2804         Elliott Sprehn discovered YUI makes heavy uses of querySelector with [id=value]
2805         (https://bugs.chromium.org/p/chromium/issues/detail?id=627242).
2806
2807         If we are not in quirks mode, IdForStyleResolution has the same value
2808         as the Id attribute. We can use the same optimization for both cases.
2809
2810         Tests: fast/selectors/id-attribute-querySelector-used-as-id-selector-quirks.html
2811                fast/selectors/id-attribute-querySelector-used-as-id-selector.html
2812
2813         * dom/SelectorQuery.cpp:
2814         (WebCore::canBeUsedForIdFastPath):
2815         (WebCore::findIdMatchingType):
2816         (WebCore::SelectorDataList::SelectorDataList):
2817         (WebCore::selectorForIdLookup):
2818         (WebCore::filterRootById):
2819
2820 2016-07-19  Chris Dumez  <cdumez@apple.com>
2821
2822         Drop SVGElement.xmlbase attribute
2823         https://bugs.webkit.org/show_bug.cgi?id=159926
2824
2825         Reviewed by Benjamin Poulain.
2826
2827         Drop SVGElement.xmlbase attribute as it is no longer part of the
2828         specification:
2829         - https://www.w3.org/TR/SVG2/types.html#InterfaceSVGElement
2830
2831         Both Firefox and Chrome have already dropped support for
2832         SVGElement.xmlbase.
2833
2834         Chrome's intent to remove:
2835         https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/TfwMq4d25hk/C-v_iC_wKfAJ
2836
2837         Test: svg/dom/SVGElement-xmlbase.html
2838
2839         * svg/SVGElement.cpp:
2840         (WebCore::SVGElement::removedFrom): Deleted.
2841         * svg/SVGElement.h:
2842         * svg/SVGElement.idl:
2843
2844 2016-07-19  Chris Dumez  <cdumez@apple.com>
2845
2846         Align CSSStyleDeclaration.setProperty() with the specification
2847         https://bugs.webkit.org/show_bug.cgi?id=159955
2848
2849         Reviewed by Benjamin Poulain.
2850
2851         Align CSSStyleDeclaration.setProperty() with the specification:
2852         - https://drafts.csswg.org/cssom/#the-cssstyledeclaration-interface
2853
2854         In particular, the following changes were needed:
2855         1. The 'value' parameter should not be optional
2856         2. The 'priority' parameter should treat null as the empty string
2857            rather than the string "null".
2858         3. The 'priority' parameter's default value should be the empty string,
2859            not the string "undefined".
2860         4. CSSStyleDeclaration.setProperty() should return early if 'priority'
2861            is not the empty string and is not an ASCII case-insensitive match
2862            for the string "important".
2863
2864         Chrome matches the specification entirely.
2865         Firefox matches the specification with the exception that it does a
2866         case-sensitive match for "important".
2867
2868         Test: fast/css/CSSStyleDeclaration-setProperty.html
2869
2870         * css/CSSStyleDeclaration.idl:
2871         * css/PropertySetCSSStyleDeclaration.cpp:
2872         (WebCore::PropertySetCSSStyleDeclaration::setProperty):
2873
2874 2016-07-19  Daniel Bates  <dabates@apple.com>
2875
2876         CSP: Improve support for multiple policies to more closely conform to the CSP Level 2 spec.
2877         https://bugs.webkit.org/show_bug.cgi?id=159841
2878         <rdar://problem/27381684>
2879
2880         Reviewed by Brent Fulgham.
2881
2882         Implement a first pass at sending multiple violation reports so as to more closely
2883         conform to section Enforcing multiple policies of the Content Security Policy Level 2 spec.,
2884         <https://w3c.github.io/webappsec-csp/2/> (Editor's Draft, 25 April 2016).
2885
2886         Tests: http/tests/security/contentSecurityPolicy/1.1/script-blocked-sends-multiple-reports.php
2887                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-enforced-policy-and-blocked-by-report-policy.php
2888                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-enforced-policy-and-blocked-by-report-policy2.php
2889                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy.php
2890                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
2891                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-enforced-policy-and-allowed-by-report-policy.php
2892                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-enforced-policy-and-allowed-by-report-policy2.php
2893                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy.php
2894                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy2.php
2895                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy.php
2896                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
2897                http/tests/security/contentSecurityPolicy/1.1/scripthash-in-enforced-policy-and-not-in-report-only.html
2898                http/tests/security/contentSecurityPolicy/1.1/scripthash-in-one-enforced-policy-neither-in-another-enforced-policy-nor-report-policy.html
2899                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-enforced-policy-and-blocked-by-report-policy.php
2900                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-enforced-policy-and-blocked-by-report-policy2.php
2901                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy.php
2902                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
2903                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-enforced-policy-and-allowed-by-report-policy.php
2904                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-enforced-policy-and-allowed-by-report-policy2.php
2905                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy.php
2906                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy2.php
2907                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy.php
2908                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
2909                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-in-enforced-policy-and-not-in-report-only.html
2910                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-in-one-enforced-policy-neither-in-another-enforced-policy-nor-report-policy.html
2911                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-multiple-policies.html
2912
2913         * page/csp/ContentSecurityPolicy.cpp:
2914         (WebCore::ContentSecurityPolicy::allPoliciesWithDispositionAllow): Added. Returns whether the resource
2915         is allowed by all of the policies with the specified disposition.
2916         (WebCore::ContentSecurityPolicy::allPoliciesAllow): Added. Returns whether the resource is allowed by
2917         all of the enforced policies.
2918         (WebCore::ContentSecurityPolicy::findHashOfContentInPolicies): Formerly named foundHashOfContentInAllPolicies.
2919         Modified to return a ("has found hash in all enforced policies, "has found hash in all report-only policies)-pair
2920         so that we can differentiate whether the hash violated an enforced policy or a report-only policy.
2921         (WebCore::ContentSecurityPolicy::allowJavaScriptURLs): Write in terms of ContentSecurityPolicy::allPoliciesAllow().
2922         (WebCore::ContentSecurityPolicy::allowInlineEventHandlers): Ditto.
2923         (WebCore::ContentSecurityPolicy::allowScriptWithNonce): For now only accept a nonce if it is allowed by
2924         all enforced policies. As a side effect of this change is that we only send a CSP violation report when a
2925         nonce violates a report-only policy only if the nonce also violates one or more enforced policies. We will
2926         address this limitation in <https://bugs.webkit.org/show_bug.cgi?id=159830>.
2927         (WebCore::ContentSecurityPolicy::allowStyleWithNonce): Ditto.
2928         (WebCore::ContentSecurityPolicy::allowInlineScript): Differentiate between a hash/'unsafe-inline' that
2929         matches/is contained in all enforce policies and a hash/'unsafe-inline' that matches/is contained in all
2930         report-only policies so that we only allow the resource for the former. As a side effect of this change
2931         we may report that a resource violated a policy even if it contained the hash. See <https://bugs.webkit.org/show_bug.cgi?id=159832>
2932         for more details.
2933         (WebCore::ContentSecurityPolicy::allowInlineStyle): Ditto.
2934         (WebCore::ContentSecurityPolicy::allowEval): Write in terms of ContentSecurityPolicy::allPoliciesAllow().
2935         (WebCore::ContentSecurityPolicy::allowFrameAncestors): Ditto.
2936         (WebCore::ContentSecurityPolicy::allowPluginType): Ditto.
2937         (WebCore::ContentSecurityPolicy::allowScriptFromSource): Ditto.
2938         (WebCore::ContentSecurityPolicy::allowObjectFromSource): Ditto.
2939         (WebCore::ContentSecurityPolicy::allowChildFrameFromSource): Ditto.
2940         (WebCore::ContentSecurityPolicy::allowChildContextFromSource): Ditto.
2941         (WebCore::ContentSecurityPolicy::allowImageFromSource): Ditto.
2942         (WebCore::ContentSecurityPolicy::allowStyleFromSource): Ditto.
2943         (WebCore::ContentSecurityPolicy::allowFontFromSource): Ditto.
2944         (WebCore::ContentSecurityPolicy::allowMediaFromSource): Ditto.
2945         (WebCore::ContentSecurityPolicy::allowConnectToSource): Ditto.
2946         (WebCore::ContentSecurityPolicy::allowFormAction): Ditto.
2947         (WebCore::ContentSecurityPolicy::allowBaseURI): Ditto.
2948         (WebCore::ContentSecurityPolicy::foundHashOfContentInAllPolicies): Deleted.
2949         * page/csp/ContentSecurityPolicy.h:
2950         (WebCore::ContentSecurityPolicy::violatedDirectiveInAnyPolicy): Deleted.
2951
2952 2016-07-19  Chris Dumez  <cdumez@apple.com>
2953
2954         Fix null handling of HTMLScriptElement.text attribute
2955         https://bugs.webkit.org/show_bug.cgi?id=159943
2956
2957         Reviewed by Benjamin Poulain.
2958
2959         Fix null handling of HTMLScriptElement.text attribute:
2960         - https://html.spec.whatwg.org/multipage/scripting.html#the-script-element
2961
2962         We should treat null as the "null" String but we were treating it as
2963         the empty string.
2964
2965         Firefox and Chrome match the specification.
2966
2967         No new tests, rebaselined existing test.
2968
2969         * html/HTMLScriptElement.idl:
2970
2971 2016-07-19  Chris Dumez  <cdumez@apple.com>
2972
2973         autocapitalize attribute should not use [TreatNullAs=LegacyNullString]
2974         https://bugs.webkit.org/show_bug.cgi?id=159934
2975
2976         Reviewed by Benjamin Poulain.
2977
2978         autocapitalize attribute should not use [TreatNullAs=LegacyNullString]. This is
2979         non-standard and we want to drop support for it from the bindings generator.
2980
2981         Instead, use [TreatNullAs=EmptyString] in order to maintain existing behavior
2982         given that both a missing/empty attribute result in using the default
2983         autocapitalization mode and that autocapitalize returns the empty string by
2984         default.
2985
2986         Test: platform/ios-simulator/ios/fast/forms/autocapitalize-null.html
2987
2988         * html/HTMLFormElement.idl:
2989         * html/HTMLInputElement.idl:
2990         * html/HTMLTextAreaElement.idl:
2991
2992 2016-07-19  Zalan Bujtas  <zalan@apple.com>
2993
2994         REGRESSION(r203415): ASSERTION FAILED: !m_layoutRoot->container() || !m_layoutRoot->container()->needsLayout()
2995         https://bugs.webkit.org/show_bug.cgi?id=159952
2996
2997         Reviewed by Simon Fraser.
2998
2999         Update ASSERTs to reflect new functionality, that is, now we can end up in a state
3000         where the container (RenderView) of one of the dirty subtrees is dirty.
3001         See r203415.
3002  
3003         Covered by editing/pasteboard/drag-drop-input-in-svg.svg
3004
3005         * page/FrameView.cpp:
3006         (WebCore::FrameView::scheduleRelayoutOfSubtree):
3007
3008 2016-07-19  Dean Jackson  <dino@apple.com>
3009
3010         REGRESSION(202927): The first slide is the only displayed slide when Quicklooking a Keynote file
3011         https://bugs.webkit.org/show_bug.cgi?id=159948
3012         <rdar://problem/27391012>
3013
3014         Reviewed by Simon Fraser.
3015
3016         There is an iOS bug (<rdar://problem/27416744>) that is causing us
3017         to not always get a color space on CGContextRefs. Investigation of this
3018         exposed some optimizations we can take when we are creating ImageBuffers.
3019         In particular, if we have a bitmap context or an IOSurfaceContext we
3020         can simply copy their color space using API. Otherwise we stick with
3021         the existing CGContextCopyDeviceColorSpace.
3022
3023         Lastly, if for some reason we are unable to copy the device color space,
3024         we should fall back to sRGB.
3025
3026         * platform/graphics/cg/ImageBufferCG.cpp:
3027         (WebCore::ImageBuffer::createCompatibleBuffer):
3028         * platform/spi/cg/CoreGraphicsSPI.h: Add some SPI and enums.
3029
3030
3031 2016-07-19  George Ruan  <gruan@apple.com>
3032
3033         HTMLVideoElement frames do not update on iOS when src is a MediaStream blob
3034         https://bugs.webkit.org/show_bug.cgi?id=159833
3035         <rdar://problem/27379487>
3036
3037         Reviewed by Eric Carlson.
3038
3039         Test: fast/mediastream/MediaStream-video-element-displays-buffer.html
3040
3041         * WebCore.xcodeproj/project.pbxproj:
3042         * platform/graphics/avfoundation/MediaSampleAVFObjC.h: Change create to return a Ref<T> instead
3043         of RefPtr<T>
3044         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h: Make observer of
3045         MediaStreamTrackPrivate and make MediaPlayer use an AVSampleBufferDisplayLayer instead of CALayer.
3046         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm: Ditto.
3047         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::~MediaPlayerPrivateMediaStreamAVFObjC): Clean up
3048         observers and AVSampleBufferDisplayLayer
3049         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::isAvailable): Ensures AVSampleBufferDisplayLayer
3050         is available.
3051         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueAudioSampleBufferFromTrack): Placeholder.
3052         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueVideoSampleBufferFromTrack): Responsible
3053         for enqueuing sample buffers to the active video track.
3054         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::ensureLayer): Ensures that an AVSampleBufferDisplayLayer
3055         exists.
3056         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::destroyLayer): Destroys the AVSampleBufferDisplayLayer.
3057         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::platformLayer): Replace CALayer with AVSampleBufferDisplayLayer.
3058         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::currentDisplayMode): Ditto.
3059         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::sampleBufferUpdated): Called from MediaStreamTrackPrivate when a
3060         new SampleBuffer is available.
3061         (WebCore::updateTracksOfType): Manage adding and removing self as observer from tracks.
3062         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateTracks): Replace CALayer with AVSampleBufferDisplayLayer
3063         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::acceleratedRenderingStateChanged): Copied from
3064         MediaPlayerPrivateMediaSourceAVFObjC.mm
3065         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::load): Deleted CALayer.
3066         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateDisplayMode): Deleted process of updating CALayer.
3067         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateIntrinsicSize): Deleted CALayer.
3068         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::createPreviewLayers): Deleted.
3069         * platform/mediastream/MediaStreamPrivate.cpp:
3070         (WebCore::MediaStreamPrivate::updateActiveVideoTrack): Remove redundant check.
3071         * platform/mediastream/MediaStreamTrackPrivate.cpp:
3072         (WebCore::MediaStreamTrackPrivate::sourceHasMoreMediaData): Called from RealtimeMediaSource when a new SampleBuffer
3073         is available.
3074         * platform/mediastream/MediaStreamTrackPrivate.h:
3075         (WebCore::MediaStreamTrackPrivate::Observer::sampleBufferUpdated): Relays to MediaPlayerPrivateMediaStream that
3076         a new SampleBuffer is available to enqueue to the AVSampleBufferDisplayLayer.
3077         * platform/mediastream/RealtimeMediaSource.cpp:
3078         (WebCore::RealtimeMediaSource::mediaDataUpdated): Relays to all observers that a new SampleBuffer is available.
3079         * platform/mediastream/RealtimeMediaSource.h:
3080         * platform/mediastream/mac/AVVideoCaptureSource.mm:
3081         (WebCore::AVVideoCaptureSource::processNewFrame): Calls mediaDataUpdated when a new SampleBuffer is captured.
3082
3083 2016-07-19  Anders Carlsson  <andersca@apple.com>
3084
3085         Get rid of a #define private public hack in WebCore
3086         https://bugs.webkit.org/show_bug.cgi?id=159953
3087
3088         Reviewed by Dan Bernstein.
3089
3090         Use @package instead.
3091
3092         * bindings/objc/DOMInternal.h:
3093         * bindings/objc/DOMObject.h:
3094
3095 2016-07-19  Andreas Kling  <akling@apple.com>
3096
3097         Fix SharedBuffer leak in MockContentFilter::replacementData().
3098         <https://webkit.org/b/159945>
3099
3100         Reviewed by Andy Estes.
3101
3102         Spotted on leaks bot. This code was pretty explicit about how it's going to leak.
3103         Since this is in the mock filter, it only affected layout tests.
3104
3105         * testing/MockContentFilter.cpp:
3106         (WebCore::MockContentFilter::replacementData):
3107
3108 2016-07-19  Zalan Bujtas  <zalan@apple.com>
3109
3110         theguardian.co.uk crossword puzzles are sometimes not displaying text
3111         https://bugs.webkit.org/show_bug.cgi?id=159924
3112         <rdar://problem/27409483>
3113
3114         Reviewed by Simon Fraser.
3115
3116         This patch fixes the case when
3117         - 2 disjoint subtrees are dirty
3118         - RenderView is also dirty.
3119         and we end up not laying out one of the 2 subtrees.
3120
3121         In FrameView::scheduleRelayoutOfSubtree, we assume that when the RenderView is dirty
3122         we already have a pending full layout which means that any previous subtree layouts have already been
3123         converted to full layouts.
3124         However this assumption is incorrect. RenderView can get dirty without checking if there's
3125         already a pending subtree layout.
3126         One option to solve this problem would be to override RenderObject::setNeedsLayout in RenderView
3127         so that when the RenderView gets dirty, we could also convert any pending subtree layout to full layout.
3128         However RenderObject::setNeedsLayout is a hot function and making it virtual would impact performance.
3129         The other option is to always normalize subtree layouts in FrameView::scheduleRelayoutOfSubtree().
3130         This patch implements the second option.
3131
3132         Test: fast/misc/subtree-layouts.html
3133
3134         * page/FrameView.cpp:
3135         (WebCore::FrameView::scheduleRelayoutOfSubtree):
3136
3137 2016-07-19  Anders Carlsson  <andersca@apple.com>
3138
3139         Some payment authorization status values should keep the sheet active
3140         https://bugs.webkit.org/show_bug.cgi?id=159936
3141         rdar://problem/26756701
3142
3143         Reviewed by Tim Horton.
3144
3145         * Modules/applepay/ApplePaySession.cpp:
3146         (WebCore::ApplePaySession::completePayment):
3147         Keep the sheet active if the status isn't a final state status.
3148
3149         * Modules/applepay/PaymentAuthorizationStatus.h:
3150         (WebCore::isFinalStateStatus):
3151         Add a new helper function that returns whether a given payment authorization status is "final",
3152         meaning that once that status has been passed to completePayment, the session is finished.
3153
3154 2016-07-19  Nan Wang  <n_wang@apple.com>
3155
3156         AX: Incorrect behavior for word related text marker functions when there's collapsed whitespace
3157         https://bugs.webkit.org/show_bug.cgi?id=159910
3158
3159         Reviewed by Chris Fleizach.
3160
3161         We are getting a bad CharacterOffset when there's collapsed whitespace. Added a TraverseOptionValidateOffset
3162         option to make sure we are getting the correct CharacterOffset based on the corresponding Range offset. And
3163         fixed a word navigation issue based on that.
3164
3165         Test: accessibility/mac/text-marker-word-nav-collapsed-whitespace.html
3166
3167         * accessibility/AXObjectCache.cpp:
3168         (WebCore::AXObjectCache::traverseToOffsetInRange):
3169         (WebCore::AXObjectCache::rangeForNodeContents):
3170         (WebCore::AXObjectCache::startOrEndCharacterOffsetForRange):
3171         (WebCore::AXObjectCache::characterOffsetFromVisiblePosition):
3172         (WebCore::AXObjectCache::rightWordRange):
3173         (WebCore::AXObjectCache::previousBoundary):
3174         * accessibility/AXObjectCache.h:
3175         (WebCore::AXObjectCache::isNodeInUse):
3176
3177 2016-07-19  Youenn Fablet  <youenn@apple.com>
3178
3179         [Streams API] ReadableStreamController methods should throw if its stream is not readable
3180         https://bugs.webkit.org/show_bug.cgi?id=159871
3181
3182         Reviewed by Xabier Rodriguez-Calvar.
3183
3184         Spec now mandates close and enqueue to throw if ReadableStream is not readable.
3185         Covered by rebased and/or modified tests.
3186
3187         * Modules/streams/ReadableStreamController.js:
3188         (enqueue): Throwing a TypeError if controlled stream is not readable.
3189         (close): Ditto.
3190
3191 2016-07-19  Simon Fraser  <simon.fraser@apple.com>
3192
3193         Bubbles appear split for a brief moment in Messages
3194         https://bugs.webkit.org/show_bug.cgi?id=159915
3195         rdar://problem/27182267
3196
3197         Reviewed by David Hyatt.
3198
3199         RenderView::repaintRootContents() had a long-standing bug in WebView when the
3200         view is scrolled. repaint() uses visualOverflowRect() but, for the 
3201         RenderView, the visualOverflowRect() is the initial containing block
3202         which is anchored at 0,0. When the view is scrolled it's clipped out and
3203         calls to repaintRootContents() have no effect.
3204         
3205         Change repaintRootContents() to use layoutOverflowRect(). ScrollView::repaintContentRectangle()
3206         will clip it to the view if necessary.
3207
3208         Test: fast/repaint/scrolled-view-full-repaint.html
3209
3210         * rendering/RenderView.cpp:
3211         (WebCore::RenderView::repaintRootContents):
3212
3213 2016-07-19  Dan Bernstein  <mitz@apple.com>
3214
3215         <rdar://problem/27420308> WebCore-7602.1.42 fails to build: error: unused parameter 'vm'
3216
3217         * bindings/js/JSDOMGlobalObject.cpp:
3218         (WebCore::JSDOMGlobalObject::addBuiltinGlobals): Fixed the !ENABLE(STREAMS_API) build.
3219
3220 2016-07-19  Youenn Fablet  <youenn@apple.com>
3221
3222         [Streams API] Make ReadableStream properties not enumerable
3223         https://bugs.webkit.org/show_bug.cgi?id=159868
3224
3225         Reviewed by Darin Adler.
3226
3227         Covered by rebased tests.
3228
3229         Uopdating IDL definitions to mark all functions/attributes as not enumerable.
3230         Updating IDL constructor definitions to correctly compute constructor length.
3231         Updating built-in implementation to correctly compute pipeTo length to 1 (second parameter being optional).
3232
3233         * Modules/streams/ReadableStream.idl:
3234         * Modules/streams/ReadableStream.js:
3235         * Modules/streams/ReadableStreamController.idl:
3236         * Modules/streams/ReadableStreamReader.idl:
3237
3238 2016-07-19  Chris Dumez  <cdumez@apple.com>
3239
3240         form.enctype / encoding / method should treat null as "null" string
3241         https://bugs.webkit.org/show_bug.cgi?id=159916
3242
3243         Reviewed by Ryosuke Niwa.
3244
3245         form.enctype / encoding / method should treat null as "null" string:
3246         - https://html.spec.whatwg.org/multipage/forms.html#htmlformelement
3247
3248         Previously, WebKit would treat null as the null String, which would
3249         end up removing the existing attribute.
3250
3251         Firefox and Chrome match the specification.
3252
3253         Test: fast/dom/HTMLFormElement/null-handling.html
3254
3255         * html/HTMLFormElement.h:
3256         * html/HTMLFormElement.idl:
3257
3258 2016-07-18  Csaba Osztrogon√°c  <ossy@webkit.org>
3259
3260         All-in-one buildfix after r202439
3261         https://bugs.webkit.org/show_bug.cgi?id=159877
3262
3263         Reviewed by Chris Dumez.
3264
3265         * Modules/webaudio/AudioDestinationNode.h:
3266         (WebCore::AudioDestinationNode::resume):
3267         (WebCore::AudioDestinationNode::suspend):
3268         (WebCore::AudioDestinationNode::close):
3269
3270 2016-07-18  Frederic Wang  <fwang@igalia.com>
3271
3272         Move parsing of subscriptshift and superscriptshift from rendering to element classes
3273         https://bugs.webkit.org/show_bug.cgi?id=159622
3274
3275         Reviewed by Darin Adler.
3276
3277         We introduce a new MathMLScriptsElement that is used for elements msub, msup, msubsup and
3278         mmultiscripts in order to create RenderMathMLScripts and parse and expose the values of the
3279         subscriptshift and superscriptshift attributes. This is one more step toward moving MathML
3280         attribute parsing to the DOM (bug 156536).
3281
3282         No new tests, rendering is unchanged.
3283
3284         * CMakeLists.txt: Add MathMLScriptsElement files.
3285         * WebCore.xcodeproj/project.pbxproj: Ditto.
3286         * mathml/MathMLAllInOne.cpp: Ditto.
3287         * mathml/MathMLInlineContainerElement.cpp: Remove handling of scripts.
3288         (WebCore::MathMLInlineContainerElement::createElementRenderer): Deleted.
3289         * mathml/MathMLScriptsElement.cpp: Added. New class to handle scripted elements supporting
3290         parsing for the subscriptshift and superscriptshift MathML lengths.
3291         (WebCore::MathMLScriptsElement::MathMLScriptsElement):
3292         (WebCore::MathMLScriptsElement::create):
3293         (WebCore::MathMLScriptsElement::subscriptShift): Expose the cached length for the shift,
3294         parsing the attribute again if necessary.
3295         (WebCore::MathMLScriptsElement::superscriptShift): Ditto.
3296         (WebCore::MathMLScriptsElement::parseAttribute): Mark attributes dirty.
3297         (WebCore::MathMLScriptsElement::createElementRenderer): Create RenderMathMLScripts.
3298         * mathml/MathMLScriptsElement.h: Ditto.
3299         * mathml/mathtags.in: Map msub, msup, msubsup and mmultiscripts to MathMLScriptsElement.
3300         * rendering/mathml/RenderMathMLScripts.cpp:
3301         (WebCore::RenderMathMLScripts::scriptsElement): Helper function to cast the node to a
3302         MathMLScriptsElement.
3303         (WebCore::RenderMathMLScripts::getScriptMetricsAndLayoutIfNeeded): Resolve the attributes
3304         using the functions from the MathMLScriptsElement class.
3305         * rendering/mathml/RenderMathMLScripts.h: Declare scriptsElement.
3306
3307 2016-07-18  Frederic Wang  <fwang@igalia.com>
3308
3309         Do not store gap and shift parameters on RenderMathMLFraction
3310         https://bugs.webkit.org/show_bug.cgi?id=159876
3311
3312         Reviewed by Darin Adler.
3313
3314         After r203285, the stack and fraction layout parameters are only used in layoutBlock so we
3315         do not need to store them on the class. We remove them and split updateLayoutParameters into
3316         three functions: one to update the linethickness and two others to retrieve the fraction and
3317         stack respectively.
3318
3319         No new tests, rendering is unchanged.
3320
3321         * rendering/mathml/RenderMathMLFraction.cpp:
3322         (WebCore::RenderMathMLFraction::updateLineThickness): Move code to update thickness members here.
3323         (WebCore::RenderMathMLFraction::getFractionParameters): Move code to retrieve fraction parameters here.
3324         (WebCore::RenderMathMLFraction::getStackParameters): Move code to retrieve stack parameters here.
3325         (WebCore::RenderMathMLFraction::layoutBlock): Use the new helper functions and local variables
3326         for fraction and stack parameters.
3327         (WebCore::RenderMathMLFraction::updateLayoutParameters): Deleted.
3328         * rendering/mathml/RenderMathMLFraction.h: Declare new helper functions and remove members
3329         for stack and fraction parameters.
3330
3331 2016-07-18  Chris Dumez  <cdumez@apple.com>
3332
3333         input.formEnctype / formMethod and button.formEnctype / formMethod / type should treat null as "null"
3334         https://bugs.webkit.org/show_bug.cgi?id=159908
3335
3336         Reviewed by Alex Christensen.
3337
3338         input.formEnctype / formMethod and button.formEnctype / formMethod / type
3339         should treat null as "null" String:
3340         - https://html.spec.whatwg.org/multipage/forms.html#htmlinputelement
3341         - https://html.spec.whatwg.org/multipage/forms.html#htmlbuttonelement
3342
3343         In WebKit, we would treat null as a null String which would end up
3344         removing the corresponding attribute. This does not match the
3345         specification. Firefox and Chrome match the specification here.
3346
3347         Tests:
3348         - fast/dom/HTMLButtonElement/null-handling.html
3349         - fast/dom/HTMLInputElement/null-handling.html
3350
3351         * html/HTMLButtonElement.idl:
3352         * html/HTMLInputElement.idl:
3353
3354 2016-07-18  Alex Christensen  <achristensen@webkit.org>
3355
3356         webbookmarksd needs to use the same AppCache directory as MobileSafari
3357         https://bugs.webkit.org/show_bug.cgi?id=159912
3358
3359         Reviewed by Alexey Proskuryakov.
3360
3361         No new tests.  This only changes behavior for webbookmarksd.
3362
3363         * platform/RuntimeApplicationChecks.h:
3364         * platform/RuntimeApplicationChecks.mm:
3365         (WebCore::IOSApplication::isWebBookmarksD): Added.
3366
3367 2016-07-18  Chris Dumez  <cdumez@apple.com>
3368
3369         EventTarget.dispatchEvent() parameter should not be nullable
3370         https://bugs.webkit.org/show_bug.cgi?id=159897
3371
3372         Reviewed by Benjamin Poulain.
3373
3374         EventTarget.dispatchEvent() parameter should not be nullable:
3375         - https://dom.spec.whatwg.org/#interface-eventtarget
3376
3377         Even though the parameter was marked as nullable in our IDL, our
3378         implementation does a null check and we already throw a TypeError
3379         when calling dispatchEvent(null).
3380
3381         Update our IDL so that it matches the specification and so that
3382         the null check is generated in the bindings instead.
3383
3384         No new tests, rebaseline existing tests.
3385
3386         * dom/EventTarget.cpp:
3387         (WebCore::EventTarget::dispatchEventForBindings):
3388         * dom/EventTarget.h:
3389         * dom/EventTarget.idl:
3390
3391 2016-07-18  Chris Dumez  <cdumez@apple.com>
3392
3393         DocType's publicId / systemId should not be nullable
3394         https://bugs.webkit.org/show_bug.cgi?id=159901
3395
3396         Reviewed by Benjamin Poulain.
3397
3398         DocType's publicId / systemId should not be nullable. While they were
3399         not marked as nullable in our IDL, they could be stored as null Strings
3400         in our implementation depending on how the Node was constructed. This
3401         led to subtle bugs where String() != emptyString().
3402
3403         In particular, Node.isEqualNode() would return false when DocumentType