acec440976f56e07ff676f9d40a0d5d7e51baf4b
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2016-04-15  Myles C. Maxfield  <mmaxfield@apple.com>
2
3         ASSERT when loading github.com
4         https://bugs.webkit.org/show_bug.cgi?id=156604
5         <rdar://problem/19890634>
6
7         Reviewed by Darin Adler.
8
9         HTMLFormControlElement::m_isValid is a cache of the results of the valid() function.
10         When cloning the node, we were preserving each individual item, but not the state
11         of the cache. Therefore, the cache and the attributes didn't agree with each other.
12
13         Test: fast/forms/checkValidity-cloneNode-crash.html
14
15         * html/HTMLInputElement.cpp:
16         (WebCore::HTMLInputElement::copyNonAttributePropertiesFromElement):
17
18 2016-04-15  Brent Fulgham  <bfulgham@apple.com>
19
20         Remove support for X-Frame-Options in `<meta>`
21         https://bugs.webkit.org/show_bug.cgi?id=156625
22         <rdar://problem/25748714>
23
24         Reviewed by Darin Adler.
25
26         Follow RFC7034 (Section 4), which recommends that 'X-Frame-Options' be ignored when delivered as part of
27         a '<meta http-equiv="...">' tag. This brings us in line with Firefox, Edge, and Blink.
28
29         Tests: http/tests/security/XFrameOptions/x-frame-options-ignore-deny-meta-tag-in-body.html
30                http/tests/security/XFrameOptions/x-frame-options-ignore-deny-meta-tag-parent-same-origin-allow.html
31                http/tests/security/XFrameOptions/x-frame-options-ignore-deny-meta-tag-parent-same-origin-deny.html
32                http/tests/security/XFrameOptions/x-frame-options-ignore-deny-meta-tag.html
33                http/tests/security/xssAuditor/meta-tag-http-refresh-x-frame-options-ignored.html
34
35         * dom/Document.cpp:
36         (WebCore::Document::processHttpEquiv): Log error message instead of blocking the load.
37
38 2016-04-15  Jer Noble  <jer.noble@apple.com>
39
40         Audio elements should be able to have a controls manager.
41         https://bugs.webkit.org/show_bug.cgi?id=156630
42
43         Reviewed by Beth Dakin.
44
45         Now that there is no longer a architectural restriction about what kind of media elements
46         can be used with WebPlaybackSessionManager, allow audio elements to create a controls
47         manager.
48
49         Drive-by fix: clear the controls manager when destroying the media player due to entering
50         the page cache, and when destroying the media element.
51
52         * html/HTMLMediaElement.cpp:
53         (WebCore::HTMLMediaElement::~HTMLMediaElement):
54         (WebCore::HTMLMediaElement::updatePlayState):
55         (WebCore::HTMLMediaElement::stopWithoutDestroyingMediaPlayer):
56         * html/MediaElementSession.cpp:
57         (WebCore::MediaElementSession::canControlControlsManager):
58
59 2016-04-15  Said Abou-Hallawa  <sabouhallawa@apple.com>
60
61         Calling SVGAnimatedPropertyTearOff::animationEnded() will crash if the SVG property is not animating
62         https://bugs.webkit.org/show_bug.cgi?id=156549
63
64         Reviewed by Darin Adler.
65
66         A speculative fix for a crash which may happen when calling animationEnded()
67         of any SVGAnimatedProperty while it is not animating.
68
69         * svg/SVGAnimatedTypeAnimator.h:
70         (WebCore::SVGAnimatedTypeAnimator::executeAction):
71
72 2016-04-15  Jer Noble  <jer.noble@apple.com>
73
74         Unreviewed build fix for iOS simulator. Assert the correct variable.
75
76         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
77         (-[WebAVPlayerLayer layoutSublayers]):
78         (-[WebAVPlayerLayer resolveBounds]):
79         (-[WebAVPlayerLayer setVideoGravity:]):
80
81 2016-04-14  Jer Noble  <jer.noble@apple.com>
82
83         Allow WebVideoFullscreenManager and Proxy to be used by audio elements.
84         https://bugs.webkit.org/show_bug.cgi?id=156564
85
86         Reviewed by Beth Dakin.
87
88         No new tests; this refactors existing functionality into new classes.
89
90         Tease apart the various WebVideoFullscreen{Interface,Model}{AVKit,Mac,VideoElement} into new
91         WebPlaybackSession… classes dealing exclusively with playback state and commands, leaving
92         fullscreen state and commands in the WebVideoFullscreen… classes. Specifically, create the
93         following new classes:
94
95         - WebPlaybackSessionInterface (copied from WebVideoFullscreenInterface)
96         - WebPlaybackSessionModelMediaElement (copied from WebVideoFullscreenModelMediaElement)
97         - WebPlaybackSessionModel (copied from WebVideoFullscreenModel)
98         - WebPlaybackSessionInterfaceAVKit (copied from WebVideoFullscreenInterfaceAVKit)
99         - WebPlaybackSessionInterfaceMac (copied from WebVideoFullscreenInterfaceMac)
100
101         WebVideoFullscreenInterface and WebVideoFullscreenModel now inherit from
102         WebPlaybackSessionInterface and WebPlaybackSessionModel, respectively. The concrete
103         WebVideoFullscreen… subclasses each take their respective WebPlaybackSession… subclasses and
104         fulfill their WebPlaybackSession interfaces through composition.
105
106         As part of this big tease-apart, the WebAVPlayerController class needs to be exposed in a
107         header (as it's accessed by two different classes now), so that class is moved into its own
108         implementation and header files.
109
110         The one case where a change in a WebPlaybackSession… class needs to be reflected in a
111         WebVideoFullscreen… class is in WebPlaybackSessionInterfaceAVKit, where
112         WebVideoFullscreenInterfaceAVKit needs to be notified when external playback becomes dis/en-
113         abled, so a new WebPlaybackSessionInterfaceAVKitClient interface has been added to allow the
114         WebPlaybackSession… to notify the WebVideoFullscreen….
115
116         The responsibility for the "controls manager" has moved from the WebVideoFullscreen… classes
117         to the WebPlaybackSession… classes, so the ChromeClient interface for creating and destroying
118         those controls is similarly renamed from setUpVideoControlsManager() to
119         setUpPlaybackControlsManager().
120
121         * WebCore.xcodeproj/project.pbxproj:
122         * html/HTMLMediaElement.cpp:
123         (WebCore::HTMLMediaElement::updatePlayState):
124         * page/ChromeClient.h:
125         * platform/cocoa/WebPlaybackSessionInterface.h: Copied from Source/WebCore/platform/cocoa/WebVideoFullscreenInterface.h.
126         (WebCore::WebPlaybackSessionInterface::~WebPlaybackSessionInterface):
127         * platform/cocoa/WebPlaybackSessionModel.h: Added.
128         (WebCore::WebPlaybackSessionModel::~WebPlaybackSessionModel):
129         * platform/cocoa/WebPlaybackSessionModelMediaElement.h: Added.
130         (WebCore::WebPlaybackSessionModelMediaElement::create):
131         (WebCore::WebPlaybackSessionModelMediaElement::mediaElement):
132         * platform/cocoa/WebPlaybackSessionModelMediaElement.mm: Added.
133         (WebPlaybackSessionModelMediaElement::WebPlaybackSessionModelMediaElement):
134         (WebPlaybackSessionModelMediaElement::~WebPlaybackSessionModelMediaElement):
135         (WebPlaybackSessionModelMediaElement::setWebPlaybackSessionInterface):
136         (WebPlaybackSessionModelMediaElement::setMediaElement):
137         (WebPlaybackSessionModelMediaElement::handleEvent):
138         (WebPlaybackSessionModelMediaElement::updateForEventName):
139         (WebPlaybackSessionModelMediaElement::play):
140         (WebPlaybackSessionModelMediaElement::pause):
141         (WebPlaybackSessionModelMediaElement::togglePlayState):
142         (WebPlaybackSessionModelMediaElement::beginScrubbing):
143         (WebPlaybackSessionModelMediaElement::endScrubbing):
144         (WebPlaybackSessionModelMediaElement::seekToTime):
145         (WebPlaybackSessionModelMediaElement::fastSeek):
146         (WebPlaybackSessionModelMediaElement::beginScanningForward):
147         (WebPlaybackSessionModelMediaElement::beginScanningBackward):
148         (WebPlaybackSessionModelMediaElement::endScanning):
149         (WebPlaybackSessionModelMediaElement::selectAudioMediaOption):
150         (WebPlaybackSessionModelMediaElement::selectLegibleMediaOption):
151         (WebPlaybackSessionModelMediaElement::updateLegibleOptions):
152         (WebPlaybackSessionModelMediaElement::observedEventNames):
153         (WebPlaybackSessionModelMediaElement::eventNameAll):
154         * platform/cocoa/WebPlaybackSessionModelVideoElement.cpp: Copied from Source/WebCore/platform/cocoa/WebVideoFullscreenModelVideoElement.mm.
155         (WebPlaybackSessionModelVideoElement::WebPlaybackSessionModelVideoElement):
156         (WebPlaybackSessionModelVideoElement::~WebPlaybackSessionModelVideoElement):
157         (WebPlaybackSessionModelVideoElement::setWebVideoFullscreenInterface):
158         (WebPlaybackSessionModelVideoElement::setVideoElement):
159         (WebPlaybackSessionModelVideoElement::handleEvent):
160         (WebPlaybackSessionModelVideoElement::updateForEventName):
161         (WebPlaybackSessionModelVideoElement::play):
162         (WebPlaybackSessionModelVideoElement::pause):
163         (WebPlaybackSessionModelVideoElement::togglePlayState):
164         (WebPlaybackSessionModelVideoElement::beginScrubbing):
165         (WebPlaybackSessionModelVideoElement::endScrubbing):
166         (WebPlaybackSessionModelVideoElement::seekToTime):
167         (WebPlaybackSessionModelVideoElement::fastSeek):
168         (WebPlaybackSessionModelVideoElement::beginScanningForward):
169         (WebPlaybackSessionModelVideoElement::beginScanningBackward):
170         (WebPlaybackSessionModelVideoElement::endScanning):
171         (WebPlaybackSessionModelVideoElement::selectAudioMediaOption):
172         (WebPlaybackSessionModelVideoElement::selectLegibleMediaOption):
173         (WebPlaybackSessionModelVideoElement::updateLegibleOptions):
174         (WebPlaybackSessionModelVideoElement::observedEventNames):
175         (WebPlaybackSessionModelVideoElement::eventNameAll):
176         * platform/cocoa/WebVideoFullscreenInterface.h:
177         * platform/cocoa/WebVideoFullscreenModel.h:
178         (WebCore::WebVideoFullscreenModel::~WebVideoFullscreenModel): Deleted.
179         * platform/cocoa/WebVideoFullscreenModelVideoElement.h:
180         (WebCore::WebVideoFullscreenModelVideoElement::create):
181         * platform/cocoa/WebVideoFullscreenModelVideoElement.mm:
182         (WebVideoFullscreenModelVideoElement::WebVideoFullscreenModelVideoElement):
183         (WebVideoFullscreenModelVideoElement::setWebVideoFullscreenInterface):
184         (WebVideoFullscreenModelVideoElement::setVideoElement):
185         (WebVideoFullscreenModelVideoElement::play):
186         (WebVideoFullscreenModelVideoElement::pause):
187         (WebVideoFullscreenModelVideoElement::togglePlayState):
188         (WebVideoFullscreenModelVideoElement::beginScrubbing):
189         (WebVideoFullscreenModelVideoElement::endScrubbing):
190         (WebVideoFullscreenModelVideoElement::seekToTime):
191         (WebVideoFullscreenModelVideoElement::fastSeek):
192         (WebVideoFullscreenModelVideoElement::beginScanningForward):
193         (WebVideoFullscreenModelVideoElement::beginScanningBackward):
194         (WebVideoFullscreenModelVideoElement::endScanning):
195         (WebVideoFullscreenModelVideoElement::selectAudioMediaOption):
196         (WebVideoFullscreenModelVideoElement::selectLegibleMediaOption):
197         (WebVideoFullscreenModelVideoElement::handleEvent): Deleted.
198         (WebVideoFullscreenModelVideoElement::setVideoFullscreenLayer): Deleted.
199         (WebVideoFullscreenModelVideoElement::setVideoLayerFrame): Deleted.
200         (WebVideoFullscreenModelVideoElement::setVideoLayerGravity): Deleted.
201         (WebVideoFullscreenModelVideoElement::observedEventNames): Deleted.
202         (WebVideoFullscreenModelVideoElement::eventNameAll): Deleted.
203         (WebVideoFullscreenModelVideoElement::fullscreenModeChanged): Deleted.
204         (WebVideoFullscreenModelVideoElement::isVisible): Deleted.
205         * platform/ios/WebAVPlayerController.h: Added.
206         * platform/ios/WebAVPlayerController.mm: Added.
207         (-[WebAVPlayerController dealloc]):
208         (-[WebAVPlayerController resetState]):
209         (-[WebAVPlayerController player]):
210         (-[WebAVPlayerController forwardingTargetForSelector:]):
211         (-[WebAVPlayerController play:]):
212         (-[WebAVPlayerController pause:]):
213         (-[WebAVPlayerController togglePlayback:]):
214         (-[WebAVPlayerController togglePlaybackEvenWhenInBackground:]):
215         (-[WebAVPlayerController isPlaying]):
216         (-[WebAVPlayerController setPlaying:]):
217         (+[WebAVPlayerController keyPathsForValuesAffectingPlaying]):
218         (-[WebAVPlayerController beginScrubbing:]):
219         (-[WebAVPlayerController endScrubbing:]):
220         (-[WebAVPlayerController seekToTime:]):
221         (-[WebAVPlayerController currentTimeWithinEndTimes]):
222         (-[WebAVPlayerController setCurrentTimeWithinEndTimes:]):
223         (+[WebAVPlayerController keyPathsForValuesAffectingCurrentTimeWithinEndTimes]):
224         (-[WebAVPlayerController hasLiveStreamingContent]):
225         (+[WebAVPlayerController keyPathsForValuesAffectingHasLiveStreamingContent]):
226         (-[WebAVPlayerController skipBackwardThirtySeconds:]):
227         (-[WebAVPlayerController gotoEndOfSeekableRanges:]):
228         (-[WebAVPlayerController canScanForward]):
229         (+[WebAVPlayerController keyPathsForValuesAffectingCanScanForward]):
230         (-[WebAVPlayerController beginScanningForward:]):
231         (-[WebAVPlayerController endScanningForward:]):
232         (-[WebAVPlayerController beginScanningBackward:]):
233         (-[WebAVPlayerController endScanningBackward:]):
234         (-[WebAVPlayerController canSeekToBeginning]):
235         (+[WebAVPlayerController keyPathsForValuesAffectingCanSeekToBeginning]):
236         (-[WebAVPlayerController seekToBeginning:]):
237         (-[WebAVPlayerController seekChapterBackward:]):
238         (-[WebAVPlayerController canSeekToEnd]):
239         (+[WebAVPlayerController keyPathsForValuesAffectingCanSeekToEnd]):
240         (-[WebAVPlayerController seekToEnd:]):
241         (-[WebAVPlayerController seekChapterForward:]):
242         (-[WebAVPlayerController hasMediaSelectionOptions]):
243         (+[WebAVPlayerController keyPathsForValuesAffectingHasMediaSelectionOptions]):
244         (-[WebAVPlayerController hasAudioMediaSelectionOptions]):
245         (+[WebAVPlayerController keyPathsForValuesAffectingHasAudioMediaSelectionOptions]):
246         (-[WebAVPlayerController hasLegibleMediaSelectionOptions]):
247         (+[WebAVPlayerController keyPathsForValuesAffectingHasLegibleMediaSelectionOptions]):
248         (-[WebAVPlayerController currentAudioMediaSelectionOption]):
249         (-[WebAVPlayerController setCurrentAudioMediaSelectionOption:]):
250         (-[WebAVPlayerController currentLegibleMediaSelectionOption]):
251         (-[WebAVPlayerController setCurrentLegibleMediaSelectionOption:]):
252         (-[WebAVPlayerController isPlayingOnExternalScreen]):
253         (+[WebAVPlayerController keyPathsForValuesAffectingPlayingOnExternalScreen]):
254         (-[WebAVPlayerController isPictureInPictureInterrupted]):
255         (-[WebAVPlayerController setPictureInPictureInterrupted:]):
256         * platform/ios/WebPlaybackSessionInterfaceAVKit.h: Added.
257         (WebCore::WebPlaybackSessionInterfaceAVKitClient::~WebPlaybackSessionInterfaceAVKitClient):
258         * platform/ios/WebPlaybackSessionInterfaceAVKit.mm: Added.
259         (WebCore::WebPlaybackSessionInterfaceAVKit::WebPlaybackSessionInterfaceAVKit):
260         (WebCore::WebPlaybackSessionInterfaceAVKit::~WebPlaybackSessionInterfaceAVKit):
261         (WebCore::WebPlaybackSessionInterfaceAVKit::resetMediaState):
262         (WebCore::WebPlaybackSessionInterfaceAVKit::setWebPlaybackSessionModel):
263         (WebCore::WebPlaybackSessionInterfaceAVKit::setDuration):
264         (WebCore::WebPlaybackSessionInterfaceAVKit::setCurrentTime):
265         (WebCore::WebPlaybackSessionInterfaceAVKit::setBufferedTime):
266         (WebCore::WebPlaybackSessionInterfaceAVKit::setRate):
267         (WebCore::WebPlaybackSessionInterfaceAVKit::setSeekableRanges):
268         (WebCore::WebPlaybackSessionInterfaceAVKit::setCanPlayFastReverse):
269         (WebCore::mediaSelectionOptions):
270         (WebCore::WebPlaybackSessionInterfaceAVKit::setAudioMediaSelectionOptions):
271         (WebCore::WebPlaybackSessionInterfaceAVKit::setLegibleMediaSelectionOptions):
272         (WebCore::WebPlaybackSessionInterfaceAVKit::setExternalPlayback):
273         (WebCore::WebPlaybackSessionInterfaceAVKit::setWirelessVideoPlaybackDisabled):
274         (WebCore::WebPlaybackSessionInterfaceAVKit::wirelessVideoPlaybackDisabled):
275         (WebCore::WebPlaybackSessionInterfaceAVKit::invalidate):
276         * platform/ios/WebVideoFullscreenControllerAVKit.mm:
277         (WebVideoFullscreenControllerContext::setUpFullscreen):
278         * platform/ios/WebVideoFullscreenInterfaceAVKit.h:
279         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
280         (-[WebAVPlayerViewControllerDelegate fullscreenInterface]):
281         (-[WebAVPlayerViewControllerDelegate setFullscreenInterface:]):
282         (-[WebAVPlayerLayer fullscreenInterface]):
283         (-[WebAVPlayerLayer setFullscreenInterface:]):
284         (-[WebAVPlayerLayer layoutSublayers]):
285         (-[WebAVPlayerLayer resolveBounds]):
286         (-[WebAVPlayerLayer setVideoGravity:]):
287         (WebVideoFullscreenInterfaceAVKit::create):
288         (WebVideoFullscreenInterfaceAVKit::WebVideoFullscreenInterfaceAVKit):
289         (WebVideoFullscreenInterfaceAVKit::~WebVideoFullscreenInterfaceAVKit):
290         (WebVideoFullscreenInterfaceAVKit::playerController):
291         (WebVideoFullscreenInterfaceAVKit::resetMediaState):
292         (WebVideoFullscreenInterfaceAVKit::setDuration):
293         (WebVideoFullscreenInterfaceAVKit::setCurrentTime):
294         (WebVideoFullscreenInterfaceAVKit::setBufferedTime):
295         (WebVideoFullscreenInterfaceAVKit::setRate):
296         (WebVideoFullscreenInterfaceAVKit::setVideoDimensions):
297         (WebVideoFullscreenInterfaceAVKit::setSeekableRanges):
298         (WebVideoFullscreenInterfaceAVKit::setCanPlayFastReverse):
299         (WebVideoFullscreenInterfaceAVKit::setAudioMediaSelectionOptions):
300         (WebVideoFullscreenInterfaceAVKit::setLegibleMediaSelectionOptions):
301         (WebVideoFullscreenInterfaceAVKit::setExternalPlayback):
302         (WebVideoFullscreenInterfaceAVKit::externalPlaybackEnabledChanged):
303         (WebVideoFullscreenInterfaceAVKit::setWirelessVideoPlaybackDisabled):
304         (WebVideoFullscreenInterfaceAVKit::wirelessVideoPlaybackDisabled):
305         (WebVideoFullscreenInterfaceAVKit::setupFullscreen):
306         (WebVideoFullscreenInterfaceAVKit::cleanupFullscreen):
307         (WebVideoFullscreenInterfaceAVKit::mayAutomaticallyShowVideoPictureInPicture):
308         (-[WebAVPlayerViewControllerDelegate playerViewControllerWillStartPictureInPicture:]): Deleted.
309         (-[WebAVPlayerViewControllerDelegate playerViewControllerDidStartPictureInPicture:]): Deleted.
310         (-[WebAVPlayerViewControllerDelegate playerViewControllerFailedToStartPictureInPicture:withError:]): Deleted.
311         (-[WebAVPlayerViewControllerDelegate playerViewControllerWillStopPictureInPicture:]): Deleted.
312         (-[WebAVPlayerViewControllerDelegate playerViewControllerDidStopPictureInPicture:]): Deleted.
313         (convertToExitFullScreenReason): Deleted.
314         (-[WebAVPlayerViewControllerDelegate playerViewController:shouldExitFullScreenWithReason:]): Deleted.
315         (-[WebAVPlayerViewControllerDelegate playerViewController:restoreUserInterfaceForPictureInPictureStopWithCompletionHandler:]): Deleted.
316         (-[WebAVPlayerLayer init]): Deleted.
317         (-[WebAVPlayerLayer dealloc]): Deleted.
318         (-[WebAVPlayerLayer videoGravity]): Deleted.
319         (-[WebAVPlayerLayer videoRect]): Deleted.
320         (+[WebAVPlayerLayer keyPathsForValuesAffectingVideoRect]): Deleted.
321         (WebAVPictureInPicturePlayerLayerView_layerClass): Deleted.
322         (getWebAVPictureInPicturePlayerLayerViewClass): Deleted.
323         (WebAVPlayerLayerView_layerClass): Deleted.
324         (WebAVPlayerLayerView_playerController): Deleted.
325         (WebAVPlayerLayerView_setPlayerController): Deleted.
326         (WebAVPlayerLayerView_videoView): Deleted.
327         (WebAVPlayerLayerView_setVideoView): Deleted.
328         (WebAVPlayerLayerView_startRoutingVideoToPictureInPicturePlayerLayerView): Deleted.
329         (WebAVPlayerLayerView_stopRoutingVideoToPictureInPicturePlayerLayerView): Deleted.
330         (WebAVPlayerLayerView_pictureInPicturePlayerLayerView): Deleted.
331         (WebAVPlayerLayerView_dealloc): Deleted.
332         (getWebAVPlayerLayerViewClass): Deleted.
333         (WebVideoFullscreenInterfaceAVKit::setWebVideoFullscreenModel): Deleted.
334         (WebVideoFullscreenInterfaceAVKit::setWebVideoFullscreenChangeObserver): Deleted.
335         (WebVideoFullscreenInterfaceAVKit::applicationDidBecomeActive): Deleted.
336         (WebVideoFullscreenInterfaceAVKit::enterFullscreen): Deleted.
337         (WebVideoFullscreenInterfaceAVKit::enterFullscreenStandard): Deleted.
338         (WebVideoFullscreenInterfaceAVKit::exitFullscreen): Deleted.
339         (WebVideoFullscreenInterfaceAVKit::didStartPictureInPicture): Deleted.
340         (WebVideoFullscreenInterfaceAVKit::failedToStartPictureInPicture): Deleted.
341         (WebVideoFullscreenInterfaceAVKit::willStopPictureInPicture): Deleted.
342         (WebVideoFullscreenInterfaceAVKit::didStopPictureInPicture): Deleted.
343         (WebVideoFullscreenInterfaceAVKit::prepareForPictureInPictureStopWithCompletionHandler): Deleted.
344         (WebVideoFullscreenInterfaceAVKit::shouldExitFullscreenWithReason): Deleted.
345         (WebVideoFullscreenInterfaceAVKit::watchdogTimerFired): Deleted.
346         (WebVideoFullscreenInterfaceAVKit::setMode): Deleted.
347         (WebVideoFullscreenInterfaceAVKit::clearMode): Deleted.
348         (WebCore::supportsPictureInPicture): Deleted.
349         * platform/mac/WebPlaybackSessionInterfaceMac.h: Added.
350         * platform/mac/WebPlaybackSessionInterfaceMac.mm: Copied from Source/WebCore/platform/mac/WebVideoFullscreenInterfaceMac.mm.
351         (-[WebAVMediaSelectionOptionMac localizedDisplayName]):
352         (-[WebAVMediaSelectionOptionMac setLocalizedDisplayName:]):
353         (-[WebPlaybackControlsManager initWithWebPlaybackSessionInterfaceMac:]):
354         (-[WebPlaybackControlsManager timing]):
355         (-[WebPlaybackControlsManager setTiming:]):
356         (-[WebPlaybackControlsManager seekableTimeRanges]):
357         (-[WebPlaybackControlsManager setSeekableTimeRanges:]):
358         (-[WebPlaybackControlsManager isSeeking]):
359         (-[WebPlaybackControlsManager seekToTime:toleranceBefore:toleranceAfter:]):
360         (-[WebPlaybackControlsManager audioMediaSelectionOptions]):
361         (-[WebPlaybackControlsManager setAudioMediaSelectionOptions:]):
362         (-[WebPlaybackControlsManager currentAudioMediaSelectionOption]):
363         (-[WebPlaybackControlsManager setCurrentAudioMediaSelectionOption:]):
364         (-[WebPlaybackControlsManager legibleMediaSelectionOptions]):
365         (-[WebPlaybackControlsManager setLegibleMediaSelectionOptions:]):
366         (-[WebPlaybackControlsManager currentLegibleMediaSelectionOption]):
367         (-[WebPlaybackControlsManager setCurrentLegibleMediaSelectionOption:]):
368         (-[WebPlaybackControlsManager cancelThumbnailAndAudioAmplitudeSampleGeneration]):
369         (WebCore::WebPlaybackSessionInterfaceMac::~WebPlaybackSessionInterfaceMac):
370         (WebCore::WebPlaybackSessionInterfaceMac::setWebPlaybackSessionModel):
371         (WebCore::WebPlaybackSessionInterfaceMac::setDuration):
372         (WebCore::WebPlaybackSessionInterfaceMac::setCurrentTime):
373         (WebCore::WebPlaybackSessionInterfaceMac::setRate):
374         (WebCore::WebPlaybackSessionInterfaceMac::setSeekableRanges):
375         (WebCore::mediaSelectionOptions):
376         (WebCore::WebPlaybackSessionInterfaceMac::setAudioMediaSelectionOptions):
377         (WebCore::WebPlaybackSessionInterfaceMac::setLegibleMediaSelectionOptions):
378         (WebCore::WebPlaybackSessionInterfaceMac::invalidate):
379         (WebCore::WebPlaybackSessionInterfaceMac::ensureControlsManager):
380         (WebCore::WebPlaybackSessionInterfaceMac::playBackControlsManager):
381         * platform/mac/WebVideoFullscreenInterfaceMac.h:
382         * platform/mac/WebVideoFullscreenInterfaceMac.mm:
383         (WebCore::WebVideoFullscreenInterfaceMac::WebVideoFullscreenInterfaceMac):
384         (WebCore::WebVideoFullscreenInterfaceMac::setWebVideoFullscreenModel):
385         (WebCore::WebVideoFullscreenInterfaceMac::setDuration):
386         (WebCore::WebVideoFullscreenInterfaceMac::setCurrentTime):
387         (WebCore::WebVideoFullscreenInterfaceMac::setRate):
388         (WebCore::WebVideoFullscreenInterfaceMac::setSeekableRanges):
389         (WebCore::WebVideoFullscreenInterfaceMac::setAudioMediaSelectionOptions):
390         (WebCore::WebVideoFullscreenInterfaceMac::setLegibleMediaSelectionOptions):
391         (WebCore::WebVideoFullscreenInterfaceMac::ensureControlsManager):
392         (WebCore::WebVideoFullscreenInterfaceMac::~WebVideoFullscreenInterfaceMac): Deleted.
393         (WebCore::WebVideoFullscreenInterfaceMac::setWebVideoFullscreenChangeObserver): Deleted.
394         (WebCore::WebVideoFullscreenInterfaceMac::setMode): Deleted.
395         (WebCore::WebVideoFullscreenInterfaceMac::clearMode): Deleted.
396         (WebCore::WebVideoFullscreenInterfaceMac::setupFullscreen): Deleted.
397         (WebCore::WebVideoFullscreenInterfaceMac::enterFullscreen): Deleted.
398         (WebCore::WebVideoFullscreenInterfaceMac::exitFullscreen): Deleted.
399         (WebCore::WebVideoFullscreenInterfaceMac::exitFullscreenWithoutAnimationToMode): Deleted.
400         (WebCore::WebVideoFullscreenInterfaceMac::cleanupFullscreen): Deleted.
401         (WebCore::WebVideoFullscreenInterfaceMac::invalidate): Deleted.
402         (WebCore::WebVideoFullscreenInterfaceMac::preparedToReturnToInline): Deleted.
403         (WebCore::WebVideoFullscreenInterfaceMac::setVideoDimensions): Deleted.
404         (WebCore::supportsPictureInPicture): Deleted.
405
406 2016-04-15  Chris Dumez  <cdumez@apple.com>
407
408         [COCOA] Do not unnecessarily initialize ResourceResponse::m_httpVersion as part of common fields
409         https://bugs.webkit.org/show_bug.cgi?id=156606
410
411         Reviewed by Darin Adler.
412
413         Do not unnecessarily initialize ResourceResponse::m_httpVersion as part of common fields.
414
415         We previously initialized m_httpVersion when calling platformLazyInit(CommonFieldsOnly),
416         even though this is not a common field. The corresponding getter/setter in
417         HTTPResponseBase call lazyInit(AllFields).
418
419         * platform/network/cf/ResourceResponseCFNet.cpp:
420         (WebCore::ResourceResponse::platformLazyInit):
421         * platform/network/cocoa/ResourceResponseCocoa.mm:
422         (WebCore::ResourceResponse::platformLazyInit):
423
424 2016-04-15  John Wilander  <wilander@apple.com>
425
426         Refactor WebSockets handshake to use StringView instead of String for header validation.
427         https://bugs.webkit.org/show_bug.cgi?id=155602
428
429         Reviewed by Darin Adler.
430
431         No new tests. Existing test have been augmented.
432
433         * Modules/websockets/WebSocketHandshake.cpp:
434         (WebCore::WebSocketHandshake::readServerHandshake):
435             Made sure failure reason was set consistently with makeString().
436         (WebCore::headerHasValidHTTPVersion):
437             Now operates on the HTTP status line with StringView.
438         (WebCore::WebSocketHandshake::readStatusLine):
439             Now operates on the HTTP status line with StringView.
440         (WebCore::WebSocketHandshake::readHTTPHeaders):
441             Now operates on header names with StringView.
442             Made sure failure reason was set consistently with makeString() and ASCIILiteral().
443         (WebCore::WebSocketHandshake::checkResponseHeaders):
444             Made sure failure reason was set consistently with ASCIILiteral().
445         * platform/network/HTTPParsers.cpp:
446         (WebCore::parseHTTPRequestLine):
447             Made sure failure reason was set consistently with ASCIILiteral().
448         (WebCore::isValidHeaderNameCharacter):
449             Inlined function to check if a character is allowed in an HTTP header name according to RFC 7230.
450             https://tools.ietf.org/html/rfc7230 (June 2014)
451         (WebCore::parseHTTPHeader):
452         * platform/network/HTTPParsers.h:
453             Now receives the HTTP header name as a StringView.
454             Checks that header names only contain valid characters according to RFC 7230 (see above).
455         * platform/network/ResourceRequestBase.cpp:
456         (WebCore::ResourceRequestBase::addHTTPHeaderField):
457         * platform/network/ResourceRequestBase.h:
458              Now has an overloaded function which receives the HTTP header name as an HTTPHeaderName enum value.
459         * platform/network/ResourceResponseBase.cpp:
460         (WebCore::ResourceResponseBase::addHTTPHeaderField):
461         * platform/network/ResourceResponseBase.h:
462              Now has an overloaded function which receives the HTTP header name as an HTTPHeaderName enum value.
463
464 2016-04-15  Joanmarie Diggs  <jdiggs@igalia.com>
465
466         AX: Presentational role on SVG elements is trumped by child 'title' and 'desc' elements
467         https://bugs.webkit.org/show_bug.cgi?id=156519
468
469         Reviewed by Chris Fleizach.
470
471         Override the presentational role on SVG elements which have a child 'title' or 'desc'
472         element. As a result of this change, AccessibilitySVGRoot objects would be exposed
473         with an AccessibilityRole of UnknownRole. Therefore map included AccessibilitySVGRoot
474         objects to GroupRole as per the SVG Accessibility API Mapping specification.
475
476         Also use indexOfBestMatchingLanguageInList() to identify which child 'title' or 'desc'
477         element is the best match for the parent element.
478
479         New Test: accessibility/w3c-svg-content-language-attribute.html
480
481         Also: Update w3c-svg-presentational-role.html expectations because there are test cases
482         in which elements are now being included in the accessibility tree as a result of this
483         change. Also add new test cases which lack child 'title' and 'desc' elements.
484
485         * accessibility/AccessibilityNodeObject.h:
486         * accessibility/AccessibilitySVGElement.cpp:
487         (WebCore::AccessibilitySVGElement::childElementWithMatchingLanguage):
488         (WebCore::AccessibilitySVGElement::accessibilityDescription):
489         (WebCore::AccessibilitySVGElement::helpText):
490         (WebCore::AccessibilitySVGElement::computeAccessibilityIsIgnored):
491         (WebCore::AccessibilitySVGElement::determineAriaRoleAttribute):
492         * accessibility/AccessibilitySVGElement.h:
493         * accessibility/AccessibilitySVGRoot.h:
494
495 2016-04-15  Chris Dumez  <cdumez@apple.com>
496
497         Rename [GlobalContext] extended attribute to [Exposed] and align with WebIDL
498         https://bugs.webkit.org/show_bug.cgi?id=156615
499
500         Reviewed by Youenn Fablet.
501
502         Rename [GlobalContext] extended attribute to [Exposed] and align with WebIDL:
503         - http://heycam.github.io/webidl/#Exposed
504
505         * bindings/scripts/IDLAttributes.txt:
506         Stop recognizing [GlobalContext] and start recognizing [Exposed].
507
508         * bindings/scripts/IDLParser.pm:
509         (parseIdentifierList):
510         (parseExtendedAttributeRest2):
511         Add IDL parser support for having a list of identifiers as value
512         for an IDL extended attribute, e.g. Exposed=(Window, Worker).
513
514         * bindings/scripts/preprocess-idls.pl:
515         Tweak existing support for [GlobalContext] to use [Exposed] instead
516         and support the new syntax.
517
518         (getInterfaceExtendedAttributesFromIDL):
519         Do not split on commas that are within brackets.
520
521         * Modules/fetch/FetchBody.idl:
522         * Modules/fetch/FetchHeaders.idl:
523         * Modules/fetch/FetchRequest.idl:
524         * Modules/fetch/FetchResponse.idl:
525         * Modules/streams/ByteLengthQueuingStrategy.idl:
526         * Modules/streams/CountQueuingStrategy.idl:
527         * Modules/streams/ReadableStream.idl:
528         * Modules/streams/ReadableStreamController.idl:
529         * Modules/streams/ReadableStreamReader.idl:
530         * Modules/websockets/WebSocket.idl:
531         * dom/MessageChannel.idl:
532         * dom/MessageEvent.idl:
533         * fileapi/Blob.idl:
534         * fileapi/FileReader.idl:
535         * fileapi/FileReaderSync.idl:
536         * html/DOMURL.idl:
537         * html/ImageData.idl:
538         * page/EventSource.idl:
539         * workers/DedicatedWorkerGlobalScope.idl:
540         * workers/WorkerGlobalScope.idl:
541         * workers/WorkerLocation.idl:
542         * xml/XMLHttpRequest.idl:
543         * xml/XMLHttpRequestEventTarget.idl:
544         Use [Exposed] instead of [GlobalContext] to match their respective
545         specifications.
546
547 2016-04-15  Carlos Garcia Campos  <cgarcia@igalia.com>
548
549         Selection.deleteFromDocument should not leave a selection character
550         https://bugs.webkit.org/show_bug.cgi?id=151442
551
552         Reviewed by Michael Catanzaro.
553
554         This is a merge of Blink r172511:
555         https://codereview.chromium.org/255453003
556
557         Let Selection.deleteFromDocument not delete a character when the
558         selection is a caret.
559
560         Selection.deleteFromDocument delete a character when the selection
561         is a caret.
562         However, current standard says that Selection.deleteFromDocument
563         does nothing when the selection is a caret:
564         https://dvcs.w3.org/hg/editing/raw-file/tip/editing.html#dom-selection-deletefromdocument
565         Both IE10 and FireFox seem following the spec.
566
567         Test: imported/blink/editing/selection/deleteFromDocument-undo-crash.html
568
569         * page/DOMSelection.cpp:
570         (WebCore::DOMSelection::deleteFromDocument): Deleted.
571
572 2016-04-15  Antti Koivisto  <antti@apple.com>
573
574         Fix return value nullptr -> false.
575
576         * style/StyleSharingResolver.cpp:
577         (WebCore::Style::SharingResolver::canShareStyleWithElement):
578
579 2016-04-14  Antti Koivisto  <antti@apple.com>
580
581         AffectsNextSibling style relation marking is inefficient
582         https://bugs.webkit.org/show_bug.cgi?id=156593
583
584         Reviewed by Benjamin Poulain.
585
586         We currently add a Style::Relation entry for each sibling to mark. With long sibling lists this can be inefficient
587         in terms of both memory and speed. Instead make a single entry that includes the sibling count to mark.
588
589         * css/SelectorChecker.cpp:
590         (WebCore::addStyleRelation):
591
592             When adding AffectsNextSibling entry check if the last entry in the style relation vector has the
593             same type and is part of the same sibling chain. If so just update the existing entry.
594
595         * cssjit/SelectorCompiler.cpp:
596         (WebCore::SelectorCompiler::SelectorCodeGenerator::generateAddStyleRelation):
597
598             The same thing in hand-crafted macro assembler.
599
600         * cssjit/SelectorCompiler.h:
601
602             Stop lying about the constness of the CheckingContext.
603
604         * style/StyleRelations.cpp:
605         (WebCore::Style::commitRelations):
606
607             Mark as many sibling elements as the value indicates.
608
609         * style/StyleRelations.h:
610         (WebCore::Style::Relation::Relation):
611
612             Make element a pointer so we can udpate it.
613
614 2016-04-15  Brady Eidson  <beidson@apple.com>
615
616         Add the message property to DOMError.
617         https://bugs.webkit.org/show_bug.cgi?id=139173
618
619         Reviewed by Alex Christensen.
620
621         No new tests (Updated existing tests).
622         
623         Adding this property brings us up to date with other browsers, and will help
624         test the few web features that still use DOMError.
625
626         * Modules/indexeddb/IDBOpenDBRequest.cpp:
627         (WebCore::IDBOpenDBRequest::onError):
628         (WebCore::IDBOpenDBRequest::fireErrorAfterVersionChangeCompletion):
629
630         * Modules/indexeddb/IDBRequest.cpp:
631         (WebCore::IDBRequest::uncaughtExceptionInEventHandler):
632         (WebCore::IDBRequest::onError):
633
634         * Modules/indexeddb/IDBTransaction.cpp:
635         (WebCore::IDBTransaction::didCreateIndexOnServer):
636
637         * Modules/mediastream/NavigatorUserMediaError.h:
638         (WebCore::NavigatorUserMediaError::NavigatorUserMediaError):
639
640         * dom/DOMError.cpp:
641         (WebCore::DOMError::DOMError):
642
643         * dom/DOMError.h:
644         (WebCore::DOMError::create):
645         (WebCore::DOMError::message):
646         * dom/DOMError.idl:
647
648 2016-04-14  Brent Fulgham  <bfulgham@apple.com>
649
650         Make <a download> a runtime enabled option
651         https://bugs.webkit.org/show_bug.cgi?id=156583
652         <rdar://problem/25733449>
653
654         Reviewed by Alex Christensen.
655
656         Mark the download attribute interface as EnabledAtRuntime=DownloadAttribute.
657         Add DownloadAttribute runtime flag getter and setter.
658
659         * bindings/generic/RuntimeEnabledFeatures.h:
660         (WebCore::RuntimeEnabledFeatures::fetchAPIEnabled):
661         (WebCore::RuntimeEnabledFeatures::setDownloadAttributeEnabled):
662         (WebCore::RuntimeEnabledFeatures::downloadAttributeEnabled):
663         * html/HTMLAnchorElement.cpp:
664         (WebCore::HTMLAnchorElement::handleClick):
665         * html/HTMLAnchorElement.idl:
666
667 2016-04-14  David Kilzer  <ddkilzer@apple.com>
668
669         REGRESSION (r158956): Remove vestigial range code in FileReaderLoader class after removing ENABLE(STREAM)
670         <http://webkit.org/b/156609>
671
672         Reviewed by Brent Fulgham.
673
674         This code was left behind when ENABLE(STREAM) was removed in
675         November 2013.
676
677         * fileapi/FileReaderLoader.cpp:
678         (WebCore::FileReaderLoader::FileReaderLoader): Remove
679         initializers.
680         (WebCore::FileReaderLoader::start): Remove code that uses
681         m_hasRange, which is always false.
682         (WebCore::FileReaderLoader::didReceiveResponse): Ditto.
683         * fileapi/FileReaderLoader.h:
684         (WebCore::FileReaderLoader): Remove unused instance variables.
685
686 2016-04-14  Alex Christensen  <achristensen@webkit.org>
687
688         Build fix after r199549.
689         https://bugs.webkit.org/show_bug.cgi?id=156580
690
691         * CMakeLists.txt:
692         * PlatformEfl.cmake:
693         * PlatformGTK.cmake:
694         * PlatformWin.cmake:
695         KillRingNone.cpp is indeed platform-specific. KillRingMac.mm is used instead only on Mac.
696
697 2016-04-14  Dean Jackson  <dino@apple.com>
698
699         CrashTracer: com.apple.WebKit.WebContent at com.apple.WebCore: WebCore::CachedResource::addClientToSet + 27
700         https://bugs.webkit.org/show_bug.cgi?id=156602
701         <rdar://problem/18921091>
702
703         Reviewed by Simon Fraser.
704
705         The CSS property list-style-image is inherited, so a transition on a parent
706         might cause a transition on a child. On that child, the value might be between
707         two generated crossfade images which haven't yet resolved, causing a crash.
708
709         Test: transitions/crossfade-transition.html
710
711         * css/CSSCrossfadeValue.cpp:
712         (WebCore::CSSCrossfadeValue::blend): Return null if there are no cached images.
713         * page/animation/CSSPropertyAnimation.cpp:
714         (WebCore::blendFunc): If we don't have an actual image to blend between, fall
715         out to the default case.
716
717 2016-04-14  Antonio Gomes  <tonikitoo@webkit.org>
718
719         Allow listbox content and scrollbar to intrude padding area.
720         https://bugs.webkit.org/show_bug.cgi?id=128489
721
722         Reviewed by Myles C. Maxfield.
723
724         Originally when the RenderListBox::controlClipRect method was implemented (see [1]), it used
725         to allow its content (<option>'s) to intrude padding to get rendered. Overlay scrollbars were also
726         allowed to paint over the padding area, if necessary.
727
728         [2] changed this behavior to restrict list-box'es content within the content box rect (excluding padding and border).
729
730         This had two consequences:
731         1) it made WebKit disallow list-box' content to intrude the padding area, diverging from other vendors.
732         like Firefox and Chrome.
733         2) Since overlay scrollbar might get painted over the padding area, if any, [2] could result
734         in the scrollbar being clipped out if padding-right is set (or padding-left in case of RTL content).
735
736         Patch changed WebKit back so that it allows list-box' content and overlay scrollbars to intrude the
737         padding area, matching other browsers vendors
738
739         [1] https://trac.webkit.org/changeset/18819/trunk/WebCore/rendering/RenderListBox.cpp
740         [2] https://trac.webkit.org/changeset/19037/trunk/WebCore/rendering/RenderListBox.cpp
741
742         Tests: fast/forms/listbox-selection-3.html
743                fast/forms/listbox-padding-clip-selected.html
744                fast/forms/listbox-padding-clip-expected-mismatch.html (renamed from listbox-padding-clip-overlay-expected.html)
745                fast/forms/listbox-padding-clip-overlay-expected-mismatch.html (renamed from listbox-padding-clip-expected.html)
746
747         * rendering/RenderListBox.cpp:
748         (WebCore::RenderListBox::numVisibleItems): changed to allow list-box items to get rendered on the padding-bottom area.
749         This matches Firefox and Chrome.
750         (WebCore::RenderListBox::listIndexAtOffset): relax the check for a given list-box item at a specific offset in the vertical axis.
751         This means if an list-box item has its content painted into the padding-bottom area, it will be actionable by mouse clicking.
752         This matches Firefox and Chrome.
753         (WebCore::RenderListBox::controlClipRect): clips list-box content against the padding box rect rather than the content box rect,
754         to allow its list-box items' content intrude the padding area.
755         This matches Firefox and Chrome.
756
757 2016-04-14  Antti Koivisto  <antti@apple.com>
758
759         Collapsed border cache invalidation can lead to O(n^2) during style resolve
760         https://bugs.webkit.org/show_bug.cgi?id=156570
761
762         Reviewed by Darin Adler.
763
764         RenderTable::invalidateCollapsedBorders traverses all cells. It is called when table cell border changes.
765         This can result in O(n^2) during style resolve.
766
767         * rendering/RenderTable.cpp:
768         (WebCore::RenderTable::layout):
769         (WebCore::RenderTable::invalidateCollapsedBorders):
770
771             For cell border style change invalidate the hasEmptyCollapsedBorder bits only for the neighbouring cells.
772             They are the only ones that can be affected.
773
774         * rendering/RenderTable.h:
775         (WebCore::RenderTable::collapsedBordersAreValid):
776         (WebCore::RenderTable::collapsedEmptyBorderIsPresent):
777         (WebCore::RenderTable::currentBorderValue):
778         * rendering/RenderTableCell.cpp:
779         (WebCore::RenderTableCell::styleDidChange):
780
781 2016-04-14  Manuel Rego Casasnovas  <rego@igalia.com>
782
783         [css-grid] Implement CSSGridTemplateAreasValue::equals
784         https://bugs.webkit.org/show_bug.cgi?id=156578
785
786         Reviewed by Darin Adler.
787
788         This was causing an infinite loop setting grid-template-areas
789         from JavaScript.
790
791         The reason was that CSSGridTemplateAreasValue needs
792         an specific implementation of equals() method.
793
794         Test: fast/css-grid-layout/grid-template-areas-infinite-loop.html
795
796         * css/CSSGridTemplateAreasValue.cpp:
797         (WebCore::CSSGridTemplateAreasValue::equals):
798         * css/CSSGridTemplateAreasValue.h:
799
800 2016-04-14  Brent Fulgham  <bfulgham@apple.com>
801
802         [CMake] Clean up CMake files
803         https://bugs.webkit.org/show_bug.cgi?id=156580
804
805         Reviewed by Alex Christensen.
806
807         Revise the various CMake input files to reduce the amount of duplicated file references in
808         the various ports.
809
810         * CMakeLists.txt:
811         * PlatformAppleWin.cmake:
812         * PlatformEfl.cmake:
813         * PlatformGTK.cmake:
814         * PlatformWin.cmake:
815         * PlatformWinCairo.cmake:
816
817 2016-04-14  Frederic Wang  <fred.wang@free.fr>
818
819         RenderMathMLOperator: Add helper function to retrieve italic correction
820         https://bugs.webkit.org/show_bug.cgi?id=156572
821
822         Reviewed by Darin Adler.
823
824         No new tests, the helper function will only be used in bug 153918.
825
826         * rendering/mathml/RenderMathMLOperator.cpp:
827         (WebCore::RenderMathMLOperator::italicCorrection): Return the italic correction from the MATH table if it's a large operator.
828         * rendering/mathml/RenderMathMLOperator.h: Declare italicCorrection.
829
830 2016-04-14  Frederic Wang  <fwang@igalia.com>
831
832         RenderMathMLOperator: Move glyph measuring helper functions outside the class
833         https://bugs.webkit.org/show_bug.cgi?id=156571
834
835         Reviewed by Darin Adler.
836
837         No new tests, this is just a simple refactoring to prepare the patch
838         for bug 156542, without any behavior change.
839
840         * rendering/mathml/RenderMathMLOperator.cpp: MATHML_OPDICT_SIZE was removed in bug 152242, so no need to undef it.
841         (WebCore::boundsForGlyph): Static inline helper function moved from the RenderMathMLOperator class.
842         (WebCore::heightForGlyph): Ditto.
843         (WebCore::advanceWidthForGlyph): Ditto and renamed.
844         (WebCore::RenderMathMLOperator::computePreferredLogicalWidths): Rename advanceForGlyph.
845         (WebCore::RenderMathMLOperator::findStretchyData): Ditto.
846         (WebCore::RenderMathMLOperator::updateStyle): Ditto.
847         (WebCore::RenderMathMLOperator::paintGlyph): Ditto.
848         (WebCore::RenderMathMLOperator::paint): Ditto.
849         (WebCore::RenderMathMLOperator::trailingSpaceError): Ditto.
850         (WebCore::RenderMathMLOperator::setOperatorProperties): Deleted.
851         (WebCore::RenderMathMLOperator::boundsForGlyph): Deleted.
852         (WebCore::RenderMathMLOperator::heightForGlyph): Deleted.
853         (WebCore::RenderMathMLOperator::advanceForGlyph): Deleted.
854         * rendering/mathml/RenderMathMLOperator.h:
855
856 2016-04-14  Frederic Wang  <fred.wang@free.fr>
857
858         Set some RenderMathMLOperator members as final
859         https://bugs.webkit.org/show_bug.cgi?id=156574
860
861         Reviewed by Darin Adler.
862
863         No new tests, this is only a simple refactoring without behavior change.
864
865         * rendering/mathml/RenderMathMLOperator.h: Replace "override" with "final" for some members.
866
867 2016-04-14  Frederic Wang  <fwang@igalia.com>
868
869         Ensure that RenderMathMLOperator::stretchTo functions are called with stretchy operators that have the correct direction
870         https://bugs.webkit.org/show_bug.cgi?id=156542
871
872         Reviewed by Darin Adler.
873
874         In the RenderMathMLUnderOver refactoring (r199293), we avoided doing a
875         horizontal stretchTo call for non-stretchy operators. Here we do the
876         same for RenderMathMLRow and avoid doing a vertical stretchTo call for
877         horizontal or non-stretchy operators. We also add appropriate ASSERT in
878         the RenderMathMLOperator::stretchTo functions. To avoid failing tests
879         with DOM/style update, we make our updates a bit stricter. Hopefully,
880         we could manage such things better in the future (bug 156536).
881
882         Tests: mathml/presentation/row-nonstretchy-or-horizontal.html
883                mathml/presentation/underover-nonstretchy-or-vertical.html
884
885         * mathml/MathMLTextElement.cpp:
886         (WebCore::MathMLTextElement::parseAttribute): Replace setOperatorFlagAndScheduleLayoutIfNeeded with a stronger rendering update.
887         Also ensure that this is done when the lspace/rspace attributes change.
888         This avoids breaking mathml/presentation/mo-lspace-rspace-dynamic.html
889         * rendering/mathml/RenderMathMLOperator.cpp:
890         (WebCore::RenderMathMLOperator::stretchTo): Add ASSERT to ensure that it is only called with stretchy operators that have the correct direction.
891         (WebCore::RenderMathMLOperator::styleDidChange): Do a stronger rendering update when the style changes.
892         This avoids breaking mathml/presentation/style-changed.html
893         (WebCore::RenderMathMLOperator::setOperatorFlagAndScheduleLayoutIfNeeded): Deleted.
894         * rendering/mathml/RenderMathMLOperator.h: Make updateFromElement public so that it can be called from MathMLTextElement::parseAttribute
895         Remove setOperatorFlagAndScheduleLayoutIfNeeded and declare styleDidChange.
896         * rendering/mathml/RenderMathMLRow.cpp:
897         (WebCore::RenderMathMLRow::layoutRowItems): Only call stretchTo for vertical stretchy operators.
898
899 2016-04-14  Anders Carlsson  <andersca@apple.com>
900
901         When FileInputType::setFiles is called with an empty file list, the last set icon is not cleared
902         https://bugs.webkit.org/show_bug.cgi?id=156582
903
904         Reviewed by Beth Dakin.
905
906         * html/FileInputType.cpp:
907         (WebCore::FileInputType::requestIcon):
908
909 2016-04-14  Darin Adler  <darin@apple.com>
910
911         Remove UsePointersEvenForNonNullableObjectArguments from Internals
912         https://bugs.webkit.org/show_bug.cgi?id=156539
913
914         Reviewed by Alex Christensen.
915
916         * html/HTMLImageElement.idl: Exported this so it can be used as the type for
917         a function argument in Internals.idl.
918         * html/HTMLInputElement.idl: Ditto.
919         * html/HTMLLinkElement.idl: Ditto.
920         * html/HTMLSelectElement.idl: Ditto.
921
922         * testing/Internals.cpp:
923         (WebCore::InspectorStubFrontend::InspectorStubFrontend): Take a Page&.
924         (WebCore::Internals::create): Take a Document&.
925         (WebCore::Internals::resetToConsistentState): Take a Page&.
926         (WebCore::Internals::Internals): Take a Document&.
927         (WebCore::Internals::settings): Use nullptr instead of 0.
928         (WebCore::Internals::address): Take a Node&.
929         (WebCore::Internals::nodeNeedsStyleRecalc): Take a Node& and no ExceptionCode&.
930         (WebCore::Internals::styleChangeType): Ditto.
931         (WebCore::Internals::xhrResponseSource): Take an XMLHttpRequest&.
932         (WebCore::Internals::isSharingStyleSheetContents): Take two
933         HTMLLinkElement&.
934         (WebCore::Internals::isStyleSheetLoadingSubresources): Take an HTMLLinkElement&.
935         (WebCore::Internals::imageFrameIndex): Take an HTMLImageElement& and no
936         ExceptionCode&. Also return an unsigned rather than size_t, since the IDL expects
937         unsigned long, which means unsigned in C++ code.
938         (WebCore::Internals::treeScopeRootNode): Take a Node& and no ExceptionCode&.
939         (WebCore::Internals::parentTreeScope): Ditto.
940         (WebCore::Internals::pauseAnimationAtTimeOnElement): Take an Element&.
941         (WebCore::Internals::pauseAnimationAtTimeOnPseudoElement): Ditto.
942         (WebCore::Internals::pauseTransitionAtTimeOnElement): Ditto.
943         (WebCore::Internals::pauseTransitionAtTimeOnPseudoElement): Ditto.
944         (WebCore::Internals::attached): Deleted.
945         (WebCore::Internals::elementRenderTreeAsText): Take an Element&.
946         (WebCore::Internals::hasPausedImageAnimations): Take an Element& and no
947         ExceptionCode&.
948         (WebCore::Internals::computedStyleIncludingVisitedInfo): Take a Node& and no
949         ExceptionCode&.
950         (WebCore::Internals::ensureShadowRoot): Take an Element&.
951         (WebCore::Internals::ensureUserAgentShadowRoot): Take an Element& and no
952         ExceptionCode&.
953         (WebCore::Internals::createShadowRoot): Take an Element&.
954         (WebCore::Internals::shadowRoot): Take an Element& and no ExceptionCode&.
955         (WebCore::Internals::shadowRootType): Take a Node&.
956         (WebCore::Internals::includerFor): Deleted.
957         (WebCore::Internals::shadowPseudoId): Take an Element& and no ExceptionCode&.
958         (WebCore::Internals::setShadowPseudoId): Ditto.
959         (WebCore::Internals::visiblePlaceholder): Take an Element&.
960         (WebCore::Internals::selectColorInColorChooser): Take an HTMLInputElement&.
961         (WebCore::Internals::boundingBox): Take an Element& and no ExceptionCode&.
962         (WebCore::Internals::markerCountForNode): Take a Node&.
963         (WebCore::Internals::markerAt): Ditto.
964         (WebCore::Internals::markerRangeForNode): Ditto.
965         (WebCore::Internals::markerDescriptionForNode): Ditto.
966         (WebCore::Internals::addTextMatchMarker): Take a const Range&.
967         (WebCore::Internals::setScrollViewPosition): Take int instead of long; long in
968         IDL means int in C++ code.
969         (WebCore::Internals::wasLastChangeUserEdit): Take an Element&.
970         (WebCore::Internals::elementShouldAutoComplete): Take an HTMLInputElement&.
971         (WebCore::Internals::setEditingValue): Take an HTMLInputElement& and no
972         ExceptionCode&.
973         (WebCore::Internals::setAutofilled): Ditto.
974         (WebCore::Internals::setShowAutoFillButton): Ditto.
975         (WebCore::Internals::scrollElementToRect): Take an Element& and int instead of long.
976         (WebCore::Internals::autofillFieldName): Take an Element&.
977         (WebCore::Internals::rangeFromLocationAndLength): Take an Element& and no ExceptionCode&.
978         (WebCore::Internals::locationFromRange): Ditto.
979         (WebCore::Internals::lengthFromRange): Take an Element& and const Range& and no
980         ExceptionCode&.
981         (WebCore::Internals::rangeAsText): Take const Range& an no ExceptionCode&.
982         (WebCore::Internals::subrange): Take Range& an no ExceptionCode&.
983         (WebCore::Internals::nodesFromRect): Take a Document&.
984         (WebCore::Internals::openDummyInspectorFrontend): Ditto.
985         (WebCore::Internals::layerTreeAsText): Take an Element&.
986         (WebCore::Internals::setElementUsesDisplayListDrawing): Ditto.
987         (WebCore::Internals::setElementTracksDisplayListReplay): Ditto.
988         (WebCore::Internals::displayListForElement): Ditto.
989         (WebCore::Internals::replayDisplayListForElement): Ditto.
990         (WebCore::Internals::counterValue): Ditto.
991         (WebCore::Internals::pageNumber): Ditto.
992         (WebCore::Internals::webkitWillEnterFullScreenForElement): Ditto.
993         (WebCore::Internals::webkitDidEnterFullScreenForElement): Ditto.
994         (WebCore::Internals::webkitWillExitFullScreenForElement): Ditto.
995         (WebCore::Internals::webkitDidExitFullScreenForElement): Ditto.
996         (WebCore::Internals::layerFlushCount): Return unsigned instead of unsigned long.
997         IDL unsigned long means unsigned in C++ code.
998         (WebCore::Internals::styleRecalcCount): Ditto.
999         (WebCore::Internals::compositingUpdateCount): Ditto.
1000         (WebCore::Internals::deserializeBuffer): Take an ArrayBuffer&.
1001         (WebCore::Internals::markerTextForListItem): Take an Element& and no ExceptionCode&.
1002         (WebCore::Internals::toolTipFromElement): Ditto.
1003         (WebCore::Internals::getImageSourceURL): Ditto.
1004         (WebCore::Internals::simulateAudioInterruption): Take an HTMLMediaElement&.
1005         (WebCore::Internals::mediaElementHasCharacteristic): Ditto.
1006         (WebCore::Internals::isSelectPopupVisible): Take an HTMLSelectElement&.
1007         (WebCore::Internals::closestTimeToTimeRanges): Take a TimeRange&.
1008         (WebCore::Internals::isPluginUnavailabilityIndicatorObscured): Take an Element&.
1009         (WebCore::Internals::isPluginSnapshotted): Take an Element& and no ExceptionCode&.
1010         (WebCore::Internals::bufferedSamplesForTrackID): Take a SourceBuffer&.
1011         (WebCore::Internals::setShouldGenerateTimestamps): Ditto.
1012         (WebCore::Internals::setMediaElementRestrictions): Take an HTMLMediaElement&.
1013         (WebCore::Internals::elementIsBlockingDisplaySleep): Take an HTMLMediaElement&.
1014         (WebCore::Internals::setAudioContextRestrictions): Take an AudioContext&.
1015         (WebCore::Internals::scrollSnapOffsets): Take an Element&.
1016         (WebCore::Internals::getCurrentMediaControlsStatusForElement): Take an HTMLMediaElement&.
1017         (WebCore::Internals::userVisibleString): Take a const DOMURL&.
1018         (WebCore::Internals::composedTreeAsText): Take a Node&.
1019
1020         * testing/Internals.h: Update for all the changes listed above.
1021
1022         * testing/Internals.idl: Removed UsePointersEvenForNonNullableObjectArguments. Removed
1023         many unneeded [RaisesException]. Used more specific types for many arguments. Removed
1024         unused, and unimplemented, attached and includedFor functions. Made the node argument to
1025         updateLayoutIgnorePendingStylesheetsAndRunPostLayoutTasks nullable as well as optional.
1026
1027         * testing/Internals.mm:
1028         (WebCore::Internals::userVisibleString): Take a const DOMURL&.
1029
1030         * testing/js/WebCoreTestSupport.cpp:
1031         (WebCoreTestSupport::injectInternalsObject): Pass a Document& rather than a Document*.
1032         (WebCoreTestSupport::resetInternalsObject): Pass a Page& rather than a Page*.
1033
1034 2016-04-14  Daniel Bates  <dabates@apple.com>
1035
1036         CSP: Ignore report-only policy delivered via meta element
1037         https://bugs.webkit.org/show_bug.cgi?id=156565
1038         <rdar://problem/25718167>
1039
1040         Reviewed by Brent Fulgham.
1041
1042         Only honor a report-only policy delivered via the HTTP header Content-Security-Policy-Report-Only
1043         or X-WebKit-CSP-Report-Only as per section Content-Security-Policy-Report-Only Header Field of 
1044         the Content Security Policy Level 2 spec., <https://w3c.github.io/webappsec-csp/2/> (Editor's Draft, 29 August 2015).
1045
1046         Currently we honor a report-only policy delivered via a meta element or an HTTP header. Instead
1047         we should only honor such a policy when delivered via an HTTP header.
1048
1049         Tests: http/tests/security/contentSecurityPolicy/1.1/reportonly-in-meta-ignored2.html
1050                http/tests/security/contentSecurityPolicy/eval-allowed-in-report-only-mode-and-sends-report.php
1051                http/tests/security/contentSecurityPolicy/eval-allowed-in-report-only-mode.php
1052                http/tests/security/contentSecurityPolicy/report-multiple-violations-01.php
1053                http/tests/security/contentSecurityPolicy/report-multiple-violations-02.php
1054                http/tests/security/contentSecurityPolicy/report-only-report-uri-missing.php
1055
1056         * dom/Document.cpp:
1057         (WebCore::Document::processHttpEquiv): Do not process policy for HTTP equivalent header
1058         Content-Security-Policy-Report-Only and X-WebKit-CSP-Report-Only.
1059
1060 2016-04-14  Antoine Quint  <graouts@apple.com>
1061
1062         Dashboard is spelled as Dashbard in several source files
1063         https://bugs.webkit.org/show_bug.cgi?id=156577
1064
1065         Reviewed by Eric Carlson.
1066
1067         * html/HTMLCanvasElement.cpp:
1068         (WebCore::HTMLCanvasElement::getContext):
1069         * html/canvas/CanvasGradient.cpp:
1070         (WebCore::CanvasGradient::CanvasGradient):
1071         (WebCore::CanvasGradient::addColorStop):
1072         * html/canvas/CanvasGradient.h:
1073         (WebCore::CanvasGradient::setDashboardCompatibilityMode):
1074
1075 2016-04-14  Antoine Quint  <graouts@apple.com>
1076
1077         WebGL based canvases composite incorrectly after changing size
1078         https://bugs.webkit.org/show_bug.cgi?id=152556
1079         <rdar://problem/24012678>
1080
1081         Reviewed by Dean Jackson.
1082
1083         On iOS, we use the CAEAGLLayer's bounds to set the size of the backing store.
1084         However, that layer's bounds is also used to size the layer during layout. If
1085         the canvas backing store is resized after layout has been performed, the call
1086         to setBounds loses the layout value and the <canvas> element is incorrectly
1087         sized on screen.
1088
1089         To address this, when updating the backing store, we keep track of the previous
1090         layer bounds so we can reset it after we sized the backing store.
1091
1092         Test: webgl/webgl-backing-store-size-update.html
1093
1094         * platform/graphics/GraphicsContext3D.h:
1095         * platform/graphics/mac/GraphicsContext3DMac.mm:
1096         (WebCore::GraphicsContext3D::setRenderbufferStorageFromDrawable):
1097
1098 2016-04-13  Carlos Garcia Campos  <cgarcia@igalia.com>
1099
1100         Unreviewed. Fix GObject DOM bindings API break after r199392.
1101
1102         Since r199392 webkit_dom_attr_set_value() no longer raises exceptions, but we need to keep the GError parameter
1103         to keep backwards compatibility.
1104
1105         * bindings/scripts/CodeGeneratorGObject.pm:
1106         (FunctionUsedToRaiseException):
1107
1108 2016-04-13  Daniel Bates  <dabates@apple.com>
1109
1110         CSP: Nested browsing context created for <object> or <embed> should respect object-src directive
1111         https://bugs.webkit.org/show_bug.cgi?id=156563
1112         <rdar://problem/25715713>
1113
1114         Reviewed by Darin Adler.
1115
1116         As per section object-src of the Content Security Policy Level 2 spec.,
1117         <https://w3c.github.io/webappsec-csp/2/> (Editor's Draft, 29 August 2015), a nested browsing
1118         context created for an HTML object or HTML embed element should respect the object-src directive.
1119
1120         Currently a nested browsing context created for an HTML object or HTML embed element respects
1121         the child-src directive or frame-src directive (in that order). Instead such nested browsing
1122         contexts should respect the object-src directive.
1123
1124         Tests: http/tests/security/contentSecurityPolicy/object-src-allows-embed-blocked-by-child-src.html
1125                http/tests/security/contentSecurityPolicy/object-src-allows-embed-blocked-by-frame-src.html
1126                http/tests/security/contentSecurityPolicy/object-src-allows-object-blocked-by-child-src.html
1127                http/tests/security/contentSecurityPolicy/object-src-allows-object-blocked-by-frame-src.html
1128                http/tests/security/contentSecurityPolicy/object-src-blocks-embed-allowed-by-child-src.html
1129                http/tests/security/contentSecurityPolicy/object-src-blocks-embed-allowed-by-frame-src.html
1130                http/tests/security/contentSecurityPolicy/object-src-blocks-object-allowed-by-child-src.html
1131                http/tests/security/contentSecurityPolicy/object-src-blocks-object-allowed-by-frame-src.html
1132
1133         * loader/PolicyChecker.cpp:
1134         (WebCore::isAllowedByContentSecurityPolicy): Added. Checks whether the specified URL is allowed by the
1135         object-src or the child-src/frame-src directive for a plugin element and non-plugin element, respectively.
1136         (WebCore::PolicyChecker::checkNavigationPolicy): Modified to call isAllowedByContentSecurityPolicy().
1137
1138 2016-04-13  Daniel Bates  <dabates@apple.com>
1139
1140         CSP: Remove experimental directive reflected-xss
1141         https://bugs.webkit.org/show_bug.cgi?id=156554
1142
1143         Reviewed by Brent Fulgham.
1144
1145         The Content Security Policy directive reflected-xss was removed from the Content Security
1146         Policy Level 2 spec., <https://w3c.github.io/webappsec-csp/2/> (Editor's Draft, 29 August 2015).
1147         This directive was considered experimental and was guarded by a run-time flag that was never
1148         enabled by default. We should remove support for this directive.
1149
1150         * html/parser/XSSAuditor.cpp:
1151         (WebCore::XSSAuditor::XSSAuditor): Initialize m_xssProtection to XSSProtectionDisposition::Enabled.
1152         (WebCore::XSSAuditor::init): Write logic in terms of enum class XSSProtectionDisposition.
1153         (WebCore::XSSAuditor::filterToken): Ditto.
1154         (WebCore::combineXSSProtectionHeaderAndCSP): Deleted.
1155         * html/parser/XSSAuditor.h: Change data type of m_xssProtection from ContentSecurityPolicy::ReflectedXSSDisposition
1156         to XSSProtectionDisposition.
1157         * html/parser/XSSAuditorDelegate.cpp: Ditto.
1158         (WebCore::buildConsoleError): Remove logic to emit a remarks in the console error when a XSS is
1159         blocked because of the directive reflected-xss. Also substituted "because" for "as" in the remark
1160         added to the error message when the XSS Auditor is enabled because the server did not send HTTP
1161         header X-XSS-Protection.
1162         * html/parser/XSSAuditorDelegate.h:
1163         (WebCore::XSSInfo::XSSInfo): Removed argument didSendCSPHeader as we are removing support for the
1164         directive reflected-xss.
1165         * page/csp/ContentSecurityPolicy.cpp:
1166         (WebCore::ContentSecurityPolicy::reflectedXSSDisposition): Deleted.
1167         (WebCore::ContentSecurityPolicy::reportInvalidReflectedXSS): Deleted.
1168         * page/csp/ContentSecurityPolicy.h:
1169         * page/csp/ContentSecurityPolicyDirectiveList.cpp:
1170         (WebCore::ContentSecurityPolicyDirectiveList::ContentSecurityPolicyDirectiveList): Remove initialization
1171         of m_reflectedXSSDisposition as we are removing support for the directive reflected-xss.
1172         (WebCore::ContentSecurityPolicyDirectiveList::parseReflectedXSS): Deleted.
1173         (WebCore::ContentSecurityPolicyDirectiveList::addDirective): Remove logic to parse directive reflected-xss.
1174         * page/csp/ContentSecurityPolicyDirectiveList.h:
1175         (WebCore::ContentSecurityPolicyDirectiveList::reflectedXSSDisposition): Deleted.
1176         * page/csp/ContentSecurityPolicyDirectiveNames.cpp:
1177         * page/csp/ContentSecurityPolicyDirectiveNames.h:
1178         * page/csp/ContentSecurityPolicySourceList.cpp:
1179         (WebCore::isCSPDirectiveName):
1180         (WebCore::isExperimentalDirectiveName): Deleted.
1181         * platform/network/HTTPParsers.cpp:
1182         (WebCore::parseXSSProtectionHeader): Write it terms of enum class XSSProtectionDisposition.
1183         * platform/network/HTTPParsers.h: Define enum class XSSProtectionDisposition. Change return type
1184         of parseXSSProtectionHeader() from ContentSecurityPolicy::ReflectedXSSDisposition to XSSProtectionDisposition
1185         as we are removing the former.
1186
1187 2016-04-13  Brady Eidson  <beidson@apple.com>
1188
1189         Modern IDB (Blob support): Support retrieving Blobs from IDB.
1190         https://bugs.webkit.org/show_bug.cgi?id=156367
1191
1192         Reviewed by Alex Christensen.
1193
1194         No new tests (No testable change in behavior yet, current tests pass).
1195
1196         This patch does the following:
1197         - Pulls BlobURLs and stored filenames out of IDB whenever an IDB record is fetched.
1198         - Adds those URLs and filenames to IDBValue.
1199         - Uses IDBValue in more places instead of SharedBuffer/ThreadSafeBuffer.
1200         - Teaches SerializedScriptValue, Blob, and File how to read the URLs and filenames when they exist.
1201         - Teaches the Blob registry to register a new type of Blob that is not a "File" but is backed by one.
1202
1203         * Modules/indexeddb/IDBCursor.cpp:
1204         (WebCore::IDBCursor::setGetResult):
1205         
1206         * Modules/indexeddb/IDBGetResult.h:
1207         (WebCore::IDBGetResult::IDBGetResult):
1208         
1209         * Modules/indexeddb/IDBRequest.cpp:
1210         (WebCore::IDBRequest::setResultToStructuredClone):
1211         * Modules/indexeddb/IDBRequest.h:
1212         
1213         * Modules/indexeddb/IDBTransaction.cpp:
1214         (WebCore::IDBTransaction::didGetRecordOnServer):
1215         
1216         * Modules/indexeddb/IDBValue.cpp:
1217         (WebCore::IDBValue::IDBValue):
1218         * Modules/indexeddb/IDBValue.h:
1219         
1220         * Modules/indexeddb/server/MemoryIndexCursor.cpp:
1221         (WebCore::IDBServer::MemoryIndexCursor::currentData):
1222         
1223         * Modules/indexeddb/server/MemoryObjectStoreCursor.cpp:
1224         (WebCore::IDBServer::MemoryObjectStoreCursor::currentData):
1225         
1226         * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
1227         (WebCore::IDBServer::SQLiteIDBBackingStore::createIndex):
1228         (WebCore::IDBServer::SQLiteIDBBackingStore::getBlobRecordsForObjectStoreRecord):
1229         (WebCore::IDBServer::SQLiteIDBBackingStore::getRecord):
1230         (WebCore::IDBServer::SQLiteIDBBackingStore::getIndexRecord):
1231         * Modules/indexeddb/server/SQLiteIDBBackingStore.h:
1232         
1233         * Modules/indexeddb/server/SQLiteIDBCursor.cpp:
1234         (WebCore::IDBServer::SQLiteIDBCursor::currentData):
1235         (WebCore::IDBServer::SQLiteIDBCursor::internalAdvanceOnce):
1236         * Modules/indexeddb/server/SQLiteIDBCursor.h:
1237         (WebCore::IDBServer::SQLiteIDBCursor::currentValue):
1238         (WebCore::IDBServer::SQLiteIDBCursor::currentValueBuffer): Deleted.
1239         
1240         * Modules/indexeddb/server/SQLiteIDBTransaction.h:
1241         (WebCore::IDBServer::SQLiteIDBTransaction::backingStore):
1242         
1243         * Modules/websockets/WorkerThreadableWebSocketChannel.cpp:
1244         (WebCore::WorkerThreadableWebSocketChannel::Bridge::send):
1245         
1246         * bindings/js/IDBBindingUtilities.cpp:
1247         (WebCore::deserializeIDBValueDataToJSValue):
1248         (WebCore::deserializeIDBValueData):
1249         (WebCore::deserializeIDBValue):
1250         * bindings/js/IDBBindingUtilities.h:
1251         
1252         * bindings/js/SerializedScriptValue.cpp:
1253         (WebCore::CloneDeserializer::deserialize):
1254         (WebCore::CloneDeserializer::CloneDeserializer):
1255         (WebCore::CloneDeserializer::readFile):
1256         (WebCore::CloneDeserializer::readTerminal):
1257         (WebCore::CloneDeserializer::blobFilePathForBlobURL):
1258         (WebCore::SerializedScriptValue::deserialize):
1259         * bindings/js/SerializedScriptValue.h:
1260
1261         * fileapi/Blob.cpp:
1262         (WebCore::Blob::Blob):
1263         * fileapi/Blob.h:
1264         (WebCore::Blob::deserialize):
1265
1266         * fileapi/File.cpp:
1267         (WebCore::File::File):
1268
1269         * fileapi/ThreadableBlobRegistry.cpp:
1270         (WebCore::threadableQueue):
1271         (WebCore::ThreadableBlobRegistry::registerBlobURLOptionallyFileBacked):
1272         * fileapi/ThreadableBlobRegistry.h:
1273
1274         * platform/CrossThreadTask.h:
1275         (WebCore::createCrossThreadTask):
1276
1277         * platform/network/BlobRegistry.h:
1278
1279         * platform/network/BlobRegistryImpl.cpp:
1280         (WebCore::BlobRegistryImpl::registerBlobURL):
1281         (WebCore::BlobRegistryImpl::registerBlobURLOptionallyFileBacked):
1282         * platform/network/BlobRegistryImpl.h:
1283
1284 2016-04-13  Zalan Bujtas  <zalan@apple.com>
1285
1286         Text on compositing layer with negative letter-spacing is truncated.
1287         https://bugs.webkit.org/show_bug.cgi?id=156550
1288         <rdar://problem/24212140>
1289
1290         Reviewed by Antti Koivisto.
1291
1292         Negative letter-spacing affects the right edge of content's visual overflow (for both RTL and LTR).
1293         This is similar to how normal line layout adjusts it at InlineFlowBox::addTextBoxVisualOverflow().
1294
1295         Test: fast/text/negative-letter-spacing-visual-overflow.html
1296
1297         * rendering/SimpleLineLayoutFunctions.cpp:
1298         (WebCore::SimpleLineLayout::computeOverflow):
1299         (WebCore::SimpleLineLayout::paintFlow):
1300         (WebCore::SimpleLineLayout::collectFlowOverflow):
1301
1302 2016-04-13  Eric Carlson  <eric.carlson@apple.com>
1303
1304         [iOS] remote command should be considered user events
1305         https://bugs.webkit.org/show_bug.cgi?id=156546
1306         <rdar://problem/25560877>
1307
1308         Reviewed by Jer Noble.
1309
1310         Test: media/remote-control-command-is-user-gesture.html
1311
1312         * html/HTMLMediaElement.cpp:
1313         (WebCore::HTMLMediaElement::didReceiveRemoteControlCommand): Increment/decrement 
1314           m_processingRemoteControlCommand around calling remote command method.
1315         (WebCore::HTMLMediaElement::processingUserGesture): Return true if called while handling
1316           a remote control command.
1317         * html/HTMLMediaElement.h:
1318
1319 2016-04-13  Antonio Gomes  <tonikitoo@webkit.org>
1320
1321         Non-resizable text field looks resizable
1322         https://bugs.webkit.org/show_bug.cgi?id=152271
1323
1324         Reviewed by Darin Adler.
1325
1326         The 'resizability' of an HTML element is controlled by its 'resize' CSS property value.
1327         By default it is 'none', but certain HTML elements, including <textarea>, have it
1328         set to 'both' by default (defined in html.css). These values mean no resize at all, and
1329         resizable in both vertical and horizontal axis, respectively.
1330         Additionally, 'vertical' and 'horizontal' values are also valid.
1331
1332         Problem here is that the way WebKit handles the 'resize' property on single line
1333         input elements (e.g. <input>) is different than other engines (read Gecko, Blink and Presto):
1334
1335         - Match: WebKit, Firefox, Presto and Blink all force single line input elements to be non-resizable,
1336         regardless of either the 'resize' properly is set or not.
1337
1338         - Mismatch: WebKit is the only engine that actually paints the resize control on single line
1339         input elements, even it having no effect.
1340
1341         On WebKit, this happens because the 'resize' property is wrongly implemented as 'inheritable',
1342         differently from other engines. In the way WebKit contructs its RenderTree, 'resize' property
1343         ends up spilling out of <input> and entering its shadow representation, carrying the 'resize'
1344         property on.
1345
1346         Patch fixes this by making the 'resize' properly be non-inherited, matching other vendors
1347         and the spec [1].
1348
1349         [1] https://drafts.csswg.org/css-ui/#resize
1350
1351         Tests: fast/css/resize-not-inherited.html
1352                fast/css/resize-single-line-input-no-paint.html
1353
1354         * rendering/style/RenderStyle.h:
1355         * rendering/style/StyleRareInheritedData.cpp:
1356         (WebCore::StyleRareInheritedData::StyleRareInheritedData):
1357         (WebCore::StyleRareInheritedData::operator==):
1358         * rendering/style/StyleRareInheritedData.h:
1359         * rendering/style/StyleRareNonInheritedData.cpp:
1360         (WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData):
1361         (WebCore::StyleRareNonInheritedData::operator==):
1362         * rendering/style/StyleRareNonInheritedData.h:
1363
1364 2016-04-13  Darin Adler  <darin@apple.com>
1365
1366         Remove UsePointersEvenForNonNullableObjectArguments from DataTransfer
1367         https://bugs.webkit.org/show_bug.cgi?id=156495
1368
1369         Reviewed by Chris Dumez.
1370
1371         * dom/DataTransfer.idl: Removed UsePointersEvenForNonNullableObjectArguments
1372         and marked the element argument to setDragImage as nullable.
1373
1374 2016-04-13  Brady Eidson  <beidson@apple.com>
1375
1376         Modern IDB (Blob support): Support deleting stored blob files.
1377         https://bugs.webkit.org/show_bug.cgi?id=156523
1378
1379         Reviewed by Alex Christensen.
1380
1381         No new tests (No testable change in behavior yet, current tests pass).
1382
1383         There's 3 points in time when we need to delete blob files (and records of them):
1384         1 - When deleting a specific object store record.
1385         2 - When deleting an entire object store.
1386         3 - When deleting a whole database.
1387         
1388         This patch does those three things.
1389
1390         * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
1391         (WebCore::IDBServer::SQLiteIDBBackingStore::deleteObjectStore):
1392         (WebCore::IDBServer::SQLiteIDBBackingStore::deleteUnusedBlobFileRecords):
1393         (WebCore::IDBServer::SQLiteIDBBackingStore::deleteRecord):
1394         (WebCore::IDBServer::SQLiteIDBBackingStore::addRecord):
1395         (WebCore::IDBServer::SQLiteIDBBackingStore::getRecord):
1396         (WebCore::IDBServer::SQLiteIDBBackingStore::deleteBackingStore):
1397         * Modules/indexeddb/server/SQLiteIDBBackingStore.h:
1398
1399         * Modules/indexeddb/server/SQLiteIDBTransaction.cpp:
1400         (WebCore::IDBServer::SQLiteIDBTransaction::commit):
1401         (WebCore::IDBServer::SQLiteIDBTransaction::deleteBlobFilesIfNecessary):
1402         (WebCore::IDBServer::SQLiteIDBTransaction::addRemovedBlobFile):
1403         * Modules/indexeddb/server/SQLiteIDBTransaction.h:
1404
1405 2016-04-13  Frederic Wang  <fwang@igalia.com>
1406
1407         Fix two coding mistakes in MathMLInlineContainerElement::childrenChanged
1408         https://bugs.webkit.org/show_bug.cgi?id=156538
1409
1410         Reviewed by Darin Adler.
1411
1412         We fix the call to updateOperatorProperties inside MathMLInlineContainerElement::childrenChanged
1413         for the <math> and <msqrt> tags.
1414
1415         The <math> tag is already a RenderMathMLRow so the hasTagName(mathTag)
1416         conditional is never executed. The tag does not create any anonymous
1417         wrapper so we do not need a special case for it anyway.
1418
1419         The <msqrt> tag is not a RenderMathMLRow (yet). However, the anonymous
1420         wrapper behaving as a RenderMathMLRow is actually the last child, not
1421         the first one.
1422
1423         No new tests, this is already covered by mathml/presentation/mo-form-dynamic.html
1424         Note that for some reason the coding error for <msqrt> only shows up
1425         after the refactoring of bug 152244.
1426
1427         * mathml/MathMLInlineContainerElement.cpp:
1428         (WebCore::MathMLInlineContainerElement::childrenChanged): Fix the two mistakes and add some FIXME comments.
1429
1430 2016-04-12  Chris Dumez  <cdumez@apple.com>
1431
1432         Attr.value should not be nullable
1433         https://bugs.webkit.org/show_bug.cgi?id=156515
1434
1435         Reviewed by Benjamin Poulain.
1436
1437         Update Attr.value so that it is no longer nullable, as per:
1438         https://dom.spec.whatwg.org/#interface-attr
1439
1440         This aligns our behavior with Firefox and Chrome as well.
1441
1442         Test: fast/dom/Attr/value-not-nullable.html
1443
1444         * dom/Attr.cpp:
1445         (WebCore::Attr::setValueForBindings):
1446         (WebCore::Attr::setNodeValue):
1447         (WebCore::Attr::setValue):
1448         * dom/Attr.h:
1449         * dom/Attr.idl:
1450
1451 2016-04-12  Konstantin Tokarev  <annulen@yandex.ru>
1452
1453         Fixed uninitialization of Node::DataUnion with GCC 4.8.
1454         https://bugs.webkit.org/show_bug.cgi?id=156507
1455
1456         Reviewed by Michael Catanzaro.
1457
1458         This change fixes run time crashes caused by access to uninitialized
1459         memory in Node::renderer().
1460
1461         No new tests needed.
1462
1463         * dom/Node.h:
1464
1465 2016-04-12  Eric Carlson  <eric.carlson@apple.com>
1466
1467         [iOS] do not exit AirPlay when the screen locks
1468         https://bugs.webkit.org/show_bug.cgi?id=156502
1469         <rdar://problem/24616592>
1470
1471         Reviewed by Jer Noble.
1472
1473         * html/HTMLMediaElement.cpp:
1474         (WebCore::HTMLMediaElement::shouldOverrideBackgroundPlaybackRestriction): Add logging.
1475         (WebCore::HTMLMediaElement::purgeBufferedDataIfPossible): Don't tell the media engine to purge 
1476           data if it is playing to a wireless target because that will drop the connection.
1477
1478         * html/MediaElementSession.cpp:
1479         (WebCore::MediaElementSession::playbackPermitted): Add logging.
1480         (WebCore::MediaElementSession::canPlayToWirelessPlaybackTarget): Drive by fix: iOS doesn't 
1481           have an explicit playbackTarget, don't test for it.
1482         (WebCore::MediaElementSession::isPlayingToWirelessPlaybackTarget): Ditto.
1483
1484 2016-04-12  Gavin Barraclough  <barraclough@apple.com>
1485
1486         WebKit should adopt journal_mode=wal for all SQLite databases.
1487         https://bugs.webkit.org/show_bug.cgi?id=133496
1488
1489         Rubber stamped by Chris Dumez.
1490
1491         Temporarily disable on iOS - this broke a test.
1492         (storage/websql/alter-to-info-table.html)
1493
1494         * platform/sql/SQLiteDatabase.cpp:
1495         (WebCore::SQLiteDatabase::open):
1496
1497 2016-04-12  Joseph Pecoraro  <pecoraro@apple.com>
1498
1499         Web Inspector: Keyboard shortcut for "Inspect Element" only works when Web Inspector is open.
1500         https://bugs.webkit.org/show_bug.cgi?id=111193
1501         <rdar://problem/13325889>
1502
1503         Reviewed by Timothy Hatcher.
1504
1505         * inspector/InspectorClient.h:
1506         (WebCore::InspectorClient::elementSelectionChanged):
1507         * inspector/InspectorDOMAgent.cpp:
1508         (WebCore::InspectorDOMAgent::setSearchingForNode):
1509         Inform the client when element selection changes.
1510
1511 2016-04-12  Chris Dumez  <cdumez@apple.com>
1512
1513         Regression(r199360): assertion hit in Element::fastGetAttribute()
1514         https://bugs.webkit.org/show_bug.cgi?id=156509
1515
1516         Reviewed by Ryosuke Niwa.
1517
1518         Stop using fastGetAttribute() / setAttributeWithoutSynchronization()
1519         given that DOMTokenList is used for the class attribute and we need
1520         to synchronize in this case.
1521
1522         No new tests, already covered by existing tests.
1523
1524         * html/DOMTokenList.cpp:
1525         (WebCore::DOMTokenList::updateAssociatedAttributeFromTokens):
1526         (WebCore::DOMTokenList::tokens):
1527
1528 2016-04-12  Myles C. Maxfield  <mmaxfield@apple.com>
1529
1530         [RTL Scrollbars] Overlay scrollbars push contents inwards
1531         https://bugs.webkit.org/show_bug.cgi?id=156225
1532         <rdar://problem/25137040>
1533
1534         Reviewed by Darin Adler.
1535
1536         The contents should be pushed in by the occupied width of the
1537         scrollbar, which is 0 for overlay scrollbars.
1538
1539         Test: fast/scrolling/rtl-scrollbars-overlay-no-push-contents.html
1540
1541         * rendering/RenderLayer.cpp:
1542         (WebCore::RenderLayer::computeScrollDimensions):
1543
1544 2016-04-12  Myles C. Maxfield  <mmaxfield@apple.com>
1545
1546         [OS X] Flakey crash after ScrollAnimatorMac destruction
1547         https://bugs.webkit.org/show_bug.cgi?id=156372
1548
1549         Reviewed by Darin Adler.
1550
1551         Previously, we were disabling the mock scrollbars using JavaScript after
1552         the WebView was created. However, enabling these mock scrollbars can be
1553         triggered with a bit of state inside the WebPreferences object, which
1554         means WebKit clients can change it at any point. DumpRenderTree is doing
1555         this during the document's lifetime.
1556
1557         This means that the creation of the Scrollbar objects saw a non-mock
1558         ScrollbarTheme, but the destruction of the Scrollbar objects saw a mock
1559         ScrollbarTheme. Therefore, the non-mock ScrollbarTheme doesn't get
1560         cleaned up correctly (ScrollAnimatorMac::willRemoveVerticalScrollbar()
1561         returns early because it sees that there is nothing to deregister
1562         due to the ScrollbarTheme being mocked).
1563
1564         This cleanup is necessary because it sets the NSScrollerImp's delegate
1565         to nil before the NSScrollerImpDelegate gets destroyed. Because the
1566         cleanup wasn't happening, the delegate pointer wasn't getting set to
1567         nil, so the pointer was dangling, and AppKit was following it and
1568         crashing.
1569
1570         Because the clients of this bit of state can change it at any time,
1571         it is incorrect to change it in JavaScript. Instead, the client must
1572         manage this bit of state (so the client and the web process are always
1573         in sync). Therefore, the correct way to set this bit of state must be
1574         done in the test runner rather than Javascript internals. The mechanism
1575         we have to do that is the <!-- webkit-test-runner --> comment at the
1576         beginning of the test. This patch migrates to this mechanism and removes
1577         the old internals method.
1578
1579         Test: fast/scrolling/rtl-scrollbars-animation-property.html
1580
1581         * page/Settings.cpp:
1582         * testing/Internals.cpp:
1583         (WebCore::Internals::setMockScrollbarsEnabled): Deleted.
1584         * testing/Internals.h:
1585         * testing/Internals.idl:
1586
1587 2016-04-12  Darin Adler  <darin@apple.com>
1588
1589         Remove UsePointersEvenForNonNullableObjectArguments from SVG lists
1590         https://bugs.webkit.org/show_bug.cgi?id=156494
1591
1592         Reviewed by Chris Dumez.
1593
1594         * bindings/scripts/CodeGenerator.pm:
1595         (ShouldPassWrapperByReference): For now, don't do this for any tear-off classes.
1596         This includes the items stored in most SVG list classes.
1597
1598         * svg/SVGLengthList.idl: Removed UsePointersEvenForNonNullableObjectArguments.
1599         * svg/SVGNumberList.idl: Ditto.
1600         * svg/SVGPointList.idl: Ditto.
1601         * svg/SVGTransformList.idl: Ditto.
1602
1603         * svg/SVGPathSegList.idl: Removed UsePointersEvenForNonNullableObjectArguments.
1604         Marked the arguments nullable, and added FIXMEs about returning later since they
1605         don't really need to be nullable. But fixing this requires some reworking of the
1606         SVG list template and it's not urgent at this time. Preserves behavior where we
1607         get an exception when passing null, it's just an SVG exception instead of TypeError.
1608
1609 2016-04-12  Chris Dumez  <cdumez@apple.com>
1610
1611         Lazily update tokens in DOMTokenList when the associated attribute value changes
1612         https://bugs.webkit.org/show_bug.cgi?id=156474
1613
1614         Reviewed by Ryosuke Niwa.
1615
1616         Lazily update tokens in DOMTokenList when the associated attribute value
1617         changes for performance. Constructing the sanitized vector of tokens
1618         every time the associated Element attribute changes is too expensive.
1619         Instead, we mark the vector as dirty whenever the attribute changes, and
1620         we only construct the sanitized vector when it is actually required.
1621
1622         Also do some renaming for clarity.
1623
1624         There is no web-exposed behavior change.
1625
1626         * dom/Element.cpp:
1627         (WebCore::Element::classAttributeChanged):
1628         * html/DOMTokenList.cpp:
1629         (WebCore::DOMTokenList::contains):
1630         (WebCore::DOMTokenList::addInternal):
1631         (WebCore::DOMTokenList::removeInternal):
1632         (WebCore::DOMTokenList::toggle):
1633         (WebCore::DOMTokenList::value):
1634         (WebCore::DOMTokenList::setValue):
1635         (WebCore::DOMTokenList::updateTokensFromAttributeValue):
1636         (WebCore::DOMTokenList::associatedAttributeValueChanged):
1637         (WebCore::DOMTokenList::updateAssociatedAttributeFromTokens):
1638         (WebCore::DOMTokenList::tokens):
1639         (WebCore::DOMTokenList::DOMTokenList): Deleted.
1640         * html/DOMTokenList.h:
1641         (WebCore::DOMTokenList::tokens):
1642         (WebCore::DOMTokenList::length):
1643         (WebCore::DOMTokenList::item):
1644         * html/HTMLAnchorElement.cpp:
1645         (WebCore::HTMLAnchorElement::parseAttribute):
1646         * html/HTMLIFrameElement.cpp:
1647         (WebCore::HTMLIFrameElement::parseAttribute):
1648         * html/HTMLLinkElement.cpp:
1649         (WebCore::HTMLLinkElement::parseAttribute):
1650         * html/HTMLOutputElement.cpp:
1651         (WebCore::HTMLOutputElement::parseAttribute):
1652
1653 2016-04-12  Darin Adler  <darin@apple.com>
1654
1655         Remove UsePointersEvenForNonNullableObjectArguments from HTMLMediaElement
1656         https://bugs.webkit.org/show_bug.cgi?id=156492
1657
1658         Reviewed by Chris Dumez.
1659
1660         * html/HTMLMediaElement.idl: Removed UsePointersEvenForNonNullableObjectArguments,
1661         sorted remaining class attributes, simplified #if around canPlayType a bit,
1662         removed comment that is not all that useful, made the argument to
1663         webkitSetMediaKeys nullable since the implementation supports that.
1664
1665 2016-04-12  Eric Carlson  <eric.carlson@apple.com>
1666
1667         [iOS] media title sometimes remain in Control Center after tab is closed
1668         https://bugs.webkit.org/show_bug.cgi?id=156243
1669         <rdar://problem/20167445>
1670
1671         Reviewed by Darin Adler.
1672
1673         * Modules/webaudio/AudioContext.h: Implement characteristics.
1674
1675         * html/HTMLMediaElement.cpp:
1676         (WebCore::HTMLMediaElement::mediaLoadingFailed): Call mediaSession->clientCharacteristicsChanged.
1677         (WebCore::HTMLMediaElement::setReadyState): Ditto.
1678         (WebCore::HTMLMediaElement::clearMediaPlayer): Ditto.
1679         (WebCore::HTMLMediaElement::stop): Call mediaSession->stopSession.
1680         (WebCore::HTMLMediaElement::characteristics): New, return current characteristics.
1681         * html/HTMLMediaElement.h:
1682
1683         * platform/audio/PlatformMediaSession.cpp:
1684         (WebCore::PlatformMediaSession::stopSession): Suspend playback, and remove the session 
1685           from the manager, it will never play again.
1686         (WebCore::PlatformMediaSession::characteristics): Return client characteristics.
1687         (WebCore::PlatformMediaSession::clientCharacteristicsChanged):
1688         * platform/audio/PlatformMediaSession.h:
1689
1690         * platform/audio/PlatformMediaSessionManager.cpp:
1691         (WebCore::PlatformMediaSessionManager::stopAllMediaPlaybackForProcess): Call stopSession 
1692           instead of pauseSession to signal that playback will never start again.
1693         * platform/audio/PlatformMediaSessionManager.h:
1694
1695         * platform/audio/ios/MediaSessionManagerIOS.h:
1696         * platform/audio/ios/MediaSessionManagerIOS.mm:
1697         (WebCore::MediaSessionManageriOS::sessionWillBeginPlayback): Add logging.
1698         (WebCore::MediaSessionManageriOS::removeSession): Update NowPlaying.
1699         (WebCore::MediaSessionManageriOS::sessionWillEndPlayback): Add logging.
1700         (WebCore::MediaSessionManageriOS::clientCharacteristicsChanged): Update NowPlaying.
1701         (WebCore::MediaSessionManageriOS::nowPlayingEligibleSession): New, return the first session
1702           that is an audio or video element with playable audio. WebAudio is not currently controllable
1703           so it isn't appropriate to show it in the NowPlaying info center.
1704         (WebCore::MediaSessionManageriOS::updateNowPlayingInfo): Remember the last state passed to
1705           NowPlaying so we can call it only when something has changed.
1706
1707 2016-04-12  Carlos Garcia Campos  <cgarcia@igalia.com>
1708
1709         [GTK] Rework scrollbars theming code for GTK+ 3.20
1710         https://bugs.webkit.org/show_bug.cgi?id=156462
1711
1712         Reviewed by Michael Catanzaro.
1713
1714         In r199292, we reworked the theming code to ensure it works with the new GTK+ CSS theming system. The same is
1715         needed for scrollbars, this patch uses the RenderThemeGadget classes introduced in r199292 to render the native
1716         scrollbars. The code is now split in 3 parts: stub methods for GTK+2 (since this file is compiled for
1717         WebCoreGTK, but not used), the implementation for GTK+ < 3.20 and the implementation for GTK+ >= 3.20. This
1718         reduces the amount of ifdefed code, and ensures that changes in new code don't break the rendering with older
1719         versions of GTK+. I noticed that we were overriding both, the specific paint methods to render scrollbars
1720         parts and the global paint method that renders all the scrollbar parts. We don't really need the specific paint
1721         methods, so I've removed the implemention leaving only the paint method. This also allows us to get rid of the
1722         GtkStyleContext cache.
1723
1724         * platform/gtk/RenderThemeGadget.cpp:
1725         (WebCore::RenderThemeGadget::create): Handle scrollbars gadgets.
1726         (WebCore::appendElementToPath): In case of scrollbar gadget, use the scrollbar GType when creating the path to
1727         be able to get non-CSS style properties.
1728         (WebCore::RenderThemeGadget::opacity): Add method to get the opacity CSS style property.
1729         (WebCore::RenderThemeScrollbarGadget::RenderThemeScrollbarGadget): Initialize m_steppers option set with the
1730         steppers used by the theme.
1731         * platform/gtk/RenderThemeGadget.h:
1732         * platform/gtk/ScrollbarThemeGtk.cpp:
1733         (WebCore::themeChangedCallback):
1734         (WebCore::ScrollbarThemeGtk::ScrollbarThemeGtk):
1735         (WebCore::createStyleContext):
1736         (WebCore::createChildStyleContext):
1737         (WebCore::ScrollbarThemeGtk::themeChanged):
1738         (WebCore::ScrollbarThemeGtk::updateThemeProperties):
1739         (WebCore::scrollbarPartStateFlags):
1740         (WebCore::scrollbarGadgetForLayout):
1741         (WebCore::contentsGadgetForLayout):
1742         (WebCore::ScrollbarThemeGtk::trackRect):
1743         (WebCore::ScrollbarThemeGtk::hasThumb):
1744         (WebCore::ScrollbarThemeGtk::backButtonRect):
1745         (WebCore::ScrollbarThemeGtk::forwardButtonRect):
1746         (WebCore::ScrollbarThemeGtk::paint):
1747         (WebCore::paintStepper):
1748         (WebCore::adjustRectAccordingToMargin):
1749         (WebCore::ScrollbarThemeGtk::scrollbarThickness):
1750         (WebCore::ScrollbarThemeGtk::minimumThumbLength):
1751         * platform/gtk/ScrollbarThemeGtk.h:
1752
1753 2016-03-17  Sergio Villar Senin  <svillar@igalia.com>
1754
1755         [css-grid] Add parsing support for <auto-repeat> syntax
1756         https://bugs.webkit.org/show_bug.cgi?id=155583
1757
1758         Reviewed by Antti Koivisto.
1759
1760         The repeat() notation allows now to specify auto-fill or auto-fit instead of
1761         a fixed number of repetitions meaning that it will be automatically computed
1762         depending on the available space.
1763
1764         This patch just adds the parsing support, the expansion of the repeat notation
1765         will be implemented in a follow up patch because it cannot be done at
1766         parsing level (since it requires knowledge about the available space).
1767
1768         Test: fast/css-grid-layout/grid-element-auto-repeat-get-set.html
1769
1770         * CMakeLists.txt:
1771         * css/CSSGridAutoRepeatValue.cpp: Added.
1772         (WebCore::CSSGridAutoRepeatValue::customCSSText):
1773         * css/CSSGridAutoRepeatValue.h: Added.
1774         (WebCore::CSSGridAutoRepeatValue::create):
1775         (WebCore::CSSGridAutoRepeatValue::autoRepeatID):
1776         (WebCore::CSSGridAutoRepeatValue::CSSGridAutoRepeatValue):
1777         * css/CSSParser.cpp:
1778         (WebCore::allTracksAreFixedSized):
1779         (WebCore::CSSParser::parseGridTrackList):
1780         (WebCore::CSSParser::parseGridTrackRepeatFunction):
1781         (WebCore::CSSParser::parseGridTrackSize):
1782         (WebCore::CSSParser::parseGridBreadth):
1783         * css/CSSParser.h:
1784         * css/CSSValue.cpp:
1785         (WebCore::CSSValue::equals):
1786         (WebCore::CSSValue::cssText):
1787         (WebCore::CSSValue::destroy):
1788         * css/CSSValue.h:
1789         (WebCore::CSSValue::isGridAutoRepeatValue):
1790         * css/CSSValueKeywords.in:
1791
1792 2016-04-12  Yusuke Suzuki  <utatane.tea@gmail.com>
1793
1794         [JSC] addStaticGlobals should emit SymbolTableEntry watchpoints to encourage constant folding in DFG
1795         https://bugs.webkit.org/show_bug.cgi?id=155110
1796
1797         Reviewed by Saam Barati.
1798
1799         * bindings/js/JSDOMWindowBase.cpp:
1800         (WebCore::JSDOMWindowBase::updateDocument):
1801
1802 2016-04-12  Sergio Villar Senin  <svillar@igalia.com>
1803
1804         [css-grid] Pass GridSizingData instead of columnTracks to track sizing methods
1805         https://bugs.webkit.org/show_bug.cgi?id=156466
1806
1807         Reviewed by Darin Adler.
1808
1809         Several methods used to compute the items' size contribution to the tracks they span in, get
1810         as an argument a vector with the sizes of the column tracks.
1811
1812         In order to support grids with orthogonal flows (among other things) it's much better to
1813         pass the GridSizingData struct and let those methods decide whether to use the columns or
1814         the rows.
1815
1816         No new tests as this is just a minor refactoring with no change in behavior.
1817
1818         * rendering/RenderGrid.cpp:
1819         (WebCore::RenderGrid::computeUsedBreadthOfGridTracks):
1820         (WebCore::RenderGrid::logicalContentHeightForChild):
1821         (WebCore::RenderGrid::minSizeForChild):
1822         (WebCore::RenderGrid::minContentForChild):
1823         (WebCore::RenderGrid::maxContentForChild):
1824         (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctions):
1825         (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForNonSpanningItems):
1826         (WebCore::RenderGrid::currentItemSizeForTrackSizeComputationPhase):
1827         (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForItems):
1828         * rendering/RenderGrid.h:
1829
1830 2016-04-11  Darin Adler  <darin@apple.com>
1831
1832         Remove UsePointersEvenForNonNullableObjectArguments from HTMLOptionsCollection
1833         https://bugs.webkit.org/show_bug.cgi?id=156491
1834
1835         Reviewed by Chris Dumez.
1836
1837         * html/HTMLOptionsCollection.cpp:
1838         (WebCore::HTMLOptionsCollection::add): Take a reference instead of a pointer.
1839         * html/HTMLOptionsCollection.h: Removed unneeded forward declaration. Changed
1840         add to take a reference instead of a pointer for the element to add. Used
1841         final instead of override on virtual functions.
1842         * html/HTMLOptionsCollection.idl: Removed now-unneeded attribute
1843         UsePointersEvenForNonNullableObjectArguments; the only function affected was
1844         add, and the overloading code was already checking for null.
1845
1846 2016-04-11  Darin Adler  <darin@apple.com>
1847
1848         Remove UsePointersEvenForNonNullableObjectArguments from HTMLSelectElement
1849         https://bugs.webkit.org/show_bug.cgi?id=156458
1850
1851         Reviewed by Chris Dumez.
1852
1853         * bindings/js/JSHTMLOptionsCollectionCustom.cpp:
1854         (WebCore::JSHTMLOptionsCollection::remove): Updated to call remove with a reference
1855         rather than a pointer.
1856
1857         * bindings/js/JSHTMLSelectElementCustom.cpp:
1858         (WebCore::JSHTMLSelectElement::remove): Updated to call remove with a reference
1859         rather than a pointer.
1860         (WebCore::selectIndexSetter): Updated to call setOption with a reference rather
1861         than a pointer.
1862
1863         * bindings/scripts/CodeGeneratorGObject.pm:
1864         (GenerateFunction): Added basic support for passing wrappers by reference.
1865         GObject bindings already check arguments for null, so didn't add any new checks.
1866
1867         * bindings/scripts/test/GObject/WebKitDOMTestActiveDOMObject.cpp:
1868         * bindings/scripts/test/GObject/WebKitDOMTestCallback.cpp:
1869         * bindings/scripts/test/GObject/WebKitDOMTestCallbackFunction.cpp:
1870         * bindings/scripts/test/GObject/WebKitDOMTestInterface.cpp:
1871         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
1872         Updated.
1873
1874         * editing/FrameSelection.cpp: Updated includes.
1875
1876         * html/HTMLOptionElement.cpp:
1877         (WebCore::HTMLOptionElement::setSelected): Pass reference when calling
1878         HTMLSelectElement::optionSelectionStateChanged.
1879         (WebCore::HTMLOptionElement::insertedInto): Ditto.
1880
1881         * html/HTMLOptionsCollection.cpp:
1882         (WebCore::HTMLOptionsCollection::add): Moved null checking behavior here.
1883         Preserves existing "silently do nothing if null".
1884         (WebCore::HTMLOptionsCollection::remove): Changed function to take a reference
1885         instead of a pointer.
1886
1887         * html/HTMLOptionsCollection.h: Updated include. Changed remove to take a
1888         reference instead of a pointer.
1889
1890         * html/HTMLSelectElement.cpp:
1891         (WebCore::HTMLSelectElement::add): Changed to take a reference instead of
1892         a pointer. Also removed unneeded protect code, since insertBefore already
1893         protects itself, and unneeded call to updateValidity, since the
1894         HTMLSelectElement::childrenChanged function already calls updateValidity.
1895         (WebCore::HTMLSelectElement::remove): Changed to take a reference instead
1896         of a pointer.
1897         (WebCore::HTMLSelectElement::setOption): Changed to take a reference
1898         instead of a pointer.
1899         (WebCore::HTMLSelectElement::setLength): Renamed "newLen" to "newLength".
1900         Use Ref instead of RefPtr for result of createElement, which makes the
1901         argument passed to add be a reference rather than a pointer.
1902         (WebCore::HTMLSelectElement::willRespondToMouseClickEvents): Put the #if
1903         for this here instead of in the header.
1904         (WebCore::HTMLSelectElement::optionSelectionStateChanged): Changed to take
1905         a reference instead of a pointer for the option element.
1906
1907         * html/HTMLSelectElement.h: Removed unneeded includes. Derive privately
1908         from TypeAheadDataSource instead of publicly. Make all overrides final
1909         except for the one that is actually overridden by a derived class.
1910         Changed the arguments of the add, remove, setOption, and
1911         optionSelectionStateChanged functions to be references instead of pointers.
1912         Tweaked formatting a bit and used nullptr instead of 0. Override
1913         willRespondToMouseClickEvents on all platforms, not just iOS.
1914
1915         * html/HTMLSelectElement.idl: Removed UsePointersEvenForNonNullableObjectArguments.
1916         Removed a comment that is no longer needed. Made some types nullable to match
1917         the specification, in places that currently have no effect on code generation.
1918         Added a FIXME comment about the argument to setCustomValidity incorrectly being
1919         marked as nullable.
1920
1921 2016-04-11  Brent Fulgham  <bfulgham@apple.com>
1922
1923         Use WeakPtrs to avoid using deallocated Widgets and ScrollableAreas
1924         https://bugs.webkit.org/show_bug.cgi?id=156420
1925         <rdar://problem/25637378>
1926
1927         Reviewed by Darin Adler.
1928
1929         Avoid the risk of using deallocated Widgets and ScrollableAreas by using WeakPtrs instead of
1930         bare pointers. This allows us to remove some explicit calls to get ScrollableArea and Widget
1931         members in the event handling logic. Instead, null checks are sufficient to ensure we never
1932         accidentally dereference a deleted element.
1933
1934         1. Modify the ScrollableArea class to support vending WeakPtrs.
1935         2. Modify the Event Handling code to use WeakPtrs to hold ScrollableArea and RenderWidget
1936            objects, and to null-check these elements after event handling dispatching is finished
1937            to handle cases where these objects are destroyed.
1938
1939         Test: fast/events/wheel-event-destroys-frame.html
1940               fast/events/wheel-event-destroys-overflow.html
1941
1942         * page/EventHandler.cpp:
1943         (WebCore::EventHandler::platformPrepareForWheelEvents): Change signature for WeakPtr.
1944         (WebCore::EventHandler::platformCompleteWheelEvent): Ditto.
1945         (WebCore::EventHandler::platformNotifyIfEndGesture): Ditto.
1946         (WebCore::widgetForElement): Change to return a WeakPtr.
1947         (WebCore::EventHandler::handleWheelEvent): Use WeakPtrs to hold elements that might be destroyed
1948         during event handling.
1949         * page/EventHandler.h:
1950         * page/mac/EventHandlerEfl.cpp: Rename passWheelEventToWidget to widgetDidHandleWheelEvent.
1951         * page/mac/EventHandlerGtk.cpp: Ditto.
1952         * page/mac/EventHandlerIOS.mm: Ditto.
1953         * page/mac/EventHandlerMac.mm:
1954         (WebCore::scrollableAreaForEventTarget): Renamed from scrollViewForEventTarget. Return
1955         a WeakPtr rather than a bare pointer.
1956         (WebCore::scrollableAreaForContainerNode): Return WeakPtr rather than bare pointer.
1957         (WebCore::EventHandler::completeWidgetWheelEvent): Added.
1958         (WebCore::EventHandler::passWheelEventToWidget): Deleted.
1959         (WebCore::EventHandler::platformPrepareForWheelEvents): Convert to WeakPtrs.
1960         (WebCore::EventHandler::platformCompleteWheelEvent): Ditto.
1961         (WebCore::EventHandler::platformCompletePlatformWidgetWheelEvent): Ditto.
1962         (WebCore::EventHandler::platformNotifyIfEndGesture): Ditto.
1963         (WebCore::EventHandler::widgetDidHandleWheelEvent): Renamed from passWheelEventToWidget.
1964         (WebCore::EventHandler::widgetForEventTarget): Converted from static function to static
1965         method so it can be shared with EventHandlerMac.
1966         (WebCore::scrollViewForEventTarget): Deleted.
1967         * page/mac/EventHandlerWin.cpp: Rename passWheelEventToWidget to widgetDidHandleWheelEvent.
1968         * platform/ScrollableArea.cpp:
1969         * platform/ScrollableArea.h:
1970         (WebCore::ScrollableArea::createWeakPtr): Added.
1971         * platform/Widget.h:
1972         (WebCore::ScrollableArea::createWeakPtr): Added.
1973
1974 2016-04-11  Dean Jackson  <dino@apple.com>
1975
1976         putImageData needs to premultiply input
1977         https://bugs.webkit.org/show_bug.cgi?id=156488
1978         <rdar://problem/25672675>
1979
1980         Reviewed by Zalan Bujtas.
1981
1982         I made a mistake in r187534 as I was converting get and putImageData
1983         to use Accelerate. The incoming data is unmultiplied, and should
1984         be premultiplied before copying into the backing store. I was
1985         accidentally unmultiplying unmultiplied data, which caused
1986         some pretty psychedelic results.
1987
1988         Test: fast/canvas/putImageData-unmultiplied.html
1989
1990         * platform/graphics/cg/ImageBufferDataCG.cpp:
1991         (WebCore::ImageBufferData::putData): Call premultiply, not unpremultiply.
1992
1993 2016-04-11  Jeremy Jones  <jeremyj@apple.com>
1994
1995         When clearing cache, also clear AVFoundation cache.
1996         https://bugs.webkit.org/show_bug.cgi?id=155783
1997         rdar://problem/25252541
1998
1999         Reviewed by Darin Adler.
2000
2001         Use AVAssetCache at a specified location on disk for all AVURLAssets. This AVAssetCache
2002         can then be used to manage the cache storage used by AVFoundation. It is used to query the
2003         contents of the cache in originsInMediaCache() and to clear the cache completely or partially in
2004         clearMediaCache() and clearMediaCacheForOrigins().
2005
2006         Use SecurityOrigin instead of the less formal site String to represent origins in the cache.
2007
2008         * html/HTMLMediaElement.cpp:
2009         (WebCore::sharedMediaCacheDirectory): Added.
2010         (WebCore::HTMLMediaElement::setMediaCacheDirectory): Added.
2011         (WebCore::HTMLMediaElement::mediaCacheDirectory): Added.
2012         (WebCore::HTMLMediaElement::originsInMediaCache): Added.
2013         (WebCore::HTMLMediaElement::clearMediaCache): Added parameter.
2014         (WebCore::HTMLMediaElement::clearMediaCacheForOrigins): Added.
2015         (WebCore::HTMLMediaElement::mediaPlayerMediaCacheDirectory): Added.
2016         (WebCore::HTMLMediaElement::getSitesInMediaCache): Deleted.
2017         (WebCore::HTMLMediaElement::clearMediaCacheForSite): Deleted.
2018         * html/HTMLMediaElement.h:
2019         (WebCore::HTMLMediaElement::clearMediaCache): Added parameter.
2020         * platform/graphics/MediaPlayer.cpp:
2021         (WebCore::addMediaEngine): Add new cache methods.
2022         (WebCore::addToHash): Added.
2023         (WebCore::MediaPlayer::originsInMediaCache): Added.
2024         (WebCore::MediaPlayer::clearMediaCache): Added parameter.
2025         (WebCore::MediaPlayer::clearMediaCacheForOrigins): Added.
2026         (WebCore::MediaPlayer::getSitesInMediaCache): Deleted.
2027         (WebCore::MediaPlayer::clearMediaCacheForSite): Deleted.
2028         * platform/graphics/MediaPlayer.h:
2029         (WebCore::MediaPlayerClient::mediaPlayerMediaCacheDirectory): Added.
2030         * platform/graphics/MediaPlayerPrivate.h:
2031         (WebCore::MediaPlayerPrivateInterface::originsInMediaCache): Added.
2032         (WebCore::MediaPlayerPrivateInterface::clearMediaCache): Added parameter.
2033         (WebCore::MediaPlayerPrivateInterface::clearMediaCacheForOrigins): Added.
2034         (WebCore::MediaPlayerPrivateInterface::getSitesInMediaCache): Deleted.
2035         (WebCore::MediaPlayerPrivateInterface::clearMediaCacheForSite): Deleted.
2036         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
2037         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
2038         (WebCore::MediaPlayerPrivateAVFoundationObjC::registerMediaEngine): Added cache methods.
2039         (WebCore::assetCacheForPath): Added.
2040         (WebCore::MediaPlayerPrivateAVFoundationObjC::originsInMediaCache): Added.
2041         (WebCore::toSystemClockTime): Added.
2042         (WebCore::MediaPlayerPrivateAVFoundationObjC::clearMediaCache): Added parameter.
2043         (WebCore::MediaPlayerPrivateAVFoundationObjC::clearMediaCacheForOrigins): Added.
2044         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVAssetForURL): Added.
2045         * platform/graphics/mac/MediaPlayerPrivateQTKit.h:
2046         * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
2047         (WebCore::MediaPlayerPrivateQTKit::registerMediaEngine): Added cache methods.
2048         (WebCore::MediaPlayerPrivateQTKit::originsInMediaCache): Added.
2049         (WebCore::MediaPlayerPrivateQTKit::clearMediaCache): Added parameter.
2050         (WebCore::MediaPlayerPrivateQTKit::clearMediaCacheForOrigins): Added.
2051         (WebCore::MediaPlayerPrivateQTKit::getSitesInMediaCache): Deleted.
2052         (WebCore::MediaPlayerPrivateQTKit::clearMediaCacheForSite): Deleted.
2053         * platform/spi/mac/AVFoundationSPI.h:
2054
2055 2016-04-11  Commit Queue  <commit-queue@webkit.org>
2056
2057         Unreviewed, rolling out r199310.
2058         https://bugs.webkit.org/show_bug.cgi?id=156483
2059
2060         This change turns many indexeddb tests into crashes (Requested
2061         by jwtan on #webkit).
2062
2063         Reverted changeset:
2064
2065         "Clean up IDBBindingUtilities."
2066         https://bugs.webkit.org/show_bug.cgi?id=156472
2067         http://trac.webkit.org/changeset/199310
2068
2069 2016-04-11  Commit Queue  <commit-queue@webkit.org>
2070
2071         Unreviewed, rolling out r199315.
2072         https://bugs.webkit.org/show_bug.cgi?id=156482
2073
2074         This change broke the OS X Yosemite build. (Requested by jwtan
2075         on #webkit).
2076
2077         Reverted changeset:
2078
2079         "When clearing cache, also clear AVFoundation cache."
2080         https://bugs.webkit.org/show_bug.cgi?id=155783
2081         http://trac.webkit.org/changeset/199315
2082
2083 2016-04-11  Brian Burg  <bburg@apple.com>
2084
2085         Web Inspector: get rid of InspectorBasicValue and InspectorString subclasses
2086         https://bugs.webkit.org/show_bug.cgi?id=156407
2087         <rdar://problem/25627659>
2088
2089         Reviewed by Joseph Pecoraro.
2090
2091         * inspector/InspectorDatabaseAgent.cpp: Don't use deleted subclasses.
2092
2093 2016-04-11  Commit Queue  <commit-queue@webkit.org>
2094
2095         Unreviewed, rolling out r198909.
2096         https://bugs.webkit.org/show_bug.cgi?id=156479
2097
2098         made double-click-and-drag on text drag instead of
2099         highlighting (Requested by alexchristensen_ on #webkit).
2100
2101         Reverted changeset:
2102
2103         "eventMayStartDrag() does not check for shiftKey or
2104         isOverLink"
2105         https://bugs.webkit.org/show_bug.cgi?id=155746
2106         http://trac.webkit.org/changeset/198909
2107
2108 2016-04-11  Chris Dumez  <cdumez@apple.com>
2109
2110         [WebIDL] Add support for [ImplementedAs] for EventHandler attributes
2111         https://bugs.webkit.org/show_bug.cgi?id=156421
2112
2113         Reviewed by Darin Adler.
2114
2115         Add support for [ImplementedAs] for EventHandler attributes so we can
2116         get rid of some ugly name hard-coding in the bindings generator.
2117
2118         * Modules/notifications/Notification.idl:
2119         * bindings/scripts/CodeGeneratorJS.pm:
2120         (EventHandlerAttributeEventName):
2121         * bindings/scripts/test/JS/JSTestObj.cpp:
2122         (WebCore::jsTestObjOnwebkitfoo):
2123         (WebCore::setJSTestObjOnwebkitfoo):
2124         * bindings/scripts/test/TestObj.idl:
2125         * dom/Element.idl:
2126         * page/DOMWindow.idl:
2127
2128 2016-04-11  Jeremy Jones  <jeremyj@apple.com>
2129
2130         When clearing cache, also clear AVFoundation cache.
2131         https://bugs.webkit.org/show_bug.cgi?id=155783
2132         rdar://problem/25252541
2133
2134         Reviewed by Darin Adler.
2135
2136         Use AVAssetCache at a specified location on disk for all AVURLAssets. This AVAssetCache
2137         can then be used to manage the cache storage used by AVFoundation. It is used to query the
2138         contents of the cache in originsInMediaCache() and to clear the cache completely or partially in
2139         clearMediaCache() and clearMediaCacheForOrigins().
2140
2141         Use SecurityOrigin instead of the less formal site String to represent origins in the cache.
2142
2143         * html/HTMLMediaElement.cpp:
2144         (WebCore::sharedMediaCacheDirectory): Added.
2145         (WebCore::HTMLMediaElement::setMediaCacheDirectory): Added.
2146         (WebCore::HTMLMediaElement::mediaCacheDirectory): Added.
2147         (WebCore::HTMLMediaElement::originsInMediaCache): Added.
2148         (WebCore::HTMLMediaElement::clearMediaCache): Added parameter.
2149         (WebCore::HTMLMediaElement::clearMediaCacheForOrigins): Added.
2150         (WebCore::HTMLMediaElement::mediaPlayerMediaCacheDirectory): Added.
2151         (WebCore::HTMLMediaElement::getSitesInMediaCache): Deleted.
2152         (WebCore::HTMLMediaElement::clearMediaCacheForSite): Deleted.
2153         * html/HTMLMediaElement.h:
2154         (WebCore::HTMLMediaElement::clearMediaCache): Added parameter.
2155         * platform/graphics/MediaPlayer.cpp:
2156         (WebCore::addMediaEngine): Add new cache methods.
2157         (WebCore::addToHash): Added.
2158         (WebCore::MediaPlayer::originsInMediaCache): Added.
2159         (WebCore::MediaPlayer::clearMediaCache): Added parameter.
2160         (WebCore::MediaPlayer::clearMediaCacheForOrigins): Added.
2161         (WebCore::MediaPlayer::getSitesInMediaCache): Deleted.
2162         (WebCore::MediaPlayer::clearMediaCacheForSite): Deleted.
2163         * platform/graphics/MediaPlayer.h:
2164         (WebCore::MediaPlayerClient::mediaPlayerMediaCacheDirectory): Added.
2165         * platform/graphics/MediaPlayerPrivate.h:
2166         (WebCore::MediaPlayerPrivateInterface::originsInMediaCache): Added.
2167         (WebCore::MediaPlayerPrivateInterface::clearMediaCache): Added parameter.
2168         (WebCore::MediaPlayerPrivateInterface::clearMediaCacheForOrigins): Added.
2169         (WebCore::MediaPlayerPrivateInterface::getSitesInMediaCache): Deleted.
2170         (WebCore::MediaPlayerPrivateInterface::clearMediaCacheForSite): Deleted.
2171         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
2172         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
2173         (WebCore::MediaPlayerPrivateAVFoundationObjC::registerMediaEngine): Added cache methods.
2174         (WebCore::assetCacheForPath): Added.
2175         (WebCore::MediaPlayerPrivateAVFoundationObjC::originsInMediaCache): Added.
2176         (WebCore::toSystemClockTime): Added.
2177         (WebCore::MediaPlayerPrivateAVFoundationObjC::clearMediaCache): Added parameter.
2178         (WebCore::MediaPlayerPrivateAVFoundationObjC::clearMediaCacheForOrigins): Added.
2179         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVAssetForURL): Added.
2180         * platform/graphics/mac/MediaPlayerPrivateQTKit.h:
2181         * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
2182         (WebCore::MediaPlayerPrivateQTKit::registerMediaEngine): Added cache methods.
2183         (WebCore::MediaPlayerPrivateQTKit::originsInMediaCache): Added.
2184         (WebCore::MediaPlayerPrivateQTKit::clearMediaCache): Added parameter.
2185         (WebCore::MediaPlayerPrivateQTKit::clearMediaCacheForOrigins): Added.
2186         (WebCore::MediaPlayerPrivateQTKit::getSitesInMediaCache): Deleted.
2187         (WebCore::MediaPlayerPrivateQTKit::clearMediaCacheForSite): Deleted.
2188         * platform/spi/mac/AVFoundationSPI.h:
2189
2190 2016-04-11  Antoine Quint  <graouts@apple.com>
2191
2192         [WebGL2] Use Open GL ES 3.0 to back WebGL2 contexts
2193         https://bugs.webkit.org/show_bug.cgi?id=141178
2194
2195         Reviewed by Dean Jackson.
2196
2197         We add a new `useGLES3` attribute when creating a GraphicsContext3D in the event that the
2198         context type is "webgl2". This attribute is then read by the GraphicsContext3D constructor
2199         to request an Open GL ES 3.0 backend when creating the EAGLContext on iOS.
2200
2201         * html/canvas/WebGLRenderingContextBase.cpp:
2202         (WebCore::WebGLRenderingContextBase::create):
2203         * platform/graphics/GraphicsContext3D.h:
2204         (WebCore::GraphicsContext3D::Attributes::Attributes):
2205         * platform/graphics/mac/GraphicsContext3DMac.mm:
2206         (WebCore::GraphicsContext3D::GraphicsContext3D):
2207
2208 2016-04-11  Jiewen Tan  <jiewen_tan@apple.com>
2209
2210         fast/loader/opaque-base-url.html crashing during mac and ios debug tests
2211         https://bugs.webkit.org/show_bug.cgi?id=156179
2212         <rdar://problem/25507719>
2213
2214         Reviewed by Ryosuke Niwa.
2215
2216         Navigate to about:blank if the provided src of an iframe/frame cannot be
2217         resolved to a valid URL.
2218
2219         Test: fast/loader/iframe-src-invalid-url.html
2220
2221         * loader/SubframeLoader.cpp:
2222         (WebCore::SubframeLoader::requestFrame):
2223
2224 2016-04-11  Said Abou-Hallawa  <sabouhallawa@apple,com>
2225
2226         Merge CG ImageSource and non CG ImageSource implementation in one file
2227         https://bugs.webkit.org/show_bug.cgi?id=155456
2228
2229         Reviewed by Darin Adler.
2230
2231         ImageSource for CG and CG code paths look very similar. All the platform
2232         specific code can be moved to ImageDecoder classes for CG and non CG. And
2233         we can have the ImageSource be platform independent and we get rid of
2234         ImageSourceCG.cpp.
2235
2236         Test: fast/images/image-subsampling.html
2237
2238         * CMakeLists.txt:
2239         * PlatformAppleWin.cmake:
2240         * PlatformMac.cmake:
2241         * WebCore.xcodeproj/project.pbxproj:
2242         Delete ImageSourceCG.cpp form all make files and add ImageSource.cpp to
2243         CMakeLists.txt.
2244         
2245         * platform/Cursor.cpp:
2246         (WebCore::determineHotSpot):
2247         * platform/graphics/BitmapImage.cpp:
2248         (WebCore::BitmapImage::hotSpot):
2249         (WebCore::BitmapImage::getHotSpot): Deleted.
2250         * platform/graphics/BitmapImage.h:
2251         * platform/graphics/Image.h:
2252         (WebCore::Image::hotSpot):
2253         (WebCore::Image::getHotSpot): Deleted.
2254         Rename getHotSpot() to hotSpot() and change it to return Optional<IntPoint>.
2255         
2256         * platform/graphics/ImageSource.cpp:
2257         (WebCore::ImageSource::~ImageSource): Remove clear(true) call. It does nothing.
2258         (WebCore::ImageSource::clearFrameBufferCache): A wrapper which calls ImageDecoder::clearFrameBufferCache().
2259         (WebCore::ImageSource::clear): Calls clearFrameBufferCache() which will do nothing for CG.
2260         
2261         (WebCore::ImageSource::ensureDecoderIsCreated): Change SharedBuffer* to
2262         const SharedBuffer& and remove the call to ImageDecoder::setMaxNumPixels().
2263         The value of const static int CG ImageDecoder::m_maxNumPixels will be set
2264         based on IMAGE_DECODER_DOWN_SAMPLING.
2265         
2266         (WebCore::ImageSource::setData): Pass SharedBuffer& to the underlying functions.
2267         
2268         (WebCore::ImageSource::calculateMaximumSubsamplingLevel): Returns the maximum
2269         subsampling level allowed for an image.
2270         
2271         (WebCore::ImageSource::subsamplingLevelForScale): Converts from a scale to
2272         SubsamplingLevel taking into consideration the maximumSubsamplingLevel for
2273         a particular image.
2274         
2275         (WebCore::ImageSource::bytesDecodedToDetermineProperties): Returns the number
2276         of encoded bytes which can determine the image properties. For non CG it's
2277         zero. For CG it is a maximum value which can be corrected later.
2278         
2279         (WebCore::ImageSource::isSizeAvailable):
2280         (WebCore::ImageSource::sizeRespectingOrientation):
2281         (WebCore::ImageSource::frameCount):
2282         (WebCore::ImageSource::repetitionCount):
2283         (WebCore::ImageSource::filenameExtension):
2284         (WebCore::ImageSource::getHotSpot):
2285         (WebCore::ImageSource::frameIsCompleteAtIndex):
2286         (WebCore::ImageSource::frameHasAlphaAtIndex):
2287         (WebCore::ImageSource::allowSubsamplingOfFrameAtIndex):
2288         (WebCore::ImageSource::frameSizeAtIndex):
2289         (WebCore::ImageSource::frameBytesAtIndex):
2290         (WebCore::ImageSource::frameDurationAtIndex):
2291         (WebCore::ImageSource::orientationAtIndex):
2292         (WebCore::ImageSource::createFrameImageAtIndex):
2293         These are wrappers for the ImageDecoder APIs. The purpose of these functions
2294         is to ensure the ImageDecoder is created.
2295         
2296         (WebCore::ImageSource::dump): Called from BitmapImage::dump().
2297         
2298         (WebCore::ImageSource::getHotSpot): Deleted.
2299         
2300         * platform/graphics/ImageSource.h:
2301         (WebCore::ImageSource::setAllowSubsampling): Called from BitmapImage::setAllowSubsampling().
2302         
2303         (WebCore::ImageSource::maxPixelsPerDecodedImage): Deleted.
2304         (WebCore::ImageSource::setMaxPixelsPerDecodedImage): Deleted.
2305         Setting maxPixelsPerDecodedImage was moved to the non CG ImageDecoder.
2306         
2307         * platform/graphics/cg/ImageDecoderCG.cpp:
2308         (WebCore::ImageDecoder::setData): Change SharedBuffer* to SharedBuffer&.
2309
2310         (WebCore::ImageDecoder::subsamplingLevelForScale): Deleted.
2311         The code was moved to ImageSource::subsamplingLevelForScale().
2312         
2313         * platform/graphics/cg/ImageDecoderCG.h:
2314         (WebCore::ImageDecoder::create): Make the prototype of this function
2315         suitable for CG and non CG cases.
2316         (WebCore::ImageDecoder::clearFrameBufferCache): Empty functions for CG.
2317         
2318         * platform/graphics/cg/ImageSourceCG.cpp: Removed.
2319         
2320         * platform/image-decoders/ImageDecoder.cpp:
2321         (WebCore::ImageDecoder::frameIsCompleteAtIndex): A mew function to return
2322         whether the frame decoding is complete or not.
2323         
2324         (WebCore::ImageDecoder::frameHasAlphaAtIndex): Simplify the logic.
2325         
2326         (WebCore::ImageDecoder::frameDurationAtIndex): The code was moved from
2327         ImageSource::frameDurationAtIndex() in ImageSource.cpp.
2328         
2329         (WebCore::ImageDecoder::createFrameImageAtIndex): The code was moved from
2330         ImageSource::createFrameImageAtIndex() in ImageSource.cpp.
2331         
2332         * platform/image-decoders/ImageDecoder.h:
2333         (WebCore::ImageDecoder::ImageDecoder): Initialize the members in class.
2334         (WebCore::ImageDecoder::~ImageDecoder): Fix the braces style.
2335         (WebCore::ImageDecoder::setData): Change the type of the argument from
2336         SharedBuffer* to SharedBuffer&.
2337         (WebCore::ImageDecoder::frameSizeAtIndex): Add the argument SubsamplingLevel
2338         so it can have the same prototype as CG.
2339         (WebCore::ImageDecoder::orientationAtIndex): Rename it to the same of CG.
2340         
2341         (WebCore::ImageDecoder::allowSubsamplingOfFrameAtIndex):
2342         (WebCore::ImageDecoder::bytesDecodedToDetermineProperties):
2343         (WebCore::ImageDecoder::subsamplingLevelForScale): Add these functions
2344         and return the default values so we do not have to add directive compiled
2345         non CG blocks in ImageSource.cpp.
2346
2347         (WebCore::ImageDecoder::hotSpot): Return Optional<IntPoint>.
2348         
2349         (WebCore::ImageDecoder::orientation): Deleted.
2350         (WebCore::ImageDecoder::setMaxNumPixels): Deleted.
2351         
2352         * platform/image-decoders/bmp/BMPImageDecoder.cpp:
2353         (WebCore::BMPImageDecoder::setData):
2354         * platform/image-decoders/bmp/BMPImageDecoder.h:
2355         * platform/image-decoders/gif/GIFImageDecoder.cpp:
2356         (WebCore::GIFImageDecoder::setData):
2357         (WebCore::GIFImageDecoder::decode):
2358         * platform/image-decoders/gif/GIFImageDecoder.h:
2359         * platform/image-decoders/gif/GIFImageReader.h:
2360         (GIFImageReader::setData):
2361         * platform/image-decoders/ico/ICOImageDecoder.cpp:
2362         (WebCore::ICOImageDecoder::setData):
2363         Use reference SharedBuffer instead of pointer SharedBuffer.
2364         
2365         (WebCore::ICOImageDecoder::hotSpot):
2366         (WebCore::ICOImageDecoder::hotSpotAtIndex):
2367         Change hotSpot() to return Optional<IntPoint>.
2368         * platform/image-decoders/ico/ICOImageDecoder.h:
2369                 
2370         (WebCore::ICOImageDecoder::setDataForPNGDecoderAtIndex):
2371         Pass reference SharedBuffer instead of pointer SharedBuffer.
2372
2373 2016-04-08  Said Abou-Hallawa  <sabouhallawa@apple,com>
2374
2375         Timing attack on SVG feComposite filter circumvents same-origin policy
2376         https://bugs.webkit.org/show_bug.cgi?id=154338
2377
2378         Reviewed by Oliver Hunt.
2379
2380         Ensure the FEComposite arithmetic filter is clamping the resulted color
2381         components in a constant time.
2382
2383         * platform/graphics/filters/FEComposite.cpp:
2384         (WebCore::clampByte):
2385         (WebCore::computeArithmeticPixels):
2386
2387 2016-04-11  Brady Eidson  <beidson@apple.com>
2388
2389         Clean up IDBBindingUtilities.
2390         https://bugs.webkit.org/show_bug.cgi?id=156472
2391
2392         Reviewed by Alex Christensen.
2393
2394         No new tests (No change in behavior).
2395
2396         - Get rid of a whole bunch of unused functions (since we got rid of Legacy IDB).
2397         - Make more functions deal in ExecState/ScriptExecutionContexts instead of DOMRequestState.
2398         - Make more functions deal in JSValue instead of Deprecated::ScriptValue.
2399
2400         * bindings/scripts/IDLAttributes.txt: Add a new attribute to signify that an implementation returns
2401           JSValues instead of Deprecated::ScriptState
2402         * bindings/scripts/CodeGeneratorJS.pm:
2403         (NativeToJSValue): Use that new attribute.
2404         
2405         * Modules/indexeddb/IDBAny.cpp:
2406         (WebCore::IDBAny::IDBAny):
2407         (WebCore::IDBAny::scriptValue):
2408         * Modules/indexeddb/IDBAny.h:
2409         (WebCore::IDBAny::create):
2410         * Modules/indexeddb/IDBCursor.cpp:
2411         (WebCore::IDBCursor::key):
2412         (WebCore::IDBCursor::primaryKey):
2413         (WebCore::IDBCursor::value):
2414         (WebCore::IDBCursor::update):
2415         (WebCore::IDBCursor::continueFunction):
2416         (WebCore::IDBCursor::deleteFunction):
2417         (WebCore::IDBCursor::setGetResult):
2418         * Modules/indexeddb/IDBCursor.h:
2419         * Modules/indexeddb/IDBCursor.idl:
2420         * Modules/indexeddb/IDBCursorWithValue.idl:
2421         * Modules/indexeddb/IDBFactory.cpp:
2422         (WebCore::IDBFactory::cmp):
2423         * Modules/indexeddb/IDBIndex.cpp:
2424         (WebCore::IDBIndex::count):
2425         (WebCore::IDBIndex::get):
2426         (WebCore::IDBIndex::getKey):
2427         * Modules/indexeddb/IDBKeyRange.cpp:
2428         (WebCore::IDBKeyRange::lowerValue):
2429         (WebCore::IDBKeyRange::upperValue):
2430         (WebCore::IDBKeyRange::only):
2431         (WebCore::IDBKeyRange::lowerBound):
2432         (WebCore::IDBKeyRange::upperBound):
2433         (WebCore::IDBKeyRange::bound):
2434         * Modules/indexeddb/IDBKeyRange.h:
2435         * Modules/indexeddb/IDBKeyRange.idl:
2436         * Modules/indexeddb/IDBObjectStore.cpp:
2437         (WebCore::IDBObjectStore::get):
2438         (WebCore::IDBObjectStore::modernDelete):
2439         (WebCore::IDBObjectStore::count):
2440         * Modules/indexeddb/IDBRequest.cpp:
2441         (WebCore::IDBRequest::setResult):
2442         (WebCore::IDBRequest::setResultToStructuredClone):
2443         * Modules/indexeddb/server/MemoryObjectStore.cpp:
2444         (WebCore::IDBServer::MemoryObjectStore::updateIndexesForPutRecord):
2445         (WebCore::IDBServer::MemoryObjectStore::populateIndexWithExistingRecords):
2446         * bindings/js/IDBBindingUtilities.cpp:
2447         (WebCore::idbKeyPathFromValue):
2448         (WebCore::deserializeIDBValueDataToJSValue):
2449         (WebCore::scriptValueToIDBKey):
2450         (WebCore::idbKeyDataToScriptValue):
2451         (WebCore::idbKeyDataToJSValue): Deleted.
2452         (WebCore::injectIDBKeyIntoScriptValue): Deleted.
2453         (WebCore::createIDBKeyFromScriptValueAndKeyPath): Deleted.
2454         (WebCore::maybeCreateIDBKeyFromScriptValueAndKeyPath): Deleted.
2455         (WebCore::canInjectIDBKeyIntoScriptValue): Deleted.
2456         (WebCore::deserializeIDBValue): Deleted.
2457         (WebCore::deserializeIDBValueData): Deleted.
2458         (WebCore::deserializeIDBValueBuffer): Deleted.
2459         (WebCore::idbValueDataToJSValue): Deleted.
2460         (WebCore::idbKeyToScriptValue): Deleted.
2461         * bindings/js/IDBBindingUtilities.h:
2462         * bindings/js/JSIDBAnyCustom.cpp:
2463         (WebCore::toJS):
2464         * bindings/js/JSIDBDatabaseCustom.cpp:
2465         (WebCore::JSIDBDatabase::createObjectStore):
2466         * bindings/js/JSIDBObjectStoreCustom.cpp:
2467         (WebCore::JSIDBObjectStore::createIndex):
2468         * dom/ScriptExecutionContext.cpp:
2469         (WebCore::ScriptExecutionContext::execState):
2470         * dom/ScriptExecutionContext.h:
2471         * inspector/InspectorIndexedDBAgent.cpp:
2472
2473 2016-04-09  Gavin Barraclough  <barraclough@apple.com>
2474
2475         WebKit should adopt journal_mode=wal for all SQLite databases.
2476         https://bugs.webkit.org/show_bug.cgi?id=133496
2477
2478         Reviewed by Darin Adler.
2479
2480         The statement intended to enable WAL mode is always failing because it is missing a
2481         prepare(). Fix this. We were also previously permitting SQLITE_OK results - this
2482         was in error (we were only getting these because stepping the unprepared statement
2483         returned SQLITE_OK). Also set the SQLITE_OPEN_AUTOPROXY flag when opening the
2484         database - this will improve perfomance when the database is accessed via an AFP
2485         mount.
2486
2487         This exposed a bug, that deleteAllDatabases does not actually delete the databases on
2488         iOS, for testing to reset back to a known state between tests it should be doing so.
2489
2490         * Modules/webdatabase/DatabaseTracker.cpp:
2491         (WebCore::DatabaseTracker::deleteAllDatabases):
2492             - force databases to actually be deleted on iOS.
2493               This method is only used from testing code (DumpRenderTree / WebKitTestRunner).
2494         (WebCore::DatabaseTracker::deleteOrigin):
2495             - added IOSDeletionMode.
2496         (WebCore::DatabaseTracker::deleteDatabaseFile):
2497             - added IOSDeletionMode, modified to actually delete if this is set.
2498         * Modules/webdatabase/DatabaseTracker.h:
2499             - added IOSDeletionMode.
2500         * platform/sql/SQLiteDatabase.cpp:
2501         (WebCore::SQLiteDatabase::open):
2502             - call prepareAndStep(), only check for SQLITE_ROW result.
2503         * platform/sql/SQLiteFileSystem.cpp:
2504         (WebCore::SQLiteFileSystem::openDatabase):
2505             - should set SQLITE_OPEN_AUTOPROXY flag when opening database.
2506
2507 2016-04-11  Zalan Bujtas  <zalan@apple.com>
2508
2509         Simplify InlineTextBox::selectionStartEnd()
2510         https://bugs.webkit.org/show_bug.cgi?id=156459
2511
2512         Reviewed by Darin Adler.
2513
2514         No change in functionality.
2515
2516         * rendering/InlineTextBox.cpp:
2517         (WebCore::InlineTextBox::selectionState):
2518         (WebCore::InlineTextBox::paint):
2519         (WebCore::InlineTextBox::selectionStartEnd):
2520         (WebCore::InlineTextBox::paintSelection):
2521         (WebCore::InlineTextBox::paintCompositionBackground):
2522         * rendering/InlineTextBox.h:
2523         * rendering/svg/SVGInlineTextBox.cpp:
2524         (WebCore::SVGInlineTextBox::paintSelectionBackground):
2525         (WebCore::SVGInlineTextBox::paintText):
2526
2527 2016-04-11  Zalan Bujtas  <zalan@apple.com>
2528
2529         REGRESSION (r193857): Text selection causes text to disappear.
2530         https://bugs.webkit.org/show_bug.cgi?id=156448
2531         rdar://problem/25578952
2532
2533         Reviewed by Simon Fraser.
2534
2535         Apparently when the end position of the selection range is smaller than the start position, we need
2536         to repaint the entire text as it indicates selection clearing.
2537
2538         Test: fast/text/text-disappear-on-deselect.html
2539
2540         * rendering/TextPainter.cpp:
2541         (WebCore::TextPainter::paintText):
2542
2543 2016-04-05  Oliver Hunt  <oliver@apple.com>
2544
2545         Remove compile time define for SEPARATED_HEAP
2546         https://bugs.webkit.org/show_bug.cgi?id=155508
2547
2548         Reviewed by Mark Lam.
2549
2550         * Configurations/FeatureDefines.xcconfig:
2551
2552 2016-04-11  Chris Dumez  <cdumez@apple.com>
2553
2554         Merge AttributedDOMTokenList into DOMTokenList
2555         https://bugs.webkit.org/show_bug.cgi?id=156468
2556
2557         Reviewed by Ryosuke Niwa.
2558
2559         Merge AttributedDOMTokenList into DOMTokenList to simplify the code.
2560         DOMTokenList is not constructible and AttributedDOMTokenList is its
2561         only constructible subclass after r196123.
2562
2563         * CMakeLists.txt:
2564         * WebCore.xcodeproj/project.pbxproj:
2565         * dom/Element.cpp:
2566         (WebCore::Element::classList):
2567         * dom/ElementRareData.h:
2568         (WebCore::ElementRareData::classList):
2569         (WebCore::ElementRareData::setClassList):
2570         * html/AttributeDOMTokenList.cpp: Removed.
2571         * html/AttributeDOMTokenList.h: Removed.
2572         * html/DOMTokenList.cpp:
2573         (WebCore::DOMTokenList::DOMTokenList):
2574         (WebCore::DOMTokenList::attributeValueChanged):
2575         (WebCore::DOMTokenList::updateAfterTokenChange):
2576         * html/DOMTokenList.h:
2577         (WebCore::DOMTokenList::ref):
2578         (WebCore::DOMTokenList::deref):
2579         (WebCore::DOMTokenList::element):
2580         (WebCore::DOMTokenList::~DOMTokenList): Deleted.
2581         (WebCore::DOMTokenList::updateAfterTokenChange): Deleted.
2582         * html/HTMLAnchorElement.cpp:
2583         (WebCore::HTMLAnchorElement::relList):
2584         * html/HTMLAnchorElement.h:
2585         * html/HTMLIFrameElement.cpp:
2586         (WebCore::HTMLIFrameElement::sandbox):
2587         * html/HTMLIFrameElement.h:
2588         * html/HTMLLinkElement.cpp:
2589         (WebCore::HTMLLinkElement::sizes):
2590         (WebCore::HTMLLinkElement::relList):
2591         * html/HTMLLinkElement.h:
2592         * html/HTMLOutputElement.cpp:
2593         (WebCore::HTMLOutputElement::htmlFor):
2594         * html/HTMLOutputElement.h:
2595
2596 2016-04-11  Chris Dumez  <cdumez@apple.com>
2597
2598         DOMTokenList.contains() should not throw
2599         https://bugs.webkit.org/show_bug.cgi?id=156453
2600
2601         Reviewed by Ryosuke Niwa.
2602
2603         DOMTokenList.contains() should not throw if the input token is invalid:
2604         https://github.com/whatwg/dom/commit/6d3076e3cbcba662489b272a718bc6b8c0082a74
2605
2606         We now return false in such cases, instead of throwing, which should be
2607         safe with regards to backward compatibility.
2608
2609         No new tests, already covered by existing tests.
2610
2611         * html/DOMTokenList.cpp:
2612         (WebCore::DOMTokenList::contains):
2613         * html/DOMTokenList.h:
2614         * html/DOMTokenList.idl:
2615
2616 2016-04-11  Frederic Wang  <fwang@igalia.com>
2617
2618         Refactor RenderMathMLFraction layout to avoid using flexbox
2619         https://bugs.webkit.org/show_bug.cgi?id=153917
2620
2621         Reviewed by Sergio Villar Senin.
2622
2623         Based on a patch by Alejandro G. Castro <alex@igalia.com>
2624
2625         Implement the layoutBlock method to handle the layout calculations
2626         directly in the class. This also fixes parsing of absolute values for
2627         linethickness attribute (e.g. 10px) and adds support for the AxisHeight
2628         and FractionRuleThickness MATH parameters.
2629
2630         Test: mathml/opentype/fraction-line.html
2631
2632         * accessibility/AccessibilityRenderObject.cpp:
2633         (WebCore::AccessibilityRenderObject::mathLineThickness): Use the thickness relative to the
2634         default line thickness since that's really what is expected by mathml-line-fraction.html
2635         * css/mathml.css: Remove flexbox properties for mfrac.
2636         (mfrac): Deleted.
2637         (mfrac > *): Deleted.
2638         (mfrac[numalign="left"] > :first-child): Deleted.
2639         (mfrac[numalign="right"] > :first-child): Deleted.
2640         (mfrac[denomalign="left"] > :last-child): Deleted.
2641         (mfrac[denomalign="right"] > :last-child): Deleted.
2642         (mfrac > :first-child): Deleted.
2643         (mfrac > :last-child): Deleted.
2644         (mfrac): Deleted.
2645         * rendering/mathml/RenderMathMLBlock.cpp: Introduce a helper function to retrieve the math
2646         axis height.
2647         (WebCore::RenderMathMLBlock::mathAxisHeight):
2648         * rendering/mathml/RenderMathMLBlock.h: Declare mathAxisHeight.
2649         * rendering/mathml/RenderMathMLFraction.cpp:
2650         (WebCore::RenderMathMLFraction::RenderMathMLFraction):
2651         (WebCore::RenderMathMLFraction::parseAlignmentAttribute): Helper function to parse the align
2652         attribute.
2653         (WebCore::RenderMathMLFraction::isValid): Helper function to verify whether the child list
2654         is valid with respect to the MathML specificitation.
2655         (WebCore::RenderMathMLFraction::numerator): Helper function to retrieve the numerator.
2656         (WebCore::RenderMathMLFraction::denominator): Helper function to retrieve the denominator.
2657         (WebCore::RenderMathMLFraction::updateFromElement): Use the FractionRuleThickness parameter
2658         when avaiable to calculate the default linethickness.
2659         Fix computation of linethickness for absolute values (e.g. 10px), the default linethickness
2660         must not be involved for such values.
2661         We no longer need to manage style of anonymous wrappers.
2662         (WebCore::RenderMathMLFraction::unembellishedOperator): Use the helper function and we no
2663         longer care about anonymous wrappers.
2664         (WebCore::RenderMathMLFraction::computePreferredLogicalWidths): Implement this function
2665         without using flexbox.
2666         (WebCore::RenderMathMLFraction::horizontalOffset): Helper function to get the horizontal
2667         offsets of children depending of the alignment.
2668         (WebCore::RenderMathMLFraction::layoutBlock): Implement this function without using flexbox.
2669         (WebCore::RenderMathMLFraction::paint): Do not paint if the fraction is invalid. Use helper
2670         function. Use the width of the renderer (instead of the one of the denominator) as the
2671         length of the fraction bar.
2672         (WebCore::RenderMathMLFraction::firstLineBaseline): Use the helper functions to get children
2673         and axis height.
2674         (WebCore::RenderMathMLFraction::paintChildren): Temporary function to remove in a
2675         follow-up patch.
2676         (WebCore::RenderMathMLFraction::fixChildStyle): Deleted. We no longer need to manage style
2677         of anonymous wrappers.
2678         (WebCore::RenderMathMLFraction::addChild): Deleted. We no longer need to manage
2679         anonymous wrappers.
2680         (WebCore::RenderMathMLFraction::styleDidChange): We no longer need to manage style of
2681         anonymous wrappers.
2682         (WebCore::RenderMathMLFraction::layout): Deleted.
2683         * rendering/mathml/RenderMathMLFraction.h: Replace lineThickness with relativeLineThickness,
2684         as needed by the accessibility code. Update function and members declarations.
2685
2686 2016-04-11  Commit Queue  <commit-queue@webkit.org>
2687
2688         Unreviewed, rolling out r199290.
2689         https://bugs.webkit.org/show_bug.cgi?id=156465
2690
2691         broke 300 tests (Requested by mcatanzaro on #webkit).
2692
2693         Reverted changeset:
2694
2695         "Merge CG ImageSource and non CG ImageSource implementation in
2696         one file"
2697         https://bugs.webkit.org/show_bug.cgi?id=155456
2698         http://trac.webkit.org/changeset/199290
2699
2700 2016-04-11  Frederic Wang  <fwang@igalia.com>
2701
2702         Refactor RenderMathMLUnderOver layout functions to avoid using flexbox
2703         https://bugs.webkit.org/show_bug.cgi?id=153742
2704
2705         Reviewed by Sergio Villar Senin.
2706
2707         Based on a patch by Javier Fernandez <jfernandez@igalia.com>
2708
2709         Refactor the UnderOver renderer to use its own layoutBlock method that
2710         does all the layout calculations without considering the flexbox
2711         restrictions.
2712
2713         * css/mathml.css:
2714         (mo, mfrac, munder, mover, munderover): Delete the underover elements from the line defining
2715         the column direction.
2716         (munder, mover, munderover): Deleted. This flexbox property is no longer needed.
2717         (mover > :last-child, munderover > :last-child): Deleted. This flexbox property is no longer
2718         needed.
2719         * rendering/mathml/RenderMathMLUnderOver.cpp:
2720         (WebCore::RenderMathMLUnderOver::firstLineBaseline): Use ascentForChild.
2721         (WebCore::RenderMathMLUnderOver::computeOperatorsHorizontalStretch): Avoid stretching
2722         operators that are not stretchy.
2723         (WebCore::RenderMathMLUnderOver::isValid): Helper function to ensure that the child list is
2724         valid with respect to the MathML specification.
2725         (WebCore::RenderMathMLUnderOver::base): Added. Helper function.
2726         (WebCore::RenderMathMLUnderOver::under): Added. Helper function.
2727         (WebCore::RenderMathMLUnderOver::over): Added. Helper function.
2728         (WebCore::RenderMathMLUnderOver::computePreferredLogicalWidths): Added.
2729         The preferred width is the maximum preferred width of the base, under and over scripts.
2730         (WebCore::RenderMathMLUnderOver::horizontalOffset): Added, helper to calculate the
2731         horizontal position of children (horizontally centered).
2732         (WebCore::RenderMathMLUnderOver::layoutBlock): Added, it lays out the base, underscript and
2733         overscript. It calculates the exact logical width, which may differ from the preferred width when
2734         one child contains stretchy operators. It later sets the locations of children accordingly
2735         and sets the heigth of the render element.
2736         (WebCore::RenderMathMLUnderOver::paintChildren): Added, we have to use the usual traverse
2737         instead of the one that comes from the flexbox. This will be removed in a follow-up patch.
2738         (WebCore::RenderMathMLUnderOver::layout): Deleted.
2739         * rendering/mathml/RenderMathMLUnderOver.h: Added new functions definitions.
2740
2741 2016-04-07  Carlos Garcia Campos  <cgarcia@igalia.com>
2742
2743         [GTK] Rework the theming code for GTK+ 3.20
2744         https://bugs.webkit.org/show_bug.cgi?id=156333
2745
2746         Reviewed by Michael Catanzaro.
2747
2748         During the 3.19 GTK+ release cycle, the GTK+ css system was reworked, making themes and programs rendering
2749         themed widgets, incompatible with the new system. We were trying to fix our rendering every time GTK+ broke
2750         something, but we were just changing whatever it was needed to make our rendering look like current GTK+ with
2751         the default theme Adwaita. This means that our rendering will be broken for other themes or that changes in
2752         Adwaita can break our rendering. This solution was good enough to ensure WebKitGTK+ 2.12 looked good with GTK+
2753         3.20, but it doesn't work in the long term. We need to ensure that our theming code honors the new GTK+ CSS
2754         properties (max-width, min-width, margin, padding, border, ...) in all the cases, not only the cases where
2755         Adwaita uses them like we currently do.
2756         This patch splits all rendering methods to keep the current code for previous GTK+ versions and adds new code
2757         for GTK+ >= 3.20 using the new RenderThemeGadget classes. This makes the code easier to read, since there aren't
2758         ifdef blocks in the functions, and we ensure we don't break previous rendering.
2759
2760         * PlatformGTK.cmake: Add new files to compilation.
2761         * html/shadow/SpinButtonElement.cpp:
2762         (WebCore::SpinButtonElement::defaultEventHandler): Check the button layout used by the theme to decide the
2763         current buttons state.
2764         * platform/gtk/RenderThemeGadget.cpp: Added.
2765         (WebCore::RenderThemeGadget::create):
2766         (WebCore::createStyleContext):
2767         (WebCore::appendElementToPath):
2768         (WebCore::RenderThemeGadget::RenderThemeGadget):
2769         (WebCore::RenderThemeGadget::~RenderThemeGadget):
2770         (WebCore::RenderThemeGadget::marginBox):
2771         (WebCore::RenderThemeGadget::borderBox):
2772         (WebCore::RenderThemeGadget::paddingBox):
2773         (WebCore::RenderThemeGadget::contentsBox):
2774         (WebCore::RenderThemeGadget::color):
2775         (WebCore::RenderThemeGadget::backgroundColor):
2776         (WebCore::RenderThemeGadget::minimumSize):
2777         (WebCore::RenderThemeGadget::preferredSize):
2778         (WebCore::RenderThemeGadget::render):
2779         (WebCore::RenderThemeGadget::renderFocus):
2780         (WebCore::RenderThemeBoxGadget::RenderThemeBoxGadget):
2781         (WebCore::RenderThemeTextFieldGadget::RenderThemeTextFieldGadget):
2782         (WebCore::RenderThemeTextFieldGadget::minimumSize):
2783         (WebCore::RenderThemeToggleGadget::RenderThemeToggleGadget):
2784         (WebCore::RenderThemeToggleGadget::render):
2785         (WebCore::RenderThemeArrowGadget::RenderThemeArrowGadget):
2786         (WebCore::RenderThemeArrowGadget::render):
2787         (WebCore::RenderThemeIconGadget::RenderThemeIconGadget):
2788         (WebCore::RenderThemeIconGadget::gtkIconSizeForPixelSize):
2789         (WebCore::RenderThemeIconGadget::render):
2790         (WebCore::RenderThemeIconGadget::minimumSize):
2791         * platform/gtk/RenderThemeGadget.h: Added.
2792         (WebCore::RenderThemeGadget::context):
2793         * rendering/RenderTheme.h:
2794         (WebCore::RenderTheme::innerSpinButtonLayout): Added this method to allow themes use a different layout for the
2795         buttons.
2796         * rendering/RenderThemeGtk.cpp:
2797         (WebCore::themeChangedCallback): Just moved this code to a common place.
2798         (WebCore::RenderThemeGtk::RenderThemeGtk): Initialize the theme monitor in the constructor.
2799         (WebCore::createStyleContext): Remove the render parts that are specific to GTK+ 3.20.
2800         (WebCore::RenderThemeGtk::adjustRepaintRect): Moved inside a GTK+ < 3.20 ifdef block.
2801         (WebCore::themePartStateFlags): Helper function to get the GtkStateFlags of a theme part for a given RenderObject.
2802         (WebCore::shrinkToMinimumSizeAndCenterRectangle): Move this common code to a helper function.
2803         (WebCore::setToggleSize):
2804         (WebCore::paintToggle):
2805         (WebCore::RenderThemeGtk::paintButton):
2806         (WebCore::RenderThemeGtk::popupInternalPaddingBox):
2807         (WebCore::RenderThemeGtk::paintMenuList):
2808         (WebCore::RenderThemeGtk::adjustTextFieldStyle): For GTK+ 3.20 we need to ensure a minimum size for spin buttons,
2809         so if the text field is for a spin button, we adjust the desired size here.
2810         (WebCore::RenderThemeGtk::paintTextField): In GTK+ 3.20 the CSS gadgets used to render spin buttons are
2811         different, so we check here if this is the entry of a spin button to use the right gadgets.
2812         (WebCore::adjustSearchFieldIconStyle):
2813         (WebCore::RenderThemeGtk::paintTextArea):
2814         (WebCore::RenderThemeGtk::adjustSearchFieldResultsButtonStyle):
2815         (WebCore::RenderThemeGtk::paintSearchFieldResultsButton):
2816         (WebCore::RenderThemeGtk::adjustSearchFieldResultsDecorationPartStyle):
2817         (WebCore::RenderThemeGtk::adjustSearchFieldCancelButtonStyle):
2818         (WebCore::paintSearchFieldIcon):
2819         (WebCore::RenderThemeGtk::paintSearchFieldResultsDecorationPart):
2820         (WebCore::RenderThemeGtk::paintSearchFieldCancelButton):
2821         (WebCore::centerRectVerticallyInParentInputElement): Moved inside a GTK+ < 3.20 ifdef block.
2822         (WebCore::RenderThemeGtk::paintSliderTrack):
2823         (WebCore::RenderThemeGtk::adjustSliderThumbSize):
2824         (WebCore::RenderThemeGtk::paintSliderThumb):
2825         (WebCore::RenderThemeGtk::progressBarRectForBounds): Ensure a minimum size of progress bars in GTK+ 3.20.
2826         (WebCore::RenderThemeGtk::paintProgressBar):
2827         (WebCore::RenderThemeGtk::innerSpinButtonLayout): Use an horizontal layout for spin buttons.
2828         (WebCore::RenderThemeGtk::adjustInnerSpinButtonStyle):
2829         (WebCore::RenderThemeGtk::paintInnerSpinButton):
2830         (WebCore::styleColor):
2831         (WebCore::RenderThemeGtk::paintMediaButton):
2832         * rendering/RenderThemeGtk.h:
2833
2834 2016-04-11  Antti Koivisto  <antti@apple.com>
2835
2836         Implement functional :host() pseudo class
2837         https://bugs.webkit.org/show_bug.cgi?id=156397
2838         <rdar://problem/25621445>
2839
2840         Reviewed by Darin Adler.
2841
2842         We already support :host. Add functional syntax too.
2843
2844         * css/CSSGrammar.y.in:
2845
2846             Parse functional :host().
2847
2848         * css/CSSParser.cpp:
2849         (WebCore::CSSParser::detectFunctionTypeToken):
2850         * css/CSSParserValues.cpp:
2851         (WebCore::CSSParserSelector::parsePseudoClassHostFunctionSelector):
2852         * css/CSSParserValues.h:
2853         * css/ElementRuleCollector.cpp:
2854         (WebCore::ElementRuleCollector::matchedRuleList):
2855         (WebCore::ElementRuleCollector::addMatchedRule):
2856
2857             Factor some shared code here.
2858
2859         (WebCore::ElementRuleCollector::matchHostPseudoClassRules):
2860
2861             Instead of using the generic paths use a :host specific code path for matching.
2862             This makes it easier to avoid :host matching when it shouldn't.
2863
2864         (WebCore::ElementRuleCollector::collectMatchingRulesForList):
2865         * css/ElementRuleCollector.h:
2866         * css/RuleSet.cpp:
2867         (WebCore::computeMatchBasedOnRuleHash):
2868
2869             :host is always handled by the special matching path.
2870
2871         * css/SelectorChecker.cpp:
2872         (WebCore::SelectorChecker::match):
2873         (WebCore::SelectorChecker::matchHostPseudoClass):
2874
2875             Add a function specifically for checking :host. In always fails on the normal code paths.
2876             Check the argument selector if provided.
2877
2878         (WebCore::hasScrollbarPseudoElement):
2879         * css/SelectorChecker.h:
2880
2881 2016-04-11  Said Abou-Hallawa  <sabouhallawa@apple,com>
2882
2883         Merge CG ImageSource and non CG ImageSource implementation in one file
2884         https://bugs.webkit.org/show_bug.cgi?id=155456
2885
2886         Reviewed by Darin Adler.
2887
2888         ImageSource for CG and CG code paths look very similar. All the platform
2889         specific code can be moved to ImageDecoder classes for CG and non CG. And
2890         we can have the ImageSource be platform independent and we get rid of
2891         ImageSourceCG.cpp.
2892
2893         Test: fast/images/image-subsampling.html
2894
2895         * CMakeLists.txt:
2896         * PlatformAppleWin.cmake:
2897         * PlatformMac.cmake:
2898         * WebCore.xcodeproj/project.pbxproj:
2899         Delete ImageSourceCG.cpp form all make files and add ImageSource.cpp to
2900         CMakeLists.txt.
2901         
2902         * platform/Cursor.cpp:
2903         (WebCore::determineHotSpot):
2904         * platform/graphics/BitmapImage.cpp:
2905         (WebCore::BitmapImage::hotSpot):
2906         (WebCore::BitmapImage::getHotSpot): Deleted.
2907         * platform/graphics/BitmapImage.h:
2908         * platform/graphics/Image.h:
2909         (WebCore::Image::hotSpot):
2910         (WebCore::Image::getHotSpot): Deleted.
2911         Rename getHotSpot() to hotSpot() and change it to return Optional<IntPoint>.
2912         
2913         * platform/graphics/ImageSource.cpp:
2914         (WebCore::ImageSource::~ImageSource): Remove clear(true) call. It does nothing.
2915         (WebCore::ImageSource::clearFrameBufferCache): A wrapper which calls ImageDecoder::clearFrameBufferCache().
2916         (WebCore::ImageSource::clear): Calls clearFrameBufferCache() which will do nothing for CG.
2917         
2918         (WebCore::ImageSource::ensureDecoderIsCreated): Change SharedBuffer* to
2919         const SharedBuffer& and remove the call to ImageDecoder::setMaxNumPixels().
2920         The value of const static int CG ImageDecoder::m_maxNumPixels will be set
2921         based on IMAGE_DECODER_DOWN_SAMPLING.
2922         
2923         (WebCore::ImageSource::setData): Pass SharedBuffer& to the underlying functions.
2924         
2925         (WebCore::ImageSource::calculateMaximumSubsamplingLevel): Returns the maximum
2926         subsampling level allowed for an image.
2927         
2928         (WebCore::ImageSource::subsamplingLevelForScale): Converts from a scale to
2929         SubsamplingLevel taking into consideration the maximumSubsamplingLevel for
2930         a particular image.
2931         
2932         (WebCore::ImageSource::bytesDecodedToDetermineProperties): Returns the number
2933         of encoded bytes which can determine the image properties. For non CG it's
2934         zero. For CG it is a maximum value which can be corrected later.
2935         
2936         (WebCore::ImageSource::isSizeAvailable):
2937         (WebCore::ImageSource::sizeRespectingOrientation):
2938         (WebCore::ImageSource::frameCount):
2939         (WebCore::ImageSource::repetitionCount):
2940         (WebCore::ImageSource::filenameExtension):
2941         (WebCore::ImageSource::getHotSpot):
2942         (WebCore::ImageSource::frameIsCompleteAtIndex):
2943         (WebCore::ImageSource::frameHasAlphaAtIndex):
2944         (WebCore::ImageSource::allowSubsamplingOfFrameAtIndex):
2945         (WebCore::ImageSource::frameSizeAtIndex):
2946         (WebCore::ImageSource::frameBytesAtIndex):
2947         (WebCore::ImageSource::frameDurationAtIndex):
2948         (WebCore::ImageSource::orientationAtIndex):
2949         (WebCore::ImageSource::createFrameImageAtIndex):
2950         These are wrappers for the ImageDecoder APIs. The purpose of these functions
2951         is to ensure the ImageDecoder is created.
2952         
2953         (WebCore::ImageSource::dump): Called from BitmapImage::dump().
2954         
2955         (WebCore::ImageSource::getHotSpot): Deleted.
2956         
2957         * platform/graphics/ImageSource.h:
2958         (WebCore::ImageSource::setAllowSubsampling): Called from BitmapImage::setAllowSubsampling().
2959         
2960         (WebCore::ImageSource::maxPixelsPerDecodedImage): Deleted.
2961         (WebCore::ImageSource::setMaxPixelsPerDecodedImage): Deleted.
2962         Setting maxPixelsPerDecodedImage was moved to the non CG ImageDecoder.
2963         
2964         * platform/graphics/cg/ImageDecoderCG.cpp:
2965         (WebCore::ImageDecoder::setData): Change SharedBuffer* to SharedBuffer&.
2966
2967         (WebCore::ImageDecoder::subsamplingLevelForScale): Deleted.
2968         The code was moved to ImageSource::subsamplingLevelForScale().
2969         
2970         * platform/graphics/cg/ImageDecoderCG.h:
2971         (WebCore::ImageDecoder::create): Make the prototype of this function
2972         suitable for CG and non CG cases.
2973         (WebCore::ImageDecoder::clearFrameBufferCache): Empty functions for CG.
2974         
2975         * platform/graphics/cg/ImageSourceCG.cpp: Removed.
2976         
2977         * platform/image-decoders/ImageDecoder.cpp:
2978         (WebCore::ImageDecoder::frameIsCompleteAtIndex): A mew function to return
2979         whether the frame decoding is complete or not.
2980         
2981         (WebCore::ImageDecoder::frameHasAlphaAtIndex): Simplify the logic.
2982         
2983         (WebCore::ImageDecoder::frameDurationAtIndex): The code was moved from
2984         ImageSource::frameDurationAtIndex() in ImageSource.cpp.
2985         
2986         (WebCore::ImageDecoder::createFrameImageAtIndex): The code was moved from
2987         ImageSource::createFrameImageAtIndex() in ImageSource.cpp.
2988         
2989         * platform/image-decoders/ImageDecoder.h:
2990         (WebCore::ImageDecoder::ImageDecoder): Initialize the members in class.
2991         (WebCore::ImageDecoder::~ImageDecoder): Fix the braces style.
2992         (WebCore::ImageDecoder::setData): Change the type of the argument from
2993         SharedBuffer* to SharedBuffer&.
2994         (WebCore::ImageDecoder::frameSizeAtIndex): Add the argument SubsamplingLevel
2995         so it can have the same prototype as CG.
2996         (WebCore::ImageDecoder::orientationAtIndex): Rename it to the same of CG.
2997         
2998         (WebCore::ImageDecoder::allowSubsamplingOfFrameAtIndex):
2999         (WebCore::ImageDecoder::bytesDecodedToDetermineProperties):
3000         (WebCore::ImageDecoder::subsamplingLevelForScale): Add these functions
3001         and return the default values so we do not have to add directive compiled
3002         non CG blocks in ImageSource.cpp.
3003
3004         (WebCore::ImageDecoder::hotSpot): Return Optional<IntPoint>.
3005         
3006         (WebCore::ImageDecoder::orientation): Deleted.
3007         (WebCore::ImageDecoder::setMaxNumPixels): Deleted.
3008         
3009         * platform/image-decoders/bmp/BMPImageDecoder.cpp:
3010         (WebCore::BMPImageDecoder::setData):
3011         * platform/image-decoders/bmp/BMPImageDecoder.h:
3012         * platform/image-decoders/gif/GIFImageDecoder.cpp:
3013         (WebCore::GIFImageDecoder::setData):
3014         (WebCore::GIFImageDecoder::decode):
3015         * platform/image-decoders/gif/GIFImageDecoder.h:
3016         * platform/image-decoders/gif/GIFImageReader.h:
3017         (GIFImageReader::setData):
3018         * platform/image-decoders/ico/ICOImageDecoder.cpp:
3019         (WebCore::ICOImageDecoder::setData):
3020         Use reference SharedBuffer instead of pointer SharedBuffer.
3021         
3022         (WebCore::ICOImageDecoder::hotSpot):
3023         (WebCore::ICOImageDecoder::hotSpotAtIndex):
3024         Change hotSpot() to return Optional<IntPoint>.
3025         * platform/image-decoders/ico/ICOImageDecoder.h:
3026                 
3027         (WebCore::ICOImageDecoder::setDataForPNGDecoderAtIndex):
3028         Pass reference SharedBuffer instead of pointer SharedBuffer.
3029
3030 2016-04-11  Fujii Hironori  <Hironori.Fujii@jp.sony.com>
3031
3032         [CMake] Make FOLDER property INHERITED
3033         https://bugs.webkit.org/show_bug.cgi?id=156460
3034
3035         Reviewed by Brent Fulgham.
3036
3037         * CMakeLists.txt:
3038         Set FOLDER property as a directory property not a target property
3039
3040 2016-04-10  Sam Weinig  <sam@webkit.org>
3041
3042         Fix the build.
3043
3044         * platform/graphics/avfoundation/objc/MediaPlaybackTargetPickerMac.mm:
3045         (WebCore::MediaPlaybackTargetPickerMac::showPlaybackTargetPicker):
3046
3047 2016-04-08  Sam Weinig  <sam@webkit.org>
3048
3049         Remove support for custom target picker actions
3050         <rdar://problem/24987783>
3051         https://bugs.webkit.org/show_bug.cgi?id=156434
3052
3053         Reviewed by Eric Carlson.
3054
3055         This mostly entailed rolling out r197429 and r197569.
3056
3057         * Modules/mediasession/WebMediaSessionManager.cpp:
3058         (WebCore::WebMediaSessionManager::removeAllPlaybackTargetPickerClients):
3059         (WebCore::WebMediaSessionManager::showPlaybackTargetPicker):
3060         (WebCore::WebMediaSessionManager::clientStateDidChange):
3061         (WebCore::WebMediaSessionManager::externalOutputDeviceAvailableDidChange):
3062         (WebCore::WebMediaSessionManager::configureNewClients):
3063         (WebCore::WebMediaSessionManager::customPlaybackActionSelected): Deleted.
3064         * Modules/mediasession/WebMediaSessionManager.h:
3065         * Modules/mediasession/WebMediaSessionManagerClient.h:
3066         * dom/Document.cpp:
3067         (WebCore::Document::removePlaybackTargetPickerClient):
3068         (WebCore::Document::showPlaybackTargetPicker):
3069         (WebCore::Document::playbackTargetPickerClientStateDidChange):
3070         (WebCore::Document::setShouldPlayToPlaybackTarget):
3071         (WebCore::Document::customPlaybackActionSelected): Deleted.
3072         * dom/Document.h:
3073         * html/HTMLMediaElement.cpp:
3074         (WebCore::HTMLMediaElement::enqueuePlaybackTargetAvailabilityChangedEvent):
3075         (WebCore::HTMLMediaElement::setShouldPlayToPlaybackTarget):
3076         (WebCore::HTMLMediaElement::webkitCurrentPlaybackTargetIsWireless):
3077         (WebCore::HTMLMediaElement::customPlaybackActionSelected): Deleted.
3078         (WebCore::HTMLMediaElement::playbackTargetPickerCustomActionName): Deleted.
3079         * html/HTMLMediaElement.h:
3080         * html/MediaElementSession.cpp:
3081         (WebCore::MediaElementSession::showPlaybackTargetPicker):
3082         (WebCore::MediaElementSession::hasWirelessPlaybackTargets):
3083         (WebCore::MediaElementSession::setShouldPlayToPlaybackTarget):
3084         (WebCore::MediaElementSession::mediaStateDidChange):
3085         (WebCore::MediaElementSession::customPlaybackActionSelected): Deleted.
3086         * html/MediaElementSession.h:
3087         * page/ChromeClient.h:
3088         * page/Page.cpp:
3089         (WebCore::Page::removePlaybackTargetPickerClient):
3090         (WebCore::Page::showPlaybackTargetPicker):
3091         (WebCore::Page::setShouldPlayToPlaybackTarget):
3092         (WebCore::Page::ensureTestTrigger):
3093         (WebCore::Page::customPlaybackActionSelected): Deleted.
3094         * page/Page.h:
3095         (WebCore::Page::testTrigger):
3096         * platform/audio/PlatformMediaSession.h:
3097         (WebCore::PlatformMediaSessionClient::canPlayToWirelessPlaybackTarget):
3098         (WebCore::PlatformMediaSessionClient::isPlayingToWirelessPlaybackTarget):
3099         (WebCore::PlatformMediaSessionClient::setShouldPlayToPlaybackTarget):
3100         (WebCore::PlatformMediaSessionClient::customPlaybackActionSelected): Deleted.
3101         * platform/graphics/MediaPlaybackTargetClient.h:
3102         * platform/graphics/MediaPlaybackTargetPicker.cpp:
3103         (WebCore::MediaPlaybackTargetPicker::pendingActionTimerFired):
3104         (WebCore::MediaPlaybackTargetPicker::addPendingAction):
3105         (WebCore::MediaPlaybackTargetPicker::showPlaybackTargetPicker):
3106         * platform/graphics/MediaPlaybackTargetPicker.h:
3107         (WebCore::MediaPlaybackTargetPicker::availableDevicesDidChange):
3108         (WebCore::MediaPlaybackTargetPicker::currentDeviceDidChange):
3109         (WebCore::MediaPlaybackTargetPicker::Client::customPlaybackActionSelected): Deleted.
3110         (WebCore::MediaPlaybackTargetPicker::customPlaybackActionSelected): Deleted.
3111         * platform/graphics/avfoundation/objc/MediaPlaybackTargetPickerMac.h:
3112         * platform/graphics/avfoundation/objc/MediaPlaybackTargetPickerMac.mm:
3113         (WebCore::MediaPlaybackTargetPickerMac::devicePicker):
3114         (WebCore::MediaPlaybackTargetPickerMac::showPlaybackTargetPicker):
3115         * platform/mac/WebVideoFullscreenInterfaceMac.h:
3116         * platform/mac/WebVideoFullscreenInterfaceMac.mm:
3117         (WebCore::WebVideoFullscreenInterfaceMac::preparedToReturnToInline):
3118         (WebCore::WebVideoFullscreenInterfaceMac::setVideoDimensions):
3119         (WebCore::WebVideoFullscreenInterfaceMac::setExternalPlayback): Deleted.
3120         * platform/mock/MediaPlaybackTargetPickerMock.cpp:
3121         (WebCore::MediaPlaybackTargetPickerMock::timerFired):
3122         (WebCore::MediaPlaybackTargetPickerMock::showPlaybackTargetPicker):
3123         * platform/mock/MediaPlaybackTargetPickerMock.h:
3124         * platform/spi/cocoa/AVKitSPI.h:
3125
3126 2016-04-09  Konstantin Tokarev  <annulen@yandex.ru>
3127
3128         Fixed compilation of JPEGImageDecoder with libjpeg v9.
3129         https://bugs.webkit.org/show_bug.cgi?id=156445
3130
3131         Reviewed by Michael Catanzaro.
3132
3133         ICU defines TRUE and FALSE macros, breaking libjpeg v9 headers.
3134
3135         No new tests needed.
3136
3137         * platform/image-decoders/jpeg/JPEGImageDecoder.h:
3138
3139 2016-04-09  Commit Queue  <commit-queue@webkit.org>
3140
3141         Unreviewed, rolling out r199242.
3142         https://bugs.webkit.org/show_bug.cgi?id=156442
3143
3144         Caused many many leaks (Requested by ap on #webkit).
3145
3146         Reverted changeset:
3147
3148         "Web Inspector: get rid of InspectorBasicValue and
3149         InspectorString subclasses"
3150         https://bugs.webkit.org/show_bug.cgi?id=156407
3151         http://trac.webkit.org/changeset/199242
3152
3153 2016-04-09  Commit Queue  <commit-queue@webkit.org>
3154
3155         Unreviewed, rolling out r199268.
3156         https://bugs.webkit.org/show_bug.cgi?id=156440
3157
3158         Broke Windows build (Requested by ap on #webkit).
3159
3160         Reverted changeset:
3161
3162         "Implement functional :host() pseudo class"
3163         https://bugs.webkit.org/show_bug.cgi?id=156397
3164         http://trac.webkit.org/changeset/199268
3165
3166 2016-04-09  Antti Koivisto  <antti@apple.com>
3167
3168         Implement functional :host() pseudo class
3169         https://bugs.webkit.org/show_bug.cgi?id=156397
3170         <rdar://problem/25621445>
3171
3172         Reviewed by Darin Adler.
3173
3174         We already support :host. Add functional syntax too.
3175
3176         * css/CSSGrammar.y.in:
3177
3178             Parse functional :host().
3179
3180         * css/CSSParser.cpp:
3181         (WebCore::CSSParser::detectFunctionTypeToken):
3182         * css/CSSParserValues.cpp:
3183         (WebCore::CSSParserSelector::parsePseudoClassHostFunctionSelector):
3184         * css/CSSParserValues.h:
3185         * css/ElementRuleCollector.cpp:
3186         (WebCore::ElementRuleCollector::matchedRuleList):
3187         (WebCore::ElementRuleCollector::addMatchedRule):
3188
3189             Factor some shared code here.
3190
3191         (WebCore::ElementRuleCollector::matchHostPseudoClassRules):
3192
3193             Instead of using the generic paths use a :host specific code path for matching.
3194             This makes it easier to avoid :host matching when it shouldn't.
3195
3196         (WebCore::ElementRuleCollector::collectMatchingRulesForList):
3197         * css/ElementRuleCollector.h:
3198         * css/RuleSet.cpp:
3199         (WebCore::computeMatchBasedOnRuleHash):
3200
3201             :host is always handled by the special matching path.
3202
3203         * css/SelectorChecker.cpp:
3204         (WebCore::SelectorChecker::match):
3205         (WebCore::SelectorChecker::matchHostPseudoClass):
3206
3207             Add a function specifically for checking :host. In always fails on the normal code paths.
3208             Check the argument selector if provided.
3209
3210         (WebCore::hasScrollbarPseudoElement):
3211         * css/SelectorChecker.h:
3212
3213 2016-04-07  Darin Adler  <darin@apple.com>
3214
3215         Improve IDL support for object arguments that are neither optional nor nullable
3216         https://bugs.webkit.org/show_bug.cgi?id=156149
3217
3218         Reviewed by Chris Dumez.
3219
3220         After this patch, we are almost ready to change some more DOM functions to
3221         use references instead of pointers. Remaining blocking issue is lack of support
3222         for ShouldPassWrapperByReference in the gobject bindings.
3223
3224         * bindings/objc/ExceptionHandlers.h: Add NO_RETURN to raiseDOMException.
3225         Added a new raiseTypeErrorException. Re-indented header and removed unneeded
3226         include and forward declarations.
3227
3228         * bindings/objc/ExceptionHandlers.mm:
3229         (WebCore::raiseDOMException): Added RELEASE_ASSERT_NOT_REACHED so the compiler
3230         will understand this is NO_RETURN. Also updated FIXME comment.
3231         (WebCore::raiseTypeErrorException): Added.
3232
3233         * bindings/scripts/CodeGenerator.pm: Removed unneeded code that allows the type
3234         "AtomicString" in IDL files.
3235         (ShouldPassWrapperByReference): Added. Contains the logic from the function in
3236         the JavaScript code generator that was named IsPointerParameterPassedByReference,
3237         minus a couple checks that are unneeded. For use in other code generators so they
3238         are all consistent about how they call the DOM implementation.
3239
3240         * bindings/scripts/CodeGeneratorGObject.pm:
3241         (SkipFunction): Removed support for unused CustomBinding extended attribute.
3242
3243         * bindings/scripts/CodeGeneratorJS.pm:
3244         (GenerateHeader): Removed support for unused CustomBinding extended attribute.
3245         (GenerateImplementation): Ditto. Also changed type checking code to throw a
3246         type error in a more efficient way, using throwVMTypeError directly.
3247         (GenerateParametersCheck): Rearranged code a bit so that arguments that need to
3248         be passed in unusual ways are handled all in one place. Use WTFMove for newly
3249         created NodeFilter objects. Simplified the reference logic so it doesn't need
3250         to do an additional check to see if a type is a callback. Also changed type
3251         checking code to throw a type error in a more efficient way, using throwVMTypeError
3252         directly. Also corrected mistake where null checking code was throwing
3253         TYPE_MISMATCH_ERR instead of a type error.
3254         (GetNativeType): Coding style tweak.
3255         (ShouldPassWrapperByReference): Renamed from IsPointerParameterPassedByReference.
3256         Changed to call underlying ShouldPassWrapperByReference function in the language-
3257         independent code generator.
3258         (GenerateConstructorDefinition): Updated for name change.
3259
3260         * bindings/scripts/CodeGeneratorObjC.pm:
3261         (SkipFunction): Removed support for unused CustomBinding extended attribute.
3262         (GenerateImplementation): Added code to null check and pass a reference when
3263         ShouldPassWrapperByReference returns true.
3264
3265         * bindings/scripts/IDLAttributes.txt: Sorted in the AppleCopyright and
3266         UsePointersEvenForNonNullableObjectArguments arguments. Removed the unused
3267         CPPPureInterface and CustomBinding attributes.
3268
3269         * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp: Regenerated test results.
3270         * bindings/scripts/test/JS/JSTestInterface.cpp: Ditto.
3271         * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp: Ditto.
3272         * bindings/scripts/test/JS/JSTestObj.cpp: Ditto.
3273         * bindings/scripts/test/JS/JSTestObj.h: Ditto.
3274         * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp: Ditto.
3275         * bindings/scripts/test/JS/JSTestTypedefs.cpp: Ditto.
3276         * bindings/scripts/test/ObjC/DOMTestActiveDOMObject.mm: Ditto.
3277         * bindings/scripts/test/ObjC/DOMTestCallback.mm: Ditto.
3278         * bindings/scripts/test/ObjC/DOMTestCallbackFunction.mm: Ditto.
3279         * bindings/scripts/test/ObjC/DOMTestInterface.mm: Ditto.
3280         * bindings/scripts/test/ObjC/DOMTestMediaQueryListListener.mm: Ditto.
3281         * bindings/scripts/test/ObjC/DOMTestObj.mm: Ditto.
3282
3283         * bindings/scripts/test/TestObj.idl: Removed test for CustomBinding.
3284
3285         * dom/DOMImplementation.idl: Fixed #if so that only the return type is different
3286         between JavaScript and the other bindings. Without this change, the different
3287         bindings got different results for ShouldPassWrapperByReference. Also formatted
3288         functions all on a single line.
3289
3290         * dom/EventListener.idl: Removed CPPPureInterface, since it had no effect.
3291         * dom/EventTarget.idl: Ditto.
3292
3293 2016-04-08  Chris Dumez  <cdumez@apple.com>
3294
3295         [WebIDL] Add support for [ExportMacro=XXX] IDL extended attribute
3296         https://bugs.webkit.org/show_bug.cgi?id=156428
3297
3298         Reviewed by Ryosuke Niwa.
3299
3300         Add support for [ExportMacro=XXX] IDL extended attribute (e.g. [ExportMacro=WEBCORE_EXPORT])
3301         so developers can indicate in the IDL which macro to use to export the generated JS bindings
3302         class.
3303
3304         We previously supported this by hard-coding JS class names in the bindings generator which
3305         was ugly.
3306
3307         * Modules/mediasession/MediaSession.idl:
3308         * Modules/mediasource/SourceBuffer.idl:
3309         * Modules/notifications/Notification.idl:
3310         * Modules/webaudio/AudioContext.idl:
3311         * bindings/scripts/CodeGeneratorJS.pm:
3312         (GetExportMacroForJSClass):
3313         (GenerateHeader):
3314         (AddIncludesForType): Deleted.
3315         (AddToImplIncludes): Deleted.
3316         * bindings/scripts/IDLAttributes.txt:
3317         * bindings/scripts/test/TestInterface.idl:
3318         * bindings/scripts/test/TestNode.idl:
3319         * css/CSSStyleDeclaration.idl:
3320         * dom/ClientRect.idl:
3321         * dom/ClientRectList.idl:
3322         * dom/Document.idl:
3323         * dom/Element.idl:
3324         * dom/Node.idl:
3325         * dom/Range.idl:
3326         * fileapi/File.idl:
3327         * html/DOMURL.idl:
3328         * html/HTMLElement.idl:
3329         * html/HTMLMediaElement.idl:
3330         * html/TimeRanges.idl:
3331         * html/canvas/DOMPath.idl:
3332         * inspector/ScriptProfile.idl:
3333         * inspector/ScriptProfileNode.idl:
3334         * page/DOMWindow.idl:
3335         * page/make_settings.pl:
3336         (generateInternalSettingsIdlFile):
3337         * testing/InternalSettings.idl:
3338         * testing/Internals.idl:
3339         * testing/MallocStatistics.idl:
3340         * testing/MemoryInfo.idl:
3341         * testing/TypeConversions.idl:
3342         * xml/XMLHttpRequest.idl:
3343
3344 2016-04-08  Joseph Pecoraro  <pecoraro@apple.com>
3345
3346         Web Inspector: XHRs and Web Worker scripts are not searchable
3347         https://bugs.webkit.org/show_bug.cgi?id=154214
3348         <rdar://problem/24643587>
3349
3350         Reviewed by Timothy Hatcher.
3351
3352         Test: inspector/page/searchInResources.html
3353
3354         * inspector/InspectorPageAgent.h:
3355         * inspector/InspectorPageAgent.cpp:
3356         (WebCore::InspectorPageAgent::searchInResource):
3357         (WebCore::InspectorPageAgent::searchInResources):
3358         Let the NetworkAgent handle individual search requests
3359         with a requestId. And provide global search results for
3360         "other" resources and will include requestId properties.
3361
3362         * inspector/InspectorNetworkAgent.h:
3363         * inspector/InspectorNetworkAgent.cpp:
3364         (WebCore::InspectorNetworkAgent::didFinishXHRLoading):
3365         (WebCore::buildObjectForSearchResult):
3366         (WebCore::InspectorNetworkAgent::searchOtherRequests):
3367         (WebCore::InspectorNetworkAgent::searchInRequest):
3368         Search saved "other" resource data content.
3369
3370         * inspector/NetworkResourcesData.h:
3371         * inspector/NetworkResourcesData.cpp:
3372         (WebCore::NetworkResourcesData::resources):
3373         Expose the resources for iteration by the NetworkAgent.
3374
3375 2016-04-08  Joanmarie Diggs  <jdiggs@igalia.com>
3376
3377         AX: "AXLandmarkApplication" is an inappropriate subrole for ARIA "application" since it's no longer a landmark
3378         https://bugs.webkit.org/show_bug.cgi?id=155403
3379
3380         Reviewed by Chris Fleizach.
3381
3382         The new subrole is AXWebApplication and the new role description is "web application".
3383         As part of the fix, the WebCore AccessibilityRole for ARIA's "application" role was
3384         renamed from LandmarkApplicationRole to WebApplicationRole.
3385
3386         The roles-exposed.html and aria-grouping-roles.html test expectations were also updated.
3387
3388         * English.lproj/Localizable.strings:
3389         * accessibility/AccessibilityObject.cpp:
3390         (WebCore::AccessibilityObject::accessibleNameDerivesFromContent):
3391         (WebCore::AccessibilityObject::isLandmark):
3392         (WebCore::initializeRoleMap):
3393         * accessibility/AccessibilityObject.h:
3394         * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
3395         (atkRole):
3396         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
3397         (-[WebAccessibilityObjectWrapper determineIsAccessibilityElement]):
3398         (-[WebAccessibilityObjectWrapper _accessibilityIsLandmarkRole:]):
3399         * accessibility/mac/WebAccessibilityObjectWrapperBase.mm:
3400         (-[WebAccessibilityObjectWrapperBase ariaLandmarkRoleDescription]):
3401         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
3402         (createAccessibilityRoleMap):
3403         (-[WebAccessibilityObjectWrapper subrole]):
3404         * platform/LocalizedStrings.cpp:
3405         (WebCore::AXARIAContentGroupText):
3406
3407 2016-04-08  Simon Fraser  <simon.fraser@apple.com>
3408
3409         [iOS WK2] WKWebViews should consult ancestor UIScrollViews to determine tiling area
3410         https://bugs.webkit.org/show_bug.cgi?id=156429
3411         rdar://problem/25455111
3412
3413         Reviewed by Tim Horton.
3414
3415         When a WKWebView is expanded to full size, then embedded in UIScrollView, it would
3416         create huge tiles that cover the entire view area (since it considered itself non-scrollable).
3417
3418         Fix to always use 512x512 tiles in this configuration, and to adjust the tile coverage
3419         for the area exposed through the enclosing UIScrollView.
3420
3421         * loader/HistoryController.cpp:
3422         (WebCore::HistoryController::saveScrollPositionAndViewStateToItem): setObscuredInset()
3423         moved from FrameView to Page.
3424         * page/FrameView.cpp:
3425         (WebCore::FrameView::adjustTiledBackingScrollability): If we're clipped by an ancestor scrollView,
3426         just assume we're scrollable on both axes.
3427         * page/Page.h:
3428         (WebCore::Page::obscuredInset):
3429         (WebCore::Page::setObscuredInset):
3430         (WebCore::Page::enclosedInScrollView):
3431         (WebCore::Page::setEnclosedInScrollView):
3432         * platform/ScrollView.h:
3433         (WebCore::ScrollView::platformObscuredInset): Deleted.
3434         (WebCore::ScrollView::platformSetObscuredInset): Deleted.
3435
3436 2016-04-08  Joseph Pecoraro  <pecoraro@apple.com>
3437
3438         [iOS Simulator] Build failure (property 'contentsFormat' not found on object of type 'LegacyTileLayer *')
3439         https://bugs.webkit.org/show_bug.cgi?id=156415
3440
3441         Reviewed by Simon Fraser.
3442
3443         * platform/spi/cocoa/QuartzCoreSPI.h:
3444         Provide SPI forward declaration of the CALayer contentsFormat property.
3445
3446 2016-04-08  Alex Christensen  <achristensen@webkit.org>
3447
3448         Progress towards running CMake WebKit2 on Mac
3449         https://bugs.webkit.org/show_bug.cgi?id=156426
3450
3451         Reviewed by Tim Horton.
3452
3453         * CMakeLists.txt:
3454         * PlatformGTK.cmake:
3455         * PlatformMac.cmake:
3456         * PlatformWin.cmake:
3457         On Mac, WTF is a static library that is linked only with JavaScriptCore.
3458
3459 2016-04-08  Jer Noble  <jer.noble@apple.com>
3460
3461         Unreviewed 32-bit build fix; make type of std::min<> explicit.
3462
3463         * platform/audio/ios/AudioDestinationIOS.cpp:
3464         (WebCore::AudioDestinationIOS::render):
3465
3466 2016-04-08  Jer Noble  <jer.noble@apple.com>
3467
3468         CRASH in AudioDestinationNode::render()
3469         https://bugs.webkit.org/show_bug.cgi?id=156308
3470
3471         Reviewed by Eric Carlson.
3472
3473         Yet another math error in AudioDestinationIOS::render(). It is possible for the difference between
3474         m_startSpareFrame and m_endSpareFrame to be greater than the numberOfFrames to be rendered. Protect
3475         against this case by taking the min() of those two values and only advancing m_startSpareFrame by
3476         that amount.  This guarantees that framesThisTime will never underflow, and that data will not be
3477         written past the end of the ioData parameter.
3478
3479         * platform/audio/ios/AudioDestinationIOS.cpp:
3480         (WebCore::AudioDestinationIOS::render):
3481
3482 2016-04-08  Brady Eidson  <beidson@apple.com>
3483
3484         Modern IDB: Use more IDBValue and IDBGetResult in IDBBackingStore.
3485         https://bugs.webkit.org/show_bug.cgi?id=156418
3486
3487         Reviewed by Alex Christensen.
3488
3489         No new tests (Refactor, no change in behavior).
3490
3491         * Modules/indexeddb/IDBValue.cpp:
3492         (WebCore::IDBValue::IDBValue):
3493         * Modules/indexeddb/IDBValue.h:
3494         
3495         * Modules/indexeddb/server/IDBBackingStore.h:
3496         
3497         * Modules/indexeddb/server/MemoryBackingStoreTransaction.cpp:
3498         (WebCore::IDBServer::MemoryBackingStoreTransaction::abort):
3499         
3500         * Modules/indexeddb/server/MemoryIDBBackingStore.cpp:
3501         (WebCore::IDBServer::MemoryIDBBackingStore::addRecord):
3502         (WebCore::IDBServer::MemoryIDBBackingStore::getRecord):
3503         * Modules/indexeddb/server/MemoryIDBBackingStore.h:
3504         
3505         * Modules/indexeddb/server/MemoryObjectStore.cpp:
3506         (WebCore::IDBServer::MemoryObjectStore::addRecord):
3507         * Modules/indexeddb/server/MemoryObjectStore.h:
3508         
3509         * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
3510         (WebCore::IDBServer::SQLiteIDBBackingStore::addRecord):
3511         (WebCore::IDBServer::SQLiteIDBBackingStore::getRecord):
3512         * Modules/indexeddb/server/SQLiteIDBBackingStore.h:
3513         
3514         * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
3515         (WebCore::IDBServer::UniqueIDBDatabase::performPutOrAdd):
3516         (WebCore::IDBServer::UniqueIDBDatabase::performGetRecord):
3517
3518 2016-04-08  Brady Eidson  <beidson@apple.com>
3519
3520         Modern IDB: Make IDBGetResult contain an IDBValue instead of a buffer, and remove unused methods.
3521         https://bugs.webkit.org/show_bug.cgi?id=156416
3522
3523         Reviewed by Alex Christensen.
3524
3525         No new tests (Refactor, no change in behavior).
3526
3527         * Modules/indexeddb/IDBCursor.cpp:
3528         (WebCore::IDBCursor::setGetResult):
3529         
3530         * Modules/indexeddb/IDBGetResult.cpp:
3531         (WebCore::IDBGetResult::dataFromBuffer):
3532         (WebCore::IDBGetResult::isolatedCopy):
3533         * Modules/indexeddb/IDBGetResult.h:
3534         (WebCore::IDBGetResult::IDBGetResult):
3535         (WebCore::IDBGetResult::value):
3536         (WebCore::IDBGetResult::encode):
3537         (WebCore::IDBGetResult::decode):
3538         (WebCore::IDBGetResult::valueBuffer): Deleted.
3539         (WebCore::IDBGetResult::setValueBuffer): Deleted.
3540         (WebCore::IDBGetResult::setKeyData): Deleted.
3541         (WebCore::IDBGetResult::setPrimaryKeyData): Deleted.
3542         (WebCore::IDBGetResult::setKeyPath): Deleted.
3543         
3544         * Modules/indexeddb/IDBTransaction.cpp:
3545         (WebCore::IDBTransaction::didGetRecordOnServer):
3546         
3547         * Modules/indexeddb/IDBValue.cpp:
3548         (WebCore::IDBValue::IDBValue):
3549         * Modules/indexeddb/IDBValue.h:
3550         
3551         * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
3552         (WebCore::IDBServer::SQLiteIDBBackingStore::getIndexRecord):
3553
3554 2016-04-08  Zalan Bujtas  <zalan@apple.com>
3555
3556         Focus ring drawn at incorrect location on image map with CSS transform.
3557         https://bugs.webkit.org/show_bug.cgi?id=143527
3558         <rdar://problem/21908735>
3559
3560         Reviewed by Simon Fraser.
3561
3562         Implement pathForFocusRing for HTMLAreaElement. It follows the logic of RenderObject::addFocusRingRects().
3563
3564         Tests: fast/images/image-map-outline-in-positioned-container.html
3565                fast/images/image-map-outline-with-paint-root-offset.html
3566                fast/images/image-map-outline-with-scale-transform.html
3567                fast/images/image-map-outline.html
3568
3569         * html/HTMLAreaElement.cpp:
3570         (WebCore::HTMLAreaElement::pathForFocusRing):
3571         * html/HTMLAreaElement.h:
3572         * rendering/RenderElement.cpp:
3573         (WebCore::RenderElement::paintFocusRing): Move addFocusRingRects() out of focus ring painting.
3574         (WebCore::RenderElement::paintOutline):
3575         * rendering/RenderElement.h:
3576         * rendering/RenderImage.cpp:
3577         (WebCore::RenderImage::paint):
3578         (WebCore::RenderImage::paintAreaElementFocusRing):
3579         * rendering/RenderImage.h:
3580         * rendering/RenderInline.cpp:
3581         (WebCore::RenderInline::paintOutline):
3582
3583 2016-04-08  Brent Fulgham  <bfulgham@apple.com>
3584
3585         [WK1] Wheel event callback removing the window causes crash in WebCore
3586         https://bugs.webkit.org/show_bug.cgi?id=156409
3587         <rdar://problem/25631267>
3588
3589         Reviewed by Simon Fraser.
3590
3591         Null check the Widget before using it, since the iframe may have been removed
3592         from its parent document inside the event handler.
3593
3594         This is the WK1 fix for https://bugs.webkit.org/show_bug.cgi?id=150871.
3595
3596         Tested by fast/events/wheel-event-destroys-frame.html
3597
3598         * page/EventHandler.cpp:
3599         (WebCore::widgetForElement): Added.
3600         (WebCore::EventHandler::handleWheelEvent): Use new helper function to
3601         clean up the code, and allow us to check that the Widget has not been
3602         destroyed during the event handler.
3603
3604 2016-04-08  Said Abou-Hallawa  <sabouhallawa@apple,com>
3605
3606         Timing attack on SVG feComposite filter circumvents same-origin policy
3607         https://bugs.webkit.org/show_bug.cgi?id=154338
3608
3609         Reviewed by Oliver Hunt.
3610
3611         Ensure the FEComposite arithmetic filter is clamping the resulted color
3612         components in a constant time.
3613
3614         * platform/graphics/filters/FEComposite.cpp:
3615         (WebCore::clampByte):
3616         (WebCore::computeArithmeticPixels):
3617
3618 2016-04-08  Brian Burg  <bburg@apple.com>
3619
3620         Web Inspector: get rid of InspectorBasicValue and InspectorString subclasses
3621         https://bugs.webkit.org/show_bug.cgi?id=156407
3622         <rdar://problem/25627659>
3623
3624         Reviewed by Timothy Hatcher.
3625
3626         * inspector/InspectorDatabaseAgent.cpp: Don't use deleted subclasses.
3627
3628 2016-04-08  Beth Dakin  <bdakin@apple.com>
3629
3630         Fix leaks in WebAVMediaSelectionOptionMac and WebPlaybackControlsManager
3631         https://bugs.webkit.org/show_bug.cgi?id=156379
3632
3633         Reviewed by Tim Horton.
3634
3635         These classes should use RetainPtrs.
3636         * platform/mac/WebVideoFullscreenInterfaceMac.mm:
3637         (-[WebAVMediaSelectionOptionMac localizedDisplayName]):
3638         (-[WebAVMediaSelectionOptionMac setLocalizedDisplayName:]):
3639         (-[WebPlaybackControlsManager timing]):
3640         (-[WebPlaybackControlsManager setTiming:]):
3641         (-[WebPlaybackControlsManager seekableTimeRanges]):
3642         (-[WebPlaybackControlsManager setSeekableTimeRanges:]):
3643         (-[WebPlaybackControlsManager audioMediaSelectionOptions]):
3644         (-[WebPlaybackControlsManager setAudioMediaSelectionOptions:]):
3645         (-[WebPlaybackControlsManager currentAudioMediaSelectionOption]):
3646         (-[WebPlaybackControlsManager setCurrentAudioMediaSelectionOption:]):
3647         (-[WebPlaybackControlsManager legibleMediaSelectionOptions]):
3648         (-[WebPlaybackControlsManager setLegibleMediaSelectionOptions:]):
3649         (-[WebPlaybackControlsManager currentLegibleMediaSelectionOption]):
3650         (-[WebPlaybackControlsManager setCurrentLegibleMediaSelectionOption:]):
3651
3652 2016-04-08  Fujii Hironori  <Hironori.Fujii@jp.sony.com>
3653
3654         Touching any IDL files rebuilds all bindings in CMake Ninja build
3655         https://bugs.webkit.org/show_bug.cgi?id=156400
3656
3657         Reviewed by Brent Fulgham.
3658
3659         * bindings/scripts/preprocess-idls.pl:
3660         (GenerateConstructorAttribute):
3661         WriteFileIfChanged does not work due to flaky results of 'keys'.
3662         Sort results of 'keys'.
3663
3664 2016-04-07  Simon Fraser  <simon.fraser@apple.com>
3665
3666         [iOS WK2] Stop using exposedContentRect for history scroll state restoration
3667         https://bugs.webkit.org/show_bug.cgi?id=156392
3668
3669         Reviewed by Tim Horton.
3670
3671         A future commit will alter the meaning of exposedContentRect on iOS to take into
3672         account clipped out parts of the WKWebView. To achieve this, wean history restoration
3673         off of using exposedContentRect for scroll state restoration. It did this to restore
3674         the page to the same position relative to the view's top-left (to avoid jiggles caused
3675         by changing obscured insets).
3676
3677         Do this by pushing the left/top obscured insets down with visible content rects updates,
3678         storing them on ScrollView, and adding them to HistoryItem. Those insets are then used
3679         for scroll state restoration in WKWebView.
3680
3681         * history/HistoryItem.cpp:
3682         (WebCore::HistoryItem::HistoryItem):
3683         * history/HistoryItem.h:
3684         (WebCore::HistoryItem::obscuredInset):
3685         (WebCore::HistoryItem::setObscuredInset):
3686         * loader/HistoryController.cpp:
3687         (WebCore::HistoryController::saveScrollPositionAndViewStateToItem):
3688         * platform/ScrollView.h:
3689         (WebCore::ScrollView::platformObscuredInset):
3690         (WebCore::ScrollView::platformSetObscuredInset):
3691
3692 2016-04-08  Brady Eidson  <beidson@apple.com>
3693
3694         Build fix followup to http://trac.webkit.org/changeset/199230
3695
3696         Unreviewed.
3697
3698         * platform/posix/FileSystemPOSIX.cpp:
3699         (WebCore::hardLinkOrCopyFile): Stricter POSIX systems require a umask for O_CREAT opens,
3700           so let's provide one.
3701
3702 2016-04-08  Darin Adler  <darin@apple.com>
3703
3704         Remove 14 more unnecessary uses of UsePointersEvenForNonNullableObjectArguments
3705         https://bugs.webkit.org/show_bug.cgi?id=156405
3706
3707         Reviewed by Chris Dumez.
3708
3709         * Modules/encryptedmedia/MediaKeySession.idl:
3710         * Modules/encryptedmedia/MediaKeys.idl:
3711         * dom/Element.idl:
3712         * dom/NamedNodeMap.idl:
3713         * html/HTMLElement.idl:
3714         * html/canvas/OESVertexArrayObject.idl:
3715         * html/canvas/WebGLRenderingContext.idl:
3716         * page/DOMSelection.idl:
3717         * storage/StorageEvent.idl:
3718         * svg/SVGSVGElement.idl:
3719         * xml/XMLSerializer.idl:
3720         * xml/XPathEvaluator.idl:
3721         * xml/XPathExpression.idl:
3722         * xml/XSLTProcessor.idl:
3723         Removed UsePointersEvenForNonNullableObjectArguments, which was having no effect
3724         in any of these classes. Also tweaked formatting of some of the IDL, merging things
3725         onto single lines, changing paragraphing and indenting a bit, and fixing some typos.
3726
3727 2016-04-08  Brady Eidson  <beidson@apple.com>
3728
3729         Modern IDB (Blob support): Write blobs to temporary files and move them to the correct location when storing them.
3730         https://bugs.webkit.org/show_bug.cgi?id=156321
3731
3732         Reviewed by Alex Christensen, Andy Estes, and Darin Adler.
3733
3734         No new tests (No testable change in behavior yet, current tests pass).
3735
3736         When asked to store a Blob (including Files) in IndexedDB, the Blob is written out to a temporary file.
3737         
3738         Then when the putOrAdd request is received by IDBServer it includes a list of blobURLs and their mappings
3739         to temporary files.
3740         
3741         Finally, as part of storing the Blob value in the database, those temporary files are moved in to place
3742         under the IndexedDB directory for storage and later retrieval.
3743
3744         * Modules/indexeddb/IDBValue.cpp:
3745         (WebCore::IDBValue::IDBValue):
3746
3747         * Modules/indexeddb/server/IDBBackingStore.h:
3748         (WebCore::IDBServer::IDBBackingStoreTemporaryFileHandler::~IDBBackingStoreTemporaryFileHandler):
3749
3750         * Modules/indexeddb/server/IDBServer.cpp:
3751         (WebCore::IDBServer::IDBServer::create):
3752         (WebCore::IDBServer::IDBServer::IDBServer):
3753         (WebCore::IDBServer::IDBServer::createBackingStore):
3754         * Modules/indexeddb/server/IDBServer.h:
3755
3756         * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
3757         (WebCore::IDBServer::blobRecordsTableSchema):
3758         (WebCore::IDBServer::blobRecordsTableSchemaAlternate):
3759         (WebCore::IDBServer::blobFilesTableSchema):
3760         (WebCore::IDBServer::blobFilesTableSchemaAlternate):
3761         (WebCore::IDBServer::SQLiteIDBBackingStore::SQLiteIDBBackingStore):
3762         (WebCore::IDBServer::SQLiteIDBBackingStore::ensureValidBlobTables):
3763         (WebCore::IDBServer::SQLiteIDBBackingStore::getOrEstablishDatabaseInfo):
3764         (WebCore::IDBServer::SQLiteIDBBackingStore::addRecord):
3765         * Modules/indexeddb/server/SQLiteIDBBackingStore.h:
3766         (WebCore::IDBServer::SQLiteIDBBackingStore::temporaryFileHandler):
3767
3768         * Modules/indexeddb/server/SQLiteIDBTransaction.cpp:
3769         (WebCore::IDBServer::SQLiteIDBTransaction::commit):
3770         (WebCore::IDBServer::SQLiteIDBTransaction::moveBlobFilesIfNecessary):
3771         (WebCore::IDBServer::SQLiteIDBTransaction::abort):
3772         (WebCore::IDBServer::SQLiteIDBTransaction::reset):
3773         (WebCore::IDBServer::SQLiteIDBTransaction::addBlobFile):
3774         * Modules/indexeddb/server/SQLiteIDBTransaction.h:
3775
3776         * Modules/indexeddb/shared/InProcessIDBServer.cpp:
3777         (WebCore::InProcessIDBServer::InProcessIDBServer):
3778         (WebCore::InProcessIDBServer::accessToTemporaryFileComplete):
3779         * Modules/indexeddb/shared/InProcessIDBServer.h:
3780
3781         * bindings/js/SerializedScriptValue.cpp:
3782         (WebCore::SerializedScriptValue::blobURLsIsolatedCopy):
3783         * bindings/js/SerializedScriptValue.h:
3784
3785         * platform/FileSystem.h:
3786         * platform/gtk/FileSystemGtk.cpp:
3787         (WebCore::hardLinkOrCopyFile):
3788         * platform/posix/FileSystemPOSIX.cpp:
3789         (WebCore::hardLinkOrCopyFile):
3790
3791 2016-04-08  Joanmarie Diggs  <jdiggs@igalia.com>
3792
3793         AX: [ATK] Crash getting text under element in CSS table
3794         https://bugs.webkit.org/show_bug.cgi?id=156328
3795
3796         Reviewed by Chris Fleizach.
3797
3798         AccessibilityRenderObject::textUnderElement() assumes (and asserts) that
3799         the first and last child of an anonymous block will each have nodes with
3800         which to define positions. This is not the case for CSS Tables and their
3801         anonymous descendants. AccessibilityNodeObject:textUnderElement() is our
3802         fallback for the instances where a text range cannot be created based on
3803         positions, so let it handle anonymous RenderTable parts.
3804
3805         Test: accessibility/generated-content-with-display-table-crash.html
3806
3807         * accessibility/AccessibilityRenderObject.cpp:
3808         (WebCore::AccessibilityRenderObject::textUnderElement):
3809         (WebCore::AccessibilityRenderObject::shouldGetTextFromNode):
3810         * accessibility/AccessibilityRenderObject.h:
3811
3812 2016-04-08  Darin Adler  <darin@apple.com>
3813
3814         Remove unneeded UsePointersEvenForNonNullableObjectArguments from event classes
3815         https://bugs.webkit.org/show_bug.cgi?id=156396
3816
3817         Reviewed by Youenn Fablet.
3818
3819         * dom/CompositionEvent.idl:
3820         * dom/KeyboardEvent.idl:
3821         * dom/MouseEvent.idl:
3822         * dom/MutationEvent.idl:
3823         * dom/TextEvent.idl:
3824         * dom/TouchEvent.idl:
3825         * dom/UIEvent.idl:
3826         * dom/WheelEvent.idl:
3827         Removed UsePointersEvenForNonNullableObjectArguments, which was having no effect.
3828
3829 2016-04-08  Manuel Rego Casasnovas  <rego@igalia.com>
3830
3831         [css-grid] Fix positioned items with grid gaps
3832         https://bugs.webkit.org/show_bug.cgi?id=156288
3833
3834         Reviewed by Darin Adler.
3835
3836         When we place a positioned items in a grid with gaps,
3837         we were not taking into accounts the gutter size.
3838         We've to use that size to properly place and size the item.
3839
3840         Tests: fast/css-grid-layout/grid-positioned-items-gaps-rtl.html
3841                fast/css-grid-layout/grid-positioned-items-gaps.html
3842
3843         * rendering/RenderGrid.cpp:
3844         (WebCore::RenderGrid::offsetAndBreadthForPositionedChild):
3845
3846 2016-04-08  Javier Fernandez  <jfernandez@igalia.com>
3847
3848         [css-grid] Remove unnecessary iteration in populateGridPositions loop
3849         https://bugs.webkit.org/show_bug.cgi?id=156376
3850
3851         Reviewed by Darin Adler.
3852
3853         The populateGridPositions loop limit was set to 'lastLine'. However, the
3854         the position of last track's start line is updated after the loop, since
3855         it does not follow the same pattern; it does not have a content
3856         distribution offset.
3857
3858         So, since we are essentially overwriting the value stored in the last
3859         iteration, we can just lower the loop limit.
3860
3861         No new tests added, because there is no change in the functionality.
3862
3863         * rendering/RenderGrid.cpp:
3864         (WebCore::RenderGrid::populateGridPositions):
3865
3866 2016-04-08  John Wilander  <wilander@apple.com>
3867
3868         CSP: Block XHR when calling XMLHttpRequest.send() and throw network error.
3869         https://bugs.webkit.org/show_bug.cgi?id=153598
3870         <rdar://problem/24391483>
3871
3872         Reviewed by Darin Adler.
3873
3874         No new tests. Changes to existing tests are sufficient.
3875
3876         * xml/XMLHttpRequest.cpp:
3877         (WebCore::XMLHttpRequest::open):
3878         (WebCore::XMLHttpRequest::initSend):
3879             Moved the CSP check from XMLHttpRequest::open() to XMLHttpRequest::initSend().
3880             Changed the thrown error type from Security to Network for synchronous requests.
3881             Changed from throwing an error to firing an error event for asynchronous requests.
3882             These changes are in conformance with connect-src of Content Security Policy Level 2.
3883             https://www.w3.org/TR/CSP2/#directive-connect-src (W3C Candidate Recommendation, 21 July 2015)
3884
3885 2016-04-07  Darin Adler  <darin@apple.com>
3886
3887         FontFaceSet binding does not handle null correctly
3888         https://bugs.webkit.org/show_bug.cgi?id=156141
3889
3890         Reviewed by Youenn Fablet.
3891
3892         * css/FontFaceSet.cpp:
3893         (WebCore::FontFaceSet::FontFaceSet): Pass a reference to add rather than a pointer.
3894         (WebCore::FontFaceSet::has): Take a reference rather than a pointer.
3895         (WebCore::FontFaceSet::add): Ditto.
3896         (WebCore::FontFaceSet::remove): Ditto.
3897         (WebCore::FontFaceSet::load): Initialize ec since we check it. Caller is not required
3898         to do this, nor is the matchingFaces function. Rearranged function to avoid needless
3899         creation/destruction of PendingPromise for the immediate failure case. Removed some
3900         unneeded type casts and local variables.
3901         (WebCore::FontFaceSet::status): Use ASCIILiteral instead of ConstructFromLiteral.
3902         No reason to use the more aggressive optimization.
3903         (WebCore::FontFaceSet::faceFinished): Factored out a common hasReachedTerminalState
3904         check to streamline the logic a bit.
3905         (WebCore::FontFaceSet::load): Moved overload without a string in here; not critical
3906         to inline it.
3907         (WebCore::FontFaceSet::check): Ditto.
3908
3909         * css/FontFaceSet.h: Removed many unneeded includes and forward declarations.
3910         Changed functions to take FontFace& instead of RefPtr<FontFace>. Removed unneeded
3911         WebCore namespace prefixes. Use final instead of override for virtual functions.
3912
3913         * css/FontFaceSet.idl: Removed UsePointersEvenForNonNullableObjectArguments, which
3914         was preserving incorrect behavior for null as demonstrated by the test cases.
3915
3916 2016-04-07  Joseph Pecoraro  <pecoraro@apple.com>
3917
3918         Remove ENABLE(ENABLE_ES6_CLASS_SYNTAX) guards
3919         https://bugs.webkit.org/show_bug.cgi?id=156384
3920
3921         Reviewed by Ryosuke Niwa.
3922
3923         * Configurations/FeatureDefines.xcconfig:
3924
3925 2016-04-07  Dean Jackson  <dino@apple.com>
3926
3927         [iOS] Media playback button should use appearance
3928         https://bugs.webkit.org/show_bug.cgi?id=156388
3929         <rdar://problem/25618352>
3930
3931         Reviewed by Simon Fraser.
3932
3933         With the recent change in backdrop appearance, we can
3934         now use the system style directly for the play button.
3935