b1c679bea04866b79ef17062b65b33fafa3fcbfb
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2016-02-18  Chris Dumez  <cdumez@apple.com>
2
3         window.history / window.navigator should not be replaceable
4         https://bugs.webkit.org/show_bug.cgi?id=154412
5
6         Reviewed by Ryosuke Niwa.
7
8         window.history / window.navigator should not be replaceable as per
9         the latest HTML specification:
10         https://html.spec.whatwg.org/multipage/browsers.html#the-window-object
11
12         Firefox and Chrome already match the specification. This patch aligns
13         our behavior.
14
15         No new tests, already covered by existing tests.
16
17         * page/DOMWindow.idl:
18
19 2016-02-18  Chris Dumez  <cdumez@apple.com>
20
21         HTMLTableHeaderCellElement.scope should only return known values
22         https://bugs.webkit.org/show_bug.cgi?id=154423
23         <rdar://problem/24731018>
24
25         Reviewed by Ryosuke Niwa.
26
27         HTMLTableHeaderCellElement.scope should only return known values as per:
28         - https://html.spec.whatwg.org/multipage/tables.html#dom-th-scope
29
30         Known values are document here:
31         - https://html.spec.whatwg.org/multipage/tables.html#attr-th-scope
32
33         No new tests, already covered by existing test.
34
35         * CMakeLists.txt:
36         * WebCore.vcxproj/WebCore.vcxproj:
37         * WebCore.vcxproj/WebCore.vcxproj.filters:
38         * WebCore.xcodeproj/project.pbxproj:
39         * html/HTMLElementsAllInOne.cpp:
40         * html/HTMLTableHeaderCellElement.cpp: Copied from Source/WebCore/html/HTMLTableHeaderCellElement.h.
41         (WebCore::HTMLTableHeaderCellElement::scope):
42         (WebCore::HTMLTableHeaderCellElement::setScope):
43         * html/HTMLTableHeaderCellElement.h:
44         * html/HTMLTableHeaderCellElement.idl:
45
46 2016-02-18  Brent Fulgham  <bfulgham@apple.com>
47
48         Extend HashCountedSet with a method to efficiently set the count of an entry
49         https://bugs.webkit.org/show_bug.cgi?id=154352
50
51         Reviewed by Geoffrey Garen.
52
53         Tested by new TestWebKitAPI tests.
54
55         * loader/ResourceLoadStatistics.cpp:
56         (WebCore::decodeHashCountedSet): Update to use new HashCountedSet::add method.
57
58 2016-02-18  Simon Fraser  <simon.fraser@apple.com>
59
60         Wheel event callback removing the window causes crash in WebCore.
61         https://bugs.webkit.org/show_bug.cgi?id=150871
62
63         Reviewed by Brent Fulgham.
64         
65         Null check the FrameView before using it, since the iframe may have been removed
66         from its parent document inside the event handler.
67
68         Test: fast/events/wheel-event-destroys-frame.html
69
70         * page/mac/EventHandlerMac.mm:
71         (WebCore::EventHandler::platformCompleteWheelEvent):
72
73 2016-02-18  Brady Eidson  <beidson@apple.com>
74
75         Modern IDB: Fix IDBGetResult encoder/decoder.
76         https://bugs.webkit.org/show_bug.cgi?id=154421
77
78         Reviewed by Alex Christensen.
79
80         No new tests, as Modern IDB is still disabled for WK2.
81         
82         But if you manually enable it, "Basic IndexedDB Seems To Work"
83
84         * Modules/indexeddb/IDBGetResult.h:
85         (WebCore::IDBGetResult::encode):
86         (WebCore::IDBGetResult::decode):
87
88 2016-02-18  Myles C. Maxfield  <mmaxfield@apple.com>
89
90         Addressing post-review comments after r196747.
91
92         Unreviewed.
93
94         * css/CSSFontFaceSet.h:
95         * css/FontFaceSet.cpp:
96         (WebCore::FontFaceSet::size):
97         (WebCore::FontFaceSet::clear):
98         * css/FontFaceSet.h:
99
100 2016-02-18  Zalan Bujtas  <zalan@apple.com>
101
102         Soft hyphen is not shown when it is placed at the end of an inline element
103         https://bugs.webkit.org/show_bug.cgi?id=153980
104
105         Reviewed by David Hyatt.
106
107         This patch handles the case when the character at the breaking position does not fit the
108         line and soft-hyphen, as the first breaking opportunity, is followed by this overflowing character.
109         (foo&shy;bar where b overflows the line).
110         In such cases we don't yet have an item in the breaking history so we need to take a look at
111         the current context instead.    
112
113         Test: fast/text/soft-hyphen-as-first-breaking-opportunity.html
114
115         * rendering/line/BreakingContext.h:
116         (WebCore::BreakingContext::InlineIteratorHistory::nextBreakablePosition):
117         (WebCore::BreakingContext::handleText):
118
119 2016-02-18  Andreas Kling  <akling@apple.com>
120
121         Fake memory pressure handler should log detailed memory breakdown.
122         <https://webkit.org/b/154415>
123
124         Reviewed by Antti Koivisto.
125
126         Piggyback on the RESOURCE_USAGE code to implement some detailed memory footprint diffing
127         and have the fake memory handler dump before/after/diff after it runs.
128
129         * page/ResourceUsageThread.h:
130         (WebCore::TagInfo::TagInfo):
131         * page/cocoa/ResourceUsageThreadCocoa.mm:
132         (WebCore::logFootprintComparison):
133         (WebCore::displayNameForVMTag):
134         (WebCore::pagesPerVMTag):
135         (WebCore::TagInfo::TagInfo): Deleted.
136         * platform/cocoa/MemoryPressureHandlerCocoa.mm:
137         (WebCore::MemoryPressureHandler::install):
138
139 2016-02-18  Brady Eidson  <beidson@apple.com>
140
141         Modern IDB: Implement server->client operations in WK2.
142         https://bugs.webkit.org/show_bug.cgi?id=154411
143
144         Reviewed by Alex Christensen.
145
146         No change in behavior yet; Just laying the groundwork.
147     
148         * Modules/indexeddb/client/IDBConnectionToServer.h:
149         * Modules/indexeddb/server/IDBServer.h:
150         * Modules/indexeddb/shared/IDBTransactionInfo.h:
151         (WebCore::IDBTransactionInfo::encode):
152         (WebCore::IDBTransactionInfo::decode):
153
154 2016-02-18  Csaba Osztrogonác  <ossy@webkit.org>
155
156         Fix unused-const-variable warning on non Cocoa platforms
157         https://bugs.webkit.org/show_bug.cgi?id=154394
158
159         Reviewed by Michael Catanzaro.
160
161         * html/HTMLPlugInImageElement.cpp:
162
163 2016-02-18  Brady Eidson  <beidson@apple.com>
164
165         Modern IDB: Implement client->server operations in WK2.
166         https://bugs.webkit.org/show_bug.cgi?id=154400
167
168         Reviewed by Alex Christensen.
169
170         No change in behavior yet; Just laying the groundwork.
171
172         * Modules/indexeddb/server/IDBServer.h:
173         * Modules/indexeddb/server/UniqueIDBDatabase.h:
174         * Modules/indexeddb/shared/IDBIndexInfo.h:
175         * Modules/indexeddb/shared/IDBObjectStoreInfo.h:
176
177 2016-02-18  Chris Dumez  <cdumez@apple.com>
178
179         [Unforgeable] operations should not be writable as per Web IDL
180         https://bugs.webkit.org/show_bug.cgi?id=154396
181         <rdar://problem/24721063>
182
183         Reviewed by Ryosuke Niwa.
184
185         [Unforgeable] operations should not be writable as per the Web IDL specification:
186         http://heycam.github.io/webidl/#es-operations
187
188         They were currently non-configurable in WebKit but still writable.
189
190         No new tests, already covered by existing test.
191
192         * bindings/scripts/CodeGeneratorJS.pm:
193         Mark [Unforgeable] operations as ReadOnly.
194
195         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
196         * bindings/scripts/test/GObject/WebKitDOMTestObj.h:
197         * bindings/scripts/test/JS/JSTestObj.cpp:
198         * bindings/scripts/test/ObjC/DOMTestObj.h:
199         * bindings/scripts/test/ObjC/DOMTestObj.mm:
200         * bindings/scripts/test/TestObj.idl:
201         Add bindings test coverage for [Unforgeable].
202
203 2016-02-18  Chris Dumez  <cdumez@apple.com>
204
205         Fix behavior of reflecting unsigned long IDL attributes that are limited to only non-negative numbers greater than zero
206         https://bugs.webkit.org/show_bug.cgi?id=154398
207
208         Reviewed by Ryosuke Niwa.
209
210         Fix behavior of reflecting unsigned long IDL attributes that are limited
211         to only non-negative numbers greater than zero to comply with:
212         - https://html.spec.whatwg.org/#limited-to-only-non-negative-numbers-greater-than-zero
213
214         This patch updates the following IDL attributes:
215         - colgroup.span
216         - col.span
217         - input.size
218         - textarea.cols
219         - textareal.rows
220
221         All of them now:
222         - Have "unsigned long" type on IDL size and "unsigned" type on native
223           side.
224         - On getting, return the value if it is in the range [1; 2147483647],
225           otherwise return the default value.
226         - On setting, set to the input value if it is in the range
227           [1; 2147483647], otherwise, set to the default value.
228
229         Note that as per the specification, we are supposed to throw an
230         IndexSizeError exception when trying to set those attributes to zero.
231         However, we instead use the default value to match other browsers.
232         It would be risky to be the only browser to throw in this case.
233
234         No new tests, already covered by existing test.
235
236         * html/HTMLInputElement.cpp:
237         (WebCore::HTMLInputElement::parseAttribute):
238         (WebCore::HTMLInputElement::setSize):
239         * html/HTMLTableColElement.cpp:
240         (WebCore::HTMLTableColElement::parseAttribute):
241         (WebCore::HTMLTableColElement::setSpan):
242         * html/HTMLTableColElement.h:
243         * html/HTMLTableColElement.idl:
244         * html/HTMLTextAreaElement.cpp:
245         (WebCore::HTMLTextAreaElement::parseAttribute):
246         (WebCore::HTMLTextAreaElement::setCols):
247         (WebCore::HTMLTextAreaElement::setRows):
248         (WebCore::HTMLTextAreaElement::shouldUseInputMethod): Deleted.
249         * html/HTMLTextAreaElement.h:
250         * html/HTMLTextAreaElement.idl:
251         * html/parser/HTMLParserIdioms.h:
252         (WebCore::limitToOnlyNonNegativeNumbersGreaterThanZero):
253
254 2016-02-18  David Kilzer  <ddkilzer@apple.com>
255
256         Remove redundant ASSERT_WITH_MESSAGE_UNUSED() from SOFT_LINK_FRAMEWORK_FOR_SOURCE() macro
257
258         Follow-up fix noted by Andy Estes for:
259
260             [Cocoa] Always check the return value of dlopen() and dlsym() in Release builds
261             <http://webkit.org/b/154364>
262
263         * platform/mac/SoftLinking.h:
264         (SOFT_LINK_FRAMEWORK_FOR_SOURCE): Remove redundant
265         ASSERT_WITH_MESSAGE_UNUSED().
266
267 2016-02-18  Andreas Kling  <akling@apple.com>
268
269         Reduce tiling coverage immediately when memory pressure hits.
270         <https://webkit.org/b/154374>
271
272         Reviewed by Simon Fraser.
273
274         We already had a policy that reduced tiling coverage to a minimum while the system
275         is under memory pressure. However, that policy wouldn't kick in immediately after
276         receiving the pressure notification, but the next time we flush compositing state.
277
278         This change makes it happen sooner, improving our chances to escape death!
279
280         * page/Page.h:
281         * page/Page.cpp:
282         (WebCore::Page::forEachPage):
283
284             Add a little helper for visiting every Page.
285
286         * platform/MemoryPressureHandler.cpp:
287         (WebCore::MemoryPressureHandler::releaseCriticalMemory):
288
289             When under critical memory pressure, schedule a compositing flush in all Pages.
290             This ensures that the reduced tiling coverage policy takes effect, allowing us to
291             immediately drop several tiles in each visible web view.
292
293         * platform/cocoa/MemoryPressureHandlerCocoa.mm:
294         (WebCore::MemoryPressureHandler::install):
295
296             To ensure that this behavior is testable with the fake memory pressure notification,
297             make the fake handler set the "in memory pressure" state just like the real one would.
298             I don't know why we were not doing this previously, it was just an oversight.
299             After the simulation completes, it schedules a runloop callback that resets the
300             "in memory pressure" state.
301
302 2016-02-17  Myles C. Maxfield  <mmaxfield@apple.com>
303
304         [Font Loading] Implement FontFaceSet
305         https://bugs.webkit.org/show_bug.cgi?id=153348
306
307         Reviewed by Simon Fraser.
308
309         The CSS Font Loading spec includes a FontFaceSet object which represents
310         a collection of FontFaces. This patch implements such an object, and
311         backs it with a vector of FontFaces. Similarly to the FontFace object,
312         FontFaceSet is separated into a FontFaceSet frontend object and a
313         CSSFontFaceSet backend object, which actually owns the FontFace objects.
314         All the interaction with Promises is performed in the frontend object.
315
316         This patch does not implement the EventTarget part of the FontFaceSet
317         API, so the only way to know when a font is finished loading is by using
318         the associated Promise objects.
319
320         The CSS Font Loading spec describes how the Document should vend an
321         instance of FontFaceSet which represents the font faces currently
322         associated with the Document. However, that functionality is
323         forthcoming. Currently, the only way to get a FontFaceSet is to create
324         one yourself (using the constructor). Therefore, this patch does not
325         implement the spec's notion of a "CSS-connected font face."
326
327         Test: fast/text/font-face-set-javascript.html
328
329         * CMakeLists.txt: Add new files.
330         * DerivedSources.make: Ditto.
331         * WebCore.vcxproj/WebCore.vcxproj: Ditto.
332         * WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.
333         * WebCore.xcodeproj/project.pbxproj: Ditto.
334         * bindings/js/JSFontFaceSetCustom.cpp: Added.
335         (WebCore::JSFontFaceSet::ready): Use the Promise member.
336         (WebCore::JSFontFaceSet::entries): Use existing iterator code.
337         (WebCore::JSFontFaceSet::keys):
338         (WebCore::JSFontFaceSet::values):
339         * css/CSSAllInOne.cpp: Add new files.
340         * css/CSSFontFace.cpp: We now have a collection of clients (instead of
341         just one). Also, we need to keep a pointer to our FontFace wrapper.
342         (WebCore::CSSFontFace::CSSFontFace):
343         (WebCore::CSSFontFace::addClient):
344         (WebCore::CSSFontFace::removeClient):
345         (WebCore::CSSFontFace::setStatus): Rename the delegate callback to be
346         more clear.
347         (WebCore::CSSFontFace::fontLoaded):
348         (WebCore::CSSFontFace::addedToSegmentedFontFace): Deleted.
349         (WebCore::CSSFontFace::removedFromSegmentedFontFace): Deleted.
350         * css/CSSFontFace.h: Same as above.
351         (WebCore::CSSFontFace::create):
352         (WebCore::CSSFontFace::Client::~Client):
353         (WebCore::CSSFontFace::Client::kick):
354         (WebCore::CSSFontFace::Client::stateChanged):
355         (WebCore::CSSFontFace::wrapper):
356         (WebCore::CSSFontFaceClient::~CSSFontFaceClient): Deleted.
357         * css/CSSFontFaceSet.cpp: Added. Initial imlementation.
358         (WebCore::CSSFontFaceSet::CSSFontFaceSet):
359         (WebCore::CSSFontFaceSet::~CSSFontFaceSet):
360         (WebCore::CSSFontFaceSet::incrementActiveCount):
361         (WebCore::CSSFontFaceSet::decrementActiveCount):
362         (WebCore::CSSFontFaceSet::has):
363         (WebCore::CSSFontFaceSet::add):
364         (WebCore::CSSFontFaceSet::remove):
365         (WebCore::extractFamilies):
366         (WebCore::familiesIntersect): Because this is an initial imlementation,
367         this function is not optimized. A subsequent patch (which implements
368         Document.fonts) will optimize this.
369         (WebCore::CSSFontFaceSet::matchingFaces):
370         (WebCore::CSSFontFaceSet::load):
371         (WebCore::CSSFontFaceSet::check):
372         (WebCore::CSSFontFaceSet::stateChanged):
373         * css/CSSFontFaceSet.h: Added.
374         (WebCore::CSSFontFaceSetClient::~CSSFontFaceSetClient):
375         (WebCore::CSSFontFaceSet::size):
376         (WebCore::CSSFontFaceSet::operator[]):
377         (WebCore::CSSFontFaceSet::status):
378         * css/CSSFontSelector.cpp:
379         (WebCore::CSSFontSelector::familyNameFromPrimitive):
380         (WebCore::CSSFontSelector::registerLocalFontFacesForFamily):
381         (WebCore::CSSFontSelector::addFontFaceRule):
382         (WebCore::familyNameFromPrimitive): Deleted.
383         (WebCore::CSSFontSelector::kick): Deleted.
384         * css/CSSFontSelector.h:
385         * css/CSSSegmentedFontFace.cpp:
386         (WebCore::CSSSegmentedFontFace::~CSSSegmentedFontFace):
387         (WebCore::CSSSegmentedFontFace::appendFontFace):
388         (WebCore::CSSSegmentedFontFace::kick):
389         (WebCore::CSSSegmentedFontFace::fontLoaded): Deleted.
390         * css/CSSSegmentedFontFace.h:
391         * css/FontFace.cpp:
392         (WebCore::FontFace::FontFace):
393         (WebCore::FontFace::~FontFace):
394         (WebCore::FontFace::stateChanged): Renamed to make its purpose clearer.
395         (WebCore::FontFace::kick): Deleted.
396         * css/FontFace.h:
397         * css/FontFaceSet.cpp: Added.
398         (WebCore::createPromise):
399         (WebCore::FontFaceSet::FontFaceSet):
400         (WebCore::FontFaceSet::~FontFaceSet):
401         (WebCore::FontFaceSet::Iterator::Iterator):
402         (WebCore::FontFaceSet::Iterator::next):
403         (WebCore::FontFaceSet::PendingPromise::PendingPromise):
404         (WebCore::FontFaceSet::PendingPromise::~PendingPromise):
405         (WebCore::FontFaceSet::has):
406         (WebCore::FontFaceSet::size):
407         (WebCore::FontFaceSet::add):
408         (WebCore::FontFaceSet::remove):
409         (WebCore::FontFaceSet::clear):
410         (WebCore::FontFaceSet::load): Most of the complexity of loading is
411         due to the promises involved. Rather than use the Javascript function
412         Promise.all(), this patch builds a data structure to represent the
413         promises which need to be resolved. When fonts finish loading, we look
414         at the data structure to determine which promises to resolve.
415         (WebCore::FontFaceSet::check):
416         (WebCore::FontFaceSet::status):
417         (WebCore::FontFaceSet::canSuspendForDocumentSuspension):
418         (WebCore::FontFaceSet::startedLoading):
419         (WebCore::FontFaceSet::completedLoading):
420         (WebCore::FontFaceSet::fulfillPromise): Keep the promise alive.
421         (WebCore::FontFaceSet::faceFinished):
422         * css/FontFaceSet.h: Added.
423         (WebCore::FontFaceSet::create):
424         (WebCore::FontFaceSet::load):
425         (WebCore::FontFaceSet::check):
426         (WebCore::FontFaceSet::createIterator):
427         (WebCore::FontFaceSet::PendingPromise::create):
428         * css/FontFaceSet.idl: Added.
429         * dom/EventNames.h:
430         * dom/EventTargetFactory.in:
431
432 2016-02-17  Mark Lam  <mark.lam@apple.com>
433
434         Callers of JSString::value() should check for exceptions thereafter.
435         https://bugs.webkit.org/show_bug.cgi?id=154346
436
437         Reviewed by Geoffrey Garen.
438
439         No new tests.  The crash that results from this issue is dependent on a race
440         condition where an OutOfMemory error occurs precisely at the point where the
441         JSString::value() function is called on a rope JSString.
442
443         * bindings/js/JSHTMLAllCollectionCustom.cpp:
444         (WebCore::callHTMLAllCollection):
445         * bindings/js/JSStorageCustom.cpp:
446         (WebCore::JSStorage::putDelegate):
447         - Added a comment at the site of the exception check to clarify the meaning of
448           the return value.
449
450 2016-02-17  David Kilzer  <ddkilzer@apple.com>
451
452         [Cocoa] Always check the return value of dlopen() and dlsym() in Release builds
453         <http://webkit.org/b/154364>
454
455         Reviewed by Alexey Proskuryakov.
456
457         * platform/mac/SoftLinking.h:
458         (SOFT_LINK_LIBRARY): Change ASSERT_WITH_MESSAGE() to
459         RELEASE_ASSERT_WITH_MESSAGE().
460         (SOFT_LINK_FRAMEWORK): Ditto.
461         (SOFT_LINK_PRIVATE_FRAMEWORK): Ditto.
462         (SOFT_LINK_STAGED_FRAMEWORK): Ditto.
463         (SOFT_LINK_FRAMEWORK_IN_UMBRELLA): Ditto.
464         (SOFT_LINK): Ditto.
465         (SOFT_LINK_POINTER): Ditto.
466         (SOFT_LINK_CONSTANT): Ditto.
467         (SOFT_LINK_FRAMEWORK_FOR_SOURCE): Add
468         RELEASE_ASSERT_WITH_MESSAGE() when soft-link is not
469         optional.
470
471 2016-02-17  Chris Dumez  <cdumez@apple.com>
472
473         Regression(r196648): http://w3c-test.org/html/dom/interfaces.html redirects at the end of the test
474         https://bugs.webkit.org/show_bug.cgi?id=154357
475
476         Reviewed by Alexey Proskuryakov.
477
478         Make location.assign() / location.replace()'s parameter mandatory,
479         as per the specification:
480         https://html.spec.whatwg.org/multipage/browsers.html#the-location-interface
481
482         Previously, calling location.assign() / location.replace() without
483         parameter would be identical to calling location.assign("undefined") /
484         location.replace("undefined"), which is not useful.
485
486         After r196648, http://w3c-test.org/html/dom/interfaces.html was able to
487         test location.assign() / location.replace() further because they are now
488         on the instance (where they should be) instead of the prototype. One of
489         these tests calls these functions without parameter, expecting them to
490         throw an exception. However, in WebKit, it would not throw and it would
491         redirect us to http://w3c-test.org/html/dom/undefined.
492
493         Firefox and Chrome both follow the specification already and throw in
494         this case.
495
496         No new tests, already covered by existing test.
497
498         * page/Location.idl:
499         Make location.assign() / location.replace()'s parameter mandatory,
500         as per the specification.
501
502 2016-02-17  Commit Queue  <commit-queue@webkit.org>
503
504         Unreviewed, rolling out r196738.
505         https://bugs.webkit.org/show_bug.cgi?id=154380
506
507         broke css3/calc/transforms-translate.html (Requested by
508         alexchristensen on #webkit).
509
510         Reverted changeset:
511
512         "WebKitCSSMatrix transformList with calculated relative length
513         crashes Safari."
514         https://bugs.webkit.org/show_bug.cgi?id=153333
515         http://trac.webkit.org/changeset/196738
516
517 2016-02-17  Dean Jackson  <dino@apple.com>
518
519         WebKitCSSMatrix transformList with calculated relative length crashes Safari.
520         https://bugs.webkit.org/show_bug.cgi?id=153333
521         <rdar://problem/17198383>
522
523         Reviewed by Simon Fraser.
524
525         WebKitCSSMatrix objects should fail to construct when not
526         using absolute lengths.
527
528         Updated existing tests:
529         - transforms/cssmatrix-2d-interface.xhtml
530         - transforms/cssmatrix-3d-interface.xhtml
531
532         * css/StyleBuilderConverter.h:
533         (WebCore::StyleBuilderConverter::convertTransform): Tell transformsForValue
534         that we don't require absolute lengths.
535         * css/TransformFunctions.cpp:
536         (WebCore::convertToFloatLength): Add an optional parameter that will
537         cause the conversion to fail if the primitive value has a non-absolute
538         length.
539         (WebCore::transformsForValue): Pass the parameter for requiring an
540         absolute length on to convertToFloatLength when necessary.
541         * css/TransformFunctions.h:
542         * css/WebKitCSSMatrix.cpp:
543         (WebCore::WebKitCSSMatrix::setMatrixValue): In this case we do
544         require all transform strings to have absolute lengths, not ones
545         that depend on the font size or are calculated.
546
547 2016-02-17  Commit Queue  <commit-queue@webkit.org>
548
549         Unreviewed, rolling out r196712.
550         https://bugs.webkit.org/show_bug.cgi?id=154371
551
552         This change caused 5 API test failures on ios-simulator
553         (Requested by ryanhaddad on #webkit).
554
555         Reverted changeset:
556
557         "[iOS] Purge GraphicsServices font cache on memory warning."
558         https://bugs.webkit.org/show_bug.cgi?id=154343
559         http://trac.webkit.org/changeset/196712
560
561 2016-02-17  Brady Eidson  <beidson@apple.com>
562
563         Modern IDB: More Encoder/Decoder/Messaging scaffolding for WK2 IPC.
564         https://bugs.webkit.org/show_bug.cgi?id=154356
565
566         Reviewed by Alex Christensen.
567
568         No change in behavior yet; Just laying the groundwork.
569
570         * Modules/indexeddb/shared/IDBDatabaseInfo.h:
571         (WebCore::IDBDatabaseInfo::encode):
572         (WebCore::IDBDatabaseInfo::decode):
573
574         * Modules/indexeddb/shared/IDBError.h:
575         (WebCore::IDBError::encode):
576         (WebCore::IDBError::decode):
577
578         * Modules/indexeddb/shared/IDBRequestData.h:
579         (WebCore::IDBRequestData::decode):
580
581         * Modules/indexeddb/shared/IDBResultData.h:
582         (WebCore::IDBResultData::encode):
583         (WebCore::IDBResultData::decode):
584
585 2016-02-17  Saam barati  <sbarati@apple.com>
586
587         Implement Proxy [[Get]]
588         https://bugs.webkit.org/show_bug.cgi?id=154081
589
590         Reviewed by Michael Saboff.
591
592         Tests are in JavaScriptCore.
593
594         * bindings/js/JSCryptoAlgorithmDictionary.cpp:
595         (WebCore::getProperty):
596         (WebCore::getHashAlgorithm):
597         * bindings/js/JSCryptoKeySerializationJWK.cpp:
598         (WebCore::getJSArrayFromJSON):
599         (WebCore::getStringFromJSON):
600         (WebCore::getBooleanFromJSON):
601         * bindings/js/JSDOMWindowCustom.cpp:
602         (WebCore::DialogHandler::returnValue):
603         * bindings/js/JSDictionary.cpp:
604         (WebCore::JSDictionary::tryGetProperty):
605         * bindings/js/JSStorageCustom.cpp:
606         (WebCore::JSStorage::deleteProperty):
607         (WebCore::JSStorage::deletePropertyByIndex):
608         (WebCore::JSStorage::putDelegate):
609         * bindings/js/SerializedScriptValue.cpp:
610         (WebCore::CloneSerializer::getProperty):
611         * testing/Internals.cpp:
612         (WebCore::Internals::isReadableStreamDisturbed):
613
614 2016-02-17  Simon Fraser  <simon.fraser@apple.com>
615
616         PDFPlugin's scrollableArea container is not properly unregistered when page is going into the PageCache
617         https://bugs.webkit.org/show_bug.cgi?id=148182
618
619         Reviewed by Brent Fulgham.
620
621         When handling Command-arrow key while showing a scrollable PDF, the timing of PDFPlugin
622         teardown and navigation could result in PDFPlugin::destroy() getting the wrong FrameView,
623         so the old FrameView was left with a stale pointer in its scrollableAreaSet.
624
625         Fix this by adding an explicit willDetatchRenderer() which is called on the plugin
626         before the Frame gets a new FrameView.
627
628         Also narrow the scope of the RefPtr<Widget> in HTMLPlugInElement::defaultEventHandler()
629         so that the Widget is not kept alive over a possible navigation.
630
631         I was unable to make an automated test, because reproducing the bug requires handling
632         a Command-arrow key event in a way that the last ref to a Widget is held over the event
633         handling, and this wasn't possible in an iframe.
634
635         * html/HTMLPlugInElement.cpp:
636         (WebCore::HTMLPlugInElement::defaultEventHandler):
637         * html/HTMLPlugInImageElement.cpp:
638         (WebCore::HTMLPlugInImageElement::willDetachRenderers):
639         * plugins/PluginViewBase.h:
640         (WebCore::PluginViewBase::willDetatchRenderer):
641         * style/StyleTreeResolver.cpp:
642         (WebCore::Style::detachRenderTree): Drive-by nullptr.
643
644 2016-02-17  Brady Eidson  <beidson@apple.com>
645
646         Modern IDB: Encoder/Decoder/Messaging scaffolding for WK2 IPC.
647         https://bugs.webkit.org/show_bug.cgi?id=154351
648
649         Reviewed by Alex Christensen.
650
651         No change in behavior yet; Just laying the groundwork.
652
653         * Modules/indexeddb/IDBDatabaseIdentifier.h:
654         (WebCore::IDBDatabaseIdentifier::encode):
655         (WebCore::IDBDatabaseIdentifier::decode):
656         
657         * Modules/indexeddb/shared/IDBCursorInfo.h:
658         (WebCore::IDBCursorInfo::encode):
659         (WebCore::IDBCursorInfo::decode):
660         
661         * Modules/indexeddb/shared/IDBIndexInfo.h:
662         (WebCore::IDBIndexInfo::encode):
663         (WebCore::IDBIndexInfo::decode):
664         
665         * Modules/indexeddb/shared/IDBObjectStoreInfo.h:
666         (WebCore::IDBObjectStoreInfo::encode):
667         (WebCore::IDBObjectStoreInfo::decode):
668         
669         * Modules/indexeddb/shared/IDBRequestData.h:
670         (WebCore::IDBRequestData::encode):
671         (WebCore::IDBRequestData::decode):
672         
673         * Modules/indexeddb/shared/IDBResourceIdentifier.h:
674         (WebCore::IDBResourceIdentifier::encode):
675         (WebCore::IDBResourceIdentifier::decode):
676         
677         * Modules/indexeddb/shared/IDBTransactionInfo.h:
678         (WebCore::IDBTransactionInfo::encode):
679         (WebCore::IDBTransactionInfo::decode):
680
681 2016-02-17  Andreas Kling  <akling@apple.com>
682
683         [iOS] Purge GraphicsServices font cache on memory warning.
684         <https://webkit.org/b/154343>
685
686         Reviewed by Antti Koivisto.
687
688         The GS font cache was holding on to the last retain on CSS fonts after they stop being used.
689         Call SPI to purge it on memory pressure.
690
691         * platform/cocoa/MemoryPressureHandlerCocoa.mm:
692         (WebCore::MemoryPressureHandler::platformReleaseMemory):
693         * platform/spi/ios/GraphicsServicesSPI.h:
694
695 2016-02-17  Chris Dumez  <cdumez@apple.com>
696
697         Regression(r196648): window.showModalDialog is no longer undefined if the client does not allow showing modal dialog
698         https://bugs.webkit.org/show_bug.cgi?id=154330
699
700         Reviewed by Gavin Barraclough.
701
702         window.showModalDialog is no longer undefined if the client does not
703         allow showing modal dialog after r196648. This patch fixes the issue
704         and add test coverage for this.
705
706         Test: fast/dom/Window/forbid-showModalDialog.html
707
708         * bindings/js/JSDOMWindowCustom.cpp:
709         (WebCore::JSDOMWindow::getOwnPropertySlot):
710         - Move the DOMWindow::canShowModalDialog() check *before* checking
711           for static properties as showModalDialog is now in the static
712           property table after r196648.
713         - Add check for Base::getOwnPropertySlot() first to support overriding
714           window.showModalDialog (This behavior matches Firefox).
715         - Return false if DOMWindow::canShowModalDialog() returns false as this
716           seems cleaner than claiming that the property is there but undefined.
717
718         * page/DOMWindow.cpp:
719         (WebCore::DOMWindow::canShowModalDialogNow): Deleted.
720         This was indentical to canShowModalDialog().
721
722         (WebCore::DOMWindow::canShowModalDialog):
723         (WebCore::DOMWindow::setCanShowModalDialogOverride):
724         (WebCore::DOMWindow::showModalDialog):
725         * page/DOMWindow.h:
726         * testing/Internals.cpp:
727         (WebCore::Internals::setCanShowModalDialogOverride):
728         * testing/Internals.h:
729         * testing/Internals.idl:
730         Add support for overriding the ChromeClient's canShowModalDialog
731         decision and hook it up to Internals to add layout test coverage.
732
733 2016-02-17  Brady Eidson  <beidson@apple.com>
734
735         Modern IDB: More WK2 IPC Scaffolding.
736         https://bugs.webkit.org/show_bug.cgi?id=154317
737
738         Reviewed by Alex Christensen.
739
740         No change in behavior yet; Just laying the groundwork.
741
742         * Modules/indexeddb/shared/IDBCursorInfo.cpp:
743         (WebCore::IDBCursorInfo::IDBCursorInfo):
744         * Modules/indexeddb/shared/IDBCursorInfo.h:
745         (WebCore::IDBCursorInfo::decode):
746         * Modules/indexeddb/shared/IDBError.h:
747         (WebCore::IDBError::decode):
748         * Modules/indexeddb/shared/IDBIndexInfo.h:
749         (WebCore::IDBIndexInfo::decode):
750         * Modules/indexeddb/shared/IDBObjectStoreInfo.h:
751         (WebCore::IDBObjectStoreInfo::decode):
752         * Modules/indexeddb/shared/IDBRequestData.cpp:
753         (WebCore::IDBRequestData::IDBRequestData):
754         * Modules/indexeddb/shared/IDBRequestData.h:
755         (WebCore::IDBRequestData::decode):
756         * Modules/indexeddb/shared/IDBResourceIdentifier.cpp:
757         (WebCore::IDBResourceIdentifier::IDBResourceIdentifier):
758         * Modules/indexeddb/shared/IDBResourceIdentifier.h:
759         (WebCore::IDBResourceIdentifier::decode):
760         * Modules/indexeddb/shared/IDBResultData.cpp:
761         (WebCore::IDBResultData::IDBResultData):
762         * Modules/indexeddb/shared/IDBResultData.h:
763         (WebCore::IDBResultData::decode):
764         * Modules/indexeddb/shared/IDBTransactionInfo.cpp:
765         (WebCore::IDBTransactionInfo::IDBTransactionInfo):
766         * Modules/indexeddb/shared/IDBTransactionInfo.h:
767         (WebCore::IDBTransactionInfo::decode):
768         * WebCore.xcodeproj/project.pbxproj:
769
770 2016-02-17  Eric Carlson  <eric.carlson@apple.com>
771
772         [Win] Allow ports to disable automatic text track selection
773         https://bugs.webkit.org/show_bug.cgi?id=154322
774         <rdar://problem/24623986>
775
776         Reviewed by Brent Fulgham.
777
778         * page/CaptionUserPreferencesMediaAF.cpp:
779         (MTEnableCaption2015BehaviorPtr): Implement for Windows.
780
781 2016-02-17  Gavin Barraclough  <barraclough@apple.com>
782
783         JSDOMWindow::put should not do the same thing twice
784         https://bugs.webkit.org/show_bug.cgi?id=154334
785
786         Reviewed by Chris Dumez.
787
788         It either calls JSGlobalObject::put or Base::put. Hint: these are basically the same thing.
789         In the latter case it might call lookupPut. That's redundant; JSObject::put handles static
790         table entries.
791
792         * bindings/js/JSDOMWindowCustom.cpp:
793         (WebCore::JSDOMWindow::put):
794             - just call Base::put.
795         (WebCore::JSDOMWindow::putByIndex):
796             - just call Base::putByIndex.
797
798 2016-02-17  Nan Wang  <n_wang@apple.com>
799
800         AX: Implement sentence related text marker functions using TextIterator
801         https://bugs.webkit.org/show_bug.cgi?id=154312
802
803         Reviewed by Chris Fleizach.
804
805         Using CharacterOffset to implement sentence related text marker calls. Reused
806         logic from VisibleUnits class. Also fixed an issue where paragraph navigation
807         should skip preceding and following BR nodes.
808
809         Test: accessibility/mac/text-marker-sentence-nav.html
810
811         * accessibility/AXObjectCache.cpp:
812         (WebCore::resetNodeAndOffsetForReplacedNode):
813         (WebCore::setRangeStartOrEndWithCharacterOffset):
814         (WebCore::AXObjectCache::characterOffsetForNodeAndOffset):
815         (WebCore::AXObjectCache::previousCharacterOffset):
816         (WebCore::AXObjectCache::startCharacterOffsetOfWord):
817         (WebCore::AXObjectCache::endCharacterOffsetOfWord):
818         (WebCore::AXObjectCache::previousWordStartCharacterOffset):
819         (WebCore::AXObjectCache::leftWordRange):
820         (WebCore::AXObjectCache::rightWordRange):
821         (WebCore::AXObjectCache::characterBefore):
822         (WebCore::characterOffsetNodeIsBR):
823         (WebCore::parentEditingBoundary):
824         (WebCore::AXObjectCache::nextBoundary):
825         (WebCore::AXObjectCache::previousBoundary):
826         (WebCore::AXObjectCache::paragraphForCharacterOffset):
827         (WebCore::AXObjectCache::nextParagraphEndCharacterOffset):
828         (WebCore::AXObjectCache::previousParagraphStartCharacterOffset):
829         (WebCore::AXObjectCache::startCharacterOffsetOfSentence):
830         (WebCore::AXObjectCache::endCharacterOffsetOfSentence):
831         (WebCore::AXObjectCache::sentenceForCharacterOffset):
832         (WebCore::AXObjectCache::nextSentenceEndCharacterOffset):
833         (WebCore::AXObjectCache::previousSentenceStartCharacterOffset):
834         (WebCore::AXObjectCache::rootAXEditableElement):
835         (WebCore::startWordBoundary): Deleted.
836         (WebCore::endWordBoundary): Deleted.
837         (WebCore::AXObjectCache::nextWordBoundary): Deleted.
838         (WebCore::AXObjectCache::previousWordBoundary): Deleted.
839         * accessibility/AXObjectCache.h:
840         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
841         (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:forParameter:]):
842         * editing/VisibleUnits.cpp:
843         (WebCore::startWordBoundary):
844         (WebCore::startOfWord):
845         (WebCore::endWordBoundary):
846         (WebCore::startSentenceBoundary):
847         (WebCore::startOfSentence):
848         (WebCore::endSentenceBoundary):
849         * editing/VisibleUnits.h:
850
851 2016-02-17  Manuel Rego Casasnovas  <rego@igalia.com>
852
853         [css-grid] GridSpan refactoring
854         https://bugs.webkit.org/show_bug.cgi?id=153868
855
856         Reviewed by Sergio Villar Senin.
857
858         Add new enum to know if a GridSpan is definite or indefinite.
859         That way we don't need GridUnresolvedSpan class (which is removed).
860         We can always have two GridSpans in GridCoordinate,
861         if the position is "auto" the GridSpan will be marked as indefinite.
862         This will allow in a follow-up patch to avoid repeated calls
863         to methods that resolve positions.
864
865         Most operations in GridSpan are restricted to definite GridSpans (access
866         to positions, iterator, etc.). For indefinite GridSpans we only need to
867         know that they're indefinite, we shouldn't use the rest of the data.
868
869         No new tests, no change of behavior.
870
871         * css/CSSGridTemplateAreasValue.cpp:
872         (WebCore::stringForPosition):
873         * css/CSSParser.cpp:
874         (WebCore::CSSParser::parseGridTemplateAreasRow):
875         * css/StyleBuilderConverter.h:
876         (WebCore::StyleBuilderConverter::createImplicitNamedGridLinesFromGridArea):
877         * rendering/RenderGrid.cpp:
878         (WebCore::RenderGrid::GridIterator::nextEmptyGridArea):
879         (WebCore::RenderGrid::computeUsedBreadthOfGridTracks):
880         (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForNonSpanningItems):
881         (WebCore::RenderGrid::insertItemIntoGrid):
882         (WebCore::RenderGrid::placeItemsOnGrid):
883         (WebCore::RenderGrid::populateExplicitGridAndOrderIterator):
884         (WebCore::RenderGrid::placeSpecifiedMajorAxisItemsOnGrid):
885         (WebCore::RenderGrid::placeAutoMajorAxisItemOnGrid):
886         (WebCore::RenderGrid::offsetAndBreadthForPositionedChild):
887         (WebCore::RenderGrid::gridAreaBreadthForChildIncludingAlignmentOffsets):
888         (WebCore::RenderGrid::columnAxisOffsetForChild):
889         (WebCore::RenderGrid::rowAxisOffsetForChild):
890         (WebCore::RenderGrid::placeAutoMajorAxisItemsOnGrid): Deleted.
891         (WebCore::RenderGrid::autoPlacementMinorAxisDirection): Deleted.
892         (WebCore::RenderGrid::populateGridPositions): Deleted.
893         * rendering/style/GridCoordinate.h:
894         (WebCore::GridSpan::definiteGridSpan):
895         (WebCore::GridSpan::indefiniteGridSpan):
896         (WebCore::GridSpan::operator==):
897         (WebCore::GridSpan::integerSpan):
898         (WebCore::GridSpan::resolvedInitialPosition):
899         (WebCore::GridSpan::resolvedFinalPosition):
900         (WebCore::GridSpan::begin):
901         (WebCore::GridSpan::end):
902         (WebCore::GridSpan::isDefinite):
903         (WebCore::GridSpan::GridSpan):
904         (WebCore::GridCoordinate::GridCoordinate):
905         * rendering/style/GridResolvedPosition.cpp:
906         (WebCore::initialPositionSide):
907         (WebCore::finalPositionSide):
908         (WebCore::adjustGridPositionsFromStyle):
909         (WebCore::resolveRowStartColumnStartNamedGridLinePositionAgainstOppositePosition):
910         (WebCore::resolveRowEndColumnEndNamedGridLinePositionAgainstOppositePosition):
911         (WebCore::resolveNamedGridLinePositionAgainstOppositePosition):
912         (WebCore::resolveGridPositionAgainstOppositePosition):
913         (WebCore::GridResolvedPosition::resolveGridPositionsFromAutoPlacementPosition):
914         (WebCore::GridResolvedPosition::resolveGridPositionsFromStyle):
915         (WebCore::implicitNamedGridLineForSide): Deleted.
916         (WebCore::GridResolvedPosition::isNonExistentNamedLineOrArea): Deleted.
917         (WebCore::resolveNamedGridLinePositionFromStyle): Deleted.
918         (WebCore::resolveGridPositionFromStyle): Deleted.
919         * rendering/style/GridResolvedPosition.h:
920         (WebCore::GridResolvedPosition::GridResolvedPosition): Deleted.
921         (WebCore::GridResolvedPosition::operator*): Deleted.
922         (WebCore::GridResolvedPosition::operator++): Deleted.
923         (WebCore::GridResolvedPosition::operator==): Deleted.
924
925 2016-02-17  Chris Dumez  <cdumez@apple.com>
926
927         Window should have its 'constructor' property on the prototype
928         https://bugs.webkit.org/show_bug.cgi?id=154037
929         <rdar://problem/24689078>
930
931         Reviewed by Gavin Barraclough.
932
933         Window should have its 'constructor' property on the prototype as per
934         the Web IDL specification:
935         http://heycam.github.io/webidl/#interface-prototype-object
936
937         Firefox and Chrome already match the specification.
938
939         No new tests, covered by:
940         - fast/dom/Window/window-constructor-settable.html
941         - fast/dom/Window/window-constructor.html
942         - http/tests/security/cross-origin-window-property-access.html
943         - imported/w3c/web-platform-tests/html/dom/interfaces.html
944
945         * bindings/scripts/CodeGeneratorJS.pm:
946         (ConstructorShouldBeOnInstance): Deleted.
947         Drop this routine as all constructors are now on the prototype.
948
949         (InstancePropertyCount):
950         Do not account for constructor properties as these can only be
951         on the prototype now.
952
953         (PrototypePropertyCount):
954         Increment the property count by 1 if the interface has a constructor
955         property (e.g. [NoInterfaceObject] interfaces do not have one).
956
957         (GeneratePropertiesHashTable):
958         Stop calling ConstructorShouldBeOnInstance() as it no longer exists.
959         Always generated the "constructor" property if:
960         1. We are generating the prototype hash table.
961         and
962         2. The interface needs a constructor (i.e. not marked as
963            [NoInterfaceObject]).
964
965         (GenerateImplementation):
966         - Drop code handling the case where ConstructorShouldBeOnInstance()
967           returns true as constructors are not always on the prototype and
968           the ConstructorShouldBeOnInstance() routine has been dropped.
969         - Drop code handling [CustomProxyToJSObject]. Now that the constructor
970           is always on the prototype, we never need to cast thisValue to a
971           JSDOMWindow (by calling toJSDOMWindow). In the Window case, thisValue
972           is now casted to a JSDOMWindowPrototype*, similarly to other interfaces
973           so we don't need a special casting function anymore.
974         - Stop generating security checks. This only impacts Window as it is the
975           only interface marked as [CheckSecurity]. The cross-origin checking code
976           as it was would not work when "constructor" is on the prototype because
977           thisValue is a JSDOMWindowPrototype, not a JSDOMWindow and we have no
978           way of getting the wrapped window. Also, the security check is no longer
979           needed because:
980           1. Accessing crossOriginWindow.constructor will not work now that
981              constructor is on the prototype because
982              JSDOMWindow::getOwnPropertySlot() already prevents access to the
983              prototype in the cross-origin case.
984           2. "constructor" is a value property, not a getter/setter. Therefore,
985              it is no possible to use the getter/setter from a same origin window
986              instance and call it on a cross origin window.
987
988 2016-02-16  Carlos Garcia Campos  <cgarcia@igalia.com>
989
990         Add a way to test ScrollAnimator
991         https://bugs.webkit.org/show_bug.cgi?id=153479
992
993         Reviewed by Michael Catanzaro.
994
995         Tests: fast/scrolling/overlay-scrollbars-scroll-corner.html
996                fast/scrolling/scroll-animator-basic-events.html
997                fast/scrolling/scroll-animator-overlay-scrollbars-hovered.html
998                fast/scrolling/scroll-animator-select-list-events.html
999
1000         * CMakeLists.txt:
1001         * WebCore.xcodeproj/project.pbxproj:
1002         * page/FrameView.cpp:
1003         (WebCore::FrameView::usesMockScrollAnimator):
1004         (WebCore::FrameView::logMockScrollAnimatorMessage):
1005         * page/FrameView.h:
1006         * page/Settings.cpp:
1007         (WebCore::Settings::setUsesMockScrollAnimator):
1008         (WebCore::Settings::usesMockScrollAnimator):
1009         * page/Settings.h:
1010         * platform/ScrollableArea.cpp:
1011         (WebCore::ScrollableArea::scrollAnimator):
1012         * platform/ScrollableArea.h:
1013         (WebCore::ScrollableArea::usesMockScrollAnimator):
1014         (WebCore::ScrollableArea::logMockScrollAnimatorMessage):
1015         * platform/mock/ScrollAnimatorMock.cpp: Added.
1016         (WebCore::ScrollAnimatorMock::create):
1017         (WebCore::ScrollAnimatorMock::ScrollAnimatorMock):
1018         (WebCore::ScrollAnimatorMock::~ScrollAnimatorMock):
1019         (WebCore::ScrollAnimatorMock::didAddVerticalScrollbar):
1020         (WebCore::ScrollAnimatorMock::didAddHorizontalScrollbar):
1021         (WebCore::ScrollAnimatorMock::willRemoveVerticalScrollbar):
1022         (WebCore::ScrollAnimatorMock::willRemoveHorizontalScrollbar):
1023         (WebCore::ScrollAnimatorMock::mouseEnteredContentArea):
1024         (WebCore::ScrollAnimatorMock::mouseMovedInContentArea):
1025         (WebCore::ScrollAnimatorMock::mouseExitedContentArea):
1026         (WebCore::ScrollAnimatorMock::mouseEnteredScrollbar):
1027         (WebCore::ScrollAnimatorMock::mouseExitedScrollbar):
1028         (WebCore::ScrollAnimatorMock::mouseIsDownInScrollbar):
1029         * platform/mock/ScrollAnimatorMock.h: Added.
1030         * platform/mock/ScrollbarThemeMock.cpp:
1031         (WebCore::ScrollbarThemeMock::usesOverlayScrollbars):
1032         * platform/mock/ScrollbarThemeMock.h:
1033         * rendering/RenderLayer.cpp:
1034         (WebCore::RenderLayer::usesMockScrollAnimator):
1035         (WebCore::RenderLayer::logMockScrollAnimatorMessage):
1036         * rendering/RenderLayer.h:
1037         * rendering/RenderListBox.cpp:
1038         (WebCore::RenderListBox::usesMockScrollAnimator):
1039         (WebCore::RenderListBox::logMockScrollAnimatorMessage):
1040         * rendering/RenderListBox.h:
1041         * testing/Internals.cpp:
1042         (WebCore::Internals::resetToConsistentState):
1043         (WebCore::Internals::setUsesMockScrollAnimator):
1044         * testing/Internals.h:
1045         * testing/Internals.idl:
1046
1047 2016-02-16  Carlos Garcia Campos  <cgarcia@igalia.com>
1048
1049         Unreviewed. Enable overlay scrollbars in GTK+ after r196641.
1050
1051         This was blocked by bug #153404, but the commit that introduced
1052         the regression was rolled out in r196641.
1053
1054         * platform/gtk/ScrollbarThemeGtk.cpp:
1055         (WebCore::ScrollbarThemeGtk::ScrollbarThemeGtk):
1056
1057 2016-02-16  Gavin Barraclough  <barraclough@apple.com>
1058
1059         JSDOMWindow::getOwnPropertySlot should just call getStaticPropertySlot
1060         https://bugs.webkit.org/show_bug.cgi?id=154257
1061
1062         Reviewed by Chris Dumez.
1063
1064         * bindings/js/JSDOMWindowCustom.cpp:
1065         (WebCore::JSDOMWindow::getOwnPropertySlot):
1066             - JSDOMWindow::getOwnPropertySlot should just call getStaticPropertySlot
1067
1068 2016-02-16  Gavin Barraclough  <barraclough@apple.com>
1069
1070         JSDOMWindow::getOwnPropertySlot should not search photo chain
1071         https://bugs.webkit.org/show_bug.cgi?id=154102
1072
1073         Reviewed by Chris Dumez.
1074
1075         Should only return *own* properties.
1076
1077         * bindings/js/JSDOMWindowCustom.cpp:
1078         (WebCore::jsDOMWindowGetOwnPropertySlotNamedItemGetter):
1079
1080 2016-02-16  Alex Christensen  <achristensen@webkit.org>
1081
1082         CMake build fix.
1083
1084         * PlatformMac.cmake:
1085
1086 2016-02-16  Chris Dumez  <cdumez@apple.com>
1087
1088         Navigator.geolocation should not be marked a [Replaceable] and should be on the prototype
1089         https://bugs.webkit.org/show_bug.cgi?id=154304
1090         <rdar://problem/24685092>
1091
1092         Reviewed by Gavin Barraclough.
1093
1094         1. Drop the [Replaceable] IDL extended attribute for navigator.geolocation
1095            as this does not match other browsers or the specification:
1096            - https://dev.w3.org/geo/api/spec-source.html#geolocation_interface
1097         2. Move Navigator attributes to the prototype, where they should be as
1098            per the Web IDL specification.
1099
1100         The previous behavior was meant as a workaround for a bug in the Amazon
1101         iOS app (rdar://problem/16332749). However, I have confirmed that the
1102         latest Amazon App no longer has any issue with those changes.
1103
1104         Test: js/navigator-set-geolocation.html
1105
1106         * Modules/geolocation/NavigatorGeolocation.idl:
1107         * bindings/scripts/CodeGeneratorJS.pm:
1108         (InterfaceRequiresAttributesOnInstanceForCompatibility): Deleted.
1109
1110 2016-02-16  Said Abou-Hallawa  <sabouhallawa@apple.com>
1111
1112         REGRESSION(r196268): WTFCrashWithSecurityImplication on SVG path animation tests
1113         https://bugs.webkit.org/show_bug.cgi?id=154221
1114
1115         Reviewed by Brent Fulgham.
1116
1117         In r196268, a destructor was added to SVGListPropertyTearOff that notifies
1118         its wrapper (the SVGAnimatedListPropertyTearoff) about its deletion. This
1119         allows the wrapper to nullify any references to the wrapped content.
1120         
1121         We needed to do the same thing for SVGPathSegListPropertyTearOff. Both
1122         SVGPathSegListPropertyTearOff and SVGListPropertyTearOff inherit from
1123         SVGListProperty and both hold pointers to SVGAnimatedListPropertyTearOff
1124         which needs to be notified.
1125         
1126         Tests: exiting svg path animation tests should not crash.
1127
1128         * svg/properties/SVGPathSegListPropertyTearOff.h:
1129         (WebCore::SVGPathSegListPropertyTearOff::~SVGPathSegListPropertyTearOff):
1130
1131 2016-02-16  Said Abou-Hallawa  <sabouhallawa@apple.com>
1132
1133         REGRESSION (r190430): WTFCrashWithSecurityImplication in:void SVGRootInlineBox::layoutCharactersInTextBoxes()
1134         https://bugs.webkit.org/show_bug.cgi?id=154185
1135
1136         Reviewed by Ryosuke Niwa.
1137
1138         This is a regression caused by adding support for HTMLSlotElement. The
1139         crash happens when adding an HTMLSlotElement to anther element which should
1140         not have it as a child like SVGTextElement for example. In this case, we
1141         were creating a RenderText which should not be happen inside an SVG document.
1142         The RenderText::createTextBox() was creating InlineTextBox for the slot's
1143         text and attach it to the SVGRootInlineBox. In layoutCharactersInTextBoxes(),
1144         the assumption is the inline box is either SVGInlineTextBox or SVGInlineFlowBox.
1145         But since we have an InlineTextBox instead, the crash happens when casting
1146         the InlineTextBox to SVGInlineFlowBox.
1147
1148         The fix is for createRenderTreeForSlotAssignees() to not create a renderer
1149         when the parent element should not have a renderer for the this element.
1150         This is the same thing we do for createRenderer() which handles the non
1151         HTMLSlotElement case and which is called also from createRenderTreeRecursively().
1152         
1153         Test: fast/shadow-dom/text-slot-child-crash.svg
1154
1155         * style/StyleTreeResolver.cpp:
1156         (WebCore::Style::moveToFlowThreadIfNeeded):
1157         (WebCore::Style::TreeResolver::createRenderer): Delete the check for
1158         shouldCreateRenderer() and handling the case when resolvedStyle is null
1159         since these are handled by the caller createRenderTreeRecursively().
1160         
1161         (WebCore::Style::TreeResolver::createRenderTreeForSlotAssignees):
1162         Assert shouldCreateRenderer() is true for this element.
1163         
1164         (WebCore::Style::TreeResolver::createRenderTreeRecursively): Don't create
1165         the renderer if shouldCreateRenderer() returns false. Also handle the case
1166         when resolvedStyle is null and pass the new style to createRenderer().
1167         
1168         * style/StyleTreeResolver.h:
1169
1170 2016-02-16  Simon Fraser  <simon.fraser@apple.com>
1171
1172         Every RenderLayer should not have to remove itself from the scrollableArea set
1173         https://bugs.webkit.org/show_bug.cgi?id=154311
1174
1175         Reviewed by Zalan Bujtas.
1176
1177         A subset of RenderLayers are are scrollable, and get registered on the FrameView,
1178         but we pay the cost of a hash lookup for removal on every RenderLayer, which is a waste.
1179         
1180         Store a bit that tells RenderLayer that it's in the set and needs to be removed.
1181
1182         * rendering/RenderLayer.cpp:
1183         (WebCore::RenderLayer::RenderLayer):
1184         (WebCore::RenderLayer::~RenderLayer):
1185         (WebCore::RenderLayer::calculateClipRects):
1186         * rendering/RenderLayer.h:
1187
1188 2016-02-16  Daniel Bates  <dabates@apple.com>
1189
1190         CSP: Update violation report 'Content-Type' header
1191         https://bugs.webkit.org/show_bug.cgi?id=153166
1192         <rdar://problem/24383327>
1193
1194         Reviewed by Brent Fulgham.
1195
1196         Inspired by Blink patch:
1197         <https://src.chromium.org/viewvc/blink?view=rev&revision=154215>
1198
1199         Post the Content Security Policy violation report with Content-Type application/csp-report as
1200         per section Reporting of the Content Security Policy 2.0 spec., <https://www.w3.org/TR/2015/CR-CSP2-20150721/>.
1201
1202         Currently we post CSP violation reports with Content-Type application/json.
1203
1204         * html/parser/XSSAuditorDelegate.cpp:
1205         (WebCore::XSSAuditorDelegate::didBlockScript): Use report type ViolationReportType::XSSAuditor to PingLoader.
1206         * loader/PingLoader.cpp:
1207         (WebCore::PingLoader::sendViolationReport): Modified to take argument of type ViolationReportType
1208         to determine the appropriate Content-Type header to use for the report. For a XSS Auditor violation report
1209         we use Content-Type application/json. For a Content Security Policy violation report we use Content-Type
1210         application/csp-report. Additionally, pass a ASCIILiteral() to ResourceRequestBase::setHTTPMethod()
1211         as opposed to a constant string literal to avoid a copy of a constant string literal.
1212         * loader/PingLoader.h: Add enum class ViolationReportType.
1213         * page/csp/ContentSecurityPolicy.cpp:
1214         (WebCore::ContentSecurityPolicy::reportViolation): Use report type ViolationReportType::ContentSecurityPolicy.
1215
1216 2016-02-16  Alex Christensen  <achristensen@webkit.org>
1217
1218         Add checks before redirecting with NetworkSession
1219         https://bugs.webkit.org/show_bug.cgi?id=154298
1220
1221         Reviewed by Andy Estes.
1222
1223         This fixes http/tests/security/cors-post-redirect-307.html and 
1224         http/tests/navigation/post-307-response.html when using NetworkSession.
1225
1226         * platform/network/ResourceRequestBase.h:
1227         WEBCORE_EXPORT some functions newly used in WebKit2.
1228
1229 2016-02-16  Daniel Bates  <dabates@apple.com>
1230
1231         CSP: Fix parsing of 'host/path' source expressions
1232         https://bugs.webkit.org/show_bug.cgi?id=153170
1233         <rdar://problem/24383407>
1234
1235         Reviewed by Brent Fulgham.
1236
1237         Merged from Blink (patch by Mike West):
1238         <https://src.chromium.org/viewvc/blink?revision=154875&view=revision>
1239
1240         Fixes an issue where a source of the form example.com/A/ was incorrectly considered
1241         invalid and hence such a requested resource would be blocked. A source of this form
1242         is valid by the definition of host-source in section Source List Syntax of the Content
1243         Security Policy 2.0 spec., <http://www.w3.org/TR/2015/CR-CSP2-20150721/>.
1244
1245         * page/csp/ContentSecurityPolicySourceList.cpp:
1246         (WebCore::ContentSecurityPolicySourceList::parseSource):
1247
1248 2016-02-16  Daniel Bates  <dabates@apple.com>
1249
1250         CSP: Disallow an empty host in a host-source source expression
1251         https://bugs.webkit.org/show_bug.cgi?id=153168
1252         <rdar://problem/24383366>
1253
1254         Reviewed by Brent Fulgham.
1255
1256         Merged from Blink (patch by rob@robwu.nl):
1257         <https://src.chromium.org/viewvc/blink?revision=180407&view=revision>
1258
1259         * page/csp/ContentSecurityPolicySourceList.cpp:
1260         (WebCore::ContentSecurityPolicySourceList::parseSource):
1261
1262 2016-02-16  Brady Eidson  <beidson@apple.com>
1263
1264         Modern IDB: WK2 IPC Scaffolding.
1265         https://bugs.webkit.org/show_bug.cgi?id=154296
1266
1267         Reviewed by Alex Christensen.
1268         
1269         No change in behavior yet; Just laying the groundwork.
1270
1271         * Modules/indexeddb/client/IDBConnectionToServer.h:
1272         * Modules/indexeddb/server/IDBConnectionToClient.h:
1273         * Modules/indexeddb/shared/IDBResourceIdentifier.h:
1274
1275 2016-02-16  Chris Dumez  <cdumez@apple.com>
1276
1277         [Web IDL] Operations should be on the instance for global objects or if [Unforgeable]
1278         https://bugs.webkit.org/show_bug.cgi?id=154120
1279         <rdar://problem/24613231>
1280
1281         Reviewed by Gavin Barraclough.
1282
1283         Operations should be on the instance for global objects or if
1284         [Unforgeable] as per the Web IDL specification:
1285         - http://heycam.github.io/webidl/#es-operations
1286         - http://heycam.github.io/webidl/#dfn-unforgeable-on-an-interface
1287
1288         This patch implements this behavior in order to align
1289         with the specification and other browsers.
1290
1291         No new tests, already covered by existing tests.
1292
1293         * bindings/js/JSDOMWindowCustom.cpp:
1294         (WebCore::jsDOMWindowGetOwnPropertySlotRestrictedAccess):
1295         Update function names now that they have "Instance" in their
1296         name instead of "Prototype".
1297
1298         (WebCore::JSDOMWindow::getOwnPropertySlot):
1299         - Update function names now that they have "Instance" in their
1300           name instead of "Prototype".
1301         - Move the functions hard-coding *before* the static table check
1302           now that these functions are in the static table to maintain
1303           the previous behavior.
1304
1305         * bindings/js/JSLocationCustom.cpp:
1306         (WebCore::JSLocation::getOwnPropertySlotDelegate):
1307         Update function names now that they have "Instance" in their
1308         name instead of "Prototype".
1309
1310         * bindings/scripts/CodeGeneratorJS.pm:
1311         - Move functions to the instance if their interface is a global
1312           object or if they are marked as [Unforgeable]. Operations are
1313           now treated more like attributes, as they can now be either on
1314           the instance or the prototype. In a lot of places, I now use
1315           the naming "properties" instead of "attributes" as "properties"
1316           refer both "attributes" and "operations" / "functions".
1317
1318         * bindings/scripts/test/JS/JSTestInterface.cpp:
1319         * bindings/scripts/test/JS/JSTestObj.cpp:
1320         Rebaseline bindings tests.
1321
1322 2016-02-16  Simon Fraser  <simon.fraser@apple.com>
1323
1324         Rollout r188659. This broke scrolling of iframes and overflow when
1325         navigating back to a page in the page cache.
1326         
1327         The fix was overly agressive and had no layout test. I will fix the original
1328         issue a different way.
1329
1330         * history/CachedFrame.cpp:
1331         (WebCore::CachedFrame::CachedFrame):
1332         * page/FrameView.cpp:
1333         (WebCore::FrameView::clearScrollableAreas): Deleted.
1334         * page/FrameView.h:
1335
1336 2016-02-16  Carlos Garcia Campos  <cgarcia@igalia.com>
1337
1338         [GTK] No hover-horizontal scrolling available
1339         https://bugs.webkit.org/show_bug.cgi?id=122859
1340
1341         Reviewed by Michael Catanzaro.
1342
1343         This is a regression of WebKit2, because in WebKit1 we used native
1344         widgets for frame scrollbars that handled this automatically. Now
1345         we need to also check if the mouse is over frame scrollbars to
1346         adjust the wheel event.
1347
1348         Test: platform/gtk/scrollbars/main-frame-scrollbar-horizontal-wheel-scroll.html
1349
1350         * page/EventHandler.cpp:
1351         (WebCore::EventHandler::handleWheelEvent): Pass the adjusted wheel
1352         event to platformCompleteWheelEvent().
1353         * page/gtk/EventHandlerGtk.cpp:
1354         (WebCore::EventHandler::shouldTurnVerticalTicksIntoHorizontal):
1355         Check also frame scrollbars.
1356
1357 2016-02-16  Antti Koivisto  <antti@apple.com>
1358
1359         Factor id mutation style invalidation code into a class
1360         https://bugs.webkit.org/show_bug.cgi?id=154287
1361
1362         Reviewed by Andreas Kling.
1363
1364         Also add a cheap basic optimization that avoids descendant invalidation if they can not be affected.
1365
1366         It would be easy to implement fine grained invalidation like with classes and attribute selectors.
1367         However dynamic id changes are not common enough (nor recommended) to pay the memory cost of
1368         the required data structures.
1369
1370         Test: fast/css/style-invalidation-id-change-descendants.html
1371
1372         * CMakeLists.txt:
1373         * WebCore.vcxproj/WebCore.vcxproj:
1374         * WebCore.xcodeproj/project.pbxproj:
1375         * css/RuleFeature.cpp:
1376         (WebCore::RuleFeatureSet::recursivelyCollectFeaturesFromSelector):
1377         (WebCore::RuleFeatureSet::add):
1378         (WebCore::RuleFeatureSet::clear):
1379         * css/RuleFeature.h:
1380         * dom/Element.cpp:
1381         (WebCore::makeIdForStyleResolution):
1382         (WebCore::Element::attributeChanged):
1383         (WebCore::checkNeedsStyleInvalidationForIdChange): Deleted.
1384         * style/IdChangeInvalidation.cpp: Added.
1385         (WebCore::Style::IdChangeInvalidation::invalidateStyle):
1386         * style/IdChangeInvalidation.h: Added.
1387         (WebCore::Style::IdChangeInvalidation::IdChangeInvalidation):
1388         (WebCore::Style::IdChangeInvalidation::~IdChangeInvalidation):
1389
1390 2016-02-16  Andreas Kling  <akling@apple.com>
1391
1392         Drop StyleResolver and SelectorQueryCache when entering PageCache.
1393         <https://webkit.org/b/154238>
1394
1395         Reviewed by Antti Koivisto.
1396
1397         Stop keeping these around for cached pages to save lots of memory.
1398         We can easily rebuild them if a cached navigation occurs, and this
1399         way we also don't need to worry about invalidating style for cached
1400         pages in all the right places.
1401
1402         Restoring a cached page will now lead to a forced style recalc.
1403         We don't try to defer this (beyond a zero-timer) since it's going
1404         to happen anyway, and it's nicer to front-load the cost rather than
1405         stuttering on the first user content interaction.
1406
1407         * dom/Document.cpp:
1408         (WebCore::Document::setInPageCache):
1409         * history/CachedPage.cpp:
1410         (WebCore::CachedPage::restore):
1411         (WebCore::CachedPage::clear): Deleted.
1412         * history/CachedPage.h:
1413         (WebCore::CachedPage::markForVisitedLinkStyleRecalc): Deleted.
1414         (WebCore::CachedPage::markForFullStyleRecalc): Deleted.
1415         * history/PageCache.cpp:
1416         (WebCore::PageCache::markPagesForVisitedLinkStyleRecalc): Deleted.
1417         (WebCore::PageCache::markPagesForFullStyleRecalc): Deleted.
1418         * history/PageCache.h:
1419         * page/Frame.cpp:
1420         (WebCore::Frame::setPageAndTextZoomFactors): Deleted.
1421         * page/Page.cpp:
1422         (WebCore::Page::setViewScaleFactor): Deleted.
1423         (WebCore::Page::setDeviceScaleFactor): Deleted.
1424         (WebCore::Page::setPagination): Deleted.
1425         (WebCore::Page::setPaginationLineGridEnabled): Deleted.
1426         (WebCore::Page::setVisitedLinkStore): Deleted.
1427
1428 2016-02-16  Carlos Garcia Campos  <cgarcia@igalia.com>
1429
1430         [GTK] clicking on the scrollbar trough steps rather than jumps to the clicked position
1431         https://bugs.webkit.org/show_bug.cgi?id=115363
1432
1433         Reviewed by Michael Catanzaro.
1434
1435         Allow ScrollbarTheme to decide the behavior of a button press event,
1436         instead of only deciding whether to center on thumb or not. This
1437         way we can match the current GTK+ behavior in WebKit, without
1438         affecting other ports.
1439
1440         * platform/ScrollTypes.h: Add ScrollbarButtonPressAction enum.
1441         * platform/Scrollbar.cpp:
1442         (WebCore::Scrollbar::mouseDown): Ask ScrollbarTheme to handle the
1443         event for the pressed part and do the requested action.
1444         * platform/ScrollbarTheme.cpp:
1445         (WebCore::ScrollbarTheme::handleMousePressEvent): Add default
1446         implementation. It's equivalent to the previous default implementation.
1447         * platform/ScrollbarTheme.h:
1448         * platform/gtk/ScrollbarThemeGtk.cpp:
1449         (WebCore::ScrollbarThemeGtk::handleMousePressEvent): Match current
1450         GTK+ behavior: left click centers on thumb and right click
1451         scrolls. Dragging the thumb works for left and middle buttons.
1452         * platform/gtk/ScrollbarThemeGtk.h:
1453         * platform/ios/ScrollbarThemeIOS.h: Remove shouldCenterOnThumb,
1454         and don't override handleMousePressEvent since iOS wants the
1455         default behavior.
1456         * platform/ios/ScrollbarThemeIOS.mm:
1457         * platform/mac/ScrollbarThemeMac.h: Override handleMousePressEvent
1458         and remove shouldCenterOnThumb.
1459         * platform/mac/ScrollbarThemeMac.mm:
1460         (WebCore::shouldCenterOnThumb): Same implementation just made it
1461         static to be used as helper.
1462         (WebCore::ScrollbarThemeMac::handleMousePressEvent): Return the
1463         desired action keeping the same behavior.
1464         * platform/win/ScrollbarThemeWin.cpp:
1465         (WebCore::ScrollbarThemeWin::handleMousePressEvent): Ditto.
1466         * platform/win/ScrollbarThemeWin.h:
1467         * rendering/RenderScrollbarTheme.h:
1468
1469 2016-02-16  Carlos Garcia Campos  <cgarcia@igalia.com>
1470
1471         Mouse cursor doesn't change when entering scrollbars
1472         https://bugs.webkit.org/show_bug.cgi?id=154243
1473
1474         Reviewed by Simon Fraser.
1475
1476         If the scrollbar is over or very close to text or a link, when
1477         entering the scrollbar the cursor is not changed, keeping the beam
1478         or hand cursor when using the scrollbar. Same happens for image
1479         documents where the magnifier cursor is used and it remains when
1480         entering the scrollbars. We should use pointer cursor always for
1481         scrollbars.
1482
1483         * page/EventHandler.cpp:
1484         (WebCore::EventHandler::updateCursor): Request also to include
1485         frame scrollbars in hit test result.
1486         (WebCore::EventHandler::selectCursor): Use always pointer cursor
1487         for scrollbars.
1488
1489 2016-02-15  Antti Koivisto  <antti@apple.com>
1490
1491         Optimize style invalidations for attribute selectors
1492         https://bugs.webkit.org/show_bug.cgi?id=154242
1493
1494         Reviewed by Andreas Kling.
1495
1496         Currently we invalidate the whole element subtree if there are any attribute selectors for the changed attribute.
1497         This is slow as generally few if any elements are really affected. Using attribute selectors for dynamic styling
1498         should be performant.
1499
1500         This patch implements optimization strategy for attributes similar to what we already have for classes:
1501
1502         - Collect a map of all rules that contains descendant-affecting attribute selectors for a given attribute.
1503         - When an attribute value changes check if there are any such rules for it.
1504         - Check if the value change affects the results of any of the attribute selectors.
1505         - Only if it does invalidate the exact descendant elements affected by the rules.
1506
1507         Test: fast/css/style-invalidation-attribute-change-descendants.html
1508
1509         * WebCore.xcodeproj/project.pbxproj:
1510         * css/DocumentRuleSets.cpp:
1511         (WebCore::DocumentRuleSets::ancestorClassRules):
1512         (WebCore::DocumentRuleSets::ancestorAttributeRulesForHTML):
1513
1514             Create optimization RuleSets when needed.
1515
1516         * css/DocumentRuleSets.h:
1517         (WebCore::DocumentRuleSets::uncommonAttribute):
1518         (WebCore::DocumentRuleSets::features):
1519         * css/RuleFeature.cpp:
1520         (WebCore::RuleFeatureSet::recursivelyCollectFeaturesFromSelector):
1521         (WebCore::makeAttributeSelectorKey):
1522         (WebCore::RuleFeatureSet::collectFeatures):
1523
1524             Collect rules with descendant affecting attribute selectors.
1525
1526         (WebCore::RuleFeatureSet::add):
1527         (WebCore::RuleFeatureSet::clear):
1528         (WebCore::RuleFeatureSet::shrinkToFit):
1529         * css/RuleFeature.h:
1530         * css/SelectorChecker.cpp:
1531         (WebCore::anyAttributeMatches):
1532         (WebCore::SelectorChecker::attributeSelectorMatches):
1533
1534             Expose function for matching single attribute selectors.
1535
1536         (WebCore::canMatchHoverOrActiveInQuirksMode):
1537         * css/SelectorChecker.h:
1538         * dom/Attr.cpp:
1539         (WebCore::Attr::setValue):
1540         (WebCore::Attr::childrenChanged):
1541         * dom/Element.cpp:
1542         (WebCore::Element::setAttributeInternal):
1543         (WebCore::makeIdForStyleResolution):
1544         (WebCore::Element::attributeChanged):
1545         (WebCore::Element::removeAttributeInternal):
1546         (WebCore::Element::addAttributeInternal):
1547         (WebCore::Element::removeAttribute):
1548
1549             Add AttributeChangeInvalidation where needed.
1550
1551         (WebCore::Element::needsStyleInvalidation):
1552
1553             Move to Element from ClassChangeInvalidation.
1554
1555         (WebCore::Element::willModifyAttribute):
1556
1557             No more full style invalidation on attribute change.
1558
1559         * style/AttributeChangeInvalidation.cpp: Added.
1560         (WebCore::Style::AttributeChangeInvalidation::invalidateStyle):
1561
1562             Invalidate local style.
1563             Check if we need to invalidate descendants by looking into ancestorAttributeRules.
1564
1565         (WebCore::Style::AttributeChangeInvalidation::invalidateDescendants):
1566
1567             Use StyleInvalidationAnalysis to invalidate the subtree for the relevant rules.
1568
1569         * style/AttributeChangeInvalidation.h: Added.
1570         (WebCore::Style::AttributeChangeInvalidation::needsInvalidation):
1571         (WebCore::Style::AttributeChangeInvalidation::AttributeChangeInvalidation):
1572         (WebCore::Style::AttributeChangeInvalidation::~AttributeChangeInvalidation):
1573
1574             If needed, invalidate descendants before and after attribute change to catch rules that start and stop applying.
1575
1576 2016-02-16  Chris Dumez  <cdumez@apple.com>
1577
1578         Do security checks early in JSDOMWindow::put*()
1579         https://bugs.webkit.org/show_bug.cgi?id=154270
1580
1581         Reviewed by Gavin Barraclough.
1582
1583         Do security checks early in JSDOMWindow::put() / JSDOMWindow::putByIndex()
1584         and return as soon as possible. This makes it less error-prone as we need
1585         to do the security check only once, at the top of the function.
1586
1587         Also lock down the security further by calling lookupPut() only if the
1588         property name is "location". The "location" property is the only one that
1589         can be set cross-origin. Previously, trying to set a property such as
1590         "name" (which cannot be set cross-origin) relied on the attribute setter
1591         doing the security check when getting called. The new check is less error
1592         prone and will correctly prevent overriding window's method cross-origin
1593         once these move down from the prototype (Bug 154120).
1594
1595         Finally, the previous code was failing to set the "location" property
1596         cross-origin after the window has been reified. This patch fixes the
1597         issue by always calling the original "location" property setter from the
1598         static table in the cross-origin case.
1599
1600         Test: http/tests/security/cross-origin-reified-window-location-setting.html
1601
1602         * bindings/js/JSDOMWindowCustom.cpp:
1603         (WebCore::JSDOMWindow::put):
1604         (WebCore::JSDOMWindow::putByIndex):
1605
1606 2016-02-15  Brent Fulgham  <bfulgham@apple.com>
1607
1608         [Mac] Gather some rudimentary statistics during resource load 
1609         https://bugs.webkit.org/show_bug.cgi?id=153575
1610         <rdar://problem/24075254>
1611
1612         Reviewed by Brady Eidson.
1613
1614         Tested by: http/tests/navigation/statistics.html
1615
1616         * CMakeLists.txt:
1617         * PlatformWin.cmake:
1618         * WebCore.xcodeproj/project.pbxproj:
1619         * dom/Document.cpp:
1620         (WebCore::Document::updateLastHandledUserGestureTimestamp): Log user interaction
1621         with the ResourceLoadObserver.
1622         * loader/DocumentLoader.cpp:
1623         (WebCore::DocumentLoader::willSendRequest): Track load statistics if the
1624         user interacted with the document.
1625         * loader/ResourceLoadObserver.cpp: Added.
1626         * loader/ResourceLoadObserver.h: Added.
1627         * loader/ResourceLoadStatistics.cpp: Added.
1628         * loader/ResourceLoadStatistics.h: Added.
1629         * loader/SubresourceLoader.cpp:
1630         (WebCore::SubresourceLoader::willSendRequestInternal): Track load statistics.
1631         * page/Settings.cpp:
1632         (WebCore::Settings::setResourceLoadStatisticsEnabled): Added.
1633         * page/Settings.h:
1634         (WebCore::Settings::resourceLoadStatisticsEnabled): Added.
1635         * platform/Logging.h:
1636         * testing/Internals.cpp:
1637         (WebCore::Internals::resourceLoadStatisticsForOrigin):
1638         (WebCore::Internals::setResourceLoadStatisticsEnabled):
1639         * testing/Internals.h:
1640         * testing/Internals.idl:
1641
1642 2016-02-15  Chris Dumez  <cdumez@apple.com>
1643
1644         The following properties should exist on the global object: AudioTrackList, AudioTrack, VideoTrackList, VideoTrack
1645         https://bugs.webkit.org/show_bug.cgi?id=154250
1646         <rdar://problem/24660829>
1647
1648         Reviewed by Eric Carlson.
1649
1650         The following properties should exist on the global object:
1651         - AudioTrackList, AudioTrack, VideoTrackList, VideoTrack
1652
1653         These interfaces are not marked as [NoInterfaceObject] in:
1654         - https://html.spec.whatwg.org/#audiotracklist-and-videotracklist-objects
1655
1656         No new tests, already covered by existing tests.
1657
1658         * html/track/AudioTrack.idl:
1659         * html/track/AudioTrackList.idl:
1660         * html/track/VideoTrack.idl:
1661         * html/track/VideoTrackList.idl:
1662
1663 2016-02-15  Sam Weinig  <sam@webkit.org>
1664
1665         Stop using NSMapTable in places where we were only using it to be GC safe
1666         <rdar://problem/24063723>
1667         https://bugs.webkit.org/show_bug.cgi?id=154264
1668
1669         Reviewed by Dan Bernstein.
1670
1671         Switch from NSMapTable to HashMap.
1672
1673         * WebCore.xcodeproj/project.pbxproj:
1674         * bindings/objc/DOMInternal.h:
1675         * bindings/objc/DOMInternal.mm:
1676         * bindings/objc/WebScriptObject.mm:
1677         * bridge/objc/objc_instance.mm:
1678         * platform/spi/cocoa/NSPointerFunctionsSPI.h: Removed. No longer used.
1679
1680 2016-02-15  Myles C. Maxfield  <mmaxfield@apple.com>
1681
1682         [Font Loading] Implement FontFace JavaScript object
1683         https://bugs.webkit.org/show_bug.cgi?id=153345
1684
1685         Reviewed by Antti Koivisto.
1686
1687         Test: fast/text/font-face-javascript.html
1688
1689         This patch implements the FontFace Javascript object. This object mostly consists of
1690         style getters / setters, which we implement by parsing input strings and generating
1691         output strings similarly to getComputedStyle(). This object also has a load() function
1692         which returns a promise which will be fulfilled or rejected depending on the load.
1693         There is also a "loaded" attribute which exposes this promise directly. Also, a status
1694         field is exposed so script knows what the state of the load is.
1695
1696         Currently, loading depends on our CachedResourceLoader which is part of the Document,
1697         so this API is not available in a non-document context.
1698
1699         Another caveat is that immediate-mode font loading (where the content provides an
1700         ArrayBuffer containing the bytes of the font file) is forthcoming. This requires
1701         changing the relationship between CSSFontFaceSource and CachedFont.
1702
1703         CSSFontFace has been modified to keep a strong reference to the CSSFontSelector. This
1704         is because the lifetime of the CSSFontFace can now outlive the CSSFontSelector. When
1705         the CSSFontSelector is removed from the Document, it explicitly clears its constituent
1706         CSSFontFaces, thereby breaking the reference cycle.
1707
1708         Test: fast/text/font-face-javascript-expected.html
1709
1710         * CMakeLists.txt: Add new files.
1711         * DerivedSources.cpp: Ditto.
1712         * DerivedSources.make: Ditto.
1713         * WebCore.vcxproj/WebCore.vcxproj: Ditto.
1714         * WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.
1715         * WebCore.xcodeproj/project.pbxproj: Ditto.
1716         * bindings/js/JSDOMPromise.cpp:
1717         (WebCore::DeferredWrapper::globalObject): Remove whitespace.
1718         (WebCore::DeferredWrapper::deferred): Allow access to the inner JSC object.
1719         * bindings/js/JSDOMPromise.h:
1720         (WebCore::DOMPromise::deferred): Ditto.
1721         * bindings/js/JSFontFaceCustom.cpp: Copied from Source/WebCore/bindings/js/JSDOMPromise.cpp.
1722         (WebCore::JSFontFace::loaded):
1723         (WebCore::JSFontFace::load):
1724         * css/CSSFontFace.cpp:
1725         (WebCore::CSSFontFace::CSSFontFace): 
1726         (WebCore::CSSFontFace::adoptSource):
1727         (WebCore::CSSFontFace::updateStatus): Enforce the state machine's transitions.
1728         (WebCore::CSSFontFace::fontLoaded):
1729         (WebCore::CSSFontFace::pump):
1730         (WebCore::CSSFontFace::load):
1731         * css/CSSFontFace.h:
1732         (WebCore::CSSFontFaceClient::~CSSFontFaceClient):
1733         (WebCore::CSSFontFace::create):
1734         (WebCore::CSSFontFace::status):
1735         * css/CSSFontSelector.cpp:
1736         (WebCore::CSSFontSelector::appendSources): Update for new CSSFontFace API.
1737         (WebCore::CSSFontSelector::registerLocalFontFacesForFamily): Ditto.
1738         (WebCore::CSSFontSelector::addFontFaceRule): Ditto.
1739         (WebCore::CSSFontSelector::kick): Ditto.
1740         (WebCore::appendSources): Deleted.
1741         (WebCore::registerLocalFontFacesForFamily): Deleted.
1742         * css/CSSFontSelector.h:
1743         * css/CSSUnicodeRangeValue.cpp: Use for serializing the "unicodeRange" property.
1744         * css/FontFace.cpp:
1745         (WebCore::createPromise): Implement the remaining Javascript API functions.
1746         (WebCore::valueFromDictionary):
1747         (WebCore::FontFace::create):
1748         (WebCore::FontFace::FontFace):
1749         (WebCore::FontFace::parseString):
1750         (WebCore::FontFace::status):
1751         (WebCore::FontFace::kick):
1752         (WebCore::FontFace::load):
1753         (WebCore::FontFace::fulfillPromise):
1754         (WebCore::FontFace::rejectPromise):
1755         (WebCore::parseString): Deleted.
1756         * css/FontFace.h:
1757         (WebCore::FontFace::promise):
1758         (WebCore::FontFace::backing):
1759         (WebCore::FontFace::create): Deleted.
1760         * css/FontFace.idl: Copied from Source/WebCore/bindings/js/JSDOMPromise.cpp.
1761
1762 2016-02-15  Jer Noble  <jer.noble@apple.com>
1763
1764         Null-deref crash in DefaultAudioDestinationNode::suspend()
1765         https://bugs.webkit.org/show_bug.cgi?id=154248
1766
1767         Reviewed by Alex Christensen.
1768
1769         Drive-by fix: AudioContext should be a reference, not a pointer.
1770
1771         * Modules/webaudio/AnalyserNode.cpp:
1772         (WebCore::AnalyserNode::AnalyserNode):
1773         * Modules/webaudio/AnalyserNode.h:
1774         (WebCore::AnalyserNode::create):
1775         * Modules/webaudio/AudioBasicInspectorNode.cpp:
1776         (WebCore::AudioBasicInspectorNode::AudioBasicInspectorNode):
1777         (WebCore::AudioBasicInspectorNode::connect):
1778         (WebCore::AudioBasicInspectorNode::disconnect):
1779         (WebCore::AudioBasicInspectorNode::checkNumberOfChannelsForInput):
1780         (WebCore::AudioBasicInspectorNode::updatePullStatus):
1781         * Modules/webaudio/AudioBasicInspectorNode.h:
1782         * Modules/webaudio/AudioBasicProcessorNode.cpp:
1783         (WebCore::AudioBasicProcessorNode::AudioBasicProcessorNode):
1784         (WebCore::AudioBasicProcessorNode::checkNumberOfChannelsForInput):
1785         * Modules/webaudio/AudioBasicProcessorNode.h:
1786         * Modules/webaudio/AudioBufferSourceNode.cpp:
1787         (WebCore::AudioBufferSourceNode::create):
1788         (WebCore::AudioBufferSourceNode::AudioBufferSourceNode):
1789         (WebCore::AudioBufferSourceNode::renderFromBuffer):
1790         (WebCore::AudioBufferSourceNode::setBuffer):
1791         (WebCore::AudioBufferSourceNode::startPlaying):
1792         (WebCore::AudioBufferSourceNode::looping):
1793         (WebCore::AudioBufferSourceNode::setLooping):
1794         * Modules/webaudio/AudioBufferSourceNode.h:
1795         * Modules/webaudio/AudioContext.cpp:
1796         (WebCore::AudioContext::AudioContext):
1797         (WebCore::AudioContext::createBufferSource):
1798         (WebCore::AudioContext::createMediaElementSource):
1799         (WebCore::AudioContext::createMediaStreamDestination):
1800         (WebCore::AudioContext::createScriptProcessor):
1801         (WebCore::AudioContext::createBiquadFilter):
1802         (WebCore::AudioContext::createWaveShaper):
1803         (WebCore::AudioContext::createPanner):
1804         (WebCore::AudioContext::createConvolver):
1805         (WebCore::AudioContext::createDynamicsCompressor):
1806         (WebCore::AudioContext::createAnalyser):
1807         (WebCore::AudioContext::createGain):
1808         (WebCore::AudioContext::createDelay):
1809         (WebCore::AudioContext::createChannelSplitter):
1810         (WebCore::AudioContext::createChannelMerger):
1811         (WebCore::AudioContext::createOscillator):
1812         * Modules/webaudio/AudioContext.h:
1813         (WebCore::operator==):
1814         (WebCore::operator!=):
1815         * Modules/webaudio/AudioDestinationNode.cpp:
1816         (WebCore::AudioDestinationNode::AudioDestinationNode):
1817         (WebCore::AudioDestinationNode::render):
1818         (WebCore::AudioDestinationNode::updateIsEffectivelyPlayingAudio):
1819         * Modules/webaudio/AudioDestinationNode.h:
1820         * Modules/webaudio/AudioNode.cpp:
1821         (WebCore::AudioNode::AudioNode):
1822         (WebCore::AudioNode::connect):
1823         (WebCore::AudioNode::disconnect):
1824         (WebCore::AudioNode::setChannelCount):
1825         (WebCore::AudioNode::setChannelCountMode):
1826         (WebCore::AudioNode::setChannelInterpretation):
1827         (WebCore::AudioNode::scriptExecutionContext):
1828         (WebCore::AudioNode::processIfNecessary):
1829         (WebCore::AudioNode::checkNumberOfChannelsForInput):
1830         (WebCore::AudioNode::propagatesSilence):
1831         (WebCore::AudioNode::pullInputs):
1832         (WebCore::AudioNode::enableOutputsIfNecessary):
1833         (WebCore::AudioNode::deref):
1834         (WebCore::AudioNode::finishDeref):
1835         * Modules/webaudio/AudioNode.h:
1836         (WebCore::AudioNode::context):
1837         * Modules/webaudio/AudioNodeInput.cpp:
1838         (WebCore::AudioNodeInput::connect):
1839         (WebCore::AudioNodeInput::disconnect):
1840         (WebCore::AudioNodeInput::disable):
1841         (WebCore::AudioNodeInput::enable):
1842         (WebCore::AudioNodeInput::updateInternalBus):
1843         (WebCore::AudioNodeInput::bus):
1844         (WebCore::AudioNodeInput::internalSummingBus):
1845         (WebCore::AudioNodeInput::sumAllConnections):
1846         (WebCore::AudioNodeInput::pull):
1847         * Modules/webaudio/AudioNodeOutput.cpp:
1848         (WebCore::AudioNodeOutput::setNumberOfChannels):
1849         (WebCore::AudioNodeOutput::updateNumberOfChannels):
1850         (WebCore::AudioNodeOutput::propagateChannelCount):
1851         (WebCore::AudioNodeOutput::pull):
1852         (WebCore::AudioNodeOutput::bus):
1853         (WebCore::AudioNodeOutput::fanOutCount):
1854         (WebCore::AudioNodeOutput::paramFanOutCount):
1855         (WebCore::AudioNodeOutput::addInput):
1856         (WebCore::AudioNodeOutput::removeInput):
1857         (WebCore::AudioNodeOutput::disconnectAllInputs):
1858         (WebCore::AudioNodeOutput::addParam):
1859         (WebCore::AudioNodeOutput::removeParam):
1860         (WebCore::AudioNodeOutput::disconnectAllParams):
1861         (WebCore::AudioNodeOutput::disable):
1862         (WebCore::AudioNodeOutput::enable):
1863         * Modules/webaudio/AudioNodeOutput.h:
1864         (WebCore::AudioNodeOutput::context):
1865         * Modules/webaudio/AudioParam.cpp:
1866         (WebCore::AudioParam::value):
1867         (WebCore::AudioParam::smooth):
1868         (WebCore::AudioParam::calculateSampleAccurateValues):
1869         (WebCore::AudioParam::calculateFinalValues):
1870         (WebCore::AudioParam::calculateTimelineValues):
1871         (WebCore::AudioParam::connect):
1872         (WebCore::AudioParam::disconnect):
1873         * Modules/webaudio/AudioParam.h:
1874         (WebCore::AudioParam::create):
1875         (WebCore::AudioParam::AudioParam):
1876         * Modules/webaudio/AudioParamTimeline.cpp:
1877         (WebCore::AudioParamTimeline::valueForContextTime):
1878         * Modules/webaudio/AudioParamTimeline.h:
1879         * Modules/webaudio/AudioScheduledSourceNode.cpp:
1880         (WebCore::AudioScheduledSourceNode::AudioScheduledSourceNode):
1881         (WebCore::AudioScheduledSourceNode::updateSchedulingInfo):
1882         (WebCore::AudioScheduledSourceNode::start):
1883         (WebCore::AudioScheduledSourceNode::finish):
1884         * Modules/webaudio/AudioScheduledSourceNode.h:
1885         * Modules/webaudio/AudioSummingJunction.cpp:
1886         (WebCore::AudioSummingJunction::AudioSummingJunction):
1887         (WebCore::AudioSummingJunction::~AudioSummingJunction):
1888         (WebCore::AudioSummingJunction::changedOutputs):
1889         (WebCore::AudioSummingJunction::updateRenderingState):
1890         * Modules/webaudio/AudioSummingJunction.h:
1891         (WebCore::AudioSummingJunction::context):
1892         * Modules/webaudio/BiquadFilterNode.cpp:
1893         (WebCore::BiquadFilterNode::BiquadFilterNode):
1894         * Modules/webaudio/BiquadFilterNode.h:
1895         (WebCore::BiquadFilterNode::create):
1896         * Modules/webaudio/BiquadProcessor.cpp:
1897         (WebCore::BiquadProcessor::BiquadProcessor):
1898         * Modules/webaudio/BiquadProcessor.h:
1899         * Modules/webaudio/ChannelMergerNode.cpp:
1900         (WebCore::ChannelMergerNode::create):
1901         (WebCore::ChannelMergerNode::ChannelMergerNode):
1902         (WebCore::ChannelMergerNode::checkNumberOfChannelsForInput):
1903         * Modules/webaudio/ChannelMergerNode.h:
1904         * Modules/webaudio/ChannelSplitterNode.cpp:
1905         (WebCore::ChannelSplitterNode::create):
1906         (WebCore::ChannelSplitterNode::ChannelSplitterNode):
1907         * Modules/webaudio/ChannelSplitterNode.h:
1908         * Modules/webaudio/ConvolverNode.cpp:
1909         (WebCore::ConvolverNode::ConvolverNode):
1910         (WebCore::ConvolverNode::setBuffer):
1911         * Modules/webaudio/ConvolverNode.h:
1912         (WebCore::ConvolverNode::create):
1913         * Modules/webaudio/DefaultAudioDestinationNode.cpp:
1914         (WebCore::DefaultAudioDestinationNode::DefaultAudioDestinationNode):
1915         (WebCore::DefaultAudioDestinationNode::resume):
1916         (WebCore::DefaultAudioDestinationNode::suspend):
1917         (WebCore::DefaultAudioDestinationNode::close):
1918         * Modules/webaudio/DefaultAudioDestinationNode.h:
1919         (WebCore::DefaultAudioDestinationNode::create):
1920         * Modules/webaudio/DelayNode.cpp:
1921         (WebCore::DelayNode::DelayNode):
1922         * Modules/webaudio/DelayNode.h:
1923         (WebCore::DelayNode::create):
1924         * Modules/webaudio/DelayProcessor.cpp:
1925         (WebCore::DelayProcessor::DelayProcessor):
1926         * Modules/webaudio/DelayProcessor.h:
1927         * Modules/webaudio/DynamicsCompressorNode.cpp:
1928         (WebCore::DynamicsCompressorNode::DynamicsCompressorNode):
1929         * Modules/webaudio/DynamicsCompressorNode.h:
1930         (WebCore::DynamicsCompressorNode::create):
1931         * Modules/webaudio/GainNode.cpp:
1932         (WebCore::GainNode::GainNode):
1933         (WebCore::GainNode::checkNumberOfChannelsForInput):
1934         * Modules/webaudio/GainNode.h:
1935         (WebCore::GainNode::create):
1936         * Modules/webaudio/MediaElementAudioSourceNode.cpp:
1937         (WebCore::MediaElementAudioSourceNode::create):
1938         (WebCore::MediaElementAudioSourceNode::MediaElementAudioSourceNode):
1939         (WebCore::MediaElementAudioSourceNode::setFormat):
1940         * Modules/webaudio/MediaElementAudioSourceNode.h:
1941         * Modules/webaudio/MediaStreamAudioDestinationNode.cpp:
1942         (WebCore::MediaStreamAudioDestinationNode::create):
1943         (WebCore::MediaStreamAudioDestinationNode::MediaStreamAudioDestinationNode):
1944         * Modules/webaudio/MediaStreamAudioDestinationNode.h:
1945         * Modules/webaudio/MediaStreamAudioSourceNode.cpp:
1946         (WebCore::MediaStreamAudioSourceNode::MediaStreamAudioSourceNode):
1947         (WebCore::MediaStreamAudioSourceNode::setFormat):
1948         * Modules/webaudio/OfflineAudioDestinationNode.cpp:
1949         (WebCore::OfflineAudioDestinationNode::OfflineAudioDestinationNode):
1950         (WebCore::OfflineAudioDestinationNode::offlineRender):
1951         (WebCore::OfflineAudioDestinationNode::notifyComplete):
1952         * Modules/webaudio/OfflineAudioDestinationNode.h:
1953         (WebCore::OfflineAudioDestinationNode::create):
1954         * Modules/webaudio/OscillatorNode.cpp:
1955         (WebCore::OscillatorNode::create):
1956         (WebCore::OscillatorNode::OscillatorNode):
1957         * Modules/webaudio/OscillatorNode.h:
1958         * Modules/webaudio/PannerNode.cpp:
1959         (WebCore::PannerNode::PannerNode):
1960         (WebCore::PannerNode::pullInputs):
1961         (WebCore::PannerNode::process):
1962         (WebCore::PannerNode::listener):
1963         (WebCore::PannerNode::setPanningModel):
1964         * Modules/webaudio/PannerNode.h:
1965         (WebCore::PannerNode::create):
1966         * Modules/webaudio/ScriptProcessorNode.cpp:
1967         (WebCore::ScriptProcessorNode::create):
1968         (WebCore::ScriptProcessorNode::ScriptProcessorNode):
1969         (WebCore::ScriptProcessorNode::initialize):
1970         (WebCore::ScriptProcessorNode::fireProcessEvent):
1971         * Modules/webaudio/ScriptProcessorNode.h:
1972         * Modules/webaudio/WaveShaperNode.cpp:
1973         (WebCore::WaveShaperNode::WaveShaperNode):
1974         (WebCore::WaveShaperNode::setOversample):
1975         * Modules/webaudio/WaveShaperNode.h:
1976         (WebCore::WaveShaperNode::create):
1977
1978 2016-02-15  Jer Noble  <jer.noble@apple.com>
1979
1980         Null-deref crash in DefaultAudioDestinationNode::suspend()
1981         https://bugs.webkit.org/show_bug.cgi?id=154248
1982
1983         Reviewed by Alex Christensen.
1984
1985         Null-check scriptExecutionContext() before deref.
1986
1987         * Modules/webaudio/DefaultAudioDestinationNode.cpp:
1988         (WebCore::DefaultAudioDestinationNode::resume):
1989         (WebCore::DefaultAudioDestinationNode::suspend):
1990         (WebCore::DefaultAudioDestinationNode::close):
1991
1992 2016-02-15  Chris Dumez  <cdumez@apple.com>
1993
1994         XMLHttpRequest / XMLHttpRequestUpload should inherit XMLHttpRequestEventTarget
1995         https://bugs.webkit.org/show_bug.cgi?id=154230
1996
1997         Reviewed by Alex Christensen.
1998
1999         MLHttpRequest / XMLHttpRequestUpload should inherit XMLHttpRequestEventTarget
2000         as per:
2001         https://xhr.spec.whatwg.org/#xmlhttprequesteventtarget
2002
2003         Firefox and Chrome already match the specification.
2004
2005         No new tests, already covered by existing tests.
2006
2007         * CMakeLists.txt:
2008         * DerivedSources.make:
2009         * WebCore.vcxproj/WebCore.vcxproj:
2010         * WebCore.vcxproj/WebCore.vcxproj.filters:
2011         * WebCore.xcodeproj/project.pbxproj:
2012         * xml/XMLHttpRequest.h:
2013         * xml/XMLHttpRequest.idl:
2014         * xml/XMLHttpRequestEventTarget.h: Added.
2015         * xml/XMLHttpRequestEventTarget.idl: Copied from Source/WebCore/xml/XMLHttpRequestUpload.idl.
2016         * xml/XMLHttpRequestUpload.h:
2017         * xml/XMLHttpRequestUpload.idl:
2018
2019 2016-02-15  Jiewen Tan  <jiewen_tan@apple.com>
2020
2021         Refine SimulatedMouseEvent to support Event.isTrusted
2022         https://bugs.webkit.org/show_bug.cgi?id=154133
2023         <rdar://problem/24616246>
2024
2025         Reviewed by Darin Adler.
2026
2027         This patch extracts everything related to create/dispatch SimulatedMouseEvent from MouseEvent.h/cpp
2028         and EventDispatcher.h/cpp, and produces SimulateClick.h/cpp which will handle simulated click solely.
2029         After that, we hide the SimulatedMouseEvent and only expose simulateClick to be called. The reason is
2030         that we both want to tell whether the call sites are from user agent/bindings and keep the
2031         SimulatedMouseEvent intact.
2032
2033         Also, this patch separate Element::dispatchSimulatedClick into two: one for the user agent, and another
2034         for the bindings. Therefore, HTMLElement.click will be treated as untrusted.
2035
2036         Some of the changes in this patch referred Blink r200401:
2037         https://codereview.chromium.org/1285793004
2038
2039         Modified test:
2040         LayoutTests/imported/blink/fast/events/event-trusted.html
2041
2042         * CMakeLists.txt:
2043         * WebCore.xcodeproj/project.pbxproj:
2044         * dom/Element.cpp:
2045         (WebCore::Element::dispatchSimulatedClick):
2046         (WebCore::Element::dispatchSimulatedClickForBindings):
2047         * dom/Element.h:
2048         * dom/EventDispatcher.cpp:
2049         (WebCore::EventDispatcher::dispatchSimulatedClick): Deleted.
2050         * dom/EventDispatcher.h:
2051         * dom/MouseEvent.cpp:
2052         (WebCore::SimulatedMouseEvent::create): Deleted.
2053         (WebCore::SimulatedMouseEvent::~SimulatedMouseEvent): Deleted.
2054         (WebCore::SimulatedMouseEvent::SimulatedMouseEvent): Deleted.
2055         * dom/MouseEvent.h:
2056         * dom/SimulatedClick.cpp: Added.
2057         (WebCore::simulateMouseEvent):
2058         (WebCore::simulateClick):
2059         * dom/SimulatedClick.h: Added.
2060         * html/HTMLElement.cpp:
2061         (WebCore::HTMLElement::click):
2062
2063 2016-02-15  Joseph Pecoraro  <pecoraro@apple.com>
2064
2065         Web Inspector: Web Workers have no access to console for debugging
2066         https://bugs.webkit.org/show_bug.cgi?id=26237
2067
2068         Reviewed by Timothy Hatcher.
2069
2070         This adds the most basic console message support to Workers.
2071         Messages logged from workers get surfaced through the Page's console.
2072         This lacks support for logging and interacting with arguments,
2073         which would be addressed when adding more complete Worker
2074         debugging tools.
2075
2076         Test: inspector/console/messageAdded-from-worker.html
2077
2078         * CMakeLists.txt:
2079         * WebCore.xcodeproj/project.pbxproj:
2080         Add new files.
2081
2082         * bindings/js/WorkerScriptController.cpp:
2083         (WebCore::WorkerScriptController::~WorkerScriptController):
2084         (WebCore::WorkerScriptController::initScript):
2085         Set the ConsoleClient for the Worker's global object. We route
2086         the messages to the Page's console.
2087
2088         * bindings/js/WorkerScriptController.h:
2089         * workers/WorkerConsoleClient.h: Added.
2090         * workers/WorkerConsoleClient.cpp: Added.
2091         (WebCore::WorkerConsoleClient::WorkerConsoleClient):
2092         (WebCore::WorkerConsoleClient::~WorkerConsoleClient):
2093         (WebCore::WorkerConsoleClient::profile):
2094         (WebCore::WorkerConsoleClient::profileEnd):
2095         (WebCore::WorkerConsoleClient::count):
2096         (WebCore::WorkerConsoleClient::time):
2097         (WebCore::WorkerConsoleClient::timeEnd):
2098         (WebCore::WorkerConsoleClient::timeStamp):
2099         Stub most console methods in a Worker.
2100
2101         (WebCore::WorkerConsoleClient::messageWithTypeAndLevel):
2102         Send worker log messages to the global scope and on to the main page.
2103
2104         * workers/WorkerGlobalScope.h:
2105         * workers/WorkerGlobalScope.cpp:
2106         (WebCore::WorkerGlobalScope::addConsoleMessage):
2107         (WebCore::WorkerGlobalScope::addMessageToWorkerConsole):
2108         Ideally we want to converge on simple addConsoleMessage
2109         APIs that just take a ConsoleMessage, without a barrage
2110         of parameters. Add these versions now.
2111
2112 2016-02-15  Alex Christensen  <achristensen@webkit.org>
2113
2114         CMake build fix.
2115
2116         * PlatformMac.cmake:
2117
2118 2016-02-15  Chris Dumez  <cdumez@apple.com>
2119
2120         Regression(r196563): It is no longer possible to call window.addEventListener without an explicit 'this'
2121         https://bugs.webkit.org/show_bug.cgi?id=154245
2122
2123         Reviewed by Ryosuke Niwa.
2124
2125         This patch adds support for calling the EventListener API without an
2126         explicit 'this' value. If no explicit 'this' value is passed, then we
2127         fall back to using the global object. This matches Chrome and Firefox's
2128         behavior. It also fixes the Dromaeo/cssquery-dojo.html test.
2129
2130         Test: fast/dom/Window/addEventListener-implicit-this.html
2131
2132         * bindings/scripts/CodeGeneratorJS.pm:
2133         (GenerateFunctionCastedThis):
2134
2135 2016-02-14  Gavin Barraclough  <barraclough@apple.com>
2136
2137         Organize, deduplicate & comment JSDOMWindowCustom getOwnPropertySlot
2138         https://bugs.webkit.org/show_bug.cgi?id=154224
2139
2140         Reviewed by Chris Dumez.
2141
2142         * bindings/js/JSDOMWindowCustom.cpp:
2143         (WebCore::jsDOMWindowGetOwnPropertySlotRestrictedAccess):
2144         (WebCore::jsDOMWindowGetOwnPropertySlotNamedItemGetter):
2145         (WebCore::JSDOMWindow::getOwnPropertySlot):
2146         (WebCore::JSDOMWindow::getOwnPropertySlotByIndex):
2147             - organized property access sequence into a more logical order, removed
2148               duplicated code & added comments.
2149         (WebCore::namedItemGetter): Deleted.
2150             - there was no need for a custom callback here; merged functionality into
2151               jsDOMWindowGetOwnPropertySlotNamedItemGetter.
2152         (WebCore::jsDOMWindowGetOwnPropertySlotCrossOrigin): Deleted.
2153             - renamed to jsDOMWindowGetOwnPropertySlotRestrictedAccess
2154               (this now also handles frameless access).
2155
2156 2016-02-15  Daniel Bates  <dabates@apple.com>
2157
2158         CSP: 'sandbox' should be ignored in report-only mode
2159         https://bugs.webkit.org/show_bug.cgi?id=153167
2160         <rdar://problem/22708669>
2161
2162         Reviewed by Brent Fulgham.
2163
2164         Merged from Blink (patch by Mike West):
2165         <https://src.chromium.org/viewvc/blink?revision=165322&view=revision>
2166
2167         * page/csp/ContentSecurityPolicy.cpp:
2168         (WebCore::ContentSecurityPolicy::reportInvalidDirectiveInReportOnlyMode): Added. Logs a
2169         console message to the console to explain that the specified directive is invalid in
2170         report-only mode.
2171         * page/csp/ContentSecurityPolicy.h:
2172         * page/csp/ContentSecurityPolicyDirectiveList.cpp:
2173         (WebCore::ContentSecurityPolicyDirectiveList::applySandboxPolicy): Do not apply sandbox
2174         policy when in report-only mode and call ContentSecurityPolicy::reportInvalidDirectiveInReportOnlyMode()
2175         to log a message to the console.
2176
2177 2016-02-15  Daniel Bates  <dabates@apple.com>
2178
2179         CSP: Allow schemeless source expressions to match an HTTP or HTTPS resource
2180         https://bugs.webkit.org/show_bug.cgi?id=154177
2181         <rdar://problem/22708772>
2182
2183         Reviewed by Brent Fulgham.
2184
2185         Allow a schemeless source expression to match an HTTP or HTTPS subresource when the page is
2186         delivered over HTTP as per section Matching Source Expressions of the Content Security Policy
2187         2.0 spec., <https://www.w3.org/TR/2015/CR-CSP2-20150721/> (21 July 2015).
2188
2189         Currently we have logic that implements this functionality, but it is guarded behind the compile-
2190         time macro ENABLE(CSP_NEXT) that is disabled by default. Instead we should always compile such
2191         code. In subsequent commits we will move more code out from under the ENABLE(CSP_NEXT)-guard
2192         towards removing the ENABLE_CSP_NEXT macro entirely.
2193
2194         * page/csp/ContentSecurityPolicy.cpp:
2195         (WebCore::ContentSecurityPolicy::protocolMatchesSelf):
2196
2197 2016-02-15  Konstantin Tokarev  <annulen@yandex.ru>
2198
2199         [cmake] Consolidated Linux-specific file lists.
2200         https://bugs.webkit.org/show_bug.cgi?id=154219
2201
2202         Reviewed by Gyuyoung Kim.
2203
2204         No new tests needed.
2205
2206         * PlatformEfl.cmake: Moved Linux files and include dir to Linux.cmake.
2207         * PlatformGTK.cmake: Ditto.
2208         * platform/Linux.cmake: Added.
2209
2210 2016-02-15  Csaba Osztrogonác  <ossy@webkit.org>
2211
2212         Fix the !(ENABLE(SVG_FONTS) || ENABLE(SVG_OTF_CONVERTER)) build after r196322
2213         https://bugs.webkit.org/show_bug.cgi?id=154104
2214
2215         Reviewed by Myles C. Maxfield.
2216
2217         * css/CSSFontFaceSource.cpp:
2218         (WebCore::CSSFontFaceSource::CSSFontFaceSource):
2219
2220 2016-02-14  Antti Koivisto  <antti@apple.com>
2221
2222         Add test for class change style invalidation optimization
2223         https://bugs.webkit.org/show_bug.cgi?id=154226
2224
2225         Reviewed by Myles Maxfield.
2226
2227         Test for https://trac.webkit.org/r196383
2228
2229         Add internals.styleChangeType function.
2230
2231         Test: fast/css/style-invalidation-class-change-descendants.html
2232
2233         * testing/Internals.cpp:
2234         (WebCore::Internals::nodeNeedsStyleRecalc):
2235         (WebCore::asString):
2236         (WebCore::Internals::styleChangeType):
2237         (WebCore::Internals::description):
2238         * testing/Internals.h:
2239         * testing/Internals.idl:
2240
2241 2016-02-14  Simon Fraser  <simon.fraser@apple.com>
2242
2243         [CSS Filters] When applying an SVG filter on a composited image using CSS the image is rendered without the filter
2244         https://bugs.webkit.org/show_bug.cgi?id=154108
2245
2246         Reviewed by Sam Weinig.
2247         
2248         When checking whether we can directly composite an image, we need to check for software-rendered
2249         filters.
2250
2251         Test: compositing/filters/simple-image-with-svg-filter.html
2252
2253         * rendering/RenderLayerBacking.cpp:
2254         (WebCore::RenderLayerBacking::isDirectlyCompositedImage):
2255
2256 2016-02-14  Chris Dumez  <cdumez@apple.com>
2257
2258         Drop the [EventTarget] WebKit-specific IDL extended attribute
2259         https://bugs.webkit.org/show_bug.cgi?id=154171
2260
2261         Reviewed by Sam Weinig.
2262
2263         Drop the [EventTarget] WebKit-specific IDL extended attribute now that
2264         all interfaces inherit EventTarget when they should.
2265
2266         No new tests, no Web-Exposed behavior change.
2267
2268         * Modules/battery/BatteryManager.idl:
2269         * Modules/encryptedmedia/MediaKeySession.idl:
2270         * Modules/indexeddb/IDBDatabase.idl:
2271         * Modules/indexeddb/IDBOpenDBRequest.idl:
2272         * Modules/indexeddb/IDBRequest.idl:
2273         * Modules/indexeddb/IDBTransaction.idl:
2274         * Modules/mediasession/MediaRemoteControls.idl:
2275         * Modules/mediasource/MediaSource.idl:
2276         * Modules/mediasource/SourceBuffer.idl:
2277         * Modules/mediasource/SourceBufferList.idl:
2278         * Modules/mediastream/MediaStream.idl:
2279         * Modules/mediastream/MediaStreamTrack.idl:
2280         * Modules/mediastream/RTCDTMFSender.idl:
2281         * Modules/mediastream/RTCDataChannel.idl:
2282         * Modules/mediastream/RTCPeerConnection.idl:
2283         * Modules/notifications/Notification.idl:
2284         * Modules/speech/SpeechSynthesisUtterance.idl:
2285         * Modules/webaudio/AudioContext.idl:
2286         * Modules/webaudio/AudioNode.idl:
2287         * Modules/webaudio/OfflineAudioContext.idl:
2288         * Modules/websockets/WebSocket.idl:
2289         * bindings/scripts/CodeGeneratorGObject.pm:
2290         (ImplementsInterface):
2291         (SkipFunction): Deleted.
2292         (GenerateCFile): Deleted.
2293         * bindings/scripts/CodeGeneratorJS.pm:
2294         (InstanceNeedsVisitChildren):
2295         (GenerateImplementation):
2296         * bindings/scripts/IDLAttributes.txt:
2297         * bindings/scripts/test/TestEventTarget.idl:
2298         * bindings/scripts/test/TestNode.idl:
2299         * css/FontLoader.idl:
2300         * dom/EventTarget.idl:
2301         * dom/MessagePort.idl:
2302         * dom/Node.idl:
2303         * dom/WebKitNamedFlow.idl:
2304         * fileapi/FileReader.idl:
2305         * html/MediaController.idl:
2306         * html/track/AudioTrackList.idl:
2307         * html/track/TextTrack.idl:
2308         * html/track/TextTrackCue.idl:
2309         * html/track/TextTrackList.idl:
2310         * html/track/VideoTrackList.idl:
2311         * loader/appcache/DOMApplicationCache.idl:
2312         * page/DOMWindow.idl:
2313         * page/EventSource.idl:
2314         * page/Performance.idl:
2315         * workers/WorkerGlobalScope.idl:
2316         * xml/XMLHttpRequest.idl:
2317         * xml/XMLHttpRequestUpload.idl:
2318
2319 2016-02-14  Chris Dumez  <cdumez@apple.com>
2320
2321         Unreviewed attempt to fix the Mac CMake build after r196136
2322
2323         * PlatformMac.cmake:
2324
2325 2016-02-14  Chris Dumez  <cdumez@apple.com>
2326
2327         Unreviewed attempt to fix the Windows build.
2328
2329         * Modules/webdatabase/Database.cpp:
2330         * bridge/c/c_utility.cpp:
2331         * platform/MemoryPressureHandler.cpp:
2332
2333 2016-02-14  Chris Dumez  <cdumez@apple.com>
2334
2335         Window and WorkerGlobalScope should inherit EventTarget
2336         https://bugs.webkit.org/show_bug.cgi?id=154170
2337         <rdar://problem/24642377>
2338
2339         Reviewed by Darin Adler.
2340
2341         Window and WorkerGlobalScope should inherit EventTarget instead of
2342         duplicating the EventTarget API in their IDL. These were the last
2343         interfaces that needed fixing. The next step will be to get rid
2344         of the [EventTarget] IDL extended attribute and rely entirely
2345         on the EventTarget inheritance.
2346
2347         Test:
2348         - fast/frames/detached-frame-eventListener.html
2349         - Covered by existing tests.
2350
2351         * WebCore.xcodeproj/project.pbxproj:
2352         Add JSEventTargetCustom.h header to the project.
2353
2354         * bindings/js/JSDOMWindowCustom.cpp:
2355         Drop custom bindings for Window's addEventListener() and
2356         removeEventListener(). The only reason these needed custom
2357         code was to add a check for frameless windows. The frameless
2358         Window checks was moved to the respective methods in the
2359         JSEventTarget generated bindings.
2360
2361         * bindings/js/JSDOMWindowShell.cpp:
2362         (WebCore::JSDOMWindowShell::setWindow):
2363         Set WindowPrototype's prototype to EventTarget's prototype.
2364
2365         * bindings/js/JSDOMWindowShell.h:
2366         * bindings/js/JSDictionary.cpp:
2367         Include "DOMWindow.h" to fix the build.
2368
2369         * bindings/js/JSEventTargetCustom.cpp:
2370         (WebCore::JSEventTarget::toWrapped):
2371         Handle DOMWindow and WorkerGlobalScope explicitely in toWrapped()
2372         and get rid of the DOM_EVENT_TARGET_INTERFACES_FOR_EACH(TRY_TO_UNWRAP_WITH_INTERFACE)
2373         now that all interfaces inherit EventTarget when they should.
2374         The reason DOMWindow and WorkerGlobalScope still need special
2375         handling is because their wrappers (JSDOMWindow /
2376         JSWorkerGlobalScope) do not subclass JSEventTarget.
2377
2378         (WebCore::JSEventTargetOrGlobalScope::create):
2379         * bindings/js/JSEventTargetCustom.h: Added.
2380         (WebCore::JSEventTargetOrGlobalScope::wrapped):
2381         (WebCore::JSEventTargetOrGlobalScope::operator JSC::JSObject&):
2382         (WebCore::JSEventTargetOrGlobalScope::JSEventTargetOrGlobalScope):
2383         Add a wrapper type for JSEventTarget / JSDOMWindow and
2384         JSWorkerGlobalScope for use in the generated bindings. This is
2385         needed because JSDOMWindow and JSWorkerGlobalScope do not
2386         subclass JSEventTarget. Subclassing JSEventTarget would be
2387         complicated for them because they already subclass
2388         JSDOMWindowBase / JSWorkerGlobalScopeBase, which subclasses
2389         JSDOMGlobalObject.
2390
2391         * bindings/js/WorkerScriptController.cpp:
2392         (WebCore::WorkerScriptController::initScript):
2393         Set WorkerGlobalScopePrototype's prototype to EventTarget's prototype.
2394
2395         * bindings/scripts/CodeGeneratorJS.pm:
2396         (ShouldGenerateToJSDeclaration):
2397         Do not generate to toJS() implementation for interfaces that use
2398         the [CustomProxyToJSObject] IDL extended attribute, even if they
2399         inherit EventTarget.
2400
2401         (GetCastingHelperForThisObject):
2402         To initialize castedThis from thisValue JSValue, we now use the
2403         JSEventTargetOrGlobalScope wrapper for the EventTarget
2404         implementation. This is to work around the fact that JSDOMWindow
2405         and JSWorkerGlobalScope do not subclass JSEventTarget.
2406
2407         (GenerateFunctionCastedThis):
2408         - Drop code handling [WorkerGlobalScope] IDL extended attribute
2409           as there is no such attribute.
2410         - Use auto instead of auto* type for castedThis because
2411           JSEventTargetOrGlobalScope::create() returns a unique_ptr.
2412         - Do not check that castedThis inherits JSEventTarget in the
2413           EventTarget bindings code as this no longer holds true.
2414
2415         (GenerateImplementation):
2416         Generate frameless window() and security checks for EventTarget
2417         methods when thisValue is a JSDOMWindow.
2418
2419         * dom/EventTarget.idl:
2420         Add [JSCustomHeader] IDL Extended attribute as we need a header
2421         to expose JSEventTargetOrGlobalScope class.
2422
2423         * page/DOMWindow.idl:
2424         * workers/WorkerGlobalScope.idl:
2425         Inherit EventTarget and stop duplicating the EventTarget API.
2426         This matches the HTML specification.
2427
2428 2016-02-14  Darin Adler  <darin@apple.com>
2429
2430         Small tweaks to some SimpleLineLayout code
2431         https://bugs.webkit.org/show_bug.cgi?id=154229
2432
2433         Reviewed by Zalan Bujtas.
2434
2435         * rendering/SimpleLineLayoutFunctions.cpp:
2436         (WebCore::SimpleLineLayout::paintFlow): Use std::ceil instead of ceilf.
2437         Use auto instead of const auto& for a for loop where the local object is
2438         copied and not a reference.
2439         (WebCore::SimpleLineLayout::hitTestFlow): Use modern for loop.
2440         (WebCore::SimpleLineLayout::collectFlowOverflow): Use std::ceil instead of
2441         ceilf. Use a modern for loop, and use slightly more descriptive local
2442         variable names.
2443         (WebCore::SimpleLineLayout::computeBoundingBox): Use auto instead of
2444         const auto& as above.
2445         (WebCore::SimpleLineLayout::computeFirstRunLocation): Use auto and use
2446         the name "range" for the range rather than the name "it", since the range
2447         is not an iterator.
2448         (WebCore::SimpleLineLayout::collectAbsoluteRects): Use auto instead of
2449         const auto& as above.
2450         (WebCore::SimpleLineLayout::collectAbsoluteQuads): Ditto.
2451         (WebCore::SimpleLineLayout::showLineLayoutForFlow): Use modern for loop.
2452
2453         * rendering/SimpleLineLayoutResolver.cpp:
2454         (WebCore::SimpleLineLayout::RunResolver::Run::text): Convert from a String
2455         to a StringView using the StringView constructor instead of writing out
2456         explicit 8-bit and 16-bit cases.
2457
2458 2016-02-13  Antti Koivisto  <antti@apple.com>
2459
2460         Factor class change style invalidation code into a class
2461         https://bugs.webkit.org/show_bug.cgi?id=154163
2462
2463         Reviewed by Andreas Kling.
2464
2465         Factor this piece of functionality out of Element and into ClassChangeInvalidation class.
2466
2467         * CMakeLists.txt:
2468         * WebCore.vcxproj/WebCore.vcxproj:
2469         * WebCore.xcodeproj/project.pbxproj:
2470         * dom/Element.cpp:
2471         (WebCore::classStringHasClassName):
2472         (WebCore::Element::classAttributeChanged):
2473         (WebCore::collectClasses): Deleted.
2474         (WebCore::computeClassChange): Deleted.
2475         (WebCore::invalidateStyleForClassChange): Deleted.
2476         * style/ClassChangeInvalidation.cpp: Added.
2477         (WebCore::Style::ClassChangeInvalidation::computeClassChange):
2478         (WebCore::Style::ClassChangeInvalidation::invalidateStyle):
2479         * style/ClassChangeInvalidation.h: Added.
2480         (WebCore::Style::ClassChangeInvalidation::needsInvalidation):
2481         (WebCore::Style::ClassChangeInvalidation::ClassChangeInvalidation):
2482         (WebCore::Style::ClassChangeInvalidation::~ClassChangeInvalidation):
2483
2484 2016-02-13  Myles C. Maxfield  <mmaxfield@apple.com>
2485
2486         [Win] [SVG -> OTF Converter] SVG fonts drawn into ImageBuffers are invisible
2487         https://bugs.webkit.org/show_bug.cgi?id=154222
2488
2489         Reviewed by Antti Koivisto.
2490
2491         Windows ImageBuffer code is sensitive to broken bounding box and
2492         descent code.
2493
2494         Covered by existing tests.
2495
2496         * svg/SVGToOTFFontConversion.cpp:
2497         (WebCore::SVGToOTFFontConverter::appendHHEATable):
2498         (WebCore::SVGToOTFFontConverter::appendOS2Table):
2499         (WebCore::SVGToOTFFontConverter::processGlyphElement):
2500         (WebCore::SVGToOTFFontConverter::SVGToOTFFontConverter):
2501
2502 2016-02-13  Antti Koivisto  <antti@apple.com>
2503
2504         Add version number for default stylesheet
2505         https://bugs.webkit.org/show_bug.cgi?id=154220
2506
2507         Reviewed by Ryosuke Niwa.
2508
2509         We currently fail to update RuleFeatureSets for shadow trees when the default stylesheet grows
2510         (for example when media controls stylesheet is initialized).
2511
2512         No test since this is not causing known bugs. It is blocking optimizations in shadow trees that
2513         rely on rule features being up-to-date.
2514
2515         * css/CSSDefaultStyleSheets.cpp:
2516         (WebCore::CSSDefaultStyleSheets::loadSimpleDefaultStyle):
2517         (WebCore::CSSDefaultStyleSheets::ensureDefaultStyleSheetsForElement):
2518
2519             Increment version number when the default stylesheet changes.
2520
2521         * css/CSSDefaultStyleSheets.h:
2522         * css/DocumentRuleSets.cpp:
2523         (WebCore::DocumentRuleSets::appendAuthorStyleSheets):
2524         (WebCore::DocumentRuleSets::collectFeatures):
2525
2526             Store the current default stylesheet version number.
2527
2528         * css/DocumentRuleSets.h:
2529         (WebCore::DocumentRuleSets::features):
2530
2531             Collect features again if the default stylesheet has changed.
2532
2533         * css/StyleResolver.cpp:
2534         (WebCore::StyleResolver::styleForElement):
2535
2536 2016-02-13  Konstantin Tokarev  <annulen@yandex.ru>
2537
2538         [cmake] Consolidate building of GStreamer and OpenWebRTC code.
2539         https://bugs.webkit.org/show_bug.cgi?id=154116
2540
2541         Reviewed by Michael Catanzaro.
2542
2543         No new tests needed.
2544
2545         * PlatformEfl.cmake: Migrated shared code to GStreamer.cmake.
2546         * PlatformGTK.cmake: Ditto.
2547         * platform/GStreamer.cmake: Added.
2548
2549 2016-02-13  Mark Lam  <mark.lam@apple.com>
2550
2551         Add thread violation checks to WebView public APIs.
2552         https://bugs.webkit.org/show_bug.cgi?id=154183
2553
2554         Reviewed by Timothy Hatcher.
2555
2556         No new tests.  Just adding a new thread violation round.
2557
2558         * platform/ThreadCheck.h:
2559         * platform/mac/ThreadCheck.mm:
2560         - Adding WebCoreThreadViolationCheckRoundThree().
2561
2562 2016-02-12  Nan Wang  <n_wang@apple.com>
2563
2564         AX: Implement paragraph related text marker functions using TextIterator
2565         https://bugs.webkit.org/show_bug.cgi?id=154098
2566         <rdar://problem/24269675>
2567
2568         Reviewed by Chris Fleizach.
2569
2570         Using CharacterOffset to implement paragraph related text marker calls. Reused
2571         logic from VisibleUnits class. And refactored textMarkerForCharacterOffset method
2572         to get better performance. Also fixed an issue where we can't navigate through a text
2573         node with line breaks in it using next/previousCharacterOffset call.
2574
2575         Test: accessibility/mac/text-marker-paragraph-nav.html
2576
2577         * accessibility/AXObjectCache.cpp:
2578         (WebCore::AXObjectCache::traverseToOffsetInRange):
2579         (WebCore::AXObjectCache::startOrEndTextMarkerDataForRange):
2580         (WebCore::AXObjectCache::characterOffsetForNodeAndOffset):
2581         (WebCore::AXObjectCache::textMarkerDataForCharacterOffset):
2582         (WebCore::AXObjectCache::textMarkerDataForNextCharacterOffset):
2583         (WebCore::AXObjectCache::textMarkerDataForPreviousCharacterOffset):
2584         (WebCore::AXObjectCache::nextNode):
2585         (WebCore::AXObjectCache::textMarkerDataForVisiblePosition):
2586         (WebCore::AXObjectCache::nextCharacterOffset):
2587         (WebCore::AXObjectCache::previousCharacterOffset):
2588         (WebCore::startWordBoundary):
2589         (WebCore::AXObjectCache::startCharacterOffsetOfWord):
2590         (WebCore::AXObjectCache::endCharacterOffsetOfWord):
2591         (WebCore::AXObjectCache::previousWordStartCharacterOffset):
2592         (WebCore::AXObjectCache::previousWordBoundary):
2593         (WebCore::AXObjectCache::startCharacterOffsetOfParagraph):
2594         (WebCore::AXObjectCache::endCharacterOffsetOfParagraph):
2595         (WebCore::AXObjectCache::paragraphForCharacterOffset):
2596         (WebCore::AXObjectCache::nextParagraphEndCharacterOffset):
2597         (WebCore::AXObjectCache::previousParagraphStartCharacterOffset):
2598         (WebCore::AXObjectCache::rootAXEditableElement):
2599         * accessibility/AXObjectCache.h:
2600         (WebCore::CharacterOffset::remaining):
2601         (WebCore::CharacterOffset::isNull):
2602         (WebCore::CharacterOffset::isEqual):
2603         (WebCore::AXObjectCache::isNodeInUse):
2604         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
2605         (+[WebAccessibilityTextMarker textMarkerWithCharacterOffset:cache:]):
2606         (-[WebAccessibilityObjectWrapper nextMarkerForCharacterOffset:]):
2607         (-[WebAccessibilityObjectWrapper previousMarkerForCharacterOffset:]):
2608         (-[WebAccessibilityObjectWrapper rangeForTextMarkers:]):
2609         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
2610         (startOrEndTextmarkerForRange):
2611         (nextTextMarkerForCharacterOffset):
2612         (previousTextMarkerForCharacterOffset):
2613         (-[WebAccessibilityObjectWrapper nextTextMarkerForCharacterOffset:]):
2614         (-[WebAccessibilityObjectWrapper previousTextMarkerForCharacterOffset:]):
2615         (-[WebAccessibilityObjectWrapper textMarkerForCharacterOffset:]):
2616         (textMarkerForCharacterOffset):
2617         (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:forParameter:]):
2618         (-[WebAccessibilityObjectWrapper nextTextMarkerForNode:offset:]): Deleted.
2619         (-[WebAccessibilityObjectWrapper previousTextMarkerForNode:offset:]): Deleted.
2620         (-[WebAccessibilityObjectWrapper textMarkerForNode:offset:ignoreStart:]): Deleted.
2621         (-[WebAccessibilityObjectWrapper textMarkerForNode:offset:]): Deleted.
2622         * editing/VisibleUnits.cpp:
2623         (WebCore::nextSentencePosition):
2624         (WebCore::findStartOfParagraph):
2625         (WebCore::findEndOfParagraph):
2626         (WebCore::startOfParagraph):
2627         (WebCore::endOfParagraph):
2628         * editing/VisibleUnits.h:
2629
2630 2016-02-12  Ryan Haddad  <ryanhaddad@apple.com>
2631
2632         Reset results for bindings tests after r196520
2633
2634         Unreviewed test gardening.
2635
2636         No new tests needed.
2637
2638         * bindings/scripts/test/GObject/WebKitDOMTestEventTarget.cpp:
2639         (webkit_dom_test_event_target_dispatch_event):
2640         * bindings/scripts/test/GObject/WebKitDOMTestNode.cpp:
2641         (webkit_dom_test_node_dispatch_event):
2642
2643 2016-02-12  Saam barati  <sbarati@apple.com>
2644
2645         Attempting build fix from https://bugs.webkit.org/show_bug.cgi?id=154144.
2646
2647         * bindings/js/JSDOMGlobalObject.cpp:
2648         (WebCore::JSDOMGlobalObject::addBuiltinGlobals):
2649
2650 2016-02-12  Daniel Bates  <dabates@apple.com>
2651
2652         CSP: 'blob:' URLs should not match 'self' in CSP source expression lists.
2653         https://bugs.webkit.org/show_bug.cgi?id=153158
2654         <rdar://problem/24383264>
2655
2656         Reviewed by Brent Fulgham.
2657
2658         A blob URL should not match source 'self' by section Security Considerations for GUID URL schemes
2659         of the Content Security Policy 2.0 spec., <https://www.w3.org/TR/CSP2/> (21 July 2015).
2660
2661         Tests: http/tests/security/contentSecurityPolicy/blob-url-does-not-match-source-self.html
2662                http/tests/security/contentSecurityPolicy/blob-url-matches-source-blob.html
2663
2664         * page/csp/ContentSecurityPolicySourceList.cpp:
2665         (WebCore::ContentSecurityPolicySourceList::matches): Do not make a distinction between URLs that
2666         contain a nested URL (e.g. blob://http://www.example.com/...) and URLs that do not contain a nested
2667         URL. The URL of the requested resource should be matched against the source list source expressions.
2668
2669 2016-02-12  Daniel Bates  <dabates@apple.com>
2670
2671         CSP: Implement child-src directive
2672         https://bugs.webkit.org/show_bug.cgi?id=153562
2673         <rdar://problem/24610087>
2674
2675         Reviewed by Brent Fulgham.
2676
2677         Add support for the child-src directive, <https://w3c.github.io/webappsec-csp/2/#child_src> (29 August 2015),
2678         which formally replaces the deprecated frame-src directive as of the Content Security Policy 2.0 spec. The
2679         child-src directive was first introduced in the Content Security Policy 1.1 spec, <https://www.w3.org/TR/2014/WD-CSP11-20140211/>.
2680
2681         As a side effect of this change, the script URL for a Web Worker is checked against the child-src directive
2682         as opposed to the script-src directive. This is a backward incompatible change from the CSP 1.0 spec.
2683
2684         Tests: http/tests/security/contentSecurityPolicy/1.1/child-src/frame-fires-load-event-when-blocked.html
2685                http/tests/security/contentSecurityPolicy/1.1/child-src/frame-fires-load-event-when-redirect-blocked.html
2686                http/tests/security/contentSecurityPolicy/1.1/child-src/frame-src-takes-precedence-over-child-src.html
2687                http/tests/security/contentSecurityPolicy/1.1/child-src/worker-redirect-blocked.html
2688                http/tests/security/isolatedWorld/bypass-main-world-csp-worker-redirect.html
2689
2690         * loader/DocumentThreadableLoader.cpp:
2691         (WebCore::DocumentThreadableLoader::isAllowedByContentSecurityPolicy): Check child-src directive (if applicable).
2692         * loader/ThreadableLoader.h: Add enum value EnforceChildSrcDirective to enum class ContentSecurityPolicyEnforcement to
2693         enforce the child-src directive on redirect.
2694         * page/csp/ContentSecurityPolicy.cpp:
2695         (WebCore::ContentSecurityPolicy::allowChildContextFromSource): Added.
2696         * page/csp/ContentSecurityPolicy.h:
2697         * page/csp/ContentSecurityPolicyDirectiveList.cpp:
2698         (WebCore::ContentSecurityPolicyDirectiveList::checkSourceAndReportViolation): Add message prefix for a child-src violation.
2699         We use the same message prefix as used by Blink.
2700         (WebCore::ContentSecurityPolicyDirectiveList::allowChildContextFromSource): Added.
2701         (WebCore::ContentSecurityPolicyDirectiveList::allowChildFrameFromSource): Modified to check the frame-src
2702         directive (if specified) before checking the child-src directive by <https://w3c.github.io/webappsec-csp/2/#directive-child-src-nested>.
2703         (WebCore::ContentSecurityPolicyDirectiveList::addDirective): Parse the child-src directive.
2704         * page/csp/ContentSecurityPolicyDirectiveList.h:
2705         * workers/AbstractWorker.cpp:
2706         (WebCore::AbstractWorker::resolveURL): Check if the script URL for the worker is allowed by the child-src directive
2707         as opposed to the script-src directive. This is a backwards incompatible change from the CSP 1.0 spec.
2708         * workers/Worker.cpp:
2709         (WebCore::Worker::create): Enforce the child-src directive on redirects (if applicable).
2710
2711 2016-02-12  Saam barati  <sbarati@apple.com>
2712
2713         The parser doesn't properly protect against global variable references in builtins
2714         https://bugs.webkit.org/show_bug.cgi?id=154144
2715
2716         Reviewed by Geoffrey Garen.
2717
2718         Change JS builtins to no longer reference global variables.
2719
2720         No new tests because old tests cover the issues here.
2721
2722         * Modules/mediastream/NavigatorUserMedia.js:
2723         (webkitGetUserMedia):
2724         * Modules/mediastream/RTCPeerConnection.js:
2725         (addIceCandidate):
2726         (getStats):
2727         * Modules/mediastream/RTCPeerConnectionInternals.js:
2728         (setLocalOrRemoteDescription):
2729         * Modules/plugins/QuickTimePluginReplacement.js:
2730         (Replacement.prototype.handleEvent):
2731         * Modules/streams/ByteLengthQueuingStrategy.js:
2732         (initializeByteLengthQueuingStrategy):
2733         * Modules/streams/CountQueuingStrategy.js:
2734         (initializeCountQueuingStrategy):
2735         * Modules/streams/ReadableStreamInternals.js:
2736         (teeReadableStream):
2737         * bindings/js/JSDOMGlobalObject.cpp:
2738         (WebCore::JSDOMGlobalObject::addBuiltinGlobals):
2739         * bindings/js/WebCoreBuiltinNames.h:
2740
2741 2016-02-12  Jiewen Tan  <jiewen_tan@apple.com>
2742
2743         WebKit should expose the DOM 4 Event.isTrusted property
2744         https://bugs.webkit.org/show_bug.cgi?id=76121
2745         <rdar://problem/22558494>
2746
2747         Reviewed by Darin Adler.
2748
2749         Implements Event.isTrusted. The implementation here is slitely different from and better than
2750         the DOM specification. Here Event.isTrusted will be initialized differently depending on the
2751         callers of the constructors/create methods. If the caller is from user agent, the isTrusted
2752         will be true. Otherwise, it will be false. Since a user agent dispatched event can be catched
2753         and re-initialized/redispatched by the bindings, the flag will be unset at *Event::init*Event
2754         and EventTarget::dispatchEventForBindings. As currently there is no way to let user agent to
2755         dispatch a bindings created event, therefore we ensure that the Event.isTrusted is set for
2756         events dispatched by user agent, and unset for those by bindings.
2757
2758         EventTarget::dispatchEvent(Event*, ExceptionCode&) is renamed to EventTarget::dispatchEventForBindings
2759         in this patch as well. So that, together with the improved design of the API, developers in
2760         the future will be less likely using a wrong dispatchEvent method and setting Event.isTrusted
2761         incorrectly comparing to the DOM design.
2762
2763         After this patch, all events that are created by user agent should be dispatched by
2764         EventTarget::dispatchEvent, and those are created by bindings should be dispatched by
2765         EventTarget::dispatchEventForBindings.
2766
2767         Some of the changes in this patch referred Blink r198996:
2768         https://codereview.chromium.org/1241613004
2769
2770         Test: imported/blink/fast/events/event-trusted.html
2771
2772         * bindings/scripts/CodeGeneratorGObject.pm:
2773         (GenerateEventTargetIface):
2774         * dom/Event.cpp:
2775         (WebCore::Event::Event):
2776         (WebCore::Event::initEvent):
2777         * dom/Event.h:
2778         (WebCore::Event::isTrusted):
2779         (WebCore::Event::setUntrusted):
2780         * dom/Event.idl:
2781         * dom/EventTarget.cpp:
2782         (WebCore::EventTarget::dispatchEventForBindings):
2783         (WebCore::EventTarget::dispatchEvent): Deleted.
2784         * dom/EventTarget.h:
2785         * dom/EventTarget.idl:
2786         * page/DOMWindow.idl:
2787         * page/EventHandler.cpp:
2788         (WebCore::EventHandler::dispatchDragEvent):
2789         * workers/WorkerGlobalScope.idl:
2790
2791 2016-02-12  Brady Eidson  <beidson@apple.com>
2792
2793         Modern IDB: IDBObjectStore and IDBIndex need to be ActiveDOMObjects.
2794         https://bugs.webkit.org/show_bug.cgi?id=154153
2795
2796         Reviewed by Alex Christensen.
2797
2798         No new tests (No testable change in behavior).
2799
2800         This is needed so that IDBObjectStore and IDBIndex JS wrappers are not garbage collected
2801         while their IDBTransaction is still in progress.
2802
2803         * Modules/indexeddb/client/IDBIndexImpl.cpp:
2804         (WebCore::IDBClient::IDBIndex::IDBIndex):
2805         (WebCore::IDBClient::IDBIndex::activeDOMObjectName):
2806         (WebCore::IDBClient::IDBIndex::canSuspendForDocumentSuspension):
2807         (WebCore::IDBClient::IDBIndex::hasPendingActivity):
2808         * Modules/indexeddb/client/IDBIndexImpl.h:
2809         
2810         * Modules/indexeddb/client/IDBObjectStoreImpl.cpp:
2811         (WebCore::IDBClient::IDBObjectStore::create):
2812         (WebCore::IDBClient::IDBObjectStore::IDBObjectStore):
2813         (WebCore::IDBClient::IDBObjectStore::activeDOMObjectName):
2814         (WebCore::IDBClient::IDBObjectStore::canSuspendForDocumentSuspension):
2815         (WebCore::IDBClient::IDBObjectStore::hasPendingActivity):
2816         (WebCore::IDBClient::IDBObjectStore::index):
2817         * Modules/indexeddb/client/IDBObjectStoreImpl.h:
2818         
2819         * Modules/indexeddb/client/IDBTransactionImpl.cpp:
2820         (WebCore::IDBClient::IDBTransaction::objectStore):
2821         (WebCore::IDBClient::IDBTransaction::createObjectStore):
2822         (WebCore::IDBClient::IDBTransaction::createIndex):
2823
2824 2016-02-12  Brady Eidson  <beidson@apple.com>
2825
2826         Modern IDB: Simplify the relationship between IDBObjectStore and IDBIndex.
2827         https://bugs.webkit.org/show_bug.cgi?id=154187
2828
2829         Reviewed by Alex Christensen.
2830
2831         Tests: storage/indexeddb/modern/deleteindex-3-private.html
2832                storage/indexeddb/modern/deleteindex-3.html
2833
2834         Instead of allowing IDBIndex to have two different lifecycle modes, it is now always
2835         owned by an IDBObjectStore.
2836         
2837         To support the case where an IDBIndex is deleted from its IDBObjectStore, the object
2838         store simply hangs on to deleted indexes until it is destroyed itself.
2839         
2840         * Modules/indexeddb/client/IDBIndexImpl.cpp:
2841         (WebCore::IDBClient::IDBIndex::markAsDeleted):
2842         (WebCore::IDBClient::IDBIndex::ref):
2843         (WebCore::IDBClient::IDBIndex::deref):
2844         * Modules/indexeddb/client/IDBIndexImpl.h:
2845         
2846         * Modules/indexeddb/client/IDBObjectStoreImpl.cpp:
2847         (WebCore::IDBClient::IDBObjectStore::deleteIndex):
2848         * Modules/indexeddb/client/IDBObjectStoreImpl.h:
2849
2850 2016-02-12  Myles C. Maxfield  <mmaxfield@apple.com>
2851
2852         [CSS Font Loading] Implement CSSFontFace Boilerplate
2853         https://bugs.webkit.org/show_bug.cgi?id=154145
2854
2855         Reviewed by Dean Jackson.
2856
2857         The CSS Font Loading spec[1] dictates that the FontFace object needs to have string
2858         accessors and mutators for a bunch of properties. Our CSSFontFace object currently
2859         contains this parsed information, but it isn't accessible via string-based methods.
2860         This patch adds the necessary accessors and mutators, and migrates CSSFontSelector
2861         to use these mutators where necessary.
2862
2863         There is more work to come on CSSFontFace; the next step is to create an .idl file
2864         and hook it up to our CSSFontFace object. In this patch I have left some
2865         unimplemented pieces (for example: where the spec dictates that some operation should
2866         throw a JavaScript exception) which will be implemented in a follow-up patch. This
2867         patch does not have any visible behavior change; I'm separating out the boilerplate
2868         into this patch in order to ease reviewing burden.
2869
2870         This patch separates the externally-facing JavaScript API into a new class, FontFace.
2871         This class owns a CSSFontFace, which provides the backing implementation. There will
2872         be a system of shared ownership of these objects once FontFaceSet is implemented.
2873
2874         No new tests because there is no behavior change.
2875
2876         * CMakeLists.txt: Add new files to CMake builds.
2877         * WebCore.vcxproj/WebCore.vcxproj: Ditto for Windows.
2878         * WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.
2879         * WebCore.xcodeproj/project.pbxproj: Ditto for Cocoa.
2880         * css/CSSAllInOne.cpp: Ditto for All-In-One builds.
2881         * css/CSSFontFace.cpp: Move shared code from CSSFontSelector into CSSFontFace.
2882         (WebCore::CSSFontFace::CSSFontFace):
2883         (WebCore::CSSFontFace::~CSSFontFace):
2884         (WebCore::CSSFontFace::setFamilies):
2885         (WebCore::CSSFontFace::setStyle):
2886         (WebCore::CSSFontFace::setWeight):
2887         (WebCore::CSSFontFace::setUnicodeRange):
2888         (WebCore::CSSFontFace::setVariantLigatures):
2889         (WebCore::CSSFontFace::setVariantPosition):
2890         (WebCore::CSSFontFace::setVariantCaps):
2891         (WebCore::CSSFontFace::setVariantNumeric):
2892         (WebCore::CSSFontFace::setVariantAlternates):
2893         (WebCore::CSSFontFace::setVariantEastAsian):
2894         (WebCore::CSSFontFace::setFeatureSettings):
2895         * css/CSSFontFace.h: Clean up.
2896         (WebCore::CSSFontFace::create):
2897         (WebCore::CSSFontFace::families):
2898         (WebCore::CSSFontFace::traitsMask):
2899         (WebCore::CSSFontFace::featureSettings):
2900         (WebCore::CSSFontFace::variantSettings):
2901         (WebCore::CSSFontFace::setVariantSettings):
2902         (WebCore::CSSFontFace::setTraitsMask):
2903         (WebCore::CSSFontFace::isLocalFallback):
2904         (WebCore::CSSFontFace::addRange): Deleted.
2905         (WebCore::CSSFontFace::insertFeature): Deleted.
2906         (WebCore::CSSFontFace::setVariantCommonLigatures): Deleted.
2907         (WebCore::CSSFontFace::setVariantDiscretionaryLigatures): Deleted.
2908         (WebCore::CSSFontFace::setVariantHistoricalLigatures): Deleted.
2909         (WebCore::CSSFontFace::setVariantContextualAlternates): Deleted.
2910         (WebCore::CSSFontFace::setVariantPosition): Deleted.
2911         (WebCore::CSSFontFace::setVariantCaps): Deleted.
2912         (WebCore::CSSFontFace::setVariantNumericFigure): Deleted.
2913         (WebCore::CSSFontFace::setVariantNumericSpacing): Deleted.
2914         (WebCore::CSSFontFace::setVariantNumericFraction): Deleted.
2915         (WebCore::CSSFontFace::setVariantNumericOrdinal): Deleted.
2916         (WebCore::CSSFontFace::setVariantNumericSlashedZero): Deleted.
2917         (WebCore::CSSFontFace::setVariantAlternates): Deleted.
2918         (WebCore::CSSFontFace::setVariantEastAsianVariant): Deleted.
2919         (WebCore::CSSFontFace::setVariantEastAsianWidth): Deleted.
2920         (WebCore::CSSFontFace::setVariantEastAsianRuby): Deleted.
2921         (WebCore::CSSFontFace::CSSFontFace): Deleted.
2922         * css/CSSFontSelector.cpp: Migrate shared code into CSSFontFace, and udpate
2923         to use the new API.
2924         (WebCore::appendSources):
2925         (WebCore::registerLocalFontFacesForFamily):
2926         (WebCore::CSSFontSelector::addFontFaceRule):
2927         (WebCore::computeTraitsMask): Deleted.
2928         (WebCore::createFontFace): Deleted.
2929         * css/FontFace.cpp: Added. External JavaScript API. Owns a CSSFontFace.
2930         (WebCore::FontFace::FontFace):
2931         (WebCore::FontFace::~FontFace):
2932         (WebCore::parseString):
2933         (WebCore::FontFace::setFamily):
2934         (WebCore::FontFace::setStyle):
2935         (WebCore::FontFace::setWeight):
2936         (WebCore::FontFace::setStretch):
2937         (WebCore::FontFace::setUnicodeRange):
2938         (WebCore::FontFace::setVariant):
2939         (WebCore::FontFace::setFeatureSettings):
2940         (WebCore::FontFace::family):
2941         (WebCore::FontFace::style):
2942         (WebCore::FontFace::weight):
2943         (WebCore::FontFace::stretch):
2944         (WebCore::FontFace::unicodeRange):
2945         (WebCore::FontFace::variant):
2946         (WebCore::FontFace::featureSettings):
2947         * css/FontFace.h: Added. Ditto.
2948         (WebCore::FontFace::create):
2949         * css/FontVariantBuilder.cpp: Added. Moved code here from FontVariantBuilder.h.
2950         Refactored to support a new client (CSSFontFace).
2951         (WebCore::extractFontVariantLigatures):
2952         (WebCore::extractFontVariantNumeric):
2953         (WebCore::extractFontVariantEastAsian):
2954         (WebCore::computeFontVariant):
2955         * css/FontVariantBuilder.h: Moved code from here into FontVariantBuilder.cpp.
2956         (WebCore::applyValueFontVariantLigatures): Deleted.
2957         (WebCore::applyValueFontVariantNumeric): Deleted.
2958         (WebCore::applyValueFontVariantEastAsian): Deleted.
2959         * css/StyleBuilderCustom.h: Update for new FontVariantBuilder API.
2960         (WebCore::StyleBuilderCustom::applyValueFontVariantLigatures):
2961         (WebCore::StyleBuilderCustom::applyValueFontVariantNumeric):
2962         (WebCore::StyleBuilderCustom::applyValueFontVariantEastAsian):
2963         * platform/text/TextFlags.h: Provide convenience classes.
2964         (WebCore::FontVariantLigaturesValues::FontVariantLigaturesValues):
2965         (WebCore::FontVariantNumericValues::FontVariantNumericValues):
2966         (WebCore::FontVariantEastAsianValues::FontVariantEastAsianValues):
2967
2968 2016-02-12  Jer Noble  <jer.noble@apple.com>
2969
2970         Build fix after r196506; publish MediaResourceLoader.h as a private header so it can be used by
2971         TestWebKitAPI.
2972
2973         * WebCore.xcodeproj/project.pbxproj:
2974
2975 2016-02-11  Jer Noble  <jer.noble@apple.com>
2976
2977         [Mac] Adopt MediaResourceLoader (instead of CachedResourceLoader) in WebCoreNSURLSession.
2978         https://bugs.webkit.org/show_bug.cgi?id=154136
2979
2980         Reviewed by Alex Christensen.
2981
2982         MediaResourceLoader already supports using CORS attribute to verify CORS access requirements
2983         when loading media resources, so use it, rather than CachedResourceLoader, as the backing for
2984         WebCoreNSURLSession.
2985
2986         * platform/network/cocoa/WebCoreNSURLSession.h:
2987         * platform/network/cocoa/WebCoreNSURLSession.mm:
2988         (-[WebCoreNSURLSession delegateQueue]):
2989         (-[WebCoreNSURLSession streamTaskWithNetService:]):
2990         (-[WebCoreNSURLSession isKindOfClass:]):
2991         (-[WebCoreNSURLSessionDataTask initWithSession:identifier:request:]):
2992         (-[WebCoreNSURLSessionDataTask _restart]):
2993         (-[WebCoreNSURLSessionDataTask _cancel]):
2994         (-[WebCoreNSURLSessionDataTask resume]):
2995         (-[WebCoreNSURLSessionDataTask _timingData]):
2996         (-[WebCoreNSURLSessionDataTask resource:receivedResponse:]):
2997         (-[WebCoreNSURLSessionDataTask resource:receivedData:length:]):
2998         (-[WebCoreNSURLSession initWithResourceLoader:delegate:delegateQueue:]): Deleted.
2999         (-[WebCoreNSURLSession loader]): Deleted.
3000         (WebCore::WebCoreNSURLSessionDataTaskClient::dataSent): Deleted.
3001         (WebCore::WebCoreNSURLSessionDataTaskClient::responseReceived): Deleted.
3002         (WebCore::WebCoreNSURLSessionDataTaskClient::dataReceived): Deleted.
3003         (WebCore::WebCoreNSURLSessionDataTaskClient::redirectReceived): Deleted.
3004         (WebCore::WebCoreNSURLSessionDataTaskClient::notifyFinished): Deleted.
3005         (-[WebCoreNSURLSessionDataTask initWithSession:identifier:URL:]): Deleted.
3006         (-[WebCoreNSURLSessionDataTask _finish]): Deleted.
3007         (-[WebCoreNSURLSessionDataTask _setDefersLoading:]): Deleted.
3008         (-[WebCoreNSURLSessionDataTask resource:sentBytes:totalBytesToBeSent:]): Deleted.
3009         (-[WebCoreNSURLSessionDataTask resource:receivedRedirect:request:]): Deleted.
3010         (-[WebCoreNSURLSessionDataTask resourceFinished:]): Deleted.
3011         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
3012         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVAssetForURL):
3013
3014 2016-02-12  Alex Christensen  <achristensen@webkit.org>
3015
3016         Fix non-internal builds when using NetworkSession
3017         https://bugs.webkit.org/show_bug.cgi?id=152285
3018
3019         * platform/spi/cf/CFNetworkSPI.h:
3020         Add SPI declaration used in r194156.
3021
3022 2016-02-12  Andreas Kling  <akling@apple.com>
3023
3024         Throw out all live resource decoded data on memory pressure / suspension.
3025         <https://webkit.org/b/154176>
3026
3027         Reviewed by Antti Koivisto.
3028
3029         When pruning live resource decoded data from the memory cache,
3030         we normally avoid pruning anything that's been painted in the last second.
3031         This is an optimization to avoid getting into image decoding loops.
3032
3033         For memory pressure / process suspension scenarios this doesn't really
3034         make sense though:
3035
3036             - In the pressure case, if we have to render again soon it'll likely
3037               be a new GIF frame which we have to decode anyway.
3038
3039             - In the process suspension case, we might *never* render again,
3040               so we should be good citizens and drop all the decoded data we can.
3041
3042         This patch makes us drop all the decoded data, recently painted or not.
3043
3044         * platform/MemoryPressureHandler.cpp:
3045         (WebCore::MemoryPressureHandler::releaseCriticalMemory):
3046
3047 2016-02-12  Gavin Barraclough  <barraclough@apple.com>
3048
3049         Separate out !allowsAccess path in JSDOMWindowCustom getOwnPropertySlot
3050         https://bugs.webkit.org/show_bug.cgi?id=154156
3051
3052         Reviewed by Chris Dumez.
3053
3054         JSDOMWindowCustom getOwnPropertySlot currently allows cross-origin access to all
3055         static properties, relying on the property to perform the access check. This is
3056         a little insecure, since it is error prone - someone could easily add a property
3057         to the static table without realizing it would be automatcially exposed.
3058
3059         Instead, add a hard-coded filter to restrict access. As a future implementation
3060         we might consider autogenerating this (the properties are already tagged in IDL,
3061         we might be able to track this in a flag on the static table).
3062
3063         By separating out the handling of the same- and cross-origin access we can
3064         simplify & make the policy being enforced much clearer.
3065
3066         * bindings/js/JSDOMBinding.cpp:
3067         (WebCore::objectToStringFunctionGetter): Deleted.
3068             - removed objectToStringFunctionGetter - this duplicated functionality of
3069               nonCachingStaticFunctionGetter.
3070         * bindings/js/JSDOMBinding.h:
3071         (WebCore::objectToStringFunctionGetter): Deleted.
3072             - removed objectToStringFunctionGetter - this duplicated functionality of
3073               nonCachingStaticFunctionGetter.
3074         * bindings/js/JSDOMWindowCustom.cpp:
3075         (WebCore::jsDOMWindowGetOwnPropertySlotDisallowAccess):
3076             - explicitly handle providing access to only the things we do want to allow cross-origin.
3077         (WebCore::JSDOMWindow::getOwnPropertySlot):
3078         (WebCore::JSDOMWindow::getOwnPropertySlotByIndex):
3079             - push all !allowsAccess handling to jsDOMWindowGetOwnPropertySlotDisallowAccess
3080         (WebCore::childFrameGetter): Deleted.
3081             - this was just a deoptimiztion - moving access into a callback saved very
3082               little & caused more work to be duplicated.
3083
3084 2016-02-12  Sukolsak Sakshuwong  <sukolsak@gmail.com>
3085
3086         Update ICU header files to version 52
3087         https://bugs.webkit.org/show_bug.cgi?id=154160
3088
3089         Reviewed by Alex Christensen.
3090
3091         Update ICU header files to version 52 to allow the use of newer APIs.
3092
3093         No new tests because there is no behavior change.
3094
3095         * icu/unicode/bytestream.h:
3096         * icu/unicode/chariter.h:
3097         * icu/unicode/localpointer.h:
3098         * icu/unicode/platform.h:
3099         * icu/unicode/ptypes.h:
3100         * icu/unicode/putil.h:
3101         * icu/unicode/rep.h:
3102         (Replaceable::Replaceable):
3103         * icu/unicode/std_string.h:
3104         * icu/unicode/strenum.h:
3105         * icu/unicode/stringpiece.h:
3106         * icu/unicode/ubrk.h:
3107         * icu/unicode/uchar.h:
3108         * icu/unicode/ucnv.h:
3109         * icu/unicode/ucol.h:
3110         * icu/unicode/ucoleitr.h:
3111         * icu/unicode/uconfig.h:
3112         * icu/unicode/ucsdet.h:
3113         * icu/unicode/uenum.h:
3114         * icu/unicode/uidna.h:
3115         * icu/unicode/uiter.h:
3116         * icu/unicode/uloc.h:
3117         * icu/unicode/umachine.h:
3118         * icu/unicode/unistr.h:
3119         (UnicodeString::UnicodeString):
3120         (UnicodeString::operator== ):
3121         (UnicodeString::startsWith):
3122         (UnicodeString::setTo):
3123         (UnicodeString::remove):
3124         (UnicodeString::replace): Deleted.
3125         (UnicodeString::extract): Deleted.
3126         (UnicodeString::char32At): Deleted.
3127         (UnicodeString::getChar32Start): Deleted.
3128         (UnicodeString::getChar32Limit): Deleted.
3129         (UnicodeString::getTerminatedBuffer): Deleted.
3130         (UnicodeString::append): Deleted.
3131         (UnicodeString::truncate): Deleted.
3132         * icu/unicode/unorm2.h:
3133         * icu/unicode/uobject.h:
3134         * icu/unicode/urename.h:
3135         * icu/unicode/uscript.h:
3136         * icu/unicode/usearch.h:
3137         * icu/unicode/uset.h:
3138         * icu/unicode/ushape.h:
3139         * icu/unicode/ustring.h:
3140         * icu/unicode/utext.h:
3141         * icu/unicode/utf.h:
3142         * icu/unicode/utf16.h:
3143         * icu/unicode/utf8.h:
3144         * icu/unicode/utf_old.h:
3145         * icu/unicode/utypes.h:
3146         * icu/unicode/uvernum.h:
3147         * icu/unicode/uversion.h:
3148
3149 2016-02-12  Andreas Kling  <akling@apple.com>
3150
3151         [Mac] BitmapImage::decodedDataIsPurgeable() is telling lies and causing massive memory usage.
3152         <https://webkit.org/b/154172>
3153
3154         Reviewed by Antti Koivisto.
3155
3156         The underlying mechanism in CoreAnimation that made this work is no longer in place.
3157
3158         Instead of keeping purgeable frames and juggling volatility bits, we were simply caching
3159         every single frame of large GIF animations, sometimes leading to monstrous memory usage.
3160
3161         Remove the code from WebCore since it's not doing at all what it means to.
3162
3163         Now iOS and Mac will behave the same again, and frame caching decisions will be
3164         made by WebKit, based on total pixel byte size.
3165
3166         * loader/cache/CachedImage.h:
3167         * loader/cache/CachedResource.h:
3168         (WebCore::CachedResource::decodedDataIsPurgeable): Deleted.
3169         * loader/cache/MemoryCache.cpp:
3170         (WebCore::MemoryCache::pruneLiveResourcesToSize): Deleted.
3171         * platform/graphics/BitmapImage.cpp:
3172         (WebCore::BitmapImage::decodedDataIsPurgeable): Deleted.
3173         (WebCore::BitmapImage::destroyDecodedDataIfNecessary): Deleted.
3174         * platform/graphics/BitmapImage.h:
3175         * platform/graphics/Image.h:
3176         (WebCore::Image::decodedDataIsPurgeable): Deleted.
3177         * platform/graphics/cg/BitmapImageCG.cpp:
3178         (WebCore::BitmapImage::decodedDataIsPurgeable): Deleted.
3179         * platform/graphics/cg/ImageSourceCG.cpp:
3180         (WebCore::ImageSource::createFrameAtIndex): Deleted.
3181
3182 2016-02-12  Brady Eidson  <beidson@apple.com>
3183
3184         Modern IDB: Ref cycle between IDBObjectStore and IDBIndex.
3185         https://bugs.webkit.org/show_bug.cgi?id=154110
3186
3187         Reviewed by Darin Adler.
3188
3189         No new tests (Currently untestable).
3190
3191         The lifetime of IDBObjectStore and IDBIndex are closely intertwined, but we have to break the ref cycle.
3192         
3193         This patch does a few semi-gnarly things:
3194         1 - Makes both IDBIndex and IDBObjectStore have a custom marking function so they can add each other as 
3195             opaque roots.
3196         2 - Adds a lock to protect IDBObjectStore's collection of referenced indexes to support #1, as GC marking
3197             can happen on any thread.
3198         3 - Makes IDBIndex not be traditionally RefCounted; Instead, IDBIndex::ref()/deref() simply ref()/deref()
3199             the owning IDBObjectStore.
3200         4 - ...Except when somebody deletes an IDBIndex from its IDBObjectStore. Once that happens, the object
3201             store no longer has a reference back to the index, but the index still needs a reference back to the
3202             object store. To support this, the IDBIndex becomes "traditionally RefCounted" while holding a ref to
3203             its IDBObjectStore.
3204
3205         * CMakeLists.txt:
3206         * WebCore.xcodeproj/project.pbxproj:
3207
3208         * Modules/indexeddb/IDBIndex.h:
3209         (WebCore::IDBIndex::isModern):
3210         * Modules/indexeddb/IDBIndex.idl:
3211         
3212         * Modules/indexeddb/IDBObjectStore.h:
3213         (WebCore::IDBObjectStore::isModern):
3214         * Modules/indexeddb/IDBObjectStore.idl:
3215         
3216         * Modules/indexeddb/client/IDBIndexImpl.cpp:
3217         (WebCore::IDBClient::IDBIndex::objectStore):
3218         (WebCore::IDBClient::IDBIndex::openCursor):
3219         (WebCore::IDBClient::IDBIndex::doCount):
3220         (WebCore::IDBClient::IDBIndex::openKeyCursor):
3221         (WebCore::IDBClient::IDBIndex::doGet):
3222         (WebCore::IDBClient::IDBIndex::doGetKey):
3223         (WebCore::IDBClient::IDBIndex::markAsDeleted):
3224         (WebCore::IDBClient::IDBIndex::ref):
3225         (WebCore::IDBClient::IDBIndex::deref):
3226         (WebCore::IDBClient::IDBIndex::create): Deleted.
3227         * Modules/indexeddb/client/IDBIndexImpl.h:
3228         (WebCore::IDBClient::IDBIndex::modernObjectStore):
3229         
3230         * Modules/indexeddb/client/IDBObjectStoreImpl.cpp:
3231         (WebCore::IDBClient::IDBObjectStore::createIndex):
3232         (WebCore::IDBClient::IDBObjectStore::index):
3233         (WebCore::IDBClient::IDBObjectStore::deleteIndex):
3234         (WebCore::IDBClient::IDBObjectStore::visitReferencedIndexes):
3235         * Modules/indexeddb/client/IDBObjectStoreImpl.h:
3236         
3237         * Modules/indexeddb/client/IDBTransactionImpl.cpp:
3238         (WebCore::IDBClient::IDBTransaction::createIndex):
3239         * Modules/indexeddb/client/IDBTransactionImpl.h:
3240         
3241         * Modules/indexeddb/legacy/LegacyIndex.cpp:
3242         (WebCore::LegacyIndex::ref):
3243         (WebCore::LegacyIndex::deref):
3244         * Modules/indexeddb/legacy/LegacyIndex.h:
3245         
3246         * bindings/js/JSIDBIndexCustom.cpp: Added.
3247         (WebCore::JSIDBIndex::visitAdditionalChildren):
3248         
3249         * bindings/js/JSIDBObjectStoreCustom.cpp:
3250         (WebCore::JSIDBObjectStore::visitAdditionalChildren):
3251
3252 2016-02-12  Csaba Osztrogonác  <ossy@webkit.org>
3253
3254         [EFL][GTK] Fix ENABLE(SVG_OTF_CONVERTER) build
3255         https://bugs.webkit.org/show_bug.cgi?id=154165
3256
3257         Reviewed by Alex Christensen.
3258
3259         * CMakeLists.txt:
3260         * css/CSSFontFaceSource.cpp:
3261         (WebCore::CSSFontFaceSource::font):
3262         * svg/SVGToOTFFontConversion.cpp:
3263         * svg/SVGToOTFFontConversion.h:
3264
3265 2016-02-12  Chris Dumez  <cdumez@apple.com>
3266
3267         Unreviewed nit fixes after r196466.
3268
3269         * Modules/speech/SpeechSynthesisUtterance.idl: Fix curly bracket
3270           placement.
3271         * bindings/scripts/CodeGeneratorJS.pm:
3272         (GenerateHeader): Use wrappableObject instead of domObject.
3273         * bindings/scripts/test/*: Rebaseline.
3274         * dom/WebKitNamedFlow.idl: Drop unnecessary #if case.
3275
3276 2016-02-12  Carlos Garcia Campos  <cgarcia@igalia.com>
3277
3278         [GTK] Properly handle classes inheriting from EventTarget
3279         https://bugs.webkit.org/show_bug.cgi?id=154158
3280
3281         Reviewed by Michael Catanzaro.
3282
3283         Instead of removing its parent we now handle the case of classes
3284         having EventTarget as parent to make them implement the interface
3285         instead.
3286
3287         * bindings/scripts/CodeGeneratorGObject.pm:
3288         (ShouldBeExposedAsInterface): Whether the parent given class
3289         should be exposed as an interface instead of a parent class.
3290         (GetParentClassName): Return Object as parent for classes having
3291         a parent that should be exposed as an interface.
3292         (GetParentImplClassName): Ditto.
3293         (GetBaseClass): Ditto.
3294         (GetParentGObjType): Ditto.
3295         (SkipFunction): Add FIXME comment.
3296         (ImplementsInterface): Helper function to check if a class
3297         implements the given interface.
3298         (GenerateCFile): Check whether the class implements EventTarget to
3299         generate the interface implementation.
3300         (GenerateInterface): Do not remove the parent class when it's EventTarget.
3301
3302 2016-02-12  Commit Queue  <commit-queue@webkit.org>
3303
3304         Unreviewed, rolling out r196470.
3305         https://bugs.webkit.org/show_bug.cgi?id=154167
3306
3307         Broke some tests (Requested by anttik on #webkit).
3308
3309         Reverted changeset:
3310
3311         "Factor class change style invalidation code into a class"
3312         https://bugs.webkit.org/show_bug.cgi?id=154163
3313         http://trac.webkit.org/changeset/196470
3314
3315 2016-02-12  Antti Koivisto  <antti@apple.com>
3316
3317         Factor class change style invalidation code into a class
3318         https://bugs.webkit.org/show_bug.cgi?id=154163
3319
3320         Reviewed by Andreas Kling.
3321
3322         Factor this piece of functionality out of Element and into ClassChangeInvalidation class.
3323
3324         * CMakeLists.txt:
3325         * WebCore.vcxproj/WebCore.vcxproj:
3326         * WebCore.xcodeproj/project.pbxproj:
3327         * dom/Element.cpp:
3328         (WebCore::classStringHasClassName):
3329         (WebCore::Element::classAttributeChanged):
3330         (WebCore::collectClasses): Deleted.
3331         (WebCore::computeClassChange): Deleted.
3332         (WebCore::invalidateStyleForClassChange): Deleted.
3333         * style/ClassChangeInvalidation.cpp: Added.
3334         (WebCore::Style::ClassChangeInvalidation::computeClassChange):
3335         (WebCore::Style::ClassChangeInvalidation::invalidateStyle):
3336         * style/ClassChangeInvalidation.h: Added.
3337         (WebCore::Style::ClassChangeInvalidation::needsInvalidation):
3338         (WebCore::Style::ClassChangeInvalidation::ClassChangeInvalidation):
3339         (WebCore::Style::ClassChangeInvalidation::~ClassChangeInvalidation):
3340
3341 2016-02-12  Csaba Osztrogonác  <ossy@webkit.org>
3342
3343         GCC buildfix in Source/WebCore/svg/SVGToOTFFontConversion.cpp
3344         https://bugs.webkit.org/show_bug.cgi?id=154162
3345
3346         Reviewed by Andreas Kling.
3347
3348         * svg/SVGToOTFFontConversion.cpp:
3349         (WebCore::SVGToOTFFontConverter::finishAppendingKERNSubtable):
3350
3351 2016-02-12  Andreas Kling  <akling@apple.com>
3352
3353         Don't invalidate the FontCache on memory pressure.
3354         <https://webkit.org/b/154161>
3355
3356         Reviewed by Antti Koivisto.
3357
3358         Invalidating the FontCache does more harm than good:
3359
3360             - Anything that's still in the cache at this point is also
3361               referenced outside the cache, thus will not actually get deleted.
3362
3363             - Future deduplication will fail, leading to more objects.
3364
3365             - The global FontCache generation gets bumped, causing future style
3366               recalcs to be less efficient and breaking style sharing.
3367
3368             - All FontSelector invalidation callbacks will fire, potentially
3369               causing forced full-document style recalcs.
3370
3371         In fact, the only win from invalidating the FontCache comes from some
3372         minor shrinkage in the containers that make up the cache itself.
3373
3374         * platform/MemoryPressureHandler.cpp:
3375         (WebCore::MemoryPressureHandler::releaseCriticalMemory): Deleted.
3376
3377 2016-02-11  Chris Dumez  <cdumez@apple.com>
3378
3379         [Web IDL] interfaces should inherit EventTarget instead of duplicating the EventTarget API
3380         https://bugs.webkit.org/show_bug.cgi?id=154121
3381         <rdar://problem/24613234>
3382
3383         Reviewed by Gavin Barraclough.
3384
3385         Interfaces should inherit EventTarget instead of duplicating the
3386         EventTarget API in their IDL. Not only the duplication is ugly and
3387         error-prone, but this also does not match the specifications and
3388         have subtle web-exposed differences.
3389
3390         This patch takes care of all interfaces except for DOMWindow and
3391         WorkerGlobalScope. Those will be updated in the follow-up patch
3392         as they will require a little bit more work and testing.
3393
3394         We should also be able to get rid of the [EventTarget] WebKit IDL
3395         attribute in a follow-up.
3396
3397         No new tests, already covered by existing tests.
3398
3399         * Modules/battery/BatteryManager.idl:
3400         * Modules/encryptedmedia/MediaKeySession.idl:
3401         * Modules/indexeddb/IDBDatabase.h:
3402         * Modules/indexeddb/IDBDatabase.idl:
3403         * Modules/indexeddb/IDBRequest.h:
3404         * Modules/indexeddb/IDBRequest.idl:
3405         * Modules/indexeddb/IDBTransaction.h:
3406         * Modules/indexeddb/IDBTransaction.idl:
3407         * Modules/mediasession/MediaRemoteControls.idl:
3408         * Modules/mediasource/MediaSource.h:
3409         * Modules/mediasource/MediaSource.idl:
3410         * Modules/mediasource/SourceBuffer.h:
3411         * Modules/mediasource/SourceBuffer.idl:
3412         * Modules/mediasource/SourceBufferList.h:
3413         * Modules/mediasource/SourceBufferList.idl:
3414         * Modules/mediastream/MediaStream.h:
3415         * Modules/mediastream/MediaStream.idl:
3416         * Modules/mediastream/MediaStreamTrack.h:
3417         * Modules/mediastream/MediaStreamTrack.idl:
3418         * Modules/mediastream/RTCDTMFSender.h:
3419         * Modules/mediastream/RTCDTMFSender.idl:
3420         * Modules/mediastream/RTCDataChannel.h:
3421         * Modules/mediastream/RTCDataChannel.idl:
3422         * Modules/mediastream/RTCPeerConnection.h:
3423         * Modules/mediastream/RTCPeerConnection.idl:
3424         * Modules/notifications/Notification.idl:
3425         * Modules/speech/SpeechSynthesisUtterance.idl:
3426         * Modules/webaudio/AudioContext.idl:
3427         * Modules/webaudio/AudioNode.idl:
3428         * Modules/websockets/WebSocket.idl:
3429         * css/FontLoader.idl:
3430         * dom/EventTarget.h:
3431         * dom/MessagePort.idl:
3432         * dom/Node.h:
3433         * dom/Node.idl:
3434         * dom/WebKitNamedFlow.idl:
3435         * fileapi/FileReader.idl:
3436         * html/MediaController.idl:
3437         * html/track/AudioTrackList.idl:
3438         * html/track/TextTrack.idl:
3439         * html/track/TextTrackCue.idl:
3440         * html/track/TextTrackList.idl:
3441         * html/track/VideoTrackList.idl:
3442         * loader/appcache/DOMApplicationCache.h:
3443         * loader/appcache/DOMApplicationCache.idl:
3444         * page/EventSource.idl:
3445         * page/Performance.h:
3446         * page/Performance.idl:
3447         * workers/Worker.idl:
3448         * xml/XMLHttpRequest.h:
3449         * xml/XMLHttpRequest.idl:
3450         * xml/XMLHttpRequestUpload.idl:
3451         - Drop hardcoded EventTarget operations and inherit EventTarget instead.
3452         - Drop JSGenerateToNativeObject / JSGenerateToJSObject IDL extended
3453           attributes for interfaces inheriting the EventTarget interface as
3454           the bindings generator now does this automatically for us.
3455         - On native side, have EventTarget subclass ScriptWrappable instead of
3456           each of its subclasses doing so. The issue was that
3457           EventTargetOwner::finalize() was calling uncacheWrapper() with an
3458           EventTarget*, which would not clear inlined cached wrapped (see
3459           clearInlineCachedWrapper()) because EventTarget did not subclass
3460           ScriptWrappable. However, cacheWrapper() is called is a specific
3461           subtype pointer (e.g. Node*) and we would decide to create an
3462           inline cached wrapper because Node subclassed ScriptWrappable
3463           (as well as EventTarget).
3464
3465         * WebCore.xcodeproj/project.pbxproj:
3466         Export JSEventTarget.h as private header to fix the build.
3467
3468         * bindings/js/JSDOMBinding.h:
3469         (WebCore::wrapperKey):
3470         (WebCore::getCachedWrapper):
3471         (WebCore::cacheWrapper):
3472         (WebCore::uncacheWrapper):
3473         Use new wrapperKey() function that is generated for each bindings
3474         class that also has wrapperOwner(). This is used instead of the
3475         C cast to void* in order to cast to the base wrapped type to fix
3476         issues with multiple inheritance. The issue was that cacheWrapper()
3477         was getting called with a DOM object subtype pointer (e.g.
3478         AudioContext*) but uncacheWrapper() was getting called with a base
3479         wrapped type pointer (e.g. EventTarget*). Most of our DOM classes
3480         use multiple inheritance and thus the pointer values (used as keys
3481         in the weak map) may differ.
3482
3483         * bindings/js/JSTrackCustom.cpp:
3484         (WebCore::toJS):
3485         Call CREATE_DOM_WRAPPER() with an actual wrapped type (e.g. AudioTrack)
3486         instead of TrackBase type. TrackBase does not have corresponding
3487         generated bindings and therefore does not have a wrapperKey()
3488         function.
3489
3490         * bindings/scripts/CodeGeneratorJS.pm:
3491         (ShouldGenerateToWrapped):
3492         (ShouldGenerateToJSDeclaration):
3493         (GenerateHeader):
3494         - Generate a wrapperKey() utility function along-side wrapperOwner()
3495           to help cast to the base wrapped type.
3496         - Generate toWrapped() / toJS() utility functions for interfaces
3497           that inherit EventTarget as those are required by our
3498           implementation and this avoids having to explicitly have them in
3499           the IDL.
3500
3501         * bindings/scripts/test/*:
3502         Rebaseline bindings tests.
3503
3504 2016-02-11  Brent Fulgham  <bfulgham@apple.com>
3505
3506         Optimize texture-complete checks
3507         https://bugs.webkit.org/show_bug.cgi?id=98308
3508
3509         Reviewed by Dean Jackson.
3510
3511         No new tests: No change in behavior.
3512
3513         * html/canvas/WebGLRenderingContextBase.cpp:
3514         (WebCore::WebGLRenderingContextBase::initializeNewContext): Initially consider all
3515         textures as suspect.
3516         (WebCore::WebGLRenderingContextBase::extensions): New helper function.
3517         (WebCore::WebGLRenderingContextBase::reshape): Mark textures as invalid when appropriate.
3518         (WebCore::WebGLRenderingContextBase::bindTexture): Identify invalid textures and mark
3519         them for later fix-up. Likewise, remove 'known good' textures from the fix-up pass.
3520         (WebCore::WebGLRenderingContextBase::deleteTexture): Remove instances of the deleted texture
3521         from our set of invalid textures.
3522         (WebCore::WebGLRenderingContextBase::checkTextureCompleteness): Only iterate through
3523         the 'bad' textures, rather than checking every single texture.
3524         * html/canvas/WebGLRenderingContextBase.h:
3525
3526 2016-02-11  Alex Christensen  <achristensen@webkit.org>
3527
3528         Assert that IDBTransaction::transitionedToFinishing transitions to finishing.
3529         https://bugs.webkit.org/show_bug.cgi?id=154061
3530
3531         * Modules/indexeddb/client/IDBTransactionImpl.cpp:
3532         (WebCore::IDBClient::IDBTransaction::transitionedToFinishing):
3533         Added assertion that we are transitioning to a finished or finishing state, based on Darin's feedback.
3534
3535 2016-02-11  Enrica Casucci  <enrica@apple.com>
3536
3537         WebContent process crashes when performing data detection on content with existing data detector links.
3538         https://bugs.webkit.org/show_bug.cgi?id=154118
3539         rdar://problem/24511860
3540
3541         Reviewed by Tim Horton.
3542
3543         The DOM mutation caused by removing the existing links, can shift the range endpoints.
3544         We now save the range enpoints as positions so that we can recreate the ranges,
3545         if a DOM mutation occurred.
3546
3547         * editing/cocoa/DataDetection.mm:
3548         (WebCore::removeResultLinksFromAnchor):
3549         (WebCore::searchForLinkRemovingExistingDDLinks):
3550         (WebCore::DataDetection::detectContentInRange):
3551
3552 2016-02-11  Jer Noble  <jer.noble@apple.com>
3553
3554         Make MediaResourceLoader behave more like a CachedResourceLoader.
3555         https://bugs.webkit.org/show_bug.cgi?id=154117
3556
3557         Reviewed by Alex Christensen.
3558
3559         MediaResourceLoader currently can only handle a single request at a time. Split the class
3560         into two, MediaResourceLoader and MediaResource, effectively wrapping CachedResourceLoader
3561         and CachedRawResource respectively. With this devision, the same loader can be used to issue
3562         multiple simultaneous resource requests.
3563
3564         This necessecitates splitting PlatformMediaResource into two classes as well.  To simplify
3565         the HTMLMediaElement, MediaPlayer, and MediaPlayerClient APIs, do not require a client
3566         object when creating the loader; instead, the client is required to create the resource.
3567         This also matches the CachedRawResource API.
3568
3569         * html/HTMLMediaElement.cpp:
3570         (WebCore::HTMLMediaElement::mediaPlayerCreateResourceLoader): Remove the client parameter.
3571         * html/HTMLMediaElement.h:
3572         * loader/MediaResourceLoader.cpp:
3573         (WebCore::MediaResourceLoader::MediaResourceLoader):
3574         (WebCore::MediaResourceLoader::~MediaResourceLoader):
3575         (WebCore::MediaResourceLoader::requestResource): Renamed from start().
3576         (WebCore::MediaResourceLoader::removeResource): Remove resource from live resource list.
3577         (WebCore::MediaResource::create): Utility factory.
3578         (WebCore::MediaResource::MediaResource):
3579         (WebCore::MediaResource::~MediaResource):
3580         (WebCore::MediaResource::stop): Moved from MediaResourceLoader.
3581         (WebCore::MediaResource::setDefersLoading): Ditto.
3582         (WebCore::MediaResource::responseReceived): Ditto.
3583         (WebCore::MediaResource::redirectReceived): Ditto.
3584         (WebCore::MediaResource::dataSent): Ditto.
3585         (WebCore::MediaResource::dataReceived): Ditto.
3586         (WebCore::MediaResource::notifyFinished): Ditto.
3587         (WebCore::MediaResource::getOrCreateReadBuffer): Ditto.
3588         * loader/MediaResourceLoader.h:
3589         * platform/graphics/MediaPlayer.cpp:
3590         (WebCore::MediaPlayer::createResourceLoader):
3591         * platform/graphics/MediaPlayer.h:
3592         (WebCore::MediaPlayerClient::mediaPlayerCreateResourceLoader):
3593         * platform/graphics/PlatformMediaResourceLoader.h:
3594         (WebCore::PlatformMediaResourceClient::~PlatformMediaResourceClient): Renamed from PlatformMediaResourceLoaderClient.
3595         (WebCore::PlatformMediaResourceClient::responseReceived): Client methods now take a reference to the resource.
3596         (WebCore::PlatformMediaResourceClient::redirectReceived): Ditto.
3597         (WebCore::PlatformMediaResourceClient::dataSent): Ditto. 
3598         (WebCore::PlatformMediaResourceClient::dataReceived): Ditto.
3599         (WebCore::PlatformMediaResourceClient::accessControlCheckFailed): Ditto.
3600         (WebCore::PlatformMediaResourceClient::loadFailed): Ditto.
3601         (WebCore::PlatformMediaResourceClient::loadFinished): Ditto.
3602         (WebCore::PlatformMediaResourceClient::getOrCreateReadBuffer): Ditto.
3603         (WebCore::PlatformMediaResourceLoader::PlatformMediaResourceLoader): Ditto.
3604         (WebCore::PlatformMediaResource::PlatformMediaResource): 
3605         (WebCore::PlatformMediaResource::~PlatformMediaResource): 
3606         (WebCore::PlatformMediaResource::setClient):
3607         * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
3608         (webKitWebSrcStart):
3609         (webKitWebSrcNeedData):
3610         (webKitWebSrcEnoughData):
3611         (CachedResourceStreamingClient::getOrCreateReadBuffer):
3612         (CachedResourceStreamingClient::responseReceived):
3613         (CachedResourceStreamingClient::dataReceived):
3614         (CachedResourceStreamingClient::accessControlCheckFailed):
3615         (CachedResourceStreamingClient::loadFailed):
3616         (CachedResourceStreamingClient::loadFinished):
3617
3618 2016-02-11  Zalan Bujtas  <zalan@apple.com>
3619
3620         Subpixel rendering: Make focusring painting subpixel aware.
3621         https://bugs.webkit.org/show_bug.cgi?id=154111
3622
3623         Reviewed by David Hyatt.
3624
3625         Do not integral snap focusring rects while collecting them (use device pixel snapping instead
3626         right before passing them to GraphicsContext::drawFocusRing).
3627
3628         Unable to test.
3629
3630         * platform/graphics/GraphicsContext.h:
3631         * platform/graphics/displaylists/DisplayListItems.h:
3632         (WebCore::DisplayList::DrawFocusRingRects::create):
3633         (WebCore::DisplayList::DrawFocusRingRects::rects):
3634         (WebCore::DisplayList::DrawFocusRingRects::DrawFocusRingRects):
3635         * platform/graphics/displaylists/DisplayListRecorder.cpp:
3636         (WebCore::DisplayList::Recorder::drawFocusRing):
3637         * platform/graphics/displaylists/DisplayListRecorder.h:
3638         * platform/graphics/mac/GraphicsContextMac.mm:
3639         (WebCore::GraphicsContext::drawFocusRing):
3640         * rendering/RenderBlock.cpp:
3641         (WebCore::RenderBlock::addFocusRingRectsForInlineChildren):
3642         (WebCore::RenderBlock::addFocusRingRects):
3643         * rendering/RenderBlock.h:
3644         * rendering/RenderBlockFlow.cpp:
3645         (WebCore::RenderBlockFlow::addFocusRingRectsForInlineChildren):
3646         * rendering/RenderBlockFlow.h:
3647         * rendering/RenderBox.cpp:
3648         (WebCore::RenderBox::addFocusRingRects):
3649         * rendering/RenderBox.h:
3650         * rendering/RenderElement.cpp:
3651         (WebCore::RenderElement::paintFocusRing):
3652         (WebCore::RenderElement::issueRepaintForOutlineAuto):
3653         * rendering/RenderInline.cpp:
3654         (WebCore::RenderInline::absoluteRects):
3655         (WebCore::RenderInline::addFocusRingRects):
3656         * rendering/RenderInline.h:
3657         * rendering/RenderListBox.cpp:
3658         (WebCore::RenderListBox::addFocusRingRects):
3659         * rendering/RenderListBox.h:
3660         * rendering/RenderObject.cpp:
3661         (WebCore::RenderObject::addPDFURLRect):
3662         (WebCore::RenderObject::absoluteFocusRingQuads):
3663         * rendering/RenderObject.h:
3664         (WebCore::RenderObject::addFocusRingRects):
3665         * rendering/RenderTextControl.cpp:
3666         (WebCore::RenderTextControl::addFocusRingRects):
3667         * rendering/RenderTextControl.h:
3668         * rendering/svg/RenderSVGContainer.cpp:
3669         (WebCore::RenderSVGContainer::addFocusRingRects):
3670         * rendering/svg/RenderSVGContainer.h:
3671         * rendering/svg/RenderSVGImage.cpp:
3672         (WebCore::RenderSVGImage::addFocusRingRects):
3673         * rendering/svg/RenderSVGImage.h:
3674         * rendering/svg/RenderSVGShape.cpp:
3675         (WebCore::RenderSVGShape::addFocusRingRects):
3676         * rendering/svg/RenderSVGShape.h:
3677
3678 2016-02-11  Myles C. Maxfield  <mmaxfield@apple.com>
3679
3680         Addressing post-review comments after r196393
3681
3682         Unreviewed.
3683
3684         * css/CSSFontSelector.cpp:
3685         (WebCore::CSSFontSelector::getFontFace):
3686         * css/CSSSegmentedFontFace.h:
3687
3688 2016-02-11  Antti Koivisto  <antti@apple.com>
3689
3690         Rename Element::style() to Element::cssomStyle()
3691         https://bugs.webkit.org/show_bug.cgi?id=154107
3692
3693         Reviewed by Alex Christensen.
3694
3695         It implements the IDL "style" attribute that returns a CSSOM object.
3696         Inside WebCore "style" generally refers to a RenderStyle.
3697
3698         * dom/Element.cpp:
3699         (WebCore::Element::hasAttributeNS):
3700         (WebCore::Element::cssomStyle):
3701         (WebCore::Element::focus):
3702         (WebCore::Element::style): Deleted.
3703         * dom/Element.h:
3704         (WebCore::Element::tagQName):
3705         * dom/Element.idl:
3706         * dom/StyledElement.cpp:
3707         (WebCore::StyledElement::~StyledElement):
3708         (WebCore::StyledElement::cssomStyle):
3709         (WebCore::StyledElement::style): Deleted.
3710         * dom/StyledElement.h:
3711         (WebCore::StyledElement::synchronizeStyleAttributeInternal):
3712         (WebCore::StyledElement::collectStyleForPresentationAttribute):
3713         * editing/Editor.cpp:
3714         (WebCore::Editor::applyEditingStyleToElement):
3715         * inspector/InspectorCSSAgent.cpp:
3716         (WebCore::InspectorCSSAgent::getMatchedStylesForNode):
3717         (WebCore::InspectorCSSAgent::getInlineStylesForNode):
3718         (WebCore::InspectorCSSAgent::asInspectorStyleSheet):
3719         * inspector/InspectorStyleSheet.cpp:
3720         (WebCore::InspectorStyleSheetForInlineStyle::didModifyElementAttribute):
3721         (WebCore::InspectorStyleSheetForInlineStyle::inlineStyle):
3722         (WebCore::InspectorStyleSheetForInlineStyle::elementStyleText):
3723         * svg/SVGElement.idl:
3724
3725 2016-02-11  Konstantin Tokarev  <annulen@yandex.ru>
3726
3727         [cmake] Consolidate TextureMapper file and include dir lists.
3728         https://bugs.webkit.org/show_bug.cgi?id=154106
3729
3730         Reviewed by Michael Catanzaro.
3731
3732         No new tests needed.
3733
3734         * CMakeLists.txt: Moved texmap include dir and source list to
3735         TextureMapper.cmake, removed non-existent include dir "filters/texmap".
3736         * PlatformEfl.cmake: Moved texmap and coordinatedgraphics include
3737         dirs and source list to TextureMapper.cmake.
3738         * PlatformGTK.cmake: Ditto, also removed non-existent include dir
3739         "texmap/threadedcompositor"
3740         * PlatformWinCairo.cmake: Moved texmap files to TextureMapper.cmake.
3741         * platform/TextureMapper.cmake: Added.
3742
3743 2016-02-11  Chris Dumez  <cdumez@apple.com>
3744
3745         Move 'length' property to the prototype
3746         https://bugs.webkit.org/show_bug.cgi?id=154051
3747         <rdar://problem/24577385>
3748
3749         Reviewed by Darin Adler.
3750
3751         Move 'length' property to the prototype, where it should be. We used to
3752         keep it on the instance because our implementation of
3753         getOwnPropertySlot() was wrong for interfaces with a named property
3754         getter. However, our implementation of getOwnPropertySlot() is now
3755         spec-compliant so this should be OK.
3756
3757         Moving 'length' to the prototype is also a little bit risky in terms of
3758         performance, especially for HTMLCollection / NodeList. However, I did
3759         not see an impact on realistic benchmarks like Speedometer and only saw
3760         a small impact (< 5%) on micro-benchmarks. I propose we make our behavior
3761         correct and monitor performance. If we see any benchmark we care about
3762         regress then we should try and optimize while keeping the attribute on
3763         the prototype.
3764
3765         No new tests, already covered by existing tests.
3766
3767         * bindings/js/JSDOMBinding.h:
3768         (WebCore::getStaticValueSlotEntryWithoutCaching):
3769         * bindings/js/JSHTMLDocumentCustom.cpp:
3770         (WebCore::JSHTMLDocument::getOwnPropertySlot):
3771         (WebCore::JSHTMLDocument::nameGetter): Deleted.
3772         * bindings/js/JSLocationCustom.cpp:
3773         (WebCore::JSLocation::putDelegate):
3774         * bindings/js/JSPluginElementFunctions.h:
3775         (WebCore::pluginElementCustomGetOwnPropertySlot):
3776         * bindings/js/JSStorageCustom.cpp:
3777         (WebCore::JSStorage::deleteProperty):
3778         (WebCore::JSStorage::deletePropertyByIndex):
3779         (WebCore::JSStorage::putDelegate):
3780         Leverage the new hasStaticPropertyTable static property in the
3781         generated bindings for performance.
3782
3783         * bindings/scripts/CodeGeneratorJS.pm:
3784         (GenerateHeader):
3785         Generate a "hasStaticPropertyTable" static const boolean property
3786         for each bindings class so we can check at build time if
3787         ClassInfo::staticPropHashTable is null.
3788
3789         (AttributeShouldBeOnInstance):
3790         Move "length" to the prototype.
3791
3792         * bindings/scripts/test/JS/JSTestActiveDOMObject.h:
3793         * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.h:
3794         * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.h:
3795         * bindings/scripts/test/JS/JSTestCustomNamedGetter.h:
3796         * bindings/scripts/test/JS/JSTestEventConstructor.h:
3797         * bindings/scripts/test/JS/JSTestEventTarget.h:
3798         * bindings/scripts/test/JS/JSTestException.h:
3799         * bindings/scripts/test/JS/JSTestGenerateIsReachable.h:
3800         * bindings/scripts/test/JS/JSTestInterface.h:
3801         * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.h:
3802         * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
3803         * bindings/scripts/test/JS/JSTestNamedConstructor.h:
3804         * bindings/scripts/test/JS/JSTestNode.h:
3805         * bindings/scripts/test/JS/JSTestNondeterministic.h:
3806         * bindings/scripts/test/JS/JSTestObj.h:
3807         * bindings/scripts/test/JS/JSTestOverloadedConstructors.h:
3808         * bindings/scripts/test/JS/JSTestOverrideBuiltins.h:
3809         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
3810         * bindings/scripts/test/JS/JSTestTypedefs.h:
3811         * bindings/scripts/test/JS/JSattribute.h:
3812         * bindings/scripts/test/JS/JSreadonly.h:
3813         Rebaseline bindings tests.
3814
3815
3816 2016-02-11  Csaba Osztrogonác  <ossy@webkit.org>
3817
3818         Fix the !(ENABLE(SHADOW_DOM) || ENABLE(DETAILS_ELEMENT)) after r196281
3819         https://bugs.webkit.org/show_bug.cgi?id=154035
3820
3821         Reviewed by Antti Koivisto.
3822
3823         Follow-up fix after r196365. Removed guards around slotNodeIndex.
3824
3825         * dom/ComposedTreeIterator.h:
3826         (WebCore::ComposedTreeIterator::Context::Context):
3827
3828 2016-02-10  Ryan Haddad  <ryanhaddad@apple.com>
3829
3830         Updating bindings test reference file for JSTestEventConstructor.cpp after r196400
3831
3832         Unreviewed test gardening.
3833
3834         No new tests needed.
3835
3836         * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
3837         (WebCore::JSTestEventConstructorConstructor::construct):
3838
3839 2016-02-10  Eric Carlson  <eric.carlson@apple.com>
3840
3841         Update "manual" caption track logic
3842         https://bugs.webkit.org/show_bug.cgi?id=154084
3843         <rdar://problem/24530516>
3844
3845         Reviewed by Dean Jackson.
3846
3847         No new tests, media/track/track-manual-mode.html was updated.
3848
3849         * English.lproj/Localizable.strings: Add new string.
3850
3851         * html/HTMLMediaElement.cpp:
3852         (WebCore::HTMLMediaElement::addTextTrack): track.setManualSelectionMode is no more.
3853         (WebCore::HTMLMediaElement::configureTextTrackGroup): Never enable a track automatically when
3854           in manual selection mode.
3855         (WebCore::HTMLMediaElement::captionPreferencesChanged):  track.setManualSelectionMode is no more.
3856
3857         * html/track/TextTrack.cpp:
3858         (WebCore::TextTrack::containsOnlyForcedSubtitles): Return true for forced tracks.
3859         (WebCore::TextTrack::kind): Deleted.
3860         * html/track/TextTrack.h:
3861
3862         * html/track/TrackBase.h:
3863         (WebCore::TrackBase::kind): De-virtualize, nobody overrides it.
3864
3865         * page/CaptionUserPreferencesMediaAF.cpp:
3866         (WebCore::trackDisplayName): Include "forced" in the name of forced tracks.
3867
3868         * platform/LocalizedStrings.cpp:
3869         (WebCore::forcedTrackMenuItemText): New.
3870         * platform/LocalizedStrings.h:
3871
3872 2016-02-10  Jiewen Tan  <jiewen_tan@apple.com>
3873
3874         Rename *Event::create* which creates events for bindings to *Event::createForBindings* and cleanup corresponding paths
3875         https://bugs.webkit.org/show_bug.cgi?id=153903
3876         <rdar://problem/24518146>
3877
3878         Reviewed by Darin Adler.
3879
3880         Rename Event::create(const AtomicString&, const EventInit&) to Event::createForBindings
3881         (const AtomicString&, const EventInit&) and for all the subclasses as well in order to
3882         support Event.isTrusted. Besides, some of the subclasses use the create method for bindings
3883         to create events not for bindings and vice versa. Therefore, this patch also cleanup
3884         corresponding paths to ensure no misuse of the create mehtod. The same for Event::create()
3885         as it is combined with Event::initEvent to create an event for bindings for legacy content.
3886
3887         After this patch, all call sites of *Event::create* are supposed to use *Event::create
3888         to create events for user agent and *Event::createForBindings for bindings.
3889
3890         No change in behavior.
3891
3892         * Modules/airplay/WebKitPlaybackTargetAvailabilityEvent.h:
3893         (WebCore::WebKitPlaybackTargetAvailabilityEvent::create):
3894         (WebCore::WebKitPlaybackTargetAvailabilityEvent::createForBindings):
3895         (WebCore::WebKitPlaybackTargetAvailabilityEventInit::WebKitPlaybackTargetAvailabilityEventInit): Deleted.
3896         * Modules/encryptedmedia/MediaKeyMessageEvent.cpp:
3897         (WebCore::MediaKeyMessageEvent::MediaKeyMessageEvent):
3898         (WebCore::MediaKeyMessageEventInit::MediaKeyMessageEventInit): Deleted.
3899         * Modules/encryptedmedia/MediaKeyMessageEvent.h:
3900         (WebCore::MediaKeyMessageEvent::create):
3901         (WebCore::MediaKeyMessageEvent::createForBindings):
3902         * Modules/encryptedmedia/MediaKeyNeededEvent.cpp:
3903         (WebCore::MediaKeyNeededEvent::MediaKeyNeededEvent):
3904         (WebCore::MediaKeyNeededEventInit::MediaKeyNeededEventInit): Deleted.
3905         * Modules/encryptedmedia/MediaKeyNeededEvent.h:
3906         (WebCore::MediaKeyNeededEvent::create):
3907         (WebCore::MediaKeyNeededEvent::createForBindings):
3908         * Modules/encryptedmedia/MediaKeySession.cpp:
3909         (WebCore::MediaKeySession::sendMessage):
3910         * Modules/gamepad/GamepadEvent.h:
3911         (WebCore::GamepadEvent::create):
3912         (WebCore::GamepadEvent::createForBindings):
3913         (WebCore::GamepadEventInit::GamepadEventInit): Deleted.
3914         * Modules/indieui/UIRequestEvent.cpp:
3915         (WebCore::UIRequestEvent::createForBindings):
3916         (WebCore::UIRequestEvent::UIRequestEvent):
3917         (WebCore::UIRequestEventInit::UIRequestEventInit): Deleted.
3918         (WebCore::UIRequestEvent::create): Deleted.
3919         * Modules/indieui/UIRequestEvent.h:
3920         * Modules/mediastream/MediaStreamEvent.cpp:
3921         (WebCore::MediaStreamEvent::createForBindings):
3922         (WebCore::MediaStreamEventInit::MediaStreamEventInit): Deleted.
3923         (WebCore::MediaStreamEvent::create): Deleted.
3924         * Modules/mediastream/MediaStreamEvent.h:
3925         * Modules/mediastream/MediaStreamTrackEvent.cpp:
3926         (WebCore::MediaStreamTrackEvent::createForBindings):
3927         (WebCore::MediaStreamTrackEventInit::MediaStreamTrackEventInit): Deleted.
3928         (WebCore::MediaStreamTrackEvent::create): Deleted.
3929         * Modules/mediastream/MediaStreamTrackEvent.h:
3930         * Modules/mediastream/RTCDTMFToneChangeEvent.cpp:
3931         (WebCore::RTCDTMFToneChangeEvent::createForBindings):
3932         (WebCore::RTCDTMFToneChangeEvent::create): Deleted.
3933         * Modules/mediastream/RTCDTMFToneChangeEvent.h:
3934         * Modules/mediastream/RTCDataChannelEvent.cpp:
3935         (WebCore::RTCDataChannelEvent::createForBindings):
3936         (WebCore::RTCDataChannelEvent::create): Deleted.
3937         * Modules/mediastream/RTCDataChannelEvent.h:
3938         * Modules/mediastream/RTCIceCandidateEvent.cpp:
3939         (WebCore::RTCIceCandidateEvent::createForBindings):
3940         (WebCore::RTCIceCandidateEvent::create): Deleted.
3941         * Modules/mediastream/RTCIceCandidateEvent.h:
3942         * Modules/mediastream/RTCTrackEvent.cpp:
3943         (WebCore::RTCTrackEvent::createForBindings):
3944         (WebCore::RTCTrackEventInit::RTCTrackEventInit): Deleted.
3945         (WebCore::RTCTrackEvent::create): Deleted.
3946         * Modules/mediastream/RTCTrackEvent.h:
3947         * Modules/speech/SpeechSynthesisEvent.cpp:
3948         (WebCore::SpeechSynthesisEvent::createForBindings):
3949         (WebCore::SpeechSynthesisEvent::create):
3950         (WebCore::SpeechSynthesisEvent::SpeechSynthesisEvent):
3951         * Modules/speech/SpeechSynthesisEvent.h:
3952         * Modules/webaudio/AudioProcessingEvent.cpp:
3953         (WebCore::AudioProcessingEvent::create): Deleted.
3954         * Modules/webaudio/AudioProcessingEvent.h:
3955         (WebCore::AudioProcessingEvent::create):
3956         (WebCore::AudioProcessingEvent::createForBindings):
3957         * Modules/webaudio/OfflineAudioCompletionEvent.cpp:
3958         (WebCore::OfflineAudioCompletionEvent::createForBindings):
3959         (WebCore::OfflineAudioCompletionEvent::create): Deleted.
3960         * Modules/webaudio/OfflineAudioCompletionEvent.h:
3961         * Modules/websockets/CloseEvent.h:
3962         (WebCore::CloseEvent::create):
3963         (WebCore::CloseEvent::createForBindings):
3964         (WebCore::CloseEvent::CloseEvent):
3965         (WebCore::CloseEventInit::CloseEventInit): Deleted.
3966         * bindings/objc/DOM.mm:
3967         (-[DOMNode nextFocusNode]):
3968         (-[DOMNode previousFocusNode]):
3969         * bindings/scripts/CodeGeneratorJS.pm:
3970         (GenerateConstructorDefinition):
3971         * dom/AnimationEvent.cpp:
3972         (WebCore::AnimationEventInit::AnimationEventInit): Deleted.
3973         * dom/AnimationEvent.h:
3974         * dom/BeforeLoadEvent.h:
3975         (WebCore::BeforeLoadEventInit::BeforeLoadEventInit): Deleted.
3976         * dom/ClipboardEvent.h:
3977         * dom/CompositionEvent.cpp:
3978         (WebCore::CompositionEventInit::CompositionEventInit): Deleted.
3979         * dom/CompositionEvent.h:
3980         * dom/CustomEvent.cpp:
3981         (WebCore::CustomEventInit::CustomEventInit): Deleted.
3982         * dom/CustomEvent.h:
3983         * dom/DeviceMotionEvent.h:
3984         * dom/DeviceOrientationEvent.h:
3985         * dom/Document.cpp:
3986         (WebCore::Document::createEvent):
3987         * dom/Element.cpp:
3988         (WebCore::Element::dispatchMouseEvent):
3989         * dom/ErrorEvent.cpp:
3990         (WebCore::ErrorEventInit::ErrorEventInit): Deleted.
3991         * dom/ErrorEvent.h:
3992         * dom/Event.cpp:
3993         (WebCore::EventInit::EventInit): Deleted.
3994         * dom/Event.h:
3995         (WebCore::Event::createForBindings):
3996         (WebCore::Event::create): Deleted.
3997         * dom/FocusEvent.cpp:
3998         (WebCore::FocusEventInit::FocusEventInit): Deleted.
3999         * dom/FocusEvent.h:
4000         * dom/HashChangeEvent.h:
4001         (WebCore::HashChangeEventInit::HashChangeEventInit): Deleted.
4002         * dom/KeyboardEvent.cpp:
4003         (WebCore::KeyboardEvent::KeyboardEvent):
4004         (WebCore::KeyboardEventInit::KeyboardEventInit): Deleted.
4005         * dom/KeyboardEvent.h:
4006         * dom/MessageEvent.cpp:
4007         (WebCore::MessageEvent::MessageEvent):
4008         (WebCore::MessageEventInit::MessageEventInit): Deleted.
4009         * dom/MessageEvent.h:
4010         * dom/MouseEvent.cpp:
4011         (WebCore::MouseEvent::createForBindings):
4012        &