Move resumeAnimations to use Internals interface
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2012-05-10  Gyuyoung Kim  <gyuyoung.kim@samsung.com>
2
3         Move resumeAnimations to use Internals interface
4         https://bugs.webkit.org/show_bug.cgi?id=86063
5
6         Reviewed by Alexey Proskuryakov.
7
8         Add resumeAnimations functions, because it is able to work in the
9         cross-port way through the Internals interface.
10
11         No new tests, since we are improving here the infra-structure for testing
12         a specific method.
13
14         * testing/Internals.cpp:
15         (WebCore::Internals::resumeAnimations):
16         (WebCore):
17         * testing/Internals.h:
18         (Internals):
19         * testing/Internals.idl:
20
21 2012-05-10  Min Qin  <qinmin@google.com>
22
23         split MediaPlayer::enterFullscreen into 2 seperate functions
24         https://bugs.webkit.org/show_bug.cgi?id=86052
25
26         Reviewed by Benjamin Poulain.
27
28         It is confusing that enterFullscreen returns a boolean while exitFullscreen does
29         not do the same. And ios does not need the return value.
30         So remove the return value on enterFullscreen and make a seperate canEnterFullscreen()
31         function for android.
32         No tests as there are no behavior change, just refactoring.
33
34         * platform/graphics/MediaPlayer.cpp:
35         (WebCore::MediaPlayer::enterFullscreen):
36         (WebCore):
37         (WebCore::MediaPlayer::canEnterFullscreen):
38         * platform/graphics/MediaPlayer.h:
39         (MediaPlayer):
40         * platform/graphics/MediaPlayerPrivate.h:
41         (WebCore::MediaPlayerPrivateInterface::enterFullscreen):
42         (MediaPlayerPrivateInterface):
43         (WebCore::MediaPlayerPrivateInterface::canEnterFullscreen):
44
45 2012-05-10  Sheriff Bot  <webkit.review.bot@gmail.com>
46
47         Unreviewed, rolling out r116715.
48         http://trac.webkit.org/changeset/116715
49         https://bugs.webkit.org/show_bug.cgi?id=86172
50
51         Broke http/tests/security/cross-frame-access-selection.html
52         (Requested by tkent on #webkit).
53
54         * dom/Document.cpp:
55         (WebCore):
56         (WebCore::Document::getSelection):
57         * dom/Document.h:
58         (Document):
59         * dom/ShadowRoot.cpp:
60         (WebCore::ShadowRoot::selection):
61         * dom/TreeScope.cpp:
62         (WebCore::TreeScope::~TreeScope):
63         * dom/TreeScope.h:
64         (WebCore):
65         (TreeScope):
66         * page/DOMSelection.cpp:
67         (WebCore::DOMSelection::DOMSelection):
68         * page/DOMSelection.h:
69         (WebCore):
70         (WebCore::DOMSelection::create):
71         (DOMSelection):
72         * page/DOMWindow.cpp:
73         (WebCore::DOMWindow::~DOMWindow):
74         (WebCore::DOMWindow::clearDOMWindowProperties):
75         (WebCore::DOMWindow::getSelection):
76         * page/DOMWindow.h:
77         (DOMWindow):
78
79 2012-05-10  Hajime Morrita  <morrita@google.com>
80
81         WebKit should support tab-size.
82         https://bugs.webkit.org/show_bug.cgi?id=52994
83
84         - Added boilerplate for "tab-size" CSS property.
85         - Added RenderStye::tabSize() as a RareInheritedData.
86         - Replaced TextRun::m_allowTabs into TextRun::m_tabSize.
87
88         Reviewed by Simon Fraser.
89
90         Tests: fast/css/tab-size-expected.html
91                fast/css/tab-size.html
92
93         * css/CSSComputedStyleDeclaration.cpp:
94         (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
95         * css/CSSParser.cpp:
96         (WebCore::CSSParser::parseValue):
97         * css/CSSProperty.cpp:
98         (WebCore::CSSProperty::isInheritedProperty):
99         * css/CSSPropertyNames.in:
100         * css/CSSStyleSelector.cpp:
101         (WebCore::CSSStyleSelector::applyProperty):
102         * html/canvas/CanvasRenderingContext2D.cpp:
103         (WebCore::CanvasRenderingContext2D::drawTextInternal):
104         * platform/chromium/PopupListBox.cpp:
105         (WebCore::PopupListBox::paintRow):
106         * platform/graphics/Font.h:
107         (WebCore::Font::tabWidth):
108         * platform/graphics/TextRun.h:
109         (WebCore::TextRun::TextRun):
110         (WebCore::TextRun::allowTabs):
111         (WebCore::TextRun::tabSize):
112         (WebCore::TextRun::setTabSize):
113         * platform/graphics/WidthIterator.cpp:
114         (WebCore::WidthIterator::advance):
115         * platform/graphics/mac/ComplexTextController.cpp:
116         (WebCore::ComplexTextController::adjustGlyphsAndAdvances):
117         * platform/win/PopupMenuWin.cpp:
118         (WebCore::PopupMenuWin::paint):
119         * rendering/InlineTextBox.cpp:
120         (WebCore::InlineTextBox::constructTextRun):
121         * rendering/RenderBlock.cpp:
122         (WebCore::RenderBlock::constructTextRun):
123         * rendering/RenderBlockLineLayout.cpp:
124         (WebCore::textWidth):
125         (WebCore::tryHyphenating):
126         * rendering/RenderText.cpp:
127         (WebCore::RenderText::widthFromCache):
128         (WebCore::RenderText::computePreferredLogicalWidths):
129         (WebCore::RenderText::width):
130         * rendering/RenderText.h:
131         * rendering/style/RenderStyle.cpp:
132         (WebCore::RenderStyle::diff):
133         * rendering/style/RenderStyle.h:
134         (WebCore::RenderStyleBitfields::tabSize):
135         (WebCore::RenderStyleBitfields::collapsedTabSize):
136         (WebCore::RenderStyleBitfields::setTabSize):
137         (WebCore::RenderStyleBitfields::initialTabSize):
138         * rendering/style/StyleRareInheritedData.cpp:
139         (WebCore::StyleRareInheritedData::StyleRareInheritedData):
140         (WebCore::StyleRareInheritedData::operator==):
141         * rendering/style/StyleRareInheritedData.h:
142         * rendering/svg/SVGInlineTextBox.cpp:
143         (WebCore::SVGInlineTextBox::constructTextRun):
144         * rendering/svg/SVGTextMetrics.cpp:
145         (WebCore::constructTextRun):
146
147 2012-05-10  Antoine Labour  <piman@chromium.org>
148
149         Sync with impl thread when removing references to external textures
150         https://bugs.webkit.org/show_bug.cgi?id=86054
151
152         We want to ensure the client side is safe to release textures, so we
153         sync with the impl thread when:
154         - we change the texture (and we had one)
155         - the layer is removed from the tree (and we had a texture)
156         - the layer is destroyed (and we had a texture)
157
158         Reviewed by James Robinson.
159
160         Test: TextureLayerChromiumTest.
161
162         * platform/graphics/chromium/TextureLayerChromium.cpp:
163         (WebCore::TextureLayerChromium::~TextureLayerChromium):
164         (WebCore::TextureLayerChromium::setTextureId):
165         (WebCore::TextureLayerChromium::setLayerTreeHost):
166         (WebCore):
167         * platform/graphics/chromium/TextureLayerChromium.h:
168         (TextureLayerChromium):
169
170 2012-05-10  Kent Tamura  <tkent@chromium.org>
171
172         [Chromium] attempt to build fix for Chromium-mac.
173         r116697 introduced an override of a system function. It's intentional
174         and WebCoreTextFieldCell should be in the whitelist.
175
176         * WebCore.gyp/WebCore.gyp:
177
178 2012-05-10  Anders Carlsson  <andersca@apple.com>
179
180         PDF files won't scroll in Safari when using Adobe plug-in
181         https://bugs.webkit.org/show_bug.cgi?id=86167
182         <rdar://problem/11389719>
183
184         Reviewed by Sam Weinig.
185
186         * page/scrolling/ScrollingCoordinator.cpp:
187         (WebCore::computeNonFastScrollableRegion):
188         Loop over the frame view children looking for plug-in views that want wheel events
189         and add them to the non-fast scrollable region. Ideally, the plug-ins should be added
190         to the set of scrollable areas, but PluginView in WebKit2 is not a ScrollableArea yet.
191
192         * plugins/PluginViewBase.h:
193         (PluginViewBase):
194         (WebCore::PluginViewBase::wantsWheelEvents):
195
196 2012-05-10  Alexey Proskuryakov  <ap@apple.com>
197
198         Crash in 3rd party WebKit apps that disable cache at a wrong time
199         https://bugs.webkit.org/show_bug.cgi?id=86027
200         <rdar://problem/10615880>
201
202         Reviewed by Antti Koivisto.
203
204         Added an API test.
205
206         The fix is to use CachedResourceHandle throughout MemoryCache, which will certainly
207         keep the resource alive. Also removed earlier fixes.
208
209         * css/CSSImageSetValue.cpp: (WebCore::CSSImageSetValue::cachedImageSet):
210         * css/CSSImageValue.cpp: (WebCore::CSSImageValue::cachedImage):
211         * css/WebKitCSSShaderValue.cpp: (WebCore::WebKitCSSShaderValue::cachedShader):
212         * history/PageCache.cpp: (WebCore::PageCache::releaseAutoreleasedPagesNow):
213         * loader/ImageLoader.cpp: (WebCore::ImageLoader::updateFromElement):
214         * loader/TextTrackLoader.cpp: (WebCore::TextTrackLoader::load):
215         * loader/cache/CachedResourceLoader.cpp:
216         (WebCore::CachedResourceLoader::requestImage):
217         (WebCore::CachedResourceLoader::requestFont):
218         (WebCore::CachedResourceLoader::requestTextTrack):
219         (WebCore::CachedResourceLoader::requestShader):
220         (WebCore::CachedResourceLoader::requestCSSStyleSheet):
221         (WebCore::CachedResourceLoader::requestUserCSSStyleSheet):
222         (WebCore::CachedResourceLoader::requestScript):
223         (WebCore::CachedResourceLoader::requestXSLStyleSheet):
224         (WebCore::CachedResourceLoader::requestSVGDocument):
225         (WebCore::CachedResourceLoader::requestLinkResource):
226         (WebCore::CachedResourceLoader::requestRawResource):
227         (WebCore::CachedResourceLoader::requestResource):
228         (WebCore::CachedResourceLoader::revalidateResource):
229         (WebCore::CachedResourceLoader::loadResource):
230         (WebCore::CachedResourceLoader::requestPreload):
231         * loader/cache/CachedResourceLoader.h: (CachedResourceLoader):
232         * loader/cache/MemoryCache.h: (WebCore::MemoryCache::setPruneEnabled):
233
234         * loader/cache/CachedResourceHandle.h:
235         (WebCore::CachedResourceHandle::CachedResourceHandle):
236         (WebCore::CachedResourceHandle::operator=):
237         Teach CachedResourceHandle how to make CachedResourceHandle<CachedResource> from
238         a handle to subclass.
239
240 2012-05-10  Tien-Ren Chen  <trchen@chromium.org>
241
242         Eliminate duplicated code for culled line box in RenderInline
243         https://bugs.webkit.org/show_bug.cgi?id=85725
244
245         This patch extracts the common part of culledInlineBoundingBox() /
246         culledInlineAbsoluteRects() / culledInlineAbsoluteQuads() to become a
247         template function generateCulledLineBoxRects(). The template function
248         accepts a new parameter, GeneratorContext functor, which will be
249         invoked everytime a new line box rect has been generated. The generated
250         rect will be in local coordinate. The functor will be responsible for
251         appropriate transformation, then appending to vector or union with
252         existing bounding box.
253
254         Reviewed by Eric Seidel.
255
256         No new tests. No change in behavior.
257
258         * rendering/RenderInline.cpp:
259         (WebCore):
260         (WebCore::RenderInline::generateLineBoxRects):
261         (WebCore::RenderInline::generateCulledLineBoxRects):
262         (WebCore::RenderInline::absoluteRects):
263         (WebCore::RenderInline::absoluteQuads):
264         (WebCore::RenderInline::linesBoundingBox):
265         (WebCore::RenderInline::culledInlineVisualOverflowBoundingBox):
266         (WebCore::RenderInline::addFocusRingRects):
267         * rendering/RenderInline.h:
268         (RenderInline):
269
270 2012-05-10  Abhishek Arya  <inferno@chromium.org>
271
272         Crash in swapInNodePreservingAttributesAndChildren.
273         https://bugs.webkit.org/show_bug.cgi?id=85197
274  
275         Reviewed by Ryosuke Niwa.
276  
277         Keep the children in a ref vector before adding them to newNode.
278         They can get destroyed due to mutation events.
279
280         No new tests because we don't have a reduction.
281
282         * editing/ReplaceNodeWithSpanCommand.cpp:
283         (WebCore::swapInNodePreservingAttributesAndChildren):
284
285 2012-05-10  Shinya Kawanaka  <shinyak@chromium.org>
286
287         [Refactoring] Move Selection from DOMWindow to TreeScope.
288         https://bugs.webkit.org/show_bug.cgi?id=82699
289
290         Reviewed by Ryosuke Niwa.
291
292         Since ShadowRoot will also manage its own version of DOMSelection, we would like to
293         share the code among Document and DOMSelection. This patch moves DOMSelection from DOMWindow to TreeScope
294         so that ShadowRoot can also use it.
295
296         No new tests, should covered by existing tests.
297
298         * dom/Document.cpp:
299         (WebCore::Document::updateFocusAppearanceTimerFired):
300         * dom/Document.h:
301         (Document):
302         * dom/ShadowRoot.cpp:
303         (WebCore::ShadowRoot::selection):
304         * do/mTreeScope.cpp:
305         (WebCore::TreeScope::~TreeScope):
306         (WebCore::TreeScope::getSelection):
307         (WebCore):
308         * dom/TreeScope.h:
309         (WebCore):
310         (TreeScope):
311         * page/DOMSelection.cpp:
312         (WebCore::DOMSelection::DOMSelection):
313         (WebCore::DOMSelection::clearTreeScope):
314         (WebCore):
315         * page/DOMSelection.h:
316         (WebCore):
317         (WebCore::DOMSelection::create):
318         (DOMSelection):
319         (WebCore::DOMSelection::frame):
320         * page/DOMWindow.cpp:
321         (WebCore::DOMWindow::~DOMWindow):
322         (WebCore::DOMWindow::clearDOMWindowProperties):
323         (WebCore::DOMWindow::getSelection):
324         * page/DOMWindow.h:
325         (DOMWindow):
326
327 2012-05-10  Kent Tamura  <tkent@chromium.org>
328
329         Unreviewed, rolling out r116594.
330         http://trac.webkit.org/changeset/116594
331         https://bugs.webkit.org/show_bug.cgi?id=86013
332
333         r116594 might have made some composition tests flaky.
334
335         * platform/graphics/chromium/LayerChromium.cpp:
336         (WebCore::LayerChromium::addAnimation):
337         * platform/graphics/chromium/cc/CCLayerAnimationController.cpp:
338         (WebCore::CCLayerAnimationController::pushNewAnimationsToImplThread):
339         * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
340         (WebCore::CCLayerTreeHost::finishCommitOnImplThread):
341         (WebCore::CCLayerTreeHost::didBecomeInvisibleOnImplThread):
342         * platform/graphics/chromium/cc/CCLayerTreeHost.h:
343         (CCLayerTreeHost):
344         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
345         (WebCore::CCLayerTreeHostImpl::CCLayerTreeHostImpl):
346         * platform/graphics/chromium/cc/CCProxy.h:
347         (CCProxy):
348         * platform/graphics/chromium/cc/CCSingleThreadProxy.cpp:
349         (WebCore::CCSingleThreadProxy::CCSingleThreadProxy):
350         (WebCore::CCSingleThreadProxy::doComposite):
351         * platform/graphics/chromium/cc/CCSingleThreadProxy.h:
352         (WebCore):
353         * platform/graphics/chromium/cc/CCThreadProxy.h:
354         (CCThreadProxy):
355
356 2012-05-10  Michael Nordman  <michaeln@google.com>
357
358         [chromium] DomStorage events handling needs TLC (2)
359         https://bugs.webkit.org/show_bug.cgi?id=85221
360         Alter the StorageArea virtual interface such that the mutators no longer
361         return old values. This is to allow implementations of the interface to operate
362         more asynchronously.
363
364         Reviewed by Adam Barth.
365
366         No new tests. Existing tests cover this.
367
368         * storage/StorageArea.h: Alter the interface so the mutators no longer return previous values
369         * storage/StorageAreaImpl.cpp:
370         (WebCore::StorageAreaImpl::disabledByPrivateBrowsingInFrame):  removed an unneeded PLATFORM(CHROMIUM) guard
371         (WebCore::StorageAreaImpl::setItem): no longer return the old value
372         (WebCore::StorageAreaImpl::removeItem): no longer return the old value
373         (WebCore::StorageAreaImpl::clear): no longer return whether something was cleared
374         * storage/StorageAreaImpl.h: match StorageArea's virtual interface
375
376 2012-05-10  Beth Dakin  <bdakin@apple.com>
377
378         https://bugs.webkit.org/show_bug.cgi?id=86158
379         Overlay scrollbars without layers never paint in overflow regions in 
380         tiled drawing mode
381         -and corresponding-
382         <rdar://problem/11289546>
383
384         Reviewed by Darin Adler.
385
386         RenderLayers paint scrollbars that do not have their own layers by 
387         running a second pass through the layer tree after the layer tree has 
388         painted. This ensures that the scrollbars always paint on top of 
389         content. However, this mechanism was relying on 
390         FrameView::paintContents() as a choke-point for all painting to 
391         trigger the second painting pass. That is not a reasonable choke-point 
392         in tiled drawing, so this patch adds similar code to 
393         RenderLayerBacking.
394
395         Only opt into the second painting pass for scrollbars that do not have 
396         their own layers.
397         * rendering/RenderLayer.cpp:
398         (WebCore::RenderLayer::paintOverflowControls):
399         
400         A layer that paints into its backing cannot return early here if it 
401         has overlay scrollbars to paint.
402         (WebCore::RenderLayer::paintLayer):
403         
404         This replicates code in FrameView::paintContents(). After painting the 
405         owning layer, do a second pass if there are overlay scrollbars to 
406         paint.
407         * rendering/RenderLayerBacking.cpp:
408         (WebCore::RenderLayerBacking::paintIntoLayer):
409
410 2012-05-10  Anders Carlsson  <andersca@apple.com>
411
412         Well, at least fixing the GTK+ build is something!
413
414         * platform/gtk/LocalizedStringsGtk.cpp:
415         (WebCore::insecurePluginVersionText):
416         (WebCore):
417
418 2012-05-10  Anders Carlsson  <andersca@apple.com>
419
420         Add insecurePluginVersionText stubs.
421
422         * platform/blackberry/LocalizedStringsBlackBerry.cpp:
423         (WebCore::insecurePluginVersionText):
424         (WebCore):
425         * platform/efl/LocalizedStringsEfl.cpp:
426         (WebCore::insecurePluginVersionText):
427         (WebCore):
428         * platform/qt/LocalizedStringsQt.cpp:
429         (WebCore::insecurePluginVersionText):
430         (WebCore):
431
432 2012-05-10  Sheriff Bot  <webkit.review.bot@gmail.com>
433
434         Unreviewed, rolling out r116677.
435         http://trac.webkit.org/changeset/116677
436         https://bugs.webkit.org/show_bug.cgi?id=86159
437
438         This patch causes linker error to some mac bots (Requested by
439         jianli_ on #webkit).
440
441         * WebCore.exp.in:
442         * dom/ContainerNode.h:
443         * dom/Node.cpp:
444         (WebCore::Node::traverseNextNode):
445         (WebCore::Node::traverseNextSibling):
446         * dom/Node.h:
447         (Node):
448
449 2012-05-10  Abhishek Arya  <inferno@chromium.org>
450
451         Crash in FontCache::releaseFontData due to infinite float size.
452         https://bugs.webkit.org/show_bug.cgi?id=86110
453
454         Reviewed by Andreas Kling.
455
456         New callers always forget to clamp the font size, which overflows
457         to infinity on multiplication. It is best to clamp it at the end
458         to avoid getting greater than std::numeric_limits<float>::max().
459
460         Test: fast/css/large-font-size-crash.html
461
462         * platform/graphics/FontDescription.h:
463         (WebCore::FontDescription::setComputedSize):
464         (WebCore::FontDescription::setSpecifiedSize):
465
466 2012-05-10  Beth Dakin  <bdakin@apple.com>
467
468         https://bugs.webkit.org/show_bug.cgi?id=82131
469         [Mac] REGRESSION (r110480): Text field that specifies background-color 
470         (or is auto-filled) gets un-themed border
471         -and corresponding-
472         <rdar://problem/11115221>
473
474         Reviewed by Maciej Stachowiak.
475
476         This change rolls out r110480 which is what caused styled text fields 
477         to get the un-themed border, and it does a bunch of work to make sure 
478         we get the pretty, new version of the NSTextField art whenever 
479         possible. We do this differently for post-Lion OS's since there is now 
480         a way to opt into it all the time. Lion and SnowLeopard can only use 
481         the new art in HiDPI mode when the background color of the text field 
482         is just white.
483
484         RenderThemeMac::textField() takes a boolean paramter used to determine 
485         if the new gradient will be used.
486         * rendering/RenderThemeMac.h:
487         (RenderThemeMac):
488         
489         This is the post-Lion workaround. This code has no effect on Lion and 
490         SnowLeopard. This allows up to opt into a version of [NSTextField drawWithFrame:] that will only draw the frame of the text field; without this, it will draw the frame and the background, which creates a number of problems with styled text fields and text fields in HiDPI. There is a less comprehesive workaround for Lion and SnowLeopard in place in RenderThemeMac::textField().
491         * rendering/RenderThemeMac.mm:
492         (-[WebCoreTextFieldCell _coreUIDrawOptionsWithFrame:inView:includeFocus:]):
493         
494         This is the roll-out of r110480.
495         (WebCore::RenderThemeMac::isControlStyled):
496         
497         See the comments for a full explanation, but this is mostly code for 
498         Lion and SnowLeopard to determine if we can opt into the new artwork.
499         (WebCore::RenderThemeMac::paintTextField):
500         (WebCore::RenderThemeMac::textField):
501
502 2012-05-10  Anders Carlsson  <andersca@apple.com>
503
504         WebKit1: Add a way to blacklist specific plug-ins/plug-in versions
505         https://bugs.webkit.org/show_bug.cgi?id=86150
506         <rdar://problem/9551196>
507
508         Reviewed by Sam Weinig.
509
510         * English.lproj/Localizable.strings:
511         Update.
512
513         * loader/SubframeLoader.cpp:
514         (WebCore::SubframeLoader::loadPlugin):
515         It is possible that the client has already set the unavailability reason so don't try to set it twice.
516
517         * platform/LocalizedStrings.cpp:
518         (WebCore::insecurePluginVersionText):
519         * platform/LocalizedStrings.h:
520         Add insecure plug-in version text.
521
522         * rendering/RenderEmbeddedObject.cpp:
523         (WebCore::RenderEmbeddedObject::unavailablePluginReplacementText):
524         * rendering/RenderEmbeddedObject.h:
525         Add InsecurePluginVersion unavailability reason.
526
527 2012-05-10  Eric Seidel  <eric@webkit.org>
528
529         Make IFRAME_SEAMLESS child documents inherit styles from their parent iframe element
530         https://bugs.webkit.org/show_bug.cgi?id=85940
531
532         Reviewed by Ojan Vafai.
533
534         The HTML5 <iframe seamless> spec says:
535         In a CSS-supporting user agent: the user agent must, for the purpose of CSS property
536         inheritance only, treat the root element of the active document of the iframe
537         element's nested browsing context as being a child of the iframe element.
538         (Thus inherited properties on the root element of the document in the
539         iframe will inherit the computed values of those properties on the iframe
540         element instead of taking their initial values.)
541
542         Initially I implemented this support to the letter of the spec. However, doing so I learned
543         that WebKit has a RenderStyle for the Document Node, not just the root element of the document.
544         In this RenderStyle on the Document, we add a bunch of per-document styles from settings
545         including designMode.
546
547         This change makes StyleResolver::styleForDocument inherit style from the parent iframe's
548         style, before applying any of these per-document styles.  This may or may not be correct
549         depending on what behavior we want for rtl-ordering, page-zoom, locale, design mode, etc.
550         For now, we continue to treat the iframe's document as independent in these regards, and
551         the settings on that document override those inherited from the iframe.
552
553         Also, intially when making this work, I added redirects in recalcStyle and scheduleStyleRecalc
554         from the child document to the parent document in the case of seamless (since the parent
555         document effectively manages the style resolve and layout of the child in seamless mode).
556         However, I was not able to find a test which depended on this code change, so in this final patch
557         I have removed both of these modifications and replaced them with FIXMEs.  Based on discussions
558         with Ojan and James Robinson, I believe both of those changes may eventually be wanted.
559
560         This change basically does 3 things:
561         1.  Makes StyleResolver::styleForDocument inherit from the parent iframe.
562         2.  Makes any recalcStyle calls on the iframe propogate down into the child document (HTMLIFrameElement::didRecalcStyle).
563         3.  Makes Document::recalcStyle aware of the fact that the Document's style *can* change
564             for reasons other than recalcStyle(Force).
565
566         I'm open to more testing suggestions, if reviewers have settings on the Document's style
567         that you want to make sure we inherit from the parent iframe, or don't inherit, etc.
568         I view this as a complete solution to this aspect of the current <iframe seamless> spec,
569         but likely not the last code we will write for this aspect of the seamless feature. :)
570
571         Tested by fast/frames/seamlesss/seamless-css-cascade.html and seamless-designMode.html
572
573         * css/StyleResolver.cpp:
574         (WebCore::StyleResolver::collectMatchingRulesForList):
575         * dom/Document.cpp:
576         (WebCore::Document::scheduleStyleRecalc):
577         (WebCore::Document::recalcStyle):
578         * html/HTMLIFrameElement.cpp:
579         (WebCore::HTMLIFrameElement::HTMLIFrameElement):
580         (WebCore::HTMLIFrameElement::didRecalcStyle):
581         (WebCore):
582         * html/HTMLIFrameElement.h:
583         (HTMLIFrameElement):
584
585 2012-05-10  Julien Chaffraix  <jchaffraix@webkit.org>
586
587         Crash in computedCSSPadding* functions due to RenderImage::imageDimensionsChanged called during attachment
588         https://bugs.webkit.org/show_bug.cgi?id=85912
589
590         Reviewed by Eric Seidel.
591
592         Tests: fast/images/link-body-content-imageDimensionChanged-crash.html
593                fast/images/script-counter-imageDimensionChanged-crash.html
594
595         The bug comes from CSS generated images that could end up calling imageDimensionsChanged during attachment. As the
596         rest of the code (e.g. computedCSSPadding*) would assumes that we are already inserted in the tree, we would crash.
597
598         The solution is to bail out in this case as newly inserted RenderObject will trigger layout later on and properly
599         handle what we would be doing as part of imageDimensionChanged (the only exception being updating our intrinsic
600         size which should be done as part of imageDimensionsChanged).
601
602         * rendering/RenderImage.cpp:
603         (WebCore::RenderImage::imageDimensionsChanged):
604
605 2012-05-10  Adam Barth  <abarth@webkit.org>
606
607         ASSERT in BidiResolver<Iterator, Run>::commitExplicitEmbedding makes running debug builds annoying
608         https://bugs.webkit.org/show_bug.cgi?id=86140
609
610         Reviewed by Eric Seidel.
611
612         The correct fix here is to resolve
613         https://bugs.webkit.org/show_bug.cgi?id=76574, but in the mean time,
614         this ASSERT is annoying.
615
616         * platform/text/BidiResolver.h:
617         (WebCore::::commitExplicitEmbedding):
618
619 2012-05-10  Mark Pilgrim  <pilgrim@chromium.org>
620
621         [Chromium] Call addTraceEvent and getTraceCategoryEnabledFlag directly
622         https://bugs.webkit.org/show_bug.cgi?id=85399
623
624         Reviewed by Adam Barth.
625
626         Part of a refactoring series. See tracking bug 82948.
627
628         * CMakeLists.txt:
629         * GNUmakefile.list.am:
630         * Target.pri:
631         * WebCore.gypi:
632         * WebCore.vcproj/WebCore.vcproj:
633         * WebCore.xcodeproj/project.pbxproj:
634         * platform/EventTracer.cpp: Added.
635         (WebCore):
636         (WebCore::EventTracer::getTraceCategoryEnabledFlag):
637         (WebCore::EventTracer::addTraceEvent):
638         * platform/EventTracer.h: Added.
639         (WebCore):
640         (EventTracer):
641         * platform/chromium/EventTracerChromium.cpp: Added.
642         (WebCore):
643         (WebCore::EventTracer::getTraceCategoryEnabledFlag):
644         (WebCore::EventTracer::addTraceEvent):
645         * platform/chromium/PlatformSupport.h:
646         * platform/chromium/TraceEvent.h:
647
648 2012-05-10  Adam Barth  <abarth@webkit.org>
649
650         ScrollView::fixedVisibleContentRect should be public
651         https://bugs.webkit.org/show_bug.cgi?id=86147
652
653         Reviewed by Eric Seidel.
654
655         Some code in the WebKit layer of OS(ANDROID) uses this function. That
656         could will be upstreamed in a later patch. For now, this patch just
657         makes this function public so that we remove the diff to this file.
658
659         * platform/ScrollView.h:
660         (WebCore::ScrollView::fixedVisibleContentRect):
661         (WebCore::ScrollView::delegatesScrollingDidChange):
662
663 2012-05-10  Anders Carlsson  <andersca@apple.com>
664
665         Rename the missing plug-in indicator to the unavailable plug-in indicator
666         https://bugs.webkit.org/show_bug.cgi?id=86136
667
668         Reviewed by Sam Weinig.
669
670         Since the indicator is shown for more than just missing plug-ins, generalize it and use a plug-in unavailability
671         reason enum to make it easier to extend. Also, pass the unavailability reason to the ChromeClient member functions.
672
673         * WebCore.exp.in:
674         * html/HTMLEmbedElement.cpp:
675         (WebCore::HTMLEmbedElement::updateWidget):
676         * html/HTMLObjectElement.cpp:
677         (WebCore::HTMLObjectElement::updateWidget):
678         * html/HTMLPlugInElement.cpp:
679         (WebCore::HTMLPlugInElement::defaultEventHandler):
680         * html/HTMLPlugInImageElement.cpp:
681         (WebCore::HTMLPlugInImageElement::updateWidgetIfNecessary):
682         * loader/SubframeLoader.cpp:
683         (WebCore::SubframeLoader::loadPlugin):
684         * page/ChromeClient.h:
685         (WebCore::ChromeClient::shouldUnavailablePluginMessageBeButton):
686         (WebCore::ChromeClient::unavailablePluginButtonClicked):
687         * page/FrameView.cpp:
688         (WebCore::FrameView::updateWidget):
689         * rendering/RenderEmbeddedObject.cpp:
690         (WebCore::RenderEmbeddedObject::RenderEmbeddedObject):
691         (WebCore::RenderEmbeddedObject::setPluginUnavailabilityReason):
692         (WebCore::RenderEmbeddedObject::showsUnavailablePluginIndicator):
693         (WebCore::RenderEmbeddedObject::setUnavailablePluginIndicatorIsPressed):
694         (WebCore::RenderEmbeddedObject::paint):
695         (WebCore::RenderEmbeddedObject::paintReplaced):
696         (WebCore::RenderEmbeddedObject::getReplacementTextGeometry):
697         (WebCore::RenderEmbeddedObject::unavailablePluginReplacementText):
698         (WebCore):
699         (WebCore::RenderEmbeddedObject::isInUnavailablePluginIndicator):
700         (WebCore::shouldUnavailablePluginMessageBeButton):
701         (WebCore::RenderEmbeddedObject::handleUnavailablePluginIndicatorEvent):
702         (WebCore::RenderEmbeddedObject::getCursor):
703         * rendering/RenderEmbeddedObject.h:
704         (RenderEmbeddedObject):
705
706 2012-05-10  Brady Eidson  <beidson@apple.com>
707
708         <rdar://problem/10972577> and https://bugs.webkit.org/show_bug.cgi?id=80170
709         Contents of noscript elements turned into strings in WebArchives
710
711         Reviewed by Andy Estes.
712
713         There's a much deeper question about how innerHTML of <noscript> is expected to work in 
714         both a scripting and non-scripting environment that we should pursue separately.
715
716         But for webarchives, we can solve this by filtering out the <noscript> elements completely 
717         if scripting is enabled.
718
719         Test: webarchive/ignore-noscript-if-scripting-enabled.html
720
721         * WebCore.exp.in:
722
723         Add arguments to createMarkup and MarkupAccumulator methods to pass a Vector of QualifiedNames
724         that should be filtered from the resulting markup:
725         * editing/MarkupAccumulator.cpp:
726         (WebCore::MarkupAccumulator::serializeNodes):
727         (WebCore::MarkupAccumulator::serializeNodesWithNamespaces):
728         * editing/MarkupAccumulator.h:
729         * editing/markup.cpp:
730         (WebCore::createMarkup):
731         * editing/markup.h:
732
733         If scripting is enabled, add the noscriptTag to the tag names to filter:
734         * loader/archive/cf/LegacyWebArchive.cpp:
735         (WebCore::LegacyWebArchive::create):
736
737 2012-05-10  Abhishek Arya  <inferno@chromium.org>
738
739         Crash due to floats not removed from first-letter element.
740         https://bugs.webkit.org/show_bug.cgi?id=86019
741
742         Reviewed by Julien Chaffraix.
743
744         Move clearing logic of a floating/positioned object from removeChild
745         to removeChildNode. There are lot of places which use removeChildNode
746         directly and hence the object is not removed from the floating or
747         positioned objects list.
748
749         Test: fast/block/float/float-not-removed-from-first-letter.html
750
751         * rendering/RenderObject.cpp:
752         (WebCore::RenderObject::removeChild):
753         * rendering/RenderObjectChildList.cpp:
754         (WebCore::RenderObjectChildList::removeChildNode):
755
756 2012-05-10  Andreas Kling  <kling@webkit.org>
757
758         Remove empty ElementAttributeData destructor.
759         <http://webkit.org/b/86126>
760
761         Reviewed by Antti Koivisto.
762
763         * dom/ElementAttributeData.cpp:
764         * dom/ElementAttributeData.h:
765
766 2012-05-10  Yury Semikhatsky  <yurys@chromium.org>
767
768         Web Inspector: heap snapshot comparison view is broken
769         https://bugs.webkit.org/show_bug.cgi?id=86102
770
771         Reviewed by Pavel Feldman.
772
773         Pass HeapSnapshotProxy instead of undefined to the profile load callback. Added
774         compiler annotations to avoid such errors in the future.
775
776         * inspector/front-end/HeapSnapshotView.js:
777
778 2012-05-10  Zan Dobersek  <zandobersek@gmail.com>
779
780         [GTK] ENABLE_IFRAME_SEAMLESS support
781         https://bugs.webkit.org/show_bug.cgi?id=85843
782
783         Reviewed by Eric Seidel.
784
785         Export the ENABLE_IFRAME_SEAMLESS feature define when the feature is
786         enabled.
787
788         No new tests - all the related tests should now be passing.
789
790         * GNUmakefile.am:
791
792 2012-05-10  Antti Koivisto  <antti@apple.com>
793
794         Inline Node::traverseNextNode
795         https://bugs.webkit.org/show_bug.cgi?id=85844
796
797         Reviewed by Ryosuke Niwa.
798         
799         Inline traverseNextNode and traverseNextSibling to reduce entry/exit overhead and allow better code generation
800         for many hot loops.
801
802         In this version only the firstChild()/nextSibling() tests are inlined and the ancestor traversal is not.
803         
804         Performance bots will tell if this was worthwhile.
805
806         * dom/ContainerNode.h:
807         (WebCore::Node::traverseNextNode):
808         (WebCore):
809         (WebCore::Node::traverseNextSibling):
810         * dom/Node.cpp:
811         (WebCore::Node::traverseNextAncestorSibling):
812         * dom/Node.h:
813         (Node):
814
815 2012-05-10  Tommy Widenflycht  <tommyw@google.com>
816
817         MediaStream API: Fix MediaHints parsing
818         https://bugs.webkit.org/show_bug.cgi?id=86098
819
820         Reviewed by Adam Barth.
821
822         Not currently testable. Working on a series of patches that will fix that.
823
824         * Modules/mediastream/PeerConnection00.cpp:
825         (WebCore::PeerConnection00::createMediaHints):
826
827 2012-05-10  Tommy Widenflycht  <tommyw@google.com>
828
829         [chromium] MediaStream API: Fix the ExtraData functionality in WebMediaStreamDescriptor
830         https://bugs.webkit.org/show_bug.cgi?id=86087
831
832         Reviewed by Adam Barth.
833
834         Not easy to test but I have added code that excercises this to WebUserMediaClientMock (in DumpRenderTree).
835
836         * platform/chromium/support/WebMediaStreamDescriptor.cpp:
837         (WebKit::WebMediaStreamDescriptor::setExtraData):
838
839 2012-05-10  Pavel Feldman  <pfeldman@chromium.org>
840
841         Web Inspector: search title is shown beside the search field (not under) in the vertical mode.
842         https://bugs.webkit.org/show_bug.cgi?id=86120
843
844         Reviewed by Yury Semikhatsky.
845
846         This change makes search title render as placeholder at all times.
847         It also adjusts the size of the search field when navigation arrows appear.
848
849         * inspector/front-end/SearchController.js:
850         (WebInspector.SearchController):
851         (WebInspector.SearchController.prototype.updateSearchLabel):
852         (WebInspector.SearchController.prototype._updateSearchNavigationButtonState):
853         (WebInspector.SearchController.prototype._createSearchNavigationButton):
854         * inspector/front-end/inspector.css:
855         (#toolbar-search-item):
856         (.with-navigation-buttons #search):
857         (.toolbar-search-navigation-label):
858         (.with-navigation-buttons .toolbar-search-navigation-label):
859         * inspector/front-end/inspector.html:
860
861 2012-05-10  Varun Jain  <varunjain@google.com>
862
863         [chromium] Trigger context menu for long press gesture
864         https://bugs.webkit.org/show_bug.cgi?id=85919
865
866         Reviewed by Adam Barth.
867
868         Test: fast/events/touch/gesture/context-menu-on-long-press.html
869
870         * page/EventHandler.cpp:
871         (WebCore):
872         (WebCore::EventHandler::sendContextMenuEventForGesture):
873         * page/EventHandler.h:
874         (EventHandler):
875
876 2012-05-10  Abhishek Arya  <inferno@chromium.org>
877
878         Crash in ApplyStyleCommand::joinChildTextNodes.
879         https://bugs.webkit.org/show_bug.cgi?id=85939
880
881         Reviewed by Ryosuke Niwa.
882
883         Test: editing/style/apply-style-join-child-text-nodes-crash.html
884
885         * editing/ApplyStyleCommand.cpp:
886         (WebCore::ApplyStyleCommand::applyRelativeFontStyleChange): add conditions
887         to bail out if our start and end position nodes are removed due to 
888         mutation events in joinChildTextNodes.
889         (WebCore::ApplyStyleCommand::applyInlineStyle): this executes after
890         applyRelativeFontStyleChange in ApplyStyleCommand::doApply. So, need
891         to bail out if our start and end position nodes are removed due to
892         mutation events.
893         (WebCore::ApplyStyleCommand::joinChildTextNodes): hold all the children
894         in a ref vector to prevent them from getting destroyed due to mutation events.
895
896 2012-05-10  Erik Arvidsson  <arv@chromium.org>
897
898         Unreviewed, rebaselined run-bindings-tests results.
899
900         * bindings/scripts/test/JS/JSTestEventTarget.cpp:
901         (WebCore::jsTestEventTargetPrototypeFunctionAddEventListener):
902         (WebCore::jsTestEventTargetPrototypeFunctionRemoveEventListener):
903         * bindings/scripts/test/JS/JSTestObj.cpp:
904         (WebCore::jsTestObjPrototypeFunctionAddEventListener):
905         (WebCore::jsTestObjPrototypeFunctionRemoveEventListener):
906         * bindings/scripts/test/V8/V8TestException.cpp:
907         (WebCore::V8TestException::wrapSlow):
908         * bindings/scripts/test/V8/V8TestException.h:
909         (WebCore::V8TestException::wrap):
910
911 2012-05-10  Abhishek Arya  <inferno@chromium.org>
912
913         Crash in InsertParagraphSeparatorCommand::doApply.
914         https://bugs.webkit.org/show_bug.cgi?id=84995
915
916         Reviewed by Ryosuke Niwa.
917
918         Test: editing/inserting/insert-paragraph-seperator-crash.html
919
920         * editing/DeleteSelectionCommand.cpp:
921         (WebCore::DeleteSelectionCommand::mergeParagraphs): no need of static cast, since
922         type of enclosingBlock returned is already Element*.
923         * editing/IndentOutdentCommand.cpp:
924         (WebCore::IndentOutdentCommand::tryIndentingAsListItem): no need of static cast, since
925         type of enclosingBlock returned is already Element*.
926         * editing/InsertParagraphSeparatorCommand.cpp:
927         (WebCore::InsertParagraphSeparatorCommand::doApply): RefPtr startBlock to guard against
928         mutation events.
929         * editing/htmlediting.cpp:
930         (WebCore::enclosingBlock): make sure type of enclosingNode is an element before doing
931         the static cast. This was already failing in a couple of layout tests. Also, isBlock
932         check already exists in the function call to enclosingNodeOfType, so don't need it
933         again on enclosingNode's renderer.
934         * editing/htmlediting.h: 
935         (WebCore):
936
937 2012-05-10  Allan Sandfeld Jensen  <allan.jensen@nokia.com>
938
939         TouchAdjustment doesn't correct for scroll-offsets.
940         https://bugs.webkit.org/show_bug.cgi?id=86083
941
942         Reviewed by Kenneth Rohde Christiansen.
943
944         Already tested by: touchadjustment/scroll-delegation
945
946         * page/EventHandler.cpp:
947         (WebCore::EventHandler::bestClickableNodeForTouchPoint):
948         (WebCore::EventHandler::bestZoomableAreaForTouchPoint):
949         * page/TouchAdjustment.cpp:
950         (WebCore::TouchAdjustment::findNodeWithLowestDistanceMetric):
951         * testing/Internals.cpp:
952         (WebCore::Internals::bestZoomableAreaForTouchPoint):
953
954 2012-05-10  Konrad Piascik  <kpiascik@rim.com>
955
956         Fix typo in filename
957         https://bugs.webkit.org/show_bug.cgi?id=86095
958
959         Reviewed by Andreas Kling.
960
961         * UseJSC.cmake:
962
963 2012-05-10  Stephen Chenney  <schenney@chromium.org>
964
965         SVG Filters allow invalid elements as children
966         https://bugs.webkit.org/show_bug.cgi?id=83979
967
968         Reviewed by Nikolas Zimmermann.
969
970         According to the SVG spec, there are numerous restrictions on the
971         content of nodes (that is, their children). Specific to this problem,
972         SVGFilter elements may only contain SVGFilterPrimitive elements, and
973         those may only contain animation related elements. This patch enforces
974         the restriction on filters in the render tree, thus preventing us from
975         having (for instance) content that is inside a filter yet filtered by
976         the filter.
977
978         Manual test: ManualTests/bugzilla-83979.svg
979
980         * svg/SVGFilterElement.cpp:
981         (WebCore::SVGFilterElement::childShouldCreateRenderer): Added to only allow renderers for fe* children
982         (WebCore):
983         * svg/SVGFilterElement.h:
984         (SVGFilterElement):
985         * svg/SVGFilterPrimitiveStandardAttributes.h: Do not allow any children at all for fe* elements.
986         (SVGFilterPrimitiveStandardAttributes):
987
988 2012-05-10  Joe Thomas  <joethomas@motorola.com>
989
990         [CSS3 Backgrounds and Borders] Add background-size to the background shorthand
991         https://bugs.webkit.org/show_bug.cgi?id=27577
992
993         Reviewed by Alexis Menard.
994
995         Added CSSPropertyBackgroundSize to the background shorthand propery. Added the logic for parsing background-size.
996         bakground-size appears after background-position followed by a '/'.
997         The specification related to this change is http://www.w3.org/TR/css3-background/#the-background
998
999         Tests: fast/backgrounds/background-shorthand-with-backgroundSize-style.html
1000                fast/backgrounds/size/backgroundSize-in-background-shorthand.html
1001
1002         * css/CSSComputedStyleDeclaration.cpp:
1003         (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
1004         (WebCore::CSSComputedStyleDeclaration::getBackgroundShorthandValue):
1005         (WebCore):
1006         * css/CSSComputedStyleDeclaration.h:
1007         (CSSComputedStyleDeclaration):
1008         * css/CSSParser.cpp:
1009         (WebCore::CSSParser::parseValue):
1010         (WebCore::CSSParser::parseFillShorthand):
1011         * css/StylePropertySet.cpp:
1012         (WebCore::StylePropertySet::getLayeredShorthandValue):
1013         * css/StylePropertyShorthand.cpp:
1014         (WebCore):
1015         (WebCore::backgroundShorthand):
1016
1017 2012-05-10  MORITA Hajime <morrita@google.com>
1018
1019         Node::InDetachFlag could be removed.
1020         https://bugs.webkit.org/show_bug.cgi?id=85963
1021
1022         Reviewed by Antti Koivisto.
1023
1024         Removed Node::inDetach() since it can never true
1025         on the only call site setFocusedNode().
1026
1027         No new test. Covered by existing tests.
1028
1029         * dom/Document.cpp:
1030         (WebCore::Document::setFocusedNode):
1031         * dom/Node.cpp:
1032         (WebCore::Node::detach):
1033         * dom/Node.h:
1034         (WebCore):
1035         (Node):
1036
1037 2012-05-10  Keishi Hattori  <keishi@webkit.org>
1038
1039         Crash in HTMLFormControlElement::m_fieldSetAncestor
1040         https://bugs.webkit.org/show_bug.cgi?id=86070
1041
1042         Reviewed by Kent Tamura.
1043
1044         No new tests.
1045
1046         The previous patch r115990 didn't completely resolve the crash (Bug 85453)
1047         We don't have a reproducible test case, so we are reverting to the old code for setting m_fieldSetAncestor.
1048
1049         * html/HTMLFormControlElement.cpp:
1050         (WebCore::HTMLFormControlElement::HTMLFormControlElement):
1051         (WebCore::HTMLFormControlElement::updateFieldSetAndLegendAncestor):
1052         (WebCore::HTMLFormControlElement::insertedInto): Set m_dataListAncestorState to Unknown because ancestor has changed. Call setNeedsWillValidateCheck because style might need to be updated.
1053         (WebCore::HTMLFormControlElement::removedFrom):
1054         (WebCore::HTMLFormControlElement::disabled):
1055         (WebCore::HTMLFormControlElement::recalcWillValidate):
1056         (WebCore::HTMLFormControlElement::willValidate):
1057         (WebCore::HTMLFormControlElement::setNeedsWillValidateCheck):
1058         * html/HTMLFormControlElement.h:
1059         (HTMLFormControlElement): Added m_dataListAncestorState.
1060
1061 2012-05-10  Sam D  <dsam2912@gmail.com>
1062
1063         Web Inspector: rename InspectorBackendStub.js to InspectorBackendCommands.js
1064         https://bugs.webkit.org/show_bug.cgi?id=72306
1065
1066         Changed name for InspectorBackendStub.js to
1067         InspectorBackendCommands.js
1068
1069         Reviewed by Yury Semikhatsky.
1070
1071         No new tests required. File name is changed.
1072
1073         * DerivedSources.pri:
1074         * GNUmakefile.am:
1075         * Target.pri:
1076         * WebCore.gyp/WebCore.gyp:
1077         * WebCore.gypi:
1078         * WebCore.vcproj/copyWebCoreResourceFiles.cmd:
1079         * WebCore.xcodeproj/project.pbxproj:
1080         * gyp/copy-inspector-resources.sh:
1081         * inspector/CodeGeneratorInspector.py:
1082         * inspector/front-end/InspectorBackendCommands.qrc: Added.
1083         * inspector/front-end/InspectorBackendStub.qrc: Removed.
1084         * inspector/front-end/inspector.html:
1085
1086 2012-05-10  Alexis Menard  <alexis.menard@openbossa.org>
1087
1088         [Qt] Avoid string conversions to construct a QUrl when using Qt5.
1089         https://bugs.webkit.org/show_bug.cgi?id=86006
1090
1091         Reviewed by Kenneth Rohde Christiansen.
1092
1093         In Qt5, the QUrl constructor can handle the string directly, even in UTF-16 because the
1094         constructor QUrl(QString) has been fixed. Unfortunately we still need to use the old
1095         code path when building with Qt4.
1096
1097         No new tests : it's a performance improvement which should be covered by tests.
1098
1099         * platform/qt/KURLQt.cpp:
1100         (WebCore::KURL::operator QUrl):
1101
1102 2012-05-10  Noel Gordon  <noel.gordon@gmail.com>
1103
1104         [chromium] REGRESSION(r107389) Visible line artifacts on some JPEG images
1105         https://bugs.webkit.org/show_bug.cgi?id=85772
1106
1107         Reviewed by Kent Tamura.
1108
1109         On some JPEG images, vertical and horizontal lines artifacts might appear in image
1110         regions with very high frequency color variation when using DCT_IFAST decodes. Use
1111         DCT_IFAST on small screen devices only (Chromium Android).
1112
1113         No new tests. Covered by existing tests.
1114
1115         * platform/image-decoders/jpeg/JPEGImageDecoder.cpp:
1116         (dctMethod): Permit DCT_IFAST decoding for Chromium Android only.
1117
1118 2012-05-10  Kenneth Rohde Christiansen  <kenneth@webkit.org>
1119
1120         [Qt] Implement fit-to-width behaviour
1121         https://bugs.webkit.org/show_bug.cgi?id=86085
1122
1123         Reviewed by Simon Hausmann.
1124
1125         Add a method to get the minimum scale factor that contains the content
1126         without showing any chrome background.
1127
1128         * dom/ViewportArguments.cpp:
1129         (WebCore::computeMinimumScaleFactorForContentContained):
1130         (WebCore):
1131         * dom/ViewportArguments.h:
1132         (WebCore):
1133
1134 2012-05-10  MORITA Hajime  <morrita@google.com>
1135
1136         Remove support for Node::willRemove()
1137         https://bugs.webkit.org/show_bug.cgi?id=55209
1138
1139         Reviewed by Ryosuke Niwa.
1140
1141         This change de-virtualizes Node::willRemove(), gains
1142         5% speedup on Dromaeo dom-modify.
1143
1144         Originally there were 5 willRemove() overrides:
1145         - Element
1146         - HTMLStyleElement
1147         - HTMLSourceElement
1148         - HTMLTrackElement
1149         - HTMLFrameOwnerElement
1150
1151         For first 4 items, this change moves their implementations to
1152         Node::removedFrom() overrides.
1153
1154         Then HTMLFrameOwnerElement is the only class which needs the
1155         notification.  Because it emits the "unload" event, it needs some
1156         notification _before_ its removal. To handle that, this change
1157         introduces ChildFrameDisconnector which collects
1158         corresponding decendant elements and disconnect their content frame.
1159
1160         Even though this approach doesn't kill pre-removal tree traversal
1161         completely, it's a bit more efficient due to the de-virtualization.
1162
1163         No new tests. Covered by existing test.
1164
1165         * dom/ContainerNode.cpp:
1166         (WebCore::willRemoveChild): Replaced willRemove() call with ChildFrameDisconnector.
1167         (WebCore::willRemoveChildren): Ditto.
1168         (WebCore::ContainerNode::disconnectDescendantFrames): Added. Used from FrameLoader to replace Document::willRemove() call.
1169         (WebCore):
1170         * dom/ContainerNode.h:
1171         (ContainerNode):
1172         * dom/ContainerNodeAlgorithms.cpp:
1173         (WebCore::ChildFrameDisconnector::collectDescendant):
1174         (WebCore):
1175         (WebCore::ChildFrameDisconnector::Target::disconnect):
1176         * dom/ContainerNodeAlgorithms.h:
1177         (ChildFrameDisconnector):
1178         (Target):
1179         (WebCore::ChildFrameDisconnector::Target::Target):
1180         (WebCore::ChildFrameDisconnector::Target::isValid):
1181         (WebCore):
1182         (WebCore::ChildFrameDisconnector::ChildFrameDisconnector):
1183         (WebCore::ChildFrameDisconnector::collectDescendant):
1184         (WebCore::ChildFrameDisconnector::disconnect):
1185         * dom/Element.cpp:
1186         (WebCore::Element::removedFrom):
1187         * dom/Element.h:
1188         * dom/ElementShadow.cpp:
1189         * dom/ElementShadow.h:
1190         (ElementShadow):
1191         * dom/Node.cpp:
1192         * dom/Node.h: Added IsFrameOwnerElement flag to de-virtualize IsFrameOwnerElement().
1193         (WebCore::Node::isFrameOwnerElement): De-virtualized.
1194         (Node):
1195         * html/HTMLElement.h:
1196         (HTMLElement):
1197         (WebCore::HTMLElement::HTMLElement):
1198         * html/HTMLFrameOwnerElement.cpp:
1199         (WebCore::HTMLFrameOwnerElement::HTMLFrameOwnerElement):
1200         (WebCore::HTMLFrameOwnerElement::disconnectContentFrame): Extracted from original willRemove().
1201         * html/HTMLFrameOwnerElement.h:
1202         (HTMLFrameOwnerElement):
1203         (WebCore::toFrameOwnerElement):
1204         (WebCore):
1205         * html/HTMLMediaElement.cpp:
1206         (WebCore::HTMLMediaElement::sourceWasRemoved): Renamed from sourceWillBeRemoved(), dealing with the timing change.
1207         * html/HTMLMediaElement.h:
1208         (HTMLMediaElement):
1209         (WebCore::isMediaElement):
1210         (WebCore):
1211         (WebCore::toMediaElement):
1212         * html/HTMLSourceElement.cpp:
1213         (WebCore::HTMLSourceElement::removedFrom): Moved some code from willRemove().
1214         * html/HTMLSourceElement.h:
1215         (HTMLSourceElement):
1216         * html/HTMLStyleElement.cpp:
1217         (WebCore::HTMLStyleElement::removedFrom):
1218         (WebCore):
1219         * html/HTMLStyleElement.h:
1220         (HTMLStyleElement):
1221         * html/HTMLTrackElement.cpp:
1222         (WebCore::HTMLTrackElement::removedFrom): Moved some code from willRemove().
1223         * html/HTMLTrackElement.h:
1224         (HTMLTrackElement):
1225         * loader/FrameLoader.cpp:
1226         (WebCore::FrameLoader::clear):
1227
1228 2012-05-10  Kinuko Yasuda  <kinuko@chromium.org>
1229
1230         Change the return type of Entry.toURL() back to String from KURL
1231         https://bugs.webkit.org/show_bug.cgi?id=85858
1232
1233         Reviewed by Ryosuke Niwa.
1234
1235         I once changed it from String to KURL in r116273 but it turned out that
1236         it involves implicit conversion and may incur extra overhead.
1237         This partly reverts r116273 while keeping some internal functions
1238         returning KURL as it's what we initially create as and is more
1239         convenient to operate on.
1240
1241         No new tests; no functional or visible changes.
1242
1243         * Modules/filesystem/EntryBase.cpp:
1244         (WebCore::EntryBase::toURL):
1245         * Modules/filesystem/EntryBase.h:
1246         (EntryBase):
1247
1248 2012-05-10  Alexander Pavlov  <apavlov@chromium.org>
1249
1250         Web Inspector: Autocomplete for CSS property values in the Styles pane behaving incorrectly
1251         https://bugs.webkit.org/show_bug.cgi?id=85784
1252
1253         Reviewed by Vsevolod Vlasov.
1254
1255         Before executing the number increment/decrement within CSS property value, the current word is checked
1256         for being a valid suggestion for the current property, and if it is, the numeric change is skipped
1257         in favor of the suggested property value switch by a suggest box.
1258
1259         * inspector/front-end/StylesSidebarPane.js:
1260
1261 2012-05-10  Abhishek Arya  <inferno@chromium.org>
1262
1263         Make DOMCharacterDataModified a scoped event (similar to r73690).
1264         https://bugs.webkit.org/show_bug.cgi?id=85920
1265
1266         Reviewed by Ryosuke Niwa.
1267
1268         DOMCharacterDataModified was missing in the list of already scoped
1269         DOM mutation events like DOMSubtreeModified, DOMNodeInserted, etc.
1270         It helps to delay event dispatches until the completion of each call
1271         of EditCommand::doApply. This has been useful in the past and helped to 
1272         prevent unexpected DOM tree mutations while the editing command is executing.
1273
1274         * dom/CharacterData.cpp:
1275         (WebCore::CharacterData::dispatchModifiedEvent):
1276
1277 2012-05-10  Alexandre Elias  <aelias@google.com>
1278
1279         Default to null value for HistoryItem::m_pageScaleFactor
1280         https://bugs.webkit.org/show_bug.cgi?id=84385
1281
1282         Reviewed by Adam Barth.
1283
1284         Previously, HistoryItem::m_pageScaleFactor defaulted to a value
1285         of 1, making it impossible to determine whether this value was never
1286         set, or intentionally set to 1.  This patch introduces a default value
1287         of 0 and makes restoreScrollPositionAndViewState not touch the page
1288         scale factor if this value is still present at time of reload.
1289
1290         This is a no-op change for common navigation scenarios.  The
1291         motivation for this change is the corner case of syncing history items
1292         from a desktop browser to a mobile device.  In that case, we need a
1293         way to specify that the history item does not contain a
1294         pageScaleFactor so that the mobile device does not display the page
1295         overly zoomed in.
1296
1297         No new tests.
1298
1299         * history/HistoryItem.cpp:
1300         (WebCore::HistoryItem::HistoryItem):
1301         * loader/HistoryController.cpp:
1302         (WebCore::HistoryController::restoreScrollPositionAndViewState):
1303
1304 2012-05-10  Csaba Osztrogon√°c  <ossy@webkit.org>
1305
1306         Use suitable viewport values when a Mobile DTD is used.
1307         https://bugs.webkit.org/show_bug.cgi?id=85425
1308
1309         Unreviewed debug buildfix after r116571.
1310
1311         * dom/Document.cpp:
1312         (WebCore::Document::setDocType):
1313
1314 2012-05-10  Yoshifumi Inoue  <yosin@chromium.org>
1315
1316         [Forms] Move step related methods to InputType class from HTMLInputElement class
1317         https://bugs.webkit.org/show_bug.cgi?id=85978
1318
1319         Reviewed by Kent Tamura.
1320
1321         This patch is part of re-factoring of HTMLInputElement.cpp for numeric input type.
1322         In this patch, we move implementation of getAllowedValueStep and stepUp/stepUpFromRenderer
1323         to InputType class because of these are for DateTime/Number/Range.
1324
1325         Following patches will change implementation of getAllowedValueStep to use StepRange and
1326         remove step related methods, defaultStep, stepScaleFactor, and so on.
1327
1328         No new tests. This patch should not change behavior.
1329
1330         * html/HTMLInputElement.cpp:
1331         (WebCore):
1332         (WebCore::HTMLInputElement::getAllowedValueStep):
1333         (WebCore::HTMLInputElement::stepUp):
1334         (WebCore::HTMLInputElement::stepDown):
1335         (WebCore::HTMLInputElement::stepUpFromRenderer):
1336         * html/HTMLInputElement.h:
1337         (HTMLInputElement):
1338         * html/InputType.cpp:
1339         (WebCore::InputType::applyStep):
1340         (WebCore):
1341         (WebCore::InputType::alignValueForStep):
1342         (WebCore::InputType::getAllowedValueStep):
1343         (WebCore::InputType::getAllowedValueStepWithDecimalPlaces):
1344         (WebCore::InputType::stepUp):
1345         (WebCore::InputType::stepUpFromRenderer):
1346         * html/InputType.h:
1347         (InputType):
1348
1349 2012-05-09  Kent Tamura  <tkent@chromium.org>
1350
1351         Calendar Picker: Fix a crash by changing input type.
1352         https://bugs.webkit.org/show_bug.cgi?id=86007
1353
1354         Reviewed by Hajime Morita.
1355
1356         Manual test: forms/calendar-picker-crash-by-type-change.html
1357
1358         * html/shadow/CalendarPickerElement.cpp:
1359         (WebCore::CalendarPickerElement::~CalendarPickerElement):
1360         Added. Make sure the popup is closed.
1361         * html/shadow/CalendarPickerElement.h:
1362         (CalendarPickerElement): Add declaration of the destructor.
1363
1364 2012-05-09  Gyuyoung Kim  <gyuyoung.kim@samsung.com>
1365
1366         Move suspendAnimations to use Internals interface.
1367         https://bugs.webkit.org/show_bug.cgi?id=85986
1368
1369         Reviewed by Ryosuke Niwa.
1370
1371         Add suspendAnimations functions, because it is able to work in the
1372         cross-port way through the Internals interface.
1373
1374         No new tests, since we are improving here the infra-structure for testing
1375         a specific method.
1376
1377         * testing/Internals.cpp:
1378         (WebCore::Internals::suspendAnimations):
1379         (WebCore):
1380         * testing/Internals.h:
1381         (Internals):
1382         * testing/Internals.idl:
1383
1384 2012-05-09  Charlie Reis  <creis@chromium.org>
1385
1386         Add dispatchMessageEventWithOriginCheck to DOMWindow
1387         https://bugs.webkit.org/show_bug.cgi?id=85815
1388
1389         Reviewed by Adam Barth.
1390
1391         Useful for ports that support cross-process postMessage.
1392         No new tests, since covered by existing postMessage tests.
1393
1394         * page/DOMWindow.cpp:
1395         (WebCore::DOMWindow::postMessageTimerFired):
1396         (WebCore):
1397         (WebCore::DOMWindow::dispatchMessageEventWithOriginCheck):
1398         * page/DOMWindow.h:
1399         (WebCore):
1400         (DOMWindow):
1401
1402 2012-05-09  Jason Liu  <jason.liu@torchmobile.com.cn>
1403
1404         [BlackBerry] Cookie parsing issue. If the cookie value provided was (") then the browser creates a session cookie instead.
1405         https://bugs.webkit.org/show_bug.cgi?id=85775
1406
1407         Reviewed by Rob Buis.
1408
1409         Make CookieParser::parseOneCookie handle (cookiename="cookievalue;expires=xxxx) correctly.
1410         This cookie's value is "cookievalue not "cookievalue;expires=xxxx.
1411
1412         Test: http/tests/cookies/single-quoted-value.html
1413
1414         * platform/blackberry/CookieParser.cpp:
1415         (WebCore::CookieParser::parseOneCookie):
1416
1417 2012-05-09  Raymond Liu  <raymond.liu@intel.com>
1418
1419         Add multi-channels support for CopyWithGainFrom in AudioBus
1420         https://bugs.webkit.org/show_bug.cgi?id=80675
1421
1422         Reviewed by Chris Rogers.
1423
1424         * platform/audio/AudioBus.cpp:
1425         (WebCore):
1426         (WebCore::AudioBus::AudioBus):
1427         (WebCore::AudioBus::copyWithGainFrom):
1428         * platform/audio/AudioBus.h:
1429         (AudioBus):
1430
1431 2012-05-09  Jessie Berlin  <jberlin@apple.com>
1432
1433         Crash using the new WKBundleDOMWindowExtensions APIs.
1434         https://bugs.webkit.org/show_bug.cgi?id=85888
1435
1436         Reviewed by Brady Eidson.
1437
1438         WKBundlePageWillDestroyGlobalObjectForDOMWindowExtensionCallback was only being invoked when
1439         the WKPage was destroyed, and then only for the child frames. In addition, the
1440         DOMWindowExtension was holding onto a destroyed DOMWindow and attempting to unregister from
1441         when the WK2 wrapper object was attempting to destroy the DOMWindowExtension.
1442
1443         The underlying issue here was that the DOMWindowProperties were getting disconnectFrame
1444         and willDetachPage called on them at the wrong times.
1445
1446         Rename DOMWindowProperty::disconnectFrame and reconnectFrame to disconnectFrameForPageCache
1447         and reconnectFrameFromPageCache for clarity.
1448
1449         Only invoke DOMWindowProperty::disconnectFrameForPageCache when the frame is going into the
1450         page cache.
1451
1452         In the cases where the DOMWindow is getting destroyed, the frame is being destroyed, or the
1453         DOMWindow is getting cleared because the frame is being navigated, invoke
1454         DOMWindowProperty::willDestroyGlobalObjectInFrame instead of disconnectFrame.
1455
1456         Invoke DOMWindowProperty::willDetachGlobalObjectFromFrame when a document is being detached
1457         because the frame has been detached (e.g. fast/storage/storage-detached-iframe.html) and
1458         won't be immediately destroyed.
1459
1460         Invoke DOMWindowProperty::willDestroyGlobalObjectInCachedFrame when a cached frame is
1461         being destroyed.
1462
1463         New WK2 API Test: DOMWindowExtensionNoCache.
1464
1465         * Modules/indexeddb/DOMWindowIndexedDatabase.cpp:
1466         (WebCore::DOMWindowIndexedDatabase::disconnectFrameForPageCache):
1467         Updated for disconnectFrame rename.
1468         (WebCore::DOMWindowIndexedDatabase::reconnectFrameFromPageCache):
1469         Updated for reconnectFrame rename.
1470         (WebCore::DOMWindowIndexedDatabase::willDestroyGlobalObjectInCachedFrame):
1471         Get rid of the suspended IDBFactory.
1472         (WebCore::DOMWindowIndexedDatabase::willDestroyGlobalObjectInFrame):
1473         Get rid of the IDBFactory.
1474         (WebCore::DOMWindowIndexedDatabase::willDetachGlobalObjectFromFrame):
1475         Ditto.
1476         * Modules/indexeddb/DOMWindowIndexedDatabase.h:
1477
1478         * dom/Document.cpp:
1479         (WebCore::Document::prepareForDestruction):
1480         Tell the DOMWindow before detaching the Document.
1481         * dom/Document.h:
1482
1483         * history/CachedFrame.cpp:
1484         (WebCore::CachedFrame::destroy):
1485         Tell the DOMWindow.
1486
1487         * loader/FrameLoader.cpp:
1488         (WebCore::FrameLoader::clear):
1489         Use Document::prepareForDestruction so that the DOMWindow is told about the main frame
1490         navigation before detaching the Document.
1491
1492         * loader/appcache/DOMApplicationCache.cpp:
1493         (WebCore::DOMApplicationCache::disconnectFrameForPageCache):
1494         Updated for the disconnectFrame rename.
1495         (WebCore::DOMApplicationCache::reconnectFrameFromPageCache):
1496         Updated for the reconnectFrame rename.
1497         (WebCore::DOMApplicationCache::willDestroyGlobalObjectInFrame):
1498         Cover the cases formerly covered by disconnectFrame (which was sometimes being called when
1499         called when the frame was destroyed).
1500         * loader/appcache/DOMApplicationCache.h:
1501
1502         * notifications/DOMWindowNotifications.cpp:
1503         (WebCore::DOMWindowNotifications::disconnectFrameForPageCache):
1504         Updated for the disconnectFrame rename.
1505         (WebCore::DOMWindowNotifications::reconnectFrameFromPageCache):
1506         Updated for the reconnectFrame rename.
1507         (WebCore::DOMWindowNotifications::willDestroyGlobalObjectInCachedFrame):
1508         Get rid of the suspended notification center.
1509         (WebCore::DOMWindowNotifications::willDestroyGlobalObjectInFrame):
1510         Get rid of the notification center.
1511         (WebCore::DOMWindowNotifications::willDetachGlobalObjectFromFrame):
1512         Do not allow use of the notification center by detached frames.
1513         * notifications/DOMWindowNotifications.h:
1514
1515         * page/DOMWindow.cpp:
1516         (WebCore::DOMWindow::clearDOMWindowProperties):
1517         Do not call disconnectDOMWindowProperties. It is now the responsibility of the callers to
1518         tell the DOMWindowProperties the correct cause of being cleared.
1519         (WebCore::DOMWindow::~DOMWindow):
1520         Make sure the DOMWindowProperties still know that the DOMWindow is going away.
1521         (WebCore::DOMWindow::frameDestroyed):
1522         Invoke willDestroyGlobalObjectInFrame on the DOMWindowProperties.
1523         (WebCore::DOMWindow::willDetachPage):
1524         It is no longer necessary to tell the DOMWindowProperties anything here.
1525         (WebCore::DOMWindow::willDestroyCachedFrame):
1526         Tell the DOMWindowProperties.
1527         (WebCore::DOMWindow::willDestroyDocumentInFrame):
1528         Ditto.
1529         (WebCore::DOMWindow::willDetachDocumentFromFrame):
1530         Ditto.
1531         (WebCore::DOMWindow::clear):
1532         Ditto.
1533         (WebCore::DOMWindow::disconnectDOMWindowProperties):
1534         Updated for the disconnectFrame rename.
1535         (WebCore::DOMWindow::reconnectDOMWindowProperties):
1536         Ditto.
1537         * page/DOMWindow.h:
1538
1539         * page/DOMWindowExtension.cpp:
1540         (WebCore::DOMWindowExtension::DOMWindowExtension):
1541         Move the responsibility for tracking the disconnected DOMWindow to DOMWindowProperty, since
1542         DOMWindowProperty will need it to unregister the property when a cached frame is destroyed.
1543         (WebCore::DOMWindowExtension::disconnectFrameForPageCache):
1544         Remove the code to check for disconnectFrame being called twice - it is now only called when
1545         a frame goes into the page cache.
1546         Let the DOMWindowProperty keep track of the disconnected DOMWindow.
1547         (WebCore::DOMWindowExtension::reconnectFrameFromPageCache):
1548         Let the DOMWindowProperty keep track of the disconnected DOMWindow.
1549         (WebCore::DOMWindowExtension::willDestroyGlobalObjectInCachedFrame):
1550         Dispatch the willDestroyGlobalObjectForDOMWindowExtension callback.
1551         (WebCore::DOMWindowExtension::willDestroyGlobalObjectInFrame):
1552         Ditto, but only if the callback hasn't already been sent because the frame has been detached.
1553         (WebCore::DOMWindowExtension::willDetachGlobalObjectFromFrame):
1554         Send the callback because nothing interesting can be done in the frame once it has been
1555         detached.
1556         * page/DOMWindowExtension.h:
1557
1558         * page/DOMWindowProperty.cpp:
1559         (WebCore::DOMWindowProperty::DOMWindowProperty):
1560         Keep track of the disconnected DOMWindow so it can be used to unregister the property when a
1561         cached frame is destroyed.
1562         (WebCore::DOMWindowProperty::~DOMWindowProperty):
1563         Also unregister the property when a DOMWindowProperty for a cached frame is destroyed.
1564         (WebCore::DOMWindowProperty::disconnectFrameForPageCache):
1565         Keep track of the disconnected DOMWindow.
1566         (WebCore::DOMWindowProperty::reconnectFrameFromPageCache):
1567         Ditto.
1568         (WebCore::DOMWindowProperty::willDestroyGlobalObjectInCachedFrame):
1569         Unregister the property from the disconnected DOMWindow.
1570         (WebCore::DOMWindowProperty::willDestroyGlobalObjectInFrame):
1571         Unregister the property from the DOMWindow and stop keeping track of the frame.
1572         (WebCore::DOMWindowProperty::willDetachGlobalObjectFromFrame):
1573         Do not set m_frame to 0 because detached frames still have access to the DOMWindow, even if
1574         they can't do anything meaningful with it.
1575         * page/DOMWindowProperty.h:
1576
1577         * page/Frame.cpp:
1578         (WebCore::Frame::setView):
1579         Tell the DOMWindow that the Document is being detached so it can tell the
1580         DOMWindowProperties.
1581
1582         * page/PointerLock.cpp:
1583         (WebCore::PointerLock::disconnectFrameForPageCache):
1584         Updated for disconnectFrame rename.
1585         (WebCore::PointerLock::willDestroyGlobalObjectInFrame):
1586         Cover the cases formerly covered by disconnectFrame (which was sometimes being called when
1587         called when the frame was destroyed).
1588         * page/PointerLock.h:
1589
1590 2012-05-09  Ian Vollick  <vollick@chromium.org>
1591
1592         [chromium] Ensure animations get ticked at least once when added.
1593         https://bugs.webkit.org/show_bug.cgi?id=86013
1594
1595         Reviewed by James Robinson.
1596
1597         Tested in
1598           CCLayerTreeHostTestTickAnimationWhileBackgrounded.runSingleThreaded
1599           CCLayerTreeHostTestAddAnimationWithTimingFunction.runSingleThreaded
1600           CCLayerTreeHostTestSynchronizeAnimationStartTimes.runSingleThreaded
1601           CCLayerTreeHostTestAnimationFinishedEvents.runSingleThreaded
1602
1603         * platform/graphics/chromium/LayerChromium.cpp:
1604         (WebCore::LayerChromium::addAnimation):
1605         * platform/graphics/chromium/cc/CCLayerAnimationController.cpp:
1606         (WebCore::CCLayerAnimationController::pushNewAnimationsToImplThread):
1607         * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
1608         (WebCore::CCLayerTreeHost::finishCommitOnImplThread):
1609         (WebCore::CCLayerTreeHost::didAddAnimation):
1610         (WebCore):
1611         (WebCore::CCLayerTreeHost::didBecomeInvisibleOnImplThread):
1612         * platform/graphics/chromium/cc/CCLayerTreeHost.h:
1613         (CCLayerTreeHost):
1614         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
1615         (WebCore::CCLayerTreeHostImpl::CCLayerTreeHostImpl):
1616         * platform/graphics/chromium/cc/CCProxy.h:
1617         (CCProxy):
1618         * platform/graphics/chromium/cc/CCSingleThreadProxy.cpp:
1619         (CCSingleThreadProxyAnimationTimer):
1620         (WebCore::CCSingleThreadProxyAnimationTimer::create):
1621         (WebCore::CCSingleThreadProxyAnimationTimer::CCSingleThreadProxyAnimationTimer):
1622         (WebCore):
1623         (WebCore::CCSingleThreadProxy::CCSingleThreadProxy):
1624         (WebCore::CCSingleThreadProxy::didAddAnimation):
1625         (WebCore::CCSingleThreadProxy::doComposite):
1626         * platform/graphics/chromium/cc/CCSingleThreadProxy.h:
1627         (WebCore):
1628         * platform/graphics/chromium/cc/CCThreadProxy.h:
1629
1630 2012-05-09  Adam Barth  <abarth@webkit.org>
1631
1632         Implement HTML Media Capture
1633         https://bugs.webkit.org/show_bug.cgi?id=85958
1634
1635         Reviewed by Eric Seidel.
1636
1637         This patch begins the implementation of
1638         http://www.w3.org/TR/html-media-capture/ by adding the capture
1639         attribute to HTMLInputElement.
1640
1641         Test: fast/forms/file/file-input-capture.html
1642
1643         * html/FileInputType.cpp:
1644         (WebCore::FileInputType::handleDOMActivateEvent):
1645         * html/HTMLAttributeNames.in:
1646         * html/HTMLInputElement.cpp:
1647         (WebCore):
1648         (WebCore::HTMLInputElement::capture):
1649         (WebCore::HTMLInputElement::setCapture):
1650         * html/HTMLInputElement.h:
1651         (HTMLInputElement):
1652         * html/HTMLInputElement.idl:
1653         * platform/FileChooser.h:
1654         (FileChooserSettings):
1655
1656 2012-05-09  Charles Wei  <charles.wei@torchmobile.com.cn>
1657
1658         [BlackBerry]  Refactor data scheme support
1659         https://bugs.webkit.org/show_bug.cgi?id=85938
1660
1661         Reviewed by Rob Buis.
1662
1663         We will create a DataStream in our platform repository,
1664         so that can be wrapped up by NetworkJob for webkit rendering,
1665         and by DownloadStream for downloading.
1666
1667         Refactor, no new tests.
1668
1669         * platform/network/blackberry/NetworkJob.cpp:
1670         (WebCore::NetworkJob::NetworkJob):
1671         (WebCore::NetworkJob::initialize):
1672         (WebCore::NetworkJob::cancelJob):
1673         (WebCore::NetworkJob::sendResponseIfNeeded):
1674         * platform/network/blackberry/NetworkJob.h:
1675         (NetworkJob):
1676         * platform/network/blackberry/NetworkManager.cpp:
1677         (WebCore::NetworkManager::startJob):
1678
1679 2012-05-09  Dana Jansens  <danakj@chromium.org>
1680
1681         [chromium] Don't draw when canDraw() is false
1682         https://bugs.webkit.org/show_bug.cgi?id=85829
1683
1684         Reviewed by Adrienne Walker.
1685
1686         This is based on the work of Daniel Sievers in bug
1687         https://bugs.webkit.org/show_bug.cgi?id=82680. When canDraw() is false,
1688         we should not call drawLayers() or prepareToDraw() in both Single- and
1689         Multi-Threaded mode.
1690
1691         drawLayers() is crashing in single threaded mode, and this attempts to
1692         prevent it from being called with invalid state. While making it behave
1693         properly in single-threaded mode, it seems appropriate to unrevert the
1694         parts of 82680 that made threaded mode behave similarly appropriately.
1695
1696         A single-threaded test is not included since LTHTests is unable to run
1697         in single-threaded mode at this time (pending work from Ian Vollick). So
1698         we test in threaded mode only with a note to include a single thread
1699         version.
1700
1701         Tests: CCLayerTreeHostTestCanDrawBlocksDrawing.runMultiThread
1702
1703         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
1704         (WebCore::CCLayerTreeHostImpl::prepareToDraw):
1705         (WebCore::CCLayerTreeHostImpl::drawLayers):
1706         * platform/graphics/chromium/cc/CCSingleThreadProxy.cpp:
1707         (WebCore::CCSingleThreadProxy::doComposite):
1708         * platform/graphics/chromium/cc/CCThreadProxy.cpp:
1709         (WebCore::CCThreadProxy::scheduledActionDrawAndSwapInternal):
1710
1711 2012-05-09  Martin Robinson  <mrobinson@igalia.com>
1712
1713         [Cairo] GLContextGLX releases the context with an uninitialized display
1714         https://bugs.webkit.org/show_bug.cgi?id=86039
1715
1716         Reviewed by Philippe Normand.
1717
1718         No new tests. This does not change behavior on most machines, but has
1719         the potential to prevent a pretty nasty crash on others.
1720
1721         Use the shared display to release GLX contexts instead of the uninitialized
1722         m_display member.
1723
1724         * platform/graphics/glx/GLContextGLX.cpp:
1725         (WebCore::GLContextGLX::~GLContextGLX): Release the display with the shared
1726         display.
1727         * platform/graphics/glx/GLContextGLX.h:
1728         (GLContextGLX): Remove the m_display member.
1729
1730 2012-05-09  Tony Gentilcore  <tonyg@chromium.org>
1731
1732         Subresources loaded after a reload completes shouldn't be revalidated.
1733         https://bugs.webkit.org/show_bug.cgi?id=84614
1734
1735         Based on patch by Darin Fisher.
1736
1737         Reviewed by Darin Fisher.
1738
1739         Tests: http/tests/cache/loaded-from-cache-after-reload-within-iframe.html
1740                http/tests/cache/loaded-from-cache-after-reload.html
1741
1742         * loader/FrameLoader.cpp:
1743         (WebCore::FrameLoader::checkLoadCompleteForThisFrame): Reset m_loadType after the load completes.
1744
1745 2012-05-09  Erik Arvidsson  <arv@chromium.org>
1746
1747         [V8] Fix issue where V8BindingPerContextData could keep the context object alive
1748         https://bugs.webkit.org/show_bug.cgi?id=86036
1749
1750         Reviewed by Kentaro Hara.
1751
1752         This is a partial revert of http://trac.webkit.org/changeset/114320/. This keeps
1753         the layout tests that were introduced since it turns out that
1754         http://trac.webkit.org/changeset/114989 fixes the tests too.
1755
1756         Covered by: http/tests/security/isolatedWorld/context-destroy.html
1757
1758         * bindings/v8/V8IsolatedContext.cpp:
1759         (WebCore::V8IsolatedContext::destroy):
1760
1761 2012-05-09  Anders Carlsson  <andersca@apple.com>
1762
1763         Speed up some parts of TileCache drawing
1764         https://bugs.webkit.org/show_bug.cgi?id=86033
1765         <rdar://problem/10919373>
1766
1767         Reviewed by Sam Weinig.
1768
1769         * platform/graphics/ca/mac/TileCache.mm:
1770         (WebCore::TileCache::tileCoverageRect):
1771         If we can't have scrollbars, there's not much need to extend the tile coverage rect outside of the visible rect, since it's
1772         unlikely that we'll do any form of scrolling here.
1773
1774         (WebCore::TileCache::revalidateTiles):
1775         Don't update the tile layer frame if it's big enough to contain the tile size. Also, if there are no new tiles created,
1776         don't call platformCALayerDidCreateTiles since that will trigger an extra layer flush.
1777
1778 2012-05-09  Alexandre Elias  <aelias@google.com>
1779
1780         setPageScaleFactor should setScrollPosition if scale is unchanged
1781         https://bugs.webkit.org/show_bug.cgi?id=84400
1782
1783         Reviewed by Adam Barth.
1784
1785         Previously, setPageScaleFactor forgot about its "origin" argument if
1786         the page scale factor is unchanged.  This has proven undesirable in
1787         practice because, for example, a single pinch gesture may zoom in and
1788         back out to the original page scale factor, but at a different scroll
1789         offset.
1790
1791         New test case added to scale-and-scroll-body-expected.txt
1792
1793         * page/Page.cpp:
1794         (WebCore::Page::setPageScaleFactor):
1795
1796 2012-05-09  Hugo Parente Lima  <hugo.lima@openbossa.org>
1797
1798         Use suitable viewport values on XHTML-MP pages.
1799         https://bugs.webkit.org/show_bug.cgi?id=85425
1800
1801         Reviewed by Kenneth Rohde Christiansen.
1802
1803         Tests: fast/viewport/viewport-legacy-xhtmlmp-misplaced-doctype.html
1804                fast/viewport/viewport-legacy-xhtmlmp-ordering.html
1805                fast/viewport/viewport-legacy-xhtmlmp.html
1806
1807         Use device-width and device-height as viewport size on
1808         XHTML-MP pages if the use feature LEGACY_VIEWPORT_ADAPTION
1809         is set according as the non normative section of
1810         http://www.w3.org/TR/css-device-adapt/
1811
1812         * dom/Document.cpp:
1813         (WebCore::Document::setDocType):
1814
1815 2012-05-09  Beth Dakin  <bdakin@apple.com>
1816
1817         https://bugs.webkit.org/show_bug.cgi?id=86025
1818         RTL and vertical text documents do no scroll properly with the new 
1819         tiled scrolling model
1820         -and corresponding-
1821         <rdar://problem/11077589>
1822
1823         Reviewed by Dan Bernstein.
1824         
1825         Most of the fix here is just to teach the scrolling tree about the 
1826         scroll origin.
1827         * page/scrolling/ScrollingCoordinator.cpp:
1828         (WebCore::ScrollingCoordinator::frameViewLayoutUpdated):
1829         (WebCore::ScrollingCoordinator::setScrollParameters):
1830         * page/scrolling/ScrollingCoordinator.h:
1831         (ScrollParameters):
1832         * page/scrolling/ScrollingTreeNode.cpp:
1833         (WebCore::ScrollingTreeNode::update):
1834         * page/scrolling/ScrollingTreeNode.h:
1835         (WebCore::ScrollingTreeNode::scrollOrigin):
1836         (ScrollingTreeNode):
1837         * page/scrolling/ScrollingTreeState.cpp:
1838         (WebCore::ScrollingTreeState::setScrollOrigin):
1839         (WebCore):
1840         * page/scrolling/ScrollingTreeState.h:
1841         (WebCore::ScrollingTreeState::scrollOrigin):
1842         (ScrollingTreeState):
1843         * page/scrolling/mac/ScrollingTreeNodeMac.mm:
1844         (WebCore::ScrollingTreeNodeMac::scrollPosition):
1845         (WebCore::ScrollingTreeNodeMac::setScrollLayerPosition):
1846         (WebCore::ScrollingTreeNodeMac::minimumScrollPosition):
1847         (WebCore::ScrollingTreeNodeMac::maximumScrollPosition):
1848         * rendering/RenderLayerCompositor.cpp:
1849         (WebCore::RenderLayerCompositor::frameViewDidScroll):
1850
1851         Teaching the scrolling tree about the scroll origin revealed this pre-
1852         existing bug. layoutOverflowRect() is not the right rect to use since 
1853         it is not writing-mode savvy. unscaledDocumentRect() is the right rect 
1854         for the view's bounds.
1855         * rendering/RenderLayerBacking.cpp:
1856         (WebCore::RenderLayerBacking::updateCompositedBounds):
1857
1858 2012-05-09  Rob Buis  <rwlbuis@webkit.org>
1859
1860         Cleanup SVGElement.cpp
1861         https://bugs.webkit.org/show_bug.cgi?id=86004
1862
1863         Reviewed by Eric Seidel.
1864
1865         Remove unneeded includes. We do not need to check attr in SVGElement::attributeChanged,
1866         lower layers assume it is non-null and we do not call attributeChanged in SVG.
1867
1868         * svg/SVGElement.cpp:
1869         (WebCore::SVGElement::attributeChanged):
1870         (WebCore::SVGElement::isAnimatableAttribute):
1871
1872 2012-05-09  Jochen Eisinger  <jochen@chromium.org>
1873
1874         When creating a new page during a navigation, prime the initial document with the correct referrer policy
1875         https://bugs.webkit.org/show_bug.cgi?id=86001
1876
1877         Reviewed by Adam Barth.
1878
1879         Test: http/tests/security/referrer-policy-redirect-link.html
1880
1881         * dom/Document.h:
1882         (WebCore::Document::setReferrerPolicy):
1883         * loader/FrameLoader.cpp:
1884         (WebCore::FrameLoader::continueLoadAfterNewWindowPolicy):
1885
1886 2012-05-09  Alec Flett  <alecflett@chromium.org>
1887
1888         IndexedDB: call abort handler when there are problems committing
1889         https://bugs.webkit.org/show_bug.cgi?id=85841
1890
1891         Reviewed by Ojan Vafai.
1892
1893         No new tests. Every existing test that calls commit() is testing
1894         the success side of this, and this only throws when there are
1895         LevelDB errors, which is exactly what we're trying to diagnose
1896         with this patch.
1897
1898         * Modules/indexeddb/IDBBackingStore.h:
1899         (Transaction):
1900         * Modules/indexeddb/IDBLevelDBBackingStore.cpp:
1901         (WebCore::IDBLevelDBBackingStore::deleteDatabase):
1902         (WebCore::IDBLevelDBBackingStore::Transaction::commit):
1903         * Modules/indexeddb/IDBLevelDBBackingStore.h:
1904         (Transaction):
1905         * Modules/indexeddb/IDBTransactionBackendImpl.cpp:
1906         (WebCore::IDBTransactionBackendImpl::commit):
1907
1908 2012-05-09  Mark Pilgrim  <pilgrim@chromium.org>
1909
1910         [Chromium] Remove PlatformSupport::loadPlatformImageResource, call loadResource directly
1911         https://bugs.webkit.org/show_bug.cgi?id=84417
1912
1913         Reviewed by Adam Barth.
1914
1915         Part of a refactoring series. See tracking bug 82948.
1916
1917         * WebCore.gyp/WebCore.gyp:
1918         * WebCore.gypi:
1919         * platform/chromium/PlatformSupport.h:
1920         (PlatformSupport):
1921         * platform/graphics/chromium/ImageChromium.cpp:
1922         (WebCore::Image::loadPlatformResource):
1923         * platform/graphics/chromium/ImageChromiumMac.mm: Removed.
1924
1925 2012-05-09  Rob Buis  <rbuis@rim.com>
1926
1927         Remove some isSVGFoo methods
1928         https://bugs.webkit.org/show_bug.cgi?id=86009
1929
1930         Reviewed by Eric Seidel.
1931
1932         These are not used at the moment and were probably just copy and pasted from
1933         isSVGFoo methods in RenderObject.h.
1934
1935         * rendering/RenderObject.h:
1936         * rendering/svg/RenderSVGEllipse.h:
1937         (RenderSVGEllipse):
1938         * rendering/svg/RenderSVGRect.h:
1939         (RenderSVGRect):
1940         * rendering/svg/RenderSVGShape.h:
1941
1942 2012-05-09  Ian Vollick  <vollick@chromium.org>
1943
1944         [chromium] Add impl-thread support for fill-mode and direction css animation properties
1945         https://bugs.webkit.org/show_bug.cgi?id=77662
1946
1947         Reviewed by James Robinson.
1948
1949         Adds support for accelerating css animations with -webkit-animation-fill-mode,
1950         and -webkit-animation-direction properties.
1951
1952         Tested in:
1953           CCActiveAnimationTest.TrimTimeAlternating
1954           CCLayerAnimationControllerTest.createReversedAnimation
1955           CCLayerAnimationControllerTest.createAlternatingAnimation
1956           CCLayerAnimationControllerTest.createReversedAlternatingAnimation
1957
1958         * platform/graphics/chromium/cc/CCActiveAnimation.cpp:
1959         (WebCore::CCActiveAnimation::CCActiveAnimation):
1960         (WebCore::CCActiveAnimation::trimTimeToCurrentIteration):
1961         (WebCore::CCActiveAnimation::cloneForImplThread):
1962         * platform/graphics/chromium/cc/CCActiveAnimation.h:
1963         (CCActiveAnimation):
1964         (WebCore::CCActiveAnimation::alternatesDirection):
1965         (WebCore::CCActiveAnimation::setAlternatesDirection):
1966         * platform/graphics/chromium/cc/CCLayerAnimationController.cpp:
1967
1968 2012-05-09  Ken Buchanan  <kenrb@chromium.org>
1969
1970         Crash from removal of a line break object
1971         https://bugs.webkit.org/show_bug.cgi?id=85997
1972
1973         Reviewed by David Hyatt.
1974
1975         Regression from r115343. That replaced a call to setNeedsLayout()
1976         with a separate call that used a different bit during linebox
1977         invalidation after renderer child removal. There are special cases
1978         where layout isn't marked on parent nodes just from the removal, so
1979         line dirtying needs to explicitly mark ancestors for layout.
1980
1981         * rendering/RenderObject.h:
1982         (WebCore::RenderObject::setAncestorLineBoxDirty):
1983
1984 2012-05-09  Levi Weintraub  <leviw@chromium.org>
1985
1986         Fix performance regression for floats caused by LayoutUnit change
1987         https://bugs.webkit.org/show_bug.cgi?id=85834
1988
1989         Reviewed by Ojan Vafai.
1990
1991         Refactoring FractionalLayout types to alleviate performance issues. Explicitly
1992         inlining constructor and operator functions in FractionalLayoutUnit, as well as
1993         pixelSnappedIntSize and pixelSnappedIntRect (particularly hot code paths). Also
1994         further simplifying round and ceil functions when sub-pixel layout is not enabled.
1995
1996         pixelSnappedIntSize was the only function defined in FractionalLayoutSize.cpp,
1997         so it is removed.
1998
1999         No new tests. No change in functionality.
2000
2001         * CMakeLists.txt:
2002         * GNUmakefile.list.am:
2003         * Target.pri:
2004         * WebCore.gypi:
2005         * WebCore.vcproj/WebCore.vcproj:
2006         * WebCore.xcodeproj/project.pbxproj:
2007         * platform/FractionalLayoutUnit.h:
2008         (WebCore::FractionalLayoutUnit::FractionalLayoutUnit):
2009         (FractionalLayoutUnit):
2010         (WebCore::FractionalLayoutUnit::toInt):
2011         (WebCore::FractionalLayoutUnit::toFloat):
2012         (WebCore::FractionalLayoutUnit::toDouble):
2013         (WebCore::FractionalLayoutUnit::toUnsigned):
2014         (WebCore::FractionalLayoutUnit::operator int):
2015         (WebCore::FractionalLayoutUnit::operator unsigned):
2016         (WebCore::FractionalLayoutUnit::operator float):
2017         (WebCore::FractionalLayoutUnit::operator double):
2018         (WebCore::FractionalLayoutUnit::operator bool):
2019         (WebCore::FractionalLayoutUnit::ceil):
2020         (WebCore::FractionalLayoutUnit::round):
2021         * platform/graphics/FractionalLayoutRect.cpp:
2022         (WebCore):
2023         * platform/graphics/FractionalLayoutRect.h:
2024         (WebCore::FractionalLayoutRect::pixelSnappedSize):
2025         (WebCore::pixelSnappedIntRect):
2026         (WebCore):
2027         * platform/graphics/FractionalLayoutSize.cpp: Removed.
2028         * platform/graphics/FractionalLayoutSize.h:
2029         (WebCore):
2030         * rendering/LayoutTypes.h:
2031         (WebCore::pixelSnappedIntSize):
2032         (WebCore):
2033
2034 2012-05-09  Abhishek Arya  <inferno@chromium.org>
2035
2036         Crash in ReplaceSelectionCommand::performTrivialReplace
2037         https://bugs.webkit.org/show_bug.cgi?id=85943
2038
2039         Reviewed by Ryosuke Niwa.
2040
2041         RefPtr nodeAfterInsertionPos to guard against mutation events.
2042
2043         Test: editing/inserting/insert-html-crash.html
2044
2045         * editing/ReplaceSelectionCommand.cpp:
2046         (WebCore::ReplaceSelectionCommand::performTrivialReplace):
2047
2048 2012-05-03  Shawn Singh  <shawnsingh@chromium.org>
2049
2050         Hit testing is incorrect in some cases with perspective transforms
2051         https://bugs.webkit.org/show_bug.cgi?id=79136
2052
2053         Reviewed by Simon Fraser.
2054
2055         Tests: transforms/3d/hit-testing/coplanar-with-camera.html
2056                transforms/3d/hit-testing/perspective-clipped.html
2057
2058         * platform/graphics/transforms/TransformationMatrix.cpp:
2059         (WebCore::TransformationMatrix::projectPoint): Fix a
2060         divide-by-zero error so that values do not become Inf or Nan. Also
2061         fix an overflow error by using a large, but not-too-large constant
2062         to represent infinity.
2063
2064         (WebCore::TransformationMatrix::projectQuad): Fix an error where
2065         incorrect quads were being returned. Incorrect quads can occur
2066         when projectPoint clamped==true after returning.
2067
2068 2012-05-09  Caio Marcelo de Oliveira Filho  <caio.oliveira@openbossa.org>
2069
2070         Simplify CSSParser::parseSimpleLengthValue()
2071         https://bugs.webkit.org/show_bug.cgi?id=85910
2072
2073         Reviewed by Alexis Menard.
2074
2075         Various small improvements to this function, mainly:
2076         - Move the check if the property ID accepts a simple length as early as possible;
2077         - Remove the check for the characters{8,16} pointers since they'll be valid (we ASSERT that);
2078         - Use a template to avoid duplicate code for 8 and 16 bit characters.
2079
2080         * css/CSSParser.cpp:
2081         (WebCore):
2082         (WebCore::parseSimpleLength):
2083         (WebCore::parseSimpleLengthValue):
2084
2085 2012-05-09  Ami Fischman  <fischman@chromium.org>
2086
2087         [chromium] Support multiple buffered time ranges
2088         https://bugs.webkit.org/show_bug.cgi?id=85926
2089
2090         Reviewed by Eric Carlson.
2091
2092         Preserve existing rendering of a single rect even in the presence of multiple buffered regions.
2093
2094         No new tests as this change has no functional effects.
2095
2096         * rendering/RenderMediaControlsChromium.cpp:
2097         (WebCore::paintMediaSlider):
2098
2099 2012-05-09  Dana Jansens  <danakj@chromium.org>
2100
2101         Early-out and avoid any copying when possible for Region operations
2102         https://bugs.webkit.org/show_bug.cgi?id=85260
2103
2104         Reviewed by Anders Carlsson.
2105
2106         For an empty region, any intersection or subtraction will not modify
2107         the region, so we can simply return instead of creating a new Shape
2108         and replacing the current empty Shape.
2109
2110         When a region is united with a region it contains, the orignal
2111         containing region is the result. So, if A.unite(B) and A.contains(B)
2112         then A does not need to change at all and we can return without making
2113         a copy of A's shape. When A is a rect, we can do this test even more
2114         simply.
2115
2116         We also remove redundant checks from trySimpleOperation() methods, where
2117         the test is already done in the Region calling site.
2118
2119         This change improves the performance of the Region overlap testing for
2120         composited layers, and allows us to avoid unnecessary copies of the
2121         Region during unite. With a layout test (attached to bug #81087), that
2122         creates a Region from the union of 225 composited layers, as well as
2123         600 overlapping layers above them, this change decreases the running
2124         time of the test by 3.2% by avoiding a copy of the entire Region for
2125         each insertion that does not change the resulting Region.
2126
2127         Unit tests: RegionTest.unite
2128
2129         * platform/graphics/Region.cpp:
2130         (WebCore::Region::Shape::UnionOperation::trySimpleOperation):
2131         (WebCore::Region::Shape::IntersectOperation::trySimpleOperation):
2132         (WebCore::Region::Shape::SubtractOperation::trySimpleOperation):
2133         (WebCore::Region::intersect):
2134         (WebCore::Region::unite):
2135         (WebCore::Region::subtract):
2136         * platform/graphics/Region.h:
2137         (WebCore::Region::isRect):
2138         (WebCore::Region::Shape::isRect):
2139
2140 2012-05-09  Tommy Widenflycht  <tommyw@google.com>
2141
2142         MediaStream API: SessionDescription::addCandidate should not crash for malformed input
2143         https://bugs.webkit.org/show_bug.cgi?id=85988
2144
2145         Reviewed by Adam Barth.
2146
2147         Sending null would crash the browser. Added safeguards in both the bindings and the native code.
2148
2149         Test: fast/mediastream/SessionDescription.html
2150
2151         * Modules/mediastream/SessionDescription.cpp:
2152         (WebCore::SessionDescription::addCandidate):
2153         * Modules/mediastream/SessionDescription.h:
2154         (SessionDescription):
2155         * Modules/mediastream/SessionDescription.idl:
2156
2157 2012-05-09  Tommy Widenflycht  <tommyw@google.com>
2158
2159         MediaStream API: Adding the possibility of port specific information in MediaStreamDescriptor
2160         https://bugs.webkit.org/show_bug.cgi?id=85794
2161
2162         Reviewed by Adam Barth.
2163
2164         To facilitate for ports I have added an ExtraData field that can be used for whatever purpose is needed.
2165
2166         No behavioral changes.
2167
2168         * platform/chromium/support/WebMediaStreamDescriptor.cpp:
2169         (ExtraDataContainer):
2170         (WebKit::ExtraDataContainer::ExtraDataContainer):
2171         (WebKit::ExtraDataContainer::extraData):
2172         (WebKit):
2173         (WebKit::WebMediaStreamDescriptor::extraData):
2174         (WebKit::WebMediaStreamDescriptor::setExtraData):
2175         * platform/mediastream/MediaStreamDescriptor.h:
2176         (ExtraData):
2177         (WebCore::MediaStreamDescriptor::ExtraData::~ExtraData):
2178         (MediaStreamDescriptor):
2179         (WebCore::MediaStreamDescriptor::extraData):
2180         (WebCore::MediaStreamDescriptor::setExtraData):
2181
2182 2012-05-09  Takashi Sakamoto  <tasak@google.com>
2183
2184         Crash in WebCore::RenderBoxModelObject::paddingLeft
2185         https://bugs.webkit.org/show_bug.cgi?id=83889
2186
2187         Reviewed by Abhishek Arya.
2188
2189         RenderScrollbar creates RenderScrollbarPart without any parent
2190         renderers. However, if the scrollbar has percent padding styles,
2191         non-null parent renderer is required. So after creating/destroying
2192         RenderScrollbarPart instances, set owningRenderer(creating)/0
2193         (destroying) as its parent renderer.
2194
2195         Test: scrollbars/scrollbar-percent-padding-crash.html
2196               scrollbars/scrollbar-percent-padding-crash-expected.txt
2197
2198         * rendering/RenderScrollbar.cpp:
2199         (WebCore::RenderScrollbar::updateScrollbarPart):
2200         Added setParent after creating/destroying RenderScrollbarPart.
2201         * rendering/RenderScrollbarPart.cpp:
2202         Made RenderScollbar friend, because setParent is protected and
2203         RenderScrollbar is not inherited from class RenderObject.
2204
2205 2012-05-09  Takashi Sakamoto  <tasak@google.com>
2206
2207         ShadowRoot needs applyAuthorStyles
2208         https://bugs.webkit.org/show_bug.cgi?id=78472
2209
2210         Reviewed by Hajime Morita.
2211
2212         Implemented applyAuthorStyles attribute defined in the following spec:
2213         http://dvcs.w3.org/hg/webcomponents/raw-file/tip/spec/shadow/index.html#shadow-root-attributes
2214         Since applyAuthorSheets attribute has been already implemented,
2215         renamed all applyAuthorSheets to applyAuthorStyles and
2216         added applyAuthorStyles to ShadowRoot.idl.
2217         Currently, changing dynamically applyAuthorStyles doesn't work. I will fix this isse in bugs:84215: https://bugs.webkit.org/show_bug.cgi?id=84251
2218
2219         Test: fast/dom/shadow/shadow-root-applyAuthorStyles.html
2220               fast/dom/shadow/shadow-root-applyAuthorStyles-expected.html
2221
2222         * css/StyleResolver.cpp:
2223         (WebCore::StyleResolver::collectMatchingRulesForList):
2224         * dom/ShadowRoot.cpp:
2225         (WebCore::ShadowRoot::ShadowRoot):
2226         (WebCore::ShadowRoot::applyAuthorStyles):
2227         (WebCore::ShadowRoot::setApplyAuthorStyles):
2228         * dom/ShadowRoot.h:
2229         * dom/TreeScope.cpp:
2230         (WebCore::TreeScope::applyAuthorStyles):
2231         * dom/TreeScope.h:
2232         (TreeScope):
2233         Changed all applyAuthorSheets to applyAuthorSytles.
2234         (ShadowRoot):
2235         * dom/ShadowRoot.idl:
2236         Added a new attribute, boolean applyAuthorStyles.
2237
2238 2012-05-09  Yoshifumi Inoue  <yosin@chromium.org>
2239
2240         [Chromium][Forms] HTMLOptionsCollection doesn't have indexed properties on property enumeration
2241         https://bugs.webkit.org/show_bug.cgi?id=85937
2242
2243         Reviewed by Kentaro Hara.
2244
2245         This patch adds numeric indices to properties in enumeration to HTMLOptionsCollection V8 binding
2246         to changes Objects.keys in ECMAScript5 and for-in statement behavior for compatibility with
2247         Firefox 12, IE9, Opera 11, and Safari 5.
2248
2249         Test: fast/forms/select/options-indexed-properties.html
2250
2251         * bindings/scripts/CodeGeneratorV8.pm:
2252         (GenerateImplementationIndexer): Set $hasEnumerator true for interface HTMLOptionsCollection
2253
2254 2012-05-09  Shinya Kawanaka  <shinyak@chromium.org>
2255
2256         Position should be able to have ShadowRoot as a container.
2257         https://bugs.webkit.org/show_bug.cgi?id=82021
2258
2259         Reviewed by Ryosuke Niwa.
2260
2261         Since Position could not take a shadow root as a container node, pointing the direct children
2262         of a shadow root was difficult.
2263
2264         This patch makes it enabled, and fixes a lot of crashes caused by that limitation.
2265         Also, we confirm that ShadowRoot is not exposed to JavaScript layer.
2266
2267         Currently this change is only enabled if shadow dom flag is enabled, since we cannot
2268         prove this change does not destroy the existing behavior. However, this change is really required
2269         to fix other editing bugs in Shadow DOM. A bunch of patches and tests will be added to
2270         fix other editing bugs and they will check this patch does not break editing.
2271         We will also add a fuzzer to check the stability of editing in Shadow DOM later, and it will
2272         also help to confirm the patch will not break the editing.
2273
2274         Tests: editing/shadow/doubleclick-on-meter-in-shadow-crash.html
2275                editing/shadow/rightclick-on-meter-in-shadow-crash.html
2276                editing/shadow/shadow-selection-not-exported.html
2277
2278         * dom/Position.cpp:
2279         (WebCore::Position::Position):
2280         (WebCore::Position::containerNode):
2281         (WebCore::Position::parentAnchoredEquivalent):
2282         (WebCore::Position::previous):
2283         (WebCore::Position::next):
2284         (WebCore::Position::atStartOfTree):
2285         (WebCore::Position::atEndOfTree):
2286         (WebCore::Position::findParent):
2287         * dom/Position.h:
2288         (WebCore):
2289         (WebCore::positionInParentBeforeNode):
2290         (WebCore::positionInParentAfterNode):
2291
2292 2012-05-09  Zoltan Horvath  <zoltan@webkit.org>
2293
2294         [Qt] Build fix when using libpng version != 1.2
2295         https://bugs.webkit.org/show_bug.cgi?id=85614
2296
2297         Reviewed by Eric Seidel.
2298
2299         Don't enforce the version of libpng when passing the option to the linker.
2300
2301         No new tests, no intended functionality change.
2302
2303         * WebCore.pri:
2304
2305 2012-05-09  Oli Lan  <olilan@chromium.org>
2306
2307         Add identifying methods for date/time input types.
2308
2309         This patch adds methods isDateField(), isDateTimeField(), isDateTimeLocalField(),
2310         isMonthField(), isTimeField() and isWeekField() to InputType and the appropriate
2311         HTMLInputElement classes, to allow date/time input types to be identified.
2312
2313         The new methods match the existing methods for types such as email, search and number.
2314
2315         https://bugs.webkit.org/show_bug.cgi?id=78746
2316
2317         Reviewed by Kent Tamura.
2318
2319         A new test WebViewTest.TextInputType has been added in WebKit/chromium/tests that calls
2320         through to these methods via WebViewImpl.textInputType().
2321
2322         * html/DateInputType.cpp:
2323         (WebCore::DateInputType::isDateField):
2324         (WebCore):
2325         * html/DateInputType.h:
2326         (DateInputType):
2327         * html/DateTimeInputType.cpp:
2328         (WebCore::DateTimeInputType::isDateTimeField):
2329         (WebCore):
2330         * html/DateTimeInputType.h:
2331         (DateTimeInputType):
2332         * html/DateTimeLocalInputType.cpp:
2333         (WebCore::DateTimeLocalInputType::isDateTimeLocalField):
2334         (WebCore):
2335         * html/DateTimeLocalInputType.h:
2336         (DateTimeLocalInputType):
2337         * html/HTMLInputElement.cpp:
2338         (WebCore::HTMLInputElement::isDateField):
2339         (WebCore):
2340         (WebCore::HTMLInputElement::isDateTimeField):
2341         (WebCore::HTMLInputElement::isDateTimeLocalField):
2342         (WebCore::HTMLInputElement::isMonthField):
2343         (WebCore::HTMLInputElement::isTimeField):
2344         (WebCore::HTMLInputElement::isWeekField):
2345         * html/HTMLInputElement.h:
2346         (HTMLInputElement):
2347         * html/InputType.cpp:
2348         (WebCore::InputType::isDateField):
2349         (WebCore):
2350         (WebCore::InputType::isDateTimeField):
2351         (WebCore::InputType::isDateTimeLocalField):
2352         (WebCore::InputType::isMonthField):
2353         (WebCore::InputType::isTimeField):
2354         (WebCore::InputType::isWeekField):
2355         * html/InputType.h:
2356         (InputType):
2357         * html/MonthInputType.cpp:
2358         (WebCore::MonthInputType::isMonthField):
2359         (WebCore):
2360         * html/MonthInputType.h:
2361         (MonthInputType):
2362         * html/TimeInputType.cpp:
2363         (WebCore::TimeInputType::isTimeField):
2364         (WebCore):
2365         * html/TimeInputType.h:
2366         (TimeInputType):
2367         * html/WeekInputType.cpp:
2368         (WebCore::WeekInputType::isWeekField):
2369         (WebCore):
2370         * html/WeekInputType.h:
2371         (WeekInputType):
2372
2373 2012-05-09  Nikolas Zimmermann  <nzimmermann@rim.com>
2374
2375         REGRESSION(r105057): Infinite loop inside SVGTextLayoutEngine::currentLogicalCharacterMetrics
2376         https://bugs.webkit.org/show_bug.cgi?id=83405
2377
2378         Reviewed by Darin Adler.
2379
2380         Dynamically adding tspans carrying position information in the x/y/dx/dy/rotate lists is broken.
2381         To avoid mistakes like this in future, simplify the calling code in RenderSVGInlineText and centralize
2382         the managment of all caches (text positioning element cache / metrics map / layout attributes) in
2383         RenderSVGText. This avoids the hack in SVGRootInlineBox::computePerCharacterLayoutInformation() which
2384         called textRoot->rebuildLayoutAttributes(), which was used to fix previous security issues with this code.
2385         Instead correctly handle destruction of RenderSVGInlineText in RenderSVGText, keeping the m_layoutAttributes
2386         synchronized with the current state of the render tree. Fixes highcharts problems.
2387
2388         Tests: svg/text/add-tspan-position-bug.html
2389                svg/text/modify-tspan-position-bug.html
2390
2391         * rendering/svg/RenderSVGInline.cpp:
2392         (WebCore::RenderSVGInline::addChild):
2393         * rendering/svg/RenderSVGInlineText.cpp:
2394         (WebCore::RenderSVGInlineText::willBeDestroyed):
2395         (WebCore::RenderSVGInlineText::setTextInternal):
2396         (WebCore::RenderSVGInlineText::styleDidChange):
2397         * rendering/svg/RenderSVGText.cpp:
2398         (WebCore::recursiveUpdateMetrics):
2399         (WebCore::RenderSVGText::subtreeChildAdded):
2400         (WebCore::RenderSVGText::subtreeChildWillBeDestroyed):
2401         (WebCore::recursiveCollectLayoutAttributes):
2402         (WebCore::checkLayoutAttributesConsistency):
2403         (WebCore::RenderSVGText::subtreeChildWasDestroyed):
2404         (WebCore::RenderSVGText::subtreeStyleChanged):
2405         (WebCore::RenderSVGText::subtreeTextChanged):
2406         (WebCore::RenderSVGText::layout):
2407         (WebCore::RenderSVGText::addChild):
2408         (WebCore::RenderSVGText::rebuildAllLayoutAttributes):
2409         (WebCore::RenderSVGText::rebuildLayoutAttributes):
2410         * rendering/svg/RenderSVGText.h:
2411         (WebCore::RenderSVGText::layoutAttributes):
2412         * rendering/svg/SVGRootInlineBox.cpp:
2413         (WebCore::SVGRootInlineBox::computePerCharacterLayoutInformation):
2414         * rendering/svg/SVGTextLayoutAttributesBuilder.cpp:
2415         (WebCore::SVGTextLayoutAttributesBuilder::buildLayoutAttributes):
2416
2417 2012-05-08  Dongwoo Im  <dw.im@samsung.com>
2418
2419         NavigatorRegisterProtocolHandler can call ChromeClient directly.
2420         https://bugs.webkit.org/show_bug.cgi?id=85944
2421
2422         Reviewed by Adam Barth.
2423
2424         Covered by fast/dom/register-protocol-handler.html
2425
2426         * page/Chrome.cpp: Remove registerProtocolHandler function.
2427         * page/Chrome.h: Remove registerProtocolHandler prototype.
2428         (Chrome):
2429         * page/NavigatorRegisterProtocolHandler.cpp: Call ChromeClient::registerProtocolHandler directly.
2430         (WebCore::NavigatorRegisterProtocolHandler::registerProtocolHandler):
2431
2432 2012-05-08  Mario Sanchez Prada  <msanchez@igalia.com>
2433
2434         Coding style issues present in RenderFrameSet.cpp
2435         https://bugs.webkit.org/show_bug.cgi?id=85955
2436
2437         Reviewed by Eric Seidel.
2438
2439         Just fixed those coding style issues.
2440
2441         * rendering/RenderFrameSet.cpp:
2442         (WebCore::RenderFrameSet::GridAxis::resize):
2443         (WebCore::RenderFrameSet::layOutAxis):
2444         (WebCore::RenderFrameSet::continueResizing):
2445
2446 2012-05-08  Jon Lee  <jonlee@apple.com>
2447
2448         Unreviewed build fix.
2449
2450         * platform/mac/WebCoreSystemInterface.h:
2451
2452 2012-05-08  Jason Liu  <jason.liu@torchmobile.com.cn>
2453
2454         [BlackBerry] Auth credentials set in private mode are reused in public mode.
2455         https://bugs.webkit.org/show_bug.cgi?id=84697
2456
2457         Reviewed by Rob Buis.
2458
2459         Add setPrivateMode function for CredentialStorage.
2460
2461         Now, we only save credentials in memory and CredentialBackingStore isn't enabled.
2462         When we set private mode from on to off, we clear all these temporary credentials.
2463
2464         We have to change Private Browsing to test, so have to write a manual test case.
2465         Test: ManualTests/blackberry/http-auth-private-mode-changed.html
2466
2467         * network/CredentialStorage.cpp:
2468         (WebCore::CredentialStorage::setPrivateMode):
2469         (WebCore):
2470         * platform/network/CredentialStorage.h:
2471         (CredentialStorage):
2472
2473 2012-05-08  Rakesh KN  <rakesh.kn@motorola.com>
2474
2475         RadioNodeList support in HTMLFormElement::elements
2476         https://bugs.webkit.org/show_bug.cgi?id=81854
2477
2478         Reviewed by Ryosuke Niwa.
2479
2480         Implement RadioNodeList support spec'ed at
2481         http://www.whatwg.org/specs/web-apps/current-work/multipage/common-dom-interfaces.html#radionodelist
2482
2483         Test: fast/forms/form-collection-radio-node-list.html
2484
2485         * CMakeLists.txt:
2486         Added entries for new files.
2487         * DerivedSources.cpp: Ditto.
2488         * DerivedSources.make: Ditto.
2489         * DerivedSources.pri: Ditto.
2490         * GNUmakefile.list.am: Ditto.
2491         * Target.pri: Ditto.
2492         * WebCore.gypi: Ditto.
2493         * WebCore.vcproj/WebCore.vcproj: Ditto.
2494         * WebCore.xcodeproj/project.pbxproj: Ditto.
2495         * bindings/js/JSHTMLCollectionCustom.cpp:
2496         (WebCore::getNamedItems):
2497         Modified to create RadioNodeList object when FormControlCollection has more than
2498         one element of same name/id.
2499         * bindings/scripts/CodeGeneratorJS.pm:
2500         (GenerateImplementation):
2501         Added code to include Node.h and JSNode.h in JSRadioNodeElement.cpp.
2502         * bindings/v8/custom/V8HTMLCollectionCustom.cpp:
2503         (WebCore::getNamedItems):
2504         Modified to create RadioNodeList object when FormControlCollection has more than
2505         one element of same name/id.
2506         * dom/Node.cpp:
2507         (WebCore::Node::invalidateNodeListsCacheAfterAttributeChanged):
2508         Invalidate lists even for change in id, type, checked attributes.
2509         (WebCore::NodeListsNodeData::invalidateCachesThatDependOnAttributes):
2510         Invalidate radioNodeList cache.
2511         (WebCore::NodeListsNodeData::isEmpty):
2512         Changes for radioNodeList.
2513         (WebCore::Node::radioNodeList):
2514         Creates if needed a RadioNodeList and adds it to the cache.
2515         (WebCore::Node::removeCachedRadioNodeList):
2516         Removes a cached radioNodeList.
2517         * dom/Node.h: Ditto
2518         * dom/NodeRareData.h:
2519         (WebCore):
2520         (NodeListsNodeData):
2521         Added radioNodeList list.
2522         * html/CollectionType.h:
2523         Added new FormControls type.
2524         * html/HTMLCollection.cpp:
2525         (WebCore::HTMLCollection::shouldIncludeChildren):
2526         (WebCore::HTMLCollection::isAcceptableElement):
2527         Handle FormControls collection type.
2528         * html/HTMLFormCollection.cpp:
2529         (WebCore::HTMLFormCollection::HTMLFormCollection):
2530         Contruct collection of FormControls type.
2531         * html/RadioNodeList.cpp: Added.
2532         (WebCore):
2533         (WebCore::RadioNodeList::RadioNodeList):
2534         (WebCore::RadioNodeList::~RadioNodeList):
2535         (WebCore::toRadioButtonInputElement):
2536         (WebCore::RadioNodeList::value):
2537         (WebCore::RadioNodeList::setValue):
2538         (WebCore::RadioNodeList::nodeMatches):
2539         * html/RadioNodeList.h: Added.
2540         (WebCore):
2541         (RadioNodeList):
2542         (WebCore::RadioNodeList::create):
2543         RadioNodeList implementation.
2544         * html/RadioNodeList.idl: Added.
2545         Idl for generating RadioNodeList JS/V8 bindings.
2546
2547 2012-05-08  Benjamin Poulain  <bpoulain@apple.com>
2548
2549         [JSC] Regression: addEventListener() and removeEventListener() raise an exception on missing args
2550         https://bugs.webkit.org/show_bug.cgi?id=85928
2551
2552         Reviewed by Geoffrey Garen.
2553
2554         The functions addEventListener() and removeEventListener() raise an exception if there are missin arguments.
2555         This behavior breaks existing content.
2556
2557         This patch change the code generator of JavaScript core to have an exception for addEventListener() and removeEventListener().
2558         For those function, we do not raise an exception on missin argument.
2559
2560         This patch does not modify the V8 code generator because such exceptions are already in place there.
2561
2562         Tests: fast/dom/Window/window-legacy-event-listener.html
2563                fast/dom/XMLHttpRequest-legacy-event-listener.html
2564                fast/dom/node-legacy-event-listener.html
2565
2566         * bindings/scripts/CodeGeneratorJS.pm:
2567         (GenerateImplementation):
2568
2569 2012-05-08  Chris Rogers  <crogers@google.com>
2570
2571         AudioParam should directly be given context in create() method
2572         https://bugs.webkit.org/show_bug.cgi?id=85905
2573
2574         Reviewed by James Robinson.
2575
2576         No new tests.  This is a low-level re-factoring and is covered by existing tests.
2577
2578         * Modules/webaudio/AudioBufferSourceNode.cpp:
2579         (WebCore::AudioBufferSourceNode::AudioBufferSourceNode):
2580         * Modules/webaudio/AudioGain.h:
2581         (WebCore::AudioGain::create):
2582         (WebCore::AudioGain::AudioGain):
2583         * Modules/webaudio/AudioGainNode.cpp:
2584         (WebCore::AudioGainNode::AudioGainNode):
2585         * Modules/webaudio/AudioPannerNode.cpp:
2586         (WebCore::AudioPannerNode::AudioPannerNode):
2587         * Modules/webaudio/AudioParam.h:
2588         (WebCore::AudioParam::create):
2589         (AudioParam):
2590         (WebCore::AudioParam::AudioParam):
2591         * Modules/webaudio/BiquadFilterNode.cpp:
2592         (WebCore::BiquadFilterNode::BiquadFilterNode):
2593         * Modules/webaudio/BiquadProcessor.cpp:
2594         (WebCore::BiquadProcessor::BiquadProcessor):
2595         * Modules/webaudio/BiquadProcessor.h:
2596         * Modules/webaudio/DelayNode.cpp:
2597         (WebCore::DelayNode::DelayNode):
2598         * Modules/webaudio/DelayProcessor.cpp:
2599         (WebCore::DelayProcessor::DelayProcessor):
2600         * Modules/webaudio/DelayProcessor.h:
2601         (DelayProcessor):
2602         * Modules/webaudio/DynamicsCompressorNode.cpp:
2603         (WebCore::DynamicsCompressorNode::DynamicsCompressorNode):
2604         * Modules/webaudio/Oscillator.cpp:
2605         (WebCore::Oscillator::Oscillator):
2606
2607 2012-05-08  Dana Jansens  <danakj@chromium.org>
2608
2609         [chromium] Show borders for partial-draw-culled quads to visualize culling behaviour
2610         https://bugs.webkit.org/show_bug.cgi?id=85414
2611
2612         Reviewed by Adrienne Walker.
2613
2614         The borders are brown, and are only shown when the quad's visible rect
2615         is non-empty and is different from the quad's original rect.
2616
2617         Adds a flag to CCQuadCuller constructor, to enable showing debug borders
2618         around what it leaves after culling (when it culls anything in a quad
2619         at all).
2620
2621         * platform/graphics/chromium/cc/CCDrawQuad.h:
2622         (WebCore::CCDrawQuad::isDebugQuad):
2623         (WebCore::CCDrawQuad::sharedQuadState):
2624         (CCDrawQuad):
2625         * platform/graphics/chromium/cc/CCQuadCuller.cpp:
2626         (WebCore):
2627         (WebCore::CCQuadCuller::CCQuadCuller):
2628         (WebCore::appendQuadInternal):
2629         (WebCore::CCQuadCuller::append):
2630         (WebCore::CCQuadCuller::appendSurface):
2631         (WebCore::CCQuadCuller::appendReplica):
2632         * platform/graphics/chromium/cc/CCQuadCuller.h:
2633         (CCQuadCuller):
2634         * platform/graphics/chromium/cc/CCRenderPass.cpp:
2635         (WebCore::CCRenderPass::appendQuadsForLayer):
2636         (WebCore::CCRenderPass::appendQuadsForRenderSurfaceLayer):
2637
2638 2012-05-08  Julien Chaffraix  <jchaffraix@webkit.org>
2639
2640         Move RenderLayers z-index lists dirtying to post style change
2641         https://bugs.webkit.org/show_bug.cgi?id=85437
2642
2643         Reviewed by Darin Adler.
2644
2645         No expected change in behavior.
2646
2647         This change moves the z-order lists to RenderLayer::styleChanged. As part of this
2648         change, also added proper handling of stacking context transition. This enabled
2649         us to tighten more of the dirtyZOrderLists / clearZOrderLists code.
2650
2651         * rendering/RenderBoxModelObject.cpp:
2652         (WebCore::RenderBoxModelObject::styleWillChange):
2653         Removed this code, moved to updateStackingContextsAfterStyleChange.
2654
2655         * rendering/RenderLayer.cpp:
2656         (WebCore::RenderLayer::RenderLayer):
2657         Only stacking contexts start with dirty z-order lists.
2658
2659         (WebCore::RenderLayer::dirtyZOrderLists):
2660         Added an ASSERT.
2661
2662         (WebCore::RenderLayer::updateStackingContextsAfterStyleChange):
2663         Refactored the code to handle the transition between stacking context status.
2664
2665         (WebCore::RenderLayer::styleChanged):
2666         Added a call to updateStackingContextsAfterStyleChange.
2667
2668         * rendering/RenderLayer.h:
2669         (WebCore::RenderLayer::isStackingContext):
2670         Added a call to the next function.
2671
2672         (WebCore::RenderLayer::layerWithStyleIsStackingContext):
2673         Factored the isStackingContext logic here so that we can reuse it inside
2674         updateStackingContextsAfterStyleChange.
2675
2676         (WebCore::RenderLayer::clearZOrderLists):
2677         Added an ASSERT.
2678
2679 2012-05-08  Abhishek Arya  <inferno@chromium.org>
2680
2681         Crash due to owning renderer not removed from custom scrollbar.
2682         https://bugs.webkit.org/show_bug.cgi?id=80610
2683
2684         Reviewed by Eric Seidel.
2685
2686         Test: scrollbars/scrollbar-owning-renderer-crash.html
2687
2688         Changed RenderScrollbar to keep pointer to owning node, instead of the
2689         renderer. Renderer can get destroyed without informing the scrollbar, causing
2690         crashes later. Remove code from r94107 since it is not needed anymore and saves
2691         times when RenderBox is getting destroyed.
2692
2693         * page/FrameView.cpp:
2694         (WebCore::FrameView::createScrollbar): pass renderer's node.
2695         * page/FrameView.h:
2696         * rendering/RenderBox.cpp:
2697         (WebCore::RenderBox::willBeDestroyed): no longer need this. came originally from r94107.
2698         * rendering/RenderLayer.cpp:
2699         (WebCore::RenderLayer::createScrollbar): pass renderer's node.
2700         (WebCore::RenderLayer::destroyScrollbar): no longer need to clear owning renderer.
2701         * rendering/RenderListBox.cpp:
2702         (WebCore::RenderListBox::createScrollbar): pass renderer's node.
2703         * rendering/RenderMenuList.cpp:
2704         (WebCore::RenderMenuList::createScrollbar): pass renderer's node.
2705         * rendering/RenderScrollbar.cpp:
2706         (WebCore::RenderScrollbar::createCustomScrollbar): Store owner node instead of renderer.
2707         (WebCore::RenderScrollbar::RenderScrollbar): Store owner node instead of renderer.
2708         (WebCore::RenderScrollbar::owningRenderer): calculate owning renderer from owner node.
2709         * rendering/RenderScrollbar.h:
2710         (RenderScrollbar):
2711         * rendering/RenderTextControlSingleLine.cpp:
2712         (WebCore::RenderTextControlSingleLine::createScrollbar): pass renderer's node.
2713
2714 2012-05-08  Jon Lee  <jonlee@apple.com>
2715
2716         Safari warns that it needs to resend the form in an iFrame when going back
2717         https://bugs.webkit.org/show_bug.cgi?id=82658
2718         <rdar://problem/11292558>
2719
2720         Reviewed by Darin Adler.
2721
2722         Test: http/tests/loading/post-in-iframe-with-back-navigation.html
2723
2724         * WebCore.exp.in: Add _wkCFURLRequestAllowAllPostCaching.
2725         * platform/mac/WebCoreSystemInterface.h: Add wkCFURLRequestAllowAllPostCaching.
2726         * platform/mac/WebCoreSystemInterface.mm: Add wkCFURLRequestAllowAllPostCaching.
2727         * platform/network/cf/ResourceRequestCFNet.cpp:
2728         (WebCore::ResourceRequest::doUpdatePlatformRequest): Set the bit to cache all POST responses.
2729         * platform/network/mac/ResourceRequestMac.mm:
2730         (WebCore::ResourceRequest::doUpdatePlatformRequest): Set the bit to cache all POST responses.
2731
2732 2012-05-08  Dana Jansens  <danakj@chromium.org>
2733
2734         [chromium] Reflections with masks should not occlude
2735         https://bugs.webkit.org/show_bug.cgi?id=85927
2736
2737         Reviewed by James Robinson.
2738
2739         When a surface does not have a mask, we make both it and its reflection
2740         occlude the things below them. However, if the reflection has a mask
2741         applied to it, then we should not consider it as occluding.
2742
2743         Adds replicaHasMask() to the render surface classes so we can test if
2744         the mask is present.
2745
2746         Unit Tests: CCOcclusionTrackerTestReplicaWithMask
2747
2748         * platform/graphics/chromium/RenderSurfaceChromium.cpp:
2749         (WebCore::RenderSurfaceChromium::hasMask):
2750         This is unusued right now, but will allow us to remove a FIXME from
2751         CCOcclusionTracker::finishedTargetRenderSurface().
2752         (WebCore):
2753         (WebCore::RenderSurfaceChromium::replicaHasMask):
2754         * platform/graphics/chromium/RenderSurfaceChromium.h:
2755         (RenderSurfaceChromium):
2756         * platform/graphics/chromium/cc/CCOcclusionTracker.cpp:
2757         (WebCore::::leaveToTargetRenderSurface):
2758         * platform/graphics/chromium/cc/CCRenderSurface.cpp:
2759         (WebCore::CCRenderSurface::hasMask):
2760         This is unusued right now, but will allow us to remove a FIXME from
2761         CCOcclusionTracker::finishedTargetRenderSurface().
2762         (WebCore):
2763         (WebCore::CCRenderSurface::replicaHasMask):
2764         * platform/graphics/chromium/cc/CCRenderSurface.h:
2765         (CCRenderSurface):
2766
2767 2012-05-08  Eric Seidel  <eric@webkit.org>
2768
2769         Add stylesheet inheritance support to IFRAME_SEAMLESS
2770         https://bugs.webkit.org/show_bug.cgi?id=85914
2771
2772         Reviewed by Ojan Vafai.
2773
2774         This work is already guarded by IFRAME_SEAMLESS, as
2775         Document::shouldDisplaySeamlesslyWithParent always returns false
2776         when IFRAME_SEAMLESS is off.
2777
2778         This makes the child document use all author stylesheets from all parent documents,
2779         per the seamless spec:
2780         http://www.whatwg.org/specs/web-apps/current-work/#attr-iframe-seamless
2781
2782         This support is slightly inefficient as every time a sheet is added
2783         to a parent document, the child document must do a full style selector recalc.
2784         Normally author sheet additions have a fast-path which avoids the full selector recalc,
2785         but such is not possible in the seamless case as we're inserting the parents sheets
2786         earlier in the child's cascade (instead of just appending them to the end of the list).
2787
2788         The test covers both the static inheritance as well as addition of a stylesheet
2789         to the parent and testing that it caused a recalc of the child.
2790
2791         Covered by fast/frames/seamless/seamless-css-cascade.html
2792
2793         * css/StyleResolver.cpp:
2794         (WebCore::StyleResolver::StyleResolver):
2795         (WebCore::StyleResolver::addStylesheetsFromSeamlessParents):
2796         (WebCore):
2797         * css/StyleResolver.h:
2798         (StyleResolver):
2799         * dom/Document.cpp:
2800         (WebCore::Document::seamlessParentUpdatedStylesheets):
2801         (WebCore):
2802         (WebCore::Document::notifySeamlessChildDocumentsOfStylesheetUpdate):
2803         (WebCore::Document::updateActiveStylesheets):
2804         * dom/Document.h:
2805         (Document):
2806
2807 2012-05-08  Raphael Kubo da Costa  <rakuco@webkit.org>
2808
2809         [CMake] FindGStreamer: Fix the build with static WebCore.
2810         https://bugs.webkit.org/show_bug.cgi?id=85930
2811
2812         Reviewed by Daniel Bates.
2813
2814         No new tests, build fix.
2815
2816         Building WebCore statically was failing because files in
2817         WebCore/platform/gstreamer when ENABLE_VIDEO was set required
2818         gstreamer-base, which was not being linked to after r116453.
2819
2820         Fix that by looking for gstreamer-base, requiring and linking
2821         against it if GStreamer is used.
2822
2823         * PlatformEfl.cmake: Link to GSTREAMER_LIBRARIES and
2824         GSTREAMER_BASE_LIBRARIES, and include GSTREAMER_INCLUDE_DIRS and
2825         GSTREAMER_BASE_INCLUDE_DIRS.
2826
2827 2012-05-08  Raymond Toy  <rtoy@google.com>
2828
2829         JavaScriptAudioNode should not ASSERT if number of input channels is 0
2830         https://bugs.webkit.org/show_bug.cgi?id=85818
2831
2832         Reviewed by Eric Seidel.
2833
2834         Test: webaudio/javascriptaudionode-zero-input-channels.html
2835
2836         * Modules/webaudio/JavaScriptAudioNode.cpp:
2837         (WebCore::JavaScriptAudioNode::process): Update buffersAreGood.
2838         (WebCore::JavaScriptAudioNode::fireProcessEvent): Remove ASSERT.
2839
2840 2012-05-08  Dana Jansens  <danakj@chromium.org>
2841
2842         Region reads past end of spans
2843         https://bugs.webkit.org/show_bug.cgi?id=85909
2844
2845         Reviewed by Anders Carlsson.
2846
2847         Region currently checks aSpan == aSpanEnd as the indicator that
2848         we passed all the spans. When aSpan < aSpanEnd, it uses aSpan+1
2849         to find the height of the span.
2850
2851         If aSpan == aSpanEnd - 1, then aSpan+1 == aSpanEnd. This does not
2852         represent a valid span, since aSpanEnd is past the end of the
2853         array, not the last element in the array. The loop should terminate
2854         in this case.
2855
2856         Checking aSegment != aSegmentEnd is acceptable in the inner loop since
2857         it increments by two each time (segments come in pairs, while spans
2858         come in singles).
2859
2860         Test: RegionTest.ReadPastFullSpanVectorInIntersectsTest
2861
2862         * platform/graphics/Region.cpp:
2863         (WebCore::Region::Shape::compareShapes):
2864
2865 2012-05-08  Philip Rogers  <pdr@google.com>
2866
2867         Prevent crash in animated lists
2868         https://bugs.webkit.org/show_bug.cgi?id=85382
2869
2870         Reviewed by Nikolas Zimmermann.
2871
2872         Animated lists blindly assign the last list value to m_toAtEndOfDurationType
2873         in SVGAnimationElement::startedActiveInterval. If the last list value's length
2874         is larger or smaller than the animated "to" length, we crash.
2875
2876         This change prevents accessing values off the end of toAtEndOfDuration by adding
2877         a check for this case. It may seem inefficient to perform this check on every
2878         animation update but the "to" value can change (in cardinality) while animating.
2879
2880         I checked each of the other animation types (e.g., SVGAnimatedAngle,
2881         SVGAnimatedBoolean, etc.) and was only able to hit this style of crash
2882         in the three types modified in this change:
2883         SVGAnimatedLengthList, SVGAnimatedNumberList, and SVGAnimatedPointList.
2884
2885         Tests: svg/animations/animate-linear-discrete-additive-b-expected.svg
2886                svg/animations/animate-linear-discrete-additive-b.svg
2887                svg/animations/animate-linear-discrete-additive-c-expected.svg
2888                svg/animations/animate-linear-discrete-additive-c.svg
2889                svg/animations/animate-linear-discrete-additive-expected.svg
2890                svg/animations/animate-linear-discrete-additive.svg
2891                svg/animations/animate-list-crash.svg
2892
2893         * svg/SVGAnimatedLengthList.cpp:
2894         (WebCore::SVGAnimatedLengthListAnimator::calculateAnimatedValue):
2895         * svg/SVGAnimatedNumberList.cpp:
2896         (WebCore::SVGAnimatedNumberListAnimator::calculateAnimatedValue):
2897         * svg/SVGAnimatedPointList.cpp:
2898         (WebCore::SVGAnimatedPointListAnimator::calculateAnimatedValue):
2899
2900 2012-05-08  Rafael Weinstein  <rafaelw@chromium.org>
2901
2902         HTMLElementStack::hasOnlyHTMLElementsInScope is no longer called
2903         https://bugs.webkit.org/show_bug.cgi?id=85908
2904
2905         Reviewed by Eric Seidel.
2906
2907         This patch just removes the dead code.
2908
2909         No tests needed. Cleanup only.
2910
2911         * html/parser/HTMLElementStack.cpp:
2912         * html/parser/HTMLElementStack.h:
2913         (HTMLElementStack):
2914
2915 2012-05-08  W. James MacLean  <wjmaclean@chromium.org>
2916
2917         [chromium] Create LinkHighlightLayerChromium class to provide link-highlight preview animations for GraphicsLayerChromium.
2918         https://bugs.webkit.org/show_bug.cgi?id=85084
2919
2920         Reviewed by James Robinson.
2921
2922         Unit test provided.
2923
2924         Creates a layer delegate class to provide link highlight animations for link-preview feature.
2925         These are added to a GraphicsLayerChromium via provided methods. Moves dispensing of animation
2926         ids into a separate class.
2927
2928         * WebCore.gypi:
2929         * platform/graphics/chromium/AnimationIdVendor.cpp: Added.
2930         (WebCore):
2931         (WebCore::AnimationIdVendor::getNextAnimationId):
2932         (WebCore::AnimationIdVendor::getNextGroupId):
2933         * platform/graphics/chromium/AnimationIdVendor.h: Added.
2934         (WebCore):
2935         (AnimationIdVendor):
2936         * platform/graphics/chromium/GraphicsLayerChromium.cpp:
2937         (WebCore::GraphicsLayerChromium::willBeDestroyed):
2938         (WebCore::GraphicsLayerChromium::updateNames):
2939         (WebCore::GraphicsLayerChromium::addAnimation):
2940         (WebCore::GraphicsLayerChromium::addLinkHighlight):
2941         (WebCore):
2942         (WebCore::GraphicsLayerChromium::didFinishLinkHighlight):
2943         (WebCore::GraphicsLayerChromium::updateChildList):
2944         (WebCore::GraphicsLayerChromium::mapAnimationNameToId):
2945         * platform/graphics/chromium/GraphicsLayerChromium.h:
2946         (WebCore):
2947         (GraphicsLayerChromium):
2948         * platform/graphics/chromium/LinkHighlight.cpp: Added.
2949         (WebCore):
2950         (WebCore::LinkHighlight::create):
2951         (WebCore::LinkHighlight::LinkHighlight):
2952         (WebCore::LinkHighlight::~LinkHighlight):
2953         (WebCore::LinkHighlight::contentLayer):
2954         (WebCore::LinkHighlight::paintContents):
2955         (WebCore::LinkHighlight::notifyAnimationStarted):
2956         (WebCore::LinkHighlight::notifyAnimationFinished):
2957         * platform/graphics/chromium/LinkHighlight.h: Added.
2958         (WebCore):
2959         (LinkHighlight):
2960
2961 2012-05-08  Raphael Kubo da Costa  <rakuco@webkit.org>
2962
2963         [CMake] Rewrite FindGStreamer.cmake.
2964         https://bugs.webkit.org/show_bug.cgi?id=85857
2965
2966         Reviewed by Daniel Bates.
2967
2968         No new tests, build system change.
2969
2970         We are currently kind of duplicating the same
2971         FindGStreamer-Foo.cmake file whenever a new GStreamer plugin needs
2972         to be found. Besides this approach not scaling very well, it
2973         relies on pkg-config for version checking, uses the LibFindMacros
2974         package that we should deprecate and all the find files could be
2975         merged into one, with users using the COMPONENTS feature of the
2976         FIND_PACKAGE() call to find the desired plugins.
2977
2978         FindGStreamer.cmake has then been rewritten to take all that into
2979         account:
2980         - The LibFindMacros.cmake package is not used anymore.
2981         - Version check is performed in the CMake file itself by parsing
2982         the gstversion.h header.
2983         - All GStreamer plugins are searched and the COMPONENTS keyword
2984         used in the FIND_PACKAGE() call is used to check which plugins are
2985         required.
2986         - The plugins-base and base GStreamer plugins are not searched, as
2987         they were not used anywhere in the build system.
2988
2989         * PlatformEfl.cmake: Update GStreamer-related variable names.
2990
2991 2012-05-08  Mikhail Pozdnyakov  <mikhail.pozdnyakov@intel.com>
2992
2993         [EFL] Handling of numeric-pad keys in EFL's PlatformKeyboardEvent
2994         https://bugs.webkit.org/show_bug.cgi?id=85479
2995
2996         Reviewed by Gustavo Noronha Silva.
2997
2998         EFL's PlatformKeyboardEvent::isKeypad() now returns meaningful value.
2999         Added numeric-pad keys to the Key Map and Windows Key Map.
3000
3001         No new tests.
3002
3003         * platform/efl/EflKeyboardUtilities.cpp:
3004         (WebCore::createKeyMap):
3005         (WebCore::createWindowsKeyMap):
3006         * platform/efl/PlatformKeyboardEventEfl.cpp:
3007         (WebCore::PlatformKeyboardEvent::PlatformKeyboardEvent):
3008
3009 2012-05-04  Nikolas Zimmermann  <nzimmermann@rim.com>
3010
3011         Tie lifetime of SVGAnimateElement::m_animatedType to the duration of the animation
3012         https://bugs.webkit.org/show_bug.cgi?id=85627
3013
3014         Reviewed by Antti Koivisto.
3015
3016         Example:
3017         <rect width="10" height="100">
3018             <animate attributeName="width" from="10" to="100" begin="2s" dur="4s" fill="remove"/>
3019         </rect>
3020
3021         At t=0s the <animate> element receives its first interval: begin=2s, end=6s.
3022         At this point we've created the 'OwnPtr<SVGAnimatedType> m_animatedType' in
3023         SVGAnimateElement, which holds the current animated value of the target type.
3024         In this example it contains a SVGLength with '10' as value at t=0s.
3025
3026         Calling "rect.width.animVal.value" will return the value currently contained in the
3027         m_animatedType from the SVGAnimateElement, even though the animation didn't begin
3028         yet. This is fine, as the animVal equals to the baseVal, as long as no animation is
3029         running.
3030
3031         At t=6s you'd expect that the whole 'animVal' object is destructed again, as it's no
3032         longer needed, as animVal will be equal to baseVal again, but the current code keeps
3033         the animVal alive, and just resets it to the baseVal. The animVals will be destructed
3034         once the animate element leaves the tree.
3035
3036         CSS animations suffer from the same problem, we never remove the animated SMIL properties
3037         but we only reset them to the base value. This makes integration with CSS Animations and
3038         CSS Transitions harder, so this needs to be changed.
3039
3040         This patch starts tracking the start/end of an animation chain properly, to destruct
3041         the animation effect for non-frozen animations at the end of their duration. This has to
3042         work properly together with seeking (SVGSVGElement.setCurrentTime), as our testing relies
3043         on the ability to drive the SMIL timeline from script.
3044
3045         Tests: svg/animations/list-wrapper-assertion-expected.svg
3046                svg/animations/list-wrapper-assertion.svg
3047
3048         * svg/SVGAnimateElement.cpp:
3049         (WebCore::SVGAnimateElement::resetAnimatedType):
3050         (WebCore::applyCSSPropertyToTarget):
3051         (WebCore::removeCSSPropertyFromTarget):
3052         (WebCore::applyCSSPropertyToTargetAndInstances):
3053         (WebCore::removeCSSPropertyFromTargetAndInstances):
3054         (WebCore::notifyTargetAboutAnimValChange):
3055         (WebCore::notifyTargetAndInstancesAboutAnimValChange):
3056         (WebCore::SVGAnimateElement::clearAnimatedType):
3057         (WebCore::SVGAnimateElement::applyResultsToTarget):
3058         (WebCore::SVGAnimateElement::targetElementWillChange):
3059         * svg/SVGAnimateElement.h:
3060         (SVGAnimateElement):
3061         * svg/SVGAnimateMotionElement.cpp:
3062         (WebCore::SVGAnimateMotionElement::resetAnimatedType):
3063         (WebCore::SVGAnimateMotionElement::clearAnimatedType):
3064         * svg/SVGAnimateMotionElement.h:
3065         (SVGAnimateMotionElement):
3066         * svg/SVGAnimationElement.cpp:
3067         * svg/SVGAnimationElement.h:
3068         * svg/animation/SMILTimeContainer.cpp:
3069         (WebCore::SMILTimeContainer::updateAnimations):
3070         * svg/animation/SVGSMILElement.cpp:
3071         (WebCore::SVGSMILElement::reset):
3072         (WebCore::SVGSMILElement::targetElementWillChange):
3073         (WebCore::SVGSMILElement::determineActiveState):
3074         (WebCore::SVGSMILElement::progress):
3075         * svg/animation/SVGSMILElement.h:
3076         (SVGSMILElement):
3077         * svg/properties/SVGAnimatedListPropertyTearOff.h:
3078             Remove svgAttributeChanged() calls from animationEnded/animValDidChange.
3079             Callers are now required to notify the target about changes. There are cases
3080             where we want to call animValDidChange without invoking svgAttributeChanged().
3081             That is supported now.
3082         (WebCore::SVGAnimatedListPropertyTearOff::animationEnded):
3083         (WebCore::SVGAnimatedListPropertyTearOff::animValDidChange):
3084         * svg/properties/SVGAnimatedProperty.h: Ditto.
3085         (WebCore::SVGAnimatedProperty::commitChange): Add safety guard.
3086         * svg/properties/SVGAnimatedPropertyTearOff.h: Ditto.
3087         (WebCore::SVGAnimatedPropertyTearOff::animationEnded):
3088         (WebCore::SVGAnimatedPropertyTearOff::animValDidChange):
3089         * svg/properties/SVGAnimatedStaticPropertyTearOff.h: Ditto.
3090         (WebCore::SVGAnimatedStaticPropertyTearOff::animationEnded):
3091         (WebCore::SVGAnimatedStaticPropertyTearOff::animValDidChange):
3092
3093 2012-05-08  Ryuan Choi  <ryuan.choi@samsung.com>
3094
3095         [EFL][DRT]Do not create ScrollbarEfl when mockScrollbar is enabled.
3096         https://bugs.webkit.org/show_bug.cgi?id=81315
3097
3098         Reviewed by Chang Shu.
3099
3100         ScrollbarEfl creates custom scrollbars as separated layer and they are
3101         not related to ScrollbarTheme.
3102         So, DRT/Efl creates custom scrollbars on webview which paints mockScrollbar.
3103
3104         This patch prevents creating custom scrollbars when mockScrollbar is enabled.
3105
3106         Because DRT/Efl only renders the webview now, expected results are same
3107         until Bug 79853 is landed.
3108
3109         * platform/efl/ScrollbarEfl.cpp:
3110         (Scrollbar::createNativeScrollbar):
3111
3112 2012-05-08  Timothy Hatcher  <timothy@apple.com>
3113
3114         Fix the SOFT_LINK_STAGED_FRAMEWORK_OPTIONAL macro so it passes the full path to dlopen.
3115
3116         dyld only considers libraries in the versioned framework path if their install name
3117         matches the library that it is attempting to load. The path we were passing to
3118         dlopen lacked the Versions/A component of the path so dyld did not recognize that
3119         we wanted it to use the staged version if it is newer.
3120
3121         <rdar://problem/11406517>
3122
3123         Reviewed by Mark Rowe.
3124
3125         * platform/mac/SoftLinking.h: Have SOFT_LINK_STAGED_FRAMEWORK_OPTIONAL take the
3126         framework version as an argument and use it when constructing the path to dlopen.
3127
3128 2012-05-08  Rafael Brandao  <rafael.lobo@openbossa.org>
3129
3130         Build fix for Qt Snowleopard Release
3131         https://bugs.webkit.org/show_bug.cgi?id=85895
3132
3133         Reviewed by Alexis Menard.
3134
3135         The enum value JSUint8ClampedArray conflicted with the JSUint8ClampedArray class.
3136         I've added the 'Type' suffix to the enum value to make their names different.
3137
3138         No new tests needed.
3139
3140         * bridge/qt/qt_runtime_qt4.cpp:
3141         (JSC::Bindings::valueRealType):
3142         (JSC::Bindings::convertValueToQVariant):
3143
3144 2012-05-08  Shezan Baig  <shezbaig.wk@gmail.com>
3145
3146         offsetLeft broken within CSS3 columns
3147         https://bugs.webkit.org/show_bug.cgi?id=34875
3148
3149         Reviewed by Julien Chaffraix.
3150
3151         Reimplement offsetLeft and offsetTop in terms of a new method called
3152         'offsetTopLeft'. The new method starts from a reference point (the
3153         top-left coordinate of a box or inline) and adjusts this reference
3154         point for columns as we traverse each parent. Note that the reference
3155         point needs to be adjusted in both dimensions, even though offsetLeft
3156         and offsetTop return only one of them.
3157
3158         A new method called 'offsetForColumns' was added to RenderObject. This
3159         method is similar to adjustForColumns, except that it returns the
3160         offset instead of modifying a reference. This method is necessary to
3161         simplify the implementation of offsetTopLeft.
3162
3163         Tests: fast/block/positioning/offsetLeft-offsetTop-multicolumn-expected.txt
3164                fast/block/positioning/offsetLeft-offsetTop-multicolumn.html
3165
3166         * rendering/RenderBox.h:
3167         (RenderBox):
3168         Override offsetLeft and offsetTop.
3169         * rendering/RenderBox.cpp:
3170         (WebCore::RenderBox::offsetLeft):
3171         Implemented in terms of RenderBoxModelObject::offsetTopLeft, using
3172         topLeftLocation as startPoint.
3173         (WebCore::RenderBox::offsetTop):
3174         Implemented in terms of RenderBoxModelObject::offsetTopLeft, using
3175         topLeftLocation as startPoint.
3176         * rendering/RenderBoxModelObject.cpp:
3177         (WebCore::RenderBoxModelObject::offsetTopLeft):
3178         New method to compute offsetLeft and offsetTop simultaneously, and
3179         adjusting for columns at each parent.
3180         (WebCore::RenderBoxModelObject::offsetLeft):
3181         Reimplemented in terms of offsetTopLeft.
3182         (WebCore::RenderBoxModelObject::offsetTop):
3183         Reimplemented in terms of offsetTopLeft.
3184         * rendering/RenderBoxModelObject.h:
3185         (RenderBoxModelObject):
3186         Declare new offsetTopLeft method.
3187         * rendering/RenderInline.cpp:
3188         (WebCore::RenderInline::offsetLeft):
3189         Reimplemented in terms of RenderBoxModelObject::offsetTopLeft.
3190         (WebCore::RenderInline::offsetTop):
3191         Reimplemented in terms of RenderBoxModelObject::offsetTopLeft.
3192         * rendering/RenderObject.h:
3193         (RenderObject):
3194         (WebCore::RenderObject::offsetForColumns):
3195         New helper method to simplify implementation of offsetTopLeft.
3196
3197 2012-03-31  Robert Hogan  <robert@webkit.org>
3198
3199         CSS 2.1 failure: first-letter-nested-004.htm fails
3200         https://bugs.webkit.org/show_bug.cgi?id=72987
3201
3202         Reviewed by Eric Seidel.
3203
3204         When styling first-letter check each sibling and drill into its inlines until we find either (i) a text node 
3205         that is not all whitespace, or (ii) a line break.
3206
3207         This makes our rendering of the following tests compatible with FF and Opera. Our current behaviour is also conformant
3208         since the spec allows UAs to style just one element:
3209             css2.1/20110323/first-letter-quote-002.htm
3210             css2.1/20110323/first-letter-quote-003.htm
3211             css2.1/20110323/first-letter-quote-004.htm
3212             css2.1/20110323/first-letter-quote-005.htm
3213
3214         This fixes the following two tests. We now drill into the descendants of an element styled with :first-letter looking
3215         for text to style:
3216             css2.1/20110323/first-letter-nested-004.htm
3217             css2.1/20110323/first-letter-nested-006.htm
3218
3219         This patch changes our rendering of first-letter-dynamic-001.htm as we now render adjacent quotes in the second line as 
3220         green. This is consistent with the spec, which allows this behaviour but does not require it. It's the 'right' behaviour
3221         since it is consistent with the rendering of such quotes in a single element with :first-letter style.
3222
3223         * rendering/RenderBlock.cpp:
3224         (WebCore::RenderBlock::findLastObjectWithFirstLetterText): Iterate through the child's siblings looking for the last
3225           object to be styled :first-letter.
3226         (WebCore::RenderBlock::findLastObjectAfterFirstLetterPunctuation): Style any leading punctuation as first-letter, drill
3227           down into the child's descendants looking for text if necessary.
3228         (WebCore::RenderBlock::updateFirstLetter): Refactor to drill into sibling's children looking for inlines
3229          that should be styled as first-letter.
3230         (WebCore::RenderBlock::addFirstLetter): Split out from updateFirstLetter so that it can be used when a
3231          descendant node inside a sibling is found in findLastObjectWithFirstLetterText() needs to be styled as first-letter.
3232         * rendering/RenderBlock.h:
3233
3234 2012-05-08  Sheriff Bot  <webkit.review.bot@gmail.com>
3235
3236         Unreviewed, rolling out r116402.
3237         http://trac.webkit.org/changeset/116402
3238         https://bugs.webkit.org/show_bug.cgi?id=85898
3239
3240         Caused a 3% regression on Chromium's bloat-http test on Linux
3241         (Requested by ojan_gardening on #webkit).
3242
3243         * WebCore.exp.in:
3244         * bindings/v8/RetainedDOMInfo.cpp:
3245         * dom/ContainerNode.h:
3246         * dom/Node.cpp:
3247         (WebCore::Node::traverseNextNode):
3248         (WebCore):
3249         (WebCore::Node::traverseNextSibling):
3250         * dom/Node.h:
3251         (Node):
3252
3253 2012-05-08  Hironori Bono  <hbono@chromium.org>
3254
3255         [Chromium] Fix the position of an RTL resizer
3256         https://bugs.webkit.org/show_bug.cgi?id=80640
3257
3258         Reviewed by Tony Chang.
3259
3260         When rendering an RTL resizer, my r110073 renders it at the same position as the
3261         one used for rendering a LTR resizer. Unfortunately, this code renders the RTL
3262         resizer image at an incorrect position on Mac and Linux. This change uses the
3263         correct formula to calculate the position of an RTL resizer.
3264
3265         Test: platform/chromium/scrollbars/rtl-resizer-position.html
3266
3267         * rendering/RenderLayer.cpp:
3268         (WebCore::RenderLayer::drawPlatformResizerImage):
3269
3270 2012-05-08  Andreas Kling  <kling@webkit.org>
3271
3272         Element: isURLAttribute() should take a const Attribute&.
3273         <http://webkit.org/b/85890>
3274
3275         Reviewed by Anders Carlsson.
3276
3277         Change isURLAttribute(Attribute*) to isURLAttribute(const Attribute&) to enforce
3278         the fact that the Attribute can't be null, and shouldn't be mutated, at compile-time.
3279         Also sprinkle OVERRIDE while we're at it.
3280
3281         * dom/Element.cpp:
3282         (WebCore::Element::getURLAttribute):
3283         (WebCore::Element::getNonEmptyURLAttribute):
3284         * dom/Element.h:
3285         (WebCore::Element::isURLAttribute):
3286         * editing/MarkupAccumulator.cpp:
3287         (WebCore::MarkupAccumulator::appendQuotedURLAttributeValue):
3288         (WebCore::MarkupAccumulator::appendAttribute):
3289         * editing/markup.cpp:
3290         (WebCore::completeURLs):
3291         * html/HTMLAnchorElement.cpp:
3292         (WebCore::HTMLAnchorElement::isURLAttribute):
3293         * html/HTMLAnchorElement.h:
3294         * html/HTMLBaseElement.cpp:
3295         (WebCore::HTMLBaseElement::isURLAttribute):
3296         * html/HTMLBaseElement.h:
3297         * html/HTMLBodyElement.cpp:
3298         (WebCore::HTMLBodyElement::isURLAttribute):
3299         * html/HTMLBodyElement.h:
3300         * html/HTMLButtonElement.cpp:
3301         (WebCore::HTMLButtonElement::isURLAttribute):
3302         * html/HTMLButtonElement.h:
3303         * html/HTMLElement.cpp:
3304         (WebCore::HTMLElement::isURLAttribute):
3305         * html/HTMLElement.h:
3306         * html/HTMLEmbedElement.cpp:
3307         (WebCore::HTMLEmbedElement::isURLAttribute):
3308         * html/HTMLEmbedElement.h:
3309         * html/HTMLFormElement.cpp:
3310         (WebCore::HTMLFormElement::isURLAttribute):
3311         * html/HTMLFormElement.h:
3312         * html/HTMLFrameElementBase.cpp:
3313         (WebCore::HTMLFrameElementBase::isURLAttribute):
3314         * html/HTMLFrameElementBase.h:
3315         (HTMLFrameElementBase):
3316         * html/HTMLHtmlElement.cpp:
3317         (WebCore::HTMLHtmlElement::isURLAttribute):
3318         * html/HTMLHtmlElement.h:
3319         * html/HTMLImageElement.cpp:
3320         (WebCore::HTMLImageElement::isURLAttribute):
3321         * html/HTMLImageElement.h:
3322         * html/HTMLInputElement.cpp:
3323         (WebCore::HTMLInputElement::isURLAttribute):
3324         * html/HTMLInputElement.h:
3325         * html/HTMLLinkElement.cpp:
3326         (WebCore::HTMLLinkElement::isURLAttribute):
3327         * html/HTMLLinkElement.h:
3328         * html/HTMLMediaElement.cpp:
3329         (WebCore::HTMLMediaElement::isURLAttribute):
3330         * html/HTMLMediaElement.h:
3331         * html/HTMLModElement.cpp:
3332         (WebCore::HTMLModElement::isURLAttribute):
3333         * html/HTMLModElement.h:
3334         * html/HTMLObjectElement.cpp:
3335         (WebCore::HTMLObjectElement::isURLAttribute):
3336         * html/HTMLObjectElement.h:
3337         * html/HTMLParamElement.cpp:
3338         (WebCore::HTMLParamElement::isURLAttribute):
3339         * html/HTMLParamElement.h:
3340         * html/HTMLQuoteElement.cpp:
3341         (WebCore::HTMLQuoteElement::isURLAttribute):
3342         * html/HTMLQuoteElement.h:
3343         * html/HTMLScriptElement.cpp:
3344         (WebCore::HTMLScriptElement::isURLAttribute):
3345         * html/HTMLScriptElement.h:
3346         * html/HTMLSourceElement.cpp:
3347         (WebCore::HTMLSourceElement::isURLAttribute):
3348         * html/HTMLSourceElement.h:
3349         * html/HTMLTableCellElement.cpp:
3350         (WebCore::HTMLTableCellElement::isURLAttribute):
3351         * html/HTMLTableCellElement.h:
3352         * html/HTMLTableElement.cpp:
3353         (WebCore::HTMLTableElement::isURLAttribute):
3354         * html/HTMLTableElement.h:
3355         * html/HTMLTrackElement.cpp:
3356         (WebCore::HTMLTrackElement::isURLAttribute):
3357         * html/HTMLTrackElement.h:
3358         * html/HTMLVideoElement.cpp:
3359         (WebCore::HTMLVideoElement::isURLAttribute):
3360         * html/HTMLVideoElement.h:
3361         * svg/SVGScriptElement.cpp:
3362         (WebCore::SVGScriptElement::isURLAttribute):
3363         * svg/SVGScriptElement.h:
3364
3365 2012-05-08  Stephen Chenney  <schenney@chromium.org>
3366
3367         Shrink ElementAttributeData by factoring out Attr object count.
3368         https://bugs.webkit.org/show_bug.cgi?id=85825
3369
3370         Unreviewed build fix.
3371
3372         * dom/ElementAttributeData.cpp:
3373         (WebCore::attrListForElement): Was returning false instead of 0 for a pointer value. Now returns 0.
3374
3375 2012-05-08  Andreas Kling  <kling@webkit.org>
3376
3377         Element: Merge idAttributeChanged() into attributeChanged().
3378         <http://webkit.org/b/85885>
3379
3380         Reviewed by Antti Koivisto.
3381
3382         No new tests, code churn only.
3383
3384         * dom/Element.h:
3385         * dom/Element.cpp:
3386         (WebCore::Element::attributeChanged): There's no need for this to be a standalone function anymore.
3387
3388 2012-05-08  Andreas Kling  <kling@webkit.org>
3389
3390         Shrink ElementAttributeData by factoring out Attr object count.
3391         <http://webkit.org/b/85825>
3392
3393         Reviewed by Antti Koivisto.
3394
3395         Stop tracking the number of Attr objects that point to a given Element on the
3396         Element itself and manage this by having a global hashmap of Element => AttrList,
3397         where AttrList is a vector of (pointers to) the associated Attr objects.
3398
3399         This shrinks ElementAttributeData by one integer, effectively reducing memory
3400         consumption by ~530kB when viewing the full HTML5 spec at <http://whatwg.org/c>.
3401
3402         * dom/ElementAttributeData.h:
3403         (ElementAttributeData):
3404
3405             Remove m_attrCount...
3406
3407         * dom/Node.h:
3408         (WebCore::Node::hasAttrList):
3409         (WebCore::Node::setHasAttrList):
3410         (WebCore::Node::clearHasAttrList):
3411
3412             ...replacing it with a Node flag that tells us whether there's an Attr
3413             object map for this Node (only applies to Elements.)
3414
3415         * dom/ElementAttributeData.cpp:
3416         (WebCore::attrListMap):
3417         (WebCore::attrListForElement):
3418         (WebCore::ensureAttrListForElement):
3419         (WebCore::removeAttrListForElement):
3420         (WebCore::ElementAttributeData::attrIfExists):
3421         (WebCore::ElementAttributeData::ensureAttr):
3422         (WebCore::ElementAttributeData::setAttr):
3423         (WebCore::ElementAttributeData::removeAttr):
3424         (WebCore::ElementAttributeData::detachAttributesFromElement):
3425
3426             Map Element => per-Element AttrList in a global hash.
3427
3428 2012-05-08  Chris Guan  <chris.guan@torchmobile.com.cn>
3429
3430         [Blackberry] remove m_isRequestedByPlugin in ResourceRequest
3431         https://bugs.webkit.org/show_bug.cgi?id=84559
3432
3433         Reviewed by Antonio Gomes.
3434
3435         ResourceRequest is a network level abstraction, and it should
3436         not know anything about web concepts such as plug-ins, and Blackberry
3437         does not need m_isRequestedByPlugin any longer, So clean up all related
3438         code.
3439
3440         Tested on a website of http://edition.cnn.com, a new window should be
3441         opened only when user has a singe tap gesture on a plugin element.
3442
3443         * platform/network/blackberry/ResourceRequest.h:
3444         (WebCore::ResourceRequest::ResourceRequest):
3445         (ResourceRequest):
3446         (CrossThreadResourceRequestData):
3447         * platform/network/blackberry/ResourceRequestBlackBerry.cpp:
3448         (WebCore::ResourceRequest::doPlatformCopyData):
3449         (WebCore::ResourceRequest::doPlatformAdopt):
3450
3451 2012-05-03  Alexander Pavlov  <apavlov@chromium.org>
3452
3453         Extra line-breaks added when copying from source.
3454         https://bugs.webkit.org/show_bug.cgi?id=85282
3455
3456         Reviewed by Ryosuke Niwa.
3457
3458         The code used to replace any \n by \r\n, even the one that had a preceding \r, resulting in \r\r\n.
3459         This change introduces a check for the preceding \r when replacing \n's.
3460
3461         Test: platform/win/editing/pasteboard/pasting-crlf-isnt-translated-to-crcrlf-win.html
3462
3463         * platform/chromium/ClipboardUtilitiesChromium.cpp:
3464         (WebCore::replaceNewlinesWithWindowsStyleNewlines):
3465         * platform/win/ClipboardUtilitiesWin.cpp:
3466         (WebCore::replaceNewlinesWithWindowsStyleNewlines):
3467
3468 2012-05-08  Adam Barth  <abarth@webkit.org>
3469
3470         OS(ANDROID) JNI AttachCurrentThread take JNIEnv** as a parameter, not void**
3471         https://bugs.webkit.org/show_bug.cgi?id=85869
3472
3473         Reviewed by Eric Seidel.
3474
3475