A canvas should not be tainted if it draws a data URL SVGImage with a <foreignObject>

[WebKit-https.git] / Source / WebCore / ChangeLog

2018-01-08  Said Abou-Hallawa  <sabouhallawa@apple.com>

        A canvas should not be tainted if it draws a data URL SVGImage with a <foreignObject>
        https://bugs.webkit.org/show_bug.cgi?id=180301

        Reviewed by Dean Jackson.

        Don't taint the canvas if it draws a data URL SVGImage with a <foreignObject>.
        There should not be a cross-origin data leak in this case.

        Tests: svg/as-image/svg-canvas-data-url-svg-with-feimage-not-tainted.html
               svg/as-image/svg-canvas-data-url-svg-with-foreign-object-not-tainted.html
               svg/as-image/svg-canvas-data-url-svg-with-image-not-tainted.html

        * html/ImageBitmap.cpp:
        (WebCore::taintsOrigin):
        * html/canvas/CanvasRenderingContext.cpp:
        (WebCore::CanvasRenderingContext::wouldTaintOrigin):

2018-01-08  Don Olmstead  <don.olmstead@sony.com>

        Simplify platform checks in Graphics Context
        https://bugs.webkit.org/show_bug.cgi?id=181344

        Reviewed by Alex Christensen.

        No new tests. No change in behavior.

        * platform/graphics/ANGLEWebKitBridge.h:
        * platform/graphics/GLContext.h:
        * platform/graphics/GraphicsContext3D.h:
        * platform/graphics/OpenGLESShims.h:
        * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
        (WebCore::GraphicsContext3D::checkVaryingsPacking const):

2018-01-08  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move SVG addChild logic to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=181405
        <rdar://problem/36360476>

        Reviewed by Antti Koivisto.

        This is about moving the code, no cleanup and/or normalization (unfortunately it also means
        some temporary changes).  

        No change in functionality.

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * rendering/svg/RenderSVGContainer.cpp:
        (WebCore::RenderSVGContainer::addChild):
        * rendering/svg/RenderSVGInline.cpp:
        (WebCore::RenderSVGInline::addChild):
        * rendering/svg/RenderSVGRoot.cpp:
        (WebCore::RenderSVGRoot::addChild):
        * rendering/svg/RenderSVGText.cpp:
        (WebCore::RenderSVGText::addChild):
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::RenderTreeBuilder):
        (WebCore::RenderTreeBuilder::insertChildToSVGContainer):
        (WebCore::RenderTreeBuilder::insertChildToSVGInline):
        (WebCore::RenderTreeBuilder::insertChildToSVGRoot):
        (WebCore::RenderTreeBuilder::insertChildToSVGText):
        * rendering/updating/RenderTreeBuilder.h:
        (WebCore::RenderTreeBuilder::SVGBuilder):
        * rendering/updating/RenderTreeBuilderSVG.cpp: Added.
        (WebCore::RenderTreeBuilder::SVG::SVG):
        (WebCore::RenderTreeBuilder::SVG::insertChild):
        * rendering/updating/RenderTreeBuilderSVG.h: Added.

2018-01-08  John Wilander  <wilander@apple.com>

        Storage Access API: Remove access for all frames under a page when the page is closed
        https://bugs.webkit.org/show_bug.cgi?id=181398
        <rdar://problem/36357879>

        Reviewed by Alex Christensen.

        No new tests. Discussed with Alex Christensen and we concluded that
        both a layout test and an API test would require a lot of work and
        we have existing tests for clearing out storage access for frames.

        * platform/network/NetworkStorageSession.h:
        * platform/network/cf/NetworkStorageSessionCFNet.cpp:
        (WebCore::NetworkStorageSession::removeStorageAccessForAllFramesOnPage):

2018-01-08  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r226385.

        The test introduced with this was a flaky since being added.

        Reverted changeset:

        "AX: when invert colors is on, double-invert certain media
        elements in UserAgentStyleSheet"
        https://bugs.webkit.org/show_bug.cgi?id=168447
        https://trac.webkit.org/changeset/226385

2018-01-08  Youenn Fablet  <youenn@apple.com>

        SWClientConnection should not keep references to service worker jobs
        https://bugs.webkit.org/show_bug.cgi?id=181381

        Reviewed by Chris Dumez.

        Difficult to test determiniscally but corresponding crash log should no longer happen in debug builds.

        Stopped passing ServiceWorkerJob references from ServiceWorkerContainer (potentially in service worker thread) to SWClientConnection (main thread).
        Instead pass job identifiers and related data to the main thread.

        Minor refactoring to use ServiceWorkerJobIdentifier instead of ServiceWorkerJobDataIdentifier which contains more data than needed.

        * workers/service/SWClientConnection.cpp:
        (WebCore::SWClientConnection::scheduleJob):
        (WebCore::SWClientConnection::failedFetchingScript):
        (WebCore::SWClientConnection::postTaskForJob):
        (WebCore::SWClientConnection::jobRejectedInServer):
        (WebCore::SWClientConnection::registrationJobResolvedInServer):
        (WebCore::SWClientConnection::unregistrationJobResolvedInServer):
        (WebCore::SWClientConnection::startScriptFetchForServer):
        (WebCore::SWClientConnection::clearPendingJobs):
        (WebCore::SWClientConnection::finishedFetchingScript): Deleted.
        * workers/service/SWClientConnection.h:
        * workers/service/ServiceWorkerContainer.cpp:
        (WebCore::ServiceWorkerContainer::scheduleJob):
        (WebCore::ServiceWorkerContainer::startScriptFetchForJob):
        (WebCore::ServiceWorkerContainer::jobFinishedLoadingScript):
        (WebCore::ServiceWorkerContainer::jobFailedLoadingScript):
        * workers/service/ServiceWorkerContainer.h:
        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::rejectJob):
        (WebCore::SWServer::resolveRegistrationJob):
        (WebCore::SWServer::resolveUnregistrationJob):
        (WebCore::SWServer::startScriptFetch):
        * workers/service/server/SWServer.h:

2018-01-08  Wenson Hsieh  <wenson_hsieh@apple.com>

        Copying, pasting, and then deleting an attachment element breaks attachment data requests
        https://bugs.webkit.org/show_bug.cgi?id=181365
        <rdar://problem/36340647>

        Reviewed by Tim Horton.

        Currently, copying and pasting an attachment element within the same document and then deleting backwards to
        remove the pasted attachment element causes the original attachment element to be inaccessible via SPI. This is
        because there are now two different attachment elements with the same unique identifier, such that Document,
        which keeps a map of all unique attachment identifiers to attachment elements, will lose track of the original
        attachment element.

        To fix this, we ensure that attachment elements should always have unique identifiers when they are inserted
        into the document. We make several small adjustments to accomplish this:

        1.  First, refactor HTMLAttachmentElement's unique identifier so that it no longer depends on the value of the
            "webkitattachmentid" attribute, and is instead just a member of HTMLAttachmentElement that is not exposed to
            DOM bindings. This means setting and querying an attachment element's uniqueIdentifier can be done without
            triggering any side effects, such as layout or mutation events.

        2.  Next, make "webkitattachmentid" a temporary attribute similar to "webkitattachmentpath" and
            "webkitattachmentbloburl", so that it is added only when generating a markup fragment for editing, and
            removed upon deserialization.

        3.  Lastly, shift the responsibility of assigning a unique identifier to an attachment away from places where we
            create attachment elements, and instead have Document enforce this when an attachment element is inserted.

        Tests:  WKAttachmentTests.InsertAndRemoveDuplicateAttachment
                WKAttachmentTests.InsertDuplicateAttachmentAndUpdateData

        * dom/Document.cpp:
        (WebCore::Document::didInsertAttachmentElement):

        Assign the unique identifier of an attachment element that has been inserted. If the identifier already tracks
        an existing attachment element in the document or is missing, reassign the identifier to a new value.

        * editing/cocoa/WebContentReaderCocoa.mm:
        (WebCore::createFragmentForImageAttachment):
        (WebCore::replaceRichContentWithAttachments):
        (WebCore::WebContentReader::readFilePaths):

        Remove calls to setUniqueIdentifier here, since Document will assign a unique identifier upon insertion.

        * editing/markup.cpp:
        (WebCore::StyledMarkupAccumulator::appendCustomAttributes):
        (WebCore::createFragmentFromMarkup):

        Set the attachment's unique identifier to the value of the "webkitattachmentid" attribute. When moving existing
        attachments around in the DOM without duplication, this ensures that the attachment will be removed and
        reinserted in the document without triggering removal and insertion client delegate methods.

        When pasting an attachment element that has the same identifier as an existing attachment, we let Document
        realize that the attachment identifier already exists, and reassign it to a unique value.

        * html/HTMLAttachmentElement.cpp:
        (WebCore::HTMLAttachmentElement::uniqueIdentifier const): Deleted.
        (WebCore::HTMLAttachmentElement::setUniqueIdentifier): Deleted.
        * html/HTMLAttachmentElement.h:

2018-01-08  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderBlockFlow addChild logic to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=181348
        <rdar://problem/36328117>

        Reviewed by Antti Koivisto.

        This is about moving the code, no cleanup and/or normalization (unfortunately it also means
        some temporary changes).  

        No change in functionality.

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::addChild):
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::RenderTreeBuilder):
        (WebCore::RenderTreeBuilder::insertChildToRenderBlockFlow):
        * rendering/updating/RenderTreeBuilder.h:
        (WebCore::RenderTreeBuilder::blockFlowBuilder):
        * rendering/updating/RenderTreeBuilderBlockFlow.cpp: Added.
        (WebCore::RenderTreeBuilder::BlockFlow::BlockFlow):
        (WebCore::RenderTreeBuilder::BlockFlow::insertChild):
        * rendering/updating/RenderTreeBuilderBlockFlow.h: Added.

2018-01-08  Youenn Fablet  <youenn@apple.com>

        Add CSP support to service workers
        https://bugs.webkit.org/show_bug.cgi?id=181385

        Reviewed by Chris Dumez.

        Covered by rebased tests.

        Added recovery of CSP information from WorkerScriptLoader.
        Added plumbing to pass the CSP information to Service Workers.
        Added persistency support for the CSP information.

        * workers/WorkerScriptLoader.cpp:
        (WebCore::WorkerScriptLoader::loadAsynchronously):
        (WebCore::WorkerScriptLoader::didReceiveResponse):
        * workers/WorkerScriptLoader.h:
        (WebCore::WorkerScriptLoader::contentSecurityPolicy const):
        * workers/service/SWClientConnection.cpp:
        (WebCore::SWClientConnection::finishedFetchingScript):
        (WebCore::SWClientConnection::failedFetchingScript):
        * workers/service/SWClientConnection.h:
        * workers/service/ServiceWorkerContainer.cpp:
        (WebCore::ServiceWorkerContainer::addRegistration):
        (WebCore::ServiceWorkerContainer::jobFailedWithException):
        (WebCore::ServiceWorkerContainer::jobResolvedWithRegistration):
        (WebCore::ServiceWorkerContainer::jobFinishedLoadingScript):
        * workers/service/ServiceWorkerContainer.h:
        * workers/service/ServiceWorkerContextData.cpp:
        (WebCore::ServiceWorkerContextData::isolatedCopy const):
        * workers/service/ServiceWorkerContextData.h:
        (WebCore::ServiceWorkerContextData::encode const):
        (WebCore::ServiceWorkerContextData::decode):
        * workers/service/ServiceWorkerFetchResult.h:
        (WebCore::ServiceWorkerFetchResult::encode const):
        (WebCore::ServiceWorkerFetchResult::decode):
        * workers/service/ServiceWorkerGlobalScope.cpp:
        (WebCore::ServiceWorkerGlobalScope::create):
        * workers/service/ServiceWorkerGlobalScope.h:
        * workers/service/ServiceWorkerJob.cpp:
        (WebCore::ServiceWorkerJob::notifyFinished):
        * workers/service/ServiceWorkerJobClient.h:
        * workers/service/context/ServiceWorkerThread.cpp:
        (WebCore::ServiceWorkerThread::ServiceWorkerThread):
        (WebCore::ServiceWorkerThread::createWorkerGlobalScope):
        * workers/service/server/RegistrationDatabase.cpp:
        (WebCore::v1RecordsTableSchema):
        (WebCore::RegistrationDatabase::openSQLiteDatabase):
        (WebCore::RegistrationDatabase::doPushChanges):
        (WebCore::RegistrationDatabase::importRecords):
        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::updateWorker):
        (WebCore::SWServer::installContextData):
        * workers/service/server/SWServer.h:
        * workers/service/server/SWServerJobQueue.cpp:
        (WebCore::SWServerJobQueue::scriptFetchFinished):
        * workers/service/server/SWServerWorker.cpp:
        (WebCore::SWServerWorker::SWServerWorker):
        (WebCore::m_contentSecurityPolicy):
        (WebCore::SWServerWorker::contextData const):
        * workers/service/server/SWServerWorker.h:

2018-01-08  Youenn Fablet  <youenn@apple.com>

        Use no-cache fetch mode when loading main documents with location.reload()
        https://bugs.webkit.org/show_bug.cgi?id=181285

        Reviewed by Alex Christensen.

        Covered by rebased tests.

        Start to translate cache policy used for navigation as FetchOptions::Cache.
        This allows ensuring service workers receive the right cache mode when intercepting navigation loads.
        To not change current navigation behavior, ReturnCacheDataElseLoad and ReturnCacheDataDontLoad still trigger default fetch cache mode.

        For Reload and ReloadExpiredOnly frame load types, using no-cache mode is more efficient than reload mode,
        as a conditional request will be sent if possible. This applies to location.reload which is consistent with other browsers.
        Keep reload mode for ReloadFromOrigin.

        * loader/DocumentLoader.cpp:
        (WebCore::toFetchOptionsCache):
        (WebCore::DocumentLoader::loadMainResource):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadFrameRequest):
        (WebCore::FrameLoader::loadURL):
        (WebCore::FrameLoader::load):
        (WebCore::FrameLoader::reload):
        (WebCore::FrameLoader::defaultRequestCachingPolicy):
        (WebCore::FrameLoader::loadDifferentDocumentItem):
        * loader/NavigationScheduler.cpp:

2018-01-08  Youenn Fablet  <youenn@apple.com>

        Stop exposing fetch and extendable events to window
        https://bugs.webkit.org/show_bug.cgi?id=181325

        Reviewed by Chris Dumez.

        Covered by updated tests.

        Marked FetchEvent and ExtendableEvent as visible in ServiceWorker environments only.
        Moved related Internals testing routines to ServiceWorkerInternals.

        * testing/Internals.cpp:
        (WebCore::Internals::waitForFetchEventToFinish): Deleted.
        (WebCore::Internals::createBeingDispatchedFetchEvent): Deleted.
        * testing/Internals.h:
        * testing/Internals.idl:
        * testing/ServiceWorkerInternals.cpp:
        (WebCore::ServiceWorkerInternals::waitForFetchEventToFinish):
        (WebCore::ServiceWorkerInternals::createBeingDispatchedFetchEvent):
        * testing/ServiceWorkerInternals.h:
        * testing/ServiceWorkerInternals.idl:
        * workers/service/ExtendableEvent.idl:
        * workers/service/FetchEvent.idl:

2018-01-08  Antti Koivisto  <antti@apple.com>

        REGRESSION (r219145): Toggling layer borders on a static document no longer works immediately
        https://bugs.webkit.org/show_bug.cgi?id=176260
        <rdar://problem/34219966>

        Reviewed by Simon Fraser.

        Optimization reveled bugs in debug indicator painting.

        Test: compositing/debug-borders-dynamic.html

        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::commitLayerChangesBeforeSublayers):
        (WebCore::GraphicsLayerCA::updateDebugIndicators):
        (WebCore::GraphicsLayerCA::updateDebugBorder): Deleted.

        - Rename to indicate this is not just about debug borders.
        - Trigger display so repaint counters get painted. This helper is only called when the indicators change.

        * platform/graphics/ca/GraphicsLayerCA.h:
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::cacheAcceleratedCompositingFlags):

        Ensure we do compositing update on debug border change even when there is no layout.

2018-01-08  Zalan Bujtas <zalan@apple.com>

        [RenderTreeBuilder] Move RenderInline addChild logic to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=181336
        <rdar://problem/36324693>

        Reviewed by Antti Koivisto.

        This is about moving the code, no cleanup and/or normalization (unfortunately it also means
        some temporary changes).  

        No change in functionality.

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * rendering/RenderInline.cpp:
        (WebCore::RenderInline::addChild):
        (WebCore::RenderInline::addChildIgnoringContinuation):
        (WebCore::RenderInline::childBecameNonInline):
        (WebCore::nextContinuation): Deleted.
        (WebCore::RenderInline::continuationBefore): Deleted.
        (WebCore::newChildIsInline): Deleted.
        (WebCore::RenderInline::cloneAsContinuation const): Deleted.
        (WebCore::RenderInline::splitInlines): Deleted.
        (WebCore::RenderInline::splitFlow): Deleted.
        (WebCore::canUseAsParentForContinuation): Deleted.
        (WebCore::RenderInline::addChildToContinuation): Deleted.
        * rendering/RenderInline.h:
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::RenderTreeBuilder):
        (WebCore::RenderTreeBuilder::insertChildToRenderInline):
        (WebCore::RenderTreeBuilder::insertChildToRenderInlineIgnoringContinuation):
        (WebCore::RenderTreeBuilder::splitFlow):
        * rendering/updating/RenderTreeBuilder.h:
        (WebCore::RenderTreeBuilder::inlineBuilder):
        * rendering/updating/RenderTreeBuilderInline.cpp: Added.
        (WebCore::canUseAsParentForContinuation):
        (WebCore::nextContinuation):
        (WebCore::continuationBefore):
        (WebCore::cloneAsContinuation):
        (WebCore::newChildIsInline):
        (WebCore::inFlowPositionedInlineAncestor):
        (WebCore::RenderTreeBuilder::Inline::Inline):
        (WebCore::RenderTreeBuilder::Inline::insertChild):
        (WebCore::RenderTreeBuilder::Inline::insertChildToContinuation):
        (WebCore::RenderTreeBuilder::Inline::insertChildIgnoringContinuation):
        (WebCore::RenderTreeBuilder::Inline::splitFlow):
        (WebCore::RenderTreeBuilder::Inline::splitInlines):
        * rendering/updating/RenderTreeBuilderInline.h: Added.

2018-01-08  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderBlock addChild logic to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=181319
        <rdar://problem/36313464>

        Reviewed by Antti Koivisto.

        This is about moving the code, no cleanup and/or normalization (unfortunately it also means
        some temporary changes).  

        No change in functionality.

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::addChild):
        (WebCore::RenderBlock::addChildIgnoringContinuation):
        (WebCore::RenderBlock::childBecameNonInline):
        (WebCore::RenderBlock::continuationBefore): Deleted.
        (WebCore::RenderBlock::addChildToContinuation): Deleted.
        (WebCore::getInlineRun): Deleted.
        (WebCore::RenderBlock::makeChildrenNonInline): Deleted.
        * rendering/RenderBlock.h:
        * rendering/RenderBox.cpp:
        (WebCore::markBoxForRelayoutAfterSplit): Deleted.
        (WebCore::RenderBox::splitAnonymousBoxesAroundChild): Deleted.
        * rendering/RenderBox.h:
        * rendering/RenderRubyBase.cpp:
        (WebCore::RenderRubyBase::moveChildren):
        (WebCore::RenderRubyBase::moveBlockChildren):
        * rendering/RenderTable.cpp:
        (WebCore::RenderTable::addChild):
        * rendering/RenderTableRow.cpp:
        (WebCore::RenderTableRow::addChild):
        * rendering/RenderTableSection.cpp:
        (WebCore::RenderTableSection::addChild):
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::markBoxForRelayoutAfterSplit):
        (WebCore::getInlineRun):
        (WebCore::RenderTreeBuilder::RenderTreeBuilder):
        (WebCore::RenderTreeBuilder::insertChildToRenderBlock):
        (WebCore::RenderTreeBuilder::insertChildToRenderBlockIgnoringContinuation):
        (WebCore::RenderTreeBuilder::makeChildrenNonInline):
        (WebCore::RenderTreeBuilder::splitAnonymousBoxesAroundChild):
        * rendering/updating/RenderTreeBuilder.h:
        (WebCore::RenderTreeBuilder::blockBuilder):
        * rendering/updating/RenderTreeBuilderBlock.cpp: Added.
        (WebCore::continuationBefore):
        (WebCore::RenderTreeBuilder::Block::Block):
        (WebCore::RenderTreeBuilder::Block::insertChild):
        (WebCore::RenderTreeBuilder::Block::insertChildToContinuation):
        (WebCore::RenderTreeBuilder::Block::insertChildIgnoringContinuation):
        * rendering/updating/RenderTreeBuilderBlock.h: Added.
        
2018-01-08  Jeremy Jones  <jeremyj@apple.com>

        Standard controls sometimes say video is in pip when it isnt.
        https://bugs.webkit.org/show_bug.cgi?id=181095
        rdar://problem/36182687

        Reviewed by Eric Carlson.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::exitFullscreen):

2018-01-08  Jer Noble  <jer.noble@apple.com>

        REGRESSION: [iOS] ASSERTION FAILED: !node.isConnected() in WebCore::notifyNodeInsertedIntoDocument
        https://bugs.webkit.org/show_bug.cgi?id=181091

        Reviewed by Darin Adler.

        Move the work previously performed in insertedIntoAncestor() into didFinishInsertingNode().

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::prepareForLoad):

2018-01-08  Zan Dobersek  <zdobersek@igalia.com>

        [Cairo] Use isolated fill and stroke source containers
        https://bugs.webkit.org/show_bug.cgi?id=181386

        Reviewed by Carlos Garcia Campos.

        Generate fill and stroke source objects upon invocation of various Cairo
        operations, initializing necessary data from the GraphicsContextState
        object.

        Cairo::FillSource and Cairo::StrokeSource structs are introduced, both
        being default-constructible as well as providing a constructor that
        accepts a GraphicsContextState object from which the appropriate
        resources are created.

        The FillSource and StrokeSource objects are then passed to
        PlatformContextCairo's prepareForFilling() and prepareForStroking()
        methods. Here the helper prepareCairoContextSource() function is now
        invoked with cairo_pattern_t objects as pattern or gradient sources, or
        the source color if neither cairo_pattern_t object is specified.

        The FillSource and StrokeSource constructors mimic the previous behavior
        of prepareCairoContextSource(). In case the source is a Pattern object,
        a cairo_pattern_t object is created from that. In case of FillSource,
        we also retrieve pattern size, transform and repetition information. In
        case the source os a Gradient object, we create a 'base' cairo_pattern_t
        object for a completely opaque alpha channel. Additionally, if the alpha
        value on the state is not 1, we create an alpha-adjusted cairo_pattern_t
        that is potentially used for any filling or stroking operation that has
        to preserve transparency. If neither Pattern or Gradient objects are set
        on the GraphicsContextState, we default to the current fill or stroke
        color.

        Overall, there's no change in behavior, this is simply a refactoring
        that enables us to construct Cairo objects for filling and stroking
        sources at the time of Cairo operation dispatch, instead of pulling down
        GraphicsContextState deeper into the Cairo-specific code.

        No new tests -- no change in functionality.

        * platform/graphics/cairo/CairoOperations.cpp:
        (WebCore::Cairo::drawPathShadow):
        (WebCore::Cairo::fillCurrentCairoPath):
        (WebCore::Cairo::FillSource::FillSource):
        (WebCore::Cairo::StrokeSource::StrokeSource):
        (WebCore::Cairo::fillRect):
        (WebCore::Cairo::fillRectWithRoundedHole):
        (WebCore::Cairo::fillPath):
        (WebCore::Cairo::strokeRect):
        (WebCore::Cairo::strokePath):
        (WebCore::Cairo::drawGlyphs):
        * platform/graphics/cairo/CairoOperations.h:
        * platform/graphics/cairo/FontCairo.cpp:
        (WebCore::FontCascade::drawGlyphs):
        * platform/graphics/cairo/GraphicsContextCairo.cpp:
        (WebCore::GraphicsContext::fillPath):
        (WebCore::GraphicsContext::strokePath):
        (WebCore::GraphicsContext::fillRect):
        (WebCore::GraphicsContext::strokeRect):
        (WebCore::GraphicsContext::fillRectWithRoundedHole):
        * platform/graphics/cairo/PlatformContextCairo.cpp:
        (WebCore::prepareCairoContextSource):
        (WebCore::PlatformContextCairo::prepareForFilling):
        (WebCore::PlatformContextCairo::prepareForStroking):
        (WebCore::PlatformContextCairo::clipForPatternFilling):
        * platform/graphics/cairo/PlatformContextCairo.h:

2018-01-08  Youenn Fablet  <youenn@apple.com>

        navigator.onLine does not work inside service workers
        https://bugs.webkit.org/show_bug.cgi?id=181079
        <rdar://problem/36178606>

        Reviewed by Darin Adler.

        Test: http/wpt/service-workers/online.https.html

        Added support for onLine by reusing a similar implementation as regular workers.
        Added ServiceWorkerInternals as an interface for an object exposed as self.internals in WTR.
        This object has currently one method to trigger change in the online/offline status.
        This allows writing a test for the onLine feature.

        Note that self.internals is inserted asynchronously after the script was evaluated.
        When writing a worker script using self.internals, one must make sure to use self.internals when initialized.
        online-worker.js for instance makes use of self.internals in a postMessage callback.

        * CMakeLists.txt:
        * DerivedSources.make:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/WorkerScriptController.h:
        * dom/ScriptExecutionContext.h:
        * testing/ServiceWorkerInternals.cpp: Added.
        (WebCore::ServiceWorkerInternals::ServiceWorkerInternals):
        (WebCore::ServiceWorkerInternals::setOnline):
        * testing/ServiceWorkerInternals.h: Added.
        * testing/ServiceWorkerInternals.idl: Added.
        * testing/js/WebCoreTestSupport.cpp:
        (WebCoreTestSupport::setupNewlyCreateServiceWorker):
        * testing/js/WebCoreTestSupport.h:
        * workers/service/context/SWContextManager.cpp:
        (WebCore::SWContextManager::registerServiceWorkerThreadForInstall):
        (WebCore::SWContextManager::startedServiceWorker):
        * workers/service/context/SWContextManager.h:
        (WebCore::SWContextManager::setServiceWorkerCreationCallback):
        (WebCore::SWContextManager::workerByID):
        * workers/service/context/ServiceWorkerThread.cpp:
        (WebCore::ServiceWorkerThread::ServiceWorkerThread):
        * workers/service/context/ServiceWorkerThreadProxy.cpp:
        (WebCore::ServiceWorkerThreadProxy::ServiceWorkerThreadProxy):
        (WebCore::ServiceWorkerThreadProxy::~ServiceWorkerThreadProxy):
        (WebCore::ServiceWorkerThreadProxy::networkStateChanged):
        (WebCore::ServiceWorkerThreadProxy::notifyNetworkStateChange):
        * workers/service/context/ServiceWorkerThreadProxy.h:

2018-01-08  Zan Dobersek  <zdobersek@igalia.com>

        [Cairo] Contain shadow blur requirement state in a separate object
        https://bugs.webkit.org/show_bug.cgi?id=181380

        Reviewed by Carlos Garcia Campos.

        Instead of picking up the necessary state parameters from a
        GraphicsContextState object, store the necessary parameters in a helper
        ShadowBlurUsage struct. Mimicking the mustUseShadowBlur() function that
        is being removed, values of the shadow color, shadow blur, and shadow
        transform ignorance are stored there. Additionally, the required()
        method accepts a PlatformContextCairo object through which it can
        retrieve the current CTM and determine whether it's an identity, finally
        deciding whether shadow blur can or cannot be ignored.

        Goal of this change is to limit usage of GraphicsContextState directly
        in operations implemented inside the Cairo namespace. Instead, the
        state parameters should be passed directly, or an equivalent but limited
        state object should be constructed for invocation of such operations.

        This is likely only an intermediate solution. It's possible it will be
        replaced by a more complete shadow state struct that would be used for
        any operation that is required to draw shadows, if necessary.

        No new tests -- no change in functionality.

        * platform/graphics/cairo/CairoOperations.cpp:
        (WebCore::Cairo::drawGlyphsShadow):
        (WebCore::Cairo::ShadowBlurUsage::ShadowBlurUsage):
        (WebCore::Cairo::ShadowBlurUsage::required const):
        (WebCore::Cairo::fillRectWithRoundedHole):
        (WebCore::Cairo::drawGlyphs):
        (WebCore::Cairo::mustUseShadowBlur): Deleted.
        * platform/graphics/cairo/CairoOperations.h:
        * platform/graphics/cairo/FontCairo.cpp:
        (WebCore::FontCascade::drawGlyphs):
        * platform/graphics/cairo/GraphicsContextCairo.cpp:
        (WebCore::GraphicsContext::fillRectWithRoundedHole):

2018-01-08  Philippe Normand  <pnormand@igalia.com>

        [GStreamer][Soup] Remove dead getCreateOrReadBuffer code path
        https://bugs.webkit.org/show_bug.cgi?id=181376

        Reviewed by Carlos Garcia Campos.

        This code path is no longer used now that the GStreamer HTTP
        source element uses data coming directly from the network process.

        * SourcesGTK.txt:
        * SourcesWPE.txt:
        * loader/MediaResourceLoader.cpp:
        (WebCore::MediaResource::getOrCreateReadBuffer): Deleted.
        * loader/MediaResourceLoader.h:
        * loader/SubresourceLoader.h:
        * loader/cache/CachedRawResource.h:
        * loader/cache/CachedRawResourceClient.h:
        (WebCore::CachedRawResourceClient::finishedTimingForWorkerLoad):
        (WebCore::CachedRawResourceClient::getOrCreateReadBuffer): Deleted.
        * loader/cache/CachedResource.h:
        (WebCore::CachedResource::getOrCreateReadBuffer): Deleted.
        * loader/soup/CachedRawResourceSoup.cpp: Removed.
        * loader/soup/SubresourceLoaderSoup.cpp: Removed.
        * platform/graphics/PlatformMediaResourceLoader.h:
        (WebCore::PlatformMediaResourceClient::loadFinished):
        (WebCore::PlatformMediaResourceClient::getOrCreateReadBuffer): Deleted.
        * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
        (CachedResourceStreamingClient::getOrCreateReadBuffer): Deleted.
        * platform/network/ResourceHandleClient.h:
        (WebCore::ResourceHandleClient::getOrCreateReadBuffer): Deleted.
        * platform/network/soup/ResourceHandleSoup.cpp:
        (WebCore::ResourceHandle::ensureReadBuffer):

2018-01-08  Zan Dobersek  <zdobersek@igalia.com> and Carlos Garcia Campos  <cgarcia@igalia.com>

        [GStreamer] use FastMalloc-based GstAllocator
        https://bugs.webkit.org/show_bug.cgi?id=165793

        Reviewed by Philippe Normand.

        Add GstAllocatorFastMalloc, a GstAllocator implementation using fast malloc. It's only used when fast malloc is
        enabled and can be disabled using an environment variable for debugging purposes.

        * platform/GStreamer.cmake:
        * platform/graphics/gstreamer/GStreamerUtilities.cpp:
        (WebCore::initializeGStreamer):
        * platform/graphics/gstreamer/GstAllocatorFastMalloc.cpp: Added.
        (gstMemoryFastMallocNew):
        (gstAllocatorFastMallocAlloc):
        (gstAllocatorFastMallocFree):
        (gstAllocatorFastMallocMemMap):
        (gstAllocatorFastMallocMemUnmap):
        (gstAllocatorFastMallocMemCopy):
        (gstAllocatorFastMallocMemShare):
        (gstAllocatorFastMallocMemIsSpan):
        (gst_allocator_fast_malloc_class_init):
        (gst_allocator_fast_malloc_init):
        * platform/graphics/gstreamer/GstAllocatorFastMalloc.h: Added.

2018-01-07  Ms2ger  <Ms2ger@igalia.com>

        Implement createImageBitmap(ImageBitmap)
        https://bugs.webkit.org/show_bug.cgi?id=181287

        Reviewed by Darin Adler.

        Tests: imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-drawImage.html
               imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-invalid-args.html

        * html/ImageBitmap.cpp:
        (WebCore::ImageBitmap::createPromise):

2018-01-07  Ryosuke Niwa  <rniwa@webkit.org>

        Reduce the precision of "high" resolution time to 1ms
        https://bugs.webkit.org/show_bug.cgi?id=180910
        <rdar://problem/36085943>

        Reviewed by Saam Barati.

        Reduced the high prevision time's resolution to 1ms, the same precision as Date.now().

        Also fixed the bug in fillRTCStats that we weren't reducing the time resolution in RTCStats dictionaries.

        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::fillRTCStats):
        * page/Performance.cpp:
        (WebCore::Performance::reduceTimeResolution):

2018-01-06  Simon Fraser  <simon.fraser@apple.com>

        Possible crash computing event regions
        https://bugs.webkit.org/show_bug.cgi?id=181368
        rdar://problem/34847081

        Reviewed by Zalan Bujtas.

        Don't trigger layout in Element::absoluteEventHandlerBounds(), since this can run arbirary script
        which might delete elements or re-enter Document::absoluteRegionForEventTargets().

        It's OK to not trigger layout, because if layout is dirty, the next layout will update event regions again.

        Add a LayoutDisallowedScope to check that Document::absoluteRegionForEventTargets() doesn't
        trigger layout, and move the check for LayoutDisallowedScope::isLayoutAllowed() from Document::updateLayout()
        to LayoutContext::layout(), since some layouts don't happen via the former (e.g. the one being removed here).

        The test checks that the assertion does not fire. I was not able to get a reliable test for any crash.

        Test: fast/events/event-handler-regions-layout.html

        * dom/Document.cpp:
        (WebCore::Document::updateLayout):
        (WebCore::Document::absoluteRegionForEventTargets):
        * dom/Element.cpp:
        (WebCore::Element::absoluteEventHandlerBounds):
        * page/LayoutContext.cpp:
        (WebCore::LayoutContext::layout):
        * rendering/LayoutDisallowedScope.h: Move the #ifdefs around to avoid defining the enum twice.
        (WebCore::LayoutDisallowedScope::LayoutDisallowedScope):
        (WebCore::LayoutDisallowedScope::isLayoutAllowed):

2018-01-06  Simon Fraser  <simon.fraser@apple.com>

        Crash under RenderLayer::scrollTo() with marquee
        https://bugs.webkit.org/show_bug.cgi?id=181349
        rdar://problem/36190168

        Reviewed by Zalan Bujtas.

        Don't call updateWidgetPositions() synchonously during RenderLayer scrolling, because it
        can run arbitrary script which may trigger destruction of this RenderLayer.

        Instead, queue up updateWidgetPositions() on a zero-delay timer.

        Under some circumstances this may allow a paint to occur before the widgets have been
        updated (which could be fixed with a more invasive change), but in practice I saw no
        painting issues with plug-ins or iframes inside overflow scroll, in WebKit or LegacyWebKit.

        Test: fast/scrolling/marquee-scroll-crash.html

        * page/FrameView.cpp:
        (WebCore::FrameView::FrameView):
        (WebCore::FrameView::updateWidgetPositions):
        (WebCore::FrameView::scheduleUpdateWidgetPositions):
        (WebCore::FrameView::updateWidgetPositionsTimerFired):
        * page/FrameView.h:
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::scrollTo):

2018-01-05  Dean Jackson  <dino@apple.com>

        Accurately clip copyTexImage2D and copyTexSubImage2D
        https://bugs.webkit.org/show_bug.cgi?id=181356
        <rdar://problem/35083877>

        Reviewed by Eric Carlson.

        The code to make sure copyTexSubImage2D and copyTexImage2D will not try to read
        out of bounds had a bad bug introduced here:
        https://bugs.webkit.org/show_bug.cgi?id=51421

        With appropriate parameters, it would produce a rectangle with
        negative dimensions. Most GL drivers just ignored this, but some
        are not happy.

        Test: fast/canvas/webgl/copy-tex-image-and-sub-image-2d-bad-input.html

        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::clip2D): Reimplement this in a more sane manner, and use
        checked arithmetic while here.
        * html/canvas/WebGLRenderingContextBase.h:
        (WebCore::clip1D): Deleted.
        (WebCore::clip2D): Deleted.

2018-01-06  Antti Koivisto  <antti@apple.com>

        Use WeakPtr for RenderTreePosition::m_nextSibling
        https://bugs.webkit.org/show_bug.cgi?id=181363

        Reviewed by Zalan Bujtas.

        For safety. In most cases it is null and won't cause us to instantiate WeakReferences for
        many new objects.

        * rendering/updating/RenderTreePosition.cpp:
        (WebCore::RenderTreePosition::computeNextSibling):
        * rendering/updating/RenderTreePosition.h:
        (WebCore::RenderTreePosition::RenderTreePosition):
        (WebCore::RenderTreePosition::nextSibling const):

2018-01-05  David Kilzer  <ddkilzer@apple.com>

        Re-enable -Wcast-qual in WebCore for Apple ports
        <https://webkit.org/b/177895>
        <rdar://problem/34960830>

        Reviewed by Joseph Pecoraro.

        * Configurations/Base.xcconfig:
        (WARNING_CFLAGS): Remove FIXME and add -Wcast-qual back to
        arguments.

        * crypto/mac/SerializedCryptoKeyWrapMac.mm:
        (WebCore::createAndStoreMasterKey):
        - Use checked_cf_cast<SecACLRef>().

        * editing/cocoa/DataDetection.mm:
        (WebCore::detectItemAtPositionWithRange):
        - Manually cast CFTypeRef to DDResultRef until
          DDResultGetTypeID() is available as SPI.

        * platform/gamepad/mac/HIDGamepad.cpp:
        (WebCore::HIDGamepad::initElementsFromArray):
        - Use checked_cf_cast<IOHIDElementRef>().

        * platform/graphics/avfoundation/objc/MediaSampleAVFObjC.mm:
        (WebCore::MediaSampleAVFObjC::createImageSample):
        (WebCore::CMSampleBufferIsRandomAccess):
        (WebCore::CMSampleBufferIsNonDisplaying):
        (WebCore::MediaSampleAVFObjC::createNonDisplayingCopy const):
        - Use checked_cf_cast<CFMutableDictionaryRef>() and
          checked_cf_cast<CFDictionaryRef>().

        * platform/graphics/cocoa/IOSurface.h:
        (WebCore::IOSurface::asLayerContents):
        - Use reinterpret_cast<id>() to cast from IOSurfaceRef to id.

        * platform/graphics/cocoa/WebCoreDecompressionSession.mm:
        (WebCore::WebCoreDecompressionSession::getFirstVideoFrame):
        (WebCore::WebCoreDecompressionSession::automaticDequeue):
        (WebCore::WebCoreDecompressionSession::imageForTime):
        (WebCore::WebCoreDecompressionSession::getDecodeTime):
        (WebCore::WebCoreDecompressionSession::getPresentationTime):
        (WebCore::WebCoreDecompressionSession::getDuration):
        - Use checked_cf_cast<CMSampleBufferRef>().

        * platform/graphics/Font.h:
        (WebCore::Font::m_kernedCFStringAttributes):
        (WebCore::Font::m_nonKernedCFStringAttributes):
        - Change type from RetainPtr<CFDictionaryRef> to
          RetainPtr<CFMutableDictionaryRef> since that's what they are.
        * platform/graphics/mac/SimpleFontDataCoreText.cpp:
        (WebCore::Font::getCFStringAttributes const):
        - Replace local `mutableAttributes` variable with
          `attributesDictionary.get()` since it returns the correct type
          now.

        * platform/ios/wak/WAKView.mm:
        (-[WAKView _initWithViewRef:]):
        (_WAKCopyWrapper):
        * platform/ios/wak/WKView.mm:
        (_WKViewClearSuperview):
        (WKViewFirstChild):
        (WKViewNextSibling):
        - Use static_cast<WKViewRef>(const_cast<void*>()) to convert
          const void* variable to WKViewRef.

        * platform/mac/PasteboardMac.mm:
        (WebCore::flipImageSpec):
        (WebCore::setDragImageImpl):
        - Use const_cast<> to remove 'const' modifier from
          unsigned char pointers.  This regressed while -Wcast-qual was
          disabled for WebCore.

        * platform/mac/SSLKeyGeneratorMac.mm:
        (WebCore::signedPublicKeyAndChallengeString):
        - Use checked_cf_cast<SecACLRef>().

        * platform/mediastream/mac/RealtimeIncomingVideoSourceCocoa.cpp:
        (WebCore::RealtimeIncomingVideoSourceCocoa::OnFrame):
        - Use checked_cf_cast<CFMutableDictionaryRef>().

        * platform/network/cf/SocketStreamHandleImplCFNet.cpp:
        (WebCore::copyCONNECTProxyResponse):
        - Use checked_cf_cast<CFHTTPMessageRef>().

        * platform/network/cocoa/ResourceResponseCocoa.mm:
        (WebCore::ResourceResponse::platformCertificateInfo const):
        - Use checked_cf_cast<SecTrustRef>().

        * platform/network/mac/CertificateInfoMac.mm:
        (WebCore::CertificateInfo::containsNonRootSHA1SignedCertificate const):
        (WebCore::CertificateInfo::dump const):
        - Use checked_cf_cast<SecCertificateRef>().

        * testing/cocoa/WebArchiveDumpSupport.mm:
        (WebCoreTestSupport::createCFURLResponseFromResponseData):
        - Use checked_cf_cast<>() for CFMutable* types.

2018-01-05  John Wilander  <wilander@apple.com>

        Storage Access API: Refactor to make naming accurate and explicit, simplify access table, and prepare for access removal for page
        https://bugs.webkit.org/show_bug.cgi?id=181357
        <rdar://problem/36331031>

        Reviewed by Alex Christensen.

        No new tests. The only changed functionality that isn't covered
        by existing tests is cross-origin iframes in the same partition
        should be handled as already having access. This cannot be
        tested in layout tests since they don't support subdomains.

        This change does the following:
        - Changes function and message names to reflect how this feature
          was eventually implemented, i.e. access per frame.
        - Makes it explicit that the UI process is only involved in
          granting storage access and not removing storage access.
          The latter is done directly by the web process.
        - Simplifies the network process' entry map since only needs to
          be able to give access to one domain in one frame at a time.
          Access goes away on frame navigation so there can only be one
          domain at a time per frame. Also, the map now uses pageIDs as
          main keys to prepare for efficient access removal for all
          frames under a page.
        - Fixes a bug in so that a cross-origin iframe with the same
          partition as the top frame correctly is handled as already
          having access.

        * platform/network/NetworkStorageSession.h:
        * platform/network/cf/NetworkStorageSessionCFNet.cpp:
        (WebCore::NetworkStorageSession::cookieStoragePartition const):
            The only change here is the changed named of the call to
            NetworkStorageSession::hasStorageAccessForFrame().
        (WebCore::NetworkStorageSession::hasStorageAccessForFrame const):
        (WebCore::NetworkStorageSession::grantStorageAccessForFrame):
        (WebCore::NetworkStorageSession::removeStorageAccessForFrame):
        (WebCore::NetworkStorageSession::isStorageAccessGranted const): Deleted.
        (WebCore::NetworkStorageSession::setStorageAccessGranted): Deleted.
        (WebCore::NetworkStorageSession::removeStorageAccess): Deleted.

2018-01-05  Youenn Fablet  <youenn@apple.com>

        Implement Cache API partitioning based on ClientOrigin
        https://bugs.webkit.org/show_bug.cgi?id=181240

        Reviewed by Alex Christensen.

        Covered by updated tests.

        Previously, cache storage was partitioned according the origin of the client, represented as a String.
        We now partition according both client and top origins, represented as a ClientOrigin

        Minor refactoring to use more makePendingActivity.
        Added support for IPC serialization of ClientOrigin.
        Added SecurityOriginData::toString which is used by WebKit2 Cache Storage implementation.

        * Modules/cache/CacheStorageConnection.cpp:
        (WebCore::CacheStorageConnection::open):
        (WebCore::CacheStorageConnection::retrieveCaches):
        * Modules/cache/CacheStorageConnection.h:
        (WebCore::CacheStorageConnection::clearMemoryRepresentation):
        (WebCore::CacheStorageConnection::doOpen):
        (WebCore::CacheStorageConnection::doRetrieveCaches):
        * Modules/cache/DOMCacheStorage.cpp:
        (WebCore::DOMCacheStorage::origin const):
        (WebCore::DOMCacheStorage::retrieveCaches):
        (WebCore::DOMCacheStorage::open):
        (WebCore::DOMCacheStorage::remove):
        * Modules/cache/DOMCacheStorage.h:
        * Modules/cache/WorkerCacheStorageConnection.cpp:
        (WebCore::WorkerCacheStorageConnection::doOpen):
        (WebCore::WorkerCacheStorageConnection::doRetrieveCaches):
        * Modules/cache/WorkerCacheStorageConnection.h:
        * page/ClientOrigin.h:
        (WebCore::ClientOrigin::isolatedCopy const):
        (WebCore::ClientOrigin::encode const):
        (WebCore::ClientOrigin::decode):
        * page/SecurityOriginData.cpp:
        (WebCore::SecurityOriginData::toString const):
        (WebCore::SecurityOriginData::debugString const): Deleted.
        * page/SecurityOriginData.h:
        (WebCore::SecurityOriginData::debugString const):
        * testing/Internals.cpp:
        (WebCore::Internals::clearCacheStorageMemoryRepresentation):

2018-01-05  Wenson Hsieh  <wenson_hsieh@apple.com>

        [Attachment Support] Add a way to write blob data to a file URL from the UI process
        https://bugs.webkit.org/show_bug.cgi?id=181236

        Reviewed by Brady Eidson.

        Add support for writing a blob to a designated file path. See comments below for more detail. No new tests, as
        there change in behavior yet. See part 2: https://bugs.webkit.org/show_bug.cgi?id=181199.

        * page/DragController.cpp:
        (WebCore::DragController::dragAttachmentElement):
        * platform/PromisedBlobInfo.h:

        Remove PromisedBlobData entirely. This was added with the premise of having the web process deliver blob data to
        the UI process. However, the new approach I'm taking just has the UI process tell the network process to write
        a blob to a given location, so a data structure to deliver blob data over IPC is no longer necessary.

        (WebCore::PromisedBlobData::hasData const): Deleted.
        (WebCore::PromisedBlobData::hasFile const): Deleted.
        (WebCore::PromisedBlobData::operator bool const): Deleted.
        (WebCore::PromisedBlobData::fulfills const): Deleted.
        * platform/network/BlobRegistryImpl.cpp:
        (WebCore::BlobRegistryImpl::populateBlobsForFileWriting):

        Introduce a new helper to build a list of blob data for file writing.

        (WebCore::writeFilePathsOrDataBuffersToFile):

        Introduce a new static helper to write blob data (a list of file paths and data buffers) to a given file handle.
        Automatically closes the given file handle upon exit.

        (WebCore::BlobRegistryImpl::writeBlobsToTemporaryFiles):
        (WebCore::BlobRegistryImpl::writeBlobToFilePath):

        Pull out common logic in writeBlobsToTemporaryFiles and writeBlobToFilePath into helper methods (see above), and
        refactor both methods to use the helpers.

        * platform/network/BlobRegistryImpl.h:

2018-01-05  Alex Christensen  <achristensen@webkit.org>

        Forbid < and > in URL hosts
        https://bugs.webkit.org/show_bug.cgi?id=181308
        <rdar://problem/36012757>

        Reviewed by Tim Horton.

        https://url.spec.whatwg.org/#forbidden-host-code-point does not include these characters yet, but I think it should.
        Firefox fails to parse URLs with < or > in the host.  Chrome percent encodes them.  Safari needs to do something.
        The web platform tests are unclear on this case, and they will need to be updated with the specification.
        They do show a change in behavior, though.

        * platform/URLParser.cpp:
        Add < and > to the list of forbidden host code points.

2018-01-05  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] Add Mac screen capture source
        https://bugs.webkit.org/show_bug.cgi?id=181333
        <rdar://problem/36323219>

        Reviewed by Dean Jackson.

        * SourcesCocoa.txt: Add ScreenDisplayCaptureSourceMac.mm.

        * WebCore.xcodeproj/project.pbxproj: Ditto.

        * platform/cocoa/CoreVideoSoftLink.cpp: Declare new constants used.
        * platform/cocoa/CoreVideoSoftLink.h:

        * platform/mediastream/mac/DisplayCaptureManagerCocoa.cpp:
        (WebCore::displayReconfigurationCallBack): Call refreshCaptureDevices.
        (WebCore::DisplayCaptureManagerCocoa::~DisplayCaptureManagerCocoa): Unregister for display
        reconfiguration callbacks.
        (WebCore::DisplayCaptureManagerCocoa::captureDevices): Register for display reconfigrations.
        (WebCore::DisplayCaptureManagerCocoa::refreshCaptureDevices): Use CGActiveDisplayList to
        get list of active screens.
        (WebCore::DisplayCaptureManagerCocoa::screenCaptureDeviceWithPersistentID): Validate screen
        ID, return CaptureDevice.
        * platform/mediastream/mac/DisplayCaptureManagerCocoa.h:

        * platform/mediastream/mac/RealtimeMediaSourceCenterMac.cpp:
        (WebCore::VideoCaptureSourceFactoryMac::createVideoCaptureSource): Deal with screen capture
        on macOS.

        Implement Mac screen capture with CGDisplayStream.
        * platform/mediastream/mac/ScreenDisplayCaptureSourceMac.h: Added.
        (WebCore::ScreenDisplayCaptureSourceMac::DisplaySurface::~DisplaySurface):
        (WebCore::ScreenDisplayCaptureSourceMac::DisplaySurface::operator=):
        (WebCore::ScreenDisplayCaptureSourceMac::DisplaySurface::ioSurface const):
        * platform/mediastream/mac/ScreenDisplayCaptureSourceMac.mm: Added.
        (WebCore::roundUpToMacroblockMultiple):
        (WebCore::ScreenDisplayCaptureSourceMac::updateDisplayID):
        (WebCore::ScreenDisplayCaptureSourceMac::create):
        (WebCore::ScreenDisplayCaptureSourceMac::ScreenDisplayCaptureSourceMac):
        (WebCore::ScreenDisplayCaptureSourceMac::~ScreenDisplayCaptureSourceMac):
        (WebCore::ScreenDisplayCaptureSourceMac::createDisplayStream):
        (WebCore::ScreenDisplayCaptureSourceMac::startProducingData):
        (WebCore::ScreenDisplayCaptureSourceMac::stopProducingData):
        (WebCore::ScreenDisplayCaptureSourceMac::sampleBufferFromPixelBuffer):
        (WebCore::ScreenDisplayCaptureSourceMac::pixelBufferFromIOSurface):
        (WebCore::ScreenDisplayCaptureSourceMac::generateFrame):
        (WebCore::ScreenDisplayCaptureSourceMac::startDisplayStream):
        (WebCore::ScreenDisplayCaptureSourceMac::applySize):
        (WebCore::ScreenDisplayCaptureSourceMac::applyFrameRate):
        (WebCore::ScreenDisplayCaptureSourceMac::commitConfiguration):
        (WebCore::ScreenDisplayCaptureSourceMac::displayWasReconfigured):
        (WebCore::ScreenDisplayCaptureSourceMac::displayReconfigurationCallBack):
        (WebCore::ScreenDisplayCaptureSourceMac::frameAvailable):

2018-01-05  Don Olmstead  <don.olmstead@sony.com>

        [curl] Can't load file:// URL with a URL fragment identifier
        https://bugs.webkit.org/show_bug.cgi?id=181170

        Reviewed by Alex Christensen.

        No new tests. No change in behavior.

        * platform/network/curl/CurlRequest.cpp:
        (WebCore::CurlRequest::invokeDidReceiveResponseForFile):

2018-01-05  Don Olmstead  <don.olmstead@sony.com>

        TextCodec uses std::array but does not include it
        https://bugs.webkit.org/show_bug.cgi?id=181340

        Reviewed by Alex Christensen.

        No new tests. No change in behavior.

        * platform/text/TextCodec.h:

2018-01-05  Said Abou-Hallawa  <sabouhallawa@apple.com>

        SVGAnimatedListPropertyTearOff::synchronizeWrappersIfNeeded() should do nothing if the property is not animating
        https://bugs.webkit.org/show_bug.cgi?id=181316
        <rdar://problem/36147545>

        Reviewed by Simon Fraser.

        This is a speculative change to fix a crash which appeared after r226065.
        The crash is very intermittent and sometimes very hard to reproduce. The
        basic code analysis did not show how this crash can even happen.

        * svg/SVGAnimatedTypeAnimator.h:
        (WebCore::SVGAnimatedTypeAnimator::resetFromBaseValues): For SVG property
        with two values, e.g. <SVGAngleValue, SVGMarkerOrientType>,  we need to
        detach the wrappers of the animated property if the animated values are
        going to change. This is similar to what we did in resetFromBaseValue().

        * svg/properties/SVGAnimatedListPropertyTearOff.h:
        (WebCore::SVGAnimatedListPropertyTearOff::synchronizeWrappersIfNeeded):

2018-01-05  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r226401.

        This caused timeouts on multiple platforms.

        Reverted changeset:

        "Implement Cache API partitioning based on ClientOrigin"
        https://bugs.webkit.org/show_bug.cgi?id=181240
        https://trac.webkit.org/changeset/226401

2018-01-05  Dan Bernstein  <mitz@apple.com>

        Fixed the build following AppKit API deprecations in a recent SDKs

        * platform/mac/PasteboardMac.mm:
        (WebCore::setDragImageImpl): Suppressed deprecation warnings.
        * platform/mac/WidgetMac.mm:
        (WebCore::Widget::paint): Ditto.

2018-01-05  Joseph Pecoraro  <pecoraro@apple.com>

        ServiceWorkers: Enable UserTiming / ResourceTiming
        https://bugs.webkit.org/show_bug.cgi?id=181297
        <rdar://problem/36307306>

        Reviewed by Youenn Fablet.

        Tests: http/tests/workers/service/service-worker-resource-timing.https.html
               http/tests/workers/service/service-worker-user-timing.https.html

        * loader/ResourceTiming.cpp:
        (WebCore::ResourceTiming::ResourceTiming):
        We used to clear extra NetworkLoadMetrics data early on. However,
        for Workers we want to pass the complete NetworkLoadMetrics to
        the Worker so that a Worker inspector has access to it.

        * page/PerformanceResourceTiming.cpp:
        (WebCore::PerformanceResourceTiming::PerformanceResourceTiming):
        Instead move the clearing of extra data to here, when the NetworkLoadMetrics
        have finally settled into being used only for a performance entry.

2018-01-04  Philippe Normand  <pnormand@igalia.com>

        [EME][GStreamer] Fix wrong ifdef
        https://bugs.webkit.org/show_bug.cgi?id=181289

        Reviewed by Alex Christensen.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::handleMessage): Remove the
        ENCRYPTED_MEDIA ifdef from the VIDEO_TRACK ifdef block. Both have
        nothing to do together.

2018-01-05  Fujii Hironori  <Hironori.Fujii@sony.com>

        [Cairo] Canvas: Path::clear should clear its transform
        https://bugs.webkit.org/show_bug.cgi?id=181320

        Reviewed by Carlos Garcia Campos.

        Path of Cairo port has its cairo context. Path::clear() didn't
        clear the transform matrix of the context.

        Test: fast/canvas/reset-scaling-by-height-change.html

        * platform/graphics/cairo/PathCairo.cpp:
        (WebCore::Path::clear): Reset the transform matrix of Path.

2018-01-04  Devin Rousso  <webkit@devinrousso.com>

        Web Inspector: replace HTMLCanvasElement with CanvasRenderingContext for instrumentation logic
        https://bugs.webkit.org/show_bug.cgi?id=180770

        Reviewed by Joseph Pecoraro.

        No change in functionality.

        * html/HTMLCanvasElement.h:
        * html/HTMLCanvasElement.cpp:
        (WebCore::HTMLCanvasElement::createContext2d):
        (WebCore::HTMLCanvasElement::createContextWebGL):
        (WebCore::HTMLCanvasElement::createContextWebGPU):
        (WebCore::HTMLCanvasElement::createContextBitmapRenderer):
        (WebCore::HTMLCanvasElement::reset):
        (WebCore::HTMLCanvasElement::paint):
        (WebCore::HTMLCanvasElement::setImageBuffer const):
        (WebCore::HTMLCanvasElement::addObserver): Deleted.
        (WebCore::HTMLCanvasElement::removeObserver): Deleted.
        (WebCore::HTMLCanvasElement::cssCanvasClients): Deleted.
        (WebCore::HTMLCanvasElement::notifyObserversCanvasChanged): Deleted.
        * html/OffscreenCanvas.h:
        * html/canvas/CanvasRenderingContext.h:
        * html/canvas/CanvasRenderingContext.cpp:
        * html/canvas/CanvasRenderingContext2D.h:
        * html/canvas/CanvasRenderingContext2D.cpp:
        (WebCore::CanvasRenderingContext2D::create):
        * html/canvas/CanvasRenderingContext2DBase.h:
        * html/canvas/ImageBitmapRenderingContext.h:
        * html/canvas/ImageBitmapRenderingContext.cpp:
        (WebCore::ImageBitmapRenderingContext::create):
        * html/canvas/WebGL2RenderingContext.h:
        * html/canvas/WebGL2RenderingContext.cpp:
        (WebCore::WebGL2RenderingContext::create):
        * html/canvas/WebGLRenderingContext.h:
        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::create):
        * html/canvas/WebGLRenderingContextBase.h:
        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::create):
        * html/canvas/WebGPURenderingContext.cpp:
        (WebCore::WebGPURenderingContext::create):
        Instead of adding didCreateCanvasRenderingContext calls at the construction sites of each
        context, we can make the constructors private and force the usage of static `create` functions.
        This way, we have access to the fully constructed object and have a guaranteed path for creation.

        * html/CanvasBase.h:
        * html/CanvasBase.cpp:
        (WebCore::CanvasBase::~CanvasBase):
        (WebCore::CanvasBase::renderingContext const):
        (WebCore::CanvasBase::addObserver):
        (WebCore::CanvasBase::removeObserver):
        (WebCore::CanvasBase::notifyObserversCanvasChanged):
        (WebCore::CanvasBase::notifyObserversCanvasResized):
        (WebCore::CanvasBase::notifyObserversCanvasDestroyed):
        (WebCore::CanvasBase::cssCanvasClients const):
        * Modules/mediastream/CanvasCaptureMediaStreamTrack.h:
        * Modules/mediastream/CanvasCaptureMediaStreamTrack.cpp:
        (WebCore::CanvasCaptureMediaStreamTrack::Source::canvasDestroyed):
        (WebCore::CanvasCaptureMediaStreamTrack::Source::canvasResized):
        (WebCore::CanvasCaptureMediaStreamTrack::Source::canvasChanged):
        * css/CSSCanvasValue.h:
        Move the CanvasObserver class to CanvasBase so that it can also be used for OffscreenCanvas.

        * inspector/InspectorInstrumentation.h:
        (WebCore::InspectorInstrumentation::didChangeCSSCanvasClientNodes):
        (WebCore::InspectorInstrumentation::didCreateCanvasRenderingContext):
        (WebCore::InspectorInstrumentation::didChangeCanvasMemory):
        (WebCore::InspectorInstrumentation::recordCanvasAction):
        (WebCore::InspectorInstrumentation::didFinishRecordingCanvasFrame):
        (WebCore::InspectorInstrumentation::didEnableExtension):
        (WebCore::InspectorInstrumentation::didCreateProgram):
        (WebCore::InspectorInstrumentation::willDeleteProgram):
        (WebCore::InspectorInstrumentation::isShaderProgramDisabled):
        (WebCore::InspectorInstrumentation::consoleStartRecordingCanvas):
        (WebCore::InspectorInstrumentation::didCreateCSSCanvas): Deleted.
        * inspector/InspectorInstrumentation.cpp:
        (WebCore::InspectorInstrumentation::consoleStartRecordingCanvasImpl):
        (WebCore::InspectorInstrumentation::didChangeCSSCanvasClientNodesImpl):
        (WebCore::InspectorInstrumentation::didCreateCanvasRenderingContextImpl):
        (WebCore::InspectorInstrumentation::didChangeCanvasMemoryImpl):
        (WebCore::InspectorInstrumentation::didFinishRecordingCanvasFrameImpl):
        (WebCore::InspectorInstrumentation::didEnableExtensionImpl):
        (WebCore::InspectorInstrumentation::didCreateProgramImpl):
        (WebCore::InspectorInstrumentation::didCreateCSSCanvasImpl): Deleted.

        * inspector/agents/InspectorCanvasAgent.h:
        * inspector/agents/InspectorCanvasAgent.cpp:
        (WebCore::InspectorCanvasAgent::enable):
        (WebCore::InspectorCanvasAgent::requestNode):
        (WebCore::InspectorCanvasAgent::requestContent):
        (WebCore::InspectorCanvasAgent::requestCSSCanvasClientNodes):
        (WebCore::contextAsScriptValue):
        (WebCore::InspectorCanvasAgent::resolveCanvasContext):
        (WebCore::InspectorCanvasAgent::startRecording):
        (WebCore::InspectorCanvasAgent::stopRecording):
        (WebCore::InspectorCanvasAgent::updateShader):
        (WebCore::InspectorCanvasAgent::frameNavigated):
        (WebCore::InspectorCanvasAgent::didChangeCSSCanvasClientNodes):
        (WebCore::InspectorCanvasAgent::didCreateCanvasRenderingContext):
        (WebCore::InspectorCanvasAgent::didChangeCanvasMemory):
        (WebCore::InspectorCanvasAgent::recordCanvasAction):
        (WebCore::InspectorCanvasAgent::canvasDestroyed):
        (WebCore::InspectorCanvasAgent::didFinishRecordingCanvasFrame):
        (WebCore::InspectorCanvasAgent::consoleStartRecordingCanvas):
        (WebCore::InspectorCanvasAgent::didEnableExtension):
        (WebCore::InspectorCanvasAgent::didCreateProgram):
        (WebCore::InspectorCanvasAgent::canvasRecordingTimerFired):
        (WebCore::InspectorCanvasAgent::clearCanvasData):
        (WebCore::InspectorCanvasAgent::unbindCanvas):
        (WebCore::InspectorCanvasAgent::findInspectorCanvas):
        (WebCore::InspectorCanvasAgent::unbindProgram):
        (WebCore::InspectorCanvasAgent::didCreateCSSCanvas): Deleted.

        * inspector/InspectorCanvas.h:
        * inspector/InspectorCanvas.cpp:
        (WebCore::InspectorCanvas::create):
        (WebCore::InspectorCanvas::InspectorCanvas):
        (WebCore::InspectorCanvas::canvasElement):
        (WebCore::InspectorCanvas::resetRecordingData):
        (WebCore::InspectorCanvas::recordAction):
        (WebCore::InspectorCanvas::buildObjectForCanvas):
        (WebCore::InspectorCanvas::getCanvasContentAsDataURL):
        (WebCore::InspectorCanvas::buildInitialState):
        (WebCore::InspectorCanvas::~InspectorCanvas): Deleted.

        * inspector/InspectorShaderProgram.h:
        * inspector/InspectorShaderProgram.cpp:
        (WebCore::InspectorShaderProgram::context const):

        * page/PageConsoleClient.cpp:
        (WebCore::PageConsoleClient::record):
        (WebCore::PageConsoleClient::recordEnd):

        * dom/Document.h:
        * dom/Document.cpp:
        (WebCore::Document::getCSSCanvasElement):
        (WebCore::Document::nameForCSSCanvasElement const):
        We have no reason to save the CSS canvas name for each InspectorCanvas object, so instead we
        can just query for the name based on the CanvasRenderingContext's HTMLCanvasElement (assuming
        it is not an OffscreenCanvas) when we need it.

2018-01-04  Chris Fleizach  <cfleizach@apple.com>

        AX: Implement updated CSS3 Speech for 'speak' and 'speak-as' properties
        https://bugs.webkit.org/show_bug.cgi?id=180361

        Reviewed by Zalan Bujtas.

        Change speak -> speakAs, and allow a combination of properties.

        Tests: Updated accessibility/mac/css-speech-speak.html

        * accessibility/AccessibilityObject.h:
        (WebCore::AccessibilityObject::speakAsProperty const):
        (WebCore::AccessibilityObject::speakProperty const): Deleted.
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::speakAsProperty const):
        (WebCore::AccessibilityRenderObject::speakProperty const): Deleted.
        * accessibility/AccessibilityRenderObject.h:
        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper accessibilitySpeechHint]):
        * accessibility/mac/WebAccessibilityObjectWrapperBase.h:
        * accessibility/mac/WebAccessibilityObjectWrapperBase.mm:
        (-[WebAccessibilityObjectWrapperBase baseAccessibilitySpeechHint]):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):
        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::speakAsToCSSValue):
        (WebCore::ComputedStyleExtractor::propertyValue):
        * css/CSSPrimitiveValueMappings.h:
        (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
        (WebCore::CSSPrimitiveValue::operator ESpeakAs const):
        (WebCore::CSSPrimitiveValue::operator ESpeak const): Deleted.
        * css/CSSProperties.json:
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertSpeakAs):
        * css/parser/CSSParserFastPaths.cpp:
        (WebCore::CSSParserFastPaths::isValidKeywordPropertyAndValue):
        (WebCore::CSSParserFastPaths::isKeywordPropertyID):
        * css/parser/CSSPropertyParser.cpp:
        (WebCore::consumeSpeakAs):
        (WebCore::CSSPropertyParser::parseSingleValue):
        * rendering/style/RenderStyle.h:
        (WebCore::RenderStyle::speakAs const):
        (WebCore::RenderStyle::setSpeakAs):
        (WebCore::RenderStyle::initialSpeakAs):
        (WebCore::RenderStyle::speak const): Deleted.
        (WebCore::RenderStyle::setSpeak): Deleted.
        (WebCore::RenderStyle::initialSpeak): Deleted.
        * rendering/style/RenderStyleConstants.h:
        (WebCore::operator| ):
        (WebCore::operator|= ):
        * rendering/style/StyleRareInheritedData.cpp:
        (WebCore::StyleRareInheritedData::StyleRareInheritedData):
        (WebCore::StyleRareInheritedData::operator== const):
        * rendering/style/StyleRareInheritedData.h:

2018-01-04  Brian Burg  <bburg@apple.com>

        Web Inspector: Capture Element Screenshot looks fuzzy
        https://bugs.webkit.org/show_bug.cgi?id=175734
        <rdar://problem/33803377>

        Reviewed by Joseph Pecoraro and Simon Fraser.

        Screenshots taken by Web Inspector were being downscaled from the
        internal size to the logical size, causing them to be blurry when
        later upscaled to the internal size.

        Replace ScaleBehavior { Scaled, Unscaled } with PreserveResolution { No, Yes }.
        This is a lot less confusing to read both inside ImageBuffer and at its use sites.

        Remove unused CoordinateSystem argument for ImageBuffer::toDataURL,
        and replace it with PreserveResolution. Plumb PreserveResolution into toCFData
        so that PreserveResolution::Yes will preserve the internal size of
        the image buffer, just as it does in other methods that take PreserveResolution.

        At the use site in InspectorPageAgent, always request PreserveResolution::Yes snapshots
        when taking an element screenshot. For now, keep using downscaled (smaller)
        snapshots when capturing canvas previews, as the previews are not full-size.

        Test: inspector/page/hidpi-snapshot-size.html

        * html/HTMLCanvasElement.cpp:
        (WebCore::HTMLCanvasElement::makePresentationCopy):
        (WebCore::HTMLCanvasElement::copiedImage const):
        * html/canvas/CanvasRenderingContext2DBase.cpp:
        (WebCore::CanvasRenderingContext2DBase::createPattern):
        * inspector/agents/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::snapshotNode):
        (WebCore::InspectorPageAgent::snapshotRect):
        * page/TextIndicator.cpp:
        (WebCore::takeSnapshot):
        * platform/DragImage.cpp:
        (WebCore::createDragImageFromSnapshot):
        * platform/graphics/BitmapImage.cpp:
        (WebCore::BitmapImage::drawPattern):
        * platform/graphics/ImageBuffer.h:
        * platform/graphics/cairo/ImageBufferCairo.cpp:
        (WebCore::ImageBuffer::sinkIntoImage):
        (WebCore::ImageBuffer::copyImage const):
        (WebCore::ImageBuffer::toDataURL const):
        * platform/graphics/cg/ImageBufferCG.cpp:
        (WebCore::createBitmapImageAfterScalingIfNeeded):
        (WebCore::ImageBuffer::copyImage const):
        (WebCore::ImageBuffer::sinkIntoImage):
        (WebCore::ImageBuffer::toDataURL const):
        (WebCore::ImageBuffer::toData const):
        (WebCore::ImageBuffer::toCFData const):
        * platform/graphics/gtk/ImageBufferGtk.cpp:
        (WebCore::ImageBuffer::toDataURL const):
        * platform/graphics/win/ImageBufferDirect2D.cpp:
        (WebCore::ImageBuffer::copyImage const):
        (WebCore::ImageBuffer::sinkIntoImage):
        (WebCore::ImageBuffer::toDataURL const):
        * svg/graphics/SVGImage.cpp:
        (WebCore::SVGImage::drawPatternForContainer):

2018-01-04  John Wilander  <wilander@apple.com>

        Storage Access API: Turn feature on by default in Settings.yaml
        https://bugs.webkit.org/show_bug.cgi?id=181298
        <rdar://problem/36302506>

        Reviewed by Brent Fulgham.

        No new tests. This is just a feature settings change.

        * page/Settings.yaml:

2018-01-04  Zalan Bujtas  <zalan@apple.com>

        WebContent process crashes while loading https://www.classicspecs.com
        https://bugs.webkit.org/show_bug.cgi?id=181290
        <rdar://problem/36225906>

        Reviewed by Simon Fraser.

        Floats can overhang multiple blocks (they are called intruding floats).
        Each block keeps track of such intruding floats. When an overhanging float box is destroyed,
        we need to deregister it from all those blocks. We do it by walking up the ancestor block chain
        and check if the parent (grandparent etc) block still contains this float. Once we find the topmost block, 
        we start deregistering it by traversing back on the descendant blocks.
        Normally we do it in RenderElement::takeChildInternal right before the box is getting detached.
        However in certain cases (like when the float's parent happens to be an anonymous wrapper)
        by the time we get to ::takeChildInternal the subtree is already detached and we can't access all the
        ancestors.
        This patch ensure that the floating box is still attached during de-registration. 

        Test: fast/block/float/crash-when-intruding-float-has-anonymous-parent-and-detach.html

        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::removeFromParentAndDestroyCleaningUpAnonymousWrappers):

2018-01-04  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] Add Mock screen capture source
        https://bugs.webkit.org/show_bug.cgi?id=181291
        <rdar://problem/36298164>

        Reviewed by Dean Jackson.

        Tests:  http/tests/media/media-stream/get-display-media-prompt.html
                GetDisplayMediaTest.BasicPrompt
                GetDisplayMediaTest.Constraints

        * Modules/mediastream/MediaDevices.cpp:
        (WebCore::MediaDevices::MediaDevices): Add static_assert to ensure MediaDevices::DisplayCaptureSurfaceType
        and RealtimeMediaSourceSettings::DisplaySurfaceType values are equivalent.
        (WebCore::MediaDevices::getSupportedConstraints): Remove bogus code.
        * Modules/mediastream/MediaDevices.h: Add DisplayCaptureSurfaceType.
        * Modules/mediastream/MediaDevices.idl: Ditto.

        * Modules/mediastream/MediaStreamTrack.cpp:
        (WebCore::MediaStreamTrack::getSettings const): Add a FIXME.
        * Modules/mediastream/MediaStreamTrack.h: Add displaySurface and logicalSurface.

        * Modules/mediastream/MediaTrackSupportedConstraints.h: Remove displaySurface and logicalSurface.
        * Modules/mediastream/MediaTrackSupportedConstraints.idl:

        * SourcesCocoa.txt: Add DisplayCaptureManagerCocoa.cpp and DisplayCaptureSourceCocoa.cpp.

        * WebCore.xcodeproj/project.pbxproj: Ditto.

        * platform/mediastream/CaptureDevice.h:
        (WebCore::CaptureDevice::encode const): Add.
        (WebCore::CaptureDevice::decode):

        * platform/mediastream/RealtimeMediaSourceCenter.cpp:
        (WebCore::RealtimeMediaSourceCenter::getMediaStreamDevices): Include display capture "devices".
        (WebCore::RealtimeMediaSourceCenter::validateRequestConstraints): Deal with display capture devices.
        (WebCore::RealtimeMediaSourceCenter::captureDeviceWithPersistentID): Ditto.
        * platform/mediastream/RealtimeMediaSourceCenter.h:

        * platform/mediastream/RealtimeMediaSourceSettings.h:
        (WebCore::RealtimeMediaSourceSettings::displaySurface const): Return a DisplaySurfaceType.
        (WebCore::RealtimeMediaSourceSettings::setDisplaySurface): Take a DisplaySurfaceType.

        * platform/mediastream/mac/DisplayCaptureManagerCocoa.cpp:
        (WebCore::DisplayCaptureManagerCocoa::singleton):
        (WebCore::DisplayCaptureManagerCocoa::~DisplayCaptureManagerCocoa):
        (WebCore::DisplayCaptureManagerCocoa::captureDevices):
        (WebCore::DisplayCaptureManagerCocoa::screenCaptureDeviceWithPersistentID):
        (WebCore::DisplayCaptureManagerCocoa::captureDeviceWithPersistentID):
        * platform/mediastream/mac/DisplayCaptureManagerCocoa.h:

        * platform/mediastream/mac/DisplayCaptureSourceCocoa.cpp: Added.
        (WebCore::DisplayCaptureSourceCocoa::DisplayCaptureSourceCocoa):
        (WebCore::DisplayCaptureSourceCocoa::~DisplayCaptureSourceCocoa):
        (WebCore::DisplayCaptureSourceCocoa::capabilities const):
        (WebCore::DisplayCaptureSourceCocoa::settings const):
        (WebCore::DisplayCaptureSourceCocoa::settingsDidChange):
        (WebCore::DisplayCaptureSourceCocoa::startProducingData):
        (WebCore::DisplayCaptureSourceCocoa::stopProducingData):
        (WebCore::DisplayCaptureSourceCocoa::elapsedTime):
        (WebCore::DisplayCaptureSourceCocoa::applyFrameRate):
        (WebCore::DisplayCaptureSourceCocoa::emitFrame):
        * platform/mediastream/mac/DisplayCaptureSourceCocoa.h:

        * platform/mediastream/mac/RealtimeMediaSourceCenterMac.cpp:
        (WebCore::RealtimeMediaSourceCenterMac::displayCaptureDeviceManager): New.
        * platform/mediastream/mac/RealtimeMediaSourceCenterMac.h:

        * platform/mock/MockRealtimeMediaSource.cpp:
        (WebCore::deviceMap): Add screen capture "devices".
        (WebCore::MockRealtimeMediaSource::displayDevices): New.
        * platform/mock/MockRealtimeMediaSource.h:

        * platform/mock/MockRealtimeMediaSourceCenter.cpp: Clean up includes.
        * platform/mock/MockRealtimeMediaSourceCenter.h:

        * platform/mock/MockRealtimeVideoSource.cpp:
        (WebCore::MockRealtimeVideoSource::MockRealtimeVideoSource): Mock two screen devices.
        (WebCore::MockRealtimeVideoSource::updateSettings): Deal with mock screens.
        (WebCore::MockRealtimeVideoSource::initializeCapabilities): Ditto.
        (WebCore::MockRealtimeVideoSource::initializeSupportedConstraints): Ditto.
        (WebCore::MockRealtimeVideoSource::drawText): Ditto.
        (WebCore::MockRealtimeVideoSource::generateFrame): Ditto.
        * platform/mock/MockRealtimeVideoSource.h:
        (WebCore::MockRealtimeVideoSource::mockCamera const):
        (WebCore::MockRealtimeVideoSource::mockScreen const):

2018-01-04  Youenn Fablet  <youenn@apple.com>

        FetchResponse should set its internal response text encoding name
        https://bugs.webkit.org/show_bug.cgi?id=181284

        Reviewed by Alex Christensen.

        Covered by rebased test.

        * Modules/fetch/FetchResponse.cpp:
        (WebCore::FetchResponse::create): Set response text encoding based on content type charset.

2018-01-04  John Wilander  <wilander@apple.com>

        Storage Access API: Remove JavaScript confirm() prompt from Document::requestStorageAccess()
        https://bugs.webkit.org/show_bug.cgi?id=181276
        <rdar://problem/36290463>

        Reviewed by Alex Christensen.

        No new tests. Existing test expectations updated.

        * dom/Document.cpp:
        (WebCore::Document::requestStorageAccess):

2018-01-04  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Issues with Ahem's ex / x-height
        https://bugs.webkit.org/show_bug.cgi?id=180581

        Reviewed by Michael Catanzaro.

        Get the x-height value from the TT_OS2 table if available.

        Fixes: fast/text/break-word-pre-wrap.html
               imported/w3c/web-platform-tests/css/css-shapes-1/shape-outside/values/shape-outside-shape-arguments-000.html

        * platform/graphics/freetype/SimpleFontDataFreeType.cpp:
        (WebCore::Font::platformInit):

2018-01-04  Philippe Normand  <pnormand@igalia.com>

        Unreviewed, GTK build fix attempt after r226357

        * platform/graphics/gstreamer/GStreamerUtilities.h: The
        GST_BUFFER_DTS_OR_PTS macro was added in GStreamer 1.8 but old
        versions of Debian might not have this release yet.

2018-01-04  Youenn Fablet  <youenn@apple.com>

        Implement Cache API partitioning based on ClientOrigin
        https://bugs.webkit.org/show_bug.cgi?id=181240

        Reviewed by Alex Christensen.

        Covered by updated tests.

        Previously, cache storage was partitioned according the origin of the client, represented as a String.
        We now partition according both client and top origins, represented as a ClientOrigin

        Minor refactoring to use more makePendingActivity.
        Added support for IPC serialization of ClientOrigin.
        Added SecurityOriginData::toString which is used by WebKit2 Cache Storage implementation.

        * Modules/cache/CacheStorageConnection.cpp:
        (WebCore::CacheStorageConnection::open):
        (WebCore::CacheStorageConnection::retrieveCaches):
        * Modules/cache/CacheStorageConnection.h:
        (WebCore::CacheStorageConnection::clearMemoryRepresentation):
        (WebCore::CacheStorageConnection::doOpen):
        (WebCore::CacheStorageConnection::doRetrieveCaches):
        * Modules/cache/DOMCacheStorage.cpp:
        (WebCore::DOMCacheStorage::origin const):
        (WebCore::DOMCacheStorage::retrieveCaches):
        (WebCore::DOMCacheStorage::open):
        (WebCore::DOMCacheStorage::remove):
        * Modules/cache/DOMCacheStorage.h:
        * Modules/cache/WorkerCacheStorageConnection.cpp:
        (WebCore::WorkerCacheStorageConnection::doOpen):
        (WebCore::WorkerCacheStorageConnection::doRetrieveCaches):
        * Modules/cache/WorkerCacheStorageConnection.h:
        * page/ClientOrigin.h:
        (WebCore::ClientOrigin::isolatedCopy const):
        (WebCore::ClientOrigin::encode const):
        (WebCore::ClientOrigin::decode):
        * page/SecurityOriginData.cpp:
        (WebCore::SecurityOriginData::toString const):
        (WebCore::SecurityOriginData::debugString const): Deleted.
        * page/SecurityOriginData.h:
        (WebCore::SecurityOriginData::debugString const):
        * testing/Internals.cpp:
        (WebCore::Internals::clearCacheStorageMemoryRepresentation):

2018-01-04  Youenn Fablet  <youenn@apple.com>

        Service Worker should expose redirect mode for navigation loads as manual
        https://bugs.webkit.org/show_bug.cgi?id=181067

        Reviewed by Alex Christensen.

        Covered by rebased tests.

        * loader/CrossOriginAccessControl.cpp: Removing ContentType header only if affecting CORS checks.
        This allows extending header filtering in service worker to all modes, including Navigate.
        * workers/service/context/ServiceWorkerFetch.cpp:
        (WebCore::ServiceWorkerFetch::dispatchFetchEvent): Ideally, document loading code should set redirect to manual.
        Since it is not the case yet and that would require changes to various places, manual is set before exposing the corresponding fetch event.

2018-01-04  Youenn Fablet  <youenn@apple.com>

        ServiceWorkerThreadProxy::postTaskForModeToWorkerGlobalScope should be a no-op if worker is being terminated
        https://bugs.webkit.org/show_bug.cgi?id=181245

        Reviewed by Alex Christensen.

        Stop appending tasks to a terminating worker and returning false in that case.
        This mirrors what is done for regular workers.

        * workers/service/context/SWContextManager.cpp:
        (WebCore::SWContextManager::terminateWorker):
        * workers/service/context/ServiceWorkerThreadProxy.cpp:
        (WebCore::ServiceWorkerThreadProxy::postTaskForModeToWorkerGlobalScope):
        * workers/service/context/ServiceWorkerThreadProxy.h:

2018-01-04  Youenn Fablet  <youenn@apple.com>

        Cancel pending script loads when service worker is being terminated
        https://bugs.webkit.org/show_bug.cgi?id=181250

        Reviewed by Alex Christensen.

        Covered by service worker tests no longer crashing in ASAN builds.

        * workers/WorkerScriptLoader.cpp:
        (WebCore::WorkerScriptLoader::notifyFinished): Clearing loader when finished.
        (WebCore::WorkerScriptLoader::cancel): Implementing cancel of a script loader by cancelling the underlying threadable loader.
        * workers/WorkerScriptLoader.h:
        * workers/service/ServiceWorkerContainer.cpp: Canceling loads of all pending jobs.
        (WebCore::ServiceWorkerContainer::stop):
        * workers/service/ServiceWorkerJob.cpp:
        (WebCore::ServiceWorkerJob::cancelPendingLoad):
        * workers/service/ServiceWorkerJob.h:

2018-01-04  Youenn Fablet  <youenn@apple.com>

        Implement  https://fetch.spec.whatwg.org/#main-fetch default referrer policy setting
        https://bugs.webkit.org/show_bug.cgi?id=181239

        Reviewed by Alex Christensen.

        Covered by updated and rebased test.

        Setting the request referrer policy to the Document referrer policy if no one is set.
        If Document has no referrer policy, use no-referrer-when-downgrade as per the spec.

        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::updateHTTPRequestHeaders):
        (WebCore::CachedResourceLoader::requestResource):
        * loader/cache/CachedResourceLoader.h:
        * loader/cache/CachedResourceRequest.cpp:
        (WebCore::CachedResourceRequest::updateReferrerPolicy):
        (WebCore::CachedResourceRequest::updateReferrerOriginAndUserAgentHeaders):
        * loader/cache/CachedResourceRequest.h:

2018-01-03  Wenson Hsieh  <wenson_hsieh@apple.com>

        [Attachment Support] Create attachment elements when dropping files on iOS
        https://bugs.webkit.org/show_bug.cgi?id=181192
        <rdar://problem/36280945>

        Reviewed by Tim Horton.

        Implements support for dropping data as attachment elements on iOS. See comments below for more detail.

        Tests:  WKAttachmentTests.InsertDroppedRichAndPlainTextFilesAsAttachments
                WKAttachmentTests.InsertDroppedZipArchiveAsAttachment
                WKAttachmentTests.InsertDroppedItemProvidersInOrder

        * WebCore.xcodeproj/project.pbxproj:
        * editing/WebContentReader.cpp:
        (WebCore::WebContentReader::ensureFragment):

        Add a new helper to create the WebContentReader's fragment, if it hasn't already been created.

        * editing/WebContentReader.h:
        * editing/cocoa/WebContentReaderCocoa.mm:
        (WebCore::WebContentReader::readFilePaths):

        Rename readFilenames to readFilePaths (which better reflects its parameters, which are file paths). Also, move
        the implementation of readFilePaths to shared iOS/macOS code in WebContentReaderCocoa, and remove the stub
        implementation on iOS.

        There's a bit of code here that I kept macOS-only which deals with inserting file paths as plain text in
        editable areas, but it's unclear to me why and if WebKit clients currently find this useful, so I left a FIXME
        to investigate removing this altogether. Code for handling this plain text insertion of file paths on Mac was
        introduced in r67403.

        * editing/ios/WebContentReaderIOS.mm:
        (WebCore::WebContentReader::readFilenames): Deleted.
        * editing/mac/WebContentReaderMac.mm:
        (WebCore::WebContentReader::readFilenames): Deleted.
        * page/mac/DragControllerMac.mm:
        (WebCore::DragController::updateSupportedTypeIdentifiersForDragHandlingMethod const):

        Teach DragController to accept all types conforming to "public.item" and "public.content" on iOS, only when
        attachment elements are enabled. This allows us to load content from item providers that we otherwise would not
        have loaded, since we now have the ability to fall back to attachment element insertion if the type is not have
        a default representation using standard web content.

        * platform/Pasteboard.h:
        * platform/PasteboardItemInfo.h: Added.
        (WebCore::PasteboardItemInfo::encode const):
        (WebCore::PasteboardItemInfo::decode):

        Add PasteboardItemInfo, a struct that describes an item on the pasteboard. Also, implement encoding and decoding
        support for PasteboardItemInfo. So far, the item info only describes file information about the pasteboard item,
        and flags indicating whether the item prefers attachment or inline presentation.

        * platform/PasteboardStrategy.h:

        Replace getFilenamesForDataInteraction with informationForItemAtIndex. Instead of returning all of the file
        paths associated with any item on the pasteboard, fetch a PasteboardItemInfo at a given item index, which
        includes information about the file path as well as some other metadata we'll need when deciding how to read
        pasteboard contents as a document fragment.

        * platform/PlatformPasteboard.h:
        * platform/cocoa/PasteboardCocoa.mm:
        (WebCore::Pasteboard::read):
        * platform/ios/AbstractPasteboard.h:
        * platform/ios/PasteboardIOS.mm:
        (WebCore::Pasteboard::read):
        (WebCore::Pasteboard::readRespectingUTIFidelities):

        Teach the iOS Pasteboard to read web content using attachment elements, if enabled. There are two scenarios in
        which we would want to insert an attachment element:
        (1) The item provider uses a preferred presentation style of attachment, in which case we bail out of trying to
            handle the drop using the default mechanisms, and simply insert it as an attachment. We need this to deal
            with the case where we drop text or HTML files from the Files app, so that we don't try and insert the
            contents of the text or HTML as inline web content.
        (2) The item provider doesn't have a preferred attachment presentation style, but there's nothing WebKit would
            otherwise do with the dropped content, so insert an attachment element as a fallback. Examples where this is
            relevant are dropping a PDF or ZIP archive without attachment presentation style explicitly set.
        We first check if we fall into case (1). If so, we can bail early by inserting an attachment; otherwise, we
        proceed normally and see if we can read the contents of the drop as web content. If, at the end of default drop
        handling, we don't still have a way to represent the dropped content, enter case (2).

        (WebCore::Pasteboard::readFilePaths):
        (WebCore::Pasteboard::readFilenames): Deleted.

        Rename readFilenames to readFilePaths, and reimplement it using informationForItemAtIndex.

        * platform/ios/PlatformPasteboardIOS.mm:
        (WebCore::pasteboardItemPresentationStyle):
        (WebCore::PlatformPasteboard::informationForItemAtIndex):
        (WebCore::PlatformPasteboard::filenamesForDataInteraction): Deleted.

        Implement informationForItemAtIndex and remove filenamesForDataInteraction. As before, we ask the pasteboard
        (i.e. WebItemProviderPasteboard) for information about dropped file URLs. This time, we limit this to a single
        file, so we don't end up creating multiple attachment elements for each representation of a single item
        provider. See below for -preferredFileUploadURLAtIndex:fileType: for more detail.

        * platform/ios/WebItemProviderPasteboard.h:
        * platform/ios/WebItemProviderPasteboard.mm:
        (-[WebItemProviderLoadResult initWithItemProvider:typesToLoad:]):
        (-[WebItemProviderLoadResult canBeRepresentedAsFileUpload]):

        Remove this synthesized instance variable and instead just check the item provider's preferredPresentationStyle.

        (-[WebItemProviderLoadResult description]):

        Add a verbose -description to the load result object. Useful for debugging what was content was loaded from an
        item provider on drop.

        (-[WebItemProviderPasteboard preferredFileUploadURLAtIndex:fileType:]):

        Return the highest fidelity loaded type identifier for a given item.

        (-[WebItemProviderPasteboard allDroppedFileURLs]):
        (-[WebItemProviderPasteboard typeIdentifiersToLoadForRegisteredTypeIdentfiers:]):

        Prefer flat RTFD to RTFD. In the case where attachments are enabled and we're accepting all types of content
        using attachment elements as a fallback representation, if the source writes attributed strings to the
        pasteboard with com.apple.rtfd at a higher fidelity than com.apple.flat-rtfd, we'll end up loading only
        com.apple.rtfd and dropping the text as an attachment element because we cannot convert the dropped content to
        markup. Instead, if flat RTFD is present in the item provider, always prefer that over RTFD so that dropping as
        regular web content isn't overridden when attachment elements are enabled.

        (-[WebItemProviderPasteboard doAfterLoadingProvidedContentIntoFileURLs:synchronousTimeout:]):
        (-[WebItemProviderPasteboard droppedFileURLs]): Deleted.
        * platform/mac/DragDataMac.mm:
        (WebCore::DragData::containsCompatibleContent const):

        DragData::containsCompatibleContent should be true when attachment elements are enabled, and there are files we
        can drop as attachment elements.

        * platform/mac/PasteboardMac.mm:
        (WebCore::Pasteboard::read):
        (WebCore::Pasteboard::readFilePaths):
        (WebCore::Pasteboard::readFilenames): Deleted.

2018-01-03  Ting-Wei Lan  <lantw44@gmail.com>

        Replace hard-coded paths in shebangs with #!/usr/bin/env
        https://bugs.webkit.org/show_bug.cgi?id=181040

        Reviewed by Alex Christensen.

        * bindings/scripts/InFilesCompiler.pm:
        * bindings/scripts/InFilesParser.pm:
        * bindings/scripts/generate-bindings-all.pl:
        * bindings/scripts/generate-bindings.pl:
        * bindings/scripts/preprocess-idls.pl:
        * css/make-css-file-arrays.pl:
        * css/makeprop.pl:
        * css/makevalues.pl:
        * dom/make_event_factory.pl:
        * dom/make_names.pl:
        * extract-localizable-strings.pl:
        * make-hash-tools.pl:

2018-01-03  Wenson Hsieh  <wenson_hsieh@apple.com>

        [Attachment Support] Add plumbing for starting a drag with promised blob data
        https://bugs.webkit.org/show_bug.cgi?id=181201

        Reviewed by Tim Horton.

        Adds logic to allow dragging an attachment element as a file by sending promised blob information to the UI
        process. See comments below for more detail.

        The only change in behavior is that dragging an attachment element will no longer write web content and injected
        bundle data to the pasteboard if the attachment element's file attribute is nonnull. This will cause one
        existing WK1 layout test to fail, but will otherwise not affect any attachment editing clients. On iOS,
        attachment elements in the Mail viewer can be dragged, but each attachment's file is null, so we fall back to
        current behavior; on macOS, Mail currently overrides the drag completely, beginning at -mouseDown:, so this
        doesn't make a difference to macOS Mail either.

        * editing/Editor.h:
        * editing/cocoa/EditorCocoa.mm:
        (WebCore::Editor::getPasteboardTypesAndDataForAttachment):

        Add a helper method to retrieve an attachment element as web archive data, for moving attachments within the
        same document. Also gives the injected editor bundle a chance to supply custom pasteboard types.

        * loader/EmptyClients.cpp:
        * page/DragClient.h:
        (WebCore::DragClient::prepareToDragPromisedBlob):

        Add new DragClient methods to send information about a promised blob to the UI process.

        * page/DragController.cpp:
        (WebCore::DragController::startDrag):

        Call dragAttachmentElement when starting a drag on an attachment element.

        (WebCore::DragController::dragAttachmentElement):

        Try to begin dragging a given attachment element, propagating promised blob information to the client layers.
        Returns true iff the attachment is backed by blob data (i.e. the file is nonnull).

        * platform/PromisedBlobInfo.h:

        Add a list of additional types and data to PromisedBlobInfo. In addition to the promised blob info, this would
        allow injected bundle data and other private types alongside the main attachment data on the pasteboard.

2018-01-03  Simon Fraser  <simon.fraser@apple.com>

        Remove the 'resolutionScale' parameter from ImageBufferDataCG get/putBytes
        https://bugs.webkit.org/show_bug.cgi?id=181268

        Reviewed by Alex Christensen.

        These functions were always called with resolutionScale=1.

        * platform/graphics/cg/ImageBufferCG.cpp:
        (WebCore::ImageBuffer::getUnmultipliedImageData const):
        (WebCore::ImageBuffer::getPremultipliedImageData const):
        (WebCore::ImageBuffer::putByteArray):
        * platform/graphics/cg/ImageBufferDataCG.cpp:
        (WebCore::ImageBufferData::getData const):
        (WebCore::ImageBufferData::putData):
        (WebCore::affineWarpBufferData): Deleted.
        * platform/graphics/cg/ImageBufferDataCG.h:

2018-01-03  John Wilander  <wilander@apple.com>

        Storage Access API: Refactor XPC for access removal to go straight from the web process to the network process
        https://bugs.webkit.org/show_bug.cgi?id=181270
        <rdar://problem/36289544>

        Reviewed by Alex Christensen.

        No new tests. Existing test re-enabled.

        This change refactors how the web process tells the network process
        to remove storage access. Previously, this was done over the UI process
        just like requests for storage access. But since no further reasoning
        is needed, the message should go straight from the web process to the
        network process for performance reasons and to minimize the risk of a
        race.

        As a consequence, the XPC code for storage access removal in the UI
        process is deleted.

        * platform/network/cf/NetworkStorageSessionCFNet.cpp:
        (WebCore::NetworkStorageSession::cookieStoragePartition const):
            Removes the storageAccessAPIEnabled check since the flag
            doesn't get propagated when the network process is created.
            Figuring this out will take some work which is unnecessary
            when we already gate access to the feature in Document.idl.

2018-01-03  James Craig  <jcraig@apple.com>

        AX: when invert colors is on, double-invert certain media elements in UserAgentStyleSheet
        https://bugs.webkit.org/show_bug.cgi?id=168447
        <rdar://problem/30559874>

        Reviewed by Simon Fraser.

        Double-invert video when platform 'invert colors' setting is enabled. Behavior matches 
        current 'Smart Invert' feature of Safari Reader on macOS/iOS and other iOS native apps.

        Tests: accessibility/smart-invert-reference.html
               accessibility/smart-invert.html

        * Modules/modern-media-controls/controls/media-controls.css:
        (@media (inverted-colors)):
        (:host):
        (picture):
        * css/html.css:
        (@media (inverted-colors)):
        (video):

2018-01-03  Youenn Fablet  <youenn@apple.com>

        LayoutTest http/tests/media/media-stream/disconnected-frame.html to consistently fail an assertion: !m_adoptionIsRequired
        https://bugs.webkit.org/show_bug.cgi?id=181264

        Reviewed by Eric Carlson.

        Covered by http/tests/media/media-stream/disconnected-frame.html not crashing anymore in Debug builds.
        Calling suspendIfNeeded in create method instead of constructor.

        * Modules/mediastream/UserMediaRequest.cpp:
        (WebCore::UserMediaRequest::create):
        (WebCore::UserMediaRequest::UserMediaRequest):

2018-01-03  Antti Koivisto  <antti@apple.com>

        Remove DeprecatedCSSOMValue::equals
        https://bugs.webkit.org/show_bug.cgi?id=181241

        Reviewed by Zalan Bujtas.

        This is dead code.

        * css/DeprecatedCSSOMValue.cpp:
        (WebCore::compareCSSOMValues): Deleted.
        (WebCore::DeprecatedCSSOMValue::equals const): Deleted.
        * css/DeprecatedCSSOMValue.h:
        (WebCore::DeprecatedCSSOMValue::operator== const): Deleted.
        (WebCore::DeprecatedCSSOMComplexValue::equals const): Deleted.
        * css/DeprecatedCSSOMValueList.cpp:
        (WebCore::DeprecatedCSSOMValueList::equals const): Deleted.
        * css/DeprecatedCSSOMValueList.h:

2018-01-03  Simon Fraser  <simon.fraser@apple.com>

        feLighting is broken with primitiveUnits="objectBoundingBox"
        https://bugs.webkit.org/show_bug.cgi?id=181197

        Reviewed by Tim Horton.

        With <filter primitiveUnits="objectBoundingBox"> we need to convert the coordinates
        of fePointLights and feSpotLights into user space coordinates. Following
        https://www.w3.org/TR/SVG/filters.html#FilterElementPrimitiveUnitsAttribute
        this is done by treating them as fractions of the bounding box on the referencing
        element, with treatment for z following https://www.w3.org/TR/SVG/coords.html#Units_viewport_percentage
        
        To do this, store the bounds of the referencing elemenet on SVGFilterBuilder as
        targetBoundingBox, and store the primitiveUnits type. Then do the conversion of lighting
        coordinates in SVGFESpecularLightingElement::build() and SVGFEDiffuseLightingElement::build().

        Remove SVGFELightElement::findLightSource(), since we need to be able to pass the SVGFilterBuilder
        to the lightSource() function so hoist the code up.

        Tests: svg/filters/feDiffuseLighting-fePointLight-primitiveUnits-objectBoundingBox-expected.svg
               svg/filters/feDiffuseLighting-fePointLight-primitiveUnits-objectBoundingBox.svg
               svg/filters/feDiffuseLighting-feSpotLight-primitiveUnits-objectBoundingBox-expected.svg
               svg/filters/feDiffuseLighting-feSpotLight-primitiveUnits-objectBoundingBox.svg
               svg/filters/feSpecularLighting-fePointLight-primitiveUnits-objectBoundingBox-expected.svg
               svg/filters/feSpecularLighting-fePointLight-primitiveUnits-objectBoundingBox.svg

        * rendering/svg/RenderSVGResourceFilter.cpp:
        (WebCore::RenderSVGResourceFilter::buildPrimitives const):
        * svg/SVGFEDiffuseLightingElement.cpp:
        (WebCore::SVGFEDiffuseLightingElement::build):
        * svg/SVGFEDistantLightElement.cpp:
        (WebCore::SVGFEDistantLightElement::lightSource const):
        * svg/SVGFEDistantLightElement.h:
        * svg/SVGFELightElement.cpp:
        (WebCore::SVGFELightElement::findLightSource): Deleted.
        * svg/SVGFELightElement.h:
        * svg/SVGFEPointLightElement.cpp:
        (WebCore::SVGFEPointLightElement::lightSource const):
        * svg/SVGFEPointLightElement.h:
        * svg/SVGFESpecularLightingElement.cpp:
        (WebCore::SVGFESpecularLightingElement::build):
        * svg/SVGFESpotLightElement.cpp:
        (WebCore::SVGFESpotLightElement::lightSource const):
        * svg/SVGFESpotLightElement.h:
        * svg/graphics/filters/SVGFilterBuilder.h:
        (WebCore::SVGFilterBuilder::setTargetBoundingBox):
        (WebCore::SVGFilterBuilder::targetBoundingBox const):
        (WebCore::SVGFilterBuilder::primitiveUnits const):
        (WebCore::SVGFilterBuilder::setPrimitiveUnits):

2018-01-03  Antti Koivisto  <antti@apple.com>

        Crash beneath CSSValue::equals @ csas.cz
        https://bugs.webkit.org/show_bug.cgi?id=181243
        <rdar://problem/35990826>

        Reviewed by Alex Christensen.

        Test: fast/text/oblique-degree-equals-crash.html

        * css/CSSFontStyleValue.cpp:
        (WebCore::CSSFontStyleValue::equals const):

        Null check both oblique pointers.

2018-01-03  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: Slow open time enumerating system fonts (FontCache::systemFontFamilies)
        https://bugs.webkit.org/show_bug.cgi?id=180979
        <rdar://problem/36146670>

        Reviewed by Matt Baker.

        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (fontNameIsSystemFont):
        (WebCore::FontCache::systemFontFamilies):
        Switch to the original Mac algorithm before r180979 that uses
        CTFontManagerCopyAvailableFontFamilyNames. Previously this wasn't
        available on iOS but now it is. This is a performance improvement on
        both platforms, but significantly so on macOS. It also finds more,
        valid, family names.

2018-01-03  Michael Catanzaro  <mcatanzaro@igalia.com>

        ASSERTION FAILED: !source || is<Target>(*source) in CoordinatedGraphicsLayer::removeFromParent
        https://bugs.webkit.org/show_bug.cgi?id=166568

        Reviewed by Simon Fraser.

        When a GraphicsLayer has a mask layer, it fails to properly unparent the mask layer before
        it is destroyed. This leaves the mask layer with a dangling parent pointer. Fix it, while
        taking care not to introduce yet another virtual function call during the execution of the
        destructor.

        * platform/graphics/GraphicsLayer.cpp:
        (WebCore::GraphicsLayer::willBeDestroyed):

2018-01-03  Simon Fraser  <simon.fraser@apple.com>

        SVG lighting filter lights are in the wrong coordinate system
        https://bugs.webkit.org/show_bug.cgi?id=181147

        Reviewed by Zalan Bujtas.

        Point and spot light coordinates weren't being converted into buffer-relative
        coordinates before being fed into the lighting math, resulting in incorrect light
        rendering on Retina devices, and when the filter primitive region was clipped.

        Fix by storing absoluteUnclippedSubregion on FilterEffect, which allows us to map
        lighting points from user space coordinates into the coordinates of the buffer being
        used for rendering. Also scale the light z coordinate by doing a dummy point mapping in x.

        Rename members of PointLightSource and SpotLightSource to make it clear which coordinate
        system they are in.

        Tests include HiDPI tests.

        Tests: svg/filters/fePointLight-coordinates-expected.svg
               svg/filters/fePointLight-coordinates.svg
               svg/filters/feSpotLight-coordinates-expected.svg
               svg/filters/feSpotLight-coordinates.svg
               svg/filters/hidpi/fePointLight-coordinates-expected.svg
               svg/filters/hidpi/fePointLight-coordinates.svg
               svg/filters/hidpi/feSpotLight-coordinates-expected.svg
               svg/filters/hidpi/feSpotLight-coordinates.svg

        * platform/graphics/FloatPoint3D.h: Make it easy to get and set the X and Y coords as a FloatPoint.
        (WebCore::FloatPoint3D::xy const):
        (WebCore::FloatPoint3D::setXY):
        * platform/graphics/GeometryUtilities.cpp:
        (WebCore::mapPoint):
        (WebCore::mapRect):
        * platform/graphics/GeometryUtilities.h: Helper to make a point between rects.
        * platform/graphics/filters/DistantLightSource.cpp:
        (WebCore::DistantLightSource::initPaintingData):
        * platform/graphics/filters/DistantLightSource.h:
        * platform/graphics/filters/FELighting.cpp:
        (WebCore::FELighting::drawLighting):
        * platform/graphics/filters/FilterEffect.cpp:
        (WebCore::FilterEffect::mapPointFromUserSpaceToBuffer const):
        * platform/graphics/filters/FilterEffect.h:
        (WebCore::FilterEffect::setUnclippedAbsoluteSubregion):
        * platform/graphics/filters/LightSource.h:
        * platform/graphics/filters/PointLightSource.cpp:
        (WebCore::PointLightSource::initPaintingData):
        (WebCore::PointLightSource::computePixelLightingData const):
        (WebCore::PointLightSource::setX):
        (WebCore::PointLightSource::setY):
        (WebCore::PointLightSource::setZ):
        * platform/graphics/filters/PointLightSource.h:
        (WebCore::PointLightSource::position const):
        (WebCore::PointLightSource::PointLightSource):
        * platform/graphics/filters/SpotLightSource.cpp:
        (WebCore::SpotLightSource::initPaintingData):
        (WebCore::SpotLightSource::computePixelLightingData const):
        (WebCore::SpotLightSource::setX):
        (WebCore::SpotLightSource::setY):
        (WebCore::SpotLightSource::setZ):
        (WebCore::SpotLightSource::setPointsAtX):
        (WebCore::SpotLightSource::setPointsAtY):
        (WebCore::SpotLightSource::setPointsAtZ):
        * platform/graphics/filters/SpotLightSource.h:
        (WebCore::SpotLightSource::position const):
        (WebCore::SpotLightSource::direction const):
        (WebCore::SpotLightSource::SpotLightSource):
        * rendering/svg/RenderSVGResourceFilter.cpp:
        (WebCore::RenderSVGResourceFilter::buildPrimitives const):
        * rendering/svg/RenderSVGResourceFilterPrimitive.cpp:
        (WebCore::RenderSVGResourceFilterPrimitive::determineFilterPrimitiveSubregion):

2018-01-03  Youenn Fablet  <youenn@apple.com>

        Select service worker for documents with data/blob URLS
        https://bugs.webkit.org/show_bug.cgi?id=181213

        Reviewed by Alex Christensen.

        Covered by updated test.

        Reusing the service worker of the parent for blob/data URL documents.

        * loader/DocumentLoader.cpp:
        (WebCore::isLocalURL):
        (WebCore::DocumentLoader::commitData):

2018-01-03  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r226352.

        Breaks Sierra and El Capitan builds.

        Reverted changeset:

        "Web Inspector: Slow open time enumerating system fonts
        (FontCache::systemFontFamilies)"
        https://bugs.webkit.org/show_bug.cgi?id=180979
        https://trac.webkit.org/changeset/226352

2018-01-03  Philippe Normand  <pnormand@igalia.com>

        [GStreamer] The bus synchronous handler should be in the base player class
        https://bugs.webkit.org/show_bug.cgi?id=181237

        Reviewed by Carlos Garcia Campos.

        Because this is where video rendering is handled.

        No new tests, this is only a refactoring.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::createGSTPlayBin):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::setPipeline):

2018-01-03  Philippe Normand  <pnormand@igalia.com>

        [GStreamer] move MediaSample implementation out of mse/
        https://bugs.webkit.org/show_bug.cgi?id=179165

        Reviewed by Carlos Garcia Campos.

        This module isn't specific to MSE and can potentially be reused
        elsewhere, for WebRTC for instance. Additionally the
        ::platformSample() method was implemented and the code was cleaned up.

        * platform/GStreamer.cmake:
        * platform/MediaSample.h:
        * platform/graphics/gstreamer/GStreamerMediaSample.cpp: Renamed from Source/WebCore/platform/graphics/gstreamer/mse/GStreamerMediaSample.cpp.
        (WebCore::GStreamerMediaSample::platformSample):
        * platform/graphics/gstreamer/GStreamerMediaSample.h: Renamed from Source/WebCore/platform/graphics/gstreamer/mse/GStreamerMediaSample.h.
        * platform/graphics/gstreamer/mse/PlaybackPipeline.cpp:
        (WebCore::PlaybackPipeline::enqueueSample):

2018-01-03  Carlos Garcia Campos  <cgarcia@igalia.com>

        Unreviewed. Fix resource load stats tests on GLib based ports after r226355.

        The monitor can be created in the work queue thread too.

        * platform/glib/FileMonitorGLib.cpp:
        (WebCore::FileMonitor::FileMonitor):

2018-01-03  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Crash destroying WebCore::FileMonitor
        https://bugs.webkit.org/show_bug.cgi?id=181138

        Reviewed by Michael Catanzaro.

        Ensure that platform file monitor is always created and destroyed in the work queue thread synchronously.

        * platform/FileMonitor.h:
        * platform/glib/FileMonitorGLib.cpp:
        (WebCore::FileMonitor::FileMonitor):
        (WebCore::FileMonitor::~FileMonitor):
        (WebCore::FileMonitor::didChange):

2018-01-02  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: Slow open time enumerating system fonts (FontCache::systemFontFamilies)
        https://bugs.webkit.org/show_bug.cgi?id=180979
        <rdar://problem/36146670>

        Reviewed by Matt Baker.

        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (WebCore::FontCache::systemFontFamilies):
        Switch to the original Mac algorithm before r180979 that uses
        CTFontManagerCopyAvailableFontFamilyNames. Previously this wasn't
        available on iOS but now it is. This is a performance improvement on
        both platforms, but significantly so on macOS. It also finds more,
        valid, family names.

2018-01-02  Yusuke Suzuki  <utatane.tea@gmail.com>

        Unreviewed, fix GCC warning by using #include
        https://bugs.webkit.org/show_bug.cgi?id=181189

        This file is included in C++ files. Use #include instead of #import to suppress warning in GCC.

        * platform/PromisedBlobInfo.h:

2017-12-28  Yusuke Suzuki  <utatane.tea@gmail.com>

        Remove std::chrono completely
        https://bugs.webkit.org/show_bug.cgi?id=181186

        Reviewed by Alex Christensen.

        Use MonotonicTime, WallTime, and Seconds instead.
        Changes are mechanical ones. But persistent network cache data is changed.
        So we bump the version number of the cache storage.

        * Modules/indexeddb/server/IDBServer.cpp:
        (WebCore::IDBServer::IDBServer::closeAndDeleteDatabasesModifiedSince):
        (WebCore::IDBServer::removeAllDatabasesForOriginPath):
        (WebCore::IDBServer::IDBServer::performCloseAndDeleteDatabasesModifiedSince):
        (WebCore::IDBServer::IDBServer::performCloseAndDeleteDatabasesForOrigins):
        * Modules/indexeddb/server/IDBServer.h:
        * Modules/webdatabase/DatabaseTracker.cpp:
        (WebCore::DatabaseTracker::deleteDatabasesModifiedSince):
        * Modules/webdatabase/DatabaseTracker.h:
        * dom/Document.cpp:
        (WebCore::Document::lastModified):
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::clearMediaCache):
        * html/HTMLMediaElement.h:
        (WebCore::HTMLMediaElement::clearMediaCache):
        * loader/CrossOriginPreflightResultCache.cpp:
        (WebCore::parseAccessControlMaxAge):
        (WebCore::CrossOriginPreflightResultCacheItem::parse):
        (WebCore::CrossOriginPreflightResultCacheItem::allowsRequest const):
        * loader/CrossOriginPreflightResultCache.h:
        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::CachedResource):
        (WebCore::CachedResource::freshnessLifetime const):
        (WebCore::CachedResource::responseReceived):
        (WebCore::CachedResource::updateResponseAfterRevalidation):
        * loader/cache/CachedResource.h:
        * platform/FileSystem.cpp:
        (WebCore::FileSystem::getFileModificationTime):
        * platform/FileSystem.h:
        * platform/SearchPopupMenu.h:
        * platform/cocoa/SearchPopupMenuCocoa.h:
        * platform/cocoa/SearchPopupMenuCocoa.mm:
        (WebCore::toSystemClockTime):
        (WebCore::toNSDateFromSystemClock):
        (WebCore::removeRecentlyModifiedRecentSearches):
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::clearMediaCache):
        * platform/graphics/MediaPlayer.h:
        * platform/graphics/MediaPlayerPrivate.h:
        (WebCore::MediaPlayerPrivateInterface::clearMediaCache):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::toSystemClockTime):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::clearMediaCache):
        * platform/graphics/mac/MediaPlayerPrivateQTKit.h:
        * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
        (WebCore::MediaPlayerPrivateQTKit::clearMediaCache):
        * platform/network/CacheValidation.cpp:
        (WebCore::computeCurrentAge):
        (WebCore::computeFreshnessLifetimeForHTTPFamily):
        (WebCore::updateRedirectChainStatus):
        (WebCore::redirectChainAllowsReuse):
        (WebCore::parseCacheControlDirectives):
        * platform/network/CacheValidation.h:
        (WebCore::RedirectChainCacheStatus::RedirectChainCacheStatus):
        * platform/network/HTTPParsers.cpp:
        (WebCore::parseHTTPDate):
        * platform/network/HTTPParsers.h:
        * platform/network/PlatformCookieJar.h:
        * platform/network/ResourceResponseBase.cpp:
        (WebCore::ResourceResponseBase::cacheControlMaxAge const):
        (WebCore::parseDateValueInHeader):
        (WebCore::ResourceResponseBase::date const):
        (WebCore::ResourceResponseBase::age const):
        (WebCore::ResourceResponseBase::expires const):
        (WebCore::ResourceResponseBase::lastModified const):
        * platform/network/ResourceResponseBase.h:
        * platform/network/cf/CookieJarCFNet.cpp:
        (WebCore::deleteAllCookiesModifiedSince):
        * platform/network/curl/CookieJarCurl.cpp:
        (WebCore::CookieJarCurlFileSystem::deleteAllCookiesModifiedSince):
        (WebCore::deleteAllCookiesModifiedSince):
        * platform/network/curl/CookieJarCurl.h:
        * platform/network/curl/CurlCacheEntry.cpp:
        (WebCore::CurlCacheEntry::CurlCacheEntry):
        (WebCore::CurlCacheEntry::isCached):
        (WebCore::CurlCacheEntry::parseResponseHeaders):
        * platform/network/curl/CurlCacheEntry.h:
        * platform/network/mac/CookieJarMac.mm:
        (WebCore::deleteAllCookiesModifiedSince):
        * platform/network/soup/CookieJarSoup.cpp:
        (WebCore::deleteAllCookiesModifiedSince):
        * platform/win/SearchPopupMenuWin.cpp:
        (WebCore::SearchPopupMenuWin::loadRecentSearches):
        * rendering/RenderSearchField.cpp:
        (WebCore::RenderSearchField::addSearchResult):

2018-01-02  Wenson Hsieh  <wenson_hsieh@apple.com>

        [Attachment Support] Introduce data structures and IPC support for writing promised blobs
        https://bugs.webkit.org/show_bug.cgi?id=181189

        Reviewed by Tim Horton.

        Introduces a new header containing structs to be used for writing blob data when dragging. PromisedBlobInfo
        represents information needed to declare data on the pasteboard that will eventually be provided via a Blob.
        This includes the type and filename of the Blob-backed content. PromisedBlobData represents information needed
        to actually deliver the Blob's content to the platform, and is sent some time after its corresponding
        PromisedBlobInfo. The content may either be in the form of a file path (as is the case using the previous
        declareAndWriteAttachment codepath) or a data buffer (which we would use if the Blob is not already backed by a
        file on disk).

        No new tests, since there is no observable change in functionality yet.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/PromisedBlobInfo.h: Added.
        (WebCore::PromisedBlobInfo::operator bool const):
        (WebCore::PromisedBlobData::hasData const):
        (WebCore::PromisedBlobData::hasFile const):
        (WebCore::PromisedBlobData::operator bool const):
        (WebCore::PromisedBlobData::fulfills const):

2018-01-02  Brady Eidson  <beidson@apple.com>

        Make MessagePortChannel::takeAllMessagesFromRemote asynchronous.
        https://bugs.webkit.org/show_bug.cgi?id=181205

        Reviewed by Alex Christensen.

        No new tests (No behavior change)

        This is needed for the ongoing WK2 MessagePort work.

        For WK1 in-process MessagePorts it is still synchronous; no behavior change.

        * dom/InProcessMessagePortChannel.cpp:
        (WebCore::InProcessMessagePortChannel::takeAllMessagesFromRemote):
        * dom/InProcessMessagePortChannel.h:

        * dom/MessagePort.cpp:
        (WebCore::MessagePort::dispatchMessages):
        * dom/MessagePortChannel.h:

2018-01-02  Jiewen Tan  <jiewen_tan@apple.com>

        Add a WebAuthentication runtime feature flag
        https://bugs.webkit.org/show_bug.cgi?id=181220
        <rdar://problem/36055305>

        Reviewed by Brent Fulgham.

        This patch basically renames the CredentialManagement runtime feature flag into
        WebAuthentication runtime feature flag.

        No tests.

        * Modules/credentialmanagement/BasicCredential.idl:
        * Modules/credentialmanagement/CredentialsContainer.idl:
        * Modules/credentialmanagement/NavigatorCredentials.idl:
        * Modules/webauthn/PublicKeyCredential.idl:
        * page/RuntimeEnabledFeatures.h:
        (WebCore::RuntimeEnabledFeatures::setWebAuthenticationEnabled):
        (WebCore::RuntimeEnabledFeatures::webAuthenticationEnabled const):
        (WebCore::RuntimeEnabledFeatures::setCredentialManagementEnabled): Deleted.
        (WebCore::RuntimeEnabledFeatures::credentialManagementEnabled const): Deleted.

2018-01-02  Wenson Hsieh  <wenson_hsieh@apple.com>

        [Attachment Support] Don't Blob-convert images and attachments with https:, http: or data: urls
        https://bugs.webkit.org/show_bug.cgi?id=181143
        <rdar://problem/36200381>

        Reviewed by Tim Horton.

        Clients such as Mail would expect pasting or dropping an image with src="https://..." to result in the source
        URL being preserved (i.e. staying as remote images) instead of creating image attachments out of them. This
        patch hooks into the shouldConvertToBlob() check added in r226272 so that it applies to attachment element
        replacement as well.

        Test: WKAttachmentTests.DoNotInsertDataURLImagesAsAttachments

        * editing/cocoa/WebContentReaderCocoa.mm:
        (WebCore::shouldConvertToBlob):
        (WebCore::replaceRichContentWithAttachments):

2018-01-02  Brady Eidson  <beidson@apple.com>

        Identify MessagePorts by a globally unique MessagePortIdentifier.
        https://bugs.webkit.org/show_bug.cgi?id=181172

        Reviewed by Alex Christensen.

        No new tests (Behavior change covered by all existing tests).

        This cleans up the abstract MessagePortChannel interface to be in terms of identifiers
        instead of actual MessagePort objects.
        
        The identifiers are compounded with the current ProcessIdentifier meaning they are global
        across all processes for the running UI process, enabling easy cross-process communication.
        
        (Actual cross-process communication comes in a followup)
        
        * WebCore.xcodeproj/project.pbxproj:
        
        * dom/InProcessMessagePortChannel.cpp:
        (WebCore::InProcessMessagePortChannel::createChannelBetweenPorts):
        (WebCore::InProcessMessagePortChannel::isConnectedTo):
        (WebCore::InProcessMessagePortChannel::entangleWithRemoteIfOpen):
        (WebCore::InProcessMessagePortChannel::entangleIfOpen): Deleted.
        * dom/InProcessMessagePortChannel.h:
        
        * dom/MessageChannel.cpp:
        (WebCore::MessageChannel::MessageChannel):
        (WebCore::m_port2):
        
        * dom/MessagePort.cpp:
        (WebCore::allMessagePortsLock):
        (WebCore::MessagePort::ref const):
        (WebCore::MessagePort::deref const):
        (WebCore::MessagePort::existingMessagePortForIdentifier):
        (WebCore::MessagePort::MessagePort):
        (WebCore::MessagePort::~MessagePort):
        (WebCore::MessagePort::postMessage):
        (WebCore::MessagePort::entangleWithRemote):
        (WebCore::MessagePort::entanglePorts):
        (WebCore::MessagePort::entangle): Deleted.
        * dom/MessagePort.h:
        
        * dom/MessagePortChannel.h:
        
        * dom/MessagePortIdentifier.h: Added.
        (WebCore::operator==):
        (WebCore::MessagePortIdentifier::encode const):
        (WebCore::MessagePortIdentifier::decode):
        (WebCore::MessagePortIdentifier::hash const):
        (WTF::MessagePortIdentifierHash::hash):
        (WTF::MessagePortIdentifierHash::equal):
        (WTF::HashTraits<WebCore::MessagePortIdentifier>::emptyValue):
        (WTF::HashTraits<WebCore::MessagePortIdentifier>::constructDeletedValue):
        (WTF::HashTraits<WebCore::MessagePortIdentifier>::isDeletedValue):

2018-01-02  Youenn Fablet  <youenn@apple.com>

        Memory cache should not reuse resources with different credential fetch option
        https://bugs.webkit.org/show_bug.cgi?id=181212

        Reviewed by Alex Christensen.

        Covered by rebased test.

        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::determineRevalidationPolicy const):

2018-01-02  Jiewen Tan  <jiewen_tan@apple.com>

        Update Credential Management API for WebAuthentication
        https://bugs.webkit.org/show_bug.cgi?id=181082
        <rdar://problem/36055239>

        Reviewed by Brent Fulgham.

        Part 2/2

        This patch implements Core API from Credential Management API: https://www.w3.org/TR/credential-management-1/#core.
        which is required by WebAuthN. It also sets the CredentialManagement runtime flag to enable testing. Note that it
        introduces a dummy PublicKeyCredential interface for testing functionalities of the Credential interface, which
        cannot be instantiated.

        Tests: http/wpt/credential-management/credentialscontainer-create-basics.https.html
               http/wpt/credential-management/credentialscontainer-get-basics.https.html
               http/wpt/credential-management/credentialscontainer-preventSilentAccess-basics.https.html
               http/wpt/credential-management/idl.https.html

        * CMakeLists.txt:
        * DerivedSources.make:
        * Modules/credentialmanagement/BasicCredential.cpp:
        (WebCore::BasicCredential::BasicCredential):
        (WebCore::BasicCredential::type const):
        * Modules/credentialmanagement/BasicCredential.h:
        (WebCore::BasicCredential::discovery const):
        * Modules/credentialmanagement/BasicCredential.idl:
        * Modules/credentialmanagement/CredentialCreationOptions.h:
        * Modules/credentialmanagement/CredentialCreationOptions.idl:
        * Modules/credentialmanagement/CredentialRequestOptions.h:
        * Modules/credentialmanagement/CredentialRequestOptions.idl:
        * Modules/credentialmanagement/CredentialsContainer.cpp:
        (WebCore::CredentialsContainer::CredentialsContainer):
        (WebCore::CredentialsContainer::isSameOriginWithItsAncestors):
        (WebCore::CredentialsContainer::dispatchTask):
        (WebCore::CredentialsContainer::get):
        (WebCore::CredentialsContainer::store):
        (WebCore::CredentialsContainer::isCreate):
        (WebCore::CredentialsContainer::preventSilentAccess):
        * Modules/credentialmanagement/CredentialsContainer.h:
        (WebCore::CredentialsContainer::create):
        (WebCore::CredentialsContainer::CredentialsContainer): Deleted.
        * Modules/credentialmanagement/CredentialsContainer.idl:
        * Modules/credentialmanagement/NavigatorCredentials.cpp:
        (WebCore::NavigatorCredentials::credentials):
        * Modules/credentialmanagement/NavigatorCredentials.h:
        * Modules/credentialmanagement/NavigatorCredentials.idl:
        * Modules/webauthn/PublicKeyCredential.cpp: Copied from Source/WebCore/Modules/credentialmanagement/BasicCredential.cpp.
        (WebCore::PublicKeyCredential::PublicKeyCredential):
        (WebCore::PublicKeyCredential::collectFromCredentialStore):
        (WebCore::PublicKeyCredential::discoverFromExternalSource):
        (WebCore::PublicKeyCredential::store):
        (WebCore::PublicKeyCredential::create):
        * Modules/webauthn/PublicKeyCredential.h: Copied from Source/WebCore/Modules/credentialmanagement/BasicCredential.cpp.
        * Modules/webauthn/PublicKeyCredential.idl: Copied from Source/WebCore/Modules/credentialmanagement/BasicCredential.idl.
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/WebCoreBuiltinNames.h:
        * page/RuntimeEnabledFeatures.h:

2018-01-02  Oleksandr Skachkov  <gskachkov@gmail.com>

        WebAssembly: sending module to iframe fails
        https://bugs.webkit.org/show_bug.cgi?id=179263

        Reviewed by JF Bastien.

        Allow use WebAssembly.Module as input parameters for postMessage 
        in window and iframe object. To prevent sending message to iframe
        that is not ready, in iframe-* test we are waiting message from
        iframe only after that we send message to it.   

        Tests: wasm/iframe-parent-postmessage.html
               wasm/iframe-postmessage.html
               wasm/window-postmessage.html

        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::CloneSerializer::dumpIfTerminal):
        * bindings/js/SerializedScriptValue.h:
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::postMessage):

== Rolled over to ChangeLog-2018-01-01 ==