b70b552aba432dd48db4b31299fca959922bec22
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2016-07-25  Jeremy Jones  <jeremyj@apple.com>
2
3         Set MediaRemote playback state based on MediaSession playback state.
4         https://bugs.webkit.org/show_bug.cgi?id=160177
5
6         Reviewed by Eric Carlson.
7
8         Use playback session state to update media remote playback state instead of 
9         unconditionally setting it to playing.
10
11         * platform/audio/mac/MediaSessionManagerMac.mm:
12         (WebCore::MediaSessionManagerMac::updateNowPlayingInfo):
13
14 2016-07-25  Zalan Bujtas  <zalan@apple.com>
15
16         RenderBox::haveSameDirection is used only by table items.
17         https://bugs.webkit.org/show_bug.cgi?id=160141
18
19         Reviewed by Simon Fraser.
20
21         Remove RenderBox::haveSameDirection() since it's used only by RenderTable*
22         classes. The new stand alone function (with 2 arguments) now checks if both of
23         the objects are valid. 
24
25         No change in functionality.
26
27         * rendering/RenderBox.h:
28         (WebCore::RenderBox::hasSameDirectionAs): Deleted.
29         * rendering/RenderTable.cpp:
30         (WebCore::RenderTable::tableStartBorderAdjoiningCell):
31         (WebCore::RenderTable::tableEndBorderAdjoiningCell):
32         * rendering/RenderTable.h:
33         (WebCore::haveSameDirection):
34         * rendering/RenderTableCell.cpp:
35         (WebCore::RenderTableCell::hasStartBorderAdjoiningTable):
36         (WebCore::RenderTableCell::hasEndBorderAdjoiningTable):
37         * rendering/RenderTableCell.h:
38         (WebCore::RenderTableCell::borderAdjoiningTableStart):
39         (WebCore::RenderTableCell::borderAdjoiningTableEnd):
40         * rendering/RenderTableRow.h:
41         (WebCore::RenderTableRow::borderAdjoiningTableStart):
42         (WebCore::RenderTableRow::borderAdjoiningTableEnd):
43         * rendering/RenderTableSection.cpp:
44         (WebCore::RenderTableSection::borderAdjoiningStartCell):
45         (WebCore::RenderTableSection::borderAdjoiningEndCell):
46         (WebCore::RenderTableSection::firstRowCellAdjoiningTableStart):
47         (WebCore::RenderTableSection::firstRowCellAdjoiningTableEnd):
48         * rendering/RenderTableSection.h:
49         (WebCore::RenderTableSection::borderAdjoiningTableStart):
50         (WebCore::RenderTableSection::borderAdjoiningTableEnd):
51
52 2016-07-25  Chris Dumez  <cdumez@apple.com>
53
54         ClientRect properties should be on the prototype
55         https://bugs.webkit.org/show_bug.cgi?id=160165
56
57         Reviewed by Geoffrey Garen.
58
59         Move ClientRect properties from the instance to the prototype. This
60         matches the specification, Firefox and Chrome.
61
62         Also add a serializer to ClientRect in order to match the specification:
63         - https://drafts.fxtf.org/geometry/Overview.html#domrectreadonly
64         - https://heycam.github.io/webidl/#es-serializer
65
66         This avoids breaking content that relies on JSON.stringify() to
67         serialize ClientRect objects.
68
69         Tests: fast/css/ClientRect-attributes-prototype.html
70                fast/css/ClientRect-serialization.html
71
72         * CMakeLists.txt:
73         * WebCore.xcodeproj/project.pbxproj:
74         * bindings/js/JSBindingsAllInOne.cpp:
75         * bindings/js/JSClientRectCustom.cpp: Added.
76         (WebCore::JSClientRect::toJSON):
77         * bindings/scripts/CodeGeneratorJS.pm:
78         * dom/ClientRect.idl:
79
80 2016-07-25  Chris Dumez  <cdumez@apple.com>
81
82         Parameters to DOMImplementation.createDocumentType() should be mandatory and non-nullable
83         https://bugs.webkit.org/show_bug.cgi?id=160167
84
85         Reviewed by Ryosuke Niwa.
86
87         Parameters to DOMImplementation.createDocumentType() should be mandatory
88         and non-nullable:
89         - https://dom.spec.whatwg.org/#domimplementation
90
91         Firefox and Chrome both agree with the specification. However, those
92         parameters were nullable and optional in WebKit.
93
94         Test: fast/dom/DOMImplementation/createDocumentType-parameters.html
95
96         * dom/DOMImplementation.idl:
97
98 2016-07-25  Wenson Hsieh  <wenson_hsieh@apple.com>
99
100         Media controls should not be displayed for a video until it starts playing
101         https://bugs.webkit.org/show_bug.cgi?id=160092
102         <rdar://problem/26986673>
103
104         Reviewed by Beth Dakin.
105
106         For videos that have never played back yet, we should not show media controls. To ensure this
107         behavior, we ensure that the playback behavior restriction is set upon creating the media
108         element. This restriction is then removed when the media element begins to play.
109
110         Added two new WebKit API tests.
111
112         * html/HTMLMediaElement.cpp:
113         (WebCore::HTMLMediaElement::HTMLMediaElement):
114
115 2016-07-25  Jiewen Tan  <jiewen_tan@apple.com>
116
117         Rename SubtleCrypto to WebKitSubtleCrypto
118         https://bugs.webkit.org/show_bug.cgi?id=160067
119         <rdar://problem/27483617>
120
121         Reviewed by Brent Fulgham.
122
123         Tests: crypto/webkitSubtle/gc-2.html
124                crypto/webkitSubtle/gc-3.html
125                crypto/webkitSubtle/gc.html
126
127         Rename Class SubtleCrypto to WebKitSubtleCrypto, and Crypto.subtle to Crypto.webkitSubtle in order
128         to let the new implementation to reuse the name SubtleCrypto. This renaming should match what our
129         current JSBindings use, and therefore should not introduce any change of behavoir.
130
131         * CMakeLists.txt:
132         Revise project files for for new file names.
133         * DerivedSources.cpp:
134         * DerivedSources.make:
135         * PlatformEfl.cmake:
136         * PlatformGTK.cmake:
137         * PlatformMac.cmake:
138         * WebCore.xcodeproj/project.pbxproj:
139         Revise project files for for new file names.
140         * bindings/js/JSWebKitSubtleCryptoCustom.cpp: Renamed from Source/WebCore/bindings/js/JSSubtleCryptoCustom.cpp.
141         * crypto/WebKitSubtleCrypto.cpp: Renamed from Source/WebCore/crypto/SubtleCrypto.cpp.
142         * crypto/WebKitSubtleCrypto.h: Renamed from Source/WebCore/crypto/SubtleCrypto.h.
143         * crypto/WebKitSubtleCrypto.idl: Renamed from Source/WebCore/crypto/SubtleCrypto.idl.
144         * page/Crypto.cpp:
145         (WebCore::Crypto::webkitSubtle):
146         (WebCore::Crypto::subtle): Deleted.
147         * page/Crypto.h:
148         * page/Crypto.idl:
149
150 2016-07-25  Brady Eidson  <beidson@apple.com>
151
152         Allow LocalStorage by default for file URLs.
153         https://bugs.webkit.org/show_bug.cgi?id=160169
154
155         Reviewed by Brent Fulgham.
156
157         Test: storage/domstorage/localstorage/file-can-access.html
158
159         * page/SecurityOrigin.cpp:
160         (WebCore::SecurityOrigin::canAccessStorage): Remove the m_universalAccess check for local URLs.
161
162 2016-07-25  Nan Wang  <n_wang@apple.com>
163
164         AX: AccessibilityRenderObject is adding duplicated children when CSS first-letter is being used.
165         https://bugs.webkit.org/show_bug.cgi?id=160155
166
167         Reviewed by Chris Fleizach.
168
169         We were adding the same text node twice if CSS first-letter selector was being used. Added a
170         check for the inline continuation so that we only add it once. 
171
172         Test: accessibility/mac/css-first-letter-children.html
173
174         * accessibility/AccessibilityRenderObject.cpp:
175         (WebCore::firstChildConsideringContinuation):
176
177 2016-07-25  Wenson Hsieh  <wenson_hsieh@apple.com>
178
179         Media controls on apple.com don't disappear when movie finishes playing
180         https://bugs.webkit.org/show_bug.cgi?id=160068
181         <rdar://problem/26668526>
182
183         Reviewed by Darin Adler.
184
185         When a video ends, it should cause media controls to hide. While current logic
186         mostly accounts for this, it does not account for programmatic seeks causing
187         the video to lose its 'ended' status before querying for whether or not to
188         show media controls.
189
190         Three new API tests: large-video-seek-after-ending.html
191         large-video-hides-controls-after-seek-to-end.html
192         large-video-seek-to-beginning-and-play-after-ending.html
193
194         * html/HTMLMediaElement.cpp:
195         (WebCore::HTMLMediaElement::mediaPlayerTimeChanged):
196         (WebCore::HTMLMediaElement::setPlaying):
197         * html/MediaElementSession.cpp:
198         (WebCore::MediaElementSession::canControlControlsManager):
199         * html/MediaElementSession.h:
200
201 2016-07-25  Frederic Wang  <fwang@igalia.com>
202
203         Introduce a MathMLOperatorElement class
204         https://bugs.webkit.org/show_bug.cgi?id=160034
205
206         Reviewed by Darin Adler.
207
208         No new tests, rendering is unchaned.
209
210         * CMakeLists.txt: Add MathMLOperatorElement to the build file.
211         * WebCore.xcodeproj/project.pbxproj: Ditto.
212         * mathml/MathMLAllInOne.cpp: Ditto.
213         * mathml/MathMLOperatorElement.cpp: New DOM class for <mo> element.
214         (WebCore::MathMLOperatorElement::MathMLOperatorElement):
215         (WebCore::MathMLOperatorElement::create):
216         (WebCore::MathMLOperatorElement::parseAttribute): Handle mo attributes.
217         (WebCore::MathMLOperatorElement::createElementRenderer): Create RenderMathMLOperator.
218         * mathml/MathMLOperatorElement.h: Declare a class deriving from MathMLTextElement.
219         * mathml/MathMLTextElement.cpp: Remove all the RenderMathMLOperator parts.
220         (WebCore::MathMLTextElement::MathMLTextElement): Remove inline keyword so that the class can
221         be overriden.
222         (WebCore::MathMLTextElement::parseAttribute): Remove code handled in MathMLOperatorElement.
223         (WebCore::MathMLTextElement::createElementRenderer): Ditto.
224         * mathml/MathMLTextElement.h: Make class and members overridable.
225         * mathml/mathtags.in: Map mo to MathMLOperatorElement.
226         * rendering/mathml/RenderMathMLOperator.cpp:
227         (WebCore::RenderMathMLOperator::RenderMathMLOperator): Make the constructor take a
228         MathMLOperatorElement.
229         * rendering/mathml/RenderMathMLOperator.h: Ditto.
230
231 2016-07-25  Darin Adler  <darin@apple.com>
232
233         Speed up make process slightly by improving "list of files" idiom
234         https://bugs.webkit.org/show_bug.cgi?id=160164
235
236         Reviewed by Mark Lam.
237
238         * DerivedSources.make: Change rules that build lists of files to only run when
239         DerivedSources.make has been modified since the last time they were run. Since the
240         list of files are inside this file, this is safe, and this is faster than always
241         comparing and regenerating the file containing the list of files each time.
242
243 2016-07-24  Wenson Hsieh  <wenson_hsieh@apple.com>
244
245         The web process hangs when computing elements-based snap points for a container with large max scroll offset
246         https://bugs.webkit.org/show_bug.cgi?id=152605
247         <rdar://problem/25353661>
248
249         Reviewed by Simon Fraser.
250
251         Fixes a bug in the computation of axis snap points. The ScrollSnapPoints object, which tracks
252         snap points along a particular axis, has two flags, hasRepeat and usesElements. For elements-
253         based snapping, both flags would be turned on, since StyleBuilderConverter::convertScrollSnapPoints
254         short-circuits for elements-based snapping and does not default usesRepeat to false. To address this,
255         we make ScrollSnapPoints not repeat(100%) by default.
256
257         Test: css3/scroll-snap/scroll-snap-elements-container-larger-than-children.html
258
259         * css/StyleBuilderConverter.h:
260         (WebCore::StyleBuilderConverter::convertScrollSnapPoints): Deleted.
261         * rendering/style/StyleScrollSnapPoints.cpp:
262         (WebCore::ScrollSnapPoints::ScrollSnapPoints):
263
264 2016-07-25  Carlos Garcia Campos  <cgarcia@igalia.com>
265
266         REGRESSION(r200931): Invalid cast in highestAncestorToWrapMarkup()
267         https://bugs.webkit.org/show_bug.cgi?id=160163
268
269         Reviewed by Michael Catanzaro.
270
271         Since r200931 the result of enclosingNodeOfType() in highestAncestorToWrapMarkup() is downcasted to Element, but
272         the result of enclosingNodeOfType() can be a Node that is not an Element, in this case is Text. The cast is not
273         needed at all since that node is passed to editingIgnoresContent() and selectionFromContentsOfNode() and both
274         receive a Node not an Element.
275
276         * editing/markup.cpp:
277         (WebCore::highestAncestorToWrapMarkup): Remove invalid cast.
278
279 2016-07-25  Carlos Garcia Campos  <cgarcia@igalia.com>
280
281         [Coordinated Graphics] ASSERTION FAILED: m_coordinator->isFlushingLayerChanges() in fast/repaint/animation-after-layer-scroll.html
282         https://bugs.webkit.org/show_bug.cgi?id=160156
283
284         Reviewed by Michael Catanzaro.
285
286         So, we fixed an assertion in r203663, but now is hitting the next one. As explained in bug #160142, flush
287         compositing state can be triggered in tests by RenderLayerCompositor::layerTreeAsText(), without the coordinator
288         even noticing it, so the assert can be just removed.
289
290         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
291         (WebCore::CoordinatedGraphicsLayer::flushCompositingStateForThisLayerOnly): Remove incorrect assert.
292
293 2016-07-25  Zalan Bujtas  <zalan@apple.com>
294
295         EllipsisBox ctor's isVertical parameter should read isHorizontal.
296         https://bugs.webkit.org/show_bug.cgi?id=160153
297
298         Reviewed by Andreas Kling.
299
300         It indicates whether the ellipsis box is horizontal. (both the callsites
301         and the parent class use isHorizontal)
302
303         No change in functionality.
304
305         * rendering/EllipsisBox.cpp:
306         (WebCore::EllipsisBox::EllipsisBox):
307         * rendering/EllipsisBox.h:
308
309 2016-07-25  Sergio Villar Senin  <svillar@igalia.com>
310
311         [css-grid] Implement repeat(auto-fit)
312         https://bugs.webkit.org/show_bug.cgi?id=159771
313
314         Reviewed by Darin Adler.
315
316         The auto-fit keyword works exactly as the already implemented auto-fill except that all
317         empty tracks collapse (became 0px). Absolutely positioned items do not participate on the
318         layout of the grid so they are not considered (a grid with only absolutely positioned items
319         is considered an empty grid).
320
321         Whenever a track collapses the gutters on either side do also collapse. When a collapsed
322         track's gutters collapse, they coincide exactly. If one side of a collapsed track does not
323         have a gutter then collapsing its gutters results in no gutter on either "side" of the
324         collapsed track.
325
326         In practice this means that is not possible to know the gap between 2 consecutive auto
327         repeat tracks without examining some others whenever there are collapsed tracks.
328
329         Uncommented the auto-fit cases from Mozilla tests. They have to be adapted as the reftest
330         machinery requires all the content to be rendered in the original 800x600 viewport.
331
332         Tests: fast/css-grid-layout/grid-auto-fit-columns.html
333         fast/css-grid-layout/grid-auto-fit-rows.html
334         fast/css-grid-layout/mozilla/grid-repeat-auto-fill-fit-005-part-1.html
335         fast/css-grid-layout/mozilla/grid-repeat-auto-fill-fit-005-part-2.html
336
337         * css/CSSComputedStyleDeclaration.cpp:
338         (WebCore::valueForGridTrackList): Use the newly added trackSizesForComputedStyle().
339         * rendering/RenderGrid.cpp:
340         (WebCore::RenderGrid::computeTrackBasedLogicalHeight):
341         (WebCore::RenderGrid::computeTrackSizesForDirection):
342         (WebCore::RenderGrid::isEmptyAutoRepeatTrack):
343         (WebCore::RenderGrid::gridGapForDirection): Returns the gap directly from the style.
344         (WebCore::RenderGrid::guttersSize): Computes the gap between a startLine and an
345         endLine. This method may need to inspect some other surrounding tracks to compute the gap.
346         (WebCore::RenderGrid::computeIntrinsicLogicalWidths):
347         (WebCore::RenderGrid::computeIntrinsicLogicalHeight):
348         (WebCore::RenderGrid::computeUsedBreadthOfGridTracks):
349         (WebCore::RenderGrid::gridTrackSize):
350         (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForItems):
351         (WebCore::RenderGrid::computeAutoRepeatTracksCount):
352         (WebCore::RenderGrid::computeEmptyTracksForAutoRepeat): Returns a Vector with the auto
353         repeat tracks that are going to be collapsed because they're empty.
354         (WebCore::RenderGrid::placeItemsOnGrid):
355         (WebCore::RenderGrid::trackSizesForComputedStyle): Used by ComputedStyle logic to print the
356         size of tracks. Added in order to hide the actual contents of m_columnPositions and
357         m_rowPositions to the outter world.
358         (WebCore::RenderGrid::offsetAndBreadthForPositionedChild):
359         (WebCore::RenderGrid::gridAreaBreadthForChild):
360         (WebCore::RenderGrid::populateGridPositionsForDirection): Added some extra code to compute
361         gaps as they cannot be directly added between tracks in case of having collapsed tracks.
362         (WebCore::RenderGrid::columnAxisOffsetForChild):
363         (WebCore::RenderGrid::rowAxisOffsetForChild):
364         (WebCore::RenderGrid::offsetBetweenTracks): Deleted.
365         * rendering/RenderGrid.h: Made some API private. Added new required methods/attributes.
366
367         * css/CSSComputedStyleDeclaration.cpp:
368         (WebCore::valueForGridTrackList):
369         * rendering/RenderGrid.cpp:
370         (WebCore::RenderGrid::computeTrackBasedLogicalHeight):
371         (WebCore::RenderGrid::computeTrackSizesForDirection):
372         (WebCore::RenderGrid::hasAutoRepeatEmptyTracks):
373         (WebCore::RenderGrid::isEmptyAutoRepeatTrack):
374         (WebCore::RenderGrid::gridGapForDirection):
375         (WebCore::RenderGrid::guttersSize):
376         (WebCore::RenderGrid::computeIntrinsicLogicalWidths):
377         (WebCore::RenderGrid::computeIntrinsicLogicalHeight):
378         (WebCore::RenderGrid::computeUsedBreadthOfGridTracks):
379         (WebCore::RenderGrid::gridTrackSize):
380         (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForItems):
381         (WebCore::RenderGrid::computeAutoRepeatTracksCount):
382         (WebCore::RenderGrid::computeEmptyTracksForAutoRepeat):
383         (WebCore::RenderGrid::placeItemsOnGrid):
384         (WebCore::RenderGrid::trackSizesForComputedStyle):
385         (WebCore::RenderGrid::offsetAndBreadthForPositionedChild):
386         (WebCore::RenderGrid::assumedRowsSizeForOrthogonalChild):
387         (WebCore::RenderGrid::gridAreaBreadthForChild):
388         (WebCore::RenderGrid::populateGridPositionsForDirection):
389         (WebCore::RenderGrid::columnAxisOffsetForChild):
390         (WebCore::RenderGrid::rowAxisOffsetForChild):
391         (WebCore::RenderGrid::offsetBetweenTracks): Deleted.
392         * rendering/RenderGrid.h:
393
394 2016-07-24  Frederic Wang  <fwang@igalia.com>
395
396         Move parsing of display, displaystyle and mathvariant attributes into MathML element classes
397         https://bugs.webkit.org/show_bug.cgi?id=159623
398
399         Reviewed by Brent Fulgham.
400
401         No new tests, already covered by existing tests.
402
403         * mathml/MathMLElement.cpp:
404         (WebCore::MathMLElement::parseMathVariantAttribute): Move helper function to parse the
405         mathvariant attribute.
406         (WebCore::MathMLElement::getSpecifiedDisplayStyle): Helper function to set the displaystyle
407         value from the attribute specified on the MathML element.
408         (WebCore::MathMLElement::getSpecifiedMathVariant): Helper function to set the mathvariant
409         value from the attribute specified on the MathML element.
410         * mathml/MathMLElement.h: Move the enum for mathvariant values and declare new members.
411         (WebCore::MathMLElement::acceptsDisplayStyleAttribute): Indicate whether the element accepts
412         displaystyle attribute (false for most of them).
413         (WebCore::MathMLElement::acceptsMathVariantAttribute): Indicate whether the element accepts
414         mathvariant attribute (false for most of them).
415         * mathml/MathMLInlineContainerElement.cpp:
416         (WebCore::MathMLInlineContainerElement::acceptsDisplayStyleAttribute): Add mstyle and mtable
417         to the list of elements accepting the displaystyle attribute.
418         (WebCore::MathMLInlineContainerElement::acceptsMathVariantAttribute): Add mstyle to the list
419         of elements accepting the mathvariant attribute.
420         (WebCore::MathMLInlineContainerElement::parseAttribute): Mark displaystyle and mathvariant
421         dirty if necessary. Also use the new accepts*Attribute function.
422         * mathml/MathMLInlineContainerElement.h: Declare overridden accepts*Attribute members.
423         * mathml/MathMLMathElement.cpp:
424         (WebCore::MathMLMathElement::getSpecifiedDisplayStyle): Override acceptsDisplayStyleAttribute
425         so that the display attribute is also used to set the default value if the displaystyle
426         attribute is absent.
427         (WebCore::MathMLMathElement::parseAttribute): Mark displaystyle and mathvariant dirty if
428         necessary. We directly MathMLElement::parseAttribute to avoid duplicate work.
429         * mathml/MathMLMathElement.h: Add the math tag to the list of elements accepting the
430         displaystyle and mathvariant attributes. Declare overridden getSpecifiedDisplayStyle.
431         * mathml/MathMLTextElement.cpp:
432         (WebCore::MathMLTextElement::parseAttribute): Mark mathvariant as dirty.
433         * mathml/MathMLTextElement.h: Add token elements to the list of elements accepting the
434         mathvariant attribute.
435         * rendering/mathml/MathMLStyle.cpp:
436         (WebCore::MathMLStyle::updateStyleIfNeeded): Use the new MathMLElement::MathVariant enum.
437         (WebCore::MathMLStyle::resolveMathMLStyle):  We no longer parse the display value to
438         initialize the default value on the math tag, because this is handled in
439         getSpecifiedDisplayStyle. In general, we also just call getSpecifiedDisplayStyle and
440         getSpecifiedMathVariant on the MathML elements instead of parsing the displaystyle and
441         mathvariant attributes here.
442         (WebCore::MathMLStyle::parseMathVariant): Deleted. This is moved into MathMLElement.
443         * rendering/mathml/MathMLStyle.h: Use the new MathMLElement::MathVariant enum.
444         * rendering/mathml/RenderMathMLToken.cpp: Ditto.
445         (WebCore::mathVariant): Ditto.
446         (WebCore::RenderMathMLToken::updateMathVariantGlyph): Ditto.
447
448 2016-07-25  Carlos Garcia Campos  <cgarcia@igalia.com>
449
450         Unreviewed. Remove unneeded header includes from CoordinatedGraphicsLayer.
451
452         Not only thjey are not needed, they are a layer violation, CoordinatedGraphicsLayer shouldn't know anything
453         about Page, Frame and FrameView.
454
455         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
456         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
457
458 2016-07-24  Youenn Fablet  <youenn@apple.com>
459
460         [Fetch API] Request should be created with any HeadersInit data
461         https://bugs.webkit.org/show_bug.cgi?id=159672
462
463         Reviewed by Sam Weinig.
464
465         Made Request use JSBuiltinConstructor.
466         This allows initializing newly created Request with a JS built-in function, initializeFetchRequest.
467         initializeFetchRequest can call @fillFetchHeaders internal built-in to handle any HeadersInit data.
468         Future effort should be made to migrate more initialization code in initializeFetchRequest.
469
470         Made window and worker fetch function as a JS built-in.
471         This becomes more handy as these new functions can construct the Request object.
472         They can then call a single private function that takes a Request object as input.
473         Updated DOMWindowFetch and WorkerGlobalScopeFetch code accordingly.
474
475         To enable this, the binding generator is updated to support runtime-enabled JS built-in functions and
476         private functions atttached to global objects.
477
478         Covered by existing and modified tests.
479         Binding generator test covered by updated binding tests.
480
481         * CMakeLists.txt: Adding DOMWindowFetch.js, FetchRequest.js and WorkerGlobalScopeFetch.js built-in files.
482         * DerivedSources.make: Ditto.
483         * Modules/fetch/DOMWindowFetch.cpp: Removed overloaded fetch and updated according new signature.
484         (WebCore::DOMWindowFetch::fetch):
485         * Modules/fetch/DOMWindowFetch.h: Ditto.
486         * Modules/fetch/DOMWindowFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
487         * Modules/fetch/DOMWindowFetch.js: Added.
488         (fetch):
489         * Modules/fetch/FetchHeaders.h:
490         (WebCore::FetchHeaders::setGuard): Used by FetchRequest when initializing headers.
491         * Modules/fetch/FetchRequest.cpp: 
492         (WebCore::buildHeaders): Removed as implemented in JS.
493         (WebCore::FetchRequest::initializeOptions): Added to handle most of the dictionary initialization.
494         (WebCore::FetchRequest::initializeWith): Method called from built-in constructor function.
495         (WebCore::FetchRequest::setBody): Corresponding to @setBody private method.
496         (WebCore::buildBody): Deleted.
497         * Modules/fetch/FetchRequest.h:
498         * Modules/fetch/FetchRequest.idl:
499         * Modules/fetch/FetchRequest.js: Added.
500         (initializeFetchRequest): Implements fetch Request(input, init) constructor.
501         * Modules/fetch/FetchResponse.cpp:
502         (WebCore::FetchResponse::fetch): Removed the construction of FetchRequest in fetch method since it is done by JS built-in code.
503         * Modules/fetch/FetchResponse.h:
504         * Modules/fetch/WorkerGlobalScopeFetch.cpp: Removed overloaded fetch and updated according new signature.
505         (WebCore::WorkerGlobalScopeFetch::fetch):
506         * Modules/fetch/WorkerGlobalScopeFetch.h: Ditto.
507         * Modules/fetch/WorkerGlobalScopeFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
508         * Modules/fetch/WorkerGlobalScopeFetch.js: Added.
509         (fetch):
510         * bindings/js/WebCoreBuiltinNames.h: Adding fetchRequest, setBody and Request private identifiers.
511         * bindings/scripts/CodeGenerator.pm:
512         (WK_lcfirst): Replacing dOM by dom.
513         * bindings/scripts/CodeGeneratorJS.pm:
514         (GenerateImplementation): Adding support for runtime-enabled built-in methods and private methods.
515         * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
516         (WebCore::JSTestGlobalObject::finishCreation):
517         (WebCore::jsTestGlobalObjectInstanceFunctionTestPrivateFunction):
518         * bindings/scripts/test/ObjC/DOMTestGlobalObject.mm:
519         (-[DOMTestGlobalObject testJSBuiltinFunction]):
520         * bindings/scripts/test/TestGlobalObject.idl: Adding tests for runtime-enabled global built-in methods and private methods.
521
522 2016-07-24  Nan Wang  <n_wang@apple.com>
523
524         AX: Video Controls: Volume cannot be adjusted using VO.
525         https://bugs.webkit.org/show_bug.cgi?id=160107
526
527         Reviewed by Dean Jackson.
528
529         The volume slider in video tag had 0.01 step which caused the screen reader adjusting it slowly.
530         Changed the step to 0.05 and added the aria-valuetext attribute to the slider, so that the value
531         is spoken in percentage. 
532
533         Test: accessibility/mac/video-volume-slider-accessibility.html
534
535         * Modules/mediacontrols/mediaControlsApple.js:
536         (Controller.prototype.createControls):
537         (Controller.prototype.handleVolumeSliderInput):
538         (Controller.prototype.updateVolume):
539
540 2016-07-24  David Kilzer  <ddkilzer@apple.com>
541
542         REGRESSION (r203106): Crash in WebCore::MathMLElement::parseMathMLLength()
543         <https://webkit.org/b/160111>
544         <rdar://problem/27506489>
545
546         Reviewed by Chris Dumez.
547
548         Test: mathml/mpadded-crash.html
549
550         * mathml/MathMLElement.cpp:
551         (WebCore::skipLeadingAndTrailingWhitespace): Change to take
552         StringView parameter instead of String to avoid creating a
553         temporary String that's released on return.
554
555 2016-07-24  Carlos Garcia Campos  <cgarcia@igalia.com>
556
557         [Coordinated Graphics] ASSERTION FAILED: !m_flushingLayers in fast/repaint/animation-after-layer-scroll.html
558         https://bugs.webkit.org/show_bug.cgi?id=160142
559
560         Reviewed by Michael Catanzaro.
561
562         This only happens in layout tests, because it happens when RenderLayerCompositor::layerTreeAsText() is
563         called. The thing is that CoordinatedGraphicsLayer::flushCompositingState() calls notifyFlushRequired() that
564         checks if the coordinator is flusing layers and if not it calls RenderLayerCompositor::notifyFlushRequired() and
565         returns early. This normally works because the coodinator is the one starting the layer flush, so that when
566         RenderLayerCompositor::flushPendingLayerChanges() is called the coordinator is always flusing layers. But
567         RenderLayerCompositor::layerTreeAsText() calls RenderLayerCompositor::flushPendingLayerChanges() directly, so at
568         that moment the coordinator is not flusing layers, what causes that
569         CoordinatedGraphicsLayer::flushCompositingState() ends up calling RenderLayerCompositor::notifyFlushRequired()
570         that schedules a new flush while flusing layers causing the
571         assertion. CoordinatedGraphicsLayer::flushCompositingState() is always called from
572         CompositingCoordinator::flushPendingLayerChanges() or RenderLayerCompositor::flushPendingLayerChanges() so we
573         never need to call RenderLayerCompositor::notifyFlushRequired() from there.
574
575         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
576         (WebCore::CoordinatedGraphicsLayer::notifyFlushRequired): This is void now since the return value is not checked anywhere.
577         (WebCore::CoordinatedGraphicsLayer::flushCompositingState): Remove the call to notifyFlushRequired().
578         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
579
580 2016-07-24  Darin Adler  <darin@apple.com>
581
582         Adding a new WebCore JavaScript built-in source file does not trigger rebuild of WebCoreJSBuiltins*
583         https://bugs.webkit.org/show_bug.cgi?id=160115
584
585         Reviewed by Youenn Fablet.
586
587         * DerivedSources.make: Added a missing dependency so the rule that builds WebCore_BUILTINS_WRAPPERS
588         kicks in when the list of WebCore_BUILTINS_SOURCES is modified. Also added another missing dependency
589         so that changes to the JavaScript built-ins Python scripts will also trigger WebCore_BUILTINS_WRAPPERS.
590
591         * make-generated-sources.sh: Removed. Was unused.
592
593 2016-07-23  Zalan Bujtas  <zalan@apple.com>
594
595         Stop isEmpty() from leaking out of SVG.
596         https://bugs.webkit.org/show_bug.cgi?id=160121
597
598         Reviewed by Simon Fraser.
599
600         It's unclear what isEmpty() actually means and it doesn't bring any value to Render* classes.
601
602         No change in functionality.
603
604         * editing/CompositeEditCommand.cpp:
605         (WebCore::CompositeEditCommand::addBlockPlaceholderIfNeeded):
606         * rendering/RenderElement.h:
607         * rendering/RenderListItem.cpp:
608         (WebCore::RenderListItem::isEmpty): Deleted.
609         * rendering/RenderListItem.h:
610         * rendering/RenderObject.h:
611         (WebCore::RenderObject::isEmpty): Deleted.
612         * rendering/RenderRubyRun.cpp:
613         (WebCore::RenderRubyRun::removeChild):
614         (WebCore::RenderRubyRun::isEmpty): Deleted.
615         * rendering/RenderRubyRun.h:
616         * rendering/mathml/RenderMathMLFenced.cpp:
617         (WebCore::RenderMathMLFenced::updateFromElement):
618         (WebCore::RenderMathMLFenced::addChild):
619         * rendering/mathml/RenderMathMLRoot.cpp:
620         (WebCore::RenderMathMLRoot::paint):
621         * rendering/svg/RenderSVGShape.h:
622
623 2016-07-23  Zalan Bujtas  <zalan@apple.com>
624
625         table*BorderAdjoiningCell and borderAdjoiningCell* should take reference instead of RenderTableCell*.
626         https://bugs.webkit.org/show_bug.cgi?id=160123
627
628         Reviewed by Simon Fraser.
629
630         No change in functionality.
631
632         * rendering/RenderTable.cpp:
633         (WebCore::RenderTable::tableStartBorderAdjoiningCell):
634         (WebCore::RenderTable::tableEndBorderAdjoiningCell):
635         * rendering/RenderTable.h:
636         * rendering/RenderTableCell.cpp:
637         (WebCore::RenderTableCell::computeCollapsedStartBorder):
638         (WebCore::RenderTableCell::computeCollapsedEndBorder):
639         * rendering/RenderTableCell.h:
640         (WebCore::RenderTableCell::borderAdjoiningCellBefore):
641         (WebCore::RenderTableCell::borderAdjoiningCellAfter):
642         * rendering/RenderTableCol.cpp:
643         (WebCore::RenderTableCol::borderAdjoiningCellStartBorder):
644         (WebCore::RenderTableCol::borderAdjoiningCellEndBorder):
645         (WebCore::RenderTableCol::borderAdjoiningCellBefore):
646         (WebCore::RenderTableCol::borderAdjoiningCellAfter):
647         * rendering/RenderTableCol.h:
648         * rendering/RenderTableRow.cpp:
649         (WebCore::RenderTableRow::borderAdjoiningStartCell):
650         (WebCore::RenderTableRow::borderAdjoiningEndCell):
651         * rendering/RenderTableRow.h:
652         * rendering/RenderTableSection.cpp:
653         (WebCore::RenderTableSection::borderAdjoiningStartCell):
654         (WebCore::RenderTableSection::borderAdjoiningEndCell):
655         * rendering/RenderTableSection.h:
656
657 2016-07-23  Zalan Bujtas  <zalan@apple.com>
658
659         Remove unused enum and stale comment from RenderObject.
660         https://bugs.webkit.org/show_bug.cgi?id=160122
661
662         Reviewed by Simon Fraser.
663
664         No change in functionality.
665
666         * rendering/RenderBox.h:
667
668 2016-07-23  Carlos Garcia Campos  <cgarcia@igalia.com>
669
670         [Coordinated Graphics] Lots of flaky tests
671         https://bugs.webkit.org/show_bug.cgi?id=160118
672
673         Reviewed by Michael Catanzaro.
674
675         Since the GTK+ ported to threaded compositor (coordinated graphics) there are a lot of flaky tests in the
676         bots. In manu of the cases the diff shows a different size in the FrameView layer.
677
678         This happens for tests run in the same WTR after fast/fixed-layout/fixed-layout.html. This is what happens:
679
680          1.- Test fast/fixed-layout/fixed-layout.html runs and sets fixed layout to true and fixed layout size to 400x400
681          2.- When it finishes TestController::resetStateToConsistentValues() is called.
682          3.- Blank URL is loaded after state has been updated
683          4.- Then Reset message is handled in the web process and Internals::resetToConsistentState() resets the fixed
684              layout state and size.
685          5.- onresize happens and the handler set in fast/fixed-layout/fixed-layout.html is invoked setting the fixed
686              layout to true and size to 400x400 again.
687          6.- about_blank is then loaded with the fixed layout enabled, as well as other tests after this one.
688
689         In addition to this, coordinated graphics uses a fixedVisibleContentRect in ScrollView that is never reset.
690
691         * platform/ScrollView.cpp:
692         (WebCore::ScrollView::unscaledVisibleContentSizeIncludingObscuredArea): Only use m_fixedVisibleContentRect when
693         fixed layout is enabled.
694         (WebCore::ScrollView::unscaledUnobscuredVisibleContentSize): Ditto.
695         (WebCore::ScrollView::visibleContentRectInternal): Ditto.
696         * testing/Internals.cpp:
697         (WebCore::Internals::resetToConsistentState): Reset also the m_fixedVisibleContentRect.
698
699 2016-07-23  Carlos Garcia Campos  <cgarcia@igalia.com>
700
701         [Coordinated Graphics] Test imported/blink/svg/custom/svg-image-layers-crash.html crashes
702         https://bugs.webkit.org/show_bug.cgi?id=160078
703
704         Reviewed by Michael Catanzaro.
705
706         This is a merge of Blink r155373.
707         https://chromiumcodereview.appspot.com/20789004
708
709         Disable accelerated compositing for SVGImage content layers. SVGImageChromeClient does not support it.
710
711         Fixes imported/blink/svg/custom/svg-image-layers-crash.html.
712
713         * svg/graphics/SVGImage.cpp:
714         (WebCore::SVGImage::dataChanged):
715
716 2016-07-23  Commit Queue  <commit-queue@webkit.org>
717
718         Unreviewed, rolling out r203641.
719         https://bugs.webkit.org/show_bug.cgi?id=160116
720
721         It broke make-based builds (Requested by youenn on #webkit).
722
723         Reverted changeset:
724
725         "[Fetch API] Request should be created with any HeadersInit
726         data"
727         https://bugs.webkit.org/show_bug.cgi?id=159672
728         http://trac.webkit.org/changeset/203641
729
730 2016-07-23  Youenn Fablet  <youenn@apple.com>
731
732         [Fetch API] Request should be created with any HeadersInit data
733         https://bugs.webkit.org/show_bug.cgi?id=159672
734
735         Reviewed by Sam Weinig.
736
737         Made Request use JSBuiltinConstructor.
738         This allows initializing newly created Request with a JS built-in function, initializeFetchRequest.
739         initializeFetchRequest can call @fillFetchHeaders internal built-in to handle any HeadersInit data.
740         Future effort should be made to migrate more initialization code in initializeFetchRequest.
741
742         Made window and worker fetch function as a JS built-in.
743         This becomes more handy as these new functions can construct the Request object.
744         They can then call a single private function that takes a Request object as input.
745         Updated DOMWindowFetch and WorkerGlobalScopeFetch code accordingly.
746
747         To enable this, the binding generator is updated to support runtime-enabled JS built-in functions and
748         private functions atttached to global objects.
749
750         Covered by existing and modified tests.
751         Binding generator test covered by updated binding tests.
752
753         * CMakeLists.txt: Adding DOMWindowFetch.js, FetchRequest.js and WorkerGlobalScopeFetch.js built-in files.
754         * DerivedSources.make: Ditto.
755         * Modules/fetch/DOMWindowFetch.cpp: Removed overloaded fetch and updated according new signature.
756         (WebCore::DOMWindowFetch::fetch):
757         * Modules/fetch/DOMWindowFetch.h: Ditto.
758         * Modules/fetch/DOMWindowFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
759         * Modules/fetch/DOMWindowFetch.js: Added.
760         (fetch):
761         * Modules/fetch/FetchHeaders.h:
762         (WebCore::FetchHeaders::setGuard): Used by FetchRequest when initializing headers.
763         * Modules/fetch/FetchRequest.cpp: 
764         (WebCore::buildHeaders): Removed as implemented in JS.
765         (WebCore::FetchRequest::initializeOptions): Added to handle most of the dictionary initialization.
766         (WebCore::FetchRequest::initializeWith): Method called from built-in constructor function.
767         (WebCore::FetchRequest::setBody): Corresponding to @setBody private method.
768         (WebCore::buildBody): Deleted.
769         * Modules/fetch/FetchRequest.h:
770         * Modules/fetch/FetchRequest.idl:
771         * Modules/fetch/FetchRequest.js: Added.
772         (initializeFetchRequest): Implements fetch Request(input, init) constructor.
773         * Modules/fetch/FetchResponse.cpp:
774         (WebCore::FetchResponse::fetch): Removed the construction of FetchRequest in fetch method since it is done by JS built-in code.
775         * Modules/fetch/FetchResponse.h:
776         * Modules/fetch/WorkerGlobalScopeFetch.cpp: Removed overloaded fetch and updated according new signature.
777         (WebCore::WorkerGlobalScopeFetch::fetch):
778         * Modules/fetch/WorkerGlobalScopeFetch.h: Ditto.
779         * Modules/fetch/WorkerGlobalScopeFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
780         * Modules/fetch/WorkerGlobalScopeFetch.js: Added.
781         (fetch):
782         * bindings/js/WebCoreBuiltinNames.h: Adding fetchRequest, setBody and Request private identifiers.
783         * bindings/scripts/CodeGenerator.pm:
784         (WK_lcfirst): Replacing dOM by dom.
785         * bindings/scripts/CodeGeneratorJS.pm:
786         (GenerateImplementation): Adding support for runtime-enabled built-in methods and private methods.
787         * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
788         (WebCore::JSTestGlobalObject::finishCreation):
789         (WebCore::jsTestGlobalObjectInstanceFunctionTestPrivateFunction):
790         * bindings/scripts/test/ObjC/DOMTestGlobalObject.mm:
791         (-[DOMTestGlobalObject testJSBuiltinFunction]):
792         * bindings/scripts/test/TestGlobalObject.idl: Adding tests for runtime-enabled global built-in methods and private methods.
793
794 2016-07-23  Frederic Wang  <fwang@igalia.com>
795
796         Reset font-style on the <math> element
797         https://bugs.webkit.org/show_bug.cgi?id=160074
798
799         Reviewed by Darin Adler.
800
801         Mathematical formulas with italic font-style render poorly (slanted operators, mathvariant
802         italic etc). We align on Gecko and make the user agent stylesheet reset the font-style to
803         'normal' by default. This addresses the concrete use case of formula inside theorem or
804         proposition statements, which are often written in italic.
805
806         Test: mathml/presentation/math-font-style.html
807
808         * css/mathml.css:
809         (math): Reset the font-style to normal.
810
811 2016-07-23  Frederic Wang  <fwang@igalia.com>
812
813         [MathML] PaintInfo state is not properly restored after applyTransform.
814         https://bugs.webkit.org/show_bug.cgi?id=160077
815
816         Reviewed by Simon Fraser.
817
818         PaintInfo::applyTransform modifies PaintInfo::rect and the original state is not properly
819         restored by GraphicsContextStateSaver. To avoid some weird rendering bugs in MathOperator
820         and RenderMathMLMenclose, we follow what is done in SVG renderers and make a copy of the
821         original PaintInfo before applying the transform.
822
823         Test: mathml/presentation/bug160077.html
824
825         * rendering/mathml/MathOperator.cpp:
826         (WebCore::MathOperator::paint):
827         * rendering/mathml/RenderMathMLMenclose.cpp:
828         (WebCore::RenderMathMLMenclose::paint):
829
830 2016-07-23  Youenn Fablet  <youenn@apple.com>
831
832         [Fetch API] Fetch response stream should enqueue Uint8Array
833         https://bugs.webkit.org/show_bug.cgi?id=160083
834
835         Reviewed by Sam Weinig.
836
837         Covered by updated tests.
838
839         Before enqueuing, ReadableStreamController::enqueue will convert ArrayBuffer as Uint8Array.
840         It also returns a boolean whether the operation is successful or not.
841
842         If returned value is false, calling code will stop loading or if everything is loaded it will refrain from closing the stream.
843         The enqueuing should be succesful except in OutOfMemory cases. This case is not yet handled in test cases.
844
845         Updated the code to remove templated enqueuing as Fetch has no use of it.
846
847         * Modules/fetch/FetchBody.cpp:
848         (WebCore::FetchBody::consumeAsStream): Do not close the stream if enqueuing failed.
849         * Modules/fetch/FetchBodyOwner.cpp:
850         (WebCore::FetchBodyOwner::blobChunk): Stop blob loading if enqueuing failed.
851         * Modules/fetch/FetchResponse.cpp:
852         (WebCore::FetchResponse::BodyLoader::didReceiveData): Stop resource loading if enqueuing failed.
853         (WebCore::FetchResponse::consumeBodyAsStream): Ditto.
854         * Modules/fetch/FetchResponseSource.h:
855         * bindings/js/ReadableStreamController.h:
856         (WebCore::ReadableStreamController::enqueue):
857         (WebCore::ReadableStreamController::enqueue<RefPtr<JSC::ArrayBuffer>>): Deleted.
858
859 2016-07-22  Youenn Fablet  <youenn@apple.com>
860
861         Use a private property to implement FetchResponse.body getter
862         https://bugs.webkit.org/show_bug.cgi?id=159808
863
864         Reviewed by Sam Weinig.
865
866         Covered by existing test sets.
867
868         Previously, body was handled as a CachedAttribute.
869         Using a private property will allow direct use of this property from JS built-ins which will allow easier
870         handling of ReadableStream cloning in Response.clone.
871         Also, this allows removing some binding custom code.
872
873         Updated redirect and error static methods to take NewObject keyword, as this removes a search into cached wrappers.
874         Ditto for createReadableStreamSource.
875
876         * CMakeLists.txt: Removing JSFetchResponseCustom.cpp.
877         * Modules/fetch/FetchResponse.idl: Adding createReadableStreamSource and isDisturbed private functions.
878         Making body getter a JSBuiltin.
879         * Modules/fetch/FetchResponse.js:
880         (body): Adding getter which will call createReadableStreamSource if needed.
881         * WebCore.xcodeproj/project.pbxproj: Removing JSFetchResponseCustom.cpp.
882         * bindings/js/JSFetchResponseCustom.cpp: Removed.
883         * bindings/js/ReadableStreamController.cpp:
884         (WebCore::createReadableStream): Deleted.
885         (WebCore::getReadableStreamReader): Deleted.
886         * bindings/js/ReadableStreamController.h: Removing unneeded ReadableStream helper routine now that they can be
887         handled within JS built-in code.
888         * bindings/js/WebCoreBuiltinNames.h: Adding @createReadableStreamSource, @isDisturbed  and @Response identifiers.
889
890 2016-07-22  Zalan Bujtas  <zalan@apple.com>
891
892         Handle cases when IOSurface initialization fails.
893         https://bugs.webkit.org/show_bug.cgi?id=160006
894         <rdar://problem/27495102>
895
896         Reviewed by Tim Horton and Simon Fraser.
897
898         This is an additional fix to r203514 to check if IOSurface initialization was successful.
899
900         Unable to test.
901
902         * platform/graphics/cg/ImageBufferCG.cpp:
903         (WebCore::ImageBuffer::ImageBuffer):
904         * platform/graphics/cocoa/IOSurface.h: Merge 2 c'tors.
905         * platform/graphics/cocoa/IOSurface.mm: Remove redundant IOSurface::create() code.  
906         (WebCore::IOSurface::create):
907         (WebCore::IOSurface::createFromImage):
908         (WebCore::IOSurface::IOSurface):
909         (WebCore::IOSurface::convertToFormat):
910
911 2016-07-22  Wenson Hsieh  <wenson_hsieh@apple.com>
912
913         Media controls should be displayed for media in media documents
914         https://bugs.webkit.org/show_bug.cgi?id=160104
915         <rdar://problem/27438936>
916
917         Reviewed by Myles C. Maxfield.
918
919         Make videos that would otherwise not have been large enough or have the right
920         aspect ratio cause media controls to appear. This is because media elements in
921         a media document are implied to be main content.
922
923         Added a new API test.
924
925         * html/MediaElementSession.cpp:
926         (WebCore::MediaElementSession::canControlControlsManager):
927
928 2016-07-22  Myles C. Maxfield  <mmaxfield@apple.com>
929
930         All dancers with bunny ears are female
931         https://bugs.webkit.org/show_bug.cgi?id=160102
932         <rdar://problem/27453479>
933
934         Reviewed by Simon Fraser.
935
936         In r203330 I added support for new emoji group candidates. I accidentally
937         missed one of the new emoji code points.
938
939         Tests: editing/deleting/delete-emoji.html:
940                fast/text/emoji-gender-2-9.html:
941                fast/text/emoji-gender-9.html:
942                fast/text/emoji-gender-fe0f-9.html:
943
944         * platform/text/CharacterProperties.h:
945         (WebCore::isEmojiGroupCandidate):
946
947 2016-07-22  Chris Dumez  <cdumez@apple.com>
948
949         Parameter to HTMLCollection.item() / namedItem() should be mandatory
950         https://bugs.webkit.org/show_bug.cgi?id=160099
951
952         Reviewed by Sam Weinig.
953
954         Parameter to HTMLCollection.item() / namedItem() should be mandatory:
955         - https://dom.spec.whatwg.org/#interface-htmlcollection
956         - https://html.spec.whatwg.org/multipage/infrastructure.html#htmlformcontrolscollection
957         - https://html.spec.whatwg.org/multipage/infrastructure.html#the-htmloptionscollection-interface
958
959         Firefox and Chrome agree with the specification.
960
961         No new tests, rebaselined existing tests.
962
963         * bindings/js/JSHTMLFormControlsCollectionCustom.cpp:
964         (WebCore::JSHTMLFormControlsCollection::namedItem):
965         * html/HTMLCollection.idl:
966         * html/HTMLFormControlsCollection.idl:
967         * html/HTMLOptionsCollection.idl:
968
969 2016-07-22  Chris Dumez  <cdumez@apple.com>
970
971         First parameter to Window.getComputedStyle() should be mandatory and non-nullable
972         https://bugs.webkit.org/show_bug.cgi?id=160097
973
974         Reviewed by Ryosuke Niwa.
975
976         First parameter to Window.getComputedStyle() should be mandatory and
977         non-nullable:
978         - https://drafts.csswg.org/cssom/#extensions-to-the-window-interface
979
980         Firefox and Chrome agree with the specification.
981
982         Test: fast/dom/Window/getComputedStyle-missing-parameter.html
983
984         * css/CSSComputedStyleDeclaration.cpp:
985         (WebCore::ComputedStyleExtractor::ComputedStyleExtractor):
986         (WebCore::CSSComputedStyleDeclaration::CSSComputedStyleDeclaration):
987         (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
988         (WebCore::CSSComputedStyleDeclaration::copyProperties):
989         (WebCore::CSSComputedStyleDeclaration::length):
990         (WebCore::CSSComputedStyleDeclaration::item):
991         (WebCore::CSSComputedStyleDeclaration::getPropertyValue):
992         * css/CSSComputedStyleDeclaration.h:
993         * dom/Document.idl:
994         * inspector/InspectorCSSAgent.cpp:
995         (WebCore::InspectorCSSAgent::getComputedStyleForNode):
996         * page/DOMWindow.cpp:
997         (WebCore::DOMWindow::getComputedStyle):
998         * page/DOMWindow.h:
999         * page/DOMWindow.idl:
1000         * testing/Internals.cpp:
1001         (WebCore::Internals::computedStyleIncludingVisitedInfo):
1002         * testing/Internals.h:
1003         * testing/Internals.idl:
1004
1005 2016-07-22  Brady Eidson  <beidson@apple.com>
1006
1007         Removing IndexedDatabases that have stored blobs doesn't remove the blob files.
1008         https://bugs.webkit.org/show_bug.cgi?id=160089
1009
1010         Reviewed by Darin Adler.
1011
1012         Tested by API test IndexedDB.StoreBlobThenDelete.
1013
1014         Blob filenames exist in the IDB directory with the name "[0-9]+.blob".
1015         
1016         That is, one or more digits, followed by ".blob".
1017         
1018         So when we delete an IndexedDB.sqlite3 and related files, we should delete those blob files as well.
1019         
1020         * Modules/indexeddb/server/IDBServer.cpp:
1021         (WebCore::IDBServer::removeAllDatabasesForOriginPath):
1022
1023 2016-07-22  Chris Dumez  <cdumez@apple.com>
1024
1025         Fix default parameter values for window.alert() / prompt() / confirm()
1026         https://bugs.webkit.org/show_bug.cgi?id=160085
1027
1028         Reviewed by Ryosuke Niwa.
1029
1030         Fix default parameter values for window.alert() / prompt() / confirm() to
1031         match the specification:
1032         - https://html.spec.whatwg.org/multipage/browsers.html#the-window-object
1033
1034         They should default to the empty string, not the string "undefined".
1035
1036         Firefox and chrome agree with the specification.
1037
1038         No new tests, updated existing test.
1039
1040         * page/DOMWindow.h:
1041         * page/DOMWindow.idl:
1042
1043 2016-07-22  Daniel Bates  <dabates@apple.com>
1044
1045         CSP: object-src and plugin-types directives are not respected for plugin replacements
1046         https://bugs.webkit.org/show_bug.cgi?id=159761
1047         <rdar://problem/27365724>
1048
1049         Reviewed by Brent Fulgham.
1050
1051         Apply the Content Security Policy (CSP) object-src and plugin-types directives to content that will
1052         load with a plugin replacement.
1053
1054         Tests: security/contentSecurityPolicy/object-src-none-blocks-quicktime-plugin-replacement.html
1055                security/contentSecurityPolicy/object-src-none-blocks-youtube-plugin-replacement.html
1056                security/contentSecurityPolicy/plugins-types-allows-quicktime-plugin-replacement.html
1057                security/contentSecurityPolicy/plugins-types-allows-youtube-plugin-replacement.html
1058                security/contentSecurityPolicy/plugins-types-blocks-quicktime-plugin-replacement-without-mime-type.html
1059                security/contentSecurityPolicy/plugins-types-blocks-quicktime-plugin-replacement.html
1060                security/contentSecurityPolicy/plugins-types-blocks-youtube-plugin-replacement-without-mime-type.html
1061                security/contentSecurityPolicy/plugins-types-blocks-youtube-plugin-replacement.html
1062
1063         * html/HTMLPlugInImageElement.cpp:
1064         (WebCore::HTMLPlugInImageElement::allowedToLoadPluginContent): Added.
1065         (WebCore::HTMLPlugInImageElement::requestObject): Only request loading plugin content if we
1066         are allowed to load such content.
1067         * html/HTMLPlugInImageElement.h:
1068         * loader/SubframeLoader.cpp:
1069         (WebCore::SubframeLoader::pluginIsLoadable): Removed code to check CSP as we will check CSP
1070         earlier in HTMLPlugInImageElement::requestObject().
1071         (WebCore::SubframeLoader::requestPlugin): Ditto.
1072         (WebCore::SubframeLoader::isPluginContentAllowedByContentSecurityPolicy): Deleted; moved implementation
1073         to HTMLPlugInImageElement::allowedToLoadPluginContent().
1074         (WebCore::SubframeLoader::requestObject): Deleted.
1075         * loader/SubframeLoader.h:
1076         * page/csp/ContentSecurityPolicy.cpp:
1077         (WebCore::ContentSecurityPolicy::upgradeInsecureRequestIfNeeded): Changed signature from a non-const
1078         function to a const function since these functions do not modify |this|.
1079         * page/csp/ContentSecurityPolicy.h: 
1080
1081 2016-07-22  Chris Dumez  <cdumez@apple.com>
1082
1083         Parameters to Node.replaceChild() / insertBefore() should be mandatory
1084         https://bugs.webkit.org/show_bug.cgi?id=160091
1085
1086         Reviewed by Darin Adler.
1087
1088         Parameters to Node.replaceChild() / insertBefore() should be mandatory:
1089         - https://dom.spec.whatwg.org/#node
1090
1091         The compatibility risk should be low since Firefox and Chrome both agree
1092         with the specification and because it does not make much sense to omit
1093         parameters when using this API.
1094
1095         No new tests, rebaselined existing tests.
1096
1097         * bindings/js/JSNodeCustom.cpp:
1098         (WebCore::JSNode::insertBefore):
1099         (WebCore::JSNode::replaceChild):
1100
1101 2016-07-22  Chris Dumez  <cdumez@apple.com>
1102
1103         Parameter to Node.contains() should be mandatory
1104         https://bugs.webkit.org/show_bug.cgi?id=160084
1105
1106         Reviewed by Darin Adler.
1107
1108         Parameter to Node.contains() should be mandatory as per the
1109         specification:
1110         - https://dom.spec.whatwg.org/#node
1111
1112         The compatibility risk should be low because both Firefox and Chrome
1113         both agree with the specification. Also, it does not make much sense
1114         to call this API without parameter.
1115
1116         No new tests, rebaselined existing tests.
1117
1118         * dom/Node.idl:
1119
1120 2016-07-22  Said Abou-Hallawa  <sabouhallawa@apple.com>
1121
1122         [iOS] REGRESSION(203378): PDFDocumentImage::updateCachedImageIfNeeded() uses the unscaled size when deciding whether to cache the PDF image
1123         https://bugs.webkit.org/show_bug.cgi?id=159933
1124
1125         Reviewed by Simon Fraser.
1126
1127         We need to use the scaled size when deciding whether to cache the PDF image
1128         or not. This is because ImageBuffer takes the display resolution into account
1129         which gives higher resolution for the image when zooming.
1130
1131         * platform/graphics/cg/PDFDocumentImage.cpp:
1132         (WebCore::PDFDocumentImage::updateCachedImageIfNeeded):
1133
1134 2016-07-22  Chris Dumez  <cdumez@apple.com>
1135
1136         First parameter to getElementById() should be mandatory
1137         https://bugs.webkit.org/show_bug.cgi?id=160087
1138
1139         Reviewed by Darin Adler.
1140
1141         First parameter to getElementById() should be mandatory:
1142         - https://dom.spec.whatwg.org/#nonelementparentnode
1143         - https://www.w3.org/TR/SVG/struct.html#InterfaceSVGSVGElement
1144
1145         Both Firefox and Chrome agree with the specification.
1146
1147         Test: svg/dom/SVGSVGElement-getElementById.html
1148
1149         * dom/NonElementParentNode.idl:
1150         * svg/SVGSVGElement.idl:
1151
1152 2016-07-22  Chris Dumez  <cdumez@apple.com>
1153
1154         Parameter to Node.lookupPrefix() / lookupNamespaceURI() / isDefaultNamespace() should be mandatory
1155         https://bugs.webkit.org/show_bug.cgi?id=160086
1156
1157         Reviewed by Darin Adler.
1158
1159         Parameter to Node.lookupPrefix() / lookupNamespaceURI() / isDefaultNamespace()
1160         should be mandatory:
1161         - https://dom.spec.whatwg.org/#node
1162
1163         Firefox and Chrome both agree with the specification.
1164
1165         No new tests, rebaselined existing tests.
1166
1167         * dom/Node.idl:
1168
1169 2016-07-22  Chris Dumez  <cdumez@apple.com>
1170
1171         Parameter to Node.compareDocumentPosition() should be mandatory and non-nullable
1172         https://bugs.webkit.org/show_bug.cgi?id=160071
1173
1174         Reviewed by Ryosuke Niwa.
1175
1176         
1177         Parameter to Node.compareDocumentPosition() should be mandatory and
1178         non-nullable:
1179         - https://dom.spec.whatwg.org/#interface-node
1180
1181         Firefox and Chrome agree with the specification so the compatibility
1182         risk should be low. Also, it does not make much sense to call this
1183         operation without parameter.
1184
1185         No new tests, rebaselined existing tests.
1186
1187         * accessibility/AccessibilityObject.cpp:
1188         (WebCore::rangeClosestToRange):
1189         * dom/AuthorStyleSheets.cpp:
1190         (WebCore::AuthorStyleSheets::addStyleSheetCandidateNode):
1191         * dom/Node.cpp:
1192         (WebCore::compareDetachedElementsPosition):
1193         (WebCore::Node::compareDocumentPosition):
1194         * dom/Node.h:
1195         * dom/Node.idl:
1196         * dom/Position.h:
1197         (WebCore::operator<):
1198         * html/HTMLFormElement.cpp:
1199         (WebCore::HTMLFormElement::formElementIndexWithFormAttribute):
1200         (WebCore::HTMLFormElement::formElementIndex):
1201         * rendering/RenderNamedFlowThread.cpp:
1202         (WebCore::RenderNamedFlowThread::nextRendererForElement):
1203         (WebCore::compareRenderNamedFlowFragments):
1204         (WebCore::RenderNamedFlowThread::registerNamedFlowContentElement):
1205
1206 2016-07-22  Konstantin Tokarev  <annulen@yandex.ru>
1207
1208         [cmake] Removed obsolete plugins/win directory
1209         https://bugs.webkit.org/show_bug.cgi?id=160081
1210
1211         Reviewed by Per Arne Vollan.
1212
1213         It was removed in r178219.
1214
1215         No new tests needed.
1216
1217         * PlatformWin.cmake:
1218
1219 2016-07-22  Youenn Fablet  <youenn@apple.com>
1220
1221         run-builtins-generator-tests should be able to test WebCore builtins wrapper with more than one file
1222         https://bugs.webkit.org/show_bug.cgi?id=159921
1223
1224         Reviewed by Brian Burg.
1225
1226         Covered by existing and added built-ins tests.
1227
1228         Updating built system according ---wrappers-only new meaning.
1229         builtin generator is now called for each individual built-in file plus once for WebCore wrapper files.
1230         WebCore wrapper files allow handling things like conditionally guarded features.
1231         They also remove the need to use built-ins macros outside generated code.
1232
1233         * CMakeLists.txt:
1234         * DerivedSources.make:
1235
1236 2016-07-21  Frederic Wang  <fwang@igalia.com>
1237
1238         Move parsing of accentunder and accent attributes from renderer to element classes
1239         https://bugs.webkit.org/show_bug.cgi?id=159625
1240
1241         Reviewed by Brent Fulgham.
1242
1243         We introduce a new MathMLUnderOverElement that is used for elements munder, mover and
1244         munderover in order to create RenderMathMLUnderOver and parse and expose the values of the
1245         accent and accentunder attributes. This is one more step toward moving MathML attribute
1246         parsing to the DOM (bug 156536). We also do minor clean-up for this and previous renderer
1247         classes that no longer do attribute parsing: the MathMLNames namespace is no longer necessary
1248         and constructors can take a more accurate element type.
1249
1250         No new tests, already covered by existing test.
1251
1252         * CMakeLists.txt: Add MathMLUnderOverElement files.
1253         * WebCore.xcodeproj/project.pbxproj: Ditto.
1254         * mathml/MathMLAllInOne.cpp: Ditto.
1255         * mathml/MathMLElement.cpp:
1256         (WebCore::MathMLElement::cachedBooleanAttribute): Add parsing of boolean attributes.
1257         * mathml/MathMLElement.h: New type and helper functions for boolean attributes.
1258         * mathml/MathMLInlineContainerElement.cpp:
1259         (WebCore::MathMLInlineContainerElement::createElementRenderer): Remove handling of
1260         under/over/underover elements.
1261         * mathml/MathMLScriptsElement.cpp:
1262         (WebCore::MathMLScriptsElement::MathMLScriptsElement): Remove inline keyword to avoid link
1263         errors now that MathMLUnderOverElement overrides that class.
1264         * mathml/MathMLScriptsElement.h: Allow MathMLUnderOverElement to override this class.
1265         * mathml/MathMLUnderOverElement.cpp:
1266         (WebCore::MathMLUnderOverElement::MathMLUnderOverElement):
1267         (WebCore::MathMLUnderOverElement::create):
1268         (WebCore::MathMLUnderOverElement::accent): Helper function to access the accent value.
1269         (WebCore::MathMLUnderOverElement::accentUnder): Helper function to access the accentunder value.
1270         (WebCore::MathMLUnderOverElement::parseAttribute): Make accent and accentunder dirty.
1271         (WebCore::MathMLUnderOverElement::createElementRenderer): Create RenderMathMLUnderOver
1272         * mathml/MathMLUnderOverElement.h:
1273         * mathml/mathtags.in: Map under/over/underover to MathMLUnderOverElement.
1274         * rendering/mathml/RenderMathMLFraction.cpp: Remove MathMLNames and make the constructor
1275         take a MathMLFractionElement.
1276         (WebCore::RenderMathMLFraction::RenderMathMLFraction):
1277         * rendering/mathml/RenderMathMLFraction.h:
1278         * rendering/mathml/RenderMathMLPadded.cpp: Remove MathMLNames and make the constructor
1279         take a MathMLPaddedElement.
1280         (WebCore::RenderMathMLPadded::RenderMathMLPadded):
1281         * rendering/mathml/RenderMathMLPadded.h:
1282         * rendering/mathml/RenderMathMLScripts.cpp: Remove MathMLNames and make the constructor
1283         take a MathMLScriptsElement. Also rename scriptsElement() to element().
1284         (WebCore::RenderMathMLScripts::RenderMathMLScripts):
1285         (WebCore::RenderMathMLScripts::element):
1286         (WebCore::RenderMathMLScripts::getScriptMetricsAndLayoutIfNeeded):
1287         (WebCore::RenderMathMLScripts::scriptsElement): Deleted.
1288         * rendering/mathml/RenderMathMLScripts.h:
1289         * rendering/mathml/RenderMathMLUnderOver.cpp: Remove MathMLNames and make the constructor
1290         take a RenderMathMLUnderOver.
1291         (WebCore::RenderMathMLUnderOver::RenderMathMLUnderOver):
1292         (WebCore::RenderMathMLUnderOver::element):
1293         (WebCore::RenderMathMLUnderOver::hasAccent): Use the helper functions for accent and accentunder.
1294         * rendering/mathml/RenderMathMLUnderOver.h:
1295
1296 2016-07-21  Chris Dumez  <cdumez@apple.com>
1297
1298         Parameter to Node.isSameNode() / isEqualNode() should be mandatory
1299         https://bugs.webkit.org/show_bug.cgi?id=160070
1300
1301         Reviewed by Ryosuke Niwa.
1302
1303         Parameter to Node.isSameNode() / isEqualNode() should be mandatory as
1304         per the specification:
1305         - https://dom.spec.whatwg.org/#interface-node
1306
1307         Chrome and Firefox agree with the specification (although Firefox does
1308         not support isSameNode()).
1309
1310         No new tests, rebaselined existing tests.
1311
1312         * dom/Node.idl:
1313
1314 2016-07-21  Chris Dumez  <cdumez@apple.com>
1315
1316         Parameter to Document.createEvent() should be mandatory
1317         https://bugs.webkit.org/show_bug.cgi?id=160065
1318
1319         Reviewed by Darin Adler.
1320
1321         Parameter to Document.createEvent() should be mandatory as per the
1322         specification:
1323         - https://dom.spec.whatwg.org/#document
1324
1325         We already throw anyway when the parameter is omitted because we use
1326         "undefined" as event type, which is invalid. However, we throw the
1327         wrong exception.
1328
1329         Firefox and Chrome agree with the specification here.
1330
1331         No new tests, rebaselined existing tests.
1332
1333         * dom/Document.idl:
1334
1335 2016-07-21  Brian Burg  <bburg@apple.com>
1336
1337         REGRESSION(r62549): Objective-C DOM bindings sometimes fail to regenerate when CodeGenerator.pm is modified
1338         https://bugs.webkit.org/show_bug.cgi?id=160031
1339
1340         Reviewed by Darin Adler.
1341
1342         This bug was caused by a refactoring 6 years ago. Not all uses of a variable
1343         were renamed, so the ObjC bindings target pattern was not specifying any
1344         build scripts as target dependencies.
1345
1346         * DerivedSources.make: Standardize on {COMMON,JS,DOM}_BINDINGS_SCRIPTS.
1347
1348 2016-07-21  Darin Adler  <darin@apple.com>
1349
1350         Remove unneeded content attribute name "playsinline"
1351         https://bugs.webkit.org/show_bug.cgi?id=160069
1352
1353         Reviewed by Chris Dumez.
1354
1355         * html/HTMLVideoElement.idl: Removed explicit content attribute name on Reflect
1356         attribute since it is the same as the name that the code generator will generate.
1357
1358 2016-07-21  Chris Dumez  <cdumez@apple.com>
1359
1360         Make parameters to Element.getElementsBy*() operations mandatory
1361         https://bugs.webkit.org/show_bug.cgi?id=160060
1362
1363         Reviewed by Darin Adler.
1364
1365         Make parameters to Element.getElementsBy*() operations mandatory to
1366         match the specification:
1367         - https://dom.spec.whatwg.org/#interface-element
1368
1369         Firefox and Chrome agree with the specification so the compatibility
1370         risk should be low.
1371
1372         It makes very little sense to call these operations without parameter,
1373         especially considering WebKit uses the string "undefined" if the
1374         parameter is omitted.
1375
1376         No new tests, rebaselined existing tests.
1377
1378         * dom/Element.idl:
1379
1380 2016-07-21  Chris Dumez  <cdumez@apple.com>
1381
1382         Make parameters mandatory for attribute-related API on Element
1383         https://bugs.webkit.org/show_bug.cgi?id=160059
1384
1385         Reviewed by Ryosuke Niwa.
1386
1387         Make parameters mandatory for attribute-related API on Element to match
1388         the specification:
1389         - https://dom.spec.whatwg.org/#element
1390
1391         Firefox and Chrome agree with the specification. Calling this API
1392         without the parameters does not make much sense, especially considering
1393         WebKit uses the string "undefined" when the parameter is omitted.
1394
1395         No new tests, rebaselined existing tests.
1396
1397         * dom/Element.idl:
1398
1399 2016-07-21  Myles C. Maxfield  <mmaxfield@apple.com>
1400
1401         Remove support for deprecated SPI inlineMediaPlaybackRequiresPlaysInlineAttribute
1402         https://bugs.webkit.org/show_bug.cgi?id=160066
1403
1404         Reviewed by Dean Jackson.
1405
1406         r203520 deprecated inlineMediaPlaybackRequiresPlaysInlineAttribute in favor of
1407         allowsInlineMediaPlaybackWithPlaysInlineAttribute and
1408         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute. The old
1409         inlineMediaPlaybackRequiresPlaysInlineAttribute is SPI and was never released
1410         to the public. Therefore, it can be removed safely.
1411
1412         No new tests because there is no behavior change.
1413
1414         * page/Settings.cpp:
1415         * page/Settings.in:
1416         * testing/InternalSettings.cpp:
1417         (WebCore::InternalSettings::Backup::Backup): Deleted.
1418         (WebCore::InternalSettings::Backup::restoreTo): Deleted.
1419         (WebCore::InternalSettings::setInlineMediaPlaybackRequiresPlaysInlineAttribute): Deleted.
1420         * testing/InternalSettings.h:
1421         * testing/InternalSettings.idl:
1422
1423 2016-07-21  Dean Jackson  <dino@apple.com>
1424
1425         REGRESSION (r202927): The internal size of the ImageBuffer is scaled twice by the context scaleFactor
1426         https://bugs.webkit.org/show_bug.cgi?id=159981
1427         <rdar://problem/27429465>
1428
1429         Reviewed by Myles Maxfield.
1430
1431         The change to propagate color spaces through ImageBuffers created an
1432         alternate version of createCompatibleBuffer. This version accidentally
1433         attempted to take the display resolution (i.e. hidpi) into account
1434         when creating the buffer, which meant it was being applied twice.
1435
1436         The fix is simply to remove that logic. The caller of the method
1437         will take the resolution into account, the same way they did
1438         with the old createCompatibleBuffer method.
1439
1440         Test: fast/hidpi/pdf-image-scaled.html
1441
1442         * platform/graphics/cg/ImageBufferCG.cpp:
1443         (WebCore::ImageBuffer::createCompatibleBuffer): Don't calculate
1444         a resolution - just use the value of 1.0.
1445
1446 2016-07-21  John Wilander  <wilander@apple.com>
1447
1448         Block mixed content synchronous XHR
1449         https://bugs.webkit.org/show_bug.cgi?id=105462
1450         <rdar://problem/13666424>
1451
1452         Reviewed by Brent Fulgham.
1453
1454         Test: http/tests/security/mixedContent/insecure-xhr-sync-in-main-frame.html
1455
1456         * loader/DocumentThreadableLoader.cpp:
1457         (WebCore::DocumentThreadableLoader::loadRequest):
1458
1459 2016-07-21  Chris Dumez  <cdumez@apple.com>
1460
1461         Make parameters to Document.getElementsBy*() operations mandatory
1462         https://bugs.webkit.org/show_bug.cgi?id=160050
1463
1464         Reviewed by Daniel Bates.
1465
1466         Make parameters to Document.getElementsBy*() operations mandatory to
1467         match the specification:
1468         - https://dom.spec.whatwg.org/#interface-document
1469
1470         Firefox and Chrome agree with the specification so the compatibility
1471         risk should be low.
1472
1473         It makes very little sense to call these operations without parameter,
1474         especially considering WebKit uses the string "undefined" if the
1475         parameter is omitted.
1476
1477         No new tests, rebaselined existing tests.
1478
1479         * dom/Document.idl:
1480
1481 2016-07-21  Nan Wang  <n_wang@apple.com>
1482
1483         AX: aria-label not being used correctly in accessible name calculation of heading
1484         https://bugs.webkit.org/show_bug.cgi?id=160009
1485
1486         Reviewed by Chris Fleizach.
1487
1488         Actually we are exposing the correct information for heading objects. On macOS, 
1489         VoiceOver should handle the logic that picks the right information to speak.
1490         On iOS, VoiceOver is speaking the static text child instead of the heading object.
1491         So we should set the accessibilityLabel of the static text based on the parent's 
1492         alternate label.
1493
1494         Test: accessibility/ios-simulator/heading-with-aria-label.html
1495
1496         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
1497         (-[WebAccessibilityObjectWrapper _accessibilityTraitsFromAncestors]):
1498
1499 2016-07-21  Saam Barati  <sbarati@apple.com>
1500
1501         op_add/ValueAdd should be an IC in all JIT tiers
1502         https://bugs.webkit.org/show_bug.cgi?id=159649
1503
1504         Reviewed by Benjamin Poulain.
1505
1506         * ForwardingHeaders/jit/JITMathICForwards.h: Added.
1507
1508 2016-07-21  Chris Dumez  <cdumez@apple.com>
1509
1510         Make parameters mandatory for Document.create*() operations
1511         https://bugs.webkit.org/show_bug.cgi?id=160047
1512
1513         Reviewed by Ryosuke Niwa.
1514
1515         Make parameters mandatory for Document.create*() operations:
1516         createTextNode(), createComment(), createCDataSection(),
1517         createAttribute() and createProcessingInstruction().
1518
1519         This matches the specification:
1520         - https://dom.spec.whatwg.org/#interface-document
1521
1522         Firefox and Chrome both agree with the specification so the
1523         compatibility risk should be low. Also WebKit uses the string
1524         "undefined" when the parameter is omitted, which is not very
1525         helpful.
1526
1527         No new tests, rebaselined existing tests.
1528
1529         * dom/Document.idl:
1530
1531 2016-07-21  Chris Dumez  <cdumez@apple.com>
1532
1533         Fix null handling of SVGAngle/SVGLength.valueAsString attribute
1534         https://bugs.webkit.org/show_bug.cgi?id=160025
1535
1536         Reviewed by Ryosuke Niwa.
1537
1538         Fix null handling of SVGAngle/SVGLength.valueAsString attribute
1539         to match the specification:
1540         - https://www.w3.org/TR/SVG2/types.html#InterfaceSVGAngle
1541         - https://www.w3.org/TR/SVG2/types.html#InterfaceSVGLength
1542
1543         In particular, this patch drops [TreatNullAs=EmptyString] IDL
1544         extended attribute from this attribute. This is not supposed
1545         to change behavior given that both "" and "null" are invalid
1546         numbers and the specification says to throw a SYNTAX_ERR in
1547         this case.
1548
1549         However, WebKit currently ignores assignments to "" instead
1550         of throwing. As a result, assigning to null will now throw
1551         instead of being ignored. The compatibility risk should be
1552         low because both Firefox and Chrome throw when assigning
1553         null.
1554
1555         I did not change the behavior when assigning to "" because
1556         it is a bit out of scope for this patch and browsers to not
1557         seem to agree:
1558         - Firefox throws
1559         - Chrome set value to "0"
1560         - WebKit ignores the assignment
1561
1562         The specification seems to agree with Firefox as far as I
1563         can tell given that "" is not a valid number as per:
1564         - https://www.w3.org/TR/css3-values/#numbers
1565
1566         Test: svg/dom/valueAsString-null.html
1567
1568         * svg/SVGAngle.idl:
1569         * svg/SVGLength.idl:
1570
1571 2016-07-21  Chris Dumez  <cdumez@apple.com>
1572
1573         Fix null handling of HTMLFontElement.color
1574         https://bugs.webkit.org/show_bug.cgi?id=160036
1575
1576         Reviewed by Ryosuke Niwa.
1577
1578         Fix null handling of HTMLFontElement.color to match the specification:
1579         - https://html.spec.whatwg.org/#htmlfontelement
1580
1581         We are supposed to treat null as the empty string. Both Firefox and
1582         Chrome agree with the specification.
1583
1584         No new tests, rebaselined existing tests.
1585
1586         * html/HTMLFontElement.idl:
1587
1588 2016-07-21  Chris Dumez  <cdumez@apple.com>
1589
1590         Fix null handling for several HTMLTableElement attributes
1591         https://bugs.webkit.org/show_bug.cgi?id=160041
1592
1593         Reviewed by Ryosuke Niwa.
1594
1595         Fix null handling for several HTMLTableElement attributes to match the
1596         specification:
1597         - https://html.spec.whatwg.org/#HTMLTableElement-partial
1598
1599         The attributes in question are 'bicolor', 'cellSpacing' and
1600         'cellPadding'. We are supposed to treat null as the empty string for
1601         these attributes.
1602
1603         Firefox and Chrome both agree with the specification.
1604
1605         No new tests, rebaselined existing tests.
1606
1607         * html/HTMLTableElement.idl:
1608
1609 2016-07-21  Chris Dumez  <cdumez@apple.com>
1610
1611         Fix null handling for HTMLObjectElement.border
1612         https://bugs.webkit.org/show_bug.cgi?id=160040
1613
1614         Reviewed by Ryosuke Niwa.
1615
1616         Fix null handling for HTMLObjectElement.border to match the specification:
1617         - https://html.spec.whatwg.org/#HTMLObjectElement-partial
1618
1619         We are supposed to treat null as the empty string.
1620
1621         Both Firefox and Chrome agree with the specification.
1622
1623         No new tests, rebaselined existing tests.
1624
1625         * html/HTMLObjectElement.idl:
1626
1627 2016-07-21  Chris Dumez  <cdumez@apple.com>
1628
1629         Fix null handling for td.bgColor / tr.bgColor
1630         https://bugs.webkit.org/show_bug.cgi?id=160043
1631
1632         Reviewed by Ryosuke Niwa.
1633
1634         Fix null handling for td.bgColor / tr.bgColor to match the
1635         specification:
1636         - https://html.spec.whatwg.org/#HTMLTableCellElement-partial
1637         - https://html.spec.whatwg.org/#HTMLTableRowElement-partial
1638
1639         We are supposed to treat null as the empty string.
1640
1641         Firefox and Chrome both agree with the specification.
1642
1643         No new tests, rebaselined existing tests.
1644
1645         * html/HTMLTableCellElement.idl:
1646         * html/HTMLTableRowElement.idl:
1647
1648 2016-07-21  Chris Dumez  <cdumez@apple.com>
1649
1650         Fix null handling for several HTMLBodyElement attributes
1651         https://bugs.webkit.org/show_bug.cgi?id=160044
1652
1653         Reviewed by Ryosuke Niwa.
1654
1655         Fix null handling for several HTMLBodyElement attributes to match the
1656         specification:
1657         - https://html.spec.whatwg.org/#HTMLBodyElement-partial
1658
1659         The attributes in question are: 'text', 'link', 'vlink', 'alink' and
1660         'bgcolor'.
1661
1662         We are supposed to treat null as the empty string for these attributes.
1663
1664         Firefox and Chrome both agree with the specification.
1665
1666         No new tests, rebaselined existing tests.
1667
1668         * html/HTMLBodyElement.idl:
1669
1670 2016-07-21  Chris Dumez  <cdumez@apple.com>
1671
1672         Fix null handling for HTMLIFrameElement.marginWidth / marginHeight
1673         https://bugs.webkit.org/show_bug.cgi?id=160037
1674
1675         Reviewed by Ryosuke Niwa.
1676
1677         Fix null handling for HTMLIFrameElement.marginWidth / marginHeight to
1678         match the specification:
1679         - https://html.spec.whatwg.org/#HTMLIFrameElement-partial
1680
1681         We are supposed to treat null as the empty string. Both Firefox and
1682         Chrome agree with the specification.
1683
1684         No new tests, rebaselined existing tests.
1685
1686         * html/HTMLIFrameElement.idl:
1687
1688 2016-07-21  Chris Dumez  <cdumez@apple.com>
1689
1690         Fix null handling for HTMLImageElement.border
1691         https://bugs.webkit.org/show_bug.cgi?id=160039
1692
1693         Reviewed by Ryosuke Niwa.
1694
1695         Fix null handling for HTMLImageElement.border to match the specification:
1696         - https://html.spec.whatwg.org/#HTMLImageElement-partial
1697
1698         We are supposed to treat null as the empty string.
1699
1700         Both Firefox and Chrome agree with the specification.
1701
1702         No new tests, rebaselined existing tests.
1703
1704         * html/HTMLImageElement.idl:
1705
1706 2016-07-21  Daniel Bates  <dabates@apple.com>
1707
1708         REGRESSION: Plugin replaced YouTube Flash videos always have the same width
1709         https://bugs.webkit.org/show_bug.cgi?id=159998
1710         <rdar://problem/27462285>
1711
1712         Reviewed by Simon Fraser.
1713
1714         Fixes an issue where the width of a plugin replaced YouTube video loaded via an HTML embed
1715         element would always have the same width regardless of value of the width attribute.
1716
1717         For YouTube Flash videos the YouTube plugin replacement substitutes a shadow DOM subtree
1718         for the default renderer of an HTML embed element. The root of this shadow DOM subtree
1719         is an HTML div element. Currently we set inline styles on this <div> when it is instantiated.
1720         In particular, we set inline display and position to "inline-block" and "relative", respectively,
1721         and set an invalid height and width (we specify a font weight value instead of a CSS length value
1722         - this causes an ASSERT_NOT_REACHED() assertion failure in StyleBuilderConverter::convertLengthSizing()
1723         in a debug build). These styles never worked as intended and we ultimately created an inline
1724         renderer (ignoring display "inline-block") that had auto width and height. Instead it is sufficient
1725         to remove all these inline styles and create a RenderBlockFlow renderer for this <div> so that it
1726         renders as a block, non-replaced element to achieve the intended illusion that the <embed> is a
1727         single element.
1728
1729         * html/shadow/YouTubeEmbedShadowElement.cpp: Remove unused header HTMLEmbedElement.h and include
1730         header RenderBlockFlow.h. Also update copyright in license block.
1731         (WebCore::YouTubeEmbedShadowElement::YouTubeEmbedShadowElement): Remove inline styles as these
1732         never worked as intended.
1733         (WebCore::YouTubeEmbedShadowElement::createElementRenderer): Override; create a block-flow
1734         renderer for us so that we layout as a block, non-replaced element.
1735         * html/shadow/YouTubeEmbedShadowElement.h:
1736
1737 2016-07-21  Myles C. Maxfield  <mmaxfield@apple.com>
1738
1739         [iPhone] Playing a video on tudou.com plays only sound, no video
1740         https://bugs.webkit.org/show_bug.cgi?id=159967
1741         <rdar://problem/26964090>
1742
1743         Reviewed by Jon Lee, Jeremy Jones, and Anders Carlsson.
1744
1745         WebKit recently starting honoring the playsinline and webkit-playsinline
1746         attribute on iPhones. However, because these attributes previously did
1747         nothing, some sites (such as Todou) were setting them on their content
1748         and expecting that they are not honored. In this specific case, the
1749         video is absolutely positioned to be 1 pixel x 1 pixel.
1750
1751         Previously, with iOS 9, apps could set the allowsInlineMediaPlayback
1752         property on their WKWebView, which would honor the webkit-playsinline
1753         attribute. Safari on iPhones didn't do this.
1754
1755         In order to not break these existing apps, it's important that the
1756         allowsInlineMediaPlayback preference still allows webkit-playsinline
1757         videos to play inline in apps using WKWebView. However, in Safari, these
1758         videos should play fullscreen. (Todou videos have webkit-playsinline
1759         but not playsinline.)
1760
1761         Therefore, in Safari, videos with playsinline should be inline, but
1762         videos with webkit-playsinline should be fullscreen. In apps using
1763         WKWebViews, if the app sets allowsInlineMediaPlayback, then videos with
1764         playsinline should be inline, and videos with webkit-playsinline should
1765         also be inline. Videos on iPad and Mac should all be inline by default.
1766
1767         We can create some truth tables for the cases which need to be covered:
1768
1769         All apps on Mac / iPad:
1770         Presence of playsinline | Presence of webkit-playsinline | Result
1771         ========================|================================|===========
1772         Not present             | Not present                    | Inline
1773         Present                 | Not present                    | Inline
1774         Not Present             | Present                        | Inline
1775         Present                 | Present                        | Inline
1776
1777         Safari on iPhone:
1778         Presence of playsinline | Presence of webkit-playsinline | Result
1779         ========================|================================|===========
1780         Not present             | Not present                    | Fullscreen
1781         Present                 | Not present                    | Inline
1782         Not Present             | Present                        | Fullscreen
1783         Present                 | Present                        | Inline
1784
1785         App on iPhone which sets allowsInlineMediaPlayback:
1786         Presence of playsinline | Presence of webkit-playsinline | Result
1787         ========================|================================|===========
1788         Not present             | Not present                    | Fullscreen
1789         Present                 | Not present                    | Inline
1790         Not Present             | Present                        | Inline
1791         Present                 | Present                        | Inline
1792
1793         The way to distinguish Safari from another app is to create an SPI
1794         boolean preference which Safari can set. This is already how the
1795         iPhone and iPad are differentiated using the requiresPlayInlineAttribute
1796         which Safari sets but other apps don't. However, this preference is
1797         no longer sufficient because Safari should now be discriminating
1798         between the playsinline and webkit-playsinline attributes. Therefore,
1799         this preference should be extended to two boolean preferences, which
1800         this patch adds:
1801
1802         allowsInlineMediaPlaybackWithPlaysInlineAttribute
1803         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute
1804
1805         Safari on iPhone will set
1806         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to true,
1807         and allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to
1808         false. Other apps on iPhone will get their defaults values (because they
1809         are SPI) which means they will both be true. On iPad and Mac, apps will
1810         use the defaults values where both are false.
1811
1812         This patch adds support for these two preferences, but does not remove
1813         the existing inlineMediaPlaybackRequiresPlaysInlineAttribute preference.
1814         I will remove the exising preference as soon as I update Safari to migrate
1815         off of it.
1816
1817         Test: media/video-playsinline.html
1818
1819         * html/MediaElementSession.cpp:
1820         (WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):
1821         * page/Settings.cpp:
1822         * page/Settings.in:
1823         * testing/InternalSettings.cpp:
1824         (WebCore::InternalSettings::Backup::Backup):
1825         (WebCore::InternalSettings::Backup::restoreTo):
1826         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithPlaysInlineAttribute):
1827         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute):
1828         * testing/InternalSettings.h:
1829         * testing/InternalSettings.idl:
1830
1831 2016-07-21  Ryosuke Niwa  <rniwa@webkit.org>
1832
1833         Crash accessing null renderer inside WebCore::DeleteSelectionCommand::doApply
1834         https://bugs.webkit.org/show_bug.cgi?id=160011
1835
1836         Reviewed by Chris Dumez.
1837
1838         Add a null pointer check for renderer() call.
1839
1840         Unfortunately no new tests since we don't have a reproduction.
1841
1842         * editing/DeleteSelectionCommand.cpp:
1843         (WebCore::DeleteSelectionCommand::doApply):
1844
1845 2016-07-21  Chris Dumez  <cdumez@apple.com>
1846
1847         The 2 first parameters to DOMImplementation.createDocument() should be mandatory
1848         https://bugs.webkit.org/show_bug.cgi?id=160030
1849
1850         Reviewed by Sam Weinig.
1851
1852         The 2 first parameters to DOMImplementation.createDocument() should be mandatory
1853         as per the specification:
1854         - https://dom.spec.whatwg.org/#domimplementation
1855
1856         Firefox and Chrome both agree with the specification. However, those
1857         parameters were marked as optional in WebKit. Calling this function
1858         without parameters would create a document element whose tag is the
1859         string "undefined", which does not seem helpful. This patch thus
1860         aligns our behavior with the specification and other browsers.
1861
1862         No new tests, rebaselined existing tests.
1863
1864         * dom/DOMImplementation.idl:
1865
1866 2016-07-21  Chris Dumez  <cdumez@apple.com>
1867
1868         Kill legacy valueToStringWithNullCheck() utility function
1869         https://bugs.webkit.org/show_bug.cgi?id=159991
1870
1871         Reviewed by Sam Weinig.
1872
1873         Kill legacy valueToStringWithNullCheck() utility function. Treating null as
1874         a null string is legacy behavior so drop this function so that people are
1875         not tempted to use it. We should be using either:
1876         1. JSValue::toWTFString() for non-nullable DOMStrings
1877         2. valueToStringWithUndefinedOrNullCheck() for nullable DOMStrings
1878         3. valueToStringTreatingNullAsEmptyString() for strings with [TreatNullAs=EmptyString]
1879
1880         No new tests, no web-exposed behavior change.
1881
1882         * bindings/js/JSDOMBinding.cpp:
1883         (WebCore::valueToStringWithNullCheck): Deleted.
1884         * bindings/js/JSDOMBinding.h:
1885         * bindings/js/JSHTMLFrameElementCustom.cpp:
1886         (WebCore::JSHTMLFrameElement::setLocation):
1887         * html/HTMLFrameElement.idl:
1888
1889 2016-07-21  Zalan Bujtas  <zalan@apple.com>
1890
1891         Do not keep invalid IOSurface in ImageBufferData.
1892         https://bugs.webkit.org/show_bug.cgi?id=160005
1893         <rdar://problem/27208636>
1894
1895         Reviewed by Simon Fraser.
1896
1897         When we fail to initialize the IOSurface for the accelerated context, we switch over to
1898         the non-accelerated code path. Since ImageBufferData::surface is used to indicate whether
1899         the graphics context is in accelerated mode, we need to reset it when the initialization fails.
1900
1901         Unable to create a test case.
1902
1903         * platform/graphics/cg/ImageBufferCG.cpp:
1904         (WebCore::ImageBuffer::ImageBuffer):
1905
1906 2016-07-21  Chris Dumez  <cdumez@apple.com>
1907
1908         playsInline IDL attribute has the wrong casing
1909         https://bugs.webkit.org/show_bug.cgi?id=160029
1910         <rdar://problem/27474031>
1911
1912         Reviewed by Jon Lee.
1913
1914         Fix case from video.playsinline to video.playsInline in order to match
1915         the specification:
1916         - https://html.spec.whatwg.org/multipage/embedded-content.html#the-video-element:dom-video-playsinline
1917
1918         It still reflects the "playsinline" content attribute though, as per
1919         the specification:
1920         - https://html.spec.whatwg.org/multipage/embedded-content.html#dom-video-playsinline
1921
1922         No new tests, updated existing test.
1923
1924         * html/HTMLVideoElement.idl:
1925
1926 2016-07-21  Chris Dumez  <cdumez@apple.com>
1927
1928         Drop [TreatNullAs=EmptyString] from CanvasRenderingContext2D.globalCompositeOperation
1929         https://bugs.webkit.org/show_bug.cgi?id=160026
1930
1931         Reviewed by Sam Weinig.
1932
1933         Drop [TreatNullAs=EmptyString] from CanvasRenderingContext2D.globalCompositeOperation
1934         attribute as it does not match the specification:
1935         - https://html.spec.whatwg.org/multipage/scripting.html#canvascompositing
1936
1937         It does not change web-exposed behavior because assigning to "" or "null"
1938         gets ignored as those are not valid operations.
1939
1940         Test: fast/canvas/context-globalCompositeOperation-null.html
1941
1942         * html/canvas/CanvasRenderingContext2D.idl:
1943
1944 2016-07-21  Carlos Garcia Campos  <cgarcia@igalia.com>
1945
1946         [GTK][Threaded Compositor] Overlay scrollbars shouldn't be a requirement of the threaded compositor
1947         https://bugs.webkit.org/show_bug.cgi?id=160020
1948
1949         Reviewed by Michael Catanzaro.
1950
1951         It has been a requirement only because we didn't really know why frame scrollbars were not rendered when using
1952         the threaded compositor. The reason is that RenderView doesn't use layers for FrameView scrollbars by default,
1953         unless using overlay scrollbars. When using the threaded compositor we really need layers for the FrameView
1954         scrollbars even when not using overlay scrollbars.
1955
1956         * platform/gtk/ScrollbarThemeGtk.cpp:
1957         (WebCore::ScrollbarThemeGtk::ScrollbarThemeGtk): Stop enforcing overlay scrollbars when threaded compositor is enabled.
1958         * rendering/RenderLayerCompositor.cpp:
1959         (WebCore::RenderLayerCompositor::shouldCompositeOverflowControls): Always use layers for scrollbars when
1960         threaded compositor is enabled.
1961
1962 2016-07-21  Carlos Garcia Campos  <cgarcia@igalia.com>
1963
1964         [Cairo] Fix a crash in fast/canvas/canvas-getImageData-invalid-result-buffer-crash.html
1965         https://bugs.webkit.org/show_bug.cgi?id=160014
1966
1967         Reviewed by Michael Catanzaro.
1968
1969         In r202887 some null checks were added for JSArray::createUninitialized (and related) but not for the
1970         ImageBuffer cairo implementation.
1971
1972         * platform/graphics/cairo/ImageBufferCairo.cpp:
1973         (WebCore::getImageData): Return early if Uint8ClampedArray::createUninitialized() returns nullptr.
1974
1975 2016-07-21  Miguel Gomez  <magomez@igalia.com>
1976
1977         [GTK] The GSTREAMER_GL path in MediaPlayerPrivateGStreamerBase::paintToTextureMapper() is missing a mutex lock
1978         https://bugs.webkit.org/show_bug.cgi?id=160018
1979
1980         Reviewed by Philippe Normand.
1981
1982         Lock the video sample mutex while accessing it.
1983
1984         Covered by existent tests.
1985
1986         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
1987         (WebCore::MediaPlayerPrivateGStreamerBase::paintToTextureMapper):
1988
1989 2016-07-21  Miguel Gomez  <magomez@igalia.com>
1990
1991         [Threaded Compositor] Flickering when zooming in/out in maps.google.com
1992         https://bugs.webkit.org/show_bug.cgi?id=154069
1993
1994         Reviewed by Carlos Garcia Campos.
1995
1996         Add a new extra buffer to GraphicsContext3D when using the Threaded Compositor,
1997         so it doesn't have to reuse the buffers that are still waiting for composition.
1998
1999         Covered by existing tests.
2000
2001         * platform/graphics/GraphicsContext3D.h:
2002         Add a new texture to use for the rendering. Remove the compositor fbo we were using.
2003         * platform/graphics/cairo/GraphicsContext3DCairo.cpp:
2004         (WebCore::GraphicsContext3D::GraphicsContext3D):
2005         Initialize the new texture and remove the previous fbo related code.
2006         (WebCore::GraphicsContext3D::~GraphicsContext3D):
2007         Properly destroy the new texture and remove the previous fbo related code.
2008         * platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:
2009         (WebCore::GraphicsContext3D::reshapeFBOs):
2010         Allocate the new texture and remove the previous fbo allocation.
2011         * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
2012         (WebCore::GraphicsContext3D::prepareTexture):
2013         Use a single fbo with three textures instead of two fbos with a texture each.
2014         Rotate the three textures usage so:
2015         - m_texture becomes m_compositorTexture to be pushed to the compositor.
2016         - m_intermediateTexture becomes m_texture to receive the next rendering.
2017         - m_compositorTexture becomes m_intermediateTexture.
2018         And add a glFlush() to ensure that the gl commands are sent to the pipeline.
2019         * platform/graphics/opengl/GraphicsContext3DOpenGLES.cpp:
2020         (WebCore::GraphicsContext3D::reshapeFBOs):
2021         Allocate the new texture.
2022
2023 2016-07-21  Carlos Garcia Campos  <cgarcia@igalia.com>
2024
2025         [GTK][Threaded Compositor] Web view background colors don't work
2026         https://bugs.webkit.org/show_bug.cgi?id=159465
2027
2028         Reviewed by Michael Catanzaro.
2029
2030         * rendering/RenderLayerBacking.cpp:
2031         (WebCore::RenderLayerBacking::createPrimaryGraphicsLayer): Initialize frame view layer opacity for platforms not
2032         using the tiled cache layer.
2033
2034 2016-07-20  Youenn Fablet  <youenn@apple.com>
2035
2036         [XHR] Cache response JS object in case of arraybuffer and blob response types
2037         https://bugs.webkit.org/show_bug.cgi?id=128903
2038
2039         Reviewed by Alex Christensen.
2040
2041         Covered by existing and modified tests.
2042
2043         Making response getter a JS builtin that caches response in @response private slot.
2044         Handling invalidation of cached response with @responseCacheIsValid new private method.
2045         Handling creation of cached response with @retrieveResponse new private method which reuses most of
2046         JSXMLHttpRequest::response previous code.
2047
2048         Caching of responses is activated whenever load ended without any error for blob and arraybuffer response types.
2049
2050         Caching of response for document is also activated in case the response getter is used but not if responseXML getter is used.
2051
2052         * CMakeLists.txt: Adding XMLHttpRequest.js.
2053         * DerivedSources.make: Ditto.
2054         * bindings/js/JSXMLHttpRequestCustom.cpp:
2055         (WebCore::JSXMLHttpRequest::retrieveResponse): Implements creation of to-be-cached response.
2056         (WebCore::JSXMLHttpRequest::response): Deleted.
2057         * bindings/js/WebCoreBuiltinNames.h: Adding new private names.
2058         * xml/XMLHttpRequest.cpp:
2059         (WebCore::XMLHttpRequest::didCacheResponse): Renamed from didCacheResponseJSON as all response types are now cached.
2060         (WebCore::XMLHttpRequest::didCacheResponseJSON): Deleted.
2061         * xml/XMLHttpRequest.h:
2062         * xml/XMLHttpRequest.idl:
2063
2064 2016-07-20  Youenn Fablet  <youenn@apple.com>
2065
2066         Remove crossOriginRequestPolicy from ThreadableLoaderOptions
2067         https://bugs.webkit.org/show_bug.cgi?id=159417
2068
2069         Reviewed by Alex Christensen.
2070
2071         No observable change.
2072
2073         * Modules/fetch/FetchLoader.cpp:
2074         (WebCore::FetchLoader::start): DenyCrossOriginRequests -> FetchOptions::Mode::SameOrigin.
2075         * fileapi/FileReaderLoader.cpp:
2076         (WebCore::FileReaderLoader::start): DenyCrossOriginRequests -> FetchOptions::Mode::SameOrigin.
2077         * inspector/InspectorNetworkAgent.cpp:
2078         (WebCore::InspectorNetworkAgent::loadResource): AllowCrossOriginRequests -> FetchOptions::Mode::NoCors.
2079         * loader/DocumentThreadableLoader.cpp:
2080         (WebCore::DocumentThreadableLoader::DocumentThreadableLoader): Ditto.
2081         (WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequest): UseAccessControl -> FetchOptions::Mode::Cors.
2082         (WebCore::DocumentThreadableLoader::redirectReceived): Ditto.
2083         (WebCore::DocumentThreadableLoader::didReceiveResponse): Ditto.
2084         (WebCore::DocumentThreadableLoader::loadRequest): Use NoCors as option passed to ResourceLoader. This allows
2085         desactivating ResourceLoader CORS checks as they are done in DocumentThreadableLoader right now. In the future,
2086         these checks should be moved to ResourceLoader and DocumentThreadableLoader should directly pass the fetch mode
2087         option.
2088         (WebCore::DocumentThreadableLoader::isAllowedRedirect): AllowCrossOriginRequests -> FetchOptions::Mode::NoCors.
2089         * loader/ThreadableLoader.cpp:
2090         (WebCore::ThreadableLoaderOptions::ThreadableLoaderOptions): Removing CrossOriginRequestPolicy.
2091         * loader/ThreadableLoader.h: Ditto.
2092         * loader/WorkerThreadableLoader.cpp:
2093         (WebCore::LoaderTaskOptions::LoaderTaskOptions): Ditto.
2094         * page/EventSource.cpp:
2095         (WebCore::EventSource::connect): UseAccessControl -> FetchOptions::Mode::Cors.
2096         * workers/Worker.cpp:
2097         (WebCore::Worker::create): DenyCrossOriginRequests -> FetchOptions::Mode::SameOrigin.
2098         * workers/WorkerGlobalScope.cpp:
2099         (WebCore::WorkerGlobalScope::importScripts): AllowCrossOriginRequests -> FetchOptions::Mode::NoCors.
2100         * workers/WorkerScriptLoader.cpp:
2101         (WebCore::WorkerScriptLoader::loadSynchronously):
2102         (WebCore::WorkerScriptLoader::loadAsynchronously):
2103         * workers/WorkerScriptLoader.h:
2104         * xml/XMLHttpRequest.cpp:
2105         (WebCore::XMLHttpRequest::createRequest):
2106
2107 2016-07-20  Chris Dumez  <cdumez@apple.com>
2108
2109         Fix null handling of several Document attributes
2110         https://bugs.webkit.org/show_bug.cgi?id=159997
2111
2112         Reviewed by Ryosuke Niwa.
2113
2114         Fix null handling of the following Document attributes: title, cookie
2115         and domain.
2116
2117         In WebKit, they were all marked as [TreatNullAs=EmptyString], which
2118         does not match the specification:
2119         - https://html.spec.whatwg.org/multipage/dom.html#document
2120
2121         Details for each attribute:
2122         - title: null is now treated as the string "null", thus setting the
2123           document title to "null". This matches Firefox and Chrome.
2124         - cookie: adds a "null" cookie instead of being a no-op. This matches
2125                   both Firefox and Chrome.
2126         - domain: Calls setDomain(String("null")) instead of
2127                   setDomain(String()). This throws an exception because "null"
2128                   is not a suffix of the effective domain name. The behavior
2129                   is the same in Firefox and Chrome. Previously, we were
2130                   already throwing an exception since setting the domain to
2131                   the empty string throws, as per the specification.
2132
2133         Test: http/tests//dom/document-attributes-null-handling.html
2134
2135         * dom/Document.idl:
2136
2137 2016-07-20  Commit Queue  <commit-queue@webkit.org>
2138
2139         Unreviewed, rolling out r203471.
2140         https://bugs.webkit.org/show_bug.cgi?id=160003
2141
2142         many iOS-simulator tests are failing (Requested by litherum on
2143         #webkit).
2144
2145         Reverted changeset:
2146
2147         "[iPhone] Playing a video on tudou.com plays only sound, no
2148         video"
2149         https://bugs.webkit.org/show_bug.cgi?id=159967
2150         http://trac.webkit.org/changeset/203471
2151
2152 2016-07-19  Ryosuke Niwa  <rniwa@webkit.org>
2153
2154         iOS: Cannot paste images in RTF content
2155         https://bugs.webkit.org/show_bug.cgi?id=159964
2156         <rdar://problem/27442806>
2157
2158         Reviewed by Enrica Casucci.
2159
2160         The bug was caused by setDefersLoading(true) not deferring image loading for the parsed fragment.
2161         Worked around this bug by disabling image loading while parsing the document fragment.
2162
2163         * editing/ios/EditorIOS.mm:
2164         (WebCore::Editor::createFragmentAndAddResources):
2165
2166 2016-07-20  Brady Eidson  <beidson@apple.com>
2167
2168         Address a small FIXME in IDB code.
2169         https://bugs.webkit.org/show_bug.cgi?id=159999
2170
2171         Reviewed by Andy Estes.
2172
2173         No new tests (No behavior change).
2174
2175         * Modules/indexeddb/IDBRequest.cpp:
2176         (WebCore::IDBRequest::IDBRequest):
2177         
2178         * Modules/indexeddb/shared/IDBResourceIdentifier.cpp:
2179         (WebCore::IDBResourceIdentifier::IDBResourceIdentifier): Deleted.
2180         * Modules/indexeddb/shared/IDBResourceIdentifier.h:
2181
2182 2016-07-20  Brady Eidson  <beidson@apple.com>
2183
2184         Remove some "modernFoo"s from IndexedDB code.
2185         https://bugs.webkit.org/show_bug.cgi?id=159985
2186
2187         Reviewed by Andy Estes.
2188
2189         No new tests (No known behavior change).
2190
2191         * Modules/indexeddb/IDBCursor.cpp:
2192         (WebCore::IDBCursor::IDBCursor):
2193         (WebCore::IDBCursor::~IDBCursor):
2194         (WebCore::IDBCursor::sourcesDeleted):
2195         (WebCore::IDBCursor::effectiveObjectStore):
2196         (WebCore::IDBCursor::transaction):
2197         (WebCore::IDBCursor::direction):
2198         (WebCore::IDBCursor::update):
2199         (WebCore::IDBCursor::advance):
2200         (WebCore::IDBCursor::continueFunction):
2201         (WebCore::IDBCursor::uncheckedIterateCursor):
2202         (WebCore::IDBCursor::deleteFunction):
2203         (WebCore::IDBCursor::setGetResult):
2204         
2205         * Modules/indexeddb/IDBIndex.cpp:
2206         (WebCore::IDBIndex::IDBIndex):
2207         (WebCore::IDBIndex::~IDBIndex):
2208         (WebCore::IDBIndex::hasPendingActivity):
2209         (WebCore::IDBIndex::name):
2210         (WebCore::IDBIndex::objectStore):
2211         (WebCore::IDBIndex::keyPath):
2212         (WebCore::IDBIndex::unique):
2213         (WebCore::IDBIndex::multiEntry):
2214         (WebCore::IDBIndex::openCursor):
2215         (WebCore::IDBIndex::doCount):
2216         (WebCore::IDBIndex::openKeyCursor):
2217         (WebCore::IDBIndex::doGet):
2218         (WebCore::IDBIndex::doGetKey):
2219         (WebCore::IDBIndex::markAsDeleted):
2220         * Modules/indexeddb/IDBIndex.h:
2221         
2222         * Modules/indexeddb/IDBObjectStore.cpp:
2223         (WebCore::IDBObjectStore::transaction):
2224         (WebCore::IDBObjectStore::deleteFunction): Deleted.
2225         (WebCore::IDBObjectStore::modernDelete): Deleted.
2226         * Modules/indexeddb/IDBObjectStore.h:
2227         
2228         * bindings/js/JSIDBIndexCustom.cpp:
2229         (WebCore::JSIDBIndex::visitAdditionalChildren):
2230
2231 2016-07-20  Chris Dumez  <cdumez@apple.com>
2232
2233         Stop using valueToStringWithNullCheck() in JSCSSStyleDeclaration::putDelegate()
2234         https://bugs.webkit.org/show_bug.cgi?id=159982
2235
2236         Reviewed by Ryosuke Niwa.
2237
2238         valueToStringWithNullCheck() treats null as the null String() which is
2239         legacy / non standard behavior. The specification says we should treat
2240         null as the empty string:
2241         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-camel-cased-attribute
2242
2243         Therefore, we should be using valueToStringTreatingNullAsEmptyString() instead.
2244
2245         In practice, there is no web-exposed behavior change because
2246         MutableStyleProperties::setProperty() removes the property wether the
2247         value is the null String or the empty String.
2248
2249         This behavior is correct since the specification says that we should
2250         remove the property if the value is the empty string:
2251         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-setproperty (step 4)
2252
2253         I added test coverage to make sure we behave according to specification.
2254         This test is passing in Firefox, Chrome and in WebKit (before and after
2255         my change).
2256
2257         Test: fast/css/CSSStyleDeclaration-property-setter.html
2258
2259         * bindings/js/JSCSSStyleDeclarationCustom.cpp:
2260         (WebCore::JSCSSStyleDeclaration::putDelegate):
2261
2262 2016-07-20  Chris Dumez  <cdumez@apple.com>
2263
2264         Fix null handling of HTMLFrameElement.marginWidth / marginHeight
2265         https://bugs.webkit.org/show_bug.cgi?id=159987
2266
2267         Reviewed by Ryosuke Niwa.
2268
2269         Fix null handling of HTMLFrameElement.marginWidth / marginHeight:
2270         - https://html.spec.whatwg.org/multipage/obsolete.html#htmlframeelement
2271
2272         We are supposed to treat null as the empty string but we treat it as
2273         the string "null".
2274
2275         Firefox and Chrome both match the specification.
2276
2277         No new tests, updated existing tests.
2278
2279         * html/HTMLFrameElement.idl:
2280
2281 2016-07-20  Wenson Hsieh  <wenson_hsieh@apple.com>
2282
2283         Pausing autoplayed media should not remove all restrictions for that media element
2284         https://bugs.webkit.org/show_bug.cgi?id=159988
2285
2286         Reviewed by Jon Lee.
2287
2288         Localizes the removal of behavior restrictions introduced in r203464 upon pausing an
2289         autoplaying video to just affect the hiding or showing of the media controller. This
2290         prevents pages from using Javascript to start playing autoplaying videos that have
2291         been paused by the user.
2292
2293         * html/HTMLMediaElement.cpp:
2294         (WebCore::HTMLMediaElement::pause):
2295
2296 2016-07-20  Myles C. Maxfield  <mmaxfield@apple.com>
2297
2298         [iPhone] Playing a video on tudou.com plays only sound, no video
2299         https://bugs.webkit.org/show_bug.cgi?id=159967
2300         <rdar://problem/26964090>
2301
2302         Reviewed by Jon Lee.
2303
2304         WebKit recently starting honoring the playsinline and webkit-playsinline
2305         attribute on iPhones. However, because these attributes previously did
2306         nothing, some sites (such as Todou) were setting them on their content
2307         and expecting that they are not honored. In this specific case, the
2308         video is absolutely positioned to be 1 pixel x 1 pixel.
2309
2310         Previously, with iOS 9, apps could set the allowsInlineMediaPlayback
2311         property on their WKWebView, which would honor the webkit-playsinline
2312         attribute. Safari on iPhones didn't do this.
2313
2314         In order to not break these existing apps, it's important that the
2315         allowsInlineMediaPlayback preference still allows webkit-playsinline
2316         videos to play inline in apps using WKWebView. However, in Safari, these
2317         videos should play fullscreen. (Todou videos have webkit-playsinline
2318         but not playsinline.)
2319
2320         Therefore, in Safari, videos with playsinline should be inline, but
2321         videos with webkit-playsinline should be fullscreen. In apps using
2322         WKWebViews, if the app sets allowsInlineMediaPlayback, then videos with
2323         playsinline should be inline, and videos with webkit-playsinline should
2324         also be inline. Videos on iPad and Mac should all be inline by default.
2325
2326         We can create some truth tables for the cases which need to be covered:
2327
2328         All apps on Mac / iPad:
2329         Presence of playsinline | Presence of webkit-playsinline | Result
2330         ========================|================================|===========
2331         Not present             | Not present                    | Inline
2332         Present                 | Not present                    | Inline
2333         Not Present             | Present                        | Inline
2334         Present                 | Present                        | Inline
2335
2336         Safari on iPhone:
2337         Presence of playsinline | Presence of webkit-playsinline | Result
2338         ========================|================================|===========
2339         Not present             | Not present                    | Fullscreen
2340         Present                 | Not present                    | Inline
2341         Not Present             | Present                        | Fullscreen
2342         Present                 | Present                        | Inline
2343
2344         App on iPhone which sets allowsInlineMediaPlayback:
2345         Presence of playsinline | Presence of webkit-playsinline | Result
2346         ========================|================================|===========
2347         Not present             | Not present                    | Fullscreen
2348         Present                 | Not present                    | Inline
2349         Not Present             | Present                        | Inline
2350         Present                 | Present                        | Inline
2351
2352         The way to distinguish Safari from another app is to create an SPI
2353         boolean preference which Safari can set. This is already how the
2354         iPhone and iPad are differentiated using the requiresPlayInlineAttribute
2355         which Safari sets but other apps don't. However, this preference is
2356         no longer sufficient because Safari should now be discriminating
2357         between the playsinline and webkit-playsinline attributes. Therefore,
2358         this preference should be extended to two boolean preferences, which
2359         this patch adds:
2360
2361         allowsInlineMediaPlaybackWithPlaysInlineAttribute
2362         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute
2363
2364         Safari on iPhone will set
2365         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to true,
2366         and allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to
2367         false. Other apps on iPhone will get their defaults values (because they
2368         are SPI) which means they will both be true. On iPad and Mac, apps will
2369         use the defaults values where both are false.
2370
2371         This patch adds support for these two preferences, but does not remove
2372         the existing inlineMediaPlaybackRequiresPlaysInlineAttribute preference.
2373         I will remove the exising preference as soon as I update Safari to migrate
2374         off of it.
2375
2376         Test: media/video-playsinline.html
2377
2378         * html/MediaElementSession.cpp:
2379         (WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):
2380         * page/Settings.cpp:
2381         * page/Settings.in:
2382         * testing/InternalSettings.cpp:
2383         (WebCore::InternalSettings::Backup::Backup):
2384         (WebCore::InternalSettings::Backup::restoreTo):
2385         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithPlaysInlineAttribute):
2386         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute):
2387         * testing/InternalSettings.h:
2388         * testing/InternalSettings.idl:
2389
2390 2016-07-20  Chris Dumez  <cdumez@apple.com>
2391
2392         Get rid of custom bindings code for XMLHttpRequest.open()
2393         https://bugs.webkit.org/show_bug.cgi?id=159984
2394
2395         Reviewed by Ryosuke Niwa.
2396
2397         Get rid of custom bindings code for XMLHttpRequest.open() as the
2398         bindings generator is able to generate it.
2399
2400         Relevant specification:
2401         - https://xhr.spec.whatwg.org/#xmlhttprequest
2402
2403         The issue is that legacy content prevents treating the 'async' argument
2404         being undefined identical from it being omitted. However, this can be
2405         achieved by using overloading in IDL, like in the specification.
2406
2407         No new tests, already covered by the following tests:
2408         - http/tests/xmlhttprequest/basic-auth.html
2409         - http/tests/xmlhttprequest/open-async-overload.html
2410
2411         * bindings/js/JSXMLHttpRequestCustom.cpp:
2412         (WebCore::SendFunctor::SendFunctor): Deleted.
2413         (WebCore::SendFunctor::line): Deleted.
2414         (WebCore::SendFunctor::column): Deleted.
2415         (WebCore::SendFunctor::url): Deleted.
2416         (WebCore::SendFunctor::operator()): Deleted.
2417         * xml/XMLHttpRequest.cpp:
2418         (WebCore::XMLHttpRequest::open):
2419         * xml/XMLHttpRequest.h:
2420         * xml/XMLHttpRequest.idl:
2421
2422 2016-07-20  Rawinder Singh  <rawinder.singh-webkit@cisra.canon.com.au>
2423
2424         Mark overriden methods in WebCore/svg final classes as final
2425         https://bugs.webkit.org/show_bug.cgi?id=159966
2426
2427         Reviewed by Michael Catanzaro.
2428
2429         Update WebCore/svg classes so that overriden methods in final classes are marked final.
2430
2431         * svg/SVGAElement.h:
2432         * svg/SVGAltGlyphDefElement.h:
2433         * svg/SVGAltGlyphItemElement.h:
2434         * svg/SVGAnimateTransformElement.h:
2435         * svg/SVGAnimatedColor.h:
2436         * svg/SVGCircleElement.h:
2437         * svg/SVGClipPathElement.h:
2438         * svg/SVGCursorElement.h:
2439         * svg/SVGDefsElement.h:
2440         * svg/SVGDescElement.h:
2441         * svg/SVGEllipseElement.h:
2442         * svg/SVGFEMergeNodeElement.h:
2443         * svg/SVGFilterElement.h:
2444         * svg/SVGFontElement.h:
2445         * svg/SVGFontFaceElement.h:
2446         * svg/SVGFontFaceFormatElement.h:
2447         * svg/SVGFontFaceNameElement.h:
2448         * svg/SVGFontFaceSrcElement.h:
2449         * svg/SVGFontFaceUriElement.h:
2450         * svg/SVGForeignObjectElement.h:
2451         * svg/SVGGElement.h:
2452         * svg/SVGGlyphElement.h:
2453         * svg/SVGGlyphRefElement.h:
2454         * svg/SVGHKernElement.h:
2455         * svg/SVGImageElement.h:
2456         * svg/SVGLineElement.h:
2457         * svg/SVGMPathElement.h:
2458         * svg/SVGMaskElement.h:
2459         * svg/SVGMetadataElement.h:
2460         * svg/SVGMissingGlyphElement.h:
2461         * svg/SVGPathBuilder.h:
2462         * svg/SVGPathByteStreamBuilder.h:
2463         * svg/SVGPathByteStreamSource.h:
2464         * svg/SVGPathElement.h:
2465         * svg/SVGPathSegArcAbs.h:
2466         * svg/SVGPathSegArcRel.h:
2467         * svg/SVGPathSegClosePath.h:
2468         * svg/SVGPathSegCurvetoCubicAbs.h:
2469         * svg/SVGPathSegCurvetoCubicRel.h:
2470         * svg/SVGPathSegCurvetoCubicSmoothAbs.h:
2471         * svg/SVGPathSegCurvetoCubicSmoothRel.h:
2472         * svg/SVGPathSegCurvetoQuadraticAbs.h:
2473         * svg/SVGPathSegCurvetoQuadraticRel.h:
2474         * svg/SVGPathSegCurvetoQuadraticSmoothAbs.h:
2475         * svg/SVGPathSegCurvetoQuadraticSmoothRel.h:
2476         * svg/SVGPathSegLinetoAbs.h:
2477         * svg/SVGPathSegLinetoHorizontalAbs.h:
2478         * svg/SVGPathSegLinetoHorizontalRel.h:
2479         * svg/SVGPathSegLinetoRel.h:
2480         * svg/SVGPathSegLinetoVerticalAbs.h:
2481         * svg/SVGPathSegLinetoVerticalRel.h:
2482         * svg/SVGPathSegListBuilder.h:
2483         * svg/SVGPathSegListSource.h:
2484         * svg/SVGPathSegMovetoAbs.h:
2485         * svg/SVGPathSegMovetoRel.h:
2486         * svg/SVGPathStringSource.h:
2487         * svg/SVGPathTraversalStateBuilder.h:
2488         * svg/SVGPatternElement.h:
2489         * svg/SVGRectElement.h:
2490         * svg/SVGScriptElement.h:
2491         * svg/SVGStopElement.h:
2492         * svg/SVGStyleElement.h:
2493         * svg/SVGSwitchElement.h:
2494         * svg/SVGTRefElement.cpp:
2495         * svg/SVGTitleElement.h:
2496         * svg/SVGToOTFFontConversion.cpp:
2497         * svg/SVGUnknownElement.h:
2498         * svg/SVGVKernElement.h:
2499         * svg/SVGViewElement.h:
2500         * svg/SVGZoomEvent.h:
2501         * svg/animation/SVGSMILElement.cpp:
2502         * svg/graphics/SVGImage.h:
2503         * svg/graphics/SVGImageClients.h:
2504         * svg/graphics/SVGImageForContainer.h:
2505         * svg/graphics/filters/SVGFEImage.h:
2506         * svg/graphics/filters/SVGFilter.h:
2507         * svg/properties/SVGAnimatedEnumerationPropertyTearOff.h:
2508         * svg/properties/SVGAnimatedPathSegListPropertyTearOff.h:
2509         * svg/properties/SVGAnimatedPropertyTearOff.h:
2510         * svg/properties/SVGAnimatedTransformListPropertyTearOff.h:
2511         * svg/properties/SVGMatrixTearOff.h:
2512         * svg/properties/SVGPathSegListPropertyTearOff.h:
2513
2514 2016-07-20  Brady Eidson  <beidson@apple.com>
2515
2516         Transition most IDB interfaces from ScriptExecutionContext to ExecState.
2517         https://bugs.webkit.org/show_bug.cgi?id=159975
2518
2519         Reviewed by Alex Christensen.
2520
2521         No new tests (No known behavior change).
2522
2523         * Modules/indexeddb/IDBCursor.cpp:
2524         (WebCore::IDBCursor::continueFunction):
2525         (WebCore::IDBCursor::deleteFunction):
2526         * Modules/indexeddb/IDBCursor.h:
2527         * Modules/indexeddb/IDBCursor.idl:
2528
2529         * Modules/indexeddb/IDBDatabase.idl:
2530
2531         * Modules/indexeddb/IDBFactory.cpp:
2532         (WebCore::IDBFactory::cmp):
2533         * Modules/indexeddb/IDBFactory.h:
2534         * Modules/indexeddb/IDBFactory.idl:
2535
2536         * Modules/indexeddb/IDBIndex.cpp:
2537         (WebCore::IDBIndex::openCursor):
2538         (WebCore::IDBIndex::count):
2539         (WebCore::IDBIndex::doCount):
2540         (WebCore::IDBIndex::openKeyCursor):
2541         (WebCore::IDBIndex::get):
2542         (WebCore::IDBIndex::doGet):
2543         (WebCore::IDBIndex::getKey):
2544         (WebCore::IDBIndex::doGetKey):
2545         * Modules/indexeddb/IDBIndex.h:
2546         * Modules/indexeddb/IDBIndex.idl:
2547
2548         * Modules/indexeddb/IDBKeyRange.cpp:
2549         (WebCore::IDBKeyRange::only): Deleted.
2550         * Modules/indexeddb/IDBKeyRange.h:
2551
2552         * Modules/indexeddb/IDBObjectStore.cpp:
2553         (WebCore::IDBObjectStore::openCursor):
2554         (WebCore::IDBObjectStore::get):
2555         (WebCore::IDBObjectStore::putOrAdd):
2556         (WebCore::IDBObjectStore::deleteFunction):
2557         (WebCore::IDBObjectStore::doDelete):
2558         (WebCore::IDBObjectStore::modernDelete):
2559         (WebCore::IDBObjectStore::clear):
2560         (WebCore::IDBObjectStore::createIndex):
2561         (WebCore::IDBObjectStore::count):
2562         (WebCore::IDBObjectStore::doCount):
2563         * Modules/indexeddb/IDBObjectStore.h:
2564         * Modules/indexeddb/IDBObjectStore.idl:
2565
2566         * Modules/indexeddb/IDBTransaction.cpp:
2567         (WebCore::IDBTransaction::requestOpenCursor):
2568         (WebCore::IDBTransaction::doRequestOpenCursor):
2569         (WebCore::IDBTransaction::requestGetRecord):
2570         (WebCore::IDBTransaction::requestGetValue):
2571         (WebCore::IDBTransaction::requestGetKey):
2572         (WebCore::IDBTransaction::requestIndexRecord):
2573         (WebCore::IDBTransaction::requestCount):
2574         (WebCore::IDBTransaction::requestDeleteRecord):
2575         (WebCore::IDBTransaction::requestClearObjectStore):
2576         (WebCore::IDBTransaction::requestPutOrAdd):
2577         * Modules/indexeddb/IDBTransaction.h:
2578
2579         * inspector/InspectorIndexedDBAgent.cpp:
2580
2581 2016-07-20  Wenson Hsieh  <wenson_hsieh@apple.com>
2582
2583         Media controls don't appear when pausing a small autoplaying video
2584         https://bugs.webkit.org/show_bug.cgi?id=159972
2585         <rdar://problem/27180657>
2586
2587         Reviewed by Beth Dakin.
2588
2589         When pausing an autoplaying video, remove behavior restrictions for the
2590         initial user gesture and show media controls.
2591
2592         New WebKit API test. See VideoControlsManagerSingleSmallAutoplayingVideo.
2593
2594         * html/HTMLMediaElement.cpp:
2595         (WebCore::HTMLMediaElement::pause):
2596
2597 2016-07-20  Chris Dumez  <cdumez@apple.com>
2598
2599         Fix null handling of HTMLMediaElement.mediaGroup
2600         https://bugs.webkit.org/show_bug.cgi?id=159974
2601
2602         Reviewed by Eric Carlson.
2603
2604         Fix null handling of HTMLMediaElement.mediaGroup to match the specification:
2605         - https://www.w3.org/TR/html5/embedded-content-0.html#media-elements
2606
2607         null is supposed to be treated as the String "null". This patch aligns
2608         our behavior with the specification. I tested Firefox and Chrome but both
2609         do not have this attribute on HTMLMediaElement.
2610
2611         Also remove support for [TreatNullAs=LegacyNullString] from our bindings
2612         generator as HTMLMediaElement.mediaGroup was the last user.
2613
2614         No new tests, rebaselined existing test.
2615
2616         * bindings/scripts/CodeGeneratorJS.pm:
2617         (JSValueToNative):
2618         * bindings/scripts/IDLAttributes.txt:
2619         * html/HTMLMediaElement.idl:
2620
2621 2016-07-20  Chris Dumez  <cdumez@apple.com>
2622
2623         CSSStyleDeclaration.setProperty() should be able to unset "important" on a property
2624         https://bugs.webkit.org/show_bug.cgi?id=159959
2625
2626         Reviewed by Alexey Proskuryakov.
2627
2628         CSSStyleDeclaration.setProperty() should be able to unsert "important"
2629         on a property as per the latest specification:
2630         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-setproperty
2631         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-camel-cased-attribute
2632
2633         Firefox and Chrome match the specification here but WebKit was ignoring calls
2634         to setProperty() if there is already an "important" property wit this name
2635         and if the new property does not have the "important" flag set.
2636
2637         This behavior was added a long time ago via Bug 60007. However, it does not
2638         match the latest specification or other browsers.
2639
2640         Test: fast/css/CSSStyleDeclaration-setProperty-unset-important.html
2641
2642         * css/StyleProperties.cpp:
2643         (WebCore::MutableStyleProperties::addParsedProperty):
2644         Drop code that was added via Bug 60007 as this behavior no longer matches the
2645         specification or other browsers. The layout test added in Bug 60007 fails in
2646         other browsers and was updated in this patch to match the specification.
2647
2648 2016-07-20  Commit Queue  <commit-queue@webkit.org>
2649
2650         Unreviewed, rolling out r203423.
2651         https://bugs.webkit.org/show_bug.cgi?id=159977
2652
2653         The test for this change is failing on Mac Release WK2
2654         (Requested by ryanhaddad on #webkit).
2655
2656         Reverted changeset:
2657
2658         "HTMLVideoElement frames do not update on iOS when src is a
2659         MediaStream blob"
2660         https://bugs.webkit.org/show_bug.cgi?id=159833
2661         http://trac.webkit.org/changeset/203423
2662
2663 2016-07-20  Chris Dumez  <cdumez@apple.com>
2664
2665         Fix null handling of HTMLSelectElement.value attribute
2666         https://bugs.webkit.org/show_bug.cgi?id=159925
2667
2668         Reviewed by Benjamin Poulain.
2669
2670         Fix null handling of HTMLSelectElement.value attribute:
2671         - https://html.spec.whatwg.org/multipage/forms.html#htmlselectelement
2672
2673         We were treating null as the null String which would end up setting
2674         selectedIndex to -1. However, we should treat null as the String "null"
2675         which would set the selectedIndex to the index of the <option> element
2676         whose value is "null".
2677
2678         Firefox and Chrome match the specification.
2679
2680         Test: fast/dom/HTMLSelectElement/value-null-handling.html
2681
2682         * html/HTMLSelectElement.cpp:
2683         (WebCore::HTMLSelectElement::setValue):
2684         * html/HTMLSelectElement.idl:
2685
2686 2016-07-20  Chris Dumez  <cdumez@apple.com>
2687
2688         PostResolutionCallbackDisabler can resume pending requests while a ResourceLoadSuspender is alive
2689         https://bugs.webkit.org/show_bug.cgi?id=159962
2690         <rdar://problem/21439264>
2691
2692         Reviewed by David Kilzer.
2693
2694         PostResolutionCallbackDisabler can resume pending requests while a ResourceLoadSuspender
2695         is alive. We have both PostResolutionCallbackDisabler and ResourceLoadSuspender that
2696         call LoaderStrategy::suspendPendingRequests() / LoaderStrategy::resumePendingRequests().
2697         However, PostResolutionCallbackDisabler and ResourceLoadSuspender are not aware of each
2698         other. It is therefore possible for a PostResolutionCallbackDisabler object to get
2699         destroyed, causing LoaderStrategy::resumePendingRequests() to be called while a
2700         ResourceLoadSuspender object is alive.
2701
2702         This leads to hard to investigate crashes where we end up re-entering WebKit and killing
2703         the style resolver.
2704
2705         This patch drops ResourceLoadSuspender and uses PostResolutionCallbackDisabler instead.
2706         There was only one user of ResourceLoadSuspender and PostResolutionCallbackDisabler
2707         is better because it manages a resolutionNestingDepth counter internally to make sure
2708         it only calls LoaderStrategy::resumePendingRequests() once all
2709         PostResolutionCallbackDisabler instances are destroyed.
2710
2711         No new tests, there is no easy way to reproduce the crashes.
2712
2713         * dom/Document.cpp:
2714         (WebCore::Document::styleForElementIgnoringPendingStylesheets):
2715         * loader/LoaderStrategy.cpp:
2716         (WebCore::ResourceLoadSuspender::ResourceLoadSuspender): Deleted.
2717         (WebCore::ResourceLoadSuspender::~ResourceLoadSuspender): Deleted.
2718         * loader/LoaderStrategy.h:
2719
2720 2016-07-19  Youenn Fablet  <youenn@apple.com>
2721
2722         [Fetch API] Add a JS builtin to implement https://fetch.spec.whatwg.org/#concept-headers-fill
2723         https://bugs.webkit.org/show_bug.cgi?id=159932
2724
2725         Reviewed by Alex Christensen.
2726
2727         Covered by existing tests.
2728
2729         Refactoring Headers initializeWith to use the new built-in internal that implements
2730         https://fetch.spec.whatwg.org/#concept-headers-fill.
2731
2732         Refactoring Response constructor to put more checks in the JS builtin fucntion called within constructor.
2733         Making use of the new built-in internal that implements https://fetch.spec.whatwg.org/#concept-headers-fill.
2734
2735         * CMakeLists.txt: Adding FetchHeadersInternals.js
2736         * DerivedSources.make: Ditto.
2737         * Modules/fetch/FetchHeaders.js:
2738         (initializeFetchHeaders): Using fillFetchHeaders new built-in internal.
2739         * Modules/fetch/FetchInternals.js: Added.
2740         (fillFetchHeaders):
2741         * Modules/fetch/FetchResponse.cpp: Refactoring to do more in the JS built-in. Splitting of initializeWith so
2742         that the checks are done in the order defined by the spec.
2743         (WebCore::FetchResponse::setStatus):
2744         (WebCore::FetchResponse::initializeWith):
2745         (WebCore::isNullBodyStatus): Deleted.
2746         * Modules/fetch/FetchResponse.h:
2747         * Modules/fetch/FetchResponse.idl:
2748         * Modules/fetch/FetchResponse.js:
2749         (initializeFetchResponse): New built-in internal.
2750         * WebCore.xcodeproj/project.pbxproj:
2751         * bindings/js/WebCoreBuiltinNames.h:
2752
2753 2016-07-19  Chris Dumez  <cdumez@apple.com>
2754
2755         Fix null handling of SVGScriptElement.type attribute
2756         https://bugs.webkit.org/show_bug.cgi?id=159927
2757
2758         Reviewed by Benjamin Poulain.
2759
2760         Fix null handling of SVGScriptElement.type attribute:
2761         - https://www.w3.org/TR/SVG2/interact.html#InterfaceSVGScriptElement
2762
2763         We were treating null as the null String which would end up removing
2764         the 'type' content attribute. However, we should treat null as the
2765         String "null".
2766
2767         Firefox and Chrome match the specification.
2768
2769         No new tests, updated existing test.
2770
2771         * svg/SVGScriptElement.idl:
2772
2773 2016-07-19  Chris Dumez  <cdumez@apple.com>
2774
2775         Fix null handling of several HTMLDocument attributes
2776         https://bugs.webkit.org/show_bug.cgi?id=159923
2777
2778         Reviewed by Benjamin Poulain.
2779
2780         Fix null handling of several HTMLDocument attributes:
2781         - https://html.spec.whatwg.org/multipage/dom.html#document
2782         - https://html.spec.whatwg.org/multipage/obsolete.html#document-partial
2783
2784         In particular, null handling was incorrect in WebKit for 'dir',
2785         'bgColor', 'fgColor', 'alinkColor', 'linkColor' and 'vlinkColor'.
2786
2787         Firefox and Chrome match the specification.
2788
2789         Test: fast/dom/HTMLDocument/null-handling.html
2790
2791         * html/HTMLDocument.idl:
2792
2793 2016-07-19  Chris Dumez  <cdumez@apple.com>
2794
2795         Document.createElementNS() / createAttributeNS() parameters should be mandatory
2796         https://bugs.webkit.org/show_bug.cgi?id=159938
2797
2798         Reviewed by Benjamin Poulain.
2799
2800         Document.createElementNS() / createAttributeNS() parameters should be mandatory:
2801         - https://dom.spec.whatwg.org/#document
2802
2803         They were optional in WebKit. However, Firefox and Chrome both match the
2804         specification.
2805
2806         No new tests, rebaselined existing tests.
2807
2808         * dom/Document.idl:
2809
2810 2016-07-19  Benjamin Poulain  <bpoulain@apple.com>
2811
2812         Use getElementById for attribute matching if the attribute name is html's id
2813         https://bugs.webkit.org/show_bug.cgi?id=159960
2814
2815         Reviewed by Chris Dumez.
2816
2817         Elliott Sprehn discovered YUI makes heavy uses of querySelector with [id=value]
2818         (https://bugs.chromium.org/p/chromium/issues/detail?id=627242).
2819
2820         If we are not in quirks mode, IdForStyleResolution has the same value
2821         as the Id attribute. We can use the same optimization for both cases.
2822
2823         Tests: fast/selectors/id-attribute-querySelector-used-as-id-selector-quirks.html
2824                fast/selectors/id-attribute-querySelector-used-as-id-selector.html
2825
2826         * dom/SelectorQuery.cpp:
2827         (WebCore::canBeUsedForIdFastPath):
2828         (WebCore::findIdMatchingType):
2829         (WebCore::SelectorDataList::SelectorDataList):
2830         (WebCore::selectorForIdLookup):
2831         (WebCore::filterRootById):
2832
2833 2016-07-19  Chris Dumez  <cdumez@apple.com>
2834
2835         Drop SVGElement.xmlbase attribute
2836         https://bugs.webkit.org/show_bug.cgi?id=159926
2837
2838         Reviewed by Benjamin Poulain.
2839
2840         Drop SVGElement.xmlbase attribute as it is no longer part of the
2841         specification:
2842         - https://www.w3.org/TR/SVG2/types.html#InterfaceSVGElement
2843
2844         Both Firefox and Chrome have already dropped support for
2845         SVGElement.xmlbase.
2846
2847         Chrome's intent to remove:
2848         https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/TfwMq4d25hk/C-v_iC_wKfAJ
2849
2850         Test: svg/dom/SVGElement-xmlbase.html
2851
2852         * svg/SVGElement.cpp:
2853         (WebCore::SVGElement::removedFrom): Deleted.
2854         * svg/SVGElement.h:
2855         * svg/SVGElement.idl:
2856
2857 2016-07-19  Chris Dumez  <cdumez@apple.com>
2858
2859         Align CSSStyleDeclaration.setProperty() with the specification
2860         https://bugs.webkit.org/show_bug.cgi?id=159955
2861
2862         Reviewed by Benjamin Poulain.
2863
2864         Align CSSStyleDeclaration.setProperty() with the specification:
2865         - https://drafts.csswg.org/cssom/#the-cssstyledeclaration-interface
2866
2867         In particular, the following changes were needed:
2868         1. The 'value' parameter should not be optional
2869         2. The 'priority' parameter should treat null as the empty string
2870            rather than the string "null".
2871         3. The 'priority' parameter's default value should be the empty string,
2872            not the string "undefined".
2873         4. CSSStyleDeclaration.setProperty() should return early if 'priority'
2874            is not the empty string and is not an ASCII case-insensitive match
2875            for the string "important".
2876
2877         Chrome matches the specification entirely.
2878         Firefox matches the specification with the exception that it does a
2879         case-sensitive match for "important".
2880
2881         Test: fast/css/CSSStyleDeclaration-setProperty.html
2882
2883         * css/CSSStyleDeclaration.idl:
2884         * css/PropertySetCSSStyleDeclaration.cpp:
2885         (WebCore::PropertySetCSSStyleDeclaration::setProperty):
2886
2887 2016-07-19  Daniel Bates  <dabates@apple.com>
2888
2889         CSP: Improve support for multiple policies to more closely conform to the CSP Level 2 spec.
2890         https://bugs.webkit.org/show_bug.cgi?id=159841
2891         <rdar://problem/27381684>
2892
2893         Reviewed by Brent Fulgham.
2894
2895         Implement a first pass at sending multiple violation reports so as to more closely
2896         conform to section Enforcing multiple policies of the Content Security Policy Level 2 spec.,
2897         <https://w3c.github.io/webappsec-csp/2/> (Editor's Draft, 25 April 2016).
2898
2899         Tests: http/tests/security/contentSecurityPolicy/1.1/script-blocked-sends-multiple-reports.php
2900                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-enforced-policy-and-blocked-by-report-policy.php
2901                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-enforced-policy-and-blocked-by-report-policy2.php
2902                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy.php
2903                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
2904                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-enforced-policy-and-allowed-by-report-policy.php
2905                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-enforced-policy-and-allowed-by-report-policy2.php
2906                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy.php
2907                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy2.php
2908                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy.php
2909                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
2910                http/tests/security/contentSecurityPolicy/1.1/scripthash-in-enforced-policy-and-not-in-report-only.html
2911                http/tests/security/contentSecurityPolicy/1.1/scripthash-in-one-enforced-policy-neither-in-another-enforced-policy-nor-report-policy.html
2912                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-enforced-policy-and-blocked-by-report-policy.php
2913                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-enforced-policy-and-blocked-by-report-policy2.php
2914                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy.php
2915                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
2916                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-enforced-policy-and-allowed-by-report-policy.php
2917                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-enforced-policy-and-allowed-by-report-policy2.php
2918                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy.php
2919                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy2.php
2920                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy.php
2921                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
2922                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-in-enforced-policy-and-not-in-report-only.html
2923                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-in-one-enforced-policy-neither-in-another-enforced-policy-nor-report-policy.html
2924                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-multiple-policies.html
2925
2926         * page/csp/ContentSecurityPolicy.cpp:
2927         (WebCore::ContentSecurityPolicy::allPoliciesWithDispositionAllow): Added. Returns whether the resource
2928         is allowed by all of the policies with the specified disposition.
2929         (WebCore::ContentSecurityPolicy::allPoliciesAllow): Added. Returns whether the resource is allowed by
2930         all of the enforced policies.
2931         (WebCore::ContentSecurityPolicy::findHashOfContentInPolicies): Formerly named foundHashOfContentInAllPolicies.
2932         Modified to return a ("has found hash in all enforced policies, "has found hash in all report-only policies)-pair
2933         so that we can differentiate whether the hash violated an enforced policy or a report-only policy.
2934         (WebCore::ContentSecurityPolicy::allowJavaScriptURLs): Write in terms of ContentSecurityPolicy::allPoliciesAllow().
2935         (WebCore::ContentSecurityPolicy::allowInlineEventHandlers): Ditto.
2936         (WebCore::ContentSecurityPolicy::allowScriptWithNonce): For now only accept a nonce if it is allowed by
2937         all enforced policies. As a side effect of this change is that we only send a CSP violation report when a
2938         nonce violates a report-only policy only if the nonce also violates one or more enforced policies. We will
2939         address this limitation in <https://bugs.webkit.org/show_bug.cgi?id=159830>.
2940         (WebCore::ContentSecurityPolicy::allowStyleWithNonce): Ditto.
2941         (WebCore::ContentSecurityPolicy::allowInlineScript): Differentiate between a hash/'unsafe-inline' that
2942         matches/is contained in all enforce policies and a hash/'unsafe-inline' that matches/is contained in all
2943         report-only policies so that we only allow the resource for the former. As a side effect of this change
2944         we may report that a resource violated a policy even if it contained the hash. See <https://bugs.webkit.org/show_bug.cgi?id=159832>
2945         for more details.
2946         (WebCore::ContentSecurityPolicy::allowInlineStyle): Ditto.
2947         (WebCore::ContentSecurityPolicy::allowEval): Write in terms of ContentSecurityPolicy::allPoliciesAllow().
2948         (WebCore::ContentSecurityPolicy::allowFrameAncestors): Ditto.
2949         (WebCore::ContentSecurityPolicy::allowPluginType): Ditto.
2950         (WebCore::ContentSecurityPolicy::allowScriptFromSource): Ditto.
2951         (WebCore::ContentSecurityPolicy::allowObjectFromSource): Ditto.
2952         (WebCore::ContentSecurityPolicy::allowChildFrameFromSource): Ditto.
2953         (WebCore::ContentSecurityPolicy::allowChildContextFromSource): Ditto.
2954         (WebCore::ContentSecurityPolicy::allowImageFromSource): Ditto.
2955         (WebCore::ContentSecurityPolicy::allowStyleFromSource): Ditto.
2956         (WebCore::ContentSecurityPolicy::allowFontFromSource): Ditto.
2957         (WebCore::ContentSecurityPolicy::allowMediaFromSource): Ditto.
2958         (WebCore::ContentSecurityPolicy::allowConnectToSource): Ditto.
2959         (WebCore::ContentSecurityPolicy::allowFormAction): Ditto.
2960         (WebCore::ContentSecurityPolicy::allowBaseURI): Ditto.
2961         (WebCore::ContentSecurityPolicy::foundHashOfContentInAllPolicies): Deleted.
2962         * page/csp/ContentSecurityPolicy.h:
2963         (WebCore::ContentSecurityPolicy::violatedDirectiveInAnyPolicy): Deleted.
2964
2965 2016-07-19  Chris Dumez  <cdumez@apple.com>
2966
2967         Fix null handling of HTMLScriptElement.text attribute
2968         https://bugs.webkit.org/show_bug.cgi?id=159943
2969
2970         Reviewed by Benjamin Poulain.
2971
2972         Fix null handling of HTMLScriptElement.text attribute:
2973         - https://html.spec.whatwg.org/multipage/scripting.html#the-script-element
2974
2975         We should treat null as the "null" String but we were treating it as
2976         the empty string.
2977
2978         Firefox and Chrome match the specification.
2979
2980         No new tests, rebaselined existing test.
2981
2982         * html/HTMLScriptElement.idl:
2983
2984 2016-07-19  Chris Dumez  <cdumez@apple.com>
2985
2986         autocapitalize attribute should not use [TreatNullAs=LegacyNullString]
2987         https://bugs.webkit.org/show_bug.cgi?id=159934
2988
2989         Reviewed by Benjamin Poulain.
2990
2991         autocapitalize attribute should not use [TreatNullAs=LegacyNullString]. This is
2992         non-standard and we want to drop support for it from the bindings generator.
2993
2994         Instead, use [TreatNullAs=EmptyString] in order to maintain existing behavior
2995         given that both a missing/empty attribute result in using the default
2996         autocapitalization mode and that autocapitalize returns the empty string by
2997         default.
2998
2999         Test: platform/ios-simulator/ios/fast/forms/autocapitalize-null.html
3000
3001         * html/HTMLFormElement.idl:
3002         * html/HTMLInputElement.idl:
3003         * html/HTMLTextAreaElement.idl:
3004
3005 2016-07-19  Zalan Bujtas  <zalan@apple.com>
3006
3007         REGRESSION(r203415): ASSERTION FAILED: !m_layoutRoot->container() || !m_layoutRoot->container()->needsLayout()
3008         https://bugs.webkit.org/show_bug.cgi?id=159952
3009
3010         Reviewed by Simon Fraser.
3011
3012         Update ASSERTs to reflect new functionality, that is, now we can end up in a state
3013         where the container (RenderView) of one of the dirty subtrees is dirty.
3014         See r203415.
3015  
3016         Covered by editing/pasteboard/drag-drop-input-in-svg.svg
3017
3018         * page/FrameView.cpp:
3019         (WebCore::FrameView::scheduleRelayoutOfSubtree):
3020
3021 2016-07-19  Dean Jackson  <dino@apple.com>
3022
3023         REGRESSION(202927): The first slide is the only displayed slide when Quicklooking a Keynote file
3024         https://bugs.webkit.org/show_bug.cgi?id=159948
3025         <rdar://problem/27391012>
3026
3027         Reviewed by Simon Fraser.
3028
3029         There is an iOS bug (<rdar://problem/27416744>) that is causing us
3030         to not always get a color space on CGContextRefs. Investigation of this
3031         exposed some optimizations we can take when we are creating ImageBuffers.
3032         In particular, if we have a bitmap context or an IOSurfaceContext we
3033         can simply copy their color space using API. Otherwise we stick with
3034         the existing CGContextCopyDeviceColorSpace.
3035
3036         Lastly, if for some reason we are unable to copy the device color space,
3037         we should fall back to sRGB.
3038
3039         * platform/graphics/cg/ImageBufferCG.cpp:
3040         (WebCore::ImageBuffer::createCompatibleBuffer):
3041         * platform/spi/cg/CoreGraphicsSPI.h: Add some SPI and enums.
3042
3043
3044 2016-07-19  George Ruan  <gruan@apple.com>
3045
3046         HTMLVideoElement frames do not update on iOS when src is a MediaStream blob
3047         https://bugs.webkit.org/show_bug.cgi?id=159833
3048         <rdar://problem/27379487>
3049
3050         Reviewed by Eric Carlson.
3051
3052         Test: fast/mediastream/MediaStream-video-element-displays-buffer.html
3053
3054         * WebCore.xcodeproj/project.pbxproj:
3055         * platform/graphics/avfoundation/MediaSampleAVFObjC.h: Change create to return a Ref<T> instead
3056         of RefPtr<T>
3057         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h: Make observer of
3058         MediaStreamTrackPrivate and make MediaPlayer use an AVSampleBufferDisplayLayer instead of CALayer.
3059         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm: Ditto.
3060         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::~MediaPlayerPrivateMediaStreamAVFObjC): Clean up
3061         observers and AVSampleBufferDisplayLayer
3062         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::isAvailable): Ensures AVSampleBufferDisplayLayer
3063         is available.
3064         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueAudioSampleBufferFromTrack): Placeholder.
3065         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueVideoSampleBufferFromTrack): Responsible
3066         for enqueuing sample buffers to the active video track.
3067         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::ensureLayer): Ensures that an AVSampleBufferDisplayLayer
3068         exists.
3069         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::destroyLayer): Destroys the AVSampleBufferDisplayLayer.
3070         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::platformLayer): Replace CALayer with AVSampleBufferDisplayLayer.
3071         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::currentDisplayMode): Ditto.
3072         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::sampleBufferUpdated): Called from MediaStreamTrackPrivate when a
3073         new SampleBuffer is available.
3074         (WebCore::updateTracksOfType): Manage adding and removing self as observer from tracks.
3075         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateTracks): Replace CALayer with AVSampleBufferDisplayLayer
3076         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::acceleratedRenderingStateChanged): Copied from
3077         MediaPlayerPrivateMediaSourceAVFObjC.mm
3078         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::load): Deleted CALayer.
3079         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateDisplayMode): Deleted process of updating CALayer.
3080         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateIntrinsicSize): Deleted CALayer.
3081         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::createPreviewLayers): Deleted.
3082         * platform/mediastream/MediaStreamPrivate.cpp:
3083         (WebCore::MediaStreamPrivate::updateActiveVideoTrack): Remove redundant check.
3084         * platform/mediastream/MediaStreamTrackPrivate.cpp:
3085         (WebCore::MediaStreamTrackPrivate::sourceHasMoreMediaData): Called from RealtimeMediaSource when a new SampleBuffer
3086         is available.
3087         * platform/mediastream/MediaStreamTrackPrivate.h:
3088         (WebCore::MediaStreamTrackPrivate::Observer::sampleBufferUpdated): Relays to MediaPlayerPrivateMediaStream that
3089         a new SampleBuffer is available to enqueue to the AVSampleBufferDisplayLayer.
3090         * platform/mediastream/RealtimeMediaSource.cpp:
3091         (WebCore::RealtimeMediaSource::mediaDataUpdated): Relays to all observers that a new SampleBuffer is available.
3092         * platform/mediastream/RealtimeMediaSource.h:
3093         * platform/mediastream/mac/AVVideoCaptureSource.mm:
3094         (WebCore::AVVideoCaptureSource::processNewFrame): Calls mediaDataUpdated when a new SampleBuffer is captured.
3095
3096 2016-07-19  Anders Carlsson  <andersca@apple.com>
3097
3098         Get rid of a #define private public hack in WebCore
3099         https://bugs.webkit.org/show_bug.cgi?id=159953
3100
3101         Reviewed by Dan Bernstein.
3102
3103         Use @package instead.
3104
3105         * bindings/objc/DOMInternal.h:
3106         * bindings/objc/DOMObject.h:
3107
3108 2016-07-19  Andreas Kling  <akling@apple.com>
3109
3110         Fix SharedBuffer leak in MockContentFilter::replacementData().
3111         <https://webkit.org/b/159945>
3112
3113         Reviewed by Andy Estes.
3114
3115         Spotted on leaks bot. This code was pretty explicit about how it's going to leak.
3116         Since this is in the mock filter, it only affected layout tests.
3117
3118         * testing/MockContentFilter.cpp:
3119         (WebCore::MockContentFilter::replacementData):
3120
3121 2016-07-19  Zalan Bujtas  <zalan@apple.com>
3122
3123         theguardian.co.uk crossword puzzles are sometimes not displaying text
3124         https://bugs.webkit.org/show_bug.cgi?id=159924
3125         <rdar://problem/27409483>
3126
3127         Reviewed by Simon Fraser.
3128
3129         This patch fixes the case when
3130         - 2 disjoint subtrees are dirty
3131         - RenderView is also dirty.
3132         and we end up not laying out one of the 2 subtrees.
3133
3134         In FrameView::scheduleRelayoutOfSubtree, we assume that when the RenderView is dirty
3135         we already have a pending full layout which means that any previous subtree layouts have already been
3136         converted to full layouts.
3137         However this assumption is incorrect. RenderView can get dirty without checking if there's
3138         already a pending subtree layout.
3139         One option to solve this problem would be to override RenderObject::setNeedsLayout in RenderView
3140         so that when the RenderView gets dirty, we could also convert any pending subtree layout to full layout.
3141         However RenderObject::setNeedsLayout is a hot function and making it virtual would impact performance.
3142         The other option is to always normalize subtree layouts in FrameView::scheduleRelayoutOfSubtree().
3143         This patch implements the second option.
3144
3145         Test: fast/misc/subtree-layouts.html
3146
3147         * page/FrameView.cpp:
3148         (WebCore::FrameView::scheduleRelayoutOfSubtree):
3149
3150 2016-07-19  Anders Carlsson  <andersca@apple.com>
3151
3152         Some payment authorization status values should keep the sheet active
3153         https://bugs.webkit.org/show_bug.cgi?id=159936
3154         rdar://problem/26756701
3155
3156         Reviewed by Tim Horton.
3157
3158         * Modules/applepay/ApplePaySession.cpp:
3159         (WebCore::ApplePaySession::completePayment):
3160         Keep the sheet active if the status isn't a final state status.
3161
3162         * Modules/applepay/PaymentAuthorizationStatus.h:
3163         (WebCore::isFinalStateStatus):
3164         Add a new helper function that returns whether a given payment authorization status is "final",
3165         meaning that once that status has been passed to completePayment, the session is finished.
3166
3167 2016-07-19  Nan Wang  <n_wang@apple.com>
3168
3169         AX: Incorrect behavior for word related text marker functions when there's collapsed whitespace
3170         https://bugs.webkit.org/show_bug.cgi?id=159910
3171
3172         Reviewed by Chris Fleizach.
3173
3174         We are getting a bad CharacterOffset when there's collapsed whitespace. Added a TraverseOptionValidateOffset
3175         option to make sure we are getting the correct CharacterOffset based on the corresponding Range offset. And
3176         fixed a word navigation issue based on that.
3177
3178         Test: accessibility/mac/text-marker-word-nav-collapsed-whitespace.html
3179
3180         * accessibility/AXObjectCache.cpp:
3181         (WebCore::AXObjectCache::traverseToOffsetInRange):
3182         (WebCore::AXObjectCache::rangeForNodeContents):
3183         (WebCore::AXObjectCache::startOrEndCharacterOffsetForRange):
3184         (WebCore::AXObjectCache::characterOffsetFromVisiblePosition):
3185         (WebCore::AXObjectCache::rightWordRange):
3186         (WebCore::AXObjectCache::previousBoundary):
3187         * accessibility/AXObjectCache.h:
3188         (WebCore::AXObjectCache::isNodeInUse):
3189
3190 2016-07-19  Youenn Fablet  <youenn@apple.com>
3191
3192         [Streams API] ReadableStreamController methods should throw if its stream is not readable
3193         https://bugs.webkit.org/show_bug.cgi?id=159871
3194
3195         Reviewed by Xabier Rodriguez-Calvar.
3196
3197         Spec now mandates close and enqueue to throw if ReadableStream is not readable.
3198         Covered by rebased and/or modified tests.
3199
3200         * Modules/streams/ReadableStreamController.js:
3201         (enqueue): Throwing a TypeError if controlled stream is not readable.
3202         (close): Ditto.
3203
3204 2016-07-19  Simon Fraser  <simon.fraser@apple.com>
3205
3206         Bubbles appear split for a brief moment in Messages
3207         https://bugs.webkit.org/show_bug.cgi?id=159915
3208         rdar://problem/27182267
3209
3210         Reviewed by David Hyatt.
3211
3212         RenderView::repaintRootContents() had a long-standing bug in WebView when the
3213         view is scrolled. repaint() uses visualOverflowRect() but, for the 
3214         RenderView, the visualOverflowRect() is the initial containing block
3215         which is anchored at 0,0. When the view is scrolled it's clipped out and
3216         calls to repaintRootContents() have no effect.
3217         
3218         Change repaintRootContents() to use layoutOverflowRect(). ScrollView::repaintContentRectangle()
3219         will clip it to the view if necessary.
3220
3221         Test: fast/repaint/scrolled-view-full-repaint.html
3222
3223         * rendering/RenderView.cpp:
3224         (WebCore::RenderView::repaintRootContents):
3225
3226 2016-07-19  Dan Bernstein  <mitz@apple.com>
3227
3228         <rdar://problem/27420308> WebCore-7602.1.42 fails to build: error: unused parameter 'vm'
3229
3230         * bindings/js/JSDOMGlobalObject.cpp:
3231         (WebCore::JSDOMGlobalObject::addBuiltinGlobals): Fixed the !ENABLE(STREAMS_API) build.
3232
3233 2016-07-19  Youenn Fablet  <youenn@apple.com>
3234
3235         [Streams API] Make ReadableStream properties not enumerable
3236         https://bugs.webkit.org/show_bug.cgi?id=159868
3237
3238         Reviewed by Darin Adler.
3239
3240         Covered by rebased tests.
3241
3242         Uopdating IDL definitions to mark all functions/attributes as not enumerable.
3243         Updating IDL constructor definitions to correctly compute constructor length.
3244         Updating built-in implementation to correctly compute pipeTo length to 1 (second parameter being optional).
3245
3246         * Modules/streams/ReadableStream.idl:
3247         * Modules/streams/ReadableStream.js:
3248         * Modules/streams/ReadableStreamController.idl:
3249         * Modules/streams/ReadableStreamReader.idl:
3250
3251 2016-07-19  Chris Dumez  <cdumez@apple.com>
3252
3253         form.enctype / encoding / method should treat null as "null" string
3254         https://bugs.webkit.org/show_bug.cgi?id=159916
3255
3256         Reviewed by Ryosuke Niwa.
3257
3258         form.enctype / encoding / method should treat null as "null" string:
3259         - https://html.spec.whatwg.org/multipage/forms.html#htmlformelement
3260
3261         Previously, WebKit would treat null as the null String, which would
3262         end up removing the existing attribute.
3263
3264         Firefox and Chrome match the specification.
3265
3266         Test: fast/dom/HTMLFormElement/null-handling.html
3267
3268         * html/HTMLFormElement.h:
3269         * html/HTMLFormElement.idl:
3270
3271 2016-07-18  Csaba Osztrogon√°c  <ossy@webkit.org>
3272
3273         All-in-one buildfix after r202439
3274         https://bugs.webkit.org/show_bug.cgi?id=159877
3275
3276         Reviewed by Chris Dumez.
3277
3278         * Modules/webaudio/AudioDestinationNode.h:
3279         (WebCore::AudioDestinationNode::resume):
3280         (WebCore::AudioDestinationNode::suspend):
3281         (WebCore::AudioDestinationNode::close):
3282
3283 2016-07-18  Frederic Wang  <fwang@igalia.com>
3284
3285         Move parsing of subscriptshift and superscriptshift from rendering to element classes
3286         https://bugs.webkit.org/show_bug.cgi?id=159622
3287
3288         Reviewed by Darin Adler.
3289
3290         We introduce a new MathMLScriptsElement that is used for elements msub, msup, msubsup and
3291         mmultiscripts in order to create RenderMathMLScripts and parse and expose the values of the
3292         subscriptshift and superscriptshift attributes. This is one more step toward moving MathML
3293         attribute parsing to the DOM (bug 156536).
3294
3295         No new tests, rendering is unchanged.
3296
3297         * CMakeLists.txt: Add MathMLScriptsElement files.
3298         * WebCore.xcodeproj/project.pbxproj: Ditto.
3299         * mathml/MathMLAllInOne.cpp: Ditto.
3300         * mathml/MathMLInlineContainerElement.cpp: Remove handling of scripts.
3301         (WebCore::MathMLInlineContainerElement::createElementRenderer): Deleted.
3302         * mathml/MathMLScriptsElement.cpp: Added. New class to handle scripted elements supporting
3303         parsing for the subscriptshift and superscriptshift MathML lengths.
3304         (WebCore::MathMLScriptsElement::MathMLScriptsElement):
3305         (WebCore::MathMLScriptsElement::create):
3306         (WebCore::MathMLScriptsElement::subscriptShift): Expose the cached length for the shift,
3307         parsing the attribute again if necessary.
3308         (WebCore::MathMLScriptsElement::superscriptShift): Ditto.
3309         (WebCore::MathMLScriptsElement::parseAttribute): Mark attributes dirty.
3310         (WebCore::MathMLScriptsElement::createElementRenderer): Create RenderMathMLScripts.
3311         * mathml/MathMLScriptsElement.h: Ditto.
3312         * mathml/mathtags.in: Map msub, msup, msubsup and mmultiscripts to MathMLScriptsElement.
3313         * rendering/mathml/RenderMathMLScripts.cpp:
3314         (WebCore::RenderMathMLScripts::scriptsElement): Helper function to cast the node to a
3315         MathMLScriptsElement.
3316         (WebCore::RenderMathMLScripts::getScriptMetricsAndLayoutIfNeeded): Resolve the attributes
3317         using the functions from the MathMLScriptsElement class.
3318         * rendering/mathml/RenderMathMLScripts.h: Declare scriptsElement.
3319
3320 2016-07-18  Frederic Wang  <fwang@igalia.com>
3321
3322         Do not store gap and shift parameters on RenderMathMLFraction
3323         https://bugs.webkit.org/show_bug.cgi?id=159876
3324
3325         Reviewed by Darin Adler.
3326
3327         After r203285, the stack and fraction layout parameters are only used in layoutBlock so we
3328         do not need to store them on the class. We remove them and split updateLayoutParameters into
3329         three functions: one to update the linethickness and two others to retrieve the fraction and
3330         stack respectively.
3331
3332         No new tests, rendering is unchanged.
3333
3334         * rendering/mathml/RenderMathMLFraction.cpp:
3335         (WebCore::RenderMathMLFraction::updateLineThickness): Move code to update thickness members here.
3336         (WebCore::RenderMathMLFraction::getFractionParameters): Move code to retrieve fraction parameters here.
3337         (WebCore::RenderMathMLFraction::getStackParameters): Move code to retrieve stack parameters here.
3338         (WebCore::RenderMathMLFraction::layoutBlock): Use the new helper functions and local variables
3339         for fraction and stack parameters.
3340         (WebCore::RenderMathMLFraction::updateLayoutParameters): Deleted.
3341         * rendering/mathml/RenderMathMLFraction.h: Declare new helper functions and remove members
3342         for stack and fraction parameters.
3343
3344 2016-07-18  Chris Dumez  <cdumez@apple.com>
3345
3346         input.formEnctype / formMethod and button.formEnctype / formMethod / type should treat null as "null"
3347         https://bugs.webkit.org/show_bug.cgi?id=159908
3348
3349         Reviewed by Alex Christensen.
3350
3351         input.formEnctype / formMethod and button.formEnctype / formMethod / type
3352         should treat null as "null" String:
3353         - https://html.spec.whatwg.org/multipage/forms.html#htmlinputelement
3354         - https://html.spec.whatwg.org/multipage/forms.html#htmlbuttonelement
3355
3356         In WebKit, we would treat null as a null String which would end up
3357         removing the corresponding attribute. This does not match the
3358         specification. Firefox and Chrome match the specification here.
3359
3360         Tests:
3361         - fast/dom/HTMLButtonElement/null-handling.html
3362         - fast/dom/HTMLInputElement/null-handling.html
3363
3364         * html/HTMLButtonElement.idl:
3365         * html/HTMLInputElement.idl:
3366
3367 2016-07-18  Alex Christensen  <achristensen@webkit.org>
3368
3369         webbookmarksd needs to use the same AppCache directory as MobileSafari
3370         https://bugs.webkit.org/show_bug.cgi?id=159912
3371
3372         Reviewed by Alexey Proskuryakov.
3373
3374         No new tests.  This only changes behavior for webbookmarksd.
3375
3376         * platform/RuntimeApplicationChecks.h:
3377         * platform/RuntimeApplicationChecks.mm:
3378         (WebCore::IOSApplication::isWebBookmarksD): Added.
3379
3380 2016-07-18  Chris Dumez  <cdumez@apple.com>
3381
3382         EventTarget.dispatchEvent() parameter should not be nullable
3383         https://bugs.webkit.org/show_bug.cgi?id=159897
3384
3385         Reviewed by Benjamin Poulain.
3386
3387         EventTarget.dispatchEvent() parameter should not be nullable:
3388         - https://dom.spec.whatwg.org/#interface-eventtarget
3389
3390         Even though the parameter was marked as nullable in our IDL, our
3391         implementation does a null check and we already throw a TypeError
3392         when calling dispatchEvent(null).
3393
3394         Update our IDL so that it matches the specification and so that
3395         the null check is generated in the bindings instead.
3396
3397         No new tests, rebaseline existing tests.
3398
3399         * dom/EventTarget.cpp:
3400         (WebCore::EventTarget::dispatchEventForBindings):
3401         * dom/EventTarget.h:
3402         * dom/EventTarget.idl:
3403
3404 2016-07-18  Chris Dumez  <cdumez@apple.com>
3405
3406         DocType's publicId / systemId should not be nullable
3407         https://bugs.webkit.org/show_bug.cgi?id=159901
3408
3409         Reviewed by Benjamin Poulain.
3410
3411         DocType's publicId / systemId should not be nullable. While they were
3412         not marked as nullable in our IDL, they could be stored as null Strings
3413         in our implementation depending on how the Node was constructed. This
3414         led to subtle bugs where String() != emptyString().
3415
3416         In particular, Node.isEqualNode() would return false when DocumentType
3417         nodes would mismatch because of their publicId / systemId being null
3418         instead of the emptyString.
3419
3420         Serialization would DocumentType nodes would also be wrong when
3421         publicId / systemId were empty Strings instead of null strings. The
3422         new behavior now matches:
3423         - https://www.w3.org/TR/DOM-Parsing/#dfn-concept-serialize-doctype (steps 7-9)
3424
3425         To address these issues, we now always store publicId / systemId as
3426         non-null Strings inside the DocumentType class.
3427
3428         Test: fast/dom/DocumentType/isEqualNode.html
3429
3430         * dom/DocumentType.cpp:
3431         (WebCore::DocumentType::DocumentType):
3432         * editing/MarkupAccumulator.cpp:
3433         (WebCore::MarkupAccumulator::appendDocumentType):
3434
3435 2016-07-18  Jeremy Jones  <jeremyj@apple.com>
3436
3437         If previous media session interruptions were prevented, still allow subsequent interruptions to try.
3438         https://bugs.webkit.org/show_bug.cgi?id=157553
3439         rdar://problem/25740804
3440
3441         Reviewed by Eric Carlson.
3442
3443         Test: platform/ios-simulator/media/video-interruption-suspendunderlock.html
3444
3445         When suspending under lock on iOS, there is first a resign active event, then a
3446         suspend under lock. PiP prevents resign active from interrupting playback. But it should allow the
3447         suspend under lock to interrupt playback.
3448
3449         Currently if there are nested interruptions only the first one is acted upon.
3450
3451         This change allows subsequent, nested interruptions to have a chance to interrupt playback if the
3452         previous interruptions were ignored.
3453
3454         This test is for iPad only, so it must be run manually.
3455
3456         * html/HTMLMediaElement.cpp:
3457         (WebCore::HTMLMediaElement::shouldOverrideBackgroundPlaybackRestriction):
3458         * platform/audio/PlatformMediaSession.cpp:
3459         (WebCore::PlatformMediaSession::beginInterruption):
3460         * testing/Internals.cpp:
3461         (WebCore::Internals::beginMediaSessionInterruption):
3462
3463 2016-07-18  Brent Fulgham  <bfulgham@apple.com>
3464
3465         Don't associate form-associated elements with forms in other trees.
3466         https://bugs.webkit.org/show_bug.cgi?id=119451
3467         <rdar://problem/27382946>
3468
3469         Change is based on the Blink change (patch by <adamk@chromium.org>):
3470         <https://chromium.googlesource.com/chromium/blink/+/0b33128be67e7845d495d5219614c02ccfe7a414>
3471
3472         Reviewed by Chris Dumez.
3473
3474         Prevent elements from being associated with forms that are not part of the same home subtree.
3475         This brings us in line with the WhatWG HTML specification as of September, 2013.
3476
3477         Tests: fast/forms/image-disconnected-during-parse.html
3478                fast/forms/input-disconnected-during-parse.html
3479
3480         * dom/Element.h:
3481         (WebCore::Node::rootElement): Added.
3482         * html/FormAssociatedElement.cpp:
3483         (WebCore::FormAssociatedElement::insertedInto): If the element is associated with a form that
3484         is not part of the same tree, remove the association.
3485         * html/HTMLImageElement.cpp:
3486         (WebCore::HTMLImageElement::insertedInto): Ditto.
3487
3488 2016-07-18  Anders Carlsson  <andersca@apple.com>
3489
3490         WebKit nightly fails to build on macOS Sierra
3491         https://bugs.webkit.org/show_bug.cgi?id=159902
3492         rdar://problem/27365672
3493
3494         Reviewed by Tim Horton.
3495
3496         * Modules/applepay/cocoa/PaymentCocoa.mm:
3497         * Modules/applepay/cocoa/PaymentContactCocoa.mm:
3498         * Modules/applepay/cocoa/PaymentMerchantSessionCocoa.mm:
3499         * Modules/applepay/cocoa/PaymentMethodCocoa.mm:
3500         Use new PassKitSPI header.
3501
3502         * WebCore.xcodeproj/project.pbxproj:
3503         Add new PassKitSPI header.
3504
3505         * icu/unicode/ucurr.h: Added.
3506         Add ucurr.h from ICU.
3507
3508         * platform/spi/cocoa/PassKitSPI.h: Added.
3509         Add new PassKitSPI header.
3510
3511 2016-07-18  Dean Jackson  <dino@apple.com>
3512
3513         REGRESSION (r202950): Image zoom animations are broken at medium.com (159861)
3514         https://bugs.webkit.org/show_bug.cgi?id=159906
3515         <rdar://problem/27391725>
3516
3517         Reviewed by Simon Fraser.
3518
3519         The fix for webkit.org/b/157569 in r200769 broke AMP pages.
3520         The followup fix for webkit.org/b/159450 in r202950 broke Medium pages.
3521
3522         Revert them both until we have better testing.
3523
3524         * css/CSSParser.cpp:
3525         (WebCore::CSSParser::addPropertyWithPrefixingVariant):
3526         (WebCore::CSSParser::parseValue):
3527         (WebCore::CSSParser::parseAnimationShorthand):
3528         (WebCore::CSSParser::parseTransitionShorthand): Deleted.
3529         * css/CSSPropertyNames.in:
3530         * css/PropertySetCSSStyleDeclaration.cpp:
3531         (WebCore::PropertySetCSSStyleDeclaration::getPropertyCSSValue):
3532         (WebCore::PropertySetCSSStyleDeclaration::getPropertyValue):
3533         (WebCore::PropertySetCSSStyleDeclaration::getPropertyCSSValueInternal):
3534         (WebCore::PropertySetCSSStyleDeclaration::getPropertyValueInternal):
3535         * css/StyleProperties.cpp:
3536         (WebCore::MutableStyleProperties::removeShorthandProperty):
3537         (WebCore::MutableStyleProperties::removeProperty):
3538         (WebCore::MutableStyleProperties::removePrefixedOrUnprefixedProperty):
3539         (WebCore::MutableStyleProperties::setProperty):
3540         (WebCore::getIndexInShorthandVectorForPrefixingVariant):
3541         (WebCore::MutableStyleProperties::appendPrefixingVariantProperty):
3542         (WebCore::MutableStyleProperties::setPrefixingVariantProperty):
3543         (WebCore::StyleProperties::asText): Deleted.
3544         * css/StyleProperties.h:
3545
3546 2016-07-18  Andreas Kling  <akling@apple.com>
3547
3548         There should be a way to simulate memory pressure in layout tests
3549         <https://webkit.org/b/159743>
3550
3551         Reviewed by Simon Fraser.
3552
3553         Add three window.internal APIs:
3554
3555             - boolean isUnderMemoryPressure (readonly attribute)
3556             - void beginSimulatedMemoryPressure()
3557             - void endSimulatedMemoryPressure()
3558
3559         These make it possible to write tests that exercise behaviors that only
3560         occur during memory pressure situations.
3561
3562         I also implemented the "org.WebKit.lowMemory" notification handler using the new API.
3563
3564         Test: memory/memory-pressure-simulation.html
3565
3566         * platform/MemoryPressureHandler.cpp:
3567         (WebCore::MemoryPressureHandler::beginSimulatedMemoryPressure):
3568         (WebCore::MemoryPressureHandler::endSimulatedMemoryPressure):
3569         * platform/MemoryPressureHandler.h:
3570         (WebCore::MemoryPressureHandler::isUnderMemoryPressure):
3571         * platform/cocoa/MemoryPressureHandlerCocoa.mm:
3572         (WebCore::MemoryPressureHandler::platformReleaseMemory):
3573         (WebCore::MemoryPressureHandler::install):
3574         * testing/Internals.cpp:
3575         (WebCore::Internals::isUnderMemoryPressure):
3576         (WebCore::Internals::beginSimulatedMemoryPressure):
3577         (WebCore::Internals::endSimulatedMemoryPressure):
3578         * testing/Internals.h:
3579         * testing/Internals.idl:
3580
3581 2016-07-18  Said Abou-Hallawa  <sabouhallawa@apple,com>
3582
3583         [iOS] PDFDocumentImage should cache only a sub image of the PDF when caching the whole image is expensive
3584         https://bugs.webkit.org/show_bug.cgi?id=158715
3585
3586         Reviewed by Dean Jackson.
3587
3588         Test: fast/images/displaced-non-cached-pdf.html
3589
3590         For iOS, we need to ensure the size of the cached PDF images will not
3591         exceed some limit. Also we should be caching only a sub image of the PDF
3592         if caching the whole image will exceed the memory limit.
3593
3594         * page/Settings.cpp:
3595         (WebCore::Settings::Settings):
3596         (WebCore::Settings::setCachedPDFImageEnabled):
3597         * page/Settings.h:
3598         (WebCore::Settings::isCachedPDFImageEnabled):
3599             Add an option to disable caching the PDF images.
3600
3601         * platform/graphics/cg/PDFDocumentImage.cpp:
3602         (WebCore::PDFDocumentImage::setCachedPDFImageEnabled):
3603             Allow the caller of draw() to disable caching the PDF images.
3604         
3605         (WebCore::PDFDocumentImage::cacheParametersMatch):
3606             Match the context dirty rectangle with the cached image rectangle.
3607         
3608         (WebCore::transformContextForPainting):
3609             When preparing the context for drawing the PDF, take the location 
3610             of the destination rectangle into account. We do not need to scale
3611             the location of the source rectangle because we scale the size of
3612             the rectangle but we don't scale the whole coordinate system.
3613
3614         (WebCore::cachedImageRect):
3615             Calculate the rectangle of the cached image such that it does not
3616             exceed the limit. Start from the center of the dirty rectangle and
3617             then expand around it.
3618             
3619         (WebCore::PDFDocumentImage::decodedSizeChanged):
3620             In addition to notifying the ImageObserver, it keeps track of the size
3621             of all the cached PDF images.
3622
3623         (WebCore::PDFDocumentImage::updateCachedImageIfNeeded):
3624             Ensure the size of all the cached images does not exceed the limit
3625             
3626         (WebCore::PDFDocumentImage::destroyDecodedData):
3627         * platform/graphics/cg/PDFDocumentImage.h:
3628
3629         * rendering/RenderImage.cpp:
3630         (WebCore::RenderImage::paintIntoRect):
3631             Pass the option to disable caching the PDF images to PDFDocumentImage.
3632
3633         * testing/InternalSettings.cpp:
3634         (WebCore::InternalSettings::Backup::Backup):
3635         (WebCore::InternalSettings::Backup::restoreTo):
3636         (WebCore::InternalSettings::setCachedPDFImageEnabled):
3637         * testing/InternalSettings.h:
3638         * testing/InternalSettings.idl:
3639             Add an internal option to disable caching the PDF images.
3640
3641 2016-07-18  Chris Dumez  <cdumez@apple.com>
3642
3643         The 2 first parameters to addEventListener() / removeEventListener() should be mandatory
3644         https://bugs.webkit.org/show_bug.cgi?id=158008
3645
3646         Reviewed by Darin Adler.
3647
3648         The 2 first parameters to addEventListener() / removeEventListener() should be
3649         mandatory:
3650         - https://dom.spec.whatwg.org/#interface-eventtarget
3651
3652         Firefox 46 and Chrome 50 both match the specification and throw an exception when those
3653         parameters are omitted. However, those parameters were marked as optional in WebKit and
3654         the calls were no-ops if those parameters were omitted. This patch aligns our behavior
3655         with the specification and other browsers.
3656
3657         Test: fast/dom/eventtarget-api-parameters.html
3658
3659         * bindings/scripts/CodeGeneratorJS.pm:
3660         (GetFunctionLength): Deleted.
3661         * dom/EventTarget.idl:
3662
3663 2016-07-18  Brent Fulgham  <bfulgham@apple.com>
3664
3665         Unreviewed, rolling out r203373.
3666
3667         Unaddressed
3668
3669         Reverted changeset:
3670
3671         "Don't associate form-associated elements with forms in other
3672         trees."
3673         https://bugs.webkit.org/show_bug.cgi?id=119451
3674         http://trac.webkit.org/changeset/203373
3675
3676 2016-07-18  Brent Fulgham  <bfulgham@apple.com>
3677
3678         Don't associate form-associated elements with forms in other trees.
3679         https://bugs.webkit.org/show_bug.cgi?id=119451
3680         <rdar://problem/27382946>
3681
3682         Change is based on the Blink change (patch by <adamk@chromium.org>):
3683         <https://chromium.googlesource.com/chromium/blink/+/0b33128be67e7845d495d5219614c02ccfe7a414>
3684
3685         Reviewed by Zalan Bujtas.
3686
3687         Prevent elements from being associated with forms that are not part of the same home subtree.
3688         This brings us in line with the WhatWG HTML specification as of September, 2013.
3689
3690         Tests: fast/forms/image-disconnected-during-parse.html
3691                fast/forms/input-disconnected-during-parse.html
3692
3693         * dom/NodeTraversal.h:
3694         (WebCore::NodeTraversal::highestAncestorOrSelf): Added.
3695         * html/FormAssociatedElement.cpp:
3696         (WebCore::FormAssociatedElement::insertedInto): If the element is associated with a form that
3697         is not part of the same tree, remove the association.
3698         * html/HTMLImageElement.cpp:
3699         (WebCore::HTMLImageElement::insertedInto): Ditto.
3700
3701 2016-07-18  George Ruan  <gruan@apple.com>
3702
3703         Move MediaSampleAVFObjC into its own file
3704         https://bugs.webkit.org/show_bug.cgi?id=159796
3705         <rdar://problem/27362488>
3706
3707         In preparation for a feature that uses MediaSampleAVFObjC, but does
3708         not need SourceBufferPrivateAVFObjC, it is beneficial to move
3709         MediaSampleAVFObjC to its own file.
3710
3711         Reviewed by Eric Carlson.
3712
3713         * WebCore.xcodeproj/project.pbxproj:
3714         * platform/MediaSample.h: Allow setting trackID to associate
3715         MediaSample id with MediaStreamTrackPrivate id.
3716         * platform/graphics/avfoundation/MediaSampleAVFObjC.h: Added.
3717         * platform/graphics/avfoundation/objc/MediaSampleAVFObjC.mm: Moved
3718         from MediaSampleAVFObjC
3719         (WebCore::MediaSampleAVFObjC::presentationTime):
3720         (WebCore::MediaSampleAVFObjC::decodeTime):
3721         (WebCore::MediaSampleAVFObjC::duration):
3722         (WebCore::MediaSampleAVFObjC::sizeInBytes):
3723         (WebCore::MediaSampleAVFObjC::platformSample):
3724         (WebCore::CMSampleBufferIsRandomAccess):
3725         (WebCore::MediaSampleAVFObjC::flags):
3726         (WebCore::MediaSampleAVFObjC::presentationSize):
3727         (WebCore::MediaSampleAVFObjC::dump):
3728         (WebCore::MediaSampleAVFObjC::offsetTimestampsBy):
3729         (WebCore::MediaSampleAVFObjC::setTimestamps):
3730         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
3731         Moved MediaSampleAVFObjC to its own file.
3732         (WebCore::MediaSampleAVFObjC::platformSample): Deleted.
3733         (WebCore::CMSampleBufferIsRandomAccess): Deleted.
3734         (WebCore::MediaSampleAVFObjC::flags): Deleted.
3735         (WebCore::MediaSampleAVFObjC::presentationSize): Deleted.
3736         (WebCore::MediaSampleAVFObjC::dump): Deleted.
3737         (WebCore::MediaSampleAVFObjC::offsetTimestampsBy): Deleted.
3738         (WebCore::MediaSampleAVFObjC::setTimestamps): Deleted.
3739         * platform/mock/mediasource/MockSourceBufferPrivate.cpp:
3740
3741 2016-07-18  Eric Carlson  <eric.carlson@apple.com>
3742
3743         [MSE][Mac] Pass AVSampleBufferDisplayLayer HDCP status to a newly created key session
3744         https://bugs.webkit.org/show_bug.cgi?id=159812
3745         <rdar://problem/27371624>
3746
3747         Reviewed by Jon Lee.
3748
3749         No new tests, it isn't possible to test this with our current testing infrastructure.
3750
3751         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.h:
3752         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
3753         (WebCore::SourceBufferPrivateAVFObjC::setCDMSession): Call layerDidReceiveError if there has
3754         been an HDCP error.
3755         (WebCore::SourceBufferPrivateAVFObjC::rendererDidReceiveError): Remember an HDCP error.
3756
3757 2016-07-18  Yoav Weiss  <yoav@yoav.ws>
3758
3759         Add preload to features.json
3760         https://bugs.webkit.org/show_bug.cgi?id=159872
3761
3762         Reviewed by Darin Adler.
3763
3764         No new tests but no functional change.
3765
3766         * features.json:
3767
3768 2016-07-18  Youenn Fablet  <youenn@apple.com>
3769
3770         [Streams API] ReadableStream should throw a RangeError in case of NaN highWaterMark
3771         https://bugs.webkit.org/show_bug.cgi?id=159870
3772
3773         Reviewed by Xabier Rodriguez-Calvar.
3774
3775         Covered by rebased test.
3776
3777         * Modules/streams/StreamInternals.js:
3778         (validateAndNormalizeQueuingStrategy): Throwing a RangeError in lieu of a TypeError in case of NaN highWaterMark.
3779
3780 2016-07-18  Csaba Osztrogon√°c  <ossy@webkit.org>
3781
3782         Windows buildfix after r203338
3783         https://bugs.webkit.org/show_bug.cgi?id=159875
3784
3785         Unreviewed buildfix.
3786
3787         * dom/UserGestureIndicator.h:
3788         (WebCore::UserGestureToken::addDestructionObserver):
3789
3790 2016-07-18  Carlos Garcia Campos  <cgarcia@igalia.com>
3791
3792         MemoryPressureHandler doesn't work if cgroups aren't present in Linux
3793         https://bugs.webkit.org/show_bug.cgi?id=155255
3794
3795         Reviewed by Sergio Villar Senin.
3796
3797         Allow to pass an eventFD file descriptor to the MemoryPressureHandler to be monitorized in case cgroups are not
3798         available.
3799
3800         * platform/MemoryPressureHandler.h:
3801         * platform/linux/MemoryPressureHandlerLinux.cpp:
3802
3803 2016-07-17  Gyuyoung Kim  <gyuyoung.kim@webkit.org>
3804
3805         Clean up PassRefPtr uses in Modules/encryptedmedia, Modules/speech, and Modules/quota
3806         https://bugs.webkit.org/show_bug.cgi?id=159701
3807
3808         Reviewed by Alex Christensen.
3809
3810         No new tests, no behavior changes.
3811
3812         * Modules/encryptedmedia/CDM.h:
3813         * Modules/encryptedmedia/MediaKeySession.h:
3814         * Modules/encryptedmedia/MediaKeys.h:
3815         * Modules/quota/DOMWindowQuota.cpp:
3816         * Modules/quota/StorageErrorCallback.cpp:
3817         (WebCore::StorageErrorCallback::CallbackTask::CallbackTask):
3818         * Modules/quota/StorageErrorCallback.h:
3819         * Modules/quota/StorageInfo.h:
3820         * Modules/quota/StorageQuota.h:
3821         * Modules/speech/DOMWindowSpeechSynthesis.cpp:
3822         * Modules/speech/SpeechSynthesis.cpp:
3823         (WebCore::SpeechSynthesis::getVoices):
3824         (WebCore::SpeechSynthesis::startSpeakingImmediately):
3825         (WebCore::SpeechSynthesis::speak):
3826         (WebCore::SpeechSynthesis::cancel):
3827         (WebCore::SpeechSynthesis::handleSpeakingCompleted):
3828         (WebCore::SpeechSynthesis::boundaryEventOccurred):
3829         (WebCore::SpeechSynthesis::didStartSpeaking):
3830         (WebCore::SpeechSynthesis::didPauseSpeaking):
3831         (WebCore::SpeechSynthesis::didResumeSpeaking):
3832         (WebCore::SpeechSynthesis::didFinishSpeaking):
3833         (WebCore::SpeechSynthesis::speakingErrorOccurred):
3834         * Modules/speech/SpeechSynthesis.h:
3835         * Modules/speech/SpeechSynthesisEvent.h:
3836         * Modules/speech/SpeechSynthesisUtterance.h:
3837         * Modules/speech/SpeechSynthesisVoice.cpp:
3838         (WebCore::SpeechSynthesisVoice::create):
3839         (WebCore::SpeechSynthesisVoice::SpeechSynthesisVoice):
3840         * Modules/speech/SpeechSynthesisVoice.h:
3841         * platform/PlatformSpeechSynthesizer.h:
3842         * platform/efl/PlatformSpeechSynthesisProviderEfl.cpp:
3843         (WebCore::PlatformSpeechSynthesisProviderEfl::fireSpeechEvent):
3844         * platform/mock/PlatformSpeechSynthesizerMock.cpp:
3845         (WebCore::PlatformSpeechSynthesizerMock::speakingFinished):
3846         (WebCore::PlatformSpeechSynthesizerMock::speak):
3847         (WebCore::PlatformSpeechSynthesizerMock::cancel):
3848         (WebCore::PlatformSpeechSynthesizerMock::pause):
3849         (WebCore::PlatformSpeechSynthesizerMock::resume):
3850
3851 2016-07-16  Sam Weinig  <sam@webkit.org>
3852
3853         [WebKit API] Add SPI to track multiple navigations caused by a single user gesture
3854         <rdar://problem/26554137>
3855         https://bugs.webkit.org/show_bug.cgi?id=159856
3856
3857         Reviewed by Dan Bernstein.
3858
3859         - Adds a new RefCounted object to represent a unique user gesture, called UserGestureToken.
3860         - Makes UserGestureIndicator track UserGestureToken.
3861         - Refines UserGestureIndicator's interface to use Optional and a smaller enum set
3862           to represent the different initial states.
3863         - Stores UserGestureTokens on objects that want to forward user gesture state (DOMTimer, 
3864           postMessage, and ScheduledNavigation) rather than just a boolean.
3865
3866         * accessibility/AccessibilityNodeObject.cpp:
3867         (WebCore::AccessibilityNodeObject::increment):
3868         (WebCore::AccessibilityNodeObject::decrement):
3869         * accessibility/AccessibilityObject.cpp:
3870         (WebCore::AccessibilityObject::press):
3871         * bindings/js/ScriptController.cpp:
3872         (WebCore::ScriptController::executeScriptInWorld):
3873         (WebCore::ScriptController::executeScript):
3874         Update for new UserGestureIndicator interface.
3875
3876         * dom/UserGestureIndicator.cpp:
3877         (WebCore::currentToken):
3878         (WebCore::UserGestureToken::~UserGestureToken):
3879         (WebCore::UserGestureIndicator::UserGestureIndicator):
3880         (WebCore::UserGestureIndicator::~UserGestureIndicator):
3881         (WebCore::UserGestureIndicator::currentUserGesture):
3882         (WebCore::UserGestureIndicator::processingUserGesture):
3883         (WebCore::UserGestureIndicator::processingUserGestureForMedia):
3884         (WebCore::isDefinite): Deleted.
3885         * dom/UserGestureIndicator.h:
3886         (WebCore::UserGestureToken::create):
3887         (WebCore::UserGestureToken::state):
3888         (WebCore::UserGestureToken::processingUserGesture):
3889         (WebCore::UserGestureToken::processingUserGestureForMedia):
3890         (WebCore::UserGestureToken::addDestructionObserver):
3891         (WebCore::UserGestureToken::UserGestureToken):
3892         Add UserGestureToken and track the current one explicitly.
3893
3894         * html/HTMLMediaElement.cpp:
3895         (WebCore::HTMLMediaElement::didReceiveRemoteControlCommand):
3896         * inspector/InspectorFrontendClientLocal.cpp:
3897         (WebCore::InspectorFrontendClientLocal::openInNewTab):
3898         * inspector/InspectorFrontendHost.cpp:
3899         * inspector/InspectorPageAgent.cpp:
3900         (WebCore::InspectorPageAgent::navigate):
3901         Update for new UserGestureIndicator interface.
3902
3903         * loader/NavigationAction.cpp:
3904         (WebCore::NavigationAction::NavigationAction):
3905         * loader/NavigationAction.h:
3906         (WebCore::NavigationAction::userGestureToken):
3907         (WebCore::NavigationAction::processingUserGesture):
3908         * loader/NavigationScheduler.cpp:
3909         (WebCore::ScheduledNavigation::ScheduledNavigation):
3910         (WebCore::ScheduledNavigation::~ScheduledNavigation):
3911         (WebCore::ScheduledNavigation::lockBackForwardList):
3912         (WebCore::ScheduledNavigation::wasDuringLoad):
3913         (WebCore::ScheduledNavigation::isLocationChange):
3914         (WebCore::ScheduledNavigation::userGestureToForward):
3915         (WebCore::ScheduledNavigation::clearUserGesture):
3916         (WebCore::NavigationScheduler::mustLockBackForwardList):
3917         (WebCore::NavigationScheduler::scheduleFormSubmission):
3918         (WebCore::ScheduledNavigation::wasUserGesture): Deleted.
3919         * page/DOMTimer.cpp:
3920         (WebCore::shouldForwardUserGesture):
3921         (WebCore::userGestureTokenToForward):
3922         (WebCore::DOMTimer::DOMTimer):
3923         (WebCore::DOMTimer::fired):
3924         * page/DOMTimer.h:
3925         * page/DOMWindow.cpp:
3926         (WebCore::PostMessageTimer::PostMessageTimer):
3927         Store the active UserGestureToken rather than just a bit.
3928
3929         * page/EventHandler.cpp:
3930         (WebCore::EventHandler::handleMousePressEvent):
3931         (WebCore::EventHandler::handleMouseDoubleClickEvent):
3932         (WebCore::EventHandler::handleMouseReleaseEvent):
3933         (WebCore::EventHandler::keyEvent):
3934         (WebCore::EventHandler::handleTouchEvent):
3935         * rendering/HitTestResult.cpp:
3936         (WebCore::HitTestResult::toggleMediaFullscreenState):
3937         (WebCore::HitTestResult::enterFullscreenForVideo):
3938         (WebCore::HitTestResult::toggleEnhancedFullscreenForVideo):
3939         Update for new UserGestureIndicator interface.
3940
3941 2016-07-17  Ryosuke Niwa  <rniwa@webkit.org>
3942
3943         Rename fastHasAttribute to hasAttributeWithoutSynchronization
3944         https://bugs.webkit.org/show_bug.cgi?id=159864
3945
3946         Reviewed by Chris Dumez.
3947
3948         Renamed Rename fastHasAttribute to hasAttributeWithoutSynchronization for clarity.
3949
3950         * accessibility/AccessibilityListBoxOption.cpp:
3951         (WebCore::AccessibilityListBoxOption::isEnabled):
3952         * accessibility/AccessibilityObject.cpp:
3953         (WebCore::AccessibilityObject::hasAttribute):
3954         (WebCore::AccessibilityObject::getAttribute):
3955         * accessibility/AccessibilityRenderObject.cpp:
3956         (WebCore::AccessibilityRenderObject::determineAccessibilityRole):
3957         * bindings/scripts/CodeGenerator.pm:
3958         (GetterExpression):
3959         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
3960         * bindings/scripts/test/JS/JSTestObj.cpp:
3961         (WebCore::jsTestObjReflectedBooleanAttr):
3962         (WebCore::jsTestObjReflectedCustomBooleanAttr):
3963         * bindings/scripts/test/ObjC/DOMTestObj.mm:
3964         (-[DOMTestObj reflectedBooleanAttr]):
3965         (-[DOMTestObj setReflectedBooleanAttr:]):
3966         (-[DOMTestObj reflectedCustomBooleanAttr]):
3967         (-[DOMTestObj setReflectedCustomBooleanAttr:]):
3968         * dom/Document.cpp:
3969         (WebCore::Document::hasManifest):
3970         (WebCore::Document::doctype):
3971         * dom/Element.h:
3972         (WebCore::Node::parentElement):
3973         (WebCore::Element::hasAttributeWithoutSynchronization):
3974         (WebCore::Element::fastHasAttribute): Deleted.
3975         * editing/ApplyStyleCommand.cpp:
3976         (WebCore::ApplyStyleCommand::removeEmbeddingUpToEnclosingBlock):
3977         * editing/DeleteSelectionCommand.cpp:
3978         (WebCore::DeleteSelectionCommand::makeStylingElementsDirectChildrenOfEditableRootToPreventStyleLoss):
3979         * editing/markup.cpp:
3980         (WebCore::createMarkupInternal):
3981         * html/ColorInputType.cpp:
3982         (WebCore::ColorInputType::shouldShowSuggestions):
3983         * html/FileInputType.cpp:
3984         (WebCore::FileInputType::handleDOMActivateEvent):
3985         (WebCore::FileInputType::receiveDroppedFiles):
3986         * html/FormAssociatedElement.cpp:
3987         (WebCore::FormAssociatedElement::didMoveToNewDocument):
3988         (WebCore::FormAssociatedElement::insertedInto):
3989         (WebCore::FormAssociatedElement::removedFrom):
3990         (WebCore::FormAssociatedElement::formAttributeChanged):