b80e79b9e74c6e552ccda1bd18385f1045665d5d
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2012-05-11  Sheriff Bot  <webkit.review.bot@gmail.com>
2
3         Unreviewed, rolling out r116727.
4         http://trac.webkit.org/changeset/116727
5         https://bugs.webkit.org/show_bug.cgi?id=86181
6
7         Build error on Chromium-Android (Requested by tkent on
8         #webkit).
9
10         * platform/graphics/MediaPlayer.cpp:
11         (WebCore::MediaPlayer::enterFullscreen):
12         (WebCore):
13         * platform/graphics/MediaPlayer.h:
14         (MediaPlayer):
15         * platform/graphics/MediaPlayerPrivate.h:
16         (WebCore::MediaPlayerPrivateInterface::enterFullscreen):
17         (MediaPlayerPrivateInterface):
18
19 2012-05-11  Sheriff Bot  <webkit.review.bot@gmail.com>
20
21         Unreviewed, rolling out r116731.
22         http://trac.webkit.org/changeset/116731
23         https://bugs.webkit.org/show_bug.cgi?id=86178
24
25         Build failure on Chromium-mac (Requested by tkent on #webkit).
26
27         * platform/graphics/chromium/LayerRendererChromium.cpp:
28         (WebCore::LayerRendererChromium::create):
29         (WebCore::LayerRendererChromium::LayerRendererChromium):
30         (WebCore::LayerRendererChromium::initializeSharedObjects):
31         * platform/graphics/chromium/LayerRendererChromium.h:
32         (LayerRendererChromium):
33         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
34         (WebCore::CCLayerTreeHostImpl::initializeLayerRenderer):
35         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.h:
36         (CCLayerTreeHostImpl):
37         * platform/graphics/chromium/cc/CCSingleThreadProxy.cpp:
38         (UnthrottledTextureUploader):
39         (WebCore::UnthrottledTextureUploader::create):
40         (WebCore::UnthrottledTextureUploader::~UnthrottledTextureUploader):
41         (WebCore::UnthrottledTextureUploader::isBusy):
42         (WebCore::UnthrottledTextureUploader::beginUploads):
43         (WebCore::UnthrottledTextureUploader::endUploads):
44         (WebCore::UnthrottledTextureUploader::uploadTexture):
45         (WebCore::UnthrottledTextureUploader::UnthrottledTextureUploader):
46         (WebCore):
47         (WebCore::CCSingleThreadProxy::initializeLayerRenderer):
48         (WebCore::CCSingleThreadProxy::recreateContext):
49         * platform/graphics/chromium/cc/CCThreadProxy.cpp:
50         (WebCore):
51         (UnthrottledTextureUploader):
52         (WebCore::UnthrottledTextureUploader::create):
53         (WebCore::UnthrottledTextureUploader::~UnthrottledTextureUploader):
54         (WebCore::UnthrottledTextureUploader::isBusy):
55         (WebCore::UnthrottledTextureUploader::beginUploads):
56         (WebCore::UnthrottledTextureUploader::endUploads):
57         (WebCore::UnthrottledTextureUploader::uploadTexture):
58         (WebCore::UnthrottledTextureUploader::UnthrottledTextureUploader):
59         (WebCore::CCThreadProxy::initializeLayerRendererOnImplThread):
60         (WebCore::CCThreadProxy::recreateContextOnImplThread):
61
62 2012-05-10  David Reveman  <reveman@chromium.org>
63
64         [Chromium] Move instantiation of texture uploader to LayerRendererChromium.
65         https://bugs.webkit.org/show_bug.cgi?id=85893
66
67         Reviewed by Adrienne Walker.
68
69         Move instantiation of texture uploader to LayerRendererChromium and
70         allow CCProxy to decide between a throttled or unthrottled uploader
71         using a flag passed to the LayerRendererChromium constructor.
72
73         * platform/graphics/chromium/LayerRendererChromium.cpp:
74         (WebCore::LayerRendererChromium::create):
75         (WebCore::LayerRendererChromium::LayerRendererChromium):
76         (WebCore::LayerRendererChromium::initializeSharedObjects):
77         * platform/graphics/chromium/LayerRendererChromium.h:
78         (LayerRendererChromium):
79         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
80         (WebCore::CCLayerTreeHostImpl::initializeLayerRenderer):
81         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.h:
82         (CCLayerTreeHostImpl):
83         * platform/graphics/chromium/cc/CCSingleThreadProxy.cpp:
84         (WebCore::CCSingleThreadProxy::initializeLayerRenderer):
85         (WebCore::CCSingleThreadProxy::recreateContext):
86         * platform/graphics/chromium/cc/CCThreadProxy.cpp:
87         (WebCore::CCThreadProxy::initializeLayerRendererOnImplThread):
88         (WebCore::CCThreadProxy::recreateContextOnImplThread):
89
90 2012-05-10  MORITA Hajime  <morrita@google.com>
91
92         ElementShadow should minimize the usage of "ShadowRoot" name
93         https://bugs.webkit.org/show_bug.cgi?id=85970
94
95         Reviewed by Dimitri Glazkov.
96
97         This change cleans two out dated assumptions which brought in at
98         early stage of Shadow DOM implementation.
99
100         - Removed Element::hasShadowRoot(): shadow existence can be checked by Element::shadow().
101         - Made ElementShadow::removeAllShadowRoots() private: we no longer allow ShadowRoot removal.
102           It can only happens at the ElementShadow destruction.
103
104         Most of changes in element implementations are basically simple
105         replacement from hasShadowRoot() to shadow().
106
107         No new tests. Covered by existing tests.
108
109         * WebCore.exp.in:
110         * dom/ContainerNodeAlgorithms.h:
111         (WebCore::ChildFrameDisconnector::collectDescendant):
112         * dom/ComposedShadowTreeWalker.cpp:
113         (WebCore::ComposedShadowTreeWalker::traverseChild):
114         * dom/Document.cpp:
115         (WebCore::Document::buildAccessKeyMap):
116         * dom/Element.cpp:
117         (WebCore::Element::recalcStyle):
118         (WebCore::Element::ensureShadowRoot):
119         (WebCore::Element::childrenChanged):
120         * dom/Element.h:
121         (Element):
122         (WebCore::isShadowHost):
123         (WebCore):
124         * dom/ElementShadow.cpp:
125         (WebCore::ElementShadow::~ElementShadow):
126         (WebCore::ElementShadow::removeAllShadowRoots):
127         * dom/ElementShadow.h:
128         (ElementShadow):
129         (WebCore::ElementShadow::host):
130         * dom/EventDispatcher.cpp:
131         * dom/Node.cpp:
132         (WebCore::oldestShadowRootFor):
133         * dom/NodeRenderingContext.cpp:
134         (WebCore::NodeRenderingContext::NodeRenderingContext):
135         * dom/ShadowRoot.cpp:
136         (WebCore::ShadowRoot::create):
137         * html/ColorInputType.cpp:
138         (WebCore::ColorInputType::createShadowSubtree):
139         * html/FileInputType.cpp:
140         (WebCore::FileInputType::createShadowSubtree):
141         (WebCore::FileInputType::multipleAttributeChanged):
142         * html/HTMLDetailsElement.cpp:
143         (WebCore::HTMLDetailsElement::createShadowSubtree):
144         * html/HTMLInputElement.cpp:
145         (WebCore::HTMLInputElement::createShadowSubtree):
146         * html/HTMLKeygenElement.cpp:
147         (WebCore::HTMLKeygenElement::HTMLKeygenElement):
148         (WebCore::HTMLKeygenElement::shadowSelect):
149         * html/HTMLMediaElement.cpp:
150         (WebCore::HTMLMediaElement::hasMediaControls):
151         * html/HTMLMeterElement.cpp:
152         (WebCore::HTMLMeterElement::createShadowSubtree):
153         * html/HTMLProgressElement.cpp:
154         (WebCore::HTMLProgressElement::createShadowSubtree):
155         * html/HTMLSummaryElement.cpp:
156         (WebCore::HTMLSummaryElement::createShadowSubtree):
157         * html/HTMLTextAreaElement.cpp:
158         (WebCore::HTMLTextAreaElement::createShadowSubtree):
159         * html/InputType.cpp:
160         (WebCore::InputType::destroyShadowSubtree):
161         * html/RangeInputType.cpp:
162         (WebCore::RangeInputType::handleMouseDownEvent):
163         (WebCore::RangeInputType::createShadowSubtree):
164         * html/TextFieldInputType.cpp:
165         (WebCore::TextFieldInputType::createShadowSubtree):
166         * html/shadow/SliderThumbElement.cpp:
167         (WebCore::trackLimiterElementOf):
168         * inspector/InspectorDOMAgent.cpp:
169         (WebCore::InspectorDOMAgent::unbind):
170         (WebCore::InspectorDOMAgent::buildObjectForNode):
171         * page/FocusController.cpp:
172         (WebCore):
173         * rendering/RenderFileUploadControl.cpp:
174         (WebCore::RenderFileUploadControl::uploadButton):
175         * svg/SVGTRefElement.cpp:
176         (WebCore::SVGTRefElement::updateReferencedText):
177         (WebCore::SVGTRefElement::detachTarget):
178         * testing/Internals.cpp:
179         (WebCore::Internals::ensureShadowRoot):
180         (WebCore::Internals::youngestShadowRoot):
181         (WebCore::Internals::oldestShadowRoot):
182         * testing/Internals.h:
183         (Internals):
184         * testing/Internals.idl:
185
186 2012-05-10  Gyuyoung Kim  <gyuyoung.kim@samsung.com>
187
188         Move resumeAnimations to use Internals interface
189         https://bugs.webkit.org/show_bug.cgi?id=86063
190
191         Reviewed by Alexey Proskuryakov.
192
193         Add resumeAnimations functions, because it is able to work in the
194         cross-port way through the Internals interface.
195
196         No new tests, since we are improving here the infra-structure for testing
197         a specific method.
198
199         * testing/Internals.cpp:
200         (WebCore::Internals::resumeAnimations):
201         (WebCore):
202         * testing/Internals.h:
203         (Internals):
204         * testing/Internals.idl:
205
206 2012-05-10  Min Qin  <qinmin@google.com>
207
208         split MediaPlayer::enterFullscreen into 2 seperate functions
209         https://bugs.webkit.org/show_bug.cgi?id=86052
210
211         Reviewed by Benjamin Poulain.
212
213         It is confusing that enterFullscreen returns a boolean while exitFullscreen does
214         not do the same. And ios does not need the return value.
215         So remove the return value on enterFullscreen and make a seperate canEnterFullscreen()
216         function for android.
217         No tests as there are no behavior change, just refactoring.
218
219         * platform/graphics/MediaPlayer.cpp:
220         (WebCore::MediaPlayer::enterFullscreen):
221         (WebCore):
222         (WebCore::MediaPlayer::canEnterFullscreen):
223         * platform/graphics/MediaPlayer.h:
224         (MediaPlayer):
225         * platform/graphics/MediaPlayerPrivate.h:
226         (WebCore::MediaPlayerPrivateInterface::enterFullscreen):
227         (MediaPlayerPrivateInterface):
228         (WebCore::MediaPlayerPrivateInterface::canEnterFullscreen):
229
230 2012-05-10  Sheriff Bot  <webkit.review.bot@gmail.com>
231
232         Unreviewed, rolling out r116715.
233         http://trac.webkit.org/changeset/116715
234         https://bugs.webkit.org/show_bug.cgi?id=86172
235
236         Broke http/tests/security/cross-frame-access-selection.html
237         (Requested by tkent on #webkit).
238
239         * dom/Document.cpp:
240         (WebCore):
241         (WebCore::Document::getSelection):
242         * dom/Document.h:
243         (Document):
244         * dom/ShadowRoot.cpp:
245         (WebCore::ShadowRoot::selection):
246         * dom/TreeScope.cpp:
247         (WebCore::TreeScope::~TreeScope):
248         * dom/TreeScope.h:
249         (WebCore):
250         (TreeScope):
251         * page/DOMSelection.cpp:
252         (WebCore::DOMSelection::DOMSelection):
253         * page/DOMSelection.h:
254         (WebCore):
255         (WebCore::DOMSelection::create):
256         (DOMSelection):
257         * page/DOMWindow.cpp:
258         (WebCore::DOMWindow::~DOMWindow):
259         (WebCore::DOMWindow::clearDOMWindowProperties):
260         (WebCore::DOMWindow::getSelection):
261         * page/DOMWindow.h:
262         (DOMWindow):
263
264 2012-05-10  Hajime Morrita  <morrita@google.com>
265
266         WebKit should support tab-size.
267         https://bugs.webkit.org/show_bug.cgi?id=52994
268
269         - Added boilerplate for "tab-size" CSS property.
270         - Added RenderStye::tabSize() as a RareInheritedData.
271         - Replaced TextRun::m_allowTabs into TextRun::m_tabSize.
272
273         Reviewed by Simon Fraser.
274
275         Tests: fast/css/tab-size-expected.html
276                fast/css/tab-size.html
277
278         * css/CSSComputedStyleDeclaration.cpp:
279         (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
280         * css/CSSParser.cpp:
281         (WebCore::CSSParser::parseValue):
282         * css/CSSProperty.cpp:
283         (WebCore::CSSProperty::isInheritedProperty):
284         * css/CSSPropertyNames.in:
285         * css/CSSStyleSelector.cpp:
286         (WebCore::CSSStyleSelector::applyProperty):
287         * html/canvas/CanvasRenderingContext2D.cpp:
288         (WebCore::CanvasRenderingContext2D::drawTextInternal):
289         * platform/chromium/PopupListBox.cpp:
290         (WebCore::PopupListBox::paintRow):
291         * platform/graphics/Font.h:
292         (WebCore::Font::tabWidth):
293         * platform/graphics/TextRun.h:
294         (WebCore::TextRun::TextRun):
295         (WebCore::TextRun::allowTabs):
296         (WebCore::TextRun::tabSize):
297         (WebCore::TextRun::setTabSize):
298         * platform/graphics/WidthIterator.cpp:
299         (WebCore::WidthIterator::advance):
300         * platform/graphics/mac/ComplexTextController.cpp:
301         (WebCore::ComplexTextController::adjustGlyphsAndAdvances):
302         * platform/win/PopupMenuWin.cpp:
303         (WebCore::PopupMenuWin::paint):
304         * rendering/InlineTextBox.cpp:
305         (WebCore::InlineTextBox::constructTextRun):
306         * rendering/RenderBlock.cpp:
307         (WebCore::RenderBlock::constructTextRun):
308         * rendering/RenderBlockLineLayout.cpp:
309         (WebCore::textWidth):
310         (WebCore::tryHyphenating):
311         * rendering/RenderText.cpp:
312         (WebCore::RenderText::widthFromCache):
313         (WebCore::RenderText::computePreferredLogicalWidths):
314         (WebCore::RenderText::width):
315         * rendering/RenderText.h:
316         * rendering/style/RenderStyle.cpp:
317         (WebCore::RenderStyle::diff):
318         * rendering/style/RenderStyle.h:
319         (WebCore::RenderStyleBitfields::tabSize):
320         (WebCore::RenderStyleBitfields::collapsedTabSize):
321         (WebCore::RenderStyleBitfields::setTabSize):
322         (WebCore::RenderStyleBitfields::initialTabSize):
323         * rendering/style/StyleRareInheritedData.cpp:
324         (WebCore::StyleRareInheritedData::StyleRareInheritedData):
325         (WebCore::StyleRareInheritedData::operator==):
326         * rendering/style/StyleRareInheritedData.h:
327         * rendering/svg/SVGInlineTextBox.cpp:
328         (WebCore::SVGInlineTextBox::constructTextRun):
329         * rendering/svg/SVGTextMetrics.cpp:
330         (WebCore::constructTextRun):
331
332 2012-05-10  Antoine Labour  <piman@chromium.org>
333
334         Sync with impl thread when removing references to external textures
335         https://bugs.webkit.org/show_bug.cgi?id=86054
336
337         We want to ensure the client side is safe to release textures, so we
338         sync with the impl thread when:
339         - we change the texture (and we had one)
340         - the layer is removed from the tree (and we had a texture)
341         - the layer is destroyed (and we had a texture)
342
343         Reviewed by James Robinson.
344
345         Test: TextureLayerChromiumTest.
346
347         * platform/graphics/chromium/TextureLayerChromium.cpp:
348         (WebCore::TextureLayerChromium::~TextureLayerChromium):
349         (WebCore::TextureLayerChromium::setTextureId):
350         (WebCore::TextureLayerChromium::setLayerTreeHost):
351         (WebCore):
352         * platform/graphics/chromium/TextureLayerChromium.h:
353         (TextureLayerChromium):
354
355 2012-05-10  Kent Tamura  <tkent@chromium.org>
356
357         [Chromium] attempt to build fix for Chromium-mac.
358         r116697 introduced an override of a system function. It's intentional
359         and WebCoreTextFieldCell should be in the whitelist.
360
361         * WebCore.gyp/WebCore.gyp:
362
363 2012-05-10  Anders Carlsson  <andersca@apple.com>
364
365         PDF files won't scroll in Safari when using Adobe plug-in
366         https://bugs.webkit.org/show_bug.cgi?id=86167
367         <rdar://problem/11389719>
368
369         Reviewed by Sam Weinig.
370
371         * page/scrolling/ScrollingCoordinator.cpp:
372         (WebCore::computeNonFastScrollableRegion):
373         Loop over the frame view children looking for plug-in views that want wheel events
374         and add them to the non-fast scrollable region. Ideally, the plug-ins should be added
375         to the set of scrollable areas, but PluginView in WebKit2 is not a ScrollableArea yet.
376
377         * plugins/PluginViewBase.h:
378         (PluginViewBase):
379         (WebCore::PluginViewBase::wantsWheelEvents):
380
381 2012-05-10  Alexey Proskuryakov  <ap@apple.com>
382
383         Crash in 3rd party WebKit apps that disable cache at a wrong time
384         https://bugs.webkit.org/show_bug.cgi?id=86027
385         <rdar://problem/10615880>
386
387         Reviewed by Antti Koivisto.
388
389         Added an API test.
390
391         The fix is to use CachedResourceHandle throughout MemoryCache, which will certainly
392         keep the resource alive. Also removed earlier fixes.
393
394         * css/CSSImageSetValue.cpp: (WebCore::CSSImageSetValue::cachedImageSet):
395         * css/CSSImageValue.cpp: (WebCore::CSSImageValue::cachedImage):
396         * css/WebKitCSSShaderValue.cpp: (WebCore::WebKitCSSShaderValue::cachedShader):
397         * history/PageCache.cpp: (WebCore::PageCache::releaseAutoreleasedPagesNow):
398         * loader/ImageLoader.cpp: (WebCore::ImageLoader::updateFromElement):
399         * loader/TextTrackLoader.cpp: (WebCore::TextTrackLoader::load):
400         * loader/cache/CachedResourceLoader.cpp:
401         (WebCore::CachedResourceLoader::requestImage):
402         (WebCore::CachedResourceLoader::requestFont):
403         (WebCore::CachedResourceLoader::requestTextTrack):
404         (WebCore::CachedResourceLoader::requestShader):
405         (WebCore::CachedResourceLoader::requestCSSStyleSheet):
406         (WebCore::CachedResourceLoader::requestUserCSSStyleSheet):
407         (WebCore::CachedResourceLoader::requestScript):
408         (WebCore::CachedResourceLoader::requestXSLStyleSheet):
409         (WebCore::CachedResourceLoader::requestSVGDocument):
410         (WebCore::CachedResourceLoader::requestLinkResource):
411         (WebCore::CachedResourceLoader::requestRawResource):
412         (WebCore::CachedResourceLoader::requestResource):
413         (WebCore::CachedResourceLoader::revalidateResource):
414         (WebCore::CachedResourceLoader::loadResource):
415         (WebCore::CachedResourceLoader::requestPreload):
416         * loader/cache/CachedResourceLoader.h: (CachedResourceLoader):
417         * loader/cache/MemoryCache.h: (WebCore::MemoryCache::setPruneEnabled):
418
419         * loader/cache/CachedResourceHandle.h:
420         (WebCore::CachedResourceHandle::CachedResourceHandle):
421         (WebCore::CachedResourceHandle::operator=):
422         Teach CachedResourceHandle how to make CachedResourceHandle<CachedResource> from
423         a handle to subclass.
424
425 2012-05-10  Tien-Ren Chen  <trchen@chromium.org>
426
427         Eliminate duplicated code for culled line box in RenderInline
428         https://bugs.webkit.org/show_bug.cgi?id=85725
429
430         This patch extracts the common part of culledInlineBoundingBox() /
431         culledInlineAbsoluteRects() / culledInlineAbsoluteQuads() to become a
432         template function generateCulledLineBoxRects(). The template function
433         accepts a new parameter, GeneratorContext functor, which will be
434         invoked everytime a new line box rect has been generated. The generated
435         rect will be in local coordinate. The functor will be responsible for
436         appropriate transformation, then appending to vector or union with
437         existing bounding box.
438
439         Reviewed by Eric Seidel.
440
441         No new tests. No change in behavior.
442
443         * rendering/RenderInline.cpp:
444         (WebCore):
445         (WebCore::RenderInline::generateLineBoxRects):
446         (WebCore::RenderInline::generateCulledLineBoxRects):
447         (WebCore::RenderInline::absoluteRects):
448         (WebCore::RenderInline::absoluteQuads):
449         (WebCore::RenderInline::linesBoundingBox):
450         (WebCore::RenderInline::culledInlineVisualOverflowBoundingBox):
451         (WebCore::RenderInline::addFocusRingRects):
452         * rendering/RenderInline.h:
453         (RenderInline):
454
455 2012-05-10  Abhishek Arya  <inferno@chromium.org>
456
457         Crash in swapInNodePreservingAttributesAndChildren.
458         https://bugs.webkit.org/show_bug.cgi?id=85197
459  
460         Reviewed by Ryosuke Niwa.
461  
462         Keep the children in a ref vector before adding them to newNode.
463         They can get destroyed due to mutation events.
464
465         No new tests because we don't have a reduction.
466
467         * editing/ReplaceNodeWithSpanCommand.cpp:
468         (WebCore::swapInNodePreservingAttributesAndChildren):
469
470 2012-05-10  Shinya Kawanaka  <shinyak@chromium.org>
471
472         [Refactoring] Move Selection from DOMWindow to TreeScope.
473         https://bugs.webkit.org/show_bug.cgi?id=82699
474
475         Reviewed by Ryosuke Niwa.
476
477         Since ShadowRoot will also manage its own version of DOMSelection, we would like to
478         share the code among Document and DOMSelection. This patch moves DOMSelection from DOMWindow to TreeScope
479         so that ShadowRoot can also use it.
480
481         No new tests, should covered by existing tests.
482
483         * dom/Document.cpp:
484         (WebCore::Document::updateFocusAppearanceTimerFired):
485         * dom/Document.h:
486         (Document):
487         * dom/ShadowRoot.cpp:
488         (WebCore::ShadowRoot::selection):
489         * do/mTreeScope.cpp:
490         (WebCore::TreeScope::~TreeScope):
491         (WebCore::TreeScope::getSelection):
492         (WebCore):
493         * dom/TreeScope.h:
494         (WebCore):
495         (TreeScope):
496         * page/DOMSelection.cpp:
497         (WebCore::DOMSelection::DOMSelection):
498         (WebCore::DOMSelection::clearTreeScope):
499         (WebCore):
500         * page/DOMSelection.h:
501         (WebCore):
502         (WebCore::DOMSelection::create):
503         (DOMSelection):
504         (WebCore::DOMSelection::frame):
505         * page/DOMWindow.cpp:
506         (WebCore::DOMWindow::~DOMWindow):
507         (WebCore::DOMWindow::clearDOMWindowProperties):
508         (WebCore::DOMWindow::getSelection):
509         * page/DOMWindow.h:
510         (DOMWindow):
511
512 2012-05-10  Kent Tamura  <tkent@chromium.org>
513
514         Unreviewed, rolling out r116594.
515         http://trac.webkit.org/changeset/116594
516         https://bugs.webkit.org/show_bug.cgi?id=86013
517
518         r116594 might have made some composition tests flaky.
519
520         * platform/graphics/chromium/LayerChromium.cpp:
521         (WebCore::LayerChromium::addAnimation):
522         * platform/graphics/chromium/cc/CCLayerAnimationController.cpp:
523         (WebCore::CCLayerAnimationController::pushNewAnimationsToImplThread):
524         * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
525         (WebCore::CCLayerTreeHost::finishCommitOnImplThread):
526         (WebCore::CCLayerTreeHost::didBecomeInvisibleOnImplThread):
527         * platform/graphics/chromium/cc/CCLayerTreeHost.h:
528         (CCLayerTreeHost):
529         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
530         (WebCore::CCLayerTreeHostImpl::CCLayerTreeHostImpl):
531         * platform/graphics/chromium/cc/CCProxy.h:
532         (CCProxy):
533         * platform/graphics/chromium/cc/CCSingleThreadProxy.cpp:
534         (WebCore::CCSingleThreadProxy::CCSingleThreadProxy):
535         (WebCore::CCSingleThreadProxy::doComposite):
536         * platform/graphics/chromium/cc/CCSingleThreadProxy.h:
537         (WebCore):
538         * platform/graphics/chromium/cc/CCThreadProxy.h:
539         (CCThreadProxy):
540
541 2012-05-10  Michael Nordman  <michaeln@google.com>
542
543         [chromium] DomStorage events handling needs TLC (2)
544         https://bugs.webkit.org/show_bug.cgi?id=85221
545         Alter the StorageArea virtual interface such that the mutators no longer
546         return old values. This is to allow implementations of the interface to operate
547         more asynchronously.
548
549         Reviewed by Adam Barth.
550
551         No new tests. Existing tests cover this.
552
553         * storage/StorageArea.h: Alter the interface so the mutators no longer return previous values
554         * storage/StorageAreaImpl.cpp:
555         (WebCore::StorageAreaImpl::disabledByPrivateBrowsingInFrame):  removed an unneeded PLATFORM(CHROMIUM) guard
556         (WebCore::StorageAreaImpl::setItem): no longer return the old value
557         (WebCore::StorageAreaImpl::removeItem): no longer return the old value
558         (WebCore::StorageAreaImpl::clear): no longer return whether something was cleared
559         * storage/StorageAreaImpl.h: match StorageArea's virtual interface
560
561 2012-05-10  Beth Dakin  <bdakin@apple.com>
562
563         https://bugs.webkit.org/show_bug.cgi?id=86158
564         Overlay scrollbars without layers never paint in overflow regions in 
565         tiled drawing mode
566         -and corresponding-
567         <rdar://problem/11289546>
568
569         Reviewed by Darin Adler.
570
571         RenderLayers paint scrollbars that do not have their own layers by 
572         running a second pass through the layer tree after the layer tree has 
573         painted. This ensures that the scrollbars always paint on top of 
574         content. However, this mechanism was relying on 
575         FrameView::paintContents() as a choke-point for all painting to 
576         trigger the second painting pass. That is not a reasonable choke-point 
577         in tiled drawing, so this patch adds similar code to 
578         RenderLayerBacking.
579
580         Only opt into the second painting pass for scrollbars that do not have 
581         their own layers.
582         * rendering/RenderLayer.cpp:
583         (WebCore::RenderLayer::paintOverflowControls):
584         
585         A layer that paints into its backing cannot return early here if it 
586         has overlay scrollbars to paint.
587         (WebCore::RenderLayer::paintLayer):
588         
589         This replicates code in FrameView::paintContents(). After painting the 
590         owning layer, do a second pass if there are overlay scrollbars to 
591         paint.
592         * rendering/RenderLayerBacking.cpp:
593         (WebCore::RenderLayerBacking::paintIntoLayer):
594
595 2012-05-10  Anders Carlsson  <andersca@apple.com>
596
597         Well, at least fixing the GTK+ build is something!
598
599         * platform/gtk/LocalizedStringsGtk.cpp:
600         (WebCore::insecurePluginVersionText):
601         (WebCore):
602
603 2012-05-10  Anders Carlsson  <andersca@apple.com>
604
605         Add insecurePluginVersionText stubs.
606
607         * platform/blackberry/LocalizedStringsBlackBerry.cpp:
608         (WebCore::insecurePluginVersionText):
609         (WebCore):
610         * platform/efl/LocalizedStringsEfl.cpp:
611         (WebCore::insecurePluginVersionText):
612         (WebCore):
613         * platform/qt/LocalizedStringsQt.cpp:
614         (WebCore::insecurePluginVersionText):
615         (WebCore):
616
617 2012-05-10  Sheriff Bot  <webkit.review.bot@gmail.com>
618
619         Unreviewed, rolling out r116677.
620         http://trac.webkit.org/changeset/116677
621         https://bugs.webkit.org/show_bug.cgi?id=86159
622
623         This patch causes linker error to some mac bots (Requested by
624         jianli_ on #webkit).
625
626         * WebCore.exp.in:
627         * dom/ContainerNode.h:
628         * dom/Node.cpp:
629         (WebCore::Node::traverseNextNode):
630         (WebCore::Node::traverseNextSibling):
631         * dom/Node.h:
632         (Node):
633
634 2012-05-10  Abhishek Arya  <inferno@chromium.org>
635
636         Crash in FontCache::releaseFontData due to infinite float size.
637         https://bugs.webkit.org/show_bug.cgi?id=86110
638
639         Reviewed by Andreas Kling.
640
641         New callers always forget to clamp the font size, which overflows
642         to infinity on multiplication. It is best to clamp it at the end
643         to avoid getting greater than std::numeric_limits<float>::max().
644
645         Test: fast/css/large-font-size-crash.html
646
647         * platform/graphics/FontDescription.h:
648         (WebCore::FontDescription::setComputedSize):
649         (WebCore::FontDescription::setSpecifiedSize):
650
651 2012-05-10  Beth Dakin  <bdakin@apple.com>
652
653         https://bugs.webkit.org/show_bug.cgi?id=82131
654         [Mac] REGRESSION (r110480): Text field that specifies background-color 
655         (or is auto-filled) gets un-themed border
656         -and corresponding-
657         <rdar://problem/11115221>
658
659         Reviewed by Maciej Stachowiak.
660
661         This change rolls out r110480 which is what caused styled text fields 
662         to get the un-themed border, and it does a bunch of work to make sure 
663         we get the pretty, new version of the NSTextField art whenever 
664         possible. We do this differently for post-Lion OS's since there is now 
665         a way to opt into it all the time. Lion and SnowLeopard can only use 
666         the new art in HiDPI mode when the background color of the text field 
667         is just white.
668
669         RenderThemeMac::textField() takes a boolean paramter used to determine 
670         if the new gradient will be used.
671         * rendering/RenderThemeMac.h:
672         (RenderThemeMac):
673         
674         This is the post-Lion workaround. This code has no effect on Lion and 
675         SnowLeopard. This allows up to opt into a version of [NSTextField drawWithFrame:] that will only draw the frame of the text field; without this, it will draw the frame and the background, which creates a number of problems with styled text fields and text fields in HiDPI. There is a less comprehesive workaround for Lion and SnowLeopard in place in RenderThemeMac::textField().
676         * rendering/RenderThemeMac.mm:
677         (-[WebCoreTextFieldCell _coreUIDrawOptionsWithFrame:inView:includeFocus:]):
678         
679         This is the roll-out of r110480.
680         (WebCore::RenderThemeMac::isControlStyled):
681         
682         See the comments for a full explanation, but this is mostly code for 
683         Lion and SnowLeopard to determine if we can opt into the new artwork.
684         (WebCore::RenderThemeMac::paintTextField):
685         (WebCore::RenderThemeMac::textField):
686
687 2012-05-10  Anders Carlsson  <andersca@apple.com>
688
689         WebKit1: Add a way to blacklist specific plug-ins/plug-in versions
690         https://bugs.webkit.org/show_bug.cgi?id=86150
691         <rdar://problem/9551196>
692
693         Reviewed by Sam Weinig.
694
695         * English.lproj/Localizable.strings:
696         Update.
697
698         * loader/SubframeLoader.cpp:
699         (WebCore::SubframeLoader::loadPlugin):
700         It is possible that the client has already set the unavailability reason so don't try to set it twice.
701
702         * platform/LocalizedStrings.cpp:
703         (WebCore::insecurePluginVersionText):
704         * platform/LocalizedStrings.h:
705         Add insecure plug-in version text.
706
707         * rendering/RenderEmbeddedObject.cpp:
708         (WebCore::RenderEmbeddedObject::unavailablePluginReplacementText):
709         * rendering/RenderEmbeddedObject.h:
710         Add InsecurePluginVersion unavailability reason.
711
712 2012-05-10  Eric Seidel  <eric@webkit.org>
713
714         Make IFRAME_SEAMLESS child documents inherit styles from their parent iframe element
715         https://bugs.webkit.org/show_bug.cgi?id=85940
716
717         Reviewed by Ojan Vafai.
718
719         The HTML5 <iframe seamless> spec says:
720         In a CSS-supporting user agent: the user agent must, for the purpose of CSS property
721         inheritance only, treat the root element of the active document of the iframe
722         element's nested browsing context as being a child of the iframe element.
723         (Thus inherited properties on the root element of the document in the
724         iframe will inherit the computed values of those properties on the iframe
725         element instead of taking their initial values.)
726
727         Initially I implemented this support to the letter of the spec. However, doing so I learned
728         that WebKit has a RenderStyle for the Document Node, not just the root element of the document.
729         In this RenderStyle on the Document, we add a bunch of per-document styles from settings
730         including designMode.
731
732         This change makes StyleResolver::styleForDocument inherit style from the parent iframe's
733         style, before applying any of these per-document styles.  This may or may not be correct
734         depending on what behavior we want for rtl-ordering, page-zoom, locale, design mode, etc.
735         For now, we continue to treat the iframe's document as independent in these regards, and
736         the settings on that document override those inherited from the iframe.
737
738         Also, intially when making this work, I added redirects in recalcStyle and scheduleStyleRecalc
739         from the child document to the parent document in the case of seamless (since the parent
740         document effectively manages the style resolve and layout of the child in seamless mode).
741         However, I was not able to find a test which depended on this code change, so in this final patch
742         I have removed both of these modifications and replaced them with FIXMEs.  Based on discussions
743         with Ojan and James Robinson, I believe both of those changes may eventually be wanted.
744
745         This change basically does 3 things:
746         1.  Makes StyleResolver::styleForDocument inherit from the parent iframe.
747         2.  Makes any recalcStyle calls on the iframe propogate down into the child document (HTMLIFrameElement::didRecalcStyle).
748         3.  Makes Document::recalcStyle aware of the fact that the Document's style *can* change
749             for reasons other than recalcStyle(Force).
750
751         I'm open to more testing suggestions, if reviewers have settings on the Document's style
752         that you want to make sure we inherit from the parent iframe, or don't inherit, etc.
753         I view this as a complete solution to this aspect of the current <iframe seamless> spec,
754         but likely not the last code we will write for this aspect of the seamless feature. :)
755
756         Tested by fast/frames/seamlesss/seamless-css-cascade.html and seamless-designMode.html
757
758         * css/StyleResolver.cpp:
759         (WebCore::StyleResolver::collectMatchingRulesForList):
760         * dom/Document.cpp:
761         (WebCore::Document::scheduleStyleRecalc):
762         (WebCore::Document::recalcStyle):
763         * html/HTMLIFrameElement.cpp:
764         (WebCore::HTMLIFrameElement::HTMLIFrameElement):
765         (WebCore::HTMLIFrameElement::didRecalcStyle):
766         (WebCore):
767         * html/HTMLIFrameElement.h:
768         (HTMLIFrameElement):
769
770 2012-05-10  Julien Chaffraix  <jchaffraix@webkit.org>
771
772         Crash in computedCSSPadding* functions due to RenderImage::imageDimensionsChanged called during attachment
773         https://bugs.webkit.org/show_bug.cgi?id=85912
774
775         Reviewed by Eric Seidel.
776
777         Tests: fast/images/link-body-content-imageDimensionChanged-crash.html
778                fast/images/script-counter-imageDimensionChanged-crash.html
779
780         The bug comes from CSS generated images that could end up calling imageDimensionsChanged during attachment. As the
781         rest of the code (e.g. computedCSSPadding*) would assumes that we are already inserted in the tree, we would crash.
782
783         The solution is to bail out in this case as newly inserted RenderObject will trigger layout later on and properly
784         handle what we would be doing as part of imageDimensionChanged (the only exception being updating our intrinsic
785         size which should be done as part of imageDimensionsChanged).
786
787         * rendering/RenderImage.cpp:
788         (WebCore::RenderImage::imageDimensionsChanged):
789
790 2012-05-10  Adam Barth  <abarth@webkit.org>
791
792         ASSERT in BidiResolver<Iterator, Run>::commitExplicitEmbedding makes running debug builds annoying
793         https://bugs.webkit.org/show_bug.cgi?id=86140
794
795         Reviewed by Eric Seidel.
796
797         The correct fix here is to resolve
798         https://bugs.webkit.org/show_bug.cgi?id=76574, but in the mean time,
799         this ASSERT is annoying.
800
801         * platform/text/BidiResolver.h:
802         (WebCore::::commitExplicitEmbedding):
803
804 2012-05-10  Mark Pilgrim  <pilgrim@chromium.org>
805
806         [Chromium] Call addTraceEvent and getTraceCategoryEnabledFlag directly
807         https://bugs.webkit.org/show_bug.cgi?id=85399
808
809         Reviewed by Adam Barth.
810
811         Part of a refactoring series. See tracking bug 82948.
812
813         * CMakeLists.txt:
814         * GNUmakefile.list.am:
815         * Target.pri:
816         * WebCore.gypi:
817         * WebCore.vcproj/WebCore.vcproj:
818         * WebCore.xcodeproj/project.pbxproj:
819         * platform/EventTracer.cpp: Added.
820         (WebCore):
821         (WebCore::EventTracer::getTraceCategoryEnabledFlag):
822         (WebCore::EventTracer::addTraceEvent):
823         * platform/EventTracer.h: Added.
824         (WebCore):
825         (EventTracer):
826         * platform/chromium/EventTracerChromium.cpp: Added.
827         (WebCore):
828         (WebCore::EventTracer::getTraceCategoryEnabledFlag):
829         (WebCore::EventTracer::addTraceEvent):
830         * platform/chromium/PlatformSupport.h:
831         * platform/chromium/TraceEvent.h:
832
833 2012-05-10  Adam Barth  <abarth@webkit.org>
834
835         ScrollView::fixedVisibleContentRect should be public
836         https://bugs.webkit.org/show_bug.cgi?id=86147
837
838         Reviewed by Eric Seidel.
839
840         Some code in the WebKit layer of OS(ANDROID) uses this function. That
841         could will be upstreamed in a later patch. For now, this patch just
842         makes this function public so that we remove the diff to this file.
843
844         * platform/ScrollView.h:
845         (WebCore::ScrollView::fixedVisibleContentRect):
846         (WebCore::ScrollView::delegatesScrollingDidChange):
847
848 2012-05-10  Anders Carlsson  <andersca@apple.com>
849
850         Rename the missing plug-in indicator to the unavailable plug-in indicator
851         https://bugs.webkit.org/show_bug.cgi?id=86136
852
853         Reviewed by Sam Weinig.
854
855         Since the indicator is shown for more than just missing plug-ins, generalize it and use a plug-in unavailability
856         reason enum to make it easier to extend. Also, pass the unavailability reason to the ChromeClient member functions.
857
858         * WebCore.exp.in:
859         * html/HTMLEmbedElement.cpp:
860         (WebCore::HTMLEmbedElement::updateWidget):
861         * html/HTMLObjectElement.cpp:
862         (WebCore::HTMLObjectElement::updateWidget):
863         * html/HTMLPlugInElement.cpp:
864         (WebCore::HTMLPlugInElement::defaultEventHandler):
865         * html/HTMLPlugInImageElement.cpp:
866         (WebCore::HTMLPlugInImageElement::updateWidgetIfNecessary):
867         * loader/SubframeLoader.cpp:
868         (WebCore::SubframeLoader::loadPlugin):
869         * page/ChromeClient.h:
870         (WebCore::ChromeClient::shouldUnavailablePluginMessageBeButton):
871         (WebCore::ChromeClient::unavailablePluginButtonClicked):
872         * page/FrameView.cpp:
873         (WebCore::FrameView::updateWidget):
874         * rendering/RenderEmbeddedObject.cpp:
875         (WebCore::RenderEmbeddedObject::RenderEmbeddedObject):
876         (WebCore::RenderEmbeddedObject::setPluginUnavailabilityReason):
877         (WebCore::RenderEmbeddedObject::showsUnavailablePluginIndicator):
878         (WebCore::RenderEmbeddedObject::setUnavailablePluginIndicatorIsPressed):
879         (WebCore::RenderEmbeddedObject::paint):
880         (WebCore::RenderEmbeddedObject::paintReplaced):
881         (WebCore::RenderEmbeddedObject::getReplacementTextGeometry):
882         (WebCore::RenderEmbeddedObject::unavailablePluginReplacementText):
883         (WebCore):
884         (WebCore::RenderEmbeddedObject::isInUnavailablePluginIndicator):
885         (WebCore::shouldUnavailablePluginMessageBeButton):
886         (WebCore::RenderEmbeddedObject::handleUnavailablePluginIndicatorEvent):
887         (WebCore::RenderEmbeddedObject::getCursor):
888         * rendering/RenderEmbeddedObject.h:
889         (RenderEmbeddedObject):
890
891 2012-05-10  Brady Eidson  <beidson@apple.com>
892
893         <rdar://problem/10972577> and https://bugs.webkit.org/show_bug.cgi?id=80170
894         Contents of noscript elements turned into strings in WebArchives
895
896         Reviewed by Andy Estes.
897
898         There's a much deeper question about how innerHTML of <noscript> is expected to work in 
899         both a scripting and non-scripting environment that we should pursue separately.
900
901         But for webarchives, we can solve this by filtering out the <noscript> elements completely 
902         if scripting is enabled.
903
904         Test: webarchive/ignore-noscript-if-scripting-enabled.html
905
906         * WebCore.exp.in:
907
908         Add arguments to createMarkup and MarkupAccumulator methods to pass a Vector of QualifiedNames
909         that should be filtered from the resulting markup:
910         * editing/MarkupAccumulator.cpp:
911         (WebCore::MarkupAccumulator::serializeNodes):
912         (WebCore::MarkupAccumulator::serializeNodesWithNamespaces):
913         * editing/MarkupAccumulator.h:
914         * editing/markup.cpp:
915         (WebCore::createMarkup):
916         * editing/markup.h:
917
918         If scripting is enabled, add the noscriptTag to the tag names to filter:
919         * loader/archive/cf/LegacyWebArchive.cpp:
920         (WebCore::LegacyWebArchive::create):
921
922 2012-05-10  Abhishek Arya  <inferno@chromium.org>
923
924         Crash due to floats not removed from first-letter element.
925         https://bugs.webkit.org/show_bug.cgi?id=86019
926
927         Reviewed by Julien Chaffraix.
928
929         Move clearing logic of a floating/positioned object from removeChild
930         to removeChildNode. There are lot of places which use removeChildNode
931         directly and hence the object is not removed from the floating or
932         positioned objects list.
933
934         Test: fast/block/float/float-not-removed-from-first-letter.html
935
936         * rendering/RenderObject.cpp:
937         (WebCore::RenderObject::removeChild):
938         * rendering/RenderObjectChildList.cpp:
939         (WebCore::RenderObjectChildList::removeChildNode):
940
941 2012-05-10  Andreas Kling  <kling@webkit.org>
942
943         Remove empty ElementAttributeData destructor.
944         <http://webkit.org/b/86126>
945
946         Reviewed by Antti Koivisto.
947
948         * dom/ElementAttributeData.cpp:
949         * dom/ElementAttributeData.h:
950
951 2012-05-10  Yury Semikhatsky  <yurys@chromium.org>
952
953         Web Inspector: heap snapshot comparison view is broken
954         https://bugs.webkit.org/show_bug.cgi?id=86102
955
956         Reviewed by Pavel Feldman.
957
958         Pass HeapSnapshotProxy instead of undefined to the profile load callback. Added
959         compiler annotations to avoid such errors in the future.
960
961         * inspector/front-end/HeapSnapshotView.js:
962
963 2012-05-10  Zan Dobersek  <zandobersek@gmail.com>
964
965         [GTK] ENABLE_IFRAME_SEAMLESS support
966         https://bugs.webkit.org/show_bug.cgi?id=85843
967
968         Reviewed by Eric Seidel.
969
970         Export the ENABLE_IFRAME_SEAMLESS feature define when the feature is
971         enabled.
972
973         No new tests - all the related tests should now be passing.
974
975         * GNUmakefile.am:
976
977 2012-05-10  Antti Koivisto  <antti@apple.com>
978
979         Inline Node::traverseNextNode
980         https://bugs.webkit.org/show_bug.cgi?id=85844
981
982         Reviewed by Ryosuke Niwa.
983         
984         Inline traverseNextNode and traverseNextSibling to reduce entry/exit overhead and allow better code generation
985         for many hot loops.
986
987         In this version only the firstChild()/nextSibling() tests are inlined and the ancestor traversal is not.
988         
989         Performance bots will tell if this was worthwhile.
990
991         * dom/ContainerNode.h:
992         (WebCore::Node::traverseNextNode):
993         (WebCore):
994         (WebCore::Node::traverseNextSibling):
995         * dom/Node.cpp:
996         (WebCore::Node::traverseNextAncestorSibling):
997         * dom/Node.h:
998         (Node):
999
1000 2012-05-10  Tommy Widenflycht  <tommyw@google.com>
1001
1002         MediaStream API: Fix MediaHints parsing
1003         https://bugs.webkit.org/show_bug.cgi?id=86098
1004
1005         Reviewed by Adam Barth.
1006
1007         Not currently testable. Working on a series of patches that will fix that.
1008
1009         * Modules/mediastream/PeerConnection00.cpp:
1010         (WebCore::PeerConnection00::createMediaHints):
1011
1012 2012-05-10  Tommy Widenflycht  <tommyw@google.com>
1013
1014         [chromium] MediaStream API: Fix the ExtraData functionality in WebMediaStreamDescriptor
1015         https://bugs.webkit.org/show_bug.cgi?id=86087
1016
1017         Reviewed by Adam Barth.
1018
1019         Not easy to test but I have added code that excercises this to WebUserMediaClientMock (in DumpRenderTree).
1020
1021         * platform/chromium/support/WebMediaStreamDescriptor.cpp:
1022         (WebKit::WebMediaStreamDescriptor::setExtraData):
1023
1024 2012-05-10  Pavel Feldman  <pfeldman@chromium.org>
1025
1026         Web Inspector: search title is shown beside the search field (not under) in the vertical mode.
1027         https://bugs.webkit.org/show_bug.cgi?id=86120
1028
1029         Reviewed by Yury Semikhatsky.
1030
1031         This change makes search title render as placeholder at all times.
1032         It also adjusts the size of the search field when navigation arrows appear.
1033
1034         * inspector/front-end/SearchController.js:
1035         (WebInspector.SearchController):
1036         (WebInspector.SearchController.prototype.updateSearchLabel):
1037         (WebInspector.SearchController.prototype._updateSearchNavigationButtonState):
1038         (WebInspector.SearchController.prototype._createSearchNavigationButton):
1039         * inspector/front-end/inspector.css:
1040         (#toolbar-search-item):
1041         (.with-navigation-buttons #search):
1042         (.toolbar-search-navigation-label):
1043         (.with-navigation-buttons .toolbar-search-navigation-label):
1044         * inspector/front-end/inspector.html:
1045
1046 2012-05-10  Varun Jain  <varunjain@google.com>
1047
1048         [chromium] Trigger context menu for long press gesture
1049         https://bugs.webkit.org/show_bug.cgi?id=85919
1050
1051         Reviewed by Adam Barth.
1052
1053         Test: fast/events/touch/gesture/context-menu-on-long-press.html
1054
1055         * page/EventHandler.cpp:
1056         (WebCore):
1057         (WebCore::EventHandler::sendContextMenuEventForGesture):
1058         * page/EventHandler.h:
1059         (EventHandler):
1060
1061 2012-05-10  Abhishek Arya  <inferno@chromium.org>
1062
1063         Crash in ApplyStyleCommand::joinChildTextNodes.
1064         https://bugs.webkit.org/show_bug.cgi?id=85939
1065
1066         Reviewed by Ryosuke Niwa.
1067
1068         Test: editing/style/apply-style-join-child-text-nodes-crash.html
1069
1070         * editing/ApplyStyleCommand.cpp:
1071         (WebCore::ApplyStyleCommand::applyRelativeFontStyleChange): add conditions
1072         to bail out if our start and end position nodes are removed due to 
1073         mutation events in joinChildTextNodes.
1074         (WebCore::ApplyStyleCommand::applyInlineStyle): this executes after
1075         applyRelativeFontStyleChange in ApplyStyleCommand::doApply. So, need
1076         to bail out if our start and end position nodes are removed due to
1077         mutation events.
1078         (WebCore::ApplyStyleCommand::joinChildTextNodes): hold all the children
1079         in a ref vector to prevent them from getting destroyed due to mutation events.
1080
1081 2012-05-10  Erik Arvidsson  <arv@chromium.org>
1082
1083         Unreviewed, rebaselined run-bindings-tests results.
1084
1085         * bindings/scripts/test/JS/JSTestEventTarget.cpp:
1086         (WebCore::jsTestEventTargetPrototypeFunctionAddEventListener):
1087         (WebCore::jsTestEventTargetPrototypeFunctionRemoveEventListener):
1088         * bindings/scripts/test/JS/JSTestObj.cpp:
1089         (WebCore::jsTestObjPrototypeFunctionAddEventListener):
1090         (WebCore::jsTestObjPrototypeFunctionRemoveEventListener):
1091         * bindings/scripts/test/V8/V8TestException.cpp:
1092         (WebCore::V8TestException::wrapSlow):
1093         * bindings/scripts/test/V8/V8TestException.h:
1094         (WebCore::V8TestException::wrap):
1095
1096 2012-05-10  Abhishek Arya  <inferno@chromium.org>
1097
1098         Crash in InsertParagraphSeparatorCommand::doApply.
1099         https://bugs.webkit.org/show_bug.cgi?id=84995
1100
1101         Reviewed by Ryosuke Niwa.
1102
1103         Test: editing/inserting/insert-paragraph-seperator-crash.html
1104
1105         * editing/DeleteSelectionCommand.cpp:
1106         (WebCore::DeleteSelectionCommand::mergeParagraphs): no need of static cast, since
1107         type of enclosingBlock returned is already Element*.
1108         * editing/IndentOutdentCommand.cpp:
1109         (WebCore::IndentOutdentCommand::tryIndentingAsListItem): no need of static cast, since
1110         type of enclosingBlock returned is already Element*.
1111         * editing/InsertParagraphSeparatorCommand.cpp:
1112         (WebCore::InsertParagraphSeparatorCommand::doApply): RefPtr startBlock to guard against
1113         mutation events.
1114         * editing/htmlediting.cpp:
1115         (WebCore::enclosingBlock): make sure type of enclosingNode is an element before doing
1116         the static cast. This was already failing in a couple of layout tests. Also, isBlock
1117         check already exists in the function call to enclosingNodeOfType, so don't need it
1118         again on enclosingNode's renderer.
1119         * editing/htmlediting.h: 
1120         (WebCore):
1121
1122 2012-05-10  Allan Sandfeld Jensen  <allan.jensen@nokia.com>
1123
1124         TouchAdjustment doesn't correct for scroll-offsets.
1125         https://bugs.webkit.org/show_bug.cgi?id=86083
1126
1127         Reviewed by Kenneth Rohde Christiansen.
1128
1129         Already tested by: touchadjustment/scroll-delegation
1130
1131         * page/EventHandler.cpp:
1132         (WebCore::EventHandler::bestClickableNodeForTouchPoint):
1133         (WebCore::EventHandler::bestZoomableAreaForTouchPoint):
1134         * page/TouchAdjustment.cpp:
1135         (WebCore::TouchAdjustment::findNodeWithLowestDistanceMetric):
1136         * testing/Internals.cpp:
1137         (WebCore::Internals::bestZoomableAreaForTouchPoint):
1138
1139 2012-05-10  Konrad Piascik  <kpiascik@rim.com>
1140
1141         Fix typo in filename
1142         https://bugs.webkit.org/show_bug.cgi?id=86095
1143
1144         Reviewed by Andreas Kling.
1145
1146         * UseJSC.cmake:
1147
1148 2012-05-10  Stephen Chenney  <schenney@chromium.org>
1149
1150         SVG Filters allow invalid elements as children
1151         https://bugs.webkit.org/show_bug.cgi?id=83979
1152
1153         Reviewed by Nikolas Zimmermann.
1154
1155         According to the SVG spec, there are numerous restrictions on the
1156         content of nodes (that is, their children). Specific to this problem,
1157         SVGFilter elements may only contain SVGFilterPrimitive elements, and
1158         those may only contain animation related elements. This patch enforces
1159         the restriction on filters in the render tree, thus preventing us from
1160         having (for instance) content that is inside a filter yet filtered by
1161         the filter.
1162
1163         Manual test: ManualTests/bugzilla-83979.svg
1164
1165         * svg/SVGFilterElement.cpp:
1166         (WebCore::SVGFilterElement::childShouldCreateRenderer): Added to only allow renderers for fe* children
1167         (WebCore):
1168         * svg/SVGFilterElement.h:
1169         (SVGFilterElement):
1170         * svg/SVGFilterPrimitiveStandardAttributes.h: Do not allow any children at all for fe* elements.
1171         (SVGFilterPrimitiveStandardAttributes):
1172
1173 2012-05-10  Joe Thomas  <joethomas@motorola.com>
1174
1175         [CSS3 Backgrounds and Borders] Add background-size to the background shorthand
1176         https://bugs.webkit.org/show_bug.cgi?id=27577
1177
1178         Reviewed by Alexis Menard.
1179
1180         Added CSSPropertyBackgroundSize to the background shorthand propery. Added the logic for parsing background-size.
1181         bakground-size appears after background-position followed by a '/'.
1182         The specification related to this change is http://www.w3.org/TR/css3-background/#the-background
1183
1184         Tests: fast/backgrounds/background-shorthand-with-backgroundSize-style.html
1185                fast/backgrounds/size/backgroundSize-in-background-shorthand.html
1186
1187         * css/CSSComputedStyleDeclaration.cpp:
1188         (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
1189         (WebCore::CSSComputedStyleDeclaration::getBackgroundShorthandValue):
1190         (WebCore):
1191         * css/CSSComputedStyleDeclaration.h:
1192         (CSSComputedStyleDeclaration):
1193         * css/CSSParser.cpp:
1194         (WebCore::CSSParser::parseValue):
1195         (WebCore::CSSParser::parseFillShorthand):
1196         * css/StylePropertySet.cpp:
1197         (WebCore::StylePropertySet::getLayeredShorthandValue):
1198         * css/StylePropertyShorthand.cpp:
1199         (WebCore):
1200         (WebCore::backgroundShorthand):
1201
1202 2012-05-10  MORITA Hajime <morrita@google.com>
1203
1204         Node::InDetachFlag could be removed.
1205         https://bugs.webkit.org/show_bug.cgi?id=85963
1206
1207         Reviewed by Antti Koivisto.
1208
1209         Removed Node::inDetach() since it can never true
1210         on the only call site setFocusedNode().
1211
1212         No new test. Covered by existing tests.
1213
1214         * dom/Document.cpp:
1215         (WebCore::Document::setFocusedNode):
1216         * dom/Node.cpp:
1217         (WebCore::Node::detach):
1218         * dom/Node.h:
1219         (WebCore):
1220         (Node):
1221
1222 2012-05-10  Keishi Hattori  <keishi@webkit.org>
1223
1224         Crash in HTMLFormControlElement::m_fieldSetAncestor
1225         https://bugs.webkit.org/show_bug.cgi?id=86070
1226
1227         Reviewed by Kent Tamura.
1228
1229         No new tests.
1230
1231         The previous patch r115990 didn't completely resolve the crash (Bug 85453)
1232         We don't have a reproducible test case, so we are reverting to the old code for setting m_fieldSetAncestor.
1233
1234         * html/HTMLFormControlElement.cpp:
1235         (WebCore::HTMLFormControlElement::HTMLFormControlElement):
1236         (WebCore::HTMLFormControlElement::updateFieldSetAndLegendAncestor):
1237         (WebCore::HTMLFormControlElement::insertedInto): Set m_dataListAncestorState to Unknown because ancestor has changed. Call setNeedsWillValidateCheck because style might need to be updated.
1238         (WebCore::HTMLFormControlElement::removedFrom):
1239         (WebCore::HTMLFormControlElement::disabled):
1240         (WebCore::HTMLFormControlElement::recalcWillValidate):
1241         (WebCore::HTMLFormControlElement::willValidate):
1242         (WebCore::HTMLFormControlElement::setNeedsWillValidateCheck):
1243         * html/HTMLFormControlElement.h:
1244         (HTMLFormControlElement): Added m_dataListAncestorState.
1245
1246 2012-05-10  Sam D  <dsam2912@gmail.com>
1247
1248         Web Inspector: rename InspectorBackendStub.js to InspectorBackendCommands.js
1249         https://bugs.webkit.org/show_bug.cgi?id=72306
1250
1251         Changed name for InspectorBackendStub.js to
1252         InspectorBackendCommands.js
1253
1254         Reviewed by Yury Semikhatsky.
1255
1256         No new tests required. File name is changed.
1257
1258         * DerivedSources.pri:
1259         * GNUmakefile.am:
1260         * Target.pri:
1261         * WebCore.gyp/WebCore.gyp:
1262         * WebCore.gypi:
1263         * WebCore.vcproj/copyWebCoreResourceFiles.cmd:
1264         * WebCore.xcodeproj/project.pbxproj:
1265         * gyp/copy-inspector-resources.sh:
1266         * inspector/CodeGeneratorInspector.py:
1267         * inspector/front-end/InspectorBackendCommands.qrc: Added.
1268         * inspector/front-end/InspectorBackendStub.qrc: Removed.
1269         * inspector/front-end/inspector.html:
1270
1271 2012-05-10  Alexis Menard  <alexis.menard@openbossa.org>
1272
1273         [Qt] Avoid string conversions to construct a QUrl when using Qt5.
1274         https://bugs.webkit.org/show_bug.cgi?id=86006
1275
1276         Reviewed by Kenneth Rohde Christiansen.
1277
1278         In Qt5, the QUrl constructor can handle the string directly, even in UTF-16 because the
1279         constructor QUrl(QString) has been fixed. Unfortunately we still need to use the old
1280         code path when building with Qt4.
1281
1282         No new tests : it's a performance improvement which should be covered by tests.
1283
1284         * platform/qt/KURLQt.cpp:
1285         (WebCore::KURL::operator QUrl):
1286
1287 2012-05-10  Noel Gordon  <noel.gordon@gmail.com>
1288
1289         [chromium] REGRESSION(r107389) Visible line artifacts on some JPEG images
1290         https://bugs.webkit.org/show_bug.cgi?id=85772
1291
1292         Reviewed by Kent Tamura.
1293
1294         On some JPEG images, vertical and horizontal lines artifacts might appear in image
1295         regions with very high frequency color variation when using DCT_IFAST decodes. Use
1296         DCT_IFAST on small screen devices only (Chromium Android).
1297
1298         No new tests. Covered by existing tests.
1299
1300         * platform/image-decoders/jpeg/JPEGImageDecoder.cpp:
1301         (dctMethod): Permit DCT_IFAST decoding for Chromium Android only.
1302
1303 2012-05-10  Kenneth Rohde Christiansen  <kenneth@webkit.org>
1304
1305         [Qt] Implement fit-to-width behaviour
1306         https://bugs.webkit.org/show_bug.cgi?id=86085
1307
1308         Reviewed by Simon Hausmann.
1309
1310         Add a method to get the minimum scale factor that contains the content
1311         without showing any chrome background.
1312
1313         * dom/ViewportArguments.cpp:
1314         (WebCore::computeMinimumScaleFactorForContentContained):
1315         (WebCore):
1316         * dom/ViewportArguments.h:
1317         (WebCore):
1318
1319 2012-05-10  MORITA Hajime  <morrita@google.com>
1320
1321         Remove support for Node::willRemove()
1322         https://bugs.webkit.org/show_bug.cgi?id=55209
1323
1324         Reviewed by Ryosuke Niwa.
1325
1326         This change de-virtualizes Node::willRemove(), gains
1327         5% speedup on Dromaeo dom-modify.
1328
1329         Originally there were 5 willRemove() overrides:
1330         - Element
1331         - HTMLStyleElement
1332         - HTMLSourceElement
1333         - HTMLTrackElement
1334         - HTMLFrameOwnerElement
1335
1336         For first 4 items, this change moves their implementations to
1337         Node::removedFrom() overrides.
1338
1339         Then HTMLFrameOwnerElement is the only class which needs the
1340         notification.  Because it emits the "unload" event, it needs some
1341         notification _before_ its removal. To handle that, this change
1342         introduces ChildFrameDisconnector which collects
1343         corresponding decendant elements and disconnect their content frame.
1344
1345         Even though this approach doesn't kill pre-removal tree traversal
1346         completely, it's a bit more efficient due to the de-virtualization.
1347
1348         No new tests. Covered by existing test.
1349
1350         * dom/ContainerNode.cpp:
1351         (WebCore::willRemoveChild): Replaced willRemove() call with ChildFrameDisconnector.
1352         (WebCore::willRemoveChildren): Ditto.
1353         (WebCore::ContainerNode::disconnectDescendantFrames): Added. Used from FrameLoader to replace Document::willRemove() call.
1354         (WebCore):
1355         * dom/ContainerNode.h:
1356         (ContainerNode):
1357         * dom/ContainerNodeAlgorithms.cpp:
1358         (WebCore::ChildFrameDisconnector::collectDescendant):
1359         (WebCore):
1360         (WebCore::ChildFrameDisconnector::Target::disconnect):
1361         * dom/ContainerNodeAlgorithms.h:
1362         (ChildFrameDisconnector):
1363         (Target):
1364         (WebCore::ChildFrameDisconnector::Target::Target):
1365         (WebCore::ChildFrameDisconnector::Target::isValid):
1366         (WebCore):
1367         (WebCore::ChildFrameDisconnector::ChildFrameDisconnector):
1368         (WebCore::ChildFrameDisconnector::collectDescendant):
1369         (WebCore::ChildFrameDisconnector::disconnect):
1370         * dom/Element.cpp:
1371         (WebCore::Element::removedFrom):
1372         * dom/Element.h:
1373         * dom/ElementShadow.cpp:
1374         * dom/ElementShadow.h:
1375         (ElementShadow):
1376         * dom/Node.cpp:
1377         * dom/Node.h: Added IsFrameOwnerElement flag to de-virtualize IsFrameOwnerElement().
1378         (WebCore::Node::isFrameOwnerElement): De-virtualized.
1379         (Node):
1380         * html/HTMLElement.h:
1381         (HTMLElement):
1382         (WebCore::HTMLElement::HTMLElement):
1383         * html/HTMLFrameOwnerElement.cpp:
1384         (WebCore::HTMLFrameOwnerElement::HTMLFrameOwnerElement):
1385         (WebCore::HTMLFrameOwnerElement::disconnectContentFrame): Extracted from original willRemove().
1386         * html/HTMLFrameOwnerElement.h:
1387         (HTMLFrameOwnerElement):
1388         (WebCore::toFrameOwnerElement):
1389         (WebCore):
1390         * html/HTMLMediaElement.cpp:
1391         (WebCore::HTMLMediaElement::sourceWasRemoved): Renamed from sourceWillBeRemoved(), dealing with the timing change.
1392         * html/HTMLMediaElement.h:
1393         (HTMLMediaElement):
1394         (WebCore::isMediaElement):
1395         (WebCore):
1396         (WebCore::toMediaElement):
1397         * html/HTMLSourceElement.cpp:
1398         (WebCore::HTMLSourceElement::removedFrom): Moved some code from willRemove().
1399         * html/HTMLSourceElement.h:
1400         (HTMLSourceElement):
1401         * html/HTMLStyleElement.cpp:
1402         (WebCore::HTMLStyleElement::removedFrom):
1403         (WebCore):
1404         * html/HTMLStyleElement.h:
1405         (HTMLStyleElement):
1406         * html/HTMLTrackElement.cpp:
1407         (WebCore::HTMLTrackElement::removedFrom): Moved some code from willRemove().
1408         * html/HTMLTrackElement.h:
1409         (HTMLTrackElement):
1410         * loader/FrameLoader.cpp:
1411         (WebCore::FrameLoader::clear):
1412
1413 2012-05-10  Kinuko Yasuda  <kinuko@chromium.org>
1414
1415         Change the return type of Entry.toURL() back to String from KURL
1416         https://bugs.webkit.org/show_bug.cgi?id=85858
1417
1418         Reviewed by Ryosuke Niwa.
1419
1420         I once changed it from String to KURL in r116273 but it turned out that
1421         it involves implicit conversion and may incur extra overhead.
1422         This partly reverts r116273 while keeping some internal functions
1423         returning KURL as it's what we initially create as and is more
1424         convenient to operate on.
1425
1426         No new tests; no functional or visible changes.
1427
1428         * Modules/filesystem/EntryBase.cpp:
1429         (WebCore::EntryBase::toURL):
1430         * Modules/filesystem/EntryBase.h:
1431         (EntryBase):
1432
1433 2012-05-10  Alexander Pavlov  <apavlov@chromium.org>
1434
1435         Web Inspector: Autocomplete for CSS property values in the Styles pane behaving incorrectly
1436         https://bugs.webkit.org/show_bug.cgi?id=85784
1437
1438         Reviewed by Vsevolod Vlasov.
1439
1440         Before executing the number increment/decrement within CSS property value, the current word is checked
1441         for being a valid suggestion for the current property, and if it is, the numeric change is skipped
1442         in favor of the suggested property value switch by a suggest box.
1443
1444         * inspector/front-end/StylesSidebarPane.js:
1445
1446 2012-05-10  Abhishek Arya  <inferno@chromium.org>
1447
1448         Make DOMCharacterDataModified a scoped event (similar to r73690).
1449         https://bugs.webkit.org/show_bug.cgi?id=85920
1450
1451         Reviewed by Ryosuke Niwa.
1452
1453         DOMCharacterDataModified was missing in the list of already scoped
1454         DOM mutation events like DOMSubtreeModified, DOMNodeInserted, etc.
1455         It helps to delay event dispatches until the completion of each call
1456         of EditCommand::doApply. This has been useful in the past and helped to 
1457         prevent unexpected DOM tree mutations while the editing command is executing.
1458
1459         * dom/CharacterData.cpp:
1460         (WebCore::CharacterData::dispatchModifiedEvent):
1461
1462 2012-05-10  Alexandre Elias  <aelias@google.com>
1463
1464         Default to null value for HistoryItem::m_pageScaleFactor
1465         https://bugs.webkit.org/show_bug.cgi?id=84385
1466
1467         Reviewed by Adam Barth.
1468
1469         Previously, HistoryItem::m_pageScaleFactor defaulted to a value
1470         of 1, making it impossible to determine whether this value was never
1471         set, or intentionally set to 1.  This patch introduces a default value
1472         of 0 and makes restoreScrollPositionAndViewState not touch the page
1473         scale factor if this value is still present at time of reload.
1474
1475         This is a no-op change for common navigation scenarios.  The
1476         motivation for this change is the corner case of syncing history items
1477         from a desktop browser to a mobile device.  In that case, we need a
1478         way to specify that the history item does not contain a
1479         pageScaleFactor so that the mobile device does not display the page
1480         overly zoomed in.
1481
1482         No new tests.
1483
1484         * history/HistoryItem.cpp:
1485         (WebCore::HistoryItem::HistoryItem):
1486         * loader/HistoryController.cpp:
1487         (WebCore::HistoryController::restoreScrollPositionAndViewState):
1488
1489 2012-05-10  Csaba Osztrogon√°c  <ossy@webkit.org>
1490
1491         Use suitable viewport values when a Mobile DTD is used.
1492         https://bugs.webkit.org/show_bug.cgi?id=85425
1493
1494         Unreviewed debug buildfix after r116571.
1495
1496         * dom/Document.cpp:
1497         (WebCore::Document::setDocType):
1498
1499 2012-05-10  Yoshifumi Inoue  <yosin@chromium.org>
1500
1501         [Forms] Move step related methods to InputType class from HTMLInputElement class
1502         https://bugs.webkit.org/show_bug.cgi?id=85978
1503
1504         Reviewed by Kent Tamura.
1505
1506         This patch is part of re-factoring of HTMLInputElement.cpp for numeric input type.
1507         In this patch, we move implementation of getAllowedValueStep and stepUp/stepUpFromRenderer
1508         to InputType class because of these are for DateTime/Number/Range.
1509
1510         Following patches will change implementation of getAllowedValueStep to use StepRange and
1511         remove step related methods, defaultStep, stepScaleFactor, and so on.
1512
1513         No new tests. This patch should not change behavior.
1514
1515         * html/HTMLInputElement.cpp:
1516         (WebCore):
1517         (WebCore::HTMLInputElement::getAllowedValueStep):
1518         (WebCore::HTMLInputElement::stepUp):
1519         (WebCore::HTMLInputElement::stepDown):
1520         (WebCore::HTMLInputElement::stepUpFromRenderer):
1521         * html/HTMLInputElement.h:
1522         (HTMLInputElement):
1523         * html/InputType.cpp:
1524         (WebCore::InputType::applyStep):
1525         (WebCore):
1526         (WebCore::InputType::alignValueForStep):
1527         (WebCore::InputType::getAllowedValueStep):
1528         (WebCore::InputType::getAllowedValueStepWithDecimalPlaces):
1529         (WebCore::InputType::stepUp):
1530         (WebCore::InputType::stepUpFromRenderer):
1531         * html/InputType.h:
1532         (InputType):
1533
1534 2012-05-09  Kent Tamura  <tkent@chromium.org>
1535
1536         Calendar Picker: Fix a crash by changing input type.
1537         https://bugs.webkit.org/show_bug.cgi?id=86007
1538
1539         Reviewed by Hajime Morita.
1540
1541         Manual test: forms/calendar-picker-crash-by-type-change.html
1542
1543         * html/shadow/CalendarPickerElement.cpp:
1544         (WebCore::CalendarPickerElement::~CalendarPickerElement):
1545         Added. Make sure the popup is closed.
1546         * html/shadow/CalendarPickerElement.h:
1547         (CalendarPickerElement): Add declaration of the destructor.
1548
1549 2012-05-09  Gyuyoung Kim  <gyuyoung.kim@samsung.com>
1550
1551         Move suspendAnimations to use Internals interface.
1552         https://bugs.webkit.org/show_bug.cgi?id=85986
1553
1554         Reviewed by Ryosuke Niwa.
1555
1556         Add suspendAnimations functions, because it is able to work in the
1557         cross-port way through the Internals interface.
1558
1559         No new tests, since we are improving here the infra-structure for testing
1560         a specific method.
1561
1562         * testing/Internals.cpp:
1563         (WebCore::Internals::suspendAnimations):
1564         (WebCore):
1565         * testing/Internals.h:
1566         (Internals):
1567         * testing/Internals.idl:
1568
1569 2012-05-09  Charlie Reis  <creis@chromium.org>
1570
1571         Add dispatchMessageEventWithOriginCheck to DOMWindow
1572         https://bugs.webkit.org/show_bug.cgi?id=85815
1573
1574         Reviewed by Adam Barth.
1575
1576         Useful for ports that support cross-process postMessage.
1577         No new tests, since covered by existing postMessage tests.
1578
1579         * page/DOMWindow.cpp:
1580         (WebCore::DOMWindow::postMessageTimerFired):
1581         (WebCore):
1582         (WebCore::DOMWindow::dispatchMessageEventWithOriginCheck):
1583         * page/DOMWindow.h:
1584         (WebCore):
1585         (DOMWindow):
1586
1587 2012-05-09  Jason Liu  <jason.liu@torchmobile.com.cn>
1588
1589         [BlackBerry] Cookie parsing issue. If the cookie value provided was (") then the browser creates a session cookie instead.
1590         https://bugs.webkit.org/show_bug.cgi?id=85775
1591
1592         Reviewed by Rob Buis.
1593
1594         Make CookieParser::parseOneCookie handle (cookiename="cookievalue;expires=xxxx) correctly.
1595         This cookie's value is "cookievalue not "cookievalue;expires=xxxx.
1596
1597         Test: http/tests/cookies/single-quoted-value.html
1598
1599         * platform/blackberry/CookieParser.cpp:
1600         (WebCore::CookieParser::parseOneCookie):
1601
1602 2012-05-09  Raymond Liu  <raymond.liu@intel.com>
1603
1604         Add multi-channels support for CopyWithGainFrom in AudioBus
1605         https://bugs.webkit.org/show_bug.cgi?id=80675
1606
1607         Reviewed by Chris Rogers.
1608
1609         * platform/audio/AudioBus.cpp:
1610         (WebCore):
1611         (WebCore::AudioBus::AudioBus):
1612         (WebCore::AudioBus::copyWithGainFrom):
1613         * platform/audio/AudioBus.h:
1614         (AudioBus):
1615
1616 2012-05-09  Jessie Berlin  <jberlin@apple.com>
1617
1618         Crash using the new WKBundleDOMWindowExtensions APIs.
1619         https://bugs.webkit.org/show_bug.cgi?id=85888
1620
1621         Reviewed by Brady Eidson.
1622
1623         WKBundlePageWillDestroyGlobalObjectForDOMWindowExtensionCallback was only being invoked when
1624         the WKPage was destroyed, and then only for the child frames. In addition, the
1625         DOMWindowExtension was holding onto a destroyed DOMWindow and attempting to unregister from
1626         when the WK2 wrapper object was attempting to destroy the DOMWindowExtension.
1627
1628         The underlying issue here was that the DOMWindowProperties were getting disconnectFrame
1629         and willDetachPage called on them at the wrong times.
1630
1631         Rename DOMWindowProperty::disconnectFrame and reconnectFrame to disconnectFrameForPageCache
1632         and reconnectFrameFromPageCache for clarity.
1633
1634         Only invoke DOMWindowProperty::disconnectFrameForPageCache when the frame is going into the
1635         page cache.
1636
1637         In the cases where the DOMWindow is getting destroyed, the frame is being destroyed, or the
1638         DOMWindow is getting cleared because the frame is being navigated, invoke
1639         DOMWindowProperty::willDestroyGlobalObjectInFrame instead of disconnectFrame.
1640
1641         Invoke DOMWindowProperty::willDetachGlobalObjectFromFrame when a document is being detached
1642         because the frame has been detached (e.g. fast/storage/storage-detached-iframe.html) and
1643         won't be immediately destroyed.
1644
1645         Invoke DOMWindowProperty::willDestroyGlobalObjectInCachedFrame when a cached frame is
1646         being destroyed.
1647
1648         New WK2 API Test: DOMWindowExtensionNoCache.
1649
1650         * Modules/indexeddb/DOMWindowIndexedDatabase.cpp:
1651         (WebCore::DOMWindowIndexedDatabase::disconnectFrameForPageCache):
1652         Updated for disconnectFrame rename.
1653         (WebCore::DOMWindowIndexedDatabase::reconnectFrameFromPageCache):
1654         Updated for reconnectFrame rename.
1655         (WebCore::DOMWindowIndexedDatabase::willDestroyGlobalObjectInCachedFrame):
1656         Get rid of the suspended IDBFactory.
1657         (WebCore::DOMWindowIndexedDatabase::willDestroyGlobalObjectInFrame):
1658         Get rid of the IDBFactory.
1659         (WebCore::DOMWindowIndexedDatabase::willDetachGlobalObjectFromFrame):
1660         Ditto.
1661         * Modules/indexeddb/DOMWindowIndexedDatabase.h:
1662
1663         * dom/Document.cpp:
1664         (WebCore::Document::prepareForDestruction):
1665         Tell the DOMWindow before detaching the Document.
1666         * dom/Document.h:
1667
1668         * history/CachedFrame.cpp:
1669         (WebCore::CachedFrame::destroy):
1670         Tell the DOMWindow.
1671
1672         * loader/FrameLoader.cpp:
1673         (WebCore::FrameLoader::clear):
1674         Use Document::prepareForDestruction so that the DOMWindow is told about the main frame
1675         navigation before detaching the Document.
1676
1677         * loader/appcache/DOMApplicationCache.cpp:
1678         (WebCore::DOMApplicationCache::disconnectFrameForPageCache):
1679         Updated for the disconnectFrame rename.
1680         (WebCore::DOMApplicationCache::reconnectFrameFromPageCache):
1681         Updated for the reconnectFrame rename.
1682         (WebCore::DOMApplicationCache::willDestroyGlobalObjectInFrame):
1683         Cover the cases formerly covered by disconnectFrame (which was sometimes being called when
1684         called when the frame was destroyed).
1685         * loader/appcache/DOMApplicationCache.h:
1686
1687         * notifications/DOMWindowNotifications.cpp:
1688         (WebCore::DOMWindowNotifications::disconnectFrameForPageCache):
1689         Updated for the disconnectFrame rename.
1690         (WebCore::DOMWindowNotifications::reconnectFrameFromPageCache):
1691         Updated for the reconnectFrame rename.
1692         (WebCore::DOMWindowNotifications::willDestroyGlobalObjectInCachedFrame):
1693         Get rid of the suspended notification center.
1694         (WebCore::DOMWindowNotifications::willDestroyGlobalObjectInFrame):
1695         Get rid of the notification center.
1696         (WebCore::DOMWindowNotifications::willDetachGlobalObjectFromFrame):
1697         Do not allow use of the notification center by detached frames.
1698         * notifications/DOMWindowNotifications.h:
1699
1700         * page/DOMWindow.cpp:
1701         (WebCore::DOMWindow::clearDOMWindowProperties):
1702         Do not call disconnectDOMWindowProperties. It is now the responsibility of the callers to
1703         tell the DOMWindowProperties the correct cause of being cleared.
1704         (WebCore::DOMWindow::~DOMWindow):
1705         Make sure the DOMWindowProperties still know that the DOMWindow is going away.
1706         (WebCore::DOMWindow::frameDestroyed):
1707         Invoke willDestroyGlobalObjectInFrame on the DOMWindowProperties.
1708         (WebCore::DOMWindow::willDetachPage):
1709         It is no longer necessary to tell the DOMWindowProperties anything here.
1710         (WebCore::DOMWindow::willDestroyCachedFrame):
1711         Tell the DOMWindowProperties.
1712         (WebCore::DOMWindow::willDestroyDocumentInFrame):
1713         Ditto.
1714         (WebCore::DOMWindow::willDetachDocumentFromFrame):
1715         Ditto.
1716         (WebCore::DOMWindow::clear):
1717         Ditto.
1718         (WebCore::DOMWindow::disconnectDOMWindowProperties):
1719         Updated for the disconnectFrame rename.
1720         (WebCore::DOMWindow::reconnectDOMWindowProperties):
1721         Ditto.
1722         * page/DOMWindow.h:
1723
1724         * page/DOMWindowExtension.cpp:
1725         (WebCore::DOMWindowExtension::DOMWindowExtension):
1726         Move the responsibility for tracking the disconnected DOMWindow to DOMWindowProperty, since
1727         DOMWindowProperty will need it to unregister the property when a cached frame is destroyed.
1728         (WebCore::DOMWindowExtension::disconnectFrameForPageCache):
1729         Remove the code to check for disconnectFrame being called twice - it is now only called when
1730         a frame goes into the page cache.
1731         Let the DOMWindowProperty keep track of the disconnected DOMWindow.
1732         (WebCore::DOMWindowExtension::reconnectFrameFromPageCache):
1733         Let the DOMWindowProperty keep track of the disconnected DOMWindow.
1734         (WebCore::DOMWindowExtension::willDestroyGlobalObjectInCachedFrame):
1735         Dispatch the willDestroyGlobalObjectForDOMWindowExtension callback.
1736         (WebCore::DOMWindowExtension::willDestroyGlobalObjectInFrame):
1737         Ditto, but only if the callback hasn't already been sent because the frame has been detached.
1738         (WebCore::DOMWindowExtension::willDetachGlobalObjectFromFrame):
1739         Send the callback because nothing interesting can be done in the frame once it has been
1740         detached.
1741         * page/DOMWindowExtension.h:
1742
1743         * page/DOMWindowProperty.cpp:
1744         (WebCore::DOMWindowProperty::DOMWindowProperty):
1745         Keep track of the disconnected DOMWindow so it can be used to unregister the property when a
1746         cached frame is destroyed.
1747         (WebCore::DOMWindowProperty::~DOMWindowProperty):
1748         Also unregister the property when a DOMWindowProperty for a cached frame is destroyed.
1749         (WebCore::DOMWindowProperty::disconnectFrameForPageCache):
1750         Keep track of the disconnected DOMWindow.
1751         (WebCore::DOMWindowProperty::reconnectFrameFromPageCache):
1752         Ditto.
1753         (WebCore::DOMWindowProperty::willDestroyGlobalObjectInCachedFrame):
1754         Unregister the property from the disconnected DOMWindow.
1755         (WebCore::DOMWindowProperty::willDestroyGlobalObjectInFrame):
1756         Unregister the property from the DOMWindow and stop keeping track of the frame.
1757         (WebCore::DOMWindowProperty::willDetachGlobalObjectFromFrame):
1758         Do not set m_frame to 0 because detached frames still have access to the DOMWindow, even if
1759         they can't do anything meaningful with it.
1760         * page/DOMWindowProperty.h:
1761
1762         * page/Frame.cpp:
1763         (WebCore::Frame::setView):
1764         Tell the DOMWindow that the Document is being detached so it can tell the
1765         DOMWindowProperties.
1766
1767         * page/PointerLock.cpp:
1768         (WebCore::PointerLock::disconnectFrameForPageCache):
1769         Updated for disconnectFrame rename.
1770         (WebCore::PointerLock::willDestroyGlobalObjectInFrame):
1771         Cover the cases formerly covered by disconnectFrame (which was sometimes being called when
1772         called when the frame was destroyed).
1773         * page/PointerLock.h:
1774
1775 2012-05-09  Ian Vollick  <vollick@chromium.org>
1776
1777         [chromium] Ensure animations get ticked at least once when added.
1778         https://bugs.webkit.org/show_bug.cgi?id=86013
1779
1780         Reviewed by James Robinson.
1781
1782         Tested in
1783           CCLayerTreeHostTestTickAnimationWhileBackgrounded.runSingleThreaded
1784           CCLayerTreeHostTestAddAnimationWithTimingFunction.runSingleThreaded
1785           CCLayerTreeHostTestSynchronizeAnimationStartTimes.runSingleThreaded
1786           CCLayerTreeHostTestAnimationFinishedEvents.runSingleThreaded
1787
1788         * platform/graphics/chromium/LayerChromium.cpp:
1789         (WebCore::LayerChromium::addAnimation):
1790         * platform/graphics/chromium/cc/CCLayerAnimationController.cpp:
1791         (WebCore::CCLayerAnimationController::pushNewAnimationsToImplThread):
1792         * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
1793         (WebCore::CCLayerTreeHost::finishCommitOnImplThread):
1794         (WebCore::CCLayerTreeHost::didAddAnimation):
1795         (WebCore):
1796         (WebCore::CCLayerTreeHost::didBecomeInvisibleOnImplThread):
1797         * platform/graphics/chromium/cc/CCLayerTreeHost.h:
1798         (CCLayerTreeHost):
1799         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
1800         (WebCore::CCLayerTreeHostImpl::CCLayerTreeHostImpl):
1801         * platform/graphics/chromium/cc/CCProxy.h:
1802         (CCProxy):
1803         * platform/graphics/chromium/cc/CCSingleThreadProxy.cpp:
1804         (CCSingleThreadProxyAnimationTimer):
1805         (WebCore::CCSingleThreadProxyAnimationTimer::create):
1806         (WebCore::CCSingleThreadProxyAnimationTimer::CCSingleThreadProxyAnimationTimer):
1807         (WebCore):
1808         (WebCore::CCSingleThreadProxy::CCSingleThreadProxy):
1809         (WebCore::CCSingleThreadProxy::didAddAnimation):
1810         (WebCore::CCSingleThreadProxy::doComposite):
1811         * platform/graphics/chromium/cc/CCSingleThreadProxy.h:
1812         (WebCore):
1813         * platform/graphics/chromium/cc/CCThreadProxy.h:
1814
1815 2012-05-09  Adam Barth  <abarth@webkit.org>
1816
1817         Implement HTML Media Capture
1818         https://bugs.webkit.org/show_bug.cgi?id=85958
1819
1820         Reviewed by Eric Seidel.
1821
1822         This patch begins the implementation of
1823         http://www.w3.org/TR/html-media-capture/ by adding the capture
1824         attribute to HTMLInputElement.
1825
1826         Test: fast/forms/file/file-input-capture.html
1827
1828         * html/FileInputType.cpp:
1829         (WebCore::FileInputType::handleDOMActivateEvent):
1830         * html/HTMLAttributeNames.in:
1831         * html/HTMLInputElement.cpp:
1832         (WebCore):
1833         (WebCore::HTMLInputElement::capture):
1834         (WebCore::HTMLInputElement::setCapture):
1835         * html/HTMLInputElement.h:
1836         (HTMLInputElement):
1837         * html/HTMLInputElement.idl:
1838         * platform/FileChooser.h:
1839         (FileChooserSettings):
1840
1841 2012-05-09  Charles Wei  <charles.wei@torchmobile.com.cn>
1842
1843         [BlackBerry]  Refactor data scheme support
1844         https://bugs.webkit.org/show_bug.cgi?id=85938
1845
1846         Reviewed by Rob Buis.
1847
1848         We will create a DataStream in our platform repository,
1849         so that can be wrapped up by NetworkJob for webkit rendering,
1850         and by DownloadStream for downloading.
1851
1852         Refactor, no new tests.
1853
1854         * platform/network/blackberry/NetworkJob.cpp:
1855         (WebCore::NetworkJob::NetworkJob):
1856         (WebCore::NetworkJob::initialize):
1857         (WebCore::NetworkJob::cancelJob):
1858         (WebCore::NetworkJob::sendResponseIfNeeded):
1859         * platform/network/blackberry/NetworkJob.h:
1860         (NetworkJob):
1861         * platform/network/blackberry/NetworkManager.cpp:
1862         (WebCore::NetworkManager::startJob):
1863
1864 2012-05-09  Dana Jansens  <danakj@chromium.org>
1865
1866         [chromium] Don't draw when canDraw() is false
1867         https://bugs.webkit.org/show_bug.cgi?id=85829
1868
1869         Reviewed by Adrienne Walker.
1870
1871         This is based on the work of Daniel Sievers in bug
1872         https://bugs.webkit.org/show_bug.cgi?id=82680. When canDraw() is false,
1873         we should not call drawLayers() or prepareToDraw() in both Single- and
1874         Multi-Threaded mode.
1875
1876         drawLayers() is crashing in single threaded mode, and this attempts to
1877         prevent it from being called with invalid state. While making it behave
1878         properly in single-threaded mode, it seems appropriate to unrevert the
1879         parts of 82680 that made threaded mode behave similarly appropriately.
1880
1881         A single-threaded test is not included since LTHTests is unable to run
1882         in single-threaded mode at this time (pending work from Ian Vollick). So
1883         we test in threaded mode only with a note to include a single thread
1884         version.
1885
1886         Tests: CCLayerTreeHostTestCanDrawBlocksDrawing.runMultiThread
1887
1888         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
1889         (WebCore::CCLayerTreeHostImpl::prepareToDraw):
1890         (WebCore::CCLayerTreeHostImpl::drawLayers):
1891         * platform/graphics/chromium/cc/CCSingleThreadProxy.cpp:
1892         (WebCore::CCSingleThreadProxy::doComposite):
1893         * platform/graphics/chromium/cc/CCThreadProxy.cpp:
1894         (WebCore::CCThreadProxy::scheduledActionDrawAndSwapInternal):
1895
1896 2012-05-09  Martin Robinson  <mrobinson@igalia.com>
1897
1898         [Cairo] GLContextGLX releases the context with an uninitialized display
1899         https://bugs.webkit.org/show_bug.cgi?id=86039
1900
1901         Reviewed by Philippe Normand.
1902
1903         No new tests. This does not change behavior on most machines, but has
1904         the potential to prevent a pretty nasty crash on others.
1905
1906         Use the shared display to release GLX contexts instead of the uninitialized
1907         m_display member.
1908
1909         * platform/graphics/glx/GLContextGLX.cpp:
1910         (WebCore::GLContextGLX::~GLContextGLX): Release the display with the shared
1911         display.
1912         * platform/graphics/glx/GLContextGLX.h:
1913         (GLContextGLX): Remove the m_display member.
1914
1915 2012-05-09  Tony Gentilcore  <tonyg@chromium.org>
1916
1917         Subresources loaded after a reload completes shouldn't be revalidated.
1918         https://bugs.webkit.org/show_bug.cgi?id=84614
1919
1920         Based on patch by Darin Fisher.
1921
1922         Reviewed by Darin Fisher.
1923
1924         Tests: http/tests/cache/loaded-from-cache-after-reload-within-iframe.html
1925                http/tests/cache/loaded-from-cache-after-reload.html
1926
1927         * loader/FrameLoader.cpp:
1928         (WebCore::FrameLoader::checkLoadCompleteForThisFrame): Reset m_loadType after the load completes.
1929
1930 2012-05-09  Erik Arvidsson  <arv@chromium.org>
1931
1932         [V8] Fix issue where V8BindingPerContextData could keep the context object alive
1933         https://bugs.webkit.org/show_bug.cgi?id=86036
1934
1935         Reviewed by Kentaro Hara.
1936
1937         This is a partial revert of http://trac.webkit.org/changeset/114320/. This keeps
1938         the layout tests that were introduced since it turns out that
1939         http://trac.webkit.org/changeset/114989 fixes the tests too.
1940
1941         Covered by: http/tests/security/isolatedWorld/context-destroy.html
1942
1943         * bindings/v8/V8IsolatedContext.cpp:
1944         (WebCore::V8IsolatedContext::destroy):
1945
1946 2012-05-09  Anders Carlsson  <andersca@apple.com>
1947
1948         Speed up some parts of TileCache drawing
1949         https://bugs.webkit.org/show_bug.cgi?id=86033
1950         <rdar://problem/10919373>
1951
1952         Reviewed by Sam Weinig.
1953
1954         * platform/graphics/ca/mac/TileCache.mm:
1955         (WebCore::TileCache::tileCoverageRect):
1956         If we can't have scrollbars, there's not much need to extend the tile coverage rect outside of the visible rect, since it's
1957         unlikely that we'll do any form of scrolling here.
1958
1959         (WebCore::TileCache::revalidateTiles):
1960         Don't update the tile layer frame if it's big enough to contain the tile size. Also, if there are no new tiles created,
1961         don't call platformCALayerDidCreateTiles since that will trigger an extra layer flush.
1962
1963 2012-05-09  Alexandre Elias  <aelias@google.com>
1964
1965         setPageScaleFactor should setScrollPosition if scale is unchanged
1966         https://bugs.webkit.org/show_bug.cgi?id=84400
1967
1968         Reviewed by Adam Barth.
1969
1970         Previously, setPageScaleFactor forgot about its "origin" argument if
1971         the page scale factor is unchanged.  This has proven undesirable in
1972         practice because, for example, a single pinch gesture may zoom in and
1973         back out to the original page scale factor, but at a different scroll
1974         offset.
1975
1976         New test case added to scale-and-scroll-body-expected.txt
1977
1978         * page/Page.cpp:
1979         (WebCore::Page::setPageScaleFactor):
1980
1981 2012-05-09  Hugo Parente Lima  <hugo.lima@openbossa.org>
1982
1983         Use suitable viewport values on XHTML-MP pages.
1984         https://bugs.webkit.org/show_bug.cgi?id=85425
1985
1986         Reviewed by Kenneth Rohde Christiansen.
1987
1988         Tests: fast/viewport/viewport-legacy-xhtmlmp-misplaced-doctype.html
1989                fast/viewport/viewport-legacy-xhtmlmp-ordering.html
1990                fast/viewport/viewport-legacy-xhtmlmp.html
1991
1992         Use device-width and device-height as viewport size on
1993         XHTML-MP pages if the use feature LEGACY_VIEWPORT_ADAPTION
1994         is set according as the non normative section of
1995         http://www.w3.org/TR/css-device-adapt/
1996
1997         * dom/Document.cpp:
1998         (WebCore::Document::setDocType):
1999
2000 2012-05-09  Beth Dakin  <bdakin@apple.com>
2001
2002         https://bugs.webkit.org/show_bug.cgi?id=86025
2003         RTL and vertical text documents do no scroll properly with the new 
2004         tiled scrolling model
2005         -and corresponding-
2006         <rdar://problem/11077589>
2007
2008         Reviewed by Dan Bernstein.
2009         
2010         Most of the fix here is just to teach the scrolling tree about the 
2011         scroll origin.
2012         * page/scrolling/ScrollingCoordinator.cpp:
2013         (WebCore::ScrollingCoordinator::frameViewLayoutUpdated):
2014         (WebCore::ScrollingCoordinator::setScrollParameters):
2015         * page/scrolling/ScrollingCoordinator.h:
2016         (ScrollParameters):
2017         * page/scrolling/ScrollingTreeNode.cpp:
2018         (WebCore::ScrollingTreeNode::update):
2019         * page/scrolling/ScrollingTreeNode.h:
2020         (WebCore::ScrollingTreeNode::scrollOrigin):
2021         (ScrollingTreeNode):
2022         * page/scrolling/ScrollingTreeState.cpp:
2023         (WebCore::ScrollingTreeState::setScrollOrigin):
2024         (WebCore):
2025         * page/scrolling/ScrollingTreeState.h:
2026         (WebCore::ScrollingTreeState::scrollOrigin):
2027         (ScrollingTreeState):
2028         * page/scrolling/mac/ScrollingTreeNodeMac.mm:
2029         (WebCore::ScrollingTreeNodeMac::scrollPosition):
2030         (WebCore::ScrollingTreeNodeMac::setScrollLayerPosition):
2031         (WebCore::ScrollingTreeNodeMac::minimumScrollPosition):
2032         (WebCore::ScrollingTreeNodeMac::maximumScrollPosition):
2033         * rendering/RenderLayerCompositor.cpp:
2034         (WebCore::RenderLayerCompositor::frameViewDidScroll):
2035
2036         Teaching the scrolling tree about the scroll origin revealed this pre-
2037         existing bug. layoutOverflowRect() is not the right rect to use since 
2038         it is not writing-mode savvy. unscaledDocumentRect() is the right rect 
2039         for the view's bounds.
2040         * rendering/RenderLayerBacking.cpp:
2041         (WebCore::RenderLayerBacking::updateCompositedBounds):
2042
2043 2012-05-09  Rob Buis  <rwlbuis@webkit.org>
2044
2045         Cleanup SVGElement.cpp
2046         https://bugs.webkit.org/show_bug.cgi?id=86004
2047
2048         Reviewed by Eric Seidel.
2049
2050         Remove unneeded includes. We do not need to check attr in SVGElement::attributeChanged,
2051         lower layers assume it is non-null and we do not call attributeChanged in SVG.
2052
2053         * svg/SVGElement.cpp:
2054         (WebCore::SVGElement::attributeChanged):
2055         (WebCore::SVGElement::isAnimatableAttribute):
2056
2057 2012-05-09  Jochen Eisinger  <jochen@chromium.org>
2058
2059         When creating a new page during a navigation, prime the initial document with the correct referrer policy
2060         https://bugs.webkit.org/show_bug.cgi?id=86001
2061
2062         Reviewed by Adam Barth.
2063
2064         Test: http/tests/security/referrer-policy-redirect-link.html
2065
2066         * dom/Document.h:
2067         (WebCore::Document::setReferrerPolicy):
2068         * loader/FrameLoader.cpp:
2069         (WebCore::FrameLoader::continueLoadAfterNewWindowPolicy):
2070
2071 2012-05-09  Alec Flett  <alecflett@chromium.org>
2072
2073         IndexedDB: call abort handler when there are problems committing
2074         https://bugs.webkit.org/show_bug.cgi?id=85841
2075
2076         Reviewed by Ojan Vafai.
2077
2078         No new tests. Every existing test that calls commit() is testing
2079         the success side of this, and this only throws when there are
2080         LevelDB errors, which is exactly what we're trying to diagnose
2081         with this patch.
2082
2083         * Modules/indexeddb/IDBBackingStore.h:
2084         (Transaction):
2085         * Modules/indexeddb/IDBLevelDBBackingStore.cpp:
2086         (WebCore::IDBLevelDBBackingStore::deleteDatabase):
2087         (WebCore::IDBLevelDBBackingStore::Transaction::commit):
2088         * Modules/indexeddb/IDBLevelDBBackingStore.h:
2089         (Transaction):
2090         * Modules/indexeddb/IDBTransactionBackendImpl.cpp:
2091         (WebCore::IDBTransactionBackendImpl::commit):
2092
2093 2012-05-09  Mark Pilgrim  <pilgrim@chromium.org>
2094
2095         [Chromium] Remove PlatformSupport::loadPlatformImageResource, call loadResource directly
2096         https://bugs.webkit.org/show_bug.cgi?id=84417
2097
2098         Reviewed by Adam Barth.
2099
2100         Part of a refactoring series. See tracking bug 82948.
2101
2102         * WebCore.gyp/WebCore.gyp:
2103         * WebCore.gypi:
2104         * platform/chromium/PlatformSupport.h:
2105         (PlatformSupport):
2106         * platform/graphics/chromium/ImageChromium.cpp:
2107         (WebCore::Image::loadPlatformResource):
2108         * platform/graphics/chromium/ImageChromiumMac.mm: Removed.
2109
2110 2012-05-09  Rob Buis  <rbuis@rim.com>
2111
2112         Remove some isSVGFoo methods
2113         https://bugs.webkit.org/show_bug.cgi?id=86009
2114
2115         Reviewed by Eric Seidel.
2116
2117         These are not used at the moment and were probably just copy and pasted from
2118         isSVGFoo methods in RenderObject.h.
2119
2120         * rendering/RenderObject.h:
2121         * rendering/svg/RenderSVGEllipse.h:
2122         (RenderSVGEllipse):
2123         * rendering/svg/RenderSVGRect.h:
2124         (RenderSVGRect):
2125         * rendering/svg/RenderSVGShape.h:
2126
2127 2012-05-09  Ian Vollick  <vollick@chromium.org>
2128
2129         [chromium] Add impl-thread support for fill-mode and direction css animation properties
2130         https://bugs.webkit.org/show_bug.cgi?id=77662
2131
2132         Reviewed by James Robinson.
2133
2134         Adds support for accelerating css animations with -webkit-animation-fill-mode,
2135         and -webkit-animation-direction properties.
2136
2137         Tested in:
2138           CCActiveAnimationTest.TrimTimeAlternating
2139           CCLayerAnimationControllerTest.createReversedAnimation
2140           CCLayerAnimationControllerTest.createAlternatingAnimation
2141           CCLayerAnimationControllerTest.createReversedAlternatingAnimation
2142
2143         * platform/graphics/chromium/cc/CCActiveAnimation.cpp:
2144         (WebCore::CCActiveAnimation::CCActiveAnimation):
2145         (WebCore::CCActiveAnimation::trimTimeToCurrentIteration):
2146         (WebCore::CCActiveAnimation::cloneForImplThread):
2147         * platform/graphics/chromium/cc/CCActiveAnimation.h:
2148         (CCActiveAnimation):
2149         (WebCore::CCActiveAnimation::alternatesDirection):
2150         (WebCore::CCActiveAnimation::setAlternatesDirection):
2151         * platform/graphics/chromium/cc/CCLayerAnimationController.cpp:
2152
2153 2012-05-09  Ken Buchanan  <kenrb@chromium.org>
2154
2155         Crash from removal of a line break object
2156         https://bugs.webkit.org/show_bug.cgi?id=85997
2157
2158         Reviewed by David Hyatt.
2159
2160         Regression from r115343. That replaced a call to setNeedsLayout()
2161         with a separate call that used a different bit during linebox
2162         invalidation after renderer child removal. There are special cases
2163         where layout isn't marked on parent nodes just from the removal, so
2164         line dirtying needs to explicitly mark ancestors for layout.
2165
2166         * rendering/RenderObject.h:
2167         (WebCore::RenderObject::setAncestorLineBoxDirty):
2168
2169 2012-05-09  Levi Weintraub  <leviw@chromium.org>
2170
2171         Fix performance regression for floats caused by LayoutUnit change
2172         https://bugs.webkit.org/show_bug.cgi?id=85834
2173
2174         Reviewed by Ojan Vafai.
2175
2176         Refactoring FractionalLayout types to alleviate performance issues. Explicitly
2177         inlining constructor and operator functions in FractionalLayoutUnit, as well as
2178         pixelSnappedIntSize and pixelSnappedIntRect (particularly hot code paths). Also
2179         further simplifying round and ceil functions when sub-pixel layout is not enabled.
2180
2181         pixelSnappedIntSize was the only function defined in FractionalLayoutSize.cpp,
2182         so it is removed.
2183
2184         No new tests. No change in functionality.
2185
2186         * CMakeLists.txt:
2187         * GNUmakefile.list.am:
2188         * Target.pri:
2189         * WebCore.gypi:
2190         * WebCore.vcproj/WebCore.vcproj:
2191         * WebCore.xcodeproj/project.pbxproj:
2192         * platform/FractionalLayoutUnit.h:
2193         (WebCore::FractionalLayoutUnit::FractionalLayoutUnit):
2194         (FractionalLayoutUnit):
2195         (WebCore::FractionalLayoutUnit::toInt):
2196         (WebCore::FractionalLayoutUnit::toFloat):
2197         (WebCore::FractionalLayoutUnit::toDouble):
2198         (WebCore::FractionalLayoutUnit::toUnsigned):
2199         (WebCore::FractionalLayoutUnit::operator int):
2200         (WebCore::FractionalLayoutUnit::operator unsigned):
2201         (WebCore::FractionalLayoutUnit::operator float):
2202         (WebCore::FractionalLayoutUnit::operator double):
2203         (WebCore::FractionalLayoutUnit::operator bool):
2204         (WebCore::FractionalLayoutUnit::ceil):
2205         (WebCore::FractionalLayoutUnit::round):
2206         * platform/graphics/FractionalLayoutRect.cpp:
2207         (WebCore):
2208         * platform/graphics/FractionalLayoutRect.h:
2209         (WebCore::FractionalLayoutRect::pixelSnappedSize):
2210         (WebCore::pixelSnappedIntRect):
2211         (WebCore):
2212         * platform/graphics/FractionalLayoutSize.cpp: Removed.
2213         * platform/graphics/FractionalLayoutSize.h:
2214         (WebCore):
2215         * rendering/LayoutTypes.h:
2216         (WebCore::pixelSnappedIntSize):
2217         (WebCore):
2218
2219 2012-05-09  Abhishek Arya  <inferno@chromium.org>
2220
2221         Crash in ReplaceSelectionCommand::performTrivialReplace
2222         https://bugs.webkit.org/show_bug.cgi?id=85943
2223
2224         Reviewed by Ryosuke Niwa.
2225
2226         RefPtr nodeAfterInsertionPos to guard against mutation events.
2227
2228         Test: editing/inserting/insert-html-crash.html
2229
2230         * editing/ReplaceSelectionCommand.cpp:
2231         (WebCore::ReplaceSelectionCommand::performTrivialReplace):
2232
2233 2012-05-03  Shawn Singh  <shawnsingh@chromium.org>
2234
2235         Hit testing is incorrect in some cases with perspective transforms
2236         https://bugs.webkit.org/show_bug.cgi?id=79136
2237
2238         Reviewed by Simon Fraser.
2239
2240         Tests: transforms/3d/hit-testing/coplanar-with-camera.html
2241                transforms/3d/hit-testing/perspective-clipped.html
2242
2243         * platform/graphics/transforms/TransformationMatrix.cpp:
2244         (WebCore::TransformationMatrix::projectPoint): Fix a
2245         divide-by-zero error so that values do not become Inf or Nan. Also
2246         fix an overflow error by using a large, but not-too-large constant
2247         to represent infinity.
2248
2249         (WebCore::TransformationMatrix::projectQuad): Fix an error where
2250         incorrect quads were being returned. Incorrect quads can occur
2251         when projectPoint clamped==true after returning.
2252
2253 2012-05-09  Caio Marcelo de Oliveira Filho  <caio.oliveira@openbossa.org>
2254
2255         Simplify CSSParser::parseSimpleLengthValue()
2256         https://bugs.webkit.org/show_bug.cgi?id=85910
2257
2258         Reviewed by Alexis Menard.
2259
2260         Various small improvements to this function, mainly:
2261         - Move the check if the property ID accepts a simple length as early as possible;
2262         - Remove the check for the characters{8,16} pointers since they'll be valid (we ASSERT that);
2263         - Use a template to avoid duplicate code for 8 and 16 bit characters.
2264
2265         * css/CSSParser.cpp:
2266         (WebCore):
2267         (WebCore::parseSimpleLength):
2268         (WebCore::parseSimpleLengthValue):
2269
2270 2012-05-09  Ami Fischman  <fischman@chromium.org>
2271
2272         [chromium] Support multiple buffered time ranges
2273         https://bugs.webkit.org/show_bug.cgi?id=85926
2274
2275         Reviewed by Eric Carlson.
2276
2277         Preserve existing rendering of a single rect even in the presence of multiple buffered regions.
2278
2279         No new tests as this change has no functional effects.
2280
2281         * rendering/RenderMediaControlsChromium.cpp:
2282         (WebCore::paintMediaSlider):
2283
2284 2012-05-09  Dana Jansens  <danakj@chromium.org>
2285
2286         Early-out and avoid any copying when possible for Region operations
2287         https://bugs.webkit.org/show_bug.cgi?id=85260
2288
2289         Reviewed by Anders Carlsson.
2290
2291         For an empty region, any intersection or subtraction will not modify
2292         the region, so we can simply return instead of creating a new Shape
2293         and replacing the current empty Shape.
2294
2295         When a region is united with a region it contains, the orignal
2296         containing region is the result. So, if A.unite(B) and A.contains(B)
2297         then A does not need to change at all and we can return without making
2298         a copy of A's shape. When A is a rect, we can do this test even more
2299         simply.
2300
2301         We also remove redundant checks from trySimpleOperation() methods, where
2302         the test is already done in the Region calling site.
2303
2304         This change improves the performance of the Region overlap testing for
2305         composited layers, and allows us to avoid unnecessary copies of the
2306         Region during unite. With a layout test (attached to bug #81087), that
2307         creates a Region from the union of 225 composited layers, as well as
2308         600 overlapping layers above them, this change decreases the running
2309         time of the test by 3.2% by avoiding a copy of the entire Region for
2310         each insertion that does not change the resulting Region.
2311
2312         Unit tests: RegionTest.unite
2313
2314         * platform/graphics/Region.cpp:
2315         (WebCore::Region::Shape::UnionOperation::trySimpleOperation):
2316         (WebCore::Region::Shape::IntersectOperation::trySimpleOperation):
2317         (WebCore::Region::Shape::SubtractOperation::trySimpleOperation):
2318         (WebCore::Region::intersect):
2319         (WebCore::Region::unite):
2320         (WebCore::Region::subtract):
2321         * platform/graphics/Region.h:
2322         (WebCore::Region::isRect):
2323         (WebCore::Region::Shape::isRect):
2324
2325 2012-05-09  Tommy Widenflycht  <tommyw@google.com>
2326
2327         MediaStream API: SessionDescription::addCandidate should not crash for malformed input
2328         https://bugs.webkit.org/show_bug.cgi?id=85988
2329
2330         Reviewed by Adam Barth.
2331
2332         Sending null would crash the browser. Added safeguards in both the bindings and the native code.
2333
2334         Test: fast/mediastream/SessionDescription.html
2335
2336         * Modules/mediastream/SessionDescription.cpp:
2337         (WebCore::SessionDescription::addCandidate):
2338         * Modules/mediastream/SessionDescription.h:
2339         (SessionDescription):
2340         * Modules/mediastream/SessionDescription.idl:
2341
2342 2012-05-09  Tommy Widenflycht  <tommyw@google.com>
2343
2344         MediaStream API: Adding the possibility of port specific information in MediaStreamDescriptor
2345         https://bugs.webkit.org/show_bug.cgi?id=85794
2346
2347         Reviewed by Adam Barth.
2348
2349         To facilitate for ports I have added an ExtraData field that can be used for whatever purpose is needed.
2350
2351         No behavioral changes.
2352
2353         * platform/chromium/support/WebMediaStreamDescriptor.cpp:
2354         (ExtraDataContainer):
2355         (WebKit::ExtraDataContainer::ExtraDataContainer):
2356         (WebKit::ExtraDataContainer::extraData):
2357         (WebKit):
2358         (WebKit::WebMediaStreamDescriptor::extraData):
2359         (WebKit::WebMediaStreamDescriptor::setExtraData):
2360         * platform/mediastream/MediaStreamDescriptor.h:
2361         (ExtraData):
2362         (WebCore::MediaStreamDescriptor::ExtraData::~ExtraData):
2363         (MediaStreamDescriptor):
2364         (WebCore::MediaStreamDescriptor::extraData):
2365         (WebCore::MediaStreamDescriptor::setExtraData):
2366
2367 2012-05-09  Takashi Sakamoto  <tasak@google.com>
2368
2369         Crash in WebCore::RenderBoxModelObject::paddingLeft
2370         https://bugs.webkit.org/show_bug.cgi?id=83889
2371
2372         Reviewed by Abhishek Arya.
2373
2374         RenderScrollbar creates RenderScrollbarPart without any parent
2375         renderers. However, if the scrollbar has percent padding styles,
2376         non-null parent renderer is required. So after creating/destroying
2377         RenderScrollbarPart instances, set owningRenderer(creating)/0
2378         (destroying) as its parent renderer.
2379
2380         Test: scrollbars/scrollbar-percent-padding-crash.html
2381               scrollbars/scrollbar-percent-padding-crash-expected.txt
2382
2383         * rendering/RenderScrollbar.cpp:
2384         (WebCore::RenderScrollbar::updateScrollbarPart):
2385         Added setParent after creating/destroying RenderScrollbarPart.
2386         * rendering/RenderScrollbarPart.cpp:
2387         Made RenderScollbar friend, because setParent is protected and
2388         RenderScrollbar is not inherited from class RenderObject.
2389
2390 2012-05-09  Takashi Sakamoto  <tasak@google.com>
2391
2392         ShadowRoot needs applyAuthorStyles
2393         https://bugs.webkit.org/show_bug.cgi?id=78472
2394
2395         Reviewed by Hajime Morita.
2396
2397         Implemented applyAuthorStyles attribute defined in the following spec:
2398         http://dvcs.w3.org/hg/webcomponents/raw-file/tip/spec/shadow/index.html#shadow-root-attributes
2399         Since applyAuthorSheets attribute has been already implemented,
2400         renamed all applyAuthorSheets to applyAuthorStyles and
2401         added applyAuthorStyles to ShadowRoot.idl.
2402         Currently, changing dynamically applyAuthorStyles doesn't work. I will fix this isse in bugs:84215: https://bugs.webkit.org/show_bug.cgi?id=84251
2403
2404         Test: fast/dom/shadow/shadow-root-applyAuthorStyles.html
2405               fast/dom/shadow/shadow-root-applyAuthorStyles-expected.html
2406
2407         * css/StyleResolver.cpp:
2408         (WebCore::StyleResolver::collectMatchingRulesForList):
2409         * dom/ShadowRoot.cpp:
2410         (WebCore::ShadowRoot::ShadowRoot):
2411         (WebCore::ShadowRoot::applyAuthorStyles):
2412         (WebCore::ShadowRoot::setApplyAuthorStyles):
2413         * dom/ShadowRoot.h:
2414         * dom/TreeScope.cpp:
2415         (WebCore::TreeScope::applyAuthorStyles):
2416         * dom/TreeScope.h:
2417         (TreeScope):
2418         Changed all applyAuthorSheets to applyAuthorSytles.
2419         (ShadowRoot):
2420         * dom/ShadowRoot.idl:
2421         Added a new attribute, boolean applyAuthorStyles.
2422
2423 2012-05-09  Yoshifumi Inoue  <yosin@chromium.org>
2424
2425         [Chromium][Forms] HTMLOptionsCollection doesn't have indexed properties on property enumeration
2426         https://bugs.webkit.org/show_bug.cgi?id=85937
2427
2428         Reviewed by Kentaro Hara.
2429
2430         This patch adds numeric indices to properties in enumeration to HTMLOptionsCollection V8 binding
2431         to changes Objects.keys in ECMAScript5 and for-in statement behavior for compatibility with
2432         Firefox 12, IE9, Opera 11, and Safari 5.
2433
2434         Test: fast/forms/select/options-indexed-properties.html
2435
2436         * bindings/scripts/CodeGeneratorV8.pm:
2437         (GenerateImplementationIndexer): Set $hasEnumerator true for interface HTMLOptionsCollection
2438
2439 2012-05-09  Shinya Kawanaka  <shinyak@chromium.org>
2440
2441         Position should be able to have ShadowRoot as a container.
2442         https://bugs.webkit.org/show_bug.cgi?id=82021
2443
2444         Reviewed by Ryosuke Niwa.
2445
2446         Since Position could not take a shadow root as a container node, pointing the direct children
2447         of a shadow root was difficult.
2448
2449         This patch makes it enabled, and fixes a lot of crashes caused by that limitation.
2450         Also, we confirm that ShadowRoot is not exposed to JavaScript layer.
2451
2452         Currently this change is only enabled if shadow dom flag is enabled, since we cannot
2453         prove this change does not destroy the existing behavior. However, this change is really required
2454         to fix other editing bugs in Shadow DOM. A bunch of patches and tests will be added to
2455         fix other editing bugs and they will check this patch does not break editing.
2456         We will also add a fuzzer to check the stability of editing in Shadow DOM later, and it will
2457         also help to confirm the patch will not break the editing.
2458
2459         Tests: editing/shadow/doubleclick-on-meter-in-shadow-crash.html
2460                editing/shadow/rightclick-on-meter-in-shadow-crash.html
2461                editing/shadow/shadow-selection-not-exported.html
2462
2463         * dom/Position.cpp:
2464         (WebCore::Position::Position):
2465         (WebCore::Position::containerNode):
2466         (WebCore::Position::parentAnchoredEquivalent):
2467         (WebCore::Position::previous):
2468         (WebCore::Position::next):
2469         (WebCore::Position::atStartOfTree):
2470         (WebCore::Position::atEndOfTree):
2471         (WebCore::Position::findParent):
2472         * dom/Position.h:
2473         (WebCore):
2474         (WebCore::positionInParentBeforeNode):
2475         (WebCore::positionInParentAfterNode):
2476
2477 2012-05-09  Zoltan Horvath  <zoltan@webkit.org>
2478
2479         [Qt] Build fix when using libpng version != 1.2
2480         https://bugs.webkit.org/show_bug.cgi?id=85614
2481
2482         Reviewed by Eric Seidel.
2483
2484         Don't enforce the version of libpng when passing the option to the linker.
2485
2486         No new tests, no intended functionality change.
2487
2488         * WebCore.pri:
2489
2490 2012-05-09  Oli Lan  <olilan@chromium.org>
2491
2492         Add identifying methods for date/time input types.
2493
2494         This patch adds methods isDateField(), isDateTimeField(), isDateTimeLocalField(),
2495         isMonthField(), isTimeField() and isWeekField() to InputType and the appropriate
2496         HTMLInputElement classes, to allow date/time input types to be identified.
2497
2498         The new methods match the existing methods for types such as email, search and number.
2499
2500         https://bugs.webkit.org/show_bug.cgi?id=78746
2501
2502         Reviewed by Kent Tamura.
2503
2504         A new test WebViewTest.TextInputType has been added in WebKit/chromium/tests that calls
2505         through to these methods via WebViewImpl.textInputType().
2506
2507         * html/DateInputType.cpp:
2508         (WebCore::DateInputType::isDateField):
2509         (WebCore):
2510         * html/DateInputType.h:
2511         (DateInputType):
2512         * html/DateTimeInputType.cpp:
2513         (WebCore::DateTimeInputType::isDateTimeField):
2514         (WebCore):
2515         * html/DateTimeInputType.h:
2516         (DateTimeInputType):
2517         * html/DateTimeLocalInputType.cpp:
2518         (WebCore::DateTimeLocalInputType::isDateTimeLocalField):
2519         (WebCore):
2520         * html/DateTimeLocalInputType.h:
2521         (DateTimeLocalInputType):
2522         * html/HTMLInputElement.cpp:
2523         (WebCore::HTMLInputElement::isDateField):
2524         (WebCore):
2525         (WebCore::HTMLInputElement::isDateTimeField):
2526         (WebCore::HTMLInputElement::isDateTimeLocalField):
2527         (WebCore::HTMLInputElement::isMonthField):
2528         (WebCore::HTMLInputElement::isTimeField):
2529         (WebCore::HTMLInputElement::isWeekField):
2530         * html/HTMLInputElement.h:
2531         (HTMLInputElement):
2532         * html/InputType.cpp:
2533         (WebCore::InputType::isDateField):
2534         (WebCore):
2535         (WebCore::InputType::isDateTimeField):
2536         (WebCore::InputType::isDateTimeLocalField):
2537         (WebCore::InputType::isMonthField):
2538         (WebCore::InputType::isTimeField):
2539         (WebCore::InputType::isWeekField):
2540         * html/InputType.h:
2541         (InputType):
2542         * html/MonthInputType.cpp:
2543         (WebCore::MonthInputType::isMonthField):
2544         (WebCore):
2545         * html/MonthInputType.h:
2546         (MonthInputType):
2547         * html/TimeInputType.cpp:
2548         (WebCore::TimeInputType::isTimeField):
2549         (WebCore):
2550         * html/TimeInputType.h:
2551         (TimeInputType):
2552         * html/WeekInputType.cpp:
2553         (WebCore::WeekInputType::isWeekField):
2554         (WebCore):
2555         * html/WeekInputType.h:
2556         (WeekInputType):
2557
2558 2012-05-09  Nikolas Zimmermann  <nzimmermann@rim.com>
2559
2560         REGRESSION(r105057): Infinite loop inside SVGTextLayoutEngine::currentLogicalCharacterMetrics
2561         https://bugs.webkit.org/show_bug.cgi?id=83405
2562
2563         Reviewed by Darin Adler.
2564
2565         Dynamically adding tspans carrying position information in the x/y/dx/dy/rotate lists is broken.
2566         To avoid mistakes like this in future, simplify the calling code in RenderSVGInlineText and centralize
2567         the managment of all caches (text positioning element cache / metrics map / layout attributes) in
2568         RenderSVGText. This avoids the hack in SVGRootInlineBox::computePerCharacterLayoutInformation() which
2569         called textRoot->rebuildLayoutAttributes(), which was used to fix previous security issues with this code.
2570         Instead correctly handle destruction of RenderSVGInlineText in RenderSVGText, keeping the m_layoutAttributes
2571         synchronized with the current state of the render tree. Fixes highcharts problems.
2572
2573         Tests: svg/text/add-tspan-position-bug.html
2574                svg/text/modify-tspan-position-bug.html
2575
2576         * rendering/svg/RenderSVGInline.cpp:
2577         (WebCore::RenderSVGInline::addChild):
2578         * rendering/svg/RenderSVGInlineText.cpp:
2579         (WebCore::RenderSVGInlineText::willBeDestroyed):
2580         (WebCore::RenderSVGInlineText::setTextInternal):
2581         (WebCore::RenderSVGInlineText::styleDidChange):
2582         * rendering/svg/RenderSVGText.cpp:
2583         (WebCore::recursiveUpdateMetrics):
2584         (WebCore::RenderSVGText::subtreeChildAdded):
2585         (WebCore::RenderSVGText::subtreeChildWillBeDestroyed):
2586         (WebCore::recursiveCollectLayoutAttributes):
2587         (WebCore::checkLayoutAttributesConsistency):
2588         (WebCore::RenderSVGText::subtreeChildWasDestroyed):
2589         (WebCore::RenderSVGText::subtreeStyleChanged):
2590         (WebCore::RenderSVGText::subtreeTextChanged):
2591         (WebCore::RenderSVGText::layout):
2592         (WebCore::RenderSVGText::addChild):
2593         (WebCore::RenderSVGText::rebuildAllLayoutAttributes):
2594         (WebCore::RenderSVGText::rebuildLayoutAttributes):
2595         * rendering/svg/RenderSVGText.h:
2596         (WebCore::RenderSVGText::layoutAttributes):
2597         * rendering/svg/SVGRootInlineBox.cpp:
2598         (WebCore::SVGRootInlineBox::computePerCharacterLayoutInformation):
2599         * rendering/svg/SVGTextLayoutAttributesBuilder.cpp:
2600         (WebCore::SVGTextLayoutAttributesBuilder::buildLayoutAttributes):
2601
2602 2012-05-08  Dongwoo Im  <dw.im@samsung.com>
2603
2604         NavigatorRegisterProtocolHandler can call ChromeClient directly.
2605         https://bugs.webkit.org/show_bug.cgi?id=85944
2606
2607         Reviewed by Adam Barth.
2608
2609         Covered by fast/dom/register-protocol-handler.html
2610
2611         * page/Chrome.cpp: Remove registerProtocolHandler function.
2612         * page/Chrome.h: Remove registerProtocolHandler prototype.
2613         (Chrome):
2614         * page/NavigatorRegisterProtocolHandler.cpp: Call ChromeClient::registerProtocolHandler directly.
2615         (WebCore::NavigatorRegisterProtocolHandler::registerProtocolHandler):
2616
2617 2012-05-08  Mario Sanchez Prada  <msanchez@igalia.com>
2618
2619         Coding style issues present in RenderFrameSet.cpp
2620         https://bugs.webkit.org/show_bug.cgi?id=85955
2621
2622         Reviewed by Eric Seidel.
2623
2624         Just fixed those coding style issues.
2625
2626         * rendering/RenderFrameSet.cpp:
2627         (WebCore::RenderFrameSet::GridAxis::resize):
2628         (WebCore::RenderFrameSet::layOutAxis):
2629         (WebCore::RenderFrameSet::continueResizing):
2630
2631 2012-05-08  Jon Lee  <jonlee@apple.com>
2632
2633         Unreviewed build fix.
2634
2635         * platform/mac/WebCoreSystemInterface.h:
2636
2637 2012-05-08  Jason Liu  <jason.liu@torchmobile.com.cn>
2638
2639         [BlackBerry] Auth credentials set in private mode are reused in public mode.
2640         https://bugs.webkit.org/show_bug.cgi?id=84697
2641
2642         Reviewed by Rob Buis.
2643
2644         Add setPrivateMode function for CredentialStorage.
2645
2646         Now, we only save credentials in memory and CredentialBackingStore isn't enabled.
2647         When we set private mode from on to off, we clear all these temporary credentials.
2648
2649         We have to change Private Browsing to test, so have to write a manual test case.
2650         Test: ManualTests/blackberry/http-auth-private-mode-changed.html
2651
2652         * network/CredentialStorage.cpp:
2653         (WebCore::CredentialStorage::setPrivateMode):
2654         (WebCore):
2655         * platform/network/CredentialStorage.h:
2656         (CredentialStorage):
2657
2658 2012-05-08  Rakesh KN  <rakesh.kn@motorola.com>
2659
2660         RadioNodeList support in HTMLFormElement::elements
2661         https://bugs.webkit.org/show_bug.cgi?id=81854
2662
2663         Reviewed by Ryosuke Niwa.
2664
2665         Implement RadioNodeList support spec'ed at
2666         http://www.whatwg.org/specs/web-apps/current-work/multipage/common-dom-interfaces.html#radionodelist
2667
2668         Test: fast/forms/form-collection-radio-node-list.html
2669
2670         * CMakeLists.txt:
2671         Added entries for new files.
2672         * DerivedSources.cpp: Ditto.
2673         * DerivedSources.make: Ditto.
2674         * DerivedSources.pri: Ditto.
2675         * GNUmakefile.list.am: Ditto.
2676         * Target.pri: Ditto.
2677         * WebCore.gypi: Ditto.
2678         * WebCore.vcproj/WebCore.vcproj: Ditto.
2679         * WebCore.xcodeproj/project.pbxproj: Ditto.
2680         * bindings/js/JSHTMLCollectionCustom.cpp:
2681         (WebCore::getNamedItems):
2682         Modified to create RadioNodeList object when FormControlCollection has more than
2683         one element of same name/id.
2684         * bindings/scripts/CodeGeneratorJS.pm:
2685         (GenerateImplementation):
2686         Added code to include Node.h and JSNode.h in JSRadioNodeElement.cpp.
2687         * bindings/v8/custom/V8HTMLCollectionCustom.cpp:
2688         (WebCore::getNamedItems):
2689         Modified to create RadioNodeList object when FormControlCollection has more than
2690         one element of same name/id.
2691         * dom/Node.cpp:
2692         (WebCore::Node::invalidateNodeListsCacheAfterAttributeChanged):
2693         Invalidate lists even for change in id, type, checked attributes.
2694         (WebCore::NodeListsNodeData::invalidateCachesThatDependOnAttributes):
2695         Invalidate radioNodeList cache.
2696         (WebCore::NodeListsNodeData::isEmpty):
2697         Changes for radioNodeList.
2698         (WebCore::Node::radioNodeList):
2699         Creates if needed a RadioNodeList and adds it to the cache.
2700         (WebCore::Node::removeCachedRadioNodeList):
2701         Removes a cached radioNodeList.
2702         * dom/Node.h: Ditto
2703         * dom/NodeRareData.h:
2704         (WebCore):
2705         (NodeListsNodeData):
2706         Added radioNodeList list.
2707         * html/CollectionType.h:
2708         Added new FormControls type.
2709         * html/HTMLCollection.cpp:
2710         (WebCore::HTMLCollection::shouldIncludeChildren):
2711         (WebCore::HTMLCollection::isAcceptableElement):
2712         Handle FormControls collection type.
2713         * html/HTMLFormCollection.cpp:
2714         (WebCore::HTMLFormCollection::HTMLFormCollection):
2715         Contruct collection of FormControls type.
2716         * html/RadioNodeList.cpp: Added.
2717         (WebCore):
2718         (WebCore::RadioNodeList::RadioNodeList):
2719         (WebCore::RadioNodeList::~RadioNodeList):
2720         (WebCore::toRadioButtonInputElement):
2721         (WebCore::RadioNodeList::value):
2722         (WebCore::RadioNodeList::setValue):
2723         (WebCore::RadioNodeList::nodeMatches):
2724         * html/RadioNodeList.h: Added.
2725         (WebCore):
2726         (RadioNodeList):
2727         (WebCore::RadioNodeList::create):
2728         RadioNodeList implementation.
2729         * html/RadioNodeList.idl: Added.
2730         Idl for generating RadioNodeList JS/V8 bindings.
2731
2732 2012-05-08  Benjamin Poulain  <bpoulain@apple.com>
2733
2734         [JSC] Regression: addEventListener() and removeEventListener() raise an exception on missing args
2735         https://bugs.webkit.org/show_bug.cgi?id=85928
2736
2737         Reviewed by Geoffrey Garen.
2738
2739         The functions addEventListener() and removeEventListener() raise an exception if there are missin arguments.
2740         This behavior breaks existing content.
2741
2742         This patch change the code generator of JavaScript core to have an exception for addEventListener() and removeEventListener().
2743         For those function, we do not raise an exception on missin argument.
2744
2745         This patch does not modify the V8 code generator because such exceptions are already in place there.
2746
2747         Tests: fast/dom/Window/window-legacy-event-listener.html
2748                fast/dom/XMLHttpRequest-legacy-event-listener.html
2749                fast/dom/node-legacy-event-listener.html
2750
2751         * bindings/scripts/CodeGeneratorJS.pm:
2752         (GenerateImplementation):
2753
2754 2012-05-08  Chris Rogers  <crogers@google.com>
2755
2756         AudioParam should directly be given context in create() method
2757         https://bugs.webkit.org/show_bug.cgi?id=85905
2758
2759         Reviewed by James Robinson.
2760
2761         No new tests.  This is a low-level re-factoring and is covered by existing tests.
2762
2763         * Modules/webaudio/AudioBufferSourceNode.cpp:
2764         (WebCore::AudioBufferSourceNode::AudioBufferSourceNode):
2765         * Modules/webaudio/AudioGain.h:
2766         (WebCore::AudioGain::create):
2767         (WebCore::AudioGain::AudioGain):
2768         * Modules/webaudio/AudioGainNode.cpp:
2769         (WebCore::AudioGainNode::AudioGainNode):
2770         * Modules/webaudio/AudioPannerNode.cpp:
2771         (WebCore::AudioPannerNode::AudioPannerNode):
2772         * Modules/webaudio/AudioParam.h:
2773         (WebCore::AudioParam::create):
2774         (AudioParam):
2775         (WebCore::AudioParam::AudioParam):
2776         * Modules/webaudio/BiquadFilterNode.cpp:
2777         (WebCore::BiquadFilterNode::BiquadFilterNode):
2778         * Modules/webaudio/BiquadProcessor.cpp:
2779         (WebCore::BiquadProcessor::BiquadProcessor):
2780         * Modules/webaudio/BiquadProcessor.h:
2781         * Modules/webaudio/DelayNode.cpp:
2782         (WebCore::DelayNode::DelayNode):
2783         * Modules/webaudio/DelayProcessor.cpp:
2784         (WebCore::DelayProcessor::DelayProcessor):
2785         * Modules/webaudio/DelayProcessor.h:
2786         (DelayProcessor):
2787         * Modules/webaudio/DynamicsCompressorNode.cpp:
2788         (WebCore::DynamicsCompressorNode::DynamicsCompressorNode):
2789         * Modules/webaudio/Oscillator.cpp:
2790         (WebCore::Oscillator::Oscillator):
2791
2792 2012-05-08  Dana Jansens  <danakj@chromium.org>
2793
2794         [chromium] Show borders for partial-draw-culled quads to visualize culling behaviour
2795         https://bugs.webkit.org/show_bug.cgi?id=85414
2796
2797         Reviewed by Adrienne Walker.
2798
2799         The borders are brown, and are only shown when the quad's visible rect
2800         is non-empty and is different from the quad's original rect.
2801
2802         Adds a flag to CCQuadCuller constructor, to enable showing debug borders
2803         around what it leaves after culling (when it culls anything in a quad
2804         at all).
2805
2806         * platform/graphics/chromium/cc/CCDrawQuad.h:
2807         (WebCore::CCDrawQuad::isDebugQuad):
2808         (WebCore::CCDrawQuad::sharedQuadState):
2809         (CCDrawQuad):
2810         * platform/graphics/chromium/cc/CCQuadCuller.cpp:
2811         (WebCore):
2812         (WebCore::CCQuadCuller::CCQuadCuller):
2813         (WebCore::appendQuadInternal):
2814         (WebCore::CCQuadCuller::append):
2815         (WebCore::CCQuadCuller::appendSurface):
2816         (WebCore::CCQuadCuller::appendReplica):
2817         * platform/graphics/chromium/cc/CCQuadCuller.h:
2818         (CCQuadCuller):
2819         * platform/graphics/chromium/cc/CCRenderPass.cpp:
2820         (WebCore::CCRenderPass::appendQuadsForLayer):
2821         (WebCore::CCRenderPass::appendQuadsForRenderSurfaceLayer):
2822
2823 2012-05-08  Julien Chaffraix  <jchaffraix@webkit.org>
2824
2825         Move RenderLayers z-index lists dirtying to post style change
2826         https://bugs.webkit.org/show_bug.cgi?id=85437
2827
2828         Reviewed by Darin Adler.
2829
2830         No expected change in behavior.
2831
2832         This change moves the z-order lists to RenderLayer::styleChanged. As part of this
2833         change, also added proper handling of stacking context transition. This enabled
2834         us to tighten more of the dirtyZOrderLists / clearZOrderLists code.
2835
2836         * rendering/RenderBoxModelObject.cpp:
2837         (WebCore::RenderBoxModelObject::styleWillChange):
2838         Removed this code, moved to updateStackingContextsAfterStyleChange.
2839
2840         * rendering/RenderLayer.cpp:
2841         (WebCore::RenderLayer::RenderLayer):
2842         Only stacking contexts start with dirty z-order lists.
2843
2844         (WebCore::RenderLayer::dirtyZOrderLists):
2845         Added an ASSERT.
2846
2847         (WebCore::RenderLayer::updateStackingContextsAfterStyleChange):
2848         Refactored the code to handle the transition between stacking context status.
2849
2850         (WebCore::RenderLayer::styleChanged):
2851         Added a call to updateStackingContextsAfterStyleChange.
2852
2853         * rendering/RenderLayer.h:
2854         (WebCore::RenderLayer::isStackingContext):
2855         Added a call to the next function.
2856
2857         (WebCore::RenderLayer::layerWithStyleIsStackingContext):
2858         Factored the isStackingContext logic here so that we can reuse it inside
2859         updateStackingContextsAfterStyleChange.
2860
2861         (WebCore::RenderLayer::clearZOrderLists):
2862         Added an ASSERT.
2863
2864 2012-05-08  Abhishek Arya  <inferno@chromium.org>
2865
2866         Crash due to owning renderer not removed from custom scrollbar.
2867         https://bugs.webkit.org/show_bug.cgi?id=80610
2868
2869         Reviewed by Eric Seidel.
2870
2871         Test: scrollbars/scrollbar-owning-renderer-crash.html
2872
2873         Changed RenderScrollbar to keep pointer to owning node, instead of the
2874         renderer. Renderer can get destroyed without informing the scrollbar, causing
2875         crashes later. Remove code from r94107 since it is not needed anymore and saves
2876         times when RenderBox is getting destroyed.
2877
2878         * page/FrameView.cpp:
2879         (WebCore::FrameView::createScrollbar): pass renderer's node.
2880         * page/FrameView.h:
2881         * rendering/RenderBox.cpp:
2882         (WebCore::RenderBox::willBeDestroyed): no longer need this. came originally from r94107.
2883         * rendering/RenderLayer.cpp:
2884         (WebCore::RenderLayer::createScrollbar): pass renderer's node.
2885         (WebCore::RenderLayer::destroyScrollbar): no longer need to clear owning renderer.
2886         * rendering/RenderListBox.cpp:
2887         (WebCore::RenderListBox::createScrollbar): pass renderer's node.
2888         * rendering/RenderMenuList.cpp:
2889         (WebCore::RenderMenuList::createScrollbar): pass renderer's node.
2890         * rendering/RenderScrollbar.cpp:
2891         (WebCore::RenderScrollbar::createCustomScrollbar): Store owner node instead of renderer.
2892         (WebCore::RenderScrollbar::RenderScrollbar): Store owner node instead of renderer.
2893         (WebCore::RenderScrollbar::owningRenderer): calculate owning renderer from owner node.
2894         * rendering/RenderScrollbar.h:
2895         (RenderScrollbar):
2896         * rendering/RenderTextControlSingleLine.cpp:
2897         (WebCore::RenderTextControlSingleLine::createScrollbar): pass renderer's node.
2898
2899 2012-05-08  Jon Lee  <jonlee@apple.com>
2900
2901         Safari warns that it needs to resend the form in an iFrame when going back
2902         https://bugs.webkit.org/show_bug.cgi?id=82658
2903         <rdar://problem/11292558>
2904
2905         Reviewed by Darin Adler.
2906
2907         Test: http/tests/loading/post-in-iframe-with-back-navigation.html
2908
2909         * WebCore.exp.in: Add _wkCFURLRequestAllowAllPostCaching.
2910         * platform/mac/WebCoreSystemInterface.h: Add wkCFURLRequestAllowAllPostCaching.
2911         * platform/mac/WebCoreSystemInterface.mm: Add wkCFURLRequestAllowAllPostCaching.
2912         * platform/network/cf/ResourceRequestCFNet.cpp:
2913         (WebCore::ResourceRequest::doUpdatePlatformRequest): Set the bit to cache all POST responses.
2914         * platform/network/mac/ResourceRequestMac.mm:
2915         (WebCore::ResourceRequest::doUpdatePlatformRequest): Set the bit to cache all POST responses.
2916
2917 2012-05-08  Dana Jansens  <danakj@chromium.org>
2918
2919         [chromium] Reflections with masks should not occlude
2920         https://bugs.webkit.org/show_bug.cgi?id=85927
2921
2922         Reviewed by James Robinson.
2923
2924         When a surface does not have a mask, we make both it and its reflection
2925         occlude the things below them. However, if the reflection has a mask
2926         applied to it, then we should not consider it as occluding.
2927
2928         Adds replicaHasMask() to the render surface classes so we can test if
2929         the mask is present.
2930
2931         Unit Tests: CCOcclusionTrackerTestReplicaWithMask
2932
2933         * platform/graphics/chromium/RenderSurfaceChromium.cpp:
2934         (WebCore::RenderSurfaceChromium::hasMask):
2935         This is unusued right now, but will allow us to remove a FIXME from
2936         CCOcclusionTracker::finishedTargetRenderSurface().
2937         (WebCore):
2938         (WebCore::RenderSurfaceChromium::replicaHasMask):
2939         * platform/graphics/chromium/RenderSurfaceChromium.h:
2940         (RenderSurfaceChromium):
2941         * platform/graphics/chromium/cc/CCOcclusionTracker.cpp:
2942         (WebCore::::leaveToTargetRenderSurface):
2943         * platform/graphics/chromium/cc/CCRenderSurface.cpp:
2944         (WebCore::CCRenderSurface::hasMask):
2945         This is unusued right now, but will allow us to remove a FIXME from
2946         CCOcclusionTracker::finishedTargetRenderSurface().
2947         (WebCore):
2948         (WebCore::CCRenderSurface::replicaHasMask):
2949         * platform/graphics/chromium/cc/CCRenderSurface.h:
2950         (CCRenderSurface):
2951
2952 2012-05-08  Eric Seidel  <eric@webkit.org>
2953
2954         Add stylesheet inheritance support to IFRAME_SEAMLESS
2955         https://bugs.webkit.org/show_bug.cgi?id=85914
2956
2957         Reviewed by Ojan Vafai.
2958
2959         This work is already guarded by IFRAME_SEAMLESS, as
2960         Document::shouldDisplaySeamlesslyWithParent always returns false
2961         when IFRAME_SEAMLESS is off.
2962
2963         This makes the child document use all author stylesheets from all parent documents,
2964         per the seamless spec:
2965         http://www.whatwg.org/specs/web-apps/current-work/#attr-iframe-seamless
2966
2967         This support is slightly inefficient as every time a sheet is added
2968         to a parent document, the child document must do a full style selector recalc.
2969         Normally author sheet additions have a fast-path which avoids the full selector recalc,
2970         but such is not possible in the seamless case as we're inserting the parents sheets
2971         earlier in the child's cascade (instead of just appending them to the end of the list).
2972
2973         The test covers both the static inheritance as well as addition of a stylesheet
2974         to the parent and testing that it caused a recalc of the child.
2975
2976         Covered by fast/frames/seamless/seamless-css-cascade.html
2977
2978         * css/StyleResolver.cpp:
2979         (WebCore::StyleResolver::StyleResolver):
2980         (WebCore::StyleResolver::addStylesheetsFromSeamlessParents):
2981         (WebCore):
2982         * css/StyleResolver.h:
2983         (StyleResolver):
2984         * dom/Document.cpp:
2985         (WebCore::Document::seamlessParentUpdatedStylesheets):
2986         (WebCore):
2987         (WebCore::Document::notifySeamlessChildDocumentsOfStylesheetUpdate):
2988         (WebCore::Document::updateActiveStylesheets):
2989         * dom/Document.h:
2990         (Document):
2991
2992 2012-05-08  Raphael Kubo da Costa  <rakuco@webkit.org>
2993
2994         [CMake] FindGStreamer: Fix the build with static WebCore.
2995         https://bugs.webkit.org/show_bug.cgi?id=85930
2996
2997         Reviewed by Daniel Bates.
2998
2999         No new tests, build fix.
3000
3001         Building WebCore statically was failing because files in
3002         WebCore/platform/gstreamer when ENABLE_VIDEO was set required
3003         gstreamer-base, which was not being linked to after r116453.
3004
3005         Fix that by looking for gstreamer-base, requiring and linking
3006         against it if GStreamer is used.
3007
3008         * PlatformEfl.cmake: Link to GSTREAMER_LIBRARIES and
3009         GSTREAMER_BASE_LIBRARIES, and include GSTREAMER_INCLUDE_DIRS and
3010         GSTREAMER_BASE_INCLUDE_DIRS.
3011
3012 2012-05-08  Raymond Toy  <rtoy@google.com>
3013
3014         JavaScriptAudioNode should not ASSERT if number of input channels is 0
3015         https://bugs.webkit.org/show_bug.cgi?id=85818
3016
3017         Reviewed by Eric Seidel.
3018
3019         Test: webaudio/javascriptaudionode-zero-input-channels.html
3020
3021         * Modules/webaudio/JavaScriptAudioNode.cpp:
3022         (WebCore::JavaScriptAudioNode::process): Update buffersAreGood.
3023         (WebCore::JavaScriptAudioNode::fireProcessEvent): Remove ASSERT.
3024
3025 2012-05-08  Dana Jansens  <danakj@chromium.org>
3026
3027         Region reads past end of spans
3028         https://bugs.webkit.org/show_bug.cgi?id=85909
3029
3030         Reviewed by Anders Carlsson.
3031
3032         Region currently checks aSpan == aSpanEnd as the indicator that
3033         we passed all the spans. When aSpan < aSpanEnd, it uses aSpan+1
3034         to find the height of the span.
3035
3036         If aSpan == aSpanEnd - 1, then aSpan+1 == aSpanEnd. This does not
3037         represent a valid span, since aSpanEnd is past the end of the
3038         array, not the last element in the array. The loop should terminate
3039         in this case.
3040
3041         Checking aSegment != aSegmentEnd is acceptable in the inner loop since
3042         it increments by two each time (segments come in pairs, while spans
3043         come in singles).
3044
3045         Test: RegionTest.ReadPastFullSpanVectorInIntersectsTest
3046
3047         * platform/graphics/Region.cpp:
3048         (WebCore::Region::Shape::compareShapes):
3049
3050 2012-05-08  Philip Rogers  <pdr@google.com>
3051
3052         Prevent crash in animated lists
3053         https://bugs.webkit.org/show_bug.cgi?id=85382
3054
3055         Reviewed by Nikolas Zimmermann.
3056
3057         Animated lists blindly assign the last list value to m_toAtEndOfDurationType
3058         in SVGAnimationElement::startedActiveInterval. If the last list value's length
3059         is larger or smaller than the animated "to" length, we crash.
3060
3061         This change prevents accessing values off the end of toAtEndOfDuration by adding
3062         a check for this case. It may seem inefficient to perform this check on every
3063         animation update but the "to" value can change (in cardinality) while animating.
3064
3065         I checked each of the other animation types (e.g., SVGAnimatedAngle,
3066         SVGAnimatedBoolean, etc.) and was only able to hit this style of crash
3067         in the three types modified in this change:
3068         SVGAnimatedLengthList, SVGAnimatedNumberList, and SVGAnimatedPointList.
3069
3070         Tests: svg/animations/animate-linear-discrete-additive-b-expected.svg
3071                svg/animations/animate-linear-discrete-additive-b.svg
3072                svg/animations/animate-linear-discrete-additive-c-expected.svg
3073                svg/animations/animate-linear-discrete-additive-c.svg
3074                svg/animations/animate-linear-discrete-additive-expected.svg
3075                svg/animations/animate-linear-discrete-additive.svg
3076                svg/animations/animate-list-crash.svg
3077
3078         * svg/SVGAnimatedLengthList.cpp:
3079         (WebCore::SVGAnimatedLengthListAnimator::calculateAnimatedValue):
3080         * svg/SVGAnimatedNumberList.cpp:
3081         (WebCore::SVGAnimatedNumberListAnimator::calculateAnimatedValue):
3082         * svg/SVGAnimatedPointList.cpp:
3083         (WebCore::SVGAnimatedPointListAnimator::calculateAnimatedValue):
3084
3085 2012-05-08  Rafael Weinstein  <rafaelw@chromium.org>
3086
3087         HTMLElementStack::hasOnlyHTMLElementsInScope is no longer called
3088         https://bugs.webkit.org/show_bug.cgi?id=85908
3089
3090         Reviewed by Eric Seidel.
3091
3092         This patch just removes the dead code.
3093
3094         No tests needed. Cleanup only.
3095
3096         * html/parser/HTMLElementStack.cpp:
3097         * html/parser/HTMLElementStack.h:
3098         (HTMLElementStack):
3099
3100 2012-05-08  W. James MacLean  <wjmaclean@chromium.org>
3101
3102         [chromium] Create LinkHighlightLayerChromium class to provide link-highlight preview animations for GraphicsLayerChromium.
3103         https://bugs.webkit.org/show_bug.cgi?id=85084
3104
3105         Reviewed by James Robinson.
3106
3107         Unit test provided.
3108
3109         Creates a layer delegate class to provide link highlight animations for link-preview feature.
3110         These are added to a GraphicsLayerChromium via provided methods. Moves dispensing of animation
3111         ids into a separate class.
3112
3113         * WebCore.gypi:
3114         * platform/graphics/chromium/AnimationIdVendor.cpp: Added.
3115         (WebCore):
3116         (WebCore::AnimationIdVendor::getNextAnimationId):
3117         (WebCore::AnimationIdVendor::getNextGroupId):
3118         * platform/graphics/chromium/AnimationIdVendor.h: Added.
3119         (WebCore):
3120         (AnimationIdVendor):
3121         * platform/graphics/chromium/GraphicsLayerChromium.cpp:
3122         (WebCore::GraphicsLayerChromium::willBeDestroyed):
3123         (WebCore::GraphicsLayerChromium::updateNames):
3124         (WebCore::GraphicsLayerChromium::addAnimation):
3125         (WebCore::GraphicsLayerChromium::addLinkHighlight):
3126         (WebCore):
3127         (WebCore::GraphicsLayerChromium::didFinishLinkHighlight):
3128         (WebCore::GraphicsLayerChromium::updateChildList):
3129         (WebCore::GraphicsLayerChromium::mapAnimationNameToId):
3130         * platform/graphics/chromium/GraphicsLayerChromium.h:
3131         (WebCore):
3132         (GraphicsLayerChromium):
3133         * platform/graphics/chromium/LinkHighlight.cpp: Added.
3134         (WebCore):
3135         (WebCore::LinkHighlight::create):
3136         (WebCore::LinkHighlight::LinkHighlight):
3137         (WebCore::LinkHighlight::~LinkHighlight):
3138         (WebCore::LinkHighlight::contentLayer):
3139         (WebCore::LinkHighlight::paintContents):
3140         (WebCore::LinkHighlight::notifyAnimationStarted):
3141         (WebCore::LinkHighlight::notifyAnimationFinished):
3142         * platform/graphics/chromium/LinkHighlight.h: Added.
3143         (WebCore):
3144         (LinkHighlight):
3145
3146 2012-05-08  Raphael Kubo da Costa  <rakuco@webkit.org>
3147
3148         [CMake] Rewrite FindGStreamer.cmake.
3149         https://bugs.webkit.org/show_bug.cgi?id=85857
3150
3151         Reviewed by Daniel Bates.
3152
3153         No new tests, build system change.
3154
3155         We are currently kind of duplicating the same
3156         FindGStreamer-Foo.cmake file whenever a new GStreamer plugin needs
3157         to be found. Besides this approach not scaling very well, it
3158         relies on pkg-config for version checking, uses the LibFindMacros
3159         package that we should deprecate and all the find files could be
3160         merged into one, with users using the COMPONENTS feature of the
3161         FIND_PACKAGE() call to find the desired plugins.
3162
3163         FindGStreamer.cmake has then been rewritten to take all that into
3164         account:
3165         - The LibFindMacros.cmake package is not used anymore.
3166         - Version check is performed in the CMake file itself by parsing
3167         the gstversion.h header.
3168         - All GStreamer plugins are searched and the COMPONENTS keyword
3169         used in the FIND_PACKAGE() call is used to check which plugins are
3170         required.
3171         - The plugins-base and base GStreamer plugins are not searched, as
3172         they were not used anywhere in the build system.
3173
3174         * PlatformEfl.cmake: Update GStreamer-related variable names.
3175
3176 2012-05-08  Mikhail Pozdnyakov  <mikhail.pozdnyakov@intel.com>
3177
3178         [EFL] Handling of numeric-pad keys in EFL's PlatformKeyboardEvent
3179         https://bugs.webkit.org/show_bug.cgi?id=85479
3180
3181         Reviewed by Gustavo Noronha Silva.
3182
3183         EFL's PlatformKeyboardEvent::isKeypad() now returns meaningful value.
3184         Added numeric-pad keys to the Key Map and Windows Key Map.
3185
3186         No new tests.
3187
3188         * platform/efl/EflKeyboardUtilities.cpp:
3189         (WebCore::createKeyMap):
3190         (WebCore::createWindowsKeyMap):
3191         * platform/efl/PlatformKeyboardEventEfl.cpp:
3192         (WebCore::PlatformKeyboardEvent::PlatformKeyboardEvent):
3193
3194 2012-05-04  Nikolas Zimmermann  <nzimmermann@rim.com>
3195
3196         Tie lifetime of SVGAnimateElement::m_animatedType to the duration of the animation
3197         https://bugs.webkit.org/show_bug.cgi?id=85627
3198
3199         Reviewed by Antti Koivisto.
3200
3201         Example:
3202         <rect width="10" height="100">
3203             <animate attributeName="width" from="10" to="100" begin="2s" dur="4s" fill="remove"/>
3204         </rect>
3205
3206         At t=0s the <animate> element receives its first interval: begin=2s, end=6s.
3207         At this point we've created the 'OwnPtr<SVGAnimatedType> m_animatedType' in
3208         SVGAnimateElement, which holds the current animated value of the target type.
3209         In this example it contains a SVGLength with '10' as value at t=0s.
3210
3211         Calling "rect.width.animVal.value" will return the value currently contained in the
3212         m_animatedType from the SVGAnimateElement, even though the animation didn't begin
3213         yet. This is fine, as the animVal equals to the baseVal, as long as no animation is
3214         running.
3215
3216         At t=6s you'd expect that the whole 'animVal' object is destructed again, as it's no
3217         longer needed, as animVal will be equal to baseVal again, but the current code keeps
3218         the animVal alive, and just resets it to the baseVal. The animVals will be destructed
3219         once the animate element leaves the tree.
3220
3221         CSS animations suffer from the same problem, we never remove the animated SMIL properties
3222         but we only reset them to the base value. This makes integration with CSS Animations and
3223         CSS Transitions harder, so this needs to be changed.
3224
3225         This patch starts tracking the start/end of an animation chain properly, to destruct
3226         the animation effect for non-frozen animations at the end of their duration. This has to
3227         work properly together with seeking (SVGSVGElement.setCurrentTime), as our testing relies
3228         on the ability to drive the SMIL timeline from script.
3229
3230         Tests: svg/animations/list-wrapper-assertion-expected.svg
3231                svg/animations/list-wrapper-assertion.svg
3232
3233         * svg/SVGAnimateElement.cpp:
3234         (WebCore::SVGAnimateElement::resetAnimatedType):
3235         (WebCore::applyCSSPropertyToTarget):
3236         (WebCore::removeCSSPropertyFromTarget):
3237         (WebCore::applyCSSPropertyToTargetAndInstances):
3238         (WebCore::removeCSSPropertyFromTargetAndInstances):
3239         (WebCore::notifyTargetAboutAnimValChange):
3240         (WebCore::notifyTargetAndInstancesAboutAnimValChange):
3241         (WebCore::SVGAnimateElement::clearAnimatedType):
3242         (WebCore::SVGAnimateElement::applyResultsToTarget):
3243         (WebCore::SVGAnimateElement::targetElementWillChange):
3244         * svg/SVGAnimateElement.h:
3245         (SVGAnimateElement):
3246         * svg/SVGAnimateMotionElement.cpp:
3247         (WebCore::SVGAnimateMotionElement::resetAnimatedType):
3248         (WebCore::SVGAnimateMotionElement::clearAnimatedType):
3249         * svg/SVGAnimateMotionElement.h:
3250         (SVGAnimateMotionElement):
3251         * svg/SVGAnimationElement.cpp:
3252         * svg/SVGAnimationElement.h:
3253         * svg/animation/SMILTimeContainer.cpp:
3254         (WebCore::SMILTimeContainer::updateAnimations):
3255         * svg/animation/SVGSMILElement.cpp:
3256         (WebCore::SVGSMILElement::reset):
3257         (WebCore::SVGSMILElement::targetElementWillChange):
3258         (WebCore::SVGSMILElement::determineActiveState):
3259         (WebCore::SVGSMILElement::progress):
3260         * svg/animation/SVGSMILElement.h:
3261         (SVGSMILElement):
3262         * svg/properties/SVGAnimatedListPropertyTearOff.h:
3263             Remove svgAttributeChanged() calls from animationEnded/animValDidChange.
3264             Callers are now required to notify the target about changes. There are cases
3265             where we want to call animValDidChange without invoking svgAttributeChanged().
3266             That is supported now.
3267         (WebCore::SVGAnimatedListPropertyTearOff::animationEnded):
3268         (WebCore::SVGAnimatedListPropertyTearOff::animValDidChange):
3269         * svg/properties/SVGAnimatedProperty.h: Ditto.
3270         (WebCore::SVGAnimatedProperty::commitChange): Add safety guard.
3271         * svg/properties/SVGAnimatedPropertyTearOff.h: Ditto.
3272         (WebCore::SVGAnimatedPropertyTearOff::animationEnded):
3273         (WebCore::SVGAnimatedPropertyTearOff::animValDidChange):
3274         * svg/properties/SVGAnimatedStaticPropertyTearOff.h: Ditto.
3275         (WebCore::SVGAnimatedStaticPropertyTearOff::animationEnded):
3276         (WebCore::SVGAnimatedStaticPropertyTearOff::animValDidChange):
3277
3278 2012-05-08  Ryuan Choi  <ryuan.choi@samsung.com>
3279
3280         [EFL][DRT]Do not create ScrollbarEfl when mockScrollbar is enabled.
3281         https://bugs.webkit.org/show_bug.cgi?id=81315
3282
3283         Reviewed by Chang Shu.
3284
3285         ScrollbarEfl creates custom scrollbars as separated layer and they are
3286         not related to ScrollbarTheme.
3287         So, DRT/Efl creates custom scrollbars on webview which paints mockScrollbar.
3288
3289         This patch prevents creating custom scrollbars when mockScrollbar is enabled.
3290
3291         Because DRT/Efl only renders the webview now, expected results are same
3292         until Bug 79853 is landed.
3293
3294         * platform/efl/ScrollbarEfl.cpp:
3295         (Scrollbar::createNativeScrollbar):
3296
3297 2012-05-08  Timothy Hatcher  <timothy@apple.com>
3298
3299         Fix the SOFT_LINK_STAGED_FRAMEWORK_OPTIONAL macro so it passes the full path to dlopen.
3300
3301         dyld only considers libraries in the versioned framework path if their install name
3302         matches the library that it is attempting to load. The path we were passing to
3303         dlopen lacked the Versions/A component of the path so dyld did not recognize that
3304         we wanted it to use the staged version if it is newer.
3305
3306         <rdar://problem/11406517>
3307
3308         Reviewed by Mark Rowe.
3309
3310         * platform/mac/SoftLinking.h: Have SOFT_LINK_STAGED_FRAMEWORK_OPTIONAL take the
3311         framework version as an argument and use it when constructing the path to dlopen.
3312
3313 2012-05-08  Rafael Brandao  <rafael.lobo@openbossa.org>
3314
3315         Build fix for Qt Snowleopard Release
3316         https://bugs.webkit.org/show_bug.cgi?id=85895
3317
3318         Reviewed by Alexis Menard.
3319
3320         The enum value JSUint8ClampedArray conflicted with the JSUint8ClampedArray class.
3321         I've added the 'Type' suffix to the enum value to make their names different.
3322
3323         No new tests needed.
3324
3325         * bridge/qt/qt_runtime_qt4.cpp:
3326         (JSC::Bindings::valueRealType):
3327         (JSC::Bindings::convertValueToQVariant):
3328
3329 2012-05-08  Shezan Baig  <shezbaig.wk@gmail.com>
3330
3331         offsetLeft broken within CSS3 columns
3332         https://bugs.webkit.org/show_bug.cgi?id=34875
3333
3334         Reviewed by Julien Chaffraix.
3335
3336         Reimplement offsetLeft and offsetTop in terms of a new method called
3337         'offsetTopLeft'. The new method starts from a reference point (the
3338         top-left coordinate of a box or inline) and adjusts this reference
3339         point for columns as we traverse each parent. Note that the reference
3340         point needs to be adjusted in both dimensions, even though offsetLeft
3341         and offsetTop return only one of them.
3342
3343         A new method called 'offsetForColumns' was added to RenderObject. This
3344         method is similar to adjustForColumns, except that it returns the
3345         offset instead of modifying a reference. This method is necessary to
3346         simplify the implementation of offsetTopLeft.
3347
3348         Tests: fast/block/positioning/offsetLeft-offsetTop-multicolumn-expected.txt
3349                fast/block/positioning/offsetLeft-offsetTop-multicolumn.html
3350
3351         * rendering/RenderBox.h:
3352         (RenderBox):
3353         Override offsetLeft and offsetTop.
3354         * rendering/RenderBox.cpp:
3355         (WebCore::RenderBox::offsetLeft):
3356         Implemented in terms of RenderBoxModelObject::offsetTopLeft, using
3357         topLeftLocation as startPoint.
3358         (WebCore::RenderBox::offsetTop):
3359         Implemented in terms of RenderBoxModelObject::offsetTopLeft, using
3360         topLeftLocation as startPoint.
3361         * rendering/RenderBoxModelObject.cpp:
3362         (WebCore::RenderBoxModelObject::offsetTopLeft):
3363         New method to compute offsetLeft and offsetTop simultaneously, and
3364         adjusting for columns at each parent.
3365         (WebCore::RenderBoxModelObject::offsetLeft):
3366         Reimplemented in terms of offsetTopLeft.
3367         (WebCore::RenderBoxModelObject::offsetTop):
3368         Reimplemented in terms of offsetTopLeft.
3369         * rendering/RenderBoxModelObject.h:
3370         (RenderBoxModelObject):
3371         Declare new offsetTopLeft method.
3372         * rendering/RenderInline.cpp:
3373         (WebCore::RenderInline::offsetLeft):
3374         Reimplemented in terms of RenderBoxModelObject::offsetTopLeft.
3375         (WebCore::RenderInline::offsetTop):
3376         Reimplemented in terms of RenderBoxModelObject::offsetTopLeft.
3377         * rendering/RenderObject.h:
3378         (RenderObject):
3379         (WebCore::RenderObject::offsetForColumns):
3380         New helper method to simplify implementation of offsetTopLeft.
3381
3382 2012-03-31  Robert Hogan  <robert@webkit.org>
3383
3384         CSS 2.1 failure: first-letter-nested-004.htm fails
3385         https://bugs.webkit.org/show_bug.cgi?id=72987
3386
3387         Reviewed by Eric Seidel.
3388
3389         When styling first-letter check each sibling and drill into its inlines until we find either (i) a text node 
3390         that is not all whitespace, or (ii) a line break.
3391
3392         This makes our rendering of the following tests compatible with FF and Opera. Our current behaviour is also conformant
3393         since the spec allows UAs to style just one element:
3394             css2.1/20110323/first-letter-quote-002.htm
3395             css2.1/20110323/first-letter-quote-003.htm
3396             css2.1/20110323/first-letter-quote-004.htm
3397             css2.1/20110323/first-letter-quote-005.htm
3398
3399         This fixes the following two tests. We now drill into the descendants of an element styled with :first-letter looking
3400         for text to style:
3401             css2.1/20110323/first-letter-nested-004.htm
3402             css2.1/20110323/first-letter-nested-006.htm
3403
3404         This patch changes our rendering of first-letter-dynamic-001.htm as we now render adjacent quotes in the second line as 
3405         green. This is consistent with the spec, which allows this behaviour but does not require it. It's the 'right' behaviour
3406         since it is consistent with the rendering of such quotes in a single element with :first-letter style.
3407
3408         * rendering/RenderBlock.cpp:
3409         (WebCore::RenderBlock::findLastObjectWithFirstLetterText): Iterate through the child's siblings looking for the last
3410           object to be styled :first-letter.
3411         (WebCore::RenderBlock::findLastObjectAfterFirstLetterPunctuation): Style any leading punctuation as first-letter, drill
3412           down into the child's descendants looking for text if necessary.
3413         (WebCore::RenderBlock::updateFirstLetter): Refactor to drill into sibling's children looking for inlines
3414          that should be styled as first-letter.
3415         (WebCore::RenderBlock::addFirstLetter): Split out from updateFirstLetter so that it can be used when a
3416          descendant node inside a sibling is found in findLastObjectWithFirstLetterText() needs to be styled as first-letter.
3417         * rendering/RenderBlock.h:
3418
3419 2012-05-08  Sheriff Bot  <webkit.review.bot@gmail.com>
3420
3421         Unreviewed, rolling out r116402.
3422         http://trac.webkit.org/changeset/116402
3423         https://bugs.webkit.org/show_bug.cgi?id=85898
3424
3425         Caused a 3% regression on Chromium's bloat-http test on Linux
3426         (Requested by ojan_gardening on #webkit).
3427
3428         * WebCore.exp.in:
3429         * bindings/v8/RetainedDOMInfo.cpp:
3430         * dom/ContainerNode.h:
3431         * dom/Node.cpp:
3432         (WebCore::Node::traverseNextNode):
3433         (WebCore):
3434         (WebCore::Node::traverseNextSibling):
3435         * dom/Node.h:
3436         (Node):
3437
3438 2012-05-08  Hironori Bono  <hbono@chromium.org>
3439
3440         [Chromium] Fix the position of an RTL resizer
3441         https://bugs.webkit.org/show_bug.cgi?id=80640
3442
3443         Reviewed by Tony Chang.
3444
3445         When rendering an RTL resizer, my r110073 renders it at the same position as the
3446         one used for rendering a LTR resizer. Unfortunately, this code renders the RTL
3447         resizer image at an incorrect position on Mac and Linux. This change uses the
3448         correct formula to calculate the position of an RTL resizer.
3449
3450         Test: platform/chromium/scrollbars/rtl-resizer-position.html
3451
3452         * rendering/RenderLayer.cpp:
3453         (WebCore::RenderLayer::drawPlatformResizerImage):
3454
3455 2012-05-08  Andreas Kling  <kling@webkit.org>
3456
3457         Element: isURLAttribute() should take a const Attribute&.
3458         <http://webkit.org/b/85890>
3459
3460         Reviewed by Anders Carlsson.
3461
3462         Change isURLAttribute(Attribute*) to isURLAttribute(const Attribute&) to enforce
3463         the fact that the Attribute can't be null, and shouldn't be mutated, at compile-time.
3464         Also sprinkle OVERRIDE while we're at it.
3465
3466         * dom/Element.cpp:
3467         (WebCore::Element::getURLAttribute):
3468         (WebCore::Element::getNonEmptyURLAttribute):
3469         * dom/Element.h:
3470         (WebCore::Element::isURLAttribute):
3471         * editing/MarkupAccumulator.cpp:
3472         (WebCore::MarkupAccumulator::appendQuotedURLAttributeValue):
3473         (WebCore::MarkupAccumulator::appendAttribute):
3474         * editing/markup.cpp:
3475         (WebCore::completeURLs):
3476         * html/HTMLAnchorElement.cpp:
3477         (WebCore::HTMLAnchorElement::isURLAttribute):
3478         * html/HTMLAnchorElement.h:
3479         * html/HTMLBaseElement.cpp:
3480         (WebCore::HTMLBaseElement::isURLAttribute):
3481         * html/HTMLBaseElement.h:
3482         * html/HTMLBodyElement.cpp:
3483         (WebCore::HTMLBodyElement::isURLAttribute):
3484         * html/HTMLBodyElement.h:
3485         * html/HTMLButtonElement.cpp:
3486         (WebCore::HTMLButtonElement::isURLAttribute):
3487         * html/HTMLButtonElement.h:
3488         * html/HTMLElement.cpp:
3489         (WebCore::HTMLElement::isURLAttribute):
3490         * html/HTMLElement.h:
3491         * html/HTMLEmbedElement.cpp:
3492         (WebCore::HTMLEmbedElement::isURLAttribute):
3493         * html/HTMLEmbedElement.h:
3494         * html/HTMLFormElement.cpp:
3495         (WebCore::HTMLFormElement::isURLAttribute):
3496         * html/HTMLFormElement.h:
3497         * html/HTMLFrameElementBase.cpp:
3498         (WebCore::HTMLFrameElementBase::isURLAttribute):
3499         * html/HTMLFrameElementBase.h:
3500         (HTMLFrameElementBase):
3501         * html/HTMLHtmlElement.cpp:
3502         (WebCore::HTMLHtmlElement::isURLAttribute):
3503         * html/HTMLHtmlElement.h:
3504         * html/HTMLImageElement.cpp:
3505         (WebCore::HTMLImageElement::isURLAttribute):
3506         * html/HTMLImageElement.h:
3507         * html/HTMLInputElement.cpp:
3508         (WebCore::HTMLInputElement::isURLAttribute):
3509         * html/HTMLInputElement.h:
3510         * html/HTMLLinkElement.cpp:
3511         (WebCore::HTMLLinkElement::isURLAttribute):
3512         * html/HTMLLinkElement.h:
3513         * html/HTMLMediaElement.cpp:
3514         (WebCore::HTMLMediaElement::isURLAttribute):
3515         * html/HTMLMediaElement.h:
3516         * html/HTMLModElement.cpp:
3517         (WebCore::HTMLModElement::isURLAttribute):
3518         * html/HTMLModElement.h:
3519         * html/HTMLObjectElement.cpp:
3520         (WebCore::HTMLObjectElement::isURLAttribute):
3521         * html/HTMLObjectElement.h:
3522         * html/HTMLParamElement.cpp:
3523         (WebCore::HTMLParamElement::isURLAttribute):
3524         * html/HTMLParamElement.h:
3525         * html/HTMLQuoteElement.cpp:
3526         (WebCore::HTMLQuoteElement::isURLAttribute):
3527         * html/HTMLQuoteElement.h:
3528         * html/HTMLScriptElement.cpp:
3529         (WebCore::HTMLScriptElement::isURLAttribute):
3530         * html/HTMLScriptElement.h:
3531         * html/HTMLSourceElement.cpp:
3532         (WebCore::HTMLSourceElement::isURLAttribute):
3533         * html/HTMLSourceElement.h:
3534         * html/HTMLTableCellElement.cpp:
3535         (WebCore::HTMLTableCellElement::isURLAttribute):
3536         * html/HTMLTableCellElement.h:
3537         * html/HTMLTableElement.cpp:
3538         (WebCore::HTMLTableElement::isURLAttribute):
3539         * html/HTMLTableElement.h:
3540         * html/HTMLTrackElement.cpp:
3541         (WebCore::HTMLTrackElement::isURLAttribute):
3542         * html/HTMLTrackElement.h:
3543         * html/HTMLVideoElement.cpp:
3544         (WebCore::HTMLVideoElement::isURLAttribute):
3545         * html/HTMLVideoElement.h:
3546         * svg/SVGScriptElement.cpp:
3547         (WebCore::SVGScriptElement::isURLAttribute):
3548         * svg/SVGScriptElement.h:
3549
3550 2012-05-08  Stephen Chenney  <schenney@chromium.org>
3551
3552         Shrink ElementAttributeData by factoring out Attr object count.
3553         https://bugs.webkit.org/show_bug.cgi?id=85825
3554
3555         Unreviewed build fix.
3556
3557         * dom/ElementAttributeData.cpp:
3558         (WebCore::attrListForElement): Was returning false instead of 0 for a pointer value. Now returns 0.
3559
3560 2012-05-08  Andreas Kling  <kling@webkit.org>
3561
3562         Element: Merge idAttributeChanged() into attributeChanged().
3563         <http://webkit.org/b/85885>
3564
3565         Reviewed by Antti Koivisto.
3566
3567         No new tests, code churn only.
3568
3569         * dom/Element.h:
3570         * dom/Element.cpp:
3571         (WebCore::Element::attributeChanged): There's no need for this to be a standalone function anymore.
3572
3573 2012-05-08  Andreas Kling  <kling@webkit.org>
3574
3575         Shrink ElementAttributeData by factoring out Attr object count.
3576         <http://webkit.org/b/85825>
3577
3578         Reviewed by Antti Koivisto.
3579
3580         Stop tracking the number of Attr objects that point to a given Element on the
3581         Element itself and manage this by having a global hashmap of Element => AttrList,
3582         where AttrList is a vector of (pointers to) the associated Attr objects.
3583
3584         This shrinks ElementAttributeData by one integer, effectively reducing memory
3585         consumption by ~530kB when viewing the full HTML5 spec at <http://whatwg.org/c>.
3586
3587         * dom/ElementAttributeData.h:
3588         (ElementAttributeData):
3589
3590             Remove m_attrCount...
3591
3592         * dom/Node.h:
3593         (WebCore::Node::hasAttrList):
3594         (WebCore::Node::setHasAttrList):
3595         (WebCore::Node::clearHasAttrList):
3596
3597             ...replacing it with a Node flag that tells us whether there's an Attr
3598             object map for this Node (only applies to Elements.)
3599
3600         * dom/ElementAttributeData.cpp:
3601         (WebCore::attrListMap):
3602         (WebCore::attrListForElement):
3603         (WebCore::ensureAttrListForElement):
3604         (WebCore::removeAttrListForElement):
3605         (WebCore::ElementAttributeData::attrIfExists):
3606         (WebCore::ElementAttributeData::ensureAttr):
3607         (WebCore::ElementAttributeData::setAttr):
3608         (WebCore::ElementAttributeData::removeAttr):
3609         (WebCore::ElementAttributeData::detachAttributesFromElement):
3610
3611             Map Element => per-Element AttrList in a global hash.
3612
3613 2012-05-08  Chris Guan  <chris.guan@torchmobile.com.cn>
3614
3615         [Blackberry] remove m_isRequestedByPlugin in ResourceRequest
3616         https://bugs.webkit.org/show_bug.cgi?id=84559
3617
3618         Reviewed by Antonio Gomes.
3619
3620         ResourceRequest is a network level abstraction, and it should
3621         not know anything about web concepts such as plug-ins, and Blackberry
3622         does not need m_isRequestedByPlugin any longer, So clean up all related
3623         code.
3624
3625         Tested on a website of http://edition.cnn.com, a new window should be
3626         opened only when user has a singe tap gesture on a plugin element.
3627
3628         * platform/network/blackberry/ResourceRequest.h:
3629         (WebCore::ResourceRequest::ResourceRequest):
3630         (ResourceRequest):
3631         (CrossThreadResourceRequestData):
3632         * platform/network/blackberry/ResourceRequestBlackBerry.cpp:
3633         (WebCore::ResourceRequest::doPlatformCopyData):
3634         (WebCore::ResourceRequest::doPlatformAdopt):
3635
3636 2012-05-03  Alexander Pavlov  <apavlov@chromium.org>
3637
3638         Extra line-breaks added when copying from source.
3639         https://bugs.webkit.org/show_bug.cgi?id=85282
3640
3641         Reviewed by Ryosuke Niwa.
3642
3643         The code used to replace any \n by \r\n, even the one that had a preceding \r, resulting in \r\r\n.
3644         This change introduces a check for the preceding \r when replacing \n's.
3645
3646         Test: platform/win/editing/pasteboard/pasting-crlf-isnt-translated-to-crcrlf-win.html
3647
3648         * platform/chromium/ClipboardUtilitiesChromium.cpp:
3649         (WebCore::replaceNewlinesWithWindowsStyleNewlines):
3650         * platform/win/ClipboardUtilitiesWin.cpp:
3651         (WebCore::replaceNewlinesWithWindowsStyleNewlines):
3652
3653 2012-05-08  Adam Barth  <abarth@webkit.org>
3654
3655         OS(ANDROID) JNI AttachCurrentThread take JNIEnv** as a parameter, not void**
3656         https://bugs.webkit.org/show_bug.cgi?id=85869
3657
3658         Reviewed by Eric Seidel.
3659
3660         According to
3661         http://docs.oracle.com/javase/1.5.0/docs/guide/jni/spec/invocation.html,
3662         AttachCurrentThread takes a JNIEnv** rather than a void**.  Apparently,
3663         most implementations actually take a void**.  The OS(ANDROID)
3664         implementation, however, actually takes an JNIEnv**.  This patch
3665         introduces a typedef to give each implementation what it desires.
3666
3667         * bridge/jni/JNIUtility.cpp:
3668         (JSC::Bindings::getJNIEnv):
3669
3670 2012-05-08  Balazs Kelemen  <kbalazs@webkit.org>
3671
3672         [Qt] X11 plugins need to be reworked for Qt5+WK1
3673         https://bugs.webkit.org/show_bug.cgi?id=80691
3674
3675         Reviewed by Simon Hausmann.
3676
3677         Implement basic windowless plugin support with Qt5.
3678         The solution is the same that has been chosen for
3679         WebKit2. We get the content drawed by the plugin
3680         from the X server as an image, create a QImage
3681         from it and paint it to the window surface with QPainter.
3682         Performance is sufficient for basic video playback.
3683
3684         No new tests, covered by existing plugin tests.
3685
3686         * Target.pri:
3687         * WebCore.pri:
3688         * platform/qt/QWebPageClient.h:
3689         (QWebPageClient):
3690         * plugins/PluginView.h:
3691         (PluginView):
3692         * plugins/qt/PluginPackageQt.cpp:
3693         (WebCore::PluginPackage::isPluginBlacklisted):
3694         Blacklist plugins that are incompatible with Qt5.
3695         The only one I know about currently is skypebuttons
3696         but the list can be extended in the future.
3697         (WebCore):
3698         (WebCore::PluginPackage::load):
3699         * plugins/qt/PluginViewQt.cpp:
3700         (X11Environment):
3701         (WebCore):
3702         (WebCore::x11Display):
3703         (WebCore::x11Screen):
3704         (WebCore::rootWindowID):
3705         (WebCore::displayDepth):
3706         (WebCore::syncX):
3707         (WebCore::PluginView::platformPageClient): Added a safe
3708         convenience getter for the QWebpageClient.
3709         (WebCore::PluginView::updatePluginWidget):
3710         (WebCore::PluginView::setFocus):
3711         (WebCore::setupGraphicsExposeEvent):
3712         (WebCore::PluginView::paintUsingXPixmap):
3713         (WebCore::setSharedXEventFields):
3714         (WebCore::PluginView::initXEvent):
3715         (WebCore::PluginView::setXKeyEventSpecificFields):
3716         (WebCore::setXButtonEventSpecificFields):
3717         (WebCore::setXMotionEventSpecificFields):
3718         (WebCore::setXCrossingEventSpecificFields):
3719         (WebCore::PluginView::setNPWindowIfNeeded):
3720         (WebCore::PluginView::setParentVisible):
3721         (WebCore::PluginView::platformGetValue):
3722         (WebCore::PluginView::invalidateRect):
3723         (WebCore::getVisualAndColormap):
3724         Refactored this function to make it more clear
3725         what does it actually do.
3726         (WebCore::PluginView::platformStart):
3727         (WebCore::PluginView::platformDestroy):
3728
3729 2012-05-07  Antti Koivisto  <antti@apple.com>
3730
3731         Inline Node::traverseNextNode
3732         https://bugs.webkit.org/show_bug.cgi?id=85844
3733
3734         Reviewed by Ryosuke Niwa.
3735
3736         Inline traverseNextNode and traverseNextSibling to reduce entry/exit overhead and allow better code generation
3737         for many hot loops. Also added separate versions of stayWithin and unscoped cases (the function is
3738         so simple that this seemed like the cleanest way to do it, the most reliable too) and used UNLIKELY for the 
3739         end-of-traversal conditions.
3740         
3741         The traversal function can show up to ~1% in normal page loading profiles.
3742         
3743         run-perf-tests seems to think this is a progression in some subtests though bots will tell for certain.
3744
3745         * WebCore.exp.in:
3746         * dom/ContainerNode.h:
3747         
3748             Following the existing pattern, function bodies go to ContainerNode.h so they can call parentNode().
3749             (which returns ContainerNode, not Node).
3750
3751         (WebCore::Node::traverseNextNode):
3752         (WebCore):
3753         (WebCore::Node::traverseNextSibling):
3754         * dom/Node.cpp:
3755         (WebCore):
3756         * dom/Node.h:
3757         (Node):
3758
3759 2012-05-05  Pavel Feldman  <pfeldman@chromium.org>
3760
3761         Web Inspector: make JavaScriptSourceFrame use breakpoint manager's breakpoints store.
3762         https://bugs.webkit.org/show_bug.cgi?id=85714
3763
3764         Reviewed by Yury Semikhatsky.
3765
3766         It is currently using its own copy of breakpoints which is not necessary.
3767
3768         * inspector/front-end/BreakpointManager.js:
3769         (WebInspector.BreakpointManager):
3770         (WebInspector.BreakpointManager.prototype.restoreBreakpoints):
3771         (WebInspector.BreakpointManager.prototype.setBreakpoint):
3772         (WebInspector.BreakpointManager.prototype._innerSetBreakpoint):
3773         (WebInspector.BreakpointManager.prototype.findBreakpoint):
3774         (WebInspector.BreakpointManager.prototype.reset):
3775         (WebInspector.BreakpointManager.prototype._debuggerReset):
3776         (WebInspector.BreakpointManager.prototype._breakpointResolved):
3777         (WebInspector.BreakpointManager.prototype._uiLocationAdded):
3778         (WebInspector.BreakpointManager.prototype._uiLocationRemoved):
3779         (WebInspector.BreakpointManager.Breakpoint.prototype._breakpointStorageId):
3780         (WebInspector.BreakpointManager.Storage.prototype._restoreBreakpoints):
3781         (set WebInspector.BreakpointManager.Storage.Item):
3782         * inspector/front-end/JavaScriptSource.js:
3783         (WebInspector.JavaScriptSource.prototype.consoleMessagesCleared):
3784         (WebInspector.JavaScriptSource.prototype.breakpointStorageId):
3785         * inspector/front-end/JavaScriptSourceFrame.js:
3786         (WebInspector.JavaScriptSourceFrame):
3787         (WebInspector.JavaScriptSourceFrame.prototype._onContentChanged):
3788         (WebInspector.JavaScriptSourceFrame.prototype.populateLineGutterContextMenu):
3789         (WebInspector.JavaScriptSourceFrame.prototype.beforeTextChanged):
3790         (WebInspector.JavaScriptSourceFrame.prototype._onMouseDown):
3791         (WebInspector.JavaScriptSourceFrame.prototype._breakpointAdded):
3792         (WebInspector.JavaScriptSourceFrame.prototype._breakpointRemoved):
3793         (WebInspector.JavaScriptSourceFrame.prototype.onTextViewerContentLoaded):
3794         (WebInspector.JavaScriptSourceFrame.prototype._continueToLine):
3795         (WebInspector.JavaScriptSourceFrame.prototype._updateBreakpointsAfterLiveEdit):
3796
3797 2012-05-07  Pavel Feldman  <pfeldman@chromium.org>
3798
3799         Web Inspector: do not create locations for resolved provisional breakpoints
3800         https://bugs.webkit.org/show_bug.cgi?id=85716
3801
3802         Reviewed by Yury Semikhatsky.
3803
3804         Marked provisional breakpoints as such.
3805
3806         * inspector/front-end/BreakpointManager.js:
3807         (WebInspector.BreakpointManager.prototype._debuggerReset):
3808         (WebInspector.BreakpointManager.prototype._breakpointResolved):
3809
3810 2012-05-07  Simon Fraser  <simon.fraser@apple.com>
3811
3812         Compositing layers with transformed children not large enough to show contents
3813         https://bugs.webkit.org/show_bug.cgi?id=85855
3814
3815         Reviewed by Dan Bernstein.
3816         
3817         r114518 added a code path to RenderLayer::calculateLayerBounds() which
3818         does an early return if the layer has clipping. However, this code
3819         path omitted to take local transforms into account.
3820         
3821         Fix is to handle transforms as we do in the non-clipped case.
3822
3823         Test: compositing/geometry/bounds-clipped-composited-child.html
3824
3825         * rendering/RenderLayer.cpp:
3826         (WebCore::RenderLayer::calculateLayerBounds):
3827
3828 2012-05-07  Scott Graham  <scottmg@chromium.org>
3829
3830         Fix signed/unsigned mismatch
3831         https://bugs.webkit.org/show_bug.cgi?id=85845
3832
3833         Make literal in assert be unsigned to match comparison on LHS. Avoids
3834         warning on Windows.
3835
3836         Reviewed by Eric Seidel.
3837
3838         No new tests. No intended functionality change.
3839
3840         * rendering/RenderTableSection.cpp:
3841         (WebCore::RenderTableSection::splitColumn):
3842
3843 2012-05-07  Emil A Eklund  <eae@chromium.org>
3844
3845         Fix performance regression for floats caused by LayoutUnit change
3846         https://bugs.webkit.org/show_bug.cgi?id=85834
3847
3848         Reviewed by Eric Seidel.
3849
3850         Fix performance regression caused by r116009 by disabling the use of
3851         64bit math in FractionalLayoutUnit, simplifying the pixelSnappedMaxX/Y
3852         math, inlining a couple of methods and replacing the literal 0 (zero)
3853         with ZERO_LAYOUT_UNIT.
3854
3855         No new tests, no change in functionality.
3856
3857         * platform/FractionalLayoutUnit.h:
3858         (WebCore::boundedMultiply):
3859         (WebCore::operator*):
3860         (WebCore::operator/):
3861         Disable the use of 64bit (long long) math in the case where the fraction
3862         is set to 1.
3863         
3864         * platform/graphics/FractionalLayoutRect.h:
3865         (WebCore::FractionalLayoutRect::pixelSnappedMaxX):
3866         (WebCore::FractionalLayoutRect::pixelSnappedMaxY):
3867         Simplify the pixel snapping logic for maxX/maxY.
3868         
3869         * rendering/RenderBlock.cpp:
3870         (WebCore::RenderBlock::isSelfCollapsingBlock):
3871         (WebCore::RenderBlock::layoutBlock):
3872         (WebCore::RenderBlock::computeOverflow):
3873         (WebCore::RenderBlock::clearFloatsIfNeeded):
3874         (WebCore::RenderBlock::paintChildren):
3875         (WebCore::RenderBlock::blockSelectionGap):
3876         (WebCore::RenderBlock::logicalLeftSelectionGap):
3877         (WebCore::RenderBlock::logicalRightSelectionGap):
3878         (WebCore::RenderBlock::computeLogicalLocationForFloat):
3879         (WebCore::RenderBlock::lowestFloatLogicalBottom):
3880         (WebCore::RenderBlock::getClearDelta):
3881         (WebCore::RenderBlock::computeBlockPreferredLogicalWidths):
3882         (WebCore::RenderBlock::addFocusRingRects):
3883         (WebCore::RenderBlock::adjustLinePositionForPagination):
3884         * rendering/RenderBlock.h:
3885         (WebCore::RenderBlock::availableLogicalWidthForLine):
3886         (WebCore::RenderBlock::availableLogicalWidthForContent):
3887         (WebCore::RenderBlock::FloatingObject::x):
3888         (WebCore::RenderBlock::FloatingObject::maxX):
3889         (WebCore::RenderBlock::FloatingObject::y):
3890         (WebCore::RenderBlock::FloatingObject::maxY):
3891         (WebCore::RenderBlock::FloatingObject::width):
3892         (WebCore::RenderBlock::FloatingObject::height):
3893         (FloatingObject):
3894         (WebCore::RenderBlock::FloatingObject::pixelSnappedX):
3895         (WebCore::RenderBlock::FloatingObject::pixelSnappedMaxX):
3896         (WebCore::RenderBlock::FloatingObject::pixelSnappedY):
3897         (WebCore::RenderBlock::FloatingObject::pixelSnappedMaxY):
3898         (WebCore::RenderBlock::FloatingObject::pixelSnappedWidth):
3899         (WebCore::RenderBlock::FloatingObject::pixelSnappedHeight):
3900         (WebCore::RenderBlock::RenderBlockRareData::positiveMarginBeforeDefault):
3901         (WebCore::RenderBlock::RenderBlockRareData::negativeMarginBeforeDefault):
3902         (WebCore::RenderBlock::RenderBlockRareData::positiveMarginAfterDefault):
3903         (WebCore::RenderBlock::RenderBlockRareData::negativeMarginAfterDefault):
3904         * rendering/RenderBoxModelObject.cpp:
3905         (WebCore::accumulateRelativePositionOffsets):
3906         (WebCore::RenderBoxModelObject::offsetLeft):
3907         (WebCore::RenderBoxModelObject::offsetTop):
3908         (WebCore::RenderBoxModelObject::computedCSSPaddingTop):
3909         (WebCore::RenderBoxModelObject::computedCSSPaddingBottom):
3910         (WebCore::RenderBoxModelObject::computedCSSPaddingLeft):
3911         (WebCore::RenderBoxModelObject::computedCSSPaddingRight):
3912         (WebCore::RenderBoxModelObject::computedCSSPaddingBefore):
3913         (WebCore::RenderBoxModelObject::computedCSSPaddingAfter):
3914         (WebCore::RenderBoxModelObject::computedCSSPaddingStart):
3915         (WebCore::RenderBoxModelObject::computedCSSPaddingEnd):
3916
3917 2012-05-07  Dongwoo Im  <dw.im@samsung.com>
3918
3919         width/height attributes of input element cannot be accessed by JavaScript.
3920         https://bugs.webkit.org/show_bug.cgi?id=70304
3921
3922         Reviewed by Darin Adler.
3923
3924         If the type of input element is image button, width/height attributes should be supported.
3925         These attributes are defined in HTML5 spec.
3926         http://www.w3.org/TR/html5/the-map-element.html#attr-dim-width
3927
3928         Tests: fast/forms/input-width-height-attributes-without-renderer-loaded-image.html
3929                fast/forms/input-width-height-attributes-without-renderer-not-loaded-image.html
3930                fast/forms/input-width-height-attributes-without-renderer.html
3931                fast/forms/input-width-height-attributes.html
3932
3933         * html/HTMLInputElement.cpp: Add setter/getter functions to query/set width/height of input element.
3934         (WebCore):
3935         (WebCore::HTMLInputElement::height): Gets height of input element.
3936         (WebCore::HTMLInputElement::width): Gets width of input element.
3937         (WebCore::HTMLInputElement::setHeight): Sets height of input element.
3938         (WebCore::HTMLInputElement::setWidth): Sets width of input element.
3939         * html/HTMLInputElement.h: Add public prototype.
3940         (HTMLInputElement):
3941         * html/HTMLInputElement.idl: Add width/height attributes.
3942         * html/ImageInputType.cpp: Add getter functions if the element is an image button.
3943         (WebCore):
3944         (WebCore::ImageInputType::height): Gets height of input element.
3945         (WebCore::ImageInputType::width): Gets width of input element.
3946         * html/ImageInputType.h: Add prototype.
3947         (ImageInputType):
3948         * html/InputType.cpp: Add getter functions.
3949         (WebCore::InputType::height): Returns zero.
3950         (WebCore):
3951         (WebCore::InputType::width): Returns zero.
3952         * html/InputType.h: Add prototype.
3953         (InputType):
3954
3955 2012-05-07  Kinuko Yasuda  <kinuko@chromium.org>
3956
3957         Support cross-filesystem operations in FileSystem API
3958         https://bugs.webkit.org/show_bug.cgi?id=84135
3959
3960         Reviewed by David Levin.
3961
3962         Currently we pass Entry's fullPath to AsyncFileSystem layer where
3963         we convert the given path to filesystem URL which includes origin and
3964         filesystem type information, but in that way we cannot handle
3965         cross-filesystem operations (e.g. cross-filesystem copy and move)
3966         well since we end up with always attaching the source filesystem's
3967         origin and type information for argument paths.
3968
3969         This patch does:
3970         - change AsyncFileSystem's operation methods not to take entry paths
3971           but complete filesystem URLs.
3972         - move type and rootURL information from AsyncFileSystem instance into
3973           DOMFileSystemBase instance (platform layer to Modules/filesystem layer)
3974         - move filesystem-type related code in AsyncFileSystemChromium.cpp into
3975           DOMFileSystemChromium.cpp, which implements chromioum-specific
3976           DOMFileSystem code.
3977         - move platform/FileSystemType.h into Modules/filesystem/FileSystemType.h.
3978         - adding FileSystemType.h entry to build files (e.g. WebCore.gypi, WebCore.xcodeproj etc)
3979
3980         Test: fast/filesystem/cross-filesystem-op.html
3981
3982         * Modules/filesystem/DOMFileSystem.cpp:
3983         (WebCore::DOMFileSystem::create):
3984         (WebCore::DOMFileSystem::DOMFileSystem):
3985         (WebCore::DOMFileSystem::createWriter):
3986         (WebCore::DOMFileSystem::createFile):
3987         * Modules/filesystem/DOMFileSystem.h:
3988         * Modules/filesystem/DOMFileSystemBase.cpp:
3989         (WebCore::DOMFileSystemBase::DOMFileSystemBase):
3990         (WebCore::DOMFileSystemBase::createFileSystemURL): Added as an internal
3991         implementation of Entry.toURL().
3992         (WebCore::DOMFileSystemBase::getMetadata):
3993         (WebCore::verifyAndGetDestinationPathForCopyOrMove):
3994         (WebCore::DOMFileSystemBase::move):
3995         (WebCore::DOMFileSystemBase::copy):
3996         (WebCore::DOMFileSystemBase::remove):
3997         (WebCore::DOMFileSystemBase::removeRecursively):
3998         (WebCore::DOMFileSystemBase::getParent):
3999         (WebCore::DOMFileSystemBase::getFile):
4000         (WebCore::DOMFileSystemBase::getDirectory):
4001         (WebCore::DOMFileSystemBase::readDirectory):
4002         * Modules/filesystem/DOMFileSystemBase.h: Changed to make each
4003         DOMFileSystemBase instance have filesystem type and rootURL (they were
4004         held by AsyncFileSystem previously)
4005         (WebCore::DOMFileSystemBase::create): Changed to take additional parameters.
4006         (WebCore::DOMFileSystemBase::type): Added.(Moved from AsyncFileSystem::type)
4007         (WebCore::DOMFileSystemBase::rootURL): Added.(Moved from AsyncFileSystem::rootURL).
4008         * Modules/filesystem/DOMFileSystemSync.cpp:
4009         (WebCore::DOMFileSystemSync::create):
4010         (WebCore::DOMFileSystemSync::DOMFileSystemSync):
4011         (WebCore::DOMFileSystemSync::createFile):
4012         (WebCore::DOMFileSystemSync::createWriter):
4013         * Modules/filesystem/DOMFileSystemSync.h:
4014         (WebCore::DOMFileSystemSync::create):
4015         * Modules/filesystem/DOMWindowFileSystem.cpp:
4016         (WebCore::DOMWindowFileSystem::webkitRequestFileSystem):
4017         (WebCore::DOMWindowFileSystem::webkitResolveLocalFileSystemURL):
4018         * Modules/filesystem/EntryBase.cpp:
4019         (WebCore::EntryBase::toURL):
4020         * Modules/filesystem/FileSystemCallbacks.cpp:
4021         (WebCore::FileSystemCallbacks::create):
4022         (WebCore::FileSystemCallbacks::FileSystemCallbacks):
4023         (WebCore::FileSystemCallbacks::didOpenFileSystem):
4024         (WebCore::ResolveURICallbacks::create):
4025         (WebCore::ResolveURICallbacks::ResolveURICallbacks):
4026         (WebCore::ResolveURICallbacks::didOpenFileSystem):
4027         * Modules/filesystem/FileSystemCallbacks.h:
4028         (FileSystemCallbacks):
4029         (ResolveURICallbacks):
4030         * Modules/filesystem/FileSystemType.h: Renamed from Source/WebCore/platform/FileSystemType.h.
4031         * Modules/filesystem/LocalFileSystem.cpp:
4032         (WebCore::openFileSystem):
4033         (WebCore::LocalFileSystem::readFileSystem):
4034         (WebCore::LocalFileSystem::requestFileSystem):
4035         * Modules/filesystem/LocalFileSystem.h:
4036         * Modules/filesystem/WorkerContextFileSystem.cpp:
4037         (WebCore::WorkerContextFileSystem::webkitRequestFileSystem):
4038         (WebCore::WorkerContextFileSystem::webkitRequestFileSystemSync):
4039         (WebCore::WorkerContextFileSystem::webkitResolveLocalFileSystemURL):
4040         (WebCore::WorkerContextFileSystem::webkitResolveLocalFileSystemSyncURL):
4041         * Modules/filesystem/chromium/DOMFileSystemChromium.cpp: Added for chromium-specific
4042         implementation. Almost all of the code is moved from AsyncFileSystemChromium.
4043         (WebCore::DOMFileSystemBase::isValidType):
4044         (WebCore::DOMFileSystemBase::crackFileSystemURL):
4045         (WebCore::DOMFileSystemBase::supportsToURL):
4046         (WebCore::DOMFileSystemBase::createFileSystemURL):
4047         (WebCore::DOMFileSystemChromium::createIsolatedFileSystem):
4048         * Modules/filesystem/chromium/DOMFileSystemChromium.h: Added.
4049         * Modules/filesystem/chromium/DataTransferItemFileSystemChromium.cpp:
4050         (WebCore::DataTransferItemFileSystem::webkitGetAsEntry):
4051         * Modules/filesystem/chromium/DraggedIsolatedFileSystem.cpp:
4052         (WebCore::DraggedIsolatedFileSystem::getDOMFileSystem):
4053         * WebCore.gypi:
4054         * platform/AsyncFileSystem.cpp:
4055         (WebCore::AsyncFileSystem::openFileSystem):
4056         * platform/AsyncFileSystem.h:
4057         (AsyncFileSystem):
4058         (WebCore::AsyncFileSystem::AsyncFileSystem):
4059         * platform/AsyncFileSystemCallbacks.h:
4060         (WebCore::AsyncFileSystemCallbacks::didOpenFileSystem):
4061         * platform/blackberry/AsyncFileSystemBlackBerry.cpp:
4062         (WebCore::AsyncFileSystem::create):
4063         (We