REGRESSION (iOS 13): Top fixed element on apple.com flickers in size while pinching in
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2019-09-12  Wenson Hsieh  <wenson_hsieh@apple.com>
2
3         [Cocoa] Text indicator for an image link on the front page of apple.com looks wrong
4         https://bugs.webkit.org/show_bug.cgi?id=201724
5         <rdar://problem/54622894>
6
7         Reviewed by Tim Horton.
8
9         When computing the bounds of the range (<a>, 0) to (<a>, 1) for a text indicator snapshot where <a> is a link
10         with a single non-breaking whitespace character, we currently use the text rect of the single space. This leads
11         to a confusing text indicator, as the resulting snapshot is a tiny blank square in the top left corner of the
12         link. This problem manifests when starting a drag or showing the system context menu on iOS, or force clicking
13         or three-finger tapping to show a preview on macOS.
14
15         To address this scenario, tweak the heuristic in the case where the text indicator option
16         TextIndicatorOptionUseBoundingRectAndPaintAllContentForComplexRanges is specified, such that we consider a range
17         containing only text with whitespaces to be "complex"; additionally, instead of falling back to the range's
18         bounding rect (which in this case is still tiny), fall back to the common ancestor container's bounding rect,
19         which encompasses not only the text inside the range but also the element containing the range (in this case,
20         the anchor element).
21
22         Test: fast/text-indicator/text-indicator-empty-link.html
23
24         * page/TextIndicator.cpp:
25         (WebCore::containsOnlyWhiteSpaceText):
26
27         Add a helper to determine whether a Range is comprised only of rendered text that only contains whitespace
28         characters.
29
30         (WebCore::initializeIndicator):
31
32         See ChangeLog entry above for more detail.
33
34 2019-09-12  Brady Eidson  <beidson@apple.com>
35
36         PDF exporting on iOS should include URL rects.
37         <rdar://problem/54900133> and https://bugs.webkit.org/show_bug.cgi?id=201693
38
39         Reviewed by Tim Horton.
40
41         Turns out that PDF exporting on iOS works fine.
42
43         Tracking back through history it was disabled at least pre-2014.
44
45         It was almost certainly disabled because it didn't work way back then,
46         but it works great now.
47
48         * platform/graphics/cg/GraphicsContextCG.cpp:
49         (WebCore::GraphicsContext::setURLForRect): Remove the iOS platform exclusion.
50
51 2019-09-12  Adrian Perez de Castro  <aperez@igalia.com>
52
53         [GTK][WPE] webkit_settings_set_user_agent() allows content forbidden in HTTP headers
54         https://bugs.webkit.org/show_bug.cgi?id=201077
55
56         Reviewed by Carlos Garcia Campos.
57
58         Add a function to validate whether a string contains a valid value
59         which can be used in a HTTP User-Agent header.
60
61         Covered by new WebCore API test HTTPParsers.ValidateUserAgentValues.
62
63         * platform/glib/UserAgentGLib.cpp:
64         (WebCore::standardUserAgent): Assert that the returned string is a valid User-Agent.
65         (WebCore::standardUserAgentForURL): Ditto.
66         * platform/network/HTTPParsers.cpp: Added a series of helper functions which skip over
67         characters of a string, which can be used to scan over the different elements of an
68         User-Agent value; all of them receive the position from the input string where to start
69         scanning, updating it to the position right after the scanned item (this follow the
70         convention already in use by other functions in the source file). Each of them has
71         been annotated with the RFC number and section which contains the definition of the
72         scanned item, and the corresponding BNF rules to make the code easier to follow.
73         (WebCore::skipWhile): Added.
74         (WebCore::isVisibleCharacter): Added.
75         (WebCore::isOctectInFieldContentCharacter): Added.
76         (WebCore::isCommentTextCharacter): Added.
77         (WebCore::isHTTPTokenCharacter): Added.
78         (WebCore::isValidHTTPToken): Refactored to use the new isHTTPTokenCharacter()
79         helper function instead of having the test inside the loop.
80         (WebCore::skipCharacter): Added.
81         (WebCore::skipQuotedPair): Added.
82         (WebCore::skipComment): Added.
83         (WebCore::skipHTTPToken): Added.
84         (WebCore::skipUserAgentProduct): Added.
85         (WebCore::isValidUserAgentHeaderValue): Added.
86         * platform/network/HTTPParsers.h: Add prototype for isValidUserAgentHeaderValue().
87
88 2019-09-12  Mark Lam  <mark.lam@apple.com>
89
90         Harden JSC against the abuse of runtime options.
91         https://bugs.webkit.org/show_bug.cgi?id=201597
92         <rdar://problem/55167068>
93
94         Reviewed by Filip Pizlo.
95
96         No new tests.  Covered by existing tests.
97
98         Enable Options::useDollarVM before we tell the JSGlobalObject to exposeDollarVM().
99         The $vm utility is now hardened to require that Options::useDollarVM be
100         enabled in order for it to be used.
101
102         * testing/js/WebCoreTestSupport.cpp:
103         (WebCoreTestSupport::injectInternalsObject):
104
105 2019-09-12  Youenn Fablet  <youenn@apple.com>
106
107         Use typed identifiers for IDB connection identifiers
108         https://bugs.webkit.org/show_bug.cgi?id=201682
109
110         Reviewed by Chris Dumez.
111
112         Migrate from uint64_t to a typed identifier for IDB connection identifiers.
113         The identifier is reusing the process identifier type.
114         No change of behavior.
115
116         * Modules/indexeddb/client/IDBConnectionProxy.h:
117         (WebCore::IDBClient::IDBConnectionProxy::serverConnectionIdentifier const):
118         * Modules/indexeddb/client/IDBConnectionToServer.cpp:
119         (WebCore::IDBClient::IDBConnectionToServer::identifier const):
120         * Modules/indexeddb/client/IDBConnectionToServer.h:
121         * Modules/indexeddb/client/IDBConnectionToServerDelegate.h:
122         * Modules/indexeddb/server/IDBConnectionToClient.cpp:
123         (WebCore::IDBServer::IDBConnectionToClient::identifier const):
124         * Modules/indexeddb/server/IDBConnectionToClient.h:
125         * Modules/indexeddb/server/IDBConnectionToClientDelegate.h:
126         * Modules/indexeddb/server/IDBServer.cpp:
127         (WebCore::IDBServer::IDBServer::getAllDatabaseNames):
128         (WebCore::IDBServer::IDBServer::performGetAllDatabaseNames):
129         (WebCore::IDBServer::IDBServer::didGetAllDatabaseNames):
130         * Modules/indexeddb/server/IDBServer.h:
131         * Modules/indexeddb/shared/IDBRequestData.cpp:
132         (WebCore::IDBRequestData::serverConnectionIdentifier const):
133         * Modules/indexeddb/shared/IDBRequestData.h:
134         * Modules/indexeddb/shared/IDBResourceIdentifier.cpp:
135         (WebCore::IDBResourceIdentifier::IDBResourceIdentifier):
136         (WebCore::IDBResourceIdentifier::emptyValue):
137         (WebCore::IDBResourceIdentifier::deletedValue):
138         (WebCore::IDBResourceIdentifier::isHashTableDeletedValue const):
139         (WebCore::IDBResourceIdentifier::loggingString const):
140         * Modules/indexeddb/shared/IDBResourceIdentifier.h:
141         (WebCore::IDBResourceIdentifier::hash const):
142         (WebCore::IDBResourceIdentifier::connectionIdentifier const):
143         (WTF::crossThreadCopy):
144         * Modules/indexeddb/shared/InProcessIDBServer.cpp:
145         (WebCore::InProcessIDBServer::identifier const):
146         * Modules/indexeddb/shared/InProcessIDBServer.h:
147
148 2019-09-12  Youenn Fablet  <youenn@apple.com>
149
150         Use WebProcess processIdentifier to identify Service Worker connections
151         https://bugs.webkit.org/show_bug.cgi?id=201459
152
153         Reviewed by Chris Dumez.
154
155         No observable change of behavior.
156
157         * workers/service/ServiceWorkerClient.cpp:
158         (WebCore::ServiceWorkerClient::postMessage):
159         Pass sessionID to ease NetworkProcess selection of the client process connection.
160         * workers/service/ServiceWorkerTypes.h:
161         Mark server connection identifier be process identifier based.
162         * workers/service/context/SWContextManager.h:
163         * workers/service/server/SWServer.cpp:
164         (WebCore::SWServer::Connection::Connection):
165         * workers/service/server/SWServer.h:
166         Let connection identifier be set in constructor instead of generated.
167
168 2019-09-11  Youenn Fablet  <youenn@apple.com>
169
170         Disable DTLS1.0
171         https://bugs.webkit.org/show_bug.cgi?id=201679
172
173         Reviewed by Alex Christensen.
174
175         Add an option to force to use DTLS1.0 and nothing else.
176         Add internals API to enter in that mode to verify that normal configurations cannot communicate with DTLS1.0.
177
178         Test: webrtc/datachannel/dtls10.html
179
180         * platform/mediastream/libwebrtc/LibWebRTCProvider.cpp:
181         (WebCore::LibWebRTCProvider::setEnableWebRTCEncryption):
182         (WebCore::LibWebRTCProvider::setUseDTLS10):
183         * platform/mediastream/libwebrtc/LibWebRTCProvider.h:
184         * testing/Internals.cpp:
185         (WebCore::Internals::setUseDTLS10):
186         * testing/Internals.h:
187         * testing/Internals.idl:
188
189 2019-09-11  Keith Rollin  <krollin@apple.com>
190
191         Log timeoutValue passed on to CFNetwork
192         https://bugs.webkit.org/show_bug.cgi?id=201701
193         <rdar://problem/55279683>
194
195         Reviewed by Chris Dumez.
196
197         Export ResourceRequest::timeoutValue for use in WebKit.
198
199         No new tests -- no new or changed functionality.
200
201         * platform/network/ResourceRequestBase.h:
202
203 2019-09-11  Saam Barati  <sbarati@apple.com>
204
205         [WHLSL] Remove null from the standard library
206         https://bugs.webkit.org/show_bug.cgi?id=201672
207
208         Reviewed by Robin Morisset.
209
210         I meant to remove `null` from the standard library in r249351, but
211         I had omitted the code I wrote to do that when I rebased that patch.
212         This patch removes it and ensures all tests pass when parsing the entire
213         standard library.
214
215         * Modules/webgpu/WHLSL/WHLSLStandardLibrary.txt:
216
217 2019-09-11  Chris Dumez  <cdumez@apple.com>
218
219         Use same parser for <meta http-equiv="refresh"> and `Refresh` HTTP header
220         https://bugs.webkit.org/show_bug.cgi?id=201694
221
222         Reviewed by Alex Christensen.
223
224         Use same parser for <meta http-equiv="refresh"> and `Refresh` HTTP header. This aligns
225         our behavior with Blink and makes us more compliant on web-platform-tests. This also
226         simplifies our code.
227
228         No new tests, rebaselined existing test.
229
230         * loader/FrameLoader.cpp:
231         (WebCore::FrameLoader::receivedFirstData):
232         * platform/network/HTTPParsers.cpp:
233         (WebCore::parseHTTPRefresh): Deleted.
234         * platform/network/HTTPParsers.h:
235
236 2019-09-11  Saam Barati  <sbarati@apple.com>
237
238         [WHLSL] Ensure structs/arrays with pointers as fields are disallowed
239         https://bugs.webkit.org/show_bug.cgi?id=201525
240
241         Reviewed by Robin Morisset.
242
243         This patch adds a pass which both ensures that references are always initialized with
244         concrete values and that we support logical mode validation by disallowing nested references.
245         
246         Specifically, the pass:
247         
248         1. Disallows structs to have fields which are references. This prevents us from having to
249         figure out how to default initialize such a struct. We could relax this in the future if we
250         did an analysis on which structs contain reference fields, and ensure such struct variables
251         always have initializers. This would also require us to create constructors for structs which
252         initialize each field.
253         2. We also do the same for arrays.
254         3. References can only be one level deep. So no pointers to pointers. No references to
255         references, etc. This is to support logical mode validation rules.
256
257         Test: webgpu/whlsl/ensure-proper-pointer-usage.html
258
259         * Modules/webgpu/WHLSL/WHLSLCheckReferenceTypes.cpp: Added.
260         (WebCore::WHLSL::checkReferenceTypes):
261         * Modules/webgpu/WHLSL/WHLSLCheckReferenceTypes.h: Added.
262         * Modules/webgpu/WHLSL/WHLSLChecker.cpp:
263         (WebCore::WHLSL::Checker::visit):
264         * Modules/webgpu/WHLSL/WHLSLPrepare.cpp:
265         (WebCore::WHLSL::prepareShared):
266         * Sources.txt:
267         * WebCore.xcodeproj/project.pbxproj:
268
269 2019-09-11  Devin Rousso  <drousso@apple.com>
270
271         Web Inspector: Canvas: instrument WebGPUDevice instead of GPUCanvasContext
272         https://bugs.webkit.org/show_bug.cgi?id=201650
273
274         Reviewed by Joseph Pecoraro.
275
276         Most of the actual "work" done with Web GPU actually uses a `WebGPUDevice`.
277
278         A `GPUCanvasContext` is basically just a display "client" of the device, and isn't even
279         required (e.g. compute pipeline).  We should treat the `GPUCanvasContext` almost like a
280         `-webkit-canvas` client of a `WebGPUDevice`.
281
282         Tests: inspector/canvas/create-context-webgpu.html
283                inspector/canvas/requestClientNodes-webgpu.html
284                inspector/canvas/resolveContext-webgpu.html
285
286         * Modules/webgpu/WebGPUAdapter.cpp:
287         (WebCore::WebGPUAdapter::requestDevice const):
288         Notify web inspector after a device is created.
289
290         * Modules/webgpu/WebGPUDevice.idl:
291         * Modules/webgpu/WebGPUDevice.h:
292         * Modules/webgpu/WebGPUDevice.cpp:
293         (WebCore::WebGPUDevice::instances): Added.
294         (WebCore::WebGPUDevice::instancesMutex): Added.
295         (WebCore::WebGPUDevice::~WebGPUDevice): Added.
296         Notify web inspector when the device is about to be destructed.
297
298         * Modules/webgpu/GPUCanvasContext.h:
299         * Modules/webgpu/GPUCanvasContext.cpp:
300         (WebCore::GPUCanvasContext::create):
301         (WebCore::GPUCanvasContext::configureSwapChain):
302
303         * inspector/InspectorCanvas.h:
304         * inspector/InspectorCanvas.cpp:
305         (WebCore::canvasIfContextMatchesDevice): Added.
306         (WebCore::InspectorCanvas::create):
307         (WebCore::InspectorCanvas::InspectorCanvas):
308         (WebCore::InspectorCanvas::canvasContext const): Added.
309         (WebCore::InspectorCanvas::canvasElement const): Added.
310         (WebCore::InspectorCanvas::isDeviceForCanvasContext const): Added.
311         (WebCore::InspectorCanvas::deviceContext const): Added.
312         (WebCore::InspectorCanvas::scriptExecutionContext const): Added.
313         (WebCore::InspectorCanvas::resolveContext const): Added.
314         (WebCore::InspectorCanvas::clientNodes const): Added.
315         (WebCore::InspectorCanvas::canvasChanged):
316         (WebCore::InspectorCanvas::resetRecordingData):
317         (WebCore::InspectorCanvas::recordAction):
318         (WebCore::InspectorCanvas::buildObjectForCanvas):
319         (WebCore::InspectorCanvas::releaseObjectForRecording):
320         (WebCore::InspectorCanvas::getCanvasContentAsDataURL):
321         (WebCore::InspectorCanvas::buildInitialState):
322         (WebCore::InspectorCanvas::canvasElement): Deleted.
323         * inspector/InspectorInstrumentation.cpp:
324         (WebCore::InspectorInstrumentation::didCreateWebGPUDeviceImpl): Added.
325         (WebCore::InspectorInstrumentation::willDestroyWebGPUDeviceImpl): Added.
326         (WebCore::InspectorInstrumentation::willConfigureSwapChainImpl): Added.
327         * inspector/InspectorInstrumentation.h:
328         (WebCore::InspectorInstrumentation::didCreateWebGPUDevice): Added.
329         (WebCore::InspectorInstrumentation::willDestroyWebGPUDevice): Added.
330         (WebCore::InspectorInstrumentation::willConfigureSwapChain): Added.
331
332         * inspector/agents/InspectorCanvasAgent.h:
333         * inspector/agents/InspectorCanvasAgent.cpp:
334         (WebCore::InspectorCanvasAgent::enable):
335         (WebCore::InspectorCanvasAgent::requestClientNodes): Added.
336         (WebCore::InspectorCanvasAgent::resolveContext): Added.
337         (WebCore::InspectorCanvasAgent::startRecording):
338         (WebCore::InspectorCanvasAgent::stopRecording):
339         (WebCore::InspectorCanvasAgent::frameNavigated):
340         (WebCore::InspectorCanvasAgent::didChangeCSSCanvasClientNodes):
341         (WebCore::InspectorCanvasAgent::didChangeCanvasMemory):
342         (WebCore::InspectorCanvasAgent::canvasDestroyed):
343         (WebCore::InspectorCanvasAgent::recordCanvasAction):
344         (WebCore::InspectorCanvasAgent::didFinishRecordingCanvasFrame):
345         (WebCore::InspectorCanvasAgent::didCreateWebGPUDevice): Added.
346         (WebCore::InspectorCanvasAgent::willDestroyWebGPUDevice): Added.
347         (WebCore::InspectorCanvasAgent::willConfigureSwapChain): Added.
348         (WebCore::InspectorCanvasAgent::clearCanvasData):
349         (WebCore::InspectorCanvasAgent::bindCanvas):
350         (WebCore::InspectorCanvasAgent::unbindCanvas):
351         (WebCore::InspectorCanvasAgent::findInspectorCanvas):
352         (WebCore::InspectorCanvasAgent::requestCSSCanvasClientNodes): Deleted.
353         (WebCore::contextAsScriptValue): Deleted.
354         (WebCore::InspectorCanvasAgent::resolveCanvasContext): Deleted.
355
356         * inspector/InspectorShaderProgram.cpp:
357         (WebCore::InspectorShaderProgram::context const):
358
359 2019-09-11  Chris Dumez  <cdumez@apple.com>
360
361         Posting a message to a redundant service worker should fail silently instead of throwing
362         https://bugs.webkit.org/show_bug.cgi?id=201696
363
364         Reviewed by Geoffrey Garen.
365
366         Posting a message to a redundant service worker should fail silently instead of throwing:
367         - https://w3c.github.io/ServiceWorker/#dom-serviceworker-postmessage-message-options
368         - https://w3c.github.io/ServiceWorker/#run-service-worker (step 2)
369
370         No new tests, rebaselined existing test.
371
372         * workers/service/ServiceWorker.cpp:
373         (WebCore::ServiceWorker::postMessage):
374         * workers/service/server/SWServer.cpp:
375         (WebCore::SWServer::runServiceWorkerIfNecessary):
376
377 2019-09-11  Chris Dumez  <cdumez@apple.com>
378
379         Align our XPath API with the specification and other browsers
380         https://bugs.webkit.org/show_bug.cgi?id=201660
381
382         Reviewed by Geoffrey Garen.
383
384         Align our XPath API with the specification and other browsers:
385         - Document/XPathEvaluator.createExpression()'s first parameter should be mandatory
386         - Document/XPathEvaluator.evaluate()'s first 2 parameters should be mandatory
387         - XPathExpression.evaluate()'s first parameter should be mandatory
388
389         I have confirmed in the latest Chrome and Firefox that they match the specification.
390         
391         No new tests, rebaselined existing test.
392
393         * dom/Document.cpp:
394         (WebCore::Document::evaluate):
395         * dom/Document.h:
396         * dom/Document.idl:
397         * inspector/InspectorNodeFinder.cpp:
398         (WebCore::InspectorNodeFinder::searchUsingXPath):
399         * xml/XPathEvaluator.cpp:
400         (WebCore::XPathEvaluator::evaluate):
401         * xml/XPathEvaluator.h:
402         * xml/XPathEvaluator.idl:
403         * xml/XPathExpression.cpp:
404         (WebCore::XPathExpression::evaluate):
405         * xml/XPathExpression.h:
406         * xml/XPathExpression.idl:
407         * xml/XPathUtil.cpp:
408         (WebCore::XPath::isValidContextNode):
409         * xml/XPathUtil.h:
410
411 2019-09-11  Simon Fraser  <simon.fraser@apple.com>
412
413         REGRESSION (iOS 13): Top fixed element on apple.com flickers in size while pinching in
414         https://bugs.webkit.org/show_bug.cgi?id=201668
415         rdar://problem/51934041
416
417         Reviewed by Frédéric Wang.
418
419         When computing the new layout viewport rect in ScrollingTreeFrameScrollingNode, use
420         "StickToDocumentBounds" mode, not "StickToViewportBounds", because otherwise we'll compute
421         a layout viewport that has negative top/left offsets which causes fixed elements to jump outside
422         the viewport. The only code that should be moving things outside the viewport (a temporary effect
423         that happens when pinching) is the 'isBelowMinimumScale' path in WebPageProxy::computeCustomFixedPositionRect().
424
425         With this change ScrollingTreeFrameScrollingNode no longer needs m_behaviorForFixed; it can be removed later.
426
427         Not currently testable, since it involves pinching in past minimum zoom and transients state.
428
429         * page/scrolling/ScrollingTreeFrameScrollingNode.cpp:
430         (WebCore::ScrollingTreeFrameScrollingNode::layoutViewportForScrollPosition const):
431
432 2019-09-11  Truitt Savell  <tsavell@apple.com>
433
434         Unreviewed, rolling out r249753.
435
436         caused inspector/canvas/shaderProgram-add-remove-webgl.html to
437         crash on all Mac platforms.
438
439         Reverted changeset:
440
441         "Web Inspector: Canvas: instrument WebGPUDevice instead of
442         GPUCanvasContext"
443         https://bugs.webkit.org/show_bug.cgi?id=201650
444         https://trac.webkit.org/changeset/249753
445
446 2019-09-11  Antti Koivisto  <antti@apple.com>
447
448         REGRESSION (245006): can't scroll in "read more" view in Eventbrite app
449         https://bugs.webkit.org/show_bug.cgi?id=201683
450         <rdar://problem/54582602>
451
452         Reviewed by Simon Fraser.
453
454         * platform/RuntimeApplicationChecks.h:
455         * platform/cocoa/RuntimeApplicationChecksCocoa.mm:
456         (WebCore::IOSApplication::isEventbrite):
457
458 2019-09-11  Ryan Haddad  <ryanhaddad@apple.com>
459
460         Unreviewed, rolling out r249758.
461
462         Breaks the watchOS build.
463
464         Reverted changeset:
465
466         "[WHLSL] Ensure structs/arrays with pointers as fields are
467         disallowed"
468         https://bugs.webkit.org/show_bug.cgi?id=201525
469         https://trac.webkit.org/changeset/249758
470
471 2019-09-11  Ali Juma  <ajuma@chromium.org>
472
473         Prevent reentrancy FrameLoader::dispatchUnloadEvents()
474         https://bugs.webkit.org/show_bug.cgi?id=200738
475
476         Reviewed by Brady Eidson.
477
478         Reentrancy causes m_pageDismissalEventBeingDispatched to be incorrectly
479         updated, so don't allow reentrancy.
480
481         Since this prevents m_pageDismissalEventBeingDispatched from being reset
482         inside a reentrant call, it can have the unintended effect of causing
483         FrameLoader::stopAllLoaders to early-out when called from
484         FrameLoader::detachFromParent while a frame's unload event handler
485         calls document.open() on a parent frame and causes itself to become
486         detached. Allowing a load to continue in a detached frame will lead to
487         a crash. To prevent this, add a new argument to FrameLoader::stopAllLoaders
488         that FrameLoader::detachFromParent can use to prevent an early-out.
489
490         * loader/FrameLoader.cpp:
491         (WebCore::FrameLoader::stopAllLoaders):
492         (WebCore::FrameLoader::detachFromParent):
493         (WebCore::FrameLoader::dispatchUnloadEvents):
494         (WebCore::FrameLoader::dispatchBeforeUnloadEvent):
495         Ensure that m_pageDismissalEventBeingDispatched is reset to its previous value, even if this is not None.
496         * loader/FrameLoader.h:
497         * loader/FrameLoaderTypes.h:
498         Add a StopLoadingPolicy enum.
499
500 2019-09-11  Charlie Turner  <cturner@igalia.com>
501
502         [GStreamer] Do not adopt floating references.
503         https://bugs.webkit.org/show_bug.cgi?id=201685
504
505         Reviewed by Carlos Garcia Campos.
506
507         Covered by existing tests.
508
509         * platform/graphics/gstreamer/GStreamerCommon.cpp:
510         (WebCore::initializeGStreamer): gst_element_factory_make returns
511         floating references, you do not adopt such references, rather you
512         sink them.
513
514 2019-09-11  Saam Barati  <sbarati@apple.com>
515
516         [WHLSL] Ensure structs/arrays with pointers as fields are disallowed
517         https://bugs.webkit.org/show_bug.cgi?id=201525
518
519         Reviewed by Robin Morisset.
520
521         This patch adds a pass which both ensures that references are always initialized with
522         concrete values and that we support logical mode validation by disallowing nested references.
523         
524         Specifically, the pass:
525         
526         1. Disallows structs to have fields which are references. This prevents us from having to
527         figure out how to default initialize such a struct. We could relax this in the future if we
528         did an analysis on which structs contain reference fields, and ensure such struct variables
529         always have initializers. This would also require us to create constructors for structs which
530         initialize each field.
531         2. We also do the same for arrays.
532         3. References can only be one level deep. So no pointers to pointers. No references to
533         references, etc. This is to support logical mode validation rules.
534
535         Test: webgpu/whlsl/ensure-proper-pointer-usage.html
536
537         * Modules/webgpu/WHLSL/WHLSLCheckReferenceTypes.cpp: Added.
538         (WebCore::WHLSL::checkReferenceTypes):
539         * Modules/webgpu/WHLSL/WHLSLCheckReferenceTypes.h: Added.
540         * Modules/webgpu/WHLSL/WHLSLChecker.cpp:
541         (WebCore::WHLSL::Checker::visit):
542         * Modules/webgpu/WHLSL/WHLSLPrepare.cpp:
543         (WebCore::WHLSL::prepareShared):
544         * Sources.txt:
545         * WebCore.xcodeproj/project.pbxproj:
546
547 2019-09-10  Devin Rousso  <drousso@apple.com>
548
549         Web Inspector: Canvas: instrument WebGPUDevice instead of GPUCanvasContext
550         https://bugs.webkit.org/show_bug.cgi?id=201650
551
552         Reviewed by Joseph Pecoraro.
553
554         Most of the actual "work" done with Web GPU actually uses a `WebGPUDevice`.
555
556         A `GPUCanvasContext` is basically just a display "client" of the device, and isn't even
557         required (e.g. compute pipeline).  We should treat the `GPUCanvasContext` almost like a
558         `-webkit-canvas` client of a `WebGPUDevice`.
559
560         Tests: inspector/canvas/create-context-webgpu.html
561                inspector/canvas/requestClientNodes-webgpu.html
562                inspector/canvas/resolveContext-webgpu.html
563
564         * Modules/webgpu/WebGPUAdapter.cpp:
565         (WebCore::WebGPUAdapter::requestDevice const):
566         Notify web inspector after a device is created.
567
568         * Modules/webgpu/WebGPUDevice.idl:
569         * Modules/webgpu/WebGPUDevice.h:
570         * Modules/webgpu/WebGPUDevice.cpp:
571         (WebCore::WebGPUDevice::instances): Added.
572         (WebCore::WebGPUDevice::instancesMutex): Added.
573         (WebCore::WebGPUDevice::~WebGPUDevice): Added.
574         Notify web inspector when the device is about to be destructed.
575
576         * Modules/webgpu/GPUCanvasContext.h:
577         * Modules/webgpu/GPUCanvasContext.cpp:
578         (WebCore::GPUCanvasContext::create):
579         (WebCore::GPUCanvasContext::configureSwapChain):
580
581         * inspector/InspectorCanvas.h:
582         * inspector/InspectorCanvas.cpp:
583         (WebCore::canvasIfContextMatchesDevice): Added.
584         (WebCore::InspectorCanvas::create):
585         (WebCore::InspectorCanvas::InspectorCanvas):
586         (WebCore::InspectorCanvas::canvasContext const): Added.
587         (WebCore::InspectorCanvas::canvasElement const): Added.
588         (WebCore::InspectorCanvas::isDeviceForCanvasContext const): Added.
589         (WebCore::InspectorCanvas::deviceContext const): Added.
590         (WebCore::InspectorCanvas::scriptExecutionContext const): Added.
591         (WebCore::InspectorCanvas::resolveContext const): Added.
592         (WebCore::InspectorCanvas::clientNodes const): Added.
593         (WebCore::InspectorCanvas::canvasChanged):
594         (WebCore::InspectorCanvas::resetRecordingData):
595         (WebCore::InspectorCanvas::recordAction):
596         (WebCore::InspectorCanvas::buildObjectForCanvas):
597         (WebCore::InspectorCanvas::releaseObjectForRecording):
598         (WebCore::InspectorCanvas::getCanvasContentAsDataURL):
599         (WebCore::InspectorCanvas::buildInitialState):
600         (WebCore::InspectorCanvas::canvasElement): Deleted.
601         * inspector/InspectorInstrumentation.cpp:
602         (WebCore::InspectorInstrumentation::didCreateWebGPUDeviceImpl): Added.
603         (WebCore::InspectorInstrumentation::willDestroyWebGPUDeviceImpl): Added.
604         (WebCore::InspectorInstrumentation::willConfigureSwapChainImpl): Added.
605         * inspector/InspectorInstrumentation.h:
606         (WebCore::InspectorInstrumentation::didCreateWebGPUDevice): Added.
607         (WebCore::InspectorInstrumentation::willDestroyWebGPUDevice): Added.
608         (WebCore::InspectorInstrumentation::willConfigureSwapChain): Added.
609
610         * inspector/agents/InspectorCanvasAgent.h:
611         * inspector/agents/InspectorCanvasAgent.cpp:
612         (WebCore::InspectorCanvasAgent::enable):
613         (WebCore::InspectorCanvasAgent::requestClientNodes): Added.
614         (WebCore::InspectorCanvasAgent::resolveContext): Added.
615         (WebCore::InspectorCanvasAgent::startRecording):
616         (WebCore::InspectorCanvasAgent::stopRecording):
617         (WebCore::InspectorCanvasAgent::frameNavigated):
618         (WebCore::InspectorCanvasAgent::didChangeCSSCanvasClientNodes):
619         (WebCore::InspectorCanvasAgent::didChangeCanvasMemory):
620         (WebCore::InspectorCanvasAgent::canvasDestroyed):
621         (WebCore::InspectorCanvasAgent::recordCanvasAction):
622         (WebCore::InspectorCanvasAgent::didFinishRecordingCanvasFrame):
623         (WebCore::InspectorCanvasAgent::didCreateWebGPUDevice): Added.
624         (WebCore::InspectorCanvasAgent::willDestroyWebGPUDevice): Added.
625         (WebCore::InspectorCanvasAgent::willConfigureSwapChain): Added.
626         (WebCore::InspectorCanvasAgent::clearCanvasData):
627         (WebCore::InspectorCanvasAgent::bindCanvas):
628         (WebCore::InspectorCanvasAgent::unbindCanvas):
629         (WebCore::InspectorCanvasAgent::findInspectorCanvas):
630         (WebCore::InspectorCanvasAgent::requestCSSCanvasClientNodes): Deleted.
631         (WebCore::contextAsScriptValue): Deleted.
632         (WebCore::InspectorCanvasAgent::resolveCanvasContext): Deleted.
633
634         * inspector/InspectorShaderProgram.cpp:
635         (WebCore::InspectorShaderProgram::context const):
636
637 2019-09-10  Chris Dumez  <cdumez@apple.com>
638
639         Nullptr crash in Page::sessionID() via WebKit::WebFrameLoaderClient::detachedFromParent2()
640         https://bugs.webkit.org/show_bug.cgi?id=201625
641
642         Reviewed by Ryosuke Niwa.
643
644         This is based on a patch from Ryosuke Niwa.
645
646         Drop setHasFrameSpecificStorageAccess() in WebCore and call it from the WebKit layer instead.
647
648         * dom/DocumentStorageAccess.cpp:
649         (WebCore::DocumentStorageAccess::requestStorageAccess):
650         (WebCore::DocumentStorageAccess::setHasFrameSpecificStorageAccess): Deleted.
651         * dom/DocumentStorageAccess.h:
652         * loader/EmptyFrameLoaderClient.h:
653         * loader/FrameLoaderClient.h:
654
655 2019-09-10  Brady Eidson  <beidson@apple.com>
656
657         Add SPI to save a PDF from the contents of a WKWebView.
658         <rdar://problem/48955900> and https://bugs.webkit.org/show_bug.cgi?id=195765
659
660         Reviewed by Tim Horton.
661
662         Covered by API tests.
663
664         * page/FrameView.cpp:
665         (WebCore::FrameView::paintContents): Don't paint the debug color outside of the FrameRect.
666
667         * platform/graphics/cg/GraphicsContextCG.cpp:
668         (WebCore::GraphicsContext::setURLForRect):
669
670         * rendering/PaintPhase.h: Add "AnnotateLinks" option to always gather and annotation links.
671
672         * rendering/RenderElement.cpp:
673         (WebCore::RenderElement::hasOutlineAnnotation const): Also return true when the PaintOptions include "AnnotateLinks"
674
675 2019-09-10  Jiewen Tan  <jiewen_tan@apple.com>
676
677         REGRESSION: [ Catalina WK2 ] http/wpt/webauthn/public-key-credential-create-success-u2f.https.html is failing
678         https://bugs.webkit.org/show_bug.cgi?id=201620
679         <rdar://problem/51524958>
680
681         Reviewed by Alex Christensen.
682
683         Covered by existing tests.
684
685         * Modules/webauthn/fido/U2fResponseConverter.cpp:
686         (fido::WebCore::createAttestedCredentialDataFromU2fRegisterResponse):
687         Change the way how the aaguid is initialized to see if that fixes the issue.
688
689 2019-09-10  Chris Dumez  <cdumez@apple.com>
690
691         Add missing origin check for Service-Worker-Allowed header
692         https://bugs.webkit.org/show_bug.cgi?id=201653
693
694         Reviewed by Geoffrey Garen.
695
696         Add missing origin check for Service-Worker-Allowed header:
697         - https://w3c.github.io/ServiceWorker/#update-algorithm (step 15. 2.)
698
699         * workers/service/ServiceWorkerJob.cpp:
700         (WebCore::ServiceWorkerJob::didReceiveResponse):
701
702 2019-09-10  Sihui Liu  <sihui_liu@apple.com>
703
704         IndexedDB: cache prepared SQLiteStatement in SQLiteIDBCursor
705         https://bugs.webkit.org/show_bug.cgi?id=201548
706
707         Reviewed by Alex Christensen.
708
709         This should be a performance improvement as we don't compile the same SQLiteStatement everytime it is used.
710
711         No new tests, no behavior change.
712
713         * Modules/indexeddb/server/SQLiteIDBCursor.cpp:
714         (WebCore::IDBServer::SQLiteIDBCursor::internalFetchNextRecord):
715         * Modules/indexeddb/server/SQLiteIDBCursor.h:
716
717 2019-09-10  Youenn Fablet  <youenn@apple.com>
718
719         RTCPeerConnection can only be instantiated in documents
720         https://bugs.webkit.org/show_bug.cgi?id=201639
721
722         Reviewed by Alex Christensen.
723
724         Make it clear that RTCDataChannel expects Document since peer connections
725         and data channels can only be instantiated in document environments.
726         We keep one downcast in RTCPeerConnection constructor due to a limitation
727         in binding generator for JS built-ins.
728         No change of behavior.
729
730         * Modules/mediastream/RTCDataChannel.cpp:
731         (WebCore::RTCDataChannel::create):
732         (WebCore::RTCDataChannel::RTCDataChannel):
733         * Modules/mediastream/RTCDataChannel.h:
734         * Modules/mediastream/RTCPeerConnection.cpp:
735         (WebCore::RTCPeerConnection::create):
736         (WebCore::RTCPeerConnection::RTCPeerConnection):
737         (WebCore::RTCPeerConnection::certificatesFromConfiguration):
738         (WebCore::RTCPeerConnection::createDataChannel):
739         (WebCore::RTCPeerConnection::document):
740         * Modules/mediastream/RTCPeerConnection.h:
741         * Modules/mediastream/RTCPeerConnection.idl:
742         * Modules/mediastream/libwebrtc/LibWebRTCDataChannelHandler.cpp:
743         (WebCore::LibWebRTCDataChannelHandler::channelEvent):
744         * Modules/mediastream/libwebrtc/LibWebRTCDataChannelHandler.h:
745         * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
746         (WebCore::LibWebRTCMediaEndpoint::OnDataChannel):
747
748 2019-09-10  Youenn Fablet  <youenn@apple.com>
749
750         Remove MediaStreamPrivate::scheduleDeferredTask
751         https://bugs.webkit.org/show_bug.cgi?id=200975
752
753         Reviewed by Eric Carlson.
754
755         All calls to scheduleDeferredTask are done on the main thread.
756         This was initially done to trigger less reconfiguration.
757         But this makes the implementation significantly more complex.
758
759         For instance, we have to wait for the document to update its media state
760         and send it to UIProcess before calling the allow completion handler.
761
762         Covered by existing tests.
763
764         * Modules/mediastream/MediaStream.cpp:
765         (WebCore::MediaStream::MediaStream):
766         Make sure to update the document media state once the tracks have been added, similarly to the other constructor.
767         This ensures the document media state is computed with the new MediaStreamTrack.
768         * Modules/mediastream/UserMediaRequest.cpp:
769         (WebCore::isMediaStreamCorrectlyStarted):
770         (WebCore::UserMediaRequest::allow):
771         (WebCore::UserMediaRequest::stop):
772         (WebCore::UserMediaRequest::mediaStreamDidFail):
773         * Modules/mediastream/UserMediaRequest.h:
774         * page/MediaProducer.h:
775         (WebCore::MediaProducer::isCapturing):
776         Make sure to include getDisplayMedia as part of capture check.
777         * platform/mediastream/MediaStreamPrivate.cpp:
778         (WebCore::MediaStreamPrivate::trackMutedChanged):
779         (WebCore::MediaStreamPrivate::trackEnabledChanged):
780         (WebCore::MediaStreamPrivate::trackStarted):
781         (WebCore::MediaStreamPrivate::trackEnded):
782         * platform/mediastream/MediaStreamPrivate.h:
783
784 2019-09-10  Youenn Fablet  <youenn@apple.com>
785
786         Audio sometimes fail to capture in WebRTC
787         https://bugs.webkit.org/show_bug.cgi?id=180748
788         <rdar://problem/36032346>
789
790         Reviewed by Eric Carlson.
791
792         In some cases, Safari is not receiving unsuspend notifications.
793         In that case, the capture unit might stay in suspend state forever.
794         To work around that, we force to unsuspend whenever there is a new capture happening.
795         This will make it so that reloading the page will unsuspend the page.
796
797         Manually tested by triggering Siri, starting to use the microphone and quickly going back to a capturing page.
798
799         * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
800         (WebCore::CoreAudioSharedUnit::provideSpeakerData):
801         When suspension happens, the buffer size might change.
802         Since this is only an issue if there are some references data, we now do not fail the capture when there
803         is no reference data.
804         (WebCore::CoreAudioSharedUnit::resume):
805         (WebCore::CoreAudioSharedUnit::prepareForNewCapture):
806         Make sure to start with a clean slate by setting suspend state to false for the shared unit.
807         And failing all previous sources in case we are going back from suspension.
808         (WebCore::CoreAudioSharedUnit::startInternal):
809         (WebCore::CoreAudioCaptureSourceFactory::audioCaptureDeviceManager):
810         (WebCore::CoreAudioCaptureSource::CoreAudioCaptureSource):
811
812 2019-09-10  Adrian Perez de Castro  <aperez@igalia.com>
813
814         [GTK][WPE] Fixes for non-unified builds after r249022
815         https://bugs.webkit.org/show_bug.cgi?id=201610
816
817         Reviewed by Joseph Pecoraro.
818
819         No new tests needed.
820
821         * fileapi/NetworkSendQueue.h: Add missing inclusion of wtf/WeakPtr.h; add the namespace to WTF::WeakPtr
822         which is needed because there is no "using" clause.
823         * inspector/InspectorInstrumentation.cpp: Add missing inclusion of the PageDOMDebuggerAgent.h header.
824         * inspector/agents/WebDebuggerAgent.cpp: Add missing inclusion of the ScriptExecutionContext.h header.
825         * inspector/agents/page/PageDOMDebuggerAgent.cpp: Add missing inclusion of the InstrumentingAgents.h header.
826
827 2019-09-10  Youenn Fablet  <youenn@apple.com>
828
829         Add support to RTCDataChannel.send(Blob)
830         https://bugs.webkit.org/show_bug.cgi?id=201377
831
832         Reviewed by Chris Dumez.
833
834         Make use of NetworkSendQueue to enqueue and send properly messages.
835         Test: imported/w3c/web-platform-tests/webrtc/RTCDataChannel-send-blob-order.html
836
837         * Modules/mediastream/RTCDataChannel.cpp:
838         (WebCore::RTCDataChannel::createMessageQueue):
839         (WebCore::RTCDataChannel::RTCDataChannel):
840         (WebCore::RTCDataChannel::send):
841         (WebCore::RTCDataChannel::close):
842         * Modules/mediastream/RTCDataChannel.h:
843
844 2019-09-10  Ryosuke Niwa  <rniwa@webkit.org>
845
846         Option + arrow moves caret past whitespace on iOS
847         https://bugs.webkit.org/show_bug.cgi?id=201575
848
849         Reviewed by Wenson Hsieh.
850
851         The bug was caused by findNextWordFromIndex on iOS behaving differently from macOS and UIKit by skipping
852         trailing whitespace after a word when moving forward and not skipping leading whitespace when moving backward.
853
854         This patch introduces a new mode (StopAfterWord) of findNextWordFromIndex in iOS that better matches
855         the behavior of findNextWordFromIndex on macOS and UIKit, and use it in various modify* functions of
856         FrameSelection when the selection update is triggered by user.
857
858         The legacy mode (LegacyStopBeforeWord) is used in all other call sites as well as when modify* functions
859         are invoked from author scripts.
860
861         Test: editing/selection/ios/move-by-word-with-keyboard.html
862
863         * editing/FrameSelection.cpp:
864         (WebCore::nextWordWhitespaceModeInIOS): Added. A helper to convert EUserTriggered to NextWordModeInIOS.
865         (WebCore::FrameSelection::nextWordPositionForPlatform):
866         (WebCore::FrameSelection::modifyExtendingRight):
867         (WebCore::FrameSelection::modifyExtendingForward):
868         (WebCore::FrameSelection::modifyMovingRight):
869         (WebCore::FrameSelection::modifyMovingForward):
870         (WebCore::FrameSelection::modifyExtendingLeft):
871         (WebCore::FrameSelection::modifyExtendingBackward):
872         (WebCore::FrameSelection::modifyMovingLeft):
873         (WebCore::FrameSelection::modifyMovingBackward):
874         (WebCore::FrameSelection::modify):
875         (WebCore::FrameSelection::updateAppearance):
876         * editing/FrameSelection.h:
877         * editing/TextIterator.cpp:
878         (WebCore::SearchBuffer::isWordStartMatch const):
879         * editing/VisibleUnits.cpp:
880         (WebCore::previousWordPositionBoundary):
881         (WebCore::previousWordPosition):
882         (WebCore::nextWordPositionBoundary):
883         (WebCore::nextWordPosition):
884         * editing/VisibleUnits.h:
885         * platform/text/TextBoundaries.cpp:
886         (WebCore::findNextWordFromIndex):
887         * platform/text/TextBoundaries.h:
888         * platform/text/mac/TextBoundaries.mm:
889         (WebCore::findNextWordFromIndex): Added a new mode.
890
891 2019-09-09  Chris Dumez  <cdumez@apple.com>
892
893         REGRESSION: http/tests/resourceLoadStatistics/do-not-capture-statistics-for-simple-top-navigations.html is frequently timing out on iOS EWS bots
894         https://bugs.webkit.org/show_bug.cgi?id=201550
895
896         Reviewed by Alex Christensen.
897
898         * loader/ResourceLoadObserver.h:
899         (WebCore::ResourceLoadObserver::hasStatistics const):
900
901 2019-09-09  Timothy Hatcher  <timothy@apple.com>
902
903         Tap and hold on Facebook sometimes creates a tall empty selection.
904         https://bugs.webkit.org/show_bug.cgi?id=201618
905         rdar://53630145
906
907         Reviewed by Megan Gardner.
908
909         API Test: SelectionTests.ByWordAtEndOfDocument
910
911         * editing/VisibleUnits.cpp:
912         (WebCore::wordRangeFromPosition):
913         Remove special case code for the possibility of an empty paragraph and at the end
914         of the document. This is no longer needed and was causing a large selection to be
915         created on Facebook due to large areas of non-selectable content on the page.
916
917 2019-09-09  Joonghun Park  <jh718.park@samsung.com>
918
919         getComputedStyle for line-height: normal should return the keyword instead of a length
920         https://bugs.webkit.org/show_bug.cgi?id=201296
921
922         Reviewed by Ryosuke Niwa.
923
924         Per https://github.com/w3c/csswg-drafts/issues/3749,
925         Gecko and Blink has this behavior already.
926
927         This patch makes WebKit has the same behavior with them.
928
929         Tests: imported/w3c/web-platform-tests/css/css-inline/parsing/line-height-computed.html
930                imported/w3c/web-platform-tests/css/cssom/getComputedStyle-line-height.html
931                imported/w3c/web-platform-tests/html/rendering/replaced-elements/the-select-element/select-1-line-height.html
932
933         * css/CSSComputedStyleDeclaration.cpp:
934         (WebCore::lineHeightFromStyle):
935
936 2019-09-09  Alex Christensen  <achristensen@webkit.org>
937
938         Disable TLS 1.0 and 1.1 in WebSockets
939         https://bugs.webkit.org/show_bug.cgi?id=201573
940
941         Reviewed by Youenn Fablet.
942
943         This expands on what I started in r249019 when I disabled legacy TLS for our use of NSURLSession.
944         Since our WebSocket implementation uses a different network interface, disable legacy TLS for them, too.
945         I use the same temporary default to re-enable legacy TLS.  I also add a unit test for both WebSockets and NSURLSession use.
946
947         * platform/network/cf/SocketStreamHandleImpl.h:
948         * platform/network/cf/SocketStreamHandleImplCFNet.cpp:
949         (WebCore::Function<bool):
950         (WebCore::SocketStreamHandleImpl::setLegacyTLSEnabledCheck):
951         (WebCore::SocketStreamHandleImpl::createStreams):
952
953 2019-09-09  Saam Barati  <sbarati@apple.com>
954
955         Unreviewed follow up to r249630. We need padding for ADDRESS32 CPUs to allow replaceWith to work on the intended types.
956
957         * Modules/webgpu/WHLSL/AST/WHLSLIndexExpression.h:
958
959 2019-09-09  Zalan Bujtas  <zalan@apple.com>
960
961         [LFC][TFC] Introduce cell spacing.
962         https://bugs.webkit.org/show_bug.cgi?id=201605
963         <rdar://problem/55184009>
964
965         Reviewed by Antti Koivisto.
966
967         This patch adds support for horizontal and vertical cell spacing (border-spacing). Now LFC matches table geometry for simple table content with multiple columns and rows. 
968
969         * layout/FormattingContextGeometry.cpp:
970         (WebCore::Layout::FormattingContext::Geometry::contentHeightForFormattingContextRoot const): Now we can use the generic, check the inflow content logic for table height.
971         * layout/LayoutUnits.h:
972         (WebCore::Layout::HorizontalEdges::width const):
973         (WebCore::Layout::VerticalEdges::height const):
974         * layout/Verification.cpp:
975         (WebCore::Layout::verifyAndOutputSubtree):
976         * layout/tableformatting/TableFormattingContext.cpp:
977         (WebCore::Layout::TableFormattingContext::layout):
978         (WebCore::Layout::TableFormattingContext::layoutTableCellBox):
979         (WebCore::Layout::TableFormattingContext::positionTableCells):
980         (WebCore::Layout::TableFormattingContext::setComputedGeometryForRows):
981         (WebCore::Layout::TableFormattingContext::setComputedGeometryForSections):
982         (WebCore::Layout::TableFormattingContext::computedIntrinsicWidthConstraints):
983         (WebCore::Layout::TableFormattingContext::ensureTableGrid):
984         (WebCore::Layout::TableFormattingContext::computePreferredWidthForColumns):
985         (WebCore::Layout::TableFormattingContext::computedTableWidth):
986         (WebCore::Layout::TableFormattingContext::useAsContentLogicalWidth):
987         * layout/tableformatting/TableFormattingContext.h:
988         * layout/tableformatting/TableFormattingContextGeometry.cpp:
989         (WebCore::Layout::TableFormattingContext::Geometry::tableCellHeightAndMargin const):
990         * layout/tableformatting/TableGrid.cpp:
991         (WebCore::Layout::TableGrid::appendCell):
992         (WebCore::Layout::TableGrid::widthConstraints const):
993         (WebCore::Layout::TableGrid::ColumnsContext::useAsLogicalWidth): Deleted.
994         * layout/tableformatting/TableGrid.h:
995         (WebCore::Layout::TableGrid::setHorizontalSpacing):
996         (WebCore::Layout::TableGrid::horizontalSpacing const):
997         (WebCore::Layout::TableGrid::setVerticalSpacing):
998         (WebCore::Layout::TableGrid::verticalSpacing const):
999         (WebCore::Layout::TableGrid::ColumnsContext::logicalWidth const):
1000
1001 2019-09-09  Ryan Haddad  <ryanhaddad@apple.com>
1002
1003         Unreviewed, rolling out r249574.
1004
1005         Caused fast/mediastream/media-stream-track-source-failure.html
1006         to become flaky.
1007
1008         Reverted changeset:
1009
1010         "Remove MediaStreamPrivate::scheduleDeferredTask"
1011         https://bugs.webkit.org/show_bug.cgi?id=200975
1012         https://trac.webkit.org/changeset/249574
1013
1014 2019-09-09  Rob Buis  <rbuis@igalia.com>
1015
1016         [GTK][WPE] Remove attributes deprecated from MathML3
1017         https://bugs.webkit.org/show_bug.cgi?id=197492
1018
1019         Reviewed by Frédéric Wang.
1020
1021         Remove some MathML3 deprecated attributes:
1022         https://github.com/mathml-refresh/mathml/issues/5#issuecomment-475506856
1023
1024         This change also maps the dir attribute to direction for MathML Core.
1025
1026         Test: imported/w3c/web-platform-tests/mathml/relations/css-styling/attribute-mapping-001.html
1027
1028         * mathml/MathMLElement.cpp:
1029         (WebCore::MathMLElement::collectStyleForPresentationAttribute):
1030
1031 2019-09-09  Youenn Fablet  <youenn@apple.com>
1032
1033         Move checkProcessLocalPortForActivity from provider to registry
1034         https://bugs.webkit.org/show_bug.cgi?id=201400
1035
1036         Reviewed by Alex Christensen.
1037
1038         Update the registry to take a callback that is used to implement checkProcessLocalPortForActivity.
1039         This allows WK1 and WK2 to have their own implementation.
1040
1041         Make the call to checkProcessLocalPortForActivity directly on the registry.
1042         Remove unneeded worker checkProcessLocalPortForActivity method.
1043         No change of behavior.
1044
1045         * dom/messageports/MessagePortChannel.cpp:
1046         (WebCore::MessagePortChannel::checkRemotePortForActivity):
1047         * dom/messageports/MessagePortChannelProvider.h:
1048         * dom/messageports/MessagePortChannelProviderImpl.cpp:
1049         (WebCore::createMessagePortChannelRegistry):
1050         (WebCore::MessagePortChannelProviderImpl::MessagePortChannelProviderImpl):
1051         (WebCore::MessagePortChannelProviderImpl::checkProcessLocalPortForActivity): Deleted.
1052         * dom/messageports/MessagePortChannelProviderImpl.h:
1053         * dom/messageports/MessagePortChannelRegistry.cpp:
1054         (WebCore::MessagePortChannelRegistry::MessagePortChannelRegistry):
1055         (WebCore::MessagePortChannelRegistry::checkProcessLocalPortForActivity):
1056         * dom/messageports/MessagePortChannelRegistry.h:
1057         (WebCore::MessagePortChannelRegistry::provider): Deleted.
1058         * dom/messageports/WorkerMessagePortChannelProvider.cpp:
1059         (WebCore::WorkerMessagePortChannelProvider::checkProcessLocalPortForActivity): Deleted.
1060         * dom/messageports/WorkerMessagePortChannelProvider.h:
1061
1062 2019-09-08  Saam Barati  <sbarati@apple.com>
1063
1064         [WHLSL] Add back a version of the property resolver
1065         https://bugs.webkit.org/show_bug.cgi?id=201251
1066
1067         Reviewed by Robin Morisset.
1068
1069         This patch adds back the property resolver to aid in how we emit metal code.
1070         The goal of the new property resolver phase is to allow two things:
1071         1. For property access expressions, metal codegen should be allowed to evaluate
1072         the base, and if it's an index expression, the index, as many times as needed.
1073         So this patch ensures that if Metal evaluates such things, effects aren't performed
1074         more than once.
1075         
1076         2. For ReadModifyWrite expressions, metal codegen should be able to evaluate the
1077         leftValueExpression as many times as it'd like without performing the effects of
1078         leftValueExpression more than once.
1079         
1080         Here are a couple examples of this transformation:
1081         `a()[b()]` -> `(temp1 = a(), temp2 = b(), temp1[temp2])`
1082         `(*a())[b()] += 42;` -> `(temp1 = &*a(), temp2 = b(), (*temp1)[temp2] += 42)`
1083         
1084         The interesting rules break down like:
1085         - When the base is an lvalue, we take its address and replace the old base
1086         with a dereference of the new pointer variable.
1087         - When the base is an rvalue, we evaluate it and store it in a temporary
1088         variable, and switch the base to be a reference of that variable.
1089         - All indices are evaluated before the property access instruction and
1090         replaced with a reference to the temporary variable.
1091
1092         Test: webgpu/whlsl/property-evaluation-order.html
1093
1094         * Modules/webgpu/WHLSL/AST/WHLSLExpression.cpp:
1095         (WebCore::WHLSL::AST::Expression::mayBeEffectful const):
1096         * Modules/webgpu/WHLSL/AST/WHLSLExpression.h:
1097         * Modules/webgpu/WHLSL/AST/WHLSLIndexExpression.h:
1098         * Modules/webgpu/WHLSL/AST/WHLSLReadModifyWriteExpression.h:
1099         * Modules/webgpu/WHLSL/Metal/WHLSLFunctionWriter.cpp:
1100         (WebCore::WHLSL::Metal::FunctionDefinitionWriter::visit):
1101         * Modules/webgpu/WHLSL/WHLSLHighZombieFinder.cpp:
1102         (WebCore::WHLSL::findHighZombies):
1103         * Modules/webgpu/WHLSL/WHLSLPropertyResolver.cpp:
1104         (WebCore::WHLSL::PropertyResolver::handleLeftHandSideBase):
1105         (WebCore::WHLSL::PropertyResolver::handlePropertyAccess):
1106         (WebCore::WHLSL::resolveProperties):
1107
1108 2019-09-07  Chris Dumez  <cdumez@apple.com>
1109
1110         Add support for postMessage buffering between the service worker and window
1111         https://bugs.webkit.org/show_bug.cgi?id=201169
1112
1113         Reviewed by Youenn Fablet.
1114
1115         As per the Service Worker specification, a service worker client's message
1116         queue is initially disabled and only gets enabled after:
1117         - The DOMContentLoaded event has been fired
1118         or
1119         - The client sets the navigator.serviceWorker.onmessage event handler
1120         or
1121         - navigator.serviceWorker.startMessages() is called
1122
1123         While the message queue is disabled, messages posted by the service worker
1124         to the client simply get queued and only get processed once the queue gets
1125         enabled.
1126
1127         No new tests, rebaselined existing test.
1128
1129         * dom/Document.cpp:
1130         (WebCore::Document::finishedParsing):
1131         Call startMessages() on the ServiceWorkerContainer once the DOMContentLoaded event has
1132         been fired.
1133
1134         * dom/ScriptExecutionContext.cpp:
1135         (WebCore::ScriptExecutionContext::ensureServiceWorkerContainer):
1136         * dom/ScriptExecutionContext.h:
1137         * workers/service/SWClientConnection.cpp:
1138         (WebCore::SWClientConnection::postMessageToServiceWorkerClient):
1139         Fix a bug where a service worker would not be able to post a message to a client until
1140         that client has accessed navigator.serviceWorker (since the ServiceWorkerContainer is
1141         lazy initialized). To address the issue, we now initialize the ServiceWorkerContainer
1142         when a message is received from the service worker. Previously, messages were just
1143         getting dropped.
1144
1145         * workers/service/ServiceWorkerContainer.cpp:
1146         (WebCore::ServiceWorkerContainer::ServiceWorkerContainer):
1147         When the ServiceWorkerContainer is constructed, suspend its message queue if its context
1148         document is still parsing.
1149
1150         (WebCore::ServiceWorkerContainer::startMessages):
1151         Resume the message queue when startMessages() is called.
1152
1153         (WebCore::ServiceWorkerContainer::postMessage):
1154         Enqueue the event instead of firing it right away.
1155
1156         (WebCore::ServiceWorkerContainer::addEventListener):
1157         if navigator.serviceWorker.onmessage event handler gets set by the JavaScript, call
1158         startMessages().
1159
1160         * workers/service/ServiceWorkerContainer.h:
1161
1162 2019-09-07  Chris Dumez  <cdumez@apple.com>
1163
1164         [Service Workers] Drop support for registration resurrection
1165         https://bugs.webkit.org/show_bug.cgi?id=201584
1166
1167         Reviewed by Alex Christensen.
1168
1169         Drop support for registration resurrection (Unregistering then quickly re-registering would resurrect
1170         the original registration instead of creating a new one). This behavior is no longer in the
1171         specification (No more "isUninstalling" flag on the registration, and the registration is removed
1172         from the "scope to registration map" right away upon unregistering).
1173
1174         This resurrection behavior was causing a lot of flakiness in the tests so it is likely we will be able
1175         to unskip some tests. This is also what was causing the flakiness that caused Bug 201169 to be rolled
1176         out.
1177
1178         No new tests, updated existing tests.
1179
1180         * workers/service/server/SWServer.cpp:
1181         (WebCore::SWServer::activeWorkerFromRegistrationID):
1182         (WebCore::SWServer::getRegistration):
1183         (WebCore::SWServer::addRegistration):
1184         (WebCore::SWServer::removeRegistration):
1185         (WebCore::SWServer::getRegistrations):
1186         (WebCore::SWServer::clearAll):
1187         (WebCore::SWServer::clear):
1188         (WebCore::SWServer::terminatePreinstallationWorker):
1189         (WebCore::SWServer::didFinishActivation):
1190         (WebCore::SWServer::claim):
1191         (WebCore::SWServer::addClientServiceWorkerRegistration):
1192         (WebCore::SWServer::removeClientServiceWorkerRegistration):
1193         (WebCore::SWServer::installContextData):
1194         (WebCore::SWServer::runServiceWorker):
1195         (WebCore::SWServer::doRegistrationMatching):
1196         (WebCore::SWServer::registrationFromServiceWorkerIdentifier):
1197         (WebCore::SWServer::registerServiceWorkerClient):
1198         (WebCore::SWServer::unregisterServiceWorkerClient):
1199         (WebCore::SWServer::removeFromScopeToRegistrationMap):
1200         (WebCore::SWServer::performGetOriginsWithRegistrationsCallbacks):
1201         * workers/service/server/SWServer.h:
1202         * workers/service/server/SWServerJobQueue.cpp:
1203         (WebCore::SWServerJobQueue::runRegisterJob):
1204         (WebCore::SWServerJobQueue::runUnregisterJob):
1205         (WebCore::SWServerJobQueue::runUpdateJob):
1206         * workers/service/server/SWServerRegistration.cpp:
1207         (WebCore::SWServerRegistration::clear):
1208         (WebCore::SWServerRegistration::handleClientUnload):
1209         (WebCore::SWServerRegistration::isUnregistered const):
1210         * workers/service/server/SWServerRegistration.h:
1211         (WebCore::SWServerRegistration::scopeURLWithoutFragment const):
1212         * workers/service/server/SWServerWorker.cpp:
1213         (WebCore::SWServerWorker::SWServerWorker):
1214         (WebCore::m_scriptResourceMap):
1215         (WebCore::SWServerWorker::contextData const):
1216         (WebCore::SWServerWorker::skipWaiting):
1217         (WebCore::SWServerWorker::setHasPendingEvents):
1218         (WebCore::SWServerWorker::setState):
1219         (WebCore::SWServerWorker::registration const):
1220         * workers/service/server/SWServerWorker.h:
1221
1222 2019-09-07  Ryan Haddad  <ryanhaddad@apple.com>
1223
1224         Unreviewed, rolling out r249353.
1225
1226         The test for this change is a flaky failure.
1227
1228         Reverted changeset:
1229
1230         "Add support for postMessage buffering between the service
1231         worker and window"
1232         https://bugs.webkit.org/show_bug.cgi?id=201169
1233         https://trac.webkit.org/changeset/249353
1234
1235 2019-09-07  Alex Christensen  <achristensen@webkit.org>
1236
1237         Deprecate WKContextGetWebsiteDataStore
1238         https://bugs.webkit.org/show_bug.cgi?id=200050
1239
1240         Reviewed by Geoff Garen.
1241
1242         * platform/network/CacheValidation.cpp:
1243         (WebCore::collectVaryingRequestHeaders):
1244         (WebCore::verifyVaryingRequestHeaders):
1245         * platform/network/CacheValidation.h:
1246         Replace a few NetworkStorageSession& with NetworkStorageSession*
1247         so I can replace defaultStorageSession with the correct NetworkStorageSession in NetworkCache.cpp.
1248
1249 2019-09-06  Brent Fulgham  <bfulgham@apple.com>
1250
1251         [FTW] Minor cleanups to avoid crashes during web browsing
1252         https://bugs.webkit.org/show_bug.cgi?id=201572
1253
1254         Reviewed by Alexey Proskuryakov.
1255
1256         This patch addresses a few crashes seen when doing general web browsing using
1257         the FTW build of WebKit:
1258
1259         1. ImageBuffer::sinkIntoImage was attempting to use a render target after WTFMoving it elsewhere.
1260         2. ImageBuffer::copyNativeImage was not properly checking the type of the render
1261            target to make sure it was suitable for Bitmap operations.
1262         3. BackingStoreBackendDirect2DImpl::scroll would crash if the scroll offset was
1263            outside the bounds of the current view. In that case, it would attempt to allocate
1264            a zero-size texture, which triggered a crash.
1265
1266         * platform/graphics/win/BackingStoreBackendDirect2DImpl.cpp:
1267         (WebCore::BackingStoreBackendDirect2DImpl::scroll):
1268         * platform/graphics/win/ImageBufferDirect2D.cpp:
1269         (WebCore::ImageBuffer::sinkIntoImage):
1270         (WebCore::ImageBuffer::copyNativeImage const):
1271
1272 2019-09-06  Wenson Hsieh  <wenson_hsieh@apple.com>
1273
1274         Incorrect selection rect revealed after pasting images in a contenteditable element
1275         https://bugs.webkit.org/show_bug.cgi?id=201549
1276         <rdar://problem/50956429>
1277
1278         Reviewed by Simon Fraser.
1279
1280         Editor::replaceSelectionWithFragment currently scrolls to reveal the selection after inserting the given
1281         DocumentFragment. However, this scrolling occurs before any inserted images have loaded yet, which causes the
1282         wrong caret rect to be revealed, since all image elements inserted during paste will be empty.
1283
1284         To fix this, we defer revealing the selection after inserting the fragment until after all images that have
1285         been inserted are done loading. While waiting for images to load, if any layers which may be scrolled as a
1286         result of revealing the selection are scrolled, we additionally cancel the deferred selection reveal. See
1287         comments below for more detail.
1288
1289         Tests: editing/pasteboard/do-not-reveal-selection-after-programmatic-scroll.html
1290                editing/pasteboard/reveal-selection-after-pasting-images.html
1291                PasteImage.RevealSelectionAfterPastingImage
1292
1293         * editing/Editing.cpp:
1294         (WebCore::visibleImageElementsInRangeWithNonLoadedImages):
1295
1296         Add a new helper to iterate through a range and collect all image elements in that range, that contain cached
1297         images that have not finished loading yet.
1298
1299         * editing/Editing.h:
1300         * editing/Editor.cpp:
1301         (WebCore::Editor::replaceSelectionWithFragment):
1302
1303         Instead of always immediately revealing the selection after applying the ReplaceSelectionCommand, collect the
1304         image elements that were just inserted, and avoid immediately revealing the selection if any of these images
1305         have non-null cached images, but are not loaded yet. Instead, hold on to these images in a set, remove them once
1306         they finish loading using the new method below, and once all images are removed, reveal the selection.
1307
1308         (WebCore::Editor::revealSelectionIfNeededAfterLoadingImageForElement):
1309         (WebCore::Editor::renderLayerDidScroll):
1310
1311         Called whenever a scrollable RenderLayer is scrolled (or in the case of FrameView, the root layer). In the case
1312         where Editor is waiting to reveal the selection, we check to see if the scrolled layer is an ancestor of the
1313         layer enclosing the start of the selection.
1314
1315         (WebCore::Editor::respondToChangedSelection):
1316
1317         If the selection changes between pasting and waiting for pasted images to load, just cancel waiting to reveal
1318         the selection after pasting.
1319
1320         * editing/Editor.h:
1321         * editing/ReplaceSelectionCommand.cpp:
1322         (WebCore::ReplaceSelectionCommand::insertedContentRange const):
1323
1324         Add a helper method to grab the Range of content inserted after applying the command.
1325
1326         * editing/ReplaceSelectionCommand.h:
1327         * page/FrameView.cpp:
1328         (WebCore::FrameView::scrollPositionChanged):
1329         * page/FrameView.h:
1330         * page/Page.cpp:
1331         (WebCore::Page::didFinishLoadingImageForElement):
1332
1333         Notify Editor after an image finishes loading.
1334
1335         * rendering/RenderLayer.cpp:
1336         (WebCore::RenderLayer::scrollTo):
1337
1338 2019-09-06  Brent Fulgham  <bfulgham@apple.com>
1339
1340         PathDirect2D Cleanups
1341         https://bugs.webkit.org/show_bug.cgi?id=201534
1342
1343         Reviewed by Fujii Hironori.
1344
1345         1. Add a COMPtr<> move operator.
1346         2. Reduce copying ID2D1Geometry objects.
1347         3. Protect against using the ID2D1PathGeometry after the
1348            ID2D1GeometrySink's Close operation is used.
1349         4. Add a debug-only 'refCount' function to COMPtr to help
1350            track down memory errors.
1351
1352         * platform/graphics/Path.h:
1353         (WebCore::Path::activePath const): Deleted.
1354         * platform/graphics/win/Direct2DOperations.cpp:
1355         (WebCore::Direct2D::fillPath):
1356         (WebCore::Direct2D::drawPath):
1357         * platform/graphics/win/PathDirect2D.cpp:
1358         * platform/win/COMPtr.h:
1359         (COMPtr::COMPtr):
1360         (=):
1361         (refCount):
1362
1363 2019-09-06  Chris Dumez  <cdumez@apple.com>
1364
1365         Move the ResourceLoadObserver logic to WebKit2
1366         https://bugs.webkit.org/show_bug.cgi?id=201517
1367
1368         Reviewed by Brent Fulgham.
1369
1370         Move the ResourceLoadObserver logic to WebKit2 since it is not used by WebKit1. This allows us to simplify
1371         code.
1372
1373         In a follow-up patch, I will simplify the code even further by leveraging the fact that a WebContent process
1374         is always associated with a single WebsiteDataStore / sessionID:
1375         - No need for a HashMap of sessionIDs
1376         - No need to even allocate the ResourceLoadObserver if the WebProcess is associated with an ephemeral session.
1377
1378         * dom/Document.h:
1379         * loader/ResourceLoadObserver.cpp:
1380         (WebCore::sharedObserver):
1381         (WebCore::ResourceLoadObserver::setShared):
1382         (WebCore::ResourceLoadObserver::shared):
1383         * loader/ResourceLoadObserver.h:
1384         (WebCore::ResourceLoadObserver::~ResourceLoadObserver):
1385         (WebCore::ResourceLoadObserver::logSubresourceLoading):
1386         (WebCore::ResourceLoadObserver::logWebSocketLoading):
1387         (WebCore::ResourceLoadObserver::logUserInteractionWithReducedTimeResolution):
1388         (WebCore::ResourceLoadObserver::logFontLoad):
1389         (WebCore::ResourceLoadObserver::logCanvasRead):
1390         (WebCore::ResourceLoadObserver::logCanvasWriteOrMeasure):
1391         (WebCore::ResourceLoadObserver::logNavigatorAPIAccessed):
1392         (WebCore::ResourceLoadObserver::logScreenAPIAccessed):
1393         (WebCore::ResourceLoadObserver::statisticsForURL):
1394         (WebCore::ResourceLoadObserver::updateCentralStatisticsStore):
1395         (WebCore::ResourceLoadObserver::clearState):
1396         (WebCore::ResourceLoadObserver::setShouldLogUserInteraction):
1397         * page/DeprecatedGlobalSettings.h:
1398
1399 2019-09-06  Justin Fan  <justin_fan@apple.com>
1400
1401         [WebGPU] Update several interface and enum names to match spec
1402         https://bugs.webkit.org/show_bug.cgi?id=201564
1403
1404         Reviewed by Dean Jackson.
1405
1406         Rename GPUShaderStageBit -> GPUShaderStage.
1407         Rename GPUColorWriteBits -> GPUColorWrite.
1408         Rename TRANSFER_SRC/DST -> COPY_SRC/DST.
1409         Rename GPUPipelineStageDescriptor -> GPUProgrammableStageDescriptor.
1410
1411         Existing tests trivially updated to match.
1412
1413         * CMakeLists.txt:
1414         * DerivedSources-input.xcfilelist:
1415         * DerivedSources-output.xcfilelist:
1416         * DerivedSources.make:
1417         * Modules/webgpu/GPUBindGroupLayoutBinding.h:
1418         * Modules/webgpu/GPUBufferUsage.idl:
1419         * Modules/webgpu/GPUColorStateDescriptor.idl:
1420         * Modules/webgpu/GPUColorWrite.idl: Renamed from Source/WebCore/Modules/webgpu/GPUColorWriteBits.idl.
1421         * Modules/webgpu/GPUShaderStage.h: Renamed from Source/WebCore/Modules/webgpu/GPUShaderStageBit.h.
1422         * Modules/webgpu/GPUShaderStage.idl: Renamed from Source/WebCore/Modules/webgpu/GPUShaderStageBit.idl.
1423         * Modules/webgpu/GPUTextureUsage.idl:
1424         * Modules/webgpu/WebGPUComputePipelineDescriptor.cpp:
1425         (WebCore::WebGPUComputePipelineDescriptor::tryCreateGPUComputePipelineDescriptor const):
1426         * Modules/webgpu/WebGPUComputePipelineDescriptor.h:
1427         * Modules/webgpu/WebGPUComputePipelineDescriptor.idl:
1428         * Modules/webgpu/WebGPUDevice.cpp:
1429         * Modules/webgpu/WebGPUProgrammableStageDescriptor.cpp: Renamed from Source/WebCore/Modules/webgpu/WebGPUPipelineStageDescriptor.cpp.
1430         (WebCore::WebGPUProgrammableStageDescriptor::tryCreateGPUProgrammableStageDescriptor const):
1431         * Modules/webgpu/WebGPUProgrammableStageDescriptor.h: Renamed from Source/WebCore/Modules/webgpu/WebGPUPipelineStageDescriptor.h.
1432         * Modules/webgpu/WebGPUProgrammableStageDescriptor.idl: Renamed from Source/WebCore/Modules/webgpu/WebGPUPipelineStageDescriptor.idl.
1433         * Modules/webgpu/WebGPURenderPipelineDescriptor.cpp:
1434         (WebCore::WebGPURenderPipelineDescriptor::tryCreateGPURenderPipelineDescriptor const):
1435         * Modules/webgpu/WebGPURenderPipelineDescriptor.h:
1436         * Modules/webgpu/WebGPURenderPipelineDescriptor.idl:
1437         * Sources.txt:
1438         * WebCore.xcodeproj/project.pbxproj:
1439         * bindings/js/WebCoreBuiltinNames.h:
1440         * platform/graphics/gpu/GPUBuffer.h:
1441         (WebCore::GPUBuffer::isCopySource const):
1442         (WebCore::GPUBuffer::isCopyDestination const):
1443         (WebCore::GPUBuffer::isTransferSource const): Deleted.
1444         (WebCore::GPUBuffer::isTransferDestination const): Deleted.
1445         * platform/graphics/gpu/GPUBufferUsage.h:
1446         * platform/graphics/gpu/GPUColorStateDescriptor.h:
1447         * platform/graphics/gpu/GPUColorWrite.h: Renamed from Source/WebCore/platform/graphics/gpu/GPUColorWriteBits.h.
1448         * platform/graphics/gpu/GPUComputePipelineDescriptor.h:
1449         (WebCore::GPUComputePipelineDescriptor::GPUComputePipelineDescriptor):
1450         * platform/graphics/gpu/GPUPipelineDescriptorBase.h:
1451         * platform/graphics/gpu/GPUProgrammableStageDescriptor.h: Renamed from Source/WebCore/platform/graphics/gpu/GPUPipelineStageDescriptor.h.
1452         (WebCore::GPUProgrammableStageDescriptor::GPUProgrammableStageDescriptor):
1453         * platform/graphics/gpu/GPURenderPipelineDescriptor.h:
1454         (WebCore::GPURenderPipelineDescriptor::GPURenderPipelineDescriptor):
1455         * platform/graphics/gpu/GPUTexture.h:
1456         (WebCore::GPUTexture::isCopySource const):
1457         (WebCore::GPUTexture::isCopyDestination const):
1458         (WebCore::GPUTexture::isReadOnly const):
1459         (WebCore::GPUTexture::isTransferSource const): Deleted.
1460         (WebCore::GPUTexture::isTransferDestination const): Deleted.
1461         * platform/graphics/gpu/GPUTextureUsage.h:
1462         * platform/graphics/gpu/cocoa/GPUBindGroupLayoutMetal.mm:
1463         (WebCore::GPUBindGroupLayout::tryCreate):
1464         * platform/graphics/gpu/cocoa/GPUBindGroupMetal.mm:
1465         (WebCore::GPUBindGroup::tryCreate):
1466         * platform/graphics/gpu/cocoa/GPUBufferMetal.mm:
1467         * platform/graphics/gpu/cocoa/GPUCommandBufferMetal.mm:
1468         (WebCore::GPUCommandBuffer::copyBufferToBuffer):
1469         (WebCore::GPUCommandBuffer::copyBufferToTexture):
1470         (WebCore::GPUCommandBuffer::copyTextureToBuffer):
1471         (WebCore::GPUCommandBuffer::copyTextureToTexture):
1472         * platform/graphics/gpu/cocoa/GPUComputePipelineMetal.mm:
1473         (WebCore::trySetFunctions):
1474         * platform/graphics/gpu/cocoa/GPUPipelineMetalConvertLayout.cpp:
1475         (WebCore::convertShaderStageFlags):
1476         * platform/graphics/gpu/cocoa/GPURenderPipelineMetal.mm:
1477         (WebCore::mtlColorWriteMaskForGPUColorWriteFlags):
1478         (WebCore::trySetFunctions):
1479         * platform/graphics/gpu/cocoa/GPUTextureMetal.mm:
1480         (WebCore::mtlTextureUsageForGPUTextureUsageFlags):
1481
1482 2019-09-06  Said Abou-Hallawa  <sabouhallawa@apple.com>
1483
1484         REGRESSION (r249367): m_decodingPromises grows indefinitely until ImageLoader destruction
1485         https://bugs.webkit.org/show_bug.cgi?id=201402
1486
1487         Reviewed by Youenn Fablet and Daniel Bates.
1488
1489         Add the static functions resolvePromises() and rejectPromises(). These 
1490         functions take an lvalue reference to a Vector of promises. Inside them,
1491         the lvalue reference argument are exchanged with an empty Vector of
1492         promises then the promises are processed. This clears m_decodingPromises
1493         and fixes the leak.
1494
1495         Add an internal API which returns the count of the pending promises of
1496         an HTMLImageElement. This internal API will be used in the attached test.
1497
1498         Test: fast/images/decode-resolve-reject-no-leak.html
1499
1500         * html/HTMLImageElement.h:
1501         (WebCore::HTMLImageElement::pendingDecodePromisesCountForTesting const):
1502         * loader/ImageLoader.cpp:
1503         (WebCore::resolvePromises):
1504         ImageLoader::decode() calls BitmapImage::decode() and moves m_decodingPromises
1505         in capture. When decoding finishes, this function is called to resolve the
1506         promises. But ImageLoader might get deleted before the image decoding
1507         finishes. So this function has to be static.
1508
1509         (WebCore::rejectPromises):
1510         (WebCore::ImageLoader::resolveDecodePromises):
1511         (WebCore::ImageLoader::rejectDecodePromises):
1512         (WebCore::ImageLoader::notifyFinished):
1513         (WebCore::ImageLoader::decode):
1514         (WebCore::resolveDecodePromises): Deleted.
1515         (WebCore::rejectDecodePromises): Deleted.
1516         * loader/ImageLoader.h:
1517         (WebCore::ImageLoader::pendingDecodePromisesCountForTesting const):
1518         * testing/Internals.cpp:
1519         (WebCore::Internals::imagePendingDecodePromisesCountForTesting):
1520         * testing/Internals.h:
1521         * testing/Internals.idl:
1522
1523 2019-09-06  Said Abou-Hallawa  <sabouhallawa@apple.com>
1524
1525         Prefer null namespace 'href' over 'xlink:href' on SVG elements
1526         https://bugs.webkit.org/show_bug.cgi?id=195802
1527
1528         Reviewed by Youenn Fablet.
1529
1530         -- When the attribute "href" is set, its value is always reflected in
1531            SVGURIReference::m_href.
1532
1533         -- When the attribute "href" is removed, the value of the attribute
1534            "xlink:href" is always reflected in SVGURIReference::m_href.
1535
1536         -- When the "xlink:href" is set, its value is reflected in
1537            SVGURIReference::m_href only if the attribute "href" is not set.
1538
1539         Tests: svg/custom/href-xlink-href-gradient-element-expected.svg
1540                svg/custom/href-xlink-href-gradient-element.svg
1541                svg/custom/href-xlink-href-use-element-expected.svg
1542                svg/custom/href-xlink-href-use-element.svg
1543
1544         * svg/SVGURIReference.cpp:
1545         (WebCore::SVGURIReference::parseAttribute):
1546
1547 2019-09-06  Zalan Bujtas  <zalan@apple.com>
1548
1549         [LFC][TFC] Set computed row width.
1550         https://bugs.webkit.org/show_bug.cgi?id=201533
1551         <rdar://problem/55098828>
1552
1553         Reviewed by Antti Koivisto.
1554
1555         Decouple cell box layout/display box setup and set the computed row width.    
1556
1557         * layout/Verification.cpp:
1558         (WebCore::Layout::LayoutState::verifyAndOutputMismatchingLayoutTree const):
1559         * layout/tableformatting/TableFormattingContext.cpp:
1560         (WebCore::Layout::TableFormattingContext::layout):
1561
1562 2019-09-06  Zalan Bujtas  <zalan@apple.com>
1563
1564         [LFC] A formatting context root is always a containing block for relative: static boxes.
1565         https://bugs.webkit.org/show_bug.cgi?id=201554
1566         <rdar://problem/55123295>
1567
1568         Reviewed by Antti Koivisto.
1569
1570         "For other elements, if the element's position is 'relative' or 'static', the containing block is formed by the content
1571         edge of the nearest ancestor box that is a block container or which establishes a formatting context."
1572
1573         * layout/layouttree/LayoutBox.cpp:
1574         (WebCore::Layout::Box::containingBlock const):
1575         * page/FrameViewLayoutContext.cpp:
1576         (WebCore::layoutUsingFormattingContext):
1577
1578 2019-09-06  Sihui Liu  <sihui_liu@apple.com>
1579
1580         IndexedDB: use SQL COUNT statement for count operation
1581         https://bugs.webkit.org/show_bug.cgi?id=201465
1582
1583         Reviewed by Geoffrey Garen.
1584
1585         We did count operation by moving objectStore/index iterator from begin to end and counting the steps. We can
1586         utilize the SQL COUNT statement, and improve the performance further by caching the statement.
1587
1588         Tested on release build minibrowser. Without the change, the mean time to complete one iteration in 
1589         PerformanceTests/IndexedDB/basic/index-count.html and PerformanceTests/IndexedDB/basic/objectStore-count.html is
1590         about 50ms. With the change it is about 2ms.
1591
1592         * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
1593         (WebCore::IDBServer::SQLiteIDBBackingStore::getCount):
1594         (WebCore::IDBServer::SQLiteIDBBackingStore::cachedStatement):
1595         (WebCore::IDBServer::SQLiteIDBBackingStore::closeSQLiteDB):
1596         * Modules/indexeddb/server/SQLiteIDBBackingStore.h:
1597
1598 2019-09-06  Alex Christensen  <achristensen@webkit.org>
1599
1600         When disabling legacy private browsing for testing, change the SessionID back to what it was, not the defaultSessionID
1601         https://bugs.webkit.org/show_bug.cgi?id=201480
1602
1603         Reviewed by Youenn Fablet.
1604
1605         No change in behavior, but this blocks bug 200050 which will make WebKitTestRunner use a persistent, non-default session.
1606         Without this change, that change causes lots of test failures because we are switching from the legacy private browsing session
1607         to the default session instead of the session we were using.
1608
1609         * page/Page.cpp:
1610         (WebCore::Page::enableLegacyPrivateBrowsing): Deleted.
1611         * page/Page.h:
1612         * page/PageGroup.cpp:
1613         (WebCore::PageGroup::addPage):
1614         (WebCore::PageGroup::setSessionIDForTesting):
1615         (WebCore::PageGroup::enableLegacyPrivateBrowsingForTesting): Deleted.
1616         * page/PageGroup.h:
1617         * storage/StorageNamespaceProvider.cpp:
1618         (WebCore::StorageNamespaceProvider::setSessionIDForTesting):
1619         (WebCore::StorageNamespaceProvider::enableLegacyPrivateBrowsingForTesting): Deleted.
1620         * storage/StorageNamespaceProvider.h:
1621
1622 2019-09-06  Youenn Fablet  <youenn@apple.com>
1623
1624         Remove MediaStreamPrivate::scheduleDeferredTask
1625         https://bugs.webkit.org/show_bug.cgi?id=200975
1626
1627         Reviewed by Eric Carlson.
1628
1629         All calls to scheduleDeferredTask are done on the main thread.
1630         This was initially done to trigger less reconfiguration.
1631         But this makes the implementation significantly more complex.
1632
1633         For instance, we have to wait for the document to update its media state
1634         and send it to UIProcess before calling the allow completion handler.
1635
1636         Covered by existing tests.
1637
1638         * Modules/mediastream/MediaStream.cpp:
1639         (WebCore::MediaStream::MediaStream):
1640         Make sure to update the document media state once the tracks have been added, similarly to the other constructor.
1641         This ensures the document media state is computed with the new MediaStreamTrack.
1642         * Modules/mediastream/UserMediaRequest.cpp:
1643         (WebCore::isMediaStreamCorrectlyStarted):
1644         (WebCore::UserMediaRequest::allow):
1645         (WebCore::UserMediaRequest::stop):
1646         (WebCore::UserMediaRequest::mediaStreamDidFail):
1647         * Modules/mediastream/UserMediaRequest.h:
1648         * page/MediaProducer.h:
1649         (WebCore::MediaProducer::isCapturing):
1650         Make sure to include getDisplayMedia as part of capture check.
1651         * platform/mediastream/MediaStreamPrivate.cpp:
1652         (WebCore::MediaStreamPrivate::trackMutedChanged):
1653         (WebCore::MediaStreamPrivate::trackEnabledChanged):
1654         (WebCore::MediaStreamPrivate::trackStarted):
1655         (WebCore::MediaStreamPrivate::trackEnded):
1656         * platform/mediastream/MediaStreamPrivate.h:
1657
1658 2019-09-06  Rob Buis  <rbuis@igalia.com>
1659
1660         Implement MathML DOM
1661         https://bugs.webkit.org/show_bug.cgi?id=200470
1662
1663         Reviewed by Ryosuke Niwa.
1664
1665         Expose MathML DOM as specified here [1].
1666
1667         [1] https://mathml-refresh.github.io/mathml-core/#dom-mathmlelement
1668
1669         Tests: imported/w3c/web-platform-tests/mathml/relations/html5-tree/clipboard-event-handlers.tentative.html
1670                imported/w3c/web-platform-tests/mathml/relations/html5-tree/css-inline-style-dynamic.tentative.html
1671                imported/w3c/web-platform-tests/mathml/relations/html5-tree/css-inline-style-interface.tentative.html
1672                imported/w3c/web-platform-tests/mathml/relations/html5-tree/html-or-foreign-element-interfaces.tentative.html
1673                imported/w3c/web-platform-tests/mathml/relations/html5-tree/integration-point-4.html
1674                imported/w3c/web-platform-tests/mathml/relations/html5-tree/math-global-event-handlers.tentative.html
1675                mathml/focus-event-handling.html
1676                mathml/tabindex-order.html
1677
1678         * CMakeLists.txt:
1679         * DerivedSources-input.xcfilelist:
1680         * DerivedSources-output.xcfilelist:
1681         * DerivedSources.make:
1682         * Sources.txt:
1683         * WebCore.xcodeproj/project.pbxproj:
1684         * bindings/js/JSElementCustom.cpp:
1685         (WebCore::createNewElementWrapper):
1686         * bindings/js/JSNodeCustom.cpp:
1687         (WebCore::createWrapperInline):
1688         * mathml/MathMLElement.cpp:
1689         (WebCore::MathMLElement::parseAttribute):
1690         * mathml/MathMLElement.idl: Copied from Source/WebCore/html/HTMLOrForeignElement.idl.
1691         * mathml/MathMLMathElement.idl: Copied from Source/WebCore/html/HTMLOrForeignElement.idl.
1692         * mathml/mathtags.in:
1693
1694 2019-09-06  Zan Dobersek  <zdobersek@igalia.com>
1695
1696         [GStreamer] YUV buffers on iMX platforms have to be treated as RGBA
1697         https://bugs.webkit.org/show_bug.cgi?id=201537
1698
1699         Reviewed by Philippe Normand.
1700
1701         The imxvpudecoder element on iMX platforms decodes YUV data in a
1702         platform-specific way, gathering the YUV data in a single texture and
1703         then relying on the sampler in the Vivante graphics drivers to
1704         automagically decode that YUV data into RGBA values.
1705
1706         To correctly display such decoded data, we have to represent that
1707         single texture as an RGBA texture, even when the GStreamer buffer is
1708         crafted as containing planar YUV data.
1709
1710         * platform/graphics/gstreamer/GStreamerCommon.h:
1711         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
1712         (WebCore::MediaPlayerPrivateGStreamer::createGSTPlayBin):
1713         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
1714         (WebCore::GstVideoFrameHolder::GstVideoFrameHolder):
1715         (WebCore::GstVideoFrameHolder::platformLayerBuffer):
1716         (WebCore::MediaPlayerPrivateGStreamerBase::~MediaPlayerPrivateGStreamerBase):
1717         (WebCore::MediaPlayerPrivateGStreamerBase::pushTextureToCompositor):
1718         (WebCore::MediaPlayerPrivateGStreamerBase::flushCurrentBuffer):
1719         (WebCore::MediaPlayerPrivateGStreamerBase::copyVideoTextureToPlatformTexture):
1720         (WebCore::MediaPlayerPrivateGStreamerBase::nativeImageForCurrentTime):
1721         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
1722
1723 2019-09-06  Andres Gonzalez  <andresg_22@apple.com>
1724
1725         AccessibilityRenderObject::setSelectedTextRange fails to set the selection passed an empty line.
1726         https://bugs.webkit.org/show_bug.cgi?id=201518
1727         <rdar://problem/54835122>
1728
1729         Reviewed by Ryosuke Niwa.
1730
1731         Test: accessibility/set-selected-text-range-after-newline.html
1732
1733         In the case of an empty line, the CharacterIterator range start and end
1734         were not equal, thus we were not advancing the iterator and returning
1735         the iterator range end, which is not correct. With this change we are
1736         always advancing the iterator if its text is just '\n'. This covers all
1737         the cases we fixed before plus empty lines.
1738
1739         * editing/Editing.cpp:
1740         (WebCore::visiblePositionForIndexUsingCharacterIterator):
1741
1742 2019-09-05  Fujii Hironori  <Hironori.Fujii@sony.com>
1743
1744         [Win] Add support for MouseEvent.buttons
1745         https://bugs.webkit.org/show_bug.cgi?id=201445
1746
1747         Reviewed by Brent Fulgham.
1748
1749         Spec: <https://www.w3.org/TR/uievents/#dom-mouseevent-buttons>
1750
1751         * platform/win/GDIUtilities.h:
1752         (buttonsForEvent): Added.
1753         * platform/win/PlatformMouseEventWin.cpp:
1754         (WebCore::PlatformMouseEvent::PlatformMouseEvent):
1755         Set m_buttons.
1756
1757 2019-09-05  Fujii Hironori  <Hironori.Fujii@sony.com>
1758
1759         [Win] Support Per-Monitor (V2) DPI Awareness
1760         https://bugs.webkit.org/show_bug.cgi?id=201450
1761
1762         Reviewed by Don Olmstead.
1763
1764         * platform/win/GDIUtilities.cpp:
1765         (WebCore::deviceScaleFactorForWindow): Use GetDpiForWindow if available by using soft linking.
1766
1767 2019-09-05  Charlie Turner  <cturner@igalia.com>
1768
1769         [EME] Introduce a Proxy CDM for thread-safe access to CDM instances from background decryption threads
1770         https://bugs.webkit.org/show_bug.cgi?id=201339
1771
1772         Reviewed by Xabier Rodriguez-Calvar.
1773
1774         Covered by existing tests.
1775
1776         * platform/encryptedmedia/CDMInstance.h:
1777         * platform/encryptedmedia/clearkey/CDMClearKey.cpp:
1778         (WebCore::isolatedKey):
1779         (WebCore::ProxyCDMClearKey::isolatedKeys const):
1780         (WebCore::CDMInstanceClearKey::CDMInstanceClearKey):
1781         * platform/encryptedmedia/clearkey/CDMClearKey.h:
1782         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
1783         (WebCore::MediaPlayerPrivateGStreamerBase::cdmInstanceAttached):
1784         * platform/graphics/gstreamer/eme/WebKitClearKeyDecryptorGStreamer.cpp:
1785         (handleKeyResponse):
1786         (findAndSetKey):
1787         (decrypt):
1788         * platform/graphics/gstreamer/eme/WebKitCommonEncryptionDecryptorGStreamer.cpp:
1789         (isCDMInstanceAvailable):
1790         (sinkEventHandler):
1791         (setContext):
1792         * platform/graphics/gstreamer/eme/WebKitCommonEncryptionDecryptorGStreamer.h:
1793         * testing/MockCDMFactory.cpp:
1794         (WebCore::MockCDMInstance::proxyCDM const):
1795         * testing/MockCDMFactory.h:
1796
1797 2019-09-05  Zalan Bujtas  <zalan@apple.com>
1798
1799         [LFC] LayoutState should not need the initial containing block
1800         https://bugs.webkit.org/show_bug.cgi?id=201511
1801         <rdar://problem/55079241>
1802
1803         Reviewed by Antti Koivisto.
1804
1805         Throw-away layouts should just be able to initialize a dedicated LayoutState without passing in the ICB.
1806
1807         * layout/LayoutState.cpp:
1808         (WebCore::Layout::LayoutState::markNeedsUpdate):
1809         (WebCore::Layout::LayoutState::run):
1810         (WebCore::Layout::LayoutState::LayoutState): Deleted.
1811         * layout/LayoutState.h:
1812         (WebCore::Layout::LayoutState::initialContainingBlock const): Deleted.
1813         * layout/Verification.cpp:
1814         (WebCore::Layout::LayoutState::verifyAndOutputMismatchingLayoutTree const):
1815         * layout/floats/FloatingContext.cpp: Fix a (very sad)typo.
1816         (WebCore::Layout::FloatingContext::constraints const):
1817         * layout/layouttree/LayoutTreeBuilder.cpp:
1818         (WebCore::Layout::printLayoutTreeForLiveDocuments):
1819
1820 2019-09-05  Justin Fan  <justin_fan@apple.com>
1821
1822         [WebGPU] Implement GPUUncapturedErrorEvent
1823         https://bugs.webkit.org/show_bug.cgi?id=199676
1824
1825         Reviewed by Dean Jackson.
1826
1827         Implement GPUUncapturedErrorEvent and "uncapturederror" event name.
1828         Add the onuncapturederror EventHandler attribute to GPUDevice.
1829
1830         Test: webgpu/uncaptured-errors.html
1831
1832         * CMakeLists.txt:
1833         * DerivedSources-input.xcfilelist:
1834         * DerivedSources-output.xcfilelist:
1835         * DerivedSources.make:
1836         * Modules/webgpu/GPUUncapturedErrorEvent.cpp:
1837         (WebCore::GPUUncapturedErrorEvent::create):
1838         (WebCore::GPUUncapturedErrorEvent::GPUUncapturedErrorEvent):
1839         (WebCore::GPUUncapturedErrorEvent::eventInterface const):
1840         * Modules/webgpu/GPUUncapturedErrorEvent.h:
1841         * Modules/webgpu/GPUUncapturedErrorEvent.idl:
1842         * Modules/webgpu/WebGPUAdapter.cpp: Must now provide ScriptExecutionContext to any created GPUDevice.
1843         (WebCore::WebGPUAdapter::requestDevice const):
1844         * Modules/webgpu/WebGPUAdapter.h:
1845         * Modules/webgpu/WebGPUAdapter.idl:
1846         * Modules/webgpu/WebGPUDevice.cpp: Is now an EventTarget.
1847         (WebCore::WebGPUDevice::tryCreate):
1848         (WebCore::WebGPUDevice::WebGPUDevice):
1849         (WebCore::printValidationErrorToConsole):
1850         (WebCore::WebGPUDevice::dispatchUncapturedError): Events should only be fired from the main thread.
1851         * Modules/webgpu/WebGPUDevice.h:
1852         * Modules/webgpu/WebGPUDevice.idl:
1853         * Modules/webgpu/WebGPUDeviceEventHandler.idl:
1854         * Sources.txt:
1855         * WebCore.xcodeproj/project.pbxproj:
1856         * bindings/js/WebCoreBuiltinNames.h:
1857         * dom/EventNames.h:
1858         * dom/EventNames.in:
1859         * dom/EventTargetFactory.in:
1860         * platform/graphics/gpu/GPUError.cpp: GPUErrors can only be created internally; creation should never fail.
1861         (WebCore::createError):
1862         * platform/graphics/gpu/GPUError.h:
1863         * platform/graphics/gpu/GPUErrorScopes.cpp:
1864         (WebCore::GPUErrorScopes::create):
1865         (WebCore::GPUErrorScopes::GPUErrorScopes):
1866         (WebCore::GPUErrorScopes::generateError): Use a callback for now, since GPUErrorScopes is still under platform.
1867         * platform/graphics/gpu/GPUErrorScopes.h:
1868         (WebCore::GPUErrorScopes::create): Deleted.
1869
1870 2019-09-05  Antti Koivisto  <antti@apple.com>
1871
1872         Generate event region for both the main graphics layer and the scrolled contents layer
1873         https://bugs.webkit.org/show_bug.cgi?id=201487
1874
1875         Reviewed by Simon Fraser.
1876
1877         We currently generate region for one of them only. With borders both need it.
1878         
1879         Also share more code with painting paths.
1880
1881         * rendering/RenderLayerBacking.cpp:
1882         (WebCore::RenderLayerBacking::updateEventRegion):
1883
1884         Generate region for both layers.
1885
1886         (WebCore::RenderLayerBacking::paintIntoLayer):
1887
1888         Add event region context parameter so we can use this function for event region update too.
1889
1890         * rendering/RenderLayerBacking.h:
1891
1892 2019-09-05  Ryosuke Niwa  <rniwa@webkit.org>
1893
1894         REGRESSION (iOS 13): Bulleted list copied from Notes to Mail results in Times New Roman
1895         https://bugs.webkit.org/show_bug.cgi?id=201490
1896
1897         Reviewed by Daniel Bates.
1898
1899         The bug was caused by an element in the pasted content not having any explicit font name resolving
1900         to use the font-family value of `-webkit-standard`. When such an inline style is inserted into
1901         Mail's WKWebView which sets a different font family, ReplaceSelectionCommand would fail to strip away,
1902         making the pasted content using the default font family of Times New Roman.
1903
1904         Fixed the bug by stripping away font-family set to -webkit-standard in the sanitization document
1905         since that's indicative of the pasted content not having any font family being specified.
1906
1907         In the future, we should consider making regular copy (as opposed to the copy for sanitization)
1908         resolve generic font family names to concrete font names since different WKWebView might be using
1909         different concrete font names. Unfortuantely, such a change is quite involved and risky since various
1910         paste side code in EditingStyle that removes redundant inline styles (i.e. redundant `font-family`)
1911         need to be aware of this special font family resolution.
1912
1913         Tests: editing/pasteboard/paste-cocoa-writer-markup-with-webkit-standard-font-family.html
1914                PasteHTML.DoesNotAddStandardFontFamily
1915
1916         * editing/EditingStyle.cpp:
1917         (WebCore::EditingStyle::mergeInlineAndImplicitStyleOfElement):
1918         (WebCore::EditingStyle::wrappingStyleForSerialization):
1919         (WebCore::familyNameFromCSSPrimitiveValue): Added.
1920         (WebCore::loneFontFamilyName): Extracted from usesForbiddenSystemFontAsOnlyFontFamilyName. Fixed
1921         a bug that it was not handling the case when `font-family` property's value is a CSSPrimitiveValue
1922         instead of a CSSValueList.
1923         (WebCore::usesForbiddenSystemFontAsOnlyFontFamilyName): Deleted.
1924         (WebCore::EditingStyle::mergeStyleFromRulesForSerialization): Remove `font-family` property when
1925         StandardFontFamilySerializationMode::Strip is specified and its value is `-webkit-standard`.
1926         * editing/EditingStyle.h:
1927         * editing/markup.cpp:
1928         (WebCore::StyledMarkupAccumulator::StyledMarkupAccumulator): Added
1929         StandardFontFamilySerializationMode as an argument.
1930         (WebCore::StyledMarkupAccumulator::appendStartTag):
1931         (WebCore::StyledMarkupAccumulator::serializeNodes):
1932         (WebCore::serializePreservingVisualAppearanceInternal): Ditto.
1933         (WebCore::serializePreservingVisualAppearance): Use StandardFontFamilySerializationMode::Keep
1934         to preserve the pre-existing behavior.
1935         (WebCore::sanitizedMarkupForFragmentInDocument): Use StandardFontFamilySerializationMode::Strip
1936         as this is the code used by sanitization code.
1937
1938 2019-09-05  Chris Fleizach  <cfleizach@apple.com>
1939
1940         AX: children cache are not re-computed if tab index is removed
1941         https://bugs.webkit.org/show_bug.cgi?id=201502
1942
1943         Reviewed by Zalan Bujtas.
1944
1945         Test: accessibility/tabindex-removed.html
1946
1947         If the tabindex changes, it can potentially affect whether an element is accessible. If we don't update the children cache
1948         information can be stale and lead to incorrect navigation with VoiceOver.
1949
1950         * accessibility/AXObjectCache.cpp:
1951         (WebCore::AXObjectCache::handleAttributeChange):
1952
1953 2019-09-05  Konstantin Tokarev  <annulen@yandex.ru>
1954
1955         Don't call PlatformMediaSessionManager methods when neither VIDEO nor WEB_AUDIO is enabled
1956         https://bugs.webkit.org/show_bug.cgi?id=201508
1957
1958         Reviewed by Jer Noble.
1959
1960         Definitions of these methods are guarded with #if ENABLE(VIDEO) || ENABLE(WEB_AUDIO),
1961         so calling them causes linking errors.
1962
1963         * testing/InternalSettings.cpp:
1964         (WebCore::InternalSettings::Backup::Backup):
1965         (WebCore::InternalSettings::Backup::restoreTo):
1966         (WebCore::InternalSettings::setShouldDeactivateAudioSession):
1967         * testing/Internals.cpp:
1968         (WebCore::Internals::resetToConsistentState):
1969         (WebCore::Internals::processWillSuspend):
1970         (WebCore::Internals::processDidResume):
1971         (WebCore::Internals::setIsPlayingToAutomotiveHeadUnit):
1972
1973 2019-09-05  Keith Rollin  <krollin@apple.com>
1974
1975         Fix implicit conversion that loses precision
1976         https://bugs.webkit.org/show_bug.cgi?id=201476
1977         <rdar://problem/55043129>
1978
1979         Reviewed by Youenn Fablet, Alex Christensen.
1980
1981         Building for watchOS results in the following error:
1982
1983             .../Source/WebCore/fileapi/NetworkSendQueue.cpp:66:42: error: implicit conversion loses integer precision: 'unsigned long long' to 'unsigned int' [-Werror,-Wshorten-64-to-32]
1984                     enqueue(JSC::ArrayBuffer::create(byteLength, 1), 0, 0);
1985
1986         Fix this by replacing byteLength (which is known to be zero at this
1987         point) with 0U.
1988
1989         No new tests -- no new or changed functionality.
1990
1991         * fileapi/NetworkSendQueue.cpp:
1992         (WebCore::NetworkSendQueue::enqueue):
1993
1994 2019-09-05  Youenn Fablet  <youenn@apple.com>
1995
1996         Introduce WorkerSWClientConnection to make SWClientConnection mono-thread
1997         https://bugs.webkit.org/show_bug.cgi?id=201430
1998
1999         Reviewed by Alex Christensen.
2000
2001         Make SWClientConnection RefCounted.
2002         Add a WorkerSWClientConnection dedicated to be used by worker/service worker contexts.
2003         Simplify ServiceWorkerContainer logic based on this refactoring.
2004
2005         Covered by existing tests.
2006
2007         * Sources.txt:
2008         * WebCore.xcodeproj/project.pbxproj:
2009         * workers/WorkerGlobalScope.cpp:
2010         (WebCore::WorkerGlobalScope::swClientConnection):
2011         * workers/WorkerGlobalScope.h:
2012         * workers/service/SWClientConnection.cpp:
2013         (WebCore::SWClientConnection::scheduleJob):
2014         (WebCore::SWClientConnection::failedFetchingScript):
2015         (WebCore::SWClientConnection::postTaskForJob):
2016         * workers/service/SWClientConnection.h:
2017         * workers/service/ServiceWorkerContainer.cpp:
2018         (WebCore::mainThreadConnection):
2019         (WebCore::ServiceWorkerContainer::ready):
2020         (WebCore::ServiceWorkerContainer::scheduleJob):
2021         (WebCore::ServiceWorkerContainer::getRegistration):
2022         (WebCore::ServiceWorkerContainer::updateRegistrationState):
2023         (WebCore::ServiceWorkerContainer::getRegistrations):
2024         (WebCore::ServiceWorkerContainer::notifyRegistrationIsSettled):
2025         (WebCore::ServiceWorkerContainer::jobFinishedLoadingScript):
2026         (WebCore::ServiceWorkerContainer::notifyFailedFetchingScript):
2027         (WebCore::ServiceWorkerContainer::ensureSWClientConnection):
2028         (WebCore::ServiceWorkerContainer::stop):
2029         * workers/service/ServiceWorkerContainer.h:
2030         * workers/service/ServiceWorkerFetchResult.h:
2031         (WebCore::ServiceWorkerFetchResult::isolatedCopy const):
2032         * workers/service/WorkerSWClientConnection.cpp: Added.
2033         (WebCore::WorkerSWClientConnection::WorkerSWClientConnection):
2034         (WebCore::WorkerSWClientConnection::~WorkerSWClientConnection):
2035         (WebCore::WorkerSWClientConnection::matchRegistration):
2036         (WebCore::WorkerSWClientConnection::getRegistrations):
2037         (WebCore::WorkerSWClientConnection::whenRegistrationReady):
2038         (WebCore::WorkerSWClientConnection::addServiceWorkerRegistrationInServer):
2039         (WebCore::WorkerSWClientConnection::removeServiceWorkerRegistrationInServer):
2040         (WebCore::WorkerSWClientConnection::didResolveRegistrationPromise):
2041         (WebCore::WorkerSWClientConnection::postMessageToServiceWorker):
2042         (WebCore::WorkerSWClientConnection::serverConnectionIdentifier const):
2043         (WebCore::WorkerSWClientConnection::mayHaveServiceWorkerRegisteredForOrigin const):
2044         (WebCore::WorkerSWClientConnection::syncTerminateWorker):
2045         (WebCore::WorkerSWClientConnection::registerServiceWorkerClient):
2046         (WebCore::WorkerSWClientConnection::unregisterServiceWorkerClient):
2047         (WebCore::WorkerSWClientConnection::finishFetchingScriptInServer):
2048         (WebCore::WorkerSWClientConnection::isThrottleable const):
2049         (WebCore::WorkerSWClientConnection::updateThrottleState):
2050         (WebCore::WorkerSWClientConnection::scheduleJob):
2051         (WebCore::WorkerSWClientConnection::scheduleJobInServer):
2052         * workers/service/WorkerSWClientConnection.h: Added.
2053
2054 2019-09-04  Fujii Hironori  <Hironori.Fujii@sony.com>
2055
2056         [Win][Clang] InspectorNetworkAgent.cpp(1122,20): error: cannot decompose this type; 'std::tuple_size<const WTF::KeyValuePair<WTF::String, WTF::RefPtr<WTF::JSONImpl::Value, WTF::DumbPtrTraits<WTF::JSONImpl::Value> > >>::value' is not a valid integral const
2057         https://bugs.webkit.org/show_bug.cgi?id=201489
2058
2059         Unreviewed build fix for clang-cl.
2060
2061         clang-cl 8 can't use a structured binding for a const struct.
2062
2063         No behavior change.
2064
2065         * inspector/agents/InspectorNetworkAgent.cpp:
2066         (WebCore::InspectorNetworkAgent::interceptWithResponse): Not to use a structured binding for a const struct.
2067
2068 2019-09-04  Chris Dumez  <cdumez@apple.com>
2069
2070         Unreviewed, another build fix after r249501.
2071
2072         * loader/EmptyFrameLoaderClient.h:
2073
2074 2019-09-04  Timothy Hatcher  <timothy@apple.com>
2075
2076         Mail appears to be double inverting code copied from Notes, Xcode, or Terminal.
2077         https://bugs.webkit.org/show_bug.cgi?id=201368
2078         rdar://problem/40529867
2079
2080         Reviewed by Ryosuke Niwa.
2081
2082         Dark mode content that is pasted should have the inline styles inverse color
2083         transformed by the color filter to match the color filtered document contents.
2084
2085         Layout Test: editing/pasteboard/paste-dark-mode-color-filtered.html
2086         API Tests: PasteHTML.TransformColorsOfDarkContent, PasteHTML.DoesNotTransformColorsOfLightContent,
2087             PasteRTFD.TransformColorsOfDarkContent, PasteRTFD.DoesNotTransformColorsOfLightContent
2088
2089         * editing/EditingStyle.cpp:
2090         (WebCore::EditingStyle::inverseTransformColorIfNeeded): Added caret-color to the transformed properties.
2091         * editing/ReplaceSelectionCommand.cpp:
2092         (WebCore::fragmentNeedsColorTransformed): Added.
2093         (WebCore::ReplaceSelectionCommand::inverseTransformColor): Added.
2094         (WebCore::ReplaceSelectionCommand::doApply): Call fragmentNeedsColorTransformed() and inverseTransformColor().
2095         * editing/ReplaceSelectionCommand.h:
2096
2097 2019-09-04  Chris Dumez  <cdumez@apple.com>
2098
2099         Unreviewed, drop extra whitespace added in r249515.
2100
2101         * loader/EmptyFrameLoaderClient.h:
2102
2103 2019-09-04  Chris Dumez  <cdumez@apple.com>
2104
2105         Unreviewed build fix after r249501.
2106
2107         r249501 seems to have exposed the fact that EmptyFrameLoaderClient.h is missing a #pragma once.
2108
2109         * loader/EmptyFrameLoaderClient.h:
2110
2111 2019-09-06  Simon Fraser  <simon.fraser@apple.com>
2112
2113         REGRESSION (iOS 13): If an overflow:hidden with a non-zero scroll position is toggled to overflow:scroll, some other scroll causes its scroll position to get reset
2114         https://bugs.webkit.org/show_bug.cgi?id=201528
2115         rdar://problem/55044885
2116
2117         Reviewed by Frédéric Wang.
2118         
2119         If, when an overflow scrolling node is created, the scroller has non-zero scroll
2120         position (for example, via toggling to overflow:hidden, setting scrollTop, then toggling
2121         to overflow:scroll), then on the next update its scroll position will reset back to zero.
2122
2123         The bug was that newly created ScrollingTreeScrollingNodes didn't set m_currentScrollPosition
2124         to the scroll position coming from the state node, so a subsequent update could cause
2125         the 0,0 currentScrollPosition to get applied. If we're making a new node, and there's no
2126         requestedScrollPosition, then initialize m_currentScrollPosition.
2127
2128         Test: scrollingcoordinator/ios/scroller-initial-scroll-position.html
2129
2130         * page/scrolling/ScrollingTreeScrollingNode.cpp:
2131         (WebCore::ScrollingTreeScrollingNode::commitStateBeforeChildren):
2132         (WebCore::ScrollingTreeScrollingNode::commitStateAfterChildren):
2133         * page/scrolling/ScrollingTreeScrollingNode.h:
2134
2135 2019-09-04  Yusuke Suzuki  <ysuzuki@apple.com>
2136
2137         [JSC] Make Promise implementation faster
2138         https://bugs.webkit.org/show_bug.cgi?id=200898
2139
2140         Reviewed by Saam Barati.
2141
2142         * Modules/streams/ReadableStream.js:
2143         (pipeThrough):
2144         * Modules/streams/ReadableStreamInternals.js:
2145         (readableStreamError):
2146         (readableStreamReaderGenericRelease):
2147
2148 2019-09-04  Tim Horton  <timothy_horton@apple.com>
2149
2150         Line artifacts in note body after viewing note with <attachment>s
2151         https://bugs.webkit.org/show_bug.cgi?id=201474
2152         <rdar://problem/51306108>
2153
2154         Reviewed by Simon Fraser.
2155
2156         Test: fast/attachment/attachment-border-should-stay-inside-attachment.html
2157
2158         * rendering/RenderThemeIOS.mm:
2159         (WebCore::attachmentBorderPath):
2160         (WebCore::paintAttachmentBorder):
2161         Inset the border rect by half the width, so that <attachment> doesn't
2162         paint out-of-bounds.
2163
2164 2019-09-04  Joseph Pecoraro  <pecoraro@apple.com>
2165
2166         Web Inspector: Local Overrides - Provide substitution content for resource loads (URL based)
2167         https://bugs.webkit.org/show_bug.cgi?id=201262
2168         <rdar://problem/13108764>
2169
2170         Reviewed by Devin Rousso.
2171
2172         Tests: http/tests/inspector/network/local-resource-override-basic.html
2173                http/tests/inspector/network/local-resource-override-main-resource.html
2174                http/tests/inspector/network/local-resource-override-script-tag.html
2175                http/tests/inspector/network/resource-response-inspector-override.html
2176
2177         * Sources.txt:
2178         * WebCore.xcodeproj/project.pbxproj:
2179         * Headers.cmake:
2180         New files.
2181
2182         * inspector/InspectorInstrumentation.cpp:
2183         (WebCore::InspectorInstrumentation::willInterceptRequestImpl):
2184         (WebCore::InspectorInstrumentation::shouldInterceptResponseImpl):
2185         (WebCore::InspectorInstrumentation::interceptResponseImpl):
2186         * inspector/InspectorInstrumentation.h:
2187         (WebCore::InspectorInstrumentation::hasFrontends):
2188         (WebCore::InspectorInstrumentation::willInterceptRequest):
2189         (WebCore::InspectorInstrumentation::shouldInterceptResponse):
2190         (WebCore::InspectorInstrumentation::interceptResponse):
2191         (WebCore::InspectorInstrumentation::frontendCreated):
2192         (WebCore::InspectorInstrumentation::frontendDeleted):
2193         * inspector/InspectorInstrumentationPublic.cpp:
2194         * inspector/InspectorInstrumentationPublic.h:
2195         * inspector/InspectorInstrumentationWebKit.cpp:
2196         (WebCore::InspectorInstrumentationWebKit::shouldInterceptResponseInternal):
2197         (WebCore::InspectorInstrumentationWebKit::interceptResponseInternal):
2198         * inspector/InspectorInstrumentationWebKit.h: Added.
2199         (WebCore::InspectorInstrumentationWebKit::shouldInterceptResponse):
2200         (WebCore::InspectorInstrumentationWebKit::interceptResponse):
2201         Provide a slim InspectorInstrumentation API that can be used in the WebKit
2202         layer without a ton of includes.
2203
2204         * inspector/agents/InspectorNetworkAgent.cpp:
2205         (WebCore::responseSource):
2206         (WebCore::InspectorNetworkAgent::disable):
2207         (WebCore::InspectorNetworkAgent::continuePendingResponses):
2208         (WebCore::InspectorNetworkAgent::setInterceptionEnabled):
2209         (WebCore::InspectorNetworkAgent::addInterception):
2210         (WebCore::InspectorNetworkAgent::removeInterception):
2211         (WebCore::InspectorNetworkAgent::willInterceptRequest):
2212         (WebCore::InspectorNetworkAgent::shouldInterceptResponse):
2213         (WebCore::InspectorNetworkAgent::interceptResponse):
2214         (WebCore::InspectorNetworkAgent::interceptContinue):
2215         (WebCore::InspectorNetworkAgent::interceptWithResponse):
2216         Manage a list of URLs that will be intercepted and send
2217         intercepts to an active frontend for response content.
2218
2219         * inspector/agents/InspectorNetworkAgent.h:
2220         (WebCore::InspectorNetworkAgent::PendingInterceptResponse::PendingInterceptResponse):
2221         (WebCore::InspectorNetworkAgent::PendingInterceptResponse::~PendingInterceptResponse):
2222         (WebCore::InspectorNetworkAgent::PendingInterceptResponse::originalResponse):
2223         (WebCore::InspectorNetworkAgent::PendingInterceptResponse::respondWithOriginalResponse):
2224         (WebCore::InspectorNetworkAgent::PendingInterceptResponse::respond):
2225         Callback for an eventual intercept response.
2226
2227         * platform/network/ResourceResponseBase.h:
2228         New ResponseSource - Inspector Override.
2229
2230         * loader/DocumentLoader.cpp:
2231         (WebCore::logResourceResponseSource):
2232         * testing/Internals.cpp:
2233         (WebCore::responseSourceToString):
2234         Handle new response sources.
2235
2236         * loader/cache/CachedResourceLoader.cpp:
2237         (WebCore::CachedResourceLoader::requestResource):
2238         (WebCore::CachedResourceLoader::preload):
2239         Avoid preloading or using the cache for URLs that would be intercepted
2240         by an active Inspector frontend.
2241
2242         * loader/cache/MemoryCache.cpp:
2243         (WebCore::MemoryCache::remove):
2244         Assertion to help detect if we ever get override content into the MemoryCache.
2245
2246         * loader/ResourceLoader.h:
2247         (WebCore::DocumentLoader::responseReceived):
2248         * loader/ResourceLoader.cpp:
2249         Fix typos.
2250
2251 2019-09-04  Chris Dumez  <cdumez@apple.com>
2252
2253         Expose WebPageProxy identifier to the Network Process
2254         https://bugs.webkit.org/show_bug.cgi?id=201467
2255
2256         Reviewed by Geoffrey Garen.
2257
2258         * loader/EmptyFrameLoaderClient.h:
2259         (isType):
2260         * loader/FrameLoaderClient.h:
2261
2262 2019-09-04  Alex Christensen  <achristensen@webkit.org>
2263
2264         Remove unused SPI that accesses MemoryCache directly
2265         https://bugs.webkit.org/show_bug.cgi?id=201468
2266
2267         Reviewed by Tim Horton.
2268
2269         * loader/cache/MemoryCache.cpp:
2270         (WebCore::dummyCachedImageClient): Deleted.
2271         (WebCore::MemoryCache::addImageToCache): Deleted.
2272         (WebCore::MemoryCache::removeImageFromCache): Deleted.
2273         * loader/cache/MemoryCache.h:
2274
2275 2019-09-04  Zalan Bujtas  <zalan@apple.com>
2276
2277         [LFC] Assert on FormattingContext escaping
2278         https://bugs.webkit.org/show_bug.cgi?id=201464
2279         <rdar://problem/55029574>
2280
2281         Reviewed by Antti Koivisto.
2282
2283         This patch asserts on accidental formatting context escaping. This is only a correctness issue at the moment,
2284         since we don't support multithreaded subtree layout yet.
2285         Normally we should not need to access display boxes in different formatting contexts during layout, but there are a few, justified cases when it is required.
2286
2287         * layout/FormattingContext.cpp:
2288         (WebCore::Layout::FormattingContext::displayBoxForLayoutBox const):
2289         * layout/FormattingContext.h:
2290         (WebCore::Layout::FormattingContext::displayBoxForLayoutBox const): Deleted.
2291         * layout/FormattingContextGeometry.cpp:
2292         (WebCore::Layout::FormattingContext::Geometry::contentHeightForFormattingContextRoot const):
2293         (WebCore::Layout::FormattingContext::Geometry::staticVerticalPositionForOutOfFlowPositioned const):
2294         (WebCore::Layout::FormattingContext::Geometry::staticHorizontalPositionForOutOfFlowPositioned const):
2295         * layout/FormattingContextQuirks.cpp:
2296         (WebCore::Layout::FormattingContext::Quirks::heightValueOfNearestContainingBlockWithFixedHeight):
2297         * layout/floats/FloatingContext.cpp:
2298         (WebCore::Layout::FloatingContext::absoluteDisplayBoxCoordinates const):
2299         (WebCore::Layout::FloatingContext::mapToFloatingStateRoot const):
2300         (WebCore::Layout::FloatingContext::mapTopToFloatingStateRoot const):
2301         (WebCore::Layout::FloatingContext::mapPointFromFormattingContextRootToFloatingStateRoot const):
2302         * page/FrameViewLayoutContext.cpp:
2303         (WebCore::layoutUsingFormattingContext):
2304
2305 2019-09-04  Zalan Bujtas  <zalan@apple.com>
2306
2307         [LFC] FormattingContext::map* functions are too generic.
2308         https://bugs.webkit.org/show_bug.cgi?id=201447
2309         <rdar://problem/55005733>
2310
2311         Reviewed by Antti Koivisto.
2312
2313         We don't need such generic mapping functions yet. This patch is also in preparation for
2314         asserting on formatting context escaping. 
2315
2316         * layout/FormattingContext.cpp:
2317         (WebCore::Layout::FormattingContext::mapTopToFormattingContextRoot const):
2318         (WebCore::Layout::FormattingContext::mapLeftToFormattingContextRoot const):
2319         (WebCore::Layout::FormattingContext::mapRightToFormattingContextRoot const):
2320         (WebCore::Layout::FormattingContext::mapLeftToAncestor const): Deleted.
2321         (WebCore::Layout::FormattingContext::mapRightToAncestor const): Deleted.
2322         (WebCore::Layout::FormattingContext::mapBoxToAncestor const): Deleted.
2323         (WebCore::Layout::FormattingContext::mapTopToAncestor const): Deleted.
2324         (WebCore::Layout::FormattingContext::mapPointToAncestor const): Deleted.
2325         (WebCore::Layout::FormattingContext::mapPointToDescendent const): Deleted.
2326         * layout/FormattingContext.h:
2327         * layout/blockformatting/BlockFormattingContext.cpp:
2328         (WebCore::Layout::BlockFormattingContext::usedAvailableWidthForFloatAvoider const):
2329         * layout/floats/FloatingContext.cpp:
2330         (WebCore::Layout::FloatingContext::positionForFloat const):
2331         (WebCore::Layout::FloatingContext::positionForFormattingContextRoot const):
2332         (WebCore::Layout::FloatingContext::verticalPositionWithClearance const):
2333         (WebCore::Layout::FloatingContext::constraints const):
2334         (WebCore::Layout::FloatingContext::append):
2335         (WebCore::Layout::FloatingContext::absoluteDisplayBoxCoordinates const):
2336         (WebCore::Layout::FloatingContext::mapToFloatingStateRoot const):
2337         (WebCore::Layout::FloatingContext::mapTopToFloatingStateRoot const):
2338         (WebCore::Layout::FloatingContext::mapPointFromFormattingContextRootToFloatingStateRoot const):
2339         (WebCore::Layout::mapToFormattingContextRoot): Deleted.
2340         * layout/floats/FloatingContext.h:
2341         * page/FrameViewLayoutContext.cpp:
2342         (WebCore::layoutUsingFormattingContext):
2343
2344 2019-09-04  Antoine Quint  <graouts@apple.com>
2345
2346         [iPadOS] Unable to change sheets on Airtable.com
2347         https://bugs.webkit.org/show_bug.cgi?id=201456
2348         <rdar://problem/51557377>
2349
2350         Reviewed by Dean Jackson.
2351
2352         Simulated mouse events are required to be able to manipulate cells and and columns on Airtable.com. However, dispatching a "mousedown" event on
2353         tabs allowing to pick a different sheet ends up calling preventDefault() and prevent "click" events from being dispatched, which makes it
2354         impossible to change sheet. We now limit the dispatch of simulated mouse events to the grid.
2355
2356         * page/Quirks.cpp:
2357         (WebCore::Quirks::simulatedMouseEventTypeForTarget const):
2358
2359 2019-09-04  Youenn Fablet  <youenn@apple.com>
2360
2361         Abstract out WebSocketChannel message queue
2362         https://bugs.webkit.org/show_bug.cgi?id=201359
2363
2364         Reviewed by Alex Christensen.
2365
2366         Move BlobLoader in its own file.
2367         Introduce NetworkSendQueue class to handle the sending of messages, some of them being blobs.
2368         This class ensures that messages will be sent in order, even though blob data is resolved asynchronously.
2369
2370         Covered by existing tests.
2371
2372         * Headers.cmake:
2373         * Sources.txt:
2374         * WebCore.xcodeproj/project.pbxproj:
2375         * fileapi/BlobLoader.h: Added.
2376         (WebCore::BlobLoader::BlobLoader):
2377         (WebCore::BlobLoader::~BlobLoader):
2378         (WebCore::BlobLoader::didFinishLoading):
2379         (WebCore::BlobLoader::didFail):
2380         (WebCore::BlobLoader::complete):
2381         * fileapi/NetworkSendQueue.cpp: Added.
2382         (WebCore::NetworkSendQueue::NetworkSendQueue):
2383         (WebCore::NetworkSendQueue::enqueue):
2384         (WebCore::NetworkSendQueue::clear):
2385         (WebCore::NetworkSendQueue::processMessages):
2386         * fileapi/NetworkSendQueue.h: Added.
2387
2388 2019-09-04  Rob Buis  <rbuis@igalia.com>
2389
2390         Allow checking whether image was created from JavaScript
2391         https://bugs.webkit.org/show_bug.cgi?id=200662
2392
2393         Reviewed by Darin Adler.
2394
2395         No behavior change.
2396
2397         * html/HTMLImageElement.cpp:
2398         (WebCore::HTMLImageElement::HTMLImageElement):
2399         (WebCore::HTMLImageElement::create):
2400         * html/HTMLImageElement.h:
2401         (WebCore::HTMLImageElement::createdByParser const):
2402         * html/HTMLTagNames.in:
2403
2404 2019-09-04  Zan Dobersek  <zdobersek@igalia.com>
2405
2406         Remove unused ScrollingTreeOverflowScrollProxyNode implementation
2407         https://bugs.webkit.org/show_bug.cgi?id=201376
2408
2409         Reviewed by Simon Fraser.
2410
2411         Remove the unused ScrollingTreeOverflowScrollProxyNode implementation
2412         and header files that were added in r246723 but are not included in any
2413         build. Cocoa-specific implementation remains untouched, and other
2414         scrolling systems should be providing their own (as is the case with
2415         other types of nodes).
2416
2417         * page/scrolling/ScrollingTreeOverflowScrollProxyNode.cpp: Removed.
2418         * page/scrolling/ScrollingTreeOverflowScrollProxyNode.h: Removed.
2419
2420 2019-09-04  Philippe Normand  <pnormand@igalia.com>
2421
2422         [GStreamer] Sound is down-pitched when playing video from YLE Areena
2423         https://bugs.webkit.org/show_bug.cgi?id=201399
2424
2425         Reviewed by Xabier Rodriguez-Calvar.
2426
2427         If the FDK-AAC decoder is available, promote it and downrank the
2428         libav AAC decoders, due to their broken LC support, as reported in:
2429         https://ffmpeg.org/pipermail/ffmpeg-devel/2019-July/247063.html
2430
2431         * platform/graphics/gstreamer/GStreamerCommon.cpp:
2432         (WebCore::initializeGStreamer):
2433
2434 2019-09-04  Pablo Saavedra  <psaavedra@igalia.com>
2435
2436         [GTK] Build failure in Debian Stable and Ubuntu LTS bots after r249427
2437         https://bugs.webkit.org/show_bug.cgi?id=201434
2438
2439         Reviewed by Xabier Rodriguez-Calvar.
2440
2441         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
2442         (WebCore::GstVideoFrameHolder::waitForCPUSync):
2443
2444 2019-09-03  Wenson Hsieh  <wenson_hsieh@apple.com>
2445
2446         [macCatalyst] Unable to upload non-image files using drag and drop
2447         https://bugs.webkit.org/show_bug.cgi?id=201438
2448
2449         Reviewed by Tim Horton.
2450
2451         On recent builds of macOS 10.15, NSItemProviders that are produced when dropping files from Finder into a
2452         macCatalyst app no longer contain `kUTTypeFileURL` as a registered type identifier. This means that the current
2453         heuristic for figuring out whether or not an item provider can be represented as a file upload is broken, since
2454         it thinks all dropped content is inline data.
2455
2456         On iOS, we treat an NSItemProvider as an "uploaded" file as long as it hasn't been explicitly marked as inline
2457         data, such as a dragged selection from a native text field. However, on macCatalyst, all item providers return
2458         preferredPresentationStyle of UIPreferredPresentationStyleUnspecified, regardless of the source, so this check
2459         is useless on macCatalyst since it would consider all dropped content as a file upload (text selections, plain
2460         URLs, etc.).
2461
2462         Luckily, NSItemProvider's -suggestedName is now populated in recent macOS builds, which means we have a much
2463         stronger (and more robust) hint that a dropped item provider is actually a file. For the time being, use this
2464         instead of always returning `NO`.
2465
2466         * platform/ios/WebItemProviderPasteboard.mm:
2467         (-[WebItemProviderLoadResult canBeRepresentedAsFileUpload]):
2468
2469         Make a minor tweak to move the UIPreferredPresentationStyleInline check to shared code, such that when
2470         <rdar://55002929> is fixed, our code will automatically correctly treat inline item providers that have been
2471         explicitly marked as such.
2472
2473 2019-09-03  Antti Koivisto  <antti@apple.com>
2474
2475         Remove redundant painting phase arguments from GraphicsLayerClient functions
2476         https://bugs.webkit.org/show_bug.cgi?id=201443
2477
2478         Reviewed by Simon Fraser.
2479
2480         It is available from the GraphicsLayer.
2481
2482         * page/PageOverlayController.cpp:
2483         (WebCore::PageOverlayController::paintContents):
2484         * page/PageOverlayController.h:
2485         * page/mac/ServicesOverlayController.h:
2486         * page/mac/ServicesOverlayController.mm:
2487         (WebCore::ServicesOverlayController::Highlight::paintContents):
2488         * platform/graphics/GraphicsLayer.cpp:
2489         (WebCore::GraphicsLayer::paintGraphicsLayerContents):
2490         * platform/graphics/GraphicsLayerClient.h:
2491         (WebCore::GraphicsLayerClient::paintContents):
2492         * rendering/RenderLayerBacking.cpp:
2493         (WebCore::RenderLayerBacking::paintIntoLayer):
2494         (WebCore::RenderLayerBacking::paintFlagsForLayer const):
2495
2496         Factor into a function.
2497
2498         (WebCore::RenderLayerBacking::paintContents):
2499         * rendering/RenderLayerBacking.h:
2500         * rendering/RenderLayerCompositor.cpp:
2501         (WebCore::RenderLayerCompositor::paintContents):
2502         * rendering/RenderLayerCompositor.h:
2503
2504 2019-09-03  Myles C. Maxfield  <mmaxfield@apple.com>
2505
2506         [WHLSL] Implement SampleLevel(), SampleBias(), and SampleGrad()
2507         https://bugs.webkit.org/show_bug.cgi?id=201385
2508
2509         Reviewed by Dean Jackson.
2510
2511         These are used in the Babylon.js demo.
2512
2513         Tests: webgpu/whlsl/textures-sample-bias.html
2514                webgpu/whlsl/textures-sample-grad.html
2515                webgpu/whlsl/textures-sample-level.html
2516
2517         * Modules/webgpu/WHLSL/AST/WHLSLNativeTypeDeclaration.h:
2518         * Modules/webgpu/WHLSL/Metal/WHLSLNativeFunctionWriter.cpp:
2519         (WebCore::WHLSL::Metal::sampleType):
2520         (WebCore::WHLSL::Metal::inlineNativeFunction):
2521         * Modules/webgpu/WHLSL/WHLSLIntrinsics.cpp:
2522         (WebCore::WHLSL::Intrinsics::addFullTexture):
2523         (WebCore::WHLSL::Intrinsics::addDepthTexture):
2524         * Modules/webgpu/WHLSL/WHLSLStandardLibrary.txt:
2525
2526 2019-09-03  Chris Dumez  <cdumez@apple.com>
2527
2528         FrameLoader::FrameProgressTracker::progressCompleted() does not need a pageID
2529         https://bugs.webkit.org/show_bug.cgi?id=201431
2530
2531         Reviewed by Antti Koivisto.
2532
2533         FrameLoader::FrameProgressTracker::progressCompleted() does not need to request a pageID
2534         from the client. It can merely pass the Page object and the upper layers can very easily
2535         get the identifier of that page.
2536
2537         * loader/FrameLoader.cpp:
2538         (WebCore::FrameLoader::FrameProgressTracker::progressCompleted):
2539         * loader/LoaderStrategy.h:
2540
2541 2019-09-03  Devin Rousso  <drousso@apple.com>
2542
2543         REGRESSION (r249078): Flaky crash in com.apple.JavaScriptCore: Inspector::InjectedScriptModule::ensureInjected
2544         https://bugs.webkit.org/show_bug.cgi?id=201201
2545         <rdar://problem/54771560>
2546
2547         Reviewed by Joseph Pecoraro.
2548
2549         Tests: inspector/debugger/tail-deleted-frames-this-value.html
2550                inspector/heap/getRemoteObject.html
2551
2552         * inspector/CommandLineAPIModuleSource.js:
2553         Avoid executing functions when injecting. Instead, modify the `CommandLineAPI` directly.
2554
2555 2019-09-03  Zalan Bujtas  <zalan@apple.com>
2556
2557         [LFC][TFC] Initialize <thead><tbody><tfoot> display boxes.
2558         https://bugs.webkit.org/show_bug.cgi?id=201235
2559         <rdar://problem/54807060>
2560
2561         Reviewed by Antti Koivisto.
2562
2563         Set them as blank for now.
2564
2565         * layout/tableformatting/TableFormattingContext.cpp:
2566         (WebCore::Layout::TableFormattingContext::layout const):
2567
2568 2019-09-03  Zalan Bujtas  <zalan@apple.com>
2569
2570         [LFC][Floating] Replace all LayoutState::displayBoxForLayoutBox() calls with FormattingContext::displayBoxForLayoutBox()
2571         https://bugs.webkit.org/show_bug.cgi?id=201414
2572         <rdar://problem/54963302>
2573
2574         Reviewed by Antti Koivisto.
2575
2576         Fix the final LayoutState::displayBoxForLayoutBox() callsites. Now all displayBoxForLayoutBox() calls are directed to the
2577         established FormattingContext.
2578
2579         * layout/FormattingContext.cpp:
2580         (WebCore::Layout::mapHorizontalPositionToAncestor):
2581         (WebCore::Layout::FormattingContext::mapLeftToAncestor const):
2582         (WebCore::Layout::FormattingContext::mapRightToAncestor const):
2583         (WebCore::Layout::FormattingContext::mapBoxToAncestor const):
2584         (WebCore::Layout::FormattingContext::mapTopToAncestor const):
2585         (WebCore::Layout::FormattingContext::mapPointToAncestor const):
2586         (WebCore::Layout::FormattingContext::mapPointToDescendent const):
2587         (WebCore::Layout::FormattingContext::mapLeftToAncestor): Deleted.
2588         (WebCore::Layout::FormattingContext::mapRightToAncestor): Deleted.
2589         (WebCore::Layout::FormattingContext::mapBoxToAncestor): Deleted.
2590         (WebCore::Layout::FormattingContext::mapTopToAncestor): Deleted.
2591         (WebCore::Layout::FormattingContext::mapPointToAncestor): Deleted.
2592         (WebCore::Layout::FormattingContext::mapPointToDescendent): Deleted.
2593         * layout/FormattingContext.h:
2594         (WebCore::Layout::FormattingContext::root const):
2595         (WebCore::Layout::FormattingContext::formattingState const):
2596         * layout/blockformatting/BlockFormattingContext.cpp:
2597         (WebCore::Layout::BlockFormattingContext::layout):
2598         (WebCore::Layout::BlockFormattingContext::usedAvailableWidthForFloatAvoider const):
2599         * layout/floats/FloatingContext.cpp:
2600         (WebCore::Layout::mapToFormattingContextRoot):
2601         (WebCore::Layout::FloatingContext::FloatingContext):
2602         (WebCore::Layout::FloatingContext::positionForFloat const):
2603         (WebCore::Layout::FloatingContext::positionForFormattingContextRoot const):
2604         (WebCore::Layout::FloatingContext::verticalPositionWithClearance const):
2605         (WebCore::Layout::FloatingContext::constraints const):
2606         (WebCore::Layout::FloatingContext::append):
2607         * layout/floats/FloatingContext.h:
2608         (WebCore::Layout::FloatingContext::formattingContext const):
2609         (WebCore::Layout::FloatingContext::root const):
2610         * layout/inlineformatting/InlineFormattingContextLineLayout.cpp:
2611         (WebCore::Layout::InlineFormattingContext::InlineLayout::layout const):
2612         (WebCore::Layout::InlineFormattingContext::InlineLayout::createDisplayRuns const):
2613
2614 2019-09-04  Simon Fraser  <simon.fraser@apple.com>
2615
2616         Cancelled transitions on Google image search leave content with opacity 0 sometimes
2617         https://bugs.webkit.org/show_bug.cgi?id=201482
2618         rdar://problem/54921036
2619
2620         Reviewed by Tim Horton.
2621         
2622         If, in a single rendering update, we started an accelerated opacity transition, and then removed
2623         it, we'd still push the transition onto the CALayer with fillForwards and never remove it, so its
2624         effects would last forever.
2625
2626         Fix by making GraphicsLayerCA::removeAnimation() remove animations from the uncomittedAnimations
2627         list as well.
2628         
2629         Also fix layer names in debug; if a layer's primaryLayerID changed, we'd fail to rename the
2630         CALayer, causing confusion when logging at layer dumps. Fix by adding the layer ID just
2631         before pushing the name to the platform layer.
2632
2633         Some drive-by logging cleanup.
2634
2635         Test: legacy-animation-engine/compositing/transitions/add-remove-transition.html
2636
2637         * platform/graphics/GraphicsLayer.cpp:
2638         (WebCore::GraphicsLayer::debugName const):
2639         * platform/graphics/GraphicsLayer.h:
2640         * platform/graphics/ca/GraphicsLayerCA.cpp:
2641         (WebCore::GraphicsLayerCA::setName):
2642         (WebCore::GraphicsLayerCA::debugName const):
2643         (WebCore::GraphicsLayerCA::addAnimation):
2644         (WebCore::GraphicsLayerCA::pauseAnimation):
2645         (WebCore::GraphicsLayerCA::seekAnimation):
2646         (WebCore::GraphicsLayerCA::removeAnimation):
2647         (WebCore::GraphicsLayerCA::platformCALayerAnimationStarted):
2648         (WebCore::GraphicsLayerCA::platformCALayerAnimationEnded):
2649         (WebCore::GraphicsLayerCA::updateNames):
2650         (WebCore::GraphicsLayerCA::createTransformAnimationsFromKeyframes):
2651         * platform/graphics/ca/GraphicsLayerCA.h:
2652         * rendering/RenderLayerCompositor.cpp:
2653         (WebCore::RenderLayerCompositor::logLayerInfo):
2654
2655 2019-09-03  Zalan Bujtas  <zalan@apple.com>
2656
2657         [LFC] FloatingState should not need to query for display boxes.
2658         https://bugs.webkit.org/show_bug.cgi?id=201408
2659         <rdar://problem/54958348>
2660
2661         Reviewed by Antti Koivisto.
2662
2663         This is in preparation for transitioning the floating codebase to use the formatting context for
2664         retrieving display boxes.
2665         FloatingContext should be responsible for adding/removing the new/existing float boxes to the state.
2666
2667         * layout/blockformatting/BlockFormattingContext.cpp:
2668         (WebCore::Layout::BlockFormattingContext::layoutFormattingContextRoot):
2669         * layout/floats/FloatingContext.cpp:
2670         (WebCore::Layout::FloatingContext::append):
2671         (WebCore::Layout::FloatingContext::remove):
2672         * layout/floats/FloatingContext.h:
2673         * layout/floats/FloatingState.cpp:
2674         (WebCore::Layout::FloatingState::append):
2675         (WebCore::Layout::belongsToThisFloatingContext): Deleted.
2676         * layout/floats/FloatingState.h:
2677         (WebCore::Layout::FloatingState::FloatItem::horizontalMargin const):
2678         * layout/inlineformatting/InlineFormattingContextLineLayout.cpp:
2679         (WebCore::Layout::InlineFormattingContext::InlineLayout::createDisplayRuns const):
2680
2681 2019-09-03  Zalan Bujtas  <zalan@apple.com>
2682
2683         [LFC][Floats] Do not pass FloatingState to FloatItem
2684         https://bugs.webkit.org/show_bug.cgi?id=201406
2685         <rdar://problem/54957097>
2686
2687         Reviewed by Antti Koivisto.
2688
2689         This is in preparation for transitioning the floating codebase to use the formatting context for
2690         retrieving display boxes. Now FloatItems don't need the FloatingState to compute absolute display boxes.  
2691
2692         * layout/floats/FloatingState.cpp:
2693         (WebCore::Layout::FloatingState::FloatItem::FloatItem):
2694         (WebCore::Layout::FloatingState::append):
2695         * layout/floats/FloatingState.h:
2696
2697 2019-09-03  Zalan Bujtas  <zalan@apple.com>
2698
2699         [LFC][Floats] Do not pass FloatingState to FloatAvoider/FloatBox
2700         https://bugs.webkit.org/show_bug.cgi?id=201405
2701         <rdar://problem/54956381>
2702
2703         Reviewed by Antti Koivisto.
2704
2705         This is in preparation for transitioning the floating codebase to use the formatting context for
2706         retrieving display boxes. Now FloatAvoiders/FloatBoxes don't need the FloatingState to compute absolute display boxes.
2707
2708         * layout/floats/FloatAvoider.cpp:
2709         (WebCore::Layout::FloatAvoider::FloatAvoider):
2710         (WebCore::Layout::FloatAvoider::setHorizontalConstraints):
2711         (WebCore::Layout::FloatAvoider::initialHorizontalPosition const):
2712         (WebCore::Layout::FloatAvoider::overflowsContainingBlock const):
2713         (WebCore::Layout::FloatAvoider::rectInContainingBlock const):
2714         * layout/floats/FloatAvoider.h:
2715         (WebCore::Layout::FloatAvoider::floatingState const): Deleted.
2716         * layout/floats/FloatBox.cpp:
2717         (WebCore::Layout::FloatBox::FloatBox):
2718         (WebCore::Layout::FloatBox::initialVerticalPosition const):
2719         * layout/floats/FloatBox.h:
2720         * layout/floats/FloatingContext.cpp:
2721         (WebCore::Layout::mapToFormattingContextRoot):
2722         (WebCore::Layout::FloatingContext::positionForFloat const):
2723         (WebCore::Layout::FloatingContext::positionForFormattingContextRoot const):
2724         * platform/graphics/LayoutPoint.h:
2725         (WebCore::LayoutPoint::isZero const):
2726
2727 2019-09-03  Jiewen Tan  <jiewen_tan@apple.com>
2728
2729         [WebAuthn] Enable WebAuthn by default for MobileSafari and SafariViewService
2730         https://bugs.webkit.org/show_bug.cgi?id=201369
2731         <rdar://problem/54903724>
2732
2733         Reviewed by Brent Fulgham.
2734
2735         * platform/RuntimeApplicationChecks.h:
2736         * platform/cocoa/RuntimeApplicationChecksCocoa.mm:
2737         (WebCore::IOSApplication::isSafariViewService):
2738         Adds a way to detect SafariViewService.
2739
2740 2019-09-03  Simon Fraser  <simon.fraser@apple.com>
2741
2742         Cache "compositingAncestor" during the compositing updateBackingAndHierarchy() tree walk
2743         https://bugs.webkit.org/show_bug.cgi?id=201403
2744
2745         Reviewed by Antti Koivisto.
2746
2747         Finding a layer's compositingAncestor requires an ancestor tree walk. We can avoid this during
2748         compositing updates, since we're already in the middle of a paint-order tree walk, and can just
2749         keep track of the current compositingAncestor on the way down.
2750
2751         Shaves a few % off time in updateCompositingLayers().
2752
2753         * rendering/RenderLayerBacking.cpp:
2754         (WebCore::RenderLayerBacking::updateConfiguration):
2755         (WebCore::ComputedOffsets::ComputedOffsets):
2756         (WebCore::ComputedOffsets::fromAncestorGraphicsLayer):
2757         (WebCore::RenderLayerBacking::computePrimaryGraphicsLayerRect const):
2758         (WebCore::RenderLayerBacking::updateGeometry):
2759         * rendering/RenderLayerBacking.h:
2760         * rendering/RenderLayerCompositor.cpp:
2761         (WebCore::RenderLayerCompositor::UpdateBackingTraversalState::UpdateBackingTraversalState):
2762         (WebCore::RenderLayerCompositor::UpdateBackingTraversalState::stateForDescendants const):
2763         (WebCore::RenderLayerCompositor::updateCompositingLayers):
2764         (WebCore::RenderLayerCompositor::computeCompositingRequirements):
2765         (WebCore::RenderLayerCompositor::updateBackingAndHierarchy):
2766         (WebCore::RenderLayerCompositor::updateLayerCompositingState):
2767         (WebCore::RenderLayerCompositor::computeCoordinatedPositioningForLayer const):
2768         (WebCore::RenderLayerCompositor::coordinatedScrollingRolesForLayer const):
2769         (WebCore::RenderLayerCompositor::updateScrollCoordinationForLayer):
2770         (WebCore::RenderLayerCompositor::updateScrollingNodeForPositioningRole):
2771         * rendering/RenderLayerCompositor.h:
2772
2773 2019-09-03  Simon Fraser  <simon.fraser@apple.com>
2774
2775         Make "clips compositing descendants" an indirect compositing reason
2776         https://bugs.webkit.org/show_bug.cgi?id=201381
2777
2778         Reviewed by Antti Koivisto.
2779
2780         Whether a layer has to composite to clip composited descendants is an "indirect" reason,
2781         just like having to composite for filters if there's a composited descendant. So add
2782         IndirectCompositingReason::Clipping, and have computeIndirectCompositingReason() compute this,
2783         replacing the code that ran in computeCompositingRequirements().
2784
2785         This is some preparatory cleanup for webkit.org/b/201330.
2786
2787         * rendering/RenderLayer.cpp:
2788         (WebCore::RenderLayer::calculateClipRects const):
2789         * rendering/RenderLayer.h:
2790         * rendering/RenderLayerCompositor.cpp:
2791         (WebCore::RenderLayerCompositor::computeCompositingRequirements):
2792         (WebCore::RenderLayerCompositor::requiresCompositingLayer const):
2793         (WebCore::RenderLayerCompositor::reasonsForCompositing const):
2794         (WebCore::RenderLayerCompositor::computeIndirectCompositingReason const):
2795         (WebCore::RenderLayerCompositor::requiresCompositingForIndirectReason const): Deleted.
2796         * rendering/RenderLayerCompositor.h:
2797
2798 2019-09-03  Zalan Bujtas  <zalan@apple.com>
2799
2800         [LFC][Floats] Move FloatingState::constraints to FloatingContext
2801         https://bugs.webkit.org/show_bug.cgi?id=201393
2802         <rdar://problem/54939361>
2803
2804         Reviewed by Antti Koivisto.
2805
2806         This is in preparation for transitioning the floating codebase to use the formatting context for
2807         retrieving display boxes. Now FloatingContext (just like any other formatting context) holds on to the formatting
2808         context root.
2809
2810         * layout/blockformatting/BlockFormattingContext.cpp:
2811         (WebCore::Layout::BlockFormattingContext::layout):
2812         (WebCore::Layout::BlockFormattingContext::usedAvailableWidthForFloatAvoider const):
2813         (WebCore::Layout::BlockFormattingContext::computeEstimatedVerticalPositionForFloatClear):
2814         (WebCore::Layout::BlockFormattingContext::computePositionToAvoidFloats):
2815         * layout/floats/FloatingContext.cpp:
2816         (WebCore::Layout::FloatingContext::FloatingContext):
2817         (WebCore::Layout::FloatingContext::positionForFloat const):
2818         (WebCore::Layout::FloatingContext::positionForFormattingContextRoot const):
2819         (WebCore::Layout::FloatingContext::verticalPositionWithClearance const):
2820         (WebCore::Layout::FloatingContext::constraints const):
2821         * layout/floats/FloatingContext.h:
2822         (WebCore::Layout::FloatingContext::isEmpty const):
2823         (WebCore::Layout::FloatingContext::root const):
2824         * layout/floats/FloatingState.cpp:
2825         (WebCore::Layout::FloatingState::constraints const): Deleted.
2826         * layout/floats/FloatingState.h:
2827         (WebCore::Layout::FloatingState::last const):
2828         (WebCore::Layout::FloatingState::isEmpty const): Deleted.
2829         * layout/inlineformatting/InlineFormattingContextLineLayout.cpp:
2830         (WebCore::Layout::InlineFormattingContext::InlineLayout::layout const):
2831         (WebCore::Layout::InlineFormattingContext::InlineLayout::createDisplayRuns const):
2832
2833 2019-09-03  Chris Lord  <clord@igalia.com>
2834
2835         [GStreamer] Add support to copy YUV video textures into images
2836         https://bugs.webkit.org/show_bug.cgi?id=200922
2837
2838         Reviewed by Philippe Normand and Xabier Rodriguez-Calvar.
2839
2840         Use gst_gl_color_convert to convert to RGB before using ImageGStreamer
2841         with gstreamer-gl.
2842
2843         No new tests, not changing behavior.
2844
2845         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
2846         (WebCore::MediaPlayerPrivateGStreamerBase::paint):
2847         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
2848
2849 2019-09-03  Chris Lord  <clord@igalia.com>
2850
2851         [GStreamer] Add support to copy YUV video textures into platform textures
2852         https://bugs.webkit.org/show_bug.cgi?id=200914
2853
2854         Reviewed by Xabier Rodriguez-Calvar and Miguel Gomez.
2855
2856         Enable YUV (including planar and semi-planar) video texture to platform
2857         texture copy in VideoTextureCopierGStreamer.
2858
2859         No new tests, not changing behavior.
2860
2861         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
2862         (WebCore::GstVideoFrameHolder::platformLayerBuffer):
2863         (WebCore::MediaPlayerPrivateGStreamerBase::pushTextureToCompositor):
2864         (WebCore::MediaPlayerPrivateGStreamerBase::copyVideoTextureToPlatformTexture):
2865         (WebCore::MediaPlayerPrivateGStreamerBase::nativeImageForCurrentTime):
2866         * platform/graphics/gstreamer/VideoTextureCopierGStreamer.cpp:
2867         (WebCore::VideoTextureCopierGStreamer::VideoTextureCopierGStreamer):
2868         (WebCore::VideoTextureCopierGStreamer::copyVideoTextureToPlatformTexture):
2869         * platform/graphics/gstreamer/VideoTextureCopierGStreamer.h:
2870         * platform/graphics/texmap/TextureMapperPlatformLayerBuffer.h:
2871         (WebCore::TextureMapperPlatformLayerBuffer::textureVariant):
2872
2873 2019-09-03  Zan Dobersek  <zdobersek@igalia.com>  and  Chris Lord  <clord@igalia.com>
2874
2875         [Texmap][GStreamer] Add support to upload more color formats into the texture
2876         https://bugs.webkit.org/show_bug.cgi?id=132869
2877
2878         Reviewed by Xabier Rodriguez-Calvar.
2879
2880         Support non-interleaved YUV color for gstreamer-gl
2881
2882         This adds direct support for rendering I420, I444, YV12, YV21, Y42B,
2883         NV12, NV21 and VUYA color formats using GLGL shaders when using
2884         gstreamer-gl for video rendering. This avoids a surface copy on the GPU
2885         in those cases.
2886
2887         No new tests, not changing behavior.
2888
2889         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
2890         (WebCore::GstVideoFrameHolder::GstVideoFrameHolder):
2891         (WebCore::GstVideoFrameHolder::waitForCPUSync):
2892         (WebCore::GstVideoFrameHolder::hasMappedTextures const):
2893         (WebCore::GstVideoFrameHolder::videoFrame const):
2894         (WebCore::MediaPlayerPrivateGStreamerBase::pushTextureToCompositor):
2895         (WebCore::MediaPlayerPrivateGStreamerBase::createVideoSinkGL):
2896         * platform/graphics/gstreamer/VideoTextureCopierGStreamer.cpp:
2897         (WebCore::VideoTextureCopierGStreamer::VideoTextureCopierGStreamer):
2898         * platform/graphics/texmap/TextureMapperGL.cpp:
2899         (WebCore::optionsForFilterType):
2900         (WebCore::TextureMapperGL::drawTexture):
2901         (WebCore::prepareTransformationMatrixWithFlags):
2902         (WebCore::TextureMapperGL::drawTexturePlanarYUV):
2903         (WebCore::TextureMapperGL::drawTextureSemiPlanarYUV):
2904         (WebCore::TextureMapperGL::drawTexturePackedYUV):
2905         (WebCore::TextureMapperGL::drawTexturedQuadWithProgram):
2906         * platform/graphics/texmap/TextureMapperGL.h:
2907         * platform/graphics/texmap/TextureMapperPlatformLayerBuffer.cpp:
2908         (WebCore::TextureMapperPlatformLayerBuffer::TextureMapperPlatformLayerBuffer):
2909         (WebCore::TextureMapperPlatformLayerBuffer::~TextureMapperPlatformLayerBuffer):
2910         (WebCore::TextureMapperPlatformLayerBuffer::clone):
2911         (WebCore::TextureMapperPlatformLayerBuffer::paintToTextureMapper):
2912         * platform/graphics/texmap/TextureMapperPlatformLayerBuffer.h:
2913         * platform/graphics/texmap/TextureMapperShaderProgram.cpp:
2914         (WebCore::TextureMapperShaderProgram::create):
2915         * platform/graphics/texmap/TextureMapperShaderProgram.h:
2916
2917 2019-09-03  Rob Buis  <rbuis@igalia.com>
2918
2919         Remove support for load/error on link=prefetch
2920         https://bugs.webkit.org/show_bug.cgi?id=201348
2921
2922         Reviewed by Youenn Fablet.
2923
2924         Remove support for firing load/error on link=prefetch
2925         to address tracking concerns.
2926
2927         Tests: http/wpt/prefetch/load-events-dynamic.html
2928                http/wpt/prefetch/load-events.html
2929
2930         * html/HTMLLinkElement.cpp:
2931         (WebCore::HTMLLinkElement::linkLoaded):
2932         (WebCore::HTMLLinkElement::linkLoadingErrored):
2933         * html/HTMLLinkElement.h:
2934         * testing/Internals.cpp:
2935         (WebCore::Internals::addPrefetchLoadEventListener):
2936
2937 2019-09-02  Yusuke Suzuki  <ysuzuki@apple.com>
2938
2939         [WebCore] Resource usage accounting should accept non KERN_SUCCESS
2940         https://bugs.webkit.org/show_bug.cgi?id=201409
2941
2942         Reviewed by Andreas Kling.
2943
2944         While iterating threads, we are not suspending these threads. Underlying threads can have gone
2945         at any time and we will get non KERN_SUCCESS error code when a thread has gone. We should ignore
2946         these threads.
2947
2948         * page/cocoa/ResourceUsageThreadCocoa.mm:
2949         (WebCore::threadInfos):
2950
2951 2019-09-02  Fujii Hironori  <Hironori.Fujii@sony.com>
2952
2953         [SVG] fragment-only url 'url(#fragment)' should be resolved against the current document with regardless to HTML <base> element
2954         https://bugs.webkit.org/show_bug.cgi?id=189499
2955         <rdar://problem/44466206>
2956
2957         Reviewed by Said Abou-Hallawa.
2958
2959         Fragment-only URL 'url(#fragment)' should be resolved against the
2960         current document even if HTML <base> element is specified.
2961         Spec: <https://drafts.csswg.org/css-values/#local-urls>
2962
2963         Tests: css3/filters/effect-reference-local-url-with-base.html
2964                css3/masking/clip-path-reference-local-url-with-base.html
2965                http/tests/svg/local-url-with-valid-base-and-resource.html
2966                svg/animations/local-url-target-reference.html
2967                svg/custom/local-url-reference-clip-path.html
2968                svg/custom/local-url-reference-fill.html
2969                svg/custom/local-url-reference-filter.html
2970                svg/custom/local-url-reference-marker.html
2971                svg/custom/local-url-reference-mask.html
2972                svg/custom/local-url-reference-pattern.html
2973                svg/custom/local-url-reference-radial-gradient.html
2974                svg/custom/local-url-reference-srcdoc.html
2975                svg/custom/local-url-reference-stroke.html
2976                svg/custom/local-url-reference-use.html
2977                svg/text/textpath-local-url-reference.html
2978
2979         * svg/SVGURIReference.cpp:
2980         (WebCore::SVGURIReference::fragmentIdentifierFromIRIString): Return the fragment if the URL starts with '#'.
2981
2982 2019-09-02  Fujii Hironori  <Hironori.Fujii@sony.com>
2983
2984         [Win] Remove a unused PlatformWheelEvent constructor
2985         https://bugs.webkit.org/show_bug.cgi?id=201398
2986
2987         Reviewed by Don Olmstead.
2988
2989         No behavior change.
2990
2991         * platform/PlatformWheelEvent.h:
2992         * platform/win/WheelEventWin.cpp:
2993         Removed a unused PlatformWheelEvent constructor.
2994
2995 2019-09-02  Brent Fulgham  <bfulgham@apple.com>
2996
2997         [FTW] NativeImagePtr is drawn with invalid scaling
2998         https://bugs.webkit.org/show_bug.cgi?id=201391
2999
3000         Reviewed by Don Olmstead.
3001
3002         The current implementation of FTW improperly applies scaling factors to native images,
3003         resulting in blocky images (in some cases).
3004
3005         This patch corrects the handling of native images, corrects a bug in bitmap render
3006         context scaling, and retrieves more data from the ImageDecoder's metadata system.
3007
3008         * platform/graphics/win/Direct2DUtilities.cpp:
3009         (WebCore::Direct2D::createBitmapRenderTargetOfSize): Supply an appropriately sized
3010         pixel dimension for non-unity scale factors.
3011         * platform/graphics/win/ImageBufferDirect2D.cpp:
3012         (WebCore::ImageBuffer::ImageBuffer): Include the scale factor when creating a
3013         bitmap render target.
3014         * platform/graphics/win/ImageDecoderDirect2D.cpp:
3015         (WebCore::ImageDecoderDirect2D::frameOrientationAtIndex const): Read the orientation
3016         data form the image metadata.
3017         (WebCore::ImageDecoderDirect2D::frameAllowSubsamplingAtIndex const): Always return
3018         true, to match the CG implementation.
3019         (WebCore::ImageDecoderDirect2D::frameHasAlphaAtIndex const): Correct to match the
3020         behavior of CG.
3021         * platform/graphics/win/NativeImageDirect2D.cpp:
3022         (WebCore::drawNativeImage): Pass through the Direct2DOperations helper method, which
3023         handles scaling and subsampling properly.
3024
3025 2019-09-02  Youenn Fablet  <youenn@apple.com>
3026
3027         Introduce WorkerMessagePortChannelRegistry
3028         https://bugs.webkit.org/show_bug.cgi?id=201333
3029
3030         Reviewed by Alex Christensen.
3031
3032         This patch introduces a dedicated registry for workers.
3033         This registry will hop to the main thread and use the
3034         regular main thread registry to do the actual processing.
3035
3036         Covered by existing tests.
3037
3038         * Sources.txt:
3039         * WebCore.xcodeproj/project.pbxproj:
3040         * dom/Document.cpp:
3041         (WebCore::Document::messagePortChannelProvider):
3042         * dom/Document.h:
3043         * dom/MessageChannel.cpp:
3044         (WebCore::MessageChannel::MessageChannel):
3045         * dom/MessagePort.cpp:
3046         (WebCore::MessagePort::entangle):
3047         (WebCore::MessagePort::postMessage):
3048         (WebCore::MessagePort::disentangle):
3049         (WebCore::MessagePort::close):
3050         (WebCore::MessagePort::dispatchMessages):
3051         (WebCore::MessagePort::hasPendingActivity const):
3052         * dom/messageports/MessagePortChannel.cpp:
3053         (WebCore::MessagePortChannel::takeAllMessagesForPort):
3054         (WebCore::MessagePortChannel::checkRemotePortForActivity):
3055         * dom/messageports/MessagePortChannel.h:
3056         * dom/messageports/MessagePortChannelProvider.cpp:
3057         (WebCore::MessagePortChannelProvider::singleton):
3058         (WebCore::MessagePortChannelProvider::fromContext):
3059         * dom/messageports/MessagePortChannelProvider.h:
3060         * dom/messageports/MessagePortChannelProviderImpl.cpp:
3061         (WebCore::MessagePortChannelProviderImpl::takeAllMessagesForPort):
3062         (WebCore::MessagePortChannelProviderImpl::checkRemotePortForActivity):
3063         * dom/messageports/MessagePortChannelProviderImpl.h:
3064         * dom/messageports/MessagePortChannelRegistry.cpp:
3065         (WebCore::MessagePortChannelRegistry::takeAllMessagesForPort):
3066         (WebCore::MessagePortChannelRegistry::checkRemotePortForActivity):
3067         * dom/messageports/MessagePortChannelRegistry.h:
3068         * dom/messageports/WorkerMessagePortChannelProvider.cpp: Added.
3069         (WebCore::WorkerMessagePortChannelProvider::WorkerMessagePortChannelProvider):
3070         (WebCore::WorkerMessagePortChannelProvider::~WorkerMessagePortChannelProvider):
3071         (WebCore::WorkerMessagePortChannelProvider::createNewMessagePortChannel):
3072         (WebCore::WorkerMessagePortChannelProvider::entangleLocalPortInThisProcessToRemote):
3073         (WebCore::WorkerMessagePortChannelProvider::messagePortDisentangled):
3074         (WebCore::WorkerMessagePortChannelProvider::messagePortClosed):
3075         (WebCore::WorkerMessagePortChannelProvider::postMessageToRemote):
3076         (WebCore::WorkerMessagePortChannelProvider::takeAllMessagesForPort):
3077         (WebCore::WorkerMessagePortChannelProvider::checkRemotePortForActivity):
3078         (WebCore::WorkerMessagePortChannelProvider::checkProcessLocalPortForActivity):
3079         * dom/messageports/WorkerMessagePortChannelProvider.h: Added.
3080         * workers/WorkerGlobalScope.cpp:
3081         (WebCore::WorkerGlobalScope::messagePortChannelProvider):
3082         * workers/WorkerGlobalScope.h:
3083
3084 2019-09-01  Myles C. Maxfield  <mmaxfield@apple.com>
3085
3086         [WHLSL] Resources don't work when only a subset of a bind group is referenced by a shader
3087         https://bugs.webkit.org/show_bug.cgi?id=201383
3088
3089         Reviewed by Dean Jackson.
3090
3091         Bind groups correspond to argument buffers in Metal. Both the Metal API and Metal Shading Language
3092         have to agree on the layout of exactly which resources lie at which byte offsets within an argument
3093         buffer.
3094
3095         Before this patch, we only emitted code for the items in the argument buffer that were actually
3096         referenced by the shader source code. However, because these items are held inside a struct, if
3097         we omit one item from the middle of the struct, the byte offets of all the successive items would
3098         be wrong. This means that the Metal API and the shader would disagree about how to access these
3099         resources, making the resources inaccessible (and causing security problems).
3100
3101         Tests: webgpu/whlsl/sparse-bind-group-2.html
3102                webgpu/whlsl/sparse-bind-group-3.html
3103                webgpu/whlsl/sparse-bind-group.html
3104
3105         * Modules/webgpu/WHLSL/Metal/WHLSLEntryPointScaffolding.cpp:
3106         (WebCore::WHLSL::Metal::EntryPointScaffolding::emitResourceHelperTypes):
3107         (WebCore::WHLSL::Metal::VertexEntryPointScaffolding::emitHelperTypes):
3108         (WebCore::WHLSL::Metal::FragmentEntryPointScaffolding::emitHelperTypes):
3109         (WebCore::WHLSL::Metal::ComputeEntryPointScaffolding::emitHelperTypes):
3110         * Modules/webgpu/WHLSL/Metal/WHLSLEntryPointScaffolding.h:
3111         * Modules/webgpu/WHLSL/WHLSLSemanticMatcher.cpp:
3112         (WebCore::WHLSL::matchResources):
3113         (WebCore::WHLSL::matchVertexAttributes):
3114         (WebCore::WHLSL::matchColorAttachments):
3115
3116 2019-09-01  Commit Queue  <commit-queue@webkit.org>
3117
3118         Unreviewed, rolling out r249369.
3119         https://bugs.webkit.org/show_bug.cgi?id=201394
3120
3121         broke WHLSL tests (Requested by litherum on #webkit).
3122
3123         Reverted changeset:
3124
3125         "[WHLSL] Resources don't work when only a subset of a bind
3126         group is referenced by a shader"
3127         https://bugs.webkit.org/show_bug.cgi?id=201383
3128         https://trac.webkit.org/changeset/249369
3129
3130 2019-09-01  Fujii Hironori  <Hironori.Fujii@sony.com>
3131
3132         Unreviewed, rolling out r249366.
3133
3134         WinCairo WebKit2 crashes in some websites and the device scale
3135         factor is not correct in high DPI.
3136
3137         Reverted changeset:
3138
3139         "[WinCairo, FTW] Properly handle device scale factor"
3140         https://bugs.webkit.org/show_bug.cgi?id=201361
3141         https://trac.webkit.org/changeset/249366
3142
3143 2019-09-01  Myles C. Maxfield  <mmaxfield@apple.com>
3144
3145         [WHLSL] Resources don't work when only a subset of a bind group is referenced by a shader
3146         https://bugs.webkit.org/show_bug.cgi?id=201383
3147
3148         Reviewed by Dean Jackson.
3149
3150         Bind groups correspond to argument buffers in Metal. Both the Metal API and Metal Shading Language
3151         have to agree on the layout of exactly which resources lie at which byte offsets within an argument
3152         buffer.
3153
3154         Before this patch, we only emitted code for the items in the argument buffer that were actually
3155         referenced by the shader source code. However, because these items are held inside a struct, if
3156         we omit one item from the middle of the struct, the byte offets of all the successive items would
3157         be wrong. This means that the Metal API and the shader would disagree about how to access these
3158         resources, making the resources inaccessible (and causing security problems).
3159
3160         Tests: webgpu/whlsl/sparse-bind-group-2.html
3161                webgpu/whlsl/sparse-bind-group-3.html
3162                webgpu/whlsl/sparse-bind-group.html
3163
3164         * Modules/webgpu/WHLSL/Metal/WHLSLEntryPointScaffolding.cpp:
3165         (WebCore::WHLSL::Metal::EntryPointScaffolding::emitResourceHelperTypes):
3166         (WebCore::WHLSL::Metal::VertexEntryPointScaffolding::emitHelperTypes):
3167         (WebCore::WHLSL::Metal::FragmentEntryPointScaffolding::emitHelperTypes):
3168         (WebCore::WHLSL::Metal::ComputeEntryPointScaffolding::emitHelperTypes):
3169         * Modules/webgpu/WHLSL/Metal/WHLSLEntryPointScaffolding.h:
3170         * Modules/webgpu/WHLSL/WHLSLSemanticMatcher.cpp:
3171         (WebCore::WHLSL::matchResources):
3172         (WebCore::WHLSL::matchVertexAttributes):
3173         (WebCore::WHLSL::matchColorAttachments):
3174
3175 2019-09-01  Said Abou-Hallawa  <sabouhallawa@apple.com>
3176
3177         HTMLImageElement::decode() should return a resolved promise for decoding non bitmap images
3178         https://bugs.webkit.org/show_bug.cgi?id=201243
3179
3180         Reviewed by Youenn Fablet.
3181
3182         The specs: https://html.spec.whatwg.org/multipage/embedded-content.html#dom-img-decode
3183         states that, decode() should resolve the pending promise if the decoding
3184         was requested for a non bitmap image.
3185
3186         Test: fast/images/decode-non-bitmap-image-resolve.html
3187
3188         * loader/ImageLoader.cpp:
3189         (WebCore::resolveDecodePromises):
3190         (WebCore::rejectDecodePromises):
3191         (WebCore::ImageLoader::notifyFinished):
3192         (WebCore::ImageLoader::decode):
3193         (WebCore::ImageLoader::decodeError): Deleted.
3194         * loader/ImageLoader.h:
3195         (WebCore::ImageLoader::hasPendingDecodePromises const):
3196
3197 2019-08-30  Brent Fulgham  <bfulgham@apple.com>
3198
3199         [WinCairo, FTW] Properly handle device scale factor
3200         https://bugs.webkit.org/show_bug.cgi?id=201361
3201
3202         Reviewed by Don Olmstead.
3203
3204         Update the Direct2D ImageBuffer/ImageBufferData classes to correctly handle
3205         the device scale factor.
3206
3207         * platform/graphics/win/ImageBufferDataDirect2D.cpp:
3208         (WebCore::ImageBufferData::putData):
3209         * platform/graphics/win/ImageBufferDirect2D.cpp:
3210         (WebCore::ImageBuffer::putByteArray):
3211
3212 2019-08-31  Said Abou-Hallawa  <sabouhallawa@apple.com>
3213
3214         EXIF orientation should be respected when rendering images 
3215         https://bugs.webkit.org/show_bug.cgi?id=201123
3216
3217         Reviewed by Simon Fraser.
3218
3219         -- Image::size() will return the rendered size based on the image
3220            orientation. If image orientation is FromImage, ImageSource will query
3221            the actual image orientation from the ImageDecoder. The low level APIs
3222            might transpose the size just before calling the system API to draw
3223            the image.
3224
3225         -- RenderElement::imageOrientation() will return ImageOrientation::FromImage
3226            for all images and for all ports till the CSS image-orientation specs
3227            is finalized.
3228
3229         -- The default of ImagePaintingOptions argument of GraphicsContext::drawImage()
3230            will be changed to { ImageOrientation::FromImage }.
3231
3232         -- Image element: RenderImage::paintIntoRect() will pass imageOrientation()
3233            which returns ImageOrientation::FromImage to GraphicsContext::drawImage().
3234
3235         -- CSS background image: RenderBoxModelObject::paintFillLayerExtended will
3236            pass ImageOrientation::FromImage by default to GraphicsContext::drawTiledImage().
3237
3238         -- Images on canvas: CanvasRenderingContext2DBase::drawImage() will pass
3239            ImageOrientation::FromImage by default to GraphicsContext::drawImage().
3240
3241         -- SVG images: RenderSVGImage::paintForeground() calls GraphicsContext::drawImage()
3242            with the default ImagePaintingOptions which is now { ImageOrientation::FromImage }.
3243
3244         -- SVG feImage filters: FEImage::platformApplySoftware() calls
3245            GraphicsContext::drawImage() with the default ImagePaintingOptions
3246            which is now { ImageOrientation::FromImage }.
3247
3248         -- ImageDocument: RenderElement::imageOrientation() returns FromImage
3249            always and for all ports.
3250
3251         Tests: fast/images/exif-orientation-background.html
3252                fast/images/exif-orientation-canvas.html
3253                fast/images/exif-orientation-content.html
3254                fast/images/exif-orientation-element-object-fit.html
3255                fast/images/exif-orientation-element.html
3256                fast/images/exif-orientation-image-object.html
3257                fast/images/exif-orientation-svg-feimage.html
3258                fast/images/exif-orientation-svg-image.html
3259
3260         * html/canvas/CanvasRenderingContext2DBase.cpp:
3261         (WebCore::CanvasRenderingContext2DBase::drawImage):
3262         * loader/cache/CachedImage.cpp:
3263         (WebCore::CachedImage::imageSizeForRenderer const):
3264         * platform/graphics/BitmapImage.h:
3265         * platform/graphics/CrossfadeGeneratedImage.h:
3266         * platform/graphics/GeneratedImage.h:
3267         * platform/graphics/GraphicsContext.h:
3268         (WebCore::GraphicsContext::drawImage):
3269         * platform/graphics/Image.h:
3270         * platform/graphics/ImageFrame.h:
3271         (WebCore::ImageFrame::sizeRespectingOrientation const): Deleted.
3272         * platform/graphics/ImageSource.cpp:
3273         (WebCore::ImageSource::ImageSource):
3274         (WebCore::ImageSource::orientation):
3275         (WebCore::ImageSource::size):
3276         (WebCore::ImageSource::sizeRespectingOrientation): Deleted.
3277         * platform/graphics/ImageSource.h:
3278         * platform/graphics/cg/PDFDocumentImage.cpp:
3279         (WebCore::PDFDocumentImage::size const):
3280         * platform/graphics/cg/PDFDocumentImage.h:
3281         * platform/mac/DragImageMac.mm:
3282         (WebCore::createDragImageFromImage):
3283         * rendering/RenderBoxModelObject.cpp:
3284         (WebCore::RenderBoxModelObject::paintFillLayerExtended):
3285         * rendering/RenderElement.cpp:
3286         (WebCore::RenderElement::imageOrientation const):
3287         * rendering/RenderImage.cpp:
3288         (WebCore::RenderImage::paintIntoRect):
3289         * svg/graphics/SVGImage.h:
3290         * svg/graphics/SVGImageForContainer.cpp:
3291         (WebCore::SVGImageForContainer::size const):
3292         * svg/graphics/SVGImageForContainer.h:
3293
3294 2019-08-31  Rob Buis  <rbuis@igalia.com>
3295
3296         XMLHttpRequest: responseXML returns null if the Content-Type is valid (end in +xml) in some cases
3297         https://bugs.webkit.org/show_bug.cgi?id=46146
3298
3299         Reviewed by Youenn Fablet.
3300
3301         Make response MIME type fallback to text/xml in case mimeType could
3302         not be extracted [1] and use the stricter ParsedContentType for that.
3303
3304         Behavior matches Firefox.
3305
3306         Test: web-platform-tests/xhr/responsexml-media-type.htm
3307
3308         [1] https://xhr.spec.whatwg.org/#response-mime-type
3309
3310         * xml/XMLHttpRequest.cpp:
3311         (WebCore::XMLHttpRequest::responseMIMEType const):
3312
3313 2019-08-31  Frederic Wang  <fwang@igalia.com>
3314
3315         Fix interpretation of fraction shifts
3316         https://bugs.webkit.org/show_bug.cgi?id=201242
3317
3318         Reviewed by Rob Buis.
3319
3320         In fractions, numerator/denominator shifts are currently interpreted relative to the math
3321         axis while they should be relative to the baseline [1]. This patch refactors the
3322         RenderMathMLFraction to do that and aligns more on MathML Core [2] [3]. This fixes serious
3323         rendering bugs in fractions.
3324
3325         [1] https://github.com/mathml-refresh/mathml/issues/123
3326         [2] https://mathml-refresh.github.io/mathml-core/#fraction-with-nonzero-line-thickness
3327         [3] https://mathml-refresh.github.io/mathml-core/#fraction-with-zero-line-thickness
3328
3329         No new tests, existing tests updated.
3330
3331         * rendering/mathml/RenderMathMLFraction.h: ascentOverHorizontalAxis() is replaced with
3332         fractionAscent() which gives the actual baseline position rather than the math axis position.
3333         fractionParameters() and stackParameters() are modified so that they only return the shifts,
3334         now stored in a shared FractionParameters struct.
3335         * rendering/mathml/RenderMathMLFraction.cpp:
3336         (WebCore::RenderMathMLFraction::fractionParameters const): Store existing parameters in local
3337         variables and perform adjustments to the shift values so that the minimal gap constraints
3338         are satisfied. Return them as a FractionParameters.
3339         (WebCore::RenderMathMLFraction::stackParameters const): Ditto.
3340         (WebCore::RenderMathMLFraction::fractionAscent const): This calculates the ascent above
3341         the baseline as described in [2] [3] and replaces ascentOverHorizontalAxis. To minimize
3342         changeset, this continues to ignore contribution of denominator size and not to distinguish
3343         ink or non-ink metrics.
3344         (WebCore::RenderMathMLFraction::layoutBlock): The position of the denominator is now just
3345         calculated as a shift from the baseline. The height is given by the bottom of the
3346         denominator. The old "ascent + mathAxisHeight() + denominatorDescent" does not make any
3347         sense.
3348         (WebCore::RenderMathMLFraction::paint): Use fractionAscent() instead of
3349         ascentOverHorizontalAxis().
3350         (WebCore::RenderMathMLFraction::firstLineBaseline const): Ditto.
3351
3352 2019-08-31  Chris Dumez  <cdumez@apple.com>
3353
3354         DocumentStorageAccess::hasStorageAccess() / requestStorageAccess() don't need to know about pageID / frameID
3355         https://bugs.webkit.org/show_bug.cgi?id=201364
3356
3357         Reviewed by John Wilander.
3358
3359         DocumentStorageAccess::hasStorageAccess() / requestStorageAccess() don't need to know about pageID / frameID. pageID is
3360         redundant since it is being ignored by the callee. For the frame, simply pass the frame object in.
3361
3362         * dom/DocumentStorageAccess.cpp:
3363         (WebCore::DocumentStorageAccess::hasStorageAccess):
3364         (WebCore::DocumentStorageAccess::requestStorageAccess):
3365         * page/ChromeClient.h:
3366         (WebCore::ChromeClient::hasStorageAccess):
3367         (WebCore::ChromeClient::requestStorageAccess):
3368
3369 2019-08-30  Zalan Bujtas  <zalan@apple.com>
3370
3371         [LFC] Transition from Geometry(formattingContext()) to formattingContext().quirks()
3372         https://bugs.webkit.org/show_bug.cgi?id=201372
3373         <rdar://problem/54905514>
3374
3375         Reviewed by Antti Koivisto.
3376
3377         * layout/FormattingContextGeometry.cpp:
3378         (WebCore::Layout::FormattingContext::Geometry::computedHeightValue const):
3379         * layout/FormattingContextQuirks.cpp:
3380         (WebCore::Layout::FormattingContext::Quirks::heightValueOfNearestContainingBlockWithFixedHeight):
3381         * layout/blockformatting/BlockFormattingContextGeometry.cpp:
3382         (WebCore::Layout::BlockFormattingContext::Geometry::inFlowHeightAndMargin):
3383         * layout/blockformatting/BlockFormattingContextQuirks.cpp:
3384         (WebCore::Layout::BlockFormattingContext::Quirks::stretchedInFlowHeight):
3385         * layout/blockformatting/BlockMarginCollapse.cpp:
3386         (WebCore::Layout::BlockFormattingContext::MarginCollapse::positiveNegativeValues):
3387         (WebCore::Layout::BlockFormattingContext::MarginCollapse::positiveNegativeMarginBefore):
3388         (WebCore::Layout::BlockFormattingContext::MarginCollapse::estimatedMarginBefore):
3389         * layout/inlineformatting/InlineFormattingContextLineLayout.cpp:
3390         (WebCore::Layout::InlineFormattingContext::InlineLayout::layout const):
3391         (WebCore::Layout::InlineFormattingContext::InlineLayout::computedIntrinsicWidth const):
3392         (WebCore::Layout::InlineFormattingContext::InlineLayout::createDisplayRuns const):
3393         * layout/inlineformatting/InlineLine.cpp:
3394         (WebCore::Layout::Line::close):
3395
3396 2019-08-30  Zalan Bujtas  <zalan@apple.com>
3397
3398         [LFC] Proxy LayoutState::displayBoxForLayoutBox() calls through FormattingContext
3399         https://bugs.webkit.org/show_bug.cgi?id=201365
3400         <rdar://problem/54900815>
3401
3402         Reviewed by Antti Koivisto.
3403
3404         This patch is in preparation for enforcing displayBoxForLayoutBox() calls to stay within the current formatting context.
3405         (There are a few odd cases left (floats and coordinate mapping) and they are going to be addressed in a separate patch.)
3406
3407         * layout/FormattingContext.cpp:
3408         (WebCore::Layout::FormattingContext::computeOutOfFlowHorizontalGeometry):
3409         (WebCore::Layout::FormattingContext::computeOutOfFlowVerticalGeometry):
3410         (WebCore::Layout::FormattingContext::computeBorderAndPadding):
3411         (WebCore::Layout::FormattingContext::validateGeometryConstraintsAfterLayout const):
3412         * layout/FormattingContext.h:
3413         (WebCore::Layout::Forma