Attributes on the Window instance should be configurable unless [Unforgeable]
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2016-02-10  Chris Dumez  <cdumez@apple.com>
2
3         Attributes on the Window instance should be configurable unless [Unforgeable]
4         https://bugs.webkit.org/show_bug.cgi?id=153920
5         <rdar://problem/24563211>
6
7         Reviewed by Darin Adler.
8
9         Attributes on the Window instance should be configurable unless [Unforgeable]:
10         1. 'constructor' property:
11            - http://www.w3.org/TR/WebIDL/#interface-prototype-object
12         2. Constructor properties (e.g. window.Node):
13            - http://www.w3.org/TR/WebIDL/#es-interfaces
14         3. IDL attributes:
15            - http://heycam.github.io/webidl/#es-attributes (configurable unless
16              [Unforgeable], e.g. window.location)
17
18         Firefox complies with the WebIDL specification but WebKit does not for 1. and 3.
19
20         Test: fast/dom/Window/window-properties-configurable.html
21
22         * bindings/js/JSDOMWindowCustom.cpp:
23         (WebCore::JSDOMWindow::getOwnPropertySlot):
24         For known Window properties (i.e. properties in the static property table),
25         if we have reified and this is same-origin access, then call
26         Base::getOwnPropertySlot() to get the property from the local property
27         storage. If we have not reified yet, or this is cross-origin access, query
28         the static property table. This is to match the behavior of Firefox and
29         Chrome which seem to keep returning the original properties upon cross
30         origin access, even if those were deleted or redefined.
31
32         (WebCore::JSDOMWindow::put):
33         The previous code used to call the static property setter for properties in
34         the static table. However, this does not do the right thing if properties
35         were reified. For example, deleting window.name and then trying to set it
36         again would not work. Therefore, update this code to only do this if the
37         properties have not been reified, similarly to what is done in
38         JSObject::putInlineSlow().
39
40         * bindings/scripts/CodeGeneratorJS.pm:
41         (ConstructorShouldBeOnInstance):
42         Add a FIXME comment indicating that window.constructor should be on
43         the prototype as per the Web IDL specification.
44
45         (GenerateAttributesHashTable):
46         - Mark 'constructor' property as configurable for Window, as per the
47           specification and consistently with other 'constructor' properties:
48           http://www.w3.org/TR/WebIDL/#interface-prototype-object
49         - Mark properties as configurable even though they are on the instance.
50           Window has its properties on the instance as per the specification:
51           1. http://heycam.github.io/webidl/#es-attributes
52           2. http://heycam.github.io/webidl/#PrimaryGlobal (window is [PrimaryGlobal]
53           However, these properties should be configurable as long as they are
54           not marked as [Unforgeable], as per 1.
55
56         * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
57         * bindings/scripts/test/JS/JSTestException.cpp:
58         * bindings/scripts/test/JS/JSTestObj.cpp:
59         Rebaseline bindings tests.
60
61 2016-02-10  Brady Eidson  <beidson@apple.com>
62
63         Modern IDB: Ref cycle between IDBObjectStore and IDBTransaction.
64         https://bugs.webkit.org/show_bug.cgi?id=154061
65
66         Reviewed by Alex Christensen.
67
68         No new tests (Currently untestable).
69
70         * Modules/indexeddb/client/IDBTransactionImpl.cpp:
71         (WebCore::IDBClient::IDBTransaction::transitionedToFinishing): Make sure the new state makes sense,
72           set the new state, and then clear the set of referenced object stores which is no longer needed.
73         (WebCore::IDBClient::IDBTransaction::abort):
74         (WebCore::IDBClient::IDBTransaction::commit):
75         * Modules/indexeddb/client/IDBTransactionImpl.h:
76
77 2016-02-10  Jer Noble  <jer.noble@apple.com>
78
79         REGRESSION(r195770): Use-after-free in ResourceLoaderOptions::cachingPolicy
80         https://bugs.webkit.org/show_bug.cgi?id=153727
81         <rdar://problem/24429886>
82
83         Reviewed by Darin Adler.
84
85         Follow-up after r195965. Only protect those parts of CachedResource::removeClient() which
86         affect the MemoryCache when allowsCaching() is false.
87
88         * loader/cache/CachedResource.cpp:
89         (WebCore::CachedResource::removeClient):
90
91 2016-02-10  Csaba Osztrogonác  <ossy@webkit.org>
92
93         Fix the !(ENABLE(SHADOW_DOM) || ENABLE(DETAILS_ELEMENT)) after r196281
94         https://bugs.webkit.org/show_bug.cgi?id=154035
95
96         Reviewed by Antti Koivisto.
97
98         * dom/ComposedTreeIterator.h:
99         (WebCore::ComposedTreeIterator::Context::Context):
100
101 2016-02-09  Carlos Garcia Campos  <cgarcia@igalia.com>
102
103         [GTK] Toggle buttons are blurry with GTK+ 3.19
104         https://bugs.webkit.org/show_bug.cgi?id=154007
105
106         Reviewed by Michael Catanzaro.
107
108         Use min-width/min-height style properties when GTK+ >= 3.19.7 to
109         get the size of toggle buttons.
110
111         * rendering/RenderThemeGtk.cpp:
112         (WebCore::setToggleSize):
113         (WebCore::paintToggle):
114
115 2016-02-09  Aakash Jain  <aakash_jain@apple.com>
116
117         Headers that use WEBCORE_EXPORT should include PlatformExportMacros.h
118         https://bugs.webkit.org/show_bug.cgi?id=146984
119
120         Reviewed by Alexey Proskuryakov.
121
122         * Modules/speech/SpeechSynthesis.h:
123         * contentextensions/ContentExtensionError.h:
124         * dom/DeviceOrientationClient.h:
125         * platform/graphics/Color.h:
126         * platform/ios/wak/WebCoreThread.h:
127         * platform/network/CacheValidation.h:
128         * platform/network/cf/CertificateInfo.h:
129
130 2016-02-09  Nan Wang  <n_wang@apple.com>
131
132         AX: Implement word related text marker functions using TextIterator
133         https://bugs.webkit.org/show_bug.cgi?id=153939
134         <rdar://problem/24269605>
135
136         Reviewed by Chris Fleizach.
137
138         Using CharacterOffset to implement word related text marker calls. Reused
139         logic from previousBoundary and nextBoundary in VisibleUnits class.
140
141         Test: accessibility/mac/text-marker-word-nav.html
142
143         * accessibility/AXObjectCache.cpp:
144         (WebCore::AXObjectCache::traverseToOffsetInRange):
145         (WebCore::AXObjectCache::rangeForNodeContents):
146         (WebCore::isReplacedNodeOrBR):
147         (WebCore::characterOffsetsInOrder):
148         (WebCore::resetNodeAndOffsetForReplacedNode):
149         (WebCore::setRangeStartOrEndWithCharacterOffset):
150         (WebCore::AXObjectCache::rangeForUnorderedCharacterOffsets):
151         (WebCore::AXObjectCache::setTextMarkerDataWithCharacterOffset):
152         (WebCore::AXObjectCache::startOrEndCharacterOffsetForRange):
153         (WebCore::AXObjectCache::startOrEndTextMarkerDataForRange):
154         (WebCore::AXObjectCache::characterOffsetForNodeAndOffset):
155         (WebCore::AXObjectCache::textMarkerDataForCharacterOffset):
156         (WebCore::AXObjectCache::previousNode):
157         (WebCore::AXObjectCache::visiblePositionFromCharacterOffset):
158         (WebCore::AXObjectCache::characterOffsetFromVisiblePosition):
159         (WebCore::AXObjectCache::textMarkerDataForVisiblePosition):
160         (WebCore::AXObjectCache::nextCharacterOffset):
161         (WebCore::AXObjectCache::previousCharacterOffset):
162         (WebCore::startWordBoundary):
163         (WebCore::endWordBoundary):
164         (WebCore::AXObjectCache::startCharacterOffsetOfWord):
165         (WebCore::AXObjectCache::endCharacterOffsetOfWord):
166         (WebCore::AXObjectCache::previousWordStartCharacterOffset):
167         (WebCore::AXObjectCache::nextWordEndCharacterOffset):
168         (WebCore::AXObjectCache::leftWordRange):
169         (WebCore::AXObjectCache::rightWordRange):
170         (WebCore::characterForCharacterOffset):
171         (WebCore::AXObjectCache::characterAfter):
172         (WebCore::AXObjectCache::characterBefore):
173         (WebCore::parentEditingBoundary):
174         (WebCore::AXObjectCache::nextWordBoundary):
175         (WebCore::AXObjectCache::previousWordBoundary):
176         (WebCore::AXObjectCache::rootAXEditableElement):
177         * accessibility/AXObjectCache.h:
178         (WebCore::AXObjectCache::removeNodeForUse):
179         (WebCore::AXObjectCache::isNodeInUse):
180         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
181         (-[WebAccessibilityObjectWrapper previousTextMarkerForNode:offset:]):
182         (-[WebAccessibilityObjectWrapper textMarkerForNode:offset:ignoreStart:]):
183         (-[WebAccessibilityObjectWrapper textMarkerForNode:offset:]):
184         (textMarkerForCharacterOffset):
185         (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:forParameter:]):
186         * editing/VisibleUnits.cpp:
187         (WebCore::rightWordPosition):
188         (WebCore::prepend):
189         (WebCore::appendRepeatedCharacter):
190         (WebCore::suffixLengthForRange):
191         (WebCore::prefixLengthForRange):
192         (WebCore::backwardSearchForBoundaryWithTextIterator):
193         (WebCore::forwardSearchForBoundaryWithTextIterator):
194         (WebCore::previousBoundary):
195         (WebCore::nextBoundary):
196         * editing/VisibleUnits.h:
197
198 2016-02-09  Daniel Bates  <dabates@apple.com>
199
200         CSP: Extract helper classes into their own files
201         https://bugs.webkit.org/show_bug.cgi?id=154040
202         <rdar://problem/24571189>
203
204         Reviewed by Brent Fulgham.
205
206         No functionality was changed. So, no new tests.
207
208         * CMakeLists.txt: Add files ContentSecurityPolicy{DirectiveList, MediaListDirective, Source, SourceList, SourceListDirective}.cpp.
209         * WebCore.xcodeproj/project.pbxproj: Ditto.
210         * page/csp/ContentSecurityPolicy.cpp: Clean up #includes. Include header ParsingUtilities.h so that we can remove our own
211         variants of skip{Exactly, Until, While}(). Update code as necessary for class renames.
212         (WebCore::skipExactly): Deleted; instead use the analogous function in ParsingUtilities.h.
213         (WebCore::skipUntil): Deleted; instead use the analogous function in ParsingUtilities.h.
214         (WebCore::skipWhile): Deleted; instead use the analogous function in ParsingUtilities.h.
215         (WebCore::isSourceListNone): Moved to file ContentSecurityPolicySourceList.cpp.
216         (WebCore::CSPSource): Deleted; moved implementation to files ContentSecurityPolicySource.{cpp, h}.
217         (WebCore::CSPSourceList): Deleted; moved implementation to files ContentSecurityPolicySourceList.{cpp, h}.
218         (WebCore::CSPDirective): Deleted; moved implementation to file ContentSecurityPolicyDirective.h.
219         (WebCore::MediaListDirective): Deleted; moved implementation to files ContentSecurityPolicyMediaListDirective.{cpp, h}.
220         (WebCore::SourceListDirective): Deleted; moved implementation to files ContentSecurityPolicySourceListDirective.{cpp, h}.
221         (WebCore::CSPDirectiveList): Deleted; moved implementation to files ContentSecurityPolicyDirectiveList.{cpp, h}.
222         * page/csp/ContentSecurityPolicy.h:
223         * page/csp/ContentSecurityPolicyDirective.h: Added.
224         * page/csp/ContentSecurityPolicyDirectiveList.cpp: Added; removed use of ternary operator where it made the code less readable.
225         Updated code to make use of the functions defined in ParsingUtilities.h.
226         (WebCore::isExperimentalDirectiveName): Moved from file ContentSecurityPolicy.cpp.
227         (WebCore::isCSPDirectiveName): Ditto.
228         (WebCore::isDirectiveNameCharacter): Ditto.
229         (WebCore::isDirectiveValueCharacter): Ditto.
230         (WebCore::isNotASCIISpace): Ditto.
231         * page/csp/ContentSecurityPolicyDirectiveList.h: Added.
232         * page/csp/ContentSecurityPolicyMediaListDirective.cpp: Added. Updated code to make use of the functions defined in ParsingUtilities.h.
233         (WebCore::isMediaTypeCharacter): Moved from file ContentSecurityPolicy.cpp.
234         (WebCore::isNotASCIISpace): Ditto.
235         * page/csp/ContentSecurityPolicyMediaListDirective.h: Added.
236         * page/csp/ContentSecurityPolicySource.cpp: Added.
237         * page/csp/ContentSecurityPolicySource.h: Added.
238         * page/csp/ContentSecurityPolicySourceList.cpp: Added. Updated code to make use of the functions defined in ParsingUtilities.h.
239         (WebCore::isSourceCharacter): Moved from file ContentSecurityPolicy.cpp.
240         (WebCore::isHostCharacter): Ditto.
241         (WebCore::isPathComponentCharacter): Ditto.
242         (WebCore::isSchemeContinuationCharacter): Ditto.
243         (WebCore::isNotColonOrSlash): Ditto.
244         (WebCore::isSourceListNone): Ditto.
245         * page/csp/ContentSecurityPolicySourceList.h: Added.
246         * page/csp/ContentSecurityPolicySourceListDirective.cpp: Added.
247         * page/csp/ContentSecurityPolicySourceListDirective.h: Added.
248
249 2016-02-09  Brady Eidson  <beidson@apple.com>
250
251         Modern IDB: TransactionOperation objects leak.
252         https://bugs.webkit.org/show_bug.cgi?id=154054
253
254         Reviewed by Alex Christensen.
255
256         No new tests (Currently untestable).
257
258         * Modules/indexeddb/client/IDBTransactionImpl.cpp:
259         (WebCore::IDBClient::IDBTransaction::abortOnServerAndCancelRequests): Remove the TransactionOperation from
260           the map, as this operation doesn't complete "normally" like most others.
261         (WebCore::IDBClient::IDBTransaction::commitOnServer): Ditto.
262         
263         * Modules/indexeddb/client/TransactionOperation.h:
264         (WebCore::IDBClient::TransactionOperation::perform): Clear the m_performFunction after use,
265           as it holds a lambda that holds a RefPtr to the IDBTransaction, as well as a self-ref.
266         (WebCore::IDBClient::TransactionOperation::completed): Clear m_completeFunction for the same reasons.
267
268 2016-02-09  Jer Noble  <jer.noble@apple.com>
269
270         [Mac] Graphical corruption in videos when enabling custom loading path
271         https://bugs.webkit.org/show_bug.cgi?id=154044
272
273         Reviewed by Alex Christensen.
274
275         The NSOperationQueue provided by AVFoundation from the AVAssetResourceLoader queue is not
276         set to be a serial queue. So when adding dataReceived operations to that queue, there exists
277         the possibility that some operations are handled before others, and the client will receieve
278         data out of order.
279
280         A real NSURLSession object will only issue another operation when the first operation
281         completes, so emulate this behavior in WebCoreNSURLSession by using a serial dispatch queue.
282         The internal queue will enqueue an operation to the resource loader's queue, and block until
283         that operation completes, thus ensuring ordering of the data (and other) operations.
284
285         * platform/network/cocoa/WebCoreNSURLSession.h:
286         * platform/network/cocoa/WebCoreNSURLSession.mm:
287         (-[WebCoreNSURLSession initWithResourceLoader:delegate:delegateQueue:]): Initialize _internalQueue
288         (-[WebCoreNSURLSession addDelegateOperation:]): Added utility method.
289         (-[WebCoreNSURLSession taskCompleted:]): Call -addDelegateOperation:
290         (-[WebCoreNSURLSession finishTasksAndInvalidate]): Ditto.
291         (-[WebCoreNSURLSession resetWithCompletionHandler:]): Ditto.
292         (-[WebCoreNSURLSession flushWithCompletionHandler:]): Ditto.
293         (-[WebCoreNSURLSession getTasksWithCompletionHandler:]): Ditto.
294         (-[WebCoreNSURLSession getAllTasksWithCompletionHandler:]): Ditto.
295         (-[WebCoreNSURLSessionDataTask resource:receivedResponse:]): Ditto.
296         (-[WebCoreNSURLSessionDataTask resource:receivedData:length:]): Ditto.
297         (-[WebCoreNSURLSessionDataTask resourceFinished:]): Ditto.
298
299         Drive-by fix:
300         (-[WebCoreNSURLSessionDataTask resource:receivedData:length:]): Set countOfBytesReceived outside the operation,
301             queue, matching NSURLSessionDataTask's behavior.
302
303 2016-02-09  Nan Wang  <n_wang@apple.com>
304
305         [iOS Simulator] accessibility/text-marker/text-marker-range-stale-node-crash.html crashing
306         https://bugs.webkit.org/show_bug.cgi?id=154039
307
308         Reviewed by Chris Fleizach.
309
310         We are accessing the derefed node in the CharacterOffset object, we should create an empty
311         CharacterOffset object if the node is not in use.
312
313         It's covered by the test accessibility/text-marker/text-marker-range-stale-node-crash.html.
314
315         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
316         (-[WebAccessibilityTextMarker characterOffset]):
317         (-[WebAccessibilityTextMarker isIgnored]):
318
319 2016-02-09  Myles C. Maxfield  <mmaxfield@apple.com>
320
321         Unreviewed build fix after r196322
322
323         Unreviewed.
324
325         * css/CSSFontFace.cpp:
326         (WebCore::CSSFontFace::font):
327
328 2016-02-09  Zalan Bujtas  <zalan@apple.com>
329
330         Outline corners do not align properly for multiline inlines.
331         https://bugs.webkit.org/show_bug.cgi?id=154025
332
333         Reviewed by David Hyatt.
334
335         Adjust border position when outline-offset > 0. This patch also
336         removes integral pixelsnapping (drawLineForBoxSide takes care of
337         device pixelsnapping). 
338
339         Test: fast/inline/outline-corners-with-offset.html
340
341         * rendering/RenderInline.cpp:
342         (WebCore::RenderInline::paintOutlineForLine):
343
344 2016-02-09  Jer Noble  <jer.noble@apple.com>
345
346         [Mac] Adopt NSURLSession properties in AVAssetResourceLoader
347
348         Rubber-stamped by Eric Carlson;
349
350         Set the correct global variable from setAVFoundationNSURLSessionEnabled().
351
352         * page/Settings.cpp:
353         (WebCore::Settings::setAVFoundationNSURLSessionEnabled):
354
355 2016-02-07  Gavin Barraclough  <barraclough@apple.com>
356
357         GetValueFunc/PutValueFunc should not take both slotBase and thisValue
358         https://bugs.webkit.org/show_bug.cgi?id=154009
359
360         Reviewed by Geoff Garen.
361
362         In JavaScript there are two types of properties - regular value properties, and accessor properties.
363         One difference between these is how they are reflected by getOwnPropertyDescriptor, and another is
364         what object they operate on in the case of a prototype access. If you access a value property of a
365         prototype object it return a value pertinent to the prototype, but in the case of a prototype object
366         returning an accessor, then the accessor function is applied to the base object of the access.
367
368         JSC supports special 'custom' properties implemented as a c++ callback, and these custom properties
369         can be used to implement either value- or accessor-like behavior. getOwnPropertyDescriptor behavior
370         is selected via the CustomAccessor attribute. Value- or accessor-like object selection is current
371         supported by passing both the slotBase and the thisValue to the callback,and hoping it uses the
372         right one. This is probably inefficient, bug-prone, and leads to crazy like JSBoundSlotBaseFunction.
373
374         Instead, just pass one thisValue to the callback functions, consistent with CustomAccessor.
375
376         * bindings/js/JSDOMBinding.cpp:
377         (WebCore::printErrorMessageForFrame):
378         (WebCore::objectToStringFunctionGetter):
379         * bindings/js/JSDOMBinding.h:
380         (WebCore::propertyNameToString):
381         (WebCore::getStaticValueSlotEntryWithoutCaching<JSDOMObject>):
382         (WebCore::nonCachingStaticFunctionGetter):
383         * bindings/js/JSDOMWindowCustom.cpp:
384         (WebCore::JSDOMWindow::visitAdditionalChildren):
385         (WebCore::childFrameGetter):
386         (WebCore::namedItemGetter):
387         (WebCore::jsDOMWindowWebKit):
388         (WebCore::jsDOMWindowIndexedDB):
389             - add missing null check, in case indexDB acessor is applied to non-window object.
390         * bindings/js/JSPluginElementFunctions.cpp:
391         (WebCore::pluginScriptObject):
392         (WebCore::pluginElementPropertyGetter):
393         * bindings/js/JSPluginElementFunctions.h:
394         * bindings/scripts/CodeGeneratorJS.pm:
395         (GenerateHeader):
396         (GenerateImplementation):
397         * bridge/runtime_array.cpp:
398         (JSC::RuntimeArray::destroy):
399         (JSC::RuntimeArray::lengthGetter):
400         * bridge/runtime_array.h:
401         * bridge/runtime_method.cpp:
402         (JSC::RuntimeMethod::finishCreation):
403         (JSC::RuntimeMethod::lengthGetter):
404         * bridge/runtime_method.h:
405         * bridge/runtime_object.cpp:
406         (JSC::Bindings::RuntimeObject::invalidate):
407         (JSC::Bindings::RuntimeObject::fallbackObjectGetter):
408         (JSC::Bindings::RuntimeObject::fieldGetter):
409         (JSC::Bindings::RuntimeObject::methodGetter):
410         * bridge/runtime_object.h:
411             - Merged slotBase & thisValue to custom property callbacks.
412
413 2016-02-09  Jer Noble  <jer.noble@apple.com>
414
415         Build-fix; add Nullibility macros around previously un-macro'd class definitions.
416
417         * platform/spi/mac/AVFoundationSPI.h:
418
419 2016-02-04  Jer Noble  <jer.noble@apple.com>
420
421         [Mac] Adopt NSURLSession properties in AVAssetResourceLoader
422         https://bugs.webkit.org/show_bug.cgi?id=153873
423
424         Reviewed by Eric Carlson.
425
426         Adopt a new AVAssetResourceLoader API allowing clients to specify a NSURLSession object to
427         use for media loading, and control the use of this property with a new Setting.
428
429         * page/Settings.cpp:
430         (WebCore::Settings::setAVFoundationNSURLSessionEnabled):
431         * page/Settings.h:
432         (WebCore::Settings::isAVFoundationNSURLSessionEnabled):
433         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
434         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVAssetForURL):
435         * platform/spi/mac/AVFoundationSPI.h:
436
437 2016-02-09  Myles C. Maxfield  <mmaxfield@apple.com>
438
439         Decouple font creation from font loading
440         https://bugs.webkit.org/show_bug.cgi?id=153414
441
442         Reviewed by Darin Adler.
443
444         Previously, CSSFontFaceSource never triggered a font download until that font was actually used. This means
445         that the function which triggers the download also has the goal of returning a font to use. However,
446         the CSS Font Loading JavaScript API requires being able to trigger a font download without this extra font
447         creation overhead.
448
449         In addition, this patch adds an explicit (and enforced) state transition diagram. The diagram looks like
450         this:
451                             => Success
452                           //
453         Pending => Loading
454                           \\
455                             => Failure
456
457         Therefore, the API for CSSFontFaceSource has changed to expose the concept of these new states. This means
458         that its user (CSSSegmentedFontFaceSource) has been updated to handle each possible state that its constituent
459         CSSFontFaceSources may be in.
460
461         No new tests because there is no behavior change.
462
463         * css/CSSFontFace.cpp:
464         (WebCore::CSSFontFace::allSourcesFailed): Renamed to make the name clearer.
465         (WebCore::CSSFontFace::addedToSegmentedFontFace): Use references instead of pointers.
466         (WebCore::CSSFontFace::removedFromSegmentedFontFace): Ditto.
467         (WebCore::CSSFontFace::adoptSource): Renamed to make the name clearer.
468         (WebCore::CSSFontFace::fontLoaded): Use references instead of pointers. Also, remove old dead code.
469         (WebCore::CSSFontFace::font): Adapt to the new API of CSSFontFaceSource.
470         (WebCore::CSSFontFace::isValid): Deleted.
471         (WebCore::CSSFontFace::addSource): Deleted.
472         (WebCore::CSSFontFace::notifyFontLoader): Deleted. Old dead code.
473         (WebCore::CSSFontFace::notifyLoadingDone): Deleted. Old dead code.
474         * css/CSSFontFace.h:
475         (WebCore::CSSFontFace::create): Remove old dead code.
476         (WebCore::CSSFontFace::CSSFontFace): Use references instead of pointers.
477         (WebCore::CSSFontFace::loadState): Deleted. Remove old dead code.
478         * css/CSSFontFaceSource.cpp:
479         (WebCore::CSSFontFaceSource::setStatus): Enforce state transitions.
480         (WebCore::CSSFontFaceSource::CSSFontFaceSource): Explicitly handle new state transitions.
481         (WebCore::CSSFontFaceSource::fontLoaded): Update for new states.
482         (WebCore::CSSFontFaceSource::load): Pulled out code from font().
483         (WebCore::CSSFontFaceSource::font): Moved code into load().
484         (WebCore::CSSFontFaceSource::isValid): Deleted.
485         (WebCore::CSSFontFaceSource::isDecodeError): Deleted.
486         (WebCore::CSSFontFaceSource::ensureFontData): Deleted.
487         * css/CSSFontFaceSource.h: Much cleaner API.
488         * css/CSSFontSelector.cpp:
489         (WebCore::createFontFace): Migrate to references instead of pointers. This requires a little
490         reorganization.
491         (WebCore::registerLocalFontFacesForFamily): Update to new CSSFontFaceSource API.
492         (WebCore::CSSFontSelector::addFontFaceRule): Ditto.
493         (WebCore::CSSFontSelector::getFontFace): Ditto.
494         * css/CSSSegmentedFontFace.cpp:
495         (WebCore::CSSSegmentedFontFace::CSSSegmentedFontFace): Migrate to references instead of pointers.
496         (WebCore::CSSSegmentedFontFace::~CSSSegmentedFontFace): Ditto.
497         (WebCore::CSSSegmentedFontFace::fontLoaded): Remove old dead code.
498         (WebCore::CSSSegmentedFontFace::appendFontFace): Cleanup.
499         (WebCore::CSSSegmentedFontFace::fontRanges): Adopt to new API.
500         (WebCore::CSSSegmentedFontFace::pruneTable): Deleted.
501         (WebCore::CSSSegmentedFontFace::isLoading): Deleted. Old dead code.
502         (WebCore::CSSSegmentedFontFace::checkFont): Deleted. Ditto.
503         (WebCore::CSSSegmentedFontFace::loadFont): Deleted. Ditto.
504         * css/CSSSegmentedFontFace.h:
505         (WebCore::CSSSegmentedFontFace::create): Migrate to references instead of pointers.
506         (WebCore::CSSSegmentedFontFace::fontSelector): Ditto.
507         (WebCore::CSSSegmentedFontFace::LoadFontCallback::~LoadFontCallback): Deleted.
508         * loader/cache/CachedFont.cpp:
509         (WebCore::CachedFont::didAddClient): Migrate to references instead of pointers.
510         (WebCore::CachedFont::checkNotify): Ditto.
511         * loader/cache/CachedFontClient.h:
512         (WebCore::CachedFontClient::fontLoaded): Ditto.
513
514 2016-02-09  Brady Eidson  <beidson@apple.com>
515
516         Modern IDB: IDBOpenDBRequests leak.
517         https://bugs.webkit.org/show_bug.cgi?id=154032
518
519         Reviewed by Alex Christensen.
520
521         No new tests (Currently untestable).
522
523         * CMakeLists.txt:
524         * WebCore.xcodeproj/project.pbxproj:
525
526         Add a simple Event subclass that holds a ref to an IDBRequest, to make sure that we
527         drop the last ref to the request after its last event fires or is otherwise destroyed:
528         * Modules/indexeddb/IDBRequestCompletionEvent.cpp: Added.
529         (WebCore::IDBRequestCompletionEvent::IDBRequestCompletionEvent):
530         * Modules/indexeddb/IDBRequestCompletionEvent.h: Added.
531         (WebCore::IDBRequestCompletionEvent::create):
532
533         * Modules/indexeddb/client/IDBOpenDBRequestImpl.cpp:
534         (WebCore::IDBClient::IDBOpenDBRequest::onError): IDBRequestCompletionEvent instead of Event.
535         (WebCore::IDBClient::IDBOpenDBRequest::fireSuccessAfterVersionChangeCommit): Ditto.
536         (WebCore::IDBClient::IDBOpenDBRequest::fireErrorAfterVersionChangeCompletion): Ditto.
537         (WebCore::IDBClient::IDBOpenDBRequest::onSuccess): Ditto.
538
539         * Modules/indexeddb/client/IDBTransactionImpl.cpp:
540         (WebCore::IDBClient::IDBTransaction::dispatchEvent): After setting up the request's 
541           completion event to fire, clear the back-ref to the request.
542
543 2016-02-09  Commit Queue  <commit-queue@webkit.org>
544
545         Unreviewed, rolling out r196286.
546         https://bugs.webkit.org/show_bug.cgi?id=154026
547
548         Looks like 5% iOS PLT regression (Requested by kling on
549         #webkit).
550
551         Reverted changeset:
552
553         "[iOS] Throw away some unlinked code when navigating to a new
554         page."
555         https://bugs.webkit.org/show_bug.cgi?id=154014
556         http://trac.webkit.org/changeset/196286
557
558 2016-02-08  Chris Dumez  <cdumez@apple.com>
559
560         Attribute getters should not require an explicit 'this' value for Window properties
561         https://bugs.webkit.org/show_bug.cgi?id=153968
562
563         Reviewed by Darin Adler.
564
565         Attribute getters should not require an explicit 'this' value for
566         Window properties. This is because the Window interface is marked
567         as [ImplicitThis]:
568         - http://heycam.github.io/webidl/#ImplicitThis
569         - https://www.w3.org/Bugs/Public/show_bug.cgi?id=29421
570
571         This matches the behavior of Firefox and the expectations of the W3C
572         web-platform-tests.
573
574         No new tests, already covered by existing tests.
575
576         * bindings/scripts/CodeGeneratorJS.pm:
577         In attribute getters of an interface marked as [ImplicitThis],
578         if 'thisValue' is undefined or null, fall back to using the
579         global object as 'thisValue'.
580
581         * bindings/scripts/IDLAttributes.txt:
582         Add support for [ImplicitThis]:
583         http://heycam.github.io/webidl/#ImplicitThis
584
585         * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
586         * bindings/scripts/test/JS/JSTestException.cpp:
587         * bindings/scripts/test/JS/JSTestInterface.cpp:
588         * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
589         * bindings/scripts/test/JS/JSTestNode.cpp:
590         * bindings/scripts/test/JS/JSTestNondeterministic.cpp:
591         * bindings/scripts/test/JS/JSTestObj.cpp:
592         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
593         * bindings/scripts/test/JS/JSTestTypedefs.cpp:
594         * bindings/scripts/test/JS/JSattribute.cpp:
595         Rebaseline bindings tests.
596
597         * page/DOMWindow.idl:
598         Mark Window as [ImplicitThis]:
599         http://heycam.github.io/webidl/#ImplicitThis
600
601 2016-02-08  Nan Wang  <n_wang@apple.com>
602
603         AX: crash at WebCore::Range::selectNodeContents(WebCore::Node*, int&)
604         https://bugs.webkit.org/show_bug.cgi?id=154018
605
606         Reviewed by Chris Fleizach.
607
608         Sometimes rangeForUnorderedCharacterOffsets call is accessing derefed node objects
609         and leading to a crash. Fixed it by checking isNodeInUse before creating the CharacterOffset
610         object.
611
612         Test: accessibility/text-marker/text-marker-range-stale-node-crash.html
613
614         * accessibility/AXObjectCache.cpp:
615         (WebCore::AXObjectCache::visiblePositionForTextMarkerData):
616         (WebCore::AXObjectCache::characterOffsetForTextMarkerData):
617         (WebCore::AXObjectCache::traverseToOffsetInRange):
618         * accessibility/AXObjectCache.h:
619         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
620         (-[WebAccessibilityObjectWrapper rangeForTextMarkerRange:]):
621         (characterOffsetForTextMarker):
622         (-[WebAccessibilityObjectWrapper characterOffsetForTextMarker:]):
623         (textMarkerForVisiblePosition):
624
625 2016-02-08  Andreas Kling  <akling@apple.com>
626
627         [iOS] Throw away some unlinked code when navigating to a new page.
628         <https://webkit.org/b/154014>
629
630         Reviewed by Gavin Barraclough.
631
632         Extended the mechanism introduced earlier to also throw away unlinked code
633         that's only relevant to the page that we're navigating away from.
634
635         The new JSC::VM API is deleteAllCodeExceptCaches() and it does what it sounds
636         like, deleting unlinked and linked code but leaving code caches alone.
637
638         This means that if the page we're navigating to wants to parse some of the
639         same JS that the page we're leaving had on it, it might still be found in the
640         JSC::CodeCache.
641
642         Doing a back navigation to a PageCache'd page may now incur some reparsing,
643         just like leaving the app or tab would.
644
645         * bindings/js/GCController.cpp:
646         (WebCore::GCController::deleteAllCodeExceptCaches):
647         (WebCore::GCController::deleteAllLinkedCode): Deleted.
648         * bindings/js/GCController.h:
649         * loader/FrameLoader.cpp:
650         (WebCore::FrameLoader::commitProvisionalLoad):
651
652 2016-02-08  Daniel Bates  <dabates@apple.com>
653
654         CSP connect-src directive should block redirects
655         https://bugs.webkit.org/show_bug.cgi?id=69359
656         <rdar://problem/24383025>
657
658         Reviewed by Brent Fulgham.
659
660         Inspired by Blink patch:
661         <https://src.chromium.org/viewvc/blink?revision=150246&view=revision>
662
663         Apply the connect-src directive of the Content Security Policy for the document or worker to the redirect URL
664         of an XMLHttpRequest and EventSource load so as to conform to section Paths and Redirects of the CSP 2.0 spec.,
665         <https://w3c.github.io/webappsec-csp/2/#source-list-paths-and-redirects> (29 August 2015).
666
667         Additionally, check that each requested script URL passed to WorkerGlobalScope.importScripts() is allowed by
668         the CSP of the worker before initiating a load for it. If some URL i is blocked by the CSP policy
669         then we do not try to load URLs j >= i.
670
671         Tests: http/tests/security/contentSecurityPolicy/worker-blob-inherits-csp-importScripts-block-aborts-all-subsequent-imports.html
672                http/tests/security/contentSecurityPolicy/worker-blob-inherits-csp-importScripts-redirect-cross-origin-blocked.html
673                http/tests/security/contentSecurityPolicy/worker-csp-blocks-xhr-redirect-cross-origin.html
674                http/tests/security/contentSecurityPolicy/worker-csp-importScripts-redirect-cross-origin-allowed.html
675                http/tests/security/contentSecurityPolicy/worker-csp-importScripts-redirect-cross-origin-blocked.html
676                http/tests/security/contentSecurityPolicy/worker-without-csp-importScripts-redirect-cross-origin-allowed.html
677                http/tests/security/isolatedWorld/bypass-main-world-csp-for-xhr-redirect.html
678                http/tests/security/isolatedWorld/bypass-main-world-csp-worker-blob-importScript-redirect-cross-origin.html
679                http/tests/security/isolatedWorld/bypass-main-world-csp-worker-importScripts-redirect-cross-origin.html
680                http/tests/security/isolatedWorld/bypass-worker-csp-for-xhr-redirect-cross-origin.html
681                http/tests/security/isolatedWorld/bypass-worker-csp-for-xhr.html
682
683         * fileapi/FileReaderLoader.cpp:
684         (WebCore::FileReaderLoader::start): Do not enforce a CSP directive as CSP is not applicable to File API.
685         * inspector/InspectorNetworkAgent.cpp:
686         (WebCore::InspectorNetworkAgent::loadResource): Do not enforce a CSP directive as CSP should not interfere
687         with the Web Inspector.
688         * loader/DocumentThreadableLoader.cpp:
689         (WebCore::DocumentThreadableLoader::loadResourceSynchronously): Modified to take an optional ContentSecurityPolicy
690         and pass it through to DocumentThreadableLoader::create().
691         (WebCore::DocumentThreadableLoader::create): Modified to take an optional ContentSecurityPolicy and pass it through
692         to DocumentThreadableLoader::DocumentThreadableLoader().
693         (WebCore::DocumentThreadableLoader::DocumentThreadableLoader): Modified to take an optional ContentSecurityPolicy.
694         Asserts that the CSP allows the load of the request URL so as to catch when a caller creates a loader for a request
695         that is not allowed by the CSP. The caller should not create a loader for such a request.
696         (WebCore::DocumentThreadableLoader::redirectReceived): Check if the CSP allows the redirect URL. If it does not
697         then notify the client that the redirect check failed.
698         (WebCore::DocumentThreadableLoader::loadRequest): Ditto.
699         (WebCore::DocumentThreadableLoader::isAllowedByContentSecurityPolicy): Checks that the specified URL is allowed
700         by the enforced CSP directive.
701         (WebCore::DocumentThreadableLoader::contentSecurityPolicy): Returns the ContentSecurityPolicy object passed to
702         DocumentThreadableLoader on instantiation or the ContentSecurityPolicy object of the associated document.
703         * loader/DocumentThreadableLoader.h: Add overloaded variants of DocumentThreadableLoader::{create, loadResourceSynchronously}()
704         that take a std::unique_ptr<ContentSecurityPolicy>&&. Remove some unnecessary headers.
705         * loader/ThreadableLoader.cpp:
706         (WebCore::ThreadableLoaderOptions::ThreadableLoaderOptions): Take the CSP directive to enforce and store it.
707         (WebCore::ThreadableLoaderOptions::isolatedCopy): Copy the CSP directive to enforce.
708         * loader/ThreadableLoader.h: Added member field to store the CSP directive to enforce (defaults to enforce the
709         directive connect-src - the most appropriate directive in most circumstances). As of the time of writing,
710         only WorkerGlobalScope.importScripts() enforces a different directive: script-src.
711         * loader/WorkerThreadableLoader.cpp:
712         (WebCore::WorkerThreadableLoader::WorkerThreadableLoader): Pass the SecurityOrigin and ContentSecurityPolicy associated
713         with the WorkerGlobalScope to WorkerThreadableLoader::MainThreadBridge::MainThreadBridge().
714         (WebCore::WorkerThreadableLoader::MainThreadBridge::MainThreadBridge): Pass a copy of the worker's ContentSecurityPolicy
715         to the DocumentThreadableLoader.
716         * loader/WorkerThreadableLoader.h:
717         * page/EventSource.cpp:
718         (WebCore::EventSource::connect): Enforce the CSP directive connect-src on redirects unless we are running in an isolated world.
719         * workers/AbstractWorker.cpp:
720         (WebCore::AbstractWorker::resolveURL): Modified to take a boolean whether to bypass the main world Content Security Policy
721         instead of querying for it directly.
722         * workers/AbstractWorker.h:
723         * workers/Worker.cpp:
724         (WebCore::Worker::create): Added FIXME to enforce child-src directive of the document's CSP to the worker's script URL
725         on redirect once we fix <https://bugs.webkit.org/show_bug.cgi?id=153562>. For now, do not enforce a CSP policy on redirect
726         of the worker's script URL.
727         * workers/WorkerGlobalScope.cpp:
728         (WebCore::WorkerGlobalScope::importScripts): Check that the requested URL is allowed by the CSP of the worker (if applicable).
729         Enforce the CSP directive script-src on redirects unless we are running in an isolated world.
730         * workers/WorkerScriptLoader.cpp:
731         (WebCore::WorkerScriptLoader::loadSynchronously): Pass SecurityOrigin and ContentSecurityPolicyEnforcement to WorkerThreadableLoader.
732         (WebCore::WorkerScriptLoader::loadAsynchronously): Ditto.
733         * workers/WorkerScriptLoader.h:
734         * xml/XMLHttpRequest.cpp:
735         (WebCore::XMLHttpRequest::createRequest): Enforce the CSP directive connect-src on redirects unless we are running in
736         an isolated world.
737
738 2016-02-08  Antti Koivisto  <antti@apple.com>
739
740         Try to fix Yosemite build.
741
742         * dom/ComposedTreeIterator.h:
743         (WebCore::ComposedTreeIterator::ComposedTreeIterator):
744         (WebCore::ComposedTreeIterator::traverseNext):
745
746 2016-02-08  Antti Koivisto  <antti@apple.com>
747
748         Implement ComposedTreeIterator in terms of ElementAndTextDescendantIterator
749         https://bugs.webkit.org/show_bug.cgi?id=154003
750
751         Reviewed by Darin Adler.
752
753         Currently ComposedTreeIterator implements tree traversal using NodeTraversal. This makes it overly complicated.
754         It can also return nodes other than Element and Text which should not be part of the composed tree.
755
756         This patch adds a new iterator type, ElementAndTextDescendantIterator, similar to the existing ElementDescendantIterator.
757         ComposedTreeIterator is then implemented using this new iterator.
758
759         When entering a shadow tree or a slot the local iterator is pushed along with the context stack and a new local
760         iterator is initialized for the new context. When leaving a shadow tree the context stack is popped and the previous
761         local iterator becomes active.
762
763         * WebCore.xcodeproj/project.pbxproj:
764         * dom/ComposedTreeIterator.cpp:
765         (WebCore::ComposedTreeIterator::ComposedTreeIterator):
766         (WebCore::ComposedTreeIterator::initializeContextStack):
767         (WebCore::ComposedTreeIterator::pushContext):
768         (WebCore::ComposedTreeIterator::traverseNextInShadowTree):
769         (WebCore::ComposedTreeIterator::traverseNextLeavingContext):
770         (WebCore::ComposedTreeIterator::advanceInSlot):
771         (WebCore::ComposedTreeIterator::traverseSiblingInSlot):
772         (WebCore::ComposedTreeIterator::initializeShadowStack): Deleted.
773         (WebCore::ComposedTreeIterator::traverseParentInShadowTree): Deleted.
774         (WebCore::ComposedTreeIterator::traverseNextSiblingSlot): Deleted.
775         (WebCore::ComposedTreeIterator::traversePreviousSiblingSlot): Deleted.
776         * dom/ComposedTreeIterator.h:
777         (WebCore::ComposedTreeIterator::operator*):
778         (WebCore::ComposedTreeIterator::operator->):
779         (WebCore::ComposedTreeIterator::operator==):
780         (WebCore::ComposedTreeIterator::operator!=):
781         (WebCore::ComposedTreeIterator::operator++):
782         (WebCore::ComposedTreeIterator::Context::Context):
783         (WebCore::ComposedTreeIterator::context):
784         (WebCore::ComposedTreeIterator::current):
785         (WebCore::ComposedTreeIterator::ComposedTreeIterator):
786         (WebCore::ComposedTreeIterator::traverseNext):
787         (WebCore::ComposedTreeIterator::traverseNextSkippingChildren):
788         (WebCore::ComposedTreeIterator::traverseNextSibling):
789         (WebCore::ComposedTreeIterator::traversePreviousSibling):
790         (WebCore::ComposedTreeDescendantAdapter::ComposedTreeDescendantAdapter):
791         (WebCore::ComposedTreeDescendantAdapter::begin):
792         (WebCore::ComposedTreeDescendantAdapter::end):
793         (WebCore::ComposedTreeDescendantAdapter::at):
794         (WebCore::ComposedTreeChildAdapter::Iterator::Iterator):
795         (WebCore::ComposedTreeChildAdapter::ComposedTreeChildAdapter):
796         (WebCore::ComposedTreeChildAdapter::begin):
797         (WebCore::ComposedTreeChildAdapter::end):
798         (WebCore::ComposedTreeChildAdapter::at):
799         (WebCore::ComposedTreeIterator::ShadowContext::ShadowContext): Deleted.
800         (WebCore::ComposedTreeIterator::traverseParent): Deleted.
801         * dom/ElementAndTextDescendantIterator.h: Added.
802
803             New iterator type that traverses Element and Text nodes (that is renderable nodes only).
804             It also tracks depth for future use.
805
806 2016-02-08  Joseph Pecoraro  <pecoraro@apple.com>
807
808         Web Inspector: copy({x:1}) should copy "{x:1}", not "[object Object]"
809         https://bugs.webkit.org/show_bug.cgi?id=148605
810
811         Reviewed by Brian Burg.
812
813         Test: inspector/console/command-line-api-copy.html
814
815         * inspector/CommandLineAPIModuleSource.js:
816         (CommandLineAPIImpl.prototype.copy):
817         Support copying different types. This is meant to be more
818         convenient then just JSON.stringify, so it handles types
819         like Node, Symbol, RegExp, and Function a bit better.
820
821 2016-02-08  Said Abou-Hallawa  <sabouhallawa@apple.com>
822
823         REGRESSION(r181345): SVG polyline and polygon leak page
824         https://bugs.webkit.org/show_bug.cgi?id=152759
825
826         Reviewed by Darin Adler.
827
828         The leak happens because of cyclic reference between SVGListPropertyTearOff 
829         and SVGAnimatedListPropertyTearOff which is derived from SVGAnimatedProperty.
830         There is also cyclic reference between SVGAnimatedProperty and SVGElement
831         and this causes the whole document to be leaked. So if the JS requests, for
832         example, an instance of SVGPolylineElement.points, the whole document will be
833         leaked.
834
835         The fix depends on having the cyclic reference as is since the owning and the
836         owned classes have to live together if any of them is referenced. But the owning
837         class caches a raw 'ref-counted' pointer of the owned class. If it is requested
838         for an instance of the owned class it returned a RefPtr<> of it. Once the owned
839         class is not used, it can delete itself. The only thing needed here is to notify
840         the owner class of the deletion so it cleans its caches and be able to create a
841         new pointer if it is requested for an instance of the owned class later.
842
843         Revert the change of r181345 in SVGAnimatedProperty::lookupOrCreateWrapper()
844         to break the cyclic reference between SVGElement and SVGAnimatedProperty.
845         
846         Also apply the same approach in SVGAnimatedListPropertyTearOff::baseVal() and
847         animVal() to break cyclic reference between SVGListPropertyTearOff and
848         SVGAnimatedListPropertyTearOff.
849
850         Test: svg/animations/smil-leak-list-property-instances.svg
851
852         * bindings/scripts/CodeGeneratorJS.pm:
853         (NativeToJSValue): The SVG non-string list tear-off properties became of
854         type RefPtr<>. So we need to use get() with the casting expressions.
855         
856         * svg/SVGMarkerElement.cpp:
857         (WebCore::SVGMarkerElement::orientType):
858         Use 'auto' type for the return of SVGAnimatedProperty::lookupWrapper().
859
860         * svg/SVGPathElement.cpp:
861         (WebCore::SVGPathElement::pathByteStream):
862         (WebCore::SVGPathElement::lookupOrCreateDWrapper):
863         Since SVGAnimatedProperty::lookupWrappe() returns a RefPtr<> we need to 
864         use get() for the casting expressions.
865         
866         (WebCore::SVGPathElement::pathSegList):
867         (WebCore::SVGPathElement::normalizedPathSegList):
868         (WebCore::SVGPathElement::animatedPathSegList):
869         (WebCore::SVGPathElement::animatedNormalizedPathSegList):
870         * svg/SVGPathElement.h:
871         Change the return value from raw pointer to RefPtr<>.
872
873         * svg/SVGPathSegWithContext.h:
874         (WebCore::SVGPathSegWithContext::animatedProperty):
875         Change the return type to be RefPtr<> to preserve the value from being deleted.
876         
877         * svg/SVGPolyElement.cpp:
878         (WebCore::SVGPolyElement::parseAttribute):
879         Since SVGAnimatedProperty::lookupWrapper() returns a RefPtr<> we need to 
880         use get() for the casting expressions.
881         
882         (WebCore::SVGPolyElement::points):
883         (WebCore::SVGPolyElement::animatedPoints):
884         * svg/SVGPolyElement.h:
885         Change the return value from raw pointer to RefPtr<>.
886         
887         * svg/SVGViewSpec.cpp:
888         (WebCore::SVGViewSpec::setTransformString):
889         Since SVGAnimatedProperty::lookupWrapper() returns a RefPtr<> we need to 
890         use get() for the casting expressions.
891
892         (WebCore::SVGViewSpec::transform):
893         * svg/SVGViewSpec.h:
894         Change the return value from raw pointer to RefPtr<>.
895         
896         * svg/properties/SVGAnimatedListPropertyTearOff.h:
897         (WebCore::SVGAnimatedListPropertyTearOff::baseVal):
898         (WebCore::SVGAnimatedListPropertyTearOff::animVal):
899         Change the return value from raw pointer to RefPtr<> and change the cached
900         value from RefPtr<> to raw pointer. If the property is null, it will be
901         created, its raw pointer will be cached and the only ref-counted RefPtr<>
902         will be returned. This will guarantee, the RefPtr<> will be deleted once
903         it is not used anymore. 
904         
905         (WebCore::SVGAnimatedListPropertyTearOff::propertyWillBeDeleted):
906         Clean the raw pointer caches m_baseVal and m_animVal upon deleting the
907         actual pointer. This function will be called from the destructor of
908         SVGListPropertyTearOff.
909         
910         (WebCore::SVGAnimatedListPropertyTearOff::findItem):
911         (WebCore::SVGAnimatedListPropertyTearOff::removeItemFromList):
912         We have to ensure the baseVal() is created before using it.
913         
914         (WebCore::SVGAnimatedListPropertyTearOff::detachListWrappers):
915         (WebCore::SVGAnimatedListPropertyTearOff::currentAnimatedValue):
916         (WebCore::SVGAnimatedListPropertyTearOff::animationStarted):
917         (WebCore::SVGAnimatedListPropertyTearOff::animationEnded):
918         (WebCore::SVGAnimatedListPropertyTearOff::synchronizeWrappersIfNeeded):
919         (WebCore::SVGAnimatedListPropertyTearOff::animValWillChange):
920         (WebCore::SVGAnimatedListPropertyTearOff::animValDidChange):
921         For animation, a separate RefPtr<> 'm_animatingAnimVal' will be assigned
922         to the animVal(). This will prevent deleting m_animVal while animation.
923         
924         * svg/properties/SVGAnimatedPathSegListPropertyTearOff.h:
925         (WebCore::SVGAnimatedPathSegListPropertyTearOff::baseVal):
926         (WebCore::SVGAnimatedPathSegListPropertyTearOff::animVal):
927         Same as what is done in SVGAnimatedListPropertyTearOff.
928         
929         (WebCore::SVGAnimatedPathSegListPropertyTearOff::findItem):
930         (WebCore::SVGAnimatedPathSegListPropertyTearOff::removeItemFromList):
931         Same as what is done in SVGAnimatedListPropertyTearOff.
932         
933         * svg/properties/SVGAnimatedProperty.h:
934         (WebCore::SVGAnimatedProperty::lookupOrCreateWrapper):
935         Change the return value from raw reference to Ref<> and change the
936         cached value from Ref<> to raw pointer. This reverts the change of
937         r181345 in this function.
938         
939         (WebCore::SVGAnimatedProperty::lookupWrapper):
940         Change the return value from raw pointer to RefPtr<>.
941         
942         * svg/properties/SVGAnimatedPropertyMacros.h:
943         Use 'auto' type for the return of SVGAnimatedProperty::lookupWrapper().
944         
945         * svg/properties/SVGAnimatedTransformListPropertyTearOff.h:
946         (WebCore::SVGAnimatedTransformListPropertyTearOff::baseVal):
947         (WebCore::SVGAnimatedTransformListPropertyTearOff::animVal):
948         Same as what is done in SVGAnimatedListPropertyTearOff.
949
950         * svg/properties/SVGListPropertyTearOff.h:
951         (WebCore::SVGListPropertyTearOff::~SVGListPropertyTearOff):
952         Call the SVGAnimatedListPropertyTearOff::propertyWillBeDeleted() to clean
953         its raw pointers when the RefPtr<> deletes itself.
954
955 2016-02-08  Carlos Garcia Campos  <cgarcia@igalia.com>
956
957         [GTK] WebKitWebView should send crossing events to the WebProcess
958         https://bugs.webkit.org/show_bug.cgi?id=153740
959
960         Reviewed by Michael Catanzaro.
961
962         Update the target element under the mouse also when only updating
963         scrollbars, so that if the mouse enters the page when the window
964         is not active, the scroll animator is notified that the mouse
965         entered the scrollable area.
966
967         * page/EventHandler.cpp:
968         (WebCore::EventHandler::handleMouseMoveEvent): Call
969         updateMouseEventTargetNode() before early returning in case of
970         only updating scrollbars.
971
972 2016-02-08  Jeremy Jones  <jeremyj@apple.com>
973
974         PiP and external playback are mutually exclusive.
975         https://bugs.webkit.org/show_bug.cgi?id=153988
976         rdar://problem/24108661
977
978         Reviewed by Eric Carlson.
979
980         Adding isPlayingOnSecondScreen to isPlayingOnExternalScreen allows AVKit to disable PiP
981         when appropriate. Testing video fullscreen mode in updateDisableExternalPlayback allows us to 
982         turn-off external playback when entering picture-in-picture.
983
984         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
985         (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenMode):
986         (WebCore::MediaPlayerPrivateAVFoundationObjC::updateDisableExternalPlayback):
987         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
988         (-[WebAVPlayerController isPlayingOnExternalScreen]):
989         (+[WebAVPlayerController keyPathsForValuesAffectingPlayingOnExternalScreen]):
990
991 2016-02-08  Commit Queue  <commit-queue@webkit.org>
992
993         Unreviewed, rolling out r196253.
994         https://bugs.webkit.org/show_bug.cgi?id=153990
995
996         Caused several crashes in GTK+ bots (Requested by KaL on
997         #webkit).
998
999         Reverted changeset:
1000
1001         "[GTK] WebKitWebView should send crossing events to the
1002         WebProcess"
1003         https://bugs.webkit.org/show_bug.cgi?id=153740
1004         http://trac.webkit.org/changeset/196253
1005
1006 2016-02-08  Jeremy Jones  <jeremyj@apple.com>
1007
1008         WebAVPlayerController should implement currentTimeWithinEndTimes.
1009         https://bugs.webkit.org/show_bug.cgi?id=153983
1010         rdar://problem/22864621
1011
1012         Reviewed by Eric Carlson.
1013
1014         Implement currentTimeWithinEndTimes in terms of seekToTime and AVTiming. This is a trivial
1015         implementation becuase AVPlayer start and end times aren't used.
1016
1017         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
1018         (-[WebAVPlayerController currentTimeWithinEndTimes]):
1019         (-[WebAVPlayerController setCurrentTimeWithinEndTimes:]):
1020         (+[WebAVPlayerController keyPathsForValuesAffectingCurrentTimeWithinEndTimes]):
1021
1022 2016-02-08  Carlos Garcia Campos  <cgarcia@igalia.com>
1023
1024         [GTK] WebKitWebView should send crossing events to the WebProcess
1025         https://bugs.webkit.org/show_bug.cgi?id=153740
1026
1027         Reviewed by Michael Catanzaro.
1028
1029         Update the target element under the mouse also when only updating
1030         scrollbars, so that if the mouse enters the page when the window
1031         is not active, the scroll animator is notified that the mouse
1032         entered the scrollable area.
1033
1034         * page/EventHandler.cpp:
1035         (WebCore::EventHandler::handleMouseMoveEvent): Call
1036         updateMouseEventTargetNode() before early returning in case of
1037         only updating scrollbars.
1038
1039 2016-02-08  Jeremy Jones  <jeremyj@apple.com>
1040
1041         WebVideoFullscreenInterface should handle video resizing.
1042         https://bugs.webkit.org/show_bug.cgi?id=153982
1043         rdar://problem/22031249
1044
1045         Reviewed by Eric Carlson.
1046
1047         Video fullscreen can be initiated before video dimension are available.
1048         Protect against an initial width or height of zero and observe resize events 
1049         to update once video dimensions become available or change.
1050
1051         * platform/cocoa/WebVideoFullscreenModelVideoElement.mm:
1052         (WebVideoFullscreenModelVideoElement::updateForEventName):
1053         (WebVideoFullscreenModelVideoElement::observedEventNames):
1054         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
1055         (-[WebAVPlayerLayer layoutSublayers]):
1056         (-[WebAVPlayerLayer videoRect]):
1057         (WebVideoFullscreenInterfaceAVKit::setVideoDimensions):
1058
1059 2016-02-08  Adrien Plazas  <aplazas@igalia.com>
1060
1061         Indent inline box test fails due to assertion in VisibleSelection::selectionFromContentsOfNode()
1062         https://bugs.webkit.org/show_bug.cgi?id=153824
1063
1064         Reviewed by Michael Catanzaro.
1065
1066         * editing/markup.cpp:
1067         (WebCore::highestAncestorToWrapMarkup):
1068
1069 2016-02-07  Sam Weinig  <sam@webkit.org>
1070
1071         Remove unused enum ScrollbarOverlayState.
1072
1073         Rubber-stamped by Dan Bernstein.
1074
1075         * platform/ScrollTypes.h:
1076
1077 2016-02-07  Sam Weinig  <sam@webkit.org>
1078
1079         Remove unnecessary respondsToSelector checks for methods that exist on all supported platforms
1080         https://bugs.webkit.org/show_bug.cgi?id=153970
1081
1082         Reviewed by Dan Bernstein.
1083
1084         -[NSScrollerImp mouseEnteredScroller], -[NSScrollerImp expansionTransitionProgress],
1085         -[NSScrollerImpPair contentAreaScrolledInDirection:], and -[NSScrollerImp setExpanded:]
1086         are now available on all supported OS's. No need to check for them.
1087
1088         * platform/mac/ScrollAnimatorMac.mm:
1089         (macScrollbarTheme):
1090         (-[WebScrollbarPainterDelegate scrollerImp:animateUIStateTransitionWithDuration:]):
1091         (-[WebScrollbarPainterDelegate scrollerImp:animateExpansionTransitionWithDuration:]):
1092         (WebCore::ScrollAnimatorMac::mouseEnteredScrollbar):
1093         (WebCore::ScrollAnimatorMac::mouseExitedScrollbar):
1094         (WebCore::ScrollAnimatorMac::sendContentAreaScrolled):
1095         (WebCore::ScrollAnimatorMac::sendContentAreaScrolledTimerFired):
1096         (supportsUIStateTransitionProgress): Deleted.
1097         (supportsExpansionTransitionProgress): Deleted.
1098         (supportsContentAreaScrolledInDirection): Deleted.
1099         * platform/mac/ScrollbarThemeMac.mm:
1100         (+[WebScrollbarPrefsObserver appearancePrefsChanged:]):
1101         (+[WebScrollbarPrefsObserver behaviorPrefsChanged:]):
1102         (WebCore::ScrollbarThemeMac::scrollbarThickness):
1103
1104 2016-02-07  Sam Weinig  <sam@webkit.org>
1105
1106         Use modern SPI header idiom for NSScrollerImp and NSScrollerImpPair
1107         https://bugs.webkit.org/show_bug.cgi?id=153969
1108
1109         Reviewed by Dan Bernstein.
1110
1111         * WebCore.xcodeproj/project.pbxproj:
1112         Add new file NSScrollerImpSPI.h
1113
1114         * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
1115         Use new include of NSScrollerImpSPI.h.
1116
1117         * platform/ScrollbarThemeComposite.h:
1118         Define ScrollbarPainter more precisely as NSScrollerImp * now that the type is available to us.
1119
1120         * platform/mac/NSScrollerImpDetails.h:
1121         Remove NSObject category based SPI usage with the modern one NSScrollerImpSPI.h
1122
1123         * platform/mac/NSScrollerImpDetails.mm:
1124         (WebCore::recommendedScrollerStyle):
1125         Simplify recommendedScrollerStyle() now that all OS's we ship on have +[NSScroller preferredScrollerStyle].
1126
1127         * platform/mac/ScrollAnimatorMac.mm:
1128         (supportsUIStateTransitionProgress):
1129         (supportsExpansionTransitionProgress):
1130         (supportsContentAreaScrolledInDirection):
1131         Stop using NSClassFromString now that we can reference the classes explicitly.
1132
1133         (-[WebScrollbarPainterControllerDelegate invalidate]):
1134         (-[WebScrollbarPainterControllerDelegate contentAreaRectForScrollerImpPair:]):
1135         (-[WebScrollbarPainterControllerDelegate inLiveResizeForScrollerImpPair:]):
1136         (-[WebScrollbarPainterControllerDelegate mouseLocationInContentAreaForScrollerImpPair:]):
1137         (-[WebScrollbarPainterControllerDelegate scrollerImpPair:convertContentPoint:toScrollerImp:]):
1138         (-[WebScrollbarPainterControllerDelegate scrollerImpPair:setContentAreaNeedsDisplayInRect:]):
1139         (-[WebScrollbarPainterControllerDelegate scrollerImpPair:updateScrollerStyleForNewRecommendedScrollerStyle:]):
1140         (-[WebScrollbarPainterDelegate layer]):
1141         (-[WebScrollbarPainterDelegate mouseLocationInScrollerForScrollerImp:]):
1142         (-[WebScrollbarPainterDelegate convertRectToLayer:]):
1143         (-[WebScrollbarPainterDelegate shouldUseLayerPerPartForScrollerImp:]):
1144         (-[WebScrollbarPainterDelegate setUpAlphaAnimation:scrollerPainter:part:animateAlphaTo:duration:]):
1145         (-[WebScrollbarPainterDelegate scrollerImp:animateKnobAlphaTo:duration:]):
1146         (-[WebScrollbarPainterDelegate scrollerImp:animateTrackAlphaTo:duration:]):
1147         (-[WebScrollbarPainterDelegate scrollerImp:animateUIStateTransitionWithDuration:]):
1148         (-[WebScrollbarPainterDelegate scrollerImp:animateExpansionTransitionWithDuration:]):
1149         (-[WebScrollbarPainterDelegate scrollerImp:overlayScrollerStateChangedTo:]):
1150         (WebCore::ScrollAnimatorMac::ScrollAnimatorMac):
1151         (WebCore::ScrollAnimatorMac::lockOverlayScrollbarStateToHidden):
1152         (WebCore::ScrollAnimatorMac::didAddVerticalScrollbar):
1153         (WebCore::ScrollAnimatorMac::didAddHorizontalScrollbar):
1154         (WebCore::ScrollAnimatorMac::updateScrollerStyle):
1155         Add proper conforming to protocols and replace ids with proper types.
1156
1157         * platform/mac/ScrollbarThemeMac.mm:
1158         (WebCore::supportsExpandedScrollbars):
1159         (WebCore::ScrollbarThemeMac::registerScrollbar):
1160         (WebCore::ScrollbarThemeMac::scrollbarThickness):
1161         (WebCore::ScrollbarThemeMac::setUpContentShadowLayer):
1162         Stop using NSClassFromString now that we can reference the classes explicitly.
1163
1164         * platform/spi/mac/NSScrollerImpSPI.h: Added.
1165
1166 2016-02-07  Zalan Bujtas  <zalan@apple.com>
1167
1168         Outline does not clip when ancestor has overflow: hidden and requires layer.
1169         https://bugs.webkit.org/show_bug.cgi?id=153901
1170
1171         Now that outline is part of visual overflow, we no longer need the special outline cliprect.
1172         PaintPhaseChildOutlines drawing will switch to foreground cliprect. It ensures proper overflow clipping
1173         at parent level. PaintPhaseSelfOutline drawing will start using the visual overflow inflated background cliprect.
1174         With this change, outline will be using the same cliprects as the other visual overflow properties (box-shadow etc). 
1175
1176         Reviewed by David Hyatt.
1177
1178         Test: fast/repaint/outline-with-overflow-hidden-ancestor.html
1179
1180         * rendering/LayerFragment.h:
1181         (WebCore::LayerFragment::setRects):
1182         (WebCore::LayerFragment::moveBy): Deleted.
1183         (WebCore::LayerFragment::intersect): Deleted.
1184         * rendering/RenderLayer.cpp:
1185         (WebCore::RenderLayer::collectFragments):
1186         (WebCore::RenderLayer::paintOutlineForFragments):
1187         (WebCore::RenderLayer::calculateClipRects):
1188         (WebCore::RenderLayer::paintForegroundForFragments): Deleted.
1189         * rendering/RenderLayer.h:
1190         * rendering/RenderTreeAsText.cpp:
1191         (WebCore::write):
1192         (WebCore::writeLayers):
1193
1194 2016-02-07  Daniel Bates  <dabates@apple.com>
1195
1196         CSP: Allow Web Workers initiated from an isolated world to bypass the main world Content Security Policy
1197         https://bugs.webkit.org/show_bug.cgi?id=153622
1198         <rdar://problem/24400023>
1199
1200         Reviewed by Gavin Barraclough.
1201
1202         Fixes an issue where Web Workers initiated from an isolated world (say, a Safari Content Script Extension)
1203         would be subject to the Content Security Policy of the page.
1204
1205         Currently code in an isolated world that does not execute in a Web Worker is exempt from the CSP of
1206         the page. However, code that runs inside a Web Worker that was initiated from an isolated world is
1207         subject to the CSP of the page. Instead, such Web Worker code should also be exempt from the CSP of
1208         the page.
1209
1210         Tests: http/tests/security/isolatedWorld/bypass-main-world-csp-worker-blob-eval.html
1211                http/tests/security/isolatedWorld/bypass-main-world-csp-worker-blob-xhr.html
1212                http/tests/security/isolatedWorld/bypass-main-world-csp-worker.html
1213
1214         * Modules/websockets/WebSocket.cpp:
1215         (WebCore::WebSocket::connect): Modified to ask the script execution context whether to bypass the
1216         main world Content Security Policy now that script execution context knows this information.
1217         * bindings/js/ScriptController.cpp:
1218         (WebCore::ScriptController::shouldBypassMainWorldContentSecurityPolicy): Deleted; moved logic from here...
1219         * bindings/js/ScriptController.h:
1220         * dom/Document.cpp:
1221         (WebCore::Document::shouldBypassMainWorldContentSecurityPolicy): ...to here.
1222         * dom/Document.h:
1223         * dom/ScriptExecutionContext.h:
1224         (WebCore::ScriptExecutionContext::shouldBypassMainWorldContentSecurityPolicy): Added; defaults to false -
1225         do not bypass the main world Content Security Policy.
1226         * page/EventSource.cpp:
1227         (WebCore::EventSource::create): Modified to ask the script execution context whether to bypass the
1228         main world Content Security Policy now that script execution context knows this information.
1229         * page/csp/ContentSecurityPolicy.cpp:
1230         (WebCore::ContentSecurityPolicy::shouldBypassMainWorldContentSecurityPolicy): Deleted.
1231         * page/csp/ContentSecurityPolicy.h:
1232         * workers/AbstractWorker.cpp:
1233         (WebCore::AbstractWorker::resolveURL): Bypass the main world Content Security Policy if applicable.
1234         Added FIXME comment to enforce the child-src directive of the document's CSP (as opposed to the script-src
1235         directive) on the worker's script URL. Also, scriptExecutionContext()->contentSecurityPolicy() should
1236         always be non-null just as we expect scriptExecutionContext()->securityOrigin() to be non-null. Assert
1237         this invariant to catch cases where a ScriptExecutionContext is not properly initialized.
1238         * workers/DedicatedWorkerGlobalScope.cpp:
1239         (WebCore::DedicatedWorkerGlobalScope::create): Modified to take boolean argument shouldBypassMainWorldContentSecurityPolicy
1240         as to whether to bypass the main world Content Security Policy and only apply the Content Security
1241         Policy headers when shouldBypassMainWorldContentSecurityPolicy is false.
1242         (WebCore::DedicatedWorkerGlobalScope::DedicatedWorkerGlobalScope): Pass through a boolean argument shouldBypassMainWorldContentSecurityPolicy
1243         as to whether to bypass the main world Content Security Policy.
1244         * workers/DedicatedWorkerGlobalScope.h:
1245         * workers/DedicatedWorkerThread.cpp:
1246         (WebCore::DedicatedWorkerThread::DedicatedWorkerThread): Ditto.
1247         (WebCore::DedicatedWorkerThread::createWorkerGlobalScope): Ditto.
1248         * workers/DedicatedWorkerThread.h:
1249         * workers/Worker.cpp:
1250         (WebCore::Worker::create): Store whether we should bypass the main world Content Security Policy so
1251         that we can pass it to WorkerMessagingProxy::startWorkerGlobalScope() in Worker::notifyFinished().
1252         We need to store this decision here as opposed to determining it at any later time (say, in Worker::notifyFinished())
1253         because it is dependent on the current JavaScript program stack at the time this function is invoked.
1254         (WebCore::Worker::notifyFinished): Pass whether to bypass the main world Content Security Policy.
1255         * workers/Worker.h:
1256         * workers/WorkerGlobalScope.cpp:
1257         (WebCore::WorkerGlobalScope::WorkerGlobalScope): Modified to take a boolean as to whether to bypass the
1258         main world Content Security Policy and store it in a member field. Also, always instantiate a Content
1259         Security Policy object as our current code assumes that one is always created.
1260         * workers/WorkerGlobalScope.h:
1261         * workers/WorkerGlobalScopeProxy.h:
1262         * workers/WorkerMessagingProxy.cpp:
1263         (WebCore::WorkerMessagingProxy::startWorkerGlobalScope): Pass through a boolean argument shouldBypassMainWorldContentSecurityPolicy
1264         as to whether to bypass the main world Content Security Policy.
1265         * workers/WorkerMessagingProxy.h:
1266         * workers/WorkerThread.cpp:
1267         (WebCore::WorkerThreadStartupData::WorkerThreadStartupData): Modified to take a boolean argument as to
1268         whether to bypass the main world Content Security Policy and store it in a member field.
1269         (WebCore::WorkerThread::WorkerThread): Pass through a boolean argument shouldBypassMainWorldContentSecurityPolicy
1270         as to whether to bypass the main world Content Security Policy.
1271         (WebCore::WorkerThread::workerThread): Ditto.
1272         * workers/WorkerThread.h:
1273         * xml/XMLHttpRequest.cpp:
1274         (WebCore::XMLHttpRequest::open): Modified to ask the script execution context whether to bypass the
1275         main world Content Security Policy now that script execution context knows this information.
1276
1277 2016-02-07  Dan Bernstein  <mitz@apple.com>
1278
1279         [Cocoa] Replace __has_include guards around inclusion of Apple-internal-SDK headers with USE(APPLE_INTERNAL_SDK)
1280         https://bugs.webkit.org/show_bug.cgi?id=153963
1281
1282         Reviewed by Sam Weinig.
1283
1284         * accessibility/mac/AXObjectCacheMac.mm:
1285         * crypto/CommonCryptoUtilities.cpp:
1286         * crypto/CommonCryptoUtilities.h:
1287         * editing/mac/TextUndoInsertionMarkupMac.h:
1288         * editing/mac/TextUndoInsertionMarkupMac.mm:
1289         * platform/cocoa/TelephoneNumberDetectorCocoa.cpp:
1290         * platform/graphics/cg/ImageSourceCG.cpp:
1291         * platform/graphics/mac/PDFDocumentImageMac.mm:
1292         * platform/network/ios/NetworkStateNotifierIOS.mm:
1293         * platform/network/mac/BlobDataFileReferenceMac.mm:
1294         * platform/network/mac/ResourceHandleMac.mm:
1295         * rendering/RenderThemeMac.mm:
1296
1297 2016-02-07  Carlos Garcia Campos  <cgarcia@igalia.com>
1298
1299         REGRESSION(r195661): [GTK] Scrollbar tests crashing after overlay scrollbar groundwork
1300         https://bugs.webkit.org/show_bug.cgi?id=153695
1301
1302         Reviewed by Michael Catanzaro.
1303
1304         The problem is that ScrollAnimation objects are not destroyed by
1305         the ScrollAnimator destructor, because I forgot to add a virtual
1306         destructor for ScrollAnimation in r195661.
1307
1308         * platform/ScrollAnimation.h:
1309         (WebCore::ScrollAnimation::~ScrollAnimation):
1310
1311 2016-02-06  Chris Dumez  <cdumez@apple.com>
1312
1313         Prevent cross-origin access to window.history
1314         https://bugs.webkit.org/show_bug.cgi?id=153931
1315
1316         Reviewed by Darin Adler.
1317
1318         Prevent cross-origin access to window.history to match the specification [1]
1319         and the behavior of other browsers (tested Firefox and Chrome).
1320
1321         [1] https://html.spec.whatwg.org/multipage/browsers.html#security-window
1322
1323         No new tests, already covered by existing tests that
1324         were updated in this patch.
1325
1326         * bindings/js/JSHistoryCustom.cpp:
1327         (WebCore::JSHistory::pushState):
1328         (WebCore::JSHistory::replaceState):
1329         (WebCore::JSHistory::state): Deleted.
1330         * page/DOMWindow.idl:
1331         * page/History.idl:
1332
1333 2016-02-06  Beth Dakin  <bdakin@apple.com>
1334
1335         ScrollbarPainters needs to be deallocated on the main thread
1336         https://bugs.webkit.org/show_bug.cgi?id=153932
1337         -and corresponding-
1338         rdar://problem/24015483
1339
1340         Reviewed by Dan Bernstein.
1341
1342         Darin pointed out that this was still race-y. There was still a race 
1343         condition between the destruction of the two local variables and the
1344         destruction of the lambda on the main thread. This should fix that. 
1345         * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.h:
1346         * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
1347         (WebCore::ScrollingTreeFrameScrollingNodeMac::~ScrollingTreeFrameScrollingNodeMac):
1348         (WebCore::ScrollingTreeFrameScrollingNodeMac::releaseReferencesToScrollbarPaintersOnTheMainThread):
1349         (WebCore::ScrollingTreeFrameScrollingNodeMac::updateBeforeChildren):
1350
1351 2016-02-06  Darin Adler  <darin@apple.com>
1352
1353         Finish auditing call sites of upper() and lower(), eliminate many, and rename the functions
1354         https://bugs.webkit.org/show_bug.cgi?id=153905
1355
1356         Reviewed by Sam Weinig.
1357
1358         * Modules/mediasource/MediaSource.cpp:
1359         (WebCore::MediaSource::isTypeSupported): Use convertToASCIILowercase on MIME type.
1360
1361         * accessibility/AccessibilityObject.cpp:
1362         (WebCore::AccessibilityObject::selectText): Use new names for lower and upper. Also
1363         tweaked style a tiny bit and used u_toupper rather than converting an entire
1364         string to uppercase.
1365
1366         * dom/Document.cpp:
1367         (WebCore::Document::addImageElementByCaseFoldedUsemap): Renamed to reflect the use
1368         of case folding rather than lowercasing.
1369         (WebCore::Document::removeImageElementByCaseFoldedUsemap): Ditto.
1370         (WebCore::Document::imageElementByCaseFoldedUsemap): Ditto.
1371         * dom/Document.h: Ditto.
1372         * dom/DocumentOrderedMap.cpp:
1373         (WebCore::DocumentOrderedMap::getElementByCaseFoldedMapName): Ditto.
1374         (WebCore::DocumentOrderedMap::getElementByCaseFoldedUsemap): Ditto.
1375         * dom/DocumentOrderedMap.h: Ditto.
1376
1377         * dom/TreeScope.cpp:
1378         (WebCore::TreeScope::getImageMap): Removed unneeded special case for null string.
1379         Simplified logic for cases where the URL does not have a "#" character in it.
1380         Use case folding instead of lowercase.
1381
1382         * editing/cocoa/HTMLConverter.mm:
1383         (HTMLConverter::_processText): Removed unneded special case for the empty string.
1384         Use makCapitalized instead of Cocoa function for "capitalize". Use upper and lower
1385         functions by their new names.
1386
1387         * html/HTMLImageElement.cpp:
1388         (WebCore::HTMLImageElement::parseAttribute): Use case folding instead of
1389         lowerasing for the usemap attribute.
1390         (WebCore::HTMLImageElement::insertedInto): Ditto.
1391         (WebCore::HTMLImageElement::removedFrom): Ditto.
1392         (WebCore::HTMLImageElement::matchesCaseFoldedUsemap): Ditto.
1393         * html/HTMLImageElement.h: Rename since usemap is case folded now, not lowercased.
1394
1395         * html/HTMLMapElement.cpp:
1396         (WebCore::HTMLMapElement::imageElement): Use case folding instead of lowercasing
1397         for usemap.
1398         (WebCore::HTMLMapElement::parseAttribute): Ditto.
1399
1400         * platform/Language.cpp:
1401         (WebCore::canonicalLanguageIdentifier): Use convertToASCIILowercase for language code.
1402         (WebCore::indexOfBestMatchingLanguageInList): Ditto.
1403
1404         * platform/graphics/harfbuzz/HarfBuzzShaper.cpp:
1405         (WebCore::HarfBuzzShaper::shapeHarfBuzzRuns): Use new name for the upper function.
1406
1407         * platform/network/HTTPParsers.cpp:
1408         (WebCore::parseContentTypeOptionsHeader): Use equalLettersIgnoringASCIICase instead
1409         of lowercasing to check for a specific header value.
1410
1411         * platform/network/MIMEHeader.cpp:
1412         (WebCore::retrieveKeyValuePairs): Use convertToASCIILowercase for MIME header name.
1413         (WebCore::MIMEHeader::parseContentTransferEncoding): Use equalLettersIgnoringASCIICase
1414         instead of lowercasing.
1415
1416         * platform/network/cf/ResourceHandleCFNet.cpp:
1417         (WebCore::allowsAnyHTTPSCertificateHosts): Make this hash ASCII case-insensitive.
1418         (WebCore::clientCertificates): Ditto.
1419         (WebCore::ResourceHandle::createCFURLConnection): Remove call to lower since the
1420         set is now ASCII case-insensitive.
1421         (WebCore::ResourceHandle::setHostAllowsAnyHTTPSCertificate): Ditto.
1422         (WebCore::ResourceHandle::setClientCertificate): Ditto.
1423
1424         * platform/network/curl/CookieJarCurl.cpp:
1425         (WebCore::getNetscapeCookieFormat): Use equalLettersIgnoringASCIICase instead of
1426         lowercasing.
1427
1428         * platform/network/curl/MultipartHandle.cpp:
1429         (WebCore::MultipartHandle::didReceiveResponse): Use convertToASCIILowercase to
1430         make a MIME type lowercase.
1431
1432         * platform/network/curl/ResourceHandleCurl.cpp:
1433         (WebCore::ResourceHandle::setHostAllowsAnyHTTPSCertificate): Removed unneeded
1434         conversion to lowercase now that the set is ASCII case-insensitive.
1435         (WebCore::ResourceHandle::setClientCertificate): Removed code that populates a map
1436         that is then never used for anything.
1437
1438         * platform/network/curl/ResourceHandleManager.cpp:
1439         (WebCore::headerCallback): Use convertToASCIILowercase for MIME type.
1440
1441         * platform/network/curl/SSLHandle.cpp: Made hash maps keyed by host names
1442         ASCII case-insensitive.
1443         (WebCore::addAllowedClientCertificate): Removed lowercasing since the map itself
1444         is now ASCII case insensitve.
1445         (WebCore::setSSLClientCertificate): Ditto. Also use auto for iterator type so we
1446         don't have to write out the map type.
1447         (WebCore::sslIgnoreHTTPSCertificate): Ditto.
1448         (WebCore::certVerifyCallback): Ditto.
1449
1450         * platform/network/soup/ResourceHandleSoup.cpp: Made hash maps keyed by host names
1451         ASCII case-insensitive.
1452         (WebCore::allowsAnyHTTPSCertificateHosts): Ditto.
1453         (WebCore::handleUnignoredTLSErrors): Ditto.
1454         (WebCore::ResourceHandle::setHostAllowsAnyHTTPSCertificate): Ditto.
1455         (WebCore::ResourceHandle::setClientCertificate): Ditto.
1456
1457         * platform/text/LocaleToScriptMappingDefault.cpp: Made hash maps keyed by script
1458         names ASCII case-insensitive. USE WTF_ARRAY_LENGTH as appropriate.
1459         (WebCore::scriptNameToCode): Use modern style to initialize the map. Removed
1460         unnecessary lowercasing of the script name before looking at the map.
1461         (WebCore::localeToScriptCodeForFontSelection): Ditto.
1462
1463         * platform/text/win/LocaleWin.cpp:
1464         (WebCore::convertLocaleNameToLCID): Made map ASCII case-insensitive and removed
1465         unneeded lowercasing.
1466
1467         * platform/win/PasteboardWin.cpp:
1468         (WebCore::clipboardTypeFromMIMEType): Use equalLettersIgnoringASCIICase instead
1469         of lowercasing.
1470
1471         * rendering/RenderText.cpp:
1472         (WebCore::applyTextTransform): Use new names for the upper and lower functions.
1473
1474         * xml/XMLHttpRequest.cpp:
1475         (WebCore::XMLHttpRequest::responseIsXML): Remove unneeded lowercasing, since
1476         DOMImplementation now has ASCII case-insensitive handling of MIME types.
1477
1478 2016-02-06  Zalan Bujtas  <zalan@apple.com>
1479
1480         Outline should contribute to visual overflow.
1481         https://bugs.webkit.org/show_bug.cgi?id=153299
1482
1483         This patch eliminates the special outline handling (RenderView::setMaximalOutlineSize).
1484         Now that outline is part of visual overflow, we don't have to inflate the layers to accomodate
1485         outline borders.
1486         This patch fixes several focusring related repaint issues. However when both the outline: auto
1487         and the descendant renderer are composited, we still don't paint properly in certain cases. -not a regression.
1488         (Also when parent renderer has overflow: hidden repaint does not take outline into account. -regression.)
1489         It changes column behavior (see TestExpectations) since outline behaves now like any other visual overflow properties.
1490
1491         Reviewed by David Hyatt.
1492
1493         Test: fast/repaint/focus-ring-repaint.html
1494               fast/repaint/focus-ring-repaint-with-negative-offset.html
1495
1496         * css/html.css: resetting to old behavior.
1497         (:focus):
1498         (input:focus, textarea:focus, isindex:focus, keygen:focus, select:focus):
1499         * rendering/InlineFlowBox.cpp:
1500         (WebCore::InlineFlowBox::addToLine):
1501         (WebCore::InlineFlowBox::addOutlineVisualOverflow):
1502         (WebCore::InlineFlowBox::computeOverflow):
1503         (WebCore::InlineFlowBox::paint): Deleted.
1504         * rendering/InlineFlowBox.h:
1505         * rendering/RenderBlock.cpp:
1506         (WebCore::RenderBlock::computeOverflow):
1507         (WebCore::RenderBlock::outlineStyleForRepaint):
1508         (WebCore::RenderBlock::paint): Deleted.
1509         * rendering/RenderBlockFlow.cpp:
1510         (WebCore::RenderBlockFlow::layoutBlock): Deleted.
1511         (WebCore::RenderBlockFlow::addFocusRingRectsForInlineChildren): Deleted.
1512         * rendering/RenderBlockLineLayout.cpp:
1513         (WebCore::RenderBlockFlow::addOverflowFromInlineChildren):
1514         * rendering/RenderBox.cpp:
1515         (WebCore::RenderBox::addVisualEffectOverflow):
1516         (WebCore::RenderBox::applyVisualEffectOverflow):
1517         (WebCore::RenderBox::clippedOverflowRectForRepaint): Deleted.
1518         * rendering/RenderBoxModelObject.h:
1519         * rendering/RenderDetailsMarker.cpp:
1520         (WebCore::RenderDetailsMarker::paint): Deleted.
1521         * rendering/RenderElement.cpp:
1522         (WebCore::RenderElement::insertChildInternal):
1523         (WebCore::RenderElement::styleDidChange):
1524         (WebCore::RenderElement::repaintAfterLayoutIfNeeded):
1525         (WebCore::RenderElement::issueRepaintForOutlineAuto):
1526         (WebCore::RenderElement::updateOutlineAutoAncestor):
1527         (WebCore::RenderElement::computeMaxOutlineSize): Deleted.
1528         (WebCore::RenderElement::styleWillChange): Deleted.
1529         * rendering/RenderElement.h:
1530         (WebCore::RenderElement::hasContinuation):
1531         * rendering/RenderInline.cpp:
1532         (WebCore::RenderInline::paintOutlineForLine): Deleted.
1533         * rendering/RenderLayer.cpp:
1534         (WebCore::RenderLayer::calculateClipRects):
1535         * rendering/RenderLineBoxList.cpp:
1536         (WebCore::RenderLineBoxList::anyLineIntersectsRect):
1537         (WebCore::RenderLineBoxList::lineIntersectsDirtyRect):
1538         (WebCore::RenderLineBoxList::paint):
1539         (WebCore::isOutlinePhase): Deleted.
1540         * rendering/RenderLineBoxList.h:
1541         * rendering/RenderListBox.cpp:
1542         (WebCore::RenderListBox::computePreferredLogicalWidths):
1543         * rendering/RenderListMarker.cpp:
1544         (WebCore::RenderListMarker::paint): Deleted.
1545         * rendering/RenderObject.cpp:
1546         (WebCore::RenderObject::propagateRepaintToParentWithOutlineAutoIfNeeded): The renderer with outline: auto is responsible for
1547         painting focusring around the descendants. If we issued repaint only on the descendant when it changes,
1548         the focusring would not refresh properly. We have to find the ancestor with outline: auto, inflate the repaint rect and
1549         issue the repaint on the ancestor if we crossed repaint container.
1550  
1551         (WebCore::RenderObject::repaintUsingContainer):
1552         (WebCore::RenderObject::adjustRectForOutlineAndShadow):
1553         (WebCore::RenderObject::setHasOutlineAutoAncestor):
1554         (WebCore::RenderObject::adjustRectWithMaximumOutline): Deleted.
1555         
1556         * rendering/RenderObject.h: We mark the descendants of outline: auto so that
1557         when a child renderer changes we can propagate the repaint to the ancestor with outline.
1558
1559         (WebCore::RenderObject::hasOutlineAutoAncestor):
1560         (WebCore::RenderObject::RenderObjectRareData::RenderObjectRareData):
1561         * rendering/RenderRegion.cpp:
1562         (WebCore::RenderRegion::overflowRectForFlowThreadPortion):
1563         * rendering/RenderReplaced.cpp:
1564         (WebCore::RenderReplaced::shouldPaint): Deleted.
1565         (WebCore::RenderReplaced::clippedOverflowRectForRepaint): Deleted.
1566         * rendering/RenderTable.cpp:
1567         (WebCore::RenderTable::paint): Deleted.
1568         * rendering/RenderTableCell.cpp:
1569         (WebCore::RenderTableCell::clippedOverflowRectForRepaint): Deleted.
1570         (WebCore::RenderTableCell::paintCollapsedBorders): Deleted.
1571         * rendering/RenderTableRow.cpp:
1572         (WebCore::RenderTableRow::layout):
1573         (WebCore::RenderTableRow::clippedOverflowRectForRepaint): Deleted.
1574         * rendering/RenderTableSection.cpp:
1575         (WebCore::RenderTableSection::layoutRows):
1576         (WebCore::RenderTableSection::computeOverflowFromCells): Deleted.
1577         (WebCore::RenderTableSection::paintObject): Deleted.
1578         * rendering/RenderTheme.h:
1579         (WebCore::RenderTheme::platformFocusRingWidth):
1580         * rendering/RenderView.cpp:
1581         (WebCore::RenderView::setMaximalOutlineSize): Deleted.
1582         * rendering/RenderView.h:
1583         * rendering/style/RenderStyle.cpp:
1584         (WebCore::RenderStyle::changeAffectsVisualOverflow):
1585         (WebCore::RenderStyle::outlineWidth):
1586         * rendering/style/RenderStyle.h:
1587
1588 2016-02-06  Andreas Kling  <akling@apple.com>
1589
1590         [iOS] Throw away linked code when navigating to a new page.
1591         <https://webkit.org/b/153851>
1592
1593         Reviewed by Gavin Barraclough.
1594
1595         When navigating to a new page, tell JSC to throw out any linked code it has lying around.
1596         Linked code is tied to a specific global object, and as we're creating a new one for the
1597         new page, none of it is useful to us here.
1598
1599         In the event that the user navigates back, the cost of relinking some code will be far
1600         lower than the memory cost of keeping all of it around.
1601
1602         This landed previously but was rolled out due to a Speedometer regression. I've made one
1603         minor but important change here: only throw away code if we're navigating away from an
1604         existing history item. Or in other words, don't throw away code for "force peeks" or any
1605         other navigations that are not traditional top-level main frame navigations.
1606
1607         * bindings/js/GCController.cpp:
1608         (WebCore::GCController::deleteAllLinkedCode):
1609         * bindings/js/GCController.h:
1610         * loader/FrameLoader.cpp:
1611         (WebCore::FrameLoader::commitProvisionalLoad):
1612
1613 2016-02-06  Konstantin Tokarev  <annulen@yandex.ru>
1614
1615         Added implementations of AXObjectCache methods for !HAVE(ACCESSIBILITY).
1616         https://bugs.webkit.org/show_bug.cgi?id=153924
1617
1618         Reviewed by Andreas Kling.
1619
1620         No new tests needed.
1621
1622         * accessibility/AXObjectCache.h:
1623         (WebCore::AXObjectCache::ariaModalNode): Added stub implementation.
1624         (WebCore::AXObjectCache::postLiveRegionChangeNotification): Ditto.
1625         (WebCore::AXObjectCache::rangeForNodeContents): Ditto.
1626         (WebCore::AXObjectCache::setIsSynchronizingSelection): Ditto.
1627         (WebCore::AXObjectCache::setTextSelectionIntent): Ditto.
1628         (WebCore::AXAttributeCacheEnabler::AXAttributeCacheEnabler): Ditto.
1629         (WebCore::AXAttributeCacheEnabler::~AXAttributeCacheEnabler): Ditto.
1630
1631 2016-02-04  Antti Koivisto  <antti@apple.com>
1632
1633         Use scope stack instead of nested TreeResolvers for shadow trees
1634         https://bugs.webkit.org/show_bug.cgi?id=153893
1635
1636         Reviewed by Andreas Kling.
1637
1638         Make TreeResolver per-document. This is a step towards iterative style resolve.
1639
1640         This is done replacing use of nested TreeResolvers with a scope stack that maintains
1641         the style resolver and the selector filter for the current tree scope.
1642
1643         * style/StyleTreeResolver.cpp:
1644         (WebCore::Style::ensurePlaceholderStyle):
1645         (WebCore::Style::TreeResolver::Scope::Scope):
1646         (WebCore::Style::TreeResolver::TreeResolver):
1647         (WebCore::Style::shouldCreateRenderer):
1648         (WebCore::Style::TreeResolver::styleForElement):
1649         (WebCore::Style::TreeResolver::createRenderTreeForShadowRoot):
1650         (WebCore::Style::TreeResolver::createRenderTreeForSlotAssignees):
1651         (WebCore::Style::TreeResolver::createRenderTreeRecursively):
1652         (WebCore::Style::TreeResolver::resolveLocally):
1653         (WebCore::Style::TreeResolver::resolveShadowTree):
1654         (WebCore::Style::TreeResolver::resolveBeforeOrAfterPseudoElement):
1655         (WebCore::Style::TreeResolver::resolveChildren):
1656         (WebCore::Style::TreeResolver::resolveSlotAssignees):
1657         (WebCore::Style::TreeResolver::resolveRecursively):
1658         (WebCore::Style::TreeResolver::resolve):
1659         (WebCore::Style::detachRenderTree):
1660         * style/StyleTreeResolver.h:
1661         (WebCore::Style::TreeResolver::scope):
1662         (WebCore::Style::TreeResolver::pushScope):
1663         (WebCore::Style::TreeResolver::pushEnclosingScope):
1664         (WebCore::Style::TreeResolver::popScope):
1665
1666 2016-02-06  Commit Queue  <commit-queue@webkit.org>
1667
1668         Unreviewed, rolling out r196104.
1669         https://bugs.webkit.org/show_bug.cgi?id=153940
1670
1671         Regressed Speedometer on iOS (Requested by kling on #webkit).
1672
1673         Reverted changeset:
1674
1675         "[iOS] Throw away linked code when navigating to a new page."
1676         https://bugs.webkit.org/show_bug.cgi?id=153851
1677         http://trac.webkit.org/changeset/196104
1678
1679 2016-02-05  Beth Dakin  <bdakin@apple.com>
1680
1681         ScrollbarPainters needs to be deallocated on the main thread
1682         https://bugs.webkit.org/show_bug.cgi?id=153932
1683         -and corresponding-
1684         rdar://problem/24015483
1685
1686         Reviewed by Geoff Garen.
1687
1688         Follow-up fix since the first one was still race-y.
1689         * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
1690         (WebCore::ScrollingTreeFrameScrollingNodeMac::~ScrollingTreeFrameScrollingNodeMac):
1691         (WebCore::ScrollingTreeFrameScrollingNodeMac::updateBeforeChildren):
1692
1693 2016-02-05  Beth Dakin  <bdakin@apple.com>
1694
1695         ScrollbarPainters needs to be deallocated on the main thread
1696         https://bugs.webkit.org/show_bug.cgi?id=153932
1697         -and corresponding-
1698         rdar://problem/24015483
1699
1700         Reviewed by Tim Horton.
1701
1702         Ensure the the destructor of ScrollingTreeFrameScrollingNodeMac and the 
1703         assignments done in this class are not responsible for deallocating the 
1704         ScrollbarPainter. 
1705         * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
1706         (WebCore::ScrollingTreeFrameScrollingNodeMac::~ScrollingTreeFrameScrollingNodeMac):
1707         (WebCore::ScrollingTreeFrameScrollingNodeMac::updateBeforeChildren):
1708
1709 2016-02-05  Chris Dumez  <cdumez@apple.com>
1710
1711         Instance property getters / setters cannot be called on another instance of the same type
1712         https://bugs.webkit.org/show_bug.cgi?id=153895
1713
1714         Reviewed by Gavin Barraclough.
1715
1716         It should be possible to call instance property getters / setters on
1717         other instances of the same type, as per the WEB IDL specification:
1718         - http://heycam.github.io/webidl/#dfn-attribute-getter
1719         - http://heycam.github.io/webidl/#dfn-attribute-setter
1720
1721         This matches the behavior of Firefox.
1722
1723         The issue without our bindings was that the getters / setters were
1724         using |slotBase| instead of |thisValue| and therefore ended up using
1725         the instance the getter was taken from instead of the actual target
1726         object.
1727
1728         Test:
1729         js/instance-property-getter-other-instance.html
1730         js/instance-property-setter-other-instance.html
1731
1732         * bindings/scripts/CodeGeneratorJS.pm:
1733         (GenerateImplementation):
1734         - Have instance getters / setters use thisValue instead of slotBase.
1735         - In the case of interfaces that have attributes on the instance for
1736           compatibility reasons, try the prototype object if |thisValue| does
1737           does have the right type, instead of using slotBase like previously.
1738           I believe this maintains the original compatibility intention while
1739           also behaving correctly when called on another instance.
1740
1741         * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
1742         * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
1743         * bindings/scripts/test/JS/JSTestException.cpp:
1744         * bindings/scripts/test/JS/JSTestInterface.cpp:
1745         * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
1746         * bindings/scripts/test/JS/JSTestNode.cpp:
1747         * bindings/scripts/test/JS/JSTestNondeterministic.cpp:
1748         * bindings/scripts/test/JS/JSTestObj.cpp:
1749         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
1750         * bindings/scripts/test/JS/JSTestTypedefs.cpp:
1751         * bindings/scripts/test/JS/JSattribute.cpp:
1752         Rebaseline bindings tests.
1753
1754 2016-02-05  Brady Eidson  <beidson@apple.com>
1755
1756         Modern IDB: UniqueIDBDatabase's m_databaseInfo is unsafely used from multiple threads.
1757         https://bugs.webkit.org/show_bug.cgi?id=153912
1758
1759         Reviewed by Alex Christensen.
1760
1761         No new tests (Anything testable about this patch is already covered by existing tests).
1762
1763         * Modules/indexeddb/server/IDBBackingStore.h:
1764
1765         * Modules/indexeddb/server/MemoryIDBBackingStore.cpp:
1766         (WebCore::IDBServer::MemoryIDBBackingStore::infoForObjectStore):
1767         * Modules/indexeddb/server/MemoryIDBBackingStore.h:
1768
1769         Teach the SQLiteIDBBackingStore to actually keep its m_databaseInfo up to date as it changes,
1770         and to revert it when version change transactions abort:
1771         * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
1772         (WebCore::IDBServer::SQLiteIDBBackingStore::beginTransaction):
1773         (WebCore::IDBServer::SQLiteIDBBackingStore::abortTransaction):
1774         (WebCore::IDBServer::SQLiteIDBBackingStore::commitTransaction):
1775         (WebCore::IDBServer::SQLiteIDBBackingStore::createObjectStore):
1776         (WebCore::IDBServer::SQLiteIDBBackingStore::deleteObjectStore):
1777         (WebCore::IDBServer::SQLiteIDBBackingStore::createIndex):
1778         (WebCore::IDBServer::SQLiteIDBBackingStore::deleteIndex):
1779         (WebCore::IDBServer::SQLiteIDBBackingStore::infoForObjectStore):
1780         * Modules/indexeddb/server/SQLiteIDBBackingStore.h:
1781
1782         * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
1783         (WebCore::IDBServer::UniqueIDBDatabase::performPutOrAdd): Use the IDBBackingStore's copy of the 
1784           IDBObjectStoreInfo, meant only for the database thread, instead of the UniqueIDBDatabase's copy, 
1785           which is meant only for the main thread.
1786
1787 2016-02-05  Alex Christensen  <achristensen@webkit.org>
1788
1789         Clean up Blob code
1790         https://bugs.webkit.org/show_bug.cgi?id=153910
1791
1792         Reviewed by Alexey Proskuryakov.
1793
1794         No new tests, no change in behavior.
1795
1796         * css/StyleSheet.h:
1797         * fileapi/Blob.cpp:
1798         (WebCore::Blob::Blob):
1799         (WebCore::Blob::normalizedContentType):
1800         (WebCore::Blob::isNormalizedContentType):
1801         (WebCore::Blob::registry):
1802         * fileapi/Blob.h:
1803         * fileapi/BlobURL.cpp:
1804         (WebCore::BlobURL::createPublicURL):
1805         * fileapi/BlobURL.h:
1806         (WebCore::BlobURL::BlobURL):
1807         (WebCore::BlobURL::blobProtocol): Deleted.
1808         * platform/PlatformStrategies.cpp:
1809         (WebCore::setPlatformStrategies):
1810         (WebCore::hasPlatformStrategies): Deleted.
1811         * platform/PlatformStrategies.h:
1812         * platform/network/BlobRegistry.cpp:
1813         (WebCore::blobRegistry):
1814         * platform/network/BlobRegistry.h:
1815         * platform/network/BlobRegistryImpl.cpp:
1816         (WebCore::BlobRegistryImpl::~BlobRegistryImpl):
1817         (WebCore::createResourceHandle):
1818         (WebCore::registerBlobResourceHandleConstructor):
1819         (WebCore::BlobRegistryImpl::createResourceHandle):
1820         (WebCore::BlobRegistryImpl::appendStorageItems):
1821         (WebCore::BlobRegistryImpl::registerFileBlobURL):
1822         (WebCore::BlobRegistryImpl::registerBlobURL):
1823         * platform/network/BlobRegistryImpl.h:
1824         * platform/network/BlobResourceHandle.cpp:
1825         (WebCore::BlobResourceHandle::loadResourceSynchronously):
1826         (WebCore::BlobResourceHandle::BlobResourceHandle):
1827         * platform/network/ResourceHandle.h:
1828
1829 2016-02-05  Carlos Garcia Campos  <cgarcia@igalia.com>
1830
1831         [GTK] Scrollbars incorrectly rendered with older versions of GTK+
1832         https://bugs.webkit.org/show_bug.cgi?id=153861
1833
1834         Reviewed by Michael Catanzaro.
1835
1836         The theme doesn't really know it's a scrollbar. Older versions of
1837         GTK+ require to explicitly add the scrollbar style class to the
1838         child GtkStyleContext.
1839
1840         * platform/gtk/ScrollbarThemeGtk.cpp:
1841         (WebCore::createChildStyleContext):
1842
1843 2016-02-05  Carlos Garcia Campos  <cgarcia@igalia.com>
1844
1845         [GTK] Scrollbars not correctly rendered in non GNOME environments
1846         https://bugs.webkit.org/show_bug.cgi?id=153860
1847
1848         Reviewed by Michael Catanzaro.
1849
1850         I noticed this in a matchbox environment, where there's no
1851         gnome-setting-daemon running. The problem is only with the
1852         scrollbars, because we initialize the GtkSettings in
1853         RenderThemeGtk and notify the ScrollbarTheme when it changes, but
1854         ScrollbarTheme is created before RenderThemeGtk so we initialize
1855         the theme properties before the GtkSettings have been
1856         initialized. We can just let the ScrollbarTheme monitor the
1857         theme itself instead of relying on being notified by the WebCore
1858         layer.
1859
1860         * platform/gtk/ScrollbarThemeGtk.cpp:
1861         (WebCore::themeChangedCallback):
1862         (WebCore::ScrollbarThemeGtk::ScrollbarThemeGtk):
1863         * rendering/RenderThemeGtk.cpp:
1864         (WebCore::gtkStyleChangedCallback): Deleted.
1865
1866 2016-02-05  Youenn Fablet  <youenn.fablet@crf.canon.fr>
1867
1868         Remove DOMWrapped parameter from JSKeyValueIterator
1869         https://bugs.webkit.org/show_bug.cgi?id=153859
1870
1871         Reviewed by Sam Weinig.
1872
1873         No change in behavior.
1874
1875         Using std::declval to infer DOMWrapped from JSWrapper::wrapped.
1876
1877         * bindings/js/JSFetchHeadersCustom.cpp:
1878         (WebCore::JSFetchHeaders::entries):
1879         (WebCore::JSFetchHeaders::keys):
1880         (WebCore::JSFetchHeaders::values):
1881         * bindings/js/JSKeyValueIterator.h:
1882         (WebCore::createIterator):
1883         (WebCore::JSKeyValueIterator<JSWrapper>::destroy):
1884         (WebCore::JSKeyValueIterator<JSWrapper>::next):
1885         (WebCore::JSKeyValueIteratorPrototypeFunctionNext):
1886         (WebCore::JSKeyValueIteratorPrototype<JSWrapper>::finishCreation):
1887
1888 2016-02-05  Nan Wang  <n_wang@apple.com>
1889
1890         AX: WebKit hanging when VoiceOver attempts to focus in on page
1891         https://bugs.webkit.org/show_bug.cgi?id=153899
1892         <rdar://problem/24506603>
1893
1894         Reviewed by Chris Fleizach.
1895
1896         The VisiblePosition to CharacterOffset conversion will lead to an infinite loop if the
1897         nextVisiblePostion call is returning the original VisiblePosition. Fixed it by breaking out
1898         of the loop early in that situation. 
1899
1900         Test: accessibility/text-marker/character-offset-visible-position-conversion-hang.html
1901
1902         * accessibility/AXObjectCache.cpp:
1903         (WebCore::AXObjectCache::characterOffsetFromVisiblePosition):
1904
1905 2016-02-04  Joseph Pecoraro  <pecoraro@apple.com>
1906
1907         Web Inspector: InspectorTimelineAgent doesn't need to recompile functions because it now uses the sampling profiler
1908         https://bugs.webkit.org/show_bug.cgi?id=153500
1909         <rdar://problem/24352458>
1910
1911         Reviewed by Timothy Hatcher.
1912
1913         * bindings/js/JSDOMWindowBase.cpp:
1914         (WebCore::JSDOMWindowBase::supportsLegacyProfiling):
1915         (WebCore::JSDOMWindowBase::supportsRichSourceInfo):
1916         (WebCore::JSDOMWindowBase::supportsProfiling): Deleted.
1917         * bindings/js/JSDOMWindowBase.h:
1918         * bindings/js/JSWorkerGlobalScopeBase.cpp:
1919         (WebCore::JSWorkerGlobalScopeBase::supportsLegacyProfiling):
1920         (WebCore::JSWorkerGlobalScopeBase::supportsProfiling): Deleted.
1921         * bindings/js/JSWorkerGlobalScopeBase.h:
1922         * inspector/InspectorController.h:
1923         * inspector/InspectorController.cpp:
1924         (WebCore::InspectorController::legacyProfilerEnabled):
1925         (WebCore::InspectorController::setLegacyProfilerEnabled):
1926         Be more explicit about enabling legacy profiling.
1927
1928         * inspector/InspectorTimelineAgent.cpp:
1929         (WebCore::InspectorTimelineAgent::willDestroyFrontendAndBackend):
1930         (WebCore::InspectorTimelineAgent::didCreateFrontendAndBackend): Deleted.
1931         TimelineAgent doesn't need to recompile if using the sampling profiler.
1932         This breaks console.profile, but console.profile should move to using
1933         the sampling profiler as well.
1934
1935         (WebCore::InspectorTimelineAgent::startFromConsole):
1936         (WebCore::InspectorTimelineAgent::stopFromConsole):
1937         (WebCore::startProfiling): Deleted.
1938         (WebCore::stopProfiling): Deleted.
1939         Inlined the use once static functions.
1940
1941         * page/PageConsoleClient.cpp:
1942         (WebCore::PageConsoleClient::profile):
1943         (WebCore::PageConsoleClient::profileEnd):
1944         Added FIXMEs for improving console.profile and profileEnd.
1945
1946         * testing/Internals.cpp:
1947         (WebCore::Internals::resetToConsistentState):
1948         (WebCore::Internals::setLegacyJavaScriptProfilingEnabled):
1949         (WebCore::Internals::setJavaScriptProfilingEnabled): Deleted.
1950         * testing/Internals.h:
1951         * testing/Internals.idl:
1952         Be more explicit about enabling legacy profiling.
1953
1954 2016-02-04  Brent Fulgham  <bfulgham@apple.com>
1955
1956         Follow-up: Add "WebKit built-in PDF" Plugin to set of publicly visible plugins
1957         https://bugs.webkit.org/show_bug.cgi?id=153657
1958         <rdar://problem/24413107>
1959
1960         Reviewed by Darin Adler.
1961
1962         * plugins/PluginData.cpp:
1963         (WebCore::shouldBePubliclyVisible): Revise comments to provide a
1964         better explanation of the function and why it exists.
1965
1966 2016-02-04  Jonathan Davis  <jond@apple.com>
1967
1968         Add Fetch API and CSS Variables to feature status
1969         https://bugs.webkit.org/show_bug.cgi?id=153896
1970
1971         Reviewed by Timothy Hatcher.
1972
1973         * features.json:
1974
1975 2016-02-04  Daniel Bates  <dabates@apple.com>
1976
1977         WebKit for iOS Simulator fails to build with public iOS SDK
1978         https://bugs.webkit.org/show_bug.cgi?id=153881
1979
1980         Reviewed by Alex Christensen.
1981
1982         Make constants have internal linkage to match the Apple Internal SDK.
1983
1984         * platform/spi/ios/MobileGestaltSPI.h:
1985
1986 2016-02-04  Chris Dumez  <cdumez@apple.com>
1987
1988         Object.getOwnPropertyDescriptor() returns incomplete descriptor for instance properties
1989         https://bugs.webkit.org/show_bug.cgi?id=153817
1990
1991         Reviewed by Geoffrey Garen.
1992
1993         Update the bindings generator so that property getters / setters now
1994         make sure |this| has the right type and throw a TypeError if it does
1995         not, as per:
1996         - http://heycam.github.io/webidl/#dfn-attribute-getter (step 2.4.2)
1997         - http://heycam.github.io/webidl/#dfn-attribute-setter (step 3.5)
1998
1999         This was an issue when doing something like:
2000         Object.getOwnPropertyDescriptor(window, "location").get.call(nonWindow)
2001
2002         We would call toJSDOMWindow(thisValue), which would return null as
2003         thisValue is not a JSDOMWindow. We would then dereference this null
2004         pointer and crash. We now do a null check and throw a TypeError in
2005         this case, as per the Web IDL specification.
2006
2007         The generated bindings still have some non-spec compliant behavior
2008         though:
2009         1. The getters / setters of instance properties use slotBase instead
2010            of thisValue, which means that calling instanceA's getter on
2011            instanceB returns instanceA's property insteas of instanceB's.
2012         2. Global object property getters should not require an explicit
2013            |this| so calling the following should work:
2014            - Object.getOwnPropertyDescriptor(window, "location").get.call()
2015            We currently throw in this case.
2016
2017         These issues will be addressed in follow-up patches.
2018
2019         Tests: js/getOwnPropertyDescriptor-unforgeable-attributes.html
2020                js/getOwnPropertyDescriptor-window-attributes.html
2021                js/instance-property-getter-other-instance.html
2022
2023         * bindings/scripts/CodeGeneratorJS.pm:
2024         (GenerateImplementation):
2025         * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
2026         (WebCore::jsTestActiveDOMObjectExcitingAttr):
2027         * bindings/scripts/test/JS/JSTestException.cpp:
2028         (WebCore::jsTestExceptionName):
2029         * bindings/scripts/test/JS/JSTestObj.cpp:
2030         (WebCore::jsTestObjConstructorTestSubObj):
2031         (WebCore::jsTestObjTestSubObjEnabledBySettingConstructor):
2032         (WebCore::jsTestObjConditionalAttr4Constructor):
2033         (WebCore::jsTestObjConditionalAttr5Constructor):
2034         (WebCore::jsTestObjConditionalAttr6Constructor):
2035         (WebCore::jsTestObjContentDocument):
2036         (WebCore::setJSTestObjTestSubObjEnabledBySettingConstructor):
2037         (WebCore::setJSTestObjConditionalAttr4Constructor):
2038         (WebCore::setJSTestObjConditionalAttr5Constructor):
2039         (WebCore::setJSTestObjConditionalAttr6Constructor):
2040         (WebCore::setJSTestObjConstructor): Deleted.
2041         (WebCore::setJSTestObjConstructorStaticStringAttr): Deleted.
2042         (WebCore::setJSTestObjConditionalAttr3): Deleted.
2043         * bindings/scripts/test/JS/JSTestTypedefs.cpp:
2044         (WebCore::jsTestTypedefsConstructorTestSubObj):
2045
2046 2016-02-04  Brady Eidson  <beidson@apple.com>
2047
2048         Modern IDB: LayoutTest imported/w3c/indexeddb/keyorder-private.html is flaky.
2049         https://bugs.webkit.org/show_bug.cgi?id=153438.
2050
2051         Reviewed by Alex Christensen.
2052
2053         Tests: storage/indexeddb/modern/idbkey-array-equality-private.html
2054                storage/indexeddb/modern/idbkey-array-equality.html
2055
2056         * Modules/indexeddb/IDBKeyData.cpp:
2057         (WebCore::IDBKeyData::loggingString):
2058         (WebCore::IDBKeyData::operator==): Fix obvious bug.
2059
2060 2016-02-04  Chris Dumez  <cdumez@apple.com>
2061
2062         Unreviewed, fix the EFL clean build after r196123
2063         https://bugs.webkit.org/show_bug.cgi?id=153875
2064
2065         * CMakeLists.txt:
2066         * PlatformGTK.cmake:
2067         * PlatformMac.cmake:
2068         * html/DOMSettableTokenList.h:
2069         * html/DOMSettableTokenList.idl:
2070
2071 2016-02-04  Eric Carlson  <eric.carlson@apple.com>
2072
2073         PageGroup::captionPreferences should return a reference
2074         https://bugs.webkit.org/show_bug.cgi?id=153877
2075         <rdar://problem/24506917>
2076
2077         Reviewed by Jer Noble.
2078
2079         No new tests, no functional change.
2080
2081         * Modules/mediacontrols/MediaControlsHost.cpp:
2082         (WebCore::MediaControlsHost::sortedTrackListForMenu):
2083         (WebCore::MediaControlsHost::displayNameForTrack):
2084         (WebCore::MediaControlsHost::captionMenuOffItem):
2085         (WebCore::MediaControlsHost::captionDisplayMode):
2086         * dom/Document.cpp:
2087         (WebCore::Document::registerForCaptionPreferencesChangedCallbacks):
2088         * html/HTMLMediaElement.cpp:
2089         (WebCore::HTMLMediaElement::HTMLMediaElement):
2090         (WebCore::HTMLMediaElement::addTextTrack):
2091         (WebCore::HTMLMediaElement::configureTextTrackGroup):
2092         (WebCore::HTMLMediaElement::setSelectedTextTrack):
2093         (WebCore::HTMLMediaElement::configureTextTracks):
2094         (WebCore::HTMLMediaElement::captionPreferencesChanged):
2095         (WebCore::HTMLMediaElement::mediaPlayerPreferredAudioCharacteristics):
2096         * html/shadow/MediaControlElements.cpp:
2097         (WebCore::MediaControlClosedCaptionsTrackListElement::updateDisplay):
2098         (WebCore::MediaControlClosedCaptionsTrackListElement::rebuildTrackListMenu):
2099         (WebCore::MediaControlTextTrackContainerElement::updateActiveCuesFontSize):
2100         * page/PageGroup.cpp:
2101         (WebCore::PageGroup::captionPreferencesChanged):
2102         (WebCore::PageGroup::captionPreferences):
2103         * page/PageGroup.h:
2104         * platform/cocoa/WebVideoFullscreenModelVideoElement.mm:
2105         (WebVideoFullscreenModelVideoElement::updateLegibleOptions):
2106         * testing/InternalSettings.cpp:
2107         (WebCore::InternalSettings::setShouldDisplayTrackKind):
2108         (WebCore::InternalSettings::shouldDisplayTrackKind):
2109         * testing/Internals.cpp:
2110         (WebCore::Internals::resetToConsistentState):
2111         (WebCore::Internals::Internals):
2112         (WebCore::Internals::userPreferredAudioCharacteristics):
2113         (WebCore::Internals::setUserPreferredAudioCharacteristic):
2114         (WebCore::Internals::captionsStyleSheetOverride):
2115         (WebCore::Internals::setCaptionsStyleSheetOverride):
2116         (WebCore::Internals::setPrimaryAudioTrackLanguageOverride):
2117         (WebCore::Internals::setCaptionDisplayMode):
2118
2119 2016-02-04  Konstantin Tokarev  <annulen@yandex.ru>
2120
2121         Removed unused Settings::setPrivateBrowsingEnabled.
2122         https://bugs.webkit.org/show_bug.cgi?id=153869
2123
2124         Reviewed by Alexey Proskuryakov.
2125
2126         Implementation of Settings::setPrivateBrowsingEnabled was removed
2127         in r166661, but declaration is still here.
2128
2129         No new tests needed.
2130
2131         * page/Settings.h:
2132         (WebCore::Settings::setPrivateBrowsingEnabled): Deleted.
2133
2134 2016-02-04  Eric Carlson  <eric.carlson@apple.com>
2135
2136         Don't discard in-band cues with negative start times
2137         https://bugs.webkit.org/show_bug.cgi?id=153867
2138         <rdar://problem/19588632>
2139
2140         Reviewed by Jer Noble.
2141
2142         No new tests, updated and un-skipped http/tests/media/track-in-band-hls-metadata.html.
2143
2144         * platform/graphics/avfoundation/InbandMetadataTextTrackPrivateAVF.cpp:
2145         (WebCore::InbandMetadataTextTrackPrivateAVF::addDataCue):  ASSERT if passed negative time value.
2146         (WebCore::InbandMetadataTextTrackPrivateAVF::updatePendingCueEndTimes): Ditto. Correct logging.
2147
2148         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
2149         (WebCore::MediaPlayerPrivateAVFoundationObjC::processCue): ASSERT if passed negative time value.
2150         (WebCore::MediaPlayerPrivateAVFoundationObjC::metadataDidArrive): Convert negative cue times to zero.
2151         (-[WebCoreAVFMovieObserver legibleOutput:didOutputAttributedStrings:nativeSampleBuffers:forItemTime:]):
2152           Ditto.
2153
2154 2016-02-04  Hyemi Shin  <hyemi.sin@samsung.com>
2155
2156         Specify an exception for createChannelMerger, createChannelSplitter and createPeriodicWave
2157         https://bugs.webkit.org/show_bug.cgi?id=150925
2158
2159         Reviewed by Darin Adler.
2160
2161         createChannelMerger and createChannelSplitter should throw INDEX_SIZE_ERR
2162         for invalid numberOfInputs value.
2163         createPeriodicWave should throw INDEX_SIZE_ERR for invalid lengths of parameters.
2164
2165         Tests: webaudio/audiochannelmerger-basic.html
2166                webaudio/audiochannelsplitter.html
2167                webaudio/periodicwave-lengths.html
2168
2169         * Modules/webaudio/AudioContext.cpp:
2170         (WebCore::AudioContext::createChannelSplitter):
2171         (WebCore::AudioContext::createChannelMerger):
2172         (WebCore::AudioContext::createPeriodicWave):
2173
2174 2016-02-04  Youenn Fablet  <youenn.fablet@crf.canon.fr>
2175
2176         [Fetch API] Add support for iterating over Headers
2177         https://bugs.webkit.org/show_bug.cgi?id=153787
2178
2179         Reviewed by Darin Adler.
2180
2181         Relanding, updating bindings/js/JSKeyValueIterator.h for Windows bots.
2182
2183         Covered by updated tests.
2184         Introducing template class (JSKeyValueIterator) to support key-value iterators in DOM classes.
2185         Using JSKeyValueIterator to implement Headers entries(), keys() and values() as custom methods.
2186         Binding generator should be updated to generate directly these custom methods and handle iterator Symbol.
2187
2188         * CMakeLists.txt:
2189         * Modules/fetch/FetchHeaders.cpp:
2190         (WebCore::FetchHeaders::Iterator::next):
2191         (WebCore::FetchHeaders::Iterator::Iterator):
2192         * Modules/fetch/FetchHeaders.h:
2193         (WebCore::FetchHeaders::createIterator):
2194         * Modules/fetch/FetchHeaders.idl:
2195         * WebCore.xcodeproj/project.pbxproj:
2196         * bindings/js/JSBindingsAllInOne.cpp:
2197         * bindings/js/JSDOMBinding.h:
2198         (WebCore::jsPair):
2199         * bindings/js/JSFetchHeadersCustom.cpp: Added.
2200         (WebCore::JSFetchHeaders::entries):
2201         (WebCore::JSFetchHeaders::keys):
2202         (WebCore::JSFetchHeaders::values):
2203         * bindings/js/JSKeyValueIterator.h: Added.
2204         (WebCore::JSKeyValueIteratorPrototype::create):
2205         (WebCore::JSKeyValueIteratorPrototype::createStructure):
2206         (WebCore::JSKeyValueIteratorPrototype::JSKeyValueIteratorPrototype):
2207         (WebCore::createIterator):
2208         (WebCore::DOMWrapped>::destroy):
2209         (WebCore::DOMWrapped>::next):
2210         (WebCore::DOMWrapped>::finishCreation):
2211
2212 2016-02-04  Chris Dumez  <cdumez@apple.com>
2213
2214         Merge DOMTokenList and DOMSettableTokenList
2215         https://bugs.webkit.org/show_bug.cgi?id=153677
2216         <rdar://problem/24419675>
2217
2218         Reviewed by Sam Weinig.
2219
2220         Merge DOMTokenList and DOMSettableTokenList, as per a recent
2221         specification change:
2222         - https://github.com/whatwg/dom/pull/120
2223         - https://github.com/whatwg/html/issues/361
2224
2225         No new tests, already covered by existing tests.
2226
2227         * CMakeLists.txt:
2228         * DerivedSources.cpp:
2229         * WebCore.vcxproj/WebCore.vcxproj:
2230         * WebCore.vcxproj/WebCore.vcxproj.filters:
2231         * WebCore.xcodeproj/project.pbxproj:
2232         * dom/Element.idl:
2233         * dom/Node.h:
2234         * dom/NodeRareData.h:
2235         * html/AttributeDOMTokenList.h:
2236         * html/DOMSettableTokenList.cpp: Removed.
2237         * html/DOMSettableTokenList.h:
2238         * html/DOMSettableTokenList.idl:
2239         * html/DOMTokenList.cpp:
2240         (WebCore::DOMTokenList::setValue):
2241         * html/DOMTokenList.h:
2242         * html/DOMTokenList.idl:
2243         * html/HTMLAnchorElement.idl:
2244         * html/HTMLAreaElement.idl:
2245         * html/HTMLElement.cpp:
2246         * html/HTMLElement.idl:
2247         * html/HTMLIFrameElement.cpp:
2248         (WebCore::HTMLIFrameElement::sandbox):
2249         * html/HTMLIFrameElement.h:
2250         * html/HTMLIFrameElement.idl:
2251         * html/HTMLLinkElement.cpp:
2252         (WebCore::HTMLLinkElement::sizes):
2253         * html/HTMLLinkElement.h:
2254         * html/HTMLLinkElement.idl:
2255         * html/HTMLOutputElement.cpp:
2256         (WebCore::HTMLOutputElement::htmlFor):
2257         * html/HTMLOutputElement.h:
2258         * html/HTMLOutputElement.idl:
2259         * html/HTMLTableCellElement.idl:
2260         * page/DOMWindow.cpp:
2261         * page/DOMWindow.idl:
2262
2263 2016-02-04  Youenn Fablet  <youenn.fablet@crf.canon.fr>
2264
2265         Unreviewed.
2266         Reverting r196115 and r19116, related tohttps://bugs.webkit.org/show_bug.cgi?id=153787.
2267
2268 2016-02-04  Alejandro G. Castro  <alex@igalia.com>
2269
2270         [GTK] Implement mediastream mediaplayer
2271         https://bugs.webkit.org/show_bug.cgi?id=153541
2272
2273         Reviewed by Martin Robinson.
2274
2275         Added the implementation of the mediaplayer for the
2276         mediastream. The code was implemented by Philippe Normand and
2277         Alessandro Decina.
2278
2279         * PlatformGTK.cmake: Added the file to the compilation.
2280         * html/HTMLMediaElement.cpp:
2281         (WebCore::HTMLMediaElement::setSrcObject): Set the src of the
2282         media element to the mediastream.
2283         * platform/graphics/MediaPlayer.cpp:
2284         (WebCore::buildMediaEnginesVector): Register the mediastream
2285         mediaplayer as an option in the media engines vector.
2286         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerOwr.cpp: Added.
2287         (WebCore::MediaPlayerPrivateGStreamerOwr::MediaPlayerPrivateGStreamerOwr):
2288         (WebCore::MediaPlayerPrivateGStreamerOwr::~MediaPlayerPrivateGStreamerOwr):
2289         (WebCore::MediaPlayerPrivateGStreamerOwr::play):
2290         (WebCore::MediaPlayerPrivateGStreamerOwr::pause):
2291         (WebCore::MediaPlayerPrivateGStreamerOwr::hasVideo):
2292         (WebCore::MediaPlayerPrivateGStreamerOwr::hasAudio):
2293         (WebCore::MediaPlayerPrivateGStreamerOwr::currentTime):
2294         (WebCore::MediaPlayerPrivateGStreamerOwr::load):
2295         (WebCore::MediaPlayerPrivateGStreamerOwr::loadingFailed):
2296         (WebCore::MediaPlayerPrivateGStreamerOwr::didLoadingProgress):
2297         (WebCore::MediaPlayerPrivateGStreamerOwr::internalLoad):
2298         (WebCore::MediaPlayerPrivateGStreamerOwr::stop):
2299         (WebCore::MediaPlayerPrivateGStreamerOwr::registerMediaEngine):
2300         (WebCore::MediaPlayerPrivateGStreamerOwr::getSupportedTypes):
2301         (WebCore::MediaPlayerPrivateGStreamerOwr::supportsType):
2302         (WebCore::MediaPlayerPrivateGStreamerOwr::isAvailable):
2303         (WebCore::MediaPlayerPrivateGStreamerOwr::createGSTAudioSinkBin):
2304         (WebCore::MediaPlayerPrivateGStreamerOwr::sourceStopped):
2305         (WebCore::MediaPlayerPrivateGStreamerOwr::sourceMutedChanged):
2306         (WebCore::MediaPlayerPrivateGStreamerOwr::sourceSettingsChanged):
2307         (WebCore::MediaPlayerPrivateGStreamerOwr::preventSourceFromStopping):
2308         (WebCore::MediaPlayerPrivateGStreamerOwr::createVideoSink):
2309         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerOwr.h: Added.
2310         (WebCore::MediaPlayerPrivateGStreamerOwr::engineDescription):
2311         (WebCore::MediaPlayerPrivateGStreamerOwr::load):
2312         (WebCore::MediaPlayerPrivateGStreamerOwr::cancelLoad):
2313         (WebCore::MediaPlayerPrivateGStreamerOwr::prepareToPlay):
2314         (WebCore::MediaPlayerPrivateGStreamerOwr::duration):
2315         (WebCore::MediaPlayerPrivateGStreamerOwr::seek):
2316         (WebCore::MediaPlayerPrivateGStreamerOwr::seeking):
2317         (WebCore::MediaPlayerPrivateGStreamerOwr::setRate):
2318         (WebCore::MediaPlayerPrivateGStreamerOwr::setPreservesPitch):
2319         (WebCore::MediaPlayerPrivateGStreamerOwr::paused):
2320         (WebCore::MediaPlayerPrivateGStreamerOwr::hasClosedCaptions):
2321         (WebCore::MediaPlayerPrivateGStreamerOwr::setClosedCaptionsVisible):
2322         (WebCore::MediaPlayerPrivateGStreamerOwr::maxTimeSeekable):
2323         (WebCore::MediaPlayerPrivateGStreamerOwr::buffered):
2324         (WebCore::MediaPlayerPrivateGStreamerOwr::totalBytes):
2325         (WebCore::MediaPlayerPrivateGStreamerOwr::bytesLoaded):
2326         (WebCore::MediaPlayerPrivateGStreamerOwr::canLoadPoster):
2327         (WebCore::MediaPlayerPrivateGStreamerOwr::setPoster):
2328         (WebCore::MediaPlayerPrivateGStreamerOwr::isLiveStream):
2329         (WebCore::MediaPlayerPrivateGStreamerOwr::audioSink):
2330
2331 2016-02-04  Youenn Fablet  <youenn.fablet@crf.canon.fr>
2332
2333         [Fetch API] Add support for iterating over Headers
2334         https://bugs.webkit.org/show_bug.cgi?id=153787
2335
2336         Reviewed by Darin Adler.
2337
2338         Covered by updated tests.
2339         Introducing template class (JSKeyValueIterator) to support key-value iterators in DOM classes.
2340         Using JSKeyValueIterator to implement Headers entries(), keys() and values() as custom methods.
2341         Binding generator should be updated to generate directly these custom methods and handle iterator Symbol.
2342
2343         * CMakeLists.txt:
2344         * Modules/fetch/FetchHeaders.cpp:
2345         (WebCore::FetchHeaders::Iterator::next):
2346         (WebCore::FetchHeaders::Iterator::Iterator):
2347         * Modules/fetch/FetchHeaders.h:
2348         (WebCore::FetchHeaders::createIterator):
2349         * Modules/fetch/FetchHeaders.idl:
2350         * WebCore.xcodeproj/project.pbxproj:
2351         * bindings/js/JSDOMBinding.h:
2352         (WebCore::jsPair):
2353         * bindings/js/JSBindingsAllInOne.cpp:
2354         * bindings/js/JSFetchHeadersCustom.cpp: Added.
2355         (WebCore::JSFetchHeaders::entries):
2356         (WebCore::JSFetchHeaders::keys):
2357         (WebCore::JSFetchHeaders::values):
2358         * bindings/js/JSKeyValueIterator.h: Added.
2359         (WebCore::JSKeyValueIteratorPrototype::create):
2360         (WebCore::JSKeyValueIteratorPrototype::createStructure):
2361         (WebCore::JSKeyValueIteratorPrototype::JSKeyValueIteratorPrototype):
2362         (WebCore::JSKeyValueIteratorPrototypeFuncNext):
2363
2364 2016-02-03  Carlos Garcia Campos  <cgarcia@igalia.com>
2365
2366         Do not show context menu when right clicking on a scrollbar
2367         https://bugs.webkit.org/show_bug.cgi?id=153493
2368
2369         Reviewed by Michael Catanzaro.
2370
2371         Scrollbars don't currently handle right clicks, but we are showing
2372         the context menu when they are right clicked. This is not desired
2373         at least in GTK+ and I've checked that it isn't consistent with
2374         other applications in Mac either.
2375
2376         Test: fast/events/contextmenu-on-scrollbars.html
2377
2378         * page/EventHandler.cpp:
2379         (WebCore::EventHandler::sendContextMenuEvent):
2380
2381 2016-02-03  Andreas Kling  <akling@apple.com>
2382
2383         [iOS] Throw away linked code when navigating to a new page.
2384         <https://webkit.org/b/153851>
2385
2386         Reviewed by Gavin Barraclough.
2387
2388         When navigating to a new page, tell JSC to throw out any linked code it has lying around.
2389         Linked code is tied to a specific global object, and as we're creating a new one for the
2390         new page, none of it is useful to us here.
2391         In the event that the user navigates back, the cost of relinking some code will be far
2392         lower than the memory cost of keeping all of it around.
2393
2394         * bindings/js/GCController.cpp:
2395         (WebCore::GCController::deleteAllLinkedCode):
2396         * bindings/js/GCController.h:
2397         * loader/FrameLoader.cpp:
2398         (WebCore::FrameLoader::commitProvisionalLoad):
2399
2400 2016-02-03  Alex Christensen  <achristensen@webkit.org>
2401
2402         Report wasBlocked and cannotShowURL errors when using NetworkSession
2403         https://bugs.webkit.org/show_bug.cgi?id=153846
2404
2405         Reviewed by Antti Koivisto.
2406
2407         No new tests, but this fixes http/tests/xmlhttprequest/redirect-cross-origin-2.html
2408         when using NetworkSession.
2409
2410         * platform/URL.h:
2411         WEBCORE_EXPORT because we are using portAllowed in WebKit2 now.
2412
2413 2016-02-03  Jer Noble  <jer.noble@apple.com>
2414
2415         iOS build fix after Yosemite build fix broke iOS build.
2416
2417         * platform/network/cocoa/WebCoreNSURLSession.h:
2418         * platform/network/cocoa/WebCoreNSURLSession.mm:
2419
2420 2016-02-03  Beth Dakin  <bdakin@apple.com>
2421
2422         Accepted candidates should not be autocorrected
2423         https://bugs.webkit.org/show_bug.cgi?id=153813
2424         -and corresponding-
2425         rdar://problem/24066924
2426
2427         Reviewed by Darin Adler.
2428
2429         New document marker to mark inserted candidates. This was we can treat 
2430         inserted candidates just like a RejectedCorrection and we won’t accidentally 
2431         autocorrect them later on.
2432         * dom/DocumentMarker.h:
2433         (WebCore::DocumentMarker::AllMarkers::AllMarkers):
2434         * editing/AlternativeTextController.cpp:
2435         (WebCore::AlternativeTextController::processMarkersOnTextToBeReplacedByResult):
2436
2437         When handling an acceptant candidate, set m_isHandlingAcceptedCandidate to
2438         true while the text is being inserted, and then mark the range as an accepted 
2439         candidate.
2440         * editing/Editor.cpp:
2441         (WebCore::Editor::handleAcceptedCandidate):
2442         * editing/Editor.h:
2443         (WebCore::Editor::isHandlingAcceptedCandidate):
2444
2445         If frame.editor. isHandlingAcceptedCandidate() then return early from 
2446         markMisspellingsAfterTyping.
2447         * editing/TypingCommand.cpp:
2448         (WebCore::TypingCommand::markMisspellingsAfterTyping):
2449
2450         Add some test infrastructure. 
2451         * testing/Internals.cpp:
2452         (WebCore::Internals::handleAcceptedCandidate):
2453         * testing/Internals.h:
2454         * testing/Internals.idl:
2455
2456 2016-02-03  Jer Noble  <jer.noble@apple.com>
2457
2458         [Win] Pass entire request (rather than just URL) to clients of WebCoreAVCFResourceLoader
2459         https://bugs.webkit.org/show_bug.cgi?id=153653
2460
2461         Reviewed by Brent Fulgham.
2462
2463         This will allow those clients to see the byte-range request ("Range:") header and respond
2464         appropriately.
2465
2466         * platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp:
2467         (WebCore::WebCoreAVCFResourceLoader::startLoading):
2468
2469 2016-02-03  Jer Noble  <jer.noble@apple.com>
2470
2471         Yosemite build fix; hide the entire WebCoreNSURLSessionDataTask class from Yosemite and prior.
2472
2473         * platform/network/cocoa/WebCoreNSURLSession.h:
2474         * platform/network/cocoa/WebCoreNSURLSession.mm:
2475         (-[WebCoreNSURLSessionDataTask initWithSession:identifier:URL:]):
2476         (-[WebCoreNSURLSessionDataTask initWithSession:identifier:request:]):
2477
2478 2016-02-03  Jer Noble  <jer.noble@apple.com>
2479
2480         [EME][Mac] MediaKeys.createSession() fails with initData containing a contentId whose length is > 1/2 the initData.
2481         https://bugs.webkit.org/show_bug.cgi?id=153517
2482         <rdar://problem/24303782>
2483
2484         Reviewed by Eric Carlson.
2485
2486         The length of contentId is given in bytes, not Uint16 characters. Use the former when extracting
2487         the contentId string from the initData.
2488
2489         * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
2490         (WebCore::MediaPlayerPrivateAVFoundation::extractKeyURIKeyIDAndCertificateFromInitData):
2491
2492 2016-02-03  Jer Noble  <jer.noble@apple.com>
2493
2494         [Mac] Wrap a resource and resource loader in a NSURLSession-like object for use by lower level frameworks
2495         https://bugs.webkit.org/show_bug.cgi?id=153669
2496
2497         Reviewed by Alex Christensen.
2498
2499         API Test: WebCore.WebCoreNSURLSession
2500
2501         Add a NSURLSession-like object, which wraps a CachedResourceLoader and CachedRawResource, which we can
2502         hand to lower-level frameworks, so that network loads by those frameworks use WebKit's loader.
2503
2504         * platform/network/cocoa/WebCoreNSURLSession.h: Added.
2505         * platform/network/cocoa/WebCoreNSURLSession.mm: Added.
2506         (-[WebCoreNSURLSession initWithResourceLoader:delegate:delegateQueue:]):
2507         (-[WebCoreNSURLSession dealloc]):
2508         (-[WebCoreNSURLSession copyWithZone:]):
2509         (-[WebCoreNSURLSession delegateQueue]):
2510         (-[WebCoreNSURLSession configuration]):
2511         (-[WebCoreNSURLSession loader]):
2512         (-[WebCoreNSURLSession finishTasksAndInvalidate]):
2513         (-[WebCoreNSURLSession invalidateAndCancel]):
2514         (-[WebCoreNSURLSession resetWithCompletionHandler:]):
2515         (-[WebCoreNSURLSession flushWithCompletionHandler:]):
2516         (-[WebCoreNSURLSession getTasksWithCompletionHandler:]):
2517         (-[WebCoreNSURLSession getAllTasksWithCompletionHandler:]):
2518         (-[WebCoreNSURLSession dataTaskWithRequest:]):
2519         (-[WebCoreNSURLSession dataTaskWithURL:]):
2520         (-[WebCoreNSURLSession uploadTaskWithRequest:fromFile:]):
2521         (-[WebCoreNSURLSession uploadTaskWithRequest:fromData:]):
2522         (-[WebCoreNSURLSession uploadTaskWithStreamedRequest:]):
2523         (-[WebCoreNSURLSession downloadTaskWithRequest:]):
2524         (-[WebCoreNSURLSession downloadTaskWithURL:]):
2525         (-[WebCoreNSURLSession downloadTaskWithResumeData:]):
2526         (-[WebCoreNSURLSession streamTaskWithHostName:port:]):
2527         (-[WebCoreNSURLSession streamTaskWithNetService:]):
2528         (-[WebCoreNSURLSession isKindOfClass:]):
2529
2530         Add a C++ class which can act as a CachedRawResourceClient, passing the results back to a WebCoreNSURLSessionDataTask:
2531
2532         (WebCore::WebCoreNSURLSessionDataTaskClient::WebCoreNSURLSessionDataTaskClient):
2533         (WebCore::WebCoreNSURLSessionDataTaskClient::dataSent):
2534         (WebCore::WebCoreNSURLSessionDataTaskClient::responseReceived):
2535         (WebCore::WebCoreNSURLSessionDataTaskClient::dataReceived):
2536         (WebCore::WebCoreNSURLSessionDataTaskClient::redirectReceived):
2537         (WebCore::WebCoreNSURLSessionDataTaskClient::notifyFinished):
2538
2539         Add a NSURLSessionDataTask-like object, which takes a request, then uses it to create and wrap a CachedRawResource.
2540         Becase NSURSessionDataTask is intended to be used off-main-thread, care must be taken to dispatch back to the main-
2541         (or web-) thread before calling CachedRawResource functions.
2542
2543         (-[WebCoreNSURLSessionDataTask initWithSession:identifier:URL:]):
2544         (-[WebCoreNSURLSessionDataTask initWithSession:identifier:request:]):
2545         (-[WebCoreNSURLSessionDataTask copyWithZone:]):
2546         (-[WebCoreNSURLSessionDataTask _restart]):
2547         (-[WebCoreNSURLSessionDataTask _cancel]):
2548         (-[WebCoreNSURLSessionDataTask _finish]):
2549         (-[WebCoreNSURLSessionDataTask _setDefersLoading:]):
2550         (-[WebCoreNSURLSessionDataTask cancel]):
2551         (-[WebCoreNSURLSessionDataTask suspend]):
2552         (-[WebCoreNSURLSessionDataTask resume]):
2553         (-[WebCoreNSURLSessionDataTask _timingData]):
2554         (-[WebCoreNSURLSessionDataTask resource:sentBytes:totalBytesToBeSent:]):
2555         (-[WebCoreNSURLSessionDataTask resource:receivedResponse:]):
2556         (-[WebCoreNSURLSessionDataTask resource:receivedData:length:]):
2557         (-[WebCoreNSURLSessionDataTask resource:receivedRedirect:request:]):
2558         (-[WebCoreNSURLSessionDataTask resourceFinished:]):
2559         * WebCore.xcodeproj/project.pbxproj: Add new files to project.
2560
2561 2016-02-03  Darin Adler  <darin@apple.com>
2562
2563         Convert another batch of String::lower callsites to something better, typically convertToASCIILowercase
2564         https://bugs.webkit.org/show_bug.cgi?id=153789
2565
2566         Reviewed by Sam Weinig.
2567
2568         * dom/DOMImplementation.cpp:
2569         (WebCore::DOMImplementation::isXMLMIMEType): Use equalLettersIgnoringASCIICase
2570         and the boolean argument to endsWith to ignore ASCII case.
2571         (WebCore::DOMImplementation::isTextMIMEType): Ditto. Also simplified the logic
2572         by removing an if statement.
2573
2574         * dom/Document.cpp:
2575         (WebCore::isSeparator): Deleted. Moved to WindowFeatures.cpp.
2576         (WebCore::processArguments): Ditto.
2577         (WebCore::Document::processViewport): Call the processFeaturesString function
2578         from WindowFeatures.h; the code here was originally just a pasted copy of that code!
2579         (WebCore::Document::processFormatDetection): Ditto.
2580
2581         * html/HTMLCanvasElement.cpp:
2582         (WebCore::HTMLCanvasElement::toEncodingMimeType): Remove now-unneeded
2583         lowercasing of MIME type before calling isSupportedImageMIMETypeForEncoding,
2584         since the MIME type registry now ignores ASCII case. Use convertToASCIILowercase
2585         on the return value, to preserve behavior.
2586         (WebCore::HTMLCanvasElement::toDataURL): Minor coding style tweaks.
2587
2588         * html/HTMLEmbedElement.cpp:
2589         (WebCore::HTMLEmbedElement::parseAttribute): Use convertToASCIILowercase for
2590         the service type here.
2591
2592         * html/HTMLImageElement.cpp:
2593         (WebCore::HTMLImageElement::bestFitSourceFromPictureElement): Remove now-unneeded
2594         lowercasing since MIME type registry now ignores ASCII case. And use
2595         equalLettersIgnoringASCIICase for the case here.
2596
2597         * html/HTMLInputElement.cpp:
2598         (WebCore::parseAcceptAttribute): Use convertToASCIILowercase for the type here.
2599
2600         * html/HTMLLinkElement.cpp:
2601         (WebCore::HTMLLinkElement::parseAttribute): Use convertToASCIILowercase for the
2602         media value here.
2603
2604         * html/HTMLMediaElement.cpp:
2605         (WebCore::HTMLMediaElement::canPlayType): Use convertToASCIILowercase for the
2606         content type here.
2607         (WebCore::HTMLMediaElement::selectNextSourceChild): Ditto.
2608
2609         * html/HTMLObjectElement.cpp:
2610         (WebCore::HTMLObjectElement::parseAttribute): Use convertToASCIILowercase for
2611         the service type here.
2612
2613         * html/HTMLTrackElement.cpp:
2614         (WebCore::HTMLTrackElement::parseAttribute): Use convertToASCIILowercase for
2615         the kind here.
2616         (WebCore::HTMLTrackElement::ensureTrack): Ditto. Also use fastGetAttribute
2617         since this is neither the style attribute nor an animatable SVG attribute.
2618
2619         * html/parser/HTMLTreeBuilder.cpp:
2620         (WebCore::createCaseMap): Use convertToASCIILowercase for the local names here.
2621
2622         * inspector/DOMPatchSupport.cpp:
2623         (WebCore::DOMPatchSupport::patchNode): Use containsIgnoringASCIICase instead
2624         of combining lower with find == notFound here.
2625         (WebCore::nodeName): Use convertToASCIILowercase here.
2626
2627         * inspector/InspectorOverlay.cpp:
2628         (WebCore::buildObjectForElementData): Use convertToASCIILowercase for node
2629         name here.
2630
2631         * inspector/InspectorPageAgent.cpp:
2632         (WebCore::createXHRTextDecoder): Remove a now-unneeded call to lower since
2633         DOMImplementation::isXMLMIMEType now ignores ASCII case.
2634
2635         * inspector/InspectorStyleSheet.cpp:
2636         (WebCore::lowercasePropertyName): Use convertToASCIILowercase for property
2637         names here. Also use startsWith rather than a hand-written alternative.
2638         (WebCore::InspectorStyle::populateAllProperties): Use the return value of
2639         the add function to avoid doing a double hash table lookp.
2640         (WebCore::InspectorStyle::styleWithProperties): Use convertToASCIILowercase
2641         to lowercase the property name.
2642
2643         * inspector/NetworkResourcesData.cpp:
2644         (WebCore::createOtherResourceTextDecoder): Remove unneeded call to lower since
2645         DOMImplement::isXMLMIMEType now ignores ASCII case.
2646
2647         * loader/CrossOriginAccessControl.cpp:
2648         (WebCore::createAccessControlPreflightRequest): Use convertToASCIILowercase
2649         to lowercase the access control request header field value.
2650
2651         * loader/cache/CachedScript.cpp:
2652         (WebCore::CachedScript::mimeType): Use convertToASCIILowercase on the content type.
2653
2654         * page/CaptionUserPreferencesMediaAF.cpp:
2655         (WebCore::languageIdentifier): Use convertToASCIILowercase on the language code.
2656
2657         * page/DOMWindow.cpp:
2658         (WebCore::DOMWindow::open): Call parseWindowFeatures instead of using the
2659         constructor for WindowFeatures.
2660         (WebCore::DOMWindow::showModalDialog): Call parseDialogFeatures instead of
2661         using the constructor for WindowFeatures.
2662
2663         * page/EventHandler.cpp:
2664         (WebCore::findDropZone): Remove unneeded lowercasing and empty string checking,
2665         and use the option SpaceSplitString already has to convert to lowercase.
2666         (WebCore::EventHandler::handleAccessKey): Remove unneeded call to lower since
2667         getElementByAccessKey now ignores case. Also tweaked coding style a bit.
2668
2669         * page/OriginAccessEntry.cpp:
2670         (WebCore::OriginAccessEntry::OriginAccessEntry): Use convertToASCIILowercase
2671         on the protocol and host.
2672         (WebCore::OriginAccessEntry::matchesOrigin): Ditto.
2673
2674         * page/SecurityOrigin.cpp:
2675         (WebCore::shouldTreatAsUniqueOrigin): Remove unneeded call to lower since
2676         SchemeRegistry now ignores ASCII case.
2677         (WebCore::SecurityOrigin::SecurityOrigin): Use convertToASCIILowercase on
2678         the protocol and host.
2679         (WebCore::SecurityOrigin::setDomainFromDOM): Use convertToASCIILowercase on
2680         the domain.
2681         (WebCore::SecurityOrigin::canDisplay): Remove call to lower since SchemeRegistry
2682         now ignores ASCII case and because this now uses equalIgnoringASCIICase in
2683         one place that used to use exact matching.
2684
2685         * page/WindowFeatures.cpp: Refactored so this is now some helper functions
2686         plus a struct rather than a class.
2687         (WebCore::isSeparator): Renamed this and removed special handling for NUL.
2688         (WebCore::parseWindowFeatures): Moved the code that was formerly in the
2689         WindowFeatures constructor in here. Refactored the parsing into the
2690         processFeaturesString function, shared with the functions in Document that
2691         do the same kind of parsing. Removed the code that converts the entire string
2692         to lowercase before parsing.
2693         (WebCore::processFeaturesString): Moved the improved version of this function
2694         here from Document.cpp; more efficient because it doesn't allocate strings.
2695         (WebCore::setWindowFeature): Changed to be a function private to this file
2696         with internal linkage. Use equalLettersIgnoringASCIICase so we no longer
2697         rely on converting the string to lowercase before parsing.
2698         (WebCore::parseDialogFeatures): Similar refactoring, but also changed all
2699         the default handling to use Optional<> instead of default values.
2700         (WebCore::boolFeature): Changed to use option and to ignore ASCII case.
2701         (WebCore::floatFeature): Ditto.
2702         (WebCore::parseDialogFeaturesMap): Removed the calls to lower, which are
2703         not needed any more.
2704
2705         * page/WindowFeatures.h: Added default values for all the data members,
2706         and removed all the functions from the WindowFeatures struct. Added the two
2707         functions for parsing window and dialog features. Also added the
2708         processFeaturesString function so we can share it with Document.cpp.
2709
2710         * platform/SchemeRegistry.cpp:
2711         (WebCore::SchemeRegistry::removeURLSchemeRegisteredAsLocal): Use
2712         equalLettersIgnoringASCIICase to ignore ASCII case.
2713
2714         * platform/efl/MIMETypeRegistryEfl.cpp:
2715         (WebCore::MIMETypeRegistry::getMIMETypeForExtension): Use a modern for loop,
2716         and equalIgnoringASCIICase rather than calling lower.
2717
2718         * platform/graphics/MediaPlayer.cpp:
2719         (WebCore::MediaPlayer::load): Use convertToASCIILowercase on MIME type and
2720         key system.
2721         (WebCore::MediaPlayer::generateKeyRequest): Ditto.
2722         (WebCore::MediaPlayer::addKey): Ditto.
2723         (WebCore::MediaPlayer::cancelKeyRequest): Ditto.
2724
2725         * platform/graphics/opengl/Extensions3DOpenGLCommon.cpp:
2726         (WebCore::Extensions3DOpenGLCommon::Extensions3DOpenGLCommon): Use
2727         convertToASCIILowercase on vendor string.
2728
2729         * platform/gtk/MIMETypeRegistryGtk.cpp:
2730         (WebCore::MIMETypeRegistry::getMIMETypeForExtension): Use a modern for loop,
2731         and equalIgnoringASCIICase rather than calling lower.
2732
2733         * platform/mac/PasteboardMac.mm:
2734         (WebCore::cocoaTypeFromHTMLClipboardType): Use convertToASCIILowercase
2735         on the type. Also did a bit of renaming and tweaking the logic.
2736
2737 2016-02-03  Dave Hyatt  <hyatt@apple.com>
2738
2739         Implement hanging-punctuation property parsing.
2740         https://bugs.webkit.org/show_bug.cgi?id=18109.
2741
2742         Reviewed by Zalan Bujtas.
2743
2744         Added parsing test in fast/css.
2745
2746         * css/CSSComputedStyleDeclaration.cpp:
2747         (WebCore::renderEmphasisPositionFlagsToCSSValue):
2748         (WebCore::hangingPunctuationToCSSValue):
2749         (WebCore::fillRepeatToCSSValue):
2750         (WebCore::ComputedStyleExtractor::propertyValue):
2751         * css/CSSParser.cpp:
2752         (WebCore::CSSParser::parseValue):
2753         (WebCore::CSSParser::parseTextIndent):
2754         (WebCore::CSSParser::parseHangingPunctuation):
2755         (WebCore::CSSParser::parseLineBoxContain):
2756         * css/CSSParser.h:
2757         * css/CSSPrimitiveValueMappings.h:
2758         (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
2759         (WebCore::CSSPrimitiveValue::operator HangingPunctuation):
2760         (WebCore::CSSPrimitiveValue::operator LineBreak):
2761         * css/CSSPropertyNames.in:
2762         * css/CSSValueKeywords.in:
2763         * css/StyleBuilderConverter.h:
2764         (WebCore::StyleBuilderConverter::convertRegionBreakInside):
2765         (WebCore::StyleBuilderConverter::convertHangingPunctuation):
2766         * rendering/style/RenderStyle.cpp:
2767         (WebCore::RenderStyle::changeRequiresLayout):
2768         * rendering/style/RenderStyle.h:
2769         * rendering/style/RenderStyleConstants.h:
2770         (WebCore::operator| ):
2771         (WebCore::operator|= ):
2772         * rendering/style/StyleRareInheritedData.cpp:
2773         (WebCore::StyleRareInheritedData::StyleRareInheritedData):
2774         (WebCore::StyleRareInheritedData::operator==):
2775         * rendering/style/StyleRareInheritedData.h:
2776
2777 2016-02-03  Jessie Berlin  <jberlin@webkit.org>
2778
2779         Build fix.
2780
2781         [NSEvent context] has always returned nil. Replace uses with nullptr.
2782
2783         * page/mac/EventHandlerMac.mm:
2784         (WebCore::EventHandler::sendFakeEventsAfterWidgetTracking):
2785
2786 2016-02-03  Carlos Garcia Campos  <cgarcia@igalia.com>
2787
2788         [GTK] Layout Test http/tests/appcache/different-https-origin-resource-main.html is failing
2789         https://bugs.webkit.org/show_bug.cgi?id=145253
2790
2791         Reviewed by Michael Catanzaro.
2792
2793         The problem is that when the load is cancelled while the
2794         connection is still being established,
2795         SoupMessage::notify::tls-errors is emitted and the handler calls
2796         ResourceHandleClient::didFail() which can delete the ResourceHandle.
2797
2798         * platform/network/soup/ResourceHandleSoup.cpp:
2799         (WebCore::tlsErrorsChangedCallback): Protect the ResourceHandle
2800         for the scope of the callback because
2801         ResourceHandleClient::didFail() could delete the object.
2802
2803 2016-02-03  Carlos Garcia Campos  <cgarcia@igalia.com>
2804
2805         REGRESSION(r191948): [GStreamer] 4 new timeouts on layout tests.
2806         https://bugs.webkit.org/show_bug.cgi?id=152797
2807
2808         Reviewed by Darin Adler.
2809
2810         Always schedule messages to the main thread, even when the bus
2811         sync handlder was called in the main thread. It seems that
2812         GStreamer expects things to happen in the next main loop
2813         iteration.
2814
2815         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
2816         (WebCore::MediaPlayerPrivateGStreamer::createGSTPlayBin):
2817
2818 2016-02-03  Zan Dobersek  <zdobersek@igalia.com>
2819
2820         [TexMap] CompositingCoordinator should store the overlay layer, flush it as appropriate
2821         https://bugs.webkit.org/show_bug.cgi?id=152058
2822
2823         Reviewed by Michael Catanzaro.
2824
2825         Previously, the CompositingCoordinator only added the overlay layer to the
2826         layer tree, but flushing its compositing state is also required. For that to
2827         happen, CompositingCoordinator has to store a pointer to the overlay layer
2828         object and flush it in ::flushPendingLayerChanges().
2829
2830         Overlay layers are most prominently used by the Web Inspector to highlight
2831         the DOM elements on the Web page that are being hovered in the inspector.
2832
2833         * platform/graphics/texmap/coordinated/CompositingCoordinator.cpp:
2834         (WebCore::CompositingCoordinator::CompositingCoordinator):
2835         (WebCore::CompositingCoordinator::setRootCompositingLayer):
2836         (WebCore::CompositingCoordinator::flushPendingLayerChanges):
2837         * platform/graphics/texmap/coordinated/CompositingCoordinator.h:
2838
2839 2016-02-03  Zan Dobersek  <zdobersek@igalia.com>
2840
2841         [CoordinatedGraphics] CompositingCoordinator destructor is scheduling layer flushes
2842         https://bugs.webkit.org/show_bug.cgi?id=153823
2843
2844         Reviewed by Carlos Garcia Campos.
2845
2846         Purging the backing stores during the CompositingCoordinator destructor
2847         is also scheduling layer flushes in the object's client, which is an object
2848         of the LayerTreeHost-deriving class that owns the CompositingCoordinator
2849         object in question and is also being destroyed.
2850
2851         In case of ThreadedCoordinatedLayerTreeHost, this scheduling can access
2852         the RunLoop::Timer object which has already been destroyed, causing a
2853         crash. Another problem with this is that we're invoking a virtual function
2854         on an object that's being destructed, which works well enough in this case
2855         but should be discouraged in general.
2856
2857         In order to avoid this, add the m_isDestructing boolean to the
2858         CompositingCoordinator class, flip it to true during the destruction,
2859         and check for its falseness before scheduling a layer flush.
2860
2861         * platform/graphics/texmap/coordinated/CompositingCoordinator.cpp:
2862         (WebCore::CompositingCoordinator::CompositingCoordinator):
2863         (WebCore::CompositingCoordinator::~CompositingCoordinator):
2864         (WebCore::CompositingCoordinator::notifyFlushRequired):
2865         * platform/graphics/texmap/coordinated/CompositingCoordinator.h:
2866
2867 2016-02-03  Zan Dobersek  <zdobersek@igalia.com>
2868
2869         [TexMap] Don't use RELEASE_ASSERT in TextureMapperLayer::computeTransformsRecursive()
2870         https://bugs.webkit.org/show_bug.cgi?id=153822
2871
2872         Reviewed by Carlos Garcia Campos.
2873
2874         * platform/graphics/texmap/TextureMapperLayer.cpp:
2875         (WebCore::TextureMapperLayer::computeTransformsRecursive):
2876         Use ASSERT to check that the m_children members are indeed children
2877         of the current layer, RELEASE_ASSERT probably slipped in unnoticed
2878         at some point.
2879
2880 2016-02-03  Zan Dobersek  <zdobersek@igalia.com>
2881
2882         PlatformPathCairo: Lazily allocate the path surface
2883         https://bugs.webkit.org/show_bug.cgi?id=153821
2884
2885         Reviewed by Carlos Garcia Campos.
2886
2887         Move the static variable that holds the Cairo surface into
2888         the pathSurface() function (previously getPathSurface). This
2889         way the surface will only be allocated once the function is
2890         called for the first time from the CairoPath surface.
2891
2892         No change in functionality, just a cleanup.
2893
2894         * platform/graphics/cairo/PlatformPathCairo.cpp:
2895         (WebCore::pathSurface):
2896         (WebCore::CairoPath::CairoPath):
2897         (WebCore::getPathSurface): Deleted.
2898
2899 2016-02-02  Fujii Hironori  <Hironori.Fujii@jp.sony.com>
2900
2901         ASSERTION FAILED: roundedIntPoint(rendererMappedResult) == roundedIntPoint(result)
2902         https://bugs.webkit.org/show_bug.cgi?id=153576
2903
2904         Reviewed by Darin Adler.
2905
2906         Tests: fast/block/geometry-map-assertion-with-rounding-negative-half.html
2907
2908         The results of roundedIntPoint of FloatPoint and LayoutPoint may be different
2909         because of the uniqueness of LayoutUnit::round introduced by this bug
2910         <https://bugs.webkit.org/show_bug.cgi?id=107208>.
2911         Should convert a FloatPoint to a LayoutPoint before rounding.
2912
2913         * rendering/RenderGeometryMap.cpp:
2914         (WebCore::RenderGeometryMap::mapToContainer):
2915
2916 2016-02-02  Aakash Jain  <aakash_jain@apple.com>
2917
2918         Remove references to CallFrameInlines.h
2919         https://bugs.webkit.org/show_bug.cgi?id=153810
2920
2921         Reviewed by Mark Lam.
2922
2923         * ForwardingHeaders/interpreter/CallFrameInlines.h: Removed.
2924
2925 2016-02-02  Jinyoung Hur  <hur.ims@navercorp.com>
2926
2927         WEBGL_debug_shaders should be disabled for OpenGLES backend also
2928         https://bugs.webkit.org/show_bug.cgi?id=153788
2929
2930         Reviewed by Darin Adler.
2931
2932         WEBGL_debug_shaders extension is disabled for OpenGL backed platform
2933         because the implementation is not fully compliant to the spec yet.
2934         Because this is not an OpenGL-specific problem, WEBGL_debug_shaders extension
2935         should be disabled for OpenGLES backed platforms also.
2936
2937         No new tests, already covered by existing tests.
2938
2939         * platform/graphics/opengl/Extensions3DOpenGL.cpp:
2940         (WebCore::Extensions3DOpenGL::supportsExtension): Deleted.
2941         * platform/graphics/opengl/Extensions3DOpenGLCommon.cpp:
2942         (WebCore::Extensions3DOpenGLCommon::supports):
2943
2944 2016-02-02  Brady Eidson  <beidson@apple.com>
2945
2946         Modern IDB: storage/indexeddb/cursor-primary-key-order.html fails with SQLite backend.
2947         https://bugs.webkit.org/show_bug.cgi?id=153800
2948
2949         Reviewed by Alex Christensen.
2950
2951         No new tests (Existing tests now unskipped).
2952
2953         The IndexRecords SQL schema did not order things by primaryKey.
2954         
2955         Easy fix to the schema. Sadly requires a migration...
2956
2957         * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
2958         (WebCore::IDBServer::v1IndexRecordsTableSchema):
2959         (WebCore::IDBServer::v1IndexRecordsTableSchemaAlternate):
2960         (WebCore::IDBServer::v2IndexRecordsTableSchema):
2961         (WebCore::IDBServer::v2IndexRecordsTableSchemaAlternate):
2962         (WebCore::IDBServer::SQLiteIDBBackingStore::ensureValidIndexRecordsTable):
2963         (WebCore::IDBServer::SQLiteIDBBackingStore::createAndPopulateInitialDatabaseInfo):
2964         * Modules/indexeddb/server/SQLiteIDBBackingStore.h:
2965
2966 2016-02-02  Tim Horton  <timothy_horton@apple.com>
2967
2968         <attachment> should attempt to guess the icon from the file extension if all else fails
2969         https://bugs.webkit.org/show_bug.cgi?id=153804
2970         <rdar://problem/24448146>
2971
2972         Reviewed by Anders Carlsson.
2973
2974         Test: fast/attachment/attachment-icon-from-file-extension.html
2975
2976         * platform/graphics/Icon.h:
2977         * platform/graphics/mac/IconMac.mm:
2978         (WebCore::Icon::createIconForFileExtension):
2979         * rendering/RenderThemeMac.mm:
2980         (WebCore::iconForAttachment):
2981         If we can't find an icon any other way, try assuming that the title is a filename,
2982         grab its extension, and have NSWorkspace try to work out an icon for it.
2983
2984 2016-02-02  Antti Koivisto  <antti@apple.com>
2985
2986         Factor style sharing code out of StyleResolver
2987         https://bugs.webkit.org/show_bug.cgi?id=153768
2988
2989         Reviewed by Darin Adler.
2990
2991         Move the code to a new class, Style::SharingResolver.
2992
2993         When resolving document style we query the sharing resolver first before using the regular style resolver.
2994         Other paths that call style resolver were mostly already disabling it with DisallowStyleSharing flag.
2995
2996         * WebCore.xcodeproj/project.pbxproj:
2997         * css/ElementRuleCollector.cpp:
2998         (WebCore::MatchRequest::MatchRequest):
2999         (WebCore::ElementRuleCollector::matchAllRules):
3000         (WebCore::ElementRuleCollector::hasAnyMatchingRules):
3001
3002             More const.
3003
3004         * css/ElementRuleCollector.h:
3005         (WebCore::ElementRuleCollector::setRegionForStyling):
3006         (WebCore::ElementRuleCollector::setMedium):
3007         * css/MediaQueryMatcher.cpp:
3008         (WebCore::MediaQueryMatcher::prepareEvaluator):
3009         * css/StyleMedia.cpp:
3010         (WebCore::StyleMedia::matchMedium):
3011         * css/StyleResolver.cpp:
3012         (WebCore::StyleResolver::State::cacheBorderAndBackground):
3013         (WebCore::StyleResolver::StyleResolver):
3014         (WebCore::StyleResolver::sweepMatchedPropertiesCache):
3015         (WebCore::StyleResolver::State::State):
3016         (WebCore::StyleResolver::State::setStyle):
3017         (WebCore::isAtShadowBoundary):
3018         (WebCore::StyleResolver::styleForElement):
3019         (WebCore::StyleResolver::classNamesAffectedByRules): Deleted.
3020         (WebCore::parentElementPreventsSharing): Deleted.
3021         (WebCore::StyleResolver::locateCousinList): Deleted.
3022         (WebCore::StyleResolver::styleSharingCandidateMatchesRuleSet): Deleted.
3023         (WebCore::StyleResolver::canShareStyleWithControl): Deleted.
3024         (WebCore::elementHasDirectionAuto): Deleted.
3025         (WebCore::StyleResolver::sharingCandidateHasIdenticalStyleAffectingAttributes): Deleted.
3026         (WebCore::StyleResolver::canShareStyleWithElement): Deleted.
3027         (WebCore::StyleResolver::findSiblingForStyleSharing): Deleted.
3028         (WebCore::StyleResolver::locateSharedStyle): Deleted.
3029
3030             Style sharing code moves to SharingResolver.
3031
3032         * css/StyleResolver.h:
3033         (WebCore::StyleResolver::mediaQueryEvaluator):
3034         (WebCore::StyleResolver::State::regionForStyling):
3035         (WebCore::StyleResolver::State::elementLinkState):
3036         (WebCore::StyleResolver::State::setApplyPropertyToRegularStyle):
3037         (WebCore::StyleResolver::State::setApplyPropertyToVisitedLinkStyle):
3038         (WebCore::StyleResolver::state):
3039         (WebCore::StyleResolver::setTextOrientation):
3040         (WebCore::StyleResolver::State::setElementAffectedByClassRules): Deleted.
3041         (WebCore::StyleResolver::State::elementAffectedByClassRules): Deleted.
3042         (WebCore::StyleResolver::styleNotYetAvailable): Deleted.
3043
3044             Placeholder code moves to TreeResolver.
3045
3046         * dom/VisitedLinkState.cpp:
3047         (WebCore::linkAttribute):
3048         (WebCore::VisitedLinkState::invalidateStyleForAllLinks):
3049         (WebCore::linkHashForElement):
3050         (WebCore::VisitedLinkState::invalidateStyleForLink):
3051         (WebCore::VisitedLinkState::determineLinkStateSlowCase):
3052         * dom/VisitedLinkState.h:
3053         (WebCore::VisitedLinkState::determineLinkState):
3054         * html/HTMLFormControlElement.h:
3055         * rendering/RenderElement.cpp:
3056         (WebCore::RenderElement::getUncachedPseudoStyle):
3057         * rendering/RenderNamedFlowFragment.cpp:
3058         (WebCore::RenderNamedFlowFragment::computeStyleInRegion):
3059         * rendering/style/RenderStyle.cpp:
3060         (WebCore::RenderStyle::isStyleAvailable):
3061         (WebCore::RenderStyle::hasUniquePseudoStyle):
3062         * style/StyleSharingResolver.cpp: Added.
3063         (WebCore::Style::SharingResolver::SharingResolver):
3064         (WebCore::Style::parentElementPreventsSharing):
3065         (WebCore::Style::elementHasDirectionAuto):
3066         (WebCore::Style::SharingResolver::searchSimilar):
3067         (WebCore::Style::SharingResolver::findSibling):
3068         (WebCore::Style::SharingResolver::locateCousinList):
3069         (WebCore::Style::canShareStyleWithControl):
3070         (WebCore::Style::SharingResolver::canShareStyleWithElement):
3071         (WebCore::Style::SharingResolver::styleSharingCandidateMatchesRuleSet):
3072         (WebCore::Style::SharingResolver::sharingCandidateHasIdenticalStyleAffectingAttributes):
3073         (WebCore::Style::SharingResolver::classNamesAffectedByRules):
3074         * style/StyleSharingResolver.h: Added.
3075         * style/StyleTreeResolver.cpp:
3076         (WebCore::Style::ensurePlaceholderStyle):
3077         (WebCore::Style::TreeResolver::TreeResolver):
3078         (WebCore::Style::TreeResolver::styleForElement):
3079
3080             Try to use SharingResolver first.
3081             Also move placeholder style handling here, it is only relevant when resolving document style.
3082
3083         (WebCore::Style::postResolutionCallbacksAreSuspended):
3084         (WebCore::Style::isPlaceholderStyle):
3085         * style/StyleTreeResolver.h:
3086         * svg/SVGElement.cpp:
3087         (WebCore::SVGElement::customStyleForRenderer):
3088         * svg/SVGElementRareData.h:
3089         (WebCore::SVGElementRareData::overrideComputedStyle):
3090
3091 2016-02-02  Tim Horton  <timothy_horton@apple.com>
3092
3093         <attachment> icon should be a folder for the custom MIME type multipart/x-folder
3094         https://bugs.webkit.org/show_bug.cgi?id=153795
3095         <rdar://problem/24416632>
3096
3097         Reviewed by Anders Carlsson.
3098
3099         Test: fast/attachment/attachment-folder-icon.html
3100
3101         * rendering/RenderThemeMac.mm:
3102         (WebCore::iconForAttachment):
3103         (WebCore::paintAttachmentIcon):
3104         Mail uses this special MIME type to indicate that something is a folder, which there
3105         isn't a normal non-deprecated MIME type for.
3106
3107 2016-02-02  Brady Eidson  <beidson@apple.com>
3108
3109         Modern IDB: storage/indexeddb/cursor-continue-validity.html fails.
3110         https://bugs.webkit.org/show_bug.cgi?id=153791
3111
3112         Reviewed by Alex Christensen.
3113
3114         No new tests (Existing test now unskipped).
3115
3116         There was a preexisting check in the SQLite cursor for remembering the current record and
3117         refusing to refetch it.
3118         
3119         This check was causing this bug, because we needed to refetch the current record.
3120         
3121         Removing the check (and its associated flag) doesn't regress any other test, and fixes this one.
3122
3123         * Modules/indexeddb/server/SQLiteIDBCursor.cpp:
3124         (WebCore::IDBServer::SQLiteIDBCursor::resetAndRebindStatement):
3125         (WebCore::IDBServer::SQLiteIDBCursor::internalAdvanceOnce):
3126         * Modules/indexeddb/server/SQLiteIDBCursor.h:
3127
3128 2016-02-01  Dave Hyatt  <hyatt@apple.com>
3129
3130         Add a line grid pagination SPI to WebKit.
3131         https://bugs.webkit.org/show_bug.cgi?id=153757
3132         <rdar://problem/23041598>
3133
3134         Reviewed by Anders Carlsson.
3135
3136         New tests in fast/multicol/pagination.
3137
3138         * page/Page.cpp:
3139         (WebCore::Page::setPaginationLineGridEnabled):
3140         * page/Page.h:
3141         (WebCore::Page::paginationLineGridEnabled):
3142         Add a boolean to the page to turn the line grid on and off.
3143
3144         * rendering/RenderBox.cpp:
3145         (WebCore::RenderBox::styleDidChange):
3146         Propagate the body's font up to the paginated RenderView so that
3147         it can be used to establish the line grid.
3148
3149         * style/StyleResolveForDocument.cpp:
3150         (WebCore::Style::resolveForDocument):
3151         Set up a line grid with containment snapping by default if the
3152         line grid enabled flag is set.
3153
3154         * testing/Internals.cpp:
3155         (WebCore::Internals::resetToConsistentState):
3156         (WebCore::Internals::setPagination):
3157         (WebCore::Internals::setPaginationLineGridEnabled):
3158         (WebCore::Internals::configurationForViewport):
3159         * testing/Internals.h:
3160         (WebCore::Internals::setPagination):
3161         * testing/Internals.idl:
3162         Add support for testing the grid being enabled.
3163
3164 2016-02-01  Antti Koivisto  <antti@apple.com>
3165
3166         Tab suspension code shouldn't use page cache cacheability logic
3167         https://bugs.webkit.org/show_bug.cgi?id=153680
3168
3169         Reviewed by Andreas Kling.
3170
3171         Most of PageCache::canCache() is unnecessary for tab suspension.
3172
3173         Also improve robustness and introduce 1 minute delay before suspending.
3174
3175         * page/Page.cpp:
3176         (WebCore::Page::setPageActivityState):
3177         (WebCore::Page::setIsVisible):
3178         (WebCore::Page::setIsVisibleInternal):
3179         (WebCore::Page::setIsPrerender):
3180         (WebCore::Page::canTabSuspend):
3181
3182             Include visibility test here.
3183
3184             Instead of calling PageCache::canCache() just check for each frame
3185             - that the document is loaded
3186             - that active DOM objects allow suspension
3187
3188         (WebCore::Page::setIsTabSuspended):
3189         (WebCore::Page::setTabSuspensionEnabled):
3190         (WebCore::Page::updateTabSuspensionState):
3191
3192             Refactor for robustness.
3193
3194         (WebCore::Page::tabSuspensionTimerFired):
3195
3196             Call canTabSuspend, the result might have changed.
3197
3198         (WebCore::Page::scheduleTabSuspension): Deleted.
3199         * page/Page.h:
3200
3201 2016-02-02  Yusuke Suzuki  <utatane.tea@gmail.com>
3202
3203         [JSC] Introduce BytecodeIntrinsic constant rep like @undefined
3204         https://bugs.webkit.org/show_bug.cgi?id=153737
3205
3206         Reviewed by Darin Adler.
3207
3208         * Modules/fetch/FetchHeaders.js:
3209         (initializeFetchHeaders):
3210         * Modules/streams/ReadableStream.js:
3211         (initializeReadableStream):
3212         (closeDestination):
3213         (abortDestination):
3214         (pipeTo):
3215         * Modules/streams/ReadableStreamInternals.js:
3216         (privateInitializeReadableStreamController):
3217         (teeReadableStream):
3218         (isReadableStreamReader):
3219         (errorReadableStream):
3220         (finishClosingReadableStream):
3221         (enqueueInReadableStream):
3222         (readFromReadableStreamReader):
3223         * Modules/streams/ReadableStreamReader.js:
3224         (releaseLock):
3225         * Modules/streams/StreamInternals.js:
3226         (shieldingPromiseResolve):
3227         (promiseInvokeOrNoopNoCatch):
3228         (promiseInvokeOrFallbackOrNoop):
3229         (validateAndNormalizeQueuingStrategy):
3230         * Modules/streams/WritableStream.js:
3231         (initializeWritableStream):
3232         (write):
3233         * Modules/streams/WritableStreamInternals.js:
3234         (errorWritableStream):
3235
3236 2016-02-02  Brady Eidson  <beidson@apple.com>
3237
3238         Modern IDB: storage/indexeddb/dont-wedge.html sometimes ASSERTs.
3239         https://bugs.webkit.org/show_bug.cgi?id=153790
3240
3241         Reviewed by Tim Horton.
3242
3243         No new tests (Failing test now unskipped).
3244
3245         This test uncovered an unhandled race where the main thread tried to perform an OpenDB operation 
3246         multiple times while it was already in-progress on the server thread.
3247
3248         There was already a flag meant to cover this race, and it just needed to be applied to one more site.
3249         
3250         * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
3251         (WebCore::IDBServer::UniqueIDBDatabase::performCurrentOpenOperation):
3252         (WebCore::IDBServer::UniqueIDBDatabase::openBackingStore):
3253
3254 2016-02-02  Daniel Bates  <dabates@apple.com>
3255
3256         CSP: Support checking content security policy without a script execution context
3257         https://bugs.webkit.org/show_bug.cgi?id=153748
3258         <rdar://problem/24439149>
3259
3260         Reviewed by Darin Alder.
3261
3262         Towards checking a Web Worker's content security policy against a redirected worker
3263         script load or redirected XHR request for an XHR request initiated from it, we should
3264         support instantiating a ContentSecurityPolicy object without a ScriptExecutionContext.
3265
3266         No functionality was changed. So, no new tests.
3267
3268         * dom/Document.cpp:
3269         (WebCore::Document::initSecurityContext): Pass |this| as a reference instead of as a pointer.
3270         * page/csp/ContentSecurityPolicy.cpp: Remove extraneous includes ScriptState.h, TextEncoding.h,
3271         and URL.h as they are included by ContentSecurityPolicy.h, FormDataList.h and FormData.h, respectively.
3272         (WebCore::CSPSource::CSPSource): Take a constant reference to a ContentSecurityPolicy instead
3273         of a pointer since we never expected a null pointer.
3274         (WebCore::CSPSource::schemeMatches): Move logic for checking the protocol of source "self"
3275         from here to ContentSecurityPolicy::protocolMatchesSelf() because we may not have a security
3276         origin if ContentSecurityPolicy was initiated without a ScriptExecutionContext object.
3277         (WebCore::CSPSourceList::allowSelf): Added.
3278         (WebCore::CSPSourceList::CSPSourceList): Take a constant reference to a ContentSecurityPolicy
3279         instead of a pointer since we never expected a null pointer. Remove fields from member
3280         initialization list that can be initialized using C++11 in-class initialization syntax.
3281         (WebCore::CSPSourceList::matches): Call ContentSecurityPolicy::urlMatchesSelf() to match the
3282         effective URL against the URL of source "self".
3283         (WebCore::CSPSourceList::parse): Update code as necessary now that m_policy is a reference
3284         instead of a pointer.
3285         (WebCore::CSPSourceList::parseSource): Simplify code by setting internal member fields directly
3286         instead of via member functions.
3287         (WebCore::CSPSourceList::parsePath): Update code as necessary now that m_policy is a reference
3288         instead of a pointer.
3289         (WebCore::CSPDirective::CSPDirective): Take a constant reference to a ContentSecurityPolicy
3290         instead of a pointer since we never expected a null pointer.
3291         (WebCore::CSPDirective::policy): Return a reference to a const ContentSecurityPolicy.
3292         (WebCore::MediaListDirective::MediaListDirective): Take a constant reference to a ContentSecurityPolicy
3293         instead of a pointer since we never expected a null pointer.
3294         (WebCore::MediaListDirective::parse): Update code as necessary now that m_policy is a reference
3295         instead of a pointer.
3296         (WebCore::SourceListDirective::SourceListDirective): Take a constant reference to a ContentSecurityPolicy
3297         instead of a pointer since we never expected a null pointer.
3298         (WebCore::SourceListDirective::allows): Write in terms of CSPSourceList::allowSelf() because we
3299         may not have a security origin to get a URL from if ContentSecurityPolicy was initiated without
3300         a ScriptExecutionContext object.
3301         (WebCore::CSPDirectiveList::reportURIs): Change return type from Vector<URL> to Vector<String>
3302         The caller will convert the strings to URLs with respect to the script execution context.
3303         (WebCore::CSPDirectiveList::parseReportURI): Store the report URI as a string instead of a URL
3304         because we may not have a security origin to compute the absolute URL if ContentSecurityPolicy
3305         was initiated without a ScriptExecutionContext object.
3306         (WebCore::CSPDirectiveList::CSPDirectiveList): Take a reference to a ContentSecurityPolicy
3307         instead of a pointer since we never expected a null pointer. It would be better to take a const
3308         reference to a ContentSecurityPolicy, but ContentSecurityPolicy::applySandboxPolicy() needs to set
3309         state on ContentSecurityPolicy :(
3310         (WebCore::CSPDirectiveList::create): Ditto.
3311         (WebCore::CSPDirectiveList::reportViolation): Update code as necessary now that m_policy is a reference
3312         instead of a pointer.
3313         (WebCore::CSPDirectiveList::checkEvalAndReportViolation): Ditto.
3314         (WebCore::CSPDirectiveList::checkInlineAndReportViolation): Ditto.
3315         (WebCore::CSPDirectiveList::parseDirective): Ditto.
3316         (WebCore::CSPDirectiveList::parseReportURI): Store the report URI as a string instead of a URL
3317         because we may not have a security origin to compute the absolute URL if ContentSecurityPolicy
3318         was initiated without a ScriptExecutionContext object.
3319         (WebCore::CSPDirectiveList::setCSPDirective): Update code as necessary now that m_policy is a reference
3320         instead of a pointer.
3321         (WebCore::CSPDirectiveList::applySandboxPolicy): Ditto.
3322         (WebCore::CSPDirectiveList::parseReflectedXSS): Ditto.
3323         (WebCore::CSPDirectiveList::addDirective): Ditto.
3324         (WebCore::ContentSecurityPolicy::ContentSecurityPolicy): Modified to take the ScriptExecutionObject
3325         as a reference and compute the CSPSource object for "self" and cache the protocol for "self". Removed
3326         field m_overrideInlineStyleAllowed from the member initialization list and used C++11 in-class
3327         initialization syntax to initialize it. Added overloaded constructor that takes a SecurityOrigin object.
3328         We are not making use of this overloaded constructor at this time. We will in a subsequent patch.
3329         (WebCore::ContentSecurityPolicy::didReceiveHeader): Store the eval disabled error message for
3330         the last parsed policy in a member field instead of using it as part of disabling eval execution
3331         on the script execution context because we may not have such a context.
3332         (WebCore::ContentSecurityPolicy::applyPolicyToScriptExecutionContext): Applies the content security
3333         policy eval and sandbox restrictions to the script execution context.
3334         (WebCore::ContentSecurityPolicy::urlMatchesSelf): Match the specified URL against the URL for
3335         source "self".
3336         (WebCore::ContentSecurityPolicy::protocolMatchesSelf): Match the protocol of the specified URL
3337         against the protocol for source "self".
3338         (WebCore::ContentSecurityPolicy::gatherReportURIs): Modified to use the script execution context
3339         to compute the absolute URL for each report URI.
3340         (WebCore::ContentSecurityPolicy::reportViolation): Bail out if we do not have a script execution
3341         context.
3342         (WebCore::ContentSecurityPolicy::logToConsole): Only log to the console if we have a script
3343         execution context.
3344         (WebCore::ContentSecurityPolicy::reportBlockedScriptExecutionToInspector): Only report blocked
3345         script execution to the Web Inspector if we have a script execution context.
3346         (WebCore::CSPSourceList::addSourceSelf): Deleted.
3347         (WebCore::CSPSourceList::addSourceStar): Deleted.
3348         (WebCore::CSPSourceList::addSourceUnsafeInline): Deleted.
3349         (WebCore::CSPSourceList::addSourceUnsafeEval): Deleted.
3350         (WebCore::CSPDirectiveList::gatherReportURIs): Deleted.
3351         (WebCore::ContentSecurityPolicy::securityOrigin): Deleted.
3352         (WebCore::ContentSecurityPolicy::url): Deleted.
3353         (WebCore::ContentSecurityPolicy::completeURL): Deleted.
3354         (WebCore::ContentSecurityPolicy::enforceSandboxFlags): Deleted.
3355         * page/csp/ContentSecurityPolicy.h:
3356         (WebCore::ContentSecurityPolicy::enforceSandboxFlags): Accumulates the parsed sandbox flags. We
3357         will apply the sandbox flags in ContentSecurityPolicy::applyPolicyToScriptExecutionContext().
3358         * workers/WorkerGlobalScope.cpp:
3359         (WebCore::WorkerGlobalScope::WorkerGlobalScope): Instantiate ContentSecurityPolicy.
3360         (WebCore::WorkerGlobalScope::applyContentSecurityPolicyResponseHeaders): Move instantiation of
3361         ContentSecurityPolicy from here to constructor.
3362
3363 2016-02-02  Eric Carlson  <eric.carlson@apple.com>
3364
3365         Allow ports to disable automatic text track selection
3366         https://bugs.webkit.org/show_bug.cgi?id=153761
3367         <rdar://problem/24416768>
3368
3369         Reviewed by Darin Adler.
3370
3371         Test: media/track/track-manual-mode.html
3372
3373         * Modules/mediacontrols/MediaControlsHost.cpp:
3374         (WebCore::MediaContr