Reduce uses of PassRefPtr in WebCore/dom - 6

[WebKit-https.git] / Source / WebCore / ChangeLog

2016-03-20  Gyuyoung Kim  <gyuyoung.kim@webkit.org>

        Reduce uses of PassRefPtr in WebCore/dom - 6
        https://bugs.webkit.org/show_bug.cgi?id=155579

        Reviewed by Darin Adler.

        * dom/MessagePortChannel.h:
        * dom/default/PlatformMessagePortChannel.cpp:
        (WebCore::PlatformMessagePortChannel::EventData::EventData):
        (WebCore::MessagePortChannel::createChannel):
        (WebCore::MessagePortChannel::MessagePortChannel):
        (WebCore::MessagePortChannel::postMessageToRemote):
        (WebCore::PlatformMessagePortChannel::create):
        (WebCore::PlatformMessagePortChannel::PlatformMessagePortChannel):
        * dom/default/PlatformMessagePortChannel.h:
        (WebCore::PlatformMessagePortChannel::EventData::message):

2016-03-20  Jinwoo Jeong  <jw00.jeong@samsung.com>

        The setter of binaryType attribute in WebSocket should raise the exception.
        https://bugs.webkit.org/show_bug.cgi?id=135874

        Reviewed by Antonio Gomes.

        According to W3C WebSocket Specification, <https://www.w3.org/TR/2012/CR-websockets-20120920/>
        when an invalid value is set on binaryType of WebSocket, a SyntaxError should be raised.

        * Modules/websockets/WebSocket.cpp:
        (WebCore::WebSocket::setBinaryType): Add a parameter to set an exception.
        * Modules/websockets/WebSocket.h: Ditto.
        * Modules/websockets/WebSocket.idl: Update that setter of binaryType could raise an exception.

2016-03-20  Dan Bernstein  <mitz@apple.com>

        [Mac] Determine TARGET_MAC_OS_X_VERSION_MAJOR from MACOSX_DEPLOYMENT_TARGET rather than from MAC_OS_X_VERSION_MAJOR
        https://bugs.webkit.org/show_bug.cgi?id=155707
        <rdar://problem/24980691>

        Reviewed by Darin Adler.

        * Configurations/Base.xcconfig: Set TARGET_MAC_OS_X_VERSION_MAJOR based on the last
          component of MACOSX_DEPLOYMENT_TARGET.
        * Configurations/DebugRelease.xcconfig: For engineering builds, preserve the behavior of
          TARGET_MAC_OS_X_VERSION_MAJOR being the host’s OS version.

2016-03-20  Konstantin Tokarev  <annulen@yandex.ru>

        Added implementations of AXObjectCache methods for !HAVE(ACCESSIBILITY).
        https://bugs.webkit.org/show_bug.cgi?id=155697

        Reviewed by Darin Adler.

        No new tests needed.

        * accessibility/AXObjectCache.h:
        (WebCore::AXObjectCache::rangeForUnorderedCharacterOffsets):
        (WebCore::AXObjectCache::absoluteCaretBoundsForCharacterOffset):
        (WebCore::AXObjectCache::characterOffsetForIndex):
        (WebCore::AXObjectCache::startOrEndCharacterOffsetForRange):
        (WebCore::AXObjectCache::endCharacterOffsetOfLine):
        (WebCore::AXObjectCache::nextCharacterOffset):
        (WebCore::AXObjectCache::previousCharacterOffset):

2016-03-20  Darin Adler  <darin@apple.com>

        Disable Caches in Safari's Develop menu does not disable caches.
        https://bugs.webkit.org/show_bug.cgi?id=64483

        Reviewed by Antti Koivisto.

        Moved feature from Settings to Page.

        * history/PageCache.cpp:
        (WebCore::canCachePage): Use function on Page instead of Settings.
        (WebCore::PageCache::take): Ditto.
        (WebCore::PageCache::get): Ditto.
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::subresourceCachePolicy): Ditto.
        (WebCore::FrameLoader::addExtraFieldsToRequest): Ditto.
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::cachePolicy): Ditto.

        * page/Page.h:
        (WebCore::Page::isResourceCachingDisabled): Added.
        (WebCore::Page::setResourceCachingDisabled): Added.

        * page/Settings.in: Removed resourceCachingDisabled.

2016-03-20  Dan Bernstein  <mitz@apple.com>

        Update build settings

        Rubber-stamped by Andy Estes.

        * Configurations/DebugRelease.xcconfig:
        * Configurations/FeatureDefines.xcconfig:
        * Configurations/Version.xcconfig:

2016-03-20  Chris Fleizach  <cfleizach@apple.com>

        AX: Radio button members are not identified together in all cases
        https://bugs.webkit.org/show_bug.cgi?id=155604
        <rdar://problem/21186992>

        Reviewed by Darin Adler.

        Allow aria radio buttons to be grouped together as linked ui elements even if they're not input types of radio button.

        Modified test: accessibility/radio-button-group-members.html

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::speakProperty):
        (WebCore::AccessibilityRenderObject::addRadioButtonGroupChildren):
        (WebCore::AccessibilityRenderObject::addRadioButtonGroupMembers):
        * accessibility/AccessibilityRenderObject.h:

2016-03-19  Joonghun Park  <jh718.park@samsung.com>

        Purge PassRefPtr from WebCore/html/shadow
        https://bugs.webkit.org/show_bug.cgi?id=155681

        Reviewed by Darin Adler.

        No new tests, no new behaviours.

        * html/HTMLImageElement.cpp:
        (WebCore::HTMLImageElement::updateImageControls):
        (WebCore::HTMLImageElement::tryCreateImageControls):
        (WebCore::HTMLImageElement::createImageControls): Deleted.
        * html/HTMLImageElement.h:
        * html/shadow/ImageControlsRootElement.h:
        * html/shadow/MediaControls.h:
        * html/shadow/MediaControlsApple.cpp:
        (WebCore::MediaControls::tryCreate):
        (WebCore::MediaControlsApple::tryCreateControls):
        (WebCore::MediaControlsApple::showClosedCaptionTrackList):
        (WebCore::MediaControlsApple::hideClosedCaptionTrackList):
        (WebCore::MediaControlsApple::eventListener):
        (WebCore::MediaControls::create): Deleted.
        (WebCore::MediaControlsApple::createControls): Deleted.
        * html/shadow/MediaControlsApple.h:
        * html/shadow/mac/ImageControlsButtonElementMac.cpp:
        (WebCore::ImageControlsButtonElementMac::tryCreate):
        (WebCore::ImageControlsButtonElementMac::maybeCreate): Deleted.
        * html/shadow/mac/ImageControlsButtonElementMac.h:
        * html/shadow/mac/ImageControlsRootElementMac.cpp:
        (WebCore::ImageControlsRootElement::tryCreate):
        (WebCore::ImageControlsRootElement::maybeCreate): Deleted.

2016-03-19  Antti Koivisto  <antti@apple.com>

        Data URL DecodeTask may get deleted outside main thread
        https://bugs.webkit.org/show_bug.cgi?id=155584
        rdar://problem/24492104

        Reviewed by David Kilzer.

        Follow-up: fix a possible null pointer crash.

        * platform/network/DataURLDecoder.cpp:
        (WebCore::DataURLDecoder::DecodingResultDispatcher::startTimer):

            If timer fires under startOneShot m_decodeTask may become zero before schedule() is called.
            Fix by copying schedule context to a local before calling startOneShot.

2016-03-18  Zhuo Li  <zachli@apple.com>

        Update AutoFill button in input fields.
        https://bugs.webkit.org/show_bug.cgi?id=155619.
        rdar://problem/24486939.

        Reviewed by Daniel Bates.

        * css/html.css:
        (input::-webkit-contacts-auto-fill-button):
        Use the new AutoFill button.

2016-03-18  Alex Christensen  <achristensen@webkit.org>

        Give NSURLSessionConfiguration information about parent process
        https://bugs.webkit.org/show_bug.cgi?id=155661

        Reviewed by Anders Carlsson.

        * platform/spi/cf/CFNetworkSPI.h:
        Add newly-used SPI declarations.

2016-03-18  Simon Fraser  <simon.fraser@apple.com>

        Sideways-scrollable RTL document has wrong initial and reload offset in WKWebView
        https://bugs.webkit.org/show_bug.cgi?id=155660
        rdar://problem/22212662

        Reviewed by Tim Horton.
        
        There were two problems with the scroll position of RTL documents on initial and reload
        in WKWebView.

        First, in the delegatesScrolling() code path, ScrollView::updateScrollbars() needs to
        tell someone that the scroll origin changed, to trigger a scroll to the page origin.

        Secondly, WKWebView had scrollPosition/scrollOffset confusion in various places.

        Test: fast/scrolling/rtl-initial-scroll-position.html

        * platform/ScrollView.cpp:
        (WebCore::ScrollView::updateScrollbars):

2016-03-18  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r198443.

        This change caused API test failures on El Capitan

        Reverted changeset:

        "CRASH in WebCore::MediaResourceLoader::requestResource + 698"
        https://bugs.webkit.org/show_bug.cgi?id=155651
        http://trac.webkit.org/changeset/198443

2016-03-18  Darin Adler  <darin@apple.com>

        ASSERTION FAILED: m_isValid == valid() in WebCore::HTMLFormControlElement::isValidFormControlElement
        https://bugs.webkit.org/show_bug.cgi?id=139481

        Reviewed by Daniel Bates.

        Test: fast/forms/validity-assertion-inserting-into-datalist.html

        * html/HTMLFormControlElement.cpp:
        (WebCore::HTMLFormControlElement::insertedInto): Set the flags that will cause
        "will validate" to be recomputed *before* calling willValidate().

2016-03-18  Chris Dumez  <cdumez@apple.com>

        Speculative revalidation requests do not have their HTTP user-agent set
        https://bugs.webkit.org/show_bug.cgi?id=155620
        <rdar://problem/24657567>

        Reviewed by Brady Eidson.

        Export a couple of symbols so they can be used from WebKit2.

        Test: http/tests/cache/disk-cache/speculative-validation/validation-request.html

        * platform/network/ResourceRequestBase.h:

2016-03-18  Zhuo Li  <zachli@apple.com>

        Need to forward declare NSScrollerImpSPI::scrollerLayoutDirection.
        https://bugs.webkit.org/show_bug.cgi?id=155662.

        Reviewed by Myles C. Maxfield.

        * platform/spi/mac/NSScrollerImpSPI.h:
        Forward declare NSScrollerImpSPI::scrollerLayoutDirection.

2016-03-18  Myles C. Maxfield  <mmaxfield@apple.com>

        [OS X] Scrollbars are sometimes erroneously reported as overlay
        https://bugs.webkit.org/show_bug.cgi?id=155630

        Reviewed by Darin Adler.

        When AppKit boots up, if the system preference is set to determine at runtime whether
        scrollbars should be overlay or always-on, AppKit must do some processing to determine
        this scrollbar state. We listen for the results by using NSScrollerImpPairDelegate's
        scrollerImpPair:updateScrollerStyleForNewRecommendedScrollerStyle: method.

        However, our NSScrollerImpPairDelegates are owned by the FrameView, and when loading
        a page, there is a short amount of time when no FrameViews are alive. This means that
        there is a point in time when we don't have any NSScrollerImpPairs alive. Unfortunately,
        the processesing that AppKit does to determine the scrollbar state is done
        asynchronously, and the results may be reported within this short window. In this case,
        we don't receive the notification that the scrollbar should be non-overlay, and our
        internal state (gUsesOverlayScrollbars in ScrollbarThemeMac) becomes stale.

        The solution is to simply always check what the scrollbar state is upon creation of a
        NSScrollerImpPair. That way, as soon as the second FrameView is created, the scrollbar
        state will be correctly updated immediately.

        An alternative, similar, approach would be for ScrollbarThemeMac to listen to the
        NSPreferredScrollerStyleDidChangeNotification. This patch doesn't use this approach
        in order to align with the current division of responsibilities between ScrollAnimator
        and ScrollbarTheme.

        Covered by existing (RTL Scrollbar) tests.

        * platform/mac/ScrollAnimatorMac.mm:
        (WebCore::ScrollAnimatorMac::ScrollAnimatorMac):

2016-03-18  Jer Noble  <jer.noble@apple.com>

        CRASH in WebCore::MediaResourceLoader::requestResource + 698
        https://bugs.webkit.org/show_bug.cgi?id=155651
        <rdar://problem/25130582>

        Reviewed by Eric Carlson.

        No new tests, fixes existing tests running under GuardMalloc.

        Protect against the Document passed into MediaResourceLoader being destroyed during the MediaResourceLoader's lifetime.

        * loader/MediaResourceLoader.cpp:
        (WebCore::MediaResourceLoader::MediaResourceLoader):
        (WebCore::MediaResourceLoader::contextDestroyed):
        (WebCore::MediaResourceLoader::requestResource):
        (WebCore::MediaResource::responseReceived):
        * loader/MediaResourceLoader.h:

2016-03-18  Mark Lam  <mark.lam@apple.com>

        JSDOMGlobalObject.h needs to #include StructureInlines.h.
        https://bugs.webkit.org/show_bug.cgi?id=155657

        Reviewed by Filip Pizlo.

        No new tests needed.  This is a build fix for the Win EWS.

        * bindings/js/JSDOMGlobalObject.h:

2016-03-18  Brent Fulgham  <bfulgham@apple.com>

        Local file restrictions should not block sessionStorage access
        https://bugs.webkit.org/show_bug.cgi?id=155609
        <rdar://problem/25229461>

        Reviewed by Andy Estes.

        Use of 'sesssionStorage' is governed by SecurityOrigin with third party access
        set to 'ShouldAllowFromThirdParty::AlwaysAllowFromThirdParty'. We should not
        reject local files for this combination of arguments.

        Test: storage/domstorage/sessionstorage/blocked-file-access.html

        * page/SecurityOrigin.cpp:
        (WebCore::SecurityOrigin::canAccessStorage): For the case of sessionStorage,
        allow local file access.

2016-03-18  Jer Noble  <jer.noble@apple.com>

        CachedResource::MediaResource types shouldn't be blocked due to mixed-content.
        https://bugs.webkit.org/show_bug.cgi?id=155588
        <rdar://problem/25177795>

        Reviewed by Daniel Bates.

        The Mixed Content spec specifically allows (with certain restrictions) loads of <image>,
        <video>, and <audio> resources from mixed-content origins, albeit with warnings.

        No new tests, fixes existing test: http/tests/security/mixedContent/insecure-audio-video-in-main-frame.html

        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::contentTypeFromResourceType):

2016-03-18  Nan Wang  <n_wang@apple.com>

        AX: AXARIACurrent exposed but not displayed in Accessibility Inspector
        https://bugs.webkit.org/show_bug.cgi?id=155600

        Reviewed by Chris Fleizach.

        AXARIACurrent attribute was added to a temporary array that was never returned.

        Test: accessibility/mac/aria-current-attribute-exposed.html

        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper accessibilityAttributeNames]):

2016-03-18  Nan Wang  <n_wang@apple.com>

        AX: Typing broken on form input field while using VoiceOver
        https://bugs.webkit.org/show_bug.cgi?id=155613

        Reviewed by Chris Fleizach.

        The div element inside the INPUT element gives a collapsed TextMarkerRange which then creates
        a collapsed Range. Fixed it by using the parent node to create the Range when the div node has
        no children.

        Test: accessibility/mac/text-marker-range-for-node-without-children.html

        * accessibility/AXObjectCache.cpp:
        (WebCore::setRangeStartOrEndWithCharacterOffset):

2016-03-18  Chris Fleizach  <cfleizach@apple.com>

        AX: Implement AutoFill Available attribute for a text field
        https://bugs.webkit.org/show_bug.cgi?id=155567

        Reviewed by Darin Adler.

        This file was left out of original commit accidentally.

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::addTextFieldChildren):

2016-03-18  Csaba Osztrogonác  <ossy@webkit.org>

        [Mac][cmake] Unreviewed speculative buildfix after r197956. Just for fun.

        * PlatformMac.cmake:

2016-03-18  Csaba Osztrogonác  <ossy@webkit.org>

        [Mac][cmake] Unreviewed speculative buildfix after r197628. Just for fun.

        * PlatformMac.cmake:

2016-03-18  Csaba Osztrogonác  <ossy@webkit.org>

        [Mac][cmake] One more attempt to try to fix the build after r197633.

        * PlatformMac.cmake:

2016-03-18  Csaba Osztrogonác  <ossy@webkit.org>

        [Mac][cmake] One more attempt to try to fix the build after r197633.

        * PlatformMac.cmake:

2016-03-18  Csaba Osztrogonác  <ossy@webkit.org>

        [Mac][cmake] One more attempt to try to fix the build after r197633.

        * PlatformMac.cmake: Revert r198398, which was incorrect.

2016-03-18  Csaba Osztrogonác  <ossy@webkit.org>

        [Mac][cmake] Last attempt to try to fix the build after r197633.

        * PlatformMac.cmake:

2016-03-18  Manuel Rego Casasnovas  <rego@igalia.com>

        [css-grid] Rename GridSpan properties
        https://bugs.webkit.org/show_bug.cgi?id=155636

        Reviewed by Sergio Villar Senin.

        GridSpan was using old names initialResolvedPosition and
        finalResolvedPosition.
        This patch rename them to startLine and endLine.

        Some reasons for this refactoring:
        - "position" is a vague term not defined in the spec.
        - GridSpan is currently storing grid lines. A grid "line" is defined
          in the spec: https://drafts.csswg.org/css-grid/#grid-line-concept
        - The spec uses the concepts "start" and "end" lines too.

        No new tests, no change of behavior.

        * css/CSSGridTemplateAreasValue.cpp:
        (WebCore::stringForPosition):
        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseGridTemplateAreasRow):
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::createImplicitNamedGridLinesFromGridArea):
        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::computeUsedBreadthOfGridTracks):
        (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForNonSpanningItems):
        (WebCore::RenderGrid::insertItemIntoGrid):
        (WebCore::RenderGrid::populateExplicitGridAndOrderIterator):
        (WebCore::RenderGrid::placeSpecifiedMajorAxisItemsOnGrid):
        (WebCore::RenderGrid::placeAutoMajorAxisItemOnGrid):
        (WebCore::RenderGrid::offsetAndBreadthForPositionedChild):
        (WebCore::RenderGrid::gridAreaBreadthForChildIncludingAlignmentOffsets):
        (WebCore::RenderGrid::columnAxisOffsetForChild):
        (WebCore::RenderGrid::rowAxisOffsetForChild):
        * rendering/style/GridArea.h:
        (WebCore::GridSpan::untranslatedDefiniteGridSpan):
        (WebCore::GridSpan::translatedDefiniteGridSpan):
        (WebCore::GridSpan::operator==):
        (WebCore::GridSpan::integerSpan):
        (WebCore::GridSpan::untranslatedStartLine):
        (WebCore::GridSpan::untranslatedEndLine):
        (WebCore::GridSpan::startLine):
        (WebCore::GridSpan::endLine):
        (WebCore::GridSpan::begin):
        (WebCore::GridSpan::end):
        (WebCore::GridSpan::translate):
        (WebCore::GridSpan::GridSpan):
        (WebCore::GridSpan::untranslatedResolvedInitialPosition): Deleted.
        (WebCore::GridSpan::untranslatedResolvedFinalPosition): Deleted.
        (WebCore::GridSpan::resolvedInitialPosition): Deleted.
        (WebCore::GridSpan::resolvedFinalPosition): Deleted.
        * rendering/style/GridPositionsResolver.cpp:
        (WebCore::definiteGridSpanWithNamedLineSpanAgainstOpposite):
        (WebCore::resolveNamedGridLinePositionAgainstOppositePosition):
        (WebCore::resolveGridPositionAgainstOppositePosition):
        (WebCore::GridPositionsResolver::resolveGridPositionsFromStyle):

2016-03-18  Csaba Osztrogonác  <ossy@webkit.org>

        [Mac][cmake] One more unreviewed speculative buildfix after r197633. Just for fun.

        * PlatformMac.cmake:

2016-03-18  Csaba Osztrogonác  <ossy@webkit.org>

        [Mac][cmake] Unreviewed speculative buildfix after r197633. Just for fun.

        * PlatformMac.cmake:

2016-03-18  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        crossorigin element resource loading should check HTTP redirection
        https://bugs.webkit.org/show_bug.cgi?id=130578

        Reviewed by Daniel Bates and Brent Fulgham.

        Moved part of DocumentThreadableLoader redirection cross origin control code
        into functions in CrossOriginAccessControl.cpp. Added cross origin control for
        redirections in SubResourceLoader when policy is set to PotentiallyCrossOriginEnabled 
        using CrossOriginAccessControl.cpp new functions. Added a new test that checks that 
        cross-origin redirections are checked against CORS.

        Test: http/tests/security/shape-image-cors-redirect.html

        * loader/CrossOriginAccessControl.cpp:
        (WebCore::isValidCrossOriginRedirectionURL): Returns true if the redirected URL is a valid URL for cross-origin requests.
        (WebCore::cleanRedirectedRequestForAccessControl): Removes all headers added by the network backend that may cause the response CORS validation to fail.
        * loader/CrossOriginAccessControl.h: Added above function prototypes.
        * loader/DocumentThreadableLoader.cpp:
        (WebCore::DocumentThreadableLoader::redirectReceived): Used new CORS redirection methods of CrossOriginAccessControl.cpp.
        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::init): Initialize the SecurityOrigin to be used for loading the resource.
        (WebCore::SubresourceLoader::willSendRequest): Added cross-origin redirection response check.
        (WebCore::SubresourceLoader::checkCrossOriginAccessControl): Checks CORS and update request if needed. Returns true if control checks passed.
        * loader/SubresourceLoader.h: Added checkCrossOriginAccessControl declaration and m_origin declaration.

2016-03-18  Darin Adler  <darin@apple.com>

        Disable Caches in Safari's Develop menu does not disable caches.
        https://bugs.webkit.org/show_bug.cgi?id=64483

        Reviewed by Antti Koivisto.

        Add a new setting, ResourceCachingDisabled, for use in future versions of Safari.

        * history/PageCache.cpp:
        (WebCore::canCachePage): Check resourceCachingDisabled and return false.
        (WebCore::PageCache::take): Check resourceCachingDisabled, and return null.
        (WebCore::PageCache::get): Ditto.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::subresourceCachePolicy): Check resourceCachingDisabled, and
        request a reload.
        (WebCore::FrameLoader::addExtraFieldsToRequest): Check resourceCachingDisabled, and
        set the cache policy to trigger a reload.
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::cachePolicy): Check resourceCachingDisabled, and
        request a reload.

        * page/Settings.in: Added resourceCachingDisabled.

2016-03-18  Csaba Osztrogonác  <ossy@webkit.org>

        [Mac][cmake] Unreviewed speculative buildfix. Just for fun.

        * loader/EmptyClients.cpp:

2016-03-17  Antti Koivisto  <antti@apple.com>

        Data URL DecodeTask may get deleted outside main thread
        https://bugs.webkit.org/show_bug.cgi?id=155584
        rdar://problem/24492104

        Reviewed by Darin Adler.

        This is unsafe as it owns strings and other types that are only safe to delete in the main thread.

        There is a race between deref in dispatch() and deref in timerFired(). If the timer fires before dispatch()
        exits the implicit deref will trigger deletion of DecodingResultDispatcher in the dispatching thread.

        (WebCore::DataURLDecoder::DecodingResultDispatcher::timerFired):

            Fix by clearing m_decodeTask when the timer fires.

2016-03-17  Carlos Garcia Campos  <cgarcia@igalia.com>

        REGRESSION(r195661): [GTK] very slow scrolling
        https://bugs.webkit.org/show_bug.cgi?id=155334

        Reviewed by Michael Catanzaro.

        We need to also restore the PerAxisData visible length when it's
        reset because of a non animated scroll. To prevent making the same
        mistake in the future, the current position and visible lengths
        members are now required to construct PerAxisData. This also
        simplifies the code and ensures that when the ScrollAnimatorSmooth
        is created, it's updated to the current position.

        * platform/ScrollAnimationSmooth.cpp:
        (WebCore::ScrollAnimationSmooth::ScrollAnimationSmooth):
        Initialize PerAxisData members.
        (WebCore::ScrollAnimationSmooth::setCurrentPosition): Pass the
        current position and visible length as parameters to the
        PerAxisData constructor.
        (WebCore::ScrollAnimationSmooth::animateScroll): Ditto.
        * platform/ScrollAnimationSmooth.h: Add a PerAxisData constructor
        that receives current position and visible length and disallow to
        use the default constructor.
        * platform/ScrollAnimatorSmooth.cpp:
        (WebCore::ScrollAnimatorSmooth::ScrollAnimatorSmooth): Pass the
        current position to the ScrollAnimationSmooth constructor.
        * platform/gtk/ScrollAnimatorGtk.cpp:
        (WebCore::ScrollAnimatorGtk::ensureSmoothScrollingAnimation): Ditto.

2016-03-17  Chris Fleizach  <cfleizach@apple.com>

        AX: WEB: VoiceOver does not announce some WAI-ARIA document structures
        https://bugs.webkit.org/show_bug.cgi?id=155603
        <rdar://problem/25227385>

        Reviewed by Darin Adler.

        Expose more ARIA landmark type roles on iOS for accessibility.

        Updated test: accessibility/ios-simulator/landmark-type.html

        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper _accessibilityIsLandmarkRole:]):
        (-[WebAccessibilityObjectWrapper accessibilityLabel]):
        * platform/LocalizedStrings.cpp:
        (WebCore::searchMenuClearRecentSearchesText):
        (WebCore::AXWebAreaText):
        (WebCore::AXListItemActionVerb):
        (WebCore::AXAutoFillCredentialsLabel):
        * platform/LocalizedStrings.h:

2016-03-17  Daniel Bates  <dabates@apple.com>

        Cleanup: Remove the need to pass reporting status to ContentSecurityPolicy functions
        https://bugs.webkit.org/show_bug.cgi?id=155623

        Reviewed by Andy Estes and Alex Christensen.

        ScriptController::initScript() is the only function that passes ContentSecurityPolicy::ReportingStatus::SuppressReport
        following the removal of the SecurityPolicy script interface in <http://trac.webkit.org/changeset/197142>. It
        passes this reporting status to prevent sending a violation report when determining whether the CSP policy allows
        use of the JavaScript eval()/operator eval so that it enable or disable this capability as appropriate. We
        should teach ScriptController::initScript() to delegate the responsibility of enabling/disabling this capability
        to the ContentSecurityPolicy. Then we can remove the need to expose ContentSecurityPolicy::ReportingStatus as
        part of the ContentSecurityPolicy interface.

        No functionality changed. So, no new tests.

        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::createWindowShell): Return a reference to a JSDOMWindowShell object
        instead of a pointer as the pointer is always non-null.
        (WebCore::ScriptController::initScript): Updated as needed now that ScriptController::createWindowShell()
        returns a reference. Moved logic to enable/disable JavaScript eval() and operator eval from here into
        ContentSecurityPolicy::didCreateWindowShell() and make use of this member function.
        * bindings/js/ScriptController.h:
        * page/csp/ContentSecurityPolicy.cpp:
        (WebCore::ContentSecurityPolicy::didCreateWindowShell): Added. Moved logic from to enable/disable JavaScript
        eval() and operator eval from ScriptController::initScript() to here.
        (WebCore::ContentSecurityPolicy::didReceiveHeader): Substitute ContentSecurityPolicyDirectiveList::ReportingStatus::SuppressReport
        for ContentSecurityPolicy::ReportingStatus::SuppressReport as the enum has moved from class ContentSecurityPolicy
        to ContentSecurityPolicyDirectiveList. Fix minor code style nit; substitute nullptr for 0 in the first argument
        to ContentSecurityPolicyDirectiveList::allowEval().
        (WebCore::isAllowedByAllWithFrame): Substitute ContentSecurityPolicyDirectiveList::ReportingStatus::SuppressReport
        for ContentSecurityPolicy::ReportingStatus::SuppressReport as the enum has moved from class ContentSecurityPolicy
        to ContentSecurityPolicyDirectiveList.
        (WebCore::isAllowedByAll): Substitute ContentSecurityPolicyDirectiveList::ReportingStatus::SuppressReport
        for ContentSecurityPolicy::ReportingStatus::SuppressReport as the enum has moved from class ContentSecurityPolicy
        to ContentSecurityPolicyDirectiveList. Also make this function static so that it has internal linkage.
        (WebCore::isAllowedByAllWithState): Ditto.
        (WebCore::isAllowedByAllWithContext): Ditto.
        (WebCore::isAllowedByAllWithHashFromContent): Ditto.
        (WebCore::isAllowedByAllWithURL): Ditto.
        (WebCore::ContentSecurityPolicy::allowJavaScriptURLs): Remove argument reportingStatus and always pass
        ContentSecurityPolicyDirectiveList::ReportingStatus::SendReport to the directive list member function. In a
        subsequent patch we will remove the need to pass the reporting status to the directive list member function.
        (WebCore::ContentSecurityPolicy::allowInlineEventHandlers): Ditto.
        (WebCore::ContentSecurityPolicy::allowInlineScript): Ditto.
        (WebCore::ContentSecurityPolicy::allowInlineStyle): Ditto.
        (WebCore::ContentSecurityPolicy::allowEval): Ditto.
        (WebCore::ContentSecurityPolicy::allowFrameAncestors): Ditto.
        (WebCore::ContentSecurityPolicy::allowPluginType): Ditto.
        (WebCore::ContentSecurityPolicy::allowScriptFromSource): Ditto.
        (WebCore::ContentSecurityPolicy::allowObjectFromSource): Ditto.
        (WebCore::ContentSecurityPolicy::allowChildFrameFromSource): Ditto.
        (WebCore::ContentSecurityPolicy::allowChildContextFromSource): Ditto.
        (WebCore::ContentSecurityPolicy::allowImageFromSource): Ditto.
        (WebCore::ContentSecurityPolicy::allowStyleFromSource): Ditto.
        (WebCore::ContentSecurityPolicy::allowFontFromSource): Ditto.
        (WebCore::ContentSecurityPolicy::allowMediaFromSource): Ditto.
        (WebCore::ContentSecurityPolicy::allowConnectToSource): Ditto.
        (WebCore::ContentSecurityPolicy::allowFormAction): Ditto.
        (WebCore::ContentSecurityPolicy::allowBaseURI): Ditto.
        (WebCore::ContentSecurityPolicy::evalDisabledErrorMessage): Deleted.
        * page/csp/ContentSecurityPolicy.h:
        * page/csp/ContentSecurityPolicyDirectiveList.cpp:
        (WebCore::ContentSecurityPolicyDirectiveList::allowJavaScriptURLs): Substitute ReportingStatus for
        ContentSecurityPolicy::ReportingStatus as the enum has moved from class ContentSecurityPolicy to this class.
        (WebCore::ContentSecurityPolicyDirectiveList::allowInlineEventHandlers): Ditto.
        (WebCore::ContentSecurityPolicyDirectiveList::allowInlineScript): Ditto.
        (WebCore::ContentSecurityPolicyDirectiveList::allowInlineStyle): Ditto.
        (WebCore::ContentSecurityPolicyDirectiveList::allowEval): Ditto.
        (WebCore::ContentSecurityPolicyDirectiveList::allowPluginType): Ditto.
        (WebCore::ContentSecurityPolicyDirectiveList::allowScriptFromSource): Ditto.
        (WebCore::ContentSecurityPolicyDirectiveList::allowObjectFromSource): Ditto.
        (WebCore::ContentSecurityPolicyDirectiveList::allowChildContextFromSource): Ditto.
        (WebCore::ContentSecurityPolicyDirectiveList::allowChildFrameFromSource): Ditto.
        (WebCore::ContentSecurityPolicyDirectiveList::allowImageFromSource): Ditto.
        (WebCore::ContentSecurityPolicyDirectiveList::allowStyleFromSource): Ditto.
        (WebCore::ContentSecurityPolicyDirectiveList::allowFontFromSource): Ditto.
        (WebCore::ContentSecurityPolicyDirectiveList::allowMediaFromSource): Ditto.
        (WebCore::ContentSecurityPolicyDirectiveList::allowConnectToSource): Ditto.
        (WebCore::ContentSecurityPolicyDirectiveList::allowFormAction): Ditto.
        (WebCore::ContentSecurityPolicyDirectiveList::allowBaseURI): Ditto.
        (WebCore::ContentSecurityPolicyDirectiveList::allowFrameAncestors): Ditto.
        * page/csp/ContentSecurityPolicyDirectiveList.h:

2016-03-17  Brent Fulgham  <bfulgham@apple.com>

        [XSS Auditor] Off by one in XSSAuditor::canonicalizedSnippetForJavaScript()
        https://bugs.webkit.org/show_bug.cgi?id=155624
        <rdar://problem/25219962>

        Unreviewed merge from Blink (patch by Tom Sepez <tsepez@chromium.org>):
        <https://src.chromium.org/viewvc/blink?revision=201803&view=revision>

        Test: http/tests/security/xssAuditor/script-tag-with-trailing-script-and-urlencode.html

        * html/parser/XSSAuditor.cpp:
        (WebCore::XSSAuditor::canonicalizedSnippetForJavaScript): Correct off-by-one error.

2016-03-17  Zalan Bujtas  <zalan@apple.com>

        Images in feed on ebay.com jiggle when one is hovered
        https://bugs.webkit.org/show_bug.cgi?id=155608
        <rdar://problem/25160681>

        The content offset in compositing layer = subpixel gap between the graphics layer and the layer bounds + layer bounds top left.

        Reviewed by Simon Fraser.

        Test: compositing/hidpi-viewport-clipping-on-composited-content.html

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateGeometry):
        (WebCore::RenderLayerBacking::contentOffsetInCompostingLayer):
        * rendering/RenderLayerBacking.h:

2016-03-17  Zalan Bujtas  <zalan@apple.com>

        Don't initiate a style recall while drawing text 
        https://bugs.webkit.org/show_bug.cgi?id=155618

        Reviewed by Simon Fraser.

        This patch ensures that we don't initiate a style recalc while in the middle of text drawing.

        Test: fast/canvas/crash-while-resizing-canvas.html

        * html/canvas/CanvasRenderingContext2D.cpp:
        (WebCore::CanvasRenderingContext2D::drawTextInternal):

2016-03-17  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r198335.
        https://bugs.webkit.org/show_bug.cgi?id=155617

        This change caused existing LayoutTests to crash
        intermittently (Requested by ryan|afk on #webkit).

        Reverted changeset:

        "DataURLDecoder::DecodingResultDispatcher may get deleted
        outside main thread"
        https://bugs.webkit.org/show_bug.cgi?id=155584
        http://trac.webkit.org/changeset/198335

2016-03-17  Eric Carlson  <eric.carlson@apple.com>

        Improve some metadata tests
        https://bugs.webkit.org/show_bug.cgi?id=155616

        Reviewed by Saam Barati.

        * html/track/DataCue.cpp:
        (WebCore::DataCue::DataCue):
        (WebCore::DataCue::setData):

2016-03-17  Myles C. Maxfield  <mmaxfield@apple.com>

        [RTL Scrollbars] Position: absolute divs are covered by vertical scrollbar
        https://bugs.webkit.org/show_bug.cgi?id=155531

        Reviewed by Darin Adler.

        This patch updates ScrollView::documentScrollPositionRelativeToViewOrigin(), which is
        a helper function primarily used by WebCore::ScrollView::viewToContents() and
        WebCore::ScrollView::contentsToView().

        Tests: fast/scrolling/rtl-scrollbars-elementFromPoint-static.html
               fast/scrolling/rtl-scrollbars-elementFromPoint.html
               fast/scrolling/rtl-scrollbars-iframe-offset.html
               fast/scrolling/rtl-scrollbars-iframe-position-absolute.html
               fast/scrolling/rtl-scrollbars-iframe-scrolled.html
               fast/scrolling/rtl-scrollbars-iframe.html
               fast/scrolling/rtl-scrollbars-overflow-elementFromPoint.html
               fast/scrolling/rtl-scrollbars-overflow-position-absolute.html
               fast/scrolling/rtl-scrollbars-overflow-text-selection-scrolled.html
               fast/scrolling/rtl-scrollbars-position-absolute.html
               fast/scrolling/rtl-scrollbars-position-fixed.html
               fast/scrolling/rtl-scrollbars-text-selection-scrolled.html
               fast/scrolling/rtl-scrollbars-text-selection.html

        * platform/ScrollView.cpp:
        (WebCore::ScrollView::documentScrollPositionRelativeToViewOrigin):

2016-03-17  Filip Pizlo  <fpizlo@apple.com>

        Replace all of the various non-working and non-compiling sampling profiler hacks with a single super hack
        https://bugs.webkit.org/show_bug.cgi?id=155561

        Reviewed by Saam Barati.

        No new tests because no new behavior.

        * platform/audio/ios/MediaSessionManagerIOS.mm:
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:

2016-03-17  Brent Fulgham  <bfulgham@apple.com>

        Some media tests are flaky.
        https://bugs.webkit.org/show_bug.cgi?id=155614

        Reviewed by Eric Carlson.

        * html/track/TextTrack.cpp:
        (WebCore::TextTrack::~TextTrack):

2016-03-17  Brady Eidson  <beidson@apple.com>

        Don't try to restore deleted MemoryIndexes if their owning object store is not restored.
        https://bugs.webkit.org/show_bug.cgi?id=155068

        Reviewed by Alex Christensen.

        Test: storage/indexeddb/modern/deleteindex-4-private.html

        * Modules/indexeddb/server/MemoryBackingStoreTransaction.cpp:
        (WebCore::IDBServer::MemoryBackingStoreTransaction::indexDeleted):

2016-03-17  Doug Russell  <d_russell@apple.com>

        AX: attributes to retrieve focusable and editable ancestors
        https://bugs.webkit.org/show_bug.cgi?id=155554

        Reviewed by Chris Fleizach.

        Add attributes to help give context to focus changes:
        AXFocusableAncestor - nearest accessibility ancestor that returns true for
        canSetFocusAttribute().
        AXEditableAncestor - nearest accessibility ancestor that returns true for
        isTextControl().
        AXHighestEditableAncestor - highest element in accessibility that returns true
        for isTextControl().

        Test: accessibility/mac/ancestor-attributes.html

        * accessibility/AccessibilityNodeObject.cpp:
        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::focusableAncestor):
        (WebCore::AccessibilityObject::editableAncestor):
        (WebCore::AccessibilityObject::highestEditableAncestor):
        * accessibility/AccessibilityObject.h:
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper accessibilityAttributeNames]):
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):

2016-03-17  Sam Weinig  <sam@webkit.org>

        Implement document.queryCommandSupported("copy")
        https://bugs.webkit.org/show_bug.cgi?id=155548
        <rdar://problem/25195295>

        Reviewed by Enrica Casucci.

        - document.queryCommandSupported("copy") and document.queryCommandSupported("cut") need
          to return true if the ClipboardAccessPolicy is either Allow or RequiresUserGesture.
          But, document.queryCommandEnabled("copy") and document.queryCommandEnabled("cut")
          should still return false when there is no user gesture. I also had to maintain a weird
          quirk that copy and cut should be allowed to execute, and thus fire the oncopy and oncut
          events, even when disabled, if coming from a "MenuOrKeyBinding" source. To do this, I
          upgraded the allowExecutionWhenDisabled bit to a function taking a source, and return true
          only when the correct source is specified.

        * editing/Editor.h:
        * editing/EditorCommand.cpp:
        (WebCore::defaultValueForSupportedCopyCut):
        (WebCore::allowCopyCutFromDOM):
        (WebCore::enabledCopy):
        (WebCore::enabledCut):
        (WebCore::allowExecutionWhenDisabled):
        (WebCore::doNotAllowExecutionWhenDisabled):
        (WebCore::allowExecutionWhenDisabledCopyCut):
        (WebCore::Editor::Command::execute):
        (WebCore::Editor::Command::allowExecutionWhenDisabled):

2016-03-17  Antti Koivisto  <antti@apple.com>

        DataURLDecoder::DecodingResultDispatcher may get deleted outside main thread
        https://bugs.webkit.org/show_bug.cgi?id=155584
        rdar://problem/24492104

        Reviewed by Chris Dumez.

        This is unsafe as it owns strings and other types that are only safe to delete in the main thread.

        * platform/network/DataURLDecoder.cpp:
        (WebCore::DataURLDecoder::DecodingResultDispatcher::dispatch):

            The problem is that this was a refcounted type. This created a race. If the timer fired before dispatch()
            was exited the implicit deref here would trigger the deletion in the dispatching thread.

            Fix by getting rid of the unnecessary refcounting. Timer firing will now delete the instance explicitly.

        (WebCore::DataURLDecoder::DecodingResultDispatcher::startTimer):
        (WebCore::DataURLDecoder::DecodingResultDispatcher::timerFired):

2016-03-17  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r198201.
        https://bugs.webkit.org/show_bug.cgi?id=155585

        That was not the proper solution (Requested by KaL on
        #webkit).

        Reverted changeset:

        "REGRESSION (r197724): [GTK] Web Inspector: Images being
        blocked by CSP 2.0"
        https://bugs.webkit.org/show_bug.cgi?id=155432
        http://trac.webkit.org/changeset/198201

2016-03-16  Chris Fleizach  <cfleizach@apple.com>

        AX: Implement AutoFill Available attribute for a text field
        https://bugs.webkit.org/show_bug.cgi?id=155567

        Reviewed by Darin Adler.

        Expose the auto fill buttons to the AX hierarchy.
        Add an attribute for the textfield to inform when the auto fill button is available.

        Test: accessibility/auto-fill-types.html

        * English.lproj/Localizable.strings:
        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::element):
        (WebCore::AccessibilityObject::isValueAutofillAvailable):
        (WebCore::AccessibilityObject::isValueAutofilled):
        * accessibility/AccessibilityObject.h:
        (WebCore::AccessibilityObject::passwordFieldValue):
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::addTextFieldChildren):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):
        * html/TextFieldInputType.cpp:
        (WebCore::limitLength):
        (WebCore::autoFillButtonTypeToAccessibilityLabel):
        (WebCore::autoFillButtonTypeToAutoFillButtonPseudoClassName):
        (WebCore::TextFieldInputType::createAutoFillButton):
        (WebCore::TextFieldInputType::updateAutoFillButton):
        * platform/LocalizedStrings.cpp:
        (WebCore::AXListItemActionVerb):
        (WebCore::AXAutoFillCredentialsLabel):
        (WebCore::AXAutoFillContactsLabel):
        (WebCore::AXARIAContentGroupText):
        * platform/LocalizedStrings.h:

2016-03-17  Csaba Osztrogonác  <ossy@webkit.org>

        [Mac][cmake] Unreviewed speculative buildfix after r198179. Just for fun.

        * PlatformMac.cmake:

2016-03-17  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        [Fetch API] response-consume.html is crashing on Mac WK1 Debug builds
        https://bugs.webkit.org/show_bug.cgi?id=155490

        Reviewed by Darin Adler.

        Covered by existing tests.

        Ensured to lock state before calling JSC:JSONParse.
        Adding fulfillPromiseWithJSON routine to handle it.
        Applied it to FetchBody.

        * Modules/fetch/FetchBody.cpp:
        (WebCore::FetchBody::json):
        (WebCore::FetchBody::loadedAsText):
        (WebCore::FetchBody::resolveAsJSON): Deleted.
        * Modules/fetch/FetchBody.h:
        * Modules/fetch/FetchBodyOwner.cpp:
        (WebCore::FetchBodyOwner::loadedBlobAsText):
        * bindings/js/JSDOMPromise.cpp:
        (WebCore::parseAsJSON):
        (WebCore::fulfillPromiseWithJSON):
        * bindings/js/JSDOMPromise.h:

2016-03-17  Adam Bergkvist  <adam.bergkvist@ericsson.com>

        WebRTC: Update RTCIceCandidate
        https://bugs.webkit.org/show_bug.cgi?id=155535

        Reviewed by Eric Carlson.

        Update the RTCIceCandidate constructor procedure to match the WebRTC 1.0 specification [1].
        In short: The "candidate" init dictionary member is required. At least one of the dictionary
        members "sdpMid" and "sdpMLine" needs to be present; the corresponding attribute of the
        other, is initialized to null.

        [1] https://w3c.github.io/webrtc-pc/archives/20160215/webrtc.html

        Tests: Updated fast/mediastream/RTCIceCandidate.htm

        * Modules/mediastream/RTCIceCandidate.cpp:
        (WebCore::RTCIceCandidate::create):
        (WebCore::RTCIceCandidate::RTCIceCandidate):
        * Modules/mediastream/RTCIceCandidate.h:
        (WebCore::RTCIceCandidate::sdpMLineIndex):
        (WebCore::RTCIceCandidate::setSdpMLineIndex):
        * Modules/mediastream/RTCIceCandidate.idl:
        * bindings/js/JSRTCIceCandidateCustom.cpp:
        (WebCore::JSRTCIceCandidate::sdpMid):
        (WebCore::JSRTCIceCandidate::sdpMLineIndex):

2016-03-16  Nikos Andronikos  <nikos.andronikos-webkit@cisra.canon.com.au>

        SVG tear offs should return a const reference if possible
        https://bugs.webkit.org/show_bug.cgi?id=153214

        Reviewed by Alex Christensen.

        A smaller change than expected because the returned reference is being copied into a value in additional locations that baseVal and animVal are used.

        No new tests as there is no change in behaviour.

        * svg/properties/SVGAnimatedEnumerationPropertyTearOff.h:
        * svg/properties/SVGAnimatedStaticPropertyTearOff.h:
        (WebCore::SVGAnimatedStaticPropertyTearOff::baseVal):
        (WebCore::SVGAnimatedStaticPropertyTearOff::animVal):

2016-03-16  Chris Dumez  <cdumez@apple.com>

        Unreviewed, partial roll out of r197254.
        <rdar://problem/25078552>

        It caused a ~1.1% PLT regression on iOS.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::commitProvisionalLoad): Deleted.

2016-03-16  Enrica Casucci  <enrica@apple.com>

        Recognize mailto and tel url as data detector links.
        https://bugs.webkit.org/show_bug.cgi?id=155569
        rdar://problem/24836185

        Reviewed by Sam Weinig.

        When we check if the element is a data detector link,
        we should return true also for URLs with mailto: and tel: scheme.

        * editing/cocoa/DataDetection.mm:
        (WebCore::DataDetection::isDataDetectorLink):

2016-03-16  Zalan Bujtas  <zalan@apple.com>

        Subpixel rendering: Directly composited image layers need pixelsnapping.
        https://bugs.webkit.org/show_bug.cgi?id=155558

        Reviewed by Simon Fraser.

        In order to match non-composited image size/position, we need to pixelsnap both the contents and the clipping
        layer bounds for directly composited images.

        Test: fast/images/hidpi-directly-composited-image-on-subpixel-position.html

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::resetContentsRect):
        (WebCore::RenderLayerBacking::updateChildClippingStrategy):
        (WebCore::RenderLayerBacking::updateImageContents):

2016-03-16  Beth Dakin  <bdakin@apple.com>

        Provide NSSpellChecker spellChecking methods with the current insertion point
        https://bugs.webkit.org/show_bug.cgi?id=155532
        -and corresponding-
        rdar://problem/24066952

        Reviewed by Simon Fraser.

        Pass the Frame’s selection to a handful of spelling checking methods that 
        call into WebKit/WebKit2 to ultimately call into NSSpellChecker.
        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::hasMisspelling):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (AXAttributeStringSetSpelling):
        * editing/AlternativeTextController.cpp:
        (WebCore::AlternativeTextController::timerFired):
        * editing/Editor.cpp:
        (WebCore::Editor::guessesForMisspelledWord):
        (WebCore::Editor::markAllMisspellingsAndBadGrammarInRanges):
        * editing/SpellChecker.cpp:
        (WebCore::SpellChecker::invokeRequest):
        (WebCore::SpellChecker::enqueueRequest):
        * editing/TextCheckingHelper.cpp:
        (WebCore::TextCheckingHelper::findFirstMisspellingOrBadGrammar):
        (WebCore::TextCheckingHelper::guessesForMisspelledOrUngrammaticalRange):
        (WebCore::TextCheckingHelper::unifiedTextCheckerEnabled):
        (WebCore::checkTextOfParagraph):
        * editing/TextCheckingHelper.h:
        * loader/EmptyClients.cpp:
        (WebCore::EmptyFrameLoaderClient::createNetworkingContext):
        (WebCore::EmptyTextCheckerClient::requestCheckingOfString):
        * loader/EmptyClients.h:
        * platform/text/TextCheckerClient.h:
        (WebCore::TextCheckerClient::~TextCheckerClient):

        The key needed to include the insertion point.
        * platform/spi/mac/NSSpellCheckerSPI.h:

2016-03-16  Alex Christensen  <achristensen@webkit.org>

        Fix assertion failure on drive.google.com after r196052
        https://bugs.webkit.org/show_bug.cgi?id=155562

        Reviewed by Jer Noble.

        * rendering/RenderGeometryMap.cpp:
        (WebCore::RenderGeometryMap::mapToContainer):
        Change float equality check to areEssentiallyEqual.
        This assertion was failing because rendererMappedResult was (944.335693, 232.047409)
        but result was (944.335693, 232.047394).  They differ by (0, 0.000015).

2016-03-16  Nan Wang  <n_wang@apple.com>

        AX: Expose aria-current status to children
        https://bugs.webkit.org/show_bug.cgi?id=155469

        Reviewed by Chris Fleizach.

        Added aria-current to the global ARIA attributes list.

        Test: accessibility/aria-current-global-attribute.html

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::supportsARIAAttributes):

2016-03-16  Tim Horton  <timothy_horton@apple.com>

        [mac] Printing test snapshots are upside-down after r198242
        https://bugs.webkit.org/show_bug.cgi?id=155543

        Reviewed by Simon Fraser.

        * page/PrintContext.cpp:
        (WebCore::PrintContext::spoolAllPagesWithBoundaries):
        Stop PLATFORM(COCOA)-conditionally flipping here. Just paint.
        This function is only used by the test runners so this doesn't have a
        huge impact on anything else.

2016-03-16  Daniel Bates  <dabates@apple.com>

        Update WebKit Feature Status page to include the status of Content Security Policy Level 2 and Level 3

        * features.json:

2016-03-16  Daniel Bates  <dabates@apple.com>

        <video> and <audio> elements do not obey Content Security Policy on redirect
        https://bugs.webkit.org/show_bug.cgi?id=155509
        <rdar://problem/10234844>

        Reviewed by Alex Christensen.

        Fixes an issue where the Content Security Policy of the page was not enforced
        on redirects when loading a media subresource via an HTML video or HTML audio
        element.

        Tests: http/tests/security/contentSecurityPolicy/audio-redirect-allowed.html
               http/tests/security/contentSecurityPolicy/audio-redirect-blocked.html
               http/tests/security/contentSecurityPolicy/font-redirect-allowed.html
               http/tests/security/contentSecurityPolicy/font-redirect-blocked.html
               http/tests/security/contentSecurityPolicy/image-redirect-allowed.html
               http/tests/security/contentSecurityPolicy/image-redirect-blocked.html
               http/tests/security/contentSecurityPolicy/script-redirect-allowed.html
               http/tests/security/contentSecurityPolicy/script-redirect-blocked.html
               http/tests/security/contentSecurityPolicy/stylesheet-redirect-allowed.html
               http/tests/security/contentSecurityPolicy/stylesheet-redirect-blocked.html
               http/tests/security/contentSecurityPolicy/svg-font-redirect-allowed.html
               http/tests/security/contentSecurityPolicy/svg-font-redirect-blocked.html
               http/tests/security/contentSecurityPolicy/svg-image-redirect-allowed.html
               http/tests/security/contentSecurityPolicy/svg-image-redirect-blocked.html
               http/tests/security/contentSecurityPolicy/track-redirect-allowed.html
               http/tests/security/contentSecurityPolicy/track-redirect-blocked.html
               http/tests/security/contentSecurityPolicy/video-redirect-allowed.html
               http/tests/security/contentSecurityPolicy/video-redirect-blocked.html
               http/tests/security/contentSecurityPolicy/xsl-redirect-allowed.html
               http/tests/security/contentSecurityPolicy/xsl-redirect-blocked.html

        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::cachedResourceContent): Treat media resources as raw resources just as we do currently.
        (WebCore::InspectorPageAgent::cachedResourceType): Ditto.
        * loader/MediaResourceLoader.cpp:
        (WebCore::MediaResourceLoader::requestResource): Modified to use CachedResourceLoader::requestMedia() instead
        of CachedResourceLoader::requestRawResource() so that we can differentiate between a media resource and a raw
        resource in CachedResourceLoader. Added FIXME comment to skip checking the Content Security Policy for loads
        initiated by an element in a user agent shadow tree. See <https://bugs.webkit.org/show_bug.cgi?id=155505> for
        more details.
        * loader/ResourceLoadInfo.cpp:
        (WebCore::toResourceType): Treat media resources as raw resources just as we do currently. Also, add cases for
        CachedResource::LinkPrefetch and CachedResource::LinkSubresource (when ENABLE(LINK_PREFETCH) is enabled) and
        remove the default statement to force a compile-time error when a new CachedResource enumerator is added and
        the switch block in this function is not updated.
        * loader/SubresourceLoader.cpp:
        (WebCore::logResourceLoaded): Ditto.
        * loader/cache/CachedRawResource.cpp:
        (WebCore::CachedRawResource::CachedRawResource): Substitute CachedResource::isMainOrMediaOrRawResource() for
        CachedResource::isMainOrRawResource() as the latter was renamed to the former.
        * loader/cache/CachedRawResource.h:
        (isType): Ditto.
        * loader/cache/CachedResource.cpp:
        (WebCore::defaultPriorityForResourceType): Use priority ResourceLoadPriority::Medium for media resources just as
        we do currently.
        * loader/cache/CachedResource.h:
        (WebCore::CachedResource::isMainOrMediaOrRawResource): Formerly named isMainOrRawResource. Returns true if the type
        of this resource is a main resource, media resource, or raw resource.
        (WebCore::CachedResource::isMainOrRawResource): Deleted.
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::createResource): Treat media resources as raw resources just as we do currently.
        (WebCore::CachedResourceLoader::requestMedia): Added.
        (WebCore::contentTypeFromResourceType): Consider media resources as MixedContentChecker::ContentType::Active
        just as we do currently.
        (WebCore::CachedResourceLoader::checkInsecureContent): Apply the mixed content policy to media resources
        just as we do currently.
        (WebCore::CachedResourceLoader::canRequest): Apply the Same Origin Policy to media resources just as we
        do currently. Query the Content Security Policy of the page to determine if the media resource can be
        requested.
        (WebCore::CachedResourceLoader::determineRevalidationPolicy): Substitute CachedResource::isMainOrMediaOrRawResource()
        for CachedResource::isMainOrRawResource() as the latter was renamed to the former.
        * loader/cache/CachedResourceLoader.h:
        * platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm:
        (WebCore::WebCoreAVFResourceLoader::startLoading): Modified to use CachedResourceLoader::requestMedia() instead
        of CachedResourceLoader::requestRawResource() so that we can differentiate between a media resource and a raw
        resource in CachedResourceLoader. Added FIXME comment to skip checking the Content Security Policy for loads
        initiated by an element in a user agent shadow tree. See <https://bugs.webkit.org/show_bug.cgi?id=155505> for
        more details. Additionally, simplified code that determined whether to request the media resource or error out
        by coalescing two conditional expressions into one conditional on whether we have a loader and substituted
        nullptr for 0.

2016-03-16  Chris Dumez  <cdumez@apple.com>

        Unreviewed, rolling out r198235, r198240, r198241, and
        r198252.

        Causing crashes on ARM

        Reverted changesets:

        "Remove compile time define for SEPARATED_HEAP"
        https://bugs.webkit.org/show_bug.cgi?id=155508
        http://trac.webkit.org/changeset/198235

        "Gardening: build fix after r198235."
        http://trac.webkit.org/changeset/198240

        "Build fix."
        http://trac.webkit.org/changeset/198241

        "Rename performJITMemcpy to something more inline with our
        normal webkit function names"
        https://bugs.webkit.org/show_bug.cgi?id=155525
        http://trac.webkit.org/changeset/198252

2016-03-16  Jiewen Tan  <jiewen_tan@apple.com>

        URL Parsing should signal failure for illegal IDN
        https://bugs.webkit.org/show_bug.cgi?id=154945
        <rdar://problem/8014795>

        Reviewed by Brent Fulgham.

        WebCore::URL will now invalidate URLs with illegal IDN. And functions inside WebCoreNSURLExtras.h
        that deal with IDN mapping will now return nil to signal error.

        Test: fast/url/invalid-idn.html

        * platform/URL.cpp:
        (WebCore::isSchemeFirstChar):
        (WebCore::URL::init):
        (WebCore::appendEncodedHostname):
        (WebCore::encodeHostnames):
        (WebCore::encodeRelativeString):
        * platform/mac/WebCoreNSURLExtras.h:
        * platform/mac/WebCoreNSURLExtras.mm:
        (WebCore::mapHostNameWithRange):
        (WebCore::hostNameNeedsDecodingWithRange):
        (WebCore::hostNameNeedsEncodingWithRange):
        (WebCore::decodeHostNameWithRange):
        (WebCore::encodeHostNameWithRange):
        (WebCore::decodeHostName):
        (WebCore::encodeHostName):
        (WebCore::collectRangesThatNeedMapping):
        (WebCore::mapHostNames):
        (WebCore::URLWithData):
        (WebCore::dataWithUserTypedString):
        (WebCore::URLWithUserTypedString):
        (WebCore::URLWithUserTypedStringDeprecated):
        (WebCore::userVisibleString):

2016-03-16  Antti Koivisto  <antti@apple.com>

        Don't invalidate style unnecessarily when setting inline style cssText
        https://bugs.webkit.org/show_bug.cgi?id=155541
        rdar://problem/23318893

        Reviewed by Simon Fraser.

        We currently invalidate style when cssText is set whether the style declaration changed or not.

        Based on a patch by Simon.

        Test: fast/css/style-invalidation-inline-csstext.html

        * css/PropertySetCSSStyleDeclaration.cpp:
        (WebCore::PropertySetCSSStyleDeclaration::cssText):
        (WebCore::PropertySetCSSStyleDeclaration::setCssText):

            Invalidate only if the parsed style changed.

        * css/StyleProperties.cpp:
        (WebCore::MutableStyleProperties::parseDeclaration):

            Compare the original and new style after parsing, return result.

        * css/StyleProperties.h:

2016-03-16  Carlos Garcia Campos  <cgarcia@igalia.com>

        REGRESSION(r195661): [GTK] very slow scrolling
        https://bugs.webkit.org/show_bug.cgi?id=155334

        Reviewed by Sergio Villar Senin.

        Fix smooth scrolling behaviour change after r195661.

        * platform/ScrollAnimationSmooth.cpp:
        (WebCore::getAnimationParametersForGranularity): Fix a typo,
        animationTime for pixel granularity should be 11 * tickTime.
        (WebCore::ScrollAnimationSmooth::animateScroll): Previous code
        reset all the data except the visibleLenght, so keep it in the
        PerAxisData after the reset.

2016-03-16  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r196803.
        https://bugs.webkit.org/show_bug.cgi?id=155534

        Introduced several rendering issues in popular websites
        (Requested by KaL on #webkit).

        Reverted changeset:

        "[GTK] Limit the number of tiles according to the visible
        area"
        https://bugs.webkit.org/show_bug.cgi?id=126122
        http://trac.webkit.org/changeset/196803

2016-03-15  Zalan Bujtas  <zalan@apple.com>

        Remove overflow: -webkit-marquee
        https://bugs.webkit.org/show_bug.cgi?id=155517
        <rdar://problem/25028481>

        Reviewed by Simon Fraser.

        This patch is based on Blink patch from jchaffraix@chromium.org (https://src.chromium.org/viewvc/blink?revision=151756&view=revision)

        * css/CSSParser.cpp:
        (WebCore::isValidKeywordPropertyAndValue):
        * css/CSSPrimitiveValueMappings.h:
        (WebCore::CSSPrimitiveValue::CSSPrimitiveValue): Deleted.
        (WebCore::CSSPrimitiveValue::operator EOverflow): Deleted.
        * css/CSSValueKeywords.in:
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::adjustRenderStyle):
        * css/html.css:
        (marquee): Deleted.
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::sizesLogicalWidthToFitContent):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::scrollTo):
        (WebCore::RenderLayer::updateScrollInfoAfterLayout):
        (WebCore::RenderLayer::calculateClipRects):
        * rendering/RenderLayer.h:
        * rendering/RenderMarquee.h:
        * rendering/style/RenderStyleConstants.h:

2016-03-15  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: Expose pointers to SVG elements referenced by aria-labelledby
        https://bugs.webkit.org/show_bug.cgi?id=155481

        Reviewed by Chris Fleizach.

        Expose elements referenced by aria-labelledby via ATK_RELATION_LABELLED_BY.
        Stop calling the supportsARIA* methods before getting the elements referred
        to by the associated ARIA property in the accessible wrapper for ATK and
        the inspector: Getting the elements will be just as fast when there are no
        such elements, and faster when there are.

        Modified the w3c-svg-name-calculation.html test to include AXTitleUIElement
        in its output.

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::supportsARIAAttributes):
        (WebCore::AccessibilityObject::ariaElementsFromAttribute): Added.
        (WebCore::AccessibilityObject::ariaControlsElements): Added.
        (WebCore::AccessibilityObject::ariaDescribedByElements): Added.
        (WebCore::AccessibilityObject::ariaFlowToElements): Added.
        (WebCore::AccessibilityObject::ariaLabelledByElements): Added.
        (WebCore::AccessibilityObject::ariaOwnsElements): Added.
        * accessibility/AccessibilityObject.h:
        (WebCore::AccessibilityObject::ariaOwnsElements): No longer virtual.
        (WebCore::AccessibilityObject::supportsARIAFlowTo): Deleted.
        (WebCore::AccessibilityObject::ariaFlowToElements): No longer virtual.
        (WebCore::AccessibilityObject::supportsARIADescribedBy): Deleted.
        (WebCore::AccessibilityObject::ariaDescribedByElements): No longer virtual.
        (WebCore::AccessibilityObject::supportsARIAControls): Deleted.
        (WebCore::AccessibilityObject::ariaControlsElements): No longer virtual.
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::ariaElementsFromAttribute): Moved to AccessibilityObject.
        (WebCore::AccessibilityRenderObject::supportsARIAFlowTo): Deleted.
        (WebCore::AccessibilityRenderObject::ariaFlowToElements): Moved to AccessibilityObject.
        (WebCore::AccessibilityRenderObject::supportsARIADescribedBy): Deleted.
        (WebCore::AccessibilityRenderObject::ariaDescribedByElements): Moved to AccessibilityObject.
        (WebCore::AccessibilityRenderObject::supportsARIAControls): Deleted.
        (WebCore::AccessibilityRenderObject::ariaControlsElements): Moved to AccessibilityObject.
        (WebCore::AccessibilityRenderObject::ariaOwnsElements): Moved to AccessibilityObject.
        * accessibility/AccessibilityRenderObject.h:
        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (setAtkRelationSetFromCoreObject):
        * inspector/InspectorDOMAgent.cpp:
        (WebCore::InspectorDOMAgent::buildObjectForAccessibilityProperties):

2016-03-15  Simon Fraser  <simon.fraser@apple.com>

        Occasional crash under GraphicsContext::platformContext when dragging Google maps
        https://bugs.webkit.org/show_bug.cgi?id=155521
        rdar://problem/24357307

        Reviewed by Tim Horton.

        It's possible for createDragImageForSelection() to return a null image, if the bounds
        of the selection are an empty rect. That would cause a crash under convertImageToBitmap()
        because a zero-sized ShareableBitmap will return a null GraphicsContext.
        
        To avoid this, early return from DragController::startDrag() if the dragImage is null.
        
        I wasn't able to come up with a test for this.

        * page/DragController.cpp:
        (WebCore::DragController::startDrag):

2016-03-15  Tim Horton  <timothy_horton@apple.com>

        iOS <attachment> element should allow customization of action text color
        https://bugs.webkit.org/show_bug.cgi?id=155513
        <rdar://problem/24805991>

        Reviewed by Simon Fraser.

        Test: fast/attachment/attachment-action.html

        * css/html.css:
        (attachment):
        On iOS (the only place it is used), <attachment> color should default to system blue.

        * rendering/RenderThemeIOS.mm:
        (WebCore::attachmentActionColor):
        (WebCore::AttachmentInfo::AttachmentInfo):
        Make use of the <attachment>'s CSS color for the action text.
        This is a little weird because there are multiple bits of text in an
        <attachment>, but only the action text ever changes color.

2016-03-15  Zalan Bujtas  <zalan@apple.com>

        Delay HTMLFormControlElement::focus() call until after layout is finished.
        https://bugs.webkit.org/show_bug.cgi?id=155503
        <rdar://problem/24046635>

        Reviewed by Simon Fraser.

        Calling focus on a form element can trigger arbitrary JS code which could interfere with
        the ongoing layout. 
        This patch delays HTMLFormControlElement::focus() call until after layout is finished.
        If we are currently not in the middle of a layout, HTMLFormControlElement::focus() is delayed until
        after style resolution is done. 

        Covered by LayoutTests/fast/dom/adopt-node-crash-2.html

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::updateBackingStore):
        * dom/Document.cpp:
        (WebCore::Document::updateStyleIfNeeded):
        (WebCore::Document::updateLayout):
        (WebCore::Document::updateLayoutIfDimensionsOutOfDate):
        * html/HTMLEmbedElement.cpp:
        (WebCore::HTMLEmbedElement::renderWidgetLoadingPlugin):
        * html/HTMLFormControlElement.cpp:
        (WebCore::HTMLFormControlElement::didAttachRenderers):
        * page/FrameView.cpp:
        (WebCore::FrameView::layout):
        (WebCore::FrameView::queuePostLayoutCallback):
        (WebCore::FrameView::flushPostLayoutTasksQueue):
        (WebCore::FrameView::performPostLayoutTasks):
        (WebCore::FrameView::sendResizeEventIfNeeded):
        * page/FrameView.h:
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::imageChanged):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::scrollTo):

2016-03-15  Oliver Hunt  <oliver@apple.com>

        Remove compile time define for SEPARATED_HEAP
        https://bugs.webkit.org/show_bug.cgi?id=155508

        Reviewed by Mark Lam.

        Remove the feature define.

        * Configurations/FeatureDefines.xcconfig:

2016-03-15  Chris Dumez  <cdumez@apple.com>

        Restore pre-r197244 behavior on Mac
        https://bugs.webkit.org/show_bug.cgi?id=155507
        <rdar://problem/25174132>

        Reviewed by Gavin Barraclough.

        <http://trac.webkit.org/changeset/197244> changed the session restore
        behavior to disallow stale content on all platforms except iOS.
        We would also like to maintain the behavior on Mac for performance
        reasons and consistency between iOS and Mac.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadDifferentDocumentItem):

2016-03-15  Tim Horton  <timothy_horton@apple.com>

        <attachment> on iOS isn't quite vertically centered
        https://bugs.webkit.org/show_bug.cgi?id=155502
        <rdar://problem/24805991>

        Reviewed by Beth Dakin.

        No new tests; there are existing tests that will be enabled shortly.

        * rendering/RenderThemeIOS.mm:
        (WebCore::AttachmentInfo::AttachmentInfo):
        We were overcounting the total height of the attachment content by one margin, because each item
        would add in its margin, including the last one. Remove one margin.

2016-03-15  Chris Fleizach  <cfleizach@apple.com>

        AX: certain elements not included in accessibility tree
        https://bugs.webkit.org/show_bug.cgi?id=155480

        Reviewed by Beth Dakin.

        This test case exposed a hole in the nextSibling logic where you can get into a state where we skip content.
        The fix is to check if an inline element continuation has no sibling, to fall back on to the parent case to see if that has a sibling.

        Test: accessibility/double-nested-inline-element-missing-from-tree.html

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::nextSibling):

2016-03-15  Chris Dumez  <cdumez@apple.com>

        Unreviewed, rolling out r198203.

        Favorites view is no longer loading on iOS

        Reverted changeset:

        "URL Parsing should signal failure for illegal IDN"
        https://bugs.webkit.org/show_bug.cgi?id=154945
        http://trac.webkit.org/changeset/198203

2016-03-15  Tim Horton  <timothy_horton@apple.com>

        <attachment> on iOS should use short and emphasized fonts
        https://bugs.webkit.org/show_bug.cgi?id=155485
        <rdar://problem/24805991>

        Reviewed by Simon Fraser.

        No new tests; there are existing tests that will be enabled shortly.

        * rendering/RenderThemeIOS.mm:
        (WebCore::attachmentActionFont):
        (WebCore::attachmentTitleFont):
        (WebCore::attachmentSubtitleFont):
        (WebCore::AttachmentInfo::buildTitleLines):
        (WebCore::AttachmentInfo::buildSingleLine):
        (WebCore::AttachmentInfo::AttachmentInfo):
        No need for UIFonts, we can use CoreText, and that allows us to ask for the
        correct Short and Emphasized variants that we need.

2016-03-15  Antti Koivisto  <antti@apple.com>

        REGRESSION (196383): Class change invalidation does not handle :not correctly
        https://bugs.webkit.org/show_bug.cgi?id=155493
        <rdar://problem/24846762>

        Reviewed by Andreas Kling.

        We fail to invalidate bar style in

            :not(.foo) bar { }

        when class foo is added or removed.

        There is a logic error in the invalidation code. It assumes that class addition can only make new selectors match
        and removal make them not match. This is not true when :not is present.

        * style/AttributeChangeInvalidation.h:
        (WebCore::Style::AttributeChangeInvalidation::AttributeChangeInvalidation):
        * style/ClassChangeInvalidation.cpp:
        (WebCore::Style::ClassChangeInvalidation::invalidateStyle):

            Invalidate style and collect full set of rules that may affect descendant style.

        (WebCore::Style::ClassChangeInvalidation::invalidateDescendantStyle):

            Invalidate with this set both before and after committing the changes.

        (WebCore::Style::ClassChangeInvalidation::computeClassChange): Deleted.
        * style/ClassChangeInvalidation.h:
        (WebCore::Style::ClassChangeInvalidation::ClassChangeInvalidation):
        (WebCore::Style::ClassChangeInvalidation::~ClassChangeInvalidation):

2016-03-14  Jer Noble  <jer.noble@apple.com>

        Video elements with autoplay do not begin playing when scrolling into view if InvisibleAutoplayNotPermitted is set.
        https://bugs.webkit.org/show_bug.cgi?id=155468

        Reviewed by Eric Carlson.

        Test: media/video-restricted-invisible-autoplay-allowed-when-visible.html

        A few bugs came together to cause this behavior. We were not telling the media session that we were going to begin
        the autoplaying state, we were not restoring the correct state when the interruption ended, and we were not checking
        to see if we could actually play correctly when the interruption ended.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::prepareForLoad):
        (WebCore::HTMLMediaElement::canTransitionFromAutoplayToPlay):
        (WebCore::HTMLMediaElement::setReadyState):
        (WebCore::HTMLMediaElement::resumeAutoplaying):
        (WebCore::HTMLMediaElement::updateShouldPlay):
        (WebCore::elementCanTransitionFromAutoplayToPlay): Deleted.
        * html/HTMLMediaElement.h:
        * platform/audio/PlatformMediaSession.cpp:
        (WebCore::PlatformMediaSession::endInterruption):

2016-03-15  Manuel Rego Casasnovas  <rego@igalia.com>

        [css-grid] Rename GridCoordinate to GridArea
        https://bugs.webkit.org/show_bug.cgi?id=155489

        Reviewed by Sergio Villar Senin.

        As the comment in GridCoordinate states,
        it actually represents a grid area as it stores
        the initial and final positions in both axis (columns and rows).

        Someone can think about a grid coordinate just like a single cell.
        However this class was representing an area of several cells.

        On top of that the "grid area" concept is defined in the spec:
        https://drafts.csswg.org/css-grid/#grid-area-concept

        No new tests, no change of behavior.

        * WebCore.xcodeproj/project.pbxproj:
        * css/CSSGridTemplateAreasValue.cpp:
        (WebCore::stringForPosition):
        * css/CSSGridTemplateAreasValue.h:
        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseGridTemplateAreasRow):
        * css/CSSParser.h:
        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::GridIterator::nextEmptyGridArea):
        (WebCore::RenderGrid::insertItemIntoGrid):
        (WebCore::RenderGrid::placeItemsOnGrid):
        (WebCore::RenderGrid::populateExplicitGridAndOrderIterator):
        (WebCore::RenderGrid::createEmptyGridAreaAtSpecifiedPositionsOutsideGrid):
        (WebCore::RenderGrid::placeSpecifiedMajorAxisItemsOnGrid):
        (WebCore::RenderGrid::placeAutoMajorAxisItemOnGrid):
        (WebCore::RenderGrid::clearGrid):
        (WebCore::RenderGrid::cachedGridArea):
        (WebCore::RenderGrid::cachedGridSpan):
        * rendering/RenderGrid.h:
        * rendering/style/GridArea.h: Renamed from Source/WebCore/rendering/style/GridCoordinate.h.
        (WebCore::GridSpan::untranslatedDefiniteGridSpan):
        (WebCore::GridSpan::translatedDefiniteGridSpan):
        (WebCore::GridSpan::indefiniteGridSpan):
        (WebCore::GridSpan::operator==):
        (WebCore::GridSpan::integerSpan):
        (WebCore::GridSpan::untranslatedResolvedInitialPosition):
        (WebCore::GridSpan::untranslatedResolvedFinalPosition):
        (WebCore::GridSpan::resolvedInitialPosition):
        (WebCore::GridSpan::resolvedFinalPosition):
        (WebCore::GridSpan::GridSpanIterator::GridSpanIterator):
        (WebCore::GridSpan::GridSpanIterator::operator unsigned&):
        (WebCore::GridSpan::GridSpanIterator::operator*):
        (WebCore::GridSpan::begin):
        (WebCore::GridSpan::end):
        (WebCore::GridSpan::isTranslatedDefinite):
        (WebCore::GridSpan::isIndefinite):
        (WebCore::GridSpan::translate):
        (WebCore::GridSpan::GridSpan):
        (WebCore::GridArea::GridArea):
        (WebCore::GridArea::operator==):
        (WebCore::GridArea::operator!=):
        * rendering/style/GridPositionsResolver.cpp:
        * rendering/style/StyleGridData.h:

2016-03-15  Joonghun Park  <jh718.park@samsung.com>

        [GTK] Remove duplicate HashMap traversal and unneeded reference count churn in DataObjectGtk::forClipboard
        https://bugs.webkit.org/show_bug.cgi?id=155470

        Reviewed by Carlos Garcia Campos.

        No new tests, no new behaviours.

        * platform/gtk/DataObjectGtk.cpp:
        (WebCore::DataObjectGtk::forClipboard):

2016-03-15  Manuel Rego Casasnovas  <rego@igalia.com>

        [css-grid] Rename GridResolvedPosition to GridPositionsResolver
        https://bugs.webkit.org/show_bug.cgi?id=155486

        Reviewed by Sergio Villar Senin.

        GridResolvedPosition is not storing a position (track or line) anymore.
        Currently it's just a class wrapping the methods to resolve
        grid positions from style.
        Renamed the class to avoid confusions.

        No new tests, no change of behavior.

        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::placeItemsOnGrid):
        (WebCore::RenderGrid::populateExplicitGridAndOrderIterator):
        (WebCore::RenderGrid::createEmptyGridAreaAtSpecifiedPositionsOutsideGrid):
        (WebCore::RenderGrid::placeSpecifiedMajorAxisItemsOnGrid):
        (WebCore::RenderGrid::placeAutoMajorAxisItemOnGrid):
        (WebCore::RenderGrid::offsetAndBreadthForPositionedChild):
        * rendering/RenderGrid.h:
        * rendering/style/GridCoordinate.h:
        * rendering/style/GridPositionsResolver.cpp: Renamed from Source/WebCore/rendering/style/GridResolvedPosition.cpp.
        (WebCore::isColumnSide):
        (WebCore::isStartSide):
        (WebCore::initialPositionSide):
        (WebCore::finalPositionSide):
        (WebCore::gridLinesForSide):
        (WebCore::implicitNamedGridLineForSide):
        (WebCore::GridPositionsResolver::isNonExistentNamedLineOrArea):
        (WebCore::adjustGridPositionsFromStyle):
        (WebCore::GridPositionsResolver::explicitGridColumnCount):
        (WebCore::GridPositionsResolver::explicitGridRowCount):
        (WebCore::explicitGridSizeForSide):
        (WebCore::lookAheadForNamedGridLine):
        (WebCore::lookBackForNamedGridLine):
        (WebCore::resolveNamedGridLinePositionFromStyle):
        (WebCore::definiteGridSpanWithNamedLineSpanAgainstOpposite):
        (WebCore::resolveNamedGridLinePositionAgainstOppositePosition):
        (WebCore::resolveGridPositionAgainstOppositePosition):
        (WebCore::GridPositionsResolver::spanSizeForAutoPlacedItem):
        (WebCore::resolveGridPositionFromStyle):
        (WebCore::GridPositionsResolver::resolveGridPositionsFromStyle):
        * rendering/style/GridPositionsResolver.h: Renamed from Source/WebCore/rendering/style/GridResolvedPosition.h.
        * rendering/style/StyleAllInOne.cpp:

2016-03-15  Miguel Gomez  <magomez@igalia.com>

        Leak: Accelerated ImageBufferCairo doesn't destroy the used textures
        https://bugs.webkit.org/show_bug.cgi?id=155431

        Reviewed by Žan Doberšek.

        When using the Cairo backend, add a destructor to ImageBufferData and use it to destroy the
        textures created if the buffer is being accelerated.

        No new tests, already covered by existing ones.

        * platform/graphics/cairo/ImageBufferCairo.cpp:
        (WebCore::ImageBufferData::ImageBufferData):
        Store the renderingMode flag.
        (WebCore::ImageBufferData::~ImageBufferData):
        Destroy gl resources if renderingMode is accelerated.
        (WebCore::ImageBuffer::ImageBuffer):
        Pass renderingMode to the data class and use it fro checks instead of the function parameter.
        * platform/graphics/cairo/ImageBufferDataCairo.h:
        Add destructor and a renderingMode flag.

2016-03-15  Jiewen Tan  <jiewen_tan@apple.com>

        URL Parsing should signal failure for illegal IDN
        https://bugs.webkit.org/show_bug.cgi?id=154945
        <rdar://problem/8014795>

        Reviewed by Brent Fulgham.

        WebCore::URL will now invalidate URLs with illegal IDN. And functions inside WebCoreNSURLExtras.h
        that deal with IDN mapping will now return nil to signal error.

        Test: fast/url/invalid-idn.html

        * platform/URL.cpp:
        (WebCore::isSchemeFirstChar):
        (WebCore::URL::init):
        (WebCore::appendEncodedHostname):
        (WebCore::encodeHostnames):
        (WebCore::encodeRelativeString):
        * platform/mac/WebCoreNSURLExtras.h:
        * platform/mac/WebCoreNSURLExtras.mm:
        (WebCore::mapHostNameWithRange):
        (WebCore::hostNameNeedsDecodingWithRange):
        (WebCore::hostNameNeedsEncodingWithRange):
        (WebCore::decodeHostNameWithRange):
        (WebCore::encodeHostNameWithRange):
        (WebCore::decodeHostName):
        (WebCore::encodeHostName):
        (WebCore::collectRangesThatNeedMapping):
        (WebCore::mapHostNames):
        (WebCore::URLWithData):
        (WebCore::dataWithUserTypedString):
        (WebCore::URLWithUserTypedString):
        (WebCore::URLWithUserTypedStringDeprecated):
        (WebCore::userVisibleString):

2016-03-15  Carlos Garcia Campos  <cgarcia@igalia.com>

        REGRESSION (r197724): [GTK] Web Inspector: Images being blocked by CSP 2.0
        https://bugs.webkit.org/show_bug.cgi?id=155432

        Reviewed by Darin Adler.

        The GTK+ port Web Inspector uses GResources for all internal
        resources (images, fonts, scripts, etc.) that are now blocked by
        the CSP. GResouces are like data URLs in practice, so we should
        always allow them.

        * page/csp/ContentSecurityPolicySourceList.cpp:
        (WebCore::ContentSecurityPolicySourceList::isProtocolAllowedByStar):

2016-03-14  Alex Christensen  <achristensen@webkit.org>

        Fix WinCairo build after r198195.

        * platform/network/NetworkingContext.h:
        curl networking now uses NetworkingContext::storageSession.  That's everybody!

2016-03-14  Per Arne Vollan  <peavo@outlook.com>

        [WinCairo] Compile fix.
        https://bugs.webkit.org/show_bug.cgi?id=155463

        Reviewed by Alex Christensen.

        Get the NetworkStorageSession object from the document in the same way as other platforms do.

        * loader/CookieJar.cpp:
        (WebCore::storageSession):

2016-03-14  Tim Horton  <timothy_horton@apple.com>

        <attachment> on iOS should paint its progress indicator instead of a green square
        https://bugs.webkit.org/show_bug.cgi?id=155482
        <rdar://problem/24805991>

        Reviewed by Simon Fraser.

        No new tests; there are existing tests that will be enabled shortly.

        * rendering/RenderThemeIOS.mm:
        (WebCore::getAttachmentProgress):
        Clamp progress to 0-1.

        (WebCore::paintAttachmentProgress):
        Paint a pie.

2016-03-14  Chris Dumez  <cdumez@apple.com>

        Unreviewed, rolling out r197981.

        Caused a massive PLT regression on Mac.

        Reverted changeset:

        "Font antialiasing (smoothing) changes when elements are
        rendered into compositing layers"
        https://bugs.webkit.org/show_bug.cgi?id=23364
        http://trac.webkit.org/changeset/197981

2016-03-14  Chris Dumez  <cdumez@apple.com>

        Unreviewed, rolling out r198145.

        This attempt to disable the feature did not fix the PLT
        regression

        Reverted changeset:

        "Regression(r197981): Huge regression on Mac PLT"
        https://bugs.webkit.org/show_bug.cgi?id=155443
        http://trac.webkit.org/changeset/198145

2016-03-14  Sam Weinig  <sam@webkit.org>

        Remove errant space.

        * page/UserContentController.cpp:

2016-03-14  Sam Weinig  <sam@webkit.org>

        Fix the windows build.

        * page/UserContentController.cpp:

2016-03-14  Sam Weinig  <sam@webkit.org>

        Add a baseURL parameter to _WKUserStyleSheet
        https://bugs.webkit.org/show_bug.cgi?id=155219

        Reviewed by Tim Horton.

        - Moves to a model for user content where instead of each page having a WebCore::UserContentController
          object, we have an abstract WebCore::UserContentProvider interface that can be implemented at the WebKit
          level. For now, legacy WebKit continues to use the old UserContentController, which implements 
          WebCore::UserContentProvider, and WebKit2 implements its own implementation so it can store additional
          state.

        * WebCore.xcodeproj/project.pbxproj:
        Add new files.

        * dom/ExtensionStyleSheets.cpp:
        (WebCore::ExtensionStyleSheets::updateInjectedStyleSheetCache):
        Switch to using forEachUserStyleSheet on the UserContentProvider.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::loadResource):
        Remove null check now that we always have a UserContentProvider.

        * loader/EmptyClients.cpp:
        (WebCore::fillWithEmptyClients):
        * loader/EmptyClients.h:
        Add new EmptyClients.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadResourceSynchronously):
        Remove null check now that we always have a UserContentProvider.

        * loader/PingLoader.cpp:
        (WebCore::processContentExtensionRulesForLoad):
        Remove null check now that we always have a UserContentProvider.

        * loader/ResourceLoader.cpp:
        (WebCore::ResourceLoader::willSendRequestInternal):
        Remove null check now that we always have a UserContentProvider.

        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::requestResource):
        Remove null check now that we always have a UserContentProvider.

        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::shouldHaveWebKitNamespaceForWorld):
        Remove null checks now that we always have a UserContentProvider, and userMessageHandlerDescriptors
        returns a reference.

        (WebCore::DOMWindow::open):
        Remove null check now that we always have a UserContentProvider.

        * page/Frame.cpp:
        (WebCore::Frame::injectUserScripts):
        Simplify by lifting document check out of the main loop and using forEachUserScript.

        * page/Page.cpp:
        (WebCore::Page::Page):
        (WebCore::Page::~Page):
        (WebCore::Page::userContentProvider):
        (WebCore::Page::setUserContentProvider):
        (WebCore::Page::setUserContentController): Deleted.
        * page/Page.h:
        (WebCore::Page::userContentController): Deleted.
        * page/PageConfiguration.h:
        Store the UserContentProvider in a Ref, and require PageConfigurations to provide one. This
        removes a bunch of null checks and simplifies the code.

        * page/UserContentController.cpp:
        (WebCore::UserContentController::~UserContentController):
        (WebCore::UserContentController::forEachUserScript):
        (WebCore::UserContentController::forEachUserStyleSheet):
        (WebCore::UserContentController::addUserScript):
        (WebCore::UserContentController::removeUserScript):
        (WebCore::UserContentController::removeUserScripts):
        (WebCore::UserContentController::addUserStyleSheet):
        (WebCore::UserContentController::removeUserStyleSheet):
        (WebCore::UserContentController::removeUserStyleSheets):
        (WebCore::UserContentController::addUserMessageHandlerDescriptor):
        (WebCore::UserContentController::removeUserMessageHandlerDescriptor):
        (WebCore::UserContentController::addUserContentExtension):
        (WebCore::UserContentController::removeUserContentExtension):
        (WebCore::UserContentController::removeAllUserContentExtensions):
        (WebCore::UserContentController::removeAllUserContent):
        (WebCore::UserContentController::addPage): Deleted.
        (WebCore::UserContentController::removePage): Deleted.
        (WebCore::contentExtensionsEnabled): Deleted.
        (WebCore::UserContentController::processContentExtensionRulesForLoad): Deleted.
        (WebCore::UserContentController::actionsForResourceLoad): Deleted.
        * page/UserContentController.h:
        (WebCore::UserContentController::userScripts): Deleted.
        (WebCore::UserContentController::userStyleSheets): Deleted.
        (WebCore::UserContentController::userMessageHandlerDescriptors): Deleted.
        Add inheritance from UserContentProvider and simplify things by removing unique_ptrs
        that were holding the member variables. There is usually only one UserContentController
        so having these in unique_ptrs doesn't make much sense.
        
        * page/UserContentProvider.cpp: Added.
        (WebCore::UserContentProvider::UserContentProvider):
        (WebCore::UserContentProvider::~UserContentProvider):
        (WebCore::UserContentProvider::addPage):
        (WebCore::UserContentProvider::removePage):
        (WebCore::UserContentProvider::invalidateInjectedStyleSheetCacheInAllFramesInAllPages):
        (WebCore::contentExtensionsEnabled):
        (WebCore::UserContentProvider::processContentExtensionRulesForLoad):
        (WebCore::UserContentProvider::actionsForResourceLoad):
        * page/UserContentProvider.h: Added.
        Add abstract class for providing user content and add some helpers on it.

        * page/UserMessageHandlerDescriptor.h:
        (WebCore::UserMessageHandlerDescriptor::create):
        (WebCore::UserMessageHandlerDescriptor::client):
        (WebCore::UserMessageHandlerDescriptor::invalidateClient):
        * page/UserMessageHandlersNamespace.cpp:
        (WebCore::UserMessageHandlersNamespace::handler):
        Simplify now that userContentProvider() and userMessageHandlerDescriptors() are references.

2016-03-14  Enrica Casucci  <enrica@apple.com>

        iOS: RTFD format is not available in the pasteboard after copy/cut.
        https://bugs.webkit.org/show_bug.cgi?id=155477
        rdar://problem/23500600

        Reviewed by Tim Horton.

        WebKit is using UTTypeRTFD instead of UTTypeFlatRTFD that is the
        proper RTFD format for pastedboard. I also discovered that, when
        we create the NSTextAttachment in the NSAttributedString we produce
        from the DOM range, we are not generating a file name with the
        appropriate extension for the MIME type. The iOS specific implementation
        of the MIMETypeRegistry functions were empty.
        There is no need to have a differentiation between OS X and iOS, so
        we now have only one file called MIMETypeRegistryCocoa.mm.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/cocoa/MIMETypeRegistryCocoa.mm: Added.
        (WebCore::MIMETypeRegistry::getMIMETypeForExtension):
        (WebCore::MIMETypeRegistry::getExtensionsForMIMEType):
        (WebCore::MIMETypeRegistry::getPreferredExtensionForMIMEType):
        (WebCore::MIMETypeRegistry::isApplicationPluginMIMEType):
        * platform/ios/MIMETypeRegistryIOS.mm: Removed.
        * platform/ios/PasteboardIOS.mm:
        (WebCore::Pasteboard::read):
        (WebCore::Pasteboard::supportedPasteboardTypes):
        (WebCore::Pasteboard::hasData):
        * platform/ios/PlatformPasteboardIOS.mm:
        (WebCore::PlatformPasteboard::write):
        * platform/mac/MIMETypeRegistryMac.mm: Removed.

2016-03-14  Daniel Bates  <dabates@apple.com>

        Web Inspector: Display Content Security Policy hash in details sidebar for script and style elements
        https://bugs.webkit.org/show_bug.cgi?id=155466
        <rdar://problem/25152480>

        Reviewed by Joseph Pecoraro and Timothy Hatcher.

        For convenience, display the SHA-256 Content Security Policy (CSP) hash in the node details
        sidebar for the selected HTML script element or HTML style element. A CSP script hash is
        only applicable to inline JavaScript scripts. Therefore, we will display a hash for HTML
        script elements only if they do not have a src attribute.

        Tests: inspector/dom/csp-big5-hash.html
               inspector/dom/csp-hash.html

        * inspector/InspectorDOMAgent.cpp:
        (WebCore::computeContentSecurityPolicySHA256Hash): Added.
        (WebCore::InspectorDOMAgent::buildObjectForNode): For an applicable HTML script- or style-
        element, pass the computed SHA-256 CSP hash to the Inspector front end.

2016-03-14  Joonghun Park  <jh718.park@samsung.com>

        Purge PassRefPtr from ArrayBuffer, ArchiveResource, Pasteboard, LegacyWebArchive and DataObjectGtk
        https://bugs.webkit.org/show_bug.cgi?id=150497

        Reviewed by Darin Adler.

        No new tests, no new behaviours.

        * Modules/indexeddb/IDBGetResult.h:
        (WebCore::IDBGetResult::IDBGetResult):
        * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
        (WebCore::IDBServer::SQLiteIDBBackingStore::getIndexRecord):
        * Modules/mediastream/RTCDataChannel.cpp:
        (WebCore::RTCDataChannel::didReceiveRawData):
        * dom/MessageEvent.cpp:
        (WebCore::MessageEvent::MessageEvent):
        * dom/MessageEvent.h:
        * editing/Editor.cpp:
        (WebCore::Editor::selectedRange):
        * editing/Editor.h:
        * editing/FrameSelection.h:
        (WebCore::FrameSelection::toNormalizedRange):
        * editing/VisiblePosition.cpp:
        (WebCore::makeRange):
        * editing/VisiblePosition.h:
        * editing/VisibleSelection.cpp:
        (WebCore::VisibleSelection::toNormalizedRange):
        * editing/VisibleSelection.h:
        * editing/VisibleUnits.cpp:
        (WebCore::enclosingTextUnitOfGranularity):
        (WebCore::wordRangeFromPosition):
        (WebCore::rangeExpandedByCharactersInDirectionAtWordBoundary):
        (WebCore::rangeExpandedAroundPositionByCharacters):
        * editing/VisibleUnits.h:
        * editing/cocoa/HTMLConverter.mm:
        (HTMLConverter::_addAttachmentForElement):
        (fileWrapperForURL):
        * editing/efl/EditorEfl.cpp:
        (WebCore::Editor::webContentFromPasteboard):
        * editing/gtk/EditorGtk.cpp:
        (WebCore::createFragmentFromPasteboardData):
        (WebCore::Editor::webContentFromPasteboard):
        * editing/ios/EditorIOS.mm:
        (WebCore::dataInRTFDFormat):
        (WebCore::dataInRTFFormat):
        (WebCore::Editor::selectionInWebArchiveFormat):
        (WebCore::Editor::WebContentReader::addFragment):
        (WebCore::Editor::WebContentReader::readWebArchive):
        (WebCore::Editor::WebContentReader::readRTFD):
        (WebCore::Editor::WebContentReader::readRTF):
        (WebCore::Editor::WebContentReader::readImage):
        (WebCore::Editor::WebContentReader::readURL):
        (WebCore::Editor::webContentFromPasteboard):
        (WebCore::Editor::pasteWithPasteboard):
        (WebCore::Editor::createFragmentAndAddResources):
        (WebCore::Editor::createFragmentForImageResourceAndAddResource):
        * editing/mac/EditorMac.mm:
        (WebCore::Editor::selectionInWebArchiveFormat):
        (WebCore::Editor::adjustedSelectionRange):
        (WebCore::dataInRTFDFormat):
        (WebCore::dataInRTFFormat):
        (WebCore::Editor::dataSelectionForPasteboard):
        (WebCore::Editor::WebContentReader::readWebArchive):
        (WebCore::Editor::WebContentReader::readRTFD):
        (WebCore::Editor::WebContentReader::readRTF):
        (WebCore::Editor::WebContentReader::readImage):
        (WebCore::Editor::WebContentReader::readURL):
        (WebCore::Editor::webContentFromPasteboard):
        (WebCore::Editor::createFragmentForImageResourceAndAddResource):
        (WebCore::Editor::createFragmentAndAddResources):
        * editing/win/EditorWin.cpp:
        (WebCore::createFragmentFromPlatformData):
        (WebCore::Editor::webContentFromPasteboard):
        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::archive):
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::mainResourceData):
        (WebCore::DocumentLoader::maybeCreateArchive):
        (WebCore::DocumentLoader::addArchiveResource):
        (WebCore::DocumentLoader::mainResource):
        * loader/DocumentLoader.h:
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadArchive):
        * loader/SubstituteData.h:
        (WebCore::SubstituteData::SubstituteData):
        (WebCore::SubstituteData::isValid):
        * loader/SubstituteResource.h:
        (WebCore::SubstituteResource::data):
        (WebCore::SubstituteResource::SubstituteResource):
        * loader/appcache/ApplicationCacheGroup.cpp:
        (WebCore::ApplicationCacheGroup::didReceiveResponse):
        (WebCore::ApplicationCacheGroup::didReceiveData):
        (WebCore::ApplicationCacheGroup::didFail):
        (WebCore::ApplicationCacheGroup::didReceiveManifestData):
        (WebCore::ApplicationCacheGroup::didFinishLoadingManifest):
        * loader/appcache/ApplicationCacheHost.cpp:
        (WebCore::ApplicationCacheHost::maybeLoadMainResource):
        (WebCore::ApplicationCacheHost::maybeLoadSynchronously):
        (WebCore::ApplicationCacheHost::maybeLoadFallbackSynchronously):
        * loader/appcache/ApplicationCacheResource.cpp:
        (WebCore::ApplicationCacheResource::ApplicationCacheResource):
        (WebCore::ApplicationCacheResource::deliver):
        (WebCore::ApplicationCacheResource::estimatedSizeInStorage):
        * loader/appcache/ApplicationCacheResource.h:
        (WebCore::ApplicationCacheResource::create):
        * loader/appcache/ApplicationCacheStorage.cpp:
        (WebCore::ApplicationCacheStorage::store):
        (WebCore::ApplicationCacheStorage::writeDataToUniqueFileInDirectory):
        * loader/appcache/ApplicationCacheStorage.h:
        * loader/archive/ArchiveFactory.cpp:
        (WebCore::archiveFactoryCreate):
        (WebCore::ArchiveFactory::create):
        * loader/archive/ArchiveFactory.h:
        * loader/archive/ArchiveResource.cpp:
        (WebCore::ArchiveResource::ArchiveResource):
        (WebCore::ArchiveResource::create):
        * loader/archive/ArchiveResource.h:
        * loader/archive/ArchiveResourceCollection.cpp:
        (WebCore::ArchiveResourceCollection::addResource):
        * loader/archive/ArchiveResourceCollection.h:
        * loader/archive/cf/LegacyWebArchive.cpp:
        (WebCore::LegacyWebArchive::createPropertyListRepresentation):
        (WebCore::LegacyWebArchive::createResource):
        (WebCore::LegacyWebArchive::create):
        (WebCore::LegacyWebArchive::createFromSelection):
        * loader/archive/cf/LegacyWebArchive.h:
        * loader/archive/mhtml/MHTMLArchive.cpp:
        (WebCore::MHTMLArchive::create):
        * loader/archive/mhtml/MHTMLArchive.h:
        * loader/archive/mhtml/MHTMLParser.cpp:
        (WebCore::MHTMLParser::parseArchive):
        (WebCore::MHTMLParser::parseArchiveWithHeader):
        (WebCore::MHTMLParser::parseNextPart):
        * loader/archive/mhtml/MHTMLParser.h:
        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::didAddClient):
        * loader/icon/IconDatabase.cpp:
        (WebCore::loadDefaultIconRecord):
        * loader/icon/IconRecord.cpp:
        (WebCore::IconRecord::setImageData):
        * loader/icon/IconRecord.h:
        * platform/Pasteboard.h:
        * platform/PasteboardStrategy.h:
        * platform/PlatformPasteboard.h:
        * platform/SharedBuffer.cpp:
        (WebCore::SharedBuffer::createArrayBuffer):
        (WebCore::utf8Buffer):
        * platform/SharedBuffer.h:
        (WebCore::SharedBuffer::create):
        * platform/cf/SharedBufferCF.cpp:
        (WebCore::SharedBuffer::wrapCFData):
        * platform/cocoa/NetworkExtensionContentFilter.mm:
        (WebCore::NetworkExtensionContentFilter::replacementData):
        * platform/cocoa/ParentalControlsContentFilter.mm:
        (WebCore::ParentalControlsContentFilter::replacementData):
        * platform/graphics/Image.cpp:
        (WebCore::Image::setData):
        * platform/graphics/Image.h:
        * platform/gtk/DataObjectGtk.cpp:
        (WebCore::DataObjectGtk::forClipboard):
        * platform/gtk/DataObjectGtk.h:
        (WebCore::DataObjectGtk::create):
        * platform/gtk/PasteboardGtk.cpp:
        (WebCore::Pasteboard::Pasteboard):
        (WebCore::Pasteboard::dataObject):
        * platform/ios/PasteboardIOS.mm:
        (WebCore::Pasteboard::read):
        * platform/ios/PlatformPasteboardIOS.mm:
        (WebCore::PlatformPasteboard::bufferForType):
        (WebCore::PlatformPasteboard::readBuffer):
        * platform/mac/PasteboardMac.mm:
        (WebCore::writeFileWrapperAsRTFDAttachment):
        (WebCore::Pasteboard::read):
        * platform/mac/PlatformPasteboardMac.mm:
        (WebCore::PlatformPasteboard::bufferForType):
        * platform/mac/SharedBufferMac.mm:
        (WebCore::SharedBuffer::wrapNSData):
        (WebCore::SharedBuffer::createFromReadingFile):
        * platform/network/MIMEHeader.cpp:
        (WebCore::retrieveKeyValuePairs):
        (WebCore::MIMEHeader::parseHeader):
        * platform/network/MIMEHeader.h:
        * platform/soup/SharedBufferSoup.cpp:
        (WebCore::SharedBuffer::wrapSoupBuffer):
        * platform/win/ClipboardUtilitiesWin.cpp:
        (WebCore::fragmentFromFilenames):
        (WebCore::fragmentFromCFHTML):
        (WebCore::fragmentFromHTML):
        * platform/win/ClipboardUtilitiesWin.h:
        * platform/win/PasteboardWin.cpp:
        (WebCore::Pasteboard::documentFragment):

2016-03-14  Oliver Hunt  <oliver@apple.com>

        Temporarily disable the separated heap.
        https://bugs.webkit.org/show_bug.cgi?id=155472

        Reviewed by Geoffrey Garen.

        Temporarily disable this.

        * Configurations/FeatureDefines.xcconfig:

2016-03-10  Antonio Gomes  <tonikitoo@webkit.org>

        Selecting with shift+drag results in unexpected drag-n-drop
        https://bugs.webkit.org/show_bug.cgi?id=155314

        Reviewed by Darin Adler.

        Test: editing/selection/shift-drag-selection-no-drag-n-drop.html

        Whenever user tries to extend an existing text selection by dragging the mouse
        (left button hold) with shift key pressed, WebKit enters drag-n-drop mode.
        This behavior does not match common editing behavior out there, including other
        browsers' (Firefox, Opera/Presto and IE).

        Patch changes WebKit so that whenever one extends a selection with mouse
        and shift key pressed off of a #text node, it does not enter drag-n-drop mode.

        Additionally, patch also adds some further tests to ensure that when
        selection is extended off of either a link or an image, drag-n-drop does
        get triggered, no matter if shift key is pressed.

        * page/EventHandler.cpp:
        (WebCore::EventHandler::handleMousePressEvent):

2016-03-14  Brent Fulgham  <bfulgham@apple.com>

        REGRESSION (r197114): Crash in WebCore::MediaDevicesRequest::didCompletePermissionCheck
        https://bugs.webkit.org/show_bug.cgi?id=155453
        <rdar://problem/24879447>

        Reviewed by Daniel Bates.

        Tested by fast/mediastream/enumerating-crash.html.

        * Modules/mediastream/MediaDevicesRequest.cpp:
        (WebCore::MediaDevicesRequest::didCompletePermissionCheck): Prevent UserMediaPermissionCheck object from being
        destroyed before the method completes.

2016-03-14  Simon Fraser  <simon.fraser@apple.com>

        Fix crash when reloading a page using requestAnimationFrame on iOS
        https://bugs.webkit.org/show_bug.cgi?id=155465
        rdar://problem/25100202

        Reviewed by Tim Horton.

        On iOS, it's possible for all clients for a DisplayRefreshMonitor
        to be unregistered, but still get a subsequent displayDidRefresh() for that monitor.
        In this case, we would remove(notFound) which release-asserts.
        
        Fix by just checking for notFound.
        
        Unable to test because requestAnimationFrame doesn't work in the simulator.

        * platform/graphics/DisplayRefreshMonitorManager.cpp:
        (WebCore::DisplayRefreshMonitorManager::displayDidRefresh):

2016-03-14  Per Arne Vollan  <peavo@outlook.com>

        [WinCairo][MediaFoundation] Implement float versions of MediaPlayer methods.
        https://bugs.webkit.org/show_bug.cgi?id=155357

        Reviewed by Brent Fulgham.

        It is better to implement the float versions of some of the MediaPlayer methods,
        since the default implementation of the double versions is to call the float version.
        Also added override keyword to overridden methods.

        * platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp:
        (WebCore::MediaPlayerPrivateMediaFoundation::seeking):
        (WebCore::MediaPlayerPrivateMediaFoundation::seek):
        (WebCore::MediaPlayerPrivateMediaFoundation::setRate):
        (WebCore::MediaPlayerPrivateMediaFoundation::duration):
        (WebCore::MediaPlayerPrivateMediaFoundation::currentTime):
        (WebCore::MediaPlayerPrivateMediaFoundation::seekDouble): Deleted.
        (WebCore::MediaPlayerPrivateMediaFoundation::setRateDouble): Deleted.
        (WebCore::MediaPlayerPrivateMediaFoundation::durationDouble): Deleted.
        * platform/graphics/win/MediaPlayerPrivateMediaFoundation.h:

2016-03-14  Tim Horton  <timothy_horton@apple.com>

        Revert r194125 and r194186: We're going to fix this a different way.

        * page/EventHandler.cpp:
        (WebCore::EventHandler::clear):
        * page/EventHandler.h:

2016-03-14  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        [Fetch API] FetchLoader should check for empty bodies
        https://bugs.webkit.org/show_bug.cgi?id=155440

        Reviewed by Darin Adler.

        Covered by added tests.

        * Modules/fetch/FetchLoader.cpp:
        (WebCore::FetchLoader::didFinishLoading): returning empty array buffer/empty string if no data received during loading.

2016-03-14  Chris Dumez  <cdumez@apple.com>

        Regression(r197981): Huge regression on Mac PLT
        https://bugs.webkit.org/show_bug.cgi?id=155443
        <rdar://problem/25113391>

        Reviewed by Gavin Barraclough.

        We have experience a huge regression on Mac PLT after r197981, so
        disable the feature until the performance issue is resolved.

        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayer::supportsSmoothedLayerText):

2016-03-14  Chris Vienneau  <chris.vno@outlook.com>

        PingHandle delete's itself but pointer is still used by handleDataURL
        https://bugs.webkit.org/show_bug.cgi?id=154752
        <rdar://problem/24872347>

        Reviewed by Alex Christensen.

        When a PingHandle is destroyed, we should tell its client so that the client can clear the pointer it
        holds to the element to avoid accidentally attempting to use deallocated memory.

        The ResourceHandle's client member may be null after "didReceiveResponse" is called. We should confirm
        the client is still valid after these calls.

        * platform/network/DataURL.cpp:
        (WebCore::handleDataURL): Check the client pointer before using it.
        * platform/network/PingHandle.h:
        (WebCore::PingHandle::~PingHandle): Notify the client we are being destroyed.
        * platform/platform/network/ResourceHandle.h:

2016-03-14  Zalan Bujtas  <zalan@apple.com>

        Negative outline offset could break curved outline-style: auto
        https://bugs.webkit.org/show_bug.cgi?id=155416

        Reviewed by Tim Horton.

        When radius becomes negative the rounded rect could end up being un-renderable -> no rounded corners at all.

        Test: fast/inline/hidpi-outline-auto-negative-offset-with-border-radius.html

        * platform/graphics/PathUtilities.cpp:
        (WebCore::adjustedtRadiiForHuggingCurve):

2016-03-14  Zalan Bujtas  <zalan@apple.com>

        [Outline: auto] Fractional radius value could result in non-renderable rounded border.
        https://bugs.webkit.org/show_bug.cgi?id=155420

        Reviewed by Tim Horton.

        RoundedRect::pixelSnappedRoundedRectForPainting ensures that the rounded rect is always renderable.

        Test: fast/inline/hidpi-outline-auto-with-fractional-radius.html

        * platform/graphics/PathUtilities.cpp:
        (WebCore::PathUtilities::pathWithShrinkWrappedRectsForOutline):
        * platform/graphics/PathUtilities.h:
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::paintFocusRing):

2016-03-14  Zalan Bujtas  <zalan@apple.com>

        Outline: auto has sharp corners with single line contenteditable.
        https://bugs.webkit.org/show_bug.cgi?id=155418

        Reviewed by Tim Horton.

        Multiple rectangles assumed multiline content and it broke bottomLeft and bottomRight corner check.
        This patch adds fast path for polygons with 4 corners.

        Test: fast/inline/hidpi-outline-auto-with-one-focusring-rect.html

        * platform/graphics/PathUtilities.cpp:
        (WebCore::cornerType):
        (WebCore::cornerTypeForMultiline):
        (WebCore::rectFromPolygon):
        (WebCore::PathUtilities::pathWithShrinkWrappedRectsForOutline):

2016-03-14  Joanmarie Diggs  <jdiggs@igalia.com>

        [AX] SVG element with child desc not exposed
        https://bugs.webkit.org/show_bug.cgi?id=155374

        Reviewed by Darin Adler.

        Covered by the accessibility/w3c-svg-roles.html test, which was updated.

        AccessibilitySVGRoot is now a subclass of AccessibilitySVGElement, which
        exposes SVG elements with a child desc element as per the specification.
        Also made existing protected methods private.

        * accessibility/AccessibilitySVGElement.h:
        * accessibility/AccessibilitySVGRoot.cpp:
        (WebCore::AccessibilitySVGRoot::AccessibilitySVGRoot):
        (WebCore::AccessibilitySVGRoot::parentObject):
        * accessibility/AccessibilitySVGRoot.h:

2016-03-14  Alexey Proskuryakov  <ap@apple.com>

        Build fix.

        * Modules/fetch/FetchBodyOwner.cpp:
        (WebCore::FetchBodyOwner::loadedBlobAsText):

2016-03-14  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        [Fetch API] Implement data resolution for blob stored in Body
        https://bugs.webkit.org/show_bug.cgi?id=155359

        Reviewed by Darin Adler.

        Introducing FetchLoader as a wrapper around ThreadableLoader to load resources.
        FetchLoader can retrieve data as text or array buffer. It only supports blob currently.

        Introducing FetchLoaderClient interface and FetchBodyOwner::BlobLoader as specifc blob loader client.

        Covered by existing rebased tests.

        * CMakeLists.txt:
        * Modules/fetch/FetchBody.cpp:
        (WebCore::FetchBody::loadingType):
        (WebCore::FetchBody::loadedAsArrayBuffer):
        (WebCore::FetchBody::loadedAsText):
        * Modules/fetch/FetchBody.h:
        * Modules/fetch/FetchBodyOwner.cpp: Added.
        (WebCore::FetchBodyOwner::FetchBodyOwner):
        (WebCore::FetchBodyOwner::loadBlob):
        (WebCore::FetchBodyOwner::finishBlobLoading):
        (WebCore::FetchBodyOwner::blobLoadingFailed):
        (WebCore::FetchBodyOwner::BlobLoader::didReceiveResponse):
        * Modules/fetch/FetchBodyOwner.h:
        (WebCore::FetchBodyOwner::loadedBlobAsText):
        (WebCore::FetchBodyOwner::loadedBlobAsArrayBuffer):
        (WebCore::FetchBodyOwner::blobLoadingSucceeded):
        * Modules/fetch/FetchLoader.cpp: Added.
        (WebCore::FetchLoader::start):
        (WebCore::FetchLoader::FetchLoader):
        (WebCore::FetchLoader::stop):
        (WebCore::FetchLoader::didReceiveResponse):
        (WebCore::FetchLoader::didReceiveData):
        (WebCore::FetchLoader::didFinishLoading):
        (WebCore::FetchLoader::didFail):
        * Modules/fetch/FetchLoader.h: Added.
        * Modules/fetch/FetchLoaderClient.h: Added.
        (WebCore::FetchLoaderClient::~FetchLoaderClient):
        (WebCore::FetchLoaderClient::didReceiveResponse):
        (WebCore::FetchLoaderClient::didFinishLoadingAsText):
        (WebCore::FetchLoaderClient::didFinishLoadingAsArrayBuffer):
        * WebCore.xcodeproj/project.pbxproj:

2016-03-14  Frederic Wang  <fwang@igalia.com>

        Make MathML colspan/rowspan consistent with HTML table cells.
        https://bugs.webkit.org/show_bug.cgi?id=150253

        Reviewed by Martin Robinson.

        Test: mathml/rowspan-crash.xhtml

        We make MathMLElement::colSpan and MathMLElement::rowSpan consistent with the corresponding functions in HTMLTableCellElement.cpp.
        These functions now return unsigned integers, use the same parsing functions and set a maximum for rowspan.
        This latter change fixes crash/timeout with large values of rowspan.

        * mathml/MathMLElement.cpp: Include HTMLParserIdioms to use limitToOnlyHTMLNonNegative.
        (WebCore::MathMLElement::colSpan): Use unsigned integer and limitToOnlyHTMLNonNegative.
        (WebCore::MathMLElement::rowSpan): ditto. We also use the same maximum limit as HTMLTableCellElement.
        * mathml/MathMLElement.h: Make colSpan and rowSpan return unsigned integers.

2016-03-14  Tomas Popela  <tpopela@redhat.com>

        Enable GSS-Negotiate support in libsoup
        https://bugs.webkit.org/show_bug.cgi?id=155354

        Reviewed by Carlos Garcia Campos.

        Enable the SOUP_TYPE_AUTH_NEGOTIATE feature if libsoup was compiled
        with the GSS-Negotiate support.

        * platform/network/soup/SoupNetworkSession.cpp:
        (WebCore::SoupNetworkSession::SoupNetworkSession):

2016-03-14  Ryosuke Niwa  <rniwa@webkit.org>

        Add slotchange event
        https://bugs.webkit.org/show_bug.cgi?id=155424
        <rdar://problem/24997534>

        Reviewed by Antti Koivisto.

        Added `slotchange` event as discussed on https://github.com/w3c/webcomponents/issues/288.

        While the exact semantics of it could still evolve over time, this patch implements as
        an asynchronous event that fires on a slot element whenever its distributed nodes change
        (flattened assigned nodes):
        http://w3c.github.io/webcomponents/spec/shadow/#dfn-distributed-nodes

        Since inserting or removing an element from a shadow host could needs to enqueue this event
        on the right slot element, this patch moves the invalidation point of element removals and
        insertions from Element::childrenChanged to Element::insertedInto and Element::removedFrom.
        Text nodes are still invalidated at Element::childrenChanged for performance reasons
        since it could only appear within a default slot element.

        Because this more fine-grained invalidation needs to be overridden by HTMLDetailsElement,
        we now subclass SlotAssignment in HTMLDetailsElement instead of passing in a std::function.

        Test: fast/shadow-dom/slotchange-event.html

        * dom/Document.cpp:
        (WebCore::Document::enqueueSlotchangeEvent): Added.
        * dom/Document.h:
        * dom/Element.cpp:
        (WebCore::Element::attributeChanged): Call hostChildElementDidChangeSlotAttr.
        (WebCore::Element::insertedInto): Call hostChildElementDidChange.
        (WebCore::Element::removedFrom): Ditto.
        (WebCore::Element::childrenChanged): Don't invalidate the slots on ElementInserted and
        ElementRemoved since they're now done in Element::insertedInto and Element::removedFrom.
        * dom/Event.cpp:
        (WebCore::Event::scoped): slotchange event is scoped.
        * dom/EventNames.h: Added eventNames().slotchange.
        * dom/ShadowRoot.cpp:
        (WebCore::ShadowRoot::invalidateSlotAssignments): Deleted.
        (WebCore::ShadowRoot::invalidateDefaultSlotAssignments): Deleted.
        * dom/ShadowRoot.h:
        (ShadowRoot): Added more fine-grained invalidators, mirroring changes to SlotAssignment.
        * dom/SlotAssignment.cpp:
        (WebCore::SlotAssignment::SlotAssignment): Removed a variant that takes SlotNameFunction
        since HTMLDetailsElement now subclasses SlotAssignment.
        (WebCore::SlotAssignment::~SlotAssignment): Added now that the class is virtual.
        (WebCore::recursivelyFireSlotChangeEvent): Added.
        (WebCore::SlotAssignment::didChangeSlot): Added. Invalidates the style tree only if there
        is a corresponding slot element, and fires slotchange event. When the slot element we found
        in this shadow tree is assigned to a slot element inside an inner shadow tree, recursively
        fire slotchange event on each such inner slots.
        (WebCore::SlotAssignment::hostChildElementDidChange): Added. Update the matching slot when
        an element is inserted or removed under a shadow host.
        (WebCore::SlotAssignment::assignedNodesForSlot): Removed the superfluous early exit to an
        release assert since addSlotElementByName should always create a SlotInfo for each element.
        (WebCore::SlotAssignment::slotNameForHostChild): Added. This is the equivalent of old
        m_slotNameFunction which DetailsSlotAssignment overrides.
        (WebCore::SlotAssignment::invalidateDefaultSlot): Deleted.
        (WebCore::SlotAssignment::findFirstSlotElement): Added an assertion. slotInfo.element must
        be nullptr if elementCount is 0, and elementCount must be 0 if slotInfo.element is nullptr
        after calling resolveAllSlotElements, which traverses the entire shadow tree to find all
        slot elements.
        (WebCore::SlotAssignment::assignSlots):
        * dom/SlotAssignment.h: Implemented inline functions of ShadowRoot here to avoid including
        SlotAssignment.h in ShadowRoot.h. Not inlining them results in extra function calls for all
        builtin elements with shadow root without slot elements, which impacts performance.
        (WebCore::ShadowRoot::didRemoveAllChildrenOfShadowHost): Added.
        (WebCore::ShadowRoot::didChangeDefaultSlot): Added.
        (WebCore::ShadowRoot::hostChildElementDidChange): Added.
        (WebCore::ShadowRoot::hostChildElementDidChangeSlotAttribute): Added.
        (WebCore::ShadowRoot::innerSlotDidChange):
        * html/HTMLDetailsElement.cpp:
        (WebCore::DetailsSlotAssignment): Added. Subclasses SlotAssignment to override
        hostChildElementDidChange and slotNameForHostChild.
        (WebCore::DetailsSlotAssignment::hostChildElementDidChange): Added. We don't check if this
        is the first summary element since we don't know the answer when this function is called
        inside Element::removedFrom.
        (WebCore::DetailsSlotAssignment::slotNameForHostChild): Renamed from slotNameFunction. Also
        removed the code to return nullAtom when details element is not open as that messes up new
        fine-grained invalidation. Insert/remove the slot element in parseAttribute instead.
        (WebCore::HTMLDetailsElement::didAddUserAgentShadowRoot): Don't insert the slot element for
        the summary since the details element is not open now.
        (WebCore::HTMLDetailsElement::parseAttribute): Remove and insert the slot element for the
        summary here instead of changing the behavior of slotNameForHostChild.
        * html/HTMLDetailsElement.h:
        * html/HTMLSlotElement.cpp:
        (WebCore::HTMLSlotElement::enqueueSlotChangeEvent): Added. Enqueues a new slotchange event
        if we haven't done so for this element yet.
        (WebCore::HTMLSlotElement::dispatchEvent): Added. Clear m_hasEnqueuedSlotChangeEvent when
        dispatching a slotchange event so that a subsequent call to enqueueSlotChangeEvent would
        enqueue a new event. Note scripts call EventTarget::dispatchEventForBindings instead.
        * html/HTMLSlotElement.h:

2016-03-14  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        Introduce CallWith=Document in binding generator
        https://bugs.webkit.org/show_bug.cgi?id=155358

        Reviewed by Darin Adler.

        Covered by existing tests and binding test.

        * Modules/notifications/Notification.cpp:
        (WebCore::Notification::permission): Taking a Document& instead of ScriptExecutionContext&.
        (WebCore::Notification::requestPermission): Ditto.
        * Modules/notifications/Notification.h:
        * Modules/notifications/Notification.idl: Using CallWith=Document.
        * bindings/scripts/CodeGeneratorJS.pm: Adding support for CallWith=Document and changed name from scriptContext to context.
        (GenerateCallWith):
        (GenerateConstructorDefinition):
        * bindings/scripts/IDLAttributes.txt: Adding support for CallWith=Document.
        * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
        (webkit_dom_test_obj_with_document_argument):
        * bindings/scripts/test/GObject/WebKitDOMTestObj.h:
        * bindings/scripts/test/JS/JSTestInterface.cpp:
        (WebCore::jsTestInterfacePrototypeFunctionImplementsMethod2):
        (WebCore::jsTestInterfacePrototypeFunctionSupplementalMethod2):
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::jsTestObjWithScriptExecutionContextAttribute):
        (WebCore::jsTestObjWithScriptExecutionContextAttributeRaises):
        (WebCore::jsTestObjWithScriptExecutionContextAndScriptStateAttribute):
        (WebCore::jsTestObjWithScriptExecutionContextAndScriptStateAttributeRaises):
        (WebCore::jsTestObjWithScriptExecutionContextAndScriptStateWithSpacesAttribute):
        (WebCore::setJSTestObjWithScriptExecutionContextAttribute):
        (WebCore::setJSTestObjWithScriptExecutionContextAttributeRaises):
        (WebCore::setJSTestObjWithScriptExecutionContextAndScriptStateAttribute):
        (WebCore::setJSTestObjWithScriptExecutionContextAndScriptStateAttributeRaises):
        (WebCore::setJSTestObjWithScriptExecutionContextAndScriptStateWithSpacesAttribute):
        (WebCore::jsTestObjPrototypeFunctionWithScriptExecutionContext):
        (WebCore::jsTestObjPrototypeFunctionWithScriptExecutionContextAndScriptState):
        (WebCore::jsTestObjPrototypeFunctionWithScriptExecutionContextAndScriptStateObjException):
        (WebCore::jsTestObjPrototypeFunctionWithScriptExecutionContextAndScriptStateWithSpaces):
        (WebCore::jsTestObjPrototypeFunctionWithDocumentArgument):
        * bindings/scripts/test/ObjC/DOMTestObj.h:
        * bindings/scripts/test/ObjC/DOMTestObj.mm:
        (-[DOMTestObj withDocumentArgument]):
        * bindings/scripts/test/TestObj.idl: Adding binding test.
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::focus): Taking a Document& instead of ScriptExecutionContext&.
        (WebCore::DOMWindow::close): Ditto.
        * page/DOMWindow.h:
        * page/DOMWindow.idl:
        * page/History.cpp:
        (WebCore::History::back): Ditto.
        (WebCore::History::forward): Ditto.
        (WebCore::History::go): Ditto.
        * page/History.h:
        * page/History.idl:
        * testing/Internals.cpp:
        (WebCore::InspectorStubFrontend::closeWindow): Calling DOMWindow::close() directly.

2016-03-13  Joseph Pecoraro  <pecoraro@apple.com>

        Remove ENABLE(ES6_TEMPLATE_LITERAL_SYNTAX) guards
        https://bugs.webkit.org/show_bug.cgi?id=155417

        Reviewed by Yusuke Suzuki.

        * Configurations/FeatureDefines.xcconfig:

2016-03-13  Sam Weinig  <sam@webkit.org>

        Implement unprivileged execCommand("copy") and execCommand("cut")
        <rdar://problem/24354406>
        https://bugs.webkit.org/show_bug.cgi?id=146336

        Reviewed by Dean Jackson.

        Test: editing/execCommand/clipboard-access-with-user-gesture.html

        * WebCore.xcodeproj/project.pbxproj:
        Add new files.

        * editing/ClipboardAccessPolicy.h:
        Added.

        * editing/EditorCommand.cpp:
        (WebCore::defaultValueForSupportedCopyCut):
        (WebCore::supportedCopyCut):
        Match other browsers and allow the copy and cut commands
        to be executed when there is a user gesture.

        * page/Settings.h:
        Add include of ClipboardAccessPolicy.h.

        * page/Settings.in:
        Add new setting for ClipboardAccessPolicy

2016-03-13  Ryosuke Niwa  <rniwa@webkit.org>

        REGRESSION (r190840): crash inside details element's slotNameFunction
        https://bugs.webkit.org/show_bug.cgi?id=155388

        Reviewed by Antti Koivisto.

        The bug was caused by HTMLDetailsElement::isActiveSummary calling findAssignedSlot with a summary element
        inside the shadow tree of the detials element. Fixed it by existing early when the summary element passed
        to isActiveSummary is not a direct child of the details element.

        Test: fast/html/details-summary-tabindex-crash.html

        * dom/ShadowRoot.cpp:
        (WebCore::ShadowRoot::findAssignedSlot): Added an assertion for regression testing.
        * dom/SlotAssignment.cpp:
        (WebCore::SlotAssignment::findAssignedSlot): Removed the superfluous call to assignSlots added in r190840.
        There is no need to update the slot assignments here (entires in m_slots are added or removed by
        addSlotElementByName or removeSlotElementByName and assignSlots only updates assignedNodes in each SlotInfo
        which is never used in this function or findFirstSlotElement.
        * html/HTMLDetailsElement.cpp:
        (WebCore::HTMLDetailsElement::isActiveSummary): Fixed the bug.

2016-03-13  Antti Koivisto  <antti@apple.com>

        ComposedTreeIterator fails to traverse slots if root is shadow host
        https://bugs.webkit.org/show_bug.cgi?id=155407

        Reviewed by Darin Adler.

        Test: fast/shadow-dom/composed-tree-shadow-subtree.html

        * dom/ComposedTreeIterator.cpp:
        (WebCore::ComposedTreeIterator::ComposedTreeIterator):

            Traversal functions assume m_contextStack is deeper than 1 before they need to enter slot traversal code paths.
            Call initializeContextStack in case of shadow host which does the right thing.

        (WebCore::ComposedTreeIterator::traverseSiblingInSlot):
        (WebCore::composedTreeAsText):

            Add option to include pointers as debugging aid.

        * dom/ComposedTreeIterator.h:
        (WebCore::composedTreeChildren):

2016-03-12  Sam Weinig  <sam@webkit.org>

        WebKit can easily crash below NetworkSession::dataTaskForIdentifier() with NSURLSession enabled
        <rdar://problem/25129946>
        https://bugs.webkit.org/show_bug.cgi?id=155401

        Reviewed by Alex Christensen.

        Add a SessionID as a member of NetworkStorageSession. This allows us to avoid having HashMaps
        to map between the two types.

        * platform/network/NetworkStorageSession.h:
        (WebCore::NetworkStorageSession::sessionID):
        (WebCore::NetworkStorageSession::credentialStorage):
        (WebCore::NetworkStorageSession::platformSession):
        * platform/network/NetworkStorageSessionStub.cpp:
        (WebCore::NetworkStorageSession::NetworkStorageSession):
        (WebCore::NetworkStorageSession::context):
        (WebCore::NetworkStorageSession::createPrivateBrowsingSession):
        (WebCore::defaultSession):
        (WebCore::NetworkStorageSession::defaultStorageSession):
        (WebCore::NetworkStorageSession::switchToNewTestingSession):
        * platform/network/cf/NetworkStorageSessionCFNet.cpp:
        (WebCore::NetworkStorageSession::NetworkStorageSession):
        (WebCore::NetworkStorageSession::switchToNewTestingSession):
        (WebCore::NetworkStorageSession::defaultStorageSession):
        (WebCore::NetworkStorageSession::createPrivateBrowsingSession):
        * platform/network/soup/NetworkStorageSessionSoup.cpp:
        (WebCore::NetworkStorageSession::NetworkStorageSession):
        (WebCore::NetworkStorageSession::defaultStorageSession):
        (WebCore::NetworkStorageSession::createPrivateBrowsingSession):
        (WebCore::NetworkStorageSession::switchToNewTestingSession):
        (WebCore::NetworkStorageSession::soupNetworkSession):

2016-03-13  Jon Lee  <jonlee@apple.com>

        getUserMedia requests from the main frame should be treated the same as requests from an iframe with the same origin
        https://bugs.webkit.org/show_bug.cgi?id=155405
        <rdar://problem/25131007>

        Reviewed by Eric Carlson.

        When gUM is called from the main frame, or from a subframe with the same origin, the
        top level document origin should be the same.

        * Modules/mediastream/UserMediaRequest.cpp:
        (WebCore::UserMediaRequest::userMediaDocumentOrigin): Reverse the logic so that it is similar
        to topLevelDocumentOrigin.
        (WebCore::UserMediaRequest::topLevelDocumentOrigin): Return the top origin always.

2016-03-13  David Kilzer  <ddkilzer@apple.com>

        REGRESSION (r198079): Windows build broke because of "%PRId64" format specifier

        * platform/network/ParsedContentRange.cpp: Add #include
        <wtf/StdLibExtras.h> and remove local definition of "PRId64".

2016-03-13  Joonghun Park  <jh718.park@samsung.com>

        [EFL] Fix debug build error since r197690. Unreviewed.
        https://bugs.webkit.org/show_bug.cgi?id=155408

        Unreviewed. Change %lld to %PRId instead to correct the error below.
        error: format ‘%lld’ expects argument of type ‘long long int’,
        but argument 5 has type ‘std::chrono::duration<long int, std::ratio<1l, 1000l> >::rep
        {aka long int}’ [-Werror=format=]

        * page/DOMTimer.cpp:
        (WebCore::DOMTimer::updateTimerIntervalIfNecessary):

2016-03-12  Myles C. Maxfield  <mmaxfield@apple.com>

        [Cocoa] Remove typedef from NSScrollerImp to ScrollbarPainter
        https://bugs.webkit.org/show_bug.cgi?id=155379

        Reviewed by Beth Dakin.

        There's no reason to not call them what they are.

        No new tests because there is no behavior change.

        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::frameViewLayoutUpdated):
        * page/scrolling/ScrollingStateFrameScrollingNode.cpp:
        (WebCore::ScrollingStateFrameScrollingNode::ScrollingStateFrameScrollingNode):
        (WebCore::ScrollingStateFrameScrollingNode::setScrollerImpsFromScrollbars):
        (WebCore::ScrollingStateFrameScrollingNode::setScrollbarPaintersFromScrollbars): Deleted.
        * page/scrolling/ScrollingStateFrameScrollingNode.h:
        * page/scrolling/mac/ScrollingStateFrameScrollingNodeMac.mm:
        (WebCore::ScrollingStateFrameScrollingNode::setScrollerImpsFromScrollbars):
        (WebCore::ScrollingStateFrameScrollingNode::setScrollbarPaintersFromScrollbars): Deleted.
        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.h:
        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
        (WebCore::ScrollingTreeFrameScrollingNodeMac::ScrollingTreeFrameScrollingNodeMac):
        (WebCore::ScrollingTreeFrameScrollingNodeMac::~ScrollingTreeFrameScrollingNodeMac):
        (WebCore::ScrollingTreeFrameScrollingNodeMac::releaseReferencesToScrollerImpsOnTheMainThread):
        (WebCore::ScrollingTreeFrameScrollingNodeMac::updateBeforeChildren):
        (WebCore::ScrollingTreeFrameScrollingNodeMac::handleWheelEvent):
        (WebCore::ScrollingTreeFrameScrollingNodeMac::setScrollLayerPosition):
        (WebCore::ScrollingTreeFrameScrollingNodeMac::releaseReferencesToScrollbarPaintersOnTheMainThread): Deleted.
        * platform/ScrollbarThemeComposite.h:
        * platform/mac/ScrollAnimatorMac.h:
        * platform/mac/ScrollAnimatorMac.mm:
        (scrollbarPainterForScrollbar):
        (-[WebScrollerImpDelegate setUpAlphaAnimation:scrollerPainter:part:animateAlphaTo:duration:]):
        (-[WebScrollerImpDelegate scrollerImp:animateKnobAlphaTo:duration:]):
        (-[WebScrollerImpDelegate scrollerImp:animateTrackAlphaTo:duration:]):
        (-[WebScrollerImpDelegate scrollerImp:animateUIStateTransitionWithDuration:]):
        (-[WebScrollerImpDelegate scrollerImp:animateExpansionTransitionWithDuration:]):
        (WebCore::ScrollAnimatorMac::ScrollAnimatorMac):
        (WebCore::ScrollAnimatorMac::~ScrollAnimatorMac):
        (WebCore::ScrollAnimatorMac::mouseEnteredScrollbar):
        (WebCore::ScrollAnimatorMac::mouseExitedScrollbar):
        (WebCore::ScrollAnimatorMac::mouseIsDownInScrollbar):
        (WebCore::ScrollAnimatorMac::didAddVerticalScrollbar):
        (WebCore::ScrollAnimatorMac::willRemoveVerticalScrollbar):
        (WebCore::ScrollAnimatorMac::didAddHorizontalScrollbar):
        (WebCore::ScrollAnimatorMac::willRemoveHorizontalScrollbar):
        (WebCore::ScrollAnimatorMac::invalidateScrollbarPartLayers):
        (WebCore::ScrollAnimatorMac::verticalScrollbarLayerDidChange):
        (WebCore::ScrollAnimatorMac::horizontalScrollbarLayerDidChange):
        (WebCore::ScrollAnimatorMac::shouldScrollbarParticipateInHitTesting):
        (WebCore::ScrollAnimatorMac::notifyContentAreaScrolled):
        (WebCore::ScrollAnimatorMac::cancelAnimations):
        (WebCore::ScrollAnimatorMac::updateScrollerStyle):
        (WebCore::ScrollAnimatorMac::initialScrollbarPaintTimerFired):
        (-[WebScrollbarPainterDelegate setUpAlphaAnimation:scrollerPainter:part:animateAlphaTo:duration:]): Deleted.
        (-[WebScrollbarPainterDelegate scrollerImp:animateKnobAlphaTo:duration:]): Deleted.
        (-[WebScrollbarPainterDelegate scrollerImp:animateTrackAlphaTo:duration:]): Deleted.
        (-[WebScrollbarPainterDelegate scrollerImp:animateUIStateTransitionWithDuration:]): Deleted.
        (-[WebScrollbarPainterDelegate scrollerImp:animateExpansionTransitionWithDuration:]): Deleted.
        * platform/mac/ScrollbarThemeMac.h:
        * platform/mac/ScrollbarThemeMac.mm:
        (WebCore::scrollbarMap):
        (+[WebScrollbarPrefsObserver appearancePrefsChanged:]):
        (WebCore::ScrollbarThemeMac::registerScrollbar):
        (WebCore::ScrollbarThemeMac::setNewPainterForScrollbar):
        (WebCore::ScrollbarThemeMac::painterForScrollbar):
        (WebCore::ScrollbarThemeMac::scrollbarThickness):
        (WebCore::ScrollbarThemeMac::updateScrollbarOverlayStyle):
        (WebCore::ScrollbarThemeMac::hasThumb):
        (WebCore::ScrollbarThemeMac::setPaintCharacteristicsForScrollbar):
        (WebCore::scrollbarPainterPaint):

2016-03-12  Dean Jackson  <dino@apple.com>

        REGRESSION (r188647): Teamtreehouse website sidebar buttons are not rendered
        https://bugs.webkit.org/show_bug.cgi?id=155400
        <rdar://problem/24818602>

        Reviewed by Anders Carlsson.

        When we unprefixed CSS filters we accidentally
        stopped SVG elements that use the CSS filter shorthands
        from rendering. We still don't actually support
        the shorthands in this case, but we should render
        the element without the filter.

        Tests: css3/filters/filters-on-svg-element.html
               css3/filters/filters-on-svg-root.html

        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::hasReferenceFilterOnly): Add
        this new function that tells us if we have the
        style of filter that we can handle in SVG content.
        * rendering/style/RenderStyle.h:
        * rendering/svg/SVGRenderingContext.cpp:
        (WebCore::SVGRenderingContext::prepareToRenderSVGContent):
        We can mark an element as ready to render if it
        has a shorthand filter.

2016-03-12  Myles C. Maxfield  <mmaxfield@apple.com>

        Delete dead SVG Font code
        https://bugs.webkit.org/show_bug.cgi?id=154718

        Reviewed by Antti Koivisto.

        All the ports have adopted the SVG -> OTF Font Converter, so there will never
        be an instantiation of a font backed by a DOM subtree. We can remove all the
        infrastructure used to support that.

        No new tests because there is no behavior change.

        * CMakeLists.txt:
        * Configurations/FeatureDefines.xcconfig:
        * WebCore.order:
        * WebCore.xcodeproj/project.pbxproj:
        * css/CSSFontFaceSource.cpp:
        (WebCore::CSSFontFaceSource::CSSFontFaceSource): Deleted.
        (WebCore::CSSFontFaceSource::font): Deleted.
        * css/CSSFontFaceSource.h:
        * loader/cache/CachedFont.cpp:
        * loader/cache/CachedSVGFont.cpp:
        (WebCore::CachedSVGFont::createFont): Deleted.
        (WebCore::CachedSVGFont::ensureCustomFontData): Deleted.
        * loader/cache/CachedSVGFont.h:
        * platform/graphics/Font.cpp:
        (WebCore::Font::Font):
        (WebCore::fillGlyphPage):
        (WebCore::Font::description): Deleted.
        (WebCore::Font::createScaledFont): Deleted.
        (WebCore::Font::applyTransforms): Deleted.
        * platform/graphics/Font.h:
        (WebCore::Font::widthForGlyph):
        (WebCore::Font::SVGData::~SVGData): Deleted.
        (WebCore::Font::create): Deleted.
        (WebCore::Font::svgData): Deleted.
        (WebCore::Font::isSVGFont): Deleted.
        * platform/graphics/win/FontWin.cpp:
        * platform/graphics/FontCascade.cpp:
        (WebCore::FontCascade::drawText):
        (WebCore::FontCascade::drawEmphasisMarks):
        (WebCore::FontCascade::glyphDataForCharacter):
        (WebCore::FontCascade::adjustSelectionRectForText):
        (WebCore::FontCascade::offsetForPosition):
        (WebCore::FontCascade::drawEmphasisMarksForSimpleText):
        (WebCore::FontCascade::drawGlyphBuffer):
        (WebCore::isDrawnWithSVGFont): Deleted.
        (WebCore::FontCascade::width): Deleted.
        (WebCore::FontCascade::codePath): Deleted.
        * platform/graphics/FontCascade.h:
        * platform/graphics/GraphicsContext.h:
        * platform/graphics/SVGGlyph.cpp: Removed.
        (WebCore::processArabicFormDetection): Deleted.
        (WebCore::charactersWithArabicForm): Deleted.
        (WebCore::isCompatibleArabicForm): Deleted.
        (WebCore::isCompatibleGlyph): Deleted.
        * platform/graphics/SVGGlyph.h: Removed.
        (WebCore::SVGGlyph::SVGGlyph): Deleted.
        (WebCore::SVGGlyph::inheritedValue): Deleted.
        (WebCore::SVGGlyph::operator==): Deleted.
        * platform/graphics/TextRun.cpp:
        * platform/graphics/TextRun.h:
        (WebCore::TextRun::RenderingContext::~RenderingContext): Deleted.
        (WebCore::TextRun::renderingContext): Deleted.
        (WebCore::TextRun::setRenderingContext): Deleted.
        * platform/graphics/WidthIterator.cpp:
        (WebCore::WidthIterator::applyFontTransforms):
        (WebCore::WidthIterator::advanceInternal):
        (WebCore::WidthIterator::glyphDataForCharacter): Deleted.
        * platform/graphics/WidthIterator.h:
        (WebCore::WidthIterator::lastGlyphName): Deleted.
        (WebCore::WidthIterator::setLastGlyphName): Deleted.
        (WebCore::WidthIterator::arabicForms): Deleted.
        * platform/graphics/cairo/FontCairo.cpp:
        (WebCore::CairoGlyphToPathTranslator::advance):
        (WebCore::FontCascade::dashesForIntersectionsWithRect):
        (WebCore::CairoGlyphToPathTranslator::moveToNextValidGlyph): Deleted.
        * platform/graphics/cocoa/FontCascadeCocoa.mm:
        (WebCore::MacGlyphToPathTranslator::advance):
        (WebCore::FontCascade::dashesForIntersectionsWithRect):
        (WebCore::FontCascade::primaryFontIsSystemFont):
        (WebCore::FontCascade::drawEmphasisMarksForComplexText):
        (WebCore::MacGlyphToPathTranslator::moveToNextValidGlyph): Deleted.
        * platform/graphics/harfbuzz/HarfBuzzShaper.cpp:
        (WebCore::HarfBuzzShaper::shapeHarfBuzzRuns): Deleted.
        * platform/graphics/mac/ComplexTextController.cpp:
        (WebCore::TextLayout::isNeeded):
        (WebCore::TextLayout::TextLayout):
        (WebCore::TextLayout::constructTextRun):
        * rendering/EllipsisBox.cpp:
        (WebCore::EllipsisBox::paint):
        (WebCore::EllipsisBox::selectionRect):
        (WebCore::EllipsisBox::paintSelection):
        * rendering/InlineTextBox.cpp:
        (WebCore::InlineTextBox::localSelectionRect):
        (WebCore::InlineTextBox::paint):
        (WebCore::InlineTextBox::paintSelection):
        (WebCore::InlineTextBox::paintCompositionBackground):
        (WebCore::InlineTextBox::paintDocumentMarker):
        (WebCore::InlineTextBox::paintTextMatchMarker):
        (WebCore::InlineTextBox::offsetForPosition):
        (WebCore::InlineTextBox::positionForOffset):
        (WebCore::InlineTextBox::constructTextRun):
        * rendering/InlineTextBox.h:
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::constructTextRun):
        * rendering/RenderBlock.h:
        * rendering/RenderBlockFlow.cpp:
        (WebCore::stripTrailingSpace):
        * rendering/RenderBlockLineLayout.cpp:
        (WebCore::RenderBlockFlow::checkLinesForTextOverflow):
        * rendering/RenderDeprecatedFlexibleBox.cpp:
        (WebCore::RenderDeprecatedFlexibleBox::applyLineClamp):
        * rendering/RenderFileUploadControl.cpp:
        (WebCore::RenderFileUploadControl::paintObject):
        (WebCore::RenderFileUploadControl::computeIntrinsicLogicalWidths):
        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::setImageSizeForAltText):
        (WebCore::RenderImage::paintReplaced):
        * rendering/RenderListBox.cpp:
        (WebCore::RenderListBox::updateFromElement):
        * rendering/RenderListMarker.cpp:
        (WebCore::RenderListMarker::paint):
        (WebCore::RenderListMarker::computePreferredLogicalWidths):
        (WebCore::RenderListMarker::getRelativeMarkerRect):
        * rendering/RenderMenuList.cpp:
        (RenderMenuList::updateOptionsWidth):
        * rendering/RenderText.cpp:
        (WebCore::RenderText::widthFromCache):
        (WebCore::RenderText::trimmedPrefWidths):
        (WebCore::hyphenWidth):
        (WebCore::maxWordFragmentWidth):
        (WebCore::RenderText::computePreferredLogicalWidths):
        (WebCore::RenderText::width):
        * rendering/RenderTextControl.cpp:
        (WebCore::RenderTextControl::getAverageCharWidth):
        * rendering/RenderThemeIOS.mm:
        (WebCore::RenderThemeMeasureTextClient::RenderThemeMeasureTextClient):
        (WebCore::adjustInputElementButtonStyle):
        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::canUseForFontAndText): Deleted.
        * rendering/line/BreakingContext.h:
        (WebCore::WordTrailingSpace::WordTrailingSpace):
        (WebCore::WordTrailingSpace::width):
        (WebCore::measureHyphenWidth):
        (WebCore::textWidth):
        (WebCore::tryHyphenating):
        (WebCore::BreakingContext::handleText):
        * rendering/svg/RenderSVGAllInOne.cpp:
        * rendering/svg/RenderSVGText.cpp:
        * rendering/svg/SVGInlineTextBox.cpp:
        (WebCore::SVGInlineTextBox::prepareGraphicsContextForTextPainting):
        (WebCore::SVGInlineTextBox::restoreGraphicsContextAfterTextPainting):
        (WebCore::SVGInlineTextBox::paintTextWithShadows):
        (WebCore::SVGInlineTextBox::constructTextRun): Deleted.
        * rendering/svg/SVGInlineTextBox.h:
        * rendering/svg/SVGTextLayoutEngine.cpp:
        (WebCore::SVGTextLayoutEngine::layoutTextOnLineOrPath):
        * rendering/svg/SVGTextLayoutEngineSpacing.cpp:
        (WebCore::SVGTextLayoutEngineSpacing::calculateSVGKerning): Deleted.
        * rendering/svg/SVGTextLayoutEngineSpacing.h:
        * rendering/svg/SVGTextMetrics.cpp:
        (WebCore::SVGTextMetrics::SVGTextMetrics):
        (WebCore::SVGTextMetrics::constructTextRun): Deleted.
        * rendering/svg/SVGTextMetrics.h:
        * rendering/svg/SVGTextMetricsBuilder.cpp:
        (WebCore::SVGTextMetricsBuilder::advanceSimpleText):
        * rendering/svg/SVGTextRunRenderingContext.cpp: Removed.
        (WebCore::svgFontAndFontFaceElementForFontData): Deleted.
        (WebCore::SVGTextRunRenderingContext::floatWidthUsingSVGFont): Deleted.
        (WebCore::SVGTextRunRenderingContext::applySVGKerning): Deleted.
        (WebCore::SVGGlyphToPathTranslator::SVGGlyphToPathTranslator): Deleted.
        (WebCore::SVGGlyphToPathTranslator::transform): Deleted.
        (WebCore::SVGGlyphToPathTranslator::path): Deleted.
        (WebCore::SVGGlyphToPathTranslator::extents): Deleted.
        (WebCore::SVGGlyphToPathTranslator::moveToNextValidGlyph): Deleted.
        (WebCore::SVGGlyphToPathTranslator::advance): Deleted.
        (WebCore::SVGTextRunRenderingContext::createGlyphToPathTranslator): Deleted.
        (WebCore::SVGTextRunRenderingContext::drawSVGGlyphs): Deleted.
        (WebCore::missingGlyphForFont): Deleted.
        (WebCore::SVGTextRunRenderingContext::glyphDataForCharacter): Deleted.
        * rendering/svg/SVGTextRunRenderingContext.h: Removed.
        * svg/SVGAllInOne.cpp:
        * svg/SVGFontData.cpp: Removed.
        (WebCore::SVGFontData::SVGFontData): Deleted.
        (WebCore::SVGFontData::initializeFont): Deleted.
        (WebCore::SVGFontData::widthForSVGGlyph): Deleted.
        (WebCore::SVGFontData::applySVGGlyphSelection): Deleted.
        (WebCore::SVGFontData::fillSVGGlyphPage): Deleted.
        (WebCore::SVGFontData::fillBMPGlyphs): Deleted.
        (WebCore::SVGFontData::fillNonBMPGlyphs): Deleted.
        (WebCore::computeNormalizedSpaces): Deleted.
        (WebCore::createStringWithMirroredCharacters): Deleted.
        * svg/SVGFontData.h: Removed.
        (WebCore::SVGFontData::~SVGFontData): Deleted.
        (WebCore::SVGFontData::svgFontFaceElement): Deleted.
        (WebCore::SVGFontData::horizontalOriginX): Deleted.
        (WebCore::SVGFontData::horizontalOriginY): Deleted.
        (WebCore::SVGFontData::horizontalAdvanceX): Deleted.
        (WebCore::SVGFontData::verticalOriginX): Deleted.
        (WebCore::SVGFontData::verticalOriginY): Deleted.
        (WebCore::SVGFontData::verticalAdvanceY): Deleted.
        * svg/SVGFontElement.cpp:
        (WebCore::SVGFontElement::SVGFontElement): Deleted.
        (WebCore::SVGFontElement::invalidateGlyphCache): Deleted.
        (WebCore::SVGFontElement::firstMissingGlyphElement): Deleted.
        (WebCore::SVGFontElement::registerLigaturesInGlyphCache): Deleted.
        (WebCore::SVGFontElement::ensureGlyphCache): Deleted.
        (WebCore::SVGKerningMap::clear): Deleted.
        (WebCore::SVGKerningMap::insert): Deleted.
        (WebCore::stringMatchesUnicodeRange): Deleted.
        (WebCore::stringMatchesGlyphName): Deleted.
        (WebCore::stringMatchesUnicodeName): Deleted.
        (WebCore::matches): Deleted.
        (WebCore::kerningForPairOfStringsAndGlyphs): Deleted.
        (WebCore::SVGFontElement::horizontalKerningForPairOfStringsAndGlyphs): Deleted.
        (WebCore::SVGFontElement::verticalKerningForPairOfStringsAndGlyphs): Deleted.
        (WebCore::SVGFontElement::collectGlyphsForString): Deleted.
        (WebCore::SVGFontElement::collectGlyphsForGlyphName): Deleted.
        (WebCore::SVGFontElement::svgGlyphForGlyph): Deleted.
        (WebCore::SVGFontElement::missingGlyph): Deleted.
        * svg/SVGFontElement.h:
        (WebCore::SVGKerning::SVGKerning): Deleted.
        (WebCore::SVGKerningMap::isEmpty): Deleted.
        * svg/SVGGlyphElement.cpp:
        (WebCore::SVGGlyphElement::invalidateGlyphCache): Deleted.
        (WebCore::SVGGlyphElement::parseAttribute): Deleted.
        (WebCore::SVGGlyphElement::insertedInto): Deleted.
        (WebCore::SVGGlyphElement::removedFrom): Deleted.
        (WebCore::parseArabicForm): Deleted.
        (WebCore::parseOrientation): Deleted.
        (WebCore::SVGGlyphElement::inheritUnspecifiedAttributes): Deleted.
        (WebCore::parseSVGGlyphAttribute): Deleted.
        (WebCore::SVGGlyphElement::buildGenericGlyphIdentifier): Deleted.
        (WebCore::SVGGlyphElement::buildGlyphIdentifier): Deleted.
        * svg/SVGGlyphElement.h:
        * svg/SVGGlyphMap.h: Removed.
        (WebCore::GlyphMapNode::GlyphMapNode): Deleted.
        (WebCore::GlyphMapNode::create): Deleted.
        (WebCore::SVGGlyphMap::SVGGlyphMap): Deleted.
        (WebCore::SVGGlyphMap::addGlyph): Deleted.
        (WebCore::SVGGlyphMap::appendToGlyphTable): Deleted.
        (WebCore::SVGGlyphMap::compareGlyphPriority): Deleted.
        (WebCore::SVGGlyphMap::collectGlyphsForString): Deleted.
        (WebCore::SVGGlyphMap::clear): Deleted.
        (WebCore::SVGGlyphMap::svgGlyphForGlyph): Deleted.
        (WebCore::SVGGlyphMap::glyphIdentifierForGlyphName): Deleted.
        * svg/SVGHKernElement.cpp:
        (WebCore::SVGHKernElement::insertedInto): Deleted.
        (WebCore::SVGHKernElement::removedFrom): Deleted.
        * svg/SVGHKernElement.h:
        * svg/SVGToOTFFontConversion.cpp:
        * svg/SVGToOTFFontConversion.h:
        * svg/SVGVKernElement.cpp:
        (WebCore::SVGVKernElement::insertedInto): Deleted.
        (WebCore::SVGVKernElement::removedFrom): Deleted.
        * svg/SVGVKernElement.h:

2016-03-12  Myles C. Maxfield  <mmaxfield@apple.com>

        [OS X] Scrollbars of overflow:scroll divs should appear on the left on RTL systems
        https://bugs.webkit.org/show_bug.cgi?id=155385

        Reviewed by Simon Fraser.

        There is already some existing setup for RTL scrollbars. This patch hooks up this
        existing support to the OS X triggering mechanism introduced in r197956. It also
        fixes up the existing support to function even when the direction of the
        RTL-scrollbar div is LTR (this means the contents of the div must be pushed
        over by the width of the scrollbar).

        Tests: fast/scrolling/rtl-scrollbars-overflow-contents.html
               fast/scrolling/rtl-scrollbars-overflow-dir-rtl.html
               fast/scrolling/rtl-scrollbars-overflow-padding.html
               fast/scrolling/rtl-scrollbars-overflow-simple.html
               fast/scrolling/rtl-scrollbars-overflow.html

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::addOverflowFromPositionedObjects):
        (WebCore::RenderBlock::logicalLeftOffsetForContent):
        (WebCore::RenderBlock::logicalRightOffsetForContent):
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::determineLogicalLeftPositionForChild):
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::overflowClipRect):
        (WebCore::RenderBox::layoutOverflowRectForPropagation):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::computeScrollDimensions):
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::shouldPlaceBlockDirectionScrollbarOnLogicalLeft):
        * rendering/style/RenderStyle.h:

2016-03-12  Zalan Bujtas  <zalan@apple.com>

        [Forms: focus] focus rings around text fields do not follow contour (border-radius)
        https://bugs.webkit.org/show_bug.cgi?id=154099
        rdar://problem/9988429

        Reviewed by Tim Horton.

        This patch enables outline-style: auto to follow the curve of border-radius.
        When both border-radius and outline-style: auto are set, the native focusring painting will take the border-radius values
        into account. This is only for outline-style: auto, other non-auto outline styles paint as if there
        was no border-radius set.
        It supports both single and multiline content with joint rectangles.
        However in case of disjoint rectangles, we fallback to the non-radius drawing.

        Tests: fast/inline/hidpi-outline-auto-with-border-radius-horizontal-ltr.html
               fast/inline/hidpi-outline-auto-with-border-radius-horizontal-rtl.html
               fast/inline/hidpi-outline-auto-with-border-radius-vertical-ltr.html
               fast/inline/hidpi-outline-auto-with-border-radius-vertical-rtl.html

        * platform/graphics/GraphicsContext.h:
        * platform/graphics/Path.cpp:
        (WebCore::Path::addBeziersForRoundedRect):
        * platform/graphics/Path.h:
        (WebCore::Path::circleControlPoint):
        * platform/graphics/PathUtilities.cpp:
        (WebCore::polygonsForRect):
        (WebCore::PathUtilities::pathsWithShrinkWrappedRects):
        (WebCore::startAndEndPointsForCorner):
        (WebCore::cornerType):
        (WebCore::controlPointsForBezierCurve):
        (WebCore::adjustedtRadiiForHuggingCurve):
        (WebCore::PathUtilities::pathWithShrinkWrappedRectsForOutline):
        * platform/graphics/PathUtilities.h:
        * platform/graphics/mac/GraphicsContextMac.mm:
        (WebCore::GraphicsContext::drawFocusRing):
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::paintFocusRing):

2016-03-11  Ryosuke Niwa  <rniwa@webkit.org>

        Add Event.deepPath() and Event.scoped
        https://bugs.webkit.org/show_bug.cgi?id=153538
        <rdar://problem/24363836>

        Reviewed by Darin Adler.

        Added the support for deepPath(), scoped, and relatedTargetScoped on Event.prototype for shadow DOM:
        http://w3c.github.io/webcomponents/spec/shadow/#extensions-to-event-interface
        and updated the EventPath class to respect scoped and relatedTargetScoped flags as specified at:
        http://w3c.github.io/webcomponents/spec/shadow/#get-the-parent

        Tests: fast/shadow-dom/Extensions-to-Event-Interface.html
               fast/shadow-dom/trusted-event-scoped-flags.html

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateConstructorDefinition): Added the support for Conditional for InitializedByEventConstructor.
        * bindings/scripts/test/GObject/WebKitDOMTestEventConstructor.cpp:
        * bindings/scripts/test/GObject/WebKitDOMTestEventConstructor.h:
        * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
        * bindings/scripts/test/ObjC/DOMTestEventConstructor.h:
        * bindings/scripts/test/ObjC/DOMTestEventConstructor.mm:
        * bindings/scripts/test/TestEventConstructor.idl: Added a test case for using InitializedByEventConstructor
        with Conditional.
        * dom/Event.cpp:
        (WebCore::Event::Event): Initialize m_scoped and m_relatedTargetScoped from EventInit dictionary.
        (WebCore::Event::scoped): Added. Implements http://w3c.github.io/webcomponents/spec/shadow/#scoped-flag
        (WebCore::Event::deepPath): Added.
        * dom/Event.h:
        (WebCore::Event::relatedTargetScoped): Added. Overridden by FocusEvent and MouseEvent to implement
        http://w3c.github.io/webcomponents/spec/shadow/#relatedtargetscoped-flag
        (WebCore::Event::setEventPath): Added.
        (WebCore::Event::clearEventPath): Added.
        * dom/Event.idl: Added scoped, relatedTargetScoped, and deepPath() conditionally enabled for shadow DOM.
        * dom/EventContext.h:
        (WebCore::EventContext::currentTarget):
        * dom/EventDispatcher.cpp:
        (WebCore::EventDispatcher::dispatchEvent): Set the event path while the event is being dispatched.
        * dom/EventPath.cpp:
        (WebCore::shouldEventCrossShadowBoundary): Check event.scoped flag instead of hard-coding a list of events here
        which has been moved to Event::scoped. See above.
        (WebCore::EventPath::setRelatedTarget): Check m_event.relatedTargetScoped() instead of hard-coding a list of
        events here. relatedTargetScoped is overridden by FocusEvent and MouseEvent.
        (WebCore::EventPath::hasEventListeners): Fixed the misleading variable name.
        (WebCore::isUnclosedNodeOf): Added. Implements http://w3c.github.io/webcomponents/spec/shadow/#dfn-unclosed-node
        (WebCore::EventPath::computePathDisclosedToTarget): Added. Implements the algorithm to filter event targets:
        http://w3c.github.io/webcomponents/spec/shadow/#widl-Event-deepPath-sequence-EventTarget
        * dom/EventPath.h:
        * dom/FocusEvent.cpp:
        (WebCore::FocusEvent::relatedTargetScoped): Returns true when this is a trusted event per:
        http://w3c.github.io/webcomponents/spec/shadow/#relatedtargetscoped-flag
        * dom/FocusEvent.h:
        * dom/MouseEvent.cpp:
        (WebCore::MouseEvent::relatedTargetScoped): Ditto.
        * dom/MouseEvent.h:

2016-03-11  John Wilander  <wilander@apple.com>

        Move prevalent resource classifier from WebCore to WebKit.
        https://bugs.webkit.org/show_bug.cgi?id=155242
        <rdar://problem/24913272>

        Reviewed by Andy Estes.

        No new tests since we have yet to decide how to set up tests for prevalent resources.

        * loader/ResourceLoadObserver.cpp:
        (WebCore::ResourceLoadObserver::logFrameNavigation):
        (WebCore::ResourceLoadObserver::logSubresourceLoading):
            - Removed calls to old classifier in WebCore.
        * loader/ResourceLoadStatistics.cpp:
        (WebCore::encodeHashCountedSet):
        (WebCore::ResourceLoadStatistics::checkAndSetAsPrevalentResourceIfNecessary): Deleted.
        (WebCore::ResourceLoadStatistics::hasPrevalentResourceCharacteristics): Deleted.
        * loader/ResourceLoadStatistics.h:
            - Deleted old classification functions.
        * loader/ResourceLoadStatisticsStore.cpp:
        (WebCore::ResourceLoadStatisticsStore::create):
        (WebCore::ResourceLoadStatisticsStore::fireDataModificationHandler):
        (WebCore::ResourceLoadStatisticsStore::hasEnoughDataForStatisticsProcessing):
            - New function to allow for checks before calls to processStatistics.
        (WebCore::ResourceLoadStatisticsStore::processStatistics):
            - New function that receives a lamda and executes it on every entry in its statistics map.
        * loader/ResourceLoadStatisticsStore.h:

2016-03-11  Jiewen Tan  <jiewen_tan@apple.com>

        WebKit should not be redirected to an invalid URL