Make <a download> a runtime enabled option
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2016-04-14  Brent Fulgham  <bfulgham@apple.com>
2
3         Make <a download> a runtime enabled option
4         https://bugs.webkit.org/show_bug.cgi?id=156583
5         <rdar://problem/25733449>
6
7         Reviewed by Alex Christensen.
8
9         Mark the download attribute interface as EnabledAtRuntime=DownloadAttribute.
10         Add DownloadAttribute runtime flag getter and setter.
11
12         * bindings/generic/RuntimeEnabledFeatures.h:
13         (WebCore::RuntimeEnabledFeatures::fetchAPIEnabled):
14         (WebCore::RuntimeEnabledFeatures::setDownloadAttributeEnabled):
15         (WebCore::RuntimeEnabledFeatures::downloadAttributeEnabled):
16         * html/HTMLAnchorElement.cpp:
17         (WebCore::HTMLAnchorElement::handleClick):
18         * html/HTMLAnchorElement.idl:
19
20 2016-04-14  David Kilzer  <ddkilzer@apple.com>
21
22         REGRESSION (r158956): Remove vestigial range code in FileReaderLoader class after removing ENABLE(STREAM)
23         <http://webkit.org/b/156609>
24
25         Reviewed by Brent Fulgham.
26
27         This code was left behind when ENABLE(STREAM) was removed in
28         November 2013.
29
30         * fileapi/FileReaderLoader.cpp:
31         (WebCore::FileReaderLoader::FileReaderLoader): Remove
32         initializers.
33         (WebCore::FileReaderLoader::start): Remove code that uses
34         m_hasRange, which is always false.
35         (WebCore::FileReaderLoader::didReceiveResponse): Ditto.
36         * fileapi/FileReaderLoader.h:
37         (WebCore::FileReaderLoader): Remove unused instance variables.
38
39 2016-04-14  Alex Christensen  <achristensen@webkit.org>
40
41         Build fix after r199549.
42         https://bugs.webkit.org/show_bug.cgi?id=156580
43
44         * CMakeLists.txt:
45         * PlatformEfl.cmake:
46         * PlatformGTK.cmake:
47         * PlatformWin.cmake:
48         KillRingNone.cpp is indeed platform-specific. KillRingMac.mm is used instead only on Mac.
49
50 2016-04-14  Dean Jackson  <dino@apple.com>
51
52         CrashTracer: com.apple.WebKit.WebContent at com.apple.WebCore: WebCore::CachedResource::addClientToSet + 27
53         https://bugs.webkit.org/show_bug.cgi?id=156602
54         <rdar://problem/18921091>
55
56         Reviewed by Simon Fraser.
57
58         The CSS property list-style-image is inherited, so a transition on a parent
59         might cause a transition on a child. On that child, the value might be between
60         two generated crossfade images which haven't yet resolved, causing a crash.
61
62         Test: transitions/crossfade-transition.html
63
64         * css/CSSCrossfadeValue.cpp:
65         (WebCore::CSSCrossfadeValue::blend): Return null if there are no cached images.
66         * page/animation/CSSPropertyAnimation.cpp:
67         (WebCore::blendFunc): If we don't have an actual image to blend between, fall
68         out to the default case.
69
70 2016-04-14  Antonio Gomes  <tonikitoo@webkit.org>
71
72         Allow listbox content and scrollbar to intrude padding area.
73         https://bugs.webkit.org/show_bug.cgi?id=128489
74
75         Reviewed by Myles C. Maxfield.
76
77         Originally when the RenderListBox::controlClipRect method was implemented (see [1]), it used
78         to allow its content (<option>'s) to intrude padding to get rendered. Overlay scrollbars were also
79         allowed to paint over the padding area, if necessary.
80
81         [2] changed this behavior to restrict list-box'es content within the content box rect (excluding padding and border).
82
83         This had two consequences:
84         1) it made WebKit disallow list-box' content to intrude the padding area, diverging from other vendors.
85         like Firefox and Chrome.
86         2) Since overlay scrollbar might get painted over the padding area, if any, [2] could result
87         in the scrollbar being clipped out if padding-right is set (or padding-left in case of RTL content).
88
89         Patch changed WebKit back so that it allows list-box' content and overlay scrollbars to intrude the
90         padding area, matching other browsers vendors
91
92         [1] https://trac.webkit.org/changeset/18819/trunk/WebCore/rendering/RenderListBox.cpp
93         [2] https://trac.webkit.org/changeset/19037/trunk/WebCore/rendering/RenderListBox.cpp
94
95         Tests: fast/forms/listbox-selection-3.html
96                fast/forms/listbox-padding-clip-selected.html
97                fast/forms/listbox-padding-clip-expected-mismatch.html (renamed from listbox-padding-clip-overlay-expected.html)
98                fast/forms/listbox-padding-clip-overlay-expected-mismatch.html (renamed from listbox-padding-clip-expected.html)
99
100         * rendering/RenderListBox.cpp:
101         (WebCore::RenderListBox::numVisibleItems): changed to allow list-box items to get rendered on the padding-bottom area.
102         This matches Firefox and Chrome.
103         (WebCore::RenderListBox::listIndexAtOffset): relax the check for a given list-box item at a specific offset in the vertical axis.
104         This means if an list-box item has its content painted into the padding-bottom area, it will be actionable by mouse clicking.
105         This matches Firefox and Chrome.
106         (WebCore::RenderListBox::controlClipRect): clips list-box content against the padding box rect rather than the content box rect,
107         to allow its list-box items' content intrude the padding area.
108         This matches Firefox and Chrome.
109
110 2016-04-14  Antti Koivisto  <antti@apple.com>
111
112         Collapsed border cache invalidation can lead to O(n^2) during style resolve
113         https://bugs.webkit.org/show_bug.cgi?id=156570
114
115         Reviewed by Darin Adler.
116
117         RenderTable::invalidateCollapsedBorders traverses all cells. It is called when table cell border changes.
118         This can result in O(n^2) during style resolve.
119
120         * rendering/RenderTable.cpp:
121         (WebCore::RenderTable::layout):
122         (WebCore::RenderTable::invalidateCollapsedBorders):
123
124             For cell border style change invalidate the hasEmptyCollapsedBorder bits only for the neighbouring cells.
125             They are the only ones that can be affected.
126
127         * rendering/RenderTable.h:
128         (WebCore::RenderTable::collapsedBordersAreValid):
129         (WebCore::RenderTable::collapsedEmptyBorderIsPresent):
130         (WebCore::RenderTable::currentBorderValue):
131         * rendering/RenderTableCell.cpp:
132         (WebCore::RenderTableCell::styleDidChange):
133
134 2016-04-14  Manuel Rego Casasnovas  <rego@igalia.com>
135
136         [css-grid] Implement CSSGridTemplateAreasValue::equals
137         https://bugs.webkit.org/show_bug.cgi?id=156578
138
139         Reviewed by Darin Adler.
140
141         This was causing an infinite loop setting grid-template-areas
142         from JavaScript.
143
144         The reason was that CSSGridTemplateAreasValue needs
145         an specific implementation of equals() method.
146
147         Test: fast/css-grid-layout/grid-template-areas-infinite-loop.html
148
149         * css/CSSGridTemplateAreasValue.cpp:
150         (WebCore::CSSGridTemplateAreasValue::equals):
151         * css/CSSGridTemplateAreasValue.h:
152
153 2016-04-14  Brent Fulgham  <bfulgham@apple.com>
154
155         [CMake] Clean up CMake files
156         https://bugs.webkit.org/show_bug.cgi?id=156580
157
158         Reviewed by Alex Christensen.
159
160         Revise the various CMake input files to reduce the amount of duplicated file references in
161         the various ports.
162
163         * CMakeLists.txt:
164         * PlatformAppleWin.cmake:
165         * PlatformEfl.cmake:
166         * PlatformGTK.cmake:
167         * PlatformWin.cmake:
168         * PlatformWinCairo.cmake:
169
170 2016-04-14  Frederic Wang  <fred.wang@free.fr>
171
172         RenderMathMLOperator: Add helper function to retrieve italic correction
173         https://bugs.webkit.org/show_bug.cgi?id=156572
174
175         Reviewed by Darin Adler.
176
177         No new tests, the helper function will only be used in bug 153918.
178
179         * rendering/mathml/RenderMathMLOperator.cpp:
180         (WebCore::RenderMathMLOperator::italicCorrection): Return the italic correction from the MATH table if it's a large operator.
181         * rendering/mathml/RenderMathMLOperator.h: Declare italicCorrection.
182
183 2016-04-14  Frederic Wang  <fwang@igalia.com>
184
185         RenderMathMLOperator: Move glyph measuring helper functions outside the class
186         https://bugs.webkit.org/show_bug.cgi?id=156571
187
188         Reviewed by Darin Adler.
189
190         No new tests, this is just a simple refactoring to prepare the patch
191         for bug 156542, without any behavior change.
192
193         * rendering/mathml/RenderMathMLOperator.cpp: MATHML_OPDICT_SIZE was removed in bug 152242, so no need to undef it.
194         (WebCore::boundsForGlyph): Static inline helper function moved from the RenderMathMLOperator class.
195         (WebCore::heightForGlyph): Ditto.
196         (WebCore::advanceWidthForGlyph): Ditto and renamed.
197         (WebCore::RenderMathMLOperator::computePreferredLogicalWidths): Rename advanceForGlyph.
198         (WebCore::RenderMathMLOperator::findStretchyData): Ditto.
199         (WebCore::RenderMathMLOperator::updateStyle): Ditto.
200         (WebCore::RenderMathMLOperator::paintGlyph): Ditto.
201         (WebCore::RenderMathMLOperator::paint): Ditto.
202         (WebCore::RenderMathMLOperator::trailingSpaceError): Ditto.
203         (WebCore::RenderMathMLOperator::setOperatorProperties): Deleted.
204         (WebCore::RenderMathMLOperator::boundsForGlyph): Deleted.
205         (WebCore::RenderMathMLOperator::heightForGlyph): Deleted.
206         (WebCore::RenderMathMLOperator::advanceForGlyph): Deleted.
207         * rendering/mathml/RenderMathMLOperator.h:
208
209 2016-04-14  Frederic Wang  <fred.wang@free.fr>
210
211         Set some RenderMathMLOperator members as final
212         https://bugs.webkit.org/show_bug.cgi?id=156574
213
214         Reviewed by Darin Adler.
215
216         No new tests, this is only a simple refactoring without behavior change.
217
218         * rendering/mathml/RenderMathMLOperator.h: Replace "override" with "final" for some members.
219
220 2016-04-14  Frederic Wang  <fwang@igalia.com>
221
222         Ensure that RenderMathMLOperator::stretchTo functions are called with stretchy operators that have the correct direction
223         https://bugs.webkit.org/show_bug.cgi?id=156542
224
225         Reviewed by Darin Adler.
226
227         In the RenderMathMLUnderOver refactoring (r199293), we avoided doing a
228         horizontal stretchTo call for non-stretchy operators. Here we do the
229         same for RenderMathMLRow and avoid doing a vertical stretchTo call for
230         horizontal or non-stretchy operators. We also add appropriate ASSERT in
231         the RenderMathMLOperator::stretchTo functions. To avoid failing tests
232         with DOM/style update, we make our updates a bit stricter. Hopefully,
233         we could manage such things better in the future (bug 156536).
234
235         Tests: mathml/presentation/row-nonstretchy-or-horizontal.html
236                mathml/presentation/underover-nonstretchy-or-vertical.html
237
238         * mathml/MathMLTextElement.cpp:
239         (WebCore::MathMLTextElement::parseAttribute): Replace setOperatorFlagAndScheduleLayoutIfNeeded with a stronger rendering update.
240         Also ensure that this is done when the lspace/rspace attributes change.
241         This avoids breaking mathml/presentation/mo-lspace-rspace-dynamic.html
242         * rendering/mathml/RenderMathMLOperator.cpp:
243         (WebCore::RenderMathMLOperator::stretchTo): Add ASSERT to ensure that it is only called with stretchy operators that have the correct direction.
244         (WebCore::RenderMathMLOperator::styleDidChange): Do a stronger rendering update when the style changes.
245         This avoids breaking mathml/presentation/style-changed.html
246         (WebCore::RenderMathMLOperator::setOperatorFlagAndScheduleLayoutIfNeeded): Deleted.
247         * rendering/mathml/RenderMathMLOperator.h: Make updateFromElement public so that it can be called from MathMLTextElement::parseAttribute
248         Remove setOperatorFlagAndScheduleLayoutIfNeeded and declare styleDidChange.
249         * rendering/mathml/RenderMathMLRow.cpp:
250         (WebCore::RenderMathMLRow::layoutRowItems): Only call stretchTo for vertical stretchy operators.
251
252 2016-04-14  Anders Carlsson  <andersca@apple.com>
253
254         When FileInputType::setFiles is called with an empty file list, the last set icon is not cleared
255         https://bugs.webkit.org/show_bug.cgi?id=156582
256
257         Reviewed by Beth Dakin.
258
259         * html/FileInputType.cpp:
260         (WebCore::FileInputType::requestIcon):
261
262 2016-04-14  Darin Adler  <darin@apple.com>
263
264         Remove UsePointersEvenForNonNullableObjectArguments from Internals
265         https://bugs.webkit.org/show_bug.cgi?id=156539
266
267         Reviewed by Alex Christensen.
268
269         * html/HTMLImageElement.idl: Exported this so it can be used as the type for
270         a function argument in Internals.idl.
271         * html/HTMLInputElement.idl: Ditto.
272         * html/HTMLLinkElement.idl: Ditto.
273         * html/HTMLSelectElement.idl: Ditto.
274
275         * testing/Internals.cpp:
276         (WebCore::InspectorStubFrontend::InspectorStubFrontend): Take a Page&.
277         (WebCore::Internals::create): Take a Document&.
278         (WebCore::Internals::resetToConsistentState): Take a Page&.
279         (WebCore::Internals::Internals): Take a Document&.
280         (WebCore::Internals::settings): Use nullptr instead of 0.
281         (WebCore::Internals::address): Take a Node&.
282         (WebCore::Internals::nodeNeedsStyleRecalc): Take a Node& and no ExceptionCode&.
283         (WebCore::Internals::styleChangeType): Ditto.
284         (WebCore::Internals::xhrResponseSource): Take an XMLHttpRequest&.
285         (WebCore::Internals::isSharingStyleSheetContents): Take two
286         HTMLLinkElement&.
287         (WebCore::Internals::isStyleSheetLoadingSubresources): Take an HTMLLinkElement&.
288         (WebCore::Internals::imageFrameIndex): Take an HTMLImageElement& and no
289         ExceptionCode&. Also return an unsigned rather than size_t, since the IDL expects
290         unsigned long, which means unsigned in C++ code.
291         (WebCore::Internals::treeScopeRootNode): Take a Node& and no ExceptionCode&.
292         (WebCore::Internals::parentTreeScope): Ditto.
293         (WebCore::Internals::pauseAnimationAtTimeOnElement): Take an Element&.
294         (WebCore::Internals::pauseAnimationAtTimeOnPseudoElement): Ditto.
295         (WebCore::Internals::pauseTransitionAtTimeOnElement): Ditto.
296         (WebCore::Internals::pauseTransitionAtTimeOnPseudoElement): Ditto.
297         (WebCore::Internals::attached): Deleted.
298         (WebCore::Internals::elementRenderTreeAsText): Take an Element&.
299         (WebCore::Internals::hasPausedImageAnimations): Take an Element& and no
300         ExceptionCode&.
301         (WebCore::Internals::computedStyleIncludingVisitedInfo): Take a Node& and no
302         ExceptionCode&.
303         (WebCore::Internals::ensureShadowRoot): Take an Element&.
304         (WebCore::Internals::ensureUserAgentShadowRoot): Take an Element& and no
305         ExceptionCode&.
306         (WebCore::Internals::createShadowRoot): Take an Element&.
307         (WebCore::Internals::shadowRoot): Take an Element& and no ExceptionCode&.
308         (WebCore::Internals::shadowRootType): Take a Node&.
309         (WebCore::Internals::includerFor): Deleted.
310         (WebCore::Internals::shadowPseudoId): Take an Element& and no ExceptionCode&.
311         (WebCore::Internals::setShadowPseudoId): Ditto.
312         (WebCore::Internals::visiblePlaceholder): Take an Element&.
313         (WebCore::Internals::selectColorInColorChooser): Take an HTMLInputElement&.
314         (WebCore::Internals::boundingBox): Take an Element& and no ExceptionCode&.
315         (WebCore::Internals::markerCountForNode): Take a Node&.
316         (WebCore::Internals::markerAt): Ditto.
317         (WebCore::Internals::markerRangeForNode): Ditto.
318         (WebCore::Internals::markerDescriptionForNode): Ditto.
319         (WebCore::Internals::addTextMatchMarker): Take a const Range&.
320         (WebCore::Internals::setScrollViewPosition): Take int instead of long; long in
321         IDL means int in C++ code.
322         (WebCore::Internals::wasLastChangeUserEdit): Take an Element&.
323         (WebCore::Internals::elementShouldAutoComplete): Take an HTMLInputElement&.
324         (WebCore::Internals::setEditingValue): Take an HTMLInputElement& and no
325         ExceptionCode&.
326         (WebCore::Internals::setAutofilled): Ditto.
327         (WebCore::Internals::setShowAutoFillButton): Ditto.
328         (WebCore::Internals::scrollElementToRect): Take an Element& and int instead of long.
329         (WebCore::Internals::autofillFieldName): Take an Element&.
330         (WebCore::Internals::rangeFromLocationAndLength): Take an Element& and no ExceptionCode&.
331         (WebCore::Internals::locationFromRange): Ditto.
332         (WebCore::Internals::lengthFromRange): Take an Element& and const Range& and no
333         ExceptionCode&.
334         (WebCore::Internals::rangeAsText): Take const Range& an no ExceptionCode&.
335         (WebCore::Internals::subrange): Take Range& an no ExceptionCode&.
336         (WebCore::Internals::nodesFromRect): Take a Document&.
337         (WebCore::Internals::openDummyInspectorFrontend): Ditto.
338         (WebCore::Internals::layerTreeAsText): Take an Element&.
339         (WebCore::Internals::setElementUsesDisplayListDrawing): Ditto.
340         (WebCore::Internals::setElementTracksDisplayListReplay): Ditto.
341         (WebCore::Internals::displayListForElement): Ditto.
342         (WebCore::Internals::replayDisplayListForElement): Ditto.
343         (WebCore::Internals::counterValue): Ditto.
344         (WebCore::Internals::pageNumber): Ditto.
345         (WebCore::Internals::webkitWillEnterFullScreenForElement): Ditto.
346         (WebCore::Internals::webkitDidEnterFullScreenForElement): Ditto.
347         (WebCore::Internals::webkitWillExitFullScreenForElement): Ditto.
348         (WebCore::Internals::webkitDidExitFullScreenForElement): Ditto.
349         (WebCore::Internals::layerFlushCount): Return unsigned instead of unsigned long.
350         IDL unsigned long means unsigned in C++ code.
351         (WebCore::Internals::styleRecalcCount): Ditto.
352         (WebCore::Internals::compositingUpdateCount): Ditto.
353         (WebCore::Internals::deserializeBuffer): Take an ArrayBuffer&.
354         (WebCore::Internals::markerTextForListItem): Take an Element& and no ExceptionCode&.
355         (WebCore::Internals::toolTipFromElement): Ditto.
356         (WebCore::Internals::getImageSourceURL): Ditto.
357         (WebCore::Internals::simulateAudioInterruption): Take an HTMLMediaElement&.
358         (WebCore::Internals::mediaElementHasCharacteristic): Ditto.
359         (WebCore::Internals::isSelectPopupVisible): Take an HTMLSelectElement&.
360         (WebCore::Internals::closestTimeToTimeRanges): Take a TimeRange&.
361         (WebCore::Internals::isPluginUnavailabilityIndicatorObscured): Take an Element&.
362         (WebCore::Internals::isPluginSnapshotted): Take an Element& and no ExceptionCode&.
363         (WebCore::Internals::bufferedSamplesForTrackID): Take a SourceBuffer&.
364         (WebCore::Internals::setShouldGenerateTimestamps): Ditto.
365         (WebCore::Internals::setMediaElementRestrictions): Take an HTMLMediaElement&.
366         (WebCore::Internals::elementIsBlockingDisplaySleep): Take an HTMLMediaElement&.
367         (WebCore::Internals::setAudioContextRestrictions): Take an AudioContext&.
368         (WebCore::Internals::scrollSnapOffsets): Take an Element&.
369         (WebCore::Internals::getCurrentMediaControlsStatusForElement): Take an HTMLMediaElement&.
370         (WebCore::Internals::userVisibleString): Take a const DOMURL&.
371         (WebCore::Internals::composedTreeAsText): Take a Node&.
372
373         * testing/Internals.h: Update for all the changes listed above.
374
375         * testing/Internals.idl: Removed UsePointersEvenForNonNullableObjectArguments. Removed
376         many unneeded [RaisesException]. Used more specific types for many arguments. Removed
377         unused, and unimplemented, attached and includedFor functions. Made the node argument to
378         updateLayoutIgnorePendingStylesheetsAndRunPostLayoutTasks nullable as well as optional.
379
380         * testing/Internals.mm:
381         (WebCore::Internals::userVisibleString): Take a const DOMURL&.
382
383         * testing/js/WebCoreTestSupport.cpp:
384         (WebCoreTestSupport::injectInternalsObject): Pass a Document& rather than a Document*.
385         (WebCoreTestSupport::resetInternalsObject): Pass a Page& rather than a Page*.
386
387 2016-04-14  Daniel Bates  <dabates@apple.com>
388
389         CSP: Ignore report-only policy delivered via meta element
390         https://bugs.webkit.org/show_bug.cgi?id=156565
391         <rdar://problem/25718167>
392
393         Reviewed by Brent Fulgham.
394
395         Only honor a report-only policy delivered via the HTTP header Content-Security-Policy-Report-Only
396         or X-WebKit-CSP-Report-Only as per section Content-Security-Policy-Report-Only Header Field of 
397         the Content Security Policy Level 2 spec., <https://w3c.github.io/webappsec-csp/2/> (Editor's Draft, 29 August 2015).
398
399         Currently we honor a report-only policy delivered via a meta element or an HTTP header. Instead
400         we should only honor such a policy when delivered via an HTTP header.
401
402         Tests: http/tests/security/contentSecurityPolicy/1.1/reportonly-in-meta-ignored2.html
403                http/tests/security/contentSecurityPolicy/eval-allowed-in-report-only-mode-and-sends-report.php
404                http/tests/security/contentSecurityPolicy/eval-allowed-in-report-only-mode.php
405                http/tests/security/contentSecurityPolicy/report-multiple-violations-01.php
406                http/tests/security/contentSecurityPolicy/report-multiple-violations-02.php
407                http/tests/security/contentSecurityPolicy/report-only-report-uri-missing.php
408
409         * dom/Document.cpp:
410         (WebCore::Document::processHttpEquiv): Do not process policy for HTTP equivalent header
411         Content-Security-Policy-Report-Only and X-WebKit-CSP-Report-Only.
412
413 2016-04-14  Antoine Quint  <graouts@apple.com>
414
415         Dashboard is spelled as Dashbard in several source files
416         https://bugs.webkit.org/show_bug.cgi?id=156577
417
418         Reviewed by Eric Carlson.
419
420         * html/HTMLCanvasElement.cpp:
421         (WebCore::HTMLCanvasElement::getContext):
422         * html/canvas/CanvasGradient.cpp:
423         (WebCore::CanvasGradient::CanvasGradient):
424         (WebCore::CanvasGradient::addColorStop):
425         * html/canvas/CanvasGradient.h:
426         (WebCore::CanvasGradient::setDashboardCompatibilityMode):
427
428 2016-04-14  Antoine Quint  <graouts@apple.com>
429
430         WebGL based canvases composite incorrectly after changing size
431         https://bugs.webkit.org/show_bug.cgi?id=152556
432         <rdar://problem/24012678>
433
434         Reviewed by Dean Jackson.
435
436         On iOS, we use the CAEAGLLayer's bounds to set the size of the backing store.
437         However, that layer's bounds is also used to size the layer during layout. If
438         the canvas backing store is resized after layout has been performed, the call
439         to setBounds loses the layout value and the <canvas> element is incorrectly
440         sized on screen.
441
442         To address this, when updating the backing store, we keep track of the previous
443         layer bounds so we can reset it after we sized the backing store.
444
445         Test: webgl/webgl-backing-store-size-update.html
446
447         * platform/graphics/GraphicsContext3D.h:
448         * platform/graphics/mac/GraphicsContext3DMac.mm:
449         (WebCore::GraphicsContext3D::setRenderbufferStorageFromDrawable):
450
451 2016-04-13  Carlos Garcia Campos  <cgarcia@igalia.com>
452
453         Unreviewed. Fix GObject DOM bindings API break after r199392.
454
455         Since r199392 webkit_dom_attr_set_value() no longer raises exceptions, but we need to keep the GError parameter
456         to keep backwards compatibility.
457
458         * bindings/scripts/CodeGeneratorGObject.pm:
459         (FunctionUsedToRaiseException):
460
461 2016-04-13  Daniel Bates  <dabates@apple.com>
462
463         CSP: Nested browsing context created for <object> or <embed> should respect object-src directive
464         https://bugs.webkit.org/show_bug.cgi?id=156563
465         <rdar://problem/25715713>
466
467         Reviewed by Darin Adler.
468
469         As per section object-src of the Content Security Policy Level 2 spec.,
470         <https://w3c.github.io/webappsec-csp/2/> (Editor's Draft, 29 August 2015), a nested browsing
471         context created for an HTML object or HTML embed element should respect the object-src directive.
472
473         Currently a nested browsing context created for an HTML object or HTML embed element respects
474         the child-src directive or frame-src directive (in that order). Instead such nested browsing
475         contexts should respect the object-src directive.
476
477         Tests: http/tests/security/contentSecurityPolicy/object-src-allows-embed-blocked-by-child-src.html
478                http/tests/security/contentSecurityPolicy/object-src-allows-embed-blocked-by-frame-src.html
479                http/tests/security/contentSecurityPolicy/object-src-allows-object-blocked-by-child-src.html
480                http/tests/security/contentSecurityPolicy/object-src-allows-object-blocked-by-frame-src.html
481                http/tests/security/contentSecurityPolicy/object-src-blocks-embed-allowed-by-child-src.html
482                http/tests/security/contentSecurityPolicy/object-src-blocks-embed-allowed-by-frame-src.html
483                http/tests/security/contentSecurityPolicy/object-src-blocks-object-allowed-by-child-src.html
484                http/tests/security/contentSecurityPolicy/object-src-blocks-object-allowed-by-frame-src.html
485
486         * loader/PolicyChecker.cpp:
487         (WebCore::isAllowedByContentSecurityPolicy): Added. Checks whether the specified URL is allowed by the
488         object-src or the child-src/frame-src directive for a plugin element and non-plugin element, respectively.
489         (WebCore::PolicyChecker::checkNavigationPolicy): Modified to call isAllowedByContentSecurityPolicy().
490
491 2016-04-13  Daniel Bates  <dabates@apple.com>
492
493         CSP: Remove experimental directive reflected-xss
494         https://bugs.webkit.org/show_bug.cgi?id=156554
495
496         Reviewed by Brent Fulgham.
497
498         The Content Security Policy directive reflected-xss was removed from the Content Security
499         Policy Level 2 spec., <https://w3c.github.io/webappsec-csp/2/> (Editor's Draft, 29 August 2015).
500         This directive was considered experimental and was guarded by a run-time flag that was never
501         enabled by default. We should remove support for this directive.
502
503         * html/parser/XSSAuditor.cpp:
504         (WebCore::XSSAuditor::XSSAuditor): Initialize m_xssProtection to XSSProtectionDisposition::Enabled.
505         (WebCore::XSSAuditor::init): Write logic in terms of enum class XSSProtectionDisposition.
506         (WebCore::XSSAuditor::filterToken): Ditto.
507         (WebCore::combineXSSProtectionHeaderAndCSP): Deleted.
508         * html/parser/XSSAuditor.h: Change data type of m_xssProtection from ContentSecurityPolicy::ReflectedXSSDisposition
509         to XSSProtectionDisposition.
510         * html/parser/XSSAuditorDelegate.cpp: Ditto.
511         (WebCore::buildConsoleError): Remove logic to emit a remarks in the console error when a XSS is
512         blocked because of the directive reflected-xss. Also substituted "because" for "as" in the remark
513         added to the error message when the XSS Auditor is enabled because the server did not send HTTP
514         header X-XSS-Protection.
515         * html/parser/XSSAuditorDelegate.h:
516         (WebCore::XSSInfo::XSSInfo): Removed argument didSendCSPHeader as we are removing support for the
517         directive reflected-xss.
518         * page/csp/ContentSecurityPolicy.cpp:
519         (WebCore::ContentSecurityPolicy::reflectedXSSDisposition): Deleted.
520         (WebCore::ContentSecurityPolicy::reportInvalidReflectedXSS): Deleted.
521         * page/csp/ContentSecurityPolicy.h:
522         * page/csp/ContentSecurityPolicyDirectiveList.cpp:
523         (WebCore::ContentSecurityPolicyDirectiveList::ContentSecurityPolicyDirectiveList): Remove initialization
524         of m_reflectedXSSDisposition as we are removing support for the directive reflected-xss.
525         (WebCore::ContentSecurityPolicyDirectiveList::parseReflectedXSS): Deleted.
526         (WebCore::ContentSecurityPolicyDirectiveList::addDirective): Remove logic to parse directive reflected-xss.
527         * page/csp/ContentSecurityPolicyDirectiveList.h:
528         (WebCore::ContentSecurityPolicyDirectiveList::reflectedXSSDisposition): Deleted.
529         * page/csp/ContentSecurityPolicyDirectiveNames.cpp:
530         * page/csp/ContentSecurityPolicyDirectiveNames.h:
531         * page/csp/ContentSecurityPolicySourceList.cpp:
532         (WebCore::isCSPDirectiveName):
533         (WebCore::isExperimentalDirectiveName): Deleted.
534         * platform/network/HTTPParsers.cpp:
535         (WebCore::parseXSSProtectionHeader): Write it terms of enum class XSSProtectionDisposition.
536         * platform/network/HTTPParsers.h: Define enum class XSSProtectionDisposition. Change return type
537         of parseXSSProtectionHeader() from ContentSecurityPolicy::ReflectedXSSDisposition to XSSProtectionDisposition
538         as we are removing the former.
539
540 2016-04-13  Brady Eidson  <beidson@apple.com>
541
542         Modern IDB (Blob support): Support retrieving Blobs from IDB.
543         https://bugs.webkit.org/show_bug.cgi?id=156367
544
545         Reviewed by Alex Christensen.
546
547         No new tests (No testable change in behavior yet, current tests pass).
548
549         This patch does the following:
550         - Pulls BlobURLs and stored filenames out of IDB whenever an IDB record is fetched.
551         - Adds those URLs and filenames to IDBValue.
552         - Uses IDBValue in more places instead of SharedBuffer/ThreadSafeBuffer.
553         - Teaches SerializedScriptValue, Blob, and File how to read the URLs and filenames when they exist.
554         - Teaches the Blob registry to register a new type of Blob that is not a "File" but is backed by one.
555
556         * Modules/indexeddb/IDBCursor.cpp:
557         (WebCore::IDBCursor::setGetResult):
558         
559         * Modules/indexeddb/IDBGetResult.h:
560         (WebCore::IDBGetResult::IDBGetResult):
561         
562         * Modules/indexeddb/IDBRequest.cpp:
563         (WebCore::IDBRequest::setResultToStructuredClone):
564         * Modules/indexeddb/IDBRequest.h:
565         
566         * Modules/indexeddb/IDBTransaction.cpp:
567         (WebCore::IDBTransaction::didGetRecordOnServer):
568         
569         * Modules/indexeddb/IDBValue.cpp:
570         (WebCore::IDBValue::IDBValue):
571         * Modules/indexeddb/IDBValue.h:
572         
573         * Modules/indexeddb/server/MemoryIndexCursor.cpp:
574         (WebCore::IDBServer::MemoryIndexCursor::currentData):
575         
576         * Modules/indexeddb/server/MemoryObjectStoreCursor.cpp:
577         (WebCore::IDBServer::MemoryObjectStoreCursor::currentData):
578         
579         * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
580         (WebCore::IDBServer::SQLiteIDBBackingStore::createIndex):
581         (WebCore::IDBServer::SQLiteIDBBackingStore::getBlobRecordsForObjectStoreRecord):
582         (WebCore::IDBServer::SQLiteIDBBackingStore::getRecord):
583         (WebCore::IDBServer::SQLiteIDBBackingStore::getIndexRecord):
584         * Modules/indexeddb/server/SQLiteIDBBackingStore.h:
585         
586         * Modules/indexeddb/server/SQLiteIDBCursor.cpp:
587         (WebCore::IDBServer::SQLiteIDBCursor::currentData):
588         (WebCore::IDBServer::SQLiteIDBCursor::internalAdvanceOnce):
589         * Modules/indexeddb/server/SQLiteIDBCursor.h:
590         (WebCore::IDBServer::SQLiteIDBCursor::currentValue):
591         (WebCore::IDBServer::SQLiteIDBCursor::currentValueBuffer): Deleted.
592         
593         * Modules/indexeddb/server/SQLiteIDBTransaction.h:
594         (WebCore::IDBServer::SQLiteIDBTransaction::backingStore):
595         
596         * Modules/websockets/WorkerThreadableWebSocketChannel.cpp:
597         (WebCore::WorkerThreadableWebSocketChannel::Bridge::send):
598         
599         * bindings/js/IDBBindingUtilities.cpp:
600         (WebCore::deserializeIDBValueDataToJSValue):
601         (WebCore::deserializeIDBValueData):
602         (WebCore::deserializeIDBValue):
603         * bindings/js/IDBBindingUtilities.h:
604         
605         * bindings/js/SerializedScriptValue.cpp:
606         (WebCore::CloneDeserializer::deserialize):
607         (WebCore::CloneDeserializer::CloneDeserializer):
608         (WebCore::CloneDeserializer::readFile):
609         (WebCore::CloneDeserializer::readTerminal):
610         (WebCore::CloneDeserializer::blobFilePathForBlobURL):
611         (WebCore::SerializedScriptValue::deserialize):
612         * bindings/js/SerializedScriptValue.h:
613
614         * fileapi/Blob.cpp:
615         (WebCore::Blob::Blob):
616         * fileapi/Blob.h:
617         (WebCore::Blob::deserialize):
618
619         * fileapi/File.cpp:
620         (WebCore::File::File):
621
622         * fileapi/ThreadableBlobRegistry.cpp:
623         (WebCore::threadableQueue):
624         (WebCore::ThreadableBlobRegistry::registerBlobURLOptionallyFileBacked):
625         * fileapi/ThreadableBlobRegistry.h:
626
627         * platform/CrossThreadTask.h:
628         (WebCore::createCrossThreadTask):
629
630         * platform/network/BlobRegistry.h:
631
632         * platform/network/BlobRegistryImpl.cpp:
633         (WebCore::BlobRegistryImpl::registerBlobURL):
634         (WebCore::BlobRegistryImpl::registerBlobURLOptionallyFileBacked):
635         * platform/network/BlobRegistryImpl.h:
636
637 2016-04-13  Zalan Bujtas  <zalan@apple.com>
638
639         Text on compositing layer with negative letter-spacing is truncated.
640         https://bugs.webkit.org/show_bug.cgi?id=156550
641         <rdar://problem/24212140>
642
643         Reviewed by Antti Koivisto.
644
645         Negative letter-spacing affects the right edge of content's visual overflow (for both RTL and LTR).
646         This is similar to how normal line layout adjusts it at InlineFlowBox::addTextBoxVisualOverflow().
647
648         Test: fast/text/negative-letter-spacing-visual-overflow.html
649
650         * rendering/SimpleLineLayoutFunctions.cpp:
651         (WebCore::SimpleLineLayout::computeOverflow):
652         (WebCore::SimpleLineLayout::paintFlow):
653         (WebCore::SimpleLineLayout::collectFlowOverflow):
654
655 2016-04-13  Eric Carlson  <eric.carlson@apple.com>
656
657         [iOS] remote command should be considered user events
658         https://bugs.webkit.org/show_bug.cgi?id=156546
659         <rdar://problem/25560877>
660
661         Reviewed by Jer Noble.
662
663         Test: media/remote-control-command-is-user-gesture.html
664
665         * html/HTMLMediaElement.cpp:
666         (WebCore::HTMLMediaElement::didReceiveRemoteControlCommand): Increment/decrement 
667           m_processingRemoteControlCommand around calling remote command method.
668         (WebCore::HTMLMediaElement::processingUserGesture): Return true if called while handling
669           a remote control command.
670         * html/HTMLMediaElement.h:
671
672 2016-04-13  Antonio Gomes  <tonikitoo@webkit.org>
673
674         Non-resizable text field looks resizable
675         https://bugs.webkit.org/show_bug.cgi?id=152271
676
677         Reviewed by Darin Adler.
678
679         The 'resizability' of an HTML element is controlled by its 'resize' CSS property value.
680         By default it is 'none', but certain HTML elements, including <textarea>, have it
681         set to 'both' by default (defined in html.css). These values mean no resize at all, and
682         resizable in both vertical and horizontal axis, respectively.
683         Additionally, 'vertical' and 'horizontal' values are also valid.
684
685         Problem here is that the way WebKit handles the 'resize' property on single line
686         input elements (e.g. <input>) is different than other engines (read Gecko, Blink and Presto):
687
688         - Match: WebKit, Firefox, Presto and Blink all force single line input elements to be non-resizable,
689         regardless of either the 'resize' properly is set or not.
690
691         - Mismatch: WebKit is the only engine that actually paints the resize control on single line
692         input elements, even it having no effect.
693
694         On WebKit, this happens because the 'resize' property is wrongly implemented as 'inheritable',
695         differently from other engines. In the way WebKit contructs its RenderTree, 'resize' property
696         ends up spilling out of <input> and entering its shadow representation, carrying the 'resize'
697         property on.
698
699         Patch fixes this by making the 'resize' properly be non-inherited, matching other vendors
700         and the spec [1].
701
702         [1] https://drafts.csswg.org/css-ui/#resize
703
704         Tests: fast/css/resize-not-inherited.html
705                fast/css/resize-single-line-input-no-paint.html
706
707         * rendering/style/RenderStyle.h:
708         * rendering/style/StyleRareInheritedData.cpp:
709         (WebCore::StyleRareInheritedData::StyleRareInheritedData):
710         (WebCore::StyleRareInheritedData::operator==):
711         * rendering/style/StyleRareInheritedData.h:
712         * rendering/style/StyleRareNonInheritedData.cpp:
713         (WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData):
714         (WebCore::StyleRareNonInheritedData::operator==):
715         * rendering/style/StyleRareNonInheritedData.h:
716
717 2016-04-13  Darin Adler  <darin@apple.com>
718
719         Remove UsePointersEvenForNonNullableObjectArguments from DataTransfer
720         https://bugs.webkit.org/show_bug.cgi?id=156495
721
722         Reviewed by Chris Dumez.
723
724         * dom/DataTransfer.idl: Removed UsePointersEvenForNonNullableObjectArguments
725         and marked the element argument to setDragImage as nullable.
726
727 2016-04-13  Brady Eidson  <beidson@apple.com>
728
729         Modern IDB (Blob support): Support deleting stored blob files.
730         https://bugs.webkit.org/show_bug.cgi?id=156523
731
732         Reviewed by Alex Christensen.
733
734         No new tests (No testable change in behavior yet, current tests pass).
735
736         There's 3 points in time when we need to delete blob files (and records of them):
737         1 - When deleting a specific object store record.
738         2 - When deleting an entire object store.
739         3 - When deleting a whole database.
740         
741         This patch does those three things.
742
743         * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
744         (WebCore::IDBServer::SQLiteIDBBackingStore::deleteObjectStore):
745         (WebCore::IDBServer::SQLiteIDBBackingStore::deleteUnusedBlobFileRecords):
746         (WebCore::IDBServer::SQLiteIDBBackingStore::deleteRecord):
747         (WebCore::IDBServer::SQLiteIDBBackingStore::addRecord):
748         (WebCore::IDBServer::SQLiteIDBBackingStore::getRecord):
749         (WebCore::IDBServer::SQLiteIDBBackingStore::deleteBackingStore):
750         * Modules/indexeddb/server/SQLiteIDBBackingStore.h:
751
752         * Modules/indexeddb/server/SQLiteIDBTransaction.cpp:
753         (WebCore::IDBServer::SQLiteIDBTransaction::commit):
754         (WebCore::IDBServer::SQLiteIDBTransaction::deleteBlobFilesIfNecessary):
755         (WebCore::IDBServer::SQLiteIDBTransaction::addRemovedBlobFile):
756         * Modules/indexeddb/server/SQLiteIDBTransaction.h:
757
758 2016-04-13  Frederic Wang  <fwang@igalia.com>
759
760         Fix two coding mistakes in MathMLInlineContainerElement::childrenChanged
761         https://bugs.webkit.org/show_bug.cgi?id=156538
762
763         Reviewed by Darin Adler.
764
765         We fix the call to updateOperatorProperties inside MathMLInlineContainerElement::childrenChanged
766         for the <math> and <msqrt> tags.
767
768         The <math> tag is already a RenderMathMLRow so the hasTagName(mathTag)
769         conditional is never executed. The tag does not create any anonymous
770         wrapper so we do not need a special case for it anyway.
771
772         The <msqrt> tag is not a RenderMathMLRow (yet). However, the anonymous
773         wrapper behaving as a RenderMathMLRow is actually the last child, not
774         the first one.
775
776         No new tests, this is already covered by mathml/presentation/mo-form-dynamic.html
777         Note that for some reason the coding error for <msqrt> only shows up
778         after the refactoring of bug 152244.
779
780         * mathml/MathMLInlineContainerElement.cpp:
781         (WebCore::MathMLInlineContainerElement::childrenChanged): Fix the two mistakes and add some FIXME comments.
782
783 2016-04-12  Chris Dumez  <cdumez@apple.com>
784
785         Attr.value should not be nullable
786         https://bugs.webkit.org/show_bug.cgi?id=156515
787
788         Reviewed by Benjamin Poulain.
789
790         Update Attr.value so that it is no longer nullable, as per:
791         https://dom.spec.whatwg.org/#interface-attr
792
793         This aligns our behavior with Firefox and Chrome as well.
794
795         Test: fast/dom/Attr/value-not-nullable.html
796
797         * dom/Attr.cpp:
798         (WebCore::Attr::setValueForBindings):
799         (WebCore::Attr::setNodeValue):
800         (WebCore::Attr::setValue):
801         * dom/Attr.h:
802         * dom/Attr.idl:
803
804 2016-04-12  Konstantin Tokarev  <annulen@yandex.ru>
805
806         Fixed uninitialization of Node::DataUnion with GCC 4.8.
807         https://bugs.webkit.org/show_bug.cgi?id=156507
808
809         Reviewed by Michael Catanzaro.
810
811         This change fixes run time crashes caused by access to uninitialized
812         memory in Node::renderer().
813
814         No new tests needed.
815
816         * dom/Node.h:
817
818 2016-04-12  Eric Carlson  <eric.carlson@apple.com>
819
820         [iOS] do not exit AirPlay when the screen locks
821         https://bugs.webkit.org/show_bug.cgi?id=156502
822         <rdar://problem/24616592>
823
824         Reviewed by Jer Noble.
825
826         * html/HTMLMediaElement.cpp:
827         (WebCore::HTMLMediaElement::shouldOverrideBackgroundPlaybackRestriction): Add logging.
828         (WebCore::HTMLMediaElement::purgeBufferedDataIfPossible): Don't tell the media engine to purge 
829           data if it is playing to a wireless target because that will drop the connection.
830
831         * html/MediaElementSession.cpp:
832         (WebCore::MediaElementSession::playbackPermitted): Add logging.
833         (WebCore::MediaElementSession::canPlayToWirelessPlaybackTarget): Drive by fix: iOS doesn't 
834           have an explicit playbackTarget, don't test for it.
835         (WebCore::MediaElementSession::isPlayingToWirelessPlaybackTarget): Ditto.
836
837 2016-04-12  Gavin Barraclough  <barraclough@apple.com>
838
839         WebKit should adopt journal_mode=wal for all SQLite databases.
840         https://bugs.webkit.org/show_bug.cgi?id=133496
841
842         Rubber stamped by Chris Dumez.
843
844         Temporarily disable on iOS - this broke a test.
845         (storage/websql/alter-to-info-table.html)
846
847         * platform/sql/SQLiteDatabase.cpp:
848         (WebCore::SQLiteDatabase::open):
849
850 2016-04-12  Joseph Pecoraro  <pecoraro@apple.com>
851
852         Web Inspector: Keyboard shortcut for "Inspect Element" only works when Web Inspector is open.
853         https://bugs.webkit.org/show_bug.cgi?id=111193
854         <rdar://problem/13325889>
855
856         Reviewed by Timothy Hatcher.
857
858         * inspector/InspectorClient.h:
859         (WebCore::InspectorClient::elementSelectionChanged):
860         * inspector/InspectorDOMAgent.cpp:
861         (WebCore::InspectorDOMAgent::setSearchingForNode):
862         Inform the client when element selection changes.
863
864 2016-04-12  Chris Dumez  <cdumez@apple.com>
865
866         Regression(r199360): assertion hit in Element::fastGetAttribute()
867         https://bugs.webkit.org/show_bug.cgi?id=156509
868
869         Reviewed by Ryosuke Niwa.
870
871         Stop using fastGetAttribute() / setAttributeWithoutSynchronization()
872         given that DOMTokenList is used for the class attribute and we need
873         to synchronize in this case.
874
875         No new tests, already covered by existing tests.
876
877         * html/DOMTokenList.cpp:
878         (WebCore::DOMTokenList::updateAssociatedAttributeFromTokens):
879         (WebCore::DOMTokenList::tokens):
880
881 2016-04-12  Myles C. Maxfield  <mmaxfield@apple.com>
882
883         [RTL Scrollbars] Overlay scrollbars push contents inwards
884         https://bugs.webkit.org/show_bug.cgi?id=156225
885         <rdar://problem/25137040>
886
887         Reviewed by Darin Adler.
888
889         The contents should be pushed in by the occupied width of the
890         scrollbar, which is 0 for overlay scrollbars.
891
892         Test: fast/scrolling/rtl-scrollbars-overlay-no-push-contents.html
893
894         * rendering/RenderLayer.cpp:
895         (WebCore::RenderLayer::computeScrollDimensions):
896
897 2016-04-12  Myles C. Maxfield  <mmaxfield@apple.com>
898
899         [OS X] Flakey crash after ScrollAnimatorMac destruction
900         https://bugs.webkit.org/show_bug.cgi?id=156372
901
902         Reviewed by Darin Adler.
903
904         Previously, we were disabling the mock scrollbars using JavaScript after
905         the WebView was created. However, enabling these mock scrollbars can be
906         triggered with a bit of state inside the WebPreferences object, which
907         means WebKit clients can change it at any point. DumpRenderTree is doing
908         this during the document's lifetime.
909
910         This means that the creation of the Scrollbar objects saw a non-mock
911         ScrollbarTheme, but the destruction of the Scrollbar objects saw a mock
912         ScrollbarTheme. Therefore, the non-mock ScrollbarTheme doesn't get
913         cleaned up correctly (ScrollAnimatorMac::willRemoveVerticalScrollbar()
914         returns early because it sees that there is nothing to deregister
915         due to the ScrollbarTheme being mocked).
916
917         This cleanup is necessary because it sets the NSScrollerImp's delegate
918         to nil before the NSScrollerImpDelegate gets destroyed. Because the
919         cleanup wasn't happening, the delegate pointer wasn't getting set to
920         nil, so the pointer was dangling, and AppKit was following it and
921         crashing.
922
923         Because the clients of this bit of state can change it at any time,
924         it is incorrect to change it in JavaScript. Instead, the client must
925         manage this bit of state (so the client and the web process are always
926         in sync). Therefore, the correct way to set this bit of state must be
927         done in the test runner rather than Javascript internals. The mechanism
928         we have to do that is the <!-- webkit-test-runner --> comment at the
929         beginning of the test. This patch migrates to this mechanism and removes
930         the old internals method.
931
932         Test: fast/scrolling/rtl-scrollbars-animation-property.html
933
934         * page/Settings.cpp:
935         * testing/Internals.cpp:
936         (WebCore::Internals::setMockScrollbarsEnabled): Deleted.
937         * testing/Internals.h:
938         * testing/Internals.idl:
939
940 2016-04-12  Darin Adler  <darin@apple.com>
941
942         Remove UsePointersEvenForNonNullableObjectArguments from SVG lists
943         https://bugs.webkit.org/show_bug.cgi?id=156494
944
945         Reviewed by Chris Dumez.
946
947         * bindings/scripts/CodeGenerator.pm:
948         (ShouldPassWrapperByReference): For now, don't do this for any tear-off classes.
949         This includes the items stored in most SVG list classes.
950
951         * svg/SVGLengthList.idl: Removed UsePointersEvenForNonNullableObjectArguments.
952         * svg/SVGNumberList.idl: Ditto.
953         * svg/SVGPointList.idl: Ditto.
954         * svg/SVGTransformList.idl: Ditto.
955
956         * svg/SVGPathSegList.idl: Removed UsePointersEvenForNonNullableObjectArguments.
957         Marked the arguments nullable, and added FIXMEs about returning later since they
958         don't really need to be nullable. But fixing this requires some reworking of the
959         SVG list template and it's not urgent at this time. Preserves behavior where we
960         get an exception when passing null, it's just an SVG exception instead of TypeError.
961
962 2016-04-12  Chris Dumez  <cdumez@apple.com>
963
964         Lazily update tokens in DOMTokenList when the associated attribute value changes
965         https://bugs.webkit.org/show_bug.cgi?id=156474
966
967         Reviewed by Ryosuke Niwa.
968
969         Lazily update tokens in DOMTokenList when the associated attribute value
970         changes for performance. Constructing the sanitized vector of tokens
971         every time the associated Element attribute changes is too expensive.
972         Instead, we mark the vector as dirty whenever the attribute changes, and
973         we only construct the sanitized vector when it is actually required.
974
975         Also do some renaming for clarity.
976
977         There is no web-exposed behavior change.
978
979         * dom/Element.cpp:
980         (WebCore::Element::classAttributeChanged):
981         * html/DOMTokenList.cpp:
982         (WebCore::DOMTokenList::contains):
983         (WebCore::DOMTokenList::addInternal):
984         (WebCore::DOMTokenList::removeInternal):
985         (WebCore::DOMTokenList::toggle):
986         (WebCore::DOMTokenList::value):
987         (WebCore::DOMTokenList::setValue):
988         (WebCore::DOMTokenList::updateTokensFromAttributeValue):
989         (WebCore::DOMTokenList::associatedAttributeValueChanged):
990         (WebCore::DOMTokenList::updateAssociatedAttributeFromTokens):
991         (WebCore::DOMTokenList::tokens):
992         (WebCore::DOMTokenList::DOMTokenList): Deleted.
993         * html/DOMTokenList.h:
994         (WebCore::DOMTokenList::tokens):
995         (WebCore::DOMTokenList::length):
996         (WebCore::DOMTokenList::item):
997         * html/HTMLAnchorElement.cpp:
998         (WebCore::HTMLAnchorElement::parseAttribute):
999         * html/HTMLIFrameElement.cpp:
1000         (WebCore::HTMLIFrameElement::parseAttribute):
1001         * html/HTMLLinkElement.cpp:
1002         (WebCore::HTMLLinkElement::parseAttribute):
1003         * html/HTMLOutputElement.cpp:
1004         (WebCore::HTMLOutputElement::parseAttribute):
1005
1006 2016-04-12  Darin Adler  <darin@apple.com>
1007
1008         Remove UsePointersEvenForNonNullableObjectArguments from HTMLMediaElement
1009         https://bugs.webkit.org/show_bug.cgi?id=156492
1010
1011         Reviewed by Chris Dumez.
1012
1013         * html/HTMLMediaElement.idl: Removed UsePointersEvenForNonNullableObjectArguments,
1014         sorted remaining class attributes, simplified #if around canPlayType a bit,
1015         removed comment that is not all that useful, made the argument to
1016         webkitSetMediaKeys nullable since the implementation supports that.
1017
1018 2016-04-12  Eric Carlson  <eric.carlson@apple.com>
1019
1020         [iOS] media title sometimes remain in Control Center after tab is closed
1021         https://bugs.webkit.org/show_bug.cgi?id=156243
1022         <rdar://problem/20167445>
1023
1024         Reviewed by Darin Adler.
1025
1026         * Modules/webaudio/AudioContext.h: Implement characteristics.
1027
1028         * html/HTMLMediaElement.cpp:
1029         (WebCore::HTMLMediaElement::mediaLoadingFailed): Call mediaSession->clientCharacteristicsChanged.
1030         (WebCore::HTMLMediaElement::setReadyState): Ditto.
1031         (WebCore::HTMLMediaElement::clearMediaPlayer): Ditto.
1032         (WebCore::HTMLMediaElement::stop): Call mediaSession->stopSession.
1033         (WebCore::HTMLMediaElement::characteristics): New, return current characteristics.
1034         * html/HTMLMediaElement.h:
1035
1036         * platform/audio/PlatformMediaSession.cpp:
1037         (WebCore::PlatformMediaSession::stopSession): Suspend playback, and remove the session 
1038           from the manager, it will never play again.
1039         (WebCore::PlatformMediaSession::characteristics): Return client characteristics.
1040         (WebCore::PlatformMediaSession::clientCharacteristicsChanged):
1041         * platform/audio/PlatformMediaSession.h:
1042
1043         * platform/audio/PlatformMediaSessionManager.cpp:
1044         (WebCore::PlatformMediaSessionManager::stopAllMediaPlaybackForProcess): Call stopSession 
1045           instead of pauseSession to signal that playback will never start again.
1046         * platform/audio/PlatformMediaSessionManager.h:
1047
1048         * platform/audio/ios/MediaSessionManagerIOS.h:
1049         * platform/audio/ios/MediaSessionManagerIOS.mm:
1050         (WebCore::MediaSessionManageriOS::sessionWillBeginPlayback): Add logging.
1051         (WebCore::MediaSessionManageriOS::removeSession): Update NowPlaying.
1052         (WebCore::MediaSessionManageriOS::sessionWillEndPlayback): Add logging.
1053         (WebCore::MediaSessionManageriOS::clientCharacteristicsChanged): Update NowPlaying.
1054         (WebCore::MediaSessionManageriOS::nowPlayingEligibleSession): New, return the first session
1055           that is an audio or video element with playable audio. WebAudio is not currently controllable
1056           so it isn't appropriate to show it in the NowPlaying info center.
1057         (WebCore::MediaSessionManageriOS::updateNowPlayingInfo): Remember the last state passed to
1058           NowPlaying so we can call it only when something has changed.
1059
1060 2016-04-12  Carlos Garcia Campos  <cgarcia@igalia.com>
1061
1062         [GTK] Rework scrollbars theming code for GTK+ 3.20
1063         https://bugs.webkit.org/show_bug.cgi?id=156462
1064
1065         Reviewed by Michael Catanzaro.
1066
1067         In r199292, we reworked the theming code to ensure it works with the new GTK+ CSS theming system. The same is
1068         needed for scrollbars, this patch uses the RenderThemeGadget classes introduced in r199292 to render the native
1069         scrollbars. The code is now split in 3 parts: stub methods for GTK+2 (since this file is compiled for
1070         WebCoreGTK, but not used), the implementation for GTK+ < 3.20 and the implementation for GTK+ >= 3.20. This
1071         reduces the amount of ifdefed code, and ensures that changes in new code don't break the rendering with older
1072         versions of GTK+. I noticed that we were overriding both, the specific paint methods to render scrollbars
1073         parts and the global paint method that renders all the scrollbar parts. We don't really need the specific paint
1074         methods, so I've removed the implemention leaving only the paint method. This also allows us to get rid of the
1075         GtkStyleContext cache.
1076
1077         * platform/gtk/RenderThemeGadget.cpp:
1078         (WebCore::RenderThemeGadget::create): Handle scrollbars gadgets.
1079         (WebCore::appendElementToPath): In case of scrollbar gadget, use the scrollbar GType when creating the path to
1080         be able to get non-CSS style properties.
1081         (WebCore::RenderThemeGadget::opacity): Add method to get the opacity CSS style property.
1082         (WebCore::RenderThemeScrollbarGadget::RenderThemeScrollbarGadget): Initialize m_steppers option set with the
1083         steppers used by the theme.
1084         * platform/gtk/RenderThemeGadget.h:
1085         * platform/gtk/ScrollbarThemeGtk.cpp:
1086         (WebCore::themeChangedCallback):
1087         (WebCore::ScrollbarThemeGtk::ScrollbarThemeGtk):
1088         (WebCore::createStyleContext):
1089         (WebCore::createChildStyleContext):
1090         (WebCore::ScrollbarThemeGtk::themeChanged):
1091         (WebCore::ScrollbarThemeGtk::updateThemeProperties):
1092         (WebCore::scrollbarPartStateFlags):
1093         (WebCore::scrollbarGadgetForLayout):
1094         (WebCore::contentsGadgetForLayout):
1095         (WebCore::ScrollbarThemeGtk::trackRect):
1096         (WebCore::ScrollbarThemeGtk::hasThumb):
1097         (WebCore::ScrollbarThemeGtk::backButtonRect):
1098         (WebCore::ScrollbarThemeGtk::forwardButtonRect):
1099         (WebCore::ScrollbarThemeGtk::paint):
1100         (WebCore::paintStepper):
1101         (WebCore::adjustRectAccordingToMargin):
1102         (WebCore::ScrollbarThemeGtk::scrollbarThickness):
1103         (WebCore::ScrollbarThemeGtk::minimumThumbLength):
1104         * platform/gtk/ScrollbarThemeGtk.h:
1105
1106 2016-03-17  Sergio Villar Senin  <svillar@igalia.com>
1107
1108         [css-grid] Add parsing support for <auto-repeat> syntax
1109         https://bugs.webkit.org/show_bug.cgi?id=155583
1110
1111         Reviewed by Antti Koivisto.
1112
1113         The repeat() notation allows now to specify auto-fill or auto-fit instead of
1114         a fixed number of repetitions meaning that it will be automatically computed
1115         depending on the available space.
1116
1117         This patch just adds the parsing support, the expansion of the repeat notation
1118         will be implemented in a follow up patch because it cannot be done at
1119         parsing level (since it requires knowledge about the available space).
1120
1121         Test: fast/css-grid-layout/grid-element-auto-repeat-get-set.html
1122
1123         * CMakeLists.txt:
1124         * css/CSSGridAutoRepeatValue.cpp: Added.
1125         (WebCore::CSSGridAutoRepeatValue::customCSSText):
1126         * css/CSSGridAutoRepeatValue.h: Added.
1127         (WebCore::CSSGridAutoRepeatValue::create):
1128         (WebCore::CSSGridAutoRepeatValue::autoRepeatID):
1129         (WebCore::CSSGridAutoRepeatValue::CSSGridAutoRepeatValue):
1130         * css/CSSParser.cpp:
1131         (WebCore::allTracksAreFixedSized):
1132         (WebCore::CSSParser::parseGridTrackList):
1133         (WebCore::CSSParser::parseGridTrackRepeatFunction):
1134         (WebCore::CSSParser::parseGridTrackSize):
1135         (WebCore::CSSParser::parseGridBreadth):
1136         * css/CSSParser.h:
1137         * css/CSSValue.cpp:
1138         (WebCore::CSSValue::equals):
1139         (WebCore::CSSValue::cssText):
1140         (WebCore::CSSValue::destroy):
1141         * css/CSSValue.h:
1142         (WebCore::CSSValue::isGridAutoRepeatValue):
1143         * css/CSSValueKeywords.in:
1144
1145 2016-04-12  Yusuke Suzuki  <utatane.tea@gmail.com>
1146
1147         [JSC] addStaticGlobals should emit SymbolTableEntry watchpoints to encourage constant folding in DFG
1148         https://bugs.webkit.org/show_bug.cgi?id=155110
1149
1150         Reviewed by Saam Barati.
1151
1152         * bindings/js/JSDOMWindowBase.cpp:
1153         (WebCore::JSDOMWindowBase::updateDocument):
1154
1155 2016-04-12  Sergio Villar Senin  <svillar@igalia.com>
1156
1157         [css-grid] Pass GridSizingData instead of columnTracks to track sizing methods
1158         https://bugs.webkit.org/show_bug.cgi?id=156466
1159
1160         Reviewed by Darin Adler.
1161
1162         Several methods used to compute the items' size contribution to the tracks they span in, get
1163         as an argument a vector with the sizes of the column tracks.
1164
1165         In order to support grids with orthogonal flows (among other things) it's much better to
1166         pass the GridSizingData struct and let those methods decide whether to use the columns or
1167         the rows.
1168
1169         No new tests as this is just a minor refactoring with no change in behavior.
1170
1171         * rendering/RenderGrid.cpp:
1172         (WebCore::RenderGrid::computeUsedBreadthOfGridTracks):
1173         (WebCore::RenderGrid::logicalContentHeightForChild):
1174         (WebCore::RenderGrid::minSizeForChild):
1175         (WebCore::RenderGrid::minContentForChild):
1176         (WebCore::RenderGrid::maxContentForChild):
1177         (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctions):
1178         (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForNonSpanningItems):
1179         (WebCore::RenderGrid::currentItemSizeForTrackSizeComputationPhase):
1180         (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForItems):
1181         * rendering/RenderGrid.h:
1182
1183 2016-04-11  Darin Adler  <darin@apple.com>
1184
1185         Remove UsePointersEvenForNonNullableObjectArguments from HTMLOptionsCollection
1186         https://bugs.webkit.org/show_bug.cgi?id=156491
1187
1188         Reviewed by Chris Dumez.
1189
1190         * html/HTMLOptionsCollection.cpp:
1191         (WebCore::HTMLOptionsCollection::add): Take a reference instead of a pointer.
1192         * html/HTMLOptionsCollection.h: Removed unneeded forward declaration. Changed
1193         add to take a reference instead of a pointer for the element to add. Used
1194         final instead of override on virtual functions.
1195         * html/HTMLOptionsCollection.idl: Removed now-unneeded attribute
1196         UsePointersEvenForNonNullableObjectArguments; the only function affected was
1197         add, and the overloading code was already checking for null.
1198
1199 2016-04-11  Darin Adler  <darin@apple.com>
1200
1201         Remove UsePointersEvenForNonNullableObjectArguments from HTMLSelectElement
1202         https://bugs.webkit.org/show_bug.cgi?id=156458
1203
1204         Reviewed by Chris Dumez.
1205
1206         * bindings/js/JSHTMLOptionsCollectionCustom.cpp:
1207         (WebCore::JSHTMLOptionsCollection::remove): Updated to call remove with a reference
1208         rather than a pointer.
1209
1210         * bindings/js/JSHTMLSelectElementCustom.cpp:
1211         (WebCore::JSHTMLSelectElement::remove): Updated to call remove with a reference
1212         rather than a pointer.
1213         (WebCore::selectIndexSetter): Updated to call setOption with a reference rather
1214         than a pointer.
1215
1216         * bindings/scripts/CodeGeneratorGObject.pm:
1217         (GenerateFunction): Added basic support for passing wrappers by reference.
1218         GObject bindings already check arguments for null, so didn't add any new checks.
1219
1220         * bindings/scripts/test/GObject/WebKitDOMTestActiveDOMObject.cpp:
1221         * bindings/scripts/test/GObject/WebKitDOMTestCallback.cpp:
1222         * bindings/scripts/test/GObject/WebKitDOMTestCallbackFunction.cpp:
1223         * bindings/scripts/test/GObject/WebKitDOMTestInterface.cpp:
1224         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
1225         Updated.
1226
1227         * editing/FrameSelection.cpp: Updated includes.
1228
1229         * html/HTMLOptionElement.cpp:
1230         (WebCore::HTMLOptionElement::setSelected): Pass reference when calling
1231         HTMLSelectElement::optionSelectionStateChanged.
1232         (WebCore::HTMLOptionElement::insertedInto): Ditto.
1233
1234         * html/HTMLOptionsCollection.cpp:
1235         (WebCore::HTMLOptionsCollection::add): Moved null checking behavior here.
1236         Preserves existing "silently do nothing if null".
1237         (WebCore::HTMLOptionsCollection::remove): Changed function to take a reference
1238         instead of a pointer.
1239
1240         * html/HTMLOptionsCollection.h: Updated include. Changed remove to take a
1241         reference instead of a pointer.
1242
1243         * html/HTMLSelectElement.cpp:
1244         (WebCore::HTMLSelectElement::add): Changed to take a reference instead of
1245         a pointer. Also removed unneeded protect code, since insertBefore already
1246         protects itself, and unneeded call to updateValidity, since the
1247         HTMLSelectElement::childrenChanged function already calls updateValidity.
1248         (WebCore::HTMLSelectElement::remove): Changed to take a reference instead
1249         of a pointer.
1250         (WebCore::HTMLSelectElement::setOption): Changed to take a reference
1251         instead of a pointer.
1252         (WebCore::HTMLSelectElement::setLength): Renamed "newLen" to "newLength".
1253         Use Ref instead of RefPtr for result of createElement, which makes the
1254         argument passed to add be a reference rather than a pointer.
1255         (WebCore::HTMLSelectElement::willRespondToMouseClickEvents): Put the #if
1256         for this here instead of in the header.
1257         (WebCore::HTMLSelectElement::optionSelectionStateChanged): Changed to take
1258         a reference instead of a pointer for the option element.
1259
1260         * html/HTMLSelectElement.h: Removed unneeded includes. Derive privately
1261         from TypeAheadDataSource instead of publicly. Make all overrides final
1262         except for the one that is actually overridden by a derived class.
1263         Changed the arguments of the add, remove, setOption, and
1264         optionSelectionStateChanged functions to be references instead of pointers.
1265         Tweaked formatting a bit and used nullptr instead of 0. Override
1266         willRespondToMouseClickEvents on all platforms, not just iOS.
1267
1268         * html/HTMLSelectElement.idl: Removed UsePointersEvenForNonNullableObjectArguments.
1269         Removed a comment that is no longer needed. Made some types nullable to match
1270         the specification, in places that currently have no effect on code generation.
1271         Added a FIXME comment about the argument to setCustomValidity incorrectly being
1272         marked as nullable.
1273
1274 2016-04-11  Brent Fulgham  <bfulgham@apple.com>
1275
1276         Use WeakPtrs to avoid using deallocated Widgets and ScrollableAreas
1277         https://bugs.webkit.org/show_bug.cgi?id=156420
1278         <rdar://problem/25637378>
1279
1280         Reviewed by Darin Adler.
1281
1282         Avoid the risk of using deallocated Widgets and ScrollableAreas by using WeakPtrs instead of
1283         bare pointers. This allows us to remove some explicit calls to get ScrollableArea and Widget
1284         members in the event handling logic. Instead, null checks are sufficient to ensure we never
1285         accidentally dereference a deleted element.
1286
1287         1. Modify the ScrollableArea class to support vending WeakPtrs.
1288         2. Modify the Event Handling code to use WeakPtrs to hold ScrollableArea and RenderWidget
1289            objects, and to null-check these elements after event handling dispatching is finished
1290            to handle cases where these objects are destroyed.
1291
1292         Test: fast/events/wheel-event-destroys-frame.html
1293               fast/events/wheel-event-destroys-overflow.html
1294
1295         * page/EventHandler.cpp:
1296         (WebCore::EventHandler::platformPrepareForWheelEvents): Change signature for WeakPtr.
1297         (WebCore::EventHandler::platformCompleteWheelEvent): Ditto.
1298         (WebCore::EventHandler::platformNotifyIfEndGesture): Ditto.
1299         (WebCore::widgetForElement): Change to return a WeakPtr.
1300         (WebCore::EventHandler::handleWheelEvent): Use WeakPtrs to hold elements that might be destroyed
1301         during event handling.
1302         * page/EventHandler.h:
1303         * page/mac/EventHandlerEfl.cpp: Rename passWheelEventToWidget to widgetDidHandleWheelEvent.
1304         * page/mac/EventHandlerGtk.cpp: Ditto.
1305         * page/mac/EventHandlerIOS.mm: Ditto.
1306         * page/mac/EventHandlerMac.mm:
1307         (WebCore::scrollableAreaForEventTarget): Renamed from scrollViewForEventTarget. Return
1308         a WeakPtr rather than a bare pointer.
1309         (WebCore::scrollableAreaForContainerNode): Return WeakPtr rather than bare pointer.
1310         (WebCore::EventHandler::completeWidgetWheelEvent): Added.
1311         (WebCore::EventHandler::passWheelEventToWidget): Deleted.
1312         (WebCore::EventHandler::platformPrepareForWheelEvents): Convert to WeakPtrs.
1313         (WebCore::EventHandler::platformCompleteWheelEvent): Ditto.
1314         (WebCore::EventHandler::platformCompletePlatformWidgetWheelEvent): Ditto.
1315         (WebCore::EventHandler::platformNotifyIfEndGesture): Ditto.
1316         (WebCore::EventHandler::widgetDidHandleWheelEvent): Renamed from passWheelEventToWidget.
1317         (WebCore::EventHandler::widgetForEventTarget): Converted from static function to static
1318         method so it can be shared with EventHandlerMac.
1319         (WebCore::scrollViewForEventTarget): Deleted.
1320         * page/mac/EventHandlerWin.cpp: Rename passWheelEventToWidget to widgetDidHandleWheelEvent.
1321         * platform/ScrollableArea.cpp:
1322         * platform/ScrollableArea.h:
1323         (WebCore::ScrollableArea::createWeakPtr): Added.
1324         * platform/Widget.h:
1325         (WebCore::ScrollableArea::createWeakPtr): Added.
1326
1327 2016-04-11  Dean Jackson  <dino@apple.com>
1328
1329         putImageData needs to premultiply input
1330         https://bugs.webkit.org/show_bug.cgi?id=156488
1331         <rdar://problem/25672675>
1332
1333         Reviewed by Zalan Bujtas.
1334
1335         I made a mistake in r187534 as I was converting get and putImageData
1336         to use Accelerate. The incoming data is unmultiplied, and should
1337         be premultiplied before copying into the backing store. I was
1338         accidentally unmultiplying unmultiplied data, which caused
1339         some pretty psychedelic results.
1340
1341         Test: fast/canvas/putImageData-unmultiplied.html
1342
1343         * platform/graphics/cg/ImageBufferDataCG.cpp:
1344         (WebCore::ImageBufferData::putData): Call premultiply, not unpremultiply.
1345
1346 2016-04-11  Jeremy Jones  <jeremyj@apple.com>
1347
1348         When clearing cache, also clear AVFoundation cache.
1349         https://bugs.webkit.org/show_bug.cgi?id=155783
1350         rdar://problem/25252541
1351
1352         Reviewed by Darin Adler.
1353
1354         Use AVAssetCache at a specified location on disk for all AVURLAssets. This AVAssetCache
1355         can then be used to manage the cache storage used by AVFoundation. It is used to query the
1356         contents of the cache in originsInMediaCache() and to clear the cache completely or partially in
1357         clearMediaCache() and clearMediaCacheForOrigins().
1358
1359         Use SecurityOrigin instead of the less formal site String to represent origins in the cache.
1360
1361         * html/HTMLMediaElement.cpp:
1362         (WebCore::sharedMediaCacheDirectory): Added.
1363         (WebCore::HTMLMediaElement::setMediaCacheDirectory): Added.
1364         (WebCore::HTMLMediaElement::mediaCacheDirectory): Added.
1365         (WebCore::HTMLMediaElement::originsInMediaCache): Added.
1366         (WebCore::HTMLMediaElement::clearMediaCache): Added parameter.
1367         (WebCore::HTMLMediaElement::clearMediaCacheForOrigins): Added.
1368         (WebCore::HTMLMediaElement::mediaPlayerMediaCacheDirectory): Added.
1369         (WebCore::HTMLMediaElement::getSitesInMediaCache): Deleted.
1370         (WebCore::HTMLMediaElement::clearMediaCacheForSite): Deleted.
1371         * html/HTMLMediaElement.h:
1372         (WebCore::HTMLMediaElement::clearMediaCache): Added parameter.
1373         * platform/graphics/MediaPlayer.cpp:
1374         (WebCore::addMediaEngine): Add new cache methods.
1375         (WebCore::addToHash): Added.
1376         (WebCore::MediaPlayer::originsInMediaCache): Added.
1377         (WebCore::MediaPlayer::clearMediaCache): Added parameter.
1378         (WebCore::MediaPlayer::clearMediaCacheForOrigins): Added.
1379         (WebCore::MediaPlayer::getSitesInMediaCache): Deleted.
1380         (WebCore::MediaPlayer::clearMediaCacheForSite): Deleted.
1381         * platform/graphics/MediaPlayer.h:
1382         (WebCore::MediaPlayerClient::mediaPlayerMediaCacheDirectory): Added.
1383         * platform/graphics/MediaPlayerPrivate.h:
1384         (WebCore::MediaPlayerPrivateInterface::originsInMediaCache): Added.
1385         (WebCore::MediaPlayerPrivateInterface::clearMediaCache): Added parameter.
1386         (WebCore::MediaPlayerPrivateInterface::clearMediaCacheForOrigins): Added.
1387         (WebCore::MediaPlayerPrivateInterface::getSitesInMediaCache): Deleted.
1388         (WebCore::MediaPlayerPrivateInterface::clearMediaCacheForSite): Deleted.
1389         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
1390         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
1391         (WebCore::MediaPlayerPrivateAVFoundationObjC::registerMediaEngine): Added cache methods.
1392         (WebCore::assetCacheForPath): Added.
1393         (WebCore::MediaPlayerPrivateAVFoundationObjC::originsInMediaCache): Added.
1394         (WebCore::toSystemClockTime): Added.
1395         (WebCore::MediaPlayerPrivateAVFoundationObjC::clearMediaCache): Added parameter.
1396         (WebCore::MediaPlayerPrivateAVFoundationObjC::clearMediaCacheForOrigins): Added.
1397         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVAssetForURL): Added.
1398         * platform/graphics/mac/MediaPlayerPrivateQTKit.h:
1399         * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
1400         (WebCore::MediaPlayerPrivateQTKit::registerMediaEngine): Added cache methods.
1401         (WebCore::MediaPlayerPrivateQTKit::originsInMediaCache): Added.
1402         (WebCore::MediaPlayerPrivateQTKit::clearMediaCache): Added parameter.
1403         (WebCore::MediaPlayerPrivateQTKit::clearMediaCacheForOrigins): Added.
1404         (WebCore::MediaPlayerPrivateQTKit::getSitesInMediaCache): Deleted.
1405         (WebCore::MediaPlayerPrivateQTKit::clearMediaCacheForSite): Deleted.
1406         * platform/spi/mac/AVFoundationSPI.h:
1407
1408 2016-04-11  Commit Queue  <commit-queue@webkit.org>
1409
1410         Unreviewed, rolling out r199310.
1411         https://bugs.webkit.org/show_bug.cgi?id=156483
1412
1413         This change turns many indexeddb tests into crashes (Requested
1414         by jwtan on #webkit).
1415
1416         Reverted changeset:
1417
1418         "Clean up IDBBindingUtilities."
1419         https://bugs.webkit.org/show_bug.cgi?id=156472
1420         http://trac.webkit.org/changeset/199310
1421
1422 2016-04-11  Commit Queue  <commit-queue@webkit.org>
1423
1424         Unreviewed, rolling out r199315.
1425         https://bugs.webkit.org/show_bug.cgi?id=156482
1426
1427         This change broke the OS X Yosemite build. (Requested by jwtan
1428         on #webkit).
1429
1430         Reverted changeset:
1431
1432         "When clearing cache, also clear AVFoundation cache."
1433         https://bugs.webkit.org/show_bug.cgi?id=155783
1434         http://trac.webkit.org/changeset/199315
1435
1436 2016-04-11  Brian Burg  <bburg@apple.com>
1437
1438         Web Inspector: get rid of InspectorBasicValue and InspectorString subclasses
1439         https://bugs.webkit.org/show_bug.cgi?id=156407
1440         <rdar://problem/25627659>
1441
1442         Reviewed by Joseph Pecoraro.
1443
1444         * inspector/InspectorDatabaseAgent.cpp: Don't use deleted subclasses.
1445
1446 2016-04-11  Commit Queue  <commit-queue@webkit.org>
1447
1448         Unreviewed, rolling out r198909.
1449         https://bugs.webkit.org/show_bug.cgi?id=156479
1450
1451         made double-click-and-drag on text drag instead of
1452         highlighting (Requested by alexchristensen_ on #webkit).
1453
1454         Reverted changeset:
1455
1456         "eventMayStartDrag() does not check for shiftKey or
1457         isOverLink"
1458         https://bugs.webkit.org/show_bug.cgi?id=155746
1459         http://trac.webkit.org/changeset/198909
1460
1461 2016-04-11  Chris Dumez  <cdumez@apple.com>
1462
1463         [WebIDL] Add support for [ImplementedAs] for EventHandler attributes
1464         https://bugs.webkit.org/show_bug.cgi?id=156421
1465
1466         Reviewed by Darin Adler.
1467
1468         Add support for [ImplementedAs] for EventHandler attributes so we can
1469         get rid of some ugly name hard-coding in the bindings generator.
1470
1471         * Modules/notifications/Notification.idl:
1472         * bindings/scripts/CodeGeneratorJS.pm:
1473         (EventHandlerAttributeEventName):
1474         * bindings/scripts/test/JS/JSTestObj.cpp:
1475         (WebCore::jsTestObjOnwebkitfoo):
1476         (WebCore::setJSTestObjOnwebkitfoo):
1477         * bindings/scripts/test/TestObj.idl:
1478         * dom/Element.idl:
1479         * page/DOMWindow.idl:
1480
1481 2016-04-11  Jeremy Jones  <jeremyj@apple.com>
1482
1483         When clearing cache, also clear AVFoundation cache.
1484         https://bugs.webkit.org/show_bug.cgi?id=155783
1485         rdar://problem/25252541
1486
1487         Reviewed by Darin Adler.
1488
1489         Use AVAssetCache at a specified location on disk for all AVURLAssets. This AVAssetCache
1490         can then be used to manage the cache storage used by AVFoundation. It is used to query the
1491         contents of the cache in originsInMediaCache() and to clear the cache completely or partially in
1492         clearMediaCache() and clearMediaCacheForOrigins().
1493
1494         Use SecurityOrigin instead of the less formal site String to represent origins in the cache.
1495
1496         * html/HTMLMediaElement.cpp:
1497         (WebCore::sharedMediaCacheDirectory): Added.
1498         (WebCore::HTMLMediaElement::setMediaCacheDirectory): Added.
1499         (WebCore::HTMLMediaElement::mediaCacheDirectory): Added.
1500         (WebCore::HTMLMediaElement::originsInMediaCache): Added.
1501         (WebCore::HTMLMediaElement::clearMediaCache): Added parameter.
1502         (WebCore::HTMLMediaElement::clearMediaCacheForOrigins): Added.
1503         (WebCore::HTMLMediaElement::mediaPlayerMediaCacheDirectory): Added.
1504         (WebCore::HTMLMediaElement::getSitesInMediaCache): Deleted.
1505         (WebCore::HTMLMediaElement::clearMediaCacheForSite): Deleted.
1506         * html/HTMLMediaElement.h:
1507         (WebCore::HTMLMediaElement::clearMediaCache): Added parameter.
1508         * platform/graphics/MediaPlayer.cpp:
1509         (WebCore::addMediaEngine): Add new cache methods.
1510         (WebCore::addToHash): Added.
1511         (WebCore::MediaPlayer::originsInMediaCache): Added.
1512         (WebCore::MediaPlayer::clearMediaCache): Added parameter.
1513         (WebCore::MediaPlayer::clearMediaCacheForOrigins): Added.
1514         (WebCore::MediaPlayer::getSitesInMediaCache): Deleted.
1515         (WebCore::MediaPlayer::clearMediaCacheForSite): Deleted.
1516         * platform/graphics/MediaPlayer.h:
1517         (WebCore::MediaPlayerClient::mediaPlayerMediaCacheDirectory): Added.
1518         * platform/graphics/MediaPlayerPrivate.h:
1519         (WebCore::MediaPlayerPrivateInterface::originsInMediaCache): Added.
1520         (WebCore::MediaPlayerPrivateInterface::clearMediaCache): Added parameter.
1521         (WebCore::MediaPlayerPrivateInterface::clearMediaCacheForOrigins): Added.
1522         (WebCore::MediaPlayerPrivateInterface::getSitesInMediaCache): Deleted.
1523         (WebCore::MediaPlayerPrivateInterface::clearMediaCacheForSite): Deleted.
1524         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
1525         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
1526         (WebCore::MediaPlayerPrivateAVFoundationObjC::registerMediaEngine): Added cache methods.
1527         (WebCore::assetCacheForPath): Added.
1528         (WebCore::MediaPlayerPrivateAVFoundationObjC::originsInMediaCache): Added.
1529         (WebCore::toSystemClockTime): Added.
1530         (WebCore::MediaPlayerPrivateAVFoundationObjC::clearMediaCache): Added parameter.
1531         (WebCore::MediaPlayerPrivateAVFoundationObjC::clearMediaCacheForOrigins): Added.
1532         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVAssetForURL): Added.
1533         * platform/graphics/mac/MediaPlayerPrivateQTKit.h:
1534         * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
1535         (WebCore::MediaPlayerPrivateQTKit::registerMediaEngine): Added cache methods.
1536         (WebCore::MediaPlayerPrivateQTKit::originsInMediaCache): Added.
1537         (WebCore::MediaPlayerPrivateQTKit::clearMediaCache): Added parameter.
1538         (WebCore::MediaPlayerPrivateQTKit::clearMediaCacheForOrigins): Added.
1539         (WebCore::MediaPlayerPrivateQTKit::getSitesInMediaCache): Deleted.
1540         (WebCore::MediaPlayerPrivateQTKit::clearMediaCacheForSite): Deleted.
1541         * platform/spi/mac/AVFoundationSPI.h:
1542
1543 2016-04-11  Antoine Quint  <graouts@apple.com>
1544
1545         [WebGL2] Use Open GL ES 3.0 to back WebGL2 contexts
1546         https://bugs.webkit.org/show_bug.cgi?id=141178
1547
1548         Reviewed by Dean Jackson.
1549
1550         We add a new `useGLES3` attribute when creating a GraphicsContext3D in the event that the
1551         context type is "webgl2". This attribute is then read by the GraphicsContext3D constructor
1552         to request an Open GL ES 3.0 backend when creating the EAGLContext on iOS.
1553
1554         * html/canvas/WebGLRenderingContextBase.cpp:
1555         (WebCore::WebGLRenderingContextBase::create):
1556         * platform/graphics/GraphicsContext3D.h:
1557         (WebCore::GraphicsContext3D::Attributes::Attributes):
1558         * platform/graphics/mac/GraphicsContext3DMac.mm:
1559         (WebCore::GraphicsContext3D::GraphicsContext3D):
1560
1561 2016-04-11  Jiewen Tan  <jiewen_tan@apple.com>
1562
1563         fast/loader/opaque-base-url.html crashing during mac and ios debug tests
1564         https://bugs.webkit.org/show_bug.cgi?id=156179
1565         <rdar://problem/25507719>
1566
1567         Reviewed by Ryosuke Niwa.
1568
1569         Navigate to about:blank if the provided src of an iframe/frame cannot be
1570         resolved to a valid URL.
1571
1572         Test: fast/loader/iframe-src-invalid-url.html
1573
1574         * loader/SubframeLoader.cpp:
1575         (WebCore::SubframeLoader::requestFrame):
1576
1577 2016-04-11  Said Abou-Hallawa  <sabouhallawa@apple,com>
1578
1579         Merge CG ImageSource and non CG ImageSource implementation in one file
1580         https://bugs.webkit.org/show_bug.cgi?id=155456
1581
1582         Reviewed by Darin Adler.
1583
1584         ImageSource for CG and CG code paths look very similar. All the platform
1585         specific code can be moved to ImageDecoder classes for CG and non CG. And
1586         we can have the ImageSource be platform independent and we get rid of
1587         ImageSourceCG.cpp.
1588
1589         Test: fast/images/image-subsampling.html
1590
1591         * CMakeLists.txt:
1592         * PlatformAppleWin.cmake:
1593         * PlatformMac.cmake:
1594         * WebCore.xcodeproj/project.pbxproj:
1595         Delete ImageSourceCG.cpp form all make files and add ImageSource.cpp to
1596         CMakeLists.txt.
1597         
1598         * platform/Cursor.cpp:
1599         (WebCore::determineHotSpot):
1600         * platform/graphics/BitmapImage.cpp:
1601         (WebCore::BitmapImage::hotSpot):
1602         (WebCore::BitmapImage::getHotSpot): Deleted.
1603         * platform/graphics/BitmapImage.h:
1604         * platform/graphics/Image.h:
1605         (WebCore::Image::hotSpot):
1606         (WebCore::Image::getHotSpot): Deleted.
1607         Rename getHotSpot() to hotSpot() and change it to return Optional<IntPoint>.
1608         
1609         * platform/graphics/ImageSource.cpp:
1610         (WebCore::ImageSource::~ImageSource): Remove clear(true) call. It does nothing.
1611         (WebCore::ImageSource::clearFrameBufferCache): A wrapper which calls ImageDecoder::clearFrameBufferCache().
1612         (WebCore::ImageSource::clear): Calls clearFrameBufferCache() which will do nothing for CG.
1613         
1614         (WebCore::ImageSource::ensureDecoderIsCreated): Change SharedBuffer* to
1615         const SharedBuffer& and remove the call to ImageDecoder::setMaxNumPixels().
1616         The value of const static int CG ImageDecoder::m_maxNumPixels will be set
1617         based on IMAGE_DECODER_DOWN_SAMPLING.
1618         
1619         (WebCore::ImageSource::setData): Pass SharedBuffer& to the underlying functions.
1620         
1621         (WebCore::ImageSource::calculateMaximumSubsamplingLevel): Returns the maximum
1622         subsampling level allowed for an image.
1623         
1624         (WebCore::ImageSource::subsamplingLevelForScale): Converts from a scale to
1625         SubsamplingLevel taking into consideration the maximumSubsamplingLevel for
1626         a particular image.
1627         
1628         (WebCore::ImageSource::bytesDecodedToDetermineProperties): Returns the number
1629         of encoded bytes which can determine the image properties. For non CG it's
1630         zero. For CG it is a maximum value which can be corrected later.
1631         
1632         (WebCore::ImageSource::isSizeAvailable):
1633         (WebCore::ImageSource::sizeRespectingOrientation):
1634         (WebCore::ImageSource::frameCount):
1635         (WebCore::ImageSource::repetitionCount):
1636         (WebCore::ImageSource::filenameExtension):
1637         (WebCore::ImageSource::getHotSpot):
1638         (WebCore::ImageSource::frameIsCompleteAtIndex):
1639         (WebCore::ImageSource::frameHasAlphaAtIndex):
1640         (WebCore::ImageSource::allowSubsamplingOfFrameAtIndex):
1641         (WebCore::ImageSource::frameSizeAtIndex):
1642         (WebCore::ImageSource::frameBytesAtIndex):
1643         (WebCore::ImageSource::frameDurationAtIndex):
1644         (WebCore::ImageSource::orientationAtIndex):
1645         (WebCore::ImageSource::createFrameImageAtIndex):
1646         These are wrappers for the ImageDecoder APIs. The purpose of these functions
1647         is to ensure the ImageDecoder is created.
1648         
1649         (WebCore::ImageSource::dump): Called from BitmapImage::dump().
1650         
1651         (WebCore::ImageSource::getHotSpot): Deleted.
1652         
1653         * platform/graphics/ImageSource.h:
1654         (WebCore::ImageSource::setAllowSubsampling): Called from BitmapImage::setAllowSubsampling().
1655         
1656         (WebCore::ImageSource::maxPixelsPerDecodedImage): Deleted.
1657         (WebCore::ImageSource::setMaxPixelsPerDecodedImage): Deleted.
1658         Setting maxPixelsPerDecodedImage was moved to the non CG ImageDecoder.
1659         
1660         * platform/graphics/cg/ImageDecoderCG.cpp:
1661         (WebCore::ImageDecoder::setData): Change SharedBuffer* to SharedBuffer&.
1662
1663         (WebCore::ImageDecoder::subsamplingLevelForScale): Deleted.
1664         The code was moved to ImageSource::subsamplingLevelForScale().
1665         
1666         * platform/graphics/cg/ImageDecoderCG.h:
1667         (WebCore::ImageDecoder::create): Make the prototype of this function
1668         suitable for CG and non CG cases.
1669         (WebCore::ImageDecoder::clearFrameBufferCache): Empty functions for CG.
1670         
1671         * platform/graphics/cg/ImageSourceCG.cpp: Removed.
1672         
1673         * platform/image-decoders/ImageDecoder.cpp:
1674         (WebCore::ImageDecoder::frameIsCompleteAtIndex): A mew function to return
1675         whether the frame decoding is complete or not.
1676         
1677         (WebCore::ImageDecoder::frameHasAlphaAtIndex): Simplify the logic.
1678         
1679         (WebCore::ImageDecoder::frameDurationAtIndex): The code was moved from
1680         ImageSource::frameDurationAtIndex() in ImageSource.cpp.
1681         
1682         (WebCore::ImageDecoder::createFrameImageAtIndex): The code was moved from
1683         ImageSource::createFrameImageAtIndex() in ImageSource.cpp.
1684         
1685         * platform/image-decoders/ImageDecoder.h:
1686         (WebCore::ImageDecoder::ImageDecoder): Initialize the members in class.
1687         (WebCore::ImageDecoder::~ImageDecoder): Fix the braces style.
1688         (WebCore::ImageDecoder::setData): Change the type of the argument from
1689         SharedBuffer* to SharedBuffer&.
1690         (WebCore::ImageDecoder::frameSizeAtIndex): Add the argument SubsamplingLevel
1691         so it can have the same prototype as CG.
1692         (WebCore::ImageDecoder::orientationAtIndex): Rename it to the same of CG.
1693         
1694         (WebCore::ImageDecoder::allowSubsamplingOfFrameAtIndex):
1695         (WebCore::ImageDecoder::bytesDecodedToDetermineProperties):
1696         (WebCore::ImageDecoder::subsamplingLevelForScale): Add these functions
1697         and return the default values so we do not have to add directive compiled
1698         non CG blocks in ImageSource.cpp.
1699
1700         (WebCore::ImageDecoder::hotSpot): Return Optional<IntPoint>.
1701         
1702         (WebCore::ImageDecoder::orientation): Deleted.
1703         (WebCore::ImageDecoder::setMaxNumPixels): Deleted.
1704         
1705         * platform/image-decoders/bmp/BMPImageDecoder.cpp:
1706         (WebCore::BMPImageDecoder::setData):
1707         * platform/image-decoders/bmp/BMPImageDecoder.h:
1708         * platform/image-decoders/gif/GIFImageDecoder.cpp:
1709         (WebCore::GIFImageDecoder::setData):
1710         (WebCore::GIFImageDecoder::decode):
1711         * platform/image-decoders/gif/GIFImageDecoder.h:
1712         * platform/image-decoders/gif/GIFImageReader.h:
1713         (GIFImageReader::setData):
1714         * platform/image-decoders/ico/ICOImageDecoder.cpp:
1715         (WebCore::ICOImageDecoder::setData):
1716         Use reference SharedBuffer instead of pointer SharedBuffer.
1717         
1718         (WebCore::ICOImageDecoder::hotSpot):
1719         (WebCore::ICOImageDecoder::hotSpotAtIndex):
1720         Change hotSpot() to return Optional<IntPoint>.
1721         * platform/image-decoders/ico/ICOImageDecoder.h:
1722                 
1723         (WebCore::ICOImageDecoder::setDataForPNGDecoderAtIndex):
1724         Pass reference SharedBuffer instead of pointer SharedBuffer.
1725
1726 2016-04-08  Said Abou-Hallawa  <sabouhallawa@apple,com>
1727
1728         Timing attack on SVG feComposite filter circumvents same-origin policy
1729         https://bugs.webkit.org/show_bug.cgi?id=154338
1730
1731         Reviewed by Oliver Hunt.
1732
1733         Ensure the FEComposite arithmetic filter is clamping the resulted color
1734         components in a constant time.
1735
1736         * platform/graphics/filters/FEComposite.cpp:
1737         (WebCore::clampByte):
1738         (WebCore::computeArithmeticPixels):
1739
1740 2016-04-11  Brady Eidson  <beidson@apple.com>
1741
1742         Clean up IDBBindingUtilities.
1743         https://bugs.webkit.org/show_bug.cgi?id=156472
1744
1745         Reviewed by Alex Christensen.
1746
1747         No new tests (No change in behavior).
1748
1749         - Get rid of a whole bunch of unused functions (since we got rid of Legacy IDB).
1750         - Make more functions deal in ExecState/ScriptExecutionContexts instead of DOMRequestState.
1751         - Make more functions deal in JSValue instead of Deprecated::ScriptValue.
1752
1753         * bindings/scripts/IDLAttributes.txt: Add a new attribute to signify that an implementation returns
1754           JSValues instead of Deprecated::ScriptState
1755         * bindings/scripts/CodeGeneratorJS.pm:
1756         (NativeToJSValue): Use that new attribute.
1757         
1758         * Modules/indexeddb/IDBAny.cpp:
1759         (WebCore::IDBAny::IDBAny):
1760         (WebCore::IDBAny::scriptValue):
1761         * Modules/indexeddb/IDBAny.h:
1762         (WebCore::IDBAny::create):
1763         * Modules/indexeddb/IDBCursor.cpp:
1764         (WebCore::IDBCursor::key):
1765         (WebCore::IDBCursor::primaryKey):
1766         (WebCore::IDBCursor::value):
1767         (WebCore::IDBCursor::update):
1768         (WebCore::IDBCursor::continueFunction):
1769         (WebCore::IDBCursor::deleteFunction):
1770         (WebCore::IDBCursor::setGetResult):
1771         * Modules/indexeddb/IDBCursor.h:
1772         * Modules/indexeddb/IDBCursor.idl:
1773         * Modules/indexeddb/IDBCursorWithValue.idl:
1774         * Modules/indexeddb/IDBFactory.cpp:
1775         (WebCore::IDBFactory::cmp):
1776         * Modules/indexeddb/IDBIndex.cpp:
1777         (WebCore::IDBIndex::count):
1778         (WebCore::IDBIndex::get):
1779         (WebCore::IDBIndex::getKey):
1780         * Modules/indexeddb/IDBKeyRange.cpp:
1781         (WebCore::IDBKeyRange::lowerValue):
1782         (WebCore::IDBKeyRange::upperValue):
1783         (WebCore::IDBKeyRange::only):
1784         (WebCore::IDBKeyRange::lowerBound):
1785         (WebCore::IDBKeyRange::upperBound):
1786         (WebCore::IDBKeyRange::bound):
1787         * Modules/indexeddb/IDBKeyRange.h:
1788         * Modules/indexeddb/IDBKeyRange.idl:
1789         * Modules/indexeddb/IDBObjectStore.cpp:
1790         (WebCore::IDBObjectStore::get):
1791         (WebCore::IDBObjectStore::modernDelete):
1792         (WebCore::IDBObjectStore::count):
1793         * Modules/indexeddb/IDBRequest.cpp:
1794         (WebCore::IDBRequest::setResult):
1795         (WebCore::IDBRequest::setResultToStructuredClone):
1796         * Modules/indexeddb/server/MemoryObjectStore.cpp:
1797         (WebCore::IDBServer::MemoryObjectStore::updateIndexesForPutRecord):
1798         (WebCore::IDBServer::MemoryObjectStore::populateIndexWithExistingRecords):
1799         * bindings/js/IDBBindingUtilities.cpp:
1800         (WebCore::idbKeyPathFromValue):
1801         (WebCore::deserializeIDBValueDataToJSValue):
1802         (WebCore::scriptValueToIDBKey):
1803         (WebCore::idbKeyDataToScriptValue):
1804         (WebCore::idbKeyDataToJSValue): Deleted.
1805         (WebCore::injectIDBKeyIntoScriptValue): Deleted.
1806         (WebCore::createIDBKeyFromScriptValueAndKeyPath): Deleted.
1807         (WebCore::maybeCreateIDBKeyFromScriptValueAndKeyPath): Deleted.
1808         (WebCore::canInjectIDBKeyIntoScriptValue): Deleted.
1809         (WebCore::deserializeIDBValue): Deleted.
1810         (WebCore::deserializeIDBValueData): Deleted.
1811         (WebCore::deserializeIDBValueBuffer): Deleted.
1812         (WebCore::idbValueDataToJSValue): Deleted.
1813         (WebCore::idbKeyToScriptValue): Deleted.
1814         * bindings/js/IDBBindingUtilities.h:
1815         * bindings/js/JSIDBAnyCustom.cpp:
1816         (WebCore::toJS):
1817         * bindings/js/JSIDBDatabaseCustom.cpp:
1818         (WebCore::JSIDBDatabase::createObjectStore):
1819         * bindings/js/JSIDBObjectStoreCustom.cpp:
1820         (WebCore::JSIDBObjectStore::createIndex):
1821         * dom/ScriptExecutionContext.cpp:
1822         (WebCore::ScriptExecutionContext::execState):
1823         * dom/ScriptExecutionContext.h:
1824         * inspector/InspectorIndexedDBAgent.cpp:
1825
1826 2016-04-09  Gavin Barraclough  <barraclough@apple.com>
1827
1828         WebKit should adopt journal_mode=wal for all SQLite databases.
1829         https://bugs.webkit.org/show_bug.cgi?id=133496
1830
1831         Reviewed by Darin Adler.
1832
1833         The statement intended to enable WAL mode is always failing because it is missing a
1834         prepare(). Fix this. We were also previously permitting SQLITE_OK results - this
1835         was in error (we were only getting these because stepping the unprepared statement
1836         returned SQLITE_OK). Also set the SQLITE_OPEN_AUTOPROXY flag when opening the
1837         database - this will improve perfomance when the database is accessed via an AFP
1838         mount.
1839
1840         This exposed a bug, that deleteAllDatabases does not actually delete the databases on
1841         iOS, for testing to reset back to a known state between tests it should be doing so.
1842
1843         * Modules/webdatabase/DatabaseTracker.cpp:
1844         (WebCore::DatabaseTracker::deleteAllDatabases):
1845             - force databases to actually be deleted on iOS.
1846               This method is only used from testing code (DumpRenderTree / WebKitTestRunner).
1847         (WebCore::DatabaseTracker::deleteOrigin):
1848             - added IOSDeletionMode.
1849         (WebCore::DatabaseTracker::deleteDatabaseFile):
1850             - added IOSDeletionMode, modified to actually delete if this is set.
1851         * Modules/webdatabase/DatabaseTracker.h:
1852             - added IOSDeletionMode.
1853         * platform/sql/SQLiteDatabase.cpp:
1854         (WebCore::SQLiteDatabase::open):
1855             - call prepareAndStep(), only check for SQLITE_ROW result.
1856         * platform/sql/SQLiteFileSystem.cpp:
1857         (WebCore::SQLiteFileSystem::openDatabase):
1858             - should set SQLITE_OPEN_AUTOPROXY flag when opening database.
1859
1860 2016-04-11  Zalan Bujtas  <zalan@apple.com>
1861
1862         Simplify InlineTextBox::selectionStartEnd()
1863         https://bugs.webkit.org/show_bug.cgi?id=156459
1864
1865         Reviewed by Darin Adler.
1866
1867         No change in functionality.
1868
1869         * rendering/InlineTextBox.cpp:
1870         (WebCore::InlineTextBox::selectionState):
1871         (WebCore::InlineTextBox::paint):
1872         (WebCore::InlineTextBox::selectionStartEnd):
1873         (WebCore::InlineTextBox::paintSelection):
1874         (WebCore::InlineTextBox::paintCompositionBackground):
1875         * rendering/InlineTextBox.h:
1876         * rendering/svg/SVGInlineTextBox.cpp:
1877         (WebCore::SVGInlineTextBox::paintSelectionBackground):
1878         (WebCore::SVGInlineTextBox::paintText):
1879
1880 2016-04-11  Zalan Bujtas  <zalan@apple.com>
1881
1882         REGRESSION (r193857): Text selection causes text to disappear.
1883         https://bugs.webkit.org/show_bug.cgi?id=156448
1884         rdar://problem/25578952
1885
1886         Reviewed by Simon Fraser.
1887
1888         Apparently when the end position of the selection range is smaller than the start position, we need
1889         to repaint the entire text as it indicates selection clearing.
1890
1891         Test: fast/text/text-disappear-on-deselect.html
1892
1893         * rendering/TextPainter.cpp:
1894         (WebCore::TextPainter::paintText):
1895
1896 2016-04-05  Oliver Hunt  <oliver@apple.com>
1897
1898         Remove compile time define for SEPARATED_HEAP
1899         https://bugs.webkit.org/show_bug.cgi?id=155508
1900
1901         Reviewed by Mark Lam.
1902
1903         * Configurations/FeatureDefines.xcconfig:
1904
1905 2016-04-11  Chris Dumez  <cdumez@apple.com>
1906
1907         Merge AttributedDOMTokenList into DOMTokenList
1908         https://bugs.webkit.org/show_bug.cgi?id=156468
1909
1910         Reviewed by Ryosuke Niwa.
1911
1912         Merge AttributedDOMTokenList into DOMTokenList to simplify the code.
1913         DOMTokenList is not constructible and AttributedDOMTokenList is its
1914         only constructible subclass after r196123.
1915
1916         * CMakeLists.txt:
1917         * WebCore.xcodeproj/project.pbxproj:
1918         * dom/Element.cpp:
1919         (WebCore::Element::classList):
1920         * dom/ElementRareData.h:
1921         (WebCore::ElementRareData::classList):
1922         (WebCore::ElementRareData::setClassList):
1923         * html/AttributeDOMTokenList.cpp: Removed.
1924         * html/AttributeDOMTokenList.h: Removed.
1925         * html/DOMTokenList.cpp:
1926         (WebCore::DOMTokenList::DOMTokenList):
1927         (WebCore::DOMTokenList::attributeValueChanged):
1928         (WebCore::DOMTokenList::updateAfterTokenChange):
1929         * html/DOMTokenList.h:
1930         (WebCore::DOMTokenList::ref):
1931         (WebCore::DOMTokenList::deref):
1932         (WebCore::DOMTokenList::element):
1933         (WebCore::DOMTokenList::~DOMTokenList): Deleted.
1934         (WebCore::DOMTokenList::updateAfterTokenChange): Deleted.
1935         * html/HTMLAnchorElement.cpp:
1936         (WebCore::HTMLAnchorElement::relList):
1937         * html/HTMLAnchorElement.h:
1938         * html/HTMLIFrameElement.cpp:
1939         (WebCore::HTMLIFrameElement::sandbox):
1940         * html/HTMLIFrameElement.h:
1941         * html/HTMLLinkElement.cpp:
1942         (WebCore::HTMLLinkElement::sizes):
1943         (WebCore::HTMLLinkElement::relList):
1944         * html/HTMLLinkElement.h:
1945         * html/HTMLOutputElement.cpp:
1946         (WebCore::HTMLOutputElement::htmlFor):
1947         * html/HTMLOutputElement.h:
1948
1949 2016-04-11  Chris Dumez  <cdumez@apple.com>
1950
1951         DOMTokenList.contains() should not throw
1952         https://bugs.webkit.org/show_bug.cgi?id=156453
1953
1954         Reviewed by Ryosuke Niwa.
1955
1956         DOMTokenList.contains() should not throw if the input token is invalid:
1957         https://github.com/whatwg/dom/commit/6d3076e3cbcba662489b272a718bc6b8c0082a74
1958
1959         We now return false in such cases, instead of throwing, which should be
1960         safe with regards to backward compatibility.
1961
1962         No new tests, already covered by existing tests.
1963
1964         * html/DOMTokenList.cpp:
1965         (WebCore::DOMTokenList::contains):
1966         * html/DOMTokenList.h:
1967         * html/DOMTokenList.idl:
1968
1969 2016-04-11  Frederic Wang  <fwang@igalia.com>
1970
1971         Refactor RenderMathMLFraction layout to avoid using flexbox
1972         https://bugs.webkit.org/show_bug.cgi?id=153917
1973
1974         Reviewed by Sergio Villar Senin.
1975
1976         Based on a patch by Alejandro G. Castro <alex@igalia.com>
1977
1978         Implement the layoutBlock method to handle the layout calculations
1979         directly in the class. This also fixes parsing of absolute values for
1980         linethickness attribute (e.g. 10px) and adds support for the AxisHeight
1981         and FractionRuleThickness MATH parameters.
1982
1983         Test: mathml/opentype/fraction-line.html
1984
1985         * accessibility/AccessibilityRenderObject.cpp:
1986         (WebCore::AccessibilityRenderObject::mathLineThickness): Use the thickness relative to the
1987         default line thickness since that's really what is expected by mathml-line-fraction.html
1988         * css/mathml.css: Remove flexbox properties for mfrac.
1989         (mfrac): Deleted.
1990         (mfrac > *): Deleted.
1991         (mfrac[numalign="left"] > :first-child): Deleted.
1992         (mfrac[numalign="right"] > :first-child): Deleted.
1993         (mfrac[denomalign="left"] > :last-child): Deleted.
1994         (mfrac[denomalign="right"] > :last-child): Deleted.
1995         (mfrac > :first-child): Deleted.
1996         (mfrac > :last-child): Deleted.
1997         (mfrac): Deleted.
1998         * rendering/mathml/RenderMathMLBlock.cpp: Introduce a helper function to retrieve the math
1999         axis height.
2000         (WebCore::RenderMathMLBlock::mathAxisHeight):
2001         * rendering/mathml/RenderMathMLBlock.h: Declare mathAxisHeight.
2002         * rendering/mathml/RenderMathMLFraction.cpp:
2003         (WebCore::RenderMathMLFraction::RenderMathMLFraction):
2004         (WebCore::RenderMathMLFraction::parseAlignmentAttribute): Helper function to parse the align
2005         attribute.
2006         (WebCore::RenderMathMLFraction::isValid): Helper function to verify whether the child list
2007         is valid with respect to the MathML specificitation.
2008         (WebCore::RenderMathMLFraction::numerator): Helper function to retrieve the numerator.
2009         (WebCore::RenderMathMLFraction::denominator): Helper function to retrieve the denominator.
2010         (WebCore::RenderMathMLFraction::updateFromElement): Use the FractionRuleThickness parameter
2011         when avaiable to calculate the default linethickness.
2012         Fix computation of linethickness for absolute values (e.g. 10px), the default linethickness
2013         must not be involved for such values.
2014         We no longer need to manage style of anonymous wrappers.
2015         (WebCore::RenderMathMLFraction::unembellishedOperator): Use the helper function and we no
2016         longer care about anonymous wrappers.
2017         (WebCore::RenderMathMLFraction::computePreferredLogicalWidths): Implement this function
2018         without using flexbox.
2019         (WebCore::RenderMathMLFraction::horizontalOffset): Helper function to get the horizontal
2020         offsets of children depending of the alignment.
2021         (WebCore::RenderMathMLFraction::layoutBlock): Implement this function without using flexbox.
2022         (WebCore::RenderMathMLFraction::paint): Do not paint if the fraction is invalid. Use helper
2023         function. Use the width of the renderer (instead of the one of the denominator) as the
2024         length of the fraction bar.
2025         (WebCore::RenderMathMLFraction::firstLineBaseline): Use the helper functions to get children
2026         and axis height.
2027         (WebCore::RenderMathMLFraction::paintChildren): Temporary function to remove in a
2028         follow-up patch.
2029         (WebCore::RenderMathMLFraction::fixChildStyle): Deleted. We no longer need to manage style
2030         of anonymous wrappers.
2031         (WebCore::RenderMathMLFraction::addChild): Deleted. We no longer need to manage
2032         anonymous wrappers.
2033         (WebCore::RenderMathMLFraction::styleDidChange): We no longer need to manage style of
2034         anonymous wrappers.
2035         (WebCore::RenderMathMLFraction::layout): Deleted.
2036         * rendering/mathml/RenderMathMLFraction.h: Replace lineThickness with relativeLineThickness,
2037         as needed by the accessibility code. Update function and members declarations.
2038
2039 2016-04-11  Commit Queue  <commit-queue@webkit.org>
2040
2041         Unreviewed, rolling out r199290.
2042         https://bugs.webkit.org/show_bug.cgi?id=156465
2043
2044         broke 300 tests (Requested by mcatanzaro on #webkit).
2045
2046         Reverted changeset:
2047
2048         "Merge CG ImageSource and non CG ImageSource implementation in
2049         one file"
2050         https://bugs.webkit.org/show_bug.cgi?id=155456
2051         http://trac.webkit.org/changeset/199290
2052
2053 2016-04-11  Frederic Wang  <fwang@igalia.com>
2054
2055         Refactor RenderMathMLUnderOver layout functions to avoid using flexbox
2056         https://bugs.webkit.org/show_bug.cgi?id=153742
2057
2058         Reviewed by Sergio Villar Senin.
2059
2060         Based on a patch by Javier Fernandez <jfernandez@igalia.com>
2061
2062         Refactor the UnderOver renderer to use its own layoutBlock method that
2063         does all the layout calculations without considering the flexbox
2064         restrictions.
2065
2066         * css/mathml.css:
2067         (mo, mfrac, munder, mover, munderover): Delete the underover elements from the line defining
2068         the column direction.
2069         (munder, mover, munderover): Deleted. This flexbox property is no longer needed.
2070         (mover > :last-child, munderover > :last-child): Deleted. This flexbox property is no longer
2071         needed.
2072         * rendering/mathml/RenderMathMLUnderOver.cpp:
2073         (WebCore::RenderMathMLUnderOver::firstLineBaseline): Use ascentForChild.
2074         (WebCore::RenderMathMLUnderOver::computeOperatorsHorizontalStretch): Avoid stretching
2075         operators that are not stretchy.
2076         (WebCore::RenderMathMLUnderOver::isValid): Helper function to ensure that the child list is
2077         valid with respect to the MathML specification.
2078         (WebCore::RenderMathMLUnderOver::base): Added. Helper function.
2079         (WebCore::RenderMathMLUnderOver::under): Added. Helper function.
2080         (WebCore::RenderMathMLUnderOver::over): Added. Helper function.
2081         (WebCore::RenderMathMLUnderOver::computePreferredLogicalWidths): Added.
2082         The preferred width is the maximum preferred width of the base, under and over scripts.
2083         (WebCore::RenderMathMLUnderOver::horizontalOffset): Added, helper to calculate the
2084         horizontal position of children (horizontally centered).
2085         (WebCore::RenderMathMLUnderOver::layoutBlock): Added, it lays out the base, underscript and
2086         overscript. It calculates the exact logical width, which may differ from the preferred width when
2087         one child contains stretchy operators. It later sets the locations of children accordingly
2088         and sets the heigth of the render element.
2089         (WebCore::RenderMathMLUnderOver::paintChildren): Added, we have to use the usual traverse
2090         instead of the one that comes from the flexbox. This will be removed in a follow-up patch.
2091         (WebCore::RenderMathMLUnderOver::layout): Deleted.
2092         * rendering/mathml/RenderMathMLUnderOver.h: Added new functions definitions.
2093
2094 2016-04-07  Carlos Garcia Campos  <cgarcia@igalia.com>
2095
2096         [GTK] Rework the theming code for GTK+ 3.20
2097         https://bugs.webkit.org/show_bug.cgi?id=156333
2098
2099         Reviewed by Michael Catanzaro.
2100
2101         During the 3.19 GTK+ release cycle, the GTK+ css system was reworked, making themes and programs rendering
2102         themed widgets, incompatible with the new system. We were trying to fix our rendering every time GTK+ broke
2103         something, but we were just changing whatever it was needed to make our rendering look like current GTK+ with
2104         the default theme Adwaita. This means that our rendering will be broken for other themes or that changes in
2105         Adwaita can break our rendering. This solution was good enough to ensure WebKitGTK+ 2.12 looked good with GTK+
2106         3.20, but it doesn't work in the long term. We need to ensure that our theming code honors the new GTK+ CSS
2107         properties (max-width, min-width, margin, padding, border, ...) in all the cases, not only the cases where
2108         Adwaita uses them like we currently do.
2109         This patch splits all rendering methods to keep the current code for previous GTK+ versions and adds new code
2110         for GTK+ >= 3.20 using the new RenderThemeGadget classes. This makes the code easier to read, since there aren't
2111         ifdef blocks in the functions, and we ensure we don't break previous rendering.
2112
2113         * PlatformGTK.cmake: Add new files to compilation.
2114         * html/shadow/SpinButtonElement.cpp:
2115         (WebCore::SpinButtonElement::defaultEventHandler): Check the button layout used by the theme to decide the
2116         current buttons state.
2117         * platform/gtk/RenderThemeGadget.cpp: Added.
2118         (WebCore::RenderThemeGadget::create):
2119         (WebCore::createStyleContext):
2120         (WebCore::appendElementToPath):
2121         (WebCore::RenderThemeGadget::RenderThemeGadget):
2122         (WebCore::RenderThemeGadget::~RenderThemeGadget):
2123         (WebCore::RenderThemeGadget::marginBox):
2124         (WebCore::RenderThemeGadget::borderBox):
2125         (WebCore::RenderThemeGadget::paddingBox):
2126         (WebCore::RenderThemeGadget::contentsBox):
2127         (WebCore::RenderThemeGadget::color):
2128         (WebCore::RenderThemeGadget::backgroundColor):
2129         (WebCore::RenderThemeGadget::minimumSize):
2130         (WebCore::RenderThemeGadget::preferredSize):
2131         (WebCore::RenderThemeGadget::render):
2132         (WebCore::RenderThemeGadget::renderFocus):
2133         (WebCore::RenderThemeBoxGadget::RenderThemeBoxGadget):
2134         (WebCore::RenderThemeTextFieldGadget::RenderThemeTextFieldGadget):
2135         (WebCore::RenderThemeTextFieldGadget::minimumSize):
2136         (WebCore::RenderThemeToggleGadget::RenderThemeToggleGadget):
2137         (WebCore::RenderThemeToggleGadget::render):
2138         (WebCore::RenderThemeArrowGadget::RenderThemeArrowGadget):
2139         (WebCore::RenderThemeArrowGadget::render):
2140         (WebCore::RenderThemeIconGadget::RenderThemeIconGadget):
2141         (WebCore::RenderThemeIconGadget::gtkIconSizeForPixelSize):
2142         (WebCore::RenderThemeIconGadget::render):
2143         (WebCore::RenderThemeIconGadget::minimumSize):
2144         * platform/gtk/RenderThemeGadget.h: Added.
2145         (WebCore::RenderThemeGadget::context):
2146         * rendering/RenderTheme.h:
2147         (WebCore::RenderTheme::innerSpinButtonLayout): Added this method to allow themes use a different layout for the
2148         buttons.
2149         * rendering/RenderThemeGtk.cpp:
2150         (WebCore::themeChangedCallback): Just moved this code to a common place.
2151         (WebCore::RenderThemeGtk::RenderThemeGtk): Initialize the theme monitor in the constructor.
2152         (WebCore::createStyleContext): Remove the render parts that are specific to GTK+ 3.20.
2153         (WebCore::RenderThemeGtk::adjustRepaintRect): Moved inside a GTK+ < 3.20 ifdef block.
2154         (WebCore::themePartStateFlags): Helper function to get the GtkStateFlags of a theme part for a given RenderObject.
2155         (WebCore::shrinkToMinimumSizeAndCenterRectangle): Move this common code to a helper function.
2156         (WebCore::setToggleSize):
2157         (WebCore::paintToggle):
2158         (WebCore::RenderThemeGtk::paintButton):
2159         (WebCore::RenderThemeGtk::popupInternalPaddingBox):
2160         (WebCore::RenderThemeGtk::paintMenuList):
2161         (WebCore::RenderThemeGtk::adjustTextFieldStyle): For GTK+ 3.20 we need to ensure a minimum size for spin buttons,
2162         so if the text field is for a spin button, we adjust the desired size here.
2163         (WebCore::RenderThemeGtk::paintTextField): In GTK+ 3.20 the CSS gadgets used to render spin buttons are
2164         different, so we check here if this is the entry of a spin button to use the right gadgets.
2165         (WebCore::adjustSearchFieldIconStyle):
2166         (WebCore::RenderThemeGtk::paintTextArea):
2167         (WebCore::RenderThemeGtk::adjustSearchFieldResultsButtonStyle):
2168         (WebCore::RenderThemeGtk::paintSearchFieldResultsButton):
2169         (WebCore::RenderThemeGtk::adjustSearchFieldResultsDecorationPartStyle):
2170         (WebCore::RenderThemeGtk::adjustSearchFieldCancelButtonStyle):
2171         (WebCore::paintSearchFieldIcon):
2172         (WebCore::RenderThemeGtk::paintSearchFieldResultsDecorationPart):
2173         (WebCore::RenderThemeGtk::paintSearchFieldCancelButton):
2174         (WebCore::centerRectVerticallyInParentInputElement): Moved inside a GTK+ < 3.20 ifdef block.
2175         (WebCore::RenderThemeGtk::paintSliderTrack):
2176         (WebCore::RenderThemeGtk::adjustSliderThumbSize):
2177         (WebCore::RenderThemeGtk::paintSliderThumb):
2178         (WebCore::RenderThemeGtk::progressBarRectForBounds): Ensure a minimum size of progress bars in GTK+ 3.20.
2179         (WebCore::RenderThemeGtk::paintProgressBar):
2180         (WebCore::RenderThemeGtk::innerSpinButtonLayout): Use an horizontal layout for spin buttons.
2181         (WebCore::RenderThemeGtk::adjustInnerSpinButtonStyle):
2182         (WebCore::RenderThemeGtk::paintInnerSpinButton):
2183         (WebCore::styleColor):
2184         (WebCore::RenderThemeGtk::paintMediaButton):
2185         * rendering/RenderThemeGtk.h:
2186
2187 2016-04-11  Antti Koivisto  <antti@apple.com>
2188
2189         Implement functional :host() pseudo class
2190         https://bugs.webkit.org/show_bug.cgi?id=156397
2191         <rdar://problem/25621445>
2192
2193         Reviewed by Darin Adler.
2194
2195         We already support :host. Add functional syntax too.
2196
2197         * css/CSSGrammar.y.in:
2198
2199             Parse functional :host().
2200
2201         * css/CSSParser.cpp:
2202         (WebCore::CSSParser::detectFunctionTypeToken):
2203         * css/CSSParserValues.cpp:
2204         (WebCore::CSSParserSelector::parsePseudoClassHostFunctionSelector):
2205         * css/CSSParserValues.h:
2206         * css/ElementRuleCollector.cpp:
2207         (WebCore::ElementRuleCollector::matchedRuleList):
2208         (WebCore::ElementRuleCollector::addMatchedRule):
2209
2210             Factor some shared code here.
2211
2212         (WebCore::ElementRuleCollector::matchHostPseudoClassRules):
2213
2214             Instead of using the generic paths use a :host specific code path for matching.
2215             This makes it easier to avoid :host matching when it shouldn't.
2216
2217         (WebCore::ElementRuleCollector::collectMatchingRulesForList):
2218         * css/ElementRuleCollector.h:
2219         * css/RuleSet.cpp:
2220         (WebCore::computeMatchBasedOnRuleHash):
2221
2222             :host is always handled by the special matching path.
2223
2224         * css/SelectorChecker.cpp:
2225         (WebCore::SelectorChecker::match):
2226         (WebCore::SelectorChecker::matchHostPseudoClass):
2227
2228             Add a function specifically for checking :host. In always fails on the normal code paths.
2229             Check the argument selector if provided.
2230
2231         (WebCore::hasScrollbarPseudoElement):
2232         * css/SelectorChecker.h:
2233
2234 2016-04-11  Said Abou-Hallawa  <sabouhallawa@apple,com>
2235
2236         Merge CG ImageSource and non CG ImageSource implementation in one file
2237         https://bugs.webkit.org/show_bug.cgi?id=155456
2238
2239         Reviewed by Darin Adler.
2240
2241         ImageSource for CG and CG code paths look very similar. All the platform
2242         specific code can be moved to ImageDecoder classes for CG and non CG. And
2243         we can have the ImageSource be platform independent and we get rid of
2244         ImageSourceCG.cpp.
2245
2246         Test: fast/images/image-subsampling.html
2247
2248         * CMakeLists.txt:
2249         * PlatformAppleWin.cmake:
2250         * PlatformMac.cmake:
2251         * WebCore.xcodeproj/project.pbxproj:
2252         Delete ImageSourceCG.cpp form all make files and add ImageSource.cpp to
2253         CMakeLists.txt.
2254         
2255         * platform/Cursor.cpp:
2256         (WebCore::determineHotSpot):
2257         * platform/graphics/BitmapImage.cpp:
2258         (WebCore::BitmapImage::hotSpot):
2259         (WebCore::BitmapImage::getHotSpot): Deleted.
2260         * platform/graphics/BitmapImage.h:
2261         * platform/graphics/Image.h:
2262         (WebCore::Image::hotSpot):
2263         (WebCore::Image::getHotSpot): Deleted.
2264         Rename getHotSpot() to hotSpot() and change it to return Optional<IntPoint>.
2265         
2266         * platform/graphics/ImageSource.cpp:
2267         (WebCore::ImageSource::~ImageSource): Remove clear(true) call. It does nothing.
2268         (WebCore::ImageSource::clearFrameBufferCache): A wrapper which calls ImageDecoder::clearFrameBufferCache().
2269         (WebCore::ImageSource::clear): Calls clearFrameBufferCache() which will do nothing for CG.
2270         
2271         (WebCore::ImageSource::ensureDecoderIsCreated): Change SharedBuffer* to
2272         const SharedBuffer& and remove the call to ImageDecoder::setMaxNumPixels().
2273         The value of const static int CG ImageDecoder::m_maxNumPixels will be set
2274         based on IMAGE_DECODER_DOWN_SAMPLING.
2275         
2276         (WebCore::ImageSource::setData): Pass SharedBuffer& to the underlying functions.
2277         
2278         (WebCore::ImageSource::calculateMaximumSubsamplingLevel): Returns the maximum
2279         subsampling level allowed for an image.
2280         
2281         (WebCore::ImageSource::subsamplingLevelForScale): Converts from a scale to
2282         SubsamplingLevel taking into consideration the maximumSubsamplingLevel for
2283         a particular image.
2284         
2285         (WebCore::ImageSource::bytesDecodedToDetermineProperties): Returns the number
2286         of encoded bytes which can determine the image properties. For non CG it's
2287         zero. For CG it is a maximum value which can be corrected later.
2288         
2289         (WebCore::ImageSource::isSizeAvailable):
2290         (WebCore::ImageSource::sizeRespectingOrientation):
2291         (WebCore::ImageSource::frameCount):
2292         (WebCore::ImageSource::repetitionCount):
2293         (WebCore::ImageSource::filenameExtension):
2294         (WebCore::ImageSource::getHotSpot):
2295         (WebCore::ImageSource::frameIsCompleteAtIndex):
2296         (WebCore::ImageSource::frameHasAlphaAtIndex):
2297         (WebCore::ImageSource::allowSubsamplingOfFrameAtIndex):
2298         (WebCore::ImageSource::frameSizeAtIndex):
2299         (WebCore::ImageSource::frameBytesAtIndex):
2300         (WebCore::ImageSource::frameDurationAtIndex):
2301         (WebCore::ImageSource::orientationAtIndex):
2302         (WebCore::ImageSource::createFrameImageAtIndex):
2303         These are wrappers for the ImageDecoder APIs. The purpose of these functions
2304         is to ensure the ImageDecoder is created.
2305         
2306         (WebCore::ImageSource::dump): Called from BitmapImage::dump().
2307         
2308         (WebCore::ImageSource::getHotSpot): Deleted.
2309         
2310         * platform/graphics/ImageSource.h:
2311         (WebCore::ImageSource::setAllowSubsampling): Called from BitmapImage::setAllowSubsampling().
2312         
2313         (WebCore::ImageSource::maxPixelsPerDecodedImage): Deleted.
2314         (WebCore::ImageSource::setMaxPixelsPerDecodedImage): Deleted.
2315         Setting maxPixelsPerDecodedImage was moved to the non CG ImageDecoder.
2316         
2317         * platform/graphics/cg/ImageDecoderCG.cpp:
2318         (WebCore::ImageDecoder::setData): Change SharedBuffer* to SharedBuffer&.
2319
2320         (WebCore::ImageDecoder::subsamplingLevelForScale): Deleted.
2321         The code was moved to ImageSource::subsamplingLevelForScale().
2322         
2323         * platform/graphics/cg/ImageDecoderCG.h:
2324         (WebCore::ImageDecoder::create): Make the prototype of this function
2325         suitable for CG and non CG cases.
2326         (WebCore::ImageDecoder::clearFrameBufferCache): Empty functions for CG.
2327         
2328         * platform/graphics/cg/ImageSourceCG.cpp: Removed.
2329         
2330         * platform/image-decoders/ImageDecoder.cpp:
2331         (WebCore::ImageDecoder::frameIsCompleteAtIndex): A mew function to return
2332         whether the frame decoding is complete or not.
2333         
2334         (WebCore::ImageDecoder::frameHasAlphaAtIndex): Simplify the logic.
2335         
2336         (WebCore::ImageDecoder::frameDurationAtIndex): The code was moved from
2337         ImageSource::frameDurationAtIndex() in ImageSource.cpp.
2338         
2339         (WebCore::ImageDecoder::createFrameImageAtIndex): The code was moved from
2340         ImageSource::createFrameImageAtIndex() in ImageSource.cpp.
2341         
2342         * platform/image-decoders/ImageDecoder.h:
2343         (WebCore::ImageDecoder::ImageDecoder): Initialize the members in class.
2344         (WebCore::ImageDecoder::~ImageDecoder): Fix the braces style.
2345         (WebCore::ImageDecoder::setData): Change the type of the argument from
2346         SharedBuffer* to SharedBuffer&.
2347         (WebCore::ImageDecoder::frameSizeAtIndex): Add the argument SubsamplingLevel
2348         so it can have the same prototype as CG.
2349         (WebCore::ImageDecoder::orientationAtIndex): Rename it to the same of CG.
2350         
2351         (WebCore::ImageDecoder::allowSubsamplingOfFrameAtIndex):
2352         (WebCore::ImageDecoder::bytesDecodedToDetermineProperties):
2353         (WebCore::ImageDecoder::subsamplingLevelForScale): Add these functions
2354         and return the default values so we do not have to add directive compiled
2355         non CG blocks in ImageSource.cpp.
2356
2357         (WebCore::ImageDecoder::hotSpot): Return Optional<IntPoint>.
2358         
2359         (WebCore::ImageDecoder::orientation): Deleted.
2360         (WebCore::ImageDecoder::setMaxNumPixels): Deleted.
2361         
2362         * platform/image-decoders/bmp/BMPImageDecoder.cpp:
2363         (WebCore::BMPImageDecoder::setData):
2364         * platform/image-decoders/bmp/BMPImageDecoder.h:
2365         * platform/image-decoders/gif/GIFImageDecoder.cpp:
2366         (WebCore::GIFImageDecoder::setData):
2367         (WebCore::GIFImageDecoder::decode):
2368         * platform/image-decoders/gif/GIFImageDecoder.h:
2369         * platform/image-decoders/gif/GIFImageReader.h:
2370         (GIFImageReader::setData):
2371         * platform/image-decoders/ico/ICOImageDecoder.cpp:
2372         (WebCore::ICOImageDecoder::setData):
2373         Use reference SharedBuffer instead of pointer SharedBuffer.
2374         
2375         (WebCore::ICOImageDecoder::hotSpot):
2376         (WebCore::ICOImageDecoder::hotSpotAtIndex):
2377         Change hotSpot() to return Optional<IntPoint>.
2378         * platform/image-decoders/ico/ICOImageDecoder.h:
2379                 
2380         (WebCore::ICOImageDecoder::setDataForPNGDecoderAtIndex):
2381         Pass reference SharedBuffer instead of pointer SharedBuffer.
2382
2383 2016-04-11  Fujii Hironori  <Hironori.Fujii@jp.sony.com>
2384
2385         [CMake] Make FOLDER property INHERITED
2386         https://bugs.webkit.org/show_bug.cgi?id=156460
2387
2388         Reviewed by Brent Fulgham.
2389
2390         * CMakeLists.txt:
2391         Set FOLDER property as a directory property not a target property
2392
2393 2016-04-10  Sam Weinig  <sam@webkit.org>
2394
2395         Fix the build.
2396
2397         * platform/graphics/avfoundation/objc/MediaPlaybackTargetPickerMac.mm:
2398         (WebCore::MediaPlaybackTargetPickerMac::showPlaybackTargetPicker):
2399
2400 2016-04-08  Sam Weinig  <sam@webkit.org>
2401
2402         Remove support for custom target picker actions
2403         <rdar://problem/24987783>
2404         https://bugs.webkit.org/show_bug.cgi?id=156434
2405
2406         Reviewed by Eric Carlson.
2407
2408         This mostly entailed rolling out r197429 and r197569.
2409
2410         * Modules/mediasession/WebMediaSessionManager.cpp:
2411         (WebCore::WebMediaSessionManager::removeAllPlaybackTargetPickerClients):
2412         (WebCore::WebMediaSessionManager::showPlaybackTargetPicker):
2413         (WebCore::WebMediaSessionManager::clientStateDidChange):
2414         (WebCore::WebMediaSessionManager::externalOutputDeviceAvailableDidChange):
2415         (WebCore::WebMediaSessionManager::configureNewClients):
2416         (WebCore::WebMediaSessionManager::customPlaybackActionSelected): Deleted.
2417         * Modules/mediasession/WebMediaSessionManager.h:
2418         * Modules/mediasession/WebMediaSessionManagerClient.h:
2419         * dom/Document.cpp:
2420         (WebCore::Document::removePlaybackTargetPickerClient):
2421         (WebCore::Document::showPlaybackTargetPicker):
2422         (WebCore::Document::playbackTargetPickerClientStateDidChange):
2423         (WebCore::Document::setShouldPlayToPlaybackTarget):
2424         (WebCore::Document::customPlaybackActionSelected): Deleted.
2425         * dom/Document.h:
2426         * html/HTMLMediaElement.cpp:
2427         (WebCore::HTMLMediaElement::enqueuePlaybackTargetAvailabilityChangedEvent):
2428         (WebCore::HTMLMediaElement::setShouldPlayToPlaybackTarget):
2429         (WebCore::HTMLMediaElement::webkitCurrentPlaybackTargetIsWireless):
2430         (WebCore::HTMLMediaElement::customPlaybackActionSelected): Deleted.
2431         (WebCore::HTMLMediaElement::playbackTargetPickerCustomActionName): Deleted.
2432         * html/HTMLMediaElement.h:
2433         * html/MediaElementSession.cpp:
2434         (WebCore::MediaElementSession::showPlaybackTargetPicker):
2435         (WebCore::MediaElementSession::hasWirelessPlaybackTargets):
2436         (WebCore::MediaElementSession::setShouldPlayToPlaybackTarget):
2437         (WebCore::MediaElementSession::mediaStateDidChange):
2438         (WebCore::MediaElementSession::customPlaybackActionSelected): Deleted.
2439         * html/MediaElementSession.h:
2440         * page/ChromeClient.h:
2441         * page/Page.cpp:
2442         (WebCore::Page::removePlaybackTargetPickerClient):
2443         (WebCore::Page::showPlaybackTargetPicker):
2444         (WebCore::Page::setShouldPlayToPlaybackTarget):
2445         (WebCore::Page::ensureTestTrigger):
2446         (WebCore::Page::customPlaybackActionSelected): Deleted.
2447         * page/Page.h:
2448         (WebCore::Page::testTrigger):
2449         * platform/audio/PlatformMediaSession.h:
2450         (WebCore::PlatformMediaSessionClient::canPlayToWirelessPlaybackTarget):
2451         (WebCore::PlatformMediaSessionClient::isPlayingToWirelessPlaybackTarget):
2452         (WebCore::PlatformMediaSessionClient::setShouldPlayToPlaybackTarget):
2453         (WebCore::PlatformMediaSessionClient::customPlaybackActionSelected): Deleted.
2454         * platform/graphics/MediaPlaybackTargetClient.h:
2455         * platform/graphics/MediaPlaybackTargetPicker.cpp:
2456         (WebCore::MediaPlaybackTargetPicker::pendingActionTimerFired):
2457         (WebCore::MediaPlaybackTargetPicker::addPendingAction):
2458         (WebCore::MediaPlaybackTargetPicker::showPlaybackTargetPicker):
2459         * platform/graphics/MediaPlaybackTargetPicker.h:
2460         (WebCore::MediaPlaybackTargetPicker::availableDevicesDidChange):
2461         (WebCore::MediaPlaybackTargetPicker::currentDeviceDidChange):
2462         (WebCore::MediaPlaybackTargetPicker::Client::customPlaybackActionSelected): Deleted.
2463         (WebCore::MediaPlaybackTargetPicker::customPlaybackActionSelected): Deleted.
2464         * platform/graphics/avfoundation/objc/MediaPlaybackTargetPickerMac.h:
2465         * platform/graphics/avfoundation/objc/MediaPlaybackTargetPickerMac.mm:
2466         (WebCore::MediaPlaybackTargetPickerMac::devicePicker):
2467         (WebCore::MediaPlaybackTargetPickerMac::showPlaybackTargetPicker):
2468         * platform/mac/WebVideoFullscreenInterfaceMac.h:
2469         * platform/mac/WebVideoFullscreenInterfaceMac.mm:
2470         (WebCore::WebVideoFullscreenInterfaceMac::preparedToReturnToInline):
2471         (WebCore::WebVideoFullscreenInterfaceMac::setVideoDimensions):
2472         (WebCore::WebVideoFullscreenInterfaceMac::setExternalPlayback): Deleted.
2473         * platform/mock/MediaPlaybackTargetPickerMock.cpp:
2474         (WebCore::MediaPlaybackTargetPickerMock::timerFired):
2475         (WebCore::MediaPlaybackTargetPickerMock::showPlaybackTargetPicker):
2476         * platform/mock/MediaPlaybackTargetPickerMock.h:
2477         * platform/spi/cocoa/AVKitSPI.h:
2478
2479 2016-04-09  Konstantin Tokarev  <annulen@yandex.ru>
2480
2481         Fixed compilation of JPEGImageDecoder with libjpeg v9.
2482         https://bugs.webkit.org/show_bug.cgi?id=156445
2483
2484         Reviewed by Michael Catanzaro.
2485
2486         ICU defines TRUE and FALSE macros, breaking libjpeg v9 headers.
2487
2488         No new tests needed.
2489
2490         * platform/image-decoders/jpeg/JPEGImageDecoder.h:
2491
2492 2016-04-09  Commit Queue  <commit-queue@webkit.org>
2493
2494         Unreviewed, rolling out r199242.
2495         https://bugs.webkit.org/show_bug.cgi?id=156442
2496
2497         Caused many many leaks (Requested by ap on #webkit).
2498
2499         Reverted changeset:
2500
2501         "Web Inspector: get rid of InspectorBasicValue and
2502         InspectorString subclasses"
2503         https://bugs.webkit.org/show_bug.cgi?id=156407
2504         http://trac.webkit.org/changeset/199242
2505
2506 2016-04-09  Commit Queue  <commit-queue@webkit.org>
2507
2508         Unreviewed, rolling out r199268.
2509         https://bugs.webkit.org/show_bug.cgi?id=156440
2510
2511         Broke Windows build (Requested by ap on #webkit).
2512
2513         Reverted changeset:
2514
2515         "Implement functional :host() pseudo class"
2516         https://bugs.webkit.org/show_bug.cgi?id=156397
2517         http://trac.webkit.org/changeset/199268
2518
2519 2016-04-09  Antti Koivisto  <antti@apple.com>
2520
2521         Implement functional :host() pseudo class
2522         https://bugs.webkit.org/show_bug.cgi?id=156397
2523         <rdar://problem/25621445>
2524
2525         Reviewed by Darin Adler.
2526
2527         We already support :host. Add functional syntax too.
2528
2529         * css/CSSGrammar.y.in:
2530
2531             Parse functional :host().
2532
2533         * css/CSSParser.cpp:
2534         (WebCore::CSSParser::detectFunctionTypeToken):
2535         * css/CSSParserValues.cpp:
2536         (WebCore::CSSParserSelector::parsePseudoClassHostFunctionSelector):
2537         * css/CSSParserValues.h:
2538         * css/ElementRuleCollector.cpp:
2539         (WebCore::ElementRuleCollector::matchedRuleList):
2540         (WebCore::ElementRuleCollector::addMatchedRule):
2541
2542             Factor some shared code here.
2543
2544         (WebCore::ElementRuleCollector::matchHostPseudoClassRules):
2545
2546             Instead of using the generic paths use a :host specific code path for matching.
2547             This makes it easier to avoid :host matching when it shouldn't.
2548
2549         (WebCore::ElementRuleCollector::collectMatchingRulesForList):
2550         * css/ElementRuleCollector.h:
2551         * css/RuleSet.cpp:
2552         (WebCore::computeMatchBasedOnRuleHash):
2553
2554             :host is always handled by the special matching path.
2555
2556         * css/SelectorChecker.cpp:
2557         (WebCore::SelectorChecker::match):
2558         (WebCore::SelectorChecker::matchHostPseudoClass):
2559
2560             Add a function specifically for checking :host. In always fails on the normal code paths.
2561             Check the argument selector if provided.
2562
2563         (WebCore::hasScrollbarPseudoElement):
2564         * css/SelectorChecker.h:
2565
2566 2016-04-07  Darin Adler  <darin@apple.com>
2567
2568         Improve IDL support for object arguments that are neither optional nor nullable
2569         https://bugs.webkit.org/show_bug.cgi?id=156149
2570
2571         Reviewed by Chris Dumez.
2572
2573         After this patch, we are almost ready to change some more DOM functions to
2574         use references instead of pointers. Remaining blocking issue is lack of support
2575         for ShouldPassWrapperByReference in the gobject bindings.
2576
2577         * bindings/objc/ExceptionHandlers.h: Add NO_RETURN to raiseDOMException.
2578         Added a new raiseTypeErrorException. Re-indented header and removed unneeded
2579         include and forward declarations.
2580
2581         * bindings/objc/ExceptionHandlers.mm:
2582         (WebCore::raiseDOMException): Added RELEASE_ASSERT_NOT_REACHED so the compiler
2583         will understand this is NO_RETURN. Also updated FIXME comment.
2584         (WebCore::raiseTypeErrorException): Added.
2585
2586         * bindings/scripts/CodeGenerator.pm: Removed unneeded code that allows the type
2587         "AtomicString" in IDL files.
2588         (ShouldPassWrapperByReference): Added. Contains the logic from the function in
2589         the JavaScript code generator that was named IsPointerParameterPassedByReference,
2590         minus a couple checks that are unneeded. For use in other code generators so they
2591         are all consistent about how they call the DOM implementation.
2592
2593         * bindings/scripts/CodeGeneratorGObject.pm:
2594         (SkipFunction): Removed support for unused CustomBinding extended attribute.
2595
2596         * bindings/scripts/CodeGeneratorJS.pm:
2597         (GenerateHeader): Removed support for unused CustomBinding extended attribute.
2598         (GenerateImplementation): Ditto. Also changed type checking code to throw a
2599         type error in a more efficient way, using throwVMTypeError directly.
2600         (GenerateParametersCheck): Rearranged code a bit so that arguments that need to
2601         be passed in unusual ways are handled all in one place. Use WTFMove for newly
2602         created NodeFilter objects. Simplified the reference logic so it doesn't need
2603         to do an additional check to see if a type is a callback. Also changed type
2604         checking code to throw a type error in a more efficient way, using throwVMTypeError
2605         directly. Also corrected mistake where null checking code was throwing
2606         TYPE_MISMATCH_ERR instead of a type error.
2607         (GetNativeType): Coding style tweak.
2608         (ShouldPassWrapperByReference): Renamed from IsPointerParameterPassedByReference.
2609         Changed to call underlying ShouldPassWrapperByReference function in the language-
2610         independent code generator.
2611         (GenerateConstructorDefinition): Updated for name change.
2612
2613         * bindings/scripts/CodeGeneratorObjC.pm:
2614         (SkipFunction): Removed support for unused CustomBinding extended attribute.
2615         (GenerateImplementation): Added code to null check and pass a reference when
2616         ShouldPassWrapperByReference returns true.
2617
2618         * bindings/scripts/IDLAttributes.txt: Sorted in the AppleCopyright and
2619         UsePointersEvenForNonNullableObjectArguments arguments. Removed the unused
2620         CPPPureInterface and CustomBinding attributes.
2621
2622         * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp: Regenerated test results.
2623         * bindings/scripts/test/JS/JSTestInterface.cpp: Ditto.
2624         * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp: Ditto.
2625         * bindings/scripts/test/JS/JSTestObj.cpp: Ditto.
2626         * bindings/scripts/test/JS/JSTestObj.h: Ditto.
2627         * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp: Ditto.
2628         * bindings/scripts/test/JS/JSTestTypedefs.cpp: Ditto.
2629         * bindings/scripts/test/ObjC/DOMTestActiveDOMObject.mm: Ditto.
2630         * bindings/scripts/test/ObjC/DOMTestCallback.mm: Ditto.
2631         * bindings/scripts/test/ObjC/DOMTestCallbackFunction.mm: Ditto.
2632         * bindings/scripts/test/ObjC/DOMTestInterface.mm: Ditto.
2633         * bindings/scripts/test/ObjC/DOMTestMediaQueryListListener.mm: Ditto.
2634         * bindings/scripts/test/ObjC/DOMTestObj.mm: Ditto.
2635
2636         * bindings/scripts/test/TestObj.idl: Removed test for CustomBinding.
2637
2638         * dom/DOMImplementation.idl: Fixed #if so that only the return type is different
2639         between JavaScript and the other bindings. Without this change, the different
2640         bindings got different results for ShouldPassWrapperByReference. Also formatted
2641         functions all on a single line.
2642
2643         * dom/EventListener.idl: Removed CPPPureInterface, since it had no effect.
2644         * dom/EventTarget.idl: Ditto.
2645
2646 2016-04-08  Chris Dumez  <cdumez@apple.com>
2647
2648         [WebIDL] Add support for [ExportMacro=XXX] IDL extended attribute
2649         https://bugs.webkit.org/show_bug.cgi?id=156428
2650
2651         Reviewed by Ryosuke Niwa.
2652
2653         Add support for [ExportMacro=XXX] IDL extended attribute (e.g. [ExportMacro=WEBCORE_EXPORT])
2654         so developers can indicate in the IDL which macro to use to export the generated JS bindings
2655         class.
2656
2657         We previously supported this by hard-coding JS class names in the bindings generator which
2658         was ugly.
2659
2660         * Modules/mediasession/MediaSession.idl:
2661         * Modules/mediasource/SourceBuffer.idl:
2662         * Modules/notifications/Notification.idl:
2663         * Modules/webaudio/AudioContext.idl:
2664         * bindings/scripts/CodeGeneratorJS.pm:
2665         (GetExportMacroForJSClass):
2666         (GenerateHeader):
2667         (AddIncludesForType): Deleted.
2668         (AddToImplIncludes): Deleted.
2669         * bindings/scripts/IDLAttributes.txt:
2670         * bindings/scripts/test/TestInterface.idl:
2671         * bindings/scripts/test/TestNode.idl:
2672         * css/CSSStyleDeclaration.idl:
2673         * dom/ClientRect.idl:
2674         * dom/ClientRectList.idl:
2675         * dom/Document.idl:
2676         * dom/Element.idl:
2677         * dom/Node.idl:
2678         * dom/Range.idl:
2679         * fileapi/File.idl:
2680         * html/DOMURL.idl:
2681         * html/HTMLElement.idl:
2682         * html/HTMLMediaElement.idl:
2683         * html/TimeRanges.idl:
2684         * html/canvas/DOMPath.idl:
2685         * inspector/ScriptProfile.idl:
2686         * inspector/ScriptProfileNode.idl:
2687         * page/DOMWindow.idl:
2688         * page/make_settings.pl:
2689         (generateInternalSettingsIdlFile):
2690         * testing/InternalSettings.idl:
2691         * testing/Internals.idl:
2692         * testing/MallocStatistics.idl:
2693         * testing/MemoryInfo.idl:
2694         * testing/TypeConversions.idl:
2695         * xml/XMLHttpRequest.idl:
2696
2697 2016-04-08  Joseph Pecoraro  <pecoraro@apple.com>
2698
2699         Web Inspector: XHRs and Web Worker scripts are not searchable
2700         https://bugs.webkit.org/show_bug.cgi?id=154214
2701         <rdar://problem/24643587>
2702
2703         Reviewed by Timothy Hatcher.
2704
2705         Test: inspector/page/searchInResources.html
2706
2707         * inspector/InspectorPageAgent.h:
2708         * inspector/InspectorPageAgent.cpp:
2709         (WebCore::InspectorPageAgent::searchInResource):
2710         (WebCore::InspectorPageAgent::searchInResources):
2711         Let the NetworkAgent handle individual search requests
2712         with a requestId. And provide global search results for
2713         "other" resources and will include requestId properties.
2714
2715         * inspector/InspectorNetworkAgent.h:
2716         * inspector/InspectorNetworkAgent.cpp:
2717         (WebCore::InspectorNetworkAgent::didFinishXHRLoading):
2718         (WebCore::buildObjectForSearchResult):
2719         (WebCore::InspectorNetworkAgent::searchOtherRequests):
2720         (WebCore::InspectorNetworkAgent::searchInRequest):
2721         Search saved "other" resource data content.
2722
2723         * inspector/NetworkResourcesData.h:
2724         * inspector/NetworkResourcesData.cpp:
2725         (WebCore::NetworkResourcesData::resources):
2726         Expose the resources for iteration by the NetworkAgent.
2727
2728 2016-04-08  Joanmarie Diggs  <jdiggs@igalia.com>
2729
2730         AX: "AXLandmarkApplication" is an inappropriate subrole for ARIA "application" since it's no longer a landmark
2731         https://bugs.webkit.org/show_bug.cgi?id=155403
2732
2733         Reviewed by Chris Fleizach.
2734
2735         The new subrole is AXWebApplication and the new role description is "web application".
2736         As part of the fix, the WebCore AccessibilityRole for ARIA's "application" role was
2737         renamed from LandmarkApplicationRole to WebApplicationRole.
2738
2739         The roles-exposed.html and aria-grouping-roles.html test expectations were also updated.
2740
2741         * English.lproj/Localizable.strings:
2742         * accessibility/AccessibilityObject.cpp:
2743         (WebCore::AccessibilityObject::accessibleNameDerivesFromContent):
2744         (WebCore::AccessibilityObject::isLandmark):
2745         (WebCore::initializeRoleMap):
2746         * accessibility/AccessibilityObject.h:
2747         * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
2748         (atkRole):
2749         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
2750         (-[WebAccessibilityObjectWrapper determineIsAccessibilityElement]):
2751         (-[WebAccessibilityObjectWrapper _accessibilityIsLandmarkRole:]):
2752         * accessibility/mac/WebAccessibilityObjectWrapperBase.mm:
2753         (-[WebAccessibilityObjectWrapperBase ariaLandmarkRoleDescription]):
2754         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
2755         (createAccessibilityRoleMap):
2756         (-[WebAccessibilityObjectWrapper subrole]):
2757         * platform/LocalizedStrings.cpp:
2758         (WebCore::AXARIAContentGroupText):
2759
2760 2016-04-08  Simon Fraser  <simon.fraser@apple.com>
2761
2762         [iOS WK2] WKWebViews should consult ancestor UIScrollViews to determine tiling area
2763         https://bugs.webkit.org/show_bug.cgi?id=156429
2764         rdar://problem/25455111
2765
2766         Reviewed by Tim Horton.
2767
2768         When a WKWebView is expanded to full size, then embedded in UIScrollView, it would
2769         create huge tiles that cover the entire view area (since it considered itself non-scrollable).
2770
2771         Fix to always use 512x512 tiles in this configuration, and to adjust the tile coverage
2772         for the area exposed through the enclosing UIScrollView.
2773
2774         * loader/HistoryController.cpp:
2775         (WebCore::HistoryController::saveScrollPositionAndViewStateToItem): setObscuredInset()
2776         moved from FrameView to Page.
2777         * page/FrameView.cpp:
2778         (WebCore::FrameView::adjustTiledBackingScrollability): If we're clipped by an ancestor scrollView,
2779         just assume we're scrollable on both axes.
2780         * page/Page.h:
2781         (WebCore::Page::obscuredInset):
2782         (WebCore::Page::setObscuredInset):
2783         (WebCore::Page::enclosedInScrollView):
2784         (WebCore::Page::setEnclosedInScrollView):
2785         * platform/ScrollView.h:
2786         (WebCore::ScrollView::platformObscuredInset): Deleted.
2787         (WebCore::ScrollView::platformSetObscuredInset): Deleted.
2788
2789 2016-04-08  Joseph Pecoraro  <pecoraro@apple.com>
2790
2791         [iOS Simulator] Build failure (property 'contentsFormat' not found on object of type 'LegacyTileLayer *')
2792         https://bugs.webkit.org/show_bug.cgi?id=156415
2793
2794         Reviewed by Simon Fraser.
2795
2796         * platform/spi/cocoa/QuartzCoreSPI.h:
2797         Provide SPI forward declaration of the CALayer contentsFormat property.
2798
2799 2016-04-08  Alex Christensen  <achristensen@webkit.org>
2800
2801         Progress towards running CMake WebKit2 on Mac
2802         https://bugs.webkit.org/show_bug.cgi?id=156426
2803
2804         Reviewed by Tim Horton.
2805
2806         * CMakeLists.txt:
2807         * PlatformGTK.cmake:
2808         * PlatformMac.cmake:
2809         * PlatformWin.cmake:
2810         On Mac, WTF is a static library that is linked only with JavaScriptCore.
2811
2812 2016-04-08  Jer Noble  <jer.noble@apple.com>
2813
2814         Unreviewed 32-bit build fix; make type of std::min<> explicit.
2815
2816         * platform/audio/ios/AudioDestinationIOS.cpp:
2817         (WebCore::AudioDestinationIOS::render):
2818
2819 2016-04-08  Jer Noble  <jer.noble@apple.com>
2820
2821         CRASH in AudioDestinationNode::render()
2822         https://bugs.webkit.org/show_bug.cgi?id=156308
2823
2824         Reviewed by Eric Carlson.
2825
2826         Yet another math error in AudioDestinationIOS::render(). It is possible for the difference between
2827         m_startSpareFrame and m_endSpareFrame to be greater than the numberOfFrames to be rendered. Protect
2828         against this case by taking the min() of those two values and only advancing m_startSpareFrame by
2829         that amount.  This guarantees that framesThisTime will never underflow, and that data will not be
2830         written past the end of the ioData parameter.
2831
2832         * platform/audio/ios/AudioDestinationIOS.cpp:
2833         (WebCore::AudioDestinationIOS::render):
2834
2835 2016-04-08  Brady Eidson  <beidson@apple.com>
2836
2837         Modern IDB: Use more IDBValue and IDBGetResult in IDBBackingStore.
2838         https://bugs.webkit.org/show_bug.cgi?id=156418
2839
2840         Reviewed by Alex Christensen.
2841
2842         No new tests (Refactor, no change in behavior).
2843
2844         * Modules/indexeddb/IDBValue.cpp:
2845         (WebCore::IDBValue::IDBValue):
2846         * Modules/indexeddb/IDBValue.h:
2847         
2848         * Modules/indexeddb/server/IDBBackingStore.h:
2849         
2850         * Modules/indexeddb/server/MemoryBackingStoreTransaction.cpp:
2851         (WebCore::IDBServer::MemoryBackingStoreTransaction::abort):
2852         
2853         * Modules/indexeddb/server/MemoryIDBBackingStore.cpp:
2854         (WebCore::IDBServer::MemoryIDBBackingStore::addRecord):
2855         (WebCore::IDBServer::MemoryIDBBackingStore::getRecord):
2856         * Modules/indexeddb/server/MemoryIDBBackingStore.h:
2857         
2858         * Modules/indexeddb/server/MemoryObjectStore.cpp:
2859         (WebCore::IDBServer::MemoryObjectStore::addRecord):
2860         * Modules/indexeddb/server/MemoryObjectStore.h:
2861         
2862         * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
2863         (WebCore::IDBServer::SQLiteIDBBackingStore::addRecord):
2864         (WebCore::IDBServer::SQLiteIDBBackingStore::getRecord):
2865         * Modules/indexeddb/server/SQLiteIDBBackingStore.h:
2866         
2867         * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
2868         (WebCore::IDBServer::UniqueIDBDatabase::performPutOrAdd):
2869         (WebCore::IDBServer::UniqueIDBDatabase::performGetRecord):
2870
2871 2016-04-08  Brady Eidson  <beidson@apple.com>
2872
2873         Modern IDB: Make IDBGetResult contain an IDBValue instead of a buffer, and remove unused methods.
2874         https://bugs.webkit.org/show_bug.cgi?id=156416
2875
2876         Reviewed by Alex Christensen.
2877
2878         No new tests (Refactor, no change in behavior).
2879
2880         * Modules/indexeddb/IDBCursor.cpp:
2881         (WebCore::IDBCursor::setGetResult):
2882         
2883         * Modules/indexeddb/IDBGetResult.cpp:
2884         (WebCore::IDBGetResult::dataFromBuffer):
2885         (WebCore::IDBGetResult::isolatedCopy):
2886         * Modules/indexeddb/IDBGetResult.h:
2887         (WebCore::IDBGetResult::IDBGetResult):
2888         (WebCore::IDBGetResult::value):
2889         (WebCore::IDBGetResult::encode):
2890         (WebCore::IDBGetResult::decode):
2891         (WebCore::IDBGetResult::valueBuffer): Deleted.
2892         (WebCore::IDBGetResult::setValueBuffer): Deleted.
2893         (WebCore::IDBGetResult::setKeyData): Deleted.
2894         (WebCore::IDBGetResult::setPrimaryKeyData): Deleted.
2895         (WebCore::IDBGetResult::setKeyPath): Deleted.
2896         
2897         * Modules/indexeddb/IDBTransaction.cpp:
2898         (WebCore::IDBTransaction::didGetRecordOnServer):
2899         
2900         * Modules/indexeddb/IDBValue.cpp:
2901         (WebCore::IDBValue::IDBValue):
2902         * Modules/indexeddb/IDBValue.h:
2903         
2904         * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
2905         (WebCore::IDBServer::SQLiteIDBBackingStore::getIndexRecord):
2906
2907 2016-04-08  Zalan Bujtas  <zalan@apple.com>
2908
2909         Focus ring drawn at incorrect location on image map with CSS transform.
2910         https://bugs.webkit.org/show_bug.cgi?id=143527
2911         <rdar://problem/21908735>
2912
2913         Reviewed by Simon Fraser.
2914
2915         Implement pathForFocusRing for HTMLAreaElement. It follows the logic of RenderObject::addFocusRingRects().
2916
2917         Tests: fast/images/image-map-outline-in-positioned-container.html
2918                fast/images/image-map-outline-with-paint-root-offset.html
2919                fast/images/image-map-outline-with-scale-transform.html
2920                fast/images/image-map-outline.html
2921
2922         * html/HTMLAreaElement.cpp:
2923         (WebCore::HTMLAreaElement::pathForFocusRing):
2924         * html/HTMLAreaElement.h:
2925         * rendering/RenderElement.cpp:
2926         (WebCore::RenderElement::paintFocusRing): Move addFocusRingRects() out of focus ring painting.
2927         (WebCore::RenderElement::paintOutline):
2928         * rendering/RenderElement.h:
2929         * rendering/RenderImage.cpp:
2930         (WebCore::RenderImage::paint):
2931         (WebCore::RenderImage::paintAreaElementFocusRing):
2932         * rendering/RenderImage.h:
2933         * rendering/RenderInline.cpp:
2934         (WebCore::RenderInline::paintOutline):
2935
2936 2016-04-08  Brent Fulgham  <bfulgham@apple.com>
2937
2938         [WK1] Wheel event callback removing the window causes crash in WebCore
2939         https://bugs.webkit.org/show_bug.cgi?id=156409
2940         <rdar://problem/25631267>
2941
2942         Reviewed by Simon Fraser.
2943
2944         Null check the Widget before using it, since the iframe may have been removed
2945         from its parent document inside the event handler.
2946
2947         This is the WK1 fix for https://bugs.webkit.org/show_bug.cgi?id=150871.
2948
2949         Tested by fast/events/wheel-event-destroys-frame.html
2950
2951         * page/EventHandler.cpp:
2952         (WebCore::widgetForElement): Added.
2953         (WebCore::EventHandler::handleWheelEvent): Use new helper function to
2954         clean up the code, and allow us to check that the Widget has not been
2955         destroyed during the event handler.
2956
2957 2016-04-08  Said Abou-Hallawa  <sabouhallawa@apple,com>
2958
2959         Timing attack on SVG feComposite filter circumvents same-origin policy
2960         https://bugs.webkit.org/show_bug.cgi?id=154338
2961
2962         Reviewed by Oliver Hunt.
2963
2964         Ensure the FEComposite arithmetic filter is clamping the resulted color
2965         components in a constant time.
2966
2967         * platform/graphics/filters/FEComposite.cpp:
2968         (WebCore::clampByte):
2969         (WebCore::computeArithmeticPixels):
2970
2971 2016-04-08  Brian Burg  <bburg@apple.com>
2972
2973         Web Inspector: get rid of InspectorBasicValue and InspectorString subclasses
2974         https://bugs.webkit.org/show_bug.cgi?id=156407
2975         <rdar://problem/25627659>
2976
2977         Reviewed by Timothy Hatcher.
2978
2979         * inspector/InspectorDatabaseAgent.cpp: Don't use deleted subclasses.
2980
2981 2016-04-08  Beth Dakin  <bdakin@apple.com>
2982
2983         Fix leaks in WebAVMediaSelectionOptionMac and WebPlaybackControlsManager
2984         https://bugs.webkit.org/show_bug.cgi?id=156379
2985
2986         Reviewed by Tim Horton.
2987
2988         These classes should use RetainPtrs.
2989         * platform/mac/WebVideoFullscreenInterfaceMac.mm:
2990         (-[WebAVMediaSelectionOptionMac localizedDisplayName]):
2991         (-[WebAVMediaSelectionOptionMac setLocalizedDisplayName:]):
2992         (-[WebPlaybackControlsManager timing]):
2993         (-[WebPlaybackControlsManager setTiming:]):
2994         (-[WebPlaybackControlsManager seekableTimeRanges]):
2995         (-[WebPlaybackControlsManager setSeekableTimeRanges:]):
2996         (-[WebPlaybackControlsManager audioMediaSelectionOptions]):
2997         (-[WebPlaybackControlsManager setAudioMediaSelectionOptions:]):
2998         (-[WebPlaybackControlsManager currentAudioMediaSelectionOption]):
2999         (-[WebPlaybackControlsManager setCurrentAudioMediaSelectionOption:]):
3000         (-[WebPlaybackControlsManager legibleMediaSelectionOptions]):
3001         (-[WebPlaybackControlsManager setLegibleMediaSelectionOptions:]):
3002         (-[WebPlaybackControlsManager currentLegibleMediaSelectionOption]):
3003         (-[WebPlaybackControlsManager setCurrentLegibleMediaSelectionOption:]):
3004
3005 2016-04-08  Fujii Hironori  <Hironori.Fujii@jp.sony.com>
3006
3007         Touching any IDL files rebuilds all bindings in CMake Ninja build
3008         https://bugs.webkit.org/show_bug.cgi?id=156400
3009
3010         Reviewed by Brent Fulgham.
3011
3012         * bindings/scripts/preprocess-idls.pl:
3013         (GenerateConstructorAttribute):
3014         WriteFileIfChanged does not work due to flaky results of 'keys'.
3015         Sort results of 'keys'.
3016
3017 2016-04-07  Simon Fraser  <simon.fraser@apple.com>
3018
3019         [iOS WK2] Stop using exposedContentRect for history scroll state restoration
3020         https://bugs.webkit.org/show_bug.cgi?id=156392
3021
3022         Reviewed by Tim Horton.
3023
3024         A future commit will alter the meaning of exposedContentRect on iOS to take into
3025         account clipped out parts of the WKWebView. To achieve this, wean history restoration
3026         off of using exposedContentRect for scroll state restoration. It did this to restore
3027         the page to the same position relative to the view's top-left (to avoid jiggles caused
3028         by changing obscured insets).
3029
3030         Do this by pushing the left/top obscured insets down with visible content rects updates,
3031         storing them on ScrollView, and adding them to HistoryItem. Those insets are then used
3032         for scroll state restoration in WKWebView.
3033
3034         * history/HistoryItem.cpp:
3035         (WebCore::HistoryItem::HistoryItem):
3036         * history/HistoryItem.h:
3037         (WebCore::HistoryItem::obscuredInset):
3038         (WebCore::HistoryItem::setObscuredInset):
3039         * loader/HistoryController.cpp:
3040         (WebCore::HistoryController::saveScrollPositionAndViewStateToItem):
3041         * platform/ScrollView.h:
3042         (WebCore::ScrollView::platformObscuredInset):
3043         (WebCore::ScrollView::platformSetObscuredInset):
3044
3045 2016-04-08  Brady Eidson  <beidson@apple.com>
3046
3047         Build fix followup to http://trac.webkit.org/changeset/199230
3048
3049         Unreviewed.
3050
3051         * platform/posix/FileSystemPOSIX.cpp:
3052         (WebCore::hardLinkOrCopyFile): Stricter POSIX systems require a umask for O_CREAT opens,
3053           so let's provide one.
3054
3055 2016-04-08  Darin Adler  <darin@apple.com>
3056
3057         Remove 14 more unnecessary uses of UsePointersEvenForNonNullableObjectArguments
3058         https://bugs.webkit.org/show_bug.cgi?id=156405
3059
3060         Reviewed by Chris Dumez.
3061
3062         * Modules/encryptedmedia/MediaKeySession.idl:
3063         * Modules/encryptedmedia/MediaKeys.idl:
3064         * dom/Element.idl:
3065         * dom/NamedNodeMap.idl:
3066         * html/HTMLElement.idl:
3067         * html/canvas/OESVertexArrayObject.idl:
3068         * html/canvas/WebGLRenderingContext.idl:
3069         * page/DOMSelection.idl:
3070         * storage/StorageEvent.idl:
3071         * svg/SVGSVGElement.idl:
3072         * xml/XMLSerializer.idl:
3073         * xml/XPathEvaluator.idl:
3074         * xml/XPathExpression.idl:
3075         * xml/XSLTProcessor.idl:
3076         Removed UsePointersEvenForNonNullableObjectArguments, which was having no effect
3077         in any of these classes. Also tweaked formatting of some of the IDL, merging things
3078         onto single lines, changing paragraphing and indenting a bit, and fixing some typos.
3079
3080 2016-04-08  Brady Eidson  <beidson@apple.com>
3081
3082         Modern IDB (Blob support): Write blobs to temporary files and move them to the correct location when storing them.
3083         https://bugs.webkit.org/show_bug.cgi?id=156321
3084
3085         Reviewed by Alex Christensen, Andy Estes, and Darin Adler.
3086
3087         No new tests (No testable change in behavior yet, current tests pass).
3088
3089         When asked to store a Blob (including Files) in IndexedDB, the Blob is written out to a temporary file.
3090         
3091         Then when the putOrAdd request is received by IDBServer it includes a list of blobURLs and their mappings
3092         to temporary files.
3093         
3094         Finally, as part of storing the Blob value in the database, those temporary files are moved in to place
3095         under the IndexedDB directory for storage and later retrieval.
3096
3097         * Modules/indexeddb/IDBValue.cpp:
3098         (WebCore::IDBValue::IDBValue):
3099
3100         * Modules/indexeddb/server/IDBBackingStore.h:
3101         (WebCore::IDBServer::IDBBackingStoreTemporaryFileHandler::~IDBBackingStoreTemporaryFileHandler):
3102
3103         * Modules/indexeddb/server/IDBServer.cpp:
3104         (WebCore::IDBServer::IDBServer::create):
3105         (WebCore::IDBServer::IDBServer::IDBServer):
3106         (WebCore::IDBServer::IDBServer::createBackingStore):
3107         * Modules/indexeddb/server/IDBServer.h:
3108
3109         * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
3110         (WebCore::IDBServer::blobRecordsTableSchema):
3111         (WebCore::IDBServer::blobRecordsTableSchemaAlternate):
3112         (WebCore::IDBServer::blobFilesTableSchema):
3113         (WebCore::IDBServer::blobFilesTableSchemaAlternate):
3114         (WebCore::IDBServer::SQLiteIDBBackingStore::SQLiteIDBBackingStore):
3115         (WebCore::IDBServer::SQLiteIDBBackingStore::ensureValidBlobTables):
3116         (WebCore::IDBServer::SQLiteIDBBackingStore::getOrEstablishDatabaseInfo):
3117         (WebCore::IDBServer::SQLiteIDBBackingStore::addRecord):
3118         * Modules/indexeddb/server/SQLiteIDBBackingStore.h:
3119         (WebCore::IDBServer::SQLiteIDBBackingStore::temporaryFileHandler):
3120
3121         * Modules/indexeddb/server/SQLiteIDBTransaction.cpp:
3122         (WebCore::IDBServer::SQLiteIDBTransaction::commit):
3123         (WebCore::IDBServer::SQLiteIDBTransaction::moveBlobFilesIfNecessary):
3124         (WebCore::IDBServer::SQLiteIDBTransaction::abort):
3125         (WebCore::IDBServer::SQLiteIDBTransaction::reset):
3126         (WebCore::IDBServer::SQLiteIDBTransaction::addBlobFile):
3127         * Modules/indexeddb/server/SQLiteIDBTransaction.h:
3128
3129         * Modules/indexeddb/shared/InProcessIDBServer.cpp:
3130         (WebCore::InProcessIDBServer::InProcessIDBServer):
3131         (WebCore::InProcessIDBServer::accessToTemporaryFileComplete):
3132         * Modules/indexeddb/shared/InProcessIDBServer.h:
3133
3134         * bindings/js/SerializedScriptValue.cpp:
3135         (WebCore::SerializedScriptValue::blobURLsIsolatedCopy):
3136         * bindings/js/SerializedScriptValue.h:
3137
3138         * platform/FileSystem.h:
3139         * platform/gtk/FileSystemGtk.cpp:
3140         (WebCore::hardLinkOrCopyFile):
3141         * platform/posix/FileSystemPOSIX.cpp:
3142         (WebCore::hardLinkOrCopyFile):
3143
3144 2016-04-08  Joanmarie Diggs  <jdiggs@igalia.com>
3145
3146         AX: [ATK] Crash getting text under element in CSS table
3147         https://bugs.webkit.org/show_bug.cgi?id=156328
3148
3149         Reviewed by Chris Fleizach.
3150
3151         AccessibilityRenderObject::textUnderElement() assumes (and asserts) that
3152         the first and last child of an anonymous block will each have nodes with
3153         which to define positions. This is not the case for CSS Tables and their
3154         anonymous descendants. AccessibilityNodeObject:textUnderElement() is our
3155         fallback for the instances where a text range cannot be created based on
3156         positions, so let it handle anonymous RenderTable parts.
3157
3158         Test: accessibility/generated-content-with-display-table-crash.html
3159
3160         * accessibility/AccessibilityRenderObject.cpp:
3161         (WebCore::AccessibilityRenderObject::textUnderElement):
3162         (WebCore::AccessibilityRenderObject::shouldGetTextFromNode):
3163         * accessibility/AccessibilityRenderObject.h:
3164
3165 2016-04-08  Darin Adler  <darin@apple.com>
3166
3167         Remove unneeded UsePointersEvenForNonNullableObjectArguments from event classes
3168         https://bugs.webkit.org/show_bug.cgi?id=156396
3169
3170         Reviewed by Youenn Fablet.
3171
3172         * dom/CompositionEvent.idl:
3173         * dom/KeyboardEvent.idl:
3174         * dom/MouseEvent.idl:
3175         * dom/MutationEvent.idl:
3176         * dom/TextEvent.idl:
3177         * dom/TouchEvent.idl:
3178         * dom/UIEvent.idl:
3179         * dom/WheelEvent.idl:
3180         Removed UsePointersEvenForNonNullableObjectArguments, which was having no effect.
3181
3182 2016-04-08  Manuel Rego Casasnovas  <rego@igalia.com>
3183
3184         [css-grid] Fix positioned items with grid gaps
3185         https://bugs.webkit.org/show_bug.cgi?id=156288
3186
3187         Reviewed by Darin Adler.
3188
3189         When we place a positioned items in a grid with gaps,
3190         we were not taking into accounts the gutter size.
3191         We've to use that size to properly place and size the item.
3192
3193         Tests: fast/css-grid-layout/grid-positioned-items-gaps-rtl.html
3194                fast/css-grid-layout/grid-positioned-items-gaps.html
3195
3196         * rendering/RenderGrid.cpp:
3197         (WebCore::RenderGrid::offsetAndBreadthForPositionedChild):
3198
3199 2016-04-08  Javier Fernandez  <jfernandez@igalia.com>
3200
3201         [css-grid] Remove unnecessary iteration in populateGridPositions loop
3202         https://bugs.webkit.org/show_bug.cgi?id=156376
3203
3204         Reviewed by Darin Adler.
3205
3206         The populateGridPositions loop limit was set to 'lastLine'. However, the
3207         the position of last track's start line is updated after the loop, since
3208         it does not follow the same pattern; it does not have a content
3209         distribution offset.
3210
3211         So, since we are essentially overwriting the value stored in the last
3212         iteration, we can just lower the loop limit.
3213
3214         No new tests added, because there is no change in the functionality.
3215
3216         * rendering/RenderGrid.cpp:
3217         (WebCore::RenderGrid::populateGridPositions):
3218
3219 2016-04-08  John Wilander  <wilander@apple.com>
3220
3221         CSP: Block XHR when calling XMLHttpRequest.send() and throw network error.
3222         https://bugs.webkit.org/show_bug.cgi?id=153598
3223         <rdar://problem/24391483>
3224
3225         Reviewed by Darin Adler.
3226
3227         No new tests. Changes to existing tests are sufficient.
3228
3229         * xml/XMLHttpRequest.cpp:
3230         (WebCore::XMLHttpRequest::open):
3231         (WebCore::XMLHttpRequest::initSend):
3232             Moved the CSP check from XMLHttpRequest::open() to XMLHttpRequest::initSend().
3233             Changed the thrown error type from Security to Network for synchronous requests.
3234             Changed from throwing an error to firing an error event for asynchronous requests.
3235             These changes are in conformance with connect-src of Content Security Policy Level 2.
3236             https://www.w3.org/TR/CSP2/#directive-connect-src (W3C Candidate Recommendation, 21 July 2015)
3237
3238 2016-04-07  Darin Adler  <darin@apple.com>
3239
3240         FontFaceSet binding does not handle null correctly
3241         https://bugs.webkit.org/show_bug.cgi?id=156141
3242
3243         Reviewed by Youenn Fablet.
3244
3245         * css/FontFaceSet.cpp:
3246         (WebCore::FontFaceSet::FontFaceSet): Pass a reference to add rather than a pointer.
3247         (WebCore::FontFaceSet::has): Take a reference rather than a pointer.
3248         (WebCore::FontFaceSet::add): Ditto.
3249         (WebCore::FontFaceSet::remove): Ditto.
3250         (WebCore::FontFaceSet::load): Initialize ec since we check it. Caller is not required
3251         to do this, nor is the matchingFaces function. Rearranged function to avoid needless
3252         creation/destruction of PendingPromise for the immediate failure case. Removed some
3253         unneeded type casts and local variables.
3254         (WebCore::FontFaceSet::status): Use ASCIILiteral instead of ConstructFromLiteral.
3255         No reason to use the more aggressive optimization.
3256         (WebCore::FontFaceSet::faceFinished): Factored out a common hasReachedTerminalState
3257         check to streamline the logic a bit.
3258         (WebCore::FontFaceSet::load): Moved overload without a string in here; not critical
3259         to inline it.
3260         (WebCore::FontFaceSet::check): Ditto.
3261
3262         * css/FontFaceSet.h: Removed many unneeded includes and forward declarations.
3263         Changed functions to take FontFace& instead of RefPtr<FontFace>. Removed unneeded
3264         WebCore namespace prefixes. Use final instead of override for virtual functions.
3265
3266         * css/FontFaceSet.idl: Removed UsePointersEvenForNonNullableObjectArguments, which
3267         was preserving incorrect behavior for null as demonstrated by the test cases.
3268
3269 2016-04-07  Joseph Pecoraro  <pecoraro@apple.com>
3270
3271         Remove ENABLE(ENABLE_ES6_CLASS_SYNTAX) guards
3272         https://bugs.webkit.org/show_bug.cgi?id=156384
3273
3274         Reviewed by Ryosuke Niwa.
3275
3276         * Configurations/FeatureDefines.xcconfig:
3277
3278 2016-04-07  Dean Jackson  <dino@apple.com>
3279
3280         [iOS] Media playback button should use appearance
3281         https://bugs.webkit.org/show_bug.cgi?id=156388
3282         <rdar://problem/25618352>
3283
3284         Reviewed by Simon Fraser.
3285
3286         With the recent change in backdrop appearance, we can
3287         now use the system style directly for the play button.
3288
3289         While I was here I also updated the artwork to the
3290         latest style (slightly rounded corners on the triangle).
3291
3292         Covered by the test in ManualTests/ios/start-playback-button-appearance.html.
3293
3294         * Modules/mediacontrols/mediaControlsiOS.css: Move the clip onto the backdrop
3295         element. Use an appearance insted.
3296         * Modules/mediacontrols/mediaControlsiOS.js: Remove the tint element, and
3297         set the highlight on the glyph instead.
3298
3299 2016-04-07  Ada Chan  <adachan@apple.com>
3300
3301         Roll out the css change in mediaControlsApple.css that has been causing assertions in layout for multiple tests
3302         https://bugs.webkit.org/show_bug.cgi?id=156381
3303
3304         Rubber-stamped by Alexey Proskuryakov.
3305
3306         * Modules/mediacontrols/mediaControlsApple.css:
3307         (::-webkit-media-controls):
3308         Remove overflow: hidden.
3309
3310 2016-04-07  Jiewen Tan  <jiewen_tan@apple.com>
3311
3312         Unreviewed, rolling out r199199.
3313
3314         Revision breaks layout tests
3315
3316         Reverted changeset:
3317
3318         "fast/loader/opaque-base-url.html crashing during mac and ios
3319         debug tests"
3320         https://bugs.webkit.org/show_bug.cgi?id=156179
3321         http://trac.webkit.org/changeset/199199
3322
3323 2016-04-07  Simon Fraser  <simon.fraser@apple.com>
3324
3325         Make it possible to test effect of view exposed rect on tiled backing
3326         https://bugs.webkit.org/show_bug.cgi?id=156365
3327
3328         Reviewed by Tim Horton.
3329
3330         Implement Internals::setViewExposedRect().
3331
3332         When the viewExposedRect is non-null, assume that we're scrollable on both axes
3333         to avoid creation of huge tiles in this scenario.
3334
3335         We also need to call adjustTiledBackingScrollability() when setViewExposedRect()
3336         has been called.
3337
3338         Tests: tiled-drawing/tile-coverage-view-exposed-rect.html
3339                tiled-drawing/tile-size-view-exposed-rect.html
3340
3341         * page/FrameView.cpp:
3342         (WebCore::FrameView::adjustTiledBackingScrollability):
3343         (WebCore::FrameView::setViewExposedRect):
3344         * testing/Internals.cpp:
3345         (WebCore::Internals::setViewExposedRect):
3346         * testing/Internals.h:
3347         * testing/Internals.idl:
3348
3349 2016-04-07  Jiewen Tan  <jiewen_tan@apple.com>
3350
3351         fast/loader/opaque-base-url.html crashing during mac and ios debug tests
3352         https://bugs.webkit.org/show_bug.cgi?id=156179
3353         <rdar://problem/25507719>
3354
3355         Reviewed by Andy Estes.
3356
3357         A relative URL other than "#" with a non-hierarchical base is invalid, but prior to this
3358         change the URL's string would still contain the invalid relative URL. To avoid mistakes
3359         where we might later treat this URL string as a parsed URL string, set the string to
3360         "about:blank" instead.
3361
3362         Test: fast/url/data-uri-based-urls.html
3363
3364         * platform/URL.cpp:
3365         (WebCore::URL::init):
3366
3367 2016-04-07  Brian Burg  <bburg@apple.com>
3368
3369         Web Automation: implement Automation.addSingleCookie
3370         https://bugs.webkit.org/show_bug.cgi?id=156319
3371         <rdar://problem/25589605>
3372
3373         Reviewed by Timothy Hatcher.
3374
3375         * platform/Cookie.h: Document the units used by the 'expires' field.
3376
3377 2016-04-07  Jon Davis  <jond@apple.com>
3378
3379         Add ImageBitmap as under consideration on Feature Status page
3380         https://bugs.webkit.org/show_bug.cgi?id=156362
3381
3382         Reviewed by Timothy Hatcher.
3383
3384         * features.json:
3385
3386 2016-04-07  Jon Davis  <jond@apple.com>
3387
3388         Include Conical Gradients on the Feature Status page.
3389         https://bugs.webkit.org/show_bug.cgi?id=156363
3390
3391         Reviewed by Timothy Hatcher.