e147274346f9708b231e48f2ae2957de252c6bcb
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2017-10-16  Chris Dumez  <cdumez@apple.com>
2
3         ServiceWorkerRegistration should subclass RefCounted<>
4         https://bugs.webkit.org/show_bug.cgi?id=178374
5
6         Reviewed by Ryosuke Niwa.
7
8         ServiceWorkerRegistration should subclass RefCounted<> or we end up with an infinite recursion
9         when constructing such object. This is because ServiceWorkerRegistration subclasses
10         EventTargetWithInlineData which implements ref() / deref() by calling refEventTarget() /
11         derefEventTarget(). refEventTarget() / derefEventTarget() are implemented in
12         ServiceWorkerRegistration so that they call ref() / deref() (which ends up being EventTarget's
13         methods).
14
15         * workers/service/ServiceWorkerRegistration.h:
16
17 2017-10-16  Jer Noble  <jer.noble@apple.com>
18
19         ImageDecoderAVFObjC fails to create more CMSampleBuffers after creating about 32MB worth.
20         https://bugs.webkit.org/show_bug.cgi?id=178360
21
22         Reviewed by Eric Carlson.
23
24         AVSampleBufferGenerator has a constrained memory pool of about 32MB in size. Once
25         CMSampleBuffers representing about 32MB of memory are allocated, no more can be created
26         until previously created ones are released. So rather than (only) creating the sample
27         buffers up front in readSampleMetadata(), also create them dynamically, if missing, in
28         createFrameImageAtIndex(...) and release them in storeSampleBuffer(...) after they have been
29         decoded.
30
31         Drive-by fix: the expected content length was never actually set by the owner of ImageDecoderAVFObjC.
32         Now that the expected content length is available, we don't have to wait until the data is complete
33         to respond to requests.
34
35         * platform/graphics/ImageSource.cpp:
36         (WebCore::ImageSource::ensureDecoderAvailable):
37         * platform/graphics/avfoundation/objc/ImageDecoderAVFObjC.h:
38         * platform/graphics/avfoundation/objc/ImageDecoderAVFObjC.mm:
39         (SOFT_LINK_POINTER_OPTIONAL):
40         (-[WebCoreSharedBufferResourceLoaderDelegate canFulfillRequest:]):
41         (-[WebCoreSharedBufferResourceLoaderDelegate fulfillRequest:]):
42         (-[WebCoreSharedBufferResourceLoaderDelegate resourceLoader:shouldWaitForLoadingOfRequestedResource:]):
43         (WebCore::imageDecoderAssetOptions):
44         (WebCore::ImageDecoderAVFObjC::firstEnabledTrack):
45         (WebCore::ImageDecoderAVFObjC::storeSampleBuffer):
46         (WebCore::ImageDecoderAVFObjC::createFrameImageAtIndex):
47         (WebCore::ImageDecoderAVFObjC::setExpectedContentSize):
48
49 2017-10-12  Matt Rajca  <mrajca@apple.com>
50
51         Add API support for quirk that lets an arbitrary click allow auto-play.
52         https://bugs.webkit.org/show_bug.cgi?id=178227
53
54         Reviewed by Alex Christensen.
55
56         Added API test.
57         
58         Instead of hardcoding sites in WebCore, let API clients control which websites opt into the quirk that lets
59         an arbitrary click allow auto-play via website policies.
60
61         * html/MediaElementSession.cpp:
62         (WebCore::needsArbitraryUserGestureAutoplayQuirk):
63         * loader/DocumentLoader.h:
64
65 2017-10-16  Chris Dumez  <cdumez@apple.com>
66
67         DOMQuad.p1 / p2 / p3 / p4 should behave as [SameObject]
68         https://bugs.webkit.org/show_bug.cgi?id=178366
69
70         Reviewed by Youenn Fablet.
71
72         DOMQuad.p1 / p2 / p3 / p4 should behave as [SameObject]. We attempted to do so using JSDOMQuad::visitAdditionalChildren()
73         but the code did not work because we failed to generate a "isReachableFromOpaqueRoots()" function for JSDOMPoint.
74
75         Test: fast/css/DOMQuad-points-SameObject.html
76
77         * dom/DOMPoint.idl:
78
79 2017-10-16  Andy Estes  <aestes@apple.com>
80
81         [Apple Pay] Add subLocality and subAdministrativeArea to ApplePayPaymentContact and ApplePayError
82         https://bugs.webkit.org/show_bug.cgi?id=178191
83         <rdar://problem/34906367>
84
85         Reviewed by Tim Horton.
86
87         Added test cases to http/tests/ssl/applepay/ApplePaySession.html.
88
89         * Modules/applepay/ApplePayError.idl:
90         * Modules/applepay/ApplePayPaymentContact.h:
91         * Modules/applepay/ApplePayPaymentContact.idl:
92         * Modules/applepay/ApplePaySessionPaymentRequest.h:
93         * Modules/applepay/cocoa/PaymentContactCocoa.mm:
94         (WebCore::subLocality):
95         (WebCore::setSubLocality):
96         (WebCore::subAdministrativeArea):
97         (WebCore::setSubAdministrativeArea):
98         (WebCore::convert):
99
100 2017-10-16  Alex Christensen  <achristensen@webkit.org>
101
102         Allow modern decoding of URLs
103         https://bugs.webkit.org/show_bug.cgi?id=178265
104
105         Reviewed by Chris Dumez.
106
107         * platform/URL.h:
108         (WebCore::URL::decode):
109
110 2017-10-16  Ryan Haddad  <ryanhaddad@apple.com>
111
112         Unreviewed, rolling out r223425.
113
114         This change broke internal builds.
115
116         Reverted changeset:
117
118         "Remove unnecessary include from Document.h"
119         https://bugs.webkit.org/show_bug.cgi?id=178247
120         https://trac.webkit.org/changeset/223425
121
122 2017-10-16  Maureen Daum  <mdaum@apple.com>
123
124         If an origin doesn't have databases in the Databases table we should still remove its information from disk in DatabaseTracker::deleteOrigin()
125         https://bugs.webkit.org/show_bug.cgi?id=178281
126         <rdar://problem/34576132>
127
128         Reviewed by Brent Fulgham.
129
130         New test:
131         DatabaseTracker.DeleteOriginWithMissingEntryInDatabasesTable
132
133         * Modules/webdatabase/DatabaseTracker.cpp:
134         (WebCore::DatabaseTracker::deleteOrigin):
135         If databaseNames is empty, don't bail early. Instead, delete everything in the directory
136         containing the databases for this origin. This condition indicates that we previously
137         tried to remove the origin but didn't get all of the way through the deletion process.
138         Because we have lost track of the databases for this origin, we can assume that no
139         other process is accessing them. This means it should be safe to delete them outright.
140
141 2017-10-16  Youenn Fablet  <youenn@apple.com>
142
143         [FETCH] Remove Request.type getter
144         https://bugs.webkit.org/show_bug.cgi?id=177798
145
146         Reviewed by Chris Dumez.
147
148         Tests: imported/w3c/web-platform-tests/fetch/api/request/request-type-attribute-historical.html
149                imported/w3c/web-platform-tests/fetch/api/request/url-encoding.html
150
151         Removing FetchRequest type getter.
152         Merging Type and Destination as per https://fetch.spec.whatwg.org/#concept-request-destination.
153         Setting destination of request within CachedResourceLoader as this will be useful to Service Workers.
154
155         * Modules/fetch/FetchRequest.h:
156         * Modules/fetch/FetchRequest.idl:
157         * loader/FetchOptions.h:
158         (WebCore::FetchOptions::isolatedCopy const):
159         (WebCore::FetchOptions::FetchOptions):
160         (WebCore::FetchOptions::encode const):
161         (WebCore::FetchOptions::decode):
162         * loader/ThreadableLoader.cpp:
163         (WebCore::ThreadableLoaderOptions::isolatedCopy const):
164         * loader/cache/CachedResourceLoader.cpp:
165         (WebCore::CachedResourceLoader::requestImage):
166         (WebCore::CachedResourceLoader::requestFont):
167         (WebCore::CachedResourceLoader::requestTextTrack):
168         (WebCore::CachedResourceLoader::requestCSSStyleSheet):
169         (WebCore::CachedResourceLoader::requestUserCSSStyleSheet):
170         (WebCore::CachedResourceLoader::requestScript):
171         (WebCore::CachedResourceLoader::requestXSLStyleSheet):
172         (WebCore::CachedResourceLoader::requestMedia):
173         (WebCore::CachedResourceLoader::requestIcon):
174         (WebCore::CachedResourceLoader::requestRawResource):
175         (WebCore::CachedResourceLoader::requestBeaconResource):
176         (WebCore::CachedResourceLoader::requestMainResource):
177         * loader/cache/CachedResourceRequest.cpp:
178         (WebCore::CachedResourceRequest::setDestinationIfNotSet):
179         * loader/cache/CachedResourceRequest.h:
180
181 2017-10-15  Ryosuke Niwa  <rniwa@webkit.org>
182
183         Cannot access images included in the content pasted from Microsoft Word
184         https://bugs.webkit.org/show_bug.cgi?id=124391
185         <rdar://problem/26862741>
186
187         Reviewed by Antti Koivisto.
188
189         The bug is caused by the fact Microsoft Word generates HTML content which references an image using file URL.
190         Because the websites don't have access to arbtirary file URLs, this prevents editors such as TinyMCE to save
191         those images.
192
193         This patch fixes the problem by converting file URLs for images and all other subresources in the web archive
194         generated by Microsoft Word by blob URLs like r222839 for RTF/RTFD and r222119 for images.
195
196         To avoid revealing privacy sensitive information such as the absolute local file path to the user's home directory
197         Microsoft Word and other applications in the system includes in the web archive placed in the system pasteboard,
198         this patch also introduces the mechanism to sanitize when the HTML content is read by DataTransfer's getData.
199
200         This patch also introduces the sanitization for when writing HTML into the pasteboard since other applications
201         in the syste which is capable to processing web archives are not necessarily equipped to pretect itself and the
202         rest of the system from potentially dangerous JavaScript included in the web archive placed in the system pasteboard.
203
204         Finally, this patch expands the list of clipboard types that are exposed as "text/html" to the Web platform by
205         adding the capability to convert RTF, RTFD, and web archive into HTML markup by introducing WebContentMarkupReader,
206         a new subclass of PasteboardWebContentReader which creates a HTML markup instead of a document fragment. Most of
207         the sanitization process happens in this new class, and will be expanded to WebContentReader to make pasting safer.
208
209         Tests: editing/pasteboard/data-transfer-get-data-on-pasting-html-uses-blob-url.html
210                editing/pasteboard/data-transfer-set-data-sanitizes-html-when-copying-in-null-origin.html
211                editing/pasteboard/data-transfer-set-data-sanitizes-html-when-copying.html
212                editing/pasteboard/data-transfer-set-data-sanitlize-html-when-dragging-in-null-origin.html
213                http/tests/security/clipboard/copy-paste-html-across-origin-sanitizes-html.html
214                CopyHTML.Sanitizes
215                DataInteractionTests.DataTransferSanitizeHTML
216                PasteRTF.ExposesHTMLTypeInDataTransfer
217                PasteRTFD.ExposesHTMLTypeInDataTransfer
218                PasteRTFD.ImageElementUsesBlobURLInHTML
219                PasteWebArchive.ExposesHTMLTypeInDataTransfer
220
221         * dom/DataTransfer.cpp:
222         (WebCore::originIdentifierForDocument): Moved to Document::originIdentifierForPasteboard.
223         (WebCore::DataTransfer::createForCopyAndPaste):
224         (WebCore::DataTransfer::getDataForItem const): Use WebContentMarkupReader read HTMl content so that we can read
225         web arhive, RTF, and RTFD as text/html.
226         (WebCore::DataTransfer::getData const):
227         (WebCore::DataTransfer::setData):
228         (WebCore::DataTransfer::setDataFromItemList): Sanitize the HTML before placing into the system pasteboard.
229         (WebCore::DataTransfer::createForDragStartEvent):
230         (WebCore::DataTransfer::createForDrop):
231         (WebCore::DataTransfer::createForUpdatingDropTarget):
232         * dom/DataTransfer.h:
233         * dom/DataTransfer.idl:
234         * dom/DataTransferItem.cpp:
235         (WebCore::DataTransferItem::getAsString const):
236         * dom/Document.cpp:
237         (WebCore::Document::originIdentifierForPasteboard): Renamed from uniqueIdentifier. Moved the code to use the origin
238         string and then falling back to the UUID here from originIdentifierForDocument in DataTransfer.cpp.
239         * dom/Document.h:
240         * editing/WebContentReader.cpp:
241         (WebCore::WebContentMarkupReader::shouldSanitize const): Added.
242         * editing/WebContentReader.h:
243         (WebCore::WebContentMarkupReader): Added.
244         (WebCore::WebContentMarkupReader::WebContentMarkupReader):
245         * editing/cocoa/WebContentReaderCocoa.mm:
246         (WebCore::createFragmentFromWebArchive): Extracted out of WebContentReader::readWebArchive to share code.
247         (WebCore::WebContentReader::readWebArchive):
248         (WebCore::WebContentMarkupReader::readWebArchive): Added. Reads the web archive, replace all subresource URLs by
249         blob URLs, and re-generate the markup using our copy & paste code. The last step is requied to strip away any privacy
250         sensitive information as well as potentially dangerous JavaScript code.
251         (WebCore::stripMicrosoftPrefix): Extracted out of WebContentReader::readHTML to share code.
252         (WebCore::WebContentReader::readHTML):
253         (WebCore::WebContentMarkupReader::readHTML): Added. Only sanitize the markup when it comes from a different origin.
254         (WebCore::WebContentReader::readRTFD): Added a nullity check for frame.document().
255         (WebCore::WebContentMarkupReader::readRTFD): Added.
256         (WebCore::WebContentMarkupReader::readRTF): Added.
257         * editing/markup.h:
258         * editing/markup.cpp:
259         (WebCore::createPageForSanitizingWebContent): Added.
260         (WebCore::sanitizeMarkup): Added. This function "pastes" the markup into a new isolated document then reserializes
261         using our serialization code for copy. It strips away all invisible information such as comments, and strips away
262         event handlers and script elements to remove potentially dangerous scripts.
263         * platform/Pasteboard.h:
264         * platform/ios/PasteboardIOS.mm:
265         (WebCore::Pasteboard::readPasteboardWebContentDataForType): Now that this code can be called by DataTransfer, added
266         the checks for the change count to make sure we stop letting web content read if the pasteboard had been changed by
267         some other applications. To do this, turned this function into a member of Pasteboard. Also changed the return type
268         to an enum with tri-state to exist the loop early in the call sites.
269         (WebCore::Pasteboard::read):
270         (WebCore::Pasteboard::readRespectingUTIFidelities):
271         * platform/ios/PlatformPasteboardIOS.mm:
272         (WebCore::safeTypeForDOMToReadAndWriteForPlatformType): Treat RTF, RTFD, and web archive as HTML.
273         * platform/mac/PasteboardMac.mm:
274         (WebCore::Pasteboard::read): Add the change count checks now that this code can be called by DataTransfer.
275         * platform/mac/PlatformPasteboardMac.mm:
276         (WebCore::safeTypeForDOMToReadAndWriteForPlatformType): Treat RTF, RTFD, and web archive as HTML.
277
278 2017-10-16  Ryan Haddad  <ryanhaddad@apple.com>
279
280         Unreviewed attempt to fix the Windows debug build.
281
282         * Modules/webdatabase/DatabaseTracker.cpp:
283         (WebCore::DatabaseTracker::deleteOrigin):
284
285 2017-10-16  Chris Dumez  <cdumez@apple.com>
286
287         Log using differential privacy domains where the WebContent process crashes
288         https://bugs.webkit.org/show_bug.cgi?id=178346
289         <rdar://problem/33293830>
290
291         Reviewed by Alex Christensen.
292
293         Add new diagnostic logging key for domain causing crashes.
294
295         * page/DiagnosticLoggingKeys.cpp:
296         (WebCore::DiagnosticLoggingKeys::domainCausingCrashKey):
297         * page/DiagnosticLoggingKeys.h:
298
299 2017-10-16  Sam Weinig  <sam@webkit.org>
300
301         [Settings] Remove all custom code from Settings.h/cpp
302         https://bugs.webkit.org/show_bug.cgi?id=178330
303
304         Reviewed by Simon Fraser.
305
306         Removes the two remaining functions out of Settings paving the way
307         for the file to be generated.
308         
309         - pageDestroyed was moved down into SettingsBase.
310         - effectiveFrameFlattening was moved to FrameView (to reduce the need
311           for additional includes, the FrameFlattening enum was converted to
312           an enum class to allow it to be forward declared).
313           
314         Also moves default values into SettingsDefaultValues.h
315
316         * WebCore.xcodeproj/project.pbxproj:
317         
318             Add new files.
319         
320         * page/FrameView.cpp:
321         * page/FrameView.h:
322
323             Move effectiveFrameFlattening function here from Settings.
324
325         * page/Settings.cpp:
326         * page/Settings.h:
327
328             Move effectiveFrameFlattening, pageDestroyed and default values out.
329
330         * page/Settings.in:
331         
332             Update for turning FrameFlattening into an enum class.
333         
334         * page/SettingsBase.h:
335
336             Turn FrameFlattening into an enum class and move pageDestroyed here.
337
338         * page/SettingsDefaultValues.h: Added.
339
340             Move all the default values from Settings here.
341
342         * rendering/RenderFrameSet.cpp:
343         * rendering/RenderIFrame.cpp:
344         * rendering/RenderView.cpp:
345
346             Get effectiveFrameFlattening from the FrameView.
347
348         * testing/InternalSettings.cpp:
349         * testing/InternalSettings.h:
350         
351             Update now that FrameFlattening is an enum class.
352
353 2017-10-16  Maureen Daum  <mdaum@apple.com>
354
355         If we fail to delete any database file, don't remove its information from the tracker database
356         <rdar://problem/34576132> and https://bugs.webkit.org/show_bug.cgi?id=178251
357
358         Reviewed by Brady Eidson.
359
360         New tests:
361         DatabaseTracker.DeleteDatabase
362         DatabaseTracker.DeleteDatabaseWhenDatabaseDoesNotExist
363         DatabaseTracker.DeleteOrigin
364         DatabaseTracker.DeleteOriginWhenDeletingADatabaseFails
365         DatabaseTracker.DeleteOriginWhenDatabaseDoesNotExist
366
367         * Modules/webdatabase/DatabaseTracker.cpp:
368         (WebCore::DatabaseTracker::deleteDatabasesModifiedSince):
369         If the database doesn't exist, we previously deleted it but failed to remove the
370         information from the tracker database. We still want to delete all of the information
371         associated with this database from the tracker database, so add it to databaseNamesToDelete.
372         (WebCore::DatabaseTracker::deleteOrigin):
373         If a database doesn't exist, don't try to delete it. We don't need to, but more
374         importantly, deleteDatabaseFile() will fail if the database doesn't exist, which
375         will cause us to incorrectly think we failed to remove database information from disk.
376         If we actually fail to delete any database file, return before we remove the origin
377         information from the tracker database so we don't lose track of the database.
378         (WebCore::DatabaseTracker::deleteDatabase):
379         If a database doesn't exist, don't try to delete it. We don't need to, but also it
380         will cause us to incorrectly think that we were unable to delete a database, so we
381         would bail before we remove the database information from the tracker database. We
382         want to remove the database information from the tracker database because the database
383         doesn't exist.
384         * Modules/webdatabase/DatabaseTracker.h:
385         Expose fullPathForDatabase() for use by tests.
386         * platform/Logging.h:
387         Add a logging channel.
388
389 2017-10-16  Alex Christensen  <achristensen@webkit.org>
390
391         Remove unnecessary include from Document.h
392         https://bugs.webkit.org/show_bug.cgi?id=178247
393
394         Reviewed by Darin Adler.
395
396         * dom/Document.cpp:
397         (WebCore::Document::hasTouchEventHandlers const):
398         (WebCore::Document::touchEventTargetsContain const):
399         * dom/Document.h:
400         (WebCore::Document::hasTouchEventHandlers const): Deleted.
401         (WebCore::Document::touchEventTargetsContain const): Deleted.
402
403 2017-10-16  Alex Christensen  <achristensen@webkit.org>
404
405         Fix iOS build after r223422
406         https://bugs.webkit.org/show_bug.cgi?id=178251
407
408         * Modules/webdatabase/DatabaseManager.h:
409
410 2017-10-16  Maureen Daum  <mdaum@apple.com>
411
412         We should wrap the removal of information from the tracker database in a transaction in DatabaseTracker::deleteOrigin()
413         https://bugs.webkit.org/show_bug.cgi?id=178274
414         <rdar://problem/34576132>
415
416         Reviewed by Tim Horton.
417
418         * Modules/webdatabase/DatabaseTracker.cpp:
419         (WebCore::DatabaseTracker::deleteOrigin):
420         Wrap the removal of information from the tracker database in a transaction so that
421         we don't end up in a case where only one of the tables contains information about
422         an origin.
423         If anything goes wrong when we're modifying the tracker database, rollback the transaction
424         before bailing.
425
426 2017-10-16  Ryan Haddad  <ryanhaddad@apple.com>
427
428         Unreviewed, rolling out r223419.
429
430         This change broke the Windows build.
431
432         Reverted changeset:
433
434         "If we fail to delete any database file, don't remove its
435         information from the tracker database"
436         https://bugs.webkit.org/show_bug.cgi?id=178251
437         https://trac.webkit.org/changeset/223419
438
439 2017-10-16  Maureen Daum  <mdaum@apple.com>
440
441         If we fail to delete any database file, don't remove its information from the tracker database
442         <rdar://problem/34576132> and https://bugs.webkit.org/show_bug.cgi?id=178251
443
444         Reviewed by Brady Eidson.
445
446         New tests:
447         DatabaseTracker.DeleteDatabase
448         DatabaseTracker.DeleteDatabaseWhenDatabaseDoesNotExist
449         DatabaseTracker.DeleteOrigin
450         DatabaseTracker.DeleteOriginWhenDeletingADatabaseFails
451         DatabaseTracker.DeleteOriginWhenDatabaseDoesNotExist
452
453         * Modules/webdatabase/DatabaseTracker.cpp:
454         (WebCore::DatabaseTracker::deleteDatabasesModifiedSince):
455         If the database doesn't exist, we previously deleted it but failed to remove the
456         information from the tracker database. We still want to delete all of the information
457         associated with this database from the tracker database, so add it to databaseNamesToDelete.
458         (WebCore::DatabaseTracker::deleteOrigin):
459         If a database doesn't exist, don't try to delete it. We don't need to, but more
460         importantly, deleteDatabaseFile() will fail if the database doesn't exist, which
461         will cause us to incorrectly think we failed to remove database information from disk.
462         If we actually fail to delete any database file, return before we remove the origin
463         information from the tracker database so we don't lose track of the database.
464         (WebCore::DatabaseTracker::deleteDatabase):
465         If a database doesn't exist, don't try to delete it. We don't need to, but also it
466         will cause us to incorrectly think that we were unable to delete a database, so we
467         would bail before we remove the database information from the tracker database. We
468         want to remove the database information from the tracker database because the database
469         doesn't exist.
470         * Modules/webdatabase/DatabaseTracker.h:
471         Expose fullPathForDatabase() for use by tests.
472         * platform/Logging.h:
473         Add a logging channel.
474
475 2017-10-16  Brent Fulgham  <bfulgham@apple.com>
476
477         REGRESSION(223307): ASSERTION in WebCore::ResourceLoadObserver::logUserInteractionWithReducedTimeResolution
478         https://bugs.webkit.org/show_bug.cgi?id=178342
479         <rdar://problem/35008505>
480
481         Reviewed by Chris Dumez.
482
483         In r223307 I mistakenly used 'topDocument->topDocument()' because of a copy/paste error. I should have just used
484         'topDocument'.
485
486         Tests: CommandBackForwardTestWKWebView in TestWebKitAPI.
487
488         * loader/ResourceLoadObserver.cpp:
489         (WebCore::ResourceLoadObserver::logUserInteractionWithReducedTimeResolution): We might enter this routine at a time
490         where there is no page. If so, we should return early and not log credit.
491         * page/EventHandler.cpp:
492         (WebCore::EventHandler::keyEvent): Correct the argument passed to the log function.
493
494 2017-10-15  Filip Pizlo  <fpizlo@apple.com>
495
496         Make some asserts into release asserts
497         https://bugs.webkit.org/show_bug.cgi?id=178324
498
499         Reviewed by Saam Barati.
500
501         No new tests because no change in behavior.
502         
503         This introduces some release asserts. Perf testing shows that it's neutral. So, we get some extra
504         safety without losing any perf.
505
506         * dom/ContainerNodeAlgorithms.cpp:
507         (WebCore::notifyChildNodeInserted):
508         * dom/Document.cpp:
509         (WebCore::Document::adoptNode):
510         (WebCore::Document::frameDestroyed):
511         (WebCore::Document::attachToCachedFrame):
512         (WebCore::Document::detachFromCachedFrame):
513         (WebCore::Document::prepareForDestruction):
514         (WebCore::Document::dispatchWindowEvent):
515         (WebCore::Document::dispatchWindowLoadEvent):
516         (WebCore::Document::applyQuickLookSandbox):
517         * dom/DocumentOrderedMap.cpp:
518         (WebCore::DocumentOrderedMap::add):
519         (WebCore::DocumentOrderedMap::remove):
520         (WebCore::DocumentOrderedMap::get const):
521         (WebCore:: const):
522         * dom/Node.cpp:
523         (WebCore::Node::~Node):
524         (WebCore::DidMoveToNewDocumentAssertionScope::~DidMoveToNewDocumentAssertionScope):
525         (WebCore::DidMoveToNewDocumentAssertionScope::didRecieveCall):
526         (WebCore::moveNodeToNewDocument):
527         (WebCore::moveShadowTreeToNewDocument):
528         (WebCore::Node::moveTreeToNewScope):
529         (WebCore::Node::didMoveToNewDocument):
530         (WebCore::Node::dispatchSubtreeModifiedEvent):
531         (WebCore::Node::dispatchDOMActivateEvent):
532
533 2017-10-16  Alejandro G. Castro  <alex@igalia.com>
534
535         Make RealtimeIncomingAudioSources and RealtimeOutgoingAudioSources port agnostic
536         https://bugs.webkit.org/show_bug.cgi?id=177928
537
538         Reviewed by Youenn Fablet.
539
540         Refactor the RealtimeIncomingAudioSource and RealtimeOutgoingAudioSource classes,
541         move the mac specific code to a different class. This way we can use them from
542         other ports.
543
544         No new tests, we are not adding new functionality just refactoring.
545
546         * CMakeLists.txt:
547         * WebCore.xcodeproj/project.pbxproj:
548         * platform/mediastream/RealtimeIncomingAudioSource.cpp: Copied from Source/WebCore/platform/mediastream/mac/RealtimeIncomingAudioSource.h. Just the port agnostic parts.
549         * platform/mediastream/RealtimeIncomingAudioSource.h: Copied from Source/WebCore/platform/mediastream/mac/RealtimeIncomingAudioSource.h. Ditto.
550         * platform/mediastream/RealtimeOutgoingAudioSource.cpp: Copied from Source/WebCore/platform/mediastream/mac/RealtimeOutgoingAudioSource.cpp. Ditto.
551         * platform/mediastream/RealtimeOutgoingAudioSource.h: Copied from Source/WebCore/platform/mediastream/mac/RealtimeOutgoingAudioSource.h. Ditto.
552         * platform/mediastream/mac/RealtimeIncomingAudioSourceCocoa.cpp: Added, it adds Cocoa code parts from original Source/WebCore/platform/mediastream/mac/RealtimeIncomingAudioSource.cpp.
553         (WebCore::RealtimeIncomingAudioSource::create): Moved this function from the RealtimeOutgoingAudioSource.cpp file to avoid including the Cocoa file there.
554         * platform/mediastream/mac/RealtimeIncomingAudioSourceCocoa.h: Added Cocoa code from original Source/WebCore/platform/mediastream/mac/RealtimeIncomingAudioSource.h.
555         * platform/mediastream/mac/RealtimeOutgoingAudioSourceCocoa.cpp: Added Cocoa code from original Source/WebCore/platform/mediastream/mac/RealtimeOutgoingAudioSource.cpp.
556         (WebCore::RealtimeOutgoingAudioSource::create): Moved this function from the RealtimeOutgoingAudioSource.cpp file to avoid including the Cocoa file there.
557         * platform/mediastream/mac/RealtimeOutgoingAudioSourceCocoa.h: Added Cocoa code from the original Source/WebCore/platform/mediastream/mac/RealtimeOutgoingAudioSource.h.
558
559 2017-10-16  Wenson Hsieh  <wenson_hsieh@apple.com>
560
561         Unreviewed, fix the tvOS build after r223340.
562
563         Add a new #define in PlatformPasteboardIOS.mm for item provider support, and guard usages of
564         WebItemProviderPasteboard using it.
565
566         * platform/ios/PlatformPasteboardIOS.mm:
567         (WebCore::pasteboardMayContainFilePaths):
568         (WebCore::PlatformPasteboard::readURL):
569
570 2017-10-16  Ryan Haddad  <ryanhaddad@apple.com>
571
572         Unreviewed, rolling out r223271.
573
574         This change introduced LayoutTest failures on WK1.
575
576         Reverted changeset:
577
578         "Use asynchronous ResourceHandleClient calls for WebKit1"
579         https://bugs.webkit.org/show_bug.cgi?id=160677
580         https://trac.webkit.org/changeset/223271
581
582 2017-10-16  Alejandro G. Castro  <alex@igalia.com>
583
584         Make RealtimeIncomingVideoSources and RealtimeOutgoingVideoSources port agnostic
585         https://bugs.webkit.org/show_bug.cgi?id=177869
586
587         Reviewed by Youenn Fablet.
588
589         Refactor the RealtimeIncomingVideoSource and RealtimeOutgoingVideoSource classes,
590         move the cocoa specific code to a different class. This way we can use them from
591         other ports.
592
593         No new functionality, just a refactor.
594
595         * CMakeLists.txt:
596         * WebCore.xcodeproj/project.pbxproj:
597         * platform/mediastream/RealtimeIncomingVideoSource.cpp: Moved from Source/WebCore/platform/mediastream/mac/RealtimeIncomingVideoSource.h. Just the port agnostic parts.
598         * platform/mediastream/RealtimeIncomingVideoSource.h: Moved from Source/WebCore/platform/mediastream/mac/RealtimeIncomingVideoSource.h. DItto
599         * platform/mediastream/RealtimeOutgoingVideoSource.cpp: Moved from Source/WebCore/platform/mediastream/mac/RealtimeOutgoingVideoSource.cpp. Ditto
600         * platform/mediastream/RealtimeOutgoingVideoSource.h: Moved from Source/WebCore/platform/mediastream/mac/RealtimeOutgoingVideoSource.h. Ditto
601         * platform/mediastream/mac/RealtimeIncomingVideoSourceMac.cpp: Added, it adds the Cocoa specific parts from Source/WebCore/platform/mediastream/mac/RealtimeIncomingVideoSource.cpp.
602         (WebCore::RealtimeIncomingVideoSource::create): Moved this function from the base class, it allows avoiding the include.
603         * platform/mediastream/mac/RealtimeIncomingVideoSourceCocoa.h: Added, cocoa dependent code from Source/WebCore/platform/mediastream/mac/RealtimeIncomingVideoSource.h.
604         (WebCore::RealtimeOutgoingVideoSource::create): Moved this funtion from the base class, now we can use the Cocoa create without including it in the base class.
605         * platform/mediastream/mac/RealtimeOutgoingVideoSourceCocoa.cpp: Added, cocoa dependent code.
606         * platform/mediastream/mac/RealtimeOutgoingVideoSourceCocoa.h: Added, cocoa dependent code.
607
608 2017-10-16  Manuel Rego Casasnovas  <rego@igalia.com>
609
610         Don't use intrinsic width if our container's width is zero
611         https://bugs.webkit.org/show_bug.cgi?id=178073
612
613         Reviewed by Sergio Villar Senin.
614
615         Based on Blink r173212 by <robhogan@gmail.com>.
616         https://chromium.googlesource.com/chromium/src/+/1592e8a1e8e56dfa6e5d709c50b129ae659c2fad
617
618         Since at least r798 we use a replaced element's intrinsic width
619         if its containing block has a width of zero. As a result our rendering
620         of width100percent-image.html has disagreed with all other browsers
621         and we display replaced elements when they should be invisible.
622
623         Test: fast/replaced/container-width-zero.html
624
625         * rendering/RenderBox.cpp:
626         (WebCore::RenderBox::computeReplacedLogicalWidthUsing const):
627         If our container has zero width then let our width be zero too.
628
629 2017-10-16  Wenson Hsieh  <wenson_hsieh@apple.com>
630
631         On ToT, event.dataTransfer.getData("text/uri-list") returns an empty string when dragging an image
632         https://bugs.webkit.org/show_bug.cgi?id=178301
633         <rdar://problem/34990050>
634
635         Reviewed by Darin Adler.
636
637         After r222656, we consider images on the pasteboard to be files. This causes DataTransfer.getData to return the
638         empty string for all types, which brings back https://bugs.webkit.org/show_bug.cgi?id=170637. To allow pages to
639         access the URL part of a dragged image, we exempt "text/uri-list" from our heurstics to hide pasteboard data
640         which may contain files, and return the URL as long as its protocol is either HTTP or HTTPS.
641
642         Tweaked an existing layout test to cover this scenario, as well as the scenario in which the dragged image links
643         to a file URL (in which case we should avoid exposing the data).
644
645         Test: editing/pasteboard/drag-drop-href-as-url.html
646               DataInteractionTests.DataTransferGetDataWhenDroppingImageWithHTTPURL
647
648         * dom/DataTransfer.cpp:
649         (WebCore::DataTransfer::getDataForItem const):
650
651         When the pasteboard contains files, allow data for "text/uri-list" to be returned, as long as the URL string has
652         a white-listed protocol (currently, this is just http and https).
653
654         (WebCore::DataTransfer::shouldSuppressGetAndSetDataToAvoidExposingFilePaths const):
655         (WebCore::DataTransfer::setData):
656         (WebCore::DataTransfer::types const):
657
658         When the pasteboard contains files, allow "text/uri-list" to be added, alongside the "Files" type, if it would
659         have been exposed in the list of safe DOM types.
660
661         * dom/DataTransfer.h:
662         * platform/Pasteboard.cpp:
663         (WebCore::Pasteboard::canExposeURLToDOMWhenPasteboardContainsFiles):
664
665         Add a new helper method to determine whether it is safe to expose an URL string as "text/uri-list" to bindings,
666         if the pasteboard contains files. While this currently checks whether or not the URL is in the HTTP family, we
667         may want to consider tweaking this to blacklist the "file" protocol instead, and allow all other valid URLs by
668         default.
669
670         * platform/Pasteboard.h:
671         * platform/PlatformPasteboard.h:
672         * platform/ios/PlatformPasteboardIOS.mm:
673         (WebCore::pasteboardMayContainFilePaths):
674         (WebCore::PlatformPasteboard::stringForType const):
675
676         Mark stringForType as const, and also teach stringForType to return the null string for the platform URL type if
677         the pasteboard might contain file paths.
678
679         (WebCore::PlatformPasteboard::typesSafeForDOMToReadAndWrite const):
680
681         Before coercing a platform type to "text/uri-list" when building the list of DOM-safe types, check that the
682         stringForType is not the empty string, in which case we don't expose the type to the DOM at all. This ensures
683         that in cases where the URL might reveal a file path, we don't advertise "text/uri-list" as a type. We adopt a
684         similar strategy on iOS.
685
686         (WebCore::PlatformPasteboard::stringForType): Deleted.
687         * platform/mac/PlatformPasteboardMac.mm:
688         (WebCore::pasteboardMayContainFilePaths):
689         (WebCore::PlatformPasteboard::stringForType const):
690         (WebCore::PlatformPasteboard::typesSafeForDOMToReadAndWrite const):
691         (WebCore::PlatformPasteboard::stringForType): Deleted.
692
693 2017-10-16  Frederic Wang  <fwang@igalia.com>
694
695         Use auto/nullptr in scrolling code
696         https://bugs.webkit.org/show_bug.cgi?id=178306
697
698         Reviewed by Carlos Garcia Campos.
699
700         This patch modifies the scrolling code to use the auto keyword when
701         possible. It also replaces '0' with 'nullptr' for the return value of
702         ScrollingStateTree::stateNodeForID.
703
704         No new tests, behavior unchanged.
705
706         * page/scrolling/AsyncScrollingCoordinator.cpp:
707         (WebCore::AsyncScrollingCoordinator::frameViewLayoutUpdated):
708         (WebCore::AsyncScrollingCoordinator::frameViewRootLayerDidChange):
709         (WebCore::AsyncScrollingCoordinator::requestScrollPositionUpdate):
710         (WebCore::AsyncScrollingCoordinator::frameViewForScrollingNode const):
711         (WebCore::AsyncScrollingCoordinator::updateScrollPositionAfterAsyncScroll):
712         (WebCore::AsyncScrollingCoordinator::reconcileScrollingState):
713         (WebCore::AsyncScrollingCoordinator::updateFrameScrollingNode):
714         (WebCore::AsyncScrollingCoordinator::updateOverflowScrollingNode):
715         (WebCore::AsyncScrollingCoordinator::updateNodeLayer):
716         (WebCore::AsyncScrollingCoordinator::updateNodeViewportConstraints):
717         (WebCore::AsyncScrollingCoordinator::setSynchronousScrollingReasons):
718         (WebCore::AsyncScrollingCoordinator::updateScrollLayerPosition):
719         (WebCore::AsyncScrollingCoordinator::setActiveScrollSnapIndices):
720         * page/scrolling/ScrollingCoordinator.cpp:
721         (WebCore::ScrollingCoordinator::coordinatesScrollingForFrameView const):
722         (WebCore::ScrollingCoordinator::absoluteEventTrackingRegionsForFrame const):
723         (WebCore::ScrollingCoordinator::scrollLayerForFrameView):
724         (WebCore::ScrollingCoordinator::headerLayerForFrameView):
725         (WebCore::ScrollingCoordinator::footerLayerForFrameView):
726         (WebCore::ScrollingCoordinator::counterScrollingLayerForFrameView):
727         (WebCore::ScrollingCoordinator::insetClipLayerForFrameView):
728         (WebCore::ScrollingCoordinator::contentShadowLayerForFrameView):
729         (WebCore::ScrollingCoordinator::rootContentLayerForFrameView):
730         (WebCore::ScrollingCoordinator::handleWheelEventPhase):
731         (WebCore::ScrollingCoordinator::hasVisibleSlowRepaintViewportConstrainedObjects const):
732         (WebCore::ScrollingCoordinator::updateSynchronousScrollingReasonsForAllFrames):
733         (WebCore::ScrollingCoordinator::synchronousScrollingReasonsAsText const):
734         * page/scrolling/ScrollingStateFixedNode.cpp:
735         (WebCore::ScrollingStateFixedNode::reconcileLayerPositionForViewportRect):
736         * page/scrolling/ScrollingStateStickyNode.cpp:
737         (WebCore::ScrollingStateStickyNode::reconcileLayerPositionForViewportRect):
738         * page/scrolling/ScrollingStateTree.cpp:
739         (WebCore::ScrollingStateTree::nodeTypeAndParentMatch const):
740         (WebCore::ScrollingStateTree::attachNode):
741         (WebCore::ScrollingStateTree::detachNode):
742         (WebCore::ScrollingStateTree::removeNodeAndAllDescendants):
743         (WebCore::ScrollingStateTree::stateNodeForID const):
744         * page/scrolling/ScrollingTree.cpp:
745         (WebCore::ScrollingTree::shouldHandleWheelEventSynchronously):
746         (WebCore::ScrollingTree::viewportChangedViaDelegatedScrolling):
747         (WebCore::ScrollingTree::scrollPositionChangedViaDelegatedScrolling):
748         (WebCore::ScrollingTree::commitTreeState):
749         (WebCore::ScrollingTree::updateTreeFromStateNode):
750         * page/scrolling/ScrollingTreeNode.cpp:
751         (WebCore::ScrollingTreeNode::enclosingFrameNode const):
752         * page/scrolling/coordinatedgraphics/ScrollingCoordinatorCoordinatedGraphics.cpp:
753         (WebCore::ScrollingCoordinatorCoordinatedGraphics::detachFromStateTree):
754         (WebCore::ScrollingCoordinatorCoordinatedGraphics::updateNodeLayer):
755         (WebCore::ScrollingCoordinatorCoordinatedGraphics::updateNodeViewportConstraints):
756         (WebCore::ScrollingCoordinatorCoordinatedGraphics::scrollableAreaScrollLayerDidChange):
757         (WebCore::ScrollingCoordinatorCoordinatedGraphics::willDestroyScrollableArea):
758
759 2017-10-16  Fujii Hironori  <Hironori.Fujii@sony.com>
760
761         A lot of "Can't stat WebCore/animation: No such file or directory" since r223328
762         https://bugs.webkit.org/show_bug.cgi?id=178326
763
764         Unreviewed build fix
765
766         The directory WebCore/animation was removed in r223328.
767
768         No new tests because there is no behavior change.
769
770         * CMakeLists.txt: Removed animation from
771         WebCore_INCLUDE_DIRECTORIES and WebCore_IDL_INCLUDES.
772         * DerivedSources.make: Removed animation from VPATH and IDL_INCLUDES
773
774 2017-10-16  Frederic Wang  <fwang@igalia.com>
775
776         Replace some ScrollingTreeNode::nodeType() calls with is*Node()
777         https://bugs.webkit.org/show_bug.cgi?id=178259
778
779         Reviewed by Darin Adler.
780
781         No new tests, behavior unchanged.
782
783         * page/scrolling/AsyncScrollingCoordinator.cpp:
784         (WebCore::AsyncScrollingCoordinator::frameViewForScrollingNode const):
785         * page/scrolling/ScrollingStateNode.h:
786         (WebCore::ScrollingStateNode::isScrollingNode const):
787         * page/scrolling/ScrollingTree.cpp:
788         (WebCore::ScrollingTree::updateTreeFromStateNode):
789         * page/scrolling/ScrollingTreeNode.cpp:
790         (WebCore::ScrollingTreeNode::enclosingFrameNode const):
791         * page/scrolling/ScrollingTreeNode.h:
792         (WebCore::ScrollingTreeNode::isScrollingNode const):
793
794 2017-10-16  Tomas Popela  <tpopela@redhat.com>
795
796         DataTransfer.cpp triggers -Wunused-but-set-variable
797         https://bugs.webkit.org/show_bug.cgi?id=178209
798
799         Reviewed by Wenson Hsieh.
800
801         Use the ASSERT_UNUSED to silence it.
802
803         * dom/DataTransfer.cpp:
804         (WebCore::DataTransfer::filesFromPasteboardAndItemList const):
805
806 2017-10-15  Sam Weinig  <sam@webkit.org>
807
808         [Settings] Split non-macro generated parts of Settings into SettingsBase base class
809         https://bugs.webkit.org/show_bug.cgi?id=178321
810
811         Reviewed by Darin Adler.
812
813         Working towards getting generated Settings working again, but in smaller patches, split
814         non-generated part off into SettingsBase as a first step.
815         
816         One function, effectiveFrameFlattening(), needs to remain in Settings for now, as it directly
817         references a macro generated function, frameFlattening().
818
819         * CMakeLists.txt:
820         * WebCore.xcodeproj/project.pbxproj:
821         * page/Page.h:
822         * page/Settings.cpp:
823         * page/Settings.h:
824         * page/SettingsBase.h: Copied from Source/WebCore/page/Settings.h.
825         * page/cocoa/SettingsBaseCocoa.mm: Copied from Source/WebCore/page/cocoa/SettingsCocoa.mm.
826         * page/cocoa/SettingsCocoa.mm: Removed.
827
828 2017-10-15  Yusuke Suzuki  <utatane.tea@gmail.com>
829
830         [JSC] Perform module specifier validation at parsing time
831         https://bugs.webkit.org/show_bug.cgi?id=178256
832
833         Reviewed by Darin Adler.
834
835         No behavior change in the current implementation.
836
837         * bindings/js/JSDOMWindowBase.cpp:
838         (WebCore::JSDOMWindowBase::moduleLoaderResolve):
839         * bindings/js/JSDOMWindowBase.h:
840         * bindings/js/ScriptModuleLoader.cpp:
841         (WebCore::ScriptModuleLoader::resolve):
842         * bindings/js/ScriptModuleLoader.h:
843
844 2017-10-15  Chris Dumez  <cdumez@apple.com>
845
846         DOMTokenList shouldn't add empty attributes
847         https://bugs.webkit.org/show_bug.cgi?id=178280
848         <rdar://problem/34987431>
849
850         Reviewed by Ryosuke Niwa.
851
852         Follow-up to r223306, reverse the check conditions to avoid attribute
853         lookup when possible. Also use m_tokens instead of tokens() to avoid
854         unnecessary branch.
855
856         * html/DOMTokenList.cpp:
857         (WebCore::DOMTokenList::updateAssociatedAttributeFromTokens):
858
859 2017-10-15  Darin Adler  <darin@apple.com>
860
861         UTF-8 decoding produces one replacement character per byte; Encoding standard requires one replacement character per illegal sequence instead
862         https://bugs.webkit.org/show_bug.cgi?id=178207
863
864         Reviewed by Sam Weinig.
865
866         * platform/text/TextCodecUTF8.cpp:
867         (WebCore::TextCodecUTF8::create): Deleted. Use a lambda instead.
868         (WebCore::TextCodecUTF8::registerCodecs): Use a lambda.
869         (WebCore::nonASCIISequenceLength): Changed to return 0 instead of 2 for the range 80-C1 since
870         none of those are valid sequence leading characters.
871         (WebCore::decodeNonASCIISequence): Changed the length argument to be in/out so the caller
872         knows how much of the sequence we decoded for failure cases. Simplified the length 2 section.
873         (WebCore::TextCodecUTF8::handleError): Deleted.
874         (WebCore::TextCodecUTF8::handlePartialSequence): Changed this into a pair of plain functions
875         rather than two template function specializations since the two functions are rather different.
876         For the one-byte version, got rid of the unused arguments. For the two-byte version, got rid
877         of the ignored return value, stopped using the handleError function since each error case
878         needs to be handled differently. In each error case consume the entire incorrect sequence
879         instead of just one byte.
880         (WebCore::TextCodecUTF8::decode): Updated for the above change, and changed the non-partial
881         incorrect sequence to consume the entire incorrect sequence instead of just one byte. Also
882         use WTF prefixes explicitly so we don't  have to do "using namespace".
883         (WebCore::TextCodecUTF8::encode): Got rid of unneeded type punning, and added some inline
884         capacity to save one memory allocation when encoding shorter strings.
885
886         * platform/text/TextCodecUTF8.h: Use pragma once. Intialize m_partialSequenceSize where it
887         is defined and let the compiler generate the constructor. Updated for the changes above.
888
889         * platform/text/TextEncoding.h: Export a constructor now used by a unit test.
890         * platform/text/TextEncodingRegistry.h: Export newTextCodec, now used by a unit test.
891
892 2017-10-14  Antoine Quint  <graouts@apple.com>
893
894         Remove all Web Animations code
895         https://bugs.webkit.org/show_bug.cgi?id=178273
896
897         Reviewed by Sam Weinig.
898
899         We remove all existing code related to Web Animations which does not include any functionality,
900         only stubs. This leaves the build and runtime flags, we'll start a complete implementation from
901         scratch.
902
903         * CMakeLists.txt:
904         * DerivedSources.make:
905         * WebCore.xcodeproj/project.pbxproj:
906         * animation/Animatable.idl: Removed.
907         * animation/AnimationEffect.cpp: Removed.
908         * animation/AnimationEffect.h: Removed.
909         * animation/AnimationEffect.idl: Removed.
910         * animation/AnimationTimeline.cpp: Removed.
911         * animation/AnimationTimeline.h: Removed.
912         * animation/AnimationTimeline.idl: Removed.
913         * animation/DocumentAnimation.cpp: Removed.
914         * animation/DocumentAnimation.h: Removed.
915         * animation/DocumentAnimation.idl: Removed.
916         * animation/DocumentTimeline.cpp: Removed.
917         * animation/DocumentTimeline.h: Removed.
918         * animation/DocumentTimeline.idl: Removed.
919         * animation/KeyframeEffect.cpp: Removed.
920         * animation/KeyframeEffect.h: Removed.
921         * animation/KeyframeEffect.idl: Removed.
922         * animation/WebAnimation.cpp: Removed.
923         * animation/WebAnimation.h: Removed.
924         * animation/WebAnimation.idl: Removed.
925         * bindings/js/JSAnimationTimelineCustom.cpp: Removed.
926         * bindings/js/JSBindingsAllInOne.cpp:
927         * bindings/js/WebCoreBuiltinNames.h:
928         * dom/Element.cpp:
929         (WebCore::Element::getAnimations): Deleted.
930         * dom/Element.h:
931         * dom/Element.idl:
932
933 2017-10-14  Devin Rousso  <webkit@devinrousso.com>
934
935         Web Inspector: provide a way to enable/disable event listeners
936         https://bugs.webkit.org/show_bug.cgi?id=177451
937
938         Reviewed by Joseph Pecoraro.
939
940         Test: inspector/dom/setEventListenerDisabled.html
941
942         * dom/EventTarget.cpp:
943         (WebCore::EventTarget::fireEventListeners):
944         Add InspectorInstrumentation call to isEventListenerDisabled. If true, the event listener's
945         callback will not be called.
946
947         * inspector/InspectorDOMAgent.h:
948         * inspector/InspectorDOMAgent.cpp:
949         (WebCore::InspectorDOMAgent::discardBindings):
950         (WebCore::InspectorDOMAgent::getEventListenersForNode):
951         (WebCore::InspectorDOMAgent::setEventListenerDisabled):
952         (WebCore::InspectorDOMAgent::buildObjectForEventListener):
953         (WebCore::InspectorDOMAgent::willRemoveEventListener):
954         (WebCore::InspectorDOMAgent::isEventListenerDisabled):
955         Introduce a mapping of `EventListener*` to `InspectorEventListener`, a struct for uniquely
956         identifying event listeners so they can be referenced from the frontend. We only add items
957         to this mapping when `getEventListenersForNode` is called, as that is when EventListener
958         data is sent to the frontend. This allows us to defer creating an Inspector "mirror" object
959         for each EventListener until it is needed. Items are removed whenever an event listener is
960         removed or when the document changes.
961
962         * inspector/InspectorInstrumentation.h:
963         (WebCore::InspectorInstrumentation::isEventListenerDisabled):
964         * inspector/InspectorInstrumentation.cpp:
965         (WebCore::InspectorInstrumentation::willRemoveEventListenerImpl):
966         (WebCore::InspectorInstrumentation::isEventListenerDisabledImpl):
967         Pass additional parameters to InspectorDOMAgent so it can determine if the event listener
968         actually exists. If not, don't dispatch an event to the frontend as nothing will change.
969
970 2017-10-14  Sam Weinig  <sam@webkit.org>
971
972         Remove HashCountedSet's copyToVector functions
973         https://bugs.webkit.org/show_bug.cgi?id=178215
974
975         Reviewed by Daniel Bates.
976
977         * page/DeviceController.cpp:
978         (WebCore::DeviceController::dispatchDeviceEvent):
979         (WebCore::DeviceController::fireDeviceEvent):
980         
981             Replace use of HashCountedSet's copyToVector functions with copyToVector(hashCountedSet.values()).
982
983 2017-10-13  Jer Noble  <jer.noble@apple.com>
984
985         Performance: Skip texture upload if source image and destination texture haven't changed
986         https://bugs.webkit.org/show_bug.cgi?id=178254
987         <rdar://problem/34968181>
988
989         Reviewed by Dean Jackson.
990
991         Update GraphicsContext3D to track which texture is bound to which texture unit, and also to
992         track when those bound textures have their backing stores modified. This new "seed" value
993         will be used to determine whether a given texture which has previously had image data
994         uploaded to it needs to be re-updated.
995
996         In VideoTextureCopierCV, track whether the texture's seed changed, whether the IOSurface is
997         the same,  whether the IOSurface's seed has changed, and whether the "flipY" parameter
998         changed since the last time the copier was asked to upload to the texture.
999
1000         * platform/graphics/GraphicsContext3D.h:
1001         (WebCore::GraphicsContext3D::textureSeed):
1002         (WebCore::GraphicsContext3D::GraphicsContext3DState::currentBoundTexture):
1003         (WebCore::GraphicsContext3D::GraphicsContext3DState::boundTexture):
1004         (WebCore::GraphicsContext3D::GraphicsContext3DState::setBoundTexture):
1005         * platform/graphics/cv/VideoTextureCopierCV.cpp:
1006         (WebCore::VideoTextureCopierCV::copyImageToPlatformTexture):
1007         * platform/graphics/cv/VideoTextureCopierCV.h:
1008         (WebCore::VideoTextureCopierCV::lastTextureSeed):
1009         * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
1010         (WebCore::GraphicsContext3D::prepareTexture):
1011         (WebCore::GraphicsContext3D::bindTexture):
1012         (WebCore::GraphicsContext3D::texStorage2D):
1013         (WebCore::GraphicsContext3D::texStorage3D):
1014         (WebCore::GraphicsContext3D::framebufferTexture2D):
1015         (WebCore::GraphicsContext3D::texSubImage2D):
1016         (WebCore::GraphicsContext3D::compressedTexImage2D):
1017         (WebCore::GraphicsContext3D::compressedTexSubImage2D):
1018         (WebCore::GraphicsContext3D::createTexture):
1019         (WebCore::GraphicsContext3D::deleteTexture):
1020         (WebCore::GraphicsContext3D::texImage2DDirect):
1021
1022 2017-10-13  Per Arne Vollan  <pvollan@apple.com>
1023
1024         [Win] When built with VS2017, MiniBrowser crashes on startup.
1025         https://bugs.webkit.org/show_bug.cgi?id=175209
1026
1027         Reviewed by Daniel Bates.
1028
1029         Generated StaticStringImpl objects are not initialized compile-time with VS2017.
1030         When compiling with VS2017, the global, static, StaticStringImpl objects needs to
1031         be defined with the constexpr specifier, in order for the objects to be initialized
1032         at compile time. Since the StaticStringImpl objects will be const then, we need to
1033         be able to create an AtomicString object from a const StaticStringImpl object. 
1034         This constructor has been added to the AtomicString class.
1035
1036         No new tests, covered by existing tests. 
1037
1038         * bindings/scripts/StaticString.pm:
1039         (GenerateStrings):
1040         (GenerateStringAsserts):
1041         * dom/QualifiedName.cpp:
1042         (WebCore::createQualifiedName):
1043         * dom/QualifiedName.h:
1044         * dom/make_names.pl:
1045         (printDefinitions):
1046
1047 2017-10-13  Brent Fulgham  <bfulgham@apple.com>
1048
1049         Protect FrameView during style calculations
1050         https://bugs.webkit.org/show_bug.cgi?id=178300
1051         <rdar://problem/34869329>
1052
1053         Reviewed by Ryosuke Niwa.
1054
1055         Protect the FrameView during layout and style updates in case arbitrary script
1056         is run that might clear it.
1057
1058         Test: fast/html/marquee-reparent-check.html
1059
1060         * page/FrameView.cpp:
1061         (WebCore::FrameView::updateLayoutAndStyleIfNeededRecursive):
1062
1063 2017-10-13  Per Arne Vollan  <pvollan@apple.com>
1064
1065         Crash under ResourceHandleCFURLConnectionDelegateWithOperationQueue::didSendBodyData
1066         https://bugs.webkit.org/show_bug.cgi?id=178279
1067
1068         Reviewed by Alex Christensen.
1069
1070         Check if the connection is valid before calling ResourceHandleClient::didSendData.
1071
1072         No new tests, covered by existing tests.
1073
1074         * platform/network/cf/ResourceHandleCFURLConnectionDelegateWithOperationQueue.cpp:
1075         (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didSendBodyData):
1076
1077 2017-10-13  Brent Fulgham  <bfulgham@apple.com>
1078
1079         CMD+R / CMD+Q keyboard shortcuts are treated as user interaction with page
1080         https://bugs.webkit.org/show_bug.cgi?id=178183
1081         <rdar://problem/33327730>
1082
1083         Reviewed by Ryosuke Niwa.
1084
1085         Key events are granted user interaction credit (in terms of updating the last time of user
1086         interaction), even if the key event was not handled. Instead, we should defer granting
1087         access until the key event has been handled.
1088         
1089         Add a new default constructor argument to UserGestureIndicator to be used when handling key
1090         events, so we can delay a decision about whether to grant ResourceLoadStatistics
1091         'hasHadUserInteraction' until we confirm that the event was handled by the page.
1092
1093         This change does not affect other aspects of user interaction.
1094
1095         Tests: fast/events
1096                http/tests/resourceLoadStatistics/prevalent-resource-handled-keydown.html
1097                http/tests/resourceLoadStatistics/prevalent-resource-unhandled-keydown.html
1098
1099         * dom/UserGestureIndicator.cpp:
1100         (WebCore::UserGestureIndicator::UserGestureIndicator): Add check based on constructor argument.
1101         Also: Drive by fix to avoid calling 'currentToken' when not on the main thread.
1102         * dom/UserGestureIndicator.h:
1103         * page/EventHandler.cpp:
1104         (WebCore::EventHandler::keyEvent): If the key event was handled, grant user interaction credit
1105         for ResourceLoadStatistics processing.
1106         (WebCore::EventHandler::internalKeyEvent): Use the new UserGestureIndicator constructor argument.
1107
1108 2017-10-13  Chris Dumez  <cdumez@apple.com>
1109
1110         DOMTokenList shouldn't add empty attributes
1111         https://bugs.webkit.org/show_bug.cgi?id=178280
1112
1113         Reviewed by Ryosuke Niwa.
1114
1115         DOMTokenList shouldn't add empty attributes after:
1116         - https://github.com/whatwg/dom/pull/488
1117
1118         Firefox and Chrome follow the latest spec.
1119
1120         No new tests, updating existing test.
1121
1122         * html/DOMTokenList.cpp:
1123         (WebCore::DOMTokenList::updateAssociatedAttributeFromTokens):
1124         Implement the first step of https://dom.spec.whatwg.org/#concept-dtl-update
1125
1126 2017-10-13  Jer Noble  <jer.noble@apple.com>
1127
1128         Unreviewed build fix; wrap more functions in USE(IOSURFACE) so that
1129         they do not generate "unused function" errors.
1130
1131         * platform/graphics/cv/VideoTextureCopierCV.cpp:
1132
1133 2017-10-13  Jer Noble  <jer.noble@apple.com>
1134
1135         One last unreviewed build fix; since the IOSurface APIs don't exist at
1136         all on the simulator, just wrap the entirety of the implementation of
1137         copyImageToPlatformTexture() in a #if USE(IOSURFACE) check.
1138
1139         * platform/graphics/cv/VideoTextureCopierCV.cpp:
1140         (WebCore::VideoTextureCopierCV::copyImageToPlatformTexture):
1141
1142 2017-10-13  Jer Noble  <jer.noble@apple.com>
1143
1144         Unreviewed build fix for the previous build fix; use the right PAL path for IOSurfaceSPI.h.
1145
1146         * platform/graphics/cv/VideoTextureCopierCV.cpp:
1147
1148 2017-10-13  Jer Noble  <jer.noble@apple.com>
1149
1150         Unreviewed build fix; add definitions for IOSurface methods missing on some platforms.
1151
1152         * platform/graphics/cv/VideoTextureCopierCV.cpp:
1153
1154 2017-10-13  Alex Christensen  <achristensen@webkit.org>
1155
1156         Remove Editor::simplifyMarkup
1157         https://bugs.webkit.org/show_bug.cgi?id=178271
1158
1159         Reviewed by Wenson Hsieh.
1160
1161         An API test became flaky, and it turns out this isn't used anywhere, so let's remove it!
1162         It was used in Mountain Lion, Mavericks, and Yosemite, but not since then.
1163         See <rdar://problem/10726177>
1164
1165         * editing/Editor.cpp:
1166         (WebCore::Editor::simplifyMarkup): Deleted.
1167         * editing/Editor.h:
1168
1169 2017-10-13  Jer Noble  <jer.noble@apple.com>
1170
1171         Unreviewed build fix; forward declare the type of IOSurfaceRef.
1172
1173         * platform/cocoa/CoreVideoSoftLink.cpp:
1174         * platform/cocoa/CoreVideoSoftLink.h:
1175
1176 2017-10-13  Jer Noble  <jer.noble@apple.com>
1177
1178         Unreviewed build fix; add soft link macros for newly called CoreVideo methods.
1179
1180         * platform/cocoa/CoreVideoSoftLink.cpp:
1181         * platform/cocoa/CoreVideoSoftLink.h:
1182
1183 2017-10-13  Jer Noble  <jer.noble@apple.com>
1184
1185         Unreviewed build fix; add UNUSED_PARAM macros.
1186
1187         * platform/graphics/cocoa/GraphicsContext3DCocoa.mm:
1188         (WebCore::GraphicsContext3D::texImageIOSurface2D):
1189
1190 2017-10-13  Jer Noble  <jer.noble@apple.com>
1191
1192         Performance: do pixel conformance and texturing in a single step.
1193         https://bugs.webkit.org/show_bug.cgi?id=178219
1194         <rdar://problem/34937237>
1195
1196         Reviewed by Dean Jackson.
1197
1198         No new tests; performance improvements should have no behavior change.
1199
1200         Rather than asking the VTDecompressionSession to conform the output CVPixelBuffer into a
1201         pixel format compatible with OpenGL (& ES), don't constrain the output at all, and only do a
1202         conformance step if the output is not already compatible with OpenGL. This eliminates one
1203         copy (in hardware) operation.
1204
1205         Move the TextureCacheCV object into VideoTextureCopierCV; it will be conditionally used to
1206         create the texture if the pixel buffer is compatible.
1207
1208         Refactor copyVideoTextureToPlatformTexture(CVOpenGLTextureRef) in VideoTextureCopierCV. The
1209         new entry point, copyImageToPlatformTexture(), will attempt to use the texture cache first,
1210         and call a new common copyVideoTextureToPlatformTexture(Platform3DObject) with the result.
1211
1212         The new copyImageToPlatformTexture() will pull planar YUV frames into two textures, and combine
1213         the two with a color transfer function when drawing to the output texture.
1214
1215         * platform/graphics/GraphicsContext3D.h:
1216         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
1217         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::copyVideoTextureToPlatformTexture):
1218         * platform/graphics/cocoa/GraphicsContext3DCocoa.mm:
1219         (WebCore::GraphicsContext3D::texImageIOSurface2D):
1220         * platform/graphics/cocoa/WebCoreDecompressionSession.mm:
1221         (WebCore::WebCoreDecompressionSession::ensureDecompressionSessionForSample):
1222         * platform/graphics/cv/TextureCacheCV.h:
1223         * platform/graphics/cv/TextureCacheCV.mm:
1224         (WebCore::TextureCacheCV::textureFromImage):
1225         * platform/graphics/cv/VideoTextureCopierCV.cpp:
1226         (WebCore::pixelRangeFromPixelFormat):
1227         (WebCore::transferFunctionFromString):
1228         (WebCore::YCbCrToRGBMatrixForRangeAndTransferFunction):
1229         (WebCore::VideoTextureCopierCV::~VideoTextureCopierCV):
1230         (WebCore::VideoTextureCopierCV::initializeUVContextObjects):
1231         (WebCore::VideoTextureCopierCV::copyImageToPlatformTexture):
1232         (WebCore::VideoTextureCopierCV::copyVideoTextureToPlatformTexture):
1233         * platform/graphics/cv/VideoTextureCopierCV.h:
1234
1235 2017-10-13  Romain Bellessort  <romain.bellessort@crf.canon.fr>
1236
1237         [Readable Streams API] Align queue with spec for ReadableStreamDefaultController
1238         https://bugs.webkit.org/show_bug.cgi?id=178082
1239
1240         Reviewed by Xabier Rodriguez-Calvar.
1241
1242         Implemented new queue behavior for dequeueValue (used by ReadableStreamDefaultController),
1243         which fixes rounding errors (as described in https://github.com/whatwg/streams/pull/661).
1244         Also aligned ReadableByteStreamController queue so that both queues are implemented in
1245         the same way.
1246
1247         No new tests (covered by existing tests, especially WPT tests that now pass).
1248
1249         * Modules/streams/ReadableByteStreamInternals.js:
1250         (privateInitializeReadableByteStreamController): Aligned queue with RSDC.
1251         (readableByteStreamControllerCancel): Aligned queue with RSDC.
1252         (readableByteStreamControllerError): Aligned queue with RSDC.
1253         (readableByteStreamControllerClose): Aligned queue with RSDC.
1254         (readableByteStreamControllerHandleQueueDrain): Aligned queue with RSDC.
1255         (readableByteStreamControllerPull): Aligned queue with RSDC.
1256         (readableByteStreamControllerEnqueue): Aligned queue with RSDC.
1257         (readableByteStreamControllerEnqueueChunk): Aligned queue with RSDC.
1258         (readableByteStreamControllerProcessPullDescriptors): Aligned queue with RSDC.
1259         (readableByteStreamControllerFillDescriptorFromQueue): Aligned queue with RSDC.
1260         (readableByteStreamControllerPullInto): Aligned queue with RSDC.
1261         * Modules/streams/StreamInternals.js:
1262         (dequeueValue): Updated to match spec.
1263         * bindings/js/WebCoreBuiltinNames.h: Removed now useless "totalQueuedBytes".
1264
1265 2017-10-13  Wenson Hsieh  <wenson_hsieh@apple.com>
1266
1267         "text/html" data is not exposed when dragging and dropping across origins
1268         https://bugs.webkit.org/show_bug.cgi?id=178253
1269         <rdar://problem/34971203>
1270
1271         Reviewed by Ryosuke Niwa.
1272
1273         Minor tweak to DataTransfer::setDataFromItemList to allow "text/html" written from bindings to transfer across
1274         origins without requiring a sanitized representation. Currently, sanitizedData is null, which limits "text/html"
1275         to being treated as custom data, inaccessible across origins. We should instead treat markup supplied via
1276         bindings the same way as we do "text/plain" supplied via bindings.
1277
1278         Modified Tests: editing/pasteboard/data-transfer-set-data-sanitize-url-when-copying-in-null-origin.html
1279                         editing/pasteboard/data-transfer-set-data-sanitize-url-when-dragging-in-null-origin.html
1280
1281         * dom/DataTransfer.cpp:
1282         (WebCore::DataTransfer::setDataFromItemList):
1283
1284 2017-10-12  Brady Eidson  <beidson@apple.com>
1285
1286         SW "Hello world".
1287         https://bugs.webkit.org/show_bug.cgi?id=178187
1288
1289         Reviewed by Andy Estes.
1290
1291         No new tests (Covered by changes to existing tests).
1292
1293         With this patch, SW scripts are actually compiled and run inside a ServiceWorkerGlobalScope environment
1294         in the SW context process.
1295
1296         * WebCore.xcodeproj/project.pbxproj:
1297
1298         * bindings/js/WorkerScriptController.cpp:
1299         (WebCore::WorkerScriptController::initScript):
1300
1301         * dom/EventTargetFactory.in:
1302
1303         * workers/WorkerGlobalScope.h:
1304         (WebCore::WorkerGlobalScope::isServiceWorkerGlobalScope const):
1305
1306         * workers/service/ServiceWorkerContextData.cpp: Copied from Source/WebCore/workers/service/ServiceWorkerGlobalScope.cpp.
1307         (WebCore::ServiceWorkerContextData::isolatedCopy const):
1308         * workers/service/ServiceWorkerContextData.h:
1309         (WebCore::ServiceWorkerContextData::encode const):
1310         (WebCore::ServiceWorkerContextData::decode):
1311
1312         * workers/service/ServiceWorkerGlobalScope.cpp:
1313         (WebCore::ServiceWorkerGlobalScope::ServiceWorkerGlobalScope):
1314         (WebCore::ServiceWorkerGlobalScope::~ServiceWorkerGlobalScope):
1315         (WebCore::ServiceWorkerGlobalScope::registration):
1316         (WebCore::ServiceWorkerGlobalScope::eventTargetInterface const):
1317         * workers/service/ServiceWorkerGlobalScope.h:
1318         (WebCore::ServiceWorkerGlobalScope::create):
1319         (WebCore::ServiceWorkerGlobalScope::serverConnectionIdentifier const):
1320
1321         * workers/service/context/SWContextManager.cpp: Copied from Source/WebCore/workers/service/ServiceWorkerGlobalScope.cpp.
1322         (WebCore::SWContextManager::singleton):
1323         (WebCore::SWContextManager::SWContextManager):
1324         (WebCore::SWContextManager::startServiceWorkerContext):
1325         * workers/service/context/SWContextManager.h: Copied from Source/WebCore/workers/service/ServiceWorkerGlobalScope.h.
1326
1327         * workers/service/context/ServiceWorkerThread.cpp: Added.
1328         (WebCore::ServiceWorkerThreadProxy::sharedDummyProxy):
1329         (WebCore::ServiceWorkerThread::ServiceWorkerThread):
1330         (WebCore::m_workerObjectProxy):
1331         (WebCore::ServiceWorkerThread::~ServiceWorkerThread):
1332         (WebCore::ServiceWorkerThread::createWorkerGlobalScope):
1333         (WebCore::ServiceWorkerThread::runEventLoop):
1334         * workers/service/context/ServiceWorkerThread.h: Copied from Source/WebCore/workers/service/ServiceWorkerGlobalScope.h.
1335         (WebCore::ServiceWorkerThread::create):
1336         (WebCore::ServiceWorkerThread::workerObjectProxy const):
1337
1338         * workers/service/server/SWServer.cpp:
1339         (WebCore::SWServer::createWorker):
1340
1341 2017-10-12  Alex Christensen  <achristensen@webkit.org>
1342
1343         Use asynchronous ResourceHandleClient calls for WebKit1
1344         https://bugs.webkit.org/show_bug.cgi?id=160677
1345
1346         Reviewed by Brady Eidson.
1347
1348         Covered by existing tests.
1349
1350         * PlatformAppleWin.cmake:
1351         * PlatformMac.cmake:
1352         * WebCore.xcodeproj/project.pbxproj:
1353         * loader/ResourceLoader.cpp:
1354         (WebCore::ResourceLoader::willSendRequestAsync):
1355         (WebCore::ResourceLoader::didReceiveResponseAsync):
1356         (WebCore::ResourceLoader::canAuthenticateAgainstProtectionSpaceAsync):
1357         * loader/ResourceLoader.h:
1358         * loader/appcache/ApplicationCacheGroup.cpp:
1359         (WebCore::ApplicationCacheGroup::didReceiveResponseAsync):
1360         (WebCore::ApplicationCacheGroup::willSendRequestAsync):
1361         (WebCore::ApplicationCacheGroup::canAuthenticateAgainstProtectionSpaceAsync):
1362         (WebCore::ApplicationCacheGroup::didReceiveResponse): Deleted.
1363         * loader/appcache/ApplicationCacheGroup.h:
1364         * platform/network/BlobResourceHandle.cpp:
1365         (WebCore::BlobResourceHandle::continueDidReceiveResponse):
1366         (WebCore::BlobResourceHandle::getSizeForNext):
1367         (WebCore::BlobResourceHandle::notifyResponseOnSuccess):
1368         (WebCore::BlobResourceHandle::notifyResponseOnError):
1369         * platform/network/PingHandle.h:
1370         * platform/network/ResourceHandle.cpp:
1371         (WebCore::ResourceHandle::didReceiveResponse):
1372         (WebCore::ResourceHandle::usesAsyncCallbacks): Deleted.
1373         * platform/network/ResourceHandle.h:
1374         * platform/network/ResourceHandleClient.cpp:
1375         (WebCore::ResourceHandleClient::~ResourceHandleClient):
1376         (WebCore::ResourceHandleClient::willSendRequest): Deleted.
1377         (WebCore::ResourceHandleClient::willSendRequestAsync): Deleted.
1378         (WebCore::ResourceHandleClient::didReceiveResponseAsync): Deleted.
1379         (WebCore::ResourceHandleClient::canAuthenticateAgainstProtectionSpaceAsync): Deleted.
1380         * platform/network/ResourceHandleClient.h:
1381         (WebCore::ResourceHandleClient::didReceiveAuthenticationChallenge):
1382         (WebCore::ResourceHandleClient::didReceiveResponse): Deleted.
1383         (WebCore::ResourceHandleClient::usesAsyncCallbacks): Deleted.
1384         (WebCore::ResourceHandleClient::canAuthenticateAgainstProtectionSpace): Deleted.
1385         * platform/network/ResourceHandleInternal.h:
1386         (WebCore::ResourceHandleInternal::ResourceHandleInternal):
1387         * platform/network/SynchronousLoaderClient.cpp:
1388         (WebCore::SynchronousLoaderClient::willSendRequestAsync):
1389         (WebCore::SynchronousLoaderClient::canAuthenticateAgainstProtectionSpaceAsync):
1390         (WebCore::SynchronousLoaderClient::didReceiveResponseAsync):
1391         (WebCore::SynchronousLoaderClient::didFinishLoading):
1392         (WebCore::SynchronousLoaderClient::didFail):
1393         (WebCore::SynchronousLoaderClient::willSendRequest): Deleted.
1394         (WebCore::SynchronousLoaderClient::canAuthenticateAgainstProtectionSpace): Deleted.
1395         (WebCore::SynchronousLoaderClient::didReceiveResponse): Deleted.
1396         * platform/network/SynchronousLoaderClient.h:
1397         * platform/network/cf/ResourceHandleCFNet.cpp:
1398         (WebCore::ResourceHandle::createCFURLConnection):
1399         (WebCore::ResourceHandle::start):
1400         (WebCore::ResourceHandle::willSendRequest):
1401         (WebCore::ResourceHandle::shouldUseCredentialStorage):
1402         (WebCore::ResourceHandle::canAuthenticateAgainstProtectionSpace):
1403         (WebCore::ResourceHandle::platformLoadResourceSynchronously):
1404         * platform/network/cf/ResourceHandleCFURLConnectionDelegateWithOperationQueue.cpp:
1405         (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::ResourceHandleCFURLConnectionDelegateWithOperationQueue):
1406         (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::releaseHandle):
1407         (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::willSendRequest):
1408         (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didReceiveResponse):
1409         (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didReceiveData):
1410         (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didFinishLoading):
1411         (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didFail):
1412         (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::willCacheResponse):
1413         (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didReceiveChallenge):
1414         (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didSendBodyData):
1415         (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::shouldUseCredentialStorage):
1416         (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::canRespondToProtectionSpace):
1417         (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::continueCanAuthenticateAgainstProtectionSpace):
1418         * platform/network/cf/ResourceHandleCFURLConnectionDelegateWithOperationQueue.h:
1419         * platform/network/cf/SynchronousResourceHandleCFURLConnectionDelegate.cpp: Removed.
1420         * platform/network/cf/SynchronousResourceHandleCFURLConnectionDelegate.h: Removed.
1421         * platform/network/mac/ResourceHandleMac.mm:
1422         (WebCore::ResourceHandle::start):
1423         (WebCore::ResourceHandle::schedule):
1424         (WebCore::ResourceHandle::makeDelegate):
1425         (WebCore::ResourceHandle::delegate):
1426         (WebCore::ResourceHandle::platformLoadResourceSynchronously):
1427         (WebCore::ResourceHandle::willSendRequest):
1428         (WebCore::ResourceHandle::continueWillSendRequest):
1429         (WebCore::ResourceHandle::continueDidReceiveResponse):
1430         (WebCore::ResourceHandle::canAuthenticateAgainstProtectionSpace):
1431         (WebCore::ResourceHandle::continueCanAuthenticateAgainstProtectionSpace):
1432         (WebCore::ResourceHandle::continueWillCacheResponse):
1433         (WebCore::ResourceHandle::shouldUseCredentialStorage): Deleted.
1434         * platform/network/mac/WebCoreResourceHandleAsDelegate.h: Removed.
1435         * platform/network/mac/WebCoreResourceHandleAsDelegate.mm: Removed.
1436         * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.h:
1437         * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:
1438         (-[WebCoreResourceHandleAsOperationQueueDelegate connection:willSendRequest:redirectResponse:]):
1439         (-[WebCoreResourceHandleAsOperationQueueDelegate connection:didReceiveAuthenticationChallenge:]):
1440         (-[WebCoreResourceHandleAsOperationQueueDelegate connection:canAuthenticateAgainstProtectionSpace:]):
1441         (-[WebCoreResourceHandleAsOperationQueueDelegate connection:didReceiveResponse:]):
1442         (-[WebCoreResourceHandleAsOperationQueueDelegate connection:didReceiveData:lengthReceived:]):
1443         (-[WebCoreResourceHandleAsOperationQueueDelegate connection:didSendBodyData:totalBytesWritten:totalBytesExpectedToWrite:]):
1444         (-[WebCoreResourceHandleAsOperationQueueDelegate connection:didFailWithError:]):
1445         (-[WebCoreResourceHandleAsOperationQueueDelegate connection:willCacheResponse:]):
1446
1447 2017-10-12  Chris Dumez  <cdumez@apple.com>
1448
1449         [Mac] Add support for MouseEvent.buttons
1450         https://bugs.webkit.org/show_bug.cgi?id=178214
1451
1452         Reviewed by Ryosuke Niwa.
1453
1454         Add support for MouseEvent.buttons on Mac as per:
1455         - https://www.w3.org/TR/uievents/#ref-for-dom-mouseevent-buttons-1
1456
1457         This is supported by Firefox and Chrome already.
1458
1459         No new tests, rebaselined existing test.
1460
1461         * dom/Element.cpp:
1462         (WebCore::Element::dispatchMouseEvent):
1463         * dom/MouseEvent.cpp:
1464         (WebCore::MouseEvent::create):
1465         (WebCore::MouseEvent::MouseEvent):
1466         * dom/MouseEvent.h:
1467         (WebCore::MouseEvent::buttons const):
1468         * dom/MouseEvent.idl:
1469         * dom/MouseEventInit.h:
1470         * dom/MouseEventInit.idl:
1471         * dom/SimulatedClick.cpp:
1472         * dom/WheelEvent.cpp:
1473         * page/EventHandler.cpp:
1474         (WebCore::EventHandler::dispatchDragEvent):
1475         * platform/PlatformMouseEvent.h:
1476         (WebCore::PlatformMouseEvent::buttons const):
1477         * platform/mac/PlatformEventFactoryMac.mm:
1478         (WebCore::currentlyPressedMouseButtons):
1479         (WebCore::PlatformMouseEventBuilder::PlatformMouseEventBuilder):
1480
1481 2017-10-12  David Kilzer  <ddkilzer@apple.com>
1482
1483         [iOS] Fix -Wunused-lambda-capture warnings in WebCore/WebKit with new clang compiler
1484         <https://webkit.org/b/178226>
1485
1486         Reviewed by Chris Fleizach.
1487
1488         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
1489         (-[WebAccessibilityObjectWrapper _accessibilityArticleAncestor]):
1490         - Remove unused lambda variable 'self'.
1491
1492 2017-10-12  Daniel Bates  <dabates@apple.com>
1493
1494         Mark more InlineBox member functions as const
1495         https://bugs.webkit.org/show_bug.cgi?id=178217
1496
1497         Reviewed by Andy Estes.
1498
1499         * rendering/InlineBox.cpp:
1500         (WebCore::InlineBox::locationIncludingFlipping const): Mark as const. Also fix some style
1501         nits while I am here.
1502         (WebCore::InlineBox::flipForWritingMode const): Mark as const.
1503         (WebCore::InlineBox::locationIncludingFlipping): Deleted.
1504         (WebCore::InlineBox::flipForWritingMode): Deleted.
1505         * rendering/InlineBox.h:
1506
1507 2017-10-12  Daniel Bates  <dabates@apple.com>
1508
1509         Teach InlineTextBox::clampOffset() about combined text and hyphenation
1510         https://bugs.webkit.org/show_bug.cgi?id=178032
1511
1512         Reviewed by Zalan Bujtas.
1513
1514         Treat combined text and the last character of a word halve plus hyphen as single units.
1515
1516         With regards to combined text, ideally we would allow arbitrary selection inside combined
1517         text. Currently we do not support selection of combined text. To simplify the process of
1518         adding support for selecting combined text we treat combined text as a single unit. Once
1519         we are confident that we correctly implemented such support we can re-evaluate allowing
1520         arbitrary selection of combined text.
1521
1522         With regards to treating the last character of a word halve plus hyphen as a single unit.
1523         This patch extends the targeted fix made for document markers in r223013 to all code that
1524         makes use of clamped offsets as a result the selection rect for inline boxes more accurately
1525         reflect the rectangle(s) that make up the painted selection. This is a step towards reconciling
1526         the difference between the computation of the rectangle that represents an arbitrary
1527         selection and the code that paints the active selection as part of <https://bugs.webkit.org/show_bug.cgi?id=138913>.
1528
1529         * rendering/InlineTextBox.cpp:
1530         (WebCore::InlineTextBox::localSelectionRect const): Compute text run, including combined text
1531         or hyphens due to line wrapping now that specified start and end positions are clamped with
1532         respect to combined text and hyphens (computed earlier in this function). Only measure the
1533         text represented by the selection if the start position > 0 or the end position is not equal
1534         to the length of the run.
1535         (WebCore::InlineTextBox::paint): Remove unnecessary code to fix up the selection start and
1536         end positions based on the truncation offset as this is done by clampedOffset(), called by
1537         selectionStartEnd().
1538         (WebCore::InlineTextBox::clampedOffset const): Modified to adjust the clamped offset with
1539         respect to truncation as well as treat combined text or a trailing word halve plus hyphen
1540         as single units. Assert that we are not fully truncated because it does not make sense to
1541         be computing the clamped offset in such a situation since nothing should be painted.
1542         (WebCore::InlineTextBox::selectionStartEnd const): Modified to compute the end of an inside
1543         selection using clampedOffset() to account for truncation, combined text or a hyphen. We
1544         already are using clampedOffset() when computing the start and end position for all other
1545         selection states.
1546         (WebCore::InlineTextBox::paintSelection): Compute text run, including combined text
1547         or hyphens due to line wrapping now that specified start and end positions are clamped with
1548         respect to combined text and hyphens (computed earlier in this function). Remove unnecessary
1549         code to adjust selection end point with respect to truncation, combined text, or an added
1550         hyphen now that selectionStartEnd() takes care of this (via clampedOffset()).
1551         (WebCore::InlineTextBox::paintTextSubrangeBackground): Compute text run, including combined
1552         text or hyphens due to line wrapping now that specified start and end positions are clamped
1553         with respect to combined text and hyphens (computed earlier in this function).
1554         (WebCore::InlineTextBox::paintDocumentMarker): Compute text run, including combined text now
1555         that specified start and end positions are clamped with respect to combined text (computed earlier in this function).
1556         Also remove unnecessary code to adjust end offset of the marker with respect to truncation
1557         and length of the text run as clampedOffset() now does this for us.
1558
1559 2017-10-11  Simon Fraser  <simon.fraser@apple.com>
1560
1561         Don't assert if mix-blend-mode is set to a non-separable blend mode on a composited layer
1562         https://bugs.webkit.org/show_bug.cgi?id=178196
1563         rdar://problem/34942337
1564
1565         Reviewed by Dan Bates.
1566
1567         Core Animation doesn't support non-separable blend modes (hue, saturation, color, luminosity)
1568         on layers, but don't assert if we try to use them.
1569
1570         Test: compositing/filters/blend-mode-saturation.html
1571
1572         * platform/graphics/ca/cocoa/PlatformCAFiltersCocoa.mm:
1573         (PlatformCAFilters::setBlendingFiltersOnLayer):
1574
1575 2017-10-12  John Wilander  <wilander@apple.com>
1576
1577         ResourceLoadObserver::logFrameNavigation() should use redirectResponse.url()
1578         https://bugs.webkit.org/show_bug.cgi?id=175257
1579         <rdar://problem/33359866>
1580
1581         Reviewed by Brent Fulgham.
1582
1583         This patch was joint work between Michael Specter and John Wilander.
1584
1585         Tests: http/tests/resourceLoadStatistics/non-sandboxed-iframe-redirect-ip-to-localhost-to-ip.html
1586                http/tests/resourceLoadStatistics/non-sandboxed-iframe-redirect-localhost-to-ip-to-localhost.html
1587                http/tests/resourceLoadStatistics/non-sandboxed-nesting-iframe-with-non-sandboxed-iframe-redirect-ip-to-localhost-to-ip.html
1588                http/tests/resourceLoadStatistics/non-sandboxed-nesting-iframe-with-non-sandboxed-iframe-redirect-localhost-to-ip-to-localhost.html
1589                http/tests/resourceLoadStatistics/non-sandboxed-nesting-iframe-with-sandboxed-iframe-redirect-ip-to-localhost-to-ip.html
1590                http/tests/resourceLoadStatistics/non-sandboxed-nesting-iframe-with-sandboxed-iframe-redirect-localhost-to-ip-to-localhost.html
1591                http/tests/resourceLoadStatistics/sandboxed-iframe-redirect-ip-to-localhost-to-ip.html
1592                http/tests/resourceLoadStatistics/sandboxed-iframe-redirect-localhost-to-ip-to-localhost.html
1593                http/tests/resourceLoadStatistics/sandboxed-nesting-iframe-with-non-sandboxed-iframe-redirect-ip-to-localhost-to-ip.html
1594                http/tests/resourceLoadStatistics/sandboxed-nesting-iframe-with-non-sandboxed-iframe-redirect-localhost-to-ip-to-localhost.html
1595                http/tests/resourceLoadStatistics/sandboxed-nesting-iframe-with-sandboxed-iframe-redirect-ip-to-localhost-to-ip.html
1596                http/tests/resourceLoadStatistics/sandboxed-nesting-iframe-with-sandboxed-iframe-redirect-localhost-to-ip-to-localhost.html
1597
1598         * loader/DocumentLoader.cpp:
1599         (WebCore::DocumentLoader::willSendRequest):
1600             Now sends redirectResponse.url() to WebCore::ResourceLoadObserver::logFrameNavigation().
1601         * loader/ResourceLoadObserver.cpp:
1602         (WebCore::ResourceLoadObserver::logFrameNavigation):
1603             Now receives the redirect response URL from WebCore::DocumentLoader().
1604         (WebCore::ResourceLoadObserver::nonNullOwnerURL const):
1605             New function to traverse the frame chain upward and find the first non-null URL.
1606         * loader/ResourceLoadObserver.h:
1607
1608 2017-10-12  Frederic Wang  <fwang@igalia.com>
1609
1610         Use less specific cast in ScrollingTree::scrollPositionChangedViaDelegatedScrolling
1611         https://bugs.webkit.org/show_bug.cgi?id=178211
1612
1613         Reviewed by Simon Fraser.
1614
1615         No new tests, behavior is not changed.
1616
1617         ScrollingTree::scrollPositionChangedViaDelegatedScrolling is a generic function that applies
1618         to scrolling nodes. Casting to more specific ScrollingTreeOverflowScrollingNodes is however
1619         not necessary to implement it. This patch moves to the least specific cast necessary so that
1620         this function will be usable for async scrolling of non-main frames in the future. Note that
1621         the function is currently only called from ScrollingTreeScrollingNodeDelegateIOS which in
1622         turn is only used by the ScrollingTreeScrollingOverflowNodeIOS class and so code behavior is
1623         not changed.
1624
1625         * page/scrolling/ScrollingTree.cpp:
1626         (WebCore::ScrollingTree::scrollPositionChangedViaDelegatedScrolling): Only cast the node to
1627         ScrollingTreeScrollingNode.
1628
1629 2017-10-11  Sam Weinig  <sam@webkit.org>
1630
1631         Remove out-parameter variants of copyToVector
1632         https://bugs.webkit.org/show_bug.cgi?id=178155
1633
1634         Reviewed by Tim Horton.
1635
1636         * Modules/geolocation/Geolocation.cpp:
1637         (WebCore::Geolocation::stopTimersForOneShots):
1638         (WebCore::Geolocation::cancelAllRequests):
1639         (WebCore::Geolocation::handleError):
1640         (WebCore::Geolocation::makeSuccessCallbacks):
1641         * Modules/indexeddb/IDBDatabase.cpp:
1642         (WebCore::IDBDatabase::transaction):
1643         * Modules/indexeddb/IDBGetAllResult.cpp:
1644         (WebCore::IDBGetAllResult::allBlobFilePaths const):
1645         * Modules/indexeddb/server/MemoryIndex.cpp:
1646         (WebCore::IDBServer::MemoryIndex::notifyCursorsOfValueChange):
1647         (WebCore::IDBServer::MemoryIndex::notifyCursorsOfAllRecordsChanged):
1648         * css/CSSFontSelector.cpp:
1649         (WebCore::CSSFontSelector::dispatchInvalidationCallbacks):
1650         * dom/Document.cpp:
1651         (WebCore::Document::moveNodeIteratorsToNewDocument):
1652         (WebCore::Document::resume):
1653         (WebCore::Document::didAssociateFormControlsTimerFired):
1654         * dom/IdTargetObserverRegistry.cpp:
1655         (WebCore::IdTargetObserverRegistry::notifyObserversInternal):
1656         * dom/MutationObserver.cpp:
1657         (WebCore::MutationObserver::notifyMutationObservers):
1658         * dom/Node.cpp:
1659         (WebCore::Document::invalidateNodeListAndCollectionCaches):
1660         * dom/RadioButtonGroups.cpp:
1661         * dom/ScriptExecutionContext.cpp:
1662         (WebCore::ScriptExecutionContext::dispatchMessagePortEvents):
1663         (WebCore::ScriptExecutionContext::stopActiveDOMObjects):
1664         * loader/appcache/ApplicationCacheGroup.cpp:
1665         (WebCore::ApplicationCacheGroup::checkIfLoadIsComplete):
1666         (WebCore::ApplicationCacheGroup::deliverDelayedMainResources):
1667         * loader/cache/MemoryCache.cpp:
1668         (WebCore::MemoryCache::forEachResource):
1669         (WebCore::MemoryCache::pruneDeadResourcesToSize):
1670         * page/DOMWindow.cpp:
1671         (WebCore::DOMWindow::willDestroyCachedFrame):
1672         (WebCore::DOMWindow::willDestroyDocumentInFrame):
1673         (WebCore::DOMWindow::willDetachDocumentFromFrame):
1674         (WebCore::DOMWindow::disconnectDOMWindowProperties):
1675         (WebCore::DOMWindow::reconnectDOMWindowProperties):
1676         * page/FrameView.cpp:
1677         (WebCore::collectAndProtectWidgets):
1678         * page/MemoryRelease.cpp:
1679         (WebCore::releaseCriticalMemory):
1680         * page/Performance.cpp:
1681         (WebCore::Performance::queueEntry):
1682         * platform/cocoa/PasteboardCocoa.mm:
1683         (WebCore::Pasteboard::typesForLegacyUnsafeBindings):
1684         * platform/graphics/cocoa/FontCacheCoreText.cpp:
1685         (WebCore::FontCache::systemFontFamilies):
1686         * platform/ios/PlatformPasteboardIOS.mm:
1687         (WebCore::PlatformPasteboard::typesSafeForDOMToReadAndWrite const):
1688         * platform/ios/WebCoreMotionManager.mm:
1689         (-[WebCoreMotionManager sendAccelerometerData:]):
1690         (-[WebCoreMotionManager sendMotionData:withHeading:]):
1691         * platform/mac/PlatformPasteboardMac.mm:
1692         (WebCore::PlatformPasteboard::typesSafeForDOMToReadAndWrite const):
1693         * platform/network/cocoa/WebCoreNSURLSession.mm:
1694         (-[WebCoreNSURLSession invalidateAndCancel]):
1695         * rendering/RenderBlock.cpp:
1696         (WebCore::RenderBlock::endAndCommitUpdateScrollInfoAfterLayoutTransaction):
1697         * rendering/RenderBlockLineLayout.cpp:
1698         (WebCore::setLogicalWidthForTextRun):
1699         * rendering/RenderDeprecatedFlexibleBox.cpp:
1700         (WebCore::FlexBoxIterator::next):
1701         * rendering/RenderTableSection.cpp:
1702         (WebCore::RenderTableSection::paintObject):
1703
1704             Replace out-parameter based copyToVector, with one that returns a Vector.
1705
1706 2017-10-12  Yusuke Suzuki  <utatane.tea@gmail.com>
1707
1708         Support integrity="" on module scripts
1709         https://bugs.webkit.org/show_bug.cgi?id=177959
1710
1711         Reviewed by Sam Weinig.
1712
1713         This patch extends module hooks to accept fetching parameters.
1714         When starting fetching modules, WebCore creates ModuleFetchParameters.
1715         And this parameters is propagated to the fetch hook. Then, fetch
1716         hook can use this parameters to fetch modules.
1717
1718         This parameters only contains `integrity` field. This "integrity" is
1719         used to perform subresource integrity check in module loader pipeline.
1720         And this error is just proparaged as errors in module pipeline, which
1721         is the same to the other types of errors in module pipeline.
1722
1723         Test: http/tests/subresource-integrity/sri-module.html
1724
1725         * ForwardingHeaders/runtime/JSScriptFetchParameters.h: Added.
1726         * ForwardingHeaders/runtime/ScriptFetchParameters.h: Added.
1727         * WebCore.xcodeproj/project.pbxproj:
1728         * bindings/js/CachedModuleScriptLoader.cpp:
1729         (WebCore::CachedModuleScriptLoader::create):
1730         (WebCore::CachedModuleScriptLoader::CachedModuleScriptLoader):
1731         Take parameters, which includes "integrity".
1732
1733         * bindings/js/CachedModuleScriptLoader.h:
1734         * bindings/js/JSDOMWindowBase.cpp:
1735         (WebCore::JSDOMWindowBase::moduleLoaderFetch):
1736         (WebCore::JSDOMWindowBase::moduleLoaderImportModule):
1737         import and fetch hooks take parameters.
1738
1739         * bindings/js/JSDOMWindowBase.h:
1740         * bindings/js/JSMainThreadExecState.h:
1741         (WebCore::JSMainThreadExecState::loadModule):
1742         * bindings/js/ScriptController.cpp:
1743         (WebCore::ScriptController::loadModuleScriptInWorld):
1744         (WebCore::ScriptController::loadModuleScript):
1745         Pass parameters to the entry point of the module pipeline.
1746
1747         * bindings/js/ScriptController.h:
1748         * bindings/js/ScriptModuleLoader.cpp:
1749         (WebCore::ScriptModuleLoader::fetch):
1750         If parameters are passed, we set them to CachedModuleScriptLoader.
1751
1752         (WebCore::ScriptModuleLoader::importModule):
1753         Pass parameters to the entry point of dynamic import.
1754
1755         (WebCore::ScriptModuleLoader::notifyFinished):
1756         If script loader has parameters, we perform subresource integrity check here.
1757
1758         * bindings/js/ScriptModuleLoader.h:
1759         * dom/LoadableModuleScript.cpp:
1760         (WebCore::LoadableModuleScript::create):
1761         (WebCore::LoadableModuleScript::LoadableModuleScript):
1762         (WebCore::LoadableModuleScript::load):
1763         Create ModuleFetchParameters with "integrity" value.
1764
1765         * dom/LoadableModuleScript.h:
1766         * dom/ModuleFetchParameters.h: Copied from Source/WebCore/bindings/js/CachedModuleScriptLoader.h.
1767         (WebCore::ModuleFetchParameters::create):
1768         (WebCore::ModuleFetchParameters::integrity const):
1769         (WebCore::ModuleFetchParameters::ModuleFetchParameters):
1770         * dom/ScriptElement.cpp:
1771         (WebCore::ScriptElement::requestModuleScript):
1772         Pass "integrity" value to the module script.
1773
1774 2017-10-12  Tomas Popela  <tpopela@redhat.com>
1775
1776         Unreviewed, fix compilation warning
1777
1778         warning: extra tokens at end of #endif directive [-Wendif-labels]
1779
1780         * rendering/RenderMediaControls.h:
1781
1782 2017-10-11  Brent Fulgham  <bfulgham@apple.com>
1783
1784         Correct nullptr deref in selection handling.
1785         https://bugs.webkit.org/show_bug.cgi?id=178189
1786         <rdar://problem/33833012>
1787
1788         Reviewed by Ryosuke Niwa.
1789
1790         The VisibleSelection::toNormalizedRange returns nullptr for certain conditions (e.g., 'isNone'
1791         and 'isOrphaned' cases). It's possible to crash the WebProcess by executing a code path with
1792         an orphaned selection range.
1793
1794         The return value of 'toNormalizedRange' is checked for nullptr in many places, but not everywhere.
1795         This patch adds those missing nullptr checks.
1796
1797         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
1798         (-[WebAccessibilityObjectWrapper textMarkerRangeForSelection]):
1799         * editing/DeleteSelectionCommand.cpp:
1800         (WebCore::DeleteSelectionCommand::makeStylingElementsDirectChildrenOfEditableRootToPreventStyleLoss):
1801         * editing/EditingStyle.cpp:
1802         (WebCore::EditingStyle::styleAtSelectionStart):
1803         * editing/Editor.cpp:
1804         (WebCore::Editor::misspelledWordAtCaretOrRange const):
1805         * page/DOMSelection.cpp:
1806         (WebCore::DOMSelection::containsNode const):
1807         * page/DragController.cpp:
1808         (WebCore::DragController::concludeEditDrag):
1809
1810 2017-10-11  Ryan Haddad  <ryanhaddad@apple.com>
1811
1812         Unreviewed, rolling out r223215.
1813
1814         This change broke the Sierra build.
1815
1816         Reverted changeset:
1817
1818         "[Apple Pay] Add subLocality and subAdministrativeArea to
1819         ApplePayPaymentContact"
1820         https://bugs.webkit.org/show_bug.cgi?id=178191
1821         https://trac.webkit.org/changeset/223215
1822
1823 2017-10-11  Chris Dumez  <cdumez@apple.com>
1824
1825         XMLHttpRequest: do not sniff text/html, and do not sniff XML when responseType is set to "text"
1826         https://bugs.webkit.org/show_bug.cgi?id=168724
1827
1828         Reviewed by Ryosuke Niwa.
1829
1830         WebKit enabled HTML / XML charset detection for HTML-ish / XML-ish
1831         responses even when response type is text, which does not match the
1832         specification.
1833
1834         This patch is based on the following Blink patch by Yutaka Hirano <yhirano@chromium.org>:
1835         - https://chromium.googlesource.com/chromium/src.git/+/47e4fc53e6d68c0a788fcc26de598b9e3848033f
1836
1837         Tests:
1838         imported/w3c/web-platform-tests/XMLHttpRequest/responsetext-decoding.htm
1839         imported/w3c/web-platform-tests/XMLHttpRequest/responsedocument-decoding.htm
1840
1841         * xml/XMLHttpRequest.cpp:
1842         (WebCore::XMLHttpRequest::createDecoder const):
1843         (WebCore::XMLHttpRequest::didReceiveData):
1844         * xml/XMLHttpRequest.h:
1845
1846 2017-10-11  Andy Estes  <aestes@apple.com>
1847
1848         [Apple Pay] Add subLocality and subAdministrativeArea to ApplePayPaymentContact
1849         https://bugs.webkit.org/show_bug.cgi?id=178191
1850         <rdar://problem/34906367>
1851
1852         Reviewed by Tim Horton.
1853
1854         Added test cases to http/tests/ssl/applepay/ApplePaySession.html.
1855
1856         * Modules/applepay/ApplePayPaymentContact.h:
1857         * Modules/applepay/ApplePayPaymentContact.idl:
1858         * Modules/applepay/cocoa/PaymentContactCocoa.mm:
1859         (WebCore::convert):
1860
1861 2017-10-11  Youenn Fablet  <youenn@apple.com>
1862
1863         Add API to clean CacheStorage data
1864         https://bugs.webkit.org/show_bug.cgi?id=178034
1865
1866         Reviewed by Chris Dumez.
1867
1868         Test: http/tests/cache-storage/cache-clearing.https.html
1869
1870         * platform/FileSystem.h:
1871
1872 2017-10-11  David Kilzer  <ddkilzer@apple.com>
1873
1874         Part 2: Fix -Wcast-qual and -Wunused-lambda-capture warnings in WebCore with new clang compiler
1875         <https://webkit.org/b/178036>
1876         <rdar://problem/33667497>
1877
1878         Reviewed by Chris Dumez.
1879
1880         * Modules/cache/WorkerCacheStorageConnection.cpp:
1881         (WebCore::WorkerCacheStorageConnection::doRemove):
1882         - Change ASSERT() to ASSERT_UNUSED() to suppress warnings about
1883           unused lambda capture for 'cacheIdentifier' in Release builds.
1884         * bridge/objc/objc_class.mm:
1885         (JSC::Bindings::ObjcClass::classForIsA): Change C-style cast
1886         into reinterpret_cast and const_cast to go from CFTypeRef to
1887         ObjcClass*.
1888         * crypto/mac/CryptoKeyRSAMac.cpp:
1889         (WebCore::castDataArgumentToCCRSACryptorCreateFromDataIfNeeded):
1890         Add.  Introduce method to add a required const_cast for older
1891         OSes since the signature of CCRSACryptorCreateFromData() changed
1892         in iOS 11 & High Sierra.
1893         (WebCore::CryptoKeyRSA::create): Use
1894         castDataArgumentToCCRSACryptorCreateFromDataIfNeeded().
1895         * platform/graphics/cocoa/WebCoreDecompressionSession.mm:
1896         (WebCore::WebCoreDecompressionSession::handleDecompressionOutput):
1897         Remove unused lambda capture for 'status'.
1898
1899 2017-10-11  Chris Dumez  <cdumez@apple.com>
1900
1901         [Geolocation] Expose Coordinates.floorLevel
1902         https://bugs.webkit.org/show_bug.cgi?id=178173
1903         <rdar://problem/34918936>
1904
1905         Reviewed by Ryosuke Niwa.
1906
1907         Expose Coordinates.floorLevel via the Geolocation API. This is currently
1908         a WebKit-specific extension and it is only populated on iOS / WKTR / DRT.
1909         It is null on other platforms.
1910
1911         Test: fast/dom/Geolocation/floorLevel.html
1912
1913         * Modules/geolocation/Coordinates.h:
1914         (WebCore::Coordinates::floorLevel const):
1915         * Modules/geolocation/Coordinates.idl:
1916         * Modules/geolocation/GeolocationPosition.h:
1917         (WebCore::GeolocationPosition::encode const):
1918         (WebCore::GeolocationPosition::decode):
1919         * Modules/geolocation/ios/GeolocationPositionIOS.mm:
1920         (WebCore::GeolocationPosition::GeolocationPosition):
1921         * page/Settings.in:
1922
1923 2017-10-11  Simon Fraser  <simon.fraser@apple.com>
1924
1925         Avoid triggering layout from style change
1926         https://bugs.webkit.org/show_bug.cgi?id=178184
1927         rdar://problem/34699113
1928
1929         Reviewed by Zalan Bujtas.
1930
1931         It's bad for RenderBox::styleDidChange() to scroll RenderLayers, because that
1932         can trigger layout via FrameView::updateWidgetPositions() and ScrollingCoordinator::absoluteEventTrackingRegions().
1933         So postpone the scrolling until after layout.
1934
1935         Test: fast/scrolling/adjust-scroll-offset-on-zoom.html
1936
1937         * rendering/RenderBox.cpp:
1938         (WebCore::RenderBox::styleDidChange):
1939         * rendering/RenderLayer.cpp:
1940         (WebCore::RenderLayer::updateLayerPositions):
1941         (WebCore::RenderLayer::setPostLayoutScrollPosition):
1942         (WebCore::RenderLayer::applyPostLayoutScrollPositionIfNeeded):
1943         * rendering/RenderLayer.h:
1944
1945 2017-10-11  Youenn Fablet  <youenn@apple.com>
1946
1947         Bump default cache storage quota to 20MB
1948         https://bugs.webkit.org/show_bug.cgi?id=178132
1949
1950         Reviewed by Alex Christensen.
1951
1952         Covered by http/wpt/cache-storage/cache-quota.any.html.
1953
1954         * platform/network/NetworkStorageSession.h:
1955         (WebCore::NetworkStorageSession::cacheStoragePerOriginQuota const):
1956         (WebCore::NetworkStorageSession::setCacheStoragePerOriginQuota):
1957
1958 2017-10-11  Myles C. Maxfield  <mmaxfield@apple.com>
1959
1960         Allow PAL to log messages
1961         https://bugs.webkit.org/show_bug.cgi?id=171523
1962
1963         Reviewed by Alex Christensen.
1964
1965         Make the model of WebCore/PAL match the model of WebKit/WebCore. This is because PAL will
1966         need to log things (because existing files in WebCore/platform need to log things).
1967
1968         No new tests because there is no behavior change.
1969
1970         * WebCore.xcodeproj/project.pbxproj:
1971         * page/mac/PageMac.mm:
1972         (WebCore::Page::platformInitialize):
1973         * platform/Logging.cpp:
1974         (WebCore::registerNotifyCallback): Deleted.
1975         * platform/Logging.h:
1976         * rendering/SimpleLineLayout.cpp:
1977         (WebCore::SimpleLineLayout::canUseForWithReason):
1978
1979 2017-10-11  Chris Dumez  <cdumez@apple.com>
1980
1981         Unreviewed, fix build with some SDKs.
1982
1983         Stop capturing |this| unnecessarily in lambda.
1984
1985         * Modules/entriesapi/FileSystemDirectoryEntry.cpp:
1986         (WebCore::FileSystemDirectoryEntry::getEntry):
1987
1988 2017-10-11  Chris Dumez  <cdumez@apple.com>
1989
1990         Unreviewed, fix build with some SDKs.
1991
1992         Stop capturing |this| unnecessarily in lambda.
1993
1994         * Modules/entriesapi/DOMFileSystem.cpp:
1995         (WebCore::DOMFileSystem::getFile):
1996
1997 2017-10-11  Daniel Bates  <dabates@apple.com>
1998
1999         Extract logic to paint composition underlines to its own function
2000         https://bugs.webkit.org/show_bug.cgi?id=178038
2001
2002         Reviewed by Zalan Bujtas.
2003
2004         No functionality changed. So, no new tests.
2005
2006         * rendering/InlineTextBox.cpp:
2007         (WebCore::InlineTextBox::paint): Modified to call paintCompositionUnderlines().
2008         (WebCore::InlineTextBox::paintCompositionUnderlines const): Added; extract code
2009         from InlineTextBox::paint() and modernized it.
2010         (WebCore::InlineTextBox::paintCompositionUnderline const): Added.
2011         (WebCore::InlineTextBox::paintCompositionUnderline): Deleted; made const.
2012         * rendering/InlineTextBox.h:
2013
2014 2017-10-11  Daniel Bates  <dabates@apple.com>
2015
2016         InlineTextBox::isSelected() should only return true for a non-empty selection
2017         and remove incorrect FIXME from InlineTextBox::localSelectionRect()
2018         https://bugs.webkit.org/show_bug.cgi?id=160786
2019
2020         Reviewed by Zalan Bujtas.
2021
2022         Partial revert of r204400 in InlineTextBox::{isSelected, localSelectionRect}().
2023
2024         The function InlineTextBox::isSelected() should only return true for a non-empty selection.
2025         Also remove an incorrect FIXME added to InlineTextBox::localSelectionRect() that questioned
2026         whether it was correct for it to return an empty rectangle. It is correct for it to return
2027         such a rectangle because this function is used to implement Element.getClientRects(). And
2028         Element.getClientRects() can return a rectangle with zero width or zero height by step 3
2029         of algorithm getClientRects() of section Extensions to the Element interface of the
2030         CSSOM View Module spec., <https://drafts.csswg.org/cssom-view/> (Editor's Draft, 15 September 2017).
2031
2032         * rendering/InlineTextBox.cpp:
2033         (WebCore::InlineTextBox::isSelected const): Only return true for a non-empty selection
2034         and remove unnecessary FIXME. Also rename variables to improve readability.
2035         (WebCore::InlineTextBox::localSelectionRect const): Remove inaccurate FIXME comment.
2036         * rendering/InlineTextBox.h:
2037
2038 2017-10-11  Ryosuke Niwa  <rniwa@webkit.org>
2039
2040         Sanitize URL in pasteboard for other applications and cross origin content
2041         https://bugs.webkit.org/show_bug.cgi?id=178060
2042         <rdar://problem/34874518>
2043
2044         Reviewed by Wenson Hsieh.
2045
2046         This patch introduces the sanitization of URL when written from a web content to prevent web content from
2047         exploiting the URL parser of other applications in the system particularly of those that actively monitor
2048         system pasteboard (a.k.a. clipboard on non-Cocoa platforms) and decode or otherwise process URLs.
2049
2050         Because the Web compatibility requires that DataTransfer exposes the original URL to any document in the
2051         same origin as the one which wrote the URL into the pasteboard, we store a string which uniquely identifies
2052         the origin of an originating document into our custom pasteboard data. Note that we expose any URL which
2053         didn't come from WebKit since we don't expect URLs to reveal privacy sensitive information. We use UUID for
2054         the origin identifier of a null origin document.
2055
2056         An alternative approach is to store the pasteboard data from the same origin into the document and invalidate
2057         it when the system pasteboard changes. However, Pasteboard object cannot know about Document (as Pasteboard
2058         is a platform object and Document is a WebCore object), this turns out be quite tricky as there are multiple
2059         places where we create Pasteboard objects, and they all need to be aware of this special same origin
2060         Pasteboard object that hangs off of Document. Also, this approach would result in the same origin code paths
2061         to diverge between null origin and non-null origin documents.
2062
2063         Tests: editing/pasteboard/data-transfer-get-data-on-copying-pasting-malformed-url-in-same-document.html
2064                editing/pasteboard/data-transfer-set-data-ignore-copied-walformed-url-in-null-origin.html
2065                editing/pasteboard/data-transfer-set-data-sanitlize-url-when-copying-in-null-origin.html
2066                editing/pasteboard/data-transfer-set-data-sanitlize-url-when-dragging-in-null-origin.html
2067                http/tests/security/clipboard/copy-paste-url-across-origin-sanitizes-url.html
2068                CopyURL.ValidURL
2069                CopyURL.UnescapedURL
2070                CopyURL.MalformedURL
2071                DataInteractionTests.DataTransferSetDataValidURL
2072                DataInteractionTests.DataTransferSetDataUnescapedURL
2073                DataInteractionTests.DataTransferSetDataInvalidURL
2074
2075         * dom/DataTransfer.cpp:
2076         (WebCore::originForDocument): Extracted from createForCopyAndPaste.
2077         (WebCore::DataTransfer::createForCopyAndPaste):
2078         (WebCore::DataTransfer::getDataForItem const): Read the URL from the custom data when the originating content
2079         is of the same origin. When the originating content is cross origin, or there is no custom data (e.g. written
2080         by another native application; or sanitization didn't result in any difference), then callback to native value.
2081         (WebCore::DataTransfer::setDataFromItemList): Sanitize the URL before writing it to the native pasteboard.
2082         Store the original value if the sanitization resulted in any difference.
2083         (WebCore::DataTransfer::types const):
2084         (WebCore::DataTransfer::commitToPasteboard): Moved the code to write custom data to Pasteboard since we need
2085         to write the origin string with it.
2086         (WebCore::DataTransfer::createForDragStartEvent): Added Document as an argument to compute the origin string.
2087         (WebCore::DataTransfer::createForDrop): Ditto.
2088         (WebCore::DataTransfer::createForUpdatingDropTarget):
2089         (WebCore::DataTransfer::moveDragState):
2090         * dom/DataTransfer.h:
2091         * dom/Document.cpp:
2092         (WebCore::Document::uniqueIdentifier): Added. See above.
2093         * dom/Document.h:
2094         * editing/Editor.cpp:
2095         (WebCore::createDataTransferForClipboardEvent):
2096         (WebCore::dispatchClipboardEvent):
2097         * page/DragController.cpp:
2098         (WebCore::DragController::dispatchTextInputEventFor):
2099         * page/EventHandler.cpp:
2100         (WebCore::EventHandler::performDragAndDrop):
2101         (WebCore::EventHandler::handleDrag):
2102         * platform/Pasteboard.h:
2103         * platform/PasteboardStrategy.h:
2104         * platform/PlatformPasteboard.h:
2105         * platform/StaticPasteboard.cpp:
2106         (WebCore::StaticPasteboard::takeCustomData): Moved the logic to write to native pasteboard to DataTransfer.
2107         * platform/StaticPasteboard.h:
2108         * platform/cocoa/PasteboardCocoa.mm:
2109         (WebCore::Pasteboard::typesSafeForBindings):
2110         (WebCore::Pasteboard::readStringInCustomData): Rewritten using readCustomData. See below.
2111         (WebCore::Pasteboard::readOrigin): Added.
2112         (WebCore::Pasteboard::readCustomData): Added. Populates the cache. Because a single Pasteboard object is never
2113         allowed to read values once its content is updated by other applications, we can permanently cache the result.
2114         * platform/gtk/PasteboardGtk.cpp:
2115         (WebCore::Pasteboard::typesSafeForBindings): Now takes the unused origin string.
2116         (WebCore::Pasteboard::readOrigin): Added.
2117         * platform/gtk/PlatformPasteboardGtk.cpp:
2118         (WebCore::PlatformPasteboard::typesSafeForDOMToReadAndWrite const): Now takes the unused origin string.
2119         * platform/ios/PlatformPasteboardIOS.mm:
2120         (WebCore::originKeyKeyForTeamData): Added.
2121         (WebCore::customTypesKeyForTeamData): Added. Replaces the use of PasteboardCustomData::cocoaType() in the team
2122         data for clarity since the team data key isn't same as the pasteboard type. We don't have to worry about the
2123         backwards compatibility since drag & drop session doesn't persist across iOS upgrades, and there is no publicly
2124         released iOS with this team data support.
2125         (WebCore::PlatformPasteboard::typesSafeForDOMToReadAndWrite const): Read the origin string and the custom data
2126         off the team data. Don't expose custom types that are written by cross origin documents.
2127         (WebCore::PlatformPasteboard::write): Add the orign string with custom pasteboard types in the team data.
2128         (WebCore::PlatformPasteboard::readURL): Fixed a bug that this function was not reading NSURL when UIPasteboard
2129         serializes NSURL as a plist. This code is exercised by CopyURL.ValidURL.
2130         * platform/mac/PlatformPasteboardMac.mm:
2131         (WebCore::PlatformPasteboard::typesSafeForDOMToReadAndWrite const): Don't add custom pasteboard types that are
2132         added by cross origin documents.
2133         * platform/win/PasteboardWin.cpp:
2134         (WebCore::Pasteboard::typesSafeForBindings): Now takes the unused origin string.
2135         (WebCore::Pasteboard::readOrigin): Added.
2136         * platform/wpe/PasteboardWPE.cpp:
2137         (WebCore::Pasteboard::typesSafeForBindings): Now takes the unused origin string.
2138         (WebCore::Pasteboard::readOrigin): Added.
2139         * platform/wpe/PlatformPasteboardWPE.cpp:
2140         (WebCore::PlatformPasteboard::typesSafeForDOMToReadAndWrite const): Now takes the unused origin string.
2141
2142 2017-10-11  Antti Koivisto  <antti@apple.com>
2143
2144         Remove some obsolete layout assertions
2145         https://bugs.webkit.org/show_bug.cgi?id=178170
2146
2147         Reviewed by Zalan Bujtas.
2148
2149         We have strong assertions against render tree mutation functions being called in layout. These are unnecessary.
2150
2151         * rendering/RenderBoxModelObject.cpp:
2152         (WebCore::RenderBoxModelObject::moveChildTo):
2153         * rendering/RenderElement.cpp:
2154         (WebCore::RenderElement::takeChildInternal):
2155         * rendering/RenderElement.h:
2156         * rendering/RenderListItem.cpp:
2157         (WebCore::RenderListItem::layout):
2158         * rendering/RenderListItem.h:
2159
2160 2017-10-11  Andy Estes  <aestes@apple.com>
2161
2162         [Payment Request] Implement Apple Pay merchant validation
2163         https://bugs.webkit.org/show_bug.cgi?id=178159
2164
2165         Reviewed by Brady Eidson.
2166
2167         When ApplePayPaymentHandler::validateMerchant() is called, dispatch the
2168         applepayvalidatemerchant event to the PaymentRequest object.
2169
2170         The event object is an ApplePayMerchantValidationEvent, on which the client calls complete()
2171         with a merchant session.
2172
2173         Test: http/tests/ssl/applepay/ApplePayMerchantValidationEvent.https.html
2174
2175         * DerivedSources.make:
2176         * Modules/applepay/ApplePayValidateMerchantEvent.h:
2177         * Modules/applepay/paymentrequest/ApplePayMerchantValidationEvent.cpp: Added.
2178         (WebCore::ApplePayMerchantValidationEvent::create):
2179         (WebCore::ApplePayMerchantValidationEvent::ApplePayMerchantValidationEvent):
2180         (WebCore::ApplePayMerchantValidationEvent::complete):
2181         (WebCore::ApplePayMerchantValidationEvent::eventInterface const):
2182         * Modules/applepay/paymentrequest/ApplePayMerchantValidationEvent.h: Added.
2183         * Modules/applepay/paymentrequest/ApplePayMerchantValidationEvent.idl: Added.
2184         * Modules/applepay/paymentrequest/ApplePayPaymentHandler.cpp:
2185         (WebCore::ApplePayPaymentHandler::validateMerchant):
2186         * Modules/applepay/paymentrequest/ApplePayPaymentHandler.h:
2187         * Modules/paymentrequest/PaymentRequest.idl:
2188         * WebCore.xcodeproj/project.pbxproj:
2189         * dom/EventNames.h:
2190         * dom/EventNames.in:
2191         * testing/Internals.cpp:
2192         (WebCore::Internals::Internals):
2193         * testing/MockPaymentCoordinator.cpp:
2194         (WebCore::MockPaymentCoordinator::MockPaymentCoordinator):
2195         (WebCore::MockPaymentCoordinator::showPaymentUI):
2196         * testing/MockPaymentCoordinator.h:
2197
2198 2017-10-11  Chris Dumez  <cdumez@apple.com>
2199
2200         Modernize Geolocation code
2201         https://bugs.webkit.org/show_bug.cgi?id=178148
2202
2203         Reviewed by Ryosuke Niwa.
2204
2205         Modernize Geolocation code:
2206         - Use std::optional<> instead of separate boolean members
2207         - Make GeolocationPosition a simple struct that can be passed via IPC
2208         - Replace WebGeolocationPosition::Data with GeolocationPosition
2209         - Move logic to construct a GeolocationPosition from a CLLocation on iOS
2210           in one place to avoid code duplication.
2211
2212         * Modules/geolocation/Coordinates.cpp:
2213         (WebCore::Coordinates::Coordinates):
2214         * Modules/geolocation/Coordinates.h:
2215         (WebCore::Coordinates::create):
2216         (WebCore::Coordinates::isolatedCopy const):
2217         (WebCore::Coordinates::latitude const):
2218         (WebCore::Coordinates::longitude const):
2219         (WebCore::Coordinates::altitude const):
2220         (WebCore::Coordinates::accuracy const):
2221         (WebCore::Coordinates::altitudeAccuracy const):
2222         (WebCore::Coordinates::heading const):
2223         (WebCore::Coordinates::speed const):
2224         * Modules/geolocation/Geolocation.cpp:
2225         (WebCore::createGeoposition):
2226         (WebCore::Geolocation::lastPosition):
2227         * Modules/geolocation/GeolocationClient.h:
2228         * Modules/geolocation/GeolocationController.cpp:
2229         (WebCore::GeolocationController::positionChanged):
2230         (WebCore::GeolocationController::lastPosition):
2231         * Modules/geolocation/GeolocationController.h:
2232         * Modules/geolocation/GeolocationPosition.h:
2233         (WebCore::GeolocationPosition::GeolocationPosition):
2234         The default constructor is only needed by our IPC decoding code.
2235
2236         (WebCore::GeolocationPosition::encode const):
2237         (WebCore::GeolocationPosition::decode):
2238         * Modules/geolocation/ios/GeolocationPositionIOS.mm: Copied from Source/WebCore/Modules/geolocation/Coordinates.cpp.
2239         (WebCore::GeolocationPosition::GeolocationPosition):
2240         * WebCore.xcodeproj/project.pbxproj:
2241         * platform/mock/GeolocationClientMock.cpp:
2242         (WebCore::GeolocationClientMock::lastPosition):
2243         (WebCore::GeolocationClientMock::controllerTimerFired):
2244         * platform/mock/GeolocationClientMock.h:
2245
2246 2017-10-11  Brady Eidson  <beidson@apple.com>
2247
2248         Add a SW context process (where SW scripts will actually execute).
2249         https://bugs.webkit.org/show_bug.cgi?id=178156
2250         
2251         Reviewed by Andy Estes.
2252
2253         No new tests (Covered by changes to existing tests).
2254
2255         This patch adds an auxiliary "ServiceWorker context" WebProcess to a WebProcessPool.
2256
2257         This process is where ServiceWorker scripts will execute, separate from the client WebProcess
2258         hosting the page(s) they are serving.
2259
2260         This patch also adds all of the plumbing to pass along a fetched service worker script to this
2261         context WebProcess, as well as message back failure to actually start the script so we can test.
2262
2263         Touches lots of code sites but is basically just a lot of plumbing.
2264
2265         * WebCore.xcodeproj/project.pbxproj:
2266
2267         * workers/service/ServiceWorkerContextData.h: Copied from Source/WebCore/workers/service/server/SWServerWorker.h.
2268         (WebCore::ServiceWorkerContextData::encode const):
2269         (WebCore::ServiceWorkerContextData::decode):
2270
2271         * workers/service/server/SWServer.cpp:
2272         (WebCore::SWServer::Connection::finishFetchingScriptInServer):
2273         (WebCore::SWServer::Connection::scriptContextFailedToStart):
2274         (WebCore::SWServer::scriptFetchFinished):
2275         (WebCore::SWServer::scriptContextFailedToStart):
2276         (WebCore::SWServer::createWorker):
2277         * workers/service/server/SWServer.h:
2278
2279         * workers/service/server/SWServerRegistration.cpp:
2280         (WebCore::SWServerRegistration::scriptFetchFinished):
2281         (WebCore::SWServerRegistration::scriptContextFailedToStart):
2282         * workers/service/server/SWServerRegistration.h:
2283
2284         * workers/service/server/SWServerWorker.cpp:
2285         (WebCore::SWServerWorker::SWServerWorker):
2286         (WebCore::SWServerWorker::~SWServerWorker):
2287         * workers/service/server/SWServerWorker.h:
2288         (WebCore::SWServerWorker::create):
2289         (WebCore::SWServerWorker::scriptURL const):
2290         (WebCore::SWServerWorker::script const):
2291         (WebCore::SWServerWorker::type const):
2292         (WebCore::SWServerWorker::workerID const):
2293
2294 2017-10-11  Joanmarie Diggs  <jdiggs@igalia.com>
2295
2296         [ATK] Expose value of aria-keyshortcuts as object attribute
2297         https://bugs.webkit.org/show_bug.cgi?id=171175
2298
2299         Reviewed by Chris Fleizach.
2300
2301         Expose the author-provided string through the "keyshortcuts" object attribute.
2302
2303         Test: accessibility/gtk/aria-keyshortcuts.html
2304
2305         * accessibility/AccessibilityObject.cpp:
2306         (WebCore::AccessibilityObject::ariaKeyShortcutsValue const):
2307         * accessibility/AccessibilityObject.h:
2308         * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
2309         (webkitAccessibleGetAttributes):
2310         * html/HTMLAttributeNames.in:
2311
2312 2017-10-11  Yusuke Suzuki  <utatane.tea@gmail.com>
2313
2314         [JSC] Drop Instantiate hook in ES6 module loader
2315         https://bugs.webkit.org/show_bug.cgi?id=178162
2316
2317         Reviewed by Sam Weinig.
2318
2319         Drop instantiate hooks.
2320         No behavior change.
2321
2322         * bindings/js/JSDOMWindowBase.cpp:
2323         * bindings/js/JSWorkerGlobalScopeBase.cpp:
2324
2325 2017-10-11  Alicia Boya García  <aboya@igalia.com>
2326
2327         [MSE][GStreamer] Add dump of append pipeline
2328         https://bugs.webkit.org/show_bug.cgi?id=178074
2329
2330         Reviewed by Xabier Rodriguez-Calvar.
2331
2332         Enable dump of AppendPipeline.
2333
2334         * platform/graphics/gstreamer/mse/AppendPipeline.cpp:
2335         (WebCore::appendPipelineStateChangeMessageCallback):
2336         (WebCore::AppendPipeline::AppendPipeline):
2337         (WebCore::AppendPipeline::handleStateChangeMessage):
2338         * platform/graphics/gstreamer/mse/AppendPipeline.h:
2339
2340 2017-09-27  Frederic Wang  <fwang@igalia.com>
2341
2342         [iOS] Do not flatten frames when async frame scrolling is enabled
2343         https://bugs.webkit.org/show_bug.cgi?id=173704
2344
2345         Reviewed by Simon Fraser.
2346
2347         This patch disables frame flattening when async frame scrolling is enabled on iOS, as
2348         otherwise you can not scroll them. Once iframe scrolling is implemented in iOS (bug 149264),
2349         developers and beta testers will be able to check it by enabling "Async Frame Scrolling"
2350         in the "Experimental WebKit Features" menu of Safari iOS.
2351
2352         Test: platform/ios/fast/frames/flattening/iframe-flattening-with-async-frame-scrolling.html
2353
2354         * page/FrameView.cpp:
2355         (WebCore::FrameView::frameFlatteningEnabled): Use effectiveFrameFlattening()
2356         * page/Settings.cpp:
2357         (WebCore::Settings::effectiveFrameFlattening): New function to return frameFlattening() or do
2358         some exceptions on iOS.
2359         * page/Settings.h: Declare effectiveFrameFlattening.
2360         * rendering/RenderFrameSet.cpp:
2361         (WebCore::RenderFrameSet::flattenFrameSet): Use effectiveFrameFlattening()
2362         * rendering/RenderIFrame.cpp:
2363         (WebCore::RenderIFrame::flattenFrame): Ditto.
2364         * rendering/RenderView.cpp:
2365         (WebCore::FrameFlatteningLayoutDisallower::FrameFlatteningLayoutDisallower): Ditto.
2366
2367 2017-10-10  Xabier Rodriguez Calvar  <calvaris@igalia.com>
2368
2369         [GStreamer] Fix double seek requested by downloadbuffer GStreamer element in webkibwebsrc
2370         https://bugs.webkit.org/show_bug.cgi?id=178079
2371
2372         Reviewed by Žan Doberšek.
2373
2374         When the downloadbuffer GStreamer element requests two seeks too
2375         close to each other there's some rare race condition where our
2376         source answers that it is not seekable and ends up with
2377         downloadbuffer element to seek beyond the file size, which causes
2378         the server to issue a 416 HTTP error code eventually, causing our
2379         MediaPlayer to stop.
2380
2381         * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
2382         (webKitWebSrcStop): We only unset he seekable attribute if we are
2383         not seeking.
2384
2385 2017-10-10  Ryosuke Niwa  <rniwa@webkit.org>
2386
2387         Enable custom pasteboard data in DumpRenderTree and WebKitTestRunner
2388         https://bugs.webkit.org/show_bug.cgi?id=178154
2389
2390         Reviewed by Wenson Hsieh.
2391
2392         Extracted the logic to compute the default enabled-ness of custom pasteboard data as
2393         Settings::defaultCustomPasteboardDataEnabled() to be called by WebKit1 and WebKit2 layers.
2394
2395         * page/Settings.cpp:
2396         (WebCore::Settings::defaultCustomPasteboardDataEnabled): Extracted from customPasteboardDataEnabled.
2397         (WebCore::Settings::customPasteboardDataEnabled): Deleted. Now inlined in the header file.
2398         * page/Settings.h:
2399         (WebCore::Settings::customPasteboardDataEnabled):
2400         * platform/cocoa/PasteboardCocoa.mm:
2401         (WebCore::Pasteboard::read): Fixed a bug that we were adding MIME type to the map before checking that
2402         we could actually read the buffer. We shouldn't skip a type (NSTIFFPboardType and kUTTypeTIFF for now)
2403         if an equivalent type had failed to read.
2404
2405 2017-10-10  Andy Estes  <aestes@apple.com>
2406
2407         [Payment Request] Validate that all PaymentCurrencyAmounts use the same currency code when using Apple Pay
2408         https://bugs.webkit.org/show_bug.cgi?id=178150
2409
2410         Reviewed by Tim Horton.
2411
2412         Apple Pay requires a single currency code, but the Payment Request API allows the client to
2413         specify a currency code for each PaymentCurrencyAmount.
2414
2415         Instead of having a required currencyCode property on ApplePayRequest and ignoring the
2416         currency property on PaymentCurrencyAmount, validate that all PaymentCurrencyAmounts use the
2417         same currency code and use that as ApplePaySessionPaymentRequest's currencyCode.
2418
2419         Added test cases to http/tests/ssl/applepay/PaymentRequest.https.html.
2420
2421         * Modules/applepay/ApplePayPaymentRequest.h:
2422         * Modules/applepay/ApplePayPaymentRequest.idl:
2423         * Modules/applepay/ApplePayRequestBase.cpp:
2424         (WebCore::convertAndValidate):
2425         * Modules/applepay/ApplePayRequestBase.h:
2426         * Modules/applepay/ApplePayRequestBase.idl:
2427         * Modules/applepay/ApplePaySession.cpp:
2428         (WebCore::convertAndValidate):
2429         * Modules/applepay/paymentrequest/ApplePayPaymentHandler.cpp:
2430         (WebCore::validate):
2431         (WebCore::convertAndValidate):
2432         (WebCore::ApplePayPaymentHandler::show):
2433         * Modules/applepay/paymentrequest/ApplePayRequest.idl:
2434
2435 2017-10-10  Andy Estes  <aestes@apple.com>
2436
2437         [Payment Request] Implement PaymentRequest.canMakePayment()
2438         https://bugs.webkit.org/show_bug.cgi?id=178048
2439
2440         Reviewed by Youenn Fablet.
2441
2442         Test: http/tests/paymentrequest/payment-request-canmakepayment-method.https.html
2443
2444         * Modules/applepay/paymentrequest/ApplePayPaymentHandler.cpp:
2445         (WebCore::ApplePayPaymentHandler::convertData): Moved
2446         ApplePayRequest-to-ApplePaySessionPaymentRequest conversion from here to show().
2447         (WebCore::ApplePayPaymentHandler::show): Returned an exception if
2448         ApplePaySessionPaymentRequest conversion fails.
2449         (WebCore::shouldDiscloseApplePayCapability): Checked if we are in an ephimeral session or if
2450         Settings::applePayCapabilityDisclosureAllowed() is false.
2451         (WebCore::ApplePayPaymentHandler::canMakePayment): Called
2452         PaymentCoordinator::canMakePayments() or PaymentCoordinator::canMakePaymentsWithActiveCard()
2453         depending on shouldDiscloseApplePayCapability().
2454         * Modules/applepay/paymentrequest/ApplePayPaymentHandler.h:
2455         * Modules/applepay/paymentrequest/ApplePayRequest.h:
2456         * Modules/applepay/paymentrequest/ApplePayRequest.idl: Defined merchantIdentifier.
2457         * Modules/paymentrequest/PaymentHandler.h:
2458         * Modules/paymentrequest/PaymentRequest.cpp:
2459         (WebCore::parse): Moved JSON-parsing to here from show().
2460         (WebCore::PaymentRequest::show): Returned the exception from PaymentHandler::show().
2461         (WebCore::PaymentRequest::canMakePayment): For each payment method, try to create a
2462         PaymentHandler.
2463         For the first valid PaymentHandler, call canMakePayment() and pass a lambda that resolves
2464         the promise.
2465         * Modules/paymentrequest/PaymentRequest.h:
2466         * Modules/paymentrequest/PaymentRequest.idl: Added CallWith=Document annotations to show()
2467         and canMakePayment().
2468
2469 2017-10-10  Chris Dumez  <cdumez@apple.com>
2470
2471         Unreviewed, really fix the build with certain SDKs.
2472
2473         Follow-up to r223154, which fixed the wrong lambda.
2474
2475         * Modules/entriesapi/DOMFileSystem.cpp:
2476         (WebCore::DOMFileSystem::getEntry):
2477         (WebCore::DOMFileSystem::getFile):
2478
2479 2017-10-10  Chris Dumez  <cdumez@apple.com>
2480
2481         Unreviewed, fix build with certain SDKs.
2482
2483         Stop capturing |this| unnecessarily in lambda.
2484
2485         * Modules/entriesapi/DOMFileSystem.cpp:
2486         (WebCore::DOMFileSystem::getEntry):
2487
2488 2017-10-10  Matt Lewis  <jlewis3@apple.com>
2489
2490         Unreviewed, rolling out r223148.
2491
2492         This caused build failures.
2493
2494         Reverted changeset:
2495
2496         "Fix MSVC build with ENCRYPTED_MEDIA enabled"
2497         https://bugs.webkit.org/show_bug.cgi?id=177803
2498         http://trac.webkit.org/changeset/223148
2499
2500 2017-10-10  Zalan Bujtas  <zalan@apple.com>
2501
2502         AccessibilityRenderObject should not hold a raw pointer to RenderObject
2503         https://bugs.webkit.org/show_bug.cgi?id=178144
2504         <rdar://problem/34919287>
2505
2506         Reviewed by Chris Fleizach.
2507
2508         m_renderer's lifetime is not directly tied to the AX wrapper object's lifetime.
2509
2510         Covered by existing tests.
2511
2512         * accessibility/AccessibilityListBox.cpp:
2513         (WebCore::AccessibilityListBox::elementAccessibilityHitTest const):
2514         * accessibility/AccessibilityMathMLElement.cpp:
2515         (WebCore::AccessibilityMathMLElement::isMathFenceOperator const):
2516         (WebCore::AccessibilityMathMLElement::isMathSeparatorOperator const):
2517         (WebCore::AccessibilityMathMLElement::mathLineThickness const):
2518         * accessibility/AccessibilityMenuList.cpp:
2519         (WebCore::AccessibilityMenuList::press):
2520         (WebCore::AccessibilityMenuList::isCollapsed const):
2521         * accessibility/AccessibilityRenderObject.cpp:
2522         (WebCore::AccessibilityRenderObject::AccessibilityRenderObject):
2523         (WebCore::AccessibilityRenderObject::renderBoxModelObject const):
2524         (WebCore::AccessibilityRenderObject::setRenderer):
2525         (WebCore::AccessibilityRenderObject::previousSibling const):
2526         (WebCore::AccessibilityRenderObject::anchorElement const):
2527         (WebCore::AccessibilityRenderObject::helpText const):
2528         (WebCore::AccessibilityRenderObject::boundingBoxRect const):
2529         (WebCore::AccessibilityRenderObject::supportsPath const):
2530         (WebCore::AccessibilityRenderObject::elementPath const):
2531         (WebCore::AccessibilityRenderObject::computeAccessibilityIsIgnored const):
2532         (WebCore::AccessibilityRenderObject::index const):
2533         (WebCore::AccessibilityRenderObject::handleActiveDescendantChanged):
2534         (WebCore::AccessibilityRenderObject::observableObject const):
2535         (WebCore::AccessibilityRenderObject::determineAccessibilityRole):
2536         (WebCore::AccessibilityRenderObject::textChanged):
2537         (WebCore::AccessibilityRenderObject::remoteSVGRootElement const):
2538         (WebCore::AccessibilityRenderObject::roleValueForMSAA const):
2539         (WebCore::AccessibilityRenderObject::getScrollableAreaIfScrollable const):
2540         (WebCore::AccessibilityRenderObject::scrollTo const):
2541         * accessibility/AccessibilityRenderObject.h:
2542         (WebCore::AccessibilityRenderObject::setRenderObject):
2543         * accessibility/AccessibilitySlider.cpp:
2544         (WebCore::AccessibilitySlider::elementAccessibilityHitTest const):
2545         * accessibility/AccessibilityTable.cpp:
2546         (WebCore::AccessibilityTable::addChildren):
2547         * accessibility/AccessibilityTableCell.cpp:
2548         (WebCore::AccessibilityTableCell::computeAccessibilityIsIgnored const):
2549         (WebCore::AccessibilityTableCell::parentTable const):
2550         (WebCore::AccessibilityTableCell::rowIndexRange const):
2551         (WebCore::AccessibilityTableCell::columnIndexRange const):
2552         (WebCore::AccessibilityTableCell::titleUIElement const):
2553
2554 2017-10-10  Sam Weinig  <sam@webkit.org>
2555
2556         Replace copyKeysToVector/copyValuesToVector with copyToVector(map.keys())/copyToVector(map.values())
2557         https://bugs.webkit.org/show_bug.cgi?id=178102
2558
2559         Reviewed by Tim Horton.
2560
2561         * Modules/geolocation/Geolocation.cpp:
2562         (WebCore::Geolocation::Watchers::getNotifiersVector const):
2563         * Modules/indexeddb/IDBTransaction.cpp:
2564         (WebCore::IDBTransaction::connectionClosedFromServer):
2565         * Modules/indexeddb/client/IDBConnectionProxy.cpp:
2566         (WebCore::IDBClient::IDBConnectionProxy::connectionToServerLost):
2567         * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
2568         (WebCore::IDBServer::UniqueIDBDatabase::immediateCloseForUserDelete):
2569         * Modules/mediastream/MediaStream.cpp:
2570         (WebCore::MediaStream::getTracks const):
2571         * bindings/js/ScriptController.cpp:
2572         (WebCore::ScriptController::windowProxies):
2573         * css/CSSComputedStyleDeclaration.cpp:
2574         (WebCore::CSSComputedStyleDeclaration::item const):
2575         * dom/Document.cpp:
2576         (WebCore::Document::prepareForDestruction):
2577         * dom/DocumentMarkerController.cpp:
2578         (WebCore::DocumentMarkerController::removeMarkers):
2579         * inspector/InspectorWorkerAgent.cpp:
2580         (WebCore::InspectorWorkerAgent::disconnectFromAllWorkerInspectorProxies):
2581         * inspector/NetworkResourcesData.cpp:
2582         * loader/DocumentLoader.cpp:
2583         (WebCore::cancelAll):
2584         (WebCore::setAllDefersLoading):
2585         (WebCore::areAllLoadersPageCacheAcceptable):
2586         * loader/cache/MemoryCache.cpp:
2587         (WebCore::MemoryCache::forEachSessionResource):
2588         * loader/mac/DocumentLoaderMac.cpp:
2589         (WebCore::scheduleAll):
2590         (WebCore::unscheduleAll):
2591         * page/ResourceUsageThread.cpp:
2592         (WebCore::ResourceUsageThread::notifyObservers):
2593         * platform/mediastream/MediaStreamPrivate.cpp:
2594         (WebCore::MediaStreamPrivate::tracks const):
2595
2596             Replace copyKeysToVector / copyValuesToVector with copyToVector(map.keys()) / copyToVector(map.values())
2597
2598 2017-10-10  Yoshiaki Jitsukawa  <Yoshiaki.Jitsukawa@sony.com>
2599
2600         Fix MSVC build with ENCRYPTED_MEDIA enabled
2601         https://bugs.webkit.org/show_bug.cgi?id=177803
2602
2603         Reviewed by Alex Christensen.
2604
2605         As a workaround for MSVC, a weak pointer of "this" is captured
2606         at the outermost lambda expression.
2607
2608         * Modules/encryptedmedia/MediaKeySession.cpp:
2609         (WebCore::MediaKeySession::generateRequest):
2610         (WebCore::MediaKeySession::load):
2611         (WebCore::MediaKeySession::update):
2612         (WebCore::MediaKeySession::close):
2613         (WebCore::MediaKeySession::remove):
2614         * platform/encryptedmedia/clearkey/CDMClearKey.cpp:
2615         (WebCore::CDMInstanceClearKey::updateLicense):
2616         (WebCore::CDMInstanceClearKey::loadSession):
2617         (WebCore::CDMInstanceClearKey::removeSessionData):
2618
2619 2017-10-10  Joanmarie Diggs  <jdiggs@igalia.com>
2620
2621         AX: [ATK] ARIA form role should be mapped to ATK_ROLE_LANDMARK; not ATK_ROLE_FORM
2622         https://bugs.webkit.org/show_bug.cgi?id=178137
2623
2624         Reviewed by Chris Fleizach.
2625
2626         Expose the ARIA form role as ATK_ROLE_LANDMARK; continue to expose the HTML form
2627         element as ATK_ROLE_FORM.
2628
2629         No new tests needed due to existing coverage. Update expectations for roles-exposed.html.
2630
2631         * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
2632         (atkRole):
2633
2634 2017-10-10  Matt Rajca  <mrajca@apple.com>
2635
2636         Respect audio rate change restrictions in HTMLMediaElement::setVolume.
2637         https://bugs.webkit.org/show_bug.cgi?id=178140
2638
2639         Reviewed by Eric Carlson.
2640
2641         Tests: media/audio-playback-volume-changes-with-restrictions-and-user-gestures.html
2642                media/audio-playback-volume-changes-with-restrictions.html
2643
2644         It's currently possible for a website to start auto-playing media with a zero volume and then
2645         programmatically set the volume to a non-zero value without a user gesture. This code path didn't
2646         have to be considered previously because volume changes are not supported on iOS.
2647
2648         We currently pause media when an audio track comes in after an element has already started playing silently
2649         in mediaPlayerDidAddAudioTrack. This patch does the same when a non-zero volume is set after a media
2650         element already began playing silently and there is an audio rate change restriction.
2651
2652         * html/HTMLMediaElement.cpp:
2653         (WebCore::HTMLMediaElement::setVolume):
2654
2655 2017-10-10  Ryosuke Niwa  <rniwa@webkit.org>
2656
2657         Loading should be disabled while constructing the fragment in WebContentReader::readWebArchive
2658         https://bugs.webkit.org/show_bug.cgi?id=178118
2659
2660         Reviewed by Antti Koivisto.
2661
2662         Disable image loading while constructing the document fragment in WebContentReader::readWebArchive
2663         as we do in createFragmentAndAddResources for RTF/RTFD. This refactoring is needed to start using
2664         blob URL in the pasted document fragment for webkit.org/b/124391.
2665
2666         Also modified WebContentReader::readWebArchive to take a reference to SharedBuffer instead of a pointer.
2667
2668         No new tests since existing tests have been updated to cover this behavior change.
2669
2670         * editing/WebContentReader.h:
2671         * editing/cocoa/WebContentReaderCocoa.mm:
2672         (WebCore::WebContentReader::readWebArchive): Use DeferredLoadingScope to disable the loader and images
2673         while constructing the document fragment.
2674         * platform/Pasteboard.h:
2675         * platform/ios/PasteboardIOS.mm:
2676         (WebCore::readPasteboardWebContentDataForType):
2677         * platform/mac/PasteboardMac.mm:
2678         (WebCore::Pasteboard::read):
2679
2680 2017-10-10  Antti Koivisto  <antti@apple.com>
2681
2682         Layers should be destroyed by RenderLayerModelObject
2683         https://bugs.webkit.org/show_bug.cgi?id=178139
2684
2685         Reviewed by Simon Fraser.
2686
2687         Clean up some FIXMEs.
2688
2689         * rendering/RenderLayerModelObject.cpp:
2690         (WebCore::RenderLayerModelObject::willBeDestroyed):
2691         (WebCore::RenderLayerModelObject::destroyLayer):
2692         * rendering/RenderLayerModelObject.h:
2693         * rendering/RenderObject.cpp:
2694         (WebCore::RenderObject::willBeDestroyed):
2695
2696 2017-10-10  Chris Dumez  <cdumez@apple.com>
2697
2698         Entries API should recognize path starting with 2 slashes as valid absolute path
2699         https://bugs.webkit.org/show_bug.cgi?id=178135
2700
2701         Reviewed by Ryosuke Niwa.
2702
2703         Entries API should recognize paths starting with 2 slashes as valid absolute paths to match Chrome's behavior.
2704         See https://github.com/WICG/entries-api/commit/990454758005a6039655835503d551015e346d9d
2705
2706         This was causing us to fail some manual web-platform-tests.
2707
2708         No new tests, updated existing tests.
2709
2710         * Modules/entriesapi/DOMFileSystem.cpp:
2711         (WebCore::isValidPathSegment):
2712         (WebCore::isZeroOrMorePathSegmentsSeparatedBySlashes):
2713         (WebCore::isValidRelativeVirtualPath):
2714         (WebCore::isValidVirtualPath):
2715
2716 2017-10-10  Matt Lewis  <jlewis3@apple.com>
2717
2718         Unreviewed, rolling out r223110.
2719
2720         This caused consistent failures and timeouts on multiple
2721         platforms.
2722
2723         Reverted changeset:
2724
2725         "Delete button doesn't fully delete certain emoji"
2726         https://bugs.webkit.org/show_bug.cgi?id=178096
2727         http://trac.webkit.org/changeset/223110
2728
2729 2017-10-10  Antti Koivisto  <antti@apple.com>
2730
2731         RenderObject::destroy() should only be invoked after renderer has been removed from the tree
2732         https://bugs.webkit.org/show_bug.cgi?id=178075
2733
2734         Reviewed by Zalan Bujtas.
2735
2736         This patch fixes the remaining cases where the renderer is still in the tree while destroy()
2737         is called and adds the assert.
2738
2739         * rendering/RenderBlock.cpp:
2740         (WebCore::RenderBlock::removeLeftoverAnonymousBlock):
2741         (WebCore::RenderBlock::takeChild):
2742         * rendering/RenderBoxModelObject.cpp:
2743         (WebCore::RenderBoxModelObject::willBeDestroyed):
2744         * rendering/RenderLayer.cpp:
2745         (WebCore::RenderLayer::~RenderLayer):
2746
2747             Null the parent pointers for m_scrollCorner/m_resizer.
2748
2749         (WebCore::RenderLayer::calculateClipRects const):
2750         * rendering/RenderLayer.h:
2751         * rendering/RenderObject.cpp:
2752         (WebCore::RenderObject::willBeDestroyed):
2753         (WebCore::RenderObject::removeFromParentAndDestroyCleaningUpAnonymousWrappers):
2754         (WebCore::RenderObject::destroy):
2755
2756             Use RELEASE_ASSERT as these are cheap and important checks.
2757             Also turn isBeingDestroyed test into RELEASE_ASSERT.
2758             Remove AX call that no longer does anything.
2759
2760         (WebCore::RenderObject::destroyAndCleanupAnonymousWrappers): Deleted.
2761         * rendering/RenderObject.h:
2762         * rendering/RenderRubyBase.cpp:
2763         (WebCore::RenderRubyBase::moveBlockChildren):
2764         * rendering/RenderTableRow.cpp:
2765         (WebCore::RenderTableRow::collapseAndDestroyAnonymousSiblingRows):
2766         (WebCore::RenderTableRow::destroyAndCollapseAnonymousSiblingRows): Deleted.
2767
2768             Renamed and made this no longer destroy itself. The caller now takes care of that.
2769             Removed an unnecessary lambda.
2770
2771         * rendering/RenderTableRow.h:
2772         * style/RenderTreeUpdater.cpp:
2773         (WebCore::RenderTreeUpdater::tearDownRenderers):
2774         (WebCore::RenderTreeUpdater::tearDownRenderer):
2775         * style/RenderTreeUpdaterListItem.cpp:
2776         (WebCore::RenderTreeUpdater::ListItem::updateMarker):
2777
2778 2017-10-09  Antti Koivisto  <antti@apple.com>
2779
2780         Add isContinuation bit
2781         https://bugs.webkit.org/show_bug.cgi?id=178084
2782
2783         Reviewed by Zalan Bujtas.
2784
2785         Currently continuations are identified indirectly by comparing renderer pointer with the element renderer pointer.
2786         This is bug prone and fails to cover anonymous continuations.
2787
2788         * accessibility/AccessibilityRenderObject.cpp:
2789         (WebCore::firstChildConsideringContinuation):
2790         (WebCore::startOfContinuations):
2791         (WebCore::firstChildIsInlineContinuation):
2792         (WebCore::AccessibilityRenderObject::computeAccessibilityIsIgnored const):
2793
2794             Ignore first-letter fragment. This worked before because first-letter renderers
2795             were mistakenly considered inline element continuations (see below).
2796
2797         * rendering/RenderBoxModelObject.cpp:
2798         (WebCore::RenderBoxModelObject::setContinuation):
2799         * rendering/RenderElement.cpp:
2800         (WebCore::RenderElement::RenderElement):
2801         * rendering/RenderElement.h:
2802         (WebCore::RenderElement::hasContinuation const):
2803         (WebCore::RenderElement::isContinuation const):
2804         (WebCore::RenderElement::setIsContinuation):
2805
2806             The new bit.
2807
2808         (WebCore::RenderElement::isElementContinuation const):
2809         (WebCore::RenderElement::isInlineElementContinuation const):
2810         * rendering/RenderInline.cpp:
2811         (WebCore::RenderInline::addChildIgnoringContinuation):
2812         (WebCore::RenderInline::cloneAsContinuation const):
2813         (WebCore::RenderInline::splitInlines):
2814         (WebCore::RenderInline::childBecameNonInline):
2815         (WebCore::RenderInline::clone const): Deleted.
2816         * rendering/RenderInline.h:
2817         * rendering/RenderObject.h:
2818         (WebCore::RenderObject::isAnonymousBlock const):
2819         (WebCore::RenderObject::isElementContinuation const): Deleted.
2820
2821             The old continuation test was 'node() && node()->renderer() != this'
2822             This was fragile as nulling the renderer will make it fail.
2823             It was also wrong for first-letter renderers (isElementContinuation was true for them).
2824
2825         (WebCore::RenderObject::isInlineElementContinuation const): Deleted.
2826
2827             Move to RenderElement.
2828
2829         (WebCore::RenderObject::isBlockElementContinuation const): Deleted.
2830
2831 2017-10-10  Joanmarie Diggs  <jdiggs@igalia.com>
2832
2833         AX: [ATK] STATE_CHECKABLE should be removed from radio buttons in radiogroups with aria-readonly="true"
2834         https://bugs.webkit.org/show_bug.cgi?id=177931
2835
2836         Reviewed by Chris Fleizach.
2837
2838         Add a check in canSetValueAttribute() for readonly radiogroup ancestors of
2839         radio buttons.
2840
2841         Test: accessibility/gtk/aria-readonly-radiogroup.html
2842
2843         * accessibility/AccessibilityNodeObject.cpp:
2844         (WebCore::AccessibilityNodeObject::canSetValueAttribute const):
2845         * accessibility/AccessibilityObject.cpp:
2846         (WebCore::AccessibilityObject::radioGroupAncestor const):
2847         * accessibility/AccessibilityObject.h:
2848
2849 2017-10-09  Chris Dumez  <cdumez@apple.com>
2850
2851         Calling fileSystemDirectoryEntry.getDirectory() with empty path should not fail
2852         https://bugs.webkit.org/show_bug.cgi?id=178114
2853
2854         Reviewed by Ryosuke Niwa.
2855
2856         Calling fileSystemDirectoryEntry.getDirectory() with empty/null/undefined path should not fail as per:
2857         - https://wicg.github.io/entries-api/#dom-filesystemdirectoryentry-getdirectory
2858
2859         The empty string is a valid path as per:
2860         - https://wicg.github.io/entries-api/#valid-path
2861
2862         This aligns out behavior with Chrome.
2863
2864         No new tests, updated existing test.
2865
2866         * Modules/entriesapi/DOMFileSystem.cpp:
2867         (WebCore::isValidVirtualPath):
2868         (WebCore::resolveRelativeVirtualPath):
2869
2870 2017-10-09  Chris Dumez  <cdumez@apple.com>
2871
2872         It should not be possible to submit a form that is disconnected
2873         https://bugs.webkit.org/show_bug.cgi?id=178099
2874
2875         Reviewed by Sam Weinig.
2876
2877         It should not be possible to submit a form that is disconnected. Both Firefox and Chrome agree with the specification.
2878
2879         This is as per:
2880         https://html.spec.whatwg.org/multipage/form-control-infrastructure.html#form-submission-algorithm (step 1)
2881         which refers to:
2882         https://html.spec.whatwg.org/multipage/links.html#cannot-navigate
2883
2884         Form cannot navigate when it is disconnected.
2885
2886         No new tests, rebaselined existing tests.
2887
2888         * html/HTMLFormElement.cpp:
2889         (WebCore::HTMLFormElement::prepareForSubmission):
2890
2891 2017-10-09  Myles C. Maxfield  <mmaxfield@apple.com>
2892
2893         Delete button doesn't fully delete certain emoji
2894         https://bugs.webkit.org/show_bug.cgi?id=178096
2895         <rdar://problem/34785106>
2896
2897         Reviewed by Simon Fraser.
2898
2899         System infrastructure for handling emoji changes every year. Instead of having
2900         custom code to specifically walk over codepoints, we should delegate to the
2901         system handling.
2902
2903         Test: editing/deleting/delete-emoji.html
2904
2905         * rendering/RenderText.cpp:
2906         (WebCore::RenderText::previousOffset const):
2907         (WebCore::RenderText::previousOffsetForBackwardDeletion const):
2908         (WebCore::RenderText::nextOffset const):
2909         (WebCore::isHangulLVT): Deleted.
2910         (WebCore::isMark): Deleted.
2911         (WebCore::isRegionalIndicator): Deleted.
2912         (WebCore::isInArmenianToLimbuRange): Deleted.
2913
2914 2017-10-09  Said Abou-Hallawa  <sabouhallawa@apple.com>
2915
2916         Image data should be coalesced if it comes in small chunks before updating the ImageSource
2917         https://bugs.webkit.org/show_bug.cgi?id=175890
2918
2919         Reviewed by Simon Fraser.
2920
2921         Coalesce the updates, which an Image makes when receiving encoded data in
2922         small chunks, for all platforms. Ensure the clients of the CachedImage
2923         won't be notified unless an update in the ImageSource happens.
2924
2925         I need to change some functions' names to better implement this patch. 
2926         The names of these functions have been confusing:
2927             CachedImage::addData(SharedBuffer&)
2928             CachedImage::addDataBuffer(const char* data, unsigned)
2929             CachedImage::addIncrementalDataBuffer(SharedBuffer&)
2930
2931         The image data is not buffered incrementally into the CachedImage. When
2932         new data is received, SubresourceLoader calls CachedImage to "update" its
2933         m_data with either a SharedBuffer or a data pointer. In either case the
2934         SharedBuffer or the pointer contains all the loaded data. SubresourceLoader
2935         calls CachedImage to update its m_data, to ensure its m_image is created 
2936         and to notify its clients with the new data.
2937
2938         The verb "add" in the functions' name is misleading. I am suggesting the
2939         following names instead:
2940             CachedImage::updateBuffer(SharedBuffer&)
2941             CachedImage::updateData(const char*, unsigned)
2942             CachedImage::doUpdateBuffer(SharedBuffer&)
2943
2944         The first two are the virtual ones. They are called form SubresourceLoader.
2945         The third one is the internal implementation to update the m_data member.
2946         The same names will be used in the following classes:
2947             CachedResource which is the base class of CachedImage
2948             CachedRawResource which is derived from CachedResource
2949             CachedTextTrack which is derived from CachedResource
2950
2951         * html/ImageDocument.cpp:
2952         (WebCore::ImageDocument::updateDuringParsing):
2953         * loader/SubresourceLoader.cpp:
2954         (WebCore::SubresourceLoader::didReceiveDataOrBuffer):
2955         * loader/cache/CachedImage.cpp:
2956         (WebCore::CachedImage::clearImage): Reset the update back off members.
2957         (WebCore::CachedImage::doUpdateBuffer): Don't update CachedImage with
2958         the new data if it comes in small chunks with fast rate.
2959         (WebCore::CachedImage::shouldDeferUpdateImageData const): This code is moved 
2960         from ImageSource::dataChanged().
2961         (WebCore::CachedImage::didUpdateImageData): Ditto.
2962         (WebCore::CachedImage::updateImageData):
2963         (WebCore::CachedImage::updateBuffer):
2964         (WebCore::CachedImage::updateData):
2965         (WebCore::CachedImage::finishLoading):
2966         (WebCore::CachedImage::addIncrementalDataBuffer): Deleted.
2967         (WebCore::CachedImage::setImageDataBuffer): Deleted.
2968         (WebCore::CachedImage::addDataBuffer): Deleted.
2969         (WebCore::CachedImage::addData): Deleted.
2970         * loader/cache/CachedImage.h:
2971         * loader/cache/CachedRawResource.cpp:
2972         (WebCore::CachedRawResource::updateBuffer):
2973         (WebCore::CachedRawResource::updateData):
2974         (WebCore::CachedRawResource::addDataBuffer): Deleted.
2975         (WebCore::CachedRawResource::addData): Deleted.
2976         * loader/cache/CachedRawResource.h:
2977         * loader/cache/CachedResource.cpp:
2978         (WebCore::CachedResource::updateBuffer):
2979         (WebCore::CachedResource::updateData):
2980         (WebCore::CachedResource::addDataBuffer): Deleted.
2981         (WebCore::CachedResource::addData): Deleted.
2982         * loader/cache/CachedResource.h:
2983         * loader/cache/CachedTextTrack.cpp:
2984         (WebCore::CachedTextTrack::doUpdateBuffer): Rename updateData() to doUpdateBuffer().
2985         (WebCore::CachedTextTrack::updateBuffer): Rename addDataBuffer() to updateBuffer().
2986         (WebCore::CachedTextTrack::finishLoading): Call the internal function doUpdateBuffer().
2987         (WebCore::CachedTextTrack::updateData): Deleted.
2988         (WebCore::CachedTextTrack::addDataBuffer): Deleted.
2989         * loader/cache/CachedTextTrack.h:
2990         * platform/graphics/ImageSource.cpp:
2991         (WebCore::ImageSource::dataChanged): Move the update back off code to CachedImage::updateData().
2992         * platform/graphics/ImageSource.h:
2993
2994 2017-10-09  Michael Saboff  <msaboff@apple.com>
2995
2996         Implement RegExp Unicode property escapes
2997         https://bugs.webkit.org/show_bug.cgi?id=172069
2998
2999         Reviewed by JF Bastien.
3000
3001         Refactoring change - Added BuiltInCharacterClassID:: prefix to uses of the enum.
3002
3003         * contentextensions/URLFilterParser.cpp:
3004         (WebCore::ContentExtensions::PatternParser::atomBuiltInCharacterClass):
3005
3006 2017-10-09  Andy Estes  <aestes@apple.com>
3007
3008         [Payment Request] Implement PaymentRequest.show() and PaymentRequest.hide()
3009         https://bugs.webkit.org/show_bug.cgi?id=178043
3010         <rdar://problem/34076639>
3011
3012         Reviewed by Tim Horton.
3013
3014         Tests: http/tests/paymentrequest/payment-request-abort-method.https.html
3015                http/tests/paymentrequest/payment-request-show-method.https.html
3016
3017         * Modules/applepay/PaymentCoordinator.h:
3018         * Modules/applepay/PaymentSession.h: Virtually inherited from PaymentSessionBase to
3019         accommodate ApplePayPaymentHandler inheriting from both this and PaymentHandler.
3020         (WebCore::PaymentSession::~PaymentSession): Deleted.
3021         * Modules/applepay/paymentrequest/ApplePayPaymentHandler.cpp:
3022         (WebCore::paymentCoordinator): Virtually inherited from PaymentSessionBase to accommodate
3023         ApplePayPaymentHandler inheriting from both this and PaymentSession.
3024         (WebCore::ApplePayPaymentHandler::hasActiveSession): Added. Calls PaymentCoordinator::hasActiveSession().
3025         (WebCore::ApplePayPaymentHandler::show): Added. Calls PaymentCoordinator::beginPaymentSession().
3026         (WebCore::ApplePayPaymentHandler::hide): Added. Calls PaymentCoordinator::abortPaymentSession().
3027         * Modules/applepay/paymentrequest/ApplePayPaymentHandler.h: Inherited from PaymentSession in
3028         addition to PaymentHandler so that this can be PaymentCoordinator active session.
3029         * Modules/paymentrequest/PaymentHandler.cpp:
3030         (WebCore::PaymentHandler::create):
3031         (WebCore::PaymentHandler::hasActiveSession):
3032         * Modules/paymentrequest/PaymentHandler.h:
3033         * Modules/paymentrequest/PaymentRequest.cpp:
3034         (WebCore::PaymentRequest::~PaymentRequest):
3035         (WebCore::PaymentRequest::show): Rejected the promise if PaymentCoordinator has an active session.
3036         (WebCore::PaymentRequest::abort): Called stop().
3037         (WebCore::PaymentRequest::canSuspendForDocumentSuspension const): Returned true if state is
3038         Interactive and there is an active handler showing.
3039         (WebCore::PaymentRequest::stop): Hid the active session if it's showing, then set state to
3040         Closed and rejected the show promise.
3041         * Modules/paymentrequest/PaymentRequest.h:
3042         * Modules/paymentrequest/PaymentSessionBase.h: Added. Inherits from
3043         RefCounted<PaymentSessionBase> and defines a virtual destructor. This allows subclasses to
3044         virtually inherit a single ref-count to support multiple inheritance.
3045         * WebCore.xcodeproj/project.pbxproj:
3046         * bindings/scripts/CodeGeneratorJS.pm:
3047         (GetGnuVTableOffsetForType): Added ApplePaySession to the list of classes that need a vtable
3048         offset of 3.
3049         * page/MainFrame.cpp:
3050         (WebCore::MainFrame::setPaymentCoordinator): Added a setter for m_paymentCoordinator.
3051         * page/MainFrame.h:
3052         * testing/Internals.cpp:
3053         (WebCore::Internals::Internals): Set the main frame's payment coordinator to a new
3054         PaymentCoordinator with MockPaymentCoordinator as its client.
3055         * testing/MockPaymentCoordinator.cpp: Added a mock PaymentCoordinatorClient for testing.
3056         (WebCore::MockPaymentCoordinator::supportsVersion):
3057         (WebCore::MockPaymentCoordinator::canMakePayments):
3058         (WebCore::MockPaymentCoordinator::canMakePaymentsWithActiveCard):
3059         (WebCore::MockPaymentCoordinator::openPaymentSetup):
3060         (WebCore::MockPaymentCoordinator::showPaymentUI):
3061         (WebCore::MockPaymentCoordinator::paymentCoordinatorDestroyed):
3062         * testing/MockPaymentCoordinator.h: Added.
3063
3064 2017-10-09  Youenn Fablet  <youenn@apple.com>
3065
3066         Add quota to cache API
3067         https://bugs.webkit.org/show_bug.cgi?id=177552
3068
3069         Reviewed by Alex Christensen.
3070
3071         Tests: http/wpt/cache-storage/cache-quota.any.html
3072
3073         Storing padded opaque response body sizes within FetchResponse and CacheStorageConnection.
3074         See https://github.com/whatwg/storage/issues/31 for the rationale about this padding.
3075         Storing in CacheStorageConnection is needed for handling cloned network fetched created responses.
3076         Storing in FetchResponse is needed for handling cloned cache-storage created opaque responses.
3077
3078         Adding internals to query and set the fuzzed size of a response.
3079
3080         * Modules/cache/CacheStorageConnection.cpp:
3081         (WebCore::computeRealBodySize):
3082         (WebCore::CacheStorageConnection::computeRecordBodySize):
3083         (WebCore::CacheStorageConnection::setResponseBodySizeWithPadding):
3084         (WebCore::CacheStorageConnection::responseBodySizeWithPadding const):
3085         * Modules/cache/CacheStorageConnection.h:
3086         * Modules/cache/DOMCache.cpp:
3087         (WebCore::DOMCache::toConnectionRecord):
3088         (WebCore::DOMCache::updateRecords):
3089         * Modules/cache/DOMCache.h:
3090         * Modules/cache/DOMCacheEngine.cpp:
3091         (WebCore::DOMCacheEngine::errorToException):
3092         (WebCore::DOMCacheEngine::Record::copy const):
3093         * Modules/cache/DOMCacheEngine.h:
3094         * Modules/cache/WorkerCacheStorageConnection.cpp:
3095         (WebCore::toCrossThreadRecordData):
3096         (WebCore::fromCrossThreadRecordData):
3097         * Modules/fetch/FetchResponse.cpp:
3098         (WebCore::FetchResponse::clone):
3099         (WebCore::FetchResponse::BodyLoader::didReceiveResponse):
3100         * Modules/fetch/FetchResponse.h:
3101         * Modules/fetch/FetchResponse.idl:
3102         * testing/Internals.cpp:
3103         (WebCore::Internals::setResponseSizeWithPadding):
3104         (WebCore::Internals::responseSizeWithPadding const):
3105         * testing/Internals.h:
3106         * testing/Internals.idl:
3107
3108 2017-10-09  Zalan Bujtas  <zalan@apple.com>
3109
3110         Remove redundant RenderObject::virtualContinuation
3111         https://bugs.webkit.org/show_bug.cgi?id=178091
3112         <rdar://problem/34892906>
3113
3114         Reviewed by Antti Koivisto.
3115  
3116         virtualContinuation sounds like a feature of continuation, while it's just a (not super useful)helper override.
3117
3118         No change in functionality.
3119
3120         * rendering/RenderBlock.cpp:
3121         (WebCore::canMergeContiguousAnonymousBlocks):
3122         (WebCore::RenderBlock::takeChild):
3123         * rendering/RenderBlock.h:
3124         * rendering/RenderInline.h:
3125         * rendering/RenderObject.h:
3126         (WebCore::RenderObject::isBlockElementContinuation const):
3127         (WebCore::RenderObject::virtualContinuation const): Deleted.
3128
3129 2017-10-09  Dean Jackson  <dino@apple.com>
3130
3131         [WebGL] Third IOSurface buffer might be allocated with the wrong size
3132         https://bugs.webkit.org/show_bug.cgi?id=178092
3133         <rdar://problem/34893173>
3134
3135         Reviewed by Jer Noble.
3136
3137         If the WebGL canvas resizes after the third buffer was allocated, it
3138         was never getting told that its backing store should be thrown away.
3139
3140         * platform/graphics/cocoa/WebGLLayer.mm: Allocate the third buffer at
3141         the same time as the first two.
3142         (-[WebGLLayer allocateIOSurfaceBackingStoreWithSize:usingAlpha:]):
3143         (-[WebGLLayer bindFramebufferToNextAvailableSurface]):
3144
3145 2017-10-09  Sam Weinig  <sam@webkit.org>
3146
3147         Make HashMap::keys() and HashMap::values() work with WTF::map/WTF::copyToVector
3148         https://bugs.webkit.org/show_bug.cgi?id=178072
3149
3150         Reviewed by Darin Adler.
3151
3152         * platform/graphics/avfoundation/MediaSelectionGroupAVFObjC.h:
3153         (WebCore::MediaSelectionGroupAVFObjC::options):
3154         
3155             Update for type change for HashMap::values().
3156             
3157 2017-10-09  Wenson Hsieh  <wenson_hsieh@apple.com>
3158
3159         Unreviewed, another build fix attempt after r223031
3160
3161         The default constructor of DragTargetResponse is also invoked via initializer list in EventHandler.cpp, so we'll
3162         need to explicitly declare this constructor in the header.
3163
3164         * page/EventHandler.h:
3165
3166 2017-10-09  Ryan Haddad  <ryanhaddad@apple.com>
3167
3168         Unreviewed, rolling out r223021.
3169
3170         LayoutTests added with this change are failing.
3171
3172         Reverted changeset:
3173
3174         "[Payment Request] Implement PaymentRequest.show() and
3175         PaymentRequest.hide()"
3176         https://bugs.webkit.org/show_bug.cgi?id=178043
3177         http://trac.webkit.org/changeset/223021
3178
3179 2017-10-09  Jeremy Jones  <jeremyj@apple.com>
3180
3181         Blurry captions on retina screens.
3182         https://bugs.webkit.org/show_bug.cgi?id=177560
3183         rdar://problem/17913388
3184
3185         Reviewed by Jer Noble.
3186
3187         No new tests because the contents scale of the captions layer is not exposed to the DOM.
3188
3189         The captions layer contents scale needs to take into account the device screen scale to get the correct resolution for captions.
3190
3191         * html/shadow/MediaControlElements.cpp:
3192         (WebCore::MediaControlTextTrackContainerElement::updateTextTrackRepresentation):
3193         (WebCore::MediaControlTextTrackContainerElement::updateSizes):
3194
3195 2017-10-09  Wenson Hsieh  <wenson_hsieh@apple.com>
3196
3197         Unreviewed, fix the Windows build after r223031
3198
3199         Speculative build fix; no change in behavior.
3200
3201         * page/EventHandler.h:
3202         (WebCore::EventHandler::DragTargetResponse::DragTargetResponse):
3203
3204 2017-10-09  Alex Christensen  <achristensen@webkit.org>
3205
3206         Reduce includes in Document.h
3207         https://bugs.webkit.org/show_bug.cgi?id=178035
3208
3209         Reviewed by Darin Adler.
3210
3211         * dom/Document.h:
3212
3213 2017-10-09  Joanmarie Diggs  <jdiggs@igalia.com>
3214
3215         AX: [ATK] Explicitly-set aria-sort value of "none" should be exposed as an object attribute
3216         https://bugs.webkit.org/show_bug.cgi?id=177955
3217
3218         Reviewed by Chris Fleizach.
3219
3220         Expose "none" as the value of aria-sort when the attribute is present and not
3221         one of the other valid sort types. Also add a new AccessibilitySortDirection,
3222         SortDirectionInvalid. This is currently only being used when the sort direction
3223         is sought for a role which does not support this ARIA attribute, but might come
3224         in handy if we want to add further sanity checks on the author-provided values.
3225
3226         Test: accessibility/gtk/aria-sort-values.html
3227
3228         * accessibility/AccessibilityObject.cpp:
3229         (WebCore::AccessibilityObject::sortDirection const):
3230         * accessibility/AccessibilityObject.h:
3231         * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
3232         (webkitAccessibleGetAttributes):
3233         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
3234         (-[WebAccessibilityObjectWrapper additionalAccessibilityAttributeNames]):
3235
3236 2017-10-09  Robin Morisset  <rmorisset@apple.com>
3237
3238         Make the names of the options consistent 
3239         https://bugs.webkit.org/show_bug.cgi?id=177933
3240
3241         Reviewed by Saam Barati.
3242
3243         No functional change, just fixing comments.
3244
3245         * Modules/mediasource/MediaSource.cpp:
3246         (WebCore::MediaSource::buffered const):
3247         (WebCore::MediaSource::monitorSourceBuffers):
3248         * Modules/webaudio/AudioBufferSourceNode.cpp:
3249         (WebCore::AudioBufferSourceNode::process):
3250         * bindings/scripts/generate-bindings.pl:
3251         * css/StyleResolver.cpp:
3252         (WebCore::StyleResolver::adjustRenderStyle):
3253         * editing/BreakBlockquoteCommand.cpp:
3254         (WebCore::BreakBlockquoteCommand::doApply):
3255         * editing/ReplaceSelectionCommand.cpp:
3256         (WebCore::ReplaceSelectionCommand::doApply):
3257         * editing/VisibleSelection.cpp:
3258         (WebCore::VisibleSelection::setStartAndEndFromBaseAndExtentRespectingGranularity):
3259         * editing/VisibleUnits.cpp:
3260         (WebCore::closestWordBoundaryForPosition):
3261         * html/parser/AtomicHTMLToken.h:
3262         * html/parser/HTMLDocumentParser.cpp:
3263         (WebCore::HTMLDocumentParser::end):
3264         * inspector/InspectorOverlayPage.js:
3265         (reset):
3266         * page/ViewportConfiguration.cpp:
3267         (WebCore::ViewportConfiguration::layoutWidth const):
3268         (WebCore::ViewportConfiguration::layoutHeight const):
3269         * platform/graphics/FloatPolygon.h:
3270         * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp:
3271         (WebCore::InbandTextTrackPrivateAVF::processCueAttributes):
3272         * platform/graphics/filters/FilterOperation.h:
3273         * platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:
3274         (WebCore::GraphicsContext3D::texImage2D):
3275         * platform/mac/WidgetMac.mm:
3276         (WebCore::safeRemoveFromSuperview):
3277         * rendering/RenderBlockFlow.cpp:
3278         (WebCore::RenderBlockFlow::collapseMarginsWithChildInfo):
3279         * rendering/RenderBlockFlow.h:
3280         * rendering/RenderBox.cpp:
3281         (WebCore::RenderBox::computePositionedLogicalWidthReplaced const):
3282         * rendering/RenderObject.cpp:
3283         (WebCore::RenderObject::propagateRepaintToParentWithOutlineAutoIfNeeded const):
3284         * rendering/RenderTheme.cpp:
3285         (WebCore::RenderTheme::disabledTextColor const):
3286         * style/ClassChangeInvalidation.cpp:
3287         (WebCore::Style::computeClassChange):
3288         * style/StyleScope.cpp:
3289         (WebCore::Style::Scope::didChangeStyleSheetEnvironment):
3290         * svg/SVGAltGlyphDefElement.cpp:
3291         (WebCore::SVGAltGlyphDefElement::hasValidGlyphElements const):
3292
3293 2017-10-09  Adrian Perez de Castro  <aperez@igalia.com>
3294
3295         [WPE][GTK] Propagate libepoxy compiler flags obtained from pkg-config
3296         https://bugs.webkit.org/show_bug.cgi?id=178081
3297
3298         Reviewed by Carlos Alberto Lopez Perez.
3299
3300         No new tests needed.
3301
3302         * CMakeLists.txt: Use ${LIBEPOXY_DEFINITIONS} for building WebCore.
3303
3304 2017-10-09  Romain Bellessort  <romain.bellessort@crf.canon.fr>
3305
3306         [Readable Streams API] Implement canCloseOrEnqueue
3307         https://bugs.webkit.org/show_bug.cgi?id=178005
3308
3309         Reviewed by Youenn Fablet.
3310
3311         Implemented readableStreamDefaultControllerCanCloseOrEnqueue [1]. This is
3312         just a refactoring (based on spec) aiming at factorizing a set of tests
3313         that are done at multiple places.
3314
3315         [1] https://streams.spec.whatwg.org/#readable-stream-default-controller-can-close-or-enqueue
3316
3317         No new tests (refactoring, no new behavior).
3318
3319         * Modules/streams/ReadableStreamDefaultController.js:
3320         (enqueue): Updated.
3321         (close): Updated.
3322         * Modules/streams/ReadableStreamInternals.js:
3323         (readableStreamDefaultControllerClose): Updated.
3324         (readableStreamDefaultControllerCanCloseOrEnqueue): Added.
3325
3326 2017-10-05  Frederic Wang  <fwang@igalia.com>
3327
3328         Remove WOFF2 from Source/ThirdParty.
3329         https://bugs.webkit.org/show_bug.cgi?id=177862
3330
3331         Reviewed by Michael Catanzaro.
3332
3333         No new tests, already covered by existing tests.
3334
3335         * CMakeLists.txt: Use the system brotli/woff2 headers/libraries.
3336
3337 2017-10-08  Darin Adler  <darin@apple.com>
3338
3339         Update HTMLOListElement.start to behavior from latest HTML specification
3340         https://bugs.webkit.org/show_bug.cgi?id=178057
3341
3342         Reviewed by Chris Dumez.
3343
3344         * html/HTMLOListElement.cpp:
3345         (optionalValue): Added. Helper function that we can put into Expected.h later
3346         if we like; makes it easier to turn Expected into std::optional.
3347         (WebCore::HTMLOListElement::HTMLOListElement): Moved data member initialization
3348         into class definition so it doesn't have to be done here.
3349         (WebCore::HTMLOListElement::parseAttribute): Simplified using the new
3350         optionalValue function. Moved the call to update values in here since it's
3351         a trivial one-liner (albeit done twice).
3352         (WebCore::HTMLOListElement::updateItemValues): Deleted. Moved this into the
3353         parseAttribute function.
3354         (WebCore::HTMLOListElement::itemCount): Updated to use std::optional instead
3355         of a separate m_shouldRecalculateItemCount flag. Also inlined the
3356         recalculateItemCount function since it's a trivial one-liner.
3357         (WebCore::HTMLOListElement::itemCountAfterLayout): Deleted. The only use of
3358         this was to implement the now-obsolete behavior of the start attribute.
3359         (WebCore::HTMLOListElement::recalculateItemCount): Deleted. Moved this into
3360         the itemCount function.
3361
3362         * html/HTMLOListElement.h: Changed startForBindings to return 1 when start
3363         is not specified; this what the HTML specification now calls for. Updated
3364         for the changes above. Merged m_itemCount and m_shouldRecalculateItemCount
3365         into a single optional m_itemCount, and made it mutable so it can be
3366         computed as a side effect of calling the const member function start.
3367
3368 2017-10-08  Darin Adler  <darin@apple.com>
3369
3370         Fix bugs related to setting reflected floating point DOM attributes
3371         https://bugs.webkit.org/show_bug.cgi?id=178061
3372
3373         Reviewed by Sam Weinig.
3374
3375         * html/HTMLProgressElement.cpp:
3376         (WebCore::HTMLProgressElement::setValue): Changed the semantics to match what
3377         the HTML specification calls for. When a caller passes a negative number or
3378         zero, the value does get set on the element. Negative numbers are not allowed
3379         when you get the current value, but are allowed to be set.
3380         (WebCore::HTMLProgressElement::setMax): Changed the semantics to match what
3381         the HTML specification calls for. When a caller passes a negative number or
3382         zero, this should leave the attribute unchanged.
3383
3384         * html/shadow/MediaControlElementTypes.cpp:
3385         (WebCore::MediaControlVolumeSliderElement::setVolume): Use
3386         String::numberToStringECMAScript instead of String::number since that is what
3387         we want any time we are setting an attribute value from a floating point value.
3388         * html/shadow/MediaControlElements.cpp:
3389         (WebCore::MediaControlTimelineElement::setPosition): Ditto.
3390         (WebCore::MediaControlTimelineElement::setDuration): Removed unneeded check
3391         of std::isfinite since the single caller already checks that.
3392
3393 2017-10-08  Wenson Hsieh  <wenson_hsieh@apple.com>
3394
3395         DataTransfer.items does not contain items for custom types supplied via add or setData
3396         https://bugs.webkit.org/show_bug.cgi?id=178016
3397
3398         Reviewed by Darin Adler.
3399
3400         Minor tweaks to expose pasteboard types and data through DataTransfer's item list. This patch fixes two primary
3401         issues: (1) custom pasteboard data is not exposed through the item list in any way, and (2) the "Files"
3402         compatibility type is exposed as a separate data transfer item of kind 'string' when dropping or pasting files.
3403
3404         Tests: editing/pasteboard/data-transfer-items-add-custom-data.html
3405                editing/pasteboard/data-transfer-items-drop-file.html
3406
3407         * dom/DataTransfer.cpp:
3408         (WebCore::normalizeType):
3409
3410         Use stripLeadingAndTrailingHTMLSpaces instead of stripWhitespace.
3411
3412         (WebCore::shouldReadOrWriteTypeAsCustomData):
3413         (WebCore::DataTransfer::getDataForItem const):
3414         (WebCore::DataTransfer::getData const):
3415
3416         Add getDataForItem, a version of getData that does not normalize types before reading from the pasteboard. This
3417         normalization step is only needed for backwards compatibility with legacy types (such as "text" and "url")
3418         written to and read from using getData and setData; when using DataTransferItemList.add to set data, adding data
3419         for these types should instead write as custom pasteboard data.
3420
3421         (WebCore::DataTransfer::setDataFromItemList):
3422         (WebCore::DataTransfer::types const):
3423         (WebCore::DataTransfer::typesForItemList const):
3424
3425         Add typesForItemList, which fetches the list of types to expose as items on the DataTransfer. Importantly, this
3426         does not include the "Files" type added for compatibility when accessing DataTransfer.types, instead returning
3427         an empty array. The actual files are added separately, by iterating over DataTransfer's files in ensureItems.
3428
3429         Note that when starting a drag or copying, we will still expose the full list of file and string types to
3430         bindings and not just file-backed items. Since all of this information is supplied by the page in the first
3431         place, we don't have to worry about exposing information, such as file paths, that may exist on the pasteboard.
3432
3433         * dom/DataTransfer.h:
3434         * dom/DataTransferItem.cpp:
3435         (WebCore::DataTransferItem::getAsString const):
3436         * dom/DataTransferItemList.cpp:
3437         (WebCore::shouldExposeTypeInItemList):
3438         (WebCore::DataTransferItemList::add):
3439         (WebCore::DataTransferItemList::ensureItems const):
3440         (WebCore::isSupportedType): Deleted.
3441
3442 2017-10-08  Darin Adler  <darin@apple.com>
3443
3444         CustomElementRegistry.define was throwing a JavaScript syntax error instead of a DOM syntax error
3445         https://bugs.webkit.org/show_bug.cgi?id=178055
3446
3447         Reviewed by Sam Weinig.
3448
3449         Both the JavaScript language and the DOM have "syntax error" exceptions, but
3450         they are not the same thing.
3451
3452         Also, since the time a while back where we moved JavaScript error handling to
3453         use WebCore::Exception and WebCore::ExceptionOr, there are a number of functions
3454         that are no longer used and can be deleted.
3455
3456         * bindings/js/JSCustomElementRegistryCustom.cpp:
3457         (WebCore::validateCustomElementNameAndThrowIfNeeded): Call throwDOMSyntaxError
3458         instead of throwSyntaxError.
3459
3460         * bindings/js/JSDOMExceptionHandling.cpp:
3461         (WebCore::reportDeprecatedGetterError): Deleted. Unused.
3462         (WebCore::reportDeprecatedSetterError): Deleted. Unused.
3463         (WebCore::throwNotSupportedError): Deleted the overload without an error message,
3464         since it's unused. Changed the other overload to take an ASCIILiteral, since
3465         that is what all the callers need.
3466         (WebCore::throwInvalidStateError): Take ASCIILiteral as above.
3467         (WebCore::throwArrayElementTypeError): Deleted. Unused.
3468         (WebCore::throwDOMSyntaxError): Added an ASCIILiteral message argument. This
3469         function was unused; it's now being used above, always with a literal message.
3470         (WebCore::throwIndexSizeError): Deleted. Unused.
3471         (WebCore::throwTypeMismatchError): Deleted. Unused.
3472         * bindings/js/JSDOMExceptionHandling.h: Updated for the changes above.
3473
3474         * bindings/js/JSHTMLElementCustom.cpp:
3475         (WebCore::constructJSHTMLElement): Fixed a typo in the error message.
3476
3477 2017-10-08  Ryosuke Niwa  <rniwa@webkit.org>
3478
3479         dragenter and dragleave shouldn't use the same data transfer object
3480         https://bugs.webkit.org/show_bug.cgi?id=178056
3481
3482         Reviewed by Darin Adler.
3483
3484         This patch fixes the bug that we were using a single DataTransfer to fire dragleave and dragenter events
3485         when the drag target moves from one element to another.
3486
3487         It alos refactors DragController and EventHandler code so that the construction of DataTransfer object
3488         happens in EventHandler instead of DragController, and extracts createForUpdatingDropTarget out of
3489         createForDrop to have a better encapsulation over the data store mode.
3490
3491         drag related functions in EventHandler now takes std::unique_ptr<Pasteboard>&&, drag operation mask set
3492         by the drag source, and a boolean indicating whether this drag & drop is for files or not. updateDragAndDrop
3493         takes a closure which makes a pasteboard because it has to create two instances of DataTransfer one for
3494         dragleave event and another one for dragenter event in some cases.
3495
3496         Test: editing/pasteboard/data-transfer-is-unique-for-dragenter-and-dragleave.html
3497
3498         * dom/DataTransfer.cpp:
3499         (WebCore::DataTransfer::createForDrop): Now takes Pasteboard instead of DragData.
3500         (WebCore::DataTransfer::createForUpdatingDropTarget): Extracted out of createForDrop. Moved the code to
3501         use Readonly mode in dashboad here from createDataTransferToUpdateDrag in DragController.cpp.
3502         * dom/DataTransfer.h:
3503         * page/DragController.cpp:
3504         (WebCore::createDataTransferToUpdateDrag): Deleted.
3505         (WebCore::DragController::dragExited):
3506         (WebCore::DragController::performDragOperation):
3507         (WebCore::DragController::tryDHTMLDrag):
3508         * page/EventHandler.cpp:
3509         (WebCore::EventHandler::dispatchDragEvent): Made this fucntion take DataTransfer& instead of DataTransfer*.
3510         (WebCore::findDropZone): Ditto.
3511         (WebCore::EventHandler::dispatchDragEnterOrDragOverEvent): Added.
3512         (WebCore::EventHandler::updateDragAndDrop):
3513         (WebCore::EventHandler::cancelDragAndDrop):
3514         (WebCore::EventHandler::performDragAndDrop):
3515         (WebCore::EventHandler::dispatchDragSrcEvent):
3516         (WebCore::EventHandler::dispatchDragStartEventOnSourceElement):
3517         * page/EventHandler.h:
3518
3519 2017-10-08  Jer Noble  <jer.noble@apple.com>
3520
3521         SourceBuffer remove throws out way more content than requested
3522         https://bugs.webkit.org/show_bug.cgi?id=177884
3523         <rdar://problem/34817104>
3524
3525         Reviewed by Darin Adler.
3526
3527         Test: media/media-source/media-source-remove-too-much.html
3528
3529         The end parameter is exclusive, not inclusive, of the range to be removed.
3530
3531         * Modules/mediasource/SourceBuffer.cpp:
3532         (WebCore::SourceBuffer::removeCodedFrames):
3533
3534 2017-10-08  Brent Fulgham  <bfulgham@apple.com>
3535
3536         Nullptr deref in WebCore::Node::computeEditability
3537         https://bugs.webkit.org/show_bug.cgi?id=177905
3538         <rdar://problem/34138402>
3539
3540         Reviewed by Darin Adler.
3541
3542         Script can run when setting focus, because a blur event and a focus event are generated.
3543         A handler for one of these events can cause the focused element to be cleared. We should
3544         handle this possibility gracefully.
3545
3546         Test: fast/dom/focus-shift-crash.html
3547
3548         * dom/Document.cpp:
3549         (WebCore::Document::setFocusedElement):
3550
3551 2017-10-07  Darin Adler  <darin@apple.com>
3552
3553         Update Document.createEvent for recent DOM specification changes
3554         https://bugs.webkit.org/show_bug.cgi?id=178052
3555
3556         Reviewed by Chris Dumez.
3557
3558         * dom/BeforeUnloadEvent.cpp:
3559         (WebCore::BeforeUnloadEvent::BeforeUnloadEvent): Added a constructor for
3560         createForBindings.
3561         (WebCore::BeforeUnloadEvent::~BeforeUnloadEvent): Deleted. Just let the
3562         compiler generate this.
3563         * dom/BeforeUnloadEvent.h: Added createForBindings. Also made more things private.
3564
3565         * dom/Document.cpp:
3566         (WebCore::Document::createEvent): Updated comments for clarity. Responding to
3567         changes to the DOM specification, added support for "beforeunloadevent", "focusevent",
3568         and "svgevents", moved "keyboardevents" and "popstateevent" into the list of strings
3569         we should remove, and moved "compositionevent", "devicemotionevent",
3570         "deviceorientationevent", "hashchangeevent", "storageevent", and "textevent" into
3571         the list of strings we should keep.
3572
3573         * dom/Event.h: Added a virtual setRelatedTarget alongside the virtual relatedTarget
3574         to allow us to clean up the code that manipulates it.
3575
3576         * dom/EventContext.cpp:
3577         (WebCore::MouseOrFocusEventContext::handleLocalEvents const): Call the virtual
3578         setRelatedTarget instead of doing a little type casting dance.
3579
3580         * dom/FocusEvent.h: Added createForBindings. Made more functions private and
3581         changed setRelatedTarget into a private final override.
3582
3583         * dom/MouseEvent.h: Changed setRelatedTarget into a private final override.
3584
3585 2017-10-07  Andy Estes  <aestes@apple.com>
3586
3587         [Payment Request] Implement PaymentRequest.show() and PaymentRequest.hide()
3588         https://bugs.webkit.org/show_bug.cgi?id=178043
3589         <rdar://problem/34076639>
3590
3591         Reviewed by Tim Horton.
3592
3593         Tests: http/tests/paymentrequest/payment-request-abort-method.https.html
3594                http/tests/paymentrequest/payment-request-show-method.https.html
3595
3596         * Modules/applepay/PaymentSession.h: Virtually inherited from PaymentSessionBase to
3597         accommodate ApplePayPaymentHandler inheriting from both this and PaymentHandler.
3598         (WebCore::PaymentSession::~PaymentSession): Deleted.
3599         * Modules/applepay/paymentrequest/ApplePayPaymentHandler.cpp:
3600         (WebCore::paymentCoordinator): Virtually inherited from PaymentSessionBase to accommodate
3601         ApplePayPaymentHandler inheriting from both this and PaymentSession.
3602         (WebCore::ApplePayPaymentHandler::hasActiveSession): Added. Calls PaymentCoordinator::hasActiveSession().
3603         (WebCore::ApplePayPaymentHandler::show): Added. Calls PaymentCoordinator::beginPaymentSession().
3604         (WebCore::ApplePayPaymentHandler::hide): Added. Calls PaymentCoordinator::abortPaymentSession().
3605         * Modules/applepay/paymentrequest/ApplePayPaymentHandler.h: Inherited from PaymentSession in
3606         addition to PaymentHandler so that this can be PaymentCoordinator active session.
3607         * Modules/paymentrequest/PaymentHandler.cpp:
3608         (WebCore::PaymentHandler::create):
3609         (WebCore::PaymentHandler::hasActiveSession):
3610         * Modules/paymentrequest/PaymentHandler.h:
3611         * Modules/paymentrequest/PaymentRequest.cpp:
3612         (WebCore::PaymentRequest::~PaymentRequest):
3613         (WebCore::PaymentRequest::show): Rejected the promise if PaymentCoordinator has an active session.
3614         (WebCore::PaymentRequest::abort): Called stop().
3615         (WebCore::PaymentRequest::canSuspendForDocumentSuspension const): Returned true if state is
3616         Interactive and there is an active handler showing.
3617         (WebCore::PaymentRequest::stop): Hid the active session if it's showing, then set state to
3618         Closed and rejected the show promise.
3619         * Modules/paymentrequest/PaymentRequest.h:
3620         * Modules/paymentrequest/PaymentSessionBase.h: Added. Inherits from
3621         RefCounted<PaymentSessionBase> and defines a virtual destructor. This allows subclasses to
3622         virtually inherit a single ref-count to support multiple inheritance.
3623         * WebCore.xcodeproj/project.pbxproj:
3624         * bindings/scripts/CodeGeneratorJS.pm:
3625         (GetGnuVTableOffsetForType): Added ApplePaySession to the list of classes that need a vtable
3626         offset of 3.
3627
3628 2017-10-07  Ryosuke Niwa  <rniwa@webkit.org>
3629
3630         WebContentReader::readHTML should be shared between macOS and iOS
3631         https://bugs.webkit.org/show_bug.cgi?id=178044
3632
3633         Reviewed by Wenson Hsieh.
3634
3635         Merged the implementations for WebContentReader::readHTML between macOS and iOS.
3636
3637         * editing/cocoa/WebContentReaderCocoa.mm:
3638         (WebCore::WebContentReader::readHTML):
3639         * editing/ios/WebContentReaderIOS.mm:
3640         (WebCore::WebContentReader::readHTML): Deleted.
3641         * editing/mac/WebContentReaderMac.mm:
3642         (WebCore::WebContentReader::readHTML): Deleted.
3643
3644 2017-10-06  Zalan Bujtas  <zalan@apple.com>
3645
3646         RenderTable should not hold a collection of raw pointers to RenderTableCaption
3647         https://bugs.webkit.org/show_bug.cgi?id=178026
3648         <rdar://problem/34863090>
3649
3650         Reviewed by Simon Fraser.
3651
3652         Similar to sections, RenderTable should not store captions as raw pointers. Their lifetimes are
3653         not guaranteed to be sync with the RenderTable's.
3654
3655         Covered by existing tests.
3656
3657         * rendering/RenderTable.cpp:
3658         (WebCore::RenderTable::addCaption):
3659         (WebCore::RenderTable::removeCaption):
3660         (WebCore::RenderTable::addOverflowFromChildren):
3661         * rendering/RenderTable.h:
3662         * rendering/RenderTableCaption.cpp:
3663         (WebCore::RenderTableCaption::insertedIntoTree):
3664         (WebCore::RenderTableCaption::willBeRemovedFromTree):
3665
3666 2017-10-06  Daniel Bates  <dabates@apple.com>
3667
3668         Spelling error annotation should encompass hyphen in misspelled word that wraps across multiple lines
3669         https://bugs.webkit.org/show_bug.cgi?id=177980
3670         <rdar://problem/34847454>
3671
3672         Reviewed by Simon Fraser.
3673
3674         On macOS the spelling and grammar annotations for a word or word phrase encompass
3675         hyphenations added because the word or word phrase wraps across more than one line.
3676         The effect tends to be more aesthetically pleasing and consistent with how these
3677         annotations would be pointed out by a person in conversation: by identify the word
3678         or phrase that has a spelling or grammar issue regardless of whether that word or
3679         phrase is broken into halves due to line wrapping. The same argument applies to
3680         other annotations on macOS, including text matches. Therefore, we should always
3681         include any hyphens encompassed by a marker that were added due to line wrapping
3682         when painting the marker.
3683
3684         Test: editing/spelling/spelling-marker-includes-hyphen.html
3685
3686         * rendering/InlineTextBox.cpp:
3687         (WebCore::InlineTextBox::paintDocumentMarker): Compute the text run including any
3688         added hyphens. If a hyphen was added then the inline text box represents that text
3689         up to the hyphen. Adjust the end position of the marker to be the length of the text
3690         run if its greater than or equal to the length of the text box.
3691
3692 2017-10-06  Zalan Bujtas  <zalan@apple.com>
3693
3694         RenderTable should not hold a collection of raw pointers to RenderTableCol
3695         https://bugs.webkit.org/show_bug.cgi?id=178030
3696         <rdar://problem/34865236>
3697
3698         Reviewed by Simon Fraser.
3699
3700         In addition to the m_columnRenderersValid flag, this patch ensures that
3701         we don't dereference stale column renderers even when the flag is out of sync.
3702
3703         Covered by existing tests.
3704
3705         * rendering/RenderTable.cpp:
3706         (WebCore::RenderTable::updateColumnCache const):
3707         (WebCore::RenderTable::slowColElement const):
3708         * rendering/RenderTable.h:
3709
3710 2017-10-06  Zalan Bujtas  <zalan@apple.com>
3711
3712         RootInlineBox should not hold a collection of raw pointers to RenderBox
3713         https://bugs.webkit.org/show_bug.cgi?id=178025
3714         <rdar://problem/34862488>
3715
3716         Reviewed by Simon Fraser.
3717
3718         There are already some assertions in place to check if the renderers are valid.
3719
3720         Covered by existing test cases.
3721
3722         * rendering/RenderBlockLineLayout.cpp:
3723         (WebCore::RenderBlockFlow::reattachCleanLineFloats):
3724         (WebCore::RenderBlockFlow::determineStartPosition):
3725         (WebCore::RenderBlockFlow::determineEndPosition):
3726         * rendering/RootInlineBox.h:
3727         (WebCore::RootInlineBox::appendFloat):
3728         (WebCore::RootInlineBox::floatsPtr):
3729
3730 2017-10-06  Zalan Bujtas  <zalan@apple.com>
3731
3732         Continuation map should not hold a raw pointer
3733         https://bugs.webkit.org/show_bug.cgi?id=178021
3734         <rdar://problem/34861590>
3735
3736         Reviewed by Simon Fraser.
3737
3738         This patch ensures proper lifetime management for renderers stored in the Continuation map
3739         (currently they rely on the correctness of addChild/takeChild methods).
3740
3741         Covered by existing tests.
3742
3743         * rendering/RenderBoxModelObject.cpp:
3744         (WebCore::RenderBoxModelObject::continuation const):
3745         (WebCore::RenderBoxModelObject::setContinuation):
3746
3747 2017-10-06  Commit Queue  <commit-queue@webkit.org>
3748
3749         Unreviewed, rolling out r222791 and r222873.
3750         https://bugs.webkit.org/show_bug.cgi?id=178031
3751
3752         Caused crashes with workers/wasm LayoutTests (Requested by
3753         ryanhaddad on #webkit).
3754
3755         Reverted changesets:
3756
3757         "WebAssembly: no VM / JS version of everything but Instance"
3758         https://bugs.webkit.org/show_bug.cgi?id=177473
3759         http://trac.webkit.org/changeset/222791
3760
3761         "WebAssembly: address no VM / JS follow-ups"
3762         https://bugs.webkit.org/show_bug.cgi?id=177887
3763         http://trac.webkit.org/changeset/222873
3764
3765 2017-10-06  Alex Christensen  <achristensen@webkit.org>
3766
3767         Add more infrastructure to apply custom header fields to same-origin requests
3768         https://bugs.webkit.org/show_bug.cgi?id=177629
3769
3770         Reviewed by Ryosuke Niwa.
3771
3772         Covered by new API tests.
3773
3774         * loader/DocumentLoader.h:
3775         (WebCore::DocumentLoader::customHeaderFields):
3776         * loader/HTTPHeaderField.cpp:
3777         (WebCore::HTTPHeaderField::create):
3778         (WebCore::HTTPHeaderField::HTTPHeaderField): Deleted.
3779         * loader/HTTPHeaderField.h:
3780         (WebCore::HTTPHeaderField::encode const):
3781         (WebCore::HTTPHeaderField::decode):
3782         
3783         Change HTTPHeaderField from one String containing the name and value
3784         to a string for the name and another for value.  This matches HTTPHeaderMap
3785         and NSURLRequest more closely where names and values are treated as separate Strings.
3786         
3787         * loader/cache/CachedResourceLoader.cpp:
3788         (WebCore::CachedResourceLoader::requestResource):
3789         
3790         If the DocumentLoader has custom header fields from the WebsitePolicies, apply them to any same-origin requests.
3791         
3792         * loader/cache/CachedResourceRequest.h:
3793         (WebCore::CachedResourceRequest::resourceRequest):
3794         * platform/network/ResourceRequestBase.cpp:
3795         (WebCore::ResourceRequestBase::setCachePolicy):
3796         (WebCore::ResourceRequestBase::setTimeoutInterval):
3797         (WebCore::ResourceRequestBase::setHTTPMethod):
3798         (WebCore::ResourceRequestBase::setHTTPHeaderField):
3799         (WebCore::ResourceRequestBase::clearHTTPAuthorization):
3800         (WebCore::ResourceRequestBase::clearHTTPContentType):
3801         (WebCore::ResourceRequestBase::clearHTTPReferrer):
3802         (WebCore::ResourceRequestBase::clearHTTPOrigin):
3803         (WebCore::ResourceRequestBase::clearHTTPUserAgent):
3804         (WebCore::ResourceRequestBase::clearHTTPAccept):
3805         (WebCore::ResourceRequestBase::clearHTTPAcceptEncoding):
3806         (WebCore::ResourceRequestBase::setResponseContentDispositionEncodingFallbackArray):
3807         (WebCore::ResourceRequestBase::setHTTPBody):
3808         (WebCore::ResourceRequestBase::setAllowCookies):
3809         (WebCore::ResourceRequestBase::setPriority):
3810         (WebCore::ResourceRequestBase::addHTTPHeaderFieldIfNotPresent):
3811         (WebCore::ResourceRequestBase::addHTTPHeaderField):
3812         (WebCore::ResourceRequestBase::setHTTPHeaderFields):
3813         
3814         non-HTTP/HTTPS ResourceRequests need to be updated, too, if header fields are added.
3815         Skipping updating non-HTTP/HTTPS ResourceRequests is not a valid shortcut, and with the
3816         growing importance of custom schemes with our new public API, we should update ResourceRequests
3817         of custom schemes correctly.
3818
3819 2017-10-06  Sam Weinig  <sam@webkit.org>
3820
3821         Add basic support for getting a ImageBitmapRenderingContext
3822         https://bugs.webkit.org/show_bug.cgi?id=177983
3823
3824         Reviewed by Dean Jackson.
3825
3826         Add initial support for ImageBitmapRenderingContext.
3827
3828         * CMakeLists.txt:
3829         * DerivedSources.make:
3830         * WebCore.xcodeproj/project.pbxproj:
3831         
3832             Add new files.
3833         
3834         * dom/Document.cpp:
3835         * dom/Document.h:
3836         * dom/Document.idl:
3837         
3838             Add ImageBitmapRenderingContext to RenderingContext variant so it wil be able to
3839             be used with Document.getCSSCanvasContext.
3840         
3841         * html/HTMLCanvasElement.h:
3842         * html/HTMLCanvasElement.cpp:
3843         (WebCore::HTMLCanvasElement::setHeight):
3844         (WebCore::HTMLCanvasElement::setWidth):
3845         
3846             Throw an exception if the context is in the placeholder mode (which we
3847             signify via a special PlaceholderRenderingContext) as speced. This can't
3848             currently be hit, as setting a placeholder requires offscreen canvas
3849             support, coming soon.
3850         
3851         (WebCore::HTMLCanvasElement::getContext):
3852         
3853             Re-work to match the spec's matrix of options, adding in support
3854             for 'bitmaprenderer'/ ImageBitmapRenderingContext type as well as 
3855             the placeholder mode.
3856         
3857         (WebCore::HTMLCanvasElement::createContext2d):
3858         (WebCore::HTMLCanvasElement::getContext2d):
3859         (WebCore::HTMLCanvasElement::isWebGLType):
3860         (WebCore::HTMLCanvasElement::createContextWebGL):
3861         (WebCore::HTMLCanvasElement::getContextWebGL):
3862         (WebCore::HTMLCanvasElement::createContextWebGPU):
3863         (WebCore::HTMLCanvasElement::getContextWebGPU):
3864         (WebCore::HTMLCanvasElement::isBitmapRendererType):
3865         (WebCore::HTMLCanvasElement::createContextBitmapRenderer):
3866         (WebCore::HTMLCanvasElement::getContextBitmapRenderer):
3867
3868             Split creation out of the get functions so it can be called
3869             by getContext, where we know if the canvas is null or not.
3870
3871         * html/HTMLCanvasElement.idl:
3872         
3873             Add ImageBitmapRenderingContext to RenderingContext variant so it wil be able to
3874             be used with HTMLCanvasElement.getContext.
3875
3876         * html/canvas/CanvasRenderingContext.h:
3877         (WebCore::CanvasRenderingContext::isBitmapRenderer const):
3878         (WebCore::CanvasRenderingContext::isPlaceholder const):
3879         
3880             Add predicates for ImageBitmapRenderingContext and 
3881             PlaceholderRenderingContext.
3882         
3883         * html/canvas/ImageBitmapRenderingContext.cpp: Added.
3884         (WebCore::ImageBitmapRenderingContext::ImageBitmapRenderingContext):
3885         * html/canvas/ImageBitmapRenderingContext.h: Added.
3886         * html/canvas/ImageBitmapRenderingContext.idl: Added.
3887         * html/canvas/PlaceholderRenderingContext.cpp: Added.
3888         (WebCore::PlaceholderRenderingContext::PlaceholderRenderingContext):
3889         * html/canvas/PlaceholderRenderingContext.h: Added.
3890         
3891             Add stubbed out implementations for the new contexts.
3892
3893 2017-10-06  Jer Noble  <jer.noble@apple.com>
3894
3895         Netflix playback fails with S7353 error
3896         https://bugs.webkit.org/show_bug.cgi?id=178023
3897
3898         Reviewed by Dean Jackson.
3899
3900         On certain platforms, WebCoreDecompressionSession will fail to produce CVImageBuffers when presented with
3901         encrypted content. On those platforms, the seek() command will fail, because frames at the destination time
3902         cannot be decoded. This occurs for Netflix because the <video> element is not in the DOM at decode time.
3903
3904         Only create a WebCoreDecompressionSession in MediaPlayerPrivateMediaSourceAVFObjC when we have explicitly
3905         been asked to paint into a WebGL canvas.
3906
3907         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
3908         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::acceleratedRenderingStateChanged):
3909
3910 2017-10-06  Jiewen Tan  <jiewen_tan@apple.com>
3911
3912         Replace some stack raw pointers with RefPtrs within WebCore/dom
3913         https://bugs.webkit.org/show_bug.cgi?id=177852
3914         <rdar://problem/34804487>
3915
3916         Reviewed by Ryosuke Niwa.
3917
3918         This is an effort to reduce raw pointer usage in DOM code. In this patch,
3919         stack raw pointers that could be freed during their lifetime because of
3920         event dispatching, layout updating and etc are selected. All selections are
3921         basing on code speculation.
3922
3923         No changes in behaviours.
3924
3925         * dom/ContainerNodeAlgorithms.cpp:
3926         (WebCore::addChildNodesToDeletionQueue):
3927         Escalate the RefPtr to where node is first defined.
3928         * dom/Document.cpp:
3929         (WebCore::Document::setVisualUpdatesAllowed):
3930         (WebCore::Document::updateLayout):
3931         (WebCore::Document::updateLayoutIfDimensionsOutOfDate):
3932         Possible layout updates during their lifetime.
3933         (WebCore::Document::implicitClose):
3934         Possible event dispatching during its lifetime.
3935         (WebCore::Document::nodeChildrenWillBeRemoved):
3936         (WebCore::Document::nodeWillBeRemoved):
3937         Possible node removal during their lifetime.
3938         (WebCore::command):
3939         Possible layout updates during its lifetime.
3940         * dom/DocumentMarkerController.cpp:
3941         (WebCore::DocumentMarkerController::renderedRectsForMarkers):
3942         Possible layout updates during its lifetime.
3943         * dom/Element.cpp:
3944         (WebCore::Element::removedFrom):
3945          Possible event dispatching during its lifetime.
3946         (WebCore::checkForSiblingStyleChanges):
3947         Possible layout updates during their lifetime.
3948         * dom/MouseRelatedEvent.cpp:
3949         (WebCore::MouseRelatedEvent::computeRelativePosition):