e2bc9ab6b2f997a1c0e19a453146a1b872225f6f
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2016-07-25  Chris Dumez  <cdumez@apple.com>
2
3         ClientRect properties should be on the prototype
4         https://bugs.webkit.org/show_bug.cgi?id=160165
5
6         Reviewed by Geoffrey Garen.
7
8         Move ClientRect properties from the instance to the prototype. This
9         matches the specification, Firefox and Chrome.
10
11         Also add a serializer to ClientRect in order to match the specification:
12         - https://drafts.fxtf.org/geometry/Overview.html#domrectreadonly
13         - https://heycam.github.io/webidl/#es-serializer
14
15         This avoids breaking content that relies on JSON.stringify() to
16         serialize ClientRect objects.
17
18         Tests: fast/css/ClientRect-attributes-prototype.html
19                fast/css/ClientRect-serialization.html
20
21         * CMakeLists.txt:
22         * WebCore.xcodeproj/project.pbxproj:
23         * bindings/js/JSBindingsAllInOne.cpp:
24         * bindings/js/JSClientRectCustom.cpp: Added.
25         (WebCore::JSClientRect::toJSON):
26         * bindings/scripts/CodeGeneratorJS.pm:
27         * dom/ClientRect.idl:
28
29 2016-07-25  Chris Dumez  <cdumez@apple.com>
30
31         Parameters to DOMImplementation.createDocumentType() should be mandatory and non-nullable
32         https://bugs.webkit.org/show_bug.cgi?id=160167
33
34         Reviewed by Ryosuke Niwa.
35
36         Parameters to DOMImplementation.createDocumentType() should be mandatory
37         and non-nullable:
38         - https://dom.spec.whatwg.org/#domimplementation
39
40         Firefox and Chrome both agree with the specification. However, those
41         parameters were nullable and optional in WebKit.
42
43         Test: fast/dom/DOMImplementation/createDocumentType-parameters.html
44
45         * dom/DOMImplementation.idl:
46
47 2016-07-25  Wenson Hsieh  <wenson_hsieh@apple.com>
48
49         Media controls should not be displayed for a video until it starts playing
50         https://bugs.webkit.org/show_bug.cgi?id=160092
51         <rdar://problem/26986673>
52
53         Reviewed by Beth Dakin.
54
55         For videos that have never played back yet, we should not show media controls. To ensure this
56         behavior, we ensure that the playback behavior restriction is set upon creating the media
57         element. This restriction is then removed when the media element begins to play.
58
59         Added two new WebKit API tests.
60
61         * html/HTMLMediaElement.cpp:
62         (WebCore::HTMLMediaElement::HTMLMediaElement):
63
64 2016-07-25  Jiewen Tan  <jiewen_tan@apple.com>
65
66         Rename SubtleCrypto to WebKitSubtleCrypto
67         https://bugs.webkit.org/show_bug.cgi?id=160067
68         <rdar://problem/27483617>
69
70         Reviewed by Brent Fulgham.
71
72         Tests: crypto/webkitSubtle/gc-2.html
73                crypto/webkitSubtle/gc-3.html
74                crypto/webkitSubtle/gc.html
75
76         Rename Class SubtleCrypto to WebKitSubtleCrypto, and Crypto.subtle to Crypto.webkitSubtle in order
77         to let the new implementation to reuse the name SubtleCrypto. This renaming should match what our
78         current JSBindings use, and therefore should not introduce any change of behavoir.
79
80         * CMakeLists.txt:
81         Revise project files for for new file names.
82         * DerivedSources.cpp:
83         * DerivedSources.make:
84         * PlatformEfl.cmake:
85         * PlatformGTK.cmake:
86         * PlatformMac.cmake:
87         * WebCore.xcodeproj/project.pbxproj:
88         Revise project files for for new file names.
89         * bindings/js/JSWebKitSubtleCryptoCustom.cpp: Renamed from Source/WebCore/bindings/js/JSSubtleCryptoCustom.cpp.
90         * crypto/WebKitSubtleCrypto.cpp: Renamed from Source/WebCore/crypto/SubtleCrypto.cpp.
91         * crypto/WebKitSubtleCrypto.h: Renamed from Source/WebCore/crypto/SubtleCrypto.h.
92         * crypto/WebKitSubtleCrypto.idl: Renamed from Source/WebCore/crypto/SubtleCrypto.idl.
93         * page/Crypto.cpp:
94         (WebCore::Crypto::webkitSubtle):
95         (WebCore::Crypto::subtle): Deleted.
96         * page/Crypto.h:
97         * page/Crypto.idl:
98
99 2016-07-25  Brady Eidson  <beidson@apple.com>
100
101         Allow LocalStorage by default for file URLs.
102         https://bugs.webkit.org/show_bug.cgi?id=160169
103
104         Reviewed by Brent Fulgham.
105
106         Test: storage/domstorage/localstorage/file-can-access.html
107
108         * page/SecurityOrigin.cpp:
109         (WebCore::SecurityOrigin::canAccessStorage): Remove the m_universalAccess check for local URLs.
110
111 2016-07-25  Nan Wang  <n_wang@apple.com>
112
113         AX: AccessibilityRenderObject is adding duplicated children when CSS first-letter is being used.
114         https://bugs.webkit.org/show_bug.cgi?id=160155
115
116         Reviewed by Chris Fleizach.
117
118         We were adding the same text node twice if CSS first-letter selector was being used. Added a
119         check for the inline continuation so that we only add it once. 
120
121         Test: accessibility/mac/css-first-letter-children.html
122
123         * accessibility/AccessibilityRenderObject.cpp:
124         (WebCore::firstChildConsideringContinuation):
125
126 2016-07-25  Wenson Hsieh  <wenson_hsieh@apple.com>
127
128         Media controls on apple.com don't disappear when movie finishes playing
129         https://bugs.webkit.org/show_bug.cgi?id=160068
130         <rdar://problem/26668526>
131
132         Reviewed by Darin Adler.
133
134         When a video ends, it should cause media controls to hide. While current logic
135         mostly accounts for this, it does not account for programmatic seeks causing
136         the video to lose its 'ended' status before querying for whether or not to
137         show media controls.
138
139         Three new API tests: large-video-seek-after-ending.html
140         large-video-hides-controls-after-seek-to-end.html
141         large-video-seek-to-beginning-and-play-after-ending.html
142
143         * html/HTMLMediaElement.cpp:
144         (WebCore::HTMLMediaElement::mediaPlayerTimeChanged):
145         (WebCore::HTMLMediaElement::setPlaying):
146         * html/MediaElementSession.cpp:
147         (WebCore::MediaElementSession::canControlControlsManager):
148         * html/MediaElementSession.h:
149
150 2016-07-25  Frederic Wang  <fwang@igalia.com>
151
152         Introduce a MathMLOperatorElement class
153         https://bugs.webkit.org/show_bug.cgi?id=160034
154
155         Reviewed by Darin Adler.
156
157         No new tests, rendering is unchaned.
158
159         * CMakeLists.txt: Add MathMLOperatorElement to the build file.
160         * WebCore.xcodeproj/project.pbxproj: Ditto.
161         * mathml/MathMLAllInOne.cpp: Ditto.
162         * mathml/MathMLOperatorElement.cpp: New DOM class for <mo> element.
163         (WebCore::MathMLOperatorElement::MathMLOperatorElement):
164         (WebCore::MathMLOperatorElement::create):
165         (WebCore::MathMLOperatorElement::parseAttribute): Handle mo attributes.
166         (WebCore::MathMLOperatorElement::createElementRenderer): Create RenderMathMLOperator.
167         * mathml/MathMLOperatorElement.h: Declare a class deriving from MathMLTextElement.
168         * mathml/MathMLTextElement.cpp: Remove all the RenderMathMLOperator parts.
169         (WebCore::MathMLTextElement::MathMLTextElement): Remove inline keyword so that the class can
170         be overriden.
171         (WebCore::MathMLTextElement::parseAttribute): Remove code handled in MathMLOperatorElement.
172         (WebCore::MathMLTextElement::createElementRenderer): Ditto.
173         * mathml/MathMLTextElement.h: Make class and members overridable.
174         * mathml/mathtags.in: Map mo to MathMLOperatorElement.
175         * rendering/mathml/RenderMathMLOperator.cpp:
176         (WebCore::RenderMathMLOperator::RenderMathMLOperator): Make the constructor take a
177         MathMLOperatorElement.
178         * rendering/mathml/RenderMathMLOperator.h: Ditto.
179
180 2016-07-25  Darin Adler  <darin@apple.com>
181
182         Speed up make process slightly by improving "list of files" idiom
183         https://bugs.webkit.org/show_bug.cgi?id=160164
184
185         Reviewed by Mark Lam.
186
187         * DerivedSources.make: Change rules that build lists of files to only run when
188         DerivedSources.make has been modified since the last time they were run. Since the
189         list of files are inside this file, this is safe, and this is faster than always
190         comparing and regenerating the file containing the list of files each time.
191
192 2016-07-24  Wenson Hsieh  <wenson_hsieh@apple.com>
193
194         The web process hangs when computing elements-based snap points for a container with large max scroll offset
195         https://bugs.webkit.org/show_bug.cgi?id=152605
196         <rdar://problem/25353661>
197
198         Reviewed by Simon Fraser.
199
200         Fixes a bug in the computation of axis snap points. The ScrollSnapPoints object, which tracks
201         snap points along a particular axis, has two flags, hasRepeat and usesElements. For elements-
202         based snapping, both flags would be turned on, since StyleBuilderConverter::convertScrollSnapPoints
203         short-circuits for elements-based snapping and does not default usesRepeat to false. To address this,
204         we make ScrollSnapPoints not repeat(100%) by default.
205
206         Test: css3/scroll-snap/scroll-snap-elements-container-larger-than-children.html
207
208         * css/StyleBuilderConverter.h:
209         (WebCore::StyleBuilderConverter::convertScrollSnapPoints): Deleted.
210         * rendering/style/StyleScrollSnapPoints.cpp:
211         (WebCore::ScrollSnapPoints::ScrollSnapPoints):
212
213 2016-07-25  Carlos Garcia Campos  <cgarcia@igalia.com>
214
215         REGRESSION(r200931): Invalid cast in highestAncestorToWrapMarkup()
216         https://bugs.webkit.org/show_bug.cgi?id=160163
217
218         Reviewed by Michael Catanzaro.
219
220         Since r200931 the result of enclosingNodeOfType() in highestAncestorToWrapMarkup() is downcasted to Element, but
221         the result of enclosingNodeOfType() can be a Node that is not an Element, in this case is Text. The cast is not
222         needed at all since that node is passed to editingIgnoresContent() and selectionFromContentsOfNode() and both
223         receive a Node not an Element.
224
225         * editing/markup.cpp:
226         (WebCore::highestAncestorToWrapMarkup): Remove invalid cast.
227
228 2016-07-25  Carlos Garcia Campos  <cgarcia@igalia.com>
229
230         [Coordinated Graphics] ASSERTION FAILED: m_coordinator->isFlushingLayerChanges() in fast/repaint/animation-after-layer-scroll.html
231         https://bugs.webkit.org/show_bug.cgi?id=160156
232
233         Reviewed by Michael Catanzaro.
234
235         So, we fixed an assertion in r203663, but now is hitting the next one. As explained in bug #160142, flush
236         compositing state can be triggered in tests by RenderLayerCompositor::layerTreeAsText(), without the coordinator
237         even noticing it, so the assert can be just removed.
238
239         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
240         (WebCore::CoordinatedGraphicsLayer::flushCompositingStateForThisLayerOnly): Remove incorrect assert.
241
242 2016-07-25  Zalan Bujtas  <zalan@apple.com>
243
244         EllipsisBox ctor's isVertical parameter should read isHorizontal.
245         https://bugs.webkit.org/show_bug.cgi?id=160153
246
247         Reviewed by Andreas Kling.
248
249         It indicates whether the ellipsis box is horizontal. (both the callsites
250         and the parent class use isHorizontal)
251
252         No change in functionality.
253
254         * rendering/EllipsisBox.cpp:
255         (WebCore::EllipsisBox::EllipsisBox):
256         * rendering/EllipsisBox.h:
257
258 2016-07-25  Sergio Villar Senin  <svillar@igalia.com>
259
260         [css-grid] Implement repeat(auto-fit)
261         https://bugs.webkit.org/show_bug.cgi?id=159771
262
263         Reviewed by Darin Adler.
264
265         The auto-fit keyword works exactly as the already implemented auto-fill except that all
266         empty tracks collapse (became 0px). Absolutely positioned items do not participate on the
267         layout of the grid so they are not considered (a grid with only absolutely positioned items
268         is considered an empty grid).
269
270         Whenever a track collapses the gutters on either side do also collapse. When a collapsed
271         track's gutters collapse, they coincide exactly. If one side of a collapsed track does not
272         have a gutter then collapsing its gutters results in no gutter on either "side" of the
273         collapsed track.
274
275         In practice this means that is not possible to know the gap between 2 consecutive auto
276         repeat tracks without examining some others whenever there are collapsed tracks.
277
278         Uncommented the auto-fit cases from Mozilla tests. They have to be adapted as the reftest
279         machinery requires all the content to be rendered in the original 800x600 viewport.
280
281         Tests: fast/css-grid-layout/grid-auto-fit-columns.html
282         fast/css-grid-layout/grid-auto-fit-rows.html
283         fast/css-grid-layout/mozilla/grid-repeat-auto-fill-fit-005-part-1.html
284         fast/css-grid-layout/mozilla/grid-repeat-auto-fill-fit-005-part-2.html
285
286         * css/CSSComputedStyleDeclaration.cpp:
287         (WebCore::valueForGridTrackList): Use the newly added trackSizesForComputedStyle().
288         * rendering/RenderGrid.cpp:
289         (WebCore::RenderGrid::computeTrackBasedLogicalHeight):
290         (WebCore::RenderGrid::computeTrackSizesForDirection):
291         (WebCore::RenderGrid::isEmptyAutoRepeatTrack):
292         (WebCore::RenderGrid::gridGapForDirection): Returns the gap directly from the style.
293         (WebCore::RenderGrid::guttersSize): Computes the gap between a startLine and an
294         endLine. This method may need to inspect some other surrounding tracks to compute the gap.
295         (WebCore::RenderGrid::computeIntrinsicLogicalWidths):
296         (WebCore::RenderGrid::computeIntrinsicLogicalHeight):
297         (WebCore::RenderGrid::computeUsedBreadthOfGridTracks):
298         (WebCore::RenderGrid::gridTrackSize):
299         (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForItems):
300         (WebCore::RenderGrid::computeAutoRepeatTracksCount):
301         (WebCore::RenderGrid::computeEmptyTracksForAutoRepeat): Returns a Vector with the auto
302         repeat tracks that are going to be collapsed because they're empty.
303         (WebCore::RenderGrid::placeItemsOnGrid):
304         (WebCore::RenderGrid::trackSizesForComputedStyle): Used by ComputedStyle logic to print the
305         size of tracks. Added in order to hide the actual contents of m_columnPositions and
306         m_rowPositions to the outter world.
307         (WebCore::RenderGrid::offsetAndBreadthForPositionedChild):
308         (WebCore::RenderGrid::gridAreaBreadthForChild):
309         (WebCore::RenderGrid::populateGridPositionsForDirection): Added some extra code to compute
310         gaps as they cannot be directly added between tracks in case of having collapsed tracks.
311         (WebCore::RenderGrid::columnAxisOffsetForChild):
312         (WebCore::RenderGrid::rowAxisOffsetForChild):
313         (WebCore::RenderGrid::offsetBetweenTracks): Deleted.
314         * rendering/RenderGrid.h: Made some API private. Added new required methods/attributes.
315
316         * css/CSSComputedStyleDeclaration.cpp:
317         (WebCore::valueForGridTrackList):
318         * rendering/RenderGrid.cpp:
319         (WebCore::RenderGrid::computeTrackBasedLogicalHeight):
320         (WebCore::RenderGrid::computeTrackSizesForDirection):
321         (WebCore::RenderGrid::hasAutoRepeatEmptyTracks):
322         (WebCore::RenderGrid::isEmptyAutoRepeatTrack):
323         (WebCore::RenderGrid::gridGapForDirection):
324         (WebCore::RenderGrid::guttersSize):
325         (WebCore::RenderGrid::computeIntrinsicLogicalWidths):
326         (WebCore::RenderGrid::computeIntrinsicLogicalHeight):
327         (WebCore::RenderGrid::computeUsedBreadthOfGridTracks):
328         (WebCore::RenderGrid::gridTrackSize):
329         (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForItems):
330         (WebCore::RenderGrid::computeAutoRepeatTracksCount):
331         (WebCore::RenderGrid::computeEmptyTracksForAutoRepeat):
332         (WebCore::RenderGrid::placeItemsOnGrid):
333         (WebCore::RenderGrid::trackSizesForComputedStyle):
334         (WebCore::RenderGrid::offsetAndBreadthForPositionedChild):
335         (WebCore::RenderGrid::assumedRowsSizeForOrthogonalChild):
336         (WebCore::RenderGrid::gridAreaBreadthForChild):
337         (WebCore::RenderGrid::populateGridPositionsForDirection):
338         (WebCore::RenderGrid::columnAxisOffsetForChild):
339         (WebCore::RenderGrid::rowAxisOffsetForChild):
340         (WebCore::RenderGrid::offsetBetweenTracks): Deleted.
341         * rendering/RenderGrid.h:
342
343 2016-07-24  Frederic Wang  <fwang@igalia.com>
344
345         Move parsing of display, displaystyle and mathvariant attributes into MathML element classes
346         https://bugs.webkit.org/show_bug.cgi?id=159623
347
348         Reviewed by Brent Fulgham.
349
350         No new tests, already covered by existing tests.
351
352         * mathml/MathMLElement.cpp:
353         (WebCore::MathMLElement::parseMathVariantAttribute): Move helper function to parse the
354         mathvariant attribute.
355         (WebCore::MathMLElement::getSpecifiedDisplayStyle): Helper function to set the displaystyle
356         value from the attribute specified on the MathML element.
357         (WebCore::MathMLElement::getSpecifiedMathVariant): Helper function to set the mathvariant
358         value from the attribute specified on the MathML element.
359         * mathml/MathMLElement.h: Move the enum for mathvariant values and declare new members.
360         (WebCore::MathMLElement::acceptsDisplayStyleAttribute): Indicate whether the element accepts
361         displaystyle attribute (false for most of them).
362         (WebCore::MathMLElement::acceptsMathVariantAttribute): Indicate whether the element accepts
363         mathvariant attribute (false for most of them).
364         * mathml/MathMLInlineContainerElement.cpp:
365         (WebCore::MathMLInlineContainerElement::acceptsDisplayStyleAttribute): Add mstyle and mtable
366         to the list of elements accepting the displaystyle attribute.
367         (WebCore::MathMLInlineContainerElement::acceptsMathVariantAttribute): Add mstyle to the list
368         of elements accepting the mathvariant attribute.
369         (WebCore::MathMLInlineContainerElement::parseAttribute): Mark displaystyle and mathvariant
370         dirty if necessary. Also use the new accepts*Attribute function.
371         * mathml/MathMLInlineContainerElement.h: Declare overridden accepts*Attribute members.
372         * mathml/MathMLMathElement.cpp:
373         (WebCore::MathMLMathElement::getSpecifiedDisplayStyle): Override acceptsDisplayStyleAttribute
374         so that the display attribute is also used to set the default value if the displaystyle
375         attribute is absent.
376         (WebCore::MathMLMathElement::parseAttribute): Mark displaystyle and mathvariant dirty if
377         necessary. We directly MathMLElement::parseAttribute to avoid duplicate work.
378         * mathml/MathMLMathElement.h: Add the math tag to the list of elements accepting the
379         displaystyle and mathvariant attributes. Declare overridden getSpecifiedDisplayStyle.
380         * mathml/MathMLTextElement.cpp:
381         (WebCore::MathMLTextElement::parseAttribute): Mark mathvariant as dirty.
382         * mathml/MathMLTextElement.h: Add token elements to the list of elements accepting the
383         mathvariant attribute.
384         * rendering/mathml/MathMLStyle.cpp:
385         (WebCore::MathMLStyle::updateStyleIfNeeded): Use the new MathMLElement::MathVariant enum.
386         (WebCore::MathMLStyle::resolveMathMLStyle):  We no longer parse the display value to
387         initialize the default value on the math tag, because this is handled in
388         getSpecifiedDisplayStyle. In general, we also just call getSpecifiedDisplayStyle and
389         getSpecifiedMathVariant on the MathML elements instead of parsing the displaystyle and
390         mathvariant attributes here.
391         (WebCore::MathMLStyle::parseMathVariant): Deleted. This is moved into MathMLElement.
392         * rendering/mathml/MathMLStyle.h: Use the new MathMLElement::MathVariant enum.
393         * rendering/mathml/RenderMathMLToken.cpp: Ditto.
394         (WebCore::mathVariant): Ditto.
395         (WebCore::RenderMathMLToken::updateMathVariantGlyph): Ditto.
396
397 2016-07-25  Carlos Garcia Campos  <cgarcia@igalia.com>
398
399         Unreviewed. Remove unneeded header includes from CoordinatedGraphicsLayer.
400
401         Not only thjey are not needed, they are a layer violation, CoordinatedGraphicsLayer shouldn't know anything
402         about Page, Frame and FrameView.
403
404         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
405         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
406
407 2016-07-24  Youenn Fablet  <youenn@apple.com>
408
409         [Fetch API] Request should be created with any HeadersInit data
410         https://bugs.webkit.org/show_bug.cgi?id=159672
411
412         Reviewed by Sam Weinig.
413
414         Made Request use JSBuiltinConstructor.
415         This allows initializing newly created Request with a JS built-in function, initializeFetchRequest.
416         initializeFetchRequest can call @fillFetchHeaders internal built-in to handle any HeadersInit data.
417         Future effort should be made to migrate more initialization code in initializeFetchRequest.
418
419         Made window and worker fetch function as a JS built-in.
420         This becomes more handy as these new functions can construct the Request object.
421         They can then call a single private function that takes a Request object as input.
422         Updated DOMWindowFetch and WorkerGlobalScopeFetch code accordingly.
423
424         To enable this, the binding generator is updated to support runtime-enabled JS built-in functions and
425         private functions atttached to global objects.
426
427         Covered by existing and modified tests.
428         Binding generator test covered by updated binding tests.
429
430         * CMakeLists.txt: Adding DOMWindowFetch.js, FetchRequest.js and WorkerGlobalScopeFetch.js built-in files.
431         * DerivedSources.make: Ditto.
432         * Modules/fetch/DOMWindowFetch.cpp: Removed overloaded fetch and updated according new signature.
433         (WebCore::DOMWindowFetch::fetch):
434         * Modules/fetch/DOMWindowFetch.h: Ditto.
435         * Modules/fetch/DOMWindowFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
436         * Modules/fetch/DOMWindowFetch.js: Added.
437         (fetch):
438         * Modules/fetch/FetchHeaders.h:
439         (WebCore::FetchHeaders::setGuard): Used by FetchRequest when initializing headers.
440         * Modules/fetch/FetchRequest.cpp: 
441         (WebCore::buildHeaders): Removed as implemented in JS.
442         (WebCore::FetchRequest::initializeOptions): Added to handle most of the dictionary initialization.
443         (WebCore::FetchRequest::initializeWith): Method called from built-in constructor function.
444         (WebCore::FetchRequest::setBody): Corresponding to @setBody private method.
445         (WebCore::buildBody): Deleted.
446         * Modules/fetch/FetchRequest.h:
447         * Modules/fetch/FetchRequest.idl:
448         * Modules/fetch/FetchRequest.js: Added.
449         (initializeFetchRequest): Implements fetch Request(input, init) constructor.
450         * Modules/fetch/FetchResponse.cpp:
451         (WebCore::FetchResponse::fetch): Removed the construction of FetchRequest in fetch method since it is done by JS built-in code.
452         * Modules/fetch/FetchResponse.h:
453         * Modules/fetch/WorkerGlobalScopeFetch.cpp: Removed overloaded fetch and updated according new signature.
454         (WebCore::WorkerGlobalScopeFetch::fetch):
455         * Modules/fetch/WorkerGlobalScopeFetch.h: Ditto.
456         * Modules/fetch/WorkerGlobalScopeFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
457         * Modules/fetch/WorkerGlobalScopeFetch.js: Added.
458         (fetch):
459         * bindings/js/WebCoreBuiltinNames.h: Adding fetchRequest, setBody and Request private identifiers.
460         * bindings/scripts/CodeGenerator.pm:
461         (WK_lcfirst): Replacing dOM by dom.
462         * bindings/scripts/CodeGeneratorJS.pm:
463         (GenerateImplementation): Adding support for runtime-enabled built-in methods and private methods.
464         * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
465         (WebCore::JSTestGlobalObject::finishCreation):
466         (WebCore::jsTestGlobalObjectInstanceFunctionTestPrivateFunction):
467         * bindings/scripts/test/ObjC/DOMTestGlobalObject.mm:
468         (-[DOMTestGlobalObject testJSBuiltinFunction]):
469         * bindings/scripts/test/TestGlobalObject.idl: Adding tests for runtime-enabled global built-in methods and private methods.
470
471 2016-07-24  Nan Wang  <n_wang@apple.com>
472
473         AX: Video Controls: Volume cannot be adjusted using VO.
474         https://bugs.webkit.org/show_bug.cgi?id=160107
475
476         Reviewed by Dean Jackson.
477
478         The volume slider in video tag had 0.01 step which caused the screen reader adjusting it slowly.
479         Changed the step to 0.05 and added the aria-valuetext attribute to the slider, so that the value
480         is spoken in percentage. 
481
482         Test: accessibility/mac/video-volume-slider-accessibility.html
483
484         * Modules/mediacontrols/mediaControlsApple.js:
485         (Controller.prototype.createControls):
486         (Controller.prototype.handleVolumeSliderInput):
487         (Controller.prototype.updateVolume):
488
489 2016-07-24  David Kilzer  <ddkilzer@apple.com>
490
491         REGRESSION (r203106): Crash in WebCore::MathMLElement::parseMathMLLength()
492         <https://webkit.org/b/160111>
493         <rdar://problem/27506489>
494
495         Reviewed by Chris Dumez.
496
497         Test: mathml/mpadded-crash.html
498
499         * mathml/MathMLElement.cpp:
500         (WebCore::skipLeadingAndTrailingWhitespace): Change to take
501         StringView parameter instead of String to avoid creating a
502         temporary String that's released on return.
503
504 2016-07-24  Carlos Garcia Campos  <cgarcia@igalia.com>
505
506         [Coordinated Graphics] ASSERTION FAILED: !m_flushingLayers in fast/repaint/animation-after-layer-scroll.html
507         https://bugs.webkit.org/show_bug.cgi?id=160142
508
509         Reviewed by Michael Catanzaro.
510
511         This only happens in layout tests, because it happens when RenderLayerCompositor::layerTreeAsText() is
512         called. The thing is that CoordinatedGraphicsLayer::flushCompositingState() calls notifyFlushRequired() that
513         checks if the coordinator is flusing layers and if not it calls RenderLayerCompositor::notifyFlushRequired() and
514         returns early. This normally works because the coodinator is the one starting the layer flush, so that when
515         RenderLayerCompositor::flushPendingLayerChanges() is called the coordinator is always flusing layers. But
516         RenderLayerCompositor::layerTreeAsText() calls RenderLayerCompositor::flushPendingLayerChanges() directly, so at
517         that moment the coordinator is not flusing layers, what causes that
518         CoordinatedGraphicsLayer::flushCompositingState() ends up calling RenderLayerCompositor::notifyFlushRequired()
519         that schedules a new flush while flusing layers causing the
520         assertion. CoordinatedGraphicsLayer::flushCompositingState() is always called from
521         CompositingCoordinator::flushPendingLayerChanges() or RenderLayerCompositor::flushPendingLayerChanges() so we
522         never need to call RenderLayerCompositor::notifyFlushRequired() from there.
523
524         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
525         (WebCore::CoordinatedGraphicsLayer::notifyFlushRequired): This is void now since the return value is not checked anywhere.
526         (WebCore::CoordinatedGraphicsLayer::flushCompositingState): Remove the call to notifyFlushRequired().
527         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
528
529 2016-07-24  Darin Adler  <darin@apple.com>
530
531         Adding a new WebCore JavaScript built-in source file does not trigger rebuild of WebCoreJSBuiltins*
532         https://bugs.webkit.org/show_bug.cgi?id=160115
533
534         Reviewed by Youenn Fablet.
535
536         * DerivedSources.make: Added a missing dependency so the rule that builds WebCore_BUILTINS_WRAPPERS
537         kicks in when the list of WebCore_BUILTINS_SOURCES is modified. Also added another missing dependency
538         so that changes to the JavaScript built-ins Python scripts will also trigger WebCore_BUILTINS_WRAPPERS.
539
540         * make-generated-sources.sh: Removed. Was unused.
541
542 2016-07-23  Zalan Bujtas  <zalan@apple.com>
543
544         Stop isEmpty() from leaking out of SVG.
545         https://bugs.webkit.org/show_bug.cgi?id=160121
546
547         Reviewed by Simon Fraser.
548
549         It's unclear what isEmpty() actually means and it doesn't bring any value to Render* classes.
550
551         No change in functionality.
552
553         * editing/CompositeEditCommand.cpp:
554         (WebCore::CompositeEditCommand::addBlockPlaceholderIfNeeded):
555         * rendering/RenderElement.h:
556         * rendering/RenderListItem.cpp:
557         (WebCore::RenderListItem::isEmpty): Deleted.
558         * rendering/RenderListItem.h:
559         * rendering/RenderObject.h:
560         (WebCore::RenderObject::isEmpty): Deleted.
561         * rendering/RenderRubyRun.cpp:
562         (WebCore::RenderRubyRun::removeChild):
563         (WebCore::RenderRubyRun::isEmpty): Deleted.
564         * rendering/RenderRubyRun.h:
565         * rendering/mathml/RenderMathMLFenced.cpp:
566         (WebCore::RenderMathMLFenced::updateFromElement):
567         (WebCore::RenderMathMLFenced::addChild):
568         * rendering/mathml/RenderMathMLRoot.cpp:
569         (WebCore::RenderMathMLRoot::paint):
570         * rendering/svg/RenderSVGShape.h:
571
572 2016-07-23  Zalan Bujtas  <zalan@apple.com>
573
574         table*BorderAdjoiningCell and borderAdjoiningCell* should take reference instead of RenderTableCell*.
575         https://bugs.webkit.org/show_bug.cgi?id=160123
576
577         Reviewed by Simon Fraser.
578
579         No change in functionality.
580
581         * rendering/RenderTable.cpp:
582         (WebCore::RenderTable::tableStartBorderAdjoiningCell):
583         (WebCore::RenderTable::tableEndBorderAdjoiningCell):
584         * rendering/RenderTable.h:
585         * rendering/RenderTableCell.cpp:
586         (WebCore::RenderTableCell::computeCollapsedStartBorder):
587         (WebCore::RenderTableCell::computeCollapsedEndBorder):
588         * rendering/RenderTableCell.h:
589         (WebCore::RenderTableCell::borderAdjoiningCellBefore):
590         (WebCore::RenderTableCell::borderAdjoiningCellAfter):
591         * rendering/RenderTableCol.cpp:
592         (WebCore::RenderTableCol::borderAdjoiningCellStartBorder):
593         (WebCore::RenderTableCol::borderAdjoiningCellEndBorder):
594         (WebCore::RenderTableCol::borderAdjoiningCellBefore):
595         (WebCore::RenderTableCol::borderAdjoiningCellAfter):
596         * rendering/RenderTableCol.h:
597         * rendering/RenderTableRow.cpp:
598         (WebCore::RenderTableRow::borderAdjoiningStartCell):
599         (WebCore::RenderTableRow::borderAdjoiningEndCell):
600         * rendering/RenderTableRow.h:
601         * rendering/RenderTableSection.cpp:
602         (WebCore::RenderTableSection::borderAdjoiningStartCell):
603         (WebCore::RenderTableSection::borderAdjoiningEndCell):
604         * rendering/RenderTableSection.h:
605
606 2016-07-23  Zalan Bujtas  <zalan@apple.com>
607
608         Remove unused enum and stale comment from RenderObject.
609         https://bugs.webkit.org/show_bug.cgi?id=160122
610
611         Reviewed by Simon Fraser.
612
613         No change in functionality.
614
615         * rendering/RenderBox.h:
616
617 2016-07-23  Carlos Garcia Campos  <cgarcia@igalia.com>
618
619         [Coordinated Graphics] Lots of flaky tests
620         https://bugs.webkit.org/show_bug.cgi?id=160118
621
622         Reviewed by Michael Catanzaro.
623
624         Since the GTK+ ported to threaded compositor (coordinated graphics) there are a lot of flaky tests in the
625         bots. In manu of the cases the diff shows a different size in the FrameView layer.
626
627         This happens for tests run in the same WTR after fast/fixed-layout/fixed-layout.html. This is what happens:
628
629          1.- Test fast/fixed-layout/fixed-layout.html runs and sets fixed layout to true and fixed layout size to 400x400
630          2.- When it finishes TestController::resetStateToConsistentValues() is called.
631          3.- Blank URL is loaded after state has been updated
632          4.- Then Reset message is handled in the web process and Internals::resetToConsistentState() resets the fixed
633              layout state and size.
634          5.- onresize happens and the handler set in fast/fixed-layout/fixed-layout.html is invoked setting the fixed
635              layout to true and size to 400x400 again.
636          6.- about_blank is then loaded with the fixed layout enabled, as well as other tests after this one.
637
638         In addition to this, coordinated graphics uses a fixedVisibleContentRect in ScrollView that is never reset.
639
640         * platform/ScrollView.cpp:
641         (WebCore::ScrollView::unscaledVisibleContentSizeIncludingObscuredArea): Only use m_fixedVisibleContentRect when
642         fixed layout is enabled.
643         (WebCore::ScrollView::unscaledUnobscuredVisibleContentSize): Ditto.
644         (WebCore::ScrollView::visibleContentRectInternal): Ditto.
645         * testing/Internals.cpp:
646         (WebCore::Internals::resetToConsistentState): Reset also the m_fixedVisibleContentRect.
647
648 2016-07-23  Carlos Garcia Campos  <cgarcia@igalia.com>
649
650         [Coordinated Graphics] Test imported/blink/svg/custom/svg-image-layers-crash.html crashes
651         https://bugs.webkit.org/show_bug.cgi?id=160078
652
653         Reviewed by Michael Catanzaro.
654
655         This is a merge of Blink r155373.
656         https://chromiumcodereview.appspot.com/20789004
657
658         Disable accelerated compositing for SVGImage content layers. SVGImageChromeClient does not support it.
659
660         Fixes imported/blink/svg/custom/svg-image-layers-crash.html.
661
662         * svg/graphics/SVGImage.cpp:
663         (WebCore::SVGImage::dataChanged):
664
665 2016-07-23  Commit Queue  <commit-queue@webkit.org>
666
667         Unreviewed, rolling out r203641.
668         https://bugs.webkit.org/show_bug.cgi?id=160116
669
670         It broke make-based builds (Requested by youenn on #webkit).
671
672         Reverted changeset:
673
674         "[Fetch API] Request should be created with any HeadersInit
675         data"
676         https://bugs.webkit.org/show_bug.cgi?id=159672
677         http://trac.webkit.org/changeset/203641
678
679 2016-07-23  Youenn Fablet  <youenn@apple.com>
680
681         [Fetch API] Request should be created with any HeadersInit data
682         https://bugs.webkit.org/show_bug.cgi?id=159672
683
684         Reviewed by Sam Weinig.
685
686         Made Request use JSBuiltinConstructor.
687         This allows initializing newly created Request with a JS built-in function, initializeFetchRequest.
688         initializeFetchRequest can call @fillFetchHeaders internal built-in to handle any HeadersInit data.
689         Future effort should be made to migrate more initialization code in initializeFetchRequest.
690
691         Made window and worker fetch function as a JS built-in.
692         This becomes more handy as these new functions can construct the Request object.
693         They can then call a single private function that takes a Request object as input.
694         Updated DOMWindowFetch and WorkerGlobalScopeFetch code accordingly.
695
696         To enable this, the binding generator is updated to support runtime-enabled JS built-in functions and
697         private functions atttached to global objects.
698
699         Covered by existing and modified tests.
700         Binding generator test covered by updated binding tests.
701
702         * CMakeLists.txt: Adding DOMWindowFetch.js, FetchRequest.js and WorkerGlobalScopeFetch.js built-in files.
703         * DerivedSources.make: Ditto.
704         * Modules/fetch/DOMWindowFetch.cpp: Removed overloaded fetch and updated according new signature.
705         (WebCore::DOMWindowFetch::fetch):
706         * Modules/fetch/DOMWindowFetch.h: Ditto.
707         * Modules/fetch/DOMWindowFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
708         * Modules/fetch/DOMWindowFetch.js: Added.
709         (fetch):
710         * Modules/fetch/FetchHeaders.h:
711         (WebCore::FetchHeaders::setGuard): Used by FetchRequest when initializing headers.
712         * Modules/fetch/FetchRequest.cpp: 
713         (WebCore::buildHeaders): Removed as implemented in JS.
714         (WebCore::FetchRequest::initializeOptions): Added to handle most of the dictionary initialization.
715         (WebCore::FetchRequest::initializeWith): Method called from built-in constructor function.
716         (WebCore::FetchRequest::setBody): Corresponding to @setBody private method.
717         (WebCore::buildBody): Deleted.
718         * Modules/fetch/FetchRequest.h:
719         * Modules/fetch/FetchRequest.idl:
720         * Modules/fetch/FetchRequest.js: Added.
721         (initializeFetchRequest): Implements fetch Request(input, init) constructor.
722         * Modules/fetch/FetchResponse.cpp:
723         (WebCore::FetchResponse::fetch): Removed the construction of FetchRequest in fetch method since it is done by JS built-in code.
724         * Modules/fetch/FetchResponse.h:
725         * Modules/fetch/WorkerGlobalScopeFetch.cpp: Removed overloaded fetch and updated according new signature.
726         (WebCore::WorkerGlobalScopeFetch::fetch):
727         * Modules/fetch/WorkerGlobalScopeFetch.h: Ditto.
728         * Modules/fetch/WorkerGlobalScopeFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
729         * Modules/fetch/WorkerGlobalScopeFetch.js: Added.
730         (fetch):
731         * bindings/js/WebCoreBuiltinNames.h: Adding fetchRequest, setBody and Request private identifiers.
732         * bindings/scripts/CodeGenerator.pm:
733         (WK_lcfirst): Replacing dOM by dom.
734         * bindings/scripts/CodeGeneratorJS.pm:
735         (GenerateImplementation): Adding support for runtime-enabled built-in methods and private methods.
736         * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
737         (WebCore::JSTestGlobalObject::finishCreation):
738         (WebCore::jsTestGlobalObjectInstanceFunctionTestPrivateFunction):
739         * bindings/scripts/test/ObjC/DOMTestGlobalObject.mm:
740         (-[DOMTestGlobalObject testJSBuiltinFunction]):
741         * bindings/scripts/test/TestGlobalObject.idl: Adding tests for runtime-enabled global built-in methods and private methods.
742
743 2016-07-23  Frederic Wang  <fwang@igalia.com>
744
745         Reset font-style on the <math> element
746         https://bugs.webkit.org/show_bug.cgi?id=160074
747
748         Reviewed by Darin Adler.
749
750         Mathematical formulas with italic font-style render poorly (slanted operators, mathvariant
751         italic etc). We align on Gecko and make the user agent stylesheet reset the font-style to
752         'normal' by default. This addresses the concrete use case of formula inside theorem or
753         proposition statements, which are often written in italic.
754
755         Test: mathml/presentation/math-font-style.html
756
757         * css/mathml.css:
758         (math): Reset the font-style to normal.
759
760 2016-07-23  Frederic Wang  <fwang@igalia.com>
761
762         [MathML] PaintInfo state is not properly restored after applyTransform.
763         https://bugs.webkit.org/show_bug.cgi?id=160077
764
765         Reviewed by Simon Fraser.
766
767         PaintInfo::applyTransform modifies PaintInfo::rect and the original state is not properly
768         restored by GraphicsContextStateSaver. To avoid some weird rendering bugs in MathOperator
769         and RenderMathMLMenclose, we follow what is done in SVG renderers and make a copy of the
770         original PaintInfo before applying the transform.
771
772         Test: mathml/presentation/bug160077.html
773
774         * rendering/mathml/MathOperator.cpp:
775         (WebCore::MathOperator::paint):
776         * rendering/mathml/RenderMathMLMenclose.cpp:
777         (WebCore::RenderMathMLMenclose::paint):
778
779 2016-07-23  Youenn Fablet  <youenn@apple.com>
780
781         [Fetch API] Fetch response stream should enqueue Uint8Array
782         https://bugs.webkit.org/show_bug.cgi?id=160083
783
784         Reviewed by Sam Weinig.
785
786         Covered by updated tests.
787
788         Before enqueuing, ReadableStreamController::enqueue will convert ArrayBuffer as Uint8Array.
789         It also returns a boolean whether the operation is successful or not.
790
791         If returned value is false, calling code will stop loading or if everything is loaded it will refrain from closing the stream.
792         The enqueuing should be succesful except in OutOfMemory cases. This case is not yet handled in test cases.
793
794         Updated the code to remove templated enqueuing as Fetch has no use of it.
795
796         * Modules/fetch/FetchBody.cpp:
797         (WebCore::FetchBody::consumeAsStream): Do not close the stream if enqueuing failed.
798         * Modules/fetch/FetchBodyOwner.cpp:
799         (WebCore::FetchBodyOwner::blobChunk): Stop blob loading if enqueuing failed.
800         * Modules/fetch/FetchResponse.cpp:
801         (WebCore::FetchResponse::BodyLoader::didReceiveData): Stop resource loading if enqueuing failed.
802         (WebCore::FetchResponse::consumeBodyAsStream): Ditto.
803         * Modules/fetch/FetchResponseSource.h:
804         * bindings/js/ReadableStreamController.h:
805         (WebCore::ReadableStreamController::enqueue):
806         (WebCore::ReadableStreamController::enqueue<RefPtr<JSC::ArrayBuffer>>): Deleted.
807
808 2016-07-22  Youenn Fablet  <youenn@apple.com>
809
810         Use a private property to implement FetchResponse.body getter
811         https://bugs.webkit.org/show_bug.cgi?id=159808
812
813         Reviewed by Sam Weinig.
814
815         Covered by existing test sets.
816
817         Previously, body was handled as a CachedAttribute.
818         Using a private property will allow direct use of this property from JS built-ins which will allow easier
819         handling of ReadableStream cloning in Response.clone.
820         Also, this allows removing some binding custom code.
821
822         Updated redirect and error static methods to take NewObject keyword, as this removes a search into cached wrappers.
823         Ditto for createReadableStreamSource.
824
825         * CMakeLists.txt: Removing JSFetchResponseCustom.cpp.
826         * Modules/fetch/FetchResponse.idl: Adding createReadableStreamSource and isDisturbed private functions.
827         Making body getter a JSBuiltin.
828         * Modules/fetch/FetchResponse.js:
829         (body): Adding getter which will call createReadableStreamSource if needed.
830         * WebCore.xcodeproj/project.pbxproj: Removing JSFetchResponseCustom.cpp.
831         * bindings/js/JSFetchResponseCustom.cpp: Removed.
832         * bindings/js/ReadableStreamController.cpp:
833         (WebCore::createReadableStream): Deleted.
834         (WebCore::getReadableStreamReader): Deleted.
835         * bindings/js/ReadableStreamController.h: Removing unneeded ReadableStream helper routine now that they can be
836         handled within JS built-in code.
837         * bindings/js/WebCoreBuiltinNames.h: Adding @createReadableStreamSource, @isDisturbed  and @Response identifiers.
838
839 2016-07-22  Zalan Bujtas  <zalan@apple.com>
840
841         Handle cases when IOSurface initialization fails.
842         https://bugs.webkit.org/show_bug.cgi?id=160006
843         <rdar://problem/27495102>
844
845         Reviewed by Tim Horton and Simon Fraser.
846
847         This is an additional fix to r203514 to check if IOSurface initialization was successful.
848
849         Unable to test.
850
851         * platform/graphics/cg/ImageBufferCG.cpp:
852         (WebCore::ImageBuffer::ImageBuffer):
853         * platform/graphics/cocoa/IOSurface.h: Merge 2 c'tors.
854         * platform/graphics/cocoa/IOSurface.mm: Remove redundant IOSurface::create() code.  
855         (WebCore::IOSurface::create):
856         (WebCore::IOSurface::createFromImage):
857         (WebCore::IOSurface::IOSurface):
858         (WebCore::IOSurface::convertToFormat):
859
860 2016-07-22  Wenson Hsieh  <wenson_hsieh@apple.com>
861
862         Media controls should be displayed for media in media documents
863         https://bugs.webkit.org/show_bug.cgi?id=160104
864         <rdar://problem/27438936>
865
866         Reviewed by Myles C. Maxfield.
867
868         Make videos that would otherwise not have been large enough or have the right
869         aspect ratio cause media controls to appear. This is because media elements in
870         a media document are implied to be main content.
871
872         Added a new API test.
873
874         * html/MediaElementSession.cpp:
875         (WebCore::MediaElementSession::canControlControlsManager):
876
877 2016-07-22  Myles C. Maxfield  <mmaxfield@apple.com>
878
879         All dancers with bunny ears are female
880         https://bugs.webkit.org/show_bug.cgi?id=160102
881         <rdar://problem/27453479>
882
883         Reviewed by Simon Fraser.
884
885         In r203330 I added support for new emoji group candidates. I accidentally
886         missed one of the new emoji code points.
887
888         Tests: editing/deleting/delete-emoji.html:
889                fast/text/emoji-gender-2-9.html:
890                fast/text/emoji-gender-9.html:
891                fast/text/emoji-gender-fe0f-9.html:
892
893         * platform/text/CharacterProperties.h:
894         (WebCore::isEmojiGroupCandidate):
895
896 2016-07-22  Chris Dumez  <cdumez@apple.com>
897
898         Parameter to HTMLCollection.item() / namedItem() should be mandatory
899         https://bugs.webkit.org/show_bug.cgi?id=160099
900
901         Reviewed by Sam Weinig.
902
903         Parameter to HTMLCollection.item() / namedItem() should be mandatory:
904         - https://dom.spec.whatwg.org/#interface-htmlcollection
905         - https://html.spec.whatwg.org/multipage/infrastructure.html#htmlformcontrolscollection
906         - https://html.spec.whatwg.org/multipage/infrastructure.html#the-htmloptionscollection-interface
907
908         Firefox and Chrome agree with the specification.
909
910         No new tests, rebaselined existing tests.
911
912         * bindings/js/JSHTMLFormControlsCollectionCustom.cpp:
913         (WebCore::JSHTMLFormControlsCollection::namedItem):
914         * html/HTMLCollection.idl:
915         * html/HTMLFormControlsCollection.idl:
916         * html/HTMLOptionsCollection.idl:
917
918 2016-07-22  Chris Dumez  <cdumez@apple.com>
919
920         First parameter to Window.getComputedStyle() should be mandatory and non-nullable
921         https://bugs.webkit.org/show_bug.cgi?id=160097
922
923         Reviewed by Ryosuke Niwa.
924
925         First parameter to Window.getComputedStyle() should be mandatory and
926         non-nullable:
927         - https://drafts.csswg.org/cssom/#extensions-to-the-window-interface
928
929         Firefox and Chrome agree with the specification.
930
931         Test: fast/dom/Window/getComputedStyle-missing-parameter.html
932
933         * css/CSSComputedStyleDeclaration.cpp:
934         (WebCore::ComputedStyleExtractor::ComputedStyleExtractor):
935         (WebCore::CSSComputedStyleDeclaration::CSSComputedStyleDeclaration):
936         (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
937         (WebCore::CSSComputedStyleDeclaration::copyProperties):
938         (WebCore::CSSComputedStyleDeclaration::length):
939         (WebCore::CSSComputedStyleDeclaration::item):
940         (WebCore::CSSComputedStyleDeclaration::getPropertyValue):
941         * css/CSSComputedStyleDeclaration.h:
942         * dom/Document.idl:
943         * inspector/InspectorCSSAgent.cpp:
944         (WebCore::InspectorCSSAgent::getComputedStyleForNode):
945         * page/DOMWindow.cpp:
946         (WebCore::DOMWindow::getComputedStyle):
947         * page/DOMWindow.h:
948         * page/DOMWindow.idl:
949         * testing/Internals.cpp:
950         (WebCore::Internals::computedStyleIncludingVisitedInfo):
951         * testing/Internals.h:
952         * testing/Internals.idl:
953
954 2016-07-22  Brady Eidson  <beidson@apple.com>
955
956         Removing IndexedDatabases that have stored blobs doesn't remove the blob files.
957         https://bugs.webkit.org/show_bug.cgi?id=160089
958
959         Reviewed by Darin Adler.
960
961         Tested by API test IndexedDB.StoreBlobThenDelete.
962
963         Blob filenames exist in the IDB directory with the name "[0-9]+.blob".
964         
965         That is, one or more digits, followed by ".blob".
966         
967         So when we delete an IndexedDB.sqlite3 and related files, we should delete those blob files as well.
968         
969         * Modules/indexeddb/server/IDBServer.cpp:
970         (WebCore::IDBServer::removeAllDatabasesForOriginPath):
971
972 2016-07-22  Chris Dumez  <cdumez@apple.com>
973
974         Fix default parameter values for window.alert() / prompt() / confirm()
975         https://bugs.webkit.org/show_bug.cgi?id=160085
976
977         Reviewed by Ryosuke Niwa.
978
979         Fix default parameter values for window.alert() / prompt() / confirm() to
980         match the specification:
981         - https://html.spec.whatwg.org/multipage/browsers.html#the-window-object
982
983         They should default to the empty string, not the string "undefined".
984
985         Firefox and chrome agree with the specification.
986
987         No new tests, updated existing test.
988
989         * page/DOMWindow.h:
990         * page/DOMWindow.idl:
991
992 2016-07-22  Daniel Bates  <dabates@apple.com>
993
994         CSP: object-src and plugin-types directives are not respected for plugin replacements
995         https://bugs.webkit.org/show_bug.cgi?id=159761
996         <rdar://problem/27365724>
997
998         Reviewed by Brent Fulgham.
999
1000         Apply the Content Security Policy (CSP) object-src and plugin-types directives to content that will
1001         load with a plugin replacement.
1002
1003         Tests: security/contentSecurityPolicy/object-src-none-blocks-quicktime-plugin-replacement.html
1004                security/contentSecurityPolicy/object-src-none-blocks-youtube-plugin-replacement.html
1005                security/contentSecurityPolicy/plugins-types-allows-quicktime-plugin-replacement.html
1006                security/contentSecurityPolicy/plugins-types-allows-youtube-plugin-replacement.html
1007                security/contentSecurityPolicy/plugins-types-blocks-quicktime-plugin-replacement-without-mime-type.html
1008                security/contentSecurityPolicy/plugins-types-blocks-quicktime-plugin-replacement.html
1009                security/contentSecurityPolicy/plugins-types-blocks-youtube-plugin-replacement-without-mime-type.html
1010                security/contentSecurityPolicy/plugins-types-blocks-youtube-plugin-replacement.html
1011
1012         * html/HTMLPlugInImageElement.cpp:
1013         (WebCore::HTMLPlugInImageElement::allowedToLoadPluginContent): Added.
1014         (WebCore::HTMLPlugInImageElement::requestObject): Only request loading plugin content if we
1015         are allowed to load such content.
1016         * html/HTMLPlugInImageElement.h:
1017         * loader/SubframeLoader.cpp:
1018         (WebCore::SubframeLoader::pluginIsLoadable): Removed code to check CSP as we will check CSP
1019         earlier in HTMLPlugInImageElement::requestObject().
1020         (WebCore::SubframeLoader::requestPlugin): Ditto.
1021         (WebCore::SubframeLoader::isPluginContentAllowedByContentSecurityPolicy): Deleted; moved implementation
1022         to HTMLPlugInImageElement::allowedToLoadPluginContent().
1023         (WebCore::SubframeLoader::requestObject): Deleted.
1024         * loader/SubframeLoader.h:
1025         * page/csp/ContentSecurityPolicy.cpp:
1026         (WebCore::ContentSecurityPolicy::upgradeInsecureRequestIfNeeded): Changed signature from a non-const
1027         function to a const function since these functions do not modify |this|.
1028         * page/csp/ContentSecurityPolicy.h: 
1029
1030 2016-07-22  Chris Dumez  <cdumez@apple.com>
1031
1032         Parameters to Node.replaceChild() / insertBefore() should be mandatory
1033         https://bugs.webkit.org/show_bug.cgi?id=160091
1034
1035         Reviewed by Darin Adler.
1036
1037         Parameters to Node.replaceChild() / insertBefore() should be mandatory:
1038         - https://dom.spec.whatwg.org/#node
1039
1040         The compatibility risk should be low since Firefox and Chrome both agree
1041         with the specification and because it does not make much sense to omit
1042         parameters when using this API.
1043
1044         No new tests, rebaselined existing tests.
1045
1046         * bindings/js/JSNodeCustom.cpp:
1047         (WebCore::JSNode::insertBefore):
1048         (WebCore::JSNode::replaceChild):
1049
1050 2016-07-22  Chris Dumez  <cdumez@apple.com>
1051
1052         Parameter to Node.contains() should be mandatory
1053         https://bugs.webkit.org/show_bug.cgi?id=160084
1054
1055         Reviewed by Darin Adler.
1056
1057         Parameter to Node.contains() should be mandatory as per the
1058         specification:
1059         - https://dom.spec.whatwg.org/#node
1060
1061         The compatibility risk should be low because both Firefox and Chrome
1062         both agree with the specification. Also, it does not make much sense
1063         to call this API without parameter.
1064
1065         No new tests, rebaselined existing tests.
1066
1067         * dom/Node.idl:
1068
1069 2016-07-22  Said Abou-Hallawa  <sabouhallawa@apple.com>
1070
1071         [iOS] REGRESSION(203378): PDFDocumentImage::updateCachedImageIfNeeded() uses the unscaled size when deciding whether to cache the PDF image
1072         https://bugs.webkit.org/show_bug.cgi?id=159933
1073
1074         Reviewed by Simon Fraser.
1075
1076         We need to use the scaled size when deciding whether to cache the PDF image
1077         or not. This is because ImageBuffer takes the display resolution into account
1078         which gives higher resolution for the image when zooming.
1079
1080         * platform/graphics/cg/PDFDocumentImage.cpp:
1081         (WebCore::PDFDocumentImage::updateCachedImageIfNeeded):
1082
1083 2016-07-22  Chris Dumez  <cdumez@apple.com>
1084
1085         First parameter to getElementById() should be mandatory
1086         https://bugs.webkit.org/show_bug.cgi?id=160087
1087
1088         Reviewed by Darin Adler.
1089
1090         First parameter to getElementById() should be mandatory:
1091         - https://dom.spec.whatwg.org/#nonelementparentnode
1092         - https://www.w3.org/TR/SVG/struct.html#InterfaceSVGSVGElement
1093
1094         Both Firefox and Chrome agree with the specification.
1095
1096         Test: svg/dom/SVGSVGElement-getElementById.html
1097
1098         * dom/NonElementParentNode.idl:
1099         * svg/SVGSVGElement.idl:
1100
1101 2016-07-22  Chris Dumez  <cdumez@apple.com>
1102
1103         Parameter to Node.lookupPrefix() / lookupNamespaceURI() / isDefaultNamespace() should be mandatory
1104         https://bugs.webkit.org/show_bug.cgi?id=160086
1105
1106         Reviewed by Darin Adler.
1107
1108         Parameter to Node.lookupPrefix() / lookupNamespaceURI() / isDefaultNamespace()
1109         should be mandatory:
1110         - https://dom.spec.whatwg.org/#node
1111
1112         Firefox and Chrome both agree with the specification.
1113
1114         No new tests, rebaselined existing tests.
1115
1116         * dom/Node.idl:
1117
1118 2016-07-22  Chris Dumez  <cdumez@apple.com>
1119
1120         Parameter to Node.compareDocumentPosition() should be mandatory and non-nullable
1121         https://bugs.webkit.org/show_bug.cgi?id=160071
1122
1123         Reviewed by Ryosuke Niwa.
1124
1125         
1126         Parameter to Node.compareDocumentPosition() should be mandatory and
1127         non-nullable:
1128         - https://dom.spec.whatwg.org/#interface-node
1129
1130         Firefox and Chrome agree with the specification so the compatibility
1131         risk should be low. Also, it does not make much sense to call this
1132         operation without parameter.
1133
1134         No new tests, rebaselined existing tests.
1135
1136         * accessibility/AccessibilityObject.cpp:
1137         (WebCore::rangeClosestToRange):
1138         * dom/AuthorStyleSheets.cpp:
1139         (WebCore::AuthorStyleSheets::addStyleSheetCandidateNode):
1140         * dom/Node.cpp:
1141         (WebCore::compareDetachedElementsPosition):
1142         (WebCore::Node::compareDocumentPosition):
1143         * dom/Node.h:
1144         * dom/Node.idl:
1145         * dom/Position.h:
1146         (WebCore::operator<):
1147         * html/HTMLFormElement.cpp:
1148         (WebCore::HTMLFormElement::formElementIndexWithFormAttribute):
1149         (WebCore::HTMLFormElement::formElementIndex):
1150         * rendering/RenderNamedFlowThread.cpp:
1151         (WebCore::RenderNamedFlowThread::nextRendererForElement):
1152         (WebCore::compareRenderNamedFlowFragments):
1153         (WebCore::RenderNamedFlowThread::registerNamedFlowContentElement):
1154
1155 2016-07-22  Konstantin Tokarev  <annulen@yandex.ru>
1156
1157         [cmake] Removed obsolete plugins/win directory
1158         https://bugs.webkit.org/show_bug.cgi?id=160081
1159
1160         Reviewed by Per Arne Vollan.
1161
1162         It was removed in r178219.
1163
1164         No new tests needed.
1165
1166         * PlatformWin.cmake:
1167
1168 2016-07-22  Youenn Fablet  <youenn@apple.com>
1169
1170         run-builtins-generator-tests should be able to test WebCore builtins wrapper with more than one file
1171         https://bugs.webkit.org/show_bug.cgi?id=159921
1172
1173         Reviewed by Brian Burg.
1174
1175         Covered by existing and added built-ins tests.
1176
1177         Updating built system according ---wrappers-only new meaning.
1178         builtin generator is now called for each individual built-in file plus once for WebCore wrapper files.
1179         WebCore wrapper files allow handling things like conditionally guarded features.
1180         They also remove the need to use built-ins macros outside generated code.
1181
1182         * CMakeLists.txt:
1183         * DerivedSources.make:
1184
1185 2016-07-21  Frederic Wang  <fwang@igalia.com>
1186
1187         Move parsing of accentunder and accent attributes from renderer to element classes
1188         https://bugs.webkit.org/show_bug.cgi?id=159625
1189
1190         Reviewed by Brent Fulgham.
1191
1192         We introduce a new MathMLUnderOverElement that is used for elements munder, mover and
1193         munderover in order to create RenderMathMLUnderOver and parse and expose the values of the
1194         accent and accentunder attributes. This is one more step toward moving MathML attribute
1195         parsing to the DOM (bug 156536). We also do minor clean-up for this and previous renderer
1196         classes that no longer do attribute parsing: the MathMLNames namespace is no longer necessary
1197         and constructors can take a more accurate element type.
1198
1199         No new tests, already covered by existing test.
1200
1201         * CMakeLists.txt: Add MathMLUnderOverElement files.
1202         * WebCore.xcodeproj/project.pbxproj: Ditto.
1203         * mathml/MathMLAllInOne.cpp: Ditto.
1204         * mathml/MathMLElement.cpp:
1205         (WebCore::MathMLElement::cachedBooleanAttribute): Add parsing of boolean attributes.
1206         * mathml/MathMLElement.h: New type and helper functions for boolean attributes.
1207         * mathml/MathMLInlineContainerElement.cpp:
1208         (WebCore::MathMLInlineContainerElement::createElementRenderer): Remove handling of
1209         under/over/underover elements.
1210         * mathml/MathMLScriptsElement.cpp:
1211         (WebCore::MathMLScriptsElement::MathMLScriptsElement): Remove inline keyword to avoid link
1212         errors now that MathMLUnderOverElement overrides that class.
1213         * mathml/MathMLScriptsElement.h: Allow MathMLUnderOverElement to override this class.
1214         * mathml/MathMLUnderOverElement.cpp:
1215         (WebCore::MathMLUnderOverElement::MathMLUnderOverElement):
1216         (WebCore::MathMLUnderOverElement::create):
1217         (WebCore::MathMLUnderOverElement::accent): Helper function to access the accent value.
1218         (WebCore::MathMLUnderOverElement::accentUnder): Helper function to access the accentunder value.
1219         (WebCore::MathMLUnderOverElement::parseAttribute): Make accent and accentunder dirty.
1220         (WebCore::MathMLUnderOverElement::createElementRenderer): Create RenderMathMLUnderOver
1221         * mathml/MathMLUnderOverElement.h:
1222         * mathml/mathtags.in: Map under/over/underover to MathMLUnderOverElement.
1223         * rendering/mathml/RenderMathMLFraction.cpp: Remove MathMLNames and make the constructor
1224         take a MathMLFractionElement.
1225         (WebCore::RenderMathMLFraction::RenderMathMLFraction):
1226         * rendering/mathml/RenderMathMLFraction.h:
1227         * rendering/mathml/RenderMathMLPadded.cpp: Remove MathMLNames and make the constructor
1228         take a MathMLPaddedElement.
1229         (WebCore::RenderMathMLPadded::RenderMathMLPadded):
1230         * rendering/mathml/RenderMathMLPadded.h:
1231         * rendering/mathml/RenderMathMLScripts.cpp: Remove MathMLNames and make the constructor
1232         take a MathMLScriptsElement. Also rename scriptsElement() to element().
1233         (WebCore::RenderMathMLScripts::RenderMathMLScripts):
1234         (WebCore::RenderMathMLScripts::element):
1235         (WebCore::RenderMathMLScripts::getScriptMetricsAndLayoutIfNeeded):
1236         (WebCore::RenderMathMLScripts::scriptsElement): Deleted.
1237         * rendering/mathml/RenderMathMLScripts.h:
1238         * rendering/mathml/RenderMathMLUnderOver.cpp: Remove MathMLNames and make the constructor
1239         take a RenderMathMLUnderOver.
1240         (WebCore::RenderMathMLUnderOver::RenderMathMLUnderOver):
1241         (WebCore::RenderMathMLUnderOver::element):
1242         (WebCore::RenderMathMLUnderOver::hasAccent): Use the helper functions for accent and accentunder.
1243         * rendering/mathml/RenderMathMLUnderOver.h:
1244
1245 2016-07-21  Chris Dumez  <cdumez@apple.com>
1246
1247         Parameter to Node.isSameNode() / isEqualNode() should be mandatory
1248         https://bugs.webkit.org/show_bug.cgi?id=160070
1249
1250         Reviewed by Ryosuke Niwa.
1251
1252         Parameter to Node.isSameNode() / isEqualNode() should be mandatory as
1253         per the specification:
1254         - https://dom.spec.whatwg.org/#interface-node
1255
1256         Chrome and Firefox agree with the specification (although Firefox does
1257         not support isSameNode()).
1258
1259         No new tests, rebaselined existing tests.
1260
1261         * dom/Node.idl:
1262
1263 2016-07-21  Chris Dumez  <cdumez@apple.com>
1264
1265         Parameter to Document.createEvent() should be mandatory
1266         https://bugs.webkit.org/show_bug.cgi?id=160065
1267
1268         Reviewed by Darin Adler.
1269
1270         Parameter to Document.createEvent() should be mandatory as per the
1271         specification:
1272         - https://dom.spec.whatwg.org/#document
1273
1274         We already throw anyway when the parameter is omitted because we use
1275         "undefined" as event type, which is invalid. However, we throw the
1276         wrong exception.
1277
1278         Firefox and Chrome agree with the specification here.
1279
1280         No new tests, rebaselined existing tests.
1281
1282         * dom/Document.idl:
1283
1284 2016-07-21  Brian Burg  <bburg@apple.com>
1285
1286         REGRESSION(r62549): Objective-C DOM bindings sometimes fail to regenerate when CodeGenerator.pm is modified
1287         https://bugs.webkit.org/show_bug.cgi?id=160031
1288
1289         Reviewed by Darin Adler.
1290
1291         This bug was caused by a refactoring 6 years ago. Not all uses of a variable
1292         were renamed, so the ObjC bindings target pattern was not specifying any
1293         build scripts as target dependencies.
1294
1295         * DerivedSources.make: Standardize on {COMMON,JS,DOM}_BINDINGS_SCRIPTS.
1296
1297 2016-07-21  Darin Adler  <darin@apple.com>
1298
1299         Remove unneeded content attribute name "playsinline"
1300         https://bugs.webkit.org/show_bug.cgi?id=160069
1301
1302         Reviewed by Chris Dumez.
1303
1304         * html/HTMLVideoElement.idl: Removed explicit content attribute name on Reflect
1305         attribute since it is the same as the name that the code generator will generate.
1306
1307 2016-07-21  Chris Dumez  <cdumez@apple.com>
1308
1309         Make parameters to Element.getElementsBy*() operations mandatory
1310         https://bugs.webkit.org/show_bug.cgi?id=160060
1311
1312         Reviewed by Darin Adler.
1313
1314         Make parameters to Element.getElementsBy*() operations mandatory to
1315         match the specification:
1316         - https://dom.spec.whatwg.org/#interface-element
1317
1318         Firefox and Chrome agree with the specification so the compatibility
1319         risk should be low.
1320
1321         It makes very little sense to call these operations without parameter,
1322         especially considering WebKit uses the string "undefined" if the
1323         parameter is omitted.
1324
1325         No new tests, rebaselined existing tests.
1326
1327         * dom/Element.idl:
1328
1329 2016-07-21  Chris Dumez  <cdumez@apple.com>
1330
1331         Make parameters mandatory for attribute-related API on Element
1332         https://bugs.webkit.org/show_bug.cgi?id=160059
1333
1334         Reviewed by Ryosuke Niwa.
1335
1336         Make parameters mandatory for attribute-related API on Element to match
1337         the specification:
1338         - https://dom.spec.whatwg.org/#element
1339
1340         Firefox and Chrome agree with the specification. Calling this API
1341         without the parameters does not make much sense, especially considering
1342         WebKit uses the string "undefined" when the parameter is omitted.
1343
1344         No new tests, rebaselined existing tests.
1345
1346         * dom/Element.idl:
1347
1348 2016-07-21  Myles C. Maxfield  <mmaxfield@apple.com>
1349
1350         Remove support for deprecated SPI inlineMediaPlaybackRequiresPlaysInlineAttribute
1351         https://bugs.webkit.org/show_bug.cgi?id=160066
1352
1353         Reviewed by Dean Jackson.
1354
1355         r203520 deprecated inlineMediaPlaybackRequiresPlaysInlineAttribute in favor of
1356         allowsInlineMediaPlaybackWithPlaysInlineAttribute and
1357         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute. The old
1358         inlineMediaPlaybackRequiresPlaysInlineAttribute is SPI and was never released
1359         to the public. Therefore, it can be removed safely.
1360
1361         No new tests because there is no behavior change.
1362
1363         * page/Settings.cpp:
1364         * page/Settings.in:
1365         * testing/InternalSettings.cpp:
1366         (WebCore::InternalSettings::Backup::Backup): Deleted.
1367         (WebCore::InternalSettings::Backup::restoreTo): Deleted.
1368         (WebCore::InternalSettings::setInlineMediaPlaybackRequiresPlaysInlineAttribute): Deleted.
1369         * testing/InternalSettings.h:
1370         * testing/InternalSettings.idl:
1371
1372 2016-07-21  Dean Jackson  <dino@apple.com>
1373
1374         REGRESSION (r202927): The internal size of the ImageBuffer is scaled twice by the context scaleFactor
1375         https://bugs.webkit.org/show_bug.cgi?id=159981
1376         <rdar://problem/27429465>
1377
1378         Reviewed by Myles Maxfield.
1379
1380         The change to propagate color spaces through ImageBuffers created an
1381         alternate version of createCompatibleBuffer. This version accidentally
1382         attempted to take the display resolution (i.e. hidpi) into account
1383         when creating the buffer, which meant it was being applied twice.
1384
1385         The fix is simply to remove that logic. The caller of the method
1386         will take the resolution into account, the same way they did
1387         with the old createCompatibleBuffer method.
1388
1389         Test: fast/hidpi/pdf-image-scaled.html
1390
1391         * platform/graphics/cg/ImageBufferCG.cpp:
1392         (WebCore::ImageBuffer::createCompatibleBuffer): Don't calculate
1393         a resolution - just use the value of 1.0.
1394
1395 2016-07-21  John Wilander  <wilander@apple.com>
1396
1397         Block mixed content synchronous XHR
1398         https://bugs.webkit.org/show_bug.cgi?id=105462
1399         <rdar://problem/13666424>
1400
1401         Reviewed by Brent Fulgham.
1402
1403         Test: http/tests/security/mixedContent/insecure-xhr-sync-in-main-frame.html
1404
1405         * loader/DocumentThreadableLoader.cpp:
1406         (WebCore::DocumentThreadableLoader::loadRequest):
1407
1408 2016-07-21  Chris Dumez  <cdumez@apple.com>
1409
1410         Make parameters to Document.getElementsBy*() operations mandatory
1411         https://bugs.webkit.org/show_bug.cgi?id=160050
1412
1413         Reviewed by Daniel Bates.
1414
1415         Make parameters to Document.getElementsBy*() operations mandatory to
1416         match the specification:
1417         - https://dom.spec.whatwg.org/#interface-document
1418
1419         Firefox and Chrome agree with the specification so the compatibility
1420         risk should be low.
1421
1422         It makes very little sense to call these operations without parameter,
1423         especially considering WebKit uses the string "undefined" if the
1424         parameter is omitted.
1425
1426         No new tests, rebaselined existing tests.
1427
1428         * dom/Document.idl:
1429
1430 2016-07-21  Nan Wang  <n_wang@apple.com>
1431
1432         AX: aria-label not being used correctly in accessible name calculation of heading
1433         https://bugs.webkit.org/show_bug.cgi?id=160009
1434
1435         Reviewed by Chris Fleizach.
1436
1437         Actually we are exposing the correct information for heading objects. On macOS, 
1438         VoiceOver should handle the logic that picks the right information to speak.
1439         On iOS, VoiceOver is speaking the static text child instead of the heading object.
1440         So we should set the accessibilityLabel of the static text based on the parent's 
1441         alternate label.
1442
1443         Test: accessibility/ios-simulator/heading-with-aria-label.html
1444
1445         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
1446         (-[WebAccessibilityObjectWrapper _accessibilityTraitsFromAncestors]):
1447
1448 2016-07-21  Saam Barati  <sbarati@apple.com>
1449
1450         op_add/ValueAdd should be an IC in all JIT tiers
1451         https://bugs.webkit.org/show_bug.cgi?id=159649
1452
1453         Reviewed by Benjamin Poulain.
1454
1455         * ForwardingHeaders/jit/JITMathICForwards.h: Added.
1456
1457 2016-07-21  Chris Dumez  <cdumez@apple.com>
1458
1459         Make parameters mandatory for Document.create*() operations
1460         https://bugs.webkit.org/show_bug.cgi?id=160047
1461
1462         Reviewed by Ryosuke Niwa.
1463
1464         Make parameters mandatory for Document.create*() operations:
1465         createTextNode(), createComment(), createCDataSection(),
1466         createAttribute() and createProcessingInstruction().
1467
1468         This matches the specification:
1469         - https://dom.spec.whatwg.org/#interface-document
1470
1471         Firefox and Chrome both agree with the specification so the
1472         compatibility risk should be low. Also WebKit uses the string
1473         "undefined" when the parameter is omitted, which is not very
1474         helpful.
1475
1476         No new tests, rebaselined existing tests.
1477
1478         * dom/Document.idl:
1479
1480 2016-07-21  Chris Dumez  <cdumez@apple.com>
1481
1482         Fix null handling of SVGAngle/SVGLength.valueAsString attribute
1483         https://bugs.webkit.org/show_bug.cgi?id=160025
1484
1485         Reviewed by Ryosuke Niwa.
1486
1487         Fix null handling of SVGAngle/SVGLength.valueAsString attribute
1488         to match the specification:
1489         - https://www.w3.org/TR/SVG2/types.html#InterfaceSVGAngle
1490         - https://www.w3.org/TR/SVG2/types.html#InterfaceSVGLength
1491
1492         In particular, this patch drops [TreatNullAs=EmptyString] IDL
1493         extended attribute from this attribute. This is not supposed
1494         to change behavior given that both "" and "null" are invalid
1495         numbers and the specification says to throw a SYNTAX_ERR in
1496         this case.
1497
1498         However, WebKit currently ignores assignments to "" instead
1499         of throwing. As a result, assigning to null will now throw
1500         instead of being ignored. The compatibility risk should be
1501         low because both Firefox and Chrome throw when assigning
1502         null.
1503
1504         I did not change the behavior when assigning to "" because
1505         it is a bit out of scope for this patch and browsers to not
1506         seem to agree:
1507         - Firefox throws
1508         - Chrome set value to "0"
1509         - WebKit ignores the assignment
1510
1511         The specification seems to agree with Firefox as far as I
1512         can tell given that "" is not a valid number as per:
1513         - https://www.w3.org/TR/css3-values/#numbers
1514
1515         Test: svg/dom/valueAsString-null.html
1516
1517         * svg/SVGAngle.idl:
1518         * svg/SVGLength.idl:
1519
1520 2016-07-21  Chris Dumez  <cdumez@apple.com>
1521
1522         Fix null handling of HTMLFontElement.color
1523         https://bugs.webkit.org/show_bug.cgi?id=160036
1524
1525         Reviewed by Ryosuke Niwa.
1526
1527         Fix null handling of HTMLFontElement.color to match the specification:
1528         - https://html.spec.whatwg.org/#htmlfontelement
1529
1530         We are supposed to treat null as the empty string. Both Firefox and
1531         Chrome agree with the specification.
1532
1533         No new tests, rebaselined existing tests.
1534
1535         * html/HTMLFontElement.idl:
1536
1537 2016-07-21  Chris Dumez  <cdumez@apple.com>
1538
1539         Fix null handling for several HTMLTableElement attributes
1540         https://bugs.webkit.org/show_bug.cgi?id=160041
1541
1542         Reviewed by Ryosuke Niwa.
1543
1544         Fix null handling for several HTMLTableElement attributes to match the
1545         specification:
1546         - https://html.spec.whatwg.org/#HTMLTableElement-partial
1547
1548         The attributes in question are 'bicolor', 'cellSpacing' and
1549         'cellPadding'. We are supposed to treat null as the empty string for
1550         these attributes.
1551
1552         Firefox and Chrome both agree with the specification.
1553
1554         No new tests, rebaselined existing tests.
1555
1556         * html/HTMLTableElement.idl:
1557
1558 2016-07-21  Chris Dumez  <cdumez@apple.com>
1559
1560         Fix null handling for HTMLObjectElement.border
1561         https://bugs.webkit.org/show_bug.cgi?id=160040
1562
1563         Reviewed by Ryosuke Niwa.
1564
1565         Fix null handling for HTMLObjectElement.border to match the specification:
1566         - https://html.spec.whatwg.org/#HTMLObjectElement-partial
1567
1568         We are supposed to treat null as the empty string.
1569
1570         Both Firefox and Chrome agree with the specification.
1571
1572         No new tests, rebaselined existing tests.
1573
1574         * html/HTMLObjectElement.idl:
1575
1576 2016-07-21  Chris Dumez  <cdumez@apple.com>
1577
1578         Fix null handling for td.bgColor / tr.bgColor
1579         https://bugs.webkit.org/show_bug.cgi?id=160043
1580
1581         Reviewed by Ryosuke Niwa.
1582
1583         Fix null handling for td.bgColor / tr.bgColor to match the
1584         specification:
1585         - https://html.spec.whatwg.org/#HTMLTableCellElement-partial
1586         - https://html.spec.whatwg.org/#HTMLTableRowElement-partial
1587
1588         We are supposed to treat null as the empty string.
1589
1590         Firefox and Chrome both agree with the specification.
1591
1592         No new tests, rebaselined existing tests.
1593
1594         * html/HTMLTableCellElement.idl:
1595         * html/HTMLTableRowElement.idl:
1596
1597 2016-07-21  Chris Dumez  <cdumez@apple.com>
1598
1599         Fix null handling for several HTMLBodyElement attributes
1600         https://bugs.webkit.org/show_bug.cgi?id=160044
1601
1602         Reviewed by Ryosuke Niwa.
1603
1604         Fix null handling for several HTMLBodyElement attributes to match the
1605         specification:
1606         - https://html.spec.whatwg.org/#HTMLBodyElement-partial
1607
1608         The attributes in question are: 'text', 'link', 'vlink', 'alink' and
1609         'bgcolor'.
1610
1611         We are supposed to treat null as the empty string for these attributes.
1612
1613         Firefox and Chrome both agree with the specification.
1614
1615         No new tests, rebaselined existing tests.
1616
1617         * html/HTMLBodyElement.idl:
1618
1619 2016-07-21  Chris Dumez  <cdumez@apple.com>
1620
1621         Fix null handling for HTMLIFrameElement.marginWidth / marginHeight
1622         https://bugs.webkit.org/show_bug.cgi?id=160037
1623
1624         Reviewed by Ryosuke Niwa.
1625
1626         Fix null handling for HTMLIFrameElement.marginWidth / marginHeight to
1627         match the specification:
1628         - https://html.spec.whatwg.org/#HTMLIFrameElement-partial
1629
1630         We are supposed to treat null as the empty string. Both Firefox and
1631         Chrome agree with the specification.
1632
1633         No new tests, rebaselined existing tests.
1634
1635         * html/HTMLIFrameElement.idl:
1636
1637 2016-07-21  Chris Dumez  <cdumez@apple.com>
1638
1639         Fix null handling for HTMLImageElement.border
1640         https://bugs.webkit.org/show_bug.cgi?id=160039
1641
1642         Reviewed by Ryosuke Niwa.
1643
1644         Fix null handling for HTMLImageElement.border to match the specification:
1645         - https://html.spec.whatwg.org/#HTMLImageElement-partial
1646
1647         We are supposed to treat null as the empty string.
1648
1649         Both Firefox and Chrome agree with the specification.
1650
1651         No new tests, rebaselined existing tests.
1652
1653         * html/HTMLImageElement.idl:
1654
1655 2016-07-21  Daniel Bates  <dabates@apple.com>
1656
1657         REGRESSION: Plugin replaced YouTube Flash videos always have the same width
1658         https://bugs.webkit.org/show_bug.cgi?id=159998
1659         <rdar://problem/27462285>
1660
1661         Reviewed by Simon Fraser.
1662
1663         Fixes an issue where the width of a plugin replaced YouTube video loaded via an HTML embed
1664         element would always have the same width regardless of value of the width attribute.
1665
1666         For YouTube Flash videos the YouTube plugin replacement substitutes a shadow DOM subtree
1667         for the default renderer of an HTML embed element. The root of this shadow DOM subtree
1668         is an HTML div element. Currently we set inline styles on this <div> when it is instantiated.
1669         In particular, we set inline display and position to "inline-block" and "relative", respectively,
1670         and set an invalid height and width (we specify a font weight value instead of a CSS length value
1671         - this causes an ASSERT_NOT_REACHED() assertion failure in StyleBuilderConverter::convertLengthSizing()
1672         in a debug build). These styles never worked as intended and we ultimately created an inline
1673         renderer (ignoring display "inline-block") that had auto width and height. Instead it is sufficient
1674         to remove all these inline styles and create a RenderBlockFlow renderer for this <div> so that it
1675         renders as a block, non-replaced element to achieve the intended illusion that the <embed> is a
1676         single element.
1677
1678         * html/shadow/YouTubeEmbedShadowElement.cpp: Remove unused header HTMLEmbedElement.h and include
1679         header RenderBlockFlow.h. Also update copyright in license block.
1680         (WebCore::YouTubeEmbedShadowElement::YouTubeEmbedShadowElement): Remove inline styles as these
1681         never worked as intended.
1682         (WebCore::YouTubeEmbedShadowElement::createElementRenderer): Override; create a block-flow
1683         renderer for us so that we layout as a block, non-replaced element.
1684         * html/shadow/YouTubeEmbedShadowElement.h:
1685
1686 2016-07-21  Myles C. Maxfield  <mmaxfield@apple.com>
1687
1688         [iPhone] Playing a video on tudou.com plays only sound, no video
1689         https://bugs.webkit.org/show_bug.cgi?id=159967
1690         <rdar://problem/26964090>
1691
1692         Reviewed by Jon Lee, Jeremy Jones, and Anders Carlsson.
1693
1694         WebKit recently starting honoring the playsinline and webkit-playsinline
1695         attribute on iPhones. However, because these attributes previously did
1696         nothing, some sites (such as Todou) were setting them on their content
1697         and expecting that they are not honored. In this specific case, the
1698         video is absolutely positioned to be 1 pixel x 1 pixel.
1699
1700         Previously, with iOS 9, apps could set the allowsInlineMediaPlayback
1701         property on their WKWebView, which would honor the webkit-playsinline
1702         attribute. Safari on iPhones didn't do this.
1703
1704         In order to not break these existing apps, it's important that the
1705         allowsInlineMediaPlayback preference still allows webkit-playsinline
1706         videos to play inline in apps using WKWebView. However, in Safari, these
1707         videos should play fullscreen. (Todou videos have webkit-playsinline
1708         but not playsinline.)
1709
1710         Therefore, in Safari, videos with playsinline should be inline, but
1711         videos with webkit-playsinline should be fullscreen. In apps using
1712         WKWebViews, if the app sets allowsInlineMediaPlayback, then videos with
1713         playsinline should be inline, and videos with webkit-playsinline should
1714         also be inline. Videos on iPad and Mac should all be inline by default.
1715
1716         We can create some truth tables for the cases which need to be covered:
1717
1718         All apps on Mac / iPad:
1719         Presence of playsinline | Presence of webkit-playsinline | Result
1720         ========================|================================|===========
1721         Not present             | Not present                    | Inline
1722         Present                 | Not present                    | Inline
1723         Not Present             | Present                        | Inline
1724         Present                 | Present                        | Inline
1725
1726         Safari on iPhone:
1727         Presence of playsinline | Presence of webkit-playsinline | Result
1728         ========================|================================|===========
1729         Not present             | Not present                    | Fullscreen
1730         Present                 | Not present                    | Inline
1731         Not Present             | Present                        | Fullscreen
1732         Present                 | Present                        | Inline
1733
1734         App on iPhone which sets allowsInlineMediaPlayback:
1735         Presence of playsinline | Presence of webkit-playsinline | Result
1736         ========================|================================|===========
1737         Not present             | Not present                    | Fullscreen
1738         Present                 | Not present                    | Inline
1739         Not Present             | Present                        | Inline
1740         Present                 | Present                        | Inline
1741
1742         The way to distinguish Safari from another app is to create an SPI
1743         boolean preference which Safari can set. This is already how the
1744         iPhone and iPad are differentiated using the requiresPlayInlineAttribute
1745         which Safari sets but other apps don't. However, this preference is
1746         no longer sufficient because Safari should now be discriminating
1747         between the playsinline and webkit-playsinline attributes. Therefore,
1748         this preference should be extended to two boolean preferences, which
1749         this patch adds:
1750
1751         allowsInlineMediaPlaybackWithPlaysInlineAttribute
1752         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute
1753
1754         Safari on iPhone will set
1755         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to true,
1756         and allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to
1757         false. Other apps on iPhone will get their defaults values (because they
1758         are SPI) which means they will both be true. On iPad and Mac, apps will
1759         use the defaults values where both are false.
1760
1761         This patch adds support for these two preferences, but does not remove
1762         the existing inlineMediaPlaybackRequiresPlaysInlineAttribute preference.
1763         I will remove the exising preference as soon as I update Safari to migrate
1764         off of it.
1765
1766         Test: media/video-playsinline.html
1767
1768         * html/MediaElementSession.cpp:
1769         (WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):
1770         * page/Settings.cpp:
1771         * page/Settings.in:
1772         * testing/InternalSettings.cpp:
1773         (WebCore::InternalSettings::Backup::Backup):
1774         (WebCore::InternalSettings::Backup::restoreTo):
1775         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithPlaysInlineAttribute):
1776         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute):
1777         * testing/InternalSettings.h:
1778         * testing/InternalSettings.idl:
1779
1780 2016-07-21  Ryosuke Niwa  <rniwa@webkit.org>
1781
1782         Crash accessing null renderer inside WebCore::DeleteSelectionCommand::doApply
1783         https://bugs.webkit.org/show_bug.cgi?id=160011
1784
1785         Reviewed by Chris Dumez.
1786
1787         Add a null pointer check for renderer() call.
1788
1789         Unfortunately no new tests since we don't have a reproduction.
1790
1791         * editing/DeleteSelectionCommand.cpp:
1792         (WebCore::DeleteSelectionCommand::doApply):
1793
1794 2016-07-21  Chris Dumez  <cdumez@apple.com>
1795
1796         The 2 first parameters to DOMImplementation.createDocument() should be mandatory
1797         https://bugs.webkit.org/show_bug.cgi?id=160030
1798
1799         Reviewed by Sam Weinig.
1800
1801         The 2 first parameters to DOMImplementation.createDocument() should be mandatory
1802         as per the specification:
1803         - https://dom.spec.whatwg.org/#domimplementation
1804
1805         Firefox and Chrome both agree with the specification. However, those
1806         parameters were marked as optional in WebKit. Calling this function
1807         without parameters would create a document element whose tag is the
1808         string "undefined", which does not seem helpful. This patch thus
1809         aligns our behavior with the specification and other browsers.
1810
1811         No new tests, rebaselined existing tests.
1812
1813         * dom/DOMImplementation.idl:
1814
1815 2016-07-21  Chris Dumez  <cdumez@apple.com>
1816
1817         Kill legacy valueToStringWithNullCheck() utility function
1818         https://bugs.webkit.org/show_bug.cgi?id=159991
1819
1820         Reviewed by Sam Weinig.
1821
1822         Kill legacy valueToStringWithNullCheck() utility function. Treating null as
1823         a null string is legacy behavior so drop this function so that people are
1824         not tempted to use it. We should be using either:
1825         1. JSValue::toWTFString() for non-nullable DOMStrings
1826         2. valueToStringWithUndefinedOrNullCheck() for nullable DOMStrings
1827         3. valueToStringTreatingNullAsEmptyString() for strings with [TreatNullAs=EmptyString]
1828
1829         No new tests, no web-exposed behavior change.
1830
1831         * bindings/js/JSDOMBinding.cpp:
1832         (WebCore::valueToStringWithNullCheck): Deleted.
1833         * bindings/js/JSDOMBinding.h:
1834         * bindings/js/JSHTMLFrameElementCustom.cpp:
1835         (WebCore::JSHTMLFrameElement::setLocation):
1836         * html/HTMLFrameElement.idl:
1837
1838 2016-07-21  Zalan Bujtas  <zalan@apple.com>
1839
1840         Do not keep invalid IOSurface in ImageBufferData.
1841         https://bugs.webkit.org/show_bug.cgi?id=160005
1842         <rdar://problem/27208636>
1843
1844         Reviewed by Simon Fraser.
1845
1846         When we fail to initialize the IOSurface for the accelerated context, we switch over to
1847         the non-accelerated code path. Since ImageBufferData::surface is used to indicate whether
1848         the graphics context is in accelerated mode, we need to reset it when the initialization fails.
1849
1850         Unable to create a test case.
1851
1852         * platform/graphics/cg/ImageBufferCG.cpp:
1853         (WebCore::ImageBuffer::ImageBuffer):
1854
1855 2016-07-21  Chris Dumez  <cdumez@apple.com>
1856
1857         playsInline IDL attribute has the wrong casing
1858         https://bugs.webkit.org/show_bug.cgi?id=160029
1859         <rdar://problem/27474031>
1860
1861         Reviewed by Jon Lee.
1862
1863         Fix case from video.playsinline to video.playsInline in order to match
1864         the specification:
1865         - https://html.spec.whatwg.org/multipage/embedded-content.html#the-video-element:dom-video-playsinline
1866
1867         It still reflects the "playsinline" content attribute though, as per
1868         the specification:
1869         - https://html.spec.whatwg.org/multipage/embedded-content.html#dom-video-playsinline
1870
1871         No new tests, updated existing test.
1872
1873         * html/HTMLVideoElement.idl:
1874
1875 2016-07-21  Chris Dumez  <cdumez@apple.com>
1876
1877         Drop [TreatNullAs=EmptyString] from CanvasRenderingContext2D.globalCompositeOperation
1878         https://bugs.webkit.org/show_bug.cgi?id=160026
1879
1880         Reviewed by Sam Weinig.
1881
1882         Drop [TreatNullAs=EmptyString] from CanvasRenderingContext2D.globalCompositeOperation
1883         attribute as it does not match the specification:
1884         - https://html.spec.whatwg.org/multipage/scripting.html#canvascompositing
1885
1886         It does not change web-exposed behavior because assigning to "" or "null"
1887         gets ignored as those are not valid operations.
1888
1889         Test: fast/canvas/context-globalCompositeOperation-null.html
1890
1891         * html/canvas/CanvasRenderingContext2D.idl:
1892
1893 2016-07-21  Carlos Garcia Campos  <cgarcia@igalia.com>
1894
1895         [GTK][Threaded Compositor] Overlay scrollbars shouldn't be a requirement of the threaded compositor
1896         https://bugs.webkit.org/show_bug.cgi?id=160020
1897
1898         Reviewed by Michael Catanzaro.
1899
1900         It has been a requirement only because we didn't really know why frame scrollbars were not rendered when using
1901         the threaded compositor. The reason is that RenderView doesn't use layers for FrameView scrollbars by default,
1902         unless using overlay scrollbars. When using the threaded compositor we really need layers for the FrameView
1903         scrollbars even when not using overlay scrollbars.
1904
1905         * platform/gtk/ScrollbarThemeGtk.cpp:
1906         (WebCore::ScrollbarThemeGtk::ScrollbarThemeGtk): Stop enforcing overlay scrollbars when threaded compositor is enabled.
1907         * rendering/RenderLayerCompositor.cpp:
1908         (WebCore::RenderLayerCompositor::shouldCompositeOverflowControls): Always use layers for scrollbars when
1909         threaded compositor is enabled.
1910
1911 2016-07-21  Carlos Garcia Campos  <cgarcia@igalia.com>
1912
1913         [Cairo] Fix a crash in fast/canvas/canvas-getImageData-invalid-result-buffer-crash.html
1914         https://bugs.webkit.org/show_bug.cgi?id=160014
1915
1916         Reviewed by Michael Catanzaro.
1917
1918         In r202887 some null checks were added for JSArray::createUninitialized (and related) but not for the
1919         ImageBuffer cairo implementation.
1920
1921         * platform/graphics/cairo/ImageBufferCairo.cpp:
1922         (WebCore::getImageData): Return early if Uint8ClampedArray::createUninitialized() returns nullptr.
1923
1924 2016-07-21  Miguel Gomez  <magomez@igalia.com>
1925
1926         [GTK] The GSTREAMER_GL path in MediaPlayerPrivateGStreamerBase::paintToTextureMapper() is missing a mutex lock
1927         https://bugs.webkit.org/show_bug.cgi?id=160018
1928
1929         Reviewed by Philippe Normand.
1930
1931         Lock the video sample mutex while accessing it.
1932
1933         Covered by existent tests.
1934
1935         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
1936         (WebCore::MediaPlayerPrivateGStreamerBase::paintToTextureMapper):
1937
1938 2016-07-21  Miguel Gomez  <magomez@igalia.com>
1939
1940         [Threaded Compositor] Flickering when zooming in/out in maps.google.com
1941         https://bugs.webkit.org/show_bug.cgi?id=154069
1942
1943         Reviewed by Carlos Garcia Campos.
1944
1945         Add a new extra buffer to GraphicsContext3D when using the Threaded Compositor,
1946         so it doesn't have to reuse the buffers that are still waiting for composition.
1947
1948         Covered by existing tests.
1949
1950         * platform/graphics/GraphicsContext3D.h:
1951         Add a new texture to use for the rendering. Remove the compositor fbo we were using.
1952         * platform/graphics/cairo/GraphicsContext3DCairo.cpp:
1953         (WebCore::GraphicsContext3D::GraphicsContext3D):
1954         Initialize the new texture and remove the previous fbo related code.
1955         (WebCore::GraphicsContext3D::~GraphicsContext3D):
1956         Properly destroy the new texture and remove the previous fbo related code.
1957         * platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:
1958         (WebCore::GraphicsContext3D::reshapeFBOs):
1959         Allocate the new texture and remove the previous fbo allocation.
1960         * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
1961         (WebCore::GraphicsContext3D::prepareTexture):
1962         Use a single fbo with three textures instead of two fbos with a texture each.
1963         Rotate the three textures usage so:
1964         - m_texture becomes m_compositorTexture to be pushed to the compositor.
1965         - m_intermediateTexture becomes m_texture to receive the next rendering.
1966         - m_compositorTexture becomes m_intermediateTexture.
1967         And add a glFlush() to ensure that the gl commands are sent to the pipeline.
1968         * platform/graphics/opengl/GraphicsContext3DOpenGLES.cpp:
1969         (WebCore::GraphicsContext3D::reshapeFBOs):
1970         Allocate the new texture.
1971
1972 2016-07-21  Carlos Garcia Campos  <cgarcia@igalia.com>
1973
1974         [GTK][Threaded Compositor] Web view background colors don't work
1975         https://bugs.webkit.org/show_bug.cgi?id=159465
1976
1977         Reviewed by Michael Catanzaro.
1978
1979         * rendering/RenderLayerBacking.cpp:
1980         (WebCore::RenderLayerBacking::createPrimaryGraphicsLayer): Initialize frame view layer opacity for platforms not
1981         using the tiled cache layer.
1982
1983 2016-07-20  Youenn Fablet  <youenn@apple.com>
1984
1985         [XHR] Cache response JS object in case of arraybuffer and blob response types
1986         https://bugs.webkit.org/show_bug.cgi?id=128903
1987
1988         Reviewed by Alex Christensen.
1989
1990         Covered by existing and modified tests.
1991
1992         Making response getter a JS builtin that caches response in @response private slot.
1993         Handling invalidation of cached response with @responseCacheIsValid new private method.
1994         Handling creation of cached response with @retrieveResponse new private method which reuses most of
1995         JSXMLHttpRequest::response previous code.
1996
1997         Caching of responses is activated whenever load ended without any error for blob and arraybuffer response types.
1998
1999         Caching of response for document is also activated in case the response getter is used but not if responseXML getter is used.
2000
2001         * CMakeLists.txt: Adding XMLHttpRequest.js.
2002         * DerivedSources.make: Ditto.
2003         * bindings/js/JSXMLHttpRequestCustom.cpp:
2004         (WebCore::JSXMLHttpRequest::retrieveResponse): Implements creation of to-be-cached response.
2005         (WebCore::JSXMLHttpRequest::response): Deleted.
2006         * bindings/js/WebCoreBuiltinNames.h: Adding new private names.
2007         * xml/XMLHttpRequest.cpp:
2008         (WebCore::XMLHttpRequest::didCacheResponse): Renamed from didCacheResponseJSON as all response types are now cached.
2009         (WebCore::XMLHttpRequest::didCacheResponseJSON): Deleted.
2010         * xml/XMLHttpRequest.h:
2011         * xml/XMLHttpRequest.idl:
2012
2013 2016-07-20  Youenn Fablet  <youenn@apple.com>
2014
2015         Remove crossOriginRequestPolicy from ThreadableLoaderOptions
2016         https://bugs.webkit.org/show_bug.cgi?id=159417
2017
2018         Reviewed by Alex Christensen.
2019
2020         No observable change.
2021
2022         * Modules/fetch/FetchLoader.cpp:
2023         (WebCore::FetchLoader::start): DenyCrossOriginRequests -> FetchOptions::Mode::SameOrigin.
2024         * fileapi/FileReaderLoader.cpp:
2025         (WebCore::FileReaderLoader::start): DenyCrossOriginRequests -> FetchOptions::Mode::SameOrigin.
2026         * inspector/InspectorNetworkAgent.cpp:
2027         (WebCore::InspectorNetworkAgent::loadResource): AllowCrossOriginRequests -> FetchOptions::Mode::NoCors.
2028         * loader/DocumentThreadableLoader.cpp:
2029         (WebCore::DocumentThreadableLoader::DocumentThreadableLoader): Ditto.
2030         (WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequest): UseAccessControl -> FetchOptions::Mode::Cors.
2031         (WebCore::DocumentThreadableLoader::redirectReceived): Ditto.
2032         (WebCore::DocumentThreadableLoader::didReceiveResponse): Ditto.
2033         (WebCore::DocumentThreadableLoader::loadRequest): Use NoCors as option passed to ResourceLoader. This allows
2034         desactivating ResourceLoader CORS checks as they are done in DocumentThreadableLoader right now. In the future,
2035         these checks should be moved to ResourceLoader and DocumentThreadableLoader should directly pass the fetch mode
2036         option.
2037         (WebCore::DocumentThreadableLoader::isAllowedRedirect): AllowCrossOriginRequests -> FetchOptions::Mode::NoCors.
2038         * loader/ThreadableLoader.cpp:
2039         (WebCore::ThreadableLoaderOptions::ThreadableLoaderOptions): Removing CrossOriginRequestPolicy.
2040         * loader/ThreadableLoader.h: Ditto.
2041         * loader/WorkerThreadableLoader.cpp:
2042         (WebCore::LoaderTaskOptions::LoaderTaskOptions): Ditto.
2043         * page/EventSource.cpp:
2044         (WebCore::EventSource::connect): UseAccessControl -> FetchOptions::Mode::Cors.
2045         * workers/Worker.cpp:
2046         (WebCore::Worker::create): DenyCrossOriginRequests -> FetchOptions::Mode::SameOrigin.
2047         * workers/WorkerGlobalScope.cpp:
2048         (WebCore::WorkerGlobalScope::importScripts): AllowCrossOriginRequests -> FetchOptions::Mode::NoCors.
2049         * workers/WorkerScriptLoader.cpp:
2050         (WebCore::WorkerScriptLoader::loadSynchronously):
2051         (WebCore::WorkerScriptLoader::loadAsynchronously):
2052         * workers/WorkerScriptLoader.h:
2053         * xml/XMLHttpRequest.cpp:
2054         (WebCore::XMLHttpRequest::createRequest):
2055
2056 2016-07-20  Chris Dumez  <cdumez@apple.com>
2057
2058         Fix null handling of several Document attributes
2059         https://bugs.webkit.org/show_bug.cgi?id=159997
2060
2061         Reviewed by Ryosuke Niwa.
2062
2063         Fix null handling of the following Document attributes: title, cookie
2064         and domain.
2065
2066         In WebKit, they were all marked as [TreatNullAs=EmptyString], which
2067         does not match the specification:
2068         - https://html.spec.whatwg.org/multipage/dom.html#document
2069
2070         Details for each attribute:
2071         - title: null is now treated as the string "null", thus setting the
2072           document title to "null". This matches Firefox and Chrome.
2073         - cookie: adds a "null" cookie instead of being a no-op. This matches
2074                   both Firefox and Chrome.
2075         - domain: Calls setDomain(String("null")) instead of
2076                   setDomain(String()). This throws an exception because "null"
2077                   is not a suffix of the effective domain name. The behavior
2078                   is the same in Firefox and Chrome. Previously, we were
2079                   already throwing an exception since setting the domain to
2080                   the empty string throws, as per the specification.
2081
2082         Test: http/tests//dom/document-attributes-null-handling.html
2083
2084         * dom/Document.idl:
2085
2086 2016-07-20  Commit Queue  <commit-queue@webkit.org>
2087
2088         Unreviewed, rolling out r203471.
2089         https://bugs.webkit.org/show_bug.cgi?id=160003
2090
2091         many iOS-simulator tests are failing (Requested by litherum on
2092         #webkit).
2093
2094         Reverted changeset:
2095
2096         "[iPhone] Playing a video on tudou.com plays only sound, no
2097         video"
2098         https://bugs.webkit.org/show_bug.cgi?id=159967
2099         http://trac.webkit.org/changeset/203471
2100
2101 2016-07-19  Ryosuke Niwa  <rniwa@webkit.org>
2102
2103         iOS: Cannot paste images in RTF content
2104         https://bugs.webkit.org/show_bug.cgi?id=159964
2105         <rdar://problem/27442806>
2106
2107         Reviewed by Enrica Casucci.
2108
2109         The bug was caused by setDefersLoading(true) not deferring image loading for the parsed fragment.
2110         Worked around this bug by disabling image loading while parsing the document fragment.
2111
2112         * editing/ios/EditorIOS.mm:
2113         (WebCore::Editor::createFragmentAndAddResources):
2114
2115 2016-07-20  Brady Eidson  <beidson@apple.com>
2116
2117         Address a small FIXME in IDB code.
2118         https://bugs.webkit.org/show_bug.cgi?id=159999
2119
2120         Reviewed by Andy Estes.
2121
2122         No new tests (No behavior change).
2123
2124         * Modules/indexeddb/IDBRequest.cpp:
2125         (WebCore::IDBRequest::IDBRequest):
2126         
2127         * Modules/indexeddb/shared/IDBResourceIdentifier.cpp:
2128         (WebCore::IDBResourceIdentifier::IDBResourceIdentifier): Deleted.
2129         * Modules/indexeddb/shared/IDBResourceIdentifier.h:
2130
2131 2016-07-20  Brady Eidson  <beidson@apple.com>
2132
2133         Remove some "modernFoo"s from IndexedDB code.
2134         https://bugs.webkit.org/show_bug.cgi?id=159985
2135
2136         Reviewed by Andy Estes.
2137
2138         No new tests (No known behavior change).
2139
2140         * Modules/indexeddb/IDBCursor.cpp:
2141         (WebCore::IDBCursor::IDBCursor):
2142         (WebCore::IDBCursor::~IDBCursor):
2143         (WebCore::IDBCursor::sourcesDeleted):
2144         (WebCore::IDBCursor::effectiveObjectStore):
2145         (WebCore::IDBCursor::transaction):
2146         (WebCore::IDBCursor::direction):
2147         (WebCore::IDBCursor::update):
2148         (WebCore::IDBCursor::advance):
2149         (WebCore::IDBCursor::continueFunction):
2150         (WebCore::IDBCursor::uncheckedIterateCursor):
2151         (WebCore::IDBCursor::deleteFunction):
2152         (WebCore::IDBCursor::setGetResult):
2153         
2154         * Modules/indexeddb/IDBIndex.cpp:
2155         (WebCore::IDBIndex::IDBIndex):
2156         (WebCore::IDBIndex::~IDBIndex):
2157         (WebCore::IDBIndex::hasPendingActivity):
2158         (WebCore::IDBIndex::name):
2159         (WebCore::IDBIndex::objectStore):
2160         (WebCore::IDBIndex::keyPath):
2161         (WebCore::IDBIndex::unique):
2162         (WebCore::IDBIndex::multiEntry):
2163         (WebCore::IDBIndex::openCursor):
2164         (WebCore::IDBIndex::doCount):
2165         (WebCore::IDBIndex::openKeyCursor):
2166         (WebCore::IDBIndex::doGet):
2167         (WebCore::IDBIndex::doGetKey):
2168         (WebCore::IDBIndex::markAsDeleted):
2169         * Modules/indexeddb/IDBIndex.h:
2170         
2171         * Modules/indexeddb/IDBObjectStore.cpp:
2172         (WebCore::IDBObjectStore::transaction):
2173         (WebCore::IDBObjectStore::deleteFunction): Deleted.
2174         (WebCore::IDBObjectStore::modernDelete): Deleted.
2175         * Modules/indexeddb/IDBObjectStore.h:
2176         
2177         * bindings/js/JSIDBIndexCustom.cpp:
2178         (WebCore::JSIDBIndex::visitAdditionalChildren):
2179
2180 2016-07-20  Chris Dumez  <cdumez@apple.com>
2181
2182         Stop using valueToStringWithNullCheck() in JSCSSStyleDeclaration::putDelegate()
2183         https://bugs.webkit.org/show_bug.cgi?id=159982
2184
2185         Reviewed by Ryosuke Niwa.
2186
2187         valueToStringWithNullCheck() treats null as the null String() which is
2188         legacy / non standard behavior. The specification says we should treat
2189         null as the empty string:
2190         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-camel-cased-attribute
2191
2192         Therefore, we should be using valueToStringTreatingNullAsEmptyString() instead.
2193
2194         In practice, there is no web-exposed behavior change because
2195         MutableStyleProperties::setProperty() removes the property wether the
2196         value is the null String or the empty String.
2197
2198         This behavior is correct since the specification says that we should
2199         remove the property if the value is the empty string:
2200         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-setproperty (step 4)
2201
2202         I added test coverage to make sure we behave according to specification.
2203         This test is passing in Firefox, Chrome and in WebKit (before and after
2204         my change).
2205
2206         Test: fast/css/CSSStyleDeclaration-property-setter.html
2207
2208         * bindings/js/JSCSSStyleDeclarationCustom.cpp:
2209         (WebCore::JSCSSStyleDeclaration::putDelegate):
2210
2211 2016-07-20  Chris Dumez  <cdumez@apple.com>
2212
2213         Fix null handling of HTMLFrameElement.marginWidth / marginHeight
2214         https://bugs.webkit.org/show_bug.cgi?id=159987
2215
2216         Reviewed by Ryosuke Niwa.
2217
2218         Fix null handling of HTMLFrameElement.marginWidth / marginHeight:
2219         - https://html.spec.whatwg.org/multipage/obsolete.html#htmlframeelement
2220
2221         We are supposed to treat null as the empty string but we treat it as
2222         the string "null".
2223
2224         Firefox and Chrome both match the specification.
2225
2226         No new tests, updated existing tests.
2227
2228         * html/HTMLFrameElement.idl:
2229
2230 2016-07-20  Wenson Hsieh  <wenson_hsieh@apple.com>
2231
2232         Pausing autoplayed media should not remove all restrictions for that media element
2233         https://bugs.webkit.org/show_bug.cgi?id=159988
2234
2235         Reviewed by Jon Lee.
2236
2237         Localizes the removal of behavior restrictions introduced in r203464 upon pausing an
2238         autoplaying video to just affect the hiding or showing of the media controller. This
2239         prevents pages from using Javascript to start playing autoplaying videos that have
2240         been paused by the user.
2241
2242         * html/HTMLMediaElement.cpp:
2243         (WebCore::HTMLMediaElement::pause):
2244
2245 2016-07-20  Myles C. Maxfield  <mmaxfield@apple.com>
2246
2247         [iPhone] Playing a video on tudou.com plays only sound, no video
2248         https://bugs.webkit.org/show_bug.cgi?id=159967
2249         <rdar://problem/26964090>
2250
2251         Reviewed by Jon Lee.
2252
2253         WebKit recently starting honoring the playsinline and webkit-playsinline
2254         attribute on iPhones. However, because these attributes previously did
2255         nothing, some sites (such as Todou) were setting them on their content
2256         and expecting that they are not honored. In this specific case, the
2257         video is absolutely positioned to be 1 pixel x 1 pixel.
2258
2259         Previously, with iOS 9, apps could set the allowsInlineMediaPlayback
2260         property on their WKWebView, which would honor the webkit-playsinline
2261         attribute. Safari on iPhones didn't do this.
2262
2263         In order to not break these existing apps, it's important that the
2264         allowsInlineMediaPlayback preference still allows webkit-playsinline
2265         videos to play inline in apps using WKWebView. However, in Safari, these
2266         videos should play fullscreen. (Todou videos have webkit-playsinline
2267         but not playsinline.)
2268
2269         Therefore, in Safari, videos with playsinline should be inline, but
2270         videos with webkit-playsinline should be fullscreen. In apps using
2271         WKWebViews, if the app sets allowsInlineMediaPlayback, then videos with
2272         playsinline should be inline, and videos with webkit-playsinline should
2273         also be inline. Videos on iPad and Mac should all be inline by default.
2274
2275         We can create some truth tables for the cases which need to be covered:
2276
2277         All apps on Mac / iPad:
2278         Presence of playsinline | Presence of webkit-playsinline | Result
2279         ========================|================================|===========
2280         Not present             | Not present                    | Inline
2281         Present                 | Not present                    | Inline
2282         Not Present             | Present                        | Inline
2283         Present                 | Present                        | Inline
2284
2285         Safari on iPhone:
2286         Presence of playsinline | Presence of webkit-playsinline | Result
2287         ========================|================================|===========
2288         Not present             | Not present                    | Fullscreen
2289         Present                 | Not present                    | Inline
2290         Not Present             | Present                        | Fullscreen
2291         Present                 | Present                        | Inline
2292
2293         App on iPhone which sets allowsInlineMediaPlayback:
2294         Presence of playsinline | Presence of webkit-playsinline | Result
2295         ========================|================================|===========
2296         Not present             | Not present                    | Fullscreen
2297         Present                 | Not present                    | Inline
2298         Not Present             | Present                        | Inline
2299         Present                 | Present                        | Inline
2300
2301         The way to distinguish Safari from another app is to create an SPI
2302         boolean preference which Safari can set. This is already how the
2303         iPhone and iPad are differentiated using the requiresPlayInlineAttribute
2304         which Safari sets but other apps don't. However, this preference is
2305         no longer sufficient because Safari should now be discriminating
2306         between the playsinline and webkit-playsinline attributes. Therefore,
2307         this preference should be extended to two boolean preferences, which
2308         this patch adds:
2309
2310         allowsInlineMediaPlaybackWithPlaysInlineAttribute
2311         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute
2312
2313         Safari on iPhone will set
2314         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to true,
2315         and allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to
2316         false. Other apps on iPhone will get their defaults values (because they
2317         are SPI) which means they will both be true. On iPad and Mac, apps will
2318         use the defaults values where both are false.
2319
2320         This patch adds support for these two preferences, but does not remove
2321         the existing inlineMediaPlaybackRequiresPlaysInlineAttribute preference.
2322         I will remove the exising preference as soon as I update Safari to migrate
2323         off of it.
2324
2325         Test: media/video-playsinline.html
2326
2327         * html/MediaElementSession.cpp:
2328         (WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):
2329         * page/Settings.cpp:
2330         * page/Settings.in:
2331         * testing/InternalSettings.cpp:
2332         (WebCore::InternalSettings::Backup::Backup):
2333         (WebCore::InternalSettings::Backup::restoreTo):
2334         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithPlaysInlineAttribute):
2335         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute):
2336         * testing/InternalSettings.h:
2337         * testing/InternalSettings.idl:
2338
2339 2016-07-20  Chris Dumez  <cdumez@apple.com>
2340
2341         Get rid of custom bindings code for XMLHttpRequest.open()
2342         https://bugs.webkit.org/show_bug.cgi?id=159984
2343
2344         Reviewed by Ryosuke Niwa.
2345
2346         Get rid of custom bindings code for XMLHttpRequest.open() as the
2347         bindings generator is able to generate it.
2348
2349         Relevant specification:
2350         - https://xhr.spec.whatwg.org/#xmlhttprequest
2351
2352         The issue is that legacy content prevents treating the 'async' argument
2353         being undefined identical from it being omitted. However, this can be
2354         achieved by using overloading in IDL, like in the specification.
2355
2356         No new tests, already covered by the following tests:
2357         - http/tests/xmlhttprequest/basic-auth.html
2358         - http/tests/xmlhttprequest/open-async-overload.html
2359
2360         * bindings/js/JSXMLHttpRequestCustom.cpp:
2361         (WebCore::SendFunctor::SendFunctor): Deleted.
2362         (WebCore::SendFunctor::line): Deleted.
2363         (WebCore::SendFunctor::column): Deleted.
2364         (WebCore::SendFunctor::url): Deleted.
2365         (WebCore::SendFunctor::operator()): Deleted.
2366         * xml/XMLHttpRequest.cpp:
2367         (WebCore::XMLHttpRequest::open):
2368         * xml/XMLHttpRequest.h:
2369         * xml/XMLHttpRequest.idl:
2370
2371 2016-07-20  Rawinder Singh  <rawinder.singh-webkit@cisra.canon.com.au>
2372
2373         Mark overriden methods in WebCore/svg final classes as final
2374         https://bugs.webkit.org/show_bug.cgi?id=159966
2375
2376         Reviewed by Michael Catanzaro.
2377
2378         Update WebCore/svg classes so that overriden methods in final classes are marked final.
2379
2380         * svg/SVGAElement.h:
2381         * svg/SVGAltGlyphDefElement.h:
2382         * svg/SVGAltGlyphItemElement.h:
2383         * svg/SVGAnimateTransformElement.h:
2384         * svg/SVGAnimatedColor.h:
2385         * svg/SVGCircleElement.h:
2386         * svg/SVGClipPathElement.h:
2387         * svg/SVGCursorElement.h:
2388         * svg/SVGDefsElement.h:
2389         * svg/SVGDescElement.h:
2390         * svg/SVGEllipseElement.h:
2391         * svg/SVGFEMergeNodeElement.h:
2392         * svg/SVGFilterElement.h:
2393         * svg/SVGFontElement.h:
2394         * svg/SVGFontFaceElement.h:
2395         * svg/SVGFontFaceFormatElement.h:
2396         * svg/SVGFontFaceNameElement.h:
2397         * svg/SVGFontFaceSrcElement.h:
2398         * svg/SVGFontFaceUriElement.h:
2399         * svg/SVGForeignObjectElement.h:
2400         * svg/SVGGElement.h:
2401         * svg/SVGGlyphElement.h:
2402         * svg/SVGGlyphRefElement.h:
2403         * svg/SVGHKernElement.h:
2404         * svg/SVGImageElement.h:
2405         * svg/SVGLineElement.h:
2406         * svg/SVGMPathElement.h:
2407         * svg/SVGMaskElement.h:
2408         * svg/SVGMetadataElement.h:
2409         * svg/SVGMissingGlyphElement.h:
2410         * svg/SVGPathBuilder.h:
2411         * svg/SVGPathByteStreamBuilder.h:
2412         * svg/SVGPathByteStreamSource.h:
2413         * svg/SVGPathElement.h:
2414         * svg/SVGPathSegArcAbs.h:
2415         * svg/SVGPathSegArcRel.h:
2416         * svg/SVGPathSegClosePath.h:
2417         * svg/SVGPathSegCurvetoCubicAbs.h:
2418         * svg/SVGPathSegCurvetoCubicRel.h:
2419         * svg/SVGPathSegCurvetoCubicSmoothAbs.h:
2420         * svg/SVGPathSegCurvetoCubicSmoothRel.h:
2421         * svg/SVGPathSegCurvetoQuadraticAbs.h:
2422         * svg/SVGPathSegCurvetoQuadraticRel.h:
2423         * svg/SVGPathSegCurvetoQuadraticSmoothAbs.h:
2424         * svg/SVGPathSegCurvetoQuadraticSmoothRel.h:
2425         * svg/SVGPathSegLinetoAbs.h:
2426         * svg/SVGPathSegLinetoHorizontalAbs.h:
2427         * svg/SVGPathSegLinetoHorizontalRel.h:
2428         * svg/SVGPathSegLinetoRel.h:
2429         * svg/SVGPathSegLinetoVerticalAbs.h:
2430         * svg/SVGPathSegLinetoVerticalRel.h:
2431         * svg/SVGPathSegListBuilder.h:
2432         * svg/SVGPathSegListSource.h:
2433         * svg/SVGPathSegMovetoAbs.h:
2434         * svg/SVGPathSegMovetoRel.h:
2435         * svg/SVGPathStringSource.h:
2436         * svg/SVGPathTraversalStateBuilder.h:
2437         * svg/SVGPatternElement.h:
2438         * svg/SVGRectElement.h:
2439         * svg/SVGScriptElement.h:
2440         * svg/SVGStopElement.h:
2441         * svg/SVGStyleElement.h:
2442         * svg/SVGSwitchElement.h:
2443         * svg/SVGTRefElement.cpp:
2444         * svg/SVGTitleElement.h:
2445         * svg/SVGToOTFFontConversion.cpp:
2446         * svg/SVGUnknownElement.h:
2447         * svg/SVGVKernElement.h:
2448         * svg/SVGViewElement.h:
2449         * svg/SVGZoomEvent.h:
2450         * svg/animation/SVGSMILElement.cpp:
2451         * svg/graphics/SVGImage.h:
2452         * svg/graphics/SVGImageClients.h:
2453         * svg/graphics/SVGImageForContainer.h:
2454         * svg/graphics/filters/SVGFEImage.h:
2455         * svg/graphics/filters/SVGFilter.h:
2456         * svg/properties/SVGAnimatedEnumerationPropertyTearOff.h:
2457         * svg/properties/SVGAnimatedPathSegListPropertyTearOff.h:
2458         * svg/properties/SVGAnimatedPropertyTearOff.h:
2459         * svg/properties/SVGAnimatedTransformListPropertyTearOff.h:
2460         * svg/properties/SVGMatrixTearOff.h:
2461         * svg/properties/SVGPathSegListPropertyTearOff.h:
2462
2463 2016-07-20  Brady Eidson  <beidson@apple.com>
2464
2465         Transition most IDB interfaces from ScriptExecutionContext to ExecState.
2466         https://bugs.webkit.org/show_bug.cgi?id=159975
2467
2468         Reviewed by Alex Christensen.
2469
2470         No new tests (No known behavior change).
2471
2472         * Modules/indexeddb/IDBCursor.cpp:
2473         (WebCore::IDBCursor::continueFunction):
2474         (WebCore::IDBCursor::deleteFunction):
2475         * Modules/indexeddb/IDBCursor.h:
2476         * Modules/indexeddb/IDBCursor.idl:
2477
2478         * Modules/indexeddb/IDBDatabase.idl:
2479
2480         * Modules/indexeddb/IDBFactory.cpp:
2481         (WebCore::IDBFactory::cmp):
2482         * Modules/indexeddb/IDBFactory.h:
2483         * Modules/indexeddb/IDBFactory.idl:
2484
2485         * Modules/indexeddb/IDBIndex.cpp:
2486         (WebCore::IDBIndex::openCursor):
2487         (WebCore::IDBIndex::count):
2488         (WebCore::IDBIndex::doCount):
2489         (WebCore::IDBIndex::openKeyCursor):
2490         (WebCore::IDBIndex::get):
2491         (WebCore::IDBIndex::doGet):
2492         (WebCore::IDBIndex::getKey):
2493         (WebCore::IDBIndex::doGetKey):
2494         * Modules/indexeddb/IDBIndex.h:
2495         * Modules/indexeddb/IDBIndex.idl:
2496
2497         * Modules/indexeddb/IDBKeyRange.cpp:
2498         (WebCore::IDBKeyRange::only): Deleted.
2499         * Modules/indexeddb/IDBKeyRange.h:
2500
2501         * Modules/indexeddb/IDBObjectStore.cpp:
2502         (WebCore::IDBObjectStore::openCursor):
2503         (WebCore::IDBObjectStore::get):
2504         (WebCore::IDBObjectStore::putOrAdd):
2505         (WebCore::IDBObjectStore::deleteFunction):
2506         (WebCore::IDBObjectStore::doDelete):
2507         (WebCore::IDBObjectStore::modernDelete):
2508         (WebCore::IDBObjectStore::clear):
2509         (WebCore::IDBObjectStore::createIndex):
2510         (WebCore::IDBObjectStore::count):
2511         (WebCore::IDBObjectStore::doCount):
2512         * Modules/indexeddb/IDBObjectStore.h:
2513         * Modules/indexeddb/IDBObjectStore.idl:
2514
2515         * Modules/indexeddb/IDBTransaction.cpp:
2516         (WebCore::IDBTransaction::requestOpenCursor):
2517         (WebCore::IDBTransaction::doRequestOpenCursor):
2518         (WebCore::IDBTransaction::requestGetRecord):
2519         (WebCore::IDBTransaction::requestGetValue):
2520         (WebCore::IDBTransaction::requestGetKey):
2521         (WebCore::IDBTransaction::requestIndexRecord):
2522         (WebCore::IDBTransaction::requestCount):
2523         (WebCore::IDBTransaction::requestDeleteRecord):
2524         (WebCore::IDBTransaction::requestClearObjectStore):
2525         (WebCore::IDBTransaction::requestPutOrAdd):
2526         * Modules/indexeddb/IDBTransaction.h:
2527
2528         * inspector/InspectorIndexedDBAgent.cpp:
2529
2530 2016-07-20  Wenson Hsieh  <wenson_hsieh@apple.com>
2531
2532         Media controls don't appear when pausing a small autoplaying video
2533         https://bugs.webkit.org/show_bug.cgi?id=159972
2534         <rdar://problem/27180657>
2535
2536         Reviewed by Beth Dakin.
2537
2538         When pausing an autoplaying video, remove behavior restrictions for the
2539         initial user gesture and show media controls.
2540
2541         New WebKit API test. See VideoControlsManagerSingleSmallAutoplayingVideo.
2542
2543         * html/HTMLMediaElement.cpp:
2544         (WebCore::HTMLMediaElement::pause):
2545
2546 2016-07-20  Chris Dumez  <cdumez@apple.com>
2547
2548         Fix null handling of HTMLMediaElement.mediaGroup
2549         https://bugs.webkit.org/show_bug.cgi?id=159974
2550
2551         Reviewed by Eric Carlson.
2552
2553         Fix null handling of HTMLMediaElement.mediaGroup to match the specification:
2554         - https://www.w3.org/TR/html5/embedded-content-0.html#media-elements
2555
2556         null is supposed to be treated as the String "null". This patch aligns
2557         our behavior with the specification. I tested Firefox and Chrome but both
2558         do not have this attribute on HTMLMediaElement.
2559
2560         Also remove support for [TreatNullAs=LegacyNullString] from our bindings
2561         generator as HTMLMediaElement.mediaGroup was the last user.
2562
2563         No new tests, rebaselined existing test.
2564
2565         * bindings/scripts/CodeGeneratorJS.pm:
2566         (JSValueToNative):
2567         * bindings/scripts/IDLAttributes.txt:
2568         * html/HTMLMediaElement.idl:
2569
2570 2016-07-20  Chris Dumez  <cdumez@apple.com>
2571
2572         CSSStyleDeclaration.setProperty() should be able to unset "important" on a property
2573         https://bugs.webkit.org/show_bug.cgi?id=159959
2574
2575         Reviewed by Alexey Proskuryakov.
2576
2577         CSSStyleDeclaration.setProperty() should be able to unsert "important"
2578         on a property as per the latest specification:
2579         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-setproperty
2580         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-camel-cased-attribute
2581
2582         Firefox and Chrome match the specification here but WebKit was ignoring calls
2583         to setProperty() if there is already an "important" property wit this name
2584         and if the new property does not have the "important" flag set.
2585
2586         This behavior was added a long time ago via Bug 60007. However, it does not
2587         match the latest specification or other browsers.
2588
2589         Test: fast/css/CSSStyleDeclaration-setProperty-unset-important.html
2590
2591         * css/StyleProperties.cpp:
2592         (WebCore::MutableStyleProperties::addParsedProperty):
2593         Drop code that was added via Bug 60007 as this behavior no longer matches the
2594         specification or other browsers. The layout test added in Bug 60007 fails in
2595         other browsers and was updated in this patch to match the specification.
2596
2597 2016-07-20  Commit Queue  <commit-queue@webkit.org>
2598
2599         Unreviewed, rolling out r203423.
2600         https://bugs.webkit.org/show_bug.cgi?id=159977
2601
2602         The test for this change is failing on Mac Release WK2
2603         (Requested by ryanhaddad on #webkit).
2604
2605         Reverted changeset:
2606
2607         "HTMLVideoElement frames do not update on iOS when src is a
2608         MediaStream blob"
2609         https://bugs.webkit.org/show_bug.cgi?id=159833
2610         http://trac.webkit.org/changeset/203423
2611
2612 2016-07-20  Chris Dumez  <cdumez@apple.com>
2613
2614         Fix null handling of HTMLSelectElement.value attribute
2615         https://bugs.webkit.org/show_bug.cgi?id=159925
2616
2617         Reviewed by Benjamin Poulain.
2618
2619         Fix null handling of HTMLSelectElement.value attribute:
2620         - https://html.spec.whatwg.org/multipage/forms.html#htmlselectelement
2621
2622         We were treating null as the null String which would end up setting
2623         selectedIndex to -1. However, we should treat null as the String "null"
2624         which would set the selectedIndex to the index of the <option> element
2625         whose value is "null".
2626
2627         Firefox and Chrome match the specification.
2628
2629         Test: fast/dom/HTMLSelectElement/value-null-handling.html
2630
2631         * html/HTMLSelectElement.cpp:
2632         (WebCore::HTMLSelectElement::setValue):
2633         * html/HTMLSelectElement.idl:
2634
2635 2016-07-20  Chris Dumez  <cdumez@apple.com>
2636
2637         PostResolutionCallbackDisabler can resume pending requests while a ResourceLoadSuspender is alive
2638         https://bugs.webkit.org/show_bug.cgi?id=159962
2639         <rdar://problem/21439264>
2640
2641         Reviewed by David Kilzer.
2642
2643         PostResolutionCallbackDisabler can resume pending requests while a ResourceLoadSuspender
2644         is alive. We have both PostResolutionCallbackDisabler and ResourceLoadSuspender that
2645         call LoaderStrategy::suspendPendingRequests() / LoaderStrategy::resumePendingRequests().
2646         However, PostResolutionCallbackDisabler and ResourceLoadSuspender are not aware of each
2647         other. It is therefore possible for a PostResolutionCallbackDisabler object to get
2648         destroyed, causing LoaderStrategy::resumePendingRequests() to be called while a
2649         ResourceLoadSuspender object is alive.
2650
2651         This leads to hard to investigate crashes where we end up re-entering WebKit and killing
2652         the style resolver.
2653
2654         This patch drops ResourceLoadSuspender and uses PostResolutionCallbackDisabler instead.
2655         There was only one user of ResourceLoadSuspender and PostResolutionCallbackDisabler
2656         is better because it manages a resolutionNestingDepth counter internally to make sure
2657         it only calls LoaderStrategy::resumePendingRequests() once all
2658         PostResolutionCallbackDisabler instances are destroyed.
2659
2660         No new tests, there is no easy way to reproduce the crashes.
2661
2662         * dom/Document.cpp:
2663         (WebCore::Document::styleForElementIgnoringPendingStylesheets):
2664         * loader/LoaderStrategy.cpp:
2665         (WebCore::ResourceLoadSuspender::ResourceLoadSuspender): Deleted.
2666         (WebCore::ResourceLoadSuspender::~ResourceLoadSuspender): Deleted.
2667         * loader/LoaderStrategy.h:
2668
2669 2016-07-19  Youenn Fablet  <youenn@apple.com>
2670
2671         [Fetch API] Add a JS builtin to implement https://fetch.spec.whatwg.org/#concept-headers-fill
2672         https://bugs.webkit.org/show_bug.cgi?id=159932
2673
2674         Reviewed by Alex Christensen.
2675
2676         Covered by existing tests.
2677
2678         Refactoring Headers initializeWith to use the new built-in internal that implements
2679         https://fetch.spec.whatwg.org/#concept-headers-fill.
2680
2681         Refactoring Response constructor to put more checks in the JS builtin fucntion called within constructor.
2682         Making use of the new built-in internal that implements https://fetch.spec.whatwg.org/#concept-headers-fill.
2683
2684         * CMakeLists.txt: Adding FetchHeadersInternals.js
2685         * DerivedSources.make: Ditto.
2686         * Modules/fetch/FetchHeaders.js:
2687         (initializeFetchHeaders): Using fillFetchHeaders new built-in internal.
2688         * Modules/fetch/FetchInternals.js: Added.
2689         (fillFetchHeaders):
2690         * Modules/fetch/FetchResponse.cpp: Refactoring to do more in the JS built-in. Splitting of initializeWith so
2691         that the checks are done in the order defined by the spec.
2692         (WebCore::FetchResponse::setStatus):
2693         (WebCore::FetchResponse::initializeWith):
2694         (WebCore::isNullBodyStatus): Deleted.
2695         * Modules/fetch/FetchResponse.h:
2696         * Modules/fetch/FetchResponse.idl:
2697         * Modules/fetch/FetchResponse.js:
2698         (initializeFetchResponse): New built-in internal.
2699         * WebCore.xcodeproj/project.pbxproj:
2700         * bindings/js/WebCoreBuiltinNames.h:
2701
2702 2016-07-19  Chris Dumez  <cdumez@apple.com>
2703
2704         Fix null handling of SVGScriptElement.type attribute
2705         https://bugs.webkit.org/show_bug.cgi?id=159927
2706
2707         Reviewed by Benjamin Poulain.
2708
2709         Fix null handling of SVGScriptElement.type attribute:
2710         - https://www.w3.org/TR/SVG2/interact.html#InterfaceSVGScriptElement
2711
2712         We were treating null as the null String which would end up removing
2713         the 'type' content attribute. However, we should treat null as the
2714         String "null".
2715
2716         Firefox and Chrome match the specification.
2717
2718         No new tests, updated existing test.
2719
2720         * svg/SVGScriptElement.idl:
2721
2722 2016-07-19  Chris Dumez  <cdumez@apple.com>
2723
2724         Fix null handling of several HTMLDocument attributes
2725         https://bugs.webkit.org/show_bug.cgi?id=159923
2726
2727         Reviewed by Benjamin Poulain.
2728
2729         Fix null handling of several HTMLDocument attributes:
2730         - https://html.spec.whatwg.org/multipage/dom.html#document
2731         - https://html.spec.whatwg.org/multipage/obsolete.html#document-partial
2732
2733         In particular, null handling was incorrect in WebKit for 'dir',
2734         'bgColor', 'fgColor', 'alinkColor', 'linkColor' and 'vlinkColor'.
2735
2736         Firefox and Chrome match the specification.
2737
2738         Test: fast/dom/HTMLDocument/null-handling.html
2739
2740         * html/HTMLDocument.idl:
2741
2742 2016-07-19  Chris Dumez  <cdumez@apple.com>
2743
2744         Document.createElementNS() / createAttributeNS() parameters should be mandatory
2745         https://bugs.webkit.org/show_bug.cgi?id=159938
2746
2747         Reviewed by Benjamin Poulain.
2748
2749         Document.createElementNS() / createAttributeNS() parameters should be mandatory:
2750         - https://dom.spec.whatwg.org/#document
2751
2752         They were optional in WebKit. However, Firefox and Chrome both match the
2753         specification.
2754
2755         No new tests, rebaselined existing tests.
2756
2757         * dom/Document.idl:
2758
2759 2016-07-19  Benjamin Poulain  <bpoulain@apple.com>
2760
2761         Use getElementById for attribute matching if the attribute name is html's id
2762         https://bugs.webkit.org/show_bug.cgi?id=159960
2763
2764         Reviewed by Chris Dumez.
2765
2766         Elliott Sprehn discovered YUI makes heavy uses of querySelector with [id=value]
2767         (https://bugs.chromium.org/p/chromium/issues/detail?id=627242).
2768
2769         If we are not in quirks mode, IdForStyleResolution has the same value
2770         as the Id attribute. We can use the same optimization for both cases.
2771
2772         Tests: fast/selectors/id-attribute-querySelector-used-as-id-selector-quirks.html
2773                fast/selectors/id-attribute-querySelector-used-as-id-selector.html
2774
2775         * dom/SelectorQuery.cpp:
2776         (WebCore::canBeUsedForIdFastPath):
2777         (WebCore::findIdMatchingType):
2778         (WebCore::SelectorDataList::SelectorDataList):
2779         (WebCore::selectorForIdLookup):
2780         (WebCore::filterRootById):
2781
2782 2016-07-19  Chris Dumez  <cdumez@apple.com>
2783
2784         Drop SVGElement.xmlbase attribute
2785         https://bugs.webkit.org/show_bug.cgi?id=159926
2786
2787         Reviewed by Benjamin Poulain.
2788
2789         Drop SVGElement.xmlbase attribute as it is no longer part of the
2790         specification:
2791         - https://www.w3.org/TR/SVG2/types.html#InterfaceSVGElement
2792
2793         Both Firefox and Chrome have already dropped support for
2794         SVGElement.xmlbase.
2795
2796         Chrome's intent to remove:
2797         https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/TfwMq4d25hk/C-v_iC_wKfAJ
2798
2799         Test: svg/dom/SVGElement-xmlbase.html
2800
2801         * svg/SVGElement.cpp:
2802         (WebCore::SVGElement::removedFrom): Deleted.
2803         * svg/SVGElement.h:
2804         * svg/SVGElement.idl:
2805
2806 2016-07-19  Chris Dumez  <cdumez@apple.com>
2807
2808         Align CSSStyleDeclaration.setProperty() with the specification
2809         https://bugs.webkit.org/show_bug.cgi?id=159955
2810
2811         Reviewed by Benjamin Poulain.
2812
2813         Align CSSStyleDeclaration.setProperty() with the specification:
2814         - https://drafts.csswg.org/cssom/#the-cssstyledeclaration-interface
2815
2816         In particular, the following changes were needed:
2817         1. The 'value' parameter should not be optional
2818         2. The 'priority' parameter should treat null as the empty string
2819            rather than the string "null".
2820         3. The 'priority' parameter's default value should be the empty string,
2821            not the string "undefined".
2822         4. CSSStyleDeclaration.setProperty() should return early if 'priority'
2823            is not the empty string and is not an ASCII case-insensitive match
2824            for the string "important".
2825
2826         Chrome matches the specification entirely.
2827         Firefox matches the specification with the exception that it does a
2828         case-sensitive match for "important".
2829
2830         Test: fast/css/CSSStyleDeclaration-setProperty.html
2831
2832         * css/CSSStyleDeclaration.idl:
2833         * css/PropertySetCSSStyleDeclaration.cpp:
2834         (WebCore::PropertySetCSSStyleDeclaration::setProperty):
2835
2836 2016-07-19  Daniel Bates  <dabates@apple.com>
2837
2838         CSP: Improve support for multiple policies to more closely conform to the CSP Level 2 spec.
2839         https://bugs.webkit.org/show_bug.cgi?id=159841
2840         <rdar://problem/27381684>
2841
2842         Reviewed by Brent Fulgham.
2843
2844         Implement a first pass at sending multiple violation reports so as to more closely
2845         conform to section Enforcing multiple policies of the Content Security Policy Level 2 spec.,
2846         <https://w3c.github.io/webappsec-csp/2/> (Editor's Draft, 25 April 2016).
2847
2848         Tests: http/tests/security/contentSecurityPolicy/1.1/script-blocked-sends-multiple-reports.php
2849                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-enforced-policy-and-blocked-by-report-policy.php
2850                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-enforced-policy-and-blocked-by-report-policy2.php
2851                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy.php
2852                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
2853                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-enforced-policy-and-allowed-by-report-policy.php
2854                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-enforced-policy-and-allowed-by-report-policy2.php
2855                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy.php
2856                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy2.php
2857                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy.php
2858                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
2859                http/tests/security/contentSecurityPolicy/1.1/scripthash-in-enforced-policy-and-not-in-report-only.html
2860                http/tests/security/contentSecurityPolicy/1.1/scripthash-in-one-enforced-policy-neither-in-another-enforced-policy-nor-report-policy.html
2861                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-enforced-policy-and-blocked-by-report-policy.php
2862                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-enforced-policy-and-blocked-by-report-policy2.php
2863                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy.php
2864                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
2865                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-enforced-policy-and-allowed-by-report-policy.php
2866                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-enforced-policy-and-allowed-by-report-policy2.php
2867                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy.php
2868                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy2.php
2869                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy.php
2870                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
2871                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-in-enforced-policy-and-not-in-report-only.html
2872                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-in-one-enforced-policy-neither-in-another-enforced-policy-nor-report-policy.html
2873                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-multiple-policies.html
2874
2875         * page/csp/ContentSecurityPolicy.cpp:
2876         (WebCore::ContentSecurityPolicy::allPoliciesWithDispositionAllow): Added. Returns whether the resource
2877         is allowed by all of the policies with the specified disposition.
2878         (WebCore::ContentSecurityPolicy::allPoliciesAllow): Added. Returns whether the resource is allowed by
2879         all of the enforced policies.
2880         (WebCore::ContentSecurityPolicy::findHashOfContentInPolicies): Formerly named foundHashOfContentInAllPolicies.
2881         Modified to return a ("has found hash in all enforced policies, "has found hash in all report-only policies)-pair
2882         so that we can differentiate whether the hash violated an enforced policy or a report-only policy.
2883         (WebCore::ContentSecurityPolicy::allowJavaScriptURLs): Write in terms of ContentSecurityPolicy::allPoliciesAllow().
2884         (WebCore::ContentSecurityPolicy::allowInlineEventHandlers): Ditto.
2885         (WebCore::ContentSecurityPolicy::allowScriptWithNonce): For now only accept a nonce if it is allowed by
2886         all enforced policies. As a side effect of this change is that we only send a CSP violation report when a
2887         nonce violates a report-only policy only if the nonce also violates one or more enforced policies. We will
2888         address this limitation in <https://bugs.webkit.org/show_bug.cgi?id=159830>.
2889         (WebCore::ContentSecurityPolicy::allowStyleWithNonce): Ditto.
2890         (WebCore::ContentSecurityPolicy::allowInlineScript): Differentiate between a hash/'unsafe-inline' that
2891         matches/is contained in all enforce policies and a hash/'unsafe-inline' that matches/is contained in all
2892         report-only policies so that we only allow the resource for the former. As a side effect of this change
2893         we may report that a resource violated a policy even if it contained the hash. See <https://bugs.webkit.org/show_bug.cgi?id=159832>
2894         for more details.
2895         (WebCore::ContentSecurityPolicy::allowInlineStyle): Ditto.
2896         (WebCore::ContentSecurityPolicy::allowEval): Write in terms of ContentSecurityPolicy::allPoliciesAllow().
2897         (WebCore::ContentSecurityPolicy::allowFrameAncestors): Ditto.
2898         (WebCore::ContentSecurityPolicy::allowPluginType): Ditto.
2899         (WebCore::ContentSecurityPolicy::allowScriptFromSource): Ditto.
2900         (WebCore::ContentSecurityPolicy::allowObjectFromSource): Ditto.
2901         (WebCore::ContentSecurityPolicy::allowChildFrameFromSource): Ditto.
2902         (WebCore::ContentSecurityPolicy::allowChildContextFromSource): Ditto.
2903         (WebCore::ContentSecurityPolicy::allowImageFromSource): Ditto.
2904         (WebCore::ContentSecurityPolicy::allowStyleFromSource): Ditto.
2905         (WebCore::ContentSecurityPolicy::allowFontFromSource): Ditto.
2906         (WebCore::ContentSecurityPolicy::allowMediaFromSource): Ditto.
2907         (WebCore::ContentSecurityPolicy::allowConnectToSource): Ditto.
2908         (WebCore::ContentSecurityPolicy::allowFormAction): Ditto.
2909         (WebCore::ContentSecurityPolicy::allowBaseURI): Ditto.
2910         (WebCore::ContentSecurityPolicy::foundHashOfContentInAllPolicies): Deleted.
2911         * page/csp/ContentSecurityPolicy.h:
2912         (WebCore::ContentSecurityPolicy::violatedDirectiveInAnyPolicy): Deleted.
2913
2914 2016-07-19  Chris Dumez  <cdumez@apple.com>
2915
2916         Fix null handling of HTMLScriptElement.text attribute
2917         https://bugs.webkit.org/show_bug.cgi?id=159943
2918
2919         Reviewed by Benjamin Poulain.
2920
2921         Fix null handling of HTMLScriptElement.text attribute:
2922         - https://html.spec.whatwg.org/multipage/scripting.html#the-script-element
2923
2924         We should treat null as the "null" String but we were treating it as
2925         the empty string.
2926
2927         Firefox and Chrome match the specification.
2928
2929         No new tests, rebaselined existing test.
2930
2931         * html/HTMLScriptElement.idl:
2932
2933 2016-07-19  Chris Dumez  <cdumez@apple.com>
2934
2935         autocapitalize attribute should not use [TreatNullAs=LegacyNullString]
2936         https://bugs.webkit.org/show_bug.cgi?id=159934
2937
2938         Reviewed by Benjamin Poulain.
2939
2940         autocapitalize attribute should not use [TreatNullAs=LegacyNullString]. This is
2941         non-standard and we want to drop support for it from the bindings generator.
2942
2943         Instead, use [TreatNullAs=EmptyString] in order to maintain existing behavior
2944         given that both a missing/empty attribute result in using the default
2945         autocapitalization mode and that autocapitalize returns the empty string by
2946         default.
2947
2948         Test: platform/ios-simulator/ios/fast/forms/autocapitalize-null.html
2949
2950         * html/HTMLFormElement.idl:
2951         * html/HTMLInputElement.idl:
2952         * html/HTMLTextAreaElement.idl:
2953
2954 2016-07-19  Zalan Bujtas  <zalan@apple.com>
2955
2956         REGRESSION(r203415): ASSERTION FAILED: !m_layoutRoot->container() || !m_layoutRoot->container()->needsLayout()
2957         https://bugs.webkit.org/show_bug.cgi?id=159952
2958
2959         Reviewed by Simon Fraser.
2960
2961         Update ASSERTs to reflect new functionality, that is, now we can end up in a state
2962         where the container (RenderView) of one of the dirty subtrees is dirty.
2963         See r203415.
2964  
2965         Covered by editing/pasteboard/drag-drop-input-in-svg.svg
2966
2967         * page/FrameView.cpp:
2968         (WebCore::FrameView::scheduleRelayoutOfSubtree):
2969
2970 2016-07-19  Dean Jackson  <dino@apple.com>
2971
2972         REGRESSION(202927): The first slide is the only displayed slide when Quicklooking a Keynote file
2973         https://bugs.webkit.org/show_bug.cgi?id=159948
2974         <rdar://problem/27391012>
2975
2976         Reviewed by Simon Fraser.
2977
2978         There is an iOS bug (<rdar://problem/27416744>) that is causing us
2979         to not always get a color space on CGContextRefs. Investigation of this
2980         exposed some optimizations we can take when we are creating ImageBuffers.
2981         In particular, if we have a bitmap context or an IOSurfaceContext we
2982         can simply copy their color space using API. Otherwise we stick with
2983         the existing CGContextCopyDeviceColorSpace.
2984
2985         Lastly, if for some reason we are unable to copy the device color space,
2986         we should fall back to sRGB.
2987
2988         * platform/graphics/cg/ImageBufferCG.cpp:
2989         (WebCore::ImageBuffer::createCompatibleBuffer):
2990         * platform/spi/cg/CoreGraphicsSPI.h: Add some SPI and enums.
2991
2992
2993 2016-07-19  George Ruan  <gruan@apple.com>
2994
2995         HTMLVideoElement frames do not update on iOS when src is a MediaStream blob
2996         https://bugs.webkit.org/show_bug.cgi?id=159833
2997         <rdar://problem/27379487>
2998
2999         Reviewed by Eric Carlson.
3000
3001         Test: fast/mediastream/MediaStream-video-element-displays-buffer.html
3002
3003         * WebCore.xcodeproj/project.pbxproj:
3004         * platform/graphics/avfoundation/MediaSampleAVFObjC.h: Change create to return a Ref<T> instead
3005         of RefPtr<T>
3006         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h: Make observer of
3007         MediaStreamTrackPrivate and make MediaPlayer use an AVSampleBufferDisplayLayer instead of CALayer.
3008         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm: Ditto.
3009         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::~MediaPlayerPrivateMediaStreamAVFObjC): Clean up
3010         observers and AVSampleBufferDisplayLayer
3011         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::isAvailable): Ensures AVSampleBufferDisplayLayer
3012         is available.
3013         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueAudioSampleBufferFromTrack): Placeholder.
3014         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueVideoSampleBufferFromTrack): Responsible
3015         for enqueuing sample buffers to the active video track.
3016         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::ensureLayer): Ensures that an AVSampleBufferDisplayLayer
3017         exists.
3018         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::destroyLayer): Destroys the AVSampleBufferDisplayLayer.
3019         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::platformLayer): Replace CALayer with AVSampleBufferDisplayLayer.
3020         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::currentDisplayMode): Ditto.
3021         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::sampleBufferUpdated): Called from MediaStreamTrackPrivate when a
3022         new SampleBuffer is available.
3023         (WebCore::updateTracksOfType): Manage adding and removing self as observer from tracks.
3024         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateTracks): Replace CALayer with AVSampleBufferDisplayLayer
3025         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::acceleratedRenderingStateChanged): Copied from
3026         MediaPlayerPrivateMediaSourceAVFObjC.mm
3027         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::load): Deleted CALayer.
3028         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateDisplayMode): Deleted process of updating CALayer.
3029         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateIntrinsicSize): Deleted CALayer.
3030         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::createPreviewLayers): Deleted.
3031         * platform/mediastream/MediaStreamPrivate.cpp:
3032         (WebCore::MediaStreamPrivate::updateActiveVideoTrack): Remove redundant check.
3033         * platform/mediastream/MediaStreamTrackPrivate.cpp:
3034         (WebCore::MediaStreamTrackPrivate::sourceHasMoreMediaData): Called from RealtimeMediaSource when a new SampleBuffer
3035         is available.
3036         * platform/mediastream/MediaStreamTrackPrivate.h:
3037         (WebCore::MediaStreamTrackPrivate::Observer::sampleBufferUpdated): Relays to MediaPlayerPrivateMediaStream that
3038         a new SampleBuffer is available to enqueue to the AVSampleBufferDisplayLayer.
3039         * platform/mediastream/RealtimeMediaSource.cpp:
3040         (WebCore::RealtimeMediaSource::mediaDataUpdated): Relays to all observers that a new SampleBuffer is available.
3041         * platform/mediastream/RealtimeMediaSource.h:
3042         * platform/mediastream/mac/AVVideoCaptureSource.mm:
3043         (WebCore::AVVideoCaptureSource::processNewFrame): Calls mediaDataUpdated when a new SampleBuffer is captured.
3044
3045 2016-07-19  Anders Carlsson  <andersca@apple.com>
3046
3047         Get rid of a #define private public hack in WebCore
3048         https://bugs.webkit.org/show_bug.cgi?id=159953
3049
3050         Reviewed by Dan Bernstein.
3051
3052         Use @package instead.
3053
3054         * bindings/objc/DOMInternal.h:
3055         * bindings/objc/DOMObject.h:
3056
3057 2016-07-19  Andreas Kling  <akling@apple.com>
3058
3059         Fix SharedBuffer leak in MockContentFilter::replacementData().
3060         <https://webkit.org/b/159945>
3061
3062         Reviewed by Andy Estes.
3063
3064         Spotted on leaks bot. This code was pretty explicit about how it's going to leak.
3065         Since this is in the mock filter, it only affected layout tests.
3066
3067         * testing/MockContentFilter.cpp:
3068         (WebCore::MockContentFilter::replacementData):
3069
3070 2016-07-19  Zalan Bujtas  <zalan@apple.com>
3071
3072         theguardian.co.uk crossword puzzles are sometimes not displaying text
3073         https://bugs.webkit.org/show_bug.cgi?id=159924
3074         <rdar://problem/27409483>
3075
3076         Reviewed by Simon Fraser.
3077
3078         This patch fixes the case when
3079         - 2 disjoint subtrees are dirty
3080         - RenderView is also dirty.
3081         and we end up not laying out one of the 2 subtrees.
3082
3083         In FrameView::scheduleRelayoutOfSubtree, we assume that when the RenderView is dirty
3084         we already have a pending full layout which means that any previous subtree layouts have already been
3085         converted to full layouts.
3086         However this assumption is incorrect. RenderView can get dirty without checking if there's
3087         already a pending subtree layout.
3088         One option to solve this problem would be to override RenderObject::setNeedsLayout in RenderView
3089         so that when the RenderView gets dirty, we could also convert any pending subtree layout to full layout.
3090         However RenderObject::setNeedsLayout is a hot function and making it virtual would impact performance.
3091         The other option is to always normalize subtree layouts in FrameView::scheduleRelayoutOfSubtree().
3092         This patch implements the second option.
3093
3094         Test: fast/misc/subtree-layouts.html
3095
3096         * page/FrameView.cpp:
3097         (WebCore::FrameView::scheduleRelayoutOfSubtree):
3098
3099 2016-07-19  Anders Carlsson  <andersca@apple.com>
3100
3101         Some payment authorization status values should keep the sheet active
3102         https://bugs.webkit.org/show_bug.cgi?id=159936
3103         rdar://problem/26756701
3104
3105         Reviewed by Tim Horton.
3106
3107         * Modules/applepay/ApplePaySession.cpp:
3108         (WebCore::ApplePaySession::completePayment):
3109         Keep the sheet active if the status isn't a final state status.
3110
3111         * Modules/applepay/PaymentAuthorizationStatus.h:
3112         (WebCore::isFinalStateStatus):
3113         Add a new helper function that returns whether a given payment authorization status is "final",
3114         meaning that once that status has been passed to completePayment, the session is finished.
3115
3116 2016-07-19  Nan Wang  <n_wang@apple.com>
3117
3118         AX: Incorrect behavior for word related text marker functions when there's collapsed whitespace
3119         https://bugs.webkit.org/show_bug.cgi?id=159910
3120
3121         Reviewed by Chris Fleizach.
3122
3123         We are getting a bad CharacterOffset when there's collapsed whitespace. Added a TraverseOptionValidateOffset
3124         option to make sure we are getting the correct CharacterOffset based on the corresponding Range offset. And
3125         fixed a word navigation issue based on that.
3126
3127         Test: accessibility/mac/text-marker-word-nav-collapsed-whitespace.html
3128
3129         * accessibility/AXObjectCache.cpp:
3130         (WebCore::AXObjectCache::traverseToOffsetInRange):
3131         (WebCore::AXObjectCache::rangeForNodeContents):
3132         (WebCore::AXObjectCache::startOrEndCharacterOffsetForRange):
3133         (WebCore::AXObjectCache::characterOffsetFromVisiblePosition):
3134         (WebCore::AXObjectCache::rightWordRange):
3135         (WebCore::AXObjectCache::previousBoundary):
3136         * accessibility/AXObjectCache.h:
3137         (WebCore::AXObjectCache::isNodeInUse):
3138
3139 2016-07-19  Youenn Fablet  <youenn@apple.com>
3140
3141         [Streams API] ReadableStreamController methods should throw if its stream is not readable
3142         https://bugs.webkit.org/show_bug.cgi?id=159871
3143
3144         Reviewed by Xabier Rodriguez-Calvar.
3145
3146         Spec now mandates close and enqueue to throw if ReadableStream is not readable.
3147         Covered by rebased and/or modified tests.
3148
3149         * Modules/streams/ReadableStreamController.js:
3150         (enqueue): Throwing a TypeError if controlled stream is not readable.
3151         (close): Ditto.
3152
3153 2016-07-19  Simon Fraser  <simon.fraser@apple.com>
3154
3155         Bubbles appear split for a brief moment in Messages
3156         https://bugs.webkit.org/show_bug.cgi?id=159915
3157         rdar://problem/27182267
3158
3159         Reviewed by David Hyatt.
3160
3161         RenderView::repaintRootContents() had a long-standing bug in WebView when the
3162         view is scrolled. repaint() uses visualOverflowRect() but, for the 
3163         RenderView, the visualOverflowRect() is the initial containing block
3164         which is anchored at 0,0. When the view is scrolled it's clipped out and
3165         calls to repaintRootContents() have no effect.
3166         
3167         Change repaintRootContents() to use layoutOverflowRect(). ScrollView::repaintContentRectangle()
3168         will clip it to the view if necessary.
3169
3170         Test: fast/repaint/scrolled-view-full-repaint.html
3171
3172         * rendering/RenderView.cpp:
3173         (WebCore::RenderView::repaintRootContents):
3174
3175 2016-07-19  Dan Bernstein  <mitz@apple.com>
3176
3177         <rdar://problem/27420308> WebCore-7602.1.42 fails to build: error: unused parameter 'vm'
3178
3179         * bindings/js/JSDOMGlobalObject.cpp:
3180         (WebCore::JSDOMGlobalObject::addBuiltinGlobals): Fixed the !ENABLE(STREAMS_API) build.
3181
3182 2016-07-19  Youenn Fablet  <youenn@apple.com>
3183
3184         [Streams API] Make ReadableStream properties not enumerable
3185         https://bugs.webkit.org/show_bug.cgi?id=159868
3186
3187         Reviewed by Darin Adler.
3188
3189         Covered by rebased tests.
3190
3191         Uopdating IDL definitions to mark all functions/attributes as not enumerable.
3192         Updating IDL constructor definitions to correctly compute constructor length.
3193         Updating built-in implementation to correctly compute pipeTo length to 1 (second parameter being optional).
3194
3195         * Modules/streams/ReadableStream.idl:
3196         * Modules/streams/ReadableStream.js:
3197         * Modules/streams/ReadableStreamController.idl:
3198         * Modules/streams/ReadableStreamReader.idl:
3199
3200 2016-07-19  Chris Dumez  <cdumez@apple.com>
3201
3202         form.enctype / encoding / method should treat null as "null" string
3203         https://bugs.webkit.org/show_bug.cgi?id=159916
3204
3205         Reviewed by Ryosuke Niwa.
3206
3207         form.enctype / encoding / method should treat null as "null" string:
3208         - https://html.spec.whatwg.org/multipage/forms.html#htmlformelement
3209
3210         Previously, WebKit would treat null as the null String, which would
3211         end up removing the existing attribute.
3212
3213         Firefox and Chrome match the specification.
3214
3215         Test: fast/dom/HTMLFormElement/null-handling.html
3216
3217         * html/HTMLFormElement.h:
3218         * html/HTMLFormElement.idl:
3219
3220 2016-07-18  Csaba Osztrogonác  <ossy@webkit.org>
3221
3222         All-in-one buildfix after r202439
3223         https://bugs.webkit.org/show_bug.cgi?id=159877
3224
3225         Reviewed by Chris Dumez.
3226
3227         * Modules/webaudio/AudioDestinationNode.h:
3228         (WebCore::AudioDestinationNode::resume):
3229         (WebCore::AudioDestinationNode::suspend):
3230         (WebCore::AudioDestinationNode::close):
3231
3232 2016-07-18  Frederic Wang  <fwang@igalia.com>
3233
3234         Move parsing of subscriptshift and superscriptshift from rendering to element classes
3235         https://bugs.webkit.org/show_bug.cgi?id=159622
3236
3237         Reviewed by Darin Adler.
3238
3239         We introduce a new MathMLScriptsElement that is used for elements msub, msup, msubsup and
3240         mmultiscripts in order to create RenderMathMLScripts and parse and expose the values of the
3241         subscriptshift and superscriptshift attributes. This is one more step toward moving MathML
3242         attribute parsing to the DOM (bug 156536).
3243
3244         No new tests, rendering is unchanged.
3245
3246         * CMakeLists.txt: Add MathMLScriptsElement files.
3247         * WebCore.xcodeproj/project.pbxproj: Ditto.
3248         * mathml/MathMLAllInOne.cpp: Ditto.
3249         * mathml/MathMLInlineContainerElement.cpp: Remove handling of scripts.
3250         (WebCore::MathMLInlineContainerElement::createElementRenderer): Deleted.
3251         * mathml/MathMLScriptsElement.cpp: Added. New class to handle scripted elements supporting
3252         parsing for the subscriptshift and superscriptshift MathML lengths.
3253         (WebCore::MathMLScriptsElement::MathMLScriptsElement):
3254         (WebCore::MathMLScriptsElement::create):
3255         (WebCore::MathMLScriptsElement::subscriptShift): Expose the cached length for the shift,
3256         parsing the attribute again if necessary.
3257         (WebCore::MathMLScriptsElement::superscriptShift): Ditto.
3258         (WebCore::MathMLScriptsElement::parseAttribute): Mark attributes dirty.
3259         (WebCore::MathMLScriptsElement::createElementRenderer): Create RenderMathMLScripts.
3260         * mathml/MathMLScriptsElement.h: Ditto.
3261         * mathml/mathtags.in: Map msub, msup, msubsup and mmultiscripts to MathMLScriptsElement.
3262         * rendering/mathml/RenderMathMLScripts.cpp:
3263         (WebCore::RenderMathMLScripts::scriptsElement): Helper function to cast the node to a
3264         MathMLScriptsElement.
3265         (WebCore::RenderMathMLScripts::getScriptMetricsAndLayoutIfNeeded): Resolve the attributes
3266         using the functions from the MathMLScriptsElement class.
3267         * rendering/mathml/RenderMathMLScripts.h: Declare scriptsElement.
3268
3269 2016-07-18  Frederic Wang  <fwang@igalia.com>
3270
3271         Do not store gap and shift parameters on RenderMathMLFraction
3272         https://bugs.webkit.org/show_bug.cgi?id=159876
3273
3274         Reviewed by Darin Adler.
3275
3276         After r203285, the stack and fraction layout parameters are only used in layoutBlock so we
3277         do not need to store them on the class. We remove them and split updateLayoutParameters into
3278         three functions: one to update the linethickness and two others to retrieve the fraction and
3279         stack respectively.
3280
3281         No new tests, rendering is unchanged.
3282
3283         * rendering/mathml/RenderMathMLFraction.cpp:
3284         (WebCore::RenderMathMLFraction::updateLineThickness): Move code to update thickness members here.
3285         (WebCore::RenderMathMLFraction::getFractionParameters): Move code to retrieve fraction parameters here.
3286         (WebCore::RenderMathMLFraction::getStackParameters): Move code to retrieve stack parameters here.
3287         (WebCore::RenderMathMLFraction::layoutBlock): Use the new helper functions and local variables
3288         for fraction and stack parameters.
3289         (WebCore::RenderMathMLFraction::updateLayoutParameters): Deleted.
3290         * rendering/mathml/RenderMathMLFraction.h: Declare new helper functions and remove members
3291         for stack and fraction parameters.
3292
3293 2016-07-18  Chris Dumez  <cdumez@apple.com>
3294
3295         input.formEnctype / formMethod and button.formEnctype / formMethod / type should treat null as "null"
3296         https://bugs.webkit.org/show_bug.cgi?id=159908
3297
3298         Reviewed by Alex Christensen.
3299
3300         input.formEnctype / formMethod and button.formEnctype / formMethod / type
3301         should treat null as "null" String:
3302         - https://html.spec.whatwg.org/multipage/forms.html#htmlinputelement
3303         - https://html.spec.whatwg.org/multipage/forms.html#htmlbuttonelement
3304
3305         In WebKit, we would treat null as a null String which would end up
3306         removing the corresponding attribute. This does not match the
3307         specification. Firefox and Chrome match the specification here.
3308
3309         Tests:
3310         - fast/dom/HTMLButtonElement/null-handling.html
3311         - fast/dom/HTMLInputElement/null-handling.html
3312
3313         * html/HTMLButtonElement.idl:
3314         * html/HTMLInputElement.idl:
3315
3316 2016-07-18  Alex Christensen  <achristensen@webkit.org>
3317
3318         webbookmarksd needs to use the same AppCache directory as MobileSafari
3319         https://bugs.webkit.org/show_bug.cgi?id=159912
3320
3321         Reviewed by Alexey Proskuryakov.
3322
3323         No new tests.  This only changes behavior for webbookmarksd.
3324
3325         * platform/RuntimeApplicationChecks.h:
3326         * platform/RuntimeApplicationChecks.mm:
3327         (WebCore::IOSApplication::isWebBookmarksD): Added.
3328
3329 2016-07-18  Chris Dumez  <cdumez@apple.com>
3330
3331         EventTarget.dispatchEvent() parameter should not be nullable
3332         https://bugs.webkit.org/show_bug.cgi?id=159897
3333
3334         Reviewed by Benjamin Poulain.
3335
3336         EventTarget.dispatchEvent() parameter should not be nullable:
3337         - https://dom.spec.whatwg.org/#interface-eventtarget
3338
3339         Even though the parameter was marked as nullable in our IDL, our
3340         implementation does a null check and we already throw a TypeError
3341         when calling dispatchEvent(null).
3342
3343         Update our IDL so that it matches the specification and so that
3344         the null check is generated in the bindings instead.
3345
3346         No new tests, rebaseline existing tests.
3347
3348         * dom/EventTarget.cpp:
3349         (WebCore::EventTarget::dispatchEventForBindings):
3350         * dom/EventTarget.h:
3351         * dom/EventTarget.idl:
3352
3353 2016-07-18  Chris Dumez  <cdumez@apple.com>
3354
3355         DocType's publicId / systemId should not be nullable
3356         https://bugs.webkit.org/show_bug.cgi?id=159901
3357
3358         Reviewed by Benjamin Poulain.
3359
3360         DocType's publicId / systemId should not be nullable. While they were
3361         not marked as nullable in our IDL, they could be stored as null Strings
3362         in our implementation depending on how the Node was constructed. This
3363         led to subtle bugs where String() != emptyString().
3364
3365         In particular, Node.isEqualNode() would return false when DocumentType
3366         nodes would mismatch because of their publicId / systemId being null
3367         instead of the emptyString.
3368
3369         Serialization would DocumentType nodes would also be wrong when
3370         publicId / systemId were empty Strings instead of null strings. The
3371         new behavior now matches:
3372         - https://www.w3.org/TR/DOM-Parsing/#dfn-concept-serialize-doctype (steps 7-9)
3373
3374         To address these issues, we now always store publicId / systemId as
3375         non-null Strings inside the DocumentType class.
3376
3377         Test: fast/dom/DocumentType/isEqualNode.html
3378
3379         * dom/DocumentType.cpp:
3380         (WebCore::DocumentType::DocumentType):
3381         * editing/MarkupAccumulator.cpp:
3382         (WebCore::MarkupAccumulator::appendDocumentType):
3383
3384 2016-07-18  Jeremy Jones  <jeremyj@apple.com>
3385
3386         If previous media session interruptions were prevented, still allow subsequent interruptions to try.
3387         https://bugs.webkit.org/show_bug.cgi?id=157553
3388         rdar://problem/25740804
3389
3390         Reviewed by Eric Carlson.
3391
3392         Test: platform/ios-simulator/media/video-interruption-suspendunderlock.html
3393
3394         When suspending under lock on iOS, there is first a resign active event, then a
3395         suspend under lock. PiP prevents resign active from interrupting playback. But it should allow the
3396         suspend under lock to interrupt playback.
3397
3398         Currently if there are nested interruptions only the first one is acted upon.
3399
3400         This change allows subsequent, nested interruptions to have a chance to interrupt playback if the
3401         previous interruptions were ignored.
3402
3403         This test is for iPad only, so it must be run manually.
3404
3405         * html/HTMLMediaElement.cpp:
3406         (WebCore::HTMLMediaElement::shouldOverrideBackgroundPlaybackRestriction):
3407         * platform/audio/PlatformMediaSession.cpp:
3408         (WebCore::PlatformMediaSession::beginInterruption):
3409         * testing/Internals.cpp:
3410         (WebCore::Internals::beginMediaSessionInterruption):
3411
3412 2016-07-18  Brent Fulgham  <bfulgham@apple.com>
3413
3414         Don't associate form-associated elements with forms in other trees.
3415         https://bugs.webkit.org/show_bug.cgi?id=119451
3416         <rdar://problem/27382946>
3417
3418         Change is based on the Blink change (patch by <adamk@chromium.org>):
3419         <https://chromium.googlesource.com/chromium/blink/+/0b33128be67e7845d495d5219614c02ccfe7a414>
3420
3421         Reviewed by Chris Dumez.
3422
3423         Prevent elements from being associated with forms that are not part of the same home subtree.
3424         This brings us in line with the WhatWG HTML specification as of September, 2013.
3425
3426         Tests: fast/forms/image-disconnected-during-parse.html
3427                fast/forms/input-disconnected-during-parse.html
3428
3429         * dom/Element.h:
3430         (WebCore::Node::rootElement): Added.
3431         * html/FormAssociatedElement.cpp:
3432         (WebCore::FormAssociatedElement::insertedInto): If the element is associated with a form that
3433         is not part of the same tree, remove the association.
3434         * html/HTMLImageElement.cpp:
3435         (WebCore::HTMLImageElement::insertedInto): Ditto.
3436
3437 2016-07-18  Anders Carlsson  <andersca@apple.com>
3438
3439         WebKit nightly fails to build on macOS Sierra
3440         https://bugs.webkit.org/show_bug.cgi?id=159902
3441         rdar://problem/27365672
3442
3443         Reviewed by Tim Horton.
3444
3445         * Modules/applepay/cocoa/PaymentCocoa.mm:
3446         * Modules/applepay/cocoa/PaymentContactCocoa.mm:
3447         * Modules/applepay/cocoa/PaymentMerchantSessionCocoa.mm:
3448         * Modules/applepay/cocoa/PaymentMethodCocoa.mm:
3449         Use new PassKitSPI header.
3450
3451         * WebCore.xcodeproj/project.pbxproj:
3452         Add new PassKitSPI header.
3453
3454         * icu/unicode/ucurr.h: Added.
3455         Add ucurr.h from ICU.
3456
3457         * platform/spi/cocoa/PassKitSPI.h: Added.
3458         Add new PassKitSPI header.
3459
3460 2016-07-18  Dean Jackson  <dino@apple.com>
3461
3462         REGRESSION (r202950): Image zoom animations are broken at medium.com (159861)
3463         https://bugs.webkit.org/show_bug.cgi?id=159906
3464         <rdar://problem/27391725>
3465
3466         Reviewed by Simon Fraser.
3467
3468         The fix for webkit.org/b/157569 in r200769 broke AMP pages.
3469         The followup fix for webkit.org/b/159450 in r202950 broke Medium pages.
3470
3471         Revert them both until we have better testing.
3472
3473         * css/CSSParser.cpp:
3474         (WebCore::CSSParser::addPropertyWithPrefixingVariant):
3475         (WebCore::CSSParser::parseValue):
3476         (WebCore::CSSParser::parseAnimationShorthand):
3477         (WebCore::CSSParser::parseTransitionShorthand): Deleted.
3478         * css/CSSPropertyNames.in:
3479         * css/PropertySetCSSStyleDeclaration.cpp:
3480         (WebCore::PropertySetCSSStyleDeclaration::getPropertyCSSValue):
3481         (WebCore::PropertySetCSSStyleDeclaration::getPropertyValue):
3482         (WebCore::PropertySetCSSStyleDeclaration::getPropertyCSSValueInternal):
3483         (WebCore::PropertySetCSSStyleDeclaration::getPropertyValueInternal):
3484         * css/StyleProperties.cpp:
3485         (WebCore::MutableStyleProperties::removeShorthandProperty):
3486         (WebCore::MutableStyleProperties::removeProperty):
3487         (WebCore::MutableStyleProperties::removePrefixedOrUnprefixedProperty):
3488         (WebCore::MutableStyleProperties::setProperty):
3489         (WebCore::getIndexInShorthandVectorForPrefixingVariant):
3490         (WebCore::MutableStyleProperties::appendPrefixingVariantProperty):
3491         (WebCore::MutableStyleProperties::setPrefixingVariantProperty):
3492         (WebCore::StyleProperties::asText): Deleted.
3493         * css/StyleProperties.h:
3494
3495 2016-07-18  Andreas Kling  <akling@apple.com>
3496
3497         There should be a way to simulate memory pressure in layout tests
3498         <https://webkit.org/b/159743>
3499
3500         Reviewed by Simon Fraser.
3501
3502         Add three window.internal APIs:
3503
3504             - boolean isUnderMemoryPressure (readonly attribute)
3505             - void beginSimulatedMemoryPressure()
3506             - void endSimulatedMemoryPressure()
3507
3508         These make it possible to write tests that exercise behaviors that only
3509         occur during memory pressure situations.
3510
3511         I also implemented the "org.WebKit.lowMemory" notification handler using the new API.
3512
3513         Test: memory/memory-pressure-simulation.html
3514
3515         * platform/MemoryPressureHandler.cpp:
3516         (WebCore::MemoryPressureHandler::beginSimulatedMemoryPressure):
3517         (WebCore::MemoryPressureHandler::endSimulatedMemoryPressure):
3518         * platform/MemoryPressureHandler.h:
3519         (WebCore::MemoryPressureHandler::isUnderMemoryPressure):
3520         * platform/cocoa/MemoryPressureHandlerCocoa.mm:
3521         (WebCore::MemoryPressureHandler::platformReleaseMemory):
3522         (WebCore::MemoryPressureHandler::install):
3523         * testing/Internals.cpp:
3524         (WebCore::Internals::isUnderMemoryPressure):
3525         (WebCore::Internals::beginSimulatedMemoryPressure):
3526         (WebCore::Internals::endSimulatedMemoryPressure):
3527         * testing/Internals.h:
3528         * testing/Internals.idl:
3529
3530 2016-07-18  Said Abou-Hallawa  <sabouhallawa@apple,com>
3531
3532         [iOS] PDFDocumentImage should cache only a sub image of the PDF when caching the whole image is expensive
3533         https://bugs.webkit.org/show_bug.cgi?id=158715
3534
3535         Reviewed by Dean Jackson.
3536
3537         Test: fast/images/displaced-non-cached-pdf.html
3538
3539         For iOS, we need to ensure the size of the cached PDF images will not
3540         exceed some limit. Also we should be caching only a sub image of the PDF
3541         if caching the whole image will exceed the memory limit.
3542
3543         * page/Settings.cpp:
3544         (WebCore::Settings::Settings):
3545         (WebCore::Settings::setCachedPDFImageEnabled):
3546         * page/Settings.h:
3547         (WebCore::Settings::isCachedPDFImageEnabled):
3548             Add an option to disable caching the PDF images.
3549
3550         * platform/graphics/cg/PDFDocumentImage.cpp:
3551         (WebCore::PDFDocumentImage::setCachedPDFImageEnabled):
3552             Allow the caller of draw() to disable caching the PDF images.
3553         
3554         (WebCore::PDFDocumentImage::cacheParametersMatch):
3555             Match the context dirty rectangle with the cached image rectangle.
3556         
3557         (WebCore::transformContextForPainting):
3558             When preparing the context for drawing the PDF, take the location 
3559             of the destination rectangle into account. We do not need to scale
3560             the location of the source rectangle because we scale the size of
3561             the rectangle but we don't scale the whole coordinate system.
3562
3563         (WebCore::cachedImageRect):
3564             Calculate the rectangle of the cached image such that it does not
3565             exceed the limit. Start from the center of the dirty rectangle and
3566             then expand around it.
3567             
3568         (WebCore::PDFDocumentImage::decodedSizeChanged):
3569             In addition to notifying the ImageObserver, it keeps track of the size
3570             of all the cached PDF images.
3571
3572         (WebCore::PDFDocumentImage::updateCachedImageIfNeeded):
3573             Ensure the size of all the cached images does not exceed the limit
3574             
3575         (WebCore::PDFDocumentImage::destroyDecodedData):
3576         * platform/graphics/cg/PDFDocumentImage.h:
3577
3578         * rendering/RenderImage.cpp:
3579         (WebCore::RenderImage::paintIntoRect):
3580             Pass the option to disable caching the PDF images to PDFDocumentImage.
3581
3582         * testing/InternalSettings.cpp:
3583         (WebCore::InternalSettings::Backup::Backup):
3584         (WebCore::InternalSettings::Backup::restoreTo):
3585         (WebCore::InternalSettings::setCachedPDFImageEnabled):
3586         * testing/InternalSettings.h:
3587         * testing/InternalSettings.idl:
3588             Add an internal option to disable caching the PDF images.
3589
3590 2016-07-18  Chris Dumez  <cdumez@apple.com>
3591
3592         The 2 first parameters to addEventListener() / removeEventListener() should be mandatory
3593         https://bugs.webkit.org/show_bug.cgi?id=158008
3594
3595         Reviewed by Darin Adler.
3596
3597         The 2 first parameters to addEventListener() / removeEventListener() should be
3598         mandatory:
3599         - https://dom.spec.whatwg.org/#interface-eventtarget
3600
3601         Firefox 46 and Chrome 50 both match the specification and throw an exception when those
3602         parameters are omitted. However, those parameters were marked as optional in WebKit and
3603         the calls were no-ops if those parameters were omitted. This patch aligns our behavior
3604         with the specification and other browsers.
3605
3606         Test: fast/dom/eventtarget-api-parameters.html
3607
3608         * bindings/scripts/CodeGeneratorJS.pm:
3609         (GetFunctionLength): Deleted.
3610         * dom/EventTarget.idl:
3611
3612 2016-07-18  Brent Fulgham  <bfulgham@apple.com>
3613
3614         Unreviewed, rolling out r203373.
3615
3616         Unaddressed
3617
3618         Reverted changeset:
3619
3620         "Don't associate form-associated elements with forms in other
3621         trees."
3622         https://bugs.webkit.org/show_bug.cgi?id=119451
3623         http://trac.webkit.org/changeset/203373
3624
3625 2016-07-18  Brent Fulgham  <bfulgham@apple.com>
3626
3627         Don't associate form-associated elements with forms in other trees.
3628         https://bugs.webkit.org/show_bug.cgi?id=119451
3629         <rdar://problem/27382946>
3630
3631         Change is based on the Blink change (patch by <adamk@chromium.org>):
3632         <https://chromium.googlesource.com/chromium/blink/+/0b33128be67e7845d495d5219614c02ccfe7a414>
3633
3634         Reviewed by Zalan Bujtas.
3635
3636         Prevent elements from being associated with forms that are not part of the same home subtree.
3637         This brings us in line with the WhatWG HTML specification as of September, 2013.
3638
3639         Tests: fast/forms/image-disconnected-during-parse.html
3640                fast/forms/input-disconnected-during-parse.html
3641
3642         * dom/NodeTraversal.h:
3643         (WebCore::NodeTraversal::highestAncestorOrSelf): Added.
3644         * html/FormAssociatedElement.cpp:
3645         (WebCore::FormAssociatedElement::insertedInto): If the element is associated with a form that
3646         is not part of the same tree, remove the association.
3647         * html/HTMLImageElement.cpp:
3648         (WebCore::HTMLImageElement::insertedInto): Ditto.
3649
3650 2016-07-18  George Ruan  <gruan@apple.com>
3651
3652         Move MediaSampleAVFObjC into its own file
3653         https://bugs.webkit.org/show_bug.cgi?id=159796
3654         <rdar://problem/27362488>
3655
3656         In preparation for a feature that uses MediaSampleAVFObjC, but does
3657         not need SourceBufferPrivateAVFObjC, it is beneficial to move
3658         MediaSampleAVFObjC to its own file.
3659
3660         Reviewed by Eric Carlson.
3661
3662         * WebCore.xcodeproj/project.pbxproj:
3663         * platform/MediaSample.h: Allow setting trackID to associate
3664         MediaSample id with MediaStreamTrackPrivate id.
3665         * platform/graphics/avfoundation/MediaSampleAVFObjC.h: Added.
3666         * platform/graphics/avfoundation/objc/MediaSampleAVFObjC.mm: Moved
3667         from MediaSampleAVFObjC
3668         (WebCore::MediaSampleAVFObjC::presentationTime):
3669         (WebCore::MediaSampleAVFObjC::decodeTime):
3670         (WebCore::MediaSampleAVFObjC::duration):
3671         (WebCore::MediaSampleAVFObjC::sizeInBytes):
3672         (WebCore::MediaSampleAVFObjC::platformSample):
3673         (WebCore::CMSampleBufferIsRandomAccess):
3674         (WebCore::MediaSampleAVFObjC::flags):
3675         (WebCore::MediaSampleAVFObjC::presentationSize):
3676         (WebCore::MediaSampleAVFObjC::dump):
3677         (WebCore::MediaSampleAVFObjC::offsetTimestampsBy):
3678         (WebCore::MediaSampleAVFObjC::setTimestamps):
3679         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
3680         Moved MediaSampleAVFObjC to its own file.
3681         (WebCore::MediaSampleAVFObjC::platformSample): Deleted.
3682         (WebCore::CMSampleBufferIsRandomAccess): Deleted.
3683         (WebCore::MediaSampleAVFObjC::flags): Deleted.
3684         (WebCore::MediaSampleAVFObjC::presentationSize): Deleted.
3685         (WebCore::MediaSampleAVFObjC::dump): Deleted.
3686         (WebCore::MediaSampleAVFObjC::offsetTimestampsBy): Deleted.
3687         (WebCore::MediaSampleAVFObjC::setTimestamps): Deleted.
3688         * platform/mock/mediasource/MockSourceBufferPrivate.cpp:
3689
3690 2016-07-18  Eric Carlson  <eric.carlson@apple.com>
3691
3692         [MSE][Mac] Pass AVSampleBufferDisplayLayer HDCP status to a newly created key session
3693         https://bugs.webkit.org/show_bug.cgi?id=159812
3694         <rdar://problem/27371624>
3695
3696         Reviewed by Jon Lee.
3697
3698         No new tests, it isn't possible to test this with our current testing infrastructure.
3699
3700         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.h:
3701         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
3702         (WebCore::SourceBufferPrivateAVFObjC::setCDMSession): Call layerDidReceiveError if there has
3703         been an HDCP error.
3704         (WebCore::SourceBufferPrivateAVFObjC::rendererDidReceiveError): Remember an HDCP error.
3705
3706 2016-07-18  Yoav Weiss  <yoav@yoav.ws>
3707
3708         Add preload to features.json
3709         https://bugs.webkit.org/show_bug.cgi?id=159872
3710
3711         Reviewed by Darin Adler.
3712
3713         No new tests but no functional change.
3714
3715         * features.json:
3716
3717 2016-07-18  Youenn Fablet  <youenn@apple.com>
3718
3719         [Streams API] ReadableStream should throw a RangeError in case of NaN highWaterMark
3720         https://bugs.webkit.org/show_bug.cgi?id=159870
3721
3722         Reviewed by Xabier Rodriguez-Calvar.
3723
3724         Covered by rebased test.
3725
3726         * Modules/streams/StreamInternals.js:
3727         (validateAndNormalizeQueuingStrategy): Throwing a RangeError in lieu of a TypeError in case of NaN highWaterMark.
3728
3729 2016-07-18  Csaba Osztrogonác  <ossy@webkit.org>
3730
3731         Windows buildfix after r203338
3732         https://bugs.webkit.org/show_bug.cgi?id=159875
3733
3734         Unreviewed buildfix.
3735
3736         * dom/UserGestureIndicator.h:
3737         (WebCore::UserGestureToken::addDestructionObserver):
3738
3739 2016-07-18  Carlos Garcia Campos  <cgarcia@igalia.com>
3740
3741         MemoryPressureHandler doesn't work if cgroups aren't present in Linux
3742         https://bugs.webkit.org/show_bug.cgi?id=155255
3743
3744         Reviewed by Sergio Villar Senin.
3745
3746         Allow to pass an eventFD file descriptor to the MemoryPressureHandler to be monitorized in case cgroups are not
3747         available.
3748
3749         * platform/MemoryPressureHandler.h:
3750         * platform/linux/MemoryPressureHandlerLinux.cpp:
3751
3752 2016-07-17  Gyuyoung Kim  <gyuyoung.kim@webkit.org>
3753
3754         Clean up PassRefPtr uses in Modules/encryptedmedia, Modules/speech, and Modules/quota
3755         https://bugs.webkit.org/show_bug.cgi?id=159701
3756
3757         Reviewed by Alex Christensen.
3758
3759         No new tests, no behavior changes.
3760
3761         * Modules/encryptedmedia/CDM.h:
3762         * Modules/encryptedmedia/MediaKeySession.h:
3763         * Modules/encryptedmedia/MediaKeys.h:
3764         * Modules/quota/DOMWindowQuota.cpp:
3765         * Modules/quota/StorageErrorCallback.cpp:
3766         (WebCore::StorageErrorCallback::CallbackTask::CallbackTask):
3767         * Modules/quota/StorageErrorCallback.h:
3768         * Modules/quota/StorageInfo.h:
3769         * Modules/quota/StorageQuota.h:
3770         * Modules/speech/DOMWindowSpeechSynthesis.cpp:
3771         * Modules/speech/SpeechSynthesis.cpp:
3772         (WebCore::SpeechSynthesis::getVoices):
3773         (WebCore::SpeechSynthesis::startSpeakingImmediately):
3774         (WebCore::SpeechSynthesis::speak):
3775         (WebCore::SpeechSynthesis::cancel):
3776         (WebCore::SpeechSynthesis::handleSpeakingCompleted):
3777         (WebCore::SpeechSynthesis::boundaryEventOccurred):
3778         (WebCore::SpeechSynthesis::didStartSpeaking):
3779         (WebCore::SpeechSynthesis::didPauseSpeaking):
3780         (WebCore::SpeechSynthesis::didResumeSpeaking):
3781         (WebCore::SpeechSynthesis::didFinishSpeaking):
3782         (WebCore::SpeechSynthesis::speakingErrorOccurred):
3783         * Modules/speech/SpeechSynthesis.h:
3784         * Modules/speech/SpeechSynthesisEvent.h:
3785         * Modules/speech/SpeechSynthesisUtterance.h:
3786         * Modules/speech/SpeechSynthesisVoice.cpp:
3787         (WebCore::SpeechSynthesisVoice::create):
3788         (WebCore::SpeechSynthesisVoice::SpeechSynthesisVoice):
3789         * Modules/speech/SpeechSynthesisVoice.h:
3790         * platform/PlatformSpeechSynthesizer.h:
3791         * platform/efl/PlatformSpeechSynthesisProviderEfl.cpp:
3792         (WebCore::PlatformSpeechSynthesisProviderEfl::fireSpeechEvent):
3793         * platform/mock/PlatformSpeechSynthesizerMock.cpp:
3794         (WebCore::PlatformSpeechSynthesizerMock::speakingFinished):
3795         (WebCore::PlatformSpeechSynthesizerMock::speak):
3796         (WebCore::PlatformSpeechSynthesizerMock::cancel):
3797         (WebCore::PlatformSpeechSynthesizerMock::pause):
3798         (WebCore::PlatformSpeechSynthesizerMock::resume):
3799
3800 2016-07-16  Sam Weinig  <sam@webkit.org>
3801
3802         [WebKit API] Add SPI to track multiple navigations caused by a single user gesture
3803         <rdar://problem/26554137>
3804         https://bugs.webkit.org/show_bug.cgi?id=159856
3805
3806         Reviewed by Dan Bernstein.
3807
3808         - Adds a new RefCounted object to represent a unique user gesture, called UserGestureToken.
3809         - Makes UserGestureIndicator track UserGestureToken.
3810         - Refines UserGestureIndicator's interface to use Optional and a smaller enum set
3811           to represent the different initial states.
3812         - Stores UserGestureTokens on objects that want to forward user gesture state (DOMTimer, 
3813           postMessage, and ScheduledNavigation) rather than just a boolean.
3814
3815         * accessibility/AccessibilityNodeObject.cpp:
3816         (WebCore::AccessibilityNodeObject::increment):
3817         (WebCore::AccessibilityNodeObject::decrement):
3818         * accessibility/AccessibilityObject.cpp:
3819         (WebCore::AccessibilityObject::press):
3820         * bindings/js/ScriptController.cpp:
3821         (WebCore::ScriptController::executeScriptInWorld):
3822         (WebCore::ScriptController::executeScript):
3823         Update for new UserGestureIndicator interface.
3824
3825         * dom/UserGestureIndicator.cpp:
3826         (WebCore::currentToken):
3827         (WebCore::UserGestureToken::~UserGestureToken):
3828         (WebCore::UserGestureIndicator::UserGestureIndicator):
3829         (WebCore::UserGestureIndicator::~UserGestureIndicator):
3830         (WebCore::UserGestureIndicator::currentUserGesture):
3831         (WebCore::UserGestureIndicator::processingUserGesture):
3832         (WebCore::UserGestureIndicator::processingUserGestureForMedia):
3833         (WebCore::isDefinite): Deleted.
3834         * dom/UserGestureIndicator.h:
3835         (WebCore::UserGestureToken::create):
3836         (WebCore::UserGestureToken::state):
3837         (WebCore::UserGestureToken::processingUserGesture):
3838         (WebCore::UserGestureToken::processingUserGestureForMedia):
3839         (WebCore::UserGestureToken::addDestructionObserver):
3840         (WebCore::UserGestureToken::UserGestureToken):
3841         Add UserGestureToken and track the current one explicitly.
3842
3843         * html/HTMLMediaElement.cpp:
3844         (WebCore::HTMLMediaElement::didReceiveRemoteControlCommand):
3845         * inspector/InspectorFrontendClientLocal.cpp:
3846         (WebCore::InspectorFrontendClientLocal::openInNewTab):
3847         * inspector/InspectorFrontendHost.cpp:
3848         * inspector/InspectorPageAgent.cpp:
3849         (WebCore::InspectorPageAgent::navigate):
3850         Update for new UserGestureIndicator interface.
3851
3852         * loader/NavigationAction.cpp:
3853         (WebCore::NavigationAction::NavigationAction):
3854         * loader/NavigationAction.h:
3855         (WebCore::NavigationAction::userGestureToken):
3856         (WebCore::NavigationAction::processingUserGesture):
3857         * loader/NavigationScheduler.cpp:
3858         (WebCore::ScheduledNavigation::ScheduledNavigation):
3859         (WebCore::ScheduledNavigation::~ScheduledNavigation):
3860         (WebCore::ScheduledNavigation::lockBackForwardList):
3861         (WebCore::ScheduledNavigation::wasDuringLoad):
3862         (WebCore::ScheduledNavigation::isLocationChange):
3863         (WebCore::ScheduledNavigation::userGestureToForward):
3864         (WebCore::ScheduledNavigation::clearUserGesture):
3865         (WebCore::NavigationScheduler::mustLockBackForwardList):
3866         (WebCore::NavigationScheduler::scheduleFormSubmission):
3867         (WebCore::ScheduledNavigation::wasUserGesture): Deleted.
3868         * page/DOMTimer.cpp:
3869         (WebCore::shouldForwardUserGesture):
3870         (WebCore::userGestureTokenToForward):
3871         (WebCore::DOMTimer::DOMTimer):
3872         (WebCore::DOMTimer::fired):
3873         * page/DOMTimer.h:
3874         * page/DOMWindow.cpp:
3875         (WebCore::PostMessageTimer::PostMessageTimer):
3876         Store the active UserGestureToken rather than just a bit.
3877
3878         * page/EventHandler.cpp:
3879         (WebCore::EventHandler::handleMousePressEvent):
3880         (WebCore::EventHandler::handleMouseDoubleClickEvent):
3881         (WebCore::EventHandler::handleMouseReleaseEvent):
3882         (WebCore::EventHandler::keyEvent):
3883         (WebCore::EventHandler::handleTouchEvent):
3884         * rendering/HitTestResult.cpp:
3885         (WebCore::HitTestResult::toggleMediaFullscreenState):
3886         (WebCore::HitTestResult::enterFullscreenForVideo):
3887         (WebCore::HitTestResult::toggleEnhancedFullscreenForVideo):
3888         Update for new UserGestureIndicator interface.
3889
3890 2016-07-17  Ryosuke Niwa  <rniwa@webkit.org>
3891
3892         Rename fastHasAttribute to hasAttributeWithoutSynchronization
3893         https://bugs.webkit.org/show_bug.cgi?id=159864
3894
3895         Reviewed by Chris Dumez.
3896
3897         Renamed Rename fastHasAttribute to hasAttributeWithoutSynchronization for clarity.
3898
3899         * accessibility/AccessibilityListBoxOption.cpp:
3900         (WebCore::AccessibilityListBoxOption::isEnabled):
3901         * accessibility/AccessibilityObject.cpp:
3902         (WebCore::AccessibilityObject::hasAttribute):
3903         (WebCore::AccessibilityObject::getAttribute):
3904         * accessibility/AccessibilityRenderObject.cpp:
3905         (WebCore::AccessibilityRenderObject::determineAccessibilityRole):
3906         * bindings/scripts/CodeGenerator.pm:
3907         (GetterExpression):
3908         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
3909         * bindings/scripts/test/JS/JSTestObj.cpp:
3910         (WebCore::jsTestObjReflectedBooleanAttr):
3911         (WebCore::jsTestObjReflectedCustomBooleanAttr):
3912         * bindings/scripts/test/ObjC/DOMTestObj.mm:
3913         (-[DOMTestObj reflectedBooleanAttr]):
3914         (-[DOMTestObj setReflectedBooleanAttr:]):
3915         (-[DOMTestObj reflectedCustomBooleanAttr]):
3916         (-[DOMTestObj setReflectedCustomBooleanAttr:]):
3917         * dom/Document.cpp:
3918         (WebCore::Document::hasManifest):
3919         (WebCore::Document::doctype):
3920         * dom/Element.h:
3921         (WebCore::Node::parentElement):
3922         (WebCore::Element::hasAttributeWithoutSynchronization):
3923         (WebCore::Element::fastHasAttribute): Deleted.
3924         * editing/ApplyStyleCommand.cpp:
3925         (WebCore::ApplyStyleCommand::removeEmbeddingUpToEnclosingBlock):
3926         * editing/DeleteSelectionCommand.cpp:
3927         (WebCore::DeleteSelectionCommand::makeStylingElementsDirectChildrenOfEditableRootToPreventStyleLoss):
3928         * editing/markup.cpp:
3929         (WebCore::createMarkupInternal):
3930         * html/ColorInputType.cpp:
3931         (WebCore::ColorInputType::shouldShowSuggestions):
3932         * html/FileInputType.cpp:
3933         (WebCore::FileInputType::handleDOMActivateEvent):
3934         (WebCore::FileInputType::receiveDroppedFiles):
3935         * html/FormAssociatedElement.cpp:
3936         (WebCore::FormAssociatedElement::didMoveToNewDocument):
3937         (WebCore::FormAssociatedElement::insertedInto):
3938         (WebCore::FormAssociatedElement::removedFrom):
3939         (WebCore::FormAssociatedElement::formAttributeChanged):
3940         * html/FormController.cpp:
3941         (WebCore::ownerFormForState):
3942         * html/GenericCachedHTMLCollection.cpp:
3943         (WebCore::GenericCachedHTMLCollection<traversalType>::elementMatches):
3944         * html/HTMLAnchorElement.cpp:
3945         (WebCore::HTMLAnchorElement::draggable):
3946         (WebCore::HTMLAnchorElement::href):
3947         (WebCore::HTMLAnchorElement::sendPings):
3948         * html/HTMLAppletElement.cpp:
3949         (WebCore::HTMLAppletElement::rendererIsNeeded):
3950         * html/HTMLElement.cpp:
3951         (WebCore::HTMLElement::collectStyleForPresentationAttribute):
3952         (WebCore::elementAffectsDirectionality):
3953         (WebCore::setHasDirAutoFlagRecursively):
3954         * html/HTMLEmbedElement.cpp:
3955         (WebCore::HTMLEmbedElement::rendererIsNeeded):
3956         * html/HTMLFieldSetElement.cpp:
3957         (WebCore::updateFromControlElementsAncestorDisabledStateUnder):
3958         (WebCore::HTMLFieldSetElement::disabledAttributeChanged):
3959         (WebCore::HTMLFieldSetElement::disabledStateChanged):
3960         (WebCore::HTMLFieldSetElement::childrenChanged):
3961         * html/HTMLFormControlElement.cpp:
3962         (WebCore::HTMLFormControlElement::formNoValidate):
3963         (WebCore::HTMLFormControlElement::formAction):
3964         (WebCore::HTMLFormControlElement::computeIsDisabledByFieldsetAncestor):
3965         (WebCore::shouldAutofocus):
3966         * html/HTMLFormElement.cpp:
3967         (WebCore::HTMLFormElement::formElementIndex):
3968         (WebCore::HTMLFormElement::noValidate):
3969         * html/HTMLFrameElement.cpp:
3970         (WebCore::HTMLFrameElement::noResize):
3971         (WebCore::HTMLFrameElement::didAttachRenderers):
3972         * html/HTMLFrameElementBase.cpp:
3973         (WebCore::HTMLFrameElementBase::parseAttribute):
3974         (WebCore::HTMLFrameElementBase::location):
3975         * html/HTMLHRElement.cpp:
3976         (WebCore::HTMLHRElement::collectStyleForPresentationAttribute):
3977         * html/HTMLImageElement.cpp:
3978         (WebCore::HTMLImageElement::isServerMap):
3979         * html/HTMLInputElement.cpp:
3980         (WebCore::HTMLInputElement::finishParsingChildren):
3981         (WebCore::HTMLInputElement::matchesDefaultPseudoClass):
3982         (WebCore::HTMLInputElement::isActivatedSubmit):
3983         (WebCore::HTMLInputElement::reset):
3984         (WebCore::HTMLInputElement::multiple):
3985         (WebCore::HTMLInputElement::setSize):
3986         (WebCore::HTMLInputElement::shouldUseMediaCapture):
3987         * html/HTMLMarqueeElement.cpp:
3988         (WebCore::HTMLMarqueeElement::minimumDelay):