Support configurable autocapitalization.
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2016-06-17  Antoine Quint  <graouts@apple.com>
2
3         Web video playback controls should have RTL volume slider
4         https://bugs.webkit.org/show_bug.cgi?id=158856
5         <rdar://problem/25971769>
6
7         Reviewed by Tim Horton.
8
9         We reproduce the system used to propagate the page scale factor from the WebPage to the media controls to
10         propagate the user interface layout direction.
11
12         The Page exposes a new setUserInterfaceLayoutDirection() method which is set by the WebPage. The Page
13         then notifies the Document of a change, which propagates down to registered media elements, and finally sets
14         the usesLTRUserInterfaceLayoutDirection property on the media controller object in the injected JavaScript.
15         Based on the value of that property we toggle a new .uses-ltr-user-interface-layout-direction CSS class on the
16         .volume-box which applies a translate to the right and flips the volume controls on the x axis.
17
18         Since we're setting a new JS property from HTMLMediaController, we refactor much of the code out of the existing
19         pageScaleFactorChanged() and setPageScaleFactorProperty() into the new setControllerJSProperty() method so that
20         can easily set a named JS property with a given JSValue.
21
22         For testing purposes, we expose the WebCore::Page::setUserInterfaceLayoutDirection() method through Internals.
23
24         Test: fullscreen/video-controls-rtl.html
25
26         * Modules/mediacontrols/mediaControlsApple.css:
27         (video:-webkit-full-screen::-webkit-media-controls-panel .volume-box:not(.uses-ltr-user-interface-layout-direction)):
28         * Modules/mediacontrols/mediaControlsApple.js:
29         (Controller.prototype.set usesLTRUserInterfaceLayoutDirection):
30         * WebCore.xcodeproj/project.pbxproj:
31         * dom/Document.cpp:
32         (WebCore::Document::registerForUserInterfaceLayoutDirectionChangedCallbacks):
33         (WebCore::Document::unregisterForUserInterfaceLayoutDirectionChangedCallbacks):
34         (WebCore::Document::userInterfaceLayoutDirectionChanged):
35         * dom/Document.h:
36         * html/HTMLMediaElement.cpp:
37         (WebCore::HTMLMediaElement::registerWithDocument):
38         (WebCore::HTMLMediaElement::unregisterWithDocument):
39         (WebCore::HTMLMediaElement::updatePageScaleFactorJSProperty):
40         (WebCore::HTMLMediaElement::updateUsesLTRUserInterfaceLayoutDirectionJSProperty):
41         (WebCore::HTMLMediaElement::setControllerJSProperty):
42         (WebCore::HTMLMediaElement::didAddUserAgentShadowRoot):
43         (WebCore::HTMLMediaElement::pageScaleFactorChanged):
44         (WebCore::HTMLMediaElement::userInterfaceLayoutDirectionChanged):
45         (WebCore::setPageScaleFactorProperty): Deleted.
46         * html/HTMLMediaElement.h:
47         * page/Page.cpp:
48         (WebCore::Page::setUserInterfaceLayoutDirection):
49         * page/Page.h:
50         (WebCore::Page::userInterfaceLayoutDirection):
51         * platform/UserInterfaceLayoutDirection.h: Renamed from Source/WebKit2/UIProcess/UserInterfaceLayoutDirection.h.
52         * testing/Internals.cpp:
53         (WebCore::Internals::setUserInterfaceLayoutDirection):
54         * testing/Internals.h:
55         * testing/Internals.idl:
56
57 2016-06-17  Chris Dumez  <cdumez@apple.com>
58
59         TouchEvent should have a constructor
60         https://bugs.webkit.org/show_bug.cgi?id=158883
61         <rdar://problem/26063585>
62
63         Reviewed by Benjamin Poulain.
64
65         TouchEvent should have a constructor:
66         - https://w3c.github.io/touch-events/#touchevent-interface
67
68         Chrome already ships this:
69         - https://bugs.chromium.org/p/chromium/issues/detail?id=508675
70
71         Test: fast/events/touch/touch-event-constructor.html
72
73         * bindings/js/JSDictionary.cpp:
74         (WebCore::JSDictionary::convertValue):
75         * bindings/js/JSDictionary.h:
76         * dom/TouchEvent.cpp:
77         (WebCore::TouchEvent::TouchEvent):
78         * dom/TouchEvent.h:
79         * dom/TouchEvent.idl:
80
81 2016-06-17  Zalan Bujtas  <zalan@apple.com>
82
83         Potential null dereferencing on a detached positioned renderer.
84         https://bugs.webkit.org/show_bug.cgi?id=158879
85
86         Reviewed by Simon Fraser.
87
88         This patch fixes the case when the while loop to search for the absolute positioned ancestor
89         returns null (it happens when positioned renderer has been detached from the render tree).
90
91         Speculative fix.
92
93         * rendering/RenderBlock.cpp:
94         (WebCore::RenderBlock::markFixedPositionObjectForLayoutIfNeeded):
95         * rendering/RenderBlock.h:
96
97 2016-06-17  Chris Dumez  <cdumez@apple.com>
98
99         URL hash setter does not remove fragment identifier if argument is an empty string
100         https://bugs.webkit.org/show_bug.cgi?id=158869
101         <rdar://problem/26863430>
102
103         Reviewed by Darin Adler.
104
105         URL hash setter and URLUtils hash setter should remove the fragment identifier
106         if set to "#" or "":
107         - https://url.spec.whatwg.org/#dom-url-hash
108         - https://html.spec.whatwg.org/multipage/semantics.html#dom-hyperlink-hash
109
110         This patch aligns our behavior with the specification and with other browsers
111         (tested Firefox and Chrome).
112
113         This patch also updates HTMLAnchorElement to inherit URLUtils to avoid code
114         duplication. HTMLAnchorElement already implements URLUtils in the IDL, as per
115         the specification:
116         - https://html.spec.whatwg.org/multipage/semantics.html#htmlanchorelement
117
118         No new tests, rebaselined existing tests.
119
120         * html/HTMLAnchorElement.cpp:
121         (WebCore::HTMLAnchorElement::origin): Deleted.
122         (WebCore::HTMLAnchorElement::text): Deleted.
123         (WebCore::HTMLAnchorElement::setText): Deleted.
124         (WebCore::HTMLAnchorElement::toString): Deleted.
125         (WebCore::HTMLAnchorElement::isLiveLink): Deleted.
126         (WebCore::HTMLAnchorElement::sendPings): Deleted.
127         (WebCore::HTMLAnchorElement::handleClick): Deleted.
128         (WebCore::HTMLAnchorElement::eventType): Deleted.
129         (WebCore::HTMLAnchorElement::treatLinkAsLiveForEventType): Deleted.
130         (WebCore::isEnterKeyKeydownEvent): Deleted.
131         (WebCore::shouldProhibitLinks): Deleted.
132         (WebCore::HTMLAnchorElement::willRespondToMouseClickEvents): Deleted.
133         (WebCore::rootEditableElementMap): Deleted.
134         (WebCore::HTMLAnchorElement::rootEditableElementForSelectionOnMouseDown): Deleted.
135         (WebCore::HTMLAnchorElement::clearRootEditableElementForSelectionOnMouseDown): Deleted.
136         (WebCore::HTMLAnchorElement::setRootEditableElementForSelectionOnMouseDown): Deleted.
137         * html/HTMLAnchorElement.h:
138         (WebCore::HTMLAnchorElement::invalidateCachedVisitedLinkHash): Deleted.
139         * html/URLUtils.h:
140         (WebCore::URLUtils<T>::setHash):
141
142 2016-06-17  John Wilander  <wilander@apple.com>
143
144         Ignore case in the check for security origin inheritance
145         https://bugs.webkit.org/show_bug.cgi?id=158878
146
147         Reviewed by Alex Christensen.
148
149         Darin Adler commented in https://bugs.webkit.org/show_bug.cgi?id=158855:
150         "Are these comparisons intentionally case sensitive? Shouldn’t they ignore ASCII 
151         case? We could use equalIgnoringASCIICase and equalLettersIgnoringASCIICase for 
152         those two lines instead of using ==. URL::parse normalizes letters in the scheme 
153         and host by using toASCIILower, but does not normalize letters elsewhere in the 
154         URL, such as in the "blank" or "srcdoc" in the above URLs."
155
156         Test: http/tests/dom/window-open-about-uppercase-blank-and-access-document.html
157
158         * platform/URL.cpp:
159         (WebCore::URL::shouldInheritSecurityOriginFromOwner):
160
161 2016-06-17  Hyungwook Lee  <hyungwook.lee@navercorp.com>
162
163         Fix compilation errors when we enable DUMP_NODE_STATISTICS in Node.h
164         https://bugs.webkit.org/show_bug.cgi?id=158868
165
166         Reviewed by Alex Christensen.
167
168         Fix compilation errors in Node.cpp when we enable DUMP_NODE_STATISTICS
169
170         * dom/Node.cpp:
171         (WebCore::Node::dumpStatistics):
172
173 2016-06-17  Per Arne Vollan  <pvollan@apple.com>
174
175         [Win] Scrolling in popup menu scrolls past last entry.
176         https://bugs.webkit.org/show_bug.cgi?id=158870
177
178         Reviewed by Brent Fulgham.
179
180         When the popup has a scrollbar, the content size is not equal to the popup window size.
181   
182         * platform/win/PopupMenuWin.cpp:
183         (WebCore::PopupMenuWin::contentsSize):
184
185 2016-06-17  Frederic Wang  <fwang@igalia.com>
186
187         Refactor RenderMathMLRoot layout function to avoid using flexbox
188         https://bugs.webkit.org/show_bug.cgi?id=153987
189
190         Reviewed by Brent Fulgham.
191
192         No new tests, already covered by existing tests.
193         A case for RTL root has been added to roots.xhtml.
194
195         We reimplement RenderMathMLRoot without any flexbox or anonymous.
196         The anonymous RenderMathMLRadicalOperator used to draw the radical sign is replaced with
197         the MathOperator class introduced in bug 152244.
198         msqrt (row of children under a square root) is now implemented directly in RenderMathMLRoot,
199         so RenderMathMLSquareRoot is removed and RenderMathMLRoot now inherits from RenderMathMLRow.
200
201         * CMakeLists.txt: Remove files for RenderMathMLRadicalOperator and RenderMathMLSquareRoot.
202         * WebCore.xcodeproj/project.pbxproj: ditto.
203         * accessibility/AccessibilityRenderObject.cpp: Update code now that we do not use any
204         radical wrappers.
205         (WebCore::AccessibilityRenderObject::isMathRow): Now that RenderMathMLRoot inherits from
206         RenderMathMLRow, we must exclude MathRoot or otherwise some accessibility code may treat
207         roots as rows.
208         (WebCore::AccessibilityRenderObject::mathRadicandObject): Return the first child for
209         Root/SquareRoot or nullptr.
210         (WebCore::AccessibilityRenderObject::mathRootIndexObject): Return the second child for
211         Root and nullptr for SquareRoot.
212         * mathml/MathMLInlineContainerElement.cpp:
213         (WebCore::MathMLInlineContainerElement::childrenChanged): We no longer need a special case
214         for msqrt, it is treated as a normal RenderMathMLRow.
215         (WebCore::MathMLInlineContainerElement::createElementRenderer): Make msqrt create a
216         RenderMathMLRoot object.
217         * rendering/RenderObject.h:
218         (WebCore::RenderObject::isRenderMathMLRadicalOperator): Deleted.
219         * rendering/mathml/RenderMathMLBlock.cpp:
220         (WebCore::RenderMathMLBlock::mirrorIfNeeded): New function to mirror a child horizontal
221         offset according to the parent width.
222         (WebCore::RenderMathMLBlock::renderName):
223         * rendering/mathml/RenderMathMLBlock.h:
224         (WebCore::RenderMathMLBlock::mirrorIfNeeded): Moved from RenderMathMLScripts, just forward
225         call to the other mirrorIfNeeded function.
226         * rendering/mathml/RenderMathMLOperator.cpp: We no longer need this trailingSpaceError hack.
227         (WebCore::RenderMathMLOperator::trailingSpaceError): Deleted.
228         * rendering/mathml/RenderMathMLOperator.h: ditto.
229         * rendering/mathml/RenderMathMLRadicalOperator.cpp: Removed. The radical sign is now drawn
230         with a MathOperator.
231         * rendering/mathml/RenderMathMLRadicalOperator.h: Removed.
232         * rendering/mathml/RenderMathMLRoot.cpp: Complete refactoring to avoid using flexbox and
233         anonymous wrappers.
234         (WebCore::RenderMathMLRoot::RenderMathMLRoot): Set m_kind parameters to distinguish between
235         square root and general root and set the MathOperator member to draw the radical sign.
236         (WebCore::RenderMathMLRoot::isValid): Helper function to verify whether the child list is valid.
237         (WebCore::RenderMathMLRoot::getBase): Get the base of an mroot.
238         (WebCore::RenderMathMLRoot::getIndex): Get the index of an mroot.
239         (WebCore::RenderMathMLRoot::styleDidChange): Be sure to keep the style of the
240         MathOperator in sync with ours ; no need to skip empty roots.
241         (WebCore::RenderMathMLRoot::updateFromElement): Call the function from the new parent class ;
242         no need to skip empty roots.
243         (WebCore::RenderMathMLRoot::updateStyle): Remove the isEmpty ASSERT as it is valid to have
244         empty square root. Set the m_kernBeforeDegree, m_kernBeforeDegree members.
245         No need to set style for anonymous.
246         (WebCore::RenderMathMLRoot::computePreferredLogicalWidths): Implement this function.
247         (WebCore::RenderMathMLRoot::layoutBlock): Implement this function.
248         (WebCore::RenderMathMLRoot::paintChildren): Implement this function.
249         (WebCore::RenderMathMLRoot::paint): Remove the trailingSpaceError hack ;
250         paint the radical sign via MathOperator::paint
251         (WebCore::RenderMathMLRoot::baseWrapper): Deleted.
252         (WebCore::RenderMathMLRoot::radicalWrapper): Deleted.
253         (WebCore::RenderMathMLRoot::indexWrapper): Deleted.
254         (WebCore::RenderMathMLRoot::radicalOperator): Deleted.
255         (WebCore::RenderMathMLRoot::restructureWrappers): Deleted.
256         (WebCore::RenderMathMLRoot::addChild): Deleted.
257         (WebCore::RenderMathMLRoot::firstLineBaseline): Deleted.
258         (WebCore::RenderMathMLRoot::layout): Deleted.
259         (WebCore::RenderMathMLRootWrapper::createAnonymousWrapper): Deleted.
260         (WebCore::RenderMathMLRootWrapper::removeChildWithoutRestructuring): Deleted.
261         (WebCore::RenderMathMLRootWrapper::removeChild): Deleted.
262         * rendering/mathml/RenderMathMLRoot.h: Make RenderMathMLRoot inherit from RenderMathMLRow.
263         Make RenderMathMLRoot support <msqrt>.
264         Remove all the anonymous wrapper stuff and instead use a MathOperator for the radical symbol.
265         Update function declaration to implement layout without flexbox and add some helper functions.
266         * rendering/mathml/RenderMathMLRow.cpp: Allow to get the exact metrics of the chid row,
267         for use in RenderMathMLRoot.
268         (WebCore::RenderMathMLRow::computeLineVerticalStretch): rename parameters.
269         (WebCore::RenderMathMLRow::layoutRowItems): Set parameters to the final ascent, descent and
270         logical width of the chid row. Set the temporary logical width for RenderMathRoot before
271         laying the children out.
272         (WebCore::RenderMathMLRow::layoutBlock): Rename parameters ; add a dummy logicalWidth
273         parameter.
274         * rendering/mathml/RenderMathMLRow.h: Make some functions accessible or overridable by
275         RenderMathMLRoot. Make layoutRowItems return the final ascent, descent and logical width
276         after the chid row is laid out.
277         * rendering/mathml/RenderMathMLScripts.cpp: Move mirrorIfNeeded to RenderMathMLBlock.
278         (WebCore::RenderMathMLScripts::mirrorIfNeeded): Deleted.
279         * rendering/mathml/RenderMathMLScripts.h: Move mirrorIfNeeded to RenderMathMLBlock.
280         * rendering/mathml/RenderMathMLSquareRoot.cpp: Removed.
281         * rendering/mathml/RenderMathMLSquareRoot.h: Removed.
282         * rendering/mathml/MathOperator.cpp:
283         (WebCore::MathOperator::paint): Apply a mirroring scale transform to radical symbol
284         in RTL direction.
285
286 2016-06-17  Chris Dumez  <cdumez@apple.com>
287
288         Drop some unnecessary header includes
289         https://bugs.webkit.org/show_bug.cgi?id=158864
290
291         Reviewed by Alexey Proskuryakov.
292
293         Drop some unnecessary header includes to try and reduce build times.
294
295         * WebCore.xcodeproj/project.pbxproj:
296         * accessibility/AccessibilityList.cpp:
297         * css/CSSComputedStyleDeclaration.cpp:
298         * css/MediaQueryMatcher.cpp:
299         * css/StyleMedia.cpp:
300         * css/TransformFunctions.cpp:
301         * dom/NodeRenderStyle.h:
302         * dom/PseudoElement.h:
303         (isType): Deleted.
304         * html/HTMLTitleElement.cpp:
305         * html/shadow/MediaControlElementTypes.h:
306         * html/shadow/MediaControls.cpp:
307         * inspector/InspectorDOMAgent.h:
308         * inspector/InspectorLayerTreeAgent.h:
309         * inspector/InspectorPageAgent.cpp:
310         * page/scrolling/AsyncScrollingCoordinator.cpp:
311         * page/scrolling/ScrollingCoordinator.h:
312         * rendering/BidiRun.h:
313         * rendering/BorderEdge.h:
314         * rendering/RenderElement.h:
315         * rendering/RenderObject.h:
316         (WebCore::AnnotatedRegionValue::operator==): Deleted.
317         (WebCore::AnnotatedRegionValue::operator!=): Deleted.
318         * rendering/RenderObjectEnums.h: Added.
319         * rendering/RenderTheme.h:
320         * rendering/SimpleLineLayoutFlowContents.h:
321         * rendering/SimpleLineLayoutTextFragmentIterator.h:
322         * rendering/TextPainter.h:
323         * rendering/style/RenderStyle.h:
324         (WebCore::pseudoElementRendererIsNeeded):
325         * rendering/style/ShapeValue.cpp:
326         * rendering/style/ShapeValue.h:
327         * style/ClassChangeInvalidation.cpp:
328         * style/ClassChangeInvalidation.h:
329         * style/InlineTextBoxStyle.h:
330         * style/StyleUpdate.cpp:
331
332 2016-06-17  Andreas Kling  <akling@apple.com>
333
334         [iOS] Throw away linked code when navigating to a new page.
335         <https://webkit.org/b/153851>
336
337         Reviewed by Antti Koivisto.
338
339         When navigating to a new page, tell JSC to throw out any linked code it has lying around.
340         Linked code is tied to a specific global object, and as we're creating a new one for the
341         new page, none of it is useful to us here.
342
343         In the event that the user navigates back, the cost of relinking some code will be far
344         lower than the memory cost of keeping all of it around.
345
346         This was in-tree before but was rolled out due to regressing JSBench. It was a slowdown
347         due to the benchmark harness using top-level navigations to drive the tests.
348         This new version avoids that problem by only throwing out code if we haven't navigated
349         in the last 2 seconds. This also prevents excessive work in response to redirects.
350
351         I've also moved this into MemoryPressureHandler so we don't make a mess in FrameLoader.
352
353         * loader/FrameLoader.cpp:
354         (WebCore::FrameLoader::commitProvisionalLoad):
355         * platform/MemoryPressureHandler.cpp:
356         (WebCore::MemoryPressureHandler::jettisonExpensiveObjectsOnTopLevelNavigation):
357         * platform/MemoryPressureHandler.h:
358
359 2016-06-17  Youenn Fablet  <youenn.fablet@crf.canon.fr>
360
361         CORS preflight with a non-200 response should be a preflight failure
362         https://bugs.webkit.org/show_bug.cgi?id=111008
363
364         Reviewed by Darin Adler.
365
366         Covered by rebased tests.
367
368         * Modules/fetch/FetchResponse.h: Making use of ResourceResponse::isSuccessful.
369         * loader/CrossOriginPreflightChecker.cpp:
370         (WebCore::CrossOriginPreflightChecker::validatePreflightResponse): Checking that response status is code is
371         successful. If not, calling preflight failure callback.
372         (WebCore::CrossOriginPreflightChecker::startPreflight): Putting in manual redirection mode so that redirection
373         responses are processed as other responses.
374         * loader/ResourceLoaderOptions.h:
375         (WebCore::ResourceLoaderOptions::fetchOptions): Adding a non-const getter and fixing const getter to return a
376         const reference.
377         (WebCore::ResourceLoaderOptions::setFetchOptions): Passing options by reference.
378         * platform/network/ResourceResponseBase.cpp:
379         (WebCore::ResourceResponseBase::isSuccessful): Utility function.
380         * platform/network/ResourceResponseBase.h:
381
382 2016-06-17  Frederic Wang  <fwang@igalia.com>
383
384         MathOperator: Add fallback mechanisms for stretching and mirroring radical symbols
385         https://bugs.webkit.org/show_bug.cgi?id=156836
386
387         Reviewed by Sergio Villar Senin.
388
389         Some platforms do not have OpenType MATH fonts pre-installed and thus can not draw stretchy
390         operators using size variants or glyph assembly. This is especially problematic for the
391         radical symbol which is used to write roots. Currently, we have some fallback code to draw
392         that symbol using graphical primitives but it is a bit complex and makes the style of radical
393         inconsistent with the font used. We solve these issues by just scaling the base glyph via a
394         scale transform. Such scale transform is also used to mirror the radical symbol so that we
395         have some support for right-to-left roots until we can do glyph-level mirroring
396         via the OpenType rtlm feature.
397
398         Test: mathml/radical-fallback.html
399
400         * rendering/mathml/MathOperator.cpp: Add a constant for the code point U+221A of the radical.
401         (WebCore::MathOperator::reset): In general, we don't need any vertical scaling for radical
402         symbols so m_radicalVerticalScale is initialized to 1.
403         (WebCore::MathOperator::calculateStretchyData): If we don't have a font with a MATH table and we
404         try streching a radical, then we update the vertical metrics to match the target size and
405         set m_radicalVerticalScale to the value necessary to make the base glyph scaled to that size.
406         (WebCore::MathOperator::paint): For a radical operator, we may apply a scale transform of
407         parameters (radicalHorizontalScale, m_radicalVerticalScale) in order to support RTL
408         mirroring or vertical stretching.
409         * rendering/mathml/MathOperator.h: We add a m_radicalVerticalScale member to indicate the
410         scaling to apply to the base radical glyph when the stretchy fallback is necessary.
411         (WebCore::MathOperator::isStretched): The operator is also considered stretched when the
412         m_radicalVerticalScale is applied to the base size.
413         * rendering/mathml/RenderMathMLRadicalOperator.cpp: Remove code specific to the old fallback mechanism.
414         * rendering/mathml/RenderMathMLRadicalOperator.h: Ditto.
415
416 2016-06-16  Commit Queue  <commit-queue@webkit.org>
417
418         Unreviewed, rolling out r202147.
419         https://bugs.webkit.org/show_bug.cgi?id=158867
420
421         Broke scrolling tests on iOS Simulator (Requested by ap on
422         #webkit).
423
424         Reverted changeset:
425
426         "Focus event dispatched in iframe causes parent document to
427         scroll incorrectly"
428         https://bugs.webkit.org/show_bug.cgi?id=158629
429         http://trac.webkit.org/changeset/202147
430
431 2016-06-16  Benjamin Poulain  <bpoulain@apple.com>
432
433         :in-range & :out-of-range CSS pseudo-classes shouldn't match disabled or readonly inputs
434         https://bugs.webkit.org/show_bug.cgi?id=156530
435
436         Reviewed by Simon Fraser.
437
438         Elements should only match :in-range and :out-of-range
439         when they are candidate for constraint validation.
440
441         Tests: fast/css/pseudo-in-range-on-disabled-input-basics.html
442                fast/css/pseudo-in-range-on-readonly-input-basics.html
443                fast/css/pseudo-in-range-out-of-range-on-disabled-input-trivial.html
444                fast/css/pseudo-out-of-range-on-disabled-input-basics.html
445                fast/css/pseudo-out-of-range-on-readonly-input-basics.html
446                fast/selectors/in-range-out-of-range-style-update.html
447
448         * html/BaseDateAndTimeInputType.cpp:
449         (WebCore::BaseDateAndTimeInputType::minOrMaxAttributeChanged):
450         * html/NumberInputType.cpp:
451         (WebCore::NumberInputType::minOrMaxAttributeChanged):
452         I forgot to handle style update in r202143.
453         This is covered by the new style invalidation test.
454
455         * html/BaseDateAndTimeInputType.h:
456         * html/HTMLInputElement.cpp:
457         (WebCore::HTMLInputElement::isInRange):
458         (WebCore::HTMLInputElement::isOutOfRange):
459
460 2016-06-16  Frederic Wang  <fwang@igalia.com>
461
462         Add separate MathOperator for selection/measuring/drawing of stretchy operators
463         https://bugs.webkit.org/show_bug.cgi?id=152244
464
465         Reviewed by Brent Fulgham.
466
467         We complete the class to select, measure and draw stretchy operators that is independent
468         from RenderMathMLOperator. That way, we will be able use stretchy operator without having
469         to introduce & manage anonymous RenderMathMLOperator's
470         (e.g for <mroot>, <msqrt> and <mfenced>).
471
472         No new tests, already covered by existing tests.
473
474         * rendering/mathml/MathOperator.cpp:
475         (WebCore::ascentForGlyph): Add this helper function to get glyph ascent.
476         (WebCore::descentForGlyph): Add this helper function to get glyph descent.
477         (WebCore::MathOperator::reset): Initialize all the data and calculate ascent/descent of the
478         base glyph.
479         (WebCore::MathOperator::setSizeVariant): Set the width/ascent/descent.
480         (WebCore::MathOperator::setGlyphAssembly): Ditto.
481         (WebCore::MathOperator::calculateDisplayStyleLargeOperator): Remove the STIX Word hack and
482         change m_maxPreferredWidth to use the actual width instead.
483         (WebCore::MathOperator::stretchTo): New functions to execute the actual operator streching.
484         (WebCore::MathOperator::fillWithVerticalExtensionGlyph): Add a FIXME for bug 155434.
485         (WebCore::MathOperator::fillWithHorizontalExtensionGlyph): Align all the glyph baselines on
486         the same axis, given by m_ascent.
487         Add a FIXME for bug 155434.
488         (WebCore::MathOperator::paintHorizontalGlyphAssembly): Ditto.
489         (WebCore::MathOperator::paint): Public function to do the painting.
490         (WebCore::MathOperator::paintVerticalGlyphAssembly): Deleted.
491         * rendering/mathml/MathOperator.h: Update declarations and make most of the members private.
492         (WebCore::MathOperator::ascent): Function to expose m_ascent.
493         (WebCore::MathOperator::descent): Function to expose m_descent.
494         * rendering/mathml/RenderMathMLOperator.cpp:
495         (WebCore::RenderMathMLOperator::stretchTo): Forward the stretching call to MathOperator.
496         (WebCore::RenderMathMLOperator::computePreferredLogicalWidths): Unfold advanceForGlyph
497         since we delete RenderMathMLOperator::advanceForGlyph. Just rely on
498         MathOperator::maxPreferredWidth to determine the preferred width of stretchy operators.
499         For horizontal operators, we just use the width of the base glyph.
500         Finally, we remove the dirty flag on preferred logical width.
501         (WebCore::RenderMathMLOperator::rebuildTokenContent): Reinit the MathOperator instance.
502         (WebCore::RenderMathMLOperator::updateFromElement): Force more updates of
503         RenderMathMLOperator to avoid test breakage.
504         (WebCore::RenderMathMLOperator::styleDidChange): Call MathOperator::reset to take into
505         account style change.
506         (WebCore::RenderMathMLOperator::updateStyle): Remove unused code.
507         (WebCore::RenderMathMLOperator::firstLineBaseline): Use MathOperator::ascent() function.
508         (WebCore::RenderMathMLOperator::computeLogicalHeight): Use MathOperator::ascent() and
509         MathOperator::descent() functions to calculate the height.
510         (WebCore::RenderMathMLOperator::paint): Only stretched operators are treated specially.
511         We center horizontal operator and forward the paint() call to MathOperator.
512         (WebCore::RenderMathMLOperator::trailingSpaceError): The error is now just the difference
513         between the values returned by MathOperator::maxPreferredWidth() and
514         MathOperator::width().
515         (WebCore::boundsForGlyph): Deleted.
516         (WebCore::heightForGlyph): Deleted.
517         (WebCore::advanceWidthForGlyph): Deleted.
518         (WebCore::RenderMathMLOperator::updateStyle): Deleted.
519
520 2016-06-16  Jiewen Tan  <jiewen_tan@apple.com>
521
522         CSP: Content Security Policy should allow '*' to match the originating page's scheme
523         https://bugs.webkit.org/show_bug.cgi?id=158811
524         <rdar://problem/26819568>
525
526         Reviewed by Daniel Bates.
527
528         Tests: security/contentSecurityPolicy/image-with-file-url-allowed-by-img-src-star.html
529                security/contentSecurityPolicy/link-with-file-url-allowed-by-style-src-star.html
530                security/contentSecurityPolicy/script-with-file-url-allowed-by-script-src-star.html
531                security/contentSecurityPolicy/video-with-file-url-allowed-by-media-src-star.html
532
533         * page/csp/ContentSecurityPolicySourceList.cpp:
534         (WebCore::ContentSecurityPolicySourceList::isProtocolAllowedByStar):
535
536 2016-06-16  Chris Dumez  <cdumez@apple.com>
537
538         Add HTTPHeaderMap::set() overload taking a NSString*
539         https://bugs.webkit.org/show_bug.cgi?id=158857
540
541         Reviewed by Darin Adler.
542
543         Add HTTPHeaderMap::set() overloading taking a NSString* in addition to
544         the one taking a CFStringRef. It is useful for the Cocoa implementation
545         of ResourceRequest::doUpdateResourceRequest().
546
547         * platform/network/HTTPHeaderMap.h:
548         (WebCore::HTTPHeaderMap::set):
549
550 2016-06-16  Joseph Pecoraro  <pecoraro@apple.com>
551
552         Web Inspector: console.profile should use the new Sampling Profiler
553         https://bugs.webkit.org/show_bug.cgi?id=153499
554         <rdar://problem/24352431>
555
556         Reviewed by Timothy Hatcher.
557
558         Test: inspector/timeline/setInstruments-programmatic-capture.html
559
560         * inspector/InspectorTimelineAgent.cpp:
561         (WebCore::InspectorTimelineAgent::startFromConsole):
562         (WebCore::InspectorTimelineAgent::stopFromConsole):
563         (WebCore::InspectorTimelineAgent::mainFrameStartedLoading):
564         (WebCore::InspectorTimelineAgent::startProgrammaticCapture):
565         (WebCore::InspectorTimelineAgent::stopProgrammaticCapture):
566         (WebCore::InspectorTimelineAgent::toggleInstruments):
567         (WebCore::InspectorTimelineAgent::toggleScriptProfilerInstrument):
568         (WebCore::InspectorTimelineAgent::toggleHeapInstrument):
569         (WebCore::InspectorTimelineAgent::toggleMemoryInstrument):
570         (WebCore::InspectorTimelineAgent::toggleTimelineInstrument):
571         * inspector/InspectorTimelineAgent.h:
572         Web implementation of console.profile/profileEnd.
573         Make helpers for startings / stopping instruments.
574
575 2016-06-16  John Wilander  <wilander@apple.com>
576
577         Restrict security origin inheritance to empty, about:blank, and about:srcdoc URLs
578         https://bugs.webkit.org/show_bug.cgi?id=158855
579         <rdar://problem/26142632>
580
581         Reviewed by Alex Christensen.
582
583         Tests: http/tests/dom/window-open-about-blank-and-access-document.html
584                http/tests/dom/window-open-about-webkit-org-and-access-document.html
585
586         Document.cpp previously checked whether a document should inherit its owner's 
587         security origin by checking if the URL is either empty or blank. URL.cpp in 
588         turn only checks if the protocol is "about:" in the isBlankURL() function. 
589         Thus all about:* URLs inherited security origin. This patch restricts 
590         security origin inheritance to empty, about:blank, and about:srcdoc URLs.
591
592         Quotes and links from the WHATWG spec regarding about:srcdoc:
593
594         7.1 Browsing contexts
595         A browsing context can have a creator browsing context, the browsing context 
596         that was responsible for its creation. If a browsing context has a parent 
597         browsing context, then that is its creator browsing context. Otherwise, if the 
598         browsing context has an opener browsing context, then that is its creator 
599         browsing context. Otherwise, the browsing context has no creator browsing 
600         context.
601         https://html.spec.whatwg.org/multipage/browsers.html#concept-document-bc
602
603         7.1.1 Nested browsing contexts
604         Certain elements (for example, iframe elements) can instantiate further 
605         browsing contexts. These are called nested browsing contexts. If a browsing 
606         context P has a Document D with an element E that nests another browsing 
607         context C inside it, then C is said to be nested through D, and E is said to 
608         be the browsing context container of C. If the browsing context container 
609         element E is in the Document D, then P is said to be the parent browsing 
610         context of C and C is said to be a child browsing context of P. Otherwise, 
611         the nested browsing context C has no parent browsing context.
612         https://html.spec.whatwg.org/multipage/browsers.html#nested-browsing-context
613
614         4.8.5 The iframe element
615         The iframe element represents a nested browsing context.
616         ...
617         If the srcdoc attribute is specified
618             Navigate the element's child browsing context to a new response whose 
619             url list consists of about:srcdoc ...
620         https://html.spec.whatwg.org/multipage/embedded-content.html#attr-iframe-srcdoc
621
622         * dom/Document.cpp:
623         (WebCore::Document::initSecurityContext):
624             Now uses the URL::shouldInheritSecurityOriginFromOwner() function instead.
625         (WebCore::Document::initContentSecurityPolicy):
626             Now uses the URL::shouldInheritSecurityOriginFromOwner() function instead.
627         (WebCore::shouldInheritSecurityOriginFromOwner): Deleted.
628             Moved to URL::shouldInheritSecurityOriginFromOwner() and restricted the check.
629         * platform/URL.cpp:
630         (WebCore::URL::shouldInheritSecurityOriginFromOwner):
631         * platform/URL.h:
632             Moved the function from Document and restricted the check to only allow
633             security origin inheritance for empty, about:blank, and about:srcdoc URLs.
634
635 2016-06-16  Simon Fraser  <simon.fraser@apple.com>
636
637         [iOS] Focus event dispatched in iframe causes parent document to scroll incorrectly
638         https://bugs.webkit.org/show_bug.cgi?id=158629
639         rdar://problem/26521616
640
641         Reviewed by Enrica Casucci.
642
643         When focussing elements in iframes, the page could scroll to an incorrect location.
644         This happened because code in Element::focus() tried to disable scrolling on focus,
645         but did so only for the current frame, so ancestor frames got programmatically scrolled.
646         On iOS we handle the scrolling in the UI process, so never want the web process to
647         do programmatic scrolling.
648
649         Fix by changing the focus and cache restore code to use SelectionRevealMode::DoNotReveal,
650         rather than manually prohibiting frame scrolling.
651
652         Tests: fast/forms/ios/focus-input-in-iframe.html
653                fast/forms/ios/programmatic-focus-input-in-iframe.html
654
655         * dom/Element.cpp:
656         (WebCore::Element::focus):
657         * history/CachedPage.cpp:
658         (WebCore::CachedPage::restore):
659
660 2016-06-16  Zalan Bujtas  <zalan@apple.com>
661
662         [New Block-Inside-Inline Model] Do not attempt to re-run margin collapsing on the block sequence.
663         https://bugs.webkit.org/show_bug.cgi?id=158854
664
665         Reviewed by David Hyatt.
666
667         Test: fast/block/inside-inlines/crash-on-first-line-change.html
668
669         * rendering/RenderBlockLineLayout.cpp:
670         (WebCore::RenderBlockFlow::marginCollapseLinesFromStart):
671
672 2016-06-16  Ting-Wei Lan  <lantw44@gmail.com>
673
674         Include cstdlib before using std::atexit
675         https://bugs.webkit.org/show_bug.cgi?id=158681
676
677         Reviewed by Brent Fulgham.
678
679         * platform/graphics/PlatformDisplay.cpp:
680
681 2016-06-16  Chris Dumez  <cdumez@apple.com>
682
683         Use StringView::toAtomicString() in HTMLImageElement::setBestFitURLAndDPRFromImageCandidate()
684         https://bugs.webkit.org/show_bug.cgi?id=158853
685
686         Reviewed by Brent Fulgham.
687
688         Use StringView::toAtomicString() in HTMLImageElement::setBestFitURLAndDPRFromImageCandidate()
689         as m_bestFitImageURL data member is an AtomicString. This avoids constructing a String and
690         then atomizing it.
691
692         * html/HTMLImageElement.cpp:
693         (WebCore::HTMLImageElement::setBestFitURLAndDPRFromImageCandidate):
694
695 2016-06-16  Benjamin Poulain  <bpoulain@apple.com>
696
697         :in-range & :out-of-range CSS pseudo-classes shouldn't match inputs without range limitations
698         https://bugs.webkit.org/show_bug.cgi?id=156558
699
700         Reviewed by Simon Fraser.
701
702         The pseudo selectors :in-range and :out-of-range should only
703         apply if:
704         -minimum/maximum are defined for the input type
705         -the input value is/is-not suffering from underflow/overflow.
706
707         Only certain types have a valid minimum and maximum:
708         -number
709         -range
710         -date
711         -month
712         -week
713         -time
714         -datetime-local
715
716         Of those, only one has a default minimum and maximum: range.
717         For all the others, the minimum or maximum is only defined
718         if the min/max attribute is defined and valid.
719
720         This patch addresses these constraints for number and range.
721         The date types range validation is severely broken and is
722         left untouched. It really needs a clean rewrite.
723
724         Tests: fast/css/pseudo-in-range-basics.html
725                fast/css/pseudo-in-range-out-of-range-trivial.html
726                fast/css/pseudo-out-of-range-basics.html
727
728         * html/DateInputType.cpp:
729         (WebCore::DateInputType::createStepRange):
730         * html/DateTimeInputType.cpp:
731         (WebCore::DateTimeInputType::createStepRange):
732         * html/DateTimeLocalInputType.cpp:
733         (WebCore::DateTimeLocalInputType::createStepRange):
734         * html/InputType.cpp:
735         (WebCore::InputType::isInRange):
736         (WebCore::InputType::isOutOfRange):
737         Notice the isEmpty() shortcut.
738         A value can only overflow/underflow if it is not empty.
739
740         * html/MonthInputType.cpp:
741         (WebCore::MonthInputType::createStepRange):
742         * html/NumberInputType.cpp:
743         (WebCore::NumberInputType::createStepRange):
744         * html/RangeInputType.cpp:
745         (WebCore::RangeInputType::createStepRange):
746         * html/StepRange.cpp:
747         (WebCore::StepRange::StepRange):
748         * html/StepRange.h:
749         (WebCore::StepRange::hasRangeLimitations):
750         * html/WeekInputType.cpp:
751         (WebCore::WeekInputType::createStepRange):
752
753 2016-06-16  Anders Carlsson  <andersca@apple.com>
754
755         Fix macOS Sierra build
756         https://bugs.webkit.org/show_bug.cgi?id=158849
757
758         Reviewed by Tim Horton.
759
760         Add WebCore:: qualifiers for IOSurface, to avoid conflicts with the IOSurface Objective-C class.
761         
762         Also, add an asLayerContents() getter that will return an id that's suitable for setting 
763         as the contents of a CALayer.
764
765         * platform/graphics/cocoa/IOSurface.h:
766         * platform/graphics/cocoa/IOSurface.mm:
767
768 2016-06-16  Andreas Kling  <akling@apple.com>
769
770         REGRESSION(r196217): 3% JSBench regression on iPhone 5.
771         <https://webkit.org/b/158848>
772         <rdar://problem/26609622>
773
774         Unreviewed rollout.
775
776         Don't jettison linked code on every top-level navigation as that was hurting JSBench on iPhone 5.
777
778         * loader/FrameLoader.cpp:
779         (WebCore::FrameLoader::commitProvisionalLoad):
780
781 2016-06-16  Adam Bergkvist  <adam.bergkvist@ericsson.com>
782
783         WebRTC: Check type of this in RTCPeerConnection JS built-in functions
784         https://bugs.webkit.org/show_bug.cgi?id=151303
785
786         Reviewed by Youenn Fablet.
787
788         Check type of 'this' in RTCPeerConnection JS built-in functions.
789
790         Test: fast/mediastream/RTCPeerConnection-js-built-ins-check-this.html
791
792         * Modules/mediastream/RTCPeerConnection.js:
793         (createOffer):
794         (createAnswer):
795         (setLocalDescription):
796         (setRemoteDescription):
797         (addIceCandidate):
798         (getStats):
799         Reject if 'this' isn't of type RTCPeerConnection.
800         * Modules/mediastream/RTCPeerConnectionInternals.js:
801         (isRTCPeerConnection):
802         Add helper function to perform type check. Needs further robustifying.
803
804 2016-06-16  Myles C. Maxfield  <mmaxfield@apple.com>
805
806         Sporadic crash in HashTableAddResult following CSSValuePool::createFontFamilyValue
807         https://bugs.webkit.org/show_bug.cgi?id=158297
808
809         Reviewed by Darin Adler.
810
811         In an effort to reduce the flash of unstyled content, we force all elements
812         to have display: none during an external stylesheet load. We do this by
813         ignoring the CSS cascade and forcing all elements to have a placeholder style
814         which hardcodes display: none. (This is necessary to make elements created by
815         script during the stylesheet load not flash.)
816
817         This style is exposed to web content via getComputedStyle(), which means it
818         needs to maintain the invariant that font-families can never be null strings.
819         We enforce this by forcing the font-family to be the standard font name.
820
821         Test: fast/text/placeholder-renderstyle-null-font.html
822
823         * style/StyleTreeResolver.cpp:
824         (WebCore::Style::ensurePlaceholderStyle):
825
826 2016-06-16  Chris Dumez  <cdumez@apple.com>
827
828         Avoid some temporary String allocations for common HTTP headers in ResourceResponse::platformLazyInit()
829         https://bugs.webkit.org/show_bug.cgi?id=158827
830
831         Reviewed by Darin Adler.
832
833         Add a HTTPHeaderMap::set() overload taking in a CFStringRef. The
834         implementation has a fast path which gets the internal characters
835         of the CFStringRef when possible and constructs a StringView for
836         it in order to call findHTTPHeaderName(). As a result, we avoid
837         allocating a temporary String when findHTTPHeaderName() succeeds.
838
839         This new HTTPHeaderMap::set() overload is called from both the
840         CF and Cocoa implementations of ResourceResponse::platformLazyInit().
841
842         I have confirmed locally on both Mac and iOS that the fast path
843         is used ~93% of the time. CFStringGetCStringPtr() returns null in
844         rare cases, causing the regular code path to be used.
845
846         * platform/network/HTTPHeaderMap.cpp:
847         (WebCore::HTTPHeaderMap::set):
848         * platform/network/HTTPHeaderMap.h:
849
850 2016-06-15  Zalan Bujtas  <zalan@apple.com>
851
852         Decouple the percent height and positioned descendants maps.
853         https://bugs.webkit.org/show_bug.cgi?id=158773
854
855         Reviewed by David Hyatt and Chris Dumez.
856
857         We track renderers with percent height across multiple containers using
858         HashMap<const RenderBox*, std::unique_ptr<HashSet<const RenderBlock*>>>.
859         We also use the same data structure to track positioned descendants.
860         However a positioned renderer can have only one containing block so tracking it
861         with a 1:many type is defective.
862         It allows multiple inserts for positioned descendants, which could lead to
863         inconsistent layout state as the rendering logic expects these type of renderers
864         with only one containing block.
865         This patch decouples percent height and positioned tracking by introducing
866         the PositionedDescendantsMap class. This class is responsible for tracking
867         the positioned descendants inbetween layouts.
868
869         No change in functionality.
870
871         Tests: fast/block/positioning/change-containing-block-for-absolute-positioned.html
872                fast/block/positioning/change-containing-block-for-fixed-positioned.html
873
874         * rendering/RenderBlock.cpp:
875         (WebCore::insertIntoTrackedRendererMaps):
876         (WebCore::removeFromTrackedRendererMaps):
877         (WebCore::PositionedDescendantsMap::addDescendant): Add more defensive ASSERT_NOT_REACHED
878         to the double insert branch when webkit.org/b/158772 gets fixed.
879         (WebCore::PositionedDescendantsMap::removeDescendant):
880         (WebCore::PositionedDescendantsMap::removeContainingBlock):
881         (WebCore::PositionedDescendantsMap::positionedRenderers):
882         (WebCore::positionedDescendantsMap):
883         (WebCore::removeBlockFromPercentageDescendantAndContainerMaps):
884         (WebCore::RenderBlock::~RenderBlock):
885         (WebCore::RenderBlock::positionedObjects):
886         (WebCore::RenderBlock::insertPositionedObject):
887         (WebCore::RenderBlock::removePositionedObject):
888         (WebCore::RenderBlock::addPercentHeightDescendant):
889         (WebCore::RenderBlock::removePercentHeightDescendant):
890         (WebCore::RenderBlock::percentHeightDescendants):
891         (WebCore::RenderBlock::checkPositionedObjectsNeedLayout):
892         (WebCore::removeBlockFromDescendantAndContainerMaps): Deleted.
893         * rendering/RenderBlock.h:
894
895 2016-06-15  David Kilzer  <ddkilzer@apple.com>
896
897         Move SoftLinking.h to platform/cococa from platform/mac
898         <https://webkit.org/b/158825>
899
900         Reviewed by Andy Estes.
901
902         * PlatformMac.cmake: Update for new directory.
903         * WebCore.xcodeproj/project.pbxproj: Ditto.
904         * platform/cocoa/SoftLinking.h: Renamed from Source/WebCore/platform/mac/SoftLinking.h.
905
906 2016-06-15  Chris Dumez  <cdumez@apple.com>
907
908         [Cocoa] Clean up / optimize ResourceResponse::platformLazyInit(InitLevel)
909         https://bugs.webkit.org/show_bug.cgi?id=158809
910
911         Reviewed by Darin Adler.
912
913         Clean up / optimize ResourceResponse::platformLazyInit(InitLevel).
914
915         * platform/network/HTTPParsers.cpp:
916         (WebCore::extractReasonPhraseFromHTTPStatusLine):
917         * platform/network/HTTPParsers.h:
918         Have extractReasonPhraseFromHTTPStatusLine() return an AtomicString as the
919         Reason is stored as an AtomicString on ResourceResponse. Have the
920         implementation use StringView::subString()::toAtomicString().
921
922         * platform/network/cocoa/ResourceResponseCocoa.mm:
923         (WebCore::stripLeadingAndTrailingDoubleQuote):
924         Move the stripLeadingAndTrailingDoubleQuote logic from platformLazyInit()
925         to its own function. Have it use StringView::subString()::toAtomicString()
926         to avoid unnecessarily atomizing the textEncodingName that has surrounding
927         double-quotes.
928
929         (WebCore::initializeHTTPHeaders):
930         Move HTTP headers initialization to its own function for clarity.
931
932         (WebCore::extractHTTPStatusText):
933         Move HTTP status Text extraction to its own function for clarity.
934
935         (WebCore::ResourceResponse::platformLazyInit):
936         - The function is streamlined a bit because most of the logic was moved
937           into separate functions.
938         - Drop unnecessary (initLevel >= CommonFieldsOnly) check in the first
939           if case and replace with an assertion. This function is always called
940           with CommonFieldsOnly or above (AllFields).
941         - Drop unnecessary (m_initLevel < AllFields) check in the second if
942           case as this is always true. If not, we would have returned early
943           at the beginning of the function when checking
944           m_initLevel >= initLevel.
945         - Use AutodrainedPool instead of NSAutoreleasePool for convenience and have
946           only 1 pool instead of 2.
947         - Drop unnecessary copyNSURLResponseStatusLine() function and call directly
948           CFHTTPMessageCopyResponseStatusLine() since we already have a
949           CFHTTPMessageRef at the call site.
950
951 2016-06-15  Tim Horton  <timothy_horton@apple.com>
952
953         <attachment> elements jump around a lot around when subtitle text changes slightly
954         https://bugs.webkit.org/show_bug.cgi?id=158818
955         <rdar://problem/24450270>
956
957         Reviewed by Simon Fraser.
958
959         Test: fast/attachment/attachment-subtitle-resize.html
960
961         * rendering/RenderAttachment.cpp:
962         (WebCore::RenderAttachment::layout):
963         * rendering/RenderAttachment.h:
964         * rendering/RenderThemeMac.mm:
965         (WebCore::AttachmentLayout::AttachmentLayout):
966         (WebCore::RenderThemeMac::paintAttachment):
967         In order to avoid changes to the centered subtitle text causing the whole
968         attachment to bounce around a lot, make it so that attachment width can only
969         increase, never decrease, and round the subtitle's width up to the nearest
970         increment of 10px when determining its affect on the whole element's width.
971         Also, center the attachment in its element, instead of left-aligning it,
972         so that the extra width we may have is evenly distributed between the two sides.
973
974 2016-06-15  Ryan Haddad  <ryanhaddad@apple.com>
975
976         Reset bindings test results after r202105
977
978         Unreviewed test gardening.
979
980         * bindings/scripts/test/JS/JSTestObj.cpp:
981
982 2016-06-15  Adam Bergkvist  <adam.bergkvist@ericsson.com>
983
984         WebRTC: (Refactor) Align the structure of RTCPeerConnection.idl with the header file
985         https://bugs.webkit.org/show_bug.cgi?id=158779
986
987         Reviewed by Eric Carlson.
988
989         Restructure RTCPeerConnection.idl to make it easer to read and extend in the future.
990
991         No change in behavior.
992
993         * Modules/mediastream/RTCPeerConnection.idl:
994
995 2016-06-15  Chris Dumez  <cdumez@apple.com>
996
997         Drop some unnecessary header includes
998         https://bugs.webkit.org/show_bug.cgi?id=158788
999
1000         Reviewed by Alexey Proskuryakov.
1001
1002         Drop some unnecessary header includes in headers to speed up build time.
1003
1004         * Modules/encryptedmedia/MediaKeySession.cpp:
1005         * Modules/gamepad/GamepadManager.cpp:
1006         * Modules/indexeddb/IDBDatabase.cpp:
1007         * Modules/indexeddb/IDBOpenDBRequest.cpp:
1008         * Modules/indexeddb/IDBRequest.cpp:
1009         * Modules/indexeddb/IDBTransaction.cpp:
1010         * Modules/mediasource/MediaSource.cpp:
1011         * Modules/mediasource/SourceBuffer.cpp:
1012         * Modules/mediasource/SourceBufferList.cpp:
1013         * Modules/mediastream/MediaStream.cpp:
1014         * Modules/mediastream/MediaStreamTrack.cpp:
1015         * Modules/speech/SpeechSynthesis.cpp:
1016         * Modules/webaudio/AudioScheduledSourceNode.cpp:
1017         * Modules/webaudio/ScriptProcessorNode.cpp:
1018         * bindings/scripts/CodeGeneratorJS.pm:
1019         (GenerateImplementation):
1020         * dom/CharacterData.cpp:
1021         * dom/ContainerNode.cpp:
1022         * dom/DOMNamedFlowCollection.cpp:
1023         * dom/DeviceMotionController.cpp:
1024         * dom/DeviceOrientationController.cpp:
1025         * dom/Document.cpp:
1026         * dom/Document.h:
1027         * dom/DocumentEventQueue.cpp:
1028         * dom/DocumentOrderedMap.h:
1029         * dom/Element.cpp:
1030         * dom/Event.cpp:
1031         * dom/EventDispatcher.cpp:
1032         * dom/EventTarget.cpp:
1033         * dom/EventTarget.h:
1034         * dom/KeyboardEvent.cpp:
1035         * dom/MessageEvent.cpp:
1036         * dom/MessagePort.cpp:
1037         * dom/ScriptElement.cpp:
1038         * dom/ScriptExecutionContext.cpp:
1039         * dom/ScriptExecutionContext.h:
1040         * dom/SecurityContext.h:
1041         * dom/SimulatedClick.cpp:
1042         * dom/TextEvent.cpp:
1043         * dom/WebKitNamedFlow.cpp:
1044         * editing/FrameSelection.cpp:
1045         * fileapi/FileReader.cpp:
1046         * html/HTMLLinkElement.cpp:
1047         * html/HTMLPlugInImageElement.cpp:
1048         * html/HTMLStyleElement.cpp:
1049         * html/HTMLSummaryElement.cpp:
1050         * html/HTMLTrackElement.cpp:
1051         * html/HTMLVideoElement.cpp:
1052         * html/InputType.cpp:
1053         * html/MediaController.cpp:
1054         * html/TextFieldInputType.cpp:
1055         * html/canvas/WebGLRenderingContextBase.cpp:
1056         * html/parser/HTMLScriptRunner.cpp:
1057         * html/shadow/MediaControlElementTypes.cpp:
1058         * html/shadow/MediaControls.cpp:
1059         * html/shadow/MediaControlsApple.cpp:
1060         * html/shadow/SliderThumbElement.cpp:
1061         * html/shadow/mac/ImageControlsButtonElementMac.cpp:
1062         * inspector/InspectorIndexedDBAgent.cpp:
1063         * loader/DocumentLoader.cpp:
1064         * loader/ImageLoader.cpp:
1065         * loader/PolicyChecker.cpp:
1066         * mathml/MathMLSelectElement.cpp:
1067         * page/DOMWindow.h:
1068         * page/EventSource.cpp:
1069         * page/FrameView.cpp:
1070         * page/Performance.cpp:
1071         * page/csp/ContentSecurityPolicy.cpp:
1072         * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
1073         * platform/network/HTTPHeaderMap.h:
1074         * platform/network/ResourceHandle.cpp:
1075         * rendering/RenderEmbeddedObject.cpp:
1076         * rendering/RenderSnapshottedPlugIn.cpp:
1077         * svg/SVGSVGElement.cpp:
1078         * svg/SVGUseElement.cpp:
1079         * svg/animation/SVGSMILElement.cpp:
1080         * workers/WorkerGlobalScope.h:
1081         * xml/XMLHttpRequest.cpp:
1082         * xml/XMLHttpRequestProgressEventThrottle.cpp:
1083         * xml/XMLHttpRequestUpload.cpp:
1084
1085 2016-06-15  Antti Koivisto  <antti@apple.com>
1086
1087         GoogleMaps transit schedule explorer comes up blank initially
1088         https://bugs.webkit.org/show_bug.cgi?id=158803
1089         rdar://problem/25818080
1090
1091         Reviewed by Andreas Kling.
1092
1093         In case we had something like
1094
1095         .foo bar { ... }
1096
1097         and later a new stylesheet was added dynamically that contained
1098
1099         .foo baz { ... }
1100
1101         we would fail to add the new rules to the descendant invalidation rule sets for ".foo". This could
1102         cause some style invalidations to be missed.
1103
1104         * css/DocumentRuleSets.cpp:
1105         (WebCore::DocumentRuleSets::collectFeatures):
1106
1107         Reset the ancestorClassRules and ancestorAttributeRulesForHTML rule set caches when new style sheets
1108         are added (==collectFeatures is called).
1109
1110 2016-06-15  Javier Fernandez  <jfernandez@igalia.com>
1111
1112         [css-sizing] Item borders are missing with 'min-width:-webkit-fill-available' and zero available width
1113         https://bugs.webkit.org/show_bug.cgi?id=158258
1114
1115         Reviewed by Darin Adler.
1116
1117         The "fill-available" size is defined as the containing block's size less
1118         the box's border and padding size. However, when used for min-width we
1119         should ensure we don't get negative values as result of logical width
1120         computation.
1121
1122         http://www.w3.org/TR/css-sizing-3/#fill-available-sizing
1123
1124         This patch ensure fill-available value computed value will be always
1125         greater than box's boder and padding width.
1126
1127         Test: fast/css-intrinsic-dimensions/fill-available-with-zero-width.html
1128
1129         * rendering/RenderBox.cpp:
1130         (WebCore::RenderBox::computeIntrinsicLogicalWidthUsing):
1131
1132 2016-06-15  Alex Christensen  <achristensen@webkit.org>
1133
1134         Fix 2d canvas transform after r192900
1135         https://bugs.webkit.org/show_bug.cgi?id=158725
1136         rdar://problem/26774230
1137
1138         Reviewed by Dean Jackson.
1139
1140         Test: fast/canvas/canvas-transform-inverse.html
1141
1142         * html/canvas/CanvasRenderingContext2D.cpp:
1143         (WebCore::CanvasRenderingContext2D::transform):
1144         r192900 was intended to have no change in behavior, but I made a typo.
1145         We need to apply the inverse of the original transform to the path to be correct.
1146         This affects transforms applied to the canvas during the creation of a path.
1147
1148 2016-06-15  Eric Carlson  <eric.carlson@apple.com>
1149
1150         [iOS] Make HTMLMediaElement.muted mutable
1151         https://bugs.webkit.org/show_bug.cgi?id=158787
1152         <rdar://problem/24452567>
1153
1154         Reviewed by Dean Jackson.
1155
1156         Tests: media/audio-playback-restriction-removed-muted.html
1157                media/audio-playback-restriction-removed-track-enabled.html
1158
1159         * html/HTMLMediaElement.cpp:
1160         (WebCore::HTMLMediaElement::audioTrackEnabledChanged): Remove most behavior restrictions if
1161           the track state was changed as a result of a user gesture.
1162         (WebCore::HTMLMediaElement::setMuted): Ditto.
1163         (WebCore::HTMLMediaElement::removeBehaviorsRestrictionsAfterFirstUserGesture): Add mask 
1164           parameter so caller can choose which restrictions are removed.
1165         * html/HTMLMediaElement.h:
1166
1167         * html/MediaElementSession.cpp:
1168         (WebCore::restrictionName): Drive-by fix: remove duplicate label.
1169         * html/MediaElementSession.h:
1170
1171         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
1172         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
1173         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayer): Set muted on AVPlayer if setMuted
1174           was called before the player was created.
1175         (WebCore::MediaPlayerPrivateAVFoundationObjC::setVolume): Drive-by fix: return early if there
1176           is no AVPlayer, not if we won't have metadata yet.
1177         (WebCore::MediaPlayerPrivateAVFoundationObjC::setMuted): New.
1178
1179 2016-06-15  Romain Bellessort  <romain.bellessort@crf.canon.fr>
1180
1181         Enabling Shadow DOM for all platforms
1182         https://bugs.webkit.org/show_bug.cgi?id=158738
1183
1184         Reviewed by Ryosuke Niwa.
1185
1186         No new tests (no new behavior to be tested).
1187
1188         Removed Shadow DOM from options (enabled by default)
1189         (comprises removal of corresponding preprocessor directives)
1190
1191         * Configurations/FeatureDefines.xcconfig:
1192         * DerivedSources.make:
1193         * bindings/generic/RuntimeEnabledFeatures.h:
1194         * bindings/js/JSDocumentFragmentCustom.cpp:
1195         * bindings/js/JSNodeCustom.cpp:
1196         * css/CSSGrammar.y.in:
1197         * css/CSSParser.cpp:
1198         * css/CSSParserValues.cpp:
1199         * css/CSSParserValues.h:
1200         * css/CSSSelector.cpp:
1201         * css/CSSSelector.h:
1202         * css/ElementRuleCollector.cpp:
1203         * css/ElementRuleCollector.h:
1204         * css/RuleSet.cpp:
1205         * css/RuleSet.h:
1206         * css/SelectorChecker.cpp:
1207         * css/SelectorChecker.h:
1208         * css/SelectorPseudoClassAndCompatibilityElementMap.in:
1209         * css/StyleResolver.cpp:
1210         * cssjit/SelectorCompiler.cpp:
1211         * dom/ComposedTreeAncestorIterator.h:
1212         * dom/ComposedTreeIterator.cpp:
1213         * dom/ComposedTreeIterator.h:
1214         * dom/ContainerNode.cpp:
1215         * dom/Document.cpp:
1216         * dom/Document.h:
1217         * dom/Element.cpp:
1218         * dom/Element.h:
1219         * dom/Element.idl:
1220         * dom/Event.idl:
1221         * dom/EventPath.cpp:
1222         * dom/Node.cpp:
1223         * dom/Node.h:
1224         * dom/NonDocumentTypeChildNode.idl:
1225         * dom/ShadowRoot.cpp:
1226         * dom/ShadowRoot.h:
1227         * dom/ShadowRoot.idl:
1228         * dom/SlotAssignment.cpp:
1229         * dom/SlotAssignment.h:
1230         * html/HTMLSlotElement.cpp:
1231         * html/HTMLSlotElement.h:
1232         * html/HTMLSlotElement.idl:
1233         * html/HTMLTagNames.in:
1234         * page/FocusController.cpp:
1235         * style/StyleSharingResolver.cpp:
1236         * style/StyleTreeResolver.cpp:
1237
1238 2016-06-15  Andreas Kling  <akling@apple.com>
1239
1240         [Cocoa] Add two notify listeners for poking the garbage collector.
1241         <https://webkit.org/b/158783>
1242
1243         Reviewed by Antti Koivisto.
1244
1245         Add two new notify listeners:
1246
1247         - com.apple.WebKit.fullGC
1248
1249             Trigger a full garbage collection in the main WebCore VM immediately.
1250
1251         - com.apple.WebKit.deleteAllCode
1252
1253             Throw away all of JSC's linked and unlinked code, and do a full GC.
1254
1255         These will make it easier to diagnose memory growth issues by having a lever that
1256         eliminates many of the large object graphs without going after behavior-changing things
1257         like the memory cache.
1258
1259         * platform/MemoryPressureHandler.cpp:
1260         (WebCore::MemoryPressureHandler::platformInitialize):
1261         * platform/MemoryPressureHandler.h:
1262         * platform/cocoa/MemoryPressureHandlerCocoa.mm:
1263         (WebCore::MemoryPressureHandler::platformInitialize):
1264
1265 2016-06-15  Antti Koivisto  <antti@apple.com>
1266
1267         Vary:Cookie validation doesn't work in private browsing
1268         https://bugs.webkit.org/show_bug.cgi?id=158616
1269         <rdar://problem/26755067>
1270
1271         Reviewed by Andreas Kling.
1272
1273         There wasn't a way to get cookie based on SessionID from WebCore.
1274
1275         * platform/CookiesStrategy.h:
1276
1277             Add a cookie retrival function that takes SessionID instead of NetworkStorageSession.
1278
1279         * platform/network/CacheValidation.cpp:
1280         (WebCore::headerValueForVary):
1281
1282             Use it.
1283
1284         (WebCore::verifyVaryingRequestHeaders):
1285
1286 2016-06-15  Per Arne Vollan  <pvollan@apple.com>
1287
1288         [Win] The test accessibility/selected-text-range-aria-elements.html is failing.
1289         https://bugs.webkit.org/show_bug.cgi?id=158732
1290
1291         Reviewed by Brent Fulgham.
1292
1293         Implement support for getting selected text range.
1294
1295         * accessibility/win/AccessibilityObjectWrapperWin.cpp:
1296         (WebCore::AccessibilityObjectWrapper::accessibilityAttributeValue):
1297
1298 2016-06-14  Myles C. Maxfield  <mmaxfield@apple.com>
1299
1300         Addressing post-review comments after r201971
1301         https://bugs.webkit.org/show_bug.cgi?id=158450
1302
1303         Unreviewed.
1304
1305         * css/CSSFontFaceSet.cpp:
1306         (WebCore::CSSFontFaceSet::add):
1307         (WebCore::CSSFontFaceSet::remove):
1308
1309 2016-06-14  Myles C. Maxfield  <mmaxfield@apple.com>
1310
1311         Honor bidi unicode codepoints
1312         https://bugs.webkit.org/show_bug.cgi?id=149170
1313         <rdar://problem/26527378>
1314
1315         Reviewed by Simon Fraser.
1316
1317         BidiResolver doesn't have any concept of isolate Unicode code points, so produces
1318         unexpected output when they are present. Fix by considering such code points as
1319         whitespace in the bidi algorithm. This is a stop-gap measure until we can support
1320         the codepoints fully in our Bidi algorithm.
1321
1322         Test: fast/text/isolate-ignore.html
1323
1324         * platform/graphics/Font.cpp:
1325         (WebCore::createAndFillGlyphPage):
1326         * platform/text/BidiResolver.h:
1327         (WebCore::Subclass>::createBidiRunsForLine):
1328
1329 2016-06-14  Antoine Quint  <graouts@apple.com>
1330
1331         [iOS] Play glyph is pixelated when the page zoom is large
1332         https://bugs.webkit.org/show_bug.cgi?id=158770
1333         <rdar://problem/26092124>
1334
1335         Reviewed by Dean Jackson.
1336
1337         Use the same technique that we use to scale the video controls by using a combination
1338         of CSS "zoom" and "transform" properties to have the video play glyph scaled at its
1339         native size regardless of page zoom.
1340
1341         * Modules/mediacontrols/mediaControlsiOS.js:
1342         (ControllerIOS.prototype.set pageScaleFactor):
1343
1344 2016-06-14  Chris Dumez  <cdumez@apple.com>
1345
1346         Regression(r201534): Compile time greatly regressed
1347         https://bugs.webkit.org/show_bug.cgi?id=158765
1348         <rdar://problem/26587342>
1349
1350         Reviewed by Darin Adler.
1351
1352         Compile time greatly regressed by r201534 due to Document.h now including
1353         TextAutoSizing.h. Move the TextAutoSizingTraits back to Document.h to
1354         restore pre-r201534 behavior.
1355
1356         * WebCore.xcodeproj/project.pbxproj:
1357         * dom/Document.cpp:
1358         (WebCore::TextAutoSizingTraits::constructDeletedValue):
1359         (WebCore::TextAutoSizingTraits::isDeletedValue):
1360         * dom/Document.h:
1361         * rendering/TextAutoSizing.h:
1362         (WebCore::TextAutoSizingTraits::constructDeletedValue): Deleted.
1363         (WebCore::TextAutoSizingTraits::isDeletedValue): Deleted.
1364
1365 2016-06-14  Antoine Quint  <graouts@apple.com>
1366
1367         Inline media controls cut off PiP and fullscreen buttons on cnn.com
1368         https://bugs.webkit.org/show_bug.cgi?id=158766
1369         <rdar://problem/24175161>
1370
1371         Reviewed by Dean Jackson.
1372
1373         The display of the picture-in-picture and fullscreen buttons are dependent on the availability
1374         of video tracks through a call to hasVideo(). We need to ensure that the display properties of
1375         both those buttons are updated when the number of video tracks has changed since the controls
1376         may be populated prior to the availability of video tracks.
1377
1378         * Modules/mediacontrols/mediaControlsApple.js:
1379         (Controller.prototype.updateHasVideo):
1380
1381 2016-06-14  Joseph Pecoraro  <pecoraro@apple.com>
1382
1383         Web Inspector: Rename Timeline.setAutoCaptureInstruments to Timeline.setInstruments
1384         https://bugs.webkit.org/show_bug.cgi?id=158762
1385
1386         Reviewed by Timothy Hatcher.
1387
1388         Test: inspector/timeline/setInstruments-errors.html
1389
1390         * inspector/InspectorTimelineAgent.cpp:
1391         (WebCore::InspectorTimelineAgent::willDestroyFrontendAndBackend):
1392         (WebCore::InspectorTimelineAgent::setInstruments):
1393         (WebCore::InspectorTimelineAgent::mainFrameStartedLoading):
1394         (WebCore::InspectorTimelineAgent::setAutoCaptureInstruments): Deleted.
1395         * inspector/InspectorTimelineAgent.h:
1396
1397 2016-06-14  Dean Jackson  <dino@apple.com>
1398
1399         decompose4 return value is unchecked, leading to potentially uninitialized data.
1400         https://bugs.webkit.org/show_bug.cgi?id=158761
1401         <rdar://problem/17526268>
1402
1403         Reviewed by Simon Fraser.
1404
1405         WebCore::decompose4 could return early without initializing data.
1406         I now initialize it, but I also started checking the return
1407         value at all the call sites to make sure everything is sensible.
1408
1409         Test: transforms/undecomposable.html
1410
1411         * platform/graphics/transforms/PerspectiveTransformOperation.cpp:
1412         (WebCore::PerspectiveTransformOperation::blend):
1413         * platform/graphics/transforms/RotateTransformOperation.cpp:
1414         (WebCore::RotateTransformOperation::blend):
1415         * platform/graphics/transforms/TransformationMatrix.cpp:
1416         (WebCore::decompose4):
1417         (WebCore::TransformationMatrix::blend4):
1418         * platform/graphics/transforms/TransformationMatrix.h:
1419
1420 2016-06-14  Benjamin Poulain  <bpoulain@apple.com>
1421
1422         Add the unprefixed version of the pseudo element ::placeholder
1423         https://bugs.webkit.org/show_bug.cgi?id=158653
1424
1425         Reviewed by Dean Jackson.
1426
1427         Test: fast/forms/placeholder-pseudo-element-with-webkit-prefix.html
1428
1429         The pseudo element ::-webkit-input-placeholder is stupidly popular
1430         which forces other engines to support this exact name.
1431
1432         The pseudo-element spec provides a new standard name we can adopt
1433         to drop the prefix: https://drafts.csswg.org/css-pseudo-4/#placeholder-pseudo
1434
1435         This patch does just that, make ::placeholder the standard name to select
1436         the placeholder element in the shadow dom of input elements.
1437
1438         Unlike pseudo classes, we did not have any support for prefixes and aliasing.
1439         I want to keep the absurdly efficient matching we currently use for styling
1440         because style updates are more common than stylesheet updates.
1441         With that constraint in mind, the value of CSSSelector has to be the unprefixed
1442         version for both forms of input.
1443
1444         This leaves us with the problem of displaying the CSSSelector for CSSOM.
1445         To differentiate the legacy form from the standard form, I added
1446         a new type of PseudoElement: PseudoElementWebKitCustomLegacyPrefixed.
1447         When parsing, PseudoElementWebKitCustomLegacyPrefixed let us replace
1448         the original value "-webkit-input-placeholder" by the standard value.
1449         When creating the selectorText for CSSOM, PseudoElementWebKitCustomLegacyPrefixed
1450         let us replace the standard for by the legacy form.
1451
1452         * css/CSSParserValues.cpp:
1453         (WebCore::CSSParserSelector::parsePseudoElementSelector):
1454         * css/CSSSelector.cpp:
1455         (WebCore::CSSSelector::pseudoId):
1456         (WebCore::CSSSelector::selectorText):
1457         * css/CSSSelector.h:
1458         (WebCore::CSSSelector::isCustomPseudoElement):
1459         (WebCore::CSSSelector::isWebKitCustomPseudoElement):
1460         * css/SelectorChecker.cpp:
1461         (WebCore::SelectorChecker::matchRecursively):
1462         * css/SelectorPseudoElementTypeMap.in:
1463         * css/html.css:
1464         (::placeholder):
1465         (input::placeholder, isindex::placeholder):
1466         (textarea::placeholder):
1467         (::-webkit-input-placeholder): Deleted.
1468         (input::-webkit-input-placeholder, isindex::-webkit-input-placeholder): Deleted.
1469         (textarea::-webkit-input-placeholder): Deleted.
1470         * features.json:
1471         * html/shadow/TextControlInnerElements.cpp:
1472         (WebCore::TextControlPlaceholderElement::TextControlPlaceholderElement):
1473
1474 2016-06-14  Doug Russell  <d_russell@apple.com>
1475
1476         AX: Form label text should be exposed as static text if it contains only static text
1477         https://bugs.webkit.org/show_bug.cgi?id=158634
1478
1479         Reviewed by Chris Fleizach.
1480
1481         Use AccessibilityLabel to represent HTMLLabelElement to assistive technology.
1482         AccessibilityLabel::containsOnlyStaticText() searches label subtree to evaluate 
1483         if all children are static text.
1484         AccessibilityLabel::stringValue() consults containsOnlyStaticText() and returns
1485         textUnderElement() if true.
1486         WebAccessibilityObjectWrapperMac consults containsOnlyStaticText() and substitutes
1487         StaticTextRole for LabelRole if true.
1488         Cache containsOnlyStaticText() in the common case when updating children.
1489
1490         Tests: accessibility/mac/label-element-all-text-string-value.html
1491                accessibility/mac/label-element-with-link-string-value.html
1492
1493         * CMakeLists.txt:
1494         * WebCore.xcodeproj/project.pbxproj:
1495         * accessibility/AXObjectCache.cpp:
1496         (WebCore::createFromRenderer):
1497         * accessibility/AccessibilityAllInOne.cpp:
1498         * accessibility/AccessibilityLabel.cpp: Added.
1499         (WebCore::AccessibilityLabel::AccessibilityLabel):
1500         (WebCore::AccessibilityLabel::~AccessibilityLabel):
1501         (WebCore::AccessibilityLabel::create):
1502         (WebCore::AccessibilityLabel::computeAccessibilityIsIgnored):
1503         (WebCore::AccessibilityLabel::stringValue):
1504         (WebCore::childrenContainOnlyStaticText):
1505         (WebCore::AccessibilityLabel::containsOnlyStaticText):
1506         (WebCore::AccessibilityLabel::updateChildrenIfNecessary):
1507         (WebCore::AccessibilityLabel::clearChildren):
1508         (WebCore::AccessibilityLabel::insertChild):
1509         * accessibility/AccessibilityLabel.h: Added.
1510         * accessibility/AccessibilityObject.h:
1511         (WebCore::AccessibilityObject::isLabel):
1512         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
1513         (-[WebAccessibilityObjectWrapper role]):
1514
1515 2016-06-14  Commit Queue  <commit-queue@webkit.org>
1516
1517         Unreviewed, rolling out r202057.
1518         https://bugs.webkit.org/show_bug.cgi?id=158749
1519
1520         This change broke the Windows build. (Requested by ryanhaddad
1521         on #webkit).
1522
1523         Reverted changeset:
1524
1525         "Honor bidi unicode codepoints"
1526         https://bugs.webkit.org/show_bug.cgi?id=149170
1527         http://trac.webkit.org/changeset/202057
1528
1529 2016-06-14  Myles C. Maxfield  <mmaxfield@apple.com>
1530
1531         Honor bidi unicode codepoints
1532         https://bugs.webkit.org/show_bug.cgi?id=149170
1533         <rdar://problem/26527378>
1534
1535         Reviewed by Simon Fraser.
1536
1537         BidiResolver doesn't have any concept of isolate Unicode code points, so produces
1538         unexpected output when they are present. Fix by considering such code points as
1539         whitespace in the bidi algorithm. This is a stop-gap measure until we can support
1540         the codepoints fully in our Bidi algorithm.
1541
1542         Test: fast/text/isolate-ignore.html
1543
1544         * platform/graphics/Font.cpp:
1545         (WebCore::createAndFillGlyphPage):
1546         * platform/text/BidiResolver.h:
1547         (WebCore::Subclass>::createBidiRunsForLine):
1548
1549 2016-06-14  Commit Queue  <commit-queue@webkit.org>
1550
1551         Unreviewed, rolling out r200455.
1552         https://bugs.webkit.org/show_bug.cgi?id=158740
1553
1554         hangs twitter/facebook (Requested by mcatanzaro on #webkit).
1555
1556         Reverted changeset:
1557
1558         "[GStreamer] Adaptive streaming issues"
1559         https://bugs.webkit.org/show_bug.cgi?id=144040
1560         http://trac.webkit.org/changeset/200455
1561
1562 2016-06-14  Nael Ouedraogo  <nael.ouedraogo@crf.canon.fr>
1563
1564         WebRTC: RTCPeerConnection::addTrack() should throw InvalidAccessError instead of InvalidModificationError.
1565         https://bugs.webkit.org/show_bug.cgi?id=158735
1566
1567         Reviewed by Eric Carlson.
1568
1569         Throw InvalidAccessError instead of InvalidModificationError when track already exists in connection's
1570         set of senders as per specification (https://w3c.github.io/webrtc-pc/#dom-rtcpeerconnection-addtrack).
1571
1572         Updated existing test results: fast/mediastream/RTCPeerConnection-add-removeTrack-expected.txt
1573
1574         * Modules/mediastream/RTCPeerConnection.cpp:
1575         (WebCore::RTCPeerConnection::addTrack):
1576
1577 2016-06-14  Adam Bergkvist  <adam.bergkvist@ericsson.com>
1578
1579         WebRTC: Imlement MediaEndpointPeerConnection::addIceCandidate()
1580         https://bugs.webkit.org/show_bug.cgi?id=158690
1581
1582         Reviewed by Eric Carlson.
1583
1584         Implement MediaEndpointPeerConnection::addIceCandidate() that is the MediaEndpoint
1585         implementation of RTCPeerConnection.addIceCandidate() [1].
1586
1587         [1] https://w3c.github.io/webrtc-pc/archives/20160513/webrtc.html#dom-peerconnection-addicecandidate
1588
1589         Test: fast/mediastream/RTCPeerConnection-addIceCandidate.html
1590
1591         * Modules/mediastream/MediaEndpointPeerConnection.cpp:
1592         (WebCore::MediaEndpointPeerConnection::addIceCandidate):
1593         (WebCore::MediaEndpointPeerConnection::addIceCandidateTask):
1594         Implemented.
1595         * Modules/mediastream/MediaEndpointPeerConnection.h:
1596         * platform/mediastream/MediaEndpoint.h:
1597         Use mid instead of mdescIndex to identify the target media description in the backend.
1598         * platform/mock/MockMediaEndpoint.cpp:
1599         Update mock method signature accordingly.
1600         (WebCore::MockMediaEndpoint::addRemoteCandidate):
1601         * platform/mock/MockMediaEndpoint.h:
1602
1603 2016-06-14  Zalan Bujtas  <zalan@apple.com>
1604
1605         Make RenderBlock::insertInto/RemoveFromTrackedRendererMaps functions static.
1606         https://bugs.webkit.org/show_bug.cgi?id=158722
1607
1608         Reviewed by Simon Fraser.
1609
1610         These functions manipulate static tracker hashmaps. They don't need to be on RenderBlock.
1611         This is also in preparation for decoupling positioned descendant tracking from descendent percentage height handling.
1612         (gPositionedDescendantsMap and gPercentHeightDescendantsMap) 
1613
1614         No change in functionality.
1615
1616         * rendering/RenderBlock.cpp:
1617         (WebCore::insertIntoTrackedRendererMaps):
1618         (WebCore::removeFromTrackedRendererMaps):
1619         (WebCore::removeBlockFromDescendantAndContainerMaps):
1620         (WebCore::RenderBlock::insertPositionedObject):
1621         (WebCore::RenderBlock::addPercentHeightDescendant):
1622         (WebCore::RenderBlock::insertIntoTrackedRendererMaps): Deleted.
1623         (WebCore::RenderBlock::removeFromTrackedRendererMaps): Deleted.
1624         * rendering/RenderBlock.h:
1625
1626 2016-06-14  Adam Bergkvist  <adam.bergkvist@ericsson.com>
1627
1628         WebRTC: Add media setup test where media is set up in one direction at a time
1629         https://bugs.webkit.org/show_bug.cgi?id=158691
1630
1631         Reviewed by Eric Carlson.
1632
1633         Add test for setting up media in one direction at a time. This requires a change in sdp.js
1634         to allow an SDP that doesn't contain a stream id or track id (representing
1635         a track being sent). In this test, the first answer doesn't contain any sending media.
1636
1637         Test: fast/mediastream/RTCPeerConnection-media-setup-two-dialogs.html
1638
1639         * Modules/mediastream/sdp.js:
1640
1641 2016-06-14  Chris Dumez  <cdumez@apple.com>
1642
1643         [Cocoa] Avoid extra copy of headers dictionary in ResourceResponse::platformLazyInit()
1644         https://bugs.webkit.org/show_bug.cgi?id=158717
1645
1646         Reviewed by Alex Christensen.
1647
1648         Avoid extra copy of headers dictionary in ResourceResponse::platformLazyInit() by
1649         calling CFHTTPMessageCopyAllHeaderFields() instead of [NSURLResponse allHeaderFields].
1650
1651         CFHTTPMessageCopyAllHeaderFields() creates only 1 copy while
1652         [NSURLResponse allHeaderFields] creates 2 (see <rdar://problem/26778863>).
1653
1654         * platform/network/cocoa/ResourceResponseCocoa.mm:
1655         (WebCore::addToHTTPHeaderMap):
1656         (WebCore::ResourceResponse::platformLazyInit):
1657
1658 2016-06-14  David Kilzer  <ddkilzer@apple.com>
1659
1660         REGRESSION (r151608): Leak of QTMovieLayer or AVPlayerLayer in -[WebVideoFullscreenController setVideoElement:]
1661         <https://webkit.org/b/158729>
1662
1663         Reviewed by Eric Carlson.
1664
1665         * platform/mac/WebVideoFullscreenController.mm:
1666         (-[WebVideoFullscreenController setVideoElement:]): Use
1667         RetainPtr<> to prevent leaks.
1668         * platform/mac/WebVideoFullscreenHUDWindowController.mm:
1669         Drive-by fix to remove unused <wtf/RetainPtr.h> import.
1670
1671 2016-06-14  Nael Ouedraogo  <nael.ouedraogo@crf.canon.fr>
1672
1673         The vector of mediastreams should be passed via a reference to RTCPeerConnection::addTrack()
1674         https://bugs.webkit.org/show_bug.cgi?id=158701
1675
1676         Pass vector of mediastreams by reference.
1677
1678         Reviewed by Youenn Fablet.
1679
1680         * Modules/mediastream/RTCPeerConnection.cpp:
1681         (WebCore::RTCPeerConnection::addTrack):
1682         * Modules/mediastream/RTCPeerConnection.h:
1683
1684 2016-06-14  Ryosuke Niwa  <rniwa@webkit.org>
1685
1686         Crash inside firstPositionInNode in checkLoadCompleteForThisFrame
1687         https://bugs.webkit.org/show_bug.cgi?id=158724
1688
1689         Reviewed by Alex Christensen.
1690
1691         Added null checks for document and document element since they could be nullptr here.
1692
1693         * loader/FrameLoader.cpp:
1694         (WebCore::FrameLoader::checkLoadCompleteForThisFrame):
1695
1696 2016-06-13  Gavin & Ellie Barraclough  <barraclough@apple.com>
1697
1698         Remove hasStaticPropertyTable (part 3: JSLocation::putDelegate)
1699         https://bugs.webkit.org/show_bug.cgi?id=158431
1700
1701         Unreviewed build fix.
1702
1703         * bindings/js/JSLocationCustom.cpp:
1704         (WebCore::JSLocation::putDelegate):
1705
1706 2016-06-13  Gavin & Ellie Barraclough  <barraclough@apple.com>
1707
1708         Remove hasStaticPropertyTable (part 4: JSHTMLDocument & JSStorage)
1709         https://bugs.webkit.org/show_bug.cgi?id=158431
1710
1711         Reviewed by Chris Dumez.
1712
1713         All uses of hasStaticPropertyTable flag generated by bindings are wrong.
1714
1715         JSHTMLDocument & JSStorage contain a number of static_asserts claiming that
1716         various methods do not support static properties. These asserts were likely
1717         correct at the time they were added, as JSObject::getOwnPropertySlot and
1718         JSObject::deleteProperty did not support getting / deleting static value.
1719         This is no longer the case, and these asserts are now incorrect.
1720
1721         * bindings/js/JSHTMLDocumentCustom.cpp:
1722         (WebCore::JSHTMLDocument::getOwnPropertySlot):
1723         * bindings/js/JSStorageCustom.cpp:
1724         (WebCore::JSStorage::deleteProperty):
1725         (WebCore::JSStorage::deletePropertyByIndex):
1726         (WebCore::JSStorage::putDelegate):
1727             - remove incorrect static_asserts.
1728
1729 2016-06-13  Gavin & Ellie Barraclough  <barraclough@apple.com>
1730
1731         Remove hasStaticPropertyTable (part 3: JSLocation::putDelegate)
1732         https://bugs.webkit.org/show_bug.cgi?id=158431
1733
1734         Reviewed by Geoff Garen.
1735
1736         All uses of hasStaticPropertyTable flag generated by bindings are wrong.
1737
1738         JSLocation::putDelegate checks the static property table redundantly.
1739
1740         In the case of same origin access, if the property is not in the static
1741         table the method will call JSObject::put and return true (indicating the
1742         delegate handled the put). If the property is in the static table, the
1743         method will return false (indicating the the delegate did not handle the
1744         access) - in which case the calling function will call JSObject::put.
1745         Checking for the property in the static table is redundant - same origin
1746         access does not require any special handling, and should just always
1747         return false & let the caller handle the put.
1748
1749         In the case of cross origin access, if the property is not in the static
1750         table we return true (indicating the access was handled, and silently
1751         blocking it). If it is a static property, we check the name, and if the
1752         name is not 'href' we also return true, silently blocking. In the case
1753         that the name is 'href' we'll return false, indicating to the caller
1754         that the access was not handled by the delegate, resulting in it taking
1755         place. The additional check of the static table is redundant, since we
1756         only have special behaviour in the case of 'href'. (Moreover it is
1757         unnecesszarily fragile, since if we made a change such that 'href' was no
1758         longer implemented as a static property with would fail.)
1759
1760         - for same origin, always return false.
1761         - for cross origin, return false for 'href', otherwise return true.
1762
1763         * bindings/js/JSLocationCustom.cpp:
1764         (WebCore::JSLocation::putDelegate):
1765             - restructure & remove static table check.
1766
1767 2016-06-13  Gavin & Ellie Barraclough  <barraclough@apple.com>
1768
1769         Remove hasStaticPropertyTable (part 2: JSPluginElement)
1770         https://bugs.webkit.org/show_bug.cgi?id=158431
1771
1772         Reviewed by Chris Dumez.
1773
1774         All uses of hasStaticPropertyTable flag generated by bindings are wrong.
1775
1776         The check in pluginElementCustomGetOwnPropertySlot was somewhat dubious in the
1777         first place (for types with static properties it would give precedence to both
1778         static and also property storage properties; for types without static properties
1779         it would check neither - an odd asymetry in the case of values in the storage
1780         array, and was depending on an implementation detail that could change).
1781
1782         This is all now redundant anyway. None of these types have static properties.
1783         All properties are now corretcly on the prototype (which is handled appropriately
1784         below). This is just dead code.
1785
1786         * bindings/js/JSPluginElementFunctions.h:
1787         (WebCore::pluginElementCustomGetOwnPropertySlot):
1788             - remove dead code.
1789
1790 2016-06-13  Gavin & Ellie Barraclough  <barraclough@apple.com>
1791
1792         Remove hasStaticPropertyTable (part 1: DOM bindings)
1793         https://bugs.webkit.org/show_bug.cgi?id=158431
1794
1795         Reviewed by Chris Dumez.
1796
1797         All uses of hasStaticPropertyTable flag generated by bindings are wrong.
1798
1799         * bindings/js/JSDOMBinding.h:
1800         (WebCore::getStaticValueSlotEntryWithoutCaching): Deleted.
1801         (WebCore::getStaticValueSlotEntryWithoutCaching<JSDOMObject>): Deleted.
1802             - this method is not used anywhere.
1803
1804 2016-06-13  Adam Bergkvist  <adam.bergkvist@ericsson.com>
1805
1806         WebRTC: Imlement MediaEndpointPeerConnection::replaceTrack()
1807         https://bugs.webkit.org/show_bug.cgi?id=158688
1808
1809         Reviewed by Eric Carlson.
1810
1811         Implement MediaEndpointPeerConnection::replaceTrack() that is the MediaEndpoint implementation
1812         of RTCRtpSender.replaceTrack() [1].
1813
1814         [1] https://w3c.github.io/webrtc-pc/archives/20160513/webrtc.html#dom-rtcrtpsender-replacetrack
1815
1816         Updated fast/mediastream/RTCRtpSender-replaceTrack.html
1817
1818         * Modules/mediastream/MediaEndpointPeerConnection.cpp:
1819         (WebCore::MediaEndpointPeerConnection::replaceTrack):
1820         (WebCore::MediaEndpointPeerConnection::replaceTrackTask):
1821         Implemented.
1822         * Modules/mediastream/MediaEndpointPeerConnection.h:
1823         * Modules/mediastream/PeerConnectionBackend.h:
1824         * Modules/mediastream/RTCPeerConnection.cpp:
1825         (WebCore::RTCPeerConnection::replaceTrack):
1826         * Modules/mediastream/RTCPeerConnection.h:
1827         Move the MediaStreamTrack instance of sending a reference to it. This change is the main
1828         reason many files are touched by this change.
1829         * Modules/mediastream/RTCRtpSender.h:
1830         * Modules/mediastream/RTCRtpSender.idl:
1831         * platform/mediastream/MediaEndpoint.h:
1832         Use mid instead of mdescIndex to identify the media description in the backend.
1833         * platform/mock/MockMediaEndpoint.cpp:
1834         (WebCore::MockMediaEndpoint::replaceSendSource):
1835         * platform/mock/MockMediaEndpoint.h:
1836
1837 2016-06-13  Joseph Pecoraro  <pecoraro@apple.com>
1838
1839         window.onerror should pass the ErrorEvent's 'error' property as the 5th argument to the event handler
1840         https://bugs.webkit.org/show_bug.cgi?id=55092
1841         <rdar://problem/25731279>
1842
1843         Reviewed by Dean Jackson.
1844
1845         This includes the actual Error in window.error / ErrorEvent:
1846         https://html.spec.whatwg.org/multipage/webappapis.html#the-errorevent-interface
1847
1848         This is useful for scripts to be able to get an error stack
1849         from uncaught exceptions, by checking the error itself.
1850
1851         Tests: fast/events/window-onerror17.html
1852                http/tests/security/cross-origin-script-error-event-redirected.html
1853                http/tests/security/cross-origin-script-error-event.html
1854                http/tests/security/script-crossorigin-error-event-information.html
1855                http/tests/security/script-no-crossorigin-error-event-should-be-sanitized.html
1856                userscripts/window-onerror-for-isolated-world-3.html
1857
1858         * CMakeLists.txt:
1859         * WebCore.xcodeproj/project.pbxproj:
1860         * bindings/js/JSBindingsAllInOne.cpp:
1861         Add new custom error event file.
1862
1863         * bindings/js/JSDOMBinding.cpp:
1864         (WebCore::reportException):
1865         Include the JSC::Exception when reporting exceptions, so the error value is available.
1866         
1867         * bindings/js/JSErrorEventCustom.cpp:
1868         (WebCore::JSErrorEvent::error):
1869         Sanitized access to the ErrorEvent's error property to prevent leaking objects
1870         across isolated world boundaries. This is like CustomEvent's data property.
1871
1872         * bindings/js/JSErrorHandler.cpp:
1873         (WebCore::JSErrorHandler::handleEvent):
1874         * bindings/js/JSErrorHandler.h:
1875         Include the error object as the 4th argument to the window.onerror event handler.
1876
1877         * dom/ScriptExecutionContext.cpp:
1878         (WebCore::ScriptExecutionContext::sanitizeScriptError):
1879         (WebCore::ScriptExecutionContext::reportException):
1880         (WebCore::ScriptExecutionContext::dispatchErrorEvent):
1881         * dom/ScriptExecutionContext.h:
1882         Include the error object in the ErrorEvent constructed when dispatching error events.
1883
1884         * dom/ErrorEvent.cpp:
1885         (WebCore::ErrorEvent::ErrorEvent):
1886         (WebCore::ErrorEvent::sanitizedErrorValue):
1887         (WebCore::ErrorEvent::trySerializeError):
1888         * dom/ErrorEvent.h:
1889         * dom/ErrorEvent.idl:
1890         Include an any "error" property on the ErrorEvent, and allow it in initialization.
1891
1892         * bindings/js/WorkerScriptController.cpp:
1893         (WebCore::WorkerScriptController::evaluate):
1894         * workers/WorkerMessagingProxy.cpp:
1895         (WebCore::WorkerMessagingProxy::postExceptionToWorkerObject):
1896         Within the Worker world, the error is included in the event.
1897         When re-dispatching the error on the world object in the world that spawned the
1898         Worker the event does not include an error object. This matches other browsers
1899         right now, but could be improved to have the same cross world serialization
1900         as isolated worlds have with the error data.
1901
1902         * dom/CustomEvent.h:
1903         Remove unimplemented stale method.
1904
1905 2016-06-13  Dean Jackson  <dino@apple.com>
1906
1907         SVG elements don't blend correctly into HTML
1908         https://bugs.webkit.org/show_bug.cgi?id=158718
1909         <rdar://problem/26782004>
1910
1911         Reviewed by Antoine Quint.
1912
1913         We were not creating any transparency layers for the root SVG nodes.
1914         This is ok if the SVG is the root document, because it is the backdrop.
1915         However, if it is inline SVG, it needs to apply the operation in
1916         order to composite into the document.
1917
1918         Test: svg/css/mix-blend-mode-with-inline-svg.html
1919
1920         * rendering/RenderLayer.cpp:
1921         (WebCore::RenderLayer::beginTransparencyLayers):
1922
1923 2016-06-13  Brady Eidson  <beidson@apple.com>
1924
1925         storage/indexeddb/modern/leaks-1.html leaks the database connection handle.
1926         https://bugs.webkit.org/show_bug.cgi?id=158643
1927
1928         Reviewed by Alex Christensen.
1929
1930         Tested by changes to existing test.
1931
1932         * Modules/indexeddb/IDBDatabase.cpp:
1933         (WebCore::IDBDatabase::hasPendingActivity):
1934         
1935         * dom/EventTarget.h:
1936         (WebCore::EventTarget::eventTargetData):
1937         (WebCore::EventTarget::hasEventListeners):
1938
1939
1940 2016-06-13  Enrica Casucci  <enrica@apple.com>
1941
1942         REGRESSION(r201956): Failure to initialize new internal settings produced random test failures in release.
1943         https://bugs.webkit.org/show_bug.cgi?id=158713
1944         rdar://26769957
1945
1946         Reviewed by Simon Fraser.
1947
1948         Failed to initialize the new member variable in both Settings and InternalSettings classes.
1949
1950         * page/Settings.cpp:
1951         (WebCore::Settings::Settings):
1952         * testing/InternalSettings.cpp:
1953         (WebCore::InternalSettings::Backup::Backup):
1954
1955 2016-06-13  Chris Dumez  <cdumez@apple.com>
1956
1957         Drop HipChat hack introduced in r197548
1958         https://bugs.webkit.org/show_bug.cgi?id=158711
1959
1960         Reviewed by Geoffrey Garen.
1961
1962         Drop HipChat hack introduced in r197548. This hack is no longer needed
1963         as the bug was fixed in HipChat since then:
1964         https://support.atlassian.com/servicedesk/customer/portal/32/HCP-7532
1965
1966         I have confirmed locally that the latest version (4.0.12.665) is able
1967         to connect without the hack.
1968
1969         * bindings/js/JSLocationCustom.cpp:
1970         (WebCore::JSLocation::putDelegate): Deleted.
1971         * platform/RuntimeApplicationChecks.h:
1972         * platform/RuntimeApplicationChecks.mm:
1973         (WebCore::MacApplication::isHipChat): Deleted.
1974
1975 2016-06-13  Chris Fleizach  <cfleizach@apple.com>
1976
1977         AX: CrashTracer: com.apple.WebKit.WebContent at WebCore::AccessibilityRenderObject::remoteSVGRootElement const + 227
1978         https://bugs.webkit.org/show_bug.cgi?id=158685
1979
1980         Reviewed by David Kilzer.
1981
1982         Crash reports show a null access at a line that tries to dereference a pointer. 
1983         I still don't have a way to layout test this, as it seems tied to tear down of the main document.
1984
1985         * accessibility/AccessibilityRenderObject.cpp:
1986         (WebCore::AccessibilityRenderObject::remoteSVGRootElement):
1987
1988 2016-06-13  Jeremy Jones  <jeremyj@apple.com>
1989
1990         Use two video layer solution only on mac.
1991         https://bugs.webkit.org/show_bug.cgi?id=158705
1992         rdar://problem/26776360
1993
1994         Reviewed by Jer Noble.
1995
1996         Two video layer solution is only useful on the mac to prevent flicker, so don't do it elsewhere.
1997
1998         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
1999         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerLayer):
2000
2001 2016-06-13  Jeremy Jones  <jeremyj@apple.com>
2002
2003         Decrease PiP flicker by not removing window prematurely.
2004         https://bugs.webkit.org/show_bug.cgi?id=158436
2005         <rdar://problem/19052639>
2006
2007         Reviewed by Darin Adler.
2008
2009         UIWindow shouldn't be removed until cleanupFullscreen, so the video layer has a chance
2010         to be reparented in the DOM first.
2011
2012         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
2013         (WebVideoFullscreenInterfaceAVKit::didStopPictureInPicture):
2014
2015 2016-06-13  Alex Christensen  <achristensen@webkit.org>
2016
2017         Add WebSocketProvider stub
2018         https://bugs.webkit.org/show_bug.cgi?id=158702
2019
2020         Reviewed by Brady Eidson.
2021
2022         No new tests.  No change in behavior.
2023
2024         * WebCore.xcodeproj/project.pbxproj:
2025         * dom/DocumentMarkerController.cpp:
2026         * dom/ScriptedAnimationController.cpp:
2027         * html/HTMLMediaElement.cpp:
2028         * html/MediaDocument.cpp:
2029         * html/shadow/MediaControlElements.cpp:
2030         * html/shadow/MediaControls.cpp:
2031         * html/shadow/MediaControls.h:
2032         * html/shadow/MediaControlsApple.cpp:
2033         * inspector/InspectorInstrumentation.cpp:
2034         * inspector/InspectorInstrumentation.h:
2035         * inspector/InspectorOverlay.cpp:
2036         (WebCore::InspectorOverlay::overlayPage):
2037         * loader/EmptyClients.h:
2038         * loader/FrameLoader.cpp:
2039         * loader/FrameLoader.h:
2040         * loader/appcache/ApplicationCacheHost.cpp:
2041         * loader/cache/CachedResource.cpp:
2042         * page/FrameView.cpp:
2043         * page/Page.cpp:
2044         (WebCore::Page::Page):
2045         * page/Page.h:
2046         (WebCore::Page::applicationCacheStorage):
2047         (WebCore::Page::databaseProvider):
2048         (WebCore::Page::socketProvider):
2049         (WebCore::Page::storageNamespaceProvider):
2050         * page/PageConfiguration.cpp:
2051         (WebCore::PageConfiguration::PageConfiguration):
2052         * page/PageConfiguration.h:
2053         * page/ResourceUsageOverlay.cpp:
2054         * page/SocketProvider.h: Added.
2055         (WebCore::SocketProvider::~SocketProvider):
2056         * page/cocoa/ResourceUsageOverlayCocoa.mm:
2057         * rendering/RenderElement.cpp:
2058         * rendering/RenderLayerBacking.cpp:
2059         * style/StyleResolveForDocument.cpp:
2060         * style/StyleTreeResolver.cpp:
2061         * svg/graphics/SVGImage.cpp:
2062         (WebCore::SVGImage::dataChanged):
2063         * testing/MockPageOverlayClient.cpp:
2064
2065 2016-06-13  Brady Eidson  <beidson@apple.com>
2066
2067         Crashes in WebCore::IDBServer::UniqueIDBDatabase::executeNextDatabaseTask.
2068         <rdar://problem/26768449> and https://bugs.webkit.org/show_bug.cgi?id=158696
2069
2070         Reviewed by David Kilzer.
2071
2072         No new tests (Covered by all existing tests in Gmalloc/ASAN configs).
2073
2074         * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
2075         (WebCore::IDBServer::UniqueIDBDatabase::executeNextDatabaseTask):
2076         (WebCore::IDBServer::UniqueIDBDatabase::executeNextDatabaseTaskReply):
2077
2078 2016-06-13  Brady Eidson  <beidson@apple.com>
2079
2080         Modern IDB: IDBOpenDBRequest objects leak.
2081         https://bugs.webkit.org/show_bug.cgi?id=158694
2082
2083         Reviewed by Alex Christensen.
2084
2085         No new tests (Currently have no testing strategy for guaranteeing lifetime of WebCore DOM objects)
2086
2087         * Modules/indexeddb/client/IDBConnectionProxy.cpp:
2088         (WebCore::IDBClient::IDBConnectionProxy::completeOpenDBRequest): At this point we never need the
2089             request again, so remove it from the map.
2090
2091 2016-06-13  Chris Dumez  <cdumez@apple.com>
2092
2093         Make sure HTTPHeaderMap gets a move constructor / assignment operator
2094         https://bugs.webkit.org/show_bug.cgi?id=158695
2095         <rdar://problem/26729511>
2096
2097         Reviewed by Alex Christensen.
2098
2099         Make sure HTTPHeaderMap gets a move constructor / assignment operator.
2100         It was not getting an implicit one because of its user-declared
2101         destructor. This patch drops the user-declared destructor so that
2102         HTTPHeaderMap now gets an implicit move constructor / assignment
2103         operator.
2104
2105         Not having a move constructor / assignment operator is an issue because
2106         we rely on HTTPHeaderMap::isolatedCopy() / WTFMove() since r201623 to
2107         pass HTTPHeaderMap across thread.
2108
2109         * platform/network/HTTPHeaderMap.cpp:
2110         (WebCore::HTTPHeaderMap::~HTTPHeaderMap): Deleted.
2111         * platform/network/HTTPHeaderMap.h:
2112
2113 2016-06-13  Nael Ouedraogo  <nael.ouedraogo@crf.canon.fr>
2114
2115         Remove useless parameter from GenerateParametersCheck signature
2116         https://bugs.webkit.org/show_bug.cgi?id=158692
2117
2118         Reviewed by Chris Dumez.
2119
2120         Remove one parameter which is passed to GenerateParametersCheck
2121         but never used in the caller code.
2122
2123         * bindings/scripts/CodeGeneratorJS.pm:
2124         (GenerateImplementation):
2125         (GenerateParametersCheck):
2126         (GenerateConstructorDefinition):
2127
2128 2016-06-13  Nael Ouedraogo  <nael.ouedraogo@crf.canon.fr>
2129
2130         Improve code generator for functions with variadic parameters
2131         https://bugs.webkit.org/show_bug.cgi?id=158529
2132
2133         Reviewed by Darin Adler.
2134
2135         JS bindings code of functions with variadic parameters is improved.
2136
2137         Functions with variadic parameters are skipped for ObjC and GObject code generators.
2138
2139         * bindings/scripts/CodeGeneratorGObject.pm:
2140         (SkipFunction): Skip functions with variadic parameters.
2141         * bindings/scripts/CodeGeneratorJS.pm:
2142         (GenerateParametersCheck):
2143         * bindings/scripts/CodeGeneratorObjC.pm:
2144         (SkipFunction): Skip functions with variadic parameters.
2145         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
2146         (webkit_dom_test_obj_any): Deleted.
2147         (webkit_dom_test_obj_attach_shadow_root): Deleted.
2148         (webkit_dom_test_obj_get_read_only_long_attr): Deleted.
2149         (webkit_dom_test_obj_get_read_only_string_attr): Deleted.
2150         * bindings/scripts/test/GObject/WebKitDOMTestObj.h:
2151         * bindings/scripts/test/JS/JSTestObj.cpp:
2152         (WebCore::jsTestObjPrototypeFunctionOverloadedMethod12):
2153         (WebCore::jsTestObjPrototypeFunctionVariadicStringMethod):
2154         (WebCore::jsTestObjPrototypeFunctionVariadicDoubleMethod):
2155         (WebCore::jsTestObjPrototypeFunctionVariadicNodeMethod):
2156         * bindings/scripts/test/ObjC/DOMTestObj.h:
2157         * bindings/scripts/test/ObjC/DOMTestObj.mm:
2158
2159 2016-06-12  Zalan Bujtas  <zalan@apple.com>
2160
2161         Cleanup RenderBlock::removePositionedObjects
2162         https://bugs.webkit.org/show_bug.cgi?id=158670
2163
2164         Reviewed by Simon Fraser.
2165
2166         No change in functionality.
2167
2168         * rendering/RenderBlock.cpp:
2169         (WebCore::RenderBlock::insertPositionedObject):
2170         (WebCore::RenderBlock::removePositionedObject):
2171         (WebCore::RenderBlock::removePositionedObjects):
2172         * rendering/RenderBlock.h:
2173
2174 2016-06-12  Zalan Bujtas  <zalan@apple.com>
2175
2176         Remove positioned descendants when RenderBlock is no longer a containing block.
2177         https://bugs.webkit.org/show_bug.cgi?id=158655
2178         <rdar://problem/26510032>
2179
2180         Reviewed by Simon Fraser.
2181
2182         Normally the RenderView is the containing block for fixed positioned renderers.
2183         However when a renderer acquires some transform related properties, it becomes the containing
2184         block for all the fixed positioned renderers in its descendant tree.
2185         When the last transform related property is removed, the renderer is no longer a containing block
2186         and we need to remove all these positioned renderers from the descendant tracker map (gPositionedDescendantsMap).
2187         They will be inserted back into the tracker map during the next layout (either under the RenderView or
2188         under the next transformed renderer in the ancestor chain).
2189
2190         Test: fast/block/fixed-position-reparent-when-transition-is-removed.html
2191
2192         * rendering/RenderBlock.cpp:
2193         (WebCore::RenderBlock::removePositionedObjectsIfNeeded):
2194
2195 2016-06-11  Myles C. Maxfield  <mmaxfield@apple.com>
2196
2197         Addressing post-review comments after r201978.
2198         https://bugs.webkit.org/show_bug.cgi?id=158649
2199         <rdar://problem/13258122>
2200
2201         Unreviewed.
2202
2203         * platform/graphics/FontCache.cpp:
2204         (WebCore::FontCache::alternateFamilyName):
2205         * platform/graphics/cocoa/FontCacheCoreText.cpp:
2206         (WebCore::FontCache::platformAlternateFamilyName):
2207
2208 2016-06-11  Darin Adler  <darin@apple.com>
2209
2210         Tighten code to build set of tag names
2211         https://bugs.webkit.org/show_bug.cgi?id=158662
2212
2213         Reviewed by Alexey Proskuryakov.
2214
2215         * dom/Element.cpp:
2216         (WebCore::canAttachAuthorShadowRoot): Use an array of pointers that the loader
2217         can initialize as part of loading the library, rather than an array that needs
2218         to be initialized with code at runtime.
2219
2220 2016-06-11  Myles C. Maxfield  <mmaxfield@apple.com>
2221
2222         [Win] [EFL] Build fix after r201978.
2223         https://bugs.webkit.org/show_bug.cgi?id=158649
2224         <rdar://problem/13258122>
2225
2226         Unreviewed
2227
2228         * platform/graphics/freetype/FontCacheFreeType.cpp:
2229         (WebCore::FontCache::platformAlternateFamilyName):
2230         * platform/graphics/win/FontCacheWin.cpp:
2231
2232 2016-06-11  Myles C. Maxfield  <mmaxfield@apple.com>
2233
2234         [Cocoa] Map commonly used Chinese Windows font names to names present on Cocoa operating systems
2235         https://bugs.webkit.org/show_bug.cgi?id=158649
2236         <rdar://problem/13258122>
2237
2238         Reviewed by Darin Adler.
2239
2240         There are many Chinese websites which hardcode Windows font names.
2241         We should map these to fonts which best match them on Cocoa operating
2242         systems. We can do this by using our existing fallback font name
2243         infrastructure.
2244
2245         Tests: fast/text/chinese-font-name-aliases-2.html
2246                fast/text/chinese-font-name-aliases.html
2247
2248         * platform/graphics/FontCache.cpp:
2249         (WebCore::FontCache::alternateFamilyName):
2250         (WebCore::alternateFamilyName): Deleted.
2251         * platform/graphics/FontCache.h:
2252         * platform/graphics/cocoa/FontCacheCoreText.cpp:
2253         (WebCore::FontCache::platformAlternateFamilyName):
2254         * platform/graphics/freetype/FontCacheFreeType.cpp:
2255         (WebCore::FontCache::platformAlternateFamilyName):
2256         * platform/graphics/win/FontCacheWin.cpp:
2257         (WebCore::FontCache::platformAlternateFamilyName):
2258
2259 2016-06-11  Commit Queue  <commit-queue@webkit.org>
2260
2261         Unreviewed, rolling out r201967, r201968, and r201972.
2262         https://bugs.webkit.org/show_bug.cgi?id=158665
2263
2264         Caused flaky failures on IndexedDB tests (Requested by ap on
2265         #webkit).
2266
2267         Reverted changesets:
2268
2269         "Vary:Cookie validation doesn't work in private browsing"
2270         https://bugs.webkit.org/show_bug.cgi?id=158616
2271         http://trac.webkit.org/changeset/201967
2272
2273         "Build fix."
2274         http://trac.webkit.org/changeset/201968
2275
2276         "WinCairo build fix attempt."
2277         http://trac.webkit.org/changeset/201972
2278
2279 2016-06-11  Konstantin Tokarev  <annulen@yandex.ru>
2280
2281         Fixed compilation of LocaleICU with ENABLE(DATE_AND_TIME_INPUT_TYPES)
2282         https://bugs.webkit.org/show_bug.cgi?id=158659
2283
2284         Reviewed by Darin Adler.
2285
2286         No new tests needed.
2287
2288         * platform/text/LocaleICU.cpp:
2289         (WebCore::getFormatForSkeleton):
2290         (WebCore::LocaleICU::monthFormat):
2291         (WebCore::LocaleICU::shortMonthFormat):
2292
2293 2016-06-11  Antti Koivisto  <antti@apple.com>
2294
2295         WinCairo build fix attempt.
2296
2297         * platform/network/NetworkStorageSession.cpp:
2298         * platform/network/NetworkStorageSession.h:
2299         * platform/network/NetworkStorageSessionStub.cpp:
2300         (WebCore::NetworkStorageSession::NetworkStorageSession):
2301         (WebCore::NetworkStorageSession::context):
2302         (WebCore::NetworkStorageSession::createPrivateBrowsingSession):
2303         (WebCore::NetworkStorageSession::switchToNewTestingSession):
2304         (WebCore::NetworkStorageSession::~NetworkStorageSession): Deleted.
2305         (WebCore::defaultSession): Deleted.
2306         (WebCore::NetworkStorageSession::defaultStorageSession): Deleted.
2307
2308 2016-06-11  Myles C. Maxfield  <mmaxfield@apple.com>
2309
2310         Deleting a CSSOM style rule invalidates any previously-added FontFaces
2311         https://bugs.webkit.org/show_bug.cgi?id=158450
2312
2313         Reviewed by Darin Adler.
2314
2315         This patch has two pieces: updating the CSSOM when the FontFace changes, and
2316         updating the FontFace when the CSSOM changes.
2317
2318         1: Updating the CSSOM when the FontFace changes: CSSFontFaces already have a RefPtr
2319         to their StyleRuleFontFace which represents their CSS-connection. When changing a
2320         property of the CSSFontFace, we simply reach into the StyleRule and update it to
2321         match. Our existing infrastructure of invalidation due to the attribute changes
2322         makes sure that all the necessary updates occur.
2323
2324         2. Updating the FontFace when the CSSOM changes: If the CSSOM changes in a trivial
2325         way (for example, a new @font-face is appended to the end of the last <style>
2326         element), we can handle it directly. However, when something more invasive occurs,
2327         we end up clearing the entire CSSFontSelector, and then adding all the style rules
2328         from scratch. This involves three steps:
2329             a) CSSFontSelector::buildStarted() is run, which means "we're about to start
2330                building up all the @font-face rules from scratch." We take this opportunity
2331                to purge as many fonts as possible. This is valuable because, for example,
2332                this function gets run when the page gets put into the page cache, so we
2333                want to destroy as much as possible. Not everything can be purged, however -
2334                only CSS-connected fonts which have never been inspected by script are
2335                purgeable. We don't allow fonts inspected by script to be purged because
2336                purging might result in a font appearing from JavaScript to transition from
2337                a success -> failure state, which we don't allow.
2338             b) Upon style recalc (possibly asynchronously) CSSFontSelector::addFontFaceRule()
2339                is called for each @font-face rule. We actually detect that we're in the
2340                middle of a style rebuild, and defer this step.
2341             c) When we're done adding all the font face rules, we call
2342                CSSFontSelector::buildCompleted(). This is where we compare the newly built-
2343                up list of font faces with what existed previously (as remembered in
2344                CSSFontSelector::buildStarted()) in order to detect font faces which were
2345                deleted from the document. Fonts which were newly added to the document
2346                are handled naturally.
2347                Fonts which have a property modified on them are created as if they were new.
2348                However, instead of simply adding the CSSFontFace, we search for the existing
2349                CSSFontFace (by CSS connection pointer) and tell the existing FontFace to
2350                adopt this new CSSFontFace. This means that the JavaScript object will just
2351                pick up any newly-written values in the CSSOM. It also means that the
2352                "status" attribute of the JavaScript object is reset, but this is expected
2353                and allowed by the spec. (For example, if you change the "src" attribute of
2354                an @font-face block via the CSSOM, all bets are off when you inspect the
2355                FontFace JS object representing that block.)
2356
2357         Test: fast/text/font-face-set-cssom.html
2358
2359         * css/CSSFontFace.cpp:
2360         (WebCore::CSSFontFace::CSSFontFace):
2361         (WebCore::CSSFontFace::setFamilies):
2362         (WebCore::CSSFontFace::setStyle):
2363         (WebCore::CSSFontFace::setWeight):
2364         (WebCore::CSSFontFace::setUnicodeRange):
2365         (WebCore::CSSFontFace::setVariantLigatures):
2366         (WebCore::CSSFontFace::setVariantPosition):
2367         (WebCore::CSSFontFace::setVariantCaps):
2368         (WebCore::CSSFontFace::setVariantNumeric):
2369         (WebCore::CSSFontFace::setVariantAlternates):
2370         (WebCore::CSSFontFace::setVariantEastAsian):
2371         (WebCore::CSSFontFace::setFeatureSettings):
2372         (WebCore::CSSFontFace::initializeWrapper):
2373         (WebCore::CSSFontFace::wrapper):
2374         (WebCore::CSSFontFace::setWrapper):
2375         (WebCore::CSSFontFace::purgeable):
2376         (WebCore::CSSFontFace::updateStyleIfNeeded):
2377         * css/CSSFontFace.h:
2378         * css/CSSFontFaceSet.cpp:
2379         (WebCore::CSSFontFaceSet::remove):
2380         (WebCore::CSSFontFaceSet::containsCSSConnection):
2381         (WebCore::CSSFontFaceSet::purge):
2382         * css/CSSFontFaceSet.h:
2383         * css/CSSFontSelector.cpp:
2384         (WebCore::CSSFontSelector::buildStarted):
2385         (WebCore::CSSFontSelector::buildCompleted):
2386         (WebCore::CSSFontSelector::addFontFaceRule):
2387         * css/CSSFontSelector.h:
2388         * css/FontFace.cpp:
2389         (WebCore::FontFace::family):
2390         (WebCore::FontFace::style):
2391         (WebCore::FontFace::weight):
2392         (WebCore::FontFace::unicodeRange):
2393         (WebCore::FontFace::variant):
2394         (WebCore::FontFace::featureSettings):
2395         (WebCore::FontFace::adopt):
2396         * css/FontFace.h:
2397
2398 2016-06-11  Chris Dumez  <cdumez@apple.com>
2399
2400         WorkerNavigator is missing some attributes
2401         https://bugs.webkit.org/show_bug.cgi?id=158593
2402         <rdar://problem/26731334>
2403
2404         Reviewed by Darin Adler.
2405
2406         Add attributes that are missing on WorkerNavigator:
2407         - appCodeName
2408         - hardwareConcurrency
2409         - language
2410         - product
2411         - productSub
2412         - vendor
2413         - vendorSub
2414
2415         Firefox and Chrome already expose those attributes.
2416
2417         Relevant specification:
2418         https://html.spec.whatwg.org/multipage/workers.html#the-workernavigator-object
2419
2420         This patch also refactors the IDL to match the specification more
2421         closely and promote sharing between Navigator and WorkerNavigator.
2422
2423         No new tests, updated existing test.
2424
2425         * CMakeLists.txt:
2426         * DerivedSources.make:
2427         Add new supplemental IDL files.
2428
2429         * page/Navigator.cpp:
2430         * page/Navigator.h:
2431         Moved language() / hardwareConcurrency() from Navigator to NavigatorBase
2432         so that it can be used by NavigatorWorker as well.
2433
2434         * page/NavigatorBase.h:
2435         * page/NavigatorBase.cpp:
2436         (WebCore::NavigatorBase::language):
2437         The implementation still calls defaultLanguage() but I updated it to be
2438         thread safe on all platforms.
2439
2440         (WebCore::NavigatorBase::hardwareConcurrency):
2441         Use std::call_once() for thread safety.
2442
2443         * page/Navigator.idl:
2444         * page/NavigatorConcurrentHardware.idl: Copied from Source/WebCore/page/WorkerNavigator.idl.
2445         * page/NavigatorID.idl: Copied from Source/WebCore/page/WorkerNavigator.idl.
2446         * page/NavigatorLanguage.idl: Copied from Source/WebCore/page/WorkerNavigator.idl.
2447         * page/NavigatorOnLine.idl: Copied from Source/WebCore/page/WorkerNavigator.idl.
2448         * page/WorkerNavigator.idl:
2449         Move several attributes to their own supplemental interfaces to match
2450         the specification and promote sharing with WorkerNavigator.
2451
2452         * platform/Language.cpp:
2453         (WebCore::userPreferredLanguages):
2454         * platform/Language.h:
2455         Made thread-safe on all platforms.
2456
2457 2016-06-11  Antti Koivisto  <antti@apple.com>
2458
2459         Build fix.
2460
2461         * platform/network/cf/NetworkStorageSessionCFNet.cpp:
2462         (WebCore::NetworkStorageSession::switchToNewTestingSession):
2463
2464 2016-06-10  Antti Koivisto  <antti@apple.com>
2465
2466         Vary:Cookie validation doesn't work in private browsing
2467         https://bugs.webkit.org/show_bug.cgi?id=158616
2468         rdar://problem/26755067
2469
2470         Reviewed by Darin Adler.
2471
2472         This wasn't implemented because there was no way to get NetworkStorageSession from
2473         a SessionID on WebCore side.
2474
2475         The patch adds a simple WebCore level weak map that allows getting NetworkStorageSessions
2476         from SessionID. This seemed like the cleanest way to do this without a big refactoring
2477         around the currently WebKit2 level SessionTracker.
2478
2479         * CMakeLists.txt:
2480         * WebCore.xcodeproj/project.pbxproj:
2481         * platform/network/CacheValidation.cpp:
2482         (WebCore::headerValueForVary):
2483
2484             Get NetworkStorageSession from SessionID for cookies
2485
2486         (WebCore::verifyVaryingRequestHeaders):
2487         * platform/network/NetworkStorageSession.cpp: Added.
2488
2489             Add platform independent .cpp for NetworkStorageSession.
2490             Implement a weak map for SessionID -> NetworkStorageSession.
2491
2492         (WebCore::sessionsMap):
2493         (WebCore::NetworkStorageSession::NetworkStorageSession):
2494         (WebCore::NetworkStorageSession::~NetworkStorageSession):
2495         (WebCore::NetworkStorageSession::forSessionID):
2496
2497             Get NetworkStorageSession for sessionID.
2498
2499         * platform/network/NetworkStorageSession.h:
2500         (WebCore::NetworkStorageSession::sessionID):
2501         (WebCore::NetworkStorageSession::credentialStorage):
2502         * platform/network/cf/NetworkStorageSessionCFNet.cpp:
2503         (WebCore::NetworkStorageSession::NetworkStorageSession):
2504
2505             Call to common constructor.
2506
2507         (WebCore::defaultNetworkStorageSession):
2508         * platform/network/soup/NetworkStorageSessionSoup.cpp:
2509         (WebCore::NetworkStorageSession::NetworkStorageSession):
2510
2511             Call to common constructor.
2512
2513         (WebCore::defaultSession):
2514         (WebCore::NetworkStorageSession::~NetworkStorageSession): Deleted.
2515
2516 2016-06-10  Ada Chan  <adachan@apple.com>
2517
2518         Use the video element's video box when getting the inline video rect in WebVideoFullscreenManager
2519         https://bugs.webkit.org/show_bug.cgi?id=158351
2520         <rdar://problem/26567938>
2521
2522         Reviewed by Darin Adler.
2523
2524         * WebCore.xcodeproj/project.pbxproj:
2525         Change the visibility of RenderVideo.h and RenderMedia.h since we'll be importing RenderVideo.h from WebKit2.
2526         * rendering/RenderVideo.h:
2527
2528 2016-06-10  Benjamin Poulain  <bpoulain@apple.com>
2529
2530         Add support for passive event listeners on touch events
2531         https://bugs.webkit.org/show_bug.cgi?id=158601
2532
2533         Reviewed by Simon Fraser.
2534
2535         This patch wires "passive" state of EventTarget to the delivery of touch
2536         events in WebKit2.
2537
2538         Instead of having a NonFastScrollableRegion, we have a pair of regions
2539         in EventTrackingRegions.
2540         The "asynchronousDispatchRegion" tracks the area for which all event
2541         listeners are passive. For those, events should be dispatched asynchronously.
2542         The "synchronousDispatchRegion" tracks the area for which there is at
2543         least one active event listener. Events have to be dispatched synchronously
2544         for correctness.
2545
2546         Tests: fast/events/touch/ios/tap-with-active-listener-on-elements.html
2547                fast/events/touch/ios/tap-with-active-listener-on-window.html
2548                fast/events/touch/ios/tap-with-passive-listener-on-elements.html
2549                fast/events/touch/ios/tap-with-passive-listener-on-window.html
2550
2551         * WebCore.xcodeproj/project.pbxproj:
2552         * dom/Document.cpp:
2553         (WebCore::Document::wheelEventHandlersChanged):
2554         (WebCore::Document::Document): Deleted.
2555         * dom/Document.h:
2556
2557         * dom/EventListenerMap.cpp:
2558         (WebCore::EventListenerMap::containsActive):
2559         If a Target has multiple listener for an event type, we want to know
2560         if any of them is active.
2561
2562         * dom/EventListenerMap.h:
2563         * dom/EventTarget.cpp:
2564         (WebCore::EventTarget::hasActiveEventListeners):
2565         (WebCore::EventTarget::hasActiveTouchEventListeners):
2566         * dom/EventTarget.h:
2567
2568         * page/DebugPageOverlays.cpp:
2569         (WebCore::NonFastScrollableRegionOverlay::updateRegion):
2570         I did not change the debug overlays.
2571         The NonFastScrollable area is the region for which events needs
2572         synchronous dispatch. Everything else should scroll without delay.
2573
2574         * page/FrameView.cpp:
2575         (WebCore::FrameView::scrollableAreaSetChanged):
2576         * page/Page.cpp:
2577         (WebCore::Page::nonFastScrollableRects):
2578         * page/scrolling/AsyncScrollingCoordinator.cpp:
2579         (WebCore::AsyncScrollingCoordinator::setEventTrackingRegionsDirty):
2580         (WebCore::AsyncScrollingCoordinator::willCommitTree):
2581         (WebCore::AsyncScrollingCoordinator::updateEventTrackingRegions):
2582         (WebCore::AsyncScrollingCoordinator::frameViewLayoutUpdated):
2583         (WebCore::AsyncScrollingCoordinator::frameViewEventTrackingRegionsChanged):
2584         (WebCore::AsyncScrollingCoordinator::scrollingStateTreeAsText):
2585         (WebCore::AsyncScrollingCoordinator::setNonFastScrollableRegionDirty): Deleted.
2586         (WebCore::AsyncScrollingCoordinator::updateNonFastScrollableRegion): Deleted.
2587         (WebCore::AsyncScrollingCoordinator::frameViewNonFastScrollableRegionChanged): Deleted.
2588         * page/scrolling/AsyncScrollingCoordinator.h:
2589         (WebCore::AsyncScrollingCoordinator::eventTrackingRegionsDirty):
2590         (WebCore::AsyncScrollingCoordinator::nonFastScrollableRegionDirty): Deleted.
2591
2592         * page/scrolling/ScrollingCoordinator.cpp:
2593         (WebCore::ScrollingCoordinator::absoluteEventTrackingRegionsForFrame):
2594         (WebCore::ScrollingCoordinator::absoluteEventTrackingRegions):
2595         (WebCore::ScrollingCoordinator::absoluteNonFastScrollableRegionForFrame): Deleted.
2596         (WebCore::ScrollingCoordinator::absoluteNonFastScrollableRegion): Deleted.
2597         I intentionally left the Wheel event with synchronous dispatch.
2598         This use case will need its own set of tests.
2599
2600         * page/scrolling/ScrollingCoordinator.h:
2601         (WebCore::ScrollingCoordinator::frameViewEventTrackingRegionsChanged):
2602         (WebCore::ScrollingCoordinator::frameViewNonFastScrollableRegionChanged): Deleted.
2603         * page/scrolling/ScrollingStateFrameScrollingNode.cpp:
2604         (WebCore::ScrollingStateFrameScrollingNode::ScrollingStateFrameScrollingNode):
2605         (WebCore::ScrollingStateFrameScrollingNode::setEventTrackingRegions):
2606         (WebCore::ScrollingStateFrameScrollingNode::dumpProperties):
2607         (WebCore::ScrollingStateFrameScrollingNode::setNonFastScrollableRegion): Deleted.
2608         * page/scrolling/ScrollingStateFrameScrollingNode.h:
2609         * page/scrolling/ScrollingTree.cpp:
2610         (WebCore::ScrollingTree::shouldHandleWheelEventSynchronously):
2611         (WebCore::ScrollingTree::commitNewTreeState):
2612         (WebCore::ScrollingTree::eventTrackingTypeForPoint):
2613         (WebCore::ScrollingTree::isPointInNonFastScrollableRegion): Deleted.
2614         * page/scrolling/ScrollingTree.h:
2615         * page/scrolling/mac/ScrollingCoordinatorMac.mm:
2616         (WebCore::ScrollingCoordinatorMac::scheduleTreeStateCommit):
2617         * platform/EventTrackingRegions.h: Added.
2618         (WebCore::EventTrackingRegions::isEmpty):
2619         (WebCore::EventTrackingRegions::trackingTypeForPoint):
2620         (WebCore::operator==):
2621
2622 2016-06-10  Enrica Casucci  <enrica@apple.com>
2623
2624         REGRESSION(r198177): Cannot paste an image when the pasteboard format is mime type.
2625         https://bugs.webkit.org/show_bug.cgi?id=158590
2626         rdar://problem/25471371
2627
2628         Reviewed by Darin Adler.
2629
2630         When creating a fragment from an image resource, the resource needs to
2631         be added to the document loader before setting the src attribute to the
2632         image element, otherwise loading is triggered and the loading fails.
2633         In r198177 the order of the operations was changed causing the bug.
2634         This patch adds support to test the scenario where the image in the pasteboard
2635         is available only as mime type (not WebArchive or RTFD), a situation that occurs
2636         more frequently on iOS.
2637
2638         Test: editing/pasteboard/image-in-iframe.html
2639
2640         * editing/ios/EditorIOS.mm:
2641         (WebCore::Editor::createFragmentForImageResourceAndAddResource):
2642         * editing/mac/EditorMac.mm:
2643         (WebCore::Editor::WebContentReader::readWebArchive):
2644         (WebCore::Editor::WebContentReader::readRTFD):
2645         (WebCore::Editor::WebContentReader::readRTF):
2646         (WebCore::Editor::createFragmentForImageResourceAndAddResource):
2647         * page/Settings.cpp:
2648         (WebCore::Settings::setImagesEnabled):
2649         (WebCore::Settings::setPreferMimeTypeForImages):
2650         (WebCore::Settings::setForcePendingWebGLPolicy):
2651         * page/Settings.h:
2652         (WebCore::Settings::areImagesEnabled):
2653         (WebCore::Settings::preferMimeTypeForImages):
2654         (WebCore::Settings::arePluginsEnabled):
2655         * testing/InternalSettings.cpp:
2656         (WebCore::InternalSettings::Backup::restoreTo):
2657         (WebCore::InternalSettings::setLangAttributeAwareFormControlUIEnabled):
2658         (WebCore::InternalSettings::setPreferMimeTypeForImages):
2659         (WebCore::InternalSettings::setImagesEnabled):
2660         * testing/InternalSettings.h:
2661         * testing/InternalSettings.idl:
2662
2663 2016-06-10  Alex Christensen  <achristensen@webkit.org>
2664
2665         Fix WinCairo build after r201943
2666
2667         * platform/network/curl/MultipartHandle.cpp:
2668         (WebCore::MultipartHandle::didReceiveResponse):
2669         * platform/network/curl/ResourceHandleManager.cpp:
2670         (WebCore::handleLocalReceiveResponse):
2671         (WebCore::headerCallback):
2672         (WebCore::ResourceHandleManager::dispatchSynchronousJob):
2673
2674 2016-06-10  Alex Christensen  <achristensen@webkit.org>
2675
2676         handleDataURL is only used by curl
2677         https://bugs.webkit.org/show_bug.cgi?id=158636
2678
2679         Reviewed by Tim Horton.
2680
2681         * CMakeLists.txt:
2682         * platform/network/DataURL.cpp: Removed.
2683         * platform/network/DataURL.h: Removed.
2684         * platform/network/curl/ResourceHandleManager.cpp:
2685         (WebCore::ResourceHandleManager::startScheduledJobs):
2686         (WebCore::handleDataURL):
2687         (WebCore::ResourceHandleManager::dispatchSynchronousJob):
2688
2689 2016-06-10  Alex Christensen  <achristensen@webkit.org>
2690
2691         Reduce ResourceResponse copying
2692         https://bugs.webkit.org/show_bug.cgi?id=158232
2693
2694         Reviewed by Darin Adler.
2695
2696         No new tests.  No change in behavior except removing an unnecessary copy on cocoa platforms.
2697
2698         * loader/ResourceLoader.cpp:
2699         (WebCore::ResourceLoader::didSendData):
2700         (WebCore::ResourceLoader::didReceiveResponse):
2701         * loader/ResourceLoader.h:
2702         * loader/appcache/ApplicationCacheGroup.cpp:
2703         (WebCore::ApplicationCacheGroup::createResourceHandle):
2704         (WebCore::ApplicationCacheGroup::didReceiveResponse):
2705         * loader/appcache/ApplicationCacheGroup.h:
2706         * platform/graphics/PlatformMediaResourceLoader.h:
2707         (WebCore::PlatformMediaResourceClient::~PlatformMediaResourceClient):
2708         (WebCore::PlatformMediaResourceClient::responseReceived):
2709         (WebCore::PlatformMediaResourceClient::redirectReceived):
2710         (WebCore::PlatformMediaResourceClient::shouldCacheResponse):
2711         (WebCore::PlatformMediaResourceClient::dataSent):
2712         * platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.h:
2713         * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
2714         (ResourceHandleStreamingClient::willSendRequest):
2715         (ResourceHandleStreamingClient::didReceiveResponse):
2716         * platform/network/BlobResourceHandle.cpp:
2717         (WebCore::BlobResourceHandle::notifyResponseOnSuccess):
2718         (WebCore::BlobResourceHandle::notifyResponseOnError):
2719         (WebCore::BlobResourceHandle::notifyReceiveData):
2720         * platform/network/DataURL.cpp:
2721         (WebCore::handleDataURL):
2722         * platform/network/PingHandle.h:
2723         (WebCore::PingHandle::PingHandle):
2724         * platform/network/ResourceHandleClient.cpp:
2725         (WebCore::ResourceHandleClient::willSendRequestAsync):
2726         (WebCore::ResourceHandleClient::didReceiveResponseAsync):
2727         * platform/network/ResourceHandleClient.h:
2728         (WebCore::ResourceHandleClient::didSendData):
2729         (WebCore::ResourceHandleClient::didReceiveResponse):
2730         (WebCore::ResourceHandleClient::didReceiveData):
2731         * platform/network/ResourceResponseBase.cpp:
2732         (WebCore::ResourceResponseBase::ResourceResponseBase):
2733         (WebCore::ResourceResponseBase::includeCertificateInfo):
2734         (WebCore::ResourceResponseBase::suggestedFilename):
2735         (WebCore::ResourceResponseBase::certificateInfo): Deleted.
2736         * platform/network/ResourceResponseBase.h:
2737         (WebCore::ResourceResponseBase::certificateInfo):
2738         (WebCore::ResourceResponseBase::encode):
2739         (WebCore::ResourceResponseBase::decode):
2740         (WebCore::ResourceResponseBase::containsCertificateInfo): Deleted.
2741         * platform/network/SynchronousLoaderClient.cpp:
2742         (WebCore::SynchronousLoaderClient::canAuthenticateAgainstProtectionSpace):
2743         (WebCore::SynchronousLoaderClient::didReceiveResponse):
2744         (WebCore::SynchronousLoaderClient::didReceiveData):
2745         * platform/network/SynchronousLoaderClient.h:
2746         * platform/network/cf/ResourceHandleCFURLConnectionDelegateWithOperationQueue.cpp:
2747         (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didReceiveResponse):
2748         * platform/network/cf/SynchronousResourceHandleCFURLConnectionDelegate.cpp:
2749         (WebCore::SynchronousResourceHandleCFURLConnectionDelegate::didReceiveResponse):
2750         (WebCore::SynchronousResourceHandleCFURLConnectionDelegate::didReceiveData):
2751         * platform/network/mac/WebCoreResourceHandleAsDelegate.mm:
2752         (-[WebCoreResourceHandleAsDelegate connection:didReceiveResponse:]):
2753         * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:
2754         (-[WebCoreResourceHandleAsOperationQueueDelegate connection:didReceiveResponse:]):
2755         * platform/network/soup/ResourceHandleSoup.cpp:
2756         (WebCore::nextMultipartResponsePartCallback):
2757         (WebCore::sendRequestCallback):
2758
2759 2016-06-09  Ryosuke Niwa  <rniwa@webkit.org>
2760
2761         Add SPI to disable spellchecking on auto-fillable text fields
2762         https://bugs.webkit.org/show_bug.cgi?id=158611
2763
2764         Reviewed by Anders Carlsson.
2765
2766         Added a boolean flag m_isSpellCheckingEnabled to HTMLInputElement. This flag defaults to true, and can be set
2767         to false by WebKit2 C API.
2768
2769         * editing/Editor.cpp:
2770         (WebCore::Editor::isSpellCheckingEnabledFor): Fixed a bug that we were calling isSpellCheckingEnabled on
2771         the div inside an input element's shadow tree instead of the input element itself.
2772         * html/HTMLInputElement.cpp:
2773         (WebCore::HTMLInputElement::HTMLInputElement): Initialize m_spellcheckEnabled to true (it's a bit field).
2774         (WebCore::HTMLInputElement::isSpellCheckingEnabled): Added. Return false if m_spellcheckEnabled is false.
2775         * html/HTMLInputElement.h:
2776         (WebCore::HTMLInputElement::setSpellcheckEnabled): Added.
2777
2778 2016-06-10  Alex Christensen  <achristensen@webkit.org>
2779
2780         Introduce WTF::UniqueRef
2781         https://bugs.webkit.org/show_bug.cgi?id=158596
2782
2783         Reviewed by Brady Eidson.
2784
2785         No new tests.  No change in behavior.
2786
2787         * inspector/InspectorOverlay.cpp:
2788         (WebCore::InspectorOverlay::overlayPage):
2789         * loader/EmptyClients.cpp:
2790         (WebCore::fillWithEmptyClients):
2791         * page/Page.cpp:
2792         (WebCore::Page::Page):
2793         * page/Page.h:
2794         (WebCore::Page::canStartMedia):
2795         (WebCore::Page::editorClient):
2796         (WebCore::Page::plugInClient):
2797         (WebCore::Page::mainFrame):
2798         (WebCore::Page::groupPtr): Deleted.
2799         * page/PageConfiguration.cpp:
2800         (WebCore::PageConfiguration::PageConfiguration):
2801         * page/PageConfiguration.h:
2802         * svg/graphics/SVGImage.cpp:
2803         (WebCore::SVGImage::dataChanged):
2804
2805 2016-06-10  Joseph Pecoraro  <pecoraro@apple.com>
2806
2807         Web Inspector: Cleanup InspectorIndexedDBAgent a bit
2808         https://bugs.webkit.org/show_bug.cgi?id=158598
2809
2810         Reviewed by Darin Adler.
2811
2812         * inspector/InspectorIndexedDBAgent.cpp:
2813
2814 2016-06-10  Youenn Fablet  <youenn.fablet@crf.canon.fr>
2815
2816         Origin header is not included in CORS requests for preloaded cross-origin resources
2817         https://bugs.webkit.org/show_bug.cgi?id=155761
2818         <rdar://problem/25351850>
2819
2820         Reviewed by Alex Christensen.
2821
2822         Making HTML preloader fully aware of crossorigin attribute value.
2823         Introducing CachedResourceRequest::setAsPotentiallyCrossOrigin as a helper routine to activate CORS mode.
2824         Making HTMLLinkElement and HTMLResourcePreloader use that routine.
2825         Making TokenPreloadScanner store the crossorigin attribute value in preload requests.
2826         Making TokenPreloadScanner store the crossorigin attribute value for link elements.
2827
2828         Test: http/tests/security/cross-origin-css-9.html
2829
2830         * html/HTMLLinkElement.cpp:
2831         (WebCore::HTMLLinkElement::process):
2832         * html/parser/HTMLPreloadScanner.cpp:
2833         (WebCore::TokenPreloadScanner::StartTagScanner::createPreloadRequest):
2834         (WebCore::TokenPreloadScanner::StartTagScanner::processAttribute):
2835         * html/parser/HTMLResourcePreloader.cpp:
2836         (WebCore::crossOriginModeAllowsCookies):
2837         (WebCore::PreloadRequest::resourceRequest):
2838         * html/parser/HTMLResourcePreloader.h:
2839         (WebCore::PreloadRequest::setCrossOriginMode):
2840         (WebCore::PreloadRequest::PreloadRequest): Deleted.
2841         (WebCore::PreloadRequest::resourceType): Deleted.
2842         * loader/cache/CachedResourceRequest.cpp:
2843         (WebCore::CachedResourceRequest::setAsPotentiallyCrossOrigin):
2844         * loader/cache/CachedResourceRequest.h:
2845
2846 2016-06-10  Chris Dumez  <cdumez@apple.com>
2847
2848         ErrorEvent / ProgressEvent should be exposed to workers
2849         https://bugs.webkit.org/show_bug.cgi?id=158606
2850
2851         Reviewed by Brady Eidson.
2852
2853         ErrorEvent / ProgressEvent should be exposed to workers:
2854         - https://html.spec.whatwg.org/multipage/webappapis.html#errorevent
2855         - https://xhr.spec.whatwg.org/#interface-progressevent
2856
2857         Firefox and Chrome both already expose those.
2858
2859         No new tests, rebaselined existing test.
2860
2861         * dom/ErrorEvent.idl:
2862         * dom/ProgressEvent.idl:
2863
2864 2016-06-10  Chris Dumez  <cdumez@apple.com>
2865
2866         MessagePort should be exposed to workers
2867         https://bugs.webkit.org/show_bug.cgi?id=158607
2868
2869         Reviewed by Brady Eidson.
2870
2871         MessagePort should be exposed to workers:
2872         https://html.spec.whatwg.org/multipage/comms.html#messageport
2873
2874         Firefox and Chrome both already expose it.
2875
2876         No new tests, rebaselined existing test.
2877
2878         * dom/MessagePort.idl:
2879
2880 2016-06-10  Youenn Fablet  <youenn.fablet@crf.canon.fr>
2881
2882         Move preflight check code outside of DocumentThreadableLoader
2883         https://bugs.webkit.org/show_bug.cgi?id=158425
2884
2885         Reviewed by Darin Adler.
2886
2887         Moving preflight check code in its own class.
2888         This allows code to be easier to read, use/reuse and update.
2889
2890         Behavior should be the same as before except in the case of a preflight response
2891         being a 3XX redirect response.
2892         Before this patch, the 3XX response was directly passed to the code processing regular responses.
2893         To keep compatibility with existing tests, a didFailRedirectCheck callback is called.
2894         This should be change to a preflight failure.
2895
2896         Covered by existing tests.
2897
2898         * CMakeLists.txt:
2899         * WebCore.xcodeproj/project.pbxproj:
2900         * loader/CrossOriginPreflightChecker.cpp: Added.
2901         (WebCore::CrossOriginPreflightChecker::CrossOriginPreflightChecker):
2902         (WebCore::CrossOriginPreflightChecker::~CrossOriginPreflightChecker):
2903         (WebCore::CrossOriginPreflightChecker::handleLoadingFailure):
2904         (WebCore::CrossOriginPreflightChecker::validatePreflightResponse):
2905         (WebCore::CrossOriginPreflightChecker::notifyFinished):
2906         (WebCore::CrossOriginPreflightChecker::startPreflight):
2907         (WebCore::CrossOriginPreflightChecker::doPreflight):
2908         (WebCore::CrossOriginPreflightChecker::redirectReceived):
2909         (WebCore::CrossOriginPreflightChecker::setDefersLoading):
2910         (WebCore::CrossOriginPreflightChecker::isXMLHttpRequest):
2911         * loader/CrossOriginPreflightChecker.h: Added.
2912         * loader/DocumentThreadableLoader.cpp:
2913         (WebCore::DocumentThreadableLoader::create):
2914         (WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequest):
2915         (WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequestWithPreflight):
2916         (WebCore::DocumentThreadableLoader::setDefersLoading):
2917         (WebCore::DocumentThreadableLoader::clearResource):
2918         (WebCore::DocumentThreadableLoader::didReceiveResponse):
2919         (WebCore::DocumentThreadableLoader::didReceiveData):
2920         (WebCore::DocumentThreadableLoader::notifyFinished):
2921         (WebCore::DocumentThreadableLoader::didFinishLoading):
2922         (WebCore::DocumentThreadableLoader::didFail):
2923         (WebCore::DocumentThreadableLoader::preflightSuccess):
2924         (WebCore::DocumentThreadableLoader::preflightFailure):
2925         (WebCore::DocumentThreadableLoader::loadRequest):
2926         (WebCore::DocumentThreadableLoader::responseReceived): Deleted.
2927         (WebCore::DocumentThreadableLoader::dataReceived): Deleted.
2928         (WebCore::DocumentThreadableLoader::isAllowedByContentSecurityPolicy): Deleted.
2929         * loader/DocumentThreadableLoader.h:
2930         (WebCore::DocumentThreadableLoader::options):
2931         (WebCore::DocumentThreadableLoader::isLoading):
2932         (WebCore::DocumentThreadableLoader::document):
2933
2934 2016-06-10  Adam Bergkvist  <adam.bergkvist@ericsson.com>
2935
2936         WebRTC: Imlement MediaEndpointPeerConnection::createAnswer()
2937         https://bugs.webkit.org/show_bug.cgi?id=158566
2938
2939         Reviewed by Eric Carlson.
2940
2941         Add the MediaEndpointPeerConnection implementation of RTCPeerConnection.createAnswer [1].
2942         createAnswer() creates a 'reply' to an remote offer set with setRemoteDescription(),
2943         completes the offer/answer dialog and brings the RTCPeerConnection back to the 'stable'
2944         signaling state.
2945
2946         [1] https://w3c.github.io/webrtc-pc/archives/20160513/webrtc.html#dom-rtcpeerconnection-createanswer
2947
2948         Test: fast/mediastream/RTCPeerConnection-inspect-answer.html
2949
2950         * Modules/mediastream/MediaEndpointPeerConnection.cpp:
2951         (WebCore::MediaEndpointPeerConnection::createOfferTask):
2952         Align creation of RTCSessionDescription with createAnswerTask.
2953         (WebCore::MediaEndpointPeerConnection::createAnswer):
2954         (WebCore::MediaEndpointPeerConnection::createAnswerTask):
2955         Add Implementation.
2956         * Modules/mediastream/MediaEndpointPeerConnection.h:
2957
2958 2016-06-08  Sergio Villar Senin  <svillar@igalia.com>
2959
2960         [css-grid] CRASH when getting the computed style of a grid with only absolutely positioned children
2961         https://bugs.webkit.org/show_bug.cgi?id=158537
2962
2963         Reviewed by Darin Adler.
2964
2965         Absolute positioning occurs after layout of the grid and its in-flow contents, and does not
2966         contribute to the sizing of any grid tracks or affect the size/configuration of the grid in
2967         any way. This means that we should treat as empty any grid whose only children are
2968         absolutely positioned items.
2969
2970         Since r201510 empty grids are no longer internally represented by a 1x1 matrix. As we were
2971         not considering grids-with-only-absolutely-positioned-children as empty, we were trying to
2972         access some invalid position in the internal representation of the grid triggering an ASSERT
2973         in debug builds and a crash in release.
2974
2975         Test: fast/css-grid-layout/grid-only-abspos-item-computed-style-crash.html
2976
2977         * css/CSSComputedStyleDeclaration.cpp:
2978         (WebCore::valueForGridTrackList):
2979
2980 2016-06-10  Chris Dumez  <cdumez@apple.com>
2981
2982         DOMException should be exposed to workers
2983         https://bugs.webkit.org/show_bug.cgi?id=158608
2984
2985         Reviewed by Alex Christensen.
2986
2987         DOMException should be exposed to workers:
2988         https://heycam.github.io/webidl/#es-DOMException-call
2989
2990         Both Firefox and Chrome expose DOMException to workers already.
2991
2992         No new tests, rebaselined existing test.
2993
2994         * dom/DOMCoreException.idl:
2995
2996 2016-06-09  Alex Christensen  <achristensen@webkit.org>
2997
2998         Fix CMake build.
2999
3000         * PlatformMac.cmake:
3001
3002 2016-06-09  Alex Christensen  <achristensen@webkit.org>
3003
3004         Fix AppleWin build after r201901.
3005         https://bugs.webkit.org/show_bug.cgi?id=119839
3006
3007         * platform/graphics/ca/win/PlatformCALayerWin.cpp:
3008         (PlatformCALayerWin::backingStoreAttached):
3009         (PlatformCALayerWin::userInteractionEnabled):
3010         (PlatformCALayerWin::setUserInteractionEnabled):
3011         (PlatformCALayerWin::geometryFlipped):
3012         * platform/graphics/ca/win/PlatformCALayerWin.h:
3013
3014 2016-06-09  Chris Fleizach  <cfleizach@apple.com>
3015
3016         AX: VoiceOver Unable to View Download Progress or Completion Status for Mail Attachments
3017         https://bugs.webkit.org/show_bug.cgi?id=158581
3018
3019         Reviewed by Darin Adler.
3020
3021         Update attachment element accessibility so that:
3022            1) the action name comes first to match UI
3023            2) on iOS, it has the updates frequently trait
3024
3025         Make sure this test now runs on iOS as well.
3026
3027         Modified tests: accessibility/attachment-element.html
3028
3029         * accessibility/AccessibilityAttachment.cpp:
3030         (WebCore::AccessibilityAttachment::accessibilityText):
3031         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
3032         (-[WebAccessibilityObjectWrapper accessibilityCanFuzzyHitTest]):
3033         (-[WebAccessibilityObjectWrapper accessibilityTraits]):
3034         (-[WebAccessibilityObjectWrapper accessibilityValue]):
3035         (-[WebAccessibilityObjectWrapper accessibilityIsAttachmentElement]):
3036         (-[WebAccessibilityObjectWrapper accessibilityIsComboBox]):
3037
3038 2016-06-09  Alex Christensen  <achristensen@webkit.org>
3039
3040         Clean up WebCore.vcxproj after switching to CMake.
3041
3042         * WebCore.vcxproj/QTMovieWin: Removed.
3043         * WebCore.vcxproj/QTMovieWin/QTMovieWinCairoDebug.props: Removed.
3044         * WebCore.vcxproj/QTMovieWin/QTMovieWinCairoRelease.props: Removed.
3045         * WebCore.vcxproj/QTMovieWin/QTMovieWinCommon.props: Removed.
3046         * WebCore.vcxproj/QTMovieWin/QTMovieWinDebug.props: Removed.
3047         * WebCore.vcxproj/QTMovieWin/QTMovieWinPostBuild.cmd: Removed.
3048         * WebCore.vcxproj/QTMovieWin/QTMovieWinPreBuild.cmd: Removed.
3049         * WebCore.vcxproj/QTMovieWin/QTMovieWinPreLink.cmd: Removed.
3050         * WebCore.vcxproj/QTMovieWin/QTMovieWinProduction.props: Removed.
3051         * WebCore.vcxproj/QTMovieWin/QTMovieWinRelease.props: Removed.
3052         * WebCore.vcxproj/xcopy.excludes: Removed.
3053
3054 2016-06-09  Zalan Bujtas  <zalan@apple.com>
3055
3056         Hairline borders do not show up on 3x displays.
3057         https://bugs.webkit.org/show_bug.cgi?id=158604
3058         <rdar://problem/26511679>
3059
3060         Reviewed by Simon Fraser.
3061
3062         On a 3x display, when we convert a 1/3px hairline border from float
3063         to LayoutUnit and pixel floor the result, we end up with a 0px width border.
3064         It's because float to LayoutUnit is lossy and since the current kFixedPointDenominator % 3 != 0,
3065         flooring LayoutUnit(1/3px) ends up being 0px. (float: 1/3 -> LayoutUnit: (1/3 - 1/kFixedPointDenominator) -> floor: 0)
3066         This patch eliminates the (unnecessary) float -> LayoutUnit - float conversion on border width.   
3067
3068         Test: fast/borders/hidpi-3x-input-hairline-border.html
3069
3070         * rendering/BorderEdge.cpp:
3071         (WebCore::BorderEdge::BorderEdge):
3072         * rendering/BorderEdge.h:
3073
3074 2016-06-09  Commit Queue  <commit-queue@webkit.org>
3075
3076         Unreviewed, rolling out r201887.
3077         https://bugs.webkit.org/show_bug.cgi?id=158610
3078
3079         This change caused LayoutTest crashes under GuardMalloc and
3080         ASan (Requested by ryanhaddad on #webkit).
3081
3082         Reverted changeset:
3083
3084         "Deleting a CSSOM style rule invalidates any previously-added
3085         FontFaces"
3086         https://bugs.webkit.org/show_bug.cgi?id=158450
3087         http://trac.webkit.org/changeset/201887
3088
3089 2016-06-09  Chris Dumez  <cdumez@apple.com>
3090
3091         Address Darin's review comment on r201898.
3092         https://bugs.webkit.org/show_bug.cgi?id=158576
3093
3094         Reviewed by Darin Adler.
3095
3096         * page/Base64Utilities.h:
3097
3098 2016-06-09  Antoine Quint  <graouts@apple.com>
3099
3100         [iOS] -webkit-overflow-scrolling: touch; ignores pointer-events: none;
3101         https://bugs.webkit.org/show_bug.cgi?id=119839
3102         <rdar://problem/9671514>
3103
3104         Reviewed by Simon Fraser.
3105
3106         Propagate a "userInteractionEnabled" flag from the Web process which is used to turn off
3107         user interaction on a UIScrollView created for -webkit-overflow-scrolling: touch.
3108
3109         Test: fast/scrolling/ios/touch-scroll-pointer-events-none.html
3110
3111         * platform/graphics/GraphicsLayer.cpp:
3112         (WebCore::GraphicsLayer::GraphicsLayer):
3113         * platform/graphics/GraphicsLayer.h:
3114         (WebCore::GraphicsLayer::userInteractionEnabled):
3115         (WebCore::GraphicsLayer::setUserInteractionEnabled):
3116         * platform/graphics/ca/GraphicsLayerCA.cpp:
3117         (WebCore::GraphicsLayerCA::setUserInteractionEnabled):
3118         (WebCore::GraphicsLayerCA::commitLayerChangesBeforeSublayers):
3119         (WebCore::GraphicsLayerCA::updateUserInteractionEnabled):
3120         * platform/graphics/ca/GraphicsLayerCA.h:
3121         * platform/graphics/ca/PlatformCALayer.h:
3122         * platform/graphics/ca/cocoa/PlatformCALayerCocoa.h:
3123         * platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm:
3124         (PlatformCALayerCocoa::userInteractionEnabled):
3125         (PlatformCALayerCocoa::setUserInteractionEnabled):
3126         * rendering/RenderLayerBacking.cpp:
3127         (WebCore::RenderLayerBacking::updateAfterDescendants):
3128
3129 2016-06-09  Chris Dumez  <cdumez@apple.com>
3130
3131         WorkerNavigator property should exist on WorkerGlobalScope
3132         https://bugs.webkit.org/show_bug.cgi?id=158574
3133         <rdar://problem/26725108>
3134
3135         Reviewed by Darin Adler.
3136
3137         WorkerNavigator property should exist on WorkerGlobalScope:
3138         https://html.spec.whatwg.org/multipage/workers.html#the-workernavigator-object
3139
3140         Fixing this gets the number of failures on http://w3c-test.org/workers/interfaces.worker
3141         from 34 to 23.
3142
3143         No new tests, rebaselined existing test.
3144
3145         * page/WorkerNavigator.idl:
3146
3147 2016-06-09  Chris Dumez  <cdumez@apple.com>
3148
3149         atob() / btoa() API should be exposed to workers
3150         https://bugs.webkit.org/show_bug.cgi?id=158576
3151         <rdar://problem/26729340>
3152
3153         Reviewed by Sam Weinig.
3154
3155         Expose atob() / btoa() API to workers as per:
3156         https://html.spec.whatwg.org/multipage/webappapis.html#windoworworkerglobalscope
3157
3158         This aligns our behavior with Firefox and Chrome as well.
3159
3160         Test: fast/workers/atob-btoa.html
3161
3162         * CMakeLists.txt:
3163         * DerivedSources.cpp:
3164         * DerivedSources.make:
3165         * PlatformMac.cmake:
3166         * WebCore.xcodeproj/project.pbxproj:
3167         * page/Base64Utilities.cpp: Added.
3168         (WebCore::Base64Utilities::btoa):
3169         (WebCore::Base64Utilities::atob):
3170         * page/Base64Utilities.h: Added.
3171         * page/DOMWindow.cpp:
3172         (WebCore::DOMWindow::find): Deleted.
3173         (WebCore::DOMWindow::offscreenBuffering): Deleted.
3174         (WebCore::DOMWindow::outerHeight): Deleted.
3175         (WebCore::DOMWindow::outerWidth): Deleted.
3176         * page/DOMWindow.h:
3177         * page/DOMWindow.idl:
3178         * page/WindowBase64.idl: Removed.
3179         * page/WindowOrWorkerGlobalScope.idl: Renamed from Source/WebCore/page/WindowTimers.idl.
3180         * workers/WorkerGlobalScope.h:
3181         * workers/WorkerGlobalScope.idl:
3182
3183 2016-06-09  John Wilander  <wilander@apple.com>
3184
3185         Restrict HTTP/0.9 responses to default ports and cancel HTTP/0.9 resource loads if the document was loaded with another HTTP protocol
3186         https://bugs.webkit.org/show_bug.cgi?id=158589
3187         <rdar://problem/25757454>
3188
3189         Reviewed by Brent Fulgham.
3190
3191         No new tests. Our layout test environment does not allow for headerless responses
3192         nor does it allow you to set an explicit HTTP/0.9 status header in PHP. I have
3193         manually tested this change with a Python socket setup doing both headerless and
3194         HTTP/0.9 header tests for positive and negative cases.
3195
3196         * loader/DocumentLoader.cpp:
3197         (WebCore::DocumentLoader::responseReceived):
3198             Cancel loads if the request was made to a non-default port.
3199         * loader/ResourceLoader.cpp:
3200         (WebCore::ResourceLoader::didReceiveResponse):
3201             Cancel loads if the request was made to a non-default port or if the document
3202             was loaded with another protocol. Cancelation is handled as a fail so as to
3203             fire the onerror event and allow sites to handle it gracefully.
3204
3205 2016-06-09  Alex Christensen  <achristensen@webkit.org>
3206
3207         Clean up EditorClient lifetime
3208         https://bugs.webkit.org/show_bug.cgi?id=158588
3209
3210         Reviewed by Anders Carlsson.
3211
3212         No new tests.  This patch does two things, all of which do not change behavior:
3213         1. Use a std::unique_ptr<EditorClient> owned by the Page instead of allocating
3214         with new in WebKit/WebKit2 and deleting in WebEditorClient::pageDestroyed.
3215         2. Give the Page a PageConfiguration&& instead of a PageConfiguration& in its constructor.
3216
3217         * inspector/InspectorOverlay.cpp:
3218         (WebCore::InspectorOverlay::overlayPage):
3219         * loader/EmptyClients.cpp:
3220         (WebCore::fillWithEmptyClients):
3221         * loader/EmptyClients.h:
3222         (WebCore::EmptyEditorClient::EmptyEditorClient):
3223         (WebCore::EmptyEditorClient::~EmptyEditorClient):
3224         * page/EditorClient.h:
3225         (WebCore::EditorClient::~EditorClient):
3226         * page/Page.cpp:
3227         (WebCore::Page::Page):
3228         (WebCore::Page::~Page):
3229         (WebCore::Page::setViewMode):
3230         (WebCore::Page::clearUndoRedoOperations):
3231         (WebCore::Page::inLowQualityImageInterpolationMode):
3232         (WebCore::Page::invalidateStylesForAllLinks):
3233         (WebCore::Page::invalidateStylesForLink):
3234         (WebCore::Page::invalidateInjectedStyleSheetCacheInAllFrames):
3235         (WebCore::Page::setDebugger):
3236         (WebCore::Page::setIsVisibleInternal):
3237         (WebCore::Page::setAllowsMediaDocumentInlinePlayback):
3238         * page/Page.h:
3239         (WebCore::Page::canStartMedia):
3240         (WebCore::Page::editorClient):
3241         (WebCore::Page::plugInClient):
3242         (WebCore::Page::mainFrame):
3243         (WebCore::Page::group):
3244         * page/PageConfiguration.cpp:
3245         * page/PageConfiguration.h:
3246         * page/mac/PageMac.mm:
3247         (WebCore::Page::addSchedulePair):
3248         (WebCore::Page::removeSchedulePair):
3249         * svg/graphics/SVGImage.cpp:
3250         (WebCore::SVGImage::dataChanged):
3251
3252 2016-06-09  Joseph Pecoraro  <pecoraro@apple.com>
3253
3254         REGRESSION: Web Inspector: IndexedDB does not show ObjectStore data
3255         https://bugs.webkit.org/show_bug.cgi?id=158592
3256         <rdar://problem/26730696>
3257
3258         Reviewed by Timothy Hatcher.
3259
3260         * inspector/InspectorIndexedDBAgent.cpp:
3261         (WebCore::DataLoader::execute):
3262         Ensure the IDBTransaction is active when attempting to open a cursor.
3263
3264         (WebCore::OpenCursorCallback::handleEvent):
3265         End, when the cursor result is empty, like we do for script results.
3266
3267 2016-06-09  Antoine Quint  <graouts@apple.com>
3268
3269         Changing canvas height immediately after page load does not relayout canvas
3270         https://bugs.webkit.org/show_bug.cgi?id=156097
3271
3272         Reviewed by Zalan Bujtas.
3273
3274         Promote the logic use to identify whether we should perform a layout after a change of
3275         intrinsic size from RenderImage to RenderReplaced such that RenderCanvas may use it
3276         in canvasSizeChanged() and correctly update its layout in the case where the width
3277         or height attribute is updated and there are no explicit sizing performed with CSS.
3278         Additionally, this will also account for the object-fix property to only perform
3279         a layout if necessary.
3280
3281         Test: fast/canvas/canvas-css-size-after-height-change-with-display-flex.html
3282
3283         * rendering/RenderHTMLCanvas.cpp:
3284         (WebCore::RenderHTMLCanvas::canvasSizeChanged):
3285         * rendering/RenderImage.cpp:
3286         (WebCore::RenderImage::repaintOrMarkForLayout):
3287         * rendering/RenderReplaced.cpp:
3288         (WebCore::RenderReplaced::setNeedsLayoutIfNeededAfterIntrinsicSizeChange):
3289         * rendering/RenderReplaced.h:
3290
3291 2016-06-09  Myles C. Maxfield  <mmaxfield@apple.com>
3292
3293         Deleting a CSSOM style rule invalidates any previously-added FontFaces
3294         https://bugs.webkit.org/show_bug.cgi?id=158450
3295
3296         Reviewed by Darin Adler.
3297
3298         This patch has two pieces: updating the CSSOM when the FontFace changes, and
3299         updating the FontFace when the CSSOM changes.
3300
3301         1: Updating the CSSOM when the FontFace changes: CSSFontFaces already have a RefPtr
3302         to their StyleRuleFontFace which represents their CSS-connection. When changing a
3303         property of the CSSFontFace, we simply reach into the StyleRule and update it to
3304         match. Our existing infrastructure of invalidation due to the attribute changes
3305         makes sure that all the necessary updates occur.
3306
3307         2. Updating the FontFace when the CSSOM changes: If the CSSOM changes in a trivial
3308         way (for example, a new @font-face is appended to the end of the last <style>
3309         element), we can handle it directly. However, when something more invasive occurs,
3310         we end up clearing the entire CSSFontSelector, and then adding all the style rules
3311         from scratch. This involves three steps:
3312             a) CSSFontSelector::buildStarted() is run, which means "we're about to start
3313                building up all the @font-face rules from scratch." We take this opportunity
3314                to purge as many fonts as possible. This is valuable because, for example,
3315                this function gets run when the page gets put into the page cache, so we
3316                want to destroy as much as possible. Not everything can be purged, however -
3317                only CSS-connected fonts which have never been inspected by script are
3318                purgeable. We don't allow fonts inspected by script to be purged because
3319                purging might result in a font appearing from JavaScript to transition from
3320                a success -> failure state, which we don't allow.
3321             b) Upon style recalc (possibly asynchronously) CSSFontSelector::addFontFaceRule()
3322                is called for each @font-face rule. We actually detect that we're in the
3323                middle of a style rebuild, and defer this step.
3324             c) When we're done adding all the font face rules, we call
3325                CSSFontSelector::buildCompleted(). This is where we compare the newly built-
3326                up list of font faces with what existed previously (as remembered in
3327                CSSFontSelector::buildStarted()) in order to detect font faces which were
3328                deleted from the document. Fonts which were newly added to the document
3329                are handled naturally.
3330                Fonts which have a property modified on them are created as if they were new.
3331                However, instead of simply adding the CSSFontFace, we search for the existing
3332                CSSFontFace (by CSS connection pointer) and tell the existing FontFace to
3333                adopt this new CSSFontFace. This means that the JavaScript object will just
3334                pick up any newly-written values in the CSSOM. It also means that the
3335                "status" attribute of the JavaScript object is reset, but this is expected
3336                and allowed by the spec. (For example, if you change the "src" attribute of
3337                an @font-face block via the CSSOM, all bets are off when you inspect the
3338                FontFace JS object representing that block.)
3339
3340         Test: fast/text/font-face-set-cssom.html
3341
3342         * css/CSSFontFace.cpp:
3343         (WebCore::CSSFontFace::CSSFontFace):
3344         (WebCore::CSSFontFace::setFamilies):
3345         (WebCore::CSSFontFace::setStyle):
3346         (WebCore::CSSFontFace::setWeight):
3347         (WebCore::CSSFontFace::setUnicodeRange):
3348         (WebCore::CSSFontFace::setVariantLigatures):
3349         (WebCore::CSSFontFace::setVariantPosition):
3350         (WebCore::CSSFontFace::setVariantCaps):
3351         (WebCore::CSSFontFace::setVariantNumeric):
3352         (WebCore::CSSFontFace::setVariantAlternates):
3353         (WebCore::CSSFontFace::setVariantEastAsian):
3354         (WebCore::CSSFontFace::setFeatureSettings):
3355         (WebCore::CSSFontFace::initializeWrapper):
3356         (WebCore::CSSFontFace::wrapper):
3357         (WebCore::CSSFontFace::setWrapper):
3358         (WebCore::CSSFontFace::purgeable):
3359         (WebCore::CSSFontFace::updateStyleIfNeeded):
3360         * css/CSSFontFace.h:
3361         * css/CSSFontFaceSet.cpp:
3362         (WebCore::CSSFontFaceSet::remove):
3363         (WebCore::CSSFontFaceSet::containsCSSConnection):
3364         (WebCore::CSSFontFaceSet::purge):
3365         * css/CSSFontFaceSet.h:
3366         * css/CSSFontSelector.cpp:
3367         (WebCore::CSSFontSelector::buildStarted):
3368         (WebCore::CSSFontSelector::buildCompleted):
3369         (WebCore::CSSFontSelector::addFontFaceRule):
3370         * css/CSSFontSelector.h:
3371         * css/FontFace.cpp:
3372         (WebCore::FontFace::family):
3373         (WebCore::FontFace::style):
3374         (WebCore::FontFace::weight):
3375         (WebCore::FontFace::unicodeRange):
3376         (WebCore::FontFace::variant):
3377         (WebCore::FontFace::featureSettings):
3378         (WebCore::FontFace::adopt):
3379         * css/FontFace.h:
3380
3381 2016-06-09  Andy Estes  <aestes@apple.com>
3382
3383         Define printing{Minimum,Maximum}ShrinkFactor in only one place
3384         https://bugs.webkit.org/show_bug.cgi?id=158580
3385
3386         Reviewed by Tim Horton.
3387
3388         * page/PrintContext.cpp: Removed printingMinimumShrinkFactor and printingMaximumShrinkFactor.
3389         (WebCore::PrintContext::begin): Used minimumShrinkFactor() and maximumShrinkFactor() instead
3390         of printingMinimumShrinkFactor and printingMaximumShrinkFactor.
3391         (WebCore::PrintContext::computeAutomaticScaleFactor): Ditto.
3392         * page/PrintContext.h:
3393         (WebCore::PrintContext::minimumShrinkFactor): Added to return the same value as
3394         printingMinimumShrinkFactor.
3395         (WebCore::PrintContext::maximumShrinkFactor): Added to return the same value as
3396         printingMaximumShrinkFactor.
3397
3398 2016-06-09  Eric Carlson  <eric.carlson@apple.com>
3399
3400         Don't show the caption menu if a video has only forced tracks
3401         https://bugs.webkit.org/show_bug.cgi?id=158573
3402         <rdar://problem/24632384>
3403
3404         Reviewed by Jer Noble.
3405
3406         Test: media/controls/forced-tracks-only.html
3407
3408         * Modules/mediacontrols/mediaControlsApple.js:
3409         (Controller.prototype.updateCaptionButton): Don't show the button of there are no user-selectable
3410           text or audio tracks.
3411
3412         * page/CaptionUserPreferencesMediaAF.cpp:
3413         (WebCore::CaptionUserPreferencesMediaAF::sortedTrackListForMenu): Return an empty Vector if
3414           there are no user-selectable tracks.
3415
3416 2016-06-09  Jer Noble  <jer.noble@apple.com>
3417
3418         Pass through play state and toggle state to the WebPlaybackControlsManager
3419         https://bugs.webkit.org/show_bug.cgi?id=158578
3420         <rdar://problem/25045616>
3421
3422         Reviewed by Beth Dakin.
3423
3424         Pass through the isPlaying portion of setRate() and allow toggling when a model is present.
3425
3426         * platform/mac/WebPlaybackControlsManager.h:
3427         * platform/mac/WebPlaybackControlsManager.mm:
3428         * platform/mac/WebPlaybackSessionInterfaceMac.mm:
3429         (WebCore::WebPlaybackSessionInterfaceMac::setRate):