Crash under WebCore::EventTarget::fireEventListeners
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2018-02-16  Chris Dumez  <cdumez@apple.com>
2
3         Crash under WebCore::EventTarget::fireEventListeners
4         https://bugs.webkit.org/show_bug.cgi?id=182880
5         <rdar://problem/20788804>
6
7         Reviewed by Youenn Fablet.
8
9         Make sure the 'ended' event does not get dispatched on a
10         AudioScheduledSourceNode after ActiveDOMObjects have been stopped.
11
12         Test: webaudio/audiobuffersource-ended-detached-frame.html
13
14         * Modules/webaudio/AudioScheduledSourceNode.cpp:
15         (WebCore::AudioScheduledSourceNode::finish):
16
17 2018-02-16  Jiewen Tan  <jiewen_tan@apple.com>
18
19         [WebAuthN] Implement PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable()
20         https://bugs.webkit.org/show_bug.cgi?id=182771
21         <rdar://problem/36459988>
22
23         Reviewed by Brent Fulgham.
24
25         This patch implements PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable()
26         per https://www.w3.org/TR/webauthn/#isUserVerifyingPlatformAuthenticatorAvailable with some
27         limitations.
28
29         In addition, it changes DeferredPromise to DOMPromiseDeferred<> for all CredentialsManagement
30         and WebAuthN API.
31
32         Test: http/wpt/webauthn/public-key-is-user-verifying-platform-authenticator-available.html
33
34         * Modules/credentialmanagement/CredentialsContainer.cpp:
35         (WebCore::CredentialsContainer::get):
36         (WebCore::CredentialsContainer::store):
37         (WebCore::CredentialsContainer::isCreate):
38         (WebCore::CredentialsContainer::preventSilentAccess const):
39         * Modules/credentialmanagement/CredentialsContainer.h:
40         * Modules/credentialmanagement/CredentialsMessenger.cpp:
41         (WebCore::CredentialsMessenger::addCreationCompletionHandler):
42         Remove a redundant assertion.
43         (WebCore::CredentialsMessenger::addRequestCompletionHandler):
44         Remove a redundant assertion.
45         (WebCore::CredentialsMessenger::addQueryCompletionHandler):
46         (WebCore::CredentialsMessenger::takeQueryCompletionHandler):
47         * Modules/credentialmanagement/CredentialsMessenger.h:
48         * Modules/webauthn/AuthenticatorManager.cpp:
49         (WebCore::AuthenticatorManagerInternal::initTimeoutTimer):
50         (WebCore::AuthenticatorManager::create const):
51         (WebCore::AuthenticatorManager::discoverFromExternalSource const):
52         (WebCore::AuthenticatorManager::isUserVerifyingPlatformAuthenticatorAvailable const):
53         * Modules/webauthn/AuthenticatorManager.h:
54         * Modules/webauthn/PublicKeyCredential.cpp:
55         (WebCore::PublicKeyCredential::isUserVerifyingPlatformAuthenticatorAvailable):
56         * Modules/webauthn/PublicKeyCredential.h:
57         * testing/MockCredentialsMessenger.cpp:
58         (WebCore::MockCredentialsMessenger::isUserVerifyingPlatformAuthenticatorAvailable):
59         (WebCore::MockCredentialsMessenger::isUserVerifyingPlatformAuthenticatorAvailableReply):
60         * testing/MockCredentialsMessenger.h:
61         * testing/MockCredentialsMessenger.idl:
62
63 2018-02-16  Tim Horton  <timothy_horton@apple.com>
64
65         Stop using EXCLUDED_SOURCE_FILE_NAMES for touch and gesture files in WebCore
66         https://bugs.webkit.org/show_bug.cgi?id=182866
67
68         Reviewed by Daniel Bates.
69
70         * Configurations/WebCore.xcconfig:
71         These generated files already have ENABLE() flags around them,
72         so there's no reason to exclude them explicitly.
73
74 2018-02-16  Chris Dumez  <cdumez@apple.com>
75
76         Unreviewed, fix iOS build after r228562.
77
78         * workers/service/server/RegistrationDatabase.cpp:
79         (WebCore::RegistrationDatabase::openSQLiteDatabase):
80
81 2018-02-16  Zalan Bujtas  <zalan@apple.com>
82
83         [RenderTreeBuilder] Move RenderElement::addChild() to RenderTreeBuilder
84         https://bugs.webkit.org/show_bug.cgi?id=182878
85         <rdar://problem/37608349>
86
87         Reviewed by Antti Koivisto.
88
89         This patch removes the last addChild() related mutation logic from the renderers.
90
91         No change in functionality.
92
93         * rendering/RenderElement.cpp:
94         (WebCore::RenderElement::didInsertChild):
95         (WebCore::RenderElement::addChild): Deleted.
96         * rendering/RenderElement.h:
97         (WebCore::RenderElement::isChildAllowed const):
98         * rendering/updating/RenderTreeBuilder.cpp:
99         (WebCore::RenderTreeBuilder::insertChild):
100         (WebCore::RenderTreeBuilder::insertChildToRenderElement):
101         * rendering/updating/RenderTreeBuilder.h:
102         * rendering/updating/RenderTreeBuilderBlock.cpp:
103         (WebCore::RenderTreeBuilder::Block::insertChildIgnoringContinuation):
104         * rendering/updating/RenderTreeBuilderInline.cpp:
105         (WebCore::RenderTreeBuilder::Inline::insertChildIgnoringContinuation):
106         * rendering/updating/RenderTreeBuilderSVG.cpp:
107         (WebCore::RenderTreeBuilder::SVG::insertChild):
108         * rendering/updating/RenderTreeBuilderTable.cpp:
109         (WebCore::RenderTreeBuilder::Table::insertChild):
110
111 2018-02-16  Matt Lewis  <jlewis3@apple.com>
112
113         Unreviewed, rolling out r228546.
114
115         This caused a consistent crash on all macOS WK2 platforms.
116
117         Reverted changeset:
118
119         "Web Inspector: get rid of remaining uses of OptOutput<T>"
120         https://bugs.webkit.org/show_bug.cgi?id=180607
121         https://trac.webkit.org/changeset/228546
122
123 2018-02-16  Youenn Fablet  <youenn@apple.com>
124
125         Log the error message when failing to open the database
126         https://bugs.webkit.org/show_bug.cgi?id=182795
127         <rdar://problem/37592399>
128
129         Unreviewed.
130         Fixing iOS simulator debug build.
131
132         * workers/service/server/RegistrationDatabase.cpp:
133         (WebCore::RegistrationDatabase::openSQLiteDatabase):
134
135 2018-02-16  Fujii Hironori  <Hironori.Fujii@sony.com>
136
137         IndexedDB: Several test crash in when destroying a IDBKeyData
138         https://bugs.webkit.org/show_bug.cgi?id=167576
139
140         Reviewed by Michael Catanzaro.
141
142         IDBKeyDataHashTraits::constructDeletedValue is using operator= to
143         assign deletedValue. But, the value is destructed just before
144         calling constructDeletedValue. You can't use operator= for a
145         destructed value.
146
147         No new tests (Covered by existing tests).
148
149         * Modules/indexeddb/IDBKeyData.h:
150         (WebCore::IDBKeyDataHashTraits::constructDeletedValue):
151         Construct null value before assigning deletedValue.
152
153 2018-02-16  Zalan Bujtas  <zalan@apple.com>
154
155         [RenderTreeBuilder] Move RenderBlock/RenderBlockFlow::addChild() to RenderTreeBuilder
156         https://bugs.webkit.org/show_bug.cgi?id=182862
157         <rdar://problem/37595464>
158
159         Reviewed by Antti Koivisto.
160
161         No change in functionality.
162
163         * rendering/RenderBlock.cpp:
164         (WebCore::RenderBlock::addChild): Deleted.
165         * rendering/RenderBlock.h:
166         * rendering/RenderBlockFlow.cpp:
167         (WebCore::RenderBlockFlow::addChild): Deleted.
168         * rendering/RenderBlockFlow.h:
169         * rendering/updating/RenderTreeBuilder.cpp:
170         (WebCore::RenderTreeBuilder::insertChild):
171         (WebCore::RenderTreeBuilder::insertChildToRenderBlock): Deleted.
172         (WebCore::RenderTreeBuilder::insertChildToRenderBlockFlow): Deleted.
173         * rendering/updating/RenderTreeBuilder.h:
174         * rendering/updating/RenderTreeBuilderBlockFlow.cpp:
175         (WebCore::RenderTreeBuilder::BlockFlow::insertChild):
176         * rendering/updating/RenderTreeBuilderFormControls.cpp:
177         (WebCore::RenderTreeBuilder::FormControls::findOrCreateParentForChild):
178         * rendering/updating/RenderTreeBuilderMathML.cpp:
179         (WebCore::RenderTreeBuilder::MathML::makeFences):
180         (WebCore::RenderTreeBuilder::MathML::insertChild):
181         * rendering/updating/RenderTreeBuilderMultiColumn.cpp:
182         (WebCore::RenderTreeBuilder::MultiColumn::createFragmentedFlow):
183         (WebCore::RenderTreeBuilder::MultiColumn::processPossibleSpannerDescendant):
184         * rendering/updating/RenderTreeBuilderRuby.cpp:
185         (WebCore::RenderTreeBuilder::Ruby::insertChild):
186         (WebCore::RenderTreeBuilder::Ruby::findOrCreateParentForChild):
187         (WebCore::RenderTreeBuilder::Ruby::rubyBaseSafe):
188         * rendering/updating/RenderTreeBuilderSVG.cpp:
189         (WebCore::RenderTreeBuilder::SVG::insertChild):
190
191 2018-02-16  Wenson Hsieh  <wenson_hsieh@apple.com>
192
193         [Extra zoom mode] Add basic support for <input type='date'> using date picker UI
194         https://bugs.webkit.org/show_bug.cgi?id=182847
195         <rdar://problem/35143111>
196
197         Reviewed by Tim Horton.
198
199         Add new localized strings for "month", "day" and "year" as they appear in the date picker.
200
201         * English.lproj/Localizable.strings:
202         * platform/LocalizedStrings.cpp:
203         (WebCore::textInputModeWriteButtonTitle):
204         (WebCore::textInputModeSpeechButtonTitle):
205         (WebCore::datePickerDayLabelTitle):
206         (WebCore::datePickerMonthLabelTitle):
207         (WebCore::datePickerYearLabelTitle):
208         (WebCore::textInputModeWriteButton): Deleted.
209         (WebCore::textInputModeSpeechButton): Deleted.
210         * platform/LocalizedStrings.h:
211
212 2018-02-16  Zan Dobersek  <zdobersek@igalia.com>
213
214         HarfBuzzFace should operate with a FontPlatformData reference
215         https://bugs.webkit.org/show_bug.cgi?id=182863
216
217         Reviewed by Carlos Garcia Campos.
218
219         Instead of keeping a never-null pointer to FontPlatformData,
220         HarfBuzzFace should operate with a FontPlatformData reference.
221
222         * platform/graphics/freetype/FontPlatformDataFreeType.cpp:
223         (WebCore::FontPlatformData::harfBuzzFace const):
224         * platform/graphics/harfbuzz/HarfBuzzFace.cpp:
225         (WebCore::HarfBuzzFace::HarfBuzzFace):
226         * platform/graphics/harfbuzz/HarfBuzzFace.h:
227         * platform/graphics/harfbuzz/HarfBuzzFaceCairo.cpp:
228         (WebCore::HarfBuzzFace::createFace):
229         (WebCore::HarfBuzzFace::createFont):
230
231 2018-02-15  Zalan Bujtas  <zalan@apple.com>
232
233         [RenderTreeBuilder] parent.Render*::addChild() cleanup
234         https://bugs.webkit.org/show_bug.cgi?id=182842
235         <rdar://problem/37585524>
236
237         Reviewed by Antti Koivisto.
238
239         No change in functionality.
240
241         * rendering/updating/RenderTreeBuilderBlock.cpp:
242         (WebCore::RenderTreeBuilder::Block::insertChildIgnoringContinuation):
243         * rendering/updating/RenderTreeBuilderFormControls.cpp:
244         (WebCore::RenderTreeBuilder::FormControls::createInnerRendererIfNeeded):
245         * rendering/updating/RenderTreeBuilderInline.cpp:
246         (WebCore::RenderTreeBuilder::Inline::insertChildIgnoringContinuation):
247         * rendering/updating/RenderTreeBuilderMathML.cpp:
248         (WebCore::RenderTreeBuilder::MathML::makeFences):
249         (WebCore::RenderTreeBuilder::MathML::insertChild):
250         * rendering/updating/RenderTreeBuilderSVG.cpp:
251         (WebCore::RenderTreeBuilder::SVG::insertChild):
252         * rendering/updating/RenderTreeBuilderTable.cpp:
253         (WebCore::RenderTreeBuilder::Table::insertChild):
254
255 2018-02-15  Megan Gardner  <megan_gardner@apple.com>
256
257         Support scrolling for non-editable web-selection and start autoscroll when near screen edges
258         https://bugs.webkit.org/show_bug.cgi?id=182815
259
260         Reviewed by Tim Horton.
261
262         Adjust the position we are autoscrolling to so that when we are close to an edge, we will start autoscrolling
263         while we are still inside the view. Autoscrolling still happens when you drag past the edge of a view.
264
265         No new tests (This is difficult to test in this state, but when we switch assistants, test will also be added).
266
267         * page/EventHandler.h:
268         * page/ios/EventHandlerIOS.mm:
269         (WebCore::EventHandler::startSelectionAutoscroll):
270         (WebCore::EventHandler::cancelSelectionAutoscroll):
271         (WebCore::autoscrollAdjustmentFactorForScreenBoundaries):
272         (WebCore::EventHandler::targetPositionInWindowForSelectionAutoscroll const):
273         (WebCore::EventHandler::startTextAutoscroll): Deleted.
274         (WebCore::EventHandler::cancelTextAutoscroll): Deleted.
275
276 2018-02-15  Youenn Fablet  <youenn@apple.com>
277
278         Log the error message when failing to open the database
279         https://bugs.webkit.org/show_bug.cgi?id=182795
280
281         Reviewed by Chris Dumez.
282
283         No change of behavior.
284         Print the error message as it does not contain any user private information.
285
286         * workers/service/server/RegistrationDatabase.cpp:
287         (WebCore::RegistrationDatabase::openSQLiteDatabase):
288
289 2018-02-15  Zalan Bujtas  <zalan@apple.com>
290
291         [RenderTreeBuilder] Move RenderMenuList::addChild() to RenderTreeBuilder
292         https://bugs.webkit.org/show_bug.cgi?id=182840
293         <rdar://problem/37583638>
294
295         Reviewed by Antti Koivisto.
296
297         No change in functionality.
298
299         * rendering/RenderMenuList.cpp:
300         (RenderMenuList::didInsertChild):
301         (RenderMenuList::addChild): Deleted.
302         * rendering/RenderMenuList.h:
303         * rendering/updating/RenderTreeBuilder.cpp:
304         (WebCore::RenderTreeBuilder::insertChild):
305         * rendering/updating/RenderTreeBuilderFormControls.cpp:
306         (WebCore::RenderTreeBuilder::FormControls::findOrCreateParentForChild):
307         (WebCore::RenderTreeBuilder::FormControls::insertChild):
308         (WebCore::RenderTreeBuilder::FormControls::createInnerRendererIfNeeded): Deleted.
309         * rendering/updating/RenderTreeBuilderFormControls.h:
310
311 2018-02-15  Darin Adler  <darin@apple.com>
312
313         Web Inspector: get rid of remaining uses of OptOutput<T>
314         https://bugs.webkit.org/show_bug.cgi?id=180607
315
316         Reviewed by Brian Burg.
317
318         * inspector/InspectorStyleSheet.cpp:
319         (WebCore::buildSourceRangeObject): Take a const Vector& instead of a Vector*.
320         (WebCore::InspectorStyle::buildObjectForStyle const): Pass lineEndings() instead
321         of lineEndings().get().
322         (WebCore::InspectorStyle::styleWithProperties const): Ditto.
323         (WebCore::InspectorStyleSheet::buildObjectForSelectorList): Ditto.
324         (WebCore::InspectorStyleSheet::lineEndings const): Return a Vector instead of
325         a std::unique_ptr<Vector>.
326         (WebCore::InspectorStyleSheetForInlineStyle::lineEndings const): Ditto.
327         * inspector/InspectorStyleSheet.h: Updated for the above.
328
329         * inspector/agents/InspectorCSSAgent.h: Removed some bogus const.
330         * inspector/agents/InspectorCanvasAgent.cpp: Ditto.
331         * inspector/agents/InspectorCanvasAgent.h: Ditto.
332
333         * inspector/agents/InspectorDOMDebuggerAgent.cpp: Improved type of global strings
334         so we don't waste space with a pointer to the string.
335         (WebCore::InspectorDOMDebuggerAgent::setEventListenerBreakpoint): Removed
336         explicit creation of String, which was wasteful and unnecessary.
337         (WebCore::InspectorDOMDebuggerAgent::setInstrumentationBreakpoint): Ditto.
338         (WebCore::InspectorDOMDebuggerAgent::removeEventListenerBreakpoint): Ditto.
339         (WebCore::InspectorDOMDebuggerAgent::removeInstrumentationBreakpoint): Ditto.
340         (WebCore::InspectorDOMDebuggerAgent::setXHRBreakpoint): Removed bogus const.
341
342         * inspector/agents/InspectorDOMDebuggerAgent.h: Removed bogus const and use
343         final instead of override.
344         * inspector/agents/InspectorPageAgent.cpp: Ditto.
345         * inspector/agents/InspectorPageAgent.h: Ditto.
346
347 2018-02-15  Chris Dumez  <cdumez@apple.com>
348
349         Flaky Test: imported/w3c/web-platform-tests/fetch/api/redirect/redirect-to-dataurl-worker.html
350         https://bugs.webkit.org/show_bug.cgi?id=182270
351         <rdar://problem/36904314>
352
353         Reviewed by Antti Koivisto.
354
355         No new tests, already covered by existing tests that crash flakily on the bots.
356
357         * loader/ThreadableLoaderClientWrapper.h:
358         (WebCore::ThreadableLoaderClientWrapper::ThreadableLoaderClientWrapper):
359         isolate copy the initiator string as this object can be destroyed on a different thread. This was
360         causing the test to flakily crash as well when destroying ThreadLocalData.
361
362         * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.h:
363         * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:
364         (scheduledWithCustomRunLoopMode):
365         (-[WebCoreResourceHandleAsOperationQueueDelegate callFunctionOnMainThread:]):
366         Fix thread safety issue in callFunctionOnMainThread. This function is called from a background thread
367         to get to the main thread. However, it relied on m_handle which would get nullified on the main thread
368         by detachHandle when the ResourceHandle is destroyed. Fix the issue by not relying on m_handle anymore.
369
370         (-[WebCoreResourceHandleAsOperationQueueDelegate initWithHandle:messageQueue:]):
371         (-[WebCoreResourceHandleAsOperationQueueDelegate connection:willSendRequest:redirectResponse:]):
372         (-[WebCoreResourceHandleAsOperationQueueDelegate connection:canAuthenticateAgainstProtectionSpace:]):
373         (-[WebCoreResourceHandleAsOperationQueueDelegate connection:didReceiveResponse:]):
374         (-[WebCoreResourceHandleAsOperationQueueDelegate connection:willCacheResponse:]):
375         - Go back to using autorelease() instead of get() for the returned objects to match the code pre-r224522.
376         - Dispatch the protectedSelf variables that were added in r227073 to the main thread to make sure we do
377           not get destroyed on the background thread when protectedSelf is the last strong reference to self.
378           Destroying the WebCoreResourceHandleAsOperationQueueDelegate on the background safe is unsafe due to
379           its m_messageQueue data member which contains lambdas that may capture anything.
380         - Add a Lock to protect against detachHandle getting called on the main thread and nulling out
381           m_handle / m_requestResult / m_cachedResponseResult while the background thread may be accessing
382           them.
383
384 2018-02-15  Zalan Bujtas  <zalan@apple.com>
385
386         [RenderTreeBuilder] Move RenderTableRow::addChild() to RenderTreeBuilder
387         https://bugs.webkit.org/show_bug.cgi?id=182838
388         <rdar://problem/37580762>
389
390         Reviewed by Antti Koivisto.
391
392         No change in functionality.
393
394         * rendering/RenderTableRow.cpp:
395         (WebCore::RenderTableRow::didInsertTableCell):
396         (WebCore::RenderTableRow::addChild): Deleted.
397         * rendering/RenderTableRow.h:
398         * rendering/updating/RenderTreeBuilder.cpp:
399         (WebCore::RenderTreeBuilder::insertChild):
400         (WebCore::RenderTreeBuilder::insertChildToRenderTableRow): Deleted.
401         * rendering/updating/RenderTreeBuilder.h:
402         * rendering/updating/RenderTreeBuilderTable.cpp:
403         (WebCore::RenderTreeBuilder::Table::insertChild):
404
405 2018-02-15  Antoine Quint  <graouts@apple.com>
406
407         [Web Animations] Ensure that changing the timing model updates styles synchronously
408         https://bugs.webkit.org/show_bug.cgi?id=182836
409
410         Reviewed by Dean Jackson.
411
412         We did not invalidate the timing model when properties of an effect's timing object changed
413         and even when we did invalidate the timing model, we did not update styles on effect targets
414         synchronously, only scheduling such updates for the next animation frame.
415
416         In this patch we expose the effect on the timing object such that changing timing properties
417         can notify the effect of a change in the timing model, which can then be forwarded to the
418         animation (which already informs its timeline, if any).
419
420         Additionally, when an animation's timing model has changed, we now invalidate the effect, which
421         will update styles synchronously.
422
423         This produces a number of progressions in WPT tests.
424
425         * animation/AnimationEffectReadOnly.cpp:
426         (WebCore::AnimationEffectReadOnly::AnimationEffectReadOnly): Set the timing object's effect upon
427         effect construction.
428         (WebCore::AnimationEffectReadOnly::~AnimationEffectReadOnly): Set the timing object's effect to
429         null upon effect destruction.
430         (WebCore::AnimationEffectReadOnly::timingDidChange): Notify the animation (if any) that its timing
431         model changed following a change in the timing properties.
432         * animation/AnimationEffectReadOnly.h: Add a new virtual invalidate() method that subclasses can
433         override to implement invalidation behavior when the animation finds out its timing model changed.
434         * animation/AnimationEffectTimingReadOnly.cpp: Notify the effect when a property changes such
435         that it may notify its animation of a timing model change.
436         (WebCore::AnimationEffectTimingReadOnly::propertyDidChange):
437         (WebCore::AnimationEffectTimingReadOnly::setIterationStart):
438         (WebCore::AnimationEffectTimingReadOnly::setIterations):
439         (WebCore::AnimationEffectTimingReadOnly::setBindingsDuration):
440         (WebCore::AnimationEffectTimingReadOnly::setEasing):
441         (WebCore::AnimationEffectTimingReadOnly::setDelay):
442         (WebCore::AnimationEffectTimingReadOnly::setEndDelay):
443         (WebCore::AnimationEffectTimingReadOnly::setFill):
444         (WebCore::AnimationEffectTimingReadOnly::setIterationDuration):
445         (WebCore::AnimationEffectTimingReadOnly::setDirection):
446         * animation/AnimationEffectTimingReadOnly.h:
447         (WebCore::AnimationEffectTimingReadOnly::setEffect):
448         (WebCore::AnimationEffectTimingReadOnly::setBindingsDelay):
449         (WebCore::AnimationEffectTimingReadOnly::setBindingsEndDelay):
450         (WebCore::AnimationEffectTimingReadOnly::setDelay): Deleted.
451         (WebCore::AnimationEffectTimingReadOnly::setEndDelay): Deleted.
452         (WebCore::AnimationEffectTimingReadOnly::setFill): Deleted.
453         (WebCore::AnimationEffectTimingReadOnly::setIterationDuration): Deleted.
454         (WebCore::AnimationEffectTimingReadOnly::setDirection): Deleted.
455         * animation/AnimationTimeline.cpp: Rename animationTimingModelDidChange() to timingModelDidChange()
456         to align it with the new WebAnimation::timingModelDidChange() method.
457         (WebCore::AnimationTimeline::addAnimation):
458         (WebCore::AnimationTimeline::removeAnimation):
459         (WebCore::AnimationTimeline::setCurrentTime):
460         * animation/AnimationTimeline.h:
461         (WebCore::AnimationTimeline::timingModelDidChange):
462         (WebCore::AnimationTimeline::animationTimingModelDidChange): Deleted.
463         * animation/DocumentTimeline.cpp:
464         (WebCore::DocumentTimeline::timingModelDidChange):
465         (WebCore::DocumentTimeline::updateAnimations):
466         (WebCore::DocumentTimeline::animationTimingModelDidChange): Deleted.
467         * animation/DocumentTimeline.h:
468         * animation/KeyframeEffectReadOnly.cpp:
469         (WebCore::KeyframeEffectReadOnly::invalidate): Override the invalidate() method to perform a synchronous
470         style update in order to ensure that timing properties are accounted for right as they change.
471         * animation/KeyframeEffectReadOnly.h:
472         * animation/WebAnimation.cpp:
473         (WebCore::WebAnimation::timingModelDidChange): Invalidate the effect and notify the timeline of a timing
474         model change when an animation is notified that its timing model has changed.
475         (WebCore::WebAnimation::setStartTime):
476         * animation/WebAnimation.h:
477
478 2018-02-15  Timothy Horton  <timothy_horton@apple.com>
479
480         Fix the build.
481
482         * platform/ios/KeyEventCodesIOS.h:
483
484 2018-02-15  John Wilander  <wilander@apple.com>
485
486         Resource Load Statistics: Make sure WebResourceLoadStatisticsStore::mergeWithDataFromDecoder() can ingest older plist versions and not reset the database
487         https://bugs.webkit.org/show_bug.cgi?id=182812
488         <rdar://problem/37511406>
489
490         Reviewed by Brent Fulgham.
491
492         No new tests. Tested manually between versions of Safari.
493
494         * loader/ResourceLoadStatistics.cpp:
495         (WebCore::ResourceLoadStatistics::decode):
496             Now only expects these fields for model version 11 or higher:
497             - topFrameUniqueRedirectsTo
498             - topFrameUniqueRedirectsFrom
499             - subresourceUniqueRedirectsFrom
500             - timesAccessedAsFirstPartyDueToUserInteraction
501             - timesAccessedAsFirstPartyDueToStorageAccessAPI
502         * loader/ResourceLoadStatistics.h:
503
504 2018-02-15  Tim Horton  <timothy_horton@apple.com>
505
506         Stop using EXCLUDED_SOURCE_FILE_NAMES for actual source files in WebCore
507         https://bugs.webkit.org/show_bug.cgi?id=182822
508
509         Reviewed by Dan Bernstein.
510
511         It's much easier to reason about things if xcconfigs don't apply extra
512         constraints to which source files actually build on a per-platform basis.
513         We should use #ifs instead like we usually do.
514
515         * Configurations/WebCore.xcconfig:
516         * Modules/geolocation/ios/GeolocationPositionIOS.mm:
517         * accessibility/ios/AccessibilityObjectIOS.mm:
518         * accessibility/mac/AXObjectCacheMac.mm:
519         * accessibility/mac/AccessibilityObjectMac.mm:
520         * accessibility/mac/WebAccessibilityObjectWrapperMac.h:
521         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
522         * dom/DataTransferMac.mm:
523         * editing/ios/DictationCommandIOS.cpp:
524         * editing/ios/DictationCommandIOS.h:
525         * editing/ios/EditorIOS.mm:
526         * editing/ios/WebContentReaderIOS.mm:
527         * editing/mac/EditorMac.mm:
528         * editing/mac/WebContentReaderMac.mm:
529         * page/ios/EventHandlerIOS.mm:
530         * page/ios/FrameIOS.mm:
531         * page/mac/EventHandlerMac.mm:
532         * page/scrolling/ios/ScrollingCoordinatorIOS.h:
533         * page/scrolling/ios/ScrollingCoordinatorIOS.mm:
534         * page/scrolling/ios/ScrollingTreeFrameScrollingNodeIOS.mm:
535         * platform/ThreadCheck.h:
536         * platform/audio/ios/AudioDestinationIOS.h:
537         * platform/audio/ios/AudioFileReaderIOS.h:
538         * platform/audio/ios/MediaSessionManagerIOS.h:
539         * platform/graphics/ios/DisplayRefreshMonitorIOS.h:
540         * platform/graphics/ios/DisplayRefreshMonitorIOS.mm:
541         * platform/graphics/ios/FontCacheIOS.mm:
542         * platform/graphics/ios/GraphicsContext3DIOS.h:
543         * platform/graphics/ios/IconIOS.mm:
544         * platform/graphics/mac/ColorMac.h:
545         * platform/graphics/mac/ColorMac.mm:
546         * platform/graphics/mac/DisplayRefreshMonitorMac.cpp:
547         * platform/graphics/mac/DisplayRefreshMonitorMac.h:
548         * platform/graphics/mac/IconMac.mm:
549         * platform/graphics/opengl/GraphicsContext3DOpenGLES.cpp:
550         * platform/ios/CursorIOS.cpp:
551         * platform/ios/DeviceMotionClientIOS.h:
552         * platform/ios/DeviceOrientationClientIOS.h:
553         * platform/ios/EventLoopIOS.mm:
554         * platform/ios/KeyEventCodesIOS.h:
555         * platform/ios/LowPowerModeNotifierIOS.mm:
556         * platform/ios/PasteboardIOS.mm:
557         * platform/ios/PlatformEventFactoryIOS.h:
558         * platform/ios/PlatformEventFactoryIOS.mm:
559         * platform/ios/PlatformPasteboardIOS.mm:
560         * platform/ios/PlatformScreenIOS.mm:
561         * platform/ios/PlatformSpeechSynthesizerIOS.mm:
562         * platform/ios/RemoteCommandListenerIOS.h:
563         * platform/ios/RemoteCommandListenerIOS.mm:
564         * platform/ios/SSLKeyGeneratorIOS.cpp:
565         * platform/ios/ScrollAnimatorIOS.h:
566         * platform/ios/ScrollAnimatorIOS.mm:
567         * platform/ios/ScrollViewIOS.mm:
568         * platform/ios/ScrollbarThemeIOS.h:
569         * platform/ios/ScrollbarThemeIOS.mm:
570         * platform/ios/SystemMemoryIOS.cpp:
571         * platform/ios/ThemeIOS.h:
572         * platform/ios/ThemeIOS.mm:
573         * platform/ios/TileControllerMemoryHandlerIOS.cpp:
574         * platform/ios/TileControllerMemoryHandlerIOS.h:
575         * platform/ios/UserAgentIOS.mm:
576         * platform/ios/ValidationBubbleIOS.mm:
577         * platform/ios/WidgetIOS.mm:
578         * platform/mac/CursorMac.mm:
579         * platform/mac/EventLoopMac.mm:
580         * platform/mac/LocalCurrentGraphicsContext.h:
581         * platform/mac/LocalCurrentGraphicsContext.mm:
582         * platform/mac/NSScrollerImpDetails.h:
583         * platform/mac/NSScrollerImpDetails.mm:
584         * platform/mac/PasteboardMac.mm:
585         * platform/mac/PlatformEventFactoryMac.h:
586         * platform/mac/PlatformEventFactoryMac.mm:
587         * platform/mac/PlatformPasteboardMac.mm:
588         * platform/mac/PlatformScreenMac.mm:
589         * platform/mac/PlatformSpeechSynthesizerMac.mm:
590         * platform/mac/SSLKeyGeneratorMac.mm:
591         * platform/mac/ScrollViewMac.mm:
592         * platform/mac/ScrollbarThemeMac.h:
593         * platform/mac/ScrollbarThemeMac.mm:
594         * platform/mac/ThemeMac.h:
595         * platform/mac/ThemeMac.mm:
596         * platform/mac/ThreadCheck.mm:
597         * platform/mac/UserAgentMac.mm:
598         * platform/mac/WebCoreView.h:
599         * platform/mac/WebCoreView.m:
600         * platform/mac/WidgetMac.mm:
601         * platform/mediastream/ios/CoreAudioCaptureSourceIOS.h:
602         * platform/network/ios/NetworkStateNotifierIOS.mm:
603         * platform/network/ios/WebCoreURLResponseIOS.h:
604         * platform/network/ios/WebCoreURLResponseIOS.mm:
605         * platform/network/mac/NetworkStateNotifierMac.cpp:
606
607 2018-02-15  Zalan Bujtas  <zalan@apple.com>
608
609         [RenderTreeBuilder] Move RenderTableSection::addChild() to RenderTreeBuilder
610         https://bugs.webkit.org/show_bug.cgi?id=182835
611         <rdar://problem/37579191>
612
613         Reviewed by Antti Koivisto.
614
615         No change in functionality.
616
617         * rendering/RenderTableSection.cpp:
618         (WebCore::RenderTableSection::willInsertTableRow):
619         (WebCore::RenderTableSection::addChild): Deleted.
620         * rendering/RenderTableSection.h:
621         * rendering/updating/RenderTreeBuilder.cpp:
622         (WebCore::RenderTreeBuilder::insertChild): Leftover from r228529.
623         (WebCore::RenderTreeBuilder::insertChildToRenderTable): Deleted. Leftover from r228529.
624         (WebCore::RenderTreeBuilder::insertChildToRenderTableSection): Deleted.
625         * rendering/updating/RenderTreeBuilder.h:
626         * rendering/updating/RenderTreeBuilderTable.cpp:
627         (WebCore::RenderTreeBuilder::Table::insertChild):
628
629 2018-02-15  Zalan Bujtas  <zalan@apple.com>
630
631         [RenderTreeBuilder] Move RenderTable::addChild() to RenderTreeBuilder
632         https://bugs.webkit.org/show_bug.cgi?id=182832
633         <rdar://problem/37576362>
634
635         Reviewed by Antti Koivisto.
636
637         No change in functionality.
638
639         * rendering/RenderTable.cpp:
640         (WebCore::RenderTable::willInsertTableColumn):
641         (WebCore::RenderTable::willInsertTableSection):
642         (WebCore::RenderTable::addChild): Deleted.
643         * rendering/RenderTable.h:
644         * rendering/updating/RenderTreeBuilder.cpp:
645         (WebCore::RenderTreeBuilder::insertChild):
646         * rendering/updating/RenderTreeBuilderTable.cpp:
647         (WebCore::RenderTreeBuilder::Table::insertChild):
648
649 2018-02-14  Darin Adler  <darin@apple.com>
650
651         Use std::make_unique instead of explicit calls to new and instead of writing create functions
652         https://bugs.webkit.org/show_bug.cgi?id=182821
653
654         Reviewed by Anders Carlsson.
655
656         * loader/LinkLoader.cpp:
657         (WebCore::createLinkPreloadResourceClient): Use std::make_unique insteadof create functions.
658
659         * loader/LinkPreloadResourceClients.h: Make constructors public, get rid of create functions,
660         make overrides be private and final, get rid of unnecessary public default virtual destructors
661         that the compiler will generate correctly without anything explicit.
662
663         * platform/encryptedmedia/clearkey/CDMClearKey.cpp:
664         (WebCore::CDMFactoryClearKey::createCDM): Use std::make_unique instead of std::unique_ptr/new.
665
666         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
667         (WebCore::MediaPlayerPrivateAVFoundationObjC::MediaPlayerPrivateAVFoundationObjC): Use
668         std::make_unique instead of calling a create function.
669         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
670         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::MediaPlayerPrivateMediaSourceAVFObjC): Ditto.
671         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
672         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::MediaPlayerPrivateMediaStreamAVFObjC): Ditto.
673
674         * platform/graphics/avfoundation/objc/VideoFullscreenLayerManager.h: Made the constructor
675         public and got rid of the create function.
676         * platform/graphics/avfoundation/objc/VideoFullscreenLayerManager.mm:
677         (WebCore::VideoFullscreenLayerManager::create): Deleted.
678
679         * rendering/GridTrackSizingAlgorithm.cpp:
680         (WebCore::GridTrackSizingAlgorithm::computeFlexFactorUnitSize const):
681         Use std::make_unique instead of std::unique_ptr/new.
682
683 2018-02-15  Andy Estes  <aestes@apple.com>
684
685         Finish unifying Apple Pay and Payment Request sources
686         https://bugs.webkit.org/show_bug.cgi?id=182831
687
688         Reviewed by Keith Miller.
689
690         * Sources.txt:
691         * SourcesCocoa.txt:
692         * WebCore.xcodeproj/project.pbxproj:
693
694 2018-02-15  Zan Dobersek  <zdobersek@igalia.com>
695
696         HarfBuzzFace: rework cache entry reference holding
697         https://bugs.webkit.org/show_bug.cgi?id=182828
698
699         Reviewed by Michael Catanzaro.
700
701         Move the FaceCacheEntry and HarfBuzzFaceCache types into the
702         HarfBuzzFace class as CacheEntry and Cache, respectively. The Cache
703         singleton is also moved there.
704
705         In the HarfBuzzFace constructor, we now don't increase the CacheEntry
706         reference, but instead just keep a reference to that object through
707         a RefPtr<CacheEntry> object. We don't need to retrieve the hb_face_t
708         object and the glyph cache HashMap in the constructor anymore, we just
709         retrieve them when necessary through that CacheEntry reference.
710
711         In the destructor, that RefPtr<CacheEntry> object is nulled out before
712         the object in Cache is removed if that's where the final reference is
713         kept.
714
715         * platform/graphics/harfbuzz/HarfBuzzFace.cpp:
716         (WebCore::HarfBuzzFace::CacheEntry::CacheEntry):
717         (WebCore::HarfBuzzFace::CacheEntry::~CacheEntry):
718         (WebCore::HarfBuzzFace::cache):
719         (WebCore::HarfBuzzFace::HarfBuzzFace):
720         (WebCore::HarfBuzzFace::~HarfBuzzFace):
721         (WebCore::HarfBuzzFace::setScriptForVerticalGlyphSubstitution):
722         (WebCore::FaceCacheEntry::create): Deleted.
723         (WebCore::FaceCacheEntry::~FaceCacheEntry): Deleted.
724         (WebCore::FaceCacheEntry::face): Deleted.
725         (WebCore::FaceCacheEntry::glyphCache): Deleted.
726         (WebCore::FaceCacheEntry::FaceCacheEntry): Deleted.
727         (WebCore::harfBuzzFaceCache): Deleted.
728         * platform/graphics/harfbuzz/HarfBuzzFace.h:
729         (WebCore::HarfBuzzFace::CacheEntry::create):
730         (WebCore::HarfBuzzFace::CacheEntry::face):
731         (WebCore::HarfBuzzFace::CacheEntry::glyphCache):
732         * platform/graphics/harfbuzz/HarfBuzzFaceCairo.cpp:
733         (WebCore::harfBuzzGetGlyph):
734         (WebCore::HarfBuzzFace::createFont):
735
736 2018-02-15  Zan Dobersek  <zdobersek@igalia.com>
737
738         FontPlatformData::harfBuzzFace() should return a reference
739         https://bugs.webkit.org/show_bug.cgi?id=182825
740
741         Reviewed by Carlos Garcia Campos.
742
743         Have FontPlatformData::harfBuzzFace() return a reference instead of a
744         pointer, given that the returned HarfBuzzFace object cannot be null.
745
746         Call-sites of FontPlatformData::harfBuzzFace() are adjusted.
747         OpenTypeMathData constructors are also changed to not rely on
748         preprocessor to correctly position the closing brace.
749
750         * platform/graphics/FontPlatformData.h:
751         * platform/graphics/freetype/FontPlatformDataFreeType.cpp:
752         (WebCore::FontPlatformData::harfBuzzFace const):
753         * platform/graphics/harfbuzz/ComplexTextControllerHarfBuzz.cpp:
754         (WebCore::ComplexTextController::collectComplexTextRunsForCharacters):
755         * platform/graphics/opentype/OpenTypeMathData.cpp:
756         (WebCore::OpenTypeMathData::OpenTypeMathData):
757
758 2018-02-15  Jiewen Tan  <jiewen_tan@apple.com>
759
760         [WebAuthN] Revisit the whole async model of task dispatching, timeout and aborting
761         https://bugs.webkit.org/show_bug.cgi?id=181946
762         <rdar://problem/37258262>
763
764         Reviewed by Chris Dumez.
765
766         This patch changes the original async model from a work queue to IPC between WebProcess
767         and UIProcess. Since all authenticator operations must be handled in the UIProcess due
768         to sandboxing, this message passing IPC async model then surpasses the original multi
769         threading model. To cooperate that, a CredentialsMessenger class is then created and
770         all task dispatching code is moved thre.
771
772         As an improvement over existing code, static functions from PublicKeyCredential are
773         moved to AuthenticatorManager. AuthenticatorManager is made as a singleton such that
774         when static functions are called, they could reach the CredentialsMessenger to interact
775         with UIProccess. CredentialsMessenger and AuthenticatorManager are separated so later
776         on when other Credential types are created, they can reuse the same IPC messenger.
777
778         What's more, a mock CredentialsMessenger is then created to mock behaviors of UIProcess
779         for testing purpose.
780
781         Covered by existing tests.
782
783         * DerivedSources.make:
784         * Modules/credentialmanagement/BasicCredential.h:
785         * Modules/credentialmanagement/CredentialsContainer.cpp:
786         (WebCore::CredentialsContainer::CredentialsContainer):
787         (WebCore::CredentialsContainer::doesHaveSameOriginAsItsAncestors):
788         (WebCore::CredentialsContainer::get):
789         (WebCore::CredentialsContainer::isCreate):
790         (WebCore::CredentialsContainer::PendingPromise::PendingPromise): Deleted.
791         (WebCore::CredentialsContainer::dispatchTask): Deleted.
792         * Modules/credentialmanagement/CredentialsContainer.h:
793         (WebCore::CredentialsContainer::PendingPromise::create): Deleted.
794         * Modules/credentialmanagement/CredentialsMessenger.cpp: Added.
795         (WebCore::CredentialsMessenger::exceptionReply):
796         (WebCore::CredentialsMessenger::addCreationCompletionHandler):
797         (WebCore::CredentialsMessenger::takeCreationCompletionHandler):
798         (WebCore::CredentialsMessenger::addRequestCompletionHandler):
799         (WebCore::CredentialsMessenger::takeRequestCompletionHandler):
800         (WebCore::CredentialsMessenger::addQueryCompletionHandler):
801         (WebCore::CredentialsMessenger::takeQueryCompletionHandler):
802         (WebCore::getIdFromAttestationObject):
803         * Modules/credentialmanagement/CredentialsMessenger.h: Added.
804         (WebCore::CreationReturnBundle::CreationReturnBundle):
805         (WebCore::AssertionReturnBundle::AssertionReturnBundle):
806         (WebCore::CredentialsMessenger::weakPtrFactory const):
807         * Modules/webauthn/Authenticator.cpp: Removed.
808         * Modules/webauthn/Authenticator.h: Removed.
809         * Modules/webauthn/AuthenticatorManager.cpp: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.cpp.
810         (WebCore::AuthenticatorManagerInternal::produceClientDataJson):
811         (WebCore::AuthenticatorManagerInternal::produceClientDataJsonHash):
812         (WebCore::AuthenticatorManagerInternal::initTimer):
813         (WebCore::AuthenticatorManagerInternal::didTimerFire):
814         (WebCore::AuthenticatorManager::singleton):
815         (WebCore::AuthenticatorManager::setMessenger):
816         (WebCore::AuthenticatorManager::create const):
817         (WebCore::AuthenticatorManager::discoverFromExternalSource const):
818         * Modules/webauthn/AuthenticatorManager.h: Copied from Source/WebCore/Modules/webauthn/AuthenticatorResponse.h.
819         * Modules/webauthn/AuthenticatorResponse.h:
820         * Modules/webauthn/PublicKeyCredential.cpp:
821         (WebCore::PublicKeyCredentialInternal::produceClientDataJson): Deleted.
822         (WebCore::PublicKeyCredentialInternal::produceClientDataJsonHash): Deleted.
823         (WebCore::PublicKeyCredentialInternal::getIdFromAttestationObject): Deleted.
824         (WebCore::PublicKeyCredential::collectFromCredentialStore): Deleted.
825         (WebCore::PublicKeyCredential::discoverFromExternalSource): Deleted.
826         (WebCore::PublicKeyCredential::store): Deleted.
827         (WebCore::PublicKeyCredential::create): Deleted.
828         (WebCore::PublicKeyCredential::rawId const): Deleted.
829         (WebCore::PublicKeyCredential::response const): Deleted.
830         * Modules/webauthn/PublicKeyCredential.h:
831         * Sources.txt:
832         * WebCore.xcodeproj/project.pbxproj:
833         * testing/Internals.cpp:
834         (WebCore::Internals::Internals):
835         (WebCore::Internals::mockCredentialsMessenger const):
836         * testing/Internals.h:
837         * testing/Internals.idl:
838         * testing/MockCredentialsMessenger.cpp: Added.
839         (WebCore::MockCredentialsMessenger::MockCredentialsMessenger):
840         (WebCore::MockCredentialsMessenger::~MockCredentialsMessenger):
841         (WebCore::MockCredentialsMessenger::setAttestationObject):
842         (WebCore::MockCredentialsMessenger::setAssertionReturnBundle):
843         (WebCore::MockCredentialsMessenger::makeCredential):
844         (WebCore::MockCredentialsMessenger::getAssertion):
845         (WebCore::MockCredentialsMessenger::makeCredentialReply):
846         (WebCore::MockCredentialsMessenger::getAssertionReply):
847         * testing/MockCredentialsMessenger.h: Copied from Source/WebCore/Modules/webauthn/AuthenticatorResponse.h.
848         * testing/MockCredentialsMessenger.idl: Copied from Source/WebCore/Modules/webauthn/AuthenticatorResponse.h.
849
850 2018-02-15  Zalan Bujtas  <zalan@apple.com>
851
852         [RenderTreeBuilder] Move RenderInline/RenderGrid::addChild() to RenderTreeBuilder
853         https://bugs.webkit.org/show_bug.cgi?id=182819
854         <rdar://problem/37558187>
855
856         Reviewed by Antti Koivisto.
857
858         No change in functionality.
859
860         * rendering/RenderGrid.cpp:
861         (WebCore::RenderGrid::addChild): Deleted.
862         * rendering/RenderGrid.h:
863         * rendering/RenderInline.cpp:
864         (WebCore::RenderInline::addChild): Deleted.
865         * rendering/RenderInline.h:
866         * rendering/updating/RenderTreeBuilder.cpp:
867         (WebCore::RenderTreeBuilder::insertChild):
868         (WebCore::RenderTreeBuilder::takeChild): Deleted.
869         * rendering/updating/RenderTreeBuilder.h:
870         * rendering/updating/RenderTreeBuilderRuby.cpp:
871         (WebCore::RenderTreeBuilder::Ruby::findOrCreateParentForChild):
872         * rendering/updating/RenderTreeBuilderSVG.cpp:
873         (WebCore::RenderTreeBuilder::SVG::insertChild):
874
875 2018-02-15  Antoine Quint  <graouts@apple.com>
876
877         [Modern Media Controls] REGRESSION: Inline media controls are not disabled while in fullscreen on iOS
878         https://bugs.webkit.org/show_bug.cgi?id=182830
879         <rdar://problem/37537909>
880
881         Reviewed by Eric Carlson.
882
883         The test media/modern-media-controls/media-controller/ios/media-controller-stop-updates-in-fullscreen.html
884         regressed when fixing webkit.org/b/182668 since we now started only caring about the presence of the "controls"
885         attribute to identify that WebKit media controls should be available.
886
887         We now have a dedicated _shouldControlsBeAvailable() method which more clearly establishes the conditions under
888         which controls should be available and correctly disables them while in fullscreen on iOS, regardless of the
889         "controls" attribute value.
890
891         * Modules/modern-media-controls/media/media-controller.js:
892         (MediaController.prototype._shouldControlsBeAvailable):
893         (MediaController.prototype._updateControlsAvailability):
894
895 2018-02-15  Matt Lewis  <jlewis3@apple.com>
896
897         Unreviewed, rolling out r228495.
898
899         This caused mulitple perf tests to fail consistently.
900
901         Reverted changeset:
902
903         "Resource Load Statistics: Make sure
904         WebResourceLoadStatisticsStore::mergeWithDataFromDecoder() can
905         ingest older plist versions and not reset the database"
906         https://bugs.webkit.org/show_bug.cgi?id=182812
907         https://trac.webkit.org/changeset/228495
908
909 2018-02-15  Zan Dobersek  <zdobersek@igalia.com>
910
911         Clean up HarfBuzzFaceCairo
912         https://bugs.webkit.org/show_bug.cgi?id=182824
913
914         Reviewed by Carlos Garcia Campos.
915
916         Clean up Cairo-specific bits of HarfBuzzFace implementation.
917
918         HarfBuzzFontData is simplified, removing the constructor and turning the
919         cairo_scaled_font_t member into a RefPtr<>, tying the Cairo object's
920         lifetime to the lifetime of the HarfBuzzFontData instance.
921
922         HarfBuzz font callbacks have the HarfBuzzFontData casting cleaned up,
923         casting the user data pointer straight into a HarfBuzzFontData reference
924         that's then used in the functions. HarfBuzzFontData member access is
925         also adjusted.
926
927         HarfBuzzFace::createFace() now references the cairo_scaled_font_t object
928         that is then set as the user data pointer, with the destroy callback
929         that dereferences that object also specified. With hb_face_t being a
930         reference-counted object itself, this ensures the cairo_scaled_font_t
931         object doesn't get destroyed while hb_face_t is still alive.
932
933         In HarfBuzzFace::createFont(), the hb_font_t creation is cleaned up,
934         with a C++ lambda used as the destroy callback.
935
936         * platform/graphics/harfbuzz/HarfBuzzFaceCairo.cpp:
937         (WebCore::harfBuzzGetGlyph):
938         (WebCore::harfBuzzGetGlyphHorizontalAdvance):
939         (WebCore::harfBuzzGetGlyphExtents):
940         (WebCore::harfBuzzCairoGetTable):
941         (WebCore::HarfBuzzFace::createFace):
942         (WebCore::HarfBuzzFace::createFont):
943         (WebCore::HarfBuzzFontData::HarfBuzzFontData): Deleted.
944         (WebCore::destroyHarfBuzzFontData): Deleted.
945
946 2018-02-15  Philippe Normand  <pnormand@igalia.com>
947
948         [GStreamer] WebVTT caps changed in GStreamer 1.14
949         https://bugs.webkit.org/show_bug.cgi?id=182690
950
951         Reviewed by Xabier Rodriguez-Calvar.
952
953         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
954         (WebCore::MediaPlayerPrivateGStreamer::createGSTPlayBin): Use
955         text/vtt caps only for GStreamer versions inferior or equal to
956         1.12. In 1.13 (current git master) the VTT caps format changed to
957         application/x-subtitle-vtt.
958
959 2018-02-15  Zan Dobersek  <zdobersek@igalia.com>
960
961         HarfBuzzFace should not be ref-counted
962         https://bugs.webkit.org/show_bug.cgi?id=182823
963
964         Reviewed by Carlos Garcia Campos.
965
966         The HarfBuzzFace objects shouldn't be copied along in FontPlatformData
967         copy assignment operator, which made it a requirement for that class to
968         be ref-counted. Cairo-based HarfBuzzFace implementation uses the
969         cairo_scaled_font_t object from FontPlatformData internally, but upon
970         FontPlatformData cloning that scaled font object could change, meaning
971         HarfBuzzFace object that's shared with another FontPlatformData object
972         would end up using a different cairo_scaled_font_t object from the one
973         that's been regenerated in the newly-cloned FontPlatformData object.
974
975         Instead of ref-counting the HarfBuzzFace objects, they should be handled
976         in FontPlatformData through std::unique_ptr<>. In the FontPlatformData
977         copy assignment operator, the copy target's m_harfBuzzFace object is
978         nulled out, allowing the next harfBuzzFace() call to construct an
979         object that properly leverages the cairo_scaled_font_t object that could
980         have changed during cloning.
981
982         * platform/graphics/FontPlatformData.h:
983         * platform/graphics/freetype/FontPlatformDataFreeType.cpp:
984         (WebCore::FontPlatformData::operator=):
985         (WebCore::FontPlatformData::harfBuzzFace const):
986         * platform/graphics/harfbuzz/HarfBuzzFace.h:
987         (WebCore::HarfBuzzFace::create): Deleted.
988
989 2018-02-14  Zalan Bujtas  <zalan@apple.com>
990
991         [RenderTreeBuilder] Move RenderMathMLFenced::addChild() to RenderTreeBuilder
992         https://bugs.webkit.org/show_bug.cgi?id=182817
993         <rdar://problem/37556761>
994
995         Reviewed by Antti Koivisto.
996
997         No change in functionality.
998
999         * rendering/mathml/RenderMathMLFenced.cpp:
1000         (WebCore::RenderMathMLFenced::addChild): Deleted.
1001         * rendering/mathml/RenderMathMLFenced.h:
1002         * rendering/updating/RenderTreeBuilder.cpp:
1003         (WebCore::RenderTreeBuilder::insertChild):
1004         (WebCore::RenderTreeBuilder::insertChildToRenderMathMLFenced): Deleted.
1005         * rendering/updating/RenderTreeBuilder.h:
1006         * rendering/updating/RenderTreeBuilderMathML.cpp:
1007         (WebCore::RenderTreeBuilder::MathML::insertChild):
1008
1009 2018-02-14  Antti Koivisto  <antti@apple.com>
1010
1011         Do sibling invalidation on mutation
1012         https://bugs.webkit.org/show_bug.cgi?id=182809
1013
1014         Reviewed by Zalan Bujtas.
1015
1016         We used to invalidate siblings for sibling combinators and nth-pseudo classes during style resolution tree walk.
1017         This would consider any element with invalid style a reason to invalidate siblings too. However we now do
1018         accurate invalidation on class and attribute changes and this approach ends up invalidating too much.
1019
1020         This patch sibling style invalidation to mutation time and removes invalidation code from style resolution tree walk.
1021
1022         * dom/Element.cpp:
1023         (WebCore::invalidateSiblingsIfNeeded):
1024
1025             Helper to invalidate siblings.
1026
1027         (WebCore::Element::invalidateStyle):
1028         (WebCore::Element::invalidateStyleAndLayerComposition):
1029         (WebCore::Element::invalidateStyleForSubtree):
1030         (WebCore::Element::invalidateStyleAndRenderersForSubtree):
1031
1032             Invalidate siblings if needed based on affectsNextSibling/affectedByPreviousSibling bits.
1033
1034         (WebCore::Element::invalidateStyleInternal):
1035         (WebCore::Element::invalidateStyleForSubtreeInternal):
1036
1037             Add "internal" versions that don't invalidate siblings. These are used by StyleInvalidator for accurate invalidation.
1038
1039         * dom/Element.h:
1040         * style/StyleInvalidator.cpp:
1041         (WebCore::Style::Invalidator::invalidateIfNeeded):
1042         (WebCore::Style::Invalidator::invalidateStyle):
1043
1044             Use internal invalidation functions.
1045
1046         * style/StyleTreeResolver.cpp:
1047         (WebCore::Style::resetStyleForNonRenderedDescendants):
1048         (WebCore::Style::TreeResolver::resolveComposedTree):
1049
1050             Remove sibling invalidation.
1051
1052         * style/StyleTreeResolver.h:
1053
1054 2018-02-14  John Wilander  <wilander@apple.com>
1055
1056         Resource Load Statistics: Make sure WebResourceLoadStatisticsStore::mergeWithDataFromDecoder() can ingest older plist versions and not reset the database
1057         https://bugs.webkit.org/show_bug.cgi?id=182812
1058         <rdar://problem/37511406>
1059
1060         Reviewed by Brent Fulgham.
1061
1062         No new tests. Tested manually between versions of Safari.
1063
1064         * loader/ResourceLoadStatistics.cpp:
1065         (WebCore::ResourceLoadStatistics::decode):
1066             Now only expects these fields for model version 11 or higher:
1067             - topFrameUniqueRedirectsTo
1068             - topFrameUniqueRedirectsFrom
1069             - subresourceUniqueRedirectsFrom
1070             - timesAccessedAsFirstPartyDueToUserInteraction
1071             - timesAccessedAsFirstPartyDueToStorageAccessAPI
1072         * loader/ResourceLoadStatistics.h:
1073
1074 2018-02-14  Basuke Suzuki  <Basuke.Suzuki@sony.com>
1075
1076         [WinCairo] Fix several build warnings under WebCore/platform
1077         https://bugs.webkit.org/show_bug.cgi?id=182802
1078
1079         Reviewed by Konstantin Tokarev.
1080
1081         Warning C4101 'fileModificationDate': unreferenced local variable
1082                 Source\WebCore\platform\network\curl\CurlCacheEntry.cpp:279
1083
1084         Warning C4239 nonstandard extension used: 'argument': conversion from 'WTF::String'
1085         to 'WTF::String &'
1086                 Source\WebCore\platform\text\win\LocaleWin.cpp:75
1087                 Source\WebCore\platform\text\win\LocaleWin.cpp:77
1088
1089         Warning C4838 conversion from 'UINT' to 'CLIPFORMAT' requires a narrowing conversion
1090                 Source\WebCore\platform\win\ClipboardUtilitiesWin.cpp:170
1091                 Source\WebCore\platform\win\ClipboardUtilitiesWin.cpp:325
1092                 Source\WebCore\platform\win\ClipboardUtilitiesWin.cpp:332
1093                 Source\WebCore\platform\win\ClipboardUtilitiesWin.cpp:351
1094                 Source\WebCore\platform\win\ClipboardUtilitiesWin.cpp:358
1095                 Source\WebCore\platform\win\ClipboardUtilitiesWin.cpp:366
1096                 Source\WebCore\platform\win\ClipboardUtilitiesWin.cpp:373
1097                 Source\WebCore\platform\win\ClipboardUtilitiesWin.cpp:380
1098                 Source\WebCore\platform\win\ClipboardUtilitiesWin.cpp:387
1099
1100         * platform/network/curl/CurlCacheEntry.cpp:
1101         (WebCore::CurlCacheEntry::parseResponseHeaders):
1102         * platform/text/win/LocaleWin.cpp:
1103         (WebCore::LCIDFromLocaleInternal):
1104         * platform/win/ClipboardUtilitiesWin.cpp:
1105         (WebCore::registerClipboardFormat):
1106         (WebCore::texthtmlFormat):
1107         (WebCore::urlWFormat):
1108         (WebCore::urlFormat):
1109         (WebCore::filenameWFormat):
1110         (WebCore::filenameFormat):
1111         (WebCore::htmlFormat):
1112         (WebCore::smartPasteFormat):
1113         (WebCore::fileDescriptorFormat):
1114         (WebCore::fileContentFormatZero):
1115
1116 2018-02-14  Zalan Bujtas  <zalan@apple.com>
1117
1118         [RenderTreeBuilder] Move RenderSVG*::addChild() to RenderTreeBuilder
1119         https://bugs.webkit.org/show_bug.cgi?id=182811
1120         <rdar://problem/37549714>
1121
1122         Reviewed by Antti Koivisto.
1123
1124         No change in functionality.
1125
1126         * rendering/svg/RenderSVGContainer.cpp:
1127         (WebCore::RenderSVGContainer::addChild): Deleted.
1128         * rendering/svg/RenderSVGContainer.h:
1129         * rendering/svg/RenderSVGInline.cpp:
1130         (WebCore::RenderSVGInline::addChild): Deleted.
1131         * rendering/svg/RenderSVGInline.h:
1132         * rendering/svg/RenderSVGRoot.cpp:
1133         (WebCore::RenderSVGRoot::addChild): Deleted.
1134         * rendering/svg/RenderSVGRoot.h:
1135         * rendering/svg/RenderSVGText.cpp:
1136         (WebCore::RenderSVGText::addChild): Deleted.
1137         * rendering/svg/RenderSVGText.h:
1138         * rendering/updating/RenderTreeBuilder.cpp:
1139         (WebCore::RenderTreeBuilder::insertChild):
1140         (WebCore::RenderTreeBuilder::insertChildToSVGContainer): Deleted.
1141         (WebCore::RenderTreeBuilder::insertChildToSVGInline): Deleted.
1142         (WebCore::RenderTreeBuilder::insertChildToSVGRoot): Deleted.
1143         (WebCore::RenderTreeBuilder::insertChildToSVGText): Deleted.
1144         * rendering/updating/RenderTreeBuilder.h:
1145
1146 2018-02-14  Daniel Bates  <dabates@apple.com>
1147
1148         Disallow cross-origin subresources from asking for credentials
1149         https://bugs.webkit.org/show_bug.cgi?id=182579
1150         <rdar://problem/36162271>
1151
1152         Reviewed by Andy Estes.
1153
1154         Prompts for credentials to load cross-origin subresources are typically seen as unexpected
1155         by a person that navigates to- or interacts with- a web page. The cross-origin and implicit
1156         loading nature of these subresources makes asking for credentials questionable because they
1157         are not being served by the same origin of the page a person explicitly loaded and are not
1158         guaranteed to correspond to an explicit user interaction other than the initial load of the
1159         page. We know that subresources that ask for credentials can be abused as part of a phishing
1160         attack. It seems reasonable to disallow cross-origin subresources from asking for credentials
1161         due to their questionable nature and the risk for abuse. This will also make the behavior
1162         of WebKit match the behavior of Chrome.
1163
1164         Tests: http/tests/media/video-auth-with-allowCrossOriginSubresourcesToAskForCredentials.html
1165                http/tests/security/basic-auth-subresource.html
1166                http/tests/security/mixedContent/insecure-basic-auth-image-allowCrossOriginSubresourcesToAskForCredentials.https.html
1167                http/tests/security/mixedContent/insecure-image-redirects-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials.html
1168                http/tests/security/mixedContent/secure-redirect-to-insecure-redirect-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials.https.html
1169                http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image-allowCrossOriginSubresourcesToAskForCredentials.https.html
1170                http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials.https.html
1171
1172         * loader/ResourceLoader.cpp:
1173         (WebCore::ResourceLoader::isSubresourceLoader const): Formerly non-const.
1174         (WebCore::ResourceLoader::shouldAllowResourceToAskForCredentials const): Added.
1175         (WebCore::ResourceLoader::didBlockAuthenticationChallenge): Emit Web Inspector console message if
1176         the authentication challenge was blocked because the request is cross origin.
1177         (WebCore::ResourceLoader::isAllowedToAskUserForCredentials const): Disallow a cross-origin
1178         request from prompting for credentials.
1179         (WebCore::ResourceLoader::isSubresourceLoader): Deleted; made const.
1180         * loader/ResourceLoader.h:
1181         * loader/SubresourceLoader.cpp:
1182         (WebCore::SubresourceLoader::SubresourceLoader): Update ResourceLoader state so that block cross-origin
1183         subresources from prompting for credentials, if applicable.
1184         (WebCore::SubresourceLoader::isSubresourceLoader const): Formerly non-const.
1185         (WebCore::SubresourceLoader::isSubresourceLoader): Deleted; made const.
1186         * loader/SubresourceLoader.h:
1187         * page/Settings.yaml: Add setting allowCrossOriginSubresourcesToAskForCredentials (defaults: false -
1188         do not allow cross origin subresources to ask for credentials).
1189
1190 2018-02-14  Don Olmstead  <don.olmstead@sony.com>
1191
1192         WebCore headers should not include config.h or PlatformExportMacros.h
1193         https://bugs.webkit.org/show_bug.cgi?id=182799
1194
1195         Reviewed by Darin Adler.
1196
1197         No new tests. No change in behavior.
1198
1199         * Modules/speech/SpeechSynthesis.h:
1200         * bindings/js/JSDOMGlobalObject.h:
1201         * contentextensions/ContentExtensionError.h:
1202         * contentextensions/DFA.h:
1203         * dom/ContextDestructionObserver.h:
1204         * dom/DeviceOrientationClient.h:
1205         * dom/DeviceOrientationData.h:
1206         * editing/cocoa/HTMLConverter.h:
1207         * loader/FrameLoaderStateMachine.h:
1208         * loader/cache/CachedResourceHandle.h:
1209         * page/FrameDestructionObserver.h:
1210         * page/RuntimeEnabledFeatures.h:
1211         * platform/URL.h:
1212         * platform/audio/AudioHardwareListener.h:
1213         * platform/audio/AudioSession.h:
1214         * platform/graphics/Color.h:
1215         * platform/graphics/IntSize.h:
1216         * platform/graphics/transforms/AffineTransform.h:
1217         * platform/graphics/win/LocalWindowsContext.h:
1218         * platform/network/CacheValidation.h:
1219         * platform/network/CredentialBase.h:
1220         * platform/network/ResourceHandleClient.h:
1221         * platform/network/cf/CertificateInfo.h:
1222
1223 2018-02-12  Ryosuke Niwa  <rniwa@webkit.org>
1224
1225         REGRESSION (r223440): Copying & pasting a list from Microsoft Word to TinyMCE fails
1226         https://bugs.webkit.org/show_bug.cgi?id=182564
1227
1228         Reviewed by Wenson Hsieh.
1229
1230         Unfortunately, r228352 was inadaquate to fix copying & pasting of a list item from Microsoft Word into TinyMCE
1231         in older verions of TinyMCE. This patch amends the approach taken by r228352 to make it work across the board
1232         as well as unbreak GMail.
1233
1234         Turns out older versions of TinyMCE can't handle list items when computed styles are added as inline style
1235         declarations by WebKit. To make this work, avoid adding any computed styles as inline styles within mso-list
1236         conditionals as well as any p elements whose style attribute contains "mso-list" property. We would instead
1237         preserve these styles by keeping Microsoft Word's CSS style rules in addition to special @list rules.
1238
1239         In addition, not keeping the style element of Microsoft Word in a head element as done in r228352 causes some
1240         versions of TinyMCE to treat it as regular text, and inserting a bunch of @list rules as user visible text.
1241         To work around this problem, we serialize the style rules as a comment (<!-- ~ -->) within a head element.
1242
1243         Furthermore, when Microsoft Word is in the compatibility mode, it does not generate xmlns:o as the first xmlns
1244         declaration. Generalized the code to detect Microsoft Word's HTML declaration by looking for xmlns:o and xmlns:w
1245         xmls declarations. 
1246
1247         Finally, it turns out that Gmail has its own handling of list items copy & pasted from Microsoft Word, and also
1248         needs this quirks but in the pasted HTML, not the one exposed in getData. As such, this patch also enables the
1249         MSO list quirks in the pasted content as well as the one exposed in getData.
1250
1251         Tests: PasteHTML.PreservesMSOList
1252                PasteHTML.PreservesMSOListInCompatibilityMode
1253                PasteHTML.StripsMSOListWhenMissingMSOHTMLElement
1254                PasteWebArchive.PreservesMSOList
1255                PasteWebArchive.PreservesMSOListInCompatibilityMode
1256                PasteWebArchive.StripsMSOListWhenMissingMSOHTMLElement
1257
1258         * editing/HTMLInterchange.h:
1259         * editing/ReplaceSelectionCommand.cpp:
1260         (WebCore::removeHeadContents): Don't remove the special style element needed for the MSO list quirks since we
1261         don't keep the computed style as inline styles in this case.
1262         * editing/cocoa/WebContentReaderCocoa.mm:
1263         (WebCore::WebContentReader::readWebArchive): Enable the quirks in the pasted content as well as opposed to
1264         just in DataTransfer API exposed to the JavaScript.
1265         (WebCore::WebContentReader::readHTML): Ditto.
1266         * editing/markup.cpp:
1267         (WebCore::shouldPreserveMSOLists): Added. Generalized the logic to detect a Microsoft Word document.
1268         more xmlns declarations.
1269         (WebCore::StyledMarkupAccumulator::shouldPreserveMSOListStyleForElement): Added.
1270         (WebCore::StyledMarkupAccumulator::appendElement): Don't generate the second style element here for elements
1271         with most-list properties. Instead, avoid overriding inline styles with computed styles altogether.
1272         (WebCore::StyledMarkupAccumulator::appendNodeToPreserveMSOList): Include the style rules as well as list rules
1273         and wrap the "style" element in a "head" element to make it compatible with older versions of TinyMCE.
1274
1275 2018-02-14  Dean Jackson  <dino@apple.com>
1276
1277         CrashTracer: com.apple.WebKit.WebContent at com.apple.WebCore: WebCore::HTMLPlugInImageElement::didAddUserAgentShadowRoot + 618
1278         https://bugs.webkit.org/show_bug.cgi?id=182798
1279         <rdar://problem/23337253>
1280
1281         Reviewed by Eric Carlson.
1282
1283         Speculative fix for a crash in HTMLPlugInImageElement::didAddUserAgentShadowRoot.
1284         The guess is that the m_swapRendererTimer is set, and the display state changes to
1285         something that does not require a shadow root, but before the timer fires.
1286         Fix this by ensuring that the timer is reset on every display state change.
1287
1288         * html/HTMLPlugInElement.cpp:
1289         (WebCore::HTMLPlugInElement::setDisplayState): Guard for sets that wouldn't
1290         actually change value, and make sure we always reset the timer.
1291
1292 2018-02-14  Antoine Quint  <graouts@apple.com>
1293
1294         [Modern Media Controls] Don't use arrays as values for localisable strings
1295         https://bugs.webkit.org/show_bug.cgi?id=182791
1296         <rdar://problem/36007262>
1297
1298         Reviewed by Dean Jackson.
1299
1300         Localization tools expect localizable strings to be specified as key-value pairs where both the key and the pair
1301         are plain strings. For the skip buttons, we used an array value to specify a replacement string. We now perform
1302         this task in code with a centralized SkipSeconds constant defining the skip amount.
1303
1304         * English.lproj/modern-media-controls-localized-strings.js:
1305         * Modules/modern-media-controls/controls/icon-service.js:
1306         * Modules/modern-media-controls/main.js:
1307         (UIString):
1308         * Modules/modern-media-controls/media/skip-back-support.js:
1309         (SkipBackSupport.prototype.buttonWasPressed):
1310         * Modules/modern-media-controls/media/skip-forward-support.js:
1311         (SkipForwardSupport.prototype.buttonWasPressed):
1312
1313 2018-02-14  Ryan Haddad  <ryanhaddad@apple.com>
1314
1315         Unreviewed, rolling out r228444.
1316
1317         Introduced API and Layout test failures.
1318
1319         Reverted changeset:
1320
1321         "[WebAuthN] Revisit the whole async model of task dispatching,
1322         timeout and aborting"
1323         https://bugs.webkit.org/show_bug.cgi?id=181946
1324         https://trac.webkit.org/changeset/228444
1325
1326 2018-02-14  Brent Fulgham  <bfulgham@apple.com>
1327
1328         Confirm proper thread in UserGestureIndicator constructor
1329         https://bugs.webkit.org/show_bug.cgi?id=175980
1330
1331         Reviewed by Daniel Bates.
1332
1333         Document is a main-thread object. If we enter the UserGestureIndicator constructor
1334         on a non-main thread, we should ASSERT, not return silently.
1335
1336         * dom/UserGestureIndicator.cpp:
1337         (WebCore::UserGestureIndicator::UserGestureIndicator):
1338
1339 2018-02-14  Zalan Bujtas  <zalan@apple.com>
1340
1341         [RenderTreeBuilder] Remove redundant RenderTreeBuilder methods
1342         https://bugs.webkit.org/show_bug.cgi?id=182770
1343         <rdar://problem/37525627>
1344
1345         Reviewed by Daniel Bates.
1346
1347         No change in functionality.
1348
1349         * rendering/updating/RenderTreeBuilder.cpp:
1350         (WebCore::RenderTreeBuilder::dropAnonymousBoxChild): Deleted.
1351         (WebCore::RenderTreeBuilder::moveRubyChildren): Deleted.
1352         (WebCore::RenderTreeBuilder::resolveMovedChildForMultiColumnFlow): Deleted.
1353         * rendering/updating/RenderTreeBuilder.h:
1354         * rendering/updating/RenderTreeBuilderBlockFlow.cpp:
1355         (WebCore::RenderTreeBuilder::BlockFlow::insertChild):
1356         * rendering/updating/RenderTreeBuilderInline.cpp:
1357         (WebCore::RenderTreeBuilder::Inline::insertChild):
1358         * rendering/updating/RenderTreeBuilderRuby.cpp:
1359         (WebCore::RenderTreeBuilder::Ruby::takeChild):
1360
1361 2018-02-14  Zalan Bujtas  <zalan@apple.com>
1362
1363         [RenderTreeBuilder] Move RenderElement::takeChild() to RenderTreeBuilder
1364         https://bugs.webkit.org/show_bug.cgi?id=182762
1365         <rdar://problem/37523756>
1366
1367         Reviewed by Daniel Bates.
1368
1369         This patch removes the remaining takeChild() related mutation logic from the renderers.
1370
1371         No change in functionality.
1372
1373         * rendering/RenderBoxModelObject.cpp:
1374         (WebCore::RenderBoxModelObject::moveChildTo):
1375         * rendering/RenderElement.cpp:
1376         (WebCore::RenderElement::takeChild): Deleted.
1377         (WebCore::RenderElement::takeChildInternal): Deleted.
1378         * rendering/RenderElement.h:
1379         * rendering/RenderObject.h:
1380         * rendering/updating/RenderTreeBuilder.cpp:
1381         (WebCore::RenderTreeBuilder::takeChild):
1382         (WebCore::RenderTreeBuilder::childFlowStateChangesAndAffectsParentBlock):
1383         (WebCore::RenderTreeBuilder::takeChildFromRenderElement):
1384         * rendering/updating/RenderTreeBuilder.h:
1385         * rendering/updating/RenderTreeBuilderBlock.cpp:
1386         (WebCore::RenderTreeBuilder::Block::removeLeftoverAnonymousBlock):
1387         (WebCore::RenderTreeBuilder::Block::takeChild):
1388         (WebCore::RenderTreeBuilder::Block::dropAnonymousBoxChild):
1389         * rendering/updating/RenderTreeBuilderInline.cpp:
1390         (WebCore::RenderTreeBuilder::Inline::splitFlow):
1391         (WebCore::RenderTreeBuilder::Inline::splitInlines):
1392         (WebCore::RenderTreeBuilder::Inline::childBecameNonInline):
1393         * rendering/updating/RenderTreeBuilderRuby.cpp:
1394         (WebCore::RenderTreeBuilder::Ruby::takeChild):
1395         * rendering/updating/RenderTreeBuilderSVG.cpp:
1396         (WebCore::RenderTreeBuilder::SVG::takeChild): Leftover from the previous patch.
1397
1398 2018-02-13  Antti Koivisto  <antti@apple.com>
1399
1400         REGRESSION(r228313): Membuster | macOS | All Devices | 1.5 MB
1401         https://bugs.webkit.org/show_bug.cgi?id=182744
1402         <rdar://problem/37463770>
1403
1404         Reviewed by Zalan Bujtas.
1405
1406         We need to respect low memory notifications explicitly now that the compiled selectors are not part of RuleData.
1407
1408         * css/StyleRule.cpp:
1409         (WebCore::StyleRule::StyleRule):
1410         * css/StyleRule.h:
1411
1412         Switch to std::unique_ptr<[]> from Vector to avoid unnecessary bloat.
1413
1414         * css/StyleSheetContents.cpp:
1415         (WebCore::traverseRulesInVector):
1416         (WebCore::StyleSheetContents::traverseRules const):
1417
1418         Add a rule traversal function, similar to the existing traverseSubresources.
1419
1420         (WebCore::StyleSheetContents::traverseSubresources const):
1421
1422         Use traverseRules to implement traverseSubresources.
1423
1424         (WebCore::traverseSubresourcesInRules): Deleted.
1425         * css/StyleSheetContents.h:
1426         * page/MemoryRelease.cpp:
1427         (WebCore::releaseCriticalMemory):
1428         * style/StyleScope.cpp:
1429         (WebCore::Style::Scope::releaseMemory):
1430
1431         Release memory for compiled selectors on memory notification.
1432
1433         * style/StyleScope.h:
1434
1435 2018-02-13  Commit Queue  <commit-queue@webkit.org>
1436
1437         Unreviewed, rolling out r228431.
1438         https://bugs.webkit.org/show_bug.cgi?id=182766
1439
1440         Regressed CMake build stability (Requested by dolmstead on
1441         #webkit).
1442
1443         Reverted changeset:
1444
1445         "[CMake] Make WebCore headers copies"
1446         https://bugs.webkit.org/show_bug.cgi?id=182512
1447         https://trac.webkit.org/changeset/228431
1448
1449 2018-02-13  Commit Queue  <commit-queue@webkit.org>
1450
1451         Unreviewed, rolling out r228437, r228439, and r228440.
1452         https://bugs.webkit.org/show_bug.cgi?id=182756
1453
1454         Introduced LayoutTest failures (Requested by ryanhadd_ on
1455         #webkit).
1456
1457         Reverted changesets:
1458
1459         "[Web Animations] Make KeyframeEffect target nullable and
1460         read-write"
1461         https://bugs.webkit.org/show_bug.cgi?id=182741
1462         https://trac.webkit.org/changeset/228437
1463
1464         "Unreviewed attempt to fix build after r228437."
1465         https://trac.webkit.org/changeset/228439
1466
1467         "[Web Animations] Make KeyframeEffect target nullable and
1468         read-write"
1469         https://bugs.webkit.org/show_bug.cgi?id=182741
1470         https://trac.webkit.org/changeset/228440
1471
1472 2018-02-13  Antoine Quint  <graouts@apple.com>
1473
1474         Removing the controls attribute from a <video> element does not tear down the controls shadow DOM nor cancel event listeners.
1475         https://bugs.webkit.org/show_bug.cgi?id=182668
1476         <rdar://problem/33793004>
1477
1478         Reviewed by Jer Noble.
1479
1480         When controls were turned off for inline media players, we would remove all media controls elements from the shadow root,
1481         but we would nevertheless continue to listen to media events and, as a result, update properties of the media controls
1482         which would lead to requestAnimationFrame() calls that would update the detached DOM nodes.
1483
1484         We now only listent to media events if controls are turned on.
1485
1486         * Modules/modern-media-controls/media/controls-visibility-support.js:
1487         (ControlsVisibilitySupport.prototype.enable): Remove the mutation observer from ControlsVisibilitySupport since observing
1488         changes to the controls attribute is now performed directly in MediaController. We need to make sure that we update the
1489         controls however since fadesWhileIdle is turned off in the disable() call to ensure that the auto-hide behavior is disabled
1490         as well.
1491         (ControlsVisibilitySupport.prototype.disable): Disable the auto-hide controller as well.
1492         (ControlsVisibilitySupport.prototype._updateControls): Remove code that has now been moved into MediaController._updateControlsAvailability().
1493         * Modules/modern-media-controls/media/media-controller.js:
1494         (MediaController): Listen to the "play" event on the media so that we call _updateControlsAvailability() in this situation to account for
1495         shouldForceControlsDisplay on MediaControlsHost. We also register for a mutation observer to track when the controls attribute availability
1496         changes in which case we want to call _updateControlsAvailability() as well.
1497         (MediaController.prototype.handleEvent): Call _updateControlsAvailability() instead of _updateiOSFullscreenProperties() which has been renamed
1498         and expanded.
1499         (MediaController.prototype._updateControlsIfNeeded): Call _updateControlsAvailability() after controls have been updated.
1500         (MediaController.prototype._updateControlsAvailability): We now disable supporting media controller objects when we know that controls should
1501         be hidden in all cases except when in fullscreen on macOS.
1502         (MediaController.prototype._updateiOSFullscreenProperties): Deleted.
1503         * Modules/modern-media-controls/media/placard-support.js:
1504         (PlacardSupport.prototype.disable): Only allow the media events required to track when to show placards when in fullscreen since inline media
1505         players need to show the AirPlay and picture-in-picture placards even when controls are disabled.
1506
1507 2018-02-13  Jiewen Tan  <jiewen_tan@apple.com>
1508
1509         [WebAuthN] Revisit the whole async model of task dispatching, timeout and aborting
1510         https://bugs.webkit.org/show_bug.cgi?id=181946
1511         <rdar://problem/37258262>
1512
1513         Reviewed by Chris Dumez.
1514
1515         This patch changes the original async model from a work queue to IPC between WebProcess
1516         and UIProcess. Since all authenticator operations must be handled in the UIProcess due
1517         to sandboxing, this message passing IPC async model then surpasses the original multi
1518         threading model. To cooperate that, a CredentialsMessenger class is then created and
1519         all task dispatching code is moved thre.
1520
1521         As an improvement over existing code, static functions from PublicKeyCredential are
1522         moved to AuthenticatorManager. AuthenticatorManager is made as a singleton such that
1523         when static functions are called, they could reach the CredentialsMessenger to interact
1524         with UIProccess. CredentialsMessenger and AuthenticatorManager are separated so later
1525         on when other Credential types are created, they can reuse the same IPC messenger.
1526
1527         What's more, a mock CredentialsMessenger is then created to mock behaviors of UIProcess
1528         for testing purpose.
1529
1530         Covered by existing tests.
1531
1532         * DerivedSources.make:
1533         * Modules/credentialmanagement/BasicCredential.h:
1534         * Modules/credentialmanagement/CredentialsContainer.cpp:
1535         (WebCore::CredentialsContainer::CredentialsContainer):
1536         (WebCore::CredentialsContainer::doesHaveSameOriginAsItsAncestors):
1537         (WebCore::CredentialsContainer::get):
1538         (WebCore::CredentialsContainer::isCreate):
1539         (WebCore::CredentialsContainer::PendingPromise::PendingPromise): Deleted.
1540         (WebCore::CredentialsContainer::dispatchTask): Deleted.
1541         * Modules/credentialmanagement/CredentialsContainer.h:
1542         (WebCore::CredentialsContainer::PendingPromise::create): Deleted.
1543         * Modules/credentialmanagement/CredentialsMessenger.cpp: Added.
1544         (WebCore::CredentialsMessenger::exceptionReply):
1545         (WebCore::CredentialsMessenger::addCreationCompletionHandler):
1546         (WebCore::CredentialsMessenger::takeCreationCompletionHandler):
1547         (WebCore::CredentialsMessenger::addRequestCompletionHandler):
1548         (WebCore::CredentialsMessenger::takeRequestCompletionHandler):
1549         (WebCore::CredentialsMessenger::addQueryCompletionHandler):
1550         (WebCore::CredentialsMessenger::takeQueryCompletionHandler):
1551         (WebCore::getIdFromAttestationObject):
1552         * Modules/credentialmanagement/CredentialsMessenger.h: Added.
1553         (WebCore::CreationReturnBundle::CreationReturnBundle):
1554         (WebCore::AssertionReturnBundle::AssertionReturnBundle):
1555         (WebCore::CredentialsMessenger::weakPtrFactory const):
1556         * Modules/webauthn/Authenticator.cpp: Removed.
1557         * Modules/webauthn/Authenticator.h: Removed.
1558         * Modules/webauthn/AuthenticatorManager.cpp: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.cpp.
1559         (WebCore::AuthenticatorManagerInternal::produceClientDataJson):
1560         (WebCore::AuthenticatorManagerInternal::produceClientDataJsonHash):
1561         (WebCore::AuthenticatorManagerInternal::initTimer):
1562         (WebCore::AuthenticatorManagerInternal::didTimerFire):
1563         (WebCore::AuthenticatorManager::singleton):
1564         (WebCore::AuthenticatorManager::setMessenger):
1565         (WebCore::AuthenticatorManager::create const):
1566         (WebCore::AuthenticatorManager::discoverFromExternalSource const):
1567         * Modules/webauthn/AuthenticatorManager.h: Copied from Source/WebCore/Modules/webauthn/AuthenticatorResponse.h.
1568         * Modules/webauthn/AuthenticatorResponse.h:
1569         * Modules/webauthn/PublicKeyCredential.cpp:
1570         (WebCore::PublicKeyCredentialInternal::produceClientDataJson): Deleted.
1571         (WebCore::PublicKeyCredentialInternal::produceClientDataJsonHash): Deleted.
1572         (WebCore::PublicKeyCredentialInternal::getIdFromAttestationObject): Deleted.
1573         (WebCore::PublicKeyCredential::collectFromCredentialStore): Deleted.
1574         (WebCore::PublicKeyCredential::discoverFromExternalSource): Deleted.
1575         (WebCore::PublicKeyCredential::store): Deleted.
1576         (WebCore::PublicKeyCredential::create): Deleted.
1577         (WebCore::PublicKeyCredential::rawId const): Deleted.
1578         (WebCore::PublicKeyCredential::response const): Deleted.
1579         * Modules/webauthn/PublicKeyCredential.h:
1580         * Sources.txt:
1581         * WebCore.xcodeproj/project.pbxproj:
1582         * testing/Internals.cpp:
1583         (WebCore::Internals::Internals):
1584         (WebCore::Internals::mockCredentialsMessenger const):
1585         * testing/Internals.h:
1586         * testing/Internals.idl:
1587         * testing/MockCredentialsMessenger.cpp: Added.
1588         (WebCore::MockCredentialsMessenger::setAttestationObject):
1589         (WebCore::MockCredentialsMessenger::setAssertionReturnBundle):
1590         (WebCore::MockCredentialsMessenger::makeCredential):
1591         (WebCore::MockCredentialsMessenger::getAssertion):
1592         (WebCore::MockCredentialsMessenger::makeCredentialReply):
1593         (WebCore::MockCredentialsMessenger::getAssertionReply):
1594         * testing/MockCredentialsMessenger.h: Copied from Source/WebCore/Modules/webauthn/AuthenticatorResponse.h.
1595         * testing/MockCredentialsMessenger.idl: Copied from Source/WebCore/Modules/webauthn/AuthenticatorResponse.h.
1596
1597 2018-02-13  Zalan Bujtas  <zalan@apple.com>
1598
1599         [RenderTreeBuilder] Move RenderBlock::takeChild() to RenderTreeBuilder
1600         https://bugs.webkit.org/show_bug.cgi?id=182746
1601         <rdar://problem/37512871>
1602
1603         Reviewed by Antti Koivisto.
1604
1605         No change in functionality.
1606
1607         * rendering/RenderBlock.cpp:
1608         (WebCore::RenderBlock::takeChild): Deleted.
1609         * rendering/RenderBlock.h:
1610         * rendering/updating/RenderTreeBuilder.cpp:
1611         (WebCore::RenderTreeBuilder::takeChild):
1612         (WebCore::RenderTreeBuilder::takeChildFromRenderMenuList):
1613         (WebCore::RenderTreeBuilder::takeChildFromRenderButton):
1614         (WebCore::RenderTreeBuilder::takeChildFromRenderGrid):
1615         (WebCore::RenderTreeBuilder::takeChildFromRenderBlock): Deleted.
1616         * rendering/updating/RenderTreeBuilder.h:
1617         * rendering/updating/RenderTreeBuilderBlock.cpp:
1618         (WebCore::RenderTreeBuilder::Block::takeChild):
1619
1620 2018-02-13  Antoine Quint  <graouts@apple.com>
1621
1622         [Web Animations] Make KeyframeEffect target nullable and read-write
1623         https://bugs.webkit.org/show_bug.cgi?id=182741
1624
1625         Additional unreviewed attempt to fix build after r228437.
1626
1627         * dom/Element.h:
1628
1629 2018-02-13  Chris Dumez  <cdumez@apple.com>
1630
1631         Unreviewed attempt to fix build after r228437.
1632
1633         * dom/Element.h:
1634
1635 2018-02-13  Antoine Quint  <graouts@apple.com>
1636
1637         [Web Animations] Make KeyframeEffect target nullable and read-write
1638         https://bugs.webkit.org/show_bug.cgi?id=182741
1639
1640         Reviewed by Dean Jackson.
1641
1642         We used to completely disregard null targets, for instance not parsing keyframes, but targets
1643         can be null and are also supposed to be read-write for KeyframeEffect. We now update the IDL
1644         for KeyframeEffect to mark the target property as read-write and update the implementation
1645         to correctly handle null targets by creating a StyleResolver based on the ScriptExecutionContext's
1646         document's document element (the <html> element in practice) and not the target itself, since it
1647         can be null.
1648
1649         This revealed a few issues in our implementation by allowing more WPT tests to run. So we also
1650         ensure that:
1651         
1652         - we don't crash when parsing font-related properties by calling update() on the generated
1653         RenderStyle's FontCascade when parsing keyframes.
1654
1655         - CSS properties are provided as camel-case and not as hyphenated form
1656
1657         - values provided in keyframes dictionaries are only read for valid properties
1658
1659         - styles for effect targets are invalidated as soon as the timing model for that animation
1660         is changed
1661
1662         We also rename AnimationTimeline::animationTimingModelDidChange() to AnimationTimeline::timingModelDidChange()
1663         since the previous name didn't add useful information and we're adding a new WebAnimation::timingModelDidChange()
1664         method, so having the two methods have a similar name made more sense.
1665
1666         * animation/Animatable.idl: Call animate() with a ScriptExecutionContext rather than a ScriptState
1667         so that the ScriptExecutionContext can be passed to the KeyframeEffectReadOnly constructor.
1668         * animation/AnimationEffectReadOnly.h: Add a new invalidate() method, designed to be subclassed, that
1669         is called when the timing model for this effect or owning animation has changed.
1670         * animation/AnimationTimeline.cpp: Rename animationTimingModelDidChange() to timingModelDidChange().
1671         (WebCore::AnimationTimeline::addAnimation):
1672         (WebCore::AnimationTimeline::removeAnimation):
1673         (WebCore::AnimationTimeline::setCurrentTime):
1674         * animation/AnimationTimeline.h: Rename animationTimingModelDidChange() to timingModelDidChange().
1675         (WebCore::AnimationTimeline::timingModelDidChange):
1676         (WebCore::AnimationTimeline::animationTimingModelDidChange): Deleted.
1677         * animation/DocumentTimeline.cpp: Rename animationTimingModelDidChange() to timingModelDidChange().
1678         (WebCore::DocumentTimeline::timingModelDidChange):
1679         (WebCore::DocumentTimeline::updateAnimations):
1680         (WebCore::DocumentTimeline::animationTimingModelDidChange): Deleted.
1681         * animation/DocumentTimeline.h: Rename animationTimingModelDidChange() to timingModelDidChange().
1682         * animation/KeyframeEffect.cpp: Expect a ScriptExecutionContext rather than a ScriptState.
1683         (WebCore::KeyframeEffect::create):
1684         (WebCore::KeyframeEffect::setKeyframes):
1685         * animation/KeyframeEffect.h: Expect a ScriptExecutionContext rather than a ScriptState.
1686         * animation/KeyframeEffect.idl: Expect a ScriptExecutionContext rather than a ScriptState and make the
1687         target property read-write.
1688         * animation/KeyframeEffectReadOnly.cpp:
1689         (WebCore::IDLAttributeNameToAnimationPropertyName): Move this function below CSSPropertyIDToIDLAttributeName
1690         so that it can call that function. We also check that we reject CSS properties that are not provided in
1691         camel-case form (eg. "font-size" vs. "fontSize").
1692         (WebCore::processIterableKeyframes): Only read the JS values if we know that the provided JS property name
1693         maps to a valid CSS property.
1694         (WebCore::KeyframeEffectReadOnly::create): Expect a ScriptExecutionContext rather than a ScriptState.
1695         (WebCore::KeyframeEffectReadOnly::processKeyframes): Expect a ScriptExecutionContext rather than a ScriptState
1696         and use the context's document to get an HTML element to create a StyleResolver. We also call update() on the
1697         generated RenderStyle's FontCascade since otherwise we would hit an ASSERT in FontCascade when parsing font-related
1698         CSS properties.
1699         (WebCore::KeyframeEffectReadOnly::setTarget): Notify the animation that the effect target has changed and invalidate
1700         the style of the new target and the old targets, if any.
1701         (WebCore::KeyframeEffectReadOnly::invalidate): Invalidate the target's style. This method is called by setTarget()
1702         and WebAnimation::timingModelDidChange().
1703         * animation/KeyframeEffectReadOnly.h: Expect a ScriptExecutionContext rather than a ScriptState.
1704         * animation/KeyframeEffectReadOnly.idl: Expect a ScriptExecutionContext rather than a ScriptState.
1705         * animation/WebAnimation.cpp:
1706         (WebCore::WebAnimation::timingModelDidChange): We add this new method such that any place in WebAnimation where we
1707         know the animation's timing model has changed we can invalidate the associated effect, if any, as well as notify
1708         the timeline, if any. We used to only notify the timeline and, as a result, only invalidate the associated effect
1709         in the next display monitor refresh. 
1710         (WebCore::WebAnimation::effectTargetDidChange): This method is called in KeyframeEffectReadOnly::setTarget() to inform
1711         the animation of the previous effect target and the new one upon a target change. This allows us to forward this information
1712         onto the timeline so that we correctly add or remove the targets from the list of animated elements.
1713         (WebCore::WebAnimation::setStartTime):
1714         * animation/WebAnimation.h: Expose the new effectTargetDidChange() and timingModelDidChange() methods.
1715         * dom/Element.cpp: Expect a ScriptExecutionContext rather than a ScriptState.
1716         (WebCore::Element::animate):
1717         * dom/Element.h: Expect a ScriptExecutionContext rather than a ScriptState.
1718
1719 2018-02-13  Antti Koivisto  <antti@apple.com>
1720
1721         Crash when breakpoint hit in unload handler
1722         https://bugs.webkit.org/show_bug.cgi?id=169855
1723         <rdar://problem/28683567>
1724
1725         Reviewed by Daniel Bates.
1726
1727         Test: inspector/debugger/reload-paused.html
1728
1729         CachedRawResource::updateBuffer may generate unload event in client notify callback. If Inspector was
1730         paused, this even would spawn a nested runloop. CachedRawResource::finishLoading would get called in
1731         the nested loop, confusing the DocumentLoader state machine and resulting in crashes later.
1732
1733         * loader/cache/CachedRawResource.cpp:
1734         (WebCore::CachedRawResource::updateBuffer):
1735
1736         - Set a bit when entering the client callback.
1737         - Ensure we don't re-enter updateBuffer.
1738         - If finishLoading got delayed during client callback, do it at the end.
1739
1740         (WebCore::CachedRawResource::finishLoading):
1741
1742         If we are in updateBuffer client callback, save the buffer and bail out.
1743
1744         * loader/cache/CachedRawResource.h:
1745
1746 2018-02-13  Zalan Bujtas  <zalan@apple.com>
1747
1748         [RenderTreeBuilder] Move RenderBlockFlow::takeChild() to RenderTreeBuilder
1749         https://bugs.webkit.org/show_bug.cgi?id=182739
1750         <rdar://problem/37506542>
1751
1752         Reviewed by Antti Koivisto.
1753
1754         No change in functionality.
1755
1756         * rendering/RenderBlockFlow.cpp:
1757         (WebCore::RenderBlockFlow::takeChild): Deleted.
1758         * rendering/RenderBlockFlow.h:
1759         * rendering/updating/RenderTreeBuilder.cpp:
1760         (WebCore::RenderTreeBuilder::takeChild):
1761         (WebCore::RenderTreeBuilder::multiColumnRelativeWillBeRemoved): Deleted.
1762         * rendering/updating/RenderTreeBuilder.h:
1763         * rendering/updating/RenderTreeBuilderBlock.cpp:
1764         (WebCore::RenderTreeBuilder::Block::takeChild):
1765         * rendering/updating/RenderTreeBuilderBlock.h:
1766
1767 2018-02-13  Don Olmstead  <don.olmstead@sony.com>
1768
1769         [CMake] Make WebCore headers copies
1770         https://bugs.webkit.org/show_bug.cgi?id=182512
1771
1772         Reviewed by Keith Miller.
1773
1774         No new tests. No change in behavior.
1775
1776         * CMakeLists.txt:
1777         * PlatformAppleWin.cmake:
1778         * PlatformGTK.cmake:
1779         * PlatformMac.cmake:
1780         * PlatformWPE.cmake:
1781         * PlatformWin.cmake:
1782         * PlatformWinCairo.cmake:
1783         * platform/Cairo.cmake:
1784         * platform/Curl.cmake:
1785         * platform/FreeType.cmake:
1786         * platform/GStreamer.cmake:
1787         * platform/ImageDecoders.cmake:
1788         * platform/TextureMapper.cmake:
1789         * platform/graphics/win/LocalWindowsContext.h:
1790
1791 2018-02-13  Chris Dumez  <cdumez@apple.com>
1792
1793         REGRESSION (r228299): Broke reader mode in Safari
1794         https://bugs.webkit.org/show_bug.cgi?id=182697
1795         <rdar://problem/37399012>
1796
1797         Reviewed by Ryosuke Niwa.
1798
1799         Rework the fix for r228299 to be more targeted. I moved the policy check
1800         cencelation from FrameLoader::stopLoading() to NavigationScheduler::schedule()
1801         when a pending load is cancelled by another load. I have verified that the
1802         sites fixed by r228299 still work with this more limited change. However,
1803         reader mode is now working again.
1804
1805         The issue seems to be that we tell CFNetwork to continue with the load after
1806         receiving the response, even if the client has not responded to the
1807         decidePolicyForNavigationResponse delegate yet. As a result, CFNetwork sends
1808         us the resource data and we may commit the provisional load before receiving
1809         the policy response from the client. When the provisional load is committed,
1810         we call FrameLoader::stopLoading() which after r228299 cancelled pending
1811         policy checks. Because we did not wait for the policy check response to
1812         commit the load, we would cancel it which would make the load fail.
1813
1814         The real fix here would be to make not tell CFNetwork to continue until after
1815         we've received the policy delegate response. However, this is a larger and
1816         riskier change at this point. I will follow-up on this issue.
1817
1818         Covered by new API test.
1819
1820         * loader/FrameLoader.cpp:
1821         (WebCore::FrameLoader::stopLoading):
1822         * loader/NavigationScheduler.cpp:
1823         (WebCore::NavigationScheduler::schedule):
1824
1825 2018-02-13  Zalan Bujtas  <zalan@apple.com>
1826
1827         [RenderTreeBuilder] Move RenderSVG*::takeChild() to RenderTreeBuilder
1828         https://bugs.webkit.org/show_bug.cgi?id=182736
1829         <rdar://problem/37503107>
1830
1831         Reviewed by Antti Koivisto.
1832
1833         No change in functionality.
1834
1835         * rendering/svg/RenderSVGContainer.cpp:
1836         (WebCore::RenderSVGContainer::takeChild): Deleted.
1837         * rendering/svg/RenderSVGContainer.h:
1838         * rendering/svg/RenderSVGInline.cpp:
1839         (WebCore::RenderSVGInline::takeChild): Deleted.
1840         * rendering/svg/RenderSVGInline.h:
1841         * rendering/svg/RenderSVGRoot.cpp:
1842         (WebCore::RenderSVGRoot::takeChild): Deleted.
1843         * rendering/svg/RenderSVGRoot.h:
1844         * rendering/svg/RenderSVGText.cpp:
1845         (WebCore::RenderSVGText::takeChild): Deleted.
1846         * rendering/svg/RenderSVGText.h:
1847         * rendering/updating/RenderTreeBuilder.cpp:
1848         (WebCore::RenderTreeBuilder::takeChild):
1849         * rendering/updating/RenderTreeBuilderSVG.cpp:
1850         (WebCore::RenderTreeBuilder::SVG::takeChild):
1851         * rendering/updating/RenderTreeBuilderSVG.h:
1852
1853 2018-02-13  Zalan Bujtas  <zalan@apple.com>
1854
1855         [RenderTreeBuilder] Move RenderGrid::takeChild() to RenderTreeBuilder
1856         https://bugs.webkit.org/show_bug.cgi?id=182734
1857         <rdar://problem/37500876>
1858
1859         Reviewed by Antti Koivisto.
1860
1861         No change in functionality.
1862
1863         * rendering/RenderGrid.cpp:
1864         (WebCore::RenderGrid::takeChild): Deleted.
1865         * rendering/RenderGrid.h:
1866         * rendering/updating/RenderTreeBuilder.cpp:
1867         (WebCore::RenderTreeBuilder::takeChildFromRenderGrid):
1868         * rendering/updating/RenderTreeBuilder.h:
1869
1870 2018-02-13  Nan Wang  <n_wang@apple.com>
1871
1872         AX: Remove AccessibleNode class
1873         https://bugs.webkit.org/show_bug.cgi?id=182724
1874         <rdar://problem/37486024>
1875
1876         Reviewed by Chris Fleizach.
1877
1878         Removed all the AccessibleNode related code since AOM has
1879         an alternate direction now. 
1880
1881         No new tests. Made sure existing tests don't break.
1882
1883         * CMakeLists.txt:
1884         * DerivedSources.make:
1885         * Sources.txt:
1886         * WebCore.xcodeproj/project.pbxproj:
1887         * accessibility/AXObjectCache.cpp:
1888         (WebCore::AXObjectCache::findModalNodes):
1889         (WebCore::nodeHasRole):
1890         (WebCore::AXObjectCache::handleLiveRegionCreated):
1891         (WebCore::AXObjectCache::handleMenuItemSelected):
1892         (WebCore::AXObjectCache::handleModalChange):
1893         (WebCore::isNodeAriaVisible):
1894         * accessibility/AccessibilityARIAGrid.cpp:
1895         (WebCore::AccessibilityARIAGrid::isMultiSelectable const):
1896         * accessibility/AccessibilityARIAGridCell.cpp:
1897         (WebCore::AccessibilityARIAGridCell::readOnlyValue const):
1898         * accessibility/AccessibilityAllInOne.cpp:
1899         * accessibility/AccessibilityImageMapLink.cpp:
1900         (WebCore::AccessibilityImageMapLink::roleValue const):
1901         (WebCore::AccessibilityImageMapLink::accessibilityDescription const):
1902         * accessibility/AccessibilityListBoxOption.cpp:
1903         (WebCore::AccessibilityListBoxOption::isEnabled const):
1904         (WebCore::AccessibilityListBoxOption::stringValue const):
1905         * accessibility/AccessibilityNodeObject.cpp:
1906         (WebCore::AccessibilityNodeObject::isEnabled const):
1907         (WebCore::AccessibilityNodeObject::isPressed const):
1908         (WebCore::AccessibilityNodeObject::isChecked const):
1909         (WebCore::AccessibilityNodeObject::isMultiSelectable const):
1910         (WebCore::AccessibilityNodeObject::isRequired const):
1911         (WebCore::AccessibilityNodeObject::headingLevel const):
1912         (WebCore::AccessibilityNodeObject::valueDescription const):
1913         (WebCore::AccessibilityNodeObject::valueForRange const):
1914         (WebCore::AccessibilityNodeObject::maxValueForRange const):
1915         (WebCore::AccessibilityNodeObject::minValueForRange const):
1916         (WebCore::AccessibilityNodeObject::ariaAccessibilityDescription const):
1917         (WebCore::siblingWithAriaRole):
1918         (WebCore::AccessibilityNodeObject::textForLabelElement const):
1919         (WebCore::AccessibilityNodeObject::alternativeText const):
1920         (WebCore::AccessibilityNodeObject::alternativeTextForWebArea const):
1921         (WebCore::AccessibilityNodeObject::hierarchicalLevel const):
1922         (WebCore::shouldUseAccessibilityObjectInnerText):
1923         (WebCore::AccessibilityNodeObject::stringValue const):
1924         (WebCore::accessibleNameForNode):
1925         (WebCore::AccessibilityNodeObject::determineAriaRoleAttribute const):
1926         * accessibility/AccessibilityObject.cpp:
1927         (WebCore::AccessibilityObject::readOnlyValue const):
1928         (WebCore::AccessibilityObject::supportsAutoComplete const):
1929         (WebCore::AccessibilityObject::autoCompleteValue const):
1930         (WebCore::AccessibilityObject::ariaIsMultiline const):
1931         (WebCore::AccessibilityObject::invalidStatus const):
1932         (WebCore::AccessibilityObject::supportsCurrent const):
1933         (WebCore::AccessibilityObject::currentState const):
1934         (WebCore::AccessibilityObject::roleDescription const):
1935         (WebCore::AccessibilityObject::keyShortcutsValue const):
1936         (WebCore::AccessibilityObject::placeholderValue const):
1937         (WebCore::AccessibilityObject::supportsARIAAttributes const):
1938         (WebCore::AccessibilityObject::sortDirection const):
1939         (WebCore::AccessibilityObject::supportsHasPopup const):
1940         (WebCore::AccessibilityObject::hasPopupValue const):
1941         (WebCore::AccessibilityObject::supportsSetSize const):
1942         (WebCore::AccessibilityObject::supportsPosInSet const):
1943         (WebCore::AccessibilityObject::setSize const):
1944         (WebCore::AccessibilityObject::posInSet const):
1945         (WebCore::AccessibilityObject::supportsPressed const):
1946         (WebCore::AccessibilityObject::supportsExpanded const):
1947         (WebCore::AccessibilityObject::isExpanded const):
1948         (WebCore::AccessibilityObject::checkboxOrRadioValue const):
1949         (WebCore::AccessibilityObject::pressedIsPresent const):
1950         (WebCore::AccessibilityObject::isAXHidden const):
1951         (WebCore::AccessibilityObject::ariaActiveDescendantReferencingElements const):
1952         (WebCore::AccessibilityObject::ariaDetailsElements const):
1953         (WebCore::AccessibilityObject::ariaDetailsReferencingElements const):
1954         (WebCore::AccessibilityObject::ariaErrorMessageElements const):
1955         (WebCore::AccessibilityObject::ariaErrorMessageReferencingElements const):
1956         (WebCore::AccessibilityObject::setIsIgnoredFromParentDataForChild):
1957         (WebCore::AccessibilityObject::hasProperty const): Deleted.
1958         (WebCore::AccessibilityObject::stringValueForProperty const): Deleted.
1959         (WebCore::AccessibilityObject::boolValueForProperty const): Deleted.
1960         (WebCore::AccessibilityObject::intValueForProperty const): Deleted.
1961         (WebCore::AccessibilityObject::unsignedValueForProperty const): Deleted.
1962         (WebCore::AccessibilityObject::doubleValueForProperty const): Deleted.
1963         (WebCore::AccessibilityObject::elementValueForProperty const): Deleted.
1964         (WebCore::AccessibilityObject::elementsFromProperty const): Deleted.
1965         (WebCore::AccessibilityObject::elementsReferencedByProperty const): Deleted.
1966         * accessibility/AccessibilityObject.h:
1967         * accessibility/AccessibilityRenderObject.cpp:
1968         (WebCore::AccessibilityRenderObject::stringValue const):
1969         (WebCore::AccessibilityRenderObject::exposesTitleUIElement const):
1970         (WebCore::AccessibilityRenderObject::defaultObjectInclusion const):
1971         (WebCore::AccessibilityRenderObject::isSelected const):
1972         (WebCore::AccessibilityRenderObject::activeDescendant const):
1973         (WebCore::AccessibilityRenderObject::determineAccessibilityRole):
1974         (WebCore::AccessibilityRenderObject::orientation const):
1975         (WebCore::AccessibilityRenderObject::canSetExpandedAttribute const):
1976         (WebCore::AccessibilityRenderObject::liveRegionStatus const):
1977         (WebCore::AccessibilityRenderObject::liveRegionRelevant const):
1978         (WebCore::AccessibilityRenderObject::liveRegionAtomic const):
1979         (WebCore::AccessibilityRenderObject::isBusy const):
1980         * accessibility/AccessibilityTable.cpp:
1981         (WebCore::AccessibilityTable::isDataTable const):
1982         (WebCore::AccessibilityTable::axColumnCount const):
1983         (WebCore::AccessibilityTable::axRowCount const):
1984         * accessibility/AccessibilityTableCell.cpp:
1985         (WebCore::AccessibilityTableCell::axColumnIndex const):
1986         (WebCore::AccessibilityTableCell::axRowIndex const):
1987         (WebCore::AccessibilityTableCell::axColumnSpan const):
1988         (WebCore::AccessibilityTableCell::axRowSpan const):
1989         * accessibility/AccessibilityTableRow.cpp:
1990         (WebCore::AccessibilityTableRow::axColumnIndex const):
1991         (WebCore::AccessibilityTableRow::axRowIndex const):
1992         * accessibility/AccessibleNode.cpp: Removed.
1993         * accessibility/AccessibleNode.h: Removed.
1994         * accessibility/AccessibleNode.idl: Removed.
1995         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
1996         (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):
1997         * bindings/js/WebCoreBuiltinNames.h:
1998         * dom/Element.cpp:
1999         (WebCore::Element::canContainRangeEndPoint const):
2000         (WebCore::Element::accessibleNode): Deleted.
2001         (WebCore::Element::existingAccessibleNode const): Deleted.
2002         * dom/Element.h:
2003         * dom/Element.idl:
2004         * dom/ElementRareData.cpp:
2005         * dom/ElementRareData.h:
2006         (WebCore::ElementRareData::accessibleNode const): Deleted.
2007         (WebCore::ElementRareData::setAccessibleNode): Deleted.
2008         * editing/TextIterator.cpp:
2009         (WebCore::isRendererReplacedElement):
2010         * rendering/RenderMenuList.cpp:
2011         (RenderMenuList::itemAccessibilityText const):
2012
2013 2018-02-13  Zalan Bujtas  <zalan@apple.com>
2014
2015         [RenderTreeBuilder] Move RenderButton::takeChild() to RenderTreeBuilder
2016         https://bugs.webkit.org/show_bug.cgi?id=182732
2017         <rdar://problem/37500564>
2018
2019         Reviewed by Antti Koivisto.
2020
2021         No change of functionality.
2022
2023         * rendering/RenderButton.cpp:
2024         (WebCore::RenderButton::setInnerRenderer):
2025         (WebCore::RenderButton::takeChild): Deleted.
2026         * rendering/RenderButton.h:
2027         * rendering/updating/RenderTreeBuilder.cpp:
2028         (WebCore::RenderTreeBuilder::takeChildFromRenderButton):
2029         * rendering/updating/RenderTreeBuilder.h:
2030
2031 2018-02-13  Alicia Boya GarcĂ­a  <aboya@igalia.com>
2032
2033         [Gstreamer][MSE] Add string representation for GStreamerMediaSample
2034         https://bugs.webkit.org/show_bug.cgi?id=180262
2035
2036         Reviewed by Xabier Rodriguez-Calvar.
2037
2038         * platform/graphics/gstreamer/mse/GStreamerMediaSample.cpp:
2039         (WebCore::GStreamerMediaSample::offsetTimestampsBy):
2040         * platform/graphics/gstreamer/mse/GStreamerMediaSample.h:
2041
2042 2018-02-12  Chris Fleizach  <cfleizach@apple.com>
2043
2044         AX: defer focusedUIElement notifications
2045         https://bugs.webkit.org/show_bug.cgi?id=182643
2046         <rdar://problem/37394310>
2047
2048         Reviewed by Zalan Bujtas.
2049
2050         Deferring focus changes for accessibility has a number of benefits.
2051             1) Reduces the chance of calling into layout during layout.
2052             2) Coalesces multiple focus notifications that would be needlessly sent.
2053             3) Improves performance by not calling out to the accessibility notification machinery during layout.
2054
2055         In this patch, I also started making more AXObjectCache calls private. This will reduce the chance that clients
2056         will call into AXObjectCache during unexpected times.
2057
2058         * accessibility/AXObjectCache.cpp:
2059         (WebCore::AXObjectCache::deferFocusedUIElementChangeIfNeeded):
2060         (WebCore::conditionallyAddNodeToFilterList):
2061         (WebCore::filterVectorPairForRemoval):
2062         (WebCore::filterMapForRemoval):
2063         (WebCore::filterListForRemoval):
2064         (WebCore::AXObjectCache::prepareForDocumentDestruction):
2065         (WebCore::AXObjectCache::performDeferredCacheUpdate):
2066         * accessibility/AXObjectCache.h:
2067         * dom/Document.cpp:
2068         (WebCore::Document::setFocusedElement):
2069
2070 2018-02-12  John Wilander  <wilander@apple.com>
2071
2072         Resource Load Statistics: Classify resources as prevalent based on redirects to other prevalent resources
2073         https://bugs.webkit.org/show_bug.cgi?id=182664
2074         <rdar://problem/37372572>
2075
2076         Reviewed by Brent Fulgham.
2077
2078         Tests: http/tests/resourceLoadStatistics/classify-as-prevalent-based-on-subresource-redirect-collusion.html
2079                http/tests/resourceLoadStatistics/classify-as-prevalent-based-on-top-frame-redirect-collusion.html
2080                http/tests/resourceLoadStatistics/classify-as-prevalent-based-on-top-frame-unique-redirects-to.html
2081
2082         * loader/ResourceLoadObserver.cpp:
2083         (WebCore::ResourceLoadObserver::logFrameNavigation):
2084             We now collect statistics on top frame navigational redirects too, both to and from.
2085         (WebCore::ResourceLoadObserver::logSubresourceLoading):
2086             We now collect statistics on redirects from in addition to the existing redirects to.
2087         * loader/ResourceLoadStatistics.cpp:
2088         (WebCore::ResourceLoadStatistics::encode const):
2089         (WebCore::ResourceLoadStatistics::decode):
2090         (WebCore::ResourceLoadStatistics::toString const):
2091         (WebCore::ResourceLoadStatistics::merge):
2092         * loader/ResourceLoadStatistics.h:
2093             Three new fields:
2094             - topFrameUniqueRedirectsTo
2095             - topFrameUniqueRedirectsFrom
2096             - subresourceUniqueRedirectsFrom
2097
2098 2018-02-12  Zalan Bujtas  <zalan@apple.com>
2099
2100         [RenderTreeBuilder] Move RenderMenuList::takeChild() to RenderTreeBuilder
2101         https://bugs.webkit.org/show_bug.cgi?id=182715
2102         <rdar://problem/37477050>
2103
2104         Reviewed by Antti Koivisto.
2105
2106         No change in functionality.
2107
2108         * rendering/RenderMenuList.cpp:
2109         (RenderMenuList::takeChild): Deleted.
2110         * rendering/RenderMenuList.h:
2111         * rendering/updating/RenderTreeBuilder.cpp:
2112         (WebCore::RenderTreeBuilder::takeChild):
2113         (WebCore::RenderTreeBuilder::takeChildFromRenderMenuList):
2114         * rendering/updating/RenderTreeBuilder.h:
2115
2116 2018-02-12  Ross Kirsling  <ross.kirsling@sony.com>
2117
2118         Unify UserAgent into WebCore/platform.
2119         https://bugs.webkit.org/show_bug.cgi?id=182716
2120
2121         Reviewed by Michael Catanzaro.
2122
2123         No change in functionality.
2124
2125         * SourcesCocoa.txt:
2126         * SourcesIOS.txt:
2127         * SourcesMac.txt:
2128         * WebCore.xcodeproj/project.pbxproj:
2129         * page/cocoa/UserAgent.h: Removed.
2130         * platform/UserAgent.h:
2131         * platform/cocoa/UserAgentCocoa.mm: Renamed from Source/WebCore/page/cocoa/UserAgent.mm.
2132         * platform/ios/UserAgentIOS.mm: Renamed from Source/WebCore/page/ios/UserAgentIOS.mm.
2133         * platform/mac/UserAgentMac.mm: Renamed from Source/WebCore/page/mac/UserAgentMac.mm.
2134
2135 2018-02-12  Antoine Quint  <graouts@apple.com>
2136
2137         [Web Animations] Support the copy constructors for KeyframeEffectReadOnly and KeyframeEffect
2138         https://bugs.webkit.org/show_bug.cgi?id=182712
2139
2140         Reviewed by Dean Jackson.
2141
2142         We now support the variants for the KeyframeEffectReadOnly and KeyframeEffect constructors where
2143         another KeyframeEffectReadOnly is provided as a source. All timing, keyframe and target properties
2144         of that source are copied on the newly-constructed KeyframeEffect.
2145
2146         To support copying properties, we add new copyPropertiesFromSource() methods to
2147         AnimationEffectTimingReadOnly and KeyframeEffectReadOnly to encapsulate copying various
2148         member variables in the relevant classes. Copying properties of the backing KeyframeList
2149         is performed in KeyframeEffectReadOnly::copyPropertiesFromSource() via public KeyframeList
2150         methods.
2151
2152         * animation/AnimationEffectTimingReadOnly.cpp:
2153         (WebCore::AnimationEffectTimingReadOnly::copyPropertiesFromSource):
2154         * animation/AnimationEffectTimingReadOnly.h:
2155         * animation/KeyframeEffect.cpp:
2156         (WebCore::KeyframeEffect::create):
2157         * animation/KeyframeEffect.h:
2158         * animation/KeyframeEffect.idl:
2159         * animation/KeyframeEffectOptions.idl:
2160         * animation/KeyframeEffectReadOnly.cpp:
2161         (WebCore::KeyframeEffectReadOnly::create):
2162         (WebCore::KeyframeEffectReadOnly::copyPropertiesFromSource):
2163         * animation/KeyframeEffectReadOnly.h:
2164         * animation/KeyframeEffectReadOnly.idl:
2165
2166 2018-02-12  Zalan Bujtas  <zalan@apple.com>
2167
2168         [RenderTreeBuilder] Introduce RenderTreebuilder::takeChild
2169         https://bugs.webkit.org/show_bug.cgi?id=182707
2170         <rdar://problem/37473433>
2171
2172         Reviewed by Antti Koivisto.
2173
2174         All takeChild calls should go through RenderTreeBuilder::takeChild from now on.
2175         This patch also moves the Ruby related takeChild calls to RenderTreeBuilder.
2176
2177         No change in functionality.
2178
2179         * rendering/RenderButton.cpp:
2180         (WebCore::RenderButton::takeChild):
2181         * rendering/RenderElement.cpp:
2182         (WebCore::RenderElement::removeAndDestroyChild):
2183         * rendering/RenderFullScreen.cpp:
2184         (WebCore::RenderFullScreen::wrapExistingRenderer):
2185         (WebCore::RenderFullScreen::unwrapRenderer):
2186         * rendering/RenderMenuList.cpp:
2187         (RenderMenuList::takeChild):
2188         * rendering/RenderRuby.cpp:
2189         (WebCore::RenderRubyAsInline::takeChild): Deleted.
2190         (WebCore::RenderRubyAsBlock::takeChild): Deleted.
2191         * rendering/RenderRuby.h:
2192         * rendering/RenderRubyRun.cpp:
2193         (WebCore::RenderRubyRun::takeChild): Deleted.
2194         * rendering/RenderRubyRun.h:
2195         * rendering/updating/RenderTreeBuilder.cpp:
2196         (WebCore::RenderTreeBuilder::takeChild):
2197         (WebCore::RenderTreeBuilder::takeChildFromRenderRubyAsInline): Deleted.
2198         (WebCore::RenderTreeBuilder::takeChildFromRenderRubyAsBlock): Deleted.
2199         (WebCore::RenderTreeBuilder::takeChildFromRenderRubyRun): Deleted.
2200         * rendering/updating/RenderTreeBuilder.h:
2201         * rendering/updating/RenderTreeBuilderFirstLetter.cpp:
2202         (WebCore::RenderTreeBuilder::FirstLetter::updateStyle):
2203         * rendering/updating/RenderTreeBuilderList.cpp:
2204         (WebCore::RenderTreeBuilder::List::updateItemMarker):
2205         * rendering/updating/RenderTreeBuilderMultiColumn.cpp:
2206         (WebCore::RenderTreeBuilder::MultiColumn::createFragmentedFlow):
2207         (WebCore::RenderTreeBuilder::MultiColumn::destroyFragmentedFlow):
2208         (WebCore::RenderTreeBuilder::MultiColumn::processPossibleSpannerDescendant):
2209         * rendering/updating/RenderTreeBuilderRuby.cpp:
2210         (WebCore::RenderTreeBuilder::Ruby::takeChild):
2211         * rendering/updating/RenderTreeBuilderTable.cpp:
2212         (WebCore::RenderTreeBuilder::Table::collapseAndDestroyAnonymousSiblingRows):
2213
2214 2018-02-12  Zalan Bujtas  <zalan@apple.com>
2215
2216         [RenderTreeBuilder] Move RenderBlock::dropAnonymousBoxChild to RenderTreeBuilder
2217         https://bugs.webkit.org/show_bug.cgi?id=182704
2218         <rdar://problem/37469469>
2219
2220         Reviewed by Antti Koivisto.
2221
2222         All the callsites are now in RenderTreeBuilder.
2223
2224         No change in functionality.
2225
2226         * rendering/RenderBlock.cpp:
2227         (WebCore::RenderBlock::dropAnonymousBoxChild): Deleted.
2228         * rendering/RenderBlock.h:
2229         * rendering/updating/RenderTreeBuilder.cpp:
2230         (WebCore::RenderTreeBuilder::removeAnonymousWrappersForInlineChildrenIfNeeded):
2231         (WebCore::RenderTreeBuilder::dropAnonymousBoxChild):
2232         * rendering/updating/RenderTreeBuilder.h:
2233         * rendering/updating/RenderTreeBuilderBlock.cpp:
2234         (WebCore::RenderTreeBuilder::Block::takeChild):
2235         (WebCore::RenderTreeBuilder::Block::dropAnonymousBoxChild):
2236         * rendering/updating/RenderTreeBuilderBlock.h:
2237
2238 2018-02-12  Matt Lewis  <jlewis3@apple.com>
2239
2240         Unreviewed, rolling out r228376.
2241
2242         This caused accessibility/mac/selection-notification-focus-
2243         change.html to become flaky on macOS.
2244
2245         Reverted changeset:
2246
2247         "AX: defer focusedUIElement notifications"
2248         https://bugs.webkit.org/show_bug.cgi?id=182643
2249         https://trac.webkit.org/changeset/228376
2250
2251 2018-02-12  Ryan Haddad  <ryanhaddad@apple.com>
2252
2253         [iOS] media tests failing ASSERT_NOT_REACHED() in WebCore::VideoFullscreenInterfaceAVKit::cleanupFullscreen()
2254         https://bugs.webkit.org/show_bug.cgi?id=182527
2255
2256         Reviewed by Alexey Proskuryakov.
2257
2258         Temporarily remove an assertion from VideoFullscreenInterfaceAVKit to stop tests from crashing on iOS
2259         while the root cause is being investigated.
2260
2261         * platform/ios/VideoFullscreenInterfaceAVKit.mm:
2262         (VideoFullscreenInterfaceAVKit::exitFullscreenHandler):
2263
2264 2018-02-12  Zalan Bujtas  <zalan@apple.com>
2265
2266         [RenderTreeBuilder] Remove redundant RenderTreeBuilder instance
2267         https://bugs.webkit.org/show_bug.cgi?id=182700
2268         <rdar://problem/37463958>
2269
2270         Reviewed by Antti Koivisto.
2271
2272         * rendering/RenderView.cpp:
2273         (WebCore::RenderView::willBeDestroyed):
2274
2275 2018-02-12  Chris Fleizach  <cfleizach@apple.com>
2276
2277         AX: defer focusedUIElement notifications
2278         https://bugs.webkit.org/show_bug.cgi?id=182643
2279         <rdar://problem/37394310>
2280
2281         Reviewed by Zalan Bujtas.
2282
2283         Deferring focus changes for accessibility has a number of benefits.
2284             1) Reduces the chance of calling into layout during layout.
2285             2) Coalesces multiple focus notifications that would be needlessly sent.
2286             3) Improves performance by not calling out to the accessibility notification machinery during layout.
2287
2288         In this patch, I also started making more AXObjectCache calls private. This will reduce the chance that clients
2289         will call into AXObjectCache during unexpected times.
2290
2291         * accessibility/AXObjectCache.cpp:
2292         (WebCore::AXObjectCache::deferFocusedUIElementChangeIfNeeded):
2293         (WebCore::conditionallyAddNodeToFilterList):
2294         (WebCore::filterVectorPairForRemoval):
2295         (WebCore::filterMapForRemoval):
2296         (WebCore::filterListForRemoval):
2297         (WebCore::AXObjectCache::prepareForDocumentDestruction):
2298         (WebCore::AXObjectCache::performDeferredCacheUpdate):
2299         * accessibility/AXObjectCache.h:
2300         * dom/Document.cpp:
2301         (WebCore::Document::setFocusedElement):
2302
2303 2018-02-11  Gustavo Noronha Silva  <gustavo.noronha@collabora.co.uk>
2304
2305         [GTK] Scrolling sometimes jumps around
2306         https://bugs.webkit.org/show_bug.cgi?id=178519
2307
2308         Reviewed by Michael Catanzaro.
2309
2310         * platform/gtk/ScrollAnimatorGtk.cpp:
2311         (WebCore::ScrollAnimatorGtk::computeVelocity): use -1 as the multiplier for the accumulated deltas,
2312         since all we need is to make them negative. Multiplying by -1000 leads to very high velocities being
2313         returned, causing the viewport to scroll to the end of the page.
2314
2315 2018-02-10  Wenson Hsieh  <wenson_hsieh@apple.com>
2316
2317         Remove an unused static variable in DeprecatedGlobalSettings.h
2318         https://bugs.webkit.org/show_bug.cgi?id=182672
2319
2320         Reviewed by Joseph Pecoraro.
2321
2322         After r227282, this flag is no longer used anywhere. No change in behavior.
2323
2324         * page/DeprecatedGlobalSettings.h:
2325
2326 2018-02-10  Zalan Bujtas  <zalan@apple.com>
2327
2328         [RenderTreeBuilder] Move RenderBlock::takeChild mutation to a RenderTreeBuilder
2329         https://bugs.webkit.org/show_bug.cgi?id=182662
2330         <rdar://problem/37408571>
2331
2332         Reviewed by Simon Fraser.
2333
2334         No change in functionality.
2335
2336         * rendering/RenderBlock.cpp:
2337         (WebCore::RenderBlock::takeChild):
2338         (WebCore::canDropAnonymousBlock): Deleted.
2339         (WebCore::canMergeContiguousAnonymousBlocks): Deleted.
2340         * rendering/RenderBlock.h:
2341         (WebCore::RenderBlock::moveAllChildrenIncludingFloatsTo):
2342         * rendering/RenderBlockFlow.h:
2343         * rendering/updating/RenderTreeBuilder.cpp:
2344         (WebCore::RenderTreeBuilder::takenChildFromRenderBlock):
2345         * rendering/updating/RenderTreeBuilder.h:
2346         * rendering/updating/RenderTreeBuilderBlock.cpp:
2347         (WebCore::canDropAnonymousBlock):
2348         (WebCore::canMergeContiguousAnonymousBlocks):
2349         (WebCore::RenderTreeBuilder::Block::takeChild):
2350         * rendering/updating/RenderTreeBuilderBlock.h:
2351
2352 2018-02-08  Ryosuke Niwa  <rniwa@webkit.org>
2353
2354         REGRESSION (r223440): Copying & pasting a list from Microsoft Word to TinyMCE fails
2355         https://bugs.webkit.org/show_bug.cgi?id=182564
2356
2357         Reviewed by Wenson Hsieh.
2358
2359         Turns out that Microsoft Word generates p and span elements with special styles instead of standard
2360         ul and ol elements when copying a list items, and TinyMCE has a specialized code path to process
2361         this proprietary format of Microsoft Word. The regression was caused by WebKit's sanitization code
2362         stripping away these non-standard CSS rules and inline styles.
2363
2364         To preseve pre-r223440 behavior in TinyMCE, we preserve the following in a HTML markup:
2365
2366         1. The "html" element at the beginning with xmlns content attributes
2367         2. @list rules in a style element starting with "/* List Definitions */" comment
2368         3. inline style content attribute with "mso-list" property
2369         4. comments conditional sections with "[if !supportLists]" and "[endif]"
2370
2371         (1) is needed for TinyMCE to trigger the specialized code path for Microsoft Word. (2) contains
2372         the information about the structure of list items. (3) is needed to associate each p element with
2373         a rule in (2). (4) is needed to strip away the content generated as list markers (e.g. dots).
2374
2375         We enable this "MSO list quirks" when the content comes from a non-WebKit client or a WebKit client
2376         that doesn't enable custom pasteboard data (detected by the content origin being null), and the HTML
2377         markup starts with a specific sequence of characters generated by Microsoft Word.
2378
2379         Test: http/tests/security/clipboard/copy-paste-html-across-origin-strips-mso-list.html
2380               PasteHTML.PreservesMSOList
2381               PasteHTML.StripsMSOListWhenMissingMSOHTMLElement
2382               PasteWebArchive.PreservesMSOList
2383               PasteWebArchive.StripsMSOListWhenMissingMSOHTMLElement
2384
2385         * editing/MarkupAccumulator.cpp:
2386         (WebCore::MarkupAccumulator::appendTextSubstring): Added.
2387         * editing/MarkupAccumulator.h:
2388         * editing/WebContentReader.cpp:
2389         (WebCore::FrameWebContentReader::msoListQuirksForMarkup const): Added. Enables the MSO list quirks
2390         if the content origin is null. The content origin specifies the pasteboard content's origin if it's
2391         copied in WebKit with custom pasteboard data types enabled. In all other applications, it would be
2392         set to null.
2393         * editing/WebContentReader.h:
2394         * editing/cocoa/WebContentReaderCocoa.mm:
2395         (WebCore::markupForFragmentInDocument): Moved to markup.cpp as sanitizedMarkupForFragmentInDocument.
2396         (WebCore::sanitizeMarkupWithArchive):
2397         (WebCore::WebContentReader::readWebArchive): Always disables MSO list quirks since this code path is
2398         only used by WebKit's native code to paste content.
2399         (WebCore::WebContentMarkupReader::readWebArchive): Calls msoListQuirksForMarkup since this is the code
2400         path used by DataTransfer.
2401         (WebCore::WebContentReader::readHTML): Always disables MSO list quirks since this code path is only
2402         used by WebKit's native code to paste content.
2403         (WebCore::WebContentMarkupReader::readHTML): Calls msoListQuirksForMarkup since this is the code path
2404         used by DataTransfer.
2405         * editing/markup.cpp:
2406         (WebCore::sanitizeMarkup): Use sanitizedMarkupForFragmentInDocument to share code.
2407         (WebCore::MSOListMode): Added. Set to Preserve if the sanitized markup is the one generated by
2408         Microsoft Word, and MSO list quirks should actually kick in. This is unlike MSOListQuirks, which is
2409         set to Enable whenever the content COULD be the one generated by Microsoft Word.
2410         (WebCore::StyledMarkupAccumulator): Added a special MSO list preservation mode enabled by MSOListMode.
2411         (WebCore::StyledMarkupAccumulator::StyledMarkupAccumulator):
2412         (WebCore::StyledMarkupAccumulator::appendElement): Preseve (3). Unfortunately, TinyMCE only recognizes
2413         mso-list and related properties only if they appear on their own. But we also need to preserve
2414         the inline style generated using the computed style since we would lose the inline styles of the text
2415         otherwise (e.g. red text and bold font). To workaround this, we generate two style content attributes,
2416         one containing computed styles and another one containing mso-list. Luckily, the HTML parsing algorithm
2417         dictates that the first attribute always wins when more than one attributes of the same name appears,
2418         so we place the computed style's style attribute first so that the pasted content in non-TinyMCE
2419         environment will continue to work.
2420         (WebCore::StyledMarkupAccumulator::traverseNodesForSerialization):
2421         (WebCore::StyledMarkupAccumulator::appendNodeToPreserveMSOList): Added. Generates special markup for
2422         the conditional statements and the special style element with @list rules.
2423         (WebCore::createMarkupInternal):
2424         (WebCore::createMarkup):
2425         (WebCore::sanitizedMarkupForFragmentInDocument): Moved from WebContentReaderCocoa.mm. If MSOListQuirks
2426         is set to Enable, and the markup starts with a specific sequence of characters, generate the markup
2427         with the newly added quirks code in StyledMarkupAccumulator, and wrap it in a special "html" element
2428         TinyMCE recognizes.
2429         * editing/markup.h:
2430         (WebCore::MSOListQuirks): Added. Set to CheckIfNeeded if the content COULD require MSO list quirks.
2431
2432 2018-02-09  Dean Jackson  <dino@apple.com>
2433
2434         ImageBitmapRenderingContext should be Runtime guarded
2435         https://bugs.webkit.org/show_bug.cgi?id=182665
2436         <rdar://problem/37411410>
2437
2438         Reviewed by Sam Weinig.
2439
2440         Add a flag to ensure the ImageBitmapRenderingContext interface is only
2441         visible when the runtime feature is enabled.
2442
2443         * bindings/js/WebCoreBuiltinNames.h:
2444         * html/canvas/ImageBitmapRenderingContext.idl:
2445
2446 2018-02-09  Don Olmstead  <don.olmstead@sony.com>
2447
2448         [CMake] Make PAL headers copies
2449         https://bugs.webkit.org/show_bug.cgi?id=182645
2450
2451         Reviewed by Alex Christensen.
2452
2453         No new tests. No change in behavior.
2454
2455         * CMakeLists.txt:
2456
2457 2018-02-09  Zalan Bujtas  <zalan@apple.com>
2458
2459         [RenderTreeBuilder] Move RenderRubyRun::takeChild mutation to a RenderTreeBuilder
2460         https://bugs.webkit.org/show_bug.cgi?id=182655
2461         <rdar://problem/37406801>
2462
2463         Reviewed by Simon Fraser.
2464
2465         No change in functionality.
2466
2467         * rendering/RenderRubyRun.cpp:
2468         (WebCore::RenderRubyRun::takeChild):
2469         * rendering/updating/RenderTreeBuilder.cpp:
2470         (WebCore::RenderTreeBuilder::takeChildFromRenderRubyRun):
2471         * rendering/updating/RenderTreeBuilder.h:
2472         * rendering/updating/RenderTreeBuilderRuby.cpp:
2473         (WebCore::RenderTreeBuilder::Ruby::takeChild):
2474         * rendering/updating/RenderTreeBuilderRuby.h:
2475
2476 2018-02-09  Andy Estes  <aestes@apple.com>
2477
2478         [Payment Request] Apple Pay sheet does not dismiss when calling complete() with result "unknown" or "fail"
2479         https://bugs.webkit.org/show_bug.cgi?id=182658
2480         <rdar://problem/37293917>
2481
2482         Reviewed by Brady Eidson.
2483
2484         When PaymentResponse::complete() is called with a result of "unknown" or "fail", we should
2485         treat this as a fatal error and dismiss the Apple Pay sheet. However, we were adding an
2486         error with code "unknown" to the authorization result, which PassKit interprets as a
2487         non-fatal error. Instead, we should not set any errors and just use a status code of
2488         PaymentAuthorizationStatus::Failure, which PassKit interprets as a fatal error, dismissing
2489         the sheet.
2490
2491         No test possible.
2492
2493         * Modules/applepay/paymentrequest/ApplePayPaymentHandler.cpp:
2494         (WebCore::ApplePayPaymentHandler::complete):
2495
2496 2018-02-09  Wenson Hsieh  <wenson_hsieh@apple.com>
2497
2498         Pasting from Excel no longer provides text/html data
2499         https://bugs.webkit.org/show_bug.cgi?id=182636
2500         <rdar://problem/37087060>
2501
2502         Reviewed by Ryosuke Niwa.
2503
2504         After r222656, we treat images on the pasteboard as files. However, we also have an existing policy which hides
2505         text data ("text/uri-list", "text/html", "text/plain") from the page when files are present on the pasteboard.
2506         When copying a table, Microsoft Excel writes a rendering of the table to the pasteboard as an image. This means
2507         that we'll hide other data types (importantly, 'text/html') upon pasting, even though important clients (such as
2508         Google Docs and Confluence) depend on the 'text/html' data in order to correctly handle the paste (rather than
2509         paste as an image of a table).
2510
2511         To fix this, we add an exception to the DataTransfer.getData codepath when the pasteboard contains files.
2512         Instead of always returning the empty string for text/html, we still allow pasteboard access, but only read
2513         from a limited set of rich text types, i.e. web archive, RTF(D), and HTML markup. Importantly, this prevents
2514         us from exposing any file paths that appear as plain text or URLs on the pasteboard. Just as in the regular
2515         codepath for getData(), if the pasteboard data comes from the same origin, we allow unsanitized access;
2516         otherwise, we use WebContentMarkupReader to extract markup from the pasteboard.
2517
2518         Tests:  PasteMixedContent.ImageFileAndPlainText
2519                 PasteMixedContent.ImageFileAndWebArchive
2520                 PasteMixedContent.ImageFileAndHTML
2521                 PasteMixedContent.ImageFileAndRTF
2522                 PasteMixedContent.ImageFileAndURL
2523                 PasteMixedContent.ImageFileWithHTMLAndURL
2524                 DataInteractionTests.DataTransferGetDataWhenDroppingImageAndMarkup
2525
2526         Also rebaselined some layout tests, which cover changes in behavior when dropping on macOS and pasting on iOS.
2527
2528         * dom/DataTransfer.cpp:
2529         (WebCore::DataTransfer::getDataForItem const):
2530
2531         Augment the codepath handling the case where the pasteboard contains files, such that we allow reading
2532         "text/html", but only from rich text types.
2533
2534         (WebCore::DataTransfer::readStringFromPasteboard const):
2535
2536         Factor out logic for reading from the pasteboard into a private helper. This is called in two places from
2537         getDataForItem: in the normal (existing) path, and in the case where we allow 'text/html' to be read despite
2538         files appearing in the pasteboard.
2539
2540         One important difference here is that this helper now takes a WebContentReadingPolicy, whose purpose is to
2541         prevent reading from non-rich-text types when files appear in the pasteboard.
2542
2543         Another tweak here is that we now use `lowercaseType` instead of the original (unadjusted) `type` when reading
2544         from the pasteboard. This doesn't seem to be intended in the first place.
2545
2546         (WebCore::DataTransfer::types const):
2547
2548         Tweak the implementation of DataTransfer.types() in the case where files exist on the pasteboard, such that we
2549         also add "text/html" if it is present in the list of DOM-safe types.
2550
2551         * dom/DataTransfer.h:
2552         * platform/Pasteboard.h:
2553
2554         Introduce WebContentReadingPolicy, which indicates whether or not we should limit web content reading from the
2555         pasteboard to only rich text types upon paste or drop. Normally, we allow all types to be read as web content
2556         (::AnyType), but when files appear on the pasteboard, we force OnlyRichTextTypes to ensure that no other types
2557         can unintentionally be read back as web content.
2558
2559         * platform/StaticPasteboard.h:
2560         * platform/gtk/PasteboardGtk.cpp:
2561         (WebCore::Pasteboard::read):
2562         * platform/ios/PasteboardIOS.mm:
2563
2564         Teach Pasteboard (on iOS) to respect WebContentReadingPolicy.
2565
2566         (WebCore::isTypeAllowedByReadingPolicy):
2567         (WebCore::Pasteboard::read):
2568         (WebCore::Pasteboard::readRespectingUTIFidelities):
2569         * platform/mac/PasteboardMac.mm:
2570
2571         Teach Pasteboard (on macOS) to respect WebContentReadingPolicy.
2572
2573         (WebCore::Pasteboard::read):
2574         * platform/win/PasteboardWin.cpp:
2575         (WebCore::Pasteboard::read):
2576         * platform/wpe/PasteboardWPE.cpp:
2577         (WebCore::Pasteboard::read):
2578
2579         Adjust non-Cocoa Pasteboard implementations for an interface change.
2580
2581 2018-02-09  Zalan Bujtas  <zalan@apple.com>
2582
2583         [RenderTreeBuilder] Move RenderRubyAsInline/AsBlock::takeChild mutation to a RenderTreeBuilder
2584         https://bugs.webkit.org/show_bug.cgi?id=182651
2585         <rdar://problem/37405042>
2586
2587         Reviewed by Antti Koivisto.
2588
2589         No change in functionality.
2590
2591         * rendering/RenderRuby.cpp:
2592         (WebCore::RenderRubyAsInline::takeChild):
2593         (WebCore::RenderRubyAsBlock::takeChild):
2594         (WebCore::isAnonymousRubyInlineBlock): Deleted.
2595         (WebCore::isRubyChildForNormalRemoval): Deleted.
2596         (WebCore::findRubyRunParent): Deleted.
2597         * rendering/updating/RenderTreeBuilder.cpp:
2598         (WebCore::RenderTreeBuilder::takeChildFromRenderRubyAsInline):
2599         (WebCore::RenderTreeBuilder::takeChildFromRenderRubyAsBlock):
2600         * rendering/updating/RenderTreeBuilder.h:
2601         * rendering/updating/RenderTreeBuilderRuby.cpp:
2602         (WebCore::findRubyRunParent):
2603         (WebCore::RenderTreeBuilder::Ruby::takeChild):
2604         * rendering/updating/RenderTreeBuilderRuby.h:
2605
2606 2018-02-09  Per Arne Vollan  <pvollan@apple.com>
2607
2608         Assert that NSApp is not running in the WebProcess.
2609         https://bugs.webkit.org/show_bug.cgi?id=182553
2610
2611         Reviewed by Simon Fraser.
2612
2613         In WebCore, there are a few places where NSApp is referenced. Since the WebContent process
2614         is no longer using the NSApplication run loop, and NSApp is no longer guaranteed to be
2615         valid, we should make sure that the NSApp is not referenced by the WebContent process or
2616         the Network process, by asserting that the NSApplication event loop is running when NSApp
2617         is referenced. It is still ok for the UIProcess to reference NSApp. Adding these assert
2618         will help catch NSApp references when the NSApplication run loop is not used.
2619
2620         Also, do not post a fake mouse event in PasteBoard::setDragImage when the NSApplication
2621         run loop is not running, since this is only relevant in WK1.
2622
2623         No new tests, covered by existing tests. 
2624
2625         * page/mac/EventHandlerMac.mm:
2626         (WebCore::lastEventIsMouseUp):
2627         (WebCore::EventHandler::sendFakeEventsAfterWidgetTracking):
2628         * platform/mac/PasteboardMac.mm:
2629         (WebCore::Pasteboard::setDragImage):
2630
2631 2018-02-09  Zalan Bujtas  <zalan@apple.com>
2632
2633         [RenderTreeBuilder] Introduce RenderTreeBuilder to willBeDestoryed/removeFromParentAndDestroy
2634         https://bugs.webkit.org/show_bug.cgi?id=182635
2635         <rdar://problem/37377489>
2636
2637         Reviewed by Antti Koivisto.
2638
2639         This patch helps finding callsites where we don't have a RenderTreeBuilder instance.
2640
2641         No change in functionality.
2642
2643         * dom/Document.cpp:
2644         (WebCore::Document::setFullScreenRenderer):
2645         * dom/Document.h:
2646         * rendering/RenderBlock.cpp:
2647         (WebCore::RenderBlock::willBeDestroyed):
2648         (WebCore::RenderBlock::takeChild):
2649         * rendering/RenderBlock.h:
2650         * rendering/RenderBlockFlow.cpp:
2651         (WebCore::RenderBlockFlow::willBeDestroyed):
2652         * rendering/RenderBlockFlow.h:
2653         * rendering/RenderBox.cpp:
2654         (WebCore::RenderBox::willBeDestroyed):
2655         * rendering/RenderBox.h:
2656         * rendering/RenderBoxModelObject.cpp:
2657         (WebCore::RenderBoxModelObject::willBeDestroyed):
2658         (WebCore::RenderBoxModelObject::removeAndDestroyAllContinuations):
2659         * rendering/RenderBoxModelObject.h:
2660         * rendering/RenderButton.cpp:
2661         (WebCore::RenderButton::setText):
2662         * rendering/RenderCounter.cpp:
2663         (WebCore::RenderCounter::willBeDestroyed):
2664         * rendering/RenderCounter.h:
2665         * rendering/RenderElement.cpp:
2666         (WebCore::RenderElement::willBeDestroyed):
2667         * rendering/RenderElement.h:
2668         * rendering/RenderEmbeddedObject.cpp:
2669         (WebCore::RenderEmbeddedObject::willBeDestroyed):
2670         * rendering/RenderEmbeddedObject.h:
2671         * rendering/RenderFragmentedFlow.cpp:
2672         (WebCore::RenderFragmentedFlow::willBeDestroyed):
2673         * rendering/RenderFragmentedFlow.h:
2674         * rendering/RenderFullScreen.cpp:
2675         (WebCore::RenderFullScreen::willBeDestroyed):
2676         (WebCore::RenderFullScreen::wrapNewRenderer):
2677         (WebCore::RenderFullScreen::wrapExistingRenderer):
2678         (WebCore::RenderFullScreen::unwrapRenderer):
2679         * rendering/RenderFullScreen.h:
2680         * rendering/RenderImage.cpp:
2681         (WebCore::RenderImage::willBeDestroyed):
2682         * rendering/RenderImage.h:
2683         * rendering/RenderInline.cpp:
2684         (WebCore::RenderInline::willBeDestroyed):
2685         * rendering/RenderInline.h:
2686         * rendering/RenderLayerModelObject.cpp:
2687         (WebCore::RenderLayerModelObject::willBeDestroyed):
2688         * rendering/RenderLayerModelObject.h:
2689         * rendering/RenderListBox.cpp:
2690         (WebCore::RenderListBox::willBeDestroyed):
2691         * rendering/RenderListBox.h:
2692         * rendering/RenderListItem.cpp:
2693         (WebCore::RenderListItem::willBeDestroyed):
2694         * rendering/RenderListItem.h:
2695         * rendering/RenderListMarker.cpp:
2696         (WebCore::RenderListMarker::willBeDestroyed):
2697         * rendering/RenderListMarker.h:
2698         * rendering/RenderMenuList.cpp:
2699         (WebCore::RenderMenuList::willBeDestroyed):
2700         * rendering/RenderMenuList.h:
2701         * rendering/RenderMultiColumnFlow.cpp:
2702         (WebCore::RenderMultiColumnFlow::handleSpannerRemoval):
2703         * rendering/RenderObject.cpp:
2704         (WebCore::RenderObject::removeFromParentAndDestroy):
2705         (WebCore::RenderObject::willBeDestroyed):
2706         (WebCore::RenderObject::destroy):
2707         * rendering/RenderObject.h:
2708         * rendering/RenderReplaced.cpp:
2709         (WebCore::RenderReplaced::willBeDestroyed):
2710         * rendering/RenderReplaced.h:
2711         * rendering/RenderRuby.cpp:
2712         (WebCore::RenderRubyAsInline::takeChild):
2713         (WebCore::RenderRubyAsBlock::takeChild):
2714         * rendering/RenderSearchField.cpp:
2715         (WebCore::RenderSearchField::willBeDestroyed):
2716         * rendering/RenderSearchField.h:
2717         * rendering/RenderSnapshottedPlugIn.cpp:
2718         (WebCore::RenderSnapshottedPlugIn::willBeDestroyed):
2719         * rendering/RenderSnapshottedPlugIn.h:
2720         * rendering/RenderText.cpp:
2721         (WebCore::RenderText::willBeDestroyed):
2722         * rendering/RenderText.h:
2723         * rendering/RenderTextControlMultiLine.cpp:
2724         (WebCore::RenderTextControlMultiLine::willBeDestroyed):
2725         * rendering/RenderTextControlMultiLine.h:
2726         * rendering/RenderTextFragment.cpp:
2727         (WebCore::RenderTextFragment::willBeDestroyed):
2728         (WebCore::RenderTextFragment::setText):
2729         * rendering/RenderTextFragment.h:
2730         * rendering/RenderVideo.cpp:
2731         (WebCore::RenderVideo::willBeDestroyed):
2732         * rendering/RenderVideo.h:
2733         * rendering/RenderView.cpp:
2734         (WebCore::RenderView::willBeDestroyed):
2735         * rendering/RenderView.h:
2736         * rendering/RenderWidget.cpp:
2737         (WebCore::RenderWidget::willBeDestroyed):
2738         * rendering/RenderWidget.h:
2739         * rendering/svg/RenderSVGBlock.cpp:
2740         (WebCore::RenderSVGBlock::willBeDestroyed):
2741         * rendering/svg/RenderSVGBlock.h:
2742         * rendering/svg/RenderSVGImage.cpp:
2743         (WebCore::RenderSVGImage::willBeDestroyed):
2744         * rendering/svg/RenderSVGImage.h:
2745         * rendering/svg/RenderSVGInline.cpp:
2746         (WebCore::RenderSVGInline::willBeDestroyed):
2747         * rendering/svg/RenderSVGInline.h:
2748         * rendering/svg/RenderSVGModelObject.cpp:
2749         (WebCore::RenderSVGModelObject::willBeDestroyed):
2750         * rendering/svg/RenderSVGModelObject.h:
2751         * rendering/svg/RenderSVGResourceContainer.cpp:
2752         (WebCore::RenderSVGResourceContainer::willBeDestroyed):
2753         * rendering/svg/RenderSVGResourceContainer.h:
2754         * rendering/svg/RenderSVGRoot.cpp:
2755         (WebCore::RenderSVGRoot::willBeDestroyed):
2756         * rendering/svg/RenderSVGRoot.h:
2757         * rendering/svg/RenderSVGText.cpp:
2758         (WebCore::RenderSVGText::willBeDestroyed):
2759         * rendering/svg/RenderSVGText.h:
2760         * rendering/updating/RenderTreeBuilder.cpp:
2761         (WebCore::RenderTreeBuilder::removeFromParentAndDestroyCleaningUpAnonymousWrappers):
2762         * rendering/updating/RenderTreeBuilderList.cpp:
2763         (WebCore::RenderTreeBuilder::List::updateItemMarker):
2764         * rendering/updating/RenderTreeBuilderMultiColumn.cpp:
2765         (WebCore::RenderTreeBuilder::MultiColumn::destroyFragmentedFlow):
2766         * rendering/updating/RenderTreeBuilderRuby.cpp:
2767         (WebCore::RenderTreeBuilder::Ruby::moveBlockChildren):
2768
2769 2018-02-09  Brent Fulgham  <bfulgham@apple.com>
2770
2771         [macOS, iOS] Expose OS marketing version in UserAgent
2772         https://bugs.webkit.org/show_bug.cgi?id=182629
2773         <rdar://problem/37370975>
2774
2775         Reviewed by Daniel Bates.
2776
2777         Revert back to dynamically reading the operating system marketing version
2778         rather than using a hard-coded version.
2779
2780         * page/cocoa/UserAgent.mm:
2781         (WebCore::systemMarketingVersionForUserAgentString):
2782
2783 2018-02-08  Antoine Quint  <graouts@apple.com>
2784
2785         [Web Animations] Refactor AnimationEffect and KeyframeEffect into AnimationEffectReadOnly, KeyframeEffectReadOnly and KeyframeEffect
2786         https://bugs.webkit.org/show_bug.cgi?id=182608
2787
2788         Reviewed by Dean Jackson.
2789
2790         Currently, we have an AnimationEffect class with read-write members and a KeyframeEffect subclass with read-write
2791         members. The spec has an AnimationEffectReadOnly class, with read-only members, a KeyframeEffectReadOnly subclass,
2792         with read-only members, and then the KeyframeEffect subclass (of KeyframeEffectReadOnly) with read-write members.
2793
2794         Likewise, currently we have an AnimationEffectTiming class with read-write members. While the spec has this class
2795         as well, it also specifies a read-only AnimationEffectTimingReadOnly superclass.
2796
2797         In this patch we refactor the code to match the spec, which gives us a big boost in our WPT pass rate. The vast
2798         majority of the code is just copied from one class to another verbatim. The limited actual code changes, all related
2799         to the new subclassing, are:
2800
2801         - AnimationEffectTimingReadOnly is not actually read-only as far as WebCore is concerned, it actually exposes setters
2802         for all of its properties, but the IDL for this class specifies all properties as read-only, so we match the spec. The
2803         reason for this is that it is necessary to be able to set members of an AnimationEffectTimingReadOnly object based on
2804         a Variant<double, KeyframeEffectOptions> provided to Element.animate() or the KeyframeEffectReadOnly and KeyframeEffect
2805         constructors, and the logic to handle properties in such dictionaries is the same as the logic required to set individual
2806         members in AnimationEffectTiming. So in essence, the sole role of AnimationTimingEffect is to provide an IDL interface
2807         with read-write members, but the parent class is itself read-write as far as WebCore is concerned.
2808
2809         - AnimationEffectTimingReadOnly exposes a new setProperties() method which takes in a nullable Variant<double, KeyframeEffectOptions>
2810         so that code that was previously specific to KeyframeEffect can be factored into this method and both the constructors of
2811         KeyframeEffectReadOnly and KeyframeEffect can make use of it without code duplication.
2812
2813         - The AnimationEffectReadOnly constructor now takes an AnimationEffectTimingReadOnly as input since that class and
2814         KeyframeEffectReadOnly expose an AnimationEffectTimingReadOnly object, while KeyframeEffect exposes an
2815         AnimationEffectTiming read-write object. This allows the KeyframeEffect constructor to provide the right object type. 
2816
2817         * CMakeLists.txt:
2818         * DerivedSources.make:
2819         * Sources.txt:
2820         * WebCore.xcodeproj/project.pbxproj:
2821         * animation/AnimationEffectReadOnly.cpp: Renamed from Source/WebCore/animation/AnimationEffect.cpp.
2822         (WebCore::AnimationEffectReadOnly::AnimationEffectReadOnly):
2823         (WebCore::AnimationEffectReadOnly::localTime const):
2824         (WebCore::AnimationEffectReadOnly::phase const):
2825         (WebCore::AnimationEffectReadOnly::activeTime const):
2826         (WebCore::AnimationEffectReadOnly::overallProgress const):
2827         (WebCore::AnimationEffectReadOnly::simpleIterationProgress const):
2828         (WebCore::AnimationEffectReadOnly::currentIteration const):
2829         (WebCore::AnimationEffectReadOnly::currentDirection const):
2830         (WebCore::AnimationEffectReadOnly::directedProgress const):
2831         (WebCore::AnimationEffectReadOnly::transformedProgress const):
2832         (WebCore::AnimationEffectReadOnly::iterationProgress const):
2833         (WebCore::AnimationEffectReadOnly::getComputedTiming):
2834         * animation/AnimationEffectReadOnly.h: Renamed from Source/WebCore/animation/AnimationEffect.h.
2835         (WebCore::AnimationEffectReadOnly::isKeyframeEffectReadOnly const):
2836         (WebCore::AnimationEffectReadOnly::timing const):
2837         * animation/AnimationEffectReadOnly.idl: Copied from Source/WebCore/animation/AnimationEffect.idl.
2838         * animation/AnimationEffectTiming.cpp:
2839         (WebCore::AnimationEffectTiming::AnimationEffectTiming):
2840         (WebCore::AnimationEffectTiming::setIterationStart): Deleted.
2841         (WebCore::AnimationEffectTiming::setIterations): Deleted.
2842         (WebCore::AnimationEffectTiming::bindingsDuration const): Deleted.
2843         (WebCore::AnimationEffectTiming::setBindingsDuration): Deleted.
2844         (WebCore::AnimationEffectTiming::endTime const): Deleted.
2845         (WebCore::AnimationEffectTiming::activeDuration const): Deleted.
2846         (WebCore::AnimationEffectTiming::setEasing): Deleted.
2847         * animation/AnimationEffectTiming.h:
2848         (): Deleted.
2849         * animation/AnimationEffectTiming.idl:
2850         * animation/AnimationEffectTimingReadOnly.cpp: Copied from Source/WebCore/animation/AnimationEffectTiming.cpp.
2851         (WebCore::AnimationEffectTimingReadOnly::create):
2852         (WebCore::AnimationEffectTimingReadOnly::AnimationEffectTimingReadOnly):
2853         (WebCore::AnimationEffectTimingReadOnly::~AnimationEffectTimingReadOnly):
2854         (WebCore::AnimationEffectTimingReadOnly::setProperties):
2855         (WebCore::AnimationEffectTimingReadOnly::setIterationStart):
2856         (WebCore::AnimationEffectTimingReadOnly::setIterations):
2857         (WebCore::AnimationEffectTimingReadOnly::bindingsDuration const):
2858         (WebCore::AnimationEffectTimingReadOnly::setBindingsDuration):
2859         (WebCore::AnimationEffectTimingReadOnly::setEasing):
2860         (WebCore::AnimationEffectTimingReadOnly::endTime const):
2861         (WebCore::AnimationEffectTimingReadOnly::activeDuration const):
2862         * animation/AnimationEffectTimingReadOnly.h: Copied from Source/WebCore/animation/AnimationEffectTiming.h.
2863         (WebCore::AnimationEffectTimingReadOnly::isAnimationEffectTiming const):
2864         (WebCore::AnimationEffectTimingReadOnly::bindingsDelay const):
2865         (WebCore::AnimationEffectTimingReadOnly::setBindingsDelay):
2866         (WebCore::AnimationEffectTimingReadOnly::bindingsEndDelay const):
2867         (WebCore::AnimationEffectTimingReadOnly::setBindingsEndDelay):
2868         (WebCore::AnimationEffectTimingReadOnly::delay const):
2869         (WebCore::AnimationEffectTimingReadOnly::setDelay):
2870         (WebCore::AnimationEffectTimingReadOnly::endDelay const):
2871         (WebCore::AnimationEffectTimingReadOnly::setEndDelay):
2872         (WebCore::AnimationEffectTimingReadOnly::fill const):
2873         (WebCore::AnimationEffectTimingReadOnly::setFill):
2874         (WebCore::AnimationEffectTimingReadOnly::iterationStart const):
2875         (WebCore::AnimationEffectTimingReadOnly::iterations const):
2876         (WebCore::AnimationEffectTimingReadOnly::iterationDuration const):
2877         (WebCore::AnimationEffectTimingReadOnly::setIterationDuration):
2878         (WebCore::AnimationEffectTimingReadOnly::direction const):
2879         (WebCore::AnimationEffectTimingReadOnly::setDirection):
2880         (WebCore::AnimationEffectTimingReadOnly::easing const):
2881         (WebCore::AnimationEffectTimingReadOnly::timingFunction const):
2882         (WebCore::AnimationEffectTimingReadOnly::classType const):
2883         * animation/AnimationEffectTimingReadOnly.idl: Renamed from Source/WebCore/animation/AnimationEffect.idl.
2884         * animation/AnimationTimeline.h:
2885         * animation/KeyframeEffect.cpp:
2886         (WebCore::KeyframeEffect::create):
2887         (WebCore::KeyframeEffect::KeyframeEffect):
2888         (WebCore::IDLAttributeNameToAnimationPropertyName): Deleted.
2889         (WebCore::CSSPropertyIDToIDLAttributeName): Deleted.
2890         (WebCore::computeMissingKeyframeOffsets): Deleted.
2891         (WebCore::processIterableKeyframes): Deleted.
2892         (WebCore::processKeyframeLikeObject): Deleted.
2893         (WebCore::processPropertyIndexedKeyframes): Deleted.
2894         (WebCore::KeyframeEffect::getKeyframes): Deleted.
2895         (WebCore::KeyframeEffect::processKeyframes): Deleted.
2896         (WebCore::KeyframeEffect::computeStackingContextImpact): Deleted.
2897         (WebCore::KeyframeEffect::apply): Deleted.
2898         (WebCore::KeyframeEffect::shouldRunAccelerated): Deleted.
2899         (WebCore::KeyframeEffect::getAnimatedStyle): Deleted.
2900         (WebCore::KeyframeEffect::setAnimatedPropertiesInStyle): Deleted.
2901         (WebCore::KeyframeEffect::startOrStopAccelerated): Deleted.
2902         (WebCore::KeyframeEffect::renderer const): Deleted.
2903         (WebCore::KeyframeEffect::currentStyle const): Deleted.
2904         * animation/KeyframeEffect.h:
2905         * animation/KeyframeEffect.idl:
2906         * animation/KeyframeEffectReadOnly.cpp: Copied from Source/WebCore/animation/KeyframeEffect.cpp.
2907         (WebCore::IDLAttributeNameToAnimationPropertyName):
2908         (WebCore::CSSPropertyIDToIDLAttributeName):
2909         (WebCore::computeMissingKeyframeOffsets):
2910         (WebCore::processIterableKeyframes):
2911         (WebCore::processKeyframeLikeObject):
2912         (WebCore::processPropertyIndexedKeyframes):
2913         (WebCore::KeyframeEffectReadOnly::create):
2914         (WebCore::KeyframeEffectReadOnly::KeyframeEffectReadOnly):
2915         (WebCore::KeyframeEffectReadOnly::getKeyframes):
2916         (WebCore::KeyframeEffectReadOnly::processKeyframes):
2917         (WebCore::KeyframeEffectReadOnly::computeStackingContextImpact):
2918         (WebCore::KeyframeEffectReadOnly::apply):
2919         (WebCore::KeyframeEffectReadOnly::shouldRunAccelerated):
2920         (WebCore::KeyframeEffectReadOnly::getAnimatedStyle):
2921         (WebCore::KeyframeEffectReadOnly::setAnimatedPropertiesInStyle):
2922         (WebCore::KeyframeEffectReadOnly::startOrStopAccelerated):
2923         (WebCore::KeyframeEffectReadOnly::renderer const):
2924         (WebCore::KeyframeEffectReadOnly::currentStyle const):
2925         * animation/KeyframeEffectReadOnly.h: Copied from Source/WebCore/animation/KeyframeEffect.h.
2926         (WebCore::KeyframeEffectReadOnly::~KeyframeEffectReadOnly):
2927         (WebCore::KeyframeEffectReadOnly::target const):
2928         (WebCore::KeyframeEffectReadOnly::iterationComposite const):
2929         (WebCore::KeyframeEffectReadOnly::composite const):
2930         (WebCore::KeyframeEffectReadOnly::isRunningAccelerated const):
2931         * animation/KeyframeEffectReadOnly.idl: Copied from Source/WebCore/animation/KeyframeEffect.idl.
2932         * animation/WebAnimation.cpp:
2933         (WebCore::WebAnimation::create):
2934         (WebCore::WebAnimation::setEffect):
2935         * animation/WebAnimation.h:
2936         * animation/WebAnimation.idl:
2937         * bindings/js/JSAnimationEffectReadOnlyCustom.cpp: Copied from Source/WebCore/bindings/js/JSAnimationEffectCustom.cpp.
2938         (WebCore::toJSNewlyCreated):
2939         (WebCore::toJS):
2940         * bindings/js/JSAnimationEffectTimingReadOnlyCustom.cpp: Renamed from Source/WebCore/bindings/js/JSAnimationEffectCustom.cpp.
2941         (WebCore::toJSNewlyCreated):
2942         (WebCore::toJS):
2943         * bindings/js/JSCustomEventCustom.cpp:
2944         (WebCore::JSCustomEvent::detail const): Fix an error introduced in webkit.org/b/179591.
2945         * bindings/js/JSWebAnimationCustom.cpp:
2946         (WebCore::constructJSWebAnimation):
2947         * bindings/js/WebCoreBuiltinNames.h:
2948
2949 2018-02-09  Andy Estes  <aestes@apple.com>
2950
2951         [Payment Request] Crash in PaymentRequest::canMakePayment() when Apple Pay payment method data is missing required fields
2952         https://bugs.webkit.org/show_bug.cgi?id=182631
2953
2954         Reviewed by Mark Lam.
2955
2956         PaymentRequest::canMakePayment() needs to parse each payment method's serialized data to
2957         determine if it is a supported payment method. If parsing fails by raising an exception, we
2958         intend to skip over that payment method and try the next one. If all payment method data
2959         fail to parse, we resolve the returned promise with false. At no point do we intend to
2960         propagate the parsing exception up to the calling script, however.
2961
2962         Even though we intend to swallow any exceptions from parsing, we failed to clear the
2963         JavaScript VM's exception state. The next time WebCore tries to execute JavaScript, a
2964         release assertion is raised due to seeing an unexpected exception in the VM.
2965
2966         Fix this by using a CatchScope in PaymentRequest::canMakePayment(), and calling
2967         CatchScope::clearException() in the places we intend to swallow exceptions.
2968
2969         Added a test case to http/tests/paymentrequest/payment-request-canmakepayment-method.https.html.
2970
2971         * Modules/paymentrequest/PaymentRequest.cpp:
2972         (WebCore::PaymentRequest::canMakePayment):
2973
2974 2018-02-09  Zalan Bujtas  <zalan@apple.com>
2975
2976         [RenderTreeBuilder] Move multicolumn descendant/sibling removal logic to RenderTreeBuilder
2977         https://bugs.webkit.org/show_bug.cgi?id=182628
2978         <rdar://problem/37369528>
2979
2980         Reviewed by Antti Koivisto.
2981
2982         No change in functionality
2983
2984         * rendering/RenderBlockFlow.cpp:
2985         (WebCore::RenderBlockFlow::takeChild):
2986         * rendering/RenderFragmentedFlow.h:
2987         * rendering/RenderMultiColumnFlow.cpp:
2988         (WebCore::RenderMultiColumnFlow::handleSpannerRemoval): Deleted.
2989         (WebCore::RenderMultiColumnFlow::fragmentedFlowRelativeWillBeRemoved): Deleted.
2990         * rendering/RenderMultiColumnFlow.h:
2991         * rendering/updating/RenderTreeBuilder.cpp:
2992         (WebCore::RenderTreeBuilder::multiColumnRelativeWillBeRemoved):
2993         * rendering/updating/RenderTreeBuilder.h:
2994         * rendering/updating/RenderTreeBuilderMultiColumn.cpp:
2995         (WebCore::RenderTreeBuilder::MultiColumn::handleSpannerRemoval):
2996         (WebCore::RenderTreeBuilder::MultiColumn::multiColumnRelativeWillBeRemoved):
2997         * rendering/updating/RenderTreeBuilderMultiColumn.h:
2998
2999 2018-02-09  Youenn Fablet  <youenn@apple.com>
3000
3001         Add support for cache storage of blob response
3002         https://bugs.webkit.org/show_bug.cgi?id=182637
3003
3004         Reviewed by Brady Eidson.
3005
3006         Covered by updated WPT test.
3007         When putting a blob response in cache, create a readable stream to easily get the body.
3008         Make clear that caching form data is not supported.
3009
3010         * Modules/cache/DOMCache.cpp:
3011         (WebCore::DOMCache::put):
3012         * Modules/fetch/FetchBody.h:
3013         (WebCore::FetchBody::isBlob const):
3014         (WebCore::FetchBody::isFormData const):
3015         * Modules/fetch/FetchResponse.h:
3016
3017 2018-02-09  Youenn Fablet  <youenn@apple.com>
3018
3019         Make CoreAudioCaptureSource error logging be release logging
3020         https://bugs.webkit.org/show_bug.cgi?id=182614
3021
3022         Reviewed by Eric Carlson.
3023
3024         No change of behavior.
3025
3026         * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
3027         (WebCore::CoreAudioSharedUnit::addEchoCancellationSource):
3028         (WebCore::CoreAudioSharedUnit::setupAudioUnit):
3029         (WebCore::CoreAudioSharedUnit::configureMicrophoneProc):
3030         (WebCore::CoreAudioSharedUnit::configureSpeakerProc):
3031         (WebCore::CoreAudioSharedUnit::checkTimestamps):
3032         (WebCore::CoreAudioSharedUnit::provideSpeakerData):
3033         (WebCore::CoreAudioSharedUnit::processMicrophoneSamples):
3034         (WebCore::CoreAudioSharedUnit::cleanupAudioUnit):
3035         (WebCore::CoreAudioSharedUnit::reconfigureAudioUnit):
3036         (WebCore::CoreAudioSharedUnit::startInternal):
3037         (WebCore::CoreAudioSharedUnit::verifyIsCapturing):
3038         (WebCore::CoreAudioSharedUnit::stopInternal):
3039         (WebCore::CoreAudioSharedUnit::defaultInputDevice):
3040
3041 2018-02-09  Carlos Garcia Campos  <cgarcia@igalia.com>
3042
3043         Add a way to check if a host is an IP address
3044         https://bugs.webkit.org/show_bug.cgi?id=182427
3045
3046         Reviewed by Alex Christensen.
3047
3048         There are several places where this is needed. We currently just assume that any host ending in a digit is an IP
3049         address, except in PublicSuffix where platform specific code is used. This patch adds URL::hostIsIPAddress()
3050         platform specific implementations, falling back to current assumption if there isn't an implementation for the
3051         platform.
3052
3053         * page/OriginAccessEntry.cpp:
3054         (WebCore::OriginAccessEntry::OriginAccessEntry): Use URL::hostIsIPAddress().
3055         * platform/URL.cpp:
3056         (WebCore::URL::hostIsIPAddress): Fallback implementation.
3057         * platform/URL.h:
3058         * platform/mac/PublicSuffixMac.mm:
3059         (WebCore::topPrivatelyControlledDomain): Use URL::hostIsIPAddress().
3060         * platform/mac/URLMac.mm:
3061         (WebCore::URL::hostIsIPAddress): Move implementation from PublicSuffixMac.mm.
3062         * platform/network/curl/CookieUtil.cpp:
3063         (WebCore::CookieUtil::isIPAddress): Use URL::hostIsIPAddress().
3064         * platform/soup/URLSoup.cpp:
3065         (WebCore::URL::hostIsIPAddress): Use g_hostname_is_ip_address().
3066
3067 2018-02-08  Philippe Normand  <pnormand@igalia.com>
3068
3069         [GStreamer][WebAudio] Winamp2-js woes
3070         https://bugs.webkit.org/show_bug.cgi?id=182612
3071
3072         Reviewed by Xabier Rodriguez Calvar and Carlos Alberto Lopez Perez.
3073
3074         Test: webaudio/silence-after-playback.html
3075
3076         * platform/audio/gstreamer/AudioSourceProviderGStreamer.cpp:
3077         (WebCore::copyGStreamerBuffersToAudioChannel): Clear the bus if
3078         the adapter can't provide enough data. This prevents a nasty noise
3079         after playing songs in Winamp.
3080         (WebCore::AudioSourceProviderGStreamer::setClient): No need to set
3081         the client more than once, this fixes runtime warnings.
3082
3083 2018-02-09  Zalan Bujtas  <zalan@apple.com>
3084
3085         [RenderTreeBuilder] Move multicolumn spanner mutation logic to RenderTreeBuilder
3086         https://bugs.webkit.org/show_bug.cgi?id=182627
3087         <rdar://problem/37367284>
3088
3089         Reviewed by Antti Koivisto.
3090
3091         Move spanner triggered mutation logic to RenderTreeBuilder.
3092
3093         No change in functionality.
3094
3095         * rendering/RenderFragmentedFlow.h:
3096         * rendering/RenderMultiColumnFlow.cpp:
3097         (WebCore::RenderMultiColumnFlow::isColumnSpanningDescendant const):
3098         (WebCore::findSetRendering): Deleted.
3099         (WebCore::isValidColumnSpanner): Deleted.
3100         (WebCore::spannerPlacehoderCandidate): Deleted.
3101         (WebCore::RenderMultiColumnFlow::processPossibleSpannerDescendant): Deleted.
3102         (WebCore::RenderMultiColumnFlow::fragmentedFlowDescendantInserted): Deleted.
3103         * rendering/RenderMultiColumnFlow.h:
3104         * rendering/RenderObject.cpp:
3105         (WebCore::RenderObject::insertedIntoTree):
3106         * rendering/updating/RenderTreeBuilder.cpp:
3107         (WebCore::RenderTreeBuilder::multiColumnDescendantInserted):
3108         * rendering/updating/RenderTreeBuilder.h:
3109         * rendering/updating/RenderTreeBuilderMultiColumn.cpp:
3110         (WebCore::findSetRendering):
3111         (WebCore::spannerPlacehoderCandidate):
3112         (WebCore::isValidColumnSpanner):
3113         (WebCore::RenderTreeBuilder::MultiColumn::multiColumnDescendantInserted):
3114         (WebCore::RenderTreeBuilder::MultiColumn::processPossibleSpannerDescendant):
3115         * rendering/updating/RenderTreeBuilderMultiColumn.h:
3116
3117 2018-02-09  Javier Fernandez  <jfernandez@igalia.com>
3118
3119         [css-align] Implement the new behavior of 'legacy' for justify-items
3120         https://bugs.webkit.org/show_bug.cgi?id=172712
3121
3122         Reviewed by Antti Koivisto.
3123
3124         The syntax of the 'justify-items' property accepts a new 'legacy' value,
3125         replacing the 'auto' value which is now parsed as invalid.
3126
3127         https://github.com/w3c/csswg-drafts/issues/1318
3128
3129         This change affects also to the 'place-items' shorthand, which doesn't
3130         accept 'auto' and, for the time being, neither 'legacy'.
3131
3132         Since the new value 'legacy' is also the default value, I don't expect
3133         this change to break content of sites currently using the 'justify-items'
3134         property.
3135
3136         No new tests, rebaselined existing test.
3137
3138         * css/CSSComputedStyleDeclaration.cpp:
3139         (WebCore::valueForItemPositionWithOverflowAlignment):
3140         (WebCore::ComputedStyleExtractor::valueForPropertyinStyle):
3141         * css/CSSPrimitiveValueMappings.h:
3142         (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
3143         (WebCore::CSSPrimitiveValue::operator ItemPosition const):
3144         * css/CSSProperties.json:
3145         * css/StyleResolver.cpp:
3146         (WebCore::StyleResolver::adjustRenderStyle):
3147         * css/parser/CSSPropertyParser.cpp:
3148         (WebCore::isAuto):
3149         (WebCore::isNormalOrStretch):
3150         (WebCore::consumeSelfPositionOverflowPosition):
3151         (WebCore::consumeJustifyItems):
3152         (WebCore::consumeSimplifiedDefaultPosition):
3153         (WebCore::consumeSimplifiedSelfPosition):
3154         (WebCore::CSSPropertyParser::consumePlaceItemsShorthand):
3155         (WebCore::CSSPropertyParser::consumePlaceSelfShorthand):
3156         * rendering/RenderFlexibleBox.cpp:
3157         (WebCore::alignmentOffset):
3158         * rendering/RenderGrid.cpp:
3159         (WebCore::RenderGrid::columnAxisPositionForChild const):
3160         (WebCore::RenderGrid::rowAxisPositionForChild const):
3161         * rendering/style/RenderStyle.cpp:
3162         (WebCore::resolvedSelfAlignment):
3163         (WebCore::RenderStyle::resolvedJustifyItems const):
3164         * rendering/style/RenderStyle.h:
3165         (WebCore::RenderStyle::initialJustifyItems):
3166         * rendering/style/RenderStyleConstants.h:
3167         * rendering/style/StyleRareNonInheritedData.cpp:
3168         (WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData):
3169
3170 2018-02-09  Yacine Bandou  <yacine.bandou_ext@softathome.com>
3171
3172         [EME][GStreamer] Add support for encrypted caps in GStreamerUtilities
3173         https://bugs.webkit.org/show_bug.cgi?id=181990
3174
3175         Reviewed by Xabier Rodriguez-Calvar.
3176
3177         Add the support of encrypted caps in GStreamerUtilities.
3178         Refactor the manner that the caps are handled, such as how to extract the resolution
3179         from the video caps or how to check if the caps are encrypted.
3180
3181         The attachTrack function in PlaybackPipeline doesn't need the "structure" parameter,
3182         it is already included in the "caps" parameter.
3183
3184         Replace the "mediaType" parameter by the "caps" parameter in reattachTrack function,
3185         it allows to use the new functions that handle the caps in GStreamerUtilities.
3186
3187         Tests:
3188             media/encrypted-media/clearKey/clearKey-cenc-audio-playback-mse.html
3189             media/encrypted-media/clearKey/clearKey-cenc-video-playback-mse.html
3190
3191         * platform/graphics/gstreamer/GStreamerUtilities.cpp:
3192         (WebCore::getVideoSizeAndFormatFromCaps): Add the support of video encrypted caps.
3193         (WebCore::getVideoResolutionFromCaps):
3194         (WebCore::capsMediaType):
3195         (WebCore::doCapsHaveType):
3196         (WebCore::areEncryptedCaps): Add a new functions in order to handle the caps properly.
3197         * platform/graphics/gstreamer/GStreamerUtilities.h:
3198         * platform/graphics/gstreamer/mse/AppendPipeline.cpp:
3199         (WebCore::AppendPipeline::parseDemuxerSrcPadCaps):
3200         * platform/graphics/gstreamer/mse/GStreamerMediaDescription.cpp:
3201         (WebCore::GStreamerMediaDescription::codec const):
3202         (WebCore::GStreamerMediaDescription::isVideo const):
3203         (WebCore::GStreamerMediaDescription::isAudio const):
3204         * platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:
3205         (WebCore::MediaPlayerPrivateGStreamerMSE::trackDetected):
3206         * platform/graphics/gstreamer/mse/PlaybackPipeline.cpp:
3207         (WebCore::PlaybackPipeline::attachTrack):
3208         (WebCore::PlaybackPipeline::reattachTrack):
3209         * platform/graphics/gstreamer/mse/PlaybackPipeline.h:
3210         * platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamer.cpp:
3211         (webKitMediaSrcUpdatePresentationSize): Refactor some parts by using the new added functions.
3212
3213 2018-02-09  Philippe Normand  <pnormand@igalia.com>
3214
3215         [GStreamer] Layout test fast/replaced/border-radius-clip.html crashes with GStreamer-CRITICAL **: gst_segment_to_stream_time: assertion 'segment->format == format' failed in gst_segment_to_stream_time()
3216         https://bugs.webkit.org/show_bug.cgi?id=176802
3217
3218         Reviewed by Xabier Rodriguez Calvar.
3219
3220         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
3221         (WebCore::MediaPlayerPrivateGStreamer::load): Prevent the player from loading animated gifs.
3222
3223 2018-02-09  Antti Koivisto  <antti@apple.com>
3224
3225         Move compiled selectors to StyleRule
3226         https://bugs.webkit.org/show_bug.cgi?id=182602
3227
3228         Reviewed by Zalan Bujtas.
3229
3230         Currently they are owned by RuleData. Several RuleData objects can refer to the same StyleRule, requiring recompilation.
3231         Compiled selectors are context-independent so they can be shared between all clients.
3232
3233         * WebCore.xcodeproj/project.pbxproj:
3234         * css/CSSSelectorList.cpp:
3235         (WebCore::CSSSelectorList::listSize const):
3236
3237         Compute the number of complex selectors on the list.
3238
3239         * css/CSSSelectorList.h:
3240         * css/DocumentRuleSets.cpp:
3241         (WebCore::makeRuleSet):
3242         (WebCore::DocumentRuleSets::classInvalidationRuleSets const):
3243
3244         Pass around list index along with the selector index (compiled selectors are found by list index).
3245
3246         * css/ElementRuleCollector.cpp:
3247         (WebCore::ElementRuleCollector::ruleMatches):
3248         * css/RuleSet.cpp:
3249         (WebCore::RuleData::RuleData):
3250         * css/RuleSet.h:
3251         (WebCore::RuleData::compilationStatus const): Deleted.
3252         (WebCore::RuleData::compiledSelectorCodeRef const): Deleted.
3253         (WebCore::RuleData::setCompiledSelector const): Deleted.
3254         (WebCore::RuleData::~RuleData): Deleted.
3255         (WebCore::RuleData::compiledSelectorUsed const): Deleted.
3256         * css/StyleRule.cpp:
3257         (WebCore::StyleRule::StyleRule):
3258         * css/StyleRule.h:
3259
3260             Add CompiledSelector member.
3261
3262         * cssjit/CompiledSelector.h: Added.
3263
3264             Move to a header of its own to keeps dependencies simple.
3265
3266         (WebCore::SelectorCompilationStatus::SelectorCompilationStatus):
3267         (WebCore::SelectorCompilationStatus::operator Status const):
3268         * cssjit/SelectorCompiler.h:
3269         (): Deleted.
3270         (WebCore::SelectorCompilationStatus::SelectorCompilationStatus): Deleted.
3271         (WebCore::SelectorCompilationStatus::operator Status const): Deleted.
3272
3273 2018-02-08  Antoine Quint  <graouts@apple.com>
3274
3275         [Web Animations] Always expose "composite" in output of getKeyframes()
3276         https://bugs.webkit.org/show_bug.cgi?id=182600
3277
3278         Reviewed by Dean Jackson.
3279
3280         The Web Animations spec has changed and whereas the output of getKeyframes() would not feature the "composite" property
3281         for "null" values, it now lists "composite" in all cases.
3282
3283         To support this, we needed to fix an issue in the code generator such that a "null" default value for an optional enum
3284         type was supported.
3285
3286         * animation/KeyframeEffect.cpp:
3287         (WebCore::KeyframeEffect::getKeyframes):
3288         * animation/KeyframeEffect.h:
3289         * animation/KeyframeEffect.idl:
3290         * bindings/scripts/CodeGeneratorJS.pm:
3291         (GenerateDefaultValue):
3292         * bindings/scripts/test/JS/JSTestObj.cpp:
3293         (WebCore::convertDictionary<TestObj::Dictionary>):
3294         (WebCore::convertDictionaryToJS):
3295         * bindings/scripts/test/TestObj.idl:
3296
3297 2018-02-08  Youenn Fablet  <youenn@apple.com>
3298
3299         CoreAudioCaptureSourceIOSListener should be a WebProcess singleton
3300         https://bugs.webkit.org/show_bug.cgi?id=182606
3301         <rdar://problem/37355283>
3302
3303         Reviewed by Eric Carlson.
3304
3305         Not testable right now as this relies on iOS specific Core Audio stack.
3306         Efforts should be made to somehow mock that part and mock interruptions.
3307
3308         Made CoreAudioCaptureSourceFactoryIOS responsible to receive iOS interruption messages.
3309         Before the patch, individual capture sources were receiving these messages.
3310         When there is only one capture source per process this is fine but with more capture sources,
3311         this is messing up things as they all share the same shared unit and we would try to interrupt it or resume it several times.
3312
3313         Also, if we are suspended and there is no more capture source, the shared unit will remain suspended indefinitely, as we will
3314         not process the interruption messages.
3315         With the patch, we always process the messages.
3316         We still go through the active source as done now to limit the changes.
3317         In case of no source, we go to the shared unit.
3318         In the future, we should directly go to the shared unit and clients of the shared unit should see their state being updated.
3319
3320         As a way to prevent staying suspended on iOS, we unsuspend ourselves in CoreAudioCaptureSource constructor.
3321         This is fine as this constructor is only called when getUserMedia grants access to the camera which always goes to the UIProcess.
3322         And the UIProcess is only processing getUserMedia calls if the WebProcess is foregrounded.
3323
3324         * platform/mediastream/ios/CoreAudioCaptureSourceIOS.h:
3325         * platform/mediastream/ios/CoreAudioCaptureSourceIOS.mm:
3326         (-[WebCoreAudioCaptureSourceIOSListener initWithCallback:]):
3327         (WebCore::CoreAudioCaptureSourceFactoryIOS::CoreAudioCaptureSourceFactoryIOS):
3328         (WebCore::CoreAudioCaptureSourceFactoryIOS::~CoreAudioCaptureSourceFactoryIOS):
3329         (WebCore::CoreAudioCaptureSourceFactory::singleton):
3330         * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
3331         (WebCore::CoreAudioCaptureSourceFactory::singleton):
3332         (WebCore::CoreAudioCaptureSource::create):
3333         (WebCore::CoreAudioCaptureSourceFactory::beginInterruption):
3334         (WebCore::CoreAudioCaptureSourceFactory::endInterruption):
3335         (WebCore::CoreAudioCaptureSourceFactory::scheduleReconfiguration):
3336         (WebCore::CoreAudioCaptureSource::factory):
3337         (WebCore::CoreAudioCaptureSource::CoreAudioCaptureSource):
3338         (WebCore::CoreAudioCaptureSource::~CoreAudioCaptureSource):
3339         (WebCore::CoreAudioCaptureSource::startProducingData):
3340         (WebCore::CoreAudioCaptureSource::scheduleReconfiguration):
3341         (WebCore::CoreAudioCaptureSource::beginInterruption):
3342         (WebCore::CoreAudioCaptureSource::endInterruption):
3343         * platform/mediastream/mac/CoreAudioCaptureSource.h:
3344         (WebCore::CoreAudioCaptureSourceFactory::setCoreAudioActiveSource):
3345         (WebCore::CoreAudioCaptureSourceFactory::unsetCoreAudioActiveSource):
3346         (WebCore::CoreAudioCaptureSourceFactory::coreAudioActiveSource):
3347
3348 2018-02-08  Chris Dumez  <cdumez@apple.com>
3349
3350         There should be a way to disable [OverrideBuiltins] behavior in a given DOMWrapperWorld
3351         https://bugs.webkit.org/show_bug.cgi?id=182524
3352         <rdar://problem/9057327>
3353
3354         Reviewed by Ryosuke Niwa.
3355
3356         Add new flag on DOMWrapperWorld indicating if the [OverrideBuiltins] behavior should
3357         be enabled in this world or not. The behavior is enabled by default for Web-compatibility.
3358         This flag is queried in accessVisibleNamedProperty() when doing the named property
3359         lookup.
3360
3361         Covered by new API test.
3362
3363         * bindings/js/DOMWrapperWorld.h:
3364         (WebCore::DOMWrapperWorld::disableOverrideBuiltinsBehavior):