Ownership between WebPlaybackSessionInterfaceMac and WebPlaybackControlsManager is...
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2016-07-05  Jer Noble  <jer.noble@apple.com>
2
3         Ownership between WebPlaybackSessionInterfaceMac and WebPlaybackControlsManager is backwards.
4         https://bugs.webkit.org/show_bug.cgi?id=159441
5
6         Reviewed by Eric Carlson.
7
8         The WebPlaybackControlsManager should own the WebPlaybackSessionInterfaceMac, and not
9         vice versa.
10
11         * platform/mac/WebPlaybackControlsManager.h:
12         * platform/mac/WebPlaybackControlsManager.mm:
13         (-[WebPlaybackControlsManager webPlaybackSessionInterfaceMac]):
14         (-[WebPlaybackControlsManager setWebPlaybackSessionInterfaceMac:]):
15         * platform/mac/WebPlaybackSessionInterfaceMac.h:
16         * platform/mac/WebPlaybackSessionInterfaceMac.mm:
17         (WebCore::WebPlaybackSessionInterfaceMac::playBackControlsManager):
18
19 2016-07-07  Eric Carlson  <eric.carlson@apple.com>
20
21         Add a test for media control dropoff
22         https://bugs.webkit.org/show_bug.cgi?id=151287
23         <rdar://problem/23544666>
24
25         Reviewed by Antoine Quint.
26
27         Test: media/controls/inline-elements-dropoff-order.html
28
29         * Modules/mediacontrols/mediaControlsApple.js: Expose more state to testing.
30
31 2016-07-07  Miguel Gomez  <magomez@igalia.com>
32
33         [GTK] Painting a video into a canvas doesn't work when accelerated compositing is enabled
34         https://bugs.webkit.org/show_bug.cgi?id=159405
35
36         Reviewed by Xabier Rodriguez-Calvar.
37
38         Implement video frame painting to the canvas when accelerated compositing is enabled.
39
40         Already covered by existent tests.
41
42         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
43         (WebCore::MediaPlayerPrivateGStreamer::handleMessage):
44         Replace custom enumeration for the video rotation with the ImageOrientation class.
45         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
46         (WebCore::MediaPlayerPrivateGStreamerBase::naturalSize):
47         Replace the orientation value comparison with ImageOrientation::usesWidthAsHeight().
48         (WebCore::MediaPlayerPrivateGStreamerBase::paint):
49         Perform the frame painting taking into account the video orientation tag.
50         (WebCore::MediaPlayerPrivateGStreamerBase::nativeImageForCurrentTime):
51         Rotate the native image before returning it.
52         (WebCore::MediaPlayerPrivateGStreamerBase::setVideoSourceOrientation):
53         Replace custom enumeration for the video rotation with the ImageOrientation class.
54         (WebCore::MediaPlayerPrivateGStreamerBase::MediaPlayerPrivateGStreamerBase): Deleted.
55         Remove orientation initialization.
56         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
57         Remove custom enumeration for the video orientation.
58
59 2016-07-07  Philippe Normand  <pnormand@igalia.com>
60
61         [GStreamer][GL] switch to appsink
62         https://bugs.webkit.org/show_bug.cgi?id=159466
63
64         Reviewed by Carlos Garcia Campos.
65
66         Fakesink is mostly used for tests. Appsink provides the same
67         functionality and is actually meant to be used on application
68         side.
69
70         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
71         (WebCore::MediaPlayerPrivateGStreamerBase::~MediaPlayerPrivateGStreamerBase):
72         (WebCore::newSampleCallback):
73         (WebCore::newPrerollCallback):
74         (WebCore::MediaPlayerPrivateGStreamerBase::createVideoSinkGL):
75         (WebCore::MediaPlayerPrivateGStreamerBase::drawCallback): Deleted.
76         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
77
78 2016-07-06  Chris Dumez  <cdumez@apple.com>
79
80         Document.title setter does not work for SVG documents
81         https://bugs.webkit.org/show_bug.cgi?id=159503
82         <rdar://problem/27212313>
83
84         Reviewed by Ryosuke Niwa.
85
86         Document.title setter should work for SVG documents:
87         - https://html.spec.whatwg.org/multipage/dom.html#document.title
88
89         This patch aligns our behavior with the specification
90         and with Firefox / Chrome.
91
92         No new tests, rebaselined existing test.
93
94         * dom/Document.cpp:
95         (WebCore::Document::setTitle):
96         - Reverse the if conditions for clarity.
97         - If the document element is an SVG svg element, create a
98           SVGTitleElement and insert it as first child of the
99           document element.
100         - Call SVGTitleElement::setText() instead of
101           HTMLTitleElement::setText() at the end of the method if
102           m_titleElement is a SVGTitleElement.
103
104         (WebCore::Document::updateTitleElement):
105         - If document element is an SVG svg element, use the first
106           child of the document element that is a SVGTitleElement.
107
108         * svg/SVGTitleElement.cpp:
109         (WebCore::SVGTitleElement::setText):
110         * svg/SVGTitleElement.h:
111         Add SVGTitleElement::setText() method that does the same
112         thing as HTMLTitleElement::setText().
113
114 2016-07-06  Chris Dumez  <cdumez@apple.com>
115
116         Align Document.body setter with the HTML specification
117         https://bugs.webkit.org/show_bug.cgi?id=159490
118
119         Reviewed by Alex Christensen.
120
121         Align Document.body setter with the HTML specification:
122         - https://html.spec.whatwg.org/multipage/dom.html#dom-document-body
123
124         In particular, the following web-exposed changes were made:
125         - It is now possible to set document.body to a frameset element.
126         - We no longer call importNode() on the passed in body. Therefore,
127           if the body comes from another document, its will be adopted /
128           transferred rather than cloned.
129
130         Both changes match the behavior of Firefox and Chrome.
131
132         No new tests, updated / rebaselined existing tests.
133
134         * dom/Document.cpp:
135         (WebCore::Document::setBodyOrFrameset):
136
137 2016-07-06  Brady Eidson  <beidson@apple.com>
138
139         Fix my bogus json I landed earlier today.
140
141         * features.json:
142
143 2016-07-06  Benjamin Poulain  <bpoulain@apple.com>
144
145         [JSC] Unify how we throw TypeError from C++
146         https://bugs.webkit.org/show_bug.cgi?id=159500
147
148         Reviewed by Saam Barati.
149
150         * bindings/js/JSBiquadFilterNodeCustom.cpp:
151         (WebCore::JSBiquadFilterNode::setType):
152         * bindings/js/JSBlobCustom.cpp:
153         (WebCore::constructJSBlob):
154         * bindings/js/JSCryptoKeySerializationJWK.cpp:
155         (WebCore::getBigIntegerVectorFromJSON):
156         (WebCore::JSCryptoKeySerializationJWK::JSCryptoKeySerializationJWK):
157         (WebCore::tryJWKKeyOpsValue):
158         (WebCore::JSCryptoKeySerializationJWK::reconcileUsages):
159         (WebCore::JSCryptoKeySerializationJWK::keyDataOctetSequence):
160         (WebCore::JSCryptoKeySerializationJWK::keyDataRSAComponents):
161         (WebCore::JSCryptoKeySerializationJWK::keyData):
162         (WebCore::addJWKAlgorithmToJSON):
163         (WebCore::JSCryptoKeySerializationJWK::serialize):
164         * bindings/js/JSCryptoOperationData.cpp:
165         (WebCore::cryptoOperationDataFromJSValue):
166         * bindings/js/JSDOMBinding.cpp:
167         (WebCore::enforceRange):
168         (WebCore::throwTypeError):
169         (WebCore::throwArgumentMustBeEnumError):
170         (WebCore::throwArgumentMustBeFunctionError):
171         (WebCore::throwArgumentTypeError):
172         (WebCore::throwArrayElementTypeError):
173         (WebCore::throwGetterTypeError):
174         (WebCore::throwThisTypeError):
175         * bindings/js/JSDataCueCustom.cpp:
176         (WebCore::constructJSDataCue):
177         * bindings/js/JSDocumentCustom.cpp:
178         (WebCore::JSDocument::defineElement):
179         * bindings/js/JSFileCustom.cpp:
180         (WebCore::constructJSFile):
181         * bindings/js/JSModuleLoader.cpp:
182         (WebCore::JSModuleLoader::evaluate):
183         * bindings/js/JSMutationObserverCustom.cpp:
184         (WebCore::constructJSMutationObserver):
185         * bindings/js/JSOscillatorNodeCustom.cpp:
186         (WebCore::JSOscillatorNode::setType):
187         * bindings/js/JSPannerNodeCustom.cpp:
188         (WebCore::JSPannerNode::setPanningModel):
189         (WebCore::JSPannerNode::setDistanceModel):
190         * bindings/js/JSReadableStreamPrivateConstructors.cpp:
191         (WebCore::constructJSReadableStreamController):
192         (WebCore::constructJSReadableStreamReader):
193         * bindings/js/JSSubtleCryptoCustom.cpp:
194         (WebCore::cryptoKeyFormatFromJSValue):
195         (WebCore::importKey):
196         (WebCore::exportKey):
197         * bindings/js/ReadableStreamController.cpp:
198         (WebCore::ReadableStreamController::invoke):
199         * bindings/js/SerializedScriptValue.cpp:
200         (WebCore::CloneDeserializer::throwValidationError):
201         (WebCore::SerializedScriptValue::maybeThrowExceptionIfSerializationFailed):
202         * bridge/c/c_instance.cpp:
203         (JSC::Bindings::CInstance::invokeMethod):
204         * bridge/objc/objc_instance.mm:
205         (ObjcInstance::invokeMethod):
206         * bridge/objc/objc_runtime.mm:
207         (JSC::Bindings::ObjcArray::setValueAt):
208
209 2016-07-06  Tim Horton  <timothy_horton@apple.com>
210
211         Email from June 1st containing text 'Today @ 7:10PM' is linkified, but shouldn't be
212         https://bugs.webkit.org/show_bug.cgi?id=159498
213         <rdar://problem/26719903>
214
215         Reviewed by Sam Weinig.
216
217         New API test: WebKit2.DataDetectionReferenceDate
218
219         * editing/cocoa/DataDetection.h:
220         * editing/cocoa/DataDetection.mm:
221         (WebCore::DataDetection::detectContentInRange):
222         Extract the reference date from the DataDetectors context dictionary if it exists,
223         and pass it along to DataDetectors.
224
225         * loader/FrameLoader.cpp:
226         (WebCore::FrameLoader::checkLoadCompleteForThisFrame):
227         * loader/FrameLoaderClient.h:
228         Plumb the DataDetectors context dictionary through from WebPage.
229
230 2016-07-06  Chris Dumez  <cdumez@apple.com>
231
232         [WK2][Cocoa] Disable ResourceResponse lazy initialization
233         https://bugs.webkit.org/show_bug.cgi?id=159497
234         <rdar://problem/27209066>
235
236         Reviewed by Alex Christensen.
237
238         Add method to Cocoa's ResponseResponse header to disable
239         lazy initialization.
240
241         * platform/network/cf/ResourceResponse.h:
242         * platform/network/cocoa/ResourceResponseCocoa.mm:
243         (WebCore::ResourceResponse::disableLazyInitialization):
244
245 2016-07-06  Brent Fulgham  <bfulgham@apple.com>
246
247         Return values of JSArray::createUninitialized (and related) are not consistently checked for nullptr
248         https://bugs.webkit.org/show_bug.cgi?id=159495
249         <rdar://problem/26075433>
250
251         Reviewed by Dean Jackson.
252
253         Test: fast/canvas/canvas-getImageData-invalid-result-buffer-crash.html
254
255         * html/ImageData.cpp:
256         (WebCore::ImageData::ImageData): Assert at construction if we could not create a valid
257         buffer.
258         * platform/SharedBuffer.cpp:
259         (WebCore::SharedBuffer::createArrayBuffer): Check for a null buffer before using it.
260         * platform/graphics/cg/ImageBufferDataCG.cpp:
261         (WebCore::ImageBufferData::getData): Ditto.
262         * platform/graphics/filters/FEGaussianBlur.cpp:
263         (WebCore::FEGaussianBlur::platformApplySoftware): Ditto.
264         * platform/graphics/filters/FilterEffect.cpp:
265         (WebCore::FilterEffect::copyImageBytes): Ditto.
266         (WebCore::FilterEffect::copyUnmultipliedImage): Ditto.
267         (WebCore::FilterEffect::copyPremultipliedImage): Ditto.
268
269 2016-07-06  Chris Dumez  <cdumez@apple.com>
270
271         Document.body should return the first child of the html element that is either a body / frameset element
272         https://bugs.webkit.org/show_bug.cgi?id=159488
273
274         Reviewed by Ryosuke Niwa.
275
276         Document.body should return the first child of the html element that is
277         either a body / frameset element:
278         - https://html.spec.whatwg.org/multipage/dom.html#dom-document-body
279         - https://html.spec.whatwg.org/multipage/dom.html#the-body-element-2
280
281         We used the first child of the *document* element that is either a
282         body / frameset element, even if the document element is not an html
283         element.
284
285         Firefox and Chrome match the specification.
286
287         Test: imported/w3c/web-platform-tests/html/dom/documents/dom-tree-accessors/Document.body.html
288
289         * dom/Document.cpp:
290         (WebCore::Document::bodyOrFrameset):
291
292 2016-07-06  Dean Jackson  <dino@apple.com>
293
294         Adopt new PiP glyph
295         https://bugs.webkit.org/show_bug.cgi?id=159494
296         <rdar://problem/27061084>
297
298         Reviewed by Ada Chan.
299
300         We got new artwork for Picture-in-Picture on macOS from
301         our designers.
302
303         * Modules/mediacontrols/mediaControlsApple.css:
304         (video::-webkit-media-controls-panel .picture-in-picture-button):
305         (video::-webkit-media-controls-panel .picture-in-picture-button.return-from-picture-in-picture):
306
307 2016-07-06  Commit Queue  <commit-queue@webkit.org>
308
309         Unreviewed, rolling out r202867.
310         https://bugs.webkit.org/show_bug.cgi?id=159491
311
312         This change caused an existing LayoutTest to crash on ios-
313         simulator (Requested by ryanhaddad on #webkit).
314
315         Reverted changeset:
316
317         "<img> with a wide gamut PDF does not display using a wide
318         gamut color space"
319         https://bugs.webkit.org/show_bug.cgi?id=158983
320         http://trac.webkit.org/changeset/202867
321
322 2016-07-06  Chris Dumez  <cdumez@apple.com>
323
324         [ShadowDOM] assignedSlot property should be on Text, not CharacterData
325         https://bugs.webkit.org/show_bug.cgi?id=159482
326         <rdar://problem/27201687>
327
328         Reviewed by Ryosuke Niwa.
329
330         assignedSlot property should be on Text, not CharacterData as per:
331         - https://dom.spec.whatwg.org/#mixin-slotable
332
333         Align with the latest specification.
334
335         No new tests, rebaselined existing test.
336
337         * CMakeLists.txt:
338         * DerivedSources.make:
339         * WebCore.xcodeproj/project.pbxproj:
340         * dom/Element.idl:
341         * dom/NonDocumentTypeChildNode.idl:
342         * dom/Slotable.idl: Copied from Source/WebCore/dom/NonDocumentTypeChildNode.idl.
343         * dom/Text.idl:
344
345 2016-07-06  Jeremy Jones  <jeremyj@apple.com>
346
347         Do not animate video fullscreen exit when page has navigated away.
348         https://bugs.webkit.org/show_bug.cgi?id=159479
349
350         Reviewed by Eric Carlson.
351
352         No new tests there is no effect on the DOM. The only effect is to video fullscreen window animation.
353
354         When the page has been navigated away, the fullscreen or picture-in-picture window should
355         not animate back inline in the page, since the page has already navigated to a new page.
356         Instead exit the fullscreen mode without animating.
357
358         * html/HTMLMediaElement.cpp:
359         (WebCore::HTMLMediaElement::exitFullscreen):
360
361 2016-07-06  Jeremy Jones  <jeremyj@apple.com>
362
363         Signal that media element is prepared for inline when being stopped since script won't be able to.
364         https://bugs.webkit.org/show_bug.cgi?id=159163
365         rdar://problem/26844557
366
367         Reviewed by Jer Noble.
368
369         No new tests since this don't change behavior in the DOM. It prevents a race that could cause 
370         fullscreen and picture in picture to fail to tear down completely.
371   
372         When an element exits a fullscreen mode and is immediately removed from the DOM by the page, 
373         its JavaScript stops running. The fullscreen code is then blocked waiting for JS to signal 
374         that it has updated its state in preparation for inline mode. This change explicitly signals
375         this since JS wont be able to.
376
377         Additionally, when going from PiP back to inline, don't go through fullscreen first, when the 
378         request comes from the DOM. This was causing the presentation mode to become confused. The
379         page requests inline. PiP would exit back to fullscreen and set the presentation mode to
380         fullscreen. Then it would exit fullscreen back to inline, but the DOM still had the wrong
381         presentation mode. Skipping this removes an unnecessary step in the animation and keeps the
382         presentation mode state consistent.
383
384         * html/HTMLMediaElement.cpp:
385         (WebCore::HTMLMediaElement::stopWithoutDestroyingMediaPlayer):
386         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm: Set prepared for inline.
387         (WebVideoFullscreenInterfaceAVKit::exitFullscreen): Return directly to inlne.
388
389 2016-07-06  Chris Dumez  <cdumez@apple.com>
390
391         Add support for Node.isConnected
392         https://bugs.webkit.org/show_bug.cgi?id=159474
393         <rdar://problem/27197947>
394
395         Reviewed by Ryosuke Niwa.
396
397         Add support for Node.isConnected as per:
398         - https://dom.spec.whatwg.org/#dom-node-isconnected
399
400         Chrome already supports this.
401
402         Test: imported/w3c/web-platform-tests/dom/nodes/Node-isConnected.html
403
404         * dom/Node.idl:
405
406 2016-07-06  Brady Eidson  <beidson@apple.com>
407
408         Update IndexedDB's status on the feature page (How had we not done this already?)
409
410         Rubberstamped by Sam Weinig.
411
412         * features.json:
413
414 2016-07-06  Antoine Quint  <graouts@apple.com>
415
416         <img> with a wide gamut PDF does not display using a wide gamut color space
417         https://bugs.webkit.org/show_bug.cgi?id=158983
418         <rdar://problem/25720247>
419
420         Reviewed by Tim Horton.
421
422         Calls to ImageBuffer::createCompatibleBuffer() that do not provide an explicit
423         color space will now infer the color space from the provided graphics context
424         on platforms using CG. The method signature that takes in a GraphicsContext
425         without a color space is now split into a CG-specified implementation and a
426         Cairo one to avoid having diverging platform code in ImageBuffer.cpp.
427
428         Some call sites need to provide an explicit color space still, so we add a new
429         ImageBuffer::createCompatibleBuffer() that allows for that while inferring
430         sizing and scaling from a GraphicsContext.
431         
432         All signatures of ImageBuffer::createCompatibleBuffer() are losing the
433         hasAlpha parameter which was always ignored. All call sites that were using
434         hasAlpha have been updated.
435
436         In addition, we make all the IOSurface and IOSurfacePool code, which is
437         CG-specific, use the plaform-specific type CGColorSpaceRef instead of ColorSpace
438         so that we may pick up on the color space copied over from the graphics context
439         in the CG-specific implementation of ImageBuffer::createCompatibleBuffer().
440
441         * html/canvas/CanvasRenderingContext2D.cpp:
442         (WebCore::CanvasRenderingContext2D::drawTextInternal):
443         * platform/graphics/GradientImage.cpp:
444         (WebCore::GradientImage::drawPattern):
445         * platform/graphics/ImageBuffer.cpp:
446         (WebCore::ImageBuffer::createCompatibleBuffer):
447         * platform/graphics/ImageBuffer.h:
448         * platform/graphics/NamedImageGeneratedImage.cpp:
449         (WebCore::NamedImageGeneratedImage::drawPattern):
450         * platform/graphics/cairo/ImageBufferCairo.cpp:
451         (WebCore::ImageBuffer::createCompatibleBuffer):
452         * platform/graphics/cg/IOSurfacePool.cpp:
453         (WebCore::surfaceMatchesParameters):
454         (WebCore::IOSurfacePool::takeSurface):
455         * platform/graphics/cg/IOSurfacePool.h:
456         * platform/graphics/cg/ImageBufferCG.cpp:
457         (WebCore::ImageBuffer::createCompatibleBuffer):
458         (WebCore::ImageBuffer::ImageBuffer):
459         * platform/graphics/cocoa/IOSurface.h:
460         * platform/graphics/cocoa/IOSurface.mm:
461         (WebCore::IOSurface::surfaceFromPool):
462         (WebCore::IOSurface::create):
463         (WebCore::IOSurface::createFromSendRight):
464         (WebCore::IOSurface::createFromSurface):
465         (WebCore::IOSurface::createFromImage):
466         (WebCore::IOSurface::IOSurface):
467         (WebCore::IOSurface::ensurePlatformContext):
468         * platform/mac/ThemeMac.mm:
469         (WebCore::ThemeMac::drawCellOrFocusRingWithViewIntoContext):
470         * platform/spi/cg/CoreGraphicsSPI.h:
471         * rendering/RenderBoxModelObject.cpp:
472         (WebCore::RenderBoxModelObject::paintFillLayerExtended):
473         * rendering/RenderThemeMac.mm:
474         (WebCore::RenderThemeMac::paintProgressBar):
475         * rendering/svg/SVGRenderingContext.cpp:
476         (WebCore::SVGRenderingContext::bufferForeground):
477         * svg/graphics/SVGImage.cpp:
478         (WebCore::SVGImage::drawPatternForContainer):
479
480 2016-07-06  Tim Horton  <timothy_horton@apple.com>
481
482         Long spin editing text at top of message containing Reader version of web page with many GIFs
483         https://bugs.webkit.org/show_bug.cgi?id=159444
484         <rdar://problem/26790386>
485
486         Reviewed by Sam Weinig.
487
488         * editing/cocoa/HTMLConverter.mm:
489         (fileWrapperForElement):
490         Instead of looking up the image's data in the cache by URL, just use the
491         CachedImage on the HTMLImageElement. There are situations (which seem to involve
492         cloning the DOM then having the cloned DOM get garbage collected) where the image
493         can be removed from the cache, but still be live in the document.
494
495 2016-07-06  Brady Eidson  <beidson@apple.com>
496
497         Hold RefPtr<>'s to UniqueIDBDatabases while performing user delete.
498         https://bugs.webkit.org/show_bug.cgi?id=159471
499
500         Reviewed by Brent Fulgham.
501
502         * Modules/indexeddb/server/IDBServer.cpp:
503         (WebCore::IDBServer::IDBServer::closeAndDeleteDatabasesModifiedSince):
504         (WebCore::IDBServer::IDBServer::closeAndDeleteDatabasesForOrigins):
505
506 2016-07-06  Commit Queue  <commit-queue@webkit.org>
507
508         Unreviewed, rolling out r202725.
509         https://bugs.webkit.org/show_bug.cgi?id=159473
510
511         didn't reduce coreui memory usage (Requested by kling on
512         #webkit).
513
514         Reverted changeset:
515
516         "[Mac] Get rid of the old timey rubber-banding linen pattern."
517         https://bugs.webkit.org/show_bug.cgi?id=159329
518         http://trac.webkit.org/changeset/202725
519
520 2016-07-06  Philippe Normand  <pnormand@igalia.com>
521
522         [GStreamer] duration query improvements
523         https://bugs.webkit.org/show_bug.cgi?id=159458
524
525         Reviewed by Carlos Garcia Campos.
526
527         Currently the player caches the result of the duration query but
528         this is overkill because it's cached by playbin already. The only
529         time where the player needs to cache the duration is when EOS was
530         reached because in that situation the query would fail.
531
532         No new tests, existing media tests cover this patch.
533
534         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
535         (WebCore::MediaPlayerPrivateGStreamer::MediaPlayerPrivateGStreamer): Member variables update.
536         (WebCore::MediaPlayerPrivateGStreamer::load): Stop the fill timer
537         before loading a new URL, the same player can be used for
538         different assets.
539         (WebCore::MediaPlayerPrivateGStreamer::playbackPosition): Perform
540         a duration query, the duration value is no longer locally cached.
541         (WebCore::MediaPlayerPrivateGStreamer::duration): Return cached value only after EOS was reached.
542         (WebCore::MediaPlayerPrivateGStreamer::fillTimerFired): Perform
543         a duration query, the duration value is no longer locally cached.
544         (WebCore::MediaPlayerPrivateGStreamer::maxTimeSeekable): Ditto.
545         (WebCore::MediaPlayerPrivateGStreamer::maxTimeLoaded): Ditto.
546         (WebCore::MediaPlayerPrivateGStreamer::didLoadingProgress): Ditto.
547         (WebCore::MediaPlayerPrivateGStreamer::updateStates): Remove duration caching support.
548         (WebCore::MediaPlayerPrivateGStreamer::didEnd): Ditto.
549         (WebCore::MediaPlayerPrivateGStreamer::durationChanged): Ditto.
550         (WebCore::MediaPlayerPrivateGStreamer::cacheDuration): Deleted.
551         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
552
553 2016-07-06  Manuel Rego Casasnovas  <rego@igalia.com>
554
555         [css-grid] Height percentages are not properly resolved for item's children
556         https://bugs.webkit.org/show_bug.cgi?id=159258
557
558         Reviewed by Sergio Villar Senin.
559
560         When grid items are vertically stretched (default behavior)
561         they store their height on RenderBox::overrideLogicalContentHeight().
562         In order to resolve the percentage height on the grid item's children
563         we need to use that size.
564
565         Test: fast/css-grid-layout/percent-resolution-grid-item-children.html
566
567         * rendering/RenderBox.cpp:
568         (WebCore::RenderBox::computePercentageLogicalHeight):
569
570 2016-07-06  Zan Dobersek  <zdobersek@igalia.com>
571
572         [GTK] Better guard TextureMapper header and CMake includes
573         https://bugs.webkit.org/show_bug.cgi?id=159415
574
575         Reviewed by Carlos Garcia Campos.
576
577         * PlatformGTK.cmake: Only include TextureMapper.cmake if USE_TEXTURE_MAPPER is enabled.
578         * platform/graphics/GraphicsContext3DPrivate.h: Guard texmap header inclusions with USE(TEXTURE_MAPPER).
579         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h: Ditto, but wrap it around
580         the existing USE(TEXTURE_MAPPER_GL) block.
581
582 2016-07-05  Olivier Blin  <olivier.blin@softathome.com>
583
584         [GStreamer] Do not build MediaPlayerPrivateGStreamerOwr when VIDEO is disabled
585         https://bugs.webkit.org/show_bug.cgi?id=159425
586
587         Reviewed by Philippe Normand.
588
589         MediaPlayer backends are useful and can be built only when VIDEO is enabled.
590
591         No new tests, behavior is unchanged.
592
593         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerOwr.cpp:
594         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerOwr.h:
595
596 2016-07-05  Per Arne Vollan  <pvollan@apple.com>
597
598         [Win] Layout Test http/tests/security/contentSecurityPolicy/source-list-parsing-10.html is failing
599         https://bugs.webkit.org/show_bug.cgi?id=147646
600
601         Reviewed by Brent Fulgham.
602
603         Fix build error when CSP_NEXT is disabled.
604
605         * DerivedSources.cpp:
606
607 2016-07-05  David Kilzer  <ddkilzer@apple.com>
608
609         Throw exceptions for invalid number of channels for ConvolverNode
610         <https://webkit.org/b/159238>
611
612         Reviewed by Brent Fulgham.
613
614         Fix based on a Blink change (patch by <rtoy@chromium.org>):
615         <https://chromium.googlesource.com/chromium/src.git/+/0cc26bbb7175aec77910d0b47faf9f8c8a640fe5>
616
617         Also includes a related fix for ReverbConvolverStage (patch by <rtoy@chromium.org>):
618         <https://src.chromium.org/viewvc/blink?revision=157832&view=revision>
619
620         Test: webaudio/convolver-channels.html
621
622         * Modules/webaudio/ConvolverNode.cpp:
623         (WebCore::ConvolverNode::setBuffer): Throw an exception for
624         anything but 1, 2 or 4 channels.
625         * platform/audio/ReverbConvolverStage.cpp:
626         (WebCore::ReverbConvolverStage::ReverbConvolverStage): Don't read past the end of
627         the impulseResponse array.
628
629 2016-07-05  Johan K. Jensen  <jj@johanjensen.dk>
630
631         Web Inspector: Sending XHR with UTF8 encoded data shows garbled data in Resource sidebar
632         https://bugs.webkit.org/show_bug.cgi?id=159358
633
634         Reviewed by Joseph Pecoraro.
635
636         Test: http/tests/inspector/network/xhr-request-data-encoded-correctly.html
637
638         * inspector/InspectorNetworkAgent.cpp:
639         (WebCore::buildObjectForResourceRequest):
640         * inspector/NetworkResourcesData.cpp:
641         (WebCore::NetworkResourcesData::setResourceContent):
642
643 2016-07-05  Chris Fleizach  <cfleizach@apple.com>
644
645         AX: Image attachment in email does not show up in AX tree
646         https://bugs.webkit.org/show_bug.cgi?id=159422
647
648         Reviewed by Joanmarie Diggs.
649
650         When an image loads after the accessibility tree has already been created, the ignored status
651         of that image does not get updated.
652
653         Test: accessibility/image-load-on-delay.html
654
655         * rendering/RenderImage.cpp:
656         (WebCore::RenderImage::imageChanged):
657
658 2016-07-05  Alex Christensen  <achristensen@webkit.org>
659
660         Fix Windows build.
661         https://bugs.webkit.org/show_bug.cgi?id=159103
662
663         * Modules/indexeddb/IDBActiveDOMObject.h:
664         (WebCore::IDBActiveDOMObject::callFunctionOnOriginThread):
665         WTF.
666
667 2016-07-05  Enrica Casucci  <enrica@apple.com>
668
669         HTMLAttachment elements don't receive clicks after the first on iOS.
670         https://bugs.webkit.org/show_bug.cgi?id=159310
671         rdar://problem/25776940
672
673         Reviewed by Tim Horton.
674
675         shouldSelectOnMouseDown() now returns false on iOS.
676
677         * html/HTMLAttachmentElement.h:
678
679 2016-07-05  Brady Eidson  <beidson@apple.com>
680
681         IDBDatabase can null deref its ScriptExecutionContext inside connectionToServerLost.
682         <rdar://problem/27169924> and https://bugs.webkit.org/show_bug.cgi?id=159432
683
684         Reviewed by Alex Christensen.
685
686         No new tests (Targeted test not possible, covered peripherally by all IDB tests).
687
688         * Modules/indexeddb/IDBActiveDOMObject.h:
689         * Modules/indexeddb/IDBDatabase.cpp:
690         (WebCore::IDBDatabase::connectionToServerLost): Make sure there is still a script execution context.
691
692 2016-07-01  Jer Noble  <jer.noble@apple.com>
693
694         REGRESSION (r202641): Netflix playback stalls after a few seconds
695         https://bugs.webkit.org/show_bug.cgi?id=159365
696
697         Reviewed by Eric Carlson.
698
699         Test: LayoutTests/media/media-source/media-source-small-gap.html
700
701         In r202641, we removed a "fudge factor" of 1 millisecond added onto the duration
702         of every sample for the purposes of calculating a SourceBuffer's buffered ranges.
703         Netflix (and likely other providers) have streams that have 1 "timeScale" gaps
704         between segments (e.g., 1/9000s, 1/3003s, etc.). Fill those gaps by looking for
705         the previous and next samples and extending the buffered range to cover the gaps
706         if they're short enough. We have to ensure that we correctly remove those extended
707         durations when we remove samples from the SourceBuffer as well.
708
709         * Modules/mediasource/SourceBuffer.cpp:
710         (WebCore::removeSamplesFromTrackBuffer):
711         (WebCore::SourceBuffer::removeCodedFrames):
712         (WebCore::SourceBuffer::sourceBufferPrivateDidReceiveSample):
713
714 2016-07-05  Brady Eidson  <beidson@apple.com>
715
716         Database process crashes deleting a corrupt SQLite database file (null deref).
717         https://bugs.webkit.org/show_bug.cgi?id=155506.
718
719         Reviewed by Alex Christensen.
720
721         Covered by new API test.
722
723         * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
724         (WebCore::IDBServer::SQLiteIDBBackingStore::deleteBackingStore): Null check.
725
726 2016-07-05  Brady Eidson  <beidson@apple.com>
727
728         TransactionOperations can get destroyed on the wrong thread.
729         https://bugs.webkit.org/show_bug.cgi?id=159103
730
731         Reviewed by Alex Christensen.
732
733         No new tests (Very racy, not feasible to write a dedicated test for, caught on bots occasionally as-is).
734
735         * Modules/indexeddb/IDBActiveDOMObject.h:
736         (WebCore::IDBActiveDOMObject::callFunctionOnOriginThread):
737         
738         * Modules/indexeddb/client/IDBConnectionProxy.cpp:
739         (WebCore::IDBClient::IDBConnectionProxy::completeOperation): Pass the last ref to the operation to its
740           origin thread to be deleted there.
741         
742         * Modules/indexeddb/client/TransactionOperation.h:
743         (WebCore::IDBClient::TransactionOperation::performCompleteOnOriginThread):
744
745 2016-07-05  Youenn Fablet  <youenn@apple.com>
746
747         Remove CredentialRequest ResourceLoaderOptions
748         https://bugs.webkit.org/show_bug.cgi?id=159404
749
750         Reviewed by Sam Weinig.
751
752         No observable change of behavior.
753         Removing CredentialRequest from ResourceLoaderOptions and replacing it by FetchOptions::Credentials.
754         As per https://fetch.spec.whatwg.org/#http-fetch, credentials flag is set according FetchOptions::Credentials.
755
756         * loader/DocumentLoader.cpp:
757         (WebCore::DocumentLoader::startLoadingMainResource): Set credentials mode to Include.
758         * loader/DocumentThreadableLoader.cpp:
759         (WebCore::DocumentThreadableLoader::redirectReceived): Disable credentials if credentials mode is SameOrigin
760         (request being cross origin).
761         * loader/MediaResourceLoader.cpp: Refqctoring to use CachedResourceReauest::setAsPotentiallyCrossOrigin.
762         Removed unnecessary ResourceRequest copy by using the mutable request of CachedResourceRequest.
763         (WebCore::MediaResourceLoader::requestResource):
764         * loader/NetscapePlugInStreamLoader.cpp:
765         (WebCore::NetscapePlugInStreamLoader::NetscapePlugInStreamLoader): Set credential mode  to Include
766         * loader/ResourceLoaderOptions.h: Removing CredentialRequest option.
767         (WebCore::ResourceLoaderOptions::ResourceLoaderOptions):
768         (WebCore::ResourceLoaderOptions::credentialRequest): Deleted.
769         (WebCore::ResourceLoaderOptions::setCredentialRequest): Deleted.
770         * loader/cache/CachedResourceLoader.cpp:
771         (WebCore::CachedResourceLoader::requestUserCSSStyleSheet): Set credential mode to Include.
772         (WebCore::CachedResourceLoader::defaultCachedResourceOptions): Ditto.
773         * loader/cache/CachedResourceRequest.cpp:
774         (WebCore::CachedResourceRequest::setAsPotentiallyCrossOrigin): Set credential mode according crossorigin
775         atribute value.
776         * loader/icon/IconLoader.cpp:
777         (WebCore::IconLoader::startLoading): Set credential mode to Omit.
778         * page/EventSource.cpp:
779         (WebCore::EventSource::connect): Set credential mode according crossorigin atribute value.
780         * platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp:
781         (WebCore::WebCoreAVCFResourceLoader::startLoading): Set credential mode to Omit.
782         * platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm:
783         (WebCore::WebCoreAVFResourceLoader::startLoading): Ditto.
784         * platform/network/ResourceHandleTypes.h: Removed definition of CredentialRequest.
785         * xml/XMLHttpRequest.cpp:
786         (WebCore::XMLHttpRequest::createRequest): Set credential mode according crossorigin atribute value.
787
788 2016-07-04  Fujii Hironori  <Hironori.Fujii@sony.com>
789
790         [GTK] Null Node dereference in FrameSelection::notifyAccessibilityForSelectionChange of FrameSelectionAtk.cpp
791         https://bugs.webkit.org/show_bug.cgi?id=159411
792
793         Reviewed by Carlos Garcia Campos.
794
795         Tests:
796             editing/selection/selection-in-iframe-removed-crash.html
797
798         * editing/atk/FrameSelectionAtk.cpp:
799         (WebCore::FrameSelection::notifyAccessibilityForSelectionChange):
800         Added a null check for the return value of containerNode().
801
802 2016-07-04  Gyuyoung Kim  <gyuyoung.kim@webkit.org>
803
804         [EFL] Remove mac configuration dependency in WebKit Version definition
805         https://bugs.webkit.org/show_bug.cgi?id=159407
806
807         Reviewed by Yusuke Suzuki.
808
809         EFL port has been used Version.xconfig file in WebKit/mac/Configurations
810         in order to generate WebKitVersion.h file. But it can be simply defined
811         in cmake.
812
813         * PlatformEfl.cmake: Remove WebKitVersion.h generation.
814         * platform/efl/UserAgentEfl.cpp:
815         (WebCore::versionForUAString): Use USER_AGENT_EFL_MAJOR_VERSION and USER_AGENT_EFL_MINOR_VERSION.
816
817 2016-07-04  Carlos Garcia Campos  <cgarcia@igalia.com>
818
819         [Coordinated Graphics] Modernize and cleanup CompositingCoordinator
820         https://bugs.webkit.org/show_bug.cgi?id=159212
821
822         Reviewed by Žan Doberšek.
823
824         Use references instead of pointers when possible.
825
826         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
827         (WebCore::CoordinatedGraphicsLayer::paintToSurface):
828         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
829         * platform/graphics/texmap/coordinated/CoordinatedImageBacking.cpp:
830         (WebCore::CoordinatedImageBacking::update):
831         * platform/graphics/texmap/coordinated/CoordinatedImageBacking.h:
832         * platform/graphics/texmap/coordinated/CoordinatedSurface.h:
833         * platform/graphics/texmap/coordinated/Tile.cpp:
834         (WebCore::Tile::updateBackBuffer):
835         * platform/graphics/texmap/coordinated/TiledBackingStoreClient.h:
836
837 2016-07-04  Youenn Fablet  <youenn@apple.com>
838
839         Remove RequestOriginPolicy from ResourceLoaderOptions
840         https://bugs.webkit.org/show_bug.cgi?id=159406
841
842         Reviewed by Sam Weinig.
843
844         Using FetchOptions::mode in lieu of ResourceLoaderOptions::RequestOriginPolicy.
845         The cors, no-cors and same-origin values match PotentiallyCrossOriginEnabled,
846         UseDefaultOriginRestrictionsForType and RestrictToSameOrigin, default being
847         cors/UseDefaultOriginRestrictionsForType as per fetch specification.
848
849         No change of behavior.
850
851         * css/CSSImageSetValue.cpp:
852         (WebCore::CSSImageSetValue::cachedImageSet):
853         * css/CSSImageValue.cpp:
854         (WebCore::CSSImageValue::cachedImage):
855         * loader/DocumentLoader.cpp:
856         (WebCore::DocumentLoader::startLoadingMainResource):
857         * loader/MediaResourceLoader.cpp:
858         (WebCore::MediaResourceLoader::requestResource):
859         * loader/NetscapePlugInStreamLoader.cpp:
860         (WebCore::NetscapePlugInStreamLoader::NetscapePlugInStreamLoader):
861         * loader/ResourceLoaderOptions.h:
862         (WebCore::ResourceLoaderOptions::ResourceLoaderOptions):
863         (WebCore::ResourceLoaderOptions::requestOriginPolicy): Deleted.
864         (WebCore::ResourceLoaderOptions::setRequestOriginPolicy): Deleted.
865         * loader/SubresourceLoader.cpp:
866         (WebCore::SubresourceLoader::init):
867         (WebCore::SubresourceLoader::willSendRequestInternal):
868         * loader/cache/CachedResourceLoader.cpp:
869         (WebCore::CachedResourceLoader::requestUserCSSStyleSheet):
870         (WebCore::CachedResourceLoader::canRequest):
871         (WebCore::CachedResourceLoader::defaultCachedResourceOptions):
872         * loader/cache/CachedResourceRequest.cpp:
873         (WebCore::CachedResourceRequest::setAsPotentiallyCrossOrigin):
874         * loader/icon/IconLoader.cpp:
875         (WebCore::IconLoader::startLoading):
876         * platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp:
877         (WebCore::WebCoreAVCFResourceLoader::startLoading):
878         * platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm:
879         (WebCore::WebCoreAVFResourceLoader::startLoading):
880         * style/StylePendingResources.cpp:
881         (WebCore::Style::loadPendingImage):
882
883 2016-07-04  Youenn Fablet  <youenn@apple.com>
884
885         Shield WebRTC JS built-ins from user scripts
886         https://bugs.webkit.org/show_bug.cgi?id=155964
887
888         Reviewed by Sam Weinig.
889
890         Making use of Promise.prototype.@then instead of Promise.prototype.then.
891         Covered by updated tests.
892
893         * Modules/mediastream/RTCPeerConnection.js:
894         (createOffer):
895         (createAnswer):
896         (setLocalDescription):
897         (setRemoteDescription):
898         (addIceCandidate):
899         (getStats):
900         * Modules/mediastream/RTCPeerConnectionInternals.js:
901         (enqueueOperation):
902
903 2016-07-04  Brady Eidson  <beidson@apple.com>
904
905         WebProcesses don't handle DatabaseProcess going away uncleanly..
906         https://bugs.webkit.org/show_bug.cgi?id=159371
907
908         Reviewed by Alex Christensen.
909
910         Covered by new API test.
911
912         * Modules/indexeddb/IDBDatabase.cpp:
913         (WebCore::IDBDatabase::didCloseFromServer):
914         (WebCore::IDBDatabase::connectionToServerLost):
915         * Modules/indexeddb/IDBDatabase.h:
916         
917         * Modules/indexeddb/client/IDBConnectionProxy.cpp:
918         (WebCore::IDBClient::IDBConnectionProxy::connectionToServerLost): Notify all IDBDatabase
919           connections, as well as all pending IDBOpenDBRequests, with the error about the
920           server connection dropping.
921         * Modules/indexeddb/client/IDBConnectionProxy.h:
922         
923         * Modules/indexeddb/client/IDBConnectionToServer.cpp:
924         (WebCore::IDBClient::IDBConnectionToServer::connectionToServerLost):
925         * Modules/indexeddb/client/IDBConnectionToServer.h:
926         
927         * Modules/indexeddb/shared/IDBError.h:
928
929 2016-07-04  Philippe Normand  <pnormand@igalia.com>
930
931         Release build with logging enabled fails
932         https://bugs.webkit.org/show_bug.cgi?id=159403
933
934         Reviewed by Žan Doberšek.
935
936         Protect logging-related methods with !LOG_DISABLED.
937
938         * Modules/indexeddb/IDBDatabaseIdentifier.cpp:
939         * Modules/indexeddb/IDBDatabaseIdentifier.h:
940         * Modules/indexeddb/IDBKey.cpp:
941         * Modules/indexeddb/IDBKey.h:
942         * Modules/indexeddb/IDBKeyData.cpp:
943         * Modules/indexeddb/IDBKeyData.h:
944         * Modules/indexeddb/IDBKeyPath.cpp:
945         (WebCore::IDBKeyPath::IDBKeyPath):
946         * Modules/indexeddb/IDBKeyRangeData.cpp:
947         * Modules/indexeddb/IDBKeyRangeData.h:
948         * Modules/indexeddb/server/IndexValueEntry.cpp:
949         (WebCore::IDBServer::IndexValueEntry::Iterator::isValid):
950         * Modules/indexeddb/server/IndexValueStore.cpp:
951         * Modules/indexeddb/server/IndexValueStore.h:
952         * Modules/indexeddb/server/MemoryIDBBackingStore.cpp:
953         (WebCore::IDBServer::MemoryIDBBackingStore::clearObjectStore):
954         * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
955         (WebCore::IDBServer::UniqueIDBDatabase::isVersionChangeInProgress):
956         * Modules/indexeddb/shared/IDBDatabaseInfo.cpp:
957         * Modules/indexeddb/shared/IDBDatabaseInfo.h:
958         * Modules/indexeddb/shared/IDBIndexInfo.cpp:
959         * Modules/indexeddb/shared/IDBIndexInfo.h:
960         * Modules/indexeddb/shared/IDBObjectStoreInfo.cpp:
961         * Modules/indexeddb/shared/IDBObjectStoreInfo.h:
962         * Modules/indexeddb/shared/IDBResourceIdentifier.cpp:
963         * Modules/indexeddb/shared/IDBResourceIdentifier.h:
964         * Modules/indexeddb/shared/IDBTransactionInfo.cpp:
965         * Modules/indexeddb/shared/IDBTransactionInfo.h:
966         * page/SecurityOriginData.cpp:
967         * page/SecurityOriginData.h:
968
969 2016-07-04  Commit Queue  <commit-queue@webkit.org>
970
971         Unreviewed, rolling out r202556.
972         https://bugs.webkit.org/show_bug.cgi?id=159399
973
974         introduces deadlocks (Requested by philn on #webkit).
975
976         Reverted changeset:
977
978         "[GStreamer] improved duration query support in the HTTP
979         source element"
980         https://bugs.webkit.org/show_bug.cgi?id=159204
981         http://trac.webkit.org/changeset/202556
982
983 2016-07-03  Carlos Garcia Campos  <cgarcia@igalia.com>
984
985         [image-decoders] Make ImageDecoder::size() lazily decode the image if needed to return a valid size
986         https://bugs.webkit.org/show_bug.cgi?id=159297
987
988         Reviewed by Antonio Gomes.
989
990         It's otherwise confusing leading to bugs like #159089.
991
992         * platform/image-decoders/ImageDecoder.cpp:
993         (WebCore::ImageDecoder::createFrameImageAtIndex): Check the size at the beginning and return early if it's
994         empty. We no longer need to check the size after calling frameBufferAtIndex().
995         * platform/image-decoders/ImageDecoder.h:
996         (WebCore::ImageDecoder::size): Check first is size is available, which lazily decodes the image.
997         (WebCore::ImageDecoder::scaledSize): Remove const.
998         (WebCore::ImageDecoder::frameSizeAtIndex): Ditto.
999         * platform/image-decoders/ico/ICOImageDecoder.cpp:
1000         (WebCore::ICOImageDecoder::size): Ditto.
1001         (WebCore::ICOImageDecoder::frameSizeAtIndex): Ditto.
1002         * platform/image-decoders/ico/ICOImageDecoder.h:
1003
1004 2016-07-02  Youenn Fablet  <youenn@apple.com>
1005
1006         Synchronous preflight checker should set loading options to not use credentials
1007         https://bugs.webkit.org/show_bug.cgi?id=159351
1008
1009         Reviewed by Alex Christensen.
1010
1011         Like for asynchronous preflighting, synchronous preflighting loading options should disqble any credentials.
1012
1013         No change of behavior as preflight request is expressly set to not use credentials in
1014         createAccessControlPreflightRequest.
1015
1016         * loader/CrossOriginPreflightChecker.cpp:
1017         (WebCore::CrossOriginPreflightChecker::doPreflight):
1018
1019 2016-07-01  Commit Queue  <commit-queue@webkit.org>
1020
1021         Unreviewed, rolling out r202766.
1022         https://bugs.webkit.org/show_bug.cgi?id=159382
1023
1024         The new test asserts every time (Requested by ap on #webkit).
1025
1026         Reverted changeset:
1027
1028         "Web Inspector: Sending XHR with UTF8 encoded data shows
1029         garbled data in Resource sidebar"
1030         https://bugs.webkit.org/show_bug.cgi?id=159358
1031         http://trac.webkit.org/changeset/202766
1032
1033 2016-07-01  Zalan Bujtas  <zalan@apple.com>
1034
1035         prepareForDestruction() always needs to be called before destroying the Document object.
1036         https://bugs.webkit.org/show_bug.cgi?id=159372
1037         rdar://problem/26788150
1038
1039         Reviewed by Antti Koivisto.
1040
1041         We should never start destroying the Document object without calling prepareForDestruction() first.
1042         It ensures that render tree gets nuked before we start tearing down the node tree.
1043
1044         Test: fast/history/page-cache-destroy-document.html
1045
1046         * dom/Document.cpp:
1047         (WebCore::Document::removedLastRef):
1048
1049 2016-07-01  Johan K. Jensen  <jj@johanjensen.dk>
1050
1051         Web Inspector: Sending XHR with UTF8 encoded data shows garbled data in Resource sidebar
1052         https://bugs.webkit.org/show_bug.cgi?id=159358
1053
1054         Reviewed by Joseph Pecoraro.
1055
1056         Test: http/tests/inspector/network/xhr-request-data-encoded-correctly.html
1057
1058         * inspector/InspectorNetworkAgent.cpp:
1059         (WebCore::buildObjectForResourceRequest):
1060
1061 2016-07-01  Dean Jackson  <dino@apple.com>
1062
1063         "image-src" support is missing. We only support "-webkit-image-src"
1064         https://bugs.webkit.org/show_bug.cgi?id=159373
1065         <rdar://problem/27140443>
1066
1067         Patch by Brent Fulgham and Dean Jackson.
1068         Reviewed by Dean Jackson and Brent Fulgham.
1069
1070         Support unprefixed image-set.
1071
1072         Test: fast/css/image-set-unprefixed.html
1073
1074         * css/CSSImageSetValue.cpp:
1075         (WebCore::CSSImageSetValue::customCSSText):
1076         * css/CSSParser.cpp:
1077         (WebCore::isImageSetFunctionValue): New helper function
1078         that checks prefixed and unprefixed form.
1079         (WebCore::CSSParser::parseValue): Use the helper.
1080         (WebCore::CSSParser::parseContent):
1081         (WebCore::CSSParser::parseFillImage):
1082         (WebCore::CSSParser::parseBorderImage):
1083
1084 2016-07-01  Chris Dumez  <cdumez@apple.com>
1085
1086         Possible null Range dereference under AXObjectCache::visiblePositionFromCharacterOffset()
1087         https://bugs.webkit.org/show_bug.cgi?id=159330
1088         <rdar://problem/27123752>
1089
1090         Reviewed by Benjamin Poulain.
1091
1092         rangeForUnorderedCharacterOffsets() can return a null Range but we failed
1093         to do a null check before dereferencing it.
1094
1095         * accessibility/AXObjectCache.cpp:
1096         (WebCore::AXObjectCache::visiblePositionFromCharacterOffset):
1097
1098 2016-07-01  Chris Dumez  <cdumez@apple.com>
1099
1100         Regression(r199087): window.focus() / window.close() can no longer be called by a Window's opener
1101         https://bugs.webkit.org/show_bug.cgi?id=159364
1102         <rdar://problem/27117169>
1103
1104         Reviewed by Gavin Barraclough.
1105
1106         window.focus() / window.close() could no longer be called by a Window's opener
1107         after r199087, which would break focusing of open iWork documents on icloud.com.
1108
1109         Before r199087, we would construct a new function in the caller's context every
1110         time window.focus and window.close was accessed. r199087 fixed the issue so that
1111         we always call the same function. However, those functions are using
1112         [CallWith=Document] and they are were no longer passed the *caller*'s document
1113         as a result. This broke focus / close permission checking as the code needed the
1114         caller's document to do the check.
1115
1116         This patch introduces [CallWith=CallerDocument] and [CallWith=CallerWindow] so
1117         that the implementation can now pass the caller's Document / Window to the
1118         implementation. The bindings rely on JSDOMWindow's callerDOMWindow() to get the
1119         caller DOMWindow / document. This new functionality is now used for window.close
1120         and window.focus to unbreak their permission checking.
1121
1122         Test: fast/dom/Window/child-window-focus.html
1123
1124         * bindings/scripts/CodeGeneratorJS.pm:
1125         (GenerateCallWith):
1126         * bindings/scripts/IDLAttributes.txt:
1127         * page/DOMWindow.cpp:
1128         (WebCore::DOMWindow::focus):
1129         * page/DOMWindow.h:
1130         * page/DOMWindow.idl:
1131
1132 2016-07-01  Chris Dumez  <cdumez@apple.com>
1133
1134         [iOS] Possible null Range dereference under computeAutocorrectionContext()
1135         https://bugs.webkit.org/show_bug.cgi?id=159328
1136         <rdar://problem/26766720>
1137
1138         Reviewed by Benjamin Poulain.
1139
1140         * editing/Editor.cpp:
1141         (WebCore::Editor::compositionRange):
1142         * editing/Editor.h:
1143         Update to return a RefPtr instead of a PassRefPtr and use nullptr
1144         instead of 0 in the implementation.
1145
1146 2016-07-01  Jon Davis  <jond@apple.com>
1147
1148         Updated Picture element and WOFF 2 status
1149         https://bugs.webkit.org/show_bug.cgi?id=159356
1150
1151         Reviewed by Timothy Hatcher.
1152         
1153         Status updates and clean-up to move Web Animations and Resource Timing entries from JSC to WebCore.
1154
1155         * features.json:
1156
1157 2016-07-01  Andreas Kling  <akling@apple.com>
1158
1159         Add early return when processing content extensions if there aren't any.
1160         <https://webkit.org/b/159363>
1161
1162         Reviewed by Antti Koivisto.
1163
1164         Short-circuit outta there if there aren't any extensions to query.
1165
1166         * contentextensions/ContentExtensionsBackend.cpp:
1167         (WebCore::ContentExtensions::ContentExtensionsBackend::processContentExtensionRulesForLoad):
1168
1169 2016-07-01  Eric Carlson  <eric.carlson@apple.com>
1170
1171         HTMLMediaElement::resume() may cause JavaScript execution
1172         https://bugs.webkit.org/show_bug.cgi?id=159327
1173         <rdar://problem/27131641>
1174
1175         Reviewed by Jer Noble.
1176
1177         HTMLMediaElement::updatePlayState can cause an element to begin playing and enter fullscreen,
1178         which can result in a call to the media controls and JavaScript execution. Javascript is not
1179         allowed allowed to run when a page resumes, so make the call to updatePlayState asynchronous.
1180
1181         No new tests, I wasn't able to create a test that triggers the crash.
1182
1183         * html/HTMLMediaElement.cpp:
1184         (WebCore::HTMLMediaElement::scheduleDelayedAction): Support UpdatePlayState.
1185         (WebCore::HTMLMediaElement::pendingActionTimerFired): Ditto.
1186         (WebCore::HTMLMediaElement::setReadyState): UpdateMediaState -> UpdateState.
1187         (WebCore::HTMLMediaElement::playInternal): Don't call updateMediaController, it is called
1188           by updatePlayState.
1189         (WebCore::HTMLMediaElement::setMuted): UpdateMediaState -> UpdateState.
1190         (WebCore::HTMLMediaElement::mediaPlayerTimeChanged): Ditto.
1191         (WebCore::HTMLMediaElement::mediaEngineWasUpdated): Update media state asynchronously.
1192         (WebCore::HTMLMediaElement::updatePlayState): Add parameter to allow update to happen
1193           asynchronously.
1194         (WebCore::HTMLMediaElement::setPlaying): UpdateMediaState -> UpdateState.
1195         (WebCore::HTMLMediaElement::setPausedInternal): Update media state asynchronously.
1196         (WebCore::HTMLMediaElement::mediaPlayerCurrentPlaybackTargetIsWirelessChanged):  
1197           UpdateMediaState -> UpdateState.
1198         (WebCore::HTMLMediaElement::removeEventListener): Ditto.
1199         (WebCore::HTMLMediaElement::enqueuePlaybackTargetAvailabilityChangedEvent): Ditto.
1200         (WebCore::HTMLMediaElement::updateMediaState): UpdateMediaState -> UpdateState
1201         * html/HTMLMediaElement.h:
1202         * html/HTMLMediaElementEnums.h: Add UpdatePlayState.
1203
1204 2016-07-01  Brady Eidson  <beidson@apple.com>
1205
1206         Blob content type not preserved when retrieving blobs from IndexedDB.
1207         <rdar://problem/27057357> and https://bugs.webkit.org/show_bug.cgi?id=159360
1208
1209         Reviewed by Alex Christensen.
1210
1211         Test: storage/indexeddb/modern/blob-svg-image.html
1212
1213         * fileapi/Blob.cpp:
1214         (WebCore::Blob::Blob):
1215
1216         * fileapi/ThreadableBlobRegistry.cpp:
1217         (WebCore::postToMainThread):
1218         (WebCore::ThreadableBlobRegistry::registerBlobURLOptionallyFileBacked): Pass along the content type
1219           to the blob registry so that if the file-backed blob takes over, it has the content type.
1220         (WebCore::threadableQueue): Deleted.
1221         * fileapi/ThreadableBlobRegistry.h:
1222
1223         * platform/network/BlobRegistry.h:
1224
1225         * platform/network/BlobRegistryImpl.cpp:
1226         (WebCore::BlobRegistryImpl::registerBlobURL):
1227         (WebCore::BlobRegistryImpl::registerBlobURLOptionallyFileBacked):
1228         * platform/network/BlobRegistryImpl.h:
1229
1230 2016-07-01  Youenn Fablet  <youenn@apple.com>
1231
1232         Make ResourceLoaderOptions derive from FetchOptions
1233         https://bugs.webkit.org/show_bug.cgi?id=159345
1234
1235         Reviewed by Alex Christensen.
1236
1237         No change of behavior.
1238
1239         * Modules/fetch/FetchLoader.cpp:
1240         (WebCore::FetchLoader::start):
1241         * loader/CrossOriginPreflightChecker.cpp:
1242         (WebCore::CrossOriginPreflightChecker::startPreflight):
1243         * loader/ResourceLoaderOptions.h:
1244         (WebCore::ResourceLoaderOptions::fetchOptions): Deleted.
1245         (WebCore::ResourceLoaderOptions::setFetchOptions): Deleted.
1246         * loader/SubresourceLoader.cpp:
1247         (WebCore::SubresourceLoader::willSendRequestInternal):
1248         * loader/ThreadableLoader.h: Removing securityOrigin field (left over from https://bugs.webkit.org/show_bug.cgi?id=159221)
1249
1250 2016-07-01  Per Arne Vollan  <pvollan@apple.com>
1251
1252         [Win] Animations tests are crashing in debug mode.
1253         https://bugs.webkit.org/show_bug.cgi?id=159335
1254
1255         Reviewed by Alex Christensen.
1256
1257         A MSVC runtime check fails because an uninitialized variable is being used.
1258
1259         * css/StyleResolver.cpp:
1260         (WebCore::StyleResolver::keyframeStylesForAnimation):
1261
1262 2016-07-01  Youenn Fablet  <youennf@gmail.com>
1263
1264         Add a runtime flag for DOM iterators
1265         https://bugs.webkit.org/show_bug.cgi?id=159300
1266
1267         Reviewed by Alex Christensen.
1268
1269         * Modules/fetch/FetchHeaders.idl: Making iterator runtime-enabled.
1270         * bindings/generic/RuntimeEnabledFeatures.h:
1271         (WebCore::RuntimeEnabledFeatures::setDOMIteratorEnabled):
1272         (WebCore::RuntimeEnabledFeatures::domIteratorEnabled):
1273         * bindings/scripts/CodeGeneratorJS.pm:
1274         (ToMethodName): Fixing dOM -> dom casing issue.
1275         (GenerateImplementation): Using addIterableProperties new method.
1276         (addIterableProperties): Activating property addition according runtime flag if iterator is rnutime flagged.
1277         * bindings/scripts/IDLParser.pm:
1278         (parseOptionalIterableInterface): Adding extendedAttributes to iterable.
1279         * bindings/scripts/test/JS/JSTestNode.cpp:
1280         (WebCore::JSTestNodePrototype::finishCreation):
1281         * bindings/scripts/test/JS/JSTestObj.cpp:
1282         (WebCore::JSTestObjPrototype::finishCreation):
1283         * bindings/scripts/test/TestNode.idl: Making iterator runtime-enabled.
1284         * bindings/scripts/test/TestObj.idl: Ditto.
1285         * css/FontFaceSet.idl: Ditto.
1286         * dom/NodeList.idl: Ditto.
1287
1288 2016-07-01  Frederic Wang  <fwang.igalia.com>
1289
1290         Eliminate trailing whitespace in MathML code
1291         https://bugs.webkit.org/show_bug.cgi?id=159091
1292
1293         Reviewed by Alex Christensen.
1294
1295         No new tests, behavior is unchanged.
1296
1297         * rendering/mathml/RenderMathMLBlock.cpp:
1298         (WebCore::RenderMathMLBlock::baselinePosition):
1299         (WebCore::RenderMathMLBlock::paint):
1300         (WebCore::parseMathMLNamedSpace):
1301         * rendering/mathml/RenderMathMLBlock.h:
1302         * rendering/mathml/RenderMathMLFenced.cpp:
1303         (WebCore::RenderMathMLFenced::updateFromElement):
1304         (WebCore::RenderMathMLFenced::addChild):
1305         * rendering/mathml/RenderMathMLFenced.h:
1306         * rendering/mathml/RenderMathMLFraction.cpp:
1307         (WebCore::RenderMathMLFraction::styleDidChange):
1308         (WebCore::RenderMathMLFraction::paint):
1309         * rendering/mathml/RenderMathMLFraction.h:
1310         * rendering/mathml/RenderMathMLMath.h:
1311         * rendering/mathml/RenderMathMLMenclose.h:
1312         * rendering/mathml/RenderMathMLOperator.cpp:
1313         * rendering/mathml/RenderMathMLOperator.h:
1314         * rendering/mathml/RenderMathMLRoot.cpp:
1315         (WebCore::RenderMathMLRoot::paint):
1316         * rendering/mathml/RenderMathMLScripts.cpp:
1317         * rendering/mathml/RenderMathMLSpace.cpp:
1318         * rendering/mathml/RenderMathMLSpace.h:
1319         * rendering/mathml/RenderMathMLToken.h:
1320         * rendering/mathml/RenderMathMLUnderOver.cpp:
1321         * rendering/mathml/RenderMathMLUnderOver.h:
1322
1323 2016-07-01  Frederic Wang  <fwang@igalia.com>
1324
1325         Small cleanup: Remove unused functions RenderObject::isRenderMathML*Wrapper
1326         https://bugs.webkit.org/show_bug.cgi?id=159333
1327
1328         Reviewed by Alex Christensen.
1329
1330         After the refactoring of RenderMathMLRoot and RenderMathMLScripts, the anonymous flexbox
1331         wrappers used in the old layout implementation have been removed. We thus remove the
1332         corresponding isRender* function from RenderObject.
1333
1334         No new tests, behavior is unchanged.
1335
1336         * rendering/RenderObject.h:
1337         (WebCore::RenderObject::isRenderMathMLRootWrapper): Deleted.
1338         (WebCore::RenderObject::isRenderMathMLScriptsWrapper): Deleted.
1339
1340 2016-07-01  Andreas Kling  <akling@apple.com>
1341
1342         [Mac] Get rid of the old timey rubber-banding linen pattern.
1343         <https://webkit.org/b/159329>
1344
1345         Reviewed by Benjamin Poulain.
1346
1347         Remove the "ScrollingOverhang" custom GraphicsLayer appearance since that was only used to
1348         install the old timey linen pattern behind the web content.
1349
1350         We now always just set the overhang area's background color to the document background color.
1351
1352         This fixes an issue where we could end up loading the linen pattern and keeping it in memory
1353         despite never actually showing it on screen.
1354
1355         * platform/ScrollbarTheme.h:
1356         (WebCore::ScrollbarTheme::setUpOverhangAreasLayerContents): Deleted.
1357         * platform/graphics/GraphicsLayer.cpp:
1358         * platform/graphics/GraphicsLayer.h:
1359         * platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm:
1360         (PlatformCALayerCocoa::updateCustomAppearance):
1361         * platform/mac/ScrollbarThemeMac.h:
1362         * platform/mac/ScrollbarThemeMac.mm:
1363         (WebCore::linenBackgroundColor): Deleted.
1364         (WebCore::ScrollbarThemeMac::setUpOverhangAreaBackground): Deleted.
1365         (WebCore::ScrollbarThemeMac::removeOverhangAreaBackground): Deleted.
1366         (WebCore::ScrollbarThemeMac::setUpOverhangAreasLayerContents): Deleted.
1367         * rendering/RenderLayerCompositor.cpp:
1368         (WebCore::RenderLayerCompositor::updateOverflowControlsLayers):
1369         (WebCore::RenderLayerCompositor::setRootExtendedBackgroundColor):
1370
1371 2016-06-30  Jiewen Tan  <jiewen_tan@apple.com>
1372
1373         Create a generic "linked-on-or-after" check for new CSP Rules
1374         https://bugs.webkit.org/show_bug.cgi?id=159322
1375         <rdar://problem/27117220>
1376
1377         Reviewed by Brent Fulgham.
1378
1379         Create a generic "linked-on-or-after" check for new CSP Rules and cleanup
1380         quirks for Ecobee, Quora and XtraMat.
1381
1382         * platform/RuntimeApplicationChecks.h:
1383         * platform/RuntimeApplicationChecks.mm:
1384         (WebCore::IOSApplication::isEcobee): Deleted.
1385         (WebCore::IOSApplication::isQuora): Deleted.
1386         (WebCore::IOSApplication::isXtraMath): Deleted.
1387
1388 2016-06-30  Antti Koivisto  <antti@apple.com>
1389
1390         WebContent crash due to RELEASE_ASSERT(!m_inLoadPendingImages) in StyleResolver::~StyleResolver()
1391         https://bugs.webkit.org/show_bug.cgi?id=159307
1392         <rdar://problem/26184868>
1393
1394         Reviewed by Andreas Kling.
1395
1396         Pseudo elements are resolved in RenderTreeUpdater (instead of Style::TreeResolver). Their resolution may trigger
1397         resource loads which can cause synchronous layout (when failing synchronously) and lead to destruction of the
1398         the style resolver in post layout task.
1399
1400         No known reliable way to test this.
1401
1402         * style/RenderTreeUpdater.cpp:
1403         (WebCore::RenderTreeUpdater::commit):
1404
1405             Use PostResolutionCallbackDisabler in RenderTreeUpdater similarly to Style::TreeResolver. This prevents
1406             post layout tasks from running synchronously and closes this particular crash path.
1407
1408 2016-06-30  Antoine Quint  <graouts@apple.com>
1409
1410         Drawing an SVG image into a <canvas> that is not in the DOM draws the wrong region
1411         https://bugs.webkit.org/show_bug.cgi?id=159276
1412
1413         Reviewed by Dean Jackson.
1414
1415         In the event where the <img> element that we are passing to CanvasRenderingContext2D.drawImage()
1416         points to an SVG resource, we ensure that the container for the SVG image is sized to match the
1417         HTML element. The necessity for setting this container size, explained in webkit.org/b/148845,
1418         is that we must ensure a cached image does not have an outdated container size.
1419
1420         Tests: svg/as-image/img-with-svg-resource-in-dom-and-drawImage.html
1421                svg/as-image/img-with-svg-resource-in-dom-no-size-and-drawImage.html
1422                svg/as-image/img-with-svg-resource-not-in-dom-and-drawImage.html
1423                svg/as-image/img-with-svg-resource-not-in-dom-no-size-and-drawImage.html
1424
1425         * html/canvas/CanvasRenderingContext2D.cpp:
1426         (WebCore::CanvasRenderingContext2D::drawImage):
1427
1428 2016-06-30  Eric Carlson  <eric.carlson@apple.com>
1429
1430         getUserMedia() exposed, but not functional
1431         https://bugs.webkit.org/show_bug.cgi?id=158393
1432         <rdar://problem/26642259>
1433
1434         Reviewed by Dean Jackson.
1435         
1436         Set default value of the Media Stream runtime flag to false on Mac OS X and iOS until the
1437         browser support is in place.
1438
1439         * bindings/generic/RuntimeEnabledFeatures.cpp:
1440         (WebCore::RuntimeEnabledFeatures::RuntimeEnabledFeatures): Disable media stream by default
1441         on Mac OS X and iOS.
1442         * bindings/generic/RuntimeEnabledFeatures.h:
1443
1444 2016-06-30  Commit Queue  <commit-queue@webkit.org>
1445
1446         Unreviewed, rolling out r202676.
1447         https://bugs.webkit.org/show_bug.cgi?id=159314
1448
1449         This change caused storage/websql tests to crash on Mac and
1450         iOS WK1 (Requested by ryanhaddad on #webkit).
1451
1452         Reverted changeset:
1453
1454         "Purge PassRefPtr in Modules/webdatabase"
1455         https://bugs.webkit.org/show_bug.cgi?id=159255
1456         http://trac.webkit.org/changeset/202676
1457
1458 2016-06-30  Antoine Quint  <graouts@apple.com>
1459
1460         [iOS] Media controls are too cramped with small video
1461         https://bugs.webkit.org/show_bug.cgi?id=158815
1462         <rdar://problem/26824238>
1463
1464         Reviewed by Eric Carlson.
1465
1466         In updateLayoutForDisplayedWidth(), we try to ensure a minimum width is guaranteed
1467         for the progress indicator. However, we were not accounting for the width used by
1468         the current and remaining time labels on either side of it, so we would incorrectly
1469         conclude that we were guaranteeing the minimum time and yield incorrect layouts since
1470         we were trying to fit more buttons than we had room for.
1471
1472         In order to correctly compute the available width for the progress indicator, we now
1473         have clones of the current and remaining time labels, hidden from video and VoiceOver,
1474         that we update along with the originals. The same styles apply to both clones and
1475         originals, so we may measure the clones to determine the space used by the time labels.
1476         The reason we need to use clones is that if the time labels had previously been hidden
1477         from view, precisely because there was not enough space to display them along with the
1478         progress indicator, then trying to obtain metrics from them would yield 0 since they had
1479         "display: none" styles applied. In order to avoid extra layouts and possible flashing, we
1480         use the clones so that we never have to toggle the "display" property of the originals
1481         just to obtain their measurements.
1482
1483         As a result of this change, we adjust the constant used to set the minimum required
1484         width available to display the progress indicator after all other essential controls
1485         and labels have been measured. That constant used to account for the width of the
1486         time labels, and this is no longer correct.
1487
1488         Test: media/video-controls-drop-and-restore-timeline.html
1489
1490         * Modules/mediacontrols/mediaControlsApple.css:
1491         (::-webkit-media-controls-time-remaining-display.clone):
1492         * Modules/mediacontrols/mediaControlsApple.js:
1493         (Controller):
1494         (Controller.prototype.createTimeClones):
1495         (Controller.prototype.removeTimeClass):
1496         (Controller.prototype.addTimeClass):
1497         (Controller.prototype.updateDuration):
1498         (Controller.prototype.updateLayoutForDisplayedWidth):
1499         (Controller.prototype.updateTime):
1500         (Controller.prototype.updateControlsWhileScrubbing):
1501         * Modules/mediacontrols/mediaControlsiOS.css:
1502         (::-webkit-media-controls-time-remaining-display.clone):
1503         * Modules/mediacontrols/mediaControlsiOS.js:
1504
1505 2016-06-30  Brian Burg  <bburg@apple.com>
1506
1507         Unreviewed, fix the macOS Sierra Release configuration after r202642.
1508
1509         * platform/audio/mac/MediaSessionManagerMac.mm:
1510         (WebCore::MediaSessionManagerMac::updateNowPlayingInfo):
1511         Add missing UNUSED_PARAM for when logging is not enabled.
1512
1513 2016-06-30  Commit Queue  <commit-queue@webkit.org>
1514
1515         Unreviewed, rolling out r202679.
1516         https://bugs.webkit.org/show_bug.cgi?id=159302
1517
1518         Still causing timeouts on media/controls-drag-timebar.html
1519         (Requested by ap on #webkit).
1520
1521         Reverted changeset:
1522
1523         "[iOS] Media controls are too cramped with small video"
1524         https://bugs.webkit.org/show_bug.cgi?id=158815
1525         http://trac.webkit.org/changeset/202679
1526
1527 2016-06-30  Antoine Quint  <graouts@apple.com>
1528
1529         [iOS] Media controls are too cramped with small video
1530         https://bugs.webkit.org/show_bug.cgi?id=158815
1531         <rdar://problem/26824238>
1532
1533         Reviewed by Eric Carlson.
1534
1535         In updateLayoutForDisplayedWidth(), we try to ensure a minimum width is guaranteed
1536         for the progress indicator. However, we were not accounting for the width used by
1537         the current and remaining time labels on either side of it, so we would incorrectly
1538         conclude that we were guaranteeing the minimum time and yield incorrect layouts since
1539         we were trying to fit more buttons than we had room for.
1540
1541         In order to correctly compute the available width for the progress indicator, we now
1542         have clones of the current and remaining time labels, hidden from video and VoiceOver,
1543         that we update along with the originals. The same styles apply to both clones and
1544         originals, so we may measure the clones to determine the space used by the time labels.
1545         The reason we need to use clones is that if the time labels had previously been hidden
1546         from view, precisely because there was not enough space to display them along with the
1547         progress indicator, then trying to obtain metrics from them would yield 0 since they had
1548         "display: none" styles applied. In order to avoid extra layouts and possible flashing, we
1549         use the clones so that we never have to toggle the "display" property of the originals
1550         just to obtain their measurements.
1551
1552         As a result of this change, we adjust the constant used to set the minimum required
1553         width available to display the progress indicator after all other essential controls
1554         and labels have been measured. That constant used to account for the width of the
1555         time labels, and this is no longer correct.
1556
1557         Test: media/video-controls-drop-and-restore-timeline.html
1558
1559         * Modules/mediacontrols/mediaControlsApple.css:
1560         (::-webkit-media-controls-time-remaining-display.clone):
1561         * Modules/mediacontrols/mediaControlsApple.js:
1562         (Controller):
1563         (Controller.prototype.createTimeClones):
1564         (Controller.prototype.removeTimeClass):
1565         (Controller.prototype.addTimeClass):
1566         (Controller.prototype.updateDuration):
1567         (Controller.prototype.updateLayoutForDisplayedWidth):
1568         (Controller.prototype.updateTime):
1569         (Controller.prototype.updateControlsWhileScrubbing):
1570         * Modules/mediacontrols/mediaControlsiOS.css:
1571         (::-webkit-media-controls-time-remaining-display.clone):
1572         * Modules/mediacontrols/mediaControlsiOS.js:
1573
1574 2016-06-30  Eric Carlson  <eric.carlson@apple.com>
1575
1576         [Mac] Crash registering AVFoundation media engine
1577         https://bugs.webkit.org/show_bug.cgi?id=159269
1578         <rdar://problem/27017656>
1579
1580         Reviewed by Brent Fulgham.
1581
1582         * platform/graphics/MediaPlayer.cpp:
1583         (WebCore::mediaEngineVectorLock): New, return the static Lock.
1584         (WebCore::haveMediaEnginesVector): Wrap the naked bool.
1585         (WebCore::buildMediaEnginesVector): Assert that the lock is locked.
1586         (WebCore::installedMediaEngines): Hold the lock while checking/rebuilding the vector.
1587         (WebCore::MediaPlayer::resetMediaEngines): Hold the lock while clearing the vector.
1588
1589         Use SOFT_LINK_CLASS_FOR_SOURCE instead of SOFT_LINK_CLASS because the former uses dispatch_once
1590         to ensure that class loading is thread safe.
1591         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
1592         (WebCore::MediaPlayerPrivateAVFoundationObjC::registerMediaEngine):
1593         (WebCore::assetCacheForPath):
1594         (WebCore::MediaPlayerPrivateAVFoundationObjC::originsInMediaCache):
1595         (WebCore::MediaPlayerPrivateAVFoundationObjC::clearMediaCache):
1596         (WebCore::MediaPlayerPrivateAVFoundationObjC::clearMediaCacheForOrigins):
1597         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerLayer):
1598         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVAssetForURL):
1599         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayer):
1600         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerItem):
1601         (WebCore::MediaPlayerPrivateAVFoundationObjC::createVideoOutput):
1602         (WebCore::MediaPlayerPrivateAVFoundationObjC::createOpenGLVideoOutput):
1603         (WebCore::MediaPlayerPrivateAVFoundationObjC::waitForVideoOutputMediaDataWillChange):
1604         (WebCore::MediaPlayerPrivateAVFoundationObjC::outputMediaDataWillChange):
1605         (-[WebCoreAVFPullDelegate setCallback:]):
1606         (-[WebCoreAVFPullDelegate outputMediaDataWillChange:]):
1607         (-[WebCoreAVFPullDelegate outputSequenceWasFlushed:]):
1608
1609 2016-06-30  Carlos Garcia Campos  <cgarcia@igalia.com>
1610
1611         [image-decoders] Use final and override in ImageDecoder subclasses
1612         https://bugs.webkit.org/show_bug.cgi?id=159291
1613
1614         Reviewed by Antonio Gomes.
1615
1616         * platform/image-decoders/bmp/BMPImageDecoder.h:
1617         * platform/image-decoders/gif/GIFImageDecoder.h:
1618         * platform/image-decoders/ico/ICOImageDecoder.cpp:
1619         (WebCore::ICOImageDecoder::frameSizeAtIndex):
1620         * platform/image-decoders/ico/ICOImageDecoder.h:
1621         * platform/image-decoders/jpeg/JPEGImageDecoder.h:
1622         * platform/image-decoders/png/PNGImageDecoder.h:
1623         * platform/image-decoders/webp/WEBPImageDecoder.h:
1624
1625 2016-06-30  Gyuyoung Kim  <gyuyoung.kim@webkit.org>
1626
1627         Purge PassRefPtr in Modules/webdatabase
1628         https://bugs.webkit.org/show_bug.cgi?id=159255
1629
1630         Reviewed by Benjamin Poulain.
1631
1632         As a step to remove PassRefPtr use, this patch cleans it up in Modules/webdatabase.
1633
1634         Additionally unnecessary spaces and tabs are removed too.
1635
1636         * Modules/webdatabase/ChangeVersionWrapper.cpp:
1637         * Modules/webdatabase/DOMWindowWebDatabase.h:
1638         * Modules/webdatabase/Database.cpp:
1639         (WebCore::Database::Database):
1640         (WebCore::Database::~Database):
1641         (WebCore::Database::scheduleTransaction):
1642         (WebCore::Database::runTransaction):
1643         * Modules/webdatabase/Database.h:
1644         * Modules/webdatabase/DatabaseAuthorizer.cpp:
1645         (WebCore::DatabaseAuthorizer::allowRead):
1646         * Modules/webdatabase/DatabaseManager.cpp:
1647         (WebCore::DatabaseManager::openDatabase):
1648         (WebCore::DatabaseManager::fullPathForDatabase):
1649         (WebCore::DatabaseManager::detailsForNameAndOrigin):
1650         * Modules/webdatabase/DatabaseManager.h:
1651         * Modules/webdatabase/DatabaseTask.cpp:
1652         (WebCore::DatabaseTransactionTask::DatabaseTransactionTask):
1653         * Modules/webdatabase/DatabaseTask.h:
1654         * Modules/webdatabase/SQLCallbackWrapper.h:
1655         (WebCore::SQLCallbackWrapper::SQLCallbackWrapper):
1656         * Modules/webdatabase/SQLResultSetRowList.h:
1657         * Modules/webdatabase/SQLStatement.cpp:
1658         (WebCore::SQLStatement::SQLStatement):
1659         (WebCore::SQLStatement::sqlError):
1660         (WebCore::SQLStatement::sqlResultSet):
1661         * Modules/webdatabase/SQLStatement.h:
1662         * Modules/webdatabase/SQLTransaction.h:
1663         * Modules/webdatabase/SQLTransactionBackend.cpp:
1664         (WebCore::SQLTransactionBackend::create):
1665         (WebCore::SQLTransactionBackend::SQLTransactionBackend):
1666         (WebCore::SQLTransactionBackend::transactionError):
1667         * Modules/webdatabase/SQLTransactionBackend.h:
1668
1669 2016-06-30  Carlos Garcia Campos  <cgarcia@igalia.com>
1670
1671         [Coordinated Graphics] Move CompositingCoordinator from platform to WebKit2 layer
1672         https://bugs.webkit.org/show_bug.cgi?id=159209
1673
1674         Reviewed by Žan Doberšek.
1675
1676         Remove CompositingCoordinator and its helper classes from the platform layer.
1677
1678         * platform/TextureMapper.cmake:
1679
1680 2016-06-29  Youenn Fablet  <youenn@apple.com>
1681
1682         Pass SecurityOrigin as references in CORS check code
1683         https://bugs.webkit.org/show_bug.cgi?id=159263
1684
1685         Reviewed by Alex Christensen.
1686
1687         No change of behavior.
1688
1689         * css/CSSImageSetValue.cpp:
1690         (WebCore::CSSImageSetValue::cachedImageSet):
1691         * css/CSSImageValue.cpp:
1692         (WebCore::CSSImageValue::cachedImage):
1693         * dom/ScriptElement.cpp:
1694         (WebCore::ScriptElement::requestScript):
1695         * loader/CrossOriginAccessControl.cpp:
1696         (WebCore::updateRequestForAccessControl):
1697         (WebCore::createAccessControlPreflightRequest):
1698         (WebCore::passesAccessControlCheck):
1699         * loader/CrossOriginAccessControl.h:
1700         * loader/CrossOriginPreflightChecker.cpp:
1701         (WebCore::CrossOriginPreflightChecker::validatePreflightResponse):
1702         * loader/DocumentThreadableLoader.cpp:
1703         (WebCore::DocumentThreadableLoader::DocumentThreadableLoader):
1704         (WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequest):
1705         (WebCore::DocumentThreadableLoader::preflightSuccess):
1706         (WebCore::DocumentThreadableLoader::isAllowedRedirect):
1707         (WebCore::DocumentThreadableLoader::securityOrigin):
1708         * loader/DocumentThreadableLoader.h:
1709         * loader/ImageLoader.cpp:
1710         (WebCore::ImageLoader::updateFromElement):
1711         * loader/LinkLoader.cpp:
1712         (WebCore::preloadIfNeeded):
1713         * loader/MediaResourceLoader.cpp:
1714         (WebCore::MediaResourceLoader::requestResource):
1715         * loader/SubresourceLoader.cpp:
1716         (WebCore::SubresourceLoader::checkCrossOriginAccessControl):
1717         * loader/TextTrackLoader.cpp:
1718         (WebCore::TextTrackLoader::load):
1719         * loader/cache/CachedResource.cpp:
1720         (WebCore::CachedResource::passesAccessControlCheck):
1721         * loader/cache/CachedResourceRequest.cpp:
1722         (WebCore::CachedResourceRequest::setAsPotentiallyCrossOrigin):
1723
1724 2016-06-29  Adam Bergkvist  <adam.bergkvist@ericsson.com>
1725
1726         WebRTC: Implement MediaEndpointPeerConnection::setConfiguration()
1727         https://bugs.webkit.org/show_bug.cgi?id=159254
1728
1729         Reviewed by Eric Carlson.
1730
1731         Implement MediaEndpointPeerConnection::setConfiguration() which is the
1732         MediaEndpointPeerConnection implementation of RTCPeerConnection.setConfiguration() [1].
1733
1734         [1] https://w3c.github.io/webrtc-pc/archives/20160513/webrtc.html#dom-rtcpeerconnection-setconfiguration
1735
1736         Testing: Updated existing test.
1737
1738         * Modules/mediastream/MediaEndpointPeerConnection.cpp:
1739         (WebCore::MediaEndpointPeerConnection::setConfiguration):
1740         Implemented.
1741         * Modules/mediastream/RTCConfiguration.cpp:
1742         (WebCore::RTCConfiguration::initialize):
1743         * Modules/mediastream/RTCConfiguration.h:
1744         Use shared enums.
1745         * Modules/mediastream/RTCConfiguration.idl:
1746         Remove 'None'/'Public' IceTransportPolicy enum value (removed from WebRTC 1.0).
1747         * platform/mediastream/MediaEndpointConfiguration.cpp:
1748         (WebCore::MediaEndpointConfiguration::MediaEndpointConfiguration):
1749         * platform/mediastream/MediaEndpointConfiguration.h:
1750         Use shared enums.
1751         (WebCore::MediaEndpointConfiguration::create):
1752         * platform/mediastream/PeerConnectionStates.h: Renamed from Source/WebCore/Modules/mediastream/PeerConnectionStates.h.
1753         Make shared enums accessible to platform objects (currently MediaEndpointConfiguration).
1754
1755 2016-06-29  Hunseop Jeong  <hs85.jeong@samsung.com>
1756
1757         Unreviewed, CMake build fix - 2.
1758
1759         * PlatformMac.cmake:
1760
1761 2016-06-29  Hunseop Jeong  <hs85.jeong@samsung.com>
1762
1763         Unreviewed, CMake build fix. 
1764
1765         * PlatformMac.cmake:
1766
1767 2016-06-29  Jer Noble  <jer.noble@apple.com>
1768
1769         Unprefix webkit-playsinline.
1770         https://bugs.webkit.org/show_bug.cgi?id=159283
1771
1772         Reviewed by Eric Carlson.
1773
1774         Tests: media/video-playsinline.html
1775                media/video-webkit-playsinline.html
1776
1777         Unprefix the webkit-playsinline content attribute, as an unprefixed version
1778         was added to the HTML spec by <https://github.com/whatwg/html/pull/1444>.
1779         The new 'playsinline' content attribute reflects to a new DOM property of
1780         the same name.
1781
1782         * html/HTMLAttributeNames.in:
1783         * html/HTMLVideoElement.idl:
1784         * html/MediaElementSession.cpp:
1785         (WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):
1786
1787 2016-06-29  Alex Christensen  <achristensen@webkit.org>
1788
1789         Fix null dereferencing after r201441
1790         https://bugs.webkit.org/show_bug.cgi?id=159282
1791         rdar://problem/27082559
1792
1793         Reviewed by Andreas Kling.
1794
1795         No new tests.  This is reproducible when dragging from regular to high-DPI displays, 
1796         and we don't have testing infrastructure for simulating that.
1797
1798         * css/MediaQueryMatcher.cpp:
1799         (WebCore::MediaQueryMatcher::styleResolverChanged):
1800         MediaQueryListListener::queryChanged can mutate the Vector of listeners while we are iterating it.
1801         Copy the Vector of listeners and iterate the copy so we don't go out of bounds.
1802
1803 2016-06-29  Antti Koivisto  <antti@apple.com>
1804
1805         Factor pending CSS resources into a struct
1806         https://bugs.webkit.org/show_bug.cgi?id=159268
1807
1808         Reviewed by Andreas Kling.
1809
1810         To fix resource loading related re-entrancy issues in StyleResolver we should move the triggering of
1811         resource loads outside the style resolver. The first step for that is to capture pending resources to a struct.
1812
1813         * CMakeLists.txt:
1814         * WebCore.xcodeproj/project.pbxproj:
1815         * css/CSSCursorImageValue.cpp:
1816         (WebCore::CSSCursorImageValue::cachedImage):
1817         (WebCore::CSSCursorImageValue::cachedOrPendingImage):
1818         * css/CSSCursorImageValue.h:
1819         * css/CSSGradientValue.cpp:
1820         (WebCore::GradientStop::GradientStop):
1821         (WebCore::CSSGradientValue::gradientWithStylesResolved):
1822         * css/CSSGradientValue.h:
1823         (WebCore::CSSGradientValue::loadSubimages):
1824         (WebCore::CSSGradientValue::CSSGradientValue):
1825         * css/CSSImageSetValue.cpp:
1826         (WebCore::CSSImageSetValue::cachedImageSet):
1827         (WebCore::CSSImageSetValue::cachedOrPendingImageSet):
1828         * css/CSSImageSetValue.h:
1829         * css/StyleResolver.cpp:
1830         (WebCore::StyleResolver::State::clear):
1831         (WebCore::StyleResolver::State::setParentStyle):
1832         (WebCore::StyleResolver::State::ensurePendingResources):
1833         (WebCore::isAtShadowBoundary):
1834         (WebCore::StyleResolver::cachedOrPendingFromValue):
1835         (WebCore::StyleResolver::generatedOrPendingFromValue):
1836         (WebCore::StyleResolver::setOrPendingFromValue):
1837         (WebCore::StyleResolver::cursorOrPendingFromValue):
1838         (WebCore::filterOperationForType):
1839         (WebCore::StyleResolver::createFilterOperations):
1840         (WebCore::StyleResolver::loadPendingResources):
1841         (WebCore::StyleResolver::MatchedProperties::MatchedProperties):
1842         (WebCore::StyleResolver::loadPendingSVGDocuments): Deleted.
1843         (WebCore::StyleResolver::loadPendingImage): Deleted.
1844         (WebCore::StyleResolver::loadPendingShapeImage): Deleted.
1845         (WebCore::StyleResolver::loadPendingImages): Deleted.
1846         * css/StyleResolver.h:
1847         (WebCore::StyleResolver::rootElementStyle):
1848         (WebCore::StyleResolver::element):
1849         (WebCore::StyleResolver::document):
1850         (WebCore::StyleResolver::documentSettings):
1851         (WebCore::StyleResolver::State::setApplyPropertyToVisitedLinkStyle):
1852         (WebCore::StyleResolver::State::applyPropertyToRegularStyle):
1853         (WebCore::StyleResolver::State::applyPropertyToVisitedLinkStyle):
1854         (WebCore::StyleResolver::State::setFontDirty):
1855         (WebCore::StyleResolver::State::fontDirty):
1856         (WebCore::StyleResolver::State::useSVGZoomRules):
1857         (WebCore::StyleResolver::State::takePendingResources):
1858         (WebCore::StyleResolver::State::cssToLengthConversionData):
1859         (WebCore::StyleResolver::State::cascadeLevel):
1860         (WebCore::StyleResolver::State::setCascadeLevel):
1861         (WebCore::StyleResolver::state):
1862         (WebCore::StyleResolver::State::pendingImageProperties): Deleted.
1863         (WebCore::StyleResolver::State::filtersWithPendingSVGDocuments): Deleted.
1864         * style/StylePendingResources.cpp: Added.
1865         (WebCore::Style::loadPendingImage):
1866         (WebCore::Style::loadPendingImages):
1867         (WebCore::Style::loadPendingSVGFilters):
1868         (WebCore::Style::loadPendingResources):
1869
1870             Move the functions for triggering the resource loads from StyleResolver.
1871
1872         * style/StylePendingResources.h: Added.
1873
1874             Add struct for pending resources.
1875
1876 2016-06-29  Anders Carlsson  <andersca@apple.com>
1877
1878         Add "type" and "paymentPass" properties in PaymentMethod
1879         https://bugs.webkit.org/show_bug.cgi?id=159278
1880         rdar://problem/26999112
1881
1882         Reviewed by Dean Jackson.
1883
1884         * Modules/applepay/cocoa/PaymentMethodCocoa.mm:
1885         (WebCore::toString):
1886         (WebCore::toDictionary):
1887
1888 2016-06-29  Nan Wang  <n_wang@apple.com>
1889
1890         AX: Crash in WebCore::Document::focusNavigationStartingNode(WebCore::FocusDirection) const + 128
1891         https://bugs.webkit.org/show_bug.cgi?id=159240
1892
1893         Reviewed by Ryosuke Niwa.
1894
1895         This crash is caused by passing an empty node to ElementTraversal::previous(Node&). When the
1896         focusNavigationStartingNode has been removed and it has no next sibling, we should fallback
1897         to itself for calculating the next focused element.
1898
1899         Test: fast/events/remove-focus-navigation-starting-point-crash.html
1900
1901         * dom/Document.cpp:
1902         (WebCore::Document::focusNavigationStartingNode):
1903
1904 2016-06-29  Ryan Haddad  <ryanhaddad@apple.com>
1905
1906         Unreviewed, rolling out r202617.
1907
1908         The LayoutTest from this change crashes under GuardMalloc
1909
1910         Reverted changeset:
1911
1912         "Throw exceptions for invalid number of channels for
1913         ConvolverNode"
1914         https://bugs.webkit.org/show_bug.cgi?id=159238
1915         http://trac.webkit.org/changeset/202617
1916
1917 2016-06-29  Anders Carlsson  <andersca@apple.com>
1918
1919         Rename addressFields to contactFields
1920         https://bugs.webkit.org/show_bug.cgi?id=159271
1921         rdar://problem/27086955
1922
1923         Reviewed by Beth Dakin.
1924
1925         * Modules/applepay/ApplePaySession.cpp:
1926         (WebCore::createContactFields):
1927         (WebCore::isValidPaymentRequestPropertyName):
1928         (WebCore::createPaymentRequest):
1929         (WebCore::createAddressFields): Deleted.
1930         * Modules/applepay/PaymentRequest.h:
1931         (WebCore::PaymentRequest::requiredBillingContactFields):
1932         (WebCore::PaymentRequest::setRequiredBillingContactFields):
1933         (WebCore::PaymentRequest::requiredShippingContactFields):
1934         (WebCore::PaymentRequest::setRequiredShippingContactFields):
1935         (WebCore::PaymentRequest::requiredBillingAddressFields): Deleted.
1936         (WebCore::PaymentRequest::setRequiredBillingAddressFields): Deleted.
1937         (WebCore::PaymentRequest::requiredShippingAddressFields): Deleted.
1938         (WebCore::PaymentRequest::setRequiredShippingAddressFields): Deleted.
1939
1940 2016-06-29  Jiewen Tan  <jiewen_tan@apple.com>
1941
1942         Unreviewed, third attempt to fix ASAN build for r202599
1943
1944         * platform/text/TextCodecReplacement.cpp:
1945         (WebCore::TextCodecReplacement::decode):
1946
1947 2016-06-29  Jer Noble  <jer.noble@apple.com>
1948
1949         Adopt MediaRemote.
1950         https://bugs.webkit.org/show_bug.cgi?id=159250
1951
1952         Reviewed by Eric Carlson.
1953
1954         Adopt MediaRemote and use the framework to implement MediaSessionManageMac
1955         and RemoteCommandListenerMac.
1956
1957         * WebCore.xcodeproj/project.pbxproj:
1958         * platform/RemoteCommandListener.cpp:
1959         * platform/audio/PlatformMediaSessionManager.cpp:
1960         * platform/audio/cocoa/MediaSessionManagerCocoa.cpp: Renamed from Source/WebCore/platform/audio/mac/MediaSessionManagerMac.cpp.
1961         (PlatformMediaSessionManager::updateSessionState):
1962         * platform/audio/mac/MediaSessionManagerMac.h: Added.
1963         * platform/audio/mac/MediaSessionManagerMac.mm: Added.
1964         (WebCore::PlatformMediaSessionManager::sharedManager):
1965         (WebCore::PlatformMediaSessionManager::sharedManagerIfExists):
1966         (WebCore::MediaSessionManagerMac::MediaSessionManagerMac):
1967         (WebCore::MediaSessionManagerMac::~MediaSessionManagerMac):
1968         (WebCore::MediaSessionManagerMac::sessionWillBeginPlayback):
1969         (WebCore::MediaSessionManagerMac::removeSession):
1970         (WebCore::MediaSessionManagerMac::sessionWillEndPlayback):
1971         (WebCore::MediaSessionManagerMac::clientCharacteristicsChanged):
1972         (WebCore::MediaSessionManagerMac::nowPlayingEligibleSession):
1973         (WebCore::MediaSessionManagerMac::updateNowPlayingInfo):
1974         * platform/cocoa/SoftLinking.h:
1975         * platform/mac/MediaRemoteSoftLink.cpp: Added.
1976         * platform/mac/MediaRemoteSoftLink.h: Added.
1977         * platform/mac/RemoteCommandListenerMac.h: Added.
1978         (WebCore::RemoteCommandListenerMac::createWeakPtr):
1979         * platform/mac/RemoteCommandListenerMac.mm: Added.
1980         (WebCore::RemoteCommandListener::create):
1981         (WebCore::RemoteCommandListenerMac::RemoteCommandListenerMac):
1982         (WebCore::RemoteCommandListenerMac::~RemoteCommandListenerMac):
1983         * platform/spi/mac/MediaRemoteSPI.h: Added.
1984
1985 2016-06-29  Jer Noble  <jer.noble@apple.com>
1986
1987         Cannot clear a MediaSource SourceBuffer in Safari 9 and WebKit nightly
1988         https://bugs.webkit.org/show_bug.cgi?id=159230
1989
1990         Reviewed by Eric Carlson.
1991
1992         Test: media/media-source/media-source-remove.html (modified)
1993
1994         Move to using a MediaTime directly (rather than as a double) to add
1995         and removed buffered ranges. Also, drop the use of the "microsecond"
1996         fudge factor when adding buffered ranges.
1997
1998         * Modules/mediasource/SourceBuffer.cpp:
1999         (WebCore::removeSamplesFromTrackBuffer):
2000         (WebCore::SourceBuffer::sourceBufferPrivateDidReceiveSample):
2001
2002 2016-06-29  Jiewen Tan  <jiewen_tan@apple.com>
2003
2004         Unreviewed, second attempt to fix ASAN build for r202599
2005
2006         * platform/text/TextCodecReplacement.cpp:
2007
2008 2016-06-29  Jiewen Tan  <jiewen_tan@apple.com>
2009
2010         Unreviewed, first attempt to fix ASAN build for r202599
2011
2012         * platform/text/TextCodecReplacement.cpp:
2013
2014 2016-06-29  Joseph Pecoraro  <pecoraro@apple.com>
2015
2016         Web Inspector: Show Shadow Root type in DOM Tree
2017         https://bugs.webkit.org/show_bug.cgi?id=159236
2018         <rdar://problem/27068521>
2019
2020         Reviewed by Timothy Hatcher.
2021
2022         Test: inspector/dom/shadowRootType.html
2023
2024         * inspector/InspectorDOMAgent.cpp:
2025         (WebCore::shadowRootType):
2026         (WebCore::InspectorDOMAgent::buildObjectForNode):
2027         Set the shadowRootType property when a node is a ShadowRoot.
2028
2029 2016-06-29  Jeremy Jones  <jeremyj@apple.com>
2030
2031         Replace MPAudioVideoRoutingActionSheet with MPAVRoutingSheet.
2032         https://bugs.webkit.org/show_bug.cgi?id=159161
2033         <rdar://problem/26017691>
2034
2035         Reviewed by Sam Weinig.
2036
2037         Replace MPAudioVideoRoutingActionSheet SPI with MPAVRoutingSheet SPI.
2038
2039         * platform/spi/ios/MediaPlayerSPI.h:
2040
2041 2016-06-29  Alejandro G. Castro  <alex@igalia.com>
2042
2043         WebRTC: ice-char can not contain '=' characters for credentials
2044         https://bugs.webkit.org/show_bug.cgi?id=159207
2045
2046         Reviewed by Eric Carlson.
2047
2048         Avoid a general calculation to get a base64 without padding which
2049         was wrong in the randomString function. Because each parameter
2050         using the function requires a different setup depending of the
2051         specification and this is not a general API, it is a better
2052         solution to calculate and store the sizes we want to use, comment
2053         them and test them, considering we use base64 to generate the
2054         strings we just need to avoid padding.
2055
2056         Existing test modified to match the correct behavior.
2057
2058         * Modules/mediastream/MediaEndpointPeerConnection.cpp:
2059         (WebCore::randomString): Now the size is the one passed.
2060         (WebCore::MediaEndpointPeerConnection::MediaEndpointPeerConnection):
2061         Used different valid values following the sdp parser in each case.
2062
2063 2016-06-29  David Kilzer  <ddkilzer@apple.com>
2064
2065         Crash when 'input' event handler for input[type=color] changes the input type
2066         <https://webkit.org/b/159262>
2067         <rdar://problem/27020404>
2068
2069         Reviewed by Daniel Bates.
2070
2071         Fix based on a Blink change (patch by <tkent@chromium.org>):
2072         <https://chromium.googlesource.com/chromium/src.git/+/a17cb3ecef49a078657524cdeaba33ad2083646c>
2073
2074         Test: fast/forms/color/color-type-change-on-input-crash.html
2075
2076         * html/ColorInputType.cpp:
2077         (WebCore::ColorInputType::didChooseColor): Add EventQueueScope
2078         before setValueFromRenderer() to fix the bug.
2079         * html/HTMLInputElement.h:
2080         (WebCore::HTMLInputElement::setValueFromRenderer): Add comment
2081         about how to use this method.
2082
2083 2016-06-29  Adam Bergkvist  <adam.bergkvist@ericsson.com>
2084
2085         WebRTC: Misc MediaStreamEvent fixes: Update build flag and remove PassRefPtr usage
2086         https://bugs.webkit.org/show_bug.cgi?id=159132
2087
2088         Reviewed by Eric Carlson.
2089
2090         Use the WEB_RTC build flag instead of MEDIA_STREAM since this event is related to
2091         RTCPeerConnection. Also remove PassRefPtr usage.
2092
2093         Updated existing expected results.
2094
2095         * Modules/mediastream/MediaStreamEvent.cpp:
2096         (WebCore::MediaStreamEvent::create):
2097         (WebCore::MediaStreamEvent::MediaStreamEvent):
2098         * Modules/mediastream/MediaStreamEvent.h:
2099         * Modules/mediastream/MediaStreamEvent.idl:
2100         * dom/EventNames.in:
2101
2102 2016-06-29  Adam Bergkvist  <adam.bergkvist@ericsson.com>
2103
2104         REGRESSION(r202337) [WebRTC] Crash when loading html5test.com
2105         https://bugs.webkit.org/show_bug.cgi?id=159145
2106
2107         Reviewed by Eric Carlson.
2108
2109         MediaEndpointPeerConnection uses an implementation of the MediaEndpoint interface to
2110         interact with the port's WebRTC backend. A mock (MockMediaEndpoint) is used for testing.
2111         This change adds an "empty" MediaEndpoint implementation that simplifies the case when a
2112         port builds and tests with MediaEndpointPeerConnection/MockMediaEndpoint, but doesn't have
2113         a "real" MediaEndpoint implementation yet (to use with MiniBrowser).
2114
2115         * Modules/mediastream/MediaEndpointPeerConnection.cpp:
2116         (WebCore::MediaEndpointPeerConnection::MediaEndpointPeerConnection):
2117         * platform/mediastream/MediaEndpoint.cpp:
2118         (WebCore::EmptyRealtimeMediaSource::create):
2119         (WebCore::EmptyRealtimeMediaSource::EmptyRealtimeMediaSource):
2120         (WebCore::EmptyMediaEndpoint::EmptyMediaEndpoint):
2121         (WebCore::createMediaEndpoint):
2122
2123 2016-06-29  Alejandro G. Castro  <alex@igalia.com>
2124
2125         Fix assertion in debug build when creating the SocketStreamHandle object.
2126
2127         We have to call relaxAdoptionRequirement to avoid the assertion
2128         when protecting the non-adopted SocketStreamHandle we are
2129         creating. Update to r202370.
2130
2131         Rubber-stamped by Carlos Garcia Campos.
2132
2133         * platform/network/soup/SocketStreamHandleSoup.cpp:
2134         (WebCore::SocketStreamHandle::SocketStreamHandle):
2135
2136 2016-06-29  David Kilzer  <ddkilzer@apple.com>
2137
2138         Throw exceptions for invalid number of channels for ConvolverNode
2139         <https://webkit.org/b/159238>
2140         <rdar://problem/27020410>
2141
2142         Reviewed by Brent Fulgham.
2143
2144         Fix based on a Blink change (patch by <rtoy@chromium.org>):
2145         <https://chromium.googlesource.com/chromium/src.git/+/0cc26bbb7175aec77910d0b47faf9f8c8a640fe5>
2146
2147         Test: webaudio/convolver-channels.html
2148
2149         * Modules/webaudio/ConvolverNode.cpp:
2150         (WebCore::ConvolverNode::setBuffer): Throw an exception for
2151         anything but 1, 2 or 4 channels.
2152
2153 2016-06-29  Carlos Garcia Campos  <cgarcia@igalia.com>
2154
2155         REGRESSION(r198782, r201043): [image-decoders] Flickering with some animated gif
2156         https://bugs.webkit.org/show_bug.cgi?id=159089
2157
2158         Reviewed by Antonio Gomes.
2159
2160         There's some flickering when loading big enough animated gifs running the animation in a loop. The first time it
2161         loads everything is fine, but after the first loop iteration there are several flickering effects, once every
2162         time the animation finishes and some others happening in the middle of the animation loop. The flickering
2163         happens because we fail to render some of the frames, and it has two diferent causes:
2164
2165          - In r198782, ImageDecoder::createFrameImageAtIndex(), was modified to check first if the image is empty to
2166         return early, and then try to get the frame image from the decoder. This is the aone causing the flickering
2167         always on the first frame after one iteration. It happens because ImageDecoder::size() is always empty at that
2168         point. The first time doesn't happen because the gif is loaded and BitmapImage calls isSizeAvailable() from
2169         BitmapImage::dataChanged(). The isSizeAvailable call makes the gif decoder calculate the size. But for the next
2170         iterations, frames are cached and BitmapImage already has the decoded data so isSizeAvailable is not called
2171         again. When createFrameImageAtIndex() is called again for the first frame, size is empty until the gif decoder
2172         creates the reader again, which happens when frameBufferAtIndex() is called, so after that the size is
2173         available. So, we could call isSizeAvailable before checking the size, or simply do the check after the
2174         frameBufferAtIndex() call as we used to do.
2175
2176          - In r201043 BitmapImage::destroyDecodedDataIfNecessary() was fixed to use the actual bytes used by the frame
2177         in order to decide whether to destroy decoded data or not. This actually revealed a bug, it didn't happen before
2178         because we were never destroying frames before. The bug is in the gif decoder that doesn't correctly handle the
2179         case of destroying only some of the frames from the buffer cache. The gif decoder is designed to always process the
2180         frames in order, the reader keeps an index of the currently processed frame, so when some frames are read from the
2181         cache, and then we ask the decoder for a not cached frame, the currently processed frame is not in sync with the
2182         actual frame we are asking for, and we end do not processing any frame at all.
2183
2184         * platform/image-decoders/ImageDecoder.cpp:
2185         (WebCore::ImageDecoder::createFrameImageAtIndex): Check the size after calling frameBufferAtIndex().
2186         * platform/image-decoders/gif/GIFImageDecoder.cpp:
2187         (WebCore::GIFImageDecoder::clearFrameBufferCache): Delete the reader when clearing the cache since it's out of sync.
2188
2189 2016-06-28  Carlos Garcia Campos  <cgarcia@igalia.com>
2190
2191         [GStreamer] Adaptive streaming issues
2192         https://bugs.webkit.org/show_bug.cgi?id=144040
2193
2194         Reviewed by Philippe Normand.
2195
2196         There are multiple deadlocks in the web process when HLS content is loaded by GStreamer. It happens because gst
2197         is using several threads to download manifest, fragments, monitor the downloads, etc. To download the fragments
2198         and manifest it always creates the source element in a separate thread, something that is not actually expected
2199         to happen in WebKit source element. Our source element is always scheduling tasks (start, stop, need-data,
2200         enough-data and seek) to the main thread, and those downloads that use the ResourceHandleStreamingClient
2201         (there's no player associated) also happen in the main thread, because libsoup calls all its async callbacks in
2202         the main thread. So, the result is that it can happen that we end up blocking the main thread in a lock until
2203         the download finishes, but the download never finishes because tasks are scheduled in the main thread that is
2204         blocked in a lock. This can be prevented by always using a secondary thread for downloads made by
2205         ResourceHandleStreamingClient, using its own run loop with a different GMainContext so that libsoup sends
2206         callbacks to the right thread. We also had to refactor the tasks a bit, leaving the thread safe parts to be run
2207         in the calling thread always, and only scheduling to the main thread in case of not using
2208         ResourceHandleStreamingClient and only for the non thread safe parts.
2209         This patch also includes r200455 that was rolled out, but it was a perfectly valid workaround for GST bug.
2210
2211         * platform/graphics/gstreamer/GRefPtrGStreamer.cpp:
2212         (WTF::ensureGRef): Consume the floating ref if needed.
2213         * platform/graphics/gstreamer/GRefPtrGStreamer.h:
2214         * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
2215         (webkit_web_src_init): Check if object is being created in the main thread.
2216         (webKitWebSrcStop): Stop the media resource loader in the main thread and the resource handle streaming in the
2217         current thread.
2218         (webKitWebSrcStart): Start the media resource loader in the main thread and the resource handle streaming in
2219         the current thread.
2220         (webKitWebSrcChangeState): Call webKitWebSrcStart and webKitWebSrcStop in the current thread.
2221         (webKitWebSrcNeedData): Update status in the current thread and notify the media resource loader in the main thread.
2222         (webKitWebSrcEnoughData): Ditto.
2223         (webKitWebSrcSeek): Ditto.
2224         (webKitWebSrcSetMediaPlayer): Add an assert to ensure that source elements used by WebKit are always created in
2225         the main thread.
2226         (ResourceHandleStreamingClient::ResourceHandleStreamingClient): Use a secondary thread to do the download.
2227         (ResourceHandleStreamingClient::~ResourceHandleStreamingClient): Stop the secondary thread.
2228         (ResourceHandleStreamingClient::setDefersLoading): Notify the secondary thread.
2229
2230 2016-06-28  Youenn Fablet  <youennf@gmail.com>
2231
2232         Remove ThreadableLoaderOptions origin
2233         https://bugs.webkit.org/show_bug.cgi?id=159221
2234
2235         Reviewed by Sam Weinig.
2236
2237         No change of behavior.
2238
2239         * loader/DocumentThreadableLoader.cpp:
2240         (WebCore::DocumentThreadableLoader::loadResourceSynchronously): Adding origing parameter.
2241         (WebCore::DocumentThreadableLoader::create): Ditto.
2242         (WebCore::DocumentThreadableLoader::DocumentThreadableLoader): Ditto.
2243         (WebCore::DocumentThreadableLoader::redirectReceived): Setting m_origin.
2244         (WebCore::DocumentThreadableLoader::securityOrigin): Checking m_origin.
2245         * loader/DocumentThreadableLoader.h: Adding m_origin member.
2246         * loader/ThreadableLoader.cpp:
2247         (WebCore::ThreadableLoaderOptions::ThreadableLoaderOptions): Removing origin.
2248         (WebCore::ThreadableLoaderOption::isolatedCopy): Deleted.
2249         * loader/ThreadableLoader.h: Removing origin parameter and isolatedCopy function.
2250         * loader/WorkerThreadableLoader.cpp:
2251         (WebCore::LoaderTaskOptions::LoaderTaskOptions): Structure to pass loader task options from one thread to another.
2252         (WebCore::WorkerThreadableLoader::MainThreadBridge::MainThreadBridge):
2253         * page/EventSource.cpp:
2254         (WebCore::EventSource::connect): Removing setting of the origin.
2255         * workers/WorkerScriptLoader.cpp:
2256         (WebCore::WorkerScriptLoader::loadSynchronously): Ditto.
2257         (WebCore::WorkerScriptLoader::loadAsynchronously): Ditto.
2258         * xml/XMLHttpRequest.cpp:
2259         (WebCore::XMLHttpRequest::createRequest): Ditto.
2260
2261 2016-06-28  Commit Queue  <commit-queue@webkit.org>
2262
2263         Unreviewed, rolling out r202580.
2264         https://bugs.webkit.org/show_bug.cgi?id=159245
2265
2266         Caused all WKTR tests to fail on GuardMalloc and Production
2267         only for unknown reasons, investigating offline. (Requested by
2268         brrian on #webkit).
2269
2270         Reverted changeset:
2271
2272         "RunLoop::Timer should use constructor templates instead of
2273         class templates"
2274         https://bugs.webkit.org/show_bug.cgi?id=159153
2275         http://trac.webkit.org/changeset/202580
2276
2277 2016-06-28  Benjamin Poulain  <benjamin@webkit.org>
2278
2279         Rename ChildrenAffectedByActive to StyleAffectedByActive
2280         https://bugs.webkit.org/show_bug.cgi?id=159187
2281
2282         Reviewed by Antti Koivisto.
2283
2284         Flags named "ChildrenAffectedBy" are used when the invalidation
2285         of children is so crazy that we invalidate the whole parent subtree instead.
2286
2287         That's not the case for :active. It is a straightforward element invalidation.
2288         Consequently, the property is renamed to StyleAffectedByActive.
2289
2290         * dom/Element.cpp:
2291         (WebCore::Element::setActive):
2292         (WebCore::Element::setStyleAffectedByActive):
2293         (WebCore::Element::hasFlagsSetDuringStylingOfChildren):
2294         (WebCore::Element::rareDataStyleAffectedByActive):
2295         (WebCore::Element::setChildrenAffectedByActive): Deleted.
2296         (WebCore::Element::rareDataChildrenAffectedByActive): Deleted.
2297         * dom/Element.h:
2298         (WebCore::Element::styleAffectedByActive):
2299         (WebCore::Element::childrenAffectedByActive): Deleted.
2300         * dom/ElementRareData.h:
2301         (WebCore::ElementRareData::styleAffectedByActive):
2302         (WebCore::ElementRareData::setStyleAffectedByActive):
2303         (WebCore::ElementRareData::ElementRareData):
2304         (WebCore::ElementRareData::resetDynamicRestyleObservations):
2305         (WebCore::ElementRareData::childrenAffectedByActive): Deleted.
2306         (WebCore::ElementRareData::setChildrenAffectedByActive): Deleted.
2307         * style/StyleRelations.cpp:
2308         (WebCore::Style::commitRelations):
2309
2310 2016-06-28  Jiewen Tan  <jiewen_tan@apple.com>
2311
2312         Implement "replacement" codec
2313         https://bugs.webkit.org/show_bug.cgi?id=159180
2314         <rdar://problem/26015178>
2315
2316         Reviewed by Brent Fulgham.
2317
2318         Test: fast/encoding/charset-replacement.html
2319
2320         Add support for "replacement" codec according to the spec:
2321         https://encoding.spec.whatwg.org/#replacement
2322         According to the spec, encoding labels {"csiso2022kr", "hz-gb-2312", "iso-2022-cn",
2323         "iso-2022-cn-ext", "iso-2022-kr"} are used to conduct certain attacks that abuse
2324         a mismatch between encodings supported on the server and the client. Therefore,
2325         they are grouped under the "replacement" codec, which does the following things
2326         to prevent those attacks.
2327         1) Decode: terminates with a single U+FFFD.
2328         2) Encode: treated as UTF-8.
2329
2330         Furthermore, the "replacement" codec is a specification convenience to group those
2331         vulnerable encoding labels. Therefore, it should not be able to use directly.
2332
2333         This change is based on the following Blink changes:
2334         https://codereview.chromium.org/265973003, and
2335         https://codereview.chromium.org/261013007.
2336
2337         * CMakeLists.txt:
2338         * WebCore.xcodeproj/project.pbxproj:
2339         * platform/text/TextAllInOne.cpp:
2340         * platform/text/TextCodecReplacement.cpp: Added.
2341         (WebCore::TextCodecReplacement::create):
2342         (WebCore::TextCodecReplacement::TextCodecReplacement):
2343         (WebCore::TextCodecReplacement::registerEncodingNames):
2344         (WebCore::TextCodecReplacement::registerCodecs):
2345         (WebCore::TextCodecReplacement::decode):
2346         * platform/text/TextCodecReplacement.h: Added.
2347         * platform/text/TextEncoding.cpp:
2348         (WebCore::TextEncoding::TextEncoding):
2349         * platform/text/TextEncodingRegistry.cpp:
2350         (WebCore::isReplacementEncoding):
2351         (WebCore::extendTextCodecMaps):
2352         * platform/text/TextEncodingRegistry.h:
2353
2354 2016-06-28  Dean Jackson  <dino@apple.com>
2355
2356         Remove incorrect comments in HTMLCanvasElement
2357         https://bugs.webkit.org/show_bug.cgi?id=159229
2358
2359         Reviewed by Sam Weinig.
2360
2361         These comments are wrong.
2362
2363         * html/HTMLCanvasElement.cpp:
2364         (WebCore::HTMLCanvasElement::probablySupportsContext):
2365         (WebCore::HTMLCanvasElement::getContext): Deleted.
2366
2367 2016-06-28  Geoffrey Garen  <ggaren@apple.com>
2368
2369         CrashTracer beneath JSC::MarkedBlock::specializedSweep
2370         https://bugs.webkit.org/show_bug.cgi?id=159223
2371
2372         Reviewed by Saam Barati.
2373
2374         This crash is caused by a media element re-entering JS during the GC
2375         sweep phase.
2376
2377         In theory, other CachedResourceClients in the DOM might also trigger
2378         similar bugs, but our data only implicates the media elements, so this
2379         fix targets them.
2380
2381         * html/HTMLDocument.h: Document has no reason to inherit from
2382         CachedResourceClient. I found this becuase I had to search for all
2383         CachedResourceClients in researching this patch.
2384
2385         * platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp:
2386         (WebCore::WebCoreAVCFResourceLoader::invalidate): Delay our call to
2387         stopLoading because it might re-enter JS, and we might have been called
2388         by the GC sweep phase destroying a media element.
2389
2390         * platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm:
2391         (WebCore::WebCoreAVFResourceLoader::invalidate): Ditto.
2392
2393 2016-06-28  Saam Barati  <sbarati@apple.com>
2394
2395         some Watchpoints' ::fireInternal method will call operations that might GC where the GC will cause the watchpoint itself to destruct
2396         https://bugs.webkit.org/show_bug.cgi?id=159198
2397         <rdar://problem/26302360>
2398
2399         Reviewed by Filip Pizlo.
2400
2401         * bindings/js/JSDOMWindowBase.cpp:
2402         (WebCore::JSDOMWindowBase::fireFrameClearedWatchpointsForWindow):
2403         * bindings/scripts/CodeGeneratorJS.pm:
2404         (GenerateHeader):
2405         * bindings/scripts/test/JS/JSTestEventTarget.h:
2406         (WebCore::JSTestEventTarget::create):
2407
2408 2016-06-28  Anders Carlsson  <andersca@apple.com>
2409
2410         Move the user gesture requirement to the ApplePaySession constructor
2411         https://bugs.webkit.org/show_bug.cgi?id=159225
2412         rdar://problem/26507267
2413
2414         Reviewed by Tim Horton.
2415
2416         By doing this, clients can do pre-validation before showing the sheet, while we still maintain the user gesture requirement.
2417
2418         * Modules/applepay/ApplePaySession.cpp:
2419         (WebCore::ApplePaySession::create):
2420         (WebCore::ApplePaySession::begin): Deleted.
2421
2422 2016-06-28  Youenn Fablet  <youenn@apple.com>
2423
2424         Iterable interfaces should have their related prototype @@iterator property writable
2425         https://bugs.webkit.org/show_bug.cgi?id=159211
2426         <rdar://problem/26950766>
2427
2428         Reviewed by Chris Dumez.
2429
2430         Updating @@iterator property according  http://heycam.github.io/webidl/#es-iterator.
2431
2432         Covered by updated test.
2433
2434         * bindings/scripts/CodeGeneratorJS.pm:
2435         (GenerateImplementation): Removing ReadOnly flag from @@iterator property of iterable interfaces.
2436         * bindings/scripts/test/JS/JSTestNode.cpp:
2437         (WebCore::JSTestNodePrototype::finishCreation): Rebasing expectation.
2438         * bindings/scripts/test/JS/JSTestObj.cpp:
2439         (WebCore::JSTestObjPrototype::finishCreation): Ditto.
2440
2441 2016-06-28  Anders Carlsson  <andersca@apple.com>
2442
2443         "Total amount is too big" error message is displaying on clicking Pay button
2444         https://bugs.webkit.org/show_bug.cgi?id=159219
2445         rdar://problem/26722110
2446
2447         Reviewed by Tim Horton.
2448
2449         Match the PassKit max amount.
2450
2451         * Modules/applepay/PaymentRequestValidator.cpp:
2452         (WebCore::PaymentRequestValidator::validateTotal):
2453
2454 2016-06-28  Anders Carlsson  <andersca@apple.com>
2455
2456         PaymentMerchantSession should wrap a PKPaymentMerchantSession
2457         https://bugs.webkit.org/show_bug.cgi?id=159218
2458         rdar://problem/26872118
2459
2460         Reviewed by Tim Horton.
2461
2462         * Modules/applepay/ApplePaySession.cpp:
2463         (WebCore::ApplePaySession::completeMerchantValidation):
2464         Use PaymentMerchantSession::fromJS.
2465
2466         (WebCore::createMerchantSession): Deleted.
2467
2468         * Modules/applepay/PaymentCoordinator.h:
2469         PaymentMerchantSession is now a class.
2470
2471         * Modules/applepay/PaymentCoordinatorClient.h:
2472         PaymentMerchantSession is now a class.
2473
2474         * Modules/applepay/PaymentMerchantSession.h:
2475         (WebCore::PaymentMerchantSession::PaymentMerchantSession):
2476         (WebCore::PaymentMerchantSession::~PaymentMerchantSession):
2477         (WebCore::PaymentMerchantSession::pkPaymentMerchantSession):
2478         Store a PKPaymentMerchantSession in a RetainPtr inside the PaymentMerchantSession object.
2479
2480         * Modules/applepay/cocoa/PaymentMerchantSessionCocoa.mm:
2481         (WebCore::PaymentMerchantSession::fromJS):
2482         Convert the JS object to a PKPaymentMerchantSession and return a PaymentMerchantSession that wraps it.
2483
2484         * WebCore.xcodeproj/project.pbxproj:
2485         Add new files.
2486
2487         * bindings/js/Dictionary.h:
2488         (WebCore::Dictionary::initializerObject):
2489         Add new getter.
2490
2491 2016-06-28  Brian Burg  <bburg@apple.com>
2492
2493         RunLoop::Timer should use constructor templates instead of class templates
2494         https://bugs.webkit.org/show_bug.cgi?id=159153
2495
2496         Reviewed by Alex Christensen.
2497
2498         Remove the RunLoop::Timer class template argument, and pass its constructor
2499         a reference to `this` instead of a pointer to `this`.
2500
2501         * Modules/mediasession/WebMediaSessionManager.cpp:
2502         (WebCore::WebMediaSessionManager::WebMediaSessionManager):
2503         * Modules/mediasession/WebMediaSessionManager.h:
2504         * page/WheelEventTestTrigger.cpp:
2505         (WebCore::WheelEventTestTrigger::WheelEventTestTrigger):
2506         * page/WheelEventTestTrigger.h:
2507         * page/mac/TextIndicatorWindow.h:
2508         * page/mac/TextIndicatorWindow.mm:
2509         (WebCore::TextIndicatorWindow::TextIndicatorWindow):
2510         * platform/MainThreadSharedTimer.h:
2511         * platform/cocoa/ScrollController.h:
2512         * platform/cocoa/ScrollController.mm:
2513         (WebCore::ScrollController::ScrollController):
2514         * platform/glib/MainThreadSharedTimerGLib.cpp:
2515         (WebCore::MainThreadSharedTimer::MainThreadSharedTimer):
2516         * platform/graphics/MediaPlaybackTargetPicker.cpp:
2517         (WebCore::MediaPlaybackTargetPicker::MediaPlaybackTargetPicker):
2518         * platform/graphics/MediaPlaybackTargetPicker.h:
2519         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
2520         (WebCore::MediaPlayerPrivateGStreamer::MediaPlayerPrivateGStreamer):
2521         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
2522         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
2523         (WebCore::MediaPlayerPrivateGStreamerBase::MediaPlayerPrivateGStreamerBase):
2524         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
2525         * platform/graphics/gstreamer/VideoSinkGStreamer.cpp:
2526         (VideoRenderRequestScheduler::VideoRenderRequestScheduler):
2527         * platform/graphics/texmap/TextureMapperPlatformLayerProxy.cpp:
2528         (WebCore::TextureMapperPlatformLayerProxy::TextureMapperPlatformLayerProxy):
2529         (WebCore::TextureMapperPlatformLayerProxy::activateOnCompositingThread):
2530         * platform/graphics/texmap/TextureMapperPlatformLayerProxy.h:
2531         * platform/mock/MediaPlaybackTargetPickerMock.cpp:
2532         (WebCore::MediaPlaybackTargetPickerMock::MediaPlaybackTargetPickerMock):
2533         * platform/mock/MediaPlaybackTargetPickerMock.h:
2534         * platform/mock/MockRealtimeVideoSource.cpp:
2535         (WebCore::MockRealtimeVideoSource::MockRealtimeVideoSource):
2536         * platform/mock/MockRealtimeVideoSource.h:
2537         * platform/network/ResourceHandleInternal.h:
2538         (WebCore::ResourceHandleInternal::ResourceHandleInternal):
2539
2540 2016-06-27  Jer Noble  <jer.noble@apple.com>
2541
2542         Cross-domain video loads do not prompt for authorization.
2543         https://bugs.webkit.org/show_bug.cgi?id=159195
2544         <rdar://problem/26234612>
2545
2546         Reviewed by Brent Fulgham.
2547
2548         Test: http/tests/media/video-auth.html (modified)
2549
2550         We should prompt for authorization when a cross-origin <video> is embedded
2551         in a web page.
2552
2553         * loader/MediaResourceLoader.cpp:
2554         (WebCore::MediaResourceLoader::requestResource):
2555
2556 2016-06-28  Ryosuke Niwa  <rniwa@webkit.org>
2557
2558         REGRESSION(r201471): FormClient.textFieldDidEndEditing is no longer called when a text field is removed
2559         https://bugs.webkit.org/show_bug.cgi?id=159199
2560         <rdar://problem/26748189>
2561
2562         Reviewed by Alexey Proskuryakov.
2563
2564         The bug was caused by HTMLInputElement's endEditing no longer getting called due to the behavior change.
2565         Preserve the WebKit2 API semantics by manually calling HTMLInputElement::endEditing in setFocusedElement.
2566
2567         Tests: WebKit2TextFieldDidBeginAndEndEditing
2568
2569         * dom/Document.cpp:
2570         (WebCore::Document::setFocusedElement):
2571
2572 2016-06-28  Frederic Wang  <fwang@igalia.com>
2573
2574         Phrasing content should be accepted in <mo> elements
2575         https://bugs.webkit.org/show_bug.cgi?id=130245
2576
2577         Reviewed by Brent Fulgham.
2578
2579         After r202420, the RenderMathMLOperator element no longer messes with anonymous block and
2580         text nodes. Hence it is now safe to allow foreign content inside <mo>.
2581
2582         We extend foreign-element-in-token.html to cover the mo case.
2583
2584         * mathml/MathMLTextElement.cpp:
2585         (WebCore::MathMLTextElement::childShouldCreateRenderer): Remove the early return for <mo> so
2586         that it accepts phrasing content children.
2587
2588 2016-06-27  Anders Carlsson  <andersca@apple.com>
2589
2590         WebKit::WebPaymentCoordinator leak
2591         https://bugs.webkit.org/show_bug.cgi?id=159168
2592         rdar://problem/26929772
2593
2594         Reviewed by Beth Dakin.
2595
2596         * Modules/applepay/PaymentCoordinator.cpp:
2597         (WebCore::PaymentCoordinator::~PaymentCoordinator):
2598         Call paymentCoordinatorDestroyed().
2599
2600         * Modules/applepay/PaymentCoordinatorClient.h:
2601         Rename mainFrameDestroyed to paymentCoordinatorDestroyed().
2602
2603         * loader/EmptyClients.cpp:
2604
2605 2016-06-28  Frederic Wang  <fwang@igalia.com>
2606
2607         Remove anonymous in renderName for all MathML renderers but RenderMathMLOperator
2608         https://bugs.webkit.org/show_bug.cgi?id=159114
2609
2610         Reviewed by Martin Robinson.
2611
2612         After r202420, the only anonymous MathML renderers are the RenderMathMLOperators created by
2613         the mfenced element. Hence we remove the special case for anonymous in the renderName
2614         implementation of most MathML renderers.
2615
2616         No new tests, behavior unchanged.
2617
2618         * rendering/mathml/RenderMathMLRow.h:
2619         * rendering/mathml/RenderMathMLSpace.h:
2620         * rendering/mathml/RenderMathMLToken.h:
2621
2622 2016-06-28  Adam Bergkvist  <adam.bergkvist@ericsson.com>
2623
2624         WebRTC: Robustify 'this' type check in RTCPeerConnection JS built-ins
2625         https://bugs.webkit.org/show_bug.cgi?id=158831
2626
2627         Reviewed by Youenn Fablet.
2628
2629         Use @operations slot in RTCPeerConnection type check.
2630
2631         Updated results of existing test.
2632
2633         * Modules/mediastream/RTCPeerConnection.js:
2634         (initializeRTCPeerConnection):
2635         Initialize @operations slot in constructor.
2636         * Modules/mediastream/RTCPeerConnectionInternals.js:
2637         (isRTCPeerConnection):
2638         Use @operations slot in type check.
2639
2640 2016-06-28  Frederic Wang  <fwang@igalia.com>
2641
2642         AX: Remove dead code in AccessibilityRenderObject::textUnderElement
2643         https://bugs.webkit.org/show_bug.cgi?id=159205
2644
2645         Reviewed by Joanmarie Diggs.
2646
2647         RenderMathMLOperator used to destroy its descendants and to replace them with an anonymous
2648         text node wrapped inside anonymous blocks. After r202420, it just behaves as any other token
2649         elements. Hence we remove the code in AccessibilityRenderObject::textUnderElement that was
2650         used to handle this specific render tree structure.
2651
2652         No new tests, already covered by accessibility/math-text.html.
2653
2654         * accessibility/AccessibilityRenderObject.cpp:
2655         (WebCore::AccessibilityRenderObject::textUnderElement): Remove dead code for RenderText and RenderMathMLOperator.
2656
2657 2016-06-28  Per Arne Vollan  <pvollan@apple.com>
2658
2659         [Win] Custom elements tests are failing.
2660         https://bugs.webkit.org/show_bug.cgi?id=159139
2661
2662         Reviewed by Alex Christensen.
2663
2664         Fix compile errors after enabling custom element API.
2665
2666         * bindings/js/JSHTMLElementCustom.cpp:
2667         (WebCore::constructJSHTMLElement):
2668         * dom/CustomElementDefinitions.cpp:
2669         (WebCore::CustomElementDefinitions::addElementDefinition):
2670         * dom/Document.cpp:
2671         (WebCore::createHTMLElementWithNameValidation):
2672         (WebCore::createFallbackHTMLElement):
2673         * dom/Element.cpp:
2674         (WebCore::Element::attributeChanged):
2675         * dom/LifecycleCallbackQueue.cpp:
2676         (WebCore::LifecycleQueueItem::LifecycleQueueItem):
2677         (WebCore::LifecycleCallbackQueue::enqueueElementUpgrade):
2678         (WebCore::LifecycleCallbackQueue::enqueueAttributeChangedCallback):
2679         * html/parser/HTMLConstructionSite.cpp:
2680         (WebCore::HTMLConstructionSite::insertHTMLElementOrFindCustomElementInterface):
2681         (WebCore::HTMLConstructionSite::createHTMLElementOrFindCustomElementInterface):
2682         * html/parser/HTMLDocumentParser.cpp:
2683         (WebCore::HTMLDocumentParser::runScriptsForPausedTreeBuilder):
2684         * html/parser/HTMLTreeBuilder.cpp:
2685         (WebCore::CustomElementConstructionData::CustomElementConstructionData):
2686         (WebCore::HTMLTreeBuilder::insertGenericHTMLElement):
2687         * html/parser/HTMLTreeBuilder.h:
2688
2689 2016-06-28  Philippe Normand  <pnormand@igalia.com>
2690
2691         [GStreamer] usec rounding is wrong during accurate seeking
2692         https://bugs.webkit.org/show_bug.cgi?id=90734
2693
2694         Reviewed by Carlos Garcia Campos.
2695
2696         Use floor() to round the microseconds value, this is more robust
2697         than roundf.
2698
2699         * platform/graphics/gstreamer/GStreamerUtilities.cpp:
2700         (WebCore::toGstClockTime):
2701         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
2702         (WebCore::MediaPlayerPrivateGStreamer::playbackPosition):
2703
2704 2016-06-28  Philippe Normand  <pnormand@igalia.com>
2705
2706         [GStreamer] improved duration query support in the HTTP source element
2707         https://bugs.webkit.org/show_bug.cgi?id=159204
2708
2709         Reviewed by Carlos Garcia Campos.
2710
2711         When we have the Content-Length value it is possible to infer the TIME
2712         duration in most cases by performing a convert query in the downstream
2713         elements. This is especially useful when the duration query wasn't
2714         managed by the sinks and thus reached the source element.
2715
2716         * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
2717         (webKitWebSrcQueryWithParent):
2718
2719 2016-06-28  Youenn Fablet  <youenn@apple.com>
2720
2721         Binding generator should generate accessors for constructors safely accessed from JS builtin
2722         https://bugs.webkit.org/show_bug.cgi?id=159087
2723
2724         Reviewed by Alex Christensen.
2725
2726         Removed constructor private slots direct additions in JSDOMGlobalObject.
2727         Added support for generating the code that will do that.
2728         Advantage of the implementation:
2729         - Private slots will expose constructors that are also publically visible (previously workers had some private slots filled with WebRTC constructors).
2730         - Private slots no longer require the creation of the constructors at window creation time.
2731
2732         Although PublicIdentifier and PrivateIdentifier are both added where needed, the binding generator does not
2733         support the case of a constructor accessible only privately.
2734
2735         Covered by existing test set and adding binding test.
2736
2737         * Modules/mediastream/MediaStream.idl: Marked as PublicIdentifier/PrivateIdentifier.
2738         * Modules/mediastream/MediaStreamTrack.idl: Ditto.
2739         * Modules/mediastream/RTCIceCandidate.idl: Ditto.
2740         * Modules/mediastream/RTCSessionDescription.idl: Ditto.
2741         * Modules/streams/ReadableStream.idl: Ditto.
2742         * bindings/js/JSDOMGlobalObject.cpp:
2743         (WebCore::JSDOMGlobalObject::addBuiltinGlobals): Removed unneeded additions.
2744         * bindings/scripts/CodeGeneratorJS.pm:
2745         (GenerateImplementation): Added support for private slots for interface constructors marked as
2746         PrivateIdentifier.
2747         * bindings/scripts/preprocess-idls.pl:
2748         (GenerateConstructorAttribute): Make PublicIdentifier/PrivateIdentifier copied interface attributes.
2749         * bindings/scripts/test/GObject/WebKitDOMTestGlobalObject.cpp:
2750         (webkit_dom_test_global_object_set_property):
2751         (webkit_dom_test_global_object_get_property):
2752         (webkit_dom_test_global_object_class_init):
2753         (webkit_dom_test_global_object_get_public_and_private_attribute):
2754         (webkit_dom_test_global_object_set_public_and_private_attribute):
2755         * bindings/scripts/test/GObject/WebKitDOMTestGlobalObject.h:
2756         * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
2757         (WebCore::JSTestGlobalObject::finishCreation):
2758         (WebCore::jsTestGlobalObjectPublicAndPrivateAttribute):
2759         (WebCore::setJSTestGlobalObjectPublicAndPrivateAttribute):
2760         * bindings/scripts/test/ObjC/DOMTestGlobalObject.h:
2761         * bindings/scripts/test/ObjC/DOMTestGlobalObject.mm:
2762         (-[DOMTestGlobalObject publicAndPrivateAttribute]):
2763         (-[DOMTestGlobalObject setPublicAndPrivateAttribute:]):
2764         * bindings/scripts/test/TestGlobalObject.idl:
2765
2766
2767 2016-06-27  Jer Noble  <jer.noble@apple.com>
2768
2769         REGRESSION?(r202466): http/tests/security/canvas-remote-read-remote-video-redirect.html failing on Sierra
2770         https://bugs.webkit.org/show_bug.cgi?id=159172
2771         <rdar://problem/27030025>
2772
2773         Reviewed by Brent Fulgham.
2774
2775         Add a hasSingleSecurityOrigin property to WebCoreNSURLSession that gets updated each time one of that
2776         sessions' tasks receieves a response or a redirect request. Check that property from the MediaPlayerPrivate.
2777
2778         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
2779         (WebCore::MediaPlayerPrivateAVFoundationObjC::hasSingleSecurityOrigin):
2780         * platform/network/cocoa/WebCoreNSURLSession.h:
2781         * platform/network/cocoa/WebCoreNSURLSession.mm:
2782         (-[WebCoreNSURLSession updateHasSingleSecurityOrigin:]):
2783         (-[WebCoreNSURLSession dataTaskWithRequest:]):
2784         (-[WebCoreNSURLSession dataTaskWithURL:]):
2785         (-[WebCoreNSURLSessionDataTask resource:receivedResponse:]):
2786         (-[WebCoreNSURLSessionDataTask resource:receivedRedirect:request:]):
2787
2788 2016-06-27  Alex Christensen  <achristensen@webkit.org>
2789
2790         CMake build fix.
2791
2792         * PlatformMac.cmake:
2793
2794 2016-06-27  Youenn Fablet  <youenn@apple.com>
2795
2796         Remove didFailAccessControlCheck ThreadableLoaderClient callback
2797         https://bugs.webkit.org/show_bug.cgi?id=159149
2798
2799         Reviewed by Daniel Bates.
2800
2801         Adding an AccessControl ResourceError type.
2802         Replacing didFailAccessControlCheck callback by a direct call to didFail with an error of type AccessControl.
2803
2804         Making CrossOriginPreflightChecker always return an AccessControl error. Previously some errors created below
2805         were passed directly to threadable loader clients.
2806
2807         When doing preflight on unauthorized web sites, WTR/DRT will trigger a cancellation error which was translating into an abort event in XMLHttpRequest.
2808         This patch is changing the error type to AccessControl, which translates into an error event in XMLHttpReauest.
2809
2810         This change of behavior is seen in imported/w3c/web-platform-tests/XMLHttpRequest/send-authentication-cors-setrequestheader-no-cred.htm.
2811         No other observable change of behavior should be expected.
2812
2813         * inspector/InspectorNetworkAgent.cpp: Computing error message in didFail according the error type.
2814         * loader/CrossOriginPreflightChecker.cpp:
2815         (WebCore::CrossOriginPreflightChecker::validatePreflightResponse): Setting preflightFailure error type to AccessControl.
2816         (WebCore::CrossOriginPreflightChecker::notifyFinished): Ditto.
2817         (WebCore::CrossOriginPreflightChecker::doPreflight): Ditto.
2818         * loader/DocumentThreadableLoader.cpp:
2819         (WebCore::DocumentThreadableLoader::makeSimpleCrossOriginAccessRequest): Replacing didFailAccessControlCheck
2820         callback by a direct call to didFail with an error of type AccessControl.
2821         (WebCore::reportContentSecurityPolicyError): Ditto.
2822         (WebCore::reportCrossOriginResourceSharingError): Ditto.
2823         (WebCore::DocumentThreadableLoader::didReceiveResponse): Ditto.
2824         (WebCore::DocumentThreadableLoader::preflightFailure): Calling didFail directly.
2825         * loader/ThreadableLoaderClient.h: Removing didFailAccessControlCheck.
2826         * loader/ThreadableLoaderClientWrapper.h: Ditto.
2827         * loader/WorkerThreadableLoader.cpp: Ditto.
2828         * loader/WorkerThreadableLoader.h: Ditto.
2829         * page/EventSource.cpp:
2830         (WebCore::EventSource::didFail): Removing didFailAccessControlCheck and putting handling code in didFail.
2831         * page/EventSource.h:
2832         * platform/network/ResourceErrorBase.cpp:
2833         (WebCore::ResourceErrorBase::setType): Softening the assertion to cover the case of migration to AccessControl.
2834         * platform/network/ResourceErrorBase.h: Adding AccessControl error type.
2835         (WebCore::ResourceErrorBase::isAccessControl):
2836
2837 2016-06-27  Chris Dumez  <cdumez@apple.com>
2838
2839         HTMLElement / SVGElement should implement GlobalEventHandlers, not Element
2840         https://bugs.webkit.org/show_bug.cgi?id=159191
2841         <rdar://problem/27019299>
2842
2843         Reviewed by Ryosuke Niwa.
2844
2845         HTMLElement / SVGElement should implement GlobalEventHandlers, not Element:
2846         - https://html.spec.whatwg.org/multipage/dom.html#htmlelement
2847         - https://www.w3.org/TR/SVG2/types.html#InterfaceSVGElement
2848
2849         Firefox and Chrome behave as per the specification.
2850
2851         Fixing this also fixes rendering on http://survey123.arcgis.com/.
2852
2853         No new tests, covered by existing tests that were rebaselined.
2854
2855         * dom/Element.idl:
2856         * html/HTMLElement.idl:
2857         * svg/SVGElement.idl:
2858
2859 2016-06-27  Myles C. Maxfield  <mmaxfield@apple.com>
2860
2861         [macOS] Test gardening: Generic font families should not map to fonts which aren't installed
2862         https://bugs.webkit.org/show_bug.cgi?id=159111
2863         <rdar://problem/25807529>
2864
2865         Unreviewed.
2866
2867         Osaka-Mono does not come preinstalled on macOS Sierra. However, many Japanese users
2868         will have the font installed. Before setting the generic font family, we should check
2869         to see if the font is present.
2870
2871         * page/cocoa/SettingsCocoa.mm:
2872         (WebCore::osakaMonoIsInstalled):
2873         (WebCore::Settings::initializeDefaultFontFamilies):
2874
2875 2016-06-24  Ryosuke Niwa  <rniwa@webkit.org>
2876
2877         Don't keep all newly created potential custom elements alive when the feature is disabled
2878         https://bugs.webkit.org/show_bug.cgi?id=159113
2879
2880         Reviewed by Daniel Bates.
2881
2882         Don't keep all HTML unknown elements which has a valid custom element alive when the feature is turned off.
2883
2884         Ideally we want to conform to the behavior in the Custom Elements specification and only upgrade an element
2885         that is inserted into the document. We'll implement that later.
2886
2887         * dom/Document.cpp:
2888         (WebCore::createHTMLElementWithNameValidation):
2889
2890 2016-06-27  Simon Fraser  <simon.fraser@apple.com>
2891
2892         [iOS] -webkit-overflow-scrolling: touch prevents repaint with RTL
2893         https://bugs.webkit.org/show_bug.cgi?id=159186
2894         rdar://problem/26659341
2895
2896         Reviewed by Zalan Bujtas.
2897         
2898         There were two issues with repaints in -webkit-overflow-scrolling:touch scrolling
2899         layers.
2900
2901         First, if the scrolled contents were inline (e.g. a <span>), then repaints were
2902         broken because RenderInline didn't call shouldApplyClipAndScrollPositionForRepaint().
2903         Fix by making shouldApplyClipAndScrollPositionForRepaint() a member function of RenderBox
2904         and calling it from RenderBox::computeRectForRepaint() and RenderInline::clippedOverflowRectForRepaint().
2905
2906         Second, repaints were broken in RTL because RenderLayerBacking::setContentsNeedDisplayInRect()
2907         confused scroll offset and scroll position; it needs to subtract scrollPosition.
2908         
2909         Finally renamed to applyCachedClipAndScrollOffsetForRepaint() to applyCachedClipAndScrollPositionForRepaint()
2910         to make it clear that it uses scrollPosition, not scrollOffset.
2911
2912         Tests: compositing/scrolling/touch-scrolling-repaint-spans.html
2913                compositing/scrolling/touch-scrolling-repaint.html
2914
2915         * rendering/RenderBox.cpp:
2916         (WebCore::RenderBox::applyCachedClipAndScrollPositionForRepaint):
2917         (WebCore::RenderBox::shouldApplyClipAndScrollPositionForRepaint):
2918         (WebCore::RenderBox::computeRectForRepaint):
2919         (WebCore::RenderBox::applyCachedClipAndScrollOffsetForRepaint): Deleted.
2920         (WebCore::shouldApplyContainersClipAndOffset): Deleted.
2921         * rendering/RenderBox.h:
2922         * rendering/RenderInline.cpp:
2923         (WebCore::RenderInline::clippedOverflowRectForRepaint):
2924         (WebCore::RenderInline::computeRectForRepaint):
2925         * rendering/RenderLayerBacking.cpp:
2926         (WebCore::RenderLayerBacking::setContentsNeedDisplayInRect):
2927         * rendering/RenderObject.cpp:
2928         (WebCore::RenderObject::computeRectForRepaint):
2929
2930 2016-06-27  Commit Queue  <commit-queue@webkit.org>
2931
2932         Unreviewed, rolling out r202436.
2933         https://bugs.webkit.org/show_bug.cgi?id=159190
2934
2935         We don't need to make this change. (Requested by thorton on
2936         #webkit).
2937
2938         Reverted changeset:
2939
2940         "Do not use iOS specific telephone detection on macOS."
2941         https://bugs.webkit.org/show_bug.cgi?id=159096
2942         http://trac.webkit.org/changeset/202436
2943
2944 2016-06-27  Benjamin Poulain  <benjamin@webkit.org>
2945
2946         Adopt the iOS TouchEventHandler API for cases that must have synchronous dispatch
2947         https://bugs.webkit.org/show_bug.cgi?id=159179
2948         rdar://problem/27006387
2949
2950         Reviewed by Simon Fraser.
2951
2952         Tests: fast/events/touch/ios/block-without-overflow-scroll-and-passive-observer-on-block-scrolling-state.html
2953                fast/events/touch/ios/block-without-overflow-scroll-and-passive-observer-on-document-scrolling-state.html
2954                fast/events/touch/ios/block-without-overflow-scroll-scrolling-state.html
2955                fast/events/touch/ios/drag-block-without-overflow-scroll-and-passive-observer-on-block.html
2956                fast/events/touch/ios/drag-block-without-overflow-scroll-and-passive-observer-on-document.html
2957                fast/events/touch/ios/drag-block-without-overflow-scroll.html
2958
2959         * dom/Document.cpp:
2960         (WebCore::Document::prepareForDestruction):
2961         (WebCore::Document::removeAllEventListeners):
2962         * dom/Node.cpp:
2963         (WebCore::Node::willBeDeletedFrom):
2964         (WebCore::tryAddEventListener):
2965         (WebCore::tryRemoveEventListener):
2966         * html/shadow/SliderThumbElement.cpp:
2967         (WebCore::SliderThumbElement::registerForTouchEvents):
2968         (WebCore::SliderThumbElement::unregisterForTouchEvents):
2969         * rendering/RenderLayer.cpp:
2970         (WebCore::RenderLayer::registerAsTouchEventListenerForScrolling):
2971         (WebCore::RenderLayer::unregisterAsTouchEventListenerForScrolling):
2972
2973 2016-06-27  Alex Christensen  <achristensen@webkit.org>
2974
2975         Fix Windows build.
2976
2977         * bindings/js/SerializedScriptValue.h:
2978         WTF
2979
2980 2016-06-27  Commit Queue  <commit-queue@webkit.org>
2981
2982         Unreviewed, rolling out r202520.
2983         https://bugs.webkit.org/show_bug.cgi?id=159185
2984
2985         This change broke the 32-bit El Capitan build (Requested by
2986         ryanhaddad on #webkit).
2987
2988         Reverted changeset:
2989
2990         "REGRESSION?(r202466): http/tests/security/canvas-remote-read-
2991         remote-video-redirect.html failing on Sierra"
2992         https://bugs.webkit.org/show_bug.cgi?id=159172
2993         http://trac.webkit.org/changeset/202520
2994
2995 2016-06-27  Jer Noble  <jer.noble@apple.com>
2996
2997         REGRESSION?(r202466): http/tests/security/canvas-remote-read-remote-video-redirect.html failing on Sierra
2998         https://bugs.webkit.org/show_bug.cgi?id=159172
2999         <rdar://problem/27030025>
3000
3001         Reviewed by Brent Fulgham.
3002
3003         Add a hasSingleSecurityOrigin property to WebCoreNSURLSession that gets updated each time one of that
3004         sessions' tasks receieves a response or a redirect request. Check that property from the MediaPlayerPrivate.
3005
3006         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
3007         (WebCore::MediaPlayerPrivateAVFoundationObjC::hasSingleSecurityOrigin):
3008         * platform/network/cocoa/WebCoreNSURLSession.h:
3009         * platform/network/cocoa/WebCoreNSURLSession.mm:
3010         (-[WebCoreNSURLSession updateHasSingleSecurityOrigin:]):
3011         (-[WebCoreNSURLSession dataTaskWithRequest:]):
3012         (-[WebCoreNSURLSession dataTaskWithURL:]):
3013         (-[WebCoreNSURLSessionDataTask resource:receivedResponse:]):
3014         (-[WebCoreNSURLSessionDataTask resource:receivedRedirect:request:]):
3015
3016 2016-06-27  Benjamin Poulain  <benjamin@webkit.org>
3017
3018         Fix style invalidation for :active when the activated node has no renderer
3019         https://bugs.webkit.org/show_bug.cgi?id=159125
3020
3021         Reviewed by Antti Koivisto.
3022
3023         Same old bug: a style invalidation path was depending
3024         on the style.
3025
3026         Here we really need both flags. An element can have
3027         childrenAffectedByActive() false and renderStyle->affectedByActive() true
3028         if it was subject to style sharing.
3029
3030         The element state "childrenAffectedByActive" should be renamed
3031         "styleAffectedByActive" since it is not a parent invalidation flag.
3032         That will be done separately.
3033
3034         Tests: fast/css/pseudo-active-on-labeled-control-without-renderer.html
3035                fast/css/pseudo-active-style-sharing-1.html
3036                fast/css/pseudo-active-style-sharing-2.html
3037                fast/css/pseudo-active-style-sharing-3.html
3038                fast/css/pseudo-active-style-sharing-4.html
3039                fast/css/pseudo-active-style-sharing-5.html
3040                fast/css/pseudo-active-style-sharing-6.html
3041
3042         * dom/Element.cpp:
3043         (WebCore::Element::setActive):
3044         * style/StyleRelations.cpp:
3045         (WebCore::Style::commitRelationsToRenderStyle):
3046
3047 2016-06-27  Joanmarie Diggs  <jdiggs@igalia.com>
3048
3049         AX: REGRESSION (r202063): ARIA role attribute is being ignored for label element
3050         https://bugs.webkit.org/show_bug.cgi?id=159162
3051
3052         Reviewed by Chris Fleizach.
3053
3054         createFromRenderer() was creating an AccessibilityLabel for any HTMLLabelElement which
3055         lacked an explicitly-handled ARIA role. We should instead create an AccessibilityLabel
3056         when there is no ARIA role.
3057
3058         Test: accessibility/aria-role-on-label.html
3059
3060         * accessibility/AXObjectCache.cpp:
3061         (WebCore::createFromRenderer):
3062
3063 2016-06-27  Commit Queue  <commit-queue@webkit.org>
3064
3065         Unreviewed, rolling out r202505.
3066         https://bugs.webkit.org/show_bug.cgi?id=159169
3067
3068         The test added with this change is flaky and it caused an
3069         existing test to time out on El Capitan. (Requested by
3070         ryanhaddad on #webkit).
3071
3072         Reverted changeset:
3073
3074         "[iOS] Media controls are too cramped with small video"
3075         https://bugs.webkit.org/show_bug.cgi?id=158815
3076         http://trac.webkit.org/changeset/202505
3077
3078 2016-06-27  Benjamin Poulain  <bpoulain@apple.com>
3079
3080         Add :focus-within to the status page
3081
3082         * features.json:
3083         I forgot to update the json file when landing the feature.
3084
3085 2016-06-27  Eric Carlson  <eric.carlson@apple.com>
3086
3087         [Mac] PiP placeholder should remain visible when 'controls' attribute is removed
3088         https://bugs.webkit.org/show_bug.cgi?id=159158
3089         <rdar://problem/26727435>
3090
3091         Reviewed by Jer Noble.
3092
3093         No new tests, existing test updated.
3094
3095         * Modules/mediacontrols/mediaControlsApple.js:
3096         (Controller.prototype.shouldHaveControls): Always return true when in PiP or AirPlay mode.
3097
3098 2016-06-27  Oliver Hunt  <oliver@apple.com>
3099
3100         Update ATS WebContent exception for more robust framework information
3101         https://bugs.webkit.org/show_bug.cgi?id=159151
3102
3103         Reviewed by Alex Christensen.
3104
3105         We found some unexpected poor interaction with AVFoundation in the existing
3106         CFNetwork SPI. This new SPI is more solid and let's us provide more useful
3107         information while also being more future proof against new frameworks and
3108         ATS modes.
3109
3110         * platform/network/mac/ResourceHandleMac.mm:
3111         (WebCore::ResourceHandle::createNSURLConnection):
3112
3113 2016-06-27  Antoine Quint  <graouts@apple.com>
3114
3115         [iOS] Media controls are too cramped with small video
3116         https://bugs.webkit.org/show_bug.cgi?id=158815
3117         <rdar://problem/26824238>
3118
3119         Reviewed by Dean Jackson.
3120
3121         In updateLayoutForDisplayedWidth(), we try to ensure a minimum width is guaranteed
3122         for the progress indicator. However, we were not accounting for the width used by
3123         the current and remaining time labels on either side of it, so we would incorrectly
3124         conclude that we were guaranteeing the minimum time and yield incorrect layouts since
3125         we were trying to fit more buttons than we had room for.
3126
3127         In order to correctly compute the available width for the progress indicator, we now
3128         have clones of the current and remaining time labels, hidden from video and VoiceOver,
3129         that we update along with the originals. The same styles apply to both clones and
3130         originals, so we may measure the clones to determine the space used by the time labels.
3131         The reason we need to use clones is that if the time labels had previously been hidden
3132         from view, precisely because there was not enough space to display them along with the
3133         progress indicator, then trying to obtain metrics from them would yield 0 since they had
3134         "display: none" styles applied. In order to avoid extra layouts and possible flashing, we
3135         use the clones so that we never have to toggle the "display" property of the originals
3136         just to obtain their measurements.
3137
3138         As a result of this change, we adjust the constant used to set the minimum required
3139         width available to display the progress indicator after all other essential controls
3140         and labels have been measured. That constant used to account for the width of the
3141         time labels, and this is no longer correct.
3142
3143         Test: media/video-controls-drop-and-restore-timeline.html
3144
3145         * Modules/mediacontrols/mediaControlsApple.css:
3146         (::-webkit-media-controls-time-remaining-display.clone):
3147         * Modules/mediacontrols/mediaControlsApple.js:
3148         (Controller):
3149         (Controller.prototype.createTimeClones):
3150         (Controller.prototype.removeTimeClass):
3151         (Controller.prototype.addTimeClass):
3152         (Controller.prototype.updateDuration):
3153         (Controller.prototype.updateLayoutForDisplayedWidth):
3154         (Controller.prototype.updateTime):
3155         (Controller.prototype.updateControlsWhileScrubbing):
3156         * Modules/mediacontrols/mediaControlsiOS.css:
3157         (::-webkit-media-controls-time-remaining-display.clone):
3158         * Modules/mediacontrols/mediaControlsiOS.js:
3159
3160 2016-06-27  Anders Carlsson  <andersca@apple.com>
3161
3162         No error message when passing an invalid API version to ApplePaySession constructor
3163         https://bugs.webkit.org/show_bug.cgi?id=159154
3164
3165         Reviewed by Tim Horton.
3166
3167         Log an error message if the version is not supported. Also, check for version 0 since that is also not supported.
3168
3169         * Modules/applepay/ApplePaySession.cpp:
3170         (WebCore::ApplePaySession::create):
3171
3172 2016-06-27  Joanmarie Diggs  <jdiggs@igalia.com>
3173
3174         AX: Anonymous RenderMathMLOperators are not exposed to the accessibility tree
3175         https://bugs.webkit.org/show_bug.cgi?id=139582
3176         <rdar://problem/26938849>
3177
3178         Reviewed by Chris Fleizach.
3179
3180         This is based on a patch by Frederic Wang <fwang@igalia.com>.
3181
3182         WebCore assigns the generic MathElementRole AccessibilityRole to elements
3183         which are expected to be included in the accessibility tree. This assignment
3184         is based on the AccessibilityRenderObject's node being a MathMLElement. The
3185         anonymous RenderMathMLOperators fail that test.
3186
3187         From the perspective of accessibility support, these operators function
3188         like MathMLElements. Furthermore, both WebCore and the platforms rely
3189         upon MathElementRole to identify accessible MathML objects. The simplest
3190         fix is to have AccessibilityRenderObject::isMathElement() treat anonymous
3191         MathML operators as if they were MathMLElements.
3192
3193         Now that these operators are being exposed, we need to handle them in
3194         AccessibilityRenderObject::textUnderElement() which assumes that anonymous
3195         objects either have nodes or have children with nodes. And crashes when
3196         that fails to be the case. Making RenderMathMLOperator::textContent()
3197         public and then using it to get the text under anonymous operators solves
3198         this problem. We also assign StaticTextRole to these operators on the Mac
3199         because the default platform mapping of MathElementRole is GroupRole, which
3200         made sense when we had a child RenderText object holding the operator.
3201
3202         Lastly, AccessibilityRenderObject::isIgnoredElementWithinMathTree() no
3203         longer needs to special-case anonymous operators because they now have
3204         MathElementRole.
3205
3206         Tests: accessibility/math-fenced.html
3207                accessibility/math-foreign-content.html
3208
3209         * accessibility/AccessibilityObject.h:
3210         (WebCore::AccessibilityObject::isAnonymousMathOperator):
3211         * accessibility/AccessibilityRenderObject.cpp:
3212         (WebCore::AccessibilityRenderObject::textUnderElement):
3213         (WebCore::AccessibilityRenderObject::stringValue):
3214         (WebCore::AccessibilityRenderObject::isMathElement):
3215         (WebCore::AccessibilityRenderObject::isAnonymousMathOperator):
3216         (WebCore::AccessibilityRenderObject::isIgnoredElementWithinMathTree):
3217         * accessibility/AccessibilityRenderObject.h:
3218         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
3219         (-[WebAccessibilityObjectWrapper role]):
3220         * rendering/mathml/RenderMathMLMath.h:
3221         * rendering/mathml/RenderMathMLOperator.h:
3222         (WebCore::RenderMathMLOperator::textContent):
3223
3224 2016-06-27  Adam Bergkvist  <adam.bergkvist@ericsson.com>
3225
3226         WebRTC: Remove unused RTCOfferAnswerOptionsPrivate.h
3227         https://bugs.webkit.org/show_bug.cgi?id=159130
3228
3229         Reviewed by Eric Carlson.
3230
3231         Remove unused RTCOfferAnswerOptionsPrivate.h file.
3232
3233         * platform/mediastream/RTCOfferAnswerOptionsPrivate.h: Removed.
3234
3235 2016-06-27  Jer Noble  <jer.noble@apple.com>
3236
3237         Crash in layout test /media/video-buffered-range-contains-currentTime.html
3238         https://bugs.webkit.org/show_bug.cgi?id=159109
3239         <rdar://problem/26535750>
3240
3241         Reviewed by Alex Christensen.
3242
3243         Guard against a dealloc race condition by holding a retain on the session
3244         until the task's _resource:loadFinishedWithError: completes, including
3245         main thread callbacks.
3246         
3247         * platform/network/cocoa/WebCoreNSURLSession.mm:
3248         (-[WebCoreNSURLSessionDataTask _resource:loadFinishedWithError:]):
3249
3250 2016-06-27  Frederic Wang  <fwang@igalia.com>
3251
3252         Set an upper limit for the size or number of pieces of stretchy operators
3253         https://bugs.webkit.org/show_bug.cgi?id=155434
3254
3255         Reviewed by Brent Fulgham.
3256
3257         Stretchy MathML operators can currently use an arbitrary number of extension glyphs to cover
3258         a target size. This may result in hangs if large stretch sizes are requested. This change
3259         only allow at most the 128 first extensions to be painted by the MathOperator class, which
3260         should really be enough for mathematical formulas used in practice.
3261
3262         No new tests, already tested by very-large-stretchy-operators.
3263
3264         * rendering/mathml/MathOperator.cpp: Add a new kMaximumExtensionCount constant.
3265         (WebCore::MathOperator::fillWithVerticalExtensionGlyph): Limit the number of step in this loop to kMaximumExtensionCount.
3266         (WebCore::MathOperator::fillWithHorizontalExtensionGlyph): Ditto.
3267
3268 2016-06-27  Frederic Wang  <fred.wang@free.fr>
3269
3270         Small refactoring MathMLInlineContainerElement::createElementRenderer
3271         https://bugs.webkit.org/show_bug.cgi?id=159131
3272
3273         Reviewed by Brent Fulgham.
3274
3275         Many of the MathML renderer classes have been merged during the MathML refactoring. We
3276         simplify how instances are created in MathMLInlineContainerElement::createElementRenderer
3277         by removing duplicate createRenderer calls.
3278
3279         No new tests, behavior unchanged.
3280
3281         * mathml/MathMLInlineContainerElement.cpp:
3282         (WebCore::MathMLInlineContainerElement::createElementRenderer):
3283
3284 2016-06-27  Miguel Gomez  <magomez@igalia.com>
3285
3286         [GTK][EFL] Build with threaded compositor enabled is broken
3287         https://bugs.webkit.org/show_bug.cgi?id=159138
3288
3289         Reviewed by Carlos Garcia Campos.
3290
3291         No need to set the device scale. The compositor buffer is only used for the accelerated
3292         canvas scenario, and the device scale is always 1 there.
3293         This change was introduced in r202421.
3294
3295         Covered by existing tests.
3296
3297         * platform/graphics/cairo/ImageBufferCairo.cpp:
3298         (WebCore::ImageBufferData::createCompositorBuffer):
3299
3300 2016-06-27  Philippe Normand  <philn@igalia.com>
3301
3302         [GStreamer] top/bottom black bars added needlessly in fullscreen
3303         https://bugs.webkit.org/show_bug.cgi?id=158980
3304
3305         Reviewed by Carlos Garcia Campos.
3306
3307         The natural video size calculation depends on the validity of the
3308         current sample, so whenever the first sample reached the sink it's a
3309         good idea to reflect this on the player which will update its natural
3310         size accordingly.
3311
3312         Fixes an issue where black borders were added on top and bottom of
3313         fullscreen video.
3314
3315         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
3316         (WebCore::MediaPlayerPrivateGStreamerBase::triggerRepaint):
3317
3318 2016-06-27  Youenn Fablet  <youenn@apple.com>
3319
3320         Remove didFailRedirectCheck ThreadableLoaderClient callback
3321         https://bugs.webkit.org/show_bug.cgi?id=159085
3322
3323         Reviewed by Daniel Bates.
3324
3325         Removing didFailRedirectCheck and using didFailAccessControlCheck instead.
3326         The change in behavior is that additional error messages are outputted in the console.
3327         These messages give additional debugging information.
3328
3329         Covered by rebased tests.
3330
3331         * Modules/fetch/FetchLoader.cpp: Removing didFailRedirectCheck.
3332         * Modules/fetch/FetchLoader.h: Ditto.
3333         * inspector/InspectorNetworkAgent.cpp: Ditto.
3334         * loader/DocumentThreadableLoader.cpp:
3335         (WebCore::DocumentThreadableLoader::redirectReceived): Calling didFailAccessControlCheck with information on failing
3336         URL.
3337         (WebCore::DocumentThreadableLoader::loadRequest): Ditto.
3338         * loader/ThreadableLoaderClient.h: Removing didFailRedirectCheck.
3339         * loader/ThreadableLoaderClientWrapper.h: Ditto.
3340         * loader/WorkerThreadableLoader.cpp: Ditto.
3341         * loader/WorkerThreadableLoader.h: Ditto.
3342         * page/EventSource.cpp: Ditto.
3343         * page/EventSource.h: Ditto.
3344         * workers/WorkerScriptLoader.cpp: Ditto.
3345         * workers/WorkerScriptLoader.h: Ditto.
3346         * xml/XMLHttpRequest.cpp: Ditto.
3347         * xml/XMLHttpRequest.h: Ditto.
3348
3349 2016-06-26  Gyuyoung Kim  <gyuyoung.kim@webkit.org>
3350
3351         [EFL] Fix build warning when using geoclue2
3352         https://bugs.webkit.org/show_bug.cgi?id=159128
3353
3354         Reviewed by Antonio Gomes.
3355
3356         EFL port has handled build warning as error. So EFL port
3357         hasn't been built when we use geoclue2 library because a generated geoclue2 file
3358         has unused-parameter build warning. To fix it this patch set to ignore the build warning
3359         in the generated geoclue2 file.
3360
3361         * PlatformEfl.cmake:
3362
3363 2016-06-26  Chris Dumez  <cdumez@apple.com>
3364
3365         Regression: HTMLOptionsCollection's named properties have precedence over indexed properties
3366         https://bugs.webkit.org/show_bug.cgi?id=159058
3367         <rdar://problem/26988542>
3368
3369         Reviewed by Ryosuke Niwa.
3370
3371         HTMLOptionsCollection's named properties had precedence over indexed properties,
3372         which is wrong as per:
3373         http://heycam.github.io/webidl/#getownproperty-guts
3374
3375         The reason is that there was a named property getter defined on HTMLOptionsCollection
3376         but no indexed property getter. As a result, HTMLOptionsCollection would fall back to
3377         using HTMLCollection's indexed property getter but HTMLOptionsCollection's named getter
3378         would take precedence. This patch defines an indexed property getter on
3379         HTMLOptionsCollection to fix the problem.
3380
3381         Ideally, HTMLOptionsCollection would have no indexed / named property getters and would
3382         entirely rely on the ones from HTMLCollection. However, our bindings generator currently
3383         has trouble with this and requires HTMLOptionsCollection to have a named getter.
3384
3385         Test: fast/dom/HTMLSelectElement/options-indexed-getter-precedence.html
3386
3387         * html/HTMLOptionsCollection.idl:
3388
3389 2016-06-26  Chris Dumez  <cdumez@apple.com>
3390
3391         Regression(r202262): Infinite loop under searchForLinkRemovingExistingDDLinks()
3392         https://bugs.webkit.org/show_bug.cgi?id=159122
3393         <rdar://problem/27014649>
3394
3395         Reviewed by Ryosuke Niwa.
3396
3397         Infinite loop under searchForLinkRemovingExistingDDLinks() because the
3398         value returned by NodeTraversal::next() was ignored and the node iterator
3399         was never updated.
3400
3401         * editing/cocoa/DataDetection.mm:
3402         (WebCore::searchForLinkRemovingExistingDDLinks):
3403
3404 2016-06-25  Benjamin Poulain  <bpoulain@apple.com>
3405
3406         The active state of elements can break when focus changes
3407         https://bugs.webkit.org/show_bug.cgi?id=159112
3408
3409         Reviewed by Antti Koivisto.
3410
3411         The pseudo class :active was behaving weirdly when used
3412         with label elements with an associated form element.
3413         The form element would get the :active state on the first click
3414         then no longer get the state until the focus changes.
3415
3416         What was happenning is setFocusedElement() was clearing active
3417         for some unknown reason. When you really do that on an active element,
3418         you end up in an inconsistent state where no invalidation works.
3419
3420         The two tests illustrates 2 ways this breaks.
3421
3422         The test "pseudo-active-on-labeled-element-not-canceled-by-focus" clicks
3423         several time on a lable element. The first time, the input element gets
3424         the focus. The second time, it already has the focus, setFocusedElement()
3425         clears :active before finding the focusable element and end up clearing
3426         the active state on a target in the active chain.
3427
3428         The test "pseudo-active-with-programmatic-focus.html" shows how to invalidate
3429         arbitrary elements using JavaScript. This can cause severely broken active
3430         chains where invalidation never cleans some ancestors.
3431
3432         Tests: fast/css/pseudo-active-on-labeled-element-not-canceled-by-focus.html
3433                fast/css/pseudo-active-with-programmatic-focus.html
3434
3435         * dom/Document.cpp:
3436         (WebCore::Document::setFocusedElement): Deleted.
3437
3438         * page/EventHandler.cpp:
3439         (WebCore::EventHandler::handleMouseDoubleClickEvent):
3440         This is WebKit1 specific. The double click event was dispatching
3441         the mouseUp and Click with after doing an Active hit test.
3442         This causes us to have :active state in and after mouseUp in WebKit1.
3443
3444 2016-06-24  Jer Noble  <jer.noble@apple.com>
3445
3446         Consider exposing or hiding knowledge of a redirect from clients of WebCoreNSURLSession
3447         https://bugs.webkit.org/show_bug.cgi?id=156722
3448         <rdar://problem/25780035>
3449
3450         Reviewed by Alex Christensen.
3451
3452         Fixes tests: http/tests/security/contentSecurityPolicy/audio-redirect-allowed2.html
3453                      http/tests/security/contentSecurityPolicy/video-redirect-allowed2.html
3454
3455         When receieving a NSURLResponse containing a redirected URL, AVFoundadtion&n