Try (again) to fix debug builds after r199643.
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2016-04-17  Conrad Shultz  <conrad_shultz@apple.com>
2
3         Try (again) to fix debug builds after r199643.
4
5         Unreviewed.
6
7         * dom/ScriptExecutionContext.cpp:
8         Add another missing include.
9
10 2016-04-17  Conrad Shultz  <conrad_shultz@apple.com>
11
12         Try to fix debug builds after r199643.
13
14         Unreviewed.
15
16         * Modules/indexeddb/IDBObjectStore.cpp:
17         Add a missing include.
18
19 2016-04-17  Chris Dumez  <cdumez@apple.com>
20
21         [WK2][iOS] Do not dlopen() QuickLook in the NetworkProcess
22         https://bugs.webkit.org/show_bug.cgi?id=156639
23
24         Reviewed by Darin Adler.
25
26         Do not unnecessarily dlopen() QuickLook in the NetworkProcess on iOS, as
27         we already dlopen() this library in the WebContent process. This patch
28         moves the resource response MIME type adjusting code for QuickLook from
29         adjustMIMETypeIfNecessary() to a new adjustMIMETypeForQuickLook() function.
30         adjustMIMETypeIfNecessary() is called in didReceiveResponse() in the Network
31         process side, for *every* resource response, even though QuickLook can only
32         be used to preview main resources. The new adjustMIMETypeForQuickLook()
33         function is called in the QuickLookHandle::createIfNecessary() factory
34         function, right before checking the MIME type to determine if we need to
35         use QuickLook, and after checking that the load is for a main resource.
36         In the WebKit2 case, the factory function is called from
37         WebResourceLoader::didReceiveResponse(), on the WebContent process side.
38
39         This patch speeds up the first page load during PLT by ~22%, because the
40         first load no longer triggers a dlopen() to QuickLook in the NetworkProcess.
41         The overall PLT score seems to be progressed by 0.9-1% as well. The change
42         should also be memory-positive as we no longer need to dlopen() the
43         QuickLook library in the NetworkProcess at all (and we would already dlopen()
44         it on the WebContent process side anyway). Sadly, PLUM benchmark does not
45         show the memory benefit because it does not measure the memory used by the
46         Network process.
47
48         * platform/network/cf/SynchronousResourceHandleCFURLConnectionDelegate.cpp:
49         (WebCore::SynchronousResourceHandleCFURLConnectionDelegate::didReceiveResponse):
50         Refactor the code a bit for clarity, so that we only
51         ResourceHandle::setQuickLookHandle() when QuickLookHandle::createIfNecessary()
52         returns a non-null pointer.
53
54         * platform/network/ios/QuickLook.h:
55         - Rename the factories from create() to createIfNecessary() given that they
56           return nullptr when it is unnecessary to create such handle (i.e. this is not
57           a main resource loader, or it is unecessary given the response's MIME type.
58         - Make shouldCreateForMIMEType() private now that this is always called inside
59           the factory functions.
60
61         * platform/network/ios/QuickLook.mm:
62         (adjustMIMETypeForQuickLook):
63         Extracted code for adjusting the MIME type for QuickLook from the generic
64         adjustMIMETypeIfNecessary() in WebCoreURLResponseIOS.mm to its own function
65         here.
66
67         (WebCore::QuickLookHandle::createIfNecessary):
68         Call adjustMIMETypeForQuickLook() before checking the MIME type.
69
70         * platform/network/ios/WebCoreURLResponseIOS.mm:
71         (WebCore::adjustMIMETypeIfNecessary):
72         Extracted QuickLook-specific code to QuickLook.mm.
73
74         * platform/network/mac/WebCoreResourceHandleAsDelegate.mm:
75         (-[WebCoreResourceHandleAsDelegate connection:didReceiveResponse:]):
76         Refactor the code a bit for clarity, so that we only
77         ResourceHandle::setQuickLookHandle() when QuickLookHandle::createIfNecessary()
78         returns a non-null pointer.
79
80 2016-04-17  Brady Eidson  <beidson@apple.com>
81
82         Clean up IDBBindingUtilities.
83         https://bugs.webkit.org/show_bug.cgi?id=156472
84
85         Reviewed by Alex Christensen.
86
87         No new tests (No change in behavior).
88
89         - Get rid of a whole bunch of unused functions (since we got rid of Legacy IDB).
90         - Make more functions deal in ExecState/ScriptExecutionContexts instead of DOMRequestState.
91         - Make more functions deal in JSValue (as JSC::Strong<JSC::Unknown>) instead of Deprecated::ScriptValue.
92
93         * bindings/scripts/IDLAttributes.txt: Add a new attribute to signify that an implementation returns
94           JSValues instead of Deprecated::ScriptState
95         * bindings/scripts/CodeGeneratorJS.pm:
96         (NativeToJSValue): Use that new attribute.
97         
98         * Modules/indexeddb/IDBAny.cpp:
99         (WebCore::IDBAny::IDBAny):
100         (WebCore::IDBAny::scriptValue):
101         * Modules/indexeddb/IDBAny.h:
102         (WebCore::IDBAny::create):
103         
104         * Modules/indexeddb/IDBCursor.cpp:
105         (WebCore::IDBCursor::key):
106         (WebCore::IDBCursor::primaryKey):
107         (WebCore::IDBCursor::value):
108         (WebCore::IDBCursor::update):
109         (WebCore::IDBCursor::continueFunction):
110         (WebCore::IDBCursor::deleteFunction):
111         (WebCore::IDBCursor::setGetResult):
112         * Modules/indexeddb/IDBCursor.h:
113         * Modules/indexeddb/IDBCursor.idl:
114         * Modules/indexeddb/IDBCursorWithValue.idl:
115         
116         * Modules/indexeddb/IDBFactory.cpp:
117         (WebCore::IDBFactory::cmp):
118         
119         * Modules/indexeddb/IDBIndex.cpp:
120         (WebCore::IDBIndex::count):
121         (WebCore::IDBIndex::get):
122         (WebCore::IDBIndex::getKey):
123         
124         * Modules/indexeddb/IDBKeyRange.cpp:
125         (WebCore::IDBKeyRange::lowerValue):
126         (WebCore::IDBKeyRange::upperValue):
127         (WebCore::IDBKeyRange::only):
128         (WebCore::IDBKeyRange::lowerBound):
129         (WebCore::IDBKeyRange::upperBound):
130         (WebCore::IDBKeyRange::bound):
131         * Modules/indexeddb/IDBKeyRange.h:
132         * Modules/indexeddb/IDBKeyRange.idl:
133         
134         * Modules/indexeddb/IDBObjectStore.cpp:
135         (WebCore::IDBObjectStore::get):
136         (WebCore::IDBObjectStore::modernDelete):
137         (WebCore::IDBObjectStore::count):
138         
139         * Modules/indexeddb/IDBRequest.cpp:
140         (WebCore::IDBRequest::setResult):
141         (WebCore::IDBRequest::setResultToStructuredClone):
142         
143         * Modules/indexeddb/server/MemoryObjectStore.cpp:
144         (WebCore::IDBServer::MemoryObjectStore::updateIndexesForPutRecord):
145         (WebCore::IDBServer::MemoryObjectStore::populateIndexWithExistingRecords):
146         
147         * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
148         (WebCore::IDBServer::SQLiteIDBBackingStore::updateOneIndexForAddRecord):
149         (WebCore::IDBServer::SQLiteIDBBackingStore::updateAllIndexesForAddRecord):
150         
151         * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
152         (WebCore::IDBServer::UniqueIDBDatabase::performPutOrAdd):
153         
154         * bindings/js/IDBBindingUtilities.cpp:
155         (WebCore::idbKeyPathFromValue):
156         (WebCore::internalCreateIDBKeyFromScriptValueAndKeyPath):
157         (WebCore::injectIDBKeyIntoScriptValue):
158         (WebCore::maybeCreateIDBKeyFromScriptValueAndKeyPath):
159         (WebCore::canInjectIDBKeyIntoScriptValue):
160         (WebCore::deserializeIDBValueToJSValue):
161         (WebCore::deserializeIDBValueDataToJSValue):
162         (WebCore::scriptValueToIDBKey):
163         (WebCore::idbKeyDataToScriptValue):
164         (WebCore::idbKeyDataToJSValue): Deleted.
165         (WebCore::createIDBKeyFromScriptValueAndKeyPath): Deleted.
166         (WebCore::deserializeIDBValue): Deleted.
167         (WebCore::deserializeIDBValueData): Deleted.
168         (WebCore::deserializeIDBValueBuffer): Deleted.
169         (WebCore::idbValueDataToJSValue): Deleted.
170         (WebCore::idbKeyToScriptValue): Deleted.
171         * bindings/js/IDBBindingUtilities.h:
172
173         * bindings/js/JSIDBAnyCustom.cpp:
174         (WebCore::toJS):
175
176         * bindings/js/JSIDBDatabaseCustom.cpp:
177         (WebCore::JSIDBDatabase::createObjectStore):
178
179         * bindings/js/JSIDBObjectStoreCustom.cpp:
180         (WebCore::JSIDBObjectStore::createIndex):
181
182         * dom/ScriptExecutionContext.cpp:
183         (WebCore::ScriptExecutionContext::execState):
184         * dom/ScriptExecutionContext.h:
185
186         * inspector/InspectorIndexedDBAgent.cpp:
187
188 2016-04-17  Darin Adler  <darin@apple.com>
189
190         Remove more uses of Deprecated::ScriptXXX
191         https://bugs.webkit.org/show_bug.cgi?id=156660
192
193         Reviewed by Antti Koivisto.
194
195         * Modules/mediacontrols/MediaControlsHost.h: Removed unneeded include.
196
197         * Modules/plugins/PluginReplacement.h: Removed unneeded include.
198         Changed argument to installReplacement into a reference. Changed return
199         value for creation function from PassRefPtr to Ref.
200
201         * Modules/plugins/QuickTimePluginReplacement.h: Removed unneeded includes and
202         forward declarations. Marked class final. Made almost everything private.
203
204         * Modules/plugins/QuickTimePluginReplacement.mm:
205         (WebCore::QuickTimePluginReplacement::create): Changed to return Ref.
206         (WebCore::QuickTimePluginReplacement::installReplacement): Changed to take
207         a reference.
208
209         * Modules/plugins/YouTubePluginReplacement.cpp:
210         (WebCore::YouTubePluginReplacement::create): Changed to return Ref.
211         (WebCore::YouTubePluginReplacement::installReplacement): Changed to take
212         a reference.
213
214         * Modules/plugins/YouTubePluginReplacement.h: Removed unneeded includes and
215         forward declarations. Marked class final. Changed return type of create.
216
217         * Modules/websockets/WebSocket.cpp:
218         (WebCore::WebSocket::didReceiveBinaryData): Removed local variable so the
219         MessageEvent::create function gets a Ref&& instead of a RefPtr without having
220         to add explicit WTFMove.
221
222         * bindings/js/DOMRequestState.h: Removed code that set m_exec twice.
223
224         * bindings/js/Dictionary.h: Reformatted function templates to use a single
225         line so they are easier to look at.
226         (WebCore::Dictionary::getEventListener): Rewrote this so it no longer uses
227         a Deprecated::ScriptValue and also make it a little more compact and terse.
228
229         * bindings/js/JSCommandLineAPIHostCustom.cpp:
230         (WebCore::JSCommandLineAPIHost::inspect): Rewrote to use JSValue instead of
231         Deprecated::ScriptValue. Considerably more efficient.
232
233         * bindings/js/JSMessageEventCustom.cpp:
234         (WebCore::JSMessageEvent::data): Streamlined to use Deprecated::ScriptValue
235         a little bit less.
236
237         * bindings/js/JSNodeCustom.cpp: Moved include here from header.
238         * bindings/js/JSNodeCustom.h: Moved include from here to cpp file.
239
240         * bindings/js/JSPopStateEventCustom.cpp:
241         (WebCore::JSPopStateEvent::state): Updated for changes to return value of the
242         state() and serializedState functions.
243
244         * bindings/js/ScriptState.h: Removed the ScriptState typedef.
245
246         * bindings/js/SerializedScriptValue.cpp: Moved include here from header.
247         * bindings/js/SerializedScriptValue.h: Moved include from here to cpp file.
248
249         * css/FontFace.cpp:
250         (WebCore::FontFace::create): Changed argument to JSValue instead of ScriptValue.
251         * css/FontFace.h: Ditto.
252
253         * dom/MessageEvent.cpp: Moved create functions in here from header file.
254         Removed some unused ones including one that took a Deprecated::ScriptValue.
255         * dom/MessageEvent.h: Streamlined create functions, removing unused functions,
256         unused arguments, and unused default values for arguments. Also moved them all
257         into the cpp file instead of inlining them. Also changed the return type of
258         dataAsScriptValue to JSValue.
259
260         * dom/NodeFilterCondition.h: Removed unneeded include. Tweaked formatting.
261
262         * dom/PopStateEvent.h: Changed return value of state to be a JSValue and of
263         serializedState to be a raw pointer, not a PassRefPtr.
264
265         * dom/Traversal.h: Removed unneeded include. Removed unnecessary use of
266         unsigned long instead of unsigned. Fixed indentation.
267
268         * html/HTMLPlugInElement.cpp:
269         (WebCore::HTMLPlugInElement::didAddUserAgentShadowRoot): Pass reference.
270
271         * inspector/InspectorDOMAgent.cpp:
272         (WebCore::InspectorDOMAgent::buildObjectForEventListener): Pass JSValue instead
273         of constructing a Deprecated::ScriptValue.
274
275         * inspector/InspectorFrontendHost.cpp:
276         (WebCore::FrontendMenuProvider::disconnect): Initialize without explicitly
277         mentioning the Deprecated::ScriptObject type.
278
279         * inspector/InspectorIndexedDBAgent.cpp: Removed unneeded include.
280
281         * inspector/InspectorInstrumentation.h: Removed unneeded include and also
282         declaration of two non-existent functions.
283
284         * page/DOMWindow.cpp:
285         (WebCore::PostMessageTimer::PostMessageTimer): Tweaked types a little bit to
286         match what is used in MessageEvent now.
287         (WebCore::PostMessageTimer::event): Streamlined a bit and changed type to
288         reference.
289         (WebCore::DOMWindow::postMessage): Updated for changes above.
290         (WebCore::DOMWindow::postMessageTimerFired): Ditto.
291
292         * page/EventSource.cpp:
293         (WebCore::EventSource::createMessageEvent): Removed now-unneeded
294         "false, false" from MessageEvent::create function call.
295
296         * page/csp/ContentSecurityPolicy.h: Removed unneeded include.
297
298         * page/csp/ContentSecurityPolicyDirectiveList.h: Removed unneeded
299         include and also unneeded non-copyable, since the class has a reference as
300         a data member and so is automatically non-copyable.
301
302         * testing/Internals.cpp:
303         (WebCore::Internals::description): Changed to take JSValue.
304         (WebCore::Internals::parserMetaData): Ditto.
305         (WebCore::Internals::serializeObject): Removed unnecessary copying of vector.
306         (WebCore::Internals::isFromCurrentWorld): Changed to take JSValue.
307         (WebCore::Internals::isReadableStreamDisturbed): Changed to not rely on the
308         ScriptState typedef and call it JSC::ExecState.
309
310         * testing/Internals.h: Removed unneeded includes. Removed unneeded and
311         inappropriate use of ASSERT_NO_EXCEPTION.
312
313 2016-04-17  Youenn Fablet  <youenn.fablet@crf.canon.fr>
314
315         [Fetch API] Consume HTTP data as a ReadableStream
316         https://bugs.webkit.org/show_bug.cgi?id=138968
317
318         Reviewed by Alex Christensen.
319
320         This patch introduces ReadableStreamSource and ReadableStreamController which allow feeding a ReadableStream from DOM classes.
321         ReadableStreamSource is a base class for all DOM ReadableStream sources.
322         ReadableStreamController is a wrapper around JSReadableStreamController that can be invoked by DOM code to enqueue/close/error a ReadableStream.
323         A createReadableStream function is introduced to allow DOM classes creating ReadableStream.
324
325         Added support for a FetchResponse ReadableStream source.
326         Both synthetic FetchResponse and loading FetchResponse are supported.
327         A new "Stream" FetchLoader::Type is introduced to allow receiving data as chunks and feeding them to a ReadableStream through ReadableStreamSource.
328
329         Currently, FetchResponse is consumed and marked as disturbed as soon as a ReadableStreamSource is created.
330         This should be changed so that consumption happens on the first read call to the ReadableStreamReader, i.e. when stream gets disturbed.
331
332         FetchResponseSource never fulfills the start promise, which allows to enqueue, error or close the stream at any time.
333         FetchResponseSource must therefore always ensure to close or error the stream.
334         Added support for locked check in FetchResponse.
335
336         Tests: imported/w3c/web-platform-tests/fetch/api/response/response-cancel-stream.html
337                imported/w3c/web-platform-tests/fetch/api/response/response-consume-stream.html
338                imported/w3c/web-platform-tests/fetch/api/response/response-stream-disturbed-1.html
339                imported/w3c/web-platform-tests/fetch/api/response/response-stream-disturbed-2.html
340                imported/w3c/web-platform-tests/fetch/api/response/response-stream-disturbed-3.html
341                imported/w3c/web-platform-tests/fetch/api/response/response-stream-disturbed-4.html
342                imported/w3c/web-platform-tests/fetch/api/response/response-stream-disturbed-5.html
343         Also covered by rebased tests.
344
345         * CMakeLists.txt:
346         * DerivedSources.make:
347         * Modules/fetch/FetchBody.cpp:
348         (WebCore::FetchBody::consumeAsStream): Fill stream with body data.
349         * Modules/fetch/FetchBody.h:
350         (WebCore::FetchBody::type): Added accessor to body type, used for assertions.
351         * Modules/fetch/FetchBodyOwner.cpp:
352         (WebCore::FetchBodyOwner::isDisturbed): Adding stream isLocked check.
353         (WebCore::FetchBodyOwner::blobLoadingSucceeded): Added assertion that body type is blob. Closing stream if created.
354         (WebCore::FetchBodyOwner::blobLoadingFailed): Erroring the stream if created and not cancelled.
355         (WebCore::FetchBodyOwner::blobChunk): Filling stream with chunk.
356         (WebCore::FetchBodyOwner::stop): Rmoved call to finishBlobLoading as it should be called as part of FetchLoaderCLient::didFail callbacki.
357         * Modules/fetch/FetchBodyOwner.h:
358         * Modules/fetch/FetchLoader.cpp: Fixing the case of cancel being called when creating the ThreadableLoader by introducing FetchLoader::m_isStarted.
359         (WebCore::FetchLoader::start): Setting m_isStarted at the end of the start method.
360         (WebCore::FetchLoader::stop): Fixing the case that FetchLoader can be destroyed when cancelling its loader.
361         (WebCore::FetchLoader::startStreaming): Introduced to switch the loading type from ArayBuffer to Stream. Already buffered data is returned.
362         (WebCore::FetchLoader::didReceiveData): Handling of the new Stream type.
363         (WebCore::FetchLoader::didFinishLoading):
364         * Modules/fetch/FetchLoader.h:
365         * Modules/fetch/FetchLoaderClient.h:
366         (WebCore::FetchLoaderClient::didReceiveData): Callback to get data as chunks if loader is of type Stream.
367         * Modules/fetch/FetchResponse.cpp:
368         (WebCore::FetchResponse::clone): Removed m_isLocked as it is handled within isDisturbed().
369         (WebCore::FetchResponse::isDisturbed): Checking whether related ReadableStream is locked.
370         (WebCore::FetchResponse::BodyLoader::didSucceed): Introduced to handle ReadableStream case.
371         (WebCore::FetchResponse::BodyLoader::didFail): Ditto.
372         (WebCore::FetchResponse::BodyLoader::didReceiveData): Ditto.
373         (WebCore::FetchResponse::BodyLoader::startStreaming): Ditto.
374         (WebCore::FetchResponse::consumeBodyAsStream): Start filling the ReadableStream with data. Changing loader to Stream if there is one.
375         (WebCore::FetchResponse::createReadableStreamSource): Called by custom binding to create the source.
376         (WebCore::FetchResponse::stop): Fixing potential crash in case of cancelling the ibody stream.
377         (WebCore::FetchResponse::startFetching):
378         (WebCore::FetchResponse::BodyLoader::didFinishLoadingAsArrayBuffer):
379         * Modules/fetch/FetchResponse.h:
380         * Modules/fetch/FetchResponse.idl:
381         * Modules/fetch/FetchResponseSource.cpp: Specialization of ReadableStreamSource for FetchResponse. It is a push source that never resolves the start promise.
382         (WebCore::FetchResponseSource::FetchResponseSource):
383         (WebCore::FetchResponseSource::isReadableStreamLocked):
384         (WebCore::FetchResponseSource::setActive):
385         (WebCore::FetchResponseSource::setInactive):
386         (WebCore::FetchResponseSource::doStart):
387         (WebCore::FetchResponseSource::doCancel):
388         (WebCore::FetchResponseSource::close):
389         (WebCore::FetchResponseSource::error):
390         * Modules/fetch/FetchResponseSource.h: Added.
391         * Modules/streams/ReadableStreamController.js:
392         (error):
393         * Modules/streams/ReadableStreamSource.h: Added (base class for ReadableStream DOM sources).
394         (WebCore::ReadableStreamSource::~ReadableStreamSource):
395         (WebCore::ReadableStreamSource::isStarting):
396         (WebCore::ReadableStreamSource::isPulling):
397         (WebCore::ReadableStreamSource::isCancelling):
398         (WebCore::ReadableStreamSource::controller):
399         (WebCore::ReadableStreamSource::doStart):
400         (WebCore::ReadableStreamSource::doCancel):
401         (WebCore::ReadableStreamSource::start):
402         (WebCore::ReadableStreamSource::cancel):
403         (WebCore::ReadableStreamSource::startFinished):
404         (WebCore::ReadableStreamSource::clean):
405         * Modules/streams/ReadableStreamSource.idl: Added.
406         * WebCore.xcodeproj/project.pbxproj:
407         * bindings/js/JSDOMGlobalObject.h:
408         * bindings/js/JSFetchResponseCustom.cpp: In case body is not created, call createReadableStreamSource.
409         (WebCore::JSFetchResponse::body):
410         * bindings/js/JSReadableStreamSourceCustom.cpp: Added.
411         (WebCore::JSReadableStreamSource::start):
412         (WebCore::JSReadableStreamSource::pull):
413         (WebCore::JSReadableStreamSource::controller):
414         * bindings/js/ReadableStreamController.cpp: Added.
415         (WebCore::callFunction):
416         (WebCore::ReadableStreamController::invoke):
417         (WebCore::ReadableStreamController::isControlledReadableStreamLocked):
418         (WebCore::createReadableStream):
419         * bindings/js/ReadableStreamController.h: The DOM wrapper for JSReadableStreamController.
420         (WebCore::ReadableStreamController::ReadableStreamController):
421         (WebCore::ReadableStreamController::close):
422         (WebCore::ReadableStreamController::error):
423         (WebCore::ReadableStreamController::enqueue):
424         (WebCore::ReadableStreamController::globalObject):
425         (WebCore::ReadableStreamController::enqueue<RefPtr<JSC::ArrayBuffer>>):
426         (WebCore::ReadableStreamController::error<String>):
427
428 2016-04-16  Antti Koivisto  <antti@apple.com>
429
430         Element should be const in StyleResolver
431         https://bugs.webkit.org/show_bug.cgi?id=156672
432
433         Reviewed by Darin Adler.
434
435         Resolving element style shouldn't mutate it.
436
437         This patch just does Element* -> const Element*, all the groundwork has been done already.
438
439         * css/StyleResolver.cpp:
440         (WebCore::StyleResolver::sweepMatchedPropertiesCache):
441         (WebCore::StyleResolver::State::State):
442         (WebCore::StyleResolver::State::setStyle):
443         (WebCore::isAtShadowBoundary):
444         (WebCore::StyleResolver::styleForElement):
445         (WebCore::doesNotInheritTextDecoration):
446         (WebCore::StyleResolver::adjustStyleForInterCharacterRuby):
447         (WebCore::StyleResolver::adjustRenderStyle):
448         (WebCore::StyleResolver::checkRegionStyle):
449         (WebCore::StyleResolver::updateFont):
450         (WebCore::StyleResolver::styleRulesForElement):
451         (WebCore::StyleResolver::pseudoStyleRulesForElement):
452         (WebCore::StyleResolver::applyMatchedProperties):
453         * css/StyleResolver.h:
454         (WebCore::StyleResolver::style):
455         (WebCore::StyleResolver::parentStyle):
456         (WebCore::StyleResolver::rootElementStyle):
457         (WebCore::StyleResolver::element):
458         (WebCore::StyleResolver::document):
459         (WebCore::StyleResolver::documentSettings):
460         (WebCore::StyleResolver::usesFirstLineRules):
461         (WebCore::StyleResolver::usesFirstLetterRules):
462         (WebCore::StyleResolver::State::State):
463         (WebCore::StyleResolver::State::document):
464         (WebCore::StyleResolver::State::element):
465         (WebCore::StyleResolver::State::style):
466         (WebCore::StyleResolver::hasSelectorForId):
467         (WebCore::checkRegionSelector):
468         * rendering/RenderTheme.cpp:
469         (WebCore::RenderTheme::RenderTheme):
470         (WebCore::RenderTheme::adjustStyle):
471         (WebCore::RenderTheme::adjustCheckboxStyle):
472         (WebCore::RenderTheme::adjustRadioStyle):
473         (WebCore::RenderTheme::adjustButtonStyle):
474         (WebCore::RenderTheme::adjustInnerSpinButtonStyle):
475         (WebCore::RenderTheme::adjustTextFieldStyle):
476         (WebCore::RenderTheme::adjustTextAreaStyle):
477         (WebCore::RenderTheme::adjustMenuListStyle):
478         (WebCore::RenderTheme::adjustMeterStyle):
479         (WebCore::RenderTheme::paintMeter):
480         (WebCore::RenderTheme::adjustCapsLockIndicatorStyle):
481         (WebCore::RenderTheme::paintCapsLockIndicator):
482         (WebCore::RenderTheme::adjustAttachmentStyle):
483         (WebCore::RenderTheme::animationDurationForProgressBar):
484         (WebCore::RenderTheme::adjustProgressBarStyle):
485         (WebCore::RenderTheme::shouldHaveCapsLockIndicator):
486         (WebCore::RenderTheme::adjustMenuListButtonStyle):
487         (WebCore::RenderTheme::adjustMediaControlStyle):
488         (WebCore::RenderTheme::adjustSliderTrackStyle):
489         (WebCore::RenderTheme::adjustSliderThumbStyle):
490         (WebCore::RenderTheme::adjustSliderThumbSize):
491         (WebCore::RenderTheme::adjustSearchFieldStyle):
492         (WebCore::RenderTheme::adjustSearchFieldCancelButtonStyle):
493         (WebCore::RenderTheme::adjustSearchFieldDecorationPartStyle):
494         (WebCore::RenderTheme::adjustSearchFieldResultsDecorationPartStyle):
495         (WebCore::RenderTheme::adjustSearchFieldResultsButtonStyle):
496         * rendering/RenderTheme.h:
497         (WebCore::RenderTheme::minimumMenuListSize):
498         (WebCore::RenderTheme::popupInternalPaddingBox):
499         (WebCore::RenderTheme::popupOptionSupportsTextIndent):
500         (WebCore::RenderTheme::paintRadioDecorations):
501         (WebCore::RenderTheme::paintButtonDecorations):
502         (WebCore::RenderTheme::paintTextField):
503         (WebCore::RenderTheme::paintTextFieldDecorations):
504         (WebCore::RenderTheme::paintTextArea):
505         (WebCore::RenderTheme::paintTextAreaDecorations):
506         (WebCore::RenderTheme::paintMenuList):
507         (WebCore::RenderTheme::paintMenuListDecorations):
508         (WebCore::RenderTheme::paintMenuListButtonDecorations):
509         (WebCore::RenderTheme::paintPushButtonDecorations):
510         (WebCore::RenderTheme::paintSquareButtonDecorations):
511         (WebCore::RenderTheme::paintProgressBar):
512         (WebCore::RenderTheme::paintSliderTrack):
513         (WebCore::RenderTheme::paintSliderThumb):
514         (WebCore::RenderTheme::paintSliderThumbDecorations):
515         (WebCore::RenderTheme::paintSearchField):
516         (WebCore::RenderTheme::paintSearchFieldDecorations):
517         (WebCore::RenderTheme::paintSearchFieldCancelButton):
518         (WebCore::RenderTheme::paintSearchFieldDecorationPart):
519         (WebCore::RenderTheme::paintSearchFieldResultsDecorationPart):
520         (WebCore::RenderTheme::paintSearchFieldResultsButton):
521         (WebCore::RenderTheme::paintMediaFullscreenButton):
522         (WebCore::RenderTheme::paintMediaPlayButton):
523         (WebCore::RenderTheme::paintMediaOverlayPlayButton):
524         * rendering/RenderThemeEfl.cpp:
525         (WebCore::RenderThemeEfl::paintSliderTrack):
526         (WebCore::RenderThemeEfl::adjustSliderTrackStyle):
527         (WebCore::RenderThemeEfl::adjustSliderThumbStyle):
528         (WebCore::RenderThemeEfl::adjustSliderThumbSize):
529         (WebCore::RenderThemeEfl::paintSliderThumb):
530         (WebCore::RenderThemeEfl::adjustCheckboxStyle):
531         (WebCore::RenderThemeEfl::paintCheckbox):
532         (WebCore::RenderThemeEfl::adjustRadioStyle):
533         (WebCore::RenderThemeEfl::paintRadio):
534         (WebCore::RenderThemeEfl::adjustButtonStyle):
535         (WebCore::RenderThemeEfl::paintButton):
536         (WebCore::RenderThemeEfl::adjustMenuListStyle):
537         (WebCore::RenderThemeEfl::paintMenuList):
538         (WebCore::RenderThemeEfl::adjustMenuListButtonStyle):
539         (WebCore::RenderThemeEfl::paintMenuListButtonDecorations):
540         (WebCore::RenderThemeEfl::adjustTextFieldStyle):
541         (WebCore::RenderThemeEfl::paintTextField):
542         (WebCore::RenderThemeEfl::adjustTextAreaStyle):
543         (WebCore::RenderThemeEfl::paintTextArea):
544         (WebCore::RenderThemeEfl::adjustSearchFieldResultsButtonStyle):
545         (WebCore::RenderThemeEfl::paintSearchFieldResultsButton):
546         (WebCore::RenderThemeEfl::adjustSearchFieldResultsDecorationPartStyle):
547         (WebCore::RenderThemeEfl::paintSearchFieldResultsDecorationPart):
548         (WebCore::RenderThemeEfl::adjustSearchFieldCancelButtonStyle):
549         (WebCore::RenderThemeEfl::paintSearchFieldCancelButton):
550         (WebCore::RenderThemeEfl::adjustSearchFieldStyle):
551         (WebCore::RenderThemeEfl::paintSearchField):
552         (WebCore::RenderThemeEfl::adjustInnerSpinButtonStyle):
553         (WebCore::RenderThemeEfl::updateCachedSystemFontDescription):
554         (WebCore::RenderThemeEfl::adjustProgressBarStyle):
555         * rendering/RenderThemeEfl.h:
556         * rendering/RenderThemeGtk.cpp:
557         (WebCore::RenderThemeGtk::adjustRepaintRect):
558         (WebCore::RenderThemeGtk::adjustButtonStyle):
559         (WebCore::RenderThemeGtk::paintButton):
560         (WebCore::RenderThemeGtk::adjustMenuListStyle):
561         (WebCore::RenderThemeGtk::adjustMenuListButtonStyle):
562         (WebCore::RenderThemeGtk::paintMenuListButtonDecorations):
563         (WebCore::RenderThemeGtk::adjustTextFieldStyle):
564         (WebCore::RenderThemeGtk::paintTextField):
565         (WebCore::RenderThemeGtk::paintTextArea):
566         (WebCore::RenderThemeGtk::adjustSearchFieldResultsButtonStyle):
567         (WebCore::RenderThemeGtk::paintSearchFieldResultsButton):
568         (WebCore::RenderThemeGtk::adjustSearchFieldResultsDecorationPartStyle):
569         (WebCore::RenderThemeGtk::adjustSearchFieldCancelButtonStyle):
570         (WebCore::RenderThemeGtk::paintSearchFieldCancelButton):
571         (WebCore::RenderThemeGtk::adjustSearchFieldStyle):
572         (WebCore::RenderThemeGtk::shouldHaveCapsLockIndicator):
573         (WebCore::RenderThemeGtk::adjustSliderTrackStyle):
574         (WebCore::RenderThemeGtk::adjustSliderThumbStyle):
575         (WebCore::RenderThemeGtk::paintSliderTrack):
576         (WebCore::RenderThemeGtk::adjustSliderThumbSize):
577         (WebCore::RenderThemeGtk::innerSpinButtonLayout):
578         (WebCore::RenderThemeGtk::adjustInnerSpinButtonStyle):
579         (WebCore::spinButtonArrowSize):
580         (WebCore::RenderThemeGtk::paintMediaCurrentTime):
581         (WebCore::RenderThemeGtk::adjustProgressBarStyle):
582         * rendering/RenderThemeGtk.h:
583         * rendering/RenderThemeIOS.h:
584         * rendering/RenderThemeIOS.mm:
585         (WebCore::RenderThemeIOS::addRoundedBorderClip):
586         (WebCore::RenderThemeIOS::adjustCheckboxStyle):
587         (WebCore::RenderThemeIOS::isControlStyled):
588         (WebCore::RenderThemeIOS::adjustRadioStyle):
589         (WebCore::adjustInputElementButtonStyle):
590         (WebCore::RenderThemeIOS::adjustMenuListButtonStyle):
591         (WebCore::RenderThemeIOS::adjustSliderTrackStyle):
592         (WebCore::RenderThemeIOS::paintSliderTrack):
593         (WebCore::RenderThemeIOS::adjustSliderThumbSize):
594         (WebCore::RenderThemeIOS::sliderTickOffsetFromTrackCenter):
595         (WebCore::RenderThemeIOS::adjustSearchFieldStyle):
596         (WebCore::RenderThemeIOS::paintSearchFieldDecorations):
597         (WebCore::RenderThemeIOS::adjustButtonStyle):
598         * rendering/RenderThemeMac.h:
599         * rendering/RenderThemeMac.mm:
600         (WebCore::RenderThemeMac::paintTextField):
601         (WebCore::RenderThemeMac::adjustTextFieldStyle):
602         (WebCore::RenderThemeMac::paintTextArea):
603         (WebCore::RenderThemeMac::adjustTextAreaStyle):
604         (WebCore::RenderThemeMac::animationDurationForProgressBar):
605         (WebCore::RenderThemeMac::adjustProgressBarStyle):
606         (WebCore::menuListButtonSizes):
607         (WebCore::RenderThemeMac::adjustMenuListStyle):
608         (WebCore::RenderThemeMac::popupMenuSize):
609         (WebCore::RenderThemeMac::adjustMenuListButtonStyle):
610         (WebCore::RenderThemeMac::adjustSliderTrackStyle):
611         (WebCore::RenderThemeMac::paintSliderTrack):
612         (WebCore::RenderThemeMac::adjustSliderThumbStyle):
613         (WebCore::RenderThemeMac::setSearchFieldSize):
614         (WebCore::RenderThemeMac::adjustSearchFieldStyle):
615         (WebCore::RenderThemeMac::cancelButtonSizes):
616         (WebCore::RenderThemeMac::adjustSearchFieldCancelButtonStyle):
617         (WebCore::RenderThemeMac::resultsButtonSizes):
618         (WebCore::RenderThemeMac::adjustSearchFieldDecorationPartStyle):
619         (WebCore::RenderThemeMac::paintSearchFieldDecorationPart):
620         (WebCore::RenderThemeMac::adjustSearchFieldResultsDecorationPartStyle):
621         (WebCore::RenderThemeMac::paintSearchFieldResultsDecorationPart):
622         (WebCore::RenderThemeMac::adjustSearchFieldResultsButtonStyle):
623         (WebCore::RenderThemeMac::adjustSliderThumbSize):
624         * rendering/RenderThemeWin.cpp:
625         (WebCore::RenderThemeWin::paintButton):
626         (WebCore::RenderThemeWin::adjustInnerSpinButtonStyle):
627         (WebCore::RenderThemeWin::paintMenuList):
628         (WebCore::RenderThemeWin::adjustMenuListStyle):
629         (WebCore::RenderThemeWin::adjustMenuListButtonStyle):
630         (WebCore::RenderThemeWin::adjustSliderThumbSize):
631         (WebCore::RenderThemeWin::paintSearchField):
632         (WebCore::RenderThemeWin::adjustSearchFieldStyle):
633         (WebCore::RenderThemeWin::paintSearchFieldCancelButton):
634         (WebCore::RenderThemeWin::adjustSearchFieldCancelButtonStyle):
635         (WebCore::RenderThemeWin::adjustSearchFieldDecorationPartStyle):
636         (WebCore::RenderThemeWin::adjustSearchFieldResultsDecorationPartStyle):
637         (WebCore::RenderThemeWin::paintSearchFieldResultsDecorationPart):
638         (WebCore::RenderThemeWin::adjustSearchFieldResultsButtonStyle):
639         (WebCore::RenderThemeWin::adjustMeterStyle):
640         * rendering/RenderThemeWin.h:
641
642 2016-04-16  Antti Koivisto  <antti@apple.com>
643
644         CSSCursorImageValue shouldn't mutate element during style resolution
645         https://bugs.webkit.org/show_bug.cgi?id=156659
646
647         Reviewed by Darin Adler.
648
649         CSSCursorImageValue::updateIfSVGCursorIsUsed may mutate the argument element.
650
651         This patch removes the code that caches cursor element and image to SVGElement rare data.
652         The whole things is basically unused. CSSCursorImageValue now maintains a weak map to
653         SVGCursorElements directly instead of indirectly via the using SVGElements.
654
655         * css/CSSCursorImageValue.cpp:
656         (WebCore::CSSCursorImageValue::CSSCursorImageValue):
657         (WebCore::CSSCursorImageValue::~CSSCursorImageValue):
658         (WebCore::CSSCursorImageValue::customCSSText):
659         (WebCore::CSSCursorImageValue::updateCursorElement):
660
661             We no longer rely on SVGElement rare data so no need to test for SVGElement.
662
663         (WebCore::CSSCursorImageValue::cursorElementRemoved):
664         (WebCore::CSSCursorImageValue::cursorElementChanged):
665
666             Factor to a function.
667
668         (WebCore::CSSCursorImageValue::cachedImage):
669         (WebCore::CSSCursorImageValue::clearCachedImage):
670         (WebCore::CSSCursorImageValue::equals):
671         (WebCore::CSSCursorImageValue::removeReferencedElement): Deleted.
672
673             Don't track client elements anymore. Just track referenced SVGCursorElements.
674
675         * css/CSSCursorImageValue.h:
676         * css/StyleBuilderCustom.h:
677         (WebCore::StyleBuilderCustom::applyValueCursor):
678
679             No need to make style unique. Initialization is now done in updateSVGCursorElement.
680
681         * svg/SVGCursorElement.cpp:
682         (WebCore::SVGCursorElement::~SVGCursorElement):
683         (WebCore::SVGCursorElement::isSupportedAttribute):
684         (WebCore::SVGCursorElement::parseAttribute):
685         (WebCore::SVGCursorElement::addClient):
686         (WebCore::SVGCursorElement::removeClient):
687
688             Client is now an CSSCursorImageValue rather than SVGElement.
689
690         (WebCore::SVGCursorElement::svgAttributeChanged):
691
692             Instead of invalidating element style just invalidate the CSSCursorImageValue directly.
693
694         (WebCore::SVGCursorElement::addSubresourceAttributeURLs):
695         (WebCore::SVGCursorElement::removeReferencedElement): Deleted.
696         * svg/SVGCursorElement.h:
697         * svg/SVGElement.cpp:
698         (WebCore::SVGElement::~SVGElement):
699         (WebCore::SVGElement::getBoundingBox):
700         (WebCore::SVGElement::correspondingElement):
701         (WebCore::SVGElement::setCursorElement): Deleted.
702         (WebCore::SVGElement::cursorElementRemoved): Deleted.
703         (WebCore::SVGElement::setCursorImageValue): Deleted.
704         (WebCore::SVGElement::cursorImageValueRemoved): Deleted.
705
706             SVGElements no longer need to know about their cursors.
707
708         * svg/SVGElement.h:
709         * svg/SVGElementRareData.h:
710         (WebCore::SVGElementRareData::instanceUpdatesBlocked):
711         (WebCore::SVGElementRareData::setInstanceUpdatesBlocked):
712         (WebCore::SVGElementRareData::correspondingElement):
713         (WebCore::SVGElementRareData::setCorrespondingElement):
714         (WebCore::SVGElementRareData::animatedSMILStyleProperties):
715         (WebCore::SVGElementRareData::ensureAnimatedSMILStyleProperties):
716         (WebCore::SVGElementRareData::cursorElement): Deleted.
717         (WebCore::SVGElementRareData::setCursorElement): Deleted.
718         (WebCore::SVGElementRareData::cursorImageValue): Deleted.
719         (WebCore::SVGElementRareData::setCursorImageValue): Deleted.
720
721 2016-04-15  Darin Adler  <darin@apple.com>
722
723         Reduce use of Deprecated::ScriptXXX classes
724         https://bugs.webkit.org/show_bug.cgi?id=156632
725
726         Reviewed by Alex Christensen.
727
728         * Modules/mediastream/SDPProcessor.cpp: Removed unneeded include.
729
730         * bindings/js/JSCommandLineAPIHostCustom.cpp:
731         (WebCore::JSCommandLineAPIHost::inspectedObject): Use JSValue.
732         * bindings/js/JSCustomEventCustom.cpp:
733         (WebCore::JSCustomEvent::detail): Ditto.
734         * bindings/js/ScriptController.cpp:
735         (WebCore::ScriptController::evaluateInWorld): Ditto.
736         (WebCore::ScriptController::evaluate): Ditto.
737         (WebCore::ScriptController::executeScriptInWorld): Ditto.
738         (WebCore::ScriptController::executeScript): Ditto.
739         (WebCore::ScriptController::executeIfJavaScriptURL): Ditto.
740         * bindings/js/ScriptController.h: Ditto.
741
742         * bindings/js/ScriptGlobalObject.cpp: Removed unused overload of set,
743         and unused remove and folded handleException function into its one call site.
744         (WebCore::ScriptGlobalObject::set): Take references instead of pointers.
745         (WebCore::ScriptGlobalObject::get): Use JSObject instead of Deprecated::ScriptObject.
746         * bindings/js/ScriptGlobalObject.h: Updated for the above.
747
748         * dom/CustomEvent.cpp:
749         (WebCore::CustomEvent::initCustomEvent): Take JSValue and ExecState instead of
750         Deprecated::ScriptValue.
751         (WebCore::CustomEvent::trySerializeDetail): Take a reference instead of a pointer.
752         Also removed an unneeded null check.
753         * dom/CustomEvent.h: Use JSValue.
754         * dom/CustomEvent.idl: Updated for the above.
755
756         * html/HTMLMediaElement.cpp: Remove unneeded include.
757
758         * inspector/CommandLineAPIHost.cpp:
759         (WebCore::CommandLineAPIHost::InspectableObject::get): Take reference instead of
760         pointer and return JSValue.
761         * inspector/CommandLineAPIHost.h: Updated for the above.
762
763         * inspector/InspectorDOMAgent.cpp:
764         (WebCore::InspectorDOMAgent::setDocument): Use "document" instead of "doc".
765         (WebCore::InspectorDOMAgent::setAttributesAsText): Omit redundant class name.
766         (WebCore::InspectorDOMAgent::focusNode): Ditto. Pass reference instead of pointer.
767         (WebCore::InspectorDOMAgent::undo): Ditto.
768         (WebCore::InspectorDOMAgent::redo): Ditto.
769         (WebCore::InspectorDOMAgent::nodeForObjectId): Stop using Deprecated::ScriptValue.
770         (WebCore::InspectorDOMAgent::resolveNode): Ditto.
771         (WebCore::InspectorDOMAgent::scriptValueAsNode): Removed unneeded isObject check,
772         which is already done by JSNode::toWrapped. Use JSValue.
773         (WebCore::InspectorDOMAgent::nodeAsScriptValue): Use JSValue.
774         * inspector/InspectorDOMAgent.h: Updated for the above.
775
776         * inspector/InspectorFrontendClientLocal.cpp:
777         (WebCore::InspectorFrontendClientLocal::windowObjectCleared): Use references instead of
778         pointers and removed unneeded local.
779         (WebCore::InspectorFrontendClientLocal::evaluateAsBoolean): More of the same.
780         * inspector/InspectorFrontendHost.cpp:
781         (WebCore::InspectorFrontendHost::showContextMenu): Ditto.
782
783         * inspector/InspectorTimelineAgent.cpp:
784         (WebCore::InspectorTimelineAgent::breakpointActionProbe): Updated to take
785         reference instead of pointer and JSValue instead of ScriptValue.
786         * inspector/InspectorTimelineAgent.h: Ditto.
787         * inspector/PageConsoleAgent.cpp: Ditto.
788         * inspector/PageDebuggerAgent.cpp:
789         (WebCore::PageDebuggerAgent::breakpointActionLog): Ditto.
790         * inspector/PageDebuggerAgent.h: Ditto.
791
792 2016-04-15  Daniel Bates  <dabates@apple.com>
793
794         CSP: Ignore paths in CSP matching after redirects
795         https://bugs.webkit.org/show_bug.cgi?id=153154
796         <rdar://problem/24383215>
797
798         Reviewed by Brent Fulgham.
799
800         For sub-resources that redirect, match the URL that is the result of the redirect against
801         the source expressions in Content Security Policy ignoring any paths in those source
802         expressions as per section Paths and Redirects of the Content Security Policy Level 2 spec.,
803         <https://w3c.github.io/webappsec-csp/2/> (Editor's Draft, 29 August 2015).
804
805         Tests: http/tests/security/contentSecurityPolicy/audio-redirect-allowed2.html
806                http/tests/security/contentSecurityPolicy/embed-redirect-allowed.html
807                http/tests/security/contentSecurityPolicy/embed-redirect-allowed2.html
808                http/tests/security/contentSecurityPolicy/embed-redirect-blocked.html
809                http/tests/security/contentSecurityPolicy/embed-redirect-blocked2.html
810                http/tests/security/contentSecurityPolicy/embed-redirect-blocked3.html
811                http/tests/security/contentSecurityPolicy/font-redirect-allowed2.html
812                http/tests/security/contentSecurityPolicy/form-action-src-redirect-allowed.html
813                http/tests/security/contentSecurityPolicy/form-action-src-redirect-allowed2.html
814                http/tests/security/contentSecurityPolicy/iframe-redirect-allowed-by-child-src.html
815                http/tests/security/contentSecurityPolicy/iframe-redirect-allowed-by-child-src2.html
816                http/tests/security/contentSecurityPolicy/iframe-redirect-allowed-by-frame-src.html
817                http/tests/security/contentSecurityPolicy/iframe-redirect-allowed-by-frame-src2.html
818                http/tests/security/contentSecurityPolicy/iframe-redirect-blocked-by-child-src.html
819                http/tests/security/contentSecurityPolicy/iframe-redirect-blocked-by-frame-src.html
820                http/tests/security/contentSecurityPolicy/image-redirect-allowed2.html
821                http/tests/security/contentSecurityPolicy/object-redirect-allowed.html
822                http/tests/security/contentSecurityPolicy/object-redirect-allowed2.html
823                http/tests/security/contentSecurityPolicy/object-redirect-blocked.html
824                http/tests/security/contentSecurityPolicy/object-redirect-blocked2.html
825                http/tests/security/contentSecurityPolicy/object-redirect-blocked3.html
826                http/tests/security/contentSecurityPolicy/script-redirect-allowed2.html
827                http/tests/security/contentSecurityPolicy/stylesheet-redirect-allowed2.html
828                http/tests/security/contentSecurityPolicy/svg-font-redirect-allowed2.html
829                http/tests/security/contentSecurityPolicy/svg-image-redirect-allowed2.html
830                http/tests/security/contentSecurityPolicy/track-redirect-allowed2.html
831                http/tests/security/contentSecurityPolicy/video-redirect-allowed2.html
832                http/tests/security/contentSecurityPolicy/xsl-redirect-allowed2.html
833
834         * loader/DocumentLoader.cpp:
835         (WebCore::DocumentLoader::willSendRequest): Define a local variable didReceiveRedirectResponse as
836         to whether this request follows from having received a redirect response from the server. Pass this
837         information to FrameLoader::checkIfFormActionAllowedByCSP() and PolicyChecker::checkNavigationPolicy()
838         for its consideration.
839         * loader/DocumentThreadableLoader.cpp:
840         (WebCore::DocumentThreadableLoader::redirectReceived): Pass whether we have a non-null redirect
841         response (i.e. received a redirect response from the server) to DocumentThreadableLoader::isAllowedByContentSecurityPolicy()
842         for its consideration.
843         (WebCore::DocumentThreadableLoader::loadRequest): Pass whether we performed a redirect to
844         DocumentThreadableLoader::isAllowedByContentSecurityPolicy() for its consideration.
845         (WebCore::DocumentThreadableLoader::isAllowedByContentSecurityPolicy): Modified to take a boolean
846         argument as to whether a redirect was performed. We pass this information to the appropriate
847         ContentSecurityPolicy method.
848         * loader/DocumentThreadableLoader.h:
849         * loader/FrameLoader.cpp:
850         (WebCore::FrameLoader::checkIfFormActionAllowedByCSP): Modified to take a boolean argument as to whether
851         a redirect response was received and passes this information to ContentSecurityPolicy::allowFormAction()
852         for its consideration.
853         (WebCore::FrameLoader::loadURL): Modified to tell PolicyChecker::checkNavigationPolicy() that the navigation
854         is not in response to having received a redirect response from the server.
855         (WebCore::FrameLoader::loadWithDocumentLoader): Ditto.
856         * loader/FrameLoader.h:
857         * loader/PolicyChecker.cpp:
858         (WebCore::isAllowedByContentSecurityPolicy): Modified to take a boolean argument as to whether
859         a redirect response was received and passes this information to the appropriate ContentSecurityPolicy member
860         function for consideration.
861         (WebCore::PolicyChecker::checkNavigationPolicy): Modified to take a boolean argument as to whether a redirect
862         response was received and passes this information through to WebCore::isAllowedByContentSecurityPolicy().
863         * loader/PolicyChecker.h:
864         * loader/SubresourceLoader.cpp:
865         (WebCore::SubresourceLoader::willSendRequestInternal): Modified to tell CachedResourceLoader::canRequest() that
866         the request is in response to having received a redirect response from the server.
867         * loader/cache/CachedResourceLoader.cpp:
868         (WebCore::CachedResourceLoader::canRequest): Modified to take a boolean argument as to whether a redirect
869         response was received and passes this information through to the appropriate ContentSecurityPolicy member
870         function for consideration.
871         * loader/cache/CachedResourceLoader.h:
872         * page/csp/ContentSecurityPolicy.cpp:
873         (WebCore::ContentSecurityPolicy::allowScriptFromSource): Modified to take an argument as to whether a
874         redirect response was received and passes this information through to ContentSecurityPolicyDirectiveList.
875         (WebCore::ContentSecurityPolicy::allowObjectFromSource): Ditto.
876         (WebCore::ContentSecurityPolicy::allowChildFrameFromSource): Ditto.
877         (WebCore::ContentSecurityPolicy::allowChildContextFromSource): Ditto.
878         (WebCore::ContentSecurityPolicy::allowImageFromSource): Ditto.
879         (WebCore::ContentSecurityPolicy::allowStyleFromSource): Ditto.
880         (WebCore::ContentSecurityPolicy::allowFontFromSource): Ditto.
881         (WebCore::ContentSecurityPolicy::allowMediaFromSource): Ditto.
882         (WebCore::ContentSecurityPolicy::allowConnectToSource): Ditto.
883         (WebCore::ContentSecurityPolicy::allowFormAction): Ditto.
884         * page/csp/ContentSecurityPolicy.h:
885         * page/csp/ContentSecurityPolicyDirectiveList.cpp:
886         (WebCore::checkSource):
887         (WebCore::checkFrameAncestors):
888         (WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForChildContext): Modified to take an argument
889         as to whether a redirect response was received and passes this information through to the CSP directive.
890         (WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForConnectSource): Ditto.
891         (WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForFont): Ditto.
892         (WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForFormAction): Ditto.
893         (WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForFrame): Ditto.
894         (WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForImage): Ditto.
895         (WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForMedia): Ditto.
896         (WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForObjectSource): Ditto.
897         (WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForScript): Ditto.
898         (WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForStyle): Ditto.
899         * page/csp/ContentSecurityPolicyDirectiveList.h:
900         * page/csp/ContentSecurityPolicySource.cpp:
901         (WebCore::ContentSecurityPolicySource::matches): Modified to take an argument as to whether a redirect response
902         was received. When the specified URL follows from having received a redirect response then ignore the path
903         component of the source expression when checking for a match. Otherwise, consider the path component of the
904         source expression when performing the match.
905         * page/csp/ContentSecurityPolicySource.h:
906         * page/csp/ContentSecurityPolicySourceList.cpp:
907         (WebCore::ContentSecurityPolicySourceList::matches): Modified to take an argument as to whether a redirect
908         response was received and pass this information through to ContentSecurityPolicySource::matches().
909         * page/csp/ContentSecurityPolicySourceList.h:
910         * page/csp/ContentSecurityPolicySourceListDirective.cpp:
911         (WebCore::ContentSecurityPolicySourceListDirective::allows): Modified to take an argument as to whether a
912         redirect response was received and pass this information through to ContentSecurityPolicySourceList::matches().
913         * page/csp/ContentSecurityPolicySourceListDirective.h:
914
915 2016-04-15  Myles C. Maxfield  <mmaxfield@apple.com>
916
917         [CSS Font Loading] FontFace's promise may never be resolved/rejected if Content Security Policy blocks all the URLs
918         https://bugs.webkit.org/show_bug.cgi?id=156605
919
920         Reviewed by Daniel Bates.
921
922         If all the fonts are blocked, we will create a FontFace with no FontFaceSources.
923         Loading such a FontFace should reject the promise.
924
925         Test: fast/text/font-loading-csp-block-all.html
926
927         * css/CSSFontFace.cpp:
928         (WebCore::CSSFontFace::pump):
929
930 2016-04-15  Alex Christensen  <achristensen@webkit.org>
931
932         [WinCairo] Another unreviewed build fix.
933
934         * platform/network/curl/MultipartHandle.cpp:
935         (WebCore::MultipartHandle::parseHeadersIfPossible):
936
937 2016-04-15  Brent Fulgham  <bfulgham@apple.com>
938
939         [WinCairo] Unreviewed build fix.,
940
941         * platform/network/curl/MultipartHandle.cpp:
942         (WebCore::MultipartHandle::parseHeadersIfPossible): Correct for new method signature.
943
944 2016-04-15  Myles C. Maxfield  <mmaxfield@apple.com>
945
946         ASSERT when loading github.com
947         https://bugs.webkit.org/show_bug.cgi?id=156604
948         <rdar://problem/19890634>
949
950         Reviewed by Darin Adler.
951
952         HTMLFormControlElement::m_isValid is a cache of the results of the valid() function.
953         When cloning the node, we were preserving each individual item, but not the state
954         of the cache. Therefore, the cache and the attributes didn't agree with each other.
955
956         Test: fast/forms/checkValidity-cloneNode-crash.html
957
958         * html/HTMLInputElement.cpp:
959         (WebCore::HTMLInputElement::copyNonAttributePropertiesFromElement):
960
961 2016-04-15  Brent Fulgham  <bfulgham@apple.com>
962
963         Remove support for X-Frame-Options in `<meta>`
964         https://bugs.webkit.org/show_bug.cgi?id=156625
965         <rdar://problem/25748714>
966
967         Reviewed by Darin Adler.
968
969         Follow RFC7034 (Section 4), which recommends that 'X-Frame-Options' be ignored when delivered as part of
970         a '<meta http-equiv="...">' tag. This brings us in line with Firefox, Edge, and Blink.
971
972         Tests: http/tests/security/XFrameOptions/x-frame-options-ignore-deny-meta-tag-in-body.html
973                http/tests/security/XFrameOptions/x-frame-options-ignore-deny-meta-tag-parent-same-origin-allow.html
974                http/tests/security/XFrameOptions/x-frame-options-ignore-deny-meta-tag-parent-same-origin-deny.html
975                http/tests/security/XFrameOptions/x-frame-options-ignore-deny-meta-tag.html
976                http/tests/security/xssAuditor/meta-tag-http-refresh-x-frame-options-ignored.html
977
978         * dom/Document.cpp:
979         (WebCore::Document::processHttpEquiv): Log error message instead of blocking the load.
980
981 2016-04-15  Jer Noble  <jer.noble@apple.com>
982
983         Audio elements should be able to have a controls manager.
984         https://bugs.webkit.org/show_bug.cgi?id=156630
985
986         Reviewed by Beth Dakin.
987
988         Now that there is no longer a architectural restriction about what kind of media elements
989         can be used with WebPlaybackSessionManager, allow audio elements to create a controls
990         manager.
991
992         Drive-by fix: clear the controls manager when destroying the media player due to entering
993         the page cache, and when destroying the media element.
994
995         * html/HTMLMediaElement.cpp:
996         (WebCore::HTMLMediaElement::~HTMLMediaElement):
997         (WebCore::HTMLMediaElement::updatePlayState):
998         (WebCore::HTMLMediaElement::stopWithoutDestroyingMediaPlayer):
999         * html/MediaElementSession.cpp:
1000         (WebCore::MediaElementSession::canControlControlsManager):
1001
1002 2016-04-15  Said Abou-Hallawa  <sabouhallawa@apple.com>
1003
1004         Calling SVGAnimatedPropertyTearOff::animationEnded() will crash if the SVG property is not animating
1005         https://bugs.webkit.org/show_bug.cgi?id=156549
1006
1007         Reviewed by Darin Adler.
1008
1009         A speculative fix for a crash which may happen when calling animationEnded()
1010         of any SVGAnimatedProperty while it is not animating.
1011
1012         * svg/SVGAnimatedTypeAnimator.h:
1013         (WebCore::SVGAnimatedTypeAnimator::executeAction):
1014
1015 2016-04-15  Jer Noble  <jer.noble@apple.com>
1016
1017         Unreviewed build fix for iOS simulator. Assert the correct variable.
1018
1019         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
1020         (-[WebAVPlayerLayer layoutSublayers]):
1021         (-[WebAVPlayerLayer resolveBounds]):
1022         (-[WebAVPlayerLayer setVideoGravity:]):
1023
1024 2016-04-14  Jer Noble  <jer.noble@apple.com>
1025
1026         Allow WebVideoFullscreenManager and Proxy to be used by audio elements.
1027         https://bugs.webkit.org/show_bug.cgi?id=156564
1028
1029         Reviewed by Beth Dakin.
1030
1031         No new tests; this refactors existing functionality into new classes.
1032
1033         Tease apart the various WebVideoFullscreen{Interface,Model}{AVKit,Mac,VideoElement} into new
1034         WebPlaybackSession… classes dealing exclusively with playback state and commands, leaving
1035         fullscreen state and commands in the WebVideoFullscreen… classes. Specifically, create the
1036         following new classes:
1037
1038         - WebPlaybackSessionInterface (copied from WebVideoFullscreenInterface)
1039         - WebPlaybackSessionModelMediaElement (copied from WebVideoFullscreenModelMediaElement)
1040         - WebPlaybackSessionModel (copied from WebVideoFullscreenModel)
1041         - WebPlaybackSessionInterfaceAVKit (copied from WebVideoFullscreenInterfaceAVKit)
1042         - WebPlaybackSessionInterfaceMac (copied from WebVideoFullscreenInterfaceMac)
1043
1044         WebVideoFullscreenInterface and WebVideoFullscreenModel now inherit from
1045         WebPlaybackSessionInterface and WebPlaybackSessionModel, respectively. The concrete
1046         WebVideoFullscreen… subclasses each take their respective WebPlaybackSession… subclasses and
1047         fulfill their WebPlaybackSession interfaces through composition.
1048
1049         As part of this big tease-apart, the WebAVPlayerController class needs to be exposed in a
1050         header (as it's accessed by two different classes now), so that class is moved into its own
1051         implementation and header files.
1052
1053         The one case where a change in a WebPlaybackSession… class needs to be reflected in a
1054         WebVideoFullscreen… class is in WebPlaybackSessionInterfaceAVKit, where
1055         WebVideoFullscreenInterfaceAVKit needs to be notified when external playback becomes dis/en-
1056         abled, so a new WebPlaybackSessionInterfaceAVKitClient interface has been added to allow the
1057         WebPlaybackSession… to notify the WebVideoFullscreen….
1058
1059         The responsibility for the "controls manager" has moved from the WebVideoFullscreen… classes
1060         to the WebPlaybackSession… classes, so the ChromeClient interface for creating and destroying
1061         those controls is similarly renamed from setUpVideoControlsManager() to
1062         setUpPlaybackControlsManager().
1063
1064         * WebCore.xcodeproj/project.pbxproj:
1065         * html/HTMLMediaElement.cpp:
1066         (WebCore::HTMLMediaElement::updatePlayState):
1067         * page/ChromeClient.h:
1068         * platform/cocoa/WebPlaybackSessionInterface.h: Copied from Source/WebCore/platform/cocoa/WebVideoFullscreenInterface.h.
1069         (WebCore::WebPlaybackSessionInterface::~WebPlaybackSessionInterface):
1070         * platform/cocoa/WebPlaybackSessionModel.h: Added.
1071         (WebCore::WebPlaybackSessionModel::~WebPlaybackSessionModel):
1072         * platform/cocoa/WebPlaybackSessionModelMediaElement.h: Added.
1073         (WebCore::WebPlaybackSessionModelMediaElement::create):
1074         (WebCore::WebPlaybackSessionModelMediaElement::mediaElement):
1075         * platform/cocoa/WebPlaybackSessionModelMediaElement.mm: Added.
1076         (WebPlaybackSessionModelMediaElement::WebPlaybackSessionModelMediaElement):
1077         (WebPlaybackSessionModelMediaElement::~WebPlaybackSessionModelMediaElement):
1078         (WebPlaybackSessionModelMediaElement::setWebPlaybackSessionInterface):
1079         (WebPlaybackSessionModelMediaElement::setMediaElement):
1080         (WebPlaybackSessionModelMediaElement::handleEvent):
1081         (WebPlaybackSessionModelMediaElement::updateForEventName):
1082         (WebPlaybackSessionModelMediaElement::play):
1083         (WebPlaybackSessionModelMediaElement::pause):
1084         (WebPlaybackSessionModelMediaElement::togglePlayState):
1085         (WebPlaybackSessionModelMediaElement::beginScrubbing):
1086         (WebPlaybackSessionModelMediaElement::endScrubbing):
1087         (WebPlaybackSessionModelMediaElement::seekToTime):
1088         (WebPlaybackSessionModelMediaElement::fastSeek):
1089         (WebPlaybackSessionModelMediaElement::beginScanningForward):
1090         (WebPlaybackSessionModelMediaElement::beginScanningBackward):
1091         (WebPlaybackSessionModelMediaElement::endScanning):
1092         (WebPlaybackSessionModelMediaElement::selectAudioMediaOption):
1093         (WebPlaybackSessionModelMediaElement::selectLegibleMediaOption):
1094         (WebPlaybackSessionModelMediaElement::updateLegibleOptions):
1095         (WebPlaybackSessionModelMediaElement::observedEventNames):
1096         (WebPlaybackSessionModelMediaElement::eventNameAll):
1097         * platform/cocoa/WebPlaybackSessionModelVideoElement.cpp: Copied from Source/WebCore/platform/cocoa/WebVideoFullscreenModelVideoElement.mm.
1098         (WebPlaybackSessionModelVideoElement::WebPlaybackSessionModelVideoElement):
1099         (WebPlaybackSessionModelVideoElement::~WebPlaybackSessionModelVideoElement):
1100         (WebPlaybackSessionModelVideoElement::setWebVideoFullscreenInterface):
1101         (WebPlaybackSessionModelVideoElement::setVideoElement):
1102         (WebPlaybackSessionModelVideoElement::handleEvent):
1103         (WebPlaybackSessionModelVideoElement::updateForEventName):
1104         (WebPlaybackSessionModelVideoElement::play):
1105         (WebPlaybackSessionModelVideoElement::pause):
1106         (WebPlaybackSessionModelVideoElement::togglePlayState):
1107         (WebPlaybackSessionModelVideoElement::beginScrubbing):
1108         (WebPlaybackSessionModelVideoElement::endScrubbing):
1109         (WebPlaybackSessionModelVideoElement::seekToTime):
1110         (WebPlaybackSessionModelVideoElement::fastSeek):
1111         (WebPlaybackSessionModelVideoElement::beginScanningForward):
1112         (WebPlaybackSessionModelVideoElement::beginScanningBackward):
1113         (WebPlaybackSessionModelVideoElement::endScanning):
1114         (WebPlaybackSessionModelVideoElement::selectAudioMediaOption):
1115         (WebPlaybackSessionModelVideoElement::selectLegibleMediaOption):
1116         (WebPlaybackSessionModelVideoElement::updateLegibleOptions):
1117         (WebPlaybackSessionModelVideoElement::observedEventNames):
1118         (WebPlaybackSessionModelVideoElement::eventNameAll):
1119         * platform/cocoa/WebVideoFullscreenInterface.h:
1120         * platform/cocoa/WebVideoFullscreenModel.h:
1121         (WebCore::WebVideoFullscreenModel::~WebVideoFullscreenModel): Deleted.
1122         * platform/cocoa/WebVideoFullscreenModelVideoElement.h:
1123         (WebCore::WebVideoFullscreenModelVideoElement::create):
1124         * platform/cocoa/WebVideoFullscreenModelVideoElement.mm:
1125         (WebVideoFullscreenModelVideoElement::WebVideoFullscreenModelVideoElement):
1126         (WebVideoFullscreenModelVideoElement::setWebVideoFullscreenInterface):
1127         (WebVideoFullscreenModelVideoElement::setVideoElement):
1128         (WebVideoFullscreenModelVideoElement::play):
1129         (WebVideoFullscreenModelVideoElement::pause):
1130         (WebVideoFullscreenModelVideoElement::togglePlayState):
1131         (WebVideoFullscreenModelVideoElement::beginScrubbing):
1132         (WebVideoFullscreenModelVideoElement::endScrubbing):
1133         (WebVideoFullscreenModelVideoElement::seekToTime):
1134         (WebVideoFullscreenModelVideoElement::fastSeek):
1135         (WebVideoFullscreenModelVideoElement::beginScanningForward):
1136         (WebVideoFullscreenModelVideoElement::beginScanningBackward):
1137         (WebVideoFullscreenModelVideoElement::endScanning):
1138         (WebVideoFullscreenModelVideoElement::selectAudioMediaOption):
1139         (WebVideoFullscreenModelVideoElement::selectLegibleMediaOption):
1140         (WebVideoFullscreenModelVideoElement::handleEvent): Deleted.
1141         (WebVideoFullscreenModelVideoElement::setVideoFullscreenLayer): Deleted.
1142         (WebVideoFullscreenModelVideoElement::setVideoLayerFrame): Deleted.
1143         (WebVideoFullscreenModelVideoElement::setVideoLayerGravity): Deleted.
1144         (WebVideoFullscreenModelVideoElement::observedEventNames): Deleted.
1145         (WebVideoFullscreenModelVideoElement::eventNameAll): Deleted.
1146         (WebVideoFullscreenModelVideoElement::fullscreenModeChanged): Deleted.
1147         (WebVideoFullscreenModelVideoElement::isVisible): Deleted.
1148         * platform/ios/WebAVPlayerController.h: Added.
1149         * platform/ios/WebAVPlayerController.mm: Added.
1150         (-[WebAVPlayerController dealloc]):
1151         (-[WebAVPlayerController resetState]):
1152         (-[WebAVPlayerController player]):
1153         (-[WebAVPlayerController forwardingTargetForSelector:]):
1154         (-[WebAVPlayerController play:]):
1155         (-[WebAVPlayerController pause:]):
1156         (-[WebAVPlayerController togglePlayback:]):
1157         (-[WebAVPlayerController togglePlaybackEvenWhenInBackground:]):
1158         (-[WebAVPlayerController isPlaying]):
1159         (-[WebAVPlayerController setPlaying:]):
1160         (+[WebAVPlayerController keyPathsForValuesAffectingPlaying]):
1161         (-[WebAVPlayerController beginScrubbing:]):
1162         (-[WebAVPlayerController endScrubbing:]):
1163         (-[WebAVPlayerController seekToTime:]):
1164         (-[WebAVPlayerController currentTimeWithinEndTimes]):
1165         (-[WebAVPlayerController setCurrentTimeWithinEndTimes:]):
1166         (+[WebAVPlayerController keyPathsForValuesAffectingCurrentTimeWithinEndTimes]):
1167         (-[WebAVPlayerController hasLiveStreamingContent]):
1168         (+[WebAVPlayerController keyPathsForValuesAffectingHasLiveStreamingContent]):
1169         (-[WebAVPlayerController skipBackwardThirtySeconds:]):
1170         (-[WebAVPlayerController gotoEndOfSeekableRanges:]):
1171         (-[WebAVPlayerController canScanForward]):
1172         (+[WebAVPlayerController keyPathsForValuesAffectingCanScanForward]):
1173         (-[WebAVPlayerController beginScanningForward:]):
1174         (-[WebAVPlayerController endScanningForward:]):
1175         (-[WebAVPlayerController beginScanningBackward:]):
1176         (-[WebAVPlayerController endScanningBackward:]):
1177         (-[WebAVPlayerController canSeekToBeginning]):
1178         (+[WebAVPlayerController keyPathsForValuesAffectingCanSeekToBeginning]):
1179         (-[WebAVPlayerController seekToBeginning:]):
1180         (-[WebAVPlayerController seekChapterBackward:]):
1181         (-[WebAVPlayerController canSeekToEnd]):
1182         (+[WebAVPlayerController keyPathsForValuesAffectingCanSeekToEnd]):
1183         (-[WebAVPlayerController seekToEnd:]):
1184         (-[WebAVPlayerController seekChapterForward:]):
1185         (-[WebAVPlayerController hasMediaSelectionOptions]):
1186         (+[WebAVPlayerController keyPathsForValuesAffectingHasMediaSelectionOptions]):
1187         (-[WebAVPlayerController hasAudioMediaSelectionOptions]):
1188         (+[WebAVPlayerController keyPathsForValuesAffectingHasAudioMediaSelectionOptions]):
1189         (-[WebAVPlayerController hasLegibleMediaSelectionOptions]):
1190         (+[WebAVPlayerController keyPathsForValuesAffectingHasLegibleMediaSelectionOptions]):
1191         (-[WebAVPlayerController currentAudioMediaSelectionOption]):
1192         (-[WebAVPlayerController setCurrentAudioMediaSelectionOption:]):
1193         (-[WebAVPlayerController currentLegibleMediaSelectionOption]):
1194         (-[WebAVPlayerController setCurrentLegibleMediaSelectionOption:]):
1195         (-[WebAVPlayerController isPlayingOnExternalScreen]):
1196         (+[WebAVPlayerController keyPathsForValuesAffectingPlayingOnExternalScreen]):
1197         (-[WebAVPlayerController isPictureInPictureInterrupted]):
1198         (-[WebAVPlayerController setPictureInPictureInterrupted:]):
1199         * platform/ios/WebPlaybackSessionInterfaceAVKit.h: Added.
1200         (WebCore::WebPlaybackSessionInterfaceAVKitClient::~WebPlaybackSessionInterfaceAVKitClient):
1201         * platform/ios/WebPlaybackSessionInterfaceAVKit.mm: Added.
1202         (WebCore::WebPlaybackSessionInterfaceAVKit::WebPlaybackSessionInterfaceAVKit):
1203         (WebCore::WebPlaybackSessionInterfaceAVKit::~WebPlaybackSessionInterfaceAVKit):
1204         (WebCore::WebPlaybackSessionInterfaceAVKit::resetMediaState):
1205         (WebCore::WebPlaybackSessionInterfaceAVKit::setWebPlaybackSessionModel):
1206         (WebCore::WebPlaybackSessionInterfaceAVKit::setDuration):
1207         (WebCore::WebPlaybackSessionInterfaceAVKit::setCurrentTime):
1208         (WebCore::WebPlaybackSessionInterfaceAVKit::setBufferedTime):
1209         (WebCore::WebPlaybackSessionInterfaceAVKit::setRate):
1210         (WebCore::WebPlaybackSessionInterfaceAVKit::setSeekableRanges):
1211         (WebCore::WebPlaybackSessionInterfaceAVKit::setCanPlayFastReverse):
1212         (WebCore::mediaSelectionOptions):
1213         (WebCore::WebPlaybackSessionInterfaceAVKit::setAudioMediaSelectionOptions):
1214         (WebCore::WebPlaybackSessionInterfaceAVKit::setLegibleMediaSelectionOptions):
1215         (WebCore::WebPlaybackSessionInterfaceAVKit::setExternalPlayback):
1216         (WebCore::WebPlaybackSessionInterfaceAVKit::setWirelessVideoPlaybackDisabled):
1217         (WebCore::WebPlaybackSessionInterfaceAVKit::wirelessVideoPlaybackDisabled):
1218         (WebCore::WebPlaybackSessionInterfaceAVKit::invalidate):
1219         * platform/ios/WebVideoFullscreenControllerAVKit.mm:
1220         (WebVideoFullscreenControllerContext::setUpFullscreen):
1221         * platform/ios/WebVideoFullscreenInterfaceAVKit.h:
1222         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
1223         (-[WebAVPlayerViewControllerDelegate fullscreenInterface]):
1224         (-[WebAVPlayerViewControllerDelegate setFullscreenInterface:]):
1225         (-[WebAVPlayerLayer fullscreenInterface]):
1226         (-[WebAVPlayerLayer setFullscreenInterface:]):
1227         (-[WebAVPlayerLayer layoutSublayers]):
1228         (-[WebAVPlayerLayer resolveBounds]):
1229         (-[WebAVPlayerLayer setVideoGravity:]):
1230         (WebVideoFullscreenInterfaceAVKit::create):
1231         (WebVideoFullscreenInterfaceAVKit::WebVideoFullscreenInterfaceAVKit):
1232         (WebVideoFullscreenInterfaceAVKit::~WebVideoFullscreenInterfaceAVKit):
1233         (WebVideoFullscreenInterfaceAVKit::playerController):
1234         (WebVideoFullscreenInterfaceAVKit::resetMediaState):
1235         (WebVideoFullscreenInterfaceAVKit::setDuration):
1236         (WebVideoFullscreenInterfaceAVKit::setCurrentTime):
1237         (WebVideoFullscreenInterfaceAVKit::setBufferedTime):
1238         (WebVideoFullscreenInterfaceAVKit::setRate):
1239         (WebVideoFullscreenInterfaceAVKit::setVideoDimensions):
1240         (WebVideoFullscreenInterfaceAVKit::setSeekableRanges):
1241         (WebVideoFullscreenInterfaceAVKit::setCanPlayFastReverse):
1242         (WebVideoFullscreenInterfaceAVKit::setAudioMediaSelectionOptions):
1243         (WebVideoFullscreenInterfaceAVKit::setLegibleMediaSelectionOptions):
1244         (WebVideoFullscreenInterfaceAVKit::setExternalPlayback):
1245         (WebVideoFullscreenInterfaceAVKit::externalPlaybackEnabledChanged):
1246         (WebVideoFullscreenInterfaceAVKit::setWirelessVideoPlaybackDisabled):
1247         (WebVideoFullscreenInterfaceAVKit::wirelessVideoPlaybackDisabled):
1248         (WebVideoFullscreenInterfaceAVKit::setupFullscreen):
1249         (WebVideoFullscreenInterfaceAVKit::cleanupFullscreen):
1250         (WebVideoFullscreenInterfaceAVKit::mayAutomaticallyShowVideoPictureInPicture):
1251         (-[WebAVPlayerViewControllerDelegate playerViewControllerWillStartPictureInPicture:]): Deleted.
1252         (-[WebAVPlayerViewControllerDelegate playerViewControllerDidStartPictureInPicture:]): Deleted.
1253         (-[WebAVPlayerViewControllerDelegate playerViewControllerFailedToStartPictureInPicture:withError:]): Deleted.
1254         (-[WebAVPlayerViewControllerDelegate playerViewControllerWillStopPictureInPicture:]): Deleted.
1255         (-[WebAVPlayerViewControllerDelegate playerViewControllerDidStopPictureInPicture:]): Deleted.
1256         (convertToExitFullScreenReason): Deleted.
1257         (-[WebAVPlayerViewControllerDelegate playerViewController:shouldExitFullScreenWithReason:]): Deleted.
1258         (-[WebAVPlayerViewControllerDelegate playerViewController:restoreUserInterfaceForPictureInPictureStopWithCompletionHandler:]): Deleted.
1259         (-[WebAVPlayerLayer init]): Deleted.
1260         (-[WebAVPlayerLayer dealloc]): Deleted.
1261         (-[WebAVPlayerLayer videoGravity]): Deleted.
1262         (-[WebAVPlayerLayer videoRect]): Deleted.
1263         (+[WebAVPlayerLayer keyPathsForValuesAffectingVideoRect]): Deleted.
1264         (WebAVPictureInPicturePlayerLayerView_layerClass): Deleted.
1265         (getWebAVPictureInPicturePlayerLayerViewClass): Deleted.
1266         (WebAVPlayerLayerView_layerClass): Deleted.
1267         (WebAVPlayerLayerView_playerController): Deleted.
1268         (WebAVPlayerLayerView_setPlayerController): Deleted.
1269         (WebAVPlayerLayerView_videoView): Deleted.
1270         (WebAVPlayerLayerView_setVideoView): Deleted.
1271         (WebAVPlayerLayerView_startRoutingVideoToPictureInPicturePlayerLayerView): Deleted.
1272         (WebAVPlayerLayerView_stopRoutingVideoToPictureInPicturePlayerLayerView): Deleted.
1273         (WebAVPlayerLayerView_pictureInPicturePlayerLayerView): Deleted.
1274         (WebAVPlayerLayerView_dealloc): Deleted.
1275         (getWebAVPlayerLayerViewClass): Deleted.
1276         (WebVideoFullscreenInterfaceAVKit::setWebVideoFullscreenModel): Deleted.
1277         (WebVideoFullscreenInterfaceAVKit::setWebVideoFullscreenChangeObserver): Deleted.
1278         (WebVideoFullscreenInterfaceAVKit::applicationDidBecomeActive): Deleted.
1279         (WebVideoFullscreenInterfaceAVKit::enterFullscreen): Deleted.
1280         (WebVideoFullscreenInterfaceAVKit::enterFullscreenStandard): Deleted.
1281         (WebVideoFullscreenInterfaceAVKit::exitFullscreen): Deleted.
1282         (WebVideoFullscreenInterfaceAVKit::didStartPictureInPicture): Deleted.
1283         (WebVideoFullscreenInterfaceAVKit::failedToStartPictureInPicture): Deleted.
1284         (WebVideoFullscreenInterfaceAVKit::willStopPictureInPicture): Deleted.
1285         (WebVideoFullscreenInterfaceAVKit::didStopPictureInPicture): Deleted.
1286         (WebVideoFullscreenInterfaceAVKit::prepareForPictureInPictureStopWithCompletionHandler): Deleted.
1287         (WebVideoFullscreenInterfaceAVKit::shouldExitFullscreenWithReason): Deleted.
1288         (WebVideoFullscreenInterfaceAVKit::watchdogTimerFired): Deleted.
1289         (WebVideoFullscreenInterfaceAVKit::setMode): Deleted.
1290         (WebVideoFullscreenInterfaceAVKit::clearMode): Deleted.
1291         (WebCore::supportsPictureInPicture): Deleted.
1292         * platform/mac/WebPlaybackSessionInterfaceMac.h: Added.
1293         * platform/mac/WebPlaybackSessionInterfaceMac.mm: Copied from Source/WebCore/platform/mac/WebVideoFullscreenInterfaceMac.mm.
1294         (-[WebAVMediaSelectionOptionMac localizedDisplayName]):
1295         (-[WebAVMediaSelectionOptionMac setLocalizedDisplayName:]):
1296         (-[WebPlaybackControlsManager initWithWebPlaybackSessionInterfaceMac:]):
1297         (-[WebPlaybackControlsManager timing]):
1298         (-[WebPlaybackControlsManager setTiming:]):
1299         (-[WebPlaybackControlsManager seekableTimeRanges]):
1300         (-[WebPlaybackControlsManager setSeekableTimeRanges:]):
1301         (-[WebPlaybackControlsManager isSeeking]):
1302         (-[WebPlaybackControlsManager seekToTime:toleranceBefore:toleranceAfter:]):
1303         (-[WebPlaybackControlsManager audioMediaSelectionOptions]):
1304         (-[WebPlaybackControlsManager setAudioMediaSelectionOptions:]):
1305         (-[WebPlaybackControlsManager currentAudioMediaSelectionOption]):
1306         (-[WebPlaybackControlsManager setCurrentAudioMediaSelectionOption:]):
1307         (-[WebPlaybackControlsManager legibleMediaSelectionOptions]):
1308         (-[WebPlaybackControlsManager setLegibleMediaSelectionOptions:]):
1309         (-[WebPlaybackControlsManager currentLegibleMediaSelectionOption]):
1310         (-[WebPlaybackControlsManager setCurrentLegibleMediaSelectionOption:]):
1311         (-[WebPlaybackControlsManager cancelThumbnailAndAudioAmplitudeSampleGeneration]):
1312         (WebCore::WebPlaybackSessionInterfaceMac::~WebPlaybackSessionInterfaceMac):
1313         (WebCore::WebPlaybackSessionInterfaceMac::setWebPlaybackSessionModel):
1314         (WebCore::WebPlaybackSessionInterfaceMac::setDuration):
1315         (WebCore::WebPlaybackSessionInterfaceMac::setCurrentTime):
1316         (WebCore::WebPlaybackSessionInterfaceMac::setRate):
1317         (WebCore::WebPlaybackSessionInterfaceMac::setSeekableRanges):
1318         (WebCore::mediaSelectionOptions):
1319         (WebCore::WebPlaybackSessionInterfaceMac::setAudioMediaSelectionOptions):
1320         (WebCore::WebPlaybackSessionInterfaceMac::setLegibleMediaSelectionOptions):
1321         (WebCore::WebPlaybackSessionInterfaceMac::invalidate):
1322         (WebCore::WebPlaybackSessionInterfaceMac::ensureControlsManager):
1323         (WebCore::WebPlaybackSessionInterfaceMac::playBackControlsManager):
1324         * platform/mac/WebVideoFullscreenInterfaceMac.h:
1325         * platform/mac/WebVideoFullscreenInterfaceMac.mm:
1326         (WebCore::WebVideoFullscreenInterfaceMac::WebVideoFullscreenInterfaceMac):
1327         (WebCore::WebVideoFullscreenInterfaceMac::setWebVideoFullscreenModel):
1328         (WebCore::WebVideoFullscreenInterfaceMac::setDuration):
1329         (WebCore::WebVideoFullscreenInterfaceMac::setCurrentTime):
1330         (WebCore::WebVideoFullscreenInterfaceMac::setRate):
1331         (WebCore::WebVideoFullscreenInterfaceMac::setSeekableRanges):
1332         (WebCore::WebVideoFullscreenInterfaceMac::setAudioMediaSelectionOptions):
1333         (WebCore::WebVideoFullscreenInterfaceMac::setLegibleMediaSelectionOptions):
1334         (WebCore::WebVideoFullscreenInterfaceMac::ensureControlsManager):
1335         (WebCore::WebVideoFullscreenInterfaceMac::~WebVideoFullscreenInterfaceMac): Deleted.
1336         (WebCore::WebVideoFullscreenInterfaceMac::setWebVideoFullscreenChangeObserver): Deleted.
1337         (WebCore::WebVideoFullscreenInterfaceMac::setMode): Deleted.
1338         (WebCore::WebVideoFullscreenInterfaceMac::clearMode): Deleted.
1339         (WebCore::WebVideoFullscreenInterfaceMac::setupFullscreen): Deleted.
1340         (WebCore::WebVideoFullscreenInterfaceMac::enterFullscreen): Deleted.
1341         (WebCore::WebVideoFullscreenInterfaceMac::exitFullscreen): Deleted.
1342         (WebCore::WebVideoFullscreenInterfaceMac::exitFullscreenWithoutAnimationToMode): Deleted.
1343         (WebCore::WebVideoFullscreenInterfaceMac::cleanupFullscreen): Deleted.
1344         (WebCore::WebVideoFullscreenInterfaceMac::invalidate): Deleted.
1345         (WebCore::WebVideoFullscreenInterfaceMac::preparedToReturnToInline): Deleted.
1346         (WebCore::WebVideoFullscreenInterfaceMac::setVideoDimensions): Deleted.
1347         (WebCore::supportsPictureInPicture): Deleted.
1348
1349 2016-04-15  Chris Dumez  <cdumez@apple.com>
1350
1351         [COCOA] Do not unnecessarily initialize ResourceResponse::m_httpVersion as part of common fields
1352         https://bugs.webkit.org/show_bug.cgi?id=156606
1353
1354         Reviewed by Darin Adler.
1355
1356         Do not unnecessarily initialize ResourceResponse::m_httpVersion as part of common fields.
1357
1358         We previously initialized m_httpVersion when calling platformLazyInit(CommonFieldsOnly),
1359         even though this is not a common field. The corresponding getter/setter in
1360         HTTPResponseBase call lazyInit(AllFields).
1361
1362         * platform/network/cf/ResourceResponseCFNet.cpp:
1363         (WebCore::ResourceResponse::platformLazyInit):
1364         * platform/network/cocoa/ResourceResponseCocoa.mm:
1365         (WebCore::ResourceResponse::platformLazyInit):
1366
1367 2016-04-15  John Wilander  <wilander@apple.com>
1368
1369         Refactor WebSockets handshake to use StringView instead of String for header validation.
1370         https://bugs.webkit.org/show_bug.cgi?id=155602
1371
1372         Reviewed by Darin Adler.
1373
1374         No new tests. Existing test have been augmented.
1375
1376         * Modules/websockets/WebSocketHandshake.cpp:
1377         (WebCore::WebSocketHandshake::readServerHandshake):
1378             Made sure failure reason was set consistently with makeString().
1379         (WebCore::headerHasValidHTTPVersion):
1380             Now operates on the HTTP status line with StringView.
1381         (WebCore::WebSocketHandshake::readStatusLine):
1382             Now operates on the HTTP status line with StringView.
1383         (WebCore::WebSocketHandshake::readHTTPHeaders):
1384             Now operates on header names with StringView.
1385             Made sure failure reason was set consistently with makeString() and ASCIILiteral().
1386         (WebCore::WebSocketHandshake::checkResponseHeaders):
1387             Made sure failure reason was set consistently with ASCIILiteral().
1388         * platform/network/HTTPParsers.cpp:
1389         (WebCore::parseHTTPRequestLine):
1390             Made sure failure reason was set consistently with ASCIILiteral().
1391         (WebCore::isValidHeaderNameCharacter):
1392             Inlined function to check if a character is allowed in an HTTP header name according to RFC 7230.
1393             https://tools.ietf.org/html/rfc7230 (June 2014)
1394         (WebCore::parseHTTPHeader):
1395         * platform/network/HTTPParsers.h:
1396             Now receives the HTTP header name as a StringView.
1397             Checks that header names only contain valid characters according to RFC 7230 (see above).
1398         * platform/network/ResourceRequestBase.cpp:
1399         (WebCore::ResourceRequestBase::addHTTPHeaderField):
1400         * platform/network/ResourceRequestBase.h:
1401              Now has an overloaded function which receives the HTTP header name as an HTTPHeaderName enum value.
1402         * platform/network/ResourceResponseBase.cpp:
1403         (WebCore::ResourceResponseBase::addHTTPHeaderField):
1404         * platform/network/ResourceResponseBase.h:
1405              Now has an overloaded function which receives the HTTP header name as an HTTPHeaderName enum value.
1406
1407 2016-04-15  Joanmarie Diggs  <jdiggs@igalia.com>
1408
1409         AX: Presentational role on SVG elements is trumped by child 'title' and 'desc' elements
1410         https://bugs.webkit.org/show_bug.cgi?id=156519
1411
1412         Reviewed by Chris Fleizach.
1413
1414         Override the presentational role on SVG elements which have a child 'title' or 'desc'
1415         element. As a result of this change, AccessibilitySVGRoot objects would be exposed
1416         with an AccessibilityRole of UnknownRole. Therefore map included AccessibilitySVGRoot
1417         objects to GroupRole as per the SVG Accessibility API Mapping specification.
1418
1419         Also use indexOfBestMatchingLanguageInList() to identify which child 'title' or 'desc'
1420         element is the best match for the parent element.
1421
1422         New Test: accessibility/w3c-svg-content-language-attribute.html
1423
1424         Also: Update w3c-svg-presentational-role.html expectations because there are test cases
1425         in which elements are now being included in the accessibility tree as a result of this
1426         change. Also add new test cases which lack child 'title' and 'desc' elements.
1427
1428         * accessibility/AccessibilityNodeObject.h:
1429         * accessibility/AccessibilitySVGElement.cpp:
1430         (WebCore::AccessibilitySVGElement::childElementWithMatchingLanguage):
1431         (WebCore::AccessibilitySVGElement::accessibilityDescription):
1432         (WebCore::AccessibilitySVGElement::helpText):
1433         (WebCore::AccessibilitySVGElement::computeAccessibilityIsIgnored):
1434         (WebCore::AccessibilitySVGElement::determineAriaRoleAttribute):
1435         * accessibility/AccessibilitySVGElement.h:
1436         * accessibility/AccessibilitySVGRoot.h:
1437
1438 2016-04-15  Chris Dumez  <cdumez@apple.com>
1439
1440         Rename [GlobalContext] extended attribute to [Exposed] and align with WebIDL
1441         https://bugs.webkit.org/show_bug.cgi?id=156615
1442
1443         Reviewed by Youenn Fablet.
1444
1445         Rename [GlobalContext] extended attribute to [Exposed] and align with WebIDL:
1446         - http://heycam.github.io/webidl/#Exposed
1447
1448         * bindings/scripts/IDLAttributes.txt:
1449         Stop recognizing [GlobalContext] and start recognizing [Exposed].
1450
1451         * bindings/scripts/IDLParser.pm:
1452         (parseIdentifierList):
1453         (parseExtendedAttributeRest2):
1454         Add IDL parser support for having a list of identifiers as value
1455         for an IDL extended attribute, e.g. Exposed=(Window, Worker).
1456
1457         * bindings/scripts/preprocess-idls.pl:
1458         Tweak existing support for [GlobalContext] to use [Exposed] instead
1459         and support the new syntax.
1460
1461         (getInterfaceExtendedAttributesFromIDL):
1462         Do not split on commas that are within brackets.
1463
1464         * Modules/fetch/FetchBody.idl:
1465         * Modules/fetch/FetchHeaders.idl:
1466         * Modules/fetch/FetchRequest.idl:
1467         * Modules/fetch/FetchResponse.idl:
1468         * Modules/streams/ByteLengthQueuingStrategy.idl:
1469         * Modules/streams/CountQueuingStrategy.idl:
1470         * Modules/streams/ReadableStream.idl:
1471         * Modules/streams/ReadableStreamController.idl:
1472         * Modules/streams/ReadableStreamReader.idl:
1473         * Modules/websockets/WebSocket.idl:
1474         * dom/MessageChannel.idl:
1475         * dom/MessageEvent.idl:
1476         * fileapi/Blob.idl:
1477         * fileapi/FileReader.idl:
1478         * fileapi/FileReaderSync.idl:
1479         * html/DOMURL.idl:
1480         * html/ImageData.idl:
1481         * page/EventSource.idl:
1482         * workers/DedicatedWorkerGlobalScope.idl:
1483         * workers/WorkerGlobalScope.idl:
1484         * workers/WorkerLocation.idl:
1485         * xml/XMLHttpRequest.idl:
1486         * xml/XMLHttpRequestEventTarget.idl:
1487         Use [Exposed] instead of [GlobalContext] to match their respective
1488         specifications.
1489
1490 2016-04-15  Carlos Garcia Campos  <cgarcia@igalia.com>
1491
1492         Selection.deleteFromDocument should not leave a selection character
1493         https://bugs.webkit.org/show_bug.cgi?id=151442
1494
1495         Reviewed by Michael Catanzaro.
1496
1497         This is a merge of Blink r172511:
1498         https://codereview.chromium.org/255453003
1499
1500         Let Selection.deleteFromDocument not delete a character when the
1501         selection is a caret.
1502
1503         Selection.deleteFromDocument delete a character when the selection
1504         is a caret.
1505         However, current standard says that Selection.deleteFromDocument
1506         does nothing when the selection is a caret:
1507         https://dvcs.w3.org/hg/editing/raw-file/tip/editing.html#dom-selection-deletefromdocument
1508         Both IE10 and FireFox seem following the spec.
1509
1510         Test: imported/blink/editing/selection/deleteFromDocument-undo-crash.html
1511
1512         * page/DOMSelection.cpp:
1513         (WebCore::DOMSelection::deleteFromDocument): Deleted.
1514
1515 2016-04-15  Antti Koivisto  <antti@apple.com>
1516
1517         Fix return value nullptr -> false.
1518
1519         * style/StyleSharingResolver.cpp:
1520         (WebCore::Style::SharingResolver::canShareStyleWithElement):
1521
1522 2016-04-14  Antti Koivisto  <antti@apple.com>
1523
1524         AffectsNextSibling style relation marking is inefficient
1525         https://bugs.webkit.org/show_bug.cgi?id=156593
1526
1527         Reviewed by Benjamin Poulain.
1528
1529         We currently add a Style::Relation entry for each sibling to mark. With long sibling lists this can be inefficient
1530         in terms of both memory and speed. Instead make a single entry that includes the sibling count to mark.
1531
1532         * css/SelectorChecker.cpp:
1533         (WebCore::addStyleRelation):
1534
1535             When adding AffectsNextSibling entry check if the last entry in the style relation vector has the
1536             same type and is part of the same sibling chain. If so just update the existing entry.
1537
1538         * cssjit/SelectorCompiler.cpp:
1539         (WebCore::SelectorCompiler::SelectorCodeGenerator::generateAddStyleRelation):
1540
1541             The same thing in hand-crafted macro assembler.
1542
1543         * cssjit/SelectorCompiler.h:
1544
1545             Stop lying about the constness of the CheckingContext.
1546
1547         * style/StyleRelations.cpp:
1548         (WebCore::Style::commitRelations):
1549
1550             Mark as many sibling elements as the value indicates.
1551
1552         * style/StyleRelations.h:
1553         (WebCore::Style::Relation::Relation):
1554
1555             Make element a pointer so we can udpate it.
1556
1557 2016-04-15  Brady Eidson  <beidson@apple.com>
1558
1559         Add the message property to DOMError.
1560         https://bugs.webkit.org/show_bug.cgi?id=139173
1561
1562         Reviewed by Alex Christensen.
1563
1564         No new tests (Updated existing tests).
1565         
1566         Adding this property brings us up to date with other browsers, and will help
1567         test the few web features that still use DOMError.
1568
1569         * Modules/indexeddb/IDBOpenDBRequest.cpp:
1570         (WebCore::IDBOpenDBRequest::onError):
1571         (WebCore::IDBOpenDBRequest::fireErrorAfterVersionChangeCompletion):
1572
1573         * Modules/indexeddb/IDBRequest.cpp:
1574         (WebCore::IDBRequest::uncaughtExceptionInEventHandler):
1575         (WebCore::IDBRequest::onError):
1576
1577         * Modules/indexeddb/IDBTransaction.cpp:
1578         (WebCore::IDBTransaction::didCreateIndexOnServer):
1579
1580         * Modules/mediastream/NavigatorUserMediaError.h:
1581         (WebCore::NavigatorUserMediaError::NavigatorUserMediaError):
1582
1583         * dom/DOMError.cpp:
1584         (WebCore::DOMError::DOMError):
1585
1586         * dom/DOMError.h:
1587         (WebCore::DOMError::create):
1588         (WebCore::DOMError::message):
1589         * dom/DOMError.idl:
1590
1591 2016-04-14  Brent Fulgham  <bfulgham@apple.com>
1592
1593         Make <a download> a runtime enabled option
1594         https://bugs.webkit.org/show_bug.cgi?id=156583
1595         <rdar://problem/25733449>
1596
1597         Reviewed by Alex Christensen.
1598
1599         Mark the download attribute interface as EnabledAtRuntime=DownloadAttribute.
1600         Add DownloadAttribute runtime flag getter and setter.
1601
1602         * bindings/generic/RuntimeEnabledFeatures.h:
1603         (WebCore::RuntimeEnabledFeatures::fetchAPIEnabled):
1604         (WebCore::RuntimeEnabledFeatures::setDownloadAttributeEnabled):
1605         (WebCore::RuntimeEnabledFeatures::downloadAttributeEnabled):
1606         * html/HTMLAnchorElement.cpp:
1607         (WebCore::HTMLAnchorElement::handleClick):
1608         * html/HTMLAnchorElement.idl:
1609
1610 2016-04-14  David Kilzer  <ddkilzer@apple.com>
1611
1612         REGRESSION (r158956): Remove vestigial range code in FileReaderLoader class after removing ENABLE(STREAM)
1613         <http://webkit.org/b/156609>
1614
1615         Reviewed by Brent Fulgham.
1616
1617         This code was left behind when ENABLE(STREAM) was removed in
1618         November 2013.
1619
1620         * fileapi/FileReaderLoader.cpp:
1621         (WebCore::FileReaderLoader::FileReaderLoader): Remove
1622         initializers.
1623         (WebCore::FileReaderLoader::start): Remove code that uses
1624         m_hasRange, which is always false.
1625         (WebCore::FileReaderLoader::didReceiveResponse): Ditto.
1626         * fileapi/FileReaderLoader.h:
1627         (WebCore::FileReaderLoader): Remove unused instance variables.
1628
1629 2016-04-14  Alex Christensen  <achristensen@webkit.org>
1630
1631         Build fix after r199549.
1632         https://bugs.webkit.org/show_bug.cgi?id=156580
1633
1634         * CMakeLists.txt:
1635         * PlatformEfl.cmake:
1636         * PlatformGTK.cmake:
1637         * PlatformWin.cmake:
1638         KillRingNone.cpp is indeed platform-specific. KillRingMac.mm is used instead only on Mac.
1639
1640 2016-04-14  Dean Jackson  <dino@apple.com>
1641
1642         CrashTracer: com.apple.WebKit.WebContent at com.apple.WebCore: WebCore::CachedResource::addClientToSet + 27
1643         https://bugs.webkit.org/show_bug.cgi?id=156602
1644         <rdar://problem/18921091>
1645
1646         Reviewed by Simon Fraser.
1647
1648         The CSS property list-style-image is inherited, so a transition on a parent
1649         might cause a transition on a child. On that child, the value might be between
1650         two generated crossfade images which haven't yet resolved, causing a crash.
1651
1652         Test: transitions/crossfade-transition.html
1653
1654         * css/CSSCrossfadeValue.cpp:
1655         (WebCore::CSSCrossfadeValue::blend): Return null if there are no cached images.
1656         * page/animation/CSSPropertyAnimation.cpp:
1657         (WebCore::blendFunc): If we don't have an actual image to blend between, fall
1658         out to the default case.
1659
1660 2016-04-14  Antonio Gomes  <tonikitoo@webkit.org>
1661
1662         Allow listbox content and scrollbar to intrude padding area.
1663         https://bugs.webkit.org/show_bug.cgi?id=128489
1664
1665         Reviewed by Myles C. Maxfield.
1666
1667         Originally when the RenderListBox::controlClipRect method was implemented (see [1]), it used
1668         to allow its content (<option>'s) to intrude padding to get rendered. Overlay scrollbars were also
1669         allowed to paint over the padding area, if necessary.
1670
1671         [2] changed this behavior to restrict list-box'es content within the content box rect (excluding padding and border).
1672
1673         This had two consequences:
1674         1) it made WebKit disallow list-box' content to intrude the padding area, diverging from other vendors.
1675         like Firefox and Chrome.
1676         2) Since overlay scrollbar might get painted over the padding area, if any, [2] could result
1677         in the scrollbar being clipped out if padding-right is set (or padding-left in case of RTL content).
1678
1679         Patch changed WebKit back so that it allows list-box' content and overlay scrollbars to intrude the
1680         padding area, matching other browsers vendors
1681
1682         [1] https://trac.webkit.org/changeset/18819/trunk/WebCore/rendering/RenderListBox.cpp
1683         [2] https://trac.webkit.org/changeset/19037/trunk/WebCore/rendering/RenderListBox.cpp
1684
1685         Tests: fast/forms/listbox-selection-3.html
1686                fast/forms/listbox-padding-clip-selected.html
1687                fast/forms/listbox-padding-clip-expected-mismatch.html (renamed from listbox-padding-clip-overlay-expected.html)
1688                fast/forms/listbox-padding-clip-overlay-expected-mismatch.html (renamed from listbox-padding-clip-expected.html)
1689
1690         * rendering/RenderListBox.cpp:
1691         (WebCore::RenderListBox::numVisibleItems): changed to allow list-box items to get rendered on the padding-bottom area.
1692         This matches Firefox and Chrome.
1693         (WebCore::RenderListBox::listIndexAtOffset): relax the check for a given list-box item at a specific offset in the vertical axis.
1694         This means if an list-box item has its content painted into the padding-bottom area, it will be actionable by mouse clicking.
1695         This matches Firefox and Chrome.
1696         (WebCore::RenderListBox::controlClipRect): clips list-box content against the padding box rect rather than the content box rect,
1697         to allow its list-box items' content intrude the padding area.
1698         This matches Firefox and Chrome.
1699
1700 2016-04-14  Antti Koivisto  <antti@apple.com>
1701
1702         Collapsed border cache invalidation can lead to O(n^2) during style resolve
1703         https://bugs.webkit.org/show_bug.cgi?id=156570
1704
1705         Reviewed by Darin Adler.
1706
1707         RenderTable::invalidateCollapsedBorders traverses all cells. It is called when table cell border changes.
1708         This can result in O(n^2) during style resolve.
1709
1710         * rendering/RenderTable.cpp:
1711         (WebCore::RenderTable::layout):
1712         (WebCore::RenderTable::invalidateCollapsedBorders):
1713
1714             For cell border style change invalidate the hasEmptyCollapsedBorder bits only for the neighbouring cells.
1715             They are the only ones that can be affected.
1716
1717         * rendering/RenderTable.h:
1718         (WebCore::RenderTable::collapsedBordersAreValid):
1719         (WebCore::RenderTable::collapsedEmptyBorderIsPresent):
1720         (WebCore::RenderTable::currentBorderValue):
1721         * rendering/RenderTableCell.cpp:
1722         (WebCore::RenderTableCell::styleDidChange):
1723
1724 2016-04-14  Manuel Rego Casasnovas  <rego@igalia.com>
1725
1726         [css-grid] Implement CSSGridTemplateAreasValue::equals
1727         https://bugs.webkit.org/show_bug.cgi?id=156578
1728
1729         Reviewed by Darin Adler.
1730
1731         This was causing an infinite loop setting grid-template-areas
1732         from JavaScript.
1733
1734         The reason was that CSSGridTemplateAreasValue needs
1735         an specific implementation of equals() method.
1736
1737         Test: fast/css-grid-layout/grid-template-areas-infinite-loop.html
1738
1739         * css/CSSGridTemplateAreasValue.cpp:
1740         (WebCore::CSSGridTemplateAreasValue::equals):
1741         * css/CSSGridTemplateAreasValue.h:
1742
1743 2016-04-14  Brent Fulgham  <bfulgham@apple.com>
1744
1745         [CMake] Clean up CMake files
1746         https://bugs.webkit.org/show_bug.cgi?id=156580
1747
1748         Reviewed by Alex Christensen.
1749
1750         Revise the various CMake input files to reduce the amount of duplicated file references in
1751         the various ports.
1752
1753         * CMakeLists.txt:
1754         * PlatformAppleWin.cmake:
1755         * PlatformEfl.cmake:
1756         * PlatformGTK.cmake:
1757         * PlatformWin.cmake:
1758         * PlatformWinCairo.cmake:
1759
1760 2016-04-14  Frederic Wang  <fred.wang@free.fr>
1761
1762         RenderMathMLOperator: Add helper function to retrieve italic correction
1763         https://bugs.webkit.org/show_bug.cgi?id=156572
1764
1765         Reviewed by Darin Adler.
1766
1767         No new tests, the helper function will only be used in bug 153918.
1768
1769         * rendering/mathml/RenderMathMLOperator.cpp:
1770         (WebCore::RenderMathMLOperator::italicCorrection): Return the italic correction from the MATH table if it's a large operator.
1771         * rendering/mathml/RenderMathMLOperator.h: Declare italicCorrection.
1772
1773 2016-04-14  Frederic Wang  <fwang@igalia.com>
1774
1775         RenderMathMLOperator: Move glyph measuring helper functions outside the class
1776         https://bugs.webkit.org/show_bug.cgi?id=156571
1777
1778         Reviewed by Darin Adler.
1779
1780         No new tests, this is just a simple refactoring to prepare the patch
1781         for bug 156542, without any behavior change.
1782
1783         * rendering/mathml/RenderMathMLOperator.cpp: MATHML_OPDICT_SIZE was removed in bug 152242, so no need to undef it.
1784         (WebCore::boundsForGlyph): Static inline helper function moved from the RenderMathMLOperator class.
1785         (WebCore::heightForGlyph): Ditto.
1786         (WebCore::advanceWidthForGlyph): Ditto and renamed.
1787         (WebCore::RenderMathMLOperator::computePreferredLogicalWidths): Rename advanceForGlyph.
1788         (WebCore::RenderMathMLOperator::findStretchyData): Ditto.
1789         (WebCore::RenderMathMLOperator::updateStyle): Ditto.
1790         (WebCore::RenderMathMLOperator::paintGlyph): Ditto.
1791         (WebCore::RenderMathMLOperator::paint): Ditto.
1792         (WebCore::RenderMathMLOperator::trailingSpaceError): Ditto.
1793         (WebCore::RenderMathMLOperator::setOperatorProperties): Deleted.
1794         (WebCore::RenderMathMLOperator::boundsForGlyph): Deleted.
1795         (WebCore::RenderMathMLOperator::heightForGlyph): Deleted.
1796         (WebCore::RenderMathMLOperator::advanceForGlyph): Deleted.
1797         * rendering/mathml/RenderMathMLOperator.h:
1798
1799 2016-04-14  Frederic Wang  <fred.wang@free.fr>
1800
1801         Set some RenderMathMLOperator members as final
1802         https://bugs.webkit.org/show_bug.cgi?id=156574
1803
1804         Reviewed by Darin Adler.
1805
1806         No new tests, this is only a simple refactoring without behavior change.
1807
1808         * rendering/mathml/RenderMathMLOperator.h: Replace "override" with "final" for some members.
1809
1810 2016-04-14  Frederic Wang  <fwang@igalia.com>
1811
1812         Ensure that RenderMathMLOperator::stretchTo functions are called with stretchy operators that have the correct direction
1813         https://bugs.webkit.org/show_bug.cgi?id=156542
1814
1815         Reviewed by Darin Adler.
1816
1817         In the RenderMathMLUnderOver refactoring (r199293), we avoided doing a
1818         horizontal stretchTo call for non-stretchy operators. Here we do the
1819         same for RenderMathMLRow and avoid doing a vertical stretchTo call for
1820         horizontal or non-stretchy operators. We also add appropriate ASSERT in
1821         the RenderMathMLOperator::stretchTo functions. To avoid failing tests
1822         with DOM/style update, we make our updates a bit stricter. Hopefully,
1823         we could manage such things better in the future (bug 156536).
1824
1825         Tests: mathml/presentation/row-nonstretchy-or-horizontal.html
1826                mathml/presentation/underover-nonstretchy-or-vertical.html
1827
1828         * mathml/MathMLTextElement.cpp:
1829         (WebCore::MathMLTextElement::parseAttribute): Replace setOperatorFlagAndScheduleLayoutIfNeeded with a stronger rendering update.
1830         Also ensure that this is done when the lspace/rspace attributes change.
1831         This avoids breaking mathml/presentation/mo-lspace-rspace-dynamic.html
1832         * rendering/mathml/RenderMathMLOperator.cpp:
1833         (WebCore::RenderMathMLOperator::stretchTo): Add ASSERT to ensure that it is only called with stretchy operators that have the correct direction.
1834         (WebCore::RenderMathMLOperator::styleDidChange): Do a stronger rendering update when the style changes.
1835         This avoids breaking mathml/presentation/style-changed.html
1836         (WebCore::RenderMathMLOperator::setOperatorFlagAndScheduleLayoutIfNeeded): Deleted.
1837         * rendering/mathml/RenderMathMLOperator.h: Make updateFromElement public so that it can be called from MathMLTextElement::parseAttribute
1838         Remove setOperatorFlagAndScheduleLayoutIfNeeded and declare styleDidChange.
1839         * rendering/mathml/RenderMathMLRow.cpp:
1840         (WebCore::RenderMathMLRow::layoutRowItems): Only call stretchTo for vertical stretchy operators.
1841
1842 2016-04-14  Anders Carlsson  <andersca@apple.com>
1843
1844         When FileInputType::setFiles is called with an empty file list, the last set icon is not cleared
1845         https://bugs.webkit.org/show_bug.cgi?id=156582
1846
1847         Reviewed by Beth Dakin.
1848
1849         * html/FileInputType.cpp:
1850         (WebCore::FileInputType::requestIcon):
1851
1852 2016-04-14  Darin Adler  <darin@apple.com>
1853
1854         Remove UsePointersEvenForNonNullableObjectArguments from Internals
1855         https://bugs.webkit.org/show_bug.cgi?id=156539
1856
1857         Reviewed by Alex Christensen.
1858
1859         * html/HTMLImageElement.idl: Exported this so it can be used as the type for
1860         a function argument in Internals.idl.
1861         * html/HTMLInputElement.idl: Ditto.
1862         * html/HTMLLinkElement.idl: Ditto.
1863         * html/HTMLSelectElement.idl: Ditto.
1864
1865         * testing/Internals.cpp:
1866         (WebCore::InspectorStubFrontend::InspectorStubFrontend): Take a Page&.
1867         (WebCore::Internals::create): Take a Document&.
1868         (WebCore::Internals::resetToConsistentState): Take a Page&.
1869         (WebCore::Internals::Internals): Take a Document&.
1870         (WebCore::Internals::settings): Use nullptr instead of 0.
1871         (WebCore::Internals::address): Take a Node&.
1872         (WebCore::Internals::nodeNeedsStyleRecalc): Take a Node& and no ExceptionCode&.
1873         (WebCore::Internals::styleChangeType): Ditto.
1874         (WebCore::Internals::xhrResponseSource): Take an XMLHttpRequest&.
1875         (WebCore::Internals::isSharingStyleSheetContents): Take two
1876         HTMLLinkElement&.
1877         (WebCore::Internals::isStyleSheetLoadingSubresources): Take an HTMLLinkElement&.
1878         (WebCore::Internals::imageFrameIndex): Take an HTMLImageElement& and no
1879         ExceptionCode&. Also return an unsigned rather than size_t, since the IDL expects
1880         unsigned long, which means unsigned in C++ code.
1881         (WebCore::Internals::treeScopeRootNode): Take a Node& and no ExceptionCode&.
1882         (WebCore::Internals::parentTreeScope): Ditto.
1883         (WebCore::Internals::pauseAnimationAtTimeOnElement): Take an Element&.
1884         (WebCore::Internals::pauseAnimationAtTimeOnPseudoElement): Ditto.
1885         (WebCore::Internals::pauseTransitionAtTimeOnElement): Ditto.
1886         (WebCore::Internals::pauseTransitionAtTimeOnPseudoElement): Ditto.
1887         (WebCore::Internals::attached): Deleted.
1888         (WebCore::Internals::elementRenderTreeAsText): Take an Element&.
1889         (WebCore::Internals::hasPausedImageAnimations): Take an Element& and no
1890         ExceptionCode&.
1891         (WebCore::Internals::computedStyleIncludingVisitedInfo): Take a Node& and no
1892         ExceptionCode&.
1893         (WebCore::Internals::ensureShadowRoot): Take an Element&.
1894         (WebCore::Internals::ensureUserAgentShadowRoot): Take an Element& and no
1895         ExceptionCode&.
1896         (WebCore::Internals::createShadowRoot): Take an Element&.
1897         (WebCore::Internals::shadowRoot): Take an Element& and no ExceptionCode&.
1898         (WebCore::Internals::shadowRootType): Take a Node&.
1899         (WebCore::Internals::includerFor): Deleted.
1900         (WebCore::Internals::shadowPseudoId): Take an Element& and no ExceptionCode&.
1901         (WebCore::Internals::setShadowPseudoId): Ditto.
1902         (WebCore::Internals::visiblePlaceholder): Take an Element&.
1903         (WebCore::Internals::selectColorInColorChooser): Take an HTMLInputElement&.
1904         (WebCore::Internals::boundingBox): Take an Element& and no ExceptionCode&.
1905         (WebCore::Internals::markerCountForNode): Take a Node&.
1906         (WebCore::Internals::markerAt): Ditto.
1907         (WebCore::Internals::markerRangeForNode): Ditto.
1908         (WebCore::Internals::markerDescriptionForNode): Ditto.
1909         (WebCore::Internals::addTextMatchMarker): Take a const Range&.
1910         (WebCore::Internals::setScrollViewPosition): Take int instead of long; long in
1911         IDL means int in C++ code.
1912         (WebCore::Internals::wasLastChangeUserEdit): Take an Element&.
1913         (WebCore::Internals::elementShouldAutoComplete): Take an HTMLInputElement&.
1914         (WebCore::Internals::setEditingValue): Take an HTMLInputElement& and no
1915         ExceptionCode&.
1916         (WebCore::Internals::setAutofilled): Ditto.
1917         (WebCore::Internals::setShowAutoFillButton): Ditto.
1918         (WebCore::Internals::scrollElementToRect): Take an Element& and int instead of long.
1919         (WebCore::Internals::autofillFieldName): Take an Element&.
1920         (WebCore::Internals::rangeFromLocationAndLength): Take an Element& and no ExceptionCode&.
1921         (WebCore::Internals::locationFromRange): Ditto.
1922         (WebCore::Internals::lengthFromRange): Take an Element& and const Range& and no
1923         ExceptionCode&.
1924         (WebCore::Internals::rangeAsText): Take const Range& an no ExceptionCode&.
1925         (WebCore::Internals::subrange): Take Range& an no ExceptionCode&.
1926         (WebCore::Internals::nodesFromRect): Take a Document&.
1927         (WebCore::Internals::openDummyInspectorFrontend): Ditto.
1928         (WebCore::Internals::layerTreeAsText): Take an Element&.
1929         (WebCore::Internals::setElementUsesDisplayListDrawing): Ditto.
1930         (WebCore::Internals::setElementTracksDisplayListReplay): Ditto.
1931         (WebCore::Internals::displayListForElement): Ditto.
1932         (WebCore::Internals::replayDisplayListForElement): Ditto.
1933         (WebCore::Internals::counterValue): Ditto.
1934         (WebCore::Internals::pageNumber): Ditto.
1935         (WebCore::Internals::webkitWillEnterFullScreenForElement): Ditto.
1936         (WebCore::Internals::webkitDidEnterFullScreenForElement): Ditto.
1937         (WebCore::Internals::webkitWillExitFullScreenForElement): Ditto.
1938         (WebCore::Internals::webkitDidExitFullScreenForElement): Ditto.
1939         (WebCore::Internals::layerFlushCount): Return unsigned instead of unsigned long.
1940         IDL unsigned long means unsigned in C++ code.
1941         (WebCore::Internals::styleRecalcCount): Ditto.
1942         (WebCore::Internals::compositingUpdateCount): Ditto.
1943         (WebCore::Internals::deserializeBuffer): Take an ArrayBuffer&.
1944         (WebCore::Internals::markerTextForListItem): Take an Element& and no ExceptionCode&.
1945         (WebCore::Internals::toolTipFromElement): Ditto.
1946         (WebCore::Internals::getImageSourceURL): Ditto.
1947         (WebCore::Internals::simulateAudioInterruption): Take an HTMLMediaElement&.
1948         (WebCore::Internals::mediaElementHasCharacteristic): Ditto.
1949         (WebCore::Internals::isSelectPopupVisible): Take an HTMLSelectElement&.
1950         (WebCore::Internals::closestTimeToTimeRanges): Take a TimeRange&.
1951         (WebCore::Internals::isPluginUnavailabilityIndicatorObscured): Take an Element&.
1952         (WebCore::Internals::isPluginSnapshotted): Take an Element& and no ExceptionCode&.
1953         (WebCore::Internals::bufferedSamplesForTrackID): Take a SourceBuffer&.
1954         (WebCore::Internals::setShouldGenerateTimestamps): Ditto.
1955         (WebCore::Internals::setMediaElementRestrictions): Take an HTMLMediaElement&.
1956         (WebCore::Internals::elementIsBlockingDisplaySleep): Take an HTMLMediaElement&.
1957         (WebCore::Internals::setAudioContextRestrictions): Take an AudioContext&.
1958         (WebCore::Internals::scrollSnapOffsets): Take an Element&.
1959         (WebCore::Internals::getCurrentMediaControlsStatusForElement): Take an HTMLMediaElement&.
1960         (WebCore::Internals::userVisibleString): Take a const DOMURL&.
1961         (WebCore::Internals::composedTreeAsText): Take a Node&.
1962
1963         * testing/Internals.h: Update for all the changes listed above.
1964
1965         * testing/Internals.idl: Removed UsePointersEvenForNonNullableObjectArguments. Removed
1966         many unneeded [RaisesException]. Used more specific types for many arguments. Removed
1967         unused, and unimplemented, attached and includedFor functions. Made the node argument to
1968         updateLayoutIgnorePendingStylesheetsAndRunPostLayoutTasks nullable as well as optional.
1969
1970         * testing/Internals.mm:
1971         (WebCore::Internals::userVisibleString): Take a const DOMURL&.
1972
1973         * testing/js/WebCoreTestSupport.cpp:
1974         (WebCoreTestSupport::injectInternalsObject): Pass a Document& rather than a Document*.
1975         (WebCoreTestSupport::resetInternalsObject): Pass a Page& rather than a Page*.
1976
1977 2016-04-14  Daniel Bates  <dabates@apple.com>
1978
1979         CSP: Ignore report-only policy delivered via meta element
1980         https://bugs.webkit.org/show_bug.cgi?id=156565
1981         <rdar://problem/25718167>
1982
1983         Reviewed by Brent Fulgham.
1984
1985         Only honor a report-only policy delivered via the HTTP header Content-Security-Policy-Report-Only
1986         or X-WebKit-CSP-Report-Only as per section Content-Security-Policy-Report-Only Header Field of 
1987         the Content Security Policy Level 2 spec., <https://w3c.github.io/webappsec-csp/2/> (Editor's Draft, 29 August 2015).
1988
1989         Currently we honor a report-only policy delivered via a meta element or an HTTP header. Instead
1990         we should only honor such a policy when delivered via an HTTP header.
1991
1992         Tests: http/tests/security/contentSecurityPolicy/1.1/reportonly-in-meta-ignored2.html
1993                http/tests/security/contentSecurityPolicy/eval-allowed-in-report-only-mode-and-sends-report.php
1994                http/tests/security/contentSecurityPolicy/eval-allowed-in-report-only-mode.php
1995                http/tests/security/contentSecurityPolicy/report-multiple-violations-01.php
1996                http/tests/security/contentSecurityPolicy/report-multiple-violations-02.php
1997                http/tests/security/contentSecurityPolicy/report-only-report-uri-missing.php
1998
1999         * dom/Document.cpp:
2000         (WebCore::Document::processHttpEquiv): Do not process policy for HTTP equivalent header
2001         Content-Security-Policy-Report-Only and X-WebKit-CSP-Report-Only.
2002
2003 2016-04-14  Antoine Quint  <graouts@apple.com>
2004
2005         Dashboard is spelled as Dashbard in several source files
2006         https://bugs.webkit.org/show_bug.cgi?id=156577
2007
2008         Reviewed by Eric Carlson.
2009
2010         * html/HTMLCanvasElement.cpp:
2011         (WebCore::HTMLCanvasElement::getContext):
2012         * html/canvas/CanvasGradient.cpp:
2013         (WebCore::CanvasGradient::CanvasGradient):
2014         (WebCore::CanvasGradient::addColorStop):
2015         * html/canvas/CanvasGradient.h:
2016         (WebCore::CanvasGradient::setDashboardCompatibilityMode):
2017
2018 2016-04-14  Antoine Quint  <graouts@apple.com>
2019
2020         WebGL based canvases composite incorrectly after changing size
2021         https://bugs.webkit.org/show_bug.cgi?id=152556
2022         <rdar://problem/24012678>
2023
2024         Reviewed by Dean Jackson.
2025
2026         On iOS, we use the CAEAGLLayer's bounds to set the size of the backing store.
2027         However, that layer's bounds is also used to size the layer during layout. If
2028         the canvas backing store is resized after layout has been performed, the call
2029         to setBounds loses the layout value and the <canvas> element is incorrectly
2030         sized on screen.
2031
2032         To address this, when updating the backing store, we keep track of the previous
2033         layer bounds so we can reset it after we sized the backing store.
2034
2035         Test: webgl/webgl-backing-store-size-update.html
2036
2037         * platform/graphics/GraphicsContext3D.h:
2038         * platform/graphics/mac/GraphicsContext3DMac.mm:
2039         (WebCore::GraphicsContext3D::setRenderbufferStorageFromDrawable):
2040
2041 2016-04-13  Carlos Garcia Campos  <cgarcia@igalia.com>
2042
2043         Unreviewed. Fix GObject DOM bindings API break after r199392.
2044
2045         Since r199392 webkit_dom_attr_set_value() no longer raises exceptions, but we need to keep the GError parameter
2046         to keep backwards compatibility.
2047
2048         * bindings/scripts/CodeGeneratorGObject.pm:
2049         (FunctionUsedToRaiseException):
2050
2051 2016-04-13  Daniel Bates  <dabates@apple.com>
2052
2053         CSP: Nested browsing context created for <object> or <embed> should respect object-src directive
2054         https://bugs.webkit.org/show_bug.cgi?id=156563
2055         <rdar://problem/25715713>
2056
2057         Reviewed by Darin Adler.
2058
2059         As per section object-src of the Content Security Policy Level 2 spec.,
2060         <https://w3c.github.io/webappsec-csp/2/> (Editor's Draft, 29 August 2015), a nested browsing
2061         context created for an HTML object or HTML embed element should respect the object-src directive.
2062
2063         Currently a nested browsing context created for an HTML object or HTML embed element respects
2064         the child-src directive or frame-src directive (in that order). Instead such nested browsing
2065         contexts should respect the object-src directive.
2066
2067         Tests: http/tests/security/contentSecurityPolicy/object-src-allows-embed-blocked-by-child-src.html
2068                http/tests/security/contentSecurityPolicy/object-src-allows-embed-blocked-by-frame-src.html
2069                http/tests/security/contentSecurityPolicy/object-src-allows-object-blocked-by-child-src.html
2070                http/tests/security/contentSecurityPolicy/object-src-allows-object-blocked-by-frame-src.html
2071                http/tests/security/contentSecurityPolicy/object-src-blocks-embed-allowed-by-child-src.html
2072                http/tests/security/contentSecurityPolicy/object-src-blocks-embed-allowed-by-frame-src.html
2073                http/tests/security/contentSecurityPolicy/object-src-blocks-object-allowed-by-child-src.html
2074                http/tests/security/contentSecurityPolicy/object-src-blocks-object-allowed-by-frame-src.html
2075
2076         * loader/PolicyChecker.cpp:
2077         (WebCore::isAllowedByContentSecurityPolicy): Added. Checks whether the specified URL is allowed by the
2078         object-src or the child-src/frame-src directive for a plugin element and non-plugin element, respectively.
2079         (WebCore::PolicyChecker::checkNavigationPolicy): Modified to call isAllowedByContentSecurityPolicy().
2080
2081 2016-04-13  Daniel Bates  <dabates@apple.com>
2082
2083         CSP: Remove experimental directive reflected-xss
2084         https://bugs.webkit.org/show_bug.cgi?id=156554
2085
2086         Reviewed by Brent Fulgham.
2087
2088         The Content Security Policy directive reflected-xss was removed from the Content Security
2089         Policy Level 2 spec., <https://w3c.github.io/webappsec-csp/2/> (Editor's Draft, 29 August 2015).
2090         This directive was considered experimental and was guarded by a run-time flag that was never
2091         enabled by default. We should remove support for this directive.
2092
2093         * html/parser/XSSAuditor.cpp:
2094         (WebCore::XSSAuditor::XSSAuditor): Initialize m_xssProtection to XSSProtectionDisposition::Enabled.
2095         (WebCore::XSSAuditor::init): Write logic in terms of enum class XSSProtectionDisposition.
2096         (WebCore::XSSAuditor::filterToken): Ditto.
2097         (WebCore::combineXSSProtectionHeaderAndCSP): Deleted.
2098         * html/parser/XSSAuditor.h: Change data type of m_xssProtection from ContentSecurityPolicy::ReflectedXSSDisposition
2099         to XSSProtectionDisposition.
2100         * html/parser/XSSAuditorDelegate.cpp: Ditto.
2101         (WebCore::buildConsoleError): Remove logic to emit a remarks in the console error when a XSS is
2102         blocked because of the directive reflected-xss. Also substituted "because" for "as" in the remark
2103         added to the error message when the XSS Auditor is enabled because the server did not send HTTP
2104         header X-XSS-Protection.
2105         * html/parser/XSSAuditorDelegate.h:
2106         (WebCore::XSSInfo::XSSInfo): Removed argument didSendCSPHeader as we are removing support for the
2107         directive reflected-xss.
2108         * page/csp/ContentSecurityPolicy.cpp:
2109         (WebCore::ContentSecurityPolicy::reflectedXSSDisposition): Deleted.
2110         (WebCore::ContentSecurityPolicy::reportInvalidReflectedXSS): Deleted.
2111         * page/csp/ContentSecurityPolicy.h:
2112         * page/csp/ContentSecurityPolicyDirectiveList.cpp:
2113         (WebCore::ContentSecurityPolicyDirectiveList::ContentSecurityPolicyDirectiveList): Remove initialization
2114         of m_reflectedXSSDisposition as we are removing support for the directive reflected-xss.
2115         (WebCore::ContentSecurityPolicyDirectiveList::parseReflectedXSS): Deleted.
2116         (WebCore::ContentSecurityPolicyDirectiveList::addDirective): Remove logic to parse directive reflected-xss.
2117         * page/csp/ContentSecurityPolicyDirectiveList.h:
2118         (WebCore::ContentSecurityPolicyDirectiveList::reflectedXSSDisposition): Deleted.
2119         * page/csp/ContentSecurityPolicyDirectiveNames.cpp:
2120         * page/csp/ContentSecurityPolicyDirectiveNames.h:
2121         * page/csp/ContentSecurityPolicySourceList.cpp:
2122         (WebCore::isCSPDirectiveName):
2123         (WebCore::isExperimentalDirectiveName): Deleted.
2124         * platform/network/HTTPParsers.cpp:
2125         (WebCore::parseXSSProtectionHeader): Write it terms of enum class XSSProtectionDisposition.
2126         * platform/network/HTTPParsers.h: Define enum class XSSProtectionDisposition. Change return type
2127         of parseXSSProtectionHeader() from ContentSecurityPolicy::ReflectedXSSDisposition to XSSProtectionDisposition
2128         as we are removing the former.
2129
2130 2016-04-13  Brady Eidson  <beidson@apple.com>
2131
2132         Modern IDB (Blob support): Support retrieving Blobs from IDB.
2133         https://bugs.webkit.org/show_bug.cgi?id=156367
2134
2135         Reviewed by Alex Christensen.
2136
2137         No new tests (No testable change in behavior yet, current tests pass).
2138
2139         This patch does the following:
2140         - Pulls BlobURLs and stored filenames out of IDB whenever an IDB record is fetched.
2141         - Adds those URLs and filenames to IDBValue.
2142         - Uses IDBValue in more places instead of SharedBuffer/ThreadSafeBuffer.
2143         - Teaches SerializedScriptValue, Blob, and File how to read the URLs and filenames when they exist.
2144         - Teaches the Blob registry to register a new type of Blob that is not a "File" but is backed by one.
2145
2146         * Modules/indexeddb/IDBCursor.cpp:
2147         (WebCore::IDBCursor::setGetResult):
2148         
2149         * Modules/indexeddb/IDBGetResult.h:
2150         (WebCore::IDBGetResult::IDBGetResult):
2151         
2152         * Modules/indexeddb/IDBRequest.cpp:
2153         (WebCore::IDBRequest::setResultToStructuredClone):
2154         * Modules/indexeddb/IDBRequest.h:
2155         
2156         * Modules/indexeddb/IDBTransaction.cpp:
2157         (WebCore::IDBTransaction::didGetRecordOnServer):
2158         
2159         * Modules/indexeddb/IDBValue.cpp:
2160         (WebCore::IDBValue::IDBValue):
2161         * Modules/indexeddb/IDBValue.h:
2162         
2163         * Modules/indexeddb/server/MemoryIndexCursor.cpp:
2164         (WebCore::IDBServer::MemoryIndexCursor::currentData):
2165         
2166         * Modules/indexeddb/server/MemoryObjectStoreCursor.cpp:
2167         (WebCore::IDBServer::MemoryObjectStoreCursor::currentData):
2168         
2169         * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
2170         (WebCore::IDBServer::SQLiteIDBBackingStore::createIndex):
2171         (WebCore::IDBServer::SQLiteIDBBackingStore::getBlobRecordsForObjectStoreRecord):
2172         (WebCore::IDBServer::SQLiteIDBBackingStore::getRecord):
2173         (WebCore::IDBServer::SQLiteIDBBackingStore::getIndexRecord):
2174         * Modules/indexeddb/server/SQLiteIDBBackingStore.h:
2175         
2176         * Modules/indexeddb/server/SQLiteIDBCursor.cpp:
2177         (WebCore::IDBServer::SQLiteIDBCursor::currentData):
2178         (WebCore::IDBServer::SQLiteIDBCursor::internalAdvanceOnce):
2179         * Modules/indexeddb/server/SQLiteIDBCursor.h:
2180         (WebCore::IDBServer::SQLiteIDBCursor::currentValue):
2181         (WebCore::IDBServer::SQLiteIDBCursor::currentValueBuffer): Deleted.
2182         
2183         * Modules/indexeddb/server/SQLiteIDBTransaction.h:
2184         (WebCore::IDBServer::SQLiteIDBTransaction::backingStore):
2185         
2186         * Modules/websockets/WorkerThreadableWebSocketChannel.cpp:
2187         (WebCore::WorkerThreadableWebSocketChannel::Bridge::send):
2188         
2189         * bindings/js/IDBBindingUtilities.cpp:
2190         (WebCore::deserializeIDBValueDataToJSValue):
2191         (WebCore::deserializeIDBValueData):
2192         (WebCore::deserializeIDBValue):
2193         * bindings/js/IDBBindingUtilities.h:
2194         
2195         * bindings/js/SerializedScriptValue.cpp:
2196         (WebCore::CloneDeserializer::deserialize):
2197         (WebCore::CloneDeserializer::CloneDeserializer):
2198         (WebCore::CloneDeserializer::readFile):
2199         (WebCore::CloneDeserializer::readTerminal):
2200         (WebCore::CloneDeserializer::blobFilePathForBlobURL):
2201         (WebCore::SerializedScriptValue::deserialize):
2202         * bindings/js/SerializedScriptValue.h:
2203
2204         * fileapi/Blob.cpp:
2205         (WebCore::Blob::Blob):
2206         * fileapi/Blob.h:
2207         (WebCore::Blob::deserialize):
2208
2209         * fileapi/File.cpp:
2210         (WebCore::File::File):
2211
2212         * fileapi/ThreadableBlobRegistry.cpp:
2213         (WebCore::threadableQueue):
2214         (WebCore::ThreadableBlobRegistry::registerBlobURLOptionallyFileBacked):
2215         * fileapi/ThreadableBlobRegistry.h:
2216
2217         * platform/CrossThreadTask.h:
2218         (WebCore::createCrossThreadTask):
2219
2220         * platform/network/BlobRegistry.h:
2221
2222         * platform/network/BlobRegistryImpl.cpp:
2223         (WebCore::BlobRegistryImpl::registerBlobURL):
2224         (WebCore::BlobRegistryImpl::registerBlobURLOptionallyFileBacked):
2225         * platform/network/BlobRegistryImpl.h:
2226
2227 2016-04-13  Zalan Bujtas  <zalan@apple.com>
2228
2229         Text on compositing layer with negative letter-spacing is truncated.
2230         https://bugs.webkit.org/show_bug.cgi?id=156550
2231         <rdar://problem/24212140>
2232
2233         Reviewed by Antti Koivisto.
2234
2235         Negative letter-spacing affects the right edge of content's visual overflow (for both RTL and LTR).
2236         This is similar to how normal line layout adjusts it at InlineFlowBox::addTextBoxVisualOverflow().
2237
2238         Test: fast/text/negative-letter-spacing-visual-overflow.html
2239
2240         * rendering/SimpleLineLayoutFunctions.cpp:
2241         (WebCore::SimpleLineLayout::computeOverflow):
2242         (WebCore::SimpleLineLayout::paintFlow):
2243         (WebCore::SimpleLineLayout::collectFlowOverflow):
2244
2245 2016-04-13  Eric Carlson  <eric.carlson@apple.com>
2246
2247         [iOS] remote command should be considered user events
2248         https://bugs.webkit.org/show_bug.cgi?id=156546
2249         <rdar://problem/25560877>
2250
2251         Reviewed by Jer Noble.
2252
2253         Test: media/remote-control-command-is-user-gesture.html
2254
2255         * html/HTMLMediaElement.cpp:
2256         (WebCore::HTMLMediaElement::didReceiveRemoteControlCommand): Increment/decrement 
2257           m_processingRemoteControlCommand around calling remote command method.
2258         (WebCore::HTMLMediaElement::processingUserGesture): Return true if called while handling
2259           a remote control command.
2260         * html/HTMLMediaElement.h:
2261
2262 2016-04-13  Antonio Gomes  <tonikitoo@webkit.org>
2263
2264         Non-resizable text field looks resizable
2265         https://bugs.webkit.org/show_bug.cgi?id=152271
2266
2267         Reviewed by Darin Adler.
2268
2269         The 'resizability' of an HTML element is controlled by its 'resize' CSS property value.
2270         By default it is 'none', but certain HTML elements, including <textarea>, have it
2271         set to 'both' by default (defined in html.css). These values mean no resize at all, and
2272         resizable in both vertical and horizontal axis, respectively.
2273         Additionally, 'vertical' and 'horizontal' values are also valid.
2274
2275         Problem here is that the way WebKit handles the 'resize' property on single line
2276         input elements (e.g. <input>) is different than other engines (read Gecko, Blink and Presto):
2277
2278         - Match: WebKit, Firefox, Presto and Blink all force single line input elements to be non-resizable,
2279         regardless of either the 'resize' properly is set or not.
2280
2281         - Mismatch: WebKit is the only engine that actually paints the resize control on single line
2282         input elements, even it having no effect.
2283
2284         On WebKit, this happens because the 'resize' property is wrongly implemented as 'inheritable',
2285         differently from other engines. In the way WebKit contructs its RenderTree, 'resize' property
2286         ends up spilling out of <input> and entering its shadow representation, carrying the 'resize'
2287         property on.
2288
2289         Patch fixes this by making the 'resize' properly be non-inherited, matching other vendors
2290         and the spec [1].
2291
2292         [1] https://drafts.csswg.org/css-ui/#resize
2293
2294         Tests: fast/css/resize-not-inherited.html
2295                fast/css/resize-single-line-input-no-paint.html
2296
2297         * rendering/style/RenderStyle.h:
2298         * rendering/style/StyleRareInheritedData.cpp:
2299         (WebCore::StyleRareInheritedData::StyleRareInheritedData):
2300         (WebCore::StyleRareInheritedData::operator==):
2301         * rendering/style/StyleRareInheritedData.h:
2302         * rendering/style/StyleRareNonInheritedData.cpp:
2303         (WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData):
2304         (WebCore::StyleRareNonInheritedData::operator==):
2305         * rendering/style/StyleRareNonInheritedData.h:
2306
2307 2016-04-13  Darin Adler  <darin@apple.com>
2308
2309         Remove UsePointersEvenForNonNullableObjectArguments from DataTransfer
2310         https://bugs.webkit.org/show_bug.cgi?id=156495
2311
2312         Reviewed by Chris Dumez.
2313
2314         * dom/DataTransfer.idl: Removed UsePointersEvenForNonNullableObjectArguments
2315         and marked the element argument to setDragImage as nullable.
2316
2317 2016-04-13  Brady Eidson  <beidson@apple.com>
2318
2319         Modern IDB (Blob support): Support deleting stored blob files.
2320         https://bugs.webkit.org/show_bug.cgi?id=156523
2321
2322         Reviewed by Alex Christensen.
2323
2324         No new tests (No testable change in behavior yet, current tests pass).
2325
2326         There's 3 points in time when we need to delete blob files (and records of them):
2327         1 - When deleting a specific object store record.
2328         2 - When deleting an entire object store.
2329         3 - When deleting a whole database.
2330         
2331         This patch does those three things.
2332
2333         * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
2334         (WebCore::IDBServer::SQLiteIDBBackingStore::deleteObjectStore):
2335         (WebCore::IDBServer::SQLiteIDBBackingStore::deleteUnusedBlobFileRecords):
2336         (WebCore::IDBServer::SQLiteIDBBackingStore::deleteRecord):
2337         (WebCore::IDBServer::SQLiteIDBBackingStore::addRecord):
2338         (WebCore::IDBServer::SQLiteIDBBackingStore::getRecord):
2339         (WebCore::IDBServer::SQLiteIDBBackingStore::deleteBackingStore):
2340         * Modules/indexeddb/server/SQLiteIDBBackingStore.h:
2341
2342         * Modules/indexeddb/server/SQLiteIDBTransaction.cpp:
2343         (WebCore::IDBServer::SQLiteIDBTransaction::commit):
2344         (WebCore::IDBServer::SQLiteIDBTransaction::deleteBlobFilesIfNecessary):
2345         (WebCore::IDBServer::SQLiteIDBTransaction::addRemovedBlobFile):
2346         * Modules/indexeddb/server/SQLiteIDBTransaction.h:
2347
2348 2016-04-13  Frederic Wang  <fwang@igalia.com>
2349
2350         Fix two coding mistakes in MathMLInlineContainerElement::childrenChanged
2351         https://bugs.webkit.org/show_bug.cgi?id=156538
2352
2353         Reviewed by Darin Adler.
2354
2355         We fix the call to updateOperatorProperties inside MathMLInlineContainerElement::childrenChanged
2356         for the <math> and <msqrt> tags.
2357
2358         The <math> tag is already a RenderMathMLRow so the hasTagName(mathTag)
2359         conditional is never executed. The tag does not create any anonymous
2360         wrapper so we do not need a special case for it anyway.
2361
2362         The <msqrt> tag is not a RenderMathMLRow (yet). However, the anonymous
2363         wrapper behaving as a RenderMathMLRow is actually the last child, not
2364         the first one.
2365
2366         No new tests, this is already covered by mathml/presentation/mo-form-dynamic.html
2367         Note that for some reason the coding error for <msqrt> only shows up
2368         after the refactoring of bug 152244.
2369
2370         * mathml/MathMLInlineContainerElement.cpp:
2371         (WebCore::MathMLInlineContainerElement::childrenChanged): Fix the two mistakes and add some FIXME comments.
2372
2373 2016-04-12  Chris Dumez  <cdumez@apple.com>
2374
2375         Attr.value should not be nullable
2376         https://bugs.webkit.org/show_bug.cgi?id=156515
2377
2378         Reviewed by Benjamin Poulain.
2379
2380         Update Attr.value so that it is no longer nullable, as per:
2381         https://dom.spec.whatwg.org/#interface-attr
2382
2383         This aligns our behavior with Firefox and Chrome as well.
2384
2385         Test: fast/dom/Attr/value-not-nullable.html
2386
2387         * dom/Attr.cpp:
2388         (WebCore::Attr::setValueForBindings):
2389         (WebCore::Attr::setNodeValue):
2390         (WebCore::Attr::setValue):
2391         * dom/Attr.h:
2392         * dom/Attr.idl:
2393
2394 2016-04-12  Konstantin Tokarev  <annulen@yandex.ru>
2395
2396         Fixed uninitialization of Node::DataUnion with GCC 4.8.
2397         https://bugs.webkit.org/show_bug.cgi?id=156507
2398
2399         Reviewed by Michael Catanzaro.
2400
2401         This change fixes run time crashes caused by access to uninitialized
2402         memory in Node::renderer().
2403
2404         No new tests needed.
2405
2406         * dom/Node.h:
2407
2408 2016-04-12  Eric Carlson  <eric.carlson@apple.com>
2409
2410         [iOS] do not exit AirPlay when the screen locks
2411         https://bugs.webkit.org/show_bug.cgi?id=156502
2412         <rdar://problem/24616592>
2413
2414         Reviewed by Jer Noble.
2415
2416         * html/HTMLMediaElement.cpp:
2417         (WebCore::HTMLMediaElement::shouldOverrideBackgroundPlaybackRestriction): Add logging.
2418         (WebCore::HTMLMediaElement::purgeBufferedDataIfPossible): Don't tell the media engine to purge 
2419           data if it is playing to a wireless target because that will drop the connection.
2420
2421         * html/MediaElementSession.cpp:
2422         (WebCore::MediaElementSession::playbackPermitted): Add logging.
2423         (WebCore::MediaElementSession::canPlayToWirelessPlaybackTarget): Drive by fix: iOS doesn't 
2424           have an explicit playbackTarget, don't test for it.
2425         (WebCore::MediaElementSession::isPlayingToWirelessPlaybackTarget): Ditto.
2426
2427 2016-04-12  Gavin Barraclough  <barraclough@apple.com>
2428
2429         WebKit should adopt journal_mode=wal for all SQLite databases.
2430         https://bugs.webkit.org/show_bug.cgi?id=133496
2431
2432         Rubber stamped by Chris Dumez.
2433
2434         Temporarily disable on iOS - this broke a test.
2435         (storage/websql/alter-to-info-table.html)
2436
2437         * platform/sql/SQLiteDatabase.cpp:
2438         (WebCore::SQLiteDatabase::open):
2439
2440 2016-04-12  Joseph Pecoraro  <pecoraro@apple.com>
2441
2442         Web Inspector: Keyboard shortcut for "Inspect Element" only works when Web Inspector is open.
2443         https://bugs.webkit.org/show_bug.cgi?id=111193
2444         <rdar://problem/13325889>
2445
2446         Reviewed by Timothy Hatcher.
2447
2448         * inspector/InspectorClient.h:
2449         (WebCore::InspectorClient::elementSelectionChanged):
2450         * inspector/InspectorDOMAgent.cpp:
2451         (WebCore::InspectorDOMAgent::setSearchingForNode):
2452         Inform the client when element selection changes.
2453
2454 2016-04-12  Chris Dumez  <cdumez@apple.com>
2455
2456         Regression(r199360): assertion hit in Element::fastGetAttribute()
2457         https://bugs.webkit.org/show_bug.cgi?id=156509
2458
2459         Reviewed by Ryosuke Niwa.
2460
2461         Stop using fastGetAttribute() / setAttributeWithoutSynchronization()
2462         given that DOMTokenList is used for the class attribute and we need
2463         to synchronize in this case.
2464
2465         No new tests, already covered by existing tests.
2466
2467         * html/DOMTokenList.cpp:
2468         (WebCore::DOMTokenList::updateAssociatedAttributeFromTokens):
2469         (WebCore::DOMTokenList::tokens):
2470
2471 2016-04-12  Myles C. Maxfield  <mmaxfield@apple.com>
2472
2473         [RTL Scrollbars] Overlay scrollbars push contents inwards
2474         https://bugs.webkit.org/show_bug.cgi?id=156225
2475         <rdar://problem/25137040>
2476
2477         Reviewed by Darin Adler.
2478
2479         The contents should be pushed in by the occupied width of the
2480         scrollbar, which is 0 for overlay scrollbars.
2481
2482         Test: fast/scrolling/rtl-scrollbars-overlay-no-push-contents.html
2483
2484         * rendering/RenderLayer.cpp:
2485         (WebCore::RenderLayer::computeScrollDimensions):
2486
2487 2016-04-12  Myles C. Maxfield  <mmaxfield@apple.com>
2488
2489         [OS X] Flakey crash after ScrollAnimatorMac destruction
2490         https://bugs.webkit.org/show_bug.cgi?id=156372
2491
2492         Reviewed by Darin Adler.
2493
2494         Previously, we were disabling the mock scrollbars using JavaScript after
2495         the WebView was created. However, enabling these mock scrollbars can be
2496         triggered with a bit of state inside the WebPreferences object, which
2497         means WebKit clients can change it at any point. DumpRenderTree is doing
2498         this during the document's lifetime.
2499
2500         This means that the creation of the Scrollbar objects saw a non-mock
2501         ScrollbarTheme, but the destruction of the Scrollbar objects saw a mock
2502         ScrollbarTheme. Therefore, the non-mock ScrollbarTheme doesn't get
2503         cleaned up correctly (ScrollAnimatorMac::willRemoveVerticalScrollbar()
2504         returns early because it sees that there is nothing to deregister
2505         due to the ScrollbarTheme being mocked).
2506
2507         This cleanup is necessary because it sets the NSScrollerImp's delegate
2508         to nil before the NSScrollerImpDelegate gets destroyed. Because the
2509         cleanup wasn't happening, the delegate pointer wasn't getting set to
2510         nil, so the pointer was dangling, and AppKit was following it and
2511         crashing.
2512
2513         Because the clients of this bit of state can change it at any time,
2514         it is incorrect to change it in JavaScript. Instead, the client must
2515         manage this bit of state (so the client and the web process are always
2516         in sync). Therefore, the correct way to set this bit of state must be
2517         done in the test runner rather than Javascript internals. The mechanism
2518         we have to do that is the <!-- webkit-test-runner --> comment at the
2519         beginning of the test. This patch migrates to this mechanism and removes
2520         the old internals method.
2521
2522         Test: fast/scrolling/rtl-scrollbars-animation-property.html
2523
2524         * page/Settings.cpp:
2525         * testing/Internals.cpp:
2526         (WebCore::Internals::setMockScrollbarsEnabled): Deleted.
2527         * testing/Internals.h:
2528         * testing/Internals.idl:
2529
2530 2016-04-12  Darin Adler  <darin@apple.com>
2531
2532         Remove UsePointersEvenForNonNullableObjectArguments from SVG lists
2533         https://bugs.webkit.org/show_bug.cgi?id=156494
2534
2535         Reviewed by Chris Dumez.
2536
2537         * bindings/scripts/CodeGenerator.pm:
2538         (ShouldPassWrapperByReference): For now, don't do this for any tear-off classes.
2539         This includes the items stored in most SVG list classes.
2540
2541         * svg/SVGLengthList.idl: Removed UsePointersEvenForNonNullableObjectArguments.
2542         * svg/SVGNumberList.idl: Ditto.
2543         * svg/SVGPointList.idl: Ditto.
2544         * svg/SVGTransformList.idl: Ditto.
2545
2546         * svg/SVGPathSegList.idl: Removed UsePointersEvenForNonNullableObjectArguments.
2547         Marked the arguments nullable, and added FIXMEs about returning later since they
2548         don't really need to be nullable. But fixing this requires some reworking of the
2549         SVG list template and it's not urgent at this time. Preserves behavior where we
2550         get an exception when passing null, it's just an SVG exception instead of TypeError.
2551
2552 2016-04-12  Chris Dumez  <cdumez@apple.com>
2553
2554         Lazily update tokens in DOMTokenList when the associated attribute value changes
2555         https://bugs.webkit.org/show_bug.cgi?id=156474
2556
2557         Reviewed by Ryosuke Niwa.
2558
2559         Lazily update tokens in DOMTokenList when the associated attribute value
2560         changes for performance. Constructing the sanitized vector of tokens
2561         every time the associated Element attribute changes is too expensive.
2562         Instead, we mark the vector as dirty whenever the attribute changes, and
2563         we only construct the sanitized vector when it is actually required.
2564
2565         Also do some renaming for clarity.
2566
2567         There is no web-exposed behavior change.
2568
2569         * dom/Element.cpp:
2570         (WebCore::Element::classAttributeChanged):
2571         * html/DOMTokenList.cpp:
2572         (WebCore::DOMTokenList::contains):
2573         (WebCore::DOMTokenList::addInternal):
2574         (WebCore::DOMTokenList::removeInternal):
2575         (WebCore::DOMTokenList::toggle):
2576         (WebCore::DOMTokenList::value):
2577         (WebCore::DOMTokenList::setValue):
2578         (WebCore::DOMTokenList::updateTokensFromAttributeValue):
2579         (WebCore::DOMTokenList::associatedAttributeValueChanged):
2580         (WebCore::DOMTokenList::updateAssociatedAttributeFromTokens):
2581         (WebCore::DOMTokenList::tokens):
2582         (WebCore::DOMTokenList::DOMTokenList): Deleted.
2583         * html/DOMTokenList.h:
2584         (WebCore::DOMTokenList::tokens):
2585         (WebCore::DOMTokenList::length):
2586         (WebCore::DOMTokenList::item):
2587         * html/HTMLAnchorElement.cpp:
2588         (WebCore::HTMLAnchorElement::parseAttribute):
2589         * html/HTMLIFrameElement.cpp:
2590         (WebCore::HTMLIFrameElement::parseAttribute):
2591         * html/HTMLLinkElement.cpp:
2592         (WebCore::HTMLLinkElement::parseAttribute):
2593         * html/HTMLOutputElement.cpp:
2594         (WebCore::HTMLOutputElement::parseAttribute):
2595
2596 2016-04-12  Darin Adler  <darin@apple.com>
2597
2598         Remove UsePointersEvenForNonNullableObjectArguments from HTMLMediaElement
2599         https://bugs.webkit.org/show_bug.cgi?id=156492
2600
2601         Reviewed by Chris Dumez.
2602
2603         * html/HTMLMediaElement.idl: Removed UsePointersEvenForNonNullableObjectArguments,
2604         sorted remaining class attributes, simplified #if around canPlayType a bit,
2605         removed comment that is not all that useful, made the argument to
2606         webkitSetMediaKeys nullable since the implementation supports that.
2607
2608 2016-04-12  Eric Carlson  <eric.carlson@apple.com>
2609
2610         [iOS] media title sometimes remain in Control Center after tab is closed
2611         https://bugs.webkit.org/show_bug.cgi?id=156243
2612         <rdar://problem/20167445>
2613
2614         Reviewed by Darin Adler.
2615
2616         * Modules/webaudio/AudioContext.h: Implement characteristics.
2617
2618         * html/HTMLMediaElement.cpp:
2619         (WebCore::HTMLMediaElement::mediaLoadingFailed): Call mediaSession->clientCharacteristicsChanged.
2620         (WebCore::HTMLMediaElement::setReadyState): Ditto.
2621         (WebCore::HTMLMediaElement::clearMediaPlayer): Ditto.
2622         (WebCore::HTMLMediaElement::stop): Call mediaSession->stopSession.
2623         (WebCore::HTMLMediaElement::characteristics): New, return current characteristics.
2624         * html/HTMLMediaElement.h:
2625
2626         * platform/audio/PlatformMediaSession.cpp:
2627         (WebCore::PlatformMediaSession::stopSession): Suspend playback, and remove the session 
2628           from the manager, it will never play again.
2629         (WebCore::PlatformMediaSession::characteristics): Return client characteristics.
2630         (WebCore::PlatformMediaSession::clientCharacteristicsChanged):
2631         * platform/audio/PlatformMediaSession.h:
2632
2633         * platform/audio/PlatformMediaSessionManager.cpp:
2634         (WebCore::PlatformMediaSessionManager::stopAllMediaPlaybackForProcess): Call stopSession 
2635           instead of pauseSession to signal that playback will never start again.
2636         * platform/audio/PlatformMediaSessionManager.h:
2637
2638         * platform/audio/ios/MediaSessionManagerIOS.h:
2639         * platform/audio/ios/MediaSessionManagerIOS.mm:
2640         (WebCore::MediaSessionManageriOS::sessionWillBeginPlayback): Add logging.
2641         (WebCore::MediaSessionManageriOS::removeSession): Update NowPlaying.
2642         (WebCore::MediaSessionManageriOS::sessionWillEndPlayback): Add logging.
2643         (WebCore::MediaSessionManageriOS::clientCharacteristicsChanged): Update NowPlaying.
2644         (WebCore::MediaSessionManageriOS::nowPlayingEligibleSession): New, return the first session
2645           that is an audio or video element with playable audio. WebAudio is not currently controllable
2646           so it isn't appropriate to show it in the NowPlaying info center.
2647         (WebCore::MediaSessionManageriOS::updateNowPlayingInfo): Remember the last state passed to
2648           NowPlaying so we can call it only when something has changed.
2649
2650 2016-04-12  Carlos Garcia Campos  <cgarcia@igalia.com>
2651
2652         [GTK] Rework scrollbars theming code for GTK+ 3.20
2653         https://bugs.webkit.org/show_bug.cgi?id=156462
2654
2655         Reviewed by Michael Catanzaro.
2656
2657         In r199292, we reworked the theming code to ensure it works with the new GTK+ CSS theming system. The same is
2658         needed for scrollbars, this patch uses the RenderThemeGadget classes introduced in r199292 to render the native
2659         scrollbars. The code is now split in 3 parts: stub methods for GTK+2 (since this file is compiled for
2660         WebCoreGTK, but not used), the implementation for GTK+ < 3.20 and the implementation for GTK+ >= 3.20. This
2661         reduces the amount of ifdefed code, and ensures that changes in new code don't break the rendering with older
2662         versions of GTK+. I noticed that we were overriding both, the specific paint methods to render scrollbars
2663         parts and the global paint method that renders all the scrollbar parts. We don't really need the specific paint
2664         methods, so I've removed the implemention leaving only the paint method. This also allows us to get rid of the
2665         GtkStyleContext cache.
2666
2667         * platform/gtk/RenderThemeGadget.cpp:
2668         (WebCore::RenderThemeGadget::create): Handle scrollbars gadgets.
2669         (WebCore::appendElementToPath): In case of scrollbar gadget, use the scrollbar GType when creating the path to
2670         be able to get non-CSS style properties.
2671         (WebCore::RenderThemeGadget::opacity): Add method to get the opacity CSS style property.
2672         (WebCore::RenderThemeScrollbarGadget::RenderThemeScrollbarGadget): Initialize m_steppers option set with the
2673         steppers used by the theme.
2674         * platform/gtk/RenderThemeGadget.h:
2675         * platform/gtk/ScrollbarThemeGtk.cpp:
2676         (WebCore::themeChangedCallback):
2677         (WebCore::ScrollbarThemeGtk::ScrollbarThemeGtk):
2678         (WebCore::createStyleContext):
2679         (WebCore::createChildStyleContext):
2680         (WebCore::ScrollbarThemeGtk::themeChanged):
2681         (WebCore::ScrollbarThemeGtk::updateThemeProperties):
2682         (WebCore::scrollbarPartStateFlags):
2683         (WebCore::scrollbarGadgetForLayout):
2684         (WebCore::contentsGadgetForLayout):
2685         (WebCore::ScrollbarThemeGtk::trackRect):
2686         (WebCore::ScrollbarThemeGtk::hasThumb):
2687         (WebCore::ScrollbarThemeGtk::backButtonRect):
2688         (WebCore::ScrollbarThemeGtk::forwardButtonRect):
2689         (WebCore::ScrollbarThemeGtk::paint):
2690         (WebCore::paintStepper):
2691         (WebCore::adjustRectAccordingToMargin):
2692         (WebCore::ScrollbarThemeGtk::scrollbarThickness):
2693         (WebCore::ScrollbarThemeGtk::minimumThumbLength):
2694         * platform/gtk/ScrollbarThemeGtk.h:
2695
2696 2016-03-17  Sergio Villar Senin  <svillar@igalia.com>
2697
2698         [css-grid] Add parsing support for <auto-repeat> syntax
2699         https://bugs.webkit.org/show_bug.cgi?id=155583
2700
2701         Reviewed by Antti Koivisto.
2702
2703         The repeat() notation allows now to specify auto-fill or auto-fit instead of
2704         a fixed number of repetitions meaning that it will be automatically computed
2705         depending on the available space.
2706
2707         This patch just adds the parsing support, the expansion of the repeat notation
2708         will be implemented in a follow up patch because it cannot be done at
2709         parsing level (since it requires knowledge about the available space).
2710
2711         Test: fast/css-grid-layout/grid-element-auto-repeat-get-set.html
2712
2713         * CMakeLists.txt:
2714         * css/CSSGridAutoRepeatValue.cpp: Added.
2715         (WebCore::CSSGridAutoRepeatValue::customCSSText):
2716         * css/CSSGridAutoRepeatValue.h: Added.
2717         (WebCore::CSSGridAutoRepeatValue::create):
2718         (WebCore::CSSGridAutoRepeatValue::autoRepeatID):
2719         (WebCore::CSSGridAutoRepeatValue::CSSGridAutoRepeatValue):
2720         * css/CSSParser.cpp:
2721         (WebCore::allTracksAreFixedSized):
2722         (WebCore::CSSParser::parseGridTrackList):
2723         (WebCore::CSSParser::parseGridTrackRepeatFunction):
2724         (WebCore::CSSParser::parseGridTrackSize):
2725         (WebCore::CSSParser::parseGridBreadth):
2726         * css/CSSParser.h:
2727         * css/CSSValue.cpp:
2728         (WebCore::CSSValue::equals):
2729         (WebCore::CSSValue::cssText):
2730         (WebCore::CSSValue::destroy):
2731         * css/CSSValue.h:
2732         (WebCore::CSSValue::isGridAutoRepeatValue):
2733         * css/CSSValueKeywords.in:
2734
2735 2016-04-12  Yusuke Suzuki  <utatane.tea@gmail.com>
2736
2737         [JSC] addStaticGlobals should emit SymbolTableEntry watchpoints to encourage constant folding in DFG
2738         https://bugs.webkit.org/show_bug.cgi?id=155110
2739
2740         Reviewed by Saam Barati.
2741
2742         * bindings/js/JSDOMWindowBase.cpp:
2743         (WebCore::JSDOMWindowBase::updateDocument):
2744
2745 2016-04-12  Sergio Villar Senin  <svillar@igalia.com>
2746
2747         [css-grid] Pass GridSizingData instead of columnTracks to track sizing methods
2748         https://bugs.webkit.org/show_bug.cgi?id=156466
2749
2750         Reviewed by Darin Adler.
2751
2752         Several methods used to compute the items' size contribution to the tracks they span in, get
2753         as an argument a vector with the sizes of the column tracks.
2754
2755         In order to support grids with orthogonal flows (among other things) it's much better to
2756         pass the GridSizingData struct and let those methods decide whether to use the columns or
2757         the rows.
2758
2759         No new tests as this is just a minor refactoring with no change in behavior.
2760
2761         * rendering/RenderGrid.cpp:
2762         (WebCore::RenderGrid::computeUsedBreadthOfGridTracks):
2763         (WebCore::RenderGrid::logicalContentHeightForChild):
2764         (WebCore::RenderGrid::minSizeForChild):
2765         (WebCore::RenderGrid::minContentForChild):
2766         (WebCore::RenderGrid::maxContentForChild):
2767         (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctions):
2768         (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForNonSpanningItems):
2769         (WebCore::RenderGrid::currentItemSizeForTrackSizeComputationPhase):
2770         (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForItems):
2771         * rendering/RenderGrid.h:
2772
2773 2016-04-11  Darin Adler  <darin@apple.com>
2774
2775         Remove UsePointersEvenForNonNullableObjectArguments from HTMLOptionsCollection
2776         https://bugs.webkit.org/show_bug.cgi?id=156491
2777
2778         Reviewed by Chris Dumez.
2779
2780         * html/HTMLOptionsCollection.cpp:
2781         (WebCore::HTMLOptionsCollection::add): Take a reference instead of a pointer.
2782         * html/HTMLOptionsCollection.h: Removed unneeded forward declaration. Changed
2783         add to take a reference instead of a pointer for the element to add. Used
2784         final instead of override on virtual functions.
2785         * html/HTMLOptionsCollection.idl: Removed now-unneeded attribute
2786         UsePointersEvenForNonNullableObjectArguments; the only function affected was
2787         add, and the overloading code was already checking for null.
2788
2789 2016-04-11  Darin Adler  <darin@apple.com>
2790
2791         Remove UsePointersEvenForNonNullableObjectArguments from HTMLSelectElement
2792         https://bugs.webkit.org/show_bug.cgi?id=156458
2793
2794         Reviewed by Chris Dumez.
2795
2796         * bindings/js/JSHTMLOptionsCollectionCustom.cpp:
2797         (WebCore::JSHTMLOptionsCollection::remove): Updated to call remove with a reference
2798         rather than a pointer.
2799
2800         * bindings/js/JSHTMLSelectElementCustom.cpp:
2801         (WebCore::JSHTMLSelectElement::remove): Updated to call remove with a reference
2802         rather than a pointer.
2803         (WebCore::selectIndexSetter): Updated to call setOption with a reference rather
2804         than a pointer.
2805
2806         * bindings/scripts/CodeGeneratorGObject.pm:
2807         (GenerateFunction): Added basic support for passing wrappers by reference.
2808         GObject bindings already check arguments for null, so didn't add any new checks.
2809
2810         * bindings/scripts/test/GObject/WebKitDOMTestActiveDOMObject.cpp:
2811         * bindings/scripts/test/GObject/WebKitDOMTestCallback.cpp:
2812         * bindings/scripts/test/GObject/WebKitDOMTestCallbackFunction.cpp:
2813         * bindings/scripts/test/GObject/WebKitDOMTestInterface.cpp:
2814         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
2815         Updated.
2816
2817         * editing/FrameSelection.cpp: Updated includes.
2818
2819         * html/HTMLOptionElement.cpp:
2820         (WebCore::HTMLOptionElement::setSelected): Pass reference when calling
2821         HTMLSelectElement::optionSelectionStateChanged.
2822         (WebCore::HTMLOptionElement::insertedInto): Ditto.
2823
2824         * html/HTMLOptionsCollection.cpp:
2825         (WebCore::HTMLOptionsCollection::add): Moved null checking behavior here.
2826         Preserves existing "silently do nothing if null".
2827         (WebCore::HTMLOptionsCollection::remove): Changed function to take a reference
2828         instead of a pointer.
2829
2830         * html/HTMLOptionsCollection.h: Updated include. Changed remove to take a
2831         reference instead of a pointer.
2832
2833         * html/HTMLSelectElement.cpp:
2834         (WebCore::HTMLSelectElement::add): Changed to take a reference instead of
2835         a pointer. Also removed unneeded protect code, since insertBefore already
2836         protects itself, and unneeded call to updateValidity, since the
2837         HTMLSelectElement::childrenChanged function already calls updateValidity.
2838         (WebCore::HTMLSelectElement::remove): Changed to take a reference instead
2839         of a pointer.
2840         (WebCore::HTMLSelectElement::setOption): Changed to take a reference
2841         instead of a pointer.
2842         (WebCore::HTMLSelectElement::setLength): Renamed "newLen" to "newLength".
2843         Use Ref instead of RefPtr for result of createElement, which makes the
2844         argument passed to add be a reference rather than a pointer.
2845         (WebCore::HTMLSelectElement::willRespondToMouseClickEvents): Put the #if
2846         for this here instead of in the header.
2847         (WebCore::HTMLSelectElement::optionSelectionStateChanged): Changed to take
2848         a reference instead of a pointer for the option element.
2849
2850         * html/HTMLSelectElement.h: Removed unneeded includes. Derive privately
2851         from TypeAheadDataSource instead of publicly. Make all overrides final
2852         except for the one that is actually overridden by a derived class.
2853         Changed the arguments of the add, remove, setOption, and
2854         optionSelectionStateChanged functions to be references instead of pointers.
2855         Tweaked formatting a bit and used nullptr instead of 0. Override
2856         willRespondToMouseClickEvents on all platforms, not just iOS.
2857
2858         * html/HTMLSelectElement.idl: Removed UsePointersEvenForNonNullableObjectArguments.
2859         Removed a comment that is no longer needed. Made some types nullable to match
2860         the specification, in places that currently have no effect on code generation.
2861         Added a FIXME comment about the argument to setCustomValidity incorrectly being
2862         marked as nullable.
2863
2864 2016-04-11  Brent Fulgham  <bfulgham@apple.com>
2865
2866         Use WeakPtrs to avoid using deallocated Widgets and ScrollableAreas
2867         https://bugs.webkit.org/show_bug.cgi?id=156420
2868         <rdar://problem/25637378>
2869
2870         Reviewed by Darin Adler.
2871
2872         Avoid the risk of using deallocated Widgets and ScrollableAreas by using WeakPtrs instead of
2873         bare pointers. This allows us to remove some explicit calls to get ScrollableArea and Widget
2874         members in the event handling logic. Instead, null checks are sufficient to ensure we never
2875         accidentally dereference a deleted element.
2876
2877         1. Modify the ScrollableArea class to support vending WeakPtrs.
2878         2. Modify the Event Handling code to use WeakPtrs to hold ScrollableArea and RenderWidget
2879            objects, and to null-check these elements after event handling dispatching is finished
2880            to handle cases where these objects are destroyed.
2881
2882         Test: fast/events/wheel-event-destroys-frame.html
2883               fast/events/wheel-event-destroys-overflow.html
2884
2885         * page/EventHandler.cpp:
2886         (WebCore::EventHandler::platformPrepareForWheelEvents): Change signature for WeakPtr.
2887         (WebCore::EventHandler::platformCompleteWheelEvent): Ditto.
2888         (WebCore::EventHandler::platformNotifyIfEndGesture): Ditto.
2889         (WebCore::widgetForElement): Change to return a WeakPtr.
2890         (WebCore::EventHandler::handleWheelEvent): Use WeakPtrs to hold elements that might be destroyed
2891         during event handling.
2892         * page/EventHandler.h:
2893         * page/mac/EventHandlerEfl.cpp: Rename passWheelEventToWidget to widgetDidHandleWheelEvent.
2894         * page/mac/EventHandlerGtk.cpp: Ditto.
2895         * page/mac/EventHandlerIOS.mm: Ditto.
2896         * page/mac/EventHandlerMac.mm:
2897         (WebCore::scrollableAreaForEventTarget): Renamed from scrollViewForEventTarget. Return
2898         a WeakPtr rather than a bare pointer.
2899         (WebCore::scrollableAreaForContainerNode): Return WeakPtr rather than bare pointer.
2900         (WebCore::EventHandler::completeWidgetWheelEvent): Added.
2901         (WebCore::EventHandler::passWheelEventToWidget): Deleted.
2902         (WebCore::EventHandler::platformPrepareForWheelEvents): Convert to WeakPtrs.
2903         (WebCore::EventHandler::platformCompleteWheelEvent): Ditto.
2904         (WebCore::EventHandler::platformCompletePlatformWidgetWheelEvent): Ditto.
2905         (WebCore::EventHandler::platformNotifyIfEndGesture): Ditto.
2906         (WebCore::EventHandler::widgetDidHandleWheelEvent): Renamed from passWheelEventToWidget.
2907         (WebCore::EventHandler::widgetForEventTarget): Converted from static function to static
2908         method so it can be shared with EventHandlerMac.
2909         (WebCore::scrollViewForEventTarget): Deleted.
2910         * page/mac/EventHandlerWin.cpp: Rename passWheelEventToWidget to widgetDidHandleWheelEvent.
2911         * platform/ScrollableArea.cpp:
2912         * platform/ScrollableArea.h:
2913         (WebCore::ScrollableArea::createWeakPtr): Added.
2914         * platform/Widget.h:
2915         (WebCore::ScrollableArea::createWeakPtr): Added.
2916
2917 2016-04-11  Dean Jackson  <dino@apple.com>
2918
2919         putImageData needs to premultiply input
2920         https://bugs.webkit.org/show_bug.cgi?id=156488
2921         <rdar://problem/25672675>
2922
2923         Reviewed by Zalan Bujtas.
2924
2925         I made a mistake in r187534 as I was converting get and putImageData
2926         to use Accelerate. The incoming data is unmultiplied, and should
2927         be premultiplied before copying into the backing store. I was
2928         accidentally unmultiplying unmultiplied data, which caused
2929         some pretty psychedelic results.
2930
2931         Test: fast/canvas/putImageData-unmultiplied.html
2932
2933         * platform/graphics/cg/ImageBufferDataCG.cpp:
2934         (WebCore::ImageBufferData::putData): Call premultiply, not unpremultiply.
2935
2936 2016-04-11  Jeremy Jones  <jeremyj@apple.com>
2937
2938         When clearing cache, also clear AVFoundation cache.
2939         https://bugs.webkit.org/show_bug.cgi?id=155783
2940         rdar://problem/25252541
2941
2942         Reviewed by Darin Adler.
2943
2944         Use AVAssetCache at a specified location on disk for all AVURLAssets. This AVAssetCache
2945         can then be used to manage the cache storage used by AVFoundation. It is used to query the
2946         contents of the cache in originsInMediaCache() and to clear the cache completely or partially in
2947         clearMediaCache() and clearMediaCacheForOrigins().
2948
2949         Use SecurityOrigin instead of the less formal site String to represent origins in the cache.
2950
2951         * html/HTMLMediaElement.cpp:
2952         (WebCore::sharedMediaCacheDirectory): Added.
2953         (WebCore::HTMLMediaElement::setMediaCacheDirectory): Added.
2954         (WebCore::HTMLMediaElement::mediaCacheDirectory): Added.
2955         (WebCore::HTMLMediaElement::originsInMediaCache): Added.
2956         (WebCore::HTMLMediaElement::clearMediaCache): Added parameter.
2957         (WebCore::HTMLMediaElement::clearMediaCacheForOrigins): Added.
2958         (WebCore::HTMLMediaElement::mediaPlayerMediaCacheDirectory): Added.
2959         (WebCore::HTMLMediaElement::getSitesInMediaCache): Deleted.
2960         (WebCore::HTMLMediaElement::clearMediaCacheForSite): Deleted.
2961         * html/HTMLMediaElement.h:
2962         (WebCore::HTMLMediaElement::clearMediaCache): Added parameter.
2963         * platform/graphics/MediaPlayer.cpp:
2964         (WebCore::addMediaEngine): Add new cache methods.
2965         (WebCore::addToHash): Added.
2966         (WebCore::MediaPlayer::originsInMediaCache): Added.
2967         (WebCore::MediaPlayer::clearMediaCache): Added parameter.
2968         (WebCore::MediaPlayer::clearMediaCacheForOrigins): Added.
2969         (WebCore::MediaPlayer::getSitesInMediaCache): Deleted.
2970         (WebCore::MediaPlayer::clearMediaCacheForSite): Deleted.
2971         * platform/graphics/MediaPlayer.h:
2972         (WebCore::MediaPlayerClient::mediaPlayerMediaCacheDirectory): Added.
2973         * platform/graphics/MediaPlayerPrivate.h:
2974         (WebCore::MediaPlayerPrivateInterface::originsInMediaCache): Added.
2975         (WebCore::MediaPlayerPrivateInterface::clearMediaCache): Added parameter.
2976         (WebCore::MediaPlayerPrivateInterface::clearMediaCacheForOrigins): Added.
2977         (WebCore::MediaPlayerPrivateInterface::getSitesInMediaCache): Deleted.
2978         (WebCore::MediaPlayerPrivateInterface::clearMediaCacheForSite): Deleted.
2979         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
2980         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
2981         (WebCore::MediaPlayerPrivateAVFoundationObjC::registerMediaEngine): Added cache methods.
2982         (WebCore::assetCacheForPath): Added.
2983         (WebCore::MediaPlayerPrivateAVFoundationObjC::originsInMediaCache): Added.
2984         (WebCore::toSystemClockTime): Added.
2985         (WebCore::MediaPlayerPrivateAVFoundationObjC::clearMediaCache): Added parameter.
2986         (WebCore::MediaPlayerPrivateAVFoundationObjC::clearMediaCacheForOrigins): Added.
2987         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVAssetForURL): Added.
2988         * platform/graphics/mac/MediaPlayerPrivateQTKit.h:
2989         * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
2990         (WebCore::MediaPlayerPrivateQTKit::registerMediaEngine): Added cache methods.
2991         (WebCore::MediaPlayerPrivateQTKit::originsInMediaCache): Added.
2992         (WebCore::MediaPlayerPrivateQTKit::clearMediaCache): Added parameter.
2993         (WebCore::MediaPlayerPrivateQTKit::clearMediaCacheForOrigins): Added.
2994         (WebCore::MediaPlayerPrivateQTKit::getSitesInMediaCache): Deleted.
2995         (WebCore::MediaPlayerPrivateQTKit::clearMediaCacheForSite): Deleted.
2996         * platform/spi/mac/AVFoundationSPI.h:
2997
2998 2016-04-11  Commit Queue  <commit-queue@webkit.org>
2999
3000         Unreviewed, rolling out r199310.
3001         https://bugs.webkit.org/show_bug.cgi?id=156483
3002
3003         This change turns many indexeddb tests into crashes (Requested
3004         by jwtan on #webkit).
3005
3006         Reverted changeset:
3007
3008         "Clean up IDBBindingUtilities."
3009         https://bugs.webkit.org/show_bug.cgi?id=156472
3010         http://trac.webkit.org/changeset/199310
3011
3012 2016-04-11  Commit Queue  <commit-queue@webkit.org>
3013
3014         Unreviewed, rolling out r199315.
3015         https://bugs.webkit.org/show_bug.cgi?id=156482
3016
3017         This change broke the OS X Yosemite build. (Requested by jwtan
3018         on #webkit).
3019
3020         Reverted changeset:
3021
3022         "When clearing cache, also clear AVFoundation cache."
3023         https://bugs.webkit.org/show_bug.cgi?id=155783
3024         http://trac.webkit.org/changeset/199315
3025
3026 2016-04-11  Brian Burg  <bburg@apple.com>
3027
3028         Web Inspector: get rid of InspectorBasicValue and InspectorString subclasses
3029         https://bugs.webkit.org/show_bug.cgi?id=156407
3030         <rdar://problem/25627659>
3031
3032         Reviewed by Joseph Pecoraro.
3033
3034         * inspector/InspectorDatabaseAgent.cpp: Don't use deleted subclasses.
3035
3036 2016-04-11  Commit Queue  <commit-queue@webkit.org>
3037
3038         Unreviewed, rolling out r198909.
3039         https://bugs.webkit.org/show_bug.cgi?id=156479
3040
3041         made double-click-and-drag on text drag instead of
3042         highlighting (Requested by alexchristensen_ on #webkit).
3043
3044         Reverted changeset:
3045
3046         "eventMayStartDrag() does not check for shiftKey or
3047         isOverLink"
3048         https://bugs.webkit.org/show_bug.cgi?id=155746
3049         http://trac.webkit.org/changeset/198909
3050
3051 2016-04-11  Chris Dumez  <cdumez@apple.com>
3052
3053         [WebIDL] Add support for [ImplementedAs] for EventHandler attributes
3054         https://bugs.webkit.org/show_bug.cgi?id=156421
3055
3056         Reviewed by Darin Adler.
3057
3058         Add support for [ImplementedAs] for EventHandler attributes so we can
3059         get rid of some ugly name hard-coding in the bindings generator.
3060
3061         * Modules/notifications/Notification.idl:
3062         * bindings/scripts/CodeGeneratorJS.pm:
3063         (EventHandlerAttributeEventName):
3064         * bindings/scripts/test/JS/JSTestObj.cpp:
3065         (WebCore::jsTestObjOnwebkitfoo):
3066         (WebCore::setJSTestObjOnwebkitfoo):
3067         * bindings/scripts/test/TestObj.idl:
3068         * dom/Element.idl:
3069         * page/DOMWindow.idl:
3070
3071 2016-04-11  Jeremy Jones  <jeremyj@apple.com>
3072
3073         When clearing cache, also clear AVFoundation cache.
3074         https://bugs.webkit.org/show_bug.cgi?id=155783
3075         rdar://problem/25252541
3076
3077         Reviewed by Darin Adler.
3078
3079         Use AVAssetCache at a specified location on disk for all AVURLAssets. This AVAssetCache
3080         can then be used to manage the cache storage used by AVFoundation. It is used to query the
3081         contents of the cache in originsInMediaCache() and to clear the cache completely or partially in
3082         clearMediaCache() and clearMediaCacheForOrigins().
3083
3084         Use SecurityOrigin instead of the less formal site String to represent origins in the cache.
3085
3086         * html/HTMLMediaElement.cpp:
3087         (WebCore::sharedMediaCacheDirectory): Added.
3088         (WebCore::HTMLMediaElement::setMediaCacheDirectory): Added.
3089         (WebCore::HTMLMediaElement::mediaCacheDirectory): Added.
3090         (WebCore::HTMLMediaElement::originsInMediaCache): Added.
3091         (WebCore::HTMLMediaElement::clearMediaCache): Added parameter.
3092         (WebCore::HTMLMediaElement::clearMediaCacheForOrigins): Added.
3093         (WebCore::HTMLMediaElement::mediaPlayerMediaCacheDirectory): Added.
3094         (WebCore::HTMLMediaElement::getSitesInMediaCache): Deleted.
3095         (WebCore::HTMLMediaElement::clearMediaCacheForSite): Deleted.
3096         * html/HTMLMediaElement.h:
3097         (WebCore::HTMLMediaElement::clearMediaCache): Added parameter.
3098         * platform/graphics/MediaPlayer.cpp:
3099         (WebCore::addMediaEngine): Add new cache methods.
3100         (WebCore::addToHash): Added.
3101         (WebCore::MediaPlayer::originsInMediaCache): Added.
3102         (WebCore::MediaPlayer::clearMediaCache): Added parameter.
3103         (WebCore::MediaPlayer::clearMediaCacheForOrigins): Added.
3104         (WebCore::MediaPlayer::getSitesInMediaCache): Deleted.
3105         (WebCore::MediaPlayer::clearMediaCacheForSite): Deleted.
3106         * platform/graphics/MediaPlayer.h:
3107         (WebCore::MediaPlayerClient::mediaPlayerMediaCacheDirectory): Added.
3108         * platform/graphics/MediaPlayerPrivate.h:
3109         (WebCore::MediaPlayerPrivateInterface::originsInMediaCache): Added.
3110         (WebCore::MediaPlayerPrivateInterface::clearMediaCache): Added parameter.
3111         (WebCore::MediaPlayerPrivateInterface::clearMediaCacheForOrigins): Added.
3112         (WebCore::MediaPlayerPrivateInterface::getSitesInMediaCache): Deleted.
3113         (WebCore::MediaPlayerPrivateInterface::clearMediaCacheForSite): Deleted.
3114         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
3115         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
3116         (WebCore::MediaPlayerPrivateAVFoundationObjC::registerMediaEngine): Added cache methods.
3117         (WebCore::assetCacheForPath): Added.
3118         (WebCore::MediaPlayerPrivateAVFoundationObjC::originsInMediaCache): Added.
3119         (WebCore::toSystemClockTime): Added.
3120         (WebCore::MediaPlayerPrivateAVFoundationObjC::clearMediaCache): Added parameter.
3121         (WebCore::MediaPlayerPrivateAVFoundationObjC::clearMediaCacheForOrigins): Added.
3122         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVAssetForURL): Added.
3123         * platform/graphics/mac/MediaPlayerPrivateQTKit.h:
3124         * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
3125         (WebCore::MediaPlayerPrivateQTKit::registerMediaEngine): Added cache methods.
3126         (WebCore::MediaPlayerPrivateQTKit::originsInMediaCache): Added.
3127         (WebCore::MediaPlayerPrivateQTKit::clearMediaCache): Added parameter.
3128         (WebCore::MediaPlayerPrivateQTKit::clearMediaCacheForOrigins): Added.
3129         (WebCore::MediaPlayerPrivateQTKit::getSitesInMediaCache): Deleted.
3130         (WebCore::MediaPlayerPrivateQTKit::clearMediaCacheForSite): Deleted.
3131         * platform/spi/mac/AVFoundationSPI.h:
3132
3133 2016-04-11  Antoine Quint  <graouts@apple.com>
3134
3135         [WebGL2] Use Open GL ES 3.0 to back WebGL2 contexts
3136         https://bugs.webkit.org/show_bug.cgi?id=141178
3137
3138         Reviewed by Dean Jackson.
3139
3140         We add a new `useGLES3` attribute when creating a GraphicsContext3D in the event that the
3141         context type is "webgl2". This attribute is then read by the GraphicsContext3D constructor
3142         to request an Open GL ES 3.0 backend when creating the EAGLContext on iOS.
3143
3144         * html/canvas/WebGLRenderingContextBase.cpp:
3145         (WebCore::WebGLRenderingContextBase::create):
3146         * platform/graphics/GraphicsContext3D.h:
3147         (WebCore::GraphicsContext3D::Attributes::Attributes):
3148         * platform/graphics/mac/GraphicsContext3DMac.mm:
3149         (WebCore::GraphicsContext3D::GraphicsContext3D):
3150
3151 2016-04-11  Jiewen Tan  <jiewen_tan@apple.com>
3152
3153         fast/loader/opaque-base-url.html crashing during mac and ios debug tests
3154         https://bugs.webkit.org/show_bug.cgi?id=156179
3155         <rdar://problem/25507719>
3156
3157         Reviewed by Ryosuke Niwa.
3158
3159         Navigate to about:blank if the provided src of an iframe/frame cannot be
3160         resolved to a valid URL.
3161
3162         Test: fast/loader/iframe-src-invalid-url.html
3163
3164         * loader/SubframeLoader.cpp:
3165         (WebCore::SubframeLoader::requestFrame):
3166
3167 2016-04-11  Said Abou-Hallawa  <sabouhallawa@apple,com>
3168
3169         Merge CG ImageSource and non CG ImageSource implementation in one file
3170         https://bugs.webkit.org/show_bug.cgi?id=155456
3171
3172         Reviewed by Darin Adler.
3173
3174         ImageSource for CG and CG code paths look very similar. All the platform
3175         specific code can be moved to ImageDecoder classes for CG and non CG. And
3176         we can have the ImageSource be platform independent and we get rid of
3177         ImageSourceCG.cpp.
3178
3179         Test: fast/images/image-subsampling.html
3180
3181         * CMakeLists.txt:
3182         * PlatformAppleWin.cmake:
3183         * PlatformMac.cmake:
3184         * WebCore.xcodeproj/project.pbxproj:
3185         Delete ImageSourceCG.cpp form all make files and add ImageSource.cpp to
3186         CMakeLists.txt.
3187         
3188         * platform/Cursor.cpp:
3189         (WebCore::determineHotSpot):
3190         * platform/graphics/BitmapImage.cpp:
3191         (WebCore::BitmapImage::hotSpot):
3192         (WebCore::BitmapImage::getHotSpot): Deleted.
3193         * platform/graphics/BitmapImage.h:
3194         * platform/graphics/Image.h:
3195         (WebCore::Image::hotSpot):
3196         (WebCore::Image::getHotSpot): Deleted.
3197         Rename getHotSpot() to hotSpot() and change it to return Optional<IntPoint>.
3198         
3199         * platform/graphics/ImageSource.cpp:
3200         (WebCore::ImageSource::~ImageSource): Remove clear(true) call. It does nothing.
3201         (WebCore::ImageSource::clearFrameBufferCache): A wrapper which calls ImageDecoder::clearFrameBufferCache().
3202         (WebCore::ImageSource::clear): Calls clearFrameBufferCache() which will do nothing for CG.
3203         
3204         (WebCore::ImageSource::ensureDecoderIsCreated): Change SharedBuffer* to
3205         const SharedBuffer& and remove the call to ImageDecoder::setMaxNumPixels().
3206         The value of const static int CG ImageDecoder::m_maxNumPixels will be set
3207         based on IMAGE_DECODER_DOWN_SAMPLING.
3208         
3209         (WebCore::ImageSource::setData): Pass SharedBuffer& to the underlying functions.
3210         
3211         (WebCore::ImageSource::calculateMaximumSubsamplingLevel): Returns the maximum
3212         subsampling level allowed for an image.
3213         
3214         (WebCore::ImageSource::subsamplingLevelForScale): Converts from a scale to
3215         SubsamplingLevel taking into consideration the maximumSubsamplingLevel for
3216         a particular image.
3217         
3218         (WebCore::ImageSource::bytesDecodedToDetermineProperties): Returns the number
3219         of encoded bytes which can determine the image properties. For non CG it's
3220         zero. For CG it is a maximum value which can be corrected later.
3221         
3222         (WebCore::ImageSource::isSizeAvailable):
3223         (WebCore::ImageSource::sizeRespectingOrientation):
3224         (WebCore::ImageSource::frameCount):
3225         (WebCore::ImageSource::repetitionCount):
3226         (WebCore::ImageSource::filenameExtension):
3227         (WebCore::ImageSource::getHotSpot):
3228         (WebCore::ImageSource::frameIsCompleteAtIndex):
3229         (WebCore::ImageSource::frameHasAlphaAtIndex):
3230         (WebCore::ImageSource::allowSubsamplingOfFrameAtIndex):
3231         (WebCore::ImageSource::frameSizeAtIndex):
3232         (WebCore::ImageSource::frameBytesAtIndex):
3233         (WebCore::ImageSource::frameDurationAtIndex):
3234         (WebCore::ImageSource::orientationAtIndex):
3235         (WebCore::ImageSource::createFrameImageAtIndex):
3236         These are wrappers for the ImageDecoder APIs. The purpose of these functions
3237         is to ensure the ImageDecoder is created.
3238         
3239         (WebCore::ImageSource::dump): Called from BitmapImage::dump().
3240         
3241         (WebCore::ImageSource::getHotSpot): Deleted.
3242         
3243         * platform/graphics/ImageSource.h:
3244         (WebCore::ImageSource::setAllowSubsampling): Called from BitmapImage::setAllowSubsampling().
3245         
3246         (WebCore::ImageSource::maxPixelsPerDecodedImage): Deleted.
3247         (WebCore::ImageSource::setMaxPixelsPerDecodedImage): Deleted.
3248         Setting maxPixelsPerDecodedImage was moved to the non CG ImageDecoder.
3249         
3250         * platform/graphics/cg/ImageDecoderCG.cpp:
3251         (WebCore::ImageDecoder::setData): Change SharedBuffer* to SharedBuffer&.
3252
3253         (WebCore::ImageDecoder::subsamplingLevelForScale): Deleted.
3254         The code was moved to ImageSource::subsamplingLevelForScale().
3255         
3256         * platform/graphics/cg/ImageDecoderCG.h:
3257         (WebCore::ImageDecoder::create): Make the prototype of this function
3258         suitable for CG and non CG cases.
3259         (WebCore::ImageDecoder::clearFrameBufferCache): Empty functions for CG.
3260         
3261         * platform/graphics/cg/ImageSourceCG.cpp: Removed.
3262         
3263         * platform/image-decoders/ImageDecoder.cpp:
3264         (WebCore::ImageDecoder::frameIsCompleteAtIndex): A mew function to return
3265         whether the frame decoding is complete or not.
3266         
3267         (WebCore::ImageDecoder::frameHasAlphaAtIndex): Simplify the logic.
3268         
3269         (WebCore::ImageDecoder::frameDurationAtIndex): The code was moved from
3270         ImageSource::frameDurationAtIndex() in ImageSource.cpp.
3271         
3272         (WebCore::ImageDecoder::createFrameImageAtIndex): The code was moved from
3273         ImageSource::createFrameImageAtIndex() in ImageSource.cpp.
3274         
3275         * platform/image-decoders/ImageDecoder.h:
3276         (WebCore::ImageDecoder::ImageDecoder): Initialize the members in class.
3277         (WebCore::ImageDecoder::~ImageDecoder): Fix the braces style.
3278         (WebCore::ImageDecoder::setData): Change the type of the argument from
3279         SharedBuffer* to SharedBuffer&.
3280         (WebCore::ImageDecoder::frameSizeAtIndex): Add the argument SubsamplingLevel
3281         so it can have the same prototype as CG.
3282         (WebCore::ImageDecoder::orientationAtIndex): Rename it to the same of CG.
3283         
3284         (WebCore::ImageDecoder::allowSubsamplingOfFrameAtIndex):
3285         (WebCore::ImageDecoder::bytesDecodedToDetermineProperties):
3286         (WebCore::ImageDecoder::subsamplingLevelForScale): Add these functions
3287         and return the default values so we do not have to add directive compiled
3288         non CG blocks in ImageSource.cpp.
3289
3290         (WebCore::ImageDecoder::hotSpot): Return Optional<IntPoint>.
3291         
3292         (WebCore::ImageDecoder::orientation): Deleted.
3293         (WebCore::ImageDecoder::setMaxNumPixels): Deleted.
3294         
3295         * platform/image-decoders/bmp/BMPImageDecoder.cpp:
3296         (WebCore::BMPImageDecoder::setData):
3297         * platform/image-decoders/bmp/BMPImageDecoder.h:
3298         * platform/image-decoders/gif/GIFImageDecoder.cpp:
3299         (WebCore::GIFImageDecoder::setData):
3300         (WebCore::GIFImageDecoder::decode):
3301         * platform/image-decoders/gif/GIFImageDecoder.h:
3302         * platform/image-decoders/gif/GIFImageReader.h:
3303         (GIFImageReader::setData):
3304         * platform/image-decoders/ico/ICOImageDecoder.cpp:
3305         (WebCore::ICOImageDecoder::setData):
3306         Use reference SharedBuffer instead of pointer SharedBuffer.
3307         
3308         (WebCore::ICOImageDecoder::hotSpot):
3309         (WebCore::ICOImageDecoder::hotSpotAtIndex):
3310         Change hotSpot() to return Optional<IntPoint>.
3311         * platform/image-decoders/ico/ICOImageDecoder.h:
3312                 
3313         (WebCore::ICOImageDecoder::setDataForPNGDecoderAtIndex):
3314         Pass reference SharedBuffer instead of pointer SharedBuffer.
3315
3316 2016-04-08  Said Abou-Hallawa  <sabouhallawa@apple,com>
3317
3318         Timing attack on SVG feComposite filter circumvents same-origin policy
3319         https://bugs.webkit.org/show_bug.cgi?id=154338
3320
3321         Reviewed by Oliver Hunt.
3322
3323         Ensure the FEComposite arithmetic filter is clamping the resulted color
3324         components in a constant time.
3325
3326         * platform/graphics/filters/FEComposite.cpp:
3327         (WebCore::clampByte):
3328         (WebCore::computeArithmeticPixels):
3329
3330 2016-04-11  Brady Eidson  <beidson@apple.com>
3331
3332         Clean up IDBBindingUtilities.
3333         https://bugs.webkit.org/show_bug.cgi?id=156472
3334
3335         Reviewed by Alex Christensen.