[iPhone] Playing a video on tudou.com plays only sound, no video
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2016-07-20  Myles C. Maxfield  <mmaxfield@apple.com>
2
3         [iPhone] Playing a video on tudou.com plays only sound, no video
4         https://bugs.webkit.org/show_bug.cgi?id=159967
5         <rdar://problem/26964090>
6
7         Reviewed by Jon Lee.
8
9         WebKit recently starting honoring the playsinline and webkit-playsinline
10         attribute on iPhones. However, because these attributes previously did
11         nothing, some sites (such as Todou) were setting them on their content
12         and expecting that they are not honored. In this specific case, the
13         video is absolutely positioned to be 1 pixel x 1 pixel.
14
15         Previously, with iOS 9, apps could set the allowsInlineMediaPlayback
16         property on their WKWebView, which would honor the webkit-playsinline
17         attribute. Safari on iPhones didn't do this.
18
19         In order to not break these existing apps, it's important that the
20         allowsInlineMediaPlayback preference still allows webkit-playsinline
21         videos to play inline in apps using WKWebView. However, in Safari, these
22         videos should play fullscreen. (Todou videos have webkit-playsinline
23         but not playsinline.)
24
25         Therefore, in Safari, videos with playsinline should be inline, but
26         videos with webkit-playsinline should be fullscreen. In apps using
27         WKWebViews, if the app sets allowsInlineMediaPlayback, then videos with
28         playsinline should be inline, and videos with webkit-playsinline should
29         also be inline. Videos on iPad and Mac should all be inline by default.
30
31         We can create some truth tables for the cases which need to be covered:
32
33         All apps on Mac / iPad:
34         Presence of playsinline | Presence of webkit-playsinline | Result
35         ========================|================================|===========
36         Not present             | Not present                    | Inline
37         Present                 | Not present                    | Inline
38         Not Present             | Present                        | Inline
39         Present                 | Present                        | Inline
40
41         Safari on iPhone:
42         Presence of playsinline | Presence of webkit-playsinline | Result
43         ========================|================================|===========
44         Not present             | Not present                    | Fullscreen
45         Present                 | Not present                    | Inline
46         Not Present             | Present                        | Fullscreen
47         Present                 | Present                        | Inline
48
49         App on iPhone which sets allowsInlineMediaPlayback:
50         Presence of playsinline | Presence of webkit-playsinline | Result
51         ========================|================================|===========
52         Not present             | Not present                    | Fullscreen
53         Present                 | Not present                    | Inline
54         Not Present             | Present                        | Inline
55         Present                 | Present                        | Inline
56
57         The way to distinguish Safari from another app is to create an SPI
58         boolean preference which Safari can set. This is already how the
59         iPhone and iPad are differentiated using the requiresPlayInlineAttribute
60         which Safari sets but other apps don't. However, this preference is
61         no longer sufficient because Safari should now be discriminating
62         between the playsinline and webkit-playsinline attributes. Therefore,
63         this preference should be extended to two boolean preferences, which
64         this patch adds:
65
66         allowsInlineMediaPlaybackWithPlaysInlineAttribute
67         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute
68
69         Safari on iPhone will set
70         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to true,
71         and allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to
72         false. Other apps on iPhone will get their defaults values (because they
73         are SPI) which means they will both be true. On iPad and Mac, apps will
74         use the defaults values where both are false.
75
76         This patch adds support for these two preferences, but does not remove
77         the existing inlineMediaPlaybackRequiresPlaysInlineAttribute preference.
78         I will remove the exising preference as soon as I update Safari to migrate
79         off of it.
80
81         Test: media/video-playsinline.html
82
83         * html/MediaElementSession.cpp:
84         (WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):
85         * page/Settings.cpp:
86         * page/Settings.in:
87         * testing/InternalSettings.cpp:
88         (WebCore::InternalSettings::Backup::Backup):
89         (WebCore::InternalSettings::Backup::restoreTo):
90         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithPlaysInlineAttribute):
91         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute):
92         * testing/InternalSettings.h:
93         * testing/InternalSettings.idl:
94
95 2016-07-20  Chris Dumez  <cdumez@apple.com>
96
97         Get rid of custom bindings code for XMLHttpRequest.open()
98         https://bugs.webkit.org/show_bug.cgi?id=159984
99
100         Reviewed by Ryosuke Niwa.
101
102         Get rid of custom bindings code for XMLHttpRequest.open() as the
103         bindings generator is able to generate it.
104
105         Relevant specification:
106         - https://xhr.spec.whatwg.org/#xmlhttprequest
107
108         The issue is that legacy content prevents treating the 'async' argument
109         being undefined identical from it being omitted. However, this can be
110         achieved by using overloading in IDL, like in the specification.
111
112         No new tests, already covered by the following tests:
113         - http/tests/xmlhttprequest/basic-auth.html
114         - http/tests/xmlhttprequest/open-async-overload.html
115
116         * bindings/js/JSXMLHttpRequestCustom.cpp:
117         (WebCore::SendFunctor::SendFunctor): Deleted.
118         (WebCore::SendFunctor::line): Deleted.
119         (WebCore::SendFunctor::column): Deleted.
120         (WebCore::SendFunctor::url): Deleted.
121         (WebCore::SendFunctor::operator()): Deleted.
122         * xml/XMLHttpRequest.cpp:
123         (WebCore::XMLHttpRequest::open):
124         * xml/XMLHttpRequest.h:
125         * xml/XMLHttpRequest.idl:
126
127 2016-07-20  Rawinder Singh  <rawinder.singh-webkit@cisra.canon.com.au>
128
129         Mark overriden methods in WebCore/svg final classes as final
130         https://bugs.webkit.org/show_bug.cgi?id=159966
131
132         Reviewed by Michael Catanzaro.
133
134         Update WebCore/svg classes so that overriden methods in final classes are marked final.
135
136         * svg/SVGAElement.h:
137         * svg/SVGAltGlyphDefElement.h:
138         * svg/SVGAltGlyphItemElement.h:
139         * svg/SVGAnimateTransformElement.h:
140         * svg/SVGAnimatedColor.h:
141         * svg/SVGCircleElement.h:
142         * svg/SVGClipPathElement.h:
143         * svg/SVGCursorElement.h:
144         * svg/SVGDefsElement.h:
145         * svg/SVGDescElement.h:
146         * svg/SVGEllipseElement.h:
147         * svg/SVGFEMergeNodeElement.h:
148         * svg/SVGFilterElement.h:
149         * svg/SVGFontElement.h:
150         * svg/SVGFontFaceElement.h:
151         * svg/SVGFontFaceFormatElement.h:
152         * svg/SVGFontFaceNameElement.h:
153         * svg/SVGFontFaceSrcElement.h:
154         * svg/SVGFontFaceUriElement.h:
155         * svg/SVGForeignObjectElement.h:
156         * svg/SVGGElement.h:
157         * svg/SVGGlyphElement.h:
158         * svg/SVGGlyphRefElement.h:
159         * svg/SVGHKernElement.h:
160         * svg/SVGImageElement.h:
161         * svg/SVGLineElement.h:
162         * svg/SVGMPathElement.h:
163         * svg/SVGMaskElement.h:
164         * svg/SVGMetadataElement.h:
165         * svg/SVGMissingGlyphElement.h:
166         * svg/SVGPathBuilder.h:
167         * svg/SVGPathByteStreamBuilder.h:
168         * svg/SVGPathByteStreamSource.h:
169         * svg/SVGPathElement.h:
170         * svg/SVGPathSegArcAbs.h:
171         * svg/SVGPathSegArcRel.h:
172         * svg/SVGPathSegClosePath.h:
173         * svg/SVGPathSegCurvetoCubicAbs.h:
174         * svg/SVGPathSegCurvetoCubicRel.h:
175         * svg/SVGPathSegCurvetoCubicSmoothAbs.h:
176         * svg/SVGPathSegCurvetoCubicSmoothRel.h:
177         * svg/SVGPathSegCurvetoQuadraticAbs.h:
178         * svg/SVGPathSegCurvetoQuadraticRel.h:
179         * svg/SVGPathSegCurvetoQuadraticSmoothAbs.h:
180         * svg/SVGPathSegCurvetoQuadraticSmoothRel.h:
181         * svg/SVGPathSegLinetoAbs.h:
182         * svg/SVGPathSegLinetoHorizontalAbs.h:
183         * svg/SVGPathSegLinetoHorizontalRel.h:
184         * svg/SVGPathSegLinetoRel.h:
185         * svg/SVGPathSegLinetoVerticalAbs.h:
186         * svg/SVGPathSegLinetoVerticalRel.h:
187         * svg/SVGPathSegListBuilder.h:
188         * svg/SVGPathSegListSource.h:
189         * svg/SVGPathSegMovetoAbs.h:
190         * svg/SVGPathSegMovetoRel.h:
191         * svg/SVGPathStringSource.h:
192         * svg/SVGPathTraversalStateBuilder.h:
193         * svg/SVGPatternElement.h:
194         * svg/SVGRectElement.h:
195         * svg/SVGScriptElement.h:
196         * svg/SVGStopElement.h:
197         * svg/SVGStyleElement.h:
198         * svg/SVGSwitchElement.h:
199         * svg/SVGTRefElement.cpp:
200         * svg/SVGTitleElement.h:
201         * svg/SVGToOTFFontConversion.cpp:
202         * svg/SVGUnknownElement.h:
203         * svg/SVGVKernElement.h:
204         * svg/SVGViewElement.h:
205         * svg/SVGZoomEvent.h:
206         * svg/animation/SVGSMILElement.cpp:
207         * svg/graphics/SVGImage.h:
208         * svg/graphics/SVGImageClients.h:
209         * svg/graphics/SVGImageForContainer.h:
210         * svg/graphics/filters/SVGFEImage.h:
211         * svg/graphics/filters/SVGFilter.h:
212         * svg/properties/SVGAnimatedEnumerationPropertyTearOff.h:
213         * svg/properties/SVGAnimatedPathSegListPropertyTearOff.h:
214         * svg/properties/SVGAnimatedPropertyTearOff.h:
215         * svg/properties/SVGAnimatedTransformListPropertyTearOff.h:
216         * svg/properties/SVGMatrixTearOff.h:
217         * svg/properties/SVGPathSegListPropertyTearOff.h:
218
219 2016-07-20  Brady Eidson  <beidson@apple.com>
220
221         Transition most IDB interfaces from ScriptExecutionContext to ExecState.
222         https://bugs.webkit.org/show_bug.cgi?id=159975
223
224         Reviewed by Alex Christensen.
225
226         No new tests (No known behavior change).
227
228         * Modules/indexeddb/IDBCursor.cpp:
229         (WebCore::IDBCursor::continueFunction):
230         (WebCore::IDBCursor::deleteFunction):
231         * Modules/indexeddb/IDBCursor.h:
232         * Modules/indexeddb/IDBCursor.idl:
233
234         * Modules/indexeddb/IDBDatabase.idl:
235
236         * Modules/indexeddb/IDBFactory.cpp:
237         (WebCore::IDBFactory::cmp):
238         * Modules/indexeddb/IDBFactory.h:
239         * Modules/indexeddb/IDBFactory.idl:
240
241         * Modules/indexeddb/IDBIndex.cpp:
242         (WebCore::IDBIndex::openCursor):
243         (WebCore::IDBIndex::count):
244         (WebCore::IDBIndex::doCount):
245         (WebCore::IDBIndex::openKeyCursor):
246         (WebCore::IDBIndex::get):
247         (WebCore::IDBIndex::doGet):
248         (WebCore::IDBIndex::getKey):
249         (WebCore::IDBIndex::doGetKey):
250         * Modules/indexeddb/IDBIndex.h:
251         * Modules/indexeddb/IDBIndex.idl:
252
253         * Modules/indexeddb/IDBKeyRange.cpp:
254         (WebCore::IDBKeyRange::only): Deleted.
255         * Modules/indexeddb/IDBKeyRange.h:
256
257         * Modules/indexeddb/IDBObjectStore.cpp:
258         (WebCore::IDBObjectStore::openCursor):
259         (WebCore::IDBObjectStore::get):
260         (WebCore::IDBObjectStore::putOrAdd):
261         (WebCore::IDBObjectStore::deleteFunction):
262         (WebCore::IDBObjectStore::doDelete):
263         (WebCore::IDBObjectStore::modernDelete):
264         (WebCore::IDBObjectStore::clear):
265         (WebCore::IDBObjectStore::createIndex):
266         (WebCore::IDBObjectStore::count):
267         (WebCore::IDBObjectStore::doCount):
268         * Modules/indexeddb/IDBObjectStore.h:
269         * Modules/indexeddb/IDBObjectStore.idl:
270
271         * Modules/indexeddb/IDBTransaction.cpp:
272         (WebCore::IDBTransaction::requestOpenCursor):
273         (WebCore::IDBTransaction::doRequestOpenCursor):
274         (WebCore::IDBTransaction::requestGetRecord):
275         (WebCore::IDBTransaction::requestGetValue):
276         (WebCore::IDBTransaction::requestGetKey):
277         (WebCore::IDBTransaction::requestIndexRecord):
278         (WebCore::IDBTransaction::requestCount):
279         (WebCore::IDBTransaction::requestDeleteRecord):
280         (WebCore::IDBTransaction::requestClearObjectStore):
281         (WebCore::IDBTransaction::requestPutOrAdd):
282         * Modules/indexeddb/IDBTransaction.h:
283
284         * inspector/InspectorIndexedDBAgent.cpp:
285
286 2016-07-20  Wenson Hsieh  <wenson_hsieh@apple.com>
287
288         Media controls don't appear when pausing a small autoplaying video
289         https://bugs.webkit.org/show_bug.cgi?id=159972
290         <rdar://problem/27180657>
291
292         Reviewed by Beth Dakin.
293
294         When pausing an autoplaying video, remove behavior restrictions for the
295         initial user gesture and show media controls.
296
297         New WebKit API test. See VideoControlsManagerSingleSmallAutoplayingVideo.
298
299         * html/HTMLMediaElement.cpp:
300         (WebCore::HTMLMediaElement::pause):
301
302 2016-07-20  Chris Dumez  <cdumez@apple.com>
303
304         Fix null handling of HTMLMediaElement.mediaGroup
305         https://bugs.webkit.org/show_bug.cgi?id=159974
306
307         Reviewed by Eric Carlson.
308
309         Fix null handling of HTMLMediaElement.mediaGroup to match the specification:
310         - https://www.w3.org/TR/html5/embedded-content-0.html#media-elements
311
312         null is supposed to be treated as the String "null". This patch aligns
313         our behavior with the specification. I tested Firefox and Chrome but both
314         do not have this attribute on HTMLMediaElement.
315
316         Also remove support for [TreatNullAs=LegacyNullString] from our bindings
317         generator as HTMLMediaElement.mediaGroup was the last user.
318
319         No new tests, rebaselined existing test.
320
321         * bindings/scripts/CodeGeneratorJS.pm:
322         (JSValueToNative):
323         * bindings/scripts/IDLAttributes.txt:
324         * html/HTMLMediaElement.idl:
325
326 2016-07-20  Chris Dumez  <cdumez@apple.com>
327
328         CSSStyleDeclaration.setProperty() should be able to unset "important" on a property
329         https://bugs.webkit.org/show_bug.cgi?id=159959
330
331         Reviewed by Alexey Proskuryakov.
332
333         CSSStyleDeclaration.setProperty() should be able to unsert "important"
334         on a property as per the latest specification:
335         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-setproperty
336         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-camel-cased-attribute
337
338         Firefox and Chrome match the specification here but WebKit was ignoring calls
339         to setProperty() if there is already an "important" property wit this name
340         and if the new property does not have the "important" flag set.
341
342         This behavior was added a long time ago via Bug 60007. However, it does not
343         match the latest specification or other browsers.
344
345         Test: fast/css/CSSStyleDeclaration-setProperty-unset-important.html
346
347         * css/StyleProperties.cpp:
348         (WebCore::MutableStyleProperties::addParsedProperty):
349         Drop code that was added via Bug 60007 as this behavior no longer matches the
350         specification or other browsers. The layout test added in Bug 60007 fails in
351         other browsers and was updated in this patch to match the specification.
352
353 2016-07-20  Commit Queue  <commit-queue@webkit.org>
354
355         Unreviewed, rolling out r203423.
356         https://bugs.webkit.org/show_bug.cgi?id=159977
357
358         The test for this change is failing on Mac Release WK2
359         (Requested by ryanhaddad on #webkit).
360
361         Reverted changeset:
362
363         "HTMLVideoElement frames do not update on iOS when src is a
364         MediaStream blob"
365         https://bugs.webkit.org/show_bug.cgi?id=159833
366         http://trac.webkit.org/changeset/203423
367
368 2016-07-20  Chris Dumez  <cdumez@apple.com>
369
370         Fix null handling of HTMLSelectElement.value attribute
371         https://bugs.webkit.org/show_bug.cgi?id=159925
372
373         Reviewed by Benjamin Poulain.
374
375         Fix null handling of HTMLSelectElement.value attribute:
376         - https://html.spec.whatwg.org/multipage/forms.html#htmlselectelement
377
378         We were treating null as the null String which would end up setting
379         selectedIndex to -1. However, we should treat null as the String "null"
380         which would set the selectedIndex to the index of the <option> element
381         whose value is "null".
382
383         Firefox and Chrome match the specification.
384
385         Test: fast/dom/HTMLSelectElement/value-null-handling.html
386
387         * html/HTMLSelectElement.cpp:
388         (WebCore::HTMLSelectElement::setValue):
389         * html/HTMLSelectElement.idl:
390
391 2016-07-20  Chris Dumez  <cdumez@apple.com>
392
393         PostResolutionCallbackDisabler can resume pending requests while a ResourceLoadSuspender is alive
394         https://bugs.webkit.org/show_bug.cgi?id=159962
395         <rdar://problem/21439264>
396
397         Reviewed by David Kilzer.
398
399         PostResolutionCallbackDisabler can resume pending requests while a ResourceLoadSuspender
400         is alive. We have both PostResolutionCallbackDisabler and ResourceLoadSuspender that
401         call LoaderStrategy::suspendPendingRequests() / LoaderStrategy::resumePendingRequests().
402         However, PostResolutionCallbackDisabler and ResourceLoadSuspender are not aware of each
403         other. It is therefore possible for a PostResolutionCallbackDisabler object to get
404         destroyed, causing LoaderStrategy::resumePendingRequests() to be called while a
405         ResourceLoadSuspender object is alive.
406
407         This leads to hard to investigate crashes where we end up re-entering WebKit and killing
408         the style resolver.
409
410         This patch drops ResourceLoadSuspender and uses PostResolutionCallbackDisabler instead.
411         There was only one user of ResourceLoadSuspender and PostResolutionCallbackDisabler
412         is better because it manages a resolutionNestingDepth counter internally to make sure
413         it only calls LoaderStrategy::resumePendingRequests() once all
414         PostResolutionCallbackDisabler instances are destroyed.
415
416         No new tests, there is no easy way to reproduce the crashes.
417
418         * dom/Document.cpp:
419         (WebCore::Document::styleForElementIgnoringPendingStylesheets):
420         * loader/LoaderStrategy.cpp:
421         (WebCore::ResourceLoadSuspender::ResourceLoadSuspender): Deleted.
422         (WebCore::ResourceLoadSuspender::~ResourceLoadSuspender): Deleted.
423         * loader/LoaderStrategy.h:
424
425 2016-07-19  Youenn Fablet  <youenn@apple.com>
426
427         [Fetch API] Add a JS builtin to implement https://fetch.spec.whatwg.org/#concept-headers-fill
428         https://bugs.webkit.org/show_bug.cgi?id=159932
429
430         Reviewed by Alex Christensen.
431
432         Covered by existing tests.
433
434         Refactoring Headers initializeWith to use the new built-in internal that implements
435         https://fetch.spec.whatwg.org/#concept-headers-fill.
436
437         Refactoring Response constructor to put more checks in the JS builtin fucntion called within constructor.
438         Making use of the new built-in internal that implements https://fetch.spec.whatwg.org/#concept-headers-fill.
439
440         * CMakeLists.txt: Adding FetchHeadersInternals.js
441         * DerivedSources.make: Ditto.
442         * Modules/fetch/FetchHeaders.js:
443         (initializeFetchHeaders): Using fillFetchHeaders new built-in internal.
444         * Modules/fetch/FetchInternals.js: Added.
445         (fillFetchHeaders):
446         * Modules/fetch/FetchResponse.cpp: Refactoring to do more in the JS built-in. Splitting of initializeWith so
447         that the checks are done in the order defined by the spec.
448         (WebCore::FetchResponse::setStatus):
449         (WebCore::FetchResponse::initializeWith):
450         (WebCore::isNullBodyStatus): Deleted.
451         * Modules/fetch/FetchResponse.h:
452         * Modules/fetch/FetchResponse.idl:
453         * Modules/fetch/FetchResponse.js:
454         (initializeFetchResponse): New built-in internal.
455         * WebCore.xcodeproj/project.pbxproj:
456         * bindings/js/WebCoreBuiltinNames.h:
457
458 2016-07-19  Chris Dumez  <cdumez@apple.com>
459
460         Fix null handling of SVGScriptElement.type attribute
461         https://bugs.webkit.org/show_bug.cgi?id=159927
462
463         Reviewed by Benjamin Poulain.
464
465         Fix null handling of SVGScriptElement.type attribute:
466         - https://www.w3.org/TR/SVG2/interact.html#InterfaceSVGScriptElement
467
468         We were treating null as the null String which would end up removing
469         the 'type' content attribute. However, we should treat null as the
470         String "null".
471
472         Firefox and Chrome match the specification.
473
474         No new tests, updated existing test.
475
476         * svg/SVGScriptElement.idl:
477
478 2016-07-19  Chris Dumez  <cdumez@apple.com>
479
480         Fix null handling of several HTMLDocument attributes
481         https://bugs.webkit.org/show_bug.cgi?id=159923
482
483         Reviewed by Benjamin Poulain.
484
485         Fix null handling of several HTMLDocument attributes:
486         - https://html.spec.whatwg.org/multipage/dom.html#document
487         - https://html.spec.whatwg.org/multipage/obsolete.html#document-partial
488
489         In particular, null handling was incorrect in WebKit for 'dir',
490         'bgColor', 'fgColor', 'alinkColor', 'linkColor' and 'vlinkColor'.
491
492         Firefox and Chrome match the specification.
493
494         Test: fast/dom/HTMLDocument/null-handling.html
495
496         * html/HTMLDocument.idl:
497
498 2016-07-19  Chris Dumez  <cdumez@apple.com>
499
500         Document.createElementNS() / createAttributeNS() parameters should be mandatory
501         https://bugs.webkit.org/show_bug.cgi?id=159938
502
503         Reviewed by Benjamin Poulain.
504
505         Document.createElementNS() / createAttributeNS() parameters should be mandatory:
506         - https://dom.spec.whatwg.org/#document
507
508         They were optional in WebKit. However, Firefox and Chrome both match the
509         specification.
510
511         No new tests, rebaselined existing tests.
512
513         * dom/Document.idl:
514
515 2016-07-19  Benjamin Poulain  <bpoulain@apple.com>
516
517         Use getElementById for attribute matching if the attribute name is html's id
518         https://bugs.webkit.org/show_bug.cgi?id=159960
519
520         Reviewed by Chris Dumez.
521
522         Elliott Sprehn discovered YUI makes heavy uses of querySelector with [id=value]
523         (https://bugs.chromium.org/p/chromium/issues/detail?id=627242).
524
525         If we are not in quirks mode, IdForStyleResolution has the same value
526         as the Id attribute. We can use the same optimization for both cases.
527
528         Tests: fast/selectors/id-attribute-querySelector-used-as-id-selector-quirks.html
529                fast/selectors/id-attribute-querySelector-used-as-id-selector.html
530
531         * dom/SelectorQuery.cpp:
532         (WebCore::canBeUsedForIdFastPath):
533         (WebCore::findIdMatchingType):
534         (WebCore::SelectorDataList::SelectorDataList):
535         (WebCore::selectorForIdLookup):
536         (WebCore::filterRootById):
537
538 2016-07-19  Chris Dumez  <cdumez@apple.com>
539
540         Drop SVGElement.xmlbase attribute
541         https://bugs.webkit.org/show_bug.cgi?id=159926
542
543         Reviewed by Benjamin Poulain.
544
545         Drop SVGElement.xmlbase attribute as it is no longer part of the
546         specification:
547         - https://www.w3.org/TR/SVG2/types.html#InterfaceSVGElement
548
549         Both Firefox and Chrome have already dropped support for
550         SVGElement.xmlbase.
551
552         Chrome's intent to remove:
553         https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/TfwMq4d25hk/C-v_iC_wKfAJ
554
555         Test: svg/dom/SVGElement-xmlbase.html
556
557         * svg/SVGElement.cpp:
558         (WebCore::SVGElement::removedFrom): Deleted.
559         * svg/SVGElement.h:
560         * svg/SVGElement.idl:
561
562 2016-07-19  Chris Dumez  <cdumez@apple.com>
563
564         Align CSSStyleDeclaration.setProperty() with the specification
565         https://bugs.webkit.org/show_bug.cgi?id=159955
566
567         Reviewed by Benjamin Poulain.
568
569         Align CSSStyleDeclaration.setProperty() with the specification:
570         - https://drafts.csswg.org/cssom/#the-cssstyledeclaration-interface
571
572         In particular, the following changes were needed:
573         1. The 'value' parameter should not be optional
574         2. The 'priority' parameter should treat null as the empty string
575            rather than the string "null".
576         3. The 'priority' parameter's default value should be the empty string,
577            not the string "undefined".
578         4. CSSStyleDeclaration.setProperty() should return early if 'priority'
579            is not the empty string and is not an ASCII case-insensitive match
580            for the string "important".
581
582         Chrome matches the specification entirely.
583         Firefox matches the specification with the exception that it does a
584         case-sensitive match for "important".
585
586         Test: fast/css/CSSStyleDeclaration-setProperty.html
587
588         * css/CSSStyleDeclaration.idl:
589         * css/PropertySetCSSStyleDeclaration.cpp:
590         (WebCore::PropertySetCSSStyleDeclaration::setProperty):
591
592 2016-07-19  Daniel Bates  <dabates@apple.com>
593
594         CSP: Improve support for multiple policies to more closely conform to the CSP Level 2 spec.
595         https://bugs.webkit.org/show_bug.cgi?id=159841
596         <rdar://problem/27381684>
597
598         Reviewed by Brent Fulgham.
599
600         Implement a first pass at sending multiple violation reports so as to more closely
601         conform to section Enforcing multiple policies of the Content Security Policy Level 2 spec.,
602         <https://w3c.github.io/webappsec-csp/2/> (Editor's Draft, 25 April 2016).
603
604         Tests: http/tests/security/contentSecurityPolicy/1.1/script-blocked-sends-multiple-reports.php
605                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-enforced-policy-and-blocked-by-report-policy.php
606                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-enforced-policy-and-blocked-by-report-policy2.php
607                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy.php
608                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
609                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-enforced-policy-and-allowed-by-report-policy.php
610                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-enforced-policy-and-allowed-by-report-policy2.php
611                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy.php
612                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy2.php
613                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy.php
614                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
615                http/tests/security/contentSecurityPolicy/1.1/scripthash-in-enforced-policy-and-not-in-report-only.html
616                http/tests/security/contentSecurityPolicy/1.1/scripthash-in-one-enforced-policy-neither-in-another-enforced-policy-nor-report-policy.html
617                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-enforced-policy-and-blocked-by-report-policy.php
618                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-enforced-policy-and-blocked-by-report-policy2.php
619                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy.php
620                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
621                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-enforced-policy-and-allowed-by-report-policy.php
622                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-enforced-policy-and-allowed-by-report-policy2.php
623                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy.php
624                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy2.php
625                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy.php
626                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
627                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-in-enforced-policy-and-not-in-report-only.html
628                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-in-one-enforced-policy-neither-in-another-enforced-policy-nor-report-policy.html
629                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-multiple-policies.html
630
631         * page/csp/ContentSecurityPolicy.cpp:
632         (WebCore::ContentSecurityPolicy::allPoliciesWithDispositionAllow): Added. Returns whether the resource
633         is allowed by all of the policies with the specified disposition.
634         (WebCore::ContentSecurityPolicy::allPoliciesAllow): Added. Returns whether the resource is allowed by
635         all of the enforced policies.
636         (WebCore::ContentSecurityPolicy::findHashOfContentInPolicies): Formerly named foundHashOfContentInAllPolicies.
637         Modified to return a ("has found hash in all enforced policies, "has found hash in all report-only policies)-pair
638         so that we can differentiate whether the hash violated an enforced policy or a report-only policy.
639         (WebCore::ContentSecurityPolicy::allowJavaScriptURLs): Write in terms of ContentSecurityPolicy::allPoliciesAllow().
640         (WebCore::ContentSecurityPolicy::allowInlineEventHandlers): Ditto.
641         (WebCore::ContentSecurityPolicy::allowScriptWithNonce): For now only accept a nonce if it is allowed by
642         all enforced policies. As a side effect of this change is that we only send a CSP violation report when a
643         nonce violates a report-only policy only if the nonce also violates one or more enforced policies. We will
644         address this limitation in <https://bugs.webkit.org/show_bug.cgi?id=159830>.
645         (WebCore::ContentSecurityPolicy::allowStyleWithNonce): Ditto.
646         (WebCore::ContentSecurityPolicy::allowInlineScript): Differentiate between a hash/'unsafe-inline' that
647         matches/is contained in all enforce policies and a hash/'unsafe-inline' that matches/is contained in all
648         report-only policies so that we only allow the resource for the former. As a side effect of this change
649         we may report that a resource violated a policy even if it contained the hash. See <https://bugs.webkit.org/show_bug.cgi?id=159832>
650         for more details.
651         (WebCore::ContentSecurityPolicy::allowInlineStyle): Ditto.
652         (WebCore::ContentSecurityPolicy::allowEval): Write in terms of ContentSecurityPolicy::allPoliciesAllow().
653         (WebCore::ContentSecurityPolicy::allowFrameAncestors): Ditto.
654         (WebCore::ContentSecurityPolicy::allowPluginType): Ditto.
655         (WebCore::ContentSecurityPolicy::allowScriptFromSource): Ditto.
656         (WebCore::ContentSecurityPolicy::allowObjectFromSource): Ditto.
657         (WebCore::ContentSecurityPolicy::allowChildFrameFromSource): Ditto.
658         (WebCore::ContentSecurityPolicy::allowChildContextFromSource): Ditto.
659         (WebCore::ContentSecurityPolicy::allowImageFromSource): Ditto.
660         (WebCore::ContentSecurityPolicy::allowStyleFromSource): Ditto.
661         (WebCore::ContentSecurityPolicy::allowFontFromSource): Ditto.
662         (WebCore::ContentSecurityPolicy::allowMediaFromSource): Ditto.
663         (WebCore::ContentSecurityPolicy::allowConnectToSource): Ditto.
664         (WebCore::ContentSecurityPolicy::allowFormAction): Ditto.
665         (WebCore::ContentSecurityPolicy::allowBaseURI): Ditto.
666         (WebCore::ContentSecurityPolicy::foundHashOfContentInAllPolicies): Deleted.
667         * page/csp/ContentSecurityPolicy.h:
668         (WebCore::ContentSecurityPolicy::violatedDirectiveInAnyPolicy): Deleted.
669
670 2016-07-19  Chris Dumez  <cdumez@apple.com>
671
672         Fix null handling of HTMLScriptElement.text attribute
673         https://bugs.webkit.org/show_bug.cgi?id=159943
674
675         Reviewed by Benjamin Poulain.
676
677         Fix null handling of HTMLScriptElement.text attribute:
678         - https://html.spec.whatwg.org/multipage/scripting.html#the-script-element
679
680         We should treat null as the "null" String but we were treating it as
681         the empty string.
682
683         Firefox and Chrome match the specification.
684
685         No new tests, rebaselined existing test.
686
687         * html/HTMLScriptElement.idl:
688
689 2016-07-19  Chris Dumez  <cdumez@apple.com>
690
691         autocapitalize attribute should not use [TreatNullAs=LegacyNullString]
692         https://bugs.webkit.org/show_bug.cgi?id=159934
693
694         Reviewed by Benjamin Poulain.
695
696         autocapitalize attribute should not use [TreatNullAs=LegacyNullString]. This is
697         non-standard and we want to drop support for it from the bindings generator.
698
699         Instead, use [TreatNullAs=EmptyString] in order to maintain existing behavior
700         given that both a missing/empty attribute result in using the default
701         autocapitalization mode and that autocapitalize returns the empty string by
702         default.
703
704         Test: platform/ios-simulator/ios/fast/forms/autocapitalize-null.html
705
706         * html/HTMLFormElement.idl:
707         * html/HTMLInputElement.idl:
708         * html/HTMLTextAreaElement.idl:
709
710 2016-07-19  Zalan Bujtas  <zalan@apple.com>
711
712         REGRESSION(r203415): ASSERTION FAILED: !m_layoutRoot->container() || !m_layoutRoot->container()->needsLayout()
713         https://bugs.webkit.org/show_bug.cgi?id=159952
714
715         Reviewed by Simon Fraser.
716
717         Update ASSERTs to reflect new functionality, that is, now we can end up in a state
718         where the container (RenderView) of one of the dirty subtrees is dirty.
719         See r203415.
720  
721         Covered by editing/pasteboard/drag-drop-input-in-svg.svg
722
723         * page/FrameView.cpp:
724         (WebCore::FrameView::scheduleRelayoutOfSubtree):
725
726 2016-07-19  Dean Jackson  <dino@apple.com>
727
728         REGRESSION(202927): The first slide is the only displayed slide when Quicklooking a Keynote file
729         https://bugs.webkit.org/show_bug.cgi?id=159948
730         <rdar://problem/27391012>
731
732         Reviewed by Simon Fraser.
733
734         There is an iOS bug (<rdar://problem/27416744>) that is causing us
735         to not always get a color space on CGContextRefs. Investigation of this
736         exposed some optimizations we can take when we are creating ImageBuffers.
737         In particular, if we have a bitmap context or an IOSurfaceContext we
738         can simply copy their color space using API. Otherwise we stick with
739         the existing CGContextCopyDeviceColorSpace.
740
741         Lastly, if for some reason we are unable to copy the device color space,
742         we should fall back to sRGB.
743
744         * platform/graphics/cg/ImageBufferCG.cpp:
745         (WebCore::ImageBuffer::createCompatibleBuffer):
746         * platform/spi/cg/CoreGraphicsSPI.h: Add some SPI and enums.
747
748
749 2016-07-19  George Ruan  <gruan@apple.com>
750
751         HTMLVideoElement frames do not update on iOS when src is a MediaStream blob
752         https://bugs.webkit.org/show_bug.cgi?id=159833
753         <rdar://problem/27379487>
754
755         Reviewed by Eric Carlson.
756
757         Test: fast/mediastream/MediaStream-video-element-displays-buffer.html
758
759         * WebCore.xcodeproj/project.pbxproj:
760         * platform/graphics/avfoundation/MediaSampleAVFObjC.h: Change create to return a Ref<T> instead
761         of RefPtr<T>
762         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h: Make observer of
763         MediaStreamTrackPrivate and make MediaPlayer use an AVSampleBufferDisplayLayer instead of CALayer.
764         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm: Ditto.
765         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::~MediaPlayerPrivateMediaStreamAVFObjC): Clean up
766         observers and AVSampleBufferDisplayLayer
767         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::isAvailable): Ensures AVSampleBufferDisplayLayer
768         is available.
769         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueAudioSampleBufferFromTrack): Placeholder.
770         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueVideoSampleBufferFromTrack): Responsible
771         for enqueuing sample buffers to the active video track.
772         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::ensureLayer): Ensures that an AVSampleBufferDisplayLayer
773         exists.
774         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::destroyLayer): Destroys the AVSampleBufferDisplayLayer.
775         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::platformLayer): Replace CALayer with AVSampleBufferDisplayLayer.
776         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::currentDisplayMode): Ditto.
777         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::sampleBufferUpdated): Called from MediaStreamTrackPrivate when a
778         new SampleBuffer is available.
779         (WebCore::updateTracksOfType): Manage adding and removing self as observer from tracks.
780         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateTracks): Replace CALayer with AVSampleBufferDisplayLayer
781         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::acceleratedRenderingStateChanged): Copied from
782         MediaPlayerPrivateMediaSourceAVFObjC.mm
783         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::load): Deleted CALayer.
784         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateDisplayMode): Deleted process of updating CALayer.
785         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateIntrinsicSize): Deleted CALayer.
786         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::createPreviewLayers): Deleted.
787         * platform/mediastream/MediaStreamPrivate.cpp:
788         (WebCore::MediaStreamPrivate::updateActiveVideoTrack): Remove redundant check.
789         * platform/mediastream/MediaStreamTrackPrivate.cpp:
790         (WebCore::MediaStreamTrackPrivate::sourceHasMoreMediaData): Called from RealtimeMediaSource when a new SampleBuffer
791         is available.
792         * platform/mediastream/MediaStreamTrackPrivate.h:
793         (WebCore::MediaStreamTrackPrivate::Observer::sampleBufferUpdated): Relays to MediaPlayerPrivateMediaStream that
794         a new SampleBuffer is available to enqueue to the AVSampleBufferDisplayLayer.
795         * platform/mediastream/RealtimeMediaSource.cpp:
796         (WebCore::RealtimeMediaSource::mediaDataUpdated): Relays to all observers that a new SampleBuffer is available.
797         * platform/mediastream/RealtimeMediaSource.h:
798         * platform/mediastream/mac/AVVideoCaptureSource.mm:
799         (WebCore::AVVideoCaptureSource::processNewFrame): Calls mediaDataUpdated when a new SampleBuffer is captured.
800
801 2016-07-19  Anders Carlsson  <andersca@apple.com>
802
803         Get rid of a #define private public hack in WebCore
804         https://bugs.webkit.org/show_bug.cgi?id=159953
805
806         Reviewed by Dan Bernstein.
807
808         Use @package instead.
809
810         * bindings/objc/DOMInternal.h:
811         * bindings/objc/DOMObject.h:
812
813 2016-07-19  Andreas Kling  <akling@apple.com>
814
815         Fix SharedBuffer leak in MockContentFilter::replacementData().
816         <https://webkit.org/b/159945>
817
818         Reviewed by Andy Estes.
819
820         Spotted on leaks bot. This code was pretty explicit about how it's going to leak.
821         Since this is in the mock filter, it only affected layout tests.
822
823         * testing/MockContentFilter.cpp:
824         (WebCore::MockContentFilter::replacementData):
825
826 2016-07-19  Zalan Bujtas  <zalan@apple.com>
827
828         theguardian.co.uk crossword puzzles are sometimes not displaying text
829         https://bugs.webkit.org/show_bug.cgi?id=159924
830         <rdar://problem/27409483>
831
832         Reviewed by Simon Fraser.
833
834         This patch fixes the case when
835         - 2 disjoint subtrees are dirty
836         - RenderView is also dirty.
837         and we end up not laying out one of the 2 subtrees.
838
839         In FrameView::scheduleRelayoutOfSubtree, we assume that when the RenderView is dirty
840         we already have a pending full layout which means that any previous subtree layouts have already been
841         converted to full layouts.
842         However this assumption is incorrect. RenderView can get dirty without checking if there's
843         already a pending subtree layout.
844         One option to solve this problem would be to override RenderObject::setNeedsLayout in RenderView
845         so that when the RenderView gets dirty, we could also convert any pending subtree layout to full layout.
846         However RenderObject::setNeedsLayout is a hot function and making it virtual would impact performance.
847         The other option is to always normalize subtree layouts in FrameView::scheduleRelayoutOfSubtree().
848         This patch implements the second option.
849
850         Test: fast/misc/subtree-layouts.html
851
852         * page/FrameView.cpp:
853         (WebCore::FrameView::scheduleRelayoutOfSubtree):
854
855 2016-07-19  Anders Carlsson  <andersca@apple.com>
856
857         Some payment authorization status values should keep the sheet active
858         https://bugs.webkit.org/show_bug.cgi?id=159936
859         rdar://problem/26756701
860
861         Reviewed by Tim Horton.
862
863         * Modules/applepay/ApplePaySession.cpp:
864         (WebCore::ApplePaySession::completePayment):
865         Keep the sheet active if the status isn't a final state status.
866
867         * Modules/applepay/PaymentAuthorizationStatus.h:
868         (WebCore::isFinalStateStatus):
869         Add a new helper function that returns whether a given payment authorization status is "final",
870         meaning that once that status has been passed to completePayment, the session is finished.
871
872 2016-07-19  Nan Wang  <n_wang@apple.com>
873
874         AX: Incorrect behavior for word related text marker functions when there's collapsed whitespace
875         https://bugs.webkit.org/show_bug.cgi?id=159910
876
877         Reviewed by Chris Fleizach.
878
879         We are getting a bad CharacterOffset when there's collapsed whitespace. Added a TraverseOptionValidateOffset
880         option to make sure we are getting the correct CharacterOffset based on the corresponding Range offset. And
881         fixed a word navigation issue based on that.
882
883         Test: accessibility/mac/text-marker-word-nav-collapsed-whitespace.html
884
885         * accessibility/AXObjectCache.cpp:
886         (WebCore::AXObjectCache::traverseToOffsetInRange):
887         (WebCore::AXObjectCache::rangeForNodeContents):
888         (WebCore::AXObjectCache::startOrEndCharacterOffsetForRange):
889         (WebCore::AXObjectCache::characterOffsetFromVisiblePosition):
890         (WebCore::AXObjectCache::rightWordRange):
891         (WebCore::AXObjectCache::previousBoundary):
892         * accessibility/AXObjectCache.h:
893         (WebCore::AXObjectCache::isNodeInUse):
894
895 2016-07-19  Youenn Fablet  <youenn@apple.com>
896
897         [Streams API] ReadableStreamController methods should throw if its stream is not readable
898         https://bugs.webkit.org/show_bug.cgi?id=159871
899
900         Reviewed by Xabier Rodriguez-Calvar.
901
902         Spec now mandates close and enqueue to throw if ReadableStream is not readable.
903         Covered by rebased and/or modified tests.
904
905         * Modules/streams/ReadableStreamController.js:
906         (enqueue): Throwing a TypeError if controlled stream is not readable.
907         (close): Ditto.
908
909 2016-07-19  Simon Fraser  <simon.fraser@apple.com>
910
911         Bubbles appear split for a brief moment in Messages
912         https://bugs.webkit.org/show_bug.cgi?id=159915
913         rdar://problem/27182267
914
915         Reviewed by David Hyatt.
916
917         RenderView::repaintRootContents() had a long-standing bug in WebView when the
918         view is scrolled. repaint() uses visualOverflowRect() but, for the 
919         RenderView, the visualOverflowRect() is the initial containing block
920         which is anchored at 0,0. When the view is scrolled it's clipped out and
921         calls to repaintRootContents() have no effect.
922         
923         Change repaintRootContents() to use layoutOverflowRect(). ScrollView::repaintContentRectangle()
924         will clip it to the view if necessary.
925
926         Test: fast/repaint/scrolled-view-full-repaint.html
927
928         * rendering/RenderView.cpp:
929         (WebCore::RenderView::repaintRootContents):
930
931 2016-07-19  Dan Bernstein  <mitz@apple.com>
932
933         <rdar://problem/27420308> WebCore-7602.1.42 fails to build: error: unused parameter 'vm'
934
935         * bindings/js/JSDOMGlobalObject.cpp:
936         (WebCore::JSDOMGlobalObject::addBuiltinGlobals): Fixed the !ENABLE(STREAMS_API) build.
937
938 2016-07-19  Youenn Fablet  <youenn@apple.com>
939
940         [Streams API] Make ReadableStream properties not enumerable
941         https://bugs.webkit.org/show_bug.cgi?id=159868
942
943         Reviewed by Darin Adler.
944
945         Covered by rebased tests.
946
947         Uopdating IDL definitions to mark all functions/attributes as not enumerable.
948         Updating IDL constructor definitions to correctly compute constructor length.
949         Updating built-in implementation to correctly compute pipeTo length to 1 (second parameter being optional).
950
951         * Modules/streams/ReadableStream.idl:
952         * Modules/streams/ReadableStream.js:
953         * Modules/streams/ReadableStreamController.idl:
954         * Modules/streams/ReadableStreamReader.idl:
955
956 2016-07-19  Chris Dumez  <cdumez@apple.com>
957
958         form.enctype / encoding / method should treat null as "null" string
959         https://bugs.webkit.org/show_bug.cgi?id=159916
960
961         Reviewed by Ryosuke Niwa.
962
963         form.enctype / encoding / method should treat null as "null" string:
964         - https://html.spec.whatwg.org/multipage/forms.html#htmlformelement
965
966         Previously, WebKit would treat null as the null String, which would
967         end up removing the existing attribute.
968
969         Firefox and Chrome match the specification.
970
971         Test: fast/dom/HTMLFormElement/null-handling.html
972
973         * html/HTMLFormElement.h:
974         * html/HTMLFormElement.idl:
975
976 2016-07-18  Csaba Osztrogonác  <ossy@webkit.org>
977
978         All-in-one buildfix after r202439
979         https://bugs.webkit.org/show_bug.cgi?id=159877
980
981         Reviewed by Chris Dumez.
982
983         * Modules/webaudio/AudioDestinationNode.h:
984         (WebCore::AudioDestinationNode::resume):
985         (WebCore::AudioDestinationNode::suspend):
986         (WebCore::AudioDestinationNode::close):
987
988 2016-07-18  Frederic Wang  <fwang@igalia.com>
989
990         Move parsing of subscriptshift and superscriptshift from rendering to element classes
991         https://bugs.webkit.org/show_bug.cgi?id=159622
992
993         Reviewed by Darin Adler.
994
995         We introduce a new MathMLScriptsElement that is used for elements msub, msup, msubsup and
996         mmultiscripts in order to create RenderMathMLScripts and parse and expose the values of the
997         subscriptshift and superscriptshift attributes. This is one more step toward moving MathML
998         attribute parsing to the DOM (bug 156536).
999
1000         No new tests, rendering is unchanged.
1001
1002         * CMakeLists.txt: Add MathMLScriptsElement files.
1003         * WebCore.xcodeproj/project.pbxproj: Ditto.
1004         * mathml/MathMLAllInOne.cpp: Ditto.
1005         * mathml/MathMLInlineContainerElement.cpp: Remove handling of scripts.
1006         (WebCore::MathMLInlineContainerElement::createElementRenderer): Deleted.
1007         * mathml/MathMLScriptsElement.cpp: Added. New class to handle scripted elements supporting
1008         parsing for the subscriptshift and superscriptshift MathML lengths.
1009         (WebCore::MathMLScriptsElement::MathMLScriptsElement):
1010         (WebCore::MathMLScriptsElement::create):
1011         (WebCore::MathMLScriptsElement::subscriptShift): Expose the cached length for the shift,
1012         parsing the attribute again if necessary.
1013         (WebCore::MathMLScriptsElement::superscriptShift): Ditto.
1014         (WebCore::MathMLScriptsElement::parseAttribute): Mark attributes dirty.
1015         (WebCore::MathMLScriptsElement::createElementRenderer): Create RenderMathMLScripts.
1016         * mathml/MathMLScriptsElement.h: Ditto.
1017         * mathml/mathtags.in: Map msub, msup, msubsup and mmultiscripts to MathMLScriptsElement.
1018         * rendering/mathml/RenderMathMLScripts.cpp:
1019         (WebCore::RenderMathMLScripts::scriptsElement): Helper function to cast the node to a
1020         MathMLScriptsElement.
1021         (WebCore::RenderMathMLScripts::getScriptMetricsAndLayoutIfNeeded): Resolve the attributes
1022         using the functions from the MathMLScriptsElement class.
1023         * rendering/mathml/RenderMathMLScripts.h: Declare scriptsElement.
1024
1025 2016-07-18  Frederic Wang  <fwang@igalia.com>
1026
1027         Do not store gap and shift parameters on RenderMathMLFraction
1028         https://bugs.webkit.org/show_bug.cgi?id=159876
1029
1030         Reviewed by Darin Adler.
1031
1032         After r203285, the stack and fraction layout parameters are only used in layoutBlock so we
1033         do not need to store them on the class. We remove them and split updateLayoutParameters into
1034         three functions: one to update the linethickness and two others to retrieve the fraction and
1035         stack respectively.
1036
1037         No new tests, rendering is unchanged.
1038
1039         * rendering/mathml/RenderMathMLFraction.cpp:
1040         (WebCore::RenderMathMLFraction::updateLineThickness): Move code to update thickness members here.
1041         (WebCore::RenderMathMLFraction::getFractionParameters): Move code to retrieve fraction parameters here.
1042         (WebCore::RenderMathMLFraction::getStackParameters): Move code to retrieve stack parameters here.
1043         (WebCore::RenderMathMLFraction::layoutBlock): Use the new helper functions and local variables
1044         for fraction and stack parameters.
1045         (WebCore::RenderMathMLFraction::updateLayoutParameters): Deleted.
1046         * rendering/mathml/RenderMathMLFraction.h: Declare new helper functions and remove members
1047         for stack and fraction parameters.
1048
1049 2016-07-18  Chris Dumez  <cdumez@apple.com>
1050
1051         input.formEnctype / formMethod and button.formEnctype / formMethod / type should treat null as "null"
1052         https://bugs.webkit.org/show_bug.cgi?id=159908
1053
1054         Reviewed by Alex Christensen.
1055
1056         input.formEnctype / formMethod and button.formEnctype / formMethod / type
1057         should treat null as "null" String:
1058         - https://html.spec.whatwg.org/multipage/forms.html#htmlinputelement
1059         - https://html.spec.whatwg.org/multipage/forms.html#htmlbuttonelement
1060
1061         In WebKit, we would treat null as a null String which would end up
1062         removing the corresponding attribute. This does not match the
1063         specification. Firefox and Chrome match the specification here.
1064
1065         Tests:
1066         - fast/dom/HTMLButtonElement/null-handling.html
1067         - fast/dom/HTMLInputElement/null-handling.html
1068
1069         * html/HTMLButtonElement.idl:
1070         * html/HTMLInputElement.idl:
1071
1072 2016-07-18  Alex Christensen  <achristensen@webkit.org>
1073
1074         webbookmarksd needs to use the same AppCache directory as MobileSafari
1075         https://bugs.webkit.org/show_bug.cgi?id=159912
1076
1077         Reviewed by Alexey Proskuryakov.
1078
1079         No new tests.  This only changes behavior for webbookmarksd.
1080
1081         * platform/RuntimeApplicationChecks.h:
1082         * platform/RuntimeApplicationChecks.mm:
1083         (WebCore::IOSApplication::isWebBookmarksD): Added.
1084
1085 2016-07-18  Chris Dumez  <cdumez@apple.com>
1086
1087         EventTarget.dispatchEvent() parameter should not be nullable
1088         https://bugs.webkit.org/show_bug.cgi?id=159897
1089
1090         Reviewed by Benjamin Poulain.
1091
1092         EventTarget.dispatchEvent() parameter should not be nullable:
1093         - https://dom.spec.whatwg.org/#interface-eventtarget
1094
1095         Even though the parameter was marked as nullable in our IDL, our
1096         implementation does a null check and we already throw a TypeError
1097         when calling dispatchEvent(null).
1098
1099         Update our IDL so that it matches the specification and so that
1100         the null check is generated in the bindings instead.
1101
1102         No new tests, rebaseline existing tests.
1103
1104         * dom/EventTarget.cpp:
1105         (WebCore::EventTarget::dispatchEventForBindings):
1106         * dom/EventTarget.h:
1107         * dom/EventTarget.idl:
1108
1109 2016-07-18  Chris Dumez  <cdumez@apple.com>
1110
1111         DocType's publicId / systemId should not be nullable
1112         https://bugs.webkit.org/show_bug.cgi?id=159901
1113
1114         Reviewed by Benjamin Poulain.
1115
1116         DocType's publicId / systemId should not be nullable. While they were
1117         not marked as nullable in our IDL, they could be stored as null Strings
1118         in our implementation depending on how the Node was constructed. This
1119         led to subtle bugs where String() != emptyString().
1120
1121         In particular, Node.isEqualNode() would return false when DocumentType
1122         nodes would mismatch because of their publicId / systemId being null
1123         instead of the emptyString.
1124
1125         Serialization would DocumentType nodes would also be wrong when
1126         publicId / systemId were empty Strings instead of null strings. The
1127         new behavior now matches:
1128         - https://www.w3.org/TR/DOM-Parsing/#dfn-concept-serialize-doctype (steps 7-9)
1129
1130         To address these issues, we now always store publicId / systemId as
1131         non-null Strings inside the DocumentType class.
1132
1133         Test: fast/dom/DocumentType/isEqualNode.html
1134
1135         * dom/DocumentType.cpp:
1136         (WebCore::DocumentType::DocumentType):
1137         * editing/MarkupAccumulator.cpp:
1138         (WebCore::MarkupAccumulator::appendDocumentType):
1139
1140 2016-07-18  Jeremy Jones  <jeremyj@apple.com>
1141
1142         If previous media session interruptions were prevented, still allow subsequent interruptions to try.
1143         https://bugs.webkit.org/show_bug.cgi?id=157553
1144         rdar://problem/25740804
1145
1146         Reviewed by Eric Carlson.
1147
1148         Test: platform/ios-simulator/media/video-interruption-suspendunderlock.html
1149
1150         When suspending under lock on iOS, there is first a resign active event, then a
1151         suspend under lock. PiP prevents resign active from interrupting playback. But it should allow the
1152         suspend under lock to interrupt playback.
1153
1154         Currently if there are nested interruptions only the first one is acted upon.
1155
1156         This change allows subsequent, nested interruptions to have a chance to interrupt playback if the
1157         previous interruptions were ignored.
1158
1159         This test is for iPad only, so it must be run manually.
1160
1161         * html/HTMLMediaElement.cpp:
1162         (WebCore::HTMLMediaElement::shouldOverrideBackgroundPlaybackRestriction):
1163         * platform/audio/PlatformMediaSession.cpp:
1164         (WebCore::PlatformMediaSession::beginInterruption):
1165         * testing/Internals.cpp:
1166         (WebCore::Internals::beginMediaSessionInterruption):
1167
1168 2016-07-18  Brent Fulgham  <bfulgham@apple.com>
1169
1170         Don't associate form-associated elements with forms in other trees.
1171         https://bugs.webkit.org/show_bug.cgi?id=119451
1172         <rdar://problem/27382946>
1173
1174         Change is based on the Blink change (patch by <adamk@chromium.org>):
1175         <https://chromium.googlesource.com/chromium/blink/+/0b33128be67e7845d495d5219614c02ccfe7a414>
1176
1177         Reviewed by Chris Dumez.
1178
1179         Prevent elements from being associated with forms that are not part of the same home subtree.
1180         This brings us in line with the WhatWG HTML specification as of September, 2013.
1181
1182         Tests: fast/forms/image-disconnected-during-parse.html
1183                fast/forms/input-disconnected-during-parse.html
1184
1185         * dom/Element.h:
1186         (WebCore::Node::rootElement): Added.
1187         * html/FormAssociatedElement.cpp:
1188         (WebCore::FormAssociatedElement::insertedInto): If the element is associated with a form that
1189         is not part of the same tree, remove the association.
1190         * html/HTMLImageElement.cpp:
1191         (WebCore::HTMLImageElement::insertedInto): Ditto.
1192
1193 2016-07-18  Anders Carlsson  <andersca@apple.com>
1194
1195         WebKit nightly fails to build on macOS Sierra
1196         https://bugs.webkit.org/show_bug.cgi?id=159902
1197         rdar://problem/27365672
1198
1199         Reviewed by Tim Horton.
1200
1201         * Modules/applepay/cocoa/PaymentCocoa.mm:
1202         * Modules/applepay/cocoa/PaymentContactCocoa.mm:
1203         * Modules/applepay/cocoa/PaymentMerchantSessionCocoa.mm:
1204         * Modules/applepay/cocoa/PaymentMethodCocoa.mm:
1205         Use new PassKitSPI header.
1206
1207         * WebCore.xcodeproj/project.pbxproj:
1208         Add new PassKitSPI header.
1209
1210         * icu/unicode/ucurr.h: Added.
1211         Add ucurr.h from ICU.
1212
1213         * platform/spi/cocoa/PassKitSPI.h: Added.
1214         Add new PassKitSPI header.
1215
1216 2016-07-18  Dean Jackson  <dino@apple.com>
1217
1218         REGRESSION (r202950): Image zoom animations are broken at medium.com (159861)
1219         https://bugs.webkit.org/show_bug.cgi?id=159906
1220         <rdar://problem/27391725>
1221
1222         Reviewed by Simon Fraser.
1223
1224         The fix for webkit.org/b/157569 in r200769 broke AMP pages.
1225         The followup fix for webkit.org/b/159450 in r202950 broke Medium pages.
1226
1227         Revert them both until we have better testing.
1228
1229         * css/CSSParser.cpp:
1230         (WebCore::CSSParser::addPropertyWithPrefixingVariant):
1231         (WebCore::CSSParser::parseValue):
1232         (WebCore::CSSParser::parseAnimationShorthand):
1233         (WebCore::CSSParser::parseTransitionShorthand): Deleted.
1234         * css/CSSPropertyNames.in:
1235         * css/PropertySetCSSStyleDeclaration.cpp:
1236         (WebCore::PropertySetCSSStyleDeclaration::getPropertyCSSValue):
1237         (WebCore::PropertySetCSSStyleDeclaration::getPropertyValue):
1238         (WebCore::PropertySetCSSStyleDeclaration::getPropertyCSSValueInternal):
1239         (WebCore::PropertySetCSSStyleDeclaration::getPropertyValueInternal):
1240         * css/StyleProperties.cpp:
1241         (WebCore::MutableStyleProperties::removeShorthandProperty):
1242         (WebCore::MutableStyleProperties::removeProperty):
1243         (WebCore::MutableStyleProperties::removePrefixedOrUnprefixedProperty):
1244         (WebCore::MutableStyleProperties::setProperty):
1245         (WebCore::getIndexInShorthandVectorForPrefixingVariant):
1246         (WebCore::MutableStyleProperties::appendPrefixingVariantProperty):
1247         (WebCore::MutableStyleProperties::setPrefixingVariantProperty):
1248         (WebCore::StyleProperties::asText): Deleted.
1249         * css/StyleProperties.h:
1250
1251 2016-07-18  Andreas Kling  <akling@apple.com>
1252
1253         There should be a way to simulate memory pressure in layout tests
1254         <https://webkit.org/b/159743>
1255
1256         Reviewed by Simon Fraser.
1257
1258         Add three window.internal APIs:
1259
1260             - boolean isUnderMemoryPressure (readonly attribute)
1261             - void beginSimulatedMemoryPressure()
1262             - void endSimulatedMemoryPressure()
1263
1264         These make it possible to write tests that exercise behaviors that only
1265         occur during memory pressure situations.
1266
1267         I also implemented the "org.WebKit.lowMemory" notification handler using the new API.
1268
1269         Test: memory/memory-pressure-simulation.html
1270
1271         * platform/MemoryPressureHandler.cpp:
1272         (WebCore::MemoryPressureHandler::beginSimulatedMemoryPressure):
1273         (WebCore::MemoryPressureHandler::endSimulatedMemoryPressure):
1274         * platform/MemoryPressureHandler.h:
1275         (WebCore::MemoryPressureHandler::isUnderMemoryPressure):
1276         * platform/cocoa/MemoryPressureHandlerCocoa.mm:
1277         (WebCore::MemoryPressureHandler::platformReleaseMemory):
1278         (WebCore::MemoryPressureHandler::install):
1279         * testing/Internals.cpp:
1280         (WebCore::Internals::isUnderMemoryPressure):
1281         (WebCore::Internals::beginSimulatedMemoryPressure):
1282         (WebCore::Internals::endSimulatedMemoryPressure):
1283         * testing/Internals.h:
1284         * testing/Internals.idl:
1285
1286 2016-07-18  Said Abou-Hallawa  <sabouhallawa@apple,com>
1287
1288         [iOS] PDFDocumentImage should cache only a sub image of the PDF when caching the whole image is expensive
1289         https://bugs.webkit.org/show_bug.cgi?id=158715
1290
1291         Reviewed by Dean Jackson.
1292
1293         Test: fast/images/displaced-non-cached-pdf.html
1294
1295         For iOS, we need to ensure the size of the cached PDF images will not
1296         exceed some limit. Also we should be caching only a sub image of the PDF
1297         if caching the whole image will exceed the memory limit.
1298
1299         * page/Settings.cpp:
1300         (WebCore::Settings::Settings):
1301         (WebCore::Settings::setCachedPDFImageEnabled):
1302         * page/Settings.h:
1303         (WebCore::Settings::isCachedPDFImageEnabled):
1304             Add an option to disable caching the PDF images.
1305
1306         * platform/graphics/cg/PDFDocumentImage.cpp:
1307         (WebCore::PDFDocumentImage::setCachedPDFImageEnabled):
1308             Allow the caller of draw() to disable caching the PDF images.
1309         
1310         (WebCore::PDFDocumentImage::cacheParametersMatch):
1311             Match the context dirty rectangle with the cached image rectangle.
1312         
1313         (WebCore::transformContextForPainting):
1314             When preparing the context for drawing the PDF, take the location 
1315             of the destination rectangle into account. We do not need to scale
1316             the location of the source rectangle because we scale the size of
1317             the rectangle but we don't scale the whole coordinate system.
1318
1319         (WebCore::cachedImageRect):
1320             Calculate the rectangle of the cached image such that it does not
1321             exceed the limit. Start from the center of the dirty rectangle and
1322             then expand around it.
1323             
1324         (WebCore::PDFDocumentImage::decodedSizeChanged):
1325             In addition to notifying the ImageObserver, it keeps track of the size
1326             of all the cached PDF images.
1327
1328         (WebCore::PDFDocumentImage::updateCachedImageIfNeeded):
1329             Ensure the size of all the cached images does not exceed the limit
1330             
1331         (WebCore::PDFDocumentImage::destroyDecodedData):
1332         * platform/graphics/cg/PDFDocumentImage.h:
1333
1334         * rendering/RenderImage.cpp:
1335         (WebCore::RenderImage::paintIntoRect):
1336             Pass the option to disable caching the PDF images to PDFDocumentImage.
1337
1338         * testing/InternalSettings.cpp:
1339         (WebCore::InternalSettings::Backup::Backup):
1340         (WebCore::InternalSettings::Backup::restoreTo):
1341         (WebCore::InternalSettings::setCachedPDFImageEnabled):
1342         * testing/InternalSettings.h:
1343         * testing/InternalSettings.idl:
1344             Add an internal option to disable caching the PDF images.
1345
1346 2016-07-18  Chris Dumez  <cdumez@apple.com>
1347
1348         The 2 first parameters to addEventListener() / removeEventListener() should be mandatory
1349         https://bugs.webkit.org/show_bug.cgi?id=158008
1350
1351         Reviewed by Darin Adler.
1352
1353         The 2 first parameters to addEventListener() / removeEventListener() should be
1354         mandatory:
1355         - https://dom.spec.whatwg.org/#interface-eventtarget
1356
1357         Firefox 46 and Chrome 50 both match the specification and throw an exception when those
1358         parameters are omitted. However, those parameters were marked as optional in WebKit and
1359         the calls were no-ops if those parameters were omitted. This patch aligns our behavior
1360         with the specification and other browsers.
1361
1362         Test: fast/dom/eventtarget-api-parameters.html
1363
1364         * bindings/scripts/CodeGeneratorJS.pm:
1365         (GetFunctionLength): Deleted.
1366         * dom/EventTarget.idl:
1367
1368 2016-07-18  Brent Fulgham  <bfulgham@apple.com>
1369
1370         Unreviewed, rolling out r203373.
1371
1372         Unaddressed
1373
1374         Reverted changeset:
1375
1376         "Don't associate form-associated elements with forms in other
1377         trees."
1378         https://bugs.webkit.org/show_bug.cgi?id=119451
1379         http://trac.webkit.org/changeset/203373
1380
1381 2016-07-18  Brent Fulgham  <bfulgham@apple.com>
1382
1383         Don't associate form-associated elements with forms in other trees.
1384         https://bugs.webkit.org/show_bug.cgi?id=119451
1385         <rdar://problem/27382946>
1386
1387         Change is based on the Blink change (patch by <adamk@chromium.org>):
1388         <https://chromium.googlesource.com/chromium/blink/+/0b33128be67e7845d495d5219614c02ccfe7a414>
1389
1390         Reviewed by Zalan Bujtas.
1391
1392         Prevent elements from being associated with forms that are not part of the same home subtree.
1393         This brings us in line with the WhatWG HTML specification as of September, 2013.
1394
1395         Tests: fast/forms/image-disconnected-during-parse.html
1396                fast/forms/input-disconnected-during-parse.html
1397
1398         * dom/NodeTraversal.h:
1399         (WebCore::NodeTraversal::highestAncestorOrSelf): Added.
1400         * html/FormAssociatedElement.cpp:
1401         (WebCore::FormAssociatedElement::insertedInto): If the element is associated with a form that
1402         is not part of the same tree, remove the association.
1403         * html/HTMLImageElement.cpp:
1404         (WebCore::HTMLImageElement::insertedInto): Ditto.
1405
1406 2016-07-18  George Ruan  <gruan@apple.com>
1407
1408         Move MediaSampleAVFObjC into its own file
1409         https://bugs.webkit.org/show_bug.cgi?id=159796
1410         <rdar://problem/27362488>
1411
1412         In preparation for a feature that uses MediaSampleAVFObjC, but does
1413         not need SourceBufferPrivateAVFObjC, it is beneficial to move
1414         MediaSampleAVFObjC to its own file.
1415
1416         Reviewed by Eric Carlson.
1417
1418         * WebCore.xcodeproj/project.pbxproj:
1419         * platform/MediaSample.h: Allow setting trackID to associate
1420         MediaSample id with MediaStreamTrackPrivate id.
1421         * platform/graphics/avfoundation/MediaSampleAVFObjC.h: Added.
1422         * platform/graphics/avfoundation/objc/MediaSampleAVFObjC.mm: Moved
1423         from MediaSampleAVFObjC
1424         (WebCore::MediaSampleAVFObjC::presentationTime):
1425         (WebCore::MediaSampleAVFObjC::decodeTime):
1426         (WebCore::MediaSampleAVFObjC::duration):
1427         (WebCore::MediaSampleAVFObjC::sizeInBytes):
1428         (WebCore::MediaSampleAVFObjC::platformSample):
1429         (WebCore::CMSampleBufferIsRandomAccess):
1430         (WebCore::MediaSampleAVFObjC::flags):
1431         (WebCore::MediaSampleAVFObjC::presentationSize):
1432         (WebCore::MediaSampleAVFObjC::dump):
1433         (WebCore::MediaSampleAVFObjC::offsetTimestampsBy):
1434         (WebCore::MediaSampleAVFObjC::setTimestamps):
1435         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
1436         Moved MediaSampleAVFObjC to its own file.
1437         (WebCore::MediaSampleAVFObjC::platformSample): Deleted.
1438         (WebCore::CMSampleBufferIsRandomAccess): Deleted.
1439         (WebCore::MediaSampleAVFObjC::flags): Deleted.
1440         (WebCore::MediaSampleAVFObjC::presentationSize): Deleted.
1441         (WebCore::MediaSampleAVFObjC::dump): Deleted.
1442         (WebCore::MediaSampleAVFObjC::offsetTimestampsBy): Deleted.
1443         (WebCore::MediaSampleAVFObjC::setTimestamps): Deleted.
1444         * platform/mock/mediasource/MockSourceBufferPrivate.cpp:
1445
1446 2016-07-18  Eric Carlson  <eric.carlson@apple.com>
1447
1448         [MSE][Mac] Pass AVSampleBufferDisplayLayer HDCP status to a newly created key session
1449         https://bugs.webkit.org/show_bug.cgi?id=159812
1450         <rdar://problem/27371624>
1451
1452         Reviewed by Jon Lee.
1453
1454         No new tests, it isn't possible to test this with our current testing infrastructure.
1455
1456         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.h:
1457         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
1458         (WebCore::SourceBufferPrivateAVFObjC::setCDMSession): Call layerDidReceiveError if there has
1459         been an HDCP error.
1460         (WebCore::SourceBufferPrivateAVFObjC::rendererDidReceiveError): Remember an HDCP error.
1461
1462 2016-07-18  Yoav Weiss  <yoav@yoav.ws>
1463
1464         Add preload to features.json
1465         https://bugs.webkit.org/show_bug.cgi?id=159872
1466
1467         Reviewed by Darin Adler.
1468
1469         No new tests but no functional change.
1470
1471         * features.json:
1472
1473 2016-07-18  Youenn Fablet  <youenn@apple.com>
1474
1475         [Streams API] ReadableStream should throw a RangeError in case of NaN highWaterMark
1476         https://bugs.webkit.org/show_bug.cgi?id=159870
1477
1478         Reviewed by Xabier Rodriguez-Calvar.
1479
1480         Covered by rebased test.
1481
1482         * Modules/streams/StreamInternals.js:
1483         (validateAndNormalizeQueuingStrategy): Throwing a RangeError in lieu of a TypeError in case of NaN highWaterMark.
1484
1485 2016-07-18  Csaba Osztrogonác  <ossy@webkit.org>
1486
1487         Windows buildfix after r203338
1488         https://bugs.webkit.org/show_bug.cgi?id=159875
1489
1490         Unreviewed buildfix.
1491
1492         * dom/UserGestureIndicator.h:
1493         (WebCore::UserGestureToken::addDestructionObserver):
1494
1495 2016-07-18  Carlos Garcia Campos  <cgarcia@igalia.com>
1496
1497         MemoryPressureHandler doesn't work if cgroups aren't present in Linux
1498         https://bugs.webkit.org/show_bug.cgi?id=155255
1499
1500         Reviewed by Sergio Villar Senin.
1501
1502         Allow to pass an eventFD file descriptor to the MemoryPressureHandler to be monitorized in case cgroups are not
1503         available.
1504
1505         * platform/MemoryPressureHandler.h:
1506         * platform/linux/MemoryPressureHandlerLinux.cpp:
1507
1508 2016-07-17  Gyuyoung Kim  <gyuyoung.kim@webkit.org>
1509
1510         Clean up PassRefPtr uses in Modules/encryptedmedia, Modules/speech, and Modules/quota
1511         https://bugs.webkit.org/show_bug.cgi?id=159701
1512
1513         Reviewed by Alex Christensen.
1514
1515         No new tests, no behavior changes.
1516
1517         * Modules/encryptedmedia/CDM.h:
1518         * Modules/encryptedmedia/MediaKeySession.h:
1519         * Modules/encryptedmedia/MediaKeys.h:
1520         * Modules/quota/DOMWindowQuota.cpp:
1521         * Modules/quota/StorageErrorCallback.cpp:
1522         (WebCore::StorageErrorCallback::CallbackTask::CallbackTask):
1523         * Modules/quota/StorageErrorCallback.h:
1524         * Modules/quota/StorageInfo.h:
1525         * Modules/quota/StorageQuota.h:
1526         * Modules/speech/DOMWindowSpeechSynthesis.cpp:
1527         * Modules/speech/SpeechSynthesis.cpp:
1528         (WebCore::SpeechSynthesis::getVoices):
1529         (WebCore::SpeechSynthesis::startSpeakingImmediately):
1530         (WebCore::SpeechSynthesis::speak):
1531         (WebCore::SpeechSynthesis::cancel):
1532         (WebCore::SpeechSynthesis::handleSpeakingCompleted):
1533         (WebCore::SpeechSynthesis::boundaryEventOccurred):
1534         (WebCore::SpeechSynthesis::didStartSpeaking):
1535         (WebCore::SpeechSynthesis::didPauseSpeaking):
1536         (WebCore::SpeechSynthesis::didResumeSpeaking):
1537         (WebCore::SpeechSynthesis::didFinishSpeaking):
1538         (WebCore::SpeechSynthesis::speakingErrorOccurred):
1539         * Modules/speech/SpeechSynthesis.h:
1540         * Modules/speech/SpeechSynthesisEvent.h:
1541         * Modules/speech/SpeechSynthesisUtterance.h:
1542         * Modules/speech/SpeechSynthesisVoice.cpp:
1543         (WebCore::SpeechSynthesisVoice::create):
1544         (WebCore::SpeechSynthesisVoice::SpeechSynthesisVoice):
1545         * Modules/speech/SpeechSynthesisVoice.h:
1546         * platform/PlatformSpeechSynthesizer.h:
1547         * platform/efl/PlatformSpeechSynthesisProviderEfl.cpp:
1548         (WebCore::PlatformSpeechSynthesisProviderEfl::fireSpeechEvent):
1549         * platform/mock/PlatformSpeechSynthesizerMock.cpp:
1550         (WebCore::PlatformSpeechSynthesizerMock::speakingFinished):
1551         (WebCore::PlatformSpeechSynthesizerMock::speak):
1552         (WebCore::PlatformSpeechSynthesizerMock::cancel):
1553         (WebCore::PlatformSpeechSynthesizerMock::pause):
1554         (WebCore::PlatformSpeechSynthesizerMock::resume):
1555
1556 2016-07-16  Sam Weinig  <sam@webkit.org>
1557
1558         [WebKit API] Add SPI to track multiple navigations caused by a single user gesture
1559         <rdar://problem/26554137>
1560         https://bugs.webkit.org/show_bug.cgi?id=159856
1561
1562         Reviewed by Dan Bernstein.
1563
1564         - Adds a new RefCounted object to represent a unique user gesture, called UserGestureToken.
1565         - Makes UserGestureIndicator track UserGestureToken.
1566         - Refines UserGestureIndicator's interface to use Optional and a smaller enum set
1567           to represent the different initial states.
1568         - Stores UserGestureTokens on objects that want to forward user gesture state (DOMTimer, 
1569           postMessage, and ScheduledNavigation) rather than just a boolean.
1570
1571         * accessibility/AccessibilityNodeObject.cpp:
1572         (WebCore::AccessibilityNodeObject::increment):
1573         (WebCore::AccessibilityNodeObject::decrement):
1574         * accessibility/AccessibilityObject.cpp:
1575         (WebCore::AccessibilityObject::press):
1576         * bindings/js/ScriptController.cpp:
1577         (WebCore::ScriptController::executeScriptInWorld):
1578         (WebCore::ScriptController::executeScript):
1579         Update for new UserGestureIndicator interface.
1580
1581         * dom/UserGestureIndicator.cpp:
1582         (WebCore::currentToken):
1583         (WebCore::UserGestureToken::~UserGestureToken):
1584         (WebCore::UserGestureIndicator::UserGestureIndicator):
1585         (WebCore::UserGestureIndicator::~UserGestureIndicator):
1586         (WebCore::UserGestureIndicator::currentUserGesture):
1587         (WebCore::UserGestureIndicator::processingUserGesture):
1588         (WebCore::UserGestureIndicator::processingUserGestureForMedia):
1589         (WebCore::isDefinite): Deleted.
1590         * dom/UserGestureIndicator.h:
1591         (WebCore::UserGestureToken::create):
1592         (WebCore::UserGestureToken::state):
1593         (WebCore::UserGestureToken::processingUserGesture):
1594         (WebCore::UserGestureToken::processingUserGestureForMedia):
1595         (WebCore::UserGestureToken::addDestructionObserver):
1596         (WebCore::UserGestureToken::UserGestureToken):
1597         Add UserGestureToken and track the current one explicitly.
1598
1599         * html/HTMLMediaElement.cpp:
1600         (WebCore::HTMLMediaElement::didReceiveRemoteControlCommand):
1601         * inspector/InspectorFrontendClientLocal.cpp:
1602         (WebCore::InspectorFrontendClientLocal::openInNewTab):
1603         * inspector/InspectorFrontendHost.cpp:
1604         * inspector/InspectorPageAgent.cpp:
1605         (WebCore::InspectorPageAgent::navigate):
1606         Update for new UserGestureIndicator interface.
1607
1608         * loader/NavigationAction.cpp:
1609         (WebCore::NavigationAction::NavigationAction):
1610         * loader/NavigationAction.h:
1611         (WebCore::NavigationAction::userGestureToken):
1612         (WebCore::NavigationAction::processingUserGesture):
1613         * loader/NavigationScheduler.cpp:
1614         (WebCore::ScheduledNavigation::ScheduledNavigation):
1615         (WebCore::ScheduledNavigation::~ScheduledNavigation):
1616         (WebCore::ScheduledNavigation::lockBackForwardList):
1617         (WebCore::ScheduledNavigation::wasDuringLoad):
1618         (WebCore::ScheduledNavigation::isLocationChange):
1619         (WebCore::ScheduledNavigation::userGestureToForward):
1620         (WebCore::ScheduledNavigation::clearUserGesture):
1621         (WebCore::NavigationScheduler::mustLockBackForwardList):
1622         (WebCore::NavigationScheduler::scheduleFormSubmission):
1623         (WebCore::ScheduledNavigation::wasUserGesture): Deleted.
1624         * page/DOMTimer.cpp:
1625         (WebCore::shouldForwardUserGesture):
1626         (WebCore::userGestureTokenToForward):
1627         (WebCore::DOMTimer::DOMTimer):
1628         (WebCore::DOMTimer::fired):
1629         * page/DOMTimer.h:
1630         * page/DOMWindow.cpp:
1631         (WebCore::PostMessageTimer::PostMessageTimer):
1632         Store the active UserGestureToken rather than just a bit.
1633
1634         * page/EventHandler.cpp:
1635         (WebCore::EventHandler::handleMousePressEvent):
1636         (WebCore::EventHandler::handleMouseDoubleClickEvent):
1637         (WebCore::EventHandler::handleMouseReleaseEvent):
1638         (WebCore::EventHandler::keyEvent):
1639         (WebCore::EventHandler::handleTouchEvent):
1640         * rendering/HitTestResult.cpp:
1641         (WebCore::HitTestResult::toggleMediaFullscreenState):
1642         (WebCore::HitTestResult::enterFullscreenForVideo):
1643         (WebCore::HitTestResult::toggleEnhancedFullscreenForVideo):
1644         Update for new UserGestureIndicator interface.
1645
1646 2016-07-17  Ryosuke Niwa  <rniwa@webkit.org>
1647
1648         Rename fastHasAttribute to hasAttributeWithoutSynchronization
1649         https://bugs.webkit.org/show_bug.cgi?id=159864
1650
1651         Reviewed by Chris Dumez.
1652
1653         Renamed Rename fastHasAttribute to hasAttributeWithoutSynchronization for clarity.
1654
1655         * accessibility/AccessibilityListBoxOption.cpp:
1656         (WebCore::AccessibilityListBoxOption::isEnabled):
1657         * accessibility/AccessibilityObject.cpp:
1658         (WebCore::AccessibilityObject::hasAttribute):
1659         (WebCore::AccessibilityObject::getAttribute):
1660         * accessibility/AccessibilityRenderObject.cpp:
1661         (WebCore::AccessibilityRenderObject::determineAccessibilityRole):
1662         * bindings/scripts/CodeGenerator.pm:
1663         (GetterExpression):
1664         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
1665         * bindings/scripts/test/JS/JSTestObj.cpp:
1666         (WebCore::jsTestObjReflectedBooleanAttr):
1667         (WebCore::jsTestObjReflectedCustomBooleanAttr):
1668         * bindings/scripts/test/ObjC/DOMTestObj.mm:
1669         (-[DOMTestObj reflectedBooleanAttr]):
1670         (-[DOMTestObj setReflectedBooleanAttr:]):
1671         (-[DOMTestObj reflectedCustomBooleanAttr]):
1672         (-[DOMTestObj setReflectedCustomBooleanAttr:]):
1673         * dom/Document.cpp:
1674         (WebCore::Document::hasManifest):
1675         (WebCore::Document::doctype):
1676         * dom/Element.h:
1677         (WebCore::Node::parentElement):
1678         (WebCore::Element::hasAttributeWithoutSynchronization):
1679         (WebCore::Element::fastHasAttribute): Deleted.
1680         * editing/ApplyStyleCommand.cpp:
1681         (WebCore::ApplyStyleCommand::removeEmbeddingUpToEnclosingBlock):
1682         * editing/DeleteSelectionCommand.cpp:
1683         (WebCore::DeleteSelectionCommand::makeStylingElementsDirectChildrenOfEditableRootToPreventStyleLoss):
1684         * editing/markup.cpp:
1685         (WebCore::createMarkupInternal):
1686         * html/ColorInputType.cpp:
1687         (WebCore::ColorInputType::shouldShowSuggestions):
1688         * html/FileInputType.cpp:
1689         (WebCore::FileInputType::handleDOMActivateEvent):
1690         (WebCore::FileInputType::receiveDroppedFiles):
1691         * html/FormAssociatedElement.cpp:
1692         (WebCore::FormAssociatedElement::didMoveToNewDocument):
1693         (WebCore::FormAssociatedElement::insertedInto):
1694         (WebCore::FormAssociatedElement::removedFrom):
1695         (WebCore::FormAssociatedElement::formAttributeChanged):
1696         * html/FormController.cpp:
1697         (WebCore::ownerFormForState):
1698         * html/GenericCachedHTMLCollection.cpp:
1699         (WebCore::GenericCachedHTMLCollection<traversalType>::elementMatches):
1700         * html/HTMLAnchorElement.cpp:
1701         (WebCore::HTMLAnchorElement::draggable):
1702         (WebCore::HTMLAnchorElement::href):
1703         (WebCore::HTMLAnchorElement::sendPings):
1704         * html/HTMLAppletElement.cpp:
1705         (WebCore::HTMLAppletElement::rendererIsNeeded):
1706         * html/HTMLElement.cpp:
1707         (WebCore::HTMLElement::collectStyleForPresentationAttribute):
1708         (WebCore::elementAffectsDirectionality):
1709         (WebCore::setHasDirAutoFlagRecursively):
1710         * html/HTMLEmbedElement.cpp:
1711         (WebCore::HTMLEmbedElement::rendererIsNeeded):
1712         * html/HTMLFieldSetElement.cpp:
1713         (WebCore::updateFromControlElementsAncestorDisabledStateUnder):
1714         (WebCore::HTMLFieldSetElement::disabledAttributeChanged):
1715         (WebCore::HTMLFieldSetElement::disabledStateChanged):
1716         (WebCore::HTMLFieldSetElement::childrenChanged):
1717         * html/HTMLFormControlElement.cpp:
1718         (WebCore::HTMLFormControlElement::formNoValidate):
1719         (WebCore::HTMLFormControlElement::formAction):
1720         (WebCore::HTMLFormControlElement::computeIsDisabledByFieldsetAncestor):
1721         (WebCore::shouldAutofocus):
1722         * html/HTMLFormElement.cpp:
1723         (WebCore::HTMLFormElement::formElementIndex):
1724         (WebCore::HTMLFormElement::noValidate):
1725         * html/HTMLFrameElement.cpp:
1726         (WebCore::HTMLFrameElement::noResize):
1727         (WebCore::HTMLFrameElement::didAttachRenderers):
1728         * html/HTMLFrameElementBase.cpp:
1729         (WebCore::HTMLFrameElementBase::parseAttribute):
1730         (WebCore::HTMLFrameElementBase::location):
1731         * html/HTMLHRElement.cpp:
1732         (WebCore::HTMLHRElement::collectStyleForPresentationAttribute):
1733         * html/HTMLImageElement.cpp:
1734         (WebCore::HTMLImageElement::isServerMap):
1735         * html/HTMLInputElement.cpp:
1736         (WebCore::HTMLInputElement::finishParsingChildren):
1737         (WebCore::HTMLInputElement::matchesDefaultPseudoClass):
1738         (WebCore::HTMLInputElement::isActivatedSubmit):
1739         (WebCore::HTMLInputElement::reset):
1740         (WebCore::HTMLInputElement::multiple):
1741         (WebCore::HTMLInputElement::setSize):
1742         (WebCore::HTMLInputElement::shouldUseMediaCapture):
1743         * html/HTMLMarqueeElement.cpp:
1744         (WebCore::HTMLMarqueeElement::minimumDelay):
1745         * html/HTMLMediaElement.cpp:
1746         (WebCore::HTMLMediaElement::insertedInto):
1747         (WebCore::HTMLMediaElement::selectMediaResource):
1748         (WebCore::HTMLMediaElement::loadResource):
1749         (WebCore::HTMLMediaElement::autoplay):
1750         (WebCore::HTMLMediaElement::preload):
1751         (WebCore::HTMLMediaElement::loop):
1752         (WebCore::HTMLMediaElement::setLoop):
1753         (WebCore::HTMLMediaElement::controls):
1754         (WebCore::HTMLMediaElement::setControls):
1755         (WebCore::HTMLMediaElement::muted):
1756         (WebCore::HTMLMediaElement::setMuted):
1757         (WebCore::HTMLMediaElement::selectNextSourceChild):
1758         (WebCore::HTMLMediaElement::sourceWasAdded):
1759         (WebCore::HTMLMediaElement::mediaSessionTitle):
1760         * html/HTMLObjectElement.cpp:
1761         (WebCore::HTMLObjectElement::parseAttribute):
1762         * html/HTMLOptGroupElement.cpp:
1763         (WebCore::HTMLOptGroupElement::isDisabledFormControl):
1764         (WebCore::HTMLOptGroupElement::isFocusable):
1765         * html/HTMLOptionElement.cpp:
1766         (WebCore::HTMLOptionElement::matchesDefaultPseudoClass):
1767         (WebCore::HTMLOptionElement::text):
1768         * html/HTMLProgressElement.cpp:
1769         (WebCore::HTMLProgressElement::isDeterminate):
1770         (WebCore::HTMLProgressElement::didElementStateChange):
1771         * html/HTMLScriptElement.cpp:
1772         (WebCore::HTMLScriptElement::async):
1773         (WebCore::HTMLScriptElement::setCrossOrigin):
1774         (WebCore::HTMLScriptElement::asyncAttributeValue):
1775         (WebCore::HTMLScriptElement::deferAttributeValue):
1776         (WebCore::HTMLScriptElement::hasSourceAttribute):
1777         (WebCore::HTMLScriptElement::dispatchLoadEvent):
1778         * html/HTMLSelectElement.cpp:
1779         (WebCore::HTMLSelectElement::reset):
1780         * html/HTMLTrackElement.cpp:
1781         (WebCore::HTMLTrackElement::isDefault):
1782         (WebCore::HTMLTrackElement::ensureTrack):
1783         (WebCore::HTMLTrackElement::loadTimerFired):
1784         * html/MediaElementSession.cpp:
1785         (WebCore::MediaElementSession::wirelessVideoPlaybackDisabled):
1786         (WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):
1787         (WebCore::MediaElementSession::allowsAutomaticMediaDataLoading):
1788         * html/SearchInputType.cpp:
1789         (WebCore::SearchInputType::searchEventsShouldBeDispatched):
1790         (WebCore::SearchInputType::didSetValueByUserEdit):
1791         * inspector/InspectorDOMAgent.cpp:
1792         (WebCore::InspectorDOMAgent::buildObjectForNode):
1793         * loader/FrameLoader.cpp:
1794         (WebCore::FrameLoader::shouldTreatURLAsSrcdocDocument):
1795         (WebCore::FrameLoader::findFrameForNavigation):
1796         * loader/ImageLoader.cpp:
1797         (WebCore::ImageLoader::notifyFinished):
1798         * mathml/MathMLSelectElement.cpp:
1799         (WebCore::MathMLSelectElement::getSelectedSemanticsChild):
1800         * rendering/RenderTableCell.cpp:
1801         (WebCore::RenderTableCell::computePreferredLogicalWidths):
1802         * rendering/RenderThemeIOS.mm:
1803         (WebCore::RenderThemeIOS::adjustMenuListButtonStyle):
1804         * rendering/SimpleLineLayout.cpp:
1805         (WebCore::SimpleLineLayout::canUseForWithReason):
1806         * rendering/svg/RenderSVGResourceClipper.cpp:
1807         (WebCore::RenderSVGResourceClipper::drawContentIntoMaskImage):
1808         * svg/SVGAnimateMotionElement.cpp:
1809         (WebCore::SVGAnimateMotionElement::updateAnimationPath):
1810         * svg/SVGAnimationElement.cpp:
1811         (WebCore::SVGAnimationElement::startedActiveInterval):
1812         (WebCore::SVGAnimationElement::updateAnimation):
1813         * svg/animation/SVGSMILElement.cpp:
1814         (WebCore::SVGSMILElement::insertedInto):
1815
1816 2016-07-17  Brady Eidson  <beidson@apple.com>
1817
1818         Exceptions logged to the JS console should use toString().
1819         https://bugs.webkit.org/show_bug.cgi?id=159855
1820
1821         Reviewed by Darin Adler.
1822
1823         No new tests (No change in behavior).
1824
1825         * bindings/js/JSDOMBinding.cpp:
1826         (WebCore::reportException):
1827
1828         * dom/DOMCoreException.h:
1829         (WebCore::DOMCoreException::DOMCoreException):
1830
1831         * dom/ExceptionBase.cpp:
1832         (WebCore::ExceptionBase::ExceptionBase):
1833         (WebCore::ExceptionBase::toString):
1834         (WebCore::ExceptionBase::consoleErrorMessage): Deleted.
1835         * dom/ExceptionBase.h:
1836         (WebCore::ExceptionBase::description): Deleted.
1837
1838         * svg/SVGException.h:
1839
1840         * xml/XPathException.h:
1841         (WebCore::XPathException::XPathException):
1842
1843 2016-07-17  Brady Eidson  <beidson@apple.com>
1844
1845         Update DOMCoreException to use the description in toString().
1846         https://bugs.webkit.org/show_bug.cgi?id=159857
1847
1848         Reviewed by Darin Adler.
1849
1850         No new tests (Covered by changes to existing tests).
1851
1852         * bindings/js/JSDOMBinding.cpp:
1853         (WebCore::createDOMException):
1854
1855         * dom/DOMCoreException.h:
1856         (WebCore::DOMCoreException::DOMCoreException):
1857         (WebCore::DOMCoreException::createWithDescriptionAsMessage): Deleted.
1858
1859 2016-07-17  Myles C. Maxfield  <mmaxfield@apple.com>
1860
1861         Support new emoji group candidates
1862         https://bugs.webkit.org/show_bug.cgi?id=159755
1863         <rdar://problem/27325521>
1864
1865         Reviewed by Dean Jackson.
1866
1867         There are a few code points which should be able to be joined (with ZWJ) to
1868         either U+2640 or U+2642 to change the gender of the emoji. These patterns
1869         should also work with an additional 0xFE0F variation selector. This patch
1870         adds these new patterns to our existing emoji group candidate infrastructure.
1871
1872         Tests: fast/text/emoji-gender-2-3.html
1873                fast/text/emoji-gender-2-4.html
1874                fast/text/emoji-gender-2-5.html
1875                fast/text/emoji-gender-2-6.html
1876                fast/text/emoji-gender-2-7.html
1877                fast/text/emoji-gender-2-8.html
1878                fast/text/emoji-gender-2-9.html
1879                fast/text/emoji-gender-2.html
1880                fast/text/emoji-gender-3.html
1881                fast/text/emoji-gender-4.html
1882                fast/text/emoji-gender-5.html
1883                fast/text/emoji-gender-6.html
1884                fast/text/emoji-gender-7.html
1885                fast/text/emoji-gender-8.html
1886                fast/text/emoji-gender-9.html
1887                fast/text/emoji-gender-fe0f-3.html
1888                fast/text/emoji-gender-fe0f-4.html
1889                fast/text/emoji-gender-fe0f-5.html
1890                fast/text/emoji-gender-fe0f-6.html
1891                fast/text/emoji-gender-fe0f-7.html
1892                fast/text/emoji-gender-fe0f-8.html
1893                fast/text/emoji-gender-fe0f-9.html
1894                fast/text/emoji-gender.html
1895                fast/text/emoji-num-glyphs.html
1896                fast/text/emoji-single-parent-family-2.html
1897                fast/text/emoji-single-parent-family.html
1898
1899         * platform/graphics/mac/ComplexTextControllerCoreText.mm:
1900         (WebCore::ComplexTextController::ComplexTextRun::ComplexTextRun): Removed incorrect ASSERT()s.
1901         * platform/graphics/FontCascade.cpp:
1902         (WebCore::FontCascade::characterRangeCodePath):
1903         * platform/text/CharacterProperties.h:
1904         (WebCore::isEmojiGroupCandidate):
1905
1906 2016-07-16  Brady Eidson  <beidson@apple.com>
1907
1908         Update SVGException to use the description in toString().
1909         https://bugs.webkit.org/show_bug.cgi?id=159847
1910
1911         Reviewed by Darin Adler.
1912
1913         No new tests (Covered by changes to existing tests).
1914
1915         * bindings/js/JSDOMBinding.cpp:
1916         (WebCore::reportException): use consoleErrorMessage for now.
1917
1918         * dom/ExceptionBase.cpp:
1919         (WebCore::ExceptionBase::consoleErrorMessage):
1920         * dom/ExceptionBase.h:
1921
1922         * svg/SVGException.h:
1923
1924 2016-07-16  Chris Dumez  <cdumez@apple.com>
1925
1926         Use fastHasAttribute() when possible
1927         https://bugs.webkit.org/show_bug.cgi?id=159838
1928
1929         Reviewed by Ryosuke Niwa.
1930
1931         Use fastHasAttribute() when possible, for performance.
1932
1933         * editing/DeleteSelectionCommand.cpp:
1934         (WebCore::DeleteSelectionCommand::makeStylingElementsDirectChildrenOfEditableRootToPreventStyleLoss):
1935         * editing/markup.cpp:
1936         (WebCore::createMarkupInternal):
1937         * html/HTMLAnchorElement.cpp:
1938         (WebCore::HTMLAnchorElement::draggable):
1939         * html/HTMLFrameElementBase.cpp:
1940         (WebCore::HTMLFrameElementBase::parseAttribute):
1941         * mathml/MathMLSelectElement.cpp:
1942         (WebCore::MathMLSelectElement::getSelectedSemanticsChild):
1943         * rendering/RenderThemeIOS.mm:
1944         (WebCore::RenderThemeIOS::adjustMenuListButtonStyle):
1945
1946 2016-07-16  Ryosuke Niwa  <rniwa@webkit.org>
1947
1948         Rename fastGetAttribute to attributeWithoutSynchronization
1949         https://bugs.webkit.org/show_bug.cgi?id=159852
1950
1951         Reviewed by Darin Adler.
1952
1953         Renamed fastGetAttribute to attributeWithoutSynchronization for clarity.
1954
1955         * accessibility/AXObjectCache.cpp:
1956         (WebCore::AXObjectCache::findAriaModalNodes):
1957         (WebCore::nodeHasRole):
1958         (WebCore::AXObjectCache::handleLiveRegionCreated):
1959         (WebCore::AXObjectCache::handleMenuItemSelected):
1960         (WebCore::AXObjectCache::handleAriaModalChange):
1961         (WebCore::isNodeAriaVisible):
1962         * accessibility/AccessibilityNodeObject.cpp:
1963         (WebCore::siblingWithAriaRole):
1964         (WebCore::AccessibilityNodeObject::titleElementText):
1965         (WebCore::AccessibilityNodeObject::alternativeTextForWebArea):
1966         (WebCore::AccessibilityNodeObject::hierarchicalLevel):
1967         (WebCore::AccessibilityNodeObject::stringValue):
1968         (WebCore::accessibleNameForNode):
1969         * accessibility/AccessibilityObject.cpp:
1970         (WebCore::AccessibilityObject::contentEditableAttributeIsEnabled):
1971         (WebCore::AccessibilityObject::getAttribute):
1972         * accessibility/AccessibilityRenderObject.cpp:
1973         (WebCore::AccessibilityRenderObject::stringValue):
1974         (WebCore::AccessibilityRenderObject::exposesTitleUIElement):
1975         * accessibility/AccessibilitySVGElement.cpp:
1976         (WebCore::AccessibilitySVGElement::childElementWithMatchingLanguage):
1977         (WebCore::AccessibilitySVGElement::accessibilityDescription):
1978         * bindings/objc/DOM.mm:
1979         (-[DOMHTMLLinkElement _mediaQueryMatches]):
1980         * bindings/scripts/CodeGenerator.pm:
1981         (GetterExpression):
1982         * bindings/scripts/CodeGeneratorObjC.pm:
1983         (GenerateImplementation):
1984         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
1985         * bindings/scripts/test/JS/JSTestObj.cpp:
1986         (WebCore::jsTestObjReflectedStringAttr):
1987         * dom/AuthorStyleSheets.cpp:
1988         (WebCore::AuthorStyleSheets::collectActiveStyleSheets):
1989         * dom/Document.cpp:
1990         (WebCore::Document::buildAccessKeyMap):
1991         (WebCore::Document::processBaseElement):
1992         * dom/DocumentOrderedMap.cpp:
1993         (WebCore::DocumentOrderedMap::getElementByLabelForAttribute):
1994         * dom/Element.cpp:
1995         (WebCore::Element::imageSourceURL):
1996         (WebCore::Element::rendererIsNeeded):
1997         (WebCore::Element::insertedInto):
1998         (WebCore::Element::removedFrom):
1999         (WebCore::Element::pseudo):
2000         (WebCore::Element::setPseudo):
2001         (WebCore::Element::spellcheckAttributeState):
2002         (WebCore::Element::canContainRangeEndPoint):
2003         (WebCore::Element::completeURLsInAttributeValue):
2004         * dom/Element.h:
2005         (WebCore::Element::fastHasAttribute):
2006         (WebCore::Element::attributeWithoutSynchronization):
2007         (WebCore::Element::fastGetAttribute): Deleted.
2008         * dom/InlineStyleSheetOwner.cpp:
2009         (WebCore::InlineStyleSheetOwner::createSheet):
2010         * dom/ScriptElement.cpp:
2011         (WebCore::ScriptElement::requestScript):
2012         (WebCore::ScriptElement::executeScript):
2013         * dom/SlotAssignment.cpp:
2014         (WebCore::slotNameFromSlotAttribute):
2015         (WebCore::SlotAssignment::SlotAssignment):
2016         (WebCore::recursivelyFireSlotChangeEvent):
2017         (WebCore::SlotAssignment::didChangeSlot):
2018         (WebCore::SlotAssignment::hostChildElementDidChange):
2019         (WebCore::SlotAssignment::assignedNodesForSlot):
2020         (WebCore::SlotAssignment::resolveAllSlotElements):
2021         * dom/TreeScope.cpp:
2022         (WebCore::TreeScope::labelElementForId):
2023         * dom/VisitedLinkState.cpp:
2024         (WebCore::linkAttribute):
2025         * editing/ApplyStyleCommand.cpp:
2026         (WebCore::isLegacyAppleStyleSpan):
2027         (WebCore::hasNoAttributeOrOnlyStyleAttribute):
2028         * editing/EditingStyle.cpp:
2029         (WebCore::EditingStyle::elementIsStyledSpanOrHTMLEquivalent):
2030         * editing/ReplaceSelectionCommand.cpp:
2031         (WebCore::isInterchangeNewlineNode):
2032         (WebCore::isInterchangeConvertedSpaceSpan):
2033         (WebCore::positionAvoidingPrecedingNodes):
2034         (WebCore::isMailPasteAsQuotationNode):
2035         (WebCore::isHeaderElement):
2036         (WebCore::isInlineNodeWithStyle):
2037         * editing/TextIterator.cpp:
2038         (WebCore::isRendererReplacedElement):
2039         * editing/cocoa/DataDetection.mm:
2040         (WebCore::DataDetection::isDataDetectorLink):
2041         (WebCore::DataDetection::requiresExtendedContext):
2042         (WebCore::DataDetection::dataDetectorIdentifier):
2043         (WebCore::DataDetection::shouldCancelDefaultAction):
2044         (WebCore::removeResultLinksFromAnchor):
2045         (WebCore::searchForLinkRemovingExistingDDLinks):
2046         * editing/gtk/EditorGtk.cpp:
2047         (WebCore::elementURL):
2048         * editing/htmlediting.cpp:
2049         (WebCore::isTabSpanNode):
2050         (WebCore::isTabSpanTextNode):
2051         (WebCore::isMailBlockquote):
2052         (WebCore::caretMinOffset):
2053         * editing/markup.cpp:
2054         (WebCore::createFragmentFromMarkup):
2055         * html/Autofill.cpp:
2056         (WebCore::AutofillData::createFromHTMLFormControlElement):
2057         * html/BaseTextInputType.cpp:
2058         (WebCore::BaseTextInputType::patternMismatch):
2059         * html/DateInputType.cpp:
2060         (WebCore::DateInputType::createStepRange):
2061         * html/DateTimeInputType.cpp:
2062         (WebCore::DateTimeInputType::createStepRange):
2063         * html/DateTimeLocalInputType.cpp:
2064         (WebCore::DateTimeLocalInputType::createStepRange):
2065         * html/FormAssociatedElement.cpp:
2066         (WebCore::FormAssociatedElement::findAssociatedForm):
2067         (WebCore::FormAssociatedElement::resetFormAttributeTargetObserver):
2068         (WebCore::FormAssociatedElement::formAttributeTargetChanged):
2069         * html/HTMLAnchorElement.cpp:
2070         (WebCore::HTMLAnchorElement::draggable):
2071         (WebCore::HTMLAnchorElement::href):
2072         (WebCore::HTMLAnchorElement::setHref):
2073         (WebCore::HTMLAnchorElement::target):
2074         (WebCore::HTMLAnchorElement::origin):
2075         (WebCore::HTMLAnchorElement::sendPings):
2076         (WebCore::HTMLAnchorElement::handleClick):
2077         * html/HTMLAnchorElement.h:
2078         (WebCore::HTMLAnchorElement::visitedLinkHash):
2079         * html/HTMLAppletElement.cpp:
2080         (WebCore::HTMLAppletElement::updateWidget):
2081         * html/HTMLAreaElement.cpp:
2082         (WebCore::HTMLAreaElement::target):
2083         * html/HTMLAttachmentElement.cpp:
2084         (WebCore::HTMLAttachmentElement::attachmentTitle):
2085         (WebCore::HTMLAttachmentElement::attachmentType):
2086         * html/HTMLBaseElement.cpp:
2087         (WebCore::HTMLBaseElement::target):
2088         (WebCore::HTMLBaseElement::href):
2089         * html/HTMLBodyElement.cpp:
2090         (WebCore::HTMLBodyElement::addSubresourceAttributeURLs):
2091         * html/HTMLButtonElement.cpp:
2092         (WebCore::HTMLButtonElement::value):
2093         (WebCore::HTMLButtonElement::computeWillValidate):
2094         * html/HTMLCanvasElement.cpp:
2095         (WebCore::HTMLCanvasElement::reset):
2096         * html/HTMLDocument.cpp:
2097         (WebCore::HTMLDocument::bgColor):
2098         (WebCore::HTMLDocument::setBgColor):
2099         (WebCore::HTMLDocument::fgColor):
2100         (WebCore::HTMLDocument::setFgColor):
2101         (WebCore::HTMLDocument::alinkColor):
2102         (WebCore::HTMLDocument::setAlinkColor):
2103         (WebCore::HTMLDocument::linkColor):
2104         (WebCore::HTMLDocument::setLinkColor):
2105         (WebCore::HTMLDocument::vlinkColor):
2106         (WebCore::HTMLDocument::setVlinkColor):
2107         * html/HTMLElement.cpp:
2108         (WebCore::contentEditableType):
2109         (WebCore::HTMLElement::collectStyleForPresentationAttribute):
2110         (WebCore::HTMLElement::dir):
2111         (WebCore::HTMLElement::setDir):
2112         (WebCore::HTMLElement::draggable):
2113         (WebCore::HTMLElement::setDraggable):
2114         (WebCore::HTMLElement::title):
2115         (WebCore::HTMLElement::tabIndex):
2116         (WebCore::HTMLElement::translateAttributeMode):
2117         (WebCore::HTMLElement::hasDirectionAuto):
2118         (WebCore::HTMLElement::directionality):
2119         * html/HTMLEmbedElement.cpp:
2120         (WebCore::HTMLEmbedElement::imageSourceURL):
2121         (WebCore::HTMLEmbedElement::addSubresourceAttributeURLs):
2122         * html/HTMLFormControlElement.cpp:
2123         (WebCore::HTMLFormControlElement::formEnctype):
2124         (WebCore::HTMLFormControlElement::formMethod):
2125         (WebCore::HTMLFormControlElement::formAction):
2126         (WebCore::HTMLFormControlElement::autocorrect):
2127         (WebCore::HTMLFormControlElement::autocapitalizeType):
2128         * html/HTMLFormElement.cpp:
2129         (WebCore::HTMLFormElement::autocorrect):
2130         (WebCore::HTMLFormElement::autocapitalizeType):
2131         (WebCore::HTMLFormElement::autocapitalize):
2132         (WebCore::HTMLFormElement::action):
2133         (WebCore::HTMLFormElement::setAction):
2134         (WebCore::HTMLFormElement::target):
2135         (WebCore::HTMLFormElement::wasUserSubmitted):
2136         (WebCore::HTMLFormElement::shouldAutocomplete):
2137         (WebCore::HTMLFormElement::finishParsingChildren):
2138         (WebCore::HTMLFormElement::autocomplete):
2139         * html/HTMLFrameElementBase.cpp:
2140         (WebCore::HTMLFrameElementBase::location):
2141         (WebCore::HTMLFrameElementBase::setLocation):
2142         * html/HTMLHtmlElement.cpp:
2143         (WebCore::HTMLHtmlElement::insertedByParser):
2144         * html/HTMLImageElement.cpp:
2145         (WebCore::HTMLImageElement::imageSourceURL):
2146         (WebCore::HTMLImageElement::setBestFitURLAndDPRFromImageCandidate):
2147         (WebCore::HTMLImageElement::bestFitSourceFromPictureElement):
2148         (WebCore::HTMLImageElement::selectImageSource):
2149         (WebCore::HTMLImageElement::altText):
2150         (WebCore::HTMLImageElement::createElementRenderer):
2151         (WebCore::HTMLImageElement::width):
2152         (WebCore::HTMLImageElement::height):
2153         (WebCore::HTMLImageElement::alt):
2154         (WebCore::HTMLImageElement::draggable):
2155         (WebCore::HTMLImageElement::setHeight):
2156         (WebCore::HTMLImageElement::src):
2157         (WebCore::HTMLImageElement::setSrc):
2158         (WebCore::HTMLImageElement::addSubresourceAttributeURLs):
2159         (WebCore::HTMLImageElement::didMoveToNewDocument):
2160         (WebCore::HTMLImageElement::isServerMap):
2161         (WebCore::HTMLImageElement::crossOrigin):
2162         * html/HTMLInputElement.cpp:
2163         (WebCore::HTMLInputElement::updateType):
2164         (WebCore::HTMLInputElement::initializeInputType):
2165         (WebCore::HTMLInputElement::altText):
2166         (WebCore::HTMLInputElement::value):
2167         (WebCore::HTMLInputElement::defaultValue):
2168         (WebCore::HTMLInputElement::setDefaultValue):
2169         (WebCore::HTMLInputElement::acceptMIMETypes):
2170         (WebCore::HTMLInputElement::acceptFileExtensions):
2171         (WebCore::HTMLInputElement::accept):
2172         (WebCore::HTMLInputElement::alt):
2173         (WebCore::HTMLInputElement::effectiveMaxLength):
2174         (WebCore::HTMLInputElement::src):
2175         (WebCore::HTMLInputElement::setAutoFilled):
2176         (WebCore::HTMLInputElement::dataList):
2177         (WebCore::HTMLInputElement::resetListAttributeTargetObserver):
2178         * html/HTMLKeygenElement.cpp:
2179         (WebCore::HTMLKeygenElement::isKeytypeRSA):
2180         (WebCore::HTMLKeygenElement::appendFormData):
2181         * html/HTMLLIElement.cpp:
2182         (WebCore::HTMLLIElement::didAttachRenderers):
2183         (WebCore::HTMLLIElement::parseValue):
2184         * html/HTMLLabelElement.cpp:
2185         (WebCore::HTMLLabelElement::control):
2186         * html/HTMLLinkElement.cpp:
2187         (WebCore::HTMLLinkElement::crossOrigin):
2188         (WebCore::HTMLLinkElement::process):
2189         (WebCore::HTMLLinkElement::href):
2190         (WebCore::HTMLLinkElement::rel):
2191         (WebCore::HTMLLinkElement::target):
2192         (WebCore::HTMLLinkElement::type):
2193         (WebCore::HTMLLinkElement::iconType):
2194         * html/HTMLMarqueeElement.cpp:
2195         (WebCore::HTMLMarqueeElement::scrollAmount):
2196         (WebCore::HTMLMarqueeElement::setScrollAmount):
2197         (WebCore::HTMLMarqueeElement::scrollDelay):
2198         (WebCore::HTMLMarqueeElement::setScrollDelay):
2199         (WebCore::HTMLMarqueeElement::loop):
2200         * html/HTMLMediaElement.cpp:
2201         (WebCore::HTMLMediaElement::insertedInto):
2202         (WebCore::HTMLMediaElement::crossOrigin):
2203         (WebCore::HTMLMediaElement::networkState):
2204         (WebCore::HTMLMediaElement::mediaSessionTitle):
2205         (WebCore::HTMLMediaElement::doesHaveAttribute):
2206         * html/HTMLMetaElement.cpp:
2207         (WebCore::HTMLMetaElement::process):
2208         (WebCore::HTMLMetaElement::content):
2209         (WebCore::HTMLMetaElement::httpEquiv):
2210         (WebCore::HTMLMetaElement::name):
2211         * html/HTMLMeterElement.cpp:
2212         (WebCore::HTMLMeterElement::min):
2213         (WebCore::HTMLMeterElement::setMin):
2214         (WebCore::HTMLMeterElement::max):
2215         (WebCore::HTMLMeterElement::setMax):
2216         (WebCore::HTMLMeterElement::value):
2217         (WebCore::HTMLMeterElement::low):
2218         (WebCore::HTMLMeterElement::high):
2219         (WebCore::HTMLMeterElement::optimum):
2220         * html/HTMLObjectElement.cpp:
2221         (WebCore::HTMLObjectElement::shouldAllowQuickTimeClassIdQuirk):
2222         (WebCore::HTMLObjectElement::hasValidClassId):
2223         (WebCore::HTMLObjectElement::imageSourceURL):
2224         (WebCore::HTMLObjectElement::renderFallbackContent):
2225         (WebCore::HTMLObjectElement::containsJavaApplet):
2226         (WebCore::HTMLObjectElement::addSubresourceAttributeURLs):
2227         * html/HTMLOptGroupElement.cpp:
2228         (WebCore::HTMLOptGroupElement::groupLabelText):
2229         * html/HTMLOptionElement.cpp:
2230         (WebCore::HTMLOptionElement::value):
2231         (WebCore::HTMLOptionElement::label):
2232         * html/HTMLParamElement.cpp:
2233         (WebCore::HTMLParamElement::value):
2234         (WebCore::HTMLParamElement::isURLParameter):
2235         * html/HTMLProgressElement.cpp:
2236         (WebCore::HTMLProgressElement::value):
2237         (WebCore::HTMLProgressElement::max):
2238         * html/HTMLScriptElement.cpp:
2239         (WebCore::HTMLScriptElement::crossOrigin):
2240         (WebCore::HTMLScriptElement::src):
2241         (WebCore::HTMLScriptElement::sourceAttributeValue):
2242         (WebCore::HTMLScriptElement::charsetAttributeValue):
2243         (WebCore::HTMLScriptElement::typeAttributeValue):
2244         (WebCore::HTMLScriptElement::languageAttributeValue):
2245         (WebCore::HTMLScriptElement::forAttributeValue):
2246         (WebCore::HTMLScriptElement::eventAttributeValue):
2247         (WebCore::HTMLScriptElement::asyncAttributeValue):
2248         * html/HTMLSlotElement.cpp:
2249         (WebCore::HTMLSlotElement::insertedInto):
2250         (WebCore::HTMLSlotElement::removedFrom):
2251         * html/HTMLSourceElement.cpp:
2252         (WebCore::HTMLSourceElement::media):
2253         (WebCore::HTMLSourceElement::setMedia):
2254         (WebCore::HTMLSourceElement::type):
2255         (WebCore::HTMLSourceElement::setType):
2256         * html/HTMLTableCellElement.cpp:
2257         (WebCore::HTMLTableCellElement::colSpanForBindings):
2258         (WebCore::HTMLTableCellElement::rowSpan):
2259         (WebCore::HTMLTableCellElement::rowSpanForBindings):
2260         (WebCore::HTMLTableCellElement::cellIndex):
2261         (WebCore::HTMLTableCellElement::abbr):
2262         (WebCore::HTMLTableCellElement::axis):
2263         (WebCore::HTMLTableCellElement::setColSpanForBindings):
2264         (WebCore::HTMLTableCellElement::headers):
2265         (WebCore::HTMLTableCellElement::setRowSpanForBindings):
2266         (WebCore::HTMLTableCellElement::scope):
2267         (WebCore::HTMLTableCellElement::addSubresourceAttributeURLs):
2268         (WebCore::HTMLTableCellElement::cellAbove):
2269         * html/HTMLTableColElement.cpp:
2270         (WebCore::HTMLTableColElement::width):
2271         * html/HTMLTableElement.cpp:
2272         (WebCore::HTMLTableElement::rules):
2273         (WebCore::HTMLTableElement::summary):
2274         (WebCore::HTMLTableElement::addSubresourceAttributeURLs):
2275         * html/HTMLTableSectionElement.cpp:
2276         (WebCore::HTMLTableSectionElement::align):
2277         (WebCore::HTMLTableSectionElement::setAlign):
2278         (WebCore::HTMLTableSectionElement::ch):
2279         (WebCore::HTMLTableSectionElement::setCh):
2280         (WebCore::HTMLTableSectionElement::chOff):
2281         (WebCore::HTMLTableSectionElement::setChOff):
2282         (WebCore::HTMLTableSectionElement::vAlign):
2283         (WebCore::HTMLTableSectionElement::setVAlign):
2284         * html/HTMLTextAreaElement.cpp:
2285         (WebCore::HTMLTextAreaElement::appendFormData):
2286         * html/HTMLTextFormControlElement.cpp:
2287         (WebCore::HTMLTextFormControlElement::strippedPlaceholder):
2288         (WebCore::HTMLTextFormControlElement::isPlaceholderEmpty):
2289         (WebCore::HTMLTextFormControlElement::directionForFormData):
2290         * html/HTMLTrackElement.cpp:
2291         (WebCore::HTMLTrackElement::srclang):
2292         (WebCore::HTMLTrackElement::label):
2293         (WebCore::HTMLTrackElement::isDefault):
2294         (WebCore::HTMLTrackElement::ensureTrack):
2295         (WebCore::HTMLTrackElement::mediaElementCrossOriginAttribute):
2296         * html/HTMLVideoElement.cpp:
2297         (WebCore::HTMLVideoElement::parseAttribute):
2298         (WebCore::HTMLVideoElement::imageSourceURL):
2299         * html/ImageInputType.cpp:
2300         (WebCore::ImageInputType::height):
2301         (WebCore::ImageInputType::width):
2302         * html/InputType.cpp:
2303         (WebCore::InputType::applyStep):
2304         * html/MediaElementSession.cpp:
2305         (WebCore::MediaElementSession::wirelessVideoPlaybackDisabled):
2306         * html/MonthInputType.cpp:
2307         (WebCore::MonthInputType::createStepRange):
2308         * html/NumberInputType.cpp:
2309         (WebCore::NumberInputType::createStepRange):
2310         (WebCore::NumberInputType::sizeShouldIncludeDecoration):
2311         * html/RangeInputType.cpp:
2312         (WebCore::RangeInputType::createStepRange):
2313         (WebCore::RangeInputType::handleKeydownEvent):
2314         * html/TextFieldInputType.cpp:
2315         (WebCore::TextFieldInputType::appendFormData):
2316         (WebCore::TextFieldInputType::updateAutoFillButton):
2317         * html/TimeInputType.cpp:
2318         (WebCore::TimeInputType::createStepRange):
2319         * html/ValidationMessage.cpp:
2320         (WebCore::ValidationMessage::updateValidationMessage):
2321         * html/WeekInputType.cpp:
2322         (WebCore::WeekInputType::createStepRange):
2323         * html/track/WebVTTElement.cpp:
2324         (WebCore::WebVTTElement::createEquivalentHTMLElement):
2325         * inspector/InspectorPageAgent.cpp:
2326         (WebCore::InspectorPageAgent::buildObjectForFrame):
2327         * loader/FormSubmission.cpp:
2328         (WebCore::FormSubmission::create):
2329         * loader/FrameLoader.cpp:
2330         (WebCore::FrameLoader::defaultSubstituteDataForURL):
2331         * loader/ImageLoader.cpp:
2332         (WebCore::ImageLoader::updateFromElement):
2333         * loader/SubframeLoader.cpp:
2334         (WebCore::SubframeLoader::isPluginContentAllowedByContentSecurityPolicy):
2335         * mathml/MathMLElement.cpp:
2336         (WebCore::MathMLElement::colSpan):
2337         (WebCore::MathMLElement::rowSpan):
2338         (WebCore::MathMLElement::childShouldCreateRenderer):
2339         (WebCore::MathMLElement::defaultEventHandler):
2340         (WebCore::MathMLElement::cachedMathMLLength):
2341         * mathml/MathMLFractionElement.cpp:
2342         (WebCore::MathMLFractionElement::lineThickness):
2343         (WebCore::MathMLFractionElement::cachedFractionAlignment):
2344         * mathml/MathMLSelectElement.cpp:
2345         (WebCore::MathMLSelectElement::getSelectedActionChildAndIndex):
2346         (WebCore::MathMLSelectElement::getSelectedActionChild):
2347         (WebCore::MathMLSelectElement::getSelectedSemanticsChild):
2348         (WebCore::MathMLSelectElement::defaultEventHandler):
2349         (WebCore::MathMLSelectElement::willRespondToMouseClickEvents):
2350         (WebCore::MathMLSelectElement::toggle):
2351         * page/EventHandler.cpp:
2352         (WebCore::findDropZone):
2353         * page/Frame.cpp:
2354         (WebCore::Frame::matchLabelsAgainstElement):
2355         * page/PageSerializer.cpp:
2356         (WebCore::PageSerializer::serializeFrame):
2357         * platform/win/PasteboardWin.cpp:
2358         (WebCore::Pasteboard::writeImageToDataObject):
2359         * rendering/HitTestResult.cpp:
2360         (WebCore::HitTestResult::altDisplayString):
2361         * rendering/RenderDetailsMarker.cpp:
2362         (WebCore::RenderDetailsMarker::isOpen):
2363         * rendering/RenderImage.cpp:
2364         (WebCore::RenderImage::imageMap):
2365         (WebCore::RenderImage::nodeAtPoint):
2366         * rendering/RenderMenuList.cpp:
2367         (RenderMenuList::itemAccessibilityText):
2368         (RenderMenuList::itemToolTip):
2369         * rendering/RenderSearchField.cpp:
2370         (WebCore::RenderSearchField::autosaveName):
2371         * rendering/RenderThemeIOS.mm:
2372         (WebCore::getAttachmentProgress):
2373         (WebCore::AttachmentInfo::AttachmentInfo):
2374         * rendering/RenderThemeMac.mm:
2375         (WebCore::AttachmentLayout::layOutSubtitle):
2376         (WebCore::RenderThemeMac::paintAttachment):
2377         * rendering/mathml/MathMLStyle.cpp:
2378         (WebCore::MathMLStyle::resolveMathMLStyle):
2379         * rendering/mathml/RenderMathMLFenced.cpp:
2380         (WebCore::RenderMathMLFenced::updateFromElement):
2381         * rendering/mathml/RenderMathMLOperator.cpp:
2382         (WebCore::RenderMathMLOperator::setOperatorFlagFromAttribute):
2383         (WebCore::RenderMathMLOperator::setOperatorFlagFromAttributeValue):
2384         (WebCore::RenderMathMLOperator::setOperatorProperties):
2385         * rendering/mathml/RenderMathMLScripts.cpp:
2386         (WebCore::RenderMathMLScripts::getScriptMetricsAndLayoutIfNeeded):
2387         * rendering/mathml/RenderMathMLUnderOver.cpp:
2388         (WebCore::RenderMathMLUnderOver::hasAccent):
2389         * style/StyleSharingResolver.cpp:
2390         (WebCore::Style::SharingResolver::canShareStyleWithElement):
2391         (WebCore::Style::SharingResolver::sharingCandidateHasIdenticalStyleAffectingAttributes):
2392         * svg/SVGAElement.cpp:
2393         (WebCore::SVGAElement::title):
2394         (WebCore::SVGAElement::defaultEventHandler):
2395         * svg/SVGAltGlyphElement.cpp:
2396         (WebCore::SVGAltGlyphElement::glyphRef):
2397         (WebCore::SVGAltGlyphElement::setFormat):
2398         (WebCore::SVGAltGlyphElement::format):
2399         (WebCore::SVGAltGlyphElement::childShouldCreateRenderer):
2400         * svg/SVGAnimationElement.cpp:
2401         (WebCore::SVGAnimationElement::toValue):
2402         (WebCore::SVGAnimationElement::byValue):
2403         (WebCore::SVGAnimationElement::fromValue):
2404         (WebCore::SVGAnimationElement::isAdditive):
2405         (WebCore::SVGAnimationElement::isAccumulated):
2406         * svg/SVGElement.cpp:
2407         (WebCore::SVGElement::xmlbase):
2408         (WebCore::SVGElement::setXmlbase):
2409         * svg/SVGFontFaceElement.cpp:
2410         (WebCore::SVGFontFaceElement::unitsPerEm):
2411         (WebCore::SVGFontFaceElement::xHeight):
2412         (WebCore::SVGFontFaceElement::capHeight):
2413         (WebCore::SVGFontFaceElement::horizontalOriginX):
2414         (WebCore::SVGFontFaceElement::horizontalOriginY):
2415         (WebCore::SVGFontFaceElement::horizontalAdvanceX):
2416         (WebCore::SVGFontFaceElement::verticalOriginX):
2417         (WebCore::SVGFontFaceElement::verticalOriginY):
2418         (WebCore::SVGFontFaceElement::verticalAdvanceY):
2419         (WebCore::SVGFontFaceElement::ascent):
2420         (WebCore::SVGFontFaceElement::descent):
2421         * svg/SVGFontFaceNameElement.cpp:
2422         (WebCore::SVGFontFaceNameElement::srcValue):
2423         * svg/SVGFontFaceUriElement.cpp:
2424         (WebCore::SVGFontFaceUriElement::srcValue):
2425         * svg/SVGGlyphRefElement.cpp:
2426         (WebCore::SVGGlyphRefElement::glyphRef):
2427         (WebCore::SVGGlyphRefElement::setGlyphRef):
2428         * svg/SVGHKernElement.cpp:
2429         (WebCore::SVGHKernElement::buildHorizontalKerningPair):
2430         * svg/SVGSVGElement.cpp:
2431         (WebCore::SVGSVGElement::contentScriptType):
2432         (WebCore::SVGSVGElement::contentStyleType):
2433         * svg/SVGStyleElement.cpp:
2434         (WebCore::SVGStyleElement::media):
2435         (WebCore::SVGStyleElement::title):
2436         (WebCore::SVGStyleElement::setTitle):
2437         * svg/SVGToOTFFontConversion.cpp:
2438         (WebCore::SVGToOTFFontConverter::appendOS2Table):
2439         (WebCore::SVGToOTFFontConverter::appendCFFTable):
2440         (WebCore::SVGToOTFFontConverter::appendArabicReplacementSubtable):
2441         (WebCore::SVGToOTFFontConverter::appendVORGTable):
2442         (WebCore::SVGToOTFFontConverter::transcodeGlyphPaths):
2443         (WebCore::SVGToOTFFontConverter::processGlyphElement):
2444         (WebCore::SVGToOTFFontConverter::compareCodepointsLexicographically):
2445         (WebCore::SVGToOTFFontConverter::SVGToOTFFontConverter):
2446         * svg/SVGVKernElement.cpp:
2447         (WebCore::SVGVKernElement::buildVerticalKerningPair):
2448         * svg/animation/SVGSMILElement.cpp:
2449         (WebCore::SVGSMILElement::insertedInto):
2450         (WebCore::SVGSMILElement::parseAttribute):
2451         (WebCore::SVGSMILElement::svgAttributeChanged):
2452         (WebCore::SVGSMILElement::restart):
2453         (WebCore::SVGSMILElement::fill):
2454         (WebCore::SVGSMILElement::dur):
2455         (WebCore::SVGSMILElement::repeatDur):
2456         (WebCore::SVGSMILElement::repeatCount):
2457         (WebCore::SVGSMILElement::maxValue):
2458         (WebCore::SVGSMILElement::minValue):
2459
2460 2016-07-16  Carlos Garcia Campos  <cgarcia@igalia.com>
2461
2462         ASSERTION FAILED: isMainThread() in ~UniqueIDBDatabase() since r201997
2463         https://bugs.webkit.org/show_bug.cgi?id=159809
2464
2465         Reviewed by Brady Eidson.
2466
2467         In r201997 the UniqueIDBDatabase was protected in executeNextDatabaseTask() because the last reference could be
2468         removed while the task is performed. However UniqueIDBDatabase is expected to be deleted in the main thread, and
2469         the destructor asserts when not called in the main thread, but executeNextDatabaseTask() is always called on a
2470         secondary thread. So, if the protector contains the last reference, the object is deleted in the secondary thread.
2471
2472         * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
2473         (WebCore::IDBServer::UniqueIDBDatabase::executeNextDatabaseTask): Use callOnMainThread to ensure the object is
2474         deleted in the main thread in case the protector contains the last reference.
2475
2476 2016-07-15  Chris Dumez  <cdumez@apple.com>
2477
2478         Use emptyString() / nullAtom when possible
2479         https://bugs.webkit.org/show_bug.cgi?id=159850
2480
2481         Reviewed by Ryosuke Niwa.
2482
2483         Use emptyString() / nullAtom when possible, for performance.
2484
2485         * Modules/webaudio/AudioNode.cpp:
2486         (WebCore::AudioNode::channelCountMode):
2487         (WebCore::AudioNode::channelInterpretation):
2488         * Modules/webdatabase/DatabaseTracker.cpp:
2489         (WebCore::DatabaseTracker::tracker):
2490         * Modules/websockets/WebSocket.cpp:
2491         (WebCore::WebSocket::WebSocket):
2492         (WebCore::WebSocket::didConnect):
2493         * Modules/websockets/WebSocketChannel.cpp:
2494         (WebCore::WebSocketChannel::subprotocol):
2495         (WebCore::WebSocketChannel::extensions):
2496         * accessibility/AccessibilityObject.cpp:
2497         (WebCore::AccessibilityObject::supportsPressAction):
2498         * accessibility/mac/AXObjectCacheMac.mm:
2499         (WebCore::AXObjectCache::postTextStateChangePlatformNotification):
2500         * css/CSSPropertySourceData.cpp:
2501         (WebCore::CSSPropertySourceData::CSSPropertySourceData):
2502         * css/PageRuleCollector.cpp:
2503         (WebCore::PageRuleCollector::pageName):
2504         * css/PropertySetCSSStyleDeclaration.cpp:
2505         (WebCore::PropertySetCSSStyleDeclaration::getPropertyPriority):
2506         * dom/DocumentMarkerController.cpp:
2507         (WebCore::DocumentMarkerController::addDictationPhraseWithAlternativesMarker):
2508         * dom/Element.cpp:
2509         (WebCore::Element::setPrefix):
2510         * editing/AlternativeTextController.cpp:
2511         (WebCore::AlternativeTextController::respondToMarkerAtEndOfWord):
2512         (WebCore::AlternativeTextController::markerDescriptionForAppliedAlternativeText):
2513         * editing/CompositeEditCommand.cpp:
2514         (WebCore::CompositeEditCommand::removeNodeAttribute):
2515         (WebCore::CompositeEditCommand::moveParagraphs):
2516         * editing/InsertTextCommand.cpp:
2517         (WebCore::InsertTextCommand::positionInsideTextNode):
2518         * editing/TextCheckingHelper.cpp:
2519         (WebCore::TextCheckingHelper::findFirstMisspellingOrBadGrammar):
2520         * editing/TypingCommand.cpp:
2521         (WebCore::TypingCommand::deleteSelection):
2522         (WebCore::TypingCommand::deleteKeyPressed):
2523         (WebCore::TypingCommand::forwardDeleteKeyPressed):
2524         (WebCore::TypingCommand::insertLineBreak):
2525         (WebCore::TypingCommand::insertParagraphSeparator):
2526         * editing/cocoa/EditorCocoa.mm:
2527         (WebCore::Editor::styleForSelectionStart):
2528         * editing/mac/EditorMac.mm:
2529         (WebCore::Editor::stringSelectionForPasteboard):
2530         (WebCore::Editor::stringSelectionForPasteboardWithImageAltText):
2531         * fileapi/FileReaderLoader.cpp:
2532         (WebCore::FileReaderLoader::FileReaderLoader):
2533         * html/FileInputType.cpp:
2534         (WebCore::FileInputType::appendFormData):
2535         * html/HTMLMediaElement.cpp:
2536         (WebCore::HTMLMediaElement::getCurrentMediaControlsStatus):
2537         * html/HTMLOutputElement.cpp:
2538         (WebCore::HTMLOutputElement::HTMLOutputElement):
2539         * html/SearchInputType.cpp:
2540         (WebCore::SearchInputType::handleKeydownEvent):
2541         * html/TextFieldInputType.cpp:
2542         (WebCore::autoFillButtonTypeToAccessibilityLabel):
2543         * html/canvas/WebGLDebugShaders.cpp:
2544         (WebCore::WebGLDebugShaders::getTranslatedShaderSource):
2545         * html/canvas/WebGLRenderingContextBase.cpp:
2546         (WebCore::WebGLRenderingContextBase::dispatchContextLostEvent):
2547         (WebCore::WebGLRenderingContextBase::maybeRestoreContext):
2548         * html/canvas/WebGLShader.cpp:
2549         (WebCore::WebGLShader::WebGLShader):
2550         * html/shadow/MediaControlElements.cpp:
2551         (WebCore::MediaControlStatusDisplayElement::update):
2552         * html/track/TextTrack.cpp:
2553         (WebCore::TextTrack::captionMenuOffItem):
2554         (WebCore::TextTrack::captionMenuAutomaticItem):
2555         * html/track/VTTRegion.cpp:
2556         (WebCore::VTTRegion::scroll):
2557         * html/track/VTTRegion.h:
2558         * inspector/InspectorDOMAgent.cpp:
2559         (WebCore::InspectorDOMAgent::toErrorString):
2560         (WebCore::InspectorDOMAgent::resolveNode):
2561         (WebCore::InspectorDOMAgent::documentURLString):
2562         (WebCore::documentBaseURLString):
2563         * inspector/InspectorDOMDebuggerAgent.cpp:
2564         (WebCore::domTypeName):
2565         * inspector/InspectorFrontendHost.cpp:
2566         (WebCore::InspectorFrontendHost::localizedStringsURL):
2567         * inspector/InspectorHistory.cpp:
2568         (WebCore::InspectorHistory::Action::mergeId):
2569         * inspector/InspectorPageAgent.cpp:
2570         (WebCore::InspectorPageAgent::reload):
2571         (WebCore::InspectorPageAgent::frameId):
2572         (WebCore::InspectorPageAgent::loaderId):
2573         * inspector/InspectorStyleSheet.cpp:
2574         (WebCore::InspectorStyleSheet::ruleSelector):
2575         * loader/EmptyClients.h:
2576         * loader/FrameLoader.cpp:
2577         (WebCore::FrameLoader::referrer):
2578         * loader/ImageLoader.cpp:
2579         (WebCore::ImageLoader::clearFailedLoadURL):
2580         * loader/ResourceLoader.cpp:
2581         (WebCore::ResourceLoader::didReceiveResponse):
2582         * page/ContextMenuController.cpp:
2583         (WebCore::ContextMenuController::contextMenuItemSelected):
2584         * page/FrameTree.cpp:
2585         (WebCore::FrameTree::setName):
2586         (WebCore::FrameTree::clearName):
2587         * page/Location.cpp:
2588         (WebCore::Location::port):
2589         * platform/network/ProtectionSpaceBase.cpp:
2590         (WebCore::ProtectionSpaceBase::ProtectionSpaceBase):
2591         * xml/parser/XMLDocumentParserLibxml2.cpp:
2592         (WebCore::handleElementAttributes):
2593
2594 2016-07-15  Simon Fraser  <simon.fraser@apple.com>
2595
2596         Repaints rects drawn incorrectly when inspecting a WebView on a Retina display
2597         https://bugs.webkit.org/show_bug.cgi?id=159824
2598         rdar://problem/27376305
2599
2600         Reviewed by Brian Burg.
2601
2602         InspectorOverlayPage.js set up the canvases with a deviceScaleFactor passed into
2603         reset(), which comes from the overlay's m_page.deviceScaleFactor(). However, updatePaintRects()
2604         used window.devicePixelRatio which was always 1.
2605
2606         Fix by setting the deviceScaleFactor on the m_overlayPage.
2607
2608         * inspector/InspectorOverlay.cpp:
2609         (WebCore::InspectorOverlay::overlayPage):
2610
2611 2016-07-15  Myles C. Maxfield  <mmaxfield@apple.com>
2612
2613         [macOS] Work around crash in [NSAttributedString nextWordFromIndex:forward:]
2614         https://bugs.webkit.org/show_bug.cgi?id=159842
2615
2616         Reviewed by Jon Lee.
2617
2618         <rdar://problem/27380532> describes a crash inside [NSAttributedString nextWordFromIndex:forward:].
2619         This must be worked around for https://bugs.webkit.org/show_bug.cgi?id=159755 and
2620         <rdar://problem/27325521>.
2621
2622         * platform/text/mac/TextBoundaries.mm:
2623         (WebCore::findNextWordFromIndex):
2624
2625 2016-07-15  Brady Eidson  <beidson@apple.com>
2626
2627         Update XPathException to use the description in toString().
2628         https://bugs.webkit.org/show_bug.cgi?id=159848
2629
2630         Reviewed by Alex Christensen.
2631
2632         No new tests (Covered by changes to existing tests).
2633
2634         * bindings/js/JSDOMBinding.cpp:
2635         (WebCore::createDOMException):
2636         * xml/XPathException.h:
2637         (WebCore::XPathException::XPathException):
2638
2639 2016-07-15  Brady Eidson  <beidson@apple.com>
2640
2641         Change toString() behavior for exceptions constructed with "createWithDescriptionAsMessage".
2642         https://bugs.webkit.org/show_bug.cgi?id=159839
2643
2644         Reviewed by Alex Christensen.
2645
2646         No new tests (Covered by changes to existing tests).
2647
2648         This is the first step towards extended exception messages for all exception types.
2649
2650         * dom/ExceptionBase.cpp:
2651         (WebCore::ExceptionBase::ExceptionBase):
2652         (WebCore::ExceptionBase::toString):
2653         * dom/ExceptionBase.h:
2654
2655 2016-07-15  Geoffrey Garen  <ggaren@apple.com>
2656
2657         Added a makeRef<T> helper
2658         https://bugs.webkit.org/show_bug.cgi?id=159835
2659
2660         Reviewed by Andreas Kling.
2661
2662         Anders told me to!
2663
2664         * Modules/indexeddb/IDBTransaction.cpp:
2665         (WebCore::IDBTransaction::putOrAddOnServer):
2666         * Modules/indexeddb/shared/InProcessIDBServer.cpp:
2667         (WebCore::InProcessIDBServer::deleteDatabase):
2668         (WebCore::InProcessIDBServer::didDeleteDatabase):
2669         (WebCore::InProcessIDBServer::openDatabase):
2670         (WebCore::InProcessIDBServer::didOpenDatabase):
2671         (WebCore::InProcessIDBServer::didAbortTransaction):
2672         (WebCore::InProcessIDBServer::didCommitTransaction):
2673         (WebCore::InProcessIDBServer::didCreateObjectStore):
2674         (WebCore::InProcessIDBServer::didDeleteObjectStore):
2675         (WebCore::InProcessIDBServer::didClearObjectStore):
2676         (WebCore::InProcessIDBServer::didCreateIndex):
2677         (WebCore::InProcessIDBServer::didDeleteIndex):
2678         (WebCore::InProcessIDBServer::didPutOrAdd):
2679         (WebCore::InProcessIDBServer::didGetRecord):
2680         (WebCore::InProcessIDBServer::didGetCount):
2681         (WebCore::InProcessIDBServer::didDeleteRecord):
2682         (WebCore::InProcessIDBServer::didOpenCursor):
2683         (WebCore::InProcessIDBServer::didIterateCursor):
2684         (WebCore::InProcessIDBServer::abortTransaction):
2685         (WebCore::InProcessIDBServer::commitTransaction):
2686         (WebCore::InProcessIDBServer::didFinishHandlingVersionChangeTransaction):
2687         (WebCore::InProcessIDBServer::createObjectStore):
2688         (WebCore::InProcessIDBServer::deleteObjectStore):
2689         (WebCore::InProcessIDBServer::clearObjectStore):
2690         (WebCore::InProcessIDBServer::createIndex):
2691         (WebCore::InProcessIDBServer::deleteIndex):
2692         (WebCore::InProcessIDBServer::putOrAdd):
2693         (WebCore::InProcessIDBServer::getRecord):
2694         (WebCore::InProcessIDBServer::getCount):
2695         (WebCore::InProcessIDBServer::deleteRecord):
2696         (WebCore::InProcessIDBServer::openCursor):
2697         (WebCore::InProcessIDBServer::iterateCursor):
2698         (WebCore::InProcessIDBServer::establishTransaction):
2699         (WebCore::InProcessIDBServer::fireVersionChangeEvent):
2700         (WebCore::InProcessIDBServer::didStartTransaction):
2701         (WebCore::InProcessIDBServer::didCloseFromServer):
2702         (WebCore::InProcessIDBServer::notifyOpenDBRequestBlocked):
2703         (WebCore::InProcessIDBServer::databaseConnectionClosed):
2704         (WebCore::InProcessIDBServer::abortOpenAndUpgradeNeeded):
2705         (WebCore::InProcessIDBServer::didFireVersionChangeEvent):
2706         (WebCore::InProcessIDBServer::openDBRequestCancelled):
2707         (WebCore::InProcessIDBServer::confirmDidCloseFromServer):
2708         (WebCore::InProcessIDBServer::getAllDatabaseNames):
2709         (WebCore::InProcessIDBServer::didGetAllDatabaseNames):
2710         * Modules/mediastream/MediaDevicesRequest.cpp:
2711         (WebCore::MediaDevicesRequest::didCompleteTrackSourceInfoRequest):
2712         * Modules/mediastream/UserMediaRequest.cpp:
2713         (WebCore::UserMediaRequest::constraintsValidated):
2714         (WebCore::UserMediaRequest::userMediaAccessGranted):
2715         * Modules/webaudio/AudioContext.cpp:
2716         (WebCore::AudioContext::scheduleNodeDeletion):
2717         (WebCore::AudioContext::isPlayingAudioDidChange):
2718         (WebCore::AudioContext::suspend):
2719         (WebCore::AudioContext::resume):
2720         (WebCore::AudioContext::close):
2721         (WebCore::AudioContext::suspendPlayback):
2722         (WebCore::AudioContext::mayResumePlayback):
2723         * Modules/websockets/ThreadableWebSocketChannelClientWrapper.cpp:
2724         (WebCore::ThreadableWebSocketChannelClientWrapper::didConnect):
2725         (WebCore::ThreadableWebSocketChannelClientWrapper::didReceiveMessage):
2726         (WebCore::ThreadableWebSocketChannelClientWrapper::didReceiveBinaryData):
2727         (WebCore::ThreadableWebSocketChannelClientWrapper::didUpdateBufferedAmount):
2728         (WebCore::ThreadableWebSocketChannelClientWrapper::didStartClosingHandshake):
2729         (WebCore::ThreadableWebSocketChannelClientWrapper::didClose):
2730         (WebCore::ThreadableWebSocketChannelClientWrapper::didReceiveMessageError):
2731         (WebCore::ThreadableWebSocketChannelClientWrapper::processPendingTasks):
2732         * Modules/websockets/WebSocket.cpp:
2733         (WebCore::WebSocket::connect):
2734         * bindings/js/JSEventListener.h:
2735         (WebCore::JSEventListener::jsFunction):
2736         * dom/Node.cpp:
2737         (WebCore::Node::setTextContent):
2738         * html/HTMLMediaElement.cpp:
2739         (WebCore::HTMLMediaElement::layoutSizeChanged):
2740         * inspector/CommandLineAPIHost.cpp:
2741         (WebCore::CommandLineAPIHost::wrapper):
2742         * platform/graphics/avfoundation/AudioSourceProviderAVFObjC.mm:
2743         (WebCore::AudioSourceProviderAVFObjC::prepare):
2744         * platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp:
2745         (WebCore::WebCoreAVCFResourceLoader::invalidate):
2746         * platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm:
2747         (WebCore::WebCoreAVFResourceLoader::invalidate):
2748         * platform/ios/WebVideoFullscreenControllerAVKit.mm:
2749         (WebVideoFullscreenControllerContext::setExternalPlayback):
2750         * platform/network/BlobResourceHandle.cpp:
2751         (WebCore::BlobResourceHandle::start):
2752         (WebCore::BlobResourceHandle::notifyFinish):
2753         * platform/network/SocketStreamHandleBase.cpp:
2754         (WebCore::SocketStreamHandleBase::disconnect):
2755         * platform/network/curl/CurlDownload.cpp:
2756         (WebCore::CurlDownload::didReceiveHeader):
2757
2758 2016-07-15  Chris Dumez  <cdumez@apple.com>
2759
2760         Use fastGetAttribute() / setAttributeWithoutSynchronization() when possible
2761         https://bugs.webkit.org/show_bug.cgi?id=159793
2762
2763         Reviewed by Ryosuke Niwa.
2764
2765         Use fastGetAttribute() / setAttributeWithoutSynchronization() when possible, for performance.
2766
2767         * Modules/plugins/YouTubePluginReplacement.cpp:
2768         (WebCore::YouTubePluginReplacement::installReplacement):
2769         * dom/Element.h:
2770         (WebCore::Element::setIdAttribute):
2771         * editing/ApplyStyleCommand.cpp:
2772         (WebCore::hasNoAttributeOrOnlyStyleAttribute):
2773         (WebCore::createFontElement):
2774         (WebCore::ApplyStyleCommand::applyInlineStyleChange):
2775         * editing/EditingStyle.cpp:
2776         (WebCore::EditingStyle::elementIsStyledSpanOrHTMLEquivalent):
2777         * editing/Editor.cpp:
2778         (WebCore::Editor::setBaseWritingDirection):
2779         * editing/ReplaceSelectionCommand.cpp:
2780         (WebCore::isMailPasteAsQuotationNode):
2781         (WebCore::isInlineNodeWithStyle):
2782         * editing/cocoa/DataDetection.mm:
2783         (WebCore::DataDetection::detectContentInRange):
2784         * editing/htmlediting.cpp:
2785         (WebCore::createTabSpanElement):
2786         * editing/ios/EditorIOS.mm:
2787         (WebCore::Editor::setTextAlignmentForChangedBaseWritingDirection):
2788         (WebCore::Editor::WebContentReader::readURL):
2789         * editing/mac/EditorMac.mm:
2790         (WebCore::Editor::WebContentReader::readURL):
2791         * editing/markup.cpp:
2792         (WebCore::createFragmentFromText):
2793         * html/BaseButtonInputType.cpp:
2794         (WebCore::BaseButtonInputType::setValue):
2795         * html/BaseCheckableInputType.cpp:
2796         (WebCore::BaseCheckableInputType::setValue):
2797         * html/FTPDirectoryDocument.cpp:
2798         (WebCore::FTPDirectoryDocumentParser::appendEntry):
2799         (WebCore::FTPDirectoryDocumentParser::createTDForFilename):
2800         (WebCore::FTPDirectoryDocumentParser::loadDocumentTemplate):
2801         (WebCore::FTPDirectoryDocumentParser::createBasicDocument):
2802         * html/HTMLAnchorElement.cpp:
2803         (WebCore::HTMLAnchorElement::href):
2804         (WebCore::HTMLAnchorElement::setHref):
2805         (WebCore::HTMLAnchorElement::target):
2806         * html/HTMLAreaElement.cpp:
2807         (WebCore::HTMLAreaElement::target):
2808         * html/HTMLBaseElement.cpp:
2809         (WebCore::HTMLBaseElement::setHref):
2810         * html/HTMLButtonElement.cpp:
2811         (WebCore::HTMLButtonElement::setType):
2812         * html/HTMLDetailsElement.cpp:
2813         (WebCore::HTMLDetailsElement::didAddUserAgentShadowRoot):
2814         (WebCore::HTMLDetailsElement::toggleOpen):
2815         * html/HTMLDocument.cpp:
2816         (WebCore::HTMLDocument::setBgColor):
2817         (WebCore::HTMLDocument::setFgColor):
2818         (WebCore::HTMLDocument::setAlinkColor):
2819         (WebCore::HTMLDocument::setLinkColor):
2820         (WebCore::HTMLDocument::setVlinkColor):
2821         * html/HTMLElement.cpp:
2822         (WebCore::HTMLElement::setDir):
2823         (WebCore::HTMLElement::setContentEditable):
2824         (WebCore::HTMLElement::setDraggable):
2825         (WebCore::HTMLElement::setSpellcheck):
2826         (WebCore::HTMLElement::setTranslate):
2827         * html/HTMLFormControlElement.cpp:
2828         (WebCore::HTMLFormControlElement::setFormEnctype):
2829         (WebCore::HTMLFormControlElement::setFormMethod):
2830         (WebCore::HTMLFormControlElement::setAutocorrect):
2831         (WebCore::HTMLFormControlElement::setAutocapitalize):
2832         (WebCore::HTMLFormControlElement::setAutocomplete):
2833         * html/HTMLFormElement.cpp:
2834         (WebCore::HTMLFormElement::setAutocorrect):
2835         (WebCore::HTMLFormElement::setAutocapitalize):
2836         (WebCore::HTMLFormElement::setAction):
2837         (WebCore::HTMLFormElement::setEnctype):
2838         (WebCore::HTMLFormElement::setMethod):
2839         (WebCore::HTMLFormElement::target):
2840         * html/HTMLImageElement.cpp:
2841         (WebCore::HTMLImageElement::width):
2842         (WebCore::HTMLImageElement::height):
2843         (WebCore::HTMLImageElement::setSrc):
2844         * html/HTMLInputElement.cpp:
2845         (WebCore::HTMLInputElement::setType):
2846         (WebCore::HTMLInputElement::updateType):
2847         (WebCore::HTMLInputElement::altText):
2848         (WebCore::HTMLInputElement::setDefaultValue):
2849         * html/HTMLLinkElement.cpp:
2850         (WebCore::HTMLLinkElement::href):
2851         (WebCore::HTMLLinkElement::target):
2852         (WebCore::HTMLLinkElement::type):
2853         * html/HTMLMediaElement.cpp:
2854         (WebCore::HTMLMediaElement::setSrc):
2855         (WebCore::HTMLMediaElement::setPreload):
2856         * html/HTMLMeterElement.cpp:
2857         (WebCore::HTMLMeterElement::min):
2858         (WebCore::HTMLMeterElement::setMin):
2859         (WebCore::HTMLMeterElement::max):
2860         (WebCore::HTMLMeterElement::setMax):
2861         (WebCore::HTMLMeterElement::value):
2862         (WebCore::HTMLMeterElement::setValue):
2863         (WebCore::HTMLMeterElement::low):
2864         (WebCore::HTMLMeterElement::setLow):
2865         (WebCore::HTMLMeterElement::high):
2866         (WebCore::HTMLMeterElement::setHigh):
2867         (WebCore::HTMLMeterElement::optimum):
2868         (WebCore::HTMLMeterElement::setOptimum):
2869         * html/HTMLObjectElement.cpp:
2870         (WebCore::HTMLObjectElement::containsJavaApplet):
2871         * html/HTMLOptionElement.cpp:
2872         (WebCore::HTMLOptionElement::createForJSConstructor):
2873         (WebCore::HTMLOptionElement::setValue):
2874         (WebCore::HTMLOptionElement::setLabel):
2875         * html/HTMLProgressElement.cpp:
2876         (WebCore::HTMLProgressElement::setValue):
2877         (WebCore::HTMLProgressElement::setMax):
2878         * html/HTMLScriptElement.cpp:
2879         (WebCore::HTMLScriptElement::typeAttributeValue):
2880         * html/HTMLSelectElement.cpp:
2881         (WebCore::HTMLSelectElement::setMultiple):
2882         * html/HTMLSourceElement.cpp:
2883         (WebCore::HTMLSourceElement::setSrc):
2884         (WebCore::HTMLSourceElement::media):
2885         (WebCore::HTMLSourceElement::setMedia):
2886         (WebCore::HTMLSourceElement::type):
2887         (WebCore::HTMLSourceElement::setType):
2888         * html/HTMLTableSectionElement.cpp:
2889         (WebCore::HTMLTableSectionElement::setAlign):
2890         (WebCore::HTMLTableSectionElement::setCh):
2891         (WebCore::HTMLTableSectionElement::chOff):
2892         (WebCore::HTMLTableSectionElement::setChOff):
2893         (WebCore::HTMLTableSectionElement::setVAlign):
2894         * html/HTMLTextFormControlElement.cpp:
2895         (WebCore::HTMLTextFormControlElement::updateInnerTextElementEditability):
2896         * html/HTMLVideoElement.cpp:
2897         (WebCore::HTMLVideoElement::imageSourceURL):
2898         * html/HiddenInputType.cpp:
2899         (WebCore::HiddenInputType::restoreFormControlState):
2900         (WebCore::HiddenInputType::setValue):
2901         * html/MediaDocument.cpp:
2902         (WebCore::MediaDocumentParser::createDocumentStructure):
2903         (WebCore::MediaDocument::replaceMediaElementTimerFired):
2904         * html/PluginDocument.cpp:
2905         (WebCore::PluginDocumentParser::createDocumentStructure):
2906         * html/TextFieldInputType.cpp:
2907         (WebCore::TextFieldInputType::createAutoFillButton):
2908         (WebCore::TextFieldInputType::updateAutoFillButton):
2909         * html/parser/HTMLTreeBuilder.cpp:
2910         (WebCore::HTMLTreeBuilder::processIsindexStartTagForInBody):
2911         * html/shadow/MediaControlElements.cpp:
2912         (WebCore::MediaControlClosedCaptionsContainerElement::create):
2913         (WebCore::MediaControlTimelineElement::create):
2914         (WebCore::MediaControlPanelVolumeSliderElement::create):
2915         (WebCore::MediaControlFullscreenVolumeSliderElement::create):
2916         * html/shadow/TextControlInnerElements.cpp:
2917         (WebCore::SearchFieldCancelButtonElement::SearchFieldCancelButtonElement):
2918         * html/shadow/mac/ImageControlsButtonElementMac.cpp:
2919         (WebCore::ImageControlsButtonElementMac::tryCreate):
2920         * html/shadow/mac/ImageControlsRootElementMac.cpp:
2921         (WebCore::ImageControlsRootElement::tryCreate):
2922         * html/track/WebVTTElement.cpp:
2923         (WebCore::WebVTTElement::createEquivalentHTMLElement):
2924         * html/track/WebVTTParser.cpp:
2925         (WebCore::WebVTTTreeBuilder::constructTreeFromToken):
2926         * inspector/InspectorCSSAgent.cpp:
2927         (WebCore::InspectorCSSAgent::createInspectorStyleSheetForDocument):
2928         * inspector/InspectorPageAgent.cpp:
2929         (WebCore::InspectorPageAgent::buildObjectForFrame):
2930         * mathml/MathMLSelectElement.cpp:
2931         (WebCore::MathMLSelectElement::toggle):
2932         * page/PageSerializer.cpp:
2933         (WebCore::PageSerializer::serializeFrame):
2934         * rendering/RenderDetailsMarker.cpp:
2935         (WebCore::RenderDetailsMarker::isOpen):
2936         * rendering/mathml/RenderMathMLFraction.cpp:
2937         (WebCore::RenderMathMLFraction::updateFromElement):
2938         * svg/SVGElement.cpp:
2939         (WebCore::SVGElement::setXmlbase):
2940         * svg/SVGSVGElement.cpp:
2941         (WebCore::SVGSVGElement::setContentScriptType):
2942         (WebCore::SVGSVGElement::setContentStyleType):
2943         * svg/SVGStyleElement.cpp:
2944         (WebCore::SVGStyleElement::setMedia):
2945         (WebCore::SVGStyleElement::setTitle):
2946
2947 2016-07-15  Chris Dumez  <cdumez@apple.com>
2948
2949         Modernize StaticNodeList / StaticElementList
2950         https://bugs.webkit.org/show_bug.cgi?id=159831
2951
2952         Reviewed by Ryosuke Niwa.
2953
2954         Modernize StaticNodeList / StaticElementList. Pass vector to adopt
2955         as an rvalue reference instead of a non-const reference.
2956
2957         * bindings/js/JSHTMLAllCollectionCustom.cpp:
2958         (WebCore::namedItems):
2959         * dom/ChildListMutationScope.cpp:
2960         (WebCore::ChildListMutationAccumulator::enqueueMutationRecord):
2961         * dom/MutationRecord.cpp:
2962         * dom/SelectorQuery.cpp:
2963         (WebCore::SelectorDataList::queryAll):
2964         * dom/StaticNodeList.h:
2965         * dom/WebKitNamedFlow.cpp:
2966         (WebCore::WebKitNamedFlow::getRegionsByContent):
2967         (WebCore::WebKitNamedFlow::getRegions):
2968         (WebCore::WebKitNamedFlow::getContent):
2969         * svg/SVGSVGElement.cpp:
2970         (WebCore::SVGSVGElement::collectIntersectionOrEnclosureList):
2971         * testing/Internals.cpp:
2972         (WebCore::Internals::nodesFromRect):
2973
2974 2016-07-15  Brent Fulgham  <bfulgham@apple.com>
2975
2976         Block insecure script running in a data: frame when the top-level page is HTTPS
2977         https://bugs.webkit.org/show_bug.cgi?id=125806
2978         <rdar://problem/27331825>
2979
2980         Reviewed by Brady Eidson.
2981
2982         Fix based on a Blink change (patch by <tsepez@chromium.org>):
2983         <https://chromium.googlesource.com/chromium/blink/+/33e553bd96e040151c1472289a0d80803bfca3a5>
2984
2985         Test: http/tests/security/mixedContent/insecure-script-in-data-iframe-in-main-frame-blocked.html
2986
2987         * loader/cache/CachedResourceLoader.cpp:
2988         (WebCore::CachedResourceLoader::checkInsecureContent): Check the top-level frame's security state
2989         before allowing insecure scripts to be used.        
2990
2991 2016-07-15  Chris Dumez  <cdumez@apple.com>
2992
2993         Let the compiler generate QualifiedName copy constructor and assignment operator
2994         https://bugs.webkit.org/show_bug.cgi?id=159826
2995
2996         Reviewed by Alex Christensen.
2997
2998         Let the compiler generate QualifiedName copy constructor and assignment operator
2999         as our custom implementation does nothing special. This also makes QualifiedName
3000         movable as the compiler is now able to generate the move constructor / assignment
3001         operator as well.
3002
3003         * dom/QualifiedName.h:
3004         (WebCore::QualifiedName::QualifiedName): Deleted.
3005         (WebCore::QualifiedName::operator=): Deleted.
3006
3007 2016-07-15  Antonio Gomes  <tonikitoo@igalia.com>
3008
3009         ScrollView::setHasHorizontalScrollbar / setHasVerticalScrollbar duplicate their logic
3010         https://bugs.webkit.org/show_bug.cgi?id=159825
3011
3012         Patch introduces a (private) method to ScrollView
3013         to share the code/logic of setHas{Horizontal,Vertical}Scrollbar.
3014
3015         Reviewed by Simon Fraser.
3016
3017         No new tests needed.
3018
3019         * platform/ScrollView.cpp:
3020         (WebCore::ScrollView::setHasScrollbarInternal):
3021         (WebCore::ScrollView::setHasHorizontalScrollbar):
3022         (WebCore::ScrollView::setHasVerticalScrollbar):
3023         * platform/ScrollView.h:
3024
3025 2016-07-15  Frederic Wang  <fwang@igalia.com>
3026
3027         MathOperator: Improve alignment for vertical size variant
3028         https://bugs.webkit.org/show_bug.cgi?id=158866
3029
3030         Reviewed by Brent Fulgham.
3031
3032         The MathOperator class may stretch operators with either a large glyph or a glyph assembly.
3033         In the latter case, the assembly is adjusted to match the stretch ascent and descent
3034         requested by the callers. But in the former case the glyph ascent and descent are used
3035         instead. We solve this by making MathOperator::stretchTo only take a targetSize and let
3036         callers do the vertical alignment they want. This improves the rendering of fences with some
3037         math fonts (e.g. XITS) and allows to pass the two cases of mo-axis-height-1.html.
3038
3039         Test: imported/mathml-in-html5/mathml/presentation-markup/operators/mo-axis-height-1.html
3040
3041         * rendering/mathml/MathOperator.cpp:
3042         (WebCore::MathOperator::stretchTo): Merge vertical and horizontal stretching into the same
3043         function with only the targetSize as a parameter.
3044         * rendering/mathml/RenderMathMLOperator.cpp:
3045         (WebCore::RenderMathMLOperator::stretchTo): Updated to use the new signature.
3046         (WebCore::RenderMathMLOperator::verticalStretchedOperatorShift): Helper function to calculate
3047         the shift necessary to align the baseline of the MathOperator instance with the one of the
3048         RenderMathMLOperator.
3049         (WebCore::RenderMathMLOperator::firstLineBaseline): Adjust the baseline.
3050         * rendering/mathml/RenderMathMLOperator.h: Declare verticalStretchedOperatorShift.
3051         * rendering/mathml/RenderMathMLRoot.cpp:
3052         (WebCore::RenderMathMLRoot::layoutBlock): Use the new signature. This function aligns the top
3053         of the radical with the overbar so we do not need to adjust baseline alignment here.
3054
3055 2016-07-15  Brady Eidson  <beidson@apple.com>
3056
3057         WebKit should prevent push/replace state with username in URL.
3058         <rdar://problem/27361737> and https://bugs.webkit.org/show_bug.cgi?id=159818
3059
3060         Reviewed by Brent Fulgham.
3061
3062         Test: http/tests/security/history-username-password.html
3063
3064         * page/History.cpp:
3065         (WebCore::History::stateObjectAdded): Don't allow URLs with usernames/passwords.
3066
3067 2016-07-15  Ryan Haddad  <ryanhaddad@apple.com>
3068
3069         Unreviewed, rolling out r203266.
3070
3071         This change caused editing/deleting/delete-emoji.html to time
3072         out on El Capitan, crash under GuardMalloc
3073
3074         Reverted changeset:
3075
3076         "Support new emoji group candidates"
3077         https://bugs.webkit.org/show_bug.cgi?id=159755
3078         http://trac.webkit.org/changeset/203266
3079
3080 2016-07-15  Frederic Wang  <fwang@igalia.com>
3081
3082         Move parsing of mfrac attributes into a MathMLFractionElement class
3083         https://bugs.webkit.org/show_bug.cgi?id=159624
3084
3085         Reviewed by Brent Fulgham.
3086
3087         We move the parsing of mfrac attributes to a MathMLFractionElement class. This allows to
3088         minimize the updates in RenderMathMLFraction and to remove the alignment members. Many of
3089         the members in updateLayoutParameters are actually only used in layoutBlock and could be
3090         removed in a follow-up patch. We also improve the resolution of negative line thickness value
3091         since the MathML recommendation says it should be rounded up to the nearest valid
3092         value (which is zero) instead of ignoring the attribute and using the line thickness.
3093
3094         No new tests, already covered by existing tests.
3095
3096         * CMakeLists.txt: Add MathMLFractionElement.
3097         * WebCore.xcodeproj/project.pbxproj: Ditto.
3098         * mathml/MathMLAllInOne.cpp: Ditto.
3099         * mathml/MathMLFractionElement.cpp: Added.
3100         (WebCore::MathMLFractionElement::MathMLFractionElement):
3101         (WebCore::MathMLFractionElement::create):
3102         (WebCore::MathMLFractionElement::lineThickness): Return the cached linethickness length,
3103         parsing it again if it is dirty. This handles the special values "thin", "medium" and "thick"
3104         or fallback to the general parseMathMLLength for MathML lengths.
3105         (WebCore::MathMLFractionElement::cachedFractionAlignment): Return the cached alignment value,
3106         parsing it again if it is dirty.
3107         (WebCore::MathMLFractionElement::numeratorAlignment): Return the cached alignment.
3108         (WebCore::MathMLFractionElement::denominatorAlignment): Ditto.
3109         (WebCore::MathMLFractionElement::parseAttribute): Make attributes dirty.
3110         (WebCore::MathMLFractionElement::createElementRenderer): Create a RenderMathMLFraction.
3111         * mathml/MathMLFractionElement.h: Added.
3112         * mathml/MathMLInlineContainerElement.cpp: We no longer need to handle fraction here.
3113         (WebCore::MathMLInlineContainerElement::createElementRenderer):
3114         * mathml/mathtags.in: Use MathMLFractionElement for mfrac.
3115         * rendering/mathml/RenderMathMLFraction.cpp:
3116         (WebCore::RenderMathMLFraction::updateLayoutParameters): New helper function to set the
3117         layout parameters, replacing updateFromElement. We no longer parse and store the alignment
3118         values here. We also change the resolution of negative values.
3119         (WebCore::RenderMathMLFraction::horizontalOffset): Use the enum from MathMLFractionElement.
3120         (WebCore::RenderMathMLFraction::layoutBlock): We call updateLayoutParameters instead of
3121         updateFromElement. The numerator and denominator alignments are resolved here.
3122         (WebCore::RenderMathMLFraction::parseAlignmentAttribute): Deleted. Parsing of alignment
3123         attribute is now handled in MathMLFractionElement.
3124         (WebCore::RenderMathMLFraction::updateFromElement): Deleted. Attribute changes are now
3125         handled in MathMLFractionElement.
3126         (WebCore::RenderMathMLFraction::styleDidChange): Deleted. Font changes are properly handled.
3127         * rendering/mathml/RenderMathMLFraction.h: Update declarations.
3128
3129 2016-07-15  Frederic Wang  <fwang@igalia.com>
3130
3131         Check whether font is nonnull for GlyphData instead of calling GlyphData::isValid()
3132         https://bugs.webkit.org/show_bug.cgi?id=159783
3133
3134         Reviewed by Brent Fulgham.
3135
3136         GlyphData::isValid() returns true for GlyphData with null 'font' pointer when the 'glyph'
3137         index is nonzero. This behavior is not expected by the MathML code and we have had crashes
3138         in our test suite in the past on Windows (e.g. bug 140653). We thus replace the call to
3139         GlyphData::isValid() with a stronger verification: Whether the 'font' pointer is nonzero.
3140
3141         No new tests, this only makes null pointer checks stronger.
3142
3143         * rendering/mathml/MathOperator.cpp:
3144         (WebCore::boundsForGlyph):
3145         (WebCore::advanceWidthForGlyph):
3146         (WebCore::MathOperator::getBaseGlyph):
3147         (WebCore::MathOperator::setSizeVariant):
3148         (WebCore::MathOperator::fillWithVerticalExtensionGlyph):
3149         (WebCore::MathOperator::fillWithHorizontalExtensionGlyph):
3150         (WebCore::MathOperator::paintVerticalGlyphAssembly):
3151         (WebCore::MathOperator::paintHorizontalGlyphAssembly):
3152         (WebCore::MathOperator::paint):
3153         * rendering/mathml/RenderMathMLOperator.cpp:
3154         (WebCore::RenderMathMLOperator::computePreferredLogicalWidths):
3155         * rendering/mathml/RenderMathMLToken.cpp:
3156         (WebCore::RenderMathMLToken::computePreferredLogicalWidths):
3157         (WebCore::RenderMathMLToken::firstLineBaseline):
3158         (WebCore::RenderMathMLToken::layoutBlock):
3159         (WebCore::RenderMathMLToken::paint):
3160         (WebCore::RenderMathMLToken::paintChildren):
3161
3162 2016-07-15  Frederic Wang  <fwang@igalia.com>
3163
3164         Add DejaVu Math TeX Gyre to the list of math fonts.
3165         https://bugs.webkit.org/show_bug.cgi?id=159805
3166
3167         Reviewed by Brent Fulgham.
3168
3169         DejaVu 2.36 has a new math font that can be used for MathML rendering. Because this font is
3170         likely to be installed on many systems (Linux, LibreOffice, etc) we include it in the default
3171         list of font-families in mathml.css in order to increase the chance to find a math font.
3172
3173         No new tests, it only affects rendering when DejaVu Math TeX Gyre is installed on the system.
3174
3175         * css/mathml.css:
3176         (math):
3177
3178 2016-07-15  Eric Carlson  <eric.carlson@apple.com>
3179
3180         [MSE] Increase the SourceBuffer "fudge factor"
3181         https://bugs.webkit.org/show_bug.cgi?id=159813
3182         <rdar://problem/27372033>
3183
3184         Reviewed by Jon Lee.
3185         
3186         Some media encoding/conversion pipelines are sloppy when doing sample time/timescale
3187         math, and the error accumulation results in small gaps in the media timeline. r202641
3188         increased the maximum allowable gap from 0.01 second to one 24fps frame, but it turns
3189         out that at least one large provider has a significant amount of content encoded with
3190         up to two 24fps frames.
3191
3192         No new tests, updated media/media-source/media-source-small-gap.html.
3193
3194         * Modules/mediasource/SourceBuffer.cpp:
3195         (WebCore::currentTimeFudgeFactor): Increase maximum gap to 2002 / 24000 frames.
3196
3197 2016-07-15  Rawinder Singh  <rawinder.singh-webkit@cisra.canon.com.au>
3198
3199         Add final keyword to WebCore/svg classes
3200         https://bugs.webkit.org/show_bug.cgi?id=159802
3201
3202         Reviewed by Youenn Fablet.
3203
3204         Updated classes in the WebCore/svg directory to be marked as final where appropriate.
3205
3206         * svg/SVGException.h:
3207         * svg/SVGLengthList.h:
3208         * svg/SVGMatrix.h:
3209         * svg/SVGNumberList.h:
3210         * svg/SVGPaint.h:
3211         * svg/SVGPathBuilder.h:
3212         * svg/SVGPathByteStreamBuilder.h:
3213         * svg/SVGPathByteStreamSource.h:
3214         * svg/SVGPathSegArcAbs.h:
3215         * svg/SVGPathSegArcRel.h:
3216         * svg/SVGPathSegClosePath.h:
3217         * svg/SVGPathSegCurvetoCubicAbs.h:
3218         * svg/SVGPathSegCurvetoCubicRel.h:
3219         * svg/SVGPathSegCurvetoCubicSmoothAbs.h:
3220         * svg/SVGPathSegCurvetoCubicSmoothRel.h:
3221         * svg/SVGPathSegCurvetoQuadraticAbs.h:
3222         * svg/SVGPathSegCurvetoQuadraticRel.h:
3223         * svg/SVGPathSegCurvetoQuadraticSmoothAbs.h:
3224         * svg/SVGPathSegCurvetoQuadraticSmoothRel.h:
3225         * svg/SVGPathSegLinetoAbs.h:
3226         * svg/SVGPathSegLinetoHorizontalAbs.h:
3227         * svg/SVGPathSegLinetoHorizontalRel.h:
3228         * svg/SVGPathSegLinetoRel.h:
3229         * svg/SVGPathSegLinetoVerticalAbs.h:
3230         * svg/SVGPathSegLinetoVerticalRel.h:
3231         * svg/SVGPathSegListBuilder.h:
3232         * svg/SVGPathSegListSource.h:
3233         * svg/SVGPathSegMovetoAbs.h:
3234         * svg/SVGPathSegMovetoRel.h:
3235         * svg/SVGPathStringSource.h:
3236         * svg/SVGPathTraversalStateBuilder.h:
3237         * svg/SVGPointList.h:
3238         * svg/SVGRenderingIntent.h:
3239         * svg/SVGStringList.h:
3240         * svg/SVGTRefElement.cpp:
3241         * svg/SVGToOTFFontConversion.cpp:
3242         * svg/SVGTransformList.h:
3243         * svg/SVGUnitTypes.h:
3244         * svg/SVGViewSpec.h:
3245         * svg/SVGZoomEvent.h:
3246         * svg/animation/SMILTimeContainer.h:
3247         * svg/animation/SVGSMILElement.cpp:
3248         * svg/graphics/filters/SVGFEImage.h:
3249         * svg/graphics/filters/SVGFilter.h:
3250         * svg/properties/SVGAnimatedPathSegListPropertyTearOff.h:
3251         * svg/properties/SVGAnimatedPropertyTearOff.h:
3252         * svg/properties/SVGAnimatedTransformListPropertyTearOff.h:
3253         * svg/properties/SVGMatrixTearOff.h:
3254         * svg/properties/SVGPathSegListPropertyTearOff.h:
3255         * svg/properties/SVGStaticListPropertyTearOff.h:
3256         * svg/properties/SVGStaticPropertyTearOff.h:
3257         * svg/properties/SVGTransformListPropertyTearOff.h:
3258
3259 2016-07-15  Per Arne Vollan  <pvollan@apple.com>
3260
3261         Uninitialized variable in DIBPixelData can cause a dangerous memory write
3262         https://bugs.webkit.org/show_bug.cgi?id=159414
3263
3264         Reviewed by Brent Fulgham.
3265
3266         Initialize local BITMAP variable, in case the ::GetObject function that should initialize it
3267         fails to do so, because the bitmap handle is invalid.
3268
3269         Tests: Tools/TestWebKitAPI/Tests/WebCore/win/DIBPixelData.cpp
3270
3271         * platform/graphics/win/DIBPixelData.cpp:
3272         (WebCore::DIBPixelData::initialize): Initialize local variable.
3273         (WebCore::DIBPixelData::setRGBABitmapAlpha): Return early if we have no bitmap.
3274         * platform/graphics/win/DIBPixelData.h: Link fix.
3275
3276 2016-07-14  Yoav Weiss  <yoav@yoav.ws>
3277
3278         Change CSSParser::sourceSize returning Optional<CSSParser::SourceSize>
3279         https://bugs.webkit.org/show_bug.cgi?id=159666
3280
3281         Reviewed by Michael Catanzaro.
3282
3283         Tests:
3284             fast/dom/HTMLImageElement/sizes/image-sizes-invalids.html
3285
3286         * css/CSSGrammar.y.in: Avoid adding SourceSize to source_size_list when the value is a Nullopt.
3287         * css/CSSParser.cpp:
3288         (WebCore::CSSParser::sourceSize): Return a Nullopt when an invalid value is encountered.
3289         * css/CSSParser.h:
3290
3291 2016-07-14  Antonio Gomes  <tonikitoo@igalia.com>
3292
3293         [RTL Scrollbars] Frame scrollbars don't move to the right when text direction changes to RTL
3294         https://bugs.webkit.org/show_bug.cgi?id=158252
3295
3296         Reviewed by Myles C. Maxfield.
3297
3298         When the 'dir' attribute changes either on body or on the document
3299         element level, the associated FrameView does not trigger an update on
3300         the frame level vertical scrollbar.
3301
3302         Patch adds a 'hook' so that RenderBox::styleDidChange can call in
3303         order to get the document level scrollbar placed properly in the next
3304         layout.
3305
3306         Test: fast/scrolling/rtl-scrollbars-alternate-body-dir-attr-does-not-update-scrollbar-placement.html
3307               fast/scrolling/rtl-scrollbars-alternate-body-dir-attr-does-not-update-scrollbar-placement-2.html
3308               fast/scrolling/rtl-scrollbars-alternate-iframe-body-dir-attr-does-not-update-scrollbar-placement.html
3309
3310         * page/FrameView.cpp:
3311         (WebCore::FrameView::topContentDirectionDidChange):
3312         * page/FrameView.h:
3313         * rendering/RenderBox.cpp:
3314         (WebCore::RenderBox::styleDidChange):
3315
3316 2016-07-14  Myles C. Maxfield  <mmaxfield@apple.com>
3317
3318         Support new emoji group candidates
3319         https://bugs.webkit.org/show_bug.cgi?id=159755
3320         <rdar://problem/27325521>
3321
3322         Reviewed by Dean Jackson.
3323
3324         There are a few code points which should be able to be joined (with ZWJ) to
3325         either U+2640 or U+2642 to change the gender of the emoji. These patterns
3326         should also work with an additional 0xFE0F variation selector. This patch
3327         adds these new patterns to our existing emoji group candidate infrastructure.
3328
3329         Tests: fast/text/emoji-gender-2-3.html
3330                fast/text/emoji-gender-2-4.html
3331                fast/text/emoji-gender-2-5.html
3332                fast/text/emoji-gender-2-6.html
3333                fast/text/emoji-gender-2-7.html
3334                fast/text/emoji-gender-2-8.html
3335                fast/text/emoji-gender-2-9.html
3336                fast/text/emoji-gender-2.html
3337                fast/text/emoji-gender-3.html
3338                fast/text/emoji-gender-4.html
3339                fast/text/emoji-gender-5.html
3340                fast/text/emoji-gender-6.html
3341                fast/text/emoji-gender-7.html
3342                fast/text/emoji-gender-8.html
3343                fast/text/emoji-gender-9.html
3344                fast/text/emoji-gender-fe0f-3.html
3345                fast/text/emoji-gender-fe0f-4.html
3346                fast/text/emoji-gender-fe0f-5.html
3347                fast/text/emoji-gender-fe0f-6.html
3348                fast/text/emoji-gender-fe0f-7.html
3349                fast/text/emoji-gender-fe0f-8.html
3350                fast/text/emoji-gender-fe0f-9.html
3351                fast/text/emoji-gender.html
3352                fast/text/emoji-num-glyphs.html
3353                fast/text/emoji-single-parent-family-2.html
3354                fast/text/emoji-single-parent-family.html
3355
3356         * platform/graphics/mac/ComplexTextControllerCoreText.mm:
3357         (WebCore::ComplexTextController::ComplexTextRun::ComplexTextRun): Removed incorrect ASSERT()s.
3358         * platform/graphics/FontCascade.cpp:
3359         (WebCore::FontCascade::characterRangeCodePath):
3360         * platform/text/CharacterProperties.h:
3361         (WebCore::isEmojiGroupCandidate):
3362
3363 2016-07-14  Dean Jackson  <dino@apple.com>
3364
3365         CrashTracer: com.apple.WebKit.WebContent at WebCore: WebCore::MediaQueryEvaluator::evaluate const
3366         https://bugs.webkit.org/show_bug.cgi?id=159799
3367         <rdar://problem/27346959>
3368
3369         Reviewed by Myles Maxfield.
3370
3371         Speculative fix for this crash, which seems to happen when asking for the Node's
3372         renderer(). From the incoming crash logs, it is triggered by mutations on
3373         a <picture> or <img> element, which would require choosing a new source,
3374         and causing some media queries to evaluate.
3375
3376         The only place in MediaQueryEvaluator that has anything to do with
3377         renderers is when gathering up some style information to pass to the
3378         actual evaluation function. I put a guard against a missing documentElement
3379         in there.
3380
3381         * css/MediaQueryEvaluator.cpp:
3382         (WebCore::MediaQueryEvaluator::evaluate): Make sure documentElement is not
3383         null.
3384
3385 2016-07-14  Rawinder Singh  <rawinder.singh-webkit@cisra.canon.com.au>
3386
3387         Update HTML*Element class override methods in final classes
3388         https://bugs.webkit.org/show_bug.cgi?id=159456
3389
3390         Reviewed by Youenn Fablet.
3391
3392         Update HTML*Element classes so that overriden methods in final classes are marked final.
3393         Also marked HTMLDivElement overriden methods as final since they are not overridden by derived classes.
3394
3395         * html/HTMLAppletElement.h:
3396         * html/HTMLAreaElement.h:
3397         * html/HTMLAttachmentElement.h:
3398         * html/HTMLAudioElement.h:
3399         * html/HTMLBRElement.h:
3400         * html/HTMLBaseElement.h:
3401         * html/HTMLBodyElement.h:
3402         * html/HTMLButtonElement.h:
3403         * html/HTMLCanvasElement.h:
3404         * html/HTMLDataElement.h:
3405         * html/HTMLDetailsElement.h:
3406         * html/HTMLDivElement.h:
3407         * html/HTMLEmbedElement.h:
3408         * html/HTMLFieldSetElement.h:
3409         * html/HTMLFontElement.h:
3410         * html/HTMLFormElement.h:
3411         * html/HTMLFrameSetElement.h:
3412         * html/HTMLHRElement.h:
3413         * html/HTMLHtmlElement.h:
3414         * html/HTMLKeygenElement.h:
3415         * html/HTMLLIElement.h:
3416         * html/HTMLLabelElement.h:
3417         * html/HTMLLegendElement.h:
3418         * html/HTMLLinkElement.h:
3419         * html/HTMLMapElement.h:
3420         * html/HTMLMarqueeElement.h:
3421         * html/HTMLMetaElement.h:
3422         * html/HTMLMeterElement.h:
3423         * html/HTMLModElement.h:
3424         * html/HTMLOListElement.h:
3425         * html/HTMLObjectElement.h:
3426         * html/HTMLOptGroupElement.h:
3427         * html/HTMLOptionElement.h:
3428         * html/HTMLOutputElement.h:
3429         * html/HTMLParagraphElement.h:
3430         * html/HTMLParamElement.h:
3431         * html/HTMLPreElement.h:
3432         * html/HTMLProgressElement.h:
3433         * html/HTMLQuoteElement.h:
3434         * html/HTMLScriptElement.h:
3435         * html/HTMLSourceElement.h:
3436         * html/HTMLStyleElement.h:
3437         * html/HTMLSummaryElement.h:
3438         * html/HTMLTableCaptionElement.h:
3439         * html/HTMLTableColElement.h:
3440         * html/HTMLTableElement.h:
3441         * html/HTMLTableSectionElement.h:
3442         * html/HTMLTemplateElement.h:
3443         * html/HTMLTextAreaElement.h:
3444         * html/HTMLTitleElement.h:
3445         * html/HTMLUListElement.h:
3446         * html/HTMLUnknownElement.h:
3447         * html/HTMLVideoElement.h:
3448         * html/HTMLWBRElement.h:
3449
3450 2016-07-14  Chris Dumez  <cdumez@apple.com>
3451
3452         Modernize GlyphMetricsMap
3453         https://bugs.webkit.org/show_bug.cgi?id=159788
3454
3455         Reviewed by Darin Adler.
3456
3457         Modernize GlyphMetricsMap a bit.
3458
3459         * platform/graphics/GlyphMetricsMap.h:
3460         - Drop WTF_MAKE_NONCOPYABLE as the class is already non-copyable due to having
3461           to having a std::unique_ptr data member.
3462         - Drop GlyphMetricsMap default constructor and let the compiler generate it
3463           instead. This required using inline initialization for m_filledPrimaryPage.
3464
3465         (WebCore::GlyphMetricsMap::GlyphMetricsPage::GlyphMetricsPage):
3466         - Make m_metrics data member private as it does not need to be public.
3467         - Make setMetricsForIndex(unsigned index, const T& metrics) setter private
3468           as it does not need to be public.
3469         - Make GlyphMetricsPage(const T& initialValue) constructor explicit as it
3470           takes only 1 parameter.
3471
3472         (WebCore::GlyphMetricsMap<T>::locatePageSlowCase):
3473         - Use HashMap::ensure() to make the code a bit nicer.
3474
3475 2016-07-14  Simon Fraser  <simon.fraser@apple.com>
3476
3477         [iOS WK2] When scrolling apple.com/music on iPad Pro in landscape, left-hand tiles appear first
3478         https://bugs.webkit.org/show_bug.cgi?id=159798
3479         rdar://problem/27362717
3480
3481         Reviewed by Tim Horton.
3482
3483         In out-of-visible tiled layers, we always allocated the top-left tile, wasting
3484         memory and causing ugliness when scrolling that layer into view. This happened
3485         because getTileIndexRangeForRect() had no way to express the fact that no tiles
3486         should be created.
3487
3488         Fix getTileIndexRangeForRect() to return a bool, and fix callers to respect the
3489         return value.
3490
3491         Test: compositing/tiling/offscreen-tiled-layer.html
3492
3493         * platform/graphics/ca/GraphicsLayerCA.cpp:
3494         (WebCore::GraphicsLayerCA::dumpAdditionalProperties):
3495         * platform/graphics/ca/TileGrid.cpp:
3496         (WebCore::TileGrid::setNeedsDisplayInRect):
3497         (WebCore::TileGrid::tilesWouldChangeForCoverageRect):
3498         (WebCore::TileGrid::getTileIndexRangeForRect):
3499         (WebCore::TileGrid::revalidateTiles):
3500         (WebCore::TileGrid::ensureTilesForRect):
3501         (WebCore::TileGrid::extent):
3502         * platform/graphics/ca/TileGrid.h:
3503
3504 2016-07-14  John Wilander  <wilander@apple.com>
3505
3506         Remove credentials in URL when accessed through location.href
3507         https://bugs.webkit.org/show_bug.cgi?id=139562
3508         <rdar://problem/27331164>
3509
3510         Reviewed by Brent Fulgham.
3511
3512         Test: http/tests/security/location-href-clears-username-password.html
3513
3514         The reason for this change is to not allow scripts on the page to
3515         exfiltrate username and password from the URL.
3516
3517         * page/Location.cpp:
3518         (WebCore::Location::href):
3519             Now checks if there is a username or password in the URL. If so,
3520             it copies the URL and removes the username and password.
3521
3522 2016-07-14  Javier Fernandez  <jfernandez@igalia.com>
3523
3524         [css-grid] Handle min-content/max-content with orthogonal flows
3525         https://bugs.webkit.org/show_bug.cgi?id=159294
3526
3527         Reviewed by Darin Adler.
3528
3529         Currently there is no support for orthogonal flows in many aspects of the
3530         Grid Layout logic.
3531
3532         The Grid sizing algorithm should be adapted to this scenario, hence this
3533         patch focus on the min-content and max-content functions, used to resolve
3534         content based track sizes.
3535
3536         There are still issues related to alignment and sizes using percentages,
3537         but they will be addressed in different patches.
3538
3539         Tests: fast/css-grid-layout/grid-item-positioning-with-orthogonal-flows.html
3540                fast/css-grid-layout/grid-item-sizing-with-orthogonal-flows.html
3541                fast/css-grid-layout/grid-item-spanning-and-orthogonal-flows.html
3542                fast/css-grid-layout/grid-track-sizing-with-orthogonal-flows.html
3543                fast/css-grid-layout/grid-track-sizing-with-percentages-and-orthogonal-flows.html
3544
3545         * rendering/RenderBox.cpp:
3546         (WebCore::RenderBox::computeLogicalWidthInRegion):
3547         * rendering/RenderGrid.cpp:
3548         (WebCore::RenderGrid::GridSizingData::advanceNextState):
3549         (WebCore::RenderGrid::GridSizingData::isValidTransitionForDirection):
3550         (WebCore::RenderGrid::computeTrackSizesForDirection):
3551         (WebCore::RenderGrid::repeatTracksSizingIfNeeded): Added.
3552         (WebCore::RenderGrid::layoutBlock):
3553         (WebCore::RenderGrid::computeIntrinsicLogicalWidths):
3554         (WebCore::RenderGrid::computeIntrinsicLogicalHeight):
3555         (WebCore::hasOverrideContainingBlockContentSizeForChild):
3556         (WebCore::overrideContainingBlockContentSizeForChild):
3557         (WebCore::setOverrideContainingBlockContentSizeForChild):
3558         (WebCore::shouldClearOverrideContainingBlockContentSizeForChild):
3559         (WebCore::RenderGrid::gridTrackSize):
3560         (WebCore::RenderGrid::isOrthogonalChild): Added.
3561         (WebCore::RenderGrid::logicalHeightForChild):
3562         (WebCore::RenderGrid::flowAwareDirectionForChild): Added.
3563         (WebCore::RenderGrid::minSizeForChild):
3564         (WebCore::RenderGrid::updateOverrideContainingBlockContentSizeForChild):
3565         (WebCore::RenderGrid::minContentForChild):
3566         (WebCore::RenderGrid::maxContentForChild):
3567         (WebCore::RenderGrid::placeItemsOnGrid):
3568         (WebCore::RenderGrid::layoutPositionedObject):
3569         (WebCore::RenderGrid::offsetAndBreadthForPositionedChild):
3570         (WebCore::RenderGrid::assumedRowsSizeForOrthogonalChild): Added.
3571         (WebCore::RenderGrid::gridAreaBreadthForChild):
3572         (WebCore::RenderGrid::columnAxisPositionForChild):
3573         (WebCore::RenderGrid::rowAxisPositionForChild):
3574         (WebCore::RenderGrid::findChildLogicalPosition):
3575         * rendering/RenderGrid.h:
3576         (WebCore::RenderGrid::SizingOperation): This enum has been moved to the header file.
3577         (WebCore::RenderGrid::m_hasAnyOrthogonalChild): New class attribute to know if there are any orthogonal grid items.
3578         (WebCore::RenderGrid::updateOverrideContainingBlockContentSizeForChild):
3579         (WebCore::RenderGrid::logicalHeightForChild):
3580         (WebCore::RenderGrid::gridAreaBreadthForChild):
3581         (WebCore::RenderGrid::assumedRowsSizeForOrthogonalChild):
3582
3583
3584
3585 2016-07-14  Chris Dumez  <cdumez@apple.com>
3586
3587         Use emptyString() instead of "" when possible
3588         https://bugs.webkit.org/show_bug.cgi?id=159789
3589
3590         Reviewed by Alex Christensen.
3591
3592         Use emptyString() instead of "" when possible to reduce String allocations.
3593
3594         * Modules/webdatabase/Database.cpp:
3595         (WebCore::Database::performOpenAndVerify):
3596         * css/CSSSelector.h:
3597         * css/StyleProperties.cpp:
3598         (WebCore::MutableStyleProperties::removeProperty):
3599         (WebCore::MutableStyleProperties::removeCustomProperty):
3600         * editing/TextCheckingHelper.cpp:
3601         (WebCore::TextCheckingHelper::findFirstMisspellingOrBadGrammar):
3602         (WebCore::TextCheckingHelper::findFirstBadGrammar):
3603         * editing/TypingCommand.h:
3604         (WebCore::TypingCommand::create):
3605         * fileapi/FileReaderLoader.cpp:
3606         (WebCore::FileReaderLoader::cleanup):
3607         * inspector/InspectorStyleSheet.cpp:
3608         (WebCore::fillMediaListChain):
3609         * page/UserContentURLPattern.cpp:
3610         (WebCore::UserContentURLPattern::parse):
3611         * platform/graphics/MediaPlayer.cpp:
3612         (WebCore::MediaPlayer::load):
3613         * platform/gtk/DataObjectGtk.h:
3614         (WebCore::DataObjectGtk::clearURIList):
3615         * platform/network/curl/ResourceHandleCurl.cpp:
3616         (WebCore::ResourceHandle::receivedRequestToContinueWithoutCredential):
3617         * platform/network/curl/ResourceHandleManager.h:
3618         * rendering/RenderLayerCompositor.cpp:
3619         (WebCore::RenderLayerCompositor::layerTreeAsText):
3620         * rendering/RenderListMarker.cpp:
3621         (WebCore::RenderListMarker::updateContent):
3622         * rendering/style/RenderStyle.cpp:
3623         (WebCore::RenderStyle::noneDashboardRegions):
3624         * rendering/svg/SVGTextMetrics.cpp:
3625         (WebCore::SVGTextMetrics::SVGTextMetrics):
3626         * xml/XPathParser.cpp:
3627         (WebCore::XPath::Parser::lexString):
3628
3629 2016-07-14  Brent Fulgham  <bfulgham@apple.com>
3630
3631         editing/spelling/spellcheck-async.html sometimes crashes with GuardMalloc 
3632         https://bugs.webkit.org/show_bug.cgi?id=142969
3633         <rdar://problem/27331095>
3634
3635         Reviewed by Alex Christensen.
3636
3637         Fix based on a Blink change (patch by <rouslan@chromium.org>):
3638         <https://chromium.googlesource.com/chromium/blink/+/c713736b122c2224804b2db72f1f711cb47ee260%5E%21/#F1>
3639
3640         Test: editing/spelling/copy-paste-crash.html
3641               editing/spelling/spellcheck-async.html
3642
3643         * editing/SpellChecker.cpp:
3644         (WebCore::SpellCheckRequest::didSucceed):
3645         (WebCore::SpellCheckRequest::didCancel):
3646
3647 2016-07-14  Zalan Bujtas  <zalan@apple.com>
3648
3649         ImageBuffer's succes flag should be set to false at the very beginning of the c'tor.
3650         https://bugs.webkit.org/show_bug.cgi?id=159784
3651
3652         Reviewed by Simon Fraser.
3653
3654         No change in functionality.
3655
3656         * platform/graphics/cg/ImageBufferCG.cpp:
3657         (WebCore::ImageBuffer::ImageBuffer):
3658
3659 2016-07-14  Alex Christensen  <achristensen@webkit.org>
3660
3661         Use SocketProvider to create SocketStreamHandles
3662         https://bugs.webkit.org/show_bug.cgi?id=159774
3663
3664         Reviewed by Brady Eidson.
3665
3666         No new tests.  No change in behaviour.
3667         
3668         In r202930 I introduced the SocketProvider, but I used it to make a WebSocketChannel
3669         instead of a SocketStreamHandle, which is the class I want to make into an interface
3670         and proxy the web traffic over to the NetworkProcess.
3671
3672         * CMakeLists.txt:
3673         * Modules/websockets/ThreadableWebSocketChannel.cpp: Added.
3674         (WebCore::ThreadableWebSocketChannel::create):
3675         I removed this in 202930, so this is restoring it from that patch, hence the old copyright.
3676         * Modules/websockets/ThreadableWebSocketChannel.h:
3677         (WebCore::ThreadableWebSocketChannel::ThreadableWebSocketChannel):
3678         * Modules/websockets/WebSocket.cpp:
3679         (WebCore::WebSocket::connect):
3680         * Modules/websockets/WebSocketChannel.cpp:
3681         (WebCore::WebSocketChannel::WebSocketChannel):
3682         (WebCore::WebSocketChannel::connect):
3683         * Modules/websockets/WebSocketChannel.h:
3684         (WebCore::WebSocketChannel::create):
3685         * Modules/websockets/WorkerThreadableWebSocketChannel.cpp:
3686         (WebCore::WorkerThreadableWebSocketChannel::WorkerThreadableWebSocketChannel):
3687         (WebCore::WorkerThreadableWebSocketChannel::resume):
3688         (WebCore::WorkerThreadableWebSocketChannel::Peer::Peer):
3689         (WebCore::WorkerThreadableWebSocketChannel::Peer::didReceiveMessageError):
3690         (WebCore::WorkerThreadableWebSocketChannel::Bridge::Bridge):
3691         (WebCore::WorkerThreadableWebSocketChannel::Bridge::~Bridge):
3692         (WebCore::WorkerThreadableWebSocketChannel::Bridge::mainThreadInitialize):
3693         (WebCore::WorkerThreadableWebSocketChannel::Bridge::initialize):
3694         * Modules/websockets/WorkerThreadableWebSocketChannel.h:
3695         (WebCore::WorkerThreadableWebSocketChannel::create):
3696         (WebCore::WorkerThreadableWebSocketChannel::Bridge::create):
3697         * WebCore.xcodeproj/project.pbxproj:
3698         * inspector/InspectorOverlay.cpp:
3699         (WebCore::InspectorOverlay::overlayPage):
3700         * loader/EmptyClients.cpp:
3701         (WebCore::EmptyEditorClient::registerRedoStep):
3702         (WebCore::EmptySocketProvider::createWebSocketChannel): Deleted.
3703         * loader/EmptyClients.h:
3704         * page/SocketProvider.cpp: Added.
3705         (WebCore::SocketProvider::createSocketStreamHandle):
3706         * page/SocketProvider.h:
3707         (WebCore::SocketProvider::~SocketProvider): Deleted.
3708         * platform/network/cf/SocketStreamHandle.h:
3709         * svg/graphics/SVGImage.cpp:
3710         (WebCore::SVGImage::dataChanged):
3711
3712 2016-07-14  Brady Eidson  <beidson@apple.com>
3713
3714         "User delete" tests are flakey timeouts (and/or DatabaseProcess crashes).
3715         https://bugs.webkit.org/show_bug.cgi?id=158741
3716
3717         Reviewed by Alex Christensen.
3718
3719         No new tests (Covered by existing tests in some configurations)
3720
3721         - Check if a database hard delete is complete in more places.
3722         - Asynchronously clear out the hard close protector instead of synchronously.
3723         
3724         * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
3725         (WebCore::IDBServer::UniqueIDBDatabase::~UniqueIDBDatabase):
3726         (WebCore::IDBServer::UniqueIDBDatabase::didPerformUnconditionalDeleteBackingStore):
3727         (WebCore::IDBServer::UniqueIDBDatabase::didFinishHandlingVersionChange):
3728         (WebCore::IDBServer::UniqueIDBDatabase::connectionClosedFromClient):
3729         (WebCore::IDBServer::UniqueIDBDatabase::transactionCompleted):
3730         (WebCore::IDBServer::UniqueIDBDatabase::executeNextDatabaseTaskReply):
3731         (WebCore::IDBServer::UniqueIDBDatabase::maybeFinishHardClose):
3732         (WebCore::IDBServer::UniqueIDBDatabase::isDoneWithHardClose):
3733         (WebCore::IDBServer::UniqueIDBDatabase::doneWithHardClose): Deleted.
3734
3735         * Modules/indexeddb/server/UniqueIDBDatabase.h:
3736         (WebCore::IDBServer::UniqueIDBDatabase::hardClosedForUserDelete):
3737
3738         * Modules/indexeddb/server/UniqueIDBDatabaseConnection.cpp:
3739         (WebCore::IDBServer::UniqueIDBDatabaseConnection::didAbortTransaction):
3740
3741 2016-07-13  Brent Fulgham  <bfulgham@apple.com>
3742
3743         CSSStyleSheet members should clear their owner node when destroyed
3744         https://bugs.webkit.org/show_bug.cgi?id=117470
3745
3746         Reviewed by Chris Dumez.
3747
3748         Make sure that CSSStyleSheet members are detached from their owner node when
3749         the owning object is destroyed.
3750
3751         I audited other CSSStyleSheet uses, and found one other place where the owner node was not
3752         being cleared during destruction. The Inspector also uses CSSStyleSheet, but seems to
3753         handle the node ownership properly.
3754
3755         Fix based on a Blink change (patch by <haraken@chromium.org>):
3756         <https://chromium.googlesource.com/chromium/blink/+/c4949bfdeb2a613701afa1410bdae70531b8f6bf>
3757
3758         Also includes a follow-up fix (patch by <haraken@chromium.org>):
3759         <https://chromium.googlesource.com/chromium/blink/+/9c3932dc80b33429db3a5873cb266b726c8a19bf>
3760
3761         No test case. Was found by the Chromium team through review of their crash traces under minor DOM GC.
3762
3763         * contentextensions/ContentExtensionStyleSheet.cpp:
3764         (WebCore::ContentExtensions::ContentExtensionStyleSheet::~ContentExtensionStyleSheet):
3765         * contentextensions/ContentExtensionStyleSheet.h:
3766         * dom/InlineStyleSheetOwner.cpp:
3767         (WebCore::InlineStyleSheetOwner::~InlineStyleSheetOwner):
3768         (WebCore::authorStyleSheetsForElement):
3769
3770 2016-07-14  Csaba Osztrogonác  <ossy@webkit.org>
3771
3772         Fix the !ENABLE(WEB_SOCKETS) build after r202930
3773         https://bugs.webkit.org/show_bug.cgi?id=159768
3774
3775         Reviewed by Alex Christensen.
3776
3777         * loader/EmptyClients.cpp:
3778         * loader/EmptyClients.h:
3779         * page/SocketProvider.h:
3780         * workers/WorkerGlobalScope.cpp:
3781         (WebCore::WorkerGlobalScope::WorkerGlobalScope):
3782         * workers/WorkerThread.cpp:
3783         (WebCore::WorkerThread::WorkerThread):
3784
3785 2016-07-14  Youenn Fablet  <youenn@apple.com>
3786
3787         DOMIterators should be assigned a correct prototype
3788         https://bugs.webkit.org/show_bug.cgi?id=159115
3789
3790         Reviewed by Chris Dumez.
3791
3792         Default iterator object internal prototype property is the Iterator prototype as defined in
3793         http://heycam.github.io/webidl/#dfn-iterator-prototype-object.
3794         Linking DOMIterator prototype to IteratorPrototype.
3795         This allows adding @@iterator property to the result of entries, keys and values methods.
3796         This in turns allow doing for-of loops on them.
3797
3798         Covered by updated test.
3799
3800         * ForwardingHeaders/runtime/IteratorPrototype.h: Added.
3801         * bindings/js/JSDOMIterator.h: Setting correct prototype and marking next prototype property as enumerable.
3802
3803 2016-07-14  Youenn Fablet  <youenn@apple.com>
3804
3805         Remove support for value iterators from JSDOMIterator
3806         https://bugs.webkit.org/show_bug.cgi?id=159293
3807
3808         Reviewed by Chris Dumez.
3809
3810         Value iterators are now handled without using DOMIterator.
3811         Since FontFaceSet is using DOMIterator as an intermediate step towards supporting set-like,
3812         entries and forEach implementation should be made compliant with set-like.
3813         This means that item value should be passed instead of an index in entries iterator and forEach callback.
3814
3815         Covered by updated test.
3816
3817         * bindings/js/JSDOMIterator.h:
3818         (WebCore::JSDOMIterator<JSWrapper>::asJS): Pass set item as entries value field.
3819         (WebCore::appendForEachArguments): Pass set item as second parameter.
3820         (WebCore::iteratorForEach): Remove index handling.
3821
3822 2016-07-14  Csaba Osztrogonác  <ossy@webkit.org>
3823
3824         Fix the !ENABLE(MATHML) build after r201739
3825         https://bugs.webkit.org/show_bug.cgi?id=159767
3826
3827         Reviewed by Alex Christensen.
3828
3829         * dom/Document.cpp:
3830         (WebCore::Document::validateCustomElementName):
3831
3832 2016-07-14  Csaba Osztrogonác  <ossy@webkit.org>
3833
3834         Fix the !ENABLE(CSS_IMAGE_SET) build
3835         https://bugs.webkit.org/show_bug.cgi?id=159766
3836
3837         Reviewed by Alex Christensen.
3838
3839         * css/CSSParser.cpp:
3840
3841 2016-07-14  Frederic Wang  <fred.wang@free.fr>
3842
3843         Cleanup of MathML headers
3844         https://bugs.webkit.org/show_bug.cgi?id=159336
3845
3846         Reviewed by Alex Christensen.
3847
3848         We do some cleanup in MathML headers:
3849         - Use #pragma once
3850         - Use final for class that are not extended.
3851         - Use final instead of override for virtual members that are not overridden by derived classes.
3852         - Try and reduce the visibility of function members to private or protected as appropriate.
3853         - Remove useless #include
3854         - Remove useless class or friendship declaration
3855         - Remove unused functions
3856
3857         No new tests, behavior is unchanged.
3858
3859         * mathml/MathMLElement.h:
3860         * mathml/MathMLInlineContainerElement.h:
3861         * mathml/MathMLMathElement.h:
3862         * mathml/MathMLMencloseElement.h:
3863         * mathml/MathMLOperatorDictionary.h:
3864         * mathml/MathMLPaddedElement.h:
3865         * mathml/MathMLSelectElement.h:
3866         * mathml/MathMLSpaceElement.h:
3867         * mathml/MathMLTextElement.h:
3868         * rendering/mathml/MathOperator.h:
3869         * rendering/mathml/RenderMathMLBlock.h:
3870         * rendering/mathml/RenderMathMLFenced.h:
3871         * rendering/mathml/RenderMathMLFraction.h:
3872         * rendering/mathml/RenderMathMLMath.h:
3873         * rendering/mathml/RenderMathMLMenclose.h:
3874         * rendering/mathml/RenderMathMLOperator.h:
3875         * rendering/mathml/RenderMathMLRoot.h:
3876         * rendering/mathml/RenderMathMLRow.cpp:
3877         (WebCore::RenderMathMLRow::RenderMathMLRow): Deleted. We no longer create anonymous row.
3878         * rendering/mathml/RenderMathMLRow.h:
3879         * rendering/mathml/RenderMathMLScripts.h:
3880         * rendering/mathml/RenderMathMLSpace.h:
3881         * rendering/mathml/RenderMathMLToken.h:
3882         * rendering/mathml/RenderMathMLUnderOver.h:
3883
3884 2016-07-14  Alex Christensen  <achristensen@webkit.org>
3885
3886         Pass SessionID to WebSocketHandle constructor
3887         https://bugs.webkit.org/show_bug.cgi?id=159772
3888
3889         Reviewed by Brady Eidson.
3890
3891         No new tests.  No change in behavior.
3892
3893         * Modules/websockets/WebSocketChannel.cpp:
3894         (WebCore::WebSocketChannel::connect):
3895         * platform/network/cf/SocketStreamHandle.h:
3896         (WebCore::SocketStreamHandle::create):
3897         * platform/network/cf/SocketStreamHandleCFNet.cpp:
3898         (WebCore::SocketStreamHandle::SocketStreamHandle):
3899         * platform/network/curl/SocketStreamHandle.h:
3900         (WebCore::SocketStreamHandle::create):
3901         * platform/network/soup/SocketStreamHandle.h:
3902
3903 2016-07-14  Carlos Garcia Campos  <cgarcia@igalia.com>
3904
3905         [GLib] Use a GSource instead of a thread to poll memory pressure eventFD in linux implementation
3906         https://bugs.webkit.org/show_bug.cgi?id=159346
3907
3908         Reviewed by Antonio Gomes.
3909
3910         This is a follow up of r203216 to fix wrong use of Optional values.
3911
3912         * platform/linux/MemoryPressureHandlerLinux.cpp:
3913
3914 2016-07-14  Youenn Fablet  <youenn@apple.com>
3915
3916         DOM value iterable interfaces should use Array prototype methods
3917         https://bugs.webkit.org/show_bug.cgi?id=159296
3918
3919         Reviewed by Chris Dumez and Mark Lam.
3920
3921         Test: fast/dom/NodeList/nodelist-iterable.html
3922         Also covered by updated layout test and binding tests.
3923
3924         For value iterators, copy the iterator methods from Array prototype: as per https://heycam.github.io/webidl/#es-iterable,
3925         [re: entries] If the interface has a value iterator, then the Function object is the initial value of the "entries" data property of %ArrayPrototype% ([ECMA-262], section 6.1.7.4).
3926         [re: keys] If the interface has a value iterator, then the Function object is the initial value of the "keys" data property of %ArrayPrototype% ([ECMA-262], section 6.1.7.4).
3927         [re: forEach] If the interface defines an indexed property getter, then the Function object is the initial value of the "forEach" data property of %ArrayPrototype% ([ECMA-262], section 6.1.7.4).
3928         [re: Symbol.iterator] If the interface defines an indexed property getter, then the Function object is %ArrayProto_values% ([ECMA-262], section 6.1.7.4).
3929         [re: values] If the interface has a value iterator, then the Function object is the value of the @@iterator property.
3930
3931         This change applies only to NodeList at the moment.
3932         Copy of Array prototype iterator methods is disabled if the interface has no indexed getter.
3933
3934         * CMakeLists.txt:
3935         * ForwardingHeaders/builtins/BuiltinNames.h: Added.
3936         * ForwardingHeaders/builtins/JSCBuiltins.h: Added.
3937         * ForwardingHeaders/runtime/CommonIdentifiers.h: Added.
3938         * WebCore.xcodeproj/project.pbxproj:
3939         * bindings/js/JSDOMIterator.cpp: Added.
3940         (WebCore::addValueIterableMethods): Copy iterator methods from array prototype.
3941         * bindings/js/JSDOMIterator.h:
3942         * bindings/scripts/CodeGeneratorJS.pm:
3943         (GeneratePropertiesHashTable):
3944         (GenerateImplementation):
3945         (IsValueIterableInterface): Introduced to only copy iterator methods if the interface has an indexed getter.
3946         (IsKeyValueIterableInterface): Introduced to detect whether generating iterator methods.
3947         (GenerateImplementationIterableFunctions):
3948         * bindings/scripts/test/GObject/WebKitDOMTestIterable.cpp: Added.
3949         * bindings/scripts/test/GObject/WebKitDOMTestIterable.h: Added.
3950         * bindings/scripts/test/GObject/WebKitDOMTestIterablePrivate.h: Added.
3951         * bindings/scripts/test/JS/JSTestIterable.cpp: Added.
3952         * bindings/scripts/test/JS/JSTestIterable.h: Added.
3953         * bindings/scripts/test/JS/JSTestObj.cpp: Updated as TestObj defines both iterable<> and indexed getter.
3954         * bindings/scripts/test/ObjC/DOMTestIterable.h: Added.
3955         * bindings/scripts/test/ObjC/DOMTestIterable.mm: Added.
3956         * bindings/scripts/test/ObjC/DOMTestIterableInternal.h: Added.
3957         * bindings/scripts/test/TestIterable.idl: Added to handle the case of value iterator without indexed getter defined.
3958         Array prototype methods should not be copied.
3959         * bindings/scripts/test/TestObj.idl: Changing to be a value iterator (with indexed getter already defined).
3960         Array prototype methods should be copied.
3961
3962 2016-07-14  Youenn Fablet  <youenn@apple.com>
3963
3964         [Fetch API] Request and Response url getter should use URL serialization
3965         https://bugs.webkit.org/show_bug.cgi?id=159705
3966
3967         Reviewed by Alex Christensen.
3968
3969         Tests: fetch/fetch-url-serialization.html
3970                imported/w3c/web-platform-tests/fetch/api/basic/response-url-worker.html
3971                imported/w3c/web-platform-tests/fetch/api/basic/response-url.html
3972
3973         Implementing https://url.spec.whatwg.org/#concept-url-serializer and applying it to Request and Response getter.
3974         Adding a temporary routine to compute url cannot-be-a-base-url flag. The parsing routine should store that
3975         information in the URL itself.
3976
3977         Added tests to cover serialization routine. Failing tests are mostly due to limitations of the URL parser.
3978         Tests do not check f