Unreviewed, fix the iOS build after r231779
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2018-05-14  Wenson Hsieh  <wenson_hsieh@apple.com>
2
3         Unreviewed, fix the iOS build after r231779
4
5         Also address a minor in-person review comment by returning "extrazoom" instead of the empty string.
6
7         * page/DisabledAdaptations.cpp:
8         (WebCore::extraZoomModeAdaptationName):
9
10 2018-05-14  Zalan Bujtas  <zalan@apple.com>
11
12         [LFC] FormattingContext:computeOutOfFlowNonReplacedHeight/Width should use the computed margins/paddings/borders
13         https://bugs.webkit.org/show_bug.cgi?id=185633
14
15         Reviewed by Sam Weinig.
16
17         By the time we start computing height and width, DisplayBox should already have the computed values for margin/padding/border.
18
19         * layout/FormattingContext.cpp:
20         (WebCore::Layout::FormattingContext::computeOutOfFlowNonReplacedHeight const):
21         (WebCore::Layout::FormattingContext::computeOutOfFlowNonReplacedWidth const):
22         * layout/displaytree/DisplayBox.h:
23         (WebCore::Display::Box::paddingTop const):
24         (WebCore::Display::Box::paddingLeft const):
25         (WebCore::Display::Box::paddingBottom const):
26         (WebCore::Display::Box::paddingRight const):
27         (WebCore::Display::Box::borderTop const):
28         (WebCore::Display::Box::borderLeft const):
29         (WebCore::Display::Box::borderBottom const):
30         (WebCore::Display::Box::borderRight const):
31
32 2018-05-14  Wenson Hsieh  <wenson_hsieh@apple.com>
33
34         [Extra zoom mode] Google search results are excessively zoomed in
35         https://bugs.webkit.org/show_bug.cgi?id=185347
36         <rdar://problem/39999778>
37
38         Reviewed by Tim Horton.
39
40         It turns out that basing minimum layout size and shrink-to-fit behaviors off of the `shrink-to-fit` viewport
41         argument poses compatibility risks with web pages that already specify `shrink-to-fit` to opt out of default
42         viewport shrinking behaviors in 1/3 multitasking mode on iPad.
43
44         One way to resolve this is to introduce a new viewport meta content attribute to disable viewport heuristics in
45         extra zoom mode. However, combined shrink-to-fit and minimum device width behaviors are difficult to describe
46         using a single backwards-compatible viewport meta content attribute, and the need to suppress the default
47         behavior of `shrink-to-fit=no` if such an attribute is not disabled further muddles our viewport story.
48
49         After some internal deliberation, we’ve decided to experiment with a new meta tag named "disabled-adaptations".
50         The content of this meta tag is a comma-separated list of adaptation names; if an adaptation name matches a
51         known adaptation type (for instance, extra zoom mode), we disable the class of behaviors used to adapt web
52         content. The first and only known adaptation type is extra zoom mode, which affects `shrink-to-fit` and layout
53         size adjustments.
54
55         See per-method changes below for more details.
56
57         Test: fast/viewport/extrazoom/viewport-disable-extra-zoom-adaptations.html
58
59         * Sources.txt:
60         * WebCore.xcodeproj/project.pbxproj:
61         * dom/Document.cpp:
62         (WebCore::Document::processDisabledAdaptations):
63         * dom/Document.h:
64         (WebCore::Document::disabledAdaptations const):
65
66         Add disabled adaptations to Document. Changes to disabled adaptations are not propagated if the parsed disabled
67         adaptation types don't change; upon changing adaptation types, notify the client to adjust for the new disabled
68         adaptations (currently, this only affects the viewport configuration).
69
70         * dom/ViewportArguments.h:
71         * html/HTMLMetaElement.cpp:
72         (WebCore::HTMLMetaElement::process):
73         * html/parser/HTMLPreloadScanner.cpp:
74         (WebCore::TokenPreloadScanner::StartTagScanner::StartTagScanner):
75         (WebCore::TokenPreloadScanner::StartTagScanner::processAttributes):
76         (WebCore::TokenPreloadScanner::StartTagScanner::processAttribute):
77         * loader/FrameLoader.cpp:
78         (WebCore::FrameLoader::commitProvisionalLoad):
79
80         Restore the set of disabled adaptations when restoring a page from the cache.
81
82         * page/Chrome.cpp:
83         (WebCore::Chrome::dispatchDisabledAdaptationsDidChange const):
84         * page/Chrome.h:
85         * page/ChromeClient.h:
86
87         Add plumbing for changes to the set of disabled adaptations.
88
89         * page/DisabledAdaptations.cpp: Added.
90         (WebCore::extraZoomModeAdaptationName):
91         * page/DisabledAdaptations.h: Added.
92
93         Introduce a header containing a new enum for the extra zoom mode adaptation, as well as a helper function to
94         return the extra zoom mode adaptation name.
95
96         * page/Page.cpp:
97         (WebCore::Page::disabledAdaptations const):
98
99         Returns the mainframe's set of adaptations to disable.
100
101         * page/Page.h:
102         * page/RemoteFrame.h:
103         * page/RuntimeEnabledFeatures.h:
104         (WebCore::RuntimeEnabledFeatures::setDisabledAdaptationsMetaTagEnabled):
105         (WebCore::RuntimeEnabledFeatures::disabledAdaptationsMetaTagEnabled const):
106
107         Add a new runtime feature to gate handling the "disabled-adaptations" meta tag.
108
109         * page/ViewportConfiguration.cpp:
110         (WebCore::shouldOverrideShrinkToFitArgument):
111         (WebCore::needsUpdateAfterChangingDisabledAdaptations):
112         (WebCore::ViewportConfiguration::setDisabledAdaptations):
113         (WebCore::ViewportConfiguration::shouldOverrideDeviceWidthAndShrinkToFit const):
114
115         Consult whether or not extra zoom mode adaptations are disabled, instead of the shrink-to-fit attribute value.
116
117         (WebCore::ViewportConfiguration::updateConfiguration):
118         * page/ViewportConfiguration.h:
119
120         Add an OptionSet of disabled adaptation types to ViewportConfiguration. Updates to the adaptation type are
121         propagated to the ViewportConfiguration from Document, through the ChromeClient and the client layer (refer to
122         changes in WebKit). Once the OptionSet is changed, we recompute the viewport configuration only if needed by the
123         platform.
124
125         (WebCore::ViewportConfiguration::viewLayoutSize const):
126         (WebCore::ViewportConfiguration::disabledAdaptations const):
127         * page/WindowFeatures.cpp:
128         (WebCore::parseDisabledAdaptations):
129         * page/WindowFeatures.h:
130
131         Add a new helper to parse the meta content of a "disabled-adaptations" tag as an OptionSet of disabled
132         adaptation types. The string is parsed by first splitting on the comma character, and then iterating over lower
133         case, whitespace-stripped tokens to look for known adaptation names. So far, only extra zoom mode is supported.
134
135         * testing/Internals.cpp:
136         (WebCore::Internals::extraZoomModeAdaptationName const):
137         * testing/Internals.h:
138         * testing/Internals.idl:
139
140         Expose the extra zoom mode adaptation name to the DOM, only when running layout tests.
141
142 2018-05-14  Joanmarie Diggs  <jdiggs@igalia.com>
143
144         AX: Listbox and Combobox roles embedded in labels should participate in name calculation
145         https://bugs.webkit.org/show_bug.cgi?id=185521
146
147         Reviewed by Chris Fleizach.
148
149         Take selected children into account when computing the name in accessibleNameForNode.
150         Add ListBox to the roles for which accessibleNameDerivesFromContent returns false so
151         that native select elements with size > 1 are treated the same way as ARIA listbox.
152         Also add ListBox to the roles which are treated as controls when used in ARIA. Finally,
153         prevent labels which contain unrelated controls from being used as an AXTitleUIElement.
154         This causes us to build a string from the label and its descendants, ensuring the latter
155         participate in the name calculation.
156
157         Test: accessibility/text-alternative-calculation-from-listbox.html
158
159         * accessibility/AccessibilityLabel.cpp:
160         (WebCore::childrenContainUnrelatedControls):
161         (WebCore::AccessibilityLabel::containsUnrelatedControls const):
162         * accessibility/AccessibilityLabel.h:
163         * accessibility/AccessibilityNodeObject.cpp:
164         (WebCore::accessibleNameForNode):
165         * accessibility/AccessibilityObject.cpp:
166         (WebCore::AccessibilityObject::accessibleNameDerivesFromContent const):
167         (WebCore::AccessibilityObject::isARIAControl):
168         * accessibility/AccessibilityRenderObject.cpp:
169         (WebCore::AccessibilityRenderObject::exposesTitleUIElement const):
170         (WebCore::AccessibilityRenderObject::computeAccessibilityIsIgnored const):
171
172 2018-05-14  Antoine Quint  <graouts@apple.com>
173
174         [Web Animations] Tests using the new animation engine may crash under WebCore::FrameView::didDestroyRenderTree when using internals methods
175         https://bugs.webkit.org/show_bug.cgi?id=185612
176         <rdar://problem/39579344>
177
178         Reviewed by Dean Jackson.
179
180         Add a new internals.pseudoElement() method to obtain a pseudo element matching a given pseudo-id. This is necessary to be able to move off
181         internals.pauseTransitionAtTimeOnPseudoElement() and internals.pauseAnimationAtTimeOnPseudoElement() for Web Animations testing.
182
183         * testing/Internals.cpp:
184         (WebCore::Internals::pseudoElement):
185         * testing/Internals.h:
186         * testing/Internals.idl:
187
188 2018-05-14  Antoine Quint  <graouts@apple.com>
189
190         REGRESSION (r230574): Interrupted hardware transitions don't behave correctly
191         https://bugs.webkit.org/show_bug.cgi?id=185299
192         <rdar://problem/39630230>
193
194         Reviewed by Simon Fraser.
195
196         In r230574, the fix for webkit.org/b/184518, we changed the processing order in GraphicsLayerCA::updateAnimations() to first
197         process m_uncomittedAnimations and then m_animationsToProcess, so we are guaranteed animations exist before we attempt to pause
198         or seek them. This broke interrupting and resuming hardware animations (such as an interrupted CSS Transition or an animation
199         running in a non-visible tab) since a pause operation recorded _before_ an animation was added would be paused anyway since
200         the animation was now first added, and then paused. The fix is simply to clear any pending AnimationProcessingAction for a
201         newly-uncommitted animation.
202
203         Test: transitions/interrupted-transition-hardware.html
204
205         * platform/graphics/ca/GraphicsLayerCA.cpp:
206         (WebCore::GraphicsLayerCA::createAnimationFromKeyframes):
207         (WebCore::GraphicsLayerCA::appendToUncommittedAnimations):
208         (WebCore::GraphicsLayerCA::createTransformAnimationsFromKeyframes):
209         * platform/graphics/ca/GraphicsLayerCA.h:
210         (WebCore::GraphicsLayerCA::LayerPropertyAnimation::LayerPropertyAnimation):
211
212 2018-05-14  Thibault Saunier  <tsaunier@igalia.com>
213
214         [GStreamer] Fix style issue in MediaPlayerPrivateGStreamerBase
215         https://bugs.webkit.org/show_bug.cgi?id=185510
216
217         Reviewed by Philippe Normand.
218
219         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:629:  More than one command on the same line  [whitespace/newline] [4]
220         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:684:  More than one command on the same line  [whitespace/newline] [4]
221         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:807:  More than one command on the same line  [whitespace/newline] [4]
222
223         Indentation and style issue fixed only.
224
225         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
226         (WebCore::MediaPlayerPrivateGStreamerBase::volumeChangedCallback):
227         (WebCore::MediaPlayerPrivateGStreamerBase::muteChangedCallback):
228         (WebCore::MediaPlayerPrivateGStreamerBase::triggerRepaint):
229
230 2018-05-14  Zalan Bujtas  <zalan@apple.com>
231
232         [LFC] Implement height computation for non-replaced out of flow elements.
233         https://bugs.webkit.org/show_bug.cgi?id=185585
234
235         Reviewed by Antti Koivisto.
236
237         * layout/FormattingContext.cpp:
238         (WebCore::Layout::FormattingContext::computeHeight const):
239         (WebCore::Layout::FormattingContext::computeOutOfFlowHeight const):
240         (WebCore::Layout::FormattingContext::layoutOutOfFlowDescendants const):
241         (WebCore::Layout::FormattingContext::computeOutOfFlowNonReplacedHeight const):
242         (WebCore::Layout::FormattingContext::computeHeightForBlockFormattingContextRootWithAutoHeight const):
243         * layout/FormattingContext.h:
244         * layout/blockformatting/BlockFormattingContext.h:
245         * layout/displaytree/DisplayBox.h:
246
247 2018-05-14  Manuel Rego Casasnovas  <rego@igalia.com>
248
249         Renaming of overrides in LayoutBox
250         https://bugs.webkit.org/show_bug.cgi?id=185609
251
252         Reviewed by Javier Fernandez.
253
254         The names of the methods for the overrides were not consistent,
255         this patch fixes it by using the same structure in all the cases.
256
257         No new tests, no change of behavior.
258
259         * rendering/GridLayoutFunctions.cpp:
260         (WebCore::GridLayoutFunctions::hasOverrideContainingBlockContentSizeForChild):
261         * rendering/GridTrackSizingAlgorithm.cpp:
262         (WebCore::GridTrackSizingAlgorithmStrategy::logicalHeightForChild const):
263         * rendering/RenderBlock.cpp:
264         (WebCore::RenderBlock::computeChildPreferredLogicalWidths const):
265         (WebCore::RenderBlock::availableLogicalHeightForPercentageComputation const):
266         * rendering/RenderBlockFlow.cpp:
267         (WebCore::RenderBlockFlow::fitBorderToLinesIfNeeded):
268         * rendering/RenderBlockLineLayout.cpp:
269         (WebCore::RenderBlockFlow::updateRubyForJustifiedText):
270         * rendering/RenderBox.cpp:
271         (WebCore::RenderBox::willBeDestroyed):
272         (WebCore::RenderBox::hasOverrideContentLogicalHeight const):
273         (WebCore::RenderBox::hasOverrideContentLogicalWidth const):
274         (WebCore::RenderBox::setOverrideContentLogicalHeight):
275         (WebCore::RenderBox::setOverrideContentLogicalWidth):
276         (WebCore::RenderBox::clearOverrideContentLogicalHeight):
277         (WebCore::RenderBox::clearOverrideContentLogicalWidth):
278         (WebCore::RenderBox::clearOverrideContentSize):
279         (WebCore::RenderBox::overrideContentLogicalWidth const):
280         (WebCore::RenderBox::overrideContentLogicalHeight const):
281         (WebCore::RenderBox::overrideContainingBlockContentLogicalWidth const):
282         (WebCore::RenderBox::overrideContainingBlockContentLogicalHeight const):
283         (WebCore::RenderBox::hasOverrideContainingBlockContentLogicalWidth const):
284         (WebCore::RenderBox::hasOverrideContainingBlockContentLogicalHeight const):
285         (WebCore::RenderBox::setOverrideContainingBlockContentLogicalWidth):
286         (WebCore::RenderBox::setOverrideContainingBlockContentLogicalHeight):
287         (WebCore::RenderBox::clearOverrideContainingBlockContentSize):
288         (WebCore::RenderBox::clearOverrideContainingBlockContentLogicalHeight):
289         (WebCore::RenderBox::containingBlockLogicalWidthForContent const):
290         (WebCore::RenderBox::containingBlockLogicalHeightForContent const):
291         (WebCore::RenderBox::perpendicularContainingBlockLogicalHeight const):
292         (WebCore::RenderBox::computeLogicalWidthInFragment const):
293         (WebCore::RenderBox::computeLogicalHeight const):
294         (WebCore::RenderBox::computePercentageLogicalHeight const):
295         (WebCore::RenderBox::computeReplacedLogicalHeightUsing const):
296         (WebCore::RenderBox::availableLogicalHeightUsing const):
297         (WebCore::RenderBox::containingBlockLogicalWidthForPositioned const):
298         (WebCore::RenderBox::containingBlockLogicalHeightForPositioned const):
299         * rendering/RenderBox.h:
300         * rendering/RenderBoxModelObject.cpp:
301         (WebCore::RenderBoxModelObject::hasAutoHeightOrContainingBlockWithAutoHeight const):
302         * rendering/RenderDeprecatedFlexibleBox.cpp:
303         (WebCore::contentWidthForChild):
304         (WebCore::contentHeightForChild):
305         (WebCore::gatherFlexChildrenInfo):
306         (WebCore::RenderDeprecatedFlexibleBox::layoutHorizontalBox):
307         (WebCore::RenderDeprecatedFlexibleBox::layoutVerticalBox):
308         (WebCore::RenderDeprecatedFlexibleBox::applyLineClamp):
309         (WebCore::RenderDeprecatedFlexibleBox::clearLineClamp):
310         * rendering/RenderFlexibleBox.cpp:
311         (WebCore::RenderFlexibleBox::computeInnerFlexBaseSizeForChild):
312         (WebCore::RenderFlexibleBox::crossSizeForPercentageResolution):
313         (WebCore::RenderFlexibleBox::mainSizeForPercentageResolution):
314         (WebCore::RenderFlexibleBox::constructFlexItem):
315         (WebCore::RenderFlexibleBox::setOverrideMainAxisContentSizeForChild):
316         (WebCore::RenderFlexibleBox::applyStretchAlignmentToChild):
317         * rendering/RenderFullScreen.cpp:
318         (WebCore::RenderFullScreen::unwrapRenderer):
319         * rendering/RenderGrid.cpp:
320         (WebCore::RenderGrid::layoutBlock):
321         (WebCore::RenderGrid::layoutGridItems):
322         (WebCore::RenderGrid::applyStretchAlignmentToChildIfNeeded):
323         * rendering/RenderRubyBase.cpp:
324         (WebCore::RenderRubyBase::adjustInlineDirectionLineBounds const):
325         * rendering/RenderTableCell.cpp:
326         (WebCore::RenderTableCell::setOverrideContentLogicalHeightFromRowHeight):
327         * rendering/RenderTableCell.h:
328         * rendering/RenderTableSection.cpp:
329         (WebCore::RenderTableSection::calcRowLogicalHeight):
330         (WebCore::RenderTableSection::relayoutCellIfFlexed):
331
332 2018-05-14  Zalan Bujtas  <zalan@apple.com>
333
334         [LFC] Implement width computation for non-replaced out of flow elements.
335         https://bugs.webkit.org/show_bug.cgi?id=185598
336
337         Reviewed by Antti Koivisto.
338
339         * layout/FormattingContext.cpp:
340         (WebCore::Layout::FormattingContext::computeWidth const):
341         (WebCore::Layout::FormattingContext::computeOutOfFlowWidth const):
342         (WebCore::Layout::FormattingContext::layoutOutOfFlowDescendants const):
343         (WebCore::Layout::FormattingContext::computeOutOfFlowNonReplacedWidth const):
344         (WebCore::Layout::FormattingContext::shrinkToFitWidth const):
345         * layout/FormattingContext.h:
346         * layout/blockformatting/BlockFormattingContext.cpp:
347         (WebCore::Layout::BlockFormattingContext::layout const):
348         * layout/displaytree/DisplayBox.h:
349
350 2018-05-14  Zan Dobersek  <zdobersek@igalia.com>
351
352         Drop the m_compositorTexture member variable in TextureMapperGC3DPlatformLayer.
353         It's not used at all inside the class or outside it.
354
355         Rubber-stamped by Michael Catanzaro.
356
357         * platform/graphics/texmap/TextureMapperGC3DPlatformLayer.h:
358
359 2018-05-14  Zan Dobersek  <zdobersek@igalia.com>
360
361         [GTK] REGRESSION(r231170) Build broken with Clang 5.0
362         https://bugs.webkit.org/show_bug.cgi?id=185198
363
364         Reviewed by Michael Catanzaro.
365
366         Avoid gperf files using the register keyword which has been made
367         reserved and as such unusable in C++17.
368
369         * css/makeSelectorPseudoClassAndCompatibilityElementMap.py:
370         * css/makeSelectorPseudoElementsMap.py:
371         * css/makeprop.pl:
372         * css/makevalues.pl:
373         * platform/ColorData.gperf:
374         * platform/ReferrerPolicy.h: With std::optional forward declaration
375         gone, explicitly include the WTF Optional.h header.
376         * platform/Theme.h: Ditto.
377         * platform/network/create-http-header-name-table:
378
379 2018-05-14  Commit Queue  <commit-queue@webkit.org>
380
381         Unreviewed, rolling out r219515.
382         https://bugs.webkit.org/show_bug.cgi?id=185603
383
384         It sometimes makes AudioUnitInitialize call to fail in
385         CoreAudioCaptureSource (Requested by youenn on #webkit).
386
387         Reverted changeset:
388
389         "Remove CoreAudioCaptureSource speaker configuration"
390         https://bugs.webkit.org/show_bug.cgi?id=174512
391         https://trac.webkit.org/changeset/219515
392
393 2018-05-13  Dirk Schulze  <krit@webkit.org>
394
395         Implement SVGGeometryElement's isPointInFill and isPointInStroke
396         https://bugs.webkit.org/show_bug.cgi?id=185580
397
398         Reviewed by Antti Koivisto.
399
400         Implement isPointInFill and isPointInStroke methods for
401         SVGGeometryElement interface from SVG2.
402
403         https://svgwg.org/svg2-draft/types.html#InterfaceSVGGeometryElement
404
405         Tests: svg/dom/SVGGeometry-isPointInFill.xhtml
406                svg/dom/SVGGeometry-isPointInStroke.xhtml
407
408         * rendering/svg/RenderSVGEllipse.cpp:
409         (WebCore::RenderSVGEllipse::shapeDependentStrokeContains): Flag
410                 to switch between local and "global" coordinate space for hit testing.
411         * rendering/svg/RenderSVGEllipse.h:
412         * rendering/svg/RenderSVGPath.cpp:
413         (WebCore::RenderSVGPath::shapeDependentStrokeContains): Flag
414                 to switch between local and "global" coordinate space for hit testing.
415         * rendering/svg/RenderSVGPath.h:
416         * rendering/svg/RenderSVGRect.cpp:
417         (WebCore::RenderSVGRect::shapeDependentStrokeContains): Flag
418                 to switch between local and "global" coordinate space for hit testing.
419         * rendering/svg/RenderSVGRect.h:
420         * rendering/svg/RenderSVGShape.cpp:
421         (WebCore::RenderSVGShape::shapeDependentStrokeContains): Flag
422                 to switch between local and "global" coordinate space for hit testing.
423         (WebCore::RenderSVGShape::isPointInFill): Take the winding rule given by
424                 `fill-rule` to test if a given point is in the fill area of a path.
425         (WebCore::RenderSVGShape::isPointInStroke): Take stroke properties into
426                 account to check if a point is on top of the stroke area.
427         * rendering/svg/RenderSVGShape.h:
428         * svg/SVGGeometryElement.cpp:
429         (WebCore::SVGGeometryElement::isPointInFill):
430         (WebCore::SVGGeometryElement::isPointInStroke):
431         (WebCore::SVGGeometryElement::createElementRenderer): Deleted. This is getting implemented
432                 by inheriting classes. No need to create RenderSVGPath here.
433         * svg/SVGGeometryElement.h:
434         * svg/SVGGeometryElement.idl:
435
436 2018-05-12  Zalan Bujtas  <zalan@apple.com>
437
438         Use WeakPtr for m_enclosingPaginationLayer in RenderLayer
439         https://bugs.webkit.org/show_bug.cgi?id=185566
440         <rdar://problem/36486052>
441
442         Reviewed by Simon Fraser.
443
444         Since RenderLayer does not own the enclosing pagination layout, it should
445         construct a weak pointer instead of holding on to a raw pointer.
446
447         Unable to create a reliably reproducible test case.
448
449         * page/mac/EventHandlerMac.mm:
450         (WebCore::scrollableAreaForEventTarget):
451         (WebCore::scrollableAreaForContainerNode):
452         (WebCore::EventHandler::platformPrepareForWheelEvents):
453         * platform/ScrollableArea.h:
454         (WebCore::ScrollableArea::weakPtrFactory const):
455         (WebCore::ScrollableArea::createWeakPtr): Deleted.
456         * rendering/RenderLayer.cpp:
457         (WebCore::RenderLayer::RenderLayer):
458         (WebCore::RenderLayer::updatePagination):
459         * rendering/RenderLayer.h:
460
461 2018-05-11  Daniel Bates  <dabates@apple.com>
462
463         X-Frame-Options: SAMEORIGIN needs to check all ancestor frames
464         https://bugs.webkit.org/show_bug.cgi?id=185567
465         <rdar://problem/40175008>
466
467         Reviewed by Brent Fulgham.
468
469         Change the behavior of "X-Frame-Options: SAMEORIGIN" to ensure that all ancestors frames
470         are same-origin with the document that delivered this header. This prevents an intermediary
471         malicious frame from clickjacking a child frame whose document is same-origin with the top-
472         level frame. It also makes the behavior of X-Frame-Options in WebKit more closely match
473         the behavior of X-Frame-Options in other browsers, including Chrome and Firefox.
474         
475         Currently a document delivered with "X-Frame-Options: SAMEORIGIN" must only be same-origin
476         with the top-level frame's document in order to be displayed. This prevents clickjacking by
477         a malicious page that embeds a page delivered with "X-Frame-Options: SAMEORIGIN". However,
478         it does not protect against clickjacking of the "X-Frame-Options: SAMEORIGIN" page (victim)
479         if embedded by an intermediate malicious iframe, say a "rogue ad", that was embedded in a
480         document same origin with the victim page. We should protect against such attacks. 
481
482         Tests: http/tests/security/XFrameOptions/x-frame-options-ancestors-same-origin-allow.html
483                http/tests/security/XFrameOptions/x-frame-options-ancestors-same-origin-deny.html
484
485         * loader/FrameLoader.cpp:
486         (WebCore::FrameLoader::shouldInterruptLoadForXFrameOptions):
487
488 2018-05-11  Daniel Bates  <dabates@apple.com>
489
490         [iOS] Text decoration of dragged content does not paint with opacity
491         https://bugs.webkit.org/show_bug.cgi?id=185551
492         <rdar://problem/40166867>
493
494         Reviewed by Wenson Hsieh.
495
496         Respect alpha when painting the text decoration for dragged content.
497
498         * rendering/InlineTextBox.cpp:
499         (WebCore::InlineTextBox::MarkedTextStyle::areDecorationMarkedTextStylesEqual): Consider alpha when
500         comparing decoration styles for equality so that we do not coalesce styles with differing alpha.
501         (WebCore::InlineTextBox::paintMarkedTextDecoration): Respect alpha when painting dragged content.
502
503 2018-05-11  Nan Wang  <n_wang@apple.com>
504
505         AX: In role=dialog elements with aria-modal=true VoiceOver iOS/macOS can't manually focus or read dialog paragraph description text inside the modal.
506         https://bugs.webkit.org/show_bug.cgi?id=185219
507         <rdar://problem/39920009>
508
509         Reviewed by Chris Fleizach.
510
511         The text node descendants of a modal dialog are ignored. Fixed it by using AccessibilityObject's 
512         node() to determine if it's the descendant of the modal dialog node.
513
514         Test: accessibility/aria-modal-text-descendants.html
515
516         * accessibility/AccessibilityObject.cpp:
517         (WebCore::AccessibilityObject::isModalDescendant const):
518
519 2018-05-11  Ryosuke Niwa  <rniwa@webkit.org>
520
521         Tapping after CSS-based table casues an infinite loop in wordRangeFromPosition
522         https://bugs.webkit.org/show_bug.cgi?id=185465
523         <rdar://problem/35263057>
524
525         Reviewed by Antti Koivisto.
526
527         The bug was caused by TextIterator not emitting a line break when exiting a CSS-based table when an element
528         with `display: table-row` has an invisible text node. Specifically, TextIterator::exitNode is never called on
529         an element with `table-cell: row` when m_node is a text node with whitespaces which appears after an element
530         with `display: table-cell`.
531
532         For example, for a tree structure like:
533         table-row (R)
534           table-cell (C)
535             "text" (1)
536           " " (2)
537         Getting out of (C) would result in moving onto (2) without generating a line break for (R).
538
539         When this happens in nextBoundary as it tries to find the end of the last word in the table cell, we end up
540         finding the end of the document as the end of the word. As a result, nextWordBoundaryInDirection, the caller
541         of nextBoundary, ends up infinite looping between the positon at the end of the document and the position
542         immediately before the last word in the last table cell when it traverses words backwards.
543
544         This patch fixes the hang by addressing this root cause in TextIterator. Namely, TextIterator now generates
545         a line break when exiting a block while walking up ancestors in TextIterator::advance().
546
547         Tests: editing/selection/tapping-in-table-at-end-of-document.html
548                editing/text-iterator/table-at-end-of-document.html
549
550         * editing/TextIterator.cpp:
551         (WebCore::TextIterator::advance): Fixed the bug.
552         (WebCore::shouldEmitNewlineAfterNode): Do generate a new line at the end of a document when we're trying to
553         generate every visible poitions even there are no renderers beyond this point. e.g. a position inside the
554         last cell of a table at the end of a document hits this condition.
555         (WebCore::shouldEmitExtraNewlineForNode): Don't emit a line break when the render box's height is 0px
556         to avoid generating many empty lines for empty paragraph and header elements (this function is used to generate
557         a blank line between p's and h1/h2/...'s).
558         (WebCore::TextIterator::exitNode):
559
560 2018-05-11  Dean Jackson  <dino@apple.com>
561
562         System preview badge doesn't show on <picture> elements
563         https://bugs.webkit.org/show_bug.cgi?id=185559
564         <rdar://problem/40150066>
565
566         Reviewed by Tim Horton.
567
568         We should also identify <img>s that are the child of a <picture>
569         contained inside the appropriate <a> element.
570
571         Tested internally, since the badge is platform specific.
572
573         * html/HTMLImageElement.cpp:
574         (WebCore::HTMLImageElement::isSystemPreviewImage const): Add logic
575         to look for <picture> parents.
576
577 2018-05-11  Chris Dumez  <cdumez@apple.com>
578
579         REGRESSION (async policy delegate): Revoking an object URL immediately after triggering download breaks file download
580         https://bugs.webkit.org/show_bug.cgi?id=185531
581         <rdar://problem/39909589>
582
583         Reviewed by Geoffrey Garen.
584
585         Whenever we start an asynchronous navigation policy decision for a blob URL, create a temporary
586         blob URL pointing to the same data, and update the request's URL. This way, if the page's JS revokes
587         the URL during the policy decision, the load will still succeed.
588
589         Test: fast/dom/HTMLAnchorElement/anchor-file-blob-download-then-revoke.html
590
591         * loader/DocumentLoader.cpp:
592         (WebCore::DocumentLoader::willSendRequest):
593         * loader/FrameLoader.cpp:
594         (WebCore::FrameLoader::loadURL):
595         (WebCore::FrameLoader::load):
596         (WebCore::FrameLoader::loadPostRequest):
597         * loader/PolicyChecker.cpp:
598         (WebCore::PolicyChecker::extendBlobURLLifetimeIfNecessary const):
599         (WebCore::PolicyChecker::checkNavigationPolicy):
600         (WebCore::PolicyChecker::checkNewWindowPolicy):
601         * loader/PolicyChecker.h:
602
603 2018-05-11  Antti Koivisto  <antti@apple.com>
604
605         LinkLoader fails to remove CachedResourceClient in some cases
606         https://bugs.webkit.org/show_bug.cgi?id=185553
607         <rdar://problem/36879656>
608
609         Reviewed by Geoffrey Garen.
610
611         Test: http/tests/preload/link-preload-client-remove.html
612
613         * loader/LinkLoader.cpp:
614         (WebCore::LinkLoader::loadLink):
615
616         If there is a link preload already in progress, we fail to clear the client for the ongoing load.
617         This may leave the CachedResource client map in a bad state.
618
619 2018-05-11  Charles Vazac  <cvazac@gmail.com>
620
621         Runtime feature flag for Server-Timing
622         https://bugs.webkit.org/show_bug.cgi?id=184758
623
624         Reviewed by Youenn Fablet.
625
626         * Source/WebCore/CMakeLists.txt: Added reference to PerformanceServerTiming.idl.
627         * Source/WebCore/DerivedSources.make: Added reference to PerformanceServerTiming.idl.
628         * Source/WebCore/Sources.txt: Added reference to PerformanceServerTiming.cpp and JSPerformanceServerTiming.cpp.
629         * Source/WebCore/WebCore.xcodeproj/project.pbxproj: Added references to PerformanceServerTiming.cpp, PerformanceServerTiming.h, and PerformanceServerTiming.idl.
630         * Source/WebCore/bindings/js/WebCoreBuiltinNames.h: Added PerformanceServerTiming.
631         * Source/WebCore/page/PerformanceResourceTiming.h: Added serverTiming member.
632         * Source/WebCore/page/PerformanceResourceTiming.idl: Added serverTiming attribute.
633         * Source/WebCore/page/PerformanceServerTiming.cpp: Added.
634         * Source/WebCore/page/PerformanceServerTiming.h: Added.
635         * Source/WebCore/page/PerformanceServerTiming.idl: Added.
636
637 2018-05-11  Brady Eidson  <beidson@apple.com>
638
639         Make sure history navigations reuse the existing process when necessary.
640         <rdar://problem/39746516> and https://bugs.webkit.org/show_bug.cgi?id=185532
641
642         Reviewed by Ryosuke Niwa.
643
644         Covered by new API tests.
645
646         In WebCore-land, make sure *all* NavigationActions to a back/forward item are tagged with
647         the item identifier.
648
649         * history/HistoryItem.cpp:
650         (WebCore::HistoryItem::HistoryItem):
651         (WebCore::HistoryItem::logString const):
652         * history/HistoryItem.h:
653
654         * loader/FrameLoader.cpp:
655         (WebCore::FrameLoader::loadDifferentDocumentItem):
656
657         * loader/NavigationAction.cpp:
658         (WebCore::NavigationAction::setTargetBackForwardItem):
659
660         * loader/NavigationAction.h:
661         (WebCore::NavigationAction::targetBackForwardItemIdentifier const):
662
663 2018-05-11  Yacine Bandou  <yacine.bandou_ext@softathome.com>
664
665         [EME][GStreamer] Handle the protection event in MediaPlayerPrivate
666         https://bugs.webkit.org/show_bug.cgi?id=185535
667
668         Reviewed by Xabier Rodriguez-Calvar.
669
670         This patch is based on this calvaris's commit
671         https://github.com/WebPlatformForEmbedded/WPEWebKit/commit/d966168b0d2b65f9ca9415426e26d3752c78b03e
672
673         It adds a handler for the protection event in MediaPalyerPrivateGStreamerBase, it extracts the InitData from the event
674         and sends the encrypted event to JS via HTMLMediaElement.
675         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
676         (WebCore::MediaPlayerPrivateGStreamerBase::initializationDataEncountered):
677         (WebCore::MediaPlayerPrivateGStreamerBase::handleProtectionEvent):
678         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
679         * platform/graphics/gstreamer/eme/GStreamerEMEUtilities.h: Add a new type InitData.
680
681 2018-05-11  Basuke Suzuki  <Basuke.Suzuki@sony.com>
682
683         [Curl] Make the cipher suites, the signing algorithms and the curve lists configurable.
684         https://bugs.webkit.org/show_bug.cgi?id=185139
685
686         Add interface to configure the cipher suites, the signing algorithms and the curve lists 
687         used by OpenSSL and libcurl to exchange, to sign or to verify keys.
688
689         Reviewed by Youenn Fablet.
690
691         No new tests in public. Have tested internally.
692
693         * platform/network/curl/CurlContext.cpp:
694         (WebCore::CurlHandle::setSslCipherList):
695         * platform/network/curl/CurlContext.h:
696         * platform/network/curl/CurlRequest.cpp:
697         (WebCore::CurlRequest::setupTransfer):
698         (WebCore::CurlRequest::willSetupSslCtx):
699         * platform/network/curl/CurlSSLHandle.cpp:
700         (WebCore::CurlSSLHandle::getCACertPathEnv):
701         * platform/network/curl/CurlSSLHandle.h:
702         (WebCore::CurlSSLHandle::getCipherList const):
703         (WebCore::CurlSSLHandle::getSignatureAlgorithmsList const):
704         (WebCore::CurlSSLHandle::getCurvesList const):
705         (WebCore::CurlSSLHandle::setCipherList):
706         (WebCore::CurlSSLHandle::setSignatureAlgorithmsList):
707         (WebCore::CurlSSLHandle::setCurvesList):
708         (WebCore::CurlSSLHandle::getCACertPath const):
709         (WebCore::CurlSSLHandle::setCACertPath):
710         * platform/network/curl/CurlSSLVerifier.cpp:
711         (WebCore::CurlSSLVerifier::CurlSSLVerifier):
712
713 2018-05-10  Daniel Bates  <dabates@apple.com>
714
715         Use PlatformStrategies to switch between WebKit and WebKitLegacy checking of CSP frame-ancestors and X-Frame-Options
716         https://bugs.webkit.org/show_bug.cgi?id=185412
717
718         Reviewed by Ryosuke Niwa.
719
720         Consolidate the knowledge on how to determine whether security checks were performed on a ResourceResponse
721         into LoaderStrategy::havePerformedSecurityChecks() (default implementation returns false) and query it
722         to determine whether CSP frame-ancestors and X-Frame-Options need to be checked for a ResourceResponse.
723
724         Additionally, rename LoaderStrategy::isDoingLoadingSecurityChecks() to shouldPerformSecurityChecks()
725         for consistency with havePerformedSecurityChecks(). Querying shouldPerformSecurityChecks() answers the
726         question of whether the loader strategy is responsible for performing security checks when building up
727         a ResourceRequest to have the loader strategy load. And LoaderStrategy::havePerformedSecurityChecks()
728         is used to determine whether the loader strategy performed these security checks for a given ResourceResponse.
729
730         * inspector/agents/InspectorNetworkAgent.cpp:
731         (WebCore::InspectorNetworkAgent::didReceiveResponse):
732         (WebCore::InspectorNetworkAgent::didFinishLoading):
733         (WebCore::isResponseProbablyComingFromNetworkProcess): Deleted.
734         * loader/DocumentLoader.cpp:
735         (WebCore::DocumentLoader::responseReceived):
736         * loader/DocumentThreadableLoader.cpp:
737         (WebCore::shouldPerformSecurityChecks):
738         (WebCore::DocumentThreadableLoader::shouldSetHTTPHeadersToKeep const):
739         (WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequest):
740         (WebCore::DocumentThreadableLoader::makeSimpleCrossOriginAccessRequest):
741         (WebCore::DocumentThreadableLoader::redirectReceived):
742         (WebCore::DocumentThreadableLoader::didFail):
743         (WebCore::DocumentThreadableLoader::loadRequest):
744         (WebCore::isDoingSecurityChecksInNetworkProcess): Deleted.
745         (WebCore::isResponseComingFromNetworkProcess): Deleted.
746         * loader/LoaderStrategy.cpp:
747         * loader/LoaderStrategy.h:
748         * page/Settings.yaml: Remove setting networkProcessCSPFrameAncestorsCheckingEnabled as we now make
749         use of the loader strategy to determine whether to perform CSP frame-ancestors and X-Frame-Options
750         checking in DocumentLoader.
751         * platform/network/ResourceResponseBase.h:
752         (WebCore::ResourceResponseBase::setSource): Added an ASSERT to catch the programming error of setting
753         source to ResourceResponse::Source::Unknown. This source type represents an uninitialized ResourceResponse.
754
755 2018-05-10  Tim Horton  <timothy_horton@apple.com>
756
757         Lookup sometimes shows a second yellow highlight on top of WebKit's TextIndicator
758         https://bugs.webkit.org/show_bug.cgi?id=185538
759         <rdar://problem/38817825>
760
761         Reviewed by Sam Weinig.
762
763         * editing/mac/DictionaryLookup.mm:
764         (WebCore::showPopupOrCreateAnimationController):
765         Options can be nil, in which case we can't mutableCopy it and add
766         LUTermOptionDisableSearchTermIndicator. Instead, create a new dictionary,
767         and add the items from options, if it's not nil.
768
769 2018-05-10  Matt Baker  <mattbaker@apple.com>
770
771         Web Inspector: ASSERT_NOT_REACHED in PageDebuggerAgent::didAddEventListener when page adds attribute event listener
772         https://bugs.webkit.org/show_bug.cgi?id=181580
773         <rdar://problem/36461309>
774
775         Reviewed by Brian Burg.
776
777         EventTarget should pass newly added EventListeners to InspectorInstrumentation,
778         instead of PageDebuggerAgent assuming the last item in the EventListenerVector
779         is the most recently added listener. This assumption does not hold when
780         the new listener replaces an existing listener.
781
782         * dom/EventTarget.cpp:
783         (WebCore::EventTarget::addEventListener):
784         (WebCore::EventTarget::setAttributeEventListener):
785
786         * inspector/InspectorInstrumentation.cpp:
787         (WebCore::InspectorInstrumentation::didAddEventListenerImpl):
788
789         * inspector/InspectorInstrumentation.h:
790         (WebCore::InspectorInstrumentation::didAddEventListener):
791
792         * inspector/agents/page/PageDebuggerAgent.cpp:
793         (WebCore::PageDebuggerAgent::didAddEventListener):
794         * inspector/agents/page/PageDebuggerAgent.h:
795
796 2018-05-10  Chris Dumez  <cdumez@apple.com>
797
798         'Cross-Origin-Options header implementation follow-up
799         https://bugs.webkit.org/show_bug.cgi?id=185520
800
801         Reviewed by Ryosuke Niwa.
802
803         * dom/Document.cpp:
804         * dom/Document.h:
805         * loader/FrameLoader.cpp:
806         (WebCore::FrameLoader::didBeginDocument):
807         Using isNull() check is sufficient here as the header parsing
808         function will do the right thing when passed the empty string.
809         Also set the options directly on the window instead of the
810         document. The window is guaranteed to have been constructed
811         by then because didBeginDocument() is called DocumentWriter::begin()
812         which calls Document::createDOMWindow() or Document::takeDOMWindowFrom().
813
814         * page/AbstractDOMWindow.cpp:
815         (WebCore::AbstractDOMWindow::AbstractDOMWindow):
816         * page/AbstractDOMWindow.h:
817         * page/DOMWindow.cpp:
818         (WebCore::DOMWindow::DOMWindow):
819         (WebCore::DOMWindow::didSecureTransitionTo):
820         * page/RemoteDOMWindow.cpp:
821         (WebCore::RemoteDOMWindow::RemoteDOMWindow):
822         * page/RemoteDOMWindow.h:
823         CrossOriginOptions are now stored only on the Window, not the Document.
824
825         * platform/network/HTTPParsers.cpp:
826         (WebCore::parseCrossOriginOptionsHeader):
827         Drop strippedHeader local variable as it is not strictly needed.
828
829 2018-05-10  Tim Horton  <timothy_horton@apple.com>
830
831         Fix the build after r231393
832         https://bugs.webkit.org/show_bug.cgi?id=185519
833         <rdar://problem/40131741>
834
835         Reviewed by Simon Fraser.
836
837         * Configurations/WebCore.xcconfig:
838
839 2018-05-10  Eric Carlson  <eric.carlson@apple.com>
840
841         Log missing cues correctly
842         https://bugs.webkit.org/show_bug.cgi?id=185499
843         <rdar://problem/40113821>
844
845         Reviewed by Daniel Bates.
846
847         No new tests, tested manually.
848
849         * html/track/InbandGenericTextTrack.cpp:
850         (WebCore::InbandGenericTextTrack::removeGenericCue): Log the cue we searched for, not
851         the NULL cue.
852
853 2018-05-10  Zalan Bujtas  <zalan@apple.com>
854
855         [LFC] Implement height computation for non-replaced inflow elements.
856         https://bugs.webkit.org/show_bug.cgi?id=185474
857
858         Reviewed by Antti Koivisto.
859
860         Initial implementation. Does not cover all the cases.
861
862         * layout/FormattingContext.cpp:
863         (WebCore::Layout::FormattingContext::computeHeight const):
864         * layout/FormattingContext.h:
865         * layout/blockformatting/BlockFormattingContext.cpp:
866         (WebCore::Layout::BlockFormattingContext::layout const):
867         (WebCore::Layout::BlockFormattingContext::computeInFlowHeight const):
868         (WebCore::Layout::BlockFormattingContext::computeInFlowNonReplacedHeight const):
869         * layout/blockformatting/BlockFormattingContext.h:
870         * layout/blockformatting/BlockMarginCollapse.cpp:
871         (WebCore::Layout::collapsedMarginBottomFromLastChild):
872         (WebCore::Layout::BlockMarginCollapse::isMarginBottomCollapsedWithParent):
873         (WebCore::Layout::BlockMarginCollapse::isMarginTopCollapsedWithParentMarginBottom):
874         (WebCore::Layout::isMarginBottomCollapsedWithParent): Deleted.
875         * layout/blockformatting/BlockMarginCollapse.h:
876         * layout/inlineformatting/InlineFormattingContext.cpp:
877         (WebCore::Layout::InlineFormattingContext::computeInFlowHeight const):
878         * layout/inlineformatting/InlineFormattingContext.h:
879         * layout/layouttree/LayoutBox.cpp:
880         (WebCore::Layout::Box::isReplaced const):
881         * layout/layouttree/LayoutBox.h:
882
883 2018-05-10  Thibault Saunier  <tsaunier@igalia.com>
884
885         [GTK] Implement ImageBuffer::toBGRAData
886         https://bugs.webkit.org/show_bug.cgi?id=185511
887
888         Reviewed by Michael Catanzaro.
889
890         This was never implemented but will be required for the MediaStream API
891         tests.
892
893         * platform/graphics/ImageBuffer.cpp:
894         (WebCore::ImageBuffer::toBGRAData const):
895         * platform/graphics/cg/ImageBufferCG.cpp:
896         (WebCore::ImageBuffer::toBGRAData const):
897         * platform/graphics/gtk/ImageBufferGtk.cpp:
898         (WebCore::ImageBuffer::toBGRAData const):
899
900 2018-05-10  Yacine Bandou  <yacine.bandou_ext@softathome.com>
901
902         [EME][GStreamer] Add a handler for GStreamer protection event
903         https://bugs.webkit.org/show_bug.cgi?id=185245
904
905         Reviewed by Xabier Rodriguez-Calvar.
906
907         Qtdemux sends the protection event when encountered a new PSSH box (encrypted content).
908
909         The Decryptor is moved from AppendPipeline to PlaybackPipeline (see https://bugs.webkit.org/show_bug.cgi?id=181855),
910         thus the protection event is no longer handled because the Decryptor is not in the same pipeline as qtdemux.
911
912         AppendPipeline: httpsrc-->qtdemux-->appsink
913         PlaybackPipeline: appsrc-->parser--> decryptor-->decoder-->sink
914
915         This patch attaches a probe to the sink pad of the appsink in the appendPipeline in order to
916         catch and manage the protection event.
917
918         * platform/graphics/gstreamer/mse/AppendPipeline.cpp:
919         (WebCore::AppendPipeline::AppendPipeline):
920         (WebCore::AppendPipeline::~AppendPipeline):
921         (WebCore::appendPipelineAppsinkPadEventProbe):
922         * platform/graphics/gstreamer/mse/AppendPipeline.h:
923         (WebCore::AppendPipeline::playerPrivate):
924
925 2018-05-10  Yacine Bandou  <yacine.bandou_ext@softathome.com>
926
927         [EME][GStreamer] Move the decryptor from AppendPipeline to PlaybackPipeline.
928         https://bugs.webkit.org/show_bug.cgi?id=181855
929
930         Reviewed by Xabier Rodriguez-Calvar.
931
932         The goal of this move is to handle the limitation of SVP (Secure Video Path) memory size.
933
934         When the decryptor is in the AppendPipeline and we use SVP, we buffer in MediaSource queue
935         the decrypted GstBuffers that are in SVP memory.
936         This behavior cause an out-of-memory error, because we are limited in SVP memory size.
937
938         By moving the decryptor in PlaybackPipeline, we avoid to buffer the decrypted GstBuffers
939         which use the SVP memory and we buffer the encrypted GstBuffers that are in system memory.
940
941         This new architecture also allows to start the buffering before obtaining the DRM license
942         and it makes easier to manage dynamic change of the license or Key.
943
944         The decryptor is auto plugged by GStreamer playbin in PlaybackPipeline.
945
946         SVP: Secure Video Path also named trusted or protected video path, it is a memory which is
947         protected by a hardware access control engine, it is not accessible to other unauthorised
948         software or hardware components.
949
950         Tests:
951             media/encrypted-media/clearKey/clearKey-cenc-audio-playback-mse.html
952             media/encrypted-media/clearKey/clearKey-cenc-video-playback-mse.html
953
954         * platform/graphics/gstreamer/eme/WebKitCommonEncryptionDecryptorGStreamer.cpp:
955         (webkitMediaCommonEncryptionDecryptSinkEventHandler):
956         * platform/graphics/gstreamer/mse/AppendPipeline.cpp:
957         (WebCore::dumpAppendState):
958         (WebCore::AppendPipeline::AppendPipeline):
959         (WebCore::AppendPipeline::handleNeedContextSyncMessage):
960         (WebCore::AppendPipeline::handleAppsrcNeedDataReceived):
961         (WebCore::AppendPipeline::setAppendState):
962         (WebCore::AppendPipeline::parseDemuxerSrcPadCaps):
963         (WebCore::AppendPipeline::appsinkNewSample):
964         (WebCore::AppendPipeline::connectDemuxerSrcPadToAppsinkFromAnyThread):
965         (WebCore::AppendPipeline::disconnectDemuxerSrcPadFromAppsinkFromAnyThread):
966         (WebCore::appendPipelineElementMessageCallback): Deleted.
967         (WebCore::AppendPipeline::handleElementMessage): Deleted.
968         (WebCore::AppendPipeline::dispatchPendingDecryptionStructure): Deleted.
969         (WebCore::AppendPipeline::dispatchDecryptionStructure): Deleted.
970         * platform/graphics/gstreamer/mse/AppendPipeline.h:
971         * platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:
972         (WebCore::MediaPlayerPrivateGStreamerMSE::attemptToDecryptWithInstance):
973         * platform/graphics/gstreamer/mse/PlaybackPipeline.cpp:
974
975 2018-05-09  Nan Wang  <n_wang@apple.com>
976
977         AX: VoiceOver iframe scrolling focus jumping bug
978         https://bugs.webkit.org/show_bug.cgi?id=176615
979         <rdar://problem/34333067>
980
981         Reviewed by Chris Fleizach.
982
983         Scrolling to make elements visible is not working correctly for elements inside an
984         offscreen iframe. Fixed it by using RenderLayer::scrollRectToVisible() to handle
985         scrolling more properly.
986
987         Test: accessibility/scroll-to-make-visible-iframe-offscreen.html
988
989         * accessibility/AccessibilityObject.cpp:
990         (WebCore::AccessibilityObject::scrollToMakeVisible const):
991
992 2018-05-09  Joanmarie Diggs  <jdiggs@igalia.com>
993
994         AX: accessibleNameForNode should simplify whitespace when using innerText
995         https://bugs.webkit.org/show_bug.cgi?id=185498
996
997         Reviewed by Chris Fleizach.
998
999         Test: accessibility/text-alternative-calculation-from-unrendered-table.html
1000
1001         Call simplifyWhiteSpace() before returning the innerText value.
1002
1003         * accessibility/AccessibilityNodeObject.cpp:
1004         (WebCore::accessibleNameForNode):
1005
1006 2018-05-09  Chris Dumez  <cdumez@apple.com>
1007
1008         Add initial support for 'Cross-Origin-Options' HTTP response header
1009         https://bugs.webkit.org/show_bug.cgi?id=184996
1010         <rdar://problem/39664620>
1011
1012         Reviewed by Geoff Garen.
1013
1014         Add initial support for 'Cross-Origin-Options' HTTP response header behind an experimental
1015         feature flag, on by default. When the HTTP server services this HTTP response header for a
1016         main resource, we'll set these options on the corresponding Document. This will impact the
1017         behavior of the Document's associated Window API when cross-origin.
1018
1019         The HTTP header has 3 possible values:
1020         - allow: This is the default. Regular cross-origin Window API is available.
1021         - allow-postmessage: Only postMessage() is available on a cross-origin window, trying to
1022           access anything else will throw a SecurityError.
1023         - deny: Trying to do anything with a cross-origin window will throw a SecurityError.
1024
1025         The header has no effect when accessing same origin windows.
1026
1027         Note that on cross-origin access from Window A to Window B, we check the cross-origin
1028         options for both Window A and Window B and use the lowest common denominator as effective
1029         cross-origin options for the access. So if Window A has 'Cross-Origin-Options: deny' and
1030         tries to call postMessage() on Window B which has 'Cross-Origin-Options: allow-postmessage',
1031         we will throw a SecurityError. This is because Window A's more restrictive options (deny)
1032         apply.
1033
1034         Tests: http/wpt/cross-origin-options/allow-postmessage-from-deny.html
1035                http/wpt/cross-origin-options/allow-postmessage.html
1036                http/wpt/cross-origin-options/cross-origin-options-header.html
1037
1038         * bindings/js/JSDOMBindingSecurity.cpp:
1039         (WebCore::BindingSecurity::shouldAllowAccessToDOMWindowGivenMinimumCrossOriginOptions):
1040         * bindings/js/JSDOMBindingSecurity.h:
1041         * bindings/js/JSDOMWindowCustom.cpp:
1042         (WebCore::effectiveCrossOriginOptionsForAccess):
1043         (WebCore::jsDOMWindowGetOwnPropertySlotRestrictedAccess):
1044         (WebCore::JSDOMWindow::getOwnPropertySlot):
1045         (WebCore::JSDOMWindow::getOwnPropertySlotByIndex):
1046         (WebCore::addCrossOriginWindowPropertyNames):
1047         (WebCore::addScopedChildrenIndexes):
1048         (WebCore::addCrossOriginWindowOwnPropertyNames):
1049         (WebCore::JSDOMWindow::getOwnPropertyNames):
1050         * bindings/js/JSDOMWindowCustom.h:
1051         * bindings/js/JSRemoteDOMWindowCustom.cpp:
1052         (WebCore::JSRemoteDOMWindow::getOwnPropertySlot):
1053         (WebCore::JSRemoteDOMWindow::getOwnPropertySlotByIndex):
1054         (WebCore::JSRemoteDOMWindow::getOwnPropertyNames):
1055         * bindings/scripts/CodeGeneratorJS.pm:
1056         (GenerateAttributeGetterBodyDefinition):
1057         (GetCrossOriginsOptionsFromExtendedAttributeValue):
1058         (GenerateAttributeSetterBodyDefinition):
1059         (GenerateOperationBodyDefinition):
1060         * bindings/scripts/IDLAttributes.json:
1061         * dom/Document.cpp:
1062         (WebCore::Document::setCrossOriginOptions):
1063         * dom/Document.h:
1064         (WebCore::Document::crossOriginOptions const):
1065         * loader/FrameLoader.cpp:
1066         (WebCore::FrameLoader::didBeginDocument):
1067         * page/AbstractDOMWindow.cpp:
1068         (WebCore::AbstractDOMWindow::AbstractDOMWindow):
1069         * page/AbstractDOMWindow.h:
1070         (WebCore::AbstractDOMWindow::crossOriginOptions):
1071         (WebCore::AbstractDOMWindow::setCrossOriginOptions):
1072         * page/DOMWindow.cpp:
1073         (WebCore::DOMWindow::DOMWindow):
1074         (WebCore::DOMWindow::didSecureTransitionTo):
1075         * page/DOMWindow.idl:
1076         * page/Frame.h:
1077         * page/RemoteDOMWindow.cpp:
1078         (WebCore::RemoteDOMWindow::RemoteDOMWindow):
1079         * page/RemoteDOMWindow.h:
1080         * page/Settings.yaml:
1081         * platform/network/HTTPHeaderNames.in:
1082         * platform/network/HTTPParsers.cpp:
1083         (WebCore::parseCrossOriginOptionsHeader):
1084         * platform/network/HTTPParsers.h:
1085
1086 2018-05-09  Ryosuke Niwa  <rniwa@webkit.org>
1087
1088         Release assert in TreeScopeOrderedMap::remove via HTMLImageElement::removedFromAncestor
1089         https://bugs.webkit.org/show_bug.cgi?id=185493
1090
1091         Reviewed by Brent Fulgham.
1092
1093         Fixed the bug that HTMLImageElement::removedFromAncestor and HTMLMapElement::removedFromAncestor
1094         were calling removeImageElementByUsemap on the document instead of the shadow tree from which it was removed.
1095
1096         Test: fast/images/imagemap-in-shadow-tree-removed.html
1097
1098         * html/HTMLImageElement.cpp:
1099         (WebCore::HTMLImageElement::removedFromAncestor):
1100         * html/HTMLMapElement.cpp:
1101         (WebCore::HTMLMapElement::removedFromAncestor):
1102
1103 2018-05-09  Joanmarie Diggs  <jdiggs@igalia.com>
1104
1105         AX: Hidden nodes which are not directly referenced should not participate name/description from content
1106         https://bugs.webkit.org/show_bug.cgi?id=185478
1107
1108         Reviewed by Chris Fleizach.
1109
1110         Add a check to AccessibilityNodeObject::textUnderElement() and return early
1111         if the node is hidden, not referenced by aria-labelledby or aria-describedby,
1112         not an HTMLLabelElement, and not fallback content for an HTMLCanvasElement.
1113
1114         Test: accessibility/text-alternative-calculation-hidden-nodes.html
1115
1116         * accessibility/AccessibilityNodeObject.cpp:
1117         (WebCore::AccessibilityNodeObject::textUnderElement const):
1118
1119 2018-05-09  Eric Carlson  <eric.carlson@apple.com>
1120
1121         Update MediaSession to use release logging
1122         https://bugs.webkit.org/show_bug.cgi?id=185376
1123         <rdar://problem/40022203>
1124
1125         Reviewed by Youenn Fablet.
1126
1127         No new tests, tested manually.
1128
1129         * Modules/mediastream/MediaStream.h: hostingDocument() doesn't need to return a const Document.
1130         * Modules/webaudio/AudioContext.cpp:
1131         (WebCore::AudioContext::hostingDocument const): Ditto.
1132         * Modules/webaudio/AudioContext.h:
1133
1134         * html/HTMLMediaElement.h: Ditto.
1135
1136         * html/MediaElementSession.cpp:
1137         (WebCore::MediaElementSession::MediaElementSession):
1138         (WebCore::MediaElementSession::addBehaviorRestriction):
1139         (WebCore::MediaElementSession::removeBehaviorRestriction):
1140         (WebCore::MediaElementSession::dataLoadingPermitted const):
1141         (WebCore::MediaElementSession::fullscreenPermitted const):
1142         (WebCore::MediaElementSession::pageAllowsDataLoading const):
1143         (WebCore::MediaElementSession::pageAllowsPlaybackAfterResuming const):
1144         (WebCore::MediaElementSession::canShowControlsManager const):
1145         (WebCore::MediaElementSession::showPlaybackTargetPicker):
1146         (WebCore::MediaElementSession::hasWirelessPlaybackTargets const):
1147         (WebCore::MediaElementSession::wirelessVideoPlaybackDisabled const):
1148         (WebCore::MediaElementSession::setWirelessVideoPlaybackDisabled):
1149         (WebCore::MediaElementSession::setHasPlaybackTargetAvailabilityListeners):
1150         (WebCore::MediaElementSession::externalOutputDeviceAvailableDidChange):
1151         (WebCore::MediaElementSession::setShouldPlayToPlaybackTarget):
1152         (WebCore::MediaElementSession::mediaEngineUpdated):
1153         (WebCore::MediaElementSession::willLog const): Deleted.
1154         (WebCore::MediaElementSession::logger const): Deleted.
1155         (WebCore::MediaElementSession::logIdentifier const): Deleted.
1156         (WebCore::MediaElementSession::logChannel const): Deleted.
1157         * html/MediaElementSession.h:
1158
1159         * platform/audio/PlatformMediaSession.cpp:
1160         (WebCore::nextLogIdentifier):
1161         (WebCore::convertEnumerationToString):
1162         (WebCore::PlatformMediaSession::PlatformMediaSession):
1163         (WebCore::PlatformMediaSession::setState):
1164         (WebCore::PlatformMediaSession::beginInterruption):
1165         (WebCore::PlatformMediaSession::endInterruption):
1166         (WebCore::PlatformMediaSession::clientWillBeginAutoplaying):
1167         (WebCore::PlatformMediaSession::clientWillPausePlayback):
1168         (WebCore::PlatformMediaSession::pauseSession):
1169         (WebCore::PlatformMediaSession::stopSession):
1170         (WebCore::PlatformMediaSession::clientDataBufferingTimerFired):
1171         (WebCore::PlatformMediaSession::logChannel const):
1172         (WebCore::stateName): Deleted.
1173         (WebCore::interruptionName): Deleted.
1174         * platform/audio/PlatformMediaSession.h:
1175         (WTF::LogArgument<WebCore::PlatformMediaSession::State>::toString):
1176         (WTF::LogArgument<WebCore::PlatformMediaSession::InterruptionType>::toString):
1177
1178 2018-05-09  Thibault Saunier  <tsaunier@igalia.com>
1179
1180         [GStreamer] Never call updateTracks if running on legacy pipeline
1181         https://bugs.webkit.org/show_bug.cgi?id=184581
1182
1183         This makes sure failling code path is never reached in the conditions where it should not have been reached.
1184
1185         Reviewed by Philippe Normand.
1186
1187         Re enables all tests that were disabled after fixing.
1188
1189         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
1190         (WebCore::MediaPlayerPrivateGStreamer::handleMessage):
1191
1192 2018-05-09  Daniel Bates  <dabates@apple.com>
1193
1194         REGRESSION (r231479): http/tests/appcache/x-frame-options-prevents-framing.php is timing out
1195         https://bugs.webkit.org/show_bug.cgi?id=185443
1196         <rdar://problem/40100660>
1197
1198         Reviewed by Andy Estes.
1199
1200         Following r231479 when using WebKit2 and Restricted HTTP Response Access is enabled (enabled in
1201         WebKitTestRunner) we only check the CSP frame-ancestors directive and X-Frame-Options in
1202         NetworkProcess. We need to check these security requirements in WebContent process whenever
1203         we are performing a substitute data load, such as for app cache, as these loads do not go
1204         through NetworkProcess.
1205
1206         * loader/DocumentLoader.cpp:
1207         (WebCore::DocumentLoader::responseReceived):
1208
1209 2018-05-09  Justin Fan  <justin_fan@apple.com>
1210
1211         Hooked up ASTC support in WebGL; requires OpenGL ES 3 context to work. 
1212         https://bugs.webkit.org/show_bug.cgi?id=185272
1213         <rdar://problem/15745737>
1214
1215         Reviewed by Dean Jackson.
1216
1217         Also added in Khronos' ASTC test from version 1.0.4 beta of their conformance test suite,
1218         although again, this requires OpenGL ES 3 context for WebKit to detect proper support.
1219
1220         Test: fast/canvas/webgl/webgl-compressed-texture-astc.html
1221
1222         * DerivedSources.make:
1223         * Sources.txt:
1224         * WebCore.xcodeproj/project.pbxproj:
1225         * bindings/js/JSDOMConvertWebGL.cpp:
1226         (WebCore::convertToJSValue):
1227         * html/canvas/WebGL2RenderingContext.cpp:
1228         (WebCore::WebGL2RenderingContext::getExtension):
1229         (WebCore::WebGL2RenderingContext::getSupportedExtensions):
1230         * html/canvas/WebGLCompressedTextureASTC.cpp: Added.
1231         (WebCore::WebGLCompressedTextureASTC::WebGLCompressedTextureASTC):
1232         (WebCore::WebGLCompressedTextureASTC::getName const):
1233         (WebCore::WebGLCompressedTextureASTC::supported):
1234         (WebCore::WebGLCompressedTextureASTC::getSupportedProfiles):
1235         * html/canvas/WebGLCompressedTextureASTC.h: Added.
1236         * html/canvas/WebGLCompressedTextureASTC.idl: Added.
1237         * html/canvas/WebGLExtension.h:
1238         * html/canvas/WebGLRenderingContext.cpp:
1239         (WebCore::WebGLRenderingContext::getExtension):
1240         (WebCore::WebGLRenderingContext::getSupportedExtensions):
1241         * html/canvas/WebGLRenderingContextBase.cpp:
1242         (WebCore::WebGLRenderingContextBase::validateCompressedTexFuncData):
1243         (WebCore::WebGLRenderingContextBase::validateCompressedTexDimensions):
1244         * html/canvas/WebGLRenderingContextBase.h:
1245         * platform/graphics/Extensions3D.h:
1246
1247 2018-05-09  Youenn Fablet  <youenn@apple.com>
1248
1249         Allow WebResourceLoader to cancel a load served from a service worker
1250         https://bugs.webkit.org/show_bug.cgi?id=185274
1251
1252         Reviewed by Chris Dumez.
1253
1254         Add support for cancelling a fetch from WebProcess to service worker process.
1255         Use FetchIdentifier instead of uint64_t.
1256
1257         * Modules/fetch/FetchIdentifier.h: Added.
1258         * WebCore.xcodeproj/project.pbxproj:
1259         * workers/service/context/ServiceWorkerFetch.h:
1260         * workers/service/context/ServiceWorkerThreadProxy.cpp:
1261         (WebCore::ServiceWorkerThreadProxy::startFetch):
1262         (WebCore::ServiceWorkerThreadProxy::cancelFetch):
1263         * workers/service/context/ServiceWorkerThreadProxy.h:
1264
1265 2018-05-09  Thibault Saunier  <tsaunier@igalia.com>
1266
1267         [GStreamer] Fix style issue in MediaPlayerPrivateGStreamer
1268         https://bugs.webkit.org/show_bug.cgi?id=185479
1269
1270         Reviewed by Philippe Normand.
1271
1272         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:114:  Multi line control clauses should use braces.  [whitespace/braces] [4]
1273         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:194:  Multi line control clauses should use braces.  [whitespace/braces] [4]
1274         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:398:  One line control clauses should not use braces.  [whitespace/braces] [4]
1275         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:440:  One line control clauses should not use braces.  [whitespace/braces] [4]
1276         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:806:  More than one command on the same line  [whitespace/newline] [4]
1277         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:869:  More than one command on the same line  [whitespace/newline] [4]
1278         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:880:  More than one command on the same line  [whitespace/newline] [4]
1279         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:940:  More than one command on the same line  [whitespace/newline] [4]
1280         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:1102:  Multi line control clauses should use braces.  [whitespace/braces] [4]
1281         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:1109:  Multi line control clauses should use braces.  [whitespace/braces] [4]
1282
1283         Indentation and style issue fixed only.
1284
1285         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
1286         (WebCore::MediaPlayerPrivateGStreamer::registerMediaEngine):
1287         (WebCore::MediaPlayerPrivateGStreamer::~MediaPlayerPrivateGStreamer):
1288         (WebCore::MediaPlayerPrivateGStreamer::changePipelineState):
1289         (WebCore::MediaPlayerPrivateGStreamer::play):
1290         (WebCore::MediaPlayerPrivateGStreamer::videoChangedCallback):
1291         (WebCore::MediaPlayerPrivateGStreamer::videoSinkCapsChangedCallback):
1292         (WebCore::MediaPlayerPrivateGStreamer::audioChangedCallback):
1293         (WebCore::MediaPlayerPrivateGStreamer::textChangedCallback):
1294         (WebCore::MediaPlayerPrivateGStreamer::buffered const):
1295         (WebCore::MediaPlayerPrivateGStreamer::loadNextLocation):
1296
1297 2018-05-09  Daniel Bates  <dabates@apple.com>
1298
1299         REGRESSION (r231479): com.apple.WebCore crash in WebCore::DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied()
1300         https://bugs.webkit.org/show_bug.cgi?id=185475
1301         <rdar://problem/40093853>
1302
1303         Reviewed by Andy Estes.
1304
1305         DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() must extends its lifetime
1306         until completion as dispatching a DOM load event at the associated frame can cause JavaScript execution
1307         that can do anything, including destroying the loader that dispatched the event.
1308
1309         Following r231479 DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() is now
1310         invoked by both DocumentLoader::responseReceived() and WebResourceLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied().
1311         The latter only can happen when using WebKit2 and the experimental feature Restricted HTTP Response Access
1312         is enabled (RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess()). Unlike DocumentLoader::responseReceived()
1313         WebResourceLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() does not take out a ref
1314         on the DocumentLoader before invoking DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied().
1315         Therefore, DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() can cause its
1316         own destruction as a result of dispatching a DOM load event at the frame. We should take out a ref on
1317         the DocumentLoader when executing DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied().
1318
1319         * loader/DocumentLoader.cpp:
1320         (WebCore::DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied):
1321
1322 2018-05-09  Tim Horton  <timothy_horton@apple.com>
1323
1324         Fix the build by ignoring some deprecation warnings
1325
1326         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
1327         (WebCore::MediaPlayerPrivateAVFoundationObjC::setShouldDisableSleep):
1328
1329 2018-05-09  Michael Catanzaro  <mcatanzaro@igalia.com>
1330
1331         [WPE] Build cleanly with GCC 8 and ICU 60
1332         https://bugs.webkit.org/show_bug.cgi?id=185462
1333
1334         Reviewed by Carlos Alberto Lopez Perez.
1335
1336         * PlatformGTK.cmake: Include directories are in the wrong place.
1337         * accessibility/AXObjectCache.cpp: Silence -Wclass-memaccess problems and leave warnings.
1338         (WebCore::AXObjectCache::startOrEndTextMarkerDataForRange):
1339         (WebCore::AXObjectCache::textMarkerDataForCharacterOffset):
1340         (WebCore::AXObjectCache::textMarkerDataForVisiblePosition):
1341         (WebCore::AXObjectCache::textMarkerDataForFirstPositionInTextControl):
1342         * css/CSSFontFace.cpp: Silence -Wfallthrough
1343         (WebCore::CSSFontFace::fontLoadTiming const):
1344         * css/CSSSelectorList.cpp: Silence -Wclass-memaccess, this one is intentional.
1345         (WebCore::CSSSelectorList::adoptSelectorVector):
1346         * editing/TextIterator.cpp: Silence ICU deprecation warnings.
1347         * platform/Length.h:
1348         (WebCore::Length::operator=): More -Wclass-memaccess, looks benign.
1349         * platform/graphics/Gradient.cpp:
1350         (WebCore::Gradient::hash const): -Wclass-memaccess again. Leave a warning.
1351         * platform/graphics/SurrogatePairAwareTextIterator.cpp: Silence ICU deprecation warnings.
1352         * platform/graphics/cairo/FontCairoHarfbuzzNG.cpp:
1353         (WebCore::FontCascade::fontForCombiningCharacterSequence const): Silence ICU deprecation.
1354         * platform/graphics/freetype/FontCustomPlatformDataFreeType.cpp:
1355         (WebCore::FontCustomPlatformData::FontCustomPlatformData): Silence -Wcast-function-type.
1356         * platform/graphics/freetype/SimpleFontDataFreeType.cpp:
1357         (WebCore::Font::canRenderCombiningCharacterSequence const): Silence ICU deprecation.
1358         * platform/graphics/gstreamer/GstAllocatorFastMalloc.cpp:
1359         (gstAllocatorFastMallocMemUnmap): Fix -Wcast-function-type.
1360         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
1361         (WebCore::MediaPlayerPrivateGStreamer::updateTracks): Fix bad printf.
1362         (WebCore::MediaPlayerPrivateGStreamer::enableTrack): Another bad printf.
1363         (WebCore::findHLSQueue): Fix -Wcast-function-type.
1364         * platform/graphics/gstreamer/eme/WebKitClearKeyDecryptorGStreamer.cpp:
1365         (webKitMediaClearKeyDecryptorDecrypt): Fix another bad printf.
1366         * platform/network/soup/SocketStreamHandleImplSoup.cpp: Silence -Wcast-function-type.
1367         (WebCore::SocketStreamHandleImpl::beginWaitingForSocketWritability):
1368         * platform/text/TextEncoding.cpp: Silence ICU deprecration.
1369
1370 2018-05-08  Simon Fraser  <simon.fraser@apple.com>
1371
1372         SVG lighting colors need to be converted into linearSRGB
1373         https://bugs.webkit.org/show_bug.cgi?id=181196
1374
1375         Reviewed by Darin Adler.
1376
1377         Address post-commit comments. Don't make a Color that contains linearRGB components,
1378         but use FloatComponents instead. Since these FloatComponents are in the 0-1 range,
1379         FELighting::setPixelInternal() needs to multiply by 255 since the output pixels are
1380         8-bit 0-255.
1381         
1382         Change linearToSRGBColorComponent() and sRGBToLinearColorComponent() to do math in
1383         floats without promoting to doubles.
1384
1385         * platform/graphics/ColorUtilities.cpp:
1386         (WebCore::FloatComponents::FloatComponents):
1387         (WebCore::linearToSRGBColorComponent):
1388         (WebCore::sRGBToLinearColorComponent):
1389         (WebCore::sRGBColorToLinearComponents):
1390         (WebCore::linearToSRGBColor): Deleted.
1391         (WebCore::sRGBToLinearColor): Deleted.
1392         * platform/graphics/ColorUtilities.h:
1393         * platform/graphics/filters/FELighting.cpp:
1394         (WebCore::FELighting::setPixelInternal):
1395         (WebCore::FELighting::drawLighting):
1396
1397 2018-05-09  Timothy Hatcher  <timothy@apple.com>
1398
1399         Use StyleColor::Options in more places.
1400
1401         https://bugs.webkit.org/show_bug.cgi?id=185458
1402         rdar://problem/39853798
1403
1404         Add UseDefaultAppearance to StyleColor::Options, to avoid passing yet another
1405         boolean on some of these functions.
1406
1407         Reviewed by Tim Horton.
1408
1409         * css/MediaQueryEvaluator.cpp:
1410         * css/StyleColor.h:
1411         * dom/Document.cpp:
1412         (WebCore::Document::useDefaultAppearance const):
1413         (WebCore::Document::styleColorOptions const):
1414         * dom/Document.h:
1415         * platform/Theme.cpp:
1416         (WebCore::Theme::paint):
1417         * platform/Theme.h:
1418         * platform/mac/LocalDefaultSystemAppearance.h:
1419         * platform/mac/LocalDefaultSystemAppearance.mm:
1420         (WebCore::LocalDefaultSystemAppearance::LocalDefaultSystemAppearance):
1421         (WebCore::LocalDefaultSystemAppearance::~LocalDefaultSystemAppearance):
1422         * platform/mac/ThemeMac.h:
1423         * platform/mac/ThemeMac.mm:
1424         (WebCore::paintToggleButton):
1425         (WebCore::paintButton):
1426         (WebCore::ThemeMac::ensuredView):
1427         (WebCore::ThemeMac::drawCellOrFocusRingWithViewIntoContext):
1428         (WebCore::ThemeMac::paint):
1429         (-[WebCoreThemeView initWithUseSystemAppearance:]): Deleted.
1430         * platform/wpe/ThemeWPE.cpp:
1431         (WebCore::ThemeWPE::paint):
1432         * platform/wpe/ThemeWPE.h:
1433         * rendering/RenderListBox.cpp:
1434         (WebCore::RenderListBox::paintItemBackground):
1435         * rendering/RenderTheme.cpp:
1436         (WebCore::RenderTheme::paint):
1437         (WebCore::RenderTheme::inactiveListBoxSelectionBackgroundColor const):
1438         (WebCore::RenderTheme::platformInactiveListBoxSelectionBackgroundColor const):
1439         * rendering/RenderTheme.h:
1440         * rendering/RenderThemeGtk.cpp:
1441         (WebCore::RenderThemeGtk::platformInactiveListBoxSelectionBackgroundColor const):
1442         * rendering/RenderThemeGtk.h:
1443         * rendering/RenderThemeMac.h:
1444         * rendering/RenderThemeMac.mm:
1445         (WebCore::RenderThemeMac::documentViewFor const):
1446         (WebCore::RenderThemeMac::platformInactiveListBoxSelectionBackgroundColor const):
1447         (WebCore::RenderThemeMac::systemColor const):
1448         (WebCore::RenderThemeMac::paintCellAndSetFocusedElementNeedsRepaintIfNecessary):
1449         (WebCore::RenderThemeMac::paintSliderThumb):
1450
1451 2018-05-09  Yacine Bandou  <yacine.bandou_ext@softathome.com>
1452
1453         [EME][GStreamer] Crash when the mediaKeys are created before loading the media in debug conf
1454         https://bugs.webkit.org/show_bug.cgi?id=185244
1455
1456         Reviewed by Xabier Rodriguez-Calvar.
1457
1458         The function "MediaPlayerPrivateGStreamerBase::cdmInstanceAttached" is expected to be called once,
1459         so there is an ASSERT(!m_cdmInstance).
1460         But when the MediaKeys are created before loading the media, the cdminstance is created and attached
1461         to the MediaPlayerPrivate via "MediaPlayerPrivateGStreamerBase::cdmInstanceAttached" before loading
1462         the media, then when the media is loading, the function "MediaPlayerPrivateGStreamerBase::cdmInstanceAttached"
1463         will be called several times via the function "mediaEngineWasUpdated" wich is called for each change
1464         in the MediaElement state, thus the WebProcess crashes in the ASSERT(!m_cdmInstance).
1465
1466         This commit avoid the crash by replacing the assert with a simple check.
1467
1468         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
1469         (WebCore::MediaPlayerPrivateGStreamerBase::cdmInstanceAttached):
1470         (WebCore::MediaPlayerPrivateGStreamerBase::cdmInstanceDetached):
1471
1472 2018-05-09  Antti Koivisto  <antti@apple.com>
1473
1474         Add OptionSet::operator& and operator bool
1475         https://bugs.webkit.org/show_bug.cgi?id=185306
1476
1477         Reviewed by Anders Carlsson.
1478
1479         Use it in a few places.
1480
1481         * loader/FrameLoader.cpp:
1482         (WebCore::FrameLoader::reload):
1483         * rendering/RenderLayerCompositor.cpp:
1484         (WebCore::RenderLayerCompositor::logReasonsForCompositing):
1485         (WebCore::RenderLayerCompositor::updateScrollCoordinatedLayer):
1486
1487 2018-05-08  Dean Jackson  <dino@apple.com>
1488
1489         Disable system preview link fetching
1490         https://bugs.webkit.org/show_bug.cgi?id=185463
1491
1492         Reviewed by Jon Lee.
1493
1494         Temporarily disable system preview detection when a link
1495         is clicked.
1496
1497         * html/HTMLAnchorElement.cpp:
1498         (WebCore::HTMLAnchorElement::handleClick):
1499
1500 2018-05-08  Wenson Hsieh  <wenson_hsieh@apple.com>
1501
1502         Unreviewed, fix the internal iOS build
1503
1504         Add a missing import statement in an implementation file.
1505
1506         * editing/cocoa/WebContentReaderCocoa.mm:
1507
1508 2018-05-08  Ryan Haddad  <ryanhaddad@apple.com>
1509
1510         Unreviewed, rolling out r231486.
1511
1512         Caused service worker LayoutTest failures on macOS Debug WK2.
1513
1514         Reverted changeset:
1515
1516         "Allow WebResourceLoader to cancel a load served from a
1517         service worker"
1518         https://bugs.webkit.org/show_bug.cgi?id=185274
1519         https://trac.webkit.org/changeset/231486
1520
1521 2018-05-08  Wenson Hsieh  <wenson_hsieh@apple.com>
1522
1523         Consolidate WebContentReaderIOS and WebContentReaderMac into WebContentReaderCocoa
1524         https://bugs.webkit.org/show_bug.cgi?id=185340
1525
1526         Reviewed by Tim Horton.
1527
1528         WebContentReader::readURL is currently the only method implemented separately in iOS and macOS platform
1529         WebContentReader files. The implementation across macOS and iOS is nearly identical (with some exceptions with
1530         the way iOS handles file URLs and plain text editing), so we can merge these into a single method
1531         WebContentReaderCocoa and delete WebContentReaderIOS and WebContentReaderMac.
1532
1533         This also has the added bonus of fixing a latent bug in WebContentReaderMac, wherein URLs written to the
1534         pasteboard using -[NSPasteboard writeObjects:] are currently pasted as empty anchor elements. In this case, the
1535         link title isn't made explicit, so the `title` passed in to WebContentReader::readURL is empty. On iOS, we have
1536         code to fall back to pasting the absolute string of the URL if the title is empty, but on macOS, we'll just use
1537         this empty string as the title of the anchor.
1538
1539         Test: PasteMixedContent.PasteURLWrittenToPasteboardUsingWriteObjects
1540
1541         * SourcesCocoa.txt:
1542         * WebCore.xcodeproj/project.pbxproj:
1543         * editing/cocoa/WebContentReaderCocoa.mm:
1544         (WebCore::WebContentReader::readURL):
1545         * editing/ios/WebContentReaderIOS.mm: Removed.
1546         * editing/mac/WebContentReaderMac.mm: Removed.
1547
1548 2018-05-08  Zalan Bujtas  <zalan@apple.com>
1549
1550         [Simple line layout] Cache run resolver.
1551         https://bugs.webkit.org/show_bug.cgi?id=185411
1552
1553         Reviewed by Antti Koivisto.
1554
1555         This patch caches the run resolver on the [SimpleLine]Layout object. 
1556         In certain cases, when the block container has thousands of elements (foobar1<br>foobar2<br>.....foobar9999<br>),
1557         constructing the resolver (and its dependencies) in a repeating fashion could hang the WebProcess.
1558
1559         Covered by existing tests.
1560
1561         * rendering/SimpleLineLayout.cpp:
1562         (WebCore::SimpleLineLayout::create):
1563         (WebCore::SimpleLineLayout::Layout::create):
1564         (WebCore::SimpleLineLayout::Layout::Layout):
1565         * rendering/SimpleLineLayout.h:
1566         (WebCore::SimpleLineLayout::Layout::runResolver const):
1567         * rendering/SimpleLineLayoutFunctions.cpp:
1568         (WebCore::SimpleLineLayout::paintFlow):
1569         (WebCore::SimpleLineLayout::hitTestFlow):
1570         (WebCore::SimpleLineLayout::collectFlowOverflow):
1571         (WebCore::SimpleLineLayout::computeBoundingBox):
1572         (WebCore::SimpleLineLayout::computeFirstRunLocation):
1573         (WebCore::SimpleLineLayout::collectAbsoluteRects):
1574         (WebCore::SimpleLineLayout::collectAbsoluteQuads):
1575         (WebCore::SimpleLineLayout::textOffsetForPoint):
1576         (WebCore::SimpleLineLayout::collectAbsoluteQuadsForRange):
1577         (WebCore::SimpleLineLayout::generateLineBoxTree):
1578         * rendering/SimpleLineLayoutResolver.cpp:
1579         (WebCore::SimpleLineLayout::LineResolver::LineResolver):
1580         * rendering/SimpleLineLayoutResolver.h:
1581         (WebCore::SimpleLineLayout::lineResolver):
1582
1583 2018-05-08  Brent Fulgham  <bfulgham@apple.com>
1584
1585         Switch some RELEASE_ASSERTS to plain debug ASSERTS in PlatformScreenMac.mm
1586         https://bugs.webkit.org/show_bug.cgi?id=185451
1587         <rdar://problem/39620348>
1588
1589         Reviewed by Zalan Bujtas.
1590
1591         Change a set of RELEASE_ASSERTS used to prevent accessing NSScreen related functions in the
1592         PlatformScreenMac implementation to less expensive Debug ASSERTS.
1593
1594         No change in behavior.
1595
1596         * platform/mac/PlatformScreenMac.mm:
1597         (WebCore::screenHasInvertedColors):
1598         (WebCore::screenDepth):
1599         (WebCore::screenDepthPerComponent):
1600         (WebCore::screenRectForDisplay):
1601         (WebCore::screenRect):
1602         (WebCore::screenAvailableRect):
1603         (WebCore::screenColorSpace):
1604         (WebCore::screenSupportsExtendedColor):
1605
1606 2018-05-08  Daniel Bates  <dabates@apple.com>
1607
1608         Resign Strong Password appearance when text field value changes
1609         https://bugs.webkit.org/show_bug.cgi?id=185433
1610         <rdar://problem/39958508>
1611
1612         Reviewed by Ryosuke Niwa.
1613
1614         Remove the Strong Password decoration when the text field's value changes to avoid interfering
1615         with web sites that allow a person to clear the password field.
1616
1617         Tests: fast/forms/auto-fill-button/auto-fill-strong-password-button-when-maxlength-changes.html
1618                fast/forms/auto-fill-button/auto-fill-strong-password-button-when-minlength-changes.html
1619                fast/forms/auto-fill-button/hide-auto-fill-strong-password-button-when-value-changes.html
1620
1621         * html/HTMLInputElement.cpp:
1622         (WebCore::HTMLInputElement::resignStrongPasswordAppearance): Extracted from HTMLInputElement::updateType().
1623         (WebCore::HTMLInputElement::updateType): Extract out logic to resign the Strong Password appearance
1624         into a function that can be shared by this function and HTMLInputElement::setValue().
1625         (WebCore::HTMLInputElement::setValue): Resign the Strong Password appearance if this field was
1626         changed programmatically (i.e. no DOM change event was dispatched).
1627         * html/HTMLInputElement.h:
1628
1629 2018-05-08  Jer Noble  <jer.noble@apple.com>
1630
1631         Unreviewed build fix; add missing function definition.
1632
1633         * html/HTMLMediaElement.h:
1634         (WebCore::HTMLMediaElement::didPassCORSAccessCheck const):
1635
1636 2018-05-08  Jer Noble  <jer.noble@apple.com>
1637
1638         Mute MediaElementSourceNode when tainted.
1639         https://bugs.webkit.org/show_bug.cgi?id=184866
1640
1641         Reviewed by Eric Carlson.
1642
1643         Test: http/tests/security/webaudio-render-remote-audio-blocked-no-crossorigin.html
1644
1645         * Modules/webaudio/AudioContext.cpp:
1646         (WebCore::AudioContext::wouldTaintOrigin const):
1647         * Modules/webaudio/AudioContext.h:
1648         * Modules/webaudio/MediaElementAudioSourceNode.cpp:
1649         (WebCore::MediaElementAudioSourceNode::setFormat):
1650         (WebCore::MediaElementAudioSourceNode::wouldTaintOrigin):
1651         (WebCore::MediaElementAudioSourceNode::process):
1652         * Modules/webaudio/MediaElementAudioSourceNode.h:
1653
1654 2018-05-08  Eric Carlson  <eric.carlson@apple.com>
1655
1656         Log rtcstats as JSON
1657         https://bugs.webkit.org/show_bug.cgi?id=185437
1658         <rdar://problem/40065332>
1659
1660         Reviewed by Youenn Fablet.
1661
1662         * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
1663         (WebCore::RTCStatsLogger::RTCStatsLogger): Create a wrapper class so we don't have to add a
1664         toJSONString method to libwebrtc.
1665         (WebCore::RTCStatsLogger::toJSONString const): Log stats as JSON.
1666         (WebCore::LibWebRTCMediaEndpoint::OnStatsDelivered): Don't use the LOGIDENTIFIER macro because
1667         it doesn't work well inside of a lambda.
1668         (WTF::LogArgument<WebCore::RTCStatsLogger>::toString): Move into .cpp file because it is only
1669         used here.
1670         * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.h:
1671         (WTF::LogArgument<webrtc::RTCStats>::toString): Deleted. Move to .cpp file.
1672
1673 2018-05-08  Dean Jackson  <dino@apple.com>
1674
1675         System Preview links should trigger a download
1676         https://bugs.webkit.org/show_bug.cgi?id=185439
1677         <rdar://problem/40065545>
1678
1679         Reviewed by Jon Lee.
1680
1681         Add a new field to FrameLoadRequest, which then is copied
1682         into ResourceRequest, identifying if the link clicked
1683         is a system preview.
1684
1685         * html/HTMLAnchorElement.cpp:
1686         (WebCore::HTMLAnchorElement::handleClick): Look for isSystemPreviewLink().
1687         * loader/FrameLoadRequest.cpp:
1688         (WebCore::FrameLoadRequest::FrameLoadRequest):
1689         * loader/FrameLoadRequest.h: New property.
1690         (WebCore::FrameLoadRequest::FrameLoadRequest):
1691         (WebCore::FrameLoadRequest::isSystemPreview const):
1692         * loader/FrameLoader.cpp:
1693         (WebCore::FrameLoader::urlSelected):
1694         (WebCore::FrameLoader::loadURL):
1695         * loader/FrameLoader.h:
1696         * platform/network/ResourceRequestBase.cpp:
1697         (WebCore::ResourceRequestBase::isSystemPreview const):
1698         (WebCore::ResourceRequestBase::setSystemPreview):
1699         * platform/network/ResourceRequestBase.h:
1700
1701 2018-05-08  Commit Queue  <commit-queue@webkit.org>
1702
1703         Unreviewed, rolling out r231491.
1704         https://bugs.webkit.org/show_bug.cgi?id=185434
1705
1706         Setting the Created key on a cookie does not work yet, due a
1707         bug in CFNetwork (Requested by ggaren on #webkit).
1708
1709         Reverted changeset:
1710
1711         "[WKHTTPCookieStore getAllCookies] returns inconsistent
1712         creation time"
1713         https://bugs.webkit.org/show_bug.cgi?id=185041
1714         https://trac.webkit.org/changeset/231491
1715
1716 2018-05-08  Sihui Liu  <sihui_liu@apple.com>
1717
1718         [WKHTTPCookieStore getAllCookies] returns inconsistent creation time
1719         https://bugs.webkit.org/show_bug.cgi?id=185041
1720         <rdar://problem/34684214>
1721
1722         Reviewed by Geoffrey Garen.
1723
1724         Set creationtime property when creating Cookie object to keep consistency after conversion.
1725
1726         New API test: WebKit.WKHTTPCookieStoreCreationTime.
1727
1728         * platform/network/cocoa/CookieCocoa.mm:
1729         (WebCore::Cookie::operator NSHTTPCookie * const):
1730
1731 2018-05-08  Eric Carlson  <eric.carlson@apple.com>
1732
1733         Text track cue logging should include cue text
1734         https://bugs.webkit.org/show_bug.cgi?id=185353
1735         <rdar://problem/40003565>
1736
1737         Reviewed by Brent Fulgham.
1738
1739         No new tests, tested manually.
1740
1741         * html/track/VTTCue.cpp:
1742         (WebCore::VTTCue::toJSON const):
1743         * platform/graphics/InbandTextTrackPrivateClient.h:
1744         (WebCore::GenericCueData::toJSONString const):
1745         * platform/graphics/iso/ISOVTTCue.cpp:
1746         (WebCore::ISOWebVTTCue::toJSONString const):
1747
1748 2018-05-08  Sam Weinig  <sam@webkit.org>
1749
1750         More cleanup of XMLHttpRequestUpload
1751         https://bugs.webkit.org/show_bug.cgi?id=185409
1752
1753         Reviewed by Alex Christensen.
1754
1755         - Remove unneeded #includes
1756         - Rename m_xmlHttpRequest to m_request
1757         - Make some overloaded some methods private, and mark them as final rather
1758           than override.
1759
1760         * xml/XMLHttpRequestUpload.cpp:
1761         (WebCore::XMLHttpRequestUpload::XMLHttpRequestUpload):
1762         * xml/XMLHttpRequestUpload.h:
1763
1764 2018-05-08  Zalan Bujtas  <zalan@apple.com>
1765
1766         [LFC] Start using BlockMarginCollapse
1767         https://bugs.webkit.org/show_bug.cgi?id=185424
1768
1769         Reviewed by Antti Koivisto.
1770
1771         BlockMarginCollapse could be all static.
1772
1773         * layout/blockformatting/BlockFormattingContext.cpp:
1774         (WebCore::Layout::BlockFormattingContext::marginTop const):
1775         (WebCore::Layout::BlockFormattingContext::marginBottom const):
1776         * layout/blockformatting/BlockMarginCollapse.cpp:
1777         (WebCore::Layout::isMarginTopCollapsedWithSibling):
1778         (WebCore::Layout::isMarginBottomCollapsedWithSibling):
1779         (WebCore::Layout::isMarginTopCollapsedWithParent):
1780         (WebCore::Layout::isMarginBottomCollapsedWithParent):
1781         (WebCore::Layout::collapsedMarginTopFromFirstChild):
1782         (WebCore::Layout::collapsedMarginBottomFromLastChild):
1783         (WebCore::Layout::nonCollapsedMarginTop):
1784         (WebCore::Layout::nonCollapsedMarginBottom):
1785         (WebCore::Layout::BlockMarginCollapse::marginTop):
1786         (WebCore::Layout::BlockMarginCollapse::marginBottom):
1787         (WebCore::Layout::BlockMarginCollapse::BlockMarginCollapse): Deleted.
1788         (WebCore::Layout::BlockMarginCollapse::marginTop const): Deleted.
1789         (WebCore::Layout::BlockMarginCollapse::marginBottom const): Deleted.
1790         (WebCore::Layout::BlockMarginCollapse::isMarginTopCollapsedWithSibling const): Deleted.
1791         (WebCore::Layout::BlockMarginCollapse::isMarginBottomCollapsedWithSibling const): Deleted.
1792         (WebCore::Layout::BlockMarginCollapse::isMarginTopCollapsedWithParent const): Deleted.
1793         (WebCore::Layout::BlockMarginCollapse::isMarginBottomCollapsedWithParent const): Deleted.
1794         (WebCore::Layout::BlockMarginCollapse::nonCollapsedMarginTop const): Deleted.
1795         (WebCore::Layout::BlockMarginCollapse::nonCollapsedMarginBottom const): Deleted.
1796         (WebCore::Layout::BlockMarginCollapse::collapsedMarginTopFromFirstChild const): Deleted.
1797         (WebCore::Layout::BlockMarginCollapse::collapsedMarginBottomFromLastChild const): Deleted.
1798         (WebCore::Layout::BlockMarginCollapse::hasAdjoiningMarginTopAndBottom const): Deleted.
1799         * layout/blockformatting/BlockMarginCollapse.h:
1800
1801 2018-05-08  Youenn Fablet  <youenn@apple.com>
1802
1803         Allow WebResourceLoader to cancel a load served from a service worker
1804         https://bugs.webkit.org/show_bug.cgi?id=185274
1805
1806         Reviewed by Chris Dumez.
1807
1808         Add support for cancelling a fetch from WebProcess to service worker process.
1809         Use FetchIdentifier instead of uint64_t.
1810
1811         * Modules/fetch/FetchIdentifier.h: Added.
1812         * WebCore.xcodeproj/project.pbxproj:
1813         * workers/service/context/ServiceWorkerFetch.h:
1814         * workers/service/context/ServiceWorkerThreadProxy.cpp:
1815         (WebCore::ServiceWorkerThreadProxy::startFetch):
1816         (WebCore::ServiceWorkerThreadProxy::cancelFetch):
1817         * workers/service/context/ServiceWorkerThreadProxy.h:
1818
1819 2018-05-08  Said Abou-Hallawa  <sabouhallawa@apple.com>
1820
1821         feTurbulence is not rendered correctly on Retina display
1822         https://bugs.webkit.org/show_bug.cgi?id=183798
1823
1824         Reviewed by Simon Fraser.
1825
1826         On 2x display the feTurbulence filter creates a scaled ImageBuffer but
1827         processes only the unscaled size. This is a remaining work of r168577 and
1828         is very similar to what was done for the feMorphology filter in r188271.
1829
1830         Test: fast/hidpi/filters-turbulence.html
1831
1832         * platform/graphics/filters/FETurbulence.cpp:
1833         (WebCore::FETurbulence::fillRegion const):
1834         (WebCore::FETurbulence::platformApplySoftware):
1835
1836 2018-05-07  Zalan Bujtas  <zalan@apple.com>
1837
1838         [LFC] Add FormattingContext::layoutOutOfFlowDescendants implementation
1839         https://bugs.webkit.org/show_bug.cgi?id=185377
1840
1841         Reviewed by Antti Koivisto.
1842
1843         Also, remove FormattingContext's m_layoutContext member and pass it in to ::layout() instead.
1844         In theory LayoutContext is needed only during ::layout() call. 
1845
1846         * layout/FormattingContext.cpp:
1847         (WebCore::Layout::FormattingContext::layoutOutOfFlowDescendants const):
1848         * layout/FormattingContext.h:
1849         (WebCore::Layout::FormattingContext::layoutContext const):
1850         * layout/LayoutContext.cpp:
1851         (WebCore::Layout::LayoutContext::updateLayout):
1852         * layout/blockformatting/BlockFormattingContext.cpp:
1853         (WebCore::Layout::BlockFormattingContext::layout const):
1854         * layout/blockformatting/BlockFormattingContext.h:
1855         * layout/inlineformatting/InlineFormattingContext.cpp:
1856         (WebCore::Layout::InlineFormattingContext::layout const):
1857         * layout/inlineformatting/InlineFormattingContext.h:
1858
1859 2018-05-07  Daniel Bates  <dabates@apple.com>
1860
1861         Check X-Frame-Options and CSP frame-ancestors in network process
1862         https://bugs.webkit.org/show_bug.cgi?id=185410
1863         <rdar://problem/37733934>
1864
1865         Reviewed by Ryosuke Niwa.
1866
1867         * WebCore.xcodeproj/project.pbxproj: Make PingLoader.h a private header so that we can include it in WebKit.
1868         * loader/DocumentLoader.cpp:
1869         (WebCore::DocumentLoader::responseReceived): Only check CSP frame-ancestors and X-Frame-Options here if
1870         we are not checking them in the NetworkProcess and HTTP response access is restricted. I code is otherwise kept
1871         unchanged. There may be opportunities to clean this code up more and share more of it. We should look into this
1872         in subsequent bugs.
1873         * loader/DocumentLoader.h: Change visibility of stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() from
1874         private to public and export it so that we can call it from the WebKit.
1875         * loader/PingLoader.h:
1876         * page/Settings.yaml: Add a new setting called networkProcessCSPFrameAncestorsCheckingEnabled (defaults: false)
1877         and is hardcoded in WebPage.cpp to be enabled. This setting is used to determine if we will be using the NetworkProcess.
1878         Ideally we wouldn't have this setting and just key off RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess().
1879         However RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess() is always enabled in WebKit Legacy
1880         at the time of writing (why?). And, strangely, RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess()
1881         is conditionally enabled in WebKit. For now, we add a new setting, networkProcessCSPFrameAncestorsCheckingEnabled,
1882         to determine if CSP checking should be performed in NetworkProcess. For checking to actually happen in NetworkProcess
1883         and not in DocumentLoader::responseReceived() RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess()
1884         will also need to be enabled.
1885         * page/csp/ContentSecurityPolicy.cpp:
1886         (WebCore::ContentSecurityPolicy::allowFrameAncestors const): Added a variant that takes a vector of ancestor origins.
1887         * page/csp/ContentSecurityPolicy.h:
1888         * page/csp/ContentSecurityPolicyDirectiveList.cpp:
1889         (WebCore::checkFrameAncestors): Ditto.
1890         (WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForFrameAncestorOrigins const): Ditto.
1891         * page/csp/ContentSecurityPolicyDirectiveList.h: Export constructor so that we can invoke it from NetworkResourceLoader::shouldInterruptLoadForCSPFrameAncestorsOrXFrameOptions().
1892         * page/csp/ContentSecurityPolicyResponseHeaders.h:
1893         * platform/network/HTTPParsers.h: Export XFrameOptionsDisposition() so that we can use in WebKit.
1894
1895 2018-05-07  Daniel Bates  <dabates@apple.com>
1896
1897         Abstract logic to log console messages and send CSP violation reports into a client
1898         https://bugs.webkit.org/show_bug.cgi?id=185393
1899         <rdar://problem/40036053>
1900
1901         Reviewed by Brent Fulgham.
1902
1903         First pass at adding infrastructure to supporting CSP reporting from NetworkProcess and workers.
1904         Replaces the existing ContentSecurityPolicy constructor that takes a Frame with one that
1905         takes a ContentSecurityPolicyClient to delegate to for logging and sending reports. We will look
1906         to remove ContentSecurityPolicy constructor that takes a ScriptExecutionContext in a follow up.
1907
1908         Standardize on instantiating a ContentSecurityPolicy with the full URL to resource that it protects
1909         instead of taking only the SecurityOrigin of this URL. By taking the full URL the ContentSecurityPolicy
1910         object is now capable of resolving a relative report URL without needing a Document/ScriptExecutionContext.
1911
1912         We are underutilizing the CSPInfo struct and ContentSecurityPolicyClient::willSendCSPViolationReport()
1913         delegate callback in this patch. We will make use of this functionality in a subsequent patch to
1914         support collecting script state (e.g. source line number) when reporting CSP violations in worker
1915         threads. We also no longer go through the unnecessary motions to try to collect script state for a
1916         frame-ancestors violation (since DocumentLoader extends ContentSecurityPolicyClient and does not
1917         implement ContentSecurityPolicyClient::willSendCSPViolationReport()). The frame-ancestors directive
1918         is checked before a document is parsed and executes script; => there will never be any script state
1919         to collect; => it is not necessary to try to collect it as we currently do.
1920
1921         * Sources.txt: Add file ContentSecurityPolicyClient.cpp. See the remarks for ContentSecurityPolicyClient.cpp
1922         below on why we have this file.
1923         * WebCore.xcodeproj/project.pbxproj: Add files ContentSecurityPolicyClient.{h, cpp}.
1924         * dom/Document.cpp:
1925         (WebCore::Document::initSecurityContext): Pass the URL of the protected document.
1926         * loader/DocumentLoader.cpp:
1927         (WebCore::DocumentLoader::responseReceived): Ditto.
1928         (WebCore::DocumentLoader::addConsoleMessage): Added.
1929         (WebCore::DocumentLoader::sendCSPViolationReport): Added.
1930         (WebCore::DocumentLoader::dispatchSecurityPolicyViolationEvent): Added.
1931         * loader/DocumentLoader.h:
1932         * loader/FrameLoaderClient.h: Fix typo in comment.
1933         * loader/WorkerThreadableLoader.cpp:
1934         (WebCore::WorkerThreadableLoader::MainThreadBridge::MainThreadBridge): Pass the URL of the worker script.
1935         * page/csp/ContentSecurityPolicy.cpp:
1936         (WebCore::ContentSecurityPolicy::ContentSecurityPolicy): Added overload that takes a URL&& and an optional
1937         ContentSecurityPolicyClient*.
1938         (WebCore::ContentSecurityPolicy::deprecatedURLForReporting const): Extracted and simplified stripURLForUseInReport()
1939         into this member function.
1940         (WebCore::ContentSecurityPolicy::reportViolation const): Modified to make use of the client, if we have
1941         one and removed code for handling a ContentSecurityPolicy that was instantiated with a Frame.
1942         (WebCore::ContentSecurityPolicy::logToConsole const): Ditto.
1943         (WebCore::stripURLForUseInReport): Deleted; incorporated into ContentSecurityPolicy::deprecatedURLForReporting().
1944         * page/csp/ContentSecurityPolicy.h:
1945         * page/csp/ContentSecurityPolicyClient.cpp: Added. This file exists so that we can define the virtual
1946         destructor out-of-line and export this abstract class so as to avoid the need for the vtable to be
1947         defined in the translation unit of each derived class.
1948         * page/csp/ContentSecurityPolicyClient.h: Added.
1949         * page/csp/ContentSecurityPolicySource.cpp:
1950         (WebCore::ContentSecurityPolicySource::operator SecurityOriginData const): Added.
1951         * page/csp/ContentSecurityPolicySource.h:
1952         * workers/WorkerGlobalScope.cpp:
1953         (WebCore::WorkerGlobalScope::WorkerGlobalScope): Instantiate the ContentSecurityPolicy object with the
1954         URL of the worker script.
1955
1956 2018-05-07  Simon Fraser  <simon.fraser@apple.com>
1957
1958         CSS filters which reference SVG filters fail to respect the "color-interpolation-filters" of the filter
1959         https://bugs.webkit.org/show_bug.cgi?id=185343
1960
1961         Reviewed by Dean Jackson.
1962
1963         Test: css3/filters/color-interpolation-filters.html
1964         
1965         When applying CSS reference filters, apply the value of "color-interpolation-filters" for the
1966         referenced filter effect element, just as we do for SVG filters.
1967
1968         * rendering/FilterEffectRenderer.cpp:
1969         (WebCore::FilterEffectRenderer::buildReferenceFilter):
1970
1971 2018-05-07  Daniel Bates  <dabates@apple.com>
1972
1973         CSP status-code incorrect for document blocked due to violation of its frame-ancestors directive
1974         https://bugs.webkit.org/show_bug.cgi?id=185366
1975         <rdar://problem/40035116>
1976
1977         Reviewed by Brent Fulgham.
1978
1979         Fixes an issue where the status-code in the sent CSP report for an HTTP document blocked because
1980         its frame-ancestors directive was violated would be the status code of the previously loaded
1981         document in the frame. If the previously loaded document was about:blank then this would be 0.
1982
1983         Currently whenever we send a CSP report we ask the document's loader (Document::loader()) for the
1984         HTTP status code for the last response. Document::loader() returns the loader for the last committed
1985         document its frame. For a frame-ancestors violation, a CSP report is sent before the document
1986         that had the frame-ancestors directive has been committed and after it has been associate with a frame.
1987         As a result we are in are in a transient transition state for the frame and hence the last response
1988         for new document's loader (Document::loader()) is actually the last response of the previously loaded
1989         document in the frame. Instead we need to take care to tell CSP about the HTTP status code for the
1990         response associated with the document the CSP came from.
1991
1992         * dom/Document.cpp:
1993         (WebCore::Document::processHttpEquiv):
1994         (WebCore::Document::initSecurityContext):
1995         Pass the HTTP status code to CSP.
1996
1997         * page/csp/ContentSecurityPolicy.cpp:
1998         (WebCore::ContentSecurityPolicy::copyStateFrom):
1999         (WebCore::ContentSecurityPolicy::responseHeaders const):
2000         (WebCore::ContentSecurityPolicy::didReceiveHeaders):
2001         (WebCore::ContentSecurityPolicy::didReceiveHeader):
2002         (WebCore::ContentSecurityPolicy::reportViolation const):
2003         * page/csp/ContentSecurityPolicy.h:
2004         Modify existing functions to take the HTTP status code, store it in a instance variable,
2005         and reference this variable when reporting a violation.
2006
2007         * page/csp/ContentSecurityPolicyResponseHeaders.cpp:
2008         (WebCore::ContentSecurityPolicyResponseHeaders::ContentSecurityPolicyResponseHeaders):
2009         (WebCore::ContentSecurityPolicyResponseHeaders::isolatedCopy const):
2010         * page/csp/ContentSecurityPolicyResponseHeaders.h:
2011         (WebCore::ContentSecurityPolicyResponseHeaders::encode const):
2012         (WebCore::ContentSecurityPolicyResponseHeaders::decode):
2013         Store the HTTP status code along with the response headers.
2014
2015 2018-05-07  Daniel Bates  <dabates@apple.com>
2016
2017         CSP referrer incorrect for document blocked due to violation of its frame-ancestors directive
2018         https://bugs.webkit.org/show_bug.cgi?id=185380
2019
2020         Reviewed by Brent Fulgham.
2021
2022         Similar to <https://bugs.webkit.org/show_bug.cgi?id=185366>, fixes an issue where the referrer
2023         in the sent CSP report for an HTTP document blocked because its frame-ancestors directive was
2024         violated would be the referrer of the previously loaded document in the frame.
2025
2026         Currently whenever we send a CSP report we ask the document's loader (Document::loader()) for
2027         the referrer for the last request. Document::loader() returns the loader for the last committed
2028         document in its frame. For a frame-ancestors violation, a CSP report is sent before the document
2029         that had the frame-ancestors directive has been committed and after it has been associate with a
2030         frame. As a result we are in a transient transition state for the frame and hence the last request
2031         for the new document's loader (Document::loader()) is actually the last request of the previously
2032         loaded document in the frame. Instead we need to take care to tell CSP about the referrer for the
2033         request associated with the document the CSP came from.
2034
2035         * loader/DocumentLoader.cpp:
2036         (WebCore::DocumentLoader::responseReceived):
2037
2038 2018-05-07  Brent Fulgham  <bfulgham@apple.com>
2039
2040         Add experimental feature to prompt for Storage Access API use
2041         https://bugs.webkit.org/show_bug.cgi?id=185335
2042         <rdar://problem/39994649>
2043
2044         Reviewed by Alex Christensen and Youenn Fablet.
2045
2046         Create a new experimental feature that gates the ability of WebKit clients to prompt the user when
2047         Storage Access API is invoked.
2048
2049         Currently this feature doesn't have any user-visible impact.
2050
2051         * page/RuntimeEnabledFeatures.h:
2052         (WebCore::RuntimeEnabledFeatures::setStorageAccessPromptsEnabled):
2053         (WebCore::RuntimeEnabledFeatures::storageAccessPromptsEnabled const):
2054         * testing/InternalSettings.cpp:
2055         (WebCore::InternalSettings::Backup::Backup):
2056         (WebCore::InternalSettings::Backup::restoreTo):
2057         (WebCore::InternalSettings::setStorageAccessPromptsEnabled):
2058         * testing/InternalSettings.h:
2059         * testing/InternalSettings.idl:
2060
2061 2018-05-07  Chris Dumez  <cdumez@apple.com>
2062
2063         Stop using an iframe's id as fallback if its name attribute is not set
2064         https://bugs.webkit.org/show_bug.cgi?id=11388
2065
2066         Reviewed by Geoff Garen.
2067
2068         WebKit had logic to use an iframe's id as fallback name when its name
2069         content attribute is not set. This behavior was not standard and did not
2070         match other browsers:
2071         - https://html.spec.whatwg.org/#attr-iframe-name
2072
2073         Gecko / Trident never behaved this way. Blink was aligned with us until
2074         they started to match the specification in:
2075         - https://bugs.chromium.org/p/chromium/issues/detail?id=347169
2076
2077         This WebKit quirk was causing some Web-compatibility issues because it
2078         would affect the behavior of Window's name property getter when trying
2079         to look up an iframe by id. Because of Window's named property getter
2080         behavior [1], we would return the frame's contentWindow instead of the
2081         iframe element itself.
2082
2083         [1] https://html.spec.whatwg.org/multipage/window-object.html#named-access-on-the-window-object
2084
2085         Test: fast/dom/Window/named-getter-frame-id.html
2086
2087         * html/HTMLFrameElementBase.cpp:
2088         (WebCore::HTMLFrameElementBase::openURL):
2089         (WebCore::HTMLFrameElementBase::parseAttribute):
2090         (WebCore::HTMLFrameElementBase::didFinishInsertingNode):
2091         * html/HTMLFrameElementBase.h:
2092
2093 2018-05-07  Chris Dumez  <cdumez@apple.com>
2094
2095         ASSERT(!childItemWithTarget(child->target())) is hit in HistoryItem::addChildItem()
2096         https://bugs.webkit.org/show_bug.cgi?id=185322
2097
2098         Reviewed by Geoff Garen.
2099
2100         We generate unique names for Frame to be used in HistoryItem. Those names not only
2101         need to be unique, they also need to be repeatable to avoid layout tests flakiness
2102         and for things like restoring form state from a HistoryItem.
2103
2104         The previously generated frame names were relying on the Frame's index among a
2105         parent Frame's children. The issue was that we could end up with duplicate names
2106         because one could insert a Frame *before* an existing one. This is because the code
2107         would not take care of updating existing Frames' unique name on frame tree mutation.
2108
2109         Updating frame tree names on mutation would be inefficient and is also not necessary.
2110         The approach chosen in this patch is to stop using the Frame's index and instead rely
2111         on an increasing counter stored on the top-frame's FrameTree. To make the names
2112         repeatable, we reset the counter on page navigation.
2113
2114         * page/Frame.cpp:
2115         (WebCore::Frame::setDocument):
2116         * page/FrameTree.cpp:
2117         (WebCore::FrameTree::uniqueChildName const):
2118         (WebCore::FrameTree::generateUniqueName const):
2119         * page/FrameTree.h:
2120         (WebCore::FrameTree::resetFrameIdentifiers):
2121
2122 2018-05-07  Yacine Bandou  <yacine.bandou_ext@softathome.com>
2123
2124         [EME][GStreamer] Fix wrong subsample parsing on r227067
2125         https://bugs.webkit.org/show_bug.cgi?id=185382
2126
2127         Reviewed by Philippe Normand.
2128
2129         The initialization of sampleIndex should be moved outside of the loop.
2130         Without this patch we will have a bad log and the check of the subsample
2131         count will be useless.
2132
2133         * platform/graphics/gstreamer/eme/WebKitClearKeyDecryptorGStreamer.cpp:
2134         (webKitMediaClearKeyDecryptorDecrypt):
2135
2136 2018-05-07  Daniel Bates  <dabates@apple.com>
2137
2138         CSP should be passed the referrer
2139         https://bugs.webkit.org/show_bug.cgi?id=185367
2140
2141         Reviewed by Per Arne Vollan.
2142
2143         As a step towards formalizing a CSP delegate object and removing the dependencies
2144         on ScriptExecutionContext and Frame, we should pass the document's referrer directly
2145         instead of indirectly obtaining it from the ScriptExecutionContext or Frame used
2146         to instantiate the ContentSecurityPolicy object.
2147
2148         * dom/Document.cpp:
2149         (WebCore::Document::processHttpEquiv): Pass the document's referrer.
2150         (WebCore::Document::initSecurityContext): Ditto.
2151         (WebCore::Document::applyQuickLookSandbox): Ditto.
2152         * loader/DocumentLoader.cpp:
2153         (WebCore::DocumentLoader::responseReceived): Ditto.
2154         * loader/FrameLoader.cpp:
2155         (WebCore::FrameLoader::didBeginDocument): Ditto.
2156         * page/csp/ContentSecurityPolicy.cpp:
2157         (WebCore::ContentSecurityPolicy::copyStateFrom): We pass a null string for the referrer
2158         to didReceiveHeader() as a placeholder since it requires the referrer be given to it. We
2159         fix up the referrer (m_referrer) after copying all the policy headers.
2160         (WebCore::ContentSecurityPolicy::didReceiveHeaders): Ditto.
2161         (WebCore::ContentSecurityPolicy::didReceiveHeader): Modified to take a referrer and WTFMove()s
2162         it into an instance variable (m_referrer).
2163         (WebCore::ContentSecurityPolicy::reportViolation const): Modified to use the stored referrer.
2164         * page/csp/ContentSecurityPolicy.h:
2165         * workers/WorkerGlobalScope.cpp:
2166         (WebCore::WorkerGlobalScope::applyContentSecurityPolicyResponseHeaders): Pass a null string
2167         for the referrer as a worker does not have a referrer.
2168
2169 2018-05-07  Daniel Bates  <dabates@apple.com>
2170
2171         CSP should only notify Inspector to pause the debugger on the first policy to violate a directive
2172         https://bugs.webkit.org/show_bug.cgi?id=185364
2173
2174         Reviewed by Brent Fulgham.
2175
2176         Notify Web Inspector that a script was blocked on the first enforced CSP policy that it
2177         violates.
2178
2179         A page can have more than one enforced Content Security Policy. Currently for inline
2180         scripts, inline event handlers, JavaScript URLs, and eval() that are blocked by CSP
2181         we notify Web Inspector that it was blocked for each CSP policy that blocked it. When
2182         Web Inspector is notified it pauses script execution. It does not seem very meaningful
2183         to pause script execution on the same script for each CSP policy that blocked it.
2184         Therefore, only tell Web Inspector that a script was blocked for the first enforced CSP
2185         policy that blocked it.
2186
2187         * page/csp/ContentSecurityPolicy.cpp:
2188         (WebCore::ContentSecurityPolicy::allowJavaScriptURLs const):
2189         (WebCore::ContentSecurityPolicy::allowInlineEventHandlers const):
2190         (WebCore::ContentSecurityPolicy::allowInlineScript const):
2191         (WebCore::ContentSecurityPolicy::allowEval const):
2192
2193 2018-05-07  Daniel Bates  <dabates@apple.com>
2194
2195         Substitute CrossOriginPreflightResultCache::clear() for CrossOriginPreflightResultCache::empty()
2196         https://bugs.webkit.org/show_bug.cgi?id=185170
2197
2198         Reviewed by Per Arne Vollan.
2199
2200         Rename CrossOriginPreflightResultCache::empty() to CrossOriginPreflightResultCache::clear() make
2201         it consistent with the terminology we use in WebKit to signify a function that clears a collection.
2202         A member function named "empty" is expected to return an instance of a class in its "empty state".
2203         For example, StringImpl::empty() returns a StringImpl instance that represents the empty string.
2204         However CrossOriginPreflightResultCache::empty() clears out the cache in-place. We should rename
2205         this function to better describe its purpose.
2206
2207         * loader/CrossOriginPreflightResultCache.cpp:
2208         (WebCore::CrossOriginPreflightResultCache::clear):
2209         (WebCore::CrossOriginPreflightResultCache::empty): Deleted.
2210         * loader/CrossOriginPreflightResultCache.h:
2211
2212 2018-05-06  Dean Jackson  <dino@apple.com>
2213
2214         WebGL: Reset simulated values after validation fails
2215         https://bugs.webkit.org/show_bug.cgi?id=185363
2216         <rdar://problem/39733417>
2217
2218         Reviewed by Anders Carlsson.
2219
2220         While fixing a previous bug, I forgot to reset some values
2221         when validation fails. This caused a bug where a subsequent
2222         invalid call might use those values and escape detection.
2223
2224         Test: fast/canvas/webgl/index-validation-with-subsequent-draws.html
2225
2226         * html/canvas/WebGLRenderingContextBase.cpp:
2227         (WebCore::WebGLRenderingContextBase::simulateVertexAttrib0): Reset the
2228         sizes when validation fails.
2229         * html/canvas/WebGLRenderingContextBase.h:
2230
2231 2018-05-07  Ms2ger  <Ms2ger@igalia.com>
2232
2233         Support negative sw/sh values in createImageBitmap().
2234         https://bugs.webkit.org/show_bug.cgi?id=184449
2235
2236         Reviewed by Dean Jackson.
2237
2238         Tests: LayoutTests/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-drawImage.html
2239                LayoutTests/http/wpt/2dcontext/imagebitmap/createImageBitmap.html
2240
2241         * html/ImageBitmap.cpp:
2242         (WebCore::ImageBitmap::createPromise): handle negative values per spec.
2243
2244 2018-05-07  Brian Burg  <bburg@apple.com>
2245
2246         Web Inspector: opt out of process swap on navigation if a Web Inspector frontend is connected
2247         https://bugs.webkit.org/show_bug.cgi?id=184861
2248         <rdar://problem/39153768>
2249
2250         Reviewed by Timothy Hatcher.
2251
2252         Notify the client of the current connection count whenever a frontend connects or disconnects.
2253
2254         Covered by new API test.
2255
2256         * inspector/InspectorClient.h:
2257         (WebCore::InspectorClient::frontendCountChanged):
2258         * inspector/InspectorController.cpp:
2259         (WebCore::InspectorController::connectFrontend):
2260         (WebCore::InspectorController::disconnectFrontend):
2261         (WebCore::InspectorController::disconnectAllFrontends):
2262         * inspector/InspectorController.h:
2263
2264 2018-05-07  Eric Carlson  <eric.carlson@apple.com>
2265
2266         Text track cue logging should include cue text
2267         https://bugs.webkit.org/show_bug.cgi?id=185353
2268         <rdar://problem/40003565>
2269
2270         Reviewed by Youenn Fablet.
2271
2272         No new tests, tested manually.
2273
2274         * html/track/VTTCue.cpp:
2275         (WebCore::VTTCue::toJSONString const): Use toJSON.
2276         (WebCore::VTTCue::toJSON const): New.
2277         * html/track/VTTCue.h:
2278
2279         * platform/graphics/InbandTextTrackPrivateClient.h:
2280         (WebCore::GenericCueData::toJSONString const): Log m_content.
2281
2282         * platform/graphics/iso/ISOVTTCue.cpp:
2283         (WebCore::ISOWebVTTCue::toJSONString const): Log m_cueText.
2284
2285 2018-05-06  Zalan Bujtas  <zalan@apple.com>
2286
2287         [LFC] Add assertions for stale Display::Box geometry
2288         https://bugs.webkit.org/show_bug.cgi?id=185357
2289
2290         Reviewed by Antti Koivisto.
2291
2292         Ensure that we don't access stale geometry of other boxes during layout.
2293         For example, in order to layout a block child we need the containing block's content box top/left and width (but not the height)
2294
2295         * layout/displaytree/DisplayBox.h:
2296         (WebCore::Display::Box::invalidateTop):
2297         (WebCore::Display::Box::invalidateLeft):
2298         (WebCore::Display::Box::invalidateWidth):
2299         (WebCore::Display::Box::invalidateHeight):
2300         (WebCore::Display::Box::hasValidPosition const):
2301         (WebCore::Display::Box::hasValidSize const):
2302         (WebCore::Display::Box::hasValidGeometry const):
2303         (WebCore::Display::Box::invalidatePosition):
2304         (WebCore::Display::Box::invalidateSize):
2305         (WebCore::Display::Box::setHasValidPosition):
2306         (WebCore::Display::Box::setHasValidSize):
2307         (WebCore::Display::Box::setHasValidGeometry):
2308         (WebCore::Display::Box::rect const):
2309         (WebCore::Display::Box::top const):
2310         (WebCore::Display::Box::left const):
2311         (WebCore::Display::Box::bottom const):
2312         (WebCore::Display::Box::right const):
2313         (WebCore::Display::Box::topLeft const):
2314         (WebCore::Display::Box::bottomRight const):
2315         (WebCore::Display::Box::size const):
2316         (WebCore::Display::Box::width const):
2317         (WebCore::Display::Box::height const):
2318         (WebCore::Display::Box::setRect):
2319         (WebCore::Display::Box::setTopLeft):
2320         (WebCore::Display::Box::setTop):
2321         (WebCore::Display::Box::setLeft):
2322         (WebCore::Display::Box::setSize):
2323         (WebCore::Display::Box::setWidth):
2324         (WebCore::Display::Box::setHeight):
2325
2326 2018-05-06  Zalan Bujtas  <zalan@apple.com>
2327
2328         [LFC] Add BlockFormattingContext::computeStaticPosition
2329         https://bugs.webkit.org/show_bug.cgi?id=185352
2330
2331         Reviewed by Antti Koivisto.
2332
2333         This is the core logic for positioning inflow boxes in a block formatting context (very naive though).
2334
2335         * layout/blockformatting/BlockFormattingContext.cpp:
2336         (WebCore::Layout::BlockFormattingContext::computeStaticPosition const):
2337         * layout/displaytree/DisplayBox.h:
2338
2339 2018-05-05  Sam Weinig  <sam@webkit.org>
2340
2341         Cleanup XMLHttpRequestUpload a little
2342         https://bugs.webkit.org/show_bug.cgi?id=185344
2343
2344         Reviewed by Yusuke Suzuki.
2345
2346         * bindings/js/JSXMLHttpRequestCustom.cpp:
2347         (WebCore::JSXMLHttpRequest::visitAdditionalChildren):
2348         Use auto to reduce redundancy.
2349
2350         * xml/XMLHttpRequest.cpp:
2351         (WebCore::XMLHttpRequest::upload):
2352         * xml/XMLHttpRequest.h:
2353         Switch upload() to return a reference.
2354         
2355         * xml/XMLHttpRequestUpload.cpp:
2356         (WebCore::XMLHttpRequestUpload::XMLHttpRequestUpload):
2357         (WebCore::XMLHttpRequestUpload::dispatchProgressEvent):
2358         * xml/XMLHttpRequestUpload.h:
2359         Cleanup formatting, modernize and switch XMLHttpRequest member from a pointer
2360         to a reference.
2361
2362 2018-05-05  Dean Jackson  <dino@apple.com>
2363
2364         Draw a drop-shadow behind the system preview badge
2365         https://bugs.webkit.org/show_bug.cgi?id=185356
2366         <rdar://problem/40004936>
2367
2368         Reviewed by Wenson Hsieh.
2369
2370         Draw a very subtle drop-shadow under the system
2371         preview badge so that it is more visible on a pure
2372         white background.
2373
2374         I also moved some code around to make it more clear
2375         and improved comments.
2376
2377         * rendering/RenderThemeIOS.mm:
2378         (WebCore::RenderThemeIOS::paintSystemPreviewBadge):
2379
2380 2018-05-04  Wenson Hsieh  <wenson_hsieh@apple.com>
2381
2382         [iOS] Multiple links in Mail are dropped in a single line, and are difficult to tell apart
2383         https://bugs.webkit.org/show_bug.cgi?id=185289
2384         <rdar://problem/35756912>
2385
2386         Reviewed by Tim Horton and Darin Adler.
2387
2388         When inserting multiple URLs as individual items in a single drop, we currently separate each item with a space
2389         (see r217284). However, it still seems difficult to tell dropped links apart. This patch makes some slight
2390         tweaks to WebContentReader::readURL so that it inserts line breaks before dropped URLs, if the dropped URL isn't
2391         the first item to be inserted in the resulting document fragment.
2392
2393         Augments existing API tests in DataInteractionTests.
2394
2395         * editing/ios/WebContentReaderIOS.mm:
2396
2397         Additionally remove some extraneous header imports from this implementation file.
2398
2399         (WebCore::WebContentReader::readURL):
2400
2401 2018-05-02  Dean Jackson  <dino@apple.com>
2402
2403         Use IOSurfaces for CoreImage operations where possible
2404         https://bugs.webkit.org/show_bug.cgi?id=185230
2405         <rdar://problem/39926929>
2406
2407         Reviewed by Jon Lee.
2408
2409         On iOS hardware, we can use IOSurfaces as a rendering destination
2410         for CoreImage, which means we're keeping data on the GPU
2411         for rendering.
2412
2413         As a drive-by fix, I used a convenience method for Gaussian blurs.
2414
2415         * rendering/RenderThemeIOS.mm:
2416         (WebCore::RenderThemeIOS::paintSystemPreviewBadge):
2417
2418 2018-05-04  Tim Horton  <timothy_horton@apple.com>
2419
2420         Shift to a lower-level framework for simplifying URLs
2421         https://bugs.webkit.org/show_bug.cgi?id=185334
2422
2423         Reviewed by Dan Bernstein.
2424
2425         * Configurations/WebCore.xcconfig:
2426         * platform/mac/DragImageMac.mm:
2427         (WebCore::LinkImageLayout::LinkImageLayout):
2428
2429 2018-05-03  Ryosuke Niwa  <rniwa@webkit.org>
2430
2431         Release assert in ScriptController::canExecuteScripts via HTMLMediaElement::~HTMLMediaElement()
2432         https://bugs.webkit.org/show_bug.cgi?id=185288
2433
2434         Reviewed by Jer Noble.
2435
2436         The crash is caused by HTMLMediaElement::~HTMLMediaElement canceling the resource load via CachedResource
2437         which ends up calling FrameLoader::checkCompleted() and fire load event on the document synchronously.
2438         Speculatively fix the crash by scheduling the check instead.
2439
2440         In long term, ResourceLoader::cancel should never fire load event synchronously: webkit.org/b/185284.
2441
2442         Unfortunately, no new tests since I can't get MediaResource to get destructed at the right time.
2443
2444         * html/HTMLMediaElement.cpp:
2445         (WebCore::HTMLMediaElement::isRunningDestructor): Added to detect this specific case.
2446         (WebCore::HTMLMediaElementDestructorScope): Added.
2447         (WebCore::HTMLMediaElementDestructorScope::HTMLMediaElementDestructorScope): Added.
2448         (WebCore::HTMLMediaElementDestructorScope::~HTMLMediaElementDestructorScope): Added.
2449         (WebCore::HTMLMediaElement::~HTMLMediaElement): Instantiate HTMLMediaElement.
2450         * html/HTMLMediaElement.h:
2451         * loader/FrameLoader.cpp:
2452         (WebCore::FrameLoader::checkCompleted): Call scheduleCheckCompleted instead of synchronously calling
2453         checkCompleted if we're in the middle of destructing a HTMLMediaElement.
2454
2455 2018-05-04  Ryosuke Niwa  <rniwa@webkit.org>
2456
2457         Rename DocumentOrderedMap to TreeScopeOrderedMap
2458         https://bugs.webkit.org/show_bug.cgi?id=185290
2459
2460         Reviewed by Zalan Bujtas.
2461
2462         Renamed the class since it's almost always a mistake to use this class as a member variable of Document.
2463
2464         * Sources.txt:
2465         * WebCore.xcodeproj/project.pbxproj:
2466         * dom/MouseRelatedEvent.cpp: Include the forgotten DOMWindow.h. Unified build files bit us here.
2467         * dom/TreeScope.cpp:
2468         (WebCore::TreeScope::addElementById):
2469         (WebCore::TreeScope::addElementByName):
2470         (WebCore::TreeScope::addImageMap):
2471         (WebCore::TreeScope::addImageElementByUsemap):
2472         (WebCore::TreeScope::labelElementForId):
2473         * dom/TreeScope.h:
2474         * dom/TreeScopeOrderedMap.cpp: Renamed from DocumentOrderedMap.cpp
2475         * dom/TreeScopeOrderedMap.h: Renamed from DocumentOrderedMap.h
2476         * html/HTMLDocument.h:
2477
2478 2018-05-04  Don Olmstead  <don.olmstead@sony.com>
2479
2480         [Win][WebKit] Fix forwarding headers for Windows build
2481         https://bugs.webkit.org/show_bug.cgi?id=184412
2482
2483         Reviewed by Alex Christensen.
2484
2485         No new tests. No change in behavior.
2486
2487         * PlatformWin.cmake:
2488
2489 2018-05-04  Zalan Bujtas  <zalan@apple.com>
2490
2491         [Simple line layout] Add support for line layout box generation with multiple text renderers.
2492         https://bugs.webkit.org/show_bug.cgi?id=185276
2493
2494         Reviewed by Antti Koivisto.
2495
2496         Covered by existing tests.
2497
2498         * rendering/SimpleLineLayoutFunctions.cpp:
2499         (WebCore::SimpleLineLayout::canUseForLineBoxTree):
2500         (WebCore::SimpleLineLayout::generateLineBoxTree):
2501         * rendering/SimpleLineLayoutResolver.cpp:
2502         (WebCore::SimpleLineLayout::RunResolver::Run::renderer const):
2503         (WebCore::SimpleLineLayout::RunResolver::Run::localStart const):
2504         (WebCore::SimpleLineLayout::RunResolver::Run::localEnd const):
2505         * rendering/SimpleLineLayoutResolver.h:
2506
2507 2018-05-04  Timothy Hatcher  <timothy@apple.com>
2508
2509         Deprecate legacy WebView and friends
2510         https://bugs.webkit.org/show_bug.cgi?id=185279
2511         rdar://problem/33268700
2512
2513         Reviewed by Tim Horton.
2514
2515         * Configurations/WebCore.xcconfig:
2516         Added BUILDING_WEBKIT define to disable the deprecation macros.
2517         * bridge/objc/WebScriptObject.h:
2518         Added deprecation macros to WebScriptObject and WebUndefined.
2519         * platform/cocoa/WebKitAvailability.h:
2520         Added more macros and a way to disable deprecation warnings for
2521         WebKit build and in clients like Safari.
2522
2523 2018-05-04  Eric Carlson  <eric.carlson@apple.com>
2524
2525         Log media time range as JSON
2526         https://bugs.webkit.org/show_bug.cgi?id=185321
2527         <rdar://problem/39986746>
2528
2529         Reviewed by Youenn Fablet.
2530
2531         No new tests, tested manually.
2532
2533         * html/HTMLMediaElement.cpp:
2534         (WebCore::HTMLMediaElement::addPlayedRange): Log as time range.
2535         (WebCore::HTMLMediaElement::visibilityStateChanged): Cleanup.
2536
2537         * platform/graphics/MediaPlayer.h:
2538         (WTF::LogArgument<MediaTime>::toString):
2539         (WTF::LogArgument<MediaTimeRange>::toString):
2540
2541         * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp:
2542         (WebCore::InbandTextTrackPrivateAVF::processAttributedStrings): Log error as time range.
2543
2544 2018-05-04  Zalan Bujtas  <zalan@apple.com>
2545
2546         Use the containing block to compute the pagination gap when the container is inline.
2547         https://bugs.webkit.org/show_bug.cgi?id=184724
2548         <rdar://problem/39521800>
2549
2550         Reviewed by Simon Fraser.
2551
2552         Test: fast/overflow/page-overflow-with-inline-body-crash.html
2553
2554         * page/FrameView.cpp:
2555         (WebCore::FrameView::applyPaginationToViewport):
2556
2557 2018-05-04  Tim Horton  <timothy_horton@apple.com>
2558
2559         Don't use GSFont* in minimal simulator mode
2560         https://bugs.webkit.org/show_bug.cgi?id=185320
2561         <rdar://problem/39734478>
2562
2563         Reviewed by Beth Dakin.
2564
2565         * page/cocoa/MemoryReleaseCocoa.mm:
2566         (WebCore::platformReleaseMemory):
2567
2568 2018-05-04  Chris Dumez  <cdumez@apple.com>
2569
2570         Unreviewed, rolling out r231331.
2571
2572         Caused a few tests to assert
2573
2574         Reverted changeset:
2575
2576         "Stop using an iframe's id as fallback if its name attribute
2577         is not set"
2578         https://bugs.webkit.org/show_bug.cgi?id=11388
2579         https://trac.webkit.org/changeset/231331
2580
2581 2018-05-04  Youenn Fablet  <youenn@apple.com>
2582
2583         Use more references in updateTracksOfType
2584         https://bugs.webkit.org/show_bug.cgi?id=185305
2585
2586         Reviewed by Eric Carlson.
2587
2588         No change of behavior.
2589
2590         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
2591         (WebCore::updateTracksOfType):
2592         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateTracks):
2593
2594 2018-05-04  Myles C. Maxfield  <mmaxfield@apple.com>
2595
2596         Text shaping in the simple path is flipped in the y direction
2597         https://bugs.webkit.org/show_bug.cgi?id=185062
2598         <rdar://problem/39778678>
2599
2600         Reviewed by Simon Fraser.
2601
2602         Shaping in our simple codepath occurs in an "increasing-y-goes-up" coordinate system, but our painting
2603         code uses an "increasing-y-goes-down" coordinate system. We weren't fixing up the coordinate systems
2604         because we never noticed. This is because the simple codepath is only designed for kerning and ligatures,
2605         neither of which move glyphs vertically in the common case.
2606
2607         Test: fast/text/vertical-displacement-simple-codepath.html
2608
2609         * platform/graphics/Font.cpp:
2610         (WebCore::Font::applyTransforms const):
2611         * platform/graphics/WidthIterator.cpp:
2612         (WebCore::WidthIterator::applyFontTransforms):
2613
2614 2018-05-04  Chris Nardi  <cnardi@chromium.org>
2615
2616         Serialize all URLs with double-quotes per CSSOM spec
2617         https://bugs.webkit.org/show_bug.cgi?id=184935
2618
2619         Reviewed by Antti Koivisto.
2620
2621         According to https://drafts.csswg.org/cssom/#serialize-a-url, all URLs should be serialized as strings,
2622         which means they should have double quotes around the text of the URL. Update our implementation to match
2623         this (and Firefox/Chrome). Also remove isCSSTokenizerURL() as this method is no longer needed.
2624
2625         Tests: Many LayoutTests updated to use double quotes.
2626
2627         * css/CSSMarkup.cpp:
2628         (WebCore::serializeString): Remove FIXME as this was already fixed in a previous patch.
2629         (WebCore::serializeURL): Remove FIXME and update implementation.
2630
2631 2018-05-04  Youenn Fablet  <youenn@apple.com>
2632
2633         LayoutTests/fast/mediastream/change-tracks-media-stream-being-played.html is crashing after r231304
2634         https://bugs.webkit.org/show_bug.cgi?id=185303
2635
2636         Reviewed by Eric Carlson.
2637
2638         We need to stop observing the audio track like we do for video track once we are no longer interested in it.
2639         Covered by test no longer crashing.
2640
2641         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
2642         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateTracks):
2643
2644 2018-05-04  Zalan Bujtas  <zalan@apple.com>
2645
2646         [LFC] Set the invalidation root as the result of style change.
2647         https://bugs.webkit.org/show_bug.cgi?id=185301
2648
2649         Reviewed by Antti Koivisto.
2650
2651         Compute/propagate the update type on the ancestor chain and return the invalidation root
2652         so that LayoutContext could use it as the entry point for the next layout frame.
2653
2654         * layout/LayoutContext.cpp:
2655         (WebCore::Layout::LayoutContext::updateLayout):
2656         (WebCore::Layout::LayoutContext::styleChanged):
2657         * layout/LayoutContext.h: order is not important.
2658         * layout/blockformatting/BlockInvalidation.cpp:
2659         (WebCore::Layout::invalidationStopsAtFormattingContextBoundary):
2660         (WebCore::Layout::computeUpdateType):
2661         (WebCore::Layout::computeUpdateTypeForAncestor):
2662         (WebCore::Layout::BlockInvalidation::invalidate):
2663         * layout/blockformatting/BlockInvalidation.h:
2664         * layout/inlineformatting/InlineInvalidation.cpp:
2665         (WebCore::Layout::InlineInvalidation::invalidate):
2666         * layout/inlineformatting/InlineInvalidation.h:
2667
2668 2018-05-04  Youenn Fablet  <youenn@apple.com>
2669
2670         PeerConnection should have its connectionState closed even if doing gathering
2671         https://bugs.webkit.org/show_bug.cgi?id=185267
2672
2673         Reviewed by Darin Adler.
2674
2675         Test: webrtc/addICECandidate-closed.html
2676
2677         In case m_iceConnectionState is closed, m_connectionState should also be set to closed
2678         and RTCPeerConnection should be closed so as to reject any other call.
2679
2680         * Modules/mediastream/RTCPeerConnection.cpp:
2681         (WebCore::RTCPeerConnection::close):
2682         (WebCore::RTCPeerConnection::updateConnectionState):
2683
2684 2018-05-04  Yacine Bandou  <yacine.bandou_ext@softathome.com>
2685
2686         [MSE][GStreamer] Delete properly the stream from the WebKitMediaSource
2687         https://bugs.webkit.org/show_bug.cgi?id=185242
2688
2689         Reviewed by Xabier Rodriguez-Calvar.
2690
2691         When the sourceBuffer is removed from mediasource, the appropriate stream is not
2692         properly deleted from WebKitMediaSource, because the appsrc and parser elements
2693         of the stream are not removed from the WebKitMediaSource bin.
2694
2695         This patch avoids the regression of r231089, see https://bugs.webkit.org/show_bug.cgi?id=185071
2696
2697         * platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamer.cpp:
2698         (webKitMediaSrcFreeStream):
2699
2700 2018-05-04  Carlos Garcia Campos  <cgarcia@igalia.com>
2701
2702         [GTK] Epiphany (GNOME Web) says "Error downloading: Service Unavailable." when trying to download an image from discogs.com
2703         https://bugs.webkit.org/show_bug.cgi?id=174730
2704
2705         Reviewed by Michael Catanzaro.
2706
2707         Export ResourceRequestBase::hasHTTPHeaderField().
2708
2709         * platform/network/ResourceRequestBase.h:
2710
2711 2018-05-03  Yusuke Suzuki  <utatane.tea@gmail.com>
2712
2713         Use subprocess.call instead of os.system to handle path with spaces
2714         https://bugs.webkit.org/show_bug.cgi?id=185291
2715
2716         Reviewed by Darin Adler.
2717
2718         If gperf path includes spaces, these python scripts fail to execute gperf.
2719         We use subprocess module instead of os.system to invoke gperf.
2720
2721         * css/makeSelectorPseudoClassAndCompatibilityElementMap.py:
2722         * css/makeSelectorPseudoElementsMap.py:
2723         * platform/network/create-http-header-name-table:
2724
2725 2018-05-03  Yusuke Suzuki  <utatane.tea@gmail.com>
2726
2727         Unreviewed, attempt to fix WinCairo build failure
2728         https://bugs.webkit.org/show_bug.cgi?id=185218
2729
2730         * platform/text/win/LocaleWin.cpp:
2731         (WebCore::LocaleWin::getLocaleInfoString):
2732
2733 2018-05-03  Filip Pizlo  <fpizlo@apple.com>
2734
2735         Strings should not be allocated in a gigacage
2736         https://bugs.webkit.org/show_bug.cgi?id=185218
2737
2738         Reviewed by Saam Barati.
2739
2740         No new tests because no new behavior.
2741
2742         * Modules/indexeddb/server/IDBSerialization.cpp:
2743         (WebCore::decodeKey):
2744         * bindings/js/SerializedScriptValue.cpp:
2745         (WebCore::CloneDeserializer::readString):
2746         * html/canvas/CanvasRenderingContext2D.cpp:
2747         (WebCore::normalizeSpaces):
2748         * html/parser/HTMLTreeBuilder.cpp:
2749         (WebCore::HTMLTreeBuilder::ExternalCharacterTokenBuffer::takeRemainingWhitespace):
2750         * platform/URLParser.cpp:
2751         (WebCore::percentEncodeByte):
2752         (WebCore::serializeURLEncodedForm):
2753         (WebCore::URLParser::serialize):
2754         * platform/URLParser.h:
2755         * platform/graphics/FourCC.cpp:
2756         (WebCore::FourCC::toString const):
2757         * platform/graphics/ca/GraphicsLayerCA.cpp:
2758         (WebCore::GraphicsLayerCA::ReplicaState::cloneID const):
2759         * platform/text/LocaleICU.cpp:
2760         (WebCore::LocaleICU::decimalSymbol):
2761         (WebCore::LocaleICU::decimalTextAttribute):
2762         (WebCore::getDateFormatPattern):
2763         (WebCore::LocaleICU::createLabelVector):
2764         (WebCore::getFormatForSkeleton):
2765         * platform/win/FileSystemWin.cpp:
2766         (WebCore::FileSystem::getFinalPathName):
2767         (WebCore::FileSystem::pathByAppendingComponent):
2768         (WebCore::FileSystem::storageDirectory):
2769
2770 2018-05-02  Brent Fulgham  <bfulgham@apple.com>
2771
2772         Widgets should hold a WeakPtr to their parents
2773         https://bugs.webkit.org/show_bug.cgi?id=185239
2774         <rdar://problem/39741250>
2775
2776         Reviewed by Zalan Bujtas.
2777
2778         * platform/ScrollView.h:
2779         (WebCore::ScrollView::weakPtrFactory): Added.
2780         * platform/Widget.cpp:
2781         (WebCore::Widget::init): Don't perform an unnecessary assignment.
2782         (WebCore::Widget::setParent): Grab a WeakPtr to the parent ScrollView.
2783         * platform/Widget.h:
2784         (WebCore::Widget::parent const): Change type to a WeakPtr.
2785
2786 2018-05-03  Yusuke Suzuki  <utatane.tea@gmail.com>
2787
2788         Use pointer instead of std::optional<T&>
2789         https://bugs.webkit.org/show_bug.cgi?id=185186
2790
2791         Reviewed by Alex Christensen.
2792
2793         std::optional<T&> is not accepted in C++17 spec.
2794         In this patch, we replace it with T*, which is well-aligned to
2795         WebKit's convention.
2796
2797         * Modules/mediastream/RTCPeerConnection.cpp:
2798         (WebCore::iceServersFromConfiguration):
2799         (WebCore::RTCPeerConnection::initializeConfiguration):
2800         (WebCore::RTCPeerConnection::setConfiguration):
2801         * css/parser/CSSParser.cpp:
2802         (WebCore::CSSParser::parseSystemColor):
2803         * css/parser/CSSParser.h:
2804         * dom/DatasetDOMStringMap.cpp:
2805         (WebCore::DatasetDOMStringMap::item const):
2806         (WebCore::DatasetDOMStringMap::namedItem const):
2807         (WebCore:: const): Deleted.
2808         * dom/DatasetDOMStringMap.h:
2809         * dom/Element.cpp:
2810         (WebCore::Element::insertAdjacentHTML):
2811         * dom/Element.h:
2812         * html/canvas/CanvasStyle.cpp:
2813         (WebCore::parseColor):
2814         * inspector/DOMEditor.cpp:
2815         * platform/network/curl/CurlFormDataStream.cpp:
2816         (WebCore::CurlFormDataStream::getPostData):
2817         (): Deleted.
2818         * platform/network/curl/CurlFormDataStream.h:
2819         * platform/network/curl/CurlRequest.cpp:
2820         (WebCore::CurlRequest::setupPOST):
2821         * testing/MockCDMFactory.cpp:
2822         (WebCore::MockCDMFactory::keysForSessionWithID const):
2823         (WebCore::MockCDMInstance::updateLicense):
2824         (WebCore:: const): Deleted.
2825         * testing/MockCDMFactory.h:
2826
2827 2018-05-03  Chris Dumez  <cdumez@apple.com>
2828
2829         Stop using an iframe's id as fallback if its name attribute is not set
2830         https://bugs.webkit.org/show_bug.cgi?id=11388
2831
2832         Reviewed by Geoff Garen.
2833
2834         WebKit had logic to use an iframe's id as fallback name when its name
2835         content attribute is not set. This behavior was not standard and did not
2836         match other browsers:
2837         - https://html.spec.whatwg.org/#attr-iframe-name
2838
2839         Gecko / Trident never behaved this way. Blink was aligned with us until
2840         they started to match the specification in:
2841         - https://bugs.chromium.org/p/chromium/issues/detail?id=347169
2842
2843         This WebKit quirk was causing some Web-compatibility issues because it
2844         would affect the behavior of Window's name property getter when trying
2845         to look up an iframe by id. Because of Window's named property getter
2846         behavior [1], we would return the frame's contentWindow instead of the
2847         iframe element itself.
2848
2849         [1] https://html.spec.whatwg.org/multipage/window-object.html#named-access-on-the-window-object
2850
2851         Test: fast/dom/Window/named-getter-frame-id.html
2852
2853         * html/HTMLFrameElementBase.cpp:
2854         (WebCore::HTMLFrameElementBase::openURL):
2855         (WebCore::HTMLFrameElementBase::parseAttribute):
2856         (WebCore::HTMLFrameElementBase::didFinishInsertingNode):
2857         * html/HTMLFrameElementBase.h:
2858
2859 2018-05-03  Eric Carlson  <eric.carlson@apple.com>
2860
2861         [iOS] Internal text and audio tracks not in fullscreen menu
2862         https://bugs.webkit.org/show_bug.cgi?id=185268
2863         <rdar://problem/38673440>
2864
2865         Reviewed by Jer Noble.
2866
2867         * platform/cocoa/PlaybackSessionModelMediaElement.mm:
2868         (WebCore::PlaybackSessionModelMediaElement::setMediaElement): 'addtrack' and 'removetrack'
2869         events are fired at the track lists, not the media element.
2870
2871 2018-05-03  Ryosuke Niwa  <rniwa@webkit.org>
2872
2873         Using image map inside a shadow tree results hits a release assert in DocumentOrderedMap::add
2874         https://bugs.webkit.org/show_bug.cgi?id=185238
2875
2876         Reviewed by Antti Koivisto.
2877
2878         The bug was caused by DocumentOrderedMap for the image elements with usemap being stored in Document
2879         even if those image elements were in a shadow tree. Fixed the bug by moving the map to TreeScope.
2880
2881         Test: fast/images/imagemap-in-nested-shadow-tree.html
2882               fast/images/imagemap-in-shadow-tree.html
2883
2884         * dom/Document.cpp:
2885         (WebCore::Document::addImageElementByUsemap): Moved to TreeScope.
2886         (WebCore::Document::removeImageElementByUsemap): Ditto.
2887         (WebCore::Document::imageElementByUsemap const): Ditto.
2888         * dom/Document.h:
2889         * dom/TreeScope.cpp:
2890         (WebCore::TreeScope::destroyTreeScopeData): Clear m_imagesByUsemap as well as m_elementsByName.
2891         (WebCore::TreeScope::getImageMap const): Removed the code to parse usemap. RenderImage::imageMap()
2892         which used to call this function with the raw value of the usemap content attribute now calls it
2893         via HTMLImageElement::associatedMapElement(), which uses the parsed usemap.
2894         (WebCore::TreeScope::addImageElementByUsemap): Moved from Document.
2895         (WebCore::TreeScope::removeImageElementByUsemap): Ditto.
2896         (WebCore::TreeScope::imageElementByUsemap const): Ditto.
2897         * dom/TreeScope.h:
2898         * html/HTMLImageElement.cpp:
2899         (WebCore::HTMLImageElement::parseAttribute):
2900         (WebCore::HTMLImageElement::insertedIntoAncestor): This image element can be associated with a map element
2901         if it's connected to a document.
2902         (WebCore::HTMLImageElement::removedFromAncestor):
2903         (WebCore::HTMLImageElement::associatedMapElement const):
2904         * html/HTMLImageElement.h:
2905         * html/HTMLMapElement.cpp:
2906         (WebCore::HTMLMapElement::imageElement):
2907         * rendering/RenderImage.cpp:
2908         (WebCore::RenderImage::imageMap const):
2909
2910 2018-05-03  Justin Fan  <justin_fan@apple.com>
2911
2912         [WebGL] Add runtime flag for enabling ASTC support in WebGL
2913         https://bugs.webkit.org/show_bug.cgi?id=184840
2914
2915         Reviewed by Myles C. Maxfield.
2916
2917         Added runtime flag for ASTC support in WebGL, to turn on/off when extension is implemented.
2918
2919         * page/RuntimeEnabledFeatures.h:
2920         (WebCore::RuntimeEnabledFeatures::setWebGLCompressedTextureASTCSupportEnabled):
2921         (WebCore::RuntimeEnabledFeatures::webGLCompressedTextureASTCSupportEnabled const):
2922
2923 2018-05-03  Chris Nardi  <cnardi@chromium.org>
2924
2925         Remove [NoInterfaceObject] from DOMRectList
2926         https://bugs.webkit.org/show_bug.cgi?id=185255
2927
2928         Reviewed by Chris Dumez.
2929
2930         In https://github.com/w3c/fxtf-drafts/issues/233, [NoInterfaceObject] was removed
2931         from DOMRectList. Remove it from our implementation to match the spec, as well as
2932         Chrome and Firefox.
2933
2934         Updated web platform tests IDL test for the Geometry spec.
2935
2936         * dom/DOMRectList.idl:
2937
2938 2018-05-03  Chris Dumez  <cdumez@apple.com>
2939
2940         REGRESSION(iOS 11.3): Crashes in TimerBase::~TimerBase() in Tencent x5gamehelper
2941         https://bugs.webkit.org/show_bug.cgi?id=185073
2942         <rdar://problem/39821223>
2943
2944         Reviewed by Alexey Proskuryakov.
2945
2946         The following changes were made:
2947         - Make sure SocketStream callbacks are always scheduled on the right runloop:
2948           WebThreadRunLoop() on WebKitLegacy iOS, loaderRunLoop() on Windows and
2949           main runloop otherwise.
2950         - When the SocketStream callbacks are called, unconditionally call callOnMainThreadAndWait()
2951           before calling methods on the SocketStream client. Previously, this code path
2952           was specific to Windows but there is no reason to have platform-specific code here.
2953           callOnMainThreadAndWait() calls the function right away if we're already on the main
2954           thread, which will be the case on other platform than Windows.
2955
2956         * platform/network/cf/SocketStreamHandleImplCFNet.cpp:
2957         (WebCore::callbacksRunLoop):
2958         (WebCore::callbacksRunLoopMode):
2959         (WebCore::SocketStreamHandleImpl::scheduleStreams):
2960         (WebCore::SocketStreamHandleImpl::pacExecutionCallback):
2961         (WebCore::SocketStreamHandleImpl::executePACFileURL):
2962         (WebCore::SocketStreamHandleImpl::removePACRunLoopSource):
2963         (WebCore::SocketStreamHandleImpl::readStreamCallback):
2964         (WebCore::SocketStreamHandleImpl::writeStreamCallback):
2965         (WebCore::SocketStreamHandleImpl::platformClose):
2966
2967 2018-05-03  Zalan Bujtas  <zalan@apple.com>
2968
2969         [LFC] Enable multiple layout roots for incremental layout.
2970         https://bugs.webkit.org/show_bug.cgi?id=185185
2971
2972         Reviewed by Antti Koivisto.
2973
2974         With certain type of style changes, we can stop the box invalidation at the formatting context boundary.
2975         When multiple boxes need updating in different formatting contexts, instead of marking the parent containing block chain all
2976         the way up to a common ancestor, we could just work with a list of layout entry points per layout frame.
2977
2978         * layout/FormattingState.h:
2979         * layout/LayoutContext.cpp:
2980         (WebCore::Layout::LayoutContext::updateLayout):
2981         (WebCore::Layout::LayoutContext::addLayoutEntryPoint):
2982         * layout/LayoutContext.h:
2983
2984 2018-05-03  Zalan Bujtas  <zalan@apple.com>
2985
2986         [LFC] Box invalidation logic should go to dedicated classes.
2987         https://bugs.webkit.org/show_bug.cgi?id=185249
2988
2989         Reviewed by Antti Koivisto.
2990
2991         Each formatting context can initiate a different type of invalidation when
2992         style attribute changes in a box.
2993
2994         * Sources.txt:
2995         * WebCore.xcodeproj/project.pbxproj:
2996         * layout/FormattingState.cpp:
2997         (WebCore::Layout::FormattingState::FormattingState):
2998         * layout/FormattingState.h:
2999         (WebCore::Layout::FormattingState::isBlockFormattingState const):
3000         (WebCore::Layout::FormattingState::isInlineFormattingState const):
3001         * layout/LayoutContext.cpp:
3002         (WebCore::Layout::LayoutContext::styleChanged):
3003         (WebCore::Layout::LayoutContext::markNeedsUpdate):
3004         * layout/LayoutContext.h:
3005         * layout/blockformatting/BlockFormattingState.cpp:
3006         (WebCore::Layout::BlockFormattingState::BlockFormattingState):
3007         * layout/blockformatting/BlockFormattingState.h:
3008         * layout/blockformatting/BlockInvalidation.cpp: Copied from Source/WebCore/layout/blockformatting/BlockFormattingState.cpp.
3009         (WebCore::Layout::BlockInvalidation::invalidate):
3010         * layout/blockformatting/BlockInvalidation.h: Copied from Source/WebCore/layout/inlineformatting/InlineFormattingState.h.
3011         * layout/inlineformatting/InlineFormattingState.cpp:
3012         (WebCore::Layout::InlineFormattingState::InlineFormattingState):
3013         * layout/inlineformatting/InlineFormattingState.h:
3014         * layout/inlineformatting/InlineInvalidation.cpp: Copied from Source/WebCore/layout/inlineformatting/InlineFormattingState.cpp.
3015         (WebCore::Layout::InlineInvalidation::invalidate):
3016         * layout/inlineformatting/InlineInvalidation.h: Copied from Source/WebCore/layout/blockformatting/BlockFormattingState.h.
3017
3018 2018-05-03  Michael Catanzaro  <mcatanzaro@igalia.com>
3019
3020         WebKit should send fake macOS user agent to docs.google.com
3021         https://bugs.webkit.org/show_bug.cgi?id=185165
3022
3023         Reviewed by Carlos Garcia Campos.
3024
3025         * platform/UserAgentQuirks.cpp:
3026         (WebCore::urlRequiresMacintoshPlatform):
3027         (WebCore::urlRequiresLinuxDesktopPlatform):
3028
3029 2018-05-03  Commit Queue  <commit-queue@webkit.org>
3030
3031         Unreviewed, rolling out r231223 and r231288.
3032         https://bugs.webkit.org/show_bug.cgi?id=185256
3033
3034         The change in r231223 breaks internal builds, and r231288 is a
3035         dependent change. (Requested by ryanhaddad on #webkit).
3036
3037         Reverted changesets:
3038
3039         "Use default std::optional if it is provided"
3040         https://bugs.webkit.org/show_bug.cgi?id=185159
3041         https://trac.webkit.org/changeset/231223
3042
3043         "Use pointer instead of
3044         std::optional<std::reference_wrapper<>>"
3045         https://bugs.webkit.org/show_bug.cgi?id=185186
3046         https://trac.webkit.org/changeset/231288
3047
3048 2018-05-03  Ryan Haddad  <ryanhaddad@apple.com>
3049
3050         Unreviewed, rolling out r231253.
3051
3052         The API test added with this change is crashing on the bots.
3053
3054         Reverted changeset:
3055
3056         "Web Inspector: opt out of process swap on navigation if a Web
3057         Inspector frontend is connected"
3058         https://bugs.webkit.org/show_bug.cgi?id=184861
3059         https://trac.webkit.org/changeset/231253
3060
3061 2018-05-03  Youenn Fablet  <youenn@apple.com>
3062
3063         A MediaStream being played should allow removing some of its tracks
3064         https://bugs.webkit.org/show_bug.cgi?id=185233
3065
3066         Reviewed by Eric Carlson.
3067
3068         Update the tracks out of the for loop.
3069         Test: fast/mediastream/change-tracks-media-stream-being-played.html
3070
3071         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
3072         (WebCore::updateTracksOfType):
3073
3074 2018-05-03  Miguel Gomez  <magomez@igalia.com>
3075
3076         WebCore::TextureMapperLayer object used after freed
3077         https://bugs.webkit.org/show_bug.cgi?id=184729
3078
3079         Reviewed by Michael Catanzaro.
3080
3081         Replace the raw pointers with WeakPtr for effectTarget, maskLayer and replicaLayer
3082         inside TextureMapperLayer.
3083
3084         * platform/graphics/texmap/TextureMapperLayer.cpp:
3085         (WebCore::TextureMapperLayer::~TextureMapperLayer):
3086         (WebCore::TextureMapperLayer::setMaskLayer):
3087         (WebCore::TextureMapperLayer::setReplicaLayer):
3088         * platform/graphics/texmap/TextureMapperLayer.h:
3089
3090 2018-05-03  Basuke Suzuki  <Basuke.Suzuki@sony.com>
3091
3092         [Curl] Add OpenSSL/LibreSSL multi-threading support
3093         https://bugs.webkit.org/show_bug.cgi?id=185138
3094
3095         The older OpenSSL manual says the locking_function and threadid_function should
3096         be set when use it in multi-threading environment. This applies to LibreSSL also.
3097         https://www.openssl.org/docs/man1.0.2/crypto/threads.html
3098
3099         For unix and other similar os, the default threadId_function implementation is
3100         good enough. We'll set custom callback only for Windows OS.
3101
3102         Note it's not required for OpenSSL 1.1.0 and after.
3103         https://www.openssl.org/blog/blog/2017/02/21/threads/
3104
3105         Reviewed by Per Arne Vollan.
3106
3107         * platform/network/curl/CurlSSLHandle.cpp:
3108         (WebCore::CurlSSLHandle::CurlSSLHandle):
3109         (WebCore::CurlSSLHandle::ThreadSupport::ThreadSupport):
3110         (WebCore::CurlSSLHandle::ThreadSupport::lockingCallback):
3111         (WebCore::CurlSSLHandle::ThreadSupport::threadIdCallback):
3112         * platform/network/curl/CurlSSLHandle.h:
3113         (WebCore::CurlSSLHandle::ThreadSupport::setup):
3114         (WebCore::CurlSSLHandle::ThreadSupport::singleton):
3115         (WebCore::CurlSSLHandle::ThreadSupport::lock):
3116         (WebCore::CurlSSLHandle::ThreadSupport::unlock):
3117
3118 2018-05-02  Ryosuke Niwa  <rniwa@webkit.org>
3119
3120         Remove superfluous check for a null attribute value check in Element::removeAttributeInternal
3121         https://bugs.webkit.org/show_bug.cgi?id=185227
3122
3123         Reviewed by Chris Dumez.
3124
3125         Removed the check. The attribute value string can never be null.
3126
3127         * dom/Element.cpp:
3128         (WebCore::Element::removeAttributeInternal):
3129
3130 2018-05-02  Zalan Bujtas  <zalan@apple.com>
3131
3132         [LFC] Implement LayoutContext::createDisplayBox
3133         https://bugs.webkit.org/show_bug.cgi?id=185158
3134
3135         Reviewed by Antti Koivisto.
3136
3137         Now compute*() functions take both the const layout and the corresponding non-const display boxes.
3138         Display boxes are owned by the LayoutContext and they don't form a tree structure (only implicitly through the layout tree).
3139         (This might need to change in the future if we decide to arrange them in some sort of painting order)
3140
3141         * layout/FloatingContext.cpp:
3142         (WebCore::Layout::FloatingContext::computePosition):
3143         * layout/FloatingContext.h:
3144         * layout/FormattingContext.cpp:
3145         (WebCore::Layout::FormattingContext::computeStaticPosition const):
3146         (WebCore::Layout::FormattingContext::computeInFlowPositionedPosition const):
3147         (WebCore::Layout::FormattingContext::computeOutOfFlowPosition const):
3148         (WebCore::Layout::FormattingContext::computeWidth const):
3149         (WebCore::Layout::FormattingContext::computeHeight const):
3150         (WebCore::Layout::FormattingContext::computeOutOfFlowWidth const):
3151         (WebCore::Layout::FormattingContext::computeFloatingWidth const):
3152         (WebCore::Layout::FormattingContext::computeOutOfFlowHeight const):
3153         (WebCore::Layout::FormattingContext::computeFloatingHeight const):
3154         * layout/FormattingContext.h:
3155         * layout/LayoutContext.cpp:
3156         (WebCore::Layout::LayoutContext::createDisplayBox):
3157         * layout/LayoutContext.h:
3158         (WebCore::Layout::LayoutContext::displayBoxForLayoutBox const):
3159         * layout/blockformatting/BlockFormattingContext.cpp:
3160         (WebCore::Layout::BlockFormattingContext::layout const):
3161         (WebCore::Layout::BlockFormattingContext::computeStaticPosition const):
3162         (WebCore::Layout::BlockFormattingContext::computeInFlowWidth const):
3163         (WebCore::Layout::BlockFormattingContext::computeInFlowHeight const):
3164         * layout/blockformatting/BlockFormattingContext.h:
3165         * layout/displaytree/DisplayBox.h:
3166         (WebCore::Display::Box::parent const): Deleted.
3167         (WebCore::Display::Box::nextSibling const): Deleted.
3168         (WebCore::Display::Box::previousSibling const): Deleted.
3169         (WebCore::Display::Box::firstChild const): Deleted.
3170         (WebCore::Display::Box::lastChild const): Deleted.
3171         (WebCore::Display::Box::setParent): Deleted.
3172         (WebCore::Display::Box::setNextSibling): Deleted.
3173         (WebCore::Display::Box::setPreviousSibling): Deleted.
3174         (WebCore::Display::Box::setFirstChild): Deleted.
3175         (WebCore::Display::Box::setLastChild): Deleted.
3176         (): Deleted.
3177         * layout/inlineformatting/InlineFormattingContext.cpp:
3178         (WebCore::Layout::InlineFormattingContext::computeInFlowWidth const):
3179         (WebCore::Layout::InlineFormattingContext::computeInFlowHeight const):
3180         * layout/inlineformatting/InlineFormattingContext.h:
3181
3182 2018-05-02  Said Abou-Hallawa  <sabouhallawa@apple.com>
3183
3184         Hiding then showing an <object> of type image makes the underlaying image disappear
3185         https://bugs.webkit.org/show_bug.cgi?id=185216
3186         <rdar://problem/39055630>
3187
3188         Reviewed by Youenn Fablet.
3189
3190         Ensure the HTMLPlugInImageElement updates the RenderImageResource of its
3191         RenderImage with the CachedImage of its ImageLoader when the RenderImage
3192         is recreated.
3193
3194         Test: fast/images/object-image-hide-show.html
3195
3196         * html/HTMLPlugInImageElement.cpp:
3197         (WebCore::HTMLPlugInImageElement::didAttachRenderers):
3198         This is very similar to what we do in HTMLImageElement::didAttachRenderers().
3199
3200
3201 2018-05-02  Brent Fulgham  <bfulgham@apple.com>
3202
3203         Use RetainPtr for form input type
3204         https://bugs.webkit.org/show_bug.cgi?id=185210
3205         <rdar://problem/39734040>
3206
3207         Reviewed by Ryosuke Niwa.
3208
3209         Refactor our HTMLInputElement class to store its InputType member as a RefPtr.
3210
3211         Test: fast/forms/access-key-mutation-2.html.
3212
3213         * html/HTMLInputElement.cpp:
3214         (WebCore::HTMLInputElement::HTMLInputElement):
3215         (WebCore::HTMLInputElement::didAddUserAgentShadowRoot):
3216         (WebCore::HTMLInputElement::accessKeyAction):
3217         (WebCore::HTMLInputElement::parseAttribute):
3218         (WebCore::HTMLInputElement::appendFormData):
3219         * html/HTMLInputElement.h:
3220         * html/InputType.cpp:
3221         (WebCore::createInputType):
3222         (WebCore::InputType::create):
3223         (WebCore::InputType::createText):
3224         * html/InputType.h:
3225
3226 2018-05-01  Yusuke Suzuki  <utatane.tea@gmail.com>
3227
3228         Use pointer instead of std::optional<std::reference_wrapper<>>
3229         https://bugs.webkit.org/show_bug.cgi?id=185186
3230
3231         Reviewed by Alex Christensen.
3232
3233         std::optional<T&> is not accepted in C++17 spec. So we replaced it
3234         with std::optional<std::reference_wrapper<T>>.
3235
3236         In this patch, we replace it with T*, which is well-aligned to
3237         WebKit's convention.
3238
3239         * Modules/mediastream/RTCPeerConnection.cpp:
3240         (WebCore::iceServersFromConfiguration):
3241         (WebCore::RTCPeerConnection::initializeConfiguration):
3242         (WebCore::RTCPeerConnection::setConfiguration):
3243         * css/parser/CSSParser.cpp:
3244         (WebCore::CSSParser::parseSystemColor):
3245         * css/parser/CSSParser.h:
3246         * dom/DatasetDOMStringMap.cpp:
3247         (WebCore::DatasetDOMStringMap::item const):
3248         (WebCore::DatasetDOMStringMap::namedItem const):
3249         * dom/DatasetDOMStringMap.h:
3250         * dom/Element.cpp:
3251         (WebCore::Element::insertAdjacentHTML):
3252         * dom/Element.h:
3253         * html/canvas/CanvasStyle.cpp:
3254         (WebCore::parseColor):
3255         * inspector/DOMEditor.cpp:
3256         * platform/network/curl/CurlFormDataStream.cpp:
3257         (WebCore::CurlFormDataStream::getPostData):
3258         * platform/network/curl/CurlFormDataStream.h:
3259         * platform/network/curl/CurlRequest.cpp:
3260         (WebCore::CurlRequest::setupPOST):
3261         * testing/MockCDMFactory.cpp:
3262         (WebCore::MockCDMFactory::keysForSessionWithID const):
3263         (WebCore::MockCDMInstance::updateLicense):
3264         * testing/MockCDMFactory.h:
3265
3266 2018-05-02  Keith Rollin  <krollin@apple.com>
3267
3268         Add facility for tracking times and results of page and resource loading
3269         https://bugs.webkit.org/show_bug.cgi?id=184838
3270         <rdar://problem/36548974>
3271
3272         Reviewed by Brent Fulgham.
3273
3274         Update FrameProgressTracker to send the necessary page load start/stop
3275         signals so that we can track the entire page load at a network level.
3276         Add an empty override of the pure virtual
3277         LoaderStrategy::pageLoadCompleted method.
3278
3279         No new tests. There is no testable effect from these changes. On
3280         Cocoa, measurable changes take place in another (non-WebKit) process.
3281         On non-Cocoa systems, this facility is currently disabled.
3282
3283         * loader/FrameLoader.cpp:
3284         (WebCore::FrameLoader::FrameProgressTracker::progressCompleted):
3285         * loader/LoaderStrategy.h:
3286
3287 2018-05-02  Aditya Keerthi  <akeerthi@apple.com>
3288
3289         Can't copy and paste URLs that have no title into Mail (macOS)
3290         https://bugs.webkit.org/show_bug.cgi?id=185205
3291         <rdar://problem/36352406>
3292
3293         Reviewed by Tim Horton.
3294
3295         The pasteboardURL generated has an empty title for URLs without titles. Currently, the pasteboardURL.title is being saved to the pasteboard.
3296
3297         To fix the error, we check whether the title is empty and instead save the lastPathComponent to the pasteboard. This matches current behavior as the fallback title.
3298
3299         Augmented WebKitLegacy.ContextMenuCanCopyURL test
3300
3301         * platform/mac/PasteboardMac.mm:
3302         (WebCore::writeURLForTypes):
3303
3304 2018-05-01  Ryosuke Niwa  <rniwa@webkit.org>
3305
3306         REGRESSION(r225868): Release assert when removing an SVGUseElement from Document::m_svgUseElements
3307         https://bugs.webkit.org/show_bug.cgi?id=182188
3308         <rdar://problem/36689240>
3309
3310         Reviewed by Antti Koivisto.
3311
3312         Fixed the crash by removing up the release assert.
3313
3314         The crash is likely caused by re-entrancy to Document::resolveStyle during SVGUseElement::updateShadowTree.
3315         Because Document::resolveStyle invokes updateShadowTree on SVG use elements in Document::m_svgUseElements
3316         without clearing the map, the nested call to resolveStyle ends up calling updateShadowTree() for all elements
3317         in m_svgUseElements and removing them all from the map. When the stack frame eventually comes back to the outer
3318         invocation of Document::resolveStyle, updateShadowTree gets invoked for the second time on SVG use elements
3319         whose shadow tree had already been updated within the inner invocation to updateShadowTree, and release-asserts.
3320
3321         There is an alternative fix: avoid calling updateShadowTree on a svg element when shadowTreeNeedsUpdate returns
3322         true on the element in resolveStyle. However, removing the release assert is a sure way to fix the crash so
3323         this patch opts for that fix instead especially since we don't have any reproducible test case for this crash.
3324
3325         This release assertion was added in r225868 as a cautious measure to catch any use-after-frees of SVGUseElement's
3326         since m_svgUseElements stored raw pointes to SVG use elements but this crash is not an indicative of any UAF,
3327         and there is no evidence that r225868 has led to new UAFs even after five months.
3328
3329         No new tests. I couldn't find a way to trigger a nested style update inside SVGUseElement::updateShadowTree.
3330
3331         * dom/Document.cpp:
3332         (WebCore::Document::removeSVGUseElement):
3333
3334 2018-05-02  Dirk Schulze  <dschulze@chromium.org>
3335
3336         getCharNumAtPosition should take DOMPointInit as argument
3337         https://bugs.webkit.org/show_bug.cgi?id=184695
3338
3339         Reviewed by Antti Koivisto.
3340
3341         Extend existing tests for getCharNumAtPosition.
3342
3343         * svg/SVGTextContentElement.cpp:
3344         (WebCore::SVGTextContentElement::getCharNumAtPosition):
3345         * svg/SVGTextContentElement.h:
3346         * svg/SVGTextContentElement.idl: Use DOMPointInit argument.
3347
3348 2018-05-02  Youenn Fablet  <youenn@apple.com>
3349
3350         Use NetworkLoadChecker for navigation loads
3351         https://bugs.webkit.org/show_bug.cgi?id=184892
3352         <rdar://problem/39652686>
3353
3354         Reviewed by Chris Dumez.
3355
3356         Sanitize headers according response tainting.
3357         If tainting is basic, it means same origin load in which case we only filter Cookie related headers.
3358         If tainting is Opaque, we filter all uncommon headers.
3359         If tainting is CORS, we filter all uncommon headers except the one explicitely allowed by CORS headers.
3360         Covered by updated test.
3361
3362         * platform/network/ResourceResponseBase.cpp:
3363         (WebCore::ResourceResponseBase::sanitizeHTTPHeaderFieldsAccordingToTainting):
3364         (WebCore::ResourceResponseBase::sanitizeHTTPHeaderFields):
3365         * platform/network/ResourceResponseBase.h:
3366
3367 2018-05-02  Myles C. Maxfield  <mmaxfield@apple.com>
3368
3369         Collection fragment identifiers don't use PostScript names
3370         https://bugs.webkit.org/show_bug.cgi?id=184624
3371         <rdar://problem/39432089>
3372
3373         Reviewed by Simon Fraser.
3374
3375         In a previous version of the CSS Fonts spec, there was text saying that items in font collections
3376         should be 1-indexed (so the first item would be MyFonts.ttc#1). However, this is unfortunate because
3377         inserting an item into the middle of a collection would throw off all content that uses the file.
3378         Instead, the spec has since changed to use PostScript names (so the content instead would say
3379         MyFonts.ttc#MyFont-Regular).
3380
3381         Test: fast/text/font-collection.html
3382
3383         * css/CSSFontFaceSource.cpp:
3384         (WebCore::CSSFontFaceSource::load):
3385         * loader/cache/CachedFont.cpp:
3386         (WebCore::CachedFont::calculateItemInCollection const):
3387         (WebCore::CachedFont::ensureCustomFontData):
3388         (WebCore::CachedFont::createCustomFontData):
3389         (WebCore::CachedFont::calculateIndex const): Deleted.
3390         * loader/cache/CachedFont.h:
3391         * platform/graphics/mac/FontCustomPlatformData.cpp:
3392         (WebCore::createFontCustomPlatformData):
3393         * platform/graphics/mac/FontCustomPlatformData.h:
3394
3395 2018-05-02  Brian Burg  <bburg@apple.com>
3396
3397         Web Inspector: opt out of process swap on navigation if a Web Inspector frontend is connected
3398         https://bugs.webkit.org/show_bug.cgi?id=184861
3399         <rdar://problem/39153768>
3400
3401         Reviewed by Ryosuke Niwa.
3402
3403         Notify the client of the current connection count whenever a frontend connects or disconnects.
3404
3405         Covered by new API test.
3406
3407         * inspector/InspectorClient.h:
3408         (WebCore::InspectorClient::frontendCountChanged):
3409         * inspector/InspectorController.cpp:
3410         (WebCore::InspectorController::connectFrontend):
3411         (WebCore::InspectorController::disconnectFrontend):
3412         (WebCore::InspectorController::disconnectAllFrontends):
3413         * inspector/InspectorController.h:
3414
3415 2018-05-02  Carlos Alberto Lopez Perez  <clopez@igalia.com>
3416
3417         [GStreamer] Remove unneeded include of gstgldisplay_wayland.h after r228866 and r229022
3418         https://bugs.webkit.org/show_bug.cgi?id=185207
3419
3420         Reviewed by Michael Catanzaro.
3421
3422         Remove unneeded include of gstgldisplay_wayland.h
3423
3424         No new tests, no change in behaviour.
3425
3426         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
3427
3428 2018-05-02  Chris Dumez  <cdumez@apple.com>
3429
3430         document.open() event listener removal is not immediate
3431         https://bugs.webkit.org/show_bug.cgi?id=185191
3432
3433         Reviewed by Darin Adler.
3434
3435         We need to make sure we set the 'wasremoved' flag on RegisteredEventListeners
3436         whenever they get removed from the EventListenerMap. We were doing so correctly
3437         in EventListenerMap:remove() but not EventListenerMap::clear(). This patch
3438         updates clear() accordingly.
3439
3440         The reason we need to set this flag is that RegisteredEventListeners is RefCounted
3441         and EventTarget::fireEventListeners() may be currently running and calling
3442         each listener one by one, holding a reference to all listener of a given event.
3443
3444         Test: fast/dom/Document/document-open-removes-all-listeners.html
3445
3446         * dom/EventListenerMap.cpp:
3447         (WebCore::EventListenerMap::clear):
3448
3449 2018-05-02  Zalan Bujtas <zalan@apple.com>
3450
3451         Use WeakPtr in GridCell
3452         https://bugs.webkit.org/show_bug.cgi?id=185180
3453         <rdar://problem/39432165>
3454
3455         Reviewed by Antti Koivisto.
3456
3457         Since GridCell does not own the renderers, it should
3458         construct weak pointers.
3459
3460         Unable to create a reliably reproducible test case.
3461
3462         * rendering/Grid.cpp:
3463         (WebCore::Grid::insert):
3464         (WebCore::GridIterator::nextGridItem):
3465         * rendering/Grid.h:
3466         * rendering/RenderGrid.cpp:
3467         (WebCore::RenderGrid::firstLineBaseline const):
3468
3469 2018-05-02  Eric Carlson  <eric.carlson@apple.com>
3470
3471         [iOS] Provide audio route information when invoking AirPlay picker
3472         https://bugs.webkit.org/show_bug.cgi?id=185199
3473         <rdar://problem/39853103>
3474
3475         Reviewed by Jer Noble.
3476
3477         No new tests, this requires a specific hardware setup.
3478
3479         * dom/Document.cpp:
3480         (WebCore::Document::showPlaybackTargetPicker): Pass route sharing policy and routing context UID.
3481         * dom/Document.h:
3482
3483         * html/MediaElementSession.cpp:
3484         (WebCore::MediaElementSession::showPlaybackTargetPicker): Ditto.
3485
3486         * loader/EmptyClients.h:
3487         * page/ChromeClient.h:
3488
3489         * page/Page.cpp:
3490         (WebCore::Page::showPlaybackTargetPicker): Ditto.
3491         * page/Page.h:
3492
3493         * platform/audio/AudioSession.cpp:
3494         (WebCore::AudioSession::routeSharingPolicy const): Empty implementation for non-iOS ports.
3495         (WebCore::routingContextUID const): Ditto.
3496         * platform/audio/AudioSession.h:
3497
3498         * platform/audio/ios/AudioSessionIOS.mm:
3499         (WebCore::AudioSession::routeSharingPolicy const): Return the route sharing policy.
3500         (WebCore::AudioSession::routingContextUID const): Return the route context UID.
3501
3502 2018-05-02  Dean Jackson  <dino@apple.com>
3503
3504         Draw SystemPreview badge to specification on iOS
3505         https://bugs.webkit.org/show_bug.cgi?id=185203
3506         <rdar://problem/39908855>
3507
3508         Reviewed by Tim Horton.
3509
3510         Use CoreImage to render a badge with a blurred background,
3511         at particular sizes.
3512
3513         This will be tested internally while we're getting artwork
3514         from WebKitAdditions.
3515
3516         * Configurations/WebCore.xcconfig: Link against CoreImage.
3517         * rendering/RenderThemeIOS.h:
3518         * rendering/RenderThemeIOS.mm:
3519         (WebCore::RenderThemeIOS::paintSystemPreviewBadge): New function
3520         in the iOS platform RenderTheme that draws the system preview.
3521
3522 2018-05-01  Brent Fulgham  <bfulgham@apple.com>
3523
3524         Prevent Debug ASSERT when changing forms
3525         https://bugs.webkit.org/show_bug.cgi?id=185173
3526         <rdar://problem/39738669>
3527
3528         Reviewed by Ryosuke Niwa.
3529
3530         Form submission could trigger a debug assertion during validation when
3531         a form is changed during an input submission. Fix this by cleaning up
3532         the event handling logic and make it more consistent with modern WebKit
3533         coding style.
3534
3535         Test: fast/forms/form-submission-crash-3.html
3536
3537         * html/HTMLButtonElement.cpp:
3538         (WebCore::HTMLButtonElement::defaultEventHandler): Make sure layout runs before
3539         attempting to perform event handling.
3540         * html/HTMLFormElement.cpp:
3541         (WebCore::HTMLFormElement::reportValidity): Ditto.
3542         (WebCore::HTMLFormElement::validateInteractively): Remove call to perform layout here,
3543         since we expect this to happen earlier in the layout pass. Add an assertion that the
3544         tree is not dirty.
3545         * html/ImageInputType.cpp:
3546         (WebCore::ImageInputType::handleDOMActivateEvent): Make sure layout runs before
3547         attempting to perform event handling.
3548         * html/SubmitInputType.cpp:
3549         (WebCore::SubmitInputType::handleDOMActivateEvent): Ditto.
3550
3551 2018-05-02  Jer Noble  <jer.noble@apple.com>
3552
3553         Unreviewed; address review comments made before landing r231231.
3554
3555         * platform/ios/WebVideoFullscreenControllerAVKit.mm:
3556         (VideoFullscreenControllerContext::volume const):
3557
3558 2018-05-02  Jer Noble  <jer.noble@apple.com>
3559
3560         Pipe volume through PlaybackSessionManager/Proxy.
3561         https://bugs.webkit.org/show_bug.cgi?id=185182
3562
3563         Reviewed by Eric Carlson.
3564
3565         Add support for the volume property to PlaybackSessionModel, and all its clients.
3566
3567         * platform/cocoa/PlaybackSessionModel.h:
3568         (WebCore::PlaybackSessionModelClient::volumeChanged):
3569         * platform/cocoa/PlaybackSessionModelMediaElement.h:
3570         * platform/cocoa/PlaybackSessionModelMediaElement.mm:
3571         (WebCore::PlaybackSessionModelMediaElement::updateForEventName):
3572         (WebCore::PlaybackSessionModelMediaElement::setVolume):
3573         (WebCore::PlaybackSessionModelMediaElement::volume const):
3574         * platform/ios/PlaybackSessionInterfaceAVKit.h:
3575         * platform/ios/PlaybackSessionInterfaceAVKit.mm:
3576         (WebCore::PlaybackSessionInterfaceAVKit::volumeChanged):
3577         * platform/ios/WebAVPlayerController.h:
3578         * platform/ios/WebAVPlayerController.mm:
3579         (-[WebAVPlayerController volume]):
3580         (-[WebAVPlayerController setVolume:]):
3581         (-[WebAVPlayerController volumeChanged:]):
3582         (-[WebAVPlayerController resetMediaState]):
3583         * platform/ios/WebVideoFullscreenControllerAVKit.mm:
3584         (VideoFullscreenControllerContext::volumeChanged):
3585         (VideoFullscreenControllerContext::volume const):
3586         (VideoFullscreenControllerContext::setVolume):
3587
3588 2018-05-01  Yusuke Suzuki  <utatane.tea@gmail.com>
3589
3590         Unreviewed, fix build in WinCairo
3591         https://bugs.webkit.org/show_bug.cgi?id=185169
3592
3593         * bindings/js/JSDOMWindowBase.cpp:
3594         (WebCore::JSDOMWindowBase::instantiateStreaming):
3595         * bindings/js/JSDOMWindowBase.h:
3596
3597 2018-05-01  Yusuke Suzuki  <utatane.tea@gmail.com>
3598
3599         Use default std::optional if it is provided
3600         https://bugs.webkit.org/show_bug.cgi?id=185159
3601
3602         Reviewed by JF Bastien.
3603
3604         * Modules/mediastream/RTCPeerConnection.cpp:
3605         (WebCore::iceServersFromConfiguration):
3606         (WebCore::RTCPeerConnection::setConfiguration):
3607         * css/parser/CSSParser.cpp:
3608         (WebCore::CSSParser::parseSystemColor):
3609         * css/parser/CSSParser.h:
3610         * dom/DatasetDOMStringMap.cpp:
3611         (WebCore::DatasetDOMStringMap::item const):
3612         (WebCore::DatasetDOMStringMap::namedItem const):
3613         (WebCore:: const): Deleted.
3614         * dom/DatasetDOMStringMap.h:
3615         * dom/Element.cpp:
3616         (WebCore::Element::insertAdjacentHTML):
3617         * dom/Element.h:
3618         * inspector/DOMEditor.cpp:
3619         * platform/network/curl/CurlFormDataStream.cpp:
3620         (WebCore::CurlFormDataStream::getPostData):
3621         (): Deleted.
3622         * platform/network/curl/CurlFormDataStream.h:
3623         * testing/MockCDMFactory.cpp:
3624         (WebCore::MockCDMFactory::keysForSessionWithID const):
3625         (WebCore::MockCDMInstance::updateLicense):
3626         (WebCore:: const): Deleted.
3627         * testing/MockCDMFactory.h:
3628
3629 2018-05-01  Chris Dumez  <cdumez@apple.com>
3630
3631         Add release assertions in CFNetwork's SocketStreamHandleImpl to help debug a threading issue
3632         https://bugs.webkit.org/show_bug.cgi?id=185181
3633
3634         Reviewed by Geoffrey Garen.
3635
3636         Add release assertions in CFNetwork's SocketStreamHandleImpl to help debug a threading issue
3637         on iOS WebKitLegacy (Bug 185073). It appears readStreamCallback() can get called on the UIThread,
3638         which should not be possible if scheduleStreams() was called on the WebThread, as it is supposed
3639         to. The new release assertion in scheduleStreams() should tell us if somebody is calling it from
3640         the UIthread instead of the WebThread on iOS WebKitLegacy.
3641
3642         * platform/network/cf/SocketStreamHandleImplCFNet.cpp:
3643         (WebCore::SocketStreamHandleImpl::scheduleStreams):
3644         (WebCore::SocketStreamHandleImpl::readStreamCallback):
3645
3646 2018-05-01  Wenson Hsieh  <wenson_hsieh@apple.com>
3647
3648         Unreviewed, remove an unused variable in RuntimeEnabledFeatures.h
3649
3650         * page/RuntimeEnabledFeatures.h:
3651
3652 2018-05-01  Oleksandr Skachkov  <gskachkov@gmail.com>
3653
3654         Fix build error after r231194
3655         https://bugs.webkit.org/show_bug.cgi?id=185169
3656
3657         Reviewed by JF Bastien.
3658
3659         Prevent compile error in iOS Simulator debug build
3660         by tagging function
3661
3662         * bindings/js/JSDOMWindowBase.cpp:
3663         (WebCore::JSDOMWindowBase::compileStreaming):
3664         (WebCore::JSDOMWindowBase::instantiateStreaming):
3665
3666 2018-05-01  Oleksandr Skachkov  <gskachkov@gmail.com>
3667
3668         WebAssembly: add support for stream APIs - JavaScript API
3669         https://bugs.webkit.org/show_bug.cgi?id=183442
3670
3671         Reviewed by Yusuke Suzuki and JF Bastien.
3672
3673         Add WebAssembly streaming API to WebCore.
3674
3675         * Configurations/FeatureDefines.xcconfig:
3676         * bindings/js/JSDOMWindowBase.cpp:
3677         (WebCore::tryAllocate):
3678         (WebCore::isResponseCorrect):
3679         (WebCore::handleResponseOnStreamingAction):
3680         (WebCore::JSDOMWindowBase::compileStreaming):
3681         (WebCore::JSDOMWindowBase::instantiateStreaming):
3682         * bindings/js/JSDOMWindowBase.h:
3683         * bindings/js/JSRemoteDOMWindowBase.cpp:
3684         * bindings/js/JSWorkerGlobalScopeBase.cpp:
3685
3686 2018-04-30  Myles C. Maxfield  <mmaxfield@apple.com>
3687
3688         Improve the performance of FontCascadeDescription's effectiveFamilies
3689         https://bugs.webkit.org/show_bug.cgi?id=184720
3690         <rdar://problem/38970927>
3691
3692         Reviewed by Simon Fraser.
3693
3694         The page that had the performance problem renders many different Chinese characters in system-ui
3695         with only a small number of individual fonts. It turns out we were calling into the system-ui
3696         machinery for each character in order to opportunistically start loading data URLs (see also:
3697         https://bugs.webkit.org/show_bug.cgi?id=175845). These data URLS will never represent the system
3698         font, so we don't need to invoke the system-ui machinery at all.
3699
3700         This patch makes a 92x performance improvement on the associated performance test. This test is
3701         designed to test Chinese text rendered with system-ui.
3702
3703         Performance test: Layout/system-ui.html
3704
3705         * platform/graphics/FontCascadeFonts.cpp:
3706         (WebCore::opportunisticallyStartFontDataURLLoading):
3707
3708 2018-04-30  Jer Noble  <jer.noble@apple.com>
3709
3710         <img src=mp4> does not display on ios despite Accept: video/* advertisement
3711         https://bugs.webkit.org/show_bug.cgi?id=185029
3712         <rdar://problem/39771989>
3713
3714         Reviewed by Eric Carlson.
3715
3716         Returning "NO" from resourceLoader:shouldWaitForLoadingOfResource: signals that the load failed,
3717         even if the resource request is successfully fulfilled prior to the return. Always return YES in
3718         the case that loading succeeded.
3719
3720         * platform/graphics/avfoundation/objc/ImageDecoderAVFObjC.mm:
3721         (-[WebCoreSharedBufferResourceLoaderDelegate resourceLoader:shouldWaitForLoadingOfRequestedResource:]):
3722
3723 2018-04-30  Zalan Bujtas  <zalan@apple.com>
3724
3725         REGRESSION(r230914) Selecting text on this apple.com page makes it vanish
3726         https://bugs.webkit.org/show_bug.cgi?id=185142
3727         <rdar://problem/39821446>
3728
3729         Reviewed by Simon Fraser.
3730
3731         Set the overflow rect on the inline textbox when needed.
3732
3733         Test: fast/text/simple-line-layout-selection-with-overflow.html
3734
3735         * rendering/SimpleLineLayoutFunctions.cpp:
3736         (WebCore::SimpleLineLayout::initializeInlineTextBox):
3737         (WebCore::SimpleLineLayout::generateLineBoxTree):
3738         (WebCore::SimpleLineLayout::initializeInlineBox): Deleted.
3739
3740 2018-04-30  JF Bastien  <jfbastien@apple.com>
3741
3742         Use some C++17 features
3743         https://bugs.webkit.org/show_bug.cgi?id=185135
3744
3745         Reviewed by Alex Christensen.
3746
3747         As discussed here [0] let's move WebKit to a subset of C++17. We
3748         now require GCC 6 [1] which means that, according to [2] we can
3749         use the following C++17 language features (I removed some
3750         uninteresting ones):
3751
3752          - New auto rules for direct-list-initialization
3753          - static_assert with no message
3754          - typename in a template template parameter
3755          - Nested namespace definition
3756          - Attributes for namespaces and enumerators
3757          - u8 character literals
3758          - Allow constant evaluation for all non-type template arguments
3759          - Fold Expressions
3760          - Unary fold expressions and empty parameter packs
3761          - __has_include in preprocessor conditional
3762          - Differing begin and end types in range-based for
3763          - Improving std::pair and std::tuple
3764
3765         Consult the Tony Tables [3] to see before / after examples.
3766
3767         Of course we can use any library feature if we're willing to
3768         import them to WTF (and they don't require language support).
3769
3770
3771           [0]: https://lists.webkit.org/pipermail/webkit-dev/2018-March/029922.html
3772           [1]: https://trac.webkit.org/changeset/231152/webkit
3773           [2]: https://en.cppreference.com/w/cpp/compiler_support
3774           [3]: https://github.com/tvaneerd/cpp17_in_TTs/blob/master/ALL_IN_ONE.md
3775
3776         * DerivedSources.make:
3777         * platform/URLParser.cpp: work around an odd GCC 6 bug with class
3778           static value as a template parameter.
3779         (WebCore::URLParser::percentDecode):
3780         (WebCore::URLParser::domainToASCII):
3781         (WebCore::URLParser::hasForbiddenHostCodePoint):
3782         (WebCore::URLParser::parseHostAndPort):
3783         * platform/URLParser.h:
3784
3785 2018-04-30  Wenson Hsieh  <wenson_hsieh@apple.com>
3786
3787         [Extra zoom mode] Respect the existing shrink-to-fit attribute instead of using min-device-width
3788         https://bugs.webkit.org/show_bug.cgi?id=185132
3789         <rdar://problem/39834562>
3790
3791         Reviewed by Tim Horton.
3792
3793         Removes the `min-device-width` attribute added in r231095. Instead, we key this behavior off of the
3794         `shrink-to-fit` attribute introduced for multitasking on iPad, such that `shrink-to-fit=no` achieves the same
3795         behavior as `min-device-width=0` in extra zoom mode. See comments below for more detail.
3796
3797         Adjusted an existing layout test: fast/viewport/extrazoom/viewport-change-min-device-width.html.
3798
3799         * dom/ViewportArguments.cpp:
3800         (WebCore::setViewportFeature):
3801         (WebCore::operator<<):
3802         * dom/ViewportArguments.h:
3803
3804         Removes the `minDeviceWidth` viewport argument.
3805
3806         * page/RuntimeEnabledFeatures.h:
3807         (WebCore::RuntimeEnabledFeatures::setMinDeviceWidthEnabled): Deleted.
3808         (WebCore::RuntimeEnabledFeatures::minDeviceWidthEnabled const): Deleted.
3809
3810         Removes the runtime switch for `min-device-width`.
3811
3812         * page/ViewportConfiguration.cpp:
3813         (WebCore::platformDeviceWidthOverride):
3814
3815         Hard-code the override device width in extra zoom mode.
3816
3817         (WebCore::ViewportConfiguration::shouldOverrideDeviceWidthAndShrinkToFit const):
3818
3819         In extra zoom mode, override the device width only if shrink-to-fit has not been expliticly disabled, and the
3820         device width is less than the override device width.
3821
3822         (WebCore::ViewportConfiguration::shouldIgnoreHorizontalScalingConstraints const):
3823         (WebCore::ViewportConfiguration::shouldIgnoreScalingConstraintsRegardlessOfContentSize const):
3824         (WebCore::ViewportConfiguration::updateConfiguration):
3825         (WebCore::ViewportConfiguration::updateMinimumLayoutSize):
3826
3827         Do not override the minimum layout size if `shrink-to-fit` has been explicitly explicitly disabled, or if the
3828         device width is greater than the override device width.
3829
3830         (WebCore::computedMinDeviceWidth): Deleted.
3831         (WebCore::ViewportConfiguration::shouldOverrideDeviceWidthWithMinDeviceWidth const): Deleted.
3832         * page/ViewportConfiguration.h:
3833
3834 2018-04-30  Chris Nardi  <cnardi@chromium.org>
3835
3836         Serialize font-variation-settings with double-quotes per spec
3837         https://bugs.webkit.org/show_bug.cgi?id=182542
3838
3839         Reviewed by Myles C. Maxfield.
3840
3841         According to the CSSOM spec [1], all strings should be serialized with double-quotes.
3842         The axis name in font-variation-settings was previously serialized with single-quotes;
3843         change this to double-quotes to match the spec and non-WebKit browsers.
3844
3845         [1]: https://drafts.csswg.org/cssom/#common-serializing-idioms
3846
3847         Updated fast/text/variations/getComputedStyle.html to test the change.
3848
3849         * css/CSSFontVariationValue.cpp:
3850         (WebCore::CSSFontVariationValue::customCSSText const):
3851
3852 2018-04-30  Chris Dumez  <cdumez@apple.com>
3853
3854         Fix bad use of RunLoop::main().dispatch() in MessagePort::dispatchMessages()
3855         https://bugs.webkit.org/show_bug.cgi?id=185134
3856
3857         Reviewed by Geoffrey Garen.
3858
3859         Fix bad use of RunLoop::main().dispatch() in MessagePort::dispatchMessages(). This code runs on iOS WebKitLegacy
3860         and it is therefore unsafe to use RunLoop::main() here. We want to use callOnMainThread() instead to run code on
3861         the WebThread.
3862
3863         * dom/MessagePort.cpp:
3864         (WebCore::MessagePort::dispatchMessages):
3865
3866 2018-04-30  Simon Fraser  <simon.fraser@apple.com>
3867
3868         Make color-filter affect caret-color
3869         https://bugs.webkit.org/show_bug.cgi?id=185129
3870         rdar://problem/39829066
3871
3872         Reviewed by Tim Horton.
3873         
3874         Transform the colors used to compare the caret color with the background through
3875         color-filter (since we want contrasting colors after filters are applied), and
3876         transform caret-color itself.
3877
3878         Test: css3/color-filters/color-filter-caret-color.html
3879
3880         * editing/FrameSelection.cpp:
3881         (WebCore::CaretBase::paintCaret const):
3882
3883 2018-04-30  Michael Catanzaro  <mcatanzaro@igalia.com>
3884
3885         [GTK] Webkit should spoof as Safari on a Mac when on Chase.com
3886         https://bugs.webkit.org/show_bug.cgi?id=185103
3887
3888         Reviewed by Carlos Garcia Campos.
3889
3890         Send a fake user agent to chase.com to make it work.
3891
3892         * platform/UserAgentQuirks.cpp:
3893         (WebCore::urlRequiresMacintoshPlatform):
3894         (WebCore::UserAgentQuirks::stringForQuirk): Also, remove this stale comment.
3895
3896 2018-04-29  Simon Fraser  <simon.fraser@apple.com>
3897
3898         Make color-filter affect <attachment>
3899         https://bugs.webkit.org/show_bug.cgi?id=185122
3900         rdar://problem/39818763
3901
3902         Reviewed by Tim Horton.
3903         
3904         Convert the colors used to render <attachment> through color-filter, except
3905         for those parts that render over the icon (like the progress bar).
3906
3907         Not easily testable.
3908
3909         * rendering/RenderThemeMac.mm:
3910         (WebCore::titleTextColorForAttachment):
3911         (WebCore::AttachmentLayout::layOutTitle):
3912         (WebCore::AttachmentLayout::layOutSubtitle):
3913         (WebCore::paintAttachmentIconBackground):
3914         (WebCore::paintAttachmentTitleBackground):
3915         (WebCore::paintAttachmentPlaceholderBorder):
3916
3917 2018-04-28  Simon Fraser  <simon.fraser@apple.com>
3918
3919         Fix color-filter to apply to SVG colors
3920         https://bugs.webkit.org/show_bug.cgi?id=185113
3921         rdar://problem/39665082
3922
3923         Reviewed by Dean Jackson.
3924         
3925         Convert SVG colors through color-filter operations for the places in SVG
3926         that use color, namely fill and stroke, gradients, lighting colors and
3927         drop-shadow.
3928
3929         Test: css3/color-filters/svg/color-filter-inline-svg.html
3930
3931         * rendering/svg/RenderSVGResourceGradient.cpp:
3932         (WebCore::RenderSVGResourceGradient::applyResource):
3933         * rendering/svg/RenderSVGResourceGradient.h:
3934         * rendering/svg/RenderSVGResourceLinearGradient.cpp:
3935         (WebCore::RenderSVGResourceLinearGradient::buildGradient const):
3936         * rendering/svg/RenderSVGResourceLinearGradient.h:
3937         * rendering/svg/RenderSVGResourceRadialGradient.cpp:
3938         (WebCore::RenderSVGResourceRadialGradient::buildGradient const):
3939         * rendering/svg/RenderSVGResourceRadialGradient.h:
3940         * rendering/svg/RenderSVGResourceSolidColor.cpp:
3941         (WebCore::RenderSVGResourceSolidColor::applyResource):
3942         * svg/SVGFEDiffuseLightingElement.cpp:
3943         (WebCore::SVGFEDiffuseLightingElement::setFilterEffectAttribute):
3944         (WebCore::SVGFEDiffuseLightingElement::build):
3945         * svg/SVGFEDropShadowElement.cpp:
3946         (WebCore::SVGFEDropShadowElement::build):
3947         * svg/SVGFEFloodElement.cpp:
3948         (WebCore::SVGFEFloodElement::build):
3949         * svg/SVGFESpecularLightingElement.cpp:
3950         (WebCore::SVGFESpecularLightingElement::setFilterEffectAttribute):
3951         (WebCore::SVGFESpecularLightingElement::build):
3952
3953 2018-04-29  Michael Catanzaro  <mcatanzaro@igalia.com>
3954
3955         [CMake] Require GCC 6
3956         https://bugs.webkit.org/show_bug.cgi?id=184985
3957
3958         Reviewed by Alex Christensen.
3959
3960         Remove a GCC 5 fallback path. This seems to be the only such fallback path in WebKit.
3961
3962         * platform/graphics/FourCC.h:
3963         (WebCore::FourCC::FourCC):
3964
3965 2018-04-29  Zalan Bujtas  <zalan@apple.com>
3966
3967         [LFC] Implement Display::Box functions
3968         https://bugs.webkit.org/show_bug.cgi?id=185116
3969
3970         Reviewed by Antti Koivisto.
3971
3972         * layout/displaytree/DisplayBox.cpp:
3973         (WebCore::Display::Box::Box):
3974         (WebCore::Display::Box::~Box):
3975         (WebCore::Display::Box::marginBox const):
3976         (WebCore::Display::Box::borderBox const):
3977         (WebCore::Display::Box::paddingBox const):
3978         (WebCore::Display::Box::contentBox const):
3979         * layout/displaytree/DisplayBox.h:
3980         (WebCore::Display::Box::rect const):
3981         (WebCore::Display::Box::top const):
3982         (WebCore::Display::Box::left const):
3983         (WebCore::Display::Box::bottom const):
3984         (WebCore::Display::Box::right const):
3985         (WebCore::Display::Box::topLeft const):
3986         (WebCore::Display::Box::bottomRight const):
3987         (WebCore::Display::Box::size const):
3988         (WebCore::Display::Box::width const):
3989         (WebCore::Display::Box::height const):
3990         (WebCore::Display::Box::marginTop const):
3991         (WebCore::Display::Box::marginLeft const):