Move parsing of display, displaystyle and mathvariant attributes into MathML element...
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2016-07-24  Frederic Wang  <fwang@igalia.com>
2
3         Move parsing of display, displaystyle and mathvariant attributes into MathML element classes
4         https://bugs.webkit.org/show_bug.cgi?id=159623
5
6         Reviewed by Brent Fulgham.
7
8         No new tests, already covered by existing tests.
9
10         * mathml/MathMLElement.cpp:
11         (WebCore::MathMLElement::parseMathVariantAttribute): Move helper function to parse the
12         mathvariant attribute.
13         (WebCore::MathMLElement::getSpecifiedDisplayStyle): Helper function to set the displaystyle
14         value from the attribute specified on the MathML element.
15         (WebCore::MathMLElement::getSpecifiedMathVariant): Helper function to set the mathvariant
16         value from the attribute specified on the MathML element.
17         * mathml/MathMLElement.h: Move the enum for mathvariant values and declare new members.
18         (WebCore::MathMLElement::acceptsDisplayStyleAttribute): Indicate whether the element accepts
19         displaystyle attribute (false for most of them).
20         (WebCore::MathMLElement::acceptsMathVariantAttribute): Indicate whether the element accepts
21         mathvariant attribute (false for most of them).
22         * mathml/MathMLInlineContainerElement.cpp:
23         (WebCore::MathMLInlineContainerElement::acceptsDisplayStyleAttribute): Add mstyle and mtable
24         to the list of elements accepting the displaystyle attribute.
25         (WebCore::MathMLInlineContainerElement::acceptsMathVariantAttribute): Add mstyle to the list
26         of elements accepting the mathvariant attribute.
27         (WebCore::MathMLInlineContainerElement::parseAttribute): Mark displaystyle and mathvariant
28         dirty if necessary. Also use the new accepts*Attribute function.
29         * mathml/MathMLInlineContainerElement.h: Declare overridden accepts*Attribute members.
30         * mathml/MathMLMathElement.cpp:
31         (WebCore::MathMLMathElement::getSpecifiedDisplayStyle): Override acceptsDisplayStyleAttribute
32         so that the display attribute is also used to set the default value if the displaystyle
33         attribute is absent.
34         (WebCore::MathMLMathElement::parseAttribute): Mark displaystyle and mathvariant dirty if
35         necessary. We directly MathMLElement::parseAttribute to avoid duplicate work.
36         * mathml/MathMLMathElement.h: Add the math tag to the list of elements accepting the
37         displaystyle and mathvariant attributes. Declare overridden getSpecifiedDisplayStyle.
38         * mathml/MathMLTextElement.cpp:
39         (WebCore::MathMLTextElement::parseAttribute): Mark mathvariant as dirty.
40         * mathml/MathMLTextElement.h: Add token elements to the list of elements accepting the
41         mathvariant attribute.
42         * rendering/mathml/MathMLStyle.cpp:
43         (WebCore::MathMLStyle::updateStyleIfNeeded): Use the new MathMLElement::MathVariant enum.
44         (WebCore::MathMLStyle::resolveMathMLStyle):  We no longer parse the display value to
45         initialize the default value on the math tag, because this is handled in
46         getSpecifiedDisplayStyle. In general, we also just call getSpecifiedDisplayStyle and
47         getSpecifiedMathVariant on the MathML elements instead of parsing the displaystyle and
48         mathvariant attributes here.
49         (WebCore::MathMLStyle::parseMathVariant): Deleted. This is moved into MathMLElement.
50         * rendering/mathml/MathMLStyle.h: Use the new MathMLElement::MathVariant enum.
51         * rendering/mathml/RenderMathMLToken.cpp: Ditto.
52         (WebCore::mathVariant): Ditto.
53         (WebCore::RenderMathMLToken::updateMathVariantGlyph): Ditto.
54
55 2016-07-25  Carlos Garcia Campos  <cgarcia@igalia.com>
56
57         Unreviewed. Remove unneeded header includes from CoordinatedGraphicsLayer.
58
59         Not only thjey are not needed, they are a layer violation, CoordinatedGraphicsLayer shouldn't know anything
60         about Page, Frame and FrameView.
61
62         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
63         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
64
65 2016-07-24  Youenn Fablet  <youenn@apple.com>
66
67         [Fetch API] Request should be created with any HeadersInit data
68         https://bugs.webkit.org/show_bug.cgi?id=159672
69
70         Reviewed by Sam Weinig.
71
72         Made Request use JSBuiltinConstructor.
73         This allows initializing newly created Request with a JS built-in function, initializeFetchRequest.
74         initializeFetchRequest can call @fillFetchHeaders internal built-in to handle any HeadersInit data.
75         Future effort should be made to migrate more initialization code in initializeFetchRequest.
76
77         Made window and worker fetch function as a JS built-in.
78         This becomes more handy as these new functions can construct the Request object.
79         They can then call a single private function that takes a Request object as input.
80         Updated DOMWindowFetch and WorkerGlobalScopeFetch code accordingly.
81
82         To enable this, the binding generator is updated to support runtime-enabled JS built-in functions and
83         private functions atttached to global objects.
84
85         Covered by existing and modified tests.
86         Binding generator test covered by updated binding tests.
87
88         * CMakeLists.txt: Adding DOMWindowFetch.js, FetchRequest.js and WorkerGlobalScopeFetch.js built-in files.
89         * DerivedSources.make: Ditto.
90         * Modules/fetch/DOMWindowFetch.cpp: Removed overloaded fetch and updated according new signature.
91         (WebCore::DOMWindowFetch::fetch):
92         * Modules/fetch/DOMWindowFetch.h: Ditto.
93         * Modules/fetch/DOMWindowFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
94         * Modules/fetch/DOMWindowFetch.js: Added.
95         (fetch):
96         * Modules/fetch/FetchHeaders.h:
97         (WebCore::FetchHeaders::setGuard): Used by FetchRequest when initializing headers.
98         * Modules/fetch/FetchRequest.cpp: 
99         (WebCore::buildHeaders): Removed as implemented in JS.
100         (WebCore::FetchRequest::initializeOptions): Added to handle most of the dictionary initialization.
101         (WebCore::FetchRequest::initializeWith): Method called from built-in constructor function.
102         (WebCore::FetchRequest::setBody): Corresponding to @setBody private method.
103         (WebCore::buildBody): Deleted.
104         * Modules/fetch/FetchRequest.h:
105         * Modules/fetch/FetchRequest.idl:
106         * Modules/fetch/FetchRequest.js: Added.
107         (initializeFetchRequest): Implements fetch Request(input, init) constructor.
108         * Modules/fetch/FetchResponse.cpp:
109         (WebCore::FetchResponse::fetch): Removed the construction of FetchRequest in fetch method since it is done by JS built-in code.
110         * Modules/fetch/FetchResponse.h:
111         * Modules/fetch/WorkerGlobalScopeFetch.cpp: Removed overloaded fetch and updated according new signature.
112         (WebCore::WorkerGlobalScopeFetch::fetch):
113         * Modules/fetch/WorkerGlobalScopeFetch.h: Ditto.
114         * Modules/fetch/WorkerGlobalScopeFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
115         * Modules/fetch/WorkerGlobalScopeFetch.js: Added.
116         (fetch):
117         * bindings/js/WebCoreBuiltinNames.h: Adding fetchRequest, setBody and Request private identifiers.
118         * bindings/scripts/CodeGenerator.pm:
119         (WK_lcfirst): Replacing dOM by dom.
120         * bindings/scripts/CodeGeneratorJS.pm:
121         (GenerateImplementation): Adding support for runtime-enabled built-in methods and private methods.
122         * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
123         (WebCore::JSTestGlobalObject::finishCreation):
124         (WebCore::jsTestGlobalObjectInstanceFunctionTestPrivateFunction):
125         * bindings/scripts/test/ObjC/DOMTestGlobalObject.mm:
126         (-[DOMTestGlobalObject testJSBuiltinFunction]):
127         * bindings/scripts/test/TestGlobalObject.idl: Adding tests for runtime-enabled global built-in methods and private methods.
128
129 2016-07-24  Nan Wang  <n_wang@apple.com>
130
131         AX: Video Controls: Volume cannot be adjusted using VO.
132         https://bugs.webkit.org/show_bug.cgi?id=160107
133
134         Reviewed by Dean Jackson.
135
136         The volume slider in video tag had 0.01 step which caused the screen reader adjusting it slowly.
137         Changed the step to 0.05 and added the aria-valuetext attribute to the slider, so that the value
138         is spoken in percentage. 
139
140         Test: accessibility/mac/video-volume-slider-accessibility.html
141
142         * Modules/mediacontrols/mediaControlsApple.js:
143         (Controller.prototype.createControls):
144         (Controller.prototype.handleVolumeSliderInput):
145         (Controller.prototype.updateVolume):
146
147 2016-07-24  David Kilzer  <ddkilzer@apple.com>
148
149         REGRESSION (r203106): Crash in WebCore::MathMLElement::parseMathMLLength()
150         <https://webkit.org/b/160111>
151         <rdar://problem/27506489>
152
153         Reviewed by Chris Dumez.
154
155         Test: mathml/mpadded-crash.html
156
157         * mathml/MathMLElement.cpp:
158         (WebCore::skipLeadingAndTrailingWhitespace): Change to take
159         StringView parameter instead of String to avoid creating a
160         temporary String that's released on return.
161
162 2016-07-24  Carlos Garcia Campos  <cgarcia@igalia.com>
163
164         [Coordinated Graphics] ASSERTION FAILED: !m_flushingLayers in fast/repaint/animation-after-layer-scroll.html
165         https://bugs.webkit.org/show_bug.cgi?id=160142
166
167         Reviewed by Michael Catanzaro.
168
169         This only happens in layout tests, because it happens when RenderLayerCompositor::layerTreeAsText() is
170         called. The thing is that CoordinatedGraphicsLayer::flushCompositingState() calls notifyFlushRequired() that
171         checks if the coordinator is flusing layers and if not it calls RenderLayerCompositor::notifyFlushRequired() and
172         returns early. This normally works because the coodinator is the one starting the layer flush, so that when
173         RenderLayerCompositor::flushPendingLayerChanges() is called the coordinator is always flusing layers. But
174         RenderLayerCompositor::layerTreeAsText() calls RenderLayerCompositor::flushPendingLayerChanges() directly, so at
175         that moment the coordinator is not flusing layers, what causes that
176         CoordinatedGraphicsLayer::flushCompositingState() ends up calling RenderLayerCompositor::notifyFlushRequired()
177         that schedules a new flush while flusing layers causing the
178         assertion. CoordinatedGraphicsLayer::flushCompositingState() is always called from
179         CompositingCoordinator::flushPendingLayerChanges() or RenderLayerCompositor::flushPendingLayerChanges() so we
180         never need to call RenderLayerCompositor::notifyFlushRequired() from there.
181
182         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
183         (WebCore::CoordinatedGraphicsLayer::notifyFlushRequired): This is void now since the return value is not checked anywhere.
184         (WebCore::CoordinatedGraphicsLayer::flushCompositingState): Remove the call to notifyFlushRequired().
185         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
186
187 2016-07-24  Darin Adler  <darin@apple.com>
188
189         Adding a new WebCore JavaScript built-in source file does not trigger rebuild of WebCoreJSBuiltins*
190         https://bugs.webkit.org/show_bug.cgi?id=160115
191
192         Reviewed by Youenn Fablet.
193
194         * DerivedSources.make: Added a missing dependency so the rule that builds WebCore_BUILTINS_WRAPPERS
195         kicks in when the list of WebCore_BUILTINS_SOURCES is modified. Also added another missing dependency
196         so that changes to the JavaScript built-ins Python scripts will also trigger WebCore_BUILTINS_WRAPPERS.
197
198         * make-generated-sources.sh: Removed. Was unused.
199
200 2016-07-23  Zalan Bujtas  <zalan@apple.com>
201
202         Stop isEmpty() from leaking out of SVG.
203         https://bugs.webkit.org/show_bug.cgi?id=160121
204
205         Reviewed by Simon Fraser.
206
207         It's unclear what isEmpty() actually means and it doesn't bring any value to Render* classes.
208
209         No change in functionality.
210
211         * editing/CompositeEditCommand.cpp:
212         (WebCore::CompositeEditCommand::addBlockPlaceholderIfNeeded):
213         * rendering/RenderElement.h:
214         * rendering/RenderListItem.cpp:
215         (WebCore::RenderListItem::isEmpty): Deleted.
216         * rendering/RenderListItem.h:
217         * rendering/RenderObject.h:
218         (WebCore::RenderObject::isEmpty): Deleted.
219         * rendering/RenderRubyRun.cpp:
220         (WebCore::RenderRubyRun::removeChild):
221         (WebCore::RenderRubyRun::isEmpty): Deleted.
222         * rendering/RenderRubyRun.h:
223         * rendering/mathml/RenderMathMLFenced.cpp:
224         (WebCore::RenderMathMLFenced::updateFromElement):
225         (WebCore::RenderMathMLFenced::addChild):
226         * rendering/mathml/RenderMathMLRoot.cpp:
227         (WebCore::RenderMathMLRoot::paint):
228         * rendering/svg/RenderSVGShape.h:
229
230 2016-07-23  Zalan Bujtas  <zalan@apple.com>
231
232         table*BorderAdjoiningCell and borderAdjoiningCell* should take reference instead of RenderTableCell*.
233         https://bugs.webkit.org/show_bug.cgi?id=160123
234
235         Reviewed by Simon Fraser.
236
237         No change in functionality.
238
239         * rendering/RenderTable.cpp:
240         (WebCore::RenderTable::tableStartBorderAdjoiningCell):
241         (WebCore::RenderTable::tableEndBorderAdjoiningCell):
242         * rendering/RenderTable.h:
243         * rendering/RenderTableCell.cpp:
244         (WebCore::RenderTableCell::computeCollapsedStartBorder):
245         (WebCore::RenderTableCell::computeCollapsedEndBorder):
246         * rendering/RenderTableCell.h:
247         (WebCore::RenderTableCell::borderAdjoiningCellBefore):
248         (WebCore::RenderTableCell::borderAdjoiningCellAfter):
249         * rendering/RenderTableCol.cpp:
250         (WebCore::RenderTableCol::borderAdjoiningCellStartBorder):
251         (WebCore::RenderTableCol::borderAdjoiningCellEndBorder):
252         (WebCore::RenderTableCol::borderAdjoiningCellBefore):
253         (WebCore::RenderTableCol::borderAdjoiningCellAfter):
254         * rendering/RenderTableCol.h:
255         * rendering/RenderTableRow.cpp:
256         (WebCore::RenderTableRow::borderAdjoiningStartCell):
257         (WebCore::RenderTableRow::borderAdjoiningEndCell):
258         * rendering/RenderTableRow.h:
259         * rendering/RenderTableSection.cpp:
260         (WebCore::RenderTableSection::borderAdjoiningStartCell):
261         (WebCore::RenderTableSection::borderAdjoiningEndCell):
262         * rendering/RenderTableSection.h:
263
264 2016-07-23  Zalan Bujtas  <zalan@apple.com>
265
266         Remove unused enum and stale comment from RenderObject.
267         https://bugs.webkit.org/show_bug.cgi?id=160122
268
269         Reviewed by Simon Fraser.
270
271         No change in functionality.
272
273         * rendering/RenderBox.h:
274
275 2016-07-23  Carlos Garcia Campos  <cgarcia@igalia.com>
276
277         [Coordinated Graphics] Lots of flaky tests
278         https://bugs.webkit.org/show_bug.cgi?id=160118
279
280         Reviewed by Michael Catanzaro.
281
282         Since the GTK+ ported to threaded compositor (coordinated graphics) there are a lot of flaky tests in the
283         bots. In manu of the cases the diff shows a different size in the FrameView layer.
284
285         This happens for tests run in the same WTR after fast/fixed-layout/fixed-layout.html. This is what happens:
286
287          1.- Test fast/fixed-layout/fixed-layout.html runs and sets fixed layout to true and fixed layout size to 400x400
288          2.- When it finishes TestController::resetStateToConsistentValues() is called.
289          3.- Blank URL is loaded after state has been updated
290          4.- Then Reset message is handled in the web process and Internals::resetToConsistentState() resets the fixed
291              layout state and size.
292          5.- onresize happens and the handler set in fast/fixed-layout/fixed-layout.html is invoked setting the fixed
293              layout to true and size to 400x400 again.
294          6.- about_blank is then loaded with the fixed layout enabled, as well as other tests after this one.
295
296         In addition to this, coordinated graphics uses a fixedVisibleContentRect in ScrollView that is never reset.
297
298         * platform/ScrollView.cpp:
299         (WebCore::ScrollView::unscaledVisibleContentSizeIncludingObscuredArea): Only use m_fixedVisibleContentRect when
300         fixed layout is enabled.
301         (WebCore::ScrollView::unscaledUnobscuredVisibleContentSize): Ditto.
302         (WebCore::ScrollView::visibleContentRectInternal): Ditto.
303         * testing/Internals.cpp:
304         (WebCore::Internals::resetToConsistentState): Reset also the m_fixedVisibleContentRect.
305
306 2016-07-23  Carlos Garcia Campos  <cgarcia@igalia.com>
307
308         [Coordinated Graphics] Test imported/blink/svg/custom/svg-image-layers-crash.html crashes
309         https://bugs.webkit.org/show_bug.cgi?id=160078
310
311         Reviewed by Michael Catanzaro.
312
313         This is a merge of Blink r155373.
314         https://chromiumcodereview.appspot.com/20789004
315
316         Disable accelerated compositing for SVGImage content layers. SVGImageChromeClient does not support it.
317
318         Fixes imported/blink/svg/custom/svg-image-layers-crash.html.
319
320         * svg/graphics/SVGImage.cpp:
321         (WebCore::SVGImage::dataChanged):
322
323 2016-07-23  Commit Queue  <commit-queue@webkit.org>
324
325         Unreviewed, rolling out r203641.
326         https://bugs.webkit.org/show_bug.cgi?id=160116
327
328         It broke make-based builds (Requested by youenn on #webkit).
329
330         Reverted changeset:
331
332         "[Fetch API] Request should be created with any HeadersInit
333         data"
334         https://bugs.webkit.org/show_bug.cgi?id=159672
335         http://trac.webkit.org/changeset/203641
336
337 2016-07-23  Youenn Fablet  <youenn@apple.com>
338
339         [Fetch API] Request should be created with any HeadersInit data
340         https://bugs.webkit.org/show_bug.cgi?id=159672
341
342         Reviewed by Sam Weinig.
343
344         Made Request use JSBuiltinConstructor.
345         This allows initializing newly created Request with a JS built-in function, initializeFetchRequest.
346         initializeFetchRequest can call @fillFetchHeaders internal built-in to handle any HeadersInit data.
347         Future effort should be made to migrate more initialization code in initializeFetchRequest.
348
349         Made window and worker fetch function as a JS built-in.
350         This becomes more handy as these new functions can construct the Request object.
351         They can then call a single private function that takes a Request object as input.
352         Updated DOMWindowFetch and WorkerGlobalScopeFetch code accordingly.
353
354         To enable this, the binding generator is updated to support runtime-enabled JS built-in functions and
355         private functions atttached to global objects.
356
357         Covered by existing and modified tests.
358         Binding generator test covered by updated binding tests.
359
360         * CMakeLists.txt: Adding DOMWindowFetch.js, FetchRequest.js and WorkerGlobalScopeFetch.js built-in files.
361         * DerivedSources.make: Ditto.
362         * Modules/fetch/DOMWindowFetch.cpp: Removed overloaded fetch and updated according new signature.
363         (WebCore::DOMWindowFetch::fetch):
364         * Modules/fetch/DOMWindowFetch.h: Ditto.
365         * Modules/fetch/DOMWindowFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
366         * Modules/fetch/DOMWindowFetch.js: Added.
367         (fetch):
368         * Modules/fetch/FetchHeaders.h:
369         (WebCore::FetchHeaders::setGuard): Used by FetchRequest when initializing headers.
370         * Modules/fetch/FetchRequest.cpp: 
371         (WebCore::buildHeaders): Removed as implemented in JS.
372         (WebCore::FetchRequest::initializeOptions): Added to handle most of the dictionary initialization.
373         (WebCore::FetchRequest::initializeWith): Method called from built-in constructor function.
374         (WebCore::FetchRequest::setBody): Corresponding to @setBody private method.
375         (WebCore::buildBody): Deleted.
376         * Modules/fetch/FetchRequest.h:
377         * Modules/fetch/FetchRequest.idl:
378         * Modules/fetch/FetchRequest.js: Added.
379         (initializeFetchRequest): Implements fetch Request(input, init) constructor.
380         * Modules/fetch/FetchResponse.cpp:
381         (WebCore::FetchResponse::fetch): Removed the construction of FetchRequest in fetch method since it is done by JS built-in code.
382         * Modules/fetch/FetchResponse.h:
383         * Modules/fetch/WorkerGlobalScopeFetch.cpp: Removed overloaded fetch and updated according new signature.
384         (WebCore::WorkerGlobalScopeFetch::fetch):
385         * Modules/fetch/WorkerGlobalScopeFetch.h: Ditto.
386         * Modules/fetch/WorkerGlobalScopeFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
387         * Modules/fetch/WorkerGlobalScopeFetch.js: Added.
388         (fetch):
389         * bindings/js/WebCoreBuiltinNames.h: Adding fetchRequest, setBody and Request private identifiers.
390         * bindings/scripts/CodeGenerator.pm:
391         (WK_lcfirst): Replacing dOM by dom.
392         * bindings/scripts/CodeGeneratorJS.pm:
393         (GenerateImplementation): Adding support for runtime-enabled built-in methods and private methods.
394         * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
395         (WebCore::JSTestGlobalObject::finishCreation):
396         (WebCore::jsTestGlobalObjectInstanceFunctionTestPrivateFunction):
397         * bindings/scripts/test/ObjC/DOMTestGlobalObject.mm:
398         (-[DOMTestGlobalObject testJSBuiltinFunction]):
399         * bindings/scripts/test/TestGlobalObject.idl: Adding tests for runtime-enabled global built-in methods and private methods.
400
401 2016-07-23  Frederic Wang  <fwang@igalia.com>
402
403         Reset font-style on the <math> element
404         https://bugs.webkit.org/show_bug.cgi?id=160074
405
406         Reviewed by Darin Adler.
407
408         Mathematical formulas with italic font-style render poorly (slanted operators, mathvariant
409         italic etc). We align on Gecko and make the user agent stylesheet reset the font-style to
410         'normal' by default. This addresses the concrete use case of formula inside theorem or
411         proposition statements, which are often written in italic.
412
413         Test: mathml/presentation/math-font-style.html
414
415         * css/mathml.css:
416         (math): Reset the font-style to normal.
417
418 2016-07-23  Frederic Wang  <fwang@igalia.com>
419
420         [MathML] PaintInfo state is not properly restored after applyTransform.
421         https://bugs.webkit.org/show_bug.cgi?id=160077
422
423         Reviewed by Simon Fraser.
424
425         PaintInfo::applyTransform modifies PaintInfo::rect and the original state is not properly
426         restored by GraphicsContextStateSaver. To avoid some weird rendering bugs in MathOperator
427         and RenderMathMLMenclose, we follow what is done in SVG renderers and make a copy of the
428         original PaintInfo before applying the transform.
429
430         Test: mathml/presentation/bug160077.html
431
432         * rendering/mathml/MathOperator.cpp:
433         (WebCore::MathOperator::paint):
434         * rendering/mathml/RenderMathMLMenclose.cpp:
435         (WebCore::RenderMathMLMenclose::paint):
436
437 2016-07-23  Youenn Fablet  <youenn@apple.com>
438
439         [Fetch API] Fetch response stream should enqueue Uint8Array
440         https://bugs.webkit.org/show_bug.cgi?id=160083
441
442         Reviewed by Sam Weinig.
443
444         Covered by updated tests.
445
446         Before enqueuing, ReadableStreamController::enqueue will convert ArrayBuffer as Uint8Array.
447         It also returns a boolean whether the operation is successful or not.
448
449         If returned value is false, calling code will stop loading or if everything is loaded it will refrain from closing the stream.
450         The enqueuing should be succesful except in OutOfMemory cases. This case is not yet handled in test cases.
451
452         Updated the code to remove templated enqueuing as Fetch has no use of it.
453
454         * Modules/fetch/FetchBody.cpp:
455         (WebCore::FetchBody::consumeAsStream): Do not close the stream if enqueuing failed.
456         * Modules/fetch/FetchBodyOwner.cpp:
457         (WebCore::FetchBodyOwner::blobChunk): Stop blob loading if enqueuing failed.
458         * Modules/fetch/FetchResponse.cpp:
459         (WebCore::FetchResponse::BodyLoader::didReceiveData): Stop resource loading if enqueuing failed.
460         (WebCore::FetchResponse::consumeBodyAsStream): Ditto.
461         * Modules/fetch/FetchResponseSource.h:
462         * bindings/js/ReadableStreamController.h:
463         (WebCore::ReadableStreamController::enqueue):
464         (WebCore::ReadableStreamController::enqueue<RefPtr<JSC::ArrayBuffer>>): Deleted.
465
466 2016-07-22  Youenn Fablet  <youenn@apple.com>
467
468         Use a private property to implement FetchResponse.body getter
469         https://bugs.webkit.org/show_bug.cgi?id=159808
470
471         Reviewed by Sam Weinig.
472
473         Covered by existing test sets.
474
475         Previously, body was handled as a CachedAttribute.
476         Using a private property will allow direct use of this property from JS built-ins which will allow easier
477         handling of ReadableStream cloning in Response.clone.
478         Also, this allows removing some binding custom code.
479
480         Updated redirect and error static methods to take NewObject keyword, as this removes a search into cached wrappers.
481         Ditto for createReadableStreamSource.
482
483         * CMakeLists.txt: Removing JSFetchResponseCustom.cpp.
484         * Modules/fetch/FetchResponse.idl: Adding createReadableStreamSource and isDisturbed private functions.
485         Making body getter a JSBuiltin.
486         * Modules/fetch/FetchResponse.js:
487         (body): Adding getter which will call createReadableStreamSource if needed.
488         * WebCore.xcodeproj/project.pbxproj: Removing JSFetchResponseCustom.cpp.
489         * bindings/js/JSFetchResponseCustom.cpp: Removed.
490         * bindings/js/ReadableStreamController.cpp:
491         (WebCore::createReadableStream): Deleted.
492         (WebCore::getReadableStreamReader): Deleted.
493         * bindings/js/ReadableStreamController.h: Removing unneeded ReadableStream helper routine now that they can be
494         handled within JS built-in code.
495         * bindings/js/WebCoreBuiltinNames.h: Adding @createReadableStreamSource, @isDisturbed  and @Response identifiers.
496
497 2016-07-22  Zalan Bujtas  <zalan@apple.com>
498
499         Handle cases when IOSurface initialization fails.
500         https://bugs.webkit.org/show_bug.cgi?id=160006
501         <rdar://problem/27495102>
502
503         Reviewed by Tim Horton and Simon Fraser.
504
505         This is an additional fix to r203514 to check if IOSurface initialization was successful.
506
507         Unable to test.
508
509         * platform/graphics/cg/ImageBufferCG.cpp:
510         (WebCore::ImageBuffer::ImageBuffer):
511         * platform/graphics/cocoa/IOSurface.h: Merge 2 c'tors.
512         * platform/graphics/cocoa/IOSurface.mm: Remove redundant IOSurface::create() code.  
513         (WebCore::IOSurface::create):
514         (WebCore::IOSurface::createFromImage):
515         (WebCore::IOSurface::IOSurface):
516         (WebCore::IOSurface::convertToFormat):
517
518 2016-07-22  Wenson Hsieh  <wenson_hsieh@apple.com>
519
520         Media controls should be displayed for media in media documents
521         https://bugs.webkit.org/show_bug.cgi?id=160104
522         <rdar://problem/27438936>
523
524         Reviewed by Myles C. Maxfield.
525
526         Make videos that would otherwise not have been large enough or have the right
527         aspect ratio cause media controls to appear. This is because media elements in
528         a media document are implied to be main content.
529
530         Added a new API test.
531
532         * html/MediaElementSession.cpp:
533         (WebCore::MediaElementSession::canControlControlsManager):
534
535 2016-07-22  Myles C. Maxfield  <mmaxfield@apple.com>
536
537         All dancers with bunny ears are female
538         https://bugs.webkit.org/show_bug.cgi?id=160102
539         <rdar://problem/27453479>
540
541         Reviewed by Simon Fraser.
542
543         In r203330 I added support for new emoji group candidates. I accidentally
544         missed one of the new emoji code points.
545
546         Tests: editing/deleting/delete-emoji.html:
547                fast/text/emoji-gender-2-9.html:
548                fast/text/emoji-gender-9.html:
549                fast/text/emoji-gender-fe0f-9.html:
550
551         * platform/text/CharacterProperties.h:
552         (WebCore::isEmojiGroupCandidate):
553
554 2016-07-22  Chris Dumez  <cdumez@apple.com>
555
556         Parameter to HTMLCollection.item() / namedItem() should be mandatory
557         https://bugs.webkit.org/show_bug.cgi?id=160099
558
559         Reviewed by Sam Weinig.
560
561         Parameter to HTMLCollection.item() / namedItem() should be mandatory:
562         - https://dom.spec.whatwg.org/#interface-htmlcollection
563         - https://html.spec.whatwg.org/multipage/infrastructure.html#htmlformcontrolscollection
564         - https://html.spec.whatwg.org/multipage/infrastructure.html#the-htmloptionscollection-interface
565
566         Firefox and Chrome agree with the specification.
567
568         No new tests, rebaselined existing tests.
569
570         * bindings/js/JSHTMLFormControlsCollectionCustom.cpp:
571         (WebCore::JSHTMLFormControlsCollection::namedItem):
572         * html/HTMLCollection.idl:
573         * html/HTMLFormControlsCollection.idl:
574         * html/HTMLOptionsCollection.idl:
575
576 2016-07-22  Chris Dumez  <cdumez@apple.com>
577
578         First parameter to Window.getComputedStyle() should be mandatory and non-nullable
579         https://bugs.webkit.org/show_bug.cgi?id=160097
580
581         Reviewed by Ryosuke Niwa.
582
583         First parameter to Window.getComputedStyle() should be mandatory and
584         non-nullable:
585         - https://drafts.csswg.org/cssom/#extensions-to-the-window-interface
586
587         Firefox and Chrome agree with the specification.
588
589         Test: fast/dom/Window/getComputedStyle-missing-parameter.html
590
591         * css/CSSComputedStyleDeclaration.cpp:
592         (WebCore::ComputedStyleExtractor::ComputedStyleExtractor):
593         (WebCore::CSSComputedStyleDeclaration::CSSComputedStyleDeclaration):
594         (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
595         (WebCore::CSSComputedStyleDeclaration::copyProperties):
596         (WebCore::CSSComputedStyleDeclaration::length):
597         (WebCore::CSSComputedStyleDeclaration::item):
598         (WebCore::CSSComputedStyleDeclaration::getPropertyValue):
599         * css/CSSComputedStyleDeclaration.h:
600         * dom/Document.idl:
601         * inspector/InspectorCSSAgent.cpp:
602         (WebCore::InspectorCSSAgent::getComputedStyleForNode):
603         * page/DOMWindow.cpp:
604         (WebCore::DOMWindow::getComputedStyle):
605         * page/DOMWindow.h:
606         * page/DOMWindow.idl:
607         * testing/Internals.cpp:
608         (WebCore::Internals::computedStyleIncludingVisitedInfo):
609         * testing/Internals.h:
610         * testing/Internals.idl:
611
612 2016-07-22  Brady Eidson  <beidson@apple.com>
613
614         Removing IndexedDatabases that have stored blobs doesn't remove the blob files.
615         https://bugs.webkit.org/show_bug.cgi?id=160089
616
617         Reviewed by Darin Adler.
618
619         Tested by API test IndexedDB.StoreBlobThenDelete.
620
621         Blob filenames exist in the IDB directory with the name "[0-9]+.blob".
622         
623         That is, one or more digits, followed by ".blob".
624         
625         So when we delete an IndexedDB.sqlite3 and related files, we should delete those blob files as well.
626         
627         * Modules/indexeddb/server/IDBServer.cpp:
628         (WebCore::IDBServer::removeAllDatabasesForOriginPath):
629
630 2016-07-22  Chris Dumez  <cdumez@apple.com>
631
632         Fix default parameter values for window.alert() / prompt() / confirm()
633         https://bugs.webkit.org/show_bug.cgi?id=160085
634
635         Reviewed by Ryosuke Niwa.
636
637         Fix default parameter values for window.alert() / prompt() / confirm() to
638         match the specification:
639         - https://html.spec.whatwg.org/multipage/browsers.html#the-window-object
640
641         They should default to the empty string, not the string "undefined".
642
643         Firefox and chrome agree with the specification.
644
645         No new tests, updated existing test.
646
647         * page/DOMWindow.h:
648         * page/DOMWindow.idl:
649
650 2016-07-22  Daniel Bates  <dabates@apple.com>
651
652         CSP: object-src and plugin-types directives are not respected for plugin replacements
653         https://bugs.webkit.org/show_bug.cgi?id=159761
654         <rdar://problem/27365724>
655
656         Reviewed by Brent Fulgham.
657
658         Apply the Content Security Policy (CSP) object-src and plugin-types directives to content that will
659         load with a plugin replacement.
660
661         Tests: security/contentSecurityPolicy/object-src-none-blocks-quicktime-plugin-replacement.html
662                security/contentSecurityPolicy/object-src-none-blocks-youtube-plugin-replacement.html
663                security/contentSecurityPolicy/plugins-types-allows-quicktime-plugin-replacement.html
664                security/contentSecurityPolicy/plugins-types-allows-youtube-plugin-replacement.html
665                security/contentSecurityPolicy/plugins-types-blocks-quicktime-plugin-replacement-without-mime-type.html
666                security/contentSecurityPolicy/plugins-types-blocks-quicktime-plugin-replacement.html
667                security/contentSecurityPolicy/plugins-types-blocks-youtube-plugin-replacement-without-mime-type.html
668                security/contentSecurityPolicy/plugins-types-blocks-youtube-plugin-replacement.html
669
670         * html/HTMLPlugInImageElement.cpp:
671         (WebCore::HTMLPlugInImageElement::allowedToLoadPluginContent): Added.
672         (WebCore::HTMLPlugInImageElement::requestObject): Only request loading plugin content if we
673         are allowed to load such content.
674         * html/HTMLPlugInImageElement.h:
675         * loader/SubframeLoader.cpp:
676         (WebCore::SubframeLoader::pluginIsLoadable): Removed code to check CSP as we will check CSP
677         earlier in HTMLPlugInImageElement::requestObject().
678         (WebCore::SubframeLoader::requestPlugin): Ditto.
679         (WebCore::SubframeLoader::isPluginContentAllowedByContentSecurityPolicy): Deleted; moved implementation
680         to HTMLPlugInImageElement::allowedToLoadPluginContent().
681         (WebCore::SubframeLoader::requestObject): Deleted.
682         * loader/SubframeLoader.h:
683         * page/csp/ContentSecurityPolicy.cpp:
684         (WebCore::ContentSecurityPolicy::upgradeInsecureRequestIfNeeded): Changed signature from a non-const
685         function to a const function since these functions do not modify |this|.
686         * page/csp/ContentSecurityPolicy.h: 
687
688 2016-07-22  Chris Dumez  <cdumez@apple.com>
689
690         Parameters to Node.replaceChild() / insertBefore() should be mandatory
691         https://bugs.webkit.org/show_bug.cgi?id=160091
692
693         Reviewed by Darin Adler.
694
695         Parameters to Node.replaceChild() / insertBefore() should be mandatory:
696         - https://dom.spec.whatwg.org/#node
697
698         The compatibility risk should be low since Firefox and Chrome both agree
699         with the specification and because it does not make much sense to omit
700         parameters when using this API.
701
702         No new tests, rebaselined existing tests.
703
704         * bindings/js/JSNodeCustom.cpp:
705         (WebCore::JSNode::insertBefore):
706         (WebCore::JSNode::replaceChild):
707
708 2016-07-22  Chris Dumez  <cdumez@apple.com>
709
710         Parameter to Node.contains() should be mandatory
711         https://bugs.webkit.org/show_bug.cgi?id=160084
712
713         Reviewed by Darin Adler.
714
715         Parameter to Node.contains() should be mandatory as per the
716         specification:
717         - https://dom.spec.whatwg.org/#node
718
719         The compatibility risk should be low because both Firefox and Chrome
720         both agree with the specification. Also, it does not make much sense
721         to call this API without parameter.
722
723         No new tests, rebaselined existing tests.
724
725         * dom/Node.idl:
726
727 2016-07-22  Said Abou-Hallawa  <sabouhallawa@apple.com>
728
729         [iOS] REGRESSION(203378): PDFDocumentImage::updateCachedImageIfNeeded() uses the unscaled size when deciding whether to cache the PDF image
730         https://bugs.webkit.org/show_bug.cgi?id=159933
731
732         Reviewed by Simon Fraser.
733
734         We need to use the scaled size when deciding whether to cache the PDF image
735         or not. This is because ImageBuffer takes the display resolution into account
736         which gives higher resolution for the image when zooming.
737
738         * platform/graphics/cg/PDFDocumentImage.cpp:
739         (WebCore::PDFDocumentImage::updateCachedImageIfNeeded):
740
741 2016-07-22  Chris Dumez  <cdumez@apple.com>
742
743         First parameter to getElementById() should be mandatory
744         https://bugs.webkit.org/show_bug.cgi?id=160087
745
746         Reviewed by Darin Adler.
747
748         First parameter to getElementById() should be mandatory:
749         - https://dom.spec.whatwg.org/#nonelementparentnode
750         - https://www.w3.org/TR/SVG/struct.html#InterfaceSVGSVGElement
751
752         Both Firefox and Chrome agree with the specification.
753
754         Test: svg/dom/SVGSVGElement-getElementById.html
755
756         * dom/NonElementParentNode.idl:
757         * svg/SVGSVGElement.idl:
758
759 2016-07-22  Chris Dumez  <cdumez@apple.com>
760
761         Parameter to Node.lookupPrefix() / lookupNamespaceURI() / isDefaultNamespace() should be mandatory
762         https://bugs.webkit.org/show_bug.cgi?id=160086
763
764         Reviewed by Darin Adler.
765
766         Parameter to Node.lookupPrefix() / lookupNamespaceURI() / isDefaultNamespace()
767         should be mandatory:
768         - https://dom.spec.whatwg.org/#node
769
770         Firefox and Chrome both agree with the specification.
771
772         No new tests, rebaselined existing tests.
773
774         * dom/Node.idl:
775
776 2016-07-22  Chris Dumez  <cdumez@apple.com>
777
778         Parameter to Node.compareDocumentPosition() should be mandatory and non-nullable
779         https://bugs.webkit.org/show_bug.cgi?id=160071
780
781         Reviewed by Ryosuke Niwa.
782
783         
784         Parameter to Node.compareDocumentPosition() should be mandatory and
785         non-nullable:
786         - https://dom.spec.whatwg.org/#interface-node
787
788         Firefox and Chrome agree with the specification so the compatibility
789         risk should be low. Also, it does not make much sense to call this
790         operation without parameter.
791
792         No new tests, rebaselined existing tests.
793
794         * accessibility/AccessibilityObject.cpp:
795         (WebCore::rangeClosestToRange):
796         * dom/AuthorStyleSheets.cpp:
797         (WebCore::AuthorStyleSheets::addStyleSheetCandidateNode):
798         * dom/Node.cpp:
799         (WebCore::compareDetachedElementsPosition):
800         (WebCore::Node::compareDocumentPosition):
801         * dom/Node.h:
802         * dom/Node.idl:
803         * dom/Position.h:
804         (WebCore::operator<):
805         * html/HTMLFormElement.cpp:
806         (WebCore::HTMLFormElement::formElementIndexWithFormAttribute):
807         (WebCore::HTMLFormElement::formElementIndex):
808         * rendering/RenderNamedFlowThread.cpp:
809         (WebCore::RenderNamedFlowThread::nextRendererForElement):
810         (WebCore::compareRenderNamedFlowFragments):
811         (WebCore::RenderNamedFlowThread::registerNamedFlowContentElement):
812
813 2016-07-22  Konstantin Tokarev  <annulen@yandex.ru>
814
815         [cmake] Removed obsolete plugins/win directory
816         https://bugs.webkit.org/show_bug.cgi?id=160081
817
818         Reviewed by Per Arne Vollan.
819
820         It was removed in r178219.
821
822         No new tests needed.
823
824         * PlatformWin.cmake:
825
826 2016-07-22  Youenn Fablet  <youenn@apple.com>
827
828         run-builtins-generator-tests should be able to test WebCore builtins wrapper with more than one file
829         https://bugs.webkit.org/show_bug.cgi?id=159921
830
831         Reviewed by Brian Burg.
832
833         Covered by existing and added built-ins tests.
834
835         Updating built system according ---wrappers-only new meaning.
836         builtin generator is now called for each individual built-in file plus once for WebCore wrapper files.
837         WebCore wrapper files allow handling things like conditionally guarded features.
838         They also remove the need to use built-ins macros outside generated code.
839
840         * CMakeLists.txt:
841         * DerivedSources.make:
842
843 2016-07-21  Frederic Wang  <fwang@igalia.com>
844
845         Move parsing of accentunder and accent attributes from renderer to element classes
846         https://bugs.webkit.org/show_bug.cgi?id=159625
847
848         Reviewed by Brent Fulgham.
849
850         We introduce a new MathMLUnderOverElement that is used for elements munder, mover and
851         munderover in order to create RenderMathMLUnderOver and parse and expose the values of the
852         accent and accentunder attributes. This is one more step toward moving MathML attribute
853         parsing to the DOM (bug 156536). We also do minor clean-up for this and previous renderer
854         classes that no longer do attribute parsing: the MathMLNames namespace is no longer necessary
855         and constructors can take a more accurate element type.
856
857         No new tests, already covered by existing test.
858
859         * CMakeLists.txt: Add MathMLUnderOverElement files.
860         * WebCore.xcodeproj/project.pbxproj: Ditto.
861         * mathml/MathMLAllInOne.cpp: Ditto.
862         * mathml/MathMLElement.cpp:
863         (WebCore::MathMLElement::cachedBooleanAttribute): Add parsing of boolean attributes.
864         * mathml/MathMLElement.h: New type and helper functions for boolean attributes.
865         * mathml/MathMLInlineContainerElement.cpp:
866         (WebCore::MathMLInlineContainerElement::createElementRenderer): Remove handling of
867         under/over/underover elements.
868         * mathml/MathMLScriptsElement.cpp:
869         (WebCore::MathMLScriptsElement::MathMLScriptsElement): Remove inline keyword to avoid link
870         errors now that MathMLUnderOverElement overrides that class.
871         * mathml/MathMLScriptsElement.h: Allow MathMLUnderOverElement to override this class.
872         * mathml/MathMLUnderOverElement.cpp:
873         (WebCore::MathMLUnderOverElement::MathMLUnderOverElement):
874         (WebCore::MathMLUnderOverElement::create):
875         (WebCore::MathMLUnderOverElement::accent): Helper function to access the accent value.
876         (WebCore::MathMLUnderOverElement::accentUnder): Helper function to access the accentunder value.
877         (WebCore::MathMLUnderOverElement::parseAttribute): Make accent and accentunder dirty.
878         (WebCore::MathMLUnderOverElement::createElementRenderer): Create RenderMathMLUnderOver
879         * mathml/MathMLUnderOverElement.h:
880         * mathml/mathtags.in: Map under/over/underover to MathMLUnderOverElement.
881         * rendering/mathml/RenderMathMLFraction.cpp: Remove MathMLNames and make the constructor
882         take a MathMLFractionElement.
883         (WebCore::RenderMathMLFraction::RenderMathMLFraction):
884         * rendering/mathml/RenderMathMLFraction.h:
885         * rendering/mathml/RenderMathMLPadded.cpp: Remove MathMLNames and make the constructor
886         take a MathMLPaddedElement.
887         (WebCore::RenderMathMLPadded::RenderMathMLPadded):
888         * rendering/mathml/RenderMathMLPadded.h:
889         * rendering/mathml/RenderMathMLScripts.cpp: Remove MathMLNames and make the constructor
890         take a MathMLScriptsElement. Also rename scriptsElement() to element().
891         (WebCore::RenderMathMLScripts::RenderMathMLScripts):
892         (WebCore::RenderMathMLScripts::element):
893         (WebCore::RenderMathMLScripts::getScriptMetricsAndLayoutIfNeeded):
894         (WebCore::RenderMathMLScripts::scriptsElement): Deleted.
895         * rendering/mathml/RenderMathMLScripts.h:
896         * rendering/mathml/RenderMathMLUnderOver.cpp: Remove MathMLNames and make the constructor
897         take a RenderMathMLUnderOver.
898         (WebCore::RenderMathMLUnderOver::RenderMathMLUnderOver):
899         (WebCore::RenderMathMLUnderOver::element):
900         (WebCore::RenderMathMLUnderOver::hasAccent): Use the helper functions for accent and accentunder.
901         * rendering/mathml/RenderMathMLUnderOver.h:
902
903 2016-07-21  Chris Dumez  <cdumez@apple.com>
904
905         Parameter to Node.isSameNode() / isEqualNode() should be mandatory
906         https://bugs.webkit.org/show_bug.cgi?id=160070
907
908         Reviewed by Ryosuke Niwa.
909
910         Parameter to Node.isSameNode() / isEqualNode() should be mandatory as
911         per the specification:
912         - https://dom.spec.whatwg.org/#interface-node
913
914         Chrome and Firefox agree with the specification (although Firefox does
915         not support isSameNode()).
916
917         No new tests, rebaselined existing tests.
918
919         * dom/Node.idl:
920
921 2016-07-21  Chris Dumez  <cdumez@apple.com>
922
923         Parameter to Document.createEvent() should be mandatory
924         https://bugs.webkit.org/show_bug.cgi?id=160065
925
926         Reviewed by Darin Adler.
927
928         Parameter to Document.createEvent() should be mandatory as per the
929         specification:
930         - https://dom.spec.whatwg.org/#document
931
932         We already throw anyway when the parameter is omitted because we use
933         "undefined" as event type, which is invalid. However, we throw the
934         wrong exception.
935
936         Firefox and Chrome agree with the specification here.
937
938         No new tests, rebaselined existing tests.
939
940         * dom/Document.idl:
941
942 2016-07-21  Brian Burg  <bburg@apple.com>
943
944         REGRESSION(r62549): Objective-C DOM bindings sometimes fail to regenerate when CodeGenerator.pm is modified
945         https://bugs.webkit.org/show_bug.cgi?id=160031
946
947         Reviewed by Darin Adler.
948
949         This bug was caused by a refactoring 6 years ago. Not all uses of a variable
950         were renamed, so the ObjC bindings target pattern was not specifying any
951         build scripts as target dependencies.
952
953         * DerivedSources.make: Standardize on {COMMON,JS,DOM}_BINDINGS_SCRIPTS.
954
955 2016-07-21  Darin Adler  <darin@apple.com>
956
957         Remove unneeded content attribute name "playsinline"
958         https://bugs.webkit.org/show_bug.cgi?id=160069
959
960         Reviewed by Chris Dumez.
961
962         * html/HTMLVideoElement.idl: Removed explicit content attribute name on Reflect
963         attribute since it is the same as the name that the code generator will generate.
964
965 2016-07-21  Chris Dumez  <cdumez@apple.com>
966
967         Make parameters to Element.getElementsBy*() operations mandatory
968         https://bugs.webkit.org/show_bug.cgi?id=160060
969
970         Reviewed by Darin Adler.
971
972         Make parameters to Element.getElementsBy*() operations mandatory to
973         match the specification:
974         - https://dom.spec.whatwg.org/#interface-element
975
976         Firefox and Chrome agree with the specification so the compatibility
977         risk should be low.
978
979         It makes very little sense to call these operations without parameter,
980         especially considering WebKit uses the string "undefined" if the
981         parameter is omitted.
982
983         No new tests, rebaselined existing tests.
984
985         * dom/Element.idl:
986
987 2016-07-21  Chris Dumez  <cdumez@apple.com>
988
989         Make parameters mandatory for attribute-related API on Element
990         https://bugs.webkit.org/show_bug.cgi?id=160059
991
992         Reviewed by Ryosuke Niwa.
993
994         Make parameters mandatory for attribute-related API on Element to match
995         the specification:
996         - https://dom.spec.whatwg.org/#element
997
998         Firefox and Chrome agree with the specification. Calling this API
999         without the parameters does not make much sense, especially considering
1000         WebKit uses the string "undefined" when the parameter is omitted.
1001
1002         No new tests, rebaselined existing tests.
1003
1004         * dom/Element.idl:
1005
1006 2016-07-21  Myles C. Maxfield  <mmaxfield@apple.com>
1007
1008         Remove support for deprecated SPI inlineMediaPlaybackRequiresPlaysInlineAttribute
1009         https://bugs.webkit.org/show_bug.cgi?id=160066
1010
1011         Reviewed by Dean Jackson.
1012
1013         r203520 deprecated inlineMediaPlaybackRequiresPlaysInlineAttribute in favor of
1014         allowsInlineMediaPlaybackWithPlaysInlineAttribute and
1015         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute. The old
1016         inlineMediaPlaybackRequiresPlaysInlineAttribute is SPI and was never released
1017         to the public. Therefore, it can be removed safely.
1018
1019         No new tests because there is no behavior change.
1020
1021         * page/Settings.cpp:
1022         * page/Settings.in:
1023         * testing/InternalSettings.cpp:
1024         (WebCore::InternalSettings::Backup::Backup): Deleted.
1025         (WebCore::InternalSettings::Backup::restoreTo): Deleted.
1026         (WebCore::InternalSettings::setInlineMediaPlaybackRequiresPlaysInlineAttribute): Deleted.
1027         * testing/InternalSettings.h:
1028         * testing/InternalSettings.idl:
1029
1030 2016-07-21  Dean Jackson  <dino@apple.com>
1031
1032         REGRESSION (r202927): The internal size of the ImageBuffer is scaled twice by the context scaleFactor
1033         https://bugs.webkit.org/show_bug.cgi?id=159981
1034         <rdar://problem/27429465>
1035
1036         Reviewed by Myles Maxfield.
1037
1038         The change to propagate color spaces through ImageBuffers created an
1039         alternate version of createCompatibleBuffer. This version accidentally
1040         attempted to take the display resolution (i.e. hidpi) into account
1041         when creating the buffer, which meant it was being applied twice.
1042
1043         The fix is simply to remove that logic. The caller of the method
1044         will take the resolution into account, the same way they did
1045         with the old createCompatibleBuffer method.
1046
1047         Test: fast/hidpi/pdf-image-scaled.html
1048
1049         * platform/graphics/cg/ImageBufferCG.cpp:
1050         (WebCore::ImageBuffer::createCompatibleBuffer): Don't calculate
1051         a resolution - just use the value of 1.0.
1052
1053 2016-07-21  John Wilander  <wilander@apple.com>
1054
1055         Block mixed content synchronous XHR
1056         https://bugs.webkit.org/show_bug.cgi?id=105462
1057         <rdar://problem/13666424>
1058
1059         Reviewed by Brent Fulgham.
1060
1061         Test: http/tests/security/mixedContent/insecure-xhr-sync-in-main-frame.html
1062
1063         * loader/DocumentThreadableLoader.cpp:
1064         (WebCore::DocumentThreadableLoader::loadRequest):
1065
1066 2016-07-21  Chris Dumez  <cdumez@apple.com>
1067
1068         Make parameters to Document.getElementsBy*() operations mandatory
1069         https://bugs.webkit.org/show_bug.cgi?id=160050
1070
1071         Reviewed by Daniel Bates.
1072
1073         Make parameters to Document.getElementsBy*() operations mandatory to
1074         match the specification:
1075         - https://dom.spec.whatwg.org/#interface-document
1076
1077         Firefox and Chrome agree with the specification so the compatibility
1078         risk should be low.
1079
1080         It makes very little sense to call these operations without parameter,
1081         especially considering WebKit uses the string "undefined" if the
1082         parameter is omitted.
1083
1084         No new tests, rebaselined existing tests.
1085
1086         * dom/Document.idl:
1087
1088 2016-07-21  Nan Wang  <n_wang@apple.com>
1089
1090         AX: aria-label not being used correctly in accessible name calculation of heading
1091         https://bugs.webkit.org/show_bug.cgi?id=160009
1092
1093         Reviewed by Chris Fleizach.
1094
1095         Actually we are exposing the correct information for heading objects. On macOS, 
1096         VoiceOver should handle the logic that picks the right information to speak.
1097         On iOS, VoiceOver is speaking the static text child instead of the heading object.
1098         So we should set the accessibilityLabel of the static text based on the parent's 
1099         alternate label.
1100
1101         Test: accessibility/ios-simulator/heading-with-aria-label.html
1102
1103         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
1104         (-[WebAccessibilityObjectWrapper _accessibilityTraitsFromAncestors]):
1105
1106 2016-07-21  Saam Barati  <sbarati@apple.com>
1107
1108         op_add/ValueAdd should be an IC in all JIT tiers
1109         https://bugs.webkit.org/show_bug.cgi?id=159649
1110
1111         Reviewed by Benjamin Poulain.
1112
1113         * ForwardingHeaders/jit/JITMathICForwards.h: Added.
1114
1115 2016-07-21  Chris Dumez  <cdumez@apple.com>
1116
1117         Make parameters mandatory for Document.create*() operations
1118         https://bugs.webkit.org/show_bug.cgi?id=160047
1119
1120         Reviewed by Ryosuke Niwa.
1121
1122         Make parameters mandatory for Document.create*() operations:
1123         createTextNode(), createComment(), createCDataSection(),
1124         createAttribute() and createProcessingInstruction().
1125
1126         This matches the specification:
1127         - https://dom.spec.whatwg.org/#interface-document
1128
1129         Firefox and Chrome both agree with the specification so the
1130         compatibility risk should be low. Also WebKit uses the string
1131         "undefined" when the parameter is omitted, which is not very
1132         helpful.
1133
1134         No new tests, rebaselined existing tests.
1135
1136         * dom/Document.idl:
1137
1138 2016-07-21  Chris Dumez  <cdumez@apple.com>
1139
1140         Fix null handling of SVGAngle/SVGLength.valueAsString attribute
1141         https://bugs.webkit.org/show_bug.cgi?id=160025
1142
1143         Reviewed by Ryosuke Niwa.
1144
1145         Fix null handling of SVGAngle/SVGLength.valueAsString attribute
1146         to match the specification:
1147         - https://www.w3.org/TR/SVG2/types.html#InterfaceSVGAngle
1148         - https://www.w3.org/TR/SVG2/types.html#InterfaceSVGLength
1149
1150         In particular, this patch drops [TreatNullAs=EmptyString] IDL
1151         extended attribute from this attribute. This is not supposed
1152         to change behavior given that both "" and "null" are invalid
1153         numbers and the specification says to throw a SYNTAX_ERR in
1154         this case.
1155
1156         However, WebKit currently ignores assignments to "" instead
1157         of throwing. As a result, assigning to null will now throw
1158         instead of being ignored. The compatibility risk should be
1159         low because both Firefox and Chrome throw when assigning
1160         null.
1161
1162         I did not change the behavior when assigning to "" because
1163         it is a bit out of scope for this patch and browsers to not
1164         seem to agree:
1165         - Firefox throws
1166         - Chrome set value to "0"
1167         - WebKit ignores the assignment
1168
1169         The specification seems to agree with Firefox as far as I
1170         can tell given that "" is not a valid number as per:
1171         - https://www.w3.org/TR/css3-values/#numbers
1172
1173         Test: svg/dom/valueAsString-null.html
1174
1175         * svg/SVGAngle.idl:
1176         * svg/SVGLength.idl:
1177
1178 2016-07-21  Chris Dumez  <cdumez@apple.com>
1179
1180         Fix null handling of HTMLFontElement.color
1181         https://bugs.webkit.org/show_bug.cgi?id=160036
1182
1183         Reviewed by Ryosuke Niwa.
1184
1185         Fix null handling of HTMLFontElement.color to match the specification:
1186         - https://html.spec.whatwg.org/#htmlfontelement
1187
1188         We are supposed to treat null as the empty string. Both Firefox and
1189         Chrome agree with the specification.
1190
1191         No new tests, rebaselined existing tests.
1192
1193         * html/HTMLFontElement.idl:
1194
1195 2016-07-21  Chris Dumez  <cdumez@apple.com>
1196
1197         Fix null handling for several HTMLTableElement attributes
1198         https://bugs.webkit.org/show_bug.cgi?id=160041
1199
1200         Reviewed by Ryosuke Niwa.
1201
1202         Fix null handling for several HTMLTableElement attributes to match the
1203         specification:
1204         - https://html.spec.whatwg.org/#HTMLTableElement-partial
1205
1206         The attributes in question are 'bicolor', 'cellSpacing' and
1207         'cellPadding'. We are supposed to treat null as the empty string for
1208         these attributes.
1209
1210         Firefox and Chrome both agree with the specification.
1211
1212         No new tests, rebaselined existing tests.
1213
1214         * html/HTMLTableElement.idl:
1215
1216 2016-07-21  Chris Dumez  <cdumez@apple.com>
1217
1218         Fix null handling for HTMLObjectElement.border
1219         https://bugs.webkit.org/show_bug.cgi?id=160040
1220
1221         Reviewed by Ryosuke Niwa.
1222
1223         Fix null handling for HTMLObjectElement.border to match the specification:
1224         - https://html.spec.whatwg.org/#HTMLObjectElement-partial
1225
1226         We are supposed to treat null as the empty string.
1227
1228         Both Firefox and Chrome agree with the specification.
1229
1230         No new tests, rebaselined existing tests.
1231
1232         * html/HTMLObjectElement.idl:
1233
1234 2016-07-21  Chris Dumez  <cdumez@apple.com>
1235
1236         Fix null handling for td.bgColor / tr.bgColor
1237         https://bugs.webkit.org/show_bug.cgi?id=160043
1238
1239         Reviewed by Ryosuke Niwa.
1240
1241         Fix null handling for td.bgColor / tr.bgColor to match the
1242         specification:
1243         - https://html.spec.whatwg.org/#HTMLTableCellElement-partial
1244         - https://html.spec.whatwg.org/#HTMLTableRowElement-partial
1245
1246         We are supposed to treat null as the empty string.
1247
1248         Firefox and Chrome both agree with the specification.
1249
1250         No new tests, rebaselined existing tests.
1251
1252         * html/HTMLTableCellElement.idl:
1253         * html/HTMLTableRowElement.idl:
1254
1255 2016-07-21  Chris Dumez  <cdumez@apple.com>
1256
1257         Fix null handling for several HTMLBodyElement attributes
1258         https://bugs.webkit.org/show_bug.cgi?id=160044
1259
1260         Reviewed by Ryosuke Niwa.
1261
1262         Fix null handling for several HTMLBodyElement attributes to match the
1263         specification:
1264         - https://html.spec.whatwg.org/#HTMLBodyElement-partial
1265
1266         The attributes in question are: 'text', 'link', 'vlink', 'alink' and
1267         'bgcolor'.
1268
1269         We are supposed to treat null as the empty string for these attributes.
1270
1271         Firefox and Chrome both agree with the specification.
1272
1273         No new tests, rebaselined existing tests.
1274
1275         * html/HTMLBodyElement.idl:
1276
1277 2016-07-21  Chris Dumez  <cdumez@apple.com>
1278
1279         Fix null handling for HTMLIFrameElement.marginWidth / marginHeight
1280         https://bugs.webkit.org/show_bug.cgi?id=160037
1281
1282         Reviewed by Ryosuke Niwa.
1283
1284         Fix null handling for HTMLIFrameElement.marginWidth / marginHeight to
1285         match the specification:
1286         - https://html.spec.whatwg.org/#HTMLIFrameElement-partial
1287
1288         We are supposed to treat null as the empty string. Both Firefox and
1289         Chrome agree with the specification.
1290
1291         No new tests, rebaselined existing tests.
1292
1293         * html/HTMLIFrameElement.idl:
1294
1295 2016-07-21  Chris Dumez  <cdumez@apple.com>
1296
1297         Fix null handling for HTMLImageElement.border
1298         https://bugs.webkit.org/show_bug.cgi?id=160039
1299
1300         Reviewed by Ryosuke Niwa.
1301
1302         Fix null handling for HTMLImageElement.border to match the specification:
1303         - https://html.spec.whatwg.org/#HTMLImageElement-partial
1304
1305         We are supposed to treat null as the empty string.
1306
1307         Both Firefox and Chrome agree with the specification.
1308
1309         No new tests, rebaselined existing tests.
1310
1311         * html/HTMLImageElement.idl:
1312
1313 2016-07-21  Daniel Bates  <dabates@apple.com>
1314
1315         REGRESSION: Plugin replaced YouTube Flash videos always have the same width
1316         https://bugs.webkit.org/show_bug.cgi?id=159998
1317         <rdar://problem/27462285>
1318
1319         Reviewed by Simon Fraser.
1320
1321         Fixes an issue where the width of a plugin replaced YouTube video loaded via an HTML embed
1322         element would always have the same width regardless of value of the width attribute.
1323
1324         For YouTube Flash videos the YouTube plugin replacement substitutes a shadow DOM subtree
1325         for the default renderer of an HTML embed element. The root of this shadow DOM subtree
1326         is an HTML div element. Currently we set inline styles on this <div> when it is instantiated.
1327         In particular, we set inline display and position to "inline-block" and "relative", respectively,
1328         and set an invalid height and width (we specify a font weight value instead of a CSS length value
1329         - this causes an ASSERT_NOT_REACHED() assertion failure in StyleBuilderConverter::convertLengthSizing()
1330         in a debug build). These styles never worked as intended and we ultimately created an inline
1331         renderer (ignoring display "inline-block") that had auto width and height. Instead it is sufficient
1332         to remove all these inline styles and create a RenderBlockFlow renderer for this <div> so that it
1333         renders as a block, non-replaced element to achieve the intended illusion that the <embed> is a
1334         single element.
1335
1336         * html/shadow/YouTubeEmbedShadowElement.cpp: Remove unused header HTMLEmbedElement.h and include
1337         header RenderBlockFlow.h. Also update copyright in license block.
1338         (WebCore::YouTubeEmbedShadowElement::YouTubeEmbedShadowElement): Remove inline styles as these
1339         never worked as intended.
1340         (WebCore::YouTubeEmbedShadowElement::createElementRenderer): Override; create a block-flow
1341         renderer for us so that we layout as a block, non-replaced element.
1342         * html/shadow/YouTubeEmbedShadowElement.h:
1343
1344 2016-07-21  Myles C. Maxfield  <mmaxfield@apple.com>
1345
1346         [iPhone] Playing a video on tudou.com plays only sound, no video
1347         https://bugs.webkit.org/show_bug.cgi?id=159967
1348         <rdar://problem/26964090>
1349
1350         Reviewed by Jon Lee, Jeremy Jones, and Anders Carlsson.
1351
1352         WebKit recently starting honoring the playsinline and webkit-playsinline
1353         attribute on iPhones. However, because these attributes previously did
1354         nothing, some sites (such as Todou) were setting them on their content
1355         and expecting that they are not honored. In this specific case, the
1356         video is absolutely positioned to be 1 pixel x 1 pixel.
1357
1358         Previously, with iOS 9, apps could set the allowsInlineMediaPlayback
1359         property on their WKWebView, which would honor the webkit-playsinline
1360         attribute. Safari on iPhones didn't do this.
1361
1362         In order to not break these existing apps, it's important that the
1363         allowsInlineMediaPlayback preference still allows webkit-playsinline
1364         videos to play inline in apps using WKWebView. However, in Safari, these
1365         videos should play fullscreen. (Todou videos have webkit-playsinline
1366         but not playsinline.)
1367
1368         Therefore, in Safari, videos with playsinline should be inline, but
1369         videos with webkit-playsinline should be fullscreen. In apps using
1370         WKWebViews, if the app sets allowsInlineMediaPlayback, then videos with
1371         playsinline should be inline, and videos with webkit-playsinline should
1372         also be inline. Videos on iPad and Mac should all be inline by default.
1373
1374         We can create some truth tables for the cases which need to be covered:
1375
1376         All apps on Mac / iPad:
1377         Presence of playsinline | Presence of webkit-playsinline | Result
1378         ========================|================================|===========
1379         Not present             | Not present                    | Inline
1380         Present                 | Not present                    | Inline
1381         Not Present             | Present                        | Inline
1382         Present                 | Present                        | Inline
1383
1384         Safari on iPhone:
1385         Presence of playsinline | Presence of webkit-playsinline | Result
1386         ========================|================================|===========
1387         Not present             | Not present                    | Fullscreen
1388         Present                 | Not present                    | Inline
1389         Not Present             | Present                        | Fullscreen
1390         Present                 | Present                        | Inline
1391
1392         App on iPhone which sets allowsInlineMediaPlayback:
1393         Presence of playsinline | Presence of webkit-playsinline | Result
1394         ========================|================================|===========
1395         Not present             | Not present                    | Fullscreen
1396         Present                 | Not present                    | Inline
1397         Not Present             | Present                        | Inline
1398         Present                 | Present                        | Inline
1399
1400         The way to distinguish Safari from another app is to create an SPI
1401         boolean preference which Safari can set. This is already how the
1402         iPhone and iPad are differentiated using the requiresPlayInlineAttribute
1403         which Safari sets but other apps don't. However, this preference is
1404         no longer sufficient because Safari should now be discriminating
1405         between the playsinline and webkit-playsinline attributes. Therefore,
1406         this preference should be extended to two boolean preferences, which
1407         this patch adds:
1408
1409         allowsInlineMediaPlaybackWithPlaysInlineAttribute
1410         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute
1411
1412         Safari on iPhone will set
1413         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to true,
1414         and allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to
1415         false. Other apps on iPhone will get their defaults values (because they
1416         are SPI) which means they will both be true. On iPad and Mac, apps will
1417         use the defaults values where both are false.
1418
1419         This patch adds support for these two preferences, but does not remove
1420         the existing inlineMediaPlaybackRequiresPlaysInlineAttribute preference.
1421         I will remove the exising preference as soon as I update Safari to migrate
1422         off of it.
1423
1424         Test: media/video-playsinline.html
1425
1426         * html/MediaElementSession.cpp:
1427         (WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):
1428         * page/Settings.cpp:
1429         * page/Settings.in:
1430         * testing/InternalSettings.cpp:
1431         (WebCore::InternalSettings::Backup::Backup):
1432         (WebCore::InternalSettings::Backup::restoreTo):
1433         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithPlaysInlineAttribute):
1434         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute):
1435         * testing/InternalSettings.h:
1436         * testing/InternalSettings.idl:
1437
1438 2016-07-21  Ryosuke Niwa  <rniwa@webkit.org>
1439
1440         Crash accessing null renderer inside WebCore::DeleteSelectionCommand::doApply
1441         https://bugs.webkit.org/show_bug.cgi?id=160011
1442
1443         Reviewed by Chris Dumez.
1444
1445         Add a null pointer check for renderer() call.
1446
1447         Unfortunately no new tests since we don't have a reproduction.
1448
1449         * editing/DeleteSelectionCommand.cpp:
1450         (WebCore::DeleteSelectionCommand::doApply):
1451
1452 2016-07-21  Chris Dumez  <cdumez@apple.com>
1453
1454         The 2 first parameters to DOMImplementation.createDocument() should be mandatory
1455         https://bugs.webkit.org/show_bug.cgi?id=160030
1456
1457         Reviewed by Sam Weinig.
1458
1459         The 2 first parameters to DOMImplementation.createDocument() should be mandatory
1460         as per the specification:
1461         - https://dom.spec.whatwg.org/#domimplementation
1462
1463         Firefox and Chrome both agree with the specification. However, those
1464         parameters were marked as optional in WebKit. Calling this function
1465         without parameters would create a document element whose tag is the
1466         string "undefined", which does not seem helpful. This patch thus
1467         aligns our behavior with the specification and other browsers.
1468
1469         No new tests, rebaselined existing tests.
1470
1471         * dom/DOMImplementation.idl:
1472
1473 2016-07-21  Chris Dumez  <cdumez@apple.com>
1474
1475         Kill legacy valueToStringWithNullCheck() utility function
1476         https://bugs.webkit.org/show_bug.cgi?id=159991
1477
1478         Reviewed by Sam Weinig.
1479
1480         Kill legacy valueToStringWithNullCheck() utility function. Treating null as
1481         a null string is legacy behavior so drop this function so that people are
1482         not tempted to use it. We should be using either:
1483         1. JSValue::toWTFString() for non-nullable DOMStrings
1484         2. valueToStringWithUndefinedOrNullCheck() for nullable DOMStrings
1485         3. valueToStringTreatingNullAsEmptyString() for strings with [TreatNullAs=EmptyString]
1486
1487         No new tests, no web-exposed behavior change.
1488
1489         * bindings/js/JSDOMBinding.cpp:
1490         (WebCore::valueToStringWithNullCheck): Deleted.
1491         * bindings/js/JSDOMBinding.h:
1492         * bindings/js/JSHTMLFrameElementCustom.cpp:
1493         (WebCore::JSHTMLFrameElement::setLocation):
1494         * html/HTMLFrameElement.idl:
1495
1496 2016-07-21  Zalan Bujtas  <zalan@apple.com>
1497
1498         Do not keep invalid IOSurface in ImageBufferData.
1499         https://bugs.webkit.org/show_bug.cgi?id=160005
1500         <rdar://problem/27208636>
1501
1502         Reviewed by Simon Fraser.
1503
1504         When we fail to initialize the IOSurface for the accelerated context, we switch over to
1505         the non-accelerated code path. Since ImageBufferData::surface is used to indicate whether
1506         the graphics context is in accelerated mode, we need to reset it when the initialization fails.
1507
1508         Unable to create a test case.
1509
1510         * platform/graphics/cg/ImageBufferCG.cpp:
1511         (WebCore::ImageBuffer::ImageBuffer):
1512
1513 2016-07-21  Chris Dumez  <cdumez@apple.com>
1514
1515         playsInline IDL attribute has the wrong casing
1516         https://bugs.webkit.org/show_bug.cgi?id=160029
1517         <rdar://problem/27474031>
1518
1519         Reviewed by Jon Lee.
1520
1521         Fix case from video.playsinline to video.playsInline in order to match
1522         the specification:
1523         - https://html.spec.whatwg.org/multipage/embedded-content.html#the-video-element:dom-video-playsinline
1524
1525         It still reflects the "playsinline" content attribute though, as per
1526         the specification:
1527         - https://html.spec.whatwg.org/multipage/embedded-content.html#dom-video-playsinline
1528
1529         No new tests, updated existing test.
1530
1531         * html/HTMLVideoElement.idl:
1532
1533 2016-07-21  Chris Dumez  <cdumez@apple.com>
1534
1535         Drop [TreatNullAs=EmptyString] from CanvasRenderingContext2D.globalCompositeOperation
1536         https://bugs.webkit.org/show_bug.cgi?id=160026
1537
1538         Reviewed by Sam Weinig.
1539
1540         Drop [TreatNullAs=EmptyString] from CanvasRenderingContext2D.globalCompositeOperation
1541         attribute as it does not match the specification:
1542         - https://html.spec.whatwg.org/multipage/scripting.html#canvascompositing
1543
1544         It does not change web-exposed behavior because assigning to "" or "null"
1545         gets ignored as those are not valid operations.
1546
1547         Test: fast/canvas/context-globalCompositeOperation-null.html
1548
1549         * html/canvas/CanvasRenderingContext2D.idl:
1550
1551 2016-07-21  Carlos Garcia Campos  <cgarcia@igalia.com>
1552
1553         [GTK][Threaded Compositor] Overlay scrollbars shouldn't be a requirement of the threaded compositor
1554         https://bugs.webkit.org/show_bug.cgi?id=160020
1555
1556         Reviewed by Michael Catanzaro.
1557
1558         It has been a requirement only because we didn't really know why frame scrollbars were not rendered when using
1559         the threaded compositor. The reason is that RenderView doesn't use layers for FrameView scrollbars by default,
1560         unless using overlay scrollbars. When using the threaded compositor we really need layers for the FrameView
1561         scrollbars even when not using overlay scrollbars.
1562
1563         * platform/gtk/ScrollbarThemeGtk.cpp:
1564         (WebCore::ScrollbarThemeGtk::ScrollbarThemeGtk): Stop enforcing overlay scrollbars when threaded compositor is enabled.
1565         * rendering/RenderLayerCompositor.cpp:
1566         (WebCore::RenderLayerCompositor::shouldCompositeOverflowControls): Always use layers for scrollbars when
1567         threaded compositor is enabled.
1568
1569 2016-07-21  Carlos Garcia Campos  <cgarcia@igalia.com>
1570
1571         [Cairo] Fix a crash in fast/canvas/canvas-getImageData-invalid-result-buffer-crash.html
1572         https://bugs.webkit.org/show_bug.cgi?id=160014
1573
1574         Reviewed by Michael Catanzaro.
1575
1576         In r202887 some null checks were added for JSArray::createUninitialized (and related) but not for the
1577         ImageBuffer cairo implementation.
1578
1579         * platform/graphics/cairo/ImageBufferCairo.cpp:
1580         (WebCore::getImageData): Return early if Uint8ClampedArray::createUninitialized() returns nullptr.
1581
1582 2016-07-21  Miguel Gomez  <magomez@igalia.com>
1583
1584         [GTK] The GSTREAMER_GL path in MediaPlayerPrivateGStreamerBase::paintToTextureMapper() is missing a mutex lock
1585         https://bugs.webkit.org/show_bug.cgi?id=160018
1586
1587         Reviewed by Philippe Normand.
1588
1589         Lock the video sample mutex while accessing it.
1590
1591         Covered by existent tests.
1592
1593         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
1594         (WebCore::MediaPlayerPrivateGStreamerBase::paintToTextureMapper):
1595
1596 2016-07-21  Miguel Gomez  <magomez@igalia.com>
1597
1598         [Threaded Compositor] Flickering when zooming in/out in maps.google.com
1599         https://bugs.webkit.org/show_bug.cgi?id=154069
1600
1601         Reviewed by Carlos Garcia Campos.
1602
1603         Add a new extra buffer to GraphicsContext3D when using the Threaded Compositor,
1604         so it doesn't have to reuse the buffers that are still waiting for composition.
1605
1606         Covered by existing tests.
1607
1608         * platform/graphics/GraphicsContext3D.h:
1609         Add a new texture to use for the rendering. Remove the compositor fbo we were using.
1610         * platform/graphics/cairo/GraphicsContext3DCairo.cpp:
1611         (WebCore::GraphicsContext3D::GraphicsContext3D):
1612         Initialize the new texture and remove the previous fbo related code.
1613         (WebCore::GraphicsContext3D::~GraphicsContext3D):
1614         Properly destroy the new texture and remove the previous fbo related code.
1615         * platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:
1616         (WebCore::GraphicsContext3D::reshapeFBOs):
1617         Allocate the new texture and remove the previous fbo allocation.
1618         * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
1619         (WebCore::GraphicsContext3D::prepareTexture):
1620         Use a single fbo with three textures instead of two fbos with a texture each.
1621         Rotate the three textures usage so:
1622         - m_texture becomes m_compositorTexture to be pushed to the compositor.
1623         - m_intermediateTexture becomes m_texture to receive the next rendering.
1624         - m_compositorTexture becomes m_intermediateTexture.
1625         And add a glFlush() to ensure that the gl commands are sent to the pipeline.
1626         * platform/graphics/opengl/GraphicsContext3DOpenGLES.cpp:
1627         (WebCore::GraphicsContext3D::reshapeFBOs):
1628         Allocate the new texture.
1629
1630 2016-07-21  Carlos Garcia Campos  <cgarcia@igalia.com>
1631
1632         [GTK][Threaded Compositor] Web view background colors don't work
1633         https://bugs.webkit.org/show_bug.cgi?id=159465
1634
1635         Reviewed by Michael Catanzaro.
1636
1637         * rendering/RenderLayerBacking.cpp:
1638         (WebCore::RenderLayerBacking::createPrimaryGraphicsLayer): Initialize frame view layer opacity for platforms not
1639         using the tiled cache layer.
1640
1641 2016-07-20  Youenn Fablet  <youenn@apple.com>
1642
1643         [XHR] Cache response JS object in case of arraybuffer and blob response types
1644         https://bugs.webkit.org/show_bug.cgi?id=128903
1645
1646         Reviewed by Alex Christensen.
1647
1648         Covered by existing and modified tests.
1649
1650         Making response getter a JS builtin that caches response in @response private slot.
1651         Handling invalidation of cached response with @responseCacheIsValid new private method.
1652         Handling creation of cached response with @retrieveResponse new private method which reuses most of
1653         JSXMLHttpRequest::response previous code.
1654
1655         Caching of responses is activated whenever load ended without any error for blob and arraybuffer response types.
1656
1657         Caching of response for document is also activated in case the response getter is used but not if responseXML getter is used.
1658
1659         * CMakeLists.txt: Adding XMLHttpRequest.js.
1660         * DerivedSources.make: Ditto.
1661         * bindings/js/JSXMLHttpRequestCustom.cpp:
1662         (WebCore::JSXMLHttpRequest::retrieveResponse): Implements creation of to-be-cached response.
1663         (WebCore::JSXMLHttpRequest::response): Deleted.
1664         * bindings/js/WebCoreBuiltinNames.h: Adding new private names.
1665         * xml/XMLHttpRequest.cpp:
1666         (WebCore::XMLHttpRequest::didCacheResponse): Renamed from didCacheResponseJSON as all response types are now cached.
1667         (WebCore::XMLHttpRequest::didCacheResponseJSON): Deleted.
1668         * xml/XMLHttpRequest.h:
1669         * xml/XMLHttpRequest.idl:
1670
1671 2016-07-20  Youenn Fablet  <youenn@apple.com>
1672
1673         Remove crossOriginRequestPolicy from ThreadableLoaderOptions
1674         https://bugs.webkit.org/show_bug.cgi?id=159417
1675
1676         Reviewed by Alex Christensen.
1677
1678         No observable change.
1679
1680         * Modules/fetch/FetchLoader.cpp:
1681         (WebCore::FetchLoader::start): DenyCrossOriginRequests -> FetchOptions::Mode::SameOrigin.
1682         * fileapi/FileReaderLoader.cpp:
1683         (WebCore::FileReaderLoader::start): DenyCrossOriginRequests -> FetchOptions::Mode::SameOrigin.
1684         * inspector/InspectorNetworkAgent.cpp:
1685         (WebCore::InspectorNetworkAgent::loadResource): AllowCrossOriginRequests -> FetchOptions::Mode::NoCors.
1686         * loader/DocumentThreadableLoader.cpp:
1687         (WebCore::DocumentThreadableLoader::DocumentThreadableLoader): Ditto.
1688         (WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequest): UseAccessControl -> FetchOptions::Mode::Cors.
1689         (WebCore::DocumentThreadableLoader::redirectReceived): Ditto.
1690         (WebCore::DocumentThreadableLoader::didReceiveResponse): Ditto.
1691         (WebCore::DocumentThreadableLoader::loadRequest): Use NoCors as option passed to ResourceLoader. This allows
1692         desactivating ResourceLoader CORS checks as they are done in DocumentThreadableLoader right now. In the future,
1693         these checks should be moved to ResourceLoader and DocumentThreadableLoader should directly pass the fetch mode
1694         option.
1695         (WebCore::DocumentThreadableLoader::isAllowedRedirect): AllowCrossOriginRequests -> FetchOptions::Mode::NoCors.
1696         * loader/ThreadableLoader.cpp:
1697         (WebCore::ThreadableLoaderOptions::ThreadableLoaderOptions): Removing CrossOriginRequestPolicy.
1698         * loader/ThreadableLoader.h: Ditto.
1699         * loader/WorkerThreadableLoader.cpp:
1700         (WebCore::LoaderTaskOptions::LoaderTaskOptions): Ditto.
1701         * page/EventSource.cpp:
1702         (WebCore::EventSource::connect): UseAccessControl -> FetchOptions::Mode::Cors.
1703         * workers/Worker.cpp:
1704         (WebCore::Worker::create): DenyCrossOriginRequests -> FetchOptions::Mode::SameOrigin.
1705         * workers/WorkerGlobalScope.cpp:
1706         (WebCore::WorkerGlobalScope::importScripts): AllowCrossOriginRequests -> FetchOptions::Mode::NoCors.
1707         * workers/WorkerScriptLoader.cpp:
1708         (WebCore::WorkerScriptLoader::loadSynchronously):
1709         (WebCore::WorkerScriptLoader::loadAsynchronously):
1710         * workers/WorkerScriptLoader.h:
1711         * xml/XMLHttpRequest.cpp:
1712         (WebCore::XMLHttpRequest::createRequest):
1713
1714 2016-07-20  Chris Dumez  <cdumez@apple.com>
1715
1716         Fix null handling of several Document attributes
1717         https://bugs.webkit.org/show_bug.cgi?id=159997
1718
1719         Reviewed by Ryosuke Niwa.
1720
1721         Fix null handling of the following Document attributes: title, cookie
1722         and domain.
1723
1724         In WebKit, they were all marked as [TreatNullAs=EmptyString], which
1725         does not match the specification:
1726         - https://html.spec.whatwg.org/multipage/dom.html#document
1727
1728         Details for each attribute:
1729         - title: null is now treated as the string "null", thus setting the
1730           document title to "null". This matches Firefox and Chrome.
1731         - cookie: adds a "null" cookie instead of being a no-op. This matches
1732                   both Firefox and Chrome.
1733         - domain: Calls setDomain(String("null")) instead of
1734                   setDomain(String()). This throws an exception because "null"
1735                   is not a suffix of the effective domain name. The behavior
1736                   is the same in Firefox and Chrome. Previously, we were
1737                   already throwing an exception since setting the domain to
1738                   the empty string throws, as per the specification.
1739
1740         Test: http/tests//dom/document-attributes-null-handling.html
1741
1742         * dom/Document.idl:
1743
1744 2016-07-20  Commit Queue  <commit-queue@webkit.org>
1745
1746         Unreviewed, rolling out r203471.
1747         https://bugs.webkit.org/show_bug.cgi?id=160003
1748
1749         many iOS-simulator tests are failing (Requested by litherum on
1750         #webkit).
1751
1752         Reverted changeset:
1753
1754         "[iPhone] Playing a video on tudou.com plays only sound, no
1755         video"
1756         https://bugs.webkit.org/show_bug.cgi?id=159967
1757         http://trac.webkit.org/changeset/203471
1758
1759 2016-07-19  Ryosuke Niwa  <rniwa@webkit.org>
1760
1761         iOS: Cannot paste images in RTF content
1762         https://bugs.webkit.org/show_bug.cgi?id=159964
1763         <rdar://problem/27442806>
1764
1765         Reviewed by Enrica Casucci.
1766
1767         The bug was caused by setDefersLoading(true) not deferring image loading for the parsed fragment.
1768         Worked around this bug by disabling image loading while parsing the document fragment.
1769
1770         * editing/ios/EditorIOS.mm:
1771         (WebCore::Editor::createFragmentAndAddResources):
1772
1773 2016-07-20  Brady Eidson  <beidson@apple.com>
1774
1775         Address a small FIXME in IDB code.
1776         https://bugs.webkit.org/show_bug.cgi?id=159999
1777
1778         Reviewed by Andy Estes.
1779
1780         No new tests (No behavior change).
1781
1782         * Modules/indexeddb/IDBRequest.cpp:
1783         (WebCore::IDBRequest::IDBRequest):
1784         
1785         * Modules/indexeddb/shared/IDBResourceIdentifier.cpp:
1786         (WebCore::IDBResourceIdentifier::IDBResourceIdentifier): Deleted.
1787         * Modules/indexeddb/shared/IDBResourceIdentifier.h:
1788
1789 2016-07-20  Brady Eidson  <beidson@apple.com>
1790
1791         Remove some "modernFoo"s from IndexedDB code.
1792         https://bugs.webkit.org/show_bug.cgi?id=159985
1793
1794         Reviewed by Andy Estes.
1795
1796         No new tests (No known behavior change).
1797
1798         * Modules/indexeddb/IDBCursor.cpp:
1799         (WebCore::IDBCursor::IDBCursor):
1800         (WebCore::IDBCursor::~IDBCursor):
1801         (WebCore::IDBCursor::sourcesDeleted):
1802         (WebCore::IDBCursor::effectiveObjectStore):
1803         (WebCore::IDBCursor::transaction):
1804         (WebCore::IDBCursor::direction):
1805         (WebCore::IDBCursor::update):
1806         (WebCore::IDBCursor::advance):
1807         (WebCore::IDBCursor::continueFunction):
1808         (WebCore::IDBCursor::uncheckedIterateCursor):
1809         (WebCore::IDBCursor::deleteFunction):
1810         (WebCore::IDBCursor::setGetResult):
1811         
1812         * Modules/indexeddb/IDBIndex.cpp:
1813         (WebCore::IDBIndex::IDBIndex):
1814         (WebCore::IDBIndex::~IDBIndex):
1815         (WebCore::IDBIndex::hasPendingActivity):
1816         (WebCore::IDBIndex::name):
1817         (WebCore::IDBIndex::objectStore):
1818         (WebCore::IDBIndex::keyPath):
1819         (WebCore::IDBIndex::unique):
1820         (WebCore::IDBIndex::multiEntry):
1821         (WebCore::IDBIndex::openCursor):
1822         (WebCore::IDBIndex::doCount):
1823         (WebCore::IDBIndex::openKeyCursor):
1824         (WebCore::IDBIndex::doGet):
1825         (WebCore::IDBIndex::doGetKey):
1826         (WebCore::IDBIndex::markAsDeleted):
1827         * Modules/indexeddb/IDBIndex.h:
1828         
1829         * Modules/indexeddb/IDBObjectStore.cpp:
1830         (WebCore::IDBObjectStore::transaction):
1831         (WebCore::IDBObjectStore::deleteFunction): Deleted.
1832         (WebCore::IDBObjectStore::modernDelete): Deleted.
1833         * Modules/indexeddb/IDBObjectStore.h:
1834         
1835         * bindings/js/JSIDBIndexCustom.cpp:
1836         (WebCore::JSIDBIndex::visitAdditionalChildren):
1837
1838 2016-07-20  Chris Dumez  <cdumez@apple.com>
1839
1840         Stop using valueToStringWithNullCheck() in JSCSSStyleDeclaration::putDelegate()
1841         https://bugs.webkit.org/show_bug.cgi?id=159982
1842
1843         Reviewed by Ryosuke Niwa.
1844
1845         valueToStringWithNullCheck() treats null as the null String() which is
1846         legacy / non standard behavior. The specification says we should treat
1847         null as the empty string:
1848         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-camel-cased-attribute
1849
1850         Therefore, we should be using valueToStringTreatingNullAsEmptyString() instead.
1851
1852         In practice, there is no web-exposed behavior change because
1853         MutableStyleProperties::setProperty() removes the property wether the
1854         value is the null String or the empty String.
1855
1856         This behavior is correct since the specification says that we should
1857         remove the property if the value is the empty string:
1858         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-setproperty (step 4)
1859
1860         I added test coverage to make sure we behave according to specification.
1861         This test is passing in Firefox, Chrome and in WebKit (before and after
1862         my change).
1863
1864         Test: fast/css/CSSStyleDeclaration-property-setter.html
1865
1866         * bindings/js/JSCSSStyleDeclarationCustom.cpp:
1867         (WebCore::JSCSSStyleDeclaration::putDelegate):
1868
1869 2016-07-20  Chris Dumez  <cdumez@apple.com>
1870
1871         Fix null handling of HTMLFrameElement.marginWidth / marginHeight
1872         https://bugs.webkit.org/show_bug.cgi?id=159987
1873
1874         Reviewed by Ryosuke Niwa.
1875
1876         Fix null handling of HTMLFrameElement.marginWidth / marginHeight:
1877         - https://html.spec.whatwg.org/multipage/obsolete.html#htmlframeelement
1878
1879         We are supposed to treat null as the empty string but we treat it as
1880         the string "null".
1881
1882         Firefox and Chrome both match the specification.
1883
1884         No new tests, updated existing tests.
1885
1886         * html/HTMLFrameElement.idl:
1887
1888 2016-07-20  Wenson Hsieh  <wenson_hsieh@apple.com>
1889
1890         Pausing autoplayed media should not remove all restrictions for that media element
1891         https://bugs.webkit.org/show_bug.cgi?id=159988
1892
1893         Reviewed by Jon Lee.
1894
1895         Localizes the removal of behavior restrictions introduced in r203464 upon pausing an
1896         autoplaying video to just affect the hiding or showing of the media controller. This
1897         prevents pages from using Javascript to start playing autoplaying videos that have
1898         been paused by the user.
1899
1900         * html/HTMLMediaElement.cpp:
1901         (WebCore::HTMLMediaElement::pause):
1902
1903 2016-07-20  Myles C. Maxfield  <mmaxfield@apple.com>
1904
1905         [iPhone] Playing a video on tudou.com plays only sound, no video
1906         https://bugs.webkit.org/show_bug.cgi?id=159967
1907         <rdar://problem/26964090>
1908
1909         Reviewed by Jon Lee.
1910
1911         WebKit recently starting honoring the playsinline and webkit-playsinline
1912         attribute on iPhones. However, because these attributes previously did
1913         nothing, some sites (such as Todou) were setting them on their content
1914         and expecting that they are not honored. In this specific case, the
1915         video is absolutely positioned to be 1 pixel x 1 pixel.
1916
1917         Previously, with iOS 9, apps could set the allowsInlineMediaPlayback
1918         property on their WKWebView, which would honor the webkit-playsinline
1919         attribute. Safari on iPhones didn't do this.
1920
1921         In order to not break these existing apps, it's important that the
1922         allowsInlineMediaPlayback preference still allows webkit-playsinline
1923         videos to play inline in apps using WKWebView. However, in Safari, these
1924         videos should play fullscreen. (Todou videos have webkit-playsinline
1925         but not playsinline.)
1926
1927         Therefore, in Safari, videos with playsinline should be inline, but
1928         videos with webkit-playsinline should be fullscreen. In apps using
1929         WKWebViews, if the app sets allowsInlineMediaPlayback, then videos with
1930         playsinline should be inline, and videos with webkit-playsinline should
1931         also be inline. Videos on iPad and Mac should all be inline by default.
1932
1933         We can create some truth tables for the cases which need to be covered:
1934
1935         All apps on Mac / iPad:
1936         Presence of playsinline | Presence of webkit-playsinline | Result
1937         ========================|================================|===========
1938         Not present             | Not present                    | Inline
1939         Present                 | Not present                    | Inline
1940         Not Present             | Present                        | Inline
1941         Present                 | Present                        | Inline
1942
1943         Safari on iPhone:
1944         Presence of playsinline | Presence of webkit-playsinline | Result
1945         ========================|================================|===========
1946         Not present             | Not present                    | Fullscreen
1947         Present                 | Not present                    | Inline
1948         Not Present             | Present                        | Fullscreen
1949         Present                 | Present                        | Inline
1950
1951         App on iPhone which sets allowsInlineMediaPlayback:
1952         Presence of playsinline | Presence of webkit-playsinline | Result
1953         ========================|================================|===========
1954         Not present             | Not present                    | Fullscreen
1955         Present                 | Not present                    | Inline
1956         Not Present             | Present                        | Inline
1957         Present                 | Present                        | Inline
1958
1959         The way to distinguish Safari from another app is to create an SPI
1960         boolean preference which Safari can set. This is already how the
1961         iPhone and iPad are differentiated using the requiresPlayInlineAttribute
1962         which Safari sets but other apps don't. However, this preference is
1963         no longer sufficient because Safari should now be discriminating
1964         between the playsinline and webkit-playsinline attributes. Therefore,
1965         this preference should be extended to two boolean preferences, which
1966         this patch adds:
1967
1968         allowsInlineMediaPlaybackWithPlaysInlineAttribute
1969         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute
1970
1971         Safari on iPhone will set
1972         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to true,
1973         and allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to
1974         false. Other apps on iPhone will get their defaults values (because they
1975         are SPI) which means they will both be true. On iPad and Mac, apps will
1976         use the defaults values where both are false.
1977
1978         This patch adds support for these two preferences, but does not remove
1979         the existing inlineMediaPlaybackRequiresPlaysInlineAttribute preference.
1980         I will remove the exising preference as soon as I update Safari to migrate
1981         off of it.
1982
1983         Test: media/video-playsinline.html
1984
1985         * html/MediaElementSession.cpp:
1986         (WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):
1987         * page/Settings.cpp:
1988         * page/Settings.in:
1989         * testing/InternalSettings.cpp:
1990         (WebCore::InternalSettings::Backup::Backup):
1991         (WebCore::InternalSettings::Backup::restoreTo):
1992         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithPlaysInlineAttribute):
1993         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute):
1994         * testing/InternalSettings.h:
1995         * testing/InternalSettings.idl:
1996
1997 2016-07-20  Chris Dumez  <cdumez@apple.com>
1998
1999         Get rid of custom bindings code for XMLHttpRequest.open()
2000         https://bugs.webkit.org/show_bug.cgi?id=159984
2001
2002         Reviewed by Ryosuke Niwa.
2003
2004         Get rid of custom bindings code for XMLHttpRequest.open() as the
2005         bindings generator is able to generate it.
2006
2007         Relevant specification:
2008         - https://xhr.spec.whatwg.org/#xmlhttprequest
2009
2010         The issue is that legacy content prevents treating the 'async' argument
2011         being undefined identical from it being omitted. However, this can be
2012         achieved by using overloading in IDL, like in the specification.
2013
2014         No new tests, already covered by the following tests:
2015         - http/tests/xmlhttprequest/basic-auth.html
2016         - http/tests/xmlhttprequest/open-async-overload.html
2017
2018         * bindings/js/JSXMLHttpRequestCustom.cpp:
2019         (WebCore::SendFunctor::SendFunctor): Deleted.
2020         (WebCore::SendFunctor::line): Deleted.
2021         (WebCore::SendFunctor::column): Deleted.
2022         (WebCore::SendFunctor::url): Deleted.
2023         (WebCore::SendFunctor::operator()): Deleted.
2024         * xml/XMLHttpRequest.cpp:
2025         (WebCore::XMLHttpRequest::open):
2026         * xml/XMLHttpRequest.h:
2027         * xml/XMLHttpRequest.idl:
2028
2029 2016-07-20  Rawinder Singh  <rawinder.singh-webkit@cisra.canon.com.au>
2030
2031         Mark overriden methods in WebCore/svg final classes as final
2032         https://bugs.webkit.org/show_bug.cgi?id=159966
2033
2034         Reviewed by Michael Catanzaro.
2035
2036         Update WebCore/svg classes so that overriden methods in final classes are marked final.
2037
2038         * svg/SVGAElement.h:
2039         * svg/SVGAltGlyphDefElement.h:
2040         * svg/SVGAltGlyphItemElement.h:
2041         * svg/SVGAnimateTransformElement.h:
2042         * svg/SVGAnimatedColor.h:
2043         * svg/SVGCircleElement.h:
2044         * svg/SVGClipPathElement.h:
2045         * svg/SVGCursorElement.h:
2046         * svg/SVGDefsElement.h:
2047         * svg/SVGDescElement.h:
2048         * svg/SVGEllipseElement.h:
2049         * svg/SVGFEMergeNodeElement.h:
2050         * svg/SVGFilterElement.h:
2051         * svg/SVGFontElement.h:
2052         * svg/SVGFontFaceElement.h:
2053         * svg/SVGFontFaceFormatElement.h:
2054         * svg/SVGFontFaceNameElement.h:
2055         * svg/SVGFontFaceSrcElement.h:
2056         * svg/SVGFontFaceUriElement.h:
2057         * svg/SVGForeignObjectElement.h:
2058         * svg/SVGGElement.h:
2059         * svg/SVGGlyphElement.h:
2060         * svg/SVGGlyphRefElement.h:
2061         * svg/SVGHKernElement.h:
2062         * svg/SVGImageElement.h:
2063         * svg/SVGLineElement.h:
2064         * svg/SVGMPathElement.h:
2065         * svg/SVGMaskElement.h:
2066         * svg/SVGMetadataElement.h:
2067         * svg/SVGMissingGlyphElement.h:
2068         * svg/SVGPathBuilder.h:
2069         * svg/SVGPathByteStreamBuilder.h:
2070         * svg/SVGPathByteStreamSource.h:
2071         * svg/SVGPathElement.h:
2072         * svg/SVGPathSegArcAbs.h:
2073         * svg/SVGPathSegArcRel.h:
2074         * svg/SVGPathSegClosePath.h:
2075         * svg/SVGPathSegCurvetoCubicAbs.h:
2076         * svg/SVGPathSegCurvetoCubicRel.h:
2077         * svg/SVGPathSegCurvetoCubicSmoothAbs.h:
2078         * svg/SVGPathSegCurvetoCubicSmoothRel.h:
2079         * svg/SVGPathSegCurvetoQuadraticAbs.h:
2080         * svg/SVGPathSegCurvetoQuadraticRel.h:
2081         * svg/SVGPathSegCurvetoQuadraticSmoothAbs.h:
2082         * svg/SVGPathSegCurvetoQuadraticSmoothRel.h:
2083         * svg/SVGPathSegLinetoAbs.h:
2084         * svg/SVGPathSegLinetoHorizontalAbs.h:
2085         * svg/SVGPathSegLinetoHorizontalRel.h:
2086         * svg/SVGPathSegLinetoRel.h:
2087         * svg/SVGPathSegLinetoVerticalAbs.h:
2088         * svg/SVGPathSegLinetoVerticalRel.h:
2089         * svg/SVGPathSegListBuilder.h:
2090         * svg/SVGPathSegListSource.h:
2091         * svg/SVGPathSegMovetoAbs.h:
2092         * svg/SVGPathSegMovetoRel.h:
2093         * svg/SVGPathStringSource.h:
2094         * svg/SVGPathTraversalStateBuilder.h:
2095         * svg/SVGPatternElement.h:
2096         * svg/SVGRectElement.h:
2097         * svg/SVGScriptElement.h:
2098         * svg/SVGStopElement.h:
2099         * svg/SVGStyleElement.h:
2100         * svg/SVGSwitchElement.h:
2101         * svg/SVGTRefElement.cpp:
2102         * svg/SVGTitleElement.h:
2103         * svg/SVGToOTFFontConversion.cpp:
2104         * svg/SVGUnknownElement.h:
2105         * svg/SVGVKernElement.h:
2106         * svg/SVGViewElement.h:
2107         * svg/SVGZoomEvent.h:
2108         * svg/animation/SVGSMILElement.cpp:
2109         * svg/graphics/SVGImage.h:
2110         * svg/graphics/SVGImageClients.h:
2111         * svg/graphics/SVGImageForContainer.h:
2112         * svg/graphics/filters/SVGFEImage.h:
2113         * svg/graphics/filters/SVGFilter.h:
2114         * svg/properties/SVGAnimatedEnumerationPropertyTearOff.h:
2115         * svg/properties/SVGAnimatedPathSegListPropertyTearOff.h:
2116         * svg/properties/SVGAnimatedPropertyTearOff.h:
2117         * svg/properties/SVGAnimatedTransformListPropertyTearOff.h:
2118         * svg/properties/SVGMatrixTearOff.h:
2119         * svg/properties/SVGPathSegListPropertyTearOff.h:
2120
2121 2016-07-20  Brady Eidson  <beidson@apple.com>
2122
2123         Transition most IDB interfaces from ScriptExecutionContext to ExecState.
2124         https://bugs.webkit.org/show_bug.cgi?id=159975
2125
2126         Reviewed by Alex Christensen.
2127
2128         No new tests (No known behavior change).
2129
2130         * Modules/indexeddb/IDBCursor.cpp:
2131         (WebCore::IDBCursor::continueFunction):
2132         (WebCore::IDBCursor::deleteFunction):
2133         * Modules/indexeddb/IDBCursor.h:
2134         * Modules/indexeddb/IDBCursor.idl:
2135
2136         * Modules/indexeddb/IDBDatabase.idl:
2137
2138         * Modules/indexeddb/IDBFactory.cpp:
2139         (WebCore::IDBFactory::cmp):
2140         * Modules/indexeddb/IDBFactory.h:
2141         * Modules/indexeddb/IDBFactory.idl:
2142
2143         * Modules/indexeddb/IDBIndex.cpp:
2144         (WebCore::IDBIndex::openCursor):
2145         (WebCore::IDBIndex::count):
2146         (WebCore::IDBIndex::doCount):
2147         (WebCore::IDBIndex::openKeyCursor):
2148         (WebCore::IDBIndex::get):
2149         (WebCore::IDBIndex::doGet):
2150         (WebCore::IDBIndex::getKey):
2151         (WebCore::IDBIndex::doGetKey):
2152         * Modules/indexeddb/IDBIndex.h:
2153         * Modules/indexeddb/IDBIndex.idl:
2154
2155         * Modules/indexeddb/IDBKeyRange.cpp:
2156         (WebCore::IDBKeyRange::only): Deleted.
2157         * Modules/indexeddb/IDBKeyRange.h:
2158
2159         * Modules/indexeddb/IDBObjectStore.cpp:
2160         (WebCore::IDBObjectStore::openCursor):
2161         (WebCore::IDBObjectStore::get):
2162         (WebCore::IDBObjectStore::putOrAdd):
2163         (WebCore::IDBObjectStore::deleteFunction):
2164         (WebCore::IDBObjectStore::doDelete):
2165         (WebCore::IDBObjectStore::modernDelete):
2166         (WebCore::IDBObjectStore::clear):
2167         (WebCore::IDBObjectStore::createIndex):
2168         (WebCore::IDBObjectStore::count):
2169         (WebCore::IDBObjectStore::doCount):
2170         * Modules/indexeddb/IDBObjectStore.h:
2171         * Modules/indexeddb/IDBObjectStore.idl:
2172
2173         * Modules/indexeddb/IDBTransaction.cpp:
2174         (WebCore::IDBTransaction::requestOpenCursor):
2175         (WebCore::IDBTransaction::doRequestOpenCursor):
2176         (WebCore::IDBTransaction::requestGetRecord):
2177         (WebCore::IDBTransaction::requestGetValue):
2178         (WebCore::IDBTransaction::requestGetKey):
2179         (WebCore::IDBTransaction::requestIndexRecord):
2180         (WebCore::IDBTransaction::requestCount):
2181         (WebCore::IDBTransaction::requestDeleteRecord):
2182         (WebCore::IDBTransaction::requestClearObjectStore):
2183         (WebCore::IDBTransaction::requestPutOrAdd):
2184         * Modules/indexeddb/IDBTransaction.h:
2185
2186         * inspector/InspectorIndexedDBAgent.cpp:
2187
2188 2016-07-20  Wenson Hsieh  <wenson_hsieh@apple.com>
2189
2190         Media controls don't appear when pausing a small autoplaying video
2191         https://bugs.webkit.org/show_bug.cgi?id=159972
2192         <rdar://problem/27180657>
2193
2194         Reviewed by Beth Dakin.
2195
2196         When pausing an autoplaying video, remove behavior restrictions for the
2197         initial user gesture and show media controls.
2198
2199         New WebKit API test. See VideoControlsManagerSingleSmallAutoplayingVideo.
2200
2201         * html/HTMLMediaElement.cpp:
2202         (WebCore::HTMLMediaElement::pause):
2203
2204 2016-07-20  Chris Dumez  <cdumez@apple.com>
2205
2206         Fix null handling of HTMLMediaElement.mediaGroup
2207         https://bugs.webkit.org/show_bug.cgi?id=159974
2208
2209         Reviewed by Eric Carlson.
2210
2211         Fix null handling of HTMLMediaElement.mediaGroup to match the specification:
2212         - https://www.w3.org/TR/html5/embedded-content-0.html#media-elements
2213
2214         null is supposed to be treated as the String "null". This patch aligns
2215         our behavior with the specification. I tested Firefox and Chrome but both
2216         do not have this attribute on HTMLMediaElement.
2217
2218         Also remove support for [TreatNullAs=LegacyNullString] from our bindings
2219         generator as HTMLMediaElement.mediaGroup was the last user.
2220
2221         No new tests, rebaselined existing test.
2222
2223         * bindings/scripts/CodeGeneratorJS.pm:
2224         (JSValueToNative):
2225         * bindings/scripts/IDLAttributes.txt:
2226         * html/HTMLMediaElement.idl:
2227
2228 2016-07-20  Chris Dumez  <cdumez@apple.com>
2229
2230         CSSStyleDeclaration.setProperty() should be able to unset "important" on a property
2231         https://bugs.webkit.org/show_bug.cgi?id=159959
2232
2233         Reviewed by Alexey Proskuryakov.
2234
2235         CSSStyleDeclaration.setProperty() should be able to unsert "important"
2236         on a property as per the latest specification:
2237         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-setproperty
2238         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-camel-cased-attribute
2239
2240         Firefox and Chrome match the specification here but WebKit was ignoring calls
2241         to setProperty() if there is already an "important" property wit this name
2242         and if the new property does not have the "important" flag set.
2243
2244         This behavior was added a long time ago via Bug 60007. However, it does not
2245         match the latest specification or other browsers.
2246
2247         Test: fast/css/CSSStyleDeclaration-setProperty-unset-important.html
2248
2249         * css/StyleProperties.cpp:
2250         (WebCore::MutableStyleProperties::addParsedProperty):
2251         Drop code that was added via Bug 60007 as this behavior no longer matches the
2252         specification or other browsers. The layout test added in Bug 60007 fails in
2253         other browsers and was updated in this patch to match the specification.
2254
2255 2016-07-20  Commit Queue  <commit-queue@webkit.org>
2256
2257         Unreviewed, rolling out r203423.
2258         https://bugs.webkit.org/show_bug.cgi?id=159977
2259
2260         The test for this change is failing on Mac Release WK2
2261         (Requested by ryanhaddad on #webkit).
2262
2263         Reverted changeset:
2264
2265         "HTMLVideoElement frames do not update on iOS when src is a
2266         MediaStream blob"
2267         https://bugs.webkit.org/show_bug.cgi?id=159833
2268         http://trac.webkit.org/changeset/203423
2269
2270 2016-07-20  Chris Dumez  <cdumez@apple.com>
2271
2272         Fix null handling of HTMLSelectElement.value attribute
2273         https://bugs.webkit.org/show_bug.cgi?id=159925
2274
2275         Reviewed by Benjamin Poulain.
2276
2277         Fix null handling of HTMLSelectElement.value attribute:
2278         - https://html.spec.whatwg.org/multipage/forms.html#htmlselectelement
2279
2280         We were treating null as the null String which would end up setting
2281         selectedIndex to -1. However, we should treat null as the String "null"
2282         which would set the selectedIndex to the index of the <option> element
2283         whose value is "null".
2284
2285         Firefox and Chrome match the specification.
2286
2287         Test: fast/dom/HTMLSelectElement/value-null-handling.html
2288
2289         * html/HTMLSelectElement.cpp:
2290         (WebCore::HTMLSelectElement::setValue):
2291         * html/HTMLSelectElement.idl:
2292
2293 2016-07-20  Chris Dumez  <cdumez@apple.com>
2294
2295         PostResolutionCallbackDisabler can resume pending requests while a ResourceLoadSuspender is alive
2296         https://bugs.webkit.org/show_bug.cgi?id=159962
2297         <rdar://problem/21439264>
2298
2299         Reviewed by David Kilzer.
2300
2301         PostResolutionCallbackDisabler can resume pending requests while a ResourceLoadSuspender
2302         is alive. We have both PostResolutionCallbackDisabler and ResourceLoadSuspender that
2303         call LoaderStrategy::suspendPendingRequests() / LoaderStrategy::resumePendingRequests().
2304         However, PostResolutionCallbackDisabler and ResourceLoadSuspender are not aware of each
2305         other. It is therefore possible for a PostResolutionCallbackDisabler object to get
2306         destroyed, causing LoaderStrategy::resumePendingRequests() to be called while a
2307         ResourceLoadSuspender object is alive.
2308
2309         This leads to hard to investigate crashes where we end up re-entering WebKit and killing
2310         the style resolver.
2311
2312         This patch drops ResourceLoadSuspender and uses PostResolutionCallbackDisabler instead.
2313         There was only one user of ResourceLoadSuspender and PostResolutionCallbackDisabler
2314         is better because it manages a resolutionNestingDepth counter internally to make sure
2315         it only calls LoaderStrategy::resumePendingRequests() once all
2316         PostResolutionCallbackDisabler instances are destroyed.
2317
2318         No new tests, there is no easy way to reproduce the crashes.
2319
2320         * dom/Document.cpp:
2321         (WebCore::Document::styleForElementIgnoringPendingStylesheets):
2322         * loader/LoaderStrategy.cpp:
2323         (WebCore::ResourceLoadSuspender::ResourceLoadSuspender): Deleted.
2324         (WebCore::ResourceLoadSuspender::~ResourceLoadSuspender): Deleted.
2325         * loader/LoaderStrategy.h:
2326
2327 2016-07-19  Youenn Fablet  <youenn@apple.com>
2328
2329         [Fetch API] Add a JS builtin to implement https://fetch.spec.whatwg.org/#concept-headers-fill
2330         https://bugs.webkit.org/show_bug.cgi?id=159932
2331
2332         Reviewed by Alex Christensen.
2333
2334         Covered by existing tests.
2335
2336         Refactoring Headers initializeWith to use the new built-in internal that implements
2337         https://fetch.spec.whatwg.org/#concept-headers-fill.
2338
2339         Refactoring Response constructor to put more checks in the JS builtin fucntion called within constructor.
2340         Making use of the new built-in internal that implements https://fetch.spec.whatwg.org/#concept-headers-fill.
2341
2342         * CMakeLists.txt: Adding FetchHeadersInternals.js
2343         * DerivedSources.make: Ditto.
2344         * Modules/fetch/FetchHeaders.js:
2345         (initializeFetchHeaders): Using fillFetchHeaders new built-in internal.
2346         * Modules/fetch/FetchInternals.js: Added.
2347         (fillFetchHeaders):
2348         * Modules/fetch/FetchResponse.cpp: Refactoring to do more in the JS built-in. Splitting of initializeWith so
2349         that the checks are done in the order defined by the spec.
2350         (WebCore::FetchResponse::setStatus):
2351         (WebCore::FetchResponse::initializeWith):
2352         (WebCore::isNullBodyStatus): Deleted.
2353         * Modules/fetch/FetchResponse.h:
2354         * Modules/fetch/FetchResponse.idl:
2355         * Modules/fetch/FetchResponse.js:
2356         (initializeFetchResponse): New built-in internal.
2357         * WebCore.xcodeproj/project.pbxproj:
2358         * bindings/js/WebCoreBuiltinNames.h:
2359
2360 2016-07-19  Chris Dumez  <cdumez@apple.com>
2361
2362         Fix null handling of SVGScriptElement.type attribute
2363         https://bugs.webkit.org/show_bug.cgi?id=159927
2364
2365         Reviewed by Benjamin Poulain.
2366
2367         Fix null handling of SVGScriptElement.type attribute:
2368         - https://www.w3.org/TR/SVG2/interact.html#InterfaceSVGScriptElement
2369
2370         We were treating null as the null String which would end up removing
2371         the 'type' content attribute. However, we should treat null as the
2372         String "null".
2373
2374         Firefox and Chrome match the specification.
2375
2376         No new tests, updated existing test.
2377
2378         * svg/SVGScriptElement.idl:
2379
2380 2016-07-19  Chris Dumez  <cdumez@apple.com>
2381
2382         Fix null handling of several HTMLDocument attributes
2383         https://bugs.webkit.org/show_bug.cgi?id=159923
2384
2385         Reviewed by Benjamin Poulain.
2386
2387         Fix null handling of several HTMLDocument attributes:
2388         - https://html.spec.whatwg.org/multipage/dom.html#document
2389         - https://html.spec.whatwg.org/multipage/obsolete.html#document-partial
2390
2391         In particular, null handling was incorrect in WebKit for 'dir',
2392         'bgColor', 'fgColor', 'alinkColor', 'linkColor' and 'vlinkColor'.
2393
2394         Firefox and Chrome match the specification.
2395
2396         Test: fast/dom/HTMLDocument/null-handling.html
2397
2398         * html/HTMLDocument.idl:
2399
2400 2016-07-19  Chris Dumez  <cdumez@apple.com>
2401
2402         Document.createElementNS() / createAttributeNS() parameters should be mandatory
2403         https://bugs.webkit.org/show_bug.cgi?id=159938
2404
2405         Reviewed by Benjamin Poulain.
2406
2407         Document.createElementNS() / createAttributeNS() parameters should be mandatory:
2408         - https://dom.spec.whatwg.org/#document
2409
2410         They were optional in WebKit. However, Firefox and Chrome both match the
2411         specification.
2412
2413         No new tests, rebaselined existing tests.
2414
2415         * dom/Document.idl:
2416
2417 2016-07-19  Benjamin Poulain  <bpoulain@apple.com>
2418
2419         Use getElementById for attribute matching if the attribute name is html's id
2420         https://bugs.webkit.org/show_bug.cgi?id=159960
2421
2422         Reviewed by Chris Dumez.
2423
2424         Elliott Sprehn discovered YUI makes heavy uses of querySelector with [id=value]
2425         (https://bugs.chromium.org/p/chromium/issues/detail?id=627242).
2426
2427         If we are not in quirks mode, IdForStyleResolution has the same value
2428         as the Id attribute. We can use the same optimization for both cases.
2429
2430         Tests: fast/selectors/id-attribute-querySelector-used-as-id-selector-quirks.html
2431                fast/selectors/id-attribute-querySelector-used-as-id-selector.html
2432
2433         * dom/SelectorQuery.cpp:
2434         (WebCore::canBeUsedForIdFastPath):
2435         (WebCore::findIdMatchingType):
2436         (WebCore::SelectorDataList::SelectorDataList):
2437         (WebCore::selectorForIdLookup):
2438         (WebCore::filterRootById):
2439
2440 2016-07-19  Chris Dumez  <cdumez@apple.com>
2441
2442         Drop SVGElement.xmlbase attribute
2443         https://bugs.webkit.org/show_bug.cgi?id=159926
2444
2445         Reviewed by Benjamin Poulain.
2446
2447         Drop SVGElement.xmlbase attribute as it is no longer part of the
2448         specification:
2449         - https://www.w3.org/TR/SVG2/types.html#InterfaceSVGElement
2450
2451         Both Firefox and Chrome have already dropped support for
2452         SVGElement.xmlbase.
2453
2454         Chrome's intent to remove:
2455         https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/TfwMq4d25hk/C-v_iC_wKfAJ
2456
2457         Test: svg/dom/SVGElement-xmlbase.html
2458
2459         * svg/SVGElement.cpp:
2460         (WebCore::SVGElement::removedFrom): Deleted.
2461         * svg/SVGElement.h:
2462         * svg/SVGElement.idl:
2463
2464 2016-07-19  Chris Dumez  <cdumez@apple.com>
2465
2466         Align CSSStyleDeclaration.setProperty() with the specification
2467         https://bugs.webkit.org/show_bug.cgi?id=159955
2468
2469         Reviewed by Benjamin Poulain.
2470
2471         Align CSSStyleDeclaration.setProperty() with the specification:
2472         - https://drafts.csswg.org/cssom/#the-cssstyledeclaration-interface
2473
2474         In particular, the following changes were needed:
2475         1. The 'value' parameter should not be optional
2476         2. The 'priority' parameter should treat null as the empty string
2477            rather than the string "null".
2478         3. The 'priority' parameter's default value should be the empty string,
2479            not the string "undefined".
2480         4. CSSStyleDeclaration.setProperty() should return early if 'priority'
2481            is not the empty string and is not an ASCII case-insensitive match
2482            for the string "important".
2483
2484         Chrome matches the specification entirely.
2485         Firefox matches the specification with the exception that it does a
2486         case-sensitive match for "important".
2487
2488         Test: fast/css/CSSStyleDeclaration-setProperty.html
2489
2490         * css/CSSStyleDeclaration.idl:
2491         * css/PropertySetCSSStyleDeclaration.cpp:
2492         (WebCore::PropertySetCSSStyleDeclaration::setProperty):
2493
2494 2016-07-19  Daniel Bates  <dabates@apple.com>
2495
2496         CSP: Improve support for multiple policies to more closely conform to the CSP Level 2 spec.
2497         https://bugs.webkit.org/show_bug.cgi?id=159841
2498         <rdar://problem/27381684>
2499
2500         Reviewed by Brent Fulgham.
2501
2502         Implement a first pass at sending multiple violation reports so as to more closely
2503         conform to section Enforcing multiple policies of the Content Security Policy Level 2 spec.,
2504         <https://w3c.github.io/webappsec-csp/2/> (Editor's Draft, 25 April 2016).
2505
2506         Tests: http/tests/security/contentSecurityPolicy/1.1/script-blocked-sends-multiple-reports.php
2507                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-enforced-policy-and-blocked-by-report-policy.php
2508                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-enforced-policy-and-blocked-by-report-policy2.php
2509                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy.php
2510                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
2511                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-enforced-policy-and-allowed-by-report-policy.php
2512                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-enforced-policy-and-allowed-by-report-policy2.php
2513                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy.php
2514                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy2.php
2515                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy.php
2516                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
2517                http/tests/security/contentSecurityPolicy/1.1/scripthash-in-enforced-policy-and-not-in-report-only.html
2518                http/tests/security/contentSecurityPolicy/1.1/scripthash-in-one-enforced-policy-neither-in-another-enforced-policy-nor-report-policy.html
2519                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-enforced-policy-and-blocked-by-report-policy.php
2520                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-enforced-policy-and-blocked-by-report-policy2.php
2521                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy.php
2522                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
2523                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-enforced-policy-and-allowed-by-report-policy.php
2524                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-enforced-policy-and-allowed-by-report-policy2.php
2525                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy.php
2526                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy2.php
2527                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy.php
2528                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
2529                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-in-enforced-policy-and-not-in-report-only.html
2530                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-in-one-enforced-policy-neither-in-another-enforced-policy-nor-report-policy.html
2531                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-multiple-policies.html
2532
2533         * page/csp/ContentSecurityPolicy.cpp:
2534         (WebCore::ContentSecurityPolicy::allPoliciesWithDispositionAllow): Added. Returns whether the resource
2535         is allowed by all of the policies with the specified disposition.
2536         (WebCore::ContentSecurityPolicy::allPoliciesAllow): Added. Returns whether the resource is allowed by
2537         all of the enforced policies.
2538         (WebCore::ContentSecurityPolicy::findHashOfContentInPolicies): Formerly named foundHashOfContentInAllPolicies.
2539         Modified to return a ("has found hash in all enforced policies, "has found hash in all report-only policies)-pair
2540         so that we can differentiate whether the hash violated an enforced policy or a report-only policy.
2541         (WebCore::ContentSecurityPolicy::allowJavaScriptURLs): Write in terms of ContentSecurityPolicy::allPoliciesAllow().
2542         (WebCore::ContentSecurityPolicy::allowInlineEventHandlers): Ditto.
2543         (WebCore::ContentSecurityPolicy::allowScriptWithNonce): For now only accept a nonce if it is allowed by
2544         all enforced policies. As a side effect of this change is that we only send a CSP violation report when a
2545         nonce violates a report-only policy only if the nonce also violates one or more enforced policies. We will
2546         address this limitation in <https://bugs.webkit.org/show_bug.cgi?id=159830>.
2547         (WebCore::ContentSecurityPolicy::allowStyleWithNonce): Ditto.
2548         (WebCore::ContentSecurityPolicy::allowInlineScript): Differentiate between a hash/'unsafe-inline' that
2549         matches/is contained in all enforce policies and a hash/'unsafe-inline' that matches/is contained in all
2550         report-only policies so that we only allow the resource for the former. As a side effect of this change
2551         we may report that a resource violated a policy even if it contained the hash. See <https://bugs.webkit.org/show_bug.cgi?id=159832>
2552         for more details.
2553         (WebCore::ContentSecurityPolicy::allowInlineStyle): Ditto.
2554         (WebCore::ContentSecurityPolicy::allowEval): Write in terms of ContentSecurityPolicy::allPoliciesAllow().
2555         (WebCore::ContentSecurityPolicy::allowFrameAncestors): Ditto.
2556         (WebCore::ContentSecurityPolicy::allowPluginType): Ditto.
2557         (WebCore::ContentSecurityPolicy::allowScriptFromSource): Ditto.
2558         (WebCore::ContentSecurityPolicy::allowObjectFromSource): Ditto.
2559         (WebCore::ContentSecurityPolicy::allowChildFrameFromSource): Ditto.
2560         (WebCore::ContentSecurityPolicy::allowChildContextFromSource): Ditto.
2561         (WebCore::ContentSecurityPolicy::allowImageFromSource): Ditto.
2562         (WebCore::ContentSecurityPolicy::allowStyleFromSource): Ditto.
2563         (WebCore::ContentSecurityPolicy::allowFontFromSource): Ditto.
2564         (WebCore::ContentSecurityPolicy::allowMediaFromSource): Ditto.
2565         (WebCore::ContentSecurityPolicy::allowConnectToSource): Ditto.
2566         (WebCore::ContentSecurityPolicy::allowFormAction): Ditto.
2567         (WebCore::ContentSecurityPolicy::allowBaseURI): Ditto.
2568         (WebCore::ContentSecurityPolicy::foundHashOfContentInAllPolicies): Deleted.
2569         * page/csp/ContentSecurityPolicy.h:
2570         (WebCore::ContentSecurityPolicy::violatedDirectiveInAnyPolicy): Deleted.
2571
2572 2016-07-19  Chris Dumez  <cdumez@apple.com>
2573
2574         Fix null handling of HTMLScriptElement.text attribute
2575         https://bugs.webkit.org/show_bug.cgi?id=159943
2576
2577         Reviewed by Benjamin Poulain.
2578
2579         Fix null handling of HTMLScriptElement.text attribute:
2580         - https://html.spec.whatwg.org/multipage/scripting.html#the-script-element
2581
2582         We should treat null as the "null" String but we were treating it as
2583         the empty string.
2584
2585         Firefox and Chrome match the specification.
2586
2587         No new tests, rebaselined existing test.
2588
2589         * html/HTMLScriptElement.idl:
2590
2591 2016-07-19  Chris Dumez  <cdumez@apple.com>
2592
2593         autocapitalize attribute should not use [TreatNullAs=LegacyNullString]
2594         https://bugs.webkit.org/show_bug.cgi?id=159934
2595
2596         Reviewed by Benjamin Poulain.
2597
2598         autocapitalize attribute should not use [TreatNullAs=LegacyNullString]. This is
2599         non-standard and we want to drop support for it from the bindings generator.
2600
2601         Instead, use [TreatNullAs=EmptyString] in order to maintain existing behavior
2602         given that both a missing/empty attribute result in using the default
2603         autocapitalization mode and that autocapitalize returns the empty string by
2604         default.
2605
2606         Test: platform/ios-simulator/ios/fast/forms/autocapitalize-null.html
2607
2608         * html/HTMLFormElement.idl:
2609         * html/HTMLInputElement.idl:
2610         * html/HTMLTextAreaElement.idl:
2611
2612 2016-07-19  Zalan Bujtas  <zalan@apple.com>
2613
2614         REGRESSION(r203415): ASSERTION FAILED: !m_layoutRoot->container() || !m_layoutRoot->container()->needsLayout()
2615         https://bugs.webkit.org/show_bug.cgi?id=159952
2616
2617         Reviewed by Simon Fraser.
2618
2619         Update ASSERTs to reflect new functionality, that is, now we can end up in a state
2620         where the container (RenderView) of one of the dirty subtrees is dirty.
2621         See r203415.
2622  
2623         Covered by editing/pasteboard/drag-drop-input-in-svg.svg
2624
2625         * page/FrameView.cpp:
2626         (WebCore::FrameView::scheduleRelayoutOfSubtree):
2627
2628 2016-07-19  Dean Jackson  <dino@apple.com>
2629
2630         REGRESSION(202927): The first slide is the only displayed slide when Quicklooking a Keynote file
2631         https://bugs.webkit.org/show_bug.cgi?id=159948
2632         <rdar://problem/27391012>
2633
2634         Reviewed by Simon Fraser.
2635
2636         There is an iOS bug (<rdar://problem/27416744>) that is causing us
2637         to not always get a color space on CGContextRefs. Investigation of this
2638         exposed some optimizations we can take when we are creating ImageBuffers.
2639         In particular, if we have a bitmap context or an IOSurfaceContext we
2640         can simply copy their color space using API. Otherwise we stick with
2641         the existing CGContextCopyDeviceColorSpace.
2642
2643         Lastly, if for some reason we are unable to copy the device color space,
2644         we should fall back to sRGB.
2645
2646         * platform/graphics/cg/ImageBufferCG.cpp:
2647         (WebCore::ImageBuffer::createCompatibleBuffer):
2648         * platform/spi/cg/CoreGraphicsSPI.h: Add some SPI and enums.
2649
2650
2651 2016-07-19  George Ruan  <gruan@apple.com>
2652
2653         HTMLVideoElement frames do not update on iOS when src is a MediaStream blob
2654         https://bugs.webkit.org/show_bug.cgi?id=159833
2655         <rdar://problem/27379487>
2656
2657         Reviewed by Eric Carlson.
2658
2659         Test: fast/mediastream/MediaStream-video-element-displays-buffer.html
2660
2661         * WebCore.xcodeproj/project.pbxproj:
2662         * platform/graphics/avfoundation/MediaSampleAVFObjC.h: Change create to return a Ref<T> instead
2663         of RefPtr<T>
2664         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h: Make observer of
2665         MediaStreamTrackPrivate and make MediaPlayer use an AVSampleBufferDisplayLayer instead of CALayer.
2666         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm: Ditto.
2667         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::~MediaPlayerPrivateMediaStreamAVFObjC): Clean up
2668         observers and AVSampleBufferDisplayLayer
2669         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::isAvailable): Ensures AVSampleBufferDisplayLayer
2670         is available.
2671         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueAudioSampleBufferFromTrack): Placeholder.
2672         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueVideoSampleBufferFromTrack): Responsible
2673         for enqueuing sample buffers to the active video track.
2674         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::ensureLayer): Ensures that an AVSampleBufferDisplayLayer
2675         exists.
2676         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::destroyLayer): Destroys the AVSampleBufferDisplayLayer.
2677         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::platformLayer): Replace CALayer with AVSampleBufferDisplayLayer.
2678         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::currentDisplayMode): Ditto.
2679         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::sampleBufferUpdated): Called from MediaStreamTrackPrivate when a
2680         new SampleBuffer is available.
2681         (WebCore::updateTracksOfType): Manage adding and removing self as observer from tracks.
2682         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateTracks): Replace CALayer with AVSampleBufferDisplayLayer
2683         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::acceleratedRenderingStateChanged): Copied from
2684         MediaPlayerPrivateMediaSourceAVFObjC.mm
2685         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::load): Deleted CALayer.
2686         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateDisplayMode): Deleted process of updating CALayer.
2687         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateIntrinsicSize): Deleted CALayer.
2688         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::createPreviewLayers): Deleted.
2689         * platform/mediastream/MediaStreamPrivate.cpp:
2690         (WebCore::MediaStreamPrivate::updateActiveVideoTrack): Remove redundant check.
2691         * platform/mediastream/MediaStreamTrackPrivate.cpp:
2692         (WebCore::MediaStreamTrackPrivate::sourceHasMoreMediaData): Called from RealtimeMediaSource when a new SampleBuffer
2693         is available.
2694         * platform/mediastream/MediaStreamTrackPrivate.h:
2695         (WebCore::MediaStreamTrackPrivate::Observer::sampleBufferUpdated): Relays to MediaPlayerPrivateMediaStream that
2696         a new SampleBuffer is available to enqueue to the AVSampleBufferDisplayLayer.
2697         * platform/mediastream/RealtimeMediaSource.cpp:
2698         (WebCore::RealtimeMediaSource::mediaDataUpdated): Relays to all observers that a new SampleBuffer is available.
2699         * platform/mediastream/RealtimeMediaSource.h:
2700         * platform/mediastream/mac/AVVideoCaptureSource.mm:
2701         (WebCore::AVVideoCaptureSource::processNewFrame): Calls mediaDataUpdated when a new SampleBuffer is captured.
2702
2703 2016-07-19  Anders Carlsson  <andersca@apple.com>
2704
2705         Get rid of a #define private public hack in WebCore
2706         https://bugs.webkit.org/show_bug.cgi?id=159953
2707
2708         Reviewed by Dan Bernstein.
2709
2710         Use @package instead.
2711
2712         * bindings/objc/DOMInternal.h:
2713         * bindings/objc/DOMObject.h:
2714
2715 2016-07-19  Andreas Kling  <akling@apple.com>
2716
2717         Fix SharedBuffer leak in MockContentFilter::replacementData().
2718         <https://webkit.org/b/159945>
2719
2720         Reviewed by Andy Estes.
2721
2722         Spotted on leaks bot. This code was pretty explicit about how it's going to leak.
2723         Since this is in the mock filter, it only affected layout tests.
2724
2725         * testing/MockContentFilter.cpp:
2726         (WebCore::MockContentFilter::replacementData):
2727
2728 2016-07-19  Zalan Bujtas  <zalan@apple.com>
2729
2730         theguardian.co.uk crossword puzzles are sometimes not displaying text
2731         https://bugs.webkit.org/show_bug.cgi?id=159924
2732         <rdar://problem/27409483>
2733
2734         Reviewed by Simon Fraser.
2735
2736         This patch fixes the case when
2737         - 2 disjoint subtrees are dirty
2738         - RenderView is also dirty.
2739         and we end up not laying out one of the 2 subtrees.
2740
2741         In FrameView::scheduleRelayoutOfSubtree, we assume that when the RenderView is dirty
2742         we already have a pending full layout which means that any previous subtree layouts have already been
2743         converted to full layouts.
2744         However this assumption is incorrect. RenderView can get dirty without checking if there's
2745         already a pending subtree layout.
2746         One option to solve this problem would be to override RenderObject::setNeedsLayout in RenderView
2747         so that when the RenderView gets dirty, we could also convert any pending subtree layout to full layout.
2748         However RenderObject::setNeedsLayout is a hot function and making it virtual would impact performance.
2749         The other option is to always normalize subtree layouts in FrameView::scheduleRelayoutOfSubtree().
2750         This patch implements the second option.
2751
2752         Test: fast/misc/subtree-layouts.html
2753
2754         * page/FrameView.cpp:
2755         (WebCore::FrameView::scheduleRelayoutOfSubtree):
2756
2757 2016-07-19  Anders Carlsson  <andersca@apple.com>
2758
2759         Some payment authorization status values should keep the sheet active
2760         https://bugs.webkit.org/show_bug.cgi?id=159936
2761         rdar://problem/26756701
2762
2763         Reviewed by Tim Horton.
2764
2765         * Modules/applepay/ApplePaySession.cpp:
2766         (WebCore::ApplePaySession::completePayment):
2767         Keep the sheet active if the status isn't a final state status.
2768
2769         * Modules/applepay/PaymentAuthorizationStatus.h:
2770         (WebCore::isFinalStateStatus):
2771         Add a new helper function that returns whether a given payment authorization status is "final",
2772         meaning that once that status has been passed to completePayment, the session is finished.
2773
2774 2016-07-19  Nan Wang  <n_wang@apple.com>
2775
2776         AX: Incorrect behavior for word related text marker functions when there's collapsed whitespace
2777         https://bugs.webkit.org/show_bug.cgi?id=159910
2778
2779         Reviewed by Chris Fleizach.
2780
2781         We are getting a bad CharacterOffset when there's collapsed whitespace. Added a TraverseOptionValidateOffset
2782         option to make sure we are getting the correct CharacterOffset based on the corresponding Range offset. And
2783         fixed a word navigation issue based on that.
2784
2785         Test: accessibility/mac/text-marker-word-nav-collapsed-whitespace.html
2786
2787         * accessibility/AXObjectCache.cpp:
2788         (WebCore::AXObjectCache::traverseToOffsetInRange):
2789         (WebCore::AXObjectCache::rangeForNodeContents):
2790         (WebCore::AXObjectCache::startOrEndCharacterOffsetForRange):
2791         (WebCore::AXObjectCache::characterOffsetFromVisiblePosition):
2792         (WebCore::AXObjectCache::rightWordRange):
2793         (WebCore::AXObjectCache::previousBoundary):
2794         * accessibility/AXObjectCache.h:
2795         (WebCore::AXObjectCache::isNodeInUse):
2796
2797 2016-07-19  Youenn Fablet  <youenn@apple.com>
2798
2799         [Streams API] ReadableStreamController methods should throw if its stream is not readable
2800         https://bugs.webkit.org/show_bug.cgi?id=159871
2801
2802         Reviewed by Xabier Rodriguez-Calvar.
2803
2804         Spec now mandates close and enqueue to throw if ReadableStream is not readable.
2805         Covered by rebased and/or modified tests.
2806
2807         * Modules/streams/ReadableStreamController.js:
2808         (enqueue): Throwing a TypeError if controlled stream is not readable.
2809         (close): Ditto.
2810
2811 2016-07-19  Simon Fraser  <simon.fraser@apple.com>
2812
2813         Bubbles appear split for a brief moment in Messages
2814         https://bugs.webkit.org/show_bug.cgi?id=159915
2815         rdar://problem/27182267
2816
2817         Reviewed by David Hyatt.
2818
2819         RenderView::repaintRootContents() had a long-standing bug in WebView when the
2820         view is scrolled. repaint() uses visualOverflowRect() but, for the 
2821         RenderView, the visualOverflowRect() is the initial containing block
2822         which is anchored at 0,0. When the view is scrolled it's clipped out and
2823         calls to repaintRootContents() have no effect.
2824         
2825         Change repaintRootContents() to use layoutOverflowRect(). ScrollView::repaintContentRectangle()
2826         will clip it to the view if necessary.
2827
2828         Test: fast/repaint/scrolled-view-full-repaint.html
2829
2830         * rendering/RenderView.cpp:
2831         (WebCore::RenderView::repaintRootContents):
2832
2833 2016-07-19  Dan Bernstein  <mitz@apple.com>
2834
2835         <rdar://problem/27420308> WebCore-7602.1.42 fails to build: error: unused parameter 'vm'
2836
2837         * bindings/js/JSDOMGlobalObject.cpp:
2838         (WebCore::JSDOMGlobalObject::addBuiltinGlobals): Fixed the !ENABLE(STREAMS_API) build.
2839
2840 2016-07-19  Youenn Fablet  <youenn@apple.com>
2841
2842         [Streams API] Make ReadableStream properties not enumerable
2843         https://bugs.webkit.org/show_bug.cgi?id=159868
2844
2845         Reviewed by Darin Adler.
2846
2847         Covered by rebased tests.
2848
2849         Uopdating IDL definitions to mark all functions/attributes as not enumerable.
2850         Updating IDL constructor definitions to correctly compute constructor length.
2851         Updating built-in implementation to correctly compute pipeTo length to 1 (second parameter being optional).
2852
2853         * Modules/streams/ReadableStream.idl:
2854         * Modules/streams/ReadableStream.js:
2855         * Modules/streams/ReadableStreamController.idl:
2856         * Modules/streams/ReadableStreamReader.idl:
2857
2858 2016-07-19  Chris Dumez  <cdumez@apple.com>
2859
2860         form.enctype / encoding / method should treat null as "null" string
2861         https://bugs.webkit.org/show_bug.cgi?id=159916
2862
2863         Reviewed by Ryosuke Niwa.
2864
2865         form.enctype / encoding / method should treat null as "null" string:
2866         - https://html.spec.whatwg.org/multipage/forms.html#htmlformelement
2867
2868         Previously, WebKit would treat null as the null String, which would
2869         end up removing the existing attribute.
2870
2871         Firefox and Chrome match the specification.
2872
2873         Test: fast/dom/HTMLFormElement/null-handling.html
2874
2875         * html/HTMLFormElement.h:
2876         * html/HTMLFormElement.idl:
2877
2878 2016-07-18  Csaba Osztrogon√°c  <ossy@webkit.org>
2879
2880         All-in-one buildfix after r202439
2881         https://bugs.webkit.org/show_bug.cgi?id=159877
2882
2883         Reviewed by Chris Dumez.
2884
2885         * Modules/webaudio/AudioDestinationNode.h:
2886         (WebCore::AudioDestinationNode::resume):
2887         (WebCore::AudioDestinationNode::suspend):
2888         (WebCore::AudioDestinationNode::close):
2889
2890 2016-07-18  Frederic Wang  <fwang@igalia.com>
2891
2892         Move parsing of subscriptshift and superscriptshift from rendering to element classes
2893         https://bugs.webkit.org/show_bug.cgi?id=159622
2894
2895         Reviewed by Darin Adler.
2896
2897         We introduce a new MathMLScriptsElement that is used for elements msub, msup, msubsup and
2898         mmultiscripts in order to create RenderMathMLScripts and parse and expose the values of the
2899         subscriptshift and superscriptshift attributes. This is one more step toward moving MathML
2900         attribute parsing to the DOM (bug 156536).
2901
2902         No new tests, rendering is unchanged.
2903
2904         * CMakeLists.txt: Add MathMLScriptsElement files.
2905         * WebCore.xcodeproj/project.pbxproj: Ditto.
2906         * mathml/MathMLAllInOne.cpp: Ditto.
2907         * mathml/MathMLInlineContainerElement.cpp: Remove handling of scripts.
2908         (WebCore::MathMLInlineContainerElement::createElementRenderer): Deleted.
2909         * mathml/MathMLScriptsElement.cpp: Added. New class to handle scripted elements supporting
2910         parsing for the subscriptshift and superscriptshift MathML lengths.
2911         (WebCore::MathMLScriptsElement::MathMLScriptsElement):
2912         (WebCore::MathMLScriptsElement::create):
2913         (WebCore::MathMLScriptsElement::subscriptShift): Expose the cached length for the shift,
2914         parsing the attribute again if necessary.
2915         (WebCore::MathMLScriptsElement::superscriptShift): Ditto.
2916         (WebCore::MathMLScriptsElement::parseAttribute): Mark attributes dirty.
2917         (WebCore::MathMLScriptsElement::createElementRenderer): Create RenderMathMLScripts.
2918         * mathml/MathMLScriptsElement.h: Ditto.
2919         * mathml/mathtags.in: Map msub, msup, msubsup and mmultiscripts to MathMLScriptsElement.
2920         * rendering/mathml/RenderMathMLScripts.cpp:
2921         (WebCore::RenderMathMLScripts::scriptsElement): Helper function to cast the node to a
2922         MathMLScriptsElement.
2923         (WebCore::RenderMathMLScripts::getScriptMetricsAndLayoutIfNeeded): Resolve the attributes
2924         using the functions from the MathMLScriptsElement class.
2925         * rendering/mathml/RenderMathMLScripts.h: Declare scriptsElement.
2926
2927 2016-07-18  Frederic Wang  <fwang@igalia.com>
2928
2929         Do not store gap and shift parameters on RenderMathMLFraction
2930         https://bugs.webkit.org/show_bug.cgi?id=159876
2931
2932         Reviewed by Darin Adler.
2933
2934         After r203285, the stack and fraction layout parameters are only used in layoutBlock so we
2935         do not need to store them on the class. We remove them and split updateLayoutParameters into
2936         three functions: one to update the linethickness and two others to retrieve the fraction and
2937         stack respectively.
2938
2939         No new tests, rendering is unchanged.
2940
2941         * rendering/mathml/RenderMathMLFraction.cpp:
2942         (WebCore::RenderMathMLFraction::updateLineThickness): Move code to update thickness members here.
2943         (WebCore::RenderMathMLFraction::getFractionParameters): Move code to retrieve fraction parameters here.
2944         (WebCore::RenderMathMLFraction::getStackParameters): Move code to retrieve stack parameters here.
2945         (WebCore::RenderMathMLFraction::layoutBlock): Use the new helper functions and local variables
2946         for fraction and stack parameters.
2947         (WebCore::RenderMathMLFraction::updateLayoutParameters): Deleted.
2948         * rendering/mathml/RenderMathMLFraction.h: Declare new helper functions and remove members
2949         for stack and fraction parameters.
2950
2951 2016-07-18  Chris Dumez  <cdumez@apple.com>
2952
2953         input.formEnctype / formMethod and button.formEnctype / formMethod / type should treat null as "null"
2954         https://bugs.webkit.org/show_bug.cgi?id=159908
2955
2956         Reviewed by Alex Christensen.
2957
2958         input.formEnctype / formMethod and button.formEnctype / formMethod / type
2959         should treat null as "null" String:
2960         - https://html.spec.whatwg.org/multipage/forms.html#htmlinputelement
2961         - https://html.spec.whatwg.org/multipage/forms.html#htmlbuttonelement
2962
2963         In WebKit, we would treat null as a null String which would end up
2964         removing the corresponding attribute. This does not match the
2965         specification. Firefox and Chrome match the specification here.
2966
2967         Tests:
2968         - fast/dom/HTMLButtonElement/null-handling.html
2969         - fast/dom/HTMLInputElement/null-handling.html
2970
2971         * html/HTMLButtonElement.idl:
2972         * html/HTMLInputElement.idl:
2973
2974 2016-07-18  Alex Christensen  <achristensen@webkit.org>
2975
2976         webbookmarksd needs to use the same AppCache directory as MobileSafari
2977         https://bugs.webkit.org/show_bug.cgi?id=159912
2978
2979         Reviewed by Alexey Proskuryakov.
2980
2981         No new tests.  This only changes behavior for webbookmarksd.
2982
2983         * platform/RuntimeApplicationChecks.h:
2984         * platform/RuntimeApplicationChecks.mm:
2985         (WebCore::IOSApplication::isWebBookmarksD): Added.
2986
2987 2016-07-18  Chris Dumez  <cdumez@apple.com>
2988
2989         EventTarget.dispatchEvent() parameter should not be nullable
2990         https://bugs.webkit.org/show_bug.cgi?id=159897
2991
2992         Reviewed by Benjamin Poulain.
2993
2994         EventTarget.dispatchEvent() parameter should not be nullable:
2995         - https://dom.spec.whatwg.org/#interface-eventtarget
2996
2997         Even though the parameter was marked as nullable in our IDL, our
2998         implementation does a null check and we already throw a TypeError
2999         when calling dispatchEvent(null).
3000
3001         Update our IDL so that it matches the specification and so that
3002         the null check is generated in the bindings instead.
3003
3004         No new tests, rebaseline existing tests.
3005
3006         * dom/EventTarget.cpp:
3007         (WebCore::EventTarget::dispatchEventForBindings):
3008         * dom/EventTarget.h:
3009         * dom/EventTarget.idl:
3010
3011 2016-07-18  Chris Dumez  <cdumez@apple.com>
3012
3013         DocType's publicId / systemId should not be nullable
3014         https://bugs.webkit.org/show_bug.cgi?id=159901
3015
3016         Reviewed by Benjamin Poulain.
3017
3018         DocType's publicId / systemId should not be nullable. While they were
3019         not marked as nullable in our IDL, they could be stored as null Strings
3020         in our implementation depending on how the Node was constructed. This
3021         led to subtle bugs where String() != emptyString().
3022
3023         In particular, Node.isEqualNode() would return false when DocumentType
3024         nodes would mismatch because of their publicId / systemId being null
3025         instead of the emptyString.
3026
3027         Serialization would DocumentType nodes would also be wrong when
3028         publicId / systemId were empty Strings instead of null strings. The
3029         new behavior now matches:
3030         - https://www.w3.org/TR/DOM-Parsing/#dfn-concept-serialize-doctype (steps 7-9)
3031
3032         To address these issues, we now always store publicId / systemId as
3033         non-null Strings inside the DocumentType class.
3034
3035         Test: fast/dom/DocumentType/isEqualNode.html
3036
3037         * dom/DocumentType.cpp:
3038         (WebCore::DocumentType::DocumentType):
3039         * editing/MarkupAccumulator.cpp:
3040         (WebCore::MarkupAccumulator::appendDocumentType):
3041
3042 2016-07-18  Jeremy Jones  <jeremyj@apple.com>
3043
3044         If previous media session interruptions were prevented, still allow subsequent interruptions to try.
3045         https://bugs.webkit.org/show_bug.cgi?id=157553
3046         rdar://problem/25740804
3047
3048         Reviewed by Eric Carlson.
3049
3050         Test: platform/ios-simulator/media/video-interruption-suspendunderlock.html
3051
3052         When suspending under lock on iOS, there is first a resign active event, then a
3053         suspend under lock. PiP prevents resign active from interrupting playback. But it should allow the
3054         suspend under lock to interrupt playback.
3055
3056         Currently if there are nested interruptions only the first one is acted upon.
3057
3058         This change allows subsequent, nested interruptions to have a chance to interrupt playback if the
3059         previous interruptions were ignored.
3060
3061         This test is for iPad only, so it must be run manually.
3062
3063         * html/HTMLMediaElement.cpp:
3064         (WebCore::HTMLMediaElement::shouldOverrideBackgroundPlaybackRestriction):
3065         * platform/audio/PlatformMediaSession.cpp:
3066         (WebCore::PlatformMediaSession::beginInterruption):
3067         * testing/Internals.cpp:
3068         (WebCore::Internals::beginMediaSessionInterruption):
3069
3070 2016-07-18  Brent Fulgham  <bfulgham@apple.com>
3071
3072         Don't associate form-associated elements with forms in other trees.
3073         https://bugs.webkit.org/show_bug.cgi?id=119451
3074         <rdar://problem/27382946>
3075
3076         Change is based on the Blink change (patch by <adamk@chromium.org>):
3077         <https://chromium.googlesource.com/chromium/blink/+/0b33128be67e7845d495d5219614c02ccfe7a414>
3078
3079         Reviewed by Chris Dumez.
3080
3081         Prevent elements from being associated with forms that are not part of the same home subtree.
3082         This brings us in line with the WhatWG HTML specification as of September, 2013.
3083
3084         Tests: fast/forms/image-disconnected-during-parse.html
3085                fast/forms/input-disconnected-during-parse.html
3086
3087         * dom/Element.h:
3088         (WebCore::Node::rootElement): Added.
3089         * html/FormAssociatedElement.cpp:
3090         (WebCore::FormAssociatedElement::insertedInto): If the element is associated with a form that
3091         is not part of the same tree, remove the association.
3092         * html/HTMLImageElement.cpp:
3093         (WebCore::HTMLImageElement::insertedInto): Ditto.
3094
3095 2016-07-18  Anders Carlsson  <andersca@apple.com>
3096
3097         WebKit nightly fails to build on macOS Sierra
3098         https://bugs.webkit.org/show_bug.cgi?id=159902
3099         rdar://problem/27365672
3100
3101         Reviewed by Tim Horton.
3102
3103         * Modules/applepay/cocoa/PaymentCocoa.mm:
3104         * Modules/applepay/cocoa/PaymentContactCocoa.mm:
3105         * Modules/applepay/cocoa/PaymentMerchantSessionCocoa.mm:
3106         * Modules/applepay/cocoa/PaymentMethodCocoa.mm:
3107         Use new PassKitSPI header.
3108
3109         * WebCore.xcodeproj/project.pbxproj:
3110         Add new PassKitSPI header.
3111
3112         * icu/unicode/ucurr.h: Added.
3113         Add ucurr.h from ICU.
3114
3115         * platform/spi/cocoa/PassKitSPI.h: Added.
3116         Add new PassKitSPI header.
3117
3118 2016-07-18  Dean Jackson  <dino@apple.com>
3119
3120         REGRESSION (r202950): Image zoom animations are broken at medium.com (159861)
3121         https://bugs.webkit.org/show_bug.cgi?id=159906
3122         <rdar://problem/27391725>
3123
3124         Reviewed by Simon Fraser.
3125
3126         The fix for webkit.org/b/157569 in r200769 broke AMP pages.
3127         The followup fix for webkit.org/b/159450 in r202950 broke Medium pages.
3128
3129         Revert them both until we have better testing.
3130
3131         * css/CSSParser.cpp:
3132         (WebCore::CSSParser::addPropertyWithPrefixingVariant):
3133         (WebCore::CSSParser::parseValue):
3134         (WebCore::CSSParser::parseAnimationShorthand):
3135         (WebCore::CSSParser::parseTransitionShorthand): Deleted.
3136         * css/CSSPropertyNames.in:
3137         * css/PropertySetCSSStyleDeclaration.cpp:
3138         (WebCore::PropertySetCSSStyleDeclaration::getPropertyCSSValue):
3139         (WebCore::PropertySetCSSStyleDeclaration::getPropertyValue):
3140         (WebCore::PropertySetCSSStyleDeclaration::getPropertyCSSValueInternal):
3141         (WebCore::PropertySetCSSStyleDeclaration::getPropertyValueInternal):
3142         * css/StyleProperties.cpp:
3143         (WebCore::MutableStyleProperties::removeShorthandProperty):
3144         (WebCore::MutableStyleProperties::removeProperty):
3145         (WebCore::MutableStyleProperties::removePrefixedOrUnprefixedProperty):
3146         (WebCore::MutableStyleProperties::setProperty):
3147         (WebCore::getIndexInShorthandVectorForPrefixingVariant):
3148         (WebCore::MutableStyleProperties::appendPrefixingVariantProperty):
3149         (WebCore::MutableStyleProperties::setPrefixingVariantProperty):
3150         (WebCore::StyleProperties::asText): Deleted.
3151         * css/StyleProperties.h:
3152
3153 2016-07-18  Andreas Kling  <akling@apple.com>
3154
3155         There should be a way to simulate memory pressure in layout tests
3156         <https://webkit.org/b/159743>
3157
3158         Reviewed by Simon Fraser.
3159
3160         Add three window.internal APIs:
3161
3162             - boolean isUnderMemoryPressure (readonly attribute)
3163             - void beginSimulatedMemoryPressure()
3164             - void endSimulatedMemoryPressure()
3165
3166         These make it possible to write tests that exercise behaviors that only
3167         occur during memory pressure situations.
3168
3169         I also implemented the "org.WebKit.lowMemory" notification handler using the new API.
3170
3171         Test: memory/memory-pressure-simulation.html
3172
3173         * platform/MemoryPressureHandler.cpp:
3174         (WebCore::MemoryPressureHandler::beginSimulatedMemoryPressure):
3175         (WebCore::MemoryPressureHandler::endSimulatedMemoryPressure):
3176         * platform/MemoryPressureHandler.h:
3177         (WebCore::MemoryPressureHandler::isUnderMemoryPressure):
3178         * platform/cocoa/MemoryPressureHandlerCocoa.mm:
3179         (WebCore::MemoryPressureHandler::platformReleaseMemory):
3180         (WebCore::MemoryPressureHandler::install):
3181         * testing/Internals.cpp:
3182         (WebCore::Internals::isUnderMemoryPressure):
3183         (WebCore::Internals::beginSimulatedMemoryPressure):
3184         (WebCore::Internals::endSimulatedMemoryPressure):
3185         * testing/Internals.h:
3186         * testing/Internals.idl:
3187
3188 2016-07-18  Said Abou-Hallawa  <sabouhallawa@apple,com>
3189
3190         [iOS] PDFDocumentImage should cache only a sub image of the PDF when caching the whole image is expensive
3191         https://bugs.webkit.org/show_bug.cgi?id=158715
3192
3193         Reviewed by Dean Jackson.
3194
3195         Test: fast/images/displaced-non-cached-pdf.html
3196
3197         For iOS, we need to ensure the size of the cached PDF images will not
3198         exceed some limit. Also we should be caching only a sub image of the PDF
3199         if caching the whole image will exceed the memory limit.
3200
3201         * page/Settings.cpp:
3202         (WebCore::Settings::Settings):
3203         (WebCore::Settings::setCachedPDFImageEnabled):
3204         * page/Settings.h:
3205         (WebCore::Settings::isCachedPDFImageEnabled):
3206             Add an option to disable caching the PDF images.
3207
3208         * platform/graphics/cg/PDFDocumentImage.cpp:
3209         (WebCore::PDFDocumentImage::setCachedPDFImageEnabled):
3210             Allow the caller of draw() to disable caching the PDF images.
3211         
3212         (WebCore::PDFDocumentImage::cacheParametersMatch):
3213             Match the context dirty rectangle with the cached image rectangle.
3214         
3215         (WebCore::transformContextForPainting):
3216             When preparing the context for drawing the PDF, take the location 
3217             of the destination rectangle into account. We do not need to scale
3218             the location of the source rectangle because we scale the size of
3219             the rectangle but we don't scale the whole coordinate system.
3220
3221         (WebCore::cachedImageRect):
3222             Calculate the rectangle of the cached image such that it does not
3223             exceed the limit. Start from the center of the dirty rectangle and
3224             then expand around it.
3225             
3226         (WebCore::PDFDocumentImage::decodedSizeChanged):
3227             In addition to notifying the ImageObserver, it keeps track of the size
3228             of all the cached PDF images.
3229
3230         (WebCore::PDFDocumentImage::updateCachedImageIfNeeded):
3231             Ensure the size of all the cached images does not exceed the limit
3232             
3233         (WebCore::PDFDocumentImage::destroyDecodedData):
3234         * platform/graphics/cg/PDFDocumentImage.h:
3235
3236         * rendering/RenderImage.cpp:
3237         (WebCore::RenderImage::paintIntoRect):
3238             Pass the option to disable caching the PDF images to PDFDocumentImage.
3239
3240         * testing/InternalSettings.cpp:
3241         (WebCore::InternalSettings::Backup::Backup):
3242         (WebCore::InternalSettings::Backup::restoreTo):
3243         (WebCore::InternalSettings::setCachedPDFImageEnabled):
3244         * testing/InternalSettings.h:
3245         * testing/InternalSettings.idl:
3246             Add an internal option to disable caching the PDF images.
3247
3248 2016-07-18  Chris Dumez  <cdumez@apple.com>
3249
3250         The 2 first parameters to addEventListener() / removeEventListener() should be mandatory
3251         https://bugs.webkit.org/show_bug.cgi?id=158008
3252
3253         Reviewed by Darin Adler.
3254
3255         The 2 first parameters to addEventListener() / removeEventListener() should be
3256         mandatory:
3257         - https://dom.spec.whatwg.org/#interface-eventtarget
3258
3259         Firefox 46 and Chrome 50 both match the specification and throw an exception when those
3260         parameters are omitted. However, those parameters were marked as optional in WebKit and
3261         the calls were no-ops if those parameters were omitted. This patch aligns our behavior
3262         with the specification and other browsers.
3263
3264         Test: fast/dom/eventtarget-api-parameters.html
3265
3266         * bindings/scripts/CodeGeneratorJS.pm:
3267         (GetFunctionLength): Deleted.
3268         * dom/EventTarget.idl:
3269
3270 2016-07-18  Brent Fulgham  <bfulgham@apple.com>
3271
3272         Unreviewed, rolling out r203373.
3273
3274         Unaddressed
3275
3276         Reverted changeset:
3277
3278         "Don't associate form-associated elements with forms in other
3279         trees."
3280         https://bugs.webkit.org/show_bug.cgi?id=119451
3281         http://trac.webkit.org/changeset/203373
3282
3283 2016-07-18  Brent Fulgham  <bfulgham@apple.com>
3284
3285         Don't associate form-associated elements with forms in other trees.
3286         https://bugs.webkit.org/show_bug.cgi?id=119451
3287         <rdar://problem/27382946>
3288
3289         Change is based on the Blink change (patch by <adamk@chromium.org>):
3290         <https://chromium.googlesource.com/chromium/blink/+/0b33128be67e7845d495d5219614c02ccfe7a414>
3291
3292         Reviewed by Zalan Bujtas.
3293
3294         Prevent elements from being associated with forms that are not part of the same home subtree.
3295         This brings us in line with the WhatWG HTML specification as of September, 2013.
3296
3297         Tests: fast/forms/image-disconnected-during-parse.html
3298                fast/forms/input-disconnected-during-parse.html
3299
3300         * dom/NodeTraversal.h:
3301         (WebCore::NodeTraversal::highestAncestorOrSelf): Added.
3302         * html/FormAssociatedElement.cpp:
3303         (WebCore::FormAssociatedElement::insertedInto): If the element is associated with a form that
3304         is not part of the same tree, remove the association.
3305         * html/HTMLImageElement.cpp:
3306         (WebCore::HTMLImageElement::insertedInto): Ditto.
3307
3308 2016-07-18  George Ruan  <gruan@apple.com>
3309
3310         Move MediaSampleAVFObjC into its own file
3311         https://bugs.webkit.org/show_bug.cgi?id=159796
3312         <rdar://problem/27362488>
3313
3314         In preparation for a feature that uses MediaSampleAVFObjC, but does
3315         not need SourceBufferPrivateAVFObjC, it is beneficial to move
3316         MediaSampleAVFObjC to its own file.
3317
3318         Reviewed by Eric Carlson.
3319
3320         * WebCore.xcodeproj/project.pbxproj:
3321         * platform/MediaSample.h: Allow setting trackID to associate
3322         MediaSample id with MediaStreamTrackPrivate id.
3323         * platform/graphics/avfoundation/MediaSampleAVFObjC.h: Added.
3324         * platform/graphics/avfoundation/objc/MediaSampleAVFObjC.mm: Moved
3325         from MediaSampleAVFObjC
3326         (WebCore::MediaSampleAVFObjC::presentationTime):
3327         (WebCore::MediaSampleAVFObjC::decodeTime):
3328         (WebCore::MediaSampleAVFObjC::duration):
3329         (WebCore::MediaSampleAVFObjC::sizeInBytes):
3330         (WebCore::MediaSampleAVFObjC::platformSample):
3331         (WebCore::CMSampleBufferIsRandomAccess):
3332         (WebCore::MediaSampleAVFObjC::flags):
3333         (WebCore::MediaSampleAVFObjC::presentationSize):
3334         (WebCore::MediaSampleAVFObjC::dump):
3335         (WebCore::MediaSampleAVFObjC::offsetTimestampsBy):
3336         (WebCore::MediaSampleAVFObjC::setTimestamps):
3337         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
3338         Moved MediaSampleAVFObjC to its own file.
3339         (WebCore::MediaSampleAVFObjC::platformSample): Deleted.
3340         (WebCore::CMSampleBufferIsRandomAccess): Deleted.
3341         (WebCore::MediaSampleAVFObjC::flags): Deleted.
3342         (WebCore::MediaSampleAVFObjC::presentationSize): Deleted.
3343         (WebCore::MediaSampleAVFObjC::dump): Deleted.
3344         (WebCore::MediaSampleAVFObjC::offsetTimestampsBy): Deleted.
3345         (WebCore::MediaSampleAVFObjC::setTimestamps): Deleted.
3346         * platform/mock/mediasource/MockSourceBufferPrivate.cpp:
3347
3348 2016-07-18  Eric Carlson  <eric.carlson@apple.com>
3349
3350         [MSE][Mac] Pass AVSampleBufferDisplayLayer HDCP status to a newly created key session
3351         https://bugs.webkit.org/show_bug.cgi?id=159812
3352         <rdar://problem/27371624>
3353
3354         Reviewed by Jon Lee.
3355
3356         No new tests, it isn't possible to test this with our current testing infrastructure.
3357
3358         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.h:
3359         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
3360         (WebCore::SourceBufferPrivateAVFObjC::setCDMSession): Call layerDidReceiveError if there has
3361         been an HDCP error.
3362         (WebCore::SourceBufferPrivateAVFObjC::rendererDidReceiveError): Remember an HDCP error.
3363
3364 2016-07-18  Yoav Weiss  <yoav@yoav.ws>
3365
3366         Add preload to features.json
3367         https://bugs.webkit.org/show_bug.cgi?id=159872
3368
3369         Reviewed by Darin Adler.
3370
3371         No new tests but no functional change.
3372
3373         * features.json:
3374
3375 2016-07-18  Youenn Fablet  <youenn@apple.com>
3376
3377         [Streams API] ReadableStream should throw a RangeError in case of NaN highWaterMark
3378         https://bugs.webkit.org/show_bug.cgi?id=159870
3379
3380         Reviewed by Xabier Rodriguez-Calvar.
3381
3382         Covered by rebased test.
3383
3384         * Modules/streams/StreamInternals.js:
3385         (validateAndNormalizeQueuingStrategy): Throwing a RangeError in lieu of a TypeError in case of NaN highWaterMark.
3386
3387 2016-07-18  Csaba Osztrogon√°c  <ossy@webkit.org>
3388
3389         Windows buildfix after r203338
3390         https://bugs.webkit.org/show_bug.cgi?id=159875
3391
3392         Unreviewed buildfix.
3393
3394         * dom/UserGestureIndicator.h:
3395         (WebCore::UserGestureToken::addDestructionObserver):
3396
3397 2016-07-18  Carlos Garcia Campos  <cgarcia@igalia.com>
3398
3399         MemoryPressureHandler doesn't work if cgroups aren't present in Linux
3400         https://bugs.webkit.org/show_bug.cgi?id=155255
3401
3402         Reviewed by Sergio Villar Senin.
3403
3404         Allow to pass an eventFD file descriptor to the MemoryPressureHandler to be monitorized in case cgroups are not
3405         available.
3406
3407         * platform/MemoryPressureHandler.h:
3408         * platform/linux/MemoryPressureHandlerLinux.cpp:
3409
3410 2016-07-17  Gyuyoung Kim  <gyuyoung.kim@webkit.org>
3411
3412         Clean up PassRefPtr uses in Modules/encryptedmedia, Modules/speech, and Modules/quota
3413         https://bugs.webkit.org/show_bug.cgi?id=159701
3414
3415         Reviewed by Alex Christensen.
3416
3417         No new tests, no behavior changes.
3418
3419         * Modules/encryptedmedia/CDM.h:
3420         * Modules/encryptedmedia/MediaKeySession.h:
3421         * Modules/encryptedmedia/MediaKeys.h:
3422         * Modules/quota/DOMWindowQuota.cpp:
3423         * Modules/quota/StorageErrorCallback.cpp:
3424         (WebCore::StorageErrorCallback::CallbackTask::CallbackTask):
3425         * Modules/quota/StorageErrorCallback.h:
3426         * Modules/quota/StorageInfo.h:
3427         * Modules/quota/StorageQuota.h:
3428         * Modules/speech/DOMWindowSpeechSynthesis.cpp:
3429         * Modules/speech/SpeechSynthesis.cpp:
3430         (WebCore::SpeechSynthesis::getVoices):
3431         (WebCore::SpeechSynthesis::startSpeakingImmediately):
3432         (WebCore::SpeechSynthesis::speak):
3433         (WebCore::SpeechSynthesis::cancel):
3434         (WebCore::SpeechSynthesis::handleSpeakingCompleted):
3435         (WebCore::SpeechSynthesis::boundaryEventOccurred):
3436         (WebCore::SpeechSynthesis::didStartSpeaking):
3437         (WebCore::SpeechSynthesis::didPauseSpeaking):
3438         (WebCore::SpeechSynthesis::didResumeSpeaking):
3439         (WebCore::SpeechSynthesis::didFinishSpeaking):
3440         (WebCore::SpeechSynthesis::speakingErrorOccurred):
3441         * Modules/speech/SpeechSynthesis.h:
3442         * Modules/speech/SpeechSynthesisEvent.h:
3443         * Modules/speech/SpeechSynthesisUtterance.h:
3444         * Modules/speech/SpeechSynthesisVoice.cpp:
3445         (WebCore::SpeechSynthesisVoice::create):
3446         (WebCore::SpeechSynthesisVoice::SpeechSynthesisVoice):
3447         * Modules/speech/SpeechSynthesisVoice.h:
3448         * platform/PlatformSpeechSynthesizer.h:
3449         * platform/efl/PlatformSpeechSynthesisProviderEfl.cpp:
3450         (WebCore::PlatformSpeechSynthesisProviderEfl::fireSpeechEvent):
3451         * platform/mock/PlatformSpeechSynthesizerMock.cpp:
3452         (WebCore::PlatformSpeechSynthesizerMock::speakingFinished):
3453         (WebCore::PlatformSpeechSynthesizerMock::speak):
3454         (WebCore::PlatformSpeechSynthesizerMock::cancel):
3455         (WebCore::PlatformSpeechSynthesizerMock::pause):
3456         (WebCore::PlatformSpeechSynthesizerMock::resume):
3457
3458 2016-07-16  Sam Weinig  <sam@webkit.org>
3459
3460         [WebKit API] Add SPI to track multiple navigations caused by a single user gesture
3461         <rdar://problem/26554137>
3462         https://bugs.webkit.org/show_bug.cgi?id=159856
3463
3464         Reviewed by Dan Bernstein.
3465
3466         - Adds a new RefCounted object to represent a unique user gesture, called UserGestureToken.
3467         - Makes UserGestureIndicator track UserGestureToken.
3468         - Refines UserGestureIndicator's interface to use Optional and a smaller enum set
3469           to represent the different initial states.
3470         - Stores UserGestureTokens on objects that want to forward user gesture state (DOMTimer, 
3471           postMessage, and ScheduledNavigation) rather than just a boolean.
3472
3473         * accessibility/AccessibilityNodeObject.cpp:
3474         (WebCore::AccessibilityNodeObject::increment):
3475         (WebCore::AccessibilityNodeObject::decrement):
3476         * accessibility/AccessibilityObject.cpp:
3477         (WebCore::AccessibilityObject::press):
3478         * bindings/js/ScriptController.cpp:
3479         (WebCore::ScriptController::executeScriptInWorld):
3480         (WebCore::ScriptController::executeScript):
3481         Update for new UserGestureIndicator interface.
3482
3483         * dom/UserGestureIndicator.cpp:
3484         (WebCore::currentToken):
3485         (WebCore::UserGestureToken::~UserGestureToken):
3486         (WebCore::UserGestureIndicator::UserGestureIndicator):
3487         (WebCore::UserGestureIndicator::~UserGestureIndicator):
3488         (WebCore::UserGestureIndicator::currentUserGesture):
3489         (WebCore::UserGestureIndicator::processingUserGesture):
3490         (WebCore::UserGestureIndicator::processingUserGestureForMedia):
3491         (WebCore::isDefinite): Deleted.
3492         * dom/UserGestureIndicator.h:
3493         (WebCore::UserGestureToken::create):
3494         (WebCore::UserGestureToken::state):
3495         (WebCore::UserGestureToken::processingUserGesture):
3496         (WebCore::UserGestureToken::processingUserGestureForMedia):
3497         (WebCore::UserGestureToken::addDestructionObserver):
3498         (WebCore::UserGestureToken::UserGestureToken):
3499         Add UserGestureToken and track the current one explicitly.
3500
3501         * html/HTMLMediaElement.cpp:
3502         (WebCore::HTMLMediaElement::didReceiveRemoteControlCommand):
3503         * inspector/InspectorFrontendClientLocal.cpp:
3504         (WebCore::InspectorFrontendClientLocal::openInNewTab):
3505         * inspector/InspectorFrontendHost.cpp:
3506         * inspector/InspectorPageAgent.cpp:
3507         (WebCore::InspectorPageAgent::navigate):
3508         Update for new UserGestureIndicator interface.
3509
3510         * loader/NavigationAction.cpp:
3511         (WebCore::NavigationAction::NavigationAction):
3512         * loader/NavigationAction.h:
3513         (WebCore::NavigationAction::userGestureToken):
3514         (WebCore::NavigationAction::processingUserGesture):
3515         * loader/NavigationScheduler.cpp:
3516         (WebCore::ScheduledNavigation::ScheduledNavigation):
3517         (WebCore::ScheduledNavigation::~ScheduledNavigation):
3518         (WebCore::ScheduledNavigation::lockBackForwardList):
3519         (WebCore::ScheduledNavigation::wasDuringLoad):
3520         (WebCore::ScheduledNavigation::isLocationChange):
3521         (WebCore::ScheduledNavigation::userGestureToForward):
3522         (WebCore::ScheduledNavigation::clearUserGesture):
3523         (WebCore::NavigationScheduler::mustLockBackForwardList):
3524         (WebCore::NavigationScheduler::scheduleFormSubmission):
3525         (WebCore::ScheduledNavigation::wasUserGesture): Deleted.
3526         * page/DOMTimer.cpp:
3527         (WebCore::shouldForwardUserGesture):
3528         (WebCore::userGestureTokenToForward):
3529         (WebCore::DOMTimer::DOMTimer):
3530         (WebCore::DOMTimer::fired):
3531         * page/DOMTimer.h:
3532         * page/DOMWindow.cpp:
3533         (WebCore::PostMessageTimer::PostMessageTimer):
3534         Store the active UserGestureToken rather than just a bit.
3535
3536         * page/EventHandler.cpp:
3537         (WebCore::EventHandler::handleMousePressEvent):
3538         (WebCore::EventHandler::handleMouseDoubleClickEvent):
3539         (WebCore::EventHandler::handleMouseReleaseEvent):
3540         (WebCore::EventHandler::keyEvent):
3541         (WebCore::EventHandler::handleTouchEvent):
3542         * rendering/HitTestResult.cpp:
3543         (WebCore::HitTestResult::toggleMediaFullscreenState):
3544         (WebCore::HitTestResult::enterFullscreenForVideo):
3545         (WebCore::HitTestResult::toggleEnhancedFullscreenForVideo):
3546         Update for new UserGestureIndicator interface.
3547
3548 2016-07-17  Ryosuke Niwa  <rniwa@webkit.org>
3549
3550         Rename fastHasAttribute to hasAttributeWithoutSynchronization
3551         https://bugs.webkit.org/show_bug.cgi?id=159864
3552
3553         Reviewed by Chris Dumez.
3554
3555         Renamed Rename fastHasAttribute to hasAttributeWithoutSynchronization for clarity.
3556
3557         * accessibility/AccessibilityListBoxOption.cpp:
3558         (WebCore::AccessibilityListBoxOption::isEnabled):
3559         * accessibility/AccessibilityObject.cpp:
3560         (WebCore::AccessibilityObject::hasAttribute):
3561         (WebCore::AccessibilityObject::getAttribute):
3562         * accessibility/AccessibilityRenderObject.cpp:
3563         (WebCore::AccessibilityRenderObject::determineAccessibilityRole):
3564         * bindings/scripts/CodeGenerator.pm:
3565         (GetterExpression):
3566         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
3567         * bindings/scripts/test/JS/JSTestObj.cpp:
3568         (WebCore::jsTestObjReflectedBooleanAttr):
3569         (WebCore::jsTestObjReflectedCustomBooleanAttr):
3570         * bindings/scripts/test/ObjC/DOMTestObj.mm:
3571         (-[DOMTestObj reflectedBooleanAttr]):
3572         (-[DOMTestObj setReflectedBooleanAttr:]):
3573         (-[DOMTestObj reflectedCustomBooleanAttr]):
3574         (-[DOMTestObj setReflectedCustomBooleanAttr:]):
3575         * dom/Document.cpp:
3576         (WebCore::Document::hasManifest):
3577         (WebCore::Document::doctype):
3578         * dom/Element.h:
3579         (WebCore::Node::parentElement):
3580         (WebCore::Element::hasAttributeWithoutSynchronization):
3581         (WebCore::Element::fastHasAttribute): Deleted.
3582         * editing/ApplyStyleCommand.cpp:
3583         (WebCore::ApplyStyleCommand::removeEmbeddingUpToEnclosingBlock):
3584         * editing/DeleteSelectionCommand.cpp:
3585         (WebCore::DeleteSelectionCommand::makeStylingElementsDirectChildrenOfEditableRootToPreventStyleLoss):
3586         * editing/markup.cpp:
3587         (WebCore::createMarkupInternal):
3588         * html/ColorInputType.cpp:
3589         (WebCore::ColorInputType::shouldShowSuggestions):
3590         * html/FileInputType.cpp:
3591         (WebCore::FileInputType::handleDOMActivateEvent):
3592         (WebCore::FileInputType::receiveDroppedFiles):
3593         * html/FormAssociatedElement.cpp:
3594         (WebCore::FormAssociatedElement::didMoveToNewDocument):
3595         (WebCore::FormAssociatedElement::insertedInto):
3596         (WebCore::FormAssociatedElement::removedFrom):
3597         (WebCore::FormAssociatedElement::formAttributeChanged):
3598         * html/FormController.cpp:
3599         (WebCore::ownerFormForState):
3600         * html/GenericCachedHTMLCollection.cpp:
3601         (WebCore::GenericCachedHTMLCollection<traversalType>::elementMatches):
3602         * html/HTMLAnchorElement.cpp:
3603         (WebCore::HTMLAnchorElement::draggable):
3604         (WebCore::HTMLAnchorElement::href):
3605         (WebCore::HTMLAnchorElement::sendPings):
3606         * html/HTMLAppletElement.cpp:
3607         (WebCore::HTMLAppletElement::rendererIsNeeded):
3608         * html/HTMLElement.cpp:
3609         (WebCore::HTMLElement::collectStyleForPresentationAttribute):
3610         (WebCore::elementAffectsDirectionality):
3611         (WebCore::setHasDirAutoFlagRecursively):
3612         * html/HTMLEmbedElement.cpp:
3613         (WebCore::HTMLEmbedElement::rendererIsNeeded):
3614         * html/HTMLFieldSetElement.cpp:
3615         (WebCore::updateFromControlElementsAncestorDisabledStateUnder):
3616         (WebCore::HTMLFieldSetElement::disabledAttributeChanged):
3617         (WebCore::HTMLFieldSetElement::disabledStateChanged):
3618         (WebCore::HTMLFieldSetElement::childrenChanged):
3619         * html/HTMLFormControlElement.cpp:
3620         (WebCore::HTMLFormControlElement::formNoValidate):
3621         (WebCore::HTMLFormControlElement::formAction):
3622         (WebCore::HTMLFormControlElement::computeIsDisabledByFieldsetAncestor):
3623         (WebCore::shouldAutofocus):
3624         * html/HTMLFormElement.cpp:
3625         (WebCore::HTMLFormElement::formElementIndex):
3626         (WebCore::HTMLFormElement::noValidate):
3627         * html/HTMLFrameElement.cpp:
3628         (WebCore::HTMLFrameElement::noResize):
3629         (WebCore::HTMLFrameElement::didAttachRenderers):
3630         * html/HTMLFrameElementBase.cpp:
3631         (WebCore::HTMLFrameElementBase::parseAttribute):
3632         (WebCore::HTMLFrameElementBase::location):
3633         * html/HTMLHRElement.cpp:
3634         (WebCore::HTMLHRElement::collectStyleForPresentationAttribute):
3635         * html/HTMLImageElement.cpp:
3636         (WebCore::HTMLImageElement::isServerMap):
3637         * html/HTMLInputElement.cpp:
3638         (WebCore::HTMLInputElement::finishParsingChildren):
3639         (WebCore::HTMLInputElement::matchesDefaultPseudoClass):
3640         (WebCore::HTMLInputElement::isActivatedSubmit):
3641         (WebCore::HTMLInputElement::reset):
3642         (WebCore::HTMLInputElement::multiple):
3643         (WebCore::HTMLInputElement::setSize):
3644         (WebCore::HTMLInputElement::shouldUseMediaCapture):
3645         * html/HTMLMarqueeElement.cpp:
3646         (WebCore::HTMLMarqueeElement::minimumDelay):
3647         * html/HTMLMediaElement.cpp:
3648         (WebCore::HTMLMediaElement::insertedInto):
3649         (WebCore::HTMLMediaElement::selectMediaResource):
3650         (WebCore::HTMLMediaElement::loadResource):
3651         (WebCore::HTMLMediaElement::autoplay):
3652         (WebCore::HTMLMediaElement::preload):
3653         (WebCore::HTMLMediaElement::loop):
3654         (WebCore::HTMLMediaElement::setLoop):
3655         (WebCore::HTMLMediaElement::controls):
3656         (WebCore::HTMLMediaElement::setControls):
3657         (WebCore::HTMLMediaElement::muted):
3658         (WebCore::HTMLMediaElement::setMuted):
3659         (WebCore::HTMLMediaElement::selectNextSourceChild):
3660         (WebCore::HTMLMediaElement::sourceWasAdded):
3661         (WebCore::HTMLMediaElement::mediaSessionTitle):
3662         * html/HTMLObjectElement.cpp:
3663         (WebCore::HTMLObjectElement::parseAttribute):
3664         * html/HTMLOptGroupElement.cpp:
3665         (WebCore::HTMLOptGroupElement::isDisabledFormControl):
3666         (WebCore::HTMLOptGroupElement::isFocusable):
3667         * html/HTMLOptionElement.cpp:
3668         (WebCore::HTMLOptionElement::matchesDefaultPseudoClass):
3669         (WebCore::HTMLOptionElement::text):
3670         * html/HTMLProgressElement.cpp:
3671         (WebCore::HTMLProgressElement::isDeterminate):
3672         (WebCore::HTMLProgressElement::didElementStateChange):
3673         * html/HTMLScriptElement.cpp:
3674         (WebCore::HTMLScriptElement::async):
3675         (WebCore::HTMLScriptElement::setCrossOrigin):
3676         (WebCore::HTMLScriptElement::asyncAttributeValue):
3677         (WebCore::HTMLScriptElement::deferAttributeValue):
3678         (WebCore::HTMLScriptElement::hasSourceAttribute):
3679         (WebCore::HTMLScriptElement::dispatchLoadEvent):
3680         * html/HTMLSelectElement.cpp:
3681         (WebCore::HTMLSelectElement::reset):
3682         * html/HTMLTrackElement.cpp:
3683         (WebCore::HTMLTrackElement::isDefault):
3684         (WebCore::HTMLTrackElement::ensureTrack):
3685         (WebCore::HTMLTrackElement::loadTimerFired):
3686         * html/MediaElementSession.cpp:
3687         (WebCore::MediaElementSession::wirelessVideoPlaybackDisabled):
3688         (WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):
3689         (WebCore::MediaElementSession::allowsAutomaticMediaDataLoading):
3690         * html/SearchInputType.cpp:
3691         (WebCore::SearchInputType::searchEventsShouldBeDispatched):
3692         (WebCore::SearchInputType::didSetValueByUserEdit):
3693         * inspector/InspectorDOMAgent.cpp:
3694         (WebCore::InspectorDOMAgent::buildObjectForNode):
3695         * loader/FrameLoader.cpp:
3696         (WebCore::FrameLoader::shouldTreatURLAsSrcdocDocument):
3697         (WebCore::FrameLoader::findFrameForNavigation):
3698         * loader/ImageLoader.cpp:
3699         (WebCore::ImageLoader::notifyFinished):
3700         * mathml/MathMLSelectElement.cpp:
3701         (WebCore::MathMLSelectElement::getSelectedSemanticsChild):
3702         * rendering/RenderTableCell.cpp:
3703         (WebCore::RenderTableCell::computePreferredLogicalWidths):
3704         * rendering/RenderThemeIOS.mm:
3705         (WebCore::RenderThemeIOS::adjustMenuListButtonStyle):
3706         * rendering/SimpleLineLayout.cpp:
3707         (WebCore::SimpleLineLayout::canUseForWithReason):
3708         * rendering/svg/RenderSVGResourceClipper.cpp:
3709         (WebCore::RenderSVGResourceClipper::drawContentIntoMaskImage):
3710         * svg/SVGAnimateMotionElement.cpp:
3711         (WebCore::SVGAnimateMotionElement::updateAnimationPath):
3712         * svg/SVGAnimationElement.cpp:
3713         (WebCore::SVGAnimationElement::startedActiveInterval):
3714         (WebCore::SVGAnimationElement::updateAnimation):
3715         * svg/animation/SVGSMILElement.cpp:
3716         (WebCore::SVGSMILElement::insertedInto):
3717
3718 2016-07-17  Brady Eidson  <beidson@apple.com>
3719
3720         Exceptions logged to the JS console should use toString().
3721         https://bugs.webkit.org/show_bug.cgi?id=159855
3722
3723         Reviewed by Darin Adler.
3724
3725         No new tests (No change in behavior).
3726
3727         * bindings/js/JSDOMBinding.cpp:
3728         (WebCore::reportException):
3729
3730         * dom/DOMCoreException.h:
3731         (WebCore::DOMCoreException::DOMCoreException):
3732
3733         * dom/ExceptionBase.cpp:
3734         (WebCore::ExceptionBase::ExceptionBase):
3735         (WebCore::ExceptionBase::toString):
3736         (WebCore::ExceptionBase::consoleErrorMessage): Deleted.
3737         * dom/ExceptionBase.h:
3738         (WebCore::ExceptionBase::description): Deleted.
3739
3740         * svg/SVGException.h:
3741
3742         * xml/XPathException.h:
3743         (WebCore::XPathException::XPathException):
3744
3745 2016-07-17  Brady Eidson  <beidson@apple.com>
3746
3747         Update DOMCoreException to use the description in toString().
3748         https://bugs.webkit.org/show_bug.cgi?id=159857
3749
3750         Reviewed by Darin Adler.
3751
3752         No new tests (Covered by changes to existing tests).
3753
3754         * bindings/js/JSDOMBinding.cpp:
3755         (WebCore::createDOMException):
3756
3757         * dom/DOMCoreException.h:
3758         (WebCore::DOMCoreException::DOMCoreException):
3759         (WebCore::DOMCoreException::createWithDescriptionAsMessage): Deleted.
3760
3761 2016-07-17  Myles C. Maxfield  <mmaxfield@apple.com>
3762
3763         Support new emoji group candidates
3764         https://bugs.webkit.org/show_bug.cgi?id=159755
3765         <rdar://problem/27325521>
3766
3767         Reviewed by Dean Jackson.
3768
3769         There are a few code points which should be able to be joined (with ZWJ) to
3770         either U+2640 or U+2642 to change the gender of the emoji. These patterns
3771         should also work with an additional 0xFE0F variation selector. This patch
3772         adds these new patterns to our existing emoji group candidate infrastructure.
3773
3774         Tests: fast/text/emoji-gender-2-3.html
3775                fast/text/emoji-gender-2-4.html
3776                fast/text/emoji-gender-2-5.html
3777                fast/text/emoji-gender-2-6.html
3778                fast/text/emoji-gender-2-7.html
3779                fast/text/emoji-gender-2-8.html
3780                fast/text/emoji-gender-2-9.html
3781                fast/text/emoji-gender-2.html
3782                fast/text/emoji-gender-3.html
3783                fast/text/emoji-gender-4.html
3784                fast/text/emoji-gender-5.html
3785                fast/text/emoji-gender-6.html
3786                fast/text/emoji-gender-7.html
3787                fast/text/emoji-gender-8.html
3788                fast/text/emoji-gender-9.html
3789                fast/text/emoji-gender-fe0f-3.html
3790                fast/text/emoji-gender-fe0f-4.html
3791                fast/text/emoji-gender-fe0f-5.html
3792                fast/text/emoji-gender-fe0f-6.html
3793                fast/text/emoji-gender-fe0f-7.html
3794                fast/text/emoji-gender-fe0f-8.html
3795                fast/text/emoji-gender-fe0f-9.html
3796                fast/text/emoji-gender.html
3797                fast/text/emoji-num-glyphs.html
3798                fast/text/emoji-single-parent-family-2.html
3799                fast/text/emoji-single-parent-family.html
3800
3801         * platform/graphics/mac/ComplexTextControllerCoreText.mm:
3802         (WebCore::ComplexTextController::ComplexTextRun::ComplexTextRun): Removed incorrect ASSERT()s.
3803         * platform/graphics/FontCascade.cpp:
3804         (WebCore::FontCascade::characterRangeCodePath):
3805         * platform/text/CharacterProperties.h:
3806         (WebCore::isEmojiGroupCandidate):
3807
3808 2016-07-16  Brady Eidson  <beidson@apple.com>
3809
3810         Update SVGException to use the description in toString().
3811         https://bugs.webkit.org/show_bug.cgi?id=159847
3812
3813         Reviewed by Darin Adler.
3814
3815         No new tests (Covered by changes to existing tests).
3816
3817         * bindings/js/JSDOMBinding.cpp:
3818         (WebCore::reportException): use consoleErrorMessage for now.
3819
3820         * dom/ExceptionBase.cpp:
3821         (WebCore::ExceptionBase::consoleErrorMessage):
3822         * dom/ExceptionBase.h:
3823
3824         * svg/SVGException.h:
3825
3826 2016-07-16  Chris Dumez  <cdumez@apple.com>
3827
3828         Use fastHasAttribute() when possible
3829         https://bugs.webkit.org/show_bug.cgi?id=159838
3830
3831         Reviewed by Ryosuke Niwa.
3832
3833         Use fastHasAttribute() when possible, for performance.
3834
3835         * editing/DeleteSelectionCommand.cpp:
3836         (WebCore::DeleteSelectionCommand::makeStylingElementsDirectChildrenOfEditableRootToPreventStyleLoss):
3837         * editing/markup.cpp:
3838         (WebCore::createMarkupInternal):
3839         * html/HTMLAnchorElement.cpp:
3840         (WebCore::HTMLAnchorElement::draggable):
3841         * html/HTMLFrameElementBase.cpp:
3842         (WebCore::HTMLFrameElementBase::parseAttribute):
3843         * mathml/MathMLSelectElement.cpp:
3844         (WebCore::MathMLSelectElement::getSelectedSemanticsChild):
3845         * rendering/RenderThemeIOS.mm:
3846         (WebCore::RenderThemeIOS::adjustMenuListButtonStyle):
3847
3848 2016-07-16  Ryosuke Niwa  <rniwa@webkit.org>
3849
3850         Rename fastGetAttribute to attributeWithoutSynchronization
3851         https://bugs.webkit.org/show_bug.cgi?id=159852
3852
3853         Reviewed by Darin Adler.
3854
3855         Renamed fastGetAttribute to attributeWithoutSynchronization for clarity.
3856
3857         * accessibility/AXObjectCache.cpp:
3858         (WebCore::AXObjectCache::findAriaModalNodes):
3859         (WebCore::nodeHasRole):
3860         (WebCore::AXObjectCache::handleLiveRegionCreated):
3861         (WebCore::AXObjectCache::handleMenuItemSelected):
3862         (WebCore::AXObjectCache::handleAriaModalChange):
3863         (WebCore::isNodeAriaVisible):
3864         * accessibility/AccessibilityNodeObject.cpp:
3865         (WebCore::siblingWithAriaRole):
3866         (WebCore::AccessibilityNodeObject::titleElementText):
3867         (WebCore::AccessibilityNodeObject::alternativeTextForWebArea):
3868         (WebCore::AccessibilityNodeObject::hierarchicalLevel):
3869         (WebCore::AccessibilityNodeObject::stringValue):
3870         (WebCore::accessibleNameForNode):
3871         * accessibility/AccessibilityObject.cpp:
3872         (WebCore::AccessibilityObject::contentEditableAttributeIsEnabled):
3873         (WebCore::AccessibilityObject::getAttribute):
3874         * accessibility/AccessibilityRenderObject.cpp:
3875         (WebCore::AccessibilityRenderObject::stringValue):
3876         (WebCore::AccessibilityRenderObject::exposesTitleUIElement):
3877         * accessibility/AccessibilitySVGElement.cpp:
3878         (WebCore::AccessibilitySVGElement::childElementWithMatchingLanguage):
3879         (WebCore::AccessibilitySVGElement::accessibilityDescription):
3880         * bindings/objc/DOM.mm:
3881         (-[DOMHTMLLinkElement _mediaQueryMatches]):
3882         * bindings/scripts/CodeGenerator.pm:
3883         (GetterExpression):
3884         * bindings/scripts/CodeGeneratorObjC.pm:
3885         (GenerateImplementation):
3886         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
3887         * bindings/scripts/test/JS/JSTestObj.cpp:
3888         (WebCore::jsTestObjReflectedStringAttr):
3889         * dom/AuthorStyleSheets.cpp:
3890         (WebCore::AuthorStyleSheets::collectActiveStyleSheets):
3891         * dom/Document.cpp:
3892         (WebCore::Document::buildAccessKeyMap):
3893         (WebCore::Document::processBaseElement):
3894         * dom/DocumentOrderedMap.cpp:
3895         (WebCore::DocumentOrderedMap::getElementByLabelForAttribute):
3896         * dom/Element.cpp:
3897         (WebCore::Element::imageSourceURL):
3898         (WebCore::Element::rendererIsNeeded):
3899         (WebCore::Element::insertedInto):
3900         (WebCore::Element::removedFrom):
3901         (WebCore::Element::pseudo):
3902         (WebCore::Element::setPseudo):
3903         (WebCore::Element::spellcheckAttributeState):
3904         (WebCore::Element::canContainRangeEndPoint):
3905         (WebCore::Element::completeURLsInAttributeValue):
3906         * dom/Element.h:
3907         (WebCore::Element::fastHasAttribute):
3908         (WebCore::Element::attributeWithoutSynchronization):
3909         (WebCore::Element::fastGetAttribute): Deleted.
3910         * dom/InlineStyleSheetOwner.cpp:
3911         (WebCore::InlineStyleSheetOwner::createSheet):
3912         * dom/ScriptElement.cpp:
3913         (WebCore::ScriptElement::requestScript):
3914         (WebCore::ScriptElement::executeScript):
3915         * dom/SlotAssignment.cpp:
3916         (WebCore::slotNameFromSlotAttribute):
3917         (WebCore::SlotAssignment::SlotAssignment):
3918         (WebCore::recursivelyFireSlotChangeEvent):
3919         (WebCore::SlotAssignment::didChangeSlot):
3920         (WebCore::SlotAssignment::hostChildElementDidChange):
3921         (WebCore::SlotAssignment::assignedNodesForSlot):
3922         (WebCore::SlotAssignment::resolveAllSlotElements):
3923         * dom/TreeScope.cpp:
3924         (WebCore::TreeScope::labelElementForId):
3925         * dom/VisitedLinkState.cpp:
3926         (WebCore::linkAttribute):
3927         * editing/ApplyStyleCommand.cpp:
3928         (WebCore::isLegacyAppleStyleSpan):
3929         (WebCore::hasNoAttributeOrOnlyStyleAttribute):
3930         * editing/EditingStyle.cpp:
3931         (WebCore::EditingStyle::elementIsStyledSpanOrHTMLEquivalent):
3932         * editing/ReplaceSelectionCommand.cpp:
3933         (WebCore::isInterchangeNewlineNode):
3934         (WebCore::isInterchangeConvertedSpaceSpan):
3935         (WebCore::positionAvoidingPrecedingNodes):
3936         (WebCore::isMailPasteAsQuotationNode):
3937         (WebCore::isHeaderElement):
3938         (WebCore::isInlineNodeWithStyle):
3939         * editing/TextIterator.cpp:
3940         (WebCore::isRendererReplacedElement):
3941         * editing/cocoa/DataDetection.mm:
3942         (WebCore::DataDetection::isDataDetectorLink):
3943         (WebCore::DataDetection::requiresExtendedContext):
3944         (WebCore::DataDetection::dataDetectorIdentifier):
3945         (WebCore::DataDetection::shouldCancelDefaultAction):
3946         (WebCore::removeResultLinksFromAnchor):
3947         (WebCore::searchForLinkRemovingExistingDDLinks):
3948         * editing/gtk/EditorGtk.cpp:
3949         (WebCore::elementURL):
3950         * editing/htmlediting.cpp:
3951         (WebCore::isTabSpanNode):
3952         (WebCore::isTabSpanTextNode):
3953         (WebCore::isMailBlockquote):
3954         (WebCore::caretMinOffset):
3955         * editing/markup.cpp:
3956         (WebCore::createFragmentFromMarkup):
3957         * html/Autofill.cpp:
3958         (WebCore::AutofillData::createFromHTMLFormControlElement):
3959         * html/BaseTextInputType.cpp:
3960         (WebCore::BaseTextInputType::patternMismatch):
3961         * html/DateInputType.cpp:
3962         (WebCore::DateInputType::createStepRange):
3963         * html/DateTimeInputType.cpp:
3964         (WebCore::DateTimeInputType::createStepRange):
3965         * html/DateTimeLocalInputType.cpp:
3966         (WebCore::DateTimeLocalInputType::createStepRange):
3967         * html/FormAssociatedElement.cpp:
3968         (WebCore::FormAssociatedElement::findAssociatedForm):
3969         (WebCore::FormAssociatedElement::resetFormAttributeTargetObserver):
3970         (WebCore::FormAssociatedElement::formAttributeTargetChanged):
3971         * html/HTMLAnchorElement.cpp:
3972         (WebCore::HTMLAnchorElement::draggable):
3973         (WebCore::HTMLAnchorElement::href):
3974         (WebCore::HTMLAnchorElement::setHref):
3975         (WebCore::HTMLAnchorElement::target):
3976         (WebCore::HTMLAnchorElement::origin):
3977   &nbs