playsInline IDL attribute has the wrong casing
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2016-07-21  Chris Dumez  <cdumez@apple.com>
2
3         playsInline IDL attribute has the wrong casing
4         https://bugs.webkit.org/show_bug.cgi?id=160029
5         <rdar://problem/27474031>
6
7         Reviewed by Jon Lee.
8
9         Fix case from video.playsinline to video.playsInline in order to match
10         the specification:
11         - https://html.spec.whatwg.org/multipage/embedded-content.html#the-video-element:dom-video-playsinline
12
13         It still reflects the "playsinline" content attribute though, as per
14         the specification:
15         - https://html.spec.whatwg.org/multipage/embedded-content.html#dom-video-playsinline
16
17         No new tests, updated existing test.
18
19         * html/HTMLVideoElement.idl:
20
21 2016-07-21  Chris Dumez  <cdumez@apple.com>
22
23         Drop [TreatNullAs=EmptyString] from CanvasRenderingContext2D.globalCompositeOperation
24         https://bugs.webkit.org/show_bug.cgi?id=160026
25
26         Reviewed by Sam Weinig.
27
28         Drop [TreatNullAs=EmptyString] from CanvasRenderingContext2D.globalCompositeOperation
29         attribute as it does not match the specification:
30         - https://html.spec.whatwg.org/multipage/scripting.html#canvascompositing
31
32         It does not change web-exposed behavior because assigning to "" or "null"
33         gets ignored as those are not valid operations.
34
35         Test: fast/canvas/context-globalCompositeOperation-null.html
36
37         * html/canvas/CanvasRenderingContext2D.idl:
38
39 2016-07-21  Carlos Garcia Campos  <cgarcia@igalia.com>
40
41         [GTK][Threaded Compositor] Overlay scrollbars shouldn't be a requirement of the threaded compositor
42         https://bugs.webkit.org/show_bug.cgi?id=160020
43
44         Reviewed by Michael Catanzaro.
45
46         It has been a requirement only because we didn't really know why frame scrollbars were not rendered when using
47         the threaded compositor. The reason is that RenderView doesn't use layers for FrameView scrollbars by default,
48         unless using overlay scrollbars. When using the threaded compositor we really need layers for the FrameView
49         scrollbars even when not using overlay scrollbars.
50
51         * platform/gtk/ScrollbarThemeGtk.cpp:
52         (WebCore::ScrollbarThemeGtk::ScrollbarThemeGtk): Stop enforcing overlay scrollbars when threaded compositor is enabled.
53         * rendering/RenderLayerCompositor.cpp:
54         (WebCore::RenderLayerCompositor::shouldCompositeOverflowControls): Always use layers for scrollbars when
55         threaded compositor is enabled.
56
57 2016-07-21  Carlos Garcia Campos  <cgarcia@igalia.com>
58
59         [Cairo] Fix a crash in fast/canvas/canvas-getImageData-invalid-result-buffer-crash.html
60         https://bugs.webkit.org/show_bug.cgi?id=160014
61
62         Reviewed by Michael Catanzaro.
63
64         In r202887 some null checks were added for JSArray::createUninitialized (and related) but not for the
65         ImageBuffer cairo implementation.
66
67         * platform/graphics/cairo/ImageBufferCairo.cpp:
68         (WebCore::getImageData): Return early if Uint8ClampedArray::createUninitialized() returns nullptr.
69
70 2016-07-21  Miguel Gomez  <magomez@igalia.com>
71
72         [GTK] The GSTREAMER_GL path in MediaPlayerPrivateGStreamerBase::paintToTextureMapper() is missing a mutex lock
73         https://bugs.webkit.org/show_bug.cgi?id=160018
74
75         Reviewed by Philippe Normand.
76
77         Lock the video sample mutex while accessing it.
78
79         Covered by existent tests.
80
81         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
82         (WebCore::MediaPlayerPrivateGStreamerBase::paintToTextureMapper):
83
84 2016-07-21  Miguel Gomez  <magomez@igalia.com>
85
86         [Threaded Compositor] Flickering when zooming in/out in maps.google.com
87         https://bugs.webkit.org/show_bug.cgi?id=154069
88
89         Reviewed by Carlos Garcia Campos.
90
91         Add a new extra buffer to GraphicsContext3D when using the Threaded Compositor,
92         so it doesn't have to reuse the buffers that are still waiting for composition.
93
94         Covered by existing tests.
95
96         * platform/graphics/GraphicsContext3D.h:
97         Add a new texture to use for the rendering. Remove the compositor fbo we were using.
98         * platform/graphics/cairo/GraphicsContext3DCairo.cpp:
99         (WebCore::GraphicsContext3D::GraphicsContext3D):
100         Initialize the new texture and remove the previous fbo related code.
101         (WebCore::GraphicsContext3D::~GraphicsContext3D):
102         Properly destroy the new texture and remove the previous fbo related code.
103         * platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:
104         (WebCore::GraphicsContext3D::reshapeFBOs):
105         Allocate the new texture and remove the previous fbo allocation.
106         * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
107         (WebCore::GraphicsContext3D::prepareTexture):
108         Use a single fbo with three textures instead of two fbos with a texture each.
109         Rotate the three textures usage so:
110         - m_texture becomes m_compositorTexture to be pushed to the compositor.
111         - m_intermediateTexture becomes m_texture to receive the next rendering.
112         - m_compositorTexture becomes m_intermediateTexture.
113         And add a glFlush() to ensure that the gl commands are sent to the pipeline.
114         * platform/graphics/opengl/GraphicsContext3DOpenGLES.cpp:
115         (WebCore::GraphicsContext3D::reshapeFBOs):
116         Allocate the new texture.
117
118 2016-07-21  Carlos Garcia Campos  <cgarcia@igalia.com>
119
120         [GTK][Threaded Compositor] Web view background colors don't work
121         https://bugs.webkit.org/show_bug.cgi?id=159465
122
123         Reviewed by Michael Catanzaro.
124
125         * rendering/RenderLayerBacking.cpp:
126         (WebCore::RenderLayerBacking::createPrimaryGraphicsLayer): Initialize frame view layer opacity for platforms not
127         using the tiled cache layer.
128
129 2016-07-20  Youenn Fablet  <youenn@apple.com>
130
131         [XHR] Cache response JS object in case of arraybuffer and blob response types
132         https://bugs.webkit.org/show_bug.cgi?id=128903
133
134         Reviewed by Alex Christensen.
135
136         Covered by existing and modified tests.
137
138         Making response getter a JS builtin that caches response in @response private slot.
139         Handling invalidation of cached response with @responseCacheIsValid new private method.
140         Handling creation of cached response with @retrieveResponse new private method which reuses most of
141         JSXMLHttpRequest::response previous code.
142
143         Caching of responses is activated whenever load ended without any error for blob and arraybuffer response types.
144
145         Caching of response for document is also activated in case the response getter is used but not if responseXML getter is used.
146
147         * CMakeLists.txt: Adding XMLHttpRequest.js.
148         * DerivedSources.make: Ditto.
149         * bindings/js/JSXMLHttpRequestCustom.cpp:
150         (WebCore::JSXMLHttpRequest::retrieveResponse): Implements creation of to-be-cached response.
151         (WebCore::JSXMLHttpRequest::response): Deleted.
152         * bindings/js/WebCoreBuiltinNames.h: Adding new private names.
153         * xml/XMLHttpRequest.cpp:
154         (WebCore::XMLHttpRequest::didCacheResponse): Renamed from didCacheResponseJSON as all response types are now cached.
155         (WebCore::XMLHttpRequest::didCacheResponseJSON): Deleted.
156         * xml/XMLHttpRequest.h:
157         * xml/XMLHttpRequest.idl:
158
159 2016-07-20  Youenn Fablet  <youenn@apple.com>
160
161         Remove crossOriginRequestPolicy from ThreadableLoaderOptions
162         https://bugs.webkit.org/show_bug.cgi?id=159417
163
164         Reviewed by Alex Christensen.
165
166         No observable change.
167
168         * Modules/fetch/FetchLoader.cpp:
169         (WebCore::FetchLoader::start): DenyCrossOriginRequests -> FetchOptions::Mode::SameOrigin.
170         * fileapi/FileReaderLoader.cpp:
171         (WebCore::FileReaderLoader::start): DenyCrossOriginRequests -> FetchOptions::Mode::SameOrigin.
172         * inspector/InspectorNetworkAgent.cpp:
173         (WebCore::InspectorNetworkAgent::loadResource): AllowCrossOriginRequests -> FetchOptions::Mode::NoCors.
174         * loader/DocumentThreadableLoader.cpp:
175         (WebCore::DocumentThreadableLoader::DocumentThreadableLoader): Ditto.
176         (WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequest): UseAccessControl -> FetchOptions::Mode::Cors.
177         (WebCore::DocumentThreadableLoader::redirectReceived): Ditto.
178         (WebCore::DocumentThreadableLoader::didReceiveResponse): Ditto.
179         (WebCore::DocumentThreadableLoader::loadRequest): Use NoCors as option passed to ResourceLoader. This allows
180         desactivating ResourceLoader CORS checks as they are done in DocumentThreadableLoader right now. In the future,
181         these checks should be moved to ResourceLoader and DocumentThreadableLoader should directly pass the fetch mode
182         option.
183         (WebCore::DocumentThreadableLoader::isAllowedRedirect): AllowCrossOriginRequests -> FetchOptions::Mode::NoCors.
184         * loader/ThreadableLoader.cpp:
185         (WebCore::ThreadableLoaderOptions::ThreadableLoaderOptions): Removing CrossOriginRequestPolicy.
186         * loader/ThreadableLoader.h: Ditto.
187         * loader/WorkerThreadableLoader.cpp:
188         (WebCore::LoaderTaskOptions::LoaderTaskOptions): Ditto.
189         * page/EventSource.cpp:
190         (WebCore::EventSource::connect): UseAccessControl -> FetchOptions::Mode::Cors.
191         * workers/Worker.cpp:
192         (WebCore::Worker::create): DenyCrossOriginRequests -> FetchOptions::Mode::SameOrigin.
193         * workers/WorkerGlobalScope.cpp:
194         (WebCore::WorkerGlobalScope::importScripts): AllowCrossOriginRequests -> FetchOptions::Mode::NoCors.
195         * workers/WorkerScriptLoader.cpp:
196         (WebCore::WorkerScriptLoader::loadSynchronously):
197         (WebCore::WorkerScriptLoader::loadAsynchronously):
198         * workers/WorkerScriptLoader.h:
199         * xml/XMLHttpRequest.cpp:
200         (WebCore::XMLHttpRequest::createRequest):
201
202 2016-07-20  Chris Dumez  <cdumez@apple.com>
203
204         Fix null handling of several Document attributes
205         https://bugs.webkit.org/show_bug.cgi?id=159997
206
207         Reviewed by Ryosuke Niwa.
208
209         Fix null handling of the following Document attributes: title, cookie
210         and domain.
211
212         In WebKit, they were all marked as [TreatNullAs=EmptyString], which
213         does not match the specification:
214         - https://html.spec.whatwg.org/multipage/dom.html#document
215
216         Details for each attribute:
217         - title: null is now treated as the string "null", thus setting the
218           document title to "null". This matches Firefox and Chrome.
219         - cookie: adds a "null" cookie instead of being a no-op. This matches
220                   both Firefox and Chrome.
221         - domain: Calls setDomain(String("null")) instead of
222                   setDomain(String()). This throws an exception because "null"
223                   is not a suffix of the effective domain name. The behavior
224                   is the same in Firefox and Chrome. Previously, we were
225                   already throwing an exception since setting the domain to
226                   the empty string throws, as per the specification.
227
228         Test: http/tests//dom/document-attributes-null-handling.html
229
230         * dom/Document.idl:
231
232 2016-07-20  Commit Queue  <commit-queue@webkit.org>
233
234         Unreviewed, rolling out r203471.
235         https://bugs.webkit.org/show_bug.cgi?id=160003
236
237         many iOS-simulator tests are failing (Requested by litherum on
238         #webkit).
239
240         Reverted changeset:
241
242         "[iPhone] Playing a video on tudou.com plays only sound, no
243         video"
244         https://bugs.webkit.org/show_bug.cgi?id=159967
245         http://trac.webkit.org/changeset/203471
246
247 2016-07-19  Ryosuke Niwa  <rniwa@webkit.org>
248
249         iOS: Cannot paste images in RTF content
250         https://bugs.webkit.org/show_bug.cgi?id=159964
251         <rdar://problem/27442806>
252
253         Reviewed by Enrica Casucci.
254
255         The bug was caused by setDefersLoading(true) not deferring image loading for the parsed fragment.
256         Worked around this bug by disabling image loading while parsing the document fragment.
257
258         * editing/ios/EditorIOS.mm:
259         (WebCore::Editor::createFragmentAndAddResources):
260
261 2016-07-20  Brady Eidson  <beidson@apple.com>
262
263         Address a small FIXME in IDB code.
264         https://bugs.webkit.org/show_bug.cgi?id=159999
265
266         Reviewed by Andy Estes.
267
268         No new tests (No behavior change).
269
270         * Modules/indexeddb/IDBRequest.cpp:
271         (WebCore::IDBRequest::IDBRequest):
272         
273         * Modules/indexeddb/shared/IDBResourceIdentifier.cpp:
274         (WebCore::IDBResourceIdentifier::IDBResourceIdentifier): Deleted.
275         * Modules/indexeddb/shared/IDBResourceIdentifier.h:
276
277 2016-07-20  Brady Eidson  <beidson@apple.com>
278
279         Remove some "modernFoo"s from IndexedDB code.
280         https://bugs.webkit.org/show_bug.cgi?id=159985
281
282         Reviewed by Andy Estes.
283
284         No new tests (No known behavior change).
285
286         * Modules/indexeddb/IDBCursor.cpp:
287         (WebCore::IDBCursor::IDBCursor):
288         (WebCore::IDBCursor::~IDBCursor):
289         (WebCore::IDBCursor::sourcesDeleted):
290         (WebCore::IDBCursor::effectiveObjectStore):
291         (WebCore::IDBCursor::transaction):
292         (WebCore::IDBCursor::direction):
293         (WebCore::IDBCursor::update):
294         (WebCore::IDBCursor::advance):
295         (WebCore::IDBCursor::continueFunction):
296         (WebCore::IDBCursor::uncheckedIterateCursor):
297         (WebCore::IDBCursor::deleteFunction):
298         (WebCore::IDBCursor::setGetResult):
299         
300         * Modules/indexeddb/IDBIndex.cpp:
301         (WebCore::IDBIndex::IDBIndex):
302         (WebCore::IDBIndex::~IDBIndex):
303         (WebCore::IDBIndex::hasPendingActivity):
304         (WebCore::IDBIndex::name):
305         (WebCore::IDBIndex::objectStore):
306         (WebCore::IDBIndex::keyPath):
307         (WebCore::IDBIndex::unique):
308         (WebCore::IDBIndex::multiEntry):
309         (WebCore::IDBIndex::openCursor):
310         (WebCore::IDBIndex::doCount):
311         (WebCore::IDBIndex::openKeyCursor):
312         (WebCore::IDBIndex::doGet):
313         (WebCore::IDBIndex::doGetKey):
314         (WebCore::IDBIndex::markAsDeleted):
315         * Modules/indexeddb/IDBIndex.h:
316         
317         * Modules/indexeddb/IDBObjectStore.cpp:
318         (WebCore::IDBObjectStore::transaction):
319         (WebCore::IDBObjectStore::deleteFunction): Deleted.
320         (WebCore::IDBObjectStore::modernDelete): Deleted.
321         * Modules/indexeddb/IDBObjectStore.h:
322         
323         * bindings/js/JSIDBIndexCustom.cpp:
324         (WebCore::JSIDBIndex::visitAdditionalChildren):
325
326 2016-07-20  Chris Dumez  <cdumez@apple.com>
327
328         Stop using valueToStringWithNullCheck() in JSCSSStyleDeclaration::putDelegate()
329         https://bugs.webkit.org/show_bug.cgi?id=159982
330
331         Reviewed by Ryosuke Niwa.
332
333         valueToStringWithNullCheck() treats null as the null String() which is
334         legacy / non standard behavior. The specification says we should treat
335         null as the empty string:
336         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-camel-cased-attribute
337
338         Therefore, we should be using valueToStringTreatingNullAsEmptyString() instead.
339
340         In practice, there is no web-exposed behavior change because
341         MutableStyleProperties::setProperty() removes the property wether the
342         value is the null String or the empty String.
343
344         This behavior is correct since the specification says that we should
345         remove the property if the value is the empty string:
346         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-setproperty (step 4)
347
348         I added test coverage to make sure we behave according to specification.
349         This test is passing in Firefox, Chrome and in WebKit (before and after
350         my change).
351
352         Test: fast/css/CSSStyleDeclaration-property-setter.html
353
354         * bindings/js/JSCSSStyleDeclarationCustom.cpp:
355         (WebCore::JSCSSStyleDeclaration::putDelegate):
356
357 2016-07-20  Chris Dumez  <cdumez@apple.com>
358
359         Fix null handling of HTMLFrameElement.marginWidth / marginHeight
360         https://bugs.webkit.org/show_bug.cgi?id=159987
361
362         Reviewed by Ryosuke Niwa.
363
364         Fix null handling of HTMLFrameElement.marginWidth / marginHeight:
365         - https://html.spec.whatwg.org/multipage/obsolete.html#htmlframeelement
366
367         We are supposed to treat null as the empty string but we treat it as
368         the string "null".
369
370         Firefox and Chrome both match the specification.
371
372         No new tests, updated existing tests.
373
374         * html/HTMLFrameElement.idl:
375
376 2016-07-20  Wenson Hsieh  <wenson_hsieh@apple.com>
377
378         Pausing autoplayed media should not remove all restrictions for that media element
379         https://bugs.webkit.org/show_bug.cgi?id=159988
380
381         Reviewed by Jon Lee.
382
383         Localizes the removal of behavior restrictions introduced in r203464 upon pausing an
384         autoplaying video to just affect the hiding or showing of the media controller. This
385         prevents pages from using Javascript to start playing autoplaying videos that have
386         been paused by the user.
387
388         * html/HTMLMediaElement.cpp:
389         (WebCore::HTMLMediaElement::pause):
390
391 2016-07-20  Myles C. Maxfield  <mmaxfield@apple.com>
392
393         [iPhone] Playing a video on tudou.com plays only sound, no video
394         https://bugs.webkit.org/show_bug.cgi?id=159967
395         <rdar://problem/26964090>
396
397         Reviewed by Jon Lee.
398
399         WebKit recently starting honoring the playsinline and webkit-playsinline
400         attribute on iPhones. However, because these attributes previously did
401         nothing, some sites (such as Todou) were setting them on their content
402         and expecting that they are not honored. In this specific case, the
403         video is absolutely positioned to be 1 pixel x 1 pixel.
404
405         Previously, with iOS 9, apps could set the allowsInlineMediaPlayback
406         property on their WKWebView, which would honor the webkit-playsinline
407         attribute. Safari on iPhones didn't do this.
408
409         In order to not break these existing apps, it's important that the
410         allowsInlineMediaPlayback preference still allows webkit-playsinline
411         videos to play inline in apps using WKWebView. However, in Safari, these
412         videos should play fullscreen. (Todou videos have webkit-playsinline
413         but not playsinline.)
414
415         Therefore, in Safari, videos with playsinline should be inline, but
416         videos with webkit-playsinline should be fullscreen. In apps using
417         WKWebViews, if the app sets allowsInlineMediaPlayback, then videos with
418         playsinline should be inline, and videos with webkit-playsinline should
419         also be inline. Videos on iPad and Mac should all be inline by default.
420
421         We can create some truth tables for the cases which need to be covered:
422
423         All apps on Mac / iPad:
424         Presence of playsinline | Presence of webkit-playsinline | Result
425         ========================|================================|===========
426         Not present             | Not present                    | Inline
427         Present                 | Not present                    | Inline
428         Not Present             | Present                        | Inline
429         Present                 | Present                        | Inline
430
431         Safari on iPhone:
432         Presence of playsinline | Presence of webkit-playsinline | Result
433         ========================|================================|===========
434         Not present             | Not present                    | Fullscreen
435         Present                 | Not present                    | Inline
436         Not Present             | Present                        | Fullscreen
437         Present                 | Present                        | Inline
438
439         App on iPhone which sets allowsInlineMediaPlayback:
440         Presence of playsinline | Presence of webkit-playsinline | Result
441         ========================|================================|===========
442         Not present             | Not present                    | Fullscreen
443         Present                 | Not present                    | Inline
444         Not Present             | Present                        | Inline
445         Present                 | Present                        | Inline
446
447         The way to distinguish Safari from another app is to create an SPI
448         boolean preference which Safari can set. This is already how the
449         iPhone and iPad are differentiated using the requiresPlayInlineAttribute
450         which Safari sets but other apps don't. However, this preference is
451         no longer sufficient because Safari should now be discriminating
452         between the playsinline and webkit-playsinline attributes. Therefore,
453         this preference should be extended to two boolean preferences, which
454         this patch adds:
455
456         allowsInlineMediaPlaybackWithPlaysInlineAttribute
457         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute
458
459         Safari on iPhone will set
460         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to true,
461         and allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to
462         false. Other apps on iPhone will get their defaults values (because they
463         are SPI) which means they will both be true. On iPad and Mac, apps will
464         use the defaults values where both are false.
465
466         This patch adds support for these two preferences, but does not remove
467         the existing inlineMediaPlaybackRequiresPlaysInlineAttribute preference.
468         I will remove the exising preference as soon as I update Safari to migrate
469         off of it.
470
471         Test: media/video-playsinline.html
472
473         * html/MediaElementSession.cpp:
474         (WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):
475         * page/Settings.cpp:
476         * page/Settings.in:
477         * testing/InternalSettings.cpp:
478         (WebCore::InternalSettings::Backup::Backup):
479         (WebCore::InternalSettings::Backup::restoreTo):
480         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithPlaysInlineAttribute):
481         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute):
482         * testing/InternalSettings.h:
483         * testing/InternalSettings.idl:
484
485 2016-07-20  Chris Dumez  <cdumez@apple.com>
486
487         Get rid of custom bindings code for XMLHttpRequest.open()
488         https://bugs.webkit.org/show_bug.cgi?id=159984
489
490         Reviewed by Ryosuke Niwa.
491
492         Get rid of custom bindings code for XMLHttpRequest.open() as the
493         bindings generator is able to generate it.
494
495         Relevant specification:
496         - https://xhr.spec.whatwg.org/#xmlhttprequest
497
498         The issue is that legacy content prevents treating the 'async' argument
499         being undefined identical from it being omitted. However, this can be
500         achieved by using overloading in IDL, like in the specification.
501
502         No new tests, already covered by the following tests:
503         - http/tests/xmlhttprequest/basic-auth.html
504         - http/tests/xmlhttprequest/open-async-overload.html
505
506         * bindings/js/JSXMLHttpRequestCustom.cpp:
507         (WebCore::SendFunctor::SendFunctor): Deleted.
508         (WebCore::SendFunctor::line): Deleted.
509         (WebCore::SendFunctor::column): Deleted.
510         (WebCore::SendFunctor::url): Deleted.
511         (WebCore::SendFunctor::operator()): Deleted.
512         * xml/XMLHttpRequest.cpp:
513         (WebCore::XMLHttpRequest::open):
514         * xml/XMLHttpRequest.h:
515         * xml/XMLHttpRequest.idl:
516
517 2016-07-20  Rawinder Singh  <rawinder.singh-webkit@cisra.canon.com.au>
518
519         Mark overriden methods in WebCore/svg final classes as final
520         https://bugs.webkit.org/show_bug.cgi?id=159966
521
522         Reviewed by Michael Catanzaro.
523
524         Update WebCore/svg classes so that overriden methods in final classes are marked final.
525
526         * svg/SVGAElement.h:
527         * svg/SVGAltGlyphDefElement.h:
528         * svg/SVGAltGlyphItemElement.h:
529         * svg/SVGAnimateTransformElement.h:
530         * svg/SVGAnimatedColor.h:
531         * svg/SVGCircleElement.h:
532         * svg/SVGClipPathElement.h:
533         * svg/SVGCursorElement.h:
534         * svg/SVGDefsElement.h:
535         * svg/SVGDescElement.h:
536         * svg/SVGEllipseElement.h:
537         * svg/SVGFEMergeNodeElement.h:
538         * svg/SVGFilterElement.h:
539         * svg/SVGFontElement.h:
540         * svg/SVGFontFaceElement.h:
541         * svg/SVGFontFaceFormatElement.h:
542         * svg/SVGFontFaceNameElement.h:
543         * svg/SVGFontFaceSrcElement.h:
544         * svg/SVGFontFaceUriElement.h:
545         * svg/SVGForeignObjectElement.h:
546         * svg/SVGGElement.h:
547         * svg/SVGGlyphElement.h:
548         * svg/SVGGlyphRefElement.h:
549         * svg/SVGHKernElement.h:
550         * svg/SVGImageElement.h:
551         * svg/SVGLineElement.h:
552         * svg/SVGMPathElement.h:
553         * svg/SVGMaskElement.h:
554         * svg/SVGMetadataElement.h:
555         * svg/SVGMissingGlyphElement.h:
556         * svg/SVGPathBuilder.h:
557         * svg/SVGPathByteStreamBuilder.h:
558         * svg/SVGPathByteStreamSource.h:
559         * svg/SVGPathElement.h:
560         * svg/SVGPathSegArcAbs.h:
561         * svg/SVGPathSegArcRel.h:
562         * svg/SVGPathSegClosePath.h:
563         * svg/SVGPathSegCurvetoCubicAbs.h:
564         * svg/SVGPathSegCurvetoCubicRel.h:
565         * svg/SVGPathSegCurvetoCubicSmoothAbs.h:
566         * svg/SVGPathSegCurvetoCubicSmoothRel.h:
567         * svg/SVGPathSegCurvetoQuadraticAbs.h:
568         * svg/SVGPathSegCurvetoQuadraticRel.h:
569         * svg/SVGPathSegCurvetoQuadraticSmoothAbs.h:
570         * svg/SVGPathSegCurvetoQuadraticSmoothRel.h:
571         * svg/SVGPathSegLinetoAbs.h:
572         * svg/SVGPathSegLinetoHorizontalAbs.h:
573         * svg/SVGPathSegLinetoHorizontalRel.h:
574         * svg/SVGPathSegLinetoRel.h:
575         * svg/SVGPathSegLinetoVerticalAbs.h:
576         * svg/SVGPathSegLinetoVerticalRel.h:
577         * svg/SVGPathSegListBuilder.h:
578         * svg/SVGPathSegListSource.h:
579         * svg/SVGPathSegMovetoAbs.h:
580         * svg/SVGPathSegMovetoRel.h:
581         * svg/SVGPathStringSource.h:
582         * svg/SVGPathTraversalStateBuilder.h:
583         * svg/SVGPatternElement.h:
584         * svg/SVGRectElement.h:
585         * svg/SVGScriptElement.h:
586         * svg/SVGStopElement.h:
587         * svg/SVGStyleElement.h:
588         * svg/SVGSwitchElement.h:
589         * svg/SVGTRefElement.cpp:
590         * svg/SVGTitleElement.h:
591         * svg/SVGToOTFFontConversion.cpp:
592         * svg/SVGUnknownElement.h:
593         * svg/SVGVKernElement.h:
594         * svg/SVGViewElement.h:
595         * svg/SVGZoomEvent.h:
596         * svg/animation/SVGSMILElement.cpp:
597         * svg/graphics/SVGImage.h:
598         * svg/graphics/SVGImageClients.h:
599         * svg/graphics/SVGImageForContainer.h:
600         * svg/graphics/filters/SVGFEImage.h:
601         * svg/graphics/filters/SVGFilter.h:
602         * svg/properties/SVGAnimatedEnumerationPropertyTearOff.h:
603         * svg/properties/SVGAnimatedPathSegListPropertyTearOff.h:
604         * svg/properties/SVGAnimatedPropertyTearOff.h:
605         * svg/properties/SVGAnimatedTransformListPropertyTearOff.h:
606         * svg/properties/SVGMatrixTearOff.h:
607         * svg/properties/SVGPathSegListPropertyTearOff.h:
608
609 2016-07-20  Brady Eidson  <beidson@apple.com>
610
611         Transition most IDB interfaces from ScriptExecutionContext to ExecState.
612         https://bugs.webkit.org/show_bug.cgi?id=159975
613
614         Reviewed by Alex Christensen.
615
616         No new tests (No known behavior change).
617
618         * Modules/indexeddb/IDBCursor.cpp:
619         (WebCore::IDBCursor::continueFunction):
620         (WebCore::IDBCursor::deleteFunction):
621         * Modules/indexeddb/IDBCursor.h:
622         * Modules/indexeddb/IDBCursor.idl:
623
624         * Modules/indexeddb/IDBDatabase.idl:
625
626         * Modules/indexeddb/IDBFactory.cpp:
627         (WebCore::IDBFactory::cmp):
628         * Modules/indexeddb/IDBFactory.h:
629         * Modules/indexeddb/IDBFactory.idl:
630
631         * Modules/indexeddb/IDBIndex.cpp:
632         (WebCore::IDBIndex::openCursor):
633         (WebCore::IDBIndex::count):
634         (WebCore::IDBIndex::doCount):
635         (WebCore::IDBIndex::openKeyCursor):
636         (WebCore::IDBIndex::get):
637         (WebCore::IDBIndex::doGet):
638         (WebCore::IDBIndex::getKey):
639         (WebCore::IDBIndex::doGetKey):
640         * Modules/indexeddb/IDBIndex.h:
641         * Modules/indexeddb/IDBIndex.idl:
642
643         * Modules/indexeddb/IDBKeyRange.cpp:
644         (WebCore::IDBKeyRange::only): Deleted.
645         * Modules/indexeddb/IDBKeyRange.h:
646
647         * Modules/indexeddb/IDBObjectStore.cpp:
648         (WebCore::IDBObjectStore::openCursor):
649         (WebCore::IDBObjectStore::get):
650         (WebCore::IDBObjectStore::putOrAdd):
651         (WebCore::IDBObjectStore::deleteFunction):
652         (WebCore::IDBObjectStore::doDelete):
653         (WebCore::IDBObjectStore::modernDelete):
654         (WebCore::IDBObjectStore::clear):
655         (WebCore::IDBObjectStore::createIndex):
656         (WebCore::IDBObjectStore::count):
657         (WebCore::IDBObjectStore::doCount):
658         * Modules/indexeddb/IDBObjectStore.h:
659         * Modules/indexeddb/IDBObjectStore.idl:
660
661         * Modules/indexeddb/IDBTransaction.cpp:
662         (WebCore::IDBTransaction::requestOpenCursor):
663         (WebCore::IDBTransaction::doRequestOpenCursor):
664         (WebCore::IDBTransaction::requestGetRecord):
665         (WebCore::IDBTransaction::requestGetValue):
666         (WebCore::IDBTransaction::requestGetKey):
667         (WebCore::IDBTransaction::requestIndexRecord):
668         (WebCore::IDBTransaction::requestCount):
669         (WebCore::IDBTransaction::requestDeleteRecord):
670         (WebCore::IDBTransaction::requestClearObjectStore):
671         (WebCore::IDBTransaction::requestPutOrAdd):
672         * Modules/indexeddb/IDBTransaction.h:
673
674         * inspector/InspectorIndexedDBAgent.cpp:
675
676 2016-07-20  Wenson Hsieh  <wenson_hsieh@apple.com>
677
678         Media controls don't appear when pausing a small autoplaying video
679         https://bugs.webkit.org/show_bug.cgi?id=159972
680         <rdar://problem/27180657>
681
682         Reviewed by Beth Dakin.
683
684         When pausing an autoplaying video, remove behavior restrictions for the
685         initial user gesture and show media controls.
686
687         New WebKit API test. See VideoControlsManagerSingleSmallAutoplayingVideo.
688
689         * html/HTMLMediaElement.cpp:
690         (WebCore::HTMLMediaElement::pause):
691
692 2016-07-20  Chris Dumez  <cdumez@apple.com>
693
694         Fix null handling of HTMLMediaElement.mediaGroup
695         https://bugs.webkit.org/show_bug.cgi?id=159974
696
697         Reviewed by Eric Carlson.
698
699         Fix null handling of HTMLMediaElement.mediaGroup to match the specification:
700         - https://www.w3.org/TR/html5/embedded-content-0.html#media-elements
701
702         null is supposed to be treated as the String "null". This patch aligns
703         our behavior with the specification. I tested Firefox and Chrome but both
704         do not have this attribute on HTMLMediaElement.
705
706         Also remove support for [TreatNullAs=LegacyNullString] from our bindings
707         generator as HTMLMediaElement.mediaGroup was the last user.
708
709         No new tests, rebaselined existing test.
710
711         * bindings/scripts/CodeGeneratorJS.pm:
712         (JSValueToNative):
713         * bindings/scripts/IDLAttributes.txt:
714         * html/HTMLMediaElement.idl:
715
716 2016-07-20  Chris Dumez  <cdumez@apple.com>
717
718         CSSStyleDeclaration.setProperty() should be able to unset "important" on a property
719         https://bugs.webkit.org/show_bug.cgi?id=159959
720
721         Reviewed by Alexey Proskuryakov.
722
723         CSSStyleDeclaration.setProperty() should be able to unsert "important"
724         on a property as per the latest specification:
725         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-setproperty
726         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-camel-cased-attribute
727
728         Firefox and Chrome match the specification here but WebKit was ignoring calls
729         to setProperty() if there is already an "important" property wit this name
730         and if the new property does not have the "important" flag set.
731
732         This behavior was added a long time ago via Bug 60007. However, it does not
733         match the latest specification or other browsers.
734
735         Test: fast/css/CSSStyleDeclaration-setProperty-unset-important.html
736
737         * css/StyleProperties.cpp:
738         (WebCore::MutableStyleProperties::addParsedProperty):
739         Drop code that was added via Bug 60007 as this behavior no longer matches the
740         specification or other browsers. The layout test added in Bug 60007 fails in
741         other browsers and was updated in this patch to match the specification.
742
743 2016-07-20  Commit Queue  <commit-queue@webkit.org>
744
745         Unreviewed, rolling out r203423.
746         https://bugs.webkit.org/show_bug.cgi?id=159977
747
748         The test for this change is failing on Mac Release WK2
749         (Requested by ryanhaddad on #webkit).
750
751         Reverted changeset:
752
753         "HTMLVideoElement frames do not update on iOS when src is a
754         MediaStream blob"
755         https://bugs.webkit.org/show_bug.cgi?id=159833
756         http://trac.webkit.org/changeset/203423
757
758 2016-07-20  Chris Dumez  <cdumez@apple.com>
759
760         Fix null handling of HTMLSelectElement.value attribute
761         https://bugs.webkit.org/show_bug.cgi?id=159925
762
763         Reviewed by Benjamin Poulain.
764
765         Fix null handling of HTMLSelectElement.value attribute:
766         - https://html.spec.whatwg.org/multipage/forms.html#htmlselectelement
767
768         We were treating null as the null String which would end up setting
769         selectedIndex to -1. However, we should treat null as the String "null"
770         which would set the selectedIndex to the index of the <option> element
771         whose value is "null".
772
773         Firefox and Chrome match the specification.
774
775         Test: fast/dom/HTMLSelectElement/value-null-handling.html
776
777         * html/HTMLSelectElement.cpp:
778         (WebCore::HTMLSelectElement::setValue):
779         * html/HTMLSelectElement.idl:
780
781 2016-07-20  Chris Dumez  <cdumez@apple.com>
782
783         PostResolutionCallbackDisabler can resume pending requests while a ResourceLoadSuspender is alive
784         https://bugs.webkit.org/show_bug.cgi?id=159962
785         <rdar://problem/21439264>
786
787         Reviewed by David Kilzer.
788
789         PostResolutionCallbackDisabler can resume pending requests while a ResourceLoadSuspender
790         is alive. We have both PostResolutionCallbackDisabler and ResourceLoadSuspender that
791         call LoaderStrategy::suspendPendingRequests() / LoaderStrategy::resumePendingRequests().
792         However, PostResolutionCallbackDisabler and ResourceLoadSuspender are not aware of each
793         other. It is therefore possible for a PostResolutionCallbackDisabler object to get
794         destroyed, causing LoaderStrategy::resumePendingRequests() to be called while a
795         ResourceLoadSuspender object is alive.
796
797         This leads to hard to investigate crashes where we end up re-entering WebKit and killing
798         the style resolver.
799
800         This patch drops ResourceLoadSuspender and uses PostResolutionCallbackDisabler instead.
801         There was only one user of ResourceLoadSuspender and PostResolutionCallbackDisabler
802         is better because it manages a resolutionNestingDepth counter internally to make sure
803         it only calls LoaderStrategy::resumePendingRequests() once all
804         PostResolutionCallbackDisabler instances are destroyed.
805
806         No new tests, there is no easy way to reproduce the crashes.
807
808         * dom/Document.cpp:
809         (WebCore::Document::styleForElementIgnoringPendingStylesheets):
810         * loader/LoaderStrategy.cpp:
811         (WebCore::ResourceLoadSuspender::ResourceLoadSuspender): Deleted.
812         (WebCore::ResourceLoadSuspender::~ResourceLoadSuspender): Deleted.
813         * loader/LoaderStrategy.h:
814
815 2016-07-19  Youenn Fablet  <youenn@apple.com>
816
817         [Fetch API] Add a JS builtin to implement https://fetch.spec.whatwg.org/#concept-headers-fill
818         https://bugs.webkit.org/show_bug.cgi?id=159932
819
820         Reviewed by Alex Christensen.
821
822         Covered by existing tests.
823
824         Refactoring Headers initializeWith to use the new built-in internal that implements
825         https://fetch.spec.whatwg.org/#concept-headers-fill.
826
827         Refactoring Response constructor to put more checks in the JS builtin fucntion called within constructor.
828         Making use of the new built-in internal that implements https://fetch.spec.whatwg.org/#concept-headers-fill.
829
830         * CMakeLists.txt: Adding FetchHeadersInternals.js
831         * DerivedSources.make: Ditto.
832         * Modules/fetch/FetchHeaders.js:
833         (initializeFetchHeaders): Using fillFetchHeaders new built-in internal.
834         * Modules/fetch/FetchInternals.js: Added.
835         (fillFetchHeaders):
836         * Modules/fetch/FetchResponse.cpp: Refactoring to do more in the JS built-in. Splitting of initializeWith so
837         that the checks are done in the order defined by the spec.
838         (WebCore::FetchResponse::setStatus):
839         (WebCore::FetchResponse::initializeWith):
840         (WebCore::isNullBodyStatus): Deleted.
841         * Modules/fetch/FetchResponse.h:
842         * Modules/fetch/FetchResponse.idl:
843         * Modules/fetch/FetchResponse.js:
844         (initializeFetchResponse): New built-in internal.
845         * WebCore.xcodeproj/project.pbxproj:
846         * bindings/js/WebCoreBuiltinNames.h:
847
848 2016-07-19  Chris Dumez  <cdumez@apple.com>
849
850         Fix null handling of SVGScriptElement.type attribute
851         https://bugs.webkit.org/show_bug.cgi?id=159927
852
853         Reviewed by Benjamin Poulain.
854
855         Fix null handling of SVGScriptElement.type attribute:
856         - https://www.w3.org/TR/SVG2/interact.html#InterfaceSVGScriptElement
857
858         We were treating null as the null String which would end up removing
859         the 'type' content attribute. However, we should treat null as the
860         String "null".
861
862         Firefox and Chrome match the specification.
863
864         No new tests, updated existing test.
865
866         * svg/SVGScriptElement.idl:
867
868 2016-07-19  Chris Dumez  <cdumez@apple.com>
869
870         Fix null handling of several HTMLDocument attributes
871         https://bugs.webkit.org/show_bug.cgi?id=159923
872
873         Reviewed by Benjamin Poulain.
874
875         Fix null handling of several HTMLDocument attributes:
876         - https://html.spec.whatwg.org/multipage/dom.html#document
877         - https://html.spec.whatwg.org/multipage/obsolete.html#document-partial
878
879         In particular, null handling was incorrect in WebKit for 'dir',
880         'bgColor', 'fgColor', 'alinkColor', 'linkColor' and 'vlinkColor'.
881
882         Firefox and Chrome match the specification.
883
884         Test: fast/dom/HTMLDocument/null-handling.html
885
886         * html/HTMLDocument.idl:
887
888 2016-07-19  Chris Dumez  <cdumez@apple.com>
889
890         Document.createElementNS() / createAttributeNS() parameters should be mandatory
891         https://bugs.webkit.org/show_bug.cgi?id=159938
892
893         Reviewed by Benjamin Poulain.
894
895         Document.createElementNS() / createAttributeNS() parameters should be mandatory:
896         - https://dom.spec.whatwg.org/#document
897
898         They were optional in WebKit. However, Firefox and Chrome both match the
899         specification.
900
901         No new tests, rebaselined existing tests.
902
903         * dom/Document.idl:
904
905 2016-07-19  Benjamin Poulain  <bpoulain@apple.com>
906
907         Use getElementById for attribute matching if the attribute name is html's id
908         https://bugs.webkit.org/show_bug.cgi?id=159960
909
910         Reviewed by Chris Dumez.
911
912         Elliott Sprehn discovered YUI makes heavy uses of querySelector with [id=value]
913         (https://bugs.chromium.org/p/chromium/issues/detail?id=627242).
914
915         If we are not in quirks mode, IdForStyleResolution has the same value
916         as the Id attribute. We can use the same optimization for both cases.
917
918         Tests: fast/selectors/id-attribute-querySelector-used-as-id-selector-quirks.html
919                fast/selectors/id-attribute-querySelector-used-as-id-selector.html
920
921         * dom/SelectorQuery.cpp:
922         (WebCore::canBeUsedForIdFastPath):
923         (WebCore::findIdMatchingType):
924         (WebCore::SelectorDataList::SelectorDataList):
925         (WebCore::selectorForIdLookup):
926         (WebCore::filterRootById):
927
928 2016-07-19  Chris Dumez  <cdumez@apple.com>
929
930         Drop SVGElement.xmlbase attribute
931         https://bugs.webkit.org/show_bug.cgi?id=159926
932
933         Reviewed by Benjamin Poulain.
934
935         Drop SVGElement.xmlbase attribute as it is no longer part of the
936         specification:
937         - https://www.w3.org/TR/SVG2/types.html#InterfaceSVGElement
938
939         Both Firefox and Chrome have already dropped support for
940         SVGElement.xmlbase.
941
942         Chrome's intent to remove:
943         https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/TfwMq4d25hk/C-v_iC_wKfAJ
944
945         Test: svg/dom/SVGElement-xmlbase.html
946
947         * svg/SVGElement.cpp:
948         (WebCore::SVGElement::removedFrom): Deleted.
949         * svg/SVGElement.h:
950         * svg/SVGElement.idl:
951
952 2016-07-19  Chris Dumez  <cdumez@apple.com>
953
954         Align CSSStyleDeclaration.setProperty() with the specification
955         https://bugs.webkit.org/show_bug.cgi?id=159955
956
957         Reviewed by Benjamin Poulain.
958
959         Align CSSStyleDeclaration.setProperty() with the specification:
960         - https://drafts.csswg.org/cssom/#the-cssstyledeclaration-interface
961
962         In particular, the following changes were needed:
963         1. The 'value' parameter should not be optional
964         2. The 'priority' parameter should treat null as the empty string
965            rather than the string "null".
966         3. The 'priority' parameter's default value should be the empty string,
967            not the string "undefined".
968         4. CSSStyleDeclaration.setProperty() should return early if 'priority'
969            is not the empty string and is not an ASCII case-insensitive match
970            for the string "important".
971
972         Chrome matches the specification entirely.
973         Firefox matches the specification with the exception that it does a
974         case-sensitive match for "important".
975
976         Test: fast/css/CSSStyleDeclaration-setProperty.html
977
978         * css/CSSStyleDeclaration.idl:
979         * css/PropertySetCSSStyleDeclaration.cpp:
980         (WebCore::PropertySetCSSStyleDeclaration::setProperty):
981
982 2016-07-19  Daniel Bates  <dabates@apple.com>
983
984         CSP: Improve support for multiple policies to more closely conform to the CSP Level 2 spec.
985         https://bugs.webkit.org/show_bug.cgi?id=159841
986         <rdar://problem/27381684>
987
988         Reviewed by Brent Fulgham.
989
990         Implement a first pass at sending multiple violation reports so as to more closely
991         conform to section Enforcing multiple policies of the Content Security Policy Level 2 spec.,
992         <https://w3c.github.io/webappsec-csp/2/> (Editor's Draft, 25 April 2016).
993
994         Tests: http/tests/security/contentSecurityPolicy/1.1/script-blocked-sends-multiple-reports.php
995                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-enforced-policy-and-blocked-by-report-policy.php
996                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-enforced-policy-and-blocked-by-report-policy2.php
997                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy.php
998                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
999                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-enforced-policy-and-allowed-by-report-policy.php
1000                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-enforced-policy-and-allowed-by-report-policy2.php
1001                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy.php
1002                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy2.php
1003                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy.php
1004                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
1005                http/tests/security/contentSecurityPolicy/1.1/scripthash-in-enforced-policy-and-not-in-report-only.html
1006                http/tests/security/contentSecurityPolicy/1.1/scripthash-in-one-enforced-policy-neither-in-another-enforced-policy-nor-report-policy.html
1007                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-enforced-policy-and-blocked-by-report-policy.php
1008                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-enforced-policy-and-blocked-by-report-policy2.php
1009                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy.php
1010                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
1011                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-enforced-policy-and-allowed-by-report-policy.php
1012                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-enforced-policy-and-allowed-by-report-policy2.php
1013                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy.php
1014                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy2.php
1015                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy.php
1016                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
1017                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-in-enforced-policy-and-not-in-report-only.html
1018                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-in-one-enforced-policy-neither-in-another-enforced-policy-nor-report-policy.html
1019                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-multiple-policies.html
1020
1021         * page/csp/ContentSecurityPolicy.cpp:
1022         (WebCore::ContentSecurityPolicy::allPoliciesWithDispositionAllow): Added. Returns whether the resource
1023         is allowed by all of the policies with the specified disposition.
1024         (WebCore::ContentSecurityPolicy::allPoliciesAllow): Added. Returns whether the resource is allowed by
1025         all of the enforced policies.
1026         (WebCore::ContentSecurityPolicy::findHashOfContentInPolicies): Formerly named foundHashOfContentInAllPolicies.
1027         Modified to return a ("has found hash in all enforced policies, "has found hash in all report-only policies)-pair
1028         so that we can differentiate whether the hash violated an enforced policy or a report-only policy.
1029         (WebCore::ContentSecurityPolicy::allowJavaScriptURLs): Write in terms of ContentSecurityPolicy::allPoliciesAllow().
1030         (WebCore::ContentSecurityPolicy::allowInlineEventHandlers): Ditto.
1031         (WebCore::ContentSecurityPolicy::allowScriptWithNonce): For now only accept a nonce if it is allowed by
1032         all enforced policies. As a side effect of this change is that we only send a CSP violation report when a
1033         nonce violates a report-only policy only if the nonce also violates one or more enforced policies. We will
1034         address this limitation in <https://bugs.webkit.org/show_bug.cgi?id=159830>.
1035         (WebCore::ContentSecurityPolicy::allowStyleWithNonce): Ditto.
1036         (WebCore::ContentSecurityPolicy::allowInlineScript): Differentiate between a hash/'unsafe-inline' that
1037         matches/is contained in all enforce policies and a hash/'unsafe-inline' that matches/is contained in all
1038         report-only policies so that we only allow the resource for the former. As a side effect of this change
1039         we may report that a resource violated a policy even if it contained the hash. See <https://bugs.webkit.org/show_bug.cgi?id=159832>
1040         for more details.
1041         (WebCore::ContentSecurityPolicy::allowInlineStyle): Ditto.
1042         (WebCore::ContentSecurityPolicy::allowEval): Write in terms of ContentSecurityPolicy::allPoliciesAllow().
1043         (WebCore::ContentSecurityPolicy::allowFrameAncestors): Ditto.
1044         (WebCore::ContentSecurityPolicy::allowPluginType): Ditto.
1045         (WebCore::ContentSecurityPolicy::allowScriptFromSource): Ditto.
1046         (WebCore::ContentSecurityPolicy::allowObjectFromSource): Ditto.
1047         (WebCore::ContentSecurityPolicy::allowChildFrameFromSource): Ditto.
1048         (WebCore::ContentSecurityPolicy::allowChildContextFromSource): Ditto.
1049         (WebCore::ContentSecurityPolicy::allowImageFromSource): Ditto.
1050         (WebCore::ContentSecurityPolicy::allowStyleFromSource): Ditto.
1051         (WebCore::ContentSecurityPolicy::allowFontFromSource): Ditto.
1052         (WebCore::ContentSecurityPolicy::allowMediaFromSource): Ditto.
1053         (WebCore::ContentSecurityPolicy::allowConnectToSource): Ditto.
1054         (WebCore::ContentSecurityPolicy::allowFormAction): Ditto.
1055         (WebCore::ContentSecurityPolicy::allowBaseURI): Ditto.
1056         (WebCore::ContentSecurityPolicy::foundHashOfContentInAllPolicies): Deleted.
1057         * page/csp/ContentSecurityPolicy.h:
1058         (WebCore::ContentSecurityPolicy::violatedDirectiveInAnyPolicy): Deleted.
1059
1060 2016-07-19  Chris Dumez  <cdumez@apple.com>
1061
1062         Fix null handling of HTMLScriptElement.text attribute
1063         https://bugs.webkit.org/show_bug.cgi?id=159943
1064
1065         Reviewed by Benjamin Poulain.
1066
1067         Fix null handling of HTMLScriptElement.text attribute:
1068         - https://html.spec.whatwg.org/multipage/scripting.html#the-script-element
1069
1070         We should treat null as the "null" String but we were treating it as
1071         the empty string.
1072
1073         Firefox and Chrome match the specification.
1074
1075         No new tests, rebaselined existing test.
1076
1077         * html/HTMLScriptElement.idl:
1078
1079 2016-07-19  Chris Dumez  <cdumez@apple.com>
1080
1081         autocapitalize attribute should not use [TreatNullAs=LegacyNullString]
1082         https://bugs.webkit.org/show_bug.cgi?id=159934
1083
1084         Reviewed by Benjamin Poulain.
1085
1086         autocapitalize attribute should not use [TreatNullAs=LegacyNullString]. This is
1087         non-standard and we want to drop support for it from the bindings generator.
1088
1089         Instead, use [TreatNullAs=EmptyString] in order to maintain existing behavior
1090         given that both a missing/empty attribute result in using the default
1091         autocapitalization mode and that autocapitalize returns the empty string by
1092         default.
1093
1094         Test: platform/ios-simulator/ios/fast/forms/autocapitalize-null.html
1095
1096         * html/HTMLFormElement.idl:
1097         * html/HTMLInputElement.idl:
1098         * html/HTMLTextAreaElement.idl:
1099
1100 2016-07-19  Zalan Bujtas  <zalan@apple.com>
1101
1102         REGRESSION(r203415): ASSERTION FAILED: !m_layoutRoot->container() || !m_layoutRoot->container()->needsLayout()
1103         https://bugs.webkit.org/show_bug.cgi?id=159952
1104
1105         Reviewed by Simon Fraser.
1106
1107         Update ASSERTs to reflect new functionality, that is, now we can end up in a state
1108         where the container (RenderView) of one of the dirty subtrees is dirty.
1109         See r203415.
1110  
1111         Covered by editing/pasteboard/drag-drop-input-in-svg.svg
1112
1113         * page/FrameView.cpp:
1114         (WebCore::FrameView::scheduleRelayoutOfSubtree):
1115
1116 2016-07-19  Dean Jackson  <dino@apple.com>
1117
1118         REGRESSION(202927): The first slide is the only displayed slide when Quicklooking a Keynote file
1119         https://bugs.webkit.org/show_bug.cgi?id=159948
1120         <rdar://problem/27391012>
1121
1122         Reviewed by Simon Fraser.
1123
1124         There is an iOS bug (<rdar://problem/27416744>) that is causing us
1125         to not always get a color space on CGContextRefs. Investigation of this
1126         exposed some optimizations we can take when we are creating ImageBuffers.
1127         In particular, if we have a bitmap context or an IOSurfaceContext we
1128         can simply copy their color space using API. Otherwise we stick with
1129         the existing CGContextCopyDeviceColorSpace.
1130
1131         Lastly, if for some reason we are unable to copy the device color space,
1132         we should fall back to sRGB.
1133
1134         * platform/graphics/cg/ImageBufferCG.cpp:
1135         (WebCore::ImageBuffer::createCompatibleBuffer):
1136         * platform/spi/cg/CoreGraphicsSPI.h: Add some SPI and enums.
1137
1138
1139 2016-07-19  George Ruan  <gruan@apple.com>
1140
1141         HTMLVideoElement frames do not update on iOS when src is a MediaStream blob
1142         https://bugs.webkit.org/show_bug.cgi?id=159833
1143         <rdar://problem/27379487>
1144
1145         Reviewed by Eric Carlson.
1146
1147         Test: fast/mediastream/MediaStream-video-element-displays-buffer.html
1148
1149         * WebCore.xcodeproj/project.pbxproj:
1150         * platform/graphics/avfoundation/MediaSampleAVFObjC.h: Change create to return a Ref<T> instead
1151         of RefPtr<T>
1152         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h: Make observer of
1153         MediaStreamTrackPrivate and make MediaPlayer use an AVSampleBufferDisplayLayer instead of CALayer.
1154         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm: Ditto.
1155         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::~MediaPlayerPrivateMediaStreamAVFObjC): Clean up
1156         observers and AVSampleBufferDisplayLayer
1157         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::isAvailable): Ensures AVSampleBufferDisplayLayer
1158         is available.
1159         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueAudioSampleBufferFromTrack): Placeholder.
1160         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueVideoSampleBufferFromTrack): Responsible
1161         for enqueuing sample buffers to the active video track.
1162         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::ensureLayer): Ensures that an AVSampleBufferDisplayLayer
1163         exists.
1164         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::destroyLayer): Destroys the AVSampleBufferDisplayLayer.
1165         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::platformLayer): Replace CALayer with AVSampleBufferDisplayLayer.
1166         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::currentDisplayMode): Ditto.
1167         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::sampleBufferUpdated): Called from MediaStreamTrackPrivate when a
1168         new SampleBuffer is available.
1169         (WebCore::updateTracksOfType): Manage adding and removing self as observer from tracks.
1170         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateTracks): Replace CALayer with AVSampleBufferDisplayLayer
1171         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::acceleratedRenderingStateChanged): Copied from
1172         MediaPlayerPrivateMediaSourceAVFObjC.mm
1173         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::load): Deleted CALayer.
1174         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateDisplayMode): Deleted process of updating CALayer.
1175         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateIntrinsicSize): Deleted CALayer.
1176         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::createPreviewLayers): Deleted.
1177         * platform/mediastream/MediaStreamPrivate.cpp:
1178         (WebCore::MediaStreamPrivate::updateActiveVideoTrack): Remove redundant check.
1179         * platform/mediastream/MediaStreamTrackPrivate.cpp:
1180         (WebCore::MediaStreamTrackPrivate::sourceHasMoreMediaData): Called from RealtimeMediaSource when a new SampleBuffer
1181         is available.
1182         * platform/mediastream/MediaStreamTrackPrivate.h:
1183         (WebCore::MediaStreamTrackPrivate::Observer::sampleBufferUpdated): Relays to MediaPlayerPrivateMediaStream that
1184         a new SampleBuffer is available to enqueue to the AVSampleBufferDisplayLayer.
1185         * platform/mediastream/RealtimeMediaSource.cpp:
1186         (WebCore::RealtimeMediaSource::mediaDataUpdated): Relays to all observers that a new SampleBuffer is available.
1187         * platform/mediastream/RealtimeMediaSource.h:
1188         * platform/mediastream/mac/AVVideoCaptureSource.mm:
1189         (WebCore::AVVideoCaptureSource::processNewFrame): Calls mediaDataUpdated when a new SampleBuffer is captured.
1190
1191 2016-07-19  Anders Carlsson  <andersca@apple.com>
1192
1193         Get rid of a #define private public hack in WebCore
1194         https://bugs.webkit.org/show_bug.cgi?id=159953
1195
1196         Reviewed by Dan Bernstein.
1197
1198         Use @package instead.
1199
1200         * bindings/objc/DOMInternal.h:
1201         * bindings/objc/DOMObject.h:
1202
1203 2016-07-19  Andreas Kling  <akling@apple.com>
1204
1205         Fix SharedBuffer leak in MockContentFilter::replacementData().
1206         <https://webkit.org/b/159945>
1207
1208         Reviewed by Andy Estes.
1209
1210         Spotted on leaks bot. This code was pretty explicit about how it's going to leak.
1211         Since this is in the mock filter, it only affected layout tests.
1212
1213         * testing/MockContentFilter.cpp:
1214         (WebCore::MockContentFilter::replacementData):
1215
1216 2016-07-19  Zalan Bujtas  <zalan@apple.com>
1217
1218         theguardian.co.uk crossword puzzles are sometimes not displaying text
1219         https://bugs.webkit.org/show_bug.cgi?id=159924
1220         <rdar://problem/27409483>
1221
1222         Reviewed by Simon Fraser.
1223
1224         This patch fixes the case when
1225         - 2 disjoint subtrees are dirty
1226         - RenderView is also dirty.
1227         and we end up not laying out one of the 2 subtrees.
1228
1229         In FrameView::scheduleRelayoutOfSubtree, we assume that when the RenderView is dirty
1230         we already have a pending full layout which means that any previous subtree layouts have already been
1231         converted to full layouts.
1232         However this assumption is incorrect. RenderView can get dirty without checking if there's
1233         already a pending subtree layout.
1234         One option to solve this problem would be to override RenderObject::setNeedsLayout in RenderView
1235         so that when the RenderView gets dirty, we could also convert any pending subtree layout to full layout.
1236         However RenderObject::setNeedsLayout is a hot function and making it virtual would impact performance.
1237         The other option is to always normalize subtree layouts in FrameView::scheduleRelayoutOfSubtree().
1238         This patch implements the second option.
1239
1240         Test: fast/misc/subtree-layouts.html
1241
1242         * page/FrameView.cpp:
1243         (WebCore::FrameView::scheduleRelayoutOfSubtree):
1244
1245 2016-07-19  Anders Carlsson  <andersca@apple.com>
1246
1247         Some payment authorization status values should keep the sheet active
1248         https://bugs.webkit.org/show_bug.cgi?id=159936
1249         rdar://problem/26756701
1250
1251         Reviewed by Tim Horton.
1252
1253         * Modules/applepay/ApplePaySession.cpp:
1254         (WebCore::ApplePaySession::completePayment):
1255         Keep the sheet active if the status isn't a final state status.
1256
1257         * Modules/applepay/PaymentAuthorizationStatus.h:
1258         (WebCore::isFinalStateStatus):
1259         Add a new helper function that returns whether a given payment authorization status is "final",
1260         meaning that once that status has been passed to completePayment, the session is finished.
1261
1262 2016-07-19  Nan Wang  <n_wang@apple.com>
1263
1264         AX: Incorrect behavior for word related text marker functions when there's collapsed whitespace
1265         https://bugs.webkit.org/show_bug.cgi?id=159910
1266
1267         Reviewed by Chris Fleizach.
1268
1269         We are getting a bad CharacterOffset when there's collapsed whitespace. Added a TraverseOptionValidateOffset
1270         option to make sure we are getting the correct CharacterOffset based on the corresponding Range offset. And
1271         fixed a word navigation issue based on that.
1272
1273         Test: accessibility/mac/text-marker-word-nav-collapsed-whitespace.html
1274
1275         * accessibility/AXObjectCache.cpp:
1276         (WebCore::AXObjectCache::traverseToOffsetInRange):
1277         (WebCore::AXObjectCache::rangeForNodeContents):
1278         (WebCore::AXObjectCache::startOrEndCharacterOffsetForRange):
1279         (WebCore::AXObjectCache::characterOffsetFromVisiblePosition):
1280         (WebCore::AXObjectCache::rightWordRange):
1281         (WebCore::AXObjectCache::previousBoundary):
1282         * accessibility/AXObjectCache.h:
1283         (WebCore::AXObjectCache::isNodeInUse):
1284
1285 2016-07-19  Youenn Fablet  <youenn@apple.com>
1286
1287         [Streams API] ReadableStreamController methods should throw if its stream is not readable
1288         https://bugs.webkit.org/show_bug.cgi?id=159871
1289
1290         Reviewed by Xabier Rodriguez-Calvar.
1291
1292         Spec now mandates close and enqueue to throw if ReadableStream is not readable.
1293         Covered by rebased and/or modified tests.
1294
1295         * Modules/streams/ReadableStreamController.js:
1296         (enqueue): Throwing a TypeError if controlled stream is not readable.
1297         (close): Ditto.
1298
1299 2016-07-19  Simon Fraser  <simon.fraser@apple.com>
1300
1301         Bubbles appear split for a brief moment in Messages
1302         https://bugs.webkit.org/show_bug.cgi?id=159915
1303         rdar://problem/27182267
1304
1305         Reviewed by David Hyatt.
1306
1307         RenderView::repaintRootContents() had a long-standing bug in WebView when the
1308         view is scrolled. repaint() uses visualOverflowRect() but, for the 
1309         RenderView, the visualOverflowRect() is the initial containing block
1310         which is anchored at 0,0. When the view is scrolled it's clipped out and
1311         calls to repaintRootContents() have no effect.
1312         
1313         Change repaintRootContents() to use layoutOverflowRect(). ScrollView::repaintContentRectangle()
1314         will clip it to the view if necessary.
1315
1316         Test: fast/repaint/scrolled-view-full-repaint.html
1317
1318         * rendering/RenderView.cpp:
1319         (WebCore::RenderView::repaintRootContents):
1320
1321 2016-07-19  Dan Bernstein  <mitz@apple.com>
1322
1323         <rdar://problem/27420308> WebCore-7602.1.42 fails to build: error: unused parameter 'vm'
1324
1325         * bindings/js/JSDOMGlobalObject.cpp:
1326         (WebCore::JSDOMGlobalObject::addBuiltinGlobals): Fixed the !ENABLE(STREAMS_API) build.
1327
1328 2016-07-19  Youenn Fablet  <youenn@apple.com>
1329
1330         [Streams API] Make ReadableStream properties not enumerable
1331         https://bugs.webkit.org/show_bug.cgi?id=159868
1332
1333         Reviewed by Darin Adler.
1334
1335         Covered by rebased tests.
1336
1337         Uopdating IDL definitions to mark all functions/attributes as not enumerable.
1338         Updating IDL constructor definitions to correctly compute constructor length.
1339         Updating built-in implementation to correctly compute pipeTo length to 1 (second parameter being optional).
1340
1341         * Modules/streams/ReadableStream.idl:
1342         * Modules/streams/ReadableStream.js:
1343         * Modules/streams/ReadableStreamController.idl:
1344         * Modules/streams/ReadableStreamReader.idl:
1345
1346 2016-07-19  Chris Dumez  <cdumez@apple.com>
1347
1348         form.enctype / encoding / method should treat null as "null" string
1349         https://bugs.webkit.org/show_bug.cgi?id=159916
1350
1351         Reviewed by Ryosuke Niwa.
1352
1353         form.enctype / encoding / method should treat null as "null" string:
1354         - https://html.spec.whatwg.org/multipage/forms.html#htmlformelement
1355
1356         Previously, WebKit would treat null as the null String, which would
1357         end up removing the existing attribute.
1358
1359         Firefox and Chrome match the specification.
1360
1361         Test: fast/dom/HTMLFormElement/null-handling.html
1362
1363         * html/HTMLFormElement.h:
1364         * html/HTMLFormElement.idl:
1365
1366 2016-07-18  Csaba Osztrogon√°c  <ossy@webkit.org>
1367
1368         All-in-one buildfix after r202439
1369         https://bugs.webkit.org/show_bug.cgi?id=159877
1370
1371         Reviewed by Chris Dumez.
1372
1373         * Modules/webaudio/AudioDestinationNode.h:
1374         (WebCore::AudioDestinationNode::resume):
1375         (WebCore::AudioDestinationNode::suspend):
1376         (WebCore::AudioDestinationNode::close):
1377
1378 2016-07-18  Frederic Wang  <fwang@igalia.com>
1379
1380         Move parsing of subscriptshift and superscriptshift from rendering to element classes
1381         https://bugs.webkit.org/show_bug.cgi?id=159622
1382
1383         Reviewed by Darin Adler.
1384
1385         We introduce a new MathMLScriptsElement that is used for elements msub, msup, msubsup and
1386         mmultiscripts in order to create RenderMathMLScripts and parse and expose the values of the
1387         subscriptshift and superscriptshift attributes. This is one more step toward moving MathML
1388         attribute parsing to the DOM (bug 156536).
1389
1390         No new tests, rendering is unchanged.
1391
1392         * CMakeLists.txt: Add MathMLScriptsElement files.
1393         * WebCore.xcodeproj/project.pbxproj: Ditto.
1394         * mathml/MathMLAllInOne.cpp: Ditto.
1395         * mathml/MathMLInlineContainerElement.cpp: Remove handling of scripts.
1396         (WebCore::MathMLInlineContainerElement::createElementRenderer): Deleted.
1397         * mathml/MathMLScriptsElement.cpp: Added. New class to handle scripted elements supporting
1398         parsing for the subscriptshift and superscriptshift MathML lengths.
1399         (WebCore::MathMLScriptsElement::MathMLScriptsElement):
1400         (WebCore::MathMLScriptsElement::create):
1401         (WebCore::MathMLScriptsElement::subscriptShift): Expose the cached length for the shift,
1402         parsing the attribute again if necessary.
1403         (WebCore::MathMLScriptsElement::superscriptShift): Ditto.
1404         (WebCore::MathMLScriptsElement::parseAttribute): Mark attributes dirty.
1405         (WebCore::MathMLScriptsElement::createElementRenderer): Create RenderMathMLScripts.
1406         * mathml/MathMLScriptsElement.h: Ditto.
1407         * mathml/mathtags.in: Map msub, msup, msubsup and mmultiscripts to MathMLScriptsElement.
1408         * rendering/mathml/RenderMathMLScripts.cpp:
1409         (WebCore::RenderMathMLScripts::scriptsElement): Helper function to cast the node to a
1410         MathMLScriptsElement.
1411         (WebCore::RenderMathMLScripts::getScriptMetricsAndLayoutIfNeeded): Resolve the attributes
1412         using the functions from the MathMLScriptsElement class.
1413         * rendering/mathml/RenderMathMLScripts.h: Declare scriptsElement.
1414
1415 2016-07-18  Frederic Wang  <fwang@igalia.com>
1416
1417         Do not store gap and shift parameters on RenderMathMLFraction
1418         https://bugs.webkit.org/show_bug.cgi?id=159876
1419
1420         Reviewed by Darin Adler.
1421
1422         After r203285, the stack and fraction layout parameters are only used in layoutBlock so we
1423         do not need to store them on the class. We remove them and split updateLayoutParameters into
1424         three functions: one to update the linethickness and two others to retrieve the fraction and
1425         stack respectively.
1426
1427         No new tests, rendering is unchanged.
1428
1429         * rendering/mathml/RenderMathMLFraction.cpp:
1430         (WebCore::RenderMathMLFraction::updateLineThickness): Move code to update thickness members here.
1431         (WebCore::RenderMathMLFraction::getFractionParameters): Move code to retrieve fraction parameters here.
1432         (WebCore::RenderMathMLFraction::getStackParameters): Move code to retrieve stack parameters here.
1433         (WebCore::RenderMathMLFraction::layoutBlock): Use the new helper functions and local variables
1434         for fraction and stack parameters.
1435         (WebCore::RenderMathMLFraction::updateLayoutParameters): Deleted.
1436         * rendering/mathml/RenderMathMLFraction.h: Declare new helper functions and remove members
1437         for stack and fraction parameters.
1438
1439 2016-07-18  Chris Dumez  <cdumez@apple.com>
1440
1441         input.formEnctype / formMethod and button.formEnctype / formMethod / type should treat null as "null"
1442         https://bugs.webkit.org/show_bug.cgi?id=159908
1443
1444         Reviewed by Alex Christensen.
1445
1446         input.formEnctype / formMethod and button.formEnctype / formMethod / type
1447         should treat null as "null" String:
1448         - https://html.spec.whatwg.org/multipage/forms.html#htmlinputelement
1449         - https://html.spec.whatwg.org/multipage/forms.html#htmlbuttonelement
1450
1451         In WebKit, we would treat null as a null String which would end up
1452         removing the corresponding attribute. This does not match the
1453         specification. Firefox and Chrome match the specification here.
1454
1455         Tests:
1456         - fast/dom/HTMLButtonElement/null-handling.html
1457         - fast/dom/HTMLInputElement/null-handling.html
1458
1459         * html/HTMLButtonElement.idl:
1460         * html/HTMLInputElement.idl:
1461
1462 2016-07-18  Alex Christensen  <achristensen@webkit.org>
1463
1464         webbookmarksd needs to use the same AppCache directory as MobileSafari
1465         https://bugs.webkit.org/show_bug.cgi?id=159912
1466
1467         Reviewed by Alexey Proskuryakov.
1468
1469         No new tests.  This only changes behavior for webbookmarksd.
1470
1471         * platform/RuntimeApplicationChecks.h:
1472         * platform/RuntimeApplicationChecks.mm:
1473         (WebCore::IOSApplication::isWebBookmarksD): Added.
1474
1475 2016-07-18  Chris Dumez  <cdumez@apple.com>
1476
1477         EventTarget.dispatchEvent() parameter should not be nullable
1478         https://bugs.webkit.org/show_bug.cgi?id=159897
1479
1480         Reviewed by Benjamin Poulain.
1481
1482         EventTarget.dispatchEvent() parameter should not be nullable:
1483         - https://dom.spec.whatwg.org/#interface-eventtarget
1484
1485         Even though the parameter was marked as nullable in our IDL, our
1486         implementation does a null check and we already throw a TypeError
1487         when calling dispatchEvent(null).
1488
1489         Update our IDL so that it matches the specification and so that
1490         the null check is generated in the bindings instead.
1491
1492         No new tests, rebaseline existing tests.
1493
1494         * dom/EventTarget.cpp:
1495         (WebCore::EventTarget::dispatchEventForBindings):
1496         * dom/EventTarget.h:
1497         * dom/EventTarget.idl:
1498
1499 2016-07-18  Chris Dumez  <cdumez@apple.com>
1500
1501         DocType's publicId / systemId should not be nullable
1502         https://bugs.webkit.org/show_bug.cgi?id=159901
1503
1504         Reviewed by Benjamin Poulain.
1505
1506         DocType's publicId / systemId should not be nullable. While they were
1507         not marked as nullable in our IDL, they could be stored as null Strings
1508         in our implementation depending on how the Node was constructed. This
1509         led to subtle bugs where String() != emptyString().
1510
1511         In particular, Node.isEqualNode() would return false when DocumentType
1512         nodes would mismatch because of their publicId / systemId being null
1513         instead of the emptyString.
1514
1515         Serialization would DocumentType nodes would also be wrong when
1516         publicId / systemId were empty Strings instead of null strings. The
1517         new behavior now matches:
1518         - https://www.w3.org/TR/DOM-Parsing/#dfn-concept-serialize-doctype (steps 7-9)
1519
1520         To address these issues, we now always store publicId / systemId as
1521         non-null Strings inside the DocumentType class.
1522
1523         Test: fast/dom/DocumentType/isEqualNode.html
1524
1525         * dom/DocumentType.cpp:
1526         (WebCore::DocumentType::DocumentType):
1527         * editing/MarkupAccumulator.cpp:
1528         (WebCore::MarkupAccumulator::appendDocumentType):
1529
1530 2016-07-18  Jeremy Jones  <jeremyj@apple.com>
1531
1532         If previous media session interruptions were prevented, still allow subsequent interruptions to try.
1533         https://bugs.webkit.org/show_bug.cgi?id=157553
1534         rdar://problem/25740804
1535
1536         Reviewed by Eric Carlson.
1537
1538         Test: platform/ios-simulator/media/video-interruption-suspendunderlock.html
1539
1540         When suspending under lock on iOS, there is first a resign active event, then a
1541         suspend under lock. PiP prevents resign active from interrupting playback. But it should allow the
1542         suspend under lock to interrupt playback.
1543
1544         Currently if there are nested interruptions only the first one is acted upon.
1545
1546         This change allows subsequent, nested interruptions to have a chance to interrupt playback if the
1547         previous interruptions were ignored.
1548
1549         This test is for iPad only, so it must be run manually.
1550
1551         * html/HTMLMediaElement.cpp:
1552         (WebCore::HTMLMediaElement::shouldOverrideBackgroundPlaybackRestriction):
1553         * platform/audio/PlatformMediaSession.cpp:
1554         (WebCore::PlatformMediaSession::beginInterruption):
1555         * testing/Internals.cpp:
1556         (WebCore::Internals::beginMediaSessionInterruption):
1557
1558 2016-07-18  Brent Fulgham  <bfulgham@apple.com>
1559
1560         Don't associate form-associated elements with forms in other trees.
1561         https://bugs.webkit.org/show_bug.cgi?id=119451
1562         <rdar://problem/27382946>
1563
1564         Change is based on the Blink change (patch by <adamk@chromium.org>):
1565         <https://chromium.googlesource.com/chromium/blink/+/0b33128be67e7845d495d5219614c02ccfe7a414>
1566
1567         Reviewed by Chris Dumez.
1568
1569         Prevent elements from being associated with forms that are not part of the same home subtree.
1570         This brings us in line with the WhatWG HTML specification as of September, 2013.
1571
1572         Tests: fast/forms/image-disconnected-during-parse.html
1573                fast/forms/input-disconnected-during-parse.html
1574
1575         * dom/Element.h:
1576         (WebCore::Node::rootElement): Added.
1577         * html/FormAssociatedElement.cpp:
1578         (WebCore::FormAssociatedElement::insertedInto): If the element is associated with a form that
1579         is not part of the same tree, remove the association.
1580         * html/HTMLImageElement.cpp:
1581         (WebCore::HTMLImageElement::insertedInto): Ditto.
1582
1583 2016-07-18  Anders Carlsson  <andersca@apple.com>
1584
1585         WebKit nightly fails to build on macOS Sierra
1586         https://bugs.webkit.org/show_bug.cgi?id=159902
1587         rdar://problem/27365672
1588
1589         Reviewed by Tim Horton.
1590
1591         * Modules/applepay/cocoa/PaymentCocoa.mm:
1592         * Modules/applepay/cocoa/PaymentContactCocoa.mm:
1593         * Modules/applepay/cocoa/PaymentMerchantSessionCocoa.mm:
1594         * Modules/applepay/cocoa/PaymentMethodCocoa.mm:
1595         Use new PassKitSPI header.
1596
1597         * WebCore.xcodeproj/project.pbxproj:
1598         Add new PassKitSPI header.
1599
1600         * icu/unicode/ucurr.h: Added.
1601         Add ucurr.h from ICU.
1602
1603         * platform/spi/cocoa/PassKitSPI.h: Added.
1604         Add new PassKitSPI header.
1605
1606 2016-07-18  Dean Jackson  <dino@apple.com>
1607
1608         REGRESSION (r202950): Image zoom animations are broken at medium.com (159861)
1609         https://bugs.webkit.org/show_bug.cgi?id=159906
1610         <rdar://problem/27391725>
1611
1612         Reviewed by Simon Fraser.
1613
1614         The fix for webkit.org/b/157569 in r200769 broke AMP pages.
1615         The followup fix for webkit.org/b/159450 in r202950 broke Medium pages.
1616
1617         Revert them both until we have better testing.
1618
1619         * css/CSSParser.cpp:
1620         (WebCore::CSSParser::addPropertyWithPrefixingVariant):
1621         (WebCore::CSSParser::parseValue):
1622         (WebCore::CSSParser::parseAnimationShorthand):
1623         (WebCore::CSSParser::parseTransitionShorthand): Deleted.
1624         * css/CSSPropertyNames.in:
1625         * css/PropertySetCSSStyleDeclaration.cpp:
1626         (WebCore::PropertySetCSSStyleDeclaration::getPropertyCSSValue):
1627         (WebCore::PropertySetCSSStyleDeclaration::getPropertyValue):
1628         (WebCore::PropertySetCSSStyleDeclaration::getPropertyCSSValueInternal):
1629         (WebCore::PropertySetCSSStyleDeclaration::getPropertyValueInternal):
1630         * css/StyleProperties.cpp:
1631         (WebCore::MutableStyleProperties::removeShorthandProperty):
1632         (WebCore::MutableStyleProperties::removeProperty):
1633         (WebCore::MutableStyleProperties::removePrefixedOrUnprefixedProperty):
1634         (WebCore::MutableStyleProperties::setProperty):
1635         (WebCore::getIndexInShorthandVectorForPrefixingVariant):
1636         (WebCore::MutableStyleProperties::appendPrefixingVariantProperty):
1637         (WebCore::MutableStyleProperties::setPrefixingVariantProperty):
1638         (WebCore::StyleProperties::asText): Deleted.
1639         * css/StyleProperties.h:
1640
1641 2016-07-18  Andreas Kling  <akling@apple.com>
1642
1643         There should be a way to simulate memory pressure in layout tests
1644         <https://webkit.org/b/159743>
1645
1646         Reviewed by Simon Fraser.
1647
1648         Add three window.internal APIs:
1649
1650             - boolean isUnderMemoryPressure (readonly attribute)
1651             - void beginSimulatedMemoryPressure()
1652             - void endSimulatedMemoryPressure()
1653
1654         These make it possible to write tests that exercise behaviors that only
1655         occur during memory pressure situations.
1656
1657         I also implemented the "org.WebKit.lowMemory" notification handler using the new API.
1658
1659         Test: memory/memory-pressure-simulation.html
1660
1661         * platform/MemoryPressureHandler.cpp:
1662         (WebCore::MemoryPressureHandler::beginSimulatedMemoryPressure):
1663         (WebCore::MemoryPressureHandler::endSimulatedMemoryPressure):
1664         * platform/MemoryPressureHandler.h:
1665         (WebCore::MemoryPressureHandler::isUnderMemoryPressure):
1666         * platform/cocoa/MemoryPressureHandlerCocoa.mm:
1667         (WebCore::MemoryPressureHandler::platformReleaseMemory):
1668         (WebCore::MemoryPressureHandler::install):
1669         * testing/Internals.cpp:
1670         (WebCore::Internals::isUnderMemoryPressure):
1671         (WebCore::Internals::beginSimulatedMemoryPressure):
1672         (WebCore::Internals::endSimulatedMemoryPressure):
1673         * testing/Internals.h:
1674         * testing/Internals.idl:
1675
1676 2016-07-18  Said Abou-Hallawa  <sabouhallawa@apple,com>
1677
1678         [iOS] PDFDocumentImage should cache only a sub image of the PDF when caching the whole image is expensive
1679         https://bugs.webkit.org/show_bug.cgi?id=158715
1680
1681         Reviewed by Dean Jackson.
1682
1683         Test: fast/images/displaced-non-cached-pdf.html
1684
1685         For iOS, we need to ensure the size of the cached PDF images will not
1686         exceed some limit. Also we should be caching only a sub image of the PDF
1687         if caching the whole image will exceed the memory limit.
1688
1689         * page/Settings.cpp:
1690         (WebCore::Settings::Settings):
1691         (WebCore::Settings::setCachedPDFImageEnabled):
1692         * page/Settings.h:
1693         (WebCore::Settings::isCachedPDFImageEnabled):
1694             Add an option to disable caching the PDF images.
1695
1696         * platform/graphics/cg/PDFDocumentImage.cpp:
1697         (WebCore::PDFDocumentImage::setCachedPDFImageEnabled):
1698             Allow the caller of draw() to disable caching the PDF images.
1699         
1700         (WebCore::PDFDocumentImage::cacheParametersMatch):
1701             Match the context dirty rectangle with the cached image rectangle.
1702         
1703         (WebCore::transformContextForPainting):
1704             When preparing the context for drawing the PDF, take the location 
1705             of the destination rectangle into account. We do not need to scale
1706             the location of the source rectangle because we scale the size of
1707             the rectangle but we don't scale the whole coordinate system.
1708
1709         (WebCore::cachedImageRect):
1710             Calculate the rectangle of the cached image such that it does not
1711             exceed the limit. Start from the center of the dirty rectangle and
1712             then expand around it.
1713             
1714         (WebCore::PDFDocumentImage::decodedSizeChanged):
1715             In addition to notifying the ImageObserver, it keeps track of the size
1716             of all the cached PDF images.
1717
1718         (WebCore::PDFDocumentImage::updateCachedImageIfNeeded):
1719             Ensure the size of all the cached images does not exceed the limit
1720             
1721         (WebCore::PDFDocumentImage::destroyDecodedData):
1722         * platform/graphics/cg/PDFDocumentImage.h:
1723
1724         * rendering/RenderImage.cpp:
1725         (WebCore::RenderImage::paintIntoRect):
1726             Pass the option to disable caching the PDF images to PDFDocumentImage.
1727
1728         * testing/InternalSettings.cpp:
1729         (WebCore::InternalSettings::Backup::Backup):
1730         (WebCore::InternalSettings::Backup::restoreTo):
1731         (WebCore::InternalSettings::setCachedPDFImageEnabled):
1732         * testing/InternalSettings.h:
1733         * testing/InternalSettings.idl:
1734             Add an internal option to disable caching the PDF images.
1735
1736 2016-07-18  Chris Dumez  <cdumez@apple.com>
1737
1738         The 2 first parameters to addEventListener() / removeEventListener() should be mandatory
1739         https://bugs.webkit.org/show_bug.cgi?id=158008
1740
1741         Reviewed by Darin Adler.
1742
1743         The 2 first parameters to addEventListener() / removeEventListener() should be
1744         mandatory:
1745         - https://dom.spec.whatwg.org/#interface-eventtarget
1746
1747         Firefox 46 and Chrome 50 both match the specification and throw an exception when those
1748         parameters are omitted. However, those parameters were marked as optional in WebKit and
1749         the calls were no-ops if those parameters were omitted. This patch aligns our behavior
1750         with the specification and other browsers.
1751
1752         Test: fast/dom/eventtarget-api-parameters.html
1753
1754         * bindings/scripts/CodeGeneratorJS.pm:
1755         (GetFunctionLength): Deleted.
1756         * dom/EventTarget.idl:
1757
1758 2016-07-18  Brent Fulgham  <bfulgham@apple.com>
1759
1760         Unreviewed, rolling out r203373.
1761
1762         Unaddressed
1763
1764         Reverted changeset:
1765
1766         "Don't associate form-associated elements with forms in other
1767         trees."
1768         https://bugs.webkit.org/show_bug.cgi?id=119451
1769         http://trac.webkit.org/changeset/203373
1770
1771 2016-07-18  Brent Fulgham  <bfulgham@apple.com>
1772
1773         Don't associate form-associated elements with forms in other trees.
1774         https://bugs.webkit.org/show_bug.cgi?id=119451
1775         <rdar://problem/27382946>
1776
1777         Change is based on the Blink change (patch by <adamk@chromium.org>):
1778         <https://chromium.googlesource.com/chromium/blink/+/0b33128be67e7845d495d5219614c02ccfe7a414>
1779
1780         Reviewed by Zalan Bujtas.
1781
1782         Prevent elements from being associated with forms that are not part of the same home subtree.
1783         This brings us in line with the WhatWG HTML specification as of September, 2013.
1784
1785         Tests: fast/forms/image-disconnected-during-parse.html
1786                fast/forms/input-disconnected-during-parse.html
1787
1788         * dom/NodeTraversal.h:
1789         (WebCore::NodeTraversal::highestAncestorOrSelf): Added.
1790         * html/FormAssociatedElement.cpp:
1791         (WebCore::FormAssociatedElement::insertedInto): If the element is associated with a form that
1792         is not part of the same tree, remove the association.
1793         * html/HTMLImageElement.cpp:
1794         (WebCore::HTMLImageElement::insertedInto): Ditto.
1795
1796 2016-07-18  George Ruan  <gruan@apple.com>
1797
1798         Move MediaSampleAVFObjC into its own file
1799         https://bugs.webkit.org/show_bug.cgi?id=159796
1800         <rdar://problem/27362488>
1801
1802         In preparation for a feature that uses MediaSampleAVFObjC, but does
1803         not need SourceBufferPrivateAVFObjC, it is beneficial to move
1804         MediaSampleAVFObjC to its own file.
1805
1806         Reviewed by Eric Carlson.
1807
1808         * WebCore.xcodeproj/project.pbxproj:
1809         * platform/MediaSample.h: Allow setting trackID to associate
1810         MediaSample id with MediaStreamTrackPrivate id.
1811         * platform/graphics/avfoundation/MediaSampleAVFObjC.h: Added.
1812         * platform/graphics/avfoundation/objc/MediaSampleAVFObjC.mm: Moved
1813         from MediaSampleAVFObjC
1814         (WebCore::MediaSampleAVFObjC::presentationTime):
1815         (WebCore::MediaSampleAVFObjC::decodeTime):
1816         (WebCore::MediaSampleAVFObjC::duration):
1817         (WebCore::MediaSampleAVFObjC::sizeInBytes):
1818         (WebCore::MediaSampleAVFObjC::platformSample):
1819         (WebCore::CMSampleBufferIsRandomAccess):
1820         (WebCore::MediaSampleAVFObjC::flags):
1821         (WebCore::MediaSampleAVFObjC::presentationSize):
1822         (WebCore::MediaSampleAVFObjC::dump):
1823         (WebCore::MediaSampleAVFObjC::offsetTimestampsBy):
1824         (WebCore::MediaSampleAVFObjC::setTimestamps):
1825         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
1826         Moved MediaSampleAVFObjC to its own file.
1827         (WebCore::MediaSampleAVFObjC::platformSample): Deleted.
1828         (WebCore::CMSampleBufferIsRandomAccess): Deleted.
1829         (WebCore::MediaSampleAVFObjC::flags): Deleted.
1830         (WebCore::MediaSampleAVFObjC::presentationSize): Deleted.
1831         (WebCore::MediaSampleAVFObjC::dump): Deleted.
1832         (WebCore::MediaSampleAVFObjC::offsetTimestampsBy): Deleted.
1833         (WebCore::MediaSampleAVFObjC::setTimestamps): Deleted.
1834         * platform/mock/mediasource/MockSourceBufferPrivate.cpp:
1835
1836 2016-07-18  Eric Carlson  <eric.carlson@apple.com>
1837
1838         [MSE][Mac] Pass AVSampleBufferDisplayLayer HDCP status to a newly created key session
1839         https://bugs.webkit.org/show_bug.cgi?id=159812
1840         <rdar://problem/27371624>
1841
1842         Reviewed by Jon Lee.
1843
1844         No new tests, it isn't possible to test this with our current testing infrastructure.
1845
1846         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.h:
1847         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
1848         (WebCore::SourceBufferPrivateAVFObjC::setCDMSession): Call layerDidReceiveError if there has
1849         been an HDCP error.
1850         (WebCore::SourceBufferPrivateAVFObjC::rendererDidReceiveError): Remember an HDCP error.
1851
1852 2016-07-18  Yoav Weiss  <yoav@yoav.ws>
1853
1854         Add preload to features.json
1855         https://bugs.webkit.org/show_bug.cgi?id=159872
1856
1857         Reviewed by Darin Adler.
1858
1859         No new tests but no functional change.
1860
1861         * features.json:
1862
1863 2016-07-18  Youenn Fablet  <youenn@apple.com>
1864
1865         [Streams API] ReadableStream should throw a RangeError in case of NaN highWaterMark
1866         https://bugs.webkit.org/show_bug.cgi?id=159870
1867
1868         Reviewed by Xabier Rodriguez-Calvar.
1869
1870         Covered by rebased test.
1871
1872         * Modules/streams/StreamInternals.js:
1873         (validateAndNormalizeQueuingStrategy): Throwing a RangeError in lieu of a TypeError in case of NaN highWaterMark.
1874
1875 2016-07-18  Csaba Osztrogon√°c  <ossy@webkit.org>
1876
1877         Windows buildfix after r203338
1878         https://bugs.webkit.org/show_bug.cgi?id=159875
1879
1880         Unreviewed buildfix.
1881
1882         * dom/UserGestureIndicator.h:
1883         (WebCore::UserGestureToken::addDestructionObserver):
1884
1885 2016-07-18  Carlos Garcia Campos  <cgarcia@igalia.com>
1886
1887         MemoryPressureHandler doesn't work if cgroups aren't present in Linux
1888         https://bugs.webkit.org/show_bug.cgi?id=155255
1889
1890         Reviewed by Sergio Villar Senin.
1891
1892         Allow to pass an eventFD file descriptor to the MemoryPressureHandler to be monitorized in case cgroups are not
1893         available.
1894
1895         * platform/MemoryPressureHandler.h:
1896         * platform/linux/MemoryPressureHandlerLinux.cpp:
1897
1898 2016-07-17  Gyuyoung Kim  <gyuyoung.kim@webkit.org>
1899
1900         Clean up PassRefPtr uses in Modules/encryptedmedia, Modules/speech, and Modules/quota
1901         https://bugs.webkit.org/show_bug.cgi?id=159701
1902
1903         Reviewed by Alex Christensen.
1904
1905         No new tests, no behavior changes.
1906
1907         * Modules/encryptedmedia/CDM.h:
1908         * Modules/encryptedmedia/MediaKeySession.h:
1909         * Modules/encryptedmedia/MediaKeys.h:
1910         * Modules/quota/DOMWindowQuota.cpp:
1911         * Modules/quota/StorageErrorCallback.cpp:
1912         (WebCore::StorageErrorCallback::CallbackTask::CallbackTask):
1913         * Modules/quota/StorageErrorCallback.h:
1914         * Modules/quota/StorageInfo.h:
1915         * Modules/quota/StorageQuota.h:
1916         * Modules/speech/DOMWindowSpeechSynthesis.cpp:
1917         * Modules/speech/SpeechSynthesis.cpp:
1918         (WebCore::SpeechSynthesis::getVoices):
1919         (WebCore::SpeechSynthesis::startSpeakingImmediately):
1920         (WebCore::SpeechSynthesis::speak):
1921         (WebCore::SpeechSynthesis::cancel):
1922         (WebCore::SpeechSynthesis::handleSpeakingCompleted):
1923         (WebCore::SpeechSynthesis::boundaryEventOccurred):
1924         (WebCore::SpeechSynthesis::didStartSpeaking):
1925         (WebCore::SpeechSynthesis::didPauseSpeaking):
1926         (WebCore::SpeechSynthesis::didResumeSpeaking):
1927         (WebCore::SpeechSynthesis::didFinishSpeaking):
1928         (WebCore::SpeechSynthesis::speakingErrorOccurred):
1929         * Modules/speech/SpeechSynthesis.h:
1930         * Modules/speech/SpeechSynthesisEvent.h:
1931         * Modules/speech/SpeechSynthesisUtterance.h:
1932         * Modules/speech/SpeechSynthesisVoice.cpp:
1933         (WebCore::SpeechSynthesisVoice::create):
1934         (WebCore::SpeechSynthesisVoice::SpeechSynthesisVoice):
1935         * Modules/speech/SpeechSynthesisVoice.h:
1936         * platform/PlatformSpeechSynthesizer.h:
1937         * platform/efl/PlatformSpeechSynthesisProviderEfl.cpp:
1938         (WebCore::PlatformSpeechSynthesisProviderEfl::fireSpeechEvent):
1939         * platform/mock/PlatformSpeechSynthesizerMock.cpp:
1940         (WebCore::PlatformSpeechSynthesizerMock::speakingFinished):
1941         (WebCore::PlatformSpeechSynthesizerMock::speak):
1942         (WebCore::PlatformSpeechSynthesizerMock::cancel):
1943         (WebCore::PlatformSpeechSynthesizerMock::pause):
1944         (WebCore::PlatformSpeechSynthesizerMock::resume):
1945
1946 2016-07-16  Sam Weinig  <sam@webkit.org>
1947
1948         [WebKit API] Add SPI to track multiple navigations caused by a single user gesture
1949         <rdar://problem/26554137>
1950         https://bugs.webkit.org/show_bug.cgi?id=159856
1951
1952         Reviewed by Dan Bernstein.
1953
1954         - Adds a new RefCounted object to represent a unique user gesture, called UserGestureToken.
1955         - Makes UserGestureIndicator track UserGestureToken.
1956         - Refines UserGestureIndicator's interface to use Optional and a smaller enum set
1957           to represent the different initial states.
1958         - Stores UserGestureTokens on objects that want to forward user gesture state (DOMTimer, 
1959           postMessage, and ScheduledNavigation) rather than just a boolean.
1960
1961         * accessibility/AccessibilityNodeObject.cpp:
1962         (WebCore::AccessibilityNodeObject::increment):
1963         (WebCore::AccessibilityNodeObject::decrement):
1964         * accessibility/AccessibilityObject.cpp:
1965         (WebCore::AccessibilityObject::press):
1966         * bindings/js/ScriptController.cpp:
1967         (WebCore::ScriptController::executeScriptInWorld):
1968         (WebCore::ScriptController::executeScript):
1969         Update for new UserGestureIndicator interface.
1970
1971         * dom/UserGestureIndicator.cpp:
1972         (WebCore::currentToken):
1973         (WebCore::UserGestureToken::~UserGestureToken):
1974         (WebCore::UserGestureIndicator::UserGestureIndicator):
1975         (WebCore::UserGestureIndicator::~UserGestureIndicator):
1976         (WebCore::UserGestureIndicator::currentUserGesture):
1977         (WebCore::UserGestureIndicator::processingUserGesture):
1978         (WebCore::UserGestureIndicator::processingUserGestureForMedia):
1979         (WebCore::isDefinite): Deleted.
1980         * dom/UserGestureIndicator.h:
1981         (WebCore::UserGestureToken::create):
1982         (WebCore::UserGestureToken::state):
1983         (WebCore::UserGestureToken::processingUserGesture):
1984         (WebCore::UserGestureToken::processingUserGestureForMedia):
1985         (WebCore::UserGestureToken::addDestructionObserver):
1986         (WebCore::UserGestureToken::UserGestureToken):
1987         Add UserGestureToken and track the current one explicitly.
1988
1989         * html/HTMLMediaElement.cpp:
1990         (WebCore::HTMLMediaElement::didReceiveRemoteControlCommand):
1991         * inspector/InspectorFrontendClientLocal.cpp:
1992         (WebCore::InspectorFrontendClientLocal::openInNewTab):
1993         * inspector/InspectorFrontendHost.cpp:
1994         * inspector/InspectorPageAgent.cpp:
1995         (WebCore::InspectorPageAgent::navigate):
1996         Update for new UserGestureIndicator interface.
1997
1998         * loader/NavigationAction.cpp:
1999         (WebCore::NavigationAction::NavigationAction):
2000         * loader/NavigationAction.h:
2001         (WebCore::NavigationAction::userGestureToken):
2002         (WebCore::NavigationAction::processingUserGesture):
2003         * loader/NavigationScheduler.cpp:
2004         (WebCore::ScheduledNavigation::ScheduledNavigation):
2005         (WebCore::ScheduledNavigation::~ScheduledNavigation):
2006         (WebCore::ScheduledNavigation::lockBackForwardList):
2007         (WebCore::ScheduledNavigation::wasDuringLoad):
2008         (WebCore::ScheduledNavigation::isLocationChange):
2009         (WebCore::ScheduledNavigation::userGestureToForward):
2010         (WebCore::ScheduledNavigation::clearUserGesture):
2011         (WebCore::NavigationScheduler::mustLockBackForwardList):
2012         (WebCore::NavigationScheduler::scheduleFormSubmission):
2013         (WebCore::ScheduledNavigation::wasUserGesture): Deleted.
2014         * page/DOMTimer.cpp:
2015         (WebCore::shouldForwardUserGesture):
2016         (WebCore::userGestureTokenToForward):
2017         (WebCore::DOMTimer::DOMTimer):
2018         (WebCore::DOMTimer::fired):
2019         * page/DOMTimer.h:
2020         * page/DOMWindow.cpp:
2021         (WebCore::PostMessageTimer::PostMessageTimer):
2022         Store the active UserGestureToken rather than just a bit.
2023
2024         * page/EventHandler.cpp:
2025         (WebCore::EventHandler::handleMousePressEvent):
2026         (WebCore::EventHandler::handleMouseDoubleClickEvent):
2027         (WebCore::EventHandler::handleMouseReleaseEvent):
2028         (WebCore::EventHandler::keyEvent):
2029         (WebCore::EventHandler::handleTouchEvent):
2030         * rendering/HitTestResult.cpp:
2031         (WebCore::HitTestResult::toggleMediaFullscreenState):
2032         (WebCore::HitTestResult::enterFullscreenForVideo):
2033         (WebCore::HitTestResult::toggleEnhancedFullscreenForVideo):
2034         Update for new UserGestureIndicator interface.
2035
2036 2016-07-17  Ryosuke Niwa  <rniwa@webkit.org>
2037
2038         Rename fastHasAttribute to hasAttributeWithoutSynchronization
2039         https://bugs.webkit.org/show_bug.cgi?id=159864
2040
2041         Reviewed by Chris Dumez.
2042
2043         Renamed Rename fastHasAttribute to hasAttributeWithoutSynchronization for clarity.
2044
2045         * accessibility/AccessibilityListBoxOption.cpp:
2046         (WebCore::AccessibilityListBoxOption::isEnabled):
2047         * accessibility/AccessibilityObject.cpp:
2048         (WebCore::AccessibilityObject::hasAttribute):
2049         (WebCore::AccessibilityObject::getAttribute):
2050         * accessibility/AccessibilityRenderObject.cpp:
2051         (WebCore::AccessibilityRenderObject::determineAccessibilityRole):
2052         * bindings/scripts/CodeGenerator.pm:
2053         (GetterExpression):
2054         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
2055         * bindings/scripts/test/JS/JSTestObj.cpp:
2056         (WebCore::jsTestObjReflectedBooleanAttr):
2057         (WebCore::jsTestObjReflectedCustomBooleanAttr):
2058         * bindings/scripts/test/ObjC/DOMTestObj.mm:
2059         (-[DOMTestObj reflectedBooleanAttr]):
2060         (-[DOMTestObj setReflectedBooleanAttr:]):
2061         (-[DOMTestObj reflectedCustomBooleanAttr]):
2062         (-[DOMTestObj setReflectedCustomBooleanAttr:]):
2063         * dom/Document.cpp:
2064         (WebCore::Document::hasManifest):
2065         (WebCore::Document::doctype):
2066         * dom/Element.h:
2067         (WebCore::Node::parentElement):
2068         (WebCore::Element::hasAttributeWithoutSynchronization):
2069         (WebCore::Element::fastHasAttribute): Deleted.
2070         * editing/ApplyStyleCommand.cpp:
2071         (WebCore::ApplyStyleCommand::removeEmbeddingUpToEnclosingBlock):
2072         * editing/DeleteSelectionCommand.cpp:
2073         (WebCore::DeleteSelectionCommand::makeStylingElementsDirectChildrenOfEditableRootToPreventStyleLoss):
2074         * editing/markup.cpp:
2075         (WebCore::createMarkupInternal):
2076         * html/ColorInputType.cpp:
2077         (WebCore::ColorInputType::shouldShowSuggestions):
2078         * html/FileInputType.cpp:
2079         (WebCore::FileInputType::handleDOMActivateEvent):
2080         (WebCore::FileInputType::receiveDroppedFiles):
2081         * html/FormAssociatedElement.cpp:
2082         (WebCore::FormAssociatedElement::didMoveToNewDocument):
2083         (WebCore::FormAssociatedElement::insertedInto):
2084         (WebCore::FormAssociatedElement::removedFrom):
2085         (WebCore::FormAssociatedElement::formAttributeChanged):
2086         * html/FormController.cpp:
2087         (WebCore::ownerFormForState):
2088         * html/GenericCachedHTMLCollection.cpp:
2089         (WebCore::GenericCachedHTMLCollection<traversalType>::elementMatches):
2090         * html/HTMLAnchorElement.cpp:
2091         (WebCore::HTMLAnchorElement::draggable):
2092         (WebCore::HTMLAnchorElement::href):
2093         (WebCore::HTMLAnchorElement::sendPings):
2094         * html/HTMLAppletElement.cpp:
2095         (WebCore::HTMLAppletElement::rendererIsNeeded):
2096         * html/HTMLElement.cpp:
2097         (WebCore::HTMLElement::collectStyleForPresentationAttribute):
2098         (WebCore::elementAffectsDirectionality):
2099         (WebCore::setHasDirAutoFlagRecursively):
2100         * html/HTMLEmbedElement.cpp:
2101         (WebCore::HTMLEmbedElement::rendererIsNeeded):
2102         * html/HTMLFieldSetElement.cpp:
2103         (WebCore::updateFromControlElementsAncestorDisabledStateUnder):
2104         (WebCore::HTMLFieldSetElement::disabledAttributeChanged):
2105         (WebCore::HTMLFieldSetElement::disabledStateChanged):
2106         (WebCore::HTMLFieldSetElement::childrenChanged):
2107         * html/HTMLFormControlElement.cpp:
2108         (WebCore::HTMLFormControlElement::formNoValidate):
2109         (WebCore::HTMLFormControlElement::formAction):
2110         (WebCore::HTMLFormControlElement::computeIsDisabledByFieldsetAncestor):
2111         (WebCore::shouldAutofocus):
2112         * html/HTMLFormElement.cpp:
2113         (WebCore::HTMLFormElement::formElementIndex):
2114         (WebCore::HTMLFormElement::noValidate):
2115         * html/HTMLFrameElement.cpp:
2116         (WebCore::HTMLFrameElement::noResize):
2117         (WebCore::HTMLFrameElement::didAttachRenderers):
2118         * html/HTMLFrameElementBase.cpp:
2119         (WebCore::HTMLFrameElementBase::parseAttribute):
2120         (WebCore::HTMLFrameElementBase::location):
2121         * html/HTMLHRElement.cpp:
2122         (WebCore::HTMLHRElement::collectStyleForPresentationAttribute):
2123         * html/HTMLImageElement.cpp:
2124         (WebCore::HTMLImageElement::isServerMap):
2125         * html/HTMLInputElement.cpp:
2126         (WebCore::HTMLInputElement::finishParsingChildren):
2127         (WebCore::HTMLInputElement::matchesDefaultPseudoClass):
2128         (WebCore::HTMLInputElement::isActivatedSubmit):
2129         (WebCore::HTMLInputElement::reset):
2130         (WebCore::HTMLInputElement::multiple):
2131         (WebCore::HTMLInputElement::setSize):
2132         (WebCore::HTMLInputElement::shouldUseMediaCapture):
2133         * html/HTMLMarqueeElement.cpp:
2134         (WebCore::HTMLMarqueeElement::minimumDelay):
2135         * html/HTMLMediaElement.cpp:
2136         (WebCore::HTMLMediaElement::insertedInto):
2137         (WebCore::HTMLMediaElement::selectMediaResource):
2138         (WebCore::HTMLMediaElement::loadResource):
2139         (WebCore::HTMLMediaElement::autoplay):
2140         (WebCore::HTMLMediaElement::preload):
2141         (WebCore::HTMLMediaElement::loop):
2142         (WebCore::HTMLMediaElement::setLoop):
2143         (WebCore::HTMLMediaElement::controls):
2144         (WebCore::HTMLMediaElement::setControls):
2145         (WebCore::HTMLMediaElement::muted):
2146         (WebCore::HTMLMediaElement::setMuted):
2147         (WebCore::HTMLMediaElement::selectNextSourceChild):
2148         (WebCore::HTMLMediaElement::sourceWasAdded):
2149         (WebCore::HTMLMediaElement::mediaSessionTitle):
2150         * html/HTMLObjectElement.cpp:
2151         (WebCore::HTMLObjectElement::parseAttribute):
2152         * html/HTMLOptGroupElement.cpp:
2153         (WebCore::HTMLOptGroupElement::isDisabledFormControl):
2154         (WebCore::HTMLOptGroupElement::isFocusable):
2155         * html/HTMLOptionElement.cpp:
2156         (WebCore::HTMLOptionElement::matchesDefaultPseudoClass):
2157         (WebCore::HTMLOptionElement::text):
2158         * html/HTMLProgressElement.cpp:
2159         (WebCore::HTMLProgressElement::isDeterminate):
2160         (WebCore::HTMLProgressElement::didElementStateChange):
2161         * html/HTMLScriptElement.cpp:
2162         (WebCore::HTMLScriptElement::async):
2163         (WebCore::HTMLScriptElement::setCrossOrigin):
2164         (WebCore::HTMLScriptElement::asyncAttributeValue):
2165         (WebCore::HTMLScriptElement::deferAttributeValue):
2166         (WebCore::HTMLScriptElement::hasSourceAttribute):
2167         (WebCore::HTMLScriptElement::dispatchLoadEvent):
2168         * html/HTMLSelectElement.cpp:
2169         (WebCore::HTMLSelectElement::reset):
2170         * html/HTMLTrackElement.cpp:
2171         (WebCore::HTMLTrackElement::isDefault):
2172         (WebCore::HTMLTrackElement::ensureTrack):
2173         (WebCore::HTMLTrackElement::loadTimerFired):
2174         * html/MediaElementSession.cpp:
2175         (WebCore::MediaElementSession::wirelessVideoPlaybackDisabled):
2176         (WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):
2177         (WebCore::MediaElementSession::allowsAutomaticMediaDataLoading):
2178         * html/SearchInputType.cpp:
2179         (WebCore::SearchInputType::searchEventsShouldBeDispatched):
2180         (WebCore::SearchInputType::didSetValueByUserEdit):
2181         * inspector/InspectorDOMAgent.cpp:
2182         (WebCore::InspectorDOMAgent::buildObjectForNode):
2183         * loader/FrameLoader.cpp:
2184         (WebCore::FrameLoader::shouldTreatURLAsSrcdocDocument):
2185         (WebCore::FrameLoader::findFrameForNavigation):
2186         * loader/ImageLoader.cpp:
2187         (WebCore::ImageLoader::notifyFinished):
2188         * mathml/MathMLSelectElement.cpp:
2189         (WebCore::MathMLSelectElement::getSelectedSemanticsChild):
2190         * rendering/RenderTableCell.cpp:
2191         (WebCore::RenderTableCell::computePreferredLogicalWidths):
2192         * rendering/RenderThemeIOS.mm:
2193         (WebCore::RenderThemeIOS::adjustMenuListButtonStyle):
2194         * rendering/SimpleLineLayout.cpp:
2195         (WebCore::SimpleLineLayout::canUseForWithReason):
2196         * rendering/svg/RenderSVGResourceClipper.cpp:
2197         (WebCore::RenderSVGResourceClipper::drawContentIntoMaskImage):
2198         * svg/SVGAnimateMotionElement.cpp:
2199         (WebCore::SVGAnimateMotionElement::updateAnimationPath):
2200         * svg/SVGAnimationElement.cpp:
2201         (WebCore::SVGAnimationElement::startedActiveInterval):
2202         (WebCore::SVGAnimationElement::updateAnimation):
2203         * svg/animation/SVGSMILElement.cpp:
2204         (WebCore::SVGSMILElement::insertedInto):
2205
2206 2016-07-17  Brady Eidson  <beidson@apple.com>
2207
2208         Exceptions logged to the JS console should use toString().
2209         https://bugs.webkit.org/show_bug.cgi?id=159855
2210
2211         Reviewed by Darin Adler.
2212
2213         No new tests (No change in behavior).
2214
2215         * bindings/js/JSDOMBinding.cpp:
2216         (WebCore::reportException):
2217
2218         * dom/DOMCoreException.h:
2219         (WebCore::DOMCoreException::DOMCoreException):
2220
2221         * dom/ExceptionBase.cpp:
2222         (WebCore::ExceptionBase::ExceptionBase):
2223         (WebCore::ExceptionBase::toString):
2224         (WebCore::ExceptionBase::consoleErrorMessage): Deleted.
2225         * dom/ExceptionBase.h:
2226         (WebCore::ExceptionBase::description): Deleted.
2227
2228         * svg/SVGException.h:
2229
2230         * xml/XPathException.h:
2231         (WebCore::XPathException::XPathException):
2232
2233 2016-07-17  Brady Eidson  <beidson@apple.com>
2234
2235         Update DOMCoreException to use the description in toString().
2236         https://bugs.webkit.org/show_bug.cgi?id=159857
2237
2238         Reviewed by Darin Adler.
2239
2240         No new tests (Covered by changes to existing tests).
2241
2242         * bindings/js/JSDOMBinding.cpp:
2243         (WebCore::createDOMException):
2244
2245         * dom/DOMCoreException.h:
2246         (WebCore::DOMCoreException::DOMCoreException):
2247         (WebCore::DOMCoreException::createWithDescriptionAsMessage): Deleted.
2248
2249 2016-07-17  Myles C. Maxfield  <mmaxfield@apple.com>
2250
2251         Support new emoji group candidates
2252         https://bugs.webkit.org/show_bug.cgi?id=159755
2253         <rdar://problem/27325521>
2254
2255         Reviewed by Dean Jackson.
2256
2257         There are a few code points which should be able to be joined (with ZWJ) to
2258         either U+2640 or U+2642 to change the gender of the emoji. These patterns
2259         should also work with an additional 0xFE0F variation selector. This patch
2260         adds these new patterns to our existing emoji group candidate infrastructure.
2261
2262         Tests: fast/text/emoji-gender-2-3.html
2263                fast/text/emoji-gender-2-4.html
2264                fast/text/emoji-gender-2-5.html
2265                fast/text/emoji-gender-2-6.html
2266                fast/text/emoji-gender-2-7.html
2267                fast/text/emoji-gender-2-8.html
2268                fast/text/emoji-gender-2-9.html
2269                fast/text/emoji-gender-2.html
2270                fast/text/emoji-gender-3.html
2271                fast/text/emoji-gender-4.html
2272                fast/text/emoji-gender-5.html
2273                fast/text/emoji-gender-6.html
2274                fast/text/emoji-gender-7.html
2275                fast/text/emoji-gender-8.html
2276                fast/text/emoji-gender-9.html
2277                fast/text/emoji-gender-fe0f-3.html
2278                fast/text/emoji-gender-fe0f-4.html
2279                fast/text/emoji-gender-fe0f-5.html
2280                fast/text/emoji-gender-fe0f-6.html
2281                fast/text/emoji-gender-fe0f-7.html
2282                fast/text/emoji-gender-fe0f-8.html
2283                fast/text/emoji-gender-fe0f-9.html
2284                fast/text/emoji-gender.html
2285                fast/text/emoji-num-glyphs.html
2286                fast/text/emoji-single-parent-family-2.html
2287                fast/text/emoji-single-parent-family.html
2288
2289         * platform/graphics/mac/ComplexTextControllerCoreText.mm:
2290         (WebCore::ComplexTextController::ComplexTextRun::ComplexTextRun): Removed incorrect ASSERT()s.
2291         * platform/graphics/FontCascade.cpp:
2292         (WebCore::FontCascade::characterRangeCodePath):
2293         * platform/text/CharacterProperties.h:
2294         (WebCore::isEmojiGroupCandidate):
2295
2296 2016-07-16  Brady Eidson  <beidson@apple.com>
2297
2298         Update SVGException to use the description in toString().
2299         https://bugs.webkit.org/show_bug.cgi?id=159847
2300
2301         Reviewed by Darin Adler.
2302
2303         No new tests (Covered by changes to existing tests).
2304
2305         * bindings/js/JSDOMBinding.cpp:
2306         (WebCore::reportException): use consoleErrorMessage for now.
2307
2308         * dom/ExceptionBase.cpp:
2309         (WebCore::ExceptionBase::consoleErrorMessage):
2310         * dom/ExceptionBase.h:
2311
2312         * svg/SVGException.h:
2313
2314 2016-07-16  Chris Dumez  <cdumez@apple.com>
2315
2316         Use fastHasAttribute() when possible
2317         https://bugs.webkit.org/show_bug.cgi?id=159838
2318
2319         Reviewed by Ryosuke Niwa.
2320
2321         Use fastHasAttribute() when possible, for performance.
2322
2323         * editing/DeleteSelectionCommand.cpp:
2324         (WebCore::DeleteSelectionCommand::makeStylingElementsDirectChildrenOfEditableRootToPreventStyleLoss):
2325         * editing/markup.cpp:
2326         (WebCore::createMarkupInternal):
2327         * html/HTMLAnchorElement.cpp:
2328         (WebCore::HTMLAnchorElement::draggable):
2329         * html/HTMLFrameElementBase.cpp:
2330         (WebCore::HTMLFrameElementBase::parseAttribute):
2331         * mathml/MathMLSelectElement.cpp:
2332         (WebCore::MathMLSelectElement::getSelectedSemanticsChild):
2333         * rendering/RenderThemeIOS.mm:
2334         (WebCore::RenderThemeIOS::adjustMenuListButtonStyle):
2335
2336 2016-07-16  Ryosuke Niwa  <rniwa@webkit.org>
2337
2338         Rename fastGetAttribute to attributeWithoutSynchronization
2339         https://bugs.webkit.org/show_bug.cgi?id=159852
2340
2341         Reviewed by Darin Adler.
2342
2343         Renamed fastGetAttribute to attributeWithoutSynchronization for clarity.
2344
2345         * accessibility/AXObjectCache.cpp:
2346         (WebCore::AXObjectCache::findAriaModalNodes):
2347         (WebCore::nodeHasRole):
2348         (WebCore::AXObjectCache::handleLiveRegionCreated):
2349         (WebCore::AXObjectCache::handleMenuItemSelected):
2350         (WebCore::AXObjectCache::handleAriaModalChange):
2351         (WebCore::isNodeAriaVisible):
2352         * accessibility/AccessibilityNodeObject.cpp:
2353         (WebCore::siblingWithAriaRole):
2354         (WebCore::AccessibilityNodeObject::titleElementText):
2355         (WebCore::AccessibilityNodeObject::alternativeTextForWebArea):
2356         (WebCore::AccessibilityNodeObject::hierarchicalLevel):
2357         (WebCore::AccessibilityNodeObject::stringValue):
2358         (WebCore::accessibleNameForNode):
2359         * accessibility/AccessibilityObject.cpp:
2360         (WebCore::AccessibilityObject::contentEditableAttributeIsEnabled):
2361         (WebCore::AccessibilityObject::getAttribute):
2362         * accessibility/AccessibilityRenderObject.cpp:
2363         (WebCore::AccessibilityRenderObject::stringValue):
2364         (WebCore::AccessibilityRenderObject::exposesTitleUIElement):
2365         * accessibility/AccessibilitySVGElement.cpp:
2366         (WebCore::AccessibilitySVGElement::childElementWithMatchingLanguage):
2367         (WebCore::AccessibilitySVGElement::accessibilityDescription):
2368         * bindings/objc/DOM.mm:
2369         (-[DOMHTMLLinkElement _mediaQueryMatches]):
2370         * bindings/scripts/CodeGenerator.pm:
2371         (GetterExpression):
2372         * bindings/scripts/CodeGeneratorObjC.pm:
2373         (GenerateImplementation):
2374         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
2375         * bindings/scripts/test/JS/JSTestObj.cpp:
2376         (WebCore::jsTestObjReflectedStringAttr):
2377         * dom/AuthorStyleSheets.cpp:
2378         (WebCore::AuthorStyleSheets::collectActiveStyleSheets):
2379         * dom/Document.cpp:
2380         (WebCore::Document::buildAccessKeyMap):
2381         (WebCore::Document::processBaseElement):
2382         * dom/DocumentOrderedMap.cpp:
2383         (WebCore::DocumentOrderedMap::getElementByLabelForAttribute):
2384         * dom/Element.cpp:
2385         (WebCore::Element::imageSourceURL):
2386         (WebCore::Element::rendererIsNeeded):
2387         (WebCore::Element::insertedInto):
2388         (WebCore::Element::removedFrom):
2389         (WebCore::Element::pseudo):
2390         (WebCore::Element::setPseudo):
2391         (WebCore::Element::spellcheckAttributeState):
2392         (WebCore::Element::canContainRangeEndPoint):
2393         (WebCore::Element::completeURLsInAttributeValue):
2394         * dom/Element.h:
2395         (WebCore::Element::fastHasAttribute):
2396         (WebCore::Element::attributeWithoutSynchronization):
2397         (WebCore::Element::fastGetAttribute): Deleted.
2398         * dom/InlineStyleSheetOwner.cpp:
2399         (WebCore::InlineStyleSheetOwner::createSheet):
2400         * dom/ScriptElement.cpp:
2401         (WebCore::ScriptElement::requestScript):
2402         (WebCore::ScriptElement::executeScript):
2403         * dom/SlotAssignment.cpp:
2404         (WebCore::slotNameFromSlotAttribute):
2405         (WebCore::SlotAssignment::SlotAssignment):
2406         (WebCore::recursivelyFireSlotChangeEvent):
2407         (WebCore::SlotAssignment::didChangeSlot):
2408         (WebCore::SlotAssignment::hostChildElementDidChange):
2409         (WebCore::SlotAssignment::assignedNodesForSlot):
2410         (WebCore::SlotAssignment::resolveAllSlotElements):
2411         * dom/TreeScope.cpp:
2412         (WebCore::TreeScope::labelElementForId):
2413         * dom/VisitedLinkState.cpp:
2414         (WebCore::linkAttribute):
2415         * editing/ApplyStyleCommand.cpp:
2416         (WebCore::isLegacyAppleStyleSpan):
2417         (WebCore::hasNoAttributeOrOnlyStyleAttribute):
2418         * editing/EditingStyle.cpp:
2419         (WebCore::EditingStyle::elementIsStyledSpanOrHTMLEquivalent):
2420         * editing/ReplaceSelectionCommand.cpp:
2421         (WebCore::isInterchangeNewlineNode):
2422         (WebCore::isInterchangeConvertedSpaceSpan):
2423         (WebCore::positionAvoidingPrecedingNodes):
2424         (WebCore::isMailPasteAsQuotationNode):
2425         (WebCore::isHeaderElement):
2426         (WebCore::isInlineNodeWithStyle):
2427         * editing/TextIterator.cpp:
2428         (WebCore::isRendererReplacedElement):
2429         * editing/cocoa/DataDetection.mm:
2430         (WebCore::DataDetection::isDataDetectorLink):
2431         (WebCore::DataDetection::requiresExtendedContext):
2432         (WebCore::DataDetection::dataDetectorIdentifier):
2433         (WebCore::DataDetection::shouldCancelDefaultAction):
2434         (WebCore::removeResultLinksFromAnchor):
2435         (WebCore::searchForLinkRemovingExistingDDLinks):
2436         * editing/gtk/EditorGtk.cpp:
2437         (WebCore::elementURL):
2438         * editing/htmlediting.cpp:
2439         (WebCore::isTabSpanNode):
2440         (WebCore::isTabSpanTextNode):
2441         (WebCore::isMailBlockquote):
2442         (WebCore::caretMinOffset):
2443         * editing/markup.cpp:
2444         (WebCore::createFragmentFromMarkup):
2445         * html/Autofill.cpp:
2446         (WebCore::AutofillData::createFromHTMLFormControlElement):
2447         * html/BaseTextInputType.cpp:
2448         (WebCore::BaseTextInputType::patternMismatch):
2449         * html/DateInputType.cpp:
2450         (WebCore::DateInputType::createStepRange):
2451         * html/DateTimeInputType.cpp:
2452         (WebCore::DateTimeInputType::createStepRange):
2453         * html/DateTimeLocalInputType.cpp:
2454         (WebCore::DateTimeLocalInputType::createStepRange):
2455         * html/FormAssociatedElement.cpp:
2456         (WebCore::FormAssociatedElement::findAssociatedForm):
2457         (WebCore::FormAssociatedElement::resetFormAttributeTargetObserver):
2458         (WebCore::FormAssociatedElement::formAttributeTargetChanged):
2459         * html/HTMLAnchorElement.cpp:
2460         (WebCore::HTMLAnchorElement::draggable):
2461         (WebCore::HTMLAnchorElement::href):
2462         (WebCore::HTMLAnchorElement::setHref):
2463         (WebCore::HTMLAnchorElement::target):
2464         (WebCore::HTMLAnchorElement::origin):
2465         (WebCore::HTMLAnchorElement::sendPings):
2466         (WebCore::HTMLAnchorElement::handleClick):
2467         * html/HTMLAnchorElement.h:
2468         (WebCore::HTMLAnchorElement::visitedLinkHash):
2469         * html/HTMLAppletElement.cpp:
2470         (WebCore::HTMLAppletElement::updateWidget):
2471         * html/HTMLAreaElement.cpp:
2472         (WebCore::HTMLAreaElement::target):
2473         * html/HTMLAttachmentElement.cpp:
2474         (WebCore::HTMLAttachmentElement::attachmentTitle):
2475         (WebCore::HTMLAttachmentElement::attachmentType):
2476         * html/HTMLBaseElement.cpp:
2477         (WebCore::HTMLBaseElement::target):
2478         (WebCore::HTMLBaseElement::href):
2479         * html/HTMLBodyElement.cpp:
2480         (WebCore::HTMLBodyElement::addSubresourceAttributeURLs):
2481         * html/HTMLButtonElement.cpp:
2482         (WebCore::HTMLButtonElement::value):
2483         (WebCore::HTMLButtonElement::computeWillValidate):
2484         * html/HTMLCanvasElement.cpp:
2485         (WebCore::HTMLCanvasElement::reset):
2486         * html/HTMLDocument.cpp:
2487         (WebCore::HTMLDocument::bgColor):
2488         (WebCore::HTMLDocument::setBgColor):
2489         (WebCore::HTMLDocument::fgColor):
2490         (WebCore::HTMLDocument::setFgColor):
2491         (WebCore::HTMLDocument::alinkColor):
2492         (WebCore::HTMLDocument::setAlinkColor):
2493         (WebCore::HTMLDocument::linkColor):
2494         (WebCore::HTMLDocument::setLinkColor):
2495         (WebCore::HTMLDocument::vlinkColor):
2496         (WebCore::HTMLDocument::setVlinkColor):
2497         * html/HTMLElement.cpp:
2498         (WebCore::contentEditableType):
2499         (WebCore::HTMLElement::collectStyleForPresentationAttribute):
2500         (WebCore::HTMLElement::dir):
2501         (WebCore::HTMLElement::setDir):
2502         (WebCore::HTMLElement::draggable):
2503         (WebCore::HTMLElement::setDraggable):
2504         (WebCore::HTMLElement::title):
2505         (WebCore::HTMLElement::tabIndex):
2506         (WebCore::HTMLElement::translateAttributeMode):
2507         (WebCore::HTMLElement::hasDirectionAuto):
2508         (WebCore::HTMLElement::directionality):
2509         * html/HTMLEmbedElement.cpp:
2510         (WebCore::HTMLEmbedElement::imageSourceURL):
2511         (WebCore::HTMLEmbedElement::addSubresourceAttributeURLs):
2512         * html/HTMLFormControlElement.cpp:
2513         (WebCore::HTMLFormControlElement::formEnctype):
2514         (WebCore::HTMLFormControlElement::formMethod):
2515         (WebCore::HTMLFormControlElement::formAction):
2516         (WebCore::HTMLFormControlElement::autocorrect):
2517         (WebCore::HTMLFormControlElement::autocapitalizeType):
2518         * html/HTMLFormElement.cpp:
2519         (WebCore::HTMLFormElement::autocorrect):
2520         (WebCore::HTMLFormElement::autocapitalizeType):
2521         (WebCore::HTMLFormElement::autocapitalize):
2522         (WebCore::HTMLFormElement::action):
2523         (WebCore::HTMLFormElement::setAction):
2524         (WebCore::HTMLFormElement::target):
2525         (WebCore::HTMLFormElement::wasUserSubmitted):
2526         (WebCore::HTMLFormElement::shouldAutocomplete):
2527         (WebCore::HTMLFormElement::finishParsingChildren):
2528         (WebCore::HTMLFormElement::autocomplete):
2529         * html/HTMLFrameElementBase.cpp:
2530         (WebCore::HTMLFrameElementBase::location):
2531         (WebCore::HTMLFrameElementBase::setLocation):
2532         * html/HTMLHtmlElement.cpp:
2533         (WebCore::HTMLHtmlElement::insertedByParser):
2534         * html/HTMLImageElement.cpp:
2535         (WebCore::HTMLImageElement::imageSourceURL):
2536         (WebCore::HTMLImageElement::setBestFitURLAndDPRFromImageCandidate):
2537         (WebCore::HTMLImageElement::bestFitSourceFromPictureElement):
2538         (WebCore::HTMLImageElement::selectImageSource):
2539         (WebCore::HTMLImageElement::altText):
2540         (WebCore::HTMLImageElement::createElementRenderer):
2541         (WebCore::HTMLImageElement::width):
2542         (WebCore::HTMLImageElement::height):
2543         (WebCore::HTMLImageElement::alt):
2544         (WebCore::HTMLImageElement::draggable):
2545         (WebCore::HTMLImageElement::setHeight):
2546         (WebCore::HTMLImageElement::src):
2547         (WebCore::HTMLImageElement::setSrc):
2548         (WebCore::HTMLImageElement::addSubresourceAttributeURLs):
2549         (WebCore::HTMLImageElement::didMoveToNewDocument):
2550         (WebCore::HTMLImageElement::isServerMap):
2551         (WebCore::HTMLImageElement::crossOrigin):
2552         * html/HTMLInputElement.cpp:
2553         (WebCore::HTMLInputElement::updateType):
2554         (WebCore::HTMLInputElement::initializeInputType):
2555         (WebCore::HTMLInputElement::altText):
2556         (WebCore::HTMLInputElement::value):
2557         (WebCore::HTMLInputElement::defaultValue):
2558         (WebCore::HTMLInputElement::setDefaultValue):
2559         (WebCore::HTMLInputElement::acceptMIMETypes):
2560         (WebCore::HTMLInputElement::acceptFileExtensions):
2561         (WebCore::HTMLInputElement::accept):
2562         (WebCore::HTMLInputElement::alt):
2563         (WebCore::HTMLInputElement::effectiveMaxLength):
2564         (WebCore::HTMLInputElement::src):
2565         (WebCore::HTMLInputElement::setAutoFilled):
2566         (WebCore::HTMLInputElement::dataList):
2567         (WebCore::HTMLInputElement::resetListAttributeTargetObserver):
2568         * html/HTMLKeygenElement.cpp:
2569         (WebCore::HTMLKeygenElement::isKeytypeRSA):
2570         (WebCore::HTMLKeygenElement::appendFormData):
2571         * html/HTMLLIElement.cpp:
2572         (WebCore::HTMLLIElement::didAttachRenderers):
2573         (WebCore::HTMLLIElement::parseValue):
2574         * html/HTMLLabelElement.cpp:
2575         (WebCore::HTMLLabelElement::control):
2576         * html/HTMLLinkElement.cpp:
2577         (WebCore::HTMLLinkElement::crossOrigin):
2578         (WebCore::HTMLLinkElement::process):
2579         (WebCore::HTMLLinkElement::href):
2580         (WebCore::HTMLLinkElement::rel):
2581         (WebCore::HTMLLinkElement::target):
2582         (WebCore::HTMLLinkElement::type):
2583         (WebCore::HTMLLinkElement::iconType):
2584         * html/HTMLMarqueeElement.cpp:
2585         (WebCore::HTMLMarqueeElement::scrollAmount):
2586         (WebCore::HTMLMarqueeElement::setScrollAmount):
2587         (WebCore::HTMLMarqueeElement::scrollDelay):
2588         (WebCore::HTMLMarqueeElement::setScrollDelay):
2589         (WebCore::HTMLMarqueeElement::loop):
2590         * html/HTMLMediaElement.cpp:
2591         (WebCore::HTMLMediaElement::insertedInto):
2592         (WebCore::HTMLMediaElement::crossOrigin):
2593         (WebCore::HTMLMediaElement::networkState):
2594         (WebCore::HTMLMediaElement::mediaSessionTitle):
2595         (WebCore::HTMLMediaElement::doesHaveAttribute):
2596         * html/HTMLMetaElement.cpp:
2597         (WebCore::HTMLMetaElement::process):
2598         (WebCore::HTMLMetaElement::content):
2599         (WebCore::HTMLMetaElement::httpEquiv):
2600         (WebCore::HTMLMetaElement::name):
2601         * html/HTMLMeterElement.cpp:
2602         (WebCore::HTMLMeterElement::min):
2603         (WebCore::HTMLMeterElement::setMin):
2604         (WebCore::HTMLMeterElement::max):
2605         (WebCore::HTMLMeterElement::setMax):
2606         (WebCore::HTMLMeterElement::value):
2607         (WebCore::HTMLMeterElement::low):
2608         (WebCore::HTMLMeterElement::high):
2609         (WebCore::HTMLMeterElement::optimum):
2610         * html/HTMLObjectElement.cpp:
2611         (WebCore::HTMLObjectElement::shouldAllowQuickTimeClassIdQuirk):
2612         (WebCore::HTMLObjectElement::hasValidClassId):
2613         (WebCore::HTMLObjectElement::imageSourceURL):
2614         (WebCore::HTMLObjectElement::renderFallbackContent):
2615         (WebCore::HTMLObjectElement::containsJavaApplet):
2616         (WebCore::HTMLObjectElement::addSubresourceAttributeURLs):
2617         * html/HTMLOptGroupElement.cpp:
2618         (WebCore::HTMLOptGroupElement::groupLabelText):
2619         * html/HTMLOptionElement.cpp:
2620         (WebCore::HTMLOptionElement::value):
2621         (WebCore::HTMLOptionElement::label):
2622         * html/HTMLParamElement.cpp:
2623         (WebCore::HTMLParamElement::value):
2624         (WebCore::HTMLParamElement::isURLParameter):
2625         * html/HTMLProgressElement.cpp:
2626         (WebCore::HTMLProgressElement::value):
2627         (WebCore::HTMLProgressElement::max):
2628         * html/HTMLScriptElement.cpp:
2629         (WebCore::HTMLScriptElement::crossOrigin):
2630         (WebCore::HTMLScriptElement::src):
2631         (WebCore::HTMLScriptElement::sourceAttributeValue):
2632         (WebCore::HTMLScriptElement::charsetAttributeValue):
2633         (WebCore::HTMLScriptElement::typeAttributeValue):
2634         (WebCore::HTMLScriptElement::languageAttributeValue):
2635         (WebCore::HTMLScriptElement::forAttributeValue):
2636         (WebCore::HTMLScriptElement::eventAttributeValue):
2637         (WebCore::HTMLScriptElement::asyncAttributeValue):
2638         * html/HTMLSlotElement.cpp:
2639         (WebCore::HTMLSlotElement::insertedInto):
2640         (WebCore::HTMLSlotElement::removedFrom):
2641         * html/HTMLSourceElement.cpp:
2642         (WebCore::HTMLSourceElement::media):
2643         (WebCore::HTMLSourceElement::setMedia):
2644         (WebCore::HTMLSourceElement::type):
2645         (WebCore::HTMLSourceElement::setType):
2646         * html/HTMLTableCellElement.cpp:
2647         (WebCore::HTMLTableCellElement::colSpanForBindings):
2648         (WebCore::HTMLTableCellElement::rowSpan):
2649         (WebCore::HTMLTableCellElement::rowSpanForBindings):
2650         (WebCore::HTMLTableCellElement::cellIndex):
2651         (WebCore::HTMLTableCellElement::abbr):
2652         (WebCore::HTMLTableCellElement::axis):
2653         (WebCore::HTMLTableCellElement::setColSpanForBindings):
2654         (WebCore::HTMLTableCellElement::headers):
2655         (WebCore::HTMLTableCellElement::setRowSpanForBindings):
2656         (WebCore::HTMLTableCellElement::scope):
2657         (WebCore::HTMLTableCellElement::addSubresourceAttributeURLs):
2658         (WebCore::HTMLTableCellElement::cellAbove):
2659         * html/HTMLTableColElement.cpp:
2660         (WebCore::HTMLTableColElement::width):
2661         * html/HTMLTableElement.cpp:
2662         (WebCore::HTMLTableElement::rules):
2663         (WebCore::HTMLTableElement::summary):
2664         (WebCore::HTMLTableElement::addSubresourceAttributeURLs):
2665         * html/HTMLTableSectionElement.cpp:
2666         (WebCore::HTMLTableSectionElement::align):
2667         (WebCore::HTMLTableSectionElement::setAlign):
2668         (WebCore::HTMLTableSectionElement::ch):
2669         (WebCore::HTMLTableSectionElement::setCh):
2670         (WebCore::HTMLTableSectionElement::chOff):
2671         (WebCore::HTMLTableSectionElement::setChOff):
2672         (WebCore::HTMLTableSectionElement::vAlign):
2673         (WebCore::HTMLTableSectionElement::setVAlign):
2674         * html/HTMLTextAreaElement.cpp:
2675         (WebCore::HTMLTextAreaElement::appendFormData):
2676         * html/HTMLTextFormControlElement.cpp:
2677         (WebCore::HTMLTextFormControlElement::strippedPlaceholder):
2678         (WebCore::HTMLTextFormControlElement::isPlaceholderEmpty):
2679         (WebCore::HTMLTextFormControlElement::directionForFormData):
2680         * html/HTMLTrackElement.cpp:
2681         (WebCore::HTMLTrackElement::srclang):
2682         (WebCore::HTMLTrackElement::label):
2683         (WebCore::HTMLTrackElement::isDefault):
2684         (WebCore::HTMLTrackElement::ensureTrack):
2685         (WebCore::HTMLTrackElement::mediaElementCrossOriginAttribute):
2686         * html/HTMLVideoElement.cpp:
2687         (WebCore::HTMLVideoElement::parseAttribute):
2688         (WebCore::HTMLVideoElement::imageSourceURL):
2689         * html/ImageInputType.cpp:
2690         (WebCore::ImageInputType::height):
2691         (WebCore::ImageInputType::width):
2692         * html/InputType.cpp:
2693         (WebCore::InputType::applyStep):
2694         * html/MediaElementSession.cpp:
2695         (WebCore::MediaElementSession::wirelessVideoPlaybackDisabled):
2696         * html/MonthInputType.cpp:
2697         (WebCore::MonthInputType::createStepRange):
2698         * html/NumberInputType.cpp:
2699         (WebCore::NumberInputType::createStepRange):
2700         (WebCore::NumberInputType::sizeShouldIncludeDecoration):
2701         * html/RangeInputType.cpp:
2702         (WebCore::RangeInputType::createStepRange):
2703         (WebCore::RangeInputType::handleKeydownEvent):
2704         * html/TextFieldInputType.cpp:
2705         (WebCore::TextFieldInputType::appendFormData):
2706         (WebCore::TextFieldInputType::updateAutoFillButton):
2707         * html/TimeInputType.cpp:
2708         (WebCore::TimeInputType::createStepRange):
2709         * html/ValidationMessage.cpp:
2710         (WebCore::ValidationMessage::updateValidationMessage):
2711         * html/WeekInputType.cpp:
2712         (WebCore::WeekInputType::createStepRange):
2713         * html/track/WebVTTElement.cpp:
2714         (WebCore::WebVTTElement::createEquivalentHTMLElement):
2715         * inspector/InspectorPageAgent.cpp:
2716         (WebCore::InspectorPageAgent::buildObjectForFrame):
2717         * loader/FormSubmission.cpp:
2718         (WebCore::FormSubmission::create):
2719         * loader/FrameLoader.cpp:
2720         (WebCore::FrameLoader::defaultSubstituteDataForURL):
2721         * loader/ImageLoader.cpp:
2722         (WebCore::ImageLoader::updateFromElement):
2723         * loader/SubframeLoader.cpp:
2724         (WebCore::SubframeLoader::isPluginContentAllowedByContentSecurityPolicy):
2725         * mathml/MathMLElement.cpp:
2726         (WebCore::MathMLElement::colSpan):
2727         (WebCore::MathMLElement::rowSpan):
2728         (WebCore::MathMLElement::childShouldCreateRenderer):
2729         (WebCore::MathMLElement::defaultEventHandler):
2730         (WebCore::MathMLElement::cachedMathMLLength):
2731         * mathml/MathMLFractionElement.cpp:
2732         (WebCore::MathMLFractionElement::lineThickness):
2733         (WebCore::MathMLFractionElement::cachedFractionAlignment):
2734         * mathml/MathMLSelectElement.cpp:
2735         (WebCore::MathMLSelectElement::getSelectedActionChildAndIndex):
2736         (WebCore::MathMLSelectElement::getSelectedActionChild):
2737         (WebCore::MathMLSelectElement::getSelectedSemanticsChild):
2738         (WebCore::MathMLSelectElement::defaultEventHandler):
2739         (WebCore::MathMLSelectElement::willRespondToMouseClickEvents):
2740         (WebCore::MathMLSelectElement::toggle):
2741         * page/EventHandler.cpp:
2742         (WebCore::findDropZone):
2743         * page/Frame.cpp:
2744         (WebCore::Frame::matchLabelsAgainstElement):
2745         * page/PageSerializer.cpp:
2746         (WebCore::PageSerializer::serializeFrame):
2747         * platform/win/PasteboardWin.cpp:
2748         (WebCore::Pasteboard::writeImageToDataObject):
2749         * rendering/HitTestResult.cpp:
2750         (WebCore::HitTestResult::altDisplayString):
2751         * rendering/RenderDetailsMarker.cpp:
2752         (WebCore::RenderDetailsMarker::isOpen):
2753         * rendering/RenderImage.cpp:
2754         (WebCore::RenderImage::imageMap):
2755         (WebCore::RenderImage::nodeAtPoint):
2756         * rendering/RenderMenuList.cpp:
2757         (RenderMenuList::itemAccessibilityText):
2758         (RenderMenuList::itemToolTip):
2759         * rendering/RenderSearchField.cpp:
2760         (WebCore::RenderSearchField::autosaveName):
2761         * rendering/RenderThemeIOS.mm:
2762         (WebCore::getAttachmentProgress):
2763         (WebCore::AttachmentInfo::AttachmentInfo):
2764         * rendering/RenderThemeMac.mm:
2765         (WebCore::AttachmentLayout::layOutSubtitle):
2766         (WebCore::RenderThemeMac::paintAttachment):
2767         * rendering/mathml/MathMLStyle.cpp:
2768         (WebCore::MathMLStyle::resolveMathMLStyle):
2769         * rendering/mathml/RenderMathMLFenced.cpp:
2770         (WebCore::RenderMathMLFenced::updateFromElement):
2771         * rendering/mathml/RenderMathMLOperator.cpp:
2772         (WebCore::RenderMathMLOperator::setOperatorFlagFromAttribute):
2773         (WebCore::RenderMathMLOperator::setOperatorFlagFromAttributeValue):
2774         (WebCore::RenderMathMLOperator::setOperatorProperties):
2775         * rendering/mathml/RenderMathMLScripts.cpp:
2776         (WebCore::RenderMathMLScripts::getScriptMetricsAndLayoutIfNeeded):
2777         * rendering/mathml/RenderMathMLUnderOver.cpp:
2778         (WebCore::RenderMathMLUnderOver::hasAccent):
2779         * style/StyleSharingResolver.cpp:
2780         (WebCore::Style::SharingResolver::canShareStyleWithElement):
2781         (WebCore::Style::SharingResolver::sharingCandidateHasIdenticalStyleAffectingAttributes):
2782         * svg/SVGAElement.cpp:
2783         (WebCore::SVGAElement::title):
2784         (WebCore::SVGAElement::defaultEventHandler):
2785         * svg/SVGAltGlyphElement.cpp:
2786         (WebCore::SVGAltGlyphElement::glyphRef):
2787         (WebCore::SVGAltGlyphElement::setFormat):
2788         (WebCore::SVGAltGlyphElement::format):
2789         (WebCore::SVGAltGlyphElement::childShouldCreateRenderer):
2790         * svg/SVGAnimationElement.cpp:
2791         (WebCore::SVGAnimationElement::toValue):
2792         (WebCore::SVGAnimationElement::byValue):
2793         (WebCore::SVGAnimationElement::fromValue):
2794         (WebCore::SVGAnimationElement::isAdditive):
2795         (WebCore::SVGAnimationElement::isAccumulated):
2796         * svg/SVGElement.cpp:
2797         (WebCore::SVGElement::xmlbase):
2798         (WebCore::SVGElement::setXmlbase):
2799         * svg/SVGFontFaceElement.cpp:
2800         (WebCore::SVGFontFaceElement::unitsPerEm):
2801         (WebCore::SVGFontFaceElement::xHeight):
2802         (WebCore::SVGFontFaceElement::capHeight):
2803         (WebCore::SVGFontFaceElement::horizontalOriginX):
2804         (WebCore::SVGFontFaceElement::horizontalOriginY):
2805         (WebCore::SVGFontFaceElement::horizontalAdvanceX):
2806         (WebCore::SVGFontFaceElement::verticalOriginX):
2807         (WebCore::SVGFontFaceElement::verticalOriginY):
2808         (WebCore::SVGFontFaceElement::verticalAdvanceY):
2809         (WebCore::SVGFontFaceElement::ascent):
2810         (WebCore::SVGFontFaceElement::descent):
2811         * svg/SVGFontFaceNameElement.cpp:
2812         (WebCore::SVGFontFaceNameElement::srcValue):
2813         * svg/SVGFontFaceUriElement.cpp:
2814         (WebCore::SVGFontFaceUriElement::srcValue):
2815         * svg/SVGGlyphRefElement.cpp:
2816         (WebCore::SVGGlyphRefElement::glyphRef):
2817         (WebCore::SVGGlyphRefElement::setGlyphRef):
2818         * svg/SVGHKernElement.cpp:
2819         (WebCore::SVGHKernElement::buildHorizontalKerningPair):
2820         * svg/SVGSVGElement.cpp:
2821         (WebCore::SVGSVGElement::contentScriptType):
2822         (WebCore::SVGSVGElement::contentStyleType):
2823         * svg/SVGStyleElement.cpp:
2824         (WebCore::SVGStyleElement::media):
2825         (WebCore::SVGStyleElement::title):
2826         (WebCore::SVGStyleElement::setTitle):
2827         * svg/SVGToOTFFontConversion.cpp:
2828         (WebCore::SVGToOTFFontConverter::appendOS2Table):
2829         (WebCore::SVGToOTFFontConverter::appendCFFTable):
2830         (WebCore::SVGToOTFFontConverter::appendArabicReplacementSubtable):
2831         (WebCore::SVGToOTFFontConverter::appendVORGTable):
2832         (WebCore::SVGToOTFFontConverter::transcodeGlyphPaths):
2833         (WebCore::SVGToOTFFontConverter::processGlyphElement):
2834         (WebCore::SVGToOTFFontConverter::compareCodepointsLexicographically):
2835         (WebCore::SVGToOTFFontConverter::SVGToOTFFontConverter):
2836         * svg/SVGVKernElement.cpp:
2837         (WebCore::SVGVKernElement::buildVerticalKerningPair):
2838         * svg/animation/SVGSMILElement.cpp:
2839         (WebCore::SVGSMILElement::insertedInto):
2840         (WebCore::SVGSMILElement::parseAttribute):
2841         (WebCore::SVGSMILElement::svgAttributeChanged):
2842         (WebCore::SVGSMILElement::restart):
2843         (WebCore::SVGSMILElement::fill):
2844         (WebCore::SVGSMILElement::dur):
2845         (WebCore::SVGSMILElement::repeatDur):
2846         (WebCore::SVGSMILElement::repeatCount):
2847         (WebCore::SVGSMILElement::maxValue):
2848         (WebCore::SVGSMILElement::minValue):
2849
2850 2016-07-16  Carlos Garcia Campos  <cgarcia@igalia.com>
2851
2852         ASSERTION FAILED: isMainThread() in ~UniqueIDBDatabase() since r201997
2853         https://bugs.webkit.org/show_bug.cgi?id=159809
2854
2855         Reviewed by Brady Eidson.
2856
2857         In r201997 the UniqueIDBDatabase was protected in executeNextDatabaseTask() because the last reference could be
2858         removed while the task is performed. However UniqueIDBDatabase is expected to be deleted in the main thread, and
2859         the destructor asserts when not called in the main thread, but executeNextDatabaseTask() is always called on a
2860         secondary thread. So, if the protector contains the last reference, the object is deleted in the secondary thread.
2861
2862         * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
2863         (WebCore::IDBServer::UniqueIDBDatabase::executeNextDatabaseTask): Use callOnMainThread to ensure the object is
2864         deleted in the main thread in case the protector contains the last reference.
2865
2866 2016-07-15  Chris Dumez  <cdumez@apple.com>
2867
2868         Use emptyString() / nullAtom when possible
2869         https://bugs.webkit.org/show_bug.cgi?id=159850
2870
2871         Reviewed by Ryosuke Niwa.
2872
2873         Use emptyString() / nullAtom when possible, for performance.
2874
2875         * Modules/webaudio/AudioNode.cpp:
2876         (WebCore::AudioNode::channelCountMode):
2877         (WebCore::AudioNode::channelInterpretation):
2878         * Modules/webdatabase/DatabaseTracker.cpp:
2879         (WebCore::DatabaseTracker::tracker):
2880         * Modules/websockets/WebSocket.cpp:
2881         (WebCore::WebSocket::WebSocket):
2882         (WebCore::WebSocket::didConnect):
2883         * Modules/websockets/WebSocketChannel.cpp:
2884         (WebCore::WebSocketChannel::subprotocol):
2885         (WebCore::WebSocketChannel::extensions):
2886         * accessibility/AccessibilityObject.cpp:
2887         (WebCore::AccessibilityObject::supportsPressAction):
2888         * accessibility/mac/AXObjectCacheMac.mm:
2889         (WebCore::AXObjectCache::postTextStateChangePlatformNotification):
2890         * css/CSSPropertySourceData.cpp:
2891         (WebCore::CSSPropertySourceData::CSSPropertySourceData):
2892         * css/PageRuleCollector.cpp:
2893         (WebCore::PageRuleCollector::pageName):
2894         * css/PropertySetCSSStyleDeclaration.cpp:
2895         (WebCore::PropertySetCSSStyleDeclaration::getPropertyPriority):
2896         * dom/DocumentMarkerController.cpp:
2897         (WebCore::DocumentMarkerController::addDictationPhraseWithAlternativesMarker):
2898         * dom/Element.cpp:
2899         (WebCore::Element::setPrefix):
2900         * editing/AlternativeTextController.cpp:
2901         (WebCore::AlternativeTextController::respondToMarkerAtEndOfWord):
2902         (WebCore::AlternativeTextController::markerDescriptionForAppliedAlternativeText):
2903         * editing/CompositeEditCommand.cpp:
2904         (WebCore::CompositeEditCommand::removeNodeAttribute):
2905         (WebCore::CompositeEditCommand::moveParagraphs):
2906         * editing/InsertTextCommand.cpp:
2907         (WebCore::InsertTextCommand::positionInsideTextNode):
2908         * editing/TextCheckingHelper.cpp:
2909         (WebCore::TextCheckingHelper::findFirstMisspellingOrBadGrammar):
2910         * editing/TypingCommand.cpp:
2911         (WebCore::TypingCommand::deleteSelection):
2912         (WebCore::TypingCommand::deleteKeyPressed):
2913         (WebCore::TypingCommand::forwardDeleteKeyPressed):
2914         (WebCore::TypingCommand::insertLineBreak):
2915         (WebCore::TypingCommand::insertParagraphSeparator):
2916         * editing/cocoa/EditorCocoa.mm:
2917         (WebCore::Editor::styleForSelectionStart):
2918         * editing/mac/EditorMac.mm:
2919         (WebCore::Editor::stringSelectionForPasteboard):
2920         (WebCore::Editor::stringSelectionForPasteboardWithImageAltText):
2921         * fileapi/FileReaderLoader.cpp:
2922         (WebCore::FileReaderLoader::FileReaderLoader):
2923         * html/FileInputType.cpp:
2924         (WebCore::FileInputType::appendFormData):
2925         * html/HTMLMediaElement.cpp:
2926         (WebCore::HTMLMediaElement::getCurrentMediaControlsStatus):
2927         * html/HTMLOutputElement.cpp:
2928         (WebCore::HTMLOutputElement::HTMLOutputElement):
2929         * html/SearchInputType.cpp:
2930         (WebCore::SearchInputType::handleKeydownEvent):
2931         * html/TextFieldInputType.cpp:
2932         (WebCore::autoFillButtonTypeToAccessibilityLabel):
2933         * html/canvas/WebGLDebugShaders.cpp:
2934         (WebCore::WebGLDebugShaders::getTranslatedShaderSource):
2935         * html/canvas/WebGLRenderingContextBase.cpp:
2936         (WebCore::WebGLRenderingContextBase::dispatchContextLostEvent):
2937         (WebCore::WebGLRenderingContextBase::maybeRestoreContext):
2938         * html/canvas/WebGLShader.cpp:
2939         (WebCore::WebGLShader::WebGLShader):
2940         * html/shadow/MediaControlElements.cpp:
2941         (WebCore::MediaControlStatusDisplayElement::update):
2942         * html/track/TextTrack.cpp:
2943         (WebCore::TextTrack::captionMenuOffItem):
2944         (WebCore::TextTrack::captionMenuAutomaticItem):
2945         * html/track/VTTRegion.cpp:
2946         (WebCore::VTTRegion::scroll):
2947         * html/track/VTTRegion.h:
2948         * inspector/InspectorDOMAgent.cpp:
2949         (WebCore::InspectorDOMAgent::toErrorString):
2950         (WebCore::InspectorDOMAgent::resolveNode):
2951         (WebCore::InspectorDOMAgent::documentURLString):
2952         (WebCore::documentBaseURLString):
2953         * inspector/InspectorDOMDebuggerAgent.cpp:
2954         (WebCore::domTypeName):
2955         * inspector/InspectorFrontendHost.cpp:
2956         (WebCore::InspectorFrontendHost::localizedStringsURL):
2957         * inspector/InspectorHistory.cpp:
2958         (WebCore::InspectorHistory::Action::mergeId):
2959         * inspector/InspectorPageAgent.cpp:
2960         (WebCore::InspectorPageAgent::reload):
2961         (WebCore::InspectorPageAgent::frameId):
2962         (WebCore::InspectorPageAgent::loaderId):
2963         * inspector/InspectorStyleSheet.cpp:
2964         (WebCore::InspectorStyleSheet::ruleSelector):
2965         * loader/EmptyClients.h:
2966         * loader/FrameLoader.cpp:
2967         (WebCore::FrameLoader::referrer):
2968         * loader/ImageLoader.cpp:
2969         (WebCore::ImageLoader::clearFailedLoadURL):
2970         * loader/ResourceLoader.cpp:
2971         (WebCore::ResourceLoader::didReceiveResponse):
2972         * page/ContextMenuController.cpp:
2973         (WebCore::ContextMenuController::contextMenuItemSelected):
2974         * page/FrameTree.cpp:
2975         (WebCore::FrameTree::setName):
2976         (WebCore::FrameTree::clearName):
2977         * page/Location.cpp:
2978         (WebCore::Location::port):
2979         * platform/network/ProtectionSpaceBase.cpp:
2980         (WebCore::ProtectionSpaceBase::ProtectionSpaceBase):
2981         * xml/parser/XMLDocumentParserLibxml2.cpp:
2982         (WebCore::handleElementAttributes):
2983
2984 2016-07-15  Simon Fraser  <simon.fraser@apple.com>
2985
2986         Repaints rects drawn incorrectly when inspecting a WebView on a Retina display
2987         https://bugs.webkit.org/show_bug.cgi?id=159824
2988         rdar://problem/27376305
2989
2990         Reviewed by Brian Burg.
2991
2992         InspectorOverlayPage.js set up the canvases with a deviceScaleFactor passed into
2993         reset(), which comes from the overlay's m_page.deviceScaleFactor(). However, updatePaintRects()
2994         used window.devicePixelRatio which was always 1.
2995
2996         Fix by setting the deviceScaleFactor on the m_overlayPage.
2997
2998         * inspector/InspectorOverlay.cpp:
2999         (WebCore::InspectorOverlay::overlayPage):
3000
3001 2016-07-15  Myles C. Maxfield  <mmaxfield@apple.com>
3002
3003         [macOS] Work around crash in [NSAttributedString nextWordFromIndex:forward:]
3004         https://bugs.webkit.org/show_bug.cgi?id=159842
3005
3006         Reviewed by Jon Lee.
3007
3008         <rdar://problem/27380532> describes a crash inside [NSAttributedString nextWordFromIndex:forward:].
3009         This must be worked around for https://bugs.webkit.org/show_bug.cgi?id=159755 and
3010         <rdar://problem/27325521>.
3011
3012         * platform/text/mac/TextBoundaries.mm:
3013         (WebCore::findNextWordFromIndex):
3014
3015 2016-07-15  Brady Eidson  <beidson@apple.com>
3016
3017         Update XPathException to use the description in toString().
3018         https://bugs.webkit.org/show_bug.cgi?id=159848
3019
3020         Reviewed by Alex Christensen.
3021
3022         No new tests (Covered by changes to existing tests).
3023
3024         * bindings/js/JSDOMBinding.cpp:
3025         (WebCore::createDOMException):
3026         * xml/XPathException.h:
3027         (WebCore::XPathException::XPathException):
3028
3029 2016-07-15  Brady Eidson  <beidson@apple.com>
3030
3031         Change toString() behavior for exceptions constructed with "createWithDescriptionAsMessage".
3032         https://bugs.webkit.org/show_bug.cgi?id=159839
3033
3034         Reviewed by Alex Christensen.
3035
3036         No new tests (Covered by changes to existing tests).
3037
3038         This is the first step towards extended exception messages for all exception types.
3039
3040         * dom/ExceptionBase.cpp:
3041         (WebCore::ExceptionBase::ExceptionBase):
3042         (WebCore::ExceptionBase::toString):
3043         * dom/ExceptionBase.h:
3044
3045 2016-07-15  Geoffrey Garen  <ggaren@apple.com>
3046
3047         Added a makeRef<T> helper
3048         https://bugs.webkit.org/show_bug.cgi?id=159835
3049
3050         Reviewed by Andreas Kling.
3051
3052         Anders told me to!
3053
3054         * Modules/indexeddb/IDBTransaction.cpp:
3055         (WebCore::IDBTransaction::putOrAddOnServer):
3056         * Modules/indexeddb/shared/InProcessIDBServer.cpp:
3057         (WebCore::InProcessIDBServer::deleteDatabase):
3058         (WebCore::InProcessIDBServer::didDeleteDatabase):
3059         (WebCore::InProcessIDBServer::openDatabase):
3060         (WebCore::InProcessIDBServer::didOpenDatabase):
3061         (WebCore::InProcessIDBServer::didAbortTransaction):
3062         (WebCore::InProcessIDBServer::didCommitTransaction):
3063         (WebCore::InProcessIDBServer::didCreateObjectStore):
3064         (WebCore::InProcessIDBServer::didDeleteObjectStore):
3065         (WebCore::InProcessIDBServer::didClearObjectStore):
3066         (WebCore::InProcessIDBServer::didCreateIndex):
3067         (WebCore::InProcessIDBServer::didDeleteIndex):
3068         (WebCore::InProcessIDBServer::didPutOrAdd):
3069         (WebCore::InProcessIDBServer::didGetRecord):
3070         (WebCore::InProcessIDBServer::didGetCount):
3071         (WebCore::InProcessIDBServer::didDeleteRecord):
3072         (WebCore::InProcessIDBServer::didOpenCursor):
3073         (WebCore::InProcessIDBServer::didIterateCursor):
3074         (WebCore::InProcessIDBServer::abortTransaction):
3075         (WebCore::InProcessIDBServer::commitTransaction):
3076         (WebCore::InProcessIDBServer::didFinishHandlingVersionChangeTransaction):
3077         (WebCore::InProcessIDBServer::createObjectStore):
3078         (WebCore::InProcessIDBServer::deleteObjectStore):
3079         (WebCore::InProcessIDBServer::clearObjectStore):
3080         (WebCore::InProcessIDBServer::createIndex):
3081         (WebCore::InProcessIDBServer::deleteIndex):
3082         (WebCore::InProcessIDBServer::putOrAdd):
3083         (WebCore::InProcessIDBServer::getRecord):
3084         (WebCore::InProcessIDBServer::getCount):
3085         (WebCore::InProcessIDBServer::deleteRecord):
3086         (WebCore::InProcessIDBServer::openCursor):
3087         (WebCore::InProcessIDBServer::iterateCursor):
3088         (WebCore::InProcessIDBServer::establishTransaction):
3089         (WebCore::InProcessIDBServer::fireVersionChangeEvent):
3090         (WebCore::InProcessIDBServer::didStartTransaction):
3091         (WebCore::InProcessIDBServer::didCloseFromServer):
3092         (WebCore::InProcessIDBServer::notifyOpenDBRequestBlocked):
3093         (WebCore::InProcessIDBServer::databaseConnectionClosed):
3094         (WebCore::InProcessIDBServer::abortOpenAndUpgradeNeeded):
3095         (WebCore::InProcessIDBServer::didFireVersionChangeEvent):
3096         (WebCore::InProcessIDBServer::openDBRequestCancelled):
3097         (WebCore::InProcessIDBServer::confirmDidCloseFromServer):
3098         (WebCore::InProcessIDBServer::getAllDatabaseNames):
3099         (WebCore::InProcessIDBServer::didGetAllDatabaseNames):
3100         * Modules/mediastream/MediaDevicesRequest.cpp:
3101         (WebCore::MediaDevicesRequest::didCompleteTrackSourceInfoRequest):
3102         * Modules/mediastream/UserMediaRequest.cpp:
3103         (WebCore::UserMediaRequest::constraintsValidated):
3104         (WebCore::UserMediaRequest::userMediaAccessGranted):
3105         * Modules/webaudio/AudioContext.cpp:
3106         (WebCore::AudioContext::scheduleNodeDeletion):
3107         (WebCore::AudioContext::isPlayingAudioDidChange):
3108         (WebCore::AudioContext::suspend):
3109         (WebCore::AudioContext::resume):
3110         (WebCore::AudioContext::close):
3111         (WebCore::AudioContext::suspendPlayback):
3112         (WebCore::AudioContext::mayResumePlayback):
3113         * Modules/websockets/ThreadableWebSocketChannelClientWrapper.cpp:
3114         (WebCore::ThreadableWebSocketChannelClientWrapper::didConnect):
3115         (WebCore::ThreadableWebSocketChannelClientWrapper::didReceiveMessage):
3116         (WebCore::ThreadableWebSocketChannelClientWrapper::didReceiveBinaryData):
3117         (WebCore::ThreadableWebSocketChannelClientWrapper::didUpdateBufferedAmount):
3118         (WebCore::ThreadableWebSocketChannelClientWrapper::didStartClosingHandshake):
3119         (WebCore::ThreadableWebSocketChannelClientWrapper::didClose):
3120         (WebCore::ThreadableWebSocketChannelClientWrapper::didReceiveMessageError):
3121         (WebCore::ThreadableWebSocketChannelClientWrapper::processPendingTasks):
3122         * Modules/websockets/WebSocket.cpp:
3123         (WebCore::WebSocket::connect):
3124         * bindings/js/JSEventListener.h:
3125         (WebCore::JSEventListener::jsFunction):
3126         * dom/Node.cpp:
3127         (WebCore::Node::setTextContent):
3128         * html/HTMLMediaElement.cpp:
3129         (WebCore::HTMLMediaElement::layoutSizeChanged):
3130         * inspector/CommandLineAPIHost.cpp:
3131         (WebCore::CommandLineAPIHost::wrapper):
3132         * platform/graphics/avfoundation/AudioSourceProviderAVFObjC.mm:
3133         (WebCore::AudioSourceProviderAVFObjC::prepare):
3134         * platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp:
3135         (WebCore::WebCoreAVCFResourceLoader::invalidate):
3136         * platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm:
3137         (WebCore::WebCoreAVFResourceLoader::invalidate):
3138         * platform/ios/WebVideoFullscreenControllerAVKit.mm:
3139         (WebVideoFullscreenControllerContext::setExternalPlayback):
3140         * platform/network/BlobResourceHandle.cpp:
3141         (WebCore::BlobResourceHandle::start):
3142         (WebCore::BlobResourceHandle::notifyFinish):
3143         * platform/network/SocketStreamHandleBase.cpp:
3144         (WebCore::SocketStreamHandleBase::disconnect):
3145         * platform/network/curl/CurlDownload.cpp:
3146         (WebCore::CurlDownload::didReceiveHeader):
3147
3148 2016-07-15  Chris Dumez  <cdumez@apple.com>
3149
3150         Use fastGetAttribute() / setAttributeWithoutSynchronization() when possible
3151         https://bugs.webkit.org/show_bug.cgi?id=159793
3152
3153         Reviewed by Ryosuke Niwa.
3154
3155         Use fastGetAttribute() / setAttributeWithoutSynchronization() when possible, for performance.
3156
3157         * Modules/plugins/YouTubePluginReplacement.cpp:
3158         (WebCore::YouTubePluginReplacement::installReplacement):
3159         * dom/Element.h:
3160         (WebCore::Element::setIdAttribute):
3161         * editing/ApplyStyleCommand.cpp:
3162         (WebCore::hasNoAttributeOrOnlyStyleAttribute):
3163         (WebCore::createFontElement):
3164         (WebCore::ApplyStyleCommand::applyInlineStyleChange):
3165         * editing/EditingStyle.cpp:
3166         (WebCore::EditingStyle::elementIsStyledSpanOrHTMLEquivalent):
3167         * editing/Editor.cpp:
3168         (WebCore::Editor::setBaseWritingDirection):
3169         * editing/ReplaceSelectionCommand.cpp:
3170         (WebCore::isMailPasteAsQuotationNode):
3171         (WebCore::isInlineNodeWithStyle):
3172         * editing/cocoa/DataDetection.mm:
3173         (WebCore::DataDetection::detectContentInRange):
3174         * editing/htmlediting.cpp:
3175         (WebCore::createTabSpanElement):
3176         * editing/ios/EditorIOS.mm:
3177         (WebCore::Editor::setTextAlignmentForChangedBaseWritingDirection):
3178         (WebCore::Editor::WebContentReader::readURL):
3179         * editing/mac/EditorMac.mm:
3180         (WebCore::Editor::WebContentReader::readURL):
3181         * editing/markup.cpp:
3182         (WebCore::createFragmentFromText):
3183         * html/BaseButtonInputType.cpp:
3184         (WebCore::BaseButtonInputType::setValue):
3185         * html/BaseCheckableInputType.cpp:
3186         (WebCore::BaseCheckableInputType::setValue):
3187         * html/FTPDirectoryDocument.cpp:
3188         (WebCore::FTPDirectoryDocumentParser::appendEntry):
3189         (WebCore::FTPDirectoryDocumentParser::createTDForFilename):
3190         (WebCore::FTPDirectoryDocumentParser::loadDocumentTemplate):
3191         (WebCore::FTPDirectoryDocumentParser::createBasicDocument):
3192         * html/HTMLAnchorElement.cpp:
3193         (WebCore::HTMLAnchorElement::href):
3194         (WebCore::HTMLAnchorElement::setHref):
3195         (WebCore::HTMLAnchorElement::target):
3196         * html/HTMLAreaElement.cpp:
3197         (WebCore::HTMLAreaElement::target):
3198         * html/HTMLBaseElement.cpp:
3199         (WebCore::HTMLBaseElement::setHref):
3200         * html/HTMLButtonElement.cpp:
3201         (WebCore::HTMLButtonElement::setType):
3202         * html/HTMLDetailsElement.cpp:
3203         (WebCore::HTMLDetailsElement::didAddUserAgentShadowRoot):
3204         (WebCore::HTMLDetailsElement::toggleOpen):
3205         * html/HTMLDocument.cpp:
3206         (WebCore::HTMLDocument::setBgColor):
3207         (WebCore::HTMLDocument::setFgColor):
3208         (WebCore::HTMLDocument::setAlinkColor):
3209         (WebCore::HTMLDocument::setLinkColor):
3210         (WebCore::HTMLDocument::setVlinkColor):
3211         * html/HTMLElement.cpp:
3212         (WebCore::HTMLElement::setDir):
3213         (WebCore::HTMLElement::setContentEditable):
3214         (WebCore::HTMLElement::setDraggable):
3215         (WebCore::HTMLElement::setSpellcheck):
3216         (WebCore::HTMLElement::setTranslate):
3217         * html/HTMLFormControlElement.cpp:
3218         (WebCore::HTMLFormControlElement::setFormEnctype):
3219         (WebCore::HTMLFormControlElement::setFormMethod):
3220         (WebCore::HTMLFormControlElement::setAutocorrect):
3221         (WebCore::HTMLFormControlElement::setAutocapitalize):
3222         (WebCore::HTMLFormControlElement::setAutocomplete):
3223         * html/HTMLFormElement.cpp:
3224         (WebCore::HTMLFormElement::setAutocorrect):
3225         (WebCore::HTMLFormElement::setAutocapitalize):
3226         (WebCore::HTMLFormElement::setAction):
3227         (WebCore::HTMLFormElement::setEnctype):
3228         (WebCore::HTMLFormElement::setMethod):
3229         (WebCore::HTMLFormElement::target):
3230         * html/HTMLImageElement.cpp:
3231         (WebCore::HTMLImageElement::width):
3232         (WebCore::HTMLImageElement::height):
3233         (WebCore::HTMLImageElement::setSrc):
3234         * html/HTMLInputElement.cpp:
3235         (WebCore::HTMLInputElement::setType):
3236         (WebCore::HTMLInputElement::updateType):
3237         (WebCore::HTMLInputElement::altText):
3238         (WebCore::HTMLInputElement::setDefaultValue):
3239         * html/HTMLLinkElement.cpp:
3240         (WebCore::HTMLLinkElement::href):
3241         (WebCore::HTMLLinkElement::target):
3242         (WebCore::HTMLLinkElement::type):
3243         * html/HTMLMediaElement.cpp:
3244         (WebCore::HTMLMediaElement::setSrc):
3245         (WebCore::HTMLMediaElement::setPreload):
3246         * html/HTMLMeterElement.cpp:
3247         (WebCore::HTMLMeterElement::min):
3248         (WebCore::HTMLMeterElement::setMin):
3249         (WebCore::HTMLMeterElement::max):
3250         (WebCore::HTMLMeterElement::setMax):
3251         (WebCore::HTMLMeterElement::value):
3252         (WebCore::HTMLMeterElement::setValue):
3253         (WebCore::HTMLMeterElement::low):
3254         (WebCore::HTMLMeterElement::setLow):
3255         (WebCore::HTMLMeterElement::high):
3256         (WebCore::HTMLMeterElement::setHigh):
3257         (WebCore::HTMLMeterElement::optimum):
3258         (WebCore::HTMLMeterElement::setOptimum):
3259         * html/HTMLObjectElement.cpp:
3260         (WebCore::HTMLObjectElement::containsJavaApplet):
3261         * html/HTMLOptionElement.cpp:
3262         (WebCore::HTMLOptionElement::createForJSConstructor):
3263         (WebCore::HTMLOptionElement::setValue):
3264         (WebCore::HTMLOptionElement::setLabel):
3265         * html/HTMLProgressElement.cpp:
3266         (WebCore::HTMLProgressElement::setValue):
3267         (WebCore::HTMLProgressElement::setMax):
3268         * html/HTMLScriptElement.cpp:
3269         (WebCore::HTMLScriptElement::typeAttributeValue):
3270         * html/HTMLSelectElement.cpp:
3271         (WebCore::HTMLSelectElement::setMultiple):
3272         * html/HTMLSourceElement.cpp:
3273         (WebCore::HTMLSourceElement::setSrc):
3274         (WebCore::HTMLSourceElement::media):
3275         (WebCore::HTMLSourceElement::setMedia):
3276         (WebCore::HTMLSourceElement::type):
3277         (WebCore::HTMLSourceElement::setType):
3278         * html/HTMLTableSectionElement.cpp:
3279         (WebCore::HTMLTableSectionElement::setAlign):
3280         (WebCore::HTMLTableSectionElement::setCh):
3281         (WebCore::HTMLTableSectionElement::chOff):
3282         (WebCore::HTMLTableSectionElement::setChOff):
3283         (WebCore::HTMLTableSectionElement::setVAlign):
3284         * html/HTMLTextFormControlElement.cpp:
3285         (WebCore::HTMLTextFormControlElement::updateInnerTextElementEditability):
3286         * html/HTMLVideoElement.cpp:
3287         (WebCore::HTMLVideoElement::imageSourceURL):
3288         * html/HiddenInputType.cpp:
3289         (WebCore::HiddenInputType::restoreFormControlState):
3290         (WebCore::HiddenInputType::setValue):
3291         * html/MediaDocument.cpp:
3292         (WebCore::MediaDocumentParser::createDocumentStructure):
3293         (WebCore::MediaDocument::replaceMediaElementTimerFired):
3294         * html/PluginDocument.cpp:
3295         (WebCore::PluginDocumentParser::createDocumentStructure):
3296         * html/TextFieldInputType.cpp:
3297         (WebCore::TextFieldInputType::createAutoFillButton):
3298         (WebCore::TextFieldInputType::updateAutoFillButton):
3299         * html/parser/HTMLTreeBuilder.cpp:
3300         (WebCore::HTMLTreeBuilder::processIsindexStartTagForInBody):
3301         * html/shadow/MediaControlElements.cpp:
3302         (WebCore::MediaControlClosedCaptionsContainerElement::create):
3303         (WebCore::MediaControlTimelineElement::create):
3304         (WebCore::MediaControlPanelVolumeSliderElement::create):
3305         (WebCore::MediaControlFullscreenVolumeSliderElement::create):
3306         * html/shadow/TextControlInnerElements.cpp:
3307         (WebCore::SearchFieldCancelButtonElement::SearchFieldCancelButtonElement):
3308         * html/shadow/mac/ImageControlsButtonElementMac.cpp:
3309         (WebCore::ImageControlsButtonElementMac::tryCreate):
3310         * html/shadow/mac/ImageControlsRootElementMac.cpp:
3311         (WebCore::ImageControlsRootElement::tryCreate):
3312         * html/track/WebVTTElement.cpp:
3313         (WebCore::WebVTTElement::createEquivalentHTMLElement):
3314         * html/track/WebVTTParser.cpp:
3315         (WebCore::WebVTTTreeBuilder::constructTreeFromToken):
3316         * inspector/InspectorCSSAgent.cpp:
3317         (WebCore::InspectorCSSAgent::createInspectorStyleSheetForDocument):
3318         * inspector/InspectorPageAgent.cpp:
3319         (WebCore::InspectorPageAgent::buildObjectForFrame):
3320         * mathml/MathMLSelectElement.cpp:
3321         (WebCore::MathMLSelectElement::toggle):
3322         * page/PageSerializer.cpp:
3323         (WebCore::PageSerializer::serializeFrame):
3324         * rendering/RenderDetailsMarker.cpp:
3325         (WebCore::RenderDetailsMarker::isOpen):
3326         * rendering/mathml/RenderMathMLFraction.cpp:
3327         (WebCore::RenderMathMLFraction::updateFromElement):
3328         * svg/SVGElement.cpp:
3329         (WebCore::SVGElement::setXmlbase):
3330         * svg/SVGSVGElement.cpp:
3331         (WebCore::SVGSVGElement::setContentScriptType):
3332         (WebCore::SVGSVGElement::setContentStyleType):
3333         * svg/SVGStyleElement.cpp:
3334         (WebCore::SVGStyleElement::setMedia):
3335         (WebCore::SVGStyleElement::setTitle):
3336
3337 2016-07-15  Chris Dumez  <cdumez@apple.com>
3338
3339         Modernize StaticNodeList / StaticElementList
3340         https://bugs.webkit.org/show_bug.cgi?id=159831
3341
3342         Reviewed by Ryosuke Niwa.
3343
3344         Modernize StaticNodeList / StaticElementList. Pass vector to adopt
3345         as an rvalue reference instead of a non-const reference.
3346
3347         * bindings/js/JSHTMLAllCollectionCustom.cpp:
3348         (WebCore::namedItems):
3349         * dom/ChildListMutationScope.cpp:
3350         (WebCore::ChildListMutationAccumulator::enqueueMutationRecord):
3351         * dom/MutationRecord.cpp:
3352         * dom/SelectorQuery.cpp:
3353         (WebCore::SelectorDataList::queryAll):
3354         * dom/StaticNodeList.h:
3355         * dom/WebKitNamedFlow.cpp:
3356         (WebCore::WebKitNamedFlow::getRegionsByContent):
3357         (WebCore::WebKitNamedFlow::getRegions):
3358         (WebCore::WebKitNamedFlow::getContent):
3359         * svg/SVGSVGElement.cpp:
3360         (WebCore::SVGSVGElement::collectIntersectionOrEnclosureList):
3361         * testing/Internals.cpp:
3362         (WebCore::Internals::nodesFromRect):
3363
3364 2016-07-15  Brent Fulgham  <bfulgham@apple.com>
3365
3366         Block insecure script running in a data: frame when the top-level page is HTTPS
3367         https://bugs.webkit.org/show_bug.cgi?id=125806
3368         <rdar://problem/27331825>
3369
3370         Reviewed by Brady Eidson.
3371
3372         Fix based on a Blink change (patch by <tsepez@chromium.org>):
3373         <https://chromium.googlesource.com/chromium/blink/+/33e553bd96e040151c1472289a0d80803bfca3a5>
3374
3375         Test: http/tests/security/mixedContent/insecure-script-in-data-iframe-in-main-frame-blocked.html
3376
3377         * loader/cache/CachedResourceLoader.cpp:
3378         (WebCore::CachedResourceLoader::checkInsecureContent): Check the top-level frame's security state
3379         before allowing insecure scripts to be used.        
3380
3381 2016-07-15  Chris Dumez  <cdumez@apple.com>
3382
3383         Let the compiler generate QualifiedName copy constructor and assignment operator
3384         https://bugs.webkit.org/show_bug.cgi?id=159826
3385
3386         Reviewed by Alex Christensen.
3387
3388         Let the compiler generate QualifiedName copy constructor and assignment operator
3389         as our custom implementation does nothing special. This also makes QualifiedName
3390         movable as the compiler is now able to generate the move constructor / assignment
3391         operator as well.
3392
3393         * dom/QualifiedName.h:
3394         (WebCore::QualifiedName::QualifiedName): Deleted.
3395         (WebCore::QualifiedName::operator=): Deleted.
3396
3397 2016-07-15  Antonio Gomes  <tonikitoo@igalia.com>
3398
3399         ScrollView::setHasHorizontalScrollbar / setHasVerticalScrollbar duplicate their logic
3400         https://bugs.webkit.org/show_bug.cgi?id=159825
3401
3402         Patch introduces a (private) method to ScrollView
3403         to share the code/logic of setHas{Horizontal,Vertical}Scrollbar.
3404
3405         Reviewed by Simon Fraser.
3406
3407         No new tests needed.
3408
3409         * platform/ScrollView.cpp:
3410         (WebCore::ScrollView::setHasScrollbarInternal):
3411         (WebCore::ScrollView::setHasHorizontalScrollbar):
3412         (WebCore::ScrollView::setHasVerticalScrollbar):
3413         * platform/ScrollView.h:
3414
3415 2016-07-15  Frederic Wang  <fwang@igalia.com>
3416
3417         MathOperator: Improve alignment for vertical size variant
3418         https://bugs.webkit.org/show_bug.cgi?id=158866
3419
3420         Reviewed by Brent Fulgham.
3421
3422         The MathOperator class may stretch operators with either a large glyph or a glyph assembly.
3423         In the latter case, the assembly is adjusted to match the stretch ascent and descent
3424         requested by the callers. But in the former case the glyph ascent and descent are used
3425         instead. We solve this by making MathOperator::stretchTo only take a targetSize and let
3426         callers do the vertical alignment they want. This improves the rendering of fences with some
3427         math fonts (e.g. XITS) and allows to pass the two cases of mo-axis-height-1.html.
3428
3429         Test: imported/mathml-in-html5/mathml/presentation-markup/operators/mo-axis-height-1.html
3430
3431         * rendering/mathml/MathOperator.cpp:
3432         (WebCore::MathOperator::stretchTo): Merge vertical and horizontal stretching into the same
3433         function with only the targetSize as a parameter.
3434         * rendering/mathml/RenderMathMLOperator.cpp:
3435         (WebCore::RenderMathMLOperator::stretchTo): Updated to use the new signature.
3436         (WebCore::RenderMathMLOperator::verticalStretchedOperatorShift): Helper function to calculate
3437         the shift necessary to align the baseline of the MathOperator instance with the one of the
3438         RenderMathMLOperator.
3439         (WebCore::RenderMathMLOperator::firstLineBaseline): Adjust the baseline.
3440         * rendering/mathml/RenderMathMLOperator.h: Declare verticalStretchedOperatorShift.
3441         * rendering/mathml/RenderMathMLRoot.cpp:
3442         (WebCore::RenderMathMLRoot::layoutBlock): Use the new signature. This function aligns the top
3443         of the radical with the overbar so we do not need to adjust baseline alignment here.
3444
3445 2016-07-15  Brady Eidson  <beidson@apple.com>
3446
3447         WebKit should prevent push/replace state with username in URL.
3448         <rdar://problem/27361737> and https://bugs.webkit.org/show_bug.cgi?id=159818
3449
3450         Reviewed by Brent Fulgham.
3451
3452         Test: http/tests/security/history-username-password.html
3453
3454         * page/History.cpp:
3455         (WebCore::History::stateObjectAdded): Don't allow URLs with usernames/passwords.
3456
3457 2016-07-15  Ryan Haddad  <ryanhaddad@apple.com>
3458
3459         Unreviewed, rolling out r203266.
3460
3461         This change caused editing/deleting/delete-emoji.html to time
3462         out on El Capitan, crash under GuardMalloc
3463
3464         Reverted changeset:
3465
3466         "Support new emoji group candidates"
3467         https://bugs.webkit.org/show_bug.cgi?id=159755
3468         http://trac.webkit.org/changeset/203266
3469
3470 2016-07-15  Frederic Wang  <fwang@igalia.com>
3471
3472         Move parsing of mfrac attributes into a MathMLFractionElement class
3473         https://bugs.webkit.org/show_bug.cgi?id=159624
3474
3475         Reviewed by Brent Fulgham.
3476
3477         We move the parsing of mfrac attributes to a MathMLFractionElement class. This allows to
3478         minimize the updates in RenderMathMLFraction and to remove the alignment members. Many of
3479         the members in updateLayoutParameters are actually only used in layoutBlock and could be
3480         removed in a follow-up patch. We also improve the resolution of negative line thickness value
3481         since the MathML recommendation says it should be rounded up to the nearest valid
3482         value (which is zero) instead of ignoring the attribute and using the line thickness.
3483
3484         No new tests, already covered by existing tests.
3485
3486         * CMakeLists.txt: Add MathMLFractionElement.
3487         * WebCore.xcodeproj/project.pbxproj: Ditto.
3488         * mathml/MathMLAllInOne.cpp: Ditto.
3489         * mathml/MathMLFractionElement.cpp: Added.
3490         (WebCore::MathMLFractionElement::MathMLFractionElement):
3491         (WebCore::MathMLFractionElement::create):
3492         (WebCore::MathMLFractionElement::lineThickness): Return the cached linethickness length,
3493         parsing it again if it is dirty. This handles the special values "thin", "medium" and "thick"
3494         or fallback to the general parseMathMLLength for MathML lengths.
3495         (WebCore::MathMLFractionElement::cachedFractionAlignment): Return the cached alignment value,
3496         parsing it again if it is dirty.
3497         (WebCore::MathMLFractionElement::numeratorAlignment): Return the cached alignment.
3498         (WebCore::MathMLFractionElement::denominatorAlignment): Ditto.
3499         (WebCore::MathMLFractionElement::parseAttribute): Make attributes dirty.
3500         (WebCore::MathMLFractionElement::createElementRenderer): Create a RenderMathMLFraction.
3501         * mathml/MathMLFractionElement.h: Added.
3502         * mathml/MathMLInlineContainerElement.cpp: We no longer need to handle fraction here.
3503         (WebCore::MathMLInlineContainerElement::createElementRenderer):
3504         * mathml/mathtags.in: Use MathMLFractionElement for mfrac.
3505         * rendering/mathml/RenderMathMLFraction.cpp:
3506         (WebCore::RenderMathMLFraction::updateLayoutParameters): New helper function to set the
3507         layout parameters, replacing updateFromElement. We no longer parse and store the alignment
3508         values here. We also change the resolution of negative values.
3509         (WebCore::RenderMathMLFraction::horizontalOffset): Use the enum from MathMLFractionElement.
3510         (WebCore::RenderMathMLFraction::layoutBlock): We call updateLayoutParameters instead of
3511         updateFromElement. The numerator and denominator alignments are resolved here.
3512         (WebCore::RenderMathMLFraction::parseAlignmentAttribute): Deleted. Parsing of alignment
3513         attribute is now handled in MathMLFractionElement.
3514         (WebCore::RenderMathMLFraction::updateFromElement): Deleted. Attribute changes are now
3515         handled in MathMLFractionElement.
3516         (WebCore::RenderMathMLFraction::styleDidChange): Deleted. Font changes are properly handled.
3517         * rendering/mathml/RenderMathMLFraction.h: Update declarations.
3518
3519 2016-07-15  Frederic Wang  <fwang@igalia.com>
3520
3521         Check whether font is nonnull for GlyphData instead of calling GlyphData::isValid()
3522         https://bugs.webkit.org/show_bug.cgi?id=159783
3523
3524         Reviewed by Brent Fulgham.
3525
3526         GlyphData::isValid() returns true for GlyphData with null 'font' pointer when the 'glyph'
3527         index is nonzero. This behavior is not expected by the MathML code and we have had crashes
3528         in our test suite in the past on Windows (e.g. bug 140653). We thus replace the call to
3529         GlyphData::isValid() with a stronger verification: Whether the 'font' pointer is nonzero.
3530
3531         No new tests, this only makes null pointer checks stronger.
3532
3533         * rendering/mathml/MathOperator.cpp:
3534         (WebCore::boundsForGlyph):
3535         (WebCore::advanceWidthForGlyph):
3536         (WebCore::MathOperator::getBaseGlyph):
3537         (WebCore::MathOperator::setSizeVariant):
3538         (WebCore::MathOperator::fillWithVerticalExtensionGlyph):
3539         (WebCore::MathOperator::fillWithHorizontalExtensionGlyph):
3540         (WebCore::MathOperator::paintVerticalGlyphAssembly):
3541         (WebCore::MathOperator::paintHorizontalGlyphAssembly):
3542         (WebCore::MathOperator::paint):
3543         * rendering/mathml/RenderMathMLOperator.cpp:
3544         (WebCore::RenderMathMLOperator::computePreferredLogicalWidths):
3545         * rendering/mathml/RenderMathMLToken.cpp:
3546         (WebCore::RenderMathMLToken::computePreferredLogicalWidths):
3547         (WebCore::RenderMathMLToken::firstLineBaseline):
3548         (WebCore::RenderMathMLToken::layoutBlock):
3549         (WebCore::RenderMathMLToken::paint):
3550         (WebCore::RenderMathMLToken::paintChildren):
3551
3552 2016-07-15  Frederic Wang  <fwang@igalia.com>
3553
3554         Add DejaVu Math TeX Gyre to the list of math fonts.
3555         https://bugs.webkit.org/show_bug.cgi?id=159805
3556
3557         Reviewed by Brent Fulgham.
3558
3559         DejaVu 2.36 has a new math font that can be used for MathML rendering. Because this font is
3560         likely to be installed on many systems (Linux, LibreOffice, etc) we include it in the default
3561         list of font-families in mathml.css in order to increase the chance to find a math font.
3562
3563         No new tests, it only affects rendering when DejaVu Math TeX Gyre is installed on the system.
3564
3565         * css/mathml.css:
3566         (math):
3567
3568 2016-07-15  Eric Carlson  <eric.carlson@apple.com>
3569
3570         [MSE] Increase the SourceBuffer "fudge factor"
3571         https://bugs.webkit.org/show_bug.cgi?id=159813
3572         <rdar://problem/27372033>
3573
3574         Reviewed by Jon Lee.
3575         
3576         Some media encoding/conversion pipelines are sloppy when doing sample time/timescale
3577         math, and the error accumulation results in small gaps in the media timeline. r202641
3578         increased the maximum allowable gap from 0.01 second to one 24fps frame, but it turns
3579         out that at least one large provider has a significant amount of content encoded with
3580         up to two 24fps frames.
3581
3582         No new tests, updated media/media-source/media-source-small-gap.html.
3583
3584         * Modules/mediasource/SourceBuffer.cpp:
3585         (WebCore::currentTimeFudgeFactor): Increase maximum gap to 2002 / 24000 frames.
3586
3587 2016-07-15  Rawinder Singh  <rawinder.singh-webkit@cisra.canon.com.au>
3588
3589         Add final keyword to WebCore/svg classes
3590         https://bugs.webkit.org/show_bug.cgi?id=159802
3591
3592         Reviewed by Youenn Fablet.
3593
3594         Updated classes in the WebCore/svg directory to be marked as final where appropriate.
3595
3596         * svg/SVGException.h:
3597         * svg/SVGLengthList.h:
3598         * svg/SVGMatrix.h:
3599         * svg/SVGNumberList.h:
3600         * svg/SVGPaint.h:
3601         * svg/SVGPathBuilder.h:
3602         * svg/SVGPathByteStreamBuilder.h:
3603         * svg/SVGPathByteStreamSource.h:
3604         * svg/SVGPathSegArcAbs.h:
3605         * svg/SVGPathSegArcRel.h:
3606         * svg/SVGPathSegClosePath.h:
3607         * svg/SVGPathSegCurvetoCubicAbs.h:
3608         * svg/SVGPathSegCurvetoCubicRel.h:
3609         * svg/SVGPathSegCurvetoCubicSmoothAbs.h:
3610         * svg/SVGPathSegCurvetoCubicSmoothRel.h:
3611         * svg/SVGPathSegCurvetoQuadraticAbs.h:
3612         * svg/SVGPathSegCurvetoQuadraticRel.h:
3613         * svg/SVGPathSegCurvetoQuadraticSmoothAbs.h:
3614         * svg/SVGPathSegCurvetoQuadraticSmoothRel.h:
3615         * svg/SVGPathSegLinetoAbs.h:
3616         * svg/SVGPathSegLinetoHorizontalAbs.h:
3617         * svg/SVGPathSegLinetoHorizontalRel.h:
3618         * svg/SVGPathSegLinetoRel.h:
3619         * svg/SVGPathSegLinetoVerticalAbs.h:
3620         * svg/SVGPathSegLinetoVerticalRel.h:
3621         * svg/SVGPathSegListBuilder.h:
3622         * svg/SVGPathSegListSource.h:
3623         * svg/SVGPathSegMovetoAbs.h:
3624         * svg/SVGPathSegMovetoRel.h:
3625         * svg/SVGPathStringSource.h:
3626         * svg/SVGPathTraversalStateBuilder.h:
3627         * svg/SVGPointList.h:
3628         * svg/SVGRenderingIntent.h:
3629         * svg/SVGStringList.h:
3630         * svg/SVGTRefElement.cpp:
3631         * svg/SVGToOTFFontConversion.cpp:
3632         * svg/SVGTransformList.h:
3633         * svg/SVGUnitTypes.h:
3634         * svg/SVGViewSpec.h:
3635         * svg/SVGZoomEvent.h:
3636         * svg/animation/SMILTimeContainer.h:
3637         * svg/animation/SVGSMILElement.cpp:
3638         * svg/graphics/filters/SVGFEImage.h:
3639         * svg/graphics/filters/SVGFilter.h:
3640         * svg/properties/SVGAnimatedPathSegListPropertyTearOff.h:
3641         * svg/properties/SVGAnimatedPropertyTearOff.h:
3642         * svg/properties/SVGAnimatedTransformListPropertyTearOff.h:
3643         * svg/properties/SVGMatrixTearOff.h:
3644         * svg/properties/SVGPathSegListPropertyTearOff.h:
3645         * svg/properties/SVGStaticListPropertyTearOff.h:
3646         * svg/properties/SVGStaticPropertyTearOff.h:
3647         * svg/properties/SVGTransformListPropertyTearOff.h:
3648
3649 2016-07-15  Per Arne Vollan  <pvollan@apple.com>
3650
3651         Uninitialized variable in DIBPixelData can cause a dangerous memory write
3652         https://bugs.webkit.org/show_bug.cgi?id=159414
3653
3654         Reviewed by Brent Fulgham.
3655
3656         Initialize local BITMAP variable, in case the ::GetObject function that should initialize it
3657         fails to do so, because the bitmap handle is invalid.
3658
3659         Tests: Tools/TestWebKitAPI/Tests/WebCore/win/DIBPixelData.cpp
3660
3661         * platform/graphics/win/DIBPixelData.cpp:
3662         (WebCore::DIBPixelData::initialize): Initialize local variable.
3663         (WebCore::DIBPixelData::setRGBABitmapAlpha): Return early if we have no bitmap.
3664         * platform/graphics/win/DIBPixelData.h: Link fix.
3665
3666 2016-07-14  Yoav Weiss  <yoav@yoav.ws>
3667
3668         Change CSSParser::sourceSize returning Optional<CSSParser::SourceSize>
3669         https://bugs.webkit.org/show_bug.cgi?id=159666
3670
3671         Reviewed by Michael Catanzaro.
3672
3673         Tests:
3674             fast/dom/HTMLImageElement/sizes/image-sizes-invalids.html
3675
3676         * css/CSSGrammar.y.in: Avoid adding SourceSize to source_size_list when the value is a Nullopt.
3677         * css/CSSParser.cpp:
3678         (WebCore::CSSParser::sourceSize): Return a Nullopt when an invalid value is encountered.
3679         * css/CSSParser.h:
3680
3681 2016-07-14  Antonio Gomes  <tonikitoo@igalia.com>
3682
3683         [RTL Scrollbars] Frame scrollbars don't move to the right when text direction changes to RTL
3684         https://bugs.webkit.org/show_bug.cgi?id=158252
3685
3686         Reviewed by Myles C. Maxfield.
3687
3688         When the 'dir' attribute changes either on body or on the document
3689         element level, the associated FrameView does not trigger an update on
3690         the frame level vertical scrollbar.
3691
3692         Patch adds a 'hook' so that RenderBox::styleDidChange can call in
3693         order to get the document level scrollbar placed properly in the next
3694         layout.
3695
3696         Test: fast/scrolling/rtl-scrollbars-alternate-body-dir-attr-does-not-update-scrollbar-placement.html
3697               fast/scrolling/rtl-scrollbars-alternate-body-dir-attr-does-not-update-scrollbar-placement-2.html
3698               fast/scrolling/rtl-scrollbars-alternate-iframe-body-dir-attr-does-not-update-scrollbar-placement.html
3699
3700         * page/FrameView.cpp:
3701         (WebCore::FrameView::topContentDirectionDidChange):
3702         * page/FrameView.h:
3703         * rendering/RenderBox.cpp:
3704         (WebCore::RenderBox::styleDidChange):
3705
3706 2016-07-14  Myles C. Maxfield  <mmaxfield@apple.com>
3707
3708         Support new emoji group candidates
3709         https://bugs.webkit.org/show_bug.cgi?id=159755
3710         <rdar://problem/27325521>
3711
3712         Reviewed by Dean Jackson.
3713
3714         There are a few code points which should be able to be joined (with ZWJ) to
3715         either U+2640 or U+2642 to change the gender of the emoji. These patterns
3716         should also work with an additional 0xFE0F variation selector. This patch
3717         adds these new patterns to our existing emoji group candidate infrastructure.
3718
3719         Tests: fast/text/emoji-gender-2-3.html
3720                fast/text/emoji-gender-2-4.html
3721                fast/text/emoji-gender-2-5.html
3722                fast/text/emoji-gender-2-6.html
3723                fast/text/emoji-gender-2-7.html
3724                fast/text/emoji-gender-2-8.html
3725                fast/text/emoji-gender-2-9.html
3726                fast/text/emoji-gender-2.html
3727                fast/text/emoji-gender-3.html
3728                fast/text/emoji-gender-4.html
3729                fast/text/emoji-gender-5.html
3730                fast/text/emoji-gender-6.html
3731                fast/text/emoji-gender-7.html
3732                fast/text/emoji-gender-8.html
3733                fast/text/emoji-gender-9.html
3734                fast/text/emoji-gender-fe0f-3.html
3735                fast/text/emoji-gender-fe0f-4.html
3736                fast/text/emoji-gender-fe0f-5.html
3737                fast/text/emoji-gender-fe0f-6.html
3738                fast/text/emoji-gender-fe0f-7.html
3739                fast/text/emoji-gender-fe0f-8.html
3740                fast/text/emoji-gender-fe0f-9.html
3741                fast/text/emoji-gender.html
3742                fast/text/emoji-num-glyphs.html
3743                fast/text/emoji-single-parent-family-2.html
3744                fast/text/emoji-single-parent-family.html
3745
3746         * platform/graphics/mac/ComplexTextControllerCoreText.mm:
3747         (WebCore::ComplexTextController::ComplexTextRun::ComplexTextRun): Removed incorrect ASSERT()s.
3748         * platform/graphics/FontCascade.cpp:
3749         (WebCore::FontCascade::characterRangeCodePath):
3750         * platform/text/CharacterProperties.h:
3751         (WebCore::isEmojiGroupCandidate):
3752
3753 2016-07-14  Dean Jackson  <dino@apple.com>
3754
3755         CrashTracer: com.apple.WebKit.WebContent at WebCore: WebCore::MediaQueryEvaluator::evaluate const
3756         https://bugs.webkit.org/show_bug.cgi?id=159799
3757         <rdar://problem/27346959>
3758
3759         Reviewed by Myles Maxfield.
3760
3761         Speculative fix for this crash, which seems to happen when asking for the Node's
3762         renderer(). From the incoming crash logs, it is triggered by mutations on
3763         a <picture> or <img> element, which would require choosing a new source,
3764         and causing some media queries to evaluate.
3765
3766         The only place in MediaQueryEvaluator that has anything to do with
3767         renderers is when gathering up some style information to pass to the
3768         actual evaluation function. I put a guard against a missing documentElement
3769         in there.
3770
3771         * css/MediaQueryEvaluator.cpp:
3772         (WebCore::MediaQueryEvaluator::evaluate): Make sure documentElement is not
3773         null.
3774
3775 2016-07-14  Rawinder Singh  <rawinder.singh-webkit@cisra.canon.com.au>
3776
3777         Update HTML*Element class override methods in final classes
3778         https://bugs.webkit.org/show_bug.cgi?id=159456
3779
3780         Reviewed by Youenn Fablet.
3781
3782         Update HTML*Element classes so that overriden methods in final classes are marked final.
3783         Also marked HTMLDivElement overriden methods as final since they are not overridden by derived classes.
3784
3785         * html/HTMLAppletElement.h:
3786         * html/HTMLAreaElement.h:
3787         * html/HTMLAttachmentElement.h:
3788         * html/HTMLAudioElement.h:
3789         * html/HTMLBRElement.h:
3790         * html/HTMLBaseElement.h:
3791         * html/HTMLBodyElement.h:
3792         * html/HTMLButtonElement.h:
3793         * html/HTMLCanvasElement.h:
3794         * html/HTMLDataElement.h:
3795         * html/HTMLDetailsElement.h:
3796         * html/HTMLDivElement.h:
3797         * html/HTMLEmbedElement.h:
3798         * html/HTMLFieldSetElement.h:
3799         * html/HTMLFontElement.h:
3800         * html/HTMLFormElement.h:
3801         * html/HTMLFrameSetElement.h:
3802         * html/HTMLHRElement.h:
3803         * html/HTMLHtmlElement.h:
3804         * html/HTMLKeygenElement.h:
3805         * html/HTMLLIElement.h:
3806         * html/HTMLLabelElement.h:
3807         * html/HTMLLegendElement.h:
3808         * html/HTMLLinkElement.h:
3809         * html/HTMLMapElement.h:
3810         * html/HTMLMarqueeElement.h:
3811         * html/HTMLMetaElement.h:
3812         * html/HTMLMeterElement.h:
3813         * html/HTMLModElement.h:
3814         * html/HTMLOListElement.h:
3815         * html/HTMLObjectElement.h:
3816         * html/HTMLOptGroupElement.h:
3817         * html/HTMLOptionElement.h:
3818         * html/HTMLOutputElement.h:
3819         * html/HTMLParagraphElement.h:
3820         * html/HTMLParamElement.h:
3821         * html/HTMLPreElement.h:
3822         * html/HTMLProgressElement.h:
3823         * html/HTMLQuoteElement.h:
3824         * html/HTMLScriptElement.h:
3825         * html/HTMLSourceElement.h:
3826         * html/HTMLStyleElement.h:
3827         * html/HTMLSummaryElement.h:
3828         * html/HTMLTableCaptionElement.h:
3829         * html/HTMLTableColElement.h:
3830         * html/HTMLTableElement.h:
3831         * html/HTMLTableSectionElement.h:
3832         * html/HTMLTemplateElement.h:
3833         * html/HTMLTextAreaElement.h:
3834         * html/HTMLTitleElement.h:
3835         * html/HTMLUListElement.h:
3836         * html/HTMLUnknownElement.h:
3837         * html/HTMLVideoElement.h:
3838         * html/HTMLWBRElement.h:
3839
3840 2016-07-14  Chris Dumez  <cdumez@apple.com>
3841
3842         Modernize GlyphMetricsMap
3843         https://bugs.webkit.org/show_bug.cgi?id=159788
3844
3845         Reviewed by Darin Adler.
3846
3847         Modernize GlyphMetricsMap a bit.
3848
3849         * platform/graphics/GlyphMetricsMap.h:
3850         - Drop WTF_MAKE_NONCOPYABLE as the class is already non-copyable due to having
3851           to having a std::unique_ptr data member.
3852         - Drop GlyphMetricsMap default constructor and let the compiler generate it
3853           instead. This required using inline initialization for m_filledPrimaryPage.
3854
3855         (WebCore::GlyphMetricsMap::GlyphMetricsPage::GlyphMetricsPage):
3856         - Make m_metrics data member private as it does not need to be public.
3857         - Make setMetricsForIndex(unsigned index, const T& metrics) setter private
3858           as it does not need to be public.
3859         - Make GlyphMetricsPage(const T& initialValue) constructor explicit as it
3860           takes only 1 parameter.
3861
3862         (WebCore::GlyphMetricsMap<T>::locatePageSlowCase):
3863         - Use HashMap::ensure() to make the code a bit nicer.
3864
3865 2016-07-14  Simon Fraser  <simon.fraser@apple.com>
3866
3867         [iOS WK2] When scrolling apple.com/music on iPad Pro in landscape, left-hand tiles appear first
3868         https://bugs.webkit.org/show_bug.cgi?id=159798
3869         rdar://problem/27362717
3870
3871         Reviewed by Tim Horton.
3872
3873         In out-of-visible tiled layers, we always allocated the top-left tile, wasting
3874         memory and causing ugliness when scrolling that layer into view. This happened
3875         because getTileIndexRangeForRect() had no way to express the fact that no tiles
3876         should be created.
3877
3878         Fix getTileIndexRangeForRect() to return a bool, and fix callers to respect the
3879         return value.
3880
3881         Test: compositing/tiling/offscreen-tiled-layer.html
3882
3883         * platform/graphics/ca/GraphicsLayerCA.cpp:
3884         (WebCore::GraphicsLayerCA::dumpAdditionalProperties):
3885         * platform/graphics/ca/TileGrid.cpp:
3886         (WebCore::TileGrid::setNeedsDisplayInRect):
3887         (WebCore::TileGrid::tilesWouldChangeForCoverageRect):
3888         (WebCore::TileGrid::getTileIndexRangeForRect):
3889         (WebCore::TileGrid::revalidateTiles):
3890         (WebCore::TileGrid::ensureTilesForRect):
3891         (WebCore::TileGrid::extent):
3892         * platform/graphics/ca/TileGrid.h:
3893
3894 2016-07-14  John Wilander  <wilander@apple.com>
3895
3896         Remove credentials in URL when accessed through location.href
3897         https://bugs.webkit.org/show_bug.cgi?id=139562
3898         <rdar://problem/27331164>
3899
3900         Reviewed by Brent Fulgham.
3901
3902         Test: http/tests/security/location-href-clears-username-password.html
3903
3904         The reason for this change is to not allow scripts on the page to
3905         exfiltrate username and password from the URL.
3906
3907         * page/Location.cpp:
3908         (WebCore::Location::href):
3909             Now checks if there is a username or password in the URL. If so,
3910             it copies the URL and removes the username and password.
3911
3912 2016-07-14  Javier Fernandez  <jfernandez@igalia.com>
3913
3914         [css-grid] Handle min-content/max-content with orthogonal flows
3915         https://bugs.webkit.org/show_bug.cgi?id=159294
3916
3917         Reviewed by Darin Adler.
3918
3919         Currently there is no support for orthogonal flows in many aspects of the
3920         Grid Layout logic.
3921
3922         The Grid sizing algorithm should be adapted to this scenario, hence this
3923         patch focus on the min-content and max-content functions, used to resolve
3924         content based track sizes.
3925
3926         There are still issues related to alignment and sizes using percentages,
3927         but they will be addressed in different patches.
3928
3929         Tests: fast/css-grid-layout/grid-item-positioning-with-orthogonal-flows.html
3930                fast/css-grid-layout/grid-item-sizing-with-orthogonal-flows.html
3931                fast/css-grid-layout/grid-item-spanning-and-orthogonal-flows.html
3932                fast/css-grid-layout/grid-track-sizing-with-orthogonal-flows.html
3933                fast/css-grid-layout/grid-track-sizing-with-percentages-and-orthogonal-flows.html
3934
3935         * rendering/RenderBox.cpp:
3936         (WebCore::RenderBox::computeLogicalWidthInRegion):
3937         * rendering/RenderGrid.cpp:
3938         (WebCore::RenderGrid::GridSizingData::advanceNextState):
3939         (WebCore::RenderGrid::GridSizingData::isValidTransitionForDirection):
3940         (WebCore::RenderGrid::computeTrackSizesForDirection):
3941         (WebCore::RenderGrid::repeatTracksSizingIfNeeded): Added.
3942         (WebCore::RenderGrid::layoutBlock):
3943         (WebCore::RenderGrid::computeIntrinsicLogicalWidths):
3944         (WebCore::RenderGrid::computeIntrinsicLogicalHeight):
3945         (WebCore::hasOverrideContainingBlockContentSizeForChild):
3946         (WebCore::overrideContainingBlockContentSizeForChild):
3947         (WebCore::setOverrideContainingBlockContentSizeForChild):
3948         (WebCore::shouldClearOverrideContainingBlockContentSizeForChild):
3949         (WebCore::RenderGrid::gridTrackSize):
3950         (WebCore::RenderGrid::isOrthogonalChild): Added.
3951         (WebCore::RenderGrid::logicalHeightForChild):
3952         (WebCore::RenderGrid::flowAwareDirectionForChild): Added.
3953         (WebCore::RenderGrid::minSizeForChild):
3954         (WebCore::RenderGrid::updateOverrideContainingBlockContentSizeForChild):
3955         (WebCore::RenderGrid::minContentForChild):
3956         (WebCore::RenderGrid::maxContentForChild):
3957         (WebCore::RenderGrid::placeItemsOnGrid):
3958         (WebCore::RenderGrid::layoutPositionedObject):
3959         (WebCore::RenderGrid::offsetAndBreadthForPositionedChild):
3960         (WebCore::RenderGrid::assumedRowsSizeForOrthogonalChild): Added.
3961         (WebCore::RenderGrid::gridAreaBreadthForChild):
3962         (WebCore::RenderGrid::columnAxisPositionForChild):
3963         (WebCore::RenderGrid::rowAxisPositionForChild):
3964         (WebCore::RenderGrid::findChildLogicalPosition):
3965         * rendering/RenderGrid.h:
3966         (WebCore::RenderGrid::SizingOperation): This enum has been moved to the header file.
3967         (WebCore::RenderGrid::m_hasAnyOrthogonalChild): New class attribute to know if there are any orthogonal grid items.
3968         (WebCore::RenderGrid::updateOverrideContainingBlockContentSizeForChild):
3969         (WebCore::RenderGrid::logicalHeightForChild):
3970         (WebCore::RenderGrid::gridAreaBreadthForChild):
3971         (WebCore::RenderGrid::assumedRowsSizeForOrthogonalChild):
3972
3973
3974
3975 2016-07-14  Chris Dumez  <cdumez@apple.com>
3976
3977         Use emptyString() instead of "" when possible
3978         https://bugs.webkit.org/show_bug.cgi?id=159789
3979
3980         Reviewed by Alex Christensen.
3981
3982         Use emptyString() instead of "" when possible to reduce String allocations.