[LFC] Implement width computation for non-replaced block level inflow elements.
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2018-05-14  Zalan Bujtas  <zalan@apple.com>
2
3         [LFC] Implement width computation for non-replaced block level inflow elements.
4         https://bugs.webkit.org/show_bug.cgi?id=185641
5
6         Reviewed by Sam Weinig.
7
8         Block level inflow elements participate in block formatting context.
9
10         * layout/FormattingContext.cpp:
11         (WebCore::Layout::FormattingContext::computeWidth const):
12         * layout/FormattingContext.h:
13         * layout/blockformatting/BlockFormattingContext.cpp:
14         (WebCore::Layout::BlockFormattingContext::computeInFlowWidth const):
15         * layout/blockformatting/BlockFormattingContext.h:
16         * layout/inlineformatting/InlineFormattingContext.cpp:
17         (WebCore::Layout::InlineFormattingContext::computeInFlowWidth const):
18         * layout/inlineformatting/InlineFormattingContext.h:
19
20 2018-05-14  Wenson Hsieh  <wenson_hsieh@apple.com>
21
22         Unreviewed, fix the iOS build after r231779
23
24         Also address a minor in-person review comment by returning "extrazoom" instead of the empty string.
25
26         * page/DisabledAdaptations.cpp:
27         (WebCore::extraZoomModeAdaptationName):
28
29 2018-05-14  Zalan Bujtas  <zalan@apple.com>
30
31         [LFC] FormattingContext:computeOutOfFlowNonReplacedHeight/Width should use the computed margins/paddings/borders
32         https://bugs.webkit.org/show_bug.cgi?id=185633
33
34         Reviewed by Sam Weinig.
35
36         By the time we start computing height and width, DisplayBox should already have the computed values for margin/padding/border.
37
38         * layout/FormattingContext.cpp:
39         (WebCore::Layout::FormattingContext::computeOutOfFlowNonReplacedHeight const):
40         (WebCore::Layout::FormattingContext::computeOutOfFlowNonReplacedWidth const):
41         * layout/displaytree/DisplayBox.h:
42         (WebCore::Display::Box::paddingTop const):
43         (WebCore::Display::Box::paddingLeft const):
44         (WebCore::Display::Box::paddingBottom const):
45         (WebCore::Display::Box::paddingRight const):
46         (WebCore::Display::Box::borderTop const):
47         (WebCore::Display::Box::borderLeft const):
48         (WebCore::Display::Box::borderBottom const):
49         (WebCore::Display::Box::borderRight const):
50
51 2018-05-14  Wenson Hsieh  <wenson_hsieh@apple.com>
52
53         [Extra zoom mode] Google search results are excessively zoomed in
54         https://bugs.webkit.org/show_bug.cgi?id=185347
55         <rdar://problem/39999778>
56
57         Reviewed by Tim Horton.
58
59         It turns out that basing minimum layout size and shrink-to-fit behaviors off of the `shrink-to-fit` viewport
60         argument poses compatibility risks with web pages that already specify `shrink-to-fit` to opt out of default
61         viewport shrinking behaviors in 1/3 multitasking mode on iPad.
62
63         One way to resolve this is to introduce a new viewport meta content attribute to disable viewport heuristics in
64         extra zoom mode. However, combined shrink-to-fit and minimum device width behaviors are difficult to describe
65         using a single backwards-compatible viewport meta content attribute, and the need to suppress the default
66         behavior of `shrink-to-fit=no` if such an attribute is not disabled further muddles our viewport story.
67
68         After some internal deliberation, we’ve decided to experiment with a new meta tag named "disabled-adaptations".
69         The content of this meta tag is a comma-separated list of adaptation names; if an adaptation name matches a
70         known adaptation type (for instance, extra zoom mode), we disable the class of behaviors used to adapt web
71         content. The first and only known adaptation type is extra zoom mode, which affects `shrink-to-fit` and layout
72         size adjustments.
73
74         See per-method changes below for more details.
75
76         Test: fast/viewport/extrazoom/viewport-disable-extra-zoom-adaptations.html
77
78         * Sources.txt:
79         * WebCore.xcodeproj/project.pbxproj:
80         * dom/Document.cpp:
81         (WebCore::Document::processDisabledAdaptations):
82         * dom/Document.h:
83         (WebCore::Document::disabledAdaptations const):
84
85         Add disabled adaptations to Document. Changes to disabled adaptations are not propagated if the parsed disabled
86         adaptation types don't change; upon changing adaptation types, notify the client to adjust for the new disabled
87         adaptations (currently, this only affects the viewport configuration).
88
89         * dom/ViewportArguments.h:
90         * html/HTMLMetaElement.cpp:
91         (WebCore::HTMLMetaElement::process):
92         * html/parser/HTMLPreloadScanner.cpp:
93         (WebCore::TokenPreloadScanner::StartTagScanner::StartTagScanner):
94         (WebCore::TokenPreloadScanner::StartTagScanner::processAttributes):
95         (WebCore::TokenPreloadScanner::StartTagScanner::processAttribute):
96         * loader/FrameLoader.cpp:
97         (WebCore::FrameLoader::commitProvisionalLoad):
98
99         Restore the set of disabled adaptations when restoring a page from the cache.
100
101         * page/Chrome.cpp:
102         (WebCore::Chrome::dispatchDisabledAdaptationsDidChange const):
103         * page/Chrome.h:
104         * page/ChromeClient.h:
105
106         Add plumbing for changes to the set of disabled adaptations.
107
108         * page/DisabledAdaptations.cpp: Added.
109         (WebCore::extraZoomModeAdaptationName):
110         * page/DisabledAdaptations.h: Added.
111
112         Introduce a header containing a new enum for the extra zoom mode adaptation, as well as a helper function to
113         return the extra zoom mode adaptation name.
114
115         * page/Page.cpp:
116         (WebCore::Page::disabledAdaptations const):
117
118         Returns the mainframe's set of adaptations to disable.
119
120         * page/Page.h:
121         * page/RemoteFrame.h:
122         * page/RuntimeEnabledFeatures.h:
123         (WebCore::RuntimeEnabledFeatures::setDisabledAdaptationsMetaTagEnabled):
124         (WebCore::RuntimeEnabledFeatures::disabledAdaptationsMetaTagEnabled const):
125
126         Add a new runtime feature to gate handling the "disabled-adaptations" meta tag.
127
128         * page/ViewportConfiguration.cpp:
129         (WebCore::shouldOverrideShrinkToFitArgument):
130         (WebCore::needsUpdateAfterChangingDisabledAdaptations):
131         (WebCore::ViewportConfiguration::setDisabledAdaptations):
132         (WebCore::ViewportConfiguration::shouldOverrideDeviceWidthAndShrinkToFit const):
133
134         Consult whether or not extra zoom mode adaptations are disabled, instead of the shrink-to-fit attribute value.
135
136         (WebCore::ViewportConfiguration::updateConfiguration):
137         * page/ViewportConfiguration.h:
138
139         Add an OptionSet of disabled adaptation types to ViewportConfiguration. Updates to the adaptation type are
140         propagated to the ViewportConfiguration from Document, through the ChromeClient and the client layer (refer to
141         changes in WebKit). Once the OptionSet is changed, we recompute the viewport configuration only if needed by the
142         platform.
143
144         (WebCore::ViewportConfiguration::viewLayoutSize const):
145         (WebCore::ViewportConfiguration::disabledAdaptations const):
146         * page/WindowFeatures.cpp:
147         (WebCore::parseDisabledAdaptations):
148         * page/WindowFeatures.h:
149
150         Add a new helper to parse the meta content of a "disabled-adaptations" tag as an OptionSet of disabled
151         adaptation types. The string is parsed by first splitting on the comma character, and then iterating over lower
152         case, whitespace-stripped tokens to look for known adaptation names. So far, only extra zoom mode is supported.
153
154         * testing/Internals.cpp:
155         (WebCore::Internals::extraZoomModeAdaptationName const):
156         * testing/Internals.h:
157         * testing/Internals.idl:
158
159         Expose the extra zoom mode adaptation name to the DOM, only when running layout tests.
160
161 2018-05-14  Joanmarie Diggs  <jdiggs@igalia.com>
162
163         AX: Listbox and Combobox roles embedded in labels should participate in name calculation
164         https://bugs.webkit.org/show_bug.cgi?id=185521
165
166         Reviewed by Chris Fleizach.
167
168         Take selected children into account when computing the name in accessibleNameForNode.
169         Add ListBox to the roles for which accessibleNameDerivesFromContent returns false so
170         that native select elements with size > 1 are treated the same way as ARIA listbox.
171         Also add ListBox to the roles which are treated as controls when used in ARIA. Finally,
172         prevent labels which contain unrelated controls from being used as an AXTitleUIElement.
173         This causes us to build a string from the label and its descendants, ensuring the latter
174         participate in the name calculation.
175
176         Test: accessibility/text-alternative-calculation-from-listbox.html
177
178         * accessibility/AccessibilityLabel.cpp:
179         (WebCore::childrenContainUnrelatedControls):
180         (WebCore::AccessibilityLabel::containsUnrelatedControls const):
181         * accessibility/AccessibilityLabel.h:
182         * accessibility/AccessibilityNodeObject.cpp:
183         (WebCore::accessibleNameForNode):
184         * accessibility/AccessibilityObject.cpp:
185         (WebCore::AccessibilityObject::accessibleNameDerivesFromContent const):
186         (WebCore::AccessibilityObject::isARIAControl):
187         * accessibility/AccessibilityRenderObject.cpp:
188         (WebCore::AccessibilityRenderObject::exposesTitleUIElement const):
189         (WebCore::AccessibilityRenderObject::computeAccessibilityIsIgnored const):
190
191 2018-05-14  Antoine Quint  <graouts@apple.com>
192
193         [Web Animations] Tests using the new animation engine may crash under WebCore::FrameView::didDestroyRenderTree when using internals methods
194         https://bugs.webkit.org/show_bug.cgi?id=185612
195         <rdar://problem/39579344>
196
197         Reviewed by Dean Jackson.
198
199         Add a new internals.pseudoElement() method to obtain a pseudo element matching a given pseudo-id. This is necessary to be able to move off
200         internals.pauseTransitionAtTimeOnPseudoElement() and internals.pauseAnimationAtTimeOnPseudoElement() for Web Animations testing.
201
202         * testing/Internals.cpp:
203         (WebCore::Internals::pseudoElement):
204         * testing/Internals.h:
205         * testing/Internals.idl:
206
207 2018-05-14  Antoine Quint  <graouts@apple.com>
208
209         REGRESSION (r230574): Interrupted hardware transitions don't behave correctly
210         https://bugs.webkit.org/show_bug.cgi?id=185299
211         <rdar://problem/39630230>
212
213         Reviewed by Simon Fraser.
214
215         In r230574, the fix for webkit.org/b/184518, we changed the processing order in GraphicsLayerCA::updateAnimations() to first
216         process m_uncomittedAnimations and then m_animationsToProcess, so we are guaranteed animations exist before we attempt to pause
217         or seek them. This broke interrupting and resuming hardware animations (such as an interrupted CSS Transition or an animation
218         running in a non-visible tab) since a pause operation recorded _before_ an animation was added would be paused anyway since
219         the animation was now first added, and then paused. The fix is simply to clear any pending AnimationProcessingAction for a
220         newly-uncommitted animation.
221
222         Test: transitions/interrupted-transition-hardware.html
223
224         * platform/graphics/ca/GraphicsLayerCA.cpp:
225         (WebCore::GraphicsLayerCA::createAnimationFromKeyframes):
226         (WebCore::GraphicsLayerCA::appendToUncommittedAnimations):
227         (WebCore::GraphicsLayerCA::createTransformAnimationsFromKeyframes):
228         * platform/graphics/ca/GraphicsLayerCA.h:
229         (WebCore::GraphicsLayerCA::LayerPropertyAnimation::LayerPropertyAnimation):
230
231 2018-05-14  Thibault Saunier  <tsaunier@igalia.com>
232
233         [GStreamer] Fix style issue in MediaPlayerPrivateGStreamerBase
234         https://bugs.webkit.org/show_bug.cgi?id=185510
235
236         Reviewed by Philippe Normand.
237
238         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:629:  More than one command on the same line  [whitespace/newline] [4]
239         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:684:  More than one command on the same line  [whitespace/newline] [4]
240         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:807:  More than one command on the same line  [whitespace/newline] [4]
241
242         Indentation and style issue fixed only.
243
244         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
245         (WebCore::MediaPlayerPrivateGStreamerBase::volumeChangedCallback):
246         (WebCore::MediaPlayerPrivateGStreamerBase::muteChangedCallback):
247         (WebCore::MediaPlayerPrivateGStreamerBase::triggerRepaint):
248
249 2018-05-14  Zalan Bujtas  <zalan@apple.com>
250
251         [LFC] Implement height computation for non-replaced out of flow elements.
252         https://bugs.webkit.org/show_bug.cgi?id=185585
253
254         Reviewed by Antti Koivisto.
255
256         * layout/FormattingContext.cpp:
257         (WebCore::Layout::FormattingContext::computeHeight const):
258         (WebCore::Layout::FormattingContext::computeOutOfFlowHeight const):
259         (WebCore::Layout::FormattingContext::layoutOutOfFlowDescendants const):
260         (WebCore::Layout::FormattingContext::computeOutOfFlowNonReplacedHeight const):
261         (WebCore::Layout::FormattingContext::computeHeightForBlockFormattingContextRootWithAutoHeight const):
262         * layout/FormattingContext.h:
263         * layout/blockformatting/BlockFormattingContext.h:
264         * layout/displaytree/DisplayBox.h:
265
266 2018-05-14  Manuel Rego Casasnovas  <rego@igalia.com>
267
268         Renaming of overrides in LayoutBox
269         https://bugs.webkit.org/show_bug.cgi?id=185609
270
271         Reviewed by Javier Fernandez.
272
273         The names of the methods for the overrides were not consistent,
274         this patch fixes it by using the same structure in all the cases.
275
276         No new tests, no change of behavior.
277
278         * rendering/GridLayoutFunctions.cpp:
279         (WebCore::GridLayoutFunctions::hasOverrideContainingBlockContentSizeForChild):
280         * rendering/GridTrackSizingAlgorithm.cpp:
281         (WebCore::GridTrackSizingAlgorithmStrategy::logicalHeightForChild const):
282         * rendering/RenderBlock.cpp:
283         (WebCore::RenderBlock::computeChildPreferredLogicalWidths const):
284         (WebCore::RenderBlock::availableLogicalHeightForPercentageComputation const):
285         * rendering/RenderBlockFlow.cpp:
286         (WebCore::RenderBlockFlow::fitBorderToLinesIfNeeded):
287         * rendering/RenderBlockLineLayout.cpp:
288         (WebCore::RenderBlockFlow::updateRubyForJustifiedText):
289         * rendering/RenderBox.cpp:
290         (WebCore::RenderBox::willBeDestroyed):
291         (WebCore::RenderBox::hasOverrideContentLogicalHeight const):
292         (WebCore::RenderBox::hasOverrideContentLogicalWidth const):
293         (WebCore::RenderBox::setOverrideContentLogicalHeight):
294         (WebCore::RenderBox::setOverrideContentLogicalWidth):
295         (WebCore::RenderBox::clearOverrideContentLogicalHeight):
296         (WebCore::RenderBox::clearOverrideContentLogicalWidth):
297         (WebCore::RenderBox::clearOverrideContentSize):
298         (WebCore::RenderBox::overrideContentLogicalWidth const):
299         (WebCore::RenderBox::overrideContentLogicalHeight const):
300         (WebCore::RenderBox::overrideContainingBlockContentLogicalWidth const):
301         (WebCore::RenderBox::overrideContainingBlockContentLogicalHeight const):
302         (WebCore::RenderBox::hasOverrideContainingBlockContentLogicalWidth const):
303         (WebCore::RenderBox::hasOverrideContainingBlockContentLogicalHeight const):
304         (WebCore::RenderBox::setOverrideContainingBlockContentLogicalWidth):
305         (WebCore::RenderBox::setOverrideContainingBlockContentLogicalHeight):
306         (WebCore::RenderBox::clearOverrideContainingBlockContentSize):
307         (WebCore::RenderBox::clearOverrideContainingBlockContentLogicalHeight):
308         (WebCore::RenderBox::containingBlockLogicalWidthForContent const):
309         (WebCore::RenderBox::containingBlockLogicalHeightForContent const):
310         (WebCore::RenderBox::perpendicularContainingBlockLogicalHeight const):
311         (WebCore::RenderBox::computeLogicalWidthInFragment const):
312         (WebCore::RenderBox::computeLogicalHeight const):
313         (WebCore::RenderBox::computePercentageLogicalHeight const):
314         (WebCore::RenderBox::computeReplacedLogicalHeightUsing const):
315         (WebCore::RenderBox::availableLogicalHeightUsing const):
316         (WebCore::RenderBox::containingBlockLogicalWidthForPositioned const):
317         (WebCore::RenderBox::containingBlockLogicalHeightForPositioned const):
318         * rendering/RenderBox.h:
319         * rendering/RenderBoxModelObject.cpp:
320         (WebCore::RenderBoxModelObject::hasAutoHeightOrContainingBlockWithAutoHeight const):
321         * rendering/RenderDeprecatedFlexibleBox.cpp:
322         (WebCore::contentWidthForChild):
323         (WebCore::contentHeightForChild):
324         (WebCore::gatherFlexChildrenInfo):
325         (WebCore::RenderDeprecatedFlexibleBox::layoutHorizontalBox):
326         (WebCore::RenderDeprecatedFlexibleBox::layoutVerticalBox):
327         (WebCore::RenderDeprecatedFlexibleBox::applyLineClamp):
328         (WebCore::RenderDeprecatedFlexibleBox::clearLineClamp):
329         * rendering/RenderFlexibleBox.cpp:
330         (WebCore::RenderFlexibleBox::computeInnerFlexBaseSizeForChild):
331         (WebCore::RenderFlexibleBox::crossSizeForPercentageResolution):
332         (WebCore::RenderFlexibleBox::mainSizeForPercentageResolution):
333         (WebCore::RenderFlexibleBox::constructFlexItem):
334         (WebCore::RenderFlexibleBox::setOverrideMainAxisContentSizeForChild):
335         (WebCore::RenderFlexibleBox::applyStretchAlignmentToChild):
336         * rendering/RenderFullScreen.cpp:
337         (WebCore::RenderFullScreen::unwrapRenderer):
338         * rendering/RenderGrid.cpp:
339         (WebCore::RenderGrid::layoutBlock):
340         (WebCore::RenderGrid::layoutGridItems):
341         (WebCore::RenderGrid::applyStretchAlignmentToChildIfNeeded):
342         * rendering/RenderRubyBase.cpp:
343         (WebCore::RenderRubyBase::adjustInlineDirectionLineBounds const):
344         * rendering/RenderTableCell.cpp:
345         (WebCore::RenderTableCell::setOverrideContentLogicalHeightFromRowHeight):
346         * rendering/RenderTableCell.h:
347         * rendering/RenderTableSection.cpp:
348         (WebCore::RenderTableSection::calcRowLogicalHeight):
349         (WebCore::RenderTableSection::relayoutCellIfFlexed):
350
351 2018-05-14  Zalan Bujtas  <zalan@apple.com>
352
353         [LFC] Implement width computation for non-replaced out of flow elements.
354         https://bugs.webkit.org/show_bug.cgi?id=185598
355
356         Reviewed by Antti Koivisto.
357
358         * layout/FormattingContext.cpp:
359         (WebCore::Layout::FormattingContext::computeWidth const):
360         (WebCore::Layout::FormattingContext::computeOutOfFlowWidth const):
361         (WebCore::Layout::FormattingContext::layoutOutOfFlowDescendants const):
362         (WebCore::Layout::FormattingContext::computeOutOfFlowNonReplacedWidth const):
363         (WebCore::Layout::FormattingContext::shrinkToFitWidth const):
364         * layout/FormattingContext.h:
365         * layout/blockformatting/BlockFormattingContext.cpp:
366         (WebCore::Layout::BlockFormattingContext::layout const):
367         * layout/displaytree/DisplayBox.h:
368
369 2018-05-14  Zan Dobersek  <zdobersek@igalia.com>
370
371         Drop the m_compositorTexture member variable in TextureMapperGC3DPlatformLayer.
372         It's not used at all inside the class or outside it.
373
374         Rubber-stamped by Michael Catanzaro.
375
376         * platform/graphics/texmap/TextureMapperGC3DPlatformLayer.h:
377
378 2018-05-14  Zan Dobersek  <zdobersek@igalia.com>
379
380         [GTK] REGRESSION(r231170) Build broken with Clang 5.0
381         https://bugs.webkit.org/show_bug.cgi?id=185198
382
383         Reviewed by Michael Catanzaro.
384
385         Avoid gperf files using the register keyword which has been made
386         reserved and as such unusable in C++17.
387
388         * css/makeSelectorPseudoClassAndCompatibilityElementMap.py:
389         * css/makeSelectorPseudoElementsMap.py:
390         * css/makeprop.pl:
391         * css/makevalues.pl:
392         * platform/ColorData.gperf:
393         * platform/ReferrerPolicy.h: With std::optional forward declaration
394         gone, explicitly include the WTF Optional.h header.
395         * platform/Theme.h: Ditto.
396         * platform/network/create-http-header-name-table:
397
398 2018-05-14  Commit Queue  <commit-queue@webkit.org>
399
400         Unreviewed, rolling out r219515.
401         https://bugs.webkit.org/show_bug.cgi?id=185603
402
403         It sometimes makes AudioUnitInitialize call to fail in
404         CoreAudioCaptureSource (Requested by youenn on #webkit).
405
406         Reverted changeset:
407
408         "Remove CoreAudioCaptureSource speaker configuration"
409         https://bugs.webkit.org/show_bug.cgi?id=174512
410         https://trac.webkit.org/changeset/219515
411
412 2018-05-13  Dirk Schulze  <krit@webkit.org>
413
414         Implement SVGGeometryElement's isPointInFill and isPointInStroke
415         https://bugs.webkit.org/show_bug.cgi?id=185580
416
417         Reviewed by Antti Koivisto.
418
419         Implement isPointInFill and isPointInStroke methods for
420         SVGGeometryElement interface from SVG2.
421
422         https://svgwg.org/svg2-draft/types.html#InterfaceSVGGeometryElement
423
424         Tests: svg/dom/SVGGeometry-isPointInFill.xhtml
425                svg/dom/SVGGeometry-isPointInStroke.xhtml
426
427         * rendering/svg/RenderSVGEllipse.cpp:
428         (WebCore::RenderSVGEllipse::shapeDependentStrokeContains): Flag
429                 to switch between local and "global" coordinate space for hit testing.
430         * rendering/svg/RenderSVGEllipse.h:
431         * rendering/svg/RenderSVGPath.cpp:
432         (WebCore::RenderSVGPath::shapeDependentStrokeContains): Flag
433                 to switch between local and "global" coordinate space for hit testing.
434         * rendering/svg/RenderSVGPath.h:
435         * rendering/svg/RenderSVGRect.cpp:
436         (WebCore::RenderSVGRect::shapeDependentStrokeContains): Flag
437                 to switch between local and "global" coordinate space for hit testing.
438         * rendering/svg/RenderSVGRect.h:
439         * rendering/svg/RenderSVGShape.cpp:
440         (WebCore::RenderSVGShape::shapeDependentStrokeContains): Flag
441                 to switch between local and "global" coordinate space for hit testing.
442         (WebCore::RenderSVGShape::isPointInFill): Take the winding rule given by
443                 `fill-rule` to test if a given point is in the fill area of a path.
444         (WebCore::RenderSVGShape::isPointInStroke): Take stroke properties into
445                 account to check if a point is on top of the stroke area.
446         * rendering/svg/RenderSVGShape.h:
447         * svg/SVGGeometryElement.cpp:
448         (WebCore::SVGGeometryElement::isPointInFill):
449         (WebCore::SVGGeometryElement::isPointInStroke):
450         (WebCore::SVGGeometryElement::createElementRenderer): Deleted. This is getting implemented
451                 by inheriting classes. No need to create RenderSVGPath here.
452         * svg/SVGGeometryElement.h:
453         * svg/SVGGeometryElement.idl:
454
455 2018-05-12  Zalan Bujtas  <zalan@apple.com>
456
457         Use WeakPtr for m_enclosingPaginationLayer in RenderLayer
458         https://bugs.webkit.org/show_bug.cgi?id=185566
459         <rdar://problem/36486052>
460
461         Reviewed by Simon Fraser.
462
463         Since RenderLayer does not own the enclosing pagination layout, it should
464         construct a weak pointer instead of holding on to a raw pointer.
465
466         Unable to create a reliably reproducible test case.
467
468         * page/mac/EventHandlerMac.mm:
469         (WebCore::scrollableAreaForEventTarget):
470         (WebCore::scrollableAreaForContainerNode):
471         (WebCore::EventHandler::platformPrepareForWheelEvents):
472         * platform/ScrollableArea.h:
473         (WebCore::ScrollableArea::weakPtrFactory const):
474         (WebCore::ScrollableArea::createWeakPtr): Deleted.
475         * rendering/RenderLayer.cpp:
476         (WebCore::RenderLayer::RenderLayer):
477         (WebCore::RenderLayer::updatePagination):
478         * rendering/RenderLayer.h:
479
480 2018-05-11  Daniel Bates  <dabates@apple.com>
481
482         X-Frame-Options: SAMEORIGIN needs to check all ancestor frames
483         https://bugs.webkit.org/show_bug.cgi?id=185567
484         <rdar://problem/40175008>
485
486         Reviewed by Brent Fulgham.
487
488         Change the behavior of "X-Frame-Options: SAMEORIGIN" to ensure that all ancestors frames
489         are same-origin with the document that delivered this header. This prevents an intermediary
490         malicious frame from clickjacking a child frame whose document is same-origin with the top-
491         level frame. It also makes the behavior of X-Frame-Options in WebKit more closely match
492         the behavior of X-Frame-Options in other browsers, including Chrome and Firefox.
493         
494         Currently a document delivered with "X-Frame-Options: SAMEORIGIN" must only be same-origin
495         with the top-level frame's document in order to be displayed. This prevents clickjacking by
496         a malicious page that embeds a page delivered with "X-Frame-Options: SAMEORIGIN". However,
497         it does not protect against clickjacking of the "X-Frame-Options: SAMEORIGIN" page (victim)
498         if embedded by an intermediate malicious iframe, say a "rogue ad", that was embedded in a
499         document same origin with the victim page. We should protect against such attacks. 
500
501         Tests: http/tests/security/XFrameOptions/x-frame-options-ancestors-same-origin-allow.html
502                http/tests/security/XFrameOptions/x-frame-options-ancestors-same-origin-deny.html
503
504         * loader/FrameLoader.cpp:
505         (WebCore::FrameLoader::shouldInterruptLoadForXFrameOptions):
506
507 2018-05-11  Daniel Bates  <dabates@apple.com>
508
509         [iOS] Text decoration of dragged content does not paint with opacity
510         https://bugs.webkit.org/show_bug.cgi?id=185551
511         <rdar://problem/40166867>
512
513         Reviewed by Wenson Hsieh.
514
515         Respect alpha when painting the text decoration for dragged content.
516
517         * rendering/InlineTextBox.cpp:
518         (WebCore::InlineTextBox::MarkedTextStyle::areDecorationMarkedTextStylesEqual): Consider alpha when
519         comparing decoration styles for equality so that we do not coalesce styles with differing alpha.
520         (WebCore::InlineTextBox::paintMarkedTextDecoration): Respect alpha when painting dragged content.
521
522 2018-05-11  Nan Wang  <n_wang@apple.com>
523
524         AX: In role=dialog elements with aria-modal=true VoiceOver iOS/macOS can't manually focus or read dialog paragraph description text inside the modal.
525         https://bugs.webkit.org/show_bug.cgi?id=185219
526         <rdar://problem/39920009>
527
528         Reviewed by Chris Fleizach.
529
530         The text node descendants of a modal dialog are ignored. Fixed it by using AccessibilityObject's 
531         node() to determine if it's the descendant of the modal dialog node.
532
533         Test: accessibility/aria-modal-text-descendants.html
534
535         * accessibility/AccessibilityObject.cpp:
536         (WebCore::AccessibilityObject::isModalDescendant const):
537
538 2018-05-11  Ryosuke Niwa  <rniwa@webkit.org>
539
540         Tapping after CSS-based table casues an infinite loop in wordRangeFromPosition
541         https://bugs.webkit.org/show_bug.cgi?id=185465
542         <rdar://problem/35263057>
543
544         Reviewed by Antti Koivisto.
545
546         The bug was caused by TextIterator not emitting a line break when exiting a CSS-based table when an element
547         with `display: table-row` has an invisible text node. Specifically, TextIterator::exitNode is never called on
548         an element with `table-cell: row` when m_node is a text node with whitespaces which appears after an element
549         with `display: table-cell`.
550
551         For example, for a tree structure like:
552         table-row (R)
553           table-cell (C)
554             "text" (1)
555           " " (2)
556         Getting out of (C) would result in moving onto (2) without generating a line break for (R).
557
558         When this happens in nextBoundary as it tries to find the end of the last word in the table cell, we end up
559         finding the end of the document as the end of the word. As a result, nextWordBoundaryInDirection, the caller
560         of nextBoundary, ends up infinite looping between the positon at the end of the document and the position
561         immediately before the last word in the last table cell when it traverses words backwards.
562
563         This patch fixes the hang by addressing this root cause in TextIterator. Namely, TextIterator now generates
564         a line break when exiting a block while walking up ancestors in TextIterator::advance().
565
566         Tests: editing/selection/tapping-in-table-at-end-of-document.html
567                editing/text-iterator/table-at-end-of-document.html
568
569         * editing/TextIterator.cpp:
570         (WebCore::TextIterator::advance): Fixed the bug.
571         (WebCore::shouldEmitNewlineAfterNode): Do generate a new line at the end of a document when we're trying to
572         generate every visible poitions even there are no renderers beyond this point. e.g. a position inside the
573         last cell of a table at the end of a document hits this condition.
574         (WebCore::shouldEmitExtraNewlineForNode): Don't emit a line break when the render box's height is 0px
575         to avoid generating many empty lines for empty paragraph and header elements (this function is used to generate
576         a blank line between p's and h1/h2/...'s).
577         (WebCore::TextIterator::exitNode):
578
579 2018-05-11  Dean Jackson  <dino@apple.com>
580
581         System preview badge doesn't show on <picture> elements
582         https://bugs.webkit.org/show_bug.cgi?id=185559
583         <rdar://problem/40150066>
584
585         Reviewed by Tim Horton.
586
587         We should also identify <img>s that are the child of a <picture>
588         contained inside the appropriate <a> element.
589
590         Tested internally, since the badge is platform specific.
591
592         * html/HTMLImageElement.cpp:
593         (WebCore::HTMLImageElement::isSystemPreviewImage const): Add logic
594         to look for <picture> parents.
595
596 2018-05-11  Chris Dumez  <cdumez@apple.com>
597
598         REGRESSION (async policy delegate): Revoking an object URL immediately after triggering download breaks file download
599         https://bugs.webkit.org/show_bug.cgi?id=185531
600         <rdar://problem/39909589>
601
602         Reviewed by Geoffrey Garen.
603
604         Whenever we start an asynchronous navigation policy decision for a blob URL, create a temporary
605         blob URL pointing to the same data, and update the request's URL. This way, if the page's JS revokes
606         the URL during the policy decision, the load will still succeed.
607
608         Test: fast/dom/HTMLAnchorElement/anchor-file-blob-download-then-revoke.html
609
610         * loader/DocumentLoader.cpp:
611         (WebCore::DocumentLoader::willSendRequest):
612         * loader/FrameLoader.cpp:
613         (WebCore::FrameLoader::loadURL):
614         (WebCore::FrameLoader::load):
615         (WebCore::FrameLoader::loadPostRequest):
616         * loader/PolicyChecker.cpp:
617         (WebCore::PolicyChecker::extendBlobURLLifetimeIfNecessary const):
618         (WebCore::PolicyChecker::checkNavigationPolicy):
619         (WebCore::PolicyChecker::checkNewWindowPolicy):
620         * loader/PolicyChecker.h:
621
622 2018-05-11  Antti Koivisto  <antti@apple.com>
623
624         LinkLoader fails to remove CachedResourceClient in some cases
625         https://bugs.webkit.org/show_bug.cgi?id=185553
626         <rdar://problem/36879656>
627
628         Reviewed by Geoffrey Garen.
629
630         Test: http/tests/preload/link-preload-client-remove.html
631
632         * loader/LinkLoader.cpp:
633         (WebCore::LinkLoader::loadLink):
634
635         If there is a link preload already in progress, we fail to clear the client for the ongoing load.
636         This may leave the CachedResource client map in a bad state.
637
638 2018-05-11  Charles Vazac  <cvazac@gmail.com>
639
640         Runtime feature flag for Server-Timing
641         https://bugs.webkit.org/show_bug.cgi?id=184758
642
643         Reviewed by Youenn Fablet.
644
645         * Source/WebCore/CMakeLists.txt: Added reference to PerformanceServerTiming.idl.
646         * Source/WebCore/DerivedSources.make: Added reference to PerformanceServerTiming.idl.
647         * Source/WebCore/Sources.txt: Added reference to PerformanceServerTiming.cpp and JSPerformanceServerTiming.cpp.
648         * Source/WebCore/WebCore.xcodeproj/project.pbxproj: Added references to PerformanceServerTiming.cpp, PerformanceServerTiming.h, and PerformanceServerTiming.idl.
649         * Source/WebCore/bindings/js/WebCoreBuiltinNames.h: Added PerformanceServerTiming.
650         * Source/WebCore/page/PerformanceResourceTiming.h: Added serverTiming member.
651         * Source/WebCore/page/PerformanceResourceTiming.idl: Added serverTiming attribute.
652         * Source/WebCore/page/PerformanceServerTiming.cpp: Added.
653         * Source/WebCore/page/PerformanceServerTiming.h: Added.
654         * Source/WebCore/page/PerformanceServerTiming.idl: Added.
655
656 2018-05-11  Brady Eidson  <beidson@apple.com>
657
658         Make sure history navigations reuse the existing process when necessary.
659         <rdar://problem/39746516> and https://bugs.webkit.org/show_bug.cgi?id=185532
660
661         Reviewed by Ryosuke Niwa.
662
663         Covered by new API tests.
664
665         In WebCore-land, make sure *all* NavigationActions to a back/forward item are tagged with
666         the item identifier.
667
668         * history/HistoryItem.cpp:
669         (WebCore::HistoryItem::HistoryItem):
670         (WebCore::HistoryItem::logString const):
671         * history/HistoryItem.h:
672
673         * loader/FrameLoader.cpp:
674         (WebCore::FrameLoader::loadDifferentDocumentItem):
675
676         * loader/NavigationAction.cpp:
677         (WebCore::NavigationAction::setTargetBackForwardItem):
678
679         * loader/NavigationAction.h:
680         (WebCore::NavigationAction::targetBackForwardItemIdentifier const):
681
682 2018-05-11  Yacine Bandou  <yacine.bandou_ext@softathome.com>
683
684         [EME][GStreamer] Handle the protection event in MediaPlayerPrivate
685         https://bugs.webkit.org/show_bug.cgi?id=185535
686
687         Reviewed by Xabier Rodriguez-Calvar.
688
689         This patch is based on this calvaris's commit
690         https://github.com/WebPlatformForEmbedded/WPEWebKit/commit/d966168b0d2b65f9ca9415426e26d3752c78b03e
691
692         It adds a handler for the protection event in MediaPalyerPrivateGStreamerBase, it extracts the InitData from the event
693         and sends the encrypted event to JS via HTMLMediaElement.
694         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
695         (WebCore::MediaPlayerPrivateGStreamerBase::initializationDataEncountered):
696         (WebCore::MediaPlayerPrivateGStreamerBase::handleProtectionEvent):
697         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
698         * platform/graphics/gstreamer/eme/GStreamerEMEUtilities.h: Add a new type InitData.
699
700 2018-05-11  Basuke Suzuki  <Basuke.Suzuki@sony.com>
701
702         [Curl] Make the cipher suites, the signing algorithms and the curve lists configurable.
703         https://bugs.webkit.org/show_bug.cgi?id=185139
704
705         Add interface to configure the cipher suites, the signing algorithms and the curve lists 
706         used by OpenSSL and libcurl to exchange, to sign or to verify keys.
707
708         Reviewed by Youenn Fablet.
709
710         No new tests in public. Have tested internally.
711
712         * platform/network/curl/CurlContext.cpp:
713         (WebCore::CurlHandle::setSslCipherList):
714         * platform/network/curl/CurlContext.h:
715         * platform/network/curl/CurlRequest.cpp:
716         (WebCore::CurlRequest::setupTransfer):
717         (WebCore::CurlRequest::willSetupSslCtx):
718         * platform/network/curl/CurlSSLHandle.cpp:
719         (WebCore::CurlSSLHandle::getCACertPathEnv):
720         * platform/network/curl/CurlSSLHandle.h:
721         (WebCore::CurlSSLHandle::getCipherList const):
722         (WebCore::CurlSSLHandle::getSignatureAlgorithmsList const):
723         (WebCore::CurlSSLHandle::getCurvesList const):
724         (WebCore::CurlSSLHandle::setCipherList):
725         (WebCore::CurlSSLHandle::setSignatureAlgorithmsList):
726         (WebCore::CurlSSLHandle::setCurvesList):
727         (WebCore::CurlSSLHandle::getCACertPath const):
728         (WebCore::CurlSSLHandle::setCACertPath):
729         * platform/network/curl/CurlSSLVerifier.cpp:
730         (WebCore::CurlSSLVerifier::CurlSSLVerifier):
731
732 2018-05-10  Daniel Bates  <dabates@apple.com>
733
734         Use PlatformStrategies to switch between WebKit and WebKitLegacy checking of CSP frame-ancestors and X-Frame-Options
735         https://bugs.webkit.org/show_bug.cgi?id=185412
736
737         Reviewed by Ryosuke Niwa.
738
739         Consolidate the knowledge on how to determine whether security checks were performed on a ResourceResponse
740         into LoaderStrategy::havePerformedSecurityChecks() (default implementation returns false) and query it
741         to determine whether CSP frame-ancestors and X-Frame-Options need to be checked for a ResourceResponse.
742
743         Additionally, rename LoaderStrategy::isDoingLoadingSecurityChecks() to shouldPerformSecurityChecks()
744         for consistency with havePerformedSecurityChecks(). Querying shouldPerformSecurityChecks() answers the
745         question of whether the loader strategy is responsible for performing security checks when building up
746         a ResourceRequest to have the loader strategy load. And LoaderStrategy::havePerformedSecurityChecks()
747         is used to determine whether the loader strategy performed these security checks for a given ResourceResponse.
748
749         * inspector/agents/InspectorNetworkAgent.cpp:
750         (WebCore::InspectorNetworkAgent::didReceiveResponse):
751         (WebCore::InspectorNetworkAgent::didFinishLoading):
752         (WebCore::isResponseProbablyComingFromNetworkProcess): Deleted.
753         * loader/DocumentLoader.cpp:
754         (WebCore::DocumentLoader::responseReceived):
755         * loader/DocumentThreadableLoader.cpp:
756         (WebCore::shouldPerformSecurityChecks):
757         (WebCore::DocumentThreadableLoader::shouldSetHTTPHeadersToKeep const):
758         (WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequest):
759         (WebCore::DocumentThreadableLoader::makeSimpleCrossOriginAccessRequest):
760         (WebCore::DocumentThreadableLoader::redirectReceived):
761         (WebCore::DocumentThreadableLoader::didFail):
762         (WebCore::DocumentThreadableLoader::loadRequest):
763         (WebCore::isDoingSecurityChecksInNetworkProcess): Deleted.
764         (WebCore::isResponseComingFromNetworkProcess): Deleted.
765         * loader/LoaderStrategy.cpp:
766         * loader/LoaderStrategy.h:
767         * page/Settings.yaml: Remove setting networkProcessCSPFrameAncestorsCheckingEnabled as we now make
768         use of the loader strategy to determine whether to perform CSP frame-ancestors and X-Frame-Options
769         checking in DocumentLoader.
770         * platform/network/ResourceResponseBase.h:
771         (WebCore::ResourceResponseBase::setSource): Added an ASSERT to catch the programming error of setting
772         source to ResourceResponse::Source::Unknown. This source type represents an uninitialized ResourceResponse.
773
774 2018-05-10  Tim Horton  <timothy_horton@apple.com>
775
776         Lookup sometimes shows a second yellow highlight on top of WebKit's TextIndicator
777         https://bugs.webkit.org/show_bug.cgi?id=185538
778         <rdar://problem/38817825>
779
780         Reviewed by Sam Weinig.
781
782         * editing/mac/DictionaryLookup.mm:
783         (WebCore::showPopupOrCreateAnimationController):
784         Options can be nil, in which case we can't mutableCopy it and add
785         LUTermOptionDisableSearchTermIndicator. Instead, create a new dictionary,
786         and add the items from options, if it's not nil.
787
788 2018-05-10  Matt Baker  <mattbaker@apple.com>
789
790         Web Inspector: ASSERT_NOT_REACHED in PageDebuggerAgent::didAddEventListener when page adds attribute event listener
791         https://bugs.webkit.org/show_bug.cgi?id=181580
792         <rdar://problem/36461309>
793
794         Reviewed by Brian Burg.
795
796         EventTarget should pass newly added EventListeners to InspectorInstrumentation,
797         instead of PageDebuggerAgent assuming the last item in the EventListenerVector
798         is the most recently added listener. This assumption does not hold when
799         the new listener replaces an existing listener.
800
801         * dom/EventTarget.cpp:
802         (WebCore::EventTarget::addEventListener):
803         (WebCore::EventTarget::setAttributeEventListener):
804
805         * inspector/InspectorInstrumentation.cpp:
806         (WebCore::InspectorInstrumentation::didAddEventListenerImpl):
807
808         * inspector/InspectorInstrumentation.h:
809         (WebCore::InspectorInstrumentation::didAddEventListener):
810
811         * inspector/agents/page/PageDebuggerAgent.cpp:
812         (WebCore::PageDebuggerAgent::didAddEventListener):
813         * inspector/agents/page/PageDebuggerAgent.h:
814
815 2018-05-10  Chris Dumez  <cdumez@apple.com>
816
817         'Cross-Origin-Options header implementation follow-up
818         https://bugs.webkit.org/show_bug.cgi?id=185520
819
820         Reviewed by Ryosuke Niwa.
821
822         * dom/Document.cpp:
823         * dom/Document.h:
824         * loader/FrameLoader.cpp:
825         (WebCore::FrameLoader::didBeginDocument):
826         Using isNull() check is sufficient here as the header parsing
827         function will do the right thing when passed the empty string.
828         Also set the options directly on the window instead of the
829         document. The window is guaranteed to have been constructed
830         by then because didBeginDocument() is called DocumentWriter::begin()
831         which calls Document::createDOMWindow() or Document::takeDOMWindowFrom().
832
833         * page/AbstractDOMWindow.cpp:
834         (WebCore::AbstractDOMWindow::AbstractDOMWindow):
835         * page/AbstractDOMWindow.h:
836         * page/DOMWindow.cpp:
837         (WebCore::DOMWindow::DOMWindow):
838         (WebCore::DOMWindow::didSecureTransitionTo):
839         * page/RemoteDOMWindow.cpp:
840         (WebCore::RemoteDOMWindow::RemoteDOMWindow):
841         * page/RemoteDOMWindow.h:
842         CrossOriginOptions are now stored only on the Window, not the Document.
843
844         * platform/network/HTTPParsers.cpp:
845         (WebCore::parseCrossOriginOptionsHeader):
846         Drop strippedHeader local variable as it is not strictly needed.
847
848 2018-05-10  Tim Horton  <timothy_horton@apple.com>
849
850         Fix the build after r231393
851         https://bugs.webkit.org/show_bug.cgi?id=185519
852         <rdar://problem/40131741>
853
854         Reviewed by Simon Fraser.
855
856         * Configurations/WebCore.xcconfig:
857
858 2018-05-10  Eric Carlson  <eric.carlson@apple.com>
859
860         Log missing cues correctly
861         https://bugs.webkit.org/show_bug.cgi?id=185499
862         <rdar://problem/40113821>
863
864         Reviewed by Daniel Bates.
865
866         No new tests, tested manually.
867
868         * html/track/InbandGenericTextTrack.cpp:
869         (WebCore::InbandGenericTextTrack::removeGenericCue): Log the cue we searched for, not
870         the NULL cue.
871
872 2018-05-10  Zalan Bujtas  <zalan@apple.com>
873
874         [LFC] Implement height computation for non-replaced inflow elements.
875         https://bugs.webkit.org/show_bug.cgi?id=185474
876
877         Reviewed by Antti Koivisto.
878
879         Initial implementation. Does not cover all the cases.
880
881         * layout/FormattingContext.cpp:
882         (WebCore::Layout::FormattingContext::computeHeight const):
883         * layout/FormattingContext.h:
884         * layout/blockformatting/BlockFormattingContext.cpp:
885         (WebCore::Layout::BlockFormattingContext::layout const):
886         (WebCore::Layout::BlockFormattingContext::computeInFlowHeight const):
887         (WebCore::Layout::BlockFormattingContext::computeInFlowNonReplacedHeight const):
888         * layout/blockformatting/BlockFormattingContext.h:
889         * layout/blockformatting/BlockMarginCollapse.cpp:
890         (WebCore::Layout::collapsedMarginBottomFromLastChild):
891         (WebCore::Layout::BlockMarginCollapse::isMarginBottomCollapsedWithParent):
892         (WebCore::Layout::BlockMarginCollapse::isMarginTopCollapsedWithParentMarginBottom):
893         (WebCore::Layout::isMarginBottomCollapsedWithParent): Deleted.
894         * layout/blockformatting/BlockMarginCollapse.h:
895         * layout/inlineformatting/InlineFormattingContext.cpp:
896         (WebCore::Layout::InlineFormattingContext::computeInFlowHeight const):
897         * layout/inlineformatting/InlineFormattingContext.h:
898         * layout/layouttree/LayoutBox.cpp:
899         (WebCore::Layout::Box::isReplaced const):
900         * layout/layouttree/LayoutBox.h:
901
902 2018-05-10  Thibault Saunier  <tsaunier@igalia.com>
903
904         [GTK] Implement ImageBuffer::toBGRAData
905         https://bugs.webkit.org/show_bug.cgi?id=185511
906
907         Reviewed by Michael Catanzaro.
908
909         This was never implemented but will be required for the MediaStream API
910         tests.
911
912         * platform/graphics/ImageBuffer.cpp:
913         (WebCore::ImageBuffer::toBGRAData const):
914         * platform/graphics/cg/ImageBufferCG.cpp:
915         (WebCore::ImageBuffer::toBGRAData const):
916         * platform/graphics/gtk/ImageBufferGtk.cpp:
917         (WebCore::ImageBuffer::toBGRAData const):
918
919 2018-05-10  Yacine Bandou  <yacine.bandou_ext@softathome.com>
920
921         [EME][GStreamer] Add a handler for GStreamer protection event
922         https://bugs.webkit.org/show_bug.cgi?id=185245
923
924         Reviewed by Xabier Rodriguez-Calvar.
925
926         Qtdemux sends the protection event when encountered a new PSSH box (encrypted content).
927
928         The Decryptor is moved from AppendPipeline to PlaybackPipeline (see https://bugs.webkit.org/show_bug.cgi?id=181855),
929         thus the protection event is no longer handled because the Decryptor is not in the same pipeline as qtdemux.
930
931         AppendPipeline: httpsrc-->qtdemux-->appsink
932         PlaybackPipeline: appsrc-->parser--> decryptor-->decoder-->sink
933
934         This patch attaches a probe to the sink pad of the appsink in the appendPipeline in order to
935         catch and manage the protection event.
936
937         * platform/graphics/gstreamer/mse/AppendPipeline.cpp:
938         (WebCore::AppendPipeline::AppendPipeline):
939         (WebCore::AppendPipeline::~AppendPipeline):
940         (WebCore::appendPipelineAppsinkPadEventProbe):
941         * platform/graphics/gstreamer/mse/AppendPipeline.h:
942         (WebCore::AppendPipeline::playerPrivate):
943
944 2018-05-10  Yacine Bandou  <yacine.bandou_ext@softathome.com>
945
946         [EME][GStreamer] Move the decryptor from AppendPipeline to PlaybackPipeline.
947         https://bugs.webkit.org/show_bug.cgi?id=181855
948
949         Reviewed by Xabier Rodriguez-Calvar.
950
951         The goal of this move is to handle the limitation of SVP (Secure Video Path) memory size.
952
953         When the decryptor is in the AppendPipeline and we use SVP, we buffer in MediaSource queue
954         the decrypted GstBuffers that are in SVP memory.
955         This behavior cause an out-of-memory error, because we are limited in SVP memory size.
956
957         By moving the decryptor in PlaybackPipeline, we avoid to buffer the decrypted GstBuffers
958         which use the SVP memory and we buffer the encrypted GstBuffers that are in system memory.
959
960         This new architecture also allows to start the buffering before obtaining the DRM license
961         and it makes easier to manage dynamic change of the license or Key.
962
963         The decryptor is auto plugged by GStreamer playbin in PlaybackPipeline.
964
965         SVP: Secure Video Path also named trusted or protected video path, it is a memory which is
966         protected by a hardware access control engine, it is not accessible to other unauthorised
967         software or hardware components.
968
969         Tests:
970             media/encrypted-media/clearKey/clearKey-cenc-audio-playback-mse.html
971             media/encrypted-media/clearKey/clearKey-cenc-video-playback-mse.html
972
973         * platform/graphics/gstreamer/eme/WebKitCommonEncryptionDecryptorGStreamer.cpp:
974         (webkitMediaCommonEncryptionDecryptSinkEventHandler):
975         * platform/graphics/gstreamer/mse/AppendPipeline.cpp:
976         (WebCore::dumpAppendState):
977         (WebCore::AppendPipeline::AppendPipeline):
978         (WebCore::AppendPipeline::handleNeedContextSyncMessage):
979         (WebCore::AppendPipeline::handleAppsrcNeedDataReceived):
980         (WebCore::AppendPipeline::setAppendState):
981         (WebCore::AppendPipeline::parseDemuxerSrcPadCaps):
982         (WebCore::AppendPipeline::appsinkNewSample):
983         (WebCore::AppendPipeline::connectDemuxerSrcPadToAppsinkFromAnyThread):
984         (WebCore::AppendPipeline::disconnectDemuxerSrcPadFromAppsinkFromAnyThread):
985         (WebCore::appendPipelineElementMessageCallback): Deleted.
986         (WebCore::AppendPipeline::handleElementMessage): Deleted.
987         (WebCore::AppendPipeline::dispatchPendingDecryptionStructure): Deleted.
988         (WebCore::AppendPipeline::dispatchDecryptionStructure): Deleted.
989         * platform/graphics/gstreamer/mse/AppendPipeline.h:
990         * platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:
991         (WebCore::MediaPlayerPrivateGStreamerMSE::attemptToDecryptWithInstance):
992         * platform/graphics/gstreamer/mse/PlaybackPipeline.cpp:
993
994 2018-05-09  Nan Wang  <n_wang@apple.com>
995
996         AX: VoiceOver iframe scrolling focus jumping bug
997         https://bugs.webkit.org/show_bug.cgi?id=176615
998         <rdar://problem/34333067>
999
1000         Reviewed by Chris Fleizach.
1001
1002         Scrolling to make elements visible is not working correctly for elements inside an
1003         offscreen iframe. Fixed it by using RenderLayer::scrollRectToVisible() to handle
1004         scrolling more properly.
1005
1006         Test: accessibility/scroll-to-make-visible-iframe-offscreen.html
1007
1008         * accessibility/AccessibilityObject.cpp:
1009         (WebCore::AccessibilityObject::scrollToMakeVisible const):
1010
1011 2018-05-09  Joanmarie Diggs  <jdiggs@igalia.com>
1012
1013         AX: accessibleNameForNode should simplify whitespace when using innerText
1014         https://bugs.webkit.org/show_bug.cgi?id=185498
1015
1016         Reviewed by Chris Fleizach.
1017
1018         Test: accessibility/text-alternative-calculation-from-unrendered-table.html
1019
1020         Call simplifyWhiteSpace() before returning the innerText value.
1021
1022         * accessibility/AccessibilityNodeObject.cpp:
1023         (WebCore::accessibleNameForNode):
1024
1025 2018-05-09  Chris Dumez  <cdumez@apple.com>
1026
1027         Add initial support for 'Cross-Origin-Options' HTTP response header
1028         https://bugs.webkit.org/show_bug.cgi?id=184996
1029         <rdar://problem/39664620>
1030
1031         Reviewed by Geoff Garen.
1032
1033         Add initial support for 'Cross-Origin-Options' HTTP response header behind an experimental
1034         feature flag, on by default. When the HTTP server services this HTTP response header for a
1035         main resource, we'll set these options on the corresponding Document. This will impact the
1036         behavior of the Document's associated Window API when cross-origin.
1037
1038         The HTTP header has 3 possible values:
1039         - allow: This is the default. Regular cross-origin Window API is available.
1040         - allow-postmessage: Only postMessage() is available on a cross-origin window, trying to
1041           access anything else will throw a SecurityError.
1042         - deny: Trying to do anything with a cross-origin window will throw a SecurityError.
1043
1044         The header has no effect when accessing same origin windows.
1045
1046         Note that on cross-origin access from Window A to Window B, we check the cross-origin
1047         options for both Window A and Window B and use the lowest common denominator as effective
1048         cross-origin options for the access. So if Window A has 'Cross-Origin-Options: deny' and
1049         tries to call postMessage() on Window B which has 'Cross-Origin-Options: allow-postmessage',
1050         we will throw a SecurityError. This is because Window A's more restrictive options (deny)
1051         apply.
1052
1053         Tests: http/wpt/cross-origin-options/allow-postmessage-from-deny.html
1054                http/wpt/cross-origin-options/allow-postmessage.html
1055                http/wpt/cross-origin-options/cross-origin-options-header.html
1056
1057         * bindings/js/JSDOMBindingSecurity.cpp:
1058         (WebCore::BindingSecurity::shouldAllowAccessToDOMWindowGivenMinimumCrossOriginOptions):
1059         * bindings/js/JSDOMBindingSecurity.h:
1060         * bindings/js/JSDOMWindowCustom.cpp:
1061         (WebCore::effectiveCrossOriginOptionsForAccess):
1062         (WebCore::jsDOMWindowGetOwnPropertySlotRestrictedAccess):
1063         (WebCore::JSDOMWindow::getOwnPropertySlot):
1064         (WebCore::JSDOMWindow::getOwnPropertySlotByIndex):
1065         (WebCore::addCrossOriginWindowPropertyNames):
1066         (WebCore::addScopedChildrenIndexes):
1067         (WebCore::addCrossOriginWindowOwnPropertyNames):
1068         (WebCore::JSDOMWindow::getOwnPropertyNames):
1069         * bindings/js/JSDOMWindowCustom.h:
1070         * bindings/js/JSRemoteDOMWindowCustom.cpp:
1071         (WebCore::JSRemoteDOMWindow::getOwnPropertySlot):
1072         (WebCore::JSRemoteDOMWindow::getOwnPropertySlotByIndex):
1073         (WebCore::JSRemoteDOMWindow::getOwnPropertyNames):
1074         * bindings/scripts/CodeGeneratorJS.pm:
1075         (GenerateAttributeGetterBodyDefinition):
1076         (GetCrossOriginsOptionsFromExtendedAttributeValue):
1077         (GenerateAttributeSetterBodyDefinition):
1078         (GenerateOperationBodyDefinition):
1079         * bindings/scripts/IDLAttributes.json:
1080         * dom/Document.cpp:
1081         (WebCore::Document::setCrossOriginOptions):
1082         * dom/Document.h:
1083         (WebCore::Document::crossOriginOptions const):
1084         * loader/FrameLoader.cpp:
1085         (WebCore::FrameLoader::didBeginDocument):
1086         * page/AbstractDOMWindow.cpp:
1087         (WebCore::AbstractDOMWindow::AbstractDOMWindow):
1088         * page/AbstractDOMWindow.h:
1089         (WebCore::AbstractDOMWindow::crossOriginOptions):
1090         (WebCore::AbstractDOMWindow::setCrossOriginOptions):
1091         * page/DOMWindow.cpp:
1092         (WebCore::DOMWindow::DOMWindow):
1093         (WebCore::DOMWindow::didSecureTransitionTo):
1094         * page/DOMWindow.idl:
1095         * page/Frame.h:
1096         * page/RemoteDOMWindow.cpp:
1097         (WebCore::RemoteDOMWindow::RemoteDOMWindow):
1098         * page/RemoteDOMWindow.h:
1099         * page/Settings.yaml:
1100         * platform/network/HTTPHeaderNames.in:
1101         * platform/network/HTTPParsers.cpp:
1102         (WebCore::parseCrossOriginOptionsHeader):
1103         * platform/network/HTTPParsers.h:
1104
1105 2018-05-09  Ryosuke Niwa  <rniwa@webkit.org>
1106
1107         Release assert in TreeScopeOrderedMap::remove via HTMLImageElement::removedFromAncestor
1108         https://bugs.webkit.org/show_bug.cgi?id=185493
1109
1110         Reviewed by Brent Fulgham.
1111
1112         Fixed the bug that HTMLImageElement::removedFromAncestor and HTMLMapElement::removedFromAncestor
1113         were calling removeImageElementByUsemap on the document instead of the shadow tree from which it was removed.
1114
1115         Test: fast/images/imagemap-in-shadow-tree-removed.html
1116
1117         * html/HTMLImageElement.cpp:
1118         (WebCore::HTMLImageElement::removedFromAncestor):
1119         * html/HTMLMapElement.cpp:
1120         (WebCore::HTMLMapElement::removedFromAncestor):
1121
1122 2018-05-09  Joanmarie Diggs  <jdiggs@igalia.com>
1123
1124         AX: Hidden nodes which are not directly referenced should not participate name/description from content
1125         https://bugs.webkit.org/show_bug.cgi?id=185478
1126
1127         Reviewed by Chris Fleizach.
1128
1129         Add a check to AccessibilityNodeObject::textUnderElement() and return early
1130         if the node is hidden, not referenced by aria-labelledby or aria-describedby,
1131         not an HTMLLabelElement, and not fallback content for an HTMLCanvasElement.
1132
1133         Test: accessibility/text-alternative-calculation-hidden-nodes.html
1134
1135         * accessibility/AccessibilityNodeObject.cpp:
1136         (WebCore::AccessibilityNodeObject::textUnderElement const):
1137
1138 2018-05-09  Eric Carlson  <eric.carlson@apple.com>
1139
1140         Update MediaSession to use release logging
1141         https://bugs.webkit.org/show_bug.cgi?id=185376
1142         <rdar://problem/40022203>
1143
1144         Reviewed by Youenn Fablet.
1145
1146         No new tests, tested manually.
1147
1148         * Modules/mediastream/MediaStream.h: hostingDocument() doesn't need to return a const Document.
1149         * Modules/webaudio/AudioContext.cpp:
1150         (WebCore::AudioContext::hostingDocument const): Ditto.
1151         * Modules/webaudio/AudioContext.h:
1152
1153         * html/HTMLMediaElement.h: Ditto.
1154
1155         * html/MediaElementSession.cpp:
1156         (WebCore::MediaElementSession::MediaElementSession):
1157         (WebCore::MediaElementSession::addBehaviorRestriction):
1158         (WebCore::MediaElementSession::removeBehaviorRestriction):
1159         (WebCore::MediaElementSession::dataLoadingPermitted const):
1160         (WebCore::MediaElementSession::fullscreenPermitted const):
1161         (WebCore::MediaElementSession::pageAllowsDataLoading const):
1162         (WebCore::MediaElementSession::pageAllowsPlaybackAfterResuming const):
1163         (WebCore::MediaElementSession::canShowControlsManager const):
1164         (WebCore::MediaElementSession::showPlaybackTargetPicker):
1165         (WebCore::MediaElementSession::hasWirelessPlaybackTargets const):
1166         (WebCore::MediaElementSession::wirelessVideoPlaybackDisabled const):
1167         (WebCore::MediaElementSession::setWirelessVideoPlaybackDisabled):
1168         (WebCore::MediaElementSession::setHasPlaybackTargetAvailabilityListeners):
1169         (WebCore::MediaElementSession::externalOutputDeviceAvailableDidChange):
1170         (WebCore::MediaElementSession::setShouldPlayToPlaybackTarget):
1171         (WebCore::MediaElementSession::mediaEngineUpdated):
1172         (WebCore::MediaElementSession::willLog const): Deleted.
1173         (WebCore::MediaElementSession::logger const): Deleted.
1174         (WebCore::MediaElementSession::logIdentifier const): Deleted.
1175         (WebCore::MediaElementSession::logChannel const): Deleted.
1176         * html/MediaElementSession.h:
1177
1178         * platform/audio/PlatformMediaSession.cpp:
1179         (WebCore::nextLogIdentifier):
1180         (WebCore::convertEnumerationToString):
1181         (WebCore::PlatformMediaSession::PlatformMediaSession):
1182         (WebCore::PlatformMediaSession::setState):
1183         (WebCore::PlatformMediaSession::beginInterruption):
1184         (WebCore::PlatformMediaSession::endInterruption):
1185         (WebCore::PlatformMediaSession::clientWillBeginAutoplaying):
1186         (WebCore::PlatformMediaSession::clientWillPausePlayback):
1187         (WebCore::PlatformMediaSession::pauseSession):
1188         (WebCore::PlatformMediaSession::stopSession):
1189         (WebCore::PlatformMediaSession::clientDataBufferingTimerFired):
1190         (WebCore::PlatformMediaSession::logChannel const):
1191         (WebCore::stateName): Deleted.
1192         (WebCore::interruptionName): Deleted.
1193         * platform/audio/PlatformMediaSession.h:
1194         (WTF::LogArgument<WebCore::PlatformMediaSession::State>::toString):
1195         (WTF::LogArgument<WebCore::PlatformMediaSession::InterruptionType>::toString):
1196
1197 2018-05-09  Thibault Saunier  <tsaunier@igalia.com>
1198
1199         [GStreamer] Never call updateTracks if running on legacy pipeline
1200         https://bugs.webkit.org/show_bug.cgi?id=184581
1201
1202         This makes sure failling code path is never reached in the conditions where it should not have been reached.
1203
1204         Reviewed by Philippe Normand.
1205
1206         Re enables all tests that were disabled after fixing.
1207
1208         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
1209         (WebCore::MediaPlayerPrivateGStreamer::handleMessage):
1210
1211 2018-05-09  Daniel Bates  <dabates@apple.com>
1212
1213         REGRESSION (r231479): http/tests/appcache/x-frame-options-prevents-framing.php is timing out
1214         https://bugs.webkit.org/show_bug.cgi?id=185443
1215         <rdar://problem/40100660>
1216
1217         Reviewed by Andy Estes.
1218
1219         Following r231479 when using WebKit2 and Restricted HTTP Response Access is enabled (enabled in
1220         WebKitTestRunner) we only check the CSP frame-ancestors directive and X-Frame-Options in
1221         NetworkProcess. We need to check these security requirements in WebContent process whenever
1222         we are performing a substitute data load, such as for app cache, as these loads do not go
1223         through NetworkProcess.
1224
1225         * loader/DocumentLoader.cpp:
1226         (WebCore::DocumentLoader::responseReceived):
1227
1228 2018-05-09  Justin Fan  <justin_fan@apple.com>
1229
1230         Hooked up ASTC support in WebGL; requires OpenGL ES 3 context to work. 
1231         https://bugs.webkit.org/show_bug.cgi?id=185272
1232         <rdar://problem/15745737>
1233
1234         Reviewed by Dean Jackson.
1235
1236         Also added in Khronos' ASTC test from version 1.0.4 beta of their conformance test suite,
1237         although again, this requires OpenGL ES 3 context for WebKit to detect proper support.
1238
1239         Test: fast/canvas/webgl/webgl-compressed-texture-astc.html
1240
1241         * DerivedSources.make:
1242         * Sources.txt:
1243         * WebCore.xcodeproj/project.pbxproj:
1244         * bindings/js/JSDOMConvertWebGL.cpp:
1245         (WebCore::convertToJSValue):
1246         * html/canvas/WebGL2RenderingContext.cpp:
1247         (WebCore::WebGL2RenderingContext::getExtension):
1248         (WebCore::WebGL2RenderingContext::getSupportedExtensions):
1249         * html/canvas/WebGLCompressedTextureASTC.cpp: Added.
1250         (WebCore::WebGLCompressedTextureASTC::WebGLCompressedTextureASTC):
1251         (WebCore::WebGLCompressedTextureASTC::getName const):
1252         (WebCore::WebGLCompressedTextureASTC::supported):
1253         (WebCore::WebGLCompressedTextureASTC::getSupportedProfiles):
1254         * html/canvas/WebGLCompressedTextureASTC.h: Added.
1255         * html/canvas/WebGLCompressedTextureASTC.idl: Added.
1256         * html/canvas/WebGLExtension.h:
1257         * html/canvas/WebGLRenderingContext.cpp:
1258         (WebCore::WebGLRenderingContext::getExtension):
1259         (WebCore::WebGLRenderingContext::getSupportedExtensions):
1260         * html/canvas/WebGLRenderingContextBase.cpp:
1261         (WebCore::WebGLRenderingContextBase::validateCompressedTexFuncData):
1262         (WebCore::WebGLRenderingContextBase::validateCompressedTexDimensions):
1263         * html/canvas/WebGLRenderingContextBase.h:
1264         * platform/graphics/Extensions3D.h:
1265
1266 2018-05-09  Youenn Fablet  <youenn@apple.com>
1267
1268         Allow WebResourceLoader to cancel a load served from a service worker
1269         https://bugs.webkit.org/show_bug.cgi?id=185274
1270
1271         Reviewed by Chris Dumez.
1272
1273         Add support for cancelling a fetch from WebProcess to service worker process.
1274         Use FetchIdentifier instead of uint64_t.
1275
1276         * Modules/fetch/FetchIdentifier.h: Added.
1277         * WebCore.xcodeproj/project.pbxproj:
1278         * workers/service/context/ServiceWorkerFetch.h:
1279         * workers/service/context/ServiceWorkerThreadProxy.cpp:
1280         (WebCore::ServiceWorkerThreadProxy::startFetch):
1281         (WebCore::ServiceWorkerThreadProxy::cancelFetch):
1282         * workers/service/context/ServiceWorkerThreadProxy.h:
1283
1284 2018-05-09  Thibault Saunier  <tsaunier@igalia.com>
1285
1286         [GStreamer] Fix style issue in MediaPlayerPrivateGStreamer
1287         https://bugs.webkit.org/show_bug.cgi?id=185479
1288
1289         Reviewed by Philippe Normand.
1290
1291         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:114:  Multi line control clauses should use braces.  [whitespace/braces] [4]
1292         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:194:  Multi line control clauses should use braces.  [whitespace/braces] [4]
1293         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:398:  One line control clauses should not use braces.  [whitespace/braces] [4]
1294         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:440:  One line control clauses should not use braces.  [whitespace/braces] [4]
1295         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:806:  More than one command on the same line  [whitespace/newline] [4]
1296         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:869:  More than one command on the same line  [whitespace/newline] [4]
1297         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:880:  More than one command on the same line  [whitespace/newline] [4]
1298         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:940:  More than one command on the same line  [whitespace/newline] [4]
1299         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:1102:  Multi line control clauses should use braces.  [whitespace/braces] [4]
1300         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:1109:  Multi line control clauses should use braces.  [whitespace/braces] [4]
1301
1302         Indentation and style issue fixed only.
1303
1304         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
1305         (WebCore::MediaPlayerPrivateGStreamer::registerMediaEngine):
1306         (WebCore::MediaPlayerPrivateGStreamer::~MediaPlayerPrivateGStreamer):
1307         (WebCore::MediaPlayerPrivateGStreamer::changePipelineState):
1308         (WebCore::MediaPlayerPrivateGStreamer::play):
1309         (WebCore::MediaPlayerPrivateGStreamer::videoChangedCallback):
1310         (WebCore::MediaPlayerPrivateGStreamer::videoSinkCapsChangedCallback):
1311         (WebCore::MediaPlayerPrivateGStreamer::audioChangedCallback):
1312         (WebCore::MediaPlayerPrivateGStreamer::textChangedCallback):
1313         (WebCore::MediaPlayerPrivateGStreamer::buffered const):
1314         (WebCore::MediaPlayerPrivateGStreamer::loadNextLocation):
1315
1316 2018-05-09  Daniel Bates  <dabates@apple.com>
1317
1318         REGRESSION (r231479): com.apple.WebCore crash in WebCore::DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied()
1319         https://bugs.webkit.org/show_bug.cgi?id=185475
1320         <rdar://problem/40093853>
1321
1322         Reviewed by Andy Estes.
1323
1324         DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() must extends its lifetime
1325         until completion as dispatching a DOM load event at the associated frame can cause JavaScript execution
1326         that can do anything, including destroying the loader that dispatched the event.
1327
1328         Following r231479 DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() is now
1329         invoked by both DocumentLoader::responseReceived() and WebResourceLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied().
1330         The latter only can happen when using WebKit2 and the experimental feature Restricted HTTP Response Access
1331         is enabled (RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess()). Unlike DocumentLoader::responseReceived()
1332         WebResourceLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() does not take out a ref
1333         on the DocumentLoader before invoking DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied().
1334         Therefore, DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() can cause its
1335         own destruction as a result of dispatching a DOM load event at the frame. We should take out a ref on
1336         the DocumentLoader when executing DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied().
1337
1338         * loader/DocumentLoader.cpp:
1339         (WebCore::DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied):
1340
1341 2018-05-09  Tim Horton  <timothy_horton@apple.com>
1342
1343         Fix the build by ignoring some deprecation warnings
1344
1345         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
1346         (WebCore::MediaPlayerPrivateAVFoundationObjC::setShouldDisableSleep):
1347
1348 2018-05-09  Michael Catanzaro  <mcatanzaro@igalia.com>
1349
1350         [WPE] Build cleanly with GCC 8 and ICU 60
1351         https://bugs.webkit.org/show_bug.cgi?id=185462
1352
1353         Reviewed by Carlos Alberto Lopez Perez.
1354
1355         * PlatformGTK.cmake: Include directories are in the wrong place.
1356         * accessibility/AXObjectCache.cpp: Silence -Wclass-memaccess problems and leave warnings.
1357         (WebCore::AXObjectCache::startOrEndTextMarkerDataForRange):
1358         (WebCore::AXObjectCache::textMarkerDataForCharacterOffset):
1359         (WebCore::AXObjectCache::textMarkerDataForVisiblePosition):
1360         (WebCore::AXObjectCache::textMarkerDataForFirstPositionInTextControl):
1361         * css/CSSFontFace.cpp: Silence -Wfallthrough
1362         (WebCore::CSSFontFace::fontLoadTiming const):
1363         * css/CSSSelectorList.cpp: Silence -Wclass-memaccess, this one is intentional.
1364         (WebCore::CSSSelectorList::adoptSelectorVector):
1365         * editing/TextIterator.cpp: Silence ICU deprecation warnings.
1366         * platform/Length.h:
1367         (WebCore::Length::operator=): More -Wclass-memaccess, looks benign.
1368         * platform/graphics/Gradient.cpp:
1369         (WebCore::Gradient::hash const): -Wclass-memaccess again. Leave a warning.
1370         * platform/graphics/SurrogatePairAwareTextIterator.cpp: Silence ICU deprecation warnings.
1371         * platform/graphics/cairo/FontCairoHarfbuzzNG.cpp:
1372         (WebCore::FontCascade::fontForCombiningCharacterSequence const): Silence ICU deprecation.
1373         * platform/graphics/freetype/FontCustomPlatformDataFreeType.cpp:
1374         (WebCore::FontCustomPlatformData::FontCustomPlatformData): Silence -Wcast-function-type.
1375         * platform/graphics/freetype/SimpleFontDataFreeType.cpp:
1376         (WebCore::Font::canRenderCombiningCharacterSequence const): Silence ICU deprecation.
1377         * platform/graphics/gstreamer/GstAllocatorFastMalloc.cpp:
1378         (gstAllocatorFastMallocMemUnmap): Fix -Wcast-function-type.
1379         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
1380         (WebCore::MediaPlayerPrivateGStreamer::updateTracks): Fix bad printf.
1381         (WebCore::MediaPlayerPrivateGStreamer::enableTrack): Another bad printf.
1382         (WebCore::findHLSQueue): Fix -Wcast-function-type.
1383         * platform/graphics/gstreamer/eme/WebKitClearKeyDecryptorGStreamer.cpp:
1384         (webKitMediaClearKeyDecryptorDecrypt): Fix another bad printf.
1385         * platform/network/soup/SocketStreamHandleImplSoup.cpp: Silence -Wcast-function-type.
1386         (WebCore::SocketStreamHandleImpl::beginWaitingForSocketWritability):
1387         * platform/text/TextEncoding.cpp: Silence ICU deprecration.
1388
1389 2018-05-08  Simon Fraser  <simon.fraser@apple.com>
1390
1391         SVG lighting colors need to be converted into linearSRGB
1392         https://bugs.webkit.org/show_bug.cgi?id=181196
1393
1394         Reviewed by Darin Adler.
1395
1396         Address post-commit comments. Don't make a Color that contains linearRGB components,
1397         but use FloatComponents instead. Since these FloatComponents are in the 0-1 range,
1398         FELighting::setPixelInternal() needs to multiply by 255 since the output pixels are
1399         8-bit 0-255.
1400         
1401         Change linearToSRGBColorComponent() and sRGBToLinearColorComponent() to do math in
1402         floats without promoting to doubles.
1403
1404         * platform/graphics/ColorUtilities.cpp:
1405         (WebCore::FloatComponents::FloatComponents):
1406         (WebCore::linearToSRGBColorComponent):
1407         (WebCore::sRGBToLinearColorComponent):
1408         (WebCore::sRGBColorToLinearComponents):
1409         (WebCore::linearToSRGBColor): Deleted.
1410         (WebCore::sRGBToLinearColor): Deleted.
1411         * platform/graphics/ColorUtilities.h:
1412         * platform/graphics/filters/FELighting.cpp:
1413         (WebCore::FELighting::setPixelInternal):
1414         (WebCore::FELighting::drawLighting):
1415
1416 2018-05-09  Timothy Hatcher  <timothy@apple.com>
1417
1418         Use StyleColor::Options in more places.
1419
1420         https://bugs.webkit.org/show_bug.cgi?id=185458
1421         rdar://problem/39853798
1422
1423         Add UseDefaultAppearance to StyleColor::Options, to avoid passing yet another
1424         boolean on some of these functions.
1425
1426         Reviewed by Tim Horton.
1427
1428         * css/MediaQueryEvaluator.cpp:
1429         * css/StyleColor.h:
1430         * dom/Document.cpp:
1431         (WebCore::Document::useDefaultAppearance const):
1432         (WebCore::Document::styleColorOptions const):
1433         * dom/Document.h:
1434         * platform/Theme.cpp:
1435         (WebCore::Theme::paint):
1436         * platform/Theme.h:
1437         * platform/mac/LocalDefaultSystemAppearance.h:
1438         * platform/mac/LocalDefaultSystemAppearance.mm:
1439         (WebCore::LocalDefaultSystemAppearance::LocalDefaultSystemAppearance):
1440         (WebCore::LocalDefaultSystemAppearance::~LocalDefaultSystemAppearance):
1441         * platform/mac/ThemeMac.h:
1442         * platform/mac/ThemeMac.mm:
1443         (WebCore::paintToggleButton):
1444         (WebCore::paintButton):
1445         (WebCore::ThemeMac::ensuredView):
1446         (WebCore::ThemeMac::drawCellOrFocusRingWithViewIntoContext):
1447         (WebCore::ThemeMac::paint):
1448         (-[WebCoreThemeView initWithUseSystemAppearance:]): Deleted.
1449         * platform/wpe/ThemeWPE.cpp:
1450         (WebCore::ThemeWPE::paint):
1451         * platform/wpe/ThemeWPE.h:
1452         * rendering/RenderListBox.cpp:
1453         (WebCore::RenderListBox::paintItemBackground):
1454         * rendering/RenderTheme.cpp:
1455         (WebCore::RenderTheme::paint):
1456         (WebCore::RenderTheme::inactiveListBoxSelectionBackgroundColor const):
1457         (WebCore::RenderTheme::platformInactiveListBoxSelectionBackgroundColor const):
1458         * rendering/RenderTheme.h:
1459         * rendering/RenderThemeGtk.cpp:
1460         (WebCore::RenderThemeGtk::platformInactiveListBoxSelectionBackgroundColor const):
1461         * rendering/RenderThemeGtk.h:
1462         * rendering/RenderThemeMac.h:
1463         * rendering/RenderThemeMac.mm:
1464         (WebCore::RenderThemeMac::documentViewFor const):
1465         (WebCore::RenderThemeMac::platformInactiveListBoxSelectionBackgroundColor const):
1466         (WebCore::RenderThemeMac::systemColor const):
1467         (WebCore::RenderThemeMac::paintCellAndSetFocusedElementNeedsRepaintIfNecessary):
1468         (WebCore::RenderThemeMac::paintSliderThumb):
1469
1470 2018-05-09  Yacine Bandou  <yacine.bandou_ext@softathome.com>
1471
1472         [EME][GStreamer] Crash when the mediaKeys are created before loading the media in debug conf
1473         https://bugs.webkit.org/show_bug.cgi?id=185244
1474
1475         Reviewed by Xabier Rodriguez-Calvar.
1476
1477         The function "MediaPlayerPrivateGStreamerBase::cdmInstanceAttached" is expected to be called once,
1478         so there is an ASSERT(!m_cdmInstance).
1479         But when the MediaKeys are created before loading the media, the cdminstance is created and attached
1480         to the MediaPlayerPrivate via "MediaPlayerPrivateGStreamerBase::cdmInstanceAttached" before loading
1481         the media, then when the media is loading, the function "MediaPlayerPrivateGStreamerBase::cdmInstanceAttached"
1482         will be called several times via the function "mediaEngineWasUpdated" wich is called for each change
1483         in the MediaElement state, thus the WebProcess crashes in the ASSERT(!m_cdmInstance).
1484
1485         This commit avoid the crash by replacing the assert with a simple check.
1486
1487         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
1488         (WebCore::MediaPlayerPrivateGStreamerBase::cdmInstanceAttached):
1489         (WebCore::MediaPlayerPrivateGStreamerBase::cdmInstanceDetached):
1490
1491 2018-05-09  Antti Koivisto  <antti@apple.com>
1492
1493         Add OptionSet::operator& and operator bool
1494         https://bugs.webkit.org/show_bug.cgi?id=185306
1495
1496         Reviewed by Anders Carlsson.
1497
1498         Use it in a few places.
1499
1500         * loader/FrameLoader.cpp:
1501         (WebCore::FrameLoader::reload):
1502         * rendering/RenderLayerCompositor.cpp:
1503         (WebCore::RenderLayerCompositor::logReasonsForCompositing):
1504         (WebCore::RenderLayerCompositor::updateScrollCoordinatedLayer):
1505
1506 2018-05-08  Dean Jackson  <dino@apple.com>
1507
1508         Disable system preview link fetching
1509         https://bugs.webkit.org/show_bug.cgi?id=185463
1510
1511         Reviewed by Jon Lee.
1512
1513         Temporarily disable system preview detection when a link
1514         is clicked.
1515
1516         * html/HTMLAnchorElement.cpp:
1517         (WebCore::HTMLAnchorElement::handleClick):
1518
1519 2018-05-08  Wenson Hsieh  <wenson_hsieh@apple.com>
1520
1521         Unreviewed, fix the internal iOS build
1522
1523         Add a missing import statement in an implementation file.
1524
1525         * editing/cocoa/WebContentReaderCocoa.mm:
1526
1527 2018-05-08  Ryan Haddad  <ryanhaddad@apple.com>
1528
1529         Unreviewed, rolling out r231486.
1530
1531         Caused service worker LayoutTest failures on macOS Debug WK2.
1532
1533         Reverted changeset:
1534
1535         "Allow WebResourceLoader to cancel a load served from a
1536         service worker"
1537         https://bugs.webkit.org/show_bug.cgi?id=185274
1538         https://trac.webkit.org/changeset/231486
1539
1540 2018-05-08  Wenson Hsieh  <wenson_hsieh@apple.com>
1541
1542         Consolidate WebContentReaderIOS and WebContentReaderMac into WebContentReaderCocoa
1543         https://bugs.webkit.org/show_bug.cgi?id=185340
1544
1545         Reviewed by Tim Horton.
1546
1547         WebContentReader::readURL is currently the only method implemented separately in iOS and macOS platform
1548         WebContentReader files. The implementation across macOS and iOS is nearly identical (with some exceptions with
1549         the way iOS handles file URLs and plain text editing), so we can merge these into a single method
1550         WebContentReaderCocoa and delete WebContentReaderIOS and WebContentReaderMac.
1551
1552         This also has the added bonus of fixing a latent bug in WebContentReaderMac, wherein URLs written to the
1553         pasteboard using -[NSPasteboard writeObjects:] are currently pasted as empty anchor elements. In this case, the
1554         link title isn't made explicit, so the `title` passed in to WebContentReader::readURL is empty. On iOS, we have
1555         code to fall back to pasting the absolute string of the URL if the title is empty, but on macOS, we'll just use
1556         this empty string as the title of the anchor.
1557
1558         Test: PasteMixedContent.PasteURLWrittenToPasteboardUsingWriteObjects
1559
1560         * SourcesCocoa.txt:
1561         * WebCore.xcodeproj/project.pbxproj:
1562         * editing/cocoa/WebContentReaderCocoa.mm:
1563         (WebCore::WebContentReader::readURL):
1564         * editing/ios/WebContentReaderIOS.mm: Removed.
1565         * editing/mac/WebContentReaderMac.mm: Removed.
1566
1567 2018-05-08  Zalan Bujtas  <zalan@apple.com>
1568
1569         [Simple line layout] Cache run resolver.
1570         https://bugs.webkit.org/show_bug.cgi?id=185411
1571
1572         Reviewed by Antti Koivisto.
1573
1574         This patch caches the run resolver on the [SimpleLine]Layout object. 
1575         In certain cases, when the block container has thousands of elements (foobar1<br>foobar2<br>.....foobar9999<br>),
1576         constructing the resolver (and its dependencies) in a repeating fashion could hang the WebProcess.
1577
1578         Covered by existing tests.
1579
1580         * rendering/SimpleLineLayout.cpp:
1581         (WebCore::SimpleLineLayout::create):
1582         (WebCore::SimpleLineLayout::Layout::create):
1583         (WebCore::SimpleLineLayout::Layout::Layout):
1584         * rendering/SimpleLineLayout.h:
1585         (WebCore::SimpleLineLayout::Layout::runResolver const):
1586         * rendering/SimpleLineLayoutFunctions.cpp:
1587         (WebCore::SimpleLineLayout::paintFlow):
1588         (WebCore::SimpleLineLayout::hitTestFlow):
1589         (WebCore::SimpleLineLayout::collectFlowOverflow):
1590         (WebCore::SimpleLineLayout::computeBoundingBox):
1591         (WebCore::SimpleLineLayout::computeFirstRunLocation):
1592         (WebCore::SimpleLineLayout::collectAbsoluteRects):
1593         (WebCore::SimpleLineLayout::collectAbsoluteQuads):
1594         (WebCore::SimpleLineLayout::textOffsetForPoint):
1595         (WebCore::SimpleLineLayout::collectAbsoluteQuadsForRange):
1596         (WebCore::SimpleLineLayout::generateLineBoxTree):
1597         * rendering/SimpleLineLayoutResolver.cpp:
1598         (WebCore::SimpleLineLayout::LineResolver::LineResolver):
1599         * rendering/SimpleLineLayoutResolver.h:
1600         (WebCore::SimpleLineLayout::lineResolver):
1601
1602 2018-05-08  Brent Fulgham  <bfulgham@apple.com>
1603
1604         Switch some RELEASE_ASSERTS to plain debug ASSERTS in PlatformScreenMac.mm
1605         https://bugs.webkit.org/show_bug.cgi?id=185451
1606         <rdar://problem/39620348>
1607
1608         Reviewed by Zalan Bujtas.
1609
1610         Change a set of RELEASE_ASSERTS used to prevent accessing NSScreen related functions in the
1611         PlatformScreenMac implementation to less expensive Debug ASSERTS.
1612
1613         No change in behavior.
1614
1615         * platform/mac/PlatformScreenMac.mm:
1616         (WebCore::screenHasInvertedColors):
1617         (WebCore::screenDepth):
1618         (WebCore::screenDepthPerComponent):
1619         (WebCore::screenRectForDisplay):
1620         (WebCore::screenRect):
1621         (WebCore::screenAvailableRect):
1622         (WebCore::screenColorSpace):
1623         (WebCore::screenSupportsExtendedColor):
1624
1625 2018-05-08  Daniel Bates  <dabates@apple.com>
1626
1627         Resign Strong Password appearance when text field value changes
1628         https://bugs.webkit.org/show_bug.cgi?id=185433
1629         <rdar://problem/39958508>
1630
1631         Reviewed by Ryosuke Niwa.
1632
1633         Remove the Strong Password decoration when the text field's value changes to avoid interfering
1634         with web sites that allow a person to clear the password field.
1635
1636         Tests: fast/forms/auto-fill-button/auto-fill-strong-password-button-when-maxlength-changes.html
1637                fast/forms/auto-fill-button/auto-fill-strong-password-button-when-minlength-changes.html
1638                fast/forms/auto-fill-button/hide-auto-fill-strong-password-button-when-value-changes.html
1639
1640         * html/HTMLInputElement.cpp:
1641         (WebCore::HTMLInputElement::resignStrongPasswordAppearance): Extracted from HTMLInputElement::updateType().
1642         (WebCore::HTMLInputElement::updateType): Extract out logic to resign the Strong Password appearance
1643         into a function that can be shared by this function and HTMLInputElement::setValue().
1644         (WebCore::HTMLInputElement::setValue): Resign the Strong Password appearance if this field was
1645         changed programmatically (i.e. no DOM change event was dispatched).
1646         * html/HTMLInputElement.h:
1647
1648 2018-05-08  Jer Noble  <jer.noble@apple.com>
1649
1650         Unreviewed build fix; add missing function definition.
1651
1652         * html/HTMLMediaElement.h:
1653         (WebCore::HTMLMediaElement::didPassCORSAccessCheck const):
1654
1655 2018-05-08  Jer Noble  <jer.noble@apple.com>
1656
1657         Mute MediaElementSourceNode when tainted.
1658         https://bugs.webkit.org/show_bug.cgi?id=184866
1659
1660         Reviewed by Eric Carlson.
1661
1662         Test: http/tests/security/webaudio-render-remote-audio-blocked-no-crossorigin.html
1663
1664         * Modules/webaudio/AudioContext.cpp:
1665         (WebCore::AudioContext::wouldTaintOrigin const):
1666         * Modules/webaudio/AudioContext.h:
1667         * Modules/webaudio/MediaElementAudioSourceNode.cpp:
1668         (WebCore::MediaElementAudioSourceNode::setFormat):
1669         (WebCore::MediaElementAudioSourceNode::wouldTaintOrigin):
1670         (WebCore::MediaElementAudioSourceNode::process):
1671         * Modules/webaudio/MediaElementAudioSourceNode.h:
1672
1673 2018-05-08  Eric Carlson  <eric.carlson@apple.com>
1674
1675         Log rtcstats as JSON
1676         https://bugs.webkit.org/show_bug.cgi?id=185437
1677         <rdar://problem/40065332>
1678
1679         Reviewed by Youenn Fablet.
1680
1681         * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
1682         (WebCore::RTCStatsLogger::RTCStatsLogger): Create a wrapper class so we don't have to add a
1683         toJSONString method to libwebrtc.
1684         (WebCore::RTCStatsLogger::toJSONString const): Log stats as JSON.
1685         (WebCore::LibWebRTCMediaEndpoint::OnStatsDelivered): Don't use the LOGIDENTIFIER macro because
1686         it doesn't work well inside of a lambda.
1687         (WTF::LogArgument<WebCore::RTCStatsLogger>::toString): Move into .cpp file because it is only
1688         used here.
1689         * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.h:
1690         (WTF::LogArgument<webrtc::RTCStats>::toString): Deleted. Move to .cpp file.
1691
1692 2018-05-08  Dean Jackson  <dino@apple.com>
1693
1694         System Preview links should trigger a download
1695         https://bugs.webkit.org/show_bug.cgi?id=185439
1696         <rdar://problem/40065545>
1697
1698         Reviewed by Jon Lee.
1699
1700         Add a new field to FrameLoadRequest, which then is copied
1701         into ResourceRequest, identifying if the link clicked
1702         is a system preview.
1703
1704         * html/HTMLAnchorElement.cpp:
1705         (WebCore::HTMLAnchorElement::handleClick): Look for isSystemPreviewLink().
1706         * loader/FrameLoadRequest.cpp:
1707         (WebCore::FrameLoadRequest::FrameLoadRequest):
1708         * loader/FrameLoadRequest.h: New property.
1709         (WebCore::FrameLoadRequest::FrameLoadRequest):
1710         (WebCore::FrameLoadRequest::isSystemPreview const):
1711         * loader/FrameLoader.cpp:
1712         (WebCore::FrameLoader::urlSelected):
1713         (WebCore::FrameLoader::loadURL):
1714         * loader/FrameLoader.h:
1715         * platform/network/ResourceRequestBase.cpp:
1716         (WebCore::ResourceRequestBase::isSystemPreview const):
1717         (WebCore::ResourceRequestBase::setSystemPreview):
1718         * platform/network/ResourceRequestBase.h:
1719
1720 2018-05-08  Commit Queue  <commit-queue@webkit.org>
1721
1722         Unreviewed, rolling out r231491.
1723         https://bugs.webkit.org/show_bug.cgi?id=185434
1724
1725         Setting the Created key on a cookie does not work yet, due a
1726         bug in CFNetwork (Requested by ggaren on #webkit).
1727
1728         Reverted changeset:
1729
1730         "[WKHTTPCookieStore getAllCookies] returns inconsistent
1731         creation time"
1732         https://bugs.webkit.org/show_bug.cgi?id=185041
1733         https://trac.webkit.org/changeset/231491
1734
1735 2018-05-08  Sihui Liu  <sihui_liu@apple.com>
1736
1737         [WKHTTPCookieStore getAllCookies] returns inconsistent creation time
1738         https://bugs.webkit.org/show_bug.cgi?id=185041
1739         <rdar://problem/34684214>
1740
1741         Reviewed by Geoffrey Garen.
1742
1743         Set creationtime property when creating Cookie object to keep consistency after conversion.
1744
1745         New API test: WebKit.WKHTTPCookieStoreCreationTime.
1746
1747         * platform/network/cocoa/CookieCocoa.mm:
1748         (WebCore::Cookie::operator NSHTTPCookie * const):
1749
1750 2018-05-08  Eric Carlson  <eric.carlson@apple.com>
1751
1752         Text track cue logging should include cue text
1753         https://bugs.webkit.org/show_bug.cgi?id=185353
1754         <rdar://problem/40003565>
1755
1756         Reviewed by Brent Fulgham.
1757
1758         No new tests, tested manually.
1759
1760         * html/track/VTTCue.cpp:
1761         (WebCore::VTTCue::toJSON const):
1762         * platform/graphics/InbandTextTrackPrivateClient.h:
1763         (WebCore::GenericCueData::toJSONString const):
1764         * platform/graphics/iso/ISOVTTCue.cpp:
1765         (WebCore::ISOWebVTTCue::toJSONString const):
1766
1767 2018-05-08  Sam Weinig  <sam@webkit.org>
1768
1769         More cleanup of XMLHttpRequestUpload
1770         https://bugs.webkit.org/show_bug.cgi?id=185409
1771
1772         Reviewed by Alex Christensen.
1773
1774         - Remove unneeded #includes
1775         - Rename m_xmlHttpRequest to m_request
1776         - Make some overloaded some methods private, and mark them as final rather
1777           than override.
1778
1779         * xml/XMLHttpRequestUpload.cpp:
1780         (WebCore::XMLHttpRequestUpload::XMLHttpRequestUpload):
1781         * xml/XMLHttpRequestUpload.h:
1782
1783 2018-05-08  Zalan Bujtas  <zalan@apple.com>
1784
1785         [LFC] Start using BlockMarginCollapse
1786         https://bugs.webkit.org/show_bug.cgi?id=185424
1787
1788         Reviewed by Antti Koivisto.
1789
1790         BlockMarginCollapse could be all static.
1791
1792         * layout/blockformatting/BlockFormattingContext.cpp:
1793         (WebCore::Layout::BlockFormattingContext::marginTop const):
1794         (WebCore::Layout::BlockFormattingContext::marginBottom const):
1795         * layout/blockformatting/BlockMarginCollapse.cpp:
1796         (WebCore::Layout::isMarginTopCollapsedWithSibling):
1797         (WebCore::Layout::isMarginBottomCollapsedWithSibling):
1798         (WebCore::Layout::isMarginTopCollapsedWithParent):
1799         (WebCore::Layout::isMarginBottomCollapsedWithParent):
1800         (WebCore::Layout::collapsedMarginTopFromFirstChild):
1801         (WebCore::Layout::collapsedMarginBottomFromLastChild):
1802         (WebCore::Layout::nonCollapsedMarginTop):
1803         (WebCore::Layout::nonCollapsedMarginBottom):
1804         (WebCore::Layout::BlockMarginCollapse::marginTop):
1805         (WebCore::Layout::BlockMarginCollapse::marginBottom):
1806         (WebCore::Layout::BlockMarginCollapse::BlockMarginCollapse): Deleted.
1807         (WebCore::Layout::BlockMarginCollapse::marginTop const): Deleted.
1808         (WebCore::Layout::BlockMarginCollapse::marginBottom const): Deleted.
1809         (WebCore::Layout::BlockMarginCollapse::isMarginTopCollapsedWithSibling const): Deleted.
1810         (WebCore::Layout::BlockMarginCollapse::isMarginBottomCollapsedWithSibling const): Deleted.
1811         (WebCore::Layout::BlockMarginCollapse::isMarginTopCollapsedWithParent const): Deleted.
1812         (WebCore::Layout::BlockMarginCollapse::isMarginBottomCollapsedWithParent const): Deleted.
1813         (WebCore::Layout::BlockMarginCollapse::nonCollapsedMarginTop const): Deleted.
1814         (WebCore::Layout::BlockMarginCollapse::nonCollapsedMarginBottom const): Deleted.
1815         (WebCore::Layout::BlockMarginCollapse::collapsedMarginTopFromFirstChild const): Deleted.
1816         (WebCore::Layout::BlockMarginCollapse::collapsedMarginBottomFromLastChild const): Deleted.
1817         (WebCore::Layout::BlockMarginCollapse::hasAdjoiningMarginTopAndBottom const): Deleted.
1818         * layout/blockformatting/BlockMarginCollapse.h:
1819
1820 2018-05-08  Youenn Fablet  <youenn@apple.com>
1821
1822         Allow WebResourceLoader to cancel a load served from a service worker
1823         https://bugs.webkit.org/show_bug.cgi?id=185274
1824
1825         Reviewed by Chris Dumez.
1826
1827         Add support for cancelling a fetch from WebProcess to service worker process.
1828         Use FetchIdentifier instead of uint64_t.
1829
1830         * Modules/fetch/FetchIdentifier.h: Added.
1831         * WebCore.xcodeproj/project.pbxproj:
1832         * workers/service/context/ServiceWorkerFetch.h:
1833         * workers/service/context/ServiceWorkerThreadProxy.cpp:
1834         (WebCore::ServiceWorkerThreadProxy::startFetch):
1835         (WebCore::ServiceWorkerThreadProxy::cancelFetch):
1836         * workers/service/context/ServiceWorkerThreadProxy.h:
1837
1838 2018-05-08  Said Abou-Hallawa  <sabouhallawa@apple.com>
1839
1840         feTurbulence is not rendered correctly on Retina display
1841         https://bugs.webkit.org/show_bug.cgi?id=183798
1842
1843         Reviewed by Simon Fraser.
1844
1845         On 2x display the feTurbulence filter creates a scaled ImageBuffer but
1846         processes only the unscaled size. This is a remaining work of r168577 and
1847         is very similar to what was done for the feMorphology filter in r188271.
1848
1849         Test: fast/hidpi/filters-turbulence.html
1850
1851         * platform/graphics/filters/FETurbulence.cpp:
1852         (WebCore::FETurbulence::fillRegion const):
1853         (WebCore::FETurbulence::platformApplySoftware):
1854
1855 2018-05-07  Zalan Bujtas  <zalan@apple.com>
1856
1857         [LFC] Add FormattingContext::layoutOutOfFlowDescendants implementation
1858         https://bugs.webkit.org/show_bug.cgi?id=185377
1859
1860         Reviewed by Antti Koivisto.
1861
1862         Also, remove FormattingContext's m_layoutContext member and pass it in to ::layout() instead.
1863         In theory LayoutContext is needed only during ::layout() call. 
1864
1865         * layout/FormattingContext.cpp:
1866         (WebCore::Layout::FormattingContext::layoutOutOfFlowDescendants const):
1867         * layout/FormattingContext.h:
1868         (WebCore::Layout::FormattingContext::layoutContext const):
1869         * layout/LayoutContext.cpp:
1870         (WebCore::Layout::LayoutContext::updateLayout):
1871         * layout/blockformatting/BlockFormattingContext.cpp:
1872         (WebCore::Layout::BlockFormattingContext::layout const):
1873         * layout/blockformatting/BlockFormattingContext.h:
1874         * layout/inlineformatting/InlineFormattingContext.cpp:
1875         (WebCore::Layout::InlineFormattingContext::layout const):
1876         * layout/inlineformatting/InlineFormattingContext.h:
1877
1878 2018-05-07  Daniel Bates  <dabates@apple.com>
1879
1880         Check X-Frame-Options and CSP frame-ancestors in network process
1881         https://bugs.webkit.org/show_bug.cgi?id=185410
1882         <rdar://problem/37733934>
1883
1884         Reviewed by Ryosuke Niwa.
1885
1886         * WebCore.xcodeproj/project.pbxproj: Make PingLoader.h a private header so that we can include it in WebKit.
1887         * loader/DocumentLoader.cpp:
1888         (WebCore::DocumentLoader::responseReceived): Only check CSP frame-ancestors and X-Frame-Options here if
1889         we are not checking them in the NetworkProcess and HTTP response access is restricted. I code is otherwise kept
1890         unchanged. There may be opportunities to clean this code up more and share more of it. We should look into this
1891         in subsequent bugs.
1892         * loader/DocumentLoader.h: Change visibility of stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() from
1893         private to public and export it so that we can call it from the WebKit.
1894         * loader/PingLoader.h:
1895         * page/Settings.yaml: Add a new setting called networkProcessCSPFrameAncestorsCheckingEnabled (defaults: false)
1896         and is hardcoded in WebPage.cpp to be enabled. This setting is used to determine if we will be using the NetworkProcess.
1897         Ideally we wouldn't have this setting and just key off RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess().
1898         However RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess() is always enabled in WebKit Legacy
1899         at the time of writing (why?). And, strangely, RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess()
1900         is conditionally enabled in WebKit. For now, we add a new setting, networkProcessCSPFrameAncestorsCheckingEnabled,
1901         to determine if CSP checking should be performed in NetworkProcess. For checking to actually happen in NetworkProcess
1902         and not in DocumentLoader::responseReceived() RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess()
1903         will also need to be enabled.
1904         * page/csp/ContentSecurityPolicy.cpp:
1905         (WebCore::ContentSecurityPolicy::allowFrameAncestors const): Added a variant that takes a vector of ancestor origins.
1906         * page/csp/ContentSecurityPolicy.h:
1907         * page/csp/ContentSecurityPolicyDirectiveList.cpp:
1908         (WebCore::checkFrameAncestors): Ditto.
1909         (WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForFrameAncestorOrigins const): Ditto.
1910         * page/csp/ContentSecurityPolicyDirectiveList.h: Export constructor so that we can invoke it from NetworkResourceLoader::shouldInterruptLoadForCSPFrameAncestorsOrXFrameOptions().
1911         * page/csp/ContentSecurityPolicyResponseHeaders.h:
1912         * platform/network/HTTPParsers.h: Export XFrameOptionsDisposition() so that we can use in WebKit.
1913
1914 2018-05-07  Daniel Bates  <dabates@apple.com>
1915
1916         Abstract logic to log console messages and send CSP violation reports into a client
1917         https://bugs.webkit.org/show_bug.cgi?id=185393
1918         <rdar://problem/40036053>
1919
1920         Reviewed by Brent Fulgham.
1921
1922         First pass at adding infrastructure to supporting CSP reporting from NetworkProcess and workers.
1923         Replaces the existing ContentSecurityPolicy constructor that takes a Frame with one that
1924         takes a ContentSecurityPolicyClient to delegate to for logging and sending reports. We will look
1925         to remove ContentSecurityPolicy constructor that takes a ScriptExecutionContext in a follow up.
1926
1927         Standardize on instantiating a ContentSecurityPolicy with the full URL to resource that it protects
1928         instead of taking only the SecurityOrigin of this URL. By taking the full URL the ContentSecurityPolicy
1929         object is now capable of resolving a relative report URL without needing a Document/ScriptExecutionContext.
1930
1931         We are underutilizing the CSPInfo struct and ContentSecurityPolicyClient::willSendCSPViolationReport()
1932         delegate callback in this patch. We will make use of this functionality in a subsequent patch to
1933         support collecting script state (e.g. source line number) when reporting CSP violations in worker
1934         threads. We also no longer go through the unnecessary motions to try to collect script state for a
1935         frame-ancestors violation (since DocumentLoader extends ContentSecurityPolicyClient and does not
1936         implement ContentSecurityPolicyClient::willSendCSPViolationReport()). The frame-ancestors directive
1937         is checked before a document is parsed and executes script; => there will never be any script state
1938         to collect; => it is not necessary to try to collect it as we currently do.
1939
1940         * Sources.txt: Add file ContentSecurityPolicyClient.cpp. See the remarks for ContentSecurityPolicyClient.cpp
1941         below on why we have this file.
1942         * WebCore.xcodeproj/project.pbxproj: Add files ContentSecurityPolicyClient.{h, cpp}.
1943         * dom/Document.cpp:
1944         (WebCore::Document::initSecurityContext): Pass the URL of the protected document.
1945         * loader/DocumentLoader.cpp:
1946         (WebCore::DocumentLoader::responseReceived): Ditto.
1947         (WebCore::DocumentLoader::addConsoleMessage): Added.
1948         (WebCore::DocumentLoader::sendCSPViolationReport): Added.
1949         (WebCore::DocumentLoader::dispatchSecurityPolicyViolationEvent): Added.
1950         * loader/DocumentLoader.h:
1951         * loader/FrameLoaderClient.h: Fix typo in comment.
1952         * loader/WorkerThreadableLoader.cpp:
1953         (WebCore::WorkerThreadableLoader::MainThreadBridge::MainThreadBridge): Pass the URL of the worker script.
1954         * page/csp/ContentSecurityPolicy.cpp:
1955         (WebCore::ContentSecurityPolicy::ContentSecurityPolicy): Added overload that takes a URL&& and an optional
1956         ContentSecurityPolicyClient*.
1957         (WebCore::ContentSecurityPolicy::deprecatedURLForReporting const): Extracted and simplified stripURLForUseInReport()
1958         into this member function.
1959         (WebCore::ContentSecurityPolicy::reportViolation const): Modified to make use of the client, if we have
1960         one and removed code for handling a ContentSecurityPolicy that was instantiated with a Frame.
1961         (WebCore::ContentSecurityPolicy::logToConsole const): Ditto.
1962         (WebCore::stripURLForUseInReport): Deleted; incorporated into ContentSecurityPolicy::deprecatedURLForReporting().
1963         * page/csp/ContentSecurityPolicy.h:
1964         * page/csp/ContentSecurityPolicyClient.cpp: Added. This file exists so that we can define the virtual
1965         destructor out-of-line and export this abstract class so as to avoid the need for the vtable to be
1966         defined in the translation unit of each derived class.
1967         * page/csp/ContentSecurityPolicyClient.h: Added.
1968         * page/csp/ContentSecurityPolicySource.cpp:
1969         (WebCore::ContentSecurityPolicySource::operator SecurityOriginData const): Added.
1970         * page/csp/ContentSecurityPolicySource.h:
1971         * workers/WorkerGlobalScope.cpp:
1972         (WebCore::WorkerGlobalScope::WorkerGlobalScope): Instantiate the ContentSecurityPolicy object with the
1973         URL of the worker script.
1974
1975 2018-05-07  Simon Fraser  <simon.fraser@apple.com>
1976
1977         CSS filters which reference SVG filters fail to respect the "color-interpolation-filters" of the filter
1978         https://bugs.webkit.org/show_bug.cgi?id=185343
1979
1980         Reviewed by Dean Jackson.
1981
1982         Test: css3/filters/color-interpolation-filters.html
1983         
1984         When applying CSS reference filters, apply the value of "color-interpolation-filters" for the
1985         referenced filter effect element, just as we do for SVG filters.
1986
1987         * rendering/FilterEffectRenderer.cpp:
1988         (WebCore::FilterEffectRenderer::buildReferenceFilter):
1989
1990 2018-05-07  Daniel Bates  <dabates@apple.com>
1991
1992         CSP status-code incorrect for document blocked due to violation of its frame-ancestors directive
1993         https://bugs.webkit.org/show_bug.cgi?id=185366
1994         <rdar://problem/40035116>
1995
1996         Reviewed by Brent Fulgham.
1997
1998         Fixes an issue where the status-code in the sent CSP report for an HTTP document blocked because
1999         its frame-ancestors directive was violated would be the status code of the previously loaded
2000         document in the frame. If the previously loaded document was about:blank then this would be 0.
2001
2002         Currently whenever we send a CSP report we ask the document's loader (Document::loader()) for the
2003         HTTP status code for the last response. Document::loader() returns the loader for the last committed
2004         document its frame. For a frame-ancestors violation, a CSP report is sent before the document
2005         that had the frame-ancestors directive has been committed and after it has been associate with a frame.
2006         As a result we are in are in a transient transition state for the frame and hence the last response
2007         for new document's loader (Document::loader()) is actually the last response of the previously loaded
2008         document in the frame. Instead we need to take care to tell CSP about the HTTP status code for the
2009         response associated with the document the CSP came from.
2010
2011         * dom/Document.cpp:
2012         (WebCore::Document::processHttpEquiv):
2013         (WebCore::Document::initSecurityContext):
2014         Pass the HTTP status code to CSP.
2015
2016         * page/csp/ContentSecurityPolicy.cpp:
2017         (WebCore::ContentSecurityPolicy::copyStateFrom):
2018         (WebCore::ContentSecurityPolicy::responseHeaders const):
2019         (WebCore::ContentSecurityPolicy::didReceiveHeaders):
2020         (WebCore::ContentSecurityPolicy::didReceiveHeader):
2021         (WebCore::ContentSecurityPolicy::reportViolation const):
2022         * page/csp/ContentSecurityPolicy.h:
2023         Modify existing functions to take the HTTP status code, store it in a instance variable,
2024         and reference this variable when reporting a violation.
2025
2026         * page/csp/ContentSecurityPolicyResponseHeaders.cpp:
2027         (WebCore::ContentSecurityPolicyResponseHeaders::ContentSecurityPolicyResponseHeaders):
2028         (WebCore::ContentSecurityPolicyResponseHeaders::isolatedCopy const):
2029         * page/csp/ContentSecurityPolicyResponseHeaders.h:
2030         (WebCore::ContentSecurityPolicyResponseHeaders::encode const):
2031         (WebCore::ContentSecurityPolicyResponseHeaders::decode):
2032         Store the HTTP status code along with the response headers.
2033
2034 2018-05-07  Daniel Bates  <dabates@apple.com>
2035
2036         CSP referrer incorrect for document blocked due to violation of its frame-ancestors directive
2037         https://bugs.webkit.org/show_bug.cgi?id=185380
2038
2039         Reviewed by Brent Fulgham.
2040
2041         Similar to <https://bugs.webkit.org/show_bug.cgi?id=185366>, fixes an issue where the referrer
2042         in the sent CSP report for an HTTP document blocked because its frame-ancestors directive was
2043         violated would be the referrer of the previously loaded document in the frame.
2044
2045         Currently whenever we send a CSP report we ask the document's loader (Document::loader()) for
2046         the referrer for the last request. Document::loader() returns the loader for the last committed
2047         document in its frame. For a frame-ancestors violation, a CSP report is sent before the document
2048         that had the frame-ancestors directive has been committed and after it has been associate with a
2049         frame. As a result we are in a transient transition state for the frame and hence the last request
2050         for the new document's loader (Document::loader()) is actually the last request of the previously
2051         loaded document in the frame. Instead we need to take care to tell CSP about the referrer for the
2052         request associated with the document the CSP came from.
2053
2054         * loader/DocumentLoader.cpp:
2055         (WebCore::DocumentLoader::responseReceived):
2056
2057 2018-05-07  Brent Fulgham  <bfulgham@apple.com>
2058
2059         Add experimental feature to prompt for Storage Access API use
2060         https://bugs.webkit.org/show_bug.cgi?id=185335
2061         <rdar://problem/39994649>
2062
2063         Reviewed by Alex Christensen and Youenn Fablet.
2064
2065         Create a new experimental feature that gates the ability of WebKit clients to prompt the user when
2066         Storage Access API is invoked.
2067
2068         Currently this feature doesn't have any user-visible impact.
2069
2070         * page/RuntimeEnabledFeatures.h:
2071         (WebCore::RuntimeEnabledFeatures::setStorageAccessPromptsEnabled):
2072         (WebCore::RuntimeEnabledFeatures::storageAccessPromptsEnabled const):
2073         * testing/InternalSettings.cpp:
2074         (WebCore::InternalSettings::Backup::Backup):
2075         (WebCore::InternalSettings::Backup::restoreTo):
2076         (WebCore::InternalSettings::setStorageAccessPromptsEnabled):
2077         * testing/InternalSettings.h:
2078         * testing/InternalSettings.idl:
2079
2080 2018-05-07  Chris Dumez  <cdumez@apple.com>
2081
2082         Stop using an iframe's id as fallback if its name attribute is not set
2083         https://bugs.webkit.org/show_bug.cgi?id=11388
2084
2085         Reviewed by Geoff Garen.
2086
2087         WebKit had logic to use an iframe's id as fallback name when its name
2088         content attribute is not set. This behavior was not standard and did not
2089         match other browsers:
2090         - https://html.spec.whatwg.org/#attr-iframe-name
2091
2092         Gecko / Trident never behaved this way. Blink was aligned with us until
2093         they started to match the specification in:
2094         - https://bugs.chromium.org/p/chromium/issues/detail?id=347169
2095
2096         This WebKit quirk was causing some Web-compatibility issues because it
2097         would affect the behavior of Window's name property getter when trying
2098         to look up an iframe by id. Because of Window's named property getter
2099         behavior [1], we would return the frame's contentWindow instead of the
2100         iframe element itself.
2101
2102         [1] https://html.spec.whatwg.org/multipage/window-object.html#named-access-on-the-window-object
2103
2104         Test: fast/dom/Window/named-getter-frame-id.html
2105
2106         * html/HTMLFrameElementBase.cpp:
2107         (WebCore::HTMLFrameElementBase::openURL):
2108         (WebCore::HTMLFrameElementBase::parseAttribute):
2109         (WebCore::HTMLFrameElementBase::didFinishInsertingNode):
2110         * html/HTMLFrameElementBase.h:
2111
2112 2018-05-07  Chris Dumez  <cdumez@apple.com>
2113
2114         ASSERT(!childItemWithTarget(child->target())) is hit in HistoryItem::addChildItem()
2115         https://bugs.webkit.org/show_bug.cgi?id=185322
2116
2117         Reviewed by Geoff Garen.
2118
2119         We generate unique names for Frame to be used in HistoryItem. Those names not only
2120         need to be unique, they also need to be repeatable to avoid layout tests flakiness
2121         and for things like restoring form state from a HistoryItem.
2122
2123         The previously generated frame names were relying on the Frame's index among a
2124         parent Frame's children. The issue was that we could end up with duplicate names
2125         because one could insert a Frame *before* an existing one. This is because the code
2126         would not take care of updating existing Frames' unique name on frame tree mutation.
2127
2128         Updating frame tree names on mutation would be inefficient and is also not necessary.
2129         The approach chosen in this patch is to stop using the Frame's index and instead rely
2130         on an increasing counter stored on the top-frame's FrameTree. To make the names
2131         repeatable, we reset the counter on page navigation.
2132
2133         * page/Frame.cpp:
2134         (WebCore::Frame::setDocument):
2135         * page/FrameTree.cpp:
2136         (WebCore::FrameTree::uniqueChildName const):
2137         (WebCore::FrameTree::generateUniqueName const):
2138         * page/FrameTree.h:
2139         (WebCore::FrameTree::resetFrameIdentifiers):
2140
2141 2018-05-07  Yacine Bandou  <yacine.bandou_ext@softathome.com>
2142
2143         [EME][GStreamer] Fix wrong subsample parsing on r227067
2144         https://bugs.webkit.org/show_bug.cgi?id=185382
2145
2146         Reviewed by Philippe Normand.
2147
2148         The initialization of sampleIndex should be moved outside of the loop.
2149         Without this patch we will have a bad log and the check of the subsample
2150         count will be useless.
2151
2152         * platform/graphics/gstreamer/eme/WebKitClearKeyDecryptorGStreamer.cpp:
2153         (webKitMediaClearKeyDecryptorDecrypt):
2154
2155 2018-05-07  Daniel Bates  <dabates@apple.com>
2156
2157         CSP should be passed the referrer
2158         https://bugs.webkit.org/show_bug.cgi?id=185367
2159
2160         Reviewed by Per Arne Vollan.
2161
2162         As a step towards formalizing a CSP delegate object and removing the dependencies
2163         on ScriptExecutionContext and Frame, we should pass the document's referrer directly
2164         instead of indirectly obtaining it from the ScriptExecutionContext or Frame used
2165         to instantiate the ContentSecurityPolicy object.
2166
2167         * dom/Document.cpp:
2168         (WebCore::Document::processHttpEquiv): Pass the document's referrer.
2169         (WebCore::Document::initSecurityContext): Ditto.
2170         (WebCore::Document::applyQuickLookSandbox): Ditto.
2171         * loader/DocumentLoader.cpp:
2172         (WebCore::DocumentLoader::responseReceived): Ditto.
2173         * loader/FrameLoader.cpp:
2174         (WebCore::FrameLoader::didBeginDocument): Ditto.
2175         * page/csp/ContentSecurityPolicy.cpp:
2176         (WebCore::ContentSecurityPolicy::copyStateFrom): We pass a null string for the referrer
2177         to didReceiveHeader() as a placeholder since it requires the referrer be given to it. We
2178         fix up the referrer (m_referrer) after copying all the policy headers.
2179         (WebCore::ContentSecurityPolicy::didReceiveHeaders): Ditto.
2180         (WebCore::ContentSecurityPolicy::didReceiveHeader): Modified to take a referrer and WTFMove()s
2181         it into an instance variable (m_referrer).
2182         (WebCore::ContentSecurityPolicy::reportViolation const): Modified to use the stored referrer.
2183         * page/csp/ContentSecurityPolicy.h:
2184         * workers/WorkerGlobalScope.cpp:
2185         (WebCore::WorkerGlobalScope::applyContentSecurityPolicyResponseHeaders): Pass a null string
2186         for the referrer as a worker does not have a referrer.
2187
2188 2018-05-07  Daniel Bates  <dabates@apple.com>
2189
2190         CSP should only notify Inspector to pause the debugger on the first policy to violate a directive
2191         https://bugs.webkit.org/show_bug.cgi?id=185364
2192
2193         Reviewed by Brent Fulgham.
2194
2195         Notify Web Inspector that a script was blocked on the first enforced CSP policy that it
2196         violates.
2197
2198         A page can have more than one enforced Content Security Policy. Currently for inline
2199         scripts, inline event handlers, JavaScript URLs, and eval() that are blocked by CSP
2200         we notify Web Inspector that it was blocked for each CSP policy that blocked it. When
2201         Web Inspector is notified it pauses script execution. It does not seem very meaningful
2202         to pause script execution on the same script for each CSP policy that blocked it.
2203         Therefore, only tell Web Inspector that a script was blocked for the first enforced CSP
2204         policy that blocked it.
2205
2206         * page/csp/ContentSecurityPolicy.cpp:
2207         (WebCore::ContentSecurityPolicy::allowJavaScriptURLs const):
2208         (WebCore::ContentSecurityPolicy::allowInlineEventHandlers const):
2209         (WebCore::ContentSecurityPolicy::allowInlineScript const):
2210         (WebCore::ContentSecurityPolicy::allowEval const):
2211
2212 2018-05-07  Daniel Bates  <dabates@apple.com>
2213
2214         Substitute CrossOriginPreflightResultCache::clear() for CrossOriginPreflightResultCache::empty()
2215         https://bugs.webkit.org/show_bug.cgi?id=185170
2216
2217         Reviewed by Per Arne Vollan.
2218
2219         Rename CrossOriginPreflightResultCache::empty() to CrossOriginPreflightResultCache::clear() make
2220         it consistent with the terminology we use in WebKit to signify a function that clears a collection.
2221         A member function named "empty" is expected to return an instance of a class in its "empty state".
2222         For example, StringImpl::empty() returns a StringImpl instance that represents the empty string.
2223         However CrossOriginPreflightResultCache::empty() clears out the cache in-place. We should rename
2224         this function to better describe its purpose.
2225
2226         * loader/CrossOriginPreflightResultCache.cpp:
2227         (WebCore::CrossOriginPreflightResultCache::clear):
2228         (WebCore::CrossOriginPreflightResultCache::empty): Deleted.
2229         * loader/CrossOriginPreflightResultCache.h:
2230
2231 2018-05-06  Dean Jackson  <dino@apple.com>
2232
2233         WebGL: Reset simulated values after validation fails
2234         https://bugs.webkit.org/show_bug.cgi?id=185363
2235         <rdar://problem/39733417>
2236
2237         Reviewed by Anders Carlsson.
2238
2239         While fixing a previous bug, I forgot to reset some values
2240         when validation fails. This caused a bug where a subsequent
2241         invalid call might use those values and escape detection.
2242
2243         Test: fast/canvas/webgl/index-validation-with-subsequent-draws.html
2244
2245         * html/canvas/WebGLRenderingContextBase.cpp:
2246         (WebCore::WebGLRenderingContextBase::simulateVertexAttrib0): Reset the
2247         sizes when validation fails.
2248         * html/canvas/WebGLRenderingContextBase.h:
2249
2250 2018-05-07  Ms2ger  <Ms2ger@igalia.com>
2251
2252         Support negative sw/sh values in createImageBitmap().
2253         https://bugs.webkit.org/show_bug.cgi?id=184449
2254
2255         Reviewed by Dean Jackson.
2256
2257         Tests: LayoutTests/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-drawImage.html
2258                LayoutTests/http/wpt/2dcontext/imagebitmap/createImageBitmap.html
2259
2260         * html/ImageBitmap.cpp:
2261         (WebCore::ImageBitmap::createPromise): handle negative values per spec.
2262
2263 2018-05-07  Brian Burg  <bburg@apple.com>
2264
2265         Web Inspector: opt out of process swap on navigation if a Web Inspector frontend is connected
2266         https://bugs.webkit.org/show_bug.cgi?id=184861
2267         <rdar://problem/39153768>
2268
2269         Reviewed by Timothy Hatcher.
2270
2271         Notify the client of the current connection count whenever a frontend connects or disconnects.
2272
2273         Covered by new API test.
2274
2275         * inspector/InspectorClient.h:
2276         (WebCore::InspectorClient::frontendCountChanged):
2277         * inspector/InspectorController.cpp:
2278         (WebCore::InspectorController::connectFrontend):
2279         (WebCore::InspectorController::disconnectFrontend):
2280         (WebCore::InspectorController::disconnectAllFrontends):
2281         * inspector/InspectorController.h:
2282
2283 2018-05-07  Eric Carlson  <eric.carlson@apple.com>
2284
2285         Text track cue logging should include cue text
2286         https://bugs.webkit.org/show_bug.cgi?id=185353
2287         <rdar://problem/40003565>
2288
2289         Reviewed by Youenn Fablet.
2290
2291         No new tests, tested manually.
2292
2293         * html/track/VTTCue.cpp:
2294         (WebCore::VTTCue::toJSONString const): Use toJSON.
2295         (WebCore::VTTCue::toJSON const): New.
2296         * html/track/VTTCue.h:
2297
2298         * platform/graphics/InbandTextTrackPrivateClient.h:
2299         (WebCore::GenericCueData::toJSONString const): Log m_content.
2300
2301         * platform/graphics/iso/ISOVTTCue.cpp:
2302         (WebCore::ISOWebVTTCue::toJSONString const): Log m_cueText.
2303
2304 2018-05-06  Zalan Bujtas  <zalan@apple.com>
2305
2306         [LFC] Add assertions for stale Display::Box geometry
2307         https://bugs.webkit.org/show_bug.cgi?id=185357
2308
2309         Reviewed by Antti Koivisto.
2310
2311         Ensure that we don't access stale geometry of other boxes during layout.
2312         For example, in order to layout a block child we need the containing block's content box top/left and width (but not the height)
2313
2314         * layout/displaytree/DisplayBox.h:
2315         (WebCore::Display::Box::invalidateTop):
2316         (WebCore::Display::Box::invalidateLeft):
2317         (WebCore::Display::Box::invalidateWidth):
2318         (WebCore::Display::Box::invalidateHeight):
2319         (WebCore::Display::Box::hasValidPosition const):
2320         (WebCore::Display::Box::hasValidSize const):
2321         (WebCore::Display::Box::hasValidGeometry const):
2322         (WebCore::Display::Box::invalidatePosition):
2323         (WebCore::Display::Box::invalidateSize):
2324         (WebCore::Display::Box::setHasValidPosition):
2325         (WebCore::Display::Box::setHasValidSize):
2326         (WebCore::Display::Box::setHasValidGeometry):
2327         (WebCore::Display::Box::rect const):
2328         (WebCore::Display::Box::top const):
2329         (WebCore::Display::Box::left const):
2330         (WebCore::Display::Box::bottom const):
2331         (WebCore::Display::Box::right const):
2332         (WebCore::Display::Box::topLeft const):
2333         (WebCore::Display::Box::bottomRight const):
2334         (WebCore::Display::Box::size const):
2335         (WebCore::Display::Box::width const):
2336         (WebCore::Display::Box::height const):
2337         (WebCore::Display::Box::setRect):
2338         (WebCore::Display::Box::setTopLeft):
2339         (WebCore::Display::Box::setTop):
2340         (WebCore::Display::Box::setLeft):
2341         (WebCore::Display::Box::setSize):
2342         (WebCore::Display::Box::setWidth):
2343         (WebCore::Display::Box::setHeight):
2344
2345 2018-05-06  Zalan Bujtas  <zalan@apple.com>
2346
2347         [LFC] Add BlockFormattingContext::computeStaticPosition
2348         https://bugs.webkit.org/show_bug.cgi?id=185352
2349
2350         Reviewed by Antti Koivisto.
2351
2352         This is the core logic for positioning inflow boxes in a block formatting context (very naive though).
2353
2354         * layout/blockformatting/BlockFormattingContext.cpp:
2355         (WebCore::Layout::BlockFormattingContext::computeStaticPosition const):
2356         * layout/displaytree/DisplayBox.h:
2357
2358 2018-05-05  Sam Weinig  <sam@webkit.org>
2359
2360         Cleanup XMLHttpRequestUpload a little
2361         https://bugs.webkit.org/show_bug.cgi?id=185344
2362
2363         Reviewed by Yusuke Suzuki.
2364
2365         * bindings/js/JSXMLHttpRequestCustom.cpp:
2366         (WebCore::JSXMLHttpRequest::visitAdditionalChildren):
2367         Use auto to reduce redundancy.
2368
2369         * xml/XMLHttpRequest.cpp:
2370         (WebCore::XMLHttpRequest::upload):
2371         * xml/XMLHttpRequest.h:
2372         Switch upload() to return a reference.
2373         
2374         * xml/XMLHttpRequestUpload.cpp:
2375         (WebCore::XMLHttpRequestUpload::XMLHttpRequestUpload):
2376         (WebCore::XMLHttpRequestUpload::dispatchProgressEvent):
2377         * xml/XMLHttpRequestUpload.h:
2378         Cleanup formatting, modernize and switch XMLHttpRequest member from a pointer
2379         to a reference.
2380
2381 2018-05-05  Dean Jackson  <dino@apple.com>
2382
2383         Draw a drop-shadow behind the system preview badge
2384         https://bugs.webkit.org/show_bug.cgi?id=185356
2385         <rdar://problem/40004936>
2386
2387         Reviewed by Wenson Hsieh.
2388
2389         Draw a very subtle drop-shadow under the system
2390         preview badge so that it is more visible on a pure
2391         white background.
2392
2393         I also moved some code around to make it more clear
2394         and improved comments.
2395
2396         * rendering/RenderThemeIOS.mm:
2397         (WebCore::RenderThemeIOS::paintSystemPreviewBadge):
2398
2399 2018-05-04  Wenson Hsieh  <wenson_hsieh@apple.com>
2400
2401         [iOS] Multiple links in Mail are dropped in a single line, and are difficult to tell apart
2402         https://bugs.webkit.org/show_bug.cgi?id=185289
2403         <rdar://problem/35756912>
2404
2405         Reviewed by Tim Horton and Darin Adler.
2406
2407         When inserting multiple URLs as individual items in a single drop, we currently separate each item with a space
2408         (see r217284). However, it still seems difficult to tell dropped links apart. This patch makes some slight
2409         tweaks to WebContentReader::readURL so that it inserts line breaks before dropped URLs, if the dropped URL isn't
2410         the first item to be inserted in the resulting document fragment.
2411
2412         Augments existing API tests in DataInteractionTests.
2413
2414         * editing/ios/WebContentReaderIOS.mm:
2415
2416         Additionally remove some extraneous header imports from this implementation file.
2417
2418         (WebCore::WebContentReader::readURL):
2419
2420 2018-05-02  Dean Jackson  <dino@apple.com>
2421
2422         Use IOSurfaces for CoreImage operations where possible
2423         https://bugs.webkit.org/show_bug.cgi?id=185230
2424         <rdar://problem/39926929>
2425
2426         Reviewed by Jon Lee.
2427
2428         On iOS hardware, we can use IOSurfaces as a rendering destination
2429         for CoreImage, which means we're keeping data on the GPU
2430         for rendering.
2431
2432         As a drive-by fix, I used a convenience method for Gaussian blurs.
2433
2434         * rendering/RenderThemeIOS.mm:
2435         (WebCore::RenderThemeIOS::paintSystemPreviewBadge):
2436
2437 2018-05-04  Tim Horton  <timothy_horton@apple.com>
2438
2439         Shift to a lower-level framework for simplifying URLs
2440         https://bugs.webkit.org/show_bug.cgi?id=185334
2441
2442         Reviewed by Dan Bernstein.
2443
2444         * Configurations/WebCore.xcconfig:
2445         * platform/mac/DragImageMac.mm:
2446         (WebCore::LinkImageLayout::LinkImageLayout):
2447
2448 2018-05-03  Ryosuke Niwa  <rniwa@webkit.org>
2449
2450         Release assert in ScriptController::canExecuteScripts via HTMLMediaElement::~HTMLMediaElement()
2451         https://bugs.webkit.org/show_bug.cgi?id=185288
2452
2453         Reviewed by Jer Noble.
2454
2455         The crash is caused by HTMLMediaElement::~HTMLMediaElement canceling the resource load via CachedResource
2456         which ends up calling FrameLoader::checkCompleted() and fire load event on the document synchronously.
2457         Speculatively fix the crash by scheduling the check instead.
2458
2459         In long term, ResourceLoader::cancel should never fire load event synchronously: webkit.org/b/185284.
2460
2461         Unfortunately, no new tests since I can't get MediaResource to get destructed at the right time.
2462
2463         * html/HTMLMediaElement.cpp:
2464         (WebCore::HTMLMediaElement::isRunningDestructor): Added to detect this specific case.
2465         (WebCore::HTMLMediaElementDestructorScope): Added.
2466         (WebCore::HTMLMediaElementDestructorScope::HTMLMediaElementDestructorScope): Added.
2467         (WebCore::HTMLMediaElementDestructorScope::~HTMLMediaElementDestructorScope): Added.
2468         (WebCore::HTMLMediaElement::~HTMLMediaElement): Instantiate HTMLMediaElement.
2469         * html/HTMLMediaElement.h:
2470         * loader/FrameLoader.cpp:
2471         (WebCore::FrameLoader::checkCompleted): Call scheduleCheckCompleted instead of synchronously calling
2472         checkCompleted if we're in the middle of destructing a HTMLMediaElement.
2473
2474 2018-05-04  Ryosuke Niwa  <rniwa@webkit.org>
2475
2476         Rename DocumentOrderedMap to TreeScopeOrderedMap
2477         https://bugs.webkit.org/show_bug.cgi?id=185290
2478
2479         Reviewed by Zalan Bujtas.
2480
2481         Renamed the class since it's almost always a mistake to use this class as a member variable of Document.
2482
2483         * Sources.txt:
2484         * WebCore.xcodeproj/project.pbxproj:
2485         * dom/MouseRelatedEvent.cpp: Include the forgotten DOMWindow.h. Unified build files bit us here.
2486         * dom/TreeScope.cpp:
2487         (WebCore::TreeScope::addElementById):
2488         (WebCore::TreeScope::addElementByName):
2489         (WebCore::TreeScope::addImageMap):
2490         (WebCore::TreeScope::addImageElementByUsemap):
2491         (WebCore::TreeScope::labelElementForId):
2492         * dom/TreeScope.h:
2493         * dom/TreeScopeOrderedMap.cpp: Renamed from DocumentOrderedMap.cpp
2494         * dom/TreeScopeOrderedMap.h: Renamed from DocumentOrderedMap.h
2495         * html/HTMLDocument.h:
2496
2497 2018-05-04  Don Olmstead  <don.olmstead@sony.com>
2498
2499         [Win][WebKit] Fix forwarding headers for Windows build
2500         https://bugs.webkit.org/show_bug.cgi?id=184412
2501
2502         Reviewed by Alex Christensen.
2503
2504         No new tests. No change in behavior.
2505
2506         * PlatformWin.cmake:
2507
2508 2018-05-04  Zalan Bujtas  <zalan@apple.com>
2509
2510         [Simple line layout] Add support for line layout box generation with multiple text renderers.
2511         https://bugs.webkit.org/show_bug.cgi?id=185276
2512
2513         Reviewed by Antti Koivisto.
2514
2515         Covered by existing tests.
2516
2517         * rendering/SimpleLineLayoutFunctions.cpp:
2518         (WebCore::SimpleLineLayout::canUseForLineBoxTree):
2519         (WebCore::SimpleLineLayout::generateLineBoxTree):
2520         * rendering/SimpleLineLayoutResolver.cpp:
2521         (WebCore::SimpleLineLayout::RunResolver::Run::renderer const):
2522         (WebCore::SimpleLineLayout::RunResolver::Run::localStart const):
2523         (WebCore::SimpleLineLayout::RunResolver::Run::localEnd const):
2524         * rendering/SimpleLineLayoutResolver.h:
2525
2526 2018-05-04  Timothy Hatcher  <timothy@apple.com>
2527
2528         Deprecate legacy WebView and friends
2529         https://bugs.webkit.org/show_bug.cgi?id=185279
2530         rdar://problem/33268700
2531
2532         Reviewed by Tim Horton.
2533
2534         * Configurations/WebCore.xcconfig:
2535         Added BUILDING_WEBKIT define to disable the deprecation macros.
2536         * bridge/objc/WebScriptObject.h:
2537         Added deprecation macros to WebScriptObject and WebUndefined.
2538         * platform/cocoa/WebKitAvailability.h:
2539         Added more macros and a way to disable deprecation warnings for
2540         WebKit build and in clients like Safari.
2541
2542 2018-05-04  Eric Carlson  <eric.carlson@apple.com>
2543
2544         Log media time range as JSON
2545         https://bugs.webkit.org/show_bug.cgi?id=185321
2546         <rdar://problem/39986746>
2547
2548         Reviewed by Youenn Fablet.
2549
2550         No new tests, tested manually.
2551
2552         * html/HTMLMediaElement.cpp:
2553         (WebCore::HTMLMediaElement::addPlayedRange): Log as time range.
2554         (WebCore::HTMLMediaElement::visibilityStateChanged): Cleanup.
2555
2556         * platform/graphics/MediaPlayer.h:
2557         (WTF::LogArgument<MediaTime>::toString):
2558         (WTF::LogArgument<MediaTimeRange>::toString):
2559
2560         * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp:
2561         (WebCore::InbandTextTrackPrivateAVF::processAttributedStrings): Log error as time range.
2562
2563 2018-05-04  Zalan Bujtas  <zalan@apple.com>
2564
2565         Use the containing block to compute the pagination gap when the container is inline.
2566         https://bugs.webkit.org/show_bug.cgi?id=184724
2567         <rdar://problem/39521800>
2568
2569         Reviewed by Simon Fraser.
2570
2571         Test: fast/overflow/page-overflow-with-inline-body-crash.html
2572
2573         * page/FrameView.cpp:
2574         (WebCore::FrameView::applyPaginationToViewport):
2575
2576 2018-05-04  Tim Horton  <timothy_horton@apple.com>
2577
2578         Don't use GSFont* in minimal simulator mode
2579         https://bugs.webkit.org/show_bug.cgi?id=185320
2580         <rdar://problem/39734478>
2581
2582         Reviewed by Beth Dakin.
2583
2584         * page/cocoa/MemoryReleaseCocoa.mm:
2585         (WebCore::platformReleaseMemory):
2586
2587 2018-05-04  Chris Dumez  <cdumez@apple.com>
2588
2589         Unreviewed, rolling out r231331.
2590
2591         Caused a few tests to assert
2592
2593         Reverted changeset:
2594
2595         "Stop using an iframe's id as fallback if its name attribute
2596         is not set"
2597         https://bugs.webkit.org/show_bug.cgi?id=11388
2598         https://trac.webkit.org/changeset/231331
2599
2600 2018-05-04  Youenn Fablet  <youenn@apple.com>
2601
2602         Use more references in updateTracksOfType
2603         https://bugs.webkit.org/show_bug.cgi?id=185305
2604
2605         Reviewed by Eric Carlson.
2606
2607         No change of behavior.
2608
2609         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
2610         (WebCore::updateTracksOfType):
2611         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateTracks):
2612
2613 2018-05-04  Myles C. Maxfield  <mmaxfield@apple.com>
2614
2615         Text shaping in the simple path is flipped in the y direction
2616         https://bugs.webkit.org/show_bug.cgi?id=185062
2617         <rdar://problem/39778678>
2618
2619         Reviewed by Simon Fraser.
2620
2621         Shaping in our simple codepath occurs in an "increasing-y-goes-up" coordinate system, but our painting
2622         code uses an "increasing-y-goes-down" coordinate system. We weren't fixing up the coordinate systems
2623         because we never noticed. This is because the simple codepath is only designed for kerning and ligatures,
2624         neither of which move glyphs vertically in the common case.
2625
2626         Test: fast/text/vertical-displacement-simple-codepath.html
2627
2628         * platform/graphics/Font.cpp:
2629         (WebCore::Font::applyTransforms const):
2630         * platform/graphics/WidthIterator.cpp:
2631         (WebCore::WidthIterator::applyFontTransforms):
2632
2633 2018-05-04  Chris Nardi  <cnardi@chromium.org>
2634
2635         Serialize all URLs with double-quotes per CSSOM spec
2636         https://bugs.webkit.org/show_bug.cgi?id=184935
2637
2638         Reviewed by Antti Koivisto.
2639
2640         According to https://drafts.csswg.org/cssom/#serialize-a-url, all URLs should be serialized as strings,
2641         which means they should have double quotes around the text of the URL. Update our implementation to match
2642         this (and Firefox/Chrome). Also remove isCSSTokenizerURL() as this method is no longer needed.
2643
2644         Tests: Many LayoutTests updated to use double quotes.
2645
2646         * css/CSSMarkup.cpp:
2647         (WebCore::serializeString): Remove FIXME as this was already fixed in a previous patch.
2648         (WebCore::serializeURL): Remove FIXME and update implementation.
2649
2650 2018-05-04  Youenn Fablet  <youenn@apple.com>
2651
2652         LayoutTests/fast/mediastream/change-tracks-media-stream-being-played.html is crashing after r231304
2653         https://bugs.webkit.org/show_bug.cgi?id=185303
2654
2655         Reviewed by Eric Carlson.
2656
2657         We need to stop observing the audio track like we do for video track once we are no longer interested in it.
2658         Covered by test no longer crashing.
2659
2660         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
2661         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateTracks):
2662
2663 2018-05-04  Zalan Bujtas  <zalan@apple.com>
2664
2665         [LFC] Set the invalidation root as the result of style change.
2666         https://bugs.webkit.org/show_bug.cgi?id=185301
2667
2668         Reviewed by Antti Koivisto.
2669
2670         Compute/propagate the update type on the ancestor chain and return the invalidation root
2671         so that LayoutContext could use it as the entry point for the next layout frame.
2672
2673         * layout/LayoutContext.cpp:
2674         (WebCore::Layout::LayoutContext::updateLayout):
2675         (WebCore::Layout::LayoutContext::styleChanged):
2676         * layout/LayoutContext.h: order is not important.
2677         * layout/blockformatting/BlockInvalidation.cpp:
2678         (WebCore::Layout::invalidationStopsAtFormattingContextBoundary):
2679         (WebCore::Layout::computeUpdateType):
2680         (WebCore::Layout::computeUpdateTypeForAncestor):
2681         (WebCore::Layout::BlockInvalidation::invalidate):
2682         * layout/blockformatting/BlockInvalidation.h:
2683         * layout/inlineformatting/InlineInvalidation.cpp:
2684         (WebCore::Layout::InlineInvalidation::invalidate):
2685         * layout/inlineformatting/InlineInvalidation.h:
2686
2687 2018-05-04  Youenn Fablet  <youenn@apple.com>
2688
2689         PeerConnection should have its connectionState closed even if doing gathering
2690         https://bugs.webkit.org/show_bug.cgi?id=185267
2691
2692         Reviewed by Darin Adler.
2693
2694         Test: webrtc/addICECandidate-closed.html
2695
2696         In case m_iceConnectionState is closed, m_connectionState should also be set to closed
2697         and RTCPeerConnection should be closed so as to reject any other call.
2698
2699         * Modules/mediastream/RTCPeerConnection.cpp:
2700         (WebCore::RTCPeerConnection::close):
2701         (WebCore::RTCPeerConnection::updateConnectionState):
2702
2703 2018-05-04  Yacine Bandou  <yacine.bandou_ext@softathome.com>
2704
2705         [MSE][GStreamer] Delete properly the stream from the WebKitMediaSource
2706         https://bugs.webkit.org/show_bug.cgi?id=185242
2707
2708         Reviewed by Xabier Rodriguez-Calvar.
2709
2710         When the sourceBuffer is removed from mediasource, the appropriate stream is not
2711         properly deleted from WebKitMediaSource, because the appsrc and parser elements
2712         of the stream are not removed from the WebKitMediaSource bin.
2713
2714         This patch avoids the regression of r231089, see https://bugs.webkit.org/show_bug.cgi?id=185071
2715
2716         * platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamer.cpp:
2717         (webKitMediaSrcFreeStream):
2718
2719 2018-05-04  Carlos Garcia Campos  <cgarcia@igalia.com>
2720
2721         [GTK] Epiphany (GNOME Web) says "Error downloading: Service Unavailable." when trying to download an image from discogs.com
2722         https://bugs.webkit.org/show_bug.cgi?id=174730
2723
2724         Reviewed by Michael Catanzaro.
2725
2726         Export ResourceRequestBase::hasHTTPHeaderField().
2727
2728         * platform/network/ResourceRequestBase.h:
2729
2730 2018-05-03  Yusuke Suzuki  <utatane.tea@gmail.com>
2731
2732         Use subprocess.call instead of os.system to handle path with spaces
2733         https://bugs.webkit.org/show_bug.cgi?id=185291
2734
2735         Reviewed by Darin Adler.
2736
2737         If gperf path includes spaces, these python scripts fail to execute gperf.
2738         We use subprocess module instead of os.system to invoke gperf.
2739
2740         * css/makeSelectorPseudoClassAndCompatibilityElementMap.py:
2741         * css/makeSelectorPseudoElementsMap.py:
2742         * platform/network/create-http-header-name-table:
2743
2744 2018-05-03  Yusuke Suzuki  <utatane.tea@gmail.com>
2745
2746         Unreviewed, attempt to fix WinCairo build failure
2747         https://bugs.webkit.org/show_bug.cgi?id=185218
2748
2749         * platform/text/win/LocaleWin.cpp:
2750         (WebCore::LocaleWin::getLocaleInfoString):
2751
2752 2018-05-03  Filip Pizlo  <fpizlo@apple.com>
2753
2754         Strings should not be allocated in a gigacage
2755         https://bugs.webkit.org/show_bug.cgi?id=185218
2756
2757         Reviewed by Saam Barati.
2758
2759         No new tests because no new behavior.
2760
2761         * Modules/indexeddb/server/IDBSerialization.cpp:
2762         (WebCore::decodeKey):
2763         * bindings/js/SerializedScriptValue.cpp:
2764         (WebCore::CloneDeserializer::readString):
2765         * html/canvas/CanvasRenderingContext2D.cpp:
2766         (WebCore::normalizeSpaces):
2767         * html/parser/HTMLTreeBuilder.cpp:
2768         (WebCore::HTMLTreeBuilder::ExternalCharacterTokenBuffer::takeRemainingWhitespace):
2769         * platform/URLParser.cpp:
2770         (WebCore::percentEncodeByte):
2771         (WebCore::serializeURLEncodedForm):
2772         (WebCore::URLParser::serialize):
2773         * platform/URLParser.h:
2774         * platform/graphics/FourCC.cpp:
2775         (WebCore::FourCC::toString const):
2776         * platform/graphics/ca/GraphicsLayerCA.cpp:
2777         (WebCore::GraphicsLayerCA::ReplicaState::cloneID const):
2778         * platform/text/LocaleICU.cpp:
2779         (WebCore::LocaleICU::decimalSymbol):
2780         (WebCore::LocaleICU::decimalTextAttribute):
2781         (WebCore::getDateFormatPattern):
2782         (WebCore::LocaleICU::createLabelVector):
2783         (WebCore::getFormatForSkeleton):
2784         * platform/win/FileSystemWin.cpp:
2785         (WebCore::FileSystem::getFinalPathName):
2786         (WebCore::FileSystem::pathByAppendingComponent):
2787         (WebCore::FileSystem::storageDirectory):
2788
2789 2018-05-02  Brent Fulgham  <bfulgham@apple.com>
2790
2791         Widgets should hold a WeakPtr to their parents
2792         https://bugs.webkit.org/show_bug.cgi?id=185239
2793         <rdar://problem/39741250>
2794
2795         Reviewed by Zalan Bujtas.
2796
2797         * platform/ScrollView.h:
2798         (WebCore::ScrollView::weakPtrFactory): Added.
2799         * platform/Widget.cpp:
2800         (WebCore::Widget::init): Don't perform an unnecessary assignment.
2801         (WebCore::Widget::setParent): Grab a WeakPtr to the parent ScrollView.
2802         * platform/Widget.h:
2803         (WebCore::Widget::parent const): Change type to a WeakPtr.
2804
2805 2018-05-03  Yusuke Suzuki  <utatane.tea@gmail.com>
2806
2807         Use pointer instead of std::optional<T&>
2808         https://bugs.webkit.org/show_bug.cgi?id=185186
2809
2810         Reviewed by Alex Christensen.
2811
2812         std::optional<T&> is not accepted in C++17 spec.
2813         In this patch, we replace it with T*, which is well-aligned to
2814         WebKit's convention.
2815
2816         * Modules/mediastream/RTCPeerConnection.cpp:
2817         (WebCore::iceServersFromConfiguration):
2818         (WebCore::RTCPeerConnection::initializeConfiguration):
2819         (WebCore::RTCPeerConnection::setConfiguration):
2820         * css/parser/CSSParser.cpp:
2821         (WebCore::CSSParser::parseSystemColor):
2822         * css/parser/CSSParser.h:
2823         * dom/DatasetDOMStringMap.cpp:
2824         (WebCore::DatasetDOMStringMap::item const):
2825         (WebCore::DatasetDOMStringMap::namedItem const):
2826         (WebCore:: const): Deleted.
2827         * dom/DatasetDOMStringMap.h:
2828         * dom/Element.cpp:
2829         (WebCore::Element::insertAdjacentHTML):
2830         * dom/Element.h:
2831         * html/canvas/CanvasStyle.cpp:
2832         (WebCore::parseColor):
2833         * inspector/DOMEditor.cpp:
2834         * platform/network/curl/CurlFormDataStream.cpp:
2835         (WebCore::CurlFormDataStream::getPostData):
2836         (): Deleted.
2837         * platform/network/curl/CurlFormDataStream.h:
2838         * platform/network/curl/CurlRequest.cpp:
2839         (WebCore::CurlRequest::setupPOST):
2840         * testing/MockCDMFactory.cpp:
2841         (WebCore::MockCDMFactory::keysForSessionWithID const):
2842         (WebCore::MockCDMInstance::updateLicense):
2843         (WebCore:: const): Deleted.
2844         * testing/MockCDMFactory.h:
2845
2846 2018-05-03  Chris Dumez  <cdumez@apple.com>
2847
2848         Stop using an iframe's id as fallback if its name attribute is not set
2849         https://bugs.webkit.org/show_bug.cgi?id=11388
2850
2851         Reviewed by Geoff Garen.
2852
2853         WebKit had logic to use an iframe's id as fallback name when its name
2854         content attribute is not set. This behavior was not standard and did not
2855         match other browsers:
2856         - https://html.spec.whatwg.org/#attr-iframe-name
2857
2858         Gecko / Trident never behaved this way. Blink was aligned with us until
2859         they started to match the specification in:
2860         - https://bugs.chromium.org/p/chromium/issues/detail?id=347169
2861
2862         This WebKit quirk was causing some Web-compatibility issues because it
2863         would affect the behavior of Window's name property getter when trying
2864         to look up an iframe by id. Because of Window's named property getter
2865         behavior [1], we would return the frame's contentWindow instead of the
2866         iframe element itself.
2867
2868         [1] https://html.spec.whatwg.org/multipage/window-object.html#named-access-on-the-window-object
2869
2870         Test: fast/dom/Window/named-getter-frame-id.html
2871
2872         * html/HTMLFrameElementBase.cpp:
2873         (WebCore::HTMLFrameElementBase::openURL):
2874         (WebCore::HTMLFrameElementBase::parseAttribute):
2875         (WebCore::HTMLFrameElementBase::didFinishInsertingNode):
2876         * html/HTMLFrameElementBase.h:
2877
2878 2018-05-03  Eric Carlson  <eric.carlson@apple.com>
2879
2880         [iOS] Internal text and audio tracks not in fullscreen menu
2881         https://bugs.webkit.org/show_bug.cgi?id=185268
2882         <rdar://problem/38673440>
2883
2884         Reviewed by Jer Noble.
2885
2886         * platform/cocoa/PlaybackSessionModelMediaElement.mm:
2887         (WebCore::PlaybackSessionModelMediaElement::setMediaElement): 'addtrack' and 'removetrack'
2888         events are fired at the track lists, not the media element.
2889
2890 2018-05-03  Ryosuke Niwa  <rniwa@webkit.org>
2891
2892         Using image map inside a shadow tree results hits a release assert in DocumentOrderedMap::add
2893         https://bugs.webkit.org/show_bug.cgi?id=185238
2894
2895         Reviewed by Antti Koivisto.
2896
2897         The bug was caused by DocumentOrderedMap for the image elements with usemap being stored in Document
2898         even if those image elements were in a shadow tree. Fixed the bug by moving the map to TreeScope.
2899
2900         Test: fast/images/imagemap-in-nested-shadow-tree.html
2901               fast/images/imagemap-in-shadow-tree.html
2902
2903         * dom/Document.cpp:
2904         (WebCore::Document::addImageElementByUsemap): Moved to TreeScope.
2905         (WebCore::Document::removeImageElementByUsemap): Ditto.
2906         (WebCore::Document::imageElementByUsemap const): Ditto.
2907         * dom/Document.h:
2908         * dom/TreeScope.cpp:
2909         (WebCore::TreeScope::destroyTreeScopeData): Clear m_imagesByUsemap as well as m_elementsByName.
2910         (WebCore::TreeScope::getImageMap const): Removed the code to parse usemap. RenderImage::imageMap()
2911         which used to call this function with the raw value of the usemap content attribute now calls it
2912         via HTMLImageElement::associatedMapElement(), which uses the parsed usemap.
2913         (WebCore::TreeScope::addImageElementByUsemap): Moved from Document.
2914         (WebCore::TreeScope::removeImageElementByUsemap): Ditto.
2915         (WebCore::TreeScope::imageElementByUsemap const): Ditto.
2916         * dom/TreeScope.h:
2917         * html/HTMLImageElement.cpp:
2918         (WebCore::HTMLImageElement::parseAttribute):
2919         (WebCore::HTMLImageElement::insertedIntoAncestor): This image element can be associated with a map element
2920         if it's connected to a document.
2921         (WebCore::HTMLImageElement::removedFromAncestor):
2922         (WebCore::HTMLImageElement::associatedMapElement const):
2923         * html/HTMLImageElement.h:
2924         * html/HTMLMapElement.cpp:
2925         (WebCore::HTMLMapElement::imageElement):
2926         * rendering/RenderImage.cpp:
2927         (WebCore::RenderImage::imageMap const):
2928
2929 2018-05-03  Justin Fan  <justin_fan@apple.com>
2930
2931         [WebGL] Add runtime flag for enabling ASTC support in WebGL
2932         https://bugs.webkit.org/show_bug.cgi?id=184840
2933
2934         Reviewed by Myles C. Maxfield.
2935
2936         Added runtime flag for ASTC support in WebGL, to turn on/off when extension is implemented.
2937
2938         * page/RuntimeEnabledFeatures.h:
2939         (WebCore::RuntimeEnabledFeatures::setWebGLCompressedTextureASTCSupportEnabled):
2940         (WebCore::RuntimeEnabledFeatures::webGLCompressedTextureASTCSupportEnabled const):
2941
2942 2018-05-03  Chris Nardi  <cnardi@chromium.org>
2943
2944         Remove [NoInterfaceObject] from DOMRectList
2945         https://bugs.webkit.org/show_bug.cgi?id=185255
2946
2947         Reviewed by Chris Dumez.
2948
2949         In https://github.com/w3c/fxtf-drafts/issues/233, [NoInterfaceObject] was removed
2950         from DOMRectList. Remove it from our implementation to match the spec, as well as
2951         Chrome and Firefox.
2952
2953         Updated web platform tests IDL test for the Geometry spec.
2954
2955         * dom/DOMRectList.idl:
2956
2957 2018-05-03  Chris Dumez  <cdumez@apple.com>
2958
2959         REGRESSION(iOS 11.3): Crashes in TimerBase::~TimerBase() in Tencent x5gamehelper
2960         https://bugs.webkit.org/show_bug.cgi?id=185073
2961         <rdar://problem/39821223>
2962
2963         Reviewed by Alexey Proskuryakov.
2964
2965         The following changes were made:
2966         - Make sure SocketStream callbacks are always scheduled on the right runloop:
2967           WebThreadRunLoop() on WebKitLegacy iOS, loaderRunLoop() on Windows and
2968           main runloop otherwise.
2969         - When the SocketStream callbacks are called, unconditionally call callOnMainThreadAndWait()
2970           before calling methods on the SocketStream client. Previously, this code path
2971           was specific to Windows but there is no reason to have platform-specific code here.
2972           callOnMainThreadAndWait() calls the function right away if we're already on the main
2973           thread, which will be the case on other platform than Windows.
2974
2975         * platform/network/cf/SocketStreamHandleImplCFNet.cpp:
2976         (WebCore::callbacksRunLoop):
2977         (WebCore::callbacksRunLoopMode):
2978         (WebCore::SocketStreamHandleImpl::scheduleStreams):
2979         (WebCore::SocketStreamHandleImpl::pacExecutionCallback):
2980         (WebCore::SocketStreamHandleImpl::executePACFileURL):
2981         (WebCore::SocketStreamHandleImpl::removePACRunLoopSource):
2982         (WebCore::SocketStreamHandleImpl::readStreamCallback):
2983         (WebCore::SocketStreamHandleImpl::writeStreamCallback):
2984         (WebCore::SocketStreamHandleImpl::platformClose):
2985
2986 2018-05-03  Zalan Bujtas  <zalan@apple.com>
2987
2988         [LFC] Enable multiple layout roots for incremental layout.
2989         https://bugs.webkit.org/show_bug.cgi?id=185185
2990
2991         Reviewed by Antti Koivisto.
2992
2993         With certain type of style changes, we can stop the box invalidation at the formatting context boundary.
2994         When multiple boxes need updating in different formatting contexts, instead of marking the parent containing block chain all
2995         the way up to a common ancestor, we could just work with a list of layout entry points per layout frame.
2996
2997         * layout/FormattingState.h:
2998         * layout/LayoutContext.cpp:
2999         (WebCore::Layout::LayoutContext::updateLayout):
3000         (WebCore::Layout::LayoutContext::addLayoutEntryPoint):
3001         * layout/LayoutContext.h:
3002
3003 2018-05-03  Zalan Bujtas  <zalan@apple.com>
3004
3005         [LFC] Box invalidation logic should go to dedicated classes.
3006         https://bugs.webkit.org/show_bug.cgi?id=185249
3007
3008         Reviewed by Antti Koivisto.
3009
3010         Each formatting context can initiate a different type of invalidation when
3011         style attribute changes in a box.
3012
3013         * Sources.txt:
3014         * WebCore.xcodeproj/project.pbxproj:
3015         * layout/FormattingState.cpp:
3016         (WebCore::Layout::FormattingState::FormattingState):
3017         * layout/FormattingState.h:
3018         (WebCore::Layout::FormattingState::isBlockFormattingState const):
3019         (WebCore::Layout::FormattingState::isInlineFormattingState const):
3020         * layout/LayoutContext.cpp:
3021         (WebCore::Layout::LayoutContext::styleChanged):
3022         (WebCore::Layout::LayoutContext::markNeedsUpdate):
3023         * layout/LayoutContext.h:
3024         * layout/blockformatting/BlockFormattingState.cpp:
3025         (WebCore::Layout::BlockFormattingState::BlockFormattingState):
3026         * layout/blockformatting/BlockFormattingState.h:
3027         * layout/blockformatting/BlockInvalidation.cpp: Copied from Source/WebCore/layout/blockformatting/BlockFormattingState.cpp.
3028         (WebCore::Layout::BlockInvalidation::invalidate):
3029         * layout/blockformatting/BlockInvalidation.h: Copied from Source/WebCore/layout/inlineformatting/InlineFormattingState.h.
3030         * layout/inlineformatting/InlineFormattingState.cpp:
3031         (WebCore::Layout::InlineFormattingState::InlineFormattingState):
3032         * layout/inlineformatting/InlineFormattingState.h:
3033         * layout/inlineformatting/InlineInvalidation.cpp: Copied from Source/WebCore/layout/inlineformatting/InlineFormattingState.cpp.
3034         (WebCore::Layout::InlineInvalidation::invalidate):
3035         * layout/inlineformatting/InlineInvalidation.h: Copied from Source/WebCore/layout/blockformatting/BlockFormattingState.h.
3036
3037 2018-05-03  Michael Catanzaro  <mcatanzaro@igalia.com>
3038
3039         WebKit should send fake macOS user agent to docs.google.com
3040         https://bugs.webkit.org/show_bug.cgi?id=185165
3041
3042         Reviewed by Carlos Garcia Campos.
3043
3044         * platform/UserAgentQuirks.cpp:
3045         (WebCore::urlRequiresMacintoshPlatform):
3046         (WebCore::urlRequiresLinuxDesktopPlatform):
3047
3048 2018-05-03  Commit Queue  <commit-queue@webkit.org>
3049
3050         Unreviewed, rolling out r231223 and r231288.
3051         https://bugs.webkit.org/show_bug.cgi?id=185256
3052
3053         The change in r231223 breaks internal builds, and r231288 is a
3054         dependent change. (Requested by ryanhaddad on #webkit).
3055
3056         Reverted changesets:
3057
3058         "Use default std::optional if it is provided"
3059         https://bugs.webkit.org/show_bug.cgi?id=185159
3060         https://trac.webkit.org/changeset/231223
3061
3062         "Use pointer instead of
3063         std::optional<std::reference_wrapper<>>"
3064         https://bugs.webkit.org/show_bug.cgi?id=185186
3065         https://trac.webkit.org/changeset/231288
3066
3067 2018-05-03  Ryan Haddad  <ryanhaddad@apple.com>
3068
3069         Unreviewed, rolling out r231253.
3070
3071         The API test added with this change is crashing on the bots.
3072
3073         Reverted changeset:
3074
3075         "Web Inspector: opt out of process swap on navigation if a Web
3076         Inspector frontend is connected"
3077         https://bugs.webkit.org/show_bug.cgi?id=184861
3078         https://trac.webkit.org/changeset/231253
3079
3080 2018-05-03  Youenn Fablet  <youenn@apple.com>
3081
3082         A MediaStream being played should allow removing some of its tracks
3083         https://bugs.webkit.org/show_bug.cgi?id=185233
3084
3085         Reviewed by Eric Carlson.
3086
3087         Update the tracks out of the for loop.
3088         Test: fast/mediastream/change-tracks-media-stream-being-played.html
3089
3090         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
3091         (WebCore::updateTracksOfType):
3092
3093 2018-05-03  Miguel Gomez  <magomez@igalia.com>
3094
3095         WebCore::TextureMapperLayer object used after freed
3096         https://bugs.webkit.org/show_bug.cgi?id=184729
3097
3098         Reviewed by Michael Catanzaro.
3099
3100         Replace the raw pointers with WeakPtr for effectTarget, maskLayer and replicaLayer
3101         inside TextureMapperLayer.
3102
3103         * platform/graphics/texmap/TextureMapperLayer.cpp:
3104         (WebCore::TextureMapperLayer::~TextureMapperLayer):
3105         (WebCore::TextureMapperLayer::setMaskLayer):
3106         (WebCore::TextureMapperLayer::setReplicaLayer):
3107         * platform/graphics/texmap/TextureMapperLayer.h:
3108
3109 2018-05-03  Basuke Suzuki  <Basuke.Suzuki@sony.com>
3110
3111         [Curl] Add OpenSSL/LibreSSL multi-threading support
3112         https://bugs.webkit.org/show_bug.cgi?id=185138
3113
3114         The older OpenSSL manual says the locking_function and threadid_function should
3115         be set when use it in multi-threading environment. This applies to LibreSSL also.
3116         https://www.openssl.org/docs/man1.0.2/crypto/threads.html
3117
3118         For unix and other similar os, the default threadId_function implementation is
3119         good enough. We'll set custom callback only for Windows OS.
3120
3121         Note it's not required for OpenSSL 1.1.0 and after.
3122         https://www.openssl.org/blog/blog/2017/02/21/threads/
3123
3124         Reviewed by Per Arne Vollan.
3125
3126         * platform/network/curl/CurlSSLHandle.cpp:
3127         (WebCore::CurlSSLHandle::CurlSSLHandle):
3128         (WebCore::CurlSSLHandle::ThreadSupport::ThreadSupport):
3129         (WebCore::CurlSSLHandle::ThreadSupport::lockingCallback):
3130         (WebCore::CurlSSLHandle::ThreadSupport::threadIdCallback):
3131         * platform/network/curl/CurlSSLHandle.h:
3132         (WebCore::CurlSSLHandle::ThreadSupport::setup):
3133         (WebCore::CurlSSLHandle::ThreadSupport::singleton):
3134         (WebCore::CurlSSLHandle::ThreadSupport::lock):
3135         (WebCore::CurlSSLHandle::ThreadSupport::unlock):
3136
3137 2018-05-02  Ryosuke Niwa  <rniwa@webkit.org>
3138
3139         Remove superfluous check for a null attribute value check in Element::removeAttributeInternal
3140         https://bugs.webkit.org/show_bug.cgi?id=185227
3141
3142         Reviewed by Chris Dumez.
3143
3144         Removed the check. The attribute value string can never be null.
3145
3146         * dom/Element.cpp:
3147         (WebCore::Element::removeAttributeInternal):
3148
3149 2018-05-02  Zalan Bujtas  <zalan@apple.com>
3150
3151         [LFC] Implement LayoutContext::createDisplayBox
3152         https://bugs.webkit.org/show_bug.cgi?id=185158
3153
3154         Reviewed by Antti Koivisto.
3155
3156         Now compute*() functions take both the const layout and the corresponding non-const display boxes.
3157         Display boxes are owned by the LayoutContext and they don't form a tree structure (only implicitly through the layout tree).
3158         (This might need to change in the future if we decide to arrange them in some sort of painting order)
3159
3160         * layout/FloatingContext.cpp:
3161         (WebCore::Layout::FloatingContext::computePosition):
3162         * layout/FloatingContext.h:
3163         * layout/FormattingContext.cpp:
3164         (WebCore::Layout::FormattingContext::computeStaticPosition const):
3165         (WebCore::Layout::FormattingContext::computeInFlowPositionedPosition const):
3166         (WebCore::Layout::FormattingContext::computeOutOfFlowPosition const):
3167         (WebCore::Layout::FormattingContext::computeWidth const):
3168         (WebCore::Layout::FormattingContext::computeHeight const):
3169         (WebCore::Layout::FormattingContext::computeOutOfFlowWidth const):
3170         (WebCore::Layout::FormattingContext::computeFloatingWidth const):
3171         (WebCore::Layout::FormattingContext::computeOutOfFlowHeight const):
3172         (WebCore::Layout::FormattingContext::computeFloatingHeight const):
3173         * layout/FormattingContext.h:
3174         * layout/LayoutContext.cpp:
3175         (WebCore::Layout::LayoutContext::createDisplayBox):
3176         * layout/LayoutContext.h:
3177         (WebCore::Layout::LayoutContext::displayBoxForLayoutBox const):
3178         * layout/blockformatting/BlockFormattingContext.cpp:
3179         (WebCore::Layout::BlockFormattingContext::layout const):
3180         (WebCore::Layout::BlockFormattingContext::computeStaticPosition const):
3181         (WebCore::Layout::BlockFormattingContext::computeInFlowWidth const):
3182         (WebCore::Layout::BlockFormattingContext::computeInFlowHeight const):
3183         * layout/blockformatting/BlockFormattingContext.h:
3184         * layout/displaytree/DisplayBox.h:
3185         (WebCore::Display::Box::parent const): Deleted.
3186         (WebCore::Display::Box::nextSibling const): Deleted.
3187         (WebCore::Display::Box::previousSibling const): Deleted.
3188         (WebCore::Display::Box::firstChild const): Deleted.
3189         (WebCore::Display::Box::lastChild const): Deleted.
3190         (WebCore::Display::Box::setParent): Deleted.
3191         (WebCore::Display::Box::setNextSibling): Deleted.
3192         (WebCore::Display::Box::setPreviousSibling): Deleted.
3193         (WebCore::Display::Box::setFirstChild): Deleted.
3194         (WebCore::Display::Box::setLastChild): Deleted.
3195         (): Deleted.
3196         * layout/inlineformatting/InlineFormattingContext.cpp:
3197         (WebCore::Layout::InlineFormattingContext::computeInFlowWidth const):
3198         (WebCore::Layout::InlineFormattingContext::computeInFlowHeight const):
3199         * layout/inlineformatting/InlineFormattingContext.h:
3200
3201 2018-05-02  Said Abou-Hallawa  <sabouhallawa@apple.com>
3202
3203         Hiding then showing an <object> of type image makes the underlaying image disappear
3204         https://bugs.webkit.org/show_bug.cgi?id=185216
3205         <rdar://problem/39055630>
3206
3207         Reviewed by Youenn Fablet.
3208
3209         Ensure the HTMLPlugInImageElement updates the RenderImageResource of its
3210         RenderImage with the CachedImage of its ImageLoader when the RenderImage
3211         is recreated.
3212
3213         Test: fast/images/object-image-hide-show.html
3214
3215         * html/HTMLPlugInImageElement.cpp:
3216         (WebCore::HTMLPlugInImageElement::didAttachRenderers):
3217         This is very similar to what we do in HTMLImageElement::didAttachRenderers().
3218
3219
3220 2018-05-02  Brent Fulgham  <bfulgham@apple.com>
3221
3222         Use RetainPtr for form input type
3223         https://bugs.webkit.org/show_bug.cgi?id=185210
3224         <rdar://problem/39734040>
3225
3226         Reviewed by Ryosuke Niwa.
3227
3228         Refactor our HTMLInputElement class to store its InputType member as a RefPtr.
3229
3230         Test: fast/forms/access-key-mutation-2.html.
3231
3232         * html/HTMLInputElement.cpp:
3233         (WebCore::HTMLInputElement::HTMLInputElement):
3234         (WebCore::HTMLInputElement::didAddUserAgentShadowRoot):
3235         (WebCore::HTMLInputElement::accessKeyAction):
3236         (WebCore::HTMLInputElement::parseAttribute):
3237         (WebCore::HTMLInputElement::appendFormData):
3238         * html/HTMLInputElement.h:
3239         * html/InputType.cpp:
3240         (WebCore::createInputType):
3241         (WebCore::InputType::create):
3242         (WebCore::InputType::createText):
3243         * html/InputType.h:
3244
3245 2018-05-01  Yusuke Suzuki  <utatane.tea@gmail.com>
3246
3247         Use pointer instead of std::optional<std::reference_wrapper<>>
3248         https://bugs.webkit.org/show_bug.cgi?id=185186
3249
3250         Reviewed by Alex Christensen.
3251
3252         std::optional<T&> is not accepted in C++17 spec. So we replaced it
3253         with std::optional<std::reference_wrapper<T>>.
3254
3255         In this patch, we replace it with T*, which is well-aligned to
3256         WebKit's convention.
3257
3258         * Modules/mediastream/RTCPeerConnection.cpp:
3259         (WebCore::iceServersFromConfiguration):
3260         (WebCore::RTCPeerConnection::initializeConfiguration):
3261         (WebCore::RTCPeerConnection::setConfiguration):
3262         * css/parser/CSSParser.cpp:
3263         (WebCore::CSSParser::parseSystemColor):
3264         * css/parser/CSSParser.h:
3265         * dom/DatasetDOMStringMap.cpp:
3266         (WebCore::DatasetDOMStringMap::item const):
3267         (WebCore::DatasetDOMStringMap::namedItem const):
3268         * dom/DatasetDOMStringMap.h:
3269         * dom/Element.cpp:
3270         (WebCore::Element::insertAdjacentHTML):
3271         * dom/Element.h:
3272         * html/canvas/CanvasStyle.cpp:
3273         (WebCore::parseColor):
3274         * inspector/DOMEditor.cpp:
3275         * platform/network/curl/CurlFormDataStream.cpp:
3276         (WebCore::CurlFormDataStream::getPostData):
3277         * platform/network/curl/CurlFormDataStream.h:
3278         * platform/network/curl/CurlRequest.cpp:
3279         (WebCore::CurlRequest::setupPOST):
3280         * testing/MockCDMFactory.cpp:
3281         (WebCore::MockCDMFactory::keysForSessionWithID const):
3282         (WebCore::MockCDMInstance::updateLicense):
3283         * testing/MockCDMFactory.h:
3284
3285 2018-05-02  Keith Rollin  <krollin@apple.com>
3286
3287         Add facility for tracking times and results of page and resource loading
3288         https://bugs.webkit.org/show_bug.cgi?id=184838
3289         <rdar://problem/36548974>
3290
3291         Reviewed by Brent Fulgham.
3292
3293         Update FrameProgressTracker to send the necessary page load start/stop
3294         signals so that we can track the entire page load at a network level.
3295         Add an empty override of the pure virtual
3296         LoaderStrategy::pageLoadCompleted method.
3297
3298         No new tests. There is no testable effect from these changes. On
3299         Cocoa, measurable changes take place in another (non-WebKit) process.
3300         On non-Cocoa systems, this facility is currently disabled.
3301
3302         * loader/FrameLoader.cpp:
3303         (WebCore::FrameLoader::FrameProgressTracker::progressCompleted):
3304         * loader/LoaderStrategy.h:
3305
3306 2018-05-02  Aditya Keerthi  <akeerthi@apple.com>
3307
3308         Can't copy and paste URLs that have no title into Mail (macOS)
3309         https://bugs.webkit.org/show_bug.cgi?id=185205
3310         <rdar://problem/36352406>
3311
3312         Reviewed by Tim Horton.
3313
3314         The pasteboardURL generated has an empty title for URLs without titles. Currently, the pasteboardURL.title is being saved to the pasteboard.
3315
3316         To fix the error, we check whether the title is empty and instead save the lastPathComponent to the pasteboard. This matches current behavior as the fallback title.
3317
3318         Augmented WebKitLegacy.ContextMenuCanCopyURL test
3319
3320         * platform/mac/PasteboardMac.mm:
3321         (WebCore::writeURLForTypes):
3322
3323 2018-05-01  Ryosuke Niwa  <rniwa@webkit.org>
3324
3325         REGRESSION(r225868): Release assert when removing an SVGUseElement from Document::m_svgUseElements
3326         https://bugs.webkit.org/show_bug.cgi?id=182188
3327         <rdar://problem/36689240>
3328
3329         Reviewed by Antti Koivisto.
3330
3331         Fixed the crash by removing up the release assert.
3332
3333         The crash is likely caused by re-entrancy to Document::resolveStyle during SVGUseElement::updateShadowTree.
3334         Because Document::resolveStyle invokes updateShadowTree on SVG use elements in Document::m_svgUseElements
3335         without clearing the map, the nested call to resolveStyle ends up calling updateShadowTree() for all elements
3336         in m_svgUseElements and removing them all from the map. When the stack frame eventually comes back to the outer
3337         invocation of Document::resolveStyle, updateShadowTree gets invoked for the second time on SVG use elements
3338         whose shadow tree had already been updated within the inner invocation to updateShadowTree, and release-asserts.
3339
3340         There is an alternative fix: avoid calling updateShadowTree on a svg element when shadowTreeNeedsUpdate returns
3341         true on the element in resolveStyle. However, removing the release assert is a sure way to fix the crash so
3342         this patch opts for that fix instead especially since we don't have any reproducible test case for this crash.
3343
3344         This release assertion was added in r225868 as a cautious measure to catch any use-after-frees of SVGUseElement's
3345         since m_svgUseElements stored raw pointes to SVG use elements but this crash is not an indicative of any UAF,
3346         and there is no evidence that r225868 has led to new UAFs even after five months.
3347
3348         No new tests. I couldn't find a way to trigger a nested style update inside SVGUseElement::updateShadowTree.
3349
3350         * dom/Document.cpp:
3351         (WebCore::Document::removeSVGUseElement):
3352
3353 2018-05-02  Dirk Schulze  <dschulze@chromium.org>
3354
3355         getCharNumAtPosition should take DOMPointInit as argument
3356         https://bugs.webkit.org/show_bug.cgi?id=184695
3357
3358         Reviewed by Antti Koivisto.
3359
3360         Extend existing tests for getCharNumAtPosition.
3361
3362         * svg/SVGTextContentElement.cpp:
3363         (WebCore::SVGTextContentElement::getCharNumAtPosition):
3364         * svg/SVGTextContentElement.h:
3365         * svg/SVGTextContentElement.idl: Use DOMPointInit argument.
3366
3367 2018-05-02  Youenn Fablet  <youenn@apple.com>
3368
3369         Use NetworkLoadChecker for navigation loads
3370         https://bugs.webkit.org/show_bug.cgi?id=184892
3371         <rdar://problem/39652686>
3372
3373         Reviewed by Chris Dumez.
3374
3375         Sanitize headers according response tainting.
3376         If tainting is basic, it means same origin load in which case we only filter Cookie related headers.
3377         If tainting is Opaque, we filter all uncommon headers.
3378         If tainting is CORS, we filter all uncommon headers except the one explicitely allowed by CORS headers.
3379         Covered by updated test.
3380
3381         * platform/network/ResourceResponseBase.cpp:
3382         (WebCore::ResourceResponseBase::sanitizeHTTPHeaderFieldsAccordingToTainting):
3383         (WebCore::ResourceResponseBase::sanitizeHTTPHeaderFields):
3384         * platform/network/ResourceResponseBase.h:
3385
3386 2018-05-02  Myles C. Maxfield  <mmaxfield@apple.com>
3387
3388         Collection fragment identifiers don't use PostScript names
3389         https://bugs.webkit.org/show_bug.cgi?id=184624
3390         <rdar://problem/39432089>
3391
3392         Reviewed by Simon Fraser.
3393
3394         In a previous version of the CSS Fonts spec, there was text saying that items in font collections
3395         should be 1-indexed (so the first item would be MyFonts.ttc#1). However, this is unfortunate because
3396         inserting an item into the middle of a collection would throw off all content that uses the file.
3397         Instead, the spec has since changed to use PostScript names (so the content instead would say
3398         MyFonts.ttc#MyFont-Regular).
3399
3400         Test: fast/text/font-collection.html
3401
3402         * css/CSSFontFaceSource.cpp:
3403         (WebCore::CSSFontFaceSource::load):
3404         * loader/cache/CachedFont.cpp:
3405         (WebCore::CachedFont::calculateItemInCollection const):
3406         (WebCore::CachedFont::ensureCustomFontData):
3407         (WebCore::CachedFont::createCustomFontData):
3408         (WebCore::CachedFont::calculateIndex const): Deleted.
3409         * loader/cache/CachedFont.h:
3410         * platform/graphics/mac/FontCustomPlatformData.cpp:
3411         (WebCore::createFontCustomPlatformData):
3412         * platform/graphics/mac/FontCustomPlatformData.h:
3413
3414 2018-05-02  Brian Burg  <bburg@apple.com>
3415
3416         Web Inspector: opt out of process swap on navigation if a Web Inspector frontend is connected
3417         https://bugs.webkit.org/show_bug.cgi?id=184861
3418         <rdar://problem/39153768>
3419
3420         Reviewed by Ryosuke Niwa.
3421
3422         Notify the client of the current connection count whenever a frontend connects or disconnects.
3423
3424         Covered by new API test.
3425
3426         * inspector/InspectorClient.h:
3427         (WebCore::InspectorClient::frontendCountChanged):
3428         * inspector/InspectorController.cpp:
3429         (WebCore::InspectorController::connectFrontend):
3430         (WebCore::InspectorController::disconnectFrontend):
3431         (WebCore::InspectorController::disconnectAllFrontends):
3432         * inspector/InspectorController.h:
3433
3434 2018-05-02  Carlos Alberto Lopez Perez  <clopez@igalia.com>
3435
3436         [GStreamer] Remove unneeded include of gstgldisplay_wayland.h after r228866 and r229022
3437         https://bugs.webkit.org/show_bug.cgi?id=185207
3438
3439         Reviewed by Michael Catanzaro.
3440
3441         Remove unneeded include of gstgldisplay_wayland.h
3442
3443         No new tests, no change in behaviour.
3444
3445         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
3446
3447 2018-05-02  Chris Dumez  <cdumez@apple.com>
3448
3449         document.open() event listener removal is not immediate
3450         https://bugs.webkit.org/show_bug.cgi?id=185191
3451
3452         Reviewed by Darin Adler.
3453
3454         We need to make sure we set the 'wasremoved' flag on RegisteredEventListeners
3455         whenever they get removed from the EventListenerMap. We were doing so correctly
3456         in EventListenerMap:remove() but not EventListenerMap::clear(). This patch
3457         updates clear() accordingly.
3458
3459         The reason we need to set this flag is that RegisteredEventListeners is RefCounted
3460         and EventTarget::fireEventListeners() may be currently running and calling
3461         each listener one by one, holding a reference to all listener of a given event.
3462
3463         Test: fast/dom/Document/document-open-removes-all-listeners.html
3464
3465         * dom/EventListenerMap.cpp:
3466         (WebCore::EventListenerMap::clear):
3467
3468 2018-05-02  Zalan Bujtas <zalan@apple.com>
3469
3470         Use WeakPtr in GridCell
3471         https://bugs.webkit.org/show_bug.cgi?id=185180
3472         <rdar://problem/39432165>
3473
3474         Reviewed by Antti Koivisto.
3475
3476         Since GridCell does not own the renderers, it should
3477         construct weak pointers.
3478
3479         Unable to create a reliably reproducible test case.
3480
3481         * rendering/Grid.cpp:
3482         (WebCore::Grid::insert):
3483         (WebCore::GridIterator::nextGridItem):
3484         * rendering/Grid.h:
3485         * rendering/RenderGrid.cpp:
3486         (WebCore::RenderGrid::firstLineBaseline const):
3487
3488 2018-05-02  Eric Carlson  <eric.carlson@apple.com>
3489
3490         [iOS] Provide audio route information when invoking AirPlay picker
3491         https://bugs.webkit.org/show_bug.cgi?id=185199
3492         <rdar://problem/39853103>
3493
3494         Reviewed by Jer Noble.
3495
3496         No new tests, this requires a specific hardware setup.
3497
3498         * dom/Document.cpp:
3499         (WebCore::Document::showPlaybackTargetPicker): Pass route sharing policy and routing context UID.
3500         * dom/Document.h:
3501
3502         * html/MediaElementSession.cpp:
3503         (WebCore::MediaElementSession::showPlaybackTargetPicker): Ditto.
3504
3505         * loader/EmptyClients.h:
3506         * page/ChromeClient.h:
3507
3508         * page/Page.cpp:
3509         (WebCore::Page::showPlaybackTargetPicker): Ditto.
3510         * page/Page.h:
3511
3512         * platform/audio/AudioSession.cpp:
3513         (WebCore::AudioSession::routeSharingPolicy const): Empty implementation for non-iOS ports.
3514         (WebCore::routingContextUID const): Ditto.
3515         * platform/audio/AudioSession.h:
3516
3517         * platform/audio/ios/AudioSessionIOS.mm:
3518         (WebCore::AudioSession::routeSharingPolicy const): Return the route sharing policy.
3519         (WebCore::AudioSession::routingContextUID const): Return the route context UID.
3520
3521 2018-05-02  Dean Jackson  <dino@apple.com>
3522
3523         Draw SystemPreview badge to specification on iOS
3524         https://bugs.webkit.org/show_bug.cgi?id=185203
3525         <rdar://problem/39908855>
3526
3527         Reviewed by Tim Horton.
3528
3529         Use CoreImage to render a badge with a blurred background,
3530         at particular sizes.
3531
3532         This will be tested internally while we're getting artwork
3533         from WebKitAdditions.
3534
3535         * Configurations/WebCore.xcconfig: Link against CoreImage.
3536         * rendering/RenderThemeIOS.h:
3537         * rendering/RenderThemeIOS.mm:
3538         (WebCore::RenderThemeIOS::paintSystemPreviewBadge): New function
3539         in the iOS platform RenderTheme that draws the system preview.
3540
3541 2018-05-01  Brent Fulgham  <bfulgham@apple.com>
3542
3543         Prevent Debug ASSERT when changing forms
3544         https://bugs.webkit.org/show_bug.cgi?id=185173
3545         <rdar://problem/39738669>
3546
3547         Reviewed by Ryosuke Niwa.
3548
3549         Form submission could trigger a debug assertion during validation when
3550         a form is changed during an input submission. Fix this by cleaning up
3551         the event handling logic and make it more consistent with modern WebKit
3552         coding style.
3553
3554         Test: fast/forms/form-submission-crash-3.html
3555
3556         * html/HTMLButtonElement.cpp:
3557         (WebCore::HTMLButtonElement::defaultEventHandler): Make sure layout runs before
3558         attempting to perform event handling.
3559         * html/HTMLFormElement.cpp:
3560         (WebCore::HTMLFormElement::reportValidity): Ditto.
3561         (WebCore::HTMLFormElement::validateInteractively): Remove call to perform layout here,
3562         since we expect this to happen earlier in the layout pass. Add an assertion that the
3563         tree is not dirty.
3564         * html/ImageInputType.cpp:
3565         (WebCore::ImageInputType::handleDOMActivateEvent): Make sure layout runs before
3566         attempting to perform event handling.
3567         * html/SubmitInputType.cpp:
3568         (WebCore::SubmitInputType::handleDOMActivateEvent): Ditto.
3569
3570 2018-05-02  Jer Noble  <jer.noble@apple.com>
3571
3572         Unreviewed; address review comments made before landing r231231.
3573
3574         * platform/ios/WebVideoFullscreenControllerAVKit.mm:
3575         (VideoFullscreenControllerContext::volume const):
3576
3577 2018-05-02  Jer Noble  <jer.noble@apple.com>
3578
3579         Pipe volume through PlaybackSessionManager/Proxy.
3580         https://bugs.webkit.org/show_bug.cgi?id=185182
3581
3582         Reviewed by Eric Carlson.
3583
3584         Add support for the volume property to PlaybackSessionModel, and all its clients.
3585
3586         * platform/cocoa/PlaybackSessionModel.h:
3587         (WebCore::PlaybackSessionModelClient::volumeChanged):
3588         * platform/cocoa/PlaybackSessionModelMediaElement.h:
3589         * platform/cocoa/PlaybackSessionModelMediaElement.mm:
3590         (WebCore::PlaybackSessionModelMediaElement::updateForEventName):
3591         (WebCore::PlaybackSessionModelMediaElement::setVolume):
3592         (WebCore::PlaybackSessionModelMediaElement::volume const):
3593         * platform/ios/PlaybackSessionInterfaceAVKit.h:
3594         * platform/ios/PlaybackSessionInterfaceAVKit.mm:
3595         (WebCore::PlaybackSessionInterfaceAVKit::volumeChanged):
3596         * platform/ios/WebAVPlayerController.h:
3597         * platform/ios/WebAVPlayerController.mm:
3598         (-[WebAVPlayerController volume]):
3599         (-[WebAVPlayerController setVolume:]):
3600         (-[WebAVPlayerController volumeChanged:]):
3601         (-[WebAVPlayerController resetMediaState]):
3602         * platform/ios/WebVideoFullscreenControllerAVKit.mm:
3603         (VideoFullscreenControllerContext::volumeChanged):
3604         (VideoFullscreenControllerContext::volume const):
3605         (VideoFullscreenControllerContext::setVolume):
3606
3607 2018-05-01  Yusuke Suzuki  <utatane.tea@gmail.com>
3608
3609         Unreviewed, fix build in WinCairo
3610         https://bugs.webkit.org/show_bug.cgi?id=185169
3611
3612         * bindings/js/JSDOMWindowBase.cpp:
3613         (WebCore::JSDOMWindowBase::instantiateStreaming):
3614         * bindings/js/JSDOMWindowBase.h:
3615
3616 2018-05-01  Yusuke Suzuki  <utatane.tea@gmail.com>
3617
3618         Use default std::optional if it is provided
3619         https://bugs.webkit.org/show_bug.cgi?id=185159
3620
3621         Reviewed by JF Bastien.
3622
3623         * Modules/mediastream/RTCPeerConnection.cpp:
3624         (WebCore::iceServersFromConfiguration):
3625         (WebCore::RTCPeerConnection::setConfiguration):
3626         * css/parser/CSSParser.cpp:
3627         (WebCore::CSSParser::parseSystemColor):
3628         * css/parser/CSSParser.h:
3629         * dom/DatasetDOMStringMap.cpp:
3630         (WebCore::DatasetDOMStringMap::item const):
3631         (WebCore::DatasetDOMStringMap::namedItem const):
3632         (WebCore:: const): Deleted.
3633         * dom/DatasetDOMStringMap.h:
3634         * dom/Element.cpp:
3635         (WebCore::Element::insertAdjacentHTML):
3636         * dom/Element.h:
3637         * inspector/DOMEditor.cpp:
3638         * platform/network/curl/CurlFormDataStream.cpp:
3639         (WebCore::CurlFormDataStream::getPostData):
3640         (): Deleted.
3641         * platform/network/curl/CurlFormDataStream.h:
3642         * testing/MockCDMFactory.cpp:
3643         (WebCore::MockCDMFactory::keysForSessionWithID const):
3644         (WebCore::MockCDMInstance::updateLicense):
3645         (WebCore:: const): Deleted.
3646         * testing/MockCDMFactory.h:
3647
3648 2018-05-01  Chris Dumez  <cdumez@apple.com>
3649
3650         Add release assertions in CFNetwork's SocketStreamHandleImpl to help debug a threading issue
3651         https://bugs.webkit.org/show_bug.cgi?id=185181
3652
3653         Reviewed by Geoffrey Garen.
3654
3655         Add release assertions in CFNetwork's SocketStreamHandleImpl to help debug a threading issue
3656         on iOS WebKitLegacy (Bug 185073). It appears readStreamCallback() can get called on the UIThread,
3657         which should not be possible if scheduleStreams() was called on the WebThread, as it is supposed
3658         to. The new release assertion in scheduleStreams() should tell us if somebody is calling it from
3659         the UIthread instead of the WebThread on iOS WebKitLegacy.
3660
3661         * platform/network/cf/SocketStreamHandleImplCFNet.cpp:
3662         (WebCore::SocketStreamHandleImpl::scheduleStreams):
3663         (WebCore::SocketStreamHandleImpl::readStreamCallback):
3664
3665 2018-05-01  Wenson Hsieh  <wenson_hsieh@apple.com>
3666
3667         Unreviewed, remove an unused variable in RuntimeEnabledFeatures.h
3668
3669         * page/RuntimeEnabledFeatures.h:
3670
3671 2018-05-01  Oleksandr Skachkov  <gskachkov@gmail.com>
3672
3673         Fix build error after r231194
3674         https://bugs.webkit.org/show_bug.cgi?id=185169
3675
3676         Reviewed by JF Bastien.
3677
3678         Prevent compile error in iOS Simulator debug build
3679         by tagging function
3680
3681         * bindings/js/JSDOMWindowBase.cpp:
3682         (WebCore::JSDOMWindowBase::compileStreaming):
3683         (WebCore::JSDOMWindowBase::instantiateStreaming):
3684
3685 2018-05-01  Oleksandr Skachkov  <gskachkov@gmail.com>
3686
3687         WebAssembly: add support for stream APIs - JavaScript API
3688         https://bugs.webkit.org/show_bug.cgi?id=183442
3689
3690         Reviewed by Yusuke Suzuki and JF Bastien.
3691
3692         Add WebAssembly streaming API to WebCore.
3693
3694         * Configurations/FeatureDefines.xcconfig:
3695         * bindings/js/JSDOMWindowBase.cpp:
3696         (WebCore::tryAllocate):
3697         (WebCore::isResponseCorrect):
3698         (WebCore::handleResponseOnStreamingAction):
3699         (WebCore::JSDOMWindowBase::compileStreaming):
3700         (WebCore::JSDOMWindowBase::instantiateStreaming):
3701         * bindings/js/JSDOMWindowBase.h:
3702         * bindings/js/JSRemoteDOMWindowBase.cpp:
3703         * bindings/js/JSWorkerGlobalScopeBase.cpp:
3704
3705 2018-04-30  Myles C. Maxfield  <mmaxfield@apple.com>
3706
3707         Improve the performance of FontCascadeDescription's effectiveFamilies
3708         https://bugs.webkit.org/show_bug.cgi?id=184720
3709         <rdar://problem/38970927>
3710
3711         Reviewed by Simon Fraser.
3712
3713         The page that had the performance problem renders many different Chinese characters in system-ui
3714         with only a small number of individual fonts. It turns out we were calling into the system-ui
3715         machinery for each character in order to opportunistically start loading data URLs (see also:
3716         https://bugs.webkit.org/show_bug.cgi?id=175845). These data URLS will never represent the system
3717         font, so we don't need to invoke the system-ui machinery at all.
3718
3719         This patch makes a 92x performance improvement on the associated performance test. This test is
3720         designed to test Chinese text rendered with system-ui.
3721
3722         Performance test: Layout/system-ui.html
3723
3724         * platform/graphics/FontCascadeFonts.cpp:
3725         (WebCore::opportunisticallyStartFontDataURLLoading):
3726
3727 2018-04-30  Jer Noble  <jer.noble@apple.com>
3728
3729         <img src=mp4> does not display on ios despite Accept: video/* advertisement
3730         https://bugs.webkit.org/show_bug.cgi?id=185029
3731         <rdar://problem/39771989>
3732
3733         Reviewed by Eric Carlson.
3734
3735         Returning "NO" from resourceLoader:shouldWaitForLoadingOfResource: signals that the load failed,
3736         even if the resource request is successfully fulfilled prior to the return. Always return YES in
3737         the case that loading succeeded.
3738
3739         * platform/graphics/avfoundation/objc/ImageDecoderAVFObjC.mm:
3740         (-[WebCoreSharedBufferResourceLoaderDelegate resourceLoader:shouldWaitForLoadingOfRequestedResource:]):
3741
3742 2018-04-30  Zalan Bujtas  <zalan@apple.com>
3743
3744         REGRESSION(r230914) Selecting text on this apple.com page makes it vanish
3745         https://bugs.webkit.org/show_bug.cgi?id=185142
3746         <rdar://problem/39821446>
3747
3748         Reviewed by Simon Fraser.
3749
3750         Set the overflow rect on the inline textbox when needed.
3751
3752         Test: fast/text/simple-line-layout-selection-with-overflow.html
3753
3754         * rendering/SimpleLineLayoutFunctions.cpp:
3755         (WebCore::SimpleLineLayout::initializeInlineTextBox):
3756         (WebCore::SimpleLineLayout::generateLineBoxTree):
3757         (WebCore::SimpleLineLayout::initializeInlineBox): Deleted.
3758
3759 2018-04-30  JF Bastien  <jfbastien@apple.com>
3760
3761         Use some C++17 features
3762         https://bugs.webkit.org/show_bug.cgi?id=185135
3763
3764         Reviewed by Alex Christensen.
3765
3766         As discussed here [0] let's move WebKit to a subset of C++17. We
3767         now require GCC 6 [1] which means that, according to [2] we can
3768         use the following C++17 language features (I removed some
3769         uninteresting ones):
3770
3771          - New auto rules for direct-list-initialization
3772          - static_assert with no message
3773          - typename in a template template parameter
3774          - Nested namespace definition
3775          - Attributes for namespaces and enumerators
3776          - u8 character literals
3777          - Allow constant evaluation for all non-type template arguments
3778          - Fold Expressions
3779          - Unary fold expressions and empty parameter packs
3780          - __has_include in preprocessor conditional
3781          - Differing begin and end types in range-based for
3782          - Improving std::pair and std::tuple
3783
3784         Consult the Tony Tables [3] to see before / after examples.
3785
3786         Of course we can use any library feature if we're willing to
3787         import them to WTF (and they don't require language support).
3788
3789
3790           [0]: https://lists.webkit.org/pipermail/webkit-dev/2018-March/029922.html
3791           [1]: https://trac.webkit.org/changeset/231152/webkit
3792           [2]: https://en.cppreference.com/w/cpp/compiler_support
3793           [3]: https://github.com/tvaneerd/cpp17_in_TTs/blob/master/ALL_IN_ONE.md
3794
3795         * DerivedSources.make:
3796         * platform/URLParser.cpp: work around an odd GCC 6 bug with class
3797           static value as a template parameter.
3798         (WebCore::URLParser::percentDecode):
3799         (WebCore::URLParser::domainToASCII):
3800         (WebCore::URLParser::hasForbiddenHostCodePoint):
3801         (WebCore::URLParser::parseHostAndPort):
3802         * platform/URLParser.h:
3803
3804 2018-04-30  Wenson Hsieh  <wenson_hsieh@apple.com>
3805
3806         [Extra zoom mode] Respect the existing shrink-to-fit attribute instead of using min-device-width
3807         https://bugs.webkit.org/show_bug.cgi?id=185132
3808         <rdar://problem/39834562>
3809
3810         Reviewed by Tim Horton.
3811
3812         Removes the `min-device-width` attribute added in r231095. Instead, we key this behavior off of the
3813         `shrink-to-fit` attribute introduced for multitasking on iPad, such that `shrink-to-fit=no` achieves the same
3814         behavior as `min-device-width=0` in extra zoom mode. See comments below for more detail.
3815
3816         Adjusted an existing layout test: fast/viewport/extrazoom/viewport-change-min-device-width.html.
3817
3818         * dom/ViewportArguments.cpp:
3819         (WebCore::setViewportFeature):
3820         (WebCore::operator<<):
3821         * dom/ViewportArguments.h:
3822
3823         Removes the `minDeviceWidth` viewport argument.
3824
3825         * page/RuntimeEnabledFeatures.h:
3826         (WebCore::RuntimeEnabledFeatures::setMinDeviceWidthEnabled): Deleted.
3827         (WebCore::RuntimeEnabledFeatures::minDeviceWidthEnabled const): Deleted.
3828
3829         Removes the runtime switch for `min-device-width`.
3830
3831         * page/ViewportConfiguration.cpp:
3832         (WebCore::platformDeviceWidthOverride):
3833
3834         Hard-code the override device width in extra zoom mode.
3835
3836         (WebCore::ViewportConfiguration::shouldOverrideDeviceWidthAndShrinkToFit const):
3837
3838         In extra zoom mode, override the device width only if shrink-to-fit has not been expliticly disabled, and the
3839         device width is less than the override device width.
3840
3841         (WebCore::ViewportConfiguration::shouldIgnoreHorizontalScalingConstraints const):
3842         (WebCore::ViewportConfiguration::shouldIgnoreScalingConstraintsRegardlessOfContentSize const):
3843         (WebCore::ViewportConfiguration::updateConfiguration):
3844         (WebCore::ViewportConfiguration::updateMinimumLayoutSize):
3845
3846         Do not override the minimum layout size if `shrink-to-fit` has been explicitly explicitly disabled, or if the
3847         device width is greater than the override device width.
3848
3849         (WebCore::computedMinDeviceWidth): Deleted.
3850         (WebCore::ViewportConfiguration::shouldOverrideDeviceWidthWithMinDeviceWidth const): Deleted.
3851         * page/ViewportConfiguration.h:
3852
3853 2018-04-30  Chris Nardi  <cnardi@chromium.org>
3854
3855         Serialize font-variation-settings with double-quotes per spec
3856         https://bugs.webkit.org/show_bug.cgi?id=182542
3857
3858         Reviewed by Myles C. Maxfield.
3859
3860         According to the CSSOM spec [1], all strings should be serialized with double-quotes.
3861         The axis name in font-variation-settings was previously serialized with single-quotes;
3862         change this to double-quotes to match the spec and non-WebKit browsers.
3863
3864         [1]: https://drafts.csswg.org/cssom/#common-serializing-idioms
3865
3866         Updated fast/text/variations/getComputedStyle.html to test the change.
3867
3868         * css/CSSFontVariationValue.cpp:
3869         (WebCore::CSSFontVariationValue::customCSSText const):
3870
3871 2018-04-30  Chris Dumez  <cdumez@apple.com>
3872
3873         Fix bad use of RunLoop::main().dispatch() in MessagePort::dispatchMessages()
3874         https://bugs.webkit.org/show_bug.cgi?id=185134
3875
3876         Reviewed by Geoffrey Garen.
3877
3878         Fix bad use of RunLoop::main().dispatch() in MessagePort::dispatchMessages(). This code runs on iOS WebKitLegacy
3879         and it is therefore unsafe to use RunLoop::main() here. We want to use callOnMainThread() instead to run code on
3880         the WebThread.
3881
3882         * dom/MessagePort.cpp:
3883         (WebCore::MessagePort::dispatchMessages):
3884
3885 2018-04-30  Simon Fraser  <simon.fraser@apple.com>
3886
3887         Make color-filter affect caret-color
3888         https://bugs.webkit.org/show_bug.cgi?id=185129
3889         rdar://problem/39829066
3890
3891         Reviewed by Tim Horton.
3892         
3893         Transform the colors used to compare the caret color with the background through
3894         color-filter (since we want contrasting colors after filters are applied), and
3895         transform caret-color itself.
3896
3897         Test: css3/color-filters/color-filter-caret-color.html
3898
3899         * editing/FrameSelection.cpp:
3900         (WebCore::CaretBase::paintCaret const):
3901
3902 2018-04-30  Michael Catanzaro  <mcatanzaro@igalia.com>
3903
3904         [GTK] Webkit should spoof as Safari on a Mac when on Chase.com
3905         https://bugs.webkit.org/show_bug.cgi?id=185103
3906
3907         Reviewed by Carlos Garcia Campos.
3908
3909         Send a fake user agent to chase.com to make it work.
3910
3911         * platform/UserAgentQuirks.cpp:
3912         (WebCore::urlRequiresMacintoshPlatform):
3913         (WebCore::UserAgentQuirks::stringForQuirk): Also, remove this stale comment.
3914
3915 2018-04-29  Simon Fraser  <simon.fraser@apple.com>
3916
3917         Make color-filter affect <attachment>
3918         https://bugs.webkit.org/show_bug.cgi?id=185122
3919         rdar://problem/39818763
3920
3921         Reviewed by Tim Horton.
3922         
3923         Convert the colors used to render <attachment> through color-filter, except
3924         for those parts that render over the icon (like the progress bar).
3925
3926         Not easily testable.
3927
3928         * rendering/RenderThemeMac.mm:
3929         (WebCore::titleTextColorForAttachment):
3930         (WebCore::AttachmentLayout::layOutTitle):
3931         (WebCore::AttachmentLayout::layOutSubtitle):
3932         (WebCore::paintAttachmentIconBackground):
3933         (WebCore::paintAttachmentTitleBackground):
3934         (WebCore::paintAttachmentPlaceholderBorder):
3935
3936 2018-04-28  Simon Fraser  <simon.fraser@apple.com>
3937
3938         Fix color-filter to apply to SVG colors
3939         https://bugs.webkit.org/show_bug.cgi?id=185113
3940         rdar://problem/39665082
3941
3942         Reviewed by Dean Jackson.
3943         
3944         Convert SVG colors through color-filter operations for the places in SVG
3945         that use color, namely fill and stroke, gradients, lighting colors and
3946         drop-shadow.
3947
3948         Test: css3/color-filters/svg/color-filter-inline-svg.html
3949
3950         * rendering/svg/RenderSVGResourceGradient.cpp:
3951         (WebCore::RenderSVGResourceGradient::applyResource):
3952         * rendering/svg/RenderSVGResourceGradient.h:
3953         * rendering/svg/RenderSVGResourceLinearGradient.cpp:
3954         (WebCore::RenderSVGResourceLinearGradient::buildGradient const):
3955         * rendering/svg/RenderSVGResourceLinearGradient.h:
3956         * rendering/svg/RenderSVGResourceRadialGradient.cpp:
3957         (WebCore::RenderSVGResourceRadialGradient::buildGradient const):
3958         * rendering/svg/RenderSVGResourceRadialGradient.h:
3959         * rendering/svg/RenderSVGResourceSolidColor.cpp:
3960         (WebCore::RenderSVGResourceSolidColor::applyResource):
3961         * svg/SVGFEDiffuseLightingElement.cpp:
3962         (WebCore::SVGFEDiffuseLightingElement::setFilterEffectAttribute):
3963         (WebCore::SVGFEDiffuseLightingElement::build):
3964         * svg/SVGFEDropShadowElement.cpp:
3965         (WebCore::SVGFEDropShadowElement::build):
3966         * svg/SVGFEFloodElement.cpp:
3967         (WebCore::SVGFEFloodElement::build):
3968         * svg/SVGFESpecularLightingElement.cpp:
3969         (WebCore::SVGFESpecularLightingElement::setFilterEffectAttribute):
3970         (WebCore::SVGFESpecularLightingElement::build):
3971
3972 2018-04-29  Michael Catanzaro  <mcatanzaro@igalia.com>
3973
3974         [CMake] Require GCC 6
3975         https://bugs.webkit.org/show_bug.cgi?id=184985
3976
3977         Reviewed by Alex Christensen.
3978
3979         Remove a GCC 5 fallback path. This seems to be the only such fallback path in WebKit.
3980
3981         * platform/graphics/FourCC.h:
3982         (WebCore::FourCC::FourCC):
3983
3984 2018-04-29  Zalan Bujtas  <zalan@apple.com>
3985
3986         [LFC] Implement Display::Box functions
3987         https://bugs.webkit.org/show_bug.cgi?id=185116
3988
3989         Reviewed by Antti Koivisto.
3990
3991         * layout/displaytree/DisplayBox.cpp:
3992        &n