CRASH in ImageDecoderAVFObjC::sampleAtIndex()
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2018-05-17  Jer Noble  <jer.noble@apple.com>
2
3         CRASH in ImageDecoderAVFObjC::sampleAtIndex()
4         https://bugs.webkit.org/show_bug.cgi?id=185734
5         <rdar://problem/40295094>
6
7         Reviewed by Eric Carlson.
8
9         Test: fast/images/animated-image-mp4-crash.html
10
11         Test the correct size value before iterating over the SampleMap in presentationOrder()
12
13         * Modules/mediasource/SampleMap.h:
14         (WebCore::PresentationOrderSampleMap::size const):
15         * platform/graphics/avfoundation/objc/ImageDecoderAVFObjC.mm:
16         (WebCore::ImageDecoderAVFObjC::sampleAtIndex const):
17
18 2018-05-17  Wenson Hsieh  <wenson_hsieh@apple.com>
19
20         [Extra zoom mode] Disabled adaptations are not reset upon mainframe navigation
21         https://bugs.webkit.org/show_bug.cgi?id=185735
22         <rdar://problem/40335311>
23
24         Reviewed by Tim Horton.
25
26         When performing mainframe navigation, we currently don't update the Page's ViewportConfiguration's disabled
27         adaptations. This causes disabled adaptations from the previous main document to persist. To fix this, propagate
28         the new document's disabled adaptations to the client when it becomes the main document in the page.
29
30         Test: fast/viewport/extrazoom/viewport-adaptations-after-navigation.html
31
32         * dom/Document.cpp:
33         (WebCore::Document::didBecomeCurrentDocumentInFrame):
34         (WebCore::Document::processDisabledAdaptations):
35         (WebCore::Document::dispatchDisabledAdaptationsDidChangeForMainFrame):
36         * dom/Document.h:
37
38 2018-05-17  Eric Carlson  <eric.carlson@apple.com>
39
40         [iOS] Update AirPlay route monitoring
41         https://bugs.webkit.org/show_bug.cgi?id=185706
42         <rdar://problem/40230677>
43
44         Reviewed by Jer Noble.
45
46         Use an AVRouteDetector instead of an MPVolumeView and an MPAVRoutingController for AirPlay
47         route detection and availability monitoring.
48
49         No new tests, tested manually.
50
51         * html/MediaElementSession.cpp:
52         (WebCore::MediaElementSession::hasWirelessPlaybackTargets): No need to update m_hasPlaybackTargets
53         manually, it is always updated by the session manager when route availability changes.
54
55         * platform/audio/ios/MediaSessionManagerIOS.mm:
56         (-[WebMediaSessionHelper dealloc]): Pull the logic from safelyTearDown inline.
57         (-[WebMediaSessionHelper hasWirelessTargetsAvailable]): Use the AVRouteDetector.
58         (-[WebMediaSessionHelper startMonitoringAirPlayRoutes]): Ditto.  Simplify logic, there is no
59         need to dispatch twice.
60         (-[WebMediaSessionHelper stopMonitoringAirPlayRoutes]): Don't release the route detector
61         completely, just disable route detection, because AVRouteDetector is a lightweight object so
62         it is not worth the overhead of dealloc/realloc to disable/enable route detection.
63         (-[WebMediaSessionHelper interruption:]): Use callOnWebThreadOrDispatchAsyncOnMainThread
64         instead of WebThreadRun so it works correctly in WK2 as well as in WK1.
65         (-[WebMediaSessionHelper applicationWillEnterForeground:]): Ditto.
66         (-[WebMediaSessionHelper applicationDidBecomeActive:]): Ditto.
67         (-[WebMediaSessionHelper applicationWillResignActive:]): Ditto.
68         (-[WebMediaSessionHelper wirelessRoutesAvailableDidChange:]): Ditto.
69         (-[WebMediaSessionHelper applicationDidEnterBackground:]): Ditto.
70         (safelyTearDown): Deleted.
71
72 2018-05-17  Chris Dumez  <cdumez@apple.com>
73
74         Cross-Origin-Options: deny/allow-postmessage should prevent getting navigated by cross-origin scripts
75         https://bugs.webkit.org/show_bug.cgi?id=185681
76         <rdar://problem/40296313>
77
78         Reviewed by Geoffrey Garen.
79
80         Update our canNavigate() implementation [1] to take into account the Cross-Origin-Options header.
81         If the window being navigated or the window trigerring the navigation have a Cross-Origin-Options
82         header value different than 'allow', then the attempt to navigate will be blocked.
83
84         Note that it was already not possible to navigate via setting window.location since trying to set
85         it would throw a SecurityError with 'Cross-Origin-Options: deny/allow-postmessage'. However, it was
86         possible to trigger a "targeted" navigation via <a target="foo"> or open(url, "foo").
87
88         [1] https://html.spec.whatwg.org/#allowed-to-navigate
89
90         Tests: http/wpt/cross-origin-options/navigation-from-opener-via-open-target.html
91                http/wpt/cross-origin-options/navigation-from-subframe-via-anchor-target.html
92
93         * dom/Document.cpp:
94         (WebCore::Document::canNavigate):
95
96 2018-05-17  Brent Fulgham  <bfulgham@apple.com>
97
98         Storage Access API: Allow documents that have been granted storage access to also do a popup
99         https://bugs.webkit.org/show_bug.cgi?id=185615
100         <rdar://problem/39105791>
101
102         Reviewed by Chris Dumez.
103
104         * dom/Document.cpp:
105         (WebCore::Document::consumeTemporaryUserGesture): Added. Clear the document's active one-time user
106         activity (for window opening) state.
107         (WebCore::Document::enableTemporaryUserGesture): Added. Establish a new active one-time user
108         activity (for window opening) state.
109         (WebCore::Document::requestStorageAccess): If the user approves Storage Access, establish a new
110         UserInteraction scope, then resolve the promise. Also post a task to clear the one-time user
111         gesture state.
112
113 2018-05-17  Zalan Bujtas  <zalan@apple.com>
114
115         [LFC] Introduce DisplayBox::Style
116         https://bugs.webkit.org/show_bug.cgi?id=185733
117
118         Reviewed by Antti Koivisto.
119
120         This is the collection of computed style data needed to paint/hittest the display boxtree.
121
122         * layout/LayoutContext.cpp:
123         (WebCore::Layout::LayoutContext::createDisplayBox):
124         * layout/displaytree/DisplayBox.cpp:
125         (WebCore::Display::Box::Box):
126         (WebCore::Display::Box::Style::Style):
127         (WebCore::Display::Box::borderBox const):
128         (WebCore::Display::Box::contentBox const):
129         * layout/displaytree/DisplayBox.h:
130
131 2018-05-17  Antoine Quint  <graouts@apple.com>
132
133         [modern-media-controls] AirPlaySupport should be disabled by default
134         https://bugs.webkit.org/show_bug.cgi?id=185658
135         <rdar://problem/40272213>
136
137         Reviewed by Simon Fraser.
138
139         We now only enable AirplaySupport if the controls are visible to the user _and_ media has played.
140
141         Test: media/modern-media-controls/airplay-support/airplay-support-disable-event-listeners-until-play.html
142
143         * Modules/modern-media-controls/media/airplay-support.js:
144         (AirplaySupport.prototype.enable):
145         (AirplaySupport.prototype.controlsUserVisibilityDidChange):
146         (AirplaySupport.prototype._shouldBeEnabled):
147         (AirplaySupport):
148
149 2018-05-17  Zalan Bujtas  <zalan@apple.com>
150
151         [LFC] Replace ASSERT_NOT_REACHED with ASSERT_NOT_IMPLEMENTED_YET where applicable.
152         https://bugs.webkit.org/show_bug.cgi?id=185728
153
154         Reviewed by Antti Koivisto.
155
156         * layout/FormattingContext.cpp:
157         (WebCore::Layout::FormattingContext::computeOutOfFlowWidth const): leftover from previous patch.
158         (WebCore::Layout::FormattingContext::computeFloatingWidth const):
159         (WebCore::Layout::FormattingContext::computeOutOfFlowHeight const):
160         (WebCore::Layout::FormattingContext::computeOutOfFlowNonReplacedHeight const):
161         (WebCore::Layout::FormattingContext::computeReplacedWidth const):
162         (WebCore::Layout::FormattingContext::computeOutOfFlowNonReplacedWidth const):
163         (WebCore::Layout::FormattingContext::computeOutOfFlowReplacedWidth const):
164         * layout/LayoutContext.cpp:
165         (WebCore::Layout::LayoutContext::styleChanged):
166         (WebCore::Layout::LayoutContext::formattingContext):
167         * layout/blockformatting/BlockFormattingContext.cpp:
168         (WebCore::Layout::BlockFormattingContext::computeInFlowNonReplacedWidth const):
169         (WebCore::Layout::BlockFormattingContext::computeInFlowHeight const):
170         (WebCore::Layout::BlockFormattingContext::computeInFlowNonReplacedHeight const):
171         * layout/layouttree/LayoutTreeBuilder.cpp:
172         (WebCore::Layout::TreeBuilder::createSubTree):
173
174 2018-05-17  Zalan Bujtas  <zalan@apple.com>
175
176         [LFC] Move replaced logic from Layout::Box to Layout::Replaced class
177         https://bugs.webkit.org/show_bug.cgi?id=185711
178
179         Reviewed by Antti Koivisto.
180
181         * Sources.txt:
182         * WebCore.xcodeproj/project.pbxproj:
183         * layout/FormattingContext.cpp:
184         (WebCore::Layout::FormattingContext::computeOutOfFlowWidth const):
185         (WebCore::Layout::FormattingContext::computeFloatingWidth const):
186         (WebCore::Layout::FormattingContext::computeOutOfFlowHeight const):
187         (WebCore::Layout::FormattingContext::computeInFlowReplacedWidth const):
188         * layout/blockformatting/BlockFormattingContext.cpp:
189         (WebCore::Layout::BlockFormattingContext::computeInFlowWidth const):
190         (WebCore::Layout::BlockFormattingContext::computeInFlowHeight const):
191         * layout/layouttree/LayoutBox.cpp:
192         (WebCore::Layout::Box::isReplaced const): Deleted.
193         (WebCore::Layout::Box::hasIntrinsicWidth const): Deleted.
194         (WebCore::Layout::Box::hasIntrinsicHeight const): Deleted.
195         (WebCore::Layout::Box::hasIntrinsicRatio const): Deleted.
196         (WebCore::Layout::Box::intrinsicWidth const): Deleted.
197         (WebCore::Layout::Box::intrinsicHeight const): Deleted.
198         (WebCore::Layout::Box::intrinsicRatio const): Deleted.
199         * layout/layouttree/LayoutBox.h:
200         (WebCore::Layout::Box::replaced const):
201
202 2018-05-17  Zalan Bujtas  <zalan@apple.com>
203
204         [LFC] Implement width computation for replaced out if flow elements.
205         https://bugs.webkit.org/show_bug.cgi?id=185701
206
207         Reviewed by Antti Koivisto.
208         
209         The used value of 'width' is determined as for inline replaced elements.
210
211         * layout/FormattingContext.cpp:
212         (WebCore::Layout::FormattingContext::computeOutOfFlowNonReplacedHeight const):
213         (WebCore::Layout::FormattingContext::computeOutOfFlowNonReplacedWidth const):
214         (WebCore::Layout::FormattingContext::computeOutOfFlowReplacedWidth const):
215         * layout/FormattingContext.h:
216
217 2018-05-17  Thibault Saunier  <tsaunier@igalia.com>
218
219         [GStreamer]: Consider GstStream(Collection) as if if was not a GInitiallyUnowned
220         https://bugs.webkit.org/show_bug.cgi?id=185657
221
222         Reviewed by Philippe Normand.
223
224         Starting with GStreamer 1.14[1] the reference is sunk at object creation time, making it a normal
225         GObject in practice, in our GRefPtr template implementation we should just consider GstStream
226         as if it was a normal GObject and not care about its floating reference state as
227         the ref is never sunk by anyone before 1.14 though that floating ref is considered
228         as a hard reference by the GstStreamCollection (leading to assertions/)
229
230         The exact same issue happens with GstStreamCollection, so fix it at the same time.
231
232         Also do not adoptRef() on the result of gst_stream_collection_get_stream() as this function
233         is transfer-none.
234
235         [1] commit f119e93b47efb06ffc68c01d3e094d5346c30041 `gst: Clear floating flag in constructor of all GstObject subclasses that are not owned by any parent`
236
237         * platform/graphics/gstreamer/GRefPtrGStreamer.cpp:
238         (WTF::adoptGRef):
239         (WTF::refGPtr<GstStream>):
240         (WTF::refGPtr<GstStreamCollection>):
241         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
242         (WebCore::MediaPlayerPrivateGStreamer::handleMessage):
243
244 2018-05-16  Devin Rousso  <webkit@devinrousso.com>
245
246         Web Inspector: create a navigation item for toggling the overlay rulers/guides
247         https://bugs.webkit.org/show_bug.cgi?id=185644
248
249         Reviewed by Matt Baker.
250
251         This patch is purely a visual change for WebInspector, and doesn't affect anything else.
252
253         * inspector/agents/InspectorPageAgent.h:
254         * inspector/agents/InspectorPageAgent.cpp:
255         (WebCore::InspectorPageAgent::setShowRulers): Added.
256
257         * inspector/InspectorOverlay.h:
258         * inspector/InspectorOverlay.cpp:
259         (WebCore::InspectorOverlay::shouldShowOverlay):
260         (WebCore::InspectorOverlay::update):
261         (WebCore::InspectorOverlay::setShowRulers): Added.
262         (WebCore::InspectorOverlay::drawRulers): Added.
263         (WebCore::InspectorOverlay::reset):
264
265         * inspector/InspectorOverlayPage.js:
266         (drawNodeHighlight):
267         (drawQuadHighlight):
268         (drawRulers): Added.
269         (_drawBounds): Added.
270         (reset):
271         (_drawRulers): Deleted.
272
273 2018-05-16  Michael Catanzaro  <mcatanzaro@igalia.com>
274
275         [GTK] SoupNetworkSession.h:68:62: error: unknown type name 'URL'
276         https://bugs.webkit.org/show_bug.cgi?id=185378
277
278         Unreviewed, just replace unneeded #include with a forward declaration
279
280         * platform/network/soup/SoupNetworkSession.h:
281
282 2018-05-16  Jer Noble  <jer.noble@apple.com>
283
284         CRASH: Exception thrown from -[AVContentKeySession processContentKeyRequestWithIdentifier:initializationData:options:] after -expire called
285         https://bugs.webkit.org/show_bug.cgi?id=185690
286         <rdar://problem/38297768>
287
288         Reviewed by Eric Carlson.
289
290         Reject all calls to update() after close() has been called on the session.
291
292         * platform/graphics/avfoundation/objc/CDMSessionAVContentKeySession.mm:
293         (WebCore::CDMSessionAVContentKeySession::update):
294
295 2018-05-16  Andy VanWagoner  <andy@vanwagoner.family>
296
297         Add support for Intl NumberFormat formatToParts
298         https://bugs.webkit.org/show_bug.cgi?id=185375
299
300         Reviewed by Yusuke Suzuki.
301
302         Test: js/intl-numberformat-format-to-parts.html
303
304         Add flag & tests for NumberFormat formatToParts.
305
306         * Configurations/FeatureDefines.xcconfig:
307
308 2018-05-16  Eric Carlson  <eric.carlson@apple.com>
309
310         Improve NowPlaying "title"
311         https://bugs.webkit.org/show_bug.cgi?id=185680
312         <rdar://problem/40296700>
313
314         Reviewed by Jer Noble.
315         
316         We send NowPlaying the element's title attribute if not empty, else the element's current url.
317         Title should be preferred because it is the most specific, but we should use the document
318         title if non-empty next, and if falling back to the element's url use just the domain instead
319         of the full url because it isn't likely to be useful to the user given the small amount of
320         space control center uses to display the title. Further, don't use any title at all when
321         in private browsing mode.
322
323         Tests: http/tests/media/now-playing-info-private-browsing.html
324                http/tests/media/now-playing-info.html
325
326         * html/HTMLMediaElement.cpp:
327         (WebCore::HTMLMediaElement::parseAttribute): Update NowPlaying when the title attribute changes.
328         (WebCore::HTMLMediaElement::finishSeek): Update NowPlaying when a seek completes.
329         (WebCore::HTMLMediaElement::mediaSessionTitle const): Update logic.
330         (WebCore::HTMLMediaElement::mediaSessionUniqueIdentifier const): Use the hash of the current 
331         url as the unique identifier.
332         * html/HTMLMediaElement.h:
333
334         * platform/audio/PlatformMediaSession.cpp:
335         (WebCore::PlatformMediaSession::uniqueIdentifier const): New.
336         (WebCore::PlatformMediaSessionClient::mediaSessionUniqueIdentifier const): Ditto.
337         * platform/audio/PlatformMediaSession.h:
338
339         * platform/audio/ios/MediaSessionManagerIOS.mm:
340         (WebCore::MediaSessionManageriOS::updateNowPlayingInfo): Update m_lastUpdatedNowPlayingInfoUniqueIdentifier.
341
342         * platform/audio/mac/MediaSessionManagerMac.mm:
343         (WebCore::MediaSessionManagerMac::updateNowPlayingInfo): Update.
344
345         * testing/Internals.cpp:
346         (WebCore::Internals::nowPlayingState const): Expose NowPlaying state.
347         * testing/Internals.h:
348         * testing/Internals.idl:
349
350 2018-05-16  Daniel Bates  <dabates@apple.com>
351
352         Attempt to fix the WinCairo build following r231859
353         (https://bugs.webkit.org/show_bug.cgi?id=185654)
354
355         Instantiate Cookie as a struct and set applicable fields.
356
357         * platform/network/curl/CookieJarDB.cpp:
358         (WebCore::CookieJarDB::searchCookies):
359
360 2018-05-16  Daniel Bates  <dabates@apple.com>
361
362         Cleanup platform Cookie
363         https://bugs.webkit.org/show_bug.cgi?id=185654
364
365         Reviewed by Per Arne Vollan.
366
367         Remove unnecessary constructor and use =default for default constructor.
368         Simplify Cookie::decode() by having it decode directly into a stack-allocated
369         cookie. Remove some unnecessary local variables. Fix style nits.
370
371         * platform/Cookie.h:
372         (WebCore::Cookie::Cookie):
373         (WebCore::Cookie::isNull const):
374         (WebCore::Cookie::encode const):
375         (WebCore::Cookie::decode):
376         * platform/network/cf/CookieJarCFNet.cpp:
377         (WebCore::getRawCookies):
378         * platform/network/cocoa/CookieCocoa.mm:
379         (WebCore::cookieCreated):
380         (WebCore::Cookie::Cookie):
381         (WebCore::Cookie::operator== const):
382         (WebCore::Cookie::hash const):
383         * platform/network/soup/CookieJarSoup.cpp:
384         (WebCore::getRawCookies):
385
386 2018-05-14  Yusuke Suzuki  <utatane.tea@gmail.com>
387
388         [Win] Use C++17 in MSVC
389         https://bugs.webkit.org/show_bug.cgi?id=185232
390
391         Reviewed by Alex Christensen.
392
393         Workaround for MSVC + /std:c++17.
394
395         * Modules/geolocation/Coordinates.h:
396         (WebCore::Coordinates::isolatedCopy const):
397
398 2018-05-16  Chris Nardi  <cnardi@chromium.org>
399
400         Remove Document#selectedStylesheetSet/preferredStylesheetSet
401         https://bugs.webkit.org/show_bug.cgi?id=185381
402
403         Reviewed by Darin Adler.
404
405         Document#selectedStylesheetSet/preferredStylesheetSet are non-standard methods that
406         are only implemented WebKit. Blink removed these methods in https://crbug.com/690609.
407         The standard versions of these methods are are no longer in the spec. Remove them
408         entirely from our implementation.
409
410         Updated existing tests and imported/w3c/web-platform-tests/cssom/historical.html.
411
412         * dom/Document.cpp:
413         (WebCore::Document::processHttpEquiv):
414         * dom/Document.h:
415         * dom/Document.idl:
416         * style/StyleScope.cpp:
417         (WebCore::Style::Scope::collectActiveStyleSheets):
418         * style/StyleScope.h:
419         (WebCore::Style::Scope::preferredStylesheetSetName const):
420
421 2018-05-16  Zalan Bujtas  <zalan@apple.com>
422
423         [LFC] Implement width computation for replaced inflow elements.
424         https://bugs.webkit.org/show_bug.cgi?id=185672
425
426         Reviewed by Antti Koivisto.
427
428         Replaced width for block, inline and float elements compute the same way. 
429
430         * layout/FormattingContext.cpp:
431         (WebCore::Layout::FormattingContext::computeWidth const):
432         (WebCore::Layout::FormattingContext::computeFloatingWidth const):
433         (WebCore::Layout::FormattingContext::computeInFlowReplacedWidth const):
434         * layout/FormattingContext.h:
435         * layout/blockformatting/BlockFormattingContext.cpp:
436         (WebCore::Layout::BlockFormattingContext::computeInFlowWidth const):
437         * layout/layouttree/LayoutBox.cpp:
438         (WebCore::Layout::Box::hasIntrinsicWidth const):
439         (WebCore::Layout::Box::hasIntrinsicHeight const):
440         (WebCore::Layout::Box::hasIntrinsicRatio const):
441         (WebCore::Layout::Box::intrinsicWidth const):
442         (WebCore::Layout::Box::intrinsicHeight const):
443         (WebCore::Layout::Box::intrinsicRatio const):
444         * layout/layouttree/LayoutBox.h:
445
446 2018-05-16  Zalan Bujtas  <zalan@apple.com>
447
448         [LFC] Make Display::Box box sizing aware
449         https://bugs.webkit.org/show_bug.cgi?id=185649
450
451         Reviewed by Antti Koivisto.
452
453         Display::Box::width() == Display::Box::contentBox().width() <= box-sizing: content-box; (initial and default value)
454         Display::Box::width() == Display::Box::borderBox().width() <= box-sizing: border-box;
455
456         * layout/LayoutContext.cpp:
457         (WebCore::Layout::LayoutContext::createDisplayBox):
458         * layout/displaytree/DisplayBox.cpp:
459         (WebCore::Display::Box::Box):
460         (WebCore::Display::Box::marginBox const):
461         (WebCore::Display::Box::borderBox const):
462         (WebCore::Display::Box::paddingBox const):
463         (WebCore::Display::Box::contentBox const):
464         * layout/displaytree/DisplayBox.h:
465
466 2018-05-16  Antoine Quint  <graouts@apple.com>
467
468         REGRESSION (r230574): Interrupted hardware transitions don't behave correctly
469         https://bugs.webkit.org/show_bug.cgi?id=185299
470         <rdar://problem/39630230>
471
472         Reviewed by Simon Fraser.
473
474         In r230574, the fix for webkit.org/b/184518, we changed the processing order in GraphicsLayerCA::updateAnimations() to first
475         process m_uncomittedAnimations and then m_animationsToProcess, so we are guaranteed animations exist before we attempt to pause
476         or seek them. This broke interrupting and resuming hardware animations (such as an interrupted CSS Transition or an animation
477         running in a non-visible tab) since a pause operation recorded _before_ an animation was added would be paused anyway since
478         the animation was now first added, and then paused. The fix is simply to clear any pending AnimationProcessingAction for a
479         newly-uncommitted animation.
480
481         Test: transitions/interrupted-transition-hardware.html
482
483         * platform/graphics/ca/GraphicsLayerCA.cpp:
484         (WebCore::GraphicsLayerCA::createAnimationFromKeyframes):
485         (WebCore::GraphicsLayerCA::appendToUncommittedAnimations):
486         (WebCore::GraphicsLayerCA::createTransformAnimationsFromKeyframes):
487         * platform/graphics/ca/GraphicsLayerCA.h:
488         (WebCore::GraphicsLayerCA::LayerPropertyAnimation::LayerPropertyAnimation):
489
490 2018-05-15  Yusuke Suzuki  <utatane.tea@gmail.com>
491
492         [JSC] Check TypeInfo first before calling getCallData when we would like to check whether given object is a function
493         https://bugs.webkit.org/show_bug.cgi?id=185601
494
495         Reviewed by Saam Barati.
496
497         No behavior change.
498
499         * Modules/plugins/QuickTimePluginReplacement.mm:
500         (WebCore::QuickTimePluginReplacement::ensureReplacementScriptInjected):
501         * bindings/js/JSCustomElementRegistryCustom.cpp:
502         (WebCore::getCustomElementCallback):
503         * bindings/js/JSDOMConstructorBase.h:
504         * bindings/js/JSDOMConvertCallbacks.h:
505         (WebCore::Converter<IDLCallbackFunction<T>>::convert):
506         * bindings/js/JSDOMPromise.cpp:
507         (WebCore::DOMPromise::whenSettled):
508         * bindings/js/ReadableStream.cpp:
509         (WebCore::ReadableStream::pipeTo):
510         (WebCore::ReadableStream::tee):
511         * bindings/js/ReadableStreamDefaultController.cpp:
512         (WebCore::ReadableStreamDefaultController::invoke):
513         * bindings/scripts/CodeGeneratorJS.pm:
514         (GenerateHeader):
515         (GenerateOverloadDispatcher):
516         * bindings/scripts/test/JS/JSTestObj.h:
517         * bindings/scripts/test/JS/JSTestPluginInterface.h:
518         * bridge/objc/objc_runtime.h:
519         * bridge/runtime_method.h:
520         * bridge/runtime_object.h:
521         * html/HTMLMediaElement.cpp:
522         (WebCore::HTMLMediaElement::ensureMediaControlsInjectedScript):
523         * testing/Internals.cpp:
524         (WebCore::Internals::parserMetaData):
525         (WebCore::Internals::cloneArrayBuffer):
526
527 2018-05-15  Matt Baker  <mattbaker@apple.com>
528
529         Web Inspector: element details hanger in inspector overlay should have better placement logic
530         https://bugs.webkit.org/show_bug.cgi?id=128482
531         <rdar://problem/16020709>
532
533         Reviewed by Timothy Hatcher.
534
535         When determining the best position for the hovered element details "tooltip",
536         perform placement tests in view space, not canvas space, and account for the
537         top content inset.
538
539         * inspector/InspectorOverlayPage.js:
540         (reset): Drive by fix: added missing `.height`.
541         (_drawElementTitle):
542
543 2018-05-15  Commit Queue  <commit-queue@webkit.org>
544
545         Unreviewed, rolling out r231765.
546         https://bugs.webkit.org/show_bug.cgi?id=185668
547
548         the layout test added with this change is very flaky
549         (Requested by realdawei on #webkit).
550
551         Reverted changeset:
552
553         "REGRESSION (r230574): Interrupted hardware transitions don't
554         behave correctly"
555         https://bugs.webkit.org/show_bug.cgi?id=185299
556         https://trac.webkit.org/changeset/231765
557
558 2018-05-15  Devin Rousso  <webkit@devinrousso.com>
559
560         Web Inspector: Add rulers and guides
561         https://bugs.webkit.org/show_bug.cgi?id=32263
562         <rdar://problem/19281564>
563
564         Reviewed by Matt Baker.
565
566         This patch is purely a visual change for WebInspector, and doesn't affect anything else.
567
568         * inspector/InspectorOverlay.h:
569         * inspector/InspectorOverlay.cpp:
570         (WebCore::InspectorOverlay::update):
571         (WebCore::InspectorOverlay::reset):
572         (WebCore::InspectorOverlay::drawGutter): Deleted.
573
574         * inspector/InspectorOverlayPage.html:
575         * inspector/InspectorOverlayPage.js:
576         (Bounds): Added.
577         (Bounds.prototype.get minX): Added.
578         (Bounds.prototype.get minY): Added.
579         (Bounds.prototype.get maxX): Added.
580         (Bounds.prototype.get maxY): Added.
581         (Bounds.prototype.update): Added.
582         (drawNodeHighlight):
583         (drawQuadHighlight):
584         (reset):
585         (_isolateActions): Added.
586         (_quadToPath): Added.
587         (_quadToPath.parseQuadPoint): Added.
588         (_drawOutlinedQuad): Added.
589         (_drawPath): Added.
590         (_drawPath.parsePoints): Added.
591         (_drawOutlinedQuadWithClip): Added.
592         (_drawElementTitle):
593         (_drawShapeHighlight):
594         (_drawFragmentHighlight):
595         (_drawRulers): Added.
596         (quadToPath): Deleted.
597         (drawOutlinedQuad): Deleted.
598         (pathCommand): Deleted.
599         (drawPath): Deleted.
600         (drawOutlinedQuadWithClip): Deleted.
601         (drawGutter): Deleted.
602         * inspector/InspectorOverlayPage.css:
603         (#log): Added.
604         (#right-gutter): Deleted.
605         (#bottom-gutter): Deleted.
606
607 2018-05-15  Jer Noble  <jer.noble@apple.com>
608
609         Media continues loading after rendered invisible (removed from DOM; scrolled off screen)
610         https://bugs.webkit.org/show_bug.cgi?id=185487
611
612         Reviewed by Eric Carlson.
613
614         Test: media/video-buffering-allowed.html
615
616         When a media element is removed from the dom (e.g. through innerHTML=""), it doesn't
617         necessarily stop loading media data; it will continue to do so until its destructor is
618         called through garbage collection. Similarly, when a media element is rendered not-visible
619         by being scrolled off-screen or being made display:none, media loading continues. There
620         are legitimate use cases for out-of-DOM media loading, so only temporarily block loading
621         when the element transitions out of the document. Similarly, only block loading for non-visible
622         media elements when returning from the "page is hidden" state, and only until the media
623         element is asked to play or is otherwise made visible.
624
625         Note: this refactors a lot of code out of PlatformMediaSession and into MediaElementSession,
626         since this code is specific to "media elements".
627
628         * html/HTMLMediaElement.cpp:
629         (WebCore::HTMLMediaElement::HTMLMediaElement):
630         (WebCore::HTMLMediaElement::insertedIntoAncestor):
631         (WebCore::HTMLMediaElement::removedFromAncestor):
632         (WebCore::HTMLMediaElement::playInternal):
633         (WebCore::HTMLMediaElement::stopWithoutDestroyingMediaPlayer):
634         (WebCore::HTMLMediaElement::resume):
635         (WebCore::HTMLMediaElement::visibilityStateChanged):
636         (WebCore::HTMLMediaElement::createMediaPlayer):
637         (WebCore::HTMLMediaElement::setShouldBufferData):
638         (WebCore::HTMLMediaElement::purgeBufferedDataIfPossible):
639         (WebCore::HTMLMediaElement::isVisibleInViewportChanged):
640         (WebCore::HTMLMediaElement::fullscreenModeChanged):
641         (WebCore::HTMLMediaElement::setInActiveDocument):
642         * html/HTMLMediaElement.h:
643         (WebCore::HTMLMediaElement::shouldBufferData const):
644         (WebCore::HTMLMediaElement::elementIsHidden const):
645         * html/MediaElementSession.cpp:
646         (WebCore::MediaElementSession::MediaElementSession):
647         (WebCore::MediaElementSession::clientWillBeginAutoplaying):
648         (WebCore::MediaElementSession::clientWillBeginPlayback):
649         (WebCore::MediaElementSession::clientWillPausePlayback):
650         (WebCore::MediaElementSession::visibilityChanged):
651         (WebCore::MediaElementSession::isVisibleInViewportChanged):
652         (WebCore::MediaElementSession::inActiveDocumentChanged):
653         (WebCore::MediaElementSession::scheduleClientDataBufferingCheck):
654         (WebCore::MediaElementSession::clientDataBufferingTimerFired):
655         (WebCore::MediaElementSession::updateClientDataBuffering):
656         (WebCore::MediaElementSession::dataBufferingPermitted const):
657         (WebCore::MediaElementSession::wantsToObserveViewportVisibilityForAutoplay const):
658         * html/MediaElementSession.h:
659         * platform/audio/PlatformMediaSession.cpp:
660         (WebCore::PlatformMediaSession::PlatformMediaSession):
661         (WebCore::PlatformMediaSession::clientWillBeginAutoplaying):
662         (WebCore::PlatformMediaSession::clientWillBeginPlayback):
663         (WebCore::PlatformMediaSession::clientWillPausePlayback):
664         (): Deleted.
665         (WebCore::PlatformMediaSession::visibilityChanged): Deleted.
666         (WebCore::PlatformMediaSession::scheduleClientDataBufferingCheck): Deleted.
667         (WebCore::PlatformMediaSession::clientDataBufferingTimerFired): Deleted.
668         (WebCore::PlatformMediaSession::updateClientDataBuffering): Deleted.
669         (WebCore::PlatformMediaSession::isHidden const): Deleted.
670         * platform/audio/PlatformMediaSession.h:
671         (WebCore::PlatformMediaSessionClient::setShouldBufferData): Deleted.
672         (WebCore::PlatformMediaSessionClient::elementIsHidden const): Deleted.
673         * platform/audio/PlatformMediaSessionManager.cpp:
674         (WebCore::PlatformMediaSessionManager::sessionCanLoadMedia const): Deleted.
675         * platform/audio/PlatformMediaSessionManager.h:
676         * platform/audio/ios/MediaSessionManagerIOS.h:
677         * platform/audio/ios/MediaSessionManagerIOS.mm:
678         (WebCore::MediaSessionManageriOS::sessionCanLoadMedia const): Deleted.
679         * rendering/RenderVideo.cpp:
680         (WebCore::RenderVideo::willBeDestroyed):
681         * testing/Internals.cpp:
682         (WebCore::Internals::elementShouldBufferData):
683         * testing/Internals.h:
684         * testing/Internals.idl:
685
686 2018-05-15  Charles Vazac  <cvazac@gmail.com>
687
688         Add the PerformanceServerTiming Interface which makes Server-Timing header timing values available to JavaScript running in the browser.
689         https://bugs.webkit.org/show_bug.cgi?id=175569
690
691         Reviewed by Youenn Fablet.
692
693         Tests were imported from web-platform-tests: WebKit/LayoutTests/imported/w3c/web-platform-tests/server-timing/*
694
695         * Sources.txt: Added references to HeaderFieldTokenizer.cpp, ServerTiming.cpp, and ServerTimingParser.cpp.
696         * WebCore.xcodeproj/project.pbxproj: Added various files.
697         * loader/HeaderFieldTokenizer.cpp: Added.
698         (WebCore::HeaderFieldTokenizer::HeaderFieldTokenizer): Added class for tokenizing header values.
699         (WebCore::HeaderFieldTokenizer::consume): Added method to consume a specified character.
700         (WebCore::HeaderFieldTokenizer::consumeQuotedString): Added method to consume a quote-string.
701         (WebCore::HeaderFieldTokenizer::consumeToken): Added a method to consume a token.
702         (WebCore::HeaderFieldTokenizer::consumeTokenOrQuotedString): Added method to consume a quote-string or quote-string, depending on net character.
703         (WebCore::HeaderFieldTokenizer::skipSpaces): Added method to skip whitespace.
704         (WebCore::HeaderFieldTokenizer::consumeBeforeAnyCharMatch): Added method to advance the cursor up until any of a list of characters.
705         * loader/HeaderFieldTokenizer.h: Added.
706         * loader/HTTPHeaderField.cpp: Expose isTokenCharacter and isWhitespace.
707         * loader/HTTPHeaderField.h: Expose isTokenCharacter and isWhitespace.
708         * loader/PolicyChecker.cpp: Added #include so source compiled on my machine.
709         * loader/ResourceTiming.cpp:
710         (WebCore::ResourceTiming::ResourceTiming): Added call to initServerTiming to parse the header.
711         (WebCore::ResourceTiming::initServerTiming): Added method to parse the header.
712         (WebCore::ResourceTiming::populateServerTiming): Added method to populate the server timing entries on a PerformanceResourceTiming object.
713         (WebCore::ResourceTiming::isolatedCopy const): Added code to copy over the server timing entries.
714         * loader/ResourceTiming.h:
715         (WebCore::ResourceTiming::ResourceTiming): Accept collection of server timing entries in c'tor.
716         * loader/ServerTiming.cpp: Added.
717         (WebCore::ServerTiming::setParameter): Set named parameters, ignoring unrecognized or duplicates.
718         (WebCore::ServerTiming::isolatedCopy const): Return a new pointer to the object.
719         * loader/ServerTiming.h: Added.
720         (WebCore::ServerTiming::ServerTiming): Added struct for the data needed by a server timing entry.
721         (WebCore::ServerTiming::name const): Added name field of a server timing entry.
722         (WebCore::ServerTiming::duration const): Added duration field of a server timing entry.
723         (WebCore::ServerTiming::description const): Added description field of a server timing entry.
724         * loader/ServerTimingParser.cpp: Added.
725         (WebCore::ServerTimingParser::parseServerTiming): Parses the header generating a collection of server timing structs.
726         * loader/ServerTimingParser.h: Added.
727         * loader/WorkerThreadableLoader.h: Fix build.
728         * page/Performance.cpp:
729         (WebCore::Performance::addResourceTiming): Fixed a typo.
730         * page/PerformanceResourceTiming.cpp:
731         (WebCore::PerformanceResourceTiming::PerformanceResourceTiming): Given a ResourceTiming object, populate our collection of PerformanceServerTiming objects.
732         * page/PerformanceResourceTiming.h: Added serverTiming member and getter.
733         * page/PerformanceResourceTiming.idl: Added serverTiming member to interface.
734         * platform/network/HTTPHeaderNames.in: Added "Server-Timing" to the header enum.
735         * platform/network/ResourceResponseBase.cpp: Added "Server-Timing" to isSafeCrossOriginResponseHeader whitelist.
736
737 2018-05-15  Brady Eidson  <beidson@apple.com>
738
739         Fix crash after a Worker terminates but there are still IDB transactions the server is trying to open for it.
740         <rdar://problem/33744241> and https://bugs.webkit.org/show_bug.cgi?id=185653
741
742         Reviewed by Andy Estes.
743
744         Test: storage/indexeddb/modern/worker-transaction-open-after-worker-stop.html
745
746         * Modules/indexeddb/client/IDBConnectionProxy.cpp:
747         (WebCore::IDBClient::IDBConnectionProxy::didStartTransaction): It's okay to not be able to find a pending TX
748           that the server has started. e.g. When it was a WebWorker that asked for the TX but it has since terminated.
749
750 2018-05-15  Thomas Klausner  <tk@giga.or.at>
751
752         Add missing header to fix build.
753         https://bugs.webkit.org/show_bug.cgi?id=185378
754
755         Reviewed by Michael Catanzaro.
756
757         * platform/network/soup/SoupNetworkSession.h:
758
759 2018-05-15  Carlos Alberto Lopez Perez  <clopez@igalia.com>
760
761         [WPE] Build failure with RPi userland drivers and gstreamer-gl
762         https://bugs.webkit.org/show_bug.cgi?id=185639
763
764         Reviewed by Philippe Normand.
765
766         When building for the RPi with userland drivers (dispmanx) override the
767         value of GST_GL_HAVE_GLSYNC to 1 to avoid that the gstreamer-gl headers
768         try to redefine the GLsync type that is already defined in libepoxy.
769
770         Defining __gl2_h_ is also needed to avoid other conflicting type
771         definitions that happen between libepoxy and RPi GLES2 userland
772         headers when the gstreamer-gl headers are included.
773
774         The issue doesn't happen with 1.14.0, so a check for that is added
775         as well.
776
777         No new tests, no behavior change. It is a build fix.
778
779         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
780
781 2018-05-15  Michael Catanzaro  <mcatanzaro@igalia.com>
782
783         Unreviewed, rolling out r230749
784
785         This did not work as desired.
786
787         * platform/UserAgentQuirks.cpp:
788         (WebCore::urlRequiresMacintoshPlatform):
789
790 2018-05-15  Dirk Schulze  <krit@webkit.org>
791
792         Add new SVGDOM SVGFEBLEND constants
793         https://bugs.webkit.org/show_bug.cgi?id=185581
794
795         Reviewed by Simon Fraser.
796
797         Provide new SVG DOM constants for the new blend modes added to feBlend.
798
799         https://drafts.fxtf.org/filter-effects-1/#InterfaceSVGFEBlendElement
800
801         * platform/graphics/GraphicsTypes.cpp:
802         (WebCore::blendModeName):
803         * platform/graphics/GraphicsTypes.h:
804         * svg/SVGFEBlendElement.h:
805         (WebCore::SVGPropertyTraits<BlendMode>::highestEnumValue):
806         (WebCore::SVGPropertyTraits<BlendMode>::toString):
807         * svg/SVGFEBlendElement.idl:
808
809 2018-05-15  Antoine Quint  <graouts@apple.com>
810
811         [Web Animations] Expose Web Animations CSS integration as an experimental feature
812         https://bugs.webkit.org/show_bug.cgi?id=185647
813
814         Reviewed by Dean Jackson.
815
816         Make the Web Animations CSS integration flag an experimental feature, and only indicate that it is on if the Web Animations
817         experimental feature is also enabled.
818
819         * dom/Document.cpp:
820         (WebCore::Document::didBecomeCurrentDocumentInFrame):
821         (WebCore::Document::resume):
822         * dom/Element.cpp:
823         (WebCore::Element::removedFromAncestor):
824         * dom/PseudoElement.cpp:
825         (WebCore::PseudoElement::clearHostElement):
826         * history/CachedFrame.cpp:
827         (WebCore::CachedFrameBase::restore):
828         * page/Frame.cpp:
829         (WebCore::Frame::clearTimers):
830         * page/FrameView.cpp:
831         (WebCore::FrameView::didDestroyRenderTree):
832         * page/Page.cpp:
833         (WebCore::Page::handleLowModePowerChange):
834         (WebCore::Page::setIsVisibleInternal):
835         (WebCore::Page::hiddenPageCSSAnimationSuspensionStateChanged):
836         * page/RuntimeEnabledFeatures.h:
837         (WebCore::RuntimeEnabledFeatures::setWebAnimationsCSSIntegrationEnabled):
838         (WebCore::RuntimeEnabledFeatures::webAnimationsCSSIntegrationEnabled const):
839         (WebCore::RuntimeEnabledFeatures::setCSSAnimationsAndCSSTransitionsBackedByWebAnimationsEnabled): Deleted.
840         (WebCore::RuntimeEnabledFeatures::cssAnimationsAndCSSTransitionsBackedByWebAnimationsEnabled const): Deleted.
841         * rendering/RenderLayer.cpp:
842         (WebCore::RenderLayer::currentTransform const):
843         (WebCore::RenderLayer::calculateClipRects const):
844         * rendering/RenderLayerBacking.cpp:
845         (WebCore::RenderLayerBacking::updateGeometry):
846         * rendering/RenderLayerCompositor.cpp:
847         (WebCore::RenderLayerCompositor::requiresCompositingForAnimation const):
848         (WebCore::RenderLayerCompositor::isRunningTransformAnimation const):
849         * rendering/updating/RenderTreeUpdater.cpp:
850         (WebCore::RenderTreeUpdater::tearDownRenderers):
851         * style/StyleTreeResolver.cpp:
852         (WebCore::Style::TreeResolver::createAnimatedElementUpdate):
853         * testing/InternalSettings.cpp:
854         (WebCore::InternalSettings::webAnimationsCSSIntegrationEnabled):
855         (WebCore::InternalSettings::cssAnimationsAndCSSTransitionsBackedByWebAnimationsEnabled): Deleted.
856         * testing/InternalSettings.h:
857         * testing/InternalSettings.idl:
858         * testing/Internals.cpp:
859         (WebCore::Internals::numberOfActiveAnimations const):
860         (WebCore::Internals::animationsAreSuspended const):
861         (WebCore::Internals::animationsInterval const):
862         (WebCore::Internals::suspendAnimations const):
863         (WebCore::Internals::resumeAnimations const):
864
865 2018-05-15  David Kilzer  <ddkilzer@apple.com>
866
867         Fix -Wreturn-std-move warnings in WebKit found by new clang compiler
868         <https://webkit.org/b/185621>
869
870         Reviewed by Youenn Fablet.
871
872         Fix warnings like the following:
873
874             In file included from DerivedSources/WebCore/unified-sources/UnifiedSource139.cpp:5:
875             ./Modules/mediastream/PeerConnectionBackend.cpp:412:16: error: local variable 'sdp' will be copied despite being returned by name [-Werror,-Wreturn-std-move]
876                     return sdp;
877                            ^~~
878             ./Modules/mediastream/PeerConnectionBackend.cpp:412:16: note: call 'std::move' explicitly to avoid copying
879                     return sdp;
880                            ^~~
881                            std::move(sdp)
882             1 error generated.
883
884         * Modules/mediastream/PeerConnectionBackend.cpp:
885         (WebCore::PeerConnectionBackend::filterSDP const):
886         * accessibility/AccessibilityObject.cpp:
887         (WebCore::rangeClosestToRange):
888         * bindings/js/JSDOMConvertSequences.h:
889         (WebCore::Detail::GenericSequenceConverter::convert):
890         (WebCore::Detail::NumericSequenceConverter::convertArray):
891         * bindings/js/JSDOMConvertStrings.cpp:
892         (WebCore::stringToByteString):
893         (WebCore::stringToUSVString):
894         - Use WTFMove() in return statements to fix the warnings.
895
896 2018-05-14  Dean Jackson  <dino@apple.com>
897
898         Download and present System Preview
899         https://bugs.webkit.org/show_bug.cgi?id=185459
900         <rdar://problem/40079228>
901
902         Reviewed by Tim Horton.
903
904         If an <a> is a system preview, tell the resource request about it.
905
906         * html/HTMLAnchorElement.cpp:
907         (WebCore::HTMLAnchorElement::handleClick):
908
909 2018-05-15  Antti Koivisto  <antti@apple.com>
910
911         animation-play-state: paused causes very high cpu load because of style invalidation loop
912         https://bugs.webkit.org/show_bug.cgi?id=182436
913         <rdar://problem/37182562>
914
915         Reviewed by Dean Jackson.
916
917         Test: animations/animation-playstate-paused-style-resolution.html
918
919         If the style of an element with 'animation-play-state: paused' is recomputed so it stays
920         paused we would enter zero-duration animation timer loop.
921
922         * page/animation/AnimationBase.cpp:
923         (WebCore::AnimationBase::updateStateMachine):
924
925         Don't move to AnimationState::PausedWaitResponse unless we get AnimationStateInput::StyleAvailable
926         (matching the comments). Otherwise just stay in the existing paused state.
927
928         Remove AnimationStateInput::StartAnimation from assertion as the case can't happen.
929
930 2018-05-14  Youenn Fablet  <youenn@apple.com>
931
932         readableStreamDefaultControllerError should return early if stream is not readable
933         https://bugs.webkit.org/show_bug.cgi?id=185602
934
935         Reviewed by Chris Dumez.
936
937         Return early if stream is not readable in @readableStreamDefaultControllerError.
938         Update call sites to no longer check for ReadableStream state.
939         Covered by unflaked and rebased tests.
940
941         * Modules/streams/ReadableStreamDefaultController.js:
942         (error):
943         * Modules/streams/ReadableStreamInternals.js:
944         (readableStreamDefaultControllerError):
945         (readableStreamDefaultControllerCallPullIfNeeded):
946
947 2018-05-14  Zalan Bujtas  <zalan@apple.com>
948
949         [LFC] Implement width computation for non-replaced block level inflow elements.
950         https://bugs.webkit.org/show_bug.cgi?id=185641
951
952         Reviewed by Sam Weinig.
953
954         Block level inflow elements participate in block formatting context.
955
956         * layout/FormattingContext.cpp:
957         (WebCore::Layout::FormattingContext::computeWidth const):
958         * layout/FormattingContext.h:
959         * layout/blockformatting/BlockFormattingContext.cpp:
960         (WebCore::Layout::BlockFormattingContext::computeInFlowWidth const):
961         * layout/blockformatting/BlockFormattingContext.h:
962         * layout/inlineformatting/InlineFormattingContext.cpp:
963         (WebCore::Layout::InlineFormattingContext::computeInFlowWidth const):
964         * layout/inlineformatting/InlineFormattingContext.h:
965
966 2018-05-14  Wenson Hsieh  <wenson_hsieh@apple.com>
967
968         Unreviewed, fix the iOS build after r231779
969
970         Also address a minor in-person review comment by returning "extrazoom" instead of the empty string.
971
972         * page/DisabledAdaptations.cpp:
973         (WebCore::extraZoomModeAdaptationName):
974
975 2018-05-14  Zalan Bujtas  <zalan@apple.com>
976
977         [LFC] FormattingContext:computeOutOfFlowNonReplacedHeight/Width should use the computed margins/paddings/borders
978         https://bugs.webkit.org/show_bug.cgi?id=185633
979
980         Reviewed by Sam Weinig.
981
982         By the time we start computing height and width, DisplayBox should already have the computed values for margin/padding/border.
983
984         * layout/FormattingContext.cpp:
985         (WebCore::Layout::FormattingContext::computeOutOfFlowNonReplacedHeight const):
986         (WebCore::Layout::FormattingContext::computeOutOfFlowNonReplacedWidth const):
987         * layout/displaytree/DisplayBox.h:
988         (WebCore::Display::Box::paddingTop const):
989         (WebCore::Display::Box::paddingLeft const):
990         (WebCore::Display::Box::paddingBottom const):
991         (WebCore::Display::Box::paddingRight const):
992         (WebCore::Display::Box::borderTop const):
993         (WebCore::Display::Box::borderLeft const):
994         (WebCore::Display::Box::borderBottom const):
995         (WebCore::Display::Box::borderRight const):
996
997 2018-05-14  Wenson Hsieh  <wenson_hsieh@apple.com>
998
999         [Extra zoom mode] Google search results are excessively zoomed in
1000         https://bugs.webkit.org/show_bug.cgi?id=185347
1001         <rdar://problem/39999778>
1002
1003         Reviewed by Tim Horton.
1004
1005         It turns out that basing minimum layout size and shrink-to-fit behaviors off of the `shrink-to-fit` viewport
1006         argument poses compatibility risks with web pages that already specify `shrink-to-fit` to opt out of default
1007         viewport shrinking behaviors in 1/3 multitasking mode on iPad.
1008
1009         One way to resolve this is to introduce a new viewport meta content attribute to disable viewport heuristics in
1010         extra zoom mode. However, combined shrink-to-fit and minimum device width behaviors are difficult to describe
1011         using a single backwards-compatible viewport meta content attribute, and the need to suppress the default
1012         behavior of `shrink-to-fit=no` if such an attribute is not disabled further muddles our viewport story.
1013
1014         After some internal deliberation, we’ve decided to experiment with a new meta tag named "disabled-adaptations".
1015         The content of this meta tag is a comma-separated list of adaptation names; if an adaptation name matches a
1016         known adaptation type (for instance, extra zoom mode), we disable the class of behaviors used to adapt web
1017         content. The first and only known adaptation type is extra zoom mode, which affects `shrink-to-fit` and layout
1018         size adjustments.
1019
1020         See per-method changes below for more details.
1021
1022         Test: fast/viewport/extrazoom/viewport-disable-extra-zoom-adaptations.html
1023
1024         * Sources.txt:
1025         * WebCore.xcodeproj/project.pbxproj:
1026         * dom/Document.cpp:
1027         (WebCore::Document::processDisabledAdaptations):
1028         * dom/Document.h:
1029         (WebCore::Document::disabledAdaptations const):
1030
1031         Add disabled adaptations to Document. Changes to disabled adaptations are not propagated if the parsed disabled
1032         adaptation types don't change; upon changing adaptation types, notify the client to adjust for the new disabled
1033         adaptations (currently, this only affects the viewport configuration).
1034
1035         * dom/ViewportArguments.h:
1036         * html/HTMLMetaElement.cpp:
1037         (WebCore::HTMLMetaElement::process):
1038         * html/parser/HTMLPreloadScanner.cpp:
1039         (WebCore::TokenPreloadScanner::StartTagScanner::StartTagScanner):
1040         (WebCore::TokenPreloadScanner::StartTagScanner::processAttributes):
1041         (WebCore::TokenPreloadScanner::StartTagScanner::processAttribute):
1042         * loader/FrameLoader.cpp:
1043         (WebCore::FrameLoader::commitProvisionalLoad):
1044
1045         Restore the set of disabled adaptations when restoring a page from the cache.
1046
1047         * page/Chrome.cpp:
1048         (WebCore::Chrome::dispatchDisabledAdaptationsDidChange const):
1049         * page/Chrome.h:
1050         * page/ChromeClient.h:
1051
1052         Add plumbing for changes to the set of disabled adaptations.
1053
1054         * page/DisabledAdaptations.cpp: Added.
1055         (WebCore::extraZoomModeAdaptationName):
1056         * page/DisabledAdaptations.h: Added.
1057
1058         Introduce a header containing a new enum for the extra zoom mode adaptation, as well as a helper function to
1059         return the extra zoom mode adaptation name.
1060
1061         * page/Page.cpp:
1062         (WebCore::Page::disabledAdaptations const):
1063
1064         Returns the mainframe's set of adaptations to disable.
1065
1066         * page/Page.h:
1067         * page/RemoteFrame.h:
1068         * page/RuntimeEnabledFeatures.h:
1069         (WebCore::RuntimeEnabledFeatures::setDisabledAdaptationsMetaTagEnabled):
1070         (WebCore::RuntimeEnabledFeatures::disabledAdaptationsMetaTagEnabled const):
1071
1072         Add a new runtime feature to gate handling the "disabled-adaptations" meta tag.
1073
1074         * page/ViewportConfiguration.cpp:
1075         (WebCore::shouldOverrideShrinkToFitArgument):
1076         (WebCore::needsUpdateAfterChangingDisabledAdaptations):
1077         (WebCore::ViewportConfiguration::setDisabledAdaptations):
1078         (WebCore::ViewportConfiguration::shouldOverrideDeviceWidthAndShrinkToFit const):
1079
1080         Consult whether or not extra zoom mode adaptations are disabled, instead of the shrink-to-fit attribute value.
1081
1082         (WebCore::ViewportConfiguration::updateConfiguration):
1083         * page/ViewportConfiguration.h:
1084
1085         Add an OptionSet of disabled adaptation types to ViewportConfiguration. Updates to the adaptation type are
1086         propagated to the ViewportConfiguration from Document, through the ChromeClient and the client layer (refer to
1087         changes in WebKit). Once the OptionSet is changed, we recompute the viewport configuration only if needed by the
1088         platform.
1089
1090         (WebCore::ViewportConfiguration::viewLayoutSize const):
1091         (WebCore::ViewportConfiguration::disabledAdaptations const):
1092         * page/WindowFeatures.cpp:
1093         (WebCore::parseDisabledAdaptations):
1094         * page/WindowFeatures.h:
1095
1096         Add a new helper to parse the meta content of a "disabled-adaptations" tag as an OptionSet of disabled
1097         adaptation types. The string is parsed by first splitting on the comma character, and then iterating over lower
1098         case, whitespace-stripped tokens to look for known adaptation names. So far, only extra zoom mode is supported.
1099
1100         * testing/Internals.cpp:
1101         (WebCore::Internals::extraZoomModeAdaptationName const):
1102         * testing/Internals.h:
1103         * testing/Internals.idl:
1104
1105         Expose the extra zoom mode adaptation name to the DOM, only when running layout tests.
1106
1107 2018-05-14  Joanmarie Diggs  <jdiggs@igalia.com>
1108
1109         AX: Listbox and Combobox roles embedded in labels should participate in name calculation
1110         https://bugs.webkit.org/show_bug.cgi?id=185521
1111
1112         Reviewed by Chris Fleizach.
1113
1114         Take selected children into account when computing the name in accessibleNameForNode.
1115         Add ListBox to the roles for which accessibleNameDerivesFromContent returns false so
1116         that native select elements with size > 1 are treated the same way as ARIA listbox.
1117         Also add ListBox to the roles which are treated as controls when used in ARIA. Finally,
1118         prevent labels which contain unrelated controls from being used as an AXTitleUIElement.
1119         This causes us to build a string from the label and its descendants, ensuring the latter
1120         participate in the name calculation.
1121
1122         Test: accessibility/text-alternative-calculation-from-listbox.html
1123
1124         * accessibility/AccessibilityLabel.cpp:
1125         (WebCore::childrenContainUnrelatedControls):
1126         (WebCore::AccessibilityLabel::containsUnrelatedControls const):
1127         * accessibility/AccessibilityLabel.h:
1128         * accessibility/AccessibilityNodeObject.cpp:
1129         (WebCore::accessibleNameForNode):
1130         * accessibility/AccessibilityObject.cpp:
1131         (WebCore::AccessibilityObject::accessibleNameDerivesFromContent const):
1132         (WebCore::AccessibilityObject::isARIAControl):
1133         * accessibility/AccessibilityRenderObject.cpp:
1134         (WebCore::AccessibilityRenderObject::exposesTitleUIElement const):
1135         (WebCore::AccessibilityRenderObject::computeAccessibilityIsIgnored const):
1136
1137 2018-05-14  Antoine Quint  <graouts@apple.com>
1138
1139         [Web Animations] Tests using the new animation engine may crash under WebCore::FrameView::didDestroyRenderTree when using internals methods
1140         https://bugs.webkit.org/show_bug.cgi?id=185612
1141         <rdar://problem/39579344>
1142
1143         Reviewed by Dean Jackson.
1144
1145         Add a new internals.pseudoElement() method to obtain a pseudo element matching a given pseudo-id. This is necessary to be able to move off
1146         internals.pauseTransitionAtTimeOnPseudoElement() and internals.pauseAnimationAtTimeOnPseudoElement() for Web Animations testing.
1147
1148         * testing/Internals.cpp:
1149         (WebCore::Internals::pseudoElement):
1150         * testing/Internals.h:
1151         * testing/Internals.idl:
1152
1153 2018-05-14  Antoine Quint  <graouts@apple.com>
1154
1155         REGRESSION (r230574): Interrupted hardware transitions don't behave correctly
1156         https://bugs.webkit.org/show_bug.cgi?id=185299
1157         <rdar://problem/39630230>
1158
1159         Reviewed by Simon Fraser.
1160
1161         In r230574, the fix for webkit.org/b/184518, we changed the processing order in GraphicsLayerCA::updateAnimations() to first
1162         process m_uncomittedAnimations and then m_animationsToProcess, so we are guaranteed animations exist before we attempt to pause
1163         or seek them. This broke interrupting and resuming hardware animations (such as an interrupted CSS Transition or an animation
1164         running in a non-visible tab) since a pause operation recorded _before_ an animation was added would be paused anyway since
1165         the animation was now first added, and then paused. The fix is simply to clear any pending AnimationProcessingAction for a
1166         newly-uncommitted animation.
1167
1168         Test: transitions/interrupted-transition-hardware.html
1169
1170         * platform/graphics/ca/GraphicsLayerCA.cpp:
1171         (WebCore::GraphicsLayerCA::createAnimationFromKeyframes):
1172         (WebCore::GraphicsLayerCA::appendToUncommittedAnimations):
1173         (WebCore::GraphicsLayerCA::createTransformAnimationsFromKeyframes):
1174         * platform/graphics/ca/GraphicsLayerCA.h:
1175         (WebCore::GraphicsLayerCA::LayerPropertyAnimation::LayerPropertyAnimation):
1176
1177 2018-05-14  Thibault Saunier  <tsaunier@igalia.com>
1178
1179         [GStreamer] Fix style issue in MediaPlayerPrivateGStreamerBase
1180         https://bugs.webkit.org/show_bug.cgi?id=185510
1181
1182         Reviewed by Philippe Normand.
1183
1184         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:629:  More than one command on the same line  [whitespace/newline] [4]
1185         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:684:  More than one command on the same line  [whitespace/newline] [4]
1186         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:807:  More than one command on the same line  [whitespace/newline] [4]
1187
1188         Indentation and style issue fixed only.
1189
1190         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
1191         (WebCore::MediaPlayerPrivateGStreamerBase::volumeChangedCallback):
1192         (WebCore::MediaPlayerPrivateGStreamerBase::muteChangedCallback):
1193         (WebCore::MediaPlayerPrivateGStreamerBase::triggerRepaint):
1194
1195 2018-05-14  Zalan Bujtas  <zalan@apple.com>
1196
1197         [LFC] Implement height computation for non-replaced out of flow elements.
1198         https://bugs.webkit.org/show_bug.cgi?id=185585
1199
1200         Reviewed by Antti Koivisto.
1201
1202         * layout/FormattingContext.cpp:
1203         (WebCore::Layout::FormattingContext::computeHeight const):
1204         (WebCore::Layout::FormattingContext::computeOutOfFlowHeight const):
1205         (WebCore::Layout::FormattingContext::layoutOutOfFlowDescendants const):
1206         (WebCore::Layout::FormattingContext::computeOutOfFlowNonReplacedHeight const):
1207         (WebCore::Layout::FormattingContext::computeHeightForBlockFormattingContextRootWithAutoHeight const):
1208         * layout/FormattingContext.h:
1209         * layout/blockformatting/BlockFormattingContext.h:
1210         * layout/displaytree/DisplayBox.h:
1211
1212 2018-05-14  Manuel Rego Casasnovas  <rego@igalia.com>
1213
1214         Renaming of overrides in LayoutBox
1215         https://bugs.webkit.org/show_bug.cgi?id=185609
1216
1217         Reviewed by Javier Fernandez.
1218
1219         The names of the methods for the overrides were not consistent,
1220         this patch fixes it by using the same structure in all the cases.
1221
1222         No new tests, no change of behavior.
1223
1224         * rendering/GridLayoutFunctions.cpp:
1225         (WebCore::GridLayoutFunctions::hasOverrideContainingBlockContentSizeForChild):
1226         * rendering/GridTrackSizingAlgorithm.cpp:
1227         (WebCore::GridTrackSizingAlgorithmStrategy::logicalHeightForChild const):
1228         * rendering/RenderBlock.cpp:
1229         (WebCore::RenderBlock::computeChildPreferredLogicalWidths const):
1230         (WebCore::RenderBlock::availableLogicalHeightForPercentageComputation const):
1231         * rendering/RenderBlockFlow.cpp:
1232         (WebCore::RenderBlockFlow::fitBorderToLinesIfNeeded):
1233         * rendering/RenderBlockLineLayout.cpp:
1234         (WebCore::RenderBlockFlow::updateRubyForJustifiedText):
1235         * rendering/RenderBox.cpp:
1236         (WebCore::RenderBox::willBeDestroyed):
1237         (WebCore::RenderBox::hasOverrideContentLogicalHeight const):
1238         (WebCore::RenderBox::hasOverrideContentLogicalWidth const):
1239         (WebCore::RenderBox::setOverrideContentLogicalHeight):
1240         (WebCore::RenderBox::setOverrideContentLogicalWidth):
1241         (WebCore::RenderBox::clearOverrideContentLogicalHeight):
1242         (WebCore::RenderBox::clearOverrideContentLogicalWidth):
1243         (WebCore::RenderBox::clearOverrideContentSize):
1244         (WebCore::RenderBox::overrideContentLogicalWidth const):
1245         (WebCore::RenderBox::overrideContentLogicalHeight const):
1246         (WebCore::RenderBox::overrideContainingBlockContentLogicalWidth const):
1247         (WebCore::RenderBox::overrideContainingBlockContentLogicalHeight const):
1248         (WebCore::RenderBox::hasOverrideContainingBlockContentLogicalWidth const):
1249         (WebCore::RenderBox::hasOverrideContainingBlockContentLogicalHeight const):
1250         (WebCore::RenderBox::setOverrideContainingBlockContentLogicalWidth):
1251         (WebCore::RenderBox::setOverrideContainingBlockContentLogicalHeight):
1252         (WebCore::RenderBox::clearOverrideContainingBlockContentSize):
1253         (WebCore::RenderBox::clearOverrideContainingBlockContentLogicalHeight):
1254         (WebCore::RenderBox::containingBlockLogicalWidthForContent const):
1255         (WebCore::RenderBox::containingBlockLogicalHeightForContent const):
1256         (WebCore::RenderBox::perpendicularContainingBlockLogicalHeight const):
1257         (WebCore::RenderBox::computeLogicalWidthInFragment const):
1258         (WebCore::RenderBox::computeLogicalHeight const):
1259         (WebCore::RenderBox::computePercentageLogicalHeight const):
1260         (WebCore::RenderBox::computeReplacedLogicalHeightUsing const):
1261         (WebCore::RenderBox::availableLogicalHeightUsing const):
1262         (WebCore::RenderBox::containingBlockLogicalWidthForPositioned const):
1263         (WebCore::RenderBox::containingBlockLogicalHeightForPositioned const):
1264         * rendering/RenderBox.h:
1265         * rendering/RenderBoxModelObject.cpp:
1266         (WebCore::RenderBoxModelObject::hasAutoHeightOrContainingBlockWithAutoHeight const):
1267         * rendering/RenderDeprecatedFlexibleBox.cpp:
1268         (WebCore::contentWidthForChild):
1269         (WebCore::contentHeightForChild):
1270         (WebCore::gatherFlexChildrenInfo):
1271         (WebCore::RenderDeprecatedFlexibleBox::layoutHorizontalBox):
1272         (WebCore::RenderDeprecatedFlexibleBox::layoutVerticalBox):
1273         (WebCore::RenderDeprecatedFlexibleBox::applyLineClamp):
1274         (WebCore::RenderDeprecatedFlexibleBox::clearLineClamp):
1275         * rendering/RenderFlexibleBox.cpp:
1276         (WebCore::RenderFlexibleBox::computeInnerFlexBaseSizeForChild):
1277         (WebCore::RenderFlexibleBox::crossSizeForPercentageResolution):
1278         (WebCore::RenderFlexibleBox::mainSizeForPercentageResolution):
1279         (WebCore::RenderFlexibleBox::constructFlexItem):
1280         (WebCore::RenderFlexibleBox::setOverrideMainAxisContentSizeForChild):
1281         (WebCore::RenderFlexibleBox::applyStretchAlignmentToChild):
1282         * rendering/RenderFullScreen.cpp:
1283         (WebCore::RenderFullScreen::unwrapRenderer):
1284         * rendering/RenderGrid.cpp:
1285         (WebCore::RenderGrid::layoutBlock):
1286         (WebCore::RenderGrid::layoutGridItems):
1287         (WebCore::RenderGrid::applyStretchAlignmentToChildIfNeeded):
1288         * rendering/RenderRubyBase.cpp:
1289         (WebCore::RenderRubyBase::adjustInlineDirectionLineBounds const):
1290         * rendering/RenderTableCell.cpp:
1291         (WebCore::RenderTableCell::setOverrideContentLogicalHeightFromRowHeight):
1292         * rendering/RenderTableCell.h:
1293         * rendering/RenderTableSection.cpp:
1294         (WebCore::RenderTableSection::calcRowLogicalHeight):
1295         (WebCore::RenderTableSection::relayoutCellIfFlexed):
1296
1297 2018-05-14  Zalan Bujtas  <zalan@apple.com>
1298
1299         [LFC] Implement width computation for non-replaced out of flow elements.
1300         https://bugs.webkit.org/show_bug.cgi?id=185598
1301
1302         Reviewed by Antti Koivisto.
1303
1304         * layout/FormattingContext.cpp:
1305         (WebCore::Layout::FormattingContext::computeWidth const):
1306         (WebCore::Layout::FormattingContext::computeOutOfFlowWidth const):
1307         (WebCore::Layout::FormattingContext::layoutOutOfFlowDescendants const):
1308         (WebCore::Layout::FormattingContext::computeOutOfFlowNonReplacedWidth const):
1309         (WebCore::Layout::FormattingContext::shrinkToFitWidth const):
1310         * layout/FormattingContext.h:
1311         * layout/blockformatting/BlockFormattingContext.cpp:
1312         (WebCore::Layout::BlockFormattingContext::layout const):
1313         * layout/displaytree/DisplayBox.h:
1314
1315 2018-05-14  Zan Dobersek  <zdobersek@igalia.com>
1316
1317         Drop the m_compositorTexture member variable in TextureMapperGC3DPlatformLayer.
1318         It's not used at all inside the class or outside it.
1319
1320         Rubber-stamped by Michael Catanzaro.
1321
1322         * platform/graphics/texmap/TextureMapperGC3DPlatformLayer.h:
1323
1324 2018-05-14  Zan Dobersek  <zdobersek@igalia.com>
1325
1326         [GTK] REGRESSION(r231170) Build broken with Clang 5.0
1327         https://bugs.webkit.org/show_bug.cgi?id=185198
1328
1329         Reviewed by Michael Catanzaro.
1330
1331         Avoid gperf files using the register keyword which has been made
1332         reserved and as such unusable in C++17.
1333
1334         * css/makeSelectorPseudoClassAndCompatibilityElementMap.py:
1335         * css/makeSelectorPseudoElementsMap.py:
1336         * css/makeprop.pl:
1337         * css/makevalues.pl:
1338         * platform/ColorData.gperf:
1339         * platform/ReferrerPolicy.h: With std::optional forward declaration
1340         gone, explicitly include the WTF Optional.h header.
1341         * platform/Theme.h: Ditto.
1342         * platform/network/create-http-header-name-table:
1343
1344 2018-05-14  Commit Queue  <commit-queue@webkit.org>
1345
1346         Unreviewed, rolling out r219515.
1347         https://bugs.webkit.org/show_bug.cgi?id=185603
1348
1349         It sometimes makes AudioUnitInitialize call to fail in
1350         CoreAudioCaptureSource (Requested by youenn on #webkit).
1351
1352         Reverted changeset:
1353
1354         "Remove CoreAudioCaptureSource speaker configuration"
1355         https://bugs.webkit.org/show_bug.cgi?id=174512
1356         https://trac.webkit.org/changeset/219515
1357
1358 2018-05-13  Dirk Schulze  <krit@webkit.org>
1359
1360         Implement SVGGeometryElement's isPointInFill and isPointInStroke
1361         https://bugs.webkit.org/show_bug.cgi?id=185580
1362
1363         Reviewed by Antti Koivisto.
1364
1365         Implement isPointInFill and isPointInStroke methods for
1366         SVGGeometryElement interface from SVG2.
1367
1368         https://svgwg.org/svg2-draft/types.html#InterfaceSVGGeometryElement
1369
1370         Tests: svg/dom/SVGGeometry-isPointInFill.xhtml
1371                svg/dom/SVGGeometry-isPointInStroke.xhtml
1372
1373         * rendering/svg/RenderSVGEllipse.cpp:
1374         (WebCore::RenderSVGEllipse::shapeDependentStrokeContains): Flag
1375                 to switch between local and "global" coordinate space for hit testing.
1376         * rendering/svg/RenderSVGEllipse.h:
1377         * rendering/svg/RenderSVGPath.cpp:
1378         (WebCore::RenderSVGPath::shapeDependentStrokeContains): Flag
1379                 to switch between local and "global" coordinate space for hit testing.
1380         * rendering/svg/RenderSVGPath.h:
1381         * rendering/svg/RenderSVGRect.cpp:
1382         (WebCore::RenderSVGRect::shapeDependentStrokeContains): Flag
1383                 to switch between local and "global" coordinate space for hit testing.
1384         * rendering/svg/RenderSVGRect.h:
1385         * rendering/svg/RenderSVGShape.cpp:
1386         (WebCore::RenderSVGShape::shapeDependentStrokeContains): Flag
1387                 to switch between local and "global" coordinate space for hit testing.
1388         (WebCore::RenderSVGShape::isPointInFill): Take the winding rule given by
1389                 `fill-rule` to test if a given point is in the fill area of a path.
1390         (WebCore::RenderSVGShape::isPointInStroke): Take stroke properties into
1391                 account to check if a point is on top of the stroke area.
1392         * rendering/svg/RenderSVGShape.h:
1393         * svg/SVGGeometryElement.cpp:
1394         (WebCore::SVGGeometryElement::isPointInFill):
1395         (WebCore::SVGGeometryElement::isPointInStroke):
1396         (WebCore::SVGGeometryElement::createElementRenderer): Deleted. This is getting implemented
1397                 by inheriting classes. No need to create RenderSVGPath here.
1398         * svg/SVGGeometryElement.h:
1399         * svg/SVGGeometryElement.idl:
1400
1401 2018-05-12  Zalan Bujtas  <zalan@apple.com>
1402
1403         Use WeakPtr for m_enclosingPaginationLayer in RenderLayer
1404         https://bugs.webkit.org/show_bug.cgi?id=185566
1405         <rdar://problem/36486052>
1406
1407         Reviewed by Simon Fraser.
1408
1409         Since RenderLayer does not own the enclosing pagination layout, it should
1410         construct a weak pointer instead of holding on to a raw pointer.
1411
1412         Unable to create a reliably reproducible test case.
1413
1414         * page/mac/EventHandlerMac.mm:
1415         (WebCore::scrollableAreaForEventTarget):
1416         (WebCore::scrollableAreaForContainerNode):
1417         (WebCore::EventHandler::platformPrepareForWheelEvents):
1418         * platform/ScrollableArea.h:
1419         (WebCore::ScrollableArea::weakPtrFactory const):
1420         (WebCore::ScrollableArea::createWeakPtr): Deleted.
1421         * rendering/RenderLayer.cpp:
1422         (WebCore::RenderLayer::RenderLayer):
1423         (WebCore::RenderLayer::updatePagination):
1424         * rendering/RenderLayer.h:
1425
1426 2018-05-11  Daniel Bates  <dabates@apple.com>
1427
1428         X-Frame-Options: SAMEORIGIN needs to check all ancestor frames
1429         https://bugs.webkit.org/show_bug.cgi?id=185567
1430         <rdar://problem/40175008>
1431
1432         Reviewed by Brent Fulgham.
1433
1434         Change the behavior of "X-Frame-Options: SAMEORIGIN" to ensure that all ancestors frames
1435         are same-origin with the document that delivered this header. This prevents an intermediary
1436         malicious frame from clickjacking a child frame whose document is same-origin with the top-
1437         level frame. It also makes the behavior of X-Frame-Options in WebKit more closely match
1438         the behavior of X-Frame-Options in other browsers, including Chrome and Firefox.
1439         
1440         Currently a document delivered with "X-Frame-Options: SAMEORIGIN" must only be same-origin
1441         with the top-level frame's document in order to be displayed. This prevents clickjacking by
1442         a malicious page that embeds a page delivered with "X-Frame-Options: SAMEORIGIN". However,
1443         it does not protect against clickjacking of the "X-Frame-Options: SAMEORIGIN" page (victim)
1444         if embedded by an intermediate malicious iframe, say a "rogue ad", that was embedded in a
1445         document same origin with the victim page. We should protect against such attacks. 
1446
1447         Tests: http/tests/security/XFrameOptions/x-frame-options-ancestors-same-origin-allow.html
1448                http/tests/security/XFrameOptions/x-frame-options-ancestors-same-origin-deny.html
1449
1450         * loader/FrameLoader.cpp:
1451         (WebCore::FrameLoader::shouldInterruptLoadForXFrameOptions):
1452
1453 2018-05-11  Daniel Bates  <dabates@apple.com>
1454
1455         [iOS] Text decoration of dragged content does not paint with opacity
1456         https://bugs.webkit.org/show_bug.cgi?id=185551
1457         <rdar://problem/40166867>
1458
1459         Reviewed by Wenson Hsieh.
1460
1461         Respect alpha when painting the text decoration for dragged content.
1462
1463         * rendering/InlineTextBox.cpp:
1464         (WebCore::InlineTextBox::MarkedTextStyle::areDecorationMarkedTextStylesEqual): Consider alpha when
1465         comparing decoration styles for equality so that we do not coalesce styles with differing alpha.
1466         (WebCore::InlineTextBox::paintMarkedTextDecoration): Respect alpha when painting dragged content.
1467
1468 2018-05-11  Nan Wang  <n_wang@apple.com>
1469
1470         AX: In role=dialog elements with aria-modal=true VoiceOver iOS/macOS can't manually focus or read dialog paragraph description text inside the modal.
1471         https://bugs.webkit.org/show_bug.cgi?id=185219
1472         <rdar://problem/39920009>
1473
1474         Reviewed by Chris Fleizach.
1475
1476         The text node descendants of a modal dialog are ignored. Fixed it by using AccessibilityObject's 
1477         node() to determine if it's the descendant of the modal dialog node.
1478
1479         Test: accessibility/aria-modal-text-descendants.html
1480
1481         * accessibility/AccessibilityObject.cpp:
1482         (WebCore::AccessibilityObject::isModalDescendant const):
1483
1484 2018-05-11  Ryosuke Niwa  <rniwa@webkit.org>
1485
1486         Tapping after CSS-based table casues an infinite loop in wordRangeFromPosition
1487         https://bugs.webkit.org/show_bug.cgi?id=185465
1488         <rdar://problem/35263057>
1489
1490         Reviewed by Antti Koivisto.
1491
1492         The bug was caused by TextIterator not emitting a line break when exiting a CSS-based table when an element
1493         with `display: table-row` has an invisible text node. Specifically, TextIterator::exitNode is never called on
1494         an element with `table-cell: row` when m_node is a text node with whitespaces which appears after an element
1495         with `display: table-cell`.
1496
1497         For example, for a tree structure like:
1498         table-row (R)
1499           table-cell (C)
1500             "text" (1)
1501           " " (2)
1502         Getting out of (C) would result in moving onto (2) without generating a line break for (R).
1503
1504         When this happens in nextBoundary as it tries to find the end of the last word in the table cell, we end up
1505         finding the end of the document as the end of the word. As a result, nextWordBoundaryInDirection, the caller
1506         of nextBoundary, ends up infinite looping between the positon at the end of the document and the position
1507         immediately before the last word in the last table cell when it traverses words backwards.
1508
1509         This patch fixes the hang by addressing this root cause in TextIterator. Namely, TextIterator now generates
1510         a line break when exiting a block while walking up ancestors in TextIterator::advance().
1511
1512         Tests: editing/selection/tapping-in-table-at-end-of-document.html
1513                editing/text-iterator/table-at-end-of-document.html
1514
1515         * editing/TextIterator.cpp:
1516         (WebCore::TextIterator::advance): Fixed the bug.
1517         (WebCore::shouldEmitNewlineAfterNode): Do generate a new line at the end of a document when we're trying to
1518         generate every visible poitions even there are no renderers beyond this point. e.g. a position inside the
1519         last cell of a table at the end of a document hits this condition.
1520         (WebCore::shouldEmitExtraNewlineForNode): Don't emit a line break when the render box's height is 0px
1521         to avoid generating many empty lines for empty paragraph and header elements (this function is used to generate
1522         a blank line between p's and h1/h2/...'s).
1523         (WebCore::TextIterator::exitNode):
1524
1525 2018-05-11  Dean Jackson  <dino@apple.com>
1526
1527         System preview badge doesn't show on <picture> elements
1528         https://bugs.webkit.org/show_bug.cgi?id=185559
1529         <rdar://problem/40150066>
1530
1531         Reviewed by Tim Horton.
1532
1533         We should also identify <img>s that are the child of a <picture>
1534         contained inside the appropriate <a> element.
1535
1536         Tested internally, since the badge is platform specific.
1537
1538         * html/HTMLImageElement.cpp:
1539         (WebCore::HTMLImageElement::isSystemPreviewImage const): Add logic
1540         to look for <picture> parents.
1541
1542 2018-05-11  Chris Dumez  <cdumez@apple.com>
1543
1544         REGRESSION (async policy delegate): Revoking an object URL immediately after triggering download breaks file download
1545         https://bugs.webkit.org/show_bug.cgi?id=185531
1546         <rdar://problem/39909589>
1547
1548         Reviewed by Geoffrey Garen.
1549
1550         Whenever we start an asynchronous navigation policy decision for a blob URL, create a temporary
1551         blob URL pointing to the same data, and update the request's URL. This way, if the page's JS revokes
1552         the URL during the policy decision, the load will still succeed.
1553
1554         Test: fast/dom/HTMLAnchorElement/anchor-file-blob-download-then-revoke.html
1555
1556         * loader/DocumentLoader.cpp:
1557         (WebCore::DocumentLoader::willSendRequest):
1558         * loader/FrameLoader.cpp:
1559         (WebCore::FrameLoader::loadURL):
1560         (WebCore::FrameLoader::load):
1561         (WebCore::FrameLoader::loadPostRequest):
1562         * loader/PolicyChecker.cpp:
1563         (WebCore::PolicyChecker::extendBlobURLLifetimeIfNecessary const):
1564         (WebCore::PolicyChecker::checkNavigationPolicy):
1565         (WebCore::PolicyChecker::checkNewWindowPolicy):
1566         * loader/PolicyChecker.h:
1567
1568 2018-05-11  Antti Koivisto  <antti@apple.com>
1569
1570         LinkLoader fails to remove CachedResourceClient in some cases
1571         https://bugs.webkit.org/show_bug.cgi?id=185553
1572         <rdar://problem/36879656>
1573
1574         Reviewed by Geoffrey Garen.
1575
1576         Test: http/tests/preload/link-preload-client-remove.html
1577
1578         * loader/LinkLoader.cpp:
1579         (WebCore::LinkLoader::loadLink):
1580
1581         If there is a link preload already in progress, we fail to clear the client for the ongoing load.
1582         This may leave the CachedResource client map in a bad state.
1583
1584 2018-05-11  Charles Vazac  <cvazac@gmail.com>
1585
1586         Runtime feature flag for Server-Timing
1587         https://bugs.webkit.org/show_bug.cgi?id=184758
1588
1589         Reviewed by Youenn Fablet.
1590
1591         * Source/WebCore/CMakeLists.txt: Added reference to PerformanceServerTiming.idl.
1592         * Source/WebCore/DerivedSources.make: Added reference to PerformanceServerTiming.idl.
1593         * Source/WebCore/Sources.txt: Added reference to PerformanceServerTiming.cpp and JSPerformanceServerTiming.cpp.
1594         * Source/WebCore/WebCore.xcodeproj/project.pbxproj: Added references to PerformanceServerTiming.cpp, PerformanceServerTiming.h, and PerformanceServerTiming.idl.
1595         * Source/WebCore/bindings/js/WebCoreBuiltinNames.h: Added PerformanceServerTiming.
1596         * Source/WebCore/page/PerformanceResourceTiming.h: Added serverTiming member.
1597         * Source/WebCore/page/PerformanceResourceTiming.idl: Added serverTiming attribute.
1598         * Source/WebCore/page/PerformanceServerTiming.cpp: Added.
1599         * Source/WebCore/page/PerformanceServerTiming.h: Added.
1600         * Source/WebCore/page/PerformanceServerTiming.idl: Added.
1601
1602 2018-05-11  Brady Eidson  <beidson@apple.com>
1603
1604         Make sure history navigations reuse the existing process when necessary.
1605         <rdar://problem/39746516> and https://bugs.webkit.org/show_bug.cgi?id=185532
1606
1607         Reviewed by Ryosuke Niwa.
1608
1609         Covered by new API tests.
1610
1611         In WebCore-land, make sure *all* NavigationActions to a back/forward item are tagged with
1612         the item identifier.
1613
1614         * history/HistoryItem.cpp:
1615         (WebCore::HistoryItem::HistoryItem):
1616         (WebCore::HistoryItem::logString const):
1617         * history/HistoryItem.h:
1618
1619         * loader/FrameLoader.cpp:
1620         (WebCore::FrameLoader::loadDifferentDocumentItem):
1621
1622         * loader/NavigationAction.cpp:
1623         (WebCore::NavigationAction::setTargetBackForwardItem):
1624
1625         * loader/NavigationAction.h:
1626         (WebCore::NavigationAction::targetBackForwardItemIdentifier const):
1627
1628 2018-05-11  Yacine Bandou  <yacine.bandou_ext@softathome.com>
1629
1630         [EME][GStreamer] Handle the protection event in MediaPlayerPrivate
1631         https://bugs.webkit.org/show_bug.cgi?id=185535
1632
1633         Reviewed by Xabier Rodriguez-Calvar.
1634
1635         This patch is based on this calvaris's commit
1636         https://github.com/WebPlatformForEmbedded/WPEWebKit/commit/d966168b0d2b65f9ca9415426e26d3752c78b03e
1637
1638         It adds a handler for the protection event in MediaPalyerPrivateGStreamerBase, it extracts the InitData from the event
1639         and sends the encrypted event to JS via HTMLMediaElement.
1640         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
1641         (WebCore::MediaPlayerPrivateGStreamerBase::initializationDataEncountered):
1642         (WebCore::MediaPlayerPrivateGStreamerBase::handleProtectionEvent):
1643         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
1644         * platform/graphics/gstreamer/eme/GStreamerEMEUtilities.h: Add a new type InitData.
1645
1646 2018-05-11  Basuke Suzuki  <Basuke.Suzuki@sony.com>
1647
1648         [Curl] Make the cipher suites, the signing algorithms and the curve lists configurable.
1649         https://bugs.webkit.org/show_bug.cgi?id=185139
1650
1651         Add interface to configure the cipher suites, the signing algorithms and the curve lists 
1652         used by OpenSSL and libcurl to exchange, to sign or to verify keys.
1653
1654         Reviewed by Youenn Fablet.
1655
1656         No new tests in public. Have tested internally.
1657
1658         * platform/network/curl/CurlContext.cpp:
1659         (WebCore::CurlHandle::setSslCipherList):
1660         * platform/network/curl/CurlContext.h:
1661         * platform/network/curl/CurlRequest.cpp:
1662         (WebCore::CurlRequest::setupTransfer):
1663         (WebCore::CurlRequest::willSetupSslCtx):
1664         * platform/network/curl/CurlSSLHandle.cpp:
1665         (WebCore::CurlSSLHandle::getCACertPathEnv):
1666         * platform/network/curl/CurlSSLHandle.h:
1667         (WebCore::CurlSSLHandle::getCipherList const):
1668         (WebCore::CurlSSLHandle::getSignatureAlgorithmsList const):
1669         (WebCore::CurlSSLHandle::getCurvesList const):
1670         (WebCore::CurlSSLHandle::setCipherList):
1671         (WebCore::CurlSSLHandle::setSignatureAlgorithmsList):
1672         (WebCore::CurlSSLHandle::setCurvesList):
1673         (WebCore::CurlSSLHandle::getCACertPath const):
1674         (WebCore::CurlSSLHandle::setCACertPath):
1675         * platform/network/curl/CurlSSLVerifier.cpp:
1676         (WebCore::CurlSSLVerifier::CurlSSLVerifier):
1677
1678 2018-05-10  Daniel Bates  <dabates@apple.com>
1679
1680         Use PlatformStrategies to switch between WebKit and WebKitLegacy checking of CSP frame-ancestors and X-Frame-Options
1681         https://bugs.webkit.org/show_bug.cgi?id=185412
1682
1683         Reviewed by Ryosuke Niwa.
1684
1685         Consolidate the knowledge on how to determine whether security checks were performed on a ResourceResponse
1686         into LoaderStrategy::havePerformedSecurityChecks() (default implementation returns false) and query it
1687         to determine whether CSP frame-ancestors and X-Frame-Options need to be checked for a ResourceResponse.
1688
1689         Additionally, rename LoaderStrategy::isDoingLoadingSecurityChecks() to shouldPerformSecurityChecks()
1690         for consistency with havePerformedSecurityChecks(). Querying shouldPerformSecurityChecks() answers the
1691         question of whether the loader strategy is responsible for performing security checks when building up
1692         a ResourceRequest to have the loader strategy load. And LoaderStrategy::havePerformedSecurityChecks()
1693         is used to determine whether the loader strategy performed these security checks for a given ResourceResponse.
1694
1695         * inspector/agents/InspectorNetworkAgent.cpp:
1696         (WebCore::InspectorNetworkAgent::didReceiveResponse):
1697         (WebCore::InspectorNetworkAgent::didFinishLoading):
1698         (WebCore::isResponseProbablyComingFromNetworkProcess): Deleted.
1699         * loader/DocumentLoader.cpp:
1700         (WebCore::DocumentLoader::responseReceived):
1701         * loader/DocumentThreadableLoader.cpp:
1702         (WebCore::shouldPerformSecurityChecks):
1703         (WebCore::DocumentThreadableLoader::shouldSetHTTPHeadersToKeep const):
1704         (WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequest):
1705         (WebCore::DocumentThreadableLoader::makeSimpleCrossOriginAccessRequest):
1706         (WebCore::DocumentThreadableLoader::redirectReceived):
1707         (WebCore::DocumentThreadableLoader::didFail):
1708         (WebCore::DocumentThreadableLoader::loadRequest):
1709         (WebCore::isDoingSecurityChecksInNetworkProcess): Deleted.
1710         (WebCore::isResponseComingFromNetworkProcess): Deleted.
1711         * loader/LoaderStrategy.cpp:
1712         * loader/LoaderStrategy.h:
1713         * page/Settings.yaml: Remove setting networkProcessCSPFrameAncestorsCheckingEnabled as we now make
1714         use of the loader strategy to determine whether to perform CSP frame-ancestors and X-Frame-Options
1715         checking in DocumentLoader.
1716         * platform/network/ResourceResponseBase.h:
1717         (WebCore::ResourceResponseBase::setSource): Added an ASSERT to catch the programming error of setting
1718         source to ResourceResponse::Source::Unknown. This source type represents an uninitialized ResourceResponse.
1719
1720 2018-05-10  Tim Horton  <timothy_horton@apple.com>
1721
1722         Lookup sometimes shows a second yellow highlight on top of WebKit's TextIndicator
1723         https://bugs.webkit.org/show_bug.cgi?id=185538
1724         <rdar://problem/38817825>
1725
1726         Reviewed by Sam Weinig.
1727
1728         * editing/mac/DictionaryLookup.mm:
1729         (WebCore::showPopupOrCreateAnimationController):
1730         Options can be nil, in which case we can't mutableCopy it and add
1731         LUTermOptionDisableSearchTermIndicator. Instead, create a new dictionary,
1732         and add the items from options, if it's not nil.
1733
1734 2018-05-10  Matt Baker  <mattbaker@apple.com>
1735
1736         Web Inspector: ASSERT_NOT_REACHED in PageDebuggerAgent::didAddEventListener when page adds attribute event listener
1737         https://bugs.webkit.org/show_bug.cgi?id=181580
1738         <rdar://problem/36461309>
1739
1740         Reviewed by Brian Burg.
1741
1742         EventTarget should pass newly added EventListeners to InspectorInstrumentation,
1743         instead of PageDebuggerAgent assuming the last item in the EventListenerVector
1744         is the most recently added listener. This assumption does not hold when
1745         the new listener replaces an existing listener.
1746
1747         * dom/EventTarget.cpp:
1748         (WebCore::EventTarget::addEventListener):
1749         (WebCore::EventTarget::setAttributeEventListener):
1750
1751         * inspector/InspectorInstrumentation.cpp:
1752         (WebCore::InspectorInstrumentation::didAddEventListenerImpl):
1753
1754         * inspector/InspectorInstrumentation.h:
1755         (WebCore::InspectorInstrumentation::didAddEventListener):
1756
1757         * inspector/agents/page/PageDebuggerAgent.cpp:
1758         (WebCore::PageDebuggerAgent::didAddEventListener):
1759         * inspector/agents/page/PageDebuggerAgent.h:
1760
1761 2018-05-10  Chris Dumez  <cdumez@apple.com>
1762
1763         'Cross-Origin-Options header implementation follow-up
1764         https://bugs.webkit.org/show_bug.cgi?id=185520
1765
1766         Reviewed by Ryosuke Niwa.
1767
1768         * dom/Document.cpp:
1769         * dom/Document.h:
1770         * loader/FrameLoader.cpp:
1771         (WebCore::FrameLoader::didBeginDocument):
1772         Using isNull() check is sufficient here as the header parsing
1773         function will do the right thing when passed the empty string.
1774         Also set the options directly on the window instead of the
1775         document. The window is guaranteed to have been constructed
1776         by then because didBeginDocument() is called DocumentWriter::begin()
1777         which calls Document::createDOMWindow() or Document::takeDOMWindowFrom().
1778
1779         * page/AbstractDOMWindow.cpp:
1780         (WebCore::AbstractDOMWindow::AbstractDOMWindow):
1781         * page/AbstractDOMWindow.h:
1782         * page/DOMWindow.cpp:
1783         (WebCore::DOMWindow::DOMWindow):
1784         (WebCore::DOMWindow::didSecureTransitionTo):
1785         * page/RemoteDOMWindow.cpp:
1786         (WebCore::RemoteDOMWindow::RemoteDOMWindow):
1787         * page/RemoteDOMWindow.h:
1788         CrossOriginOptions are now stored only on the Window, not the Document.
1789
1790         * platform/network/HTTPParsers.cpp:
1791         (WebCore::parseCrossOriginOptionsHeader):
1792         Drop strippedHeader local variable as it is not strictly needed.
1793
1794 2018-05-10  Tim Horton  <timothy_horton@apple.com>
1795
1796         Fix the build after r231393
1797         https://bugs.webkit.org/show_bug.cgi?id=185519
1798         <rdar://problem/40131741>
1799
1800         Reviewed by Simon Fraser.
1801
1802         * Configurations/WebCore.xcconfig:
1803
1804 2018-05-10  Eric Carlson  <eric.carlson@apple.com>
1805
1806         Log missing cues correctly
1807         https://bugs.webkit.org/show_bug.cgi?id=185499
1808         <rdar://problem/40113821>
1809
1810         Reviewed by Daniel Bates.
1811
1812         No new tests, tested manually.
1813
1814         * html/track/InbandGenericTextTrack.cpp:
1815         (WebCore::InbandGenericTextTrack::removeGenericCue): Log the cue we searched for, not
1816         the NULL cue.
1817
1818 2018-05-10  Zalan Bujtas  <zalan@apple.com>
1819
1820         [LFC] Implement height computation for non-replaced inflow elements.
1821         https://bugs.webkit.org/show_bug.cgi?id=185474
1822
1823         Reviewed by Antti Koivisto.
1824
1825         Initial implementation. Does not cover all the cases.
1826
1827         * layout/FormattingContext.cpp:
1828         (WebCore::Layout::FormattingContext::computeHeight const):
1829         * layout/FormattingContext.h:
1830         * layout/blockformatting/BlockFormattingContext.cpp:
1831         (WebCore::Layout::BlockFormattingContext::layout const):
1832         (WebCore::Layout::BlockFormattingContext::computeInFlowHeight const):
1833         (WebCore::Layout::BlockFormattingContext::computeInFlowNonReplacedHeight const):
1834         * layout/blockformatting/BlockFormattingContext.h:
1835         * layout/blockformatting/BlockMarginCollapse.cpp:
1836         (WebCore::Layout::collapsedMarginBottomFromLastChild):
1837         (WebCore::Layout::BlockMarginCollapse::isMarginBottomCollapsedWithParent):
1838         (WebCore::Layout::BlockMarginCollapse::isMarginTopCollapsedWithParentMarginBottom):
1839         (WebCore::Layout::isMarginBottomCollapsedWithParent): Deleted.
1840         * layout/blockformatting/BlockMarginCollapse.h:
1841         * layout/inlineformatting/InlineFormattingContext.cpp:
1842         (WebCore::Layout::InlineFormattingContext::computeInFlowHeight const):
1843         * layout/inlineformatting/InlineFormattingContext.h:
1844         * layout/layouttree/LayoutBox.cpp:
1845         (WebCore::Layout::Box::isReplaced const):
1846         * layout/layouttree/LayoutBox.h:
1847
1848 2018-05-10  Thibault Saunier  <tsaunier@igalia.com>
1849
1850         [GTK] Implement ImageBuffer::toBGRAData
1851         https://bugs.webkit.org/show_bug.cgi?id=185511
1852
1853         Reviewed by Michael Catanzaro.
1854
1855         This was never implemented but will be required for the MediaStream API
1856         tests.
1857
1858         * platform/graphics/ImageBuffer.cpp:
1859         (WebCore::ImageBuffer::toBGRAData const):
1860         * platform/graphics/cg/ImageBufferCG.cpp:
1861         (WebCore::ImageBuffer::toBGRAData const):
1862         * platform/graphics/gtk/ImageBufferGtk.cpp:
1863         (WebCore::ImageBuffer::toBGRAData const):
1864
1865 2018-05-10  Yacine Bandou  <yacine.bandou_ext@softathome.com>
1866
1867         [EME][GStreamer] Add a handler for GStreamer protection event
1868         https://bugs.webkit.org/show_bug.cgi?id=185245
1869
1870         Reviewed by Xabier Rodriguez-Calvar.
1871
1872         Qtdemux sends the protection event when encountered a new PSSH box (encrypted content).
1873
1874         The Decryptor is moved from AppendPipeline to PlaybackPipeline (see https://bugs.webkit.org/show_bug.cgi?id=181855),
1875         thus the protection event is no longer handled because the Decryptor is not in the same pipeline as qtdemux.
1876
1877         AppendPipeline: httpsrc-->qtdemux-->appsink
1878         PlaybackPipeline: appsrc-->parser--> decryptor-->decoder-->sink
1879
1880         This patch attaches a probe to the sink pad of the appsink in the appendPipeline in order to
1881         catch and manage the protection event.
1882
1883         * platform/graphics/gstreamer/mse/AppendPipeline.cpp:
1884         (WebCore::AppendPipeline::AppendPipeline):
1885         (WebCore::AppendPipeline::~AppendPipeline):
1886         (WebCore::appendPipelineAppsinkPadEventProbe):
1887         * platform/graphics/gstreamer/mse/AppendPipeline.h:
1888         (WebCore::AppendPipeline::playerPrivate):
1889
1890 2018-05-10  Yacine Bandou  <yacine.bandou_ext@softathome.com>
1891
1892         [EME][GStreamer] Move the decryptor from AppendPipeline to PlaybackPipeline.
1893         https://bugs.webkit.org/show_bug.cgi?id=181855
1894
1895         Reviewed by Xabier Rodriguez-Calvar.
1896
1897         The goal of this move is to handle the limitation of SVP (Secure Video Path) memory size.
1898
1899         When the decryptor is in the AppendPipeline and we use SVP, we buffer in MediaSource queue
1900         the decrypted GstBuffers that are in SVP memory.
1901         This behavior cause an out-of-memory error, because we are limited in SVP memory size.
1902
1903         By moving the decryptor in PlaybackPipeline, we avoid to buffer the decrypted GstBuffers
1904         which use the SVP memory and we buffer the encrypted GstBuffers that are in system memory.
1905
1906         This new architecture also allows to start the buffering before obtaining the DRM license
1907         and it makes easier to manage dynamic change of the license or Key.
1908
1909         The decryptor is auto plugged by GStreamer playbin in PlaybackPipeline.
1910
1911         SVP: Secure Video Path also named trusted or protected video path, it is a memory which is
1912         protected by a hardware access control engine, it is not accessible to other unauthorised
1913         software or hardware components.
1914
1915         Tests:
1916             media/encrypted-media/clearKey/clearKey-cenc-audio-playback-mse.html
1917             media/encrypted-media/clearKey/clearKey-cenc-video-playback-mse.html
1918
1919         * platform/graphics/gstreamer/eme/WebKitCommonEncryptionDecryptorGStreamer.cpp:
1920         (webkitMediaCommonEncryptionDecryptSinkEventHandler):
1921         * platform/graphics/gstreamer/mse/AppendPipeline.cpp:
1922         (WebCore::dumpAppendState):
1923         (WebCore::AppendPipeline::AppendPipeline):
1924         (WebCore::AppendPipeline::handleNeedContextSyncMessage):
1925         (WebCore::AppendPipeline::handleAppsrcNeedDataReceived):
1926         (WebCore::AppendPipeline::setAppendState):
1927         (WebCore::AppendPipeline::parseDemuxerSrcPadCaps):
1928         (WebCore::AppendPipeline::appsinkNewSample):
1929         (WebCore::AppendPipeline::connectDemuxerSrcPadToAppsinkFromAnyThread):
1930         (WebCore::AppendPipeline::disconnectDemuxerSrcPadFromAppsinkFromAnyThread):
1931         (WebCore::appendPipelineElementMessageCallback): Deleted.
1932         (WebCore::AppendPipeline::handleElementMessage): Deleted.
1933         (WebCore::AppendPipeline::dispatchPendingDecryptionStructure): Deleted.
1934         (WebCore::AppendPipeline::dispatchDecryptionStructure): Deleted.
1935         * platform/graphics/gstreamer/mse/AppendPipeline.h:
1936         * platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:
1937         (WebCore::MediaPlayerPrivateGStreamerMSE::attemptToDecryptWithInstance):
1938         * platform/graphics/gstreamer/mse/PlaybackPipeline.cpp:
1939
1940 2018-05-09  Nan Wang  <n_wang@apple.com>
1941
1942         AX: VoiceOver iframe scrolling focus jumping bug
1943         https://bugs.webkit.org/show_bug.cgi?id=176615
1944         <rdar://problem/34333067>
1945
1946         Reviewed by Chris Fleizach.
1947
1948         Scrolling to make elements visible is not working correctly for elements inside an
1949         offscreen iframe. Fixed it by using RenderLayer::scrollRectToVisible() to handle
1950         scrolling more properly.
1951
1952         Test: accessibility/scroll-to-make-visible-iframe-offscreen.html
1953
1954         * accessibility/AccessibilityObject.cpp:
1955         (WebCore::AccessibilityObject::scrollToMakeVisible const):
1956
1957 2018-05-09  Joanmarie Diggs  <jdiggs@igalia.com>
1958
1959         AX: accessibleNameForNode should simplify whitespace when using innerText
1960         https://bugs.webkit.org/show_bug.cgi?id=185498
1961
1962         Reviewed by Chris Fleizach.
1963
1964         Test: accessibility/text-alternative-calculation-from-unrendered-table.html
1965
1966         Call simplifyWhiteSpace() before returning the innerText value.
1967
1968         * accessibility/AccessibilityNodeObject.cpp:
1969         (WebCore::accessibleNameForNode):
1970
1971 2018-05-09  Chris Dumez  <cdumez@apple.com>
1972
1973         Add initial support for 'Cross-Origin-Options' HTTP response header
1974         https://bugs.webkit.org/show_bug.cgi?id=184996
1975         <rdar://problem/39664620>
1976
1977         Reviewed by Geoff Garen.
1978
1979         Add initial support for 'Cross-Origin-Options' HTTP response header behind an experimental
1980         feature flag, on by default. When the HTTP server services this HTTP response header for a
1981         main resource, we'll set these options on the corresponding Document. This will impact the
1982         behavior of the Document's associated Window API when cross-origin.
1983
1984         The HTTP header has 3 possible values:
1985         - allow: This is the default. Regular cross-origin Window API is available.
1986         - allow-postmessage: Only postMessage() is available on a cross-origin window, trying to
1987           access anything else will throw a SecurityError.
1988         - deny: Trying to do anything with a cross-origin window will throw a SecurityError.
1989
1990         The header has no effect when accessing same origin windows.
1991
1992         Note that on cross-origin access from Window A to Window B, we check the cross-origin
1993         options for both Window A and Window B and use the lowest common denominator as effective
1994         cross-origin options for the access. So if Window A has 'Cross-Origin-Options: deny' and
1995         tries to call postMessage() on Window B which has 'Cross-Origin-Options: allow-postmessage',
1996         we will throw a SecurityError. This is because Window A's more restrictive options (deny)
1997         apply.
1998
1999         Tests: http/wpt/cross-origin-options/allow-postmessage-from-deny.html
2000                http/wpt/cross-origin-options/allow-postmessage.html
2001                http/wpt/cross-origin-options/cross-origin-options-header.html
2002
2003         * bindings/js/JSDOMBindingSecurity.cpp:
2004         (WebCore::BindingSecurity::shouldAllowAccessToDOMWindowGivenMinimumCrossOriginOptions):
2005         * bindings/js/JSDOMBindingSecurity.h:
2006         * bindings/js/JSDOMWindowCustom.cpp:
2007         (WebCore::effectiveCrossOriginOptionsForAccess):
2008         (WebCore::jsDOMWindowGetOwnPropertySlotRestrictedAccess):
2009         (WebCore::JSDOMWindow::getOwnPropertySlot):
2010         (WebCore::JSDOMWindow::getOwnPropertySlotByIndex):
2011         (WebCore::addCrossOriginWindowPropertyNames):
2012         (WebCore::addScopedChildrenIndexes):
2013         (WebCore::addCrossOriginWindowOwnPropertyNames):
2014         (WebCore::JSDOMWindow::getOwnPropertyNames):
2015         * bindings/js/JSDOMWindowCustom.h:
2016         * bindings/js/JSRemoteDOMWindowCustom.cpp:
2017         (WebCore::JSRemoteDOMWindow::getOwnPropertySlot):
2018         (WebCore::JSRemoteDOMWindow::getOwnPropertySlotByIndex):
2019         (WebCore::JSRemoteDOMWindow::getOwnPropertyNames):
2020         * bindings/scripts/CodeGeneratorJS.pm:
2021         (GenerateAttributeGetterBodyDefinition):
2022         (GetCrossOriginsOptionsFromExtendedAttributeValue):
2023         (GenerateAttributeSetterBodyDefinition):
2024         (GenerateOperationBodyDefinition):
2025         * bindings/scripts/IDLAttributes.json:
2026         * dom/Document.cpp:
2027         (WebCore::Document::setCrossOriginOptions):
2028         * dom/Document.h:
2029         (WebCore::Document::crossOriginOptions const):
2030         * loader/FrameLoader.cpp:
2031         (WebCore::FrameLoader::didBeginDocument):
2032         * page/AbstractDOMWindow.cpp:
2033         (WebCore::AbstractDOMWindow::AbstractDOMWindow):
2034         * page/AbstractDOMWindow.h:
2035         (WebCore::AbstractDOMWindow::crossOriginOptions):
2036         (WebCore::AbstractDOMWindow::setCrossOriginOptions):
2037         * page/DOMWindow.cpp:
2038         (WebCore::DOMWindow::DOMWindow):
2039         (WebCore::DOMWindow::didSecureTransitionTo):
2040         * page/DOMWindow.idl:
2041         * page/Frame.h:
2042         * page/RemoteDOMWindow.cpp:
2043         (WebCore::RemoteDOMWindow::RemoteDOMWindow):
2044         * page/RemoteDOMWindow.h:
2045         * page/Settings.yaml:
2046         * platform/network/HTTPHeaderNames.in:
2047         * platform/network/HTTPParsers.cpp:
2048         (WebCore::parseCrossOriginOptionsHeader):
2049         * platform/network/HTTPParsers.h:
2050
2051 2018-05-09  Ryosuke Niwa  <rniwa@webkit.org>
2052
2053         Release assert in TreeScopeOrderedMap::remove via HTMLImageElement::removedFromAncestor
2054         https://bugs.webkit.org/show_bug.cgi?id=185493
2055
2056         Reviewed by Brent Fulgham.
2057
2058         Fixed the bug that HTMLImageElement::removedFromAncestor and HTMLMapElement::removedFromAncestor
2059         were calling removeImageElementByUsemap on the document instead of the shadow tree from which it was removed.
2060
2061         Test: fast/images/imagemap-in-shadow-tree-removed.html
2062
2063         * html/HTMLImageElement.cpp:
2064         (WebCore::HTMLImageElement::removedFromAncestor):
2065         * html/HTMLMapElement.cpp:
2066         (WebCore::HTMLMapElement::removedFromAncestor):
2067
2068 2018-05-09  Joanmarie Diggs  <jdiggs@igalia.com>
2069
2070         AX: Hidden nodes which are not directly referenced should not participate name/description from content
2071         https://bugs.webkit.org/show_bug.cgi?id=185478
2072
2073         Reviewed by Chris Fleizach.
2074
2075         Add a check to AccessibilityNodeObject::textUnderElement() and return early
2076         if the node is hidden, not referenced by aria-labelledby or aria-describedby,
2077         not an HTMLLabelElement, and not fallback content for an HTMLCanvasElement.
2078
2079         Test: accessibility/text-alternative-calculation-hidden-nodes.html
2080
2081         * accessibility/AccessibilityNodeObject.cpp:
2082         (WebCore::AccessibilityNodeObject::textUnderElement const):
2083
2084 2018-05-09  Eric Carlson  <eric.carlson@apple.com>
2085
2086         Update MediaSession to use release logging
2087         https://bugs.webkit.org/show_bug.cgi?id=185376
2088         <rdar://problem/40022203>
2089
2090         Reviewed by Youenn Fablet.
2091
2092         No new tests, tested manually.
2093
2094         * Modules/mediastream/MediaStream.h: hostingDocument() doesn't need to return a const Document.
2095         * Modules/webaudio/AudioContext.cpp:
2096         (WebCore::AudioContext::hostingDocument const): Ditto.
2097         * Modules/webaudio/AudioContext.h:
2098
2099         * html/HTMLMediaElement.h: Ditto.
2100
2101         * html/MediaElementSession.cpp:
2102         (WebCore::MediaElementSession::MediaElementSession):
2103         (WebCore::MediaElementSession::addBehaviorRestriction):
2104         (WebCore::MediaElementSession::removeBehaviorRestriction):
2105         (WebCore::MediaElementSession::dataLoadingPermitted const):
2106         (WebCore::MediaElementSession::fullscreenPermitted const):
2107         (WebCore::MediaElementSession::pageAllowsDataLoading const):
2108         (WebCore::MediaElementSession::pageAllowsPlaybackAfterResuming const):
2109         (WebCore::MediaElementSession::canShowControlsManager const):
2110         (WebCore::MediaElementSession::showPlaybackTargetPicker):
2111         (WebCore::MediaElementSession::hasWirelessPlaybackTargets const):
2112         (WebCore::MediaElementSession::wirelessVideoPlaybackDisabled const):
2113         (WebCore::MediaElementSession::setWirelessVideoPlaybackDisabled):
2114         (WebCore::MediaElementSession::setHasPlaybackTargetAvailabilityListeners):
2115         (WebCore::MediaElementSession::externalOutputDeviceAvailableDidChange):
2116         (WebCore::MediaElementSession::setShouldPlayToPlaybackTarget):
2117         (WebCore::MediaElementSession::mediaEngineUpdated):
2118         (WebCore::MediaElementSession::willLog const): Deleted.
2119         (WebCore::MediaElementSession::logger const): Deleted.
2120         (WebCore::MediaElementSession::logIdentifier const): Deleted.
2121         (WebCore::MediaElementSession::logChannel const): Deleted.
2122         * html/MediaElementSession.h:
2123
2124         * platform/audio/PlatformMediaSession.cpp:
2125         (WebCore::nextLogIdentifier):
2126         (WebCore::convertEnumerationToString):
2127         (WebCore::PlatformMediaSession::PlatformMediaSession):
2128         (WebCore::PlatformMediaSession::setState):
2129         (WebCore::PlatformMediaSession::beginInterruption):
2130         (WebCore::PlatformMediaSession::endInterruption):
2131         (WebCore::PlatformMediaSession::clientWillBeginAutoplaying):
2132         (WebCore::PlatformMediaSession::clientWillPausePlayback):
2133         (WebCore::PlatformMediaSession::pauseSession):
2134         (WebCore::PlatformMediaSession::stopSession):
2135         (WebCore::PlatformMediaSession::clientDataBufferingTimerFired):
2136         (WebCore::PlatformMediaSession::logChannel const):
2137         (WebCore::stateName): Deleted.
2138         (WebCore::interruptionName): Deleted.
2139         * platform/audio/PlatformMediaSession.h:
2140         (WTF::LogArgument<WebCore::PlatformMediaSession::State>::toString):
2141         (WTF::LogArgument<WebCore::PlatformMediaSession::InterruptionType>::toString):
2142
2143 2018-05-09  Thibault Saunier  <tsaunier@igalia.com>
2144
2145         [GStreamer] Never call updateTracks if running on legacy pipeline
2146         https://bugs.webkit.org/show_bug.cgi?id=184581
2147
2148         This makes sure failling code path is never reached in the conditions where it should not have been reached.
2149
2150         Reviewed by Philippe Normand.
2151
2152         Re enables all tests that were disabled after fixing.
2153
2154         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
2155         (WebCore::MediaPlayerPrivateGStreamer::handleMessage):
2156
2157 2018-05-09  Daniel Bates  <dabates@apple.com>
2158
2159         REGRESSION (r231479): http/tests/appcache/x-frame-options-prevents-framing.php is timing out
2160         https://bugs.webkit.org/show_bug.cgi?id=185443
2161         <rdar://problem/40100660>
2162
2163         Reviewed by Andy Estes.
2164
2165         Following r231479 when using WebKit2 and Restricted HTTP Response Access is enabled (enabled in
2166         WebKitTestRunner) we only check the CSP frame-ancestors directive and X-Frame-Options in
2167         NetworkProcess. We need to check these security requirements in WebContent process whenever
2168         we are performing a substitute data load, such as for app cache, as these loads do not go
2169         through NetworkProcess.
2170
2171         * loader/DocumentLoader.cpp:
2172         (WebCore::DocumentLoader::responseReceived):
2173
2174 2018-05-09  Justin Fan  <justin_fan@apple.com>
2175
2176         Hooked up ASTC support in WebGL; requires OpenGL ES 3 context to work. 
2177         https://bugs.webkit.org/show_bug.cgi?id=185272
2178         <rdar://problem/15745737>
2179
2180         Reviewed by Dean Jackson.
2181
2182         Also added in Khronos' ASTC test from version 1.0.4 beta of their conformance test suite,
2183         although again, this requires OpenGL ES 3 context for WebKit to detect proper support.
2184
2185         Test: fast/canvas/webgl/webgl-compressed-texture-astc.html
2186
2187         * DerivedSources.make:
2188         * Sources.txt:
2189         * WebCore.xcodeproj/project.pbxproj:
2190         * bindings/js/JSDOMConvertWebGL.cpp:
2191         (WebCore::convertToJSValue):
2192         * html/canvas/WebGL2RenderingContext.cpp:
2193         (WebCore::WebGL2RenderingContext::getExtension):
2194         (WebCore::WebGL2RenderingContext::getSupportedExtensions):
2195         * html/canvas/WebGLCompressedTextureASTC.cpp: Added.
2196         (WebCore::WebGLCompressedTextureASTC::WebGLCompressedTextureASTC):
2197         (WebCore::WebGLCompressedTextureASTC::getName const):
2198         (WebCore::WebGLCompressedTextureASTC::supported):
2199         (WebCore::WebGLCompressedTextureASTC::getSupportedProfiles):
2200         * html/canvas/WebGLCompressedTextureASTC.h: Added.
2201         * html/canvas/WebGLCompressedTextureASTC.idl: Added.
2202         * html/canvas/WebGLExtension.h:
2203         * html/canvas/WebGLRenderingContext.cpp:
2204         (WebCore::WebGLRenderingContext::getExtension):
2205         (WebCore::WebGLRenderingContext::getSupportedExtensions):
2206         * html/canvas/WebGLRenderingContextBase.cpp:
2207         (WebCore::WebGLRenderingContextBase::validateCompressedTexFuncData):
2208         (WebCore::WebGLRenderingContextBase::validateCompressedTexDimensions):
2209         * html/canvas/WebGLRenderingContextBase.h:
2210         * platform/graphics/Extensions3D.h:
2211
2212 2018-05-09  Youenn Fablet  <youenn@apple.com>
2213
2214         Allow WebResourceLoader to cancel a load served from a service worker
2215         https://bugs.webkit.org/show_bug.cgi?id=185274
2216
2217         Reviewed by Chris Dumez.
2218
2219         Add support for cancelling a fetch from WebProcess to service worker process.
2220         Use FetchIdentifier instead of uint64_t.
2221
2222         * Modules/fetch/FetchIdentifier.h: Added.
2223         * WebCore.xcodeproj/project.pbxproj:
2224         * workers/service/context/ServiceWorkerFetch.h:
2225         * workers/service/context/ServiceWorkerThreadProxy.cpp:
2226         (WebCore::ServiceWorkerThreadProxy::startFetch):
2227         (WebCore::ServiceWorkerThreadProxy::cancelFetch):
2228         * workers/service/context/ServiceWorkerThreadProxy.h:
2229
2230 2018-05-09  Thibault Saunier  <tsaunier@igalia.com>
2231
2232         [GStreamer] Fix style issue in MediaPlayerPrivateGStreamer
2233         https://bugs.webkit.org/show_bug.cgi?id=185479
2234
2235         Reviewed by Philippe Normand.
2236
2237         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:114:  Multi line control clauses should use braces.  [whitespace/braces] [4]
2238         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:194:  Multi line control clauses should use braces.  [whitespace/braces] [4]
2239         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:398:  One line control clauses should not use braces.  [whitespace/braces] [4]
2240         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:440:  One line control clauses should not use braces.  [whitespace/braces] [4]
2241         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:806:  More than one command on the same line  [whitespace/newline] [4]
2242         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:869:  More than one command on the same line  [whitespace/newline] [4]
2243         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:880:  More than one command on the same line  [whitespace/newline] [4]
2244         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:940:  More than one command on the same line  [whitespace/newline] [4]
2245         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:1102:  Multi line control clauses should use braces.  [whitespace/braces] [4]
2246         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:1109:  Multi line control clauses should use braces.  [whitespace/braces] [4]
2247
2248         Indentation and style issue fixed only.
2249
2250         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
2251         (WebCore::MediaPlayerPrivateGStreamer::registerMediaEngine):
2252         (WebCore::MediaPlayerPrivateGStreamer::~MediaPlayerPrivateGStreamer):
2253         (WebCore::MediaPlayerPrivateGStreamer::changePipelineState):
2254         (WebCore::MediaPlayerPrivateGStreamer::play):
2255         (WebCore::MediaPlayerPrivateGStreamer::videoChangedCallback):
2256         (WebCore::MediaPlayerPrivateGStreamer::videoSinkCapsChangedCallback):
2257         (WebCore::MediaPlayerPrivateGStreamer::audioChangedCallback):
2258         (WebCore::MediaPlayerPrivateGStreamer::textChangedCallback):
2259         (WebCore::MediaPlayerPrivateGStreamer::buffered const):
2260         (WebCore::MediaPlayerPrivateGStreamer::loadNextLocation):
2261
2262 2018-05-09  Daniel Bates  <dabates@apple.com>
2263
2264         REGRESSION (r231479): com.apple.WebCore crash in WebCore::DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied()
2265         https://bugs.webkit.org/show_bug.cgi?id=185475
2266         <rdar://problem/40093853>
2267
2268         Reviewed by Andy Estes.
2269
2270         DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() must extends its lifetime
2271         until completion as dispatching a DOM load event at the associated frame can cause JavaScript execution
2272         that can do anything, including destroying the loader that dispatched the event.
2273
2274         Following r231479 DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() is now
2275         invoked by both DocumentLoader::responseReceived() and WebResourceLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied().
2276         The latter only can happen when using WebKit2 and the experimental feature Restricted HTTP Response Access
2277         is enabled (RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess()). Unlike DocumentLoader::responseReceived()
2278         WebResourceLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() does not take out a ref
2279         on the DocumentLoader before invoking DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied().
2280         Therefore, DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() can cause its
2281         own destruction as a result of dispatching a DOM load event at the frame. We should take out a ref on
2282         the DocumentLoader when executing DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied().
2283
2284         * loader/DocumentLoader.cpp:
2285         (WebCore::DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied):
2286
2287 2018-05-09  Tim Horton  <timothy_horton@apple.com>
2288
2289         Fix the build by ignoring some deprecation warnings
2290
2291         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
2292         (WebCore::MediaPlayerPrivateAVFoundationObjC::setShouldDisableSleep):
2293
2294 2018-05-09  Michael Catanzaro  <mcatanzaro@igalia.com>
2295
2296         [WPE] Build cleanly with GCC 8 and ICU 60
2297         https://bugs.webkit.org/show_bug.cgi?id=185462
2298
2299         Reviewed by Carlos Alberto Lopez Perez.
2300
2301         * PlatformGTK.cmake: Include directories are in the wrong place.
2302         * accessibility/AXObjectCache.cpp: Silence -Wclass-memaccess problems and leave warnings.
2303         (WebCore::AXObjectCache::startOrEndTextMarkerDataForRange):
2304         (WebCore::AXObjectCache::textMarkerDataForCharacterOffset):
2305         (WebCore::AXObjectCache::textMarkerDataForVisiblePosition):
2306         (WebCore::AXObjectCache::textMarkerDataForFirstPositionInTextControl):
2307         * css/CSSFontFace.cpp: Silence -Wfallthrough
2308         (WebCore::CSSFontFace::fontLoadTiming const):
2309         * css/CSSSelectorList.cpp: Silence -Wclass-memaccess, this one is intentional.
2310         (WebCore::CSSSelectorList::adoptSelectorVector):
2311         * editing/TextIterator.cpp: Silence ICU deprecation warnings.
2312         * platform/Length.h:
2313         (WebCore::Length::operator=): More -Wclass-memaccess, looks benign.
2314         * platform/graphics/Gradient.cpp:
2315         (WebCore::Gradient::hash const): -Wclass-memaccess again. Leave a warning.
2316         * platform/graphics/SurrogatePairAwareTextIterator.cpp: Silence ICU deprecation warnings.
2317         * platform/graphics/cairo/FontCairoHarfbuzzNG.cpp:
2318         (WebCore::FontCascade::fontForCombiningCharacterSequence const): Silence ICU deprecation.
2319         * platform/graphics/freetype/FontCustomPlatformDataFreeType.cpp:
2320         (WebCore::FontCustomPlatformData::FontCustomPlatformData): Silence -Wcast-function-type.
2321         * platform/graphics/freetype/SimpleFontDataFreeType.cpp:
2322         (WebCore::Font::canRenderCombiningCharacterSequence const): Silence ICU deprecation.
2323         * platform/graphics/gstreamer/GstAllocatorFastMalloc.cpp:
2324         (gstAllocatorFastMallocMemUnmap): Fix -Wcast-function-type.
2325         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
2326         (WebCore::MediaPlayerPrivateGStreamer::updateTracks): Fix bad printf.
2327         (WebCore::MediaPlayerPrivateGStreamer::enableTrack): Another bad printf.
2328         (WebCore::findHLSQueue): Fix -Wcast-function-type.
2329         * platform/graphics/gstreamer/eme/WebKitClearKeyDecryptorGStreamer.cpp:
2330         (webKitMediaClearKeyDecryptorDecrypt): Fix another bad printf.
2331         * platform/network/soup/SocketStreamHandleImplSoup.cpp: Silence -Wcast-function-type.
2332         (WebCore::SocketStreamHandleImpl::beginWaitingForSocketWritability):
2333         * platform/text/TextEncoding.cpp: Silence ICU deprecration.
2334
2335 2018-05-08  Simon Fraser  <simon.fraser@apple.com>
2336
2337         SVG lighting colors need to be converted into linearSRGB
2338         https://bugs.webkit.org/show_bug.cgi?id=181196
2339
2340         Reviewed by Darin Adler.
2341
2342         Address post-commit comments. Don't make a Color that contains linearRGB components,
2343         but use FloatComponents instead. Since these FloatComponents are in the 0-1 range,
2344         FELighting::setPixelInternal() needs to multiply by 255 since the output pixels are
2345         8-bit 0-255.
2346         
2347         Change linearToSRGBColorComponent() and sRGBToLinearColorComponent() to do math in
2348         floats without promoting to doubles.
2349
2350         * platform/graphics/ColorUtilities.cpp:
2351         (WebCore::FloatComponents::FloatComponents):
2352         (WebCore::linearToSRGBColorComponent):
2353         (WebCore::sRGBToLinearColorComponent):
2354         (WebCore::sRGBColorToLinearComponents):
2355         (WebCore::linearToSRGBColor): Deleted.
2356         (WebCore::sRGBToLinearColor): Deleted.
2357         * platform/graphics/ColorUtilities.h:
2358         * platform/graphics/filters/FELighting.cpp:
2359         (WebCore::FELighting::setPixelInternal):
2360         (WebCore::FELighting::drawLighting):
2361
2362 2018-05-09  Timothy Hatcher  <timothy@apple.com>
2363
2364         Use StyleColor::Options in more places.
2365
2366         https://bugs.webkit.org/show_bug.cgi?id=185458
2367         rdar://problem/39853798
2368
2369         Add UseDefaultAppearance to StyleColor::Options, to avoid passing yet another
2370         boolean on some of these functions.
2371
2372         Reviewed by Tim Horton.
2373
2374         * css/MediaQueryEvaluator.cpp:
2375         * css/StyleColor.h:
2376         * dom/Document.cpp:
2377         (WebCore::Document::useDefaultAppearance const):
2378         (WebCore::Document::styleColorOptions const):
2379         * dom/Document.h:
2380         * platform/Theme.cpp:
2381         (WebCore::Theme::paint):
2382         * platform/Theme.h:
2383         * platform/mac/LocalDefaultSystemAppearance.h:
2384         * platform/mac/LocalDefaultSystemAppearance.mm:
2385         (WebCore::LocalDefaultSystemAppearance::LocalDefaultSystemAppearance):
2386         (WebCore::LocalDefaultSystemAppearance::~LocalDefaultSystemAppearance):
2387         * platform/mac/ThemeMac.h:
2388         * platform/mac/ThemeMac.mm:
2389         (WebCore::paintToggleButton):
2390         (WebCore::paintButton):
2391         (WebCore::ThemeMac::ensuredView):
2392         (WebCore::ThemeMac::drawCellOrFocusRingWithViewIntoContext):
2393         (WebCore::ThemeMac::paint):
2394         (-[WebCoreThemeView initWithUseSystemAppearance:]): Deleted.
2395         * platform/wpe/ThemeWPE.cpp:
2396         (WebCore::ThemeWPE::paint):
2397         * platform/wpe/ThemeWPE.h:
2398         * rendering/RenderListBox.cpp:
2399         (WebCore::RenderListBox::paintItemBackground):
2400         * rendering/RenderTheme.cpp:
2401         (WebCore::RenderTheme::paint):
2402         (WebCore::RenderTheme::inactiveListBoxSelectionBackgroundColor const):
2403         (WebCore::RenderTheme::platformInactiveListBoxSelectionBackgroundColor const):
2404         * rendering/RenderTheme.h:
2405         * rendering/RenderThemeGtk.cpp:
2406         (WebCore::RenderThemeGtk::platformInactiveListBoxSelectionBackgroundColor const):
2407         * rendering/RenderThemeGtk.h:
2408         * rendering/RenderThemeMac.h:
2409         * rendering/RenderThemeMac.mm:
2410         (WebCore::RenderThemeMac::documentViewFor const):
2411         (WebCore::RenderThemeMac::platformInactiveListBoxSelectionBackgroundColor const):
2412         (WebCore::RenderThemeMac::systemColor const):
2413         (WebCore::RenderThemeMac::paintCellAndSetFocusedElementNeedsRepaintIfNecessary):
2414         (WebCore::RenderThemeMac::paintSliderThumb):
2415
2416 2018-05-09  Yacine Bandou  <yacine.bandou_ext@softathome.com>
2417
2418         [EME][GStreamer] Crash when the mediaKeys are created before loading the media in debug conf
2419         https://bugs.webkit.org/show_bug.cgi?id=185244
2420
2421         Reviewed by Xabier Rodriguez-Calvar.
2422
2423         The function "MediaPlayerPrivateGStreamerBase::cdmInstanceAttached" is expected to be called once,
2424         so there is an ASSERT(!m_cdmInstance).
2425         But when the MediaKeys are created before loading the media, the cdminstance is created and attached
2426         to the MediaPlayerPrivate via "MediaPlayerPrivateGStreamerBase::cdmInstanceAttached" before loading
2427         the media, then when the media is loading, the function "MediaPlayerPrivateGStreamerBase::cdmInstanceAttached"
2428         will be called several times via the function "mediaEngineWasUpdated" wich is called for each change
2429         in the MediaElement state, thus the WebProcess crashes in the ASSERT(!m_cdmInstance).
2430
2431         This commit avoid the crash by replacing the assert with a simple check.
2432
2433         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
2434         (WebCore::MediaPlayerPrivateGStreamerBase::cdmInstanceAttached):
2435         (WebCore::MediaPlayerPrivateGStreamerBase::cdmInstanceDetached):
2436
2437 2018-05-09  Antti Koivisto  <antti@apple.com>
2438
2439         Add OptionSet::operator& and operator bool
2440         https://bugs.webkit.org/show_bug.cgi?id=185306
2441
2442         Reviewed by Anders Carlsson.
2443
2444         Use it in a few places.
2445
2446         * loader/FrameLoader.cpp:
2447         (WebCore::FrameLoader::reload):
2448         * rendering/RenderLayerCompositor.cpp:
2449         (WebCore::RenderLayerCompositor::logReasonsForCompositing):
2450         (WebCore::RenderLayerCompositor::updateScrollCoordinatedLayer):
2451
2452 2018-05-08  Dean Jackson  <dino@apple.com>
2453
2454         Disable system preview link fetching
2455         https://bugs.webkit.org/show_bug.cgi?id=185463
2456
2457         Reviewed by Jon Lee.
2458
2459         Temporarily disable system preview detection when a link
2460         is clicked.
2461
2462         * html/HTMLAnchorElement.cpp:
2463         (WebCore::HTMLAnchorElement::handleClick):
2464
2465 2018-05-08  Wenson Hsieh  <wenson_hsieh@apple.com>
2466
2467         Unreviewed, fix the internal iOS build
2468
2469         Add a missing import statement in an implementation file.
2470
2471         * editing/cocoa/WebContentReaderCocoa.mm:
2472
2473 2018-05-08  Ryan Haddad  <ryanhaddad@apple.com>
2474
2475         Unreviewed, rolling out r231486.
2476
2477         Caused service worker LayoutTest failures on macOS Debug WK2.
2478
2479         Reverted changeset:
2480
2481         "Allow WebResourceLoader to cancel a load served from a
2482         service worker"
2483         https://bugs.webkit.org/show_bug.cgi?id=185274
2484         https://trac.webkit.org/changeset/231486
2485
2486 2018-05-08  Wenson Hsieh  <wenson_hsieh@apple.com>
2487
2488         Consolidate WebContentReaderIOS and WebContentReaderMac into WebContentReaderCocoa
2489         https://bugs.webkit.org/show_bug.cgi?id=185340
2490
2491         Reviewed by Tim Horton.
2492
2493         WebContentReader::readURL is currently the only method implemented separately in iOS and macOS platform
2494         WebContentReader files. The implementation across macOS and iOS is nearly identical (with some exceptions with
2495         the way iOS handles file URLs and plain text editing), so we can merge these into a single method
2496         WebContentReaderCocoa and delete WebContentReaderIOS and WebContentReaderMac.
2497
2498         This also has the added bonus of fixing a latent bug in WebContentReaderMac, wherein URLs written to the
2499         pasteboard using -[NSPasteboard writeObjects:] are currently pasted as empty anchor elements. In this case, the
2500         link title isn't made explicit, so the `title` passed in to WebContentReader::readURL is empty. On iOS, we have
2501         code to fall back to pasting the absolute string of the URL if the title is empty, but on macOS, we'll just use
2502         this empty string as the title of the anchor.
2503
2504         Test: PasteMixedContent.PasteURLWrittenToPasteboardUsingWriteObjects
2505
2506         * SourcesCocoa.txt:
2507         * WebCore.xcodeproj/project.pbxproj:
2508         * editing/cocoa/WebContentReaderCocoa.mm:
2509         (WebCore::WebContentReader::readURL):
2510         * editing/ios/WebContentReaderIOS.mm: Removed.
2511         * editing/mac/WebContentReaderMac.mm: Removed.
2512
2513 2018-05-08  Zalan Bujtas  <zalan@apple.com>
2514
2515         [Simple line layout] Cache run resolver.
2516         https://bugs.webkit.org/show_bug.cgi?id=185411
2517
2518         Reviewed by Antti Koivisto.
2519
2520         This patch caches the run resolver on the [SimpleLine]Layout object. 
2521         In certain cases, when the block container has thousands of elements (foobar1<br>foobar2<br>.....foobar9999<br>),
2522         constructing the resolver (and its dependencies) in a repeating fashion could hang the WebProcess.
2523
2524         Covered by existing tests.
2525
2526         * rendering/SimpleLineLayout.cpp:
2527         (WebCore::SimpleLineLayout::create):
2528         (WebCore::SimpleLineLayout::Layout::create):
2529         (WebCore::SimpleLineLayout::Layout::Layout):
2530         * rendering/SimpleLineLayout.h:
2531         (WebCore::SimpleLineLayout::Layout::runResolver const):
2532         * rendering/SimpleLineLayoutFunctions.cpp:
2533         (WebCore::SimpleLineLayout::paintFlow):
2534         (WebCore::SimpleLineLayout::hitTestFlow):
2535         (WebCore::SimpleLineLayout::collectFlowOverflow):
2536         (WebCore::SimpleLineLayout::computeBoundingBox):
2537         (WebCore::SimpleLineLayout::computeFirstRunLocation):
2538         (WebCore::SimpleLineLayout::collectAbsoluteRects):
2539         (WebCore::SimpleLineLayout::collectAbsoluteQuads):
2540         (WebCore::SimpleLineLayout::textOffsetForPoint):
2541         (WebCore::SimpleLineLayout::collectAbsoluteQuadsForRange):
2542         (WebCore::SimpleLineLayout::generateLineBoxTree):
2543         * rendering/SimpleLineLayoutResolver.cpp:
2544         (WebCore::SimpleLineLayout::LineResolver::LineResolver):
2545         * rendering/SimpleLineLayoutResolver.h:
2546         (WebCore::SimpleLineLayout::lineResolver):
2547
2548 2018-05-08  Brent Fulgham  <bfulgham@apple.com>
2549
2550         Switch some RELEASE_ASSERTS to plain debug ASSERTS in PlatformScreenMac.mm
2551         https://bugs.webkit.org/show_bug.cgi?id=185451
2552         <rdar://problem/39620348>
2553
2554         Reviewed by Zalan Bujtas.
2555
2556         Change a set of RELEASE_ASSERTS used to prevent accessing NSScreen related functions in the
2557         PlatformScreenMac implementation to less expensive Debug ASSERTS.
2558
2559         No change in behavior.
2560
2561         * platform/mac/PlatformScreenMac.mm:
2562         (WebCore::screenHasInvertedColors):
2563         (WebCore::screenDepth):
2564         (WebCore::screenDepthPerComponent):
2565         (WebCore::screenRectForDisplay):
2566         (WebCore::screenRect):
2567         (WebCore::screenAvailableRect):
2568         (WebCore::screenColorSpace):
2569         (WebCore::screenSupportsExtendedColor):
2570
2571 2018-05-08  Daniel Bates  <dabates@apple.com>
2572
2573         Resign Strong Password appearance when text field value changes
2574         https://bugs.webkit.org/show_bug.cgi?id=185433
2575         <rdar://problem/39958508>
2576
2577         Reviewed by Ryosuke Niwa.
2578
2579         Remove the Strong Password decoration when the text field's value changes to avoid interfering
2580         with web sites that allow a person to clear the password field.
2581
2582         Tests: fast/forms/auto-fill-button/auto-fill-strong-password-button-when-maxlength-changes.html
2583                fast/forms/auto-fill-button/auto-fill-strong-password-button-when-minlength-changes.html
2584                fast/forms/auto-fill-button/hide-auto-fill-strong-password-button-when-value-changes.html
2585
2586         * html/HTMLInputElement.cpp:
2587         (WebCore::HTMLInputElement::resignStrongPasswordAppearance): Extracted from HTMLInputElement::updateType().
2588         (WebCore::HTMLInputElement::updateType): Extract out logic to resign the Strong Password appearance
2589         into a function that can be shared by this function and HTMLInputElement::setValue().
2590         (WebCore::HTMLInputElement::setValue): Resign the Strong Password appearance if this field was
2591         changed programmatically (i.e. no DOM change event was dispatched).
2592         * html/HTMLInputElement.h:
2593
2594 2018-05-08  Jer Noble  <jer.noble@apple.com>
2595
2596         Unreviewed build fix; add missing function definition.
2597
2598         * html/HTMLMediaElement.h:
2599         (WebCore::HTMLMediaElement::didPassCORSAccessCheck const):
2600
2601 2018-05-08  Jer Noble  <jer.noble@apple.com>
2602
2603         Mute MediaElementSourceNode when tainted.
2604         https://bugs.webkit.org/show_bug.cgi?id=184866
2605
2606         Reviewed by Eric Carlson.
2607
2608         Test: http/tests/security/webaudio-render-remote-audio-blocked-no-crossorigin.html
2609
2610         * Modules/webaudio/AudioContext.cpp:
2611         (WebCore::AudioContext::wouldTaintOrigin const):
2612         * Modules/webaudio/AudioContext.h:
2613         * Modules/webaudio/MediaElementAudioSourceNode.cpp:
2614         (WebCore::MediaElementAudioSourceNode::setFormat):
2615         (WebCore::MediaElementAudioSourceNode::wouldTaintOrigin):
2616         (WebCore::MediaElementAudioSourceNode::process):
2617         * Modules/webaudio/MediaElementAudioSourceNode.h:
2618
2619 2018-05-08  Eric Carlson  <eric.carlson@apple.com>
2620
2621         Log rtcstats as JSON
2622         https://bugs.webkit.org/show_bug.cgi?id=185437
2623         <rdar://problem/40065332>
2624
2625         Reviewed by Youenn Fablet.
2626
2627         * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
2628         (WebCore::RTCStatsLogger::RTCStatsLogger): Create a wrapper class so we don't have to add a
2629         toJSONString method to libwebrtc.
2630         (WebCore::RTCStatsLogger::toJSONString const): Log stats as JSON.
2631         (WebCore::LibWebRTCMediaEndpoint::OnStatsDelivered): Don't use the LOGIDENTIFIER macro because
2632         it doesn't work well inside of a lambda.
2633         (WTF::LogArgument<WebCore::RTCStatsLogger>::toString): Move into .cpp file because it is only
2634         used here.
2635         * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.h:
2636         (WTF::LogArgument<webrtc::RTCStats>::toString): Deleted. Move to .cpp file.
2637
2638 2018-05-08  Dean Jackson  <dino@apple.com>
2639
2640         System Preview links should trigger a download
2641         https://bugs.webkit.org/show_bug.cgi?id=185439
2642         <rdar://problem/40065545>
2643
2644         Reviewed by Jon Lee.
2645
2646         Add a new field to FrameLoadRequest, which then is copied
2647         into ResourceRequest, identifying if the link clicked
2648         is a system preview.
2649
2650         * html/HTMLAnchorElement.cpp:
2651         (WebCore::HTMLAnchorElement::handleClick): Look for isSystemPreviewLink().
2652         * loader/FrameLoadRequest.cpp:
2653         (WebCore::FrameLoadRequest::FrameLoadRequest):
2654         * loader/FrameLoadRequest.h: New property.
2655         (WebCore::FrameLoadRequest::FrameLoadRequest):
2656         (WebCore::FrameLoadRequest::isSystemPreview const):
2657         * loader/FrameLoader.cpp:
2658         (WebCore::FrameLoader::urlSelected):
2659         (WebCore::FrameLoader::loadURL):
2660         * loader/FrameLoader.h:
2661         * platform/network/ResourceRequestBase.cpp:
2662         (WebCore::ResourceRequestBase::isSystemPreview const):
2663         (WebCore::ResourceRequestBase::setSystemPreview):
2664         * platform/network/ResourceRequestBase.h:
2665
2666 2018-05-08  Commit Queue  <commit-queue@webkit.org>
2667
2668         Unreviewed, rolling out r231491.
2669         https://bugs.webkit.org/show_bug.cgi?id=185434
2670
2671         Setting the Created key on a cookie does not work yet, due a
2672         bug in CFNetwork (Requested by ggaren on #webkit).
2673
2674         Reverted changeset:
2675
2676         "[WKHTTPCookieStore getAllCookies] returns inconsistent
2677         creation time"
2678         https://bugs.webkit.org/show_bug.cgi?id=185041
2679         https://trac.webkit.org/changeset/231491
2680
2681 2018-05-08  Sihui Liu  <sihui_liu@apple.com>
2682
2683         [WKHTTPCookieStore getAllCookies] returns inconsistent creation time
2684         https://bugs.webkit.org/show_bug.cgi?id=185041
2685         <rdar://problem/34684214>
2686
2687         Reviewed by Geoffrey Garen.
2688
2689         Set creationtime property when creating Cookie object to keep consistency after conversion.
2690
2691         New API test: WebKit.WKHTTPCookieStoreCreationTime.
2692
2693         * platform/network/cocoa/CookieCocoa.mm:
2694         (WebCore::Cookie::operator NSHTTPCookie * const):
2695
2696 2018-05-08  Eric Carlson  <eric.carlson@apple.com>
2697
2698         Text track cue logging should include cue text
2699         https://bugs.webkit.org/show_bug.cgi?id=185353
2700         <rdar://problem/40003565>
2701
2702         Reviewed by Brent Fulgham.
2703
2704         No new tests, tested manually.
2705
2706         * html/track/VTTCue.cpp:
2707         (WebCore::VTTCue::toJSON const):
2708         * platform/graphics/InbandTextTrackPrivateClient.h:
2709         (WebCore::GenericCueData::toJSONString const):
2710         * platform/graphics/iso/ISOVTTCue.cpp:
2711         (WebCore::ISOWebVTTCue::toJSONString const):
2712
2713 2018-05-08  Sam Weinig  <sam@webkit.org>
2714
2715         More cleanup of XMLHttpRequestUpload
2716         https://bugs.webkit.org/show_bug.cgi?id=185409
2717
2718         Reviewed by Alex Christensen.
2719
2720         - Remove unneeded #includes
2721         - Rename m_xmlHttpRequest to m_request
2722         - Make some overloaded some methods private, and mark them as final rather
2723           than override.
2724
2725         * xml/XMLHttpRequestUpload.cpp:
2726         (WebCore::XMLHttpRequestUpload::XMLHttpRequestUpload):
2727         * xml/XMLHttpRequestUpload.h:
2728
2729 2018-05-08  Zalan Bujtas  <zalan@apple.com>
2730
2731         [LFC] Start using BlockMarginCollapse
2732         https://bugs.webkit.org/show_bug.cgi?id=185424
2733
2734         Reviewed by Antti Koivisto.
2735
2736         BlockMarginCollapse could be all static.
2737
2738         * layout/blockformatting/BlockFormattingContext.cpp:
2739         (WebCore::Layout::BlockFormattingContext::marginTop const):
2740         (WebCore::Layout::BlockFormattingContext::marginBottom const):
2741         * layout/blockformatting/BlockMarginCollapse.cpp:
2742         (WebCore::Layout::isMarginTopCollapsedWithSibling):
2743         (WebCore::Layout::isMarginBottomCollapsedWithSibling):
2744         (WebCore::Layout::isMarginTopCollapsedWithParent):
2745         (WebCore::Layout::isMarginBottomCollapsedWithParent):
2746         (WebCore::Layout::collapsedMarginTopFromFirstChild):
2747         (WebCore::Layout::collapsedMarginBottomFromLastChild):
2748         (WebCore::Layout::nonCollapsedMarginTop):
2749         (WebCore::Layout::nonCollapsedMarginBottom):
2750         (WebCore::Layout::BlockMarginCollapse::marginTop):
2751         (WebCore::Layout::BlockMarginCollapse::marginBottom):
2752         (WebCore::Layout::BlockMarginCollapse::BlockMarginCollapse): Deleted.
2753         (WebCore::Layout::BlockMarginCollapse::marginTop const): Deleted.
2754         (WebCore::Layout::BlockMarginCollapse::marginBottom const): Deleted.
2755         (WebCore::Layout::BlockMarginCollapse::isMarginTopCollapsedWithSibling const): Deleted.
2756         (WebCore::Layout::BlockMarginCollapse::isMarginBottomCollapsedWithSibling const): Deleted.
2757         (WebCore::Layout::BlockMarginCollapse::isMarginTopCollapsedWithParent const): Deleted.
2758         (WebCore::Layout::BlockMarginCollapse::isMarginBottomCollapsedWithParent const): Deleted.
2759         (WebCore::Layout::BlockMarginCollapse::nonCollapsedMarginTop const): Deleted.
2760         (WebCore::Layout::BlockMarginCollapse::nonCollapsedMarginBottom const): Deleted.
2761         (WebCore::Layout::BlockMarginCollapse::collapsedMarginTopFromFirstChild const): Deleted.
2762         (WebCore::Layout::BlockMarginCollapse::collapsedMarginBottomFromLastChild const): Deleted.
2763         (WebCore::Layout::BlockMarginCollapse::hasAdjoiningMarginTopAndBottom const): Deleted.
2764         * layout/blockformatting/BlockMarginCollapse.h:
2765
2766 2018-05-08  Youenn Fablet  <youenn@apple.com>
2767
2768         Allow WebResourceLoader to cancel a load served from a service worker
2769         https://bugs.webkit.org/show_bug.cgi?id=185274
2770
2771         Reviewed by Chris Dumez.
2772
2773         Add support for cancelling a fetch from WebProcess to service worker process.
2774         Use FetchIdentifier instead of uint64_t.
2775
2776         * Modules/fetch/FetchIdentifier.h: Added.
2777         * WebCore.xcodeproj/project.pbxproj:
2778         * workers/service/context/ServiceWorkerFetch.h:
2779         * workers/service/context/ServiceWorkerThreadProxy.cpp:
2780         (WebCore::ServiceWorkerThreadProxy::startFetch):
2781         (WebCore::ServiceWorkerThreadProxy::cancelFetch):
2782         * workers/service/context/ServiceWorkerThreadProxy.h:
2783
2784 2018-05-08  Said Abou-Hallawa  <sabouhallawa@apple.com>
2785
2786         feTurbulence is not rendered correctly on Retina display
2787         https://bugs.webkit.org/show_bug.cgi?id=183798
2788
2789         Reviewed by Simon Fraser.
2790
2791         On 2x display the feTurbulence filter creates a scaled ImageBuffer but
2792         processes only the unscaled size. This is a remaining work of r168577 and
2793         is very similar to what was done for the feMorphology filter in r188271.
2794
2795         Test: fast/hidpi/filters-turbulence.html
2796
2797         * platform/graphics/filters/FETurbulence.cpp:
2798         (WebCore::FETurbulence::fillRegion const):
2799         (WebCore::FETurbulence::platformApplySoftware):
2800
2801 2018-05-07  Zalan Bujtas  <zalan@apple.com>
2802
2803         [LFC] Add FormattingContext::layoutOutOfFlowDescendants implementation
2804         https://bugs.webkit.org/show_bug.cgi?id=185377
2805
2806         Reviewed by Antti Koivisto.
2807
2808         Also, remove FormattingContext's m_layoutContext member and pass it in to ::layout() instead.
2809         In theory LayoutContext is needed only during ::layout() call. 
2810
2811         * layout/FormattingContext.cpp:
2812         (WebCore::Layout::FormattingContext::layoutOutOfFlowDescendants const):
2813         * layout/FormattingContext.h:
2814         (WebCore::Layout::FormattingContext::layoutContext const):
2815         * layout/LayoutContext.cpp:
2816         (WebCore::Layout::LayoutContext::updateLayout):
2817         * layout/blockformatting/BlockFormattingContext.cpp:
2818         (WebCore::Layout::BlockFormattingContext::layout const):
2819         * layout/blockformatting/BlockFormattingContext.h:
2820         * layout/inlineformatting/InlineFormattingContext.cpp:
2821         (WebCore::Layout::InlineFormattingContext::layout const):
2822         * layout/inlineformatting/InlineFormattingContext.h:
2823
2824 2018-05-07  Daniel Bates  <dabates@apple.com>
2825
2826         Check X-Frame-Options and CSP frame-ancestors in network process
2827         https://bugs.webkit.org/show_bug.cgi?id=185410
2828         <rdar://problem/37733934>
2829
2830         Reviewed by Ryosuke Niwa.
2831
2832         * WebCore.xcodeproj/project.pbxproj: Make PingLoader.h a private header so that we can include it in WebKit.
2833         * loader/DocumentLoader.cpp:
2834         (WebCore::DocumentLoader::responseReceived): Only check CSP frame-ancestors and X-Frame-Options here if
2835         we are not checking them in the NetworkProcess and HTTP response access is restricted. I code is otherwise kept
2836         unchanged. There may be opportunities to clean this code up more and share more of it. We should look into this
2837         in subsequent bugs.
2838         * loader/DocumentLoader.h: Change visibility of stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() from
2839         private to public and export it so that we can call it from the WebKit.
2840         * loader/PingLoader.h:
2841         * page/Settings.yaml: Add a new setting called networkProcessCSPFrameAncestorsCheckingEnabled (defaults: false)
2842         and is hardcoded in WebPage.cpp to be enabled. This setting is used to determine if we will be using the NetworkProcess.
2843         Ideally we wouldn't have this setting and just key off RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess().
2844         However RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess() is always enabled in WebKit Legacy
2845         at the time of writing (why?). And, strangely, RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess()
2846         is conditionally enabled in WebKit. For now, we add a new setting, networkProcessCSPFrameAncestorsCheckingEnabled,
2847         to determine if CSP checking should be performed in NetworkProcess. For checking to actually happen in NetworkProcess
2848         and not in DocumentLoader::responseReceived() RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess()
2849         will also need to be enabled.
2850         * page/csp/ContentSecurityPolicy.cpp:
2851         (WebCore::ContentSecurityPolicy::allowFrameAncestors const): Added a variant that takes a vector of ancestor origins.
2852         * page/csp/ContentSecurityPolicy.h:
2853         * page/csp/ContentSecurityPolicyDirectiveList.cpp:
2854         (WebCore::checkFrameAncestors): Ditto.
2855         (WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForFrameAncestorOrigins const): Ditto.
2856         * page/csp/ContentSecurityPolicyDirectiveList.h: Export constructor so that we can invoke it from NetworkResourceLoader::shouldInterruptLoadForCSPFrameAncestorsOrXFrameOptions().
2857         * page/csp/ContentSecurityPolicyResponseHeaders.h:
2858         * platform/network/HTTPParsers.h: Export XFrameOptionsDisposition() so that we can use in WebKit.
2859
2860 2018-05-07  Daniel Bates  <dabates@apple.com>
2861
2862         Abstract logic to log console messages and send CSP violation reports into a client
2863         https://bugs.webkit.org/show_bug.cgi?id=185393
2864         <rdar://problem/40036053>
2865
2866         Reviewed by Brent Fulgham.
2867
2868         First pass at adding infrastructure to supporting CSP reporting from NetworkProcess and workers.
2869         Replaces the existing ContentSecurityPolicy constructor that takes a Frame with one that
2870         takes a ContentSecurityPolicyClient to delegate to for logging and sending reports. We will look
2871         to remove ContentSecurityPolicy constructor that takes a ScriptExecutionContext in a follow up.
2872
2873         Standardize on instantiating a ContentSecurityPolicy with the full URL to resource that it protects
2874         instead of taking only the SecurityOrigin of this URL. By taking the full URL the ContentSecurityPolicy
2875         object is now capable of resolving a relative report URL without needing a Document/ScriptExecutionContext.
2876
2877         We are underutilizing the CSPInfo struct and ContentSecurityPolicyClient::willSendCSPViolationReport()
2878         delegate callback in this patch. We will make use of this functionality in a subsequent patch to
2879         support collecting script state (e.g. source line number) when reporting CSP violations in worker
2880         threads. We also no longer go through the unnecessary motions to try to collect script state for a
2881         frame-ancestors violation (since DocumentLoader extends ContentSecurityPolicyClient and does not
2882         implement ContentSecurityPolicyClient::willSendCSPViolationReport()). The frame-ancestors directive
2883         is checked before a document is parsed and executes script; => there will never be any script state
2884         to collect; => it is not necessary to try to collect it as we currently do.
2885
2886         * Sources.txt: Add file ContentSecurityPolicyClient.cpp. See the remarks for ContentSecurityPolicyClient.cpp
2887         below on why we have this file.
2888         * WebCore.xcodeproj/project.pbxproj: Add files ContentSecurityPolicyClient.{h, cpp}.
2889         * dom/Document.cpp:
2890         (WebCore::Document::initSecurityContext): Pass the URL of the protected document.
2891         * loader/DocumentLoader.cpp:
2892         (WebCore::DocumentLoader::responseReceived): Ditto.
2893         (WebCore::DocumentLoader::addConsoleMessage): Added.
2894         (WebCore::DocumentLoader::sendCSPViolationReport): Added.
2895         (WebCore::DocumentLoader::dispatchSecurityPolicyViolationEvent): Added.
2896         * loader/DocumentLoader.h:
2897         * loader/FrameLoaderClient.h: Fix typo in comment.
2898         * loader/WorkerThreadableLoader.cpp:
2899         (WebCore::WorkerThreadableLoader::MainThreadBridge::MainThreadBridge): Pass the URL of the worker script.
2900         * page/csp/ContentSecurityPolicy.cpp:
2901         (WebCore::ContentSecurityPolicy::ContentSecurityPolicy): Added overload that takes a URL&& and an optional
2902         ContentSecurityPolicyClient*.
2903         (WebCore::ContentSecurityPolicy::deprecatedURLForReporting const): Extracted and simplified stripURLForUseInReport()
2904         into this member function.
2905         (WebCore::ContentSecurityPolicy::reportViolation const): Modified to make use of the client, if we have
2906         one and removed code for handling a ContentSecurityPolicy that was instantiated with a Frame.
2907         (WebCore::ContentSecurityPolicy::logToConsole const): Ditto.
2908         (WebCore::stripURLForUseInReport): Deleted; incorporated into ContentSecurityPolicy::deprecatedURLForReporting().
2909         * page/csp/ContentSecurityPolicy.h:
2910         * page/csp/ContentSecurityPolicyClient.cpp: Added. This file exists so that we can define the virtual
2911         destructor out-of-line and export this abstract class so as to avoid the need for the vtable to be
2912         defined in the translation unit of each derived class.
2913         * page/csp/ContentSecurityPolicyClient.h: Added.
2914         * page/csp/ContentSecurityPolicySource.cpp:
2915         (WebCore::ContentSecurityPolicySource::operator SecurityOriginData const): Added.
2916         * page/csp/ContentSecurityPolicySource.h:
2917         * workers/WorkerGlobalScope.cpp:
2918         (WebCore::WorkerGlobalScope::WorkerGlobalScope): Instantiate the ContentSecurityPolicy object with the
2919         URL of the worker script.
2920
2921 2018-05-07  Simon Fraser  <simon.fraser@apple.com>
2922
2923         CSS filters which reference SVG filters fail to respect the "color-interpolation-filters" of the filter
2924         https://bugs.webkit.org/show_bug.cgi?id=185343
2925
2926         Reviewed by Dean Jackson.
2927
2928         Test: css3/filters/color-interpolation-filters.html
2929         
2930         When applying CSS reference filters, apply the value of "color-interpolation-filters" for the
2931         referenced filter effect element, just as we do for SVG filters.
2932
2933         * rendering/FilterEffectRenderer.cpp:
2934         (WebCore::FilterEffectRenderer::buildReferenceFilter):
2935
2936 2018-05-07  Daniel Bates  <dabates@apple.com>
2937
2938         CSP status-code incorrect for document blocked due to violation of its frame-ancestors directive
2939         https://bugs.webkit.org/show_bug.cgi?id=185366
2940         <rdar://problem/40035116>
2941
2942         Reviewed by Brent Fulgham.
2943
2944         Fixes an issue where the status-code in the sent CSP report for an HTTP document blocked because
2945         its frame-ancestors directive was violated would be the status code of the previously loaded
2946         document in the frame. If the previously loaded document was about:blank then this would be 0.
2947
2948         Currently whenever we send a CSP report we ask the document's loader (Document::loader()) for the
2949         HTTP status code for the last response. Document::loader() returns the loader for the last committed
2950         document its frame. For a frame-ancestors violation, a CSP report is sent before the document
2951         that had the frame-ancestors directive has been committed and after it has been associate with a frame.
2952         As a result we are in are in a transient transition state for the frame and hence the last response
2953         for new document's loader (Document::loader()) is actually the last response of the previously loaded
2954         document in the frame. Instead we need to take care to tell CSP about the HTTP status code for the
2955         response associated with the document the CSP came from.
2956
2957         * dom/Document.cpp:
2958         (WebCore::Document::processHttpEquiv):
2959         (WebCore::Document::initSecurityContext):
2960         Pass the HTTP status code to CSP.
2961
2962         * page/csp/ContentSecurityPolicy.cpp:
2963         (WebCore::ContentSecurityPolicy::copyStateFrom):
2964         (WebCore::ContentSecurityPolicy::responseHeaders const):
2965         (WebCore::ContentSecurityPolicy::didReceiveHeaders):
2966         (WebCore::ContentSecurityPolicy::didReceiveHeader):
2967         (WebCore::ContentSecurityPolicy::reportViolation const):
2968         * page/csp/ContentSecurityPolicy.h:
2969         Modify existing functions to take the HTTP status code, store it in a instance variable,
2970         and reference this variable when reporting a violation.
2971
2972         * page/csp/ContentSecurityPolicyResponseHeaders.cpp:
2973         (WebCore::ContentSecurityPolicyResponseHeaders::ContentSecurityPolicyResponseHeaders):
2974         (WebCore::ContentSecurityPolicyResponseHeaders::isolatedCopy const):
2975         * page/csp/ContentSecurityPolicyResponseHeaders.h:
2976         (WebCore::ContentSecurityPolicyResponseHeaders::encode const):
2977         (WebCore::ContentSecurityPolicyResponseHeaders::decode):
2978         Store the HTTP status code along with the response headers.
2979
2980 2018-05-07  Daniel Bates  <dabates@apple.com>
2981
2982         CSP referrer incorrect for document blocked due to violation of its frame-ancestors directive
2983         https://bugs.webkit.org/show_bug.cgi?id=185380
2984
2985         Reviewed by Brent Fulgham.
2986
2987         Similar to <https://bugs.webkit.org/show_bug.cgi?id=185366>, fixes an issue where the referrer
2988         in the sent CSP report for an HTTP document blocked because its frame-ancestors directive was
2989         violated would be the referrer of the previously loaded document in the frame.
2990
2991         Currently whenever we send a CSP report we ask the document's loader (Document::loader()) for
2992         the referrer for the last request. Document::loader() returns the loader for the last committed
2993         document in its frame. For a frame-ancestors violation, a CSP report is sent before the document
2994         that had the frame-ancestors directive has been committed and after it has been associate with a
2995         frame. As a result we are in a transient transition state for the frame and hence the last request
2996         for the new document's loader (Document::loader()) is actually the last request of the previously
2997         loaded document in the frame. Instead we need to take care to tell CSP about the referrer for the
2998         request associated with the document the CSP came from.
2999
3000         * loader/DocumentLoader.cpp:
3001         (WebCore::DocumentLoader::responseReceived):
3002
3003 2018-05-07  Brent Fulgham  <bfulgham@apple.com>
3004
3005         Add experimental feature to prompt for Storage Access API use
3006         https://bugs.webkit.org/show_bug.cgi?id=185335
3007         <rdar://problem/39994649>
3008
3009         Reviewed by Alex Christensen and Youenn Fablet.
3010
3011         Create a new experimental feature that gates the ability of WebKit clients to prompt the user when
3012         Storage Access API is invoked.
3013
3014         Currently this feature doesn't have any user-visible impact.
3015
3016         * page/RuntimeEnabledFeatures.h:
3017         (WebCore::RuntimeEnabledFeatures::setStorageAccessPromptsEnabled):
3018         (WebCore::RuntimeEnabledFeatures::storageAccessPromptsEnabled const):
3019         * testing/InternalSettings.cpp:
3020         (WebCore::InternalSettings::Backup::Backup):
3021         (WebCore::InternalSettings::Backup::restoreTo):
3022         (WebCore::InternalSettings::setStorageAccessPromptsEnabled):
3023         * testing/InternalSettings.h:
3024         * testing/InternalSettings.idl:
3025
3026 2018-05-07  Chris Dumez  <cdumez@apple.com>
3027
3028         Stop using an iframe's id as fallback if its name attribute is not set
3029         https://bugs.webkit.org/show_bug.cgi?id=11388
3030
3031         Reviewed by Geoff Garen.
3032
3033         WebKit had logic to use an iframe's id as fallback name when its name
3034         content attribute is not set. This behavior was not standard and did not
3035         match other browsers:
3036         - https://html.spec.whatwg.org/#attr-iframe-name
3037
3038         Gecko / Trident never behaved this way. Blink was aligned with us until
3039         they started to match the specification in:
3040         - https://bugs.chromium.org/p/chromium/issues/detail?id=347169
3041
3042         This WebKit quirk was causing some Web-compatibility issues because it
3043         would affect the behavior of Window's name property getter when trying
3044         to look up an iframe by id. Because of Window's named property getter
3045         behavior [1], we would return the frame's contentWindow instead of the
3046         iframe element itself.
3047
3048         [1] https://html.spec.whatwg.org/multipage/window-object.html#named-access-on-the-window-object
3049
3050         Test: fast/dom/Window/named-getter-frame-id.html
3051
3052         * html/HTMLFrameElementBase.cpp:
3053         (WebCore::HTMLFrameElementBase::openURL):
3054         (WebCore::HTMLFrameElementBase::parseAttribute):
3055         (WebCore::HTMLFrameElementBase::didFinishInsertingNode):
3056         * html/HTMLFrameElementBase.h:
3057
3058 2018-05-07  Chris Dumez  <cdumez@apple.com>
3059
3060         ASSERT(!childItemWithTarget(child->target())) is hit in HistoryItem::addChildItem()
3061         https://bugs.webkit.org/show_bug.cgi?id=185322
3062
3063         Reviewed by Geoff Garen.
3064
3065         We generate unique names for Frame to be used in HistoryItem. Those names not only
3066         need to be unique, they also need to be repeatable to avoid layout tests flakiness
3067         and for things like restoring form state from a HistoryItem.
3068
3069         The previously generated frame names were relying on the Frame's index among a
3070         parent Frame's children. The issue was that we could end up with duplicate names
3071         because one could insert a Frame *before* an existing one. This is because the code
3072         would not take care of updating existing Frames' unique name on frame tree mutation.
3073
3074         Updating frame tree names on mutation would be inefficient and is also not necessary.
3075         The approach chosen in this patch is to stop using the Frame's index and instead rely
3076         on an increasing counter stored on the top-frame's FrameTree. To make the names
3077         repeatable, we reset the counter on page navigation.
3078
3079         * page/Frame.cpp:
3080         (WebCore::Frame::setDocument):
3081         * page/FrameTree.cpp:
3082         (WebCore::FrameTree::uniqueChildName const):
3083         (WebCore::FrameTree::generateUniqueName const):
3084         * page/FrameTree.h:
3085         (WebCore::FrameTree::resetFrameIdentifiers):
3086
3087 2018-05-07  Yacine Bandou  <yacine.bandou_ext@softathome.com>
3088
3089         [EME][GStreamer] Fix wrong subsample parsing on r227067
3090         https://bugs.webkit.org/show_bug.cgi?id=185382
3091
3092         Reviewed by Philippe Normand.
3093
3094         The initialization of sampleIndex should be moved outside of the loop.
3095         Without this patch we will have a bad log and the check of the subsample
3096         count will be useless.
3097
3098         * platform/graphics/gstreamer/eme/WebKitClearKeyDecryptorGStreamer.cpp:
3099         (webKitMediaClearKeyDecryptorDecrypt):
3100
3101 2018-05-07  Daniel Bates  <dabates@apple.com>
3102
3103         CSP should be passed the referrer
3104         https://bugs.webkit.org/show_bug.cgi?id=185367
3105
3106         Reviewed by Per Arne Vollan.
3107
3108         As a step towards formalizing a CSP delegate object and removing the dependencies
3109         on ScriptExecutionContext and Frame, we should pass the document's referrer directly
3110         instead of indirectly obtaining it from the ScriptExecutionContext or Frame used
3111         to instantiate the ContentSecurityPolicy object.
3112
3113         * dom/Document.cpp:
3114         (WebCore::Document::processHttpEquiv): Pass the document's referrer.
3115         (WebCore::Document::initSecurityContext): Ditto.
3116         (WebCore::Document::applyQuickLookSandbox): Ditto.
3117         * loader/DocumentLoader.cpp:
3118         (WebCore::DocumentLoader::responseReceived): Ditto.
3119         * loader/FrameLoader.cpp:
3120         (WebCore::FrameLoader::didBeginDocument): Ditto.
3121         * page/csp/ContentSecurityPolicy.cpp:
3122         (WebCore::ContentSecurityPolicy::copyStateFrom): We pass a null string for the referrer
3123         to didReceiveHeader() as a placeholder since it requires the referrer be given to it. We
3124         fix up the referrer (m_referrer) after copying all the policy headers.
3125         (WebCore::ContentSecurityPolicy::didReceiveHeaders): Ditto.
3126         (WebCore::ContentSecurityPolicy::didReceiveHeader): Modified to take a referrer and WTFMove()s
3127         it into an instance variable (m_referrer).
3128         (WebCore::ContentSecurityPolicy::reportViolation const): Modified to use the stored referrer.
3129         * page/csp/ContentSecurityPolicy.h:
3130         * workers/WorkerGlobalScope.cpp:
3131         (WebCore::WorkerGlobalScope::applyContentSecurityPolicyResponseHeaders): Pass a null string
3132         for the referrer as a worker does not have a referrer.
3133
3134 2018-05-07  Daniel Bates  <dabates@apple.com>
3135
3136         CSP should only notify Inspector to pause the debugger on the first policy to violate a directive
3137         https://bugs.webkit.org/show_bug.cgi?id=185364
3138
3139         Reviewed by Brent Fulgham.
3140
3141         Notify Web Inspector that a script was blocked on the first enforced CSP policy that it
3142         violates.
3143
3144         A page can have more than one enforced Content Security Policy. Currently for inline
3145         scripts, inline event handlers, JavaScript URLs, and eval() that are blocked by CSP
3146         we notify Web Inspector that it was blocked for each CSP policy that blocked it. When
3147         Web Inspector is notified it pauses script execution. It does not seem very meaningful
3148         to pause script execution on the same script for each CSP policy that blocked it.
3149         Therefore, only tell Web Inspector that a script was blocked for the first enforced CSP
3150         policy that blocked it.
3151
3152         * page/csp/ContentSecurityPolicy.cpp:
3153         (WebCore::ContentSecurityPolicy::allowJavaScriptURLs const):
3154         (WebCore::ContentSecurityPolicy::allowInlineEventHandlers const):
3155         (WebCore::ContentSecurityPolicy::allowInlineScript const):
3156         (WebCore::ContentSecurityPolicy::allowEval const):
3157
3158 2018-05-07  Daniel Bates  <dabates@apple.com>
3159
3160         Substitute CrossOriginPreflightResultCache::clear() for CrossOriginPreflightResultCache::empty()
3161         https://bugs.webkit.org/show_bug.cgi?id=185170
3162
3163         Reviewed by Per Arne Vollan.
3164
3165         Rename CrossOriginPreflightResultCache::empty() to CrossOriginPreflightResultCache::clear() make
3166         it consistent with the terminology we use in WebKit to signify a function that clears a collection.
3167         A member function named "empty" is expected to return an instance of a class in its "empty state".
3168         For example, StringImpl::empty() returns a StringImpl instance that represents the empty string.
3169         However CrossOriginPreflightResultCache::empty() clears out the cache in-place. We should rename
3170         this function to better describe its purpose.
3171
3172         * loader/CrossOriginPreflightResultCache.cpp:
3173         (WebCore::CrossOriginPreflightResultCache::clear):
3174         (WebCore::CrossOriginPreflightResultCache::empty): Deleted.
3175         * loader/CrossOriginPreflightResultCache.h:
3176
3177 2018-05-06  Dean Jackson  <dino@apple.com>
3178
3179         WebGL: Reset simulated values after validation fails
3180         https://bugs.webkit.org/show_bug.cgi?id=185363
3181         <rdar://problem/39733417>
3182
3183         Reviewed by Anders Carlsson.
3184
3185         While fixing a previous bug, I forgot to reset some values
3186         when validation fails. This caused a bug where a subsequent
3187         invalid call might use those values and escape detection.
3188
3189         Test: fast/canvas/webgl/index-validation-with-subsequent-draws.html
3190
3191         * html/canvas/WebGLRenderingContextBase.cpp:
3192         (WebCore::WebGLRenderingContextBase::simulateVertexAttrib0): Reset the
3193         sizes when validation fails.
3194         * html/canvas/WebGLRenderingContextBase.h:
3195
3196 2018-05-07  Ms2ger  <Ms2ger@igalia.com>
3197
3198         Support negative sw/sh values in createImageBitmap().
3199         https://bugs.webkit.org/show_bug.cgi?id=184449
3200
3201         Reviewed by Dean Jackson.
3202
3203         Tests: LayoutTests/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-drawImage.html
3204                LayoutTests/http/wpt/2dcontext/imagebitmap/createImageBitmap.html
3205
3206         * html/ImageBitmap.cpp:
3207         (WebCore::ImageBitmap::createPromise): handle negative values per spec.
3208
3209 2018-05-07  Brian Burg  <bburg@apple.com>
3210
3211         Web Inspector: opt out of process swap on navigation if a Web Inspector frontend is connected
3212         https://bugs.webkit.org/show_bug.cgi?id=184861
3213         <rdar://problem/39153768>
3214
3215         Reviewed by Timothy Hatcher.
3216
3217         Notify the client of the current connection count whenever a frontend connects or disconnects.
3218
3219         Covered by new API test.
3220
3221         * inspector/InspectorClient.h:
3222         (WebCore::InspectorClient::frontendCountChanged):
3223         * inspector/InspectorController.cpp:
3224         (WebCore::InspectorController::connectFrontend):
3225         (WebCore::InspectorController::disconnectFrontend):
3226         (WebCore::InspectorController::disconnectAllFrontends):
3227         * inspector/InspectorController.h:
3228
3229 2018-05-07  Eric Carlson  <eric.carlson@apple.com>
3230
3231         Text track cue logging should include cue text
3232         https://bugs.webkit.org/show_bug.cgi?id=185353
3233         <rdar://problem/40003565>
3234
3235         Reviewed by Youenn Fablet.
3236
3237         No new tests, tested manually.
3238
3239         * html/track/VTTCue.cpp:
3240         (WebCore::VTTCue::toJSONString const): Use toJSON.
3241         (WebCore::VTTCue::toJSON const): New.
3242         * html/track/VTTCue.h:
3243
3244         * platform/graphics/InbandTextTrackPrivateClient.h:
3245         (WebCore::GenericCueData::toJSONString const): Log m_content.
3246
3247         * platform/graphics/iso/ISOVTTCue.cpp:
3248         (WebCore::ISOWebVTTCue::toJSONString const): Log m_cueText.
3249
3250 2018-05-06  Zalan Bujtas  <zalan@apple.com>
3251
3252         [LFC] Add assertions for stale Display::Box geometry
3253         https://bugs.webkit.org/show_bug.cgi?id=185357
3254
3255         Reviewed by Antti Koivisto.
3256
3257         Ensure that we don't access stale geometry of other boxes during layout.
3258         For example, in order to layout a block child we need the containing block's content box top/left and width (but not the height)
3259
3260         * layout/displaytree/DisplayBox.h:
3261         (WebCore::Display::Box::invalidateTop):
3262         (WebCore::Display::Box::invalidateLeft):
3263         (WebCore::Display::Box::invalidateWidth):
3264         (WebCore::Display::Box::invalidateHeight):
3265         (WebCore::Display::Box::hasValidPosition const):
3266         (WebCore::Display::Box::hasValidSize const):
3267         (WebCore::Display::Box::hasValidGeometry const):
3268         (WebCore::Display::Box::invalidatePosition):
3269         (WebCore::Display::Box::invalidateSize):
3270         (WebCore::Display::Box::setHasValidPosition):
3271         (WebCore::Display::Box::setHasValidSize):
3272         (WebCore::Display::Box::setHasValidGeometry):
3273         (WebCore::Display::Box::rect const):
3274         (WebCore::Display::Box::top const):
3275         (WebCore::Display::Box::left const):
3276         (WebCore::Display::Box::bottom const):
3277         (WebCore::Display::Box::right const):
3278         (WebCore::Display::Box::topLeft const):
3279         (WebCore::Display::Box::bottomRight const):
3280         (WebCore::Display::Box::size const):
3281         (WebCore::Display::Box::width const):
3282         (WebCore::Display::Box::height const):
3283         (WebCore::Display::Box::setRect):
3284         (WebCore::Display::Box::setTopLeft):
3285         (WebCore::Display::Box::setTop):
3286         (WebCore::Display::Box::setLeft):
3287         (WebCore::Display::Box::setSize):
3288         (WebCore::Display::Box::setWidth):
3289         (WebCore::Display::Box::setHeight):
3290
3291 2018-05-06  Zalan Bujtas  <zalan@apple.com>
3292
3293         [LFC] Add BlockFormattingContext::computeStaticPosition
3294         https://bugs.webkit.org/show_bug.cgi?id=185352
3295
3296         Reviewed by Antti Koivisto.
3297
3298         This is the core logic for positioning inflow boxes in a block formatting context (very naive though).
3299
3300         * layout/blockformatting/BlockFormattingContext.cpp:
3301         (WebCore::Layout::BlockFormattingContext::computeStaticPosition const):
3302         * layout/displaytree/DisplayBox.h:
3303
3304 2018-05-05  Sam Weinig  <sam@webkit.org>
3305
3306         Cleanup XMLHttpRequestUpload a little
3307         https://bugs.webkit.org/show_bug.cgi?id=185344
3308
3309         Reviewed by Yusuke Suzuki.
3310
3311         * bindings/js/JSXMLHttpRequestCustom.cpp:
3312         (WebCore::JSXMLHttpRequest::visitAdditionalChildren):
3313         Use auto to reduce redundancy.
3314
3315         * xml/XMLHttpRequest.cpp:
3316         (WebCore::XMLHttpRequest::upload):
3317         * xml/XMLHttpRequest.h:
3318         Switch upload() to return a reference.
3319         
3320         * xml/XMLHttpRequestUpload.cpp:
3321         (WebCore::XMLHttpRequestUpload::XMLHttpRequestUpload):
3322         (WebCore::XMLHttpRequestUpload::dispatchProgressEvent):
3323         * xml/XMLHttpRequestUpload.h:
3324         Cleanup formatting, modernize and switch XMLHttpRequest member from a pointer
3325         to a reference.
3326
3327 2018-05-05  Dean Jackson  <dino@apple.com>
3328
3329         Draw a drop-shadow behind the system preview badge
3330         https://bugs.webkit.org/show_bug.cgi?id=185356
3331         <rdar://problem/40004936>
3332
3333         Reviewed by Wenson Hsieh.
3334
3335         Draw a very subtle drop-shadow under the system
3336         preview badge so that it is more visible on a pure
3337         white background.
3338
3339         I also moved some code around to make it more clear
3340         and improved comments.
3341
3342         * rendering/RenderThemeIOS.mm:
3343         (WebCore::RenderThemeIOS::paintSystemPreviewBadge):
3344
3345 2018-05-04  Wenson Hsieh  <wenson_hsieh@apple.com>
3346
3347         [iOS] Multiple links in Mail are dropped in a single line, and are difficult to tell apart
3348         https://bugs.webkit.org/show_bug.cgi?id=185289
3349         <rdar://problem/35756912>
3350
3351         Reviewed by Tim Horton and Darin Adler.
3352
3353         When inserting multiple URLs as individual items in a single drop, we currently separate each item with a space
3354         (see r217284). However, it still seems difficult to tell dropped links apart. This patch makes some slight
3355         tweaks to WebContentReader::readURL so that it inserts line breaks before dropped URLs, if the dropped URL isn't
3356         the first item to be inserted in the resulting document fragment.
3357
3358         Augments existing API tests in DataInteractionTests.
3359
3360         * editing/ios/WebContentReaderIOS.mm:
3361
3362         Additionally remove some extraneous header imports from this implementation file.
3363
3364         (WebCore::WebContentReader::readURL):
3365
3366 2018-05-02  Dean Jackson  <dino@apple.com>
3367
3368         Use IOSurfaces for CoreImage operations where possible
3369         https://bugs.webkit.org/show_bug.cgi?id=185230
3370         <rdar://problem/39926929>
3371
3372         Reviewed by Jon Lee.
3373
3374         On iOS hardware, we can use IOSurfaces as a rendering destination
3375         for CoreImage, which means we're keeping data on the GPU
3376         for rendering.
3377
3378         As a drive-by fix, I used a convenience method for Gaussian blurs.
3379
3380         * rendering/RenderThemeIOS.mm:
3381         (WebCore::RenderThemeIOS::paintSystemPreviewBadge):
3382
3383 2018-05-04  Tim Horton  <timothy_horton@apple.com>
3384
3385         Shift to a lower-level framework for simplifying URLs
3386         https://bugs.webkit.org/show_bug.cgi?id=185334
3387
3388         Reviewed by Dan Bernstein.
3389
3390         * Configurations/WebCore.xcconfig:
3391         * platform/mac/DragImageMac.mm:
3392         (WebCore::LinkImageLayout::LinkImageLayout):
3393
3394 2018-05-03  Ryosuke Niwa  <rniwa@webkit.org>
3395
3396         Release assert in ScriptController::canExecuteScripts via HTMLMediaElement::~HTMLMediaElement()
3397         https://bugs.webkit.org/show_bug.cgi?id=185288
3398
3399         Reviewed by Jer Noble.
3400
3401         The crash is caused by HTMLMediaElement::~HTMLMediaElement canceling the resource load via CachedResource
3402         which ends up calling FrameLoader::checkCompleted() and fire load event on the document synchronously.
3403         Speculatively fix the crash by scheduling the check instead.
3404
3405         In long term, ResourceLoader::cancel should never fire load event synchronously: webkit.org/b/185284.
3406
3407         Unfortunately, no new tests since I can't get MediaResource to get destructed at the right time.
3408
3409         * html/HTMLMediaElement.cpp:
3410         (WebCore::HTMLMediaElement::isRunningDestructor): Added to detect this specific case.
3411         (WebCore::HTMLMediaElementDestructorScope): Added.
3412         (WebCore::HTMLMediaElementDestructorScope::HTMLMediaElementDestructorScope): Added.
3413         (WebCore::HTMLMediaElementDestructorScope::~HTMLMediaElementDestructorScope): Added.
3414         (WebCore::HTMLMediaElement::~HTMLMediaElement): Instantiate HTMLMediaElement.
3415         * html/HTMLMediaElement.h:
3416         * loader/FrameLoader.cpp:
3417         (WebCore::FrameLoader::checkCompleted): Call scheduleCheckCompleted instead of synchronously calling
3418         checkCompleted if we're in the middle of destructing a HTMLMediaElement.
3419
3420 2018-05-04  Ryosuke Niwa  <rniwa@webkit.org>
3421
3422         Rename DocumentOrderedMap to TreeScopeOrderedMap
3423         https://bugs.webkit.org/show_bug.cgi?id=185290
3424
3425         Reviewed by Zalan Bujtas.
3426
3427         Renamed the class since it's almost always a mistake to use this class as a member variable of Document.
3428
3429         * Sources.txt:
3430         * WebCore.xcodeproj/project.pbxproj:
3431         * dom/MouseRelatedEvent.cpp: Include the forgotten DOMWindow.h. Unified build files bit us here.
3432         * dom/TreeScope.cpp:
3433         (WebCore::TreeScope::addElementById):
3434         (WebCore::TreeScope::addElementByName):
3435         (WebCore::TreeScope::addImageMap):
3436         (WebCore::TreeScope::addImageElementByUsemap):
3437         (WebCore::TreeScope::labelElementForId):
3438         * dom/TreeScope.h:
3439         * dom/TreeScopeOrderedMap.cpp: Renamed from DocumentOrderedMap.cpp
3440         * dom/TreeScopeOrderedMap.h: Renamed from DocumentOrderedMap.h
3441         * html/HTMLDocument.h:
3442
3443 2018-05-04  Don Olmstead  <don.olmstead@sony.com>
3444
3445         [Win][WebKit] Fix forwarding headers for Windows build
3446         https://bugs.webkit.org/show_bug.cgi?id=184412
3447
3448         Reviewed by Alex Christensen.
3449
3450         No new tests. No change in behavior.
3451
3452         * PlatformWin.cmake:
3453
3454 2018-05-04  Zalan Bujtas  <zalan@apple.com>
3455
3456         [Simple line layout] Add support for line layout box generation with multiple text renderers.
3457         https://bugs.webkit.org/show_bug.cgi?id=185276
3458
3459         Reviewed by Antti Koivisto.
3460
3461         Covered by existing tests.
3462
3463         * rendering/SimpleLineLayoutFunctions.cpp:
3464         (WebCore::SimpleLineLayout::canUseForLineBoxTree):
3465         (WebCore::SimpleLineLayout::generateLineBoxTree):
3466         * rendering/SimpleLineLayoutResolver.cpp:
3467         (WebCore::SimpleLineLayout::RunResolver::Run::renderer const):
3468         (WebCore::SimpleLineLayout::RunResolver::Run::localStart const):
3469         (WebCore::SimpleLineLayout::RunResolver::Run::localEnd const):
3470         * rendering/SimpleLineLayoutResolver.h:
3471
3472 2018-05-04  Timothy Hatcher  <timothy@apple.com>
3473
3474         Deprecate legacy WebView and friends
3475         https://bugs.webkit.org/show_bug.cgi?id=185279
3476         rdar://problem/33268700
3477
3478         Reviewed by Tim Horton.
3479
3480         * Configurations/WebCore.xcconfig:
3481         Added BUILDING_WEBKIT define to disable the deprecation macros.
3482         * bridge/objc/WebScriptObject.h:
3483         Added deprecation macros to WebScriptObject and WebUndefined.
3484         * platform/cocoa/WebKitAvailability.h:
3485         Added more macros and a way to disable deprecation warnings for
3486         WebKit build and in clients like Safari.
3487
3488 2018-05-04  Eric Carlson  <eric.carlson@apple.com>
3489
3490         Log media time range as JSON
3491         https://bugs.webkit.org/show_bug.cgi?id=185321
3492         <rdar://problem/39986746>
3493
3494         Reviewed by Youenn Fablet.
3495
3496         No new tests, tested manually.
3497
3498         * html/HTMLMediaElement.cpp:
3499         (WebCore::HTMLMediaElement::addPlayedRange): Log as time range.
3500         (WebCore::HTMLMediaElement::visibilityStateChanged): Cleanup.
3501
3502         * platform/graphics/MediaPlayer.h:
3503         (WTF::LogArgument<MediaTime>::toString):
3504         (WTF::LogArgument<MediaTimeRange>::toString):
3505
3506         * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp:
3507         (WebCore::InbandTextTrackPrivateAVF::processAttributedStrings): Log error as time range.
3508
3509 2018-05-04  Zalan Bujtas  <zalan@apple.com>
3510
3511         Use the containing block to compute the pagination gap when the container is inline.
3512         https://bugs.webkit.org/show_bug.cgi?id=184724
3513         <rdar://problem/39521800>
3514
3515         Reviewed by Simon Fraser.
3516
3517         Test: fast/overflow/page-overflow-with-inline-body-crash.html
3518
3519         * page/FrameView.cpp:
3520         (WebCore::FrameView::applyPaginationToViewport):
3521
3522 2018-05-04  Tim Horton  <timothy_horton@apple.com>
3523
3524         Don't use GSFont* in minimal simulator mode
3525         https://bugs.webkit.org/show_bug.cgi?id=185320
3526         <rdar://problem/39734478>
3527
3528         Reviewed by Beth Dakin.
3529
3530         * page/cocoa/MemoryReleaseCocoa.mm:
3531         (WebCore::platformReleaseMemory):
3532
3533 2018-05-04  Chris Dumez  <cdumez@apple.com>
3534
3535         Unreviewed, rolling out r231331.
3536
3537         Caused a few tests to assert
3538
3539         Reverted changeset:
3540
3541         "Stop using an iframe's id as fallback if its name attribute
3542         is not set"
3543         https://bugs.webkit.org/show_bug.cgi?id=11388
3544         https://trac.webkit.org/changeset/231331
3545
3546 2018-05-04  Youenn Fablet  <youenn@apple.com>
3547
3548         Use more references in updateTracksOfType
3549         https://bugs.webkit.org/show_bug.cgi?id=185305
3550
3551         Reviewed by Eric Carlson.
3552
3553         No change of behavior.
3554
3555         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
3556         (WebCore::updateTracksOfType):
3557         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateTracks):
3558
3559 2018-05-04  Myles C. Maxfield  <mmaxfield@apple.com>
3560
3561         Text shaping in the simple path is flipped in the y direction
3562         https://bugs.webkit.org/show_bug.cgi?id=185062
3563         <rdar://problem/39778678>
3564
3565         Reviewed by Simon Fraser.
3566
3567         Shaping in our simple codepath occurs in an "increasing-y-goes-up" coordinate system, but our painting
3568         code uses an "increasing-y-goes-down" coordinate system. We weren't fixing up the coordinate systems
3569         because we never noticed. This is because the simple codepath is only designed for kerning and ligatures,
3570         neither of which move glyphs vertically in the common case.
3571
3572         Test: fast/text/vertical-displacement-simple-codepath.html
3573
3574         * platform/graphics/Font.cpp:
3575         (WebCore::Font::applyTransforms const):
3576         * platform/graphics/WidthIterator.cpp:
3577         (WebCore::WidthIterator::applyFontTransforms):
3578
3579 2018-05-04  Chris Nardi  <cnardi@chromium.org>
3580
3581         Serialize all URLs with double-quotes per CSSOM spec
3582         https://bugs.webkit.org/show_bug.cgi?id=184935
3583
3584         Reviewed by Antti Koivisto.
3585
3586         According to https://drafts.csswg.org/cssom/#serialize-a-url, all URLs should be serialized as strings,
3587         which means they should have double quotes around the text of the URL. Update our implementation to match
3588         this (and Firefox/Chrome). Also remove isCSSTokenizerURL() as this method is no longer needed.
3589
3590         Tests: Many LayoutTests updated to use double quotes.
3591
3592         * css/CSSMarkup.cpp:
3593         (WebCore::serializeString): Remove FIXME as this was already fixed in a previous patch.
3594         (WebCore::serializeURL): Remove FIXME and update implementation.
3595
3596 2018-05-04  Youenn Fablet  <youenn@apple.com>
3597
3598         LayoutTests/fast/mediastream/change-tracks-media-stream-being-played.html is crashing after r231304
3599         https://bugs.webkit.org/show_bug.cgi?id=185303
3600
3601         Reviewed by Eric Carlson.
3602
3603         We need to stop observing the audio track like we do for video track once we are no longer interested in it.
3604         Covered by test no longer crashing.
3605
3606         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
3607         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateTracks):
3608
3609 2018-05-04  Zalan Bujtas  <zalan@apple.com>
3610
3611         [LFC] Set the invalidation root as the result of style change.
3612         https://bugs.webkit.org/show_bug.cgi?id=185301
3613
3614         Reviewed by Antti Koivisto.
3615
3616         Compute/propagate the update type on the ancestor chain and return the invalidation root
3617         so that LayoutContext could use it as the entry point for the next layout frame.
3618
3619         * layout/LayoutContext.cpp:
3620         (WebCore::Layout::LayoutContext::updateLayout):
3621         (WebCore::Layout::LayoutContext::styleChanged):
3622         * layout/LayoutContext.h: order is not important.
3623         * layout/blockformatting/BlockInvalidation.cpp:
3624         (WebCore::Layout::invalidationStopsAtFormattingContextBoundary):
3625         (WebCore::Layout::computeUpdateType):
3626         (WebCore::Layout::computeUpdateTypeForAncestor):
3627         (WebCore::Layout::BlockInvalidation::invalidate):
3628         * layout/blockformatting/BlockInvalidation.h:
3629         * layout/inlineformatting/InlineInvalidation.cpp:
3630         (WebCore::Layout::InlineInvalidation::invalidate):
3631         * layout/inlineformatting/InlineInvalidation.h:
3632
3633 2018-05-04  Youenn Fablet  <youenn@apple.com>
3634
3635         PeerConnection should have its connectionState closed even if doing gathering
3636         https://bugs.webkit.org/show_bug.cgi?id=185267
3637
3638         Reviewed by Darin Adler.
3639
3640         Test: webrtc/addICECandidate-closed.html
3641
3642         In case m_iceConnectionState is closed, m_connectionState should also be set to closed
3643         and RTCPeerConnection should be closed so as to reject any other call.
3644
3645         * Modules/mediastream/RTCPeerConnection.cpp:
3646         (WebCore::RTCPeerConnection::close):
3647         (WebCore::RTCPeerConnection::updateConnectionState):
3648
3649 2018-05-04  Yacine Bandou  <yacine.bandou_ext@softathome.com>
3650
3651         [MSE][GStreamer] Delete properly the stream from the WebKitMediaSource
3652         https://bugs.webkit.org/show_bug.cgi?id=185242
3653
3654         Reviewed by Xabier Rodriguez-Calvar.
3655
3656         When the sourceBuffer is removed from mediasource, the appropriate stream is not
3657         properly deleted from WebKitMediaSource, because the appsrc and parser elements
3658         of the stream are not removed from the WebKitMediaSource bin.
3659
3660         This patch avoids the regression of r231089, see https://bugs.webkit.org/show_bug.cgi?id=185071
3661
3662         * platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamer.cpp:
3663         (webKitMediaSrcFreeStream):
3664
3665 2018-05-04  Carlos Garcia Campos  <cgarcia@igalia.com>
3666
3667         [GTK] Epiphany (GNOME Web) says "Error downloading: Service Unavailable." when trying to download an image from discogs.com
3668         https://bugs.webkit.org/show_bug.cgi?id=174730
3669
3670         Reviewed by Michael Catanzaro.
3671
3672         Export ResourceRequestBase::hasHTTPHeaderField().
3673
3674         * platform/network/ResourceRequestBase.h:
3675
3676 2018-05-03  Yusuke Suzuki  <utatane.tea@gmail.com>
3677
3678         Use subprocess.call instead of os.system to handle path with spaces
3679         https://bugs.webkit.org/show_bug.cgi?id=185291
3680
3681         Reviewed by Darin Adler.
3682
3683         If gperf path includes spaces, these python scripts fail to execute gperf.
3684         We use subprocess module instead of os.system to invoke gperf.
3685
3686         * css/makeSelectorPseudoClassAndCompatibilityElementMap.py:
3687         * css/makeSelectorPseudoElementsMap.py:
3688         * platform/network/create-http-header-name-table:
3689
3690 2018-05-03  Yusuke Suzuki  <utatane.tea@gmail.com>
3691
3692         Unreviewed, attempt to fix WinCairo build failure
3693         https://bugs.webkit.org/show_bug.cgi?id=185218
3694
3695         * platform/text/win/LocaleWin.cpp:
3696         (WebCore::LocaleWin::getLocaleInfoString):
3697
3698 2018-05-03  Filip Pizlo  <fpizlo@apple.com>
3699
3700         Strings should not be allocated in a gigacage
3701         https://bugs.webkit.org/show_bug.cgi?id=185218
3702
3703         Reviewed by Saam Barati.
3704
3705         No new tests because no new behavior.
3706
3707         * Modules/indexeddb/server/IDBSerialization.cpp:
3708         (WebCore::decodeKey):
3709         * bindings/js/SerializedScriptValue.cpp:
3710         (WebCore::CloneDeserializer::readString):
3711         * html/canvas/CanvasRenderingContext2D.cpp:
3712         (WebCore::normalizeSpaces):
3713         * html/parser/HTMLTreeBuilder.cpp:
3714         (WebCore::HTMLTreeBuilder::ExternalCharacterTokenBuffer::takeRemainingWhitespace):
3715         * platform/URLParser.cpp:
3716         (WebCore::percentEncodeByte):
3717         (WebCore::serializeURLEncodedForm):
3718         (WebCore::URLParser::serialize):
3719         * platform/URLParser.h:
3720         * platform/graphics/FourCC.cpp:
3721         (WebCore::FourCC::toString const):
3722         * platform/graphics/ca/GraphicsLayerCA.cpp:
3723         (WebCore::GraphicsLayerCA::ReplicaState::cloneID const):
3724         * platform/text/LocaleICU.cpp:
3725         (WebCore::LocaleICU::decimalSymbol):
3726         (WebCore::LocaleICU::decimalTextAttribute):
3727         (WebCore::getDateFormatPattern):
3728         (WebCore::LocaleICU::createLabelVector):
3729         (WebCore::getFormatForSkeleton):
3730         * platform/win/FileSystemWin.cpp:
3731         (WebCore::FileSystem::getFinalPathName):
3732         (WebCore::FileSystem::pathByAppendingComponent):
3733         (WebCore::FileSystem::storageDirectory):
3734
3735 2018-05-02  Brent Fulgham  <bfulgham@apple.com>
3736
3737         Widgets should hold a WeakPtr to their parents
3738         https://bugs.webkit.org/show_bug.cgi?id=185239
3739         <rdar://problem/39741250>
3740
3741         Reviewed by Zalan Bujtas.
3742
3743         * platform/ScrollView.h:
3744         (WebCore::ScrollView::weakPtrFactory): Added.
3745         * platform/Widget.cpp:
3746         (WebCore::Widget::init): Don't perform an unnecessary assignment.
3747         (WebCore::Widget::setParent): Grab a WeakPtr to the parent ScrollView.
3748         * platform/Widget.h:
3749         (WebCore::Widget::parent const): Change type to a WeakPtr.
3750
3751 2018-05-03  Yusuke Suzuki  <utatane.tea@gmail.com>
3752
3753         Use pointer instead of std::optional<T&>
3754         https://bugs.webkit.org/show_bug.cgi?id=185186
3755
3756         Reviewed by Alex Christensen.
3757
3758         std::optional<T&> is not accepted in C++17 spec.
3759         In this patch, we replace it with T*, which is well-aligned to
3760         WebKit's convention.
3761
3762         * Modules/mediastream/RTCPeerConnection.cpp:
3763         (WebCore::iceServersFromConfiguration):
3764         (WebCore::RTCPeerConnection::initializeConfiguration):
3765         (WebCore::RTCPeerConnection::setConfiguration):
3766         * css/parser/CSSParser.cpp:
3767         (WebCore::CSSParser::parseSystemColor):
3768         * css/parser/CSSParser.h:
3769         * dom/DatasetDOMStringMap.cpp:
3770         (WebCore::DatasetDOMStringMap::item const):
3771         (WebCore::DatasetDOMStringMap::namedItem const):
3772         (WebCore:: const): Deleted.
3773         * dom/DatasetDOMStringMap.h:
3774         * dom/Element.cpp:
3775         (WebCore::Element::insertAdjacentHTML):
3776         * dom/Element.h:
3777         * html/canvas/CanvasStyle.cpp:
3778         (WebCore::parseColor):
3779         * inspector/DOMEditor.cpp:
3780         * platform/network/curl/CurlFormDataStream.cpp:
3781         (WebCore::CurlFormDataStream::getPostData):
3782         (): Deleted.
3783         * platform/network/curl/CurlFormDataStream.h:
3784         * platform/network/curl/CurlRequest.cpp:
3785         (WebCore::CurlRequest::setupPOST):
3786         * testing/MockCDMFactory.cpp:
3787         (WebCore::MockCDMFactory::keysForSessionWithID const):
3788         (WebCore::MockCDMInstance::updateLicense):
3789         (WebCore:: const): Deleted.
3790         * testing/MockCDMFactory.h:
3791
3792 2018-05-03  Chris Dumez  <cdumez@apple.com>
3793
3794         Stop using an iframe's id as fallback if its name attribute is not set
3795         https://bugs.webkit.org/show_bug.cgi?id=11388
3796
3797         Reviewed by Geoff Garen.
3798
3799         WebKit had logic to use an iframe's id as fallback name when its name
3800         content attribute is not set. This behavior was not standard and did not
3801         match other browsers:
3802         - https://html.spec.whatwg.org/#attr-iframe-name
3803
3804         Gecko / Trident never behaved this way. Blink was aligned with us until
3805         they started to match the specification in:
3806         - https://bugs.chromium.org/p/chromium/issues/detail?id=347169
3807
3808         This WebKit quirk was causing some Web-compatibility issues because it
3809         would affect the behavior of Window's name property getter when trying
3810         to look up an iframe by id. Because of Window's named property getter
3811         behavior [1], we would return the frame's contentWindow instead of the
3812         iframe element itself.
3813
3814         [1] https://html.spec.whatwg.org/multipage/window-object.html#named-access-on-the-window-object
3815
3816         Test: fast/dom/Window/named-getter-frame-id.html
3817
3818         * html/HTMLFrameElementBase.cpp:
3819         (WebCore::HTMLFrameElementBase::openURL):
3820         (WebCore::HTMLFrameElementBase::parseAttribute):
3821         (WebCore::HTMLFrameElementBase::didFinishInsertingNode):
3822         * html/HTMLFrameElementBase.h:
3823
3824 2018-05-03  Eric Carlson  <eric.carlson@apple.com>
3825
3826         [iOS] Internal text and audio tracks not in fullscreen menu
3827         https://bugs.webkit.org/show_bug.cgi?id=185268
3828         <rdar://problem/38673440>
3829
3830         Reviewed by Jer Noble.
3831
3832         * platform/cocoa/PlaybackSessionModelMediaElement.mm:
3833         (WebCore::PlaybackSessionModelMediaElement::setMediaElement): 'addtrack' and 'removetrack'
3834         events are fired at the track lists, not the media element.
3835
3836 2018-05-03  Ryosuke Niwa  <rniwa@webkit.org>
3837
3838         Using image map inside a shadow tree results hits a release assert in DocumentOrderedMap::add
3839         https://bugs.webkit.org/show_bug.cgi?id=185238
3840
3841         Reviewed by Antti Koivisto.
3842
3843         The bug was caused by DocumentOrderedMap for the image elements with usemap being stored in Document
3844         even if those image elements were in a shadow tree. Fixed the bug by moving the map to TreeScope.
3845
3846         Test: fast/images/imagemap-in-nested-shadow-tree.html
3847               fast/images/imagemap-in-shadow-tree.html
3848
3849         * dom/Document.cpp:
3850         (WebCore::Document::addImageElementByUsemap): Moved to TreeScope.
3851         (WebCore::Document::removeImageElementByUsemap): Ditto.
3852         (WebCore::Document::imageElementByUsemap const): Ditto.
3853         * dom/Document.h:
3854         * dom/TreeScope.cpp:
3855         (WebCore::TreeScope::destroyTreeScopeData): Clear m_imagesByUsemap as well as m_elementsByName.
3856         (WebCore::TreeScope::getImageMap const): Removed the code to parse usemap. RenderImage::imageMap()
3857         which used to call this function with the raw value of the usemap content attribute now calls it
3858         via HTMLImageElement::associatedMapElement(), which uses the parsed usemap.
3859         (WebCore::TreeScope::addImageElementByUsemap): Moved from Document.
3860         (WebCore::TreeScope::removeImageElementByUsemap): Ditto.
3861         (WebCore::TreeScope::imageElementByUsemap const): Ditto.
3862         * dom/TreeScope.h:
3863         * html/HTMLImageElement.cpp:
3864         (WebCore::HTMLImageElement::parseAttribute):
3865         (WebCore::HTMLImageElement::insertedIntoAncestor): This image element can be associated with a map element
3866         if it's connected to a document.
3867         (WebCore::HTMLImageElement::removedFromAncestor):
3868         (WebCore::HTMLImageElement::associatedMapElement const):
3869         * html/HTMLImageElement.h:
3870         * html/HTMLMapElement.cpp:
3871         (WebCore::HTMLMapElement::imageElement):
3872         * rendering/RenderImage.cpp:
3873         (WebCore::RenderImage::imageMap const):
3874
3875 2018-05-03  Justin Fan  <justin_fan@apple.com>
3876
3877         [WebGL] Add runtime flag for enabling ASTC support in WebGL
3878         https://bugs.webkit.org/show_bug.cgi?id=184840
3879
3880         Reviewed by Myles C. Maxfield.
3881
3882         Added runtime flag for ASTC support in WebGL, to turn on/off when extension is implemented.
3883
3884         * page/RuntimeEnabledFeatures.h:
3885         (WebCore::RuntimeEnabledFeatures::setWebGLCompressedTextureASTCSupportEnabled):
3886         (WebCore::RuntimeEnabledFeatures::webGLCompressedTextureASTCSupportEnabled const):
3887
3888 2018-05-03  Chris Nardi  <cnardi@chromium.org>
3889
3890         Remove [NoInterfaceObject] from DOMRectList
3891         https://bugs.webkit.org/show_bug.cgi?id=185255
3892
3893         Reviewed by Chris Dumez.
3894
3895         In https://github.com/w3c/fxtf-drafts/issues/233, [NoInterfaceObject] was removed
3896         from DOMRectList. Remove it from our implementation to match the spec, as well as
3897         Chrome and Firefox.
3898
3899         Updated web platform tests IDL test for the Geometry spec.
3900
3901         * dom/DOMRectList.idl:
3902
3903 2018-05-03  Chris Dumez  <cdumez@apple.com>
3904
3905         REGRESSION(iOS 11.3): Crashes in TimerBase::~TimerBase() in Tencent x5gamehelper
3906         https://bugs.webkit.org/show_bug.cgi?id=185073
3907         <rdar://problem/39821223>
3908
3909         Reviewed by Alexey Proskuryakov.
3910
3911         The following changes were made:
3912         - Make sure SocketStream callbacks are always scheduled on the right runloop:
3913           WebThreadRunLoop() on WebKitLegacy iOS, loaderRunLoop() on Windows and
3914           main runloop otherwise.
3915         - When the SocketStream callbacks are called, unconditionally call callOnMainThreadAndWait()
3916           before calling methods on the SocketStream client. Previously, this code path
3917           was specific to Windows but there is no reason to have platform-specific code here.
3918           callOnMainThreadAndWait() calls the function right away if we're already on the main
3919           thread, which will be the case on other platform than Windows.
3920
3921         * platform/network/cf/SocketStreamHandleImplCFNet.cpp:
3922         (WebCore::callbacksRunLoop):
3923         (WebCore::callbacksRunLoopMode):
3924         (WebCore::SocketStreamHandleImpl::scheduleStreams):
3925         (WebCore::SocketStreamHandleImpl::pacExecutionCallback):
3926         (WebCore::SocketStreamHandleImpl::executePACFileURL):
3927         (WebCore::SocketStreamHandleImpl::removePACRunLoopSource):
3928         (WebCore::SocketStreamHandleImpl::readStreamCallback):
3929         (WebCore::SocketStreamHandleImpl::writeStreamCallback):
3930         (WebCore::SocketStreamHandleImpl::platformClose):
3931
3932 2018-05-03  Zalan Bujtas  <zalan@apple.com>
3933
3934         [LFC] Enable multiple layout roots for incremental layout.
3935         https://bugs.webkit.org/show_bug.cgi?id=185185
3936
3937         Reviewed by Antti Koivisto.
3938
3939         With certain type of style changes, we can stop the box invalidation at the formatting context boundary.
3940         When multiple boxes need updating in different formatting contexts, instead of marking the parent containing block chain all
3941         the way up to a common ancestor, we could just work with a list of layout entry points per layout frame.
3942
3943         * layout/FormattingState.h:
3944         * layout/LayoutContext.cpp:
3945         (WebCore::Layout::LayoutContext::updateLayout):
3946         (WebCore::Layout::LayoutContext::addLayoutEntryPoint):
3947         * layout/LayoutContext.h:
3948
3949 2018-05-03  Zalan Bujtas  <zalan@apple.com>
3950
3951         [LFC] Box invalidation logic should go to dedicated classes.
3952         https://bugs.webkit.org/show_bug.cgi?id=185249
3953
3954         Reviewed by Antti Koivisto.
3955
3956         Each formatting context can initiate a different type of invalidation when
3957         style attribute changes in a box.
3958
3959         * Sources.txt:
3960         * WebCore.xcodeproj/project.pbxproj:
3961         * layout/FormattingState.cpp:
3962         (WebCore::Layout::FormattingState::FormattingState):
3963         * layout/FormattingState.h:
3964         (WebCore::Layout::FormattingState::isBlockFormattingState const):
3965         (WebCore::Layout::FormattingState::isInlineFormattingState const):
3966         * layout/LayoutContext.cpp:
3967         (WebCore::Layout::LayoutContext::styleChanged):
3968         (WebCore::Layout::LayoutContext::markNeedsUpdate):