[Coordinated Graphics] Lots of flaky tests
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2016-07-23  Carlos Garcia Campos  <cgarcia@igalia.com>
2
3         [Coordinated Graphics] Lots of flaky tests
4         https://bugs.webkit.org/show_bug.cgi?id=160118
5
6         Reviewed by Michael Catanzaro.
7
8         Since the GTK+ ported to threaded compositor (coordinated graphics) there are a lot of flaky tests in the
9         bots. In manu of the cases the diff shows a different size in the FrameView layer.
10
11         This happens for tests run in the same WTR after fast/fixed-layout/fixed-layout.html. This is what happens:
12
13          1.- Test fast/fixed-layout/fixed-layout.html runs and sets fixed layout to true and fixed layout size to 400x400
14          2.- When it finishes TestController::resetStateToConsistentValues() is called.
15          3.- Blank URL is loaded after state has been updated
16          4.- Then Reset message is handled in the web process and Internals::resetToConsistentState() resets the fixed
17              layout state and size.
18          5.- onresize happens and the handler set in fast/fixed-layout/fixed-layout.html is invoked setting the fixed
19              layout to true and size to 400x400 again.
20          6.- about_blank is then loaded with the fixed layout enabled, as well as other tests after this one.
21
22         In addition to this, coordinated graphics uses a fixedVisibleContentRect in ScrollView that is never reset.
23
24         * platform/ScrollView.cpp:
25         (WebCore::ScrollView::unscaledVisibleContentSizeIncludingObscuredArea): Only use m_fixedVisibleContentRect when
26         fixed layout is enabled.
27         (WebCore::ScrollView::unscaledUnobscuredVisibleContentSize): Ditto.
28         (WebCore::ScrollView::visibleContentRectInternal): Ditto.
29         * testing/Internals.cpp:
30         (WebCore::Internals::resetToConsistentState): Reset also the m_fixedVisibleContentRect.
31
32 2016-07-23  Carlos Garcia Campos  <cgarcia@igalia.com>
33
34         [Coordinated Graphics] Test imported/blink/svg/custom/svg-image-layers-crash.html crashes
35         https://bugs.webkit.org/show_bug.cgi?id=160078
36
37         Reviewed by Michael Catanzaro.
38
39         This is a merge of Blink r155373.
40         https://chromiumcodereview.appspot.com/20789004
41
42         Disable accelerated compositing for SVGImage content layers. SVGImageChromeClient does not support it.
43
44         Fixes imported/blink/svg/custom/svg-image-layers-crash.html.
45
46         * svg/graphics/SVGImage.cpp:
47         (WebCore::SVGImage::dataChanged):
48
49 2016-07-23  Commit Queue  <commit-queue@webkit.org>
50
51         Unreviewed, rolling out r203641.
52         https://bugs.webkit.org/show_bug.cgi?id=160116
53
54         It broke make-based builds (Requested by youenn on #webkit).
55
56         Reverted changeset:
57
58         "[Fetch API] Request should be created with any HeadersInit
59         data"
60         https://bugs.webkit.org/show_bug.cgi?id=159672
61         http://trac.webkit.org/changeset/203641
62
63 2016-07-23  Youenn Fablet  <youenn@apple.com>
64
65         [Fetch API] Request should be created with any HeadersInit data
66         https://bugs.webkit.org/show_bug.cgi?id=159672
67
68         Reviewed by Sam Weinig.
69
70         Made Request use JSBuiltinConstructor.
71         This allows initializing newly created Request with a JS built-in function, initializeFetchRequest.
72         initializeFetchRequest can call @fillFetchHeaders internal built-in to handle any HeadersInit data.
73         Future effort should be made to migrate more initialization code in initializeFetchRequest.
74
75         Made window and worker fetch function as a JS built-in.
76         This becomes more handy as these new functions can construct the Request object.
77         They can then call a single private function that takes a Request object as input.
78         Updated DOMWindowFetch and WorkerGlobalScopeFetch code accordingly.
79
80         To enable this, the binding generator is updated to support runtime-enabled JS built-in functions and
81         private functions atttached to global objects.
82
83         Covered by existing and modified tests.
84         Binding generator test covered by updated binding tests.
85
86         * CMakeLists.txt: Adding DOMWindowFetch.js, FetchRequest.js and WorkerGlobalScopeFetch.js built-in files.
87         * DerivedSources.make: Ditto.
88         * Modules/fetch/DOMWindowFetch.cpp: Removed overloaded fetch and updated according new signature.
89         (WebCore::DOMWindowFetch::fetch):
90         * Modules/fetch/DOMWindowFetch.h: Ditto.
91         * Modules/fetch/DOMWindowFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
92         * Modules/fetch/DOMWindowFetch.js: Added.
93         (fetch):
94         * Modules/fetch/FetchHeaders.h:
95         (WebCore::FetchHeaders::setGuard): Used by FetchRequest when initializing headers.
96         * Modules/fetch/FetchRequest.cpp: 
97         (WebCore::buildHeaders): Removed as implemented in JS.
98         (WebCore::FetchRequest::initializeOptions): Added to handle most of the dictionary initialization.
99         (WebCore::FetchRequest::initializeWith): Method called from built-in constructor function.
100         (WebCore::FetchRequest::setBody): Corresponding to @setBody private method.
101         (WebCore::buildBody): Deleted.
102         * Modules/fetch/FetchRequest.h:
103         * Modules/fetch/FetchRequest.idl:
104         * Modules/fetch/FetchRequest.js: Added.
105         (initializeFetchRequest): Implements fetch Request(input, init) constructor.
106         * Modules/fetch/FetchResponse.cpp:
107         (WebCore::FetchResponse::fetch): Removed the construction of FetchRequest in fetch method since it is done by JS built-in code.
108         * Modules/fetch/FetchResponse.h:
109         * Modules/fetch/WorkerGlobalScopeFetch.cpp: Removed overloaded fetch and updated according new signature.
110         (WebCore::WorkerGlobalScopeFetch::fetch):
111         * Modules/fetch/WorkerGlobalScopeFetch.h: Ditto.
112         * Modules/fetch/WorkerGlobalScopeFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
113         * Modules/fetch/WorkerGlobalScopeFetch.js: Added.
114         (fetch):
115         * bindings/js/WebCoreBuiltinNames.h: Adding fetchRequest, setBody and Request private identifiers.
116         * bindings/scripts/CodeGenerator.pm:
117         (WK_lcfirst): Replacing dOM by dom.
118         * bindings/scripts/CodeGeneratorJS.pm:
119         (GenerateImplementation): Adding support for runtime-enabled built-in methods and private methods.
120         * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
121         (WebCore::JSTestGlobalObject::finishCreation):
122         (WebCore::jsTestGlobalObjectInstanceFunctionTestPrivateFunction):
123         * bindings/scripts/test/ObjC/DOMTestGlobalObject.mm:
124         (-[DOMTestGlobalObject testJSBuiltinFunction]):
125         * bindings/scripts/test/TestGlobalObject.idl: Adding tests for runtime-enabled global built-in methods and private methods.
126
127 2016-07-23  Frederic Wang  <fwang@igalia.com>
128
129         Reset font-style on the <math> element
130         https://bugs.webkit.org/show_bug.cgi?id=160074
131
132         Reviewed by Darin Adler.
133
134         Mathematical formulas with italic font-style render poorly (slanted operators, mathvariant
135         italic etc). We align on Gecko and make the user agent stylesheet reset the font-style to
136         'normal' by default. This addresses the concrete use case of formula inside theorem or
137         proposition statements, which are often written in italic.
138
139         Test: mathml/presentation/math-font-style.html
140
141         * css/mathml.css:
142         (math): Reset the font-style to normal.
143
144 2016-07-23  Frederic Wang  <fwang@igalia.com>
145
146         [MathML] PaintInfo state is not properly restored after applyTransform.
147         https://bugs.webkit.org/show_bug.cgi?id=160077
148
149         Reviewed by Simon Fraser.
150
151         PaintInfo::applyTransform modifies PaintInfo::rect and the original state is not properly
152         restored by GraphicsContextStateSaver. To avoid some weird rendering bugs in MathOperator
153         and RenderMathMLMenclose, we follow what is done in SVG renderers and make a copy of the
154         original PaintInfo before applying the transform.
155
156         Test: mathml/presentation/bug160077.html
157
158         * rendering/mathml/MathOperator.cpp:
159         (WebCore::MathOperator::paint):
160         * rendering/mathml/RenderMathMLMenclose.cpp:
161         (WebCore::RenderMathMLMenclose::paint):
162
163 2016-07-23  Youenn Fablet  <youenn@apple.com>
164
165         [Fetch API] Fetch response stream should enqueue Uint8Array
166         https://bugs.webkit.org/show_bug.cgi?id=160083
167
168         Reviewed by Sam Weinig.
169
170         Covered by updated tests.
171
172         Before enqueuing, ReadableStreamController::enqueue will convert ArrayBuffer as Uint8Array.
173         It also returns a boolean whether the operation is successful or not.
174
175         If returned value is false, calling code will stop loading or if everything is loaded it will refrain from closing the stream.
176         The enqueuing should be succesful except in OutOfMemory cases. This case is not yet handled in test cases.
177
178         Updated the code to remove templated enqueuing as Fetch has no use of it.
179
180         * Modules/fetch/FetchBody.cpp:
181         (WebCore::FetchBody::consumeAsStream): Do not close the stream if enqueuing failed.
182         * Modules/fetch/FetchBodyOwner.cpp:
183         (WebCore::FetchBodyOwner::blobChunk): Stop blob loading if enqueuing failed.
184         * Modules/fetch/FetchResponse.cpp:
185         (WebCore::FetchResponse::BodyLoader::didReceiveData): Stop resource loading if enqueuing failed.
186         (WebCore::FetchResponse::consumeBodyAsStream): Ditto.
187         * Modules/fetch/FetchResponseSource.h:
188         * bindings/js/ReadableStreamController.h:
189         (WebCore::ReadableStreamController::enqueue):
190         (WebCore::ReadableStreamController::enqueue<RefPtr<JSC::ArrayBuffer>>): Deleted.
191
192 2016-07-22  Youenn Fablet  <youenn@apple.com>
193
194         Use a private property to implement FetchResponse.body getter
195         https://bugs.webkit.org/show_bug.cgi?id=159808
196
197         Reviewed by Sam Weinig.
198
199         Covered by existing test sets.
200
201         Previously, body was handled as a CachedAttribute.
202         Using a private property will allow direct use of this property from JS built-ins which will allow easier
203         handling of ReadableStream cloning in Response.clone.
204         Also, this allows removing some binding custom code.
205
206         Updated redirect and error static methods to take NewObject keyword, as this removes a search into cached wrappers.
207         Ditto for createReadableStreamSource.
208
209         * CMakeLists.txt: Removing JSFetchResponseCustom.cpp.
210         * Modules/fetch/FetchResponse.idl: Adding createReadableStreamSource and isDisturbed private functions.
211         Making body getter a JSBuiltin.
212         * Modules/fetch/FetchResponse.js:
213         (body): Adding getter which will call createReadableStreamSource if needed.
214         * WebCore.xcodeproj/project.pbxproj: Removing JSFetchResponseCustom.cpp.
215         * bindings/js/JSFetchResponseCustom.cpp: Removed.
216         * bindings/js/ReadableStreamController.cpp:
217         (WebCore::createReadableStream): Deleted.
218         (WebCore::getReadableStreamReader): Deleted.
219         * bindings/js/ReadableStreamController.h: Removing unneeded ReadableStream helper routine now that they can be
220         handled within JS built-in code.
221         * bindings/js/WebCoreBuiltinNames.h: Adding @createReadableStreamSource, @isDisturbed  and @Response identifiers.
222
223 2016-07-22  Zalan Bujtas  <zalan@apple.com>
224
225         Handle cases when IOSurface initialization fails.
226         https://bugs.webkit.org/show_bug.cgi?id=160006
227         <rdar://problem/27495102>
228
229         Reviewed by Tim Horton and Simon Fraser.
230
231         This is an additional fix to r203514 to check if IOSurface initialization was successful.
232
233         Unable to test.
234
235         * platform/graphics/cg/ImageBufferCG.cpp:
236         (WebCore::ImageBuffer::ImageBuffer):
237         * platform/graphics/cocoa/IOSurface.h: Merge 2 c'tors.
238         * platform/graphics/cocoa/IOSurface.mm: Remove redundant IOSurface::create() code.  
239         (WebCore::IOSurface::create):
240         (WebCore::IOSurface::createFromImage):
241         (WebCore::IOSurface::IOSurface):
242         (WebCore::IOSurface::convertToFormat):
243
244 2016-07-22  Wenson Hsieh  <wenson_hsieh@apple.com>
245
246         Media controls should be displayed for media in media documents
247         https://bugs.webkit.org/show_bug.cgi?id=160104
248         <rdar://problem/27438936>
249
250         Reviewed by Myles C. Maxfield.
251
252         Make videos that would otherwise not have been large enough or have the right
253         aspect ratio cause media controls to appear. This is because media elements in
254         a media document are implied to be main content.
255
256         Added a new API test.
257
258         * html/MediaElementSession.cpp:
259         (WebCore::MediaElementSession::canControlControlsManager):
260
261 2016-07-22  Myles C. Maxfield  <mmaxfield@apple.com>
262
263         All dancers with bunny ears are female
264         https://bugs.webkit.org/show_bug.cgi?id=160102
265         <rdar://problem/27453479>
266
267         Reviewed by Simon Fraser.
268
269         In r203330 I added support for new emoji group candidates. I accidentally
270         missed one of the new emoji code points.
271
272         Tests: editing/deleting/delete-emoji.html:
273                fast/text/emoji-gender-2-9.html:
274                fast/text/emoji-gender-9.html:
275                fast/text/emoji-gender-fe0f-9.html:
276
277         * platform/text/CharacterProperties.h:
278         (WebCore::isEmojiGroupCandidate):
279
280 2016-07-22  Chris Dumez  <cdumez@apple.com>
281
282         Parameter to HTMLCollection.item() / namedItem() should be mandatory
283         https://bugs.webkit.org/show_bug.cgi?id=160099
284
285         Reviewed by Sam Weinig.
286
287         Parameter to HTMLCollection.item() / namedItem() should be mandatory:
288         - https://dom.spec.whatwg.org/#interface-htmlcollection
289         - https://html.spec.whatwg.org/multipage/infrastructure.html#htmlformcontrolscollection
290         - https://html.spec.whatwg.org/multipage/infrastructure.html#the-htmloptionscollection-interface
291
292         Firefox and Chrome agree with the specification.
293
294         No new tests, rebaselined existing tests.
295
296         * bindings/js/JSHTMLFormControlsCollectionCustom.cpp:
297         (WebCore::JSHTMLFormControlsCollection::namedItem):
298         * html/HTMLCollection.idl:
299         * html/HTMLFormControlsCollection.idl:
300         * html/HTMLOptionsCollection.idl:
301
302 2016-07-22  Chris Dumez  <cdumez@apple.com>
303
304         First parameter to Window.getComputedStyle() should be mandatory and non-nullable
305         https://bugs.webkit.org/show_bug.cgi?id=160097
306
307         Reviewed by Ryosuke Niwa.
308
309         First parameter to Window.getComputedStyle() should be mandatory and
310         non-nullable:
311         - https://drafts.csswg.org/cssom/#extensions-to-the-window-interface
312
313         Firefox and Chrome agree with the specification.
314
315         Test: fast/dom/Window/getComputedStyle-missing-parameter.html
316
317         * css/CSSComputedStyleDeclaration.cpp:
318         (WebCore::ComputedStyleExtractor::ComputedStyleExtractor):
319         (WebCore::CSSComputedStyleDeclaration::CSSComputedStyleDeclaration):
320         (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
321         (WebCore::CSSComputedStyleDeclaration::copyProperties):
322         (WebCore::CSSComputedStyleDeclaration::length):
323         (WebCore::CSSComputedStyleDeclaration::item):
324         (WebCore::CSSComputedStyleDeclaration::getPropertyValue):
325         * css/CSSComputedStyleDeclaration.h:
326         * dom/Document.idl:
327         * inspector/InspectorCSSAgent.cpp:
328         (WebCore::InspectorCSSAgent::getComputedStyleForNode):
329         * page/DOMWindow.cpp:
330         (WebCore::DOMWindow::getComputedStyle):
331         * page/DOMWindow.h:
332         * page/DOMWindow.idl:
333         * testing/Internals.cpp:
334         (WebCore::Internals::computedStyleIncludingVisitedInfo):
335         * testing/Internals.h:
336         * testing/Internals.idl:
337
338 2016-07-22  Brady Eidson  <beidson@apple.com>
339
340         Removing IndexedDatabases that have stored blobs doesn't remove the blob files.
341         https://bugs.webkit.org/show_bug.cgi?id=160089
342
343         Reviewed by Darin Adler.
344
345         Tested by API test IndexedDB.StoreBlobThenDelete.
346
347         Blob filenames exist in the IDB directory with the name "[0-9]+.blob".
348         
349         That is, one or more digits, followed by ".blob".
350         
351         So when we delete an IndexedDB.sqlite3 and related files, we should delete those blob files as well.
352         
353         * Modules/indexeddb/server/IDBServer.cpp:
354         (WebCore::IDBServer::removeAllDatabasesForOriginPath):
355
356 2016-07-22  Chris Dumez  <cdumez@apple.com>
357
358         Fix default parameter values for window.alert() / prompt() / confirm()
359         https://bugs.webkit.org/show_bug.cgi?id=160085
360
361         Reviewed by Ryosuke Niwa.
362
363         Fix default parameter values for window.alert() / prompt() / confirm() to
364         match the specification:
365         - https://html.spec.whatwg.org/multipage/browsers.html#the-window-object
366
367         They should default to the empty string, not the string "undefined".
368
369         Firefox and chrome agree with the specification.
370
371         No new tests, updated existing test.
372
373         * page/DOMWindow.h:
374         * page/DOMWindow.idl:
375
376 2016-07-22  Daniel Bates  <dabates@apple.com>
377
378         CSP: object-src and plugin-types directives are not respected for plugin replacements
379         https://bugs.webkit.org/show_bug.cgi?id=159761
380         <rdar://problem/27365724>
381
382         Reviewed by Brent Fulgham.
383
384         Apply the Content Security Policy (CSP) object-src and plugin-types directives to content that will
385         load with a plugin replacement.
386
387         Tests: security/contentSecurityPolicy/object-src-none-blocks-quicktime-plugin-replacement.html
388                security/contentSecurityPolicy/object-src-none-blocks-youtube-plugin-replacement.html
389                security/contentSecurityPolicy/plugins-types-allows-quicktime-plugin-replacement.html
390                security/contentSecurityPolicy/plugins-types-allows-youtube-plugin-replacement.html
391                security/contentSecurityPolicy/plugins-types-blocks-quicktime-plugin-replacement-without-mime-type.html
392                security/contentSecurityPolicy/plugins-types-blocks-quicktime-plugin-replacement.html
393                security/contentSecurityPolicy/plugins-types-blocks-youtube-plugin-replacement-without-mime-type.html
394                security/contentSecurityPolicy/plugins-types-blocks-youtube-plugin-replacement.html
395
396         * html/HTMLPlugInImageElement.cpp:
397         (WebCore::HTMLPlugInImageElement::allowedToLoadPluginContent): Added.
398         (WebCore::HTMLPlugInImageElement::requestObject): Only request loading plugin content if we
399         are allowed to load such content.
400         * html/HTMLPlugInImageElement.h:
401         * loader/SubframeLoader.cpp:
402         (WebCore::SubframeLoader::pluginIsLoadable): Removed code to check CSP as we will check CSP
403         earlier in HTMLPlugInImageElement::requestObject().
404         (WebCore::SubframeLoader::requestPlugin): Ditto.
405         (WebCore::SubframeLoader::isPluginContentAllowedByContentSecurityPolicy): Deleted; moved implementation
406         to HTMLPlugInImageElement::allowedToLoadPluginContent().
407         (WebCore::SubframeLoader::requestObject): Deleted.
408         * loader/SubframeLoader.h:
409         * page/csp/ContentSecurityPolicy.cpp:
410         (WebCore::ContentSecurityPolicy::upgradeInsecureRequestIfNeeded): Changed signature from a non-const
411         function to a const function since these functions do not modify |this|.
412         * page/csp/ContentSecurityPolicy.h: 
413
414 2016-07-22  Chris Dumez  <cdumez@apple.com>
415
416         Parameters to Node.replaceChild() / insertBefore() should be mandatory
417         https://bugs.webkit.org/show_bug.cgi?id=160091
418
419         Reviewed by Darin Adler.
420
421         Parameters to Node.replaceChild() / insertBefore() should be mandatory:
422         - https://dom.spec.whatwg.org/#node
423
424         The compatibility risk should be low since Firefox and Chrome both agree
425         with the specification and because it does not make much sense to omit
426         parameters when using this API.
427
428         No new tests, rebaselined existing tests.
429
430         * bindings/js/JSNodeCustom.cpp:
431         (WebCore::JSNode::insertBefore):
432         (WebCore::JSNode::replaceChild):
433
434 2016-07-22  Chris Dumez  <cdumez@apple.com>
435
436         Parameter to Node.contains() should be mandatory
437         https://bugs.webkit.org/show_bug.cgi?id=160084
438
439         Reviewed by Darin Adler.
440
441         Parameter to Node.contains() should be mandatory as per the
442         specification:
443         - https://dom.spec.whatwg.org/#node
444
445         The compatibility risk should be low because both Firefox and Chrome
446         both agree with the specification. Also, it does not make much sense
447         to call this API without parameter.
448
449         No new tests, rebaselined existing tests.
450
451         * dom/Node.idl:
452
453 2016-07-22  Said Abou-Hallawa  <sabouhallawa@apple.com>
454
455         [iOS] REGRESSION(203378): PDFDocumentImage::updateCachedImageIfNeeded() uses the unscaled size when deciding whether to cache the PDF image
456         https://bugs.webkit.org/show_bug.cgi?id=159933
457
458         Reviewed by Simon Fraser.
459
460         We need to use the scaled size when deciding whether to cache the PDF image
461         or not. This is because ImageBuffer takes the display resolution into account
462         which gives higher resolution for the image when zooming.
463
464         * platform/graphics/cg/PDFDocumentImage.cpp:
465         (WebCore::PDFDocumentImage::updateCachedImageIfNeeded):
466
467 2016-07-22  Chris Dumez  <cdumez@apple.com>
468
469         First parameter to getElementById() should be mandatory
470         https://bugs.webkit.org/show_bug.cgi?id=160087
471
472         Reviewed by Darin Adler.
473
474         First parameter to getElementById() should be mandatory:
475         - https://dom.spec.whatwg.org/#nonelementparentnode
476         - https://www.w3.org/TR/SVG/struct.html#InterfaceSVGSVGElement
477
478         Both Firefox and Chrome agree with the specification.
479
480         Test: svg/dom/SVGSVGElement-getElementById.html
481
482         * dom/NonElementParentNode.idl:
483         * svg/SVGSVGElement.idl:
484
485 2016-07-22  Chris Dumez  <cdumez@apple.com>
486
487         Parameter to Node.lookupPrefix() / lookupNamespaceURI() / isDefaultNamespace() should be mandatory
488         https://bugs.webkit.org/show_bug.cgi?id=160086
489
490         Reviewed by Darin Adler.
491
492         Parameter to Node.lookupPrefix() / lookupNamespaceURI() / isDefaultNamespace()
493         should be mandatory:
494         - https://dom.spec.whatwg.org/#node
495
496         Firefox and Chrome both agree with the specification.
497
498         No new tests, rebaselined existing tests.
499
500         * dom/Node.idl:
501
502 2016-07-22  Chris Dumez  <cdumez@apple.com>
503
504         Parameter to Node.compareDocumentPosition() should be mandatory and non-nullable
505         https://bugs.webkit.org/show_bug.cgi?id=160071
506
507         Reviewed by Ryosuke Niwa.
508
509         
510         Parameter to Node.compareDocumentPosition() should be mandatory and
511         non-nullable:
512         - https://dom.spec.whatwg.org/#interface-node
513
514         Firefox and Chrome agree with the specification so the compatibility
515         risk should be low. Also, it does not make much sense to call this
516         operation without parameter.
517
518         No new tests, rebaselined existing tests.
519
520         * accessibility/AccessibilityObject.cpp:
521         (WebCore::rangeClosestToRange):
522         * dom/AuthorStyleSheets.cpp:
523         (WebCore::AuthorStyleSheets::addStyleSheetCandidateNode):
524         * dom/Node.cpp:
525         (WebCore::compareDetachedElementsPosition):
526         (WebCore::Node::compareDocumentPosition):
527         * dom/Node.h:
528         * dom/Node.idl:
529         * dom/Position.h:
530         (WebCore::operator<):
531         * html/HTMLFormElement.cpp:
532         (WebCore::HTMLFormElement::formElementIndexWithFormAttribute):
533         (WebCore::HTMLFormElement::formElementIndex):
534         * rendering/RenderNamedFlowThread.cpp:
535         (WebCore::RenderNamedFlowThread::nextRendererForElement):
536         (WebCore::compareRenderNamedFlowFragments):
537         (WebCore::RenderNamedFlowThread::registerNamedFlowContentElement):
538
539 2016-07-22  Konstantin Tokarev  <annulen@yandex.ru>
540
541         [cmake] Removed obsolete plugins/win directory
542         https://bugs.webkit.org/show_bug.cgi?id=160081
543
544         Reviewed by Per Arne Vollan.
545
546         It was removed in r178219.
547
548         No new tests needed.
549
550         * PlatformWin.cmake:
551
552 2016-07-22  Youenn Fablet  <youenn@apple.com>
553
554         run-builtins-generator-tests should be able to test WebCore builtins wrapper with more than one file
555         https://bugs.webkit.org/show_bug.cgi?id=159921
556
557         Reviewed by Brian Burg.
558
559         Covered by existing and added built-ins tests.
560
561         Updating built system according ---wrappers-only new meaning.
562         builtin generator is now called for each individual built-in file plus once for WebCore wrapper files.
563         WebCore wrapper files allow handling things like conditionally guarded features.
564         They also remove the need to use built-ins macros outside generated code.
565
566         * CMakeLists.txt:
567         * DerivedSources.make:
568
569 2016-07-21  Frederic Wang  <fwang@igalia.com>
570
571         Move parsing of accentunder and accent attributes from renderer to element classes
572         https://bugs.webkit.org/show_bug.cgi?id=159625
573
574         Reviewed by Brent Fulgham.
575
576         We introduce a new MathMLUnderOverElement that is used for elements munder, mover and
577         munderover in order to create RenderMathMLUnderOver and parse and expose the values of the
578         accent and accentunder attributes. This is one more step toward moving MathML attribute
579         parsing to the DOM (bug 156536). We also do minor clean-up for this and previous renderer
580         classes that no longer do attribute parsing: the MathMLNames namespace is no longer necessary
581         and constructors can take a more accurate element type.
582
583         No new tests, already covered by existing test.
584
585         * CMakeLists.txt: Add MathMLUnderOverElement files.
586         * WebCore.xcodeproj/project.pbxproj: Ditto.
587         * mathml/MathMLAllInOne.cpp: Ditto.
588         * mathml/MathMLElement.cpp:
589         (WebCore::MathMLElement::cachedBooleanAttribute): Add parsing of boolean attributes.
590         * mathml/MathMLElement.h: New type and helper functions for boolean attributes.
591         * mathml/MathMLInlineContainerElement.cpp:
592         (WebCore::MathMLInlineContainerElement::createElementRenderer): Remove handling of
593         under/over/underover elements.
594         * mathml/MathMLScriptsElement.cpp:
595         (WebCore::MathMLScriptsElement::MathMLScriptsElement): Remove inline keyword to avoid link
596         errors now that MathMLUnderOverElement overrides that class.
597         * mathml/MathMLScriptsElement.h: Allow MathMLUnderOverElement to override this class.
598         * mathml/MathMLUnderOverElement.cpp:
599         (WebCore::MathMLUnderOverElement::MathMLUnderOverElement):
600         (WebCore::MathMLUnderOverElement::create):
601         (WebCore::MathMLUnderOverElement::accent): Helper function to access the accent value.
602         (WebCore::MathMLUnderOverElement::accentUnder): Helper function to access the accentunder value.
603         (WebCore::MathMLUnderOverElement::parseAttribute): Make accent and accentunder dirty.
604         (WebCore::MathMLUnderOverElement::createElementRenderer): Create RenderMathMLUnderOver
605         * mathml/MathMLUnderOverElement.h:
606         * mathml/mathtags.in: Map under/over/underover to MathMLUnderOverElement.
607         * rendering/mathml/RenderMathMLFraction.cpp: Remove MathMLNames and make the constructor
608         take a MathMLFractionElement.
609         (WebCore::RenderMathMLFraction::RenderMathMLFraction):
610         * rendering/mathml/RenderMathMLFraction.h:
611         * rendering/mathml/RenderMathMLPadded.cpp: Remove MathMLNames and make the constructor
612         take a MathMLPaddedElement.
613         (WebCore::RenderMathMLPadded::RenderMathMLPadded):
614         * rendering/mathml/RenderMathMLPadded.h:
615         * rendering/mathml/RenderMathMLScripts.cpp: Remove MathMLNames and make the constructor
616         take a MathMLScriptsElement. Also rename scriptsElement() to element().
617         (WebCore::RenderMathMLScripts::RenderMathMLScripts):
618         (WebCore::RenderMathMLScripts::element):
619         (WebCore::RenderMathMLScripts::getScriptMetricsAndLayoutIfNeeded):
620         (WebCore::RenderMathMLScripts::scriptsElement): Deleted.
621         * rendering/mathml/RenderMathMLScripts.h:
622         * rendering/mathml/RenderMathMLUnderOver.cpp: Remove MathMLNames and make the constructor
623         take a RenderMathMLUnderOver.
624         (WebCore::RenderMathMLUnderOver::RenderMathMLUnderOver):
625         (WebCore::RenderMathMLUnderOver::element):
626         (WebCore::RenderMathMLUnderOver::hasAccent): Use the helper functions for accent and accentunder.
627         * rendering/mathml/RenderMathMLUnderOver.h:
628
629 2016-07-21  Chris Dumez  <cdumez@apple.com>
630
631         Parameter to Node.isSameNode() / isEqualNode() should be mandatory
632         https://bugs.webkit.org/show_bug.cgi?id=160070
633
634         Reviewed by Ryosuke Niwa.
635
636         Parameter to Node.isSameNode() / isEqualNode() should be mandatory as
637         per the specification:
638         - https://dom.spec.whatwg.org/#interface-node
639
640         Chrome and Firefox agree with the specification (although Firefox does
641         not support isSameNode()).
642
643         No new tests, rebaselined existing tests.
644
645         * dom/Node.idl:
646
647 2016-07-21  Chris Dumez  <cdumez@apple.com>
648
649         Parameter to Document.createEvent() should be mandatory
650         https://bugs.webkit.org/show_bug.cgi?id=160065
651
652         Reviewed by Darin Adler.
653
654         Parameter to Document.createEvent() should be mandatory as per the
655         specification:
656         - https://dom.spec.whatwg.org/#document
657
658         We already throw anyway when the parameter is omitted because we use
659         "undefined" as event type, which is invalid. However, we throw the
660         wrong exception.
661
662         Firefox and Chrome agree with the specification here.
663
664         No new tests, rebaselined existing tests.
665
666         * dom/Document.idl:
667
668 2016-07-21  Brian Burg  <bburg@apple.com>
669
670         REGRESSION(r62549): Objective-C DOM bindings sometimes fail to regenerate when CodeGenerator.pm is modified
671         https://bugs.webkit.org/show_bug.cgi?id=160031
672
673         Reviewed by Darin Adler.
674
675         This bug was caused by a refactoring 6 years ago. Not all uses of a variable
676         were renamed, so the ObjC bindings target pattern was not specifying any
677         build scripts as target dependencies.
678
679         * DerivedSources.make: Standardize on {COMMON,JS,DOM}_BINDINGS_SCRIPTS.
680
681 2016-07-21  Darin Adler  <darin@apple.com>
682
683         Remove unneeded content attribute name "playsinline"
684         https://bugs.webkit.org/show_bug.cgi?id=160069
685
686         Reviewed by Chris Dumez.
687
688         * html/HTMLVideoElement.idl: Removed explicit content attribute name on Reflect
689         attribute since it is the same as the name that the code generator will generate.
690
691 2016-07-21  Chris Dumez  <cdumez@apple.com>
692
693         Make parameters to Element.getElementsBy*() operations mandatory
694         https://bugs.webkit.org/show_bug.cgi?id=160060
695
696         Reviewed by Darin Adler.
697
698         Make parameters to Element.getElementsBy*() operations mandatory to
699         match the specification:
700         - https://dom.spec.whatwg.org/#interface-element
701
702         Firefox and Chrome agree with the specification so the compatibility
703         risk should be low.
704
705         It makes very little sense to call these operations without parameter,
706         especially considering WebKit uses the string "undefined" if the
707         parameter is omitted.
708
709         No new tests, rebaselined existing tests.
710
711         * dom/Element.idl:
712
713 2016-07-21  Chris Dumez  <cdumez@apple.com>
714
715         Make parameters mandatory for attribute-related API on Element
716         https://bugs.webkit.org/show_bug.cgi?id=160059
717
718         Reviewed by Ryosuke Niwa.
719
720         Make parameters mandatory for attribute-related API on Element to match
721         the specification:
722         - https://dom.spec.whatwg.org/#element
723
724         Firefox and Chrome agree with the specification. Calling this API
725         without the parameters does not make much sense, especially considering
726         WebKit uses the string "undefined" when the parameter is omitted.
727
728         No new tests, rebaselined existing tests.
729
730         * dom/Element.idl:
731
732 2016-07-21  Myles C. Maxfield  <mmaxfield@apple.com>
733
734         Remove support for deprecated SPI inlineMediaPlaybackRequiresPlaysInlineAttribute
735         https://bugs.webkit.org/show_bug.cgi?id=160066
736
737         Reviewed by Dean Jackson.
738
739         r203520 deprecated inlineMediaPlaybackRequiresPlaysInlineAttribute in favor of
740         allowsInlineMediaPlaybackWithPlaysInlineAttribute and
741         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute. The old
742         inlineMediaPlaybackRequiresPlaysInlineAttribute is SPI and was never released
743         to the public. Therefore, it can be removed safely.
744
745         No new tests because there is no behavior change.
746
747         * page/Settings.cpp:
748         * page/Settings.in:
749         * testing/InternalSettings.cpp:
750         (WebCore::InternalSettings::Backup::Backup): Deleted.
751         (WebCore::InternalSettings::Backup::restoreTo): Deleted.
752         (WebCore::InternalSettings::setInlineMediaPlaybackRequiresPlaysInlineAttribute): Deleted.
753         * testing/InternalSettings.h:
754         * testing/InternalSettings.idl:
755
756 2016-07-21  Dean Jackson  <dino@apple.com>
757
758         REGRESSION (r202927): The internal size of the ImageBuffer is scaled twice by the context scaleFactor
759         https://bugs.webkit.org/show_bug.cgi?id=159981
760         <rdar://problem/27429465>
761
762         Reviewed by Myles Maxfield.
763
764         The change to propagate color spaces through ImageBuffers created an
765         alternate version of createCompatibleBuffer. This version accidentally
766         attempted to take the display resolution (i.e. hidpi) into account
767         when creating the buffer, which meant it was being applied twice.
768
769         The fix is simply to remove that logic. The caller of the method
770         will take the resolution into account, the same way they did
771         with the old createCompatibleBuffer method.
772
773         Test: fast/hidpi/pdf-image-scaled.html
774
775         * platform/graphics/cg/ImageBufferCG.cpp:
776         (WebCore::ImageBuffer::createCompatibleBuffer): Don't calculate
777         a resolution - just use the value of 1.0.
778
779 2016-07-21  John Wilander  <wilander@apple.com>
780
781         Block mixed content synchronous XHR
782         https://bugs.webkit.org/show_bug.cgi?id=105462
783         <rdar://problem/13666424>
784
785         Reviewed by Brent Fulgham.
786
787         Test: http/tests/security/mixedContent/insecure-xhr-sync-in-main-frame.html
788
789         * loader/DocumentThreadableLoader.cpp:
790         (WebCore::DocumentThreadableLoader::loadRequest):
791
792 2016-07-21  Chris Dumez  <cdumez@apple.com>
793
794         Make parameters to Document.getElementsBy*() operations mandatory
795         https://bugs.webkit.org/show_bug.cgi?id=160050
796
797         Reviewed by Daniel Bates.
798
799         Make parameters to Document.getElementsBy*() operations mandatory to
800         match the specification:
801         - https://dom.spec.whatwg.org/#interface-document
802
803         Firefox and Chrome agree with the specification so the compatibility
804         risk should be low.
805
806         It makes very little sense to call these operations without parameter,
807         especially considering WebKit uses the string "undefined" if the
808         parameter is omitted.
809
810         No new tests, rebaselined existing tests.
811
812         * dom/Document.idl:
813
814 2016-07-21  Nan Wang  <n_wang@apple.com>
815
816         AX: aria-label not being used correctly in accessible name calculation of heading
817         https://bugs.webkit.org/show_bug.cgi?id=160009
818
819         Reviewed by Chris Fleizach.
820
821         Actually we are exposing the correct information for heading objects. On macOS, 
822         VoiceOver should handle the logic that picks the right information to speak.
823         On iOS, VoiceOver is speaking the static text child instead of the heading object.
824         So we should set the accessibilityLabel of the static text based on the parent's 
825         alternate label.
826
827         Test: accessibility/ios-simulator/heading-with-aria-label.html
828
829         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
830         (-[WebAccessibilityObjectWrapper _accessibilityTraitsFromAncestors]):
831
832 2016-07-21  Saam Barati  <sbarati@apple.com>
833
834         op_add/ValueAdd should be an IC in all JIT tiers
835         https://bugs.webkit.org/show_bug.cgi?id=159649
836
837         Reviewed by Benjamin Poulain.
838
839         * ForwardingHeaders/jit/JITMathICForwards.h: Added.
840
841 2016-07-21  Chris Dumez  <cdumez@apple.com>
842
843         Make parameters mandatory for Document.create*() operations
844         https://bugs.webkit.org/show_bug.cgi?id=160047
845
846         Reviewed by Ryosuke Niwa.
847
848         Make parameters mandatory for Document.create*() operations:
849         createTextNode(), createComment(), createCDataSection(),
850         createAttribute() and createProcessingInstruction().
851
852         This matches the specification:
853         - https://dom.spec.whatwg.org/#interface-document
854
855         Firefox and Chrome both agree with the specification so the
856         compatibility risk should be low. Also WebKit uses the string
857         "undefined" when the parameter is omitted, which is not very
858         helpful.
859
860         No new tests, rebaselined existing tests.
861
862         * dom/Document.idl:
863
864 2016-07-21  Chris Dumez  <cdumez@apple.com>
865
866         Fix null handling of SVGAngle/SVGLength.valueAsString attribute
867         https://bugs.webkit.org/show_bug.cgi?id=160025
868
869         Reviewed by Ryosuke Niwa.
870
871         Fix null handling of SVGAngle/SVGLength.valueAsString attribute
872         to match the specification:
873         - https://www.w3.org/TR/SVG2/types.html#InterfaceSVGAngle
874         - https://www.w3.org/TR/SVG2/types.html#InterfaceSVGLength
875
876         In particular, this patch drops [TreatNullAs=EmptyString] IDL
877         extended attribute from this attribute. This is not supposed
878         to change behavior given that both "" and "null" are invalid
879         numbers and the specification says to throw a SYNTAX_ERR in
880         this case.
881
882         However, WebKit currently ignores assignments to "" instead
883         of throwing. As a result, assigning to null will now throw
884         instead of being ignored. The compatibility risk should be
885         low because both Firefox and Chrome throw when assigning
886         null.
887
888         I did not change the behavior when assigning to "" because
889         it is a bit out of scope for this patch and browsers to not
890         seem to agree:
891         - Firefox throws
892         - Chrome set value to "0"
893         - WebKit ignores the assignment
894
895         The specification seems to agree with Firefox as far as I
896         can tell given that "" is not a valid number as per:
897         - https://www.w3.org/TR/css3-values/#numbers
898
899         Test: svg/dom/valueAsString-null.html
900
901         * svg/SVGAngle.idl:
902         * svg/SVGLength.idl:
903
904 2016-07-21  Chris Dumez  <cdumez@apple.com>
905
906         Fix null handling of HTMLFontElement.color
907         https://bugs.webkit.org/show_bug.cgi?id=160036
908
909         Reviewed by Ryosuke Niwa.
910
911         Fix null handling of HTMLFontElement.color to match the specification:
912         - https://html.spec.whatwg.org/#htmlfontelement
913
914         We are supposed to treat null as the empty string. Both Firefox and
915         Chrome agree with the specification.
916
917         No new tests, rebaselined existing tests.
918
919         * html/HTMLFontElement.idl:
920
921 2016-07-21  Chris Dumez  <cdumez@apple.com>
922
923         Fix null handling for several HTMLTableElement attributes
924         https://bugs.webkit.org/show_bug.cgi?id=160041
925
926         Reviewed by Ryosuke Niwa.
927
928         Fix null handling for several HTMLTableElement attributes to match the
929         specification:
930         - https://html.spec.whatwg.org/#HTMLTableElement-partial
931
932         The attributes in question are 'bicolor', 'cellSpacing' and
933         'cellPadding'. We are supposed to treat null as the empty string for
934         these attributes.
935
936         Firefox and Chrome both agree with the specification.
937
938         No new tests, rebaselined existing tests.
939
940         * html/HTMLTableElement.idl:
941
942 2016-07-21  Chris Dumez  <cdumez@apple.com>
943
944         Fix null handling for HTMLObjectElement.border
945         https://bugs.webkit.org/show_bug.cgi?id=160040
946
947         Reviewed by Ryosuke Niwa.
948
949         Fix null handling for HTMLObjectElement.border to match the specification:
950         - https://html.spec.whatwg.org/#HTMLObjectElement-partial
951
952         We are supposed to treat null as the empty string.
953
954         Both Firefox and Chrome agree with the specification.
955
956         No new tests, rebaselined existing tests.
957
958         * html/HTMLObjectElement.idl:
959
960 2016-07-21  Chris Dumez  <cdumez@apple.com>
961
962         Fix null handling for td.bgColor / tr.bgColor
963         https://bugs.webkit.org/show_bug.cgi?id=160043
964
965         Reviewed by Ryosuke Niwa.
966
967         Fix null handling for td.bgColor / tr.bgColor to match the
968         specification:
969         - https://html.spec.whatwg.org/#HTMLTableCellElement-partial
970         - https://html.spec.whatwg.org/#HTMLTableRowElement-partial
971
972         We are supposed to treat null as the empty string.
973
974         Firefox and Chrome both agree with the specification.
975
976         No new tests, rebaselined existing tests.
977
978         * html/HTMLTableCellElement.idl:
979         * html/HTMLTableRowElement.idl:
980
981 2016-07-21  Chris Dumez  <cdumez@apple.com>
982
983         Fix null handling for several HTMLBodyElement attributes
984         https://bugs.webkit.org/show_bug.cgi?id=160044
985
986         Reviewed by Ryosuke Niwa.
987
988         Fix null handling for several HTMLBodyElement attributes to match the
989         specification:
990         - https://html.spec.whatwg.org/#HTMLBodyElement-partial
991
992         The attributes in question are: 'text', 'link', 'vlink', 'alink' and
993         'bgcolor'.
994
995         We are supposed to treat null as the empty string for these attributes.
996
997         Firefox and Chrome both agree with the specification.
998
999         No new tests, rebaselined existing tests.
1000
1001         * html/HTMLBodyElement.idl:
1002
1003 2016-07-21  Chris Dumez  <cdumez@apple.com>
1004
1005         Fix null handling for HTMLIFrameElement.marginWidth / marginHeight
1006         https://bugs.webkit.org/show_bug.cgi?id=160037
1007
1008         Reviewed by Ryosuke Niwa.
1009
1010         Fix null handling for HTMLIFrameElement.marginWidth / marginHeight to
1011         match the specification:
1012         - https://html.spec.whatwg.org/#HTMLIFrameElement-partial
1013
1014         We are supposed to treat null as the empty string. Both Firefox and
1015         Chrome agree with the specification.
1016
1017         No new tests, rebaselined existing tests.
1018
1019         * html/HTMLIFrameElement.idl:
1020
1021 2016-07-21  Chris Dumez  <cdumez@apple.com>
1022
1023         Fix null handling for HTMLImageElement.border
1024         https://bugs.webkit.org/show_bug.cgi?id=160039
1025
1026         Reviewed by Ryosuke Niwa.
1027
1028         Fix null handling for HTMLImageElement.border to match the specification:
1029         - https://html.spec.whatwg.org/#HTMLImageElement-partial
1030
1031         We are supposed to treat null as the empty string.
1032
1033         Both Firefox and Chrome agree with the specification.
1034
1035         No new tests, rebaselined existing tests.
1036
1037         * html/HTMLImageElement.idl:
1038
1039 2016-07-21  Daniel Bates  <dabates@apple.com>
1040
1041         REGRESSION: Plugin replaced YouTube Flash videos always have the same width
1042         https://bugs.webkit.org/show_bug.cgi?id=159998
1043         <rdar://problem/27462285>
1044
1045         Reviewed by Simon Fraser.
1046
1047         Fixes an issue where the width of a plugin replaced YouTube video loaded via an HTML embed
1048         element would always have the same width regardless of value of the width attribute.
1049
1050         For YouTube Flash videos the YouTube plugin replacement substitutes a shadow DOM subtree
1051         for the default renderer of an HTML embed element. The root of this shadow DOM subtree
1052         is an HTML div element. Currently we set inline styles on this <div> when it is instantiated.
1053         In particular, we set inline display and position to "inline-block" and "relative", respectively,
1054         and set an invalid height and width (we specify a font weight value instead of a CSS length value
1055         - this causes an ASSERT_NOT_REACHED() assertion failure in StyleBuilderConverter::convertLengthSizing()
1056         in a debug build). These styles never worked as intended and we ultimately created an inline
1057         renderer (ignoring display "inline-block") that had auto width and height. Instead it is sufficient
1058         to remove all these inline styles and create a RenderBlockFlow renderer for this <div> so that it
1059         renders as a block, non-replaced element to achieve the intended illusion that the <embed> is a
1060         single element.
1061
1062         * html/shadow/YouTubeEmbedShadowElement.cpp: Remove unused header HTMLEmbedElement.h and include
1063         header RenderBlockFlow.h. Also update copyright in license block.
1064         (WebCore::YouTubeEmbedShadowElement::YouTubeEmbedShadowElement): Remove inline styles as these
1065         never worked as intended.
1066         (WebCore::YouTubeEmbedShadowElement::createElementRenderer): Override; create a block-flow
1067         renderer for us so that we layout as a block, non-replaced element.
1068         * html/shadow/YouTubeEmbedShadowElement.h:
1069
1070 2016-07-21  Myles C. Maxfield  <mmaxfield@apple.com>
1071
1072         [iPhone] Playing a video on tudou.com plays only sound, no video
1073         https://bugs.webkit.org/show_bug.cgi?id=159967
1074         <rdar://problem/26964090>
1075
1076         Reviewed by Jon Lee, Jeremy Jones, and Anders Carlsson.
1077
1078         WebKit recently starting honoring the playsinline and webkit-playsinline
1079         attribute on iPhones. However, because these attributes previously did
1080         nothing, some sites (such as Todou) were setting them on their content
1081         and expecting that they are not honored. In this specific case, the
1082         video is absolutely positioned to be 1 pixel x 1 pixel.
1083
1084         Previously, with iOS 9, apps could set the allowsInlineMediaPlayback
1085         property on their WKWebView, which would honor the webkit-playsinline
1086         attribute. Safari on iPhones didn't do this.
1087
1088         In order to not break these existing apps, it's important that the
1089         allowsInlineMediaPlayback preference still allows webkit-playsinline
1090         videos to play inline in apps using WKWebView. However, in Safari, these
1091         videos should play fullscreen. (Todou videos have webkit-playsinline
1092         but not playsinline.)
1093
1094         Therefore, in Safari, videos with playsinline should be inline, but
1095         videos with webkit-playsinline should be fullscreen. In apps using
1096         WKWebViews, if the app sets allowsInlineMediaPlayback, then videos with
1097         playsinline should be inline, and videos with webkit-playsinline should
1098         also be inline. Videos on iPad and Mac should all be inline by default.
1099
1100         We can create some truth tables for the cases which need to be covered:
1101
1102         All apps on Mac / iPad:
1103         Presence of playsinline | Presence of webkit-playsinline | Result
1104         ========================|================================|===========
1105         Not present             | Not present                    | Inline
1106         Present                 | Not present                    | Inline
1107         Not Present             | Present                        | Inline
1108         Present                 | Present                        | Inline
1109
1110         Safari on iPhone:
1111         Presence of playsinline | Presence of webkit-playsinline | Result
1112         ========================|================================|===========
1113         Not present             | Not present                    | Fullscreen
1114         Present                 | Not present                    | Inline
1115         Not Present             | Present                        | Fullscreen
1116         Present                 | Present                        | Inline
1117
1118         App on iPhone which sets allowsInlineMediaPlayback:
1119         Presence of playsinline | Presence of webkit-playsinline | Result
1120         ========================|================================|===========
1121         Not present             | Not present                    | Fullscreen
1122         Present                 | Not present                    | Inline
1123         Not Present             | Present                        | Inline
1124         Present                 | Present                        | Inline
1125
1126         The way to distinguish Safari from another app is to create an SPI
1127         boolean preference which Safari can set. This is already how the
1128         iPhone and iPad are differentiated using the requiresPlayInlineAttribute
1129         which Safari sets but other apps don't. However, this preference is
1130         no longer sufficient because Safari should now be discriminating
1131         between the playsinline and webkit-playsinline attributes. Therefore,
1132         this preference should be extended to two boolean preferences, which
1133         this patch adds:
1134
1135         allowsInlineMediaPlaybackWithPlaysInlineAttribute
1136         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute
1137
1138         Safari on iPhone will set
1139         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to true,
1140         and allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to
1141         false. Other apps on iPhone will get their defaults values (because they
1142         are SPI) which means they will both be true. On iPad and Mac, apps will
1143         use the defaults values where both are false.
1144
1145         This patch adds support for these two preferences, but does not remove
1146         the existing inlineMediaPlaybackRequiresPlaysInlineAttribute preference.
1147         I will remove the exising preference as soon as I update Safari to migrate
1148         off of it.
1149
1150         Test: media/video-playsinline.html
1151
1152         * html/MediaElementSession.cpp:
1153         (WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):
1154         * page/Settings.cpp:
1155         * page/Settings.in:
1156         * testing/InternalSettings.cpp:
1157         (WebCore::InternalSettings::Backup::Backup):
1158         (WebCore::InternalSettings::Backup::restoreTo):
1159         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithPlaysInlineAttribute):
1160         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute):
1161         * testing/InternalSettings.h:
1162         * testing/InternalSettings.idl:
1163
1164 2016-07-21  Ryosuke Niwa  <rniwa@webkit.org>
1165
1166         Crash accessing null renderer inside WebCore::DeleteSelectionCommand::doApply
1167         https://bugs.webkit.org/show_bug.cgi?id=160011
1168
1169         Reviewed by Chris Dumez.
1170
1171         Add a null pointer check for renderer() call.
1172
1173         Unfortunately no new tests since we don't have a reproduction.
1174
1175         * editing/DeleteSelectionCommand.cpp:
1176         (WebCore::DeleteSelectionCommand::doApply):
1177
1178 2016-07-21  Chris Dumez  <cdumez@apple.com>
1179
1180         The 2 first parameters to DOMImplementation.createDocument() should be mandatory
1181         https://bugs.webkit.org/show_bug.cgi?id=160030
1182
1183         Reviewed by Sam Weinig.
1184
1185         The 2 first parameters to DOMImplementation.createDocument() should be mandatory
1186         as per the specification:
1187         - https://dom.spec.whatwg.org/#domimplementation
1188
1189         Firefox and Chrome both agree with the specification. However, those
1190         parameters were marked as optional in WebKit. Calling this function
1191         without parameters would create a document element whose tag is the
1192         string "undefined", which does not seem helpful. This patch thus
1193         aligns our behavior with the specification and other browsers.
1194
1195         No new tests, rebaselined existing tests.
1196
1197         * dom/DOMImplementation.idl:
1198
1199 2016-07-21  Chris Dumez  <cdumez@apple.com>
1200
1201         Kill legacy valueToStringWithNullCheck() utility function
1202         https://bugs.webkit.org/show_bug.cgi?id=159991
1203
1204         Reviewed by Sam Weinig.
1205
1206         Kill legacy valueToStringWithNullCheck() utility function. Treating null as
1207         a null string is legacy behavior so drop this function so that people are
1208         not tempted to use it. We should be using either:
1209         1. JSValue::toWTFString() for non-nullable DOMStrings
1210         2. valueToStringWithUndefinedOrNullCheck() for nullable DOMStrings
1211         3. valueToStringTreatingNullAsEmptyString() for strings with [TreatNullAs=EmptyString]
1212
1213         No new tests, no web-exposed behavior change.
1214
1215         * bindings/js/JSDOMBinding.cpp:
1216         (WebCore::valueToStringWithNullCheck): Deleted.
1217         * bindings/js/JSDOMBinding.h:
1218         * bindings/js/JSHTMLFrameElementCustom.cpp:
1219         (WebCore::JSHTMLFrameElement::setLocation):
1220         * html/HTMLFrameElement.idl:
1221
1222 2016-07-21  Zalan Bujtas  <zalan@apple.com>
1223
1224         Do not keep invalid IOSurface in ImageBufferData.
1225         https://bugs.webkit.org/show_bug.cgi?id=160005
1226         <rdar://problem/27208636>
1227
1228         Reviewed by Simon Fraser.
1229
1230         When we fail to initialize the IOSurface for the accelerated context, we switch over to
1231         the non-accelerated code path. Since ImageBufferData::surface is used to indicate whether
1232         the graphics context is in accelerated mode, we need to reset it when the initialization fails.
1233
1234         Unable to create a test case.
1235
1236         * platform/graphics/cg/ImageBufferCG.cpp:
1237         (WebCore::ImageBuffer::ImageBuffer):
1238
1239 2016-07-21  Chris Dumez  <cdumez@apple.com>
1240
1241         playsInline IDL attribute has the wrong casing
1242         https://bugs.webkit.org/show_bug.cgi?id=160029
1243         <rdar://problem/27474031>
1244
1245         Reviewed by Jon Lee.
1246
1247         Fix case from video.playsinline to video.playsInline in order to match
1248         the specification:
1249         - https://html.spec.whatwg.org/multipage/embedded-content.html#the-video-element:dom-video-playsinline
1250
1251         It still reflects the "playsinline" content attribute though, as per
1252         the specification:
1253         - https://html.spec.whatwg.org/multipage/embedded-content.html#dom-video-playsinline
1254
1255         No new tests, updated existing test.
1256
1257         * html/HTMLVideoElement.idl:
1258
1259 2016-07-21  Chris Dumez  <cdumez@apple.com>
1260
1261         Drop [TreatNullAs=EmptyString] from CanvasRenderingContext2D.globalCompositeOperation
1262         https://bugs.webkit.org/show_bug.cgi?id=160026
1263
1264         Reviewed by Sam Weinig.
1265
1266         Drop [TreatNullAs=EmptyString] from CanvasRenderingContext2D.globalCompositeOperation
1267         attribute as it does not match the specification:
1268         - https://html.spec.whatwg.org/multipage/scripting.html#canvascompositing
1269
1270         It does not change web-exposed behavior because assigning to "" or "null"
1271         gets ignored as those are not valid operations.
1272
1273         Test: fast/canvas/context-globalCompositeOperation-null.html
1274
1275         * html/canvas/CanvasRenderingContext2D.idl:
1276
1277 2016-07-21  Carlos Garcia Campos  <cgarcia@igalia.com>
1278
1279         [GTK][Threaded Compositor] Overlay scrollbars shouldn't be a requirement of the threaded compositor
1280         https://bugs.webkit.org/show_bug.cgi?id=160020
1281
1282         Reviewed by Michael Catanzaro.
1283
1284         It has been a requirement only because we didn't really know why frame scrollbars were not rendered when using
1285         the threaded compositor. The reason is that RenderView doesn't use layers for FrameView scrollbars by default,
1286         unless using overlay scrollbars. When using the threaded compositor we really need layers for the FrameView
1287         scrollbars even when not using overlay scrollbars.
1288
1289         * platform/gtk/ScrollbarThemeGtk.cpp:
1290         (WebCore::ScrollbarThemeGtk::ScrollbarThemeGtk): Stop enforcing overlay scrollbars when threaded compositor is enabled.
1291         * rendering/RenderLayerCompositor.cpp:
1292         (WebCore::RenderLayerCompositor::shouldCompositeOverflowControls): Always use layers for scrollbars when
1293         threaded compositor is enabled.
1294
1295 2016-07-21  Carlos Garcia Campos  <cgarcia@igalia.com>
1296
1297         [Cairo] Fix a crash in fast/canvas/canvas-getImageData-invalid-result-buffer-crash.html
1298         https://bugs.webkit.org/show_bug.cgi?id=160014
1299
1300         Reviewed by Michael Catanzaro.
1301
1302         In r202887 some null checks were added for JSArray::createUninitialized (and related) but not for the
1303         ImageBuffer cairo implementation.
1304
1305         * platform/graphics/cairo/ImageBufferCairo.cpp:
1306         (WebCore::getImageData): Return early if Uint8ClampedArray::createUninitialized() returns nullptr.
1307
1308 2016-07-21  Miguel Gomez  <magomez@igalia.com>
1309
1310         [GTK] The GSTREAMER_GL path in MediaPlayerPrivateGStreamerBase::paintToTextureMapper() is missing a mutex lock
1311         https://bugs.webkit.org/show_bug.cgi?id=160018
1312
1313         Reviewed by Philippe Normand.
1314
1315         Lock the video sample mutex while accessing it.
1316
1317         Covered by existent tests.
1318
1319         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
1320         (WebCore::MediaPlayerPrivateGStreamerBase::paintToTextureMapper):
1321
1322 2016-07-21  Miguel Gomez  <magomez@igalia.com>
1323
1324         [Threaded Compositor] Flickering when zooming in/out in maps.google.com
1325         https://bugs.webkit.org/show_bug.cgi?id=154069
1326
1327         Reviewed by Carlos Garcia Campos.
1328
1329         Add a new extra buffer to GraphicsContext3D when using the Threaded Compositor,
1330         so it doesn't have to reuse the buffers that are still waiting for composition.
1331
1332         Covered by existing tests.
1333
1334         * platform/graphics/GraphicsContext3D.h:
1335         Add a new texture to use for the rendering. Remove the compositor fbo we were using.
1336         * platform/graphics/cairo/GraphicsContext3DCairo.cpp:
1337         (WebCore::GraphicsContext3D::GraphicsContext3D):
1338         Initialize the new texture and remove the previous fbo related code.
1339         (WebCore::GraphicsContext3D::~GraphicsContext3D):
1340         Properly destroy the new texture and remove the previous fbo related code.
1341         * platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:
1342         (WebCore::GraphicsContext3D::reshapeFBOs):
1343         Allocate the new texture and remove the previous fbo allocation.
1344         * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
1345         (WebCore::GraphicsContext3D::prepareTexture):
1346         Use a single fbo with three textures instead of two fbos with a texture each.
1347         Rotate the three textures usage so:
1348         - m_texture becomes m_compositorTexture to be pushed to the compositor.
1349         - m_intermediateTexture becomes m_texture to receive the next rendering.
1350         - m_compositorTexture becomes m_intermediateTexture.
1351         And add a glFlush() to ensure that the gl commands are sent to the pipeline.
1352         * platform/graphics/opengl/GraphicsContext3DOpenGLES.cpp:
1353         (WebCore::GraphicsContext3D::reshapeFBOs):
1354         Allocate the new texture.
1355
1356 2016-07-21  Carlos Garcia Campos  <cgarcia@igalia.com>
1357
1358         [GTK][Threaded Compositor] Web view background colors don't work
1359         https://bugs.webkit.org/show_bug.cgi?id=159465
1360
1361         Reviewed by Michael Catanzaro.
1362
1363         * rendering/RenderLayerBacking.cpp:
1364         (WebCore::RenderLayerBacking::createPrimaryGraphicsLayer): Initialize frame view layer opacity for platforms not
1365         using the tiled cache layer.
1366
1367 2016-07-20  Youenn Fablet  <youenn@apple.com>
1368
1369         [XHR] Cache response JS object in case of arraybuffer and blob response types
1370         https://bugs.webkit.org/show_bug.cgi?id=128903
1371
1372         Reviewed by Alex Christensen.
1373
1374         Covered by existing and modified tests.
1375
1376         Making response getter a JS builtin that caches response in @response private slot.
1377         Handling invalidation of cached response with @responseCacheIsValid new private method.
1378         Handling creation of cached response with @retrieveResponse new private method which reuses most of
1379         JSXMLHttpRequest::response previous code.
1380
1381         Caching of responses is activated whenever load ended without any error for blob and arraybuffer response types.
1382
1383         Caching of response for document is also activated in case the response getter is used but not if responseXML getter is used.
1384
1385         * CMakeLists.txt: Adding XMLHttpRequest.js.
1386         * DerivedSources.make: Ditto.
1387         * bindings/js/JSXMLHttpRequestCustom.cpp:
1388         (WebCore::JSXMLHttpRequest::retrieveResponse): Implements creation of to-be-cached response.
1389         (WebCore::JSXMLHttpRequest::response): Deleted.
1390         * bindings/js/WebCoreBuiltinNames.h: Adding new private names.
1391         * xml/XMLHttpRequest.cpp:
1392         (WebCore::XMLHttpRequest::didCacheResponse): Renamed from didCacheResponseJSON as all response types are now cached.
1393         (WebCore::XMLHttpRequest::didCacheResponseJSON): Deleted.
1394         * xml/XMLHttpRequest.h:
1395         * xml/XMLHttpRequest.idl:
1396
1397 2016-07-20  Youenn Fablet  <youenn@apple.com>
1398
1399         Remove crossOriginRequestPolicy from ThreadableLoaderOptions
1400         https://bugs.webkit.org/show_bug.cgi?id=159417
1401
1402         Reviewed by Alex Christensen.
1403
1404         No observable change.
1405
1406         * Modules/fetch/FetchLoader.cpp:
1407         (WebCore::FetchLoader::start): DenyCrossOriginRequests -> FetchOptions::Mode::SameOrigin.
1408         * fileapi/FileReaderLoader.cpp:
1409         (WebCore::FileReaderLoader::start): DenyCrossOriginRequests -> FetchOptions::Mode::SameOrigin.
1410         * inspector/InspectorNetworkAgent.cpp:
1411         (WebCore::InspectorNetworkAgent::loadResource): AllowCrossOriginRequests -> FetchOptions::Mode::NoCors.
1412         * loader/DocumentThreadableLoader.cpp:
1413         (WebCore::DocumentThreadableLoader::DocumentThreadableLoader): Ditto.
1414         (WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequest): UseAccessControl -> FetchOptions::Mode::Cors.
1415         (WebCore::DocumentThreadableLoader::redirectReceived): Ditto.
1416         (WebCore::DocumentThreadableLoader::didReceiveResponse): Ditto.
1417         (WebCore::DocumentThreadableLoader::loadRequest): Use NoCors as option passed to ResourceLoader. This allows
1418         desactivating ResourceLoader CORS checks as they are done in DocumentThreadableLoader right now. In the future,
1419         these checks should be moved to ResourceLoader and DocumentThreadableLoader should directly pass the fetch mode
1420         option.
1421         (WebCore::DocumentThreadableLoader::isAllowedRedirect): AllowCrossOriginRequests -> FetchOptions::Mode::NoCors.
1422         * loader/ThreadableLoader.cpp:
1423         (WebCore::ThreadableLoaderOptions::ThreadableLoaderOptions): Removing CrossOriginRequestPolicy.
1424         * loader/ThreadableLoader.h: Ditto.
1425         * loader/WorkerThreadableLoader.cpp:
1426         (WebCore::LoaderTaskOptions::LoaderTaskOptions): Ditto.
1427         * page/EventSource.cpp:
1428         (WebCore::EventSource::connect): UseAccessControl -> FetchOptions::Mode::Cors.
1429         * workers/Worker.cpp:
1430         (WebCore::Worker::create): DenyCrossOriginRequests -> FetchOptions::Mode::SameOrigin.
1431         * workers/WorkerGlobalScope.cpp:
1432         (WebCore::WorkerGlobalScope::importScripts): AllowCrossOriginRequests -> FetchOptions::Mode::NoCors.
1433         * workers/WorkerScriptLoader.cpp:
1434         (WebCore::WorkerScriptLoader::loadSynchronously):
1435         (WebCore::WorkerScriptLoader::loadAsynchronously):
1436         * workers/WorkerScriptLoader.h:
1437         * xml/XMLHttpRequest.cpp:
1438         (WebCore::XMLHttpRequest::createRequest):
1439
1440 2016-07-20  Chris Dumez  <cdumez@apple.com>
1441
1442         Fix null handling of several Document attributes
1443         https://bugs.webkit.org/show_bug.cgi?id=159997
1444
1445         Reviewed by Ryosuke Niwa.
1446
1447         Fix null handling of the following Document attributes: title, cookie
1448         and domain.
1449
1450         In WebKit, they were all marked as [TreatNullAs=EmptyString], which
1451         does not match the specification:
1452         - https://html.spec.whatwg.org/multipage/dom.html#document
1453
1454         Details for each attribute:
1455         - title: null is now treated as the string "null", thus setting the
1456           document title to "null". This matches Firefox and Chrome.
1457         - cookie: adds a "null" cookie instead of being a no-op. This matches
1458                   both Firefox and Chrome.
1459         - domain: Calls setDomain(String("null")) instead of
1460                   setDomain(String()). This throws an exception because "null"
1461                   is not a suffix of the effective domain name. The behavior
1462                   is the same in Firefox and Chrome. Previously, we were
1463                   already throwing an exception since setting the domain to
1464                   the empty string throws, as per the specification.
1465
1466         Test: http/tests//dom/document-attributes-null-handling.html
1467
1468         * dom/Document.idl:
1469
1470 2016-07-20  Commit Queue  <commit-queue@webkit.org>
1471
1472         Unreviewed, rolling out r203471.
1473         https://bugs.webkit.org/show_bug.cgi?id=160003
1474
1475         many iOS-simulator tests are failing (Requested by litherum on
1476         #webkit).
1477
1478         Reverted changeset:
1479
1480         "[iPhone] Playing a video on tudou.com plays only sound, no
1481         video"
1482         https://bugs.webkit.org/show_bug.cgi?id=159967
1483         http://trac.webkit.org/changeset/203471
1484
1485 2016-07-19  Ryosuke Niwa  <rniwa@webkit.org>
1486
1487         iOS: Cannot paste images in RTF content
1488         https://bugs.webkit.org/show_bug.cgi?id=159964
1489         <rdar://problem/27442806>
1490
1491         Reviewed by Enrica Casucci.
1492
1493         The bug was caused by setDefersLoading(true) not deferring image loading for the parsed fragment.
1494         Worked around this bug by disabling image loading while parsing the document fragment.
1495
1496         * editing/ios/EditorIOS.mm:
1497         (WebCore::Editor::createFragmentAndAddResources):
1498
1499 2016-07-20  Brady Eidson  <beidson@apple.com>
1500
1501         Address a small FIXME in IDB code.
1502         https://bugs.webkit.org/show_bug.cgi?id=159999
1503
1504         Reviewed by Andy Estes.
1505
1506         No new tests (No behavior change).
1507
1508         * Modules/indexeddb/IDBRequest.cpp:
1509         (WebCore::IDBRequest::IDBRequest):
1510         
1511         * Modules/indexeddb/shared/IDBResourceIdentifier.cpp:
1512         (WebCore::IDBResourceIdentifier::IDBResourceIdentifier): Deleted.
1513         * Modules/indexeddb/shared/IDBResourceIdentifier.h:
1514
1515 2016-07-20  Brady Eidson  <beidson@apple.com>
1516
1517         Remove some "modernFoo"s from IndexedDB code.
1518         https://bugs.webkit.org/show_bug.cgi?id=159985
1519
1520         Reviewed by Andy Estes.
1521
1522         No new tests (No known behavior change).
1523
1524         * Modules/indexeddb/IDBCursor.cpp:
1525         (WebCore::IDBCursor::IDBCursor):
1526         (WebCore::IDBCursor::~IDBCursor):
1527         (WebCore::IDBCursor::sourcesDeleted):
1528         (WebCore::IDBCursor::effectiveObjectStore):
1529         (WebCore::IDBCursor::transaction):
1530         (WebCore::IDBCursor::direction):
1531         (WebCore::IDBCursor::update):
1532         (WebCore::IDBCursor::advance):
1533         (WebCore::IDBCursor::continueFunction):
1534         (WebCore::IDBCursor::uncheckedIterateCursor):
1535         (WebCore::IDBCursor::deleteFunction):
1536         (WebCore::IDBCursor::setGetResult):
1537         
1538         * Modules/indexeddb/IDBIndex.cpp:
1539         (WebCore::IDBIndex::IDBIndex):
1540         (WebCore::IDBIndex::~IDBIndex):
1541         (WebCore::IDBIndex::hasPendingActivity):
1542         (WebCore::IDBIndex::name):
1543         (WebCore::IDBIndex::objectStore):
1544         (WebCore::IDBIndex::keyPath):
1545         (WebCore::IDBIndex::unique):
1546         (WebCore::IDBIndex::multiEntry):
1547         (WebCore::IDBIndex::openCursor):
1548         (WebCore::IDBIndex::doCount):
1549         (WebCore::IDBIndex::openKeyCursor):
1550         (WebCore::IDBIndex::doGet):
1551         (WebCore::IDBIndex::doGetKey):
1552         (WebCore::IDBIndex::markAsDeleted):
1553         * Modules/indexeddb/IDBIndex.h:
1554         
1555         * Modules/indexeddb/IDBObjectStore.cpp:
1556         (WebCore::IDBObjectStore::transaction):
1557         (WebCore::IDBObjectStore::deleteFunction): Deleted.
1558         (WebCore::IDBObjectStore::modernDelete): Deleted.
1559         * Modules/indexeddb/IDBObjectStore.h:
1560         
1561         * bindings/js/JSIDBIndexCustom.cpp:
1562         (WebCore::JSIDBIndex::visitAdditionalChildren):
1563
1564 2016-07-20  Chris Dumez  <cdumez@apple.com>
1565
1566         Stop using valueToStringWithNullCheck() in JSCSSStyleDeclaration::putDelegate()
1567         https://bugs.webkit.org/show_bug.cgi?id=159982
1568
1569         Reviewed by Ryosuke Niwa.
1570
1571         valueToStringWithNullCheck() treats null as the null String() which is
1572         legacy / non standard behavior. The specification says we should treat
1573         null as the empty string:
1574         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-camel-cased-attribute
1575
1576         Therefore, we should be using valueToStringTreatingNullAsEmptyString() instead.
1577
1578         In practice, there is no web-exposed behavior change because
1579         MutableStyleProperties::setProperty() removes the property wether the
1580         value is the null String or the empty String.
1581
1582         This behavior is correct since the specification says that we should
1583         remove the property if the value is the empty string:
1584         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-setproperty (step 4)
1585
1586         I added test coverage to make sure we behave according to specification.
1587         This test is passing in Firefox, Chrome and in WebKit (before and after
1588         my change).
1589
1590         Test: fast/css/CSSStyleDeclaration-property-setter.html
1591
1592         * bindings/js/JSCSSStyleDeclarationCustom.cpp:
1593         (WebCore::JSCSSStyleDeclaration::putDelegate):
1594
1595 2016-07-20  Chris Dumez  <cdumez@apple.com>
1596
1597         Fix null handling of HTMLFrameElement.marginWidth / marginHeight
1598         https://bugs.webkit.org/show_bug.cgi?id=159987
1599
1600         Reviewed by Ryosuke Niwa.
1601
1602         Fix null handling of HTMLFrameElement.marginWidth / marginHeight:
1603         - https://html.spec.whatwg.org/multipage/obsolete.html#htmlframeelement
1604
1605         We are supposed to treat null as the empty string but we treat it as
1606         the string "null".
1607
1608         Firefox and Chrome both match the specification.
1609
1610         No new tests, updated existing tests.
1611
1612         * html/HTMLFrameElement.idl:
1613
1614 2016-07-20  Wenson Hsieh  <wenson_hsieh@apple.com>
1615
1616         Pausing autoplayed media should not remove all restrictions for that media element
1617         https://bugs.webkit.org/show_bug.cgi?id=159988
1618
1619         Reviewed by Jon Lee.
1620
1621         Localizes the removal of behavior restrictions introduced in r203464 upon pausing an
1622         autoplaying video to just affect the hiding or showing of the media controller. This
1623         prevents pages from using Javascript to start playing autoplaying videos that have
1624         been paused by the user.
1625
1626         * html/HTMLMediaElement.cpp:
1627         (WebCore::HTMLMediaElement::pause):
1628
1629 2016-07-20  Myles C. Maxfield  <mmaxfield@apple.com>
1630
1631         [iPhone] Playing a video on tudou.com plays only sound, no video
1632         https://bugs.webkit.org/show_bug.cgi?id=159967
1633         <rdar://problem/26964090>
1634
1635         Reviewed by Jon Lee.
1636
1637         WebKit recently starting honoring the playsinline and webkit-playsinline
1638         attribute on iPhones. However, because these attributes previously did
1639         nothing, some sites (such as Todou) were setting them on their content
1640         and expecting that they are not honored. In this specific case, the
1641         video is absolutely positioned to be 1 pixel x 1 pixel.
1642
1643         Previously, with iOS 9, apps could set the allowsInlineMediaPlayback
1644         property on their WKWebView, which would honor the webkit-playsinline
1645         attribute. Safari on iPhones didn't do this.
1646
1647         In order to not break these existing apps, it's important that the
1648         allowsInlineMediaPlayback preference still allows webkit-playsinline
1649         videos to play inline in apps using WKWebView. However, in Safari, these
1650         videos should play fullscreen. (Todou videos have webkit-playsinline
1651         but not playsinline.)
1652
1653         Therefore, in Safari, videos with playsinline should be inline, but
1654         videos with webkit-playsinline should be fullscreen. In apps using
1655         WKWebViews, if the app sets allowsInlineMediaPlayback, then videos with
1656         playsinline should be inline, and videos with webkit-playsinline should
1657         also be inline. Videos on iPad and Mac should all be inline by default.
1658
1659         We can create some truth tables for the cases which need to be covered:
1660
1661         All apps on Mac / iPad:
1662         Presence of playsinline | Presence of webkit-playsinline | Result
1663         ========================|================================|===========
1664         Not present             | Not present                    | Inline
1665         Present                 | Not present                    | Inline
1666         Not Present             | Present                        | Inline
1667         Present                 | Present                        | Inline
1668
1669         Safari on iPhone:
1670         Presence of playsinline | Presence of webkit-playsinline | Result
1671         ========================|================================|===========
1672         Not present             | Not present                    | Fullscreen
1673         Present                 | Not present                    | Inline
1674         Not Present             | Present                        | Fullscreen
1675         Present                 | Present                        | Inline
1676
1677         App on iPhone which sets allowsInlineMediaPlayback:
1678         Presence of playsinline | Presence of webkit-playsinline | Result
1679         ========================|================================|===========
1680         Not present             | Not present                    | Fullscreen
1681         Present                 | Not present                    | Inline
1682         Not Present             | Present                        | Inline
1683         Present                 | Present                        | Inline
1684
1685         The way to distinguish Safari from another app is to create an SPI
1686         boolean preference which Safari can set. This is already how the
1687         iPhone and iPad are differentiated using the requiresPlayInlineAttribute
1688         which Safari sets but other apps don't. However, this preference is
1689         no longer sufficient because Safari should now be discriminating
1690         between the playsinline and webkit-playsinline attributes. Therefore,
1691         this preference should be extended to two boolean preferences, which
1692         this patch adds:
1693
1694         allowsInlineMediaPlaybackWithPlaysInlineAttribute
1695         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute
1696
1697         Safari on iPhone will set
1698         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to true,
1699         and allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to
1700         false. Other apps on iPhone will get their defaults values (because they
1701         are SPI) which means they will both be true. On iPad and Mac, apps will
1702         use the defaults values where both are false.
1703
1704         This patch adds support for these two preferences, but does not remove
1705         the existing inlineMediaPlaybackRequiresPlaysInlineAttribute preference.
1706         I will remove the exising preference as soon as I update Safari to migrate
1707         off of it.
1708
1709         Test: media/video-playsinline.html
1710
1711         * html/MediaElementSession.cpp:
1712         (WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):
1713         * page/Settings.cpp:
1714         * page/Settings.in:
1715         * testing/InternalSettings.cpp:
1716         (WebCore::InternalSettings::Backup::Backup):
1717         (WebCore::InternalSettings::Backup::restoreTo):
1718         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithPlaysInlineAttribute):
1719         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute):
1720         * testing/InternalSettings.h:
1721         * testing/InternalSettings.idl:
1722
1723 2016-07-20  Chris Dumez  <cdumez@apple.com>
1724
1725         Get rid of custom bindings code for XMLHttpRequest.open()
1726         https://bugs.webkit.org/show_bug.cgi?id=159984
1727
1728         Reviewed by Ryosuke Niwa.
1729
1730         Get rid of custom bindings code for XMLHttpRequest.open() as the
1731         bindings generator is able to generate it.
1732
1733         Relevant specification:
1734         - https://xhr.spec.whatwg.org/#xmlhttprequest
1735
1736         The issue is that legacy content prevents treating the 'async' argument
1737         being undefined identical from it being omitted. However, this can be
1738         achieved by using overloading in IDL, like in the specification.
1739
1740         No new tests, already covered by the following tests:
1741         - http/tests/xmlhttprequest/basic-auth.html
1742         - http/tests/xmlhttprequest/open-async-overload.html
1743
1744         * bindings/js/JSXMLHttpRequestCustom.cpp:
1745         (WebCore::SendFunctor::SendFunctor): Deleted.
1746         (WebCore::SendFunctor::line): Deleted.
1747         (WebCore::SendFunctor::column): Deleted.
1748         (WebCore::SendFunctor::url): Deleted.
1749         (WebCore::SendFunctor::operator()): Deleted.
1750         * xml/XMLHttpRequest.cpp:
1751         (WebCore::XMLHttpRequest::open):
1752         * xml/XMLHttpRequest.h:
1753         * xml/XMLHttpRequest.idl:
1754
1755 2016-07-20  Rawinder Singh  <rawinder.singh-webkit@cisra.canon.com.au>
1756
1757         Mark overriden methods in WebCore/svg final classes as final
1758         https://bugs.webkit.org/show_bug.cgi?id=159966
1759
1760         Reviewed by Michael Catanzaro.
1761
1762         Update WebCore/svg classes so that overriden methods in final classes are marked final.
1763
1764         * svg/SVGAElement.h:
1765         * svg/SVGAltGlyphDefElement.h:
1766         * svg/SVGAltGlyphItemElement.h:
1767         * svg/SVGAnimateTransformElement.h:
1768         * svg/SVGAnimatedColor.h:
1769         * svg/SVGCircleElement.h:
1770         * svg/SVGClipPathElement.h:
1771         * svg/SVGCursorElement.h:
1772         * svg/SVGDefsElement.h:
1773         * svg/SVGDescElement.h:
1774         * svg/SVGEllipseElement.h:
1775         * svg/SVGFEMergeNodeElement.h:
1776         * svg/SVGFilterElement.h:
1777         * svg/SVGFontElement.h:
1778         * svg/SVGFontFaceElement.h:
1779         * svg/SVGFontFaceFormatElement.h:
1780         * svg/SVGFontFaceNameElement.h:
1781         * svg/SVGFontFaceSrcElement.h:
1782         * svg/SVGFontFaceUriElement.h:
1783         * svg/SVGForeignObjectElement.h:
1784         * svg/SVGGElement.h:
1785         * svg/SVGGlyphElement.h:
1786         * svg/SVGGlyphRefElement.h:
1787         * svg/SVGHKernElement.h:
1788         * svg/SVGImageElement.h:
1789         * svg/SVGLineElement.h:
1790         * svg/SVGMPathElement.h:
1791         * svg/SVGMaskElement.h:
1792         * svg/SVGMetadataElement.h:
1793         * svg/SVGMissingGlyphElement.h:
1794         * svg/SVGPathBuilder.h:
1795         * svg/SVGPathByteStreamBuilder.h:
1796         * svg/SVGPathByteStreamSource.h:
1797         * svg/SVGPathElement.h:
1798         * svg/SVGPathSegArcAbs.h:
1799         * svg/SVGPathSegArcRel.h:
1800         * svg/SVGPathSegClosePath.h:
1801         * svg/SVGPathSegCurvetoCubicAbs.h:
1802         * svg/SVGPathSegCurvetoCubicRel.h:
1803         * svg/SVGPathSegCurvetoCubicSmoothAbs.h:
1804         * svg/SVGPathSegCurvetoCubicSmoothRel.h:
1805         * svg/SVGPathSegCurvetoQuadraticAbs.h:
1806         * svg/SVGPathSegCurvetoQuadraticRel.h:
1807         * svg/SVGPathSegCurvetoQuadraticSmoothAbs.h:
1808         * svg/SVGPathSegCurvetoQuadraticSmoothRel.h:
1809         * svg/SVGPathSegLinetoAbs.h:
1810         * svg/SVGPathSegLinetoHorizontalAbs.h:
1811         * svg/SVGPathSegLinetoHorizontalRel.h:
1812         * svg/SVGPathSegLinetoRel.h:
1813         * svg/SVGPathSegLinetoVerticalAbs.h:
1814         * svg/SVGPathSegLinetoVerticalRel.h:
1815         * svg/SVGPathSegListBuilder.h:
1816         * svg/SVGPathSegListSource.h:
1817         * svg/SVGPathSegMovetoAbs.h:
1818         * svg/SVGPathSegMovetoRel.h:
1819         * svg/SVGPathStringSource.h:
1820         * svg/SVGPathTraversalStateBuilder.h:
1821         * svg/SVGPatternElement.h:
1822         * svg/SVGRectElement.h:
1823         * svg/SVGScriptElement.h:
1824         * svg/SVGStopElement.h:
1825         * svg/SVGStyleElement.h:
1826         * svg/SVGSwitchElement.h:
1827         * svg/SVGTRefElement.cpp:
1828         * svg/SVGTitleElement.h:
1829         * svg/SVGToOTFFontConversion.cpp:
1830         * svg/SVGUnknownElement.h:
1831         * svg/SVGVKernElement.h:
1832         * svg/SVGViewElement.h:
1833         * svg/SVGZoomEvent.h:
1834         * svg/animation/SVGSMILElement.cpp:
1835         * svg/graphics/SVGImage.h:
1836         * svg/graphics/SVGImageClients.h:
1837         * svg/graphics/SVGImageForContainer.h:
1838         * svg/graphics/filters/SVGFEImage.h:
1839         * svg/graphics/filters/SVGFilter.h:
1840         * svg/properties/SVGAnimatedEnumerationPropertyTearOff.h:
1841         * svg/properties/SVGAnimatedPathSegListPropertyTearOff.h:
1842         * svg/properties/SVGAnimatedPropertyTearOff.h:
1843         * svg/properties/SVGAnimatedTransformListPropertyTearOff.h:
1844         * svg/properties/SVGMatrixTearOff.h:
1845         * svg/properties/SVGPathSegListPropertyTearOff.h:
1846
1847 2016-07-20  Brady Eidson  <beidson@apple.com>
1848
1849         Transition most IDB interfaces from ScriptExecutionContext to ExecState.
1850         https://bugs.webkit.org/show_bug.cgi?id=159975
1851
1852         Reviewed by Alex Christensen.
1853
1854         No new tests (No known behavior change).
1855
1856         * Modules/indexeddb/IDBCursor.cpp:
1857         (WebCore::IDBCursor::continueFunction):
1858         (WebCore::IDBCursor::deleteFunction):
1859         * Modules/indexeddb/IDBCursor.h:
1860         * Modules/indexeddb/IDBCursor.idl:
1861
1862         * Modules/indexeddb/IDBDatabase.idl:
1863
1864         * Modules/indexeddb/IDBFactory.cpp:
1865         (WebCore::IDBFactory::cmp):
1866         * Modules/indexeddb/IDBFactory.h:
1867         * Modules/indexeddb/IDBFactory.idl:
1868
1869         * Modules/indexeddb/IDBIndex.cpp:
1870         (WebCore::IDBIndex::openCursor):
1871         (WebCore::IDBIndex::count):
1872         (WebCore::IDBIndex::doCount):
1873         (WebCore::IDBIndex::openKeyCursor):
1874         (WebCore::IDBIndex::get):
1875         (WebCore::IDBIndex::doGet):
1876         (WebCore::IDBIndex::getKey):
1877         (WebCore::IDBIndex::doGetKey):
1878         * Modules/indexeddb/IDBIndex.h:
1879         * Modules/indexeddb/IDBIndex.idl:
1880
1881         * Modules/indexeddb/IDBKeyRange.cpp:
1882         (WebCore::IDBKeyRange::only): Deleted.
1883         * Modules/indexeddb/IDBKeyRange.h:
1884
1885         * Modules/indexeddb/IDBObjectStore.cpp:
1886         (WebCore::IDBObjectStore::openCursor):
1887         (WebCore::IDBObjectStore::get):
1888         (WebCore::IDBObjectStore::putOrAdd):
1889         (WebCore::IDBObjectStore::deleteFunction):
1890         (WebCore::IDBObjectStore::doDelete):
1891         (WebCore::IDBObjectStore::modernDelete):
1892         (WebCore::IDBObjectStore::clear):
1893         (WebCore::IDBObjectStore::createIndex):
1894         (WebCore::IDBObjectStore::count):
1895         (WebCore::IDBObjectStore::doCount):
1896         * Modules/indexeddb/IDBObjectStore.h:
1897         * Modules/indexeddb/IDBObjectStore.idl:
1898
1899         * Modules/indexeddb/IDBTransaction.cpp:
1900         (WebCore::IDBTransaction::requestOpenCursor):
1901         (WebCore::IDBTransaction::doRequestOpenCursor):
1902         (WebCore::IDBTransaction::requestGetRecord):
1903         (WebCore::IDBTransaction::requestGetValue):
1904         (WebCore::IDBTransaction::requestGetKey):
1905         (WebCore::IDBTransaction::requestIndexRecord):
1906         (WebCore::IDBTransaction::requestCount):
1907         (WebCore::IDBTransaction::requestDeleteRecord):
1908         (WebCore::IDBTransaction::requestClearObjectStore):
1909         (WebCore::IDBTransaction::requestPutOrAdd):
1910         * Modules/indexeddb/IDBTransaction.h:
1911
1912         * inspector/InspectorIndexedDBAgent.cpp:
1913
1914 2016-07-20  Wenson Hsieh  <wenson_hsieh@apple.com>
1915
1916         Media controls don't appear when pausing a small autoplaying video
1917         https://bugs.webkit.org/show_bug.cgi?id=159972
1918         <rdar://problem/27180657>
1919
1920         Reviewed by Beth Dakin.
1921
1922         When pausing an autoplaying video, remove behavior restrictions for the
1923         initial user gesture and show media controls.
1924
1925         New WebKit API test. See VideoControlsManagerSingleSmallAutoplayingVideo.
1926
1927         * html/HTMLMediaElement.cpp:
1928         (WebCore::HTMLMediaElement::pause):
1929
1930 2016-07-20  Chris Dumez  <cdumez@apple.com>
1931
1932         Fix null handling of HTMLMediaElement.mediaGroup
1933         https://bugs.webkit.org/show_bug.cgi?id=159974
1934
1935         Reviewed by Eric Carlson.
1936
1937         Fix null handling of HTMLMediaElement.mediaGroup to match the specification:
1938         - https://www.w3.org/TR/html5/embedded-content-0.html#media-elements
1939
1940         null is supposed to be treated as the String "null". This patch aligns
1941         our behavior with the specification. I tested Firefox and Chrome but both
1942         do not have this attribute on HTMLMediaElement.
1943
1944         Also remove support for [TreatNullAs=LegacyNullString] from our bindings
1945         generator as HTMLMediaElement.mediaGroup was the last user.
1946
1947         No new tests, rebaselined existing test.
1948
1949         * bindings/scripts/CodeGeneratorJS.pm:
1950         (JSValueToNative):
1951         * bindings/scripts/IDLAttributes.txt:
1952         * html/HTMLMediaElement.idl:
1953
1954 2016-07-20  Chris Dumez  <cdumez@apple.com>
1955
1956         CSSStyleDeclaration.setProperty() should be able to unset "important" on a property
1957         https://bugs.webkit.org/show_bug.cgi?id=159959
1958
1959         Reviewed by Alexey Proskuryakov.
1960
1961         CSSStyleDeclaration.setProperty() should be able to unsert "important"
1962         on a property as per the latest specification:
1963         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-setproperty
1964         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-camel-cased-attribute
1965
1966         Firefox and Chrome match the specification here but WebKit was ignoring calls
1967         to setProperty() if there is already an "important" property wit this name
1968         and if the new property does not have the "important" flag set.
1969
1970         This behavior was added a long time ago via Bug 60007. However, it does not
1971         match the latest specification or other browsers.
1972
1973         Test: fast/css/CSSStyleDeclaration-setProperty-unset-important.html
1974
1975         * css/StyleProperties.cpp:
1976         (WebCore::MutableStyleProperties::addParsedProperty):
1977         Drop code that was added via Bug 60007 as this behavior no longer matches the
1978         specification or other browsers. The layout test added in Bug 60007 fails in
1979         other browsers and was updated in this patch to match the specification.
1980
1981 2016-07-20  Commit Queue  <commit-queue@webkit.org>
1982
1983         Unreviewed, rolling out r203423.
1984         https://bugs.webkit.org/show_bug.cgi?id=159977
1985
1986         The test for this change is failing on Mac Release WK2
1987         (Requested by ryanhaddad on #webkit).
1988
1989         Reverted changeset:
1990
1991         "HTMLVideoElement frames do not update on iOS when src is a
1992         MediaStream blob"
1993         https://bugs.webkit.org/show_bug.cgi?id=159833
1994         http://trac.webkit.org/changeset/203423
1995
1996 2016-07-20  Chris Dumez  <cdumez@apple.com>
1997
1998         Fix null handling of HTMLSelectElement.value attribute
1999         https://bugs.webkit.org/show_bug.cgi?id=159925
2000
2001         Reviewed by Benjamin Poulain.
2002
2003         Fix null handling of HTMLSelectElement.value attribute:
2004         - https://html.spec.whatwg.org/multipage/forms.html#htmlselectelement
2005
2006         We were treating null as the null String which would end up setting
2007         selectedIndex to -1. However, we should treat null as the String "null"
2008         which would set the selectedIndex to the index of the <option> element
2009         whose value is "null".
2010
2011         Firefox and Chrome match the specification.
2012
2013         Test: fast/dom/HTMLSelectElement/value-null-handling.html
2014
2015         * html/HTMLSelectElement.cpp:
2016         (WebCore::HTMLSelectElement::setValue):
2017         * html/HTMLSelectElement.idl:
2018
2019 2016-07-20  Chris Dumez  <cdumez@apple.com>
2020
2021         PostResolutionCallbackDisabler can resume pending requests while a ResourceLoadSuspender is alive
2022         https://bugs.webkit.org/show_bug.cgi?id=159962
2023         <rdar://problem/21439264>
2024
2025         Reviewed by David Kilzer.
2026
2027         PostResolutionCallbackDisabler can resume pending requests while a ResourceLoadSuspender
2028         is alive. We have both PostResolutionCallbackDisabler and ResourceLoadSuspender that
2029         call LoaderStrategy::suspendPendingRequests() / LoaderStrategy::resumePendingRequests().
2030         However, PostResolutionCallbackDisabler and ResourceLoadSuspender are not aware of each
2031         other. It is therefore possible for a PostResolutionCallbackDisabler object to get
2032         destroyed, causing LoaderStrategy::resumePendingRequests() to be called while a
2033         ResourceLoadSuspender object is alive.
2034
2035         This leads to hard to investigate crashes where we end up re-entering WebKit and killing
2036         the style resolver.
2037
2038         This patch drops ResourceLoadSuspender and uses PostResolutionCallbackDisabler instead.
2039         There was only one user of ResourceLoadSuspender and PostResolutionCallbackDisabler
2040         is better because it manages a resolutionNestingDepth counter internally to make sure
2041         it only calls LoaderStrategy::resumePendingRequests() once all
2042         PostResolutionCallbackDisabler instances are destroyed.
2043
2044         No new tests, there is no easy way to reproduce the crashes.
2045
2046         * dom/Document.cpp:
2047         (WebCore::Document::styleForElementIgnoringPendingStylesheets):
2048         * loader/LoaderStrategy.cpp:
2049         (WebCore::ResourceLoadSuspender::ResourceLoadSuspender): Deleted.
2050         (WebCore::ResourceLoadSuspender::~ResourceLoadSuspender): Deleted.
2051         * loader/LoaderStrategy.h:
2052
2053 2016-07-19  Youenn Fablet  <youenn@apple.com>
2054
2055         [Fetch API] Add a JS builtin to implement https://fetch.spec.whatwg.org/#concept-headers-fill
2056         https://bugs.webkit.org/show_bug.cgi?id=159932
2057
2058         Reviewed by Alex Christensen.
2059
2060         Covered by existing tests.
2061
2062         Refactoring Headers initializeWith to use the new built-in internal that implements
2063         https://fetch.spec.whatwg.org/#concept-headers-fill.
2064
2065         Refactoring Response constructor to put more checks in the JS builtin fucntion called within constructor.
2066         Making use of the new built-in internal that implements https://fetch.spec.whatwg.org/#concept-headers-fill.
2067
2068         * CMakeLists.txt: Adding FetchHeadersInternals.js
2069         * DerivedSources.make: Ditto.
2070         * Modules/fetch/FetchHeaders.js:
2071         (initializeFetchHeaders): Using fillFetchHeaders new built-in internal.
2072         * Modules/fetch/FetchInternals.js: Added.
2073         (fillFetchHeaders):
2074         * Modules/fetch/FetchResponse.cpp: Refactoring to do more in the JS built-in. Splitting of initializeWith so
2075         that the checks are done in the order defined by the spec.
2076         (WebCore::FetchResponse::setStatus):
2077         (WebCore::FetchResponse::initializeWith):
2078         (WebCore::isNullBodyStatus): Deleted.
2079         * Modules/fetch/FetchResponse.h:
2080         * Modules/fetch/FetchResponse.idl:
2081         * Modules/fetch/FetchResponse.js:
2082         (initializeFetchResponse): New built-in internal.
2083         * WebCore.xcodeproj/project.pbxproj:
2084         * bindings/js/WebCoreBuiltinNames.h:
2085
2086 2016-07-19  Chris Dumez  <cdumez@apple.com>
2087
2088         Fix null handling of SVGScriptElement.type attribute
2089         https://bugs.webkit.org/show_bug.cgi?id=159927
2090
2091         Reviewed by Benjamin Poulain.
2092
2093         Fix null handling of SVGScriptElement.type attribute:
2094         - https://www.w3.org/TR/SVG2/interact.html#InterfaceSVGScriptElement
2095
2096         We were treating null as the null String which would end up removing
2097         the 'type' content attribute. However, we should treat null as the
2098         String "null".
2099
2100         Firefox and Chrome match the specification.
2101
2102         No new tests, updated existing test.
2103
2104         * svg/SVGScriptElement.idl:
2105
2106 2016-07-19  Chris Dumez  <cdumez@apple.com>
2107
2108         Fix null handling of several HTMLDocument attributes
2109         https://bugs.webkit.org/show_bug.cgi?id=159923
2110
2111         Reviewed by Benjamin Poulain.
2112
2113         Fix null handling of several HTMLDocument attributes:
2114         - https://html.spec.whatwg.org/multipage/dom.html#document
2115         - https://html.spec.whatwg.org/multipage/obsolete.html#document-partial
2116
2117         In particular, null handling was incorrect in WebKit for 'dir',
2118         'bgColor', 'fgColor', 'alinkColor', 'linkColor' and 'vlinkColor'.
2119
2120         Firefox and Chrome match the specification.
2121
2122         Test: fast/dom/HTMLDocument/null-handling.html
2123
2124         * html/HTMLDocument.idl:
2125
2126 2016-07-19  Chris Dumez  <cdumez@apple.com>
2127
2128         Document.createElementNS() / createAttributeNS() parameters should be mandatory
2129         https://bugs.webkit.org/show_bug.cgi?id=159938
2130
2131         Reviewed by Benjamin Poulain.
2132
2133         Document.createElementNS() / createAttributeNS() parameters should be mandatory:
2134         - https://dom.spec.whatwg.org/#document
2135
2136         They were optional in WebKit. However, Firefox and Chrome both match the
2137         specification.
2138
2139         No new tests, rebaselined existing tests.
2140
2141         * dom/Document.idl:
2142
2143 2016-07-19  Benjamin Poulain  <bpoulain@apple.com>
2144
2145         Use getElementById for attribute matching if the attribute name is html's id
2146         https://bugs.webkit.org/show_bug.cgi?id=159960
2147
2148         Reviewed by Chris Dumez.
2149
2150         Elliott Sprehn discovered YUI makes heavy uses of querySelector with [id=value]
2151         (https://bugs.chromium.org/p/chromium/issues/detail?id=627242).
2152
2153         If we are not in quirks mode, IdForStyleResolution has the same value
2154         as the Id attribute. We can use the same optimization for both cases.
2155
2156         Tests: fast/selectors/id-attribute-querySelector-used-as-id-selector-quirks.html
2157                fast/selectors/id-attribute-querySelector-used-as-id-selector.html
2158
2159         * dom/SelectorQuery.cpp:
2160         (WebCore::canBeUsedForIdFastPath):
2161         (WebCore::findIdMatchingType):
2162         (WebCore::SelectorDataList::SelectorDataList):
2163         (WebCore::selectorForIdLookup):
2164         (WebCore::filterRootById):
2165
2166 2016-07-19  Chris Dumez  <cdumez@apple.com>
2167
2168         Drop SVGElement.xmlbase attribute
2169         https://bugs.webkit.org/show_bug.cgi?id=159926
2170
2171         Reviewed by Benjamin Poulain.
2172
2173         Drop SVGElement.xmlbase attribute as it is no longer part of the
2174         specification:
2175         - https://www.w3.org/TR/SVG2/types.html#InterfaceSVGElement
2176
2177         Both Firefox and Chrome have already dropped support for
2178         SVGElement.xmlbase.
2179
2180         Chrome's intent to remove:
2181         https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/TfwMq4d25hk/C-v_iC_wKfAJ
2182
2183         Test: svg/dom/SVGElement-xmlbase.html
2184
2185         * svg/SVGElement.cpp:
2186         (WebCore::SVGElement::removedFrom): Deleted.
2187         * svg/SVGElement.h:
2188         * svg/SVGElement.idl:
2189
2190 2016-07-19  Chris Dumez  <cdumez@apple.com>
2191
2192         Align CSSStyleDeclaration.setProperty() with the specification
2193         https://bugs.webkit.org/show_bug.cgi?id=159955
2194
2195         Reviewed by Benjamin Poulain.
2196
2197         Align CSSStyleDeclaration.setProperty() with the specification:
2198         - https://drafts.csswg.org/cssom/#the-cssstyledeclaration-interface
2199
2200         In particular, the following changes were needed:
2201         1. The 'value' parameter should not be optional
2202         2. The 'priority' parameter should treat null as the empty string
2203            rather than the string "null".
2204         3. The 'priority' parameter's default value should be the empty string,
2205            not the string "undefined".
2206         4. CSSStyleDeclaration.setProperty() should return early if 'priority'
2207            is not the empty string and is not an ASCII case-insensitive match
2208            for the string "important".
2209
2210         Chrome matches the specification entirely.
2211         Firefox matches the specification with the exception that it does a
2212         case-sensitive match for "important".
2213
2214         Test: fast/css/CSSStyleDeclaration-setProperty.html
2215
2216         * css/CSSStyleDeclaration.idl:
2217         * css/PropertySetCSSStyleDeclaration.cpp:
2218         (WebCore::PropertySetCSSStyleDeclaration::setProperty):
2219
2220 2016-07-19  Daniel Bates  <dabates@apple.com>
2221
2222         CSP: Improve support for multiple policies to more closely conform to the CSP Level 2 spec.
2223         https://bugs.webkit.org/show_bug.cgi?id=159841
2224         <rdar://problem/27381684>
2225
2226         Reviewed by Brent Fulgham.
2227
2228         Implement a first pass at sending multiple violation reports so as to more closely
2229         conform to section Enforcing multiple policies of the Content Security Policy Level 2 spec.,
2230         <https://w3c.github.io/webappsec-csp/2/> (Editor's Draft, 25 April 2016).
2231
2232         Tests: http/tests/security/contentSecurityPolicy/1.1/script-blocked-sends-multiple-reports.php
2233                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-enforced-policy-and-blocked-by-report-policy.php
2234                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-enforced-policy-and-blocked-by-report-policy2.php
2235                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy.php
2236                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
2237                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-enforced-policy-and-allowed-by-report-policy.php
2238                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-enforced-policy-and-allowed-by-report-policy2.php
2239                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy.php
2240                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy2.php
2241                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy.php
2242                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
2243                http/tests/security/contentSecurityPolicy/1.1/scripthash-in-enforced-policy-and-not-in-report-only.html
2244                http/tests/security/contentSecurityPolicy/1.1/scripthash-in-one-enforced-policy-neither-in-another-enforced-policy-nor-report-policy.html
2245                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-enforced-policy-and-blocked-by-report-policy.php
2246                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-enforced-policy-and-blocked-by-report-policy2.php
2247                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy.php
2248                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
2249                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-enforced-policy-and-allowed-by-report-policy.php
2250                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-enforced-policy-and-allowed-by-report-policy2.php
2251                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy.php
2252                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy2.php
2253                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy.php
2254                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
2255                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-in-enforced-policy-and-not-in-report-only.html
2256                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-in-one-enforced-policy-neither-in-another-enforced-policy-nor-report-policy.html
2257                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-multiple-policies.html
2258
2259         * page/csp/ContentSecurityPolicy.cpp:
2260         (WebCore::ContentSecurityPolicy::allPoliciesWithDispositionAllow): Added. Returns whether the resource
2261         is allowed by all of the policies with the specified disposition.
2262         (WebCore::ContentSecurityPolicy::allPoliciesAllow): Added. Returns whether the resource is allowed by
2263         all of the enforced policies.
2264         (WebCore::ContentSecurityPolicy::findHashOfContentInPolicies): Formerly named foundHashOfContentInAllPolicies.
2265         Modified to return a ("has found hash in all enforced policies, "has found hash in all report-only policies)-pair
2266         so that we can differentiate whether the hash violated an enforced policy or a report-only policy.
2267         (WebCore::ContentSecurityPolicy::allowJavaScriptURLs): Write in terms of ContentSecurityPolicy::allPoliciesAllow().
2268         (WebCore::ContentSecurityPolicy::allowInlineEventHandlers): Ditto.
2269         (WebCore::ContentSecurityPolicy::allowScriptWithNonce): For now only accept a nonce if it is allowed by
2270         all enforced policies. As a side effect of this change is that we only send a CSP violation report when a
2271         nonce violates a report-only policy only if the nonce also violates one or more enforced policies. We will
2272         address this limitation in <https://bugs.webkit.org/show_bug.cgi?id=159830>.
2273         (WebCore::ContentSecurityPolicy::allowStyleWithNonce): Ditto.
2274         (WebCore::ContentSecurityPolicy::allowInlineScript): Differentiate between a hash/'unsafe-inline' that
2275         matches/is contained in all enforce policies and a hash/'unsafe-inline' that matches/is contained in all
2276         report-only policies so that we only allow the resource for the former. As a side effect of this change
2277         we may report that a resource violated a policy even if it contained the hash. See <https://bugs.webkit.org/show_bug.cgi?id=159832>
2278         for more details.
2279         (WebCore::ContentSecurityPolicy::allowInlineStyle): Ditto.
2280         (WebCore::ContentSecurityPolicy::allowEval): Write in terms of ContentSecurityPolicy::allPoliciesAllow().
2281         (WebCore::ContentSecurityPolicy::allowFrameAncestors): Ditto.
2282         (WebCore::ContentSecurityPolicy::allowPluginType): Ditto.
2283         (WebCore::ContentSecurityPolicy::allowScriptFromSource): Ditto.
2284         (WebCore::ContentSecurityPolicy::allowObjectFromSource): Ditto.
2285         (WebCore::ContentSecurityPolicy::allowChildFrameFromSource): Ditto.
2286         (WebCore::ContentSecurityPolicy::allowChildContextFromSource): Ditto.
2287         (WebCore::ContentSecurityPolicy::allowImageFromSource): Ditto.
2288         (WebCore::ContentSecurityPolicy::allowStyleFromSource): Ditto.
2289         (WebCore::ContentSecurityPolicy::allowFontFromSource): Ditto.
2290         (WebCore::ContentSecurityPolicy::allowMediaFromSource): Ditto.
2291         (WebCore::ContentSecurityPolicy::allowConnectToSource): Ditto.
2292         (WebCore::ContentSecurityPolicy::allowFormAction): Ditto.
2293         (WebCore::ContentSecurityPolicy::allowBaseURI): Ditto.
2294         (WebCore::ContentSecurityPolicy::foundHashOfContentInAllPolicies): Deleted.
2295         * page/csp/ContentSecurityPolicy.h:
2296         (WebCore::ContentSecurityPolicy::violatedDirectiveInAnyPolicy): Deleted.
2297
2298 2016-07-19  Chris Dumez  <cdumez@apple.com>
2299
2300         Fix null handling of HTMLScriptElement.text attribute
2301         https://bugs.webkit.org/show_bug.cgi?id=159943
2302
2303         Reviewed by Benjamin Poulain.
2304
2305         Fix null handling of HTMLScriptElement.text attribute:
2306         - https://html.spec.whatwg.org/multipage/scripting.html#the-script-element
2307
2308         We should treat null as the "null" String but we were treating it as
2309         the empty string.
2310
2311         Firefox and Chrome match the specification.
2312
2313         No new tests, rebaselined existing test.
2314
2315         * html/HTMLScriptElement.idl:
2316
2317 2016-07-19  Chris Dumez  <cdumez@apple.com>
2318
2319         autocapitalize attribute should not use [TreatNullAs=LegacyNullString]
2320         https://bugs.webkit.org/show_bug.cgi?id=159934
2321
2322         Reviewed by Benjamin Poulain.
2323
2324         autocapitalize attribute should not use [TreatNullAs=LegacyNullString]. This is
2325         non-standard and we want to drop support for it from the bindings generator.
2326
2327         Instead, use [TreatNullAs=EmptyString] in order to maintain existing behavior
2328         given that both a missing/empty attribute result in using the default
2329         autocapitalization mode and that autocapitalize returns the empty string by
2330         default.
2331
2332         Test: platform/ios-simulator/ios/fast/forms/autocapitalize-null.html
2333
2334         * html/HTMLFormElement.idl:
2335         * html/HTMLInputElement.idl:
2336         * html/HTMLTextAreaElement.idl:
2337
2338 2016-07-19  Zalan Bujtas  <zalan@apple.com>
2339
2340         REGRESSION(r203415): ASSERTION FAILED: !m_layoutRoot->container() || !m_layoutRoot->container()->needsLayout()
2341         https://bugs.webkit.org/show_bug.cgi?id=159952
2342
2343         Reviewed by Simon Fraser.
2344
2345         Update ASSERTs to reflect new functionality, that is, now we can end up in a state
2346         where the container (RenderView) of one of the dirty subtrees is dirty.
2347         See r203415.
2348  
2349         Covered by editing/pasteboard/drag-drop-input-in-svg.svg
2350
2351         * page/FrameView.cpp:
2352         (WebCore::FrameView::scheduleRelayoutOfSubtree):
2353
2354 2016-07-19  Dean Jackson  <dino@apple.com>
2355
2356         REGRESSION(202927): The first slide is the only displayed slide when Quicklooking a Keynote file
2357         https://bugs.webkit.org/show_bug.cgi?id=159948
2358         <rdar://problem/27391012>
2359
2360         Reviewed by Simon Fraser.
2361
2362         There is an iOS bug (<rdar://problem/27416744>) that is causing us
2363         to not always get a color space on CGContextRefs. Investigation of this
2364         exposed some optimizations we can take when we are creating ImageBuffers.
2365         In particular, if we have a bitmap context or an IOSurfaceContext we
2366         can simply copy their color space using API. Otherwise we stick with
2367         the existing CGContextCopyDeviceColorSpace.
2368
2369         Lastly, if for some reason we are unable to copy the device color space,
2370         we should fall back to sRGB.
2371
2372         * platform/graphics/cg/ImageBufferCG.cpp:
2373         (WebCore::ImageBuffer::createCompatibleBuffer):
2374         * platform/spi/cg/CoreGraphicsSPI.h: Add some SPI and enums.
2375
2376
2377 2016-07-19  George Ruan  <gruan@apple.com>
2378
2379         HTMLVideoElement frames do not update on iOS when src is a MediaStream blob
2380         https://bugs.webkit.org/show_bug.cgi?id=159833
2381         <rdar://problem/27379487>
2382
2383         Reviewed by Eric Carlson.
2384
2385         Test: fast/mediastream/MediaStream-video-element-displays-buffer.html
2386
2387         * WebCore.xcodeproj/project.pbxproj:
2388         * platform/graphics/avfoundation/MediaSampleAVFObjC.h: Change create to return a Ref<T> instead
2389         of RefPtr<T>
2390         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h: Make observer of
2391         MediaStreamTrackPrivate and make MediaPlayer use an AVSampleBufferDisplayLayer instead of CALayer.
2392         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm: Ditto.
2393         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::~MediaPlayerPrivateMediaStreamAVFObjC): Clean up
2394         observers and AVSampleBufferDisplayLayer
2395         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::isAvailable): Ensures AVSampleBufferDisplayLayer
2396         is available.
2397         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueAudioSampleBufferFromTrack): Placeholder.
2398         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueVideoSampleBufferFromTrack): Responsible
2399         for enqueuing sample buffers to the active video track.
2400         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::ensureLayer): Ensures that an AVSampleBufferDisplayLayer
2401         exists.
2402         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::destroyLayer): Destroys the AVSampleBufferDisplayLayer.
2403         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::platformLayer): Replace CALayer with AVSampleBufferDisplayLayer.
2404         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::currentDisplayMode): Ditto.
2405         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::sampleBufferUpdated): Called from MediaStreamTrackPrivate when a
2406         new SampleBuffer is available.
2407         (WebCore::updateTracksOfType): Manage adding and removing self as observer from tracks.
2408         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateTracks): Replace CALayer with AVSampleBufferDisplayLayer
2409         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::acceleratedRenderingStateChanged): Copied from
2410         MediaPlayerPrivateMediaSourceAVFObjC.mm
2411         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::load): Deleted CALayer.
2412         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateDisplayMode): Deleted process of updating CALayer.
2413         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateIntrinsicSize): Deleted CALayer.
2414         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::createPreviewLayers): Deleted.
2415         * platform/mediastream/MediaStreamPrivate.cpp:
2416         (WebCore::MediaStreamPrivate::updateActiveVideoTrack): Remove redundant check.
2417         * platform/mediastream/MediaStreamTrackPrivate.cpp:
2418         (WebCore::MediaStreamTrackPrivate::sourceHasMoreMediaData): Called from RealtimeMediaSource when a new SampleBuffer
2419         is available.
2420         * platform/mediastream/MediaStreamTrackPrivate.h:
2421         (WebCore::MediaStreamTrackPrivate::Observer::sampleBufferUpdated): Relays to MediaPlayerPrivateMediaStream that
2422         a new SampleBuffer is available to enqueue to the AVSampleBufferDisplayLayer.
2423         * platform/mediastream/RealtimeMediaSource.cpp:
2424         (WebCore::RealtimeMediaSource::mediaDataUpdated): Relays to all observers that a new SampleBuffer is available.
2425         * platform/mediastream/RealtimeMediaSource.h:
2426         * platform/mediastream/mac/AVVideoCaptureSource.mm:
2427         (WebCore::AVVideoCaptureSource::processNewFrame): Calls mediaDataUpdated when a new SampleBuffer is captured.
2428
2429 2016-07-19  Anders Carlsson  <andersca@apple.com>
2430
2431         Get rid of a #define private public hack in WebCore
2432         https://bugs.webkit.org/show_bug.cgi?id=159953
2433
2434         Reviewed by Dan Bernstein.
2435
2436         Use @package instead.
2437
2438         * bindings/objc/DOMInternal.h:
2439         * bindings/objc/DOMObject.h:
2440
2441 2016-07-19  Andreas Kling  <akling@apple.com>
2442
2443         Fix SharedBuffer leak in MockContentFilter::replacementData().
2444         <https://webkit.org/b/159945>
2445
2446         Reviewed by Andy Estes.
2447
2448         Spotted on leaks bot. This code was pretty explicit about how it's going to leak.
2449         Since this is in the mock filter, it only affected layout tests.
2450
2451         * testing/MockContentFilter.cpp:
2452         (WebCore::MockContentFilter::replacementData):
2453
2454 2016-07-19  Zalan Bujtas  <zalan@apple.com>
2455
2456         theguardian.co.uk crossword puzzles are sometimes not displaying text
2457         https://bugs.webkit.org/show_bug.cgi?id=159924
2458         <rdar://problem/27409483>
2459
2460         Reviewed by Simon Fraser.
2461
2462         This patch fixes the case when
2463         - 2 disjoint subtrees are dirty
2464         - RenderView is also dirty.
2465         and we end up not laying out one of the 2 subtrees.
2466
2467         In FrameView::scheduleRelayoutOfSubtree, we assume that when the RenderView is dirty
2468         we already have a pending full layout which means that any previous subtree layouts have already been
2469         converted to full layouts.
2470         However this assumption is incorrect. RenderView can get dirty without checking if there's
2471         already a pending subtree layout.
2472         One option to solve this problem would be to override RenderObject::setNeedsLayout in RenderView
2473         so that when the RenderView gets dirty, we could also convert any pending subtree layout to full layout.
2474         However RenderObject::setNeedsLayout is a hot function and making it virtual would impact performance.
2475         The other option is to always normalize subtree layouts in FrameView::scheduleRelayoutOfSubtree().
2476         This patch implements the second option.
2477
2478         Test: fast/misc/subtree-layouts.html
2479
2480         * page/FrameView.cpp:
2481         (WebCore::FrameView::scheduleRelayoutOfSubtree):
2482
2483 2016-07-19  Anders Carlsson  <andersca@apple.com>
2484
2485         Some payment authorization status values should keep the sheet active
2486         https://bugs.webkit.org/show_bug.cgi?id=159936
2487         rdar://problem/26756701
2488
2489         Reviewed by Tim Horton.
2490
2491         * Modules/applepay/ApplePaySession.cpp:
2492         (WebCore::ApplePaySession::completePayment):
2493         Keep the sheet active if the status isn't a final state status.
2494
2495         * Modules/applepay/PaymentAuthorizationStatus.h:
2496         (WebCore::isFinalStateStatus):
2497         Add a new helper function that returns whether a given payment authorization status is "final",
2498         meaning that once that status has been passed to completePayment, the session is finished.
2499
2500 2016-07-19  Nan Wang  <n_wang@apple.com>
2501
2502         AX: Incorrect behavior for word related text marker functions when there's collapsed whitespace
2503         https://bugs.webkit.org/show_bug.cgi?id=159910
2504
2505         Reviewed by Chris Fleizach.
2506
2507         We are getting a bad CharacterOffset when there's collapsed whitespace. Added a TraverseOptionValidateOffset
2508         option to make sure we are getting the correct CharacterOffset based on the corresponding Range offset. And
2509         fixed a word navigation issue based on that.
2510
2511         Test: accessibility/mac/text-marker-word-nav-collapsed-whitespace.html
2512
2513         * accessibility/AXObjectCache.cpp:
2514         (WebCore::AXObjectCache::traverseToOffsetInRange):
2515         (WebCore::AXObjectCache::rangeForNodeContents):
2516         (WebCore::AXObjectCache::startOrEndCharacterOffsetForRange):
2517         (WebCore::AXObjectCache::characterOffsetFromVisiblePosition):
2518         (WebCore::AXObjectCache::rightWordRange):
2519         (WebCore::AXObjectCache::previousBoundary):
2520         * accessibility/AXObjectCache.h:
2521         (WebCore::AXObjectCache::isNodeInUse):
2522
2523 2016-07-19  Youenn Fablet  <youenn@apple.com>
2524
2525         [Streams API] ReadableStreamController methods should throw if its stream is not readable
2526         https://bugs.webkit.org/show_bug.cgi?id=159871
2527
2528         Reviewed by Xabier Rodriguez-Calvar.
2529
2530         Spec now mandates close and enqueue to throw if ReadableStream is not readable.
2531         Covered by rebased and/or modified tests.
2532
2533         * Modules/streams/ReadableStreamController.js:
2534         (enqueue): Throwing a TypeError if controlled stream is not readable.
2535         (close): Ditto.
2536
2537 2016-07-19  Simon Fraser  <simon.fraser@apple.com>
2538
2539         Bubbles appear split for a brief moment in Messages
2540         https://bugs.webkit.org/show_bug.cgi?id=159915
2541         rdar://problem/27182267
2542
2543         Reviewed by David Hyatt.
2544
2545         RenderView::repaintRootContents() had a long-standing bug in WebView when the
2546         view is scrolled. repaint() uses visualOverflowRect() but, for the 
2547         RenderView, the visualOverflowRect() is the initial containing block
2548         which is anchored at 0,0. When the view is scrolled it's clipped out and
2549         calls to repaintRootContents() have no effect.
2550         
2551         Change repaintRootContents() to use layoutOverflowRect(). ScrollView::repaintContentRectangle()
2552         will clip it to the view if necessary.
2553
2554         Test: fast/repaint/scrolled-view-full-repaint.html
2555
2556         * rendering/RenderView.cpp:
2557         (WebCore::RenderView::repaintRootContents):
2558
2559 2016-07-19  Dan Bernstein  <mitz@apple.com>
2560
2561         <rdar://problem/27420308> WebCore-7602.1.42 fails to build: error: unused parameter 'vm'
2562
2563         * bindings/js/JSDOMGlobalObject.cpp:
2564         (WebCore::JSDOMGlobalObject::addBuiltinGlobals): Fixed the !ENABLE(STREAMS_API) build.
2565
2566 2016-07-19  Youenn Fablet  <youenn@apple.com>
2567
2568         [Streams API] Make ReadableStream properties not enumerable
2569         https://bugs.webkit.org/show_bug.cgi?id=159868
2570
2571         Reviewed by Darin Adler.
2572
2573         Covered by rebased tests.
2574
2575         Uopdating IDL definitions to mark all functions/attributes as not enumerable.
2576         Updating IDL constructor definitions to correctly compute constructor length.
2577         Updating built-in implementation to correctly compute pipeTo length to 1 (second parameter being optional).
2578
2579         * Modules/streams/ReadableStream.idl:
2580         * Modules/streams/ReadableStream.js:
2581         * Modules/streams/ReadableStreamController.idl:
2582         * Modules/streams/ReadableStreamReader.idl:
2583
2584 2016-07-19  Chris Dumez  <cdumez@apple.com>
2585
2586         form.enctype / encoding / method should treat null as "null" string
2587         https://bugs.webkit.org/show_bug.cgi?id=159916
2588
2589         Reviewed by Ryosuke Niwa.
2590
2591         form.enctype / encoding / method should treat null as "null" string:
2592         - https://html.spec.whatwg.org/multipage/forms.html#htmlformelement
2593
2594         Previously, WebKit would treat null as the null String, which would
2595         end up removing the existing attribute.
2596
2597         Firefox and Chrome match the specification.
2598
2599         Test: fast/dom/HTMLFormElement/null-handling.html
2600
2601         * html/HTMLFormElement.h:
2602         * html/HTMLFormElement.idl:
2603
2604 2016-07-18  Csaba Osztrogon√°c  <ossy@webkit.org>
2605
2606         All-in-one buildfix after r202439
2607         https://bugs.webkit.org/show_bug.cgi?id=159877
2608
2609         Reviewed by Chris Dumez.
2610
2611         * Modules/webaudio/AudioDestinationNode.h:
2612         (WebCore::AudioDestinationNode::resume):
2613         (WebCore::AudioDestinationNode::suspend):
2614         (WebCore::AudioDestinationNode::close):
2615
2616 2016-07-18  Frederic Wang  <fwang@igalia.com>
2617
2618         Move parsing of subscriptshift and superscriptshift from rendering to element classes
2619         https://bugs.webkit.org/show_bug.cgi?id=159622
2620
2621         Reviewed by Darin Adler.
2622
2623         We introduce a new MathMLScriptsElement that is used for elements msub, msup, msubsup and
2624         mmultiscripts in order to create RenderMathMLScripts and parse and expose the values of the
2625         subscriptshift and superscriptshift attributes. This is one more step toward moving MathML
2626         attribute parsing to the DOM (bug 156536).
2627
2628         No new tests, rendering is unchanged.
2629
2630         * CMakeLists.txt: Add MathMLScriptsElement files.
2631         * WebCore.xcodeproj/project.pbxproj: Ditto.
2632         * mathml/MathMLAllInOne.cpp: Ditto.
2633         * mathml/MathMLInlineContainerElement.cpp: Remove handling of scripts.
2634         (WebCore::MathMLInlineContainerElement::createElementRenderer): Deleted.
2635         * mathml/MathMLScriptsElement.cpp: Added. New class to handle scripted elements supporting
2636         parsing for the subscriptshift and superscriptshift MathML lengths.
2637         (WebCore::MathMLScriptsElement::MathMLScriptsElement):
2638         (WebCore::MathMLScriptsElement::create):
2639         (WebCore::MathMLScriptsElement::subscriptShift): Expose the cached length for the shift,
2640         parsing the attribute again if necessary.
2641         (WebCore::MathMLScriptsElement::superscriptShift): Ditto.
2642         (WebCore::MathMLScriptsElement::parseAttribute): Mark attributes dirty.
2643         (WebCore::MathMLScriptsElement::createElementRenderer): Create RenderMathMLScripts.
2644         * mathml/MathMLScriptsElement.h: Ditto.
2645         * mathml/mathtags.in: Map msub, msup, msubsup and mmultiscripts to MathMLScriptsElement.
2646         * rendering/mathml/RenderMathMLScripts.cpp:
2647         (WebCore::RenderMathMLScripts::scriptsElement): Helper function to cast the node to a
2648         MathMLScriptsElement.
2649         (WebCore::RenderMathMLScripts::getScriptMetricsAndLayoutIfNeeded): Resolve the attributes
2650         using the functions from the MathMLScriptsElement class.
2651         * rendering/mathml/RenderMathMLScripts.h: Declare scriptsElement.
2652
2653 2016-07-18  Frederic Wang  <fwang@igalia.com>
2654
2655         Do not store gap and shift parameters on RenderMathMLFraction
2656         https://bugs.webkit.org/show_bug.cgi?id=159876
2657
2658         Reviewed by Darin Adler.
2659
2660         After r203285, the stack and fraction layout parameters are only used in layoutBlock so we
2661         do not need to store them on the class. We remove them and split updateLayoutParameters into
2662         three functions: one to update the linethickness and two others to retrieve the fraction and
2663         stack respectively.
2664
2665         No new tests, rendering is unchanged.
2666
2667         * rendering/mathml/RenderMathMLFraction.cpp:
2668         (WebCore::RenderMathMLFraction::updateLineThickness): Move code to update thickness members here.
2669         (WebCore::RenderMathMLFraction::getFractionParameters): Move code to retrieve fraction parameters here.
2670         (WebCore::RenderMathMLFraction::getStackParameters): Move code to retrieve stack parameters here.
2671         (WebCore::RenderMathMLFraction::layoutBlock): Use the new helper functions and local variables
2672         for fraction and stack parameters.
2673         (WebCore::RenderMathMLFraction::updateLayoutParameters): Deleted.
2674         * rendering/mathml/RenderMathMLFraction.h: Declare new helper functions and remove members
2675         for stack and fraction parameters.
2676
2677 2016-07-18  Chris Dumez  <cdumez@apple.com>
2678
2679         input.formEnctype / formMethod and button.formEnctype / formMethod / type should treat null as "null"
2680         https://bugs.webkit.org/show_bug.cgi?id=159908
2681
2682         Reviewed by Alex Christensen.
2683
2684         input.formEnctype / formMethod and button.formEnctype / formMethod / type
2685         should treat null as "null" String:
2686         - https://html.spec.whatwg.org/multipage/forms.html#htmlinputelement
2687         - https://html.spec.whatwg.org/multipage/forms.html#htmlbuttonelement
2688
2689         In WebKit, we would treat null as a null String which would end up
2690         removing the corresponding attribute. This does not match the
2691         specification. Firefox and Chrome match the specification here.
2692
2693         Tests:
2694         - fast/dom/HTMLButtonElement/null-handling.html
2695         - fast/dom/HTMLInputElement/null-handling.html
2696
2697         * html/HTMLButtonElement.idl:
2698         * html/HTMLInputElement.idl:
2699
2700 2016-07-18  Alex Christensen  <achristensen@webkit.org>
2701
2702         webbookmarksd needs to use the same AppCache directory as MobileSafari
2703         https://bugs.webkit.org/show_bug.cgi?id=159912
2704
2705         Reviewed by Alexey Proskuryakov.
2706
2707         No new tests.  This only changes behavior for webbookmarksd.
2708
2709         * platform/RuntimeApplicationChecks.h:
2710         * platform/RuntimeApplicationChecks.mm:
2711         (WebCore::IOSApplication::isWebBookmarksD): Added.
2712
2713 2016-07-18  Chris Dumez  <cdumez@apple.com>
2714
2715         EventTarget.dispatchEvent() parameter should not be nullable
2716         https://bugs.webkit.org/show_bug.cgi?id=159897
2717
2718         Reviewed by Benjamin Poulain.
2719
2720         EventTarget.dispatchEvent() parameter should not be nullable:
2721         - https://dom.spec.whatwg.org/#interface-eventtarget
2722
2723         Even though the parameter was marked as nullable in our IDL, our
2724         implementation does a null check and we already throw a TypeError
2725         when calling dispatchEvent(null).
2726
2727         Update our IDL so that it matches the specification and so that
2728         the null check is generated in the bindings instead.
2729
2730         No new tests, rebaseline existing tests.
2731
2732         * dom/EventTarget.cpp:
2733         (WebCore::EventTarget::dispatchEventForBindings):
2734         * dom/EventTarget.h:
2735         * dom/EventTarget.idl:
2736
2737 2016-07-18  Chris Dumez  <cdumez@apple.com>
2738
2739         DocType's publicId / systemId should not be nullable
2740         https://bugs.webkit.org/show_bug.cgi?id=159901
2741
2742         Reviewed by Benjamin Poulain.
2743
2744         DocType's publicId / systemId should not be nullable. While they were
2745         not marked as nullable in our IDL, they could be stored as null Strings
2746         in our implementation depending on how the Node was constructed. This
2747         led to subtle bugs where String() != emptyString().
2748
2749         In particular, Node.isEqualNode() would return false when DocumentType
2750         nodes would mismatch because of their publicId / systemId being null
2751         instead of the emptyString.
2752
2753         Serialization would DocumentType nodes would also be wrong when
2754         publicId / systemId were empty Strings instead of null strings. The
2755         new behavior now matches:
2756         - https://www.w3.org/TR/DOM-Parsing/#dfn-concept-serialize-doctype (steps 7-9)
2757
2758         To address these issues, we now always store publicId / systemId as
2759         non-null Strings inside the DocumentType class.
2760
2761         Test: fast/dom/DocumentType/isEqualNode.html
2762
2763         * dom/DocumentType.cpp:
2764         (WebCore::DocumentType::DocumentType):
2765         * editing/MarkupAccumulator.cpp:
2766         (WebCore::MarkupAccumulator::appendDocumentType):
2767
2768 2016-07-18  Jeremy Jones  <jeremyj@apple.com>
2769
2770         If previous media session interruptions were prevented, still allow subsequent interruptions to try.
2771         https://bugs.webkit.org/show_bug.cgi?id=157553
2772         rdar://problem/25740804
2773
2774         Reviewed by Eric Carlson.
2775
2776         Test: platform/ios-simulator/media/video-interruption-suspendunderlock.html
2777
2778         When suspending under lock on iOS, there is first a resign active event, then a
2779         suspend under lock. PiP prevents resign active from interrupting playback. But it should allow the
2780         suspend under lock to interrupt playback.
2781
2782         Currently if there are nested interruptions only the first one is acted upon.
2783
2784         This change allows subsequent, nested interruptions to have a chance to interrupt playback if the
2785         previous interruptions were ignored.
2786
2787         This test is for iPad only, so it must be run manually.
2788
2789         * html/HTMLMediaElement.cpp:
2790         (WebCore::HTMLMediaElement::shouldOverrideBackgroundPlaybackRestriction):
2791         * platform/audio/PlatformMediaSession.cpp:
2792         (WebCore::PlatformMediaSession::beginInterruption):
2793         * testing/Internals.cpp:
2794         (WebCore::Internals::beginMediaSessionInterruption):
2795
2796 2016-07-18  Brent Fulgham  <bfulgham@apple.com>
2797
2798         Don't associate form-associated elements with forms in other trees.
2799         https://bugs.webkit.org/show_bug.cgi?id=119451
2800         <rdar://problem/27382946>
2801
2802         Change is based on the Blink change (patch by <adamk@chromium.org>):
2803         <https://chromium.googlesource.com/chromium/blink/+/0b33128be67e7845d495d5219614c02ccfe7a414>
2804
2805         Reviewed by Chris Dumez.
2806
2807         Prevent elements from being associated with forms that are not part of the same home subtree.
2808         This brings us in line with the WhatWG HTML specification as of September, 2013.
2809
2810         Tests: fast/forms/image-disconnected-during-parse.html
2811                fast/forms/input-disconnected-during-parse.html
2812
2813         * dom/Element.h:
2814         (WebCore::Node::rootElement): Added.
2815         * html/FormAssociatedElement.cpp:
2816         (WebCore::FormAssociatedElement::insertedInto): If the element is associated with a form that
2817         is not part of the same tree, remove the association.
2818         * html/HTMLImageElement.cpp:
2819         (WebCore::HTMLImageElement::insertedInto): Ditto.
2820
2821 2016-07-18  Anders Carlsson  <andersca@apple.com>
2822
2823         WebKit nightly fails to build on macOS Sierra
2824         https://bugs.webkit.org/show_bug.cgi?id=159902
2825         rdar://problem/27365672
2826
2827         Reviewed by Tim Horton.
2828
2829         * Modules/applepay/cocoa/PaymentCocoa.mm:
2830         * Modules/applepay/cocoa/PaymentContactCocoa.mm:
2831         * Modules/applepay/cocoa/PaymentMerchantSessionCocoa.mm:
2832         * Modules/applepay/cocoa/PaymentMethodCocoa.mm:
2833         Use new PassKitSPI header.
2834
2835         * WebCore.xcodeproj/project.pbxproj:
2836         Add new PassKitSPI header.
2837
2838         * icu/unicode/ucurr.h: Added.
2839         Add ucurr.h from ICU.
2840
2841         * platform/spi/cocoa/PassKitSPI.h: Added.
2842         Add new PassKitSPI header.
2843
2844 2016-07-18  Dean Jackson  <dino@apple.com>
2845
2846         REGRESSION (r202950): Image zoom animations are broken at medium.com (159861)
2847         https://bugs.webkit.org/show_bug.cgi?id=159906
2848         <rdar://problem/27391725>
2849
2850         Reviewed by Simon Fraser.
2851
2852         The fix for webkit.org/b/157569 in r200769 broke AMP pages.
2853         The followup fix for webkit.org/b/159450 in r202950 broke Medium pages.
2854
2855         Revert them both until we have better testing.
2856
2857         * css/CSSParser.cpp:
2858         (WebCore::CSSParser::addPropertyWithPrefixingVariant):
2859         (WebCore::CSSParser::parseValue):
2860         (WebCore::CSSParser::parseAnimationShorthand):
2861         (WebCore::CSSParser::parseTransitionShorthand): Deleted.
2862         * css/CSSPropertyNames.in:
2863         * css/PropertySetCSSStyleDeclaration.cpp:
2864         (WebCore::PropertySetCSSStyleDeclaration::getPropertyCSSValue):
2865         (WebCore::PropertySetCSSStyleDeclaration::getPropertyValue):
2866         (WebCore::PropertySetCSSStyleDeclaration::getPropertyCSSValueInternal):
2867         (WebCore::PropertySetCSSStyleDeclaration::getPropertyValueInternal):
2868         * css/StyleProperties.cpp:
2869         (WebCore::MutableStyleProperties::removeShorthandProperty):
2870         (WebCore::MutableStyleProperties::removeProperty):
2871         (WebCore::MutableStyleProperties::removePrefixedOrUnprefixedProperty):
2872         (WebCore::MutableStyleProperties::setProperty):
2873         (WebCore::getIndexInShorthandVectorForPrefixingVariant):
2874         (WebCore::MutableStyleProperties::appendPrefixingVariantProperty):
2875         (WebCore::MutableStyleProperties::setPrefixingVariantProperty):
2876         (WebCore::StyleProperties::asText): Deleted.
2877         * css/StyleProperties.h:
2878
2879 2016-07-18  Andreas Kling  <akling@apple.com>
2880
2881         There should be a way to simulate memory pressure in layout tests
2882         <https://webkit.org/b/159743>
2883
2884         Reviewed by Simon Fraser.
2885
2886         Add three window.internal APIs:
2887
2888             - boolean isUnderMemoryPressure (readonly attribute)
2889             - void beginSimulatedMemoryPressure()
2890             - void endSimulatedMemoryPressure()
2891
2892         These make it possible to write tests that exercise behaviors that only
2893         occur during memory pressure situations.
2894
2895         I also implemented the "org.WebKit.lowMemory" notification handler using the new API.
2896
2897         Test: memory/memory-pressure-simulation.html
2898
2899         * platform/MemoryPressureHandler.cpp:
2900         (WebCore::MemoryPressureHandler::beginSimulatedMemoryPressure):
2901         (WebCore::MemoryPressureHandler::endSimulatedMemoryPressure):
2902         * platform/MemoryPressureHandler.h:
2903         (WebCore::MemoryPressureHandler::isUnderMemoryPressure):
2904         * platform/cocoa/MemoryPressureHandlerCocoa.mm:
2905         (WebCore::MemoryPressureHandler::platformReleaseMemory):
2906         (WebCore::MemoryPressureHandler::install):
2907         * testing/Internals.cpp:
2908         (WebCore::Internals::isUnderMemoryPressure):
2909         (WebCore::Internals::beginSimulatedMemoryPressure):
2910         (WebCore::Internals::endSimulatedMemoryPressure):
2911         * testing/Internals.h:
2912         * testing/Internals.idl:
2913
2914 2016-07-18  Said Abou-Hallawa  <sabouhallawa@apple,com>
2915
2916         [iOS] PDFDocumentImage should cache only a sub image of the PDF when caching the whole image is expensive
2917         https://bugs.webkit.org/show_bug.cgi?id=158715
2918
2919         Reviewed by Dean Jackson.
2920
2921         Test: fast/images/displaced-non-cached-pdf.html
2922
2923         For iOS, we need to ensure the size of the cached PDF images will not
2924         exceed some limit. Also we should be caching only a sub image of the PDF
2925         if caching the whole image will exceed the memory limit.
2926
2927         * page/Settings.cpp:
2928         (WebCore::Settings::Settings):
2929         (WebCore::Settings::setCachedPDFImageEnabled):
2930         * page/Settings.h:
2931         (WebCore::Settings::isCachedPDFImageEnabled):
2932             Add an option to disable caching the PDF images.
2933
2934         * platform/graphics/cg/PDFDocumentImage.cpp:
2935         (WebCore::PDFDocumentImage::setCachedPDFImageEnabled):
2936             Allow the caller of draw() to disable caching the PDF images.
2937         
2938         (WebCore::PDFDocumentImage::cacheParametersMatch):
2939             Match the context dirty rectangle with the cached image rectangle.
2940         
2941         (WebCore::transformContextForPainting):
2942             When preparing the context for drawing the PDF, take the location 
2943             of the destination rectangle into account. We do not need to scale
2944             the location of the source rectangle because we scale the size of
2945             the rectangle but we don't scale the whole coordinate system.
2946
2947         (WebCore::cachedImageRect):
2948             Calculate the rectangle of the cached image such that it does not
2949             exceed the limit. Start from the center of the dirty rectangle and
2950             then expand around it.
2951             
2952         (WebCore::PDFDocumentImage::decodedSizeChanged):
2953             In addition to notifying the ImageObserver, it keeps track of the size
2954             of all the cached PDF images.
2955
2956         (WebCore::PDFDocumentImage::updateCachedImageIfNeeded):
2957             Ensure the size of all the cached images does not exceed the limit
2958             
2959         (WebCore::PDFDocumentImage::destroyDecodedData):
2960         * platform/graphics/cg/PDFDocumentImage.h:
2961
2962         * rendering/RenderImage.cpp:
2963         (WebCore::RenderImage::paintIntoRect):
2964             Pass the option to disable caching the PDF images to PDFDocumentImage.
2965
2966         * testing/InternalSettings.cpp:
2967         (WebCore::InternalSettings::Backup::Backup):
2968         (WebCore::InternalSettings::Backup::restoreTo):
2969         (WebCore::InternalSettings::setCachedPDFImageEnabled):
2970         * testing/InternalSettings.h:
2971         * testing/InternalSettings.idl:
2972             Add an internal option to disable caching the PDF images.
2973
2974 2016-07-18  Chris Dumez  <cdumez@apple.com>
2975
2976         The 2 first parameters to addEventListener() / removeEventListener() should be mandatory
2977         https://bugs.webkit.org/show_bug.cgi?id=158008
2978
2979         Reviewed by Darin Adler.
2980
2981         The 2 first parameters to addEventListener() / removeEventListener() should be
2982         mandatory:
2983         - https://dom.spec.whatwg.org/#interface-eventtarget
2984
2985         Firefox 46 and Chrome 50 both match the specification and throw an exception when those
2986         parameters are omitted. However, those parameters were marked as optional in WebKit and
2987         the calls were no-ops if those parameters were omitted. This patch aligns our behavior
2988         with the specification and other browsers.
2989
2990         Test: fast/dom/eventtarget-api-parameters.html
2991
2992         * bindings/scripts/CodeGeneratorJS.pm:
2993         (GetFunctionLength): Deleted.
2994         * dom/EventTarget.idl:
2995
2996 2016-07-18  Brent Fulgham  <bfulgham@apple.com>
2997
2998         Unreviewed, rolling out r203373.
2999
3000         Unaddressed
3001
3002         Reverted changeset:
3003
3004         "Don't associate form-associated elements with forms in other
3005         trees."
3006         https://bugs.webkit.org/show_bug.cgi?id=119451
3007         http://trac.webkit.org/changeset/203373
3008
3009 2016-07-18  Brent Fulgham  <bfulgham@apple.com>
3010
3011         Don't associate form-associated elements with forms in other trees.
3012         https://bugs.webkit.org/show_bug.cgi?id=119451
3013         <rdar://problem/27382946>
3014
3015         Change is based on the Blink change (patch by <adamk@chromium.org>):
3016         <https://chromium.googlesource.com/chromium/blink/+/0b33128be67e7845d495d5219614c02ccfe7a414>
3017
3018         Reviewed by Zalan Bujtas.
3019
3020         Prevent elements from being associated with forms that are not part of the same home subtree.
3021         This brings us in line with the WhatWG HTML specification as of September, 2013.
3022
3023         Tests: fast/forms/image-disconnected-during-parse.html
3024                fast/forms/input-disconnected-during-parse.html
3025
3026         * dom/NodeTraversal.h:
3027         (WebCore::NodeTraversal::highestAncestorOrSelf): Added.
3028         * html/FormAssociatedElement.cpp:
3029         (WebCore::FormAssociatedElement::insertedInto): If the element is associated with a form that
3030         is not part of the same tree, remove the association.
3031         * html/HTMLImageElement.cpp:
3032         (WebCore::HTMLImageElement::insertedInto): Ditto.
3033
3034 2016-07-18  George Ruan  <gruan@apple.com>
3035
3036         Move MediaSampleAVFObjC into its own file
3037         https://bugs.webkit.org/show_bug.cgi?id=159796
3038         <rdar://problem/27362488>
3039
3040         In preparation for a feature that uses MediaSampleAVFObjC, but does
3041         not need SourceBufferPrivateAVFObjC, it is beneficial to move
3042         MediaSampleAVFObjC to its own file.
3043
3044         Reviewed by Eric Carlson.
3045
3046         * WebCore.xcodeproj/project.pbxproj:
3047         * platform/MediaSample.h: Allow setting trackID to associate
3048         MediaSample id with MediaStreamTrackPrivate id.
3049         * platform/graphics/avfoundation/MediaSampleAVFObjC.h: Added.
3050         * platform/graphics/avfoundation/objc/MediaSampleAVFObjC.mm: Moved
3051         from MediaSampleAVFObjC
3052         (WebCore::MediaSampleAVFObjC::presentationTime):
3053         (WebCore::MediaSampleAVFObjC::decodeTime):
3054         (WebCore::MediaSampleAVFObjC::duration):
3055         (WebCore::MediaSampleAVFObjC::sizeInBytes):
3056         (WebCore::MediaSampleAVFObjC::platformSample):
3057         (WebCore::CMSampleBufferIsRandomAccess):
3058         (WebCore::MediaSampleAVFObjC::flags):
3059         (WebCore::MediaSampleAVFObjC::presentationSize):
3060         (WebCore::MediaSampleAVFObjC::dump):
3061         (WebCore::MediaSampleAVFObjC::offsetTimestampsBy):
3062         (WebCore::MediaSampleAVFObjC::setTimestamps):
3063         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
3064         Moved MediaSampleAVFObjC to its own file.
3065         (WebCore::MediaSampleAVFObjC::platformSample): Deleted.
3066         (WebCore::CMSampleBufferIsRandomAccess): Deleted.
3067         (WebCore::MediaSampleAVFObjC::flags): Deleted.
3068         (WebCore::MediaSampleAVFObjC::presentationSize): Deleted.
3069         (WebCore::MediaSampleAVFObjC::dump): Deleted.
3070         (WebCore::MediaSampleAVFObjC::offsetTimestampsBy): Deleted.
3071         (WebCore::MediaSampleAVFObjC::setTimestamps): Deleted.
3072         * platform/mock/mediasource/MockSourceBufferPrivate.cpp:
3073
3074 2016-07-18  Eric Carlson  <eric.carlson@apple.com>
3075
3076         [MSE][Mac] Pass AVSampleBufferDisplayLayer HDCP status to a newly created key session
3077         https://bugs.webkit.org/show_bug.cgi?id=159812
3078         <rdar://problem/27371624>
3079
3080         Reviewed by Jon Lee.
3081
3082         No new tests, it isn't possible to test this with our current testing infrastructure.
3083
3084         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.h:
3085         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
3086         (WebCore::SourceBufferPrivateAVFObjC::setCDMSession): Call layerDidReceiveError if there has
3087         been an HDCP error.
3088         (WebCore::SourceBufferPrivateAVFObjC::rendererDidReceiveError): Remember an HDCP error.
3089
3090 2016-07-18  Yoav Weiss  <yoav@yoav.ws>
3091
3092         Add preload to features.json
3093         https://bugs.webkit.org/show_bug.cgi?id=159872
3094
3095         Reviewed by Darin Adler.
3096
3097         No new tests but no functional change.
3098
3099         * features.json:
3100
3101 2016-07-18  Youenn Fablet  <youenn@apple.com>
3102
3103         [Streams API] ReadableStream should throw a RangeError in case of NaN highWaterMark
3104         https://bugs.webkit.org/show_bug.cgi?id=159870
3105
3106         Reviewed by Xabier Rodriguez-Calvar.
3107
3108         Covered by rebased test.
3109
3110         * Modules/streams/StreamInternals.js:
3111         (validateAndNormalizeQueuingStrategy): Throwing a RangeError in lieu of a TypeError in case of NaN highWaterMark.
3112
3113 2016-07-18  Csaba Osztrogon√°c  <ossy@webkit.org>
3114
3115         Windows buildfix after r203338
3116         https://bugs.webkit.org/show_bug.cgi?id=159875
3117
3118         Unreviewed buildfix.
3119
3120         * dom/UserGestureIndicator.h:
3121         (WebCore::UserGestureToken::addDestructionObserver):
3122
3123 2016-07-18  Carlos Garcia Campos  <cgarcia@igalia.com>
3124
3125         MemoryPressureHandler doesn't work if cgroups aren't present in Linux
3126         https://bugs.webkit.org/show_bug.cgi?id=155255
3127
3128         Reviewed by Sergio Villar Senin.
3129
3130         Allow to pass an eventFD file descriptor to the MemoryPressureHandler to be monitorized in case cgroups are not
3131         available.
3132
3133         * platform/MemoryPressureHandler.h:
3134         * platform/linux/MemoryPressureHandlerLinux.cpp:
3135
3136 2016-07-17  Gyuyoung Kim  <gyuyoung.kim@webkit.org>
3137
3138         Clean up PassRefPtr uses in Modules/encryptedmedia, Modules/speech, and Modules/quota
3139         https://bugs.webkit.org/show_bug.cgi?id=159701
3140
3141         Reviewed by Alex Christensen.
3142
3143         No new tests, no behavior changes.
3144
3145         * Modules/encryptedmedia/CDM.h:
3146         * Modules/encryptedmedia/MediaKeySession.h:
3147         * Modules/encryptedmedia/MediaKeys.h:
3148         * Modules/quota/DOMWindowQuota.cpp:
3149         * Modules/quota/StorageErrorCallback.cpp:
3150         (WebCore::StorageErrorCallback::CallbackTask::CallbackTask):
3151         * Modules/quota/StorageErrorCallback.h:
3152         * Modules/quota/StorageInfo.h:
3153         * Modules/quota/StorageQuota.h:
3154         * Modules/speech/DOMWindowSpeechSynthesis.cpp:
3155         * Modules/speech/SpeechSynthesis.cpp:
3156         (WebCore::SpeechSynthesis::getVoices):
3157         (WebCore::SpeechSynthesis::startSpeakingImmediately):
3158         (WebCore::SpeechSynthesis::speak):
3159         (WebCore::SpeechSynthesis::cancel):
3160         (WebCore::SpeechSynthesis::handleSpeakingCompleted):
3161         (WebCore::SpeechSynthesis::boundaryEventOccurred):
3162         (WebCore::SpeechSynthesis::didStartSpeaking):
3163         (WebCore::SpeechSynthesis::didPauseSpeaking):
3164         (WebCore::SpeechSynthesis::didResumeSpeaking):
3165         (WebCore::SpeechSynthesis::didFinishSpeaking):
3166         (WebCore::SpeechSynthesis::speakingErrorOccurred):
3167         * Modules/speech/SpeechSynthesis.h:
3168         * Modules/speech/SpeechSynthesisEvent.h:
3169         * Modules/speech/SpeechSynthesisUtterance.h:
3170         * Modules/speech/SpeechSynthesisVoice.cpp:
3171         (WebCore::SpeechSynthesisVoice::create):
3172         (WebCore::SpeechSynthesisVoice::SpeechSynthesisVoice):
3173         * Modules/speech/SpeechSynthesisVoice.h:
3174         * platform/PlatformSpeechSynthesizer.h:
3175         * platform/efl/PlatformSpeechSynthesisProviderEfl.cpp:
3176         (WebCore::PlatformSpeechSynthesisProviderEfl::fireSpeechEvent):
3177         * platform/mock/PlatformSpeechSynthesizerMock.cpp:
3178         (WebCore::PlatformSpeechSynthesizerMock::speakingFinished):
3179         (WebCore::PlatformSpeechSynthesizerMock::speak):
3180         (WebCore::PlatformSpeechSynthesizerMock::cancel):
3181         (WebCore::PlatformSpeechSynthesizerMock::pause):
3182         (WebCore::PlatformSpeechSynthesizerMock::resume):
3183
3184 2016-07-16  Sam Weinig  <sam@webkit.org>
3185
3186         [WebKit API] Add SPI to track multiple navigations caused by a single user gesture
3187         <rdar://problem/26554137>
3188         https://bugs.webkit.org/show_bug.cgi?id=159856
3189
3190         Reviewed by Dan Bernstein.
3191
3192         - Adds a new RefCounted object to represent a unique user gesture, called UserGestureToken.
3193         - Makes UserGestureIndicator track UserGestureToken.
3194         - Refines UserGestureIndicator's interface to use Optional and a smaller enum set
3195           to represent the different initial states.
3196         - Stores UserGestureTokens on objects that want to forward user gesture state (DOMTimer, 
3197           postMessage, and ScheduledNavigation) rather than just a boolean.
3198
3199         * accessibility/AccessibilityNodeObject.cpp:
3200         (WebCore::AccessibilityNodeObject::increment):
3201         (WebCore::AccessibilityNodeObject::decrement):
3202         * accessibility/AccessibilityObject.cpp:
3203         (WebCore::AccessibilityObject::press):
3204         * bindings/js/ScriptController.cpp:
3205         (WebCore::ScriptController::executeScriptInWorld):
3206         (WebCore::ScriptController::executeScript):
3207         Update for new UserGestureIndicator interface.
3208
3209         * dom/UserGestureIndicator.cpp:
3210         (WebCore::currentToken):
3211         (WebCore::UserGestureToken::~UserGestureToken):
3212         (WebCore::UserGestureIndicator::UserGestureIndicator):
3213         (WebCore::UserGestureIndicator::~UserGestureIndicator):
3214         (WebCore::UserGestureIndicator::currentUserGesture):
3215         (WebCore::UserGestureIndicator::processingUserGesture):
3216         (WebCore::UserGestureIndicator::processingUserGestureForMedia):
3217         (WebCore::isDefinite): Deleted.
3218         * dom/UserGestureIndicator.h:
3219         (WebCore::UserGestureToken::create):
3220         (WebCore::UserGestureToken::state):
3221         (WebCore::UserGestureToken::processingUserGesture):
3222         (WebCore::UserGestureToken::processingUserGestureForMedia):
3223         (WebCore::UserGestureToken::addDestructionObserver):
3224         (WebCore::UserGestureToken::UserGestureToken):
3225         Add UserGestureToken and track the current one explicitly.
3226
3227         * html/HTMLMediaElement.cpp:
3228         (WebCore::HTMLMediaElement::didReceiveRemoteControlCommand):
3229         * inspector/InspectorFrontendClientLocal.cpp:
3230         (WebCore::InspectorFrontendClientLocal::openInNewTab):
3231         * inspector/InspectorFrontendHost.cpp:
3232         * inspector/InspectorPageAgent.cpp:
3233         (WebCore::InspectorPageAgent::navigate):
3234         Update for new UserGestureIndicator interface.
3235
3236         * loader/NavigationAction.cpp:
3237         (WebCore::NavigationAction::NavigationAction):
3238         * loader/NavigationAction.h:
3239         (WebCore::NavigationAction::userGestureToken):
3240         (WebCore::NavigationAction::processingUserGesture):
3241         * loader/NavigationScheduler.cpp:
3242         (WebCore::ScheduledNavigation::ScheduledNavigation):
3243         (WebCore::ScheduledNavigation::~ScheduledNavigation):
3244         (WebCore::ScheduledNavigation::lockBackForwardList):
3245         (WebCore::ScheduledNavigation::wasDuringLoad):
3246         (WebCore::ScheduledNavigation::isLocationChange):
3247         (WebCore::ScheduledNavigation::userGestureToForward):
3248         (WebCore::ScheduledNavigation::clearUserGesture):
3249         (WebCore::NavigationScheduler::mustLockBackForwardList):
3250         (WebCore::NavigationScheduler::scheduleFormSubmission):
3251         (WebCore::ScheduledNavigation::wasUserGesture): Deleted.
3252         * page/DOMTimer.cpp:
3253         (WebCore::shouldForwardUserGesture):
3254         (WebCore::userGestureTokenToForward):
3255         (WebCore::DOMTimer::DOMTimer):
3256         (WebCore::DOMTimer::fired):
3257         * page/DOMTimer.h:
3258         * page/DOMWindow.cpp:
3259         (WebCore::PostMessageTimer::PostMessageTimer):
3260         Store the active UserGestureToken rather than just a bit.
3261
3262         * page/EventHandler.cpp:
3263         (WebCore::EventHandler::handleMousePressEvent):
3264         (WebCore::EventHandler::handleMouseDoubleClickEvent):
3265         (WebCore::EventHandler::handleMouseReleaseEvent):
3266         (WebCore::EventHandler::keyEvent):
3267         (WebCore::EventHandler::handleTouchEvent):
3268         * rendering/HitTestResult.cpp:
3269         (WebCore::HitTestResult::toggleMediaFullscreenState):
3270         (WebCore::HitTestResult::enterFullscreenForVideo):
3271         (WebCore::HitTestResult::toggleEnhancedFullscreenForVideo):
3272         Update for new UserGestureIndicator interface.
3273
3274 2016-07-17  Ryosuke Niwa  <rniwa@webkit.org>
3275
3276         Rename fastHasAttribute to hasAttributeWithoutSynchronization
3277         https://bugs.webkit.org/show_bug.cgi?id=159864
3278
3279         Reviewed by Chris Dumez.
3280
3281         Renamed Rename fastHasAttribute to hasAttributeWithoutSynchronization for clarity.
3282
3283         * accessibility/AccessibilityListBoxOption.cpp:
3284         (WebCore::AccessibilityListBoxOption::isEnabled):
3285         * accessibility/AccessibilityObject.cpp:
3286         (WebCore::AccessibilityObject::hasAttribute):
3287         (WebCore::AccessibilityObject::getAttribute):
3288         * accessibility/AccessibilityRenderObject.cpp:
3289         (WebCore::AccessibilityRenderObject::determineAccessibilityRole):
3290         * bindings/scripts/CodeGenerator.pm:
3291         (GetterExpression):
3292         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
3293         * bindings/scripts/test/JS/JSTestObj.cpp:
3294         (WebCore::jsTestObjReflectedBooleanAttr):
3295         (WebCore::jsTestObjReflectedCustomBooleanAttr):
3296         * bindings/scripts/test/ObjC/DOMTestObj.mm:
3297         (-[DOMTestObj reflectedBooleanAttr]):
3298         (-[DOMTestObj setReflectedBooleanAttr:]):
3299         (-[DOMTestObj reflectedCustomBooleanAttr]):
3300         (-[DOMTestObj setReflectedCustomBooleanAttr:]):
3301         * dom/Document.cpp:
3302         (WebCore::Document::hasManifest):
3303         (WebCore::Document::doctype):
3304         * dom/Element.h:
3305         (WebCore::Node::parentElement):
3306         (WebCore::Element::hasAttributeWithoutSynchronization):
3307         (WebCore::Element::fastHasAttribute): Deleted.
3308         * editing/ApplyStyleCommand.cpp:
3309         (WebCore::ApplyStyleCommand::removeEmbeddingUpToEnclosingBlock):
3310         * editing/DeleteSelectionCommand.cpp:
3311         (WebCore::DeleteSelectionCommand::makeStylingElementsDirectChildrenOfEditableRootToPreventStyleLoss):
3312         * editing/markup.cpp:
3313         (WebCore::createMarkupInternal):
3314         * html/ColorInputType.cpp:
3315         (WebCore::ColorInputType::shouldShowSuggestions):
3316         * html/FileInputType.cpp:
3317         (WebCore::FileInputType::handleDOMActivateEvent):
3318         (WebCore::FileInputType::receiveDroppedFiles):
3319         * html/FormAssociatedElement.cpp:
3320         (WebCore::FormAssociatedElement::didMoveToNewDocument):
3321         (WebCore::FormAssociatedElement::insertedInto):
3322         (WebCore::FormAssociatedElement::removedFrom):
3323         (WebCore::FormAssociatedElement::formAttributeChanged):
3324         * html/FormController.cpp:
3325         (WebCore::ownerFormForState):
3326         * html/GenericCachedHTMLCollection.cpp:
3327         (WebCore::GenericCachedHTMLCollection<traversalType>::elementMatches):
3328         * html/HTMLAnchorElement.cpp:
3329         (WebCore::HTMLAnchorElement::draggable):
3330         (WebCore::HTMLAnchorElement::href):
3331         (WebCore::HTMLAnchorElement::sendPings):
3332         * html/HTMLAppletElement.cpp:
3333         (WebCore::HTMLAppletElement::rendererIsNeeded):
3334         * html/HTMLElement.cpp:
3335         (WebCore::HTMLElement::collectStyleForPresentationAttribute):
3336         (WebCore::elementAffectsDirectionality):
3337         (WebCore::setHasDirAutoFlagRecursively):
3338         * html/HTMLEmbedElement.cpp:
3339         (WebCore::HTMLEmbedElement::rendererIsNeeded):
3340         * html/HTMLFieldSetElement.cpp:
3341         (WebCore::updateFromControlElementsAncestorDisabledStateUnder):
3342         (WebCore::HTMLFieldSetElement::disabledAttributeChanged):
3343         (WebCore::HTMLFieldSetElement::disabledStateChanged):
3344         (WebCore::HTMLFieldSetElement::childrenChanged):
3345         * html/HTMLFormControlElement.cpp:
3346         (WebCore::HTMLFormControlElement::formNoValidate):
3347         (WebCore::HTMLFormControlElement::formAction):
3348         (WebCore::HTMLFormControlElement::computeIsDisabledByFieldsetAncestor):
3349         (WebCore::shouldAutofocus):
3350         * html/HTMLFormElement.cpp:
3351         (WebCore::HTMLFormElement::formElementIndex):
3352         (WebCore::HTMLFormElement::noValidate):
3353         * html/HTMLFrameElement.cpp:
3354         (WebCore::HTMLFrameElement::noResize):
3355         (WebCore::HTMLFrameElement::didAttachRenderers):
3356         * html/HTMLFrameElementBase.cpp:
3357         (WebCore::HTMLFrameElementBase::parseAttribute):
3358         (WebCore::HTMLFrameElementBase::location):
3359         * html/HTMLHRElement.cpp:
3360         (WebCore::HTMLHRElement::collectStyleForPresentationAttribute):
3361         * html/HTMLImageElement.cpp:
3362         (WebCore::HTMLImageElement::isServerMap):
3363         * html/HTMLInputElement.cpp:
3364         (WebCore::HTMLInputElement::finishParsingChildren):
3365         (WebCore::HTMLInputElement::matchesDefaultPseudoClass):
3366         (WebCore::HTMLInputElement::isActivatedSubmit):
3367         (WebCore::HTMLInputElement::reset):
3368         (WebCore::HTMLInputElement::multiple):
3369         (WebCore::HTMLInputElement::setSize):
3370         (WebCore::HTMLInputElement::shouldUseMediaCapture):
3371         * html/HTMLMarqueeElement.cpp:
3372         (WebCore::HTMLMarqueeElement::minimumDelay):
3373         * html/HTMLMediaElement.cpp:
3374         (WebCore::HTMLMediaElement::insertedInto):
3375         (WebCore::HTMLMediaElement::selectMediaResource):
3376         (WebCore::HTMLMediaElement::loadResource):
3377         (WebCore::HTMLMediaElement::autoplay):
3378         (WebCore::HTMLMediaElement::preload):
3379         (WebCore::HTMLMediaElement::loop):
3380         (WebCore::HTMLMediaElement::setLoop):
3381         (WebCore::HTMLMediaElement::controls):
3382         (WebCore::HTMLMediaElement::setControls):
3383         (WebCore::HTMLMediaElement::muted):
3384         (WebCore::HTMLMediaElement::setMuted):
3385         (WebCore::HTMLMediaElement::selectNextSourceChild):
3386         (WebCore::HTMLMediaElement::sourceWasAdded):
3387         (WebCore::HTMLMediaElement::mediaSessionTitle):
3388         * html/HTMLObjectElement.cpp:
3389         (WebCore::HTMLObjectElement::parseAttribute):
3390         * html/HTMLOptGroupElement.cpp:
3391         (WebCore::HTMLOptGroupElement::isDisabledFormControl):
3392         (WebCore::HTMLOptGroupElement::isFocusable):
3393         * html/HTMLOptionElement.cpp:
3394         (WebCore::HTMLOptionElement::matchesDefaultPseudoClass):
3395         (WebCore::HTMLOptionElement::text):
3396         * html/HTMLProgressElement.cpp:
3397         (WebCore::HTMLProgressElement::isDeterminate):
3398         (WebCore::HTMLProgressElement::didElementStateChange):
3399         * html/HTMLScriptElement.cpp:
3400         (WebCore::HTMLScriptElement::async):
3401         (WebCore::HTMLScriptElement::setCrossOrigin):
3402         (WebCore::HTMLScriptElement::asyncAttributeValue):
3403         (WebCore::HTMLScriptElement::deferAttributeValue):
3404         (WebCore::HTMLScriptElement::hasSourceAttribute):
3405         (WebCore::HTMLScriptElement::dispatchLoadEvent):
3406         * html/HTMLSelectElement.cpp:
3407         (WebCore::HTMLSelectElement::reset):
3408         * html/HTMLTrackElement.cpp:
3409         (WebCore::HTMLTrackElement::isDefault):
3410         (WebCore::HTMLTrackElement::ensureTrack):
3411         (WebCore::HTMLTrackElement::loadTimerFired):
3412         * html/MediaElementSession.cpp:
3413         (WebCore::MediaElementSession::wirelessVideoPlaybackDisabled):
3414         (WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):
3415         (WebCore::MediaElementSession::allowsAutomaticMediaDataLoading):
3416         * html/SearchInputType.cpp:
3417         (WebCore::SearchInputType::searchEventsShouldBeDispatched):
3418         (WebCore::SearchInputType::didSetValueByUserEdit):
3419         * inspector/InspectorDOMAgent.cpp:
3420         (WebCore::InspectorDOMAgent::buildObjectForNode):
3421         * loader/FrameLoader.cpp:
3422         (WebCore::FrameLoader::shouldTreatURLAsSrcdocDocument):
3423         (WebCore::FrameLoader::findFrameForNavigation):
3424         * loader/ImageLoader.cpp:
3425         (WebCore::ImageLoader::notifyFinished):
3426         * mathml/MathMLSelectElement.cpp:
3427         (WebCore::MathMLSelectElement::getSelectedSemanticsChild):
3428         * rendering/RenderTableCell.cpp:
3429         (WebCore::RenderTableCell::computePreferredLogicalWidths):
3430         * rendering/RenderThemeIOS.mm:
3431         (WebCore::RenderThemeIOS::adjustMenuListButtonStyle):
3432         * rendering/SimpleLineLayout.cpp:
3433         (WebCore::SimpleLineLayout::canUseForWithReason):
3434         * rendering/svg/RenderSVGResourceClipper.cpp:
3435         (WebCore::RenderSVGResourceClipper::drawContentIntoMaskImage):
3436         * svg/SVGAnimateMotionElement.cpp:
3437         (WebCore::SVGAnimateMotionElement::updateAnimationPath):
3438         * svg/SVGAnimationElement.cpp:
3439         (WebCore::SVGAnimationElement::startedActiveInterval):
3440         (WebCore::SVGAnimationElement::updateAnimation):
3441         * svg/animation/SVGSMILElement.cpp:
3442         (WebCore::SVGSMILElement::insertedInto):
3443
3444 2016-07-17  Brady Eidson  <beidson@apple.com>
3445
3446         Exceptions logged to the JS console should use toString().
3447         https://bugs.webkit.org/show_bug.cgi?id=159855
3448
3449         Reviewed by Darin Adler.
3450
3451         No new tests (No change in behavior).
3452
3453         * bindings/js/JSDOMBinding.cpp:
3454         (WebCore::reportException):
3455
3456         * dom/DOMCoreException.h:
3457         (WebCore::DOMCoreException::DOMCoreException):
3458
3459         * dom/ExceptionBase.cpp:
3460         (WebCore::ExceptionBase::ExceptionBase):
3461         (WebCore::ExceptionBase::toString):
3462         (WebCore::ExceptionBase::consoleErrorMessage): Deleted.
3463         * dom/ExceptionBase.h:
3464         (WebCore::ExceptionBase::description): Deleted.
3465
3466         * svg/SVGException.h:
3467
3468         * xml/XPathException.h:
3469         (WebCore::XPathException::XPathException):
3470
3471 2016-07-17  Brady Eidson  <beidson@apple.com>
3472
3473         Update DOMCoreException to use the description in toString().
3474         https://bugs.webkit.org/show_bug.cgi?id=159857
3475
3476         Reviewed by Darin Adler.
3477
3478         No new tests (Covered by changes to existing tests).
3479
3480         * bindings/js/JSDOMBinding.cpp:
3481         (WebCore::createDOMException):
3482
3483         * dom/DOMCoreException.h:
3484         (WebCore::DOMCoreException::DOMCoreException):
3485         (WebCore::DOMCoreException::createWithDescriptionAsMessage): Deleted.
3486
3487 2016-07-17  Myles C. Maxfield  <mmaxfield@apple.com>
3488
3489         Support new emoji group candidates
3490         https://bugs.webkit.org/show_bug.cgi?id=159755
3491         <rdar://problem/27325521>
3492
3493         Reviewed by Dean Jackson.
3494
3495         There are a few code points which should be able to be joined (with ZWJ) to
3496         either U+2640 or U+2642 to change the gender of the emoji. These patterns
3497         should also work with an additional 0xFE0F variation selector. This patch
3498         adds these new patterns to our existing emoji group candidate infrastructure.
3499
3500         Tests: fast/text/emoji-gender-2-3.html
3501                fast/text/emoji-gender-2-4.html
3502                fast/text/emoji-gender-2-5.html
3503                fast/text/emoji-gender-2-6.html
3504                fast/text/emoji-gender-2-7.html
3505                fast/text/emoji-gender-2-8.html
3506                fast/text/emoji-gender-2-9.html
3507                fast/text/emoji-gender-2.html
3508                fast/text/emoji-gender-3.html
3509                fast/text/emoji-gender-4.html
3510                fast/text/emoji-gender-5.html
3511                fast/text/emoji-gender-6.html
3512                fast/text/emoji-gender-7.html
3513                fast/text/emoji-gender-8.html
3514                fast/text/emoji-gender-9.html
3515                fast/text/emoji-gender-fe0f-3.html
3516                fast/text/emoji-gender-fe0f-4.html
3517                fast/text/emoji-gender-fe0f-5.html
3518                fast/text/emoji-gender-fe0f-6.html
3519                fast/text/emoji-gender-fe0f-7.html
3520                fast/text/emoji-gender-fe0f-8.html
3521                fast/text/emoji-gender-fe0f-9.html
3522                fast/text/emoji-gender.html
3523                fast/text/emoji-num-glyphs.html
3524                fast/text/emoji-single-parent-family-2.html
3525                fast/text/emoji-single-parent-family.html
3526
3527         * platform/graphics/mac/ComplexTextControllerCoreText.mm:
3528         (WebCore::ComplexTextController::ComplexTextRun::ComplexTextRun): Removed incorrect ASSERT()s.
3529         * platform/graphics/FontCascade.cpp:
3530         (WebCore::FontCascade::characterRangeCodePath):
3531         * platform/text/CharacterProperties.h:
3532         (WebCore::isEmojiGroupCandidate):
3533
3534 2016-07-16  Brady Eidson  <beidson@apple.com>
3535
3536         Update SVGException to use the description in toString().
3537         https://bugs.webkit.org/show_bug.cgi?id=159847
3538
3539         Reviewed by Darin Adler.
3540
3541         No new tests (Covered by changes to existing tests).
3542
3543         * bindings/js/JSDOMBinding.cpp:
3544         (WebCore::reportException): use consoleErrorMessage for now.
3545
3546         * dom/ExceptionBase.cpp:
3547         (WebCore::ExceptionBase::consoleErrorMessage):
3548         * dom/ExceptionBase.h:
3549
3550         * svg/SVGException.h:
3551
3552 2016-07-16  Chris Dumez  <cdumez@apple.com>
3553
3554         Use fastHasAttribute() when possible
3555         https://bugs.webkit.org/show_bug.cgi?id=159838
3556
3557         Reviewed by Ryosuke Niwa.
3558
3559         Use fastHasAttribute() when possible, for performance.
3560
3561         * editing/DeleteSelectionCommand.cpp:
3562         (WebCore::DeleteSelectionCommand::makeStylingElementsDirectChildrenOfEditableRootToPreventStyleLoss):
3563         * editing/markup.cpp:
3564         (WebCore::createMarkupInternal):
3565         * html/HTMLAnchorElement.cpp:
3566         (WebCore::HTMLAnchorElement::draggable):
3567         * html/HTMLFrameElementBase.cpp:
3568         (WebCore::HTMLFrameElementBase::parseAttribute):
3569         * mathml/MathMLSelectElement.cpp:
3570         (WebCore::MathMLSelectElement::getSelectedSemanticsChild):
3571         * rendering/RenderThemeIOS.mm:
3572         (WebCore::RenderThemeIOS::adjustMenuListButtonStyle):
3573
3574 2016-07-16  Ryosuke Niwa  <rniwa@webkit.org>
3575
3576         Rename fastGetAttribute to attributeWithoutSynchronization
3577         https://bugs.webkit.org/show_bug.cgi?id=159852
3578
3579         Reviewed by Darin Adler.
3580
3581         Renamed fastGetAttribute to attributeWithoutSynchronization for clarity.
3582
3583         * accessibility/AXObjectCache.cpp:
3584         (WebCore::AXObjectCache::findAriaModalNodes):
3585         (WebCore::nodeHasRole):
3586         (WebCore::AXObjectCache::handleLiveRegionCreated):
3587         (WebCore::AXObjectCache::handleMenuItemSelected):
3588         (WebCore::AXObjectCache::handleAriaModalChange):
3589         (WebCore::isNodeAriaVisible):
3590         * accessibility/AccessibilityNodeObject.cpp:
3591         (WebCore::siblingWithAriaRole):
3592         (WebCore::AccessibilityNodeObject::titleElementText):
3593         (WebCore::AccessibilityNodeObject::alternativeTextForWebArea):
3594         (WebCore::AccessibilityNodeObject::hierarchicalLevel):
3595         (WebCore::AccessibilityNodeObject::stringValue):
3596         (WebCore::accessibleNameForNode):
3597         * accessibility/AccessibilityObject.cpp:
3598         (WebCore::AccessibilityObject::contentEditableAttributeIsEnabled):
3599         (WebCore::AccessibilityObject::getAttribute):
3600         * accessibility/AccessibilityRenderObject.cpp:
3601         (WebCore::AccessibilityRenderObject::stringValue):
3602         (WebCore::AccessibilityRenderObject::exposesTitleUIElement):
3603         * accessibility/AccessibilitySVGElement.cpp:
3604         (WebCore::AccessibilitySVGElement::childElementWithMatchingLanguage):
3605         (WebCore::AccessibilitySVGElement::accessibilityDescription):
3606         * bindings/objc/DOM.mm:
3607         (-[DOMHTMLLinkElement _mediaQueryMatches]):
3608         * bindings/scripts/CodeGenerator.pm:
3609         (GetterExpression):
3610         * bindings/scripts/CodeGeneratorObjC.pm:
3611         (GenerateImplementation):
3612         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
3613         * bindings/scripts/test/JS/JSTestObj.cpp:
3614         (WebCore::jsTestObjReflectedStringAttr):
3615         * dom/AuthorStyleSheets.cpp:
3616         (WebCore::AuthorStyleSheets::collectActiveStyleSheets):
3617         * dom/Document.cpp:
3618         (WebCore::Document::buildAccessKeyMap):
3619         (WebCore::Document::processBaseElement):
3620         * dom/DocumentOrderedMap.cpp:
3621         (WebCore::DocumentOrderedMap::getElementByLabelForAttribute):
3622         * dom/Element.cpp:
3623         (WebCore::Element::imageSourceURL):
3624         (WebCore::Element::rendererIsNeeded):
3625         (WebCore::Element::insertedInto):
3626         (WebCore::Element::removedFrom):
3627         (WebCore::Element::pseudo):
3628         (WebCore::Element::setPseudo):
3629         (WebCore::Element::spellcheckAttributeState):
3630         (WebCore::Element::canContainRangeEndPoint):
3631         (WebCore::Element::completeURLsInAttributeValue):
3632         * dom/Element.h:
3633         (WebCore::Element::fastHasAttribute):
3634         (WebCore::Element::attributeWithoutSynchronization):
3635         (WebCore::Element::fastGetAttribute): Deleted.
3636         * dom/InlineStyleSheetOwner.cpp:
3637         (WebCore::InlineStyleSheetOwner::createSheet):
3638         * dom/ScriptElement.cpp:
3639         (WebCore::ScriptElement::requestScript):
3640         (WebCore::ScriptElement::executeScript):
3641         * dom/SlotAssignment.cpp:
3642         (WebCore::slotNameFromSlotAttribute):
3643         (WebCore::SlotAssignment::SlotAssignment):
3644         (WebCore::recursivelyFireSlotChangeEvent):
3645         (WebCore::SlotAssignment::didChangeSlot):
3646         (WebCore::SlotAssignment::hostChildElementDidChange):
3647         (WebCore::SlotAssignment::assignedNodesForSlot):
3648         (WebCore::SlotAssignment::resolveAllSlotElements):
3649         * dom/TreeScope.cpp:
3650         (WebCore::TreeScope::labelElementForId):
3651         * dom/VisitedLinkState.cpp:
3652         (WebCore::linkAttribute):
3653         * editing/ApplyStyleCommand.cpp:
3654         (WebCore::isLegacyAppleStyleSpan):
3655         (WebCore::hasNoAttributeOrOnlyStyleAttribute):
3656         * editing/EditingStyle.cpp:
3657         (WebCore::EditingStyle::elementIsStyledSpanOrHTMLEquivalent):
3658         * editing/ReplaceSelectionCommand.cpp:
3659         (WebCore::isInterchangeNewlineNode):
3660         (WebCore::isInterchangeConvertedSpaceSpan):
3661         (WebCore::positionAvoidingPrecedingNodes):
3662         (WebCore::isMailPasteAsQuotationNode):
3663         (WebCore::isHeaderElement):
3664         (WebCore::isInlineNodeWithStyle):
3665         * editing/TextIterator.cpp:
3666         (WebCore::isRendererReplacedElement):
3667         * editing/cocoa/DataDetection.mm:
3668         (WebCore::DataDetection::isDataDetectorLink):
3669         (WebCore::DataDetection::requiresExtendedContext):
3670         (WebCore::DataDetection::dataDetectorIdentifier):
3671         (WebCore::DataDetection::shouldCancelDefaultAction):
3672         (WebCore::removeResultLinksFromAnchor):
3673         (WebCore::searchForLinkRemovingExistingDDLinks):
3674         * editing/gtk/EditorGtk.cpp:
3675         (WebCore::elementURL):
3676         * editing/htmlediting.cpp:
3677         (WebCore::isTabSpanNode):
3678         (WebCore::isTabSpanTextNode):
3679         (WebCore::isMailBlockquote):
3680         (WebCore::caretMinOffset):
3681         * editing/markup.cpp:
3682         (WebCore::createFragmentFromMarkup):
3683         * html/Autofill.cpp:
3684         (WebCore::AutofillData::createFromHTMLFormControlElement):
3685         * html/BaseTextInputType.cpp:
3686         (WebCore::BaseTextInputType::patternMismatch):
3687         * html/DateInputType.cpp:
3688         (WebCore::DateInputType::createStepRange):
3689         * html/DateTimeInputType.cpp:
3690         (WebCore::DateTimeInputType::createStepRange):
3691         * html/DateTimeLocalInputType.cpp:
3692         (WebCore::DateTimeLocalInputType::createStepRange):
3693         * html/FormAssociatedElement.cpp:
3694         (WebCore::FormAssociatedElement::findAssociatedForm):
3695         (WebCore::FormAssociatedElement::resetFormAttributeTargetObserver):
3696         (WebCore::FormAssociatedElement::formAttributeTargetChanged):
3697         * html/HTMLAnchorElement.cpp:
3698         (WebCore::HTMLAnchorElement::draggable):
3699         (WebCore::HTMLAnchorElement::href):
3700         (WebCore::HTMLAnchorElement::setHref):
3701         (WebCore::HTMLAnchorElement::target):
3702         (WebCore::HTMLAnchorElement::origin):
3703         (WebCore::HTMLAnchorElement::sendPings):
3704         (WebCore::HTMLAnchorElement::handleClick):
3705         * html/HTMLAnchorElement.h:
3706         (WebCore::HTMLAnchorElement::visitedLinkHash):
3707         * html/HTMLAppletElement.cpp:
3708         (WebCore::HTMLAppletElement::updateWidget):
3709         * html/HTMLAreaElement.cpp:
3710         (WebCore::HTMLAreaElement::target):
3711         * html/HTMLAttachmentElement.cpp:
3712         (WebCore::HTMLAttachmentElement::attachmentTitle):
3713         (WebCore::HTMLAttachmentElement::attachmentType):
3714         * html/HTMLBaseElement.cpp:
3715         (WebCore::HTMLBaseElement::target):
3716         (WebCore::HTMLBaseElement::href):
3717         * html/HTMLBodyElement.cpp:
3718         (WebCore::HTMLBodyElement::addSubresourceAttributeURLs):
3719         * html/HTMLButtonElement.cpp:
3720         (WebCore::HTMLButtonElement::value):
3721         (WebCore::HTMLButtonElement::computeWillValidate):
3722         * html/HTMLCanvasElement.cpp:
3723         (WebCore::HTMLCanvasElement::reset):
3724         * html/HTMLDocument.cpp:
3725         (WebCore::HTMLDocument::bgColor):
3726         (WebCore::HTMLDocument::setBgColor):
3727         (WebCore::HTMLDocument::fgColor):
3728         (WebCore::HTMLDocument::setFgColor):
3729         (WebCore::HTMLDocument::alinkColor):
3730         (WebCore::HTMLDocument::setAlinkColor):
3731         (WebCore::HTMLDocument::linkColor):
3732         (WebCore::HTMLDocument::setLinkColor):
3733         (WebCore::HTMLDocument::vlinkColor):
3734         (WebCore::HTMLDocument::setVlinkColor):
3735         * html/HTMLElement.cpp:
3736         (WebCore::contentEditableType):
3737         (WebCore::HTMLElement::collectStyleForPresentationAttribute):
3738         (WebCore::HTMLElement::dir):
3739         (WebCore::HTMLElement::setDir):
3740         (WebCore::HTMLElement::draggable):
3741         (WebCore::HTMLElement::setDraggable):
3742         (WebCore::HTMLElement::title):
3743         (WebCore::HTMLElement::tabIndex):
3744         (WebCore::HTMLElement::translateAttributeMode):
3745         (WebCore::HTMLElement::hasDirectionAuto):
3746         (WebCore::HTMLElement::directionality):
3747         * html/HTMLEmbedElement.cpp:
3748         (WebCore::HTMLEmbedElement::imageSourceURL):
3749         (WebCore::HTMLEmbedElement::addSubresourceAttributeURLs):
3750         * html/HTMLFormControlElement.cpp:
3751         (WebCore::HTMLFormControlElement::formEnctype):
3752         (WebCore::HTMLFormControlElement::formMethod):
3753         (WebCore::HTMLFormControlElement::formAction):
3754         (WebCore::HTMLFormControlElement::autocorrect):
3755         (WebCore::HTMLFormControlElement::autocapitalizeType):
3756         * html/HTMLFormElement.cpp:
3757         (WebCore::HTMLFormElement::autocorrect):
3758         (WebCore::HTMLFormElement::autocapitalizeType):
3759         (WebCore::HTMLFormElement::autocapitalize):
3760         (WebCore::HTMLFormElement::action):
3761         (WebCore::HTMLFormElement::setAction):
3762         (WebCore::HTMLFormElement::target):
3763         (WebCore::HTMLFormElement::wasUserSubmitted):
3764         (WebCore::HTMLFormElement::shouldAutocomplete):
3765         (WebCore::HTMLFormElement::finishParsingChildren):
3766         (WebCore::HTMLFormElement::autocomplete):
3767         * html/HTMLFrameElementBase.cpp:
3768         (WebCore::HTMLFrameElementBase::location):
3769         (WebCore::HTMLFrameElementBase::setLocation):
3770         * html/HTMLHtmlElement.cpp:
3771         (WebCore::HTMLHtmlElement::insertedByParser):
3772         * html/HTMLImageElement.cpp:
3773         (WebCore::HTMLImageElement::imageSourceURL):
3774         (WebCore::HTMLImageElement::setBestFitURLAndDPRFromImageCandidate):
3775         (WebCore::HTMLImageElement::bestFitSourceFromPictureElement):
3776         (WebCore::HTMLImageElement::selectImageSource):
3777         (WebCore::HTMLImageElement::altText):
3778         (WebCore::HTMLImageElement::createElementRenderer):
3779         (WebCore::HTMLImageElement::width):
3780         (WebCore::HTMLImageElement::height):
3781         (WebCore::HTMLImageElement::alt):
3782         (WebCore::HTMLImageElement::draggable):
3783         (WebCore::HTMLImageElement::setHeight):
3784         (WebCore::HTMLImageElement::src):
3785         (WebCore::HTMLImageElement::setSrc):
3786         (WebCore::HTMLImageElement::addSubresourceAttributeURLs):
3787         (WebCore::HTMLImageElement::didMoveToNewDocument):
3788         (WebCore::HTMLImageElement::isServerMap):
3789         (WebCore::HTMLImageElement::crossOrigin):
3790         * html/HTMLInputElement.cpp:
3791         (WebCore::HTMLInputElement::updateType):
3792         (WebCore::HTMLInputElement::initializeInputType):
3793         (WebCore::HTMLInputElement::altText):
3794         (WebCore::HTMLInputElement::value):
3795         (WebCore::HTMLInputElement::defaultValue):
3796         (WebCore::HTMLInputElement::setDefaultValue):
3797         (WebCore::HTMLInputElement::acceptMIMETypes):
3798         (WebCore::HTMLInputElement::acceptFileExtensions):
3799         (WebCore::HTMLInputElement::accept):
3800         (WebCore::HTMLInputElement::alt):
3801         (WebCore::HTMLInputElement::effectiveMaxLength):
3802         (WebCore::HTMLInputElement::src):
3803         (WebCore::HTMLInputElement::setAutoFilled):
3804         (WebCore::HTMLInputElement::dataList):
3805         (WebCore::HTMLInputElement::resetListAttributeTargetObserver):
3806         * html/HTMLKeygenElement.cpp:
3807         (WebCore::HTMLKeygenElement::isKeytypeRSA):
3808         (WebCore::HTMLKeygenElement::appendFormData):
3809         * html/HTMLLIElement.cpp:
3810         (WebCore::HTMLLIElement::didAttachRenderers):
3811         (WebCore::HTMLLIElement::parseValue):
3812         * html/HTMLLabelElement.cpp:
3813         (WebCore::HTMLLabelElement::control):
3814         * html/HTMLLinkElement.cpp:
3815         (WebCore::HTMLLinkElement::crossOrigin):
3816         (WebCore::HTMLLinkElement::process):
3817         (WebCore::HTMLLinkElement::href):
3818         (WebCore::HTMLLinkElement::rel):
3819         (WebCore::HTMLLinkElement::target):
3820         (WebCore::HTMLLinkElement::type):
3821         (WebCore::HTMLLinkElement::iconType):
3822         * html/HTMLMarqueeElement.cpp:
3823         (WebCore::HTMLMarqueeElement::scrollAmount):
3824         (WebCore::HTMLMarqueeElement::setScrollAmount):
3825         (WebCore::HTMLMarqueeElement::scrollDelay):
3826         (WebCore::HTMLMarqueeElement::setScrollDelay):
3827         (WebCore::HTMLMarqueeElement::loop):
3828         * html/HTMLMediaElement.cpp:
3829         (WebCore::HTMLMediaElement::insertedInto):
3830         (WebCore::HTMLMediaElement::crossOrigin):
3831         (WebCore::HTMLMediaElement::networkState):
3832         (WebCore::HTMLMediaElement::mediaSessionTitle):
3833         (WebCore::HTMLMediaElement::doesHaveAttribute):
3834         * html/HTMLMetaElement.cpp:
3835         (WebCore::HTMLMetaElement::process):
3836         (WebCore::HTMLMetaElement::content):
3837         (WebCore::HTMLMetaElement::httpEquiv):
3838         (WebCore::HTMLMetaElement::name):
3839         * html/HTMLMeterElement.cpp:
3840         (WebCore::HTMLMeterElement::min):
3841         (WebCore::HTMLMeterElement::setMin):
3842         (WebCore::HTMLMeterElement::max):
3843         (WebCore::HTMLMeterElement::setMax):
3844         (WebCore::HTMLMeterElement::value):
3845         (WebCore::HTMLMeterElement::low):
3846         (WebCore::HTMLMeterElement::high):
3847         (WebCore::HTMLMeterElement::optimum):
3848         * html/HTMLObjectElement.cpp:
3849         (WebCore::HTMLObjectElement::shouldAllowQuickTimeClassIdQuirk):
3850         (WebCore::HTMLObjectElement::hasValidClassId):
3851         (WebCore::HTMLObjectElement::imageSourceURL):
3852         (WebCore::HTMLObjectElement::renderFallbackContent):
3853         (WebCore::HTMLObjectElement::containsJavaApplet):
3854         (WebCore::HTMLObjectElement::addSubresourceAttributeURLs):
3855         * html/HTMLOptGroupElement.cpp:
3856         (WebCore::HTMLOptGroupElement::groupLabelText):
3857         * html/HTMLOptionElement.cpp:
3858         (WebCore::HTMLOptionElement::value):
3859         (WebCore::HTMLOptionElement::label):
3860         * html/HTMLParamElement.cpp:
3861         (WebCore::HTMLParamElement::value):
3862         (WebCore::HTMLParamElement::isURLParameter):
3863         * html/HTMLProgressElement.cpp:
3864         (WebCore::HTMLProgressElement::value):
3865         (WebCore::HTMLProgressElement::max):
3866         * html/HTMLScriptElement.cpp:
3867         (WebCore::HTMLScriptElement::crossOrigin):
3868         (WebCore::HTMLScriptElement::src):
3869         (WebCore::HTMLScriptElement::sourceAttributeValue):
3870         (WebCore::HTMLScriptElement::charsetAttributeValue):
3871         (WebCore::HTMLScriptElement::typeAttributeValue):
3872         (WebCore::HTMLScriptElement::languageAttributeValue):
3873         (WebCore::HTMLScriptElement::forAttributeValue):
3874         (WebCore::HTMLScriptElement::eventAttributeValue):
3875         (WebCore::HTMLScriptElement::asyncAttributeValue):
3876         * html/HTMLSlotElement.cpp:
3877         (WebCore::HTMLSlotElement::insertedInto):
3878         (WebCore::HTMLSlotElement::removedFrom):
3879         * html/HTMLSourceElement.cpp:
3880         (WebCore::HTMLSourceElement::media):
3881         (WebCore::HTMLSourceElement::setMedia):
3882         (WebCore::HTMLSourceElement::type):
3883         (WebCore::HTMLSourceElement::setType):
3884         * html/HTMLTableCellElement.cpp:
3885         (WebCore::HTMLTableCellElement::colSpanForBindings):
3886         (WebCore::HTMLTableCellElement::rowSpan):
3887         (WebCore::HTMLTableCellElement::rowSpanForBindings):
3888         (WebCore::HTMLTableCellElement::cellIndex):
3889         (WebCore::HTMLTableCellElement::abbr):
3890         (WebCore::HTMLTableCellElement::axis):
3891         (WebCore::HTMLTableCellElement::setColSpanForBindings):
3892         (WebCore::HTMLTableCellElement::headers):
3893         (WebCore::HTMLTableCellElement::setRowSpanForBindings):
3894         (WebCore::HTMLTableCellElement::scope):
3895         (WebCore::HTMLTableCellElement::addSubresourceAttributeURLs):
3896         (WebCore::HTMLTableCellElement::cellAbove):
3897         * html/HTMLTableColElement.cpp:
3898         (WebCore::HTMLTableColElement::width):
3899         * html/HTMLTableElement.cpp:
3900         (WebCore::HTMLTableElement::rules):
3901         (WebCore::HTMLTableElement::summary):
3902         (WebCore::HTMLTableElement::addSubresourceAttributeURLs):
3903         * html/HTMLTableSectionElement.cpp:
3904         (WebCore::HTMLTableSectionElement::align):
3905         (WebCore::HTMLTableSectionElement::setAlign):
3906         (WebCore::HTMLTableSectionElement::ch):
3907         (WebCore::HTMLTableSectionElement::setCh):
3908         (WebCore::HTMLTableSectionElement::chOff):
3909         (WebCore::HTMLTableSectionElement::setChOff):
3910         (WebCore::HTMLTableSectionElement::vAlign):
3911         (WebCore::HTMLTableSectionElement::setVAlign):
3912         * html/HTMLTextAreaElement.cpp:
3913         (WebCore::HTMLTextAreaElement::appendFormData):
3914         * html/HTMLTextFormControlElement.cpp:
3915         (WebCore::HTMLTextFormControlElement::strippedPlaceholder):
3916         (WebCore::HTMLTextFormControlElement::isPlaceholderEmpty):
3917         (WebCore::HTMLTextFormControlElement::directionForFormData):
3918         * html/HTMLTrackElement.cpp:
3919         (WebCore::HTMLTrackElement::srclang):
3920         (WebCore::HTMLTrackElement::label):
3921         (WebCore::HTMLTrackElement::isDefault):
3922         (WebCore::HTMLTrackElement::ensureTrack):
3923         (WebCore::HTMLTrackElement::mediaElementCrossOriginAttribute):
3924         * html/HTMLVideoElement.cpp:
3925         (WebCore::HTMLVideoElement::parseAttribute):
3926         (WebCore::HTMLVideoElement::imageSourceURL):
3927         * html/ImageInputType.cpp:
3928         (WebCore::ImageInputType::height):
3929         (WebCore::ImageInputType::width):
3930         * html/InputType.cpp:
3931         (WebCore::InputType::applyStep):
3932         * html/MediaElementSession.cpp:
3933         (WebCore::MediaElementSession::wirelessVideoPlaybackDisabled):
3934         * html/MonthInputType.cpp:
3935         (WebCore::MonthInputType::createStepRange):
3936         * html/NumberInputType.cpp:
3937         (WebCore::NumberInputType::createStepRange):
3938         (WebCore::NumberInputType::sizeShouldIncludeDecoration):
3939         * html/RangeInputType.cpp:
3940         (WebCore::RangeInputType::createStepRange):
3941         (WebCore::RangeInputType::handleKeydownEvent):
3942         * html/TextFieldInputType.cpp:
3943         (WebCore::TextFieldInputType::appendFormData):
3944         (WebCore::TextFieldInputType::updateAutoFillButton):
3945         * html/TimeInputType.cpp:
3946         (WebCore::TimeInputType::createStepRange):
3947         * html/ValidationMessage.cpp:
3948         (WebCore::ValidationMessage::updateValidationMessage):
3949         * html/WeekInputType.cpp:
3950         (WebCore::WeekInputType::createStepRange):
3951         * html/track/WebVTTElement.cpp:
3952         (WebCore::WebVTTElement::createEquivalentHTMLElement):
3953         * inspector/InspectorPageAgent.cpp:
3954         (WebCore::InspectorPageAgent::buildObjectForFrame):
3955         * loader/FormSubmission.cpp:
3956         (WebCore::FormSubmission::create):
3957         * loader/FrameLoader.cpp:
3958         (WebCore::FrameLoader::defaultSubstituteDataForURL):
3959         * loader/ImageLoader.cpp:
3960         (WebCore::ImageLoader::updateFromElement):
3961         * loader/SubframeLoader.cpp:
3962         (WebCore::SubframeLoader::isPluginContentAllowedByContentSecurityPolicy):
3963         * mathml/MathMLElement.cpp:
3964         (WebCore::MathMLElement::colSpan):
3965         (WebCore::MathMLElement::rowSpan):
3966         (WebCore::MathMLElement::childShouldCreateRenderer):
3967         (WebCore::MathMLElement::defaultEventHandler):
3968         (WebCore::MathMLElement::cachedMathMLLength):
3969         * mathml/MathMLFractionElement.cpp:
3970         (WebCore::MathMLFractionElement::lineThickness):
3971         (WebCore::MathMLFractionElement::cachedFractionAlignment):
3972         * mathml/MathMLSelectElement.cpp:
3973         (WebCore::MathMLSelectElement::getSelectedActionChildAndIndex):
3974         (WebCore::MathMLSelectElement::getSelectedActionChild):
3975         (WebCore::MathMLSelectElement::getSelectedSemanticsChild):
3976         (WebCore::MathMLSelectElement::defaultEventHandler):
3977         (WebCore::MathMLSelectElement::willRespondToMouseClickEvents):
3978         (WebCore::MathMLSelectElement::toggle):
3979         * page/EventHandler.cpp:
3980         (WebCore::findDropZone):
3981         * page/Frame.cpp:
3982         (WebCore::Frame::matchLabelsAgainstElement):
3983         * page/PageSerializer.cpp:
3984         (WebCore::PageSerializer::serializeFrame):
3985         * platform/win/PasteboardWin.cpp:
3986         (WebCore::Pasteboard::writeImageToDataObject):
3987         * rendering/HitTestResult.cpp:
3988         (WebCore::HitTestResult::altDisplayString):
3989         * rendering/RenderDetailsMarker.cpp: