Web Inspector: Add rulers and guides
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2018-05-15  Devin Rousso  <webkit@devinrousso.com>
2
3         Web Inspector: Add rulers and guides
4         https://bugs.webkit.org/show_bug.cgi?id=32263
5         <rdar://problem/19281564>
6
7         Reviewed by Matt Baker.
8
9         This patch is purely a visual change for WebInspector, and doesn't affect anything else.
10
11         * inspector/InspectorOverlay.h:
12         * inspector/InspectorOverlay.cpp:
13         (WebCore::InspectorOverlay::update):
14         (WebCore::InspectorOverlay::reset):
15         (WebCore::InspectorOverlay::drawGutter): Deleted.
16
17         * inspector/InspectorOverlayPage.html:
18         * inspector/InspectorOverlayPage.js:
19         (Bounds): Added.
20         (Bounds.prototype.get minX): Added.
21         (Bounds.prototype.get minY): Added.
22         (Bounds.prototype.get maxX): Added.
23         (Bounds.prototype.get maxY): Added.
24         (Bounds.prototype.update): Added.
25         (drawNodeHighlight):
26         (drawQuadHighlight):
27         (reset):
28         (_isolateActions): Added.
29         (_quadToPath): Added.
30         (_quadToPath.parseQuadPoint): Added.
31         (_drawOutlinedQuad): Added.
32         (_drawPath): Added.
33         (_drawPath.parsePoints): Added.
34         (_drawOutlinedQuadWithClip): Added.
35         (_drawElementTitle):
36         (_drawShapeHighlight):
37         (_drawFragmentHighlight):
38         (_drawRulers): Added.
39         (quadToPath): Deleted.
40         (drawOutlinedQuad): Deleted.
41         (pathCommand): Deleted.
42         (drawPath): Deleted.
43         (drawOutlinedQuadWithClip): Deleted.
44         (drawGutter): Deleted.
45         * inspector/InspectorOverlayPage.css:
46         (#log): Added.
47         (#right-gutter): Deleted.
48         (#bottom-gutter): Deleted.
49
50 2018-05-15  Jer Noble  <jer.noble@apple.com>
51
52         Media continues loading after rendered invisible (removed from DOM; scrolled off screen)
53         https://bugs.webkit.org/show_bug.cgi?id=185487
54
55         Reviewed by Eric Carlson.
56
57         Test: media/video-buffering-allowed.html
58
59         When a media element is removed from the dom (e.g. through innerHTML=""), it doesn't
60         necessarily stop loading media data; it will continue to do so until its destructor is
61         called through garbage collection. Similarly, when a media element is rendered not-visible
62         by being scrolled off-screen or being made display:none, media loading continues. There
63         are legitimate use cases for out-of-DOM media loading, so only temporarily block loading
64         when the element transitions out of the document. Similarly, only block loading for non-visible
65         media elements when returning from the "page is hidden" state, and only until the media
66         element is asked to play or is otherwise made visible.
67
68         Note: this refactors a lot of code out of PlatformMediaSession and into MediaElementSession,
69         since this code is specific to "media elements".
70
71         * html/HTMLMediaElement.cpp:
72         (WebCore::HTMLMediaElement::HTMLMediaElement):
73         (WebCore::HTMLMediaElement::insertedIntoAncestor):
74         (WebCore::HTMLMediaElement::removedFromAncestor):
75         (WebCore::HTMLMediaElement::playInternal):
76         (WebCore::HTMLMediaElement::stopWithoutDestroyingMediaPlayer):
77         (WebCore::HTMLMediaElement::resume):
78         (WebCore::HTMLMediaElement::visibilityStateChanged):
79         (WebCore::HTMLMediaElement::createMediaPlayer):
80         (WebCore::HTMLMediaElement::setShouldBufferData):
81         (WebCore::HTMLMediaElement::purgeBufferedDataIfPossible):
82         (WebCore::HTMLMediaElement::isVisibleInViewportChanged):
83         (WebCore::HTMLMediaElement::fullscreenModeChanged):
84         (WebCore::HTMLMediaElement::setInActiveDocument):
85         * html/HTMLMediaElement.h:
86         (WebCore::HTMLMediaElement::shouldBufferData const):
87         (WebCore::HTMLMediaElement::elementIsHidden const):
88         * html/MediaElementSession.cpp:
89         (WebCore::MediaElementSession::MediaElementSession):
90         (WebCore::MediaElementSession::clientWillBeginAutoplaying):
91         (WebCore::MediaElementSession::clientWillBeginPlayback):
92         (WebCore::MediaElementSession::clientWillPausePlayback):
93         (WebCore::MediaElementSession::visibilityChanged):
94         (WebCore::MediaElementSession::isVisibleInViewportChanged):
95         (WebCore::MediaElementSession::inActiveDocumentChanged):
96         (WebCore::MediaElementSession::scheduleClientDataBufferingCheck):
97         (WebCore::MediaElementSession::clientDataBufferingTimerFired):
98         (WebCore::MediaElementSession::updateClientDataBuffering):
99         (WebCore::MediaElementSession::dataBufferingPermitted const):
100         (WebCore::MediaElementSession::wantsToObserveViewportVisibilityForAutoplay const):
101         * html/MediaElementSession.h:
102         * platform/audio/PlatformMediaSession.cpp:
103         (WebCore::PlatformMediaSession::PlatformMediaSession):
104         (WebCore::PlatformMediaSession::clientWillBeginAutoplaying):
105         (WebCore::PlatformMediaSession::clientWillBeginPlayback):
106         (WebCore::PlatformMediaSession::clientWillPausePlayback):
107         (): Deleted.
108         (WebCore::PlatformMediaSession::visibilityChanged): Deleted.
109         (WebCore::PlatformMediaSession::scheduleClientDataBufferingCheck): Deleted.
110         (WebCore::PlatformMediaSession::clientDataBufferingTimerFired): Deleted.
111         (WebCore::PlatformMediaSession::updateClientDataBuffering): Deleted.
112         (WebCore::PlatformMediaSession::isHidden const): Deleted.
113         * platform/audio/PlatformMediaSession.h:
114         (WebCore::PlatformMediaSessionClient::setShouldBufferData): Deleted.
115         (WebCore::PlatformMediaSessionClient::elementIsHidden const): Deleted.
116         * platform/audio/PlatformMediaSessionManager.cpp:
117         (WebCore::PlatformMediaSessionManager::sessionCanLoadMedia const): Deleted.
118         * platform/audio/PlatformMediaSessionManager.h:
119         * platform/audio/ios/MediaSessionManagerIOS.h:
120         * platform/audio/ios/MediaSessionManagerIOS.mm:
121         (WebCore::MediaSessionManageriOS::sessionCanLoadMedia const): Deleted.
122         * rendering/RenderVideo.cpp:
123         (WebCore::RenderVideo::willBeDestroyed):
124         * testing/Internals.cpp:
125         (WebCore::Internals::elementShouldBufferData):
126         * testing/Internals.h:
127         * testing/Internals.idl:
128
129 2018-05-15  Charles Vazac  <cvazac@gmail.com>
130
131         Add the PerformanceServerTiming Interface which makes Server-Timing header timing values available to JavaScript running in the browser.
132         https://bugs.webkit.org/show_bug.cgi?id=175569
133
134         Reviewed by Youenn Fablet.
135
136         Tests were imported from web-platform-tests: WebKit/LayoutTests/imported/w3c/web-platform-tests/server-timing/*
137
138         * Sources.txt: Added references to HeaderFieldTokenizer.cpp, ServerTiming.cpp, and ServerTimingParser.cpp.
139         * WebCore.xcodeproj/project.pbxproj: Added various files.
140         * loader/HeaderFieldTokenizer.cpp: Added.
141         (WebCore::HeaderFieldTokenizer::HeaderFieldTokenizer): Added class for tokenizing header values.
142         (WebCore::HeaderFieldTokenizer::consume): Added method to consume a specified character.
143         (WebCore::HeaderFieldTokenizer::consumeQuotedString): Added method to consume a quote-string.
144         (WebCore::HeaderFieldTokenizer::consumeToken): Added a method to consume a token.
145         (WebCore::HeaderFieldTokenizer::consumeTokenOrQuotedString): Added method to consume a quote-string or quote-string, depending on net character.
146         (WebCore::HeaderFieldTokenizer::skipSpaces): Added method to skip whitespace.
147         (WebCore::HeaderFieldTokenizer::consumeBeforeAnyCharMatch): Added method to advance the cursor up until any of a list of characters.
148         * loader/HeaderFieldTokenizer.h: Added.
149         * loader/HTTPHeaderField.cpp: Expose isTokenCharacter and isWhitespace.
150         * loader/HTTPHeaderField.h: Expose isTokenCharacter and isWhitespace.
151         * loader/PolicyChecker.cpp: Added #include so source compiled on my machine.
152         * loader/ResourceTiming.cpp:
153         (WebCore::ResourceTiming::ResourceTiming): Added call to initServerTiming to parse the header.
154         (WebCore::ResourceTiming::initServerTiming): Added method to parse the header.
155         (WebCore::ResourceTiming::populateServerTiming): Added method to populate the server timing entries on a PerformanceResourceTiming object.
156         (WebCore::ResourceTiming::isolatedCopy const): Added code to copy over the server timing entries.
157         * loader/ResourceTiming.h:
158         (WebCore::ResourceTiming::ResourceTiming): Accept collection of server timing entries in c'tor.
159         * loader/ServerTiming.cpp: Added.
160         (WebCore::ServerTiming::setParameter): Set named parameters, ignoring unrecognized or duplicates.
161         (WebCore::ServerTiming::isolatedCopy const): Return a new pointer to the object.
162         * loader/ServerTiming.h: Added.
163         (WebCore::ServerTiming::ServerTiming): Added struct for the data needed by a server timing entry.
164         (WebCore::ServerTiming::name const): Added name field of a server timing entry.
165         (WebCore::ServerTiming::duration const): Added duration field of a server timing entry.
166         (WebCore::ServerTiming::description const): Added description field of a server timing entry.
167         * loader/ServerTimingParser.cpp: Added.
168         (WebCore::ServerTimingParser::parseServerTiming): Parses the header generating a collection of server timing structs.
169         * loader/ServerTimingParser.h: Added.
170         * loader/WorkerThreadableLoader.h: Fix build.
171         * page/Performance.cpp:
172         (WebCore::Performance::addResourceTiming): Fixed a typo.
173         * page/PerformanceResourceTiming.cpp:
174         (WebCore::PerformanceResourceTiming::PerformanceResourceTiming): Given a ResourceTiming object, populate our collection of PerformanceServerTiming objects.
175         * page/PerformanceResourceTiming.h: Added serverTiming member and getter.
176         * page/PerformanceResourceTiming.idl: Added serverTiming member to interface.
177         * platform/network/HTTPHeaderNames.in: Added "Server-Timing" to the header enum.
178         * platform/network/ResourceResponseBase.cpp: Added "Server-Timing" to isSafeCrossOriginResponseHeader whitelist.
179
180 2018-05-15  Brady Eidson  <beidson@apple.com>
181
182         Fix crash after a Worker terminates but there are still IDB transactions the server is trying to open for it.
183         <rdar://problem/33744241> and https://bugs.webkit.org/show_bug.cgi?id=185653
184
185         Reviewed by Andy Estes.
186
187         Test: storage/indexeddb/modern/worker-transaction-open-after-worker-stop.html
188
189         * Modules/indexeddb/client/IDBConnectionProxy.cpp:
190         (WebCore::IDBClient::IDBConnectionProxy::didStartTransaction): It's okay to not be able to find a pending TX
191           that the server has started. e.g. When it was a WebWorker that asked for the TX but it has since terminated.
192
193 2018-05-15  Thomas Klausner  <tk@giga.or.at>
194
195         Add missing header to fix build.
196         https://bugs.webkit.org/show_bug.cgi?id=185378
197
198         Reviewed by Michael Catanzaro.
199
200         * platform/network/soup/SoupNetworkSession.h:
201
202 2018-05-15  Carlos Alberto Lopez Perez  <clopez@igalia.com>
203
204         [WPE] Build failure with RPi userland drivers and gstreamer-gl
205         https://bugs.webkit.org/show_bug.cgi?id=185639
206
207         Reviewed by Philippe Normand.
208
209         When building for the RPi with userland drivers (dispmanx) override the
210         value of GST_GL_HAVE_GLSYNC to 1 to avoid that the gstreamer-gl headers
211         try to redefine the GLsync type that is already defined in libepoxy.
212
213         Defining __gl2_h_ is also needed to avoid other conflicting type
214         definitions that happen between libepoxy and RPi GLES2 userland
215         headers when the gstreamer-gl headers are included.
216
217         The issue doesn't happen with 1.14.0, so a check for that is added
218         as well.
219
220         No new tests, no behavior change. It is a build fix.
221
222         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
223
224 2018-05-15  Michael Catanzaro  <mcatanzaro@igalia.com>
225
226         Unreviewed, rolling out r230749
227
228         This did not work as desired.
229
230         * platform/UserAgentQuirks.cpp:
231         (WebCore::urlRequiresMacintoshPlatform):
232
233 2018-05-15  Dirk Schulze  <krit@webkit.org>
234
235         Add new SVGDOM SVGFEBLEND constants
236         https://bugs.webkit.org/show_bug.cgi?id=185581
237
238         Reviewed by Simon Fraser.
239
240         Provide new SVG DOM constants for the new blend modes added to feBlend.
241
242         https://drafts.fxtf.org/filter-effects-1/#InterfaceSVGFEBlendElement
243
244         * platform/graphics/GraphicsTypes.cpp:
245         (WebCore::blendModeName):
246         * platform/graphics/GraphicsTypes.h:
247         * svg/SVGFEBlendElement.h:
248         (WebCore::SVGPropertyTraits<BlendMode>::highestEnumValue):
249         (WebCore::SVGPropertyTraits<BlendMode>::toString):
250         * svg/SVGFEBlendElement.idl:
251
252 2018-05-15  Antoine Quint  <graouts@apple.com>
253
254         [Web Animations] Expose Web Animations CSS integration as an experimental feature
255         https://bugs.webkit.org/show_bug.cgi?id=185647
256
257         Reviewed by Dean Jackson.
258
259         Make the Web Animations CSS integration flag an experimental feature, and only indicate that it is on if the Web Animations
260         experimental feature is also enabled.
261
262         * dom/Document.cpp:
263         (WebCore::Document::didBecomeCurrentDocumentInFrame):
264         (WebCore::Document::resume):
265         * dom/Element.cpp:
266         (WebCore::Element::removedFromAncestor):
267         * dom/PseudoElement.cpp:
268         (WebCore::PseudoElement::clearHostElement):
269         * history/CachedFrame.cpp:
270         (WebCore::CachedFrameBase::restore):
271         * page/Frame.cpp:
272         (WebCore::Frame::clearTimers):
273         * page/FrameView.cpp:
274         (WebCore::FrameView::didDestroyRenderTree):
275         * page/Page.cpp:
276         (WebCore::Page::handleLowModePowerChange):
277         (WebCore::Page::setIsVisibleInternal):
278         (WebCore::Page::hiddenPageCSSAnimationSuspensionStateChanged):
279         * page/RuntimeEnabledFeatures.h:
280         (WebCore::RuntimeEnabledFeatures::setWebAnimationsCSSIntegrationEnabled):
281         (WebCore::RuntimeEnabledFeatures::webAnimationsCSSIntegrationEnabled const):
282         (WebCore::RuntimeEnabledFeatures::setCSSAnimationsAndCSSTransitionsBackedByWebAnimationsEnabled): Deleted.
283         (WebCore::RuntimeEnabledFeatures::cssAnimationsAndCSSTransitionsBackedByWebAnimationsEnabled const): Deleted.
284         * rendering/RenderLayer.cpp:
285         (WebCore::RenderLayer::currentTransform const):
286         (WebCore::RenderLayer::calculateClipRects const):
287         * rendering/RenderLayerBacking.cpp:
288         (WebCore::RenderLayerBacking::updateGeometry):
289         * rendering/RenderLayerCompositor.cpp:
290         (WebCore::RenderLayerCompositor::requiresCompositingForAnimation const):
291         (WebCore::RenderLayerCompositor::isRunningTransformAnimation const):
292         * rendering/updating/RenderTreeUpdater.cpp:
293         (WebCore::RenderTreeUpdater::tearDownRenderers):
294         * style/StyleTreeResolver.cpp:
295         (WebCore::Style::TreeResolver::createAnimatedElementUpdate):
296         * testing/InternalSettings.cpp:
297         (WebCore::InternalSettings::webAnimationsCSSIntegrationEnabled):
298         (WebCore::InternalSettings::cssAnimationsAndCSSTransitionsBackedByWebAnimationsEnabled): Deleted.
299         * testing/InternalSettings.h:
300         * testing/InternalSettings.idl:
301         * testing/Internals.cpp:
302         (WebCore::Internals::numberOfActiveAnimations const):
303         (WebCore::Internals::animationsAreSuspended const):
304         (WebCore::Internals::animationsInterval const):
305         (WebCore::Internals::suspendAnimations const):
306         (WebCore::Internals::resumeAnimations const):
307
308 2018-05-15  David Kilzer  <ddkilzer@apple.com>
309
310         Fix -Wreturn-std-move warnings in WebKit found by new clang compiler
311         <https://webkit.org/b/185621>
312
313         Reviewed by Youenn Fablet.
314
315         Fix warnings like the following:
316
317             In file included from DerivedSources/WebCore/unified-sources/UnifiedSource139.cpp:5:
318             ./Modules/mediastream/PeerConnectionBackend.cpp:412:16: error: local variable 'sdp' will be copied despite being returned by name [-Werror,-Wreturn-std-move]
319                     return sdp;
320                            ^~~
321             ./Modules/mediastream/PeerConnectionBackend.cpp:412:16: note: call 'std::move' explicitly to avoid copying
322                     return sdp;
323                            ^~~
324                            std::move(sdp)
325             1 error generated.
326
327         * Modules/mediastream/PeerConnectionBackend.cpp:
328         (WebCore::PeerConnectionBackend::filterSDP const):
329         * accessibility/AccessibilityObject.cpp:
330         (WebCore::rangeClosestToRange):
331         * bindings/js/JSDOMConvertSequences.h:
332         (WebCore::Detail::GenericSequenceConverter::convert):
333         (WebCore::Detail::NumericSequenceConverter::convertArray):
334         * bindings/js/JSDOMConvertStrings.cpp:
335         (WebCore::stringToByteString):
336         (WebCore::stringToUSVString):
337         - Use WTFMove() in return statements to fix the warnings.
338
339 2018-05-14  Dean Jackson  <dino@apple.com>
340
341         Download and present System Preview
342         https://bugs.webkit.org/show_bug.cgi?id=185459
343         <rdar://problem/40079228>
344
345         Reviewed by Tim Horton.
346
347         If an <a> is a system preview, tell the resource request about it.
348
349         * html/HTMLAnchorElement.cpp:
350         (WebCore::HTMLAnchorElement::handleClick):
351
352 2018-05-15  Antti Koivisto  <antti@apple.com>
353
354         animation-play-state: paused causes very high cpu load because of style invalidation loop
355         https://bugs.webkit.org/show_bug.cgi?id=182436
356         <rdar://problem/37182562>
357
358         Reviewed by Dean Jackson.
359
360         Test: animations/animation-playstate-paused-style-resolution.html
361
362         If the style of an element with 'animation-play-state: paused' is recomputed so it stays
363         paused we would enter zero-duration animation timer loop.
364
365         * page/animation/AnimationBase.cpp:
366         (WebCore::AnimationBase::updateStateMachine):
367
368         Don't move to AnimationState::PausedWaitResponse unless we get AnimationStateInput::StyleAvailable
369         (matching the comments). Otherwise just stay in the existing paused state.
370
371         Remove AnimationStateInput::StartAnimation from assertion as the case can't happen.
372
373 2018-05-14  Youenn Fablet  <youenn@apple.com>
374
375         readableStreamDefaultControllerError should return early if stream is not readable
376         https://bugs.webkit.org/show_bug.cgi?id=185602
377
378         Reviewed by Chris Dumez.
379
380         Return early if stream is not readable in @readableStreamDefaultControllerError.
381         Update call sites to no longer check for ReadableStream state.
382         Covered by unflaked and rebased tests.
383
384         * Modules/streams/ReadableStreamDefaultController.js:
385         (error):
386         * Modules/streams/ReadableStreamInternals.js:
387         (readableStreamDefaultControllerError):
388         (readableStreamDefaultControllerCallPullIfNeeded):
389
390 2018-05-14  Zalan Bujtas  <zalan@apple.com>
391
392         [LFC] Implement width computation for non-replaced block level inflow elements.
393         https://bugs.webkit.org/show_bug.cgi?id=185641
394
395         Reviewed by Sam Weinig.
396
397         Block level inflow elements participate in block formatting context.
398
399         * layout/FormattingContext.cpp:
400         (WebCore::Layout::FormattingContext::computeWidth const):
401         * layout/FormattingContext.h:
402         * layout/blockformatting/BlockFormattingContext.cpp:
403         (WebCore::Layout::BlockFormattingContext::computeInFlowWidth const):
404         * layout/blockformatting/BlockFormattingContext.h:
405         * layout/inlineformatting/InlineFormattingContext.cpp:
406         (WebCore::Layout::InlineFormattingContext::computeInFlowWidth const):
407         * layout/inlineformatting/InlineFormattingContext.h:
408
409 2018-05-14  Wenson Hsieh  <wenson_hsieh@apple.com>
410
411         Unreviewed, fix the iOS build after r231779
412
413         Also address a minor in-person review comment by returning "extrazoom" instead of the empty string.
414
415         * page/DisabledAdaptations.cpp:
416         (WebCore::extraZoomModeAdaptationName):
417
418 2018-05-14  Zalan Bujtas  <zalan@apple.com>
419
420         [LFC] FormattingContext:computeOutOfFlowNonReplacedHeight/Width should use the computed margins/paddings/borders
421         https://bugs.webkit.org/show_bug.cgi?id=185633
422
423         Reviewed by Sam Weinig.
424
425         By the time we start computing height and width, DisplayBox should already have the computed values for margin/padding/border.
426
427         * layout/FormattingContext.cpp:
428         (WebCore::Layout::FormattingContext::computeOutOfFlowNonReplacedHeight const):
429         (WebCore::Layout::FormattingContext::computeOutOfFlowNonReplacedWidth const):
430         * layout/displaytree/DisplayBox.h:
431         (WebCore::Display::Box::paddingTop const):
432         (WebCore::Display::Box::paddingLeft const):
433         (WebCore::Display::Box::paddingBottom const):
434         (WebCore::Display::Box::paddingRight const):
435         (WebCore::Display::Box::borderTop const):
436         (WebCore::Display::Box::borderLeft const):
437         (WebCore::Display::Box::borderBottom const):
438         (WebCore::Display::Box::borderRight const):
439
440 2018-05-14  Wenson Hsieh  <wenson_hsieh@apple.com>
441
442         [Extra zoom mode] Google search results are excessively zoomed in
443         https://bugs.webkit.org/show_bug.cgi?id=185347
444         <rdar://problem/39999778>
445
446         Reviewed by Tim Horton.
447
448         It turns out that basing minimum layout size and shrink-to-fit behaviors off of the `shrink-to-fit` viewport
449         argument poses compatibility risks with web pages that already specify `shrink-to-fit` to opt out of default
450         viewport shrinking behaviors in 1/3 multitasking mode on iPad.
451
452         One way to resolve this is to introduce a new viewport meta content attribute to disable viewport heuristics in
453         extra zoom mode. However, combined shrink-to-fit and minimum device width behaviors are difficult to describe
454         using a single backwards-compatible viewport meta content attribute, and the need to suppress the default
455         behavior of `shrink-to-fit=no` if such an attribute is not disabled further muddles our viewport story.
456
457         After some internal deliberation, we’ve decided to experiment with a new meta tag named "disabled-adaptations".
458         The content of this meta tag is a comma-separated list of adaptation names; if an adaptation name matches a
459         known adaptation type (for instance, extra zoom mode), we disable the class of behaviors used to adapt web
460         content. The first and only known adaptation type is extra zoom mode, which affects `shrink-to-fit` and layout
461         size adjustments.
462
463         See per-method changes below for more details.
464
465         Test: fast/viewport/extrazoom/viewport-disable-extra-zoom-adaptations.html
466
467         * Sources.txt:
468         * WebCore.xcodeproj/project.pbxproj:
469         * dom/Document.cpp:
470         (WebCore::Document::processDisabledAdaptations):
471         * dom/Document.h:
472         (WebCore::Document::disabledAdaptations const):
473
474         Add disabled adaptations to Document. Changes to disabled adaptations are not propagated if the parsed disabled
475         adaptation types don't change; upon changing adaptation types, notify the client to adjust for the new disabled
476         adaptations (currently, this only affects the viewport configuration).
477
478         * dom/ViewportArguments.h:
479         * html/HTMLMetaElement.cpp:
480         (WebCore::HTMLMetaElement::process):
481         * html/parser/HTMLPreloadScanner.cpp:
482         (WebCore::TokenPreloadScanner::StartTagScanner::StartTagScanner):
483         (WebCore::TokenPreloadScanner::StartTagScanner::processAttributes):
484         (WebCore::TokenPreloadScanner::StartTagScanner::processAttribute):
485         * loader/FrameLoader.cpp:
486         (WebCore::FrameLoader::commitProvisionalLoad):
487
488         Restore the set of disabled adaptations when restoring a page from the cache.
489
490         * page/Chrome.cpp:
491         (WebCore::Chrome::dispatchDisabledAdaptationsDidChange const):
492         * page/Chrome.h:
493         * page/ChromeClient.h:
494
495         Add plumbing for changes to the set of disabled adaptations.
496
497         * page/DisabledAdaptations.cpp: Added.
498         (WebCore::extraZoomModeAdaptationName):
499         * page/DisabledAdaptations.h: Added.
500
501         Introduce a header containing a new enum for the extra zoom mode adaptation, as well as a helper function to
502         return the extra zoom mode adaptation name.
503
504         * page/Page.cpp:
505         (WebCore::Page::disabledAdaptations const):
506
507         Returns the mainframe's set of adaptations to disable.
508
509         * page/Page.h:
510         * page/RemoteFrame.h:
511         * page/RuntimeEnabledFeatures.h:
512         (WebCore::RuntimeEnabledFeatures::setDisabledAdaptationsMetaTagEnabled):
513         (WebCore::RuntimeEnabledFeatures::disabledAdaptationsMetaTagEnabled const):
514
515         Add a new runtime feature to gate handling the "disabled-adaptations" meta tag.
516
517         * page/ViewportConfiguration.cpp:
518         (WebCore::shouldOverrideShrinkToFitArgument):
519         (WebCore::needsUpdateAfterChangingDisabledAdaptations):
520         (WebCore::ViewportConfiguration::setDisabledAdaptations):
521         (WebCore::ViewportConfiguration::shouldOverrideDeviceWidthAndShrinkToFit const):
522
523         Consult whether or not extra zoom mode adaptations are disabled, instead of the shrink-to-fit attribute value.
524
525         (WebCore::ViewportConfiguration::updateConfiguration):
526         * page/ViewportConfiguration.h:
527
528         Add an OptionSet of disabled adaptation types to ViewportConfiguration. Updates to the adaptation type are
529         propagated to the ViewportConfiguration from Document, through the ChromeClient and the client layer (refer to
530         changes in WebKit). Once the OptionSet is changed, we recompute the viewport configuration only if needed by the
531         platform.
532
533         (WebCore::ViewportConfiguration::viewLayoutSize const):
534         (WebCore::ViewportConfiguration::disabledAdaptations const):
535         * page/WindowFeatures.cpp:
536         (WebCore::parseDisabledAdaptations):
537         * page/WindowFeatures.h:
538
539         Add a new helper to parse the meta content of a "disabled-adaptations" tag as an OptionSet of disabled
540         adaptation types. The string is parsed by first splitting on the comma character, and then iterating over lower
541         case, whitespace-stripped tokens to look for known adaptation names. So far, only extra zoom mode is supported.
542
543         * testing/Internals.cpp:
544         (WebCore::Internals::extraZoomModeAdaptationName const):
545         * testing/Internals.h:
546         * testing/Internals.idl:
547
548         Expose the extra zoom mode adaptation name to the DOM, only when running layout tests.
549
550 2018-05-14  Joanmarie Diggs  <jdiggs@igalia.com>
551
552         AX: Listbox and Combobox roles embedded in labels should participate in name calculation
553         https://bugs.webkit.org/show_bug.cgi?id=185521
554
555         Reviewed by Chris Fleizach.
556
557         Take selected children into account when computing the name in accessibleNameForNode.
558         Add ListBox to the roles for which accessibleNameDerivesFromContent returns false so
559         that native select elements with size > 1 are treated the same way as ARIA listbox.
560         Also add ListBox to the roles which are treated as controls when used in ARIA. Finally,
561         prevent labels which contain unrelated controls from being used as an AXTitleUIElement.
562         This causes us to build a string from the label and its descendants, ensuring the latter
563         participate in the name calculation.
564
565         Test: accessibility/text-alternative-calculation-from-listbox.html
566
567         * accessibility/AccessibilityLabel.cpp:
568         (WebCore::childrenContainUnrelatedControls):
569         (WebCore::AccessibilityLabel::containsUnrelatedControls const):
570         * accessibility/AccessibilityLabel.h:
571         * accessibility/AccessibilityNodeObject.cpp:
572         (WebCore::accessibleNameForNode):
573         * accessibility/AccessibilityObject.cpp:
574         (WebCore::AccessibilityObject::accessibleNameDerivesFromContent const):
575         (WebCore::AccessibilityObject::isARIAControl):
576         * accessibility/AccessibilityRenderObject.cpp:
577         (WebCore::AccessibilityRenderObject::exposesTitleUIElement const):
578         (WebCore::AccessibilityRenderObject::computeAccessibilityIsIgnored const):
579
580 2018-05-14  Antoine Quint  <graouts@apple.com>
581
582         [Web Animations] Tests using the new animation engine may crash under WebCore::FrameView::didDestroyRenderTree when using internals methods
583         https://bugs.webkit.org/show_bug.cgi?id=185612
584         <rdar://problem/39579344>
585
586         Reviewed by Dean Jackson.
587
588         Add a new internals.pseudoElement() method to obtain a pseudo element matching a given pseudo-id. This is necessary to be able to move off
589         internals.pauseTransitionAtTimeOnPseudoElement() and internals.pauseAnimationAtTimeOnPseudoElement() for Web Animations testing.
590
591         * testing/Internals.cpp:
592         (WebCore::Internals::pseudoElement):
593         * testing/Internals.h:
594         * testing/Internals.idl:
595
596 2018-05-14  Antoine Quint  <graouts@apple.com>
597
598         REGRESSION (r230574): Interrupted hardware transitions don't behave correctly
599         https://bugs.webkit.org/show_bug.cgi?id=185299
600         <rdar://problem/39630230>
601
602         Reviewed by Simon Fraser.
603
604         In r230574, the fix for webkit.org/b/184518, we changed the processing order in GraphicsLayerCA::updateAnimations() to first
605         process m_uncomittedAnimations and then m_animationsToProcess, so we are guaranteed animations exist before we attempt to pause
606         or seek them. This broke interrupting and resuming hardware animations (such as an interrupted CSS Transition or an animation
607         running in a non-visible tab) since a pause operation recorded _before_ an animation was added would be paused anyway since
608         the animation was now first added, and then paused. The fix is simply to clear any pending AnimationProcessingAction for a
609         newly-uncommitted animation.
610
611         Test: transitions/interrupted-transition-hardware.html
612
613         * platform/graphics/ca/GraphicsLayerCA.cpp:
614         (WebCore::GraphicsLayerCA::createAnimationFromKeyframes):
615         (WebCore::GraphicsLayerCA::appendToUncommittedAnimations):
616         (WebCore::GraphicsLayerCA::createTransformAnimationsFromKeyframes):
617         * platform/graphics/ca/GraphicsLayerCA.h:
618         (WebCore::GraphicsLayerCA::LayerPropertyAnimation::LayerPropertyAnimation):
619
620 2018-05-14  Thibault Saunier  <tsaunier@igalia.com>
621
622         [GStreamer] Fix style issue in MediaPlayerPrivateGStreamerBase
623         https://bugs.webkit.org/show_bug.cgi?id=185510
624
625         Reviewed by Philippe Normand.
626
627         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:629:  More than one command on the same line  [whitespace/newline] [4]
628         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:684:  More than one command on the same line  [whitespace/newline] [4]
629         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:807:  More than one command on the same line  [whitespace/newline] [4]
630
631         Indentation and style issue fixed only.
632
633         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
634         (WebCore::MediaPlayerPrivateGStreamerBase::volumeChangedCallback):
635         (WebCore::MediaPlayerPrivateGStreamerBase::muteChangedCallback):
636         (WebCore::MediaPlayerPrivateGStreamerBase::triggerRepaint):
637
638 2018-05-14  Zalan Bujtas  <zalan@apple.com>
639
640         [LFC] Implement height computation for non-replaced out of flow elements.
641         https://bugs.webkit.org/show_bug.cgi?id=185585
642
643         Reviewed by Antti Koivisto.
644
645         * layout/FormattingContext.cpp:
646         (WebCore::Layout::FormattingContext::computeHeight const):
647         (WebCore::Layout::FormattingContext::computeOutOfFlowHeight const):
648         (WebCore::Layout::FormattingContext::layoutOutOfFlowDescendants const):
649         (WebCore::Layout::FormattingContext::computeOutOfFlowNonReplacedHeight const):
650         (WebCore::Layout::FormattingContext::computeHeightForBlockFormattingContextRootWithAutoHeight const):
651         * layout/FormattingContext.h:
652         * layout/blockformatting/BlockFormattingContext.h:
653         * layout/displaytree/DisplayBox.h:
654
655 2018-05-14  Manuel Rego Casasnovas  <rego@igalia.com>
656
657         Renaming of overrides in LayoutBox
658         https://bugs.webkit.org/show_bug.cgi?id=185609
659
660         Reviewed by Javier Fernandez.
661
662         The names of the methods for the overrides were not consistent,
663         this patch fixes it by using the same structure in all the cases.
664
665         No new tests, no change of behavior.
666
667         * rendering/GridLayoutFunctions.cpp:
668         (WebCore::GridLayoutFunctions::hasOverrideContainingBlockContentSizeForChild):
669         * rendering/GridTrackSizingAlgorithm.cpp:
670         (WebCore::GridTrackSizingAlgorithmStrategy::logicalHeightForChild const):
671         * rendering/RenderBlock.cpp:
672         (WebCore::RenderBlock::computeChildPreferredLogicalWidths const):
673         (WebCore::RenderBlock::availableLogicalHeightForPercentageComputation const):
674         * rendering/RenderBlockFlow.cpp:
675         (WebCore::RenderBlockFlow::fitBorderToLinesIfNeeded):
676         * rendering/RenderBlockLineLayout.cpp:
677         (WebCore::RenderBlockFlow::updateRubyForJustifiedText):
678         * rendering/RenderBox.cpp:
679         (WebCore::RenderBox::willBeDestroyed):
680         (WebCore::RenderBox::hasOverrideContentLogicalHeight const):
681         (WebCore::RenderBox::hasOverrideContentLogicalWidth const):
682         (WebCore::RenderBox::setOverrideContentLogicalHeight):
683         (WebCore::RenderBox::setOverrideContentLogicalWidth):
684         (WebCore::RenderBox::clearOverrideContentLogicalHeight):
685         (WebCore::RenderBox::clearOverrideContentLogicalWidth):
686         (WebCore::RenderBox::clearOverrideContentSize):
687         (WebCore::RenderBox::overrideContentLogicalWidth const):
688         (WebCore::RenderBox::overrideContentLogicalHeight const):
689         (WebCore::RenderBox::overrideContainingBlockContentLogicalWidth const):
690         (WebCore::RenderBox::overrideContainingBlockContentLogicalHeight const):
691         (WebCore::RenderBox::hasOverrideContainingBlockContentLogicalWidth const):
692         (WebCore::RenderBox::hasOverrideContainingBlockContentLogicalHeight const):
693         (WebCore::RenderBox::setOverrideContainingBlockContentLogicalWidth):
694         (WebCore::RenderBox::setOverrideContainingBlockContentLogicalHeight):
695         (WebCore::RenderBox::clearOverrideContainingBlockContentSize):
696         (WebCore::RenderBox::clearOverrideContainingBlockContentLogicalHeight):
697         (WebCore::RenderBox::containingBlockLogicalWidthForContent const):
698         (WebCore::RenderBox::containingBlockLogicalHeightForContent const):
699         (WebCore::RenderBox::perpendicularContainingBlockLogicalHeight const):
700         (WebCore::RenderBox::computeLogicalWidthInFragment const):
701         (WebCore::RenderBox::computeLogicalHeight const):
702         (WebCore::RenderBox::computePercentageLogicalHeight const):
703         (WebCore::RenderBox::computeReplacedLogicalHeightUsing const):
704         (WebCore::RenderBox::availableLogicalHeightUsing const):
705         (WebCore::RenderBox::containingBlockLogicalWidthForPositioned const):
706         (WebCore::RenderBox::containingBlockLogicalHeightForPositioned const):
707         * rendering/RenderBox.h:
708         * rendering/RenderBoxModelObject.cpp:
709         (WebCore::RenderBoxModelObject::hasAutoHeightOrContainingBlockWithAutoHeight const):
710         * rendering/RenderDeprecatedFlexibleBox.cpp:
711         (WebCore::contentWidthForChild):
712         (WebCore::contentHeightForChild):
713         (WebCore::gatherFlexChildrenInfo):
714         (WebCore::RenderDeprecatedFlexibleBox::layoutHorizontalBox):
715         (WebCore::RenderDeprecatedFlexibleBox::layoutVerticalBox):
716         (WebCore::RenderDeprecatedFlexibleBox::applyLineClamp):
717         (WebCore::RenderDeprecatedFlexibleBox::clearLineClamp):
718         * rendering/RenderFlexibleBox.cpp:
719         (WebCore::RenderFlexibleBox::computeInnerFlexBaseSizeForChild):
720         (WebCore::RenderFlexibleBox::crossSizeForPercentageResolution):
721         (WebCore::RenderFlexibleBox::mainSizeForPercentageResolution):
722         (WebCore::RenderFlexibleBox::constructFlexItem):
723         (WebCore::RenderFlexibleBox::setOverrideMainAxisContentSizeForChild):
724         (WebCore::RenderFlexibleBox::applyStretchAlignmentToChild):
725         * rendering/RenderFullScreen.cpp:
726         (WebCore::RenderFullScreen::unwrapRenderer):
727         * rendering/RenderGrid.cpp:
728         (WebCore::RenderGrid::layoutBlock):
729         (WebCore::RenderGrid::layoutGridItems):
730         (WebCore::RenderGrid::applyStretchAlignmentToChildIfNeeded):
731         * rendering/RenderRubyBase.cpp:
732         (WebCore::RenderRubyBase::adjustInlineDirectionLineBounds const):
733         * rendering/RenderTableCell.cpp:
734         (WebCore::RenderTableCell::setOverrideContentLogicalHeightFromRowHeight):
735         * rendering/RenderTableCell.h:
736         * rendering/RenderTableSection.cpp:
737         (WebCore::RenderTableSection::calcRowLogicalHeight):
738         (WebCore::RenderTableSection::relayoutCellIfFlexed):
739
740 2018-05-14  Zalan Bujtas  <zalan@apple.com>
741
742         [LFC] Implement width computation for non-replaced out of flow elements.
743         https://bugs.webkit.org/show_bug.cgi?id=185598
744
745         Reviewed by Antti Koivisto.
746
747         * layout/FormattingContext.cpp:
748         (WebCore::Layout::FormattingContext::computeWidth const):
749         (WebCore::Layout::FormattingContext::computeOutOfFlowWidth const):
750         (WebCore::Layout::FormattingContext::layoutOutOfFlowDescendants const):
751         (WebCore::Layout::FormattingContext::computeOutOfFlowNonReplacedWidth const):
752         (WebCore::Layout::FormattingContext::shrinkToFitWidth const):
753         * layout/FormattingContext.h:
754         * layout/blockformatting/BlockFormattingContext.cpp:
755         (WebCore::Layout::BlockFormattingContext::layout const):
756         * layout/displaytree/DisplayBox.h:
757
758 2018-05-14  Zan Dobersek  <zdobersek@igalia.com>
759
760         Drop the m_compositorTexture member variable in TextureMapperGC3DPlatformLayer.
761         It's not used at all inside the class or outside it.
762
763         Rubber-stamped by Michael Catanzaro.
764
765         * platform/graphics/texmap/TextureMapperGC3DPlatformLayer.h:
766
767 2018-05-14  Zan Dobersek  <zdobersek@igalia.com>
768
769         [GTK] REGRESSION(r231170) Build broken with Clang 5.0
770         https://bugs.webkit.org/show_bug.cgi?id=185198
771
772         Reviewed by Michael Catanzaro.
773
774         Avoid gperf files using the register keyword which has been made
775         reserved and as such unusable in C++17.
776
777         * css/makeSelectorPseudoClassAndCompatibilityElementMap.py:
778         * css/makeSelectorPseudoElementsMap.py:
779         * css/makeprop.pl:
780         * css/makevalues.pl:
781         * platform/ColorData.gperf:
782         * platform/ReferrerPolicy.h: With std::optional forward declaration
783         gone, explicitly include the WTF Optional.h header.
784         * platform/Theme.h: Ditto.
785         * platform/network/create-http-header-name-table:
786
787 2018-05-14  Commit Queue  <commit-queue@webkit.org>
788
789         Unreviewed, rolling out r219515.
790         https://bugs.webkit.org/show_bug.cgi?id=185603
791
792         It sometimes makes AudioUnitInitialize call to fail in
793         CoreAudioCaptureSource (Requested by youenn on #webkit).
794
795         Reverted changeset:
796
797         "Remove CoreAudioCaptureSource speaker configuration"
798         https://bugs.webkit.org/show_bug.cgi?id=174512
799         https://trac.webkit.org/changeset/219515
800
801 2018-05-13  Dirk Schulze  <krit@webkit.org>
802
803         Implement SVGGeometryElement's isPointInFill and isPointInStroke
804         https://bugs.webkit.org/show_bug.cgi?id=185580
805
806         Reviewed by Antti Koivisto.
807
808         Implement isPointInFill and isPointInStroke methods for
809         SVGGeometryElement interface from SVG2.
810
811         https://svgwg.org/svg2-draft/types.html#InterfaceSVGGeometryElement
812
813         Tests: svg/dom/SVGGeometry-isPointInFill.xhtml
814                svg/dom/SVGGeometry-isPointInStroke.xhtml
815
816         * rendering/svg/RenderSVGEllipse.cpp:
817         (WebCore::RenderSVGEllipse::shapeDependentStrokeContains): Flag
818                 to switch between local and "global" coordinate space for hit testing.
819         * rendering/svg/RenderSVGEllipse.h:
820         * rendering/svg/RenderSVGPath.cpp:
821         (WebCore::RenderSVGPath::shapeDependentStrokeContains): Flag
822                 to switch between local and "global" coordinate space for hit testing.
823         * rendering/svg/RenderSVGPath.h:
824         * rendering/svg/RenderSVGRect.cpp:
825         (WebCore::RenderSVGRect::shapeDependentStrokeContains): Flag
826                 to switch between local and "global" coordinate space for hit testing.
827         * rendering/svg/RenderSVGRect.h:
828         * rendering/svg/RenderSVGShape.cpp:
829         (WebCore::RenderSVGShape::shapeDependentStrokeContains): Flag
830                 to switch between local and "global" coordinate space for hit testing.
831         (WebCore::RenderSVGShape::isPointInFill): Take the winding rule given by
832                 `fill-rule` to test if a given point is in the fill area of a path.
833         (WebCore::RenderSVGShape::isPointInStroke): Take stroke properties into
834                 account to check if a point is on top of the stroke area.
835         * rendering/svg/RenderSVGShape.h:
836         * svg/SVGGeometryElement.cpp:
837         (WebCore::SVGGeometryElement::isPointInFill):
838         (WebCore::SVGGeometryElement::isPointInStroke):
839         (WebCore::SVGGeometryElement::createElementRenderer): Deleted. This is getting implemented
840                 by inheriting classes. No need to create RenderSVGPath here.
841         * svg/SVGGeometryElement.h:
842         * svg/SVGGeometryElement.idl:
843
844 2018-05-12  Zalan Bujtas  <zalan@apple.com>
845
846         Use WeakPtr for m_enclosingPaginationLayer in RenderLayer
847         https://bugs.webkit.org/show_bug.cgi?id=185566
848         <rdar://problem/36486052>
849
850         Reviewed by Simon Fraser.
851
852         Since RenderLayer does not own the enclosing pagination layout, it should
853         construct a weak pointer instead of holding on to a raw pointer.
854
855         Unable to create a reliably reproducible test case.
856
857         * page/mac/EventHandlerMac.mm:
858         (WebCore::scrollableAreaForEventTarget):
859         (WebCore::scrollableAreaForContainerNode):
860         (WebCore::EventHandler::platformPrepareForWheelEvents):
861         * platform/ScrollableArea.h:
862         (WebCore::ScrollableArea::weakPtrFactory const):
863         (WebCore::ScrollableArea::createWeakPtr): Deleted.
864         * rendering/RenderLayer.cpp:
865         (WebCore::RenderLayer::RenderLayer):
866         (WebCore::RenderLayer::updatePagination):
867         * rendering/RenderLayer.h:
868
869 2018-05-11  Daniel Bates  <dabates@apple.com>
870
871         X-Frame-Options: SAMEORIGIN needs to check all ancestor frames
872         https://bugs.webkit.org/show_bug.cgi?id=185567
873         <rdar://problem/40175008>
874
875         Reviewed by Brent Fulgham.
876
877         Change the behavior of "X-Frame-Options: SAMEORIGIN" to ensure that all ancestors frames
878         are same-origin with the document that delivered this header. This prevents an intermediary
879         malicious frame from clickjacking a child frame whose document is same-origin with the top-
880         level frame. It also makes the behavior of X-Frame-Options in WebKit more closely match
881         the behavior of X-Frame-Options in other browsers, including Chrome and Firefox.
882         
883         Currently a document delivered with "X-Frame-Options: SAMEORIGIN" must only be same-origin
884         with the top-level frame's document in order to be displayed. This prevents clickjacking by
885         a malicious page that embeds a page delivered with "X-Frame-Options: SAMEORIGIN". However,
886         it does not protect against clickjacking of the "X-Frame-Options: SAMEORIGIN" page (victim)
887         if embedded by an intermediate malicious iframe, say a "rogue ad", that was embedded in a
888         document same origin with the victim page. We should protect against such attacks. 
889
890         Tests: http/tests/security/XFrameOptions/x-frame-options-ancestors-same-origin-allow.html
891                http/tests/security/XFrameOptions/x-frame-options-ancestors-same-origin-deny.html
892
893         * loader/FrameLoader.cpp:
894         (WebCore::FrameLoader::shouldInterruptLoadForXFrameOptions):
895
896 2018-05-11  Daniel Bates  <dabates@apple.com>
897
898         [iOS] Text decoration of dragged content does not paint with opacity
899         https://bugs.webkit.org/show_bug.cgi?id=185551
900         <rdar://problem/40166867>
901
902         Reviewed by Wenson Hsieh.
903
904         Respect alpha when painting the text decoration for dragged content.
905
906         * rendering/InlineTextBox.cpp:
907         (WebCore::InlineTextBox::MarkedTextStyle::areDecorationMarkedTextStylesEqual): Consider alpha when
908         comparing decoration styles for equality so that we do not coalesce styles with differing alpha.
909         (WebCore::InlineTextBox::paintMarkedTextDecoration): Respect alpha when painting dragged content.
910
911 2018-05-11  Nan Wang  <n_wang@apple.com>
912
913         AX: In role=dialog elements with aria-modal=true VoiceOver iOS/macOS can't manually focus or read dialog paragraph description text inside the modal.
914         https://bugs.webkit.org/show_bug.cgi?id=185219
915         <rdar://problem/39920009>
916
917         Reviewed by Chris Fleizach.
918
919         The text node descendants of a modal dialog are ignored. Fixed it by using AccessibilityObject's 
920         node() to determine if it's the descendant of the modal dialog node.
921
922         Test: accessibility/aria-modal-text-descendants.html
923
924         * accessibility/AccessibilityObject.cpp:
925         (WebCore::AccessibilityObject::isModalDescendant const):
926
927 2018-05-11  Ryosuke Niwa  <rniwa@webkit.org>
928
929         Tapping after CSS-based table casues an infinite loop in wordRangeFromPosition
930         https://bugs.webkit.org/show_bug.cgi?id=185465
931         <rdar://problem/35263057>
932
933         Reviewed by Antti Koivisto.
934
935         The bug was caused by TextIterator not emitting a line break when exiting a CSS-based table when an element
936         with `display: table-row` has an invisible text node. Specifically, TextIterator::exitNode is never called on
937         an element with `table-cell: row` when m_node is a text node with whitespaces which appears after an element
938         with `display: table-cell`.
939
940         For example, for a tree structure like:
941         table-row (R)
942           table-cell (C)
943             "text" (1)
944           " " (2)
945         Getting out of (C) would result in moving onto (2) without generating a line break for (R).
946
947         When this happens in nextBoundary as it tries to find the end of the last word in the table cell, we end up
948         finding the end of the document as the end of the word. As a result, nextWordBoundaryInDirection, the caller
949         of nextBoundary, ends up infinite looping between the positon at the end of the document and the position
950         immediately before the last word in the last table cell when it traverses words backwards.
951
952         This patch fixes the hang by addressing this root cause in TextIterator. Namely, TextIterator now generates
953         a line break when exiting a block while walking up ancestors in TextIterator::advance().
954
955         Tests: editing/selection/tapping-in-table-at-end-of-document.html
956                editing/text-iterator/table-at-end-of-document.html
957
958         * editing/TextIterator.cpp:
959         (WebCore::TextIterator::advance): Fixed the bug.
960         (WebCore::shouldEmitNewlineAfterNode): Do generate a new line at the end of a document when we're trying to
961         generate every visible poitions even there are no renderers beyond this point. e.g. a position inside the
962         last cell of a table at the end of a document hits this condition.
963         (WebCore::shouldEmitExtraNewlineForNode): Don't emit a line break when the render box's height is 0px
964         to avoid generating many empty lines for empty paragraph and header elements (this function is used to generate
965         a blank line between p's and h1/h2/...'s).
966         (WebCore::TextIterator::exitNode):
967
968 2018-05-11  Dean Jackson  <dino@apple.com>
969
970         System preview badge doesn't show on <picture> elements
971         https://bugs.webkit.org/show_bug.cgi?id=185559
972         <rdar://problem/40150066>
973
974         Reviewed by Tim Horton.
975
976         We should also identify <img>s that are the child of a <picture>
977         contained inside the appropriate <a> element.
978
979         Tested internally, since the badge is platform specific.
980
981         * html/HTMLImageElement.cpp:
982         (WebCore::HTMLImageElement::isSystemPreviewImage const): Add logic
983         to look for <picture> parents.
984
985 2018-05-11  Chris Dumez  <cdumez@apple.com>
986
987         REGRESSION (async policy delegate): Revoking an object URL immediately after triggering download breaks file download
988         https://bugs.webkit.org/show_bug.cgi?id=185531
989         <rdar://problem/39909589>
990
991         Reviewed by Geoffrey Garen.
992
993         Whenever we start an asynchronous navigation policy decision for a blob URL, create a temporary
994         blob URL pointing to the same data, and update the request's URL. This way, if the page's JS revokes
995         the URL during the policy decision, the load will still succeed.
996
997         Test: fast/dom/HTMLAnchorElement/anchor-file-blob-download-then-revoke.html
998
999         * loader/DocumentLoader.cpp:
1000         (WebCore::DocumentLoader::willSendRequest):
1001         * loader/FrameLoader.cpp:
1002         (WebCore::FrameLoader::loadURL):
1003         (WebCore::FrameLoader::load):
1004         (WebCore::FrameLoader::loadPostRequest):
1005         * loader/PolicyChecker.cpp:
1006         (WebCore::PolicyChecker::extendBlobURLLifetimeIfNecessary const):
1007         (WebCore::PolicyChecker::checkNavigationPolicy):
1008         (WebCore::PolicyChecker::checkNewWindowPolicy):
1009         * loader/PolicyChecker.h:
1010
1011 2018-05-11  Antti Koivisto  <antti@apple.com>
1012
1013         LinkLoader fails to remove CachedResourceClient in some cases
1014         https://bugs.webkit.org/show_bug.cgi?id=185553
1015         <rdar://problem/36879656>
1016
1017         Reviewed by Geoffrey Garen.
1018
1019         Test: http/tests/preload/link-preload-client-remove.html
1020
1021         * loader/LinkLoader.cpp:
1022         (WebCore::LinkLoader::loadLink):
1023
1024         If there is a link preload already in progress, we fail to clear the client for the ongoing load.
1025         This may leave the CachedResource client map in a bad state.
1026
1027 2018-05-11  Charles Vazac  <cvazac@gmail.com>
1028
1029         Runtime feature flag for Server-Timing
1030         https://bugs.webkit.org/show_bug.cgi?id=184758
1031
1032         Reviewed by Youenn Fablet.
1033
1034         * Source/WebCore/CMakeLists.txt: Added reference to PerformanceServerTiming.idl.
1035         * Source/WebCore/DerivedSources.make: Added reference to PerformanceServerTiming.idl.
1036         * Source/WebCore/Sources.txt: Added reference to PerformanceServerTiming.cpp and JSPerformanceServerTiming.cpp.
1037         * Source/WebCore/WebCore.xcodeproj/project.pbxproj: Added references to PerformanceServerTiming.cpp, PerformanceServerTiming.h, and PerformanceServerTiming.idl.
1038         * Source/WebCore/bindings/js/WebCoreBuiltinNames.h: Added PerformanceServerTiming.
1039         * Source/WebCore/page/PerformanceResourceTiming.h: Added serverTiming member.
1040         * Source/WebCore/page/PerformanceResourceTiming.idl: Added serverTiming attribute.
1041         * Source/WebCore/page/PerformanceServerTiming.cpp: Added.
1042         * Source/WebCore/page/PerformanceServerTiming.h: Added.
1043         * Source/WebCore/page/PerformanceServerTiming.idl: Added.
1044
1045 2018-05-11  Brady Eidson  <beidson@apple.com>
1046
1047         Make sure history navigations reuse the existing process when necessary.
1048         <rdar://problem/39746516> and https://bugs.webkit.org/show_bug.cgi?id=185532
1049
1050         Reviewed by Ryosuke Niwa.
1051
1052         Covered by new API tests.
1053
1054         In WebCore-land, make sure *all* NavigationActions to a back/forward item are tagged with
1055         the item identifier.
1056
1057         * history/HistoryItem.cpp:
1058         (WebCore::HistoryItem::HistoryItem):
1059         (WebCore::HistoryItem::logString const):
1060         * history/HistoryItem.h:
1061
1062         * loader/FrameLoader.cpp:
1063         (WebCore::FrameLoader::loadDifferentDocumentItem):
1064
1065         * loader/NavigationAction.cpp:
1066         (WebCore::NavigationAction::setTargetBackForwardItem):
1067
1068         * loader/NavigationAction.h:
1069         (WebCore::NavigationAction::targetBackForwardItemIdentifier const):
1070
1071 2018-05-11  Yacine Bandou  <yacine.bandou_ext@softathome.com>
1072
1073         [EME][GStreamer] Handle the protection event in MediaPlayerPrivate
1074         https://bugs.webkit.org/show_bug.cgi?id=185535
1075
1076         Reviewed by Xabier Rodriguez-Calvar.
1077
1078         This patch is based on this calvaris's commit
1079         https://github.com/WebPlatformForEmbedded/WPEWebKit/commit/d966168b0d2b65f9ca9415426e26d3752c78b03e
1080
1081         It adds a handler for the protection event in MediaPalyerPrivateGStreamerBase, it extracts the InitData from the event
1082         and sends the encrypted event to JS via HTMLMediaElement.
1083         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
1084         (WebCore::MediaPlayerPrivateGStreamerBase::initializationDataEncountered):
1085         (WebCore::MediaPlayerPrivateGStreamerBase::handleProtectionEvent):
1086         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
1087         * platform/graphics/gstreamer/eme/GStreamerEMEUtilities.h: Add a new type InitData.
1088
1089 2018-05-11  Basuke Suzuki  <Basuke.Suzuki@sony.com>
1090
1091         [Curl] Make the cipher suites, the signing algorithms and the curve lists configurable.
1092         https://bugs.webkit.org/show_bug.cgi?id=185139
1093
1094         Add interface to configure the cipher suites, the signing algorithms and the curve lists 
1095         used by OpenSSL and libcurl to exchange, to sign or to verify keys.
1096
1097         Reviewed by Youenn Fablet.
1098
1099         No new tests in public. Have tested internally.
1100
1101         * platform/network/curl/CurlContext.cpp:
1102         (WebCore::CurlHandle::setSslCipherList):
1103         * platform/network/curl/CurlContext.h:
1104         * platform/network/curl/CurlRequest.cpp:
1105         (WebCore::CurlRequest::setupTransfer):
1106         (WebCore::CurlRequest::willSetupSslCtx):
1107         * platform/network/curl/CurlSSLHandle.cpp:
1108         (WebCore::CurlSSLHandle::getCACertPathEnv):
1109         * platform/network/curl/CurlSSLHandle.h:
1110         (WebCore::CurlSSLHandle::getCipherList const):
1111         (WebCore::CurlSSLHandle::getSignatureAlgorithmsList const):
1112         (WebCore::CurlSSLHandle::getCurvesList const):
1113         (WebCore::CurlSSLHandle::setCipherList):
1114         (WebCore::CurlSSLHandle::setSignatureAlgorithmsList):
1115         (WebCore::CurlSSLHandle::setCurvesList):
1116         (WebCore::CurlSSLHandle::getCACertPath const):
1117         (WebCore::CurlSSLHandle::setCACertPath):
1118         * platform/network/curl/CurlSSLVerifier.cpp:
1119         (WebCore::CurlSSLVerifier::CurlSSLVerifier):
1120
1121 2018-05-10  Daniel Bates  <dabates@apple.com>
1122
1123         Use PlatformStrategies to switch between WebKit and WebKitLegacy checking of CSP frame-ancestors and X-Frame-Options
1124         https://bugs.webkit.org/show_bug.cgi?id=185412
1125
1126         Reviewed by Ryosuke Niwa.
1127
1128         Consolidate the knowledge on how to determine whether security checks were performed on a ResourceResponse
1129         into LoaderStrategy::havePerformedSecurityChecks() (default implementation returns false) and query it
1130         to determine whether CSP frame-ancestors and X-Frame-Options need to be checked for a ResourceResponse.
1131
1132         Additionally, rename LoaderStrategy::isDoingLoadingSecurityChecks() to shouldPerformSecurityChecks()
1133         for consistency with havePerformedSecurityChecks(). Querying shouldPerformSecurityChecks() answers the
1134         question of whether the loader strategy is responsible for performing security checks when building up
1135         a ResourceRequest to have the loader strategy load. And LoaderStrategy::havePerformedSecurityChecks()
1136         is used to determine whether the loader strategy performed these security checks for a given ResourceResponse.
1137
1138         * inspector/agents/InspectorNetworkAgent.cpp:
1139         (WebCore::InspectorNetworkAgent::didReceiveResponse):
1140         (WebCore::InspectorNetworkAgent::didFinishLoading):
1141         (WebCore::isResponseProbablyComingFromNetworkProcess): Deleted.
1142         * loader/DocumentLoader.cpp:
1143         (WebCore::DocumentLoader::responseReceived):
1144         * loader/DocumentThreadableLoader.cpp:
1145         (WebCore::shouldPerformSecurityChecks):
1146         (WebCore::DocumentThreadableLoader::shouldSetHTTPHeadersToKeep const):
1147         (WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequest):
1148         (WebCore::DocumentThreadableLoader::makeSimpleCrossOriginAccessRequest):
1149         (WebCore::DocumentThreadableLoader::redirectReceived):
1150         (WebCore::DocumentThreadableLoader::didFail):
1151         (WebCore::DocumentThreadableLoader::loadRequest):
1152         (WebCore::isDoingSecurityChecksInNetworkProcess): Deleted.
1153         (WebCore::isResponseComingFromNetworkProcess): Deleted.
1154         * loader/LoaderStrategy.cpp:
1155         * loader/LoaderStrategy.h:
1156         * page/Settings.yaml: Remove setting networkProcessCSPFrameAncestorsCheckingEnabled as we now make
1157         use of the loader strategy to determine whether to perform CSP frame-ancestors and X-Frame-Options
1158         checking in DocumentLoader.
1159         * platform/network/ResourceResponseBase.h:
1160         (WebCore::ResourceResponseBase::setSource): Added an ASSERT to catch the programming error of setting
1161         source to ResourceResponse::Source::Unknown. This source type represents an uninitialized ResourceResponse.
1162
1163 2018-05-10  Tim Horton  <timothy_horton@apple.com>
1164
1165         Lookup sometimes shows a second yellow highlight on top of WebKit's TextIndicator
1166         https://bugs.webkit.org/show_bug.cgi?id=185538
1167         <rdar://problem/38817825>
1168
1169         Reviewed by Sam Weinig.
1170
1171         * editing/mac/DictionaryLookup.mm:
1172         (WebCore::showPopupOrCreateAnimationController):
1173         Options can be nil, in which case we can't mutableCopy it and add
1174         LUTermOptionDisableSearchTermIndicator. Instead, create a new dictionary,
1175         and add the items from options, if it's not nil.
1176
1177 2018-05-10  Matt Baker  <mattbaker@apple.com>
1178
1179         Web Inspector: ASSERT_NOT_REACHED in PageDebuggerAgent::didAddEventListener when page adds attribute event listener
1180         https://bugs.webkit.org/show_bug.cgi?id=181580
1181         <rdar://problem/36461309>
1182
1183         Reviewed by Brian Burg.
1184
1185         EventTarget should pass newly added EventListeners to InspectorInstrumentation,
1186         instead of PageDebuggerAgent assuming the last item in the EventListenerVector
1187         is the most recently added listener. This assumption does not hold when
1188         the new listener replaces an existing listener.
1189
1190         * dom/EventTarget.cpp:
1191         (WebCore::EventTarget::addEventListener):
1192         (WebCore::EventTarget::setAttributeEventListener):
1193
1194         * inspector/InspectorInstrumentation.cpp:
1195         (WebCore::InspectorInstrumentation::didAddEventListenerImpl):
1196
1197         * inspector/InspectorInstrumentation.h:
1198         (WebCore::InspectorInstrumentation::didAddEventListener):
1199
1200         * inspector/agents/page/PageDebuggerAgent.cpp:
1201         (WebCore::PageDebuggerAgent::didAddEventListener):
1202         * inspector/agents/page/PageDebuggerAgent.h:
1203
1204 2018-05-10  Chris Dumez  <cdumez@apple.com>
1205
1206         'Cross-Origin-Options header implementation follow-up
1207         https://bugs.webkit.org/show_bug.cgi?id=185520
1208
1209         Reviewed by Ryosuke Niwa.
1210
1211         * dom/Document.cpp:
1212         * dom/Document.h:
1213         * loader/FrameLoader.cpp:
1214         (WebCore::FrameLoader::didBeginDocument):
1215         Using isNull() check is sufficient here as the header parsing
1216         function will do the right thing when passed the empty string.
1217         Also set the options directly on the window instead of the
1218         document. The window is guaranteed to have been constructed
1219         by then because didBeginDocument() is called DocumentWriter::begin()
1220         which calls Document::createDOMWindow() or Document::takeDOMWindowFrom().
1221
1222         * page/AbstractDOMWindow.cpp:
1223         (WebCore::AbstractDOMWindow::AbstractDOMWindow):
1224         * page/AbstractDOMWindow.h:
1225         * page/DOMWindow.cpp:
1226         (WebCore::DOMWindow::DOMWindow):
1227         (WebCore::DOMWindow::didSecureTransitionTo):
1228         * page/RemoteDOMWindow.cpp:
1229         (WebCore::RemoteDOMWindow::RemoteDOMWindow):
1230         * page/RemoteDOMWindow.h:
1231         CrossOriginOptions are now stored only on the Window, not the Document.
1232
1233         * platform/network/HTTPParsers.cpp:
1234         (WebCore::parseCrossOriginOptionsHeader):
1235         Drop strippedHeader local variable as it is not strictly needed.
1236
1237 2018-05-10  Tim Horton  <timothy_horton@apple.com>
1238
1239         Fix the build after r231393
1240         https://bugs.webkit.org/show_bug.cgi?id=185519
1241         <rdar://problem/40131741>
1242
1243         Reviewed by Simon Fraser.
1244
1245         * Configurations/WebCore.xcconfig:
1246
1247 2018-05-10  Eric Carlson  <eric.carlson@apple.com>
1248
1249         Log missing cues correctly
1250         https://bugs.webkit.org/show_bug.cgi?id=185499
1251         <rdar://problem/40113821>
1252
1253         Reviewed by Daniel Bates.
1254
1255         No new tests, tested manually.
1256
1257         * html/track/InbandGenericTextTrack.cpp:
1258         (WebCore::InbandGenericTextTrack::removeGenericCue): Log the cue we searched for, not
1259         the NULL cue.
1260
1261 2018-05-10  Zalan Bujtas  <zalan@apple.com>
1262
1263         [LFC] Implement height computation for non-replaced inflow elements.
1264         https://bugs.webkit.org/show_bug.cgi?id=185474
1265
1266         Reviewed by Antti Koivisto.
1267
1268         Initial implementation. Does not cover all the cases.
1269
1270         * layout/FormattingContext.cpp:
1271         (WebCore::Layout::FormattingContext::computeHeight const):
1272         * layout/FormattingContext.h:
1273         * layout/blockformatting/BlockFormattingContext.cpp:
1274         (WebCore::Layout::BlockFormattingContext::layout const):
1275         (WebCore::Layout::BlockFormattingContext::computeInFlowHeight const):
1276         (WebCore::Layout::BlockFormattingContext::computeInFlowNonReplacedHeight const):
1277         * layout/blockformatting/BlockFormattingContext.h:
1278         * layout/blockformatting/BlockMarginCollapse.cpp:
1279         (WebCore::Layout::collapsedMarginBottomFromLastChild):
1280         (WebCore::Layout::BlockMarginCollapse::isMarginBottomCollapsedWithParent):
1281         (WebCore::Layout::BlockMarginCollapse::isMarginTopCollapsedWithParentMarginBottom):
1282         (WebCore::Layout::isMarginBottomCollapsedWithParent): Deleted.
1283         * layout/blockformatting/BlockMarginCollapse.h:
1284         * layout/inlineformatting/InlineFormattingContext.cpp:
1285         (WebCore::Layout::InlineFormattingContext::computeInFlowHeight const):
1286         * layout/inlineformatting/InlineFormattingContext.h:
1287         * layout/layouttree/LayoutBox.cpp:
1288         (WebCore::Layout::Box::isReplaced const):
1289         * layout/layouttree/LayoutBox.h:
1290
1291 2018-05-10  Thibault Saunier  <tsaunier@igalia.com>
1292
1293         [GTK] Implement ImageBuffer::toBGRAData
1294         https://bugs.webkit.org/show_bug.cgi?id=185511
1295
1296         Reviewed by Michael Catanzaro.
1297
1298         This was never implemented but will be required for the MediaStream API
1299         tests.
1300
1301         * platform/graphics/ImageBuffer.cpp:
1302         (WebCore::ImageBuffer::toBGRAData const):
1303         * platform/graphics/cg/ImageBufferCG.cpp:
1304         (WebCore::ImageBuffer::toBGRAData const):
1305         * platform/graphics/gtk/ImageBufferGtk.cpp:
1306         (WebCore::ImageBuffer::toBGRAData const):
1307
1308 2018-05-10  Yacine Bandou  <yacine.bandou_ext@softathome.com>
1309
1310         [EME][GStreamer] Add a handler for GStreamer protection event
1311         https://bugs.webkit.org/show_bug.cgi?id=185245
1312
1313         Reviewed by Xabier Rodriguez-Calvar.
1314
1315         Qtdemux sends the protection event when encountered a new PSSH box (encrypted content).
1316
1317         The Decryptor is moved from AppendPipeline to PlaybackPipeline (see https://bugs.webkit.org/show_bug.cgi?id=181855),
1318         thus the protection event is no longer handled because the Decryptor is not in the same pipeline as qtdemux.
1319
1320         AppendPipeline: httpsrc-->qtdemux-->appsink
1321         PlaybackPipeline: appsrc-->parser--> decryptor-->decoder-->sink
1322
1323         This patch attaches a probe to the sink pad of the appsink in the appendPipeline in order to
1324         catch and manage the protection event.
1325
1326         * platform/graphics/gstreamer/mse/AppendPipeline.cpp:
1327         (WebCore::AppendPipeline::AppendPipeline):
1328         (WebCore::AppendPipeline::~AppendPipeline):
1329         (WebCore::appendPipelineAppsinkPadEventProbe):
1330         * platform/graphics/gstreamer/mse/AppendPipeline.h:
1331         (WebCore::AppendPipeline::playerPrivate):
1332
1333 2018-05-10  Yacine Bandou  <yacine.bandou_ext@softathome.com>
1334
1335         [EME][GStreamer] Move the decryptor from AppendPipeline to PlaybackPipeline.
1336         https://bugs.webkit.org/show_bug.cgi?id=181855
1337
1338         Reviewed by Xabier Rodriguez-Calvar.
1339
1340         The goal of this move is to handle the limitation of SVP (Secure Video Path) memory size.
1341
1342         When the decryptor is in the AppendPipeline and we use SVP, we buffer in MediaSource queue
1343         the decrypted GstBuffers that are in SVP memory.
1344         This behavior cause an out-of-memory error, because we are limited in SVP memory size.
1345
1346         By moving the decryptor in PlaybackPipeline, we avoid to buffer the decrypted GstBuffers
1347         which use the SVP memory and we buffer the encrypted GstBuffers that are in system memory.
1348
1349         This new architecture also allows to start the buffering before obtaining the DRM license
1350         and it makes easier to manage dynamic change of the license or Key.
1351
1352         The decryptor is auto plugged by GStreamer playbin in PlaybackPipeline.
1353
1354         SVP: Secure Video Path also named trusted or protected video path, it is a memory which is
1355         protected by a hardware access control engine, it is not accessible to other unauthorised
1356         software or hardware components.
1357
1358         Tests:
1359             media/encrypted-media/clearKey/clearKey-cenc-audio-playback-mse.html
1360             media/encrypted-media/clearKey/clearKey-cenc-video-playback-mse.html
1361
1362         * platform/graphics/gstreamer/eme/WebKitCommonEncryptionDecryptorGStreamer.cpp:
1363         (webkitMediaCommonEncryptionDecryptSinkEventHandler):
1364         * platform/graphics/gstreamer/mse/AppendPipeline.cpp:
1365         (WebCore::dumpAppendState):
1366         (WebCore::AppendPipeline::AppendPipeline):
1367         (WebCore::AppendPipeline::handleNeedContextSyncMessage):
1368         (WebCore::AppendPipeline::handleAppsrcNeedDataReceived):
1369         (WebCore::AppendPipeline::setAppendState):
1370         (WebCore::AppendPipeline::parseDemuxerSrcPadCaps):
1371         (WebCore::AppendPipeline::appsinkNewSample):
1372         (WebCore::AppendPipeline::connectDemuxerSrcPadToAppsinkFromAnyThread):
1373         (WebCore::AppendPipeline::disconnectDemuxerSrcPadFromAppsinkFromAnyThread):
1374         (WebCore::appendPipelineElementMessageCallback): Deleted.
1375         (WebCore::AppendPipeline::handleElementMessage): Deleted.
1376         (WebCore::AppendPipeline::dispatchPendingDecryptionStructure): Deleted.
1377         (WebCore::AppendPipeline::dispatchDecryptionStructure): Deleted.
1378         * platform/graphics/gstreamer/mse/AppendPipeline.h:
1379         * platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:
1380         (WebCore::MediaPlayerPrivateGStreamerMSE::attemptToDecryptWithInstance):
1381         * platform/graphics/gstreamer/mse/PlaybackPipeline.cpp:
1382
1383 2018-05-09  Nan Wang  <n_wang@apple.com>
1384
1385         AX: VoiceOver iframe scrolling focus jumping bug
1386         https://bugs.webkit.org/show_bug.cgi?id=176615
1387         <rdar://problem/34333067>
1388
1389         Reviewed by Chris Fleizach.
1390
1391         Scrolling to make elements visible is not working correctly for elements inside an
1392         offscreen iframe. Fixed it by using RenderLayer::scrollRectToVisible() to handle
1393         scrolling more properly.
1394
1395         Test: accessibility/scroll-to-make-visible-iframe-offscreen.html
1396
1397         * accessibility/AccessibilityObject.cpp:
1398         (WebCore::AccessibilityObject::scrollToMakeVisible const):
1399
1400 2018-05-09  Joanmarie Diggs  <jdiggs@igalia.com>
1401
1402         AX: accessibleNameForNode should simplify whitespace when using innerText
1403         https://bugs.webkit.org/show_bug.cgi?id=185498
1404
1405         Reviewed by Chris Fleizach.
1406
1407         Test: accessibility/text-alternative-calculation-from-unrendered-table.html
1408
1409         Call simplifyWhiteSpace() before returning the innerText value.
1410
1411         * accessibility/AccessibilityNodeObject.cpp:
1412         (WebCore::accessibleNameForNode):
1413
1414 2018-05-09  Chris Dumez  <cdumez@apple.com>
1415
1416         Add initial support for 'Cross-Origin-Options' HTTP response header
1417         https://bugs.webkit.org/show_bug.cgi?id=184996
1418         <rdar://problem/39664620>
1419
1420         Reviewed by Geoff Garen.
1421
1422         Add initial support for 'Cross-Origin-Options' HTTP response header behind an experimental
1423         feature flag, on by default. When the HTTP server services this HTTP response header for a
1424         main resource, we'll set these options on the corresponding Document. This will impact the
1425         behavior of the Document's associated Window API when cross-origin.
1426
1427         The HTTP header has 3 possible values:
1428         - allow: This is the default. Regular cross-origin Window API is available.
1429         - allow-postmessage: Only postMessage() is available on a cross-origin window, trying to
1430           access anything else will throw a SecurityError.
1431         - deny: Trying to do anything with a cross-origin window will throw a SecurityError.
1432
1433         The header has no effect when accessing same origin windows.
1434
1435         Note that on cross-origin access from Window A to Window B, we check the cross-origin
1436         options for both Window A and Window B and use the lowest common denominator as effective
1437         cross-origin options for the access. So if Window A has 'Cross-Origin-Options: deny' and
1438         tries to call postMessage() on Window B which has 'Cross-Origin-Options: allow-postmessage',
1439         we will throw a SecurityError. This is because Window A's more restrictive options (deny)
1440         apply.
1441
1442         Tests: http/wpt/cross-origin-options/allow-postmessage-from-deny.html
1443                http/wpt/cross-origin-options/allow-postmessage.html
1444                http/wpt/cross-origin-options/cross-origin-options-header.html
1445
1446         * bindings/js/JSDOMBindingSecurity.cpp:
1447         (WebCore::BindingSecurity::shouldAllowAccessToDOMWindowGivenMinimumCrossOriginOptions):
1448         * bindings/js/JSDOMBindingSecurity.h:
1449         * bindings/js/JSDOMWindowCustom.cpp:
1450         (WebCore::effectiveCrossOriginOptionsForAccess):
1451         (WebCore::jsDOMWindowGetOwnPropertySlotRestrictedAccess):
1452         (WebCore::JSDOMWindow::getOwnPropertySlot):
1453         (WebCore::JSDOMWindow::getOwnPropertySlotByIndex):
1454         (WebCore::addCrossOriginWindowPropertyNames):
1455         (WebCore::addScopedChildrenIndexes):
1456         (WebCore::addCrossOriginWindowOwnPropertyNames):
1457         (WebCore::JSDOMWindow::getOwnPropertyNames):
1458         * bindings/js/JSDOMWindowCustom.h:
1459         * bindings/js/JSRemoteDOMWindowCustom.cpp:
1460         (WebCore::JSRemoteDOMWindow::getOwnPropertySlot):
1461         (WebCore::JSRemoteDOMWindow::getOwnPropertySlotByIndex):
1462         (WebCore::JSRemoteDOMWindow::getOwnPropertyNames):
1463         * bindings/scripts/CodeGeneratorJS.pm:
1464         (GenerateAttributeGetterBodyDefinition):
1465         (GetCrossOriginsOptionsFromExtendedAttributeValue):
1466         (GenerateAttributeSetterBodyDefinition):
1467         (GenerateOperationBodyDefinition):
1468         * bindings/scripts/IDLAttributes.json:
1469         * dom/Document.cpp:
1470         (WebCore::Document::setCrossOriginOptions):
1471         * dom/Document.h:
1472         (WebCore::Document::crossOriginOptions const):
1473         * loader/FrameLoader.cpp:
1474         (WebCore::FrameLoader::didBeginDocument):
1475         * page/AbstractDOMWindow.cpp:
1476         (WebCore::AbstractDOMWindow::AbstractDOMWindow):
1477         * page/AbstractDOMWindow.h:
1478         (WebCore::AbstractDOMWindow::crossOriginOptions):
1479         (WebCore::AbstractDOMWindow::setCrossOriginOptions):
1480         * page/DOMWindow.cpp:
1481         (WebCore::DOMWindow::DOMWindow):
1482         (WebCore::DOMWindow::didSecureTransitionTo):
1483         * page/DOMWindow.idl:
1484         * page/Frame.h:
1485         * page/RemoteDOMWindow.cpp:
1486         (WebCore::RemoteDOMWindow::RemoteDOMWindow):
1487         * page/RemoteDOMWindow.h:
1488         * page/Settings.yaml:
1489         * platform/network/HTTPHeaderNames.in:
1490         * platform/network/HTTPParsers.cpp:
1491         (WebCore::parseCrossOriginOptionsHeader):
1492         * platform/network/HTTPParsers.h:
1493
1494 2018-05-09  Ryosuke Niwa  <rniwa@webkit.org>
1495
1496         Release assert in TreeScopeOrderedMap::remove via HTMLImageElement::removedFromAncestor
1497         https://bugs.webkit.org/show_bug.cgi?id=185493
1498
1499         Reviewed by Brent Fulgham.
1500
1501         Fixed the bug that HTMLImageElement::removedFromAncestor and HTMLMapElement::removedFromAncestor
1502         were calling removeImageElementByUsemap on the document instead of the shadow tree from which it was removed.
1503
1504         Test: fast/images/imagemap-in-shadow-tree-removed.html
1505
1506         * html/HTMLImageElement.cpp:
1507         (WebCore::HTMLImageElement::removedFromAncestor):
1508         * html/HTMLMapElement.cpp:
1509         (WebCore::HTMLMapElement::removedFromAncestor):
1510
1511 2018-05-09  Joanmarie Diggs  <jdiggs@igalia.com>
1512
1513         AX: Hidden nodes which are not directly referenced should not participate name/description from content
1514         https://bugs.webkit.org/show_bug.cgi?id=185478
1515
1516         Reviewed by Chris Fleizach.
1517
1518         Add a check to AccessibilityNodeObject::textUnderElement() and return early
1519         if the node is hidden, not referenced by aria-labelledby or aria-describedby,
1520         not an HTMLLabelElement, and not fallback content for an HTMLCanvasElement.
1521
1522         Test: accessibility/text-alternative-calculation-hidden-nodes.html
1523
1524         * accessibility/AccessibilityNodeObject.cpp:
1525         (WebCore::AccessibilityNodeObject::textUnderElement const):
1526
1527 2018-05-09  Eric Carlson  <eric.carlson@apple.com>
1528
1529         Update MediaSession to use release logging
1530         https://bugs.webkit.org/show_bug.cgi?id=185376
1531         <rdar://problem/40022203>
1532
1533         Reviewed by Youenn Fablet.
1534
1535         No new tests, tested manually.
1536
1537         * Modules/mediastream/MediaStream.h: hostingDocument() doesn't need to return a const Document.
1538         * Modules/webaudio/AudioContext.cpp:
1539         (WebCore::AudioContext::hostingDocument const): Ditto.
1540         * Modules/webaudio/AudioContext.h:
1541
1542         * html/HTMLMediaElement.h: Ditto.
1543
1544         * html/MediaElementSession.cpp:
1545         (WebCore::MediaElementSession::MediaElementSession):
1546         (WebCore::MediaElementSession::addBehaviorRestriction):
1547         (WebCore::MediaElementSession::removeBehaviorRestriction):
1548         (WebCore::MediaElementSession::dataLoadingPermitted const):
1549         (WebCore::MediaElementSession::fullscreenPermitted const):
1550         (WebCore::MediaElementSession::pageAllowsDataLoading const):
1551         (WebCore::MediaElementSession::pageAllowsPlaybackAfterResuming const):
1552         (WebCore::MediaElementSession::canShowControlsManager const):
1553         (WebCore::MediaElementSession::showPlaybackTargetPicker):
1554         (WebCore::MediaElementSession::hasWirelessPlaybackTargets const):
1555         (WebCore::MediaElementSession::wirelessVideoPlaybackDisabled const):
1556         (WebCore::MediaElementSession::setWirelessVideoPlaybackDisabled):
1557         (WebCore::MediaElementSession::setHasPlaybackTargetAvailabilityListeners):
1558         (WebCore::MediaElementSession::externalOutputDeviceAvailableDidChange):
1559         (WebCore::MediaElementSession::setShouldPlayToPlaybackTarget):
1560         (WebCore::MediaElementSession::mediaEngineUpdated):
1561         (WebCore::MediaElementSession::willLog const): Deleted.
1562         (WebCore::MediaElementSession::logger const): Deleted.
1563         (WebCore::MediaElementSession::logIdentifier const): Deleted.
1564         (WebCore::MediaElementSession::logChannel const): Deleted.
1565         * html/MediaElementSession.h:
1566
1567         * platform/audio/PlatformMediaSession.cpp:
1568         (WebCore::nextLogIdentifier):
1569         (WebCore::convertEnumerationToString):
1570         (WebCore::PlatformMediaSession::PlatformMediaSession):
1571         (WebCore::PlatformMediaSession::setState):
1572         (WebCore::PlatformMediaSession::beginInterruption):
1573         (WebCore::PlatformMediaSession::endInterruption):
1574         (WebCore::PlatformMediaSession::clientWillBeginAutoplaying):
1575         (WebCore::PlatformMediaSession::clientWillPausePlayback):
1576         (WebCore::PlatformMediaSession::pauseSession):
1577         (WebCore::PlatformMediaSession::stopSession):
1578         (WebCore::PlatformMediaSession::clientDataBufferingTimerFired):
1579         (WebCore::PlatformMediaSession::logChannel const):
1580         (WebCore::stateName): Deleted.
1581         (WebCore::interruptionName): Deleted.
1582         * platform/audio/PlatformMediaSession.h:
1583         (WTF::LogArgument<WebCore::PlatformMediaSession::State>::toString):
1584         (WTF::LogArgument<WebCore::PlatformMediaSession::InterruptionType>::toString):
1585
1586 2018-05-09  Thibault Saunier  <tsaunier@igalia.com>
1587
1588         [GStreamer] Never call updateTracks if running on legacy pipeline
1589         https://bugs.webkit.org/show_bug.cgi?id=184581
1590
1591         This makes sure failling code path is never reached in the conditions where it should not have been reached.
1592
1593         Reviewed by Philippe Normand.
1594
1595         Re enables all tests that were disabled after fixing.
1596
1597         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
1598         (WebCore::MediaPlayerPrivateGStreamer::handleMessage):
1599
1600 2018-05-09  Daniel Bates  <dabates@apple.com>
1601
1602         REGRESSION (r231479): http/tests/appcache/x-frame-options-prevents-framing.php is timing out
1603         https://bugs.webkit.org/show_bug.cgi?id=185443
1604         <rdar://problem/40100660>
1605
1606         Reviewed by Andy Estes.
1607
1608         Following r231479 when using WebKit2 and Restricted HTTP Response Access is enabled (enabled in
1609         WebKitTestRunner) we only check the CSP frame-ancestors directive and X-Frame-Options in
1610         NetworkProcess. We need to check these security requirements in WebContent process whenever
1611         we are performing a substitute data load, such as for app cache, as these loads do not go
1612         through NetworkProcess.
1613
1614         * loader/DocumentLoader.cpp:
1615         (WebCore::DocumentLoader::responseReceived):
1616
1617 2018-05-09  Justin Fan  <justin_fan@apple.com>
1618
1619         Hooked up ASTC support in WebGL; requires OpenGL ES 3 context to work. 
1620         https://bugs.webkit.org/show_bug.cgi?id=185272
1621         <rdar://problem/15745737>
1622
1623         Reviewed by Dean Jackson.
1624
1625         Also added in Khronos' ASTC test from version 1.0.4 beta of their conformance test suite,
1626         although again, this requires OpenGL ES 3 context for WebKit to detect proper support.
1627
1628         Test: fast/canvas/webgl/webgl-compressed-texture-astc.html
1629
1630         * DerivedSources.make:
1631         * Sources.txt:
1632         * WebCore.xcodeproj/project.pbxproj:
1633         * bindings/js/JSDOMConvertWebGL.cpp:
1634         (WebCore::convertToJSValue):
1635         * html/canvas/WebGL2RenderingContext.cpp:
1636         (WebCore::WebGL2RenderingContext::getExtension):
1637         (WebCore::WebGL2RenderingContext::getSupportedExtensions):
1638         * html/canvas/WebGLCompressedTextureASTC.cpp: Added.
1639         (WebCore::WebGLCompressedTextureASTC::WebGLCompressedTextureASTC):
1640         (WebCore::WebGLCompressedTextureASTC::getName const):
1641         (WebCore::WebGLCompressedTextureASTC::supported):
1642         (WebCore::WebGLCompressedTextureASTC::getSupportedProfiles):
1643         * html/canvas/WebGLCompressedTextureASTC.h: Added.
1644         * html/canvas/WebGLCompressedTextureASTC.idl: Added.
1645         * html/canvas/WebGLExtension.h:
1646         * html/canvas/WebGLRenderingContext.cpp:
1647         (WebCore::WebGLRenderingContext::getExtension):
1648         (WebCore::WebGLRenderingContext::getSupportedExtensions):
1649         * html/canvas/WebGLRenderingContextBase.cpp:
1650         (WebCore::WebGLRenderingContextBase::validateCompressedTexFuncData):
1651         (WebCore::WebGLRenderingContextBase::validateCompressedTexDimensions):
1652         * html/canvas/WebGLRenderingContextBase.h:
1653         * platform/graphics/Extensions3D.h:
1654
1655 2018-05-09  Youenn Fablet  <youenn@apple.com>
1656
1657         Allow WebResourceLoader to cancel a load served from a service worker
1658         https://bugs.webkit.org/show_bug.cgi?id=185274
1659
1660         Reviewed by Chris Dumez.
1661
1662         Add support for cancelling a fetch from WebProcess to service worker process.
1663         Use FetchIdentifier instead of uint64_t.
1664
1665         * Modules/fetch/FetchIdentifier.h: Added.
1666         * WebCore.xcodeproj/project.pbxproj:
1667         * workers/service/context/ServiceWorkerFetch.h:
1668         * workers/service/context/ServiceWorkerThreadProxy.cpp:
1669         (WebCore::ServiceWorkerThreadProxy::startFetch):
1670         (WebCore::ServiceWorkerThreadProxy::cancelFetch):
1671         * workers/service/context/ServiceWorkerThreadProxy.h:
1672
1673 2018-05-09  Thibault Saunier  <tsaunier@igalia.com>
1674
1675         [GStreamer] Fix style issue in MediaPlayerPrivateGStreamer
1676         https://bugs.webkit.org/show_bug.cgi?id=185479
1677
1678         Reviewed by Philippe Normand.
1679
1680         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:114:  Multi line control clauses should use braces.  [whitespace/braces] [4]
1681         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:194:  Multi line control clauses should use braces.  [whitespace/braces] [4]
1682         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:398:  One line control clauses should not use braces.  [whitespace/braces] [4]
1683         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:440:  One line control clauses should not use braces.  [whitespace/braces] [4]
1684         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:806:  More than one command on the same line  [whitespace/newline] [4]
1685         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:869:  More than one command on the same line  [whitespace/newline] [4]
1686         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:880:  More than one command on the same line  [whitespace/newline] [4]
1687         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:940:  More than one command on the same line  [whitespace/newline] [4]
1688         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:1102:  Multi line control clauses should use braces.  [whitespace/braces] [4]
1689         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:1109:  Multi line control clauses should use braces.  [whitespace/braces] [4]
1690
1691         Indentation and style issue fixed only.
1692
1693         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
1694         (WebCore::MediaPlayerPrivateGStreamer::registerMediaEngine):
1695         (WebCore::MediaPlayerPrivateGStreamer::~MediaPlayerPrivateGStreamer):
1696         (WebCore::MediaPlayerPrivateGStreamer::changePipelineState):
1697         (WebCore::MediaPlayerPrivateGStreamer::play):
1698         (WebCore::MediaPlayerPrivateGStreamer::videoChangedCallback):
1699         (WebCore::MediaPlayerPrivateGStreamer::videoSinkCapsChangedCallback):
1700         (WebCore::MediaPlayerPrivateGStreamer::audioChangedCallback):
1701         (WebCore::MediaPlayerPrivateGStreamer::textChangedCallback):
1702         (WebCore::MediaPlayerPrivateGStreamer::buffered const):
1703         (WebCore::MediaPlayerPrivateGStreamer::loadNextLocation):
1704
1705 2018-05-09  Daniel Bates  <dabates@apple.com>
1706
1707         REGRESSION (r231479): com.apple.WebCore crash in WebCore::DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied()
1708         https://bugs.webkit.org/show_bug.cgi?id=185475
1709         <rdar://problem/40093853>
1710
1711         Reviewed by Andy Estes.
1712
1713         DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() must extends its lifetime
1714         until completion as dispatching a DOM load event at the associated frame can cause JavaScript execution
1715         that can do anything, including destroying the loader that dispatched the event.
1716
1717         Following r231479 DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() is now
1718         invoked by both DocumentLoader::responseReceived() and WebResourceLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied().
1719         The latter only can happen when using WebKit2 and the experimental feature Restricted HTTP Response Access
1720         is enabled (RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess()). Unlike DocumentLoader::responseReceived()
1721         WebResourceLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() does not take out a ref
1722         on the DocumentLoader before invoking DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied().
1723         Therefore, DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() can cause its
1724         own destruction as a result of dispatching a DOM load event at the frame. We should take out a ref on
1725         the DocumentLoader when executing DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied().
1726
1727         * loader/DocumentLoader.cpp:
1728         (WebCore::DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied):
1729
1730 2018-05-09  Tim Horton  <timothy_horton@apple.com>
1731
1732         Fix the build by ignoring some deprecation warnings
1733
1734         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
1735         (WebCore::MediaPlayerPrivateAVFoundationObjC::setShouldDisableSleep):
1736
1737 2018-05-09  Michael Catanzaro  <mcatanzaro@igalia.com>
1738
1739         [WPE] Build cleanly with GCC 8 and ICU 60
1740         https://bugs.webkit.org/show_bug.cgi?id=185462
1741
1742         Reviewed by Carlos Alberto Lopez Perez.
1743
1744         * PlatformGTK.cmake: Include directories are in the wrong place.
1745         * accessibility/AXObjectCache.cpp: Silence -Wclass-memaccess problems and leave warnings.
1746         (WebCore::AXObjectCache::startOrEndTextMarkerDataForRange):
1747         (WebCore::AXObjectCache::textMarkerDataForCharacterOffset):
1748         (WebCore::AXObjectCache::textMarkerDataForVisiblePosition):
1749         (WebCore::AXObjectCache::textMarkerDataForFirstPositionInTextControl):
1750         * css/CSSFontFace.cpp: Silence -Wfallthrough
1751         (WebCore::CSSFontFace::fontLoadTiming const):
1752         * css/CSSSelectorList.cpp: Silence -Wclass-memaccess, this one is intentional.
1753         (WebCore::CSSSelectorList::adoptSelectorVector):
1754         * editing/TextIterator.cpp: Silence ICU deprecation warnings.
1755         * platform/Length.h:
1756         (WebCore::Length::operator=): More -Wclass-memaccess, looks benign.
1757         * platform/graphics/Gradient.cpp:
1758         (WebCore::Gradient::hash const): -Wclass-memaccess again. Leave a warning.
1759         * platform/graphics/SurrogatePairAwareTextIterator.cpp: Silence ICU deprecation warnings.
1760         * platform/graphics/cairo/FontCairoHarfbuzzNG.cpp:
1761         (WebCore::FontCascade::fontForCombiningCharacterSequence const): Silence ICU deprecation.
1762         * platform/graphics/freetype/FontCustomPlatformDataFreeType.cpp:
1763         (WebCore::FontCustomPlatformData::FontCustomPlatformData): Silence -Wcast-function-type.
1764         * platform/graphics/freetype/SimpleFontDataFreeType.cpp:
1765         (WebCore::Font::canRenderCombiningCharacterSequence const): Silence ICU deprecation.
1766         * platform/graphics/gstreamer/GstAllocatorFastMalloc.cpp:
1767         (gstAllocatorFastMallocMemUnmap): Fix -Wcast-function-type.
1768         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
1769         (WebCore::MediaPlayerPrivateGStreamer::updateTracks): Fix bad printf.
1770         (WebCore::MediaPlayerPrivateGStreamer::enableTrack): Another bad printf.
1771         (WebCore::findHLSQueue): Fix -Wcast-function-type.
1772         * platform/graphics/gstreamer/eme/WebKitClearKeyDecryptorGStreamer.cpp:
1773         (webKitMediaClearKeyDecryptorDecrypt): Fix another bad printf.
1774         * platform/network/soup/SocketStreamHandleImplSoup.cpp: Silence -Wcast-function-type.
1775         (WebCore::SocketStreamHandleImpl::beginWaitingForSocketWritability):
1776         * platform/text/TextEncoding.cpp: Silence ICU deprecration.
1777
1778 2018-05-08  Simon Fraser  <simon.fraser@apple.com>
1779
1780         SVG lighting colors need to be converted into linearSRGB
1781         https://bugs.webkit.org/show_bug.cgi?id=181196
1782
1783         Reviewed by Darin Adler.
1784
1785         Address post-commit comments. Don't make a Color that contains linearRGB components,
1786         but use FloatComponents instead. Since these FloatComponents are in the 0-1 range,
1787         FELighting::setPixelInternal() needs to multiply by 255 since the output pixels are
1788         8-bit 0-255.
1789         
1790         Change linearToSRGBColorComponent() and sRGBToLinearColorComponent() to do math in
1791         floats without promoting to doubles.
1792
1793         * platform/graphics/ColorUtilities.cpp:
1794         (WebCore::FloatComponents::FloatComponents):
1795         (WebCore::linearToSRGBColorComponent):
1796         (WebCore::sRGBToLinearColorComponent):
1797         (WebCore::sRGBColorToLinearComponents):
1798         (WebCore::linearToSRGBColor): Deleted.
1799         (WebCore::sRGBToLinearColor): Deleted.
1800         * platform/graphics/ColorUtilities.h:
1801         * platform/graphics/filters/FELighting.cpp:
1802         (WebCore::FELighting::setPixelInternal):
1803         (WebCore::FELighting::drawLighting):
1804
1805 2018-05-09  Timothy Hatcher  <timothy@apple.com>
1806
1807         Use StyleColor::Options in more places.
1808
1809         https://bugs.webkit.org/show_bug.cgi?id=185458
1810         rdar://problem/39853798
1811
1812         Add UseDefaultAppearance to StyleColor::Options, to avoid passing yet another
1813         boolean on some of these functions.
1814
1815         Reviewed by Tim Horton.
1816
1817         * css/MediaQueryEvaluator.cpp:
1818         * css/StyleColor.h:
1819         * dom/Document.cpp:
1820         (WebCore::Document::useDefaultAppearance const):
1821         (WebCore::Document::styleColorOptions const):
1822         * dom/Document.h:
1823         * platform/Theme.cpp:
1824         (WebCore::Theme::paint):
1825         * platform/Theme.h:
1826         * platform/mac/LocalDefaultSystemAppearance.h:
1827         * platform/mac/LocalDefaultSystemAppearance.mm:
1828         (WebCore::LocalDefaultSystemAppearance::LocalDefaultSystemAppearance):
1829         (WebCore::LocalDefaultSystemAppearance::~LocalDefaultSystemAppearance):
1830         * platform/mac/ThemeMac.h:
1831         * platform/mac/ThemeMac.mm:
1832         (WebCore::paintToggleButton):
1833         (WebCore::paintButton):
1834         (WebCore::ThemeMac::ensuredView):
1835         (WebCore::ThemeMac::drawCellOrFocusRingWithViewIntoContext):
1836         (WebCore::ThemeMac::paint):
1837         (-[WebCoreThemeView initWithUseSystemAppearance:]): Deleted.
1838         * platform/wpe/ThemeWPE.cpp:
1839         (WebCore::ThemeWPE::paint):
1840         * platform/wpe/ThemeWPE.h:
1841         * rendering/RenderListBox.cpp:
1842         (WebCore::RenderListBox::paintItemBackground):
1843         * rendering/RenderTheme.cpp:
1844         (WebCore::RenderTheme::paint):
1845         (WebCore::RenderTheme::inactiveListBoxSelectionBackgroundColor const):
1846         (WebCore::RenderTheme::platformInactiveListBoxSelectionBackgroundColor const):
1847         * rendering/RenderTheme.h:
1848         * rendering/RenderThemeGtk.cpp:
1849         (WebCore::RenderThemeGtk::platformInactiveListBoxSelectionBackgroundColor const):
1850         * rendering/RenderThemeGtk.h:
1851         * rendering/RenderThemeMac.h:
1852         * rendering/RenderThemeMac.mm:
1853         (WebCore::RenderThemeMac::documentViewFor const):
1854         (WebCore::RenderThemeMac::platformInactiveListBoxSelectionBackgroundColor const):
1855         (WebCore::RenderThemeMac::systemColor const):
1856         (WebCore::RenderThemeMac::paintCellAndSetFocusedElementNeedsRepaintIfNecessary):
1857         (WebCore::RenderThemeMac::paintSliderThumb):
1858
1859 2018-05-09  Yacine Bandou  <yacine.bandou_ext@softathome.com>
1860
1861         [EME][GStreamer] Crash when the mediaKeys are created before loading the media in debug conf
1862         https://bugs.webkit.org/show_bug.cgi?id=185244
1863
1864         Reviewed by Xabier Rodriguez-Calvar.
1865
1866         The function "MediaPlayerPrivateGStreamerBase::cdmInstanceAttached" is expected to be called once,
1867         so there is an ASSERT(!m_cdmInstance).
1868         But when the MediaKeys are created before loading the media, the cdminstance is created and attached
1869         to the MediaPlayerPrivate via "MediaPlayerPrivateGStreamerBase::cdmInstanceAttached" before loading
1870         the media, then when the media is loading, the function "MediaPlayerPrivateGStreamerBase::cdmInstanceAttached"
1871         will be called several times via the function "mediaEngineWasUpdated" wich is called for each change
1872         in the MediaElement state, thus the WebProcess crashes in the ASSERT(!m_cdmInstance).
1873
1874         This commit avoid the crash by replacing the assert with a simple check.
1875
1876         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
1877         (WebCore::MediaPlayerPrivateGStreamerBase::cdmInstanceAttached):
1878         (WebCore::MediaPlayerPrivateGStreamerBase::cdmInstanceDetached):
1879
1880 2018-05-09  Antti Koivisto  <antti@apple.com>
1881
1882         Add OptionSet::operator& and operator bool
1883         https://bugs.webkit.org/show_bug.cgi?id=185306
1884
1885         Reviewed by Anders Carlsson.
1886
1887         Use it in a few places.
1888
1889         * loader/FrameLoader.cpp:
1890         (WebCore::FrameLoader::reload):
1891         * rendering/RenderLayerCompositor.cpp:
1892         (WebCore::RenderLayerCompositor::logReasonsForCompositing):
1893         (WebCore::RenderLayerCompositor::updateScrollCoordinatedLayer):
1894
1895 2018-05-08  Dean Jackson  <dino@apple.com>
1896
1897         Disable system preview link fetching
1898         https://bugs.webkit.org/show_bug.cgi?id=185463
1899
1900         Reviewed by Jon Lee.
1901
1902         Temporarily disable system preview detection when a link
1903         is clicked.
1904
1905         * html/HTMLAnchorElement.cpp:
1906         (WebCore::HTMLAnchorElement::handleClick):
1907
1908 2018-05-08  Wenson Hsieh  <wenson_hsieh@apple.com>
1909
1910         Unreviewed, fix the internal iOS build
1911
1912         Add a missing import statement in an implementation file.
1913
1914         * editing/cocoa/WebContentReaderCocoa.mm:
1915
1916 2018-05-08  Ryan Haddad  <ryanhaddad@apple.com>
1917
1918         Unreviewed, rolling out r231486.
1919
1920         Caused service worker LayoutTest failures on macOS Debug WK2.
1921
1922         Reverted changeset:
1923
1924         "Allow WebResourceLoader to cancel a load served from a
1925         service worker"
1926         https://bugs.webkit.org/show_bug.cgi?id=185274
1927         https://trac.webkit.org/changeset/231486
1928
1929 2018-05-08  Wenson Hsieh  <wenson_hsieh@apple.com>
1930
1931         Consolidate WebContentReaderIOS and WebContentReaderMac into WebContentReaderCocoa
1932         https://bugs.webkit.org/show_bug.cgi?id=185340
1933
1934         Reviewed by Tim Horton.
1935
1936         WebContentReader::readURL is currently the only method implemented separately in iOS and macOS platform
1937         WebContentReader files. The implementation across macOS and iOS is nearly identical (with some exceptions with
1938         the way iOS handles file URLs and plain text editing), so we can merge these into a single method
1939         WebContentReaderCocoa and delete WebContentReaderIOS and WebContentReaderMac.
1940
1941         This also has the added bonus of fixing a latent bug in WebContentReaderMac, wherein URLs written to the
1942         pasteboard using -[NSPasteboard writeObjects:] are currently pasted as empty anchor elements. In this case, the
1943         link title isn't made explicit, so the `title` passed in to WebContentReader::readURL is empty. On iOS, we have
1944         code to fall back to pasting the absolute string of the URL if the title is empty, but on macOS, we'll just use
1945         this empty string as the title of the anchor.
1946
1947         Test: PasteMixedContent.PasteURLWrittenToPasteboardUsingWriteObjects
1948
1949         * SourcesCocoa.txt:
1950         * WebCore.xcodeproj/project.pbxproj:
1951         * editing/cocoa/WebContentReaderCocoa.mm:
1952         (WebCore::WebContentReader::readURL):
1953         * editing/ios/WebContentReaderIOS.mm: Removed.
1954         * editing/mac/WebContentReaderMac.mm: Removed.
1955
1956 2018-05-08  Zalan Bujtas  <zalan@apple.com>
1957
1958         [Simple line layout] Cache run resolver.
1959         https://bugs.webkit.org/show_bug.cgi?id=185411
1960
1961         Reviewed by Antti Koivisto.
1962
1963         This patch caches the run resolver on the [SimpleLine]Layout object. 
1964         In certain cases, when the block container has thousands of elements (foobar1<br>foobar2<br>.....foobar9999<br>),
1965         constructing the resolver (and its dependencies) in a repeating fashion could hang the WebProcess.
1966
1967         Covered by existing tests.
1968
1969         * rendering/SimpleLineLayout.cpp:
1970         (WebCore::SimpleLineLayout::create):
1971         (WebCore::SimpleLineLayout::Layout::create):
1972         (WebCore::SimpleLineLayout::Layout::Layout):
1973         * rendering/SimpleLineLayout.h:
1974         (WebCore::SimpleLineLayout::Layout::runResolver const):
1975         * rendering/SimpleLineLayoutFunctions.cpp:
1976         (WebCore::SimpleLineLayout::paintFlow):
1977         (WebCore::SimpleLineLayout::hitTestFlow):
1978         (WebCore::SimpleLineLayout::collectFlowOverflow):
1979         (WebCore::SimpleLineLayout::computeBoundingBox):
1980         (WebCore::SimpleLineLayout::computeFirstRunLocation):
1981         (WebCore::SimpleLineLayout::collectAbsoluteRects):
1982         (WebCore::SimpleLineLayout::collectAbsoluteQuads):
1983         (WebCore::SimpleLineLayout::textOffsetForPoint):
1984         (WebCore::SimpleLineLayout::collectAbsoluteQuadsForRange):
1985         (WebCore::SimpleLineLayout::generateLineBoxTree):
1986         * rendering/SimpleLineLayoutResolver.cpp:
1987         (WebCore::SimpleLineLayout::LineResolver::LineResolver):
1988         * rendering/SimpleLineLayoutResolver.h:
1989         (WebCore::SimpleLineLayout::lineResolver):
1990
1991 2018-05-08  Brent Fulgham  <bfulgham@apple.com>
1992
1993         Switch some RELEASE_ASSERTS to plain debug ASSERTS in PlatformScreenMac.mm
1994         https://bugs.webkit.org/show_bug.cgi?id=185451
1995         <rdar://problem/39620348>
1996
1997         Reviewed by Zalan Bujtas.
1998
1999         Change a set of RELEASE_ASSERTS used to prevent accessing NSScreen related functions in the
2000         PlatformScreenMac implementation to less expensive Debug ASSERTS.
2001
2002         No change in behavior.
2003
2004         * platform/mac/PlatformScreenMac.mm:
2005         (WebCore::screenHasInvertedColors):
2006         (WebCore::screenDepth):
2007         (WebCore::screenDepthPerComponent):
2008         (WebCore::screenRectForDisplay):
2009         (WebCore::screenRect):
2010         (WebCore::screenAvailableRect):
2011         (WebCore::screenColorSpace):
2012         (WebCore::screenSupportsExtendedColor):
2013
2014 2018-05-08  Daniel Bates  <dabates@apple.com>
2015
2016         Resign Strong Password appearance when text field value changes
2017         https://bugs.webkit.org/show_bug.cgi?id=185433
2018         <rdar://problem/39958508>
2019
2020         Reviewed by Ryosuke Niwa.
2021
2022         Remove the Strong Password decoration when the text field's value changes to avoid interfering
2023         with web sites that allow a person to clear the password field.
2024
2025         Tests: fast/forms/auto-fill-button/auto-fill-strong-password-button-when-maxlength-changes.html
2026                fast/forms/auto-fill-button/auto-fill-strong-password-button-when-minlength-changes.html
2027                fast/forms/auto-fill-button/hide-auto-fill-strong-password-button-when-value-changes.html
2028
2029         * html/HTMLInputElement.cpp:
2030         (WebCore::HTMLInputElement::resignStrongPasswordAppearance): Extracted from HTMLInputElement::updateType().
2031         (WebCore::HTMLInputElement::updateType): Extract out logic to resign the Strong Password appearance
2032         into a function that can be shared by this function and HTMLInputElement::setValue().
2033         (WebCore::HTMLInputElement::setValue): Resign the Strong Password appearance if this field was
2034         changed programmatically (i.e. no DOM change event was dispatched).
2035         * html/HTMLInputElement.h:
2036
2037 2018-05-08  Jer Noble  <jer.noble@apple.com>
2038
2039         Unreviewed build fix; add missing function definition.
2040
2041         * html/HTMLMediaElement.h:
2042         (WebCore::HTMLMediaElement::didPassCORSAccessCheck const):
2043
2044 2018-05-08  Jer Noble  <jer.noble@apple.com>
2045
2046         Mute MediaElementSourceNode when tainted.
2047         https://bugs.webkit.org/show_bug.cgi?id=184866
2048
2049         Reviewed by Eric Carlson.
2050
2051         Test: http/tests/security/webaudio-render-remote-audio-blocked-no-crossorigin.html
2052
2053         * Modules/webaudio/AudioContext.cpp:
2054         (WebCore::AudioContext::wouldTaintOrigin const):
2055         * Modules/webaudio/AudioContext.h:
2056         * Modules/webaudio/MediaElementAudioSourceNode.cpp:
2057         (WebCore::MediaElementAudioSourceNode::setFormat):
2058         (WebCore::MediaElementAudioSourceNode::wouldTaintOrigin):
2059         (WebCore::MediaElementAudioSourceNode::process):
2060         * Modules/webaudio/MediaElementAudioSourceNode.h:
2061
2062 2018-05-08  Eric Carlson  <eric.carlson@apple.com>
2063
2064         Log rtcstats as JSON
2065         https://bugs.webkit.org/show_bug.cgi?id=185437
2066         <rdar://problem/40065332>
2067
2068         Reviewed by Youenn Fablet.
2069
2070         * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
2071         (WebCore::RTCStatsLogger::RTCStatsLogger): Create a wrapper class so we don't have to add a
2072         toJSONString method to libwebrtc.
2073         (WebCore::RTCStatsLogger::toJSONString const): Log stats as JSON.
2074         (WebCore::LibWebRTCMediaEndpoint::OnStatsDelivered): Don't use the LOGIDENTIFIER macro because
2075         it doesn't work well inside of a lambda.
2076         (WTF::LogArgument<WebCore::RTCStatsLogger>::toString): Move into .cpp file because it is only
2077         used here.
2078         * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.h:
2079         (WTF::LogArgument<webrtc::RTCStats>::toString): Deleted. Move to .cpp file.
2080
2081 2018-05-08  Dean Jackson  <dino@apple.com>
2082
2083         System Preview links should trigger a download
2084         https://bugs.webkit.org/show_bug.cgi?id=185439
2085         <rdar://problem/40065545>
2086
2087         Reviewed by Jon Lee.
2088
2089         Add a new field to FrameLoadRequest, which then is copied
2090         into ResourceRequest, identifying if the link clicked
2091         is a system preview.
2092
2093         * html/HTMLAnchorElement.cpp:
2094         (WebCore::HTMLAnchorElement::handleClick): Look for isSystemPreviewLink().
2095         * loader/FrameLoadRequest.cpp:
2096         (WebCore::FrameLoadRequest::FrameLoadRequest):
2097         * loader/FrameLoadRequest.h: New property.
2098         (WebCore::FrameLoadRequest::FrameLoadRequest):
2099         (WebCore::FrameLoadRequest::isSystemPreview const):
2100         * loader/FrameLoader.cpp:
2101         (WebCore::FrameLoader::urlSelected):
2102         (WebCore::FrameLoader::loadURL):
2103         * loader/FrameLoader.h:
2104         * platform/network/ResourceRequestBase.cpp:
2105         (WebCore::ResourceRequestBase::isSystemPreview const):
2106         (WebCore::ResourceRequestBase::setSystemPreview):
2107         * platform/network/ResourceRequestBase.h:
2108
2109 2018-05-08  Commit Queue  <commit-queue@webkit.org>
2110
2111         Unreviewed, rolling out r231491.
2112         https://bugs.webkit.org/show_bug.cgi?id=185434
2113
2114         Setting the Created key on a cookie does not work yet, due a
2115         bug in CFNetwork (Requested by ggaren on #webkit).
2116
2117         Reverted changeset:
2118
2119         "[WKHTTPCookieStore getAllCookies] returns inconsistent
2120         creation time"
2121         https://bugs.webkit.org/show_bug.cgi?id=185041
2122         https://trac.webkit.org/changeset/231491
2123
2124 2018-05-08  Sihui Liu  <sihui_liu@apple.com>
2125
2126         [WKHTTPCookieStore getAllCookies] returns inconsistent creation time
2127         https://bugs.webkit.org/show_bug.cgi?id=185041
2128         <rdar://problem/34684214>
2129
2130         Reviewed by Geoffrey Garen.
2131
2132         Set creationtime property when creating Cookie object to keep consistency after conversion.
2133
2134         New API test: WebKit.WKHTTPCookieStoreCreationTime.
2135
2136         * platform/network/cocoa/CookieCocoa.mm:
2137         (WebCore::Cookie::operator NSHTTPCookie * const):
2138
2139 2018-05-08  Eric Carlson  <eric.carlson@apple.com>
2140
2141         Text track cue logging should include cue text
2142         https://bugs.webkit.org/show_bug.cgi?id=185353
2143         <rdar://problem/40003565>
2144
2145         Reviewed by Brent Fulgham.
2146
2147         No new tests, tested manually.
2148
2149         * html/track/VTTCue.cpp:
2150         (WebCore::VTTCue::toJSON const):
2151         * platform/graphics/InbandTextTrackPrivateClient.h:
2152         (WebCore::GenericCueData::toJSONString const):
2153         * platform/graphics/iso/ISOVTTCue.cpp:
2154         (WebCore::ISOWebVTTCue::toJSONString const):
2155
2156 2018-05-08  Sam Weinig  <sam@webkit.org>
2157
2158         More cleanup of XMLHttpRequestUpload
2159         https://bugs.webkit.org/show_bug.cgi?id=185409
2160
2161         Reviewed by Alex Christensen.
2162
2163         - Remove unneeded #includes
2164         - Rename m_xmlHttpRequest to m_request
2165         - Make some overloaded some methods private, and mark them as final rather
2166           than override.
2167
2168         * xml/XMLHttpRequestUpload.cpp:
2169         (WebCore::XMLHttpRequestUpload::XMLHttpRequestUpload):
2170         * xml/XMLHttpRequestUpload.h:
2171
2172 2018-05-08  Zalan Bujtas  <zalan@apple.com>
2173
2174         [LFC] Start using BlockMarginCollapse
2175         https://bugs.webkit.org/show_bug.cgi?id=185424
2176
2177         Reviewed by Antti Koivisto.
2178
2179         BlockMarginCollapse could be all static.
2180
2181         * layout/blockformatting/BlockFormattingContext.cpp:
2182         (WebCore::Layout::BlockFormattingContext::marginTop const):
2183         (WebCore::Layout::BlockFormattingContext::marginBottom const):
2184         * layout/blockformatting/BlockMarginCollapse.cpp:
2185         (WebCore::Layout::isMarginTopCollapsedWithSibling):
2186         (WebCore::Layout::isMarginBottomCollapsedWithSibling):
2187         (WebCore::Layout::isMarginTopCollapsedWithParent):
2188         (WebCore::Layout::isMarginBottomCollapsedWithParent):
2189         (WebCore::Layout::collapsedMarginTopFromFirstChild):
2190         (WebCore::Layout::collapsedMarginBottomFromLastChild):
2191         (WebCore::Layout::nonCollapsedMarginTop):
2192         (WebCore::Layout::nonCollapsedMarginBottom):
2193         (WebCore::Layout::BlockMarginCollapse::marginTop):
2194         (WebCore::Layout::BlockMarginCollapse::marginBottom):
2195         (WebCore::Layout::BlockMarginCollapse::BlockMarginCollapse): Deleted.
2196         (WebCore::Layout::BlockMarginCollapse::marginTop const): Deleted.
2197         (WebCore::Layout::BlockMarginCollapse::marginBottom const): Deleted.
2198         (WebCore::Layout::BlockMarginCollapse::isMarginTopCollapsedWithSibling const): Deleted.
2199         (WebCore::Layout::BlockMarginCollapse::isMarginBottomCollapsedWithSibling const): Deleted.
2200         (WebCore::Layout::BlockMarginCollapse::isMarginTopCollapsedWithParent const): Deleted.
2201         (WebCore::Layout::BlockMarginCollapse::isMarginBottomCollapsedWithParent const): Deleted.
2202         (WebCore::Layout::BlockMarginCollapse::nonCollapsedMarginTop const): Deleted.
2203         (WebCore::Layout::BlockMarginCollapse::nonCollapsedMarginBottom const): Deleted.
2204         (WebCore::Layout::BlockMarginCollapse::collapsedMarginTopFromFirstChild const): Deleted.
2205         (WebCore::Layout::BlockMarginCollapse::collapsedMarginBottomFromLastChild const): Deleted.
2206         (WebCore::Layout::BlockMarginCollapse::hasAdjoiningMarginTopAndBottom const): Deleted.
2207         * layout/blockformatting/BlockMarginCollapse.h:
2208
2209 2018-05-08  Youenn Fablet  <youenn@apple.com>
2210
2211         Allow WebResourceLoader to cancel a load served from a service worker
2212         https://bugs.webkit.org/show_bug.cgi?id=185274
2213
2214         Reviewed by Chris Dumez.
2215
2216         Add support for cancelling a fetch from WebProcess to service worker process.
2217         Use FetchIdentifier instead of uint64_t.
2218
2219         * Modules/fetch/FetchIdentifier.h: Added.
2220         * WebCore.xcodeproj/project.pbxproj:
2221         * workers/service/context/ServiceWorkerFetch.h:
2222         * workers/service/context/ServiceWorkerThreadProxy.cpp:
2223         (WebCore::ServiceWorkerThreadProxy::startFetch):
2224         (WebCore::ServiceWorkerThreadProxy::cancelFetch):
2225         * workers/service/context/ServiceWorkerThreadProxy.h:
2226
2227 2018-05-08  Said Abou-Hallawa  <sabouhallawa@apple.com>
2228
2229         feTurbulence is not rendered correctly on Retina display
2230         https://bugs.webkit.org/show_bug.cgi?id=183798
2231
2232         Reviewed by Simon Fraser.
2233
2234         On 2x display the feTurbulence filter creates a scaled ImageBuffer but
2235         processes only the unscaled size. This is a remaining work of r168577 and
2236         is very similar to what was done for the feMorphology filter in r188271.
2237
2238         Test: fast/hidpi/filters-turbulence.html
2239
2240         * platform/graphics/filters/FETurbulence.cpp:
2241         (WebCore::FETurbulence::fillRegion const):
2242         (WebCore::FETurbulence::platformApplySoftware):
2243
2244 2018-05-07  Zalan Bujtas  <zalan@apple.com>
2245
2246         [LFC] Add FormattingContext::layoutOutOfFlowDescendants implementation
2247         https://bugs.webkit.org/show_bug.cgi?id=185377
2248
2249         Reviewed by Antti Koivisto.
2250
2251         Also, remove FormattingContext's m_layoutContext member and pass it in to ::layout() instead.
2252         In theory LayoutContext is needed only during ::layout() call. 
2253
2254         * layout/FormattingContext.cpp:
2255         (WebCore::Layout::FormattingContext::layoutOutOfFlowDescendants const):
2256         * layout/FormattingContext.h:
2257         (WebCore::Layout::FormattingContext::layoutContext const):
2258         * layout/LayoutContext.cpp:
2259         (WebCore::Layout::LayoutContext::updateLayout):
2260         * layout/blockformatting/BlockFormattingContext.cpp:
2261         (WebCore::Layout::BlockFormattingContext::layout const):
2262         * layout/blockformatting/BlockFormattingContext.h:
2263         * layout/inlineformatting/InlineFormattingContext.cpp:
2264         (WebCore::Layout::InlineFormattingContext::layout const):
2265         * layout/inlineformatting/InlineFormattingContext.h:
2266
2267 2018-05-07  Daniel Bates  <dabates@apple.com>
2268
2269         Check X-Frame-Options and CSP frame-ancestors in network process
2270         https://bugs.webkit.org/show_bug.cgi?id=185410
2271         <rdar://problem/37733934>
2272
2273         Reviewed by Ryosuke Niwa.
2274
2275         * WebCore.xcodeproj/project.pbxproj: Make PingLoader.h a private header so that we can include it in WebKit.
2276         * loader/DocumentLoader.cpp:
2277         (WebCore::DocumentLoader::responseReceived): Only check CSP frame-ancestors and X-Frame-Options here if
2278         we are not checking them in the NetworkProcess and HTTP response access is restricted. I code is otherwise kept
2279         unchanged. There may be opportunities to clean this code up more and share more of it. We should look into this
2280         in subsequent bugs.
2281         * loader/DocumentLoader.h: Change visibility of stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() from
2282         private to public and export it so that we can call it from the WebKit.
2283         * loader/PingLoader.h:
2284         * page/Settings.yaml: Add a new setting called networkProcessCSPFrameAncestorsCheckingEnabled (defaults: false)
2285         and is hardcoded in WebPage.cpp to be enabled. This setting is used to determine if we will be using the NetworkProcess.
2286         Ideally we wouldn't have this setting and just key off RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess().
2287         However RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess() is always enabled in WebKit Legacy
2288         at the time of writing (why?). And, strangely, RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess()
2289         is conditionally enabled in WebKit. For now, we add a new setting, networkProcessCSPFrameAncestorsCheckingEnabled,
2290         to determine if CSP checking should be performed in NetworkProcess. For checking to actually happen in NetworkProcess
2291         and not in DocumentLoader::responseReceived() RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess()
2292         will also need to be enabled.
2293         * page/csp/ContentSecurityPolicy.cpp:
2294         (WebCore::ContentSecurityPolicy::allowFrameAncestors const): Added a variant that takes a vector of ancestor origins.
2295         * page/csp/ContentSecurityPolicy.h:
2296         * page/csp/ContentSecurityPolicyDirectiveList.cpp:
2297         (WebCore::checkFrameAncestors): Ditto.
2298         (WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForFrameAncestorOrigins const): Ditto.
2299         * page/csp/ContentSecurityPolicyDirectiveList.h: Export constructor so that we can invoke it from NetworkResourceLoader::shouldInterruptLoadForCSPFrameAncestorsOrXFrameOptions().
2300         * page/csp/ContentSecurityPolicyResponseHeaders.h:
2301         * platform/network/HTTPParsers.h: Export XFrameOptionsDisposition() so that we can use in WebKit.
2302
2303 2018-05-07  Daniel Bates  <dabates@apple.com>
2304
2305         Abstract logic to log console messages and send CSP violation reports into a client
2306         https://bugs.webkit.org/show_bug.cgi?id=185393
2307         <rdar://problem/40036053>
2308
2309         Reviewed by Brent Fulgham.
2310
2311         First pass at adding infrastructure to supporting CSP reporting from NetworkProcess and workers.
2312         Replaces the existing ContentSecurityPolicy constructor that takes a Frame with one that
2313         takes a ContentSecurityPolicyClient to delegate to for logging and sending reports. We will look
2314         to remove ContentSecurityPolicy constructor that takes a ScriptExecutionContext in a follow up.
2315
2316         Standardize on instantiating a ContentSecurityPolicy with the full URL to resource that it protects
2317         instead of taking only the SecurityOrigin of this URL. By taking the full URL the ContentSecurityPolicy
2318         object is now capable of resolving a relative report URL without needing a Document/ScriptExecutionContext.
2319
2320         We are underutilizing the CSPInfo struct and ContentSecurityPolicyClient::willSendCSPViolationReport()
2321         delegate callback in this patch. We will make use of this functionality in a subsequent patch to
2322         support collecting script state (e.g. source line number) when reporting CSP violations in worker
2323         threads. We also no longer go through the unnecessary motions to try to collect script state for a
2324         frame-ancestors violation (since DocumentLoader extends ContentSecurityPolicyClient and does not
2325         implement ContentSecurityPolicyClient::willSendCSPViolationReport()). The frame-ancestors directive
2326         is checked before a document is parsed and executes script; => there will never be any script state
2327         to collect; => it is not necessary to try to collect it as we currently do.
2328
2329         * Sources.txt: Add file ContentSecurityPolicyClient.cpp. See the remarks for ContentSecurityPolicyClient.cpp
2330         below on why we have this file.
2331         * WebCore.xcodeproj/project.pbxproj: Add files ContentSecurityPolicyClient.{h, cpp}.
2332         * dom/Document.cpp:
2333         (WebCore::Document::initSecurityContext): Pass the URL of the protected document.
2334         * loader/DocumentLoader.cpp:
2335         (WebCore::DocumentLoader::responseReceived): Ditto.
2336         (WebCore::DocumentLoader::addConsoleMessage): Added.
2337         (WebCore::DocumentLoader::sendCSPViolationReport): Added.
2338         (WebCore::DocumentLoader::dispatchSecurityPolicyViolationEvent): Added.
2339         * loader/DocumentLoader.h:
2340         * loader/FrameLoaderClient.h: Fix typo in comment.
2341         * loader/WorkerThreadableLoader.cpp:
2342         (WebCore::WorkerThreadableLoader::MainThreadBridge::MainThreadBridge): Pass the URL of the worker script.
2343         * page/csp/ContentSecurityPolicy.cpp:
2344         (WebCore::ContentSecurityPolicy::ContentSecurityPolicy): Added overload that takes a URL&& and an optional
2345         ContentSecurityPolicyClient*.
2346         (WebCore::ContentSecurityPolicy::deprecatedURLForReporting const): Extracted and simplified stripURLForUseInReport()
2347         into this member function.
2348         (WebCore::ContentSecurityPolicy::reportViolation const): Modified to make use of the client, if we have
2349         one and removed code for handling a ContentSecurityPolicy that was instantiated with a Frame.
2350         (WebCore::ContentSecurityPolicy::logToConsole const): Ditto.
2351         (WebCore::stripURLForUseInReport): Deleted; incorporated into ContentSecurityPolicy::deprecatedURLForReporting().
2352         * page/csp/ContentSecurityPolicy.h:
2353         * page/csp/ContentSecurityPolicyClient.cpp: Added. This file exists so that we can define the virtual
2354         destructor out-of-line and export this abstract class so as to avoid the need for the vtable to be
2355         defined in the translation unit of each derived class.
2356         * page/csp/ContentSecurityPolicyClient.h: Added.
2357         * page/csp/ContentSecurityPolicySource.cpp:
2358         (WebCore::ContentSecurityPolicySource::operator SecurityOriginData const): Added.
2359         * page/csp/ContentSecurityPolicySource.h:
2360         * workers/WorkerGlobalScope.cpp:
2361         (WebCore::WorkerGlobalScope::WorkerGlobalScope): Instantiate the ContentSecurityPolicy object with the
2362         URL of the worker script.
2363
2364 2018-05-07  Simon Fraser  <simon.fraser@apple.com>
2365
2366         CSS filters which reference SVG filters fail to respect the "color-interpolation-filters" of the filter
2367         https://bugs.webkit.org/show_bug.cgi?id=185343
2368
2369         Reviewed by Dean Jackson.
2370
2371         Test: css3/filters/color-interpolation-filters.html
2372         
2373         When applying CSS reference filters, apply the value of "color-interpolation-filters" for the
2374         referenced filter effect element, just as we do for SVG filters.
2375
2376         * rendering/FilterEffectRenderer.cpp:
2377         (WebCore::FilterEffectRenderer::buildReferenceFilter):
2378
2379 2018-05-07  Daniel Bates  <dabates@apple.com>
2380
2381         CSP status-code incorrect for document blocked due to violation of its frame-ancestors directive
2382         https://bugs.webkit.org/show_bug.cgi?id=185366
2383         <rdar://problem/40035116>
2384
2385         Reviewed by Brent Fulgham.
2386
2387         Fixes an issue where the status-code in the sent CSP report for an HTTP document blocked because
2388         its frame-ancestors directive was violated would be the status code of the previously loaded
2389         document in the frame. If the previously loaded document was about:blank then this would be 0.
2390
2391         Currently whenever we send a CSP report we ask the document's loader (Document::loader()) for the
2392         HTTP status code for the last response. Document::loader() returns the loader for the last committed
2393         document its frame. For a frame-ancestors violation, a CSP report is sent before the document
2394         that had the frame-ancestors directive has been committed and after it has been associate with a frame.
2395         As a result we are in are in a transient transition state for the frame and hence the last response
2396         for new document's loader (Document::loader()) is actually the last response of the previously loaded
2397         document in the frame. Instead we need to take care to tell CSP about the HTTP status code for the
2398         response associated with the document the CSP came from.
2399
2400         * dom/Document.cpp:
2401         (WebCore::Document::processHttpEquiv):
2402         (WebCore::Document::initSecurityContext):
2403         Pass the HTTP status code to CSP.
2404
2405         * page/csp/ContentSecurityPolicy.cpp:
2406         (WebCore::ContentSecurityPolicy::copyStateFrom):
2407         (WebCore::ContentSecurityPolicy::responseHeaders const):
2408         (WebCore::ContentSecurityPolicy::didReceiveHeaders):
2409         (WebCore::ContentSecurityPolicy::didReceiveHeader):
2410         (WebCore::ContentSecurityPolicy::reportViolation const):
2411         * page/csp/ContentSecurityPolicy.h:
2412         Modify existing functions to take the HTTP status code, store it in a instance variable,
2413         and reference this variable when reporting a violation.
2414
2415         * page/csp/ContentSecurityPolicyResponseHeaders.cpp:
2416         (WebCore::ContentSecurityPolicyResponseHeaders::ContentSecurityPolicyResponseHeaders):
2417         (WebCore::ContentSecurityPolicyResponseHeaders::isolatedCopy const):
2418         * page/csp/ContentSecurityPolicyResponseHeaders.h:
2419         (WebCore::ContentSecurityPolicyResponseHeaders::encode const):
2420         (WebCore::ContentSecurityPolicyResponseHeaders::decode):
2421         Store the HTTP status code along with the response headers.
2422
2423 2018-05-07  Daniel Bates  <dabates@apple.com>
2424
2425         CSP referrer incorrect for document blocked due to violation of its frame-ancestors directive
2426         https://bugs.webkit.org/show_bug.cgi?id=185380
2427
2428         Reviewed by Brent Fulgham.
2429
2430         Similar to <https://bugs.webkit.org/show_bug.cgi?id=185366>, fixes an issue where the referrer
2431         in the sent CSP report for an HTTP document blocked because its frame-ancestors directive was
2432         violated would be the referrer of the previously loaded document in the frame.
2433
2434         Currently whenever we send a CSP report we ask the document's loader (Document::loader()) for
2435         the referrer for the last request. Document::loader() returns the loader for the last committed
2436         document in its frame. For a frame-ancestors violation, a CSP report is sent before the document
2437         that had the frame-ancestors directive has been committed and after it has been associate with a
2438         frame. As a result we are in a transient transition state for the frame and hence the last request
2439         for the new document's loader (Document::loader()) is actually the last request of the previously
2440         loaded document in the frame. Instead we need to take care to tell CSP about the referrer for the
2441         request associated with the document the CSP came from.
2442
2443         * loader/DocumentLoader.cpp:
2444         (WebCore::DocumentLoader::responseReceived):
2445
2446 2018-05-07  Brent Fulgham  <bfulgham@apple.com>
2447
2448         Add experimental feature to prompt for Storage Access API use
2449         https://bugs.webkit.org/show_bug.cgi?id=185335
2450         <rdar://problem/39994649>
2451
2452         Reviewed by Alex Christensen and Youenn Fablet.
2453
2454         Create a new experimental feature that gates the ability of WebKit clients to prompt the user when
2455         Storage Access API is invoked.
2456
2457         Currently this feature doesn't have any user-visible impact.
2458
2459         * page/RuntimeEnabledFeatures.h:
2460         (WebCore::RuntimeEnabledFeatures::setStorageAccessPromptsEnabled):
2461         (WebCore::RuntimeEnabledFeatures::storageAccessPromptsEnabled const):
2462         * testing/InternalSettings.cpp:
2463         (WebCore::InternalSettings::Backup::Backup):
2464         (WebCore::InternalSettings::Backup::restoreTo):
2465         (WebCore::InternalSettings::setStorageAccessPromptsEnabled):
2466         * testing/InternalSettings.h:
2467         * testing/InternalSettings.idl:
2468
2469 2018-05-07  Chris Dumez  <cdumez@apple.com>
2470
2471         Stop using an iframe's id as fallback if its name attribute is not set
2472         https://bugs.webkit.org/show_bug.cgi?id=11388
2473
2474         Reviewed by Geoff Garen.
2475
2476         WebKit had logic to use an iframe's id as fallback name when its name
2477         content attribute is not set. This behavior was not standard and did not
2478         match other browsers:
2479         - https://html.spec.whatwg.org/#attr-iframe-name
2480
2481         Gecko / Trident never behaved this way. Blink was aligned with us until
2482         they started to match the specification in:
2483         - https://bugs.chromium.org/p/chromium/issues/detail?id=347169
2484
2485         This WebKit quirk was causing some Web-compatibility issues because it
2486         would affect the behavior of Window's name property getter when trying
2487         to look up an iframe by id. Because of Window's named property getter
2488         behavior [1], we would return the frame's contentWindow instead of the
2489         iframe element itself.
2490
2491         [1] https://html.spec.whatwg.org/multipage/window-object.html#named-access-on-the-window-object
2492
2493         Test: fast/dom/Window/named-getter-frame-id.html
2494
2495         * html/HTMLFrameElementBase.cpp:
2496         (WebCore::HTMLFrameElementBase::openURL):
2497         (WebCore::HTMLFrameElementBase::parseAttribute):
2498         (WebCore::HTMLFrameElementBase::didFinishInsertingNode):
2499         * html/HTMLFrameElementBase.h:
2500
2501 2018-05-07  Chris Dumez  <cdumez@apple.com>
2502
2503         ASSERT(!childItemWithTarget(child->target())) is hit in HistoryItem::addChildItem()
2504         https://bugs.webkit.org/show_bug.cgi?id=185322
2505
2506         Reviewed by Geoff Garen.
2507
2508         We generate unique names for Frame to be used in HistoryItem. Those names not only
2509         need to be unique, they also need to be repeatable to avoid layout tests flakiness
2510         and for things like restoring form state from a HistoryItem.
2511
2512         The previously generated frame names were relying on the Frame's index among a
2513         parent Frame's children. The issue was that we could end up with duplicate names
2514         because one could insert a Frame *before* an existing one. This is because the code
2515         would not take care of updating existing Frames' unique name on frame tree mutation.
2516
2517         Updating frame tree names on mutation would be inefficient and is also not necessary.
2518         The approach chosen in this patch is to stop using the Frame's index and instead rely
2519         on an increasing counter stored on the top-frame's FrameTree. To make the names
2520         repeatable, we reset the counter on page navigation.
2521
2522         * page/Frame.cpp:
2523         (WebCore::Frame::setDocument):
2524         * page/FrameTree.cpp:
2525         (WebCore::FrameTree::uniqueChildName const):
2526         (WebCore::FrameTree::generateUniqueName const):
2527         * page/FrameTree.h:
2528         (WebCore::FrameTree::resetFrameIdentifiers):
2529
2530 2018-05-07  Yacine Bandou  <yacine.bandou_ext@softathome.com>
2531
2532         [EME][GStreamer] Fix wrong subsample parsing on r227067
2533         https://bugs.webkit.org/show_bug.cgi?id=185382
2534
2535         Reviewed by Philippe Normand.
2536
2537         The initialization of sampleIndex should be moved outside of the loop.
2538         Without this patch we will have a bad log and the check of the subsample
2539         count will be useless.
2540
2541         * platform/graphics/gstreamer/eme/WebKitClearKeyDecryptorGStreamer.cpp:
2542         (webKitMediaClearKeyDecryptorDecrypt):
2543
2544 2018-05-07  Daniel Bates  <dabates@apple.com>
2545
2546         CSP should be passed the referrer
2547         https://bugs.webkit.org/show_bug.cgi?id=185367
2548
2549         Reviewed by Per Arne Vollan.
2550
2551         As a step towards formalizing a CSP delegate object and removing the dependencies
2552         on ScriptExecutionContext and Frame, we should pass the document's referrer directly
2553         instead of indirectly obtaining it from the ScriptExecutionContext or Frame used
2554         to instantiate the ContentSecurityPolicy object.
2555
2556         * dom/Document.cpp:
2557         (WebCore::Document::processHttpEquiv): Pass the document's referrer.
2558         (WebCore::Document::initSecurityContext): Ditto.
2559         (WebCore::Document::applyQuickLookSandbox): Ditto.
2560         * loader/DocumentLoader.cpp:
2561         (WebCore::DocumentLoader::responseReceived): Ditto.
2562         * loader/FrameLoader.cpp:
2563         (WebCore::FrameLoader::didBeginDocument): Ditto.
2564         * page/csp/ContentSecurityPolicy.cpp:
2565         (WebCore::ContentSecurityPolicy::copyStateFrom): We pass a null string for the referrer
2566         to didReceiveHeader() as a placeholder since it requires the referrer be given to it. We
2567         fix up the referrer (m_referrer) after copying all the policy headers.
2568         (WebCore::ContentSecurityPolicy::didReceiveHeaders): Ditto.
2569         (WebCore::ContentSecurityPolicy::didReceiveHeader): Modified to take a referrer and WTFMove()s
2570         it into an instance variable (m_referrer).
2571         (WebCore::ContentSecurityPolicy::reportViolation const): Modified to use the stored referrer.
2572         * page/csp/ContentSecurityPolicy.h:
2573         * workers/WorkerGlobalScope.cpp:
2574         (WebCore::WorkerGlobalScope::applyContentSecurityPolicyResponseHeaders): Pass a null string
2575         for the referrer as a worker does not have a referrer.
2576
2577 2018-05-07  Daniel Bates  <dabates@apple.com>
2578
2579         CSP should only notify Inspector to pause the debugger on the first policy to violate a directive
2580         https://bugs.webkit.org/show_bug.cgi?id=185364
2581
2582         Reviewed by Brent Fulgham.
2583
2584         Notify Web Inspector that a script was blocked on the first enforced CSP policy that it
2585         violates.
2586
2587         A page can have more than one enforced Content Security Policy. Currently for inline
2588         scripts, inline event handlers, JavaScript URLs, and eval() that are blocked by CSP
2589         we notify Web Inspector that it was blocked for each CSP policy that blocked it. When
2590         Web Inspector is notified it pauses script execution. It does not seem very meaningful
2591         to pause script execution on the same script for each CSP policy that blocked it.
2592         Therefore, only tell Web Inspector that a script was blocked for the first enforced CSP
2593         policy that blocked it.
2594
2595         * page/csp/ContentSecurityPolicy.cpp:
2596         (WebCore::ContentSecurityPolicy::allowJavaScriptURLs const):
2597         (WebCore::ContentSecurityPolicy::allowInlineEventHandlers const):
2598         (WebCore::ContentSecurityPolicy::allowInlineScript const):
2599         (WebCore::ContentSecurityPolicy::allowEval const):
2600
2601 2018-05-07  Daniel Bates  <dabates@apple.com>
2602
2603         Substitute CrossOriginPreflightResultCache::clear() for CrossOriginPreflightResultCache::empty()
2604         https://bugs.webkit.org/show_bug.cgi?id=185170
2605
2606         Reviewed by Per Arne Vollan.
2607
2608         Rename CrossOriginPreflightResultCache::empty() to CrossOriginPreflightResultCache::clear() make
2609         it consistent with the terminology we use in WebKit to signify a function that clears a collection.
2610         A member function named "empty" is expected to return an instance of a class in its "empty state".
2611         For example, StringImpl::empty() returns a StringImpl instance that represents the empty string.
2612         However CrossOriginPreflightResultCache::empty() clears out the cache in-place. We should rename
2613         this function to better describe its purpose.
2614
2615         * loader/CrossOriginPreflightResultCache.cpp:
2616         (WebCore::CrossOriginPreflightResultCache::clear):
2617         (WebCore::CrossOriginPreflightResultCache::empty): Deleted.
2618         * loader/CrossOriginPreflightResultCache.h:
2619
2620 2018-05-06  Dean Jackson  <dino@apple.com>
2621
2622         WebGL: Reset simulated values after validation fails
2623         https://bugs.webkit.org/show_bug.cgi?id=185363
2624         <rdar://problem/39733417>
2625
2626         Reviewed by Anders Carlsson.
2627
2628         While fixing a previous bug, I forgot to reset some values
2629         when validation fails. This caused a bug where a subsequent
2630         invalid call might use those values and escape detection.
2631
2632         Test: fast/canvas/webgl/index-validation-with-subsequent-draws.html
2633
2634         * html/canvas/WebGLRenderingContextBase.cpp:
2635         (WebCore::WebGLRenderingContextBase::simulateVertexAttrib0): Reset the
2636         sizes when validation fails.
2637         * html/canvas/WebGLRenderingContextBase.h:
2638
2639 2018-05-07  Ms2ger  <Ms2ger@igalia.com>
2640
2641         Support negative sw/sh values in createImageBitmap().
2642         https://bugs.webkit.org/show_bug.cgi?id=184449
2643
2644         Reviewed by Dean Jackson.
2645
2646         Tests: LayoutTests/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-drawImage.html
2647                LayoutTests/http/wpt/2dcontext/imagebitmap/createImageBitmap.html
2648
2649         * html/ImageBitmap.cpp:
2650         (WebCore::ImageBitmap::createPromise): handle negative values per spec.
2651
2652 2018-05-07  Brian Burg  <bburg@apple.com>
2653
2654         Web Inspector: opt out of process swap on navigation if a Web Inspector frontend is connected
2655         https://bugs.webkit.org/show_bug.cgi?id=184861
2656         <rdar://problem/39153768>
2657
2658         Reviewed by Timothy Hatcher.
2659
2660         Notify the client of the current connection count whenever a frontend connects or disconnects.
2661
2662         Covered by new API test.
2663
2664         * inspector/InspectorClient.h:
2665         (WebCore::InspectorClient::frontendCountChanged):
2666         * inspector/InspectorController.cpp:
2667         (WebCore::InspectorController::connectFrontend):
2668         (WebCore::InspectorController::disconnectFrontend):
2669         (WebCore::InspectorController::disconnectAllFrontends):
2670         * inspector/InspectorController.h:
2671
2672 2018-05-07  Eric Carlson  <eric.carlson@apple.com>
2673
2674         Text track cue logging should include cue text
2675         https://bugs.webkit.org/show_bug.cgi?id=185353
2676         <rdar://problem/40003565>
2677
2678         Reviewed by Youenn Fablet.
2679
2680         No new tests, tested manually.
2681
2682         * html/track/VTTCue.cpp:
2683         (WebCore::VTTCue::toJSONString const): Use toJSON.
2684         (WebCore::VTTCue::toJSON const): New.
2685         * html/track/VTTCue.h:
2686
2687         * platform/graphics/InbandTextTrackPrivateClient.h:
2688         (WebCore::GenericCueData::toJSONString const): Log m_content.
2689
2690         * platform/graphics/iso/ISOVTTCue.cpp:
2691         (WebCore::ISOWebVTTCue::toJSONString const): Log m_cueText.
2692
2693 2018-05-06  Zalan Bujtas  <zalan@apple.com>
2694
2695         [LFC] Add assertions for stale Display::Box geometry
2696         https://bugs.webkit.org/show_bug.cgi?id=185357
2697
2698         Reviewed by Antti Koivisto.
2699
2700         Ensure that we don't access stale geometry of other boxes during layout.
2701         For example, in order to layout a block child we need the containing block's content box top/left and width (but not the height)
2702
2703         * layout/displaytree/DisplayBox.h:
2704         (WebCore::Display::Box::invalidateTop):
2705         (WebCore::Display::Box::invalidateLeft):
2706         (WebCore::Display::Box::invalidateWidth):
2707         (WebCore::Display::Box::invalidateHeight):
2708         (WebCore::Display::Box::hasValidPosition const):
2709         (WebCore::Display::Box::hasValidSize const):
2710         (WebCore::Display::Box::hasValidGeometry const):
2711         (WebCore::Display::Box::invalidatePosition):
2712         (WebCore::Display::Box::invalidateSize):
2713         (WebCore::Display::Box::setHasValidPosition):
2714         (WebCore::Display::Box::setHasValidSize):
2715         (WebCore::Display::Box::setHasValidGeometry):
2716         (WebCore::Display::Box::rect const):
2717         (WebCore::Display::Box::top const):
2718         (WebCore::Display::Box::left const):
2719         (WebCore::Display::Box::bottom const):
2720         (WebCore::Display::Box::right const):
2721         (WebCore::Display::Box::topLeft const):
2722         (WebCore::Display::Box::bottomRight const):
2723         (WebCore::Display::Box::size const):
2724         (WebCore::Display::Box::width const):
2725         (WebCore::Display::Box::height const):
2726         (WebCore::Display::Box::setRect):
2727         (WebCore::Display::Box::setTopLeft):
2728         (WebCore::Display::Box::setTop):
2729         (WebCore::Display::Box::setLeft):
2730         (WebCore::Display::Box::setSize):
2731         (WebCore::Display::Box::setWidth):
2732         (WebCore::Display::Box::setHeight):
2733
2734 2018-05-06  Zalan Bujtas  <zalan@apple.com>
2735
2736         [LFC] Add BlockFormattingContext::computeStaticPosition
2737         https://bugs.webkit.org/show_bug.cgi?id=185352
2738
2739         Reviewed by Antti Koivisto.
2740
2741         This is the core logic for positioning inflow boxes in a block formatting context (very naive though).
2742
2743         * layout/blockformatting/BlockFormattingContext.cpp:
2744         (WebCore::Layout::BlockFormattingContext::computeStaticPosition const):
2745         * layout/displaytree/DisplayBox.h:
2746
2747 2018-05-05  Sam Weinig  <sam@webkit.org>
2748
2749         Cleanup XMLHttpRequestUpload a little
2750         https://bugs.webkit.org/show_bug.cgi?id=185344
2751
2752         Reviewed by Yusuke Suzuki.
2753
2754         * bindings/js/JSXMLHttpRequestCustom.cpp:
2755         (WebCore::JSXMLHttpRequest::visitAdditionalChildren):
2756         Use auto to reduce redundancy.
2757
2758         * xml/XMLHttpRequest.cpp:
2759         (WebCore::XMLHttpRequest::upload):
2760         * xml/XMLHttpRequest.h:
2761         Switch upload() to return a reference.
2762         
2763         * xml/XMLHttpRequestUpload.cpp:
2764         (WebCore::XMLHttpRequestUpload::XMLHttpRequestUpload):
2765         (WebCore::XMLHttpRequestUpload::dispatchProgressEvent):
2766         * xml/XMLHttpRequestUpload.h:
2767         Cleanup formatting, modernize and switch XMLHttpRequest member from a pointer
2768         to a reference.
2769
2770 2018-05-05  Dean Jackson  <dino@apple.com>
2771
2772         Draw a drop-shadow behind the system preview badge
2773         https://bugs.webkit.org/show_bug.cgi?id=185356
2774         <rdar://problem/40004936>
2775
2776         Reviewed by Wenson Hsieh.
2777
2778         Draw a very subtle drop-shadow under the system
2779         preview badge so that it is more visible on a pure
2780         white background.
2781
2782         I also moved some code around to make it more clear
2783         and improved comments.
2784
2785         * rendering/RenderThemeIOS.mm:
2786         (WebCore::RenderThemeIOS::paintSystemPreviewBadge):
2787
2788 2018-05-04  Wenson Hsieh  <wenson_hsieh@apple.com>
2789
2790         [iOS] Multiple links in Mail are dropped in a single line, and are difficult to tell apart
2791         https://bugs.webkit.org/show_bug.cgi?id=185289
2792         <rdar://problem/35756912>
2793
2794         Reviewed by Tim Horton and Darin Adler.
2795
2796         When inserting multiple URLs as individual items in a single drop, we currently separate each item with a space
2797         (see r217284). However, it still seems difficult to tell dropped links apart. This patch makes some slight
2798         tweaks to WebContentReader::readURL so that it inserts line breaks before dropped URLs, if the dropped URL isn't
2799         the first item to be inserted in the resulting document fragment.
2800
2801         Augments existing API tests in DataInteractionTests.
2802
2803         * editing/ios/WebContentReaderIOS.mm:
2804
2805         Additionally remove some extraneous header imports from this implementation file.
2806
2807         (WebCore::WebContentReader::readURL):
2808
2809 2018-05-02  Dean Jackson  <dino@apple.com>
2810
2811         Use IOSurfaces for CoreImage operations where possible
2812         https://bugs.webkit.org/show_bug.cgi?id=185230
2813         <rdar://problem/39926929>
2814
2815         Reviewed by Jon Lee.
2816
2817         On iOS hardware, we can use IOSurfaces as a rendering destination
2818         for CoreImage, which means we're keeping data on the GPU
2819         for rendering.
2820
2821         As a drive-by fix, I used a convenience method for Gaussian blurs.
2822
2823         * rendering/RenderThemeIOS.mm:
2824         (WebCore::RenderThemeIOS::paintSystemPreviewBadge):
2825
2826 2018-05-04  Tim Horton  <timothy_horton@apple.com>
2827
2828         Shift to a lower-level framework for simplifying URLs
2829         https://bugs.webkit.org/show_bug.cgi?id=185334
2830
2831         Reviewed by Dan Bernstein.
2832
2833         * Configurations/WebCore.xcconfig:
2834         * platform/mac/DragImageMac.mm:
2835         (WebCore::LinkImageLayout::LinkImageLayout):
2836
2837 2018-05-03  Ryosuke Niwa  <rniwa@webkit.org>
2838
2839         Release assert in ScriptController::canExecuteScripts via HTMLMediaElement::~HTMLMediaElement()
2840         https://bugs.webkit.org/show_bug.cgi?id=185288
2841
2842         Reviewed by Jer Noble.
2843
2844         The crash is caused by HTMLMediaElement::~HTMLMediaElement canceling the resource load via CachedResource
2845         which ends up calling FrameLoader::checkCompleted() and fire load event on the document synchronously.
2846         Speculatively fix the crash by scheduling the check instead.
2847
2848         In long term, ResourceLoader::cancel should never fire load event synchronously: webkit.org/b/185284.
2849
2850         Unfortunately, no new tests since I can't get MediaResource to get destructed at the right time.
2851
2852         * html/HTMLMediaElement.cpp:
2853         (WebCore::HTMLMediaElement::isRunningDestructor): Added to detect this specific case.
2854         (WebCore::HTMLMediaElementDestructorScope): Added.
2855         (WebCore::HTMLMediaElementDestructorScope::HTMLMediaElementDestructorScope): Added.
2856         (WebCore::HTMLMediaElementDestructorScope::~HTMLMediaElementDestructorScope): Added.
2857         (WebCore::HTMLMediaElement::~HTMLMediaElement): Instantiate HTMLMediaElement.
2858         * html/HTMLMediaElement.h:
2859         * loader/FrameLoader.cpp:
2860         (WebCore::FrameLoader::checkCompleted): Call scheduleCheckCompleted instead of synchronously calling
2861         checkCompleted if we're in the middle of destructing a HTMLMediaElement.
2862
2863 2018-05-04  Ryosuke Niwa  <rniwa@webkit.org>
2864
2865         Rename DocumentOrderedMap to TreeScopeOrderedMap
2866         https://bugs.webkit.org/show_bug.cgi?id=185290
2867
2868         Reviewed by Zalan Bujtas.
2869
2870         Renamed the class since it's almost always a mistake to use this class as a member variable of Document.
2871
2872         * Sources.txt:
2873         * WebCore.xcodeproj/project.pbxproj:
2874         * dom/MouseRelatedEvent.cpp: Include the forgotten DOMWindow.h. Unified build files bit us here.
2875         * dom/TreeScope.cpp:
2876         (WebCore::TreeScope::addElementById):
2877         (WebCore::TreeScope::addElementByName):
2878         (WebCore::TreeScope::addImageMap):
2879         (WebCore::TreeScope::addImageElementByUsemap):
2880         (WebCore::TreeScope::labelElementForId):
2881         * dom/TreeScope.h:
2882         * dom/TreeScopeOrderedMap.cpp: Renamed from DocumentOrderedMap.cpp
2883         * dom/TreeScopeOrderedMap.h: Renamed from DocumentOrderedMap.h
2884         * html/HTMLDocument.h:
2885
2886 2018-05-04  Don Olmstead  <don.olmstead@sony.com>
2887
2888         [Win][WebKit] Fix forwarding headers for Windows build
2889         https://bugs.webkit.org/show_bug.cgi?id=184412
2890
2891         Reviewed by Alex Christensen.
2892
2893         No new tests. No change in behavior.
2894
2895         * PlatformWin.cmake:
2896
2897 2018-05-04  Zalan Bujtas  <zalan@apple.com>
2898
2899         [Simple line layout] Add support for line layout box generation with multiple text renderers.
2900         https://bugs.webkit.org/show_bug.cgi?id=185276
2901
2902         Reviewed by Antti Koivisto.
2903
2904         Covered by existing tests.
2905
2906         * rendering/SimpleLineLayoutFunctions.cpp:
2907         (WebCore::SimpleLineLayout::canUseForLineBoxTree):
2908         (WebCore::SimpleLineLayout::generateLineBoxTree):
2909         * rendering/SimpleLineLayoutResolver.cpp:
2910         (WebCore::SimpleLineLayout::RunResolver::Run::renderer const):
2911         (WebCore::SimpleLineLayout::RunResolver::Run::localStart const):
2912         (WebCore::SimpleLineLayout::RunResolver::Run::localEnd const):
2913         * rendering/SimpleLineLayoutResolver.h:
2914
2915 2018-05-04  Timothy Hatcher  <timothy@apple.com>
2916
2917         Deprecate legacy WebView and friends
2918         https://bugs.webkit.org/show_bug.cgi?id=185279
2919         rdar://problem/33268700
2920
2921         Reviewed by Tim Horton.
2922
2923         * Configurations/WebCore.xcconfig:
2924         Added BUILDING_WEBKIT define to disable the deprecation macros.
2925         * bridge/objc/WebScriptObject.h:
2926         Added deprecation macros to WebScriptObject and WebUndefined.
2927         * platform/cocoa/WebKitAvailability.h:
2928         Added more macros and a way to disable deprecation warnings for
2929         WebKit build and in clients like Safari.
2930
2931 2018-05-04  Eric Carlson  <eric.carlson@apple.com>
2932
2933         Log media time range as JSON
2934         https://bugs.webkit.org/show_bug.cgi?id=185321
2935         <rdar://problem/39986746>
2936
2937         Reviewed by Youenn Fablet.
2938
2939         No new tests, tested manually.
2940
2941         * html/HTMLMediaElement.cpp:
2942         (WebCore::HTMLMediaElement::addPlayedRange): Log as time range.
2943         (WebCore::HTMLMediaElement::visibilityStateChanged): Cleanup.
2944
2945         * platform/graphics/MediaPlayer.h:
2946         (WTF::LogArgument<MediaTime>::toString):
2947         (WTF::LogArgument<MediaTimeRange>::toString):
2948
2949         * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp:
2950         (WebCore::InbandTextTrackPrivateAVF::processAttributedStrings): Log error as time range.
2951
2952 2018-05-04  Zalan Bujtas  <zalan@apple.com>
2953
2954         Use the containing block to compute the pagination gap when the container is inline.
2955         https://bugs.webkit.org/show_bug.cgi?id=184724
2956         <rdar://problem/39521800>
2957
2958         Reviewed by Simon Fraser.
2959
2960         Test: fast/overflow/page-overflow-with-inline-body-crash.html
2961
2962         * page/FrameView.cpp:
2963         (WebCore::FrameView::applyPaginationToViewport):
2964
2965 2018-05-04  Tim Horton  <timothy_horton@apple.com>
2966
2967         Don't use GSFont* in minimal simulator mode
2968         https://bugs.webkit.org/show_bug.cgi?id=185320
2969         <rdar://problem/39734478>
2970
2971         Reviewed by Beth Dakin.
2972
2973         * page/cocoa/MemoryReleaseCocoa.mm:
2974         (WebCore::platformReleaseMemory):
2975
2976 2018-05-04  Chris Dumez  <cdumez@apple.com>
2977
2978         Unreviewed, rolling out r231331.
2979
2980         Caused a few tests to assert
2981
2982         Reverted changeset:
2983
2984         "Stop using an iframe's id as fallback if its name attribute
2985         is not set"
2986         https://bugs.webkit.org/show_bug.cgi?id=11388
2987         https://trac.webkit.org/changeset/231331
2988
2989 2018-05-04  Youenn Fablet  <youenn@apple.com>
2990
2991         Use more references in updateTracksOfType
2992         https://bugs.webkit.org/show_bug.cgi?id=185305
2993
2994         Reviewed by Eric Carlson.
2995
2996         No change of behavior.
2997
2998         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
2999         (WebCore::updateTracksOfType):
3000         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateTracks):
3001
3002 2018-05-04  Myles C. Maxfield  <mmaxfield@apple.com>
3003
3004         Text shaping in the simple path is flipped in the y direction
3005         https://bugs.webkit.org/show_bug.cgi?id=185062
3006         <rdar://problem/39778678>
3007
3008         Reviewed by Simon Fraser.
3009
3010         Shaping in our simple codepath occurs in an "increasing-y-goes-up" coordinate system, but our painting
3011         code uses an "increasing-y-goes-down" coordinate system. We weren't fixing up the coordinate systems
3012         because we never noticed. This is because the simple codepath is only designed for kerning and ligatures,
3013         neither of which move glyphs vertically in the common case.
3014
3015         Test: fast/text/vertical-displacement-simple-codepath.html
3016
3017         * platform/graphics/Font.cpp:
3018         (WebCore::Font::applyTransforms const):
3019         * platform/graphics/WidthIterator.cpp:
3020         (WebCore::WidthIterator::applyFontTransforms):
3021
3022 2018-05-04  Chris Nardi  <cnardi@chromium.org>
3023
3024         Serialize all URLs with double-quotes per CSSOM spec
3025         https://bugs.webkit.org/show_bug.cgi?id=184935
3026
3027         Reviewed by Antti Koivisto.
3028
3029         According to https://drafts.csswg.org/cssom/#serialize-a-url, all URLs should be serialized as strings,
3030         which means they should have double quotes around the text of the URL. Update our implementation to match
3031         this (and Firefox/Chrome). Also remove isCSSTokenizerURL() as this method is no longer needed.
3032
3033         Tests: Many LayoutTests updated to use double quotes.
3034
3035         * css/CSSMarkup.cpp:
3036         (WebCore::serializeString): Remove FIXME as this was already fixed in a previous patch.
3037         (WebCore::serializeURL): Remove FIXME and update implementation.
3038
3039 2018-05-04  Youenn Fablet  <youenn@apple.com>
3040
3041         LayoutTests/fast/mediastream/change-tracks-media-stream-being-played.html is crashing after r231304
3042         https://bugs.webkit.org/show_bug.cgi?id=185303
3043
3044         Reviewed by Eric Carlson.
3045
3046         We need to stop observing the audio track like we do for video track once we are no longer interested in it.
3047         Covered by test no longer crashing.
3048
3049         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
3050         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateTracks):
3051
3052 2018-05-04  Zalan Bujtas  <zalan@apple.com>
3053
3054         [LFC] Set the invalidation root as the result of style change.
3055         https://bugs.webkit.org/show_bug.cgi?id=185301
3056
3057         Reviewed by Antti Koivisto.
3058
3059         Compute/propagate the update type on the ancestor chain and return the invalidation root
3060         so that LayoutContext could use it as the entry point for the next layout frame.
3061
3062         * layout/LayoutContext.cpp:
3063         (WebCore::Layout::LayoutContext::updateLayout):
3064         (WebCore::Layout::LayoutContext::styleChanged):
3065         * layout/LayoutContext.h: order is not important.
3066         * layout/blockformatting/BlockInvalidation.cpp:
3067         (WebCore::Layout::invalidationStopsAtFormattingContextBoundary):
3068         (WebCore::Layout::computeUpdateType):
3069         (WebCore::Layout::computeUpdateTypeForAncestor):
3070         (WebCore::Layout::BlockInvalidation::invalidate):
3071         * layout/blockformatting/BlockInvalidation.h:
3072         * layout/inlineformatting/InlineInvalidation.cpp:
3073         (WebCore::Layout::InlineInvalidation::invalidate):
3074         * layout/inlineformatting/InlineInvalidation.h:
3075
3076 2018-05-04  Youenn Fablet  <youenn@apple.com>
3077
3078         PeerConnection should have its connectionState closed even if doing gathering
3079         https://bugs.webkit.org/show_bug.cgi?id=185267
3080
3081         Reviewed by Darin Adler.
3082
3083         Test: webrtc/addICECandidate-closed.html
3084
3085         In case m_iceConnectionState is closed, m_connectionState should also be set to closed
3086         and RTCPeerConnection should be closed so as to reject any other call.
3087
3088         * Modules/mediastream/RTCPeerConnection.cpp:
3089         (WebCore::RTCPeerConnection::close):
3090         (WebCore::RTCPeerConnection::updateConnectionState):
3091
3092 2018-05-04  Yacine Bandou  <yacine.bandou_ext@softathome.com>
3093
3094         [MSE][GStreamer] Delete properly the stream from the WebKitMediaSource
3095         https://bugs.webkit.org/show_bug.cgi?id=185242
3096
3097         Reviewed by Xabier Rodriguez-Calvar.
3098
3099         When the sourceBuffer is removed from mediasource, the appropriate stream is not
3100         properly deleted from WebKitMediaSource, because the appsrc and parser elements
3101         of the stream are not removed from the WebKitMediaSource bin.
3102
3103         This patch avoids the regression of r231089, see https://bugs.webkit.org/show_bug.cgi?id=185071
3104
3105         * platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamer.cpp:
3106         (webKitMediaSrcFreeStream):
3107
3108 2018-05-04  Carlos Garcia Campos  <cgarcia@igalia.com>
3109
3110         [GTK] Epiphany (GNOME Web) says "Error downloading: Service Unavailable." when trying to download an image from discogs.com
3111         https://bugs.webkit.org/show_bug.cgi?id=174730
3112
3113         Reviewed by Michael Catanzaro.
3114
3115         Export ResourceRequestBase::hasHTTPHeaderField().
3116
3117         * platform/network/ResourceRequestBase.h:
3118
3119 2018-05-03  Yusuke Suzuki  <utatane.tea@gmail.com>
3120
3121         Use subprocess.call instead of os.system to handle path with spaces
3122         https://bugs.webkit.org/show_bug.cgi?id=185291
3123
3124         Reviewed by Darin Adler.
3125
3126         If gperf path includes spaces, these python scripts fail to execute gperf.
3127         We use subprocess module instead of os.system to invoke gperf.
3128
3129         * css/makeSelectorPseudoClassAndCompatibilityElementMap.py:
3130         * css/makeSelectorPseudoElementsMap.py:
3131         * platform/network/create-http-header-name-table:
3132
3133 2018-05-03  Yusuke Suzuki  <utatane.tea@gmail.com>
3134
3135         Unreviewed, attempt to fix WinCairo build failure
3136         https://bugs.webkit.org/show_bug.cgi?id=185218
3137
3138         * platform/text/win/LocaleWin.cpp:
3139         (WebCore::LocaleWin::getLocaleInfoString):
3140
3141 2018-05-03  Filip Pizlo  <fpizlo@apple.com>
3142
3143         Strings should not be allocated in a gigacage
3144         https://bugs.webkit.org/show_bug.cgi?id=185218
3145
3146         Reviewed by Saam Barati.
3147
3148         No new tests because no new behavior.
3149
3150         * Modules/indexeddb/server/IDBSerialization.cpp:
3151         (WebCore::decodeKey):
3152         * bindings/js/SerializedScriptValue.cpp:
3153         (WebCore::CloneDeserializer::readString):
3154         * html/canvas/CanvasRenderingContext2D.cpp:
3155         (WebCore::normalizeSpaces):
3156         * html/parser/HTMLTreeBuilder.cpp:
3157         (WebCore::HTMLTreeBuilder::ExternalCharacterTokenBuffer::takeRemainingWhitespace):
3158         * platform/URLParser.cpp:
3159         (WebCore::percentEncodeByte):
3160         (WebCore::serializeURLEncodedForm):
3161         (WebCore::URLParser::serialize):
3162         * platform/URLParser.h:
3163         * platform/graphics/FourCC.cpp:
3164         (WebCore::FourCC::toString const):
3165         * platform/graphics/ca/GraphicsLayerCA.cpp:
3166         (WebCore::GraphicsLayerCA::ReplicaState::cloneID const):
3167         * platform/text/LocaleICU.cpp:
3168         (WebCore::LocaleICU::decimalSymbol):
3169         (WebCore::LocaleICU::decimalTextAttribute):
3170         (WebCore::getDateFormatPattern):
3171         (WebCore::LocaleICU::createLabelVector):
3172         (WebCore::getFormatForSkeleton):
3173         * platform/win/FileSystemWin.cpp:
3174         (WebCore::FileSystem::getFinalPathName):
3175         (WebCore::FileSystem::pathByAppendingComponent):
3176         (WebCore::FileSystem::storageDirectory):
3177
3178 2018-05-02  Brent Fulgham  <bfulgham@apple.com>
3179
3180         Widgets should hold a WeakPtr to their parents
3181         https://bugs.webkit.org/show_bug.cgi?id=185239
3182         <rdar://problem/39741250>
3183
3184         Reviewed by Zalan Bujtas.
3185
3186         * platform/ScrollView.h:
3187         (WebCore::ScrollView::weakPtrFactory): Added.
3188         * platform/Widget.cpp:
3189         (WebCore::Widget::init): Don't perform an unnecessary assignment.
3190         (WebCore::Widget::setParent): Grab a WeakPtr to the parent ScrollView.
3191         * platform/Widget.h:
3192         (WebCore::Widget::parent const): Change type to a WeakPtr.
3193
3194 2018-05-03  Yusuke Suzuki  <utatane.tea@gmail.com>
3195
3196         Use pointer instead of std::optional<T&>
3197         https://bugs.webkit.org/show_bug.cgi?id=185186
3198
3199         Reviewed by Alex Christensen.
3200
3201         std::optional<T&> is not accepted in C++17 spec.
3202         In this patch, we replace it with T*, which is well-aligned to
3203         WebKit's convention.
3204
3205         * Modules/mediastream/RTCPeerConnection.cpp:
3206         (WebCore::iceServersFromConfiguration):
3207         (WebCore::RTCPeerConnection::initializeConfiguration):
3208         (WebCore::RTCPeerConnection::setConfiguration):
3209         * css/parser/CSSParser.cpp:
3210         (WebCore::CSSParser::parseSystemColor):
3211         * css/parser/CSSParser.h:
3212         * dom/DatasetDOMStringMap.cpp:
3213         (WebCore::DatasetDOMStringMap::item const):
3214         (WebCore::DatasetDOMStringMap::namedItem const):
3215         (WebCore:: const): Deleted.
3216         * dom/DatasetDOMStringMap.h:
3217         * dom/Element.cpp:
3218         (WebCore::Element::insertAdjacentHTML):
3219         * dom/Element.h:
3220         * html/canvas/CanvasStyle.cpp:
3221         (WebCore::parseColor):
3222         * inspector/DOMEditor.cpp:
3223         * platform/network/curl/CurlFormDataStream.cpp:
3224         (WebCore::CurlFormDataStream::getPostData):
3225         (): Deleted.
3226         * platform/network/curl/CurlFormDataStream.h:
3227         * platform/network/curl/CurlRequest.cpp:
3228         (WebCore::CurlRequest::setupPOST):
3229         * testing/MockCDMFactory.cpp:
3230         (WebCore::MockCDMFactory::keysForSessionWithID const):
3231         (WebCore::MockCDMInstance::updateLicense):
3232         (WebCore:: const): Deleted.
3233         * testing/MockCDMFactory.h:
3234
3235 2018-05-03  Chris Dumez  <cdumez@apple.com>
3236
3237         Stop using an iframe's id as fallback if its name attribute is not set
3238         https://bugs.webkit.org/show_bug.cgi?id=11388
3239
3240         Reviewed by Geoff Garen.
3241
3242         WebKit had logic to use an iframe's id as fallback name when its name
3243         content attribute is not set. This behavior was not standard and did not
3244         match other browsers:
3245         - https://html.spec.whatwg.org/#attr-iframe-name
3246
3247         Gecko / Trident never behaved this way. Blink was aligned with us until
3248         they started to match the specification in:
3249         - https://bugs.chromium.org/p/chromium/issues/detail?id=347169
3250
3251         This WebKit quirk was causing some Web-compatibility issues because it
3252         would affect the behavior of Window's name property getter when trying
3253         to look up an iframe by id. Because of Window's named property getter
3254         behavior [1], we would return the frame's contentWindow instead of the
3255         iframe element itself.
3256
3257         [1] https://html.spec.whatwg.org/multipage/window-object.html#named-access-on-the-window-object
3258
3259         Test: fast/dom/Window/named-getter-frame-id.html
3260
3261         * html/HTMLFrameElementBase.cpp:
3262         (WebCore::HTMLFrameElementBase::openURL):
3263         (WebCore::HTMLFrameElementBase::parseAttribute):
3264         (WebCore::HTMLFrameElementBase::didFinishInsertingNode):
3265         * html/HTMLFrameElementBase.h:
3266
3267 2018-05-03  Eric Carlson  <eric.carlson@apple.com>
3268
3269         [iOS] Internal text and audio tracks not in fullscreen menu
3270         https://bugs.webkit.org/show_bug.cgi?id=185268
3271         <rdar://problem/38673440>
3272
3273         Reviewed by Jer Noble.
3274
3275         * platform/cocoa/PlaybackSessionModelMediaElement.mm:
3276         (WebCore::PlaybackSessionModelMediaElement::setMediaElement): 'addtrack' and 'removetrack'
3277         events are fired at the track lists, not the media element.
3278
3279 2018-05-03  Ryosuke Niwa  <rniwa@webkit.org>
3280
3281         Using image map inside a shadow tree results hits a release assert in DocumentOrderedMap::add
3282         https://bugs.webkit.org/show_bug.cgi?id=185238
3283
3284         Reviewed by Antti Koivisto.
3285
3286         The bug was caused by DocumentOrderedMap for the image elements with usemap being stored in Document
3287         even if those image elements were in a shadow tree. Fixed the bug by moving the map to TreeScope.
3288
3289         Test: fast/images/imagemap-in-nested-shadow-tree.html
3290               fast/images/imagemap-in-shadow-tree.html
3291
3292         * dom/Document.cpp:
3293         (WebCore::Document::addImageElementByUsemap): Moved to TreeScope.
3294         (WebCore::Document::removeImageElementByUsemap): Ditto.
3295         (WebCore::Document::imageElementByUsemap const): Ditto.
3296         * dom/Document.h:
3297         * dom/TreeScope.cpp:
3298         (WebCore::TreeScope::destroyTreeScopeData): Clear m_imagesByUsemap as well as m_elementsByName.
3299         (WebCore::TreeScope::getImageMap const): Removed the code to parse usemap. RenderImage::imageMap()
3300         which used to call this function with the raw value of the usemap content attribute now calls it
3301         via HTMLImageElement::associatedMapElement(), which uses the parsed usemap.
3302         (WebCore::TreeScope::addImageElementByUsemap): Moved from Document.
3303         (WebCore::TreeScope::removeImageElementByUsemap): Ditto.
3304         (WebCore::TreeScope::imageElementByUsemap const): Ditto.
3305         * dom/TreeScope.h:
3306         * html/HTMLImageElement.cpp:
3307         (WebCore::HTMLImageElement::parseAttribute):
3308         (WebCore::HTMLImageElement::insertedIntoAncestor): This image element can be associated with a map element
3309         if it's connected to a document.
3310         (WebCore::HTMLImageElement::removedFromAncestor):
3311         (WebCore::HTMLImageElement::associatedMapElement const):
3312         * html/HTMLImageElement.h:
3313         * html/HTMLMapElement.cpp:
3314         (WebCore::HTMLMapElement::imageElement):
3315         * rendering/RenderImage.cpp:
3316         (WebCore::RenderImage::imageMap const):
3317
3318 2018-05-03  Justin Fan  <justin_fan@apple.com>
3319
3320         [WebGL] Add runtime flag for enabling ASTC support in WebGL
3321         https://bugs.webkit.org/show_bug.cgi?id=184840
3322
3323         Reviewed by Myles C. Maxfield.
3324
3325         Added runtime flag for ASTC support in WebGL, to turn on/off when extension is implemented.
3326
3327         * page/RuntimeEnabledFeatures.h:
3328         (WebCore::RuntimeEnabledFeatures::setWebGLCompressedTextureASTCSupportEnabled):
3329         (WebCore::RuntimeEnabledFeatures::webGLCompressedTextureASTCSupportEnabled const):
3330
3331 2018-05-03  Chris Nardi  <cnardi@chromium.org>
3332
3333         Remove [NoInterfaceObject] from DOMRectList
3334         https://bugs.webkit.org/show_bug.cgi?id=185255
3335
3336         Reviewed by Chris Dumez.
3337
3338         In https://github.com/w3c/fxtf-drafts/issues/233, [NoInterfaceObject] was removed
3339         from DOMRectList. Remove it from our implementation to match the spec, as well as
3340         Chrome and Firefox.
3341
3342         Updated web platform tests IDL test for the Geometry spec.
3343
3344         * dom/DOMRectList.idl:
3345
3346 2018-05-03  Chris Dumez  <cdumez@apple.com>
3347
3348         REGRESSION(iOS 11.3): Crashes in TimerBase::~TimerBase() in Tencent x5gamehelper
3349         https://bugs.webkit.org/show_bug.cgi?id=185073
3350         <rdar://problem/39821223>
3351
3352         Reviewed by Alexey Proskuryakov.
3353
3354         The following changes were made:
3355         - Make sure SocketStream callbacks are always scheduled on the right runloop:
3356           WebThreadRunLoop() on WebKitLegacy iOS, loaderRunLoop() on Windows and
3357           main runloop otherwise.
3358         - When the SocketStream callbacks are called, unconditionally call callOnMainThreadAndWait()
3359           before calling methods on the SocketStream client. Previously, this code path
3360           was specific to Windows but there is no reason to have platform-specific code here.
3361           callOnMainThreadAndWait() calls the function right away if we're already on the main
3362           thread, which will be the case on other platform than Windows.
3363
3364         * platform/network/cf/SocketStreamHandleImplCFNet.cpp:
3365         (WebCore::callbacksRunLoop):
3366         (WebCore::callbacksRunLoopMode):
3367         (WebCore::SocketStreamHandleImpl::scheduleStreams):
3368         (WebCore::SocketStreamHandleImpl::pacExecutionCallback):
3369         (WebCore::SocketStreamHandleImpl::executePACFileURL):
3370         (WebCore::SocketStreamHandleImpl::removePACRunLoopSource):
3371         (WebCore::SocketStreamHandleImpl::readStreamCallback):
3372         (WebCore::SocketStreamHandleImpl::writeStreamCallback):
3373         (WebCore::SocketStreamHandleImpl::platformClose):
3374
3375 2018-05-03  Zalan Bujtas  <zalan@apple.com>
3376
3377         [LFC] Enable multiple layout roots for incremental layout.
3378         https://bugs.webkit.org/show_bug.cgi?id=185185
3379
3380         Reviewed by Antti Koivisto.
3381
3382         With certain type of style changes, we can stop the box invalidation at the formatting context boundary.
3383         When multiple boxes need updating in different formatting contexts, instead of marking the parent containing block chain all
3384         the way up to a common ancestor, we could just work with a list of layout entry points per layout frame.
3385
3386         * layout/FormattingState.h:
3387         * layout/LayoutContext.cpp:
3388         (WebCore::Layout::LayoutContext::updateLayout):
3389         (WebCore::Layout::LayoutContext::addLayoutEntryPoint):
3390         * layout/LayoutContext.h:
3391
3392 2018-05-03  Zalan Bujtas  <zalan@apple.com>
3393
3394         [LFC] Box invalidation logic should go to dedicated classes.
3395         https://bugs.webkit.org/show_bug.cgi?id=185249
3396
3397         Reviewed by Antti Koivisto.
3398
3399         Each formatting context can initiate a different type of invalidation when
3400         style attribute changes in a box.
3401
3402         * Sources.txt:
3403         * WebCore.xcodeproj/project.pbxproj:
3404         * layout/FormattingState.cpp:
3405         (WebCore::Layout::FormattingState::FormattingState):
3406         * layout/FormattingState.h:
3407         (WebCore::Layout::FormattingState::isBlockFormattingState const):
3408         (WebCore::Layout::FormattingState::isInlineFormattingState const):
3409         * layout/LayoutContext.cpp:
3410         (WebCore::Layout::LayoutContext::styleChanged):
3411         (WebCore::Layout::LayoutContext::markNeedsUpdate):
3412         * layout/LayoutContext.h:
3413         * layout/blockformatting/BlockFormattingState.cpp:
3414         (WebCore::Layout::BlockFormattingState::BlockFormattingState):
3415         * layout/blockformatting/BlockFormattingState.h:
3416         * layout/blockformatting/BlockInvalidation.cpp: Copied from Source/WebCore/layout/blockformatting/BlockFormattingState.cpp.
3417         (WebCore::Layout::BlockInvalidation::invalidate):
3418         * layout/blockformatting/BlockInvalidation.h: Copied from Source/WebCore/layout/inlineformatting/InlineFormattingState.h.
3419         * layout/inlineformatting/InlineFormattingState.cpp:
3420         (WebCore::Layout::InlineFormattingState::InlineFormattingState):
3421         * layout/inlineformatting/InlineFormattingState.h:
3422         * layout/inlineformatting/InlineInvalidation.cpp: Copied from Source/WebCore/layout/inlineformatting/InlineFormattingState.cpp.
3423         (WebCore::Layout::InlineInvalidation::invalidate):
3424         * layout/inlineformatting/InlineInvalidation.h: Copied from Source/WebCore/layout/blockformatting/BlockFormattingState.h.
3425
3426 2018-05-03  Michael Catanzaro  <mcatanzaro@igalia.com>
3427
3428         WebKit should send fake macOS user agent to docs.google.com
3429         https://bugs.webkit.org/show_bug.cgi?id=185165
3430
3431         Reviewed by Carlos Garcia Campos.
3432
3433         * platform/UserAgentQuirks.cpp:
3434         (WebCore::urlRequiresMacintoshPlatform):
3435         (WebCore::urlRequiresLinuxDesktopPlatform):
3436
3437 2018-05-03  Commit Queue  <commit-queue@webkit.org>
3438
3439         Unreviewed, rolling out r231223 and r231288.
3440         https://bugs.webkit.org/show_bug.cgi?id=185256
3441
3442         The change in r231223 breaks internal builds, and r231288 is a
3443         dependent change. (Requested by ryanhaddad on #webkit).
3444
3445         Reverted changesets:
3446
3447         "Use default std::optional if it is provided"
3448         https://bugs.webkit.org/show_bug.cgi?id=185159
3449         https://trac.webkit.org/changeset/231223
3450
3451         "Use pointer instead of
3452         std::optional<std::reference_wrapper<>>"
3453         https://bugs.webkit.org/show_bug.cgi?id=185186
3454         https://trac.webkit.org/changeset/231288
3455
3456 2018-05-03  Ryan Haddad  <ryanhaddad@apple.com>
3457
3458         Unreviewed, rolling out r231253.
3459
3460         The API test added with this change is crashing on the bots.
3461
3462         Reverted changeset:
3463
3464         "Web Inspector: opt out of process swap on navigation if a Web
3465         Inspector frontend is connected"
3466         https://bugs.webkit.org/show_bug.cgi?id=184861
3467         https://trac.webkit.org/changeset/231253
3468
3469 2018-05-03  Youenn Fablet  <youenn@apple.com>
3470
3471         A MediaStream being played should allow removing some of its tracks
3472         https://bugs.webkit.org/show_bug.cgi?id=185233
3473
3474         Reviewed by Eric Carlson.
3475
3476         Update the tracks out of the for loop.
3477         Test: fast/mediastream/change-tracks-media-stream-being-played.html
3478
3479         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
3480         (WebCore::updateTracksOfType):
3481
3482 2018-05-03  Miguel Gomez  <magomez@igalia.com>
3483
3484         WebCore::TextureMapperLayer object used after freed
3485         https://bugs.webkit.org/show_bug.cgi?id=184729
3486
3487         Reviewed by Michael Catanzaro.
3488
3489         Replace the raw pointers with WeakPtr for effectTarget, maskLayer and replicaLayer
3490         inside TextureMapperLayer.
3491
3492         * platform/graphics/texmap/TextureMapperLayer.cpp:
3493         (WebCore::TextureMapperLayer::~TextureMapperLayer):
3494         (WebCore::TextureMapperLayer::setMaskLayer):
3495         (WebCore::TextureMapperLayer::setReplicaLayer):
3496         * platform/graphics/texmap/TextureMapperLayer.h:
3497
3498 2018-05-03  Basuke Suzuki  <Basuke.Suzuki@sony.com>
3499
3500         [Curl] Add OpenSSL/LibreSSL multi-threading support
3501         https://bugs.webkit.org/show_bug.cgi?id=185138
3502
3503         The older OpenSSL manual says the locking_function and threadid_function should
3504         be set when use it in multi-threading environment. This applies to LibreSSL also.
3505         https://www.openssl.org/docs/man1.0.2/crypto/threads.html
3506
3507         For unix and other similar os, the default threadId_function implementation is
3508         good enough. We'll set custom callback only for Windows OS.
3509
3510         Note it's not required for OpenSSL 1.1.0 and after.
3511         https://www.openssl.org/blog/blog/2017/02/21/threads/
3512
3513         Reviewed by Per Arne Vollan.
3514
3515         * platform/network/curl/CurlSSLHandle.cpp:
3516         (WebCore::CurlSSLHandle::CurlSSLHandle):
3517         (WebCore::CurlSSLHandle::ThreadSupport::ThreadSupport):
3518         (WebCore::CurlSSLHandle::ThreadSupport::lockingCallback):
3519         (WebCore::CurlSSLHandle::ThreadSupport::threadIdCallback):
3520         * platform/network/curl/CurlSSLHandle.h:
3521         (WebCore::CurlSSLHandle::ThreadSupport::setup):
3522         (WebCore::CurlSSLHandle::ThreadSupport::singleton):
3523         (WebCore::CurlSSLHandle::ThreadSupport::lock):
3524         (WebCore::CurlSSLHandle::ThreadSupport::unlock):
3525
3526 2018-05-02  Ryosuke Niwa  <rniwa@webkit.org>
3527
3528         Remove superfluous check for a null attribute value check in Element::removeAttributeInternal
3529         https://bugs.webkit.org/show_bug.cgi?id=185227
3530
3531         Reviewed by Chris Dumez.
3532
3533         Removed the check. The attribute value string can never be null.
3534
3535         * dom/Element.cpp:
3536         (WebCore::Element::removeAttributeInternal):
3537
3538 2018-05-02  Zalan Bujtas  <zalan@apple.com>
3539
3540         [LFC] Implement LayoutContext::createDisplayBox
3541         https://bugs.webkit.org/show_bug.cgi?id=185158
3542
3543         Reviewed by Antti Koivisto.
3544
3545         Now compute*() functions take both the const layout and the corresponding non-const display boxes.
3546         Display boxes are owned by the LayoutContext and they don't form a tree structure (only implicitly through the layout tree).
3547         (This might need to change in the future if we decide to arrange them in some sort of painting order)
3548
3549         * layout/FloatingContext.cpp:
3550         (WebCore::Layout::FloatingContext::computePosition):
3551         * layout/FloatingContext.h:
3552         * layout/FormattingContext.cpp:
3553         (WebCore::Layout::FormattingContext::computeStaticPosition const):
3554         (WebCore::Layout::FormattingContext::computeInFlowPositionedPosition const):
3555         (WebCore::Layout::FormattingContext::computeOutOfFlowPosition const):
3556         (WebCore::Layout::FormattingContext::computeWidth const):
3557         (WebCore::Layout::FormattingContext::computeHeight const):
3558         (WebCore::Layout::FormattingContext::computeOutOfFlowWidth const):
3559         (WebCore::Layout::FormattingContext::computeFloatingWidth const):
3560         (WebCore::Layout::FormattingContext::computeOutOfFlowHeight const):
3561         (WebCore::Layout::FormattingContext::computeFloatingHeight const):
3562         * layout/FormattingContext.h:
3563         * layout/LayoutContext.cpp:
3564         (WebCore::Layout::LayoutContext::createDisplayBox):
3565         * layout/LayoutContext.h:
3566         (WebCore::Layout::LayoutContext::displayBoxForLayoutBox const):
3567         * layout/blockformatting/BlockFormattingContext.cpp:
3568         (WebCore::Layout::BlockFormattingContext::layout const):
3569         (WebCore::Layout::BlockFormattingContext::computeStaticPosition const):
3570         (WebCore::Layout::BlockFormattingContext::computeInFlowWidth const):
3571         (WebCore::Layout::BlockFormattingContext::computeInFlowHeight const):
3572         * layout/blockformatting/BlockFormattingContext.h:
3573         * layout/displaytree/DisplayBox.h:
3574         (WebCore::Display::Box::parent const): Deleted.
3575         (WebCore::Display::Box::nextSibling const): Deleted.
3576         (WebCore::Display::Box::previousSibling const): Deleted.
3577         (WebCore::Display::Box::firstChild const): Deleted.
3578         (WebCore::Display::Box::lastChild const): Deleted.
3579         (WebCore::Display::Box::setParent): Deleted.
3580         (WebCore::Display::Box::setNextSibling): Deleted.
3581         (WebCore::Display::Box::setPreviousSibling): Deleted.
3582         (WebCore::Display::Box::setFirstChild): Deleted.
3583         (WebCore::Display::Box::setLastChild): Deleted.
3584         (): Deleted.
3585         * layout/inlineformatting/InlineFormattingContext.cpp:
3586         (WebCore::Layout::InlineFormattingContext::computeInFlowWidth const):
3587         (WebCore::Layout::InlineFormattingContext::computeInFlowHeight const):
3588         * layout/inlineformatting/InlineFormattingContext.h:
3589
3590 2018-05-02  Said Abou-Hallawa  <sabouhallawa@apple.com>
3591
3592         Hiding then showing an <object> of type image makes the underlaying image disappear
3593         https://bugs.webkit.org/show_bug.cgi?id=185216
3594         <rdar://problem/39055630>
3595
3596         Reviewed by Youenn Fablet.
3597
3598         Ensure the HTMLPlugInImageElement updates the RenderImageResource of its
3599         RenderImage with the CachedImage of its ImageLoader when the RenderImage
3600         is recreated.
3601
3602         Test: fast/images/object-image-hide-show.html
3603
3604         * html/HTMLPlugInImageElement.cpp:
3605         (WebCore::HTMLPlugInImageElement::didAttachRenderers):
3606         This is very similar to what we do in HTMLImageElement::didAttachRenderers().
3607
3608
3609 2018-05-02  Brent Fulgham  <bfulgham@apple.com>
3610
3611         Use RetainPtr for form input type
3612         https://bugs.webkit.org/show_bug.cgi?id=185210
3613         <rdar://problem/39734040>
3614
3615         Reviewed by Ryosuke Niwa.
3616
3617         Refactor our HTMLInputElement class to store its InputType member as a RefPtr.
3618
3619         Test: fast/forms/access-key-mutation-2.html.
3620
3621         * html/HTMLInputElement.cpp:
3622         (WebCore::HTMLInputElement::HTMLInputElement):
3623         (WebCore::HTMLInputElement::didAddUserAgentShadowRoot):
3624         (WebCore::HTMLInputElement::accessKeyAction):
3625         (WebCore::HTMLInputElement::parseAttribute):
3626         (WebCore::HTMLInputElement::appendFormData):
3627         * html/HTMLInputElement.h:
3628         * html/InputType.cpp:
3629         (WebCore::createInputType):
3630         (WebCore::InputType::create):
3631         (WebCore::InputType::createText):
3632         * html/InputType.h:
3633
3634 2018-05-01  Yusuke Suzuki  <utatane.tea@gmail.com>
3635
3636         Use pointer instead of std::optional<std::reference_wrapper<>>
3637         https://bugs.webkit.org/show_bug.cgi?id=185186
3638
3639         Reviewed by Alex Christensen.
3640
3641         std::optional<T&> is not accepted in C++17 spec. So we replaced it
3642         with std::optional<std::reference_wrapper<T>>.
3643
3644         In this patch, we replace it with T*, which is well-aligned to
3645         WebKit's convention.
3646
3647         * Modules/mediastream/RTCPeerConnection.cpp:
3648         (WebCore::iceServersFromConfiguration):
3649         (WebCore::RTCPeerConnection::initializeConfiguration):
3650         (WebCore::RTCPeerConnection::setConfiguration):
3651         * css/parser/CSSParser.cpp:
3652         (WebCore::CSSParser::parseSystemColor):
3653         * css/parser/CSSParser.h:
3654         * dom/DatasetDOMStringMap.cpp:
3655         (WebCore::DatasetDOMStringMap::item const):
3656         (WebCore::DatasetDOMStringMap::namedItem const):
3657         * dom/DatasetDOMStringMap.h:
3658         * dom/Element.cpp:
3659         (WebCore::Element::insertAdjacentHTML):
3660         * dom/Element.h:
3661         * html/canvas/CanvasStyle.cpp:
3662         (WebCore::parseColor):
3663         * inspector/DOMEditor.cpp:
3664         * platform/network/curl/CurlFormDataStream.cpp:
3665         (WebCore::CurlFormDataStream::getPostData):
3666         * platform/network/curl/CurlFormDataStream.h:
3667         * platform/network/curl/CurlRequest.cpp:
3668         (WebCore::CurlRequest::setupPOST):
3669         * testing/MockCDMFactory.cpp:
3670         (WebCore::MockCDMFactory::keysForSessionWithID const):
3671         (WebCore::MockCDMInstance::updateLicense):
3672         * testing/MockCDMFactory.h:
3673
3674 2018-05-02  Keith Rollin  <krollin@apple.com>
3675
3676         Add facility for tracking times and results of page and resource loading
3677         https://bugs.webkit.org/show_bug.cgi?id=184838
3678         <rdar://problem/36548974>
3679
3680         Reviewed by Brent Fulgham.
3681
3682         Update FrameProgressTracker to send the necessary page load start/stop
3683         signals so that we can track the entire page load at a network level.
3684         Add an empty override of the pure virtual
3685         LoaderStrategy::pageLoadCompleted method.
3686
3687         No new tests. There is no testable effect from these changes. On
3688         Cocoa, measurable changes take place in another (non-WebKit) process.
3689         On non-Cocoa systems, this facility is currently disabled.
3690
3691         * loader/FrameLoader.cpp:
3692         (WebCore::FrameLoader::FrameProgressTracker::progressCompleted):
3693         * loader/LoaderStrategy.h:
3694
3695 2018-05-02  Aditya Keerthi  <akeerthi@apple.com>
3696
3697         Can't copy and paste URLs that have no title into Mail (macOS)
3698         https://bugs.webkit.org/show_bug.cgi?id=185205
3699         <rdar://problem/36352406>
3700
3701         Reviewed by Tim Horton.
3702
3703         The pasteboardURL generated has an empty title for URLs without titles. Currently, the pasteboardURL.title is being saved to the pasteboard.
3704
3705         To fix the error, we check whether the title is empty and instead save the lastPathComponent to the pasteboard. This matches current behavior as the fallback title.
3706
3707         Augmented WebKitLegacy.ContextMenuCanCopyURL test
3708
3709         * platform/mac/PasteboardMac.mm:
3710         (WebCore::writeURLForTypes):
3711
3712 2018-05-01  Ryosuke Niwa  <rniwa@webkit.org>
3713
3714         REGRESSION(r225868): Release assert when removing an SVGUseElement from Document::m_svgUseElements
3715         https://bugs.webkit.org/show_bug.cgi?id=182188
3716         <rdar://problem/36689240>
3717
3718         Reviewed by Antti Koivisto.
3719
3720         Fixed the crash by removing up the release assert.
3721
3722         The crash is likely caused by re-entrancy to Document::resolveStyle during SVGUseElement::updateShadowTree.
3723         Because Document::resolveStyle invokes updateShadowTree on SVG use elements in Document::m_svgUseElements
3724         without clearing the map, the nested call to resolveStyle ends up calling updateShadowTree() for all elements
3725         in m_svgUseElements and removing them all from the map. When the stack frame eventually comes back to the outer
3726         invocation of Document::resolveStyle, updateShadowTree gets invoked for the second time on SVG use elements
3727         whose shadow tree had already been updated within the inner invocation to updateShadowTree, and release-asserts.
3728
3729         There is an alternative fix: avoid calling updateShadowTree on a svg element when shadowTreeNeedsUpdate returns
3730         true on the element in resolveStyle. However, removing the release assert is a sure way to fix the crash so
3731         this patch opts for that fix instead especially since we don't have any reproducible test case for this crash.
3732
3733         This release assertion was added in r225868 as a cautious measure to catch any use-after-frees of SVGUseElement's
3734         since m_svgUseElements stored raw pointes to SVG use elements but this crash is not an indicative of any UAF,
3735         and there is no evidence that r225868 has led to new UAFs even after five months.
3736
3737         No new tests. I couldn't find a way to trigger a nested style update inside SVGUseElement::updateShadowTree.
3738
3739         * dom/Document.cpp:
3740         (WebCore::Document::removeSVGUseElement):
3741
3742 2018-05-02  Dirk Schulze  <dschulze@chromium.org>
3743
3744         getCharNumAtPosition should take DOMPointInit as argument
3745         https://bugs.webkit.org/show_bug.cgi?id=184695
3746
3747         Reviewed by Antti Koivisto.
3748
3749         Extend existing tests for getCharNumAtPosition.
3750
3751         * svg/SVGTextContentElement.cpp:
3752         (WebCore::SVGTextContentElement::getCharNumAtPosition):
3753         * svg/SVGTextContentElement.h:
3754         * svg/SVGTextContentElement.idl: Use DOMPointInit argument.
3755
3756 2018-05-02  Youenn Fablet  <youenn@apple.com>
3757
3758         Use NetworkLoadChecker for navigation loads
3759         https://bugs.webkit.org/show_bug.cgi?id=184892
3760         <rdar://problem/39652686>
3761
3762         Reviewed by Chris Dumez.
3763
3764         Sanitize headers according response tainting.
3765         If tainting is basic, it means same origin load in which case we only filter Cookie related headers.
3766         If tainting is Opaque, we filter all uncommon headers.
3767         If tainting is CORS, we filter all uncommon headers except the one explicitely allowed by CORS headers.
3768         Covered by updated test.
3769
3770         * platform/network/ResourceResponseBase.cpp:
3771         (WebCore::ResourceResponseBase::sanitizeHTTPHeaderFieldsAccordingToTainting):
3772         (WebCore::ResourceResponseBase::sanitizeHTTPHeaderFields):
3773         * platform/network/ResourceResponseBase.h:
3774
3775 2018-05-02  Myles C. Maxfield  <mmaxfield@apple.com>
3776
3777         Collection fragment identifiers don't use PostScript names
3778         https://bugs.webkit.org/show_bug.cgi?id=184624
3779         <rdar://problem/39432089>
3780
3781         Reviewed by Simon Fraser.
3782
3783         In a previous version of the CSS Fonts spec, there was text saying that items in font collections
3784         should be 1-indexed (so the first item would be MyFonts.ttc#1). However, this is unfortunate because
3785         inserting an item into the middle of a collection would throw off all content that uses the file.
3786         Instead, the spec has since changed to use PostScript names (so the content instead would say
3787         MyFonts.ttc#MyFont-Regular).
3788
3789         Test: fast/text/font-collection.html
3790
3791         * css/CSSFontFaceSource.cpp:
3792         (WebCore::CSSFontFaceSource::load):
3793         * loader/cache/CachedFont.cpp:
3794         (WebCore::CachedFont::calculateItemInCollection const):
3795         (WebCore::CachedFont::ensureCustomFontData):
3796         (WebCore::CachedFont::createCustomFontData):
3797         (WebCore::CachedFont::calculateIndex const): Deleted.
3798         * loader/cache/CachedFont.h:
3799         * platform/graphics/mac/FontCustomPlatformData.cpp:
3800         (WebCore::createFontCustomPlatformData):
3801         * platform/graphics/mac/FontCustomPlatformData.h:
3802
3803 2018-05-02  Brian Burg  <bburg@apple.com>
3804
3805         Web Inspector: opt out of process swap on navigation if a Web Inspector frontend is connected
3806         https://bugs.webkit.org/show_bug.cgi?id=184861
3807         <rdar://problem/39153768>
3808
3809         Reviewed by Ryosuke Niwa.
3810
3811         Notify the client of the current connection count whenever a frontend connects or disconnects.
3812
3813         Covered by new API test.
3814
3815         * inspector/InspectorClient.h:
3816         (WebCore::InspectorClient::frontendCountChanged):
3817         * inspector/InspectorController.cpp:
3818         (WebCore::InspectorController::connectFrontend):
3819         (WebCore::InspectorController::disconnectFrontend):
3820         (WebCore::InspectorController::disconnectAllFrontends):
3821         * inspector/InspectorController.h:
3822
3823 2018-05-02  Carlos Alberto Lopez Perez  <clopez@igalia.com>
3824
3825         [GStreamer] Remove unneeded include of gstgldisplay_wayland.h after r228866 and r229022
3826         https://bugs.webkit.org/show_bug.cgi?id=185207
3827
3828         Reviewed by Michael Catanzaro.
3829
3830         Remove unneeded include of gstgldisplay_wayland.h
3831
3832         No new tests, no change in behaviour.
3833
3834         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
3835
3836 2018-05-02  Chris Dumez  <cdumez@apple.com>
3837
3838         document.open() event listener removal is not immediate
3839         https://bugs.webkit.org/show_bug.cgi?id=185191
3840
3841         Reviewed by Darin Adler.
3842
3843         We need to make sure we set the 'wasremoved' flag on RegisteredEventListeners
3844         whenever they get removed from the EventListenerMap. We were doing so correctly
3845         in EventListenerMap:remove() but not EventListenerMap::clear(). This patch
3846         updates clear() accordingly.
3847
3848         The reason we need to set this flag is that RegisteredEventListeners is RefCounted
3849         and EventTarget::fireEventListeners() may be currently running and calling
3850         each listener one by one, holding a reference to all listener of a given event.
3851
3852         Test: fast/dom/Document/document-open-removes-all-listeners.html
3853
3854         * dom/EventListenerMap.cpp:
3855         (WebCore::EventListenerMap::clear):
3856
3857 2018-05-02  Zalan Bujtas <zalan@apple.com>
3858
3859         Use WeakPtr in GridCell
3860         https://bugs.webkit.org/show_bug.cgi?id=185180
3861         <rdar://problem/39432165>
3862
3863         Reviewed by Antti Koivisto.
3864
3865         Since GridCell does not own the renderers, it should
3866         construct weak pointers.
3867
3868         Unable to create a reliably reproducible test case.
3869
3870         * rendering/Grid.cpp:
3871         (WebCore::Grid::insert):
3872         (WebCore::GridIterator::nextGridItem):
3873         * rendering/Grid.h:
3874         * rendering/RenderGrid.cpp:
3875         (WebCore::RenderGrid::firstLineBaseline const):
3876
3877 2018-05-02  Eric Carlson  <eric.carlson@apple.com>
3878
3879         [iOS] Provide audio route information when invoking AirPlay picker
3880         https://bugs.webkit.org/show_bug.cgi?id=185199
3881         <rdar://problem/39853103>
3882
3883         Reviewed by Jer Noble.
3884
3885         No new tests, this requires a specific hardware setup.
3886
3887         * dom/Document.cpp:
3888         (WebCore::Document::showPlaybackTargetPicker): Pass route sharing policy and routing context UID.
3889         * dom/Document.h:
3890
3891         * html/MediaElementSession.cpp:
3892         (WebCore::MediaElementSession::showPlaybackTargetPicker): Ditto.
3893
3894         * loader/EmptyClients.h:
3895         * page/ChromeClient.h:
3896
3897         * page/Page.cpp:
3898         (WebCore::Page::showPlaybackTargetPicker): Ditto.
3899         * page/Page.h:
3900
3901         * platform/audio/AudioSession.cpp:
3902         (WebCore::AudioSession::routeSharingPolicy const): Empty implementation for non-iOS ports.
3903         (WebCore::routingContextUID const): Ditto.
3904         * platform/audio/AudioSession.h:
3905
3906         * platform/audio/ios/AudioSessionIOS.mm:
3907         (WebCore::AudioSession::routeSharingPolicy const): Return the route sharing policy.
3908         (WebCore::AudioSession::routingContextUID const): Return the route context UID.
3909
3910 2018-05-02  Dean Jackson  <dino@apple.com>
3911
3912         Draw SystemPreview badge to specification on iOS
3913         https://bugs.webkit.org/show_bug.cgi?id=185203
3914         <rdar://problem/39908855>
3915
3916         Reviewed by Tim Horton.
3917
3918         Use CoreImage to render a badge with a blurred background,
3919         at particular sizes.
3920
3921         This will be tested internally while we're getting artwork
3922         from WebKitAdditions.
3923
3924         * Configurations/WebCore.xcconfig: Link against CoreImage.
3925         * rendering/RenderThemeIOS.h:
3926         * rendering/RenderThemeIOS.mm:
3927         (WebCore::RenderThemeIOS::paintSystemPreviewBadge): New function
3928         in the iOS platform RenderTheme that draws the system preview.
3929
3930 2018-05-01  Brent Fulgham  <bfulgham@apple.com>
3931
3932         Prevent Debug ASSERT when changing forms
3933         https://bugs.webkit.org/show_bug.cgi?id=185173
3934         <rdar://problem/39738669>
3935
3936         Reviewed by Ryosuke Niwa.
3937
3938         Form submission could trigger a debug assertion during validation when
3939         a form is changed during an input submission. Fix this by cleaning up
3940         the event handling logic and make it more consistent with modern WebKit
3941         coding style.
3942
3943         Test: fast/forms/form-submission-crash-3.html
3944
3945         * html/HTMLButtonElement.cpp:
3946         (WebCore::HTMLButtonElement::defaultEventHandler): Make sure layout runs before
3947         attempting to perform event handling.
3948         * html/HTMLFormElement.cpp:
3949         (WebCore::HTMLFormElement::reportValidity): Ditto.
3950         (WebCore::HTMLFormElement::validateInteractively): Remove call to perform layout here,
3951         since we expect this to happen earlier in the layout pass. Add an assertion that the
3952         tree is not dirty.
3953         * html/ImageInputType.cpp:
3954         (WebCore::ImageInputType::handleDOMActivateEvent): Make sure layout runs before
3955         attempting to perform event handling.
3956         * html/SubmitInputType.cpp:
3957         (WebCore::SubmitInputType::handleDOMActivateEvent): Ditto.
3958
3959 2018-05-02  Jer Noble  <jer.noble@apple.com>
3960
3961         Unreviewed; address review comments made before landing r231231.
3962
3963         * platform/ios/WebVideoFullscreenControllerAVKit.mm:
3964         (VideoFullscreenControllerContext::volume const):
3965
3966 2018-05-02  Jer Noble  <jer.noble@apple.com>
3967
3968         Pipe volume through PlaybackSessionManager/Proxy.
3969         https://bugs.webkit.org/show_bug.cgi?id=185182
3970
3971         Reviewed by Eric Carlson.
3972