Introduce a MathMLOperatorElement class
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2016-07-25  Frederic Wang  <fwang@igalia.com>
2
3         Introduce a MathMLOperatorElement class
4         https://bugs.webkit.org/show_bug.cgi?id=160034
5
6         Reviewed by Darin Adler.
7
8         No new tests, rendering is unchaned.
9
10         * CMakeLists.txt: Add MathMLOperatorElement to the build file.
11         * WebCore.xcodeproj/project.pbxproj: Ditto.
12         * mathml/MathMLAllInOne.cpp: Ditto.
13         * mathml/MathMLOperatorElement.cpp: New DOM class for <mo> element.
14         (WebCore::MathMLOperatorElement::MathMLOperatorElement):
15         (WebCore::MathMLOperatorElement::create):
16         (WebCore::MathMLOperatorElement::parseAttribute): Handle mo attributes.
17         (WebCore::MathMLOperatorElement::createElementRenderer): Create RenderMathMLOperator.
18         * mathml/MathMLOperatorElement.h: Declare a class deriving from MathMLTextElement.
19         * mathml/MathMLTextElement.cpp: Remove all the RenderMathMLOperator parts.
20         (WebCore::MathMLTextElement::MathMLTextElement): Remove inline keyword so that the class can
21         be overriden.
22         (WebCore::MathMLTextElement::parseAttribute): Remove code handled in MathMLOperatorElement.
23         (WebCore::MathMLTextElement::createElementRenderer): Ditto.
24         * mathml/MathMLTextElement.h: Make class and members overridable.
25         * mathml/mathtags.in: Map mo to MathMLOperatorElement.
26         * rendering/mathml/RenderMathMLOperator.cpp:
27         (WebCore::RenderMathMLOperator::RenderMathMLOperator): Make the constructor take a
28         MathMLOperatorElement.
29         * rendering/mathml/RenderMathMLOperator.h: Ditto.
30
31 2016-07-25  Darin Adler  <darin@apple.com>
32
33         Speed up make process slightly by improving "list of files" idiom
34         https://bugs.webkit.org/show_bug.cgi?id=160164
35
36         Reviewed by Mark Lam.
37
38         * DerivedSources.make: Change rules that build lists of files to only run when
39         DerivedSources.make has been modified since the last time they were run. Since the
40         list of files are inside this file, this is safe, and this is faster than always
41         comparing and regenerating the file containing the list of files each time.
42
43 2016-07-24  Wenson Hsieh  <wenson_hsieh@apple.com>
44
45         The web process hangs when computing elements-based snap points for a container with large max scroll offset
46         https://bugs.webkit.org/show_bug.cgi?id=152605
47         <rdar://problem/25353661>
48
49         Reviewed by Simon Fraser.
50
51         Fixes a bug in the computation of axis snap points. The ScrollSnapPoints object, which tracks
52         snap points along a particular axis, has two flags, hasRepeat and usesElements. For elements-
53         based snapping, both flags would be turned on, since StyleBuilderConverter::convertScrollSnapPoints
54         short-circuits for elements-based snapping and does not default usesRepeat to false. To address this,
55         we make ScrollSnapPoints not repeat(100%) by default.
56
57         Test: css3/scroll-snap/scroll-snap-elements-container-larger-than-children.html
58
59         * css/StyleBuilderConverter.h:
60         (WebCore::StyleBuilderConverter::convertScrollSnapPoints): Deleted.
61         * rendering/style/StyleScrollSnapPoints.cpp:
62         (WebCore::ScrollSnapPoints::ScrollSnapPoints):
63
64 2016-07-25  Carlos Garcia Campos  <cgarcia@igalia.com>
65
66         REGRESSION(r200931): Invalid cast in highestAncestorToWrapMarkup()
67         https://bugs.webkit.org/show_bug.cgi?id=160163
68
69         Reviewed by Michael Catanzaro.
70
71         Since r200931 the result of enclosingNodeOfType() in highestAncestorToWrapMarkup() is downcasted to Element, but
72         the result of enclosingNodeOfType() can be a Node that is not an Element, in this case is Text. The cast is not
73         needed at all since that node is passed to editingIgnoresContent() and selectionFromContentsOfNode() and both
74         receive a Node not an Element.
75
76         * editing/markup.cpp:
77         (WebCore::highestAncestorToWrapMarkup): Remove invalid cast.
78
79 2016-07-25  Carlos Garcia Campos  <cgarcia@igalia.com>
80
81         [Coordinated Graphics] ASSERTION FAILED: m_coordinator->isFlushingLayerChanges() in fast/repaint/animation-after-layer-scroll.html
82         https://bugs.webkit.org/show_bug.cgi?id=160156
83
84         Reviewed by Michael Catanzaro.
85
86         So, we fixed an assertion in r203663, but now is hitting the next one. As explained in bug #160142, flush
87         compositing state can be triggered in tests by RenderLayerCompositor::layerTreeAsText(), without the coordinator
88         even noticing it, so the assert can be just removed.
89
90         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
91         (WebCore::CoordinatedGraphicsLayer::flushCompositingStateForThisLayerOnly): Remove incorrect assert.
92
93 2016-07-25  Zalan Bujtas  <zalan@apple.com>
94
95         EllipsisBox ctor's isVertical parameter should read isHorizontal.
96         https://bugs.webkit.org/show_bug.cgi?id=160153
97
98         Reviewed by Andreas Kling.
99
100         It indicates whether the ellipsis box is horizontal. (both the callsites
101         and the parent class use isHorizontal)
102
103         No change in functionality.
104
105         * rendering/EllipsisBox.cpp:
106         (WebCore::EllipsisBox::EllipsisBox):
107         * rendering/EllipsisBox.h:
108
109 2016-07-25  Sergio Villar Senin  <svillar@igalia.com>
110
111         [css-grid] Implement repeat(auto-fit)
112         https://bugs.webkit.org/show_bug.cgi?id=159771
113
114         Reviewed by Darin Adler.
115
116         The auto-fit keyword works exactly as the already implemented auto-fill except that all
117         empty tracks collapse (became 0px). Absolutely positioned items do not participate on the
118         layout of the grid so they are not considered (a grid with only absolutely positioned items
119         is considered an empty grid).
120
121         Whenever a track collapses the gutters on either side do also collapse. When a collapsed
122         track's gutters collapse, they coincide exactly. If one side of a collapsed track does not
123         have a gutter then collapsing its gutters results in no gutter on either "side" of the
124         collapsed track.
125
126         In practice this means that is not possible to know the gap between 2 consecutive auto
127         repeat tracks without examining some others whenever there are collapsed tracks.
128
129         Uncommented the auto-fit cases from Mozilla tests. They have to be adapted as the reftest
130         machinery requires all the content to be rendered in the original 800x600 viewport.
131
132         Tests: fast/css-grid-layout/grid-auto-fit-columns.html
133         fast/css-grid-layout/grid-auto-fit-rows.html
134         fast/css-grid-layout/mozilla/grid-repeat-auto-fill-fit-005-part-1.html
135         fast/css-grid-layout/mozilla/grid-repeat-auto-fill-fit-005-part-2.html
136
137         * css/CSSComputedStyleDeclaration.cpp:
138         (WebCore::valueForGridTrackList): Use the newly added trackSizesForComputedStyle().
139         * rendering/RenderGrid.cpp:
140         (WebCore::RenderGrid::computeTrackBasedLogicalHeight):
141         (WebCore::RenderGrid::computeTrackSizesForDirection):
142         (WebCore::RenderGrid::isEmptyAutoRepeatTrack):
143         (WebCore::RenderGrid::gridGapForDirection): Returns the gap directly from the style.
144         (WebCore::RenderGrid::guttersSize): Computes the gap between a startLine and an
145         endLine. This method may need to inspect some other surrounding tracks to compute the gap.
146         (WebCore::RenderGrid::computeIntrinsicLogicalWidths):
147         (WebCore::RenderGrid::computeIntrinsicLogicalHeight):
148         (WebCore::RenderGrid::computeUsedBreadthOfGridTracks):
149         (WebCore::RenderGrid::gridTrackSize):
150         (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForItems):
151         (WebCore::RenderGrid::computeAutoRepeatTracksCount):
152         (WebCore::RenderGrid::computeEmptyTracksForAutoRepeat): Returns a Vector with the auto
153         repeat tracks that are going to be collapsed because they're empty.
154         (WebCore::RenderGrid::placeItemsOnGrid):
155         (WebCore::RenderGrid::trackSizesForComputedStyle): Used by ComputedStyle logic to print the
156         size of tracks. Added in order to hide the actual contents of m_columnPositions and
157         m_rowPositions to the outter world.
158         (WebCore::RenderGrid::offsetAndBreadthForPositionedChild):
159         (WebCore::RenderGrid::gridAreaBreadthForChild):
160         (WebCore::RenderGrid::populateGridPositionsForDirection): Added some extra code to compute
161         gaps as they cannot be directly added between tracks in case of having collapsed tracks.
162         (WebCore::RenderGrid::columnAxisOffsetForChild):
163         (WebCore::RenderGrid::rowAxisOffsetForChild):
164         (WebCore::RenderGrid::offsetBetweenTracks): Deleted.
165         * rendering/RenderGrid.h: Made some API private. Added new required methods/attributes.
166
167         * css/CSSComputedStyleDeclaration.cpp:
168         (WebCore::valueForGridTrackList):
169         * rendering/RenderGrid.cpp:
170         (WebCore::RenderGrid::computeTrackBasedLogicalHeight):
171         (WebCore::RenderGrid::computeTrackSizesForDirection):
172         (WebCore::RenderGrid::hasAutoRepeatEmptyTracks):
173         (WebCore::RenderGrid::isEmptyAutoRepeatTrack):
174         (WebCore::RenderGrid::gridGapForDirection):
175         (WebCore::RenderGrid::guttersSize):
176         (WebCore::RenderGrid::computeIntrinsicLogicalWidths):
177         (WebCore::RenderGrid::computeIntrinsicLogicalHeight):
178         (WebCore::RenderGrid::computeUsedBreadthOfGridTracks):
179         (WebCore::RenderGrid::gridTrackSize):
180         (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForItems):
181         (WebCore::RenderGrid::computeAutoRepeatTracksCount):
182         (WebCore::RenderGrid::computeEmptyTracksForAutoRepeat):
183         (WebCore::RenderGrid::placeItemsOnGrid):
184         (WebCore::RenderGrid::trackSizesForComputedStyle):
185         (WebCore::RenderGrid::offsetAndBreadthForPositionedChild):
186         (WebCore::RenderGrid::assumedRowsSizeForOrthogonalChild):
187         (WebCore::RenderGrid::gridAreaBreadthForChild):
188         (WebCore::RenderGrid::populateGridPositionsForDirection):
189         (WebCore::RenderGrid::columnAxisOffsetForChild):
190         (WebCore::RenderGrid::rowAxisOffsetForChild):
191         (WebCore::RenderGrid::offsetBetweenTracks): Deleted.
192         * rendering/RenderGrid.h:
193
194 2016-07-24  Frederic Wang  <fwang@igalia.com>
195
196         Move parsing of display, displaystyle and mathvariant attributes into MathML element classes
197         https://bugs.webkit.org/show_bug.cgi?id=159623
198
199         Reviewed by Brent Fulgham.
200
201         No new tests, already covered by existing tests.
202
203         * mathml/MathMLElement.cpp:
204         (WebCore::MathMLElement::parseMathVariantAttribute): Move helper function to parse the
205         mathvariant attribute.
206         (WebCore::MathMLElement::getSpecifiedDisplayStyle): Helper function to set the displaystyle
207         value from the attribute specified on the MathML element.
208         (WebCore::MathMLElement::getSpecifiedMathVariant): Helper function to set the mathvariant
209         value from the attribute specified on the MathML element.
210         * mathml/MathMLElement.h: Move the enum for mathvariant values and declare new members.
211         (WebCore::MathMLElement::acceptsDisplayStyleAttribute): Indicate whether the element accepts
212         displaystyle attribute (false for most of them).
213         (WebCore::MathMLElement::acceptsMathVariantAttribute): Indicate whether the element accepts
214         mathvariant attribute (false for most of them).
215         * mathml/MathMLInlineContainerElement.cpp:
216         (WebCore::MathMLInlineContainerElement::acceptsDisplayStyleAttribute): Add mstyle and mtable
217         to the list of elements accepting the displaystyle attribute.
218         (WebCore::MathMLInlineContainerElement::acceptsMathVariantAttribute): Add mstyle to the list
219         of elements accepting the mathvariant attribute.
220         (WebCore::MathMLInlineContainerElement::parseAttribute): Mark displaystyle and mathvariant
221         dirty if necessary. Also use the new accepts*Attribute function.
222         * mathml/MathMLInlineContainerElement.h: Declare overridden accepts*Attribute members.
223         * mathml/MathMLMathElement.cpp:
224         (WebCore::MathMLMathElement::getSpecifiedDisplayStyle): Override acceptsDisplayStyleAttribute
225         so that the display attribute is also used to set the default value if the displaystyle
226         attribute is absent.
227         (WebCore::MathMLMathElement::parseAttribute): Mark displaystyle and mathvariant dirty if
228         necessary. We directly MathMLElement::parseAttribute to avoid duplicate work.
229         * mathml/MathMLMathElement.h: Add the math tag to the list of elements accepting the
230         displaystyle and mathvariant attributes. Declare overridden getSpecifiedDisplayStyle.
231         * mathml/MathMLTextElement.cpp:
232         (WebCore::MathMLTextElement::parseAttribute): Mark mathvariant as dirty.
233         * mathml/MathMLTextElement.h: Add token elements to the list of elements accepting the
234         mathvariant attribute.
235         * rendering/mathml/MathMLStyle.cpp:
236         (WebCore::MathMLStyle::updateStyleIfNeeded): Use the new MathMLElement::MathVariant enum.
237         (WebCore::MathMLStyle::resolveMathMLStyle):  We no longer parse the display value to
238         initialize the default value on the math tag, because this is handled in
239         getSpecifiedDisplayStyle. In general, we also just call getSpecifiedDisplayStyle and
240         getSpecifiedMathVariant on the MathML elements instead of parsing the displaystyle and
241         mathvariant attributes here.
242         (WebCore::MathMLStyle::parseMathVariant): Deleted. This is moved into MathMLElement.
243         * rendering/mathml/MathMLStyle.h: Use the new MathMLElement::MathVariant enum.
244         * rendering/mathml/RenderMathMLToken.cpp: Ditto.
245         (WebCore::mathVariant): Ditto.
246         (WebCore::RenderMathMLToken::updateMathVariantGlyph): Ditto.
247
248 2016-07-25  Carlos Garcia Campos  <cgarcia@igalia.com>
249
250         Unreviewed. Remove unneeded header includes from CoordinatedGraphicsLayer.
251
252         Not only thjey are not needed, they are a layer violation, CoordinatedGraphicsLayer shouldn't know anything
253         about Page, Frame and FrameView.
254
255         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
256         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
257
258 2016-07-24  Youenn Fablet  <youenn@apple.com>
259
260         [Fetch API] Request should be created with any HeadersInit data
261         https://bugs.webkit.org/show_bug.cgi?id=159672
262
263         Reviewed by Sam Weinig.
264
265         Made Request use JSBuiltinConstructor.
266         This allows initializing newly created Request with a JS built-in function, initializeFetchRequest.
267         initializeFetchRequest can call @fillFetchHeaders internal built-in to handle any HeadersInit data.
268         Future effort should be made to migrate more initialization code in initializeFetchRequest.
269
270         Made window and worker fetch function as a JS built-in.
271         This becomes more handy as these new functions can construct the Request object.
272         They can then call a single private function that takes a Request object as input.
273         Updated DOMWindowFetch and WorkerGlobalScopeFetch code accordingly.
274
275         To enable this, the binding generator is updated to support runtime-enabled JS built-in functions and
276         private functions atttached to global objects.
277
278         Covered by existing and modified tests.
279         Binding generator test covered by updated binding tests.
280
281         * CMakeLists.txt: Adding DOMWindowFetch.js, FetchRequest.js and WorkerGlobalScopeFetch.js built-in files.
282         * DerivedSources.make: Ditto.
283         * Modules/fetch/DOMWindowFetch.cpp: Removed overloaded fetch and updated according new signature.
284         (WebCore::DOMWindowFetch::fetch):
285         * Modules/fetch/DOMWindowFetch.h: Ditto.
286         * Modules/fetch/DOMWindowFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
287         * Modules/fetch/DOMWindowFetch.js: Added.
288         (fetch):
289         * Modules/fetch/FetchHeaders.h:
290         (WebCore::FetchHeaders::setGuard): Used by FetchRequest when initializing headers.
291         * Modules/fetch/FetchRequest.cpp: 
292         (WebCore::buildHeaders): Removed as implemented in JS.
293         (WebCore::FetchRequest::initializeOptions): Added to handle most of the dictionary initialization.
294         (WebCore::FetchRequest::initializeWith): Method called from built-in constructor function.
295         (WebCore::FetchRequest::setBody): Corresponding to @setBody private method.
296         (WebCore::buildBody): Deleted.
297         * Modules/fetch/FetchRequest.h:
298         * Modules/fetch/FetchRequest.idl:
299         * Modules/fetch/FetchRequest.js: Added.
300         (initializeFetchRequest): Implements fetch Request(input, init) constructor.
301         * Modules/fetch/FetchResponse.cpp:
302         (WebCore::FetchResponse::fetch): Removed the construction of FetchRequest in fetch method since it is done by JS built-in code.
303         * Modules/fetch/FetchResponse.h:
304         * Modules/fetch/WorkerGlobalScopeFetch.cpp: Removed overloaded fetch and updated according new signature.
305         (WebCore::WorkerGlobalScopeFetch::fetch):
306         * Modules/fetch/WorkerGlobalScopeFetch.h: Ditto.
307         * Modules/fetch/WorkerGlobalScopeFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
308         * Modules/fetch/WorkerGlobalScopeFetch.js: Added.
309         (fetch):
310         * bindings/js/WebCoreBuiltinNames.h: Adding fetchRequest, setBody and Request private identifiers.
311         * bindings/scripts/CodeGenerator.pm:
312         (WK_lcfirst): Replacing dOM by dom.
313         * bindings/scripts/CodeGeneratorJS.pm:
314         (GenerateImplementation): Adding support for runtime-enabled built-in methods and private methods.
315         * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
316         (WebCore::JSTestGlobalObject::finishCreation):
317         (WebCore::jsTestGlobalObjectInstanceFunctionTestPrivateFunction):
318         * bindings/scripts/test/ObjC/DOMTestGlobalObject.mm:
319         (-[DOMTestGlobalObject testJSBuiltinFunction]):
320         * bindings/scripts/test/TestGlobalObject.idl: Adding tests for runtime-enabled global built-in methods and private methods.
321
322 2016-07-24  Nan Wang  <n_wang@apple.com>
323
324         AX: Video Controls: Volume cannot be adjusted using VO.
325         https://bugs.webkit.org/show_bug.cgi?id=160107
326
327         Reviewed by Dean Jackson.
328
329         The volume slider in video tag had 0.01 step which caused the screen reader adjusting it slowly.
330         Changed the step to 0.05 and added the aria-valuetext attribute to the slider, so that the value
331         is spoken in percentage. 
332
333         Test: accessibility/mac/video-volume-slider-accessibility.html
334
335         * Modules/mediacontrols/mediaControlsApple.js:
336         (Controller.prototype.createControls):
337         (Controller.prototype.handleVolumeSliderInput):
338         (Controller.prototype.updateVolume):
339
340 2016-07-24  David Kilzer  <ddkilzer@apple.com>
341
342         REGRESSION (r203106): Crash in WebCore::MathMLElement::parseMathMLLength()
343         <https://webkit.org/b/160111>
344         <rdar://problem/27506489>
345
346         Reviewed by Chris Dumez.
347
348         Test: mathml/mpadded-crash.html
349
350         * mathml/MathMLElement.cpp:
351         (WebCore::skipLeadingAndTrailingWhitespace): Change to take
352         StringView parameter instead of String to avoid creating a
353         temporary String that's released on return.
354
355 2016-07-24  Carlos Garcia Campos  <cgarcia@igalia.com>
356
357         [Coordinated Graphics] ASSERTION FAILED: !m_flushingLayers in fast/repaint/animation-after-layer-scroll.html
358         https://bugs.webkit.org/show_bug.cgi?id=160142
359
360         Reviewed by Michael Catanzaro.
361
362         This only happens in layout tests, because it happens when RenderLayerCompositor::layerTreeAsText() is
363         called. The thing is that CoordinatedGraphicsLayer::flushCompositingState() calls notifyFlushRequired() that
364         checks if the coordinator is flusing layers and if not it calls RenderLayerCompositor::notifyFlushRequired() and
365         returns early. This normally works because the coodinator is the one starting the layer flush, so that when
366         RenderLayerCompositor::flushPendingLayerChanges() is called the coordinator is always flusing layers. But
367         RenderLayerCompositor::layerTreeAsText() calls RenderLayerCompositor::flushPendingLayerChanges() directly, so at
368         that moment the coordinator is not flusing layers, what causes that
369         CoordinatedGraphicsLayer::flushCompositingState() ends up calling RenderLayerCompositor::notifyFlushRequired()
370         that schedules a new flush while flusing layers causing the
371         assertion. CoordinatedGraphicsLayer::flushCompositingState() is always called from
372         CompositingCoordinator::flushPendingLayerChanges() or RenderLayerCompositor::flushPendingLayerChanges() so we
373         never need to call RenderLayerCompositor::notifyFlushRequired() from there.
374
375         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
376         (WebCore::CoordinatedGraphicsLayer::notifyFlushRequired): This is void now since the return value is not checked anywhere.
377         (WebCore::CoordinatedGraphicsLayer::flushCompositingState): Remove the call to notifyFlushRequired().
378         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
379
380 2016-07-24  Darin Adler  <darin@apple.com>
381
382         Adding a new WebCore JavaScript built-in source file does not trigger rebuild of WebCoreJSBuiltins*
383         https://bugs.webkit.org/show_bug.cgi?id=160115
384
385         Reviewed by Youenn Fablet.
386
387         * DerivedSources.make: Added a missing dependency so the rule that builds WebCore_BUILTINS_WRAPPERS
388         kicks in when the list of WebCore_BUILTINS_SOURCES is modified. Also added another missing dependency
389         so that changes to the JavaScript built-ins Python scripts will also trigger WebCore_BUILTINS_WRAPPERS.
390
391         * make-generated-sources.sh: Removed. Was unused.
392
393 2016-07-23  Zalan Bujtas  <zalan@apple.com>
394
395         Stop isEmpty() from leaking out of SVG.
396         https://bugs.webkit.org/show_bug.cgi?id=160121
397
398         Reviewed by Simon Fraser.
399
400         It's unclear what isEmpty() actually means and it doesn't bring any value to Render* classes.
401
402         No change in functionality.
403
404         * editing/CompositeEditCommand.cpp:
405         (WebCore::CompositeEditCommand::addBlockPlaceholderIfNeeded):
406         * rendering/RenderElement.h:
407         * rendering/RenderListItem.cpp:
408         (WebCore::RenderListItem::isEmpty): Deleted.
409         * rendering/RenderListItem.h:
410         * rendering/RenderObject.h:
411         (WebCore::RenderObject::isEmpty): Deleted.
412         * rendering/RenderRubyRun.cpp:
413         (WebCore::RenderRubyRun::removeChild):
414         (WebCore::RenderRubyRun::isEmpty): Deleted.
415         * rendering/RenderRubyRun.h:
416         * rendering/mathml/RenderMathMLFenced.cpp:
417         (WebCore::RenderMathMLFenced::updateFromElement):
418         (WebCore::RenderMathMLFenced::addChild):
419         * rendering/mathml/RenderMathMLRoot.cpp:
420         (WebCore::RenderMathMLRoot::paint):
421         * rendering/svg/RenderSVGShape.h:
422
423 2016-07-23  Zalan Bujtas  <zalan@apple.com>
424
425         table*BorderAdjoiningCell and borderAdjoiningCell* should take reference instead of RenderTableCell*.
426         https://bugs.webkit.org/show_bug.cgi?id=160123
427
428         Reviewed by Simon Fraser.
429
430         No change in functionality.
431
432         * rendering/RenderTable.cpp:
433         (WebCore::RenderTable::tableStartBorderAdjoiningCell):
434         (WebCore::RenderTable::tableEndBorderAdjoiningCell):
435         * rendering/RenderTable.h:
436         * rendering/RenderTableCell.cpp:
437         (WebCore::RenderTableCell::computeCollapsedStartBorder):
438         (WebCore::RenderTableCell::computeCollapsedEndBorder):
439         * rendering/RenderTableCell.h:
440         (WebCore::RenderTableCell::borderAdjoiningCellBefore):
441         (WebCore::RenderTableCell::borderAdjoiningCellAfter):
442         * rendering/RenderTableCol.cpp:
443         (WebCore::RenderTableCol::borderAdjoiningCellStartBorder):
444         (WebCore::RenderTableCol::borderAdjoiningCellEndBorder):
445         (WebCore::RenderTableCol::borderAdjoiningCellBefore):
446         (WebCore::RenderTableCol::borderAdjoiningCellAfter):
447         * rendering/RenderTableCol.h:
448         * rendering/RenderTableRow.cpp:
449         (WebCore::RenderTableRow::borderAdjoiningStartCell):
450         (WebCore::RenderTableRow::borderAdjoiningEndCell):
451         * rendering/RenderTableRow.h:
452         * rendering/RenderTableSection.cpp:
453         (WebCore::RenderTableSection::borderAdjoiningStartCell):
454         (WebCore::RenderTableSection::borderAdjoiningEndCell):
455         * rendering/RenderTableSection.h:
456
457 2016-07-23  Zalan Bujtas  <zalan@apple.com>
458
459         Remove unused enum and stale comment from RenderObject.
460         https://bugs.webkit.org/show_bug.cgi?id=160122
461
462         Reviewed by Simon Fraser.
463
464         No change in functionality.
465
466         * rendering/RenderBox.h:
467
468 2016-07-23  Carlos Garcia Campos  <cgarcia@igalia.com>
469
470         [Coordinated Graphics] Lots of flaky tests
471         https://bugs.webkit.org/show_bug.cgi?id=160118
472
473         Reviewed by Michael Catanzaro.
474
475         Since the GTK+ ported to threaded compositor (coordinated graphics) there are a lot of flaky tests in the
476         bots. In manu of the cases the diff shows a different size in the FrameView layer.
477
478         This happens for tests run in the same WTR after fast/fixed-layout/fixed-layout.html. This is what happens:
479
480          1.- Test fast/fixed-layout/fixed-layout.html runs and sets fixed layout to true and fixed layout size to 400x400
481          2.- When it finishes TestController::resetStateToConsistentValues() is called.
482          3.- Blank URL is loaded after state has been updated
483          4.- Then Reset message is handled in the web process and Internals::resetToConsistentState() resets the fixed
484              layout state and size.
485          5.- onresize happens and the handler set in fast/fixed-layout/fixed-layout.html is invoked setting the fixed
486              layout to true and size to 400x400 again.
487          6.- about_blank is then loaded with the fixed layout enabled, as well as other tests after this one.
488
489         In addition to this, coordinated graphics uses a fixedVisibleContentRect in ScrollView that is never reset.
490
491         * platform/ScrollView.cpp:
492         (WebCore::ScrollView::unscaledVisibleContentSizeIncludingObscuredArea): Only use m_fixedVisibleContentRect when
493         fixed layout is enabled.
494         (WebCore::ScrollView::unscaledUnobscuredVisibleContentSize): Ditto.
495         (WebCore::ScrollView::visibleContentRectInternal): Ditto.
496         * testing/Internals.cpp:
497         (WebCore::Internals::resetToConsistentState): Reset also the m_fixedVisibleContentRect.
498
499 2016-07-23  Carlos Garcia Campos  <cgarcia@igalia.com>
500
501         [Coordinated Graphics] Test imported/blink/svg/custom/svg-image-layers-crash.html crashes
502         https://bugs.webkit.org/show_bug.cgi?id=160078
503
504         Reviewed by Michael Catanzaro.
505
506         This is a merge of Blink r155373.
507         https://chromiumcodereview.appspot.com/20789004
508
509         Disable accelerated compositing for SVGImage content layers. SVGImageChromeClient does not support it.
510
511         Fixes imported/blink/svg/custom/svg-image-layers-crash.html.
512
513         * svg/graphics/SVGImage.cpp:
514         (WebCore::SVGImage::dataChanged):
515
516 2016-07-23  Commit Queue  <commit-queue@webkit.org>
517
518         Unreviewed, rolling out r203641.
519         https://bugs.webkit.org/show_bug.cgi?id=160116
520
521         It broke make-based builds (Requested by youenn on #webkit).
522
523         Reverted changeset:
524
525         "[Fetch API] Request should be created with any HeadersInit
526         data"
527         https://bugs.webkit.org/show_bug.cgi?id=159672
528         http://trac.webkit.org/changeset/203641
529
530 2016-07-23  Youenn Fablet  <youenn@apple.com>
531
532         [Fetch API] Request should be created with any HeadersInit data
533         https://bugs.webkit.org/show_bug.cgi?id=159672
534
535         Reviewed by Sam Weinig.
536
537         Made Request use JSBuiltinConstructor.
538         This allows initializing newly created Request with a JS built-in function, initializeFetchRequest.
539         initializeFetchRequest can call @fillFetchHeaders internal built-in to handle any HeadersInit data.
540         Future effort should be made to migrate more initialization code in initializeFetchRequest.
541
542         Made window and worker fetch function as a JS built-in.
543         This becomes more handy as these new functions can construct the Request object.
544         They can then call a single private function that takes a Request object as input.
545         Updated DOMWindowFetch and WorkerGlobalScopeFetch code accordingly.
546
547         To enable this, the binding generator is updated to support runtime-enabled JS built-in functions and
548         private functions atttached to global objects.
549
550         Covered by existing and modified tests.
551         Binding generator test covered by updated binding tests.
552
553         * CMakeLists.txt: Adding DOMWindowFetch.js, FetchRequest.js and WorkerGlobalScopeFetch.js built-in files.
554         * DerivedSources.make: Ditto.
555         * Modules/fetch/DOMWindowFetch.cpp: Removed overloaded fetch and updated according new signature.
556         (WebCore::DOMWindowFetch::fetch):
557         * Modules/fetch/DOMWindowFetch.h: Ditto.
558         * Modules/fetch/DOMWindowFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
559         * Modules/fetch/DOMWindowFetch.js: Added.
560         (fetch):
561         * Modules/fetch/FetchHeaders.h:
562         (WebCore::FetchHeaders::setGuard): Used by FetchRequest when initializing headers.
563         * Modules/fetch/FetchRequest.cpp: 
564         (WebCore::buildHeaders): Removed as implemented in JS.
565         (WebCore::FetchRequest::initializeOptions): Added to handle most of the dictionary initialization.
566         (WebCore::FetchRequest::initializeWith): Method called from built-in constructor function.
567         (WebCore::FetchRequest::setBody): Corresponding to @setBody private method.
568         (WebCore::buildBody): Deleted.
569         * Modules/fetch/FetchRequest.h:
570         * Modules/fetch/FetchRequest.idl:
571         * Modules/fetch/FetchRequest.js: Added.
572         (initializeFetchRequest): Implements fetch Request(input, init) constructor.
573         * Modules/fetch/FetchResponse.cpp:
574         (WebCore::FetchResponse::fetch): Removed the construction of FetchRequest in fetch method since it is done by JS built-in code.
575         * Modules/fetch/FetchResponse.h:
576         * Modules/fetch/WorkerGlobalScopeFetch.cpp: Removed overloaded fetch and updated according new signature.
577         (WebCore::WorkerGlobalScopeFetch::fetch):
578         * Modules/fetch/WorkerGlobalScopeFetch.h: Ditto.
579         * Modules/fetch/WorkerGlobalScopeFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
580         * Modules/fetch/WorkerGlobalScopeFetch.js: Added.
581         (fetch):
582         * bindings/js/WebCoreBuiltinNames.h: Adding fetchRequest, setBody and Request private identifiers.
583         * bindings/scripts/CodeGenerator.pm:
584         (WK_lcfirst): Replacing dOM by dom.
585         * bindings/scripts/CodeGeneratorJS.pm:
586         (GenerateImplementation): Adding support for runtime-enabled built-in methods and private methods.
587         * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
588         (WebCore::JSTestGlobalObject::finishCreation):
589         (WebCore::jsTestGlobalObjectInstanceFunctionTestPrivateFunction):
590         * bindings/scripts/test/ObjC/DOMTestGlobalObject.mm:
591         (-[DOMTestGlobalObject testJSBuiltinFunction]):
592         * bindings/scripts/test/TestGlobalObject.idl: Adding tests for runtime-enabled global built-in methods and private methods.
593
594 2016-07-23  Frederic Wang  <fwang@igalia.com>
595
596         Reset font-style on the <math> element
597         https://bugs.webkit.org/show_bug.cgi?id=160074
598
599         Reviewed by Darin Adler.
600
601         Mathematical formulas with italic font-style render poorly (slanted operators, mathvariant
602         italic etc). We align on Gecko and make the user agent stylesheet reset the font-style to
603         'normal' by default. This addresses the concrete use case of formula inside theorem or
604         proposition statements, which are often written in italic.
605
606         Test: mathml/presentation/math-font-style.html
607
608         * css/mathml.css:
609         (math): Reset the font-style to normal.
610
611 2016-07-23  Frederic Wang  <fwang@igalia.com>
612
613         [MathML] PaintInfo state is not properly restored after applyTransform.
614         https://bugs.webkit.org/show_bug.cgi?id=160077
615
616         Reviewed by Simon Fraser.
617
618         PaintInfo::applyTransform modifies PaintInfo::rect and the original state is not properly
619         restored by GraphicsContextStateSaver. To avoid some weird rendering bugs in MathOperator
620         and RenderMathMLMenclose, we follow what is done in SVG renderers and make a copy of the
621         original PaintInfo before applying the transform.
622
623         Test: mathml/presentation/bug160077.html
624
625         * rendering/mathml/MathOperator.cpp:
626         (WebCore::MathOperator::paint):
627         * rendering/mathml/RenderMathMLMenclose.cpp:
628         (WebCore::RenderMathMLMenclose::paint):
629
630 2016-07-23  Youenn Fablet  <youenn@apple.com>
631
632         [Fetch API] Fetch response stream should enqueue Uint8Array
633         https://bugs.webkit.org/show_bug.cgi?id=160083
634
635         Reviewed by Sam Weinig.
636
637         Covered by updated tests.
638
639         Before enqueuing, ReadableStreamController::enqueue will convert ArrayBuffer as Uint8Array.
640         It also returns a boolean whether the operation is successful or not.
641
642         If returned value is false, calling code will stop loading or if everything is loaded it will refrain from closing the stream.
643         The enqueuing should be succesful except in OutOfMemory cases. This case is not yet handled in test cases.
644
645         Updated the code to remove templated enqueuing as Fetch has no use of it.
646
647         * Modules/fetch/FetchBody.cpp:
648         (WebCore::FetchBody::consumeAsStream): Do not close the stream if enqueuing failed.
649         * Modules/fetch/FetchBodyOwner.cpp:
650         (WebCore::FetchBodyOwner::blobChunk): Stop blob loading if enqueuing failed.
651         * Modules/fetch/FetchResponse.cpp:
652         (WebCore::FetchResponse::BodyLoader::didReceiveData): Stop resource loading if enqueuing failed.
653         (WebCore::FetchResponse::consumeBodyAsStream): Ditto.
654         * Modules/fetch/FetchResponseSource.h:
655         * bindings/js/ReadableStreamController.h:
656         (WebCore::ReadableStreamController::enqueue):
657         (WebCore::ReadableStreamController::enqueue<RefPtr<JSC::ArrayBuffer>>): Deleted.
658
659 2016-07-22  Youenn Fablet  <youenn@apple.com>
660
661         Use a private property to implement FetchResponse.body getter
662         https://bugs.webkit.org/show_bug.cgi?id=159808
663
664         Reviewed by Sam Weinig.
665
666         Covered by existing test sets.
667
668         Previously, body was handled as a CachedAttribute.
669         Using a private property will allow direct use of this property from JS built-ins which will allow easier
670         handling of ReadableStream cloning in Response.clone.
671         Also, this allows removing some binding custom code.
672
673         Updated redirect and error static methods to take NewObject keyword, as this removes a search into cached wrappers.
674         Ditto for createReadableStreamSource.
675
676         * CMakeLists.txt: Removing JSFetchResponseCustom.cpp.
677         * Modules/fetch/FetchResponse.idl: Adding createReadableStreamSource and isDisturbed private functions.
678         Making body getter a JSBuiltin.
679         * Modules/fetch/FetchResponse.js:
680         (body): Adding getter which will call createReadableStreamSource if needed.
681         * WebCore.xcodeproj/project.pbxproj: Removing JSFetchResponseCustom.cpp.
682         * bindings/js/JSFetchResponseCustom.cpp: Removed.
683         * bindings/js/ReadableStreamController.cpp:
684         (WebCore::createReadableStream): Deleted.
685         (WebCore::getReadableStreamReader): Deleted.
686         * bindings/js/ReadableStreamController.h: Removing unneeded ReadableStream helper routine now that they can be
687         handled within JS built-in code.
688         * bindings/js/WebCoreBuiltinNames.h: Adding @createReadableStreamSource, @isDisturbed  and @Response identifiers.
689
690 2016-07-22  Zalan Bujtas  <zalan@apple.com>
691
692         Handle cases when IOSurface initialization fails.
693         https://bugs.webkit.org/show_bug.cgi?id=160006
694         <rdar://problem/27495102>
695
696         Reviewed by Tim Horton and Simon Fraser.
697
698         This is an additional fix to r203514 to check if IOSurface initialization was successful.
699
700         Unable to test.
701
702         * platform/graphics/cg/ImageBufferCG.cpp:
703         (WebCore::ImageBuffer::ImageBuffer):
704         * platform/graphics/cocoa/IOSurface.h: Merge 2 c'tors.
705         * platform/graphics/cocoa/IOSurface.mm: Remove redundant IOSurface::create() code.  
706         (WebCore::IOSurface::create):
707         (WebCore::IOSurface::createFromImage):
708         (WebCore::IOSurface::IOSurface):
709         (WebCore::IOSurface::convertToFormat):
710
711 2016-07-22  Wenson Hsieh  <wenson_hsieh@apple.com>
712
713         Media controls should be displayed for media in media documents
714         https://bugs.webkit.org/show_bug.cgi?id=160104
715         <rdar://problem/27438936>
716
717         Reviewed by Myles C. Maxfield.
718
719         Make videos that would otherwise not have been large enough or have the right
720         aspect ratio cause media controls to appear. This is because media elements in
721         a media document are implied to be main content.
722
723         Added a new API test.
724
725         * html/MediaElementSession.cpp:
726         (WebCore::MediaElementSession::canControlControlsManager):
727
728 2016-07-22  Myles C. Maxfield  <mmaxfield@apple.com>
729
730         All dancers with bunny ears are female
731         https://bugs.webkit.org/show_bug.cgi?id=160102
732         <rdar://problem/27453479>
733
734         Reviewed by Simon Fraser.
735
736         In r203330 I added support for new emoji group candidates. I accidentally
737         missed one of the new emoji code points.
738
739         Tests: editing/deleting/delete-emoji.html:
740                fast/text/emoji-gender-2-9.html:
741                fast/text/emoji-gender-9.html:
742                fast/text/emoji-gender-fe0f-9.html:
743
744         * platform/text/CharacterProperties.h:
745         (WebCore::isEmojiGroupCandidate):
746
747 2016-07-22  Chris Dumez  <cdumez@apple.com>
748
749         Parameter to HTMLCollection.item() / namedItem() should be mandatory
750         https://bugs.webkit.org/show_bug.cgi?id=160099
751
752         Reviewed by Sam Weinig.
753
754         Parameter to HTMLCollection.item() / namedItem() should be mandatory:
755         - https://dom.spec.whatwg.org/#interface-htmlcollection
756         - https://html.spec.whatwg.org/multipage/infrastructure.html#htmlformcontrolscollection
757         - https://html.spec.whatwg.org/multipage/infrastructure.html#the-htmloptionscollection-interface
758
759         Firefox and Chrome agree with the specification.
760
761         No new tests, rebaselined existing tests.
762
763         * bindings/js/JSHTMLFormControlsCollectionCustom.cpp:
764         (WebCore::JSHTMLFormControlsCollection::namedItem):
765         * html/HTMLCollection.idl:
766         * html/HTMLFormControlsCollection.idl:
767         * html/HTMLOptionsCollection.idl:
768
769 2016-07-22  Chris Dumez  <cdumez@apple.com>
770
771         First parameter to Window.getComputedStyle() should be mandatory and non-nullable
772         https://bugs.webkit.org/show_bug.cgi?id=160097
773
774         Reviewed by Ryosuke Niwa.
775
776         First parameter to Window.getComputedStyle() should be mandatory and
777         non-nullable:
778         - https://drafts.csswg.org/cssom/#extensions-to-the-window-interface
779
780         Firefox and Chrome agree with the specification.
781
782         Test: fast/dom/Window/getComputedStyle-missing-parameter.html
783
784         * css/CSSComputedStyleDeclaration.cpp:
785         (WebCore::ComputedStyleExtractor::ComputedStyleExtractor):
786         (WebCore::CSSComputedStyleDeclaration::CSSComputedStyleDeclaration):
787         (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
788         (WebCore::CSSComputedStyleDeclaration::copyProperties):
789         (WebCore::CSSComputedStyleDeclaration::length):
790         (WebCore::CSSComputedStyleDeclaration::item):
791         (WebCore::CSSComputedStyleDeclaration::getPropertyValue):
792         * css/CSSComputedStyleDeclaration.h:
793         * dom/Document.idl:
794         * inspector/InspectorCSSAgent.cpp:
795         (WebCore::InspectorCSSAgent::getComputedStyleForNode):
796         * page/DOMWindow.cpp:
797         (WebCore::DOMWindow::getComputedStyle):
798         * page/DOMWindow.h:
799         * page/DOMWindow.idl:
800         * testing/Internals.cpp:
801         (WebCore::Internals::computedStyleIncludingVisitedInfo):
802         * testing/Internals.h:
803         * testing/Internals.idl:
804
805 2016-07-22  Brady Eidson  <beidson@apple.com>
806
807         Removing IndexedDatabases that have stored blobs doesn't remove the blob files.
808         https://bugs.webkit.org/show_bug.cgi?id=160089
809
810         Reviewed by Darin Adler.
811
812         Tested by API test IndexedDB.StoreBlobThenDelete.
813
814         Blob filenames exist in the IDB directory with the name "[0-9]+.blob".
815         
816         That is, one or more digits, followed by ".blob".
817         
818         So when we delete an IndexedDB.sqlite3 and related files, we should delete those blob files as well.
819         
820         * Modules/indexeddb/server/IDBServer.cpp:
821         (WebCore::IDBServer::removeAllDatabasesForOriginPath):
822
823 2016-07-22  Chris Dumez  <cdumez@apple.com>
824
825         Fix default parameter values for window.alert() / prompt() / confirm()
826         https://bugs.webkit.org/show_bug.cgi?id=160085
827
828         Reviewed by Ryosuke Niwa.
829
830         Fix default parameter values for window.alert() / prompt() / confirm() to
831         match the specification:
832         - https://html.spec.whatwg.org/multipage/browsers.html#the-window-object
833
834         They should default to the empty string, not the string "undefined".
835
836         Firefox and chrome agree with the specification.
837
838         No new tests, updated existing test.
839
840         * page/DOMWindow.h:
841         * page/DOMWindow.idl:
842
843 2016-07-22  Daniel Bates  <dabates@apple.com>
844
845         CSP: object-src and plugin-types directives are not respected for plugin replacements
846         https://bugs.webkit.org/show_bug.cgi?id=159761
847         <rdar://problem/27365724>
848
849         Reviewed by Brent Fulgham.
850
851         Apply the Content Security Policy (CSP) object-src and plugin-types directives to content that will
852         load with a plugin replacement.
853
854         Tests: security/contentSecurityPolicy/object-src-none-blocks-quicktime-plugin-replacement.html
855                security/contentSecurityPolicy/object-src-none-blocks-youtube-plugin-replacement.html
856                security/contentSecurityPolicy/plugins-types-allows-quicktime-plugin-replacement.html
857                security/contentSecurityPolicy/plugins-types-allows-youtube-plugin-replacement.html
858                security/contentSecurityPolicy/plugins-types-blocks-quicktime-plugin-replacement-without-mime-type.html
859                security/contentSecurityPolicy/plugins-types-blocks-quicktime-plugin-replacement.html
860                security/contentSecurityPolicy/plugins-types-blocks-youtube-plugin-replacement-without-mime-type.html
861                security/contentSecurityPolicy/plugins-types-blocks-youtube-plugin-replacement.html
862
863         * html/HTMLPlugInImageElement.cpp:
864         (WebCore::HTMLPlugInImageElement::allowedToLoadPluginContent): Added.
865         (WebCore::HTMLPlugInImageElement::requestObject): Only request loading plugin content if we
866         are allowed to load such content.
867         * html/HTMLPlugInImageElement.h:
868         * loader/SubframeLoader.cpp:
869         (WebCore::SubframeLoader::pluginIsLoadable): Removed code to check CSP as we will check CSP
870         earlier in HTMLPlugInImageElement::requestObject().
871         (WebCore::SubframeLoader::requestPlugin): Ditto.
872         (WebCore::SubframeLoader::isPluginContentAllowedByContentSecurityPolicy): Deleted; moved implementation
873         to HTMLPlugInImageElement::allowedToLoadPluginContent().
874         (WebCore::SubframeLoader::requestObject): Deleted.
875         * loader/SubframeLoader.h:
876         * page/csp/ContentSecurityPolicy.cpp:
877         (WebCore::ContentSecurityPolicy::upgradeInsecureRequestIfNeeded): Changed signature from a non-const
878         function to a const function since these functions do not modify |this|.
879         * page/csp/ContentSecurityPolicy.h: 
880
881 2016-07-22  Chris Dumez  <cdumez@apple.com>
882
883         Parameters to Node.replaceChild() / insertBefore() should be mandatory
884         https://bugs.webkit.org/show_bug.cgi?id=160091
885
886         Reviewed by Darin Adler.
887
888         Parameters to Node.replaceChild() / insertBefore() should be mandatory:
889         - https://dom.spec.whatwg.org/#node
890
891         The compatibility risk should be low since Firefox and Chrome both agree
892         with the specification and because it does not make much sense to omit
893         parameters when using this API.
894
895         No new tests, rebaselined existing tests.
896
897         * bindings/js/JSNodeCustom.cpp:
898         (WebCore::JSNode::insertBefore):
899         (WebCore::JSNode::replaceChild):
900
901 2016-07-22  Chris Dumez  <cdumez@apple.com>
902
903         Parameter to Node.contains() should be mandatory
904         https://bugs.webkit.org/show_bug.cgi?id=160084
905
906         Reviewed by Darin Adler.
907
908         Parameter to Node.contains() should be mandatory as per the
909         specification:
910         - https://dom.spec.whatwg.org/#node
911
912         The compatibility risk should be low because both Firefox and Chrome
913         both agree with the specification. Also, it does not make much sense
914         to call this API without parameter.
915
916         No new tests, rebaselined existing tests.
917
918         * dom/Node.idl:
919
920 2016-07-22  Said Abou-Hallawa  <sabouhallawa@apple.com>
921
922         [iOS] REGRESSION(203378): PDFDocumentImage::updateCachedImageIfNeeded() uses the unscaled size when deciding whether to cache the PDF image
923         https://bugs.webkit.org/show_bug.cgi?id=159933
924
925         Reviewed by Simon Fraser.
926
927         We need to use the scaled size when deciding whether to cache the PDF image
928         or not. This is because ImageBuffer takes the display resolution into account
929         which gives higher resolution for the image when zooming.
930
931         * platform/graphics/cg/PDFDocumentImage.cpp:
932         (WebCore::PDFDocumentImage::updateCachedImageIfNeeded):
933
934 2016-07-22  Chris Dumez  <cdumez@apple.com>
935
936         First parameter to getElementById() should be mandatory
937         https://bugs.webkit.org/show_bug.cgi?id=160087
938
939         Reviewed by Darin Adler.
940
941         First parameter to getElementById() should be mandatory:
942         - https://dom.spec.whatwg.org/#nonelementparentnode
943         - https://www.w3.org/TR/SVG/struct.html#InterfaceSVGSVGElement
944
945         Both Firefox and Chrome agree with the specification.
946
947         Test: svg/dom/SVGSVGElement-getElementById.html
948
949         * dom/NonElementParentNode.idl:
950         * svg/SVGSVGElement.idl:
951
952 2016-07-22  Chris Dumez  <cdumez@apple.com>
953
954         Parameter to Node.lookupPrefix() / lookupNamespaceURI() / isDefaultNamespace() should be mandatory
955         https://bugs.webkit.org/show_bug.cgi?id=160086
956
957         Reviewed by Darin Adler.
958
959         Parameter to Node.lookupPrefix() / lookupNamespaceURI() / isDefaultNamespace()
960         should be mandatory:
961         - https://dom.spec.whatwg.org/#node
962
963         Firefox and Chrome both agree with the specification.
964
965         No new tests, rebaselined existing tests.
966
967         * dom/Node.idl:
968
969 2016-07-22  Chris Dumez  <cdumez@apple.com>
970
971         Parameter to Node.compareDocumentPosition() should be mandatory and non-nullable
972         https://bugs.webkit.org/show_bug.cgi?id=160071
973
974         Reviewed by Ryosuke Niwa.
975
976         
977         Parameter to Node.compareDocumentPosition() should be mandatory and
978         non-nullable:
979         - https://dom.spec.whatwg.org/#interface-node
980
981         Firefox and Chrome agree with the specification so the compatibility
982         risk should be low. Also, it does not make much sense to call this
983         operation without parameter.
984
985         No new tests, rebaselined existing tests.
986
987         * accessibility/AccessibilityObject.cpp:
988         (WebCore::rangeClosestToRange):
989         * dom/AuthorStyleSheets.cpp:
990         (WebCore::AuthorStyleSheets::addStyleSheetCandidateNode):
991         * dom/Node.cpp:
992         (WebCore::compareDetachedElementsPosition):
993         (WebCore::Node::compareDocumentPosition):
994         * dom/Node.h:
995         * dom/Node.idl:
996         * dom/Position.h:
997         (WebCore::operator<):
998         * html/HTMLFormElement.cpp:
999         (WebCore::HTMLFormElement::formElementIndexWithFormAttribute):
1000         (WebCore::HTMLFormElement::formElementIndex):
1001         * rendering/RenderNamedFlowThread.cpp:
1002         (WebCore::RenderNamedFlowThread::nextRendererForElement):
1003         (WebCore::compareRenderNamedFlowFragments):
1004         (WebCore::RenderNamedFlowThread::registerNamedFlowContentElement):
1005
1006 2016-07-22  Konstantin Tokarev  <annulen@yandex.ru>
1007
1008         [cmake] Removed obsolete plugins/win directory
1009         https://bugs.webkit.org/show_bug.cgi?id=160081
1010
1011         Reviewed by Per Arne Vollan.
1012
1013         It was removed in r178219.
1014
1015         No new tests needed.
1016
1017         * PlatformWin.cmake:
1018
1019 2016-07-22  Youenn Fablet  <youenn@apple.com>
1020
1021         run-builtins-generator-tests should be able to test WebCore builtins wrapper with more than one file
1022         https://bugs.webkit.org/show_bug.cgi?id=159921
1023
1024         Reviewed by Brian Burg.
1025
1026         Covered by existing and added built-ins tests.
1027
1028         Updating built system according ---wrappers-only new meaning.
1029         builtin generator is now called for each individual built-in file plus once for WebCore wrapper files.
1030         WebCore wrapper files allow handling things like conditionally guarded features.
1031         They also remove the need to use built-ins macros outside generated code.
1032
1033         * CMakeLists.txt:
1034         * DerivedSources.make:
1035
1036 2016-07-21  Frederic Wang  <fwang@igalia.com>
1037
1038         Move parsing of accentunder and accent attributes from renderer to element classes
1039         https://bugs.webkit.org/show_bug.cgi?id=159625
1040
1041         Reviewed by Brent Fulgham.
1042
1043         We introduce a new MathMLUnderOverElement that is used for elements munder, mover and
1044         munderover in order to create RenderMathMLUnderOver and parse and expose the values of the
1045         accent and accentunder attributes. This is one more step toward moving MathML attribute
1046         parsing to the DOM (bug 156536). We also do minor clean-up for this and previous renderer
1047         classes that no longer do attribute parsing: the MathMLNames namespace is no longer necessary
1048         and constructors can take a more accurate element type.
1049
1050         No new tests, already covered by existing test.
1051
1052         * CMakeLists.txt: Add MathMLUnderOverElement files.
1053         * WebCore.xcodeproj/project.pbxproj: Ditto.
1054         * mathml/MathMLAllInOne.cpp: Ditto.
1055         * mathml/MathMLElement.cpp:
1056         (WebCore::MathMLElement::cachedBooleanAttribute): Add parsing of boolean attributes.
1057         * mathml/MathMLElement.h: New type and helper functions for boolean attributes.
1058         * mathml/MathMLInlineContainerElement.cpp:
1059         (WebCore::MathMLInlineContainerElement::createElementRenderer): Remove handling of
1060         under/over/underover elements.
1061         * mathml/MathMLScriptsElement.cpp:
1062         (WebCore::MathMLScriptsElement::MathMLScriptsElement): Remove inline keyword to avoid link
1063         errors now that MathMLUnderOverElement overrides that class.
1064         * mathml/MathMLScriptsElement.h: Allow MathMLUnderOverElement to override this class.
1065         * mathml/MathMLUnderOverElement.cpp:
1066         (WebCore::MathMLUnderOverElement::MathMLUnderOverElement):
1067         (WebCore::MathMLUnderOverElement::create):
1068         (WebCore::MathMLUnderOverElement::accent): Helper function to access the accent value.
1069         (WebCore::MathMLUnderOverElement::accentUnder): Helper function to access the accentunder value.
1070         (WebCore::MathMLUnderOverElement::parseAttribute): Make accent and accentunder dirty.
1071         (WebCore::MathMLUnderOverElement::createElementRenderer): Create RenderMathMLUnderOver
1072         * mathml/MathMLUnderOverElement.h:
1073         * mathml/mathtags.in: Map under/over/underover to MathMLUnderOverElement.
1074         * rendering/mathml/RenderMathMLFraction.cpp: Remove MathMLNames and make the constructor
1075         take a MathMLFractionElement.
1076         (WebCore::RenderMathMLFraction::RenderMathMLFraction):
1077         * rendering/mathml/RenderMathMLFraction.h:
1078         * rendering/mathml/RenderMathMLPadded.cpp: Remove MathMLNames and make the constructor
1079         take a MathMLPaddedElement.
1080         (WebCore::RenderMathMLPadded::RenderMathMLPadded):
1081         * rendering/mathml/RenderMathMLPadded.h:
1082         * rendering/mathml/RenderMathMLScripts.cpp: Remove MathMLNames and make the constructor
1083         take a MathMLScriptsElement. Also rename scriptsElement() to element().
1084         (WebCore::RenderMathMLScripts::RenderMathMLScripts):
1085         (WebCore::RenderMathMLScripts::element):
1086         (WebCore::RenderMathMLScripts::getScriptMetricsAndLayoutIfNeeded):
1087         (WebCore::RenderMathMLScripts::scriptsElement): Deleted.
1088         * rendering/mathml/RenderMathMLScripts.h:
1089         * rendering/mathml/RenderMathMLUnderOver.cpp: Remove MathMLNames and make the constructor
1090         take a RenderMathMLUnderOver.
1091         (WebCore::RenderMathMLUnderOver::RenderMathMLUnderOver):
1092         (WebCore::RenderMathMLUnderOver::element):
1093         (WebCore::RenderMathMLUnderOver::hasAccent): Use the helper functions for accent and accentunder.
1094         * rendering/mathml/RenderMathMLUnderOver.h:
1095
1096 2016-07-21  Chris Dumez  <cdumez@apple.com>
1097
1098         Parameter to Node.isSameNode() / isEqualNode() should be mandatory
1099         https://bugs.webkit.org/show_bug.cgi?id=160070
1100
1101         Reviewed by Ryosuke Niwa.
1102
1103         Parameter to Node.isSameNode() / isEqualNode() should be mandatory as
1104         per the specification:
1105         - https://dom.spec.whatwg.org/#interface-node
1106
1107         Chrome and Firefox agree with the specification (although Firefox does
1108         not support isSameNode()).
1109
1110         No new tests, rebaselined existing tests.
1111
1112         * dom/Node.idl:
1113
1114 2016-07-21  Chris Dumez  <cdumez@apple.com>
1115
1116         Parameter to Document.createEvent() should be mandatory
1117         https://bugs.webkit.org/show_bug.cgi?id=160065
1118
1119         Reviewed by Darin Adler.
1120
1121         Parameter to Document.createEvent() should be mandatory as per the
1122         specification:
1123         - https://dom.spec.whatwg.org/#document
1124
1125         We already throw anyway when the parameter is omitted because we use
1126         "undefined" as event type, which is invalid. However, we throw the
1127         wrong exception.
1128
1129         Firefox and Chrome agree with the specification here.
1130
1131         No new tests, rebaselined existing tests.
1132
1133         * dom/Document.idl:
1134
1135 2016-07-21  Brian Burg  <bburg@apple.com>
1136
1137         REGRESSION(r62549): Objective-C DOM bindings sometimes fail to regenerate when CodeGenerator.pm is modified
1138         https://bugs.webkit.org/show_bug.cgi?id=160031
1139
1140         Reviewed by Darin Adler.
1141
1142         This bug was caused by a refactoring 6 years ago. Not all uses of a variable
1143         were renamed, so the ObjC bindings target pattern was not specifying any
1144         build scripts as target dependencies.
1145
1146         * DerivedSources.make: Standardize on {COMMON,JS,DOM}_BINDINGS_SCRIPTS.
1147
1148 2016-07-21  Darin Adler  <darin@apple.com>
1149
1150         Remove unneeded content attribute name "playsinline"
1151         https://bugs.webkit.org/show_bug.cgi?id=160069
1152
1153         Reviewed by Chris Dumez.
1154
1155         * html/HTMLVideoElement.idl: Removed explicit content attribute name on Reflect
1156         attribute since it is the same as the name that the code generator will generate.
1157
1158 2016-07-21  Chris Dumez  <cdumez@apple.com>
1159
1160         Make parameters to Element.getElementsBy*() operations mandatory
1161         https://bugs.webkit.org/show_bug.cgi?id=160060
1162
1163         Reviewed by Darin Adler.
1164
1165         Make parameters to Element.getElementsBy*() operations mandatory to
1166         match the specification:
1167         - https://dom.spec.whatwg.org/#interface-element
1168
1169         Firefox and Chrome agree with the specification so the compatibility
1170         risk should be low.
1171
1172         It makes very little sense to call these operations without parameter,
1173         especially considering WebKit uses the string "undefined" if the
1174         parameter is omitted.
1175
1176         No new tests, rebaselined existing tests.
1177
1178         * dom/Element.idl:
1179
1180 2016-07-21  Chris Dumez  <cdumez@apple.com>
1181
1182         Make parameters mandatory for attribute-related API on Element
1183         https://bugs.webkit.org/show_bug.cgi?id=160059
1184
1185         Reviewed by Ryosuke Niwa.
1186
1187         Make parameters mandatory for attribute-related API on Element to match
1188         the specification:
1189         - https://dom.spec.whatwg.org/#element
1190
1191         Firefox and Chrome agree with the specification. Calling this API
1192         without the parameters does not make much sense, especially considering
1193         WebKit uses the string "undefined" when the parameter is omitted.
1194
1195         No new tests, rebaselined existing tests.
1196
1197         * dom/Element.idl:
1198
1199 2016-07-21  Myles C. Maxfield  <mmaxfield@apple.com>
1200
1201         Remove support for deprecated SPI inlineMediaPlaybackRequiresPlaysInlineAttribute
1202         https://bugs.webkit.org/show_bug.cgi?id=160066
1203
1204         Reviewed by Dean Jackson.
1205
1206         r203520 deprecated inlineMediaPlaybackRequiresPlaysInlineAttribute in favor of
1207         allowsInlineMediaPlaybackWithPlaysInlineAttribute and
1208         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute. The old
1209         inlineMediaPlaybackRequiresPlaysInlineAttribute is SPI and was never released
1210         to the public. Therefore, it can be removed safely.
1211
1212         No new tests because there is no behavior change.
1213
1214         * page/Settings.cpp:
1215         * page/Settings.in:
1216         * testing/InternalSettings.cpp:
1217         (WebCore::InternalSettings::Backup::Backup): Deleted.
1218         (WebCore::InternalSettings::Backup::restoreTo): Deleted.
1219         (WebCore::InternalSettings::setInlineMediaPlaybackRequiresPlaysInlineAttribute): Deleted.
1220         * testing/InternalSettings.h:
1221         * testing/InternalSettings.idl:
1222
1223 2016-07-21  Dean Jackson  <dino@apple.com>
1224
1225         REGRESSION (r202927): The internal size of the ImageBuffer is scaled twice by the context scaleFactor
1226         https://bugs.webkit.org/show_bug.cgi?id=159981
1227         <rdar://problem/27429465>
1228
1229         Reviewed by Myles Maxfield.
1230
1231         The change to propagate color spaces through ImageBuffers created an
1232         alternate version of createCompatibleBuffer. This version accidentally
1233         attempted to take the display resolution (i.e. hidpi) into account
1234         when creating the buffer, which meant it was being applied twice.
1235
1236         The fix is simply to remove that logic. The caller of the method
1237         will take the resolution into account, the same way they did
1238         with the old createCompatibleBuffer method.
1239
1240         Test: fast/hidpi/pdf-image-scaled.html
1241
1242         * platform/graphics/cg/ImageBufferCG.cpp:
1243         (WebCore::ImageBuffer::createCompatibleBuffer): Don't calculate
1244         a resolution - just use the value of 1.0.
1245
1246 2016-07-21  John Wilander  <wilander@apple.com>
1247
1248         Block mixed content synchronous XHR
1249         https://bugs.webkit.org/show_bug.cgi?id=105462
1250         <rdar://problem/13666424>
1251
1252         Reviewed by Brent Fulgham.
1253
1254         Test: http/tests/security/mixedContent/insecure-xhr-sync-in-main-frame.html
1255
1256         * loader/DocumentThreadableLoader.cpp:
1257         (WebCore::DocumentThreadableLoader::loadRequest):
1258
1259 2016-07-21  Chris Dumez  <cdumez@apple.com>
1260
1261         Make parameters to Document.getElementsBy*() operations mandatory
1262         https://bugs.webkit.org/show_bug.cgi?id=160050
1263
1264         Reviewed by Daniel Bates.
1265
1266         Make parameters to Document.getElementsBy*() operations mandatory to
1267         match the specification:
1268         - https://dom.spec.whatwg.org/#interface-document
1269
1270         Firefox and Chrome agree with the specification so the compatibility
1271         risk should be low.
1272
1273         It makes very little sense to call these operations without parameter,
1274         especially considering WebKit uses the string "undefined" if the
1275         parameter is omitted.
1276
1277         No new tests, rebaselined existing tests.
1278
1279         * dom/Document.idl:
1280
1281 2016-07-21  Nan Wang  <n_wang@apple.com>
1282
1283         AX: aria-label not being used correctly in accessible name calculation of heading
1284         https://bugs.webkit.org/show_bug.cgi?id=160009
1285
1286         Reviewed by Chris Fleizach.
1287
1288         Actually we are exposing the correct information for heading objects. On macOS, 
1289         VoiceOver should handle the logic that picks the right information to speak.
1290         On iOS, VoiceOver is speaking the static text child instead of the heading object.
1291         So we should set the accessibilityLabel of the static text based on the parent's 
1292         alternate label.
1293
1294         Test: accessibility/ios-simulator/heading-with-aria-label.html
1295
1296         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
1297         (-[WebAccessibilityObjectWrapper _accessibilityTraitsFromAncestors]):
1298
1299 2016-07-21  Saam Barati  <sbarati@apple.com>
1300
1301         op_add/ValueAdd should be an IC in all JIT tiers
1302         https://bugs.webkit.org/show_bug.cgi?id=159649
1303
1304         Reviewed by Benjamin Poulain.
1305
1306         * ForwardingHeaders/jit/JITMathICForwards.h: Added.
1307
1308 2016-07-21  Chris Dumez  <cdumez@apple.com>
1309
1310         Make parameters mandatory for Document.create*() operations
1311         https://bugs.webkit.org/show_bug.cgi?id=160047
1312
1313         Reviewed by Ryosuke Niwa.
1314
1315         Make parameters mandatory for Document.create*() operations:
1316         createTextNode(), createComment(), createCDataSection(),
1317         createAttribute() and createProcessingInstruction().
1318
1319         This matches the specification:
1320         - https://dom.spec.whatwg.org/#interface-document
1321
1322         Firefox and Chrome both agree with the specification so the
1323         compatibility risk should be low. Also WebKit uses the string
1324         "undefined" when the parameter is omitted, which is not very
1325         helpful.
1326
1327         No new tests, rebaselined existing tests.
1328
1329         * dom/Document.idl:
1330
1331 2016-07-21  Chris Dumez  <cdumez@apple.com>
1332
1333         Fix null handling of SVGAngle/SVGLength.valueAsString attribute
1334         https://bugs.webkit.org/show_bug.cgi?id=160025
1335
1336         Reviewed by Ryosuke Niwa.
1337
1338         Fix null handling of SVGAngle/SVGLength.valueAsString attribute
1339         to match the specification:
1340         - https://www.w3.org/TR/SVG2/types.html#InterfaceSVGAngle
1341         - https://www.w3.org/TR/SVG2/types.html#InterfaceSVGLength
1342
1343         In particular, this patch drops [TreatNullAs=EmptyString] IDL
1344         extended attribute from this attribute. This is not supposed
1345         to change behavior given that both "" and "null" are invalid
1346         numbers and the specification says to throw a SYNTAX_ERR in
1347         this case.
1348
1349         However, WebKit currently ignores assignments to "" instead
1350         of throwing. As a result, assigning to null will now throw
1351         instead of being ignored. The compatibility risk should be
1352         low because both Firefox and Chrome throw when assigning
1353         null.
1354
1355         I did not change the behavior when assigning to "" because
1356         it is a bit out of scope for this patch and browsers to not
1357         seem to agree:
1358         - Firefox throws
1359         - Chrome set value to "0"
1360         - WebKit ignores the assignment
1361
1362         The specification seems to agree with Firefox as far as I
1363         can tell given that "" is not a valid number as per:
1364         - https://www.w3.org/TR/css3-values/#numbers
1365
1366         Test: svg/dom/valueAsString-null.html
1367
1368         * svg/SVGAngle.idl:
1369         * svg/SVGLength.idl:
1370
1371 2016-07-21  Chris Dumez  <cdumez@apple.com>
1372
1373         Fix null handling of HTMLFontElement.color
1374         https://bugs.webkit.org/show_bug.cgi?id=160036
1375
1376         Reviewed by Ryosuke Niwa.
1377
1378         Fix null handling of HTMLFontElement.color to match the specification:
1379         - https://html.spec.whatwg.org/#htmlfontelement
1380
1381         We are supposed to treat null as the empty string. Both Firefox and
1382         Chrome agree with the specification.
1383
1384         No new tests, rebaselined existing tests.
1385
1386         * html/HTMLFontElement.idl:
1387
1388 2016-07-21  Chris Dumez  <cdumez@apple.com>
1389
1390         Fix null handling for several HTMLTableElement attributes
1391         https://bugs.webkit.org/show_bug.cgi?id=160041
1392
1393         Reviewed by Ryosuke Niwa.
1394
1395         Fix null handling for several HTMLTableElement attributes to match the
1396         specification:
1397         - https://html.spec.whatwg.org/#HTMLTableElement-partial
1398
1399         The attributes in question are 'bicolor', 'cellSpacing' and
1400         'cellPadding'. We are supposed to treat null as the empty string for
1401         these attributes.
1402
1403         Firefox and Chrome both agree with the specification.
1404
1405         No new tests, rebaselined existing tests.
1406
1407         * html/HTMLTableElement.idl:
1408
1409 2016-07-21  Chris Dumez  <cdumez@apple.com>
1410
1411         Fix null handling for HTMLObjectElement.border
1412         https://bugs.webkit.org/show_bug.cgi?id=160040
1413
1414         Reviewed by Ryosuke Niwa.
1415
1416         Fix null handling for HTMLObjectElement.border to match the specification:
1417         - https://html.spec.whatwg.org/#HTMLObjectElement-partial
1418
1419         We are supposed to treat null as the empty string.
1420
1421         Both Firefox and Chrome agree with the specification.
1422
1423         No new tests, rebaselined existing tests.
1424
1425         * html/HTMLObjectElement.idl:
1426
1427 2016-07-21  Chris Dumez  <cdumez@apple.com>
1428
1429         Fix null handling for td.bgColor / tr.bgColor
1430         https://bugs.webkit.org/show_bug.cgi?id=160043
1431
1432         Reviewed by Ryosuke Niwa.
1433
1434         Fix null handling for td.bgColor / tr.bgColor to match the
1435         specification:
1436         - https://html.spec.whatwg.org/#HTMLTableCellElement-partial
1437         - https://html.spec.whatwg.org/#HTMLTableRowElement-partial
1438
1439         We are supposed to treat null as the empty string.
1440
1441         Firefox and Chrome both agree with the specification.
1442
1443         No new tests, rebaselined existing tests.
1444
1445         * html/HTMLTableCellElement.idl:
1446         * html/HTMLTableRowElement.idl:
1447
1448 2016-07-21  Chris Dumez  <cdumez@apple.com>
1449
1450         Fix null handling for several HTMLBodyElement attributes
1451         https://bugs.webkit.org/show_bug.cgi?id=160044
1452
1453         Reviewed by Ryosuke Niwa.
1454
1455         Fix null handling for several HTMLBodyElement attributes to match the
1456         specification:
1457         - https://html.spec.whatwg.org/#HTMLBodyElement-partial
1458
1459         The attributes in question are: 'text', 'link', 'vlink', 'alink' and
1460         'bgcolor'.
1461
1462         We are supposed to treat null as the empty string for these attributes.
1463
1464         Firefox and Chrome both agree with the specification.
1465
1466         No new tests, rebaselined existing tests.
1467
1468         * html/HTMLBodyElement.idl:
1469
1470 2016-07-21  Chris Dumez  <cdumez@apple.com>
1471
1472         Fix null handling for HTMLIFrameElement.marginWidth / marginHeight
1473         https://bugs.webkit.org/show_bug.cgi?id=160037
1474
1475         Reviewed by Ryosuke Niwa.
1476
1477         Fix null handling for HTMLIFrameElement.marginWidth / marginHeight to
1478         match the specification:
1479         - https://html.spec.whatwg.org/#HTMLIFrameElement-partial
1480
1481         We are supposed to treat null as the empty string. Both Firefox and
1482         Chrome agree with the specification.
1483
1484         No new tests, rebaselined existing tests.
1485
1486         * html/HTMLIFrameElement.idl:
1487
1488 2016-07-21  Chris Dumez  <cdumez@apple.com>
1489
1490         Fix null handling for HTMLImageElement.border
1491         https://bugs.webkit.org/show_bug.cgi?id=160039
1492
1493         Reviewed by Ryosuke Niwa.
1494
1495         Fix null handling for HTMLImageElement.border to match the specification:
1496         - https://html.spec.whatwg.org/#HTMLImageElement-partial
1497
1498         We are supposed to treat null as the empty string.
1499
1500         Both Firefox and Chrome agree with the specification.
1501
1502         No new tests, rebaselined existing tests.
1503
1504         * html/HTMLImageElement.idl:
1505
1506 2016-07-21  Daniel Bates  <dabates@apple.com>
1507
1508         REGRESSION: Plugin replaced YouTube Flash videos always have the same width
1509         https://bugs.webkit.org/show_bug.cgi?id=159998
1510         <rdar://problem/27462285>
1511
1512         Reviewed by Simon Fraser.
1513
1514         Fixes an issue where the width of a plugin replaced YouTube video loaded via an HTML embed
1515         element would always have the same width regardless of value of the width attribute.
1516
1517         For YouTube Flash videos the YouTube plugin replacement substitutes a shadow DOM subtree
1518         for the default renderer of an HTML embed element. The root of this shadow DOM subtree
1519         is an HTML div element. Currently we set inline styles on this <div> when it is instantiated.
1520         In particular, we set inline display and position to "inline-block" and "relative", respectively,
1521         and set an invalid height and width (we specify a font weight value instead of a CSS length value
1522         - this causes an ASSERT_NOT_REACHED() assertion failure in StyleBuilderConverter::convertLengthSizing()
1523         in a debug build). These styles never worked as intended and we ultimately created an inline
1524         renderer (ignoring display "inline-block") that had auto width and height. Instead it is sufficient
1525         to remove all these inline styles and create a RenderBlockFlow renderer for this <div> so that it
1526         renders as a block, non-replaced element to achieve the intended illusion that the <embed> is a
1527         single element.
1528
1529         * html/shadow/YouTubeEmbedShadowElement.cpp: Remove unused header HTMLEmbedElement.h and include
1530         header RenderBlockFlow.h. Also update copyright in license block.
1531         (WebCore::YouTubeEmbedShadowElement::YouTubeEmbedShadowElement): Remove inline styles as these
1532         never worked as intended.
1533         (WebCore::YouTubeEmbedShadowElement::createElementRenderer): Override; create a block-flow
1534         renderer for us so that we layout as a block, non-replaced element.
1535         * html/shadow/YouTubeEmbedShadowElement.h:
1536
1537 2016-07-21  Myles C. Maxfield  <mmaxfield@apple.com>
1538
1539         [iPhone] Playing a video on tudou.com plays only sound, no video
1540         https://bugs.webkit.org/show_bug.cgi?id=159967
1541         <rdar://problem/26964090>
1542
1543         Reviewed by Jon Lee, Jeremy Jones, and Anders Carlsson.
1544
1545         WebKit recently starting honoring the playsinline and webkit-playsinline
1546         attribute on iPhones. However, because these attributes previously did
1547         nothing, some sites (such as Todou) were setting them on their content
1548         and expecting that they are not honored. In this specific case, the
1549         video is absolutely positioned to be 1 pixel x 1 pixel.
1550
1551         Previously, with iOS 9, apps could set the allowsInlineMediaPlayback
1552         property on their WKWebView, which would honor the webkit-playsinline
1553         attribute. Safari on iPhones didn't do this.
1554
1555         In order to not break these existing apps, it's important that the
1556         allowsInlineMediaPlayback preference still allows webkit-playsinline
1557         videos to play inline in apps using WKWebView. However, in Safari, these
1558         videos should play fullscreen. (Todou videos have webkit-playsinline
1559         but not playsinline.)
1560
1561         Therefore, in Safari, videos with playsinline should be inline, but
1562         videos with webkit-playsinline should be fullscreen. In apps using
1563         WKWebViews, if the app sets allowsInlineMediaPlayback, then videos with
1564         playsinline should be inline, and videos with webkit-playsinline should
1565         also be inline. Videos on iPad and Mac should all be inline by default.
1566
1567         We can create some truth tables for the cases which need to be covered:
1568
1569         All apps on Mac / iPad:
1570         Presence of playsinline | Presence of webkit-playsinline | Result
1571         ========================|================================|===========
1572         Not present             | Not present                    | Inline
1573         Present                 | Not present                    | Inline
1574         Not Present             | Present                        | Inline
1575         Present                 | Present                        | Inline
1576
1577         Safari on iPhone:
1578         Presence of playsinline | Presence of webkit-playsinline | Result
1579         ========================|================================|===========
1580         Not present             | Not present                    | Fullscreen
1581         Present                 | Not present                    | Inline
1582         Not Present             | Present                        | Fullscreen
1583         Present                 | Present                        | Inline
1584
1585         App on iPhone which sets allowsInlineMediaPlayback:
1586         Presence of playsinline | Presence of webkit-playsinline | Result
1587         ========================|================================|===========
1588         Not present             | Not present                    | Fullscreen
1589         Present                 | Not present                    | Inline
1590         Not Present             | Present                        | Inline
1591         Present                 | Present                        | Inline
1592
1593         The way to distinguish Safari from another app is to create an SPI
1594         boolean preference which Safari can set. This is already how the
1595         iPhone and iPad are differentiated using the requiresPlayInlineAttribute
1596         which Safari sets but other apps don't. However, this preference is
1597         no longer sufficient because Safari should now be discriminating
1598         between the playsinline and webkit-playsinline attributes. Therefore,
1599         this preference should be extended to two boolean preferences, which
1600         this patch adds:
1601
1602         allowsInlineMediaPlaybackWithPlaysInlineAttribute
1603         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute
1604
1605         Safari on iPhone will set
1606         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to true,
1607         and allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to
1608         false. Other apps on iPhone will get their defaults values (because they
1609         are SPI) which means they will both be true. On iPad and Mac, apps will
1610         use the defaults values where both are false.
1611
1612         This patch adds support for these two preferences, but does not remove
1613         the existing inlineMediaPlaybackRequiresPlaysInlineAttribute preference.
1614         I will remove the exising preference as soon as I update Safari to migrate
1615         off of it.
1616
1617         Test: media/video-playsinline.html
1618
1619         * html/MediaElementSession.cpp:
1620         (WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):
1621         * page/Settings.cpp:
1622         * page/Settings.in:
1623         * testing/InternalSettings.cpp:
1624         (WebCore::InternalSettings::Backup::Backup):
1625         (WebCore::InternalSettings::Backup::restoreTo):
1626         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithPlaysInlineAttribute):
1627         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute):
1628         * testing/InternalSettings.h:
1629         * testing/InternalSettings.idl:
1630
1631 2016-07-21  Ryosuke Niwa  <rniwa@webkit.org>
1632
1633         Crash accessing null renderer inside WebCore::DeleteSelectionCommand::doApply
1634         https://bugs.webkit.org/show_bug.cgi?id=160011
1635
1636         Reviewed by Chris Dumez.
1637
1638         Add a null pointer check for renderer() call.
1639
1640         Unfortunately no new tests since we don't have a reproduction.
1641
1642         * editing/DeleteSelectionCommand.cpp:
1643         (WebCore::DeleteSelectionCommand::doApply):
1644
1645 2016-07-21  Chris Dumez  <cdumez@apple.com>
1646
1647         The 2 first parameters to DOMImplementation.createDocument() should be mandatory
1648         https://bugs.webkit.org/show_bug.cgi?id=160030
1649
1650         Reviewed by Sam Weinig.
1651
1652         The 2 first parameters to DOMImplementation.createDocument() should be mandatory
1653         as per the specification:
1654         - https://dom.spec.whatwg.org/#domimplementation
1655
1656         Firefox and Chrome both agree with the specification. However, those
1657         parameters were marked as optional in WebKit. Calling this function
1658         without parameters would create a document element whose tag is the
1659         string "undefined", which does not seem helpful. This patch thus
1660         aligns our behavior with the specification and other browsers.
1661
1662         No new tests, rebaselined existing tests.
1663
1664         * dom/DOMImplementation.idl:
1665
1666 2016-07-21  Chris Dumez  <cdumez@apple.com>
1667
1668         Kill legacy valueToStringWithNullCheck() utility function
1669         https://bugs.webkit.org/show_bug.cgi?id=159991
1670
1671         Reviewed by Sam Weinig.
1672
1673         Kill legacy valueToStringWithNullCheck() utility function. Treating null as
1674         a null string is legacy behavior so drop this function so that people are
1675         not tempted to use it. We should be using either:
1676         1. JSValue::toWTFString() for non-nullable DOMStrings
1677         2. valueToStringWithUndefinedOrNullCheck() for nullable DOMStrings
1678         3. valueToStringTreatingNullAsEmptyString() for strings with [TreatNullAs=EmptyString]
1679
1680         No new tests, no web-exposed behavior change.
1681
1682         * bindings/js/JSDOMBinding.cpp:
1683         (WebCore::valueToStringWithNullCheck): Deleted.
1684         * bindings/js/JSDOMBinding.h:
1685         * bindings/js/JSHTMLFrameElementCustom.cpp:
1686         (WebCore::JSHTMLFrameElement::setLocation):
1687         * html/HTMLFrameElement.idl:
1688
1689 2016-07-21  Zalan Bujtas  <zalan@apple.com>
1690
1691         Do not keep invalid IOSurface in ImageBufferData.
1692         https://bugs.webkit.org/show_bug.cgi?id=160005
1693         <rdar://problem/27208636>
1694
1695         Reviewed by Simon Fraser.
1696
1697         When we fail to initialize the IOSurface for the accelerated context, we switch over to
1698         the non-accelerated code path. Since ImageBufferData::surface is used to indicate whether
1699         the graphics context is in accelerated mode, we need to reset it when the initialization fails.
1700
1701         Unable to create a test case.
1702
1703         * platform/graphics/cg/ImageBufferCG.cpp:
1704         (WebCore::ImageBuffer::ImageBuffer):
1705
1706 2016-07-21  Chris Dumez  <cdumez@apple.com>
1707
1708         playsInline IDL attribute has the wrong casing
1709         https://bugs.webkit.org/show_bug.cgi?id=160029
1710         <rdar://problem/27474031>
1711
1712         Reviewed by Jon Lee.
1713
1714         Fix case from video.playsinline to video.playsInline in order to match
1715         the specification:
1716         - https://html.spec.whatwg.org/multipage/embedded-content.html#the-video-element:dom-video-playsinline
1717
1718         It still reflects the "playsinline" content attribute though, as per
1719         the specification:
1720         - https://html.spec.whatwg.org/multipage/embedded-content.html#dom-video-playsinline
1721
1722         No new tests, updated existing test.
1723
1724         * html/HTMLVideoElement.idl:
1725
1726 2016-07-21  Chris Dumez  <cdumez@apple.com>
1727
1728         Drop [TreatNullAs=EmptyString] from CanvasRenderingContext2D.globalCompositeOperation
1729         https://bugs.webkit.org/show_bug.cgi?id=160026
1730
1731         Reviewed by Sam Weinig.
1732
1733         Drop [TreatNullAs=EmptyString] from CanvasRenderingContext2D.globalCompositeOperation
1734         attribute as it does not match the specification:
1735         - https://html.spec.whatwg.org/multipage/scripting.html#canvascompositing
1736
1737         It does not change web-exposed behavior because assigning to "" or "null"
1738         gets ignored as those are not valid operations.
1739
1740         Test: fast/canvas/context-globalCompositeOperation-null.html
1741
1742         * html/canvas/CanvasRenderingContext2D.idl:
1743
1744 2016-07-21  Carlos Garcia Campos  <cgarcia@igalia.com>
1745
1746         [GTK][Threaded Compositor] Overlay scrollbars shouldn't be a requirement of the threaded compositor
1747         https://bugs.webkit.org/show_bug.cgi?id=160020
1748
1749         Reviewed by Michael Catanzaro.
1750
1751         It has been a requirement only because we didn't really know why frame scrollbars were not rendered when using
1752         the threaded compositor. The reason is that RenderView doesn't use layers for FrameView scrollbars by default,
1753         unless using overlay scrollbars. When using the threaded compositor we really need layers for the FrameView
1754         scrollbars even when not using overlay scrollbars.
1755
1756         * platform/gtk/ScrollbarThemeGtk.cpp:
1757         (WebCore::ScrollbarThemeGtk::ScrollbarThemeGtk): Stop enforcing overlay scrollbars when threaded compositor is enabled.
1758         * rendering/RenderLayerCompositor.cpp:
1759         (WebCore::RenderLayerCompositor::shouldCompositeOverflowControls): Always use layers for scrollbars when
1760         threaded compositor is enabled.
1761
1762 2016-07-21  Carlos Garcia Campos  <cgarcia@igalia.com>
1763
1764         [Cairo] Fix a crash in fast/canvas/canvas-getImageData-invalid-result-buffer-crash.html
1765         https://bugs.webkit.org/show_bug.cgi?id=160014
1766
1767         Reviewed by Michael Catanzaro.
1768
1769         In r202887 some null checks were added for JSArray::createUninitialized (and related) but not for the
1770         ImageBuffer cairo implementation.
1771
1772         * platform/graphics/cairo/ImageBufferCairo.cpp:
1773         (WebCore::getImageData): Return early if Uint8ClampedArray::createUninitialized() returns nullptr.
1774
1775 2016-07-21  Miguel Gomez  <magomez@igalia.com>
1776
1777         [GTK] The GSTREAMER_GL path in MediaPlayerPrivateGStreamerBase::paintToTextureMapper() is missing a mutex lock
1778         https://bugs.webkit.org/show_bug.cgi?id=160018
1779
1780         Reviewed by Philippe Normand.
1781
1782         Lock the video sample mutex while accessing it.
1783
1784         Covered by existent tests.
1785
1786         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
1787         (WebCore::MediaPlayerPrivateGStreamerBase::paintToTextureMapper):
1788
1789 2016-07-21  Miguel Gomez  <magomez@igalia.com>
1790
1791         [Threaded Compositor] Flickering when zooming in/out in maps.google.com
1792         https://bugs.webkit.org/show_bug.cgi?id=154069
1793
1794         Reviewed by Carlos Garcia Campos.
1795
1796         Add a new extra buffer to GraphicsContext3D when using the Threaded Compositor,
1797         so it doesn't have to reuse the buffers that are still waiting for composition.
1798
1799         Covered by existing tests.
1800
1801         * platform/graphics/GraphicsContext3D.h:
1802         Add a new texture to use for the rendering. Remove the compositor fbo we were using.
1803         * platform/graphics/cairo/GraphicsContext3DCairo.cpp:
1804         (WebCore::GraphicsContext3D::GraphicsContext3D):
1805         Initialize the new texture and remove the previous fbo related code.
1806         (WebCore::GraphicsContext3D::~GraphicsContext3D):
1807         Properly destroy the new texture and remove the previous fbo related code.
1808         * platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:
1809         (WebCore::GraphicsContext3D::reshapeFBOs):
1810         Allocate the new texture and remove the previous fbo allocation.
1811         * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
1812         (WebCore::GraphicsContext3D::prepareTexture):
1813         Use a single fbo with three textures instead of two fbos with a texture each.
1814         Rotate the three textures usage so:
1815         - m_texture becomes m_compositorTexture to be pushed to the compositor.
1816         - m_intermediateTexture becomes m_texture to receive the next rendering.
1817         - m_compositorTexture becomes m_intermediateTexture.
1818         And add a glFlush() to ensure that the gl commands are sent to the pipeline.
1819         * platform/graphics/opengl/GraphicsContext3DOpenGLES.cpp:
1820         (WebCore::GraphicsContext3D::reshapeFBOs):
1821         Allocate the new texture.
1822
1823 2016-07-21  Carlos Garcia Campos  <cgarcia@igalia.com>
1824
1825         [GTK][Threaded Compositor] Web view background colors don't work
1826         https://bugs.webkit.org/show_bug.cgi?id=159465
1827
1828         Reviewed by Michael Catanzaro.
1829
1830         * rendering/RenderLayerBacking.cpp:
1831         (WebCore::RenderLayerBacking::createPrimaryGraphicsLayer): Initialize frame view layer opacity for platforms not
1832         using the tiled cache layer.
1833
1834 2016-07-20  Youenn Fablet  <youenn@apple.com>
1835
1836         [XHR] Cache response JS object in case of arraybuffer and blob response types
1837         https://bugs.webkit.org/show_bug.cgi?id=128903
1838
1839         Reviewed by Alex Christensen.
1840
1841         Covered by existing and modified tests.
1842
1843         Making response getter a JS builtin that caches response in @response private slot.
1844         Handling invalidation of cached response with @responseCacheIsValid new private method.
1845         Handling creation of cached response with @retrieveResponse new private method which reuses most of
1846         JSXMLHttpRequest::response previous code.
1847
1848         Caching of responses is activated whenever load ended without any error for blob and arraybuffer response types.
1849
1850         Caching of response for document is also activated in case the response getter is used but not if responseXML getter is used.
1851
1852         * CMakeLists.txt: Adding XMLHttpRequest.js.
1853         * DerivedSources.make: Ditto.
1854         * bindings/js/JSXMLHttpRequestCustom.cpp:
1855         (WebCore::JSXMLHttpRequest::retrieveResponse): Implements creation of to-be-cached response.
1856         (WebCore::JSXMLHttpRequest::response): Deleted.
1857         * bindings/js/WebCoreBuiltinNames.h: Adding new private names.
1858         * xml/XMLHttpRequest.cpp:
1859         (WebCore::XMLHttpRequest::didCacheResponse): Renamed from didCacheResponseJSON as all response types are now cached.
1860         (WebCore::XMLHttpRequest::didCacheResponseJSON): Deleted.
1861         * xml/XMLHttpRequest.h:
1862         * xml/XMLHttpRequest.idl:
1863
1864 2016-07-20  Youenn Fablet  <youenn@apple.com>
1865
1866         Remove crossOriginRequestPolicy from ThreadableLoaderOptions
1867         https://bugs.webkit.org/show_bug.cgi?id=159417
1868
1869         Reviewed by Alex Christensen.
1870
1871         No observable change.
1872
1873         * Modules/fetch/FetchLoader.cpp:
1874         (WebCore::FetchLoader::start): DenyCrossOriginRequests -> FetchOptions::Mode::SameOrigin.
1875         * fileapi/FileReaderLoader.cpp:
1876         (WebCore::FileReaderLoader::start): DenyCrossOriginRequests -> FetchOptions::Mode::SameOrigin.
1877         * inspector/InspectorNetworkAgent.cpp:
1878         (WebCore::InspectorNetworkAgent::loadResource): AllowCrossOriginRequests -> FetchOptions::Mode::NoCors.
1879         * loader/DocumentThreadableLoader.cpp:
1880         (WebCore::DocumentThreadableLoader::DocumentThreadableLoader): Ditto.
1881         (WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequest): UseAccessControl -> FetchOptions::Mode::Cors.
1882         (WebCore::DocumentThreadableLoader::redirectReceived): Ditto.
1883         (WebCore::DocumentThreadableLoader::didReceiveResponse): Ditto.
1884         (WebCore::DocumentThreadableLoader::loadRequest): Use NoCors as option passed to ResourceLoader. This allows
1885         desactivating ResourceLoader CORS checks as they are done in DocumentThreadableLoader right now. In the future,
1886         these checks should be moved to ResourceLoader and DocumentThreadableLoader should directly pass the fetch mode
1887         option.
1888         (WebCore::DocumentThreadableLoader::isAllowedRedirect): AllowCrossOriginRequests -> FetchOptions::Mode::NoCors.
1889         * loader/ThreadableLoader.cpp:
1890         (WebCore::ThreadableLoaderOptions::ThreadableLoaderOptions): Removing CrossOriginRequestPolicy.
1891         * loader/ThreadableLoader.h: Ditto.
1892         * loader/WorkerThreadableLoader.cpp:
1893         (WebCore::LoaderTaskOptions::LoaderTaskOptions): Ditto.
1894         * page/EventSource.cpp:
1895         (WebCore::EventSource::connect): UseAccessControl -> FetchOptions::Mode::Cors.
1896         * workers/Worker.cpp:
1897         (WebCore::Worker::create): DenyCrossOriginRequests -> FetchOptions::Mode::SameOrigin.
1898         * workers/WorkerGlobalScope.cpp:
1899         (WebCore::WorkerGlobalScope::importScripts): AllowCrossOriginRequests -> FetchOptions::Mode::NoCors.
1900         * workers/WorkerScriptLoader.cpp:
1901         (WebCore::WorkerScriptLoader::loadSynchronously):
1902         (WebCore::WorkerScriptLoader::loadAsynchronously):
1903         * workers/WorkerScriptLoader.h:
1904         * xml/XMLHttpRequest.cpp:
1905         (WebCore::XMLHttpRequest::createRequest):
1906
1907 2016-07-20  Chris Dumez  <cdumez@apple.com>
1908
1909         Fix null handling of several Document attributes
1910         https://bugs.webkit.org/show_bug.cgi?id=159997
1911
1912         Reviewed by Ryosuke Niwa.
1913
1914         Fix null handling of the following Document attributes: title, cookie
1915         and domain.
1916
1917         In WebKit, they were all marked as [TreatNullAs=EmptyString], which
1918         does not match the specification:
1919         - https://html.spec.whatwg.org/multipage/dom.html#document
1920
1921         Details for each attribute:
1922         - title: null is now treated as the string "null", thus setting the
1923           document title to "null". This matches Firefox and Chrome.
1924         - cookie: adds a "null" cookie instead of being a no-op. This matches
1925                   both Firefox and Chrome.
1926         - domain: Calls setDomain(String("null")) instead of
1927                   setDomain(String()). This throws an exception because "null"
1928                   is not a suffix of the effective domain name. The behavior
1929                   is the same in Firefox and Chrome. Previously, we were
1930                   already throwing an exception since setting the domain to
1931                   the empty string throws, as per the specification.
1932
1933         Test: http/tests//dom/document-attributes-null-handling.html
1934
1935         * dom/Document.idl:
1936
1937 2016-07-20  Commit Queue  <commit-queue@webkit.org>
1938
1939         Unreviewed, rolling out r203471.
1940         https://bugs.webkit.org/show_bug.cgi?id=160003
1941
1942         many iOS-simulator tests are failing (Requested by litherum on
1943         #webkit).
1944
1945         Reverted changeset:
1946
1947         "[iPhone] Playing a video on tudou.com plays only sound, no
1948         video"
1949         https://bugs.webkit.org/show_bug.cgi?id=159967
1950         http://trac.webkit.org/changeset/203471
1951
1952 2016-07-19  Ryosuke Niwa  <rniwa@webkit.org>
1953
1954         iOS: Cannot paste images in RTF content
1955         https://bugs.webkit.org/show_bug.cgi?id=159964
1956         <rdar://problem/27442806>
1957
1958         Reviewed by Enrica Casucci.
1959
1960         The bug was caused by setDefersLoading(true) not deferring image loading for the parsed fragment.
1961         Worked around this bug by disabling image loading while parsing the document fragment.
1962
1963         * editing/ios/EditorIOS.mm:
1964         (WebCore::Editor::createFragmentAndAddResources):
1965
1966 2016-07-20  Brady Eidson  <beidson@apple.com>
1967
1968         Address a small FIXME in IDB code.
1969         https://bugs.webkit.org/show_bug.cgi?id=159999
1970
1971         Reviewed by Andy Estes.
1972
1973         No new tests (No behavior change).
1974
1975         * Modules/indexeddb/IDBRequest.cpp:
1976         (WebCore::IDBRequest::IDBRequest):
1977         
1978         * Modules/indexeddb/shared/IDBResourceIdentifier.cpp:
1979         (WebCore::IDBResourceIdentifier::IDBResourceIdentifier): Deleted.
1980         * Modules/indexeddb/shared/IDBResourceIdentifier.h:
1981
1982 2016-07-20  Brady Eidson  <beidson@apple.com>
1983
1984         Remove some "modernFoo"s from IndexedDB code.
1985         https://bugs.webkit.org/show_bug.cgi?id=159985
1986
1987         Reviewed by Andy Estes.
1988
1989         No new tests (No known behavior change).
1990
1991         * Modules/indexeddb/IDBCursor.cpp:
1992         (WebCore::IDBCursor::IDBCursor):
1993         (WebCore::IDBCursor::~IDBCursor):
1994         (WebCore::IDBCursor::sourcesDeleted):
1995         (WebCore::IDBCursor::effectiveObjectStore):
1996         (WebCore::IDBCursor::transaction):
1997         (WebCore::IDBCursor::direction):
1998         (WebCore::IDBCursor::update):
1999         (WebCore::IDBCursor::advance):
2000         (WebCore::IDBCursor::continueFunction):
2001         (WebCore::IDBCursor::uncheckedIterateCursor):
2002         (WebCore::IDBCursor::deleteFunction):
2003         (WebCore::IDBCursor::setGetResult):
2004         
2005         * Modules/indexeddb/IDBIndex.cpp:
2006         (WebCore::IDBIndex::IDBIndex):
2007         (WebCore::IDBIndex::~IDBIndex):
2008         (WebCore::IDBIndex::hasPendingActivity):
2009         (WebCore::IDBIndex::name):
2010         (WebCore::IDBIndex::objectStore):
2011         (WebCore::IDBIndex::keyPath):
2012         (WebCore::IDBIndex::unique):
2013         (WebCore::IDBIndex::multiEntry):
2014         (WebCore::IDBIndex::openCursor):
2015         (WebCore::IDBIndex::doCount):
2016         (WebCore::IDBIndex::openKeyCursor):
2017         (WebCore::IDBIndex::doGet):
2018         (WebCore::IDBIndex::doGetKey):
2019         (WebCore::IDBIndex::markAsDeleted):
2020         * Modules/indexeddb/IDBIndex.h:
2021         
2022         * Modules/indexeddb/IDBObjectStore.cpp:
2023         (WebCore::IDBObjectStore::transaction):
2024         (WebCore::IDBObjectStore::deleteFunction): Deleted.
2025         (WebCore::IDBObjectStore::modernDelete): Deleted.
2026         * Modules/indexeddb/IDBObjectStore.h:
2027         
2028         * bindings/js/JSIDBIndexCustom.cpp:
2029         (WebCore::JSIDBIndex::visitAdditionalChildren):
2030
2031 2016-07-20  Chris Dumez  <cdumez@apple.com>
2032
2033         Stop using valueToStringWithNullCheck() in JSCSSStyleDeclaration::putDelegate()
2034         https://bugs.webkit.org/show_bug.cgi?id=159982
2035
2036         Reviewed by Ryosuke Niwa.
2037
2038         valueToStringWithNullCheck() treats null as the null String() which is
2039         legacy / non standard behavior. The specification says we should treat
2040         null as the empty string:
2041         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-camel-cased-attribute
2042
2043         Therefore, we should be using valueToStringTreatingNullAsEmptyString() instead.
2044
2045         In practice, there is no web-exposed behavior change because
2046         MutableStyleProperties::setProperty() removes the property wether the
2047         value is the null String or the empty String.
2048
2049         This behavior is correct since the specification says that we should
2050         remove the property if the value is the empty string:
2051         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-setproperty (step 4)
2052
2053         I added test coverage to make sure we behave according to specification.
2054         This test is passing in Firefox, Chrome and in WebKit (before and after
2055         my change).
2056
2057         Test: fast/css/CSSStyleDeclaration-property-setter.html
2058
2059         * bindings/js/JSCSSStyleDeclarationCustom.cpp:
2060         (WebCore::JSCSSStyleDeclaration::putDelegate):
2061
2062 2016-07-20  Chris Dumez  <cdumez@apple.com>
2063
2064         Fix null handling of HTMLFrameElement.marginWidth / marginHeight
2065         https://bugs.webkit.org/show_bug.cgi?id=159987
2066
2067         Reviewed by Ryosuke Niwa.
2068
2069         Fix null handling of HTMLFrameElement.marginWidth / marginHeight:
2070         - https://html.spec.whatwg.org/multipage/obsolete.html#htmlframeelement
2071
2072         We are supposed to treat null as the empty string but we treat it as
2073         the string "null".
2074
2075         Firefox and Chrome both match the specification.
2076
2077         No new tests, updated existing tests.
2078
2079         * html/HTMLFrameElement.idl:
2080
2081 2016-07-20  Wenson Hsieh  <wenson_hsieh@apple.com>
2082
2083         Pausing autoplayed media should not remove all restrictions for that media element
2084         https://bugs.webkit.org/show_bug.cgi?id=159988
2085
2086         Reviewed by Jon Lee.
2087
2088         Localizes the removal of behavior restrictions introduced in r203464 upon pausing an
2089         autoplaying video to just affect the hiding or showing of the media controller. This
2090         prevents pages from using Javascript to start playing autoplaying videos that have
2091         been paused by the user.
2092
2093         * html/HTMLMediaElement.cpp:
2094         (WebCore::HTMLMediaElement::pause):
2095
2096 2016-07-20  Myles C. Maxfield  <mmaxfield@apple.com>
2097
2098         [iPhone] Playing a video on tudou.com plays only sound, no video
2099         https://bugs.webkit.org/show_bug.cgi?id=159967
2100         <rdar://problem/26964090>
2101
2102         Reviewed by Jon Lee.
2103
2104         WebKit recently starting honoring the playsinline and webkit-playsinline
2105         attribute on iPhones. However, because these attributes previously did
2106         nothing, some sites (such as Todou) were setting them on their content
2107         and expecting that they are not honored. In this specific case, the
2108         video is absolutely positioned to be 1 pixel x 1 pixel.
2109
2110         Previously, with iOS 9, apps could set the allowsInlineMediaPlayback
2111         property on their WKWebView, which would honor the webkit-playsinline
2112         attribute. Safari on iPhones didn't do this.
2113
2114         In order to not break these existing apps, it's important that the
2115         allowsInlineMediaPlayback preference still allows webkit-playsinline
2116         videos to play inline in apps using WKWebView. However, in Safari, these
2117         videos should play fullscreen. (Todou videos have webkit-playsinline
2118         but not playsinline.)
2119
2120         Therefore, in Safari, videos with playsinline should be inline, but
2121         videos with webkit-playsinline should be fullscreen. In apps using
2122         WKWebViews, if the app sets allowsInlineMediaPlayback, then videos with
2123         playsinline should be inline, and videos with webkit-playsinline should
2124         also be inline. Videos on iPad and Mac should all be inline by default.
2125
2126         We can create some truth tables for the cases which need to be covered:
2127
2128         All apps on Mac / iPad:
2129         Presence of playsinline | Presence of webkit-playsinline | Result
2130         ========================|================================|===========
2131         Not present             | Not present                    | Inline
2132         Present                 | Not present                    | Inline
2133         Not Present             | Present                        | Inline
2134         Present                 | Present                        | Inline
2135
2136         Safari on iPhone:
2137         Presence of playsinline | Presence of webkit-playsinline | Result
2138         ========================|================================|===========
2139         Not present             | Not present                    | Fullscreen
2140         Present                 | Not present                    | Inline
2141         Not Present             | Present                        | Fullscreen
2142         Present                 | Present                        | Inline
2143
2144         App on iPhone which sets allowsInlineMediaPlayback:
2145         Presence of playsinline | Presence of webkit-playsinline | Result
2146         ========================|================================|===========
2147         Not present             | Not present                    | Fullscreen
2148         Present                 | Not present                    | Inline
2149         Not Present             | Present                        | Inline
2150         Present                 | Present                        | Inline
2151
2152         The way to distinguish Safari from another app is to create an SPI
2153         boolean preference which Safari can set. This is already how the
2154         iPhone and iPad are differentiated using the requiresPlayInlineAttribute
2155         which Safari sets but other apps don't. However, this preference is
2156         no longer sufficient because Safari should now be discriminating
2157         between the playsinline and webkit-playsinline attributes. Therefore,
2158         this preference should be extended to two boolean preferences, which
2159         this patch adds:
2160
2161         allowsInlineMediaPlaybackWithPlaysInlineAttribute
2162         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute
2163
2164         Safari on iPhone will set
2165         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to true,
2166         and allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to
2167         false. Other apps on iPhone will get their defaults values (because they
2168         are SPI) which means they will both be true. On iPad and Mac, apps will
2169         use the defaults values where both are false.
2170
2171         This patch adds support for these two preferences, but does not remove
2172         the existing inlineMediaPlaybackRequiresPlaysInlineAttribute preference.
2173         I will remove the exising preference as soon as I update Safari to migrate
2174         off of it.
2175
2176         Test: media/video-playsinline.html
2177
2178         * html/MediaElementSession.cpp:
2179         (WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):
2180         * page/Settings.cpp:
2181         * page/Settings.in:
2182         * testing/InternalSettings.cpp:
2183         (WebCore::InternalSettings::Backup::Backup):
2184         (WebCore::InternalSettings::Backup::restoreTo):
2185         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithPlaysInlineAttribute):
2186         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute):
2187         * testing/InternalSettings.h:
2188         * testing/InternalSettings.idl:
2189
2190 2016-07-20  Chris Dumez  <cdumez@apple.com>
2191
2192         Get rid of custom bindings code for XMLHttpRequest.open()
2193         https://bugs.webkit.org/show_bug.cgi?id=159984
2194
2195         Reviewed by Ryosuke Niwa.
2196
2197         Get rid of custom bindings code for XMLHttpRequest.open() as the
2198         bindings generator is able to generate it.
2199
2200         Relevant specification:
2201         - https://xhr.spec.whatwg.org/#xmlhttprequest
2202
2203         The issue is that legacy content prevents treating the 'async' argument
2204         being undefined identical from it being omitted. However, this can be
2205         achieved by using overloading in IDL, like in the specification.
2206
2207         No new tests, already covered by the following tests:
2208         - http/tests/xmlhttprequest/basic-auth.html
2209         - http/tests/xmlhttprequest/open-async-overload.html
2210
2211         * bindings/js/JSXMLHttpRequestCustom.cpp:
2212         (WebCore::SendFunctor::SendFunctor): Deleted.
2213         (WebCore::SendFunctor::line): Deleted.
2214         (WebCore::SendFunctor::column): Deleted.
2215         (WebCore::SendFunctor::url): Deleted.
2216         (WebCore::SendFunctor::operator()): Deleted.
2217         * xml/XMLHttpRequest.cpp:
2218         (WebCore::XMLHttpRequest::open):
2219         * xml/XMLHttpRequest.h:
2220         * xml/XMLHttpRequest.idl:
2221
2222 2016-07-20  Rawinder Singh  <rawinder.singh-webkit@cisra.canon.com.au>
2223
2224         Mark overriden methods in WebCore/svg final classes as final
2225         https://bugs.webkit.org/show_bug.cgi?id=159966
2226
2227         Reviewed by Michael Catanzaro.
2228
2229         Update WebCore/svg classes so that overriden methods in final classes are marked final.
2230
2231         * svg/SVGAElement.h:
2232         * svg/SVGAltGlyphDefElement.h:
2233         * svg/SVGAltGlyphItemElement.h:
2234         * svg/SVGAnimateTransformElement.h:
2235         * svg/SVGAnimatedColor.h:
2236         * svg/SVGCircleElement.h:
2237         * svg/SVGClipPathElement.h:
2238         * svg/SVGCursorElement.h:
2239         * svg/SVGDefsElement.h:
2240         * svg/SVGDescElement.h:
2241         * svg/SVGEllipseElement.h:
2242         * svg/SVGFEMergeNodeElement.h:
2243         * svg/SVGFilterElement.h:
2244         * svg/SVGFontElement.h:
2245         * svg/SVGFontFaceElement.h:
2246         * svg/SVGFontFaceFormatElement.h:
2247         * svg/SVGFontFaceNameElement.h:
2248         * svg/SVGFontFaceSrcElement.h:
2249         * svg/SVGFontFaceUriElement.h:
2250         * svg/SVGForeignObjectElement.h:
2251         * svg/SVGGElement.h:
2252         * svg/SVGGlyphElement.h:
2253         * svg/SVGGlyphRefElement.h:
2254         * svg/SVGHKernElement.h:
2255         * svg/SVGImageElement.h:
2256         * svg/SVGLineElement.h:
2257         * svg/SVGMPathElement.h:
2258         * svg/SVGMaskElement.h:
2259         * svg/SVGMetadataElement.h:
2260         * svg/SVGMissingGlyphElement.h:
2261         * svg/SVGPathBuilder.h:
2262         * svg/SVGPathByteStreamBuilder.h:
2263         * svg/SVGPathByteStreamSource.h:
2264         * svg/SVGPathElement.h:
2265         * svg/SVGPathSegArcAbs.h:
2266         * svg/SVGPathSegArcRel.h:
2267         * svg/SVGPathSegClosePath.h:
2268         * svg/SVGPathSegCurvetoCubicAbs.h:
2269         * svg/SVGPathSegCurvetoCubicRel.h:
2270         * svg/SVGPathSegCurvetoCubicSmoothAbs.h:
2271         * svg/SVGPathSegCurvetoCubicSmoothRel.h:
2272         * svg/SVGPathSegCurvetoQuadraticAbs.h:
2273         * svg/SVGPathSegCurvetoQuadraticRel.h:
2274         * svg/SVGPathSegCurvetoQuadraticSmoothAbs.h:
2275         * svg/SVGPathSegCurvetoQuadraticSmoothRel.h:
2276         * svg/SVGPathSegLinetoAbs.h:
2277         * svg/SVGPathSegLinetoHorizontalAbs.h:
2278         * svg/SVGPathSegLinetoHorizontalRel.h:
2279         * svg/SVGPathSegLinetoRel.h:
2280         * svg/SVGPathSegLinetoVerticalAbs.h:
2281         * svg/SVGPathSegLinetoVerticalRel.h:
2282         * svg/SVGPathSegListBuilder.h:
2283         * svg/SVGPathSegListSource.h:
2284         * svg/SVGPathSegMovetoAbs.h:
2285         * svg/SVGPathSegMovetoRel.h:
2286         * svg/SVGPathStringSource.h:
2287         * svg/SVGPathTraversalStateBuilder.h:
2288         * svg/SVGPatternElement.h:
2289         * svg/SVGRectElement.h:
2290         * svg/SVGScriptElement.h:
2291         * svg/SVGStopElement.h:
2292         * svg/SVGStyleElement.h:
2293         * svg/SVGSwitchElement.h:
2294         * svg/SVGTRefElement.cpp:
2295         * svg/SVGTitleElement.h:
2296         * svg/SVGToOTFFontConversion.cpp:
2297         * svg/SVGUnknownElement.h:
2298         * svg/SVGVKernElement.h:
2299         * svg/SVGViewElement.h:
2300         * svg/SVGZoomEvent.h:
2301         * svg/animation/SVGSMILElement.cpp:
2302         * svg/graphics/SVGImage.h:
2303         * svg/graphics/SVGImageClients.h:
2304         * svg/graphics/SVGImageForContainer.h:
2305         * svg/graphics/filters/SVGFEImage.h:
2306         * svg/graphics/filters/SVGFilter.h:
2307         * svg/properties/SVGAnimatedEnumerationPropertyTearOff.h:
2308         * svg/properties/SVGAnimatedPathSegListPropertyTearOff.h:
2309         * svg/properties/SVGAnimatedPropertyTearOff.h:
2310         * svg/properties/SVGAnimatedTransformListPropertyTearOff.h:
2311         * svg/properties/SVGMatrixTearOff.h:
2312         * svg/properties/SVGPathSegListPropertyTearOff.h:
2313
2314 2016-07-20  Brady Eidson  <beidson@apple.com>
2315
2316         Transition most IDB interfaces from ScriptExecutionContext to ExecState.
2317         https://bugs.webkit.org/show_bug.cgi?id=159975
2318
2319         Reviewed by Alex Christensen.
2320
2321         No new tests (No known behavior change).
2322
2323         * Modules/indexeddb/IDBCursor.cpp:
2324         (WebCore::IDBCursor::continueFunction):
2325         (WebCore::IDBCursor::deleteFunction):
2326         * Modules/indexeddb/IDBCursor.h:
2327         * Modules/indexeddb/IDBCursor.idl:
2328
2329         * Modules/indexeddb/IDBDatabase.idl:
2330
2331         * Modules/indexeddb/IDBFactory.cpp:
2332         (WebCore::IDBFactory::cmp):
2333         * Modules/indexeddb/IDBFactory.h:
2334         * Modules/indexeddb/IDBFactory.idl:
2335
2336         * Modules/indexeddb/IDBIndex.cpp:
2337         (WebCore::IDBIndex::openCursor):
2338         (WebCore::IDBIndex::count):
2339         (WebCore::IDBIndex::doCount):
2340         (WebCore::IDBIndex::openKeyCursor):
2341         (WebCore::IDBIndex::get):
2342         (WebCore::IDBIndex::doGet):
2343         (WebCore::IDBIndex::getKey):
2344         (WebCore::IDBIndex::doGetKey):
2345         * Modules/indexeddb/IDBIndex.h:
2346         * Modules/indexeddb/IDBIndex.idl:
2347
2348         * Modules/indexeddb/IDBKeyRange.cpp:
2349         (WebCore::IDBKeyRange::only): Deleted.
2350         * Modules/indexeddb/IDBKeyRange.h:
2351
2352         * Modules/indexeddb/IDBObjectStore.cpp:
2353         (WebCore::IDBObjectStore::openCursor):
2354         (WebCore::IDBObjectStore::get):
2355         (WebCore::IDBObjectStore::putOrAdd):
2356         (WebCore::IDBObjectStore::deleteFunction):
2357         (WebCore::IDBObjectStore::doDelete):
2358         (WebCore::IDBObjectStore::modernDelete):
2359         (WebCore::IDBObjectStore::clear):
2360         (WebCore::IDBObjectStore::createIndex):
2361         (WebCore::IDBObjectStore::count):
2362         (WebCore::IDBObjectStore::doCount):
2363         * Modules/indexeddb/IDBObjectStore.h:
2364         * Modules/indexeddb/IDBObjectStore.idl:
2365
2366         * Modules/indexeddb/IDBTransaction.cpp:
2367         (WebCore::IDBTransaction::requestOpenCursor):
2368         (WebCore::IDBTransaction::doRequestOpenCursor):
2369         (WebCore::IDBTransaction::requestGetRecord):
2370         (WebCore::IDBTransaction::requestGetValue):
2371         (WebCore::IDBTransaction::requestGetKey):
2372         (WebCore::IDBTransaction::requestIndexRecord):
2373         (WebCore::IDBTransaction::requestCount):
2374         (WebCore::IDBTransaction::requestDeleteRecord):
2375         (WebCore::IDBTransaction::requestClearObjectStore):
2376         (WebCore::IDBTransaction::requestPutOrAdd):
2377         * Modules/indexeddb/IDBTransaction.h:
2378
2379         * inspector/InspectorIndexedDBAgent.cpp:
2380
2381 2016-07-20  Wenson Hsieh  <wenson_hsieh@apple.com>
2382
2383         Media controls don't appear when pausing a small autoplaying video
2384         https://bugs.webkit.org/show_bug.cgi?id=159972
2385         <rdar://problem/27180657>
2386
2387         Reviewed by Beth Dakin.
2388
2389         When pausing an autoplaying video, remove behavior restrictions for the
2390         initial user gesture and show media controls.
2391
2392         New WebKit API test. See VideoControlsManagerSingleSmallAutoplayingVideo.
2393
2394         * html/HTMLMediaElement.cpp:
2395         (WebCore::HTMLMediaElement::pause):
2396
2397 2016-07-20  Chris Dumez  <cdumez@apple.com>
2398
2399         Fix null handling of HTMLMediaElement.mediaGroup
2400         https://bugs.webkit.org/show_bug.cgi?id=159974
2401
2402         Reviewed by Eric Carlson.
2403
2404         Fix null handling of HTMLMediaElement.mediaGroup to match the specification:
2405         - https://www.w3.org/TR/html5/embedded-content-0.html#media-elements
2406
2407         null is supposed to be treated as the String "null". This patch aligns
2408         our behavior with the specification. I tested Firefox and Chrome but both
2409         do not have this attribute on HTMLMediaElement.
2410
2411         Also remove support for [TreatNullAs=LegacyNullString] from our bindings
2412         generator as HTMLMediaElement.mediaGroup was the last user.
2413
2414         No new tests, rebaselined existing test.
2415
2416         * bindings/scripts/CodeGeneratorJS.pm:
2417         (JSValueToNative):
2418         * bindings/scripts/IDLAttributes.txt:
2419         * html/HTMLMediaElement.idl:
2420
2421 2016-07-20  Chris Dumez  <cdumez@apple.com>
2422
2423         CSSStyleDeclaration.setProperty() should be able to unset "important" on a property
2424         https://bugs.webkit.org/show_bug.cgi?id=159959
2425
2426         Reviewed by Alexey Proskuryakov.
2427
2428         CSSStyleDeclaration.setProperty() should be able to unsert "important"
2429         on a property as per the latest specification:
2430         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-setproperty
2431         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-camel-cased-attribute
2432
2433         Firefox and Chrome match the specification here but WebKit was ignoring calls
2434         to setProperty() if there is already an "important" property wit this name
2435         and if the new property does not have the "important" flag set.
2436
2437         This behavior was added a long time ago via Bug 60007. However, it does not
2438         match the latest specification or other browsers.
2439
2440         Test: fast/css/CSSStyleDeclaration-setProperty-unset-important.html
2441
2442         * css/StyleProperties.cpp:
2443         (WebCore::MutableStyleProperties::addParsedProperty):
2444         Drop code that was added via Bug 60007 as this behavior no longer matches the
2445         specification or other browsers. The layout test added in Bug 60007 fails in
2446         other browsers and was updated in this patch to match the specification.
2447
2448 2016-07-20  Commit Queue  <commit-queue@webkit.org>
2449
2450         Unreviewed, rolling out r203423.
2451         https://bugs.webkit.org/show_bug.cgi?id=159977
2452
2453         The test for this change is failing on Mac Release WK2
2454         (Requested by ryanhaddad on #webkit).
2455
2456         Reverted changeset:
2457
2458         "HTMLVideoElement frames do not update on iOS when src is a
2459         MediaStream blob"
2460         https://bugs.webkit.org/show_bug.cgi?id=159833
2461         http://trac.webkit.org/changeset/203423
2462
2463 2016-07-20  Chris Dumez  <cdumez@apple.com>
2464
2465         Fix null handling of HTMLSelectElement.value attribute
2466         https://bugs.webkit.org/show_bug.cgi?id=159925
2467
2468         Reviewed by Benjamin Poulain.
2469
2470         Fix null handling of HTMLSelectElement.value attribute:
2471         - https://html.spec.whatwg.org/multipage/forms.html#htmlselectelement
2472
2473         We were treating null as the null String which would end up setting
2474         selectedIndex to -1. However, we should treat null as the String "null"
2475         which would set the selectedIndex to the index of the <option> element
2476         whose value is "null".
2477
2478         Firefox and Chrome match the specification.
2479
2480         Test: fast/dom/HTMLSelectElement/value-null-handling.html
2481
2482         * html/HTMLSelectElement.cpp:
2483         (WebCore::HTMLSelectElement::setValue):
2484         * html/HTMLSelectElement.idl:
2485
2486 2016-07-20  Chris Dumez  <cdumez@apple.com>
2487
2488         PostResolutionCallbackDisabler can resume pending requests while a ResourceLoadSuspender is alive
2489         https://bugs.webkit.org/show_bug.cgi?id=159962
2490         <rdar://problem/21439264>
2491
2492         Reviewed by David Kilzer.
2493
2494         PostResolutionCallbackDisabler can resume pending requests while a ResourceLoadSuspender
2495         is alive. We have both PostResolutionCallbackDisabler and ResourceLoadSuspender that
2496         call LoaderStrategy::suspendPendingRequests() / LoaderStrategy::resumePendingRequests().
2497         However, PostResolutionCallbackDisabler and ResourceLoadSuspender are not aware of each
2498         other. It is therefore possible for a PostResolutionCallbackDisabler object to get
2499         destroyed, causing LoaderStrategy::resumePendingRequests() to be called while a
2500         ResourceLoadSuspender object is alive.
2501
2502         This leads to hard to investigate crashes where we end up re-entering WebKit and killing
2503         the style resolver.
2504
2505         This patch drops ResourceLoadSuspender and uses PostResolutionCallbackDisabler instead.
2506         There was only one user of ResourceLoadSuspender and PostResolutionCallbackDisabler
2507         is better because it manages a resolutionNestingDepth counter internally to make sure
2508         it only calls LoaderStrategy::resumePendingRequests() once all
2509         PostResolutionCallbackDisabler instances are destroyed.
2510
2511         No new tests, there is no easy way to reproduce the crashes.
2512
2513         * dom/Document.cpp:
2514         (WebCore::Document::styleForElementIgnoringPendingStylesheets):
2515         * loader/LoaderStrategy.cpp:
2516         (WebCore::ResourceLoadSuspender::ResourceLoadSuspender): Deleted.
2517         (WebCore::ResourceLoadSuspender::~ResourceLoadSuspender): Deleted.
2518         * loader/LoaderStrategy.h:
2519
2520 2016-07-19  Youenn Fablet  <youenn@apple.com>
2521
2522         [Fetch API] Add a JS builtin to implement https://fetch.spec.whatwg.org/#concept-headers-fill
2523         https://bugs.webkit.org/show_bug.cgi?id=159932
2524
2525         Reviewed by Alex Christensen.
2526
2527         Covered by existing tests.
2528
2529         Refactoring Headers initializeWith to use the new built-in internal that implements
2530         https://fetch.spec.whatwg.org/#concept-headers-fill.
2531
2532         Refactoring Response constructor to put more checks in the JS builtin fucntion called within constructor.
2533         Making use of the new built-in internal that implements https://fetch.spec.whatwg.org/#concept-headers-fill.
2534
2535         * CMakeLists.txt: Adding FetchHeadersInternals.js
2536         * DerivedSources.make: Ditto.
2537         * Modules/fetch/FetchHeaders.js:
2538         (initializeFetchHeaders): Using fillFetchHeaders new built-in internal.
2539         * Modules/fetch/FetchInternals.js: Added.
2540         (fillFetchHeaders):
2541         * Modules/fetch/FetchResponse.cpp: Refactoring to do more in the JS built-in. Splitting of initializeWith so
2542         that the checks are done in the order defined by the spec.
2543         (WebCore::FetchResponse::setStatus):
2544         (WebCore::FetchResponse::initializeWith):
2545         (WebCore::isNullBodyStatus): Deleted.
2546         * Modules/fetch/FetchResponse.h:
2547         * Modules/fetch/FetchResponse.idl:
2548         * Modules/fetch/FetchResponse.js:
2549         (initializeFetchResponse): New built-in internal.
2550         * WebCore.xcodeproj/project.pbxproj:
2551         * bindings/js/WebCoreBuiltinNames.h:
2552
2553 2016-07-19  Chris Dumez  <cdumez@apple.com>
2554
2555         Fix null handling of SVGScriptElement.type attribute
2556         https://bugs.webkit.org/show_bug.cgi?id=159927
2557
2558         Reviewed by Benjamin Poulain.
2559
2560         Fix null handling of SVGScriptElement.type attribute:
2561         - https://www.w3.org/TR/SVG2/interact.html#InterfaceSVGScriptElement
2562
2563         We were treating null as the null String which would end up removing
2564         the 'type' content attribute. However, we should treat null as the
2565         String "null".
2566
2567         Firefox and Chrome match the specification.
2568
2569         No new tests, updated existing test.
2570
2571         * svg/SVGScriptElement.idl:
2572
2573 2016-07-19  Chris Dumez  <cdumez@apple.com>
2574
2575         Fix null handling of several HTMLDocument attributes
2576         https://bugs.webkit.org/show_bug.cgi?id=159923
2577
2578         Reviewed by Benjamin Poulain.
2579
2580         Fix null handling of several HTMLDocument attributes:
2581         - https://html.spec.whatwg.org/multipage/dom.html#document
2582         - https://html.spec.whatwg.org/multipage/obsolete.html#document-partial
2583
2584         In particular, null handling was incorrect in WebKit for 'dir',
2585         'bgColor', 'fgColor', 'alinkColor', 'linkColor' and 'vlinkColor'.
2586
2587         Firefox and Chrome match the specification.
2588
2589         Test: fast/dom/HTMLDocument/null-handling.html
2590
2591         * html/HTMLDocument.idl:
2592
2593 2016-07-19  Chris Dumez  <cdumez@apple.com>
2594
2595         Document.createElementNS() / createAttributeNS() parameters should be mandatory
2596         https://bugs.webkit.org/show_bug.cgi?id=159938
2597
2598         Reviewed by Benjamin Poulain.
2599
2600         Document.createElementNS() / createAttributeNS() parameters should be mandatory:
2601         - https://dom.spec.whatwg.org/#document
2602
2603         They were optional in WebKit. However, Firefox and Chrome both match the
2604         specification.
2605
2606         No new tests, rebaselined existing tests.
2607
2608         * dom/Document.idl:
2609
2610 2016-07-19  Benjamin Poulain  <bpoulain@apple.com>
2611
2612         Use getElementById for attribute matching if the attribute name is html's id
2613         https://bugs.webkit.org/show_bug.cgi?id=159960
2614
2615         Reviewed by Chris Dumez.
2616
2617         Elliott Sprehn discovered YUI makes heavy uses of querySelector with [id=value]
2618         (https://bugs.chromium.org/p/chromium/issues/detail?id=627242).
2619
2620         If we are not in quirks mode, IdForStyleResolution has the same value
2621         as the Id attribute. We can use the same optimization for both cases.
2622
2623         Tests: fast/selectors/id-attribute-querySelector-used-as-id-selector-quirks.html
2624                fast/selectors/id-attribute-querySelector-used-as-id-selector.html
2625
2626         * dom/SelectorQuery.cpp:
2627         (WebCore::canBeUsedForIdFastPath):
2628         (WebCore::findIdMatchingType):
2629         (WebCore::SelectorDataList::SelectorDataList):
2630         (WebCore::selectorForIdLookup):
2631         (WebCore::filterRootById):
2632
2633 2016-07-19  Chris Dumez  <cdumez@apple.com>
2634
2635         Drop SVGElement.xmlbase attribute
2636         https://bugs.webkit.org/show_bug.cgi?id=159926
2637
2638         Reviewed by Benjamin Poulain.
2639
2640         Drop SVGElement.xmlbase attribute as it is no longer part of the
2641         specification:
2642         - https://www.w3.org/TR/SVG2/types.html#InterfaceSVGElement
2643
2644         Both Firefox and Chrome have already dropped support for
2645         SVGElement.xmlbase.
2646
2647         Chrome's intent to remove:
2648         https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/TfwMq4d25hk/C-v_iC_wKfAJ
2649
2650         Test: svg/dom/SVGElement-xmlbase.html
2651
2652         * svg/SVGElement.cpp:
2653         (WebCore::SVGElement::removedFrom): Deleted.
2654         * svg/SVGElement.h:
2655         * svg/SVGElement.idl:
2656
2657 2016-07-19  Chris Dumez  <cdumez@apple.com>
2658
2659         Align CSSStyleDeclaration.setProperty() with the specification
2660         https://bugs.webkit.org/show_bug.cgi?id=159955
2661
2662         Reviewed by Benjamin Poulain.
2663
2664         Align CSSStyleDeclaration.setProperty() with the specification:
2665         - https://drafts.csswg.org/cssom/#the-cssstyledeclaration-interface
2666
2667         In particular, the following changes were needed:
2668         1. The 'value' parameter should not be optional
2669         2. The 'priority' parameter should treat null as the empty string
2670            rather than the string "null".
2671         3. The 'priority' parameter's default value should be the empty string,
2672            not the string "undefined".
2673         4. CSSStyleDeclaration.setProperty() should return early if 'priority'
2674            is not the empty string and is not an ASCII case-insensitive match
2675            for the string "important".
2676
2677         Chrome matches the specification entirely.
2678         Firefox matches the specification with the exception that it does a
2679         case-sensitive match for "important".
2680
2681         Test: fast/css/CSSStyleDeclaration-setProperty.html
2682
2683         * css/CSSStyleDeclaration.idl:
2684         * css/PropertySetCSSStyleDeclaration.cpp:
2685         (WebCore::PropertySetCSSStyleDeclaration::setProperty):
2686
2687 2016-07-19  Daniel Bates  <dabates@apple.com>
2688
2689         CSP: Improve support for multiple policies to more closely conform to the CSP Level 2 spec.
2690         https://bugs.webkit.org/show_bug.cgi?id=159841
2691         <rdar://problem/27381684>
2692
2693         Reviewed by Brent Fulgham.
2694
2695         Implement a first pass at sending multiple violation reports so as to more closely
2696         conform to section Enforcing multiple policies of the Content Security Policy Level 2 spec.,
2697         <https://w3c.github.io/webappsec-csp/2/> (Editor's Draft, 25 April 2016).
2698
2699         Tests: http/tests/security/contentSecurityPolicy/1.1/script-blocked-sends-multiple-reports.php
2700                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-enforced-policy-and-blocked-by-report-policy.php
2701                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-enforced-policy-and-blocked-by-report-policy2.php
2702                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy.php
2703                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
2704                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-enforced-policy-and-allowed-by-report-policy.php
2705                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-enforced-policy-and-allowed-by-report-policy2.php
2706                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy.php
2707                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy2.php
2708                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy.php
2709                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
2710                http/tests/security/contentSecurityPolicy/1.1/scripthash-in-enforced-policy-and-not-in-report-only.html
2711                http/tests/security/contentSecurityPolicy/1.1/scripthash-in-one-enforced-policy-neither-in-another-enforced-policy-nor-report-policy.html
2712                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-enforced-policy-and-blocked-by-report-policy.php
2713                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-enforced-policy-and-blocked-by-report-policy2.php
2714                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy.php
2715                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
2716                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-enforced-policy-and-allowed-by-report-policy.php
2717                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-enforced-policy-and-allowed-by-report-policy2.php
2718                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy.php
2719                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy2.php
2720                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy.php
2721                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
2722                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-in-enforced-policy-and-not-in-report-only.html
2723                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-in-one-enforced-policy-neither-in-another-enforced-policy-nor-report-policy.html
2724                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-multiple-policies.html
2725
2726         * page/csp/ContentSecurityPolicy.cpp:
2727         (WebCore::ContentSecurityPolicy::allPoliciesWithDispositionAllow): Added. Returns whether the resource
2728         is allowed by all of the policies with the specified disposition.
2729         (WebCore::ContentSecurityPolicy::allPoliciesAllow): Added. Returns whether the resource is allowed by
2730         all of the enforced policies.
2731         (WebCore::ContentSecurityPolicy::findHashOfContentInPolicies): Formerly named foundHashOfContentInAllPolicies.
2732         Modified to return a ("has found hash in all enforced policies, "has found hash in all report-only policies)-pair
2733         so that we can differentiate whether the hash violated an enforced policy or a report-only policy.
2734         (WebCore::ContentSecurityPolicy::allowJavaScriptURLs): Write in terms of ContentSecurityPolicy::allPoliciesAllow().
2735         (WebCore::ContentSecurityPolicy::allowInlineEventHandlers): Ditto.
2736         (WebCore::ContentSecurityPolicy::allowScriptWithNonce): For now only accept a nonce if it is allowed by
2737         all enforced policies. As a side effect of this change is that we only send a CSP violation report when a
2738         nonce violates a report-only policy only if the nonce also violates one or more enforced policies. We will
2739         address this limitation in <https://bugs.webkit.org/show_bug.cgi?id=159830>.
2740         (WebCore::ContentSecurityPolicy::allowStyleWithNonce): Ditto.
2741         (WebCore::ContentSecurityPolicy::allowInlineScript): Differentiate between a hash/'unsafe-inline' that
2742         matches/is contained in all enforce policies and a hash/'unsafe-inline' that matches/is contained in all
2743         report-only policies so that we only allow the resource for the former. As a side effect of this change
2744         we may report that a resource violated a policy even if it contained the hash. See <https://bugs.webkit.org/show_bug.cgi?id=159832>
2745         for more details.
2746         (WebCore::ContentSecurityPolicy::allowInlineStyle): Ditto.
2747         (WebCore::ContentSecurityPolicy::allowEval): Write in terms of ContentSecurityPolicy::allPoliciesAllow().
2748         (WebCore::ContentSecurityPolicy::allowFrameAncestors): Ditto.
2749         (WebCore::ContentSecurityPolicy::allowPluginType): Ditto.
2750         (WebCore::ContentSecurityPolicy::allowScriptFromSource): Ditto.
2751         (WebCore::ContentSecurityPolicy::allowObjectFromSource): Ditto.
2752         (WebCore::ContentSecurityPolicy::allowChildFrameFromSource): Ditto.
2753         (WebCore::ContentSecurityPolicy::allowChildContextFromSource): Ditto.
2754         (WebCore::ContentSecurityPolicy::allowImageFromSource): Ditto.
2755         (WebCore::ContentSecurityPolicy::allowStyleFromSource): Ditto.
2756         (WebCore::ContentSecurityPolicy::allowFontFromSource): Ditto.
2757         (WebCore::ContentSecurityPolicy::allowMediaFromSource): Ditto.
2758         (WebCore::ContentSecurityPolicy::allowConnectToSource): Ditto.
2759         (WebCore::ContentSecurityPolicy::allowFormAction): Ditto.
2760         (WebCore::ContentSecurityPolicy::allowBaseURI): Ditto.
2761         (WebCore::ContentSecurityPolicy::foundHashOfContentInAllPolicies): Deleted.
2762         * page/csp/ContentSecurityPolicy.h:
2763         (WebCore::ContentSecurityPolicy::violatedDirectiveInAnyPolicy): Deleted.
2764
2765 2016-07-19  Chris Dumez  <cdumez@apple.com>
2766
2767         Fix null handling of HTMLScriptElement.text attribute
2768         https://bugs.webkit.org/show_bug.cgi?id=159943
2769
2770         Reviewed by Benjamin Poulain.
2771
2772         Fix null handling of HTMLScriptElement.text attribute:
2773         - https://html.spec.whatwg.org/multipage/scripting.html#the-script-element
2774
2775         We should treat null as the "null" String but we were treating it as
2776         the empty string.
2777
2778         Firefox and Chrome match the specification.
2779
2780         No new tests, rebaselined existing test.
2781
2782         * html/HTMLScriptElement.idl:
2783
2784 2016-07-19  Chris Dumez  <cdumez@apple.com>
2785
2786         autocapitalize attribute should not use [TreatNullAs=LegacyNullString]
2787         https://bugs.webkit.org/show_bug.cgi?id=159934
2788
2789         Reviewed by Benjamin Poulain.
2790
2791         autocapitalize attribute should not use [TreatNullAs=LegacyNullString]. This is
2792         non-standard and we want to drop support for it from the bindings generator.
2793
2794         Instead, use [TreatNullAs=EmptyString] in order to maintain existing behavior
2795         given that both a missing/empty attribute result in using the default
2796         autocapitalization mode and that autocapitalize returns the empty string by
2797         default.
2798
2799         Test: platform/ios-simulator/ios/fast/forms/autocapitalize-null.html
2800
2801         * html/HTMLFormElement.idl:
2802         * html/HTMLInputElement.idl:
2803         * html/HTMLTextAreaElement.idl:
2804
2805 2016-07-19  Zalan Bujtas  <zalan@apple.com>
2806
2807         REGRESSION(r203415): ASSERTION FAILED: !m_layoutRoot->container() || !m_layoutRoot->container()->needsLayout()
2808         https://bugs.webkit.org/show_bug.cgi?id=159952
2809
2810         Reviewed by Simon Fraser.
2811
2812         Update ASSERTs to reflect new functionality, that is, now we can end up in a state
2813         where the container (RenderView) of one of the dirty subtrees is dirty.
2814         See r203415.
2815  
2816         Covered by editing/pasteboard/drag-drop-input-in-svg.svg
2817
2818         * page/FrameView.cpp:
2819         (WebCore::FrameView::scheduleRelayoutOfSubtree):
2820
2821 2016-07-19  Dean Jackson  <dino@apple.com>
2822
2823         REGRESSION(202927): The first slide is the only displayed slide when Quicklooking a Keynote file
2824         https://bugs.webkit.org/show_bug.cgi?id=159948
2825         <rdar://problem/27391012>
2826
2827         Reviewed by Simon Fraser.
2828
2829         There is an iOS bug (<rdar://problem/27416744>) that is causing us
2830         to not always get a color space on CGContextRefs. Investigation of this
2831         exposed some optimizations we can take when we are creating ImageBuffers.
2832         In particular, if we have a bitmap context or an IOSurfaceContext we
2833         can simply copy their color space using API. Otherwise we stick with
2834         the existing CGContextCopyDeviceColorSpace.
2835
2836         Lastly, if for some reason we are unable to copy the device color space,
2837         we should fall back to sRGB.
2838
2839         * platform/graphics/cg/ImageBufferCG.cpp:
2840         (WebCore::ImageBuffer::createCompatibleBuffer):
2841         * platform/spi/cg/CoreGraphicsSPI.h: Add some SPI and enums.
2842
2843
2844 2016-07-19  George Ruan  <gruan@apple.com>
2845
2846         HTMLVideoElement frames do not update on iOS when src is a MediaStream blob
2847         https://bugs.webkit.org/show_bug.cgi?id=159833
2848         <rdar://problem/27379487>
2849
2850         Reviewed by Eric Carlson.
2851
2852         Test: fast/mediastream/MediaStream-video-element-displays-buffer.html
2853
2854         * WebCore.xcodeproj/project.pbxproj:
2855         * platform/graphics/avfoundation/MediaSampleAVFObjC.h: Change create to return a Ref<T> instead
2856         of RefPtr<T>
2857         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h: Make observer of
2858         MediaStreamTrackPrivate and make MediaPlayer use an AVSampleBufferDisplayLayer instead of CALayer.
2859         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm: Ditto.
2860         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::~MediaPlayerPrivateMediaStreamAVFObjC): Clean up
2861         observers and AVSampleBufferDisplayLayer
2862         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::isAvailable): Ensures AVSampleBufferDisplayLayer
2863         is available.
2864         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueAudioSampleBufferFromTrack): Placeholder.
2865         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueVideoSampleBufferFromTrack): Responsible
2866         for enqueuing sample buffers to the active video track.
2867         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::ensureLayer): Ensures that an AVSampleBufferDisplayLayer
2868         exists.
2869         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::destroyLayer): Destroys the AVSampleBufferDisplayLayer.
2870         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::platformLayer): Replace CALayer with AVSampleBufferDisplayLayer.
2871         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::currentDisplayMode): Ditto.
2872         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::sampleBufferUpdated): Called from MediaStreamTrackPrivate when a
2873         new SampleBuffer is available.
2874         (WebCore::updateTracksOfType): Manage adding and removing self as observer from tracks.
2875         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateTracks): Replace CALayer with AVSampleBufferDisplayLayer
2876         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::acceleratedRenderingStateChanged): Copied from
2877         MediaPlayerPrivateMediaSourceAVFObjC.mm
2878         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::load): Deleted CALayer.
2879         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateDisplayMode): Deleted process of updating CALayer.
2880         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateIntrinsicSize): Deleted CALayer.
2881         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::createPreviewLayers): Deleted.
2882         * platform/mediastream/MediaStreamPrivate.cpp:
2883         (WebCore::MediaStreamPrivate::updateActiveVideoTrack): Remove redundant check.
2884         * platform/mediastream/MediaStreamTrackPrivate.cpp:
2885         (WebCore::MediaStreamTrackPrivate::sourceHasMoreMediaData): Called from RealtimeMediaSource when a new SampleBuffer
2886         is available.
2887         * platform/mediastream/MediaStreamTrackPrivate.h:
2888         (WebCore::MediaStreamTrackPrivate::Observer::sampleBufferUpdated): Relays to MediaPlayerPrivateMediaStream that
2889         a new SampleBuffer is available to enqueue to the AVSampleBufferDisplayLayer.
2890         * platform/mediastream/RealtimeMediaSource.cpp:
2891         (WebCore::RealtimeMediaSource::mediaDataUpdated): Relays to all observers that a new SampleBuffer is available.
2892         * platform/mediastream/RealtimeMediaSource.h:
2893         * platform/mediastream/mac/AVVideoCaptureSource.mm:
2894         (WebCore::AVVideoCaptureSource::processNewFrame): Calls mediaDataUpdated when a new SampleBuffer is captured.
2895
2896 2016-07-19  Anders Carlsson  <andersca@apple.com>
2897
2898         Get rid of a #define private public hack in WebCore
2899         https://bugs.webkit.org/show_bug.cgi?id=159953
2900
2901         Reviewed by Dan Bernstein.
2902
2903         Use @package instead.
2904
2905         * bindings/objc/DOMInternal.h:
2906         * bindings/objc/DOMObject.h:
2907
2908 2016-07-19  Andreas Kling  <akling@apple.com>
2909
2910         Fix SharedBuffer leak in MockContentFilter::replacementData().
2911         <https://webkit.org/b/159945>
2912
2913         Reviewed by Andy Estes.
2914
2915         Spotted on leaks bot. This code was pretty explicit about how it's going to leak.
2916         Since this is in the mock filter, it only affected layout tests.
2917
2918         * testing/MockContentFilter.cpp:
2919         (WebCore::MockContentFilter::replacementData):
2920
2921 2016-07-19  Zalan Bujtas  <zalan@apple.com>
2922
2923         theguardian.co.uk crossword puzzles are sometimes not displaying text
2924         https://bugs.webkit.org/show_bug.cgi?id=159924
2925         <rdar://problem/27409483>
2926
2927         Reviewed by Simon Fraser.
2928
2929         This patch fixes the case when
2930         - 2 disjoint subtrees are dirty
2931         - RenderView is also dirty.
2932         and we end up not laying out one of the 2 subtrees.
2933
2934         In FrameView::scheduleRelayoutOfSubtree, we assume that when the RenderView is dirty
2935         we already have a pending full layout which means that any previous subtree layouts have already been
2936         converted to full layouts.
2937         However this assumption is incorrect. RenderView can get dirty without checking if there's
2938         already a pending subtree layout.
2939         One option to solve this problem would be to override RenderObject::setNeedsLayout in RenderView
2940         so that when the RenderView gets dirty, we could also convert any pending subtree layout to full layout.
2941         However RenderObject::setNeedsLayout is a hot function and making it virtual would impact performance.
2942         The other option is to always normalize subtree layouts in FrameView::scheduleRelayoutOfSubtree().
2943         This patch implements the second option.
2944
2945         Test: fast/misc/subtree-layouts.html
2946
2947         * page/FrameView.cpp:
2948         (WebCore::FrameView::scheduleRelayoutOfSubtree):
2949
2950 2016-07-19  Anders Carlsson  <andersca@apple.com>
2951
2952         Some payment authorization status values should keep the sheet active
2953         https://bugs.webkit.org/show_bug.cgi?id=159936
2954         rdar://problem/26756701
2955
2956         Reviewed by Tim Horton.
2957
2958         * Modules/applepay/ApplePaySession.cpp:
2959         (WebCore::ApplePaySession::completePayment):
2960         Keep the sheet active if the status isn't a final state status.
2961
2962         * Modules/applepay/PaymentAuthorizationStatus.h:
2963         (WebCore::isFinalStateStatus):
2964         Add a new helper function that returns whether a given payment authorization status is "final",
2965         meaning that once that status has been passed to completePayment, the session is finished.
2966
2967 2016-07-19  Nan Wang  <n_wang@apple.com>
2968
2969         AX: Incorrect behavior for word related text marker functions when there's collapsed whitespace
2970         https://bugs.webkit.org/show_bug.cgi?id=159910
2971
2972         Reviewed by Chris Fleizach.
2973
2974         We are getting a bad CharacterOffset when there's collapsed whitespace. Added a TraverseOptionValidateOffset
2975         option to make sure we are getting the correct CharacterOffset based on the corresponding Range offset. And
2976         fixed a word navigation issue based on that.
2977
2978         Test: accessibility/mac/text-marker-word-nav-collapsed-whitespace.html
2979
2980         * accessibility/AXObjectCache.cpp:
2981         (WebCore::AXObjectCache::traverseToOffsetInRange):
2982         (WebCore::AXObjectCache::rangeForNodeContents):
2983         (WebCore::AXObjectCache::startOrEndCharacterOffsetForRange):
2984         (WebCore::AXObjectCache::characterOffsetFromVisiblePosition):
2985         (WebCore::AXObjectCache::rightWordRange):
2986         (WebCore::AXObjectCache::previousBoundary):
2987         * accessibility/AXObjectCache.h:
2988         (WebCore::AXObjectCache::isNodeInUse):
2989
2990 2016-07-19  Youenn Fablet  <youenn@apple.com>
2991
2992         [Streams API] ReadableStreamController methods should throw if its stream is not readable
2993         https://bugs.webkit.org/show_bug.cgi?id=159871
2994
2995         Reviewed by Xabier Rodriguez-Calvar.
2996
2997         Spec now mandates close and enqueue to throw if ReadableStream is not readable.
2998         Covered by rebased and/or modified tests.
2999
3000         * Modules/streams/ReadableStreamController.js:
3001         (enqueue): Throwing a TypeError if controlled stream is not readable.
3002         (close): Ditto.
3003
3004 2016-07-19  Simon Fraser  <simon.fraser@apple.com>
3005
3006         Bubbles appear split for a brief moment in Messages
3007         https://bugs.webkit.org/show_bug.cgi?id=159915
3008         rdar://problem/27182267
3009
3010         Reviewed by David Hyatt.
3011
3012         RenderView::repaintRootContents() had a long-standing bug in WebView when the
3013         view is scrolled. repaint() uses visualOverflowRect() but, for the 
3014         RenderView, the visualOverflowRect() is the initial containing block
3015         which is anchored at 0,0. When the view is scrolled it's clipped out and
3016         calls to repaintRootContents() have no effect.
3017         
3018         Change repaintRootContents() to use layoutOverflowRect(). ScrollView::repaintContentRectangle()
3019         will clip it to the view if necessary.
3020
3021         Test: fast/repaint/scrolled-view-full-repaint.html
3022
3023         * rendering/RenderView.cpp:
3024         (WebCore::RenderView::repaintRootContents):
3025
3026 2016-07-19  Dan Bernstein  <mitz@apple.com>
3027
3028         <rdar://problem/27420308> WebCore-7602.1.42 fails to build: error: unused parameter 'vm'
3029
3030         * bindings/js/JSDOMGlobalObject.cpp:
3031         (WebCore::JSDOMGlobalObject::addBuiltinGlobals): Fixed the !ENABLE(STREAMS_API) build.
3032
3033 2016-07-19  Youenn Fablet  <youenn@apple.com>
3034
3035         [Streams API] Make ReadableStream properties not enumerable
3036         https://bugs.webkit.org/show_bug.cgi?id=159868
3037
3038         Reviewed by Darin Adler.
3039
3040         Covered by rebased tests.
3041
3042         Uopdating IDL definitions to mark all functions/attributes as not enumerable.
3043         Updating IDL constructor definitions to correctly compute constructor length.
3044         Updating built-in implementation to correctly compute pipeTo length to 1 (second parameter being optional).
3045
3046         * Modules/streams/ReadableStream.idl:
3047         * Modules/streams/ReadableStream.js:
3048         * Modules/streams/ReadableStreamController.idl:
3049         * Modules/streams/ReadableStreamReader.idl:
3050
3051 2016-07-19  Chris Dumez  <cdumez@apple.com>
3052
3053         form.enctype / encoding / method should treat null as "null" string
3054         https://bugs.webkit.org/show_bug.cgi?id=159916
3055
3056         Reviewed by Ryosuke Niwa.
3057
3058         form.enctype / encoding / method should treat null as "null" string:
3059         - https://html.spec.whatwg.org/multipage/forms.html#htmlformelement
3060
3061         Previously, WebKit would treat null as the null String, which would
3062         end up removing the existing attribute.
3063
3064         Firefox and Chrome match the specification.
3065
3066         Test: fast/dom/HTMLFormElement/null-handling.html
3067
3068         * html/HTMLFormElement.h:
3069         * html/HTMLFormElement.idl:
3070
3071 2016-07-18  Csaba Osztrogon√°c  <ossy@webkit.org>
3072
3073         All-in-one buildfix after r202439
3074         https://bugs.webkit.org/show_bug.cgi?id=159877
3075
3076         Reviewed by Chris Dumez.
3077
3078         * Modules/webaudio/AudioDestinationNode.h:
3079         (WebCore::AudioDestinationNode::resume):
3080         (WebCore::AudioDestinationNode::suspend):
3081         (WebCore::AudioDestinationNode::close):
3082
3083 2016-07-18  Frederic Wang  <fwang@igalia.com>
3084
3085         Move parsing of subscriptshift and superscriptshift from rendering to element classes
3086         https://bugs.webkit.org/show_bug.cgi?id=159622
3087
3088         Reviewed by Darin Adler.
3089
3090         We introduce a new MathMLScriptsElement that is used for elements msub, msup, msubsup and
3091         mmultiscripts in order to create RenderMathMLScripts and parse and expose the values of the
3092         subscriptshift and superscriptshift attributes. This is one more step toward moving MathML
3093         attribute parsing to the DOM (bug 156536).
3094
3095         No new tests, rendering is unchanged.
3096
3097         * CMakeLists.txt: Add MathMLScriptsElement files.
3098         * WebCore.xcodeproj/project.pbxproj: Ditto.
3099         * mathml/MathMLAllInOne.cpp: Ditto.
3100         * mathml/MathMLInlineContainerElement.cpp: Remove handling of scripts.
3101         (WebCore::MathMLInlineContainerElement::createElementRenderer): Deleted.
3102         * mathml/MathMLScriptsElement.cpp: Added. New class to handle scripted elements supporting
3103         parsing for the subscriptshift and superscriptshift MathML lengths.
3104         (WebCore::MathMLScriptsElement::MathMLScriptsElement):
3105         (WebCore::MathMLScriptsElement::create):
3106         (WebCore::MathMLScriptsElement::subscriptShift): Expose the cached length for the shift,
3107         parsing the attribute again if necessary.
3108         (WebCore::MathMLScriptsElement::superscriptShift): Ditto.
3109         (WebCore::MathMLScriptsElement::parseAttribute): Mark attributes dirty.
3110         (WebCore::MathMLScriptsElement::createElementRenderer): Create RenderMathMLScripts.
3111         * mathml/MathMLScriptsElement.h: Ditto.
3112         * mathml/mathtags.in: Map msub, msup, msubsup and mmultiscripts to MathMLScriptsElement.
3113         * rendering/mathml/RenderMathMLScripts.cpp:
3114         (WebCore::RenderMathMLScripts::scriptsElement): Helper function to cast the node to a
3115         MathMLScriptsElement.
3116         (WebCore::RenderMathMLScripts::getScriptMetricsAndLayoutIfNeeded): Resolve the attributes
3117         using the functions from the MathMLScriptsElement class.
3118         * rendering/mathml/RenderMathMLScripts.h: Declare scriptsElement.
3119
3120 2016-07-18  Frederic Wang  <fwang@igalia.com>
3121
3122         Do not store gap and shift parameters on RenderMathMLFraction
3123         https://bugs.webkit.org/show_bug.cgi?id=159876
3124
3125         Reviewed by Darin Adler.
3126
3127         After r203285, the stack and fraction layout parameters are only used in layoutBlock so we
3128         do not need to store them on the class. We remove them and split updateLayoutParameters into
3129         three functions: one to update the linethickness and two others to retrieve the fraction and
3130         stack respectively.
3131
3132         No new tests, rendering is unchanged.
3133
3134         * rendering/mathml/RenderMathMLFraction.cpp:
3135         (WebCore::RenderMathMLFraction::updateLineThickness): Move code to update thickness members here.
3136         (WebCore::RenderMathMLFraction::getFractionParameters): Move code to retrieve fraction parameters here.
3137         (WebCore::RenderMathMLFraction::getStackParameters): Move code to retrieve stack parameters here.
3138         (WebCore::RenderMathMLFraction::layoutBlock): Use the new helper functions and local variables
3139         for fraction and stack parameters.
3140         (WebCore::RenderMathMLFraction::updateLayoutParameters): Deleted.
3141         * rendering/mathml/RenderMathMLFraction.h: Declare new helper functions and remove members
3142         for stack and fraction parameters.
3143
3144 2016-07-18  Chris Dumez  <cdumez@apple.com>
3145
3146         input.formEnctype / formMethod and button.formEnctype / formMethod / type should treat null as "null"
3147         https://bugs.webkit.org/show_bug.cgi?id=159908
3148
3149         Reviewed by Alex Christensen.
3150
3151         input.formEnctype / formMethod and button.formEnctype / formMethod / type
3152         should treat null as "null" String:
3153         - https://html.spec.whatwg.org/multipage/forms.html#htmlinputelement
3154         - https://html.spec.whatwg.org/multipage/forms.html#htmlbuttonelement
3155
3156         In WebKit, we would treat null as a null String which would end up
3157         removing the corresponding attribute. This does not match the
3158         specification. Firefox and Chrome match the specification here.
3159
3160         Tests:
3161         - fast/dom/HTMLButtonElement/null-handling.html
3162         - fast/dom/HTMLInputElement/null-handling.html
3163
3164         * html/HTMLButtonElement.idl:
3165         * html/HTMLInputElement.idl:
3166
3167 2016-07-18  Alex Christensen  <achristensen@webkit.org>
3168
3169         webbookmarksd needs to use the same AppCache directory as MobileSafari
3170         https://bugs.webkit.org/show_bug.cgi?id=159912
3171
3172         Reviewed by Alexey Proskuryakov.
3173
3174         No new tests.  This only changes behavior for webbookmarksd.
3175
3176         * platform/RuntimeApplicationChecks.h:
3177         * platform/RuntimeApplicationChecks.mm:
3178         (WebCore::IOSApplication::isWebBookmarksD): Added.
3179
3180 2016-07-18  Chris Dumez  <cdumez@apple.com>
3181
3182         EventTarget.dispatchEvent() parameter should not be nullable
3183         https://bugs.webkit.org/show_bug.cgi?id=159897
3184
3185         Reviewed by Benjamin Poulain.
3186
3187         EventTarget.dispatchEvent() parameter should not be nullable:
3188         - https://dom.spec.whatwg.org/#interface-eventtarget
3189
3190         Even though the parameter was marked as nullable in our IDL, our
3191         implementation does a null check and we already throw a TypeError
3192         when calling dispatchEvent(null).
3193
3194         Update our IDL so that it matches the specification and so that
3195         the null check is generated in the bindings instead.
3196
3197         No new tests, rebaseline existing tests.
3198
3199         * dom/EventTarget.cpp:
3200         (WebCore::EventTarget::dispatchEventForBindings):
3201         * dom/EventTarget.h:
3202         * dom/EventTarget.idl:
3203
3204 2016-07-18  Chris Dumez  <cdumez@apple.com>
3205
3206         DocType's publicId / systemId should not be nullable
3207         https://bugs.webkit.org/show_bug.cgi?id=159901
3208
3209         Reviewed by Benjamin Poulain.
3210
3211         DocType's publicId / systemId should not be nullable. While they were
3212         not marked as nullable in our IDL, they could be stored as null Strings
3213         in our implementation depending on how the Node was constructed. This
3214         led to subtle bugs where String() != emptyString().
3215
3216         In particular, Node.isEqualNode() would return false when DocumentType
3217         nodes would mismatch because of their publicId / systemId being null
3218         instead of the emptyString.
3219
3220         Serialization would DocumentType nodes would also be wrong when
3221         publicId / systemId were empty Strings instead of null strings. The
3222         new behavior now matches:
3223         - https://www.w3.org/TR/DOM-Parsing/#dfn-concept-serialize-doctype (steps 7-9)
3224
3225         To address these issues, we now always store publicId / systemId as
3226         non-null Strings inside the DocumentType class.
3227
3228         Test: fast/dom/DocumentType/isEqualNode.html
3229
3230         * dom/DocumentType.cpp:
3231         (WebCore::DocumentType::DocumentType):
3232         * editing/MarkupAccumulator.cpp:
3233         (WebCore::MarkupAccumulator::appendDocumentType):
3234
3235 2016-07-18  Jeremy Jones  <jeremyj@apple.com>
3236
3237         If previous media session interruptions were prevented, still allow subsequent interruptions to try.
3238         https://bugs.webkit.org/show_bug.cgi?id=157553
3239         rdar://problem/25740804
3240
3241         Reviewed by Eric Carlson.
3242
3243         Test: platform/ios-simulator/media/video-interruption-suspendunderlock.html
3244
3245         When suspending under lock on iOS, there is first a resign active event, then a
3246         suspend under lock. PiP prevents resign active from interrupting playback. But it should allow the
3247         suspend under lock to interrupt playback.
3248
3249         Currently if there are nested interruptions only the first one is acted upon.
3250
3251         This change allows subsequent, nested interruptions to have a chance to interrupt playback if the
3252         previous interruptions were ignored.
3253
3254         This test is for iPad only, so it must be run manually.
3255
3256         * html/HTMLMediaElement.cpp:
3257         (WebCore::HTMLMediaElement::shouldOverrideBackgroundPlaybackRestriction):
3258         * platform/audio/PlatformMediaSession.cpp:
3259         (WebCore::PlatformMediaSession::beginInterruption):
3260         * testing/Internals.cpp:
3261         (WebCore::Internals::beginMediaSessionInterruption):
3262
3263 2016-07-18  Brent Fulgham  <bfulgham@apple.com>
3264
3265         Don't associate form-associated elements with forms in other trees.
3266         https://bugs.webkit.org/show_bug.cgi?id=119451
3267         <rdar://problem/27382946>
3268
3269         Change is based on the Blink change (patch by <adamk@chromium.org>):
3270         <https://chromium.googlesource.com/chromium/blink/+/0b33128be67e7845d495d5219614c02ccfe7a414>
3271
3272         Reviewed by Chris Dumez.
3273
3274         Prevent elements from being associated with forms that are not part of the same home subtree.
3275         This brings us in line with the WhatWG HTML specification as of September, 2013.
3276
3277         Tests: fast/forms/image-disconnected-during-parse.html
3278                fast/forms/input-disconnected-during-parse.html
3279
3280         * dom/Element.h:
3281         (WebCore::Node::rootElement): Added.
3282         * html/FormAssociatedElement.cpp:
3283         (WebCore::FormAssociatedElement::insertedInto): If the element is associated with a form that
3284         is not part of the same tree, remove the association.
3285         * html/HTMLImageElement.cpp:
3286         (WebCore::HTMLImageElement::insertedInto): Ditto.
3287
3288 2016-07-18  Anders Carlsson  <andersca@apple.com>
3289
3290         WebKit nightly fails to build on macOS Sierra
3291         https://bugs.webkit.org/show_bug.cgi?id=159902
3292         rdar://problem/27365672
3293
3294         Reviewed by Tim Horton.
3295
3296         * Modules/applepay/cocoa/PaymentCocoa.mm:
3297         * Modules/applepay/cocoa/PaymentContactCocoa.mm:
3298         * Modules/applepay/cocoa/PaymentMerchantSessionCocoa.mm:
3299         * Modules/applepay/cocoa/PaymentMethodCocoa.mm:
3300         Use new PassKitSPI header.
3301
3302         * WebCore.xcodeproj/project.pbxproj:
3303         Add new PassKitSPI header.
3304
3305         * icu/unicode/ucurr.h: Added.
3306         Add ucurr.h from ICU.
3307
3308         * platform/spi/cocoa/PassKitSPI.h: Added.
3309         Add new PassKitSPI header.
3310
3311 2016-07-18  Dean Jackson  <dino@apple.com>
3312
3313         REGRESSION (r202950): Image zoom animations are broken at medium.com (159861)
3314         https://bugs.webkit.org/show_bug.cgi?id=159906
3315         <rdar://problem/27391725>
3316
3317         Reviewed by Simon Fraser.
3318
3319         The fix for webkit.org/b/157569 in r200769 broke AMP pages.
3320         The followup fix for webkit.org/b/159450 in r202950 broke Medium pages.
3321
3322         Revert them both until we have better testing.
3323
3324         * css/CSSParser.cpp:
3325         (WebCore::CSSParser::addPropertyWithPrefixingVariant):
3326         (WebCore::CSSParser::parseValue):
3327         (WebCore::CSSParser::parseAnimationShorthand):
3328         (WebCore::CSSParser::parseTransitionShorthand): Deleted.
3329         * css/CSSPropertyNames.in:
3330         * css/PropertySetCSSStyleDeclaration.cpp:
3331         (WebCore::PropertySetCSSStyleDeclaration::getPropertyCSSValue):
3332         (WebCore::PropertySetCSSStyleDeclaration::getPropertyValue):
3333         (WebCore::PropertySetCSSStyleDeclaration::getPropertyCSSValueInternal):
3334         (WebCore::PropertySetCSSStyleDeclaration::getPropertyValueInternal):
3335         * css/StyleProperties.cpp:
3336         (WebCore::MutableStyleProperties::removeShorthandProperty):
3337         (WebCore::MutableStyleProperties::removeProperty):
3338         (WebCore::MutableStyleProperties::removePrefixedOrUnprefixedProperty):
3339         (WebCore::MutableStyleProperties::setProperty):
3340         (WebCore::getIndexInShorthandVectorForPrefixingVariant):
3341         (WebCore::MutableStyleProperties::appendPrefixingVariantProperty):
3342         (WebCore::MutableStyleProperties::setPrefixingVariantProperty):
3343         (WebCore::StyleProperties::asText): Deleted.
3344         * css/StyleProperties.h:
3345
3346 2016-07-18  Andreas Kling  <akling@apple.com>
3347
3348         There should be a way to simulate memory pressure in layout tests
3349         <https://webkit.org/b/159743>
3350
3351         Reviewed by Simon Fraser.
3352
3353         Add three window.internal APIs:
3354
3355             - boolean isUnderMemoryPressure (readonly attribute)
3356             - void beginSimulatedMemoryPressure()
3357             - void endSimulatedMemoryPressure()
3358
3359         These make it possible to write tests that exercise behaviors that only
3360         occur during memory pressure situations.
3361
3362         I also implemented the "org.WebKit.lowMemory" notification handler using the new API.
3363
3364         Test: memory/memory-pressure-simulation.html
3365
3366         * platform/MemoryPressureHandler.cpp:
3367         (WebCore::MemoryPressureHandler::beginSimulatedMemoryPressure):
3368         (WebCore::MemoryPressureHandler::endSimulatedMemoryPressure):
3369         * platform/MemoryPressureHandler.h:
3370         (WebCore::MemoryPressureHandler::isUnderMemoryPressure):
3371         * platform/cocoa/MemoryPressureHandlerCocoa.mm:
3372         (WebCore::MemoryPressureHandler::platformReleaseMemory):
3373         (WebCore::MemoryPressureHandler::install):
3374         * testing/Internals.cpp:
3375         (WebCore::Internals::isUnderMemoryPressure):
3376         (WebCore::Internals::beginSimulatedMemoryPressure):
3377         (WebCore::Internals::endSimulatedMemoryPressure):
3378         * testing/Internals.h:
3379         * testing/Internals.idl:
3380
3381 2016-07-18  Said Abou-Hallawa  <sabouhallawa@apple,com>
3382
3383         [iOS] PDFDocumentImage should cache only a sub image of the PDF when caching the whole image is expensive
3384         https://bugs.webkit.org/show_bug.cgi?id=158715
3385
3386         Reviewed by Dean Jackson.
3387
3388         Test: fast/images/displaced-non-cached-pdf.html
3389
3390         For iOS, we need to ensure the size of the cached PDF images will not
3391         exceed some limit. Also we should be caching only a sub image of the PDF
3392         if caching the whole image will exceed the memory limit.
3393
3394         * page/Settings.cpp:
3395         (WebCore::Settings::Settings):
3396         (WebCore::Settings::setCachedPDFImageEnabled):
3397         * page/Settings.h:
3398         (WebCore::Settings::isCachedPDFImageEnabled):
3399             Add an option to disable caching the PDF images.
3400
3401         * platform/graphics/cg/PDFDocumentImage.cpp:
3402         (WebCore::PDFDocumentImage::setCachedPDFImageEnabled):
3403             Allow the caller of draw() to disable caching the PDF images.
3404         
3405         (WebCore::PDFDocumentImage::cacheParametersMatch):
3406             Match the context dirty rectangle with the cached image rectangle.
3407         
3408         (WebCore::transformContextForPainting):
3409             When preparing the context for drawing the PDF, take the location 
3410             of the destination rectangle into account. We do not need to scale
3411             the location of the source rectangle because we scale the size of
3412             the rectangle but we don't scale the whole coordinate system.
3413
3414         (WebCore::cachedImageRect):
3415             Calculate the rectangle of the cached image such that it does not
3416             exceed the limit. Start from the center of the dirty rectangle and
3417             then expand around it.
3418             
3419         (WebCore::PDFDocumentImage::decodedSizeChanged):
3420             In addition to notifying the ImageObserver, it keeps track of the size
3421             of all the cached PDF images.
3422
3423         (WebCore::PDFDocumentImage::updateCachedImageIfNeeded):
3424             Ensure the size of all the cached images does not exceed the limit
3425             
3426         (WebCore::PDFDocumentImage::destroyDecodedData):
3427         * platform/graphics/cg/PDFDocumentImage.h:
3428
3429         * rendering/RenderImage.cpp:
3430         (WebCore::RenderImage::paintIntoRect):
3431             Pass the option to disable caching the PDF images to PDFDocumentImage.
3432
3433         * testing/InternalSettings.cpp:
3434         (WebCore::InternalSettings::Backup::Backup):
3435         (WebCore::InternalSettings::Backup::restoreTo):
3436         (WebCore::InternalSettings::setCachedPDFImageEnabled):
3437         * testing/InternalSettings.h:
3438         * testing/InternalSettings.idl:
3439             Add an internal option to disable caching the PDF images.
3440
3441 2016-07-18  Chris Dumez  <cdumez@apple.com>
3442
3443         The 2 first parameters to addEventListener() / removeEventListener() should be mandatory
3444         https://bugs.webkit.org/show_bug.cgi?id=158008
3445
3446         Reviewed by Darin Adler.
3447
3448         The 2 first parameters to addEventListener() / removeEventListener() should be
3449         mandatory:
3450         - https://dom.spec.whatwg.org/#interface-eventtarget
3451
3452         Firefox 46 and Chrome 50 both match the specification and throw an exception when those
3453         parameters are omitted. However, those parameters were marked as optional in WebKit and
3454         the calls were no-ops if those parameters were omitted. This patch aligns our behavior
3455         with the specification and other browsers.
3456
3457         Test: fast/dom/eventtarget-api-parameters.html
3458
3459         * bindings/scripts/CodeGeneratorJS.pm:
3460         (GetFunctionLength): Deleted.
3461         * dom/EventTarget.idl:
3462
3463 2016-07-18  Brent Fulgham  <bfulgham@apple.com>
3464
3465         Unreviewed, rolling out r203373.
3466
3467         Unaddressed
3468
3469         Reverted changeset:
3470
3471         "Don't associate form-associated elements with forms in other
3472         trees."
3473         https://bugs.webkit.org/show_bug.cgi?id=119451
3474         http://trac.webkit.org/changeset/203373
3475
3476 2016-07-18  Brent Fulgham  <bfulgham@apple.com>
3477
3478         Don't associate form-associated elements with forms in other trees.
3479         https://bugs.webkit.org/show_bug.cgi?id=119451
3480         <rdar://problem/27382946>
3481
3482         Change is based on the Blink change (patch by <adamk@chromium.org>):
3483         <https://chromium.googlesource.com/chromium/blink/+/0b33128be67e7845d495d5219614c02ccfe7a414>
3484
3485         Reviewed by Zalan Bujtas.
3486
3487         Prevent elements from being associated with forms that are not part of the same home subtree.
3488         This brings us in line with the WhatWG HTML specification as of September, 2013.
3489
3490         Tests: fast/forms/image-disconnected-during-parse.html
3491                fast/forms/input-disconnected-during-parse.html
3492
3493         * dom/NodeTraversal.h:
3494         (WebCore::NodeTraversal::highestAncestorOrSelf): Added.
3495         * html/FormAssociatedElement.cpp:
3496         (WebCore::FormAssociatedElement::insertedInto): If the element is associated with a form that
3497         is not part of the same tree, remove the association.
3498         * html/HTMLImageElement.cpp:
3499         (WebCore::HTMLImageElement::insertedInto): Ditto.
3500
3501 2016-07-18  George Ruan  <gruan@apple.com>
3502
3503         Move MediaSampleAVFObjC into its own file
3504         https://bugs.webkit.org/show_bug.cgi?id=159796
3505         <rdar://problem/27362488>
3506
3507         In preparation for a feature that uses MediaSampleAVFObjC, but does
3508         not need SourceBufferPrivateAVFObjC, it is beneficial to move
3509         MediaSampleAVFObjC to its own file.
3510
3511         Reviewed by Eric Carlson.
3512
3513         * WebCore.xcodeproj/project.pbxproj:
3514         * platform/MediaSample.h: Allow setting trackID to associate
3515         MediaSample id with MediaStreamTrackPrivate id.
3516         * platform/graphics/avfoundation/MediaSampleAVFObjC.h: Added.
3517         * platform/graphics/avfoundation/objc/MediaSampleAVFObjC.mm: Moved
3518         from MediaSampleAVFObjC
3519         (WebCore::MediaSampleAVFObjC::presentationTime):
3520         (WebCore::MediaSampleAVFObjC::decodeTime):
3521         (WebCore::MediaSampleAVFObjC::duration):
3522         (WebCore::MediaSampleAVFObjC::sizeInBytes):
3523         (WebCore::MediaSampleAVFObjC::platformSample):
3524         (WebCore::CMSampleBufferIsRandomAccess):
3525         (WebCore::MediaSampleAVFObjC::flags):
3526         (WebCore::MediaSampleAVFObjC::presentationSize):
3527         (WebCore::MediaSampleAVFObjC::dump):
3528         (WebCore::MediaSampleAVFObjC::offsetTimestampsBy):
3529         (WebCore::MediaSampleAVFObjC::setTimestamps):
3530         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
3531         Moved MediaSampleAVFObjC to its own file.
3532         (WebCore::MediaSampleAVFObjC::platformSample): Deleted.
3533         (WebCore::CMSampleBufferIsRandomAccess): Deleted.
3534         (WebCore::MediaSampleAVFObjC::flags): Deleted.
3535         (WebCore::MediaSampleAVFObjC::presentationSize): Deleted.
3536         (WebCore::MediaSampleAVFObjC::dump): Deleted.
3537         (WebCore::MediaSampleAVFObjC::offsetTimestampsBy): Deleted.
3538         (WebCore::MediaSampleAVFObjC::setTimestamps): Deleted.
3539         * platform/mock/mediasource/MockSourceBufferPrivate.cpp:
3540
3541 2016-07-18  Eric Carlson  <eric.carlson@apple.com>
3542
3543         [MSE][Mac] Pass AVSampleBufferDisplayLayer HDCP status to a newly created key session
3544         https://bugs.webkit.org/show_bug.cgi?id=159812
3545         <rdar://problem/27371624>
3546
3547         Reviewed by Jon Lee.
3548
3549         No new tests, it isn't possible to test this with our current testing infrastructure.
3550
3551         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.h:
3552         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
3553         (WebCore::SourceBufferPrivateAVFObjC::setCDMSession): Call layerDidReceiveError if there has
3554         been an HDCP error.
3555         (WebCore::SourceBufferPrivateAVFObjC::rendererDidReceiveError): Remember an HDCP error.
3556
3557 2016-07-18  Yoav Weiss  <yoav@yoav.ws>
3558
3559         Add preload to features.json
3560         https://bugs.webkit.org/show_bug.cgi?id=159872
3561
3562         Reviewed by Darin Adler.
3563
3564         No new tests but no functional change.
3565
3566         * features.json:
3567
3568 2016-07-18  Youenn Fablet  <youenn@apple.com>
3569
3570         [Streams API] ReadableStream should throw a RangeError in case of NaN highWaterMark
3571         https://bugs.webkit.org/show_bug.cgi?id=159870
3572
3573         Reviewed by Xabier Rodriguez-Calvar.
3574
3575         Covered by rebased test.
3576
3577         * Modules/streams/StreamInternals.js:
3578         (validateAndNormalizeQueuingStrategy): Throwing a RangeError in lieu of a TypeError in case of NaN highWaterMark.
3579
3580 2016-07-18  Csaba Osztrogon√°c  <ossy@webkit.org>
3581
3582         Windows buildfix after r203338
3583         https://bugs.webkit.org/show_bug.cgi?id=159875
3584
3585         Unreviewed buildfix.
3586
3587         * dom/UserGestureIndicator.h:
3588         (WebCore::UserGestureToken::addDestructionObserver):
3589
3590 2016-07-18  Carlos Garcia Campos  <cgarcia@igalia.com>
3591
3592         MemoryPressureHandler doesn't work if cgroups aren't present in Linux
3593         https://bugs.webkit.org/show_bug.cgi?id=155255
3594
3595         Reviewed by Sergio Villar Senin.
3596
3597         Allow to pass an eventFD file descriptor to the MemoryPressureHandler to be monitorized in case cgroups are not
3598         available.
3599
3600         * platform/MemoryPressureHandler.h:
3601         * platform/linux/MemoryPressureHandlerLinux.cpp:
3602
3603 2016-07-17  Gyuyoung Kim  <gyuyoung.kim@webkit.org>
3604
3605         Clean up PassRefPtr uses in Modules/encryptedmedia, Modules/speech, and Modules/quota
3606         https://bugs.webkit.org/show_bug.cgi?id=159701
3607
3608         Reviewed by Alex Christensen.
3609
3610         No new tests, no behavior changes.
3611
3612         * Modules/encryptedmedia/CDM.h:
3613         * Modules/encryptedmedia/MediaKeySession.h:
3614         * Modules/encryptedmedia/MediaKeys.h:
3615         * Modules/quota/DOMWindowQuota.cpp:
3616         * Modules/quota/StorageErrorCallback.cpp:
3617         (WebCore::StorageErrorCallback::CallbackTask::CallbackTask):
3618         * Modules/quota/StorageErrorCallback.h:
3619         * Modules/quota/StorageInfo.h:
3620         * Modules/quota/StorageQuota.h:
3621         * Modules/speech/DOMWindowSpeechSynthesis.cpp:
3622         * Modules/speech/SpeechSynthesis.cpp:
3623         (WebCore::SpeechSynthesis::getVoices):
3624         (WebCore::SpeechSynthesis::startSpeakingImmediately):
3625         (WebCore::SpeechSynthesis::speak):
3626         (WebCore::SpeechSynthesis::cancel):
3627         (WebCore::SpeechSynthesis::handleSpeakingCompleted):
3628         (WebCore::SpeechSynthesis::boundaryEventOccurred):
3629         (WebCore::SpeechSynthesis::didStartSpeaking):
3630         (WebCore::SpeechSynthesis::didPauseSpeaking):
3631         (WebCore::SpeechSynthesis::didResumeSpeaking):
3632         (WebCore::SpeechSynthesis::didFinishSpeaking):
3633         (WebCore::SpeechSynthesis::speakingErrorOccurred):
3634         * Modules/speech/SpeechSynthesis.h:
3635         * Modules/speech/SpeechSynthesisEvent.h:
3636         * Modules/speech/SpeechSynthesisUtterance.h:
3637         * Modules/speech/SpeechSynthesisVoice.cpp:
3638         (WebCore::SpeechSynthesisVoice::create):
3639         (WebCore::SpeechSynthesisVoice::SpeechSynthesisVoice):
3640         * Modules/speech/SpeechSynthesisVoice.h:
3641         * platform/PlatformSpeechSynthesizer.h:
3642         * platform/efl/PlatformSpeechSynthesisProviderEfl.cpp:
3643         (WebCore::PlatformSpeechSynthesisProviderEfl::fireSpeechEvent):
3644         * platform/mock/PlatformSpeechSynthesizerMock.cpp:
3645         (WebCore::PlatformSpeechSynthesizerMock::speakingFinished):
3646         (WebCore::PlatformSpeechSynthesizerMock::speak):
3647         (WebCore::PlatformSpeechSynthesizerMock::cancel):
3648         (WebCore::PlatformSpeechSynthesizerMock::pause):
3649         (WebCore::PlatformSpeechSynthesizerMock::resume):
3650
3651 2016-07-16  Sam Weinig  <sam@webkit.org>
3652
3653         [WebKit API] Add SPI to track multiple navigations caused by a single user gesture
3654         <rdar://problem/26554137>
3655         https://bugs.webkit.org/show_bug.cgi?id=159856
3656
3657         Reviewed by Dan Bernstein.
3658
3659         - Adds a new RefCounted object to represent a unique user gesture, called UserGestureToken.
3660         - Makes UserGestureIndicator track UserGestureToken.
3661         - Refines UserGestureIndicator's interface to use Optional and a smaller enum set
3662           to represent the different initial states.
3663         - Stores UserGestureTokens on objects that want to forward user gesture state (DOMTimer, 
3664           postMessage, and ScheduledNavigation) rather than just a boolean.
3665
3666         * accessibility/AccessibilityNodeObject.cpp:
3667         (WebCore::AccessibilityNodeObject::increment):
3668         (WebCore::AccessibilityNodeObject::decrement):
3669         * accessibility/AccessibilityObject.cpp:
3670         (WebCore::AccessibilityObject::press):
3671         * bindings/js/ScriptController.cpp:
3672         (WebCore::ScriptController::executeScriptInWorld):
3673         (WebCore::ScriptController::executeScript):
3674         Update for new UserGestureIndicator interface.
3675
3676         * dom/UserGestureIndicator.cpp:
3677         (WebCore::currentToken):
3678         (WebCore::UserGestureToken::~UserGestureToken):
3679         (WebCore::UserGestureIndicator::UserGestureIndicator):
3680         (WebCore::UserGestureIndicator::~UserGestureIndicator):
3681         (WebCore::UserGestureIndicator::currentUserGesture):
3682         (WebCore::UserGestureIndicator::processingUserGesture):
3683         (WebCore::UserGestureIndicator::processingUserGestureForMedia):
3684         (WebCore::isDefinite): Deleted.
3685         * dom/UserGestureIndicator.h:
3686         (WebCore::UserGestureToken::create):
3687         (WebCore::UserGestureToken::state):
3688         (WebCore::UserGestureToken::processingUserGesture):
3689         (WebCore::UserGestureToken::processingUserGestureForMedia):
3690         (WebCore::UserGestureToken::addDestructionObserver):
3691         (WebCore::UserGestureToken::UserGestureToken):
3692         Add UserGestureToken and track the current one explicitly.
3693
3694         * html/HTMLMediaElement.cpp:
3695         (WebCore::HTMLMediaElement::didReceiveRemoteControlCommand):
3696         * inspector/InspectorFrontendClientLocal.cpp:
3697         (WebCore::InspectorFrontendClientLocal::openInNewTab):
3698         * inspector/InspectorFrontendHost.cpp:
3699         * inspector/InspectorPageAgent.cpp:
3700         (WebCore::InspectorPageAgent::navigate):
3701         Update for new UserGestureIndicator interface.
3702
3703         * loader/NavigationAction.cpp:
3704         (WebCore::NavigationAction::NavigationAction):
3705         * loader/NavigationAction.h:
3706         (WebCore::NavigationAction::userGestureToken):
3707         (WebCore::NavigationAction::processingUserGesture):
3708         * loader/NavigationScheduler.cpp:
3709         (WebCore::ScheduledNavigation::ScheduledNavigation):
3710         (WebCore::ScheduledNavigation::~ScheduledNavigation):
3711         (WebCore::ScheduledNavigation::lockBackForwardList):
3712         (WebCore::ScheduledNavigation::wasDuringLoad):
3713         (WebCore::ScheduledNavigation::isLocationChange):
3714         (WebCore::ScheduledNavigation::userGestureToForward):
3715         (WebCore::ScheduledNavigation::clearUserGesture):
3716         (WebCore::NavigationScheduler::mustLockBackForwardList):
3717         (WebCore::NavigationScheduler::scheduleFormSubmission):
3718         (WebCore::ScheduledNavigation::wasUserGesture): Deleted.
3719         * page/DOMTimer.cpp:
3720         (WebCore::shouldForwardUserGesture):
3721         (WebCore::userGestureTokenToForward):
3722         (WebCore::DOMTimer::DOMTimer):
3723         (WebCore::DOMTimer::fired):
3724         * page/DOMTimer.h:
3725         * page/DOMWindow.cpp:
3726         (WebCore::PostMessageTimer::PostMessageTimer):
3727         Store the active UserGestureToken rather than just a bit.
3728
3729         * page/EventHandler.cpp:
3730         (WebCore::EventHandler::handleMousePressEvent):
3731         (WebCore::EventHandler::handleMouseDoubleClickEvent):
3732         (WebCore::EventHandler::handleMouseReleaseEvent):
3733         (WebCore::EventHandler::keyEvent):
3734         (WebCore::EventHandler::handleTouchEvent):
3735         * rendering/HitTestResult.cpp:
3736         (WebCore::HitTestResult::toggleMediaFullscreenState):
3737         (WebCore::HitTestResult::enterFullscreenForVideo):
3738         (WebCore::HitTestResult::toggleEnhancedFullscreenForVideo):
3739         Update for new UserGestureIndicator interface.
3740
3741 2016-07-17  Ryosuke Niwa  <rniwa@webkit.org>
3742
3743         Rename fastHasAttribute to hasAttributeWithoutSynchronization
3744         https://bugs.webkit.org/show_bug.cgi?id=159864
3745
3746         Reviewed by Chris Dumez.
3747
3748         Renamed Rename fastHasAttribute to hasAttributeWithoutSynchronization for clarity.
3749
3750         * accessibility/AccessibilityListBoxOption.cpp:
3751         (WebCore::AccessibilityListBoxOption::isEnabled):
3752         * accessibility/AccessibilityObject.cpp:
3753         (WebCore::AccessibilityObject::hasAttribute):
3754         (WebCore::AccessibilityObject::getAttribute):
3755         * accessibility/AccessibilityRenderObject.cpp:
3756         (WebCore::AccessibilityRenderObject::determineAccessibilityRole):
3757         * bindings/scripts/CodeGenerator.pm:
3758         (GetterExpression):
3759         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
3760         * bindings/scripts/test/JS/JSTestObj.cpp:
3761         (WebCore::jsTestObjReflectedBooleanAttr):
3762         (WebCore::jsTestObjReflectedCustomBooleanAttr):
3763         * bindings/scripts/test/ObjC/DOMTestObj.mm:
3764         (-[DOMTestObj reflectedBooleanAttr]):
3765         (-[DOMTestObj setReflectedBooleanAttr:]):
3766         (-[DOMTestObj reflectedCustomBooleanAttr]):
3767         (-[DOMTestObj setReflectedCustomBooleanAttr:]):
3768         * dom/Document.cpp:
3769         (WebCore::Document::hasManifest):
3770         (WebCore::Document::doctype):
3771         * dom/Element.h:
3772         (WebCore::Node::parentElement):
3773         (WebCore::Element::hasAttributeWithoutSynchronization):
3774         (WebCore::Element::fastHasAttribute): Deleted.
3775         * editing/ApplyStyleCommand.cpp:
3776         (WebCore::ApplyStyleCommand::removeEmbeddingUpToEnclosingBlock):
3777         * editing/DeleteSelectionCommand.cpp:
3778         (WebCore::DeleteSelectionCommand::makeStylingElementsDirectChildrenOfEditableRootToPreventStyleLoss):
3779         * editing/markup.cpp:
3780         (WebCore::createMarkupInternal):
3781         * html/ColorInputType.cpp:
3782         (WebCore::ColorInputType::shouldShowSuggestions):
3783         * html/FileInputType.cpp:
3784         (WebCore::FileInputType::handleDOMActivateEvent):
3785         (WebCore::FileInputType::receiveDroppedFiles):
3786         * html/FormAssociatedElement.cpp:
3787         (WebCore::FormAssociatedElement::didMoveToNewDocument):
3788         (WebCore::FormAssociatedElement::insertedInto):
3789         (WebCore::FormAssociatedElement::removedFrom):
3790         (WebCore::FormAssociatedElement::formAttributeChanged):
3791         * html/FormController.cpp:
3792         (WebCore::ownerFormForState):
3793         * html/GenericCachedHTMLCollection.cpp:
3794         (WebCore::GenericCachedHTMLCollection<traversalType>::elementMatches):
3795         * html/HTMLAnchorElement.cpp:
3796         (WebCore::HTMLAnchorElement::draggable):
3797         (WebCore::HTMLAnchorElement::href):
3798         (WebCore::HTMLAnchorElement::sendPings):
3799         * html/HTMLAppletElement.cpp:
3800         (WebCore::HTMLAppletElement::rendererIsNeeded):
3801         * html/HTMLElement.cpp:
3802         (WebCore::HTMLElement::collectStyleForPresentationAttribute):
3803         (WebCore::elementAffectsDirectionality):
3804         (WebCore::setHasDirAutoFlagRecursively):
3805         * html/HTMLEmbedElement.cpp:
3806         (WebCore::HTMLEmbedElement::rendererIsNeeded):
3807         * html/HTMLFieldSetElement.cpp:
3808         (WebCore::updateFromControlElementsAncestorDisabledStateUnder):
3809         (WebCore::HTMLFieldSetElement::disabledAttributeChanged):
3810         (WebCore::HTMLFieldSetElement::disabledStateChanged):
3811         (WebCore::HTMLFieldSetElement::childrenChanged):
3812         * html/HTMLFormControlElement.cpp:
3813         (WebCore::HTMLFormControlElement::formNoValidate):
3814         (WebCore::HTMLFormControlElement::formAction):
3815         (WebCore::HTMLFormControlElement::computeIsDisabledByFieldsetAncestor):
3816         (WebCore::shouldAutofocus):
3817         * html/HTMLFormElement.cpp:
3818         (WebCore::HTMLFormElement::formElementIndex):
3819         (WebCore::HTMLFormElement::noValidate):
3820         * html/HTMLFrameElement.cpp:
3821         (WebCore::HTMLFrameElement::noResize):
3822         (WebCore::HTMLFrameElement::didAttachRenderers):
3823         * html/HTMLFrameElementBase.cpp:
3824         (WebCore::HTMLFrameElementBase::parseAttribute):
3825         (WebCore::HTMLFrameElementBase::location):
3826         * html/HTMLHRElement.cpp:
3827         (WebCore::HTMLHRElement::collectStyleForPresentationAttribute):
3828         * html/HTMLImageElement.cpp:
3829         (WebCore::HTMLImageElement::isServerMap):
3830         * html/HTMLInputElement.cpp:
3831         (WebCore::HTMLInputElement::finishParsingChildren):
3832         (WebCore::HTMLInputElement::matchesDefaultPseudoClass):
3833         (WebCore::HTMLInputElement::isActivatedSubmit):
3834         (WebCore::HTMLInputElement::reset):
3835         (WebCore::HTMLInputElement::multiple):
3836         (WebCore::HTMLInputElement::setSize):
3837         (WebCore::HTMLInputElement::shouldUseMediaCapture):
3838         * html/HTMLMarqueeElement.cpp:
3839         (WebCore::HTMLMarqueeElement::minimumDelay):
3840         * html/HTMLMediaElement.cpp:
3841         (WebCore::HTMLMediaElement::insertedInto):
3842         (WebCore::HTMLMediaElement::selectMediaResource):
3843         (WebCore::HTMLMediaElement::loadResource):
3844         (WebCore::HTMLMediaElement::autoplay):
3845         (WebCore::HTMLMediaElement::preload):
3846         (WebCore::HTMLMediaElement::loop):
3847         (WebCore::HTMLMediaElement::setLoop):
3848         (WebCore::HTMLMediaElement::controls):
3849         (WebCore::HTMLMediaElement::setControls):
3850         (WebCore::HTMLMediaElement::muted):
3851         (WebCore::HTMLMediaElement::setMuted):
3852         (WebCore::HTMLMediaElement::selectNextSourceChild):
3853         (WebCore::HTMLMediaElement::sourceWasAdded):
3854         (WebCore::HTMLMediaElement::mediaSessionTitle):
3855         * html/HTMLObjectElement.cpp:
3856         (WebCore::HTMLObjectElement::parseAttribute):
3857         * html/HTMLOptGroupElement.cpp:
3858         (WebCore::HTMLOptGroupElement::isDisabledFormControl):
3859         (WebCore::HTMLOptGroupElement::isFocusable):
3860         * html/HTMLOptionElement.cpp:
3861         (WebCore::HTMLOptionElement::matchesDefaultPseudoClass):
3862         (WebCore::HTMLOptionElement::text):
3863         * html/HTMLProgressElement.cpp:
3864         (WebCore::HTMLProgressElement::isDeterminate):
3865         (WebCore::HTMLProgressElement::didElementStateChange):
3866         * html/HTMLScriptElement.cpp:
3867         (WebCore::HTMLScriptElement::async):
3868         (WebCore::HTMLScriptElement::setCrossOrigin):
3869         (WebCore::HTMLScriptElement::asyncAttributeValue):
3870         (WebCore::HTMLScriptElement::deferAttributeValue):
3871         (WebCore::HTMLScriptElement::hasSourceAttribute):
3872         (WebCore::HTMLScriptElement::dispatchLoadEvent):
3873         * html/HTMLSelectElement.cpp:
3874         (WebCore::HTMLSelectElement::reset):
3875         * html/HTMLTrackElement.cpp:
3876         (WebCore::HTMLTrackElement::isDefault):
3877         (WebCore::HTMLTrackElement::ensureTrack):
3878         (WebCore::HTMLTrackElement::loadTimerFired):
3879         * html/MediaElementSession.cpp:
3880         (WebCore::MediaElementSession::wirelessVideoPlaybackDisabled):
3881         (WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):
3882         (WebCore::MediaElementSession::allowsAutomaticMediaDataLoading):
3883         * html/SearchInputType.cpp:
3884         (WebCore::SearchInputType::searchEventsShouldBeDispatched):
3885         (WebCore::SearchInputType::didSetValueByUserEdit):
3886         * inspector/InspectorDOMAgent.cpp:
3887         (WebCore::InspectorDOMAgent::buildObjectForNode):
3888         * loader/FrameLoader.cpp:
3889         (WebCore::FrameLoader::shouldTreatURLAsSrcdocDocument):
3890         (WebCore::FrameLoader::findFrameForNavigation):
3891         * loader/ImageLoader.cpp:
3892         (WebCore::ImageLoader::notifyFinished):
3893         * mathml/MathMLSelectElement.cpp:
3894         (WebCore::MathMLSelectElement::getSelectedSemanticsChild):
3895         * rendering/RenderTableCell.cpp:
3896         (WebCore::RenderTableCell::computePreferredLogicalWidths):
3897         * rendering/RenderThemeIOS.mm:
3898         (WebCore::RenderThemeIOS::adjustMenuListButtonStyle):
3899         * rendering/SimpleLineLayout.cpp:
3900         (WebCore::SimpleLineLayout::canUseForWithReason):
3901         * rendering/svg/RenderSVGResourceClipper.cpp:
3902         (WebCore::RenderSVGResourceClipper::drawContentIntoMaskImage):
3903         * svg/SVGAnimateMotionElement.cpp:
3904         (WebCore::SVGAnimateMotionElement::updateAnimationPath):
3905         * svg/SVGAnimationElement.cpp:
3906         (WebCore::SVGAnimationElement::startedActiveInterval):
3907         (WebCore::SVGAnimationElement::updateAnimation):
3908         * svg/animation/SVGSMILElement.cpp:
3909         (WebCore::SVGSMILElement::insertedInto):
3910
3911 2016-07-17  Brady Eidson  <beidson@apple.com>
3912
3913         Exceptions logged to the JS console should use toString().
3914         https://bugs.webkit.org/show_bug.cgi?id=159855
3915
3916         Reviewed by Darin Adler.
3917
3918         No new tests (No change in behavior).
3919
3920         * bindings/js/JSDOMBinding.cpp:
3921         (WebCore::reportException):
3922
3923         * dom/DOMCoreException.h:
3924         (WebCore::DOMCoreException::DOMCoreException):
3925
3926         * dom/ExceptionBase.cpp:
3927         (WebCore::ExceptionBase::ExceptionBase):
3928         (WebCore::ExceptionBase::toString):
3929         (WebCore::ExceptionBase::consoleErrorMessage): Deleted.
3930         * dom/ExceptionBase.h:
3931         (WebCore::ExceptionBase::description): Deleted.
3932
3933         * svg/SVGException.h:
3934
3935         * xml/XPathException.h:
3936         (WebCore::XPathException::XPathException):
3937
3938 2016-07-17  Brady Eidson  <beidson@apple.com>
3939
3940         Update DOMCoreException to use the description in toString().
3941         https://bugs.webkit.org/show_bug.cgi?id=159857
3942
3943         Reviewed by Darin Adler.
3944
3945         No new tests (Covered by changes to existing tests).
3946
3947         * bindings/js/JSDOMBinding.cpp:
3948         (WebCore::createDOMException):
3949
3950         * dom/DOMCoreException.h:
3951         (WebCore::DOMCoreException::DOMCoreException):
3952         (WebCore::DOMCoreException::createWithDescriptionAsMessage): Deleted.
3953
3954 2016-07-17  Myles C. Maxfield  <mmaxfield@apple.com>
3955
3956         Support new emoji group candidates
3957         https://bugs.webkit.org/show_bug.cgi?id=159755
3958         <rdar://problem/27325521>
3959
3960         Reviewed by Dean Jackson.
3961
3962         There are a few code points which should be able to be joined (with ZWJ) to
3963         either U+2640 or U+2642 to change the gender of the emoji. These patterns
3964         should also work with an additional 0xFE0F variation selector. This patch
3965         adds these new patterns to our existing emoji group candidate infrastructure.
3966
3967         Tests: fast/text/emoji-gender-2-3.html