Unreviewed. Remove unneeded header includes from CoordinatedGraphicsLayer.
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2016-07-25  Carlos Garcia Campos  <cgarcia@igalia.com>
2
3         Unreviewed. Remove unneeded header includes from CoordinatedGraphicsLayer.
4
5         Not only thjey are not needed, they are a layer violation, CoordinatedGraphicsLayer shouldn't know anything
6         about Page, Frame and FrameView.
7
8         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
9         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
10
11 2016-07-24  Youenn Fablet  <youenn@apple.com>
12
13         [Fetch API] Request should be created with any HeadersInit data
14         https://bugs.webkit.org/show_bug.cgi?id=159672
15
16         Reviewed by Sam Weinig.
17
18         Made Request use JSBuiltinConstructor.
19         This allows initializing newly created Request with a JS built-in function, initializeFetchRequest.
20         initializeFetchRequest can call @fillFetchHeaders internal built-in to handle any HeadersInit data.
21         Future effort should be made to migrate more initialization code in initializeFetchRequest.
22
23         Made window and worker fetch function as a JS built-in.
24         This becomes more handy as these new functions can construct the Request object.
25         They can then call a single private function that takes a Request object as input.
26         Updated DOMWindowFetch and WorkerGlobalScopeFetch code accordingly.
27
28         To enable this, the binding generator is updated to support runtime-enabled JS built-in functions and
29         private functions atttached to global objects.
30
31         Covered by existing and modified tests.
32         Binding generator test covered by updated binding tests.
33
34         * CMakeLists.txt: Adding DOMWindowFetch.js, FetchRequest.js and WorkerGlobalScopeFetch.js built-in files.
35         * DerivedSources.make: Ditto.
36         * Modules/fetch/DOMWindowFetch.cpp: Removed overloaded fetch and updated according new signature.
37         (WebCore::DOMWindowFetch::fetch):
38         * Modules/fetch/DOMWindowFetch.h: Ditto.
39         * Modules/fetch/DOMWindowFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
40         * Modules/fetch/DOMWindowFetch.js: Added.
41         (fetch):
42         * Modules/fetch/FetchHeaders.h:
43         (WebCore::FetchHeaders::setGuard): Used by FetchRequest when initializing headers.
44         * Modules/fetch/FetchRequest.cpp: 
45         (WebCore::buildHeaders): Removed as implemented in JS.
46         (WebCore::FetchRequest::initializeOptions): Added to handle most of the dictionary initialization.
47         (WebCore::FetchRequest::initializeWith): Method called from built-in constructor function.
48         (WebCore::FetchRequest::setBody): Corresponding to @setBody private method.
49         (WebCore::buildBody): Deleted.
50         * Modules/fetch/FetchRequest.h:
51         * Modules/fetch/FetchRequest.idl:
52         * Modules/fetch/FetchRequest.js: Added.
53         (initializeFetchRequest): Implements fetch Request(input, init) constructor.
54         * Modules/fetch/FetchResponse.cpp:
55         (WebCore::FetchResponse::fetch): Removed the construction of FetchRequest in fetch method since it is done by JS built-in code.
56         * Modules/fetch/FetchResponse.h:
57         * Modules/fetch/WorkerGlobalScopeFetch.cpp: Removed overloaded fetch and updated according new signature.
58         (WebCore::WorkerGlobalScopeFetch::fetch):
59         * Modules/fetch/WorkerGlobalScopeFetch.h: Ditto.
60         * Modules/fetch/WorkerGlobalScopeFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
61         * Modules/fetch/WorkerGlobalScopeFetch.js: Added.
62         (fetch):
63         * bindings/js/WebCoreBuiltinNames.h: Adding fetchRequest, setBody and Request private identifiers.
64         * bindings/scripts/CodeGenerator.pm:
65         (WK_lcfirst): Replacing dOM by dom.
66         * bindings/scripts/CodeGeneratorJS.pm:
67         (GenerateImplementation): Adding support for runtime-enabled built-in methods and private methods.
68         * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
69         (WebCore::JSTestGlobalObject::finishCreation):
70         (WebCore::jsTestGlobalObjectInstanceFunctionTestPrivateFunction):
71         * bindings/scripts/test/ObjC/DOMTestGlobalObject.mm:
72         (-[DOMTestGlobalObject testJSBuiltinFunction]):
73         * bindings/scripts/test/TestGlobalObject.idl: Adding tests for runtime-enabled global built-in methods and private methods.
74
75 2016-07-24  Nan Wang  <n_wang@apple.com>
76
77         AX: Video Controls: Volume cannot be adjusted using VO.
78         https://bugs.webkit.org/show_bug.cgi?id=160107
79
80         Reviewed by Dean Jackson.
81
82         The volume slider in video tag had 0.01 step which caused the screen reader adjusting it slowly.
83         Changed the step to 0.05 and added the aria-valuetext attribute to the slider, so that the value
84         is spoken in percentage. 
85
86         Test: accessibility/mac/video-volume-slider-accessibility.html
87
88         * Modules/mediacontrols/mediaControlsApple.js:
89         (Controller.prototype.createControls):
90         (Controller.prototype.handleVolumeSliderInput):
91         (Controller.prototype.updateVolume):
92
93 2016-07-24  David Kilzer  <ddkilzer@apple.com>
94
95         REGRESSION (r203106): Crash in WebCore::MathMLElement::parseMathMLLength()
96         <https://webkit.org/b/160111>
97         <rdar://problem/27506489>
98
99         Reviewed by Chris Dumez.
100
101         Test: mathml/mpadded-crash.html
102
103         * mathml/MathMLElement.cpp:
104         (WebCore::skipLeadingAndTrailingWhitespace): Change to take
105         StringView parameter instead of String to avoid creating a
106         temporary String that's released on return.
107
108 2016-07-24  Carlos Garcia Campos  <cgarcia@igalia.com>
109
110         [Coordinated Graphics] ASSERTION FAILED: !m_flushingLayers in fast/repaint/animation-after-layer-scroll.html
111         https://bugs.webkit.org/show_bug.cgi?id=160142
112
113         Reviewed by Michael Catanzaro.
114
115         This only happens in layout tests, because it happens when RenderLayerCompositor::layerTreeAsText() is
116         called. The thing is that CoordinatedGraphicsLayer::flushCompositingState() calls notifyFlushRequired() that
117         checks if the coordinator is flusing layers and if not it calls RenderLayerCompositor::notifyFlushRequired() and
118         returns early. This normally works because the coodinator is the one starting the layer flush, so that when
119         RenderLayerCompositor::flushPendingLayerChanges() is called the coordinator is always flusing layers. But
120         RenderLayerCompositor::layerTreeAsText() calls RenderLayerCompositor::flushPendingLayerChanges() directly, so at
121         that moment the coordinator is not flusing layers, what causes that
122         CoordinatedGraphicsLayer::flushCompositingState() ends up calling RenderLayerCompositor::notifyFlushRequired()
123         that schedules a new flush while flusing layers causing the
124         assertion. CoordinatedGraphicsLayer::flushCompositingState() is always called from
125         CompositingCoordinator::flushPendingLayerChanges() or RenderLayerCompositor::flushPendingLayerChanges() so we
126         never need to call RenderLayerCompositor::notifyFlushRequired() from there.
127
128         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
129         (WebCore::CoordinatedGraphicsLayer::notifyFlushRequired): This is void now since the return value is not checked anywhere.
130         (WebCore::CoordinatedGraphicsLayer::flushCompositingState): Remove the call to notifyFlushRequired().
131         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
132
133 2016-07-24  Darin Adler  <darin@apple.com>
134
135         Adding a new WebCore JavaScript built-in source file does not trigger rebuild of WebCoreJSBuiltins*
136         https://bugs.webkit.org/show_bug.cgi?id=160115
137
138         Reviewed by Youenn Fablet.
139
140         * DerivedSources.make: Added a missing dependency so the rule that builds WebCore_BUILTINS_WRAPPERS
141         kicks in when the list of WebCore_BUILTINS_SOURCES is modified. Also added another missing dependency
142         so that changes to the JavaScript built-ins Python scripts will also trigger WebCore_BUILTINS_WRAPPERS.
143
144         * make-generated-sources.sh: Removed. Was unused.
145
146 2016-07-23  Zalan Bujtas  <zalan@apple.com>
147
148         Stop isEmpty() from leaking out of SVG.
149         https://bugs.webkit.org/show_bug.cgi?id=160121
150
151         Reviewed by Simon Fraser.
152
153         It's unclear what isEmpty() actually means and it doesn't bring any value to Render* classes.
154
155         No change in functionality.
156
157         * editing/CompositeEditCommand.cpp:
158         (WebCore::CompositeEditCommand::addBlockPlaceholderIfNeeded):
159         * rendering/RenderElement.h:
160         * rendering/RenderListItem.cpp:
161         (WebCore::RenderListItem::isEmpty): Deleted.
162         * rendering/RenderListItem.h:
163         * rendering/RenderObject.h:
164         (WebCore::RenderObject::isEmpty): Deleted.
165         * rendering/RenderRubyRun.cpp:
166         (WebCore::RenderRubyRun::removeChild):
167         (WebCore::RenderRubyRun::isEmpty): Deleted.
168         * rendering/RenderRubyRun.h:
169         * rendering/mathml/RenderMathMLFenced.cpp:
170         (WebCore::RenderMathMLFenced::updateFromElement):
171         (WebCore::RenderMathMLFenced::addChild):
172         * rendering/mathml/RenderMathMLRoot.cpp:
173         (WebCore::RenderMathMLRoot::paint):
174         * rendering/svg/RenderSVGShape.h:
175
176 2016-07-23  Zalan Bujtas  <zalan@apple.com>
177
178         table*BorderAdjoiningCell and borderAdjoiningCell* should take reference instead of RenderTableCell*.
179         https://bugs.webkit.org/show_bug.cgi?id=160123
180
181         Reviewed by Simon Fraser.
182
183         No change in functionality.
184
185         * rendering/RenderTable.cpp:
186         (WebCore::RenderTable::tableStartBorderAdjoiningCell):
187         (WebCore::RenderTable::tableEndBorderAdjoiningCell):
188         * rendering/RenderTable.h:
189         * rendering/RenderTableCell.cpp:
190         (WebCore::RenderTableCell::computeCollapsedStartBorder):
191         (WebCore::RenderTableCell::computeCollapsedEndBorder):
192         * rendering/RenderTableCell.h:
193         (WebCore::RenderTableCell::borderAdjoiningCellBefore):
194         (WebCore::RenderTableCell::borderAdjoiningCellAfter):
195         * rendering/RenderTableCol.cpp:
196         (WebCore::RenderTableCol::borderAdjoiningCellStartBorder):
197         (WebCore::RenderTableCol::borderAdjoiningCellEndBorder):
198         (WebCore::RenderTableCol::borderAdjoiningCellBefore):
199         (WebCore::RenderTableCol::borderAdjoiningCellAfter):
200         * rendering/RenderTableCol.h:
201         * rendering/RenderTableRow.cpp:
202         (WebCore::RenderTableRow::borderAdjoiningStartCell):
203         (WebCore::RenderTableRow::borderAdjoiningEndCell):
204         * rendering/RenderTableRow.h:
205         * rendering/RenderTableSection.cpp:
206         (WebCore::RenderTableSection::borderAdjoiningStartCell):
207         (WebCore::RenderTableSection::borderAdjoiningEndCell):
208         * rendering/RenderTableSection.h:
209
210 2016-07-23  Zalan Bujtas  <zalan@apple.com>
211
212         Remove unused enum and stale comment from RenderObject.
213         https://bugs.webkit.org/show_bug.cgi?id=160122
214
215         Reviewed by Simon Fraser.
216
217         No change in functionality.
218
219         * rendering/RenderBox.h:
220
221 2016-07-23  Carlos Garcia Campos  <cgarcia@igalia.com>
222
223         [Coordinated Graphics] Lots of flaky tests
224         https://bugs.webkit.org/show_bug.cgi?id=160118
225
226         Reviewed by Michael Catanzaro.
227
228         Since the GTK+ ported to threaded compositor (coordinated graphics) there are a lot of flaky tests in the
229         bots. In manu of the cases the diff shows a different size in the FrameView layer.
230
231         This happens for tests run in the same WTR after fast/fixed-layout/fixed-layout.html. This is what happens:
232
233          1.- Test fast/fixed-layout/fixed-layout.html runs and sets fixed layout to true and fixed layout size to 400x400
234          2.- When it finishes TestController::resetStateToConsistentValues() is called.
235          3.- Blank URL is loaded after state has been updated
236          4.- Then Reset message is handled in the web process and Internals::resetToConsistentState() resets the fixed
237              layout state and size.
238          5.- onresize happens and the handler set in fast/fixed-layout/fixed-layout.html is invoked setting the fixed
239              layout to true and size to 400x400 again.
240          6.- about_blank is then loaded with the fixed layout enabled, as well as other tests after this one.
241
242         In addition to this, coordinated graphics uses a fixedVisibleContentRect in ScrollView that is never reset.
243
244         * platform/ScrollView.cpp:
245         (WebCore::ScrollView::unscaledVisibleContentSizeIncludingObscuredArea): Only use m_fixedVisibleContentRect when
246         fixed layout is enabled.
247         (WebCore::ScrollView::unscaledUnobscuredVisibleContentSize): Ditto.
248         (WebCore::ScrollView::visibleContentRectInternal): Ditto.
249         * testing/Internals.cpp:
250         (WebCore::Internals::resetToConsistentState): Reset also the m_fixedVisibleContentRect.
251
252 2016-07-23  Carlos Garcia Campos  <cgarcia@igalia.com>
253
254         [Coordinated Graphics] Test imported/blink/svg/custom/svg-image-layers-crash.html crashes
255         https://bugs.webkit.org/show_bug.cgi?id=160078
256
257         Reviewed by Michael Catanzaro.
258
259         This is a merge of Blink r155373.
260         https://chromiumcodereview.appspot.com/20789004
261
262         Disable accelerated compositing for SVGImage content layers. SVGImageChromeClient does not support it.
263
264         Fixes imported/blink/svg/custom/svg-image-layers-crash.html.
265
266         * svg/graphics/SVGImage.cpp:
267         (WebCore::SVGImage::dataChanged):
268
269 2016-07-23  Commit Queue  <commit-queue@webkit.org>
270
271         Unreviewed, rolling out r203641.
272         https://bugs.webkit.org/show_bug.cgi?id=160116
273
274         It broke make-based builds (Requested by youenn on #webkit).
275
276         Reverted changeset:
277
278         "[Fetch API] Request should be created with any HeadersInit
279         data"
280         https://bugs.webkit.org/show_bug.cgi?id=159672
281         http://trac.webkit.org/changeset/203641
282
283 2016-07-23  Youenn Fablet  <youenn@apple.com>
284
285         [Fetch API] Request should be created with any HeadersInit data
286         https://bugs.webkit.org/show_bug.cgi?id=159672
287
288         Reviewed by Sam Weinig.
289
290         Made Request use JSBuiltinConstructor.
291         This allows initializing newly created Request with a JS built-in function, initializeFetchRequest.
292         initializeFetchRequest can call @fillFetchHeaders internal built-in to handle any HeadersInit data.
293         Future effort should be made to migrate more initialization code in initializeFetchRequest.
294
295         Made window and worker fetch function as a JS built-in.
296         This becomes more handy as these new functions can construct the Request object.
297         They can then call a single private function that takes a Request object as input.
298         Updated DOMWindowFetch and WorkerGlobalScopeFetch code accordingly.
299
300         To enable this, the binding generator is updated to support runtime-enabled JS built-in functions and
301         private functions atttached to global objects.
302
303         Covered by existing and modified tests.
304         Binding generator test covered by updated binding tests.
305
306         * CMakeLists.txt: Adding DOMWindowFetch.js, FetchRequest.js and WorkerGlobalScopeFetch.js built-in files.
307         * DerivedSources.make: Ditto.
308         * Modules/fetch/DOMWindowFetch.cpp: Removed overloaded fetch and updated according new signature.
309         (WebCore::DOMWindowFetch::fetch):
310         * Modules/fetch/DOMWindowFetch.h: Ditto.
311         * Modules/fetch/DOMWindowFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
312         * Modules/fetch/DOMWindowFetch.js: Added.
313         (fetch):
314         * Modules/fetch/FetchHeaders.h:
315         (WebCore::FetchHeaders::setGuard): Used by FetchRequest when initializing headers.
316         * Modules/fetch/FetchRequest.cpp: 
317         (WebCore::buildHeaders): Removed as implemented in JS.
318         (WebCore::FetchRequest::initializeOptions): Added to handle most of the dictionary initialization.
319         (WebCore::FetchRequest::initializeWith): Method called from built-in constructor function.
320         (WebCore::FetchRequest::setBody): Corresponding to @setBody private method.
321         (WebCore::buildBody): Deleted.
322         * Modules/fetch/FetchRequest.h:
323         * Modules/fetch/FetchRequest.idl:
324         * Modules/fetch/FetchRequest.js: Added.
325         (initializeFetchRequest): Implements fetch Request(input, init) constructor.
326         * Modules/fetch/FetchResponse.cpp:
327         (WebCore::FetchResponse::fetch): Removed the construction of FetchRequest in fetch method since it is done by JS built-in code.
328         * Modules/fetch/FetchResponse.h:
329         * Modules/fetch/WorkerGlobalScopeFetch.cpp: Removed overloaded fetch and updated according new signature.
330         (WebCore::WorkerGlobalScopeFetch::fetch):
331         * Modules/fetch/WorkerGlobalScopeFetch.h: Ditto.
332         * Modules/fetch/WorkerGlobalScopeFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
333         * Modules/fetch/WorkerGlobalScopeFetch.js: Added.
334         (fetch):
335         * bindings/js/WebCoreBuiltinNames.h: Adding fetchRequest, setBody and Request private identifiers.
336         * bindings/scripts/CodeGenerator.pm:
337         (WK_lcfirst): Replacing dOM by dom.
338         * bindings/scripts/CodeGeneratorJS.pm:
339         (GenerateImplementation): Adding support for runtime-enabled built-in methods and private methods.
340         * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
341         (WebCore::JSTestGlobalObject::finishCreation):
342         (WebCore::jsTestGlobalObjectInstanceFunctionTestPrivateFunction):
343         * bindings/scripts/test/ObjC/DOMTestGlobalObject.mm:
344         (-[DOMTestGlobalObject testJSBuiltinFunction]):
345         * bindings/scripts/test/TestGlobalObject.idl: Adding tests for runtime-enabled global built-in methods and private methods.
346
347 2016-07-23  Frederic Wang  <fwang@igalia.com>
348
349         Reset font-style on the <math> element
350         https://bugs.webkit.org/show_bug.cgi?id=160074
351
352         Reviewed by Darin Adler.
353
354         Mathematical formulas with italic font-style render poorly (slanted operators, mathvariant
355         italic etc). We align on Gecko and make the user agent stylesheet reset the font-style to
356         'normal' by default. This addresses the concrete use case of formula inside theorem or
357         proposition statements, which are often written in italic.
358
359         Test: mathml/presentation/math-font-style.html
360
361         * css/mathml.css:
362         (math): Reset the font-style to normal.
363
364 2016-07-23  Frederic Wang  <fwang@igalia.com>
365
366         [MathML] PaintInfo state is not properly restored after applyTransform.
367         https://bugs.webkit.org/show_bug.cgi?id=160077
368
369         Reviewed by Simon Fraser.
370
371         PaintInfo::applyTransform modifies PaintInfo::rect and the original state is not properly
372         restored by GraphicsContextStateSaver. To avoid some weird rendering bugs in MathOperator
373         and RenderMathMLMenclose, we follow what is done in SVG renderers and make a copy of the
374         original PaintInfo before applying the transform.
375
376         Test: mathml/presentation/bug160077.html
377
378         * rendering/mathml/MathOperator.cpp:
379         (WebCore::MathOperator::paint):
380         * rendering/mathml/RenderMathMLMenclose.cpp:
381         (WebCore::RenderMathMLMenclose::paint):
382
383 2016-07-23  Youenn Fablet  <youenn@apple.com>
384
385         [Fetch API] Fetch response stream should enqueue Uint8Array
386         https://bugs.webkit.org/show_bug.cgi?id=160083
387
388         Reviewed by Sam Weinig.
389
390         Covered by updated tests.
391
392         Before enqueuing, ReadableStreamController::enqueue will convert ArrayBuffer as Uint8Array.
393         It also returns a boolean whether the operation is successful or not.
394
395         If returned value is false, calling code will stop loading or if everything is loaded it will refrain from closing the stream.
396         The enqueuing should be succesful except in OutOfMemory cases. This case is not yet handled in test cases.
397
398         Updated the code to remove templated enqueuing as Fetch has no use of it.
399
400         * Modules/fetch/FetchBody.cpp:
401         (WebCore::FetchBody::consumeAsStream): Do not close the stream if enqueuing failed.
402         * Modules/fetch/FetchBodyOwner.cpp:
403         (WebCore::FetchBodyOwner::blobChunk): Stop blob loading if enqueuing failed.
404         * Modules/fetch/FetchResponse.cpp:
405         (WebCore::FetchResponse::BodyLoader::didReceiveData): Stop resource loading if enqueuing failed.
406         (WebCore::FetchResponse::consumeBodyAsStream): Ditto.
407         * Modules/fetch/FetchResponseSource.h:
408         * bindings/js/ReadableStreamController.h:
409         (WebCore::ReadableStreamController::enqueue):
410         (WebCore::ReadableStreamController::enqueue<RefPtr<JSC::ArrayBuffer>>): Deleted.
411
412 2016-07-22  Youenn Fablet  <youenn@apple.com>
413
414         Use a private property to implement FetchResponse.body getter
415         https://bugs.webkit.org/show_bug.cgi?id=159808
416
417         Reviewed by Sam Weinig.
418
419         Covered by existing test sets.
420
421         Previously, body was handled as a CachedAttribute.
422         Using a private property will allow direct use of this property from JS built-ins which will allow easier
423         handling of ReadableStream cloning in Response.clone.
424         Also, this allows removing some binding custom code.
425
426         Updated redirect and error static methods to take NewObject keyword, as this removes a search into cached wrappers.
427         Ditto for createReadableStreamSource.
428
429         * CMakeLists.txt: Removing JSFetchResponseCustom.cpp.
430         * Modules/fetch/FetchResponse.idl: Adding createReadableStreamSource and isDisturbed private functions.
431         Making body getter a JSBuiltin.
432         * Modules/fetch/FetchResponse.js:
433         (body): Adding getter which will call createReadableStreamSource if needed.
434         * WebCore.xcodeproj/project.pbxproj: Removing JSFetchResponseCustom.cpp.
435         * bindings/js/JSFetchResponseCustom.cpp: Removed.
436         * bindings/js/ReadableStreamController.cpp:
437         (WebCore::createReadableStream): Deleted.
438         (WebCore::getReadableStreamReader): Deleted.
439         * bindings/js/ReadableStreamController.h: Removing unneeded ReadableStream helper routine now that they can be
440         handled within JS built-in code.
441         * bindings/js/WebCoreBuiltinNames.h: Adding @createReadableStreamSource, @isDisturbed  and @Response identifiers.
442
443 2016-07-22  Zalan Bujtas  <zalan@apple.com>
444
445         Handle cases when IOSurface initialization fails.
446         https://bugs.webkit.org/show_bug.cgi?id=160006
447         <rdar://problem/27495102>
448
449         Reviewed by Tim Horton and Simon Fraser.
450
451         This is an additional fix to r203514 to check if IOSurface initialization was successful.
452
453         Unable to test.
454
455         * platform/graphics/cg/ImageBufferCG.cpp:
456         (WebCore::ImageBuffer::ImageBuffer):
457         * platform/graphics/cocoa/IOSurface.h: Merge 2 c'tors.
458         * platform/graphics/cocoa/IOSurface.mm: Remove redundant IOSurface::create() code.  
459         (WebCore::IOSurface::create):
460         (WebCore::IOSurface::createFromImage):
461         (WebCore::IOSurface::IOSurface):
462         (WebCore::IOSurface::convertToFormat):
463
464 2016-07-22  Wenson Hsieh  <wenson_hsieh@apple.com>
465
466         Media controls should be displayed for media in media documents
467         https://bugs.webkit.org/show_bug.cgi?id=160104
468         <rdar://problem/27438936>
469
470         Reviewed by Myles C. Maxfield.
471
472         Make videos that would otherwise not have been large enough or have the right
473         aspect ratio cause media controls to appear. This is because media elements in
474         a media document are implied to be main content.
475
476         Added a new API test.
477
478         * html/MediaElementSession.cpp:
479         (WebCore::MediaElementSession::canControlControlsManager):
480
481 2016-07-22  Myles C. Maxfield  <mmaxfield@apple.com>
482
483         All dancers with bunny ears are female
484         https://bugs.webkit.org/show_bug.cgi?id=160102
485         <rdar://problem/27453479>
486
487         Reviewed by Simon Fraser.
488
489         In r203330 I added support for new emoji group candidates. I accidentally
490         missed one of the new emoji code points.
491
492         Tests: editing/deleting/delete-emoji.html:
493                fast/text/emoji-gender-2-9.html:
494                fast/text/emoji-gender-9.html:
495                fast/text/emoji-gender-fe0f-9.html:
496
497         * platform/text/CharacterProperties.h:
498         (WebCore::isEmojiGroupCandidate):
499
500 2016-07-22  Chris Dumez  <cdumez@apple.com>
501
502         Parameter to HTMLCollection.item() / namedItem() should be mandatory
503         https://bugs.webkit.org/show_bug.cgi?id=160099
504
505         Reviewed by Sam Weinig.
506
507         Parameter to HTMLCollection.item() / namedItem() should be mandatory:
508         - https://dom.spec.whatwg.org/#interface-htmlcollection
509         - https://html.spec.whatwg.org/multipage/infrastructure.html#htmlformcontrolscollection
510         - https://html.spec.whatwg.org/multipage/infrastructure.html#the-htmloptionscollection-interface
511
512         Firefox and Chrome agree with the specification.
513
514         No new tests, rebaselined existing tests.
515
516         * bindings/js/JSHTMLFormControlsCollectionCustom.cpp:
517         (WebCore::JSHTMLFormControlsCollection::namedItem):
518         * html/HTMLCollection.idl:
519         * html/HTMLFormControlsCollection.idl:
520         * html/HTMLOptionsCollection.idl:
521
522 2016-07-22  Chris Dumez  <cdumez@apple.com>
523
524         First parameter to Window.getComputedStyle() should be mandatory and non-nullable
525         https://bugs.webkit.org/show_bug.cgi?id=160097
526
527         Reviewed by Ryosuke Niwa.
528
529         First parameter to Window.getComputedStyle() should be mandatory and
530         non-nullable:
531         - https://drafts.csswg.org/cssom/#extensions-to-the-window-interface
532
533         Firefox and Chrome agree with the specification.
534
535         Test: fast/dom/Window/getComputedStyle-missing-parameter.html
536
537         * css/CSSComputedStyleDeclaration.cpp:
538         (WebCore::ComputedStyleExtractor::ComputedStyleExtractor):
539         (WebCore::CSSComputedStyleDeclaration::CSSComputedStyleDeclaration):
540         (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
541         (WebCore::CSSComputedStyleDeclaration::copyProperties):
542         (WebCore::CSSComputedStyleDeclaration::length):
543         (WebCore::CSSComputedStyleDeclaration::item):
544         (WebCore::CSSComputedStyleDeclaration::getPropertyValue):
545         * css/CSSComputedStyleDeclaration.h:
546         * dom/Document.idl:
547         * inspector/InspectorCSSAgent.cpp:
548         (WebCore::InspectorCSSAgent::getComputedStyleForNode):
549         * page/DOMWindow.cpp:
550         (WebCore::DOMWindow::getComputedStyle):
551         * page/DOMWindow.h:
552         * page/DOMWindow.idl:
553         * testing/Internals.cpp:
554         (WebCore::Internals::computedStyleIncludingVisitedInfo):
555         * testing/Internals.h:
556         * testing/Internals.idl:
557
558 2016-07-22  Brady Eidson  <beidson@apple.com>
559
560         Removing IndexedDatabases that have stored blobs doesn't remove the blob files.
561         https://bugs.webkit.org/show_bug.cgi?id=160089
562
563         Reviewed by Darin Adler.
564
565         Tested by API test IndexedDB.StoreBlobThenDelete.
566
567         Blob filenames exist in the IDB directory with the name "[0-9]+.blob".
568         
569         That is, one or more digits, followed by ".blob".
570         
571         So when we delete an IndexedDB.sqlite3 and related files, we should delete those blob files as well.
572         
573         * Modules/indexeddb/server/IDBServer.cpp:
574         (WebCore::IDBServer::removeAllDatabasesForOriginPath):
575
576 2016-07-22  Chris Dumez  <cdumez@apple.com>
577
578         Fix default parameter values for window.alert() / prompt() / confirm()
579         https://bugs.webkit.org/show_bug.cgi?id=160085
580
581         Reviewed by Ryosuke Niwa.
582
583         Fix default parameter values for window.alert() / prompt() / confirm() to
584         match the specification:
585         - https://html.spec.whatwg.org/multipage/browsers.html#the-window-object
586
587         They should default to the empty string, not the string "undefined".
588
589         Firefox and chrome agree with the specification.
590
591         No new tests, updated existing test.
592
593         * page/DOMWindow.h:
594         * page/DOMWindow.idl:
595
596 2016-07-22  Daniel Bates  <dabates@apple.com>
597
598         CSP: object-src and plugin-types directives are not respected for plugin replacements
599         https://bugs.webkit.org/show_bug.cgi?id=159761
600         <rdar://problem/27365724>
601
602         Reviewed by Brent Fulgham.
603
604         Apply the Content Security Policy (CSP) object-src and plugin-types directives to content that will
605         load with a plugin replacement.
606
607         Tests: security/contentSecurityPolicy/object-src-none-blocks-quicktime-plugin-replacement.html
608                security/contentSecurityPolicy/object-src-none-blocks-youtube-plugin-replacement.html
609                security/contentSecurityPolicy/plugins-types-allows-quicktime-plugin-replacement.html
610                security/contentSecurityPolicy/plugins-types-allows-youtube-plugin-replacement.html
611                security/contentSecurityPolicy/plugins-types-blocks-quicktime-plugin-replacement-without-mime-type.html
612                security/contentSecurityPolicy/plugins-types-blocks-quicktime-plugin-replacement.html
613                security/contentSecurityPolicy/plugins-types-blocks-youtube-plugin-replacement-without-mime-type.html
614                security/contentSecurityPolicy/plugins-types-blocks-youtube-plugin-replacement.html
615
616         * html/HTMLPlugInImageElement.cpp:
617         (WebCore::HTMLPlugInImageElement::allowedToLoadPluginContent): Added.
618         (WebCore::HTMLPlugInImageElement::requestObject): Only request loading plugin content if we
619         are allowed to load such content.
620         * html/HTMLPlugInImageElement.h:
621         * loader/SubframeLoader.cpp:
622         (WebCore::SubframeLoader::pluginIsLoadable): Removed code to check CSP as we will check CSP
623         earlier in HTMLPlugInImageElement::requestObject().
624         (WebCore::SubframeLoader::requestPlugin): Ditto.
625         (WebCore::SubframeLoader::isPluginContentAllowedByContentSecurityPolicy): Deleted; moved implementation
626         to HTMLPlugInImageElement::allowedToLoadPluginContent().
627         (WebCore::SubframeLoader::requestObject): Deleted.
628         * loader/SubframeLoader.h:
629         * page/csp/ContentSecurityPolicy.cpp:
630         (WebCore::ContentSecurityPolicy::upgradeInsecureRequestIfNeeded): Changed signature from a non-const
631         function to a const function since these functions do not modify |this|.
632         * page/csp/ContentSecurityPolicy.h: 
633
634 2016-07-22  Chris Dumez  <cdumez@apple.com>
635
636         Parameters to Node.replaceChild() / insertBefore() should be mandatory
637         https://bugs.webkit.org/show_bug.cgi?id=160091
638
639         Reviewed by Darin Adler.
640
641         Parameters to Node.replaceChild() / insertBefore() should be mandatory:
642         - https://dom.spec.whatwg.org/#node
643
644         The compatibility risk should be low since Firefox and Chrome both agree
645         with the specification and because it does not make much sense to omit
646         parameters when using this API.
647
648         No new tests, rebaselined existing tests.
649
650         * bindings/js/JSNodeCustom.cpp:
651         (WebCore::JSNode::insertBefore):
652         (WebCore::JSNode::replaceChild):
653
654 2016-07-22  Chris Dumez  <cdumez@apple.com>
655
656         Parameter to Node.contains() should be mandatory
657         https://bugs.webkit.org/show_bug.cgi?id=160084
658
659         Reviewed by Darin Adler.
660
661         Parameter to Node.contains() should be mandatory as per the
662         specification:
663         - https://dom.spec.whatwg.org/#node
664
665         The compatibility risk should be low because both Firefox and Chrome
666         both agree with the specification. Also, it does not make much sense
667         to call this API without parameter.
668
669         No new tests, rebaselined existing tests.
670
671         * dom/Node.idl:
672
673 2016-07-22  Said Abou-Hallawa  <sabouhallawa@apple.com>
674
675         [iOS] REGRESSION(203378): PDFDocumentImage::updateCachedImageIfNeeded() uses the unscaled size when deciding whether to cache the PDF image
676         https://bugs.webkit.org/show_bug.cgi?id=159933
677
678         Reviewed by Simon Fraser.
679
680         We need to use the scaled size when deciding whether to cache the PDF image
681         or not. This is because ImageBuffer takes the display resolution into account
682         which gives higher resolution for the image when zooming.
683
684         * platform/graphics/cg/PDFDocumentImage.cpp:
685         (WebCore::PDFDocumentImage::updateCachedImageIfNeeded):
686
687 2016-07-22  Chris Dumez  <cdumez@apple.com>
688
689         First parameter to getElementById() should be mandatory
690         https://bugs.webkit.org/show_bug.cgi?id=160087
691
692         Reviewed by Darin Adler.
693
694         First parameter to getElementById() should be mandatory:
695         - https://dom.spec.whatwg.org/#nonelementparentnode
696         - https://www.w3.org/TR/SVG/struct.html#InterfaceSVGSVGElement
697
698         Both Firefox and Chrome agree with the specification.
699
700         Test: svg/dom/SVGSVGElement-getElementById.html
701
702         * dom/NonElementParentNode.idl:
703         * svg/SVGSVGElement.idl:
704
705 2016-07-22  Chris Dumez  <cdumez@apple.com>
706
707         Parameter to Node.lookupPrefix() / lookupNamespaceURI() / isDefaultNamespace() should be mandatory
708         https://bugs.webkit.org/show_bug.cgi?id=160086
709
710         Reviewed by Darin Adler.
711
712         Parameter to Node.lookupPrefix() / lookupNamespaceURI() / isDefaultNamespace()
713         should be mandatory:
714         - https://dom.spec.whatwg.org/#node
715
716         Firefox and Chrome both agree with the specification.
717
718         No new tests, rebaselined existing tests.
719
720         * dom/Node.idl:
721
722 2016-07-22  Chris Dumez  <cdumez@apple.com>
723
724         Parameter to Node.compareDocumentPosition() should be mandatory and non-nullable
725         https://bugs.webkit.org/show_bug.cgi?id=160071
726
727         Reviewed by Ryosuke Niwa.
728
729         
730         Parameter to Node.compareDocumentPosition() should be mandatory and
731         non-nullable:
732         - https://dom.spec.whatwg.org/#interface-node
733
734         Firefox and Chrome agree with the specification so the compatibility
735         risk should be low. Also, it does not make much sense to call this
736         operation without parameter.
737
738         No new tests, rebaselined existing tests.
739
740         * accessibility/AccessibilityObject.cpp:
741         (WebCore::rangeClosestToRange):
742         * dom/AuthorStyleSheets.cpp:
743         (WebCore::AuthorStyleSheets::addStyleSheetCandidateNode):
744         * dom/Node.cpp:
745         (WebCore::compareDetachedElementsPosition):
746         (WebCore::Node::compareDocumentPosition):
747         * dom/Node.h:
748         * dom/Node.idl:
749         * dom/Position.h:
750         (WebCore::operator<):
751         * html/HTMLFormElement.cpp:
752         (WebCore::HTMLFormElement::formElementIndexWithFormAttribute):
753         (WebCore::HTMLFormElement::formElementIndex):
754         * rendering/RenderNamedFlowThread.cpp:
755         (WebCore::RenderNamedFlowThread::nextRendererForElement):
756         (WebCore::compareRenderNamedFlowFragments):
757         (WebCore::RenderNamedFlowThread::registerNamedFlowContentElement):
758
759 2016-07-22  Konstantin Tokarev  <annulen@yandex.ru>
760
761         [cmake] Removed obsolete plugins/win directory
762         https://bugs.webkit.org/show_bug.cgi?id=160081
763
764         Reviewed by Per Arne Vollan.
765
766         It was removed in r178219.
767
768         No new tests needed.
769
770         * PlatformWin.cmake:
771
772 2016-07-22  Youenn Fablet  <youenn@apple.com>
773
774         run-builtins-generator-tests should be able to test WebCore builtins wrapper with more than one file
775         https://bugs.webkit.org/show_bug.cgi?id=159921
776
777         Reviewed by Brian Burg.
778
779         Covered by existing and added built-ins tests.
780
781         Updating built system according ---wrappers-only new meaning.
782         builtin generator is now called for each individual built-in file plus once for WebCore wrapper files.
783         WebCore wrapper files allow handling things like conditionally guarded features.
784         They also remove the need to use built-ins macros outside generated code.
785
786         * CMakeLists.txt:
787         * DerivedSources.make:
788
789 2016-07-21  Frederic Wang  <fwang@igalia.com>
790
791         Move parsing of accentunder and accent attributes from renderer to element classes
792         https://bugs.webkit.org/show_bug.cgi?id=159625
793
794         Reviewed by Brent Fulgham.
795
796         We introduce a new MathMLUnderOverElement that is used for elements munder, mover and
797         munderover in order to create RenderMathMLUnderOver and parse and expose the values of the
798         accent and accentunder attributes. This is one more step toward moving MathML attribute
799         parsing to the DOM (bug 156536). We also do minor clean-up for this and previous renderer
800         classes that no longer do attribute parsing: the MathMLNames namespace is no longer necessary
801         and constructors can take a more accurate element type.
802
803         No new tests, already covered by existing test.
804
805         * CMakeLists.txt: Add MathMLUnderOverElement files.
806         * WebCore.xcodeproj/project.pbxproj: Ditto.
807         * mathml/MathMLAllInOne.cpp: Ditto.
808         * mathml/MathMLElement.cpp:
809         (WebCore::MathMLElement::cachedBooleanAttribute): Add parsing of boolean attributes.
810         * mathml/MathMLElement.h: New type and helper functions for boolean attributes.
811         * mathml/MathMLInlineContainerElement.cpp:
812         (WebCore::MathMLInlineContainerElement::createElementRenderer): Remove handling of
813         under/over/underover elements.
814         * mathml/MathMLScriptsElement.cpp:
815         (WebCore::MathMLScriptsElement::MathMLScriptsElement): Remove inline keyword to avoid link
816         errors now that MathMLUnderOverElement overrides that class.
817         * mathml/MathMLScriptsElement.h: Allow MathMLUnderOverElement to override this class.
818         * mathml/MathMLUnderOverElement.cpp:
819         (WebCore::MathMLUnderOverElement::MathMLUnderOverElement):
820         (WebCore::MathMLUnderOverElement::create):
821         (WebCore::MathMLUnderOverElement::accent): Helper function to access the accent value.
822         (WebCore::MathMLUnderOverElement::accentUnder): Helper function to access the accentunder value.
823         (WebCore::MathMLUnderOverElement::parseAttribute): Make accent and accentunder dirty.
824         (WebCore::MathMLUnderOverElement::createElementRenderer): Create RenderMathMLUnderOver
825         * mathml/MathMLUnderOverElement.h:
826         * mathml/mathtags.in: Map under/over/underover to MathMLUnderOverElement.
827         * rendering/mathml/RenderMathMLFraction.cpp: Remove MathMLNames and make the constructor
828         take a MathMLFractionElement.
829         (WebCore::RenderMathMLFraction::RenderMathMLFraction):
830         * rendering/mathml/RenderMathMLFraction.h:
831         * rendering/mathml/RenderMathMLPadded.cpp: Remove MathMLNames and make the constructor
832         take a MathMLPaddedElement.
833         (WebCore::RenderMathMLPadded::RenderMathMLPadded):
834         * rendering/mathml/RenderMathMLPadded.h:
835         * rendering/mathml/RenderMathMLScripts.cpp: Remove MathMLNames and make the constructor
836         take a MathMLScriptsElement. Also rename scriptsElement() to element().
837         (WebCore::RenderMathMLScripts::RenderMathMLScripts):
838         (WebCore::RenderMathMLScripts::element):
839         (WebCore::RenderMathMLScripts::getScriptMetricsAndLayoutIfNeeded):
840         (WebCore::RenderMathMLScripts::scriptsElement): Deleted.
841         * rendering/mathml/RenderMathMLScripts.h:
842         * rendering/mathml/RenderMathMLUnderOver.cpp: Remove MathMLNames and make the constructor
843         take a RenderMathMLUnderOver.
844         (WebCore::RenderMathMLUnderOver::RenderMathMLUnderOver):
845         (WebCore::RenderMathMLUnderOver::element):
846         (WebCore::RenderMathMLUnderOver::hasAccent): Use the helper functions for accent and accentunder.
847         * rendering/mathml/RenderMathMLUnderOver.h:
848
849 2016-07-21  Chris Dumez  <cdumez@apple.com>
850
851         Parameter to Node.isSameNode() / isEqualNode() should be mandatory
852         https://bugs.webkit.org/show_bug.cgi?id=160070
853
854         Reviewed by Ryosuke Niwa.
855
856         Parameter to Node.isSameNode() / isEqualNode() should be mandatory as
857         per the specification:
858         - https://dom.spec.whatwg.org/#interface-node
859
860         Chrome and Firefox agree with the specification (although Firefox does
861         not support isSameNode()).
862
863         No new tests, rebaselined existing tests.
864
865         * dom/Node.idl:
866
867 2016-07-21  Chris Dumez  <cdumez@apple.com>
868
869         Parameter to Document.createEvent() should be mandatory
870         https://bugs.webkit.org/show_bug.cgi?id=160065
871
872         Reviewed by Darin Adler.
873
874         Parameter to Document.createEvent() should be mandatory as per the
875         specification:
876         - https://dom.spec.whatwg.org/#document
877
878         We already throw anyway when the parameter is omitted because we use
879         "undefined" as event type, which is invalid. However, we throw the
880         wrong exception.
881
882         Firefox and Chrome agree with the specification here.
883
884         No new tests, rebaselined existing tests.
885
886         * dom/Document.idl:
887
888 2016-07-21  Brian Burg  <bburg@apple.com>
889
890         REGRESSION(r62549): Objective-C DOM bindings sometimes fail to regenerate when CodeGenerator.pm is modified
891         https://bugs.webkit.org/show_bug.cgi?id=160031
892
893         Reviewed by Darin Adler.
894
895         This bug was caused by a refactoring 6 years ago. Not all uses of a variable
896         were renamed, so the ObjC bindings target pattern was not specifying any
897         build scripts as target dependencies.
898
899         * DerivedSources.make: Standardize on {COMMON,JS,DOM}_BINDINGS_SCRIPTS.
900
901 2016-07-21  Darin Adler  <darin@apple.com>
902
903         Remove unneeded content attribute name "playsinline"
904         https://bugs.webkit.org/show_bug.cgi?id=160069
905
906         Reviewed by Chris Dumez.
907
908         * html/HTMLVideoElement.idl: Removed explicit content attribute name on Reflect
909         attribute since it is the same as the name that the code generator will generate.
910
911 2016-07-21  Chris Dumez  <cdumez@apple.com>
912
913         Make parameters to Element.getElementsBy*() operations mandatory
914         https://bugs.webkit.org/show_bug.cgi?id=160060
915
916         Reviewed by Darin Adler.
917
918         Make parameters to Element.getElementsBy*() operations mandatory to
919         match the specification:
920         - https://dom.spec.whatwg.org/#interface-element
921
922         Firefox and Chrome agree with the specification so the compatibility
923         risk should be low.
924
925         It makes very little sense to call these operations without parameter,
926         especially considering WebKit uses the string "undefined" if the
927         parameter is omitted.
928
929         No new tests, rebaselined existing tests.
930
931         * dom/Element.idl:
932
933 2016-07-21  Chris Dumez  <cdumez@apple.com>
934
935         Make parameters mandatory for attribute-related API on Element
936         https://bugs.webkit.org/show_bug.cgi?id=160059
937
938         Reviewed by Ryosuke Niwa.
939
940         Make parameters mandatory for attribute-related API on Element to match
941         the specification:
942         - https://dom.spec.whatwg.org/#element
943
944         Firefox and Chrome agree with the specification. Calling this API
945         without the parameters does not make much sense, especially considering
946         WebKit uses the string "undefined" when the parameter is omitted.
947
948         No new tests, rebaselined existing tests.
949
950         * dom/Element.idl:
951
952 2016-07-21  Myles C. Maxfield  <mmaxfield@apple.com>
953
954         Remove support for deprecated SPI inlineMediaPlaybackRequiresPlaysInlineAttribute
955         https://bugs.webkit.org/show_bug.cgi?id=160066
956
957         Reviewed by Dean Jackson.
958
959         r203520 deprecated inlineMediaPlaybackRequiresPlaysInlineAttribute in favor of
960         allowsInlineMediaPlaybackWithPlaysInlineAttribute and
961         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute. The old
962         inlineMediaPlaybackRequiresPlaysInlineAttribute is SPI and was never released
963         to the public. Therefore, it can be removed safely.
964
965         No new tests because there is no behavior change.
966
967         * page/Settings.cpp:
968         * page/Settings.in:
969         * testing/InternalSettings.cpp:
970         (WebCore::InternalSettings::Backup::Backup): Deleted.
971         (WebCore::InternalSettings::Backup::restoreTo): Deleted.
972         (WebCore::InternalSettings::setInlineMediaPlaybackRequiresPlaysInlineAttribute): Deleted.
973         * testing/InternalSettings.h:
974         * testing/InternalSettings.idl:
975
976 2016-07-21  Dean Jackson  <dino@apple.com>
977
978         REGRESSION (r202927): The internal size of the ImageBuffer is scaled twice by the context scaleFactor
979         https://bugs.webkit.org/show_bug.cgi?id=159981
980         <rdar://problem/27429465>
981
982         Reviewed by Myles Maxfield.
983
984         The change to propagate color spaces through ImageBuffers created an
985         alternate version of createCompatibleBuffer. This version accidentally
986         attempted to take the display resolution (i.e. hidpi) into account
987         when creating the buffer, which meant it was being applied twice.
988
989         The fix is simply to remove that logic. The caller of the method
990         will take the resolution into account, the same way they did
991         with the old createCompatibleBuffer method.
992
993         Test: fast/hidpi/pdf-image-scaled.html
994
995         * platform/graphics/cg/ImageBufferCG.cpp:
996         (WebCore::ImageBuffer::createCompatibleBuffer): Don't calculate
997         a resolution - just use the value of 1.0.
998
999 2016-07-21  John Wilander  <wilander@apple.com>
1000
1001         Block mixed content synchronous XHR
1002         https://bugs.webkit.org/show_bug.cgi?id=105462
1003         <rdar://problem/13666424>
1004
1005         Reviewed by Brent Fulgham.
1006
1007         Test: http/tests/security/mixedContent/insecure-xhr-sync-in-main-frame.html
1008
1009         * loader/DocumentThreadableLoader.cpp:
1010         (WebCore::DocumentThreadableLoader::loadRequest):
1011
1012 2016-07-21  Chris Dumez  <cdumez@apple.com>
1013
1014         Make parameters to Document.getElementsBy*() operations mandatory
1015         https://bugs.webkit.org/show_bug.cgi?id=160050
1016
1017         Reviewed by Daniel Bates.
1018
1019         Make parameters to Document.getElementsBy*() operations mandatory to
1020         match the specification:
1021         - https://dom.spec.whatwg.org/#interface-document
1022
1023         Firefox and Chrome agree with the specification so the compatibility
1024         risk should be low.
1025
1026         It makes very little sense to call these operations without parameter,
1027         especially considering WebKit uses the string "undefined" if the
1028         parameter is omitted.
1029
1030         No new tests, rebaselined existing tests.
1031
1032         * dom/Document.idl:
1033
1034 2016-07-21  Nan Wang  <n_wang@apple.com>
1035
1036         AX: aria-label not being used correctly in accessible name calculation of heading
1037         https://bugs.webkit.org/show_bug.cgi?id=160009
1038
1039         Reviewed by Chris Fleizach.
1040
1041         Actually we are exposing the correct information for heading objects. On macOS, 
1042         VoiceOver should handle the logic that picks the right information to speak.
1043         On iOS, VoiceOver is speaking the static text child instead of the heading object.
1044         So we should set the accessibilityLabel of the static text based on the parent's 
1045         alternate label.
1046
1047         Test: accessibility/ios-simulator/heading-with-aria-label.html
1048
1049         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
1050         (-[WebAccessibilityObjectWrapper _accessibilityTraitsFromAncestors]):
1051
1052 2016-07-21  Saam Barati  <sbarati@apple.com>
1053
1054         op_add/ValueAdd should be an IC in all JIT tiers
1055         https://bugs.webkit.org/show_bug.cgi?id=159649
1056
1057         Reviewed by Benjamin Poulain.
1058
1059         * ForwardingHeaders/jit/JITMathICForwards.h: Added.
1060
1061 2016-07-21  Chris Dumez  <cdumez@apple.com>
1062
1063         Make parameters mandatory for Document.create*() operations
1064         https://bugs.webkit.org/show_bug.cgi?id=160047
1065
1066         Reviewed by Ryosuke Niwa.
1067
1068         Make parameters mandatory for Document.create*() operations:
1069         createTextNode(), createComment(), createCDataSection(),
1070         createAttribute() and createProcessingInstruction().
1071
1072         This matches the specification:
1073         - https://dom.spec.whatwg.org/#interface-document
1074
1075         Firefox and Chrome both agree with the specification so the
1076         compatibility risk should be low. Also WebKit uses the string
1077         "undefined" when the parameter is omitted, which is not very
1078         helpful.
1079
1080         No new tests, rebaselined existing tests.
1081
1082         * dom/Document.idl:
1083
1084 2016-07-21  Chris Dumez  <cdumez@apple.com>
1085
1086         Fix null handling of SVGAngle/SVGLength.valueAsString attribute
1087         https://bugs.webkit.org/show_bug.cgi?id=160025
1088
1089         Reviewed by Ryosuke Niwa.
1090
1091         Fix null handling of SVGAngle/SVGLength.valueAsString attribute
1092         to match the specification:
1093         - https://www.w3.org/TR/SVG2/types.html#InterfaceSVGAngle
1094         - https://www.w3.org/TR/SVG2/types.html#InterfaceSVGLength
1095
1096         In particular, this patch drops [TreatNullAs=EmptyString] IDL
1097         extended attribute from this attribute. This is not supposed
1098         to change behavior given that both "" and "null" are invalid
1099         numbers and the specification says to throw a SYNTAX_ERR in
1100         this case.
1101
1102         However, WebKit currently ignores assignments to "" instead
1103         of throwing. As a result, assigning to null will now throw
1104         instead of being ignored. The compatibility risk should be
1105         low because both Firefox and Chrome throw when assigning
1106         null.
1107
1108         I did not change the behavior when assigning to "" because
1109         it is a bit out of scope for this patch and browsers to not
1110         seem to agree:
1111         - Firefox throws
1112         - Chrome set value to "0"
1113         - WebKit ignores the assignment
1114
1115         The specification seems to agree with Firefox as far as I
1116         can tell given that "" is not a valid number as per:
1117         - https://www.w3.org/TR/css3-values/#numbers
1118
1119         Test: svg/dom/valueAsString-null.html
1120
1121         * svg/SVGAngle.idl:
1122         * svg/SVGLength.idl:
1123
1124 2016-07-21  Chris Dumez  <cdumez@apple.com>
1125
1126         Fix null handling of HTMLFontElement.color
1127         https://bugs.webkit.org/show_bug.cgi?id=160036
1128
1129         Reviewed by Ryosuke Niwa.
1130
1131         Fix null handling of HTMLFontElement.color to match the specification:
1132         - https://html.spec.whatwg.org/#htmlfontelement
1133
1134         We are supposed to treat null as the empty string. Both Firefox and
1135         Chrome agree with the specification.
1136
1137         No new tests, rebaselined existing tests.
1138
1139         * html/HTMLFontElement.idl:
1140
1141 2016-07-21  Chris Dumez  <cdumez@apple.com>
1142
1143         Fix null handling for several HTMLTableElement attributes
1144         https://bugs.webkit.org/show_bug.cgi?id=160041
1145
1146         Reviewed by Ryosuke Niwa.
1147
1148         Fix null handling for several HTMLTableElement attributes to match the
1149         specification:
1150         - https://html.spec.whatwg.org/#HTMLTableElement-partial
1151
1152         The attributes in question are 'bicolor', 'cellSpacing' and
1153         'cellPadding'. We are supposed to treat null as the empty string for
1154         these attributes.
1155
1156         Firefox and Chrome both agree with the specification.
1157
1158         No new tests, rebaselined existing tests.
1159
1160         * html/HTMLTableElement.idl:
1161
1162 2016-07-21  Chris Dumez  <cdumez@apple.com>
1163
1164         Fix null handling for HTMLObjectElement.border
1165         https://bugs.webkit.org/show_bug.cgi?id=160040
1166
1167         Reviewed by Ryosuke Niwa.
1168
1169         Fix null handling for HTMLObjectElement.border to match the specification:
1170         - https://html.spec.whatwg.org/#HTMLObjectElement-partial
1171
1172         We are supposed to treat null as the empty string.
1173
1174         Both Firefox and Chrome agree with the specification.
1175
1176         No new tests, rebaselined existing tests.
1177
1178         * html/HTMLObjectElement.idl:
1179
1180 2016-07-21  Chris Dumez  <cdumez@apple.com>
1181
1182         Fix null handling for td.bgColor / tr.bgColor
1183         https://bugs.webkit.org/show_bug.cgi?id=160043
1184
1185         Reviewed by Ryosuke Niwa.
1186
1187         Fix null handling for td.bgColor / tr.bgColor to match the
1188         specification:
1189         - https://html.spec.whatwg.org/#HTMLTableCellElement-partial
1190         - https://html.spec.whatwg.org/#HTMLTableRowElement-partial
1191
1192         We are supposed to treat null as the empty string.
1193
1194         Firefox and Chrome both agree with the specification.
1195
1196         No new tests, rebaselined existing tests.
1197
1198         * html/HTMLTableCellElement.idl:
1199         * html/HTMLTableRowElement.idl:
1200
1201 2016-07-21  Chris Dumez  <cdumez@apple.com>
1202
1203         Fix null handling for several HTMLBodyElement attributes
1204         https://bugs.webkit.org/show_bug.cgi?id=160044
1205
1206         Reviewed by Ryosuke Niwa.
1207
1208         Fix null handling for several HTMLBodyElement attributes to match the
1209         specification:
1210         - https://html.spec.whatwg.org/#HTMLBodyElement-partial
1211
1212         The attributes in question are: 'text', 'link', 'vlink', 'alink' and
1213         'bgcolor'.
1214
1215         We are supposed to treat null as the empty string for these attributes.
1216
1217         Firefox and Chrome both agree with the specification.
1218
1219         No new tests, rebaselined existing tests.
1220
1221         * html/HTMLBodyElement.idl:
1222
1223 2016-07-21  Chris Dumez  <cdumez@apple.com>
1224
1225         Fix null handling for HTMLIFrameElement.marginWidth / marginHeight
1226         https://bugs.webkit.org/show_bug.cgi?id=160037
1227
1228         Reviewed by Ryosuke Niwa.
1229
1230         Fix null handling for HTMLIFrameElement.marginWidth / marginHeight to
1231         match the specification:
1232         - https://html.spec.whatwg.org/#HTMLIFrameElement-partial
1233
1234         We are supposed to treat null as the empty string. Both Firefox and
1235         Chrome agree with the specification.
1236
1237         No new tests, rebaselined existing tests.
1238
1239         * html/HTMLIFrameElement.idl:
1240
1241 2016-07-21  Chris Dumez  <cdumez@apple.com>
1242
1243         Fix null handling for HTMLImageElement.border
1244         https://bugs.webkit.org/show_bug.cgi?id=160039
1245
1246         Reviewed by Ryosuke Niwa.
1247
1248         Fix null handling for HTMLImageElement.border to match the specification:
1249         - https://html.spec.whatwg.org/#HTMLImageElement-partial
1250
1251         We are supposed to treat null as the empty string.
1252
1253         Both Firefox and Chrome agree with the specification.
1254
1255         No new tests, rebaselined existing tests.
1256
1257         * html/HTMLImageElement.idl:
1258
1259 2016-07-21  Daniel Bates  <dabates@apple.com>
1260
1261         REGRESSION: Plugin replaced YouTube Flash videos always have the same width
1262         https://bugs.webkit.org/show_bug.cgi?id=159998
1263         <rdar://problem/27462285>
1264
1265         Reviewed by Simon Fraser.
1266
1267         Fixes an issue where the width of a plugin replaced YouTube video loaded via an HTML embed
1268         element would always have the same width regardless of value of the width attribute.
1269
1270         For YouTube Flash videos the YouTube plugin replacement substitutes a shadow DOM subtree
1271         for the default renderer of an HTML embed element. The root of this shadow DOM subtree
1272         is an HTML div element. Currently we set inline styles on this <div> when it is instantiated.
1273         In particular, we set inline display and position to "inline-block" and "relative", respectively,
1274         and set an invalid height and width (we specify a font weight value instead of a CSS length value
1275         - this causes an ASSERT_NOT_REACHED() assertion failure in StyleBuilderConverter::convertLengthSizing()
1276         in a debug build). These styles never worked as intended and we ultimately created an inline
1277         renderer (ignoring display "inline-block") that had auto width and height. Instead it is sufficient
1278         to remove all these inline styles and create a RenderBlockFlow renderer for this <div> so that it
1279         renders as a block, non-replaced element to achieve the intended illusion that the <embed> is a
1280         single element.
1281
1282         * html/shadow/YouTubeEmbedShadowElement.cpp: Remove unused header HTMLEmbedElement.h and include
1283         header RenderBlockFlow.h. Also update copyright in license block.
1284         (WebCore::YouTubeEmbedShadowElement::YouTubeEmbedShadowElement): Remove inline styles as these
1285         never worked as intended.
1286         (WebCore::YouTubeEmbedShadowElement::createElementRenderer): Override; create a block-flow
1287         renderer for us so that we layout as a block, non-replaced element.
1288         * html/shadow/YouTubeEmbedShadowElement.h:
1289
1290 2016-07-21  Myles C. Maxfield  <mmaxfield@apple.com>
1291
1292         [iPhone] Playing a video on tudou.com plays only sound, no video
1293         https://bugs.webkit.org/show_bug.cgi?id=159967
1294         <rdar://problem/26964090>
1295
1296         Reviewed by Jon Lee, Jeremy Jones, and Anders Carlsson.
1297
1298         WebKit recently starting honoring the playsinline and webkit-playsinline
1299         attribute on iPhones. However, because these attributes previously did
1300         nothing, some sites (such as Todou) were setting them on their content
1301         and expecting that they are not honored. In this specific case, the
1302         video is absolutely positioned to be 1 pixel x 1 pixel.
1303
1304         Previously, with iOS 9, apps could set the allowsInlineMediaPlayback
1305         property on their WKWebView, which would honor the webkit-playsinline
1306         attribute. Safari on iPhones didn't do this.
1307
1308         In order to not break these existing apps, it's important that the
1309         allowsInlineMediaPlayback preference still allows webkit-playsinline
1310         videos to play inline in apps using WKWebView. However, in Safari, these
1311         videos should play fullscreen. (Todou videos have webkit-playsinline
1312         but not playsinline.)
1313
1314         Therefore, in Safari, videos with playsinline should be inline, but
1315         videos with webkit-playsinline should be fullscreen. In apps using
1316         WKWebViews, if the app sets allowsInlineMediaPlayback, then videos with
1317         playsinline should be inline, and videos with webkit-playsinline should
1318         also be inline. Videos on iPad and Mac should all be inline by default.
1319
1320         We can create some truth tables for the cases which need to be covered:
1321
1322         All apps on Mac / iPad:
1323         Presence of playsinline | Presence of webkit-playsinline | Result
1324         ========================|================================|===========
1325         Not present             | Not present                    | Inline
1326         Present                 | Not present                    | Inline
1327         Not Present             | Present                        | Inline
1328         Present                 | Present                        | Inline
1329
1330         Safari on iPhone:
1331         Presence of playsinline | Presence of webkit-playsinline | Result
1332         ========================|================================|===========
1333         Not present             | Not present                    | Fullscreen
1334         Present                 | Not present                    | Inline
1335         Not Present             | Present                        | Fullscreen
1336         Present                 | Present                        | Inline
1337
1338         App on iPhone which sets allowsInlineMediaPlayback:
1339         Presence of playsinline | Presence of webkit-playsinline | Result
1340         ========================|================================|===========
1341         Not present             | Not present                    | Fullscreen
1342         Present                 | Not present                    | Inline
1343         Not Present             | Present                        | Inline
1344         Present                 | Present                        | Inline
1345
1346         The way to distinguish Safari from another app is to create an SPI
1347         boolean preference which Safari can set. This is already how the
1348         iPhone and iPad are differentiated using the requiresPlayInlineAttribute
1349         which Safari sets but other apps don't. However, this preference is
1350         no longer sufficient because Safari should now be discriminating
1351         between the playsinline and webkit-playsinline attributes. Therefore,
1352         this preference should be extended to two boolean preferences, which
1353         this patch adds:
1354
1355         allowsInlineMediaPlaybackWithPlaysInlineAttribute
1356         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute
1357
1358         Safari on iPhone will set
1359         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to true,
1360         and allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to
1361         false. Other apps on iPhone will get their defaults values (because they
1362         are SPI) which means they will both be true. On iPad and Mac, apps will
1363         use the defaults values where both are false.
1364
1365         This patch adds support for these two preferences, but does not remove
1366         the existing inlineMediaPlaybackRequiresPlaysInlineAttribute preference.
1367         I will remove the exising preference as soon as I update Safari to migrate
1368         off of it.
1369
1370         Test: media/video-playsinline.html
1371
1372         * html/MediaElementSession.cpp:
1373         (WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):
1374         * page/Settings.cpp:
1375         * page/Settings.in:
1376         * testing/InternalSettings.cpp:
1377         (WebCore::InternalSettings::Backup::Backup):
1378         (WebCore::InternalSettings::Backup::restoreTo):
1379         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithPlaysInlineAttribute):
1380         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute):
1381         * testing/InternalSettings.h:
1382         * testing/InternalSettings.idl:
1383
1384 2016-07-21  Ryosuke Niwa  <rniwa@webkit.org>
1385
1386         Crash accessing null renderer inside WebCore::DeleteSelectionCommand::doApply
1387         https://bugs.webkit.org/show_bug.cgi?id=160011
1388
1389         Reviewed by Chris Dumez.
1390
1391         Add a null pointer check for renderer() call.
1392
1393         Unfortunately no new tests since we don't have a reproduction.
1394
1395         * editing/DeleteSelectionCommand.cpp:
1396         (WebCore::DeleteSelectionCommand::doApply):
1397
1398 2016-07-21  Chris Dumez  <cdumez@apple.com>
1399
1400         The 2 first parameters to DOMImplementation.createDocument() should be mandatory
1401         https://bugs.webkit.org/show_bug.cgi?id=160030
1402
1403         Reviewed by Sam Weinig.
1404
1405         The 2 first parameters to DOMImplementation.createDocument() should be mandatory
1406         as per the specification:
1407         - https://dom.spec.whatwg.org/#domimplementation
1408
1409         Firefox and Chrome both agree with the specification. However, those
1410         parameters were marked as optional in WebKit. Calling this function
1411         without parameters would create a document element whose tag is the
1412         string "undefined", which does not seem helpful. This patch thus
1413         aligns our behavior with the specification and other browsers.
1414
1415         No new tests, rebaselined existing tests.
1416
1417         * dom/DOMImplementation.idl:
1418
1419 2016-07-21  Chris Dumez  <cdumez@apple.com>
1420
1421         Kill legacy valueToStringWithNullCheck() utility function
1422         https://bugs.webkit.org/show_bug.cgi?id=159991
1423
1424         Reviewed by Sam Weinig.
1425
1426         Kill legacy valueToStringWithNullCheck() utility function. Treating null as
1427         a null string is legacy behavior so drop this function so that people are
1428         not tempted to use it. We should be using either:
1429         1. JSValue::toWTFString() for non-nullable DOMStrings
1430         2. valueToStringWithUndefinedOrNullCheck() for nullable DOMStrings
1431         3. valueToStringTreatingNullAsEmptyString() for strings with [TreatNullAs=EmptyString]
1432
1433         No new tests, no web-exposed behavior change.
1434
1435         * bindings/js/JSDOMBinding.cpp:
1436         (WebCore::valueToStringWithNullCheck): Deleted.
1437         * bindings/js/JSDOMBinding.h:
1438         * bindings/js/JSHTMLFrameElementCustom.cpp:
1439         (WebCore::JSHTMLFrameElement::setLocation):
1440         * html/HTMLFrameElement.idl:
1441
1442 2016-07-21  Zalan Bujtas  <zalan@apple.com>
1443
1444         Do not keep invalid IOSurface in ImageBufferData.
1445         https://bugs.webkit.org/show_bug.cgi?id=160005
1446         <rdar://problem/27208636>
1447
1448         Reviewed by Simon Fraser.
1449
1450         When we fail to initialize the IOSurface for the accelerated context, we switch over to
1451         the non-accelerated code path. Since ImageBufferData::surface is used to indicate whether
1452         the graphics context is in accelerated mode, we need to reset it when the initialization fails.
1453
1454         Unable to create a test case.
1455
1456         * platform/graphics/cg/ImageBufferCG.cpp:
1457         (WebCore::ImageBuffer::ImageBuffer):
1458
1459 2016-07-21  Chris Dumez  <cdumez@apple.com>
1460
1461         playsInline IDL attribute has the wrong casing
1462         https://bugs.webkit.org/show_bug.cgi?id=160029
1463         <rdar://problem/27474031>
1464
1465         Reviewed by Jon Lee.
1466
1467         Fix case from video.playsinline to video.playsInline in order to match
1468         the specification:
1469         - https://html.spec.whatwg.org/multipage/embedded-content.html#the-video-element:dom-video-playsinline
1470
1471         It still reflects the "playsinline" content attribute though, as per
1472         the specification:
1473         - https://html.spec.whatwg.org/multipage/embedded-content.html#dom-video-playsinline
1474
1475         No new tests, updated existing test.
1476
1477         * html/HTMLVideoElement.idl:
1478
1479 2016-07-21  Chris Dumez  <cdumez@apple.com>
1480
1481         Drop [TreatNullAs=EmptyString] from CanvasRenderingContext2D.globalCompositeOperation
1482         https://bugs.webkit.org/show_bug.cgi?id=160026
1483
1484         Reviewed by Sam Weinig.
1485
1486         Drop [TreatNullAs=EmptyString] from CanvasRenderingContext2D.globalCompositeOperation
1487         attribute as it does not match the specification:
1488         - https://html.spec.whatwg.org/multipage/scripting.html#canvascompositing
1489
1490         It does not change web-exposed behavior because assigning to "" or "null"
1491         gets ignored as those are not valid operations.
1492
1493         Test: fast/canvas/context-globalCompositeOperation-null.html
1494
1495         * html/canvas/CanvasRenderingContext2D.idl:
1496
1497 2016-07-21  Carlos Garcia Campos  <cgarcia@igalia.com>
1498
1499         [GTK][Threaded Compositor] Overlay scrollbars shouldn't be a requirement of the threaded compositor
1500         https://bugs.webkit.org/show_bug.cgi?id=160020
1501
1502         Reviewed by Michael Catanzaro.
1503
1504         It has been a requirement only because we didn't really know why frame scrollbars were not rendered when using
1505         the threaded compositor. The reason is that RenderView doesn't use layers for FrameView scrollbars by default,
1506         unless using overlay scrollbars. When using the threaded compositor we really need layers for the FrameView
1507         scrollbars even when not using overlay scrollbars.
1508
1509         * platform/gtk/ScrollbarThemeGtk.cpp:
1510         (WebCore::ScrollbarThemeGtk::ScrollbarThemeGtk): Stop enforcing overlay scrollbars when threaded compositor is enabled.
1511         * rendering/RenderLayerCompositor.cpp:
1512         (WebCore::RenderLayerCompositor::shouldCompositeOverflowControls): Always use layers for scrollbars when
1513         threaded compositor is enabled.
1514
1515 2016-07-21  Carlos Garcia Campos  <cgarcia@igalia.com>
1516
1517         [Cairo] Fix a crash in fast/canvas/canvas-getImageData-invalid-result-buffer-crash.html
1518         https://bugs.webkit.org/show_bug.cgi?id=160014
1519
1520         Reviewed by Michael Catanzaro.
1521
1522         In r202887 some null checks were added for JSArray::createUninitialized (and related) but not for the
1523         ImageBuffer cairo implementation.
1524
1525         * platform/graphics/cairo/ImageBufferCairo.cpp:
1526         (WebCore::getImageData): Return early if Uint8ClampedArray::createUninitialized() returns nullptr.
1527
1528 2016-07-21  Miguel Gomez  <magomez@igalia.com>
1529
1530         [GTK] The GSTREAMER_GL path in MediaPlayerPrivateGStreamerBase::paintToTextureMapper() is missing a mutex lock
1531         https://bugs.webkit.org/show_bug.cgi?id=160018
1532
1533         Reviewed by Philippe Normand.
1534
1535         Lock the video sample mutex while accessing it.
1536
1537         Covered by existent tests.
1538
1539         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
1540         (WebCore::MediaPlayerPrivateGStreamerBase::paintToTextureMapper):
1541
1542 2016-07-21  Miguel Gomez  <magomez@igalia.com>
1543
1544         [Threaded Compositor] Flickering when zooming in/out in maps.google.com
1545         https://bugs.webkit.org/show_bug.cgi?id=154069
1546
1547         Reviewed by Carlos Garcia Campos.
1548
1549         Add a new extra buffer to GraphicsContext3D when using the Threaded Compositor,
1550         so it doesn't have to reuse the buffers that are still waiting for composition.
1551
1552         Covered by existing tests.
1553
1554         * platform/graphics/GraphicsContext3D.h:
1555         Add a new texture to use for the rendering. Remove the compositor fbo we were using.
1556         * platform/graphics/cairo/GraphicsContext3DCairo.cpp:
1557         (WebCore::GraphicsContext3D::GraphicsContext3D):
1558         Initialize the new texture and remove the previous fbo related code.
1559         (WebCore::GraphicsContext3D::~GraphicsContext3D):
1560         Properly destroy the new texture and remove the previous fbo related code.
1561         * platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:
1562         (WebCore::GraphicsContext3D::reshapeFBOs):
1563         Allocate the new texture and remove the previous fbo allocation.
1564         * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
1565         (WebCore::GraphicsContext3D::prepareTexture):
1566         Use a single fbo with three textures instead of two fbos with a texture each.
1567         Rotate the three textures usage so:
1568         - m_texture becomes m_compositorTexture to be pushed to the compositor.
1569         - m_intermediateTexture becomes m_texture to receive the next rendering.
1570         - m_compositorTexture becomes m_intermediateTexture.
1571         And add a glFlush() to ensure that the gl commands are sent to the pipeline.
1572         * platform/graphics/opengl/GraphicsContext3DOpenGLES.cpp:
1573         (WebCore::GraphicsContext3D::reshapeFBOs):
1574         Allocate the new texture.
1575
1576 2016-07-21  Carlos Garcia Campos  <cgarcia@igalia.com>
1577
1578         [GTK][Threaded Compositor] Web view background colors don't work
1579         https://bugs.webkit.org/show_bug.cgi?id=159465
1580
1581         Reviewed by Michael Catanzaro.
1582
1583         * rendering/RenderLayerBacking.cpp:
1584         (WebCore::RenderLayerBacking::createPrimaryGraphicsLayer): Initialize frame view layer opacity for platforms not
1585         using the tiled cache layer.
1586
1587 2016-07-20  Youenn Fablet  <youenn@apple.com>
1588
1589         [XHR] Cache response JS object in case of arraybuffer and blob response types
1590         https://bugs.webkit.org/show_bug.cgi?id=128903
1591
1592         Reviewed by Alex Christensen.
1593
1594         Covered by existing and modified tests.
1595
1596         Making response getter a JS builtin that caches response in @response private slot.
1597         Handling invalidation of cached response with @responseCacheIsValid new private method.
1598         Handling creation of cached response with @retrieveResponse new private method which reuses most of
1599         JSXMLHttpRequest::response previous code.
1600
1601         Caching of responses is activated whenever load ended without any error for blob and arraybuffer response types.
1602
1603         Caching of response for document is also activated in case the response getter is used but not if responseXML getter is used.
1604
1605         * CMakeLists.txt: Adding XMLHttpRequest.js.
1606         * DerivedSources.make: Ditto.
1607         * bindings/js/JSXMLHttpRequestCustom.cpp:
1608         (WebCore::JSXMLHttpRequest::retrieveResponse): Implements creation of to-be-cached response.
1609         (WebCore::JSXMLHttpRequest::response): Deleted.
1610         * bindings/js/WebCoreBuiltinNames.h: Adding new private names.
1611         * xml/XMLHttpRequest.cpp:
1612         (WebCore::XMLHttpRequest::didCacheResponse): Renamed from didCacheResponseJSON as all response types are now cached.
1613         (WebCore::XMLHttpRequest::didCacheResponseJSON): Deleted.
1614         * xml/XMLHttpRequest.h:
1615         * xml/XMLHttpRequest.idl:
1616
1617 2016-07-20  Youenn Fablet  <youenn@apple.com>
1618
1619         Remove crossOriginRequestPolicy from ThreadableLoaderOptions
1620         https://bugs.webkit.org/show_bug.cgi?id=159417
1621
1622         Reviewed by Alex Christensen.
1623
1624         No observable change.
1625
1626         * Modules/fetch/FetchLoader.cpp:
1627         (WebCore::FetchLoader::start): DenyCrossOriginRequests -> FetchOptions::Mode::SameOrigin.
1628         * fileapi/FileReaderLoader.cpp:
1629         (WebCore::FileReaderLoader::start): DenyCrossOriginRequests -> FetchOptions::Mode::SameOrigin.
1630         * inspector/InspectorNetworkAgent.cpp:
1631         (WebCore::InspectorNetworkAgent::loadResource): AllowCrossOriginRequests -> FetchOptions::Mode::NoCors.
1632         * loader/DocumentThreadableLoader.cpp:
1633         (WebCore::DocumentThreadableLoader::DocumentThreadableLoader): Ditto.
1634         (WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequest): UseAccessControl -> FetchOptions::Mode::Cors.
1635         (WebCore::DocumentThreadableLoader::redirectReceived): Ditto.
1636         (WebCore::DocumentThreadableLoader::didReceiveResponse): Ditto.
1637         (WebCore::DocumentThreadableLoader::loadRequest): Use NoCors as option passed to ResourceLoader. This allows
1638         desactivating ResourceLoader CORS checks as they are done in DocumentThreadableLoader right now. In the future,
1639         these checks should be moved to ResourceLoader and DocumentThreadableLoader should directly pass the fetch mode
1640         option.
1641         (WebCore::DocumentThreadableLoader::isAllowedRedirect): AllowCrossOriginRequests -> FetchOptions::Mode::NoCors.
1642         * loader/ThreadableLoader.cpp:
1643         (WebCore::ThreadableLoaderOptions::ThreadableLoaderOptions): Removing CrossOriginRequestPolicy.
1644         * loader/ThreadableLoader.h: Ditto.
1645         * loader/WorkerThreadableLoader.cpp:
1646         (WebCore::LoaderTaskOptions::LoaderTaskOptions): Ditto.
1647         * page/EventSource.cpp:
1648         (WebCore::EventSource::connect): UseAccessControl -> FetchOptions::Mode::Cors.
1649         * workers/Worker.cpp:
1650         (WebCore::Worker::create): DenyCrossOriginRequests -> FetchOptions::Mode::SameOrigin.
1651         * workers/WorkerGlobalScope.cpp:
1652         (WebCore::WorkerGlobalScope::importScripts): AllowCrossOriginRequests -> FetchOptions::Mode::NoCors.
1653         * workers/WorkerScriptLoader.cpp:
1654         (WebCore::WorkerScriptLoader::loadSynchronously):
1655         (WebCore::WorkerScriptLoader::loadAsynchronously):
1656         * workers/WorkerScriptLoader.h:
1657         * xml/XMLHttpRequest.cpp:
1658         (WebCore::XMLHttpRequest::createRequest):
1659
1660 2016-07-20  Chris Dumez  <cdumez@apple.com>
1661
1662         Fix null handling of several Document attributes
1663         https://bugs.webkit.org/show_bug.cgi?id=159997
1664
1665         Reviewed by Ryosuke Niwa.
1666
1667         Fix null handling of the following Document attributes: title, cookie
1668         and domain.
1669
1670         In WebKit, they were all marked as [TreatNullAs=EmptyString], which
1671         does not match the specification:
1672         - https://html.spec.whatwg.org/multipage/dom.html#document
1673
1674         Details for each attribute:
1675         - title: null is now treated as the string "null", thus setting the
1676           document title to "null". This matches Firefox and Chrome.
1677         - cookie: adds a "null" cookie instead of being a no-op. This matches
1678                   both Firefox and Chrome.
1679         - domain: Calls setDomain(String("null")) instead of
1680                   setDomain(String()). This throws an exception because "null"
1681                   is not a suffix of the effective domain name. The behavior
1682                   is the same in Firefox and Chrome. Previously, we were
1683                   already throwing an exception since setting the domain to
1684                   the empty string throws, as per the specification.
1685
1686         Test: http/tests//dom/document-attributes-null-handling.html
1687
1688         * dom/Document.idl:
1689
1690 2016-07-20  Commit Queue  <commit-queue@webkit.org>
1691
1692         Unreviewed, rolling out r203471.
1693         https://bugs.webkit.org/show_bug.cgi?id=160003
1694
1695         many iOS-simulator tests are failing (Requested by litherum on
1696         #webkit).
1697
1698         Reverted changeset:
1699
1700         "[iPhone] Playing a video on tudou.com plays only sound, no
1701         video"
1702         https://bugs.webkit.org/show_bug.cgi?id=159967
1703         http://trac.webkit.org/changeset/203471
1704
1705 2016-07-19  Ryosuke Niwa  <rniwa@webkit.org>
1706
1707         iOS: Cannot paste images in RTF content
1708         https://bugs.webkit.org/show_bug.cgi?id=159964
1709         <rdar://problem/27442806>
1710
1711         Reviewed by Enrica Casucci.
1712
1713         The bug was caused by setDefersLoading(true) not deferring image loading for the parsed fragment.
1714         Worked around this bug by disabling image loading while parsing the document fragment.
1715
1716         * editing/ios/EditorIOS.mm:
1717         (WebCore::Editor::createFragmentAndAddResources):
1718
1719 2016-07-20  Brady Eidson  <beidson@apple.com>
1720
1721         Address a small FIXME in IDB code.
1722         https://bugs.webkit.org/show_bug.cgi?id=159999
1723
1724         Reviewed by Andy Estes.
1725
1726         No new tests (No behavior change).
1727
1728         * Modules/indexeddb/IDBRequest.cpp:
1729         (WebCore::IDBRequest::IDBRequest):
1730         
1731         * Modules/indexeddb/shared/IDBResourceIdentifier.cpp:
1732         (WebCore::IDBResourceIdentifier::IDBResourceIdentifier): Deleted.
1733         * Modules/indexeddb/shared/IDBResourceIdentifier.h:
1734
1735 2016-07-20  Brady Eidson  <beidson@apple.com>
1736
1737         Remove some "modernFoo"s from IndexedDB code.
1738         https://bugs.webkit.org/show_bug.cgi?id=159985
1739
1740         Reviewed by Andy Estes.
1741
1742         No new tests (No known behavior change).
1743
1744         * Modules/indexeddb/IDBCursor.cpp:
1745         (WebCore::IDBCursor::IDBCursor):
1746         (WebCore::IDBCursor::~IDBCursor):
1747         (WebCore::IDBCursor::sourcesDeleted):
1748         (WebCore::IDBCursor::effectiveObjectStore):
1749         (WebCore::IDBCursor::transaction):
1750         (WebCore::IDBCursor::direction):
1751         (WebCore::IDBCursor::update):
1752         (WebCore::IDBCursor::advance):
1753         (WebCore::IDBCursor::continueFunction):
1754         (WebCore::IDBCursor::uncheckedIterateCursor):
1755         (WebCore::IDBCursor::deleteFunction):
1756         (WebCore::IDBCursor::setGetResult):
1757         
1758         * Modules/indexeddb/IDBIndex.cpp:
1759         (WebCore::IDBIndex::IDBIndex):
1760         (WebCore::IDBIndex::~IDBIndex):
1761         (WebCore::IDBIndex::hasPendingActivity):
1762         (WebCore::IDBIndex::name):
1763         (WebCore::IDBIndex::objectStore):
1764         (WebCore::IDBIndex::keyPath):
1765         (WebCore::IDBIndex::unique):
1766         (WebCore::IDBIndex::multiEntry):
1767         (WebCore::IDBIndex::openCursor):
1768         (WebCore::IDBIndex::doCount):
1769         (WebCore::IDBIndex::openKeyCursor):
1770         (WebCore::IDBIndex::doGet):
1771         (WebCore::IDBIndex::doGetKey):
1772         (WebCore::IDBIndex::markAsDeleted):
1773         * Modules/indexeddb/IDBIndex.h:
1774         
1775         * Modules/indexeddb/IDBObjectStore.cpp:
1776         (WebCore::IDBObjectStore::transaction):
1777         (WebCore::IDBObjectStore::deleteFunction): Deleted.
1778         (WebCore::IDBObjectStore::modernDelete): Deleted.
1779         * Modules/indexeddb/IDBObjectStore.h:
1780         
1781         * bindings/js/JSIDBIndexCustom.cpp:
1782         (WebCore::JSIDBIndex::visitAdditionalChildren):
1783
1784 2016-07-20  Chris Dumez  <cdumez@apple.com>
1785
1786         Stop using valueToStringWithNullCheck() in JSCSSStyleDeclaration::putDelegate()
1787         https://bugs.webkit.org/show_bug.cgi?id=159982
1788
1789         Reviewed by Ryosuke Niwa.
1790
1791         valueToStringWithNullCheck() treats null as the null String() which is
1792         legacy / non standard behavior. The specification says we should treat
1793         null as the empty string:
1794         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-camel-cased-attribute
1795
1796         Therefore, we should be using valueToStringTreatingNullAsEmptyString() instead.
1797
1798         In practice, there is no web-exposed behavior change because
1799         MutableStyleProperties::setProperty() removes the property wether the
1800         value is the null String or the empty String.
1801
1802         This behavior is correct since the specification says that we should
1803         remove the property if the value is the empty string:
1804         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-setproperty (step 4)
1805
1806         I added test coverage to make sure we behave according to specification.
1807         This test is passing in Firefox, Chrome and in WebKit (before and after
1808         my change).
1809
1810         Test: fast/css/CSSStyleDeclaration-property-setter.html
1811
1812         * bindings/js/JSCSSStyleDeclarationCustom.cpp:
1813         (WebCore::JSCSSStyleDeclaration::putDelegate):
1814
1815 2016-07-20  Chris Dumez  <cdumez@apple.com>
1816
1817         Fix null handling of HTMLFrameElement.marginWidth / marginHeight
1818         https://bugs.webkit.org/show_bug.cgi?id=159987
1819
1820         Reviewed by Ryosuke Niwa.
1821
1822         Fix null handling of HTMLFrameElement.marginWidth / marginHeight:
1823         - https://html.spec.whatwg.org/multipage/obsolete.html#htmlframeelement
1824
1825         We are supposed to treat null as the empty string but we treat it as
1826         the string "null".
1827
1828         Firefox and Chrome both match the specification.
1829
1830         No new tests, updated existing tests.
1831
1832         * html/HTMLFrameElement.idl:
1833
1834 2016-07-20  Wenson Hsieh  <wenson_hsieh@apple.com>
1835
1836         Pausing autoplayed media should not remove all restrictions for that media element
1837         https://bugs.webkit.org/show_bug.cgi?id=159988
1838
1839         Reviewed by Jon Lee.
1840
1841         Localizes the removal of behavior restrictions introduced in r203464 upon pausing an
1842         autoplaying video to just affect the hiding or showing of the media controller. This
1843         prevents pages from using Javascript to start playing autoplaying videos that have
1844         been paused by the user.
1845
1846         * html/HTMLMediaElement.cpp:
1847         (WebCore::HTMLMediaElement::pause):
1848
1849 2016-07-20  Myles C. Maxfield  <mmaxfield@apple.com>
1850
1851         [iPhone] Playing a video on tudou.com plays only sound, no video
1852         https://bugs.webkit.org/show_bug.cgi?id=159967
1853         <rdar://problem/26964090>
1854
1855         Reviewed by Jon Lee.
1856
1857         WebKit recently starting honoring the playsinline and webkit-playsinline
1858         attribute on iPhones. However, because these attributes previously did
1859         nothing, some sites (such as Todou) were setting them on their content
1860         and expecting that they are not honored. In this specific case, the
1861         video is absolutely positioned to be 1 pixel x 1 pixel.
1862
1863         Previously, with iOS 9, apps could set the allowsInlineMediaPlayback
1864         property on their WKWebView, which would honor the webkit-playsinline
1865         attribute. Safari on iPhones didn't do this.
1866
1867         In order to not break these existing apps, it's important that the
1868         allowsInlineMediaPlayback preference still allows webkit-playsinline
1869         videos to play inline in apps using WKWebView. However, in Safari, these
1870         videos should play fullscreen. (Todou videos have webkit-playsinline
1871         but not playsinline.)
1872
1873         Therefore, in Safari, videos with playsinline should be inline, but
1874         videos with webkit-playsinline should be fullscreen. In apps using
1875         WKWebViews, if the app sets allowsInlineMediaPlayback, then videos with
1876         playsinline should be inline, and videos with webkit-playsinline should
1877         also be inline. Videos on iPad and Mac should all be inline by default.
1878
1879         We can create some truth tables for the cases which need to be covered:
1880
1881         All apps on Mac / iPad:
1882         Presence of playsinline | Presence of webkit-playsinline | Result
1883         ========================|================================|===========
1884         Not present             | Not present                    | Inline
1885         Present                 | Not present                    | Inline
1886         Not Present             | Present                        | Inline
1887         Present                 | Present                        | Inline
1888
1889         Safari on iPhone:
1890         Presence of playsinline | Presence of webkit-playsinline | Result
1891         ========================|================================|===========
1892         Not present             | Not present                    | Fullscreen
1893         Present                 | Not present                    | Inline
1894         Not Present             | Present                        | Fullscreen
1895         Present                 | Present                        | Inline
1896
1897         App on iPhone which sets allowsInlineMediaPlayback:
1898         Presence of playsinline | Presence of webkit-playsinline | Result
1899         ========================|================================|===========
1900         Not present             | Not present                    | Fullscreen
1901         Present                 | Not present                    | Inline
1902         Not Present             | Present                        | Inline
1903         Present                 | Present                        | Inline
1904
1905         The way to distinguish Safari from another app is to create an SPI
1906         boolean preference which Safari can set. This is already how the
1907         iPhone and iPad are differentiated using the requiresPlayInlineAttribute
1908         which Safari sets but other apps don't. However, this preference is
1909         no longer sufficient because Safari should now be discriminating
1910         between the playsinline and webkit-playsinline attributes. Therefore,
1911         this preference should be extended to two boolean preferences, which
1912         this patch adds:
1913
1914         allowsInlineMediaPlaybackWithPlaysInlineAttribute
1915         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute
1916
1917         Safari on iPhone will set
1918         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to true,
1919         and allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to
1920         false. Other apps on iPhone will get their defaults values (because they
1921         are SPI) which means they will both be true. On iPad and Mac, apps will
1922         use the defaults values where both are false.
1923
1924         This patch adds support for these two preferences, but does not remove
1925         the existing inlineMediaPlaybackRequiresPlaysInlineAttribute preference.
1926         I will remove the exising preference as soon as I update Safari to migrate
1927         off of it.
1928
1929         Test: media/video-playsinline.html
1930
1931         * html/MediaElementSession.cpp:
1932         (WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):
1933         * page/Settings.cpp:
1934         * page/Settings.in:
1935         * testing/InternalSettings.cpp:
1936         (WebCore::InternalSettings::Backup::Backup):
1937         (WebCore::InternalSettings::Backup::restoreTo):
1938         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithPlaysInlineAttribute):
1939         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute):
1940         * testing/InternalSettings.h:
1941         * testing/InternalSettings.idl:
1942
1943 2016-07-20  Chris Dumez  <cdumez@apple.com>
1944
1945         Get rid of custom bindings code for XMLHttpRequest.open()
1946         https://bugs.webkit.org/show_bug.cgi?id=159984
1947
1948         Reviewed by Ryosuke Niwa.
1949
1950         Get rid of custom bindings code for XMLHttpRequest.open() as the
1951         bindings generator is able to generate it.
1952
1953         Relevant specification:
1954         - https://xhr.spec.whatwg.org/#xmlhttprequest
1955
1956         The issue is that legacy content prevents treating the 'async' argument
1957         being undefined identical from it being omitted. However, this can be
1958         achieved by using overloading in IDL, like in the specification.
1959
1960         No new tests, already covered by the following tests:
1961         - http/tests/xmlhttprequest/basic-auth.html
1962         - http/tests/xmlhttprequest/open-async-overload.html
1963
1964         * bindings/js/JSXMLHttpRequestCustom.cpp:
1965         (WebCore::SendFunctor::SendFunctor): Deleted.
1966         (WebCore::SendFunctor::line): Deleted.
1967         (WebCore::SendFunctor::column): Deleted.
1968         (WebCore::SendFunctor::url): Deleted.
1969         (WebCore::SendFunctor::operator()): Deleted.
1970         * xml/XMLHttpRequest.cpp:
1971         (WebCore::XMLHttpRequest::open):
1972         * xml/XMLHttpRequest.h:
1973         * xml/XMLHttpRequest.idl:
1974
1975 2016-07-20  Rawinder Singh  <rawinder.singh-webkit@cisra.canon.com.au>
1976
1977         Mark overriden methods in WebCore/svg final classes as final
1978         https://bugs.webkit.org/show_bug.cgi?id=159966
1979
1980         Reviewed by Michael Catanzaro.
1981
1982         Update WebCore/svg classes so that overriden methods in final classes are marked final.
1983
1984         * svg/SVGAElement.h:
1985         * svg/SVGAltGlyphDefElement.h:
1986         * svg/SVGAltGlyphItemElement.h:
1987         * svg/SVGAnimateTransformElement.h:
1988         * svg/SVGAnimatedColor.h:
1989         * svg/SVGCircleElement.h:
1990         * svg/SVGClipPathElement.h:
1991         * svg/SVGCursorElement.h:
1992         * svg/SVGDefsElement.h:
1993         * svg/SVGDescElement.h:
1994         * svg/SVGEllipseElement.h:
1995         * svg/SVGFEMergeNodeElement.h:
1996         * svg/SVGFilterElement.h:
1997         * svg/SVGFontElement.h:
1998         * svg/SVGFontFaceElement.h:
1999         * svg/SVGFontFaceFormatElement.h:
2000         * svg/SVGFontFaceNameElement.h:
2001         * svg/SVGFontFaceSrcElement.h:
2002         * svg/SVGFontFaceUriElement.h:
2003         * svg/SVGForeignObjectElement.h:
2004         * svg/SVGGElement.h:
2005         * svg/SVGGlyphElement.h:
2006         * svg/SVGGlyphRefElement.h:
2007         * svg/SVGHKernElement.h:
2008         * svg/SVGImageElement.h:
2009         * svg/SVGLineElement.h:
2010         * svg/SVGMPathElement.h:
2011         * svg/SVGMaskElement.h:
2012         * svg/SVGMetadataElement.h:
2013         * svg/SVGMissingGlyphElement.h:
2014         * svg/SVGPathBuilder.h:
2015         * svg/SVGPathByteStreamBuilder.h:
2016         * svg/SVGPathByteStreamSource.h:
2017         * svg/SVGPathElement.h:
2018         * svg/SVGPathSegArcAbs.h:
2019         * svg/SVGPathSegArcRel.h:
2020         * svg/SVGPathSegClosePath.h:
2021         * svg/SVGPathSegCurvetoCubicAbs.h:
2022         * svg/SVGPathSegCurvetoCubicRel.h:
2023         * svg/SVGPathSegCurvetoCubicSmoothAbs.h:
2024         * svg/SVGPathSegCurvetoCubicSmoothRel.h:
2025         * svg/SVGPathSegCurvetoQuadraticAbs.h:
2026         * svg/SVGPathSegCurvetoQuadraticRel.h:
2027         * svg/SVGPathSegCurvetoQuadraticSmoothAbs.h:
2028         * svg/SVGPathSegCurvetoQuadraticSmoothRel.h:
2029         * svg/SVGPathSegLinetoAbs.h:
2030         * svg/SVGPathSegLinetoHorizontalAbs.h:
2031         * svg/SVGPathSegLinetoHorizontalRel.h:
2032         * svg/SVGPathSegLinetoRel.h:
2033         * svg/SVGPathSegLinetoVerticalAbs.h:
2034         * svg/SVGPathSegLinetoVerticalRel.h:
2035         * svg/SVGPathSegListBuilder.h:
2036         * svg/SVGPathSegListSource.h:
2037         * svg/SVGPathSegMovetoAbs.h:
2038         * svg/SVGPathSegMovetoRel.h:
2039         * svg/SVGPathStringSource.h:
2040         * svg/SVGPathTraversalStateBuilder.h:
2041         * svg/SVGPatternElement.h:
2042         * svg/SVGRectElement.h:
2043         * svg/SVGScriptElement.h:
2044         * svg/SVGStopElement.h:
2045         * svg/SVGStyleElement.h:
2046         * svg/SVGSwitchElement.h:
2047         * svg/SVGTRefElement.cpp:
2048         * svg/SVGTitleElement.h:
2049         * svg/SVGToOTFFontConversion.cpp:
2050         * svg/SVGUnknownElement.h:
2051         * svg/SVGVKernElement.h:
2052         * svg/SVGViewElement.h:
2053         * svg/SVGZoomEvent.h:
2054         * svg/animation/SVGSMILElement.cpp:
2055         * svg/graphics/SVGImage.h:
2056         * svg/graphics/SVGImageClients.h:
2057         * svg/graphics/SVGImageForContainer.h:
2058         * svg/graphics/filters/SVGFEImage.h:
2059         * svg/graphics/filters/SVGFilter.h:
2060         * svg/properties/SVGAnimatedEnumerationPropertyTearOff.h:
2061         * svg/properties/SVGAnimatedPathSegListPropertyTearOff.h:
2062         * svg/properties/SVGAnimatedPropertyTearOff.h:
2063         * svg/properties/SVGAnimatedTransformListPropertyTearOff.h:
2064         * svg/properties/SVGMatrixTearOff.h:
2065         * svg/properties/SVGPathSegListPropertyTearOff.h:
2066
2067 2016-07-20  Brady Eidson  <beidson@apple.com>
2068
2069         Transition most IDB interfaces from ScriptExecutionContext to ExecState.
2070         https://bugs.webkit.org/show_bug.cgi?id=159975
2071
2072         Reviewed by Alex Christensen.
2073
2074         No new tests (No known behavior change).
2075
2076         * Modules/indexeddb/IDBCursor.cpp:
2077         (WebCore::IDBCursor::continueFunction):
2078         (WebCore::IDBCursor::deleteFunction):
2079         * Modules/indexeddb/IDBCursor.h:
2080         * Modules/indexeddb/IDBCursor.idl:
2081
2082         * Modules/indexeddb/IDBDatabase.idl:
2083
2084         * Modules/indexeddb/IDBFactory.cpp:
2085         (WebCore::IDBFactory::cmp):
2086         * Modules/indexeddb/IDBFactory.h:
2087         * Modules/indexeddb/IDBFactory.idl:
2088
2089         * Modules/indexeddb/IDBIndex.cpp:
2090         (WebCore::IDBIndex::openCursor):
2091         (WebCore::IDBIndex::count):
2092         (WebCore::IDBIndex::doCount):
2093         (WebCore::IDBIndex::openKeyCursor):
2094         (WebCore::IDBIndex::get):
2095         (WebCore::IDBIndex::doGet):
2096         (WebCore::IDBIndex::getKey):
2097         (WebCore::IDBIndex::doGetKey):
2098         * Modules/indexeddb/IDBIndex.h:
2099         * Modules/indexeddb/IDBIndex.idl:
2100
2101         * Modules/indexeddb/IDBKeyRange.cpp:
2102         (WebCore::IDBKeyRange::only): Deleted.
2103         * Modules/indexeddb/IDBKeyRange.h:
2104
2105         * Modules/indexeddb/IDBObjectStore.cpp:
2106         (WebCore::IDBObjectStore::openCursor):
2107         (WebCore::IDBObjectStore::get):
2108         (WebCore::IDBObjectStore::putOrAdd):
2109         (WebCore::IDBObjectStore::deleteFunction):
2110         (WebCore::IDBObjectStore::doDelete):
2111         (WebCore::IDBObjectStore::modernDelete):
2112         (WebCore::IDBObjectStore::clear):
2113         (WebCore::IDBObjectStore::createIndex):
2114         (WebCore::IDBObjectStore::count):
2115         (WebCore::IDBObjectStore::doCount):
2116         * Modules/indexeddb/IDBObjectStore.h:
2117         * Modules/indexeddb/IDBObjectStore.idl:
2118
2119         * Modules/indexeddb/IDBTransaction.cpp:
2120         (WebCore::IDBTransaction::requestOpenCursor):
2121         (WebCore::IDBTransaction::doRequestOpenCursor):
2122         (WebCore::IDBTransaction::requestGetRecord):
2123         (WebCore::IDBTransaction::requestGetValue):
2124         (WebCore::IDBTransaction::requestGetKey):
2125         (WebCore::IDBTransaction::requestIndexRecord):
2126         (WebCore::IDBTransaction::requestCount):
2127         (WebCore::IDBTransaction::requestDeleteRecord):
2128         (WebCore::IDBTransaction::requestClearObjectStore):
2129         (WebCore::IDBTransaction::requestPutOrAdd):
2130         * Modules/indexeddb/IDBTransaction.h:
2131
2132         * inspector/InspectorIndexedDBAgent.cpp:
2133
2134 2016-07-20  Wenson Hsieh  <wenson_hsieh@apple.com>
2135
2136         Media controls don't appear when pausing a small autoplaying video
2137         https://bugs.webkit.org/show_bug.cgi?id=159972
2138         <rdar://problem/27180657>
2139
2140         Reviewed by Beth Dakin.
2141
2142         When pausing an autoplaying video, remove behavior restrictions for the
2143         initial user gesture and show media controls.
2144
2145         New WebKit API test. See VideoControlsManagerSingleSmallAutoplayingVideo.
2146
2147         * html/HTMLMediaElement.cpp:
2148         (WebCore::HTMLMediaElement::pause):
2149
2150 2016-07-20  Chris Dumez  <cdumez@apple.com>
2151
2152         Fix null handling of HTMLMediaElement.mediaGroup
2153         https://bugs.webkit.org/show_bug.cgi?id=159974
2154
2155         Reviewed by Eric Carlson.
2156
2157         Fix null handling of HTMLMediaElement.mediaGroup to match the specification:
2158         - https://www.w3.org/TR/html5/embedded-content-0.html#media-elements
2159
2160         null is supposed to be treated as the String "null". This patch aligns
2161         our behavior with the specification. I tested Firefox and Chrome but both
2162         do not have this attribute on HTMLMediaElement.
2163
2164         Also remove support for [TreatNullAs=LegacyNullString] from our bindings
2165         generator as HTMLMediaElement.mediaGroup was the last user.
2166
2167         No new tests, rebaselined existing test.
2168
2169         * bindings/scripts/CodeGeneratorJS.pm:
2170         (JSValueToNative):
2171         * bindings/scripts/IDLAttributes.txt:
2172         * html/HTMLMediaElement.idl:
2173
2174 2016-07-20  Chris Dumez  <cdumez@apple.com>
2175
2176         CSSStyleDeclaration.setProperty() should be able to unset "important" on a property
2177         https://bugs.webkit.org/show_bug.cgi?id=159959
2178
2179         Reviewed by Alexey Proskuryakov.
2180
2181         CSSStyleDeclaration.setProperty() should be able to unsert "important"
2182         on a property as per the latest specification:
2183         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-setproperty
2184         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-camel-cased-attribute
2185
2186         Firefox and Chrome match the specification here but WebKit was ignoring calls
2187         to setProperty() if there is already an "important" property wit this name
2188         and if the new property does not have the "important" flag set.
2189
2190         This behavior was added a long time ago via Bug 60007. However, it does not
2191         match the latest specification or other browsers.
2192
2193         Test: fast/css/CSSStyleDeclaration-setProperty-unset-important.html
2194
2195         * css/StyleProperties.cpp:
2196         (WebCore::MutableStyleProperties::addParsedProperty):
2197         Drop code that was added via Bug 60007 as this behavior no longer matches the
2198         specification or other browsers. The layout test added in Bug 60007 fails in
2199         other browsers and was updated in this patch to match the specification.
2200
2201 2016-07-20  Commit Queue  <commit-queue@webkit.org>
2202
2203         Unreviewed, rolling out r203423.
2204         https://bugs.webkit.org/show_bug.cgi?id=159977
2205
2206         The test for this change is failing on Mac Release WK2
2207         (Requested by ryanhaddad on #webkit).
2208
2209         Reverted changeset:
2210
2211         "HTMLVideoElement frames do not update on iOS when src is a
2212         MediaStream blob"
2213         https://bugs.webkit.org/show_bug.cgi?id=159833
2214         http://trac.webkit.org/changeset/203423
2215
2216 2016-07-20  Chris Dumez  <cdumez@apple.com>
2217
2218         Fix null handling of HTMLSelectElement.value attribute
2219         https://bugs.webkit.org/show_bug.cgi?id=159925
2220
2221         Reviewed by Benjamin Poulain.
2222
2223         Fix null handling of HTMLSelectElement.value attribute:
2224         - https://html.spec.whatwg.org/multipage/forms.html#htmlselectelement
2225
2226         We were treating null as the null String which would end up setting
2227         selectedIndex to -1. However, we should treat null as the String "null"
2228         which would set the selectedIndex to the index of the <option> element
2229         whose value is "null".
2230
2231         Firefox and Chrome match the specification.
2232
2233         Test: fast/dom/HTMLSelectElement/value-null-handling.html
2234
2235         * html/HTMLSelectElement.cpp:
2236         (WebCore::HTMLSelectElement::setValue):
2237         * html/HTMLSelectElement.idl:
2238
2239 2016-07-20  Chris Dumez  <cdumez@apple.com>
2240
2241         PostResolutionCallbackDisabler can resume pending requests while a ResourceLoadSuspender is alive
2242         https://bugs.webkit.org/show_bug.cgi?id=159962
2243         <rdar://problem/21439264>
2244
2245         Reviewed by David Kilzer.
2246
2247         PostResolutionCallbackDisabler can resume pending requests while a ResourceLoadSuspender
2248         is alive. We have both PostResolutionCallbackDisabler and ResourceLoadSuspender that
2249         call LoaderStrategy::suspendPendingRequests() / LoaderStrategy::resumePendingRequests().
2250         However, PostResolutionCallbackDisabler and ResourceLoadSuspender are not aware of each
2251         other. It is therefore possible for a PostResolutionCallbackDisabler object to get
2252         destroyed, causing LoaderStrategy::resumePendingRequests() to be called while a
2253         ResourceLoadSuspender object is alive.
2254
2255         This leads to hard to investigate crashes where we end up re-entering WebKit and killing
2256         the style resolver.
2257
2258         This patch drops ResourceLoadSuspender and uses PostResolutionCallbackDisabler instead.
2259         There was only one user of ResourceLoadSuspender and PostResolutionCallbackDisabler
2260         is better because it manages a resolutionNestingDepth counter internally to make sure
2261         it only calls LoaderStrategy::resumePendingRequests() once all
2262         PostResolutionCallbackDisabler instances are destroyed.
2263
2264         No new tests, there is no easy way to reproduce the crashes.
2265
2266         * dom/Document.cpp:
2267         (WebCore::Document::styleForElementIgnoringPendingStylesheets):
2268         * loader/LoaderStrategy.cpp:
2269         (WebCore::ResourceLoadSuspender::ResourceLoadSuspender): Deleted.
2270         (WebCore::ResourceLoadSuspender::~ResourceLoadSuspender): Deleted.
2271         * loader/LoaderStrategy.h:
2272
2273 2016-07-19  Youenn Fablet  <youenn@apple.com>
2274
2275         [Fetch API] Add a JS builtin to implement https://fetch.spec.whatwg.org/#concept-headers-fill
2276         https://bugs.webkit.org/show_bug.cgi?id=159932
2277
2278         Reviewed by Alex Christensen.
2279
2280         Covered by existing tests.
2281
2282         Refactoring Headers initializeWith to use the new built-in internal that implements
2283         https://fetch.spec.whatwg.org/#concept-headers-fill.
2284
2285         Refactoring Response constructor to put more checks in the JS builtin fucntion called within constructor.
2286         Making use of the new built-in internal that implements https://fetch.spec.whatwg.org/#concept-headers-fill.
2287
2288         * CMakeLists.txt: Adding FetchHeadersInternals.js
2289         * DerivedSources.make: Ditto.
2290         * Modules/fetch/FetchHeaders.js:
2291         (initializeFetchHeaders): Using fillFetchHeaders new built-in internal.
2292         * Modules/fetch/FetchInternals.js: Added.
2293         (fillFetchHeaders):
2294         * Modules/fetch/FetchResponse.cpp: Refactoring to do more in the JS built-in. Splitting of initializeWith so
2295         that the checks are done in the order defined by the spec.
2296         (WebCore::FetchResponse::setStatus):
2297         (WebCore::FetchResponse::initializeWith):
2298         (WebCore::isNullBodyStatus): Deleted.
2299         * Modules/fetch/FetchResponse.h:
2300         * Modules/fetch/FetchResponse.idl:
2301         * Modules/fetch/FetchResponse.js:
2302         (initializeFetchResponse): New built-in internal.
2303         * WebCore.xcodeproj/project.pbxproj:
2304         * bindings/js/WebCoreBuiltinNames.h:
2305
2306 2016-07-19  Chris Dumez  <cdumez@apple.com>
2307
2308         Fix null handling of SVGScriptElement.type attribute
2309         https://bugs.webkit.org/show_bug.cgi?id=159927
2310
2311         Reviewed by Benjamin Poulain.
2312
2313         Fix null handling of SVGScriptElement.type attribute:
2314         - https://www.w3.org/TR/SVG2/interact.html#InterfaceSVGScriptElement
2315
2316         We were treating null as the null String which would end up removing
2317         the 'type' content attribute. However, we should treat null as the
2318         String "null".
2319
2320         Firefox and Chrome match the specification.
2321
2322         No new tests, updated existing test.
2323
2324         * svg/SVGScriptElement.idl:
2325
2326 2016-07-19  Chris Dumez  <cdumez@apple.com>
2327
2328         Fix null handling of several HTMLDocument attributes
2329         https://bugs.webkit.org/show_bug.cgi?id=159923
2330
2331         Reviewed by Benjamin Poulain.
2332
2333         Fix null handling of several HTMLDocument attributes:
2334         - https://html.spec.whatwg.org/multipage/dom.html#document
2335         - https://html.spec.whatwg.org/multipage/obsolete.html#document-partial
2336
2337         In particular, null handling was incorrect in WebKit for 'dir',
2338         'bgColor', 'fgColor', 'alinkColor', 'linkColor' and 'vlinkColor'.
2339
2340         Firefox and Chrome match the specification.
2341
2342         Test: fast/dom/HTMLDocument/null-handling.html
2343
2344         * html/HTMLDocument.idl:
2345
2346 2016-07-19  Chris Dumez  <cdumez@apple.com>
2347
2348         Document.createElementNS() / createAttributeNS() parameters should be mandatory
2349         https://bugs.webkit.org/show_bug.cgi?id=159938
2350
2351         Reviewed by Benjamin Poulain.
2352
2353         Document.createElementNS() / createAttributeNS() parameters should be mandatory:
2354         - https://dom.spec.whatwg.org/#document
2355
2356         They were optional in WebKit. However, Firefox and Chrome both match the
2357         specification.
2358
2359         No new tests, rebaselined existing tests.
2360
2361         * dom/Document.idl:
2362
2363 2016-07-19  Benjamin Poulain  <bpoulain@apple.com>
2364
2365         Use getElementById for attribute matching if the attribute name is html's id
2366         https://bugs.webkit.org/show_bug.cgi?id=159960
2367
2368         Reviewed by Chris Dumez.
2369
2370         Elliott Sprehn discovered YUI makes heavy uses of querySelector with [id=value]
2371         (https://bugs.chromium.org/p/chromium/issues/detail?id=627242).
2372
2373         If we are not in quirks mode, IdForStyleResolution has the same value
2374         as the Id attribute. We can use the same optimization for both cases.
2375
2376         Tests: fast/selectors/id-attribute-querySelector-used-as-id-selector-quirks.html
2377                fast/selectors/id-attribute-querySelector-used-as-id-selector.html
2378
2379         * dom/SelectorQuery.cpp:
2380         (WebCore::canBeUsedForIdFastPath):
2381         (WebCore::findIdMatchingType):
2382         (WebCore::SelectorDataList::SelectorDataList):
2383         (WebCore::selectorForIdLookup):
2384         (WebCore::filterRootById):
2385
2386 2016-07-19  Chris Dumez  <cdumez@apple.com>
2387
2388         Drop SVGElement.xmlbase attribute
2389         https://bugs.webkit.org/show_bug.cgi?id=159926
2390
2391         Reviewed by Benjamin Poulain.
2392
2393         Drop SVGElement.xmlbase attribute as it is no longer part of the
2394         specification:
2395         - https://www.w3.org/TR/SVG2/types.html#InterfaceSVGElement
2396
2397         Both Firefox and Chrome have already dropped support for
2398         SVGElement.xmlbase.
2399
2400         Chrome's intent to remove:
2401         https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/TfwMq4d25hk/C-v_iC_wKfAJ
2402
2403         Test: svg/dom/SVGElement-xmlbase.html
2404
2405         * svg/SVGElement.cpp:
2406         (WebCore::SVGElement::removedFrom): Deleted.
2407         * svg/SVGElement.h:
2408         * svg/SVGElement.idl:
2409
2410 2016-07-19  Chris Dumez  <cdumez@apple.com>
2411
2412         Align CSSStyleDeclaration.setProperty() with the specification
2413         https://bugs.webkit.org/show_bug.cgi?id=159955
2414
2415         Reviewed by Benjamin Poulain.
2416
2417         Align CSSStyleDeclaration.setProperty() with the specification:
2418         - https://drafts.csswg.org/cssom/#the-cssstyledeclaration-interface
2419
2420         In particular, the following changes were needed:
2421         1. The 'value' parameter should not be optional
2422         2. The 'priority' parameter should treat null as the empty string
2423            rather than the string "null".
2424         3. The 'priority' parameter's default value should be the empty string,
2425            not the string "undefined".
2426         4. CSSStyleDeclaration.setProperty() should return early if 'priority'
2427            is not the empty string and is not an ASCII case-insensitive match
2428            for the string "important".
2429
2430         Chrome matches the specification entirely.
2431         Firefox matches the specification with the exception that it does a
2432         case-sensitive match for "important".
2433
2434         Test: fast/css/CSSStyleDeclaration-setProperty.html
2435
2436         * css/CSSStyleDeclaration.idl:
2437         * css/PropertySetCSSStyleDeclaration.cpp:
2438         (WebCore::PropertySetCSSStyleDeclaration::setProperty):
2439
2440 2016-07-19  Daniel Bates  <dabates@apple.com>
2441
2442         CSP: Improve support for multiple policies to more closely conform to the CSP Level 2 spec.
2443         https://bugs.webkit.org/show_bug.cgi?id=159841
2444         <rdar://problem/27381684>
2445
2446         Reviewed by Brent Fulgham.
2447
2448         Implement a first pass at sending multiple violation reports so as to more closely
2449         conform to section Enforcing multiple policies of the Content Security Policy Level 2 spec.,
2450         <https://w3c.github.io/webappsec-csp/2/> (Editor's Draft, 25 April 2016).
2451
2452         Tests: http/tests/security/contentSecurityPolicy/1.1/script-blocked-sends-multiple-reports.php
2453                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-enforced-policy-and-blocked-by-report-policy.php
2454                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-enforced-policy-and-blocked-by-report-policy2.php
2455                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy.php
2456                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
2457                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-enforced-policy-and-allowed-by-report-policy.php
2458                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-enforced-policy-and-allowed-by-report-policy2.php
2459                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy.php
2460                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy2.php
2461                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy.php
2462                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
2463                http/tests/security/contentSecurityPolicy/1.1/scripthash-in-enforced-policy-and-not-in-report-only.html
2464                http/tests/security/contentSecurityPolicy/1.1/scripthash-in-one-enforced-policy-neither-in-another-enforced-policy-nor-report-policy.html
2465                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-enforced-policy-and-blocked-by-report-policy.php
2466                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-enforced-policy-and-blocked-by-report-policy2.php
2467                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy.php
2468                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
2469                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-enforced-policy-and-allowed-by-report-policy.php
2470                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-enforced-policy-and-allowed-by-report-policy2.php
2471                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy.php
2472                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy2.php
2473                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy.php
2474                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
2475                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-in-enforced-policy-and-not-in-report-only.html
2476                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-in-one-enforced-policy-neither-in-another-enforced-policy-nor-report-policy.html
2477                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-multiple-policies.html
2478
2479         * page/csp/ContentSecurityPolicy.cpp:
2480         (WebCore::ContentSecurityPolicy::allPoliciesWithDispositionAllow): Added. Returns whether the resource
2481         is allowed by all of the policies with the specified disposition.
2482         (WebCore::ContentSecurityPolicy::allPoliciesAllow): Added. Returns whether the resource is allowed by
2483         all of the enforced policies.
2484         (WebCore::ContentSecurityPolicy::findHashOfContentInPolicies): Formerly named foundHashOfContentInAllPolicies.
2485         Modified to return a ("has found hash in all enforced policies, "has found hash in all report-only policies)-pair
2486         so that we can differentiate whether the hash violated an enforced policy or a report-only policy.
2487         (WebCore::ContentSecurityPolicy::allowJavaScriptURLs): Write in terms of ContentSecurityPolicy::allPoliciesAllow().
2488         (WebCore::ContentSecurityPolicy::allowInlineEventHandlers): Ditto.
2489         (WebCore::ContentSecurityPolicy::allowScriptWithNonce): For now only accept a nonce if it is allowed by
2490         all enforced policies. As a side effect of this change is that we only send a CSP violation report when a
2491         nonce violates a report-only policy only if the nonce also violates one or more enforced policies. We will
2492         address this limitation in <https://bugs.webkit.org/show_bug.cgi?id=159830>.
2493         (WebCore::ContentSecurityPolicy::allowStyleWithNonce): Ditto.
2494         (WebCore::ContentSecurityPolicy::allowInlineScript): Differentiate between a hash/'unsafe-inline' that
2495         matches/is contained in all enforce policies and a hash/'unsafe-inline' that matches/is contained in all
2496         report-only policies so that we only allow the resource for the former. As a side effect of this change
2497         we may report that a resource violated a policy even if it contained the hash. See <https://bugs.webkit.org/show_bug.cgi?id=159832>
2498         for more details.
2499         (WebCore::ContentSecurityPolicy::allowInlineStyle): Ditto.
2500         (WebCore::ContentSecurityPolicy::allowEval): Write in terms of ContentSecurityPolicy::allPoliciesAllow().
2501         (WebCore::ContentSecurityPolicy::allowFrameAncestors): Ditto.
2502         (WebCore::ContentSecurityPolicy::allowPluginType): Ditto.
2503         (WebCore::ContentSecurityPolicy::allowScriptFromSource): Ditto.
2504         (WebCore::ContentSecurityPolicy::allowObjectFromSource): Ditto.
2505         (WebCore::ContentSecurityPolicy::allowChildFrameFromSource): Ditto.
2506         (WebCore::ContentSecurityPolicy::allowChildContextFromSource): Ditto.
2507         (WebCore::ContentSecurityPolicy::allowImageFromSource): Ditto.
2508         (WebCore::ContentSecurityPolicy::allowStyleFromSource): Ditto.
2509         (WebCore::ContentSecurityPolicy::allowFontFromSource): Ditto.
2510         (WebCore::ContentSecurityPolicy::allowMediaFromSource): Ditto.
2511         (WebCore::ContentSecurityPolicy::allowConnectToSource): Ditto.
2512         (WebCore::ContentSecurityPolicy::allowFormAction): Ditto.
2513         (WebCore::ContentSecurityPolicy::allowBaseURI): Ditto.
2514         (WebCore::ContentSecurityPolicy::foundHashOfContentInAllPolicies): Deleted.
2515         * page/csp/ContentSecurityPolicy.h:
2516         (WebCore::ContentSecurityPolicy::violatedDirectiveInAnyPolicy): Deleted.
2517
2518 2016-07-19  Chris Dumez  <cdumez@apple.com>
2519
2520         Fix null handling of HTMLScriptElement.text attribute
2521         https://bugs.webkit.org/show_bug.cgi?id=159943
2522
2523         Reviewed by Benjamin Poulain.
2524
2525         Fix null handling of HTMLScriptElement.text attribute:
2526         - https://html.spec.whatwg.org/multipage/scripting.html#the-script-element
2527
2528         We should treat null as the "null" String but we were treating it as
2529         the empty string.
2530
2531         Firefox and Chrome match the specification.
2532
2533         No new tests, rebaselined existing test.
2534
2535         * html/HTMLScriptElement.idl:
2536
2537 2016-07-19  Chris Dumez  <cdumez@apple.com>
2538
2539         autocapitalize attribute should not use [TreatNullAs=LegacyNullString]
2540         https://bugs.webkit.org/show_bug.cgi?id=159934
2541
2542         Reviewed by Benjamin Poulain.
2543
2544         autocapitalize attribute should not use [TreatNullAs=LegacyNullString]. This is
2545         non-standard and we want to drop support for it from the bindings generator.
2546
2547         Instead, use [TreatNullAs=EmptyString] in order to maintain existing behavior
2548         given that both a missing/empty attribute result in using the default
2549         autocapitalization mode and that autocapitalize returns the empty string by
2550         default.
2551
2552         Test: platform/ios-simulator/ios/fast/forms/autocapitalize-null.html
2553
2554         * html/HTMLFormElement.idl:
2555         * html/HTMLInputElement.idl:
2556         * html/HTMLTextAreaElement.idl:
2557
2558 2016-07-19  Zalan Bujtas  <zalan@apple.com>
2559
2560         REGRESSION(r203415): ASSERTION FAILED: !m_layoutRoot->container() || !m_layoutRoot->container()->needsLayout()
2561         https://bugs.webkit.org/show_bug.cgi?id=159952
2562
2563         Reviewed by Simon Fraser.
2564
2565         Update ASSERTs to reflect new functionality, that is, now we can end up in a state
2566         where the container (RenderView) of one of the dirty subtrees is dirty.
2567         See r203415.
2568  
2569         Covered by editing/pasteboard/drag-drop-input-in-svg.svg
2570
2571         * page/FrameView.cpp:
2572         (WebCore::FrameView::scheduleRelayoutOfSubtree):
2573
2574 2016-07-19  Dean Jackson  <dino@apple.com>
2575
2576         REGRESSION(202927): The first slide is the only displayed slide when Quicklooking a Keynote file
2577         https://bugs.webkit.org/show_bug.cgi?id=159948
2578         <rdar://problem/27391012>
2579
2580         Reviewed by Simon Fraser.
2581
2582         There is an iOS bug (<rdar://problem/27416744>) that is causing us
2583         to not always get a color space on CGContextRefs. Investigation of this
2584         exposed some optimizations we can take when we are creating ImageBuffers.
2585         In particular, if we have a bitmap context or an IOSurfaceContext we
2586         can simply copy their color space using API. Otherwise we stick with
2587         the existing CGContextCopyDeviceColorSpace.
2588
2589         Lastly, if for some reason we are unable to copy the device color space,
2590         we should fall back to sRGB.
2591
2592         * platform/graphics/cg/ImageBufferCG.cpp:
2593         (WebCore::ImageBuffer::createCompatibleBuffer):
2594         * platform/spi/cg/CoreGraphicsSPI.h: Add some SPI and enums.
2595
2596
2597 2016-07-19  George Ruan  <gruan@apple.com>
2598
2599         HTMLVideoElement frames do not update on iOS when src is a MediaStream blob
2600         https://bugs.webkit.org/show_bug.cgi?id=159833
2601         <rdar://problem/27379487>
2602
2603         Reviewed by Eric Carlson.
2604
2605         Test: fast/mediastream/MediaStream-video-element-displays-buffer.html
2606
2607         * WebCore.xcodeproj/project.pbxproj:
2608         * platform/graphics/avfoundation/MediaSampleAVFObjC.h: Change create to return a Ref<T> instead
2609         of RefPtr<T>
2610         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h: Make observer of
2611         MediaStreamTrackPrivate and make MediaPlayer use an AVSampleBufferDisplayLayer instead of CALayer.
2612         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm: Ditto.
2613         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::~MediaPlayerPrivateMediaStreamAVFObjC): Clean up
2614         observers and AVSampleBufferDisplayLayer
2615         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::isAvailable): Ensures AVSampleBufferDisplayLayer
2616         is available.
2617         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueAudioSampleBufferFromTrack): Placeholder.
2618         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueVideoSampleBufferFromTrack): Responsible
2619         for enqueuing sample buffers to the active video track.
2620         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::ensureLayer): Ensures that an AVSampleBufferDisplayLayer
2621         exists.
2622         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::destroyLayer): Destroys the AVSampleBufferDisplayLayer.
2623         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::platformLayer): Replace CALayer with AVSampleBufferDisplayLayer.
2624         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::currentDisplayMode): Ditto.
2625         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::sampleBufferUpdated): Called from MediaStreamTrackPrivate when a
2626         new SampleBuffer is available.
2627         (WebCore::updateTracksOfType): Manage adding and removing self as observer from tracks.
2628         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateTracks): Replace CALayer with AVSampleBufferDisplayLayer
2629         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::acceleratedRenderingStateChanged): Copied from
2630         MediaPlayerPrivateMediaSourceAVFObjC.mm
2631         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::load): Deleted CALayer.
2632         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateDisplayMode): Deleted process of updating CALayer.
2633         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateIntrinsicSize): Deleted CALayer.
2634         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::createPreviewLayers): Deleted.
2635         * platform/mediastream/MediaStreamPrivate.cpp:
2636         (WebCore::MediaStreamPrivate::updateActiveVideoTrack): Remove redundant check.
2637         * platform/mediastream/MediaStreamTrackPrivate.cpp:
2638         (WebCore::MediaStreamTrackPrivate::sourceHasMoreMediaData): Called from RealtimeMediaSource when a new SampleBuffer
2639         is available.
2640         * platform/mediastream/MediaStreamTrackPrivate.h:
2641         (WebCore::MediaStreamTrackPrivate::Observer::sampleBufferUpdated): Relays to MediaPlayerPrivateMediaStream that
2642         a new SampleBuffer is available to enqueue to the AVSampleBufferDisplayLayer.
2643         * platform/mediastream/RealtimeMediaSource.cpp:
2644         (WebCore::RealtimeMediaSource::mediaDataUpdated): Relays to all observers that a new SampleBuffer is available.
2645         * platform/mediastream/RealtimeMediaSource.h:
2646         * platform/mediastream/mac/AVVideoCaptureSource.mm:
2647         (WebCore::AVVideoCaptureSource::processNewFrame): Calls mediaDataUpdated when a new SampleBuffer is captured.
2648
2649 2016-07-19  Anders Carlsson  <andersca@apple.com>
2650
2651         Get rid of a #define private public hack in WebCore
2652         https://bugs.webkit.org/show_bug.cgi?id=159953
2653
2654         Reviewed by Dan Bernstein.
2655
2656         Use @package instead.
2657
2658         * bindings/objc/DOMInternal.h:
2659         * bindings/objc/DOMObject.h:
2660
2661 2016-07-19  Andreas Kling  <akling@apple.com>
2662
2663         Fix SharedBuffer leak in MockContentFilter::replacementData().
2664         <https://webkit.org/b/159945>
2665
2666         Reviewed by Andy Estes.
2667
2668         Spotted on leaks bot. This code was pretty explicit about how it's going to leak.
2669         Since this is in the mock filter, it only affected layout tests.
2670
2671         * testing/MockContentFilter.cpp:
2672         (WebCore::MockContentFilter::replacementData):
2673
2674 2016-07-19  Zalan Bujtas  <zalan@apple.com>
2675
2676         theguardian.co.uk crossword puzzles are sometimes not displaying text
2677         https://bugs.webkit.org/show_bug.cgi?id=159924
2678         <rdar://problem/27409483>
2679
2680         Reviewed by Simon Fraser.
2681
2682         This patch fixes the case when
2683         - 2 disjoint subtrees are dirty
2684         - RenderView is also dirty.
2685         and we end up not laying out one of the 2 subtrees.
2686
2687         In FrameView::scheduleRelayoutOfSubtree, we assume that when the RenderView is dirty
2688         we already have a pending full layout which means that any previous subtree layouts have already been
2689         converted to full layouts.
2690         However this assumption is incorrect. RenderView can get dirty without checking if there's
2691         already a pending subtree layout.
2692         One option to solve this problem would be to override RenderObject::setNeedsLayout in RenderView
2693         so that when the RenderView gets dirty, we could also convert any pending subtree layout to full layout.
2694         However RenderObject::setNeedsLayout is a hot function and making it virtual would impact performance.
2695         The other option is to always normalize subtree layouts in FrameView::scheduleRelayoutOfSubtree().
2696         This patch implements the second option.
2697
2698         Test: fast/misc/subtree-layouts.html
2699
2700         * page/FrameView.cpp:
2701         (WebCore::FrameView::scheduleRelayoutOfSubtree):
2702
2703 2016-07-19  Anders Carlsson  <andersca@apple.com>
2704
2705         Some payment authorization status values should keep the sheet active
2706         https://bugs.webkit.org/show_bug.cgi?id=159936
2707         rdar://problem/26756701
2708
2709         Reviewed by Tim Horton.
2710
2711         * Modules/applepay/ApplePaySession.cpp:
2712         (WebCore::ApplePaySession::completePayment):
2713         Keep the sheet active if the status isn't a final state status.
2714
2715         * Modules/applepay/PaymentAuthorizationStatus.h:
2716         (WebCore::isFinalStateStatus):
2717         Add a new helper function that returns whether a given payment authorization status is "final",
2718         meaning that once that status has been passed to completePayment, the session is finished.
2719
2720 2016-07-19  Nan Wang  <n_wang@apple.com>
2721
2722         AX: Incorrect behavior for word related text marker functions when there's collapsed whitespace
2723         https://bugs.webkit.org/show_bug.cgi?id=159910
2724
2725         Reviewed by Chris Fleizach.
2726
2727         We are getting a bad CharacterOffset when there's collapsed whitespace. Added a TraverseOptionValidateOffset
2728         option to make sure we are getting the correct CharacterOffset based on the corresponding Range offset. And
2729         fixed a word navigation issue based on that.
2730
2731         Test: accessibility/mac/text-marker-word-nav-collapsed-whitespace.html
2732
2733         * accessibility/AXObjectCache.cpp:
2734         (WebCore::AXObjectCache::traverseToOffsetInRange):
2735         (WebCore::AXObjectCache::rangeForNodeContents):
2736         (WebCore::AXObjectCache::startOrEndCharacterOffsetForRange):
2737         (WebCore::AXObjectCache::characterOffsetFromVisiblePosition):
2738         (WebCore::AXObjectCache::rightWordRange):
2739         (WebCore::AXObjectCache::previousBoundary):
2740         * accessibility/AXObjectCache.h:
2741         (WebCore::AXObjectCache::isNodeInUse):
2742
2743 2016-07-19  Youenn Fablet  <youenn@apple.com>
2744
2745         [Streams API] ReadableStreamController methods should throw if its stream is not readable
2746         https://bugs.webkit.org/show_bug.cgi?id=159871
2747
2748         Reviewed by Xabier Rodriguez-Calvar.
2749
2750         Spec now mandates close and enqueue to throw if ReadableStream is not readable.
2751         Covered by rebased and/or modified tests.
2752
2753         * Modules/streams/ReadableStreamController.js:
2754         (enqueue): Throwing a TypeError if controlled stream is not readable.
2755         (close): Ditto.
2756
2757 2016-07-19  Simon Fraser  <simon.fraser@apple.com>
2758
2759         Bubbles appear split for a brief moment in Messages
2760         https://bugs.webkit.org/show_bug.cgi?id=159915
2761         rdar://problem/27182267
2762
2763         Reviewed by David Hyatt.
2764
2765         RenderView::repaintRootContents() had a long-standing bug in WebView when the
2766         view is scrolled. repaint() uses visualOverflowRect() but, for the 
2767         RenderView, the visualOverflowRect() is the initial containing block
2768         which is anchored at 0,0. When the view is scrolled it's clipped out and
2769         calls to repaintRootContents() have no effect.
2770         
2771         Change repaintRootContents() to use layoutOverflowRect(). ScrollView::repaintContentRectangle()
2772         will clip it to the view if necessary.
2773
2774         Test: fast/repaint/scrolled-view-full-repaint.html
2775
2776         * rendering/RenderView.cpp:
2777         (WebCore::RenderView::repaintRootContents):
2778
2779 2016-07-19  Dan Bernstein  <mitz@apple.com>
2780
2781         <rdar://problem/27420308> WebCore-7602.1.42 fails to build: error: unused parameter 'vm'
2782
2783         * bindings/js/JSDOMGlobalObject.cpp:
2784         (WebCore::JSDOMGlobalObject::addBuiltinGlobals): Fixed the !ENABLE(STREAMS_API) build.
2785
2786 2016-07-19  Youenn Fablet  <youenn@apple.com>
2787
2788         [Streams API] Make ReadableStream properties not enumerable
2789         https://bugs.webkit.org/show_bug.cgi?id=159868
2790
2791         Reviewed by Darin Adler.
2792
2793         Covered by rebased tests.
2794
2795         Uopdating IDL definitions to mark all functions/attributes as not enumerable.
2796         Updating IDL constructor definitions to correctly compute constructor length.
2797         Updating built-in implementation to correctly compute pipeTo length to 1 (second parameter being optional).
2798
2799         * Modules/streams/ReadableStream.idl:
2800         * Modules/streams/ReadableStream.js:
2801         * Modules/streams/ReadableStreamController.idl:
2802         * Modules/streams/ReadableStreamReader.idl:
2803
2804 2016-07-19  Chris Dumez  <cdumez@apple.com>
2805
2806         form.enctype / encoding / method should treat null as "null" string
2807         https://bugs.webkit.org/show_bug.cgi?id=159916
2808
2809         Reviewed by Ryosuke Niwa.
2810
2811         form.enctype / encoding / method should treat null as "null" string:
2812         - https://html.spec.whatwg.org/multipage/forms.html#htmlformelement
2813
2814         Previously, WebKit would treat null as the null String, which would
2815         end up removing the existing attribute.
2816
2817         Firefox and Chrome match the specification.
2818
2819         Test: fast/dom/HTMLFormElement/null-handling.html
2820
2821         * html/HTMLFormElement.h:
2822         * html/HTMLFormElement.idl:
2823
2824 2016-07-18  Csaba Osztrogon√°c  <ossy@webkit.org>
2825
2826         All-in-one buildfix after r202439
2827         https://bugs.webkit.org/show_bug.cgi?id=159877
2828
2829         Reviewed by Chris Dumez.
2830
2831         * Modules/webaudio/AudioDestinationNode.h:
2832         (WebCore::AudioDestinationNode::resume):
2833         (WebCore::AudioDestinationNode::suspend):
2834         (WebCore::AudioDestinationNode::close):
2835
2836 2016-07-18  Frederic Wang  <fwang@igalia.com>
2837
2838         Move parsing of subscriptshift and superscriptshift from rendering to element classes
2839         https://bugs.webkit.org/show_bug.cgi?id=159622
2840
2841         Reviewed by Darin Adler.
2842
2843         We introduce a new MathMLScriptsElement that is used for elements msub, msup, msubsup and
2844         mmultiscripts in order to create RenderMathMLScripts and parse and expose the values of the
2845         subscriptshift and superscriptshift attributes. This is one more step toward moving MathML
2846         attribute parsing to the DOM (bug 156536).
2847
2848         No new tests, rendering is unchanged.
2849
2850         * CMakeLists.txt: Add MathMLScriptsElement files.
2851         * WebCore.xcodeproj/project.pbxproj: Ditto.
2852         * mathml/MathMLAllInOne.cpp: Ditto.
2853         * mathml/MathMLInlineContainerElement.cpp: Remove handling of scripts.
2854         (WebCore::MathMLInlineContainerElement::createElementRenderer): Deleted.
2855         * mathml/MathMLScriptsElement.cpp: Added. New class to handle scripted elements supporting
2856         parsing for the subscriptshift and superscriptshift MathML lengths.
2857         (WebCore::MathMLScriptsElement::MathMLScriptsElement):
2858         (WebCore::MathMLScriptsElement::create):
2859         (WebCore::MathMLScriptsElement::subscriptShift): Expose the cached length for the shift,
2860         parsing the attribute again if necessary.
2861         (WebCore::MathMLScriptsElement::superscriptShift): Ditto.
2862         (WebCore::MathMLScriptsElement::parseAttribute): Mark attributes dirty.
2863         (WebCore::MathMLScriptsElement::createElementRenderer): Create RenderMathMLScripts.
2864         * mathml/MathMLScriptsElement.h: Ditto.
2865         * mathml/mathtags.in: Map msub, msup, msubsup and mmultiscripts to MathMLScriptsElement.
2866         * rendering/mathml/RenderMathMLScripts.cpp:
2867         (WebCore::RenderMathMLScripts::scriptsElement): Helper function to cast the node to a
2868         MathMLScriptsElement.
2869         (WebCore::RenderMathMLScripts::getScriptMetricsAndLayoutIfNeeded): Resolve the attributes
2870         using the functions from the MathMLScriptsElement class.
2871         * rendering/mathml/RenderMathMLScripts.h: Declare scriptsElement.
2872
2873 2016-07-18  Frederic Wang  <fwang@igalia.com>
2874
2875         Do not store gap and shift parameters on RenderMathMLFraction
2876         https://bugs.webkit.org/show_bug.cgi?id=159876
2877
2878         Reviewed by Darin Adler.
2879
2880         After r203285, the stack and fraction layout parameters are only used in layoutBlock so we
2881         do not need to store them on the class. We remove them and split updateLayoutParameters into
2882         three functions: one to update the linethickness and two others to retrieve the fraction and
2883         stack respectively.
2884
2885         No new tests, rendering is unchanged.
2886
2887         * rendering/mathml/RenderMathMLFraction.cpp:
2888         (WebCore::RenderMathMLFraction::updateLineThickness): Move code to update thickness members here.
2889         (WebCore::RenderMathMLFraction::getFractionParameters): Move code to retrieve fraction parameters here.
2890         (WebCore::RenderMathMLFraction::getStackParameters): Move code to retrieve stack parameters here.
2891         (WebCore::RenderMathMLFraction::layoutBlock): Use the new helper functions and local variables
2892         for fraction and stack parameters.
2893         (WebCore::RenderMathMLFraction::updateLayoutParameters): Deleted.
2894         * rendering/mathml/RenderMathMLFraction.h: Declare new helper functions and remove members
2895         for stack and fraction parameters.
2896
2897 2016-07-18  Chris Dumez  <cdumez@apple.com>
2898
2899         input.formEnctype / formMethod and button.formEnctype / formMethod / type should treat null as "null"
2900         https://bugs.webkit.org/show_bug.cgi?id=159908
2901
2902         Reviewed by Alex Christensen.
2903
2904         input.formEnctype / formMethod and button.formEnctype / formMethod / type
2905         should treat null as "null" String:
2906         - https://html.spec.whatwg.org/multipage/forms.html#htmlinputelement
2907         - https://html.spec.whatwg.org/multipage/forms.html#htmlbuttonelement
2908
2909         In WebKit, we would treat null as a null String which would end up
2910         removing the corresponding attribute. This does not match the
2911         specification. Firefox and Chrome match the specification here.
2912
2913         Tests:
2914         - fast/dom/HTMLButtonElement/null-handling.html
2915         - fast/dom/HTMLInputElement/null-handling.html
2916
2917         * html/HTMLButtonElement.idl:
2918         * html/HTMLInputElement.idl:
2919
2920 2016-07-18  Alex Christensen  <achristensen@webkit.org>
2921
2922         webbookmarksd needs to use the same AppCache directory as MobileSafari
2923         https://bugs.webkit.org/show_bug.cgi?id=159912
2924
2925         Reviewed by Alexey Proskuryakov.
2926
2927         No new tests.  This only changes behavior for webbookmarksd.
2928
2929         * platform/RuntimeApplicationChecks.h:
2930         * platform/RuntimeApplicationChecks.mm:
2931         (WebCore::IOSApplication::isWebBookmarksD): Added.
2932
2933 2016-07-18  Chris Dumez  <cdumez@apple.com>
2934
2935         EventTarget.dispatchEvent() parameter should not be nullable
2936         https://bugs.webkit.org/show_bug.cgi?id=159897
2937
2938         Reviewed by Benjamin Poulain.
2939
2940         EventTarget.dispatchEvent() parameter should not be nullable:
2941         - https://dom.spec.whatwg.org/#interface-eventtarget
2942
2943         Even though the parameter was marked as nullable in our IDL, our
2944         implementation does a null check and we already throw a TypeError
2945         when calling dispatchEvent(null).
2946
2947         Update our IDL so that it matches the specification and so that
2948         the null check is generated in the bindings instead.
2949
2950         No new tests, rebaseline existing tests.
2951
2952         * dom/EventTarget.cpp:
2953         (WebCore::EventTarget::dispatchEventForBindings):
2954         * dom/EventTarget.h:
2955         * dom/EventTarget.idl:
2956
2957 2016-07-18  Chris Dumez  <cdumez@apple.com>
2958
2959         DocType's publicId / systemId should not be nullable
2960         https://bugs.webkit.org/show_bug.cgi?id=159901
2961
2962         Reviewed by Benjamin Poulain.
2963
2964         DocType's publicId / systemId should not be nullable. While they were
2965         not marked as nullable in our IDL, they could be stored as null Strings
2966         in our implementation depending on how the Node was constructed. This
2967         led to subtle bugs where String() != emptyString().
2968
2969         In particular, Node.isEqualNode() would return false when DocumentType
2970         nodes would mismatch because of their publicId / systemId being null
2971         instead of the emptyString.
2972
2973         Serialization would DocumentType nodes would also be wrong when
2974         publicId / systemId were empty Strings instead of null strings. The
2975         new behavior now matches:
2976         - https://www.w3.org/TR/DOM-Parsing/#dfn-concept-serialize-doctype (steps 7-9)
2977
2978         To address these issues, we now always store publicId / systemId as
2979         non-null Strings inside the DocumentType class.
2980
2981         Test: fast/dom/DocumentType/isEqualNode.html
2982
2983         * dom/DocumentType.cpp:
2984         (WebCore::DocumentType::DocumentType):
2985         * editing/MarkupAccumulator.cpp:
2986         (WebCore::MarkupAccumulator::appendDocumentType):
2987
2988 2016-07-18  Jeremy Jones  <jeremyj@apple.com>
2989
2990         If previous media session interruptions were prevented, still allow subsequent interruptions to try.
2991         https://bugs.webkit.org/show_bug.cgi?id=157553
2992         rdar://problem/25740804
2993
2994         Reviewed by Eric Carlson.
2995
2996         Test: platform/ios-simulator/media/video-interruption-suspendunderlock.html
2997
2998         When suspending under lock on iOS, there is first a resign active event, then a
2999         suspend under lock. PiP prevents resign active from interrupting playback. But it should allow the
3000         suspend under lock to interrupt playback.
3001
3002         Currently if there are nested interruptions only the first one is acted upon.
3003
3004         This change allows subsequent, nested interruptions to have a chance to interrupt playback if the
3005         previous interruptions were ignored.
3006
3007         This test is for iPad only, so it must be run manually.
3008
3009         * html/HTMLMediaElement.cpp:
3010         (WebCore::HTMLMediaElement::shouldOverrideBackgroundPlaybackRestriction):
3011         * platform/audio/PlatformMediaSession.cpp:
3012         (WebCore::PlatformMediaSession::beginInterruption):
3013         * testing/Internals.cpp:
3014         (WebCore::Internals::beginMediaSessionInterruption):
3015
3016 2016-07-18  Brent Fulgham  <bfulgham@apple.com>
3017
3018         Don't associate form-associated elements with forms in other trees.
3019         https://bugs.webkit.org/show_bug.cgi?id=119451
3020         <rdar://problem/27382946>
3021
3022         Change is based on the Blink change (patch by <adamk@chromium.org>):
3023         <https://chromium.googlesource.com/chromium/blink/+/0b33128be67e7845d495d5219614c02ccfe7a414>
3024
3025         Reviewed by Chris Dumez.
3026
3027         Prevent elements from being associated with forms that are not part of the same home subtree.
3028         This brings us in line with the WhatWG HTML specification as of September, 2013.
3029
3030         Tests: fast/forms/image-disconnected-during-parse.html
3031                fast/forms/input-disconnected-during-parse.html
3032
3033         * dom/Element.h:
3034         (WebCore::Node::rootElement): Added.
3035         * html/FormAssociatedElement.cpp:
3036         (WebCore::FormAssociatedElement::insertedInto): If the element is associated with a form that
3037         is not part of the same tree, remove the association.
3038         * html/HTMLImageElement.cpp:
3039         (WebCore::HTMLImageElement::insertedInto): Ditto.
3040
3041 2016-07-18  Anders Carlsson  <andersca@apple.com>
3042
3043         WebKit nightly fails to build on macOS Sierra
3044         https://bugs.webkit.org/show_bug.cgi?id=159902
3045         rdar://problem/27365672
3046
3047         Reviewed by Tim Horton.
3048
3049         * Modules/applepay/cocoa/PaymentCocoa.mm:
3050         * Modules/applepay/cocoa/PaymentContactCocoa.mm:
3051         * Modules/applepay/cocoa/PaymentMerchantSessionCocoa.mm:
3052         * Modules/applepay/cocoa/PaymentMethodCocoa.mm:
3053         Use new PassKitSPI header.
3054
3055         * WebCore.xcodeproj/project.pbxproj:
3056         Add new PassKitSPI header.
3057
3058         * icu/unicode/ucurr.h: Added.
3059         Add ucurr.h from ICU.
3060
3061         * platform/spi/cocoa/PassKitSPI.h: Added.
3062         Add new PassKitSPI header.
3063
3064 2016-07-18  Dean Jackson  <dino@apple.com>
3065
3066         REGRESSION (r202950): Image zoom animations are broken at medium.com (159861)
3067         https://bugs.webkit.org/show_bug.cgi?id=159906
3068         <rdar://problem/27391725>
3069
3070         Reviewed by Simon Fraser.
3071
3072         The fix for webkit.org/b/157569 in r200769 broke AMP pages.
3073         The followup fix for webkit.org/b/159450 in r202950 broke Medium pages.
3074
3075         Revert them both until we have better testing.
3076
3077         * css/CSSParser.cpp:
3078         (WebCore::CSSParser::addPropertyWithPrefixingVariant):
3079         (WebCore::CSSParser::parseValue):
3080         (WebCore::CSSParser::parseAnimationShorthand):
3081         (WebCore::CSSParser::parseTransitionShorthand): Deleted.
3082         * css/CSSPropertyNames.in:
3083         * css/PropertySetCSSStyleDeclaration.cpp:
3084         (WebCore::PropertySetCSSStyleDeclaration::getPropertyCSSValue):
3085         (WebCore::PropertySetCSSStyleDeclaration::getPropertyValue):
3086         (WebCore::PropertySetCSSStyleDeclaration::getPropertyCSSValueInternal):
3087         (WebCore::PropertySetCSSStyleDeclaration::getPropertyValueInternal):
3088         * css/StyleProperties.cpp:
3089         (WebCore::MutableStyleProperties::removeShorthandProperty):
3090         (WebCore::MutableStyleProperties::removeProperty):
3091         (WebCore::MutableStyleProperties::removePrefixedOrUnprefixedProperty):
3092         (WebCore::MutableStyleProperties::setProperty):
3093         (WebCore::getIndexInShorthandVectorForPrefixingVariant):
3094         (WebCore::MutableStyleProperties::appendPrefixingVariantProperty):
3095         (WebCore::MutableStyleProperties::setPrefixingVariantProperty):
3096         (WebCore::StyleProperties::asText): Deleted.
3097         * css/StyleProperties.h:
3098
3099 2016-07-18  Andreas Kling  <akling@apple.com>
3100
3101         There should be a way to simulate memory pressure in layout tests
3102         <https://webkit.org/b/159743>
3103
3104         Reviewed by Simon Fraser.
3105
3106         Add three window.internal APIs:
3107
3108             - boolean isUnderMemoryPressure (readonly attribute)
3109             - void beginSimulatedMemoryPressure()
3110             - void endSimulatedMemoryPressure()
3111
3112         These make it possible to write tests that exercise behaviors that only
3113         occur during memory pressure situations.
3114
3115         I also implemented the "org.WebKit.lowMemory" notification handler using the new API.
3116
3117         Test: memory/memory-pressure-simulation.html
3118
3119         * platform/MemoryPressureHandler.cpp:
3120         (WebCore::MemoryPressureHandler::beginSimulatedMemoryPressure):
3121         (WebCore::MemoryPressureHandler::endSimulatedMemoryPressure):
3122         * platform/MemoryPressureHandler.h:
3123         (WebCore::MemoryPressureHandler::isUnderMemoryPressure):
3124         * platform/cocoa/MemoryPressureHandlerCocoa.mm:
3125         (WebCore::MemoryPressureHandler::platformReleaseMemory):
3126         (WebCore::MemoryPressureHandler::install):
3127         * testing/Internals.cpp:
3128         (WebCore::Internals::isUnderMemoryPressure):
3129         (WebCore::Internals::beginSimulatedMemoryPressure):
3130         (WebCore::Internals::endSimulatedMemoryPressure):
3131         * testing/Internals.h:
3132         * testing/Internals.idl:
3133
3134 2016-07-18  Said Abou-Hallawa  <sabouhallawa@apple,com>
3135
3136         [iOS] PDFDocumentImage should cache only a sub image of the PDF when caching the whole image is expensive
3137         https://bugs.webkit.org/show_bug.cgi?id=158715
3138
3139         Reviewed by Dean Jackson.
3140
3141         Test: fast/images/displaced-non-cached-pdf.html
3142
3143         For iOS, we need to ensure the size of the cached PDF images will not
3144         exceed some limit. Also we should be caching only a sub image of the PDF
3145         if caching the whole image will exceed the memory limit.
3146
3147         * page/Settings.cpp:
3148         (WebCore::Settings::Settings):
3149         (WebCore::Settings::setCachedPDFImageEnabled):
3150         * page/Settings.h:
3151         (WebCore::Settings::isCachedPDFImageEnabled):
3152             Add an option to disable caching the PDF images.
3153
3154         * platform/graphics/cg/PDFDocumentImage.cpp:
3155         (WebCore::PDFDocumentImage::setCachedPDFImageEnabled):
3156             Allow the caller of draw() to disable caching the PDF images.
3157         
3158         (WebCore::PDFDocumentImage::cacheParametersMatch):
3159             Match the context dirty rectangle with the cached image rectangle.
3160         
3161         (WebCore::transformContextForPainting):
3162             When preparing the context for drawing the PDF, take the location 
3163             of the destination rectangle into account. We do not need to scale
3164             the location of the source rectangle because we scale the size of
3165             the rectangle but we don't scale the whole coordinate system.
3166
3167         (WebCore::cachedImageRect):
3168             Calculate the rectangle of the cached image such that it does not
3169             exceed the limit. Start from the center of the dirty rectangle and
3170             then expand around it.
3171             
3172         (WebCore::PDFDocumentImage::decodedSizeChanged):
3173             In addition to notifying the ImageObserver, it keeps track of the size
3174             of all the cached PDF images.
3175
3176         (WebCore::PDFDocumentImage::updateCachedImageIfNeeded):
3177             Ensure the size of all the cached images does not exceed the limit
3178             
3179         (WebCore::PDFDocumentImage::destroyDecodedData):
3180         * platform/graphics/cg/PDFDocumentImage.h:
3181
3182         * rendering/RenderImage.cpp:
3183         (WebCore::RenderImage::paintIntoRect):
3184             Pass the option to disable caching the PDF images to PDFDocumentImage.
3185
3186         * testing/InternalSettings.cpp:
3187         (WebCore::InternalSettings::Backup::Backup):
3188         (WebCore::InternalSettings::Backup::restoreTo):
3189         (WebCore::InternalSettings::setCachedPDFImageEnabled):
3190         * testing/InternalSettings.h:
3191         * testing/InternalSettings.idl:
3192             Add an internal option to disable caching the PDF images.
3193
3194 2016-07-18  Chris Dumez  <cdumez@apple.com>
3195
3196         The 2 first parameters to addEventListener() / removeEventListener() should be mandatory
3197         https://bugs.webkit.org/show_bug.cgi?id=158008
3198
3199         Reviewed by Darin Adler.
3200
3201         The 2 first parameters to addEventListener() / removeEventListener() should be
3202         mandatory:
3203         - https://dom.spec.whatwg.org/#interface-eventtarget
3204
3205         Firefox 46 and Chrome 50 both match the specification and throw an exception when those
3206         parameters are omitted. However, those parameters were marked as optional in WebKit and
3207         the calls were no-ops if those parameters were omitted. This patch aligns our behavior
3208         with the specification and other browsers.
3209
3210         Test: fast/dom/eventtarget-api-parameters.html
3211
3212         * bindings/scripts/CodeGeneratorJS.pm:
3213         (GetFunctionLength): Deleted.
3214         * dom/EventTarget.idl:
3215
3216 2016-07-18  Brent Fulgham  <bfulgham@apple.com>
3217
3218         Unreviewed, rolling out r203373.
3219
3220         Unaddressed
3221
3222         Reverted changeset:
3223
3224         "Don't associate form-associated elements with forms in other
3225         trees."
3226         https://bugs.webkit.org/show_bug.cgi?id=119451
3227         http://trac.webkit.org/changeset/203373
3228
3229 2016-07-18  Brent Fulgham  <bfulgham@apple.com>
3230
3231         Don't associate form-associated elements with forms in other trees.
3232         https://bugs.webkit.org/show_bug.cgi?id=119451
3233         <rdar://problem/27382946>
3234
3235         Change is based on the Blink change (patch by <adamk@chromium.org>):
3236         <https://chromium.googlesource.com/chromium/blink/+/0b33128be67e7845d495d5219614c02ccfe7a414>
3237
3238         Reviewed by Zalan Bujtas.
3239
3240         Prevent elements from being associated with forms that are not part of the same home subtree.
3241         This brings us in line with the WhatWG HTML specification as of September, 2013.
3242
3243         Tests: fast/forms/image-disconnected-during-parse.html
3244                fast/forms/input-disconnected-during-parse.html
3245
3246         * dom/NodeTraversal.h:
3247         (WebCore::NodeTraversal::highestAncestorOrSelf): Added.
3248         * html/FormAssociatedElement.cpp:
3249         (WebCore::FormAssociatedElement::insertedInto): If the element is associated with a form that
3250         is not part of the same tree, remove the association.
3251         * html/HTMLImageElement.cpp:
3252         (WebCore::HTMLImageElement::insertedInto): Ditto.
3253
3254 2016-07-18  George Ruan  <gruan@apple.com>
3255
3256         Move MediaSampleAVFObjC into its own file
3257         https://bugs.webkit.org/show_bug.cgi?id=159796
3258         <rdar://problem/27362488>
3259
3260         In preparation for a feature that uses MediaSampleAVFObjC, but does
3261         not need SourceBufferPrivateAVFObjC, it is beneficial to move
3262         MediaSampleAVFObjC to its own file.
3263
3264         Reviewed by Eric Carlson.
3265
3266         * WebCore.xcodeproj/project.pbxproj:
3267         * platform/MediaSample.h: Allow setting trackID to associate
3268         MediaSample id with MediaStreamTrackPrivate id.
3269         * platform/graphics/avfoundation/MediaSampleAVFObjC.h: Added.
3270         * platform/graphics/avfoundation/objc/MediaSampleAVFObjC.mm: Moved
3271         from MediaSampleAVFObjC
3272         (WebCore::MediaSampleAVFObjC::presentationTime):
3273         (WebCore::MediaSampleAVFObjC::decodeTime):
3274         (WebCore::MediaSampleAVFObjC::duration):
3275         (WebCore::MediaSampleAVFObjC::sizeInBytes):
3276         (WebCore::MediaSampleAVFObjC::platformSample):
3277         (WebCore::CMSampleBufferIsRandomAccess):
3278         (WebCore::MediaSampleAVFObjC::flags):
3279         (WebCore::MediaSampleAVFObjC::presentationSize):
3280         (WebCore::MediaSampleAVFObjC::dump):
3281         (WebCore::MediaSampleAVFObjC::offsetTimestampsBy):
3282         (WebCore::MediaSampleAVFObjC::setTimestamps):
3283         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
3284         Moved MediaSampleAVFObjC to its own file.
3285         (WebCore::MediaSampleAVFObjC::platformSample): Deleted.
3286         (WebCore::CMSampleBufferIsRandomAccess): Deleted.
3287         (WebCore::MediaSampleAVFObjC::flags): Deleted.
3288         (WebCore::MediaSampleAVFObjC::presentationSize): Deleted.
3289         (WebCore::MediaSampleAVFObjC::dump): Deleted.
3290         (WebCore::MediaSampleAVFObjC::offsetTimestampsBy): Deleted.
3291         (WebCore::MediaSampleAVFObjC::setTimestamps): Deleted.
3292         * platform/mock/mediasource/MockSourceBufferPrivate.cpp:
3293
3294 2016-07-18  Eric Carlson  <eric.carlson@apple.com>
3295
3296         [MSE][Mac] Pass AVSampleBufferDisplayLayer HDCP status to a newly created key session
3297         https://bugs.webkit.org/show_bug.cgi?id=159812
3298         <rdar://problem/27371624>
3299
3300         Reviewed by Jon Lee.
3301
3302         No new tests, it isn't possible to test this with our current testing infrastructure.
3303
3304         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.h:
3305         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
3306         (WebCore::SourceBufferPrivateAVFObjC::setCDMSession): Call layerDidReceiveError if there has
3307         been an HDCP error.
3308         (WebCore::SourceBufferPrivateAVFObjC::rendererDidReceiveError): Remember an HDCP error.
3309
3310 2016-07-18  Yoav Weiss  <yoav@yoav.ws>
3311
3312         Add preload to features.json
3313         https://bugs.webkit.org/show_bug.cgi?id=159872
3314
3315         Reviewed by Darin Adler.
3316
3317         No new tests but no functional change.
3318
3319         * features.json:
3320
3321 2016-07-18  Youenn Fablet  <youenn@apple.com>
3322
3323         [Streams API] ReadableStream should throw a RangeError in case of NaN highWaterMark
3324         https://bugs.webkit.org/show_bug.cgi?id=159870
3325
3326         Reviewed by Xabier Rodriguez-Calvar.
3327
3328         Covered by rebased test.
3329
3330         * Modules/streams/StreamInternals.js:
3331         (validateAndNormalizeQueuingStrategy): Throwing a RangeError in lieu of a TypeError in case of NaN highWaterMark.
3332
3333 2016-07-18  Csaba Osztrogon√°c  <ossy@webkit.org>
3334
3335         Windows buildfix after r203338
3336         https://bugs.webkit.org/show_bug.cgi?id=159875
3337
3338         Unreviewed buildfix.
3339
3340         * dom/UserGestureIndicator.h:
3341         (WebCore::UserGestureToken::addDestructionObserver):
3342
3343 2016-07-18  Carlos Garcia Campos  <cgarcia@igalia.com>
3344
3345         MemoryPressureHandler doesn't work if cgroups aren't present in Linux
3346         https://bugs.webkit.org/show_bug.cgi?id=155255
3347
3348         Reviewed by Sergio Villar Senin.
3349
3350         Allow to pass an eventFD file descriptor to the MemoryPressureHandler to be monitorized in case cgroups are not
3351         available.
3352
3353         * platform/MemoryPressureHandler.h:
3354         * platform/linux/MemoryPressureHandlerLinux.cpp:
3355
3356 2016-07-17  Gyuyoung Kim  <gyuyoung.kim@webkit.org>
3357
3358         Clean up PassRefPtr uses in Modules/encryptedmedia, Modules/speech, and Modules/quota
3359         https://bugs.webkit.org/show_bug.cgi?id=159701
3360
3361         Reviewed by Alex Christensen.
3362
3363         No new tests, no behavior changes.
3364
3365         * Modules/encryptedmedia/CDM.h:
3366         * Modules/encryptedmedia/MediaKeySession.h:
3367         * Modules/encryptedmedia/MediaKeys.h:
3368         * Modules/quota/DOMWindowQuota.cpp:
3369         * Modules/quota/StorageErrorCallback.cpp:
3370         (WebCore::StorageErrorCallback::CallbackTask::CallbackTask):
3371         * Modules/quota/StorageErrorCallback.h:
3372         * Modules/quota/StorageInfo.h:
3373         * Modules/quota/StorageQuota.h:
3374         * Modules/speech/DOMWindowSpeechSynthesis.cpp:
3375         * Modules/speech/SpeechSynthesis.cpp:
3376         (WebCore::SpeechSynthesis::getVoices):
3377         (WebCore::SpeechSynthesis::startSpeakingImmediately):
3378         (WebCore::SpeechSynthesis::speak):
3379         (WebCore::SpeechSynthesis::cancel):
3380         (WebCore::SpeechSynthesis::handleSpeakingCompleted):
3381         (WebCore::SpeechSynthesis::boundaryEventOccurred):
3382         (WebCore::SpeechSynthesis::didStartSpeaking):
3383         (WebCore::SpeechSynthesis::didPauseSpeaking):
3384         (WebCore::SpeechSynthesis::didResumeSpeaking):
3385         (WebCore::SpeechSynthesis::didFinishSpeaking):
3386         (WebCore::SpeechSynthesis::speakingErrorOccurred):
3387         * Modules/speech/SpeechSynthesis.h:
3388         * Modules/speech/SpeechSynthesisEvent.h:
3389         * Modules/speech/SpeechSynthesisUtterance.h:
3390         * Modules/speech/SpeechSynthesisVoice.cpp:
3391         (WebCore::SpeechSynthesisVoice::create):
3392         (WebCore::SpeechSynthesisVoice::SpeechSynthesisVoice):
3393         * Modules/speech/SpeechSynthesisVoice.h:
3394         * platform/PlatformSpeechSynthesizer.h:
3395         * platform/efl/PlatformSpeechSynthesisProviderEfl.cpp:
3396         (WebCore::PlatformSpeechSynthesisProviderEfl::fireSpeechEvent):
3397         * platform/mock/PlatformSpeechSynthesizerMock.cpp:
3398         (WebCore::PlatformSpeechSynthesizerMock::speakingFinished):
3399         (WebCore::PlatformSpeechSynthesizerMock::speak):
3400         (WebCore::PlatformSpeechSynthesizerMock::cancel):
3401         (WebCore::PlatformSpeechSynthesizerMock::pause):
3402         (WebCore::PlatformSpeechSynthesizerMock::resume):
3403
3404 2016-07-16  Sam Weinig  <sam@webkit.org>
3405
3406         [WebKit API] Add SPI to track multiple navigations caused by a single user gesture
3407         <rdar://problem/26554137>
3408         https://bugs.webkit.org/show_bug.cgi?id=159856
3409
3410         Reviewed by Dan Bernstein.
3411
3412         - Adds a new RefCounted object to represent a unique user gesture, called UserGestureToken.
3413         - Makes UserGestureIndicator track UserGestureToken.
3414         - Refines UserGestureIndicator's interface to use Optional and a smaller enum set
3415           to represent the different initial states.
3416         - Stores UserGestureTokens on objects that want to forward user gesture state (DOMTimer, 
3417           postMessage, and ScheduledNavigation) rather than just a boolean.
3418
3419         * accessibility/AccessibilityNodeObject.cpp:
3420         (WebCore::AccessibilityNodeObject::increment):
3421         (WebCore::AccessibilityNodeObject::decrement):
3422         * accessibility/AccessibilityObject.cpp:
3423         (WebCore::AccessibilityObject::press):
3424         * bindings/js/ScriptController.cpp:
3425         (WebCore::ScriptController::executeScriptInWorld):
3426         (WebCore::ScriptController::executeScript):
3427         Update for new UserGestureIndicator interface.
3428
3429         * dom/UserGestureIndicator.cpp:
3430         (WebCore::currentToken):
3431         (WebCore::UserGestureToken::~UserGestureToken):
3432         (WebCore::UserGestureIndicator::UserGestureIndicator):
3433         (WebCore::UserGestureIndicator::~UserGestureIndicator):
3434         (WebCore::UserGestureIndicator::currentUserGesture):
3435         (WebCore::UserGestureIndicator::processingUserGesture):
3436         (WebCore::UserGestureIndicator::processingUserGestureForMedia):
3437         (WebCore::isDefinite): Deleted.
3438         * dom/UserGestureIndicator.h:
3439         (WebCore::UserGestureToken::create):
3440         (WebCore::UserGestureToken::state):
3441         (WebCore::UserGestureToken::processingUserGesture):
3442         (WebCore::UserGestureToken::processingUserGestureForMedia):
3443         (WebCore::UserGestureToken::addDestructionObserver):
3444         (WebCore::UserGestureToken::UserGestureToken):
3445         Add UserGestureToken and track the current one explicitly.
3446
3447         * html/HTMLMediaElement.cpp:
3448         (WebCore::HTMLMediaElement::didReceiveRemoteControlCommand):
3449         * inspector/InspectorFrontendClientLocal.cpp:
3450         (WebCore::InspectorFrontendClientLocal::openInNewTab):
3451         * inspector/InspectorFrontendHost.cpp:
3452         * inspector/InspectorPageAgent.cpp:
3453         (WebCore::InspectorPageAgent::navigate):
3454         Update for new UserGestureIndicator interface.
3455
3456         * loader/NavigationAction.cpp:
3457         (WebCore::NavigationAction::NavigationAction):
3458         * loader/NavigationAction.h:
3459         (WebCore::NavigationAction::userGestureToken):
3460         (WebCore::NavigationAction::processingUserGesture):
3461         * loader/NavigationScheduler.cpp:
3462         (WebCore::ScheduledNavigation::ScheduledNavigation):
3463         (WebCore::ScheduledNavigation::~ScheduledNavigation):
3464         (WebCore::ScheduledNavigation::lockBackForwardList):
3465         (WebCore::ScheduledNavigation::wasDuringLoad):
3466         (WebCore::ScheduledNavigation::isLocationChange):
3467         (WebCore::ScheduledNavigation::userGestureToForward):
3468         (WebCore::ScheduledNavigation::clearUserGesture):
3469         (WebCore::NavigationScheduler::mustLockBackForwardList):
3470         (WebCore::NavigationScheduler::scheduleFormSubmission):
3471         (WebCore::ScheduledNavigation::wasUserGesture): Deleted.
3472         * page/DOMTimer.cpp:
3473         (WebCore::shouldForwardUserGesture):
3474         (WebCore::userGestureTokenToForward):
3475         (WebCore::DOMTimer::DOMTimer):
3476         (WebCore::DOMTimer::fired):
3477         * page/DOMTimer.h:
3478         * page/DOMWindow.cpp:
3479         (WebCore::PostMessageTimer::PostMessageTimer):
3480         Store the active UserGestureToken rather than just a bit.
3481
3482         * page/EventHandler.cpp:
3483         (WebCore::EventHandler::handleMousePressEvent):
3484         (WebCore::EventHandler::handleMouseDoubleClickEvent):
3485         (WebCore::EventHandler::handleMouseReleaseEvent):
3486         (WebCore::EventHandler::keyEvent):
3487         (WebCore::EventHandler::handleTouchEvent):
3488         * rendering/HitTestResult.cpp:
3489         (WebCore::HitTestResult::toggleMediaFullscreenState):
3490         (WebCore::HitTestResult::enterFullscreenForVideo):
3491         (WebCore::HitTestResult::toggleEnhancedFullscreenForVideo):
3492         Update for new UserGestureIndicator interface.
3493
3494 2016-07-17  Ryosuke Niwa  <rniwa@webkit.org>
3495
3496         Rename fastHasAttribute to hasAttributeWithoutSynchronization
3497         https://bugs.webkit.org/show_bug.cgi?id=159864
3498
3499         Reviewed by Chris Dumez.
3500
3501         Renamed Rename fastHasAttribute to hasAttributeWithoutSynchronization for clarity.
3502
3503         * accessibility/AccessibilityListBoxOption.cpp:
3504         (WebCore::AccessibilityListBoxOption::isEnabled):
3505         * accessibility/AccessibilityObject.cpp:
3506         (WebCore::AccessibilityObject::hasAttribute):
3507         (WebCore::AccessibilityObject::getAttribute):
3508         * accessibility/AccessibilityRenderObject.cpp:
3509         (WebCore::AccessibilityRenderObject::determineAccessibilityRole):
3510         * bindings/scripts/CodeGenerator.pm:
3511         (GetterExpression):
3512         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
3513         * bindings/scripts/test/JS/JSTestObj.cpp:
3514         (WebCore::jsTestObjReflectedBooleanAttr):
3515         (WebCore::jsTestObjReflectedCustomBooleanAttr):
3516         * bindings/scripts/test/ObjC/DOMTestObj.mm:
3517         (-[DOMTestObj reflectedBooleanAttr]):
3518         (-[DOMTestObj setReflectedBooleanAttr:]):
3519         (-[DOMTestObj reflectedCustomBooleanAttr]):
3520         (-[DOMTestObj setReflectedCustomBooleanAttr:]):
3521         * dom/Document.cpp:
3522         (WebCore::Document::hasManifest):
3523         (WebCore::Document::doctype):
3524         * dom/Element.h:
3525         (WebCore::Node::parentElement):
3526         (WebCore::Element::hasAttributeWithoutSynchronization):
3527         (WebCore::Element::fastHasAttribute): Deleted.
3528         * editing/ApplyStyleCommand.cpp:
3529         (WebCore::ApplyStyleCommand::removeEmbeddingUpToEnclosingBlock):
3530         * editing/DeleteSelectionCommand.cpp:
3531         (WebCore::DeleteSelectionCommand::makeStylingElementsDirectChildrenOfEditableRootToPreventStyleLoss):
3532         * editing/markup.cpp:
3533         (WebCore::createMarkupInternal):
3534         * html/ColorInputType.cpp:
3535         (WebCore::ColorInputType::shouldShowSuggestions):
3536         * html/FileInputType.cpp:
3537         (WebCore::FileInputType::handleDOMActivateEvent):
3538         (WebCore::FileInputType::receiveDroppedFiles):
3539         * html/FormAssociatedElement.cpp:
3540         (WebCore::FormAssociatedElement::didMoveToNewDocument):
3541         (WebCore::FormAssociatedElement::insertedInto):
3542         (WebCore::FormAssociatedElement::removedFrom):
3543         (WebCore::FormAssociatedElement::formAttributeChanged):
3544         * html/FormController.cpp:
3545         (WebCore::ownerFormForState):
3546         * html/GenericCachedHTMLCollection.cpp:
3547         (WebCore::GenericCachedHTMLCollection<traversalType>::elementMatches):
3548         * html/HTMLAnchorElement.cpp:
3549         (WebCore::HTMLAnchorElement::draggable):
3550         (WebCore::HTMLAnchorElement::href):
3551         (WebCore::HTMLAnchorElement::sendPings):
3552         * html/HTMLAppletElement.cpp:
3553         (WebCore::HTMLAppletElement::rendererIsNeeded):
3554         * html/HTMLElement.cpp:
3555         (WebCore::HTMLElement::collectStyleForPresentationAttribute):
3556         (WebCore::elementAffectsDirectionality):
3557         (WebCore::setHasDirAutoFlagRecursively):
3558         * html/HTMLEmbedElement.cpp:
3559         (WebCore::HTMLEmbedElement::rendererIsNeeded):
3560         * html/HTMLFieldSetElement.cpp:
3561         (WebCore::updateFromControlElementsAncestorDisabledStateUnder):
3562         (WebCore::HTMLFieldSetElement::disabledAttributeChanged):
3563         (WebCore::HTMLFieldSetElement::disabledStateChanged):
3564         (WebCore::HTMLFieldSetElement::childrenChanged):
3565         * html/HTMLFormControlElement.cpp:
3566         (WebCore::HTMLFormControlElement::formNoValidate):
3567         (WebCore::HTMLFormControlElement::formAction):
3568         (WebCore::HTMLFormControlElement::computeIsDisabledByFieldsetAncestor):
3569         (WebCore::shouldAutofocus):
3570         * html/HTMLFormElement.cpp:
3571         (WebCore::HTMLFormElement::formElementIndex):
3572         (WebCore::HTMLFormElement::noValidate):
3573         * html/HTMLFrameElement.cpp:
3574         (WebCore::HTMLFrameElement::noResize):
3575         (WebCore::HTMLFrameElement::didAttachRenderers):
3576         * html/HTMLFrameElementBase.cpp:
3577         (WebCore::HTMLFrameElementBase::parseAttribute):
3578         (WebCore::HTMLFrameElementBase::location):
3579         * html/HTMLHRElement.cpp:
3580         (WebCore::HTMLHRElement::collectStyleForPresentationAttribute):
3581         * html/HTMLImageElement.cpp:
3582         (WebCore::HTMLImageElement::isServerMap):
3583         * html/HTMLInputElement.cpp:
3584         (WebCore::HTMLInputElement::finishParsingChildren):
3585         (WebCore::HTMLInputElement::matchesDefaultPseudoClass):
3586         (WebCore::HTMLInputElement::isActivatedSubmit):
3587         (WebCore::HTMLInputElement::reset):
3588         (WebCore::HTMLInputElement::multiple):
3589         (WebCore::HTMLInputElement::setSize):
3590         (WebCore::HTMLInputElement::shouldUseMediaCapture):
3591         * html/HTMLMarqueeElement.cpp:
3592         (WebCore::HTMLMarqueeElement::minimumDelay):
3593         * html/HTMLMediaElement.cpp:
3594         (WebCore::HTMLMediaElement::insertedInto):
3595         (WebCore::HTMLMediaElement::selectMediaResource):
3596         (WebCore::HTMLMediaElement::loadResource):
3597         (WebCore::HTMLMediaElement::autoplay):
3598         (WebCore::HTMLMediaElement::preload):
3599         (WebCore::HTMLMediaElement::loop):
3600         (WebCore::HTMLMediaElement::setLoop):
3601         (WebCore::HTMLMediaElement::controls):
3602         (WebCore::HTMLMediaElement::setControls):
3603         (WebCore::HTMLMediaElement::muted):
3604         (WebCore::HTMLMediaElement::setMuted):
3605         (WebCore::HTMLMediaElement::selectNextSourceChild):
3606         (WebCore::HTMLMediaElement::sourceWasAdded):
3607         (WebCore::HTMLMediaElement::mediaSessionTitle):
3608         * html/HTMLObjectElement.cpp:
3609         (WebCore::HTMLObjectElement::parseAttribute):
3610         * html/HTMLOptGroupElement.cpp:
3611         (WebCore::HTMLOptGroupElement::isDisabledFormControl):
3612         (WebCore::HTMLOptGroupElement::isFocusable):
3613         * html/HTMLOptionElement.cpp:
3614         (WebCore::HTMLOptionElement::matchesDefaultPseudoClass):
3615         (WebCore::HTMLOptionElement::text):
3616         * html/HTMLProgressElement.cpp:
3617         (WebCore::HTMLProgressElement::isDeterminate):
3618         (WebCore::HTMLProgressElement::didElementStateChange):
3619         * html/HTMLScriptElement.cpp:
3620         (WebCore::HTMLScriptElement::async):
3621         (WebCore::HTMLScriptElement::setCrossOrigin):
3622         (WebCore::HTMLScriptElement::asyncAttributeValue):
3623         (WebCore::HTMLScriptElement::deferAttributeValue):
3624         (WebCore::HTMLScriptElement::hasSourceAttribute):
3625         (WebCore::HTMLScriptElement::dispatchLoadEvent):
3626         * html/HTMLSelectElement.cpp:
3627         (WebCore::HTMLSelectElement::reset):
3628         * html/HTMLTrackElement.cpp:
3629         (WebCore::HTMLTrackElement::isDefault):
3630         (WebCore::HTMLTrackElement::ensureTrack):
3631         (WebCore::HTMLTrackElement::loadTimerFired):
3632         * html/MediaElementSession.cpp:
3633         (WebCore::MediaElementSession::wirelessVideoPlaybackDisabled):
3634         (WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):
3635         (WebCore::MediaElementSession::allowsAutomaticMediaDataLoading):
3636         * html/SearchInputType.cpp:
3637         (WebCore::SearchInputType::searchEventsShouldBeDispatched):
3638         (WebCore::SearchInputType::didSetValueByUserEdit):
3639         * inspector/InspectorDOMAgent.cpp:
3640         (WebCore::InspectorDOMAgent::buildObjectForNode):
3641         * loader/FrameLoader.cpp:
3642         (WebCore::FrameLoader::shouldTreatURLAsSrcdocDocument):
3643         (WebCore::FrameLoader::findFrameForNavigation):
3644         * loader/ImageLoader.cpp:
3645         (WebCore::ImageLoader::notifyFinished):
3646         * mathml/MathMLSelectElement.cpp:
3647         (WebCore::MathMLSelectElement::getSelectedSemanticsChild):
3648         * rendering/RenderTableCell.cpp:
3649         (WebCore::RenderTableCell::computePreferredLogicalWidths):
3650         * rendering/RenderThemeIOS.mm:
3651         (WebCore::RenderThemeIOS::adjustMenuListButtonStyle):
3652         * rendering/SimpleLineLayout.cpp:
3653         (WebCore::SimpleLineLayout::canUseForWithReason):
3654         * rendering/svg/RenderSVGResourceClipper.cpp:
3655         (WebCore::RenderSVGResourceClipper::drawContentIntoMaskImage):
3656         * svg/SVGAnimateMotionElement.cpp:
3657         (WebCore::SVGAnimateMotionElement::updateAnimationPath):
3658         * svg/SVGAnimationElement.cpp:
3659         (WebCore::SVGAnimationElement::startedActiveInterval):
3660         (WebCore::SVGAnimationElement::updateAnimation):
3661         * svg/animation/SVGSMILElement.cpp:
3662         (WebCore::SVGSMILElement::insertedInto):
3663
3664 2016-07-17  Brady Eidson  <beidson@apple.com>
3665
3666         Exceptions logged to the JS console should use toString().
3667         https://bugs.webkit.org/show_bug.cgi?id=159855
3668
3669         Reviewed by Darin Adler.
3670
3671         No new tests (No change in behavior).
3672
3673         * bindings/js/JSDOMBinding.cpp:
3674         (WebCore::reportException):
3675
3676         * dom/DOMCoreException.h:
3677         (WebCore::DOMCoreException::DOMCoreException):
3678
3679         * dom/ExceptionBase.cpp:
3680         (WebCore::ExceptionBase::ExceptionBase):
3681         (WebCore::ExceptionBase::toString):
3682         (WebCore::ExceptionBase::consoleErrorMessage): Deleted.
3683         * dom/ExceptionBase.h:
3684         (WebCore::ExceptionBase::description): Deleted.
3685
3686         * svg/SVGException.h:
3687
3688         * xml/XPathException.h:
3689         (WebCore::XPathException::XPathException):
3690
3691 2016-07-17  Brady Eidson  <beidson@apple.com>
3692
3693         Update DOMCoreException to use the description in toString().
3694         https://bugs.webkit.org/show_bug.cgi?id=159857
3695
3696         Reviewed by Darin Adler.
3697
3698         No new tests (Covered by changes to existing tests).
3699
3700         * bindings/js/JSDOMBinding.cpp:
3701         (WebCore::createDOMException):
3702
3703         * dom/DOMCoreException.h:
3704         (WebCore::DOMCoreException::DOMCoreException):
3705         (WebCore::DOMCoreException::createWithDescriptionAsMessage): Deleted.
3706
3707 2016-07-17  Myles C. Maxfield  <mmaxfield@apple.com>
3708
3709         Support new emoji group candidates
3710         https://bugs.webkit.org/show_bug.cgi?id=159755
3711         <rdar://problem/27325521>
3712
3713         Reviewed by Dean Jackson.
3714
3715         There are a few code points which should be able to be joined (with ZWJ) to
3716         either U+2640 or U+2642 to change the gender of the emoji. These patterns
3717         should also work with an additional 0xFE0F variation selector. This patch
3718         adds these new patterns to our existing emoji group candidate infrastructure.
3719
3720         Tests: fast/text/emoji-gender-2-3.html
3721                fast/text/emoji-gender-2-4.html
3722                fast/text/emoji-gender-2-5.html
3723                fast/text/emoji-gender-2-6.html
3724                fast/text/emoji-gender-2-7.html
3725                fast/text/emoji-gender-2-8.html
3726                fast/text/emoji-gender-2-9.html
3727                fast/text/emoji-gender-2.html
3728                fast/text/emoji-gender-3.html
3729                fast/text/emoji-gender-4.html
3730                fast/text/emoji-gender-5.html
3731                fast/text/emoji-gender-6.html
3732                fast/text/emoji-gender-7.html
3733                fast/text/emoji-gender-8.html
3734                fast/text/emoji-gender-9.html
3735                fast/text/emoji-gender-fe0f-3.html
3736                fast/text/emoji-gender-fe0f-4.html
3737                fast/text/emoji-gender-fe0f-5.html
3738                fast/text/emoji-gender-fe0f-6.html
3739                fast/text/emoji-gender-fe0f-7.html
3740                fast/text/emoji-gender-fe0f-8.html
3741                fast/text/emoji-gender-fe0f-9.html
3742                fast/text/emoji-gender.html
3743                fast/text/emoji-num-glyphs.html
3744                fast/text/emoji-single-parent-family-2.html
3745                fast/text/emoji-single-parent-family.html
3746
3747         * platform/graphics/mac/ComplexTextControllerCoreText.mm:
3748         (WebCore::ComplexTextController::ComplexTextRun::ComplexTextRun): Removed incorrect ASSERT()s.
3749         * platform/graphics/FontCascade.cpp:
3750         (WebCore::FontCascade::characterRangeCodePath):
3751         * platform/text/CharacterProperties.h:
3752         (WebCore::isEmojiGroupCandidate):
3753
3754 2016-07-16  Brady Eidson  <beidson@apple.com>
3755
3756         Update SVGException to use the description in toString().
3757         https://bugs.webkit.org/show_bug.cgi?id=159847
3758
3759         Reviewed by Darin Adler.
3760
3761         No new tests (Covered by changes to existing tests).
3762
3763         * bindings/js/JSDOMBinding.cpp:
3764         (WebCore::reportException): use consoleErrorMessage for now.
3765
3766         * dom/ExceptionBase.cpp:
3767         (WebCore::ExceptionBase::consoleErrorMessage):
3768         * dom/ExceptionBase.h:
3769
3770         * svg/SVGException.h:
3771
3772 2016-07-16  Chris Dumez  <cdumez@apple.com>
3773
3774         Use fastHasAttribute() when possible
3775         https://bugs.webkit.org/show_bug.cgi?id=159838
3776
3777         Reviewed by Ryosuke Niwa.
3778
3779         Use fastHasAttribute() when possible, for performance.
3780
3781         * editing/DeleteSelectionCommand.cpp:
3782         (WebCore::DeleteSelectionCommand::makeStylingElementsDirectChildrenOfEditableRootToPreventStyleLoss):
3783         * editing/markup.cpp:
3784         (WebCore::createMarkupInternal):
3785         * html/HTMLAnchorElement.cpp:
3786         (WebCore::HTMLAnchorElement::draggable):
3787         * html/HTMLFrameElementBase.cpp:
3788         (WebCore::HTMLFrameElementBase::parseAttribute):
3789         * mathml/MathMLSelectElement.cpp:
3790         (WebCore::MathMLSelectElement::getSelectedSemanticsChild):
3791         * rendering/RenderThemeIOS.mm:
3792         (WebCore::RenderThemeIOS::adjustMenuListButtonStyle):
3793
3794 2016-07-16  Ryosuke Niwa  <rniwa@webkit.org>
3795
3796         Rename fastGetAttribute to attributeWithoutSynchronization
3797         https://bugs.webkit.org/show_bug.cgi?id=159852
3798
3799         Reviewed by Darin Adler.
3800
3801         Renamed fastGetAttribute to attributeWithoutSynchronization for clarity.
3802
3803         * accessibility/AXObjectCache.cpp:
3804         (WebCore::AXObjectCache::findAriaModalNodes):
3805         (WebCore::nodeHasRole):
3806         (WebCore::AXObjectCache::handleLiveRegionCreated):
3807         (WebCore::AXObjectCache::handleMenuItemSelected):
3808         (WebCore::AXObjectCache::handleAriaModalChange):
3809         (WebCore::isNodeAriaVisible):
3810         * accessibility/AccessibilityNodeObject.cpp:
3811         (WebCore::siblingWithAriaRole):
3812         (WebCore::AccessibilityNodeObject::titleElementText):
3813         (WebCore::AccessibilityNodeObject::alternativeTextForWebArea):
3814         (WebCore::AccessibilityNodeObject::hierarchicalLevel):
3815         (WebCore::AccessibilityNodeObject::stringValue):
3816         (WebCore::accessibleNameForNode):
3817         * accessibility/AccessibilityObject.cpp:
3818         (WebCore::AccessibilityObject::contentEditableAttributeIsEnabled):
3819         (WebCore::AccessibilityObject::getAttribute):
3820         * accessibility/AccessibilityRenderObject.cpp:
3821         (WebCore::AccessibilityRenderObject::stringValue):
3822         (WebCore::AccessibilityRenderObject::exposesTitleUIElement):
3823         * accessibility/AccessibilitySVGElement.cpp:
3824         (WebCore::AccessibilitySVGElement::childElementWithMatchingLanguage):
3825         (WebCore::AccessibilitySVGElement::accessibilityDescription):
3826         * bindings/objc/DOM.mm:
3827         (-[DOMHTMLLinkElement _mediaQueryMatches]):
3828         * bindings/scripts/CodeGenerator.pm:
3829         (GetterExpression):
3830         * bindings/scripts/CodeGeneratorObjC.pm:
3831         (GenerateImplementation):
3832         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
3833         * bindings/scripts/test/JS/JSTestObj.cpp:
3834         (WebCore::jsTestObjReflectedStringAttr):
3835         * dom/AuthorStyleSheets.cpp:
3836         (WebCore::AuthorStyleSheets::collectActiveStyleSheets):
3837         * dom/Document.cpp:
3838         (WebCore::Document::buildAccessKeyMap):
3839         (WebCore::Document::processBaseElement):
3840         * dom/DocumentOrderedMap.cpp:
3841         (WebCore::DocumentOrderedMap::getElementByLabelForAttribute):
3842         * dom/Element.cpp:
3843         (WebCore::Element::imageSourceURL):
3844         (WebCore::Element::rendererIsNeeded):
3845         (WebCore::Element::insertedInto):
3846         (WebCore::Element::removedFrom):
3847         (WebCore::Element::pseudo):
3848         (WebCore::Element::setPseudo):
3849         (WebCore::Element::spellcheckAttributeState):
3850         (WebCore::Element::canContainRangeEndPoint):
3851         (WebCore::Element::completeURLsInAttributeValue):
3852         * dom/Element.h:
3853         (WebCore::Element::fastHasAttribute):
3854         (WebCore::Element::attributeWithoutSynchronization):
3855         (WebCore::Element::fastGetAttribute): Deleted.
3856         * dom/InlineStyleSheetOwner.cpp:
3857         (WebCore::InlineStyleSheetOwner::createSheet):
3858         * dom/ScriptElement.cpp:
3859         (WebCore::ScriptElement::requestScript):
3860         (WebCore::ScriptElement::executeScript):
3861         * dom/SlotAssignment.cpp:
3862         (WebCore::slotNameFromSlotAttribute):
3863         (WebCore::SlotAssignment::SlotAssignment):
3864         (WebCore::recursivelyFireSlotChangeEvent):
3865         (WebCore::SlotAssignment::didChangeSlot):
3866         (WebCore::SlotAssignment::hostChildElementDidChange):
3867         (WebCore::SlotAssignment::assignedNodesForSlot):
3868         (WebCore::SlotAssignment::resolveAllSlotElements):
3869         * dom/TreeScope.cpp:
3870         (WebCore::TreeScope::labelElementForId):
3871         * dom/VisitedLinkState.cpp:
3872         (WebCore::linkAttribute):
3873         * editing/ApplyStyleCommand.cpp:
3874         (WebCore::isLegacyAppleStyleSpan):
3875         (WebCore::hasNoAttributeOrOnlyStyleAttribute):
3876         * editing/EditingStyle.cpp:
3877         (WebCore::EditingStyle::elementIsStyledSpanOrHTMLEquivalent):
3878         * editing/ReplaceSelectionCommand.cpp:
3879         (WebCore::isInterchangeNewlineNode):
3880         (WebCore::isInterchangeConvertedSpaceSpan):
3881         (WebCore::positionAvoidingPrecedingNodes):
3882         (WebCore::isMailPasteAsQuotationNode):
3883         (WebCore::isHeaderElement):
3884         (WebCore::isInlineNodeWithStyle):
3885         * editing/TextIterator.cpp:
3886         (WebCore::isRendererReplacedElement):
3887         * editing/cocoa/DataDetection.mm:
3888         (WebCore::DataDetection::isDataDetectorLink):
3889         (WebCore::DataDetection::requiresExtendedContext):
3890         (WebCore::DataDetection::dataDetectorIdentifier):
3891         (WebCore::DataDetection::shouldCancelDefaultAction):
3892         (WebCore::removeResultLinksFromAnchor):
3893         (WebCore::searchForLinkRemovingExistingDDLinks):
3894         * editing/gtk/EditorGtk.cpp:
3895         (WebCore::elementURL):
3896         * editing/htmlediting.cpp:
3897         (WebCore::isTabSpanNode):
3898         (WebCore::isTabSpanTextNode):
3899         (WebCore::isMailBlockquote):
3900         (WebCore::caretMinOffset):
3901         * editing/markup.cpp:
3902         (WebCore::createFragmentFromMarkup):
3903         * html/Autofill.cpp:
3904         (WebCore::AutofillData::createFromHTMLFormControlElement):
3905         * html/BaseTextInputType.cpp:
3906         (WebCore::BaseTextInputType::patternMismatch):
3907         * html/DateInputType.cpp:
3908         (WebCore::DateInputType::createStepRange):
3909         * html/DateTimeInputType.cpp:
3910         (WebCore::DateTimeInputType::createStepRange):
3911         * html/DateTimeLocalInputType.cpp:
3912         (WebCore::DateTimeLocalInputType::createStepRange):
3913         * html/FormAssociatedElement.cpp:
3914         (WebCore::FormAssociatedElement::findAssociatedForm):
3915         (WebCore::FormAssociatedElement::resetFormAttributeTargetObserver):
3916         (WebCore::FormAssociatedElement::formAttributeTargetChanged):
3917         * html/HTMLAnchorElement.cpp:
3918         (WebCore::HTMLAnchorElement::draggable):
3919         (WebCore::HTMLAnchorElement::href):
3920         (WebCore::HTMLAnchorElement::setHref):
3921         (WebCore::HTMLAnchorElement::target):
3922         (WebCore::HTMLAnchorElement::origin):
3923         (WebCore::HTMLAnchorElement::sendPings):
3924         (WebCore::HTMLAnchorElement::handleClick):
3925         * html/HTMLAnchorElement.h:
3926         (WebCore::HTMLAnchorElement::visitedLinkHash):
3927         * html/HTMLAppletElement.cpp:
3928         (WebCore::HTMLAppletElement::updateWidget):
3929         * html/HTMLAreaElement.cpp:
3930         (WebCore::HTMLAreaElement::target):
3931         * html/HTMLAttachmentElement.cpp:
3932         (WebCore::HTMLAttachmentElement::attachmentTitle):
3933         (WebCore::HTMLAttachmentElement::attachmentType):
3934         * html/HTMLBaseElement.cpp:
3935         (WebCore::HTMLBaseElement::target):
3936         (WebCore::HTMLBaseElement::href):
3937         * html/HTMLBodyElement.cpp:
3938         (WebCore::HTMLBodyElement::addSubresourceAttributeURLs):
3939         * html/HTMLButtonElement.cpp:
3940         (WebCore::HTMLButtonElement::value):
3941         (WebCore::HTMLButtonElement::computeWillValidate):
3942         * html/HTMLCanvasElement.cpp:
3943         (WebCore::HTMLCanvasElement::reset):
3944         * html/HTMLDocument.cpp:
3945         (WebCore::HTMLDocument::bgColor):
3946         (WebCore::HTMLDocument::setBgColor):
3947         (WebCore::HTMLDocument::fgColor):
3948         (WebCore::HTMLDocument::setFgColor):
3949         (WebCore::HTMLDocument::alinkColor):
3950         (WebCore::HTMLDocument::setAlinkColor):
3951         (WebCore::HTMLDocument::linkColor):
3952         (WebCore::HTMLDocument::setLinkColor):
3953         (WebCore::HTMLDocument::vlinkColor):
3954         (WebCore::HTMLDocument::setVlinkColor):
3955         * html/HTMLElement.cpp:
3956         (WebCore::contentEditableType):
3957         (WebCore::HTMLElement::collectStyleForPresentationAttribute):
3958         (WebCore::HTMLElement::dir):
3959         (WebCore::HTMLElement::setDir):
3960         (WebCore::HTMLElement::draggable):
3961         (WebCore::HTMLElement::setDraggable):
3962         (WebCore::HTMLElement::title):
3963         (WebCore::HTMLElement::tabIndex):
3964         (WebCore::HTMLElement::translateAttributeMode):
3965         (WebCore::HTMLElement::hasDirectionAuto):
3966         (WebCore::HTMLElement::directionality):
3967         * html/HTMLEmbedElement.cpp:
3968         (WebCore::HTMLEmbedElement::imageSourceURL):
3969         (WebCore::HTMLEmbedElement::addSubresourceAttributeURLs):
3970         * html/HTMLFormControlElement.cpp:
3971         (WebCore::HTMLFormControlElement::formEnctype):
3972         (WebCore::HTMLFormControlElement::formMethod):
3973         (WebCore::HTMLFormControlElement::formAction):
3974         (WebCore::HTMLFormControlElement::autocorrect):
3975         (WebCore::HTMLFormControlElement::autocapitalizeType):
3976         * html/HTMLFormElement.cpp:
3977         (WebCore::HTMLFormElement::autocorrect):
3978         (WebCore::HTMLFormElement::autocapitalizeType):
3979         (WebCore::HTMLFormElement::autocapitalize):
3980         (WebCore::HTMLFormElement::action):
3981         (WebCore::HTMLFormElement::setAction):
3982         (WebCore::HTMLFormElement::target):
3983         (WebCore::HTMLFormElement::wasUserSubmitted):
3984         (WebCore::HTMLFormElement::shouldAutocomplete):
3985         (WebCore::