Unreviewed, rolling out r203641.
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2016-07-23  Commit Queue  <commit-queue@webkit.org>
2
3         Unreviewed, rolling out r203641.
4         https://bugs.webkit.org/show_bug.cgi?id=160116
5
6         It broke make-based builds (Requested by youenn on #webkit).
7
8         Reverted changeset:
9
10         "[Fetch API] Request should be created with any HeadersInit
11         data"
12         https://bugs.webkit.org/show_bug.cgi?id=159672
13         http://trac.webkit.org/changeset/203641
14
15 2016-07-23  Youenn Fablet  <youenn@apple.com>
16
17         [Fetch API] Request should be created with any HeadersInit data
18         https://bugs.webkit.org/show_bug.cgi?id=159672
19
20         Reviewed by Sam Weinig.
21
22         Made Request use JSBuiltinConstructor.
23         This allows initializing newly created Request with a JS built-in function, initializeFetchRequest.
24         initializeFetchRequest can call @fillFetchHeaders internal built-in to handle any HeadersInit data.
25         Future effort should be made to migrate more initialization code in initializeFetchRequest.
26
27         Made window and worker fetch function as a JS built-in.
28         This becomes more handy as these new functions can construct the Request object.
29         They can then call a single private function that takes a Request object as input.
30         Updated DOMWindowFetch and WorkerGlobalScopeFetch code accordingly.
31
32         To enable this, the binding generator is updated to support runtime-enabled JS built-in functions and
33         private functions atttached to global objects.
34
35         Covered by existing and modified tests.
36         Binding generator test covered by updated binding tests.
37
38         * CMakeLists.txt: Adding DOMWindowFetch.js, FetchRequest.js and WorkerGlobalScopeFetch.js built-in files.
39         * DerivedSources.make: Ditto.
40         * Modules/fetch/DOMWindowFetch.cpp: Removed overloaded fetch and updated according new signature.
41         (WebCore::DOMWindowFetch::fetch):
42         * Modules/fetch/DOMWindowFetch.h: Ditto.
43         * Modules/fetch/DOMWindowFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
44         * Modules/fetch/DOMWindowFetch.js: Added.
45         (fetch):
46         * Modules/fetch/FetchHeaders.h:
47         (WebCore::FetchHeaders::setGuard): Used by FetchRequest when initializing headers.
48         * Modules/fetch/FetchRequest.cpp: 
49         (WebCore::buildHeaders): Removed as implemented in JS.
50         (WebCore::FetchRequest::initializeOptions): Added to handle most of the dictionary initialization.
51         (WebCore::FetchRequest::initializeWith): Method called from built-in constructor function.
52         (WebCore::FetchRequest::setBody): Corresponding to @setBody private method.
53         (WebCore::buildBody): Deleted.
54         * Modules/fetch/FetchRequest.h:
55         * Modules/fetch/FetchRequest.idl:
56         * Modules/fetch/FetchRequest.js: Added.
57         (initializeFetchRequest): Implements fetch Request(input, init) constructor.
58         * Modules/fetch/FetchResponse.cpp:
59         (WebCore::FetchResponse::fetch): Removed the construction of FetchRequest in fetch method since it is done by JS built-in code.
60         * Modules/fetch/FetchResponse.h:
61         * Modules/fetch/WorkerGlobalScopeFetch.cpp: Removed overloaded fetch and updated according new signature.
62         (WebCore::WorkerGlobalScopeFetch::fetch):
63         * Modules/fetch/WorkerGlobalScopeFetch.h: Ditto.
64         * Modules/fetch/WorkerGlobalScopeFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
65         * Modules/fetch/WorkerGlobalScopeFetch.js: Added.
66         (fetch):
67         * bindings/js/WebCoreBuiltinNames.h: Adding fetchRequest, setBody and Request private identifiers.
68         * bindings/scripts/CodeGenerator.pm:
69         (WK_lcfirst): Replacing dOM by dom.
70         * bindings/scripts/CodeGeneratorJS.pm:
71         (GenerateImplementation): Adding support for runtime-enabled built-in methods and private methods.
72         * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
73         (WebCore::JSTestGlobalObject::finishCreation):
74         (WebCore::jsTestGlobalObjectInstanceFunctionTestPrivateFunction):
75         * bindings/scripts/test/ObjC/DOMTestGlobalObject.mm:
76         (-[DOMTestGlobalObject testJSBuiltinFunction]):
77         * bindings/scripts/test/TestGlobalObject.idl: Adding tests for runtime-enabled global built-in methods and private methods.
78
79 2016-07-23  Frederic Wang  <fwang@igalia.com>
80
81         Reset font-style on the <math> element
82         https://bugs.webkit.org/show_bug.cgi?id=160074
83
84         Reviewed by Darin Adler.
85
86         Mathematical formulas with italic font-style render poorly (slanted operators, mathvariant
87         italic etc). We align on Gecko and make the user agent stylesheet reset the font-style to
88         'normal' by default. This addresses the concrete use case of formula inside theorem or
89         proposition statements, which are often written in italic.
90
91         Test: mathml/presentation/math-font-style.html
92
93         * css/mathml.css:
94         (math): Reset the font-style to normal.
95
96 2016-07-23  Frederic Wang  <fwang@igalia.com>
97
98         [MathML] PaintInfo state is not properly restored after applyTransform.
99         https://bugs.webkit.org/show_bug.cgi?id=160077
100
101         Reviewed by Simon Fraser.
102
103         PaintInfo::applyTransform modifies PaintInfo::rect and the original state is not properly
104         restored by GraphicsContextStateSaver. To avoid some weird rendering bugs in MathOperator
105         and RenderMathMLMenclose, we follow what is done in SVG renderers and make a copy of the
106         original PaintInfo before applying the transform.
107
108         Test: mathml/presentation/bug160077.html
109
110         * rendering/mathml/MathOperator.cpp:
111         (WebCore::MathOperator::paint):
112         * rendering/mathml/RenderMathMLMenclose.cpp:
113         (WebCore::RenderMathMLMenclose::paint):
114
115 2016-07-23  Youenn Fablet  <youenn@apple.com>
116
117         [Fetch API] Fetch response stream should enqueue Uint8Array
118         https://bugs.webkit.org/show_bug.cgi?id=160083
119
120         Reviewed by Sam Weinig.
121
122         Covered by updated tests.
123
124         Before enqueuing, ReadableStreamController::enqueue will convert ArrayBuffer as Uint8Array.
125         It also returns a boolean whether the operation is successful or not.
126
127         If returned value is false, calling code will stop loading or if everything is loaded it will refrain from closing the stream.
128         The enqueuing should be succesful except in OutOfMemory cases. This case is not yet handled in test cases.
129
130         Updated the code to remove templated enqueuing as Fetch has no use of it.
131
132         * Modules/fetch/FetchBody.cpp:
133         (WebCore::FetchBody::consumeAsStream): Do not close the stream if enqueuing failed.
134         * Modules/fetch/FetchBodyOwner.cpp:
135         (WebCore::FetchBodyOwner::blobChunk): Stop blob loading if enqueuing failed.
136         * Modules/fetch/FetchResponse.cpp:
137         (WebCore::FetchResponse::BodyLoader::didReceiveData): Stop resource loading if enqueuing failed.
138         (WebCore::FetchResponse::consumeBodyAsStream): Ditto.
139         * Modules/fetch/FetchResponseSource.h:
140         * bindings/js/ReadableStreamController.h:
141         (WebCore::ReadableStreamController::enqueue):
142         (WebCore::ReadableStreamController::enqueue<RefPtr<JSC::ArrayBuffer>>): Deleted.
143
144 2016-07-22  Youenn Fablet  <youenn@apple.com>
145
146         Use a private property to implement FetchResponse.body getter
147         https://bugs.webkit.org/show_bug.cgi?id=159808
148
149         Reviewed by Sam Weinig.
150
151         Covered by existing test sets.
152
153         Previously, body was handled as a CachedAttribute.
154         Using a private property will allow direct use of this property from JS built-ins which will allow easier
155         handling of ReadableStream cloning in Response.clone.
156         Also, this allows removing some binding custom code.
157
158         Updated redirect and error static methods to take NewObject keyword, as this removes a search into cached wrappers.
159         Ditto for createReadableStreamSource.
160
161         * CMakeLists.txt: Removing JSFetchResponseCustom.cpp.
162         * Modules/fetch/FetchResponse.idl: Adding createReadableStreamSource and isDisturbed private functions.
163         Making body getter a JSBuiltin.
164         * Modules/fetch/FetchResponse.js:
165         (body): Adding getter which will call createReadableStreamSource if needed.
166         * WebCore.xcodeproj/project.pbxproj: Removing JSFetchResponseCustom.cpp.
167         * bindings/js/JSFetchResponseCustom.cpp: Removed.
168         * bindings/js/ReadableStreamController.cpp:
169         (WebCore::createReadableStream): Deleted.
170         (WebCore::getReadableStreamReader): Deleted.
171         * bindings/js/ReadableStreamController.h: Removing unneeded ReadableStream helper routine now that they can be
172         handled within JS built-in code.
173         * bindings/js/WebCoreBuiltinNames.h: Adding @createReadableStreamSource, @isDisturbed  and @Response identifiers.
174
175 2016-07-22  Zalan Bujtas  <zalan@apple.com>
176
177         Handle cases when IOSurface initialization fails.
178         https://bugs.webkit.org/show_bug.cgi?id=160006
179         <rdar://problem/27495102>
180
181         Reviewed by Tim Horton and Simon Fraser.
182
183         This is an additional fix to r203514 to check if IOSurface initialization was successful.
184
185         Unable to test.
186
187         * platform/graphics/cg/ImageBufferCG.cpp:
188         (WebCore::ImageBuffer::ImageBuffer):
189         * platform/graphics/cocoa/IOSurface.h: Merge 2 c'tors.
190         * platform/graphics/cocoa/IOSurface.mm: Remove redundant IOSurface::create() code.  
191         (WebCore::IOSurface::create):
192         (WebCore::IOSurface::createFromImage):
193         (WebCore::IOSurface::IOSurface):
194         (WebCore::IOSurface::convertToFormat):
195
196 2016-07-22  Wenson Hsieh  <wenson_hsieh@apple.com>
197
198         Media controls should be displayed for media in media documents
199         https://bugs.webkit.org/show_bug.cgi?id=160104
200         <rdar://problem/27438936>
201
202         Reviewed by Myles C. Maxfield.
203
204         Make videos that would otherwise not have been large enough or have the right
205         aspect ratio cause media controls to appear. This is because media elements in
206         a media document are implied to be main content.
207
208         Added a new API test.
209
210         * html/MediaElementSession.cpp:
211         (WebCore::MediaElementSession::canControlControlsManager):
212
213 2016-07-22  Myles C. Maxfield  <mmaxfield@apple.com>
214
215         All dancers with bunny ears are female
216         https://bugs.webkit.org/show_bug.cgi?id=160102
217         <rdar://problem/27453479>
218
219         Reviewed by Simon Fraser.
220
221         In r203330 I added support for new emoji group candidates. I accidentally
222         missed one of the new emoji code points.
223
224         Tests: editing/deleting/delete-emoji.html:
225                fast/text/emoji-gender-2-9.html:
226                fast/text/emoji-gender-9.html:
227                fast/text/emoji-gender-fe0f-9.html:
228
229         * platform/text/CharacterProperties.h:
230         (WebCore::isEmojiGroupCandidate):
231
232 2016-07-22  Chris Dumez  <cdumez@apple.com>
233
234         Parameter to HTMLCollection.item() / namedItem() should be mandatory
235         https://bugs.webkit.org/show_bug.cgi?id=160099
236
237         Reviewed by Sam Weinig.
238
239         Parameter to HTMLCollection.item() / namedItem() should be mandatory:
240         - https://dom.spec.whatwg.org/#interface-htmlcollection
241         - https://html.spec.whatwg.org/multipage/infrastructure.html#htmlformcontrolscollection
242         - https://html.spec.whatwg.org/multipage/infrastructure.html#the-htmloptionscollection-interface
243
244         Firefox and Chrome agree with the specification.
245
246         No new tests, rebaselined existing tests.
247
248         * bindings/js/JSHTMLFormControlsCollectionCustom.cpp:
249         (WebCore::JSHTMLFormControlsCollection::namedItem):
250         * html/HTMLCollection.idl:
251         * html/HTMLFormControlsCollection.idl:
252         * html/HTMLOptionsCollection.idl:
253
254 2016-07-22  Chris Dumez  <cdumez@apple.com>
255
256         First parameter to Window.getComputedStyle() should be mandatory and non-nullable
257         https://bugs.webkit.org/show_bug.cgi?id=160097
258
259         Reviewed by Ryosuke Niwa.
260
261         First parameter to Window.getComputedStyle() should be mandatory and
262         non-nullable:
263         - https://drafts.csswg.org/cssom/#extensions-to-the-window-interface
264
265         Firefox and Chrome agree with the specification.
266
267         Test: fast/dom/Window/getComputedStyle-missing-parameter.html
268
269         * css/CSSComputedStyleDeclaration.cpp:
270         (WebCore::ComputedStyleExtractor::ComputedStyleExtractor):
271         (WebCore::CSSComputedStyleDeclaration::CSSComputedStyleDeclaration):
272         (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
273         (WebCore::CSSComputedStyleDeclaration::copyProperties):
274         (WebCore::CSSComputedStyleDeclaration::length):
275         (WebCore::CSSComputedStyleDeclaration::item):
276         (WebCore::CSSComputedStyleDeclaration::getPropertyValue):
277         * css/CSSComputedStyleDeclaration.h:
278         * dom/Document.idl:
279         * inspector/InspectorCSSAgent.cpp:
280         (WebCore::InspectorCSSAgent::getComputedStyleForNode):
281         * page/DOMWindow.cpp:
282         (WebCore::DOMWindow::getComputedStyle):
283         * page/DOMWindow.h:
284         * page/DOMWindow.idl:
285         * testing/Internals.cpp:
286         (WebCore::Internals::computedStyleIncludingVisitedInfo):
287         * testing/Internals.h:
288         * testing/Internals.idl:
289
290 2016-07-22  Brady Eidson  <beidson@apple.com>
291
292         Removing IndexedDatabases that have stored blobs doesn't remove the blob files.
293         https://bugs.webkit.org/show_bug.cgi?id=160089
294
295         Reviewed by Darin Adler.
296
297         Tested by API test IndexedDB.StoreBlobThenDelete.
298
299         Blob filenames exist in the IDB directory with the name "[0-9]+.blob".
300         
301         That is, one or more digits, followed by ".blob".
302         
303         So when we delete an IndexedDB.sqlite3 and related files, we should delete those blob files as well.
304         
305         * Modules/indexeddb/server/IDBServer.cpp:
306         (WebCore::IDBServer::removeAllDatabasesForOriginPath):
307
308 2016-07-22  Chris Dumez  <cdumez@apple.com>
309
310         Fix default parameter values for window.alert() / prompt() / confirm()
311         https://bugs.webkit.org/show_bug.cgi?id=160085
312
313         Reviewed by Ryosuke Niwa.
314
315         Fix default parameter values for window.alert() / prompt() / confirm() to
316         match the specification:
317         - https://html.spec.whatwg.org/multipage/browsers.html#the-window-object
318
319         They should default to the empty string, not the string "undefined".
320
321         Firefox and chrome agree with the specification.
322
323         No new tests, updated existing test.
324
325         * page/DOMWindow.h:
326         * page/DOMWindow.idl:
327
328 2016-07-22  Daniel Bates  <dabates@apple.com>
329
330         CSP: object-src and plugin-types directives are not respected for plugin replacements
331         https://bugs.webkit.org/show_bug.cgi?id=159761
332         <rdar://problem/27365724>
333
334         Reviewed by Brent Fulgham.
335
336         Apply the Content Security Policy (CSP) object-src and plugin-types directives to content that will
337         load with a plugin replacement.
338
339         Tests: security/contentSecurityPolicy/object-src-none-blocks-quicktime-plugin-replacement.html
340                security/contentSecurityPolicy/object-src-none-blocks-youtube-plugin-replacement.html
341                security/contentSecurityPolicy/plugins-types-allows-quicktime-plugin-replacement.html
342                security/contentSecurityPolicy/plugins-types-allows-youtube-plugin-replacement.html
343                security/contentSecurityPolicy/plugins-types-blocks-quicktime-plugin-replacement-without-mime-type.html
344                security/contentSecurityPolicy/plugins-types-blocks-quicktime-plugin-replacement.html
345                security/contentSecurityPolicy/plugins-types-blocks-youtube-plugin-replacement-without-mime-type.html
346                security/contentSecurityPolicy/plugins-types-blocks-youtube-plugin-replacement.html
347
348         * html/HTMLPlugInImageElement.cpp:
349         (WebCore::HTMLPlugInImageElement::allowedToLoadPluginContent): Added.
350         (WebCore::HTMLPlugInImageElement::requestObject): Only request loading plugin content if we
351         are allowed to load such content.
352         * html/HTMLPlugInImageElement.h:
353         * loader/SubframeLoader.cpp:
354         (WebCore::SubframeLoader::pluginIsLoadable): Removed code to check CSP as we will check CSP
355         earlier in HTMLPlugInImageElement::requestObject().
356         (WebCore::SubframeLoader::requestPlugin): Ditto.
357         (WebCore::SubframeLoader::isPluginContentAllowedByContentSecurityPolicy): Deleted; moved implementation
358         to HTMLPlugInImageElement::allowedToLoadPluginContent().
359         (WebCore::SubframeLoader::requestObject): Deleted.
360         * loader/SubframeLoader.h:
361         * page/csp/ContentSecurityPolicy.cpp:
362         (WebCore::ContentSecurityPolicy::upgradeInsecureRequestIfNeeded): Changed signature from a non-const
363         function to a const function since these functions do not modify |this|.
364         * page/csp/ContentSecurityPolicy.h: 
365
366 2016-07-22  Chris Dumez  <cdumez@apple.com>
367
368         Parameters to Node.replaceChild() / insertBefore() should be mandatory
369         https://bugs.webkit.org/show_bug.cgi?id=160091
370
371         Reviewed by Darin Adler.
372
373         Parameters to Node.replaceChild() / insertBefore() should be mandatory:
374         - https://dom.spec.whatwg.org/#node
375
376         The compatibility risk should be low since Firefox and Chrome both agree
377         with the specification and because it does not make much sense to omit
378         parameters when using this API.
379
380         No new tests, rebaselined existing tests.
381
382         * bindings/js/JSNodeCustom.cpp:
383         (WebCore::JSNode::insertBefore):
384         (WebCore::JSNode::replaceChild):
385
386 2016-07-22  Chris Dumez  <cdumez@apple.com>
387
388         Parameter to Node.contains() should be mandatory
389         https://bugs.webkit.org/show_bug.cgi?id=160084
390
391         Reviewed by Darin Adler.
392
393         Parameter to Node.contains() should be mandatory as per the
394         specification:
395         - https://dom.spec.whatwg.org/#node
396
397         The compatibility risk should be low because both Firefox and Chrome
398         both agree with the specification. Also, it does not make much sense
399         to call this API without parameter.
400
401         No new tests, rebaselined existing tests.
402
403         * dom/Node.idl:
404
405 2016-07-22  Said Abou-Hallawa  <sabouhallawa@apple.com>
406
407         [iOS] REGRESSION(203378): PDFDocumentImage::updateCachedImageIfNeeded() uses the unscaled size when deciding whether to cache the PDF image
408         https://bugs.webkit.org/show_bug.cgi?id=159933
409
410         Reviewed by Simon Fraser.
411
412         We need to use the scaled size when deciding whether to cache the PDF image
413         or not. This is because ImageBuffer takes the display resolution into account
414         which gives higher resolution for the image when zooming.
415
416         * platform/graphics/cg/PDFDocumentImage.cpp:
417         (WebCore::PDFDocumentImage::updateCachedImageIfNeeded):
418
419 2016-07-22  Chris Dumez  <cdumez@apple.com>
420
421         First parameter to getElementById() should be mandatory
422         https://bugs.webkit.org/show_bug.cgi?id=160087
423
424         Reviewed by Darin Adler.
425
426         First parameter to getElementById() should be mandatory:
427         - https://dom.spec.whatwg.org/#nonelementparentnode
428         - https://www.w3.org/TR/SVG/struct.html#InterfaceSVGSVGElement
429
430         Both Firefox and Chrome agree with the specification.
431
432         Test: svg/dom/SVGSVGElement-getElementById.html
433
434         * dom/NonElementParentNode.idl:
435         * svg/SVGSVGElement.idl:
436
437 2016-07-22  Chris Dumez  <cdumez@apple.com>
438
439         Parameter to Node.lookupPrefix() / lookupNamespaceURI() / isDefaultNamespace() should be mandatory
440         https://bugs.webkit.org/show_bug.cgi?id=160086
441
442         Reviewed by Darin Adler.
443
444         Parameter to Node.lookupPrefix() / lookupNamespaceURI() / isDefaultNamespace()
445         should be mandatory:
446         - https://dom.spec.whatwg.org/#node
447
448         Firefox and Chrome both agree with the specification.
449
450         No new tests, rebaselined existing tests.
451
452         * dom/Node.idl:
453
454 2016-07-22  Chris Dumez  <cdumez@apple.com>
455
456         Parameter to Node.compareDocumentPosition() should be mandatory and non-nullable
457         https://bugs.webkit.org/show_bug.cgi?id=160071
458
459         Reviewed by Ryosuke Niwa.
460
461         
462         Parameter to Node.compareDocumentPosition() should be mandatory and
463         non-nullable:
464         - https://dom.spec.whatwg.org/#interface-node
465
466         Firefox and Chrome agree with the specification so the compatibility
467         risk should be low. Also, it does not make much sense to call this
468         operation without parameter.
469
470         No new tests, rebaselined existing tests.
471
472         * accessibility/AccessibilityObject.cpp:
473         (WebCore::rangeClosestToRange):
474         * dom/AuthorStyleSheets.cpp:
475         (WebCore::AuthorStyleSheets::addStyleSheetCandidateNode):
476         * dom/Node.cpp:
477         (WebCore::compareDetachedElementsPosition):
478         (WebCore::Node::compareDocumentPosition):
479         * dom/Node.h:
480         * dom/Node.idl:
481         * dom/Position.h:
482         (WebCore::operator<):
483         * html/HTMLFormElement.cpp:
484         (WebCore::HTMLFormElement::formElementIndexWithFormAttribute):
485         (WebCore::HTMLFormElement::formElementIndex):
486         * rendering/RenderNamedFlowThread.cpp:
487         (WebCore::RenderNamedFlowThread::nextRendererForElement):
488         (WebCore::compareRenderNamedFlowFragments):
489         (WebCore::RenderNamedFlowThread::registerNamedFlowContentElement):
490
491 2016-07-22  Konstantin Tokarev  <annulen@yandex.ru>
492
493         [cmake] Removed obsolete plugins/win directory
494         https://bugs.webkit.org/show_bug.cgi?id=160081
495
496         Reviewed by Per Arne Vollan.
497
498         It was removed in r178219.
499
500         No new tests needed.
501
502         * PlatformWin.cmake:
503
504 2016-07-22  Youenn Fablet  <youenn@apple.com>
505
506         run-builtins-generator-tests should be able to test WebCore builtins wrapper with more than one file
507         https://bugs.webkit.org/show_bug.cgi?id=159921
508
509         Reviewed by Brian Burg.
510
511         Covered by existing and added built-ins tests.
512
513         Updating built system according ---wrappers-only new meaning.
514         builtin generator is now called for each individual built-in file plus once for WebCore wrapper files.
515         WebCore wrapper files allow handling things like conditionally guarded features.
516         They also remove the need to use built-ins macros outside generated code.
517
518         * CMakeLists.txt:
519         * DerivedSources.make:
520
521 2016-07-21  Frederic Wang  <fwang@igalia.com>
522
523         Move parsing of accentunder and accent attributes from renderer to element classes
524         https://bugs.webkit.org/show_bug.cgi?id=159625
525
526         Reviewed by Brent Fulgham.
527
528         We introduce a new MathMLUnderOverElement that is used for elements munder, mover and
529         munderover in order to create RenderMathMLUnderOver and parse and expose the values of the
530         accent and accentunder attributes. This is one more step toward moving MathML attribute
531         parsing to the DOM (bug 156536). We also do minor clean-up for this and previous renderer
532         classes that no longer do attribute parsing: the MathMLNames namespace is no longer necessary
533         and constructors can take a more accurate element type.
534
535         No new tests, already covered by existing test.
536
537         * CMakeLists.txt: Add MathMLUnderOverElement files.
538         * WebCore.xcodeproj/project.pbxproj: Ditto.
539         * mathml/MathMLAllInOne.cpp: Ditto.
540         * mathml/MathMLElement.cpp:
541         (WebCore::MathMLElement::cachedBooleanAttribute): Add parsing of boolean attributes.
542         * mathml/MathMLElement.h: New type and helper functions for boolean attributes.
543         * mathml/MathMLInlineContainerElement.cpp:
544         (WebCore::MathMLInlineContainerElement::createElementRenderer): Remove handling of
545         under/over/underover elements.
546         * mathml/MathMLScriptsElement.cpp:
547         (WebCore::MathMLScriptsElement::MathMLScriptsElement): Remove inline keyword to avoid link
548         errors now that MathMLUnderOverElement overrides that class.
549         * mathml/MathMLScriptsElement.h: Allow MathMLUnderOverElement to override this class.
550         * mathml/MathMLUnderOverElement.cpp:
551         (WebCore::MathMLUnderOverElement::MathMLUnderOverElement):
552         (WebCore::MathMLUnderOverElement::create):
553         (WebCore::MathMLUnderOverElement::accent): Helper function to access the accent value.
554         (WebCore::MathMLUnderOverElement::accentUnder): Helper function to access the accentunder value.
555         (WebCore::MathMLUnderOverElement::parseAttribute): Make accent and accentunder dirty.
556         (WebCore::MathMLUnderOverElement::createElementRenderer): Create RenderMathMLUnderOver
557         * mathml/MathMLUnderOverElement.h:
558         * mathml/mathtags.in: Map under/over/underover to MathMLUnderOverElement.
559         * rendering/mathml/RenderMathMLFraction.cpp: Remove MathMLNames and make the constructor
560         take a MathMLFractionElement.
561         (WebCore::RenderMathMLFraction::RenderMathMLFraction):
562         * rendering/mathml/RenderMathMLFraction.h:
563         * rendering/mathml/RenderMathMLPadded.cpp: Remove MathMLNames and make the constructor
564         take a MathMLPaddedElement.
565         (WebCore::RenderMathMLPadded::RenderMathMLPadded):
566         * rendering/mathml/RenderMathMLPadded.h:
567         * rendering/mathml/RenderMathMLScripts.cpp: Remove MathMLNames and make the constructor
568         take a MathMLScriptsElement. Also rename scriptsElement() to element().
569         (WebCore::RenderMathMLScripts::RenderMathMLScripts):
570         (WebCore::RenderMathMLScripts::element):
571         (WebCore::RenderMathMLScripts::getScriptMetricsAndLayoutIfNeeded):
572         (WebCore::RenderMathMLScripts::scriptsElement): Deleted.
573         * rendering/mathml/RenderMathMLScripts.h:
574         * rendering/mathml/RenderMathMLUnderOver.cpp: Remove MathMLNames and make the constructor
575         take a RenderMathMLUnderOver.
576         (WebCore::RenderMathMLUnderOver::RenderMathMLUnderOver):
577         (WebCore::RenderMathMLUnderOver::element):
578         (WebCore::RenderMathMLUnderOver::hasAccent): Use the helper functions for accent and accentunder.
579         * rendering/mathml/RenderMathMLUnderOver.h:
580
581 2016-07-21  Chris Dumez  <cdumez@apple.com>
582
583         Parameter to Node.isSameNode() / isEqualNode() should be mandatory
584         https://bugs.webkit.org/show_bug.cgi?id=160070
585
586         Reviewed by Ryosuke Niwa.
587
588         Parameter to Node.isSameNode() / isEqualNode() should be mandatory as
589         per the specification:
590         - https://dom.spec.whatwg.org/#interface-node
591
592         Chrome and Firefox agree with the specification (although Firefox does
593         not support isSameNode()).
594
595         No new tests, rebaselined existing tests.
596
597         * dom/Node.idl:
598
599 2016-07-21  Chris Dumez  <cdumez@apple.com>
600
601         Parameter to Document.createEvent() should be mandatory
602         https://bugs.webkit.org/show_bug.cgi?id=160065
603
604         Reviewed by Darin Adler.
605
606         Parameter to Document.createEvent() should be mandatory as per the
607         specification:
608         - https://dom.spec.whatwg.org/#document
609
610         We already throw anyway when the parameter is omitted because we use
611         "undefined" as event type, which is invalid. However, we throw the
612         wrong exception.
613
614         Firefox and Chrome agree with the specification here.
615
616         No new tests, rebaselined existing tests.
617
618         * dom/Document.idl:
619
620 2016-07-21  Brian Burg  <bburg@apple.com>
621
622         REGRESSION(r62549): Objective-C DOM bindings sometimes fail to regenerate when CodeGenerator.pm is modified
623         https://bugs.webkit.org/show_bug.cgi?id=160031
624
625         Reviewed by Darin Adler.
626
627         This bug was caused by a refactoring 6 years ago. Not all uses of a variable
628         were renamed, so the ObjC bindings target pattern was not specifying any
629         build scripts as target dependencies.
630
631         * DerivedSources.make: Standardize on {COMMON,JS,DOM}_BINDINGS_SCRIPTS.
632
633 2016-07-21  Darin Adler  <darin@apple.com>
634
635         Remove unneeded content attribute name "playsinline"
636         https://bugs.webkit.org/show_bug.cgi?id=160069
637
638         Reviewed by Chris Dumez.
639
640         * html/HTMLVideoElement.idl: Removed explicit content attribute name on Reflect
641         attribute since it is the same as the name that the code generator will generate.
642
643 2016-07-21  Chris Dumez  <cdumez@apple.com>
644
645         Make parameters to Element.getElementsBy*() operations mandatory
646         https://bugs.webkit.org/show_bug.cgi?id=160060
647
648         Reviewed by Darin Adler.
649
650         Make parameters to Element.getElementsBy*() operations mandatory to
651         match the specification:
652         - https://dom.spec.whatwg.org/#interface-element
653
654         Firefox and Chrome agree with the specification so the compatibility
655         risk should be low.
656
657         It makes very little sense to call these operations without parameter,
658         especially considering WebKit uses the string "undefined" if the
659         parameter is omitted.
660
661         No new tests, rebaselined existing tests.
662
663         * dom/Element.idl:
664
665 2016-07-21  Chris Dumez  <cdumez@apple.com>
666
667         Make parameters mandatory for attribute-related API on Element
668         https://bugs.webkit.org/show_bug.cgi?id=160059
669
670         Reviewed by Ryosuke Niwa.
671
672         Make parameters mandatory for attribute-related API on Element to match
673         the specification:
674         - https://dom.spec.whatwg.org/#element
675
676         Firefox and Chrome agree with the specification. Calling this API
677         without the parameters does not make much sense, especially considering
678         WebKit uses the string "undefined" when the parameter is omitted.
679
680         No new tests, rebaselined existing tests.
681
682         * dom/Element.idl:
683
684 2016-07-21  Myles C. Maxfield  <mmaxfield@apple.com>
685
686         Remove support for deprecated SPI inlineMediaPlaybackRequiresPlaysInlineAttribute
687         https://bugs.webkit.org/show_bug.cgi?id=160066
688
689         Reviewed by Dean Jackson.
690
691         r203520 deprecated inlineMediaPlaybackRequiresPlaysInlineAttribute in favor of
692         allowsInlineMediaPlaybackWithPlaysInlineAttribute and
693         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute. The old
694         inlineMediaPlaybackRequiresPlaysInlineAttribute is SPI and was never released
695         to the public. Therefore, it can be removed safely.
696
697         No new tests because there is no behavior change.
698
699         * page/Settings.cpp:
700         * page/Settings.in:
701         * testing/InternalSettings.cpp:
702         (WebCore::InternalSettings::Backup::Backup): Deleted.
703         (WebCore::InternalSettings::Backup::restoreTo): Deleted.
704         (WebCore::InternalSettings::setInlineMediaPlaybackRequiresPlaysInlineAttribute): Deleted.
705         * testing/InternalSettings.h:
706         * testing/InternalSettings.idl:
707
708 2016-07-21  Dean Jackson  <dino@apple.com>
709
710         REGRESSION (r202927): The internal size of the ImageBuffer is scaled twice by the context scaleFactor
711         https://bugs.webkit.org/show_bug.cgi?id=159981
712         <rdar://problem/27429465>
713
714         Reviewed by Myles Maxfield.
715
716         The change to propagate color spaces through ImageBuffers created an
717         alternate version of createCompatibleBuffer. This version accidentally
718         attempted to take the display resolution (i.e. hidpi) into account
719         when creating the buffer, which meant it was being applied twice.
720
721         The fix is simply to remove that logic. The caller of the method
722         will take the resolution into account, the same way they did
723         with the old createCompatibleBuffer method.
724
725         Test: fast/hidpi/pdf-image-scaled.html
726
727         * platform/graphics/cg/ImageBufferCG.cpp:
728         (WebCore::ImageBuffer::createCompatibleBuffer): Don't calculate
729         a resolution - just use the value of 1.0.
730
731 2016-07-21  John Wilander  <wilander@apple.com>
732
733         Block mixed content synchronous XHR
734         https://bugs.webkit.org/show_bug.cgi?id=105462
735         <rdar://problem/13666424>
736
737         Reviewed by Brent Fulgham.
738
739         Test: http/tests/security/mixedContent/insecure-xhr-sync-in-main-frame.html
740
741         * loader/DocumentThreadableLoader.cpp:
742         (WebCore::DocumentThreadableLoader::loadRequest):
743
744 2016-07-21  Chris Dumez  <cdumez@apple.com>
745
746         Make parameters to Document.getElementsBy*() operations mandatory
747         https://bugs.webkit.org/show_bug.cgi?id=160050
748
749         Reviewed by Daniel Bates.
750
751         Make parameters to Document.getElementsBy*() operations mandatory to
752         match the specification:
753         - https://dom.spec.whatwg.org/#interface-document
754
755         Firefox and Chrome agree with the specification so the compatibility
756         risk should be low.
757
758         It makes very little sense to call these operations without parameter,
759         especially considering WebKit uses the string "undefined" if the
760         parameter is omitted.
761
762         No new tests, rebaselined existing tests.
763
764         * dom/Document.idl:
765
766 2016-07-21  Nan Wang  <n_wang@apple.com>
767
768         AX: aria-label not being used correctly in accessible name calculation of heading
769         https://bugs.webkit.org/show_bug.cgi?id=160009
770
771         Reviewed by Chris Fleizach.
772
773         Actually we are exposing the correct information for heading objects. On macOS, 
774         VoiceOver should handle the logic that picks the right information to speak.
775         On iOS, VoiceOver is speaking the static text child instead of the heading object.
776         So we should set the accessibilityLabel of the static text based on the parent's 
777         alternate label.
778
779         Test: accessibility/ios-simulator/heading-with-aria-label.html
780
781         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
782         (-[WebAccessibilityObjectWrapper _accessibilityTraitsFromAncestors]):
783
784 2016-07-21  Saam Barati  <sbarati@apple.com>
785
786         op_add/ValueAdd should be an IC in all JIT tiers
787         https://bugs.webkit.org/show_bug.cgi?id=159649
788
789         Reviewed by Benjamin Poulain.
790
791         * ForwardingHeaders/jit/JITMathICForwards.h: Added.
792
793 2016-07-21  Chris Dumez  <cdumez@apple.com>
794
795         Make parameters mandatory for Document.create*() operations
796         https://bugs.webkit.org/show_bug.cgi?id=160047
797
798         Reviewed by Ryosuke Niwa.
799
800         Make parameters mandatory for Document.create*() operations:
801         createTextNode(), createComment(), createCDataSection(),
802         createAttribute() and createProcessingInstruction().
803
804         This matches the specification:
805         - https://dom.spec.whatwg.org/#interface-document
806
807         Firefox and Chrome both agree with the specification so the
808         compatibility risk should be low. Also WebKit uses the string
809         "undefined" when the parameter is omitted, which is not very
810         helpful.
811
812         No new tests, rebaselined existing tests.
813
814         * dom/Document.idl:
815
816 2016-07-21  Chris Dumez  <cdumez@apple.com>
817
818         Fix null handling of SVGAngle/SVGLength.valueAsString attribute
819         https://bugs.webkit.org/show_bug.cgi?id=160025
820
821         Reviewed by Ryosuke Niwa.
822
823         Fix null handling of SVGAngle/SVGLength.valueAsString attribute
824         to match the specification:
825         - https://www.w3.org/TR/SVG2/types.html#InterfaceSVGAngle
826         - https://www.w3.org/TR/SVG2/types.html#InterfaceSVGLength
827
828         In particular, this patch drops [TreatNullAs=EmptyString] IDL
829         extended attribute from this attribute. This is not supposed
830         to change behavior given that both "" and "null" are invalid
831         numbers and the specification says to throw a SYNTAX_ERR in
832         this case.
833
834         However, WebKit currently ignores assignments to "" instead
835         of throwing. As a result, assigning to null will now throw
836         instead of being ignored. The compatibility risk should be
837         low because both Firefox and Chrome throw when assigning
838         null.
839
840         I did not change the behavior when assigning to "" because
841         it is a bit out of scope for this patch and browsers to not
842         seem to agree:
843         - Firefox throws
844         - Chrome set value to "0"
845         - WebKit ignores the assignment
846
847         The specification seems to agree with Firefox as far as I
848         can tell given that "" is not a valid number as per:
849         - https://www.w3.org/TR/css3-values/#numbers
850
851         Test: svg/dom/valueAsString-null.html
852
853         * svg/SVGAngle.idl:
854         * svg/SVGLength.idl:
855
856 2016-07-21  Chris Dumez  <cdumez@apple.com>
857
858         Fix null handling of HTMLFontElement.color
859         https://bugs.webkit.org/show_bug.cgi?id=160036
860
861         Reviewed by Ryosuke Niwa.
862
863         Fix null handling of HTMLFontElement.color to match the specification:
864         - https://html.spec.whatwg.org/#htmlfontelement
865
866         We are supposed to treat null as the empty string. Both Firefox and
867         Chrome agree with the specification.
868
869         No new tests, rebaselined existing tests.
870
871         * html/HTMLFontElement.idl:
872
873 2016-07-21  Chris Dumez  <cdumez@apple.com>
874
875         Fix null handling for several HTMLTableElement attributes
876         https://bugs.webkit.org/show_bug.cgi?id=160041
877
878         Reviewed by Ryosuke Niwa.
879
880         Fix null handling for several HTMLTableElement attributes to match the
881         specification:
882         - https://html.spec.whatwg.org/#HTMLTableElement-partial
883
884         The attributes in question are 'bicolor', 'cellSpacing' and
885         'cellPadding'. We are supposed to treat null as the empty string for
886         these attributes.
887
888         Firefox and Chrome both agree with the specification.
889
890         No new tests, rebaselined existing tests.
891
892         * html/HTMLTableElement.idl:
893
894 2016-07-21  Chris Dumez  <cdumez@apple.com>
895
896         Fix null handling for HTMLObjectElement.border
897         https://bugs.webkit.org/show_bug.cgi?id=160040
898
899         Reviewed by Ryosuke Niwa.
900
901         Fix null handling for HTMLObjectElement.border to match the specification:
902         - https://html.spec.whatwg.org/#HTMLObjectElement-partial
903
904         We are supposed to treat null as the empty string.
905
906         Both Firefox and Chrome agree with the specification.
907
908         No new tests, rebaselined existing tests.
909
910         * html/HTMLObjectElement.idl:
911
912 2016-07-21  Chris Dumez  <cdumez@apple.com>
913
914         Fix null handling for td.bgColor / tr.bgColor
915         https://bugs.webkit.org/show_bug.cgi?id=160043
916
917         Reviewed by Ryosuke Niwa.
918
919         Fix null handling for td.bgColor / tr.bgColor to match the
920         specification:
921         - https://html.spec.whatwg.org/#HTMLTableCellElement-partial
922         - https://html.spec.whatwg.org/#HTMLTableRowElement-partial
923
924         We are supposed to treat null as the empty string.
925
926         Firefox and Chrome both agree with the specification.
927
928         No new tests, rebaselined existing tests.
929
930         * html/HTMLTableCellElement.idl:
931         * html/HTMLTableRowElement.idl:
932
933 2016-07-21  Chris Dumez  <cdumez@apple.com>
934
935         Fix null handling for several HTMLBodyElement attributes
936         https://bugs.webkit.org/show_bug.cgi?id=160044
937
938         Reviewed by Ryosuke Niwa.
939
940         Fix null handling for several HTMLBodyElement attributes to match the
941         specification:
942         - https://html.spec.whatwg.org/#HTMLBodyElement-partial
943
944         The attributes in question are: 'text', 'link', 'vlink', 'alink' and
945         'bgcolor'.
946
947         We are supposed to treat null as the empty string for these attributes.
948
949         Firefox and Chrome both agree with the specification.
950
951         No new tests, rebaselined existing tests.
952
953         * html/HTMLBodyElement.idl:
954
955 2016-07-21  Chris Dumez  <cdumez@apple.com>
956
957         Fix null handling for HTMLIFrameElement.marginWidth / marginHeight
958         https://bugs.webkit.org/show_bug.cgi?id=160037
959
960         Reviewed by Ryosuke Niwa.
961
962         Fix null handling for HTMLIFrameElement.marginWidth / marginHeight to
963         match the specification:
964         - https://html.spec.whatwg.org/#HTMLIFrameElement-partial
965
966         We are supposed to treat null as the empty string. Both Firefox and
967         Chrome agree with the specification.
968
969         No new tests, rebaselined existing tests.
970
971         * html/HTMLIFrameElement.idl:
972
973 2016-07-21  Chris Dumez  <cdumez@apple.com>
974
975         Fix null handling for HTMLImageElement.border
976         https://bugs.webkit.org/show_bug.cgi?id=160039
977
978         Reviewed by Ryosuke Niwa.
979
980         Fix null handling for HTMLImageElement.border to match the specification:
981         - https://html.spec.whatwg.org/#HTMLImageElement-partial
982
983         We are supposed to treat null as the empty string.
984
985         Both Firefox and Chrome agree with the specification.
986
987         No new tests, rebaselined existing tests.
988
989         * html/HTMLImageElement.idl:
990
991 2016-07-21  Daniel Bates  <dabates@apple.com>
992
993         REGRESSION: Plugin replaced YouTube Flash videos always have the same width
994         https://bugs.webkit.org/show_bug.cgi?id=159998
995         <rdar://problem/27462285>
996
997         Reviewed by Simon Fraser.
998
999         Fixes an issue where the width of a plugin replaced YouTube video loaded via an HTML embed
1000         element would always have the same width regardless of value of the width attribute.
1001
1002         For YouTube Flash videos the YouTube plugin replacement substitutes a shadow DOM subtree
1003         for the default renderer of an HTML embed element. The root of this shadow DOM subtree
1004         is an HTML div element. Currently we set inline styles on this <div> when it is instantiated.
1005         In particular, we set inline display and position to "inline-block" and "relative", respectively,
1006         and set an invalid height and width (we specify a font weight value instead of a CSS length value
1007         - this causes an ASSERT_NOT_REACHED() assertion failure in StyleBuilderConverter::convertLengthSizing()
1008         in a debug build). These styles never worked as intended and we ultimately created an inline
1009         renderer (ignoring display "inline-block") that had auto width and height. Instead it is sufficient
1010         to remove all these inline styles and create a RenderBlockFlow renderer for this <div> so that it
1011         renders as a block, non-replaced element to achieve the intended illusion that the <embed> is a
1012         single element.
1013
1014         * html/shadow/YouTubeEmbedShadowElement.cpp: Remove unused header HTMLEmbedElement.h and include
1015         header RenderBlockFlow.h. Also update copyright in license block.
1016         (WebCore::YouTubeEmbedShadowElement::YouTubeEmbedShadowElement): Remove inline styles as these
1017         never worked as intended.
1018         (WebCore::YouTubeEmbedShadowElement::createElementRenderer): Override; create a block-flow
1019         renderer for us so that we layout as a block, non-replaced element.
1020         * html/shadow/YouTubeEmbedShadowElement.h:
1021
1022 2016-07-21  Myles C. Maxfield  <mmaxfield@apple.com>
1023
1024         [iPhone] Playing a video on tudou.com plays only sound, no video
1025         https://bugs.webkit.org/show_bug.cgi?id=159967
1026         <rdar://problem/26964090>
1027
1028         Reviewed by Jon Lee, Jeremy Jones, and Anders Carlsson.
1029
1030         WebKit recently starting honoring the playsinline and webkit-playsinline
1031         attribute on iPhones. However, because these attributes previously did
1032         nothing, some sites (such as Todou) were setting them on their content
1033         and expecting that they are not honored. In this specific case, the
1034         video is absolutely positioned to be 1 pixel x 1 pixel.
1035
1036         Previously, with iOS 9, apps could set the allowsInlineMediaPlayback
1037         property on their WKWebView, which would honor the webkit-playsinline
1038         attribute. Safari on iPhones didn't do this.
1039
1040         In order to not break these existing apps, it's important that the
1041         allowsInlineMediaPlayback preference still allows webkit-playsinline
1042         videos to play inline in apps using WKWebView. However, in Safari, these
1043         videos should play fullscreen. (Todou videos have webkit-playsinline
1044         but not playsinline.)
1045
1046         Therefore, in Safari, videos with playsinline should be inline, but
1047         videos with webkit-playsinline should be fullscreen. In apps using
1048         WKWebViews, if the app sets allowsInlineMediaPlayback, then videos with
1049         playsinline should be inline, and videos with webkit-playsinline should
1050         also be inline. Videos on iPad and Mac should all be inline by default.
1051
1052         We can create some truth tables for the cases which need to be covered:
1053
1054         All apps on Mac / iPad:
1055         Presence of playsinline | Presence of webkit-playsinline | Result
1056         ========================|================================|===========
1057         Not present             | Not present                    | Inline
1058         Present                 | Not present                    | Inline
1059         Not Present             | Present                        | Inline
1060         Present                 | Present                        | Inline
1061
1062         Safari on iPhone:
1063         Presence of playsinline | Presence of webkit-playsinline | Result
1064         ========================|================================|===========
1065         Not present             | Not present                    | Fullscreen
1066         Present                 | Not present                    | Inline
1067         Not Present             | Present                        | Fullscreen
1068         Present                 | Present                        | Inline
1069
1070         App on iPhone which sets allowsInlineMediaPlayback:
1071         Presence of playsinline | Presence of webkit-playsinline | Result
1072         ========================|================================|===========
1073         Not present             | Not present                    | Fullscreen
1074         Present                 | Not present                    | Inline
1075         Not Present             | Present                        | Inline
1076         Present                 | Present                        | Inline
1077
1078         The way to distinguish Safari from another app is to create an SPI
1079         boolean preference which Safari can set. This is already how the
1080         iPhone and iPad are differentiated using the requiresPlayInlineAttribute
1081         which Safari sets but other apps don't. However, this preference is
1082         no longer sufficient because Safari should now be discriminating
1083         between the playsinline and webkit-playsinline attributes. Therefore,
1084         this preference should be extended to two boolean preferences, which
1085         this patch adds:
1086
1087         allowsInlineMediaPlaybackWithPlaysInlineAttribute
1088         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute
1089
1090         Safari on iPhone will set
1091         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to true,
1092         and allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to
1093         false. Other apps on iPhone will get their defaults values (because they
1094         are SPI) which means they will both be true. On iPad and Mac, apps will
1095         use the defaults values where both are false.
1096
1097         This patch adds support for these two preferences, but does not remove
1098         the existing inlineMediaPlaybackRequiresPlaysInlineAttribute preference.
1099         I will remove the exising preference as soon as I update Safari to migrate
1100         off of it.
1101
1102         Test: media/video-playsinline.html
1103
1104         * html/MediaElementSession.cpp:
1105         (WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):
1106         * page/Settings.cpp:
1107         * page/Settings.in:
1108         * testing/InternalSettings.cpp:
1109         (WebCore::InternalSettings::Backup::Backup):
1110         (WebCore::InternalSettings::Backup::restoreTo):
1111         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithPlaysInlineAttribute):
1112         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute):
1113         * testing/InternalSettings.h:
1114         * testing/InternalSettings.idl:
1115
1116 2016-07-21  Ryosuke Niwa  <rniwa@webkit.org>
1117
1118         Crash accessing null renderer inside WebCore::DeleteSelectionCommand::doApply
1119         https://bugs.webkit.org/show_bug.cgi?id=160011
1120
1121         Reviewed by Chris Dumez.
1122
1123         Add a null pointer check for renderer() call.
1124
1125         Unfortunately no new tests since we don't have a reproduction.
1126
1127         * editing/DeleteSelectionCommand.cpp:
1128         (WebCore::DeleteSelectionCommand::doApply):
1129
1130 2016-07-21  Chris Dumez  <cdumez@apple.com>
1131
1132         The 2 first parameters to DOMImplementation.createDocument() should be mandatory
1133         https://bugs.webkit.org/show_bug.cgi?id=160030
1134
1135         Reviewed by Sam Weinig.
1136
1137         The 2 first parameters to DOMImplementation.createDocument() should be mandatory
1138         as per the specification:
1139         - https://dom.spec.whatwg.org/#domimplementation
1140
1141         Firefox and Chrome both agree with the specification. However, those
1142         parameters were marked as optional in WebKit. Calling this function
1143         without parameters would create a document element whose tag is the
1144         string "undefined", which does not seem helpful. This patch thus
1145         aligns our behavior with the specification and other browsers.
1146
1147         No new tests, rebaselined existing tests.
1148
1149         * dom/DOMImplementation.idl:
1150
1151 2016-07-21  Chris Dumez  <cdumez@apple.com>
1152
1153         Kill legacy valueToStringWithNullCheck() utility function
1154         https://bugs.webkit.org/show_bug.cgi?id=159991
1155
1156         Reviewed by Sam Weinig.
1157
1158         Kill legacy valueToStringWithNullCheck() utility function. Treating null as
1159         a null string is legacy behavior so drop this function so that people are
1160         not tempted to use it. We should be using either:
1161         1. JSValue::toWTFString() for non-nullable DOMStrings
1162         2. valueToStringWithUndefinedOrNullCheck() for nullable DOMStrings
1163         3. valueToStringTreatingNullAsEmptyString() for strings with [TreatNullAs=EmptyString]
1164
1165         No new tests, no web-exposed behavior change.
1166
1167         * bindings/js/JSDOMBinding.cpp:
1168         (WebCore::valueToStringWithNullCheck): Deleted.
1169         * bindings/js/JSDOMBinding.h:
1170         * bindings/js/JSHTMLFrameElementCustom.cpp:
1171         (WebCore::JSHTMLFrameElement::setLocation):
1172         * html/HTMLFrameElement.idl:
1173
1174 2016-07-21  Zalan Bujtas  <zalan@apple.com>
1175
1176         Do not keep invalid IOSurface in ImageBufferData.
1177         https://bugs.webkit.org/show_bug.cgi?id=160005
1178         <rdar://problem/27208636>
1179
1180         Reviewed by Simon Fraser.
1181
1182         When we fail to initialize the IOSurface for the accelerated context, we switch over to
1183         the non-accelerated code path. Since ImageBufferData::surface is used to indicate whether
1184         the graphics context is in accelerated mode, we need to reset it when the initialization fails.
1185
1186         Unable to create a test case.
1187
1188         * platform/graphics/cg/ImageBufferCG.cpp:
1189         (WebCore::ImageBuffer::ImageBuffer):
1190
1191 2016-07-21  Chris Dumez  <cdumez@apple.com>
1192
1193         playsInline IDL attribute has the wrong casing
1194         https://bugs.webkit.org/show_bug.cgi?id=160029
1195         <rdar://problem/27474031>
1196
1197         Reviewed by Jon Lee.
1198
1199         Fix case from video.playsinline to video.playsInline in order to match
1200         the specification:
1201         - https://html.spec.whatwg.org/multipage/embedded-content.html#the-video-element:dom-video-playsinline
1202
1203         It still reflects the "playsinline" content attribute though, as per
1204         the specification:
1205         - https://html.spec.whatwg.org/multipage/embedded-content.html#dom-video-playsinline
1206
1207         No new tests, updated existing test.
1208
1209         * html/HTMLVideoElement.idl:
1210
1211 2016-07-21  Chris Dumez  <cdumez@apple.com>
1212
1213         Drop [TreatNullAs=EmptyString] from CanvasRenderingContext2D.globalCompositeOperation
1214         https://bugs.webkit.org/show_bug.cgi?id=160026
1215
1216         Reviewed by Sam Weinig.
1217
1218         Drop [TreatNullAs=EmptyString] from CanvasRenderingContext2D.globalCompositeOperation
1219         attribute as it does not match the specification:
1220         - https://html.spec.whatwg.org/multipage/scripting.html#canvascompositing
1221
1222         It does not change web-exposed behavior because assigning to "" or "null"
1223         gets ignored as those are not valid operations.
1224
1225         Test: fast/canvas/context-globalCompositeOperation-null.html
1226
1227         * html/canvas/CanvasRenderingContext2D.idl:
1228
1229 2016-07-21  Carlos Garcia Campos  <cgarcia@igalia.com>
1230
1231         [GTK][Threaded Compositor] Overlay scrollbars shouldn't be a requirement of the threaded compositor
1232         https://bugs.webkit.org/show_bug.cgi?id=160020
1233
1234         Reviewed by Michael Catanzaro.
1235
1236         It has been a requirement only because we didn't really know why frame scrollbars were not rendered when using
1237         the threaded compositor. The reason is that RenderView doesn't use layers for FrameView scrollbars by default,
1238         unless using overlay scrollbars. When using the threaded compositor we really need layers for the FrameView
1239         scrollbars even when not using overlay scrollbars.
1240
1241         * platform/gtk/ScrollbarThemeGtk.cpp:
1242         (WebCore::ScrollbarThemeGtk::ScrollbarThemeGtk): Stop enforcing overlay scrollbars when threaded compositor is enabled.
1243         * rendering/RenderLayerCompositor.cpp:
1244         (WebCore::RenderLayerCompositor::shouldCompositeOverflowControls): Always use layers for scrollbars when
1245         threaded compositor is enabled.
1246
1247 2016-07-21  Carlos Garcia Campos  <cgarcia@igalia.com>
1248
1249         [Cairo] Fix a crash in fast/canvas/canvas-getImageData-invalid-result-buffer-crash.html
1250         https://bugs.webkit.org/show_bug.cgi?id=160014
1251
1252         Reviewed by Michael Catanzaro.
1253
1254         In r202887 some null checks were added for JSArray::createUninitialized (and related) but not for the
1255         ImageBuffer cairo implementation.
1256
1257         * platform/graphics/cairo/ImageBufferCairo.cpp:
1258         (WebCore::getImageData): Return early if Uint8ClampedArray::createUninitialized() returns nullptr.
1259
1260 2016-07-21  Miguel Gomez  <magomez@igalia.com>
1261
1262         [GTK] The GSTREAMER_GL path in MediaPlayerPrivateGStreamerBase::paintToTextureMapper() is missing a mutex lock
1263         https://bugs.webkit.org/show_bug.cgi?id=160018
1264
1265         Reviewed by Philippe Normand.
1266
1267         Lock the video sample mutex while accessing it.
1268
1269         Covered by existent tests.
1270
1271         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
1272         (WebCore::MediaPlayerPrivateGStreamerBase::paintToTextureMapper):
1273
1274 2016-07-21  Miguel Gomez  <magomez@igalia.com>
1275
1276         [Threaded Compositor] Flickering when zooming in/out in maps.google.com
1277         https://bugs.webkit.org/show_bug.cgi?id=154069
1278
1279         Reviewed by Carlos Garcia Campos.
1280
1281         Add a new extra buffer to GraphicsContext3D when using the Threaded Compositor,
1282         so it doesn't have to reuse the buffers that are still waiting for composition.
1283
1284         Covered by existing tests.
1285
1286         * platform/graphics/GraphicsContext3D.h:
1287         Add a new texture to use for the rendering. Remove the compositor fbo we were using.
1288         * platform/graphics/cairo/GraphicsContext3DCairo.cpp:
1289         (WebCore::GraphicsContext3D::GraphicsContext3D):
1290         Initialize the new texture and remove the previous fbo related code.
1291         (WebCore::GraphicsContext3D::~GraphicsContext3D):
1292         Properly destroy the new texture and remove the previous fbo related code.
1293         * platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:
1294         (WebCore::GraphicsContext3D::reshapeFBOs):
1295         Allocate the new texture and remove the previous fbo allocation.
1296         * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
1297         (WebCore::GraphicsContext3D::prepareTexture):
1298         Use a single fbo with three textures instead of two fbos with a texture each.
1299         Rotate the three textures usage so:
1300         - m_texture becomes m_compositorTexture to be pushed to the compositor.
1301         - m_intermediateTexture becomes m_texture to receive the next rendering.
1302         - m_compositorTexture becomes m_intermediateTexture.
1303         And add a glFlush() to ensure that the gl commands are sent to the pipeline.
1304         * platform/graphics/opengl/GraphicsContext3DOpenGLES.cpp:
1305         (WebCore::GraphicsContext3D::reshapeFBOs):
1306         Allocate the new texture.
1307
1308 2016-07-21  Carlos Garcia Campos  <cgarcia@igalia.com>
1309
1310         [GTK][Threaded Compositor] Web view background colors don't work
1311         https://bugs.webkit.org/show_bug.cgi?id=159465
1312
1313         Reviewed by Michael Catanzaro.
1314
1315         * rendering/RenderLayerBacking.cpp:
1316         (WebCore::RenderLayerBacking::createPrimaryGraphicsLayer): Initialize frame view layer opacity for platforms not
1317         using the tiled cache layer.
1318
1319 2016-07-20  Youenn Fablet  <youenn@apple.com>
1320
1321         [XHR] Cache response JS object in case of arraybuffer and blob response types
1322         https://bugs.webkit.org/show_bug.cgi?id=128903
1323
1324         Reviewed by Alex Christensen.
1325
1326         Covered by existing and modified tests.
1327
1328         Making response getter a JS builtin that caches response in @response private slot.
1329         Handling invalidation of cached response with @responseCacheIsValid new private method.
1330         Handling creation of cached response with @retrieveResponse new private method which reuses most of
1331         JSXMLHttpRequest::response previous code.
1332
1333         Caching of responses is activated whenever load ended without any error for blob and arraybuffer response types.
1334
1335         Caching of response for document is also activated in case the response getter is used but not if responseXML getter is used.
1336
1337         * CMakeLists.txt: Adding XMLHttpRequest.js.
1338         * DerivedSources.make: Ditto.
1339         * bindings/js/JSXMLHttpRequestCustom.cpp:
1340         (WebCore::JSXMLHttpRequest::retrieveResponse): Implements creation of to-be-cached response.
1341         (WebCore::JSXMLHttpRequest::response): Deleted.
1342         * bindings/js/WebCoreBuiltinNames.h: Adding new private names.
1343         * xml/XMLHttpRequest.cpp:
1344         (WebCore::XMLHttpRequest::didCacheResponse): Renamed from didCacheResponseJSON as all response types are now cached.
1345         (WebCore::XMLHttpRequest::didCacheResponseJSON): Deleted.
1346         * xml/XMLHttpRequest.h:
1347         * xml/XMLHttpRequest.idl:
1348
1349 2016-07-20  Youenn Fablet  <youenn@apple.com>
1350
1351         Remove crossOriginRequestPolicy from ThreadableLoaderOptions
1352         https://bugs.webkit.org/show_bug.cgi?id=159417
1353
1354         Reviewed by Alex Christensen.
1355
1356         No observable change.
1357
1358         * Modules/fetch/FetchLoader.cpp:
1359         (WebCore::FetchLoader::start): DenyCrossOriginRequests -> FetchOptions::Mode::SameOrigin.
1360         * fileapi/FileReaderLoader.cpp:
1361         (WebCore::FileReaderLoader::start): DenyCrossOriginRequests -> FetchOptions::Mode::SameOrigin.
1362         * inspector/InspectorNetworkAgent.cpp:
1363         (WebCore::InspectorNetworkAgent::loadResource): AllowCrossOriginRequests -> FetchOptions::Mode::NoCors.
1364         * loader/DocumentThreadableLoader.cpp:
1365         (WebCore::DocumentThreadableLoader::DocumentThreadableLoader): Ditto.
1366         (WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequest): UseAccessControl -> FetchOptions::Mode::Cors.
1367         (WebCore::DocumentThreadableLoader::redirectReceived): Ditto.
1368         (WebCore::DocumentThreadableLoader::didReceiveResponse): Ditto.
1369         (WebCore::DocumentThreadableLoader::loadRequest): Use NoCors as option passed to ResourceLoader. This allows
1370         desactivating ResourceLoader CORS checks as they are done in DocumentThreadableLoader right now. In the future,
1371         these checks should be moved to ResourceLoader and DocumentThreadableLoader should directly pass the fetch mode
1372         option.
1373         (WebCore::DocumentThreadableLoader::isAllowedRedirect): AllowCrossOriginRequests -> FetchOptions::Mode::NoCors.
1374         * loader/ThreadableLoader.cpp:
1375         (WebCore::ThreadableLoaderOptions::ThreadableLoaderOptions): Removing CrossOriginRequestPolicy.
1376         * loader/ThreadableLoader.h: Ditto.
1377         * loader/WorkerThreadableLoader.cpp:
1378         (WebCore::LoaderTaskOptions::LoaderTaskOptions): Ditto.
1379         * page/EventSource.cpp:
1380         (WebCore::EventSource::connect): UseAccessControl -> FetchOptions::Mode::Cors.
1381         * workers/Worker.cpp:
1382         (WebCore::Worker::create): DenyCrossOriginRequests -> FetchOptions::Mode::SameOrigin.
1383         * workers/WorkerGlobalScope.cpp:
1384         (WebCore::WorkerGlobalScope::importScripts): AllowCrossOriginRequests -> FetchOptions::Mode::NoCors.
1385         * workers/WorkerScriptLoader.cpp:
1386         (WebCore::WorkerScriptLoader::loadSynchronously):
1387         (WebCore::WorkerScriptLoader::loadAsynchronously):
1388         * workers/WorkerScriptLoader.h:
1389         * xml/XMLHttpRequest.cpp:
1390         (WebCore::XMLHttpRequest::createRequest):
1391
1392 2016-07-20  Chris Dumez  <cdumez@apple.com>
1393
1394         Fix null handling of several Document attributes
1395         https://bugs.webkit.org/show_bug.cgi?id=159997
1396
1397         Reviewed by Ryosuke Niwa.
1398
1399         Fix null handling of the following Document attributes: title, cookie
1400         and domain.
1401
1402         In WebKit, they were all marked as [TreatNullAs=EmptyString], which
1403         does not match the specification:
1404         - https://html.spec.whatwg.org/multipage/dom.html#document
1405
1406         Details for each attribute:
1407         - title: null is now treated as the string "null", thus setting the
1408           document title to "null". This matches Firefox and Chrome.
1409         - cookie: adds a "null" cookie instead of being a no-op. This matches
1410                   both Firefox and Chrome.
1411         - domain: Calls setDomain(String("null")) instead of
1412                   setDomain(String()). This throws an exception because "null"
1413                   is not a suffix of the effective domain name. The behavior
1414                   is the same in Firefox and Chrome. Previously, we were
1415                   already throwing an exception since setting the domain to
1416                   the empty string throws, as per the specification.
1417
1418         Test: http/tests//dom/document-attributes-null-handling.html
1419
1420         * dom/Document.idl:
1421
1422 2016-07-20  Commit Queue  <commit-queue@webkit.org>
1423
1424         Unreviewed, rolling out r203471.
1425         https://bugs.webkit.org/show_bug.cgi?id=160003
1426
1427         many iOS-simulator tests are failing (Requested by litherum on
1428         #webkit).
1429
1430         Reverted changeset:
1431
1432         "[iPhone] Playing a video on tudou.com plays only sound, no
1433         video"
1434         https://bugs.webkit.org/show_bug.cgi?id=159967
1435         http://trac.webkit.org/changeset/203471
1436
1437 2016-07-19  Ryosuke Niwa  <rniwa@webkit.org>
1438
1439         iOS: Cannot paste images in RTF content
1440         https://bugs.webkit.org/show_bug.cgi?id=159964
1441         <rdar://problem/27442806>
1442
1443         Reviewed by Enrica Casucci.
1444
1445         The bug was caused by setDefersLoading(true) not deferring image loading for the parsed fragment.
1446         Worked around this bug by disabling image loading while parsing the document fragment.
1447
1448         * editing/ios/EditorIOS.mm:
1449         (WebCore::Editor::createFragmentAndAddResources):
1450
1451 2016-07-20  Brady Eidson  <beidson@apple.com>
1452
1453         Address a small FIXME in IDB code.
1454         https://bugs.webkit.org/show_bug.cgi?id=159999
1455
1456         Reviewed by Andy Estes.
1457
1458         No new tests (No behavior change).
1459
1460         * Modules/indexeddb/IDBRequest.cpp:
1461         (WebCore::IDBRequest::IDBRequest):
1462         
1463         * Modules/indexeddb/shared/IDBResourceIdentifier.cpp:
1464         (WebCore::IDBResourceIdentifier::IDBResourceIdentifier): Deleted.
1465         * Modules/indexeddb/shared/IDBResourceIdentifier.h:
1466
1467 2016-07-20  Brady Eidson  <beidson@apple.com>
1468
1469         Remove some "modernFoo"s from IndexedDB code.
1470         https://bugs.webkit.org/show_bug.cgi?id=159985
1471
1472         Reviewed by Andy Estes.
1473
1474         No new tests (No known behavior change).
1475
1476         * Modules/indexeddb/IDBCursor.cpp:
1477         (WebCore::IDBCursor::IDBCursor):
1478         (WebCore::IDBCursor::~IDBCursor):
1479         (WebCore::IDBCursor::sourcesDeleted):
1480         (WebCore::IDBCursor::effectiveObjectStore):
1481         (WebCore::IDBCursor::transaction):
1482         (WebCore::IDBCursor::direction):
1483         (WebCore::IDBCursor::update):
1484         (WebCore::IDBCursor::advance):
1485         (WebCore::IDBCursor::continueFunction):
1486         (WebCore::IDBCursor::uncheckedIterateCursor):
1487         (WebCore::IDBCursor::deleteFunction):
1488         (WebCore::IDBCursor::setGetResult):
1489         
1490         * Modules/indexeddb/IDBIndex.cpp:
1491         (WebCore::IDBIndex::IDBIndex):
1492         (WebCore::IDBIndex::~IDBIndex):
1493         (WebCore::IDBIndex::hasPendingActivity):
1494         (WebCore::IDBIndex::name):
1495         (WebCore::IDBIndex::objectStore):
1496         (WebCore::IDBIndex::keyPath):
1497         (WebCore::IDBIndex::unique):
1498         (WebCore::IDBIndex::multiEntry):
1499         (WebCore::IDBIndex::openCursor):
1500         (WebCore::IDBIndex::doCount):
1501         (WebCore::IDBIndex::openKeyCursor):
1502         (WebCore::IDBIndex::doGet):
1503         (WebCore::IDBIndex::doGetKey):
1504         (WebCore::IDBIndex::markAsDeleted):
1505         * Modules/indexeddb/IDBIndex.h:
1506         
1507         * Modules/indexeddb/IDBObjectStore.cpp:
1508         (WebCore::IDBObjectStore::transaction):
1509         (WebCore::IDBObjectStore::deleteFunction): Deleted.
1510         (WebCore::IDBObjectStore::modernDelete): Deleted.
1511         * Modules/indexeddb/IDBObjectStore.h:
1512         
1513         * bindings/js/JSIDBIndexCustom.cpp:
1514         (WebCore::JSIDBIndex::visitAdditionalChildren):
1515
1516 2016-07-20  Chris Dumez  <cdumez@apple.com>
1517
1518         Stop using valueToStringWithNullCheck() in JSCSSStyleDeclaration::putDelegate()
1519         https://bugs.webkit.org/show_bug.cgi?id=159982
1520
1521         Reviewed by Ryosuke Niwa.
1522
1523         valueToStringWithNullCheck() treats null as the null String() which is
1524         legacy / non standard behavior. The specification says we should treat
1525         null as the empty string:
1526         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-camel-cased-attribute
1527
1528         Therefore, we should be using valueToStringTreatingNullAsEmptyString() instead.
1529
1530         In practice, there is no web-exposed behavior change because
1531         MutableStyleProperties::setProperty() removes the property wether the
1532         value is the null String or the empty String.
1533
1534         This behavior is correct since the specification says that we should
1535         remove the property if the value is the empty string:
1536         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-setproperty (step 4)
1537
1538         I added test coverage to make sure we behave according to specification.
1539         This test is passing in Firefox, Chrome and in WebKit (before and after
1540         my change).
1541
1542         Test: fast/css/CSSStyleDeclaration-property-setter.html
1543
1544         * bindings/js/JSCSSStyleDeclarationCustom.cpp:
1545         (WebCore::JSCSSStyleDeclaration::putDelegate):
1546
1547 2016-07-20  Chris Dumez  <cdumez@apple.com>
1548
1549         Fix null handling of HTMLFrameElement.marginWidth / marginHeight
1550         https://bugs.webkit.org/show_bug.cgi?id=159987
1551
1552         Reviewed by Ryosuke Niwa.
1553
1554         Fix null handling of HTMLFrameElement.marginWidth / marginHeight:
1555         - https://html.spec.whatwg.org/multipage/obsolete.html#htmlframeelement
1556
1557         We are supposed to treat null as the empty string but we treat it as
1558         the string "null".
1559
1560         Firefox and Chrome both match the specification.
1561
1562         No new tests, updated existing tests.
1563
1564         * html/HTMLFrameElement.idl:
1565
1566 2016-07-20  Wenson Hsieh  <wenson_hsieh@apple.com>
1567
1568         Pausing autoplayed media should not remove all restrictions for that media element
1569         https://bugs.webkit.org/show_bug.cgi?id=159988
1570
1571         Reviewed by Jon Lee.
1572
1573         Localizes the removal of behavior restrictions introduced in r203464 upon pausing an
1574         autoplaying video to just affect the hiding or showing of the media controller. This
1575         prevents pages from using Javascript to start playing autoplaying videos that have
1576         been paused by the user.
1577
1578         * html/HTMLMediaElement.cpp:
1579         (WebCore::HTMLMediaElement::pause):
1580
1581 2016-07-20  Myles C. Maxfield  <mmaxfield@apple.com>
1582
1583         [iPhone] Playing a video on tudou.com plays only sound, no video
1584         https://bugs.webkit.org/show_bug.cgi?id=159967
1585         <rdar://problem/26964090>
1586
1587         Reviewed by Jon Lee.
1588
1589         WebKit recently starting honoring the playsinline and webkit-playsinline
1590         attribute on iPhones. However, because these attributes previously did
1591         nothing, some sites (such as Todou) were setting them on their content
1592         and expecting that they are not honored. In this specific case, the
1593         video is absolutely positioned to be 1 pixel x 1 pixel.
1594
1595         Previously, with iOS 9, apps could set the allowsInlineMediaPlayback
1596         property on their WKWebView, which would honor the webkit-playsinline
1597         attribute. Safari on iPhones didn't do this.
1598
1599         In order to not break these existing apps, it's important that the
1600         allowsInlineMediaPlayback preference still allows webkit-playsinline
1601         videos to play inline in apps using WKWebView. However, in Safari, these
1602         videos should play fullscreen. (Todou videos have webkit-playsinline
1603         but not playsinline.)
1604
1605         Therefore, in Safari, videos with playsinline should be inline, but
1606         videos with webkit-playsinline should be fullscreen. In apps using
1607         WKWebViews, if the app sets allowsInlineMediaPlayback, then videos with
1608         playsinline should be inline, and videos with webkit-playsinline should
1609         also be inline. Videos on iPad and Mac should all be inline by default.
1610
1611         We can create some truth tables for the cases which need to be covered:
1612
1613         All apps on Mac / iPad:
1614         Presence of playsinline | Presence of webkit-playsinline | Result
1615         ========================|================================|===========
1616         Not present             | Not present                    | Inline
1617         Present                 | Not present                    | Inline
1618         Not Present             | Present                        | Inline
1619         Present                 | Present                        | Inline
1620
1621         Safari on iPhone:
1622         Presence of playsinline | Presence of webkit-playsinline | Result
1623         ========================|================================|===========
1624         Not present             | Not present                    | Fullscreen
1625         Present                 | Not present                    | Inline
1626         Not Present             | Present                        | Fullscreen
1627         Present                 | Present                        | Inline
1628
1629         App on iPhone which sets allowsInlineMediaPlayback:
1630         Presence of playsinline | Presence of webkit-playsinline | Result
1631         ========================|================================|===========
1632         Not present             | Not present                    | Fullscreen
1633         Present                 | Not present                    | Inline
1634         Not Present             | Present                        | Inline
1635         Present                 | Present                        | Inline
1636
1637         The way to distinguish Safari from another app is to create an SPI
1638         boolean preference which Safari can set. This is already how the
1639         iPhone and iPad are differentiated using the requiresPlayInlineAttribute
1640         which Safari sets but other apps don't. However, this preference is
1641         no longer sufficient because Safari should now be discriminating
1642         between the playsinline and webkit-playsinline attributes. Therefore,
1643         this preference should be extended to two boolean preferences, which
1644         this patch adds:
1645
1646         allowsInlineMediaPlaybackWithPlaysInlineAttribute
1647         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute
1648
1649         Safari on iPhone will set
1650         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to true,
1651         and allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to
1652         false. Other apps on iPhone will get their defaults values (because they
1653         are SPI) which means they will both be true. On iPad and Mac, apps will
1654         use the defaults values where both are false.
1655
1656         This patch adds support for these two preferences, but does not remove
1657         the existing inlineMediaPlaybackRequiresPlaysInlineAttribute preference.
1658         I will remove the exising preference as soon as I update Safari to migrate
1659         off of it.
1660
1661         Test: media/video-playsinline.html
1662
1663         * html/MediaElementSession.cpp:
1664         (WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):
1665         * page/Settings.cpp:
1666         * page/Settings.in:
1667         * testing/InternalSettings.cpp:
1668         (WebCore::InternalSettings::Backup::Backup):
1669         (WebCore::InternalSettings::Backup::restoreTo):
1670         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithPlaysInlineAttribute):
1671         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute):
1672         * testing/InternalSettings.h:
1673         * testing/InternalSettings.idl:
1674
1675 2016-07-20  Chris Dumez  <cdumez@apple.com>
1676
1677         Get rid of custom bindings code for XMLHttpRequest.open()
1678         https://bugs.webkit.org/show_bug.cgi?id=159984
1679
1680         Reviewed by Ryosuke Niwa.
1681
1682         Get rid of custom bindings code for XMLHttpRequest.open() as the
1683         bindings generator is able to generate it.
1684
1685         Relevant specification:
1686         - https://xhr.spec.whatwg.org/#xmlhttprequest
1687
1688         The issue is that legacy content prevents treating the 'async' argument
1689         being undefined identical from it being omitted. However, this can be
1690         achieved by using overloading in IDL, like in the specification.
1691
1692         No new tests, already covered by the following tests:
1693         - http/tests/xmlhttprequest/basic-auth.html
1694         - http/tests/xmlhttprequest/open-async-overload.html
1695
1696         * bindings/js/JSXMLHttpRequestCustom.cpp:
1697         (WebCore::SendFunctor::SendFunctor): Deleted.
1698         (WebCore::SendFunctor::line): Deleted.
1699         (WebCore::SendFunctor::column): Deleted.
1700         (WebCore::SendFunctor::url): Deleted.
1701         (WebCore::SendFunctor::operator()): Deleted.
1702         * xml/XMLHttpRequest.cpp:
1703         (WebCore::XMLHttpRequest::open):
1704         * xml/XMLHttpRequest.h:
1705         * xml/XMLHttpRequest.idl:
1706
1707 2016-07-20  Rawinder Singh  <rawinder.singh-webkit@cisra.canon.com.au>
1708
1709         Mark overriden methods in WebCore/svg final classes as final
1710         https://bugs.webkit.org/show_bug.cgi?id=159966
1711
1712         Reviewed by Michael Catanzaro.
1713
1714         Update WebCore/svg classes so that overriden methods in final classes are marked final.
1715
1716         * svg/SVGAElement.h:
1717         * svg/SVGAltGlyphDefElement.h:
1718         * svg/SVGAltGlyphItemElement.h:
1719         * svg/SVGAnimateTransformElement.h:
1720         * svg/SVGAnimatedColor.h:
1721         * svg/SVGCircleElement.h:
1722         * svg/SVGClipPathElement.h:
1723         * svg/SVGCursorElement.h:
1724         * svg/SVGDefsElement.h:
1725         * svg/SVGDescElement.h:
1726         * svg/SVGEllipseElement.h:
1727         * svg/SVGFEMergeNodeElement.h:
1728         * svg/SVGFilterElement.h:
1729         * svg/SVGFontElement.h:
1730         * svg/SVGFontFaceElement.h:
1731         * svg/SVGFontFaceFormatElement.h:
1732         * svg/SVGFontFaceNameElement.h:
1733         * svg/SVGFontFaceSrcElement.h:
1734         * svg/SVGFontFaceUriElement.h:
1735         * svg/SVGForeignObjectElement.h:
1736         * svg/SVGGElement.h:
1737         * svg/SVGGlyphElement.h:
1738         * svg/SVGGlyphRefElement.h:
1739         * svg/SVGHKernElement.h:
1740         * svg/SVGImageElement.h:
1741         * svg/SVGLineElement.h:
1742         * svg/SVGMPathElement.h:
1743         * svg/SVGMaskElement.h:
1744         * svg/SVGMetadataElement.h:
1745         * svg/SVGMissingGlyphElement.h:
1746         * svg/SVGPathBuilder.h:
1747         * svg/SVGPathByteStreamBuilder.h:
1748         * svg/SVGPathByteStreamSource.h:
1749         * svg/SVGPathElement.h:
1750         * svg/SVGPathSegArcAbs.h:
1751         * svg/SVGPathSegArcRel.h:
1752         * svg/SVGPathSegClosePath.h:
1753         * svg/SVGPathSegCurvetoCubicAbs.h:
1754         * svg/SVGPathSegCurvetoCubicRel.h:
1755         * svg/SVGPathSegCurvetoCubicSmoothAbs.h:
1756         * svg/SVGPathSegCurvetoCubicSmoothRel.h:
1757         * svg/SVGPathSegCurvetoQuadraticAbs.h:
1758         * svg/SVGPathSegCurvetoQuadraticRel.h:
1759         * svg/SVGPathSegCurvetoQuadraticSmoothAbs.h:
1760         * svg/SVGPathSegCurvetoQuadraticSmoothRel.h:
1761         * svg/SVGPathSegLinetoAbs.h:
1762         * svg/SVGPathSegLinetoHorizontalAbs.h:
1763         * svg/SVGPathSegLinetoHorizontalRel.h:
1764         * svg/SVGPathSegLinetoRel.h:
1765         * svg/SVGPathSegLinetoVerticalAbs.h:
1766         * svg/SVGPathSegLinetoVerticalRel.h:
1767         * svg/SVGPathSegListBuilder.h:
1768         * svg/SVGPathSegListSource.h:
1769         * svg/SVGPathSegMovetoAbs.h:
1770         * svg/SVGPathSegMovetoRel.h:
1771         * svg/SVGPathStringSource.h:
1772         * svg/SVGPathTraversalStateBuilder.h:
1773         * svg/SVGPatternElement.h:
1774         * svg/SVGRectElement.h:
1775         * svg/SVGScriptElement.h:
1776         * svg/SVGStopElement.h:
1777         * svg/SVGStyleElement.h:
1778         * svg/SVGSwitchElement.h:
1779         * svg/SVGTRefElement.cpp:
1780         * svg/SVGTitleElement.h:
1781         * svg/SVGToOTFFontConversion.cpp:
1782         * svg/SVGUnknownElement.h:
1783         * svg/SVGVKernElement.h:
1784         * svg/SVGViewElement.h:
1785         * svg/SVGZoomEvent.h:
1786         * svg/animation/SVGSMILElement.cpp:
1787         * svg/graphics/SVGImage.h:
1788         * svg/graphics/SVGImageClients.h:
1789         * svg/graphics/SVGImageForContainer.h:
1790         * svg/graphics/filters/SVGFEImage.h:
1791         * svg/graphics/filters/SVGFilter.h:
1792         * svg/properties/SVGAnimatedEnumerationPropertyTearOff.h:
1793         * svg/properties/SVGAnimatedPathSegListPropertyTearOff.h:
1794         * svg/properties/SVGAnimatedPropertyTearOff.h:
1795         * svg/properties/SVGAnimatedTransformListPropertyTearOff.h:
1796         * svg/properties/SVGMatrixTearOff.h:
1797         * svg/properties/SVGPathSegListPropertyTearOff.h:
1798
1799 2016-07-20  Brady Eidson  <beidson@apple.com>
1800
1801         Transition most IDB interfaces from ScriptExecutionContext to ExecState.
1802         https://bugs.webkit.org/show_bug.cgi?id=159975
1803
1804         Reviewed by Alex Christensen.
1805
1806         No new tests (No known behavior change).
1807
1808         * Modules/indexeddb/IDBCursor.cpp:
1809         (WebCore::IDBCursor::continueFunction):
1810         (WebCore::IDBCursor::deleteFunction):
1811         * Modules/indexeddb/IDBCursor.h:
1812         * Modules/indexeddb/IDBCursor.idl:
1813
1814         * Modules/indexeddb/IDBDatabase.idl:
1815
1816         * Modules/indexeddb/IDBFactory.cpp:
1817         (WebCore::IDBFactory::cmp):
1818         * Modules/indexeddb/IDBFactory.h:
1819         * Modules/indexeddb/IDBFactory.idl:
1820
1821         * Modules/indexeddb/IDBIndex.cpp:
1822         (WebCore::IDBIndex::openCursor):
1823         (WebCore::IDBIndex::count):
1824         (WebCore::IDBIndex::doCount):
1825         (WebCore::IDBIndex::openKeyCursor):
1826         (WebCore::IDBIndex::get):
1827         (WebCore::IDBIndex::doGet):
1828         (WebCore::IDBIndex::getKey):
1829         (WebCore::IDBIndex::doGetKey):
1830         * Modules/indexeddb/IDBIndex.h:
1831         * Modules/indexeddb/IDBIndex.idl:
1832
1833         * Modules/indexeddb/IDBKeyRange.cpp:
1834         (WebCore::IDBKeyRange::only): Deleted.
1835         * Modules/indexeddb/IDBKeyRange.h:
1836
1837         * Modules/indexeddb/IDBObjectStore.cpp:
1838         (WebCore::IDBObjectStore::openCursor):
1839         (WebCore::IDBObjectStore::get):
1840         (WebCore::IDBObjectStore::putOrAdd):
1841         (WebCore::IDBObjectStore::deleteFunction):
1842         (WebCore::IDBObjectStore::doDelete):
1843         (WebCore::IDBObjectStore::modernDelete):
1844         (WebCore::IDBObjectStore::clear):
1845         (WebCore::IDBObjectStore::createIndex):
1846         (WebCore::IDBObjectStore::count):
1847         (WebCore::IDBObjectStore::doCount):
1848         * Modules/indexeddb/IDBObjectStore.h:
1849         * Modules/indexeddb/IDBObjectStore.idl:
1850
1851         * Modules/indexeddb/IDBTransaction.cpp:
1852         (WebCore::IDBTransaction::requestOpenCursor):
1853         (WebCore::IDBTransaction::doRequestOpenCursor):
1854         (WebCore::IDBTransaction::requestGetRecord):
1855         (WebCore::IDBTransaction::requestGetValue):
1856         (WebCore::IDBTransaction::requestGetKey):
1857         (WebCore::IDBTransaction::requestIndexRecord):
1858         (WebCore::IDBTransaction::requestCount):
1859         (WebCore::IDBTransaction::requestDeleteRecord):
1860         (WebCore::IDBTransaction::requestClearObjectStore):
1861         (WebCore::IDBTransaction::requestPutOrAdd):
1862         * Modules/indexeddb/IDBTransaction.h:
1863
1864         * inspector/InspectorIndexedDBAgent.cpp:
1865
1866 2016-07-20  Wenson Hsieh  <wenson_hsieh@apple.com>
1867
1868         Media controls don't appear when pausing a small autoplaying video
1869         https://bugs.webkit.org/show_bug.cgi?id=159972
1870         <rdar://problem/27180657>
1871
1872         Reviewed by Beth Dakin.
1873
1874         When pausing an autoplaying video, remove behavior restrictions for the
1875         initial user gesture and show media controls.
1876
1877         New WebKit API test. See VideoControlsManagerSingleSmallAutoplayingVideo.
1878
1879         * html/HTMLMediaElement.cpp:
1880         (WebCore::HTMLMediaElement::pause):
1881
1882 2016-07-20  Chris Dumez  <cdumez@apple.com>
1883
1884         Fix null handling of HTMLMediaElement.mediaGroup
1885         https://bugs.webkit.org/show_bug.cgi?id=159974
1886
1887         Reviewed by Eric Carlson.
1888
1889         Fix null handling of HTMLMediaElement.mediaGroup to match the specification:
1890         - https://www.w3.org/TR/html5/embedded-content-0.html#media-elements
1891
1892         null is supposed to be treated as the String "null". This patch aligns
1893         our behavior with the specification. I tested Firefox and Chrome but both
1894         do not have this attribute on HTMLMediaElement.
1895
1896         Also remove support for [TreatNullAs=LegacyNullString] from our bindings
1897         generator as HTMLMediaElement.mediaGroup was the last user.
1898
1899         No new tests, rebaselined existing test.
1900
1901         * bindings/scripts/CodeGeneratorJS.pm:
1902         (JSValueToNative):
1903         * bindings/scripts/IDLAttributes.txt:
1904         * html/HTMLMediaElement.idl:
1905
1906 2016-07-20  Chris Dumez  <cdumez@apple.com>
1907
1908         CSSStyleDeclaration.setProperty() should be able to unset "important" on a property
1909         https://bugs.webkit.org/show_bug.cgi?id=159959
1910
1911         Reviewed by Alexey Proskuryakov.
1912
1913         CSSStyleDeclaration.setProperty() should be able to unsert "important"
1914         on a property as per the latest specification:
1915         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-setproperty
1916         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-camel-cased-attribute
1917
1918         Firefox and Chrome match the specification here but WebKit was ignoring calls
1919         to setProperty() if there is already an "important" property wit this name
1920         and if the new property does not have the "important" flag set.
1921
1922         This behavior was added a long time ago via Bug 60007. However, it does not
1923         match the latest specification or other browsers.
1924
1925         Test: fast/css/CSSStyleDeclaration-setProperty-unset-important.html
1926
1927         * css/StyleProperties.cpp:
1928         (WebCore::MutableStyleProperties::addParsedProperty):
1929         Drop code that was added via Bug 60007 as this behavior no longer matches the
1930         specification or other browsers. The layout test added in Bug 60007 fails in
1931         other browsers and was updated in this patch to match the specification.
1932
1933 2016-07-20  Commit Queue  <commit-queue@webkit.org>
1934
1935         Unreviewed, rolling out r203423.
1936         https://bugs.webkit.org/show_bug.cgi?id=159977
1937
1938         The test for this change is failing on Mac Release WK2
1939         (Requested by ryanhaddad on #webkit).
1940
1941         Reverted changeset:
1942
1943         "HTMLVideoElement frames do not update on iOS when src is a
1944         MediaStream blob"
1945         https://bugs.webkit.org/show_bug.cgi?id=159833
1946         http://trac.webkit.org/changeset/203423
1947
1948 2016-07-20  Chris Dumez  <cdumez@apple.com>
1949
1950         Fix null handling of HTMLSelectElement.value attribute
1951         https://bugs.webkit.org/show_bug.cgi?id=159925
1952
1953         Reviewed by Benjamin Poulain.
1954
1955         Fix null handling of HTMLSelectElement.value attribute:
1956         - https://html.spec.whatwg.org/multipage/forms.html#htmlselectelement
1957
1958         We were treating null as the null String which would end up setting
1959         selectedIndex to -1. However, we should treat null as the String "null"
1960         which would set the selectedIndex to the index of the <option> element
1961         whose value is "null".
1962
1963         Firefox and Chrome match the specification.
1964
1965         Test: fast/dom/HTMLSelectElement/value-null-handling.html
1966
1967         * html/HTMLSelectElement.cpp:
1968         (WebCore::HTMLSelectElement::setValue):
1969         * html/HTMLSelectElement.idl:
1970
1971 2016-07-20  Chris Dumez  <cdumez@apple.com>
1972
1973         PostResolutionCallbackDisabler can resume pending requests while a ResourceLoadSuspender is alive
1974         https://bugs.webkit.org/show_bug.cgi?id=159962
1975         <rdar://problem/21439264>
1976
1977         Reviewed by David Kilzer.
1978
1979         PostResolutionCallbackDisabler can resume pending requests while a ResourceLoadSuspender
1980         is alive. We have both PostResolutionCallbackDisabler and ResourceLoadSuspender that
1981         call LoaderStrategy::suspendPendingRequests() / LoaderStrategy::resumePendingRequests().
1982         However, PostResolutionCallbackDisabler and ResourceLoadSuspender are not aware of each
1983         other. It is therefore possible for a PostResolutionCallbackDisabler object to get
1984         destroyed, causing LoaderStrategy::resumePendingRequests() to be called while a
1985         ResourceLoadSuspender object is alive.
1986
1987         This leads to hard to investigate crashes where we end up re-entering WebKit and killing
1988         the style resolver.
1989
1990         This patch drops ResourceLoadSuspender and uses PostResolutionCallbackDisabler instead.
1991         There was only one user of ResourceLoadSuspender and PostResolutionCallbackDisabler
1992         is better because it manages a resolutionNestingDepth counter internally to make sure
1993         it only calls LoaderStrategy::resumePendingRequests() once all
1994         PostResolutionCallbackDisabler instances are destroyed.
1995
1996         No new tests, there is no easy way to reproduce the crashes.
1997
1998         * dom/Document.cpp:
1999         (WebCore::Document::styleForElementIgnoringPendingStylesheets):
2000         * loader/LoaderStrategy.cpp:
2001         (WebCore::ResourceLoadSuspender::ResourceLoadSuspender): Deleted.
2002         (WebCore::ResourceLoadSuspender::~ResourceLoadSuspender): Deleted.
2003         * loader/LoaderStrategy.h:
2004
2005 2016-07-19  Youenn Fablet  <youenn@apple.com>
2006
2007         [Fetch API] Add a JS builtin to implement https://fetch.spec.whatwg.org/#concept-headers-fill
2008         https://bugs.webkit.org/show_bug.cgi?id=159932
2009
2010         Reviewed by Alex Christensen.
2011
2012         Covered by existing tests.
2013
2014         Refactoring Headers initializeWith to use the new built-in internal that implements
2015         https://fetch.spec.whatwg.org/#concept-headers-fill.
2016
2017         Refactoring Response constructor to put more checks in the JS builtin fucntion called within constructor.
2018         Making use of the new built-in internal that implements https://fetch.spec.whatwg.org/#concept-headers-fill.
2019
2020         * CMakeLists.txt: Adding FetchHeadersInternals.js
2021         * DerivedSources.make: Ditto.
2022         * Modules/fetch/FetchHeaders.js:
2023         (initializeFetchHeaders): Using fillFetchHeaders new built-in internal.
2024         * Modules/fetch/FetchInternals.js: Added.
2025         (fillFetchHeaders):
2026         * Modules/fetch/FetchResponse.cpp: Refactoring to do more in the JS built-in. Splitting of initializeWith so
2027         that the checks are done in the order defined by the spec.
2028         (WebCore::FetchResponse::setStatus):
2029         (WebCore::FetchResponse::initializeWith):
2030         (WebCore::isNullBodyStatus): Deleted.
2031         * Modules/fetch/FetchResponse.h:
2032         * Modules/fetch/FetchResponse.idl:
2033         * Modules/fetch/FetchResponse.js:
2034         (initializeFetchResponse): New built-in internal.
2035         * WebCore.xcodeproj/project.pbxproj:
2036         * bindings/js/WebCoreBuiltinNames.h:
2037
2038 2016-07-19  Chris Dumez  <cdumez@apple.com>
2039
2040         Fix null handling of SVGScriptElement.type attribute
2041         https://bugs.webkit.org/show_bug.cgi?id=159927
2042
2043         Reviewed by Benjamin Poulain.
2044
2045         Fix null handling of SVGScriptElement.type attribute:
2046         - https://www.w3.org/TR/SVG2/interact.html#InterfaceSVGScriptElement
2047
2048         We were treating null as the null String which would end up removing
2049         the 'type' content attribute. However, we should treat null as the
2050         String "null".
2051
2052         Firefox and Chrome match the specification.
2053
2054         No new tests, updated existing test.
2055
2056         * svg/SVGScriptElement.idl:
2057
2058 2016-07-19  Chris Dumez  <cdumez@apple.com>
2059
2060         Fix null handling of several HTMLDocument attributes
2061         https://bugs.webkit.org/show_bug.cgi?id=159923
2062
2063         Reviewed by Benjamin Poulain.
2064
2065         Fix null handling of several HTMLDocument attributes:
2066         - https://html.spec.whatwg.org/multipage/dom.html#document
2067         - https://html.spec.whatwg.org/multipage/obsolete.html#document-partial
2068
2069         In particular, null handling was incorrect in WebKit for 'dir',
2070         'bgColor', 'fgColor', 'alinkColor', 'linkColor' and 'vlinkColor'.
2071
2072         Firefox and Chrome match the specification.
2073
2074         Test: fast/dom/HTMLDocument/null-handling.html
2075
2076         * html/HTMLDocument.idl:
2077
2078 2016-07-19  Chris Dumez  <cdumez@apple.com>
2079
2080         Document.createElementNS() / createAttributeNS() parameters should be mandatory
2081         https://bugs.webkit.org/show_bug.cgi?id=159938
2082
2083         Reviewed by Benjamin Poulain.
2084
2085         Document.createElementNS() / createAttributeNS() parameters should be mandatory:
2086         - https://dom.spec.whatwg.org/#document
2087
2088         They were optional in WebKit. However, Firefox and Chrome both match the
2089         specification.
2090
2091         No new tests, rebaselined existing tests.
2092
2093         * dom/Document.idl:
2094
2095 2016-07-19  Benjamin Poulain  <bpoulain@apple.com>
2096
2097         Use getElementById for attribute matching if the attribute name is html's id
2098         https://bugs.webkit.org/show_bug.cgi?id=159960
2099
2100         Reviewed by Chris Dumez.
2101
2102         Elliott Sprehn discovered YUI makes heavy uses of querySelector with [id=value]
2103         (https://bugs.chromium.org/p/chromium/issues/detail?id=627242).
2104
2105         If we are not in quirks mode, IdForStyleResolution has the same value
2106         as the Id attribute. We can use the same optimization for both cases.
2107
2108         Tests: fast/selectors/id-attribute-querySelector-used-as-id-selector-quirks.html
2109                fast/selectors/id-attribute-querySelector-used-as-id-selector.html
2110
2111         * dom/SelectorQuery.cpp:
2112         (WebCore::canBeUsedForIdFastPath):
2113         (WebCore::findIdMatchingType):
2114         (WebCore::SelectorDataList::SelectorDataList):
2115         (WebCore::selectorForIdLookup):
2116         (WebCore::filterRootById):
2117
2118 2016-07-19  Chris Dumez  <cdumez@apple.com>
2119
2120         Drop SVGElement.xmlbase attribute
2121         https://bugs.webkit.org/show_bug.cgi?id=159926
2122
2123         Reviewed by Benjamin Poulain.
2124
2125         Drop SVGElement.xmlbase attribute as it is no longer part of the
2126         specification:
2127         - https://www.w3.org/TR/SVG2/types.html#InterfaceSVGElement
2128
2129         Both Firefox and Chrome have already dropped support for
2130         SVGElement.xmlbase.
2131
2132         Chrome's intent to remove:
2133         https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/TfwMq4d25hk/C-v_iC_wKfAJ
2134
2135         Test: svg/dom/SVGElement-xmlbase.html
2136
2137         * svg/SVGElement.cpp:
2138         (WebCore::SVGElement::removedFrom): Deleted.
2139         * svg/SVGElement.h:
2140         * svg/SVGElement.idl:
2141
2142 2016-07-19  Chris Dumez  <cdumez@apple.com>
2143
2144         Align CSSStyleDeclaration.setProperty() with the specification
2145         https://bugs.webkit.org/show_bug.cgi?id=159955
2146
2147         Reviewed by Benjamin Poulain.
2148
2149         Align CSSStyleDeclaration.setProperty() with the specification:
2150         - https://drafts.csswg.org/cssom/#the-cssstyledeclaration-interface
2151
2152         In particular, the following changes were needed:
2153         1. The 'value' parameter should not be optional
2154         2. The 'priority' parameter should treat null as the empty string
2155            rather than the string "null".
2156         3. The 'priority' parameter's default value should be the empty string,
2157            not the string "undefined".
2158         4. CSSStyleDeclaration.setProperty() should return early if 'priority'
2159            is not the empty string and is not an ASCII case-insensitive match
2160            for the string "important".
2161
2162         Chrome matches the specification entirely.
2163         Firefox matches the specification with the exception that it does a
2164         case-sensitive match for "important".
2165
2166         Test: fast/css/CSSStyleDeclaration-setProperty.html
2167
2168         * css/CSSStyleDeclaration.idl:
2169         * css/PropertySetCSSStyleDeclaration.cpp:
2170         (WebCore::PropertySetCSSStyleDeclaration::setProperty):
2171
2172 2016-07-19  Daniel Bates  <dabates@apple.com>
2173
2174         CSP: Improve support for multiple policies to more closely conform to the CSP Level 2 spec.
2175         https://bugs.webkit.org/show_bug.cgi?id=159841
2176         <rdar://problem/27381684>
2177
2178         Reviewed by Brent Fulgham.
2179
2180         Implement a first pass at sending multiple violation reports so as to more closely
2181         conform to section Enforcing multiple policies of the Content Security Policy Level 2 spec.,
2182         <https://w3c.github.io/webappsec-csp/2/> (Editor's Draft, 25 April 2016).
2183
2184         Tests: http/tests/security/contentSecurityPolicy/1.1/script-blocked-sends-multiple-reports.php
2185                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-enforced-policy-and-blocked-by-report-policy.php
2186                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-enforced-policy-and-blocked-by-report-policy2.php
2187                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy.php
2188                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
2189                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-enforced-policy-and-allowed-by-report-policy.php
2190                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-enforced-policy-and-allowed-by-report-policy2.php
2191                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy.php
2192                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy2.php
2193                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy.php
2194                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
2195                http/tests/security/contentSecurityPolicy/1.1/scripthash-in-enforced-policy-and-not-in-report-only.html
2196                http/tests/security/contentSecurityPolicy/1.1/scripthash-in-one-enforced-policy-neither-in-another-enforced-policy-nor-report-policy.html
2197                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-enforced-policy-and-blocked-by-report-policy.php
2198                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-enforced-policy-and-blocked-by-report-policy2.php
2199                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy.php
2200                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
2201                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-enforced-policy-and-allowed-by-report-policy.php
2202                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-enforced-policy-and-allowed-by-report-policy2.php
2203                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy.php
2204                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy2.php
2205                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy.php
2206                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
2207                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-in-enforced-policy-and-not-in-report-only.html
2208                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-in-one-enforced-policy-neither-in-another-enforced-policy-nor-report-policy.html
2209                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-multiple-policies.html
2210
2211         * page/csp/ContentSecurityPolicy.cpp:
2212         (WebCore::ContentSecurityPolicy::allPoliciesWithDispositionAllow): Added. Returns whether the resource
2213         is allowed by all of the policies with the specified disposition.
2214         (WebCore::ContentSecurityPolicy::allPoliciesAllow): Added. Returns whether the resource is allowed by
2215         all of the enforced policies.
2216         (WebCore::ContentSecurityPolicy::findHashOfContentInPolicies): Formerly named foundHashOfContentInAllPolicies.
2217         Modified to return a ("has found hash in all enforced policies, "has found hash in all report-only policies)-pair
2218         so that we can differentiate whether the hash violated an enforced policy or a report-only policy.
2219         (WebCore::ContentSecurityPolicy::allowJavaScriptURLs): Write in terms of ContentSecurityPolicy::allPoliciesAllow().
2220         (WebCore::ContentSecurityPolicy::allowInlineEventHandlers): Ditto.
2221         (WebCore::ContentSecurityPolicy::allowScriptWithNonce): For now only accept a nonce if it is allowed by
2222         all enforced policies. As a side effect of this change is that we only send a CSP violation report when a
2223         nonce violates a report-only policy only if the nonce also violates one or more enforced policies. We will
2224         address this limitation in <https://bugs.webkit.org/show_bug.cgi?id=159830>.
2225         (WebCore::ContentSecurityPolicy::allowStyleWithNonce): Ditto.
2226         (WebCore::ContentSecurityPolicy::allowInlineScript): Differentiate between a hash/'unsafe-inline' that
2227         matches/is contained in all enforce policies and a hash/'unsafe-inline' that matches/is contained in all
2228         report-only policies so that we only allow the resource for the former. As a side effect of this change
2229         we may report that a resource violated a policy even if it contained the hash. See <https://bugs.webkit.org/show_bug.cgi?id=159832>
2230         for more details.
2231         (WebCore::ContentSecurityPolicy::allowInlineStyle): Ditto.
2232         (WebCore::ContentSecurityPolicy::allowEval): Write in terms of ContentSecurityPolicy::allPoliciesAllow().
2233         (WebCore::ContentSecurityPolicy::allowFrameAncestors): Ditto.
2234         (WebCore::ContentSecurityPolicy::allowPluginType): Ditto.
2235         (WebCore::ContentSecurityPolicy::allowScriptFromSource): Ditto.
2236         (WebCore::ContentSecurityPolicy::allowObjectFromSource): Ditto.
2237         (WebCore::ContentSecurityPolicy::allowChildFrameFromSource): Ditto.
2238         (WebCore::ContentSecurityPolicy::allowChildContextFromSource): Ditto.
2239         (WebCore::ContentSecurityPolicy::allowImageFromSource): Ditto.
2240         (WebCore::ContentSecurityPolicy::allowStyleFromSource): Ditto.
2241         (WebCore::ContentSecurityPolicy::allowFontFromSource): Ditto.
2242         (WebCore::ContentSecurityPolicy::allowMediaFromSource): Ditto.
2243         (WebCore::ContentSecurityPolicy::allowConnectToSource): Ditto.
2244         (WebCore::ContentSecurityPolicy::allowFormAction): Ditto.
2245         (WebCore::ContentSecurityPolicy::allowBaseURI): Ditto.
2246         (WebCore::ContentSecurityPolicy::foundHashOfContentInAllPolicies): Deleted.
2247         * page/csp/ContentSecurityPolicy.h:
2248         (WebCore::ContentSecurityPolicy::violatedDirectiveInAnyPolicy): Deleted.
2249
2250 2016-07-19  Chris Dumez  <cdumez@apple.com>
2251
2252         Fix null handling of HTMLScriptElement.text attribute
2253         https://bugs.webkit.org/show_bug.cgi?id=159943
2254
2255         Reviewed by Benjamin Poulain.
2256
2257         Fix null handling of HTMLScriptElement.text attribute:
2258         - https://html.spec.whatwg.org/multipage/scripting.html#the-script-element
2259
2260         We should treat null as the "null" String but we were treating it as
2261         the empty string.
2262
2263         Firefox and Chrome match the specification.
2264
2265         No new tests, rebaselined existing test.
2266
2267         * html/HTMLScriptElement.idl:
2268
2269 2016-07-19  Chris Dumez  <cdumez@apple.com>
2270
2271         autocapitalize attribute should not use [TreatNullAs=LegacyNullString]
2272         https://bugs.webkit.org/show_bug.cgi?id=159934
2273
2274         Reviewed by Benjamin Poulain.
2275
2276         autocapitalize attribute should not use [TreatNullAs=LegacyNullString]. This is
2277         non-standard and we want to drop support for it from the bindings generator.
2278
2279         Instead, use [TreatNullAs=EmptyString] in order to maintain existing behavior
2280         given that both a missing/empty attribute result in using the default
2281         autocapitalization mode and that autocapitalize returns the empty string by
2282         default.
2283
2284         Test: platform/ios-simulator/ios/fast/forms/autocapitalize-null.html
2285
2286         * html/HTMLFormElement.idl:
2287         * html/HTMLInputElement.idl:
2288         * html/HTMLTextAreaElement.idl:
2289
2290 2016-07-19  Zalan Bujtas  <zalan@apple.com>
2291
2292         REGRESSION(r203415): ASSERTION FAILED: !m_layoutRoot->container() || !m_layoutRoot->container()->needsLayout()
2293         https://bugs.webkit.org/show_bug.cgi?id=159952
2294
2295         Reviewed by Simon Fraser.
2296
2297         Update ASSERTs to reflect new functionality, that is, now we can end up in a state
2298         where the container (RenderView) of one of the dirty subtrees is dirty.
2299         See r203415.
2300  
2301         Covered by editing/pasteboard/drag-drop-input-in-svg.svg
2302
2303         * page/FrameView.cpp:
2304         (WebCore::FrameView::scheduleRelayoutOfSubtree):
2305
2306 2016-07-19  Dean Jackson  <dino@apple.com>
2307
2308         REGRESSION(202927): The first slide is the only displayed slide when Quicklooking a Keynote file
2309         https://bugs.webkit.org/show_bug.cgi?id=159948
2310         <rdar://problem/27391012>
2311
2312         Reviewed by Simon Fraser.
2313
2314         There is an iOS bug (<rdar://problem/27416744>) that is causing us
2315         to not always get a color space on CGContextRefs. Investigation of this
2316         exposed some optimizations we can take when we are creating ImageBuffers.
2317         In particular, if we have a bitmap context or an IOSurfaceContext we
2318         can simply copy their color space using API. Otherwise we stick with
2319         the existing CGContextCopyDeviceColorSpace.
2320
2321         Lastly, if for some reason we are unable to copy the device color space,
2322         we should fall back to sRGB.
2323
2324         * platform/graphics/cg/ImageBufferCG.cpp:
2325         (WebCore::ImageBuffer::createCompatibleBuffer):
2326         * platform/spi/cg/CoreGraphicsSPI.h: Add some SPI and enums.
2327
2328
2329 2016-07-19  George Ruan  <gruan@apple.com>
2330
2331         HTMLVideoElement frames do not update on iOS when src is a MediaStream blob
2332         https://bugs.webkit.org/show_bug.cgi?id=159833
2333         <rdar://problem/27379487>
2334
2335         Reviewed by Eric Carlson.
2336
2337         Test: fast/mediastream/MediaStream-video-element-displays-buffer.html
2338
2339         * WebCore.xcodeproj/project.pbxproj:
2340         * platform/graphics/avfoundation/MediaSampleAVFObjC.h: Change create to return a Ref<T> instead
2341         of RefPtr<T>
2342         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h: Make observer of
2343         MediaStreamTrackPrivate and make MediaPlayer use an AVSampleBufferDisplayLayer instead of CALayer.
2344         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm: Ditto.
2345         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::~MediaPlayerPrivateMediaStreamAVFObjC): Clean up
2346         observers and AVSampleBufferDisplayLayer
2347         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::isAvailable): Ensures AVSampleBufferDisplayLayer
2348         is available.
2349         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueAudioSampleBufferFromTrack): Placeholder.
2350         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueVideoSampleBufferFromTrack): Responsible
2351         for enqueuing sample buffers to the active video track.
2352         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::ensureLayer): Ensures that an AVSampleBufferDisplayLayer
2353         exists.
2354         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::destroyLayer): Destroys the AVSampleBufferDisplayLayer.
2355         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::platformLayer): Replace CALayer with AVSampleBufferDisplayLayer.
2356         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::currentDisplayMode): Ditto.
2357         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::sampleBufferUpdated): Called from MediaStreamTrackPrivate when a
2358         new SampleBuffer is available.
2359         (WebCore::updateTracksOfType): Manage adding and removing self as observer from tracks.
2360         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateTracks): Replace CALayer with AVSampleBufferDisplayLayer
2361         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::acceleratedRenderingStateChanged): Copied from
2362         MediaPlayerPrivateMediaSourceAVFObjC.mm
2363         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::load): Deleted CALayer.
2364         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateDisplayMode): Deleted process of updating CALayer.
2365         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateIntrinsicSize): Deleted CALayer.
2366         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::createPreviewLayers): Deleted.
2367         * platform/mediastream/MediaStreamPrivate.cpp:
2368         (WebCore::MediaStreamPrivate::updateActiveVideoTrack): Remove redundant check.
2369         * platform/mediastream/MediaStreamTrackPrivate.cpp:
2370         (WebCore::MediaStreamTrackPrivate::sourceHasMoreMediaData): Called from RealtimeMediaSource when a new SampleBuffer
2371         is available.
2372         * platform/mediastream/MediaStreamTrackPrivate.h:
2373         (WebCore::MediaStreamTrackPrivate::Observer::sampleBufferUpdated): Relays to MediaPlayerPrivateMediaStream that
2374         a new SampleBuffer is available to enqueue to the AVSampleBufferDisplayLayer.
2375         * platform/mediastream/RealtimeMediaSource.cpp:
2376         (WebCore::RealtimeMediaSource::mediaDataUpdated): Relays to all observers that a new SampleBuffer is available.
2377         * platform/mediastream/RealtimeMediaSource.h:
2378         * platform/mediastream/mac/AVVideoCaptureSource.mm:
2379         (WebCore::AVVideoCaptureSource::processNewFrame): Calls mediaDataUpdated when a new SampleBuffer is captured.
2380
2381 2016-07-19  Anders Carlsson  <andersca@apple.com>
2382
2383         Get rid of a #define private public hack in WebCore
2384         https://bugs.webkit.org/show_bug.cgi?id=159953
2385
2386         Reviewed by Dan Bernstein.
2387
2388         Use @package instead.
2389
2390         * bindings/objc/DOMInternal.h:
2391         * bindings/objc/DOMObject.h:
2392
2393 2016-07-19  Andreas Kling  <akling@apple.com>
2394
2395         Fix SharedBuffer leak in MockContentFilter::replacementData().
2396         <https://webkit.org/b/159945>
2397
2398         Reviewed by Andy Estes.
2399
2400         Spotted on leaks bot. This code was pretty explicit about how it's going to leak.
2401         Since this is in the mock filter, it only affected layout tests.
2402
2403         * testing/MockContentFilter.cpp:
2404         (WebCore::MockContentFilter::replacementData):
2405
2406 2016-07-19  Zalan Bujtas  <zalan@apple.com>
2407
2408         theguardian.co.uk crossword puzzles are sometimes not displaying text
2409         https://bugs.webkit.org/show_bug.cgi?id=159924
2410         <rdar://problem/27409483>
2411
2412         Reviewed by Simon Fraser.
2413
2414         This patch fixes the case when
2415         - 2 disjoint subtrees are dirty
2416         - RenderView is also dirty.
2417         and we end up not laying out one of the 2 subtrees.
2418
2419         In FrameView::scheduleRelayoutOfSubtree, we assume that when the RenderView is dirty
2420         we already have a pending full layout which means that any previous subtree layouts have already been
2421         converted to full layouts.
2422         However this assumption is incorrect. RenderView can get dirty without checking if there's
2423         already a pending subtree layout.
2424         One option to solve this problem would be to override RenderObject::setNeedsLayout in RenderView
2425         so that when the RenderView gets dirty, we could also convert any pending subtree layout to full layout.
2426         However RenderObject::setNeedsLayout is a hot function and making it virtual would impact performance.
2427         The other option is to always normalize subtree layouts in FrameView::scheduleRelayoutOfSubtree().
2428         This patch implements the second option.
2429
2430         Test: fast/misc/subtree-layouts.html
2431
2432         * page/FrameView.cpp:
2433         (WebCore::FrameView::scheduleRelayoutOfSubtree):
2434
2435 2016-07-19  Anders Carlsson  <andersca@apple.com>
2436
2437         Some payment authorization status values should keep the sheet active
2438         https://bugs.webkit.org/show_bug.cgi?id=159936
2439         rdar://problem/26756701
2440
2441         Reviewed by Tim Horton.
2442
2443         * Modules/applepay/ApplePaySession.cpp:
2444         (WebCore::ApplePaySession::completePayment):
2445         Keep the sheet active if the status isn't a final state status.
2446
2447         * Modules/applepay/PaymentAuthorizationStatus.h:
2448         (WebCore::isFinalStateStatus):
2449         Add a new helper function that returns whether a given payment authorization status is "final",
2450         meaning that once that status has been passed to completePayment, the session is finished.
2451
2452 2016-07-19  Nan Wang  <n_wang@apple.com>
2453
2454         AX: Incorrect behavior for word related text marker functions when there's collapsed whitespace
2455         https://bugs.webkit.org/show_bug.cgi?id=159910
2456
2457         Reviewed by Chris Fleizach.
2458
2459         We are getting a bad CharacterOffset when there's collapsed whitespace. Added a TraverseOptionValidateOffset
2460         option to make sure we are getting the correct CharacterOffset based on the corresponding Range offset. And
2461         fixed a word navigation issue based on that.
2462
2463         Test: accessibility/mac/text-marker-word-nav-collapsed-whitespace.html
2464
2465         * accessibility/AXObjectCache.cpp:
2466         (WebCore::AXObjectCache::traverseToOffsetInRange):
2467         (WebCore::AXObjectCache::rangeForNodeContents):
2468         (WebCore::AXObjectCache::startOrEndCharacterOffsetForRange):
2469         (WebCore::AXObjectCache::characterOffsetFromVisiblePosition):
2470         (WebCore::AXObjectCache::rightWordRange):
2471         (WebCore::AXObjectCache::previousBoundary):
2472         * accessibility/AXObjectCache.h:
2473         (WebCore::AXObjectCache::isNodeInUse):
2474
2475 2016-07-19  Youenn Fablet  <youenn@apple.com>
2476
2477         [Streams API] ReadableStreamController methods should throw if its stream is not readable
2478         https://bugs.webkit.org/show_bug.cgi?id=159871
2479
2480         Reviewed by Xabier Rodriguez-Calvar.
2481
2482         Spec now mandates close and enqueue to throw if ReadableStream is not readable.
2483         Covered by rebased and/or modified tests.
2484
2485         * Modules/streams/ReadableStreamController.js:
2486         (enqueue): Throwing a TypeError if controlled stream is not readable.
2487         (close): Ditto.
2488
2489 2016-07-19  Simon Fraser  <simon.fraser@apple.com>
2490
2491         Bubbles appear split for a brief moment in Messages
2492         https://bugs.webkit.org/show_bug.cgi?id=159915
2493         rdar://problem/27182267
2494
2495         Reviewed by David Hyatt.
2496
2497         RenderView::repaintRootContents() had a long-standing bug in WebView when the
2498         view is scrolled. repaint() uses visualOverflowRect() but, for the 
2499         RenderView, the visualOverflowRect() is the initial containing block
2500         which is anchored at 0,0. When the view is scrolled it's clipped out and
2501         calls to repaintRootContents() have no effect.
2502         
2503         Change repaintRootContents() to use layoutOverflowRect(). ScrollView::repaintContentRectangle()
2504         will clip it to the view if necessary.
2505
2506         Test: fast/repaint/scrolled-view-full-repaint.html
2507
2508         * rendering/RenderView.cpp:
2509         (WebCore::RenderView::repaintRootContents):
2510
2511 2016-07-19  Dan Bernstein  <mitz@apple.com>
2512
2513         <rdar://problem/27420308> WebCore-7602.1.42 fails to build: error: unused parameter 'vm'
2514
2515         * bindings/js/JSDOMGlobalObject.cpp:
2516         (WebCore::JSDOMGlobalObject::addBuiltinGlobals): Fixed the !ENABLE(STREAMS_API) build.
2517
2518 2016-07-19  Youenn Fablet  <youenn@apple.com>
2519
2520         [Streams API] Make ReadableStream properties not enumerable
2521         https://bugs.webkit.org/show_bug.cgi?id=159868
2522
2523         Reviewed by Darin Adler.
2524
2525         Covered by rebased tests.
2526
2527         Uopdating IDL definitions to mark all functions/attributes as not enumerable.
2528         Updating IDL constructor definitions to correctly compute constructor length.
2529         Updating built-in implementation to correctly compute pipeTo length to 1 (second parameter being optional).
2530
2531         * Modules/streams/ReadableStream.idl:
2532         * Modules/streams/ReadableStream.js:
2533         * Modules/streams/ReadableStreamController.idl:
2534         * Modules/streams/ReadableStreamReader.idl:
2535
2536 2016-07-19  Chris Dumez  <cdumez@apple.com>
2537
2538         form.enctype / encoding / method should treat null as "null" string
2539         https://bugs.webkit.org/show_bug.cgi?id=159916
2540
2541         Reviewed by Ryosuke Niwa.
2542
2543         form.enctype / encoding / method should treat null as "null" string:
2544         - https://html.spec.whatwg.org/multipage/forms.html#htmlformelement
2545
2546         Previously, WebKit would treat null as the null String, which would
2547         end up removing the existing attribute.
2548
2549         Firefox and Chrome match the specification.
2550
2551         Test: fast/dom/HTMLFormElement/null-handling.html
2552
2553         * html/HTMLFormElement.h:
2554         * html/HTMLFormElement.idl:
2555
2556 2016-07-18  Csaba Osztrogon√°c  <ossy@webkit.org>
2557
2558         All-in-one buildfix after r202439
2559         https://bugs.webkit.org/show_bug.cgi?id=159877
2560
2561         Reviewed by Chris Dumez.
2562
2563         * Modules/webaudio/AudioDestinationNode.h:
2564         (WebCore::AudioDestinationNode::resume):
2565         (WebCore::AudioDestinationNode::suspend):
2566         (WebCore::AudioDestinationNode::close):
2567
2568 2016-07-18  Frederic Wang  <fwang@igalia.com>
2569
2570         Move parsing of subscriptshift and superscriptshift from rendering to element classes
2571         https://bugs.webkit.org/show_bug.cgi?id=159622
2572
2573         Reviewed by Darin Adler.
2574
2575         We introduce a new MathMLScriptsElement that is used for elements msub, msup, msubsup and
2576         mmultiscripts in order to create RenderMathMLScripts and parse and expose the values of the
2577         subscriptshift and superscriptshift attributes. This is one more step toward moving MathML
2578         attribute parsing to the DOM (bug 156536).
2579
2580         No new tests, rendering is unchanged.
2581
2582         * CMakeLists.txt: Add MathMLScriptsElement files.
2583         * WebCore.xcodeproj/project.pbxproj: Ditto.
2584         * mathml/MathMLAllInOne.cpp: Ditto.
2585         * mathml/MathMLInlineContainerElement.cpp: Remove handling of scripts.
2586         (WebCore::MathMLInlineContainerElement::createElementRenderer): Deleted.
2587         * mathml/MathMLScriptsElement.cpp: Added. New class to handle scripted elements supporting
2588         parsing for the subscriptshift and superscriptshift MathML lengths.
2589         (WebCore::MathMLScriptsElement::MathMLScriptsElement):
2590         (WebCore::MathMLScriptsElement::create):
2591         (WebCore::MathMLScriptsElement::subscriptShift): Expose the cached length for the shift,
2592         parsing the attribute again if necessary.
2593         (WebCore::MathMLScriptsElement::superscriptShift): Ditto.
2594         (WebCore::MathMLScriptsElement::parseAttribute): Mark attributes dirty.
2595         (WebCore::MathMLScriptsElement::createElementRenderer): Create RenderMathMLScripts.
2596         * mathml/MathMLScriptsElement.h: Ditto.
2597         * mathml/mathtags.in: Map msub, msup, msubsup and mmultiscripts to MathMLScriptsElement.
2598         * rendering/mathml/RenderMathMLScripts.cpp:
2599         (WebCore::RenderMathMLScripts::scriptsElement): Helper function to cast the node to a
2600         MathMLScriptsElement.
2601         (WebCore::RenderMathMLScripts::getScriptMetricsAndLayoutIfNeeded): Resolve the attributes
2602         using the functions from the MathMLScriptsElement class.
2603         * rendering/mathml/RenderMathMLScripts.h: Declare scriptsElement.
2604
2605 2016-07-18  Frederic Wang  <fwang@igalia.com>
2606
2607         Do not store gap and shift parameters on RenderMathMLFraction
2608         https://bugs.webkit.org/show_bug.cgi?id=159876
2609
2610         Reviewed by Darin Adler.
2611
2612         After r203285, the stack and fraction layout parameters are only used in layoutBlock so we
2613         do not need to store them on the class. We remove them and split updateLayoutParameters into
2614         three functions: one to update the linethickness and two others to retrieve the fraction and
2615         stack respectively.
2616
2617         No new tests, rendering is unchanged.
2618
2619         * rendering/mathml/RenderMathMLFraction.cpp:
2620         (WebCore::RenderMathMLFraction::updateLineThickness): Move code to update thickness members here.
2621         (WebCore::RenderMathMLFraction::getFractionParameters): Move code to retrieve fraction parameters here.
2622         (WebCore::RenderMathMLFraction::getStackParameters): Move code to retrieve stack parameters here.
2623         (WebCore::RenderMathMLFraction::layoutBlock): Use the new helper functions and local variables
2624         for fraction and stack parameters.
2625         (WebCore::RenderMathMLFraction::updateLayoutParameters): Deleted.
2626         * rendering/mathml/RenderMathMLFraction.h: Declare new helper functions and remove members
2627         for stack and fraction parameters.
2628
2629 2016-07-18  Chris Dumez  <cdumez@apple.com>
2630
2631         input.formEnctype / formMethod and button.formEnctype / formMethod / type should treat null as "null"
2632         https://bugs.webkit.org/show_bug.cgi?id=159908
2633
2634         Reviewed by Alex Christensen.
2635
2636         input.formEnctype / formMethod and button.formEnctype / formMethod / type
2637         should treat null as "null" String:
2638         - https://html.spec.whatwg.org/multipage/forms.html#htmlinputelement
2639         - https://html.spec.whatwg.org/multipage/forms.html#htmlbuttonelement
2640
2641         In WebKit, we would treat null as a null String which would end up
2642         removing the corresponding attribute. This does not match the
2643         specification. Firefox and Chrome match the specification here.
2644
2645         Tests:
2646         - fast/dom/HTMLButtonElement/null-handling.html
2647         - fast/dom/HTMLInputElement/null-handling.html
2648
2649         * html/HTMLButtonElement.idl:
2650         * html/HTMLInputElement.idl:
2651
2652 2016-07-18  Alex Christensen  <achristensen@webkit.org>
2653
2654         webbookmarksd needs to use the same AppCache directory as MobileSafari
2655         https://bugs.webkit.org/show_bug.cgi?id=159912
2656
2657         Reviewed by Alexey Proskuryakov.
2658
2659         No new tests.  This only changes behavior for webbookmarksd.
2660
2661         * platform/RuntimeApplicationChecks.h:
2662         * platform/RuntimeApplicationChecks.mm:
2663         (WebCore::IOSApplication::isWebBookmarksD): Added.
2664
2665 2016-07-18  Chris Dumez  <cdumez@apple.com>
2666
2667         EventTarget.dispatchEvent() parameter should not be nullable
2668         https://bugs.webkit.org/show_bug.cgi?id=159897
2669
2670         Reviewed by Benjamin Poulain.
2671
2672         EventTarget.dispatchEvent() parameter should not be nullable:
2673         - https://dom.spec.whatwg.org/#interface-eventtarget
2674
2675         Even though the parameter was marked as nullable in our IDL, our
2676         implementation does a null check and we already throw a TypeError
2677         when calling dispatchEvent(null).
2678
2679         Update our IDL so that it matches the specification and so that
2680         the null check is generated in the bindings instead.
2681
2682         No new tests, rebaseline existing tests.
2683
2684         * dom/EventTarget.cpp:
2685         (WebCore::EventTarget::dispatchEventForBindings):
2686         * dom/EventTarget.h:
2687         * dom/EventTarget.idl:
2688
2689 2016-07-18  Chris Dumez  <cdumez@apple.com>
2690
2691         DocType's publicId / systemId should not be nullable
2692         https://bugs.webkit.org/show_bug.cgi?id=159901
2693
2694         Reviewed by Benjamin Poulain.
2695
2696         DocType's publicId / systemId should not be nullable. While they were
2697         not marked as nullable in our IDL, they could be stored as null Strings
2698         in our implementation depending on how the Node was constructed. This
2699         led to subtle bugs where String() != emptyString().
2700
2701         In particular, Node.isEqualNode() would return false when DocumentType
2702         nodes would mismatch because of their publicId / systemId being null
2703         instead of the emptyString.
2704
2705         Serialization would DocumentType nodes would also be wrong when
2706         publicId / systemId were empty Strings instead of null strings. The
2707         new behavior now matches:
2708         - https://www.w3.org/TR/DOM-Parsing/#dfn-concept-serialize-doctype (steps 7-9)
2709
2710         To address these issues, we now always store publicId / systemId as
2711         non-null Strings inside the DocumentType class.
2712
2713         Test: fast/dom/DocumentType/isEqualNode.html
2714
2715         * dom/DocumentType.cpp:
2716         (WebCore::DocumentType::DocumentType):
2717         * editing/MarkupAccumulator.cpp:
2718         (WebCore::MarkupAccumulator::appendDocumentType):
2719
2720 2016-07-18  Jeremy Jones  <jeremyj@apple.com>
2721
2722         If previous media session interruptions were prevented, still allow subsequent interruptions to try.
2723         https://bugs.webkit.org/show_bug.cgi?id=157553
2724         rdar://problem/25740804
2725
2726         Reviewed by Eric Carlson.
2727
2728         Test: platform/ios-simulator/media/video-interruption-suspendunderlock.html
2729
2730         When suspending under lock on iOS, there is first a resign active event, then a
2731         suspend under lock. PiP prevents resign active from interrupting playback. But it should allow the
2732         suspend under lock to interrupt playback.
2733
2734         Currently if there are nested interruptions only the first one is acted upon.
2735
2736         This change allows subsequent, nested interruptions to have a chance to interrupt playback if the
2737         previous interruptions were ignored.
2738
2739         This test is for iPad only, so it must be run manually.
2740
2741         * html/HTMLMediaElement.cpp:
2742         (WebCore::HTMLMediaElement::shouldOverrideBackgroundPlaybackRestriction):
2743         * platform/audio/PlatformMediaSession.cpp:
2744         (WebCore::PlatformMediaSession::beginInterruption):
2745         * testing/Internals.cpp:
2746         (WebCore::Internals::beginMediaSessionInterruption):
2747
2748 2016-07-18  Brent Fulgham  <bfulgham@apple.com>
2749
2750         Don't associate form-associated elements with forms in other trees.
2751         https://bugs.webkit.org/show_bug.cgi?id=119451
2752         <rdar://problem/27382946>
2753
2754         Change is based on the Blink change (patch by <adamk@chromium.org>):
2755         <https://chromium.googlesource.com/chromium/blink/+/0b33128be67e7845d495d5219614c02ccfe7a414>
2756
2757         Reviewed by Chris Dumez.
2758
2759         Prevent elements from being associated with forms that are not part of the same home subtree.
2760         This brings us in line with the WhatWG HTML specification as of September, 2013.
2761
2762         Tests: fast/forms/image-disconnected-during-parse.html
2763                fast/forms/input-disconnected-during-parse.html
2764
2765         * dom/Element.h:
2766         (WebCore::Node::rootElement): Added.
2767         * html/FormAssociatedElement.cpp:
2768         (WebCore::FormAssociatedElement::insertedInto): If the element is associated with a form that
2769         is not part of the same tree, remove the association.
2770         * html/HTMLImageElement.cpp:
2771         (WebCore::HTMLImageElement::insertedInto): Ditto.
2772
2773 2016-07-18  Anders Carlsson  <andersca@apple.com>
2774
2775         WebKit nightly fails to build on macOS Sierra
2776         https://bugs.webkit.org/show_bug.cgi?id=159902
2777         rdar://problem/27365672
2778
2779         Reviewed by Tim Horton.
2780
2781         * Modules/applepay/cocoa/PaymentCocoa.mm:
2782         * Modules/applepay/cocoa/PaymentContactCocoa.mm:
2783         * Modules/applepay/cocoa/PaymentMerchantSessionCocoa.mm:
2784         * Modules/applepay/cocoa/PaymentMethodCocoa.mm:
2785         Use new PassKitSPI header.
2786
2787         * WebCore.xcodeproj/project.pbxproj:
2788         Add new PassKitSPI header.
2789
2790         * icu/unicode/ucurr.h: Added.
2791         Add ucurr.h from ICU.
2792
2793         * platform/spi/cocoa/PassKitSPI.h: Added.
2794         Add new PassKitSPI header.
2795
2796 2016-07-18  Dean Jackson  <dino@apple.com>
2797
2798         REGRESSION (r202950): Image zoom animations are broken at medium.com (159861)
2799         https://bugs.webkit.org/show_bug.cgi?id=159906
2800         <rdar://problem/27391725>
2801
2802         Reviewed by Simon Fraser.
2803
2804         The fix for webkit.org/b/157569 in r200769 broke AMP pages.
2805         The followup fix for webkit.org/b/159450 in r202950 broke Medium pages.
2806
2807         Revert them both until we have better testing.
2808
2809         * css/CSSParser.cpp:
2810         (WebCore::CSSParser::addPropertyWithPrefixingVariant):
2811         (WebCore::CSSParser::parseValue):
2812         (WebCore::CSSParser::parseAnimationShorthand):
2813         (WebCore::CSSParser::parseTransitionShorthand): Deleted.
2814         * css/CSSPropertyNames.in:
2815         * css/PropertySetCSSStyleDeclaration.cpp:
2816         (WebCore::PropertySetCSSStyleDeclaration::getPropertyCSSValue):
2817         (WebCore::PropertySetCSSStyleDeclaration::getPropertyValue):
2818         (WebCore::PropertySetCSSStyleDeclaration::getPropertyCSSValueInternal):
2819         (WebCore::PropertySetCSSStyleDeclaration::getPropertyValueInternal):
2820         * css/StyleProperties.cpp:
2821         (WebCore::MutableStyleProperties::removeShorthandProperty):
2822         (WebCore::MutableStyleProperties::removeProperty):
2823         (WebCore::MutableStyleProperties::removePrefixedOrUnprefixedProperty):
2824         (WebCore::MutableStyleProperties::setProperty):
2825         (WebCore::getIndexInShorthandVectorForPrefixingVariant):
2826         (WebCore::MutableStyleProperties::appendPrefixingVariantProperty):
2827         (WebCore::MutableStyleProperties::setPrefixingVariantProperty):
2828         (WebCore::StyleProperties::asText): Deleted.
2829         * css/StyleProperties.h:
2830
2831 2016-07-18  Andreas Kling  <akling@apple.com>
2832
2833         There should be a way to simulate memory pressure in layout tests
2834         <https://webkit.org/b/159743>
2835
2836         Reviewed by Simon Fraser.
2837
2838         Add three window.internal APIs:
2839
2840             - boolean isUnderMemoryPressure (readonly attribute)
2841             - void beginSimulatedMemoryPressure()
2842             - void endSimulatedMemoryPressure()
2843
2844         These make it possible to write tests that exercise behaviors that only
2845         occur during memory pressure situations.
2846
2847         I also implemented the "org.WebKit.lowMemory" notification handler using the new API.
2848
2849         Test: memory/memory-pressure-simulation.html
2850
2851         * platform/MemoryPressureHandler.cpp:
2852         (WebCore::MemoryPressureHandler::beginSimulatedMemoryPressure):
2853         (WebCore::MemoryPressureHandler::endSimulatedMemoryPressure):
2854         * platform/MemoryPressureHandler.h:
2855         (WebCore::MemoryPressureHandler::isUnderMemoryPressure):
2856         * platform/cocoa/MemoryPressureHandlerCocoa.mm:
2857         (WebCore::MemoryPressureHandler::platformReleaseMemory):
2858         (WebCore::MemoryPressureHandler::install):
2859         * testing/Internals.cpp:
2860         (WebCore::Internals::isUnderMemoryPressure):
2861         (WebCore::Internals::beginSimulatedMemoryPressure):
2862         (WebCore::Internals::endSimulatedMemoryPressure):
2863         * testing/Internals.h:
2864         * testing/Internals.idl:
2865
2866 2016-07-18  Said Abou-Hallawa  <sabouhallawa@apple,com>
2867
2868         [iOS] PDFDocumentImage should cache only a sub image of the PDF when caching the whole image is expensive
2869         https://bugs.webkit.org/show_bug.cgi?id=158715
2870
2871         Reviewed by Dean Jackson.
2872
2873         Test: fast/images/displaced-non-cached-pdf.html
2874
2875         For iOS, we need to ensure the size of the cached PDF images will not
2876         exceed some limit. Also we should be caching only a sub image of the PDF
2877         if caching the whole image will exceed the memory limit.
2878
2879         * page/Settings.cpp:
2880         (WebCore::Settings::Settings):
2881         (WebCore::Settings::setCachedPDFImageEnabled):
2882         * page/Settings.h:
2883         (WebCore::Settings::isCachedPDFImageEnabled):
2884             Add an option to disable caching the PDF images.
2885
2886         * platform/graphics/cg/PDFDocumentImage.cpp:
2887         (WebCore::PDFDocumentImage::setCachedPDFImageEnabled):
2888             Allow the caller of draw() to disable caching the PDF images.
2889         
2890         (WebCore::PDFDocumentImage::cacheParametersMatch):
2891             Match the context dirty rectangle with the cached image rectangle.
2892         
2893         (WebCore::transformContextForPainting):
2894             When preparing the context for drawing the PDF, take the location 
2895             of the destination rectangle into account. We do not need to scale
2896             the location of the source rectangle because we scale the size of
2897             the rectangle but we don't scale the whole coordinate system.
2898
2899         (WebCore::cachedImageRect):
2900             Calculate the rectangle of the cached image such that it does not
2901             exceed the limit. Start from the center of the dirty rectangle and
2902             then expand around it.
2903             
2904         (WebCore::PDFDocumentImage::decodedSizeChanged):
2905             In addition to notifying the ImageObserver, it keeps track of the size
2906             of all the cached PDF images.
2907
2908         (WebCore::PDFDocumentImage::updateCachedImageIfNeeded):
2909             Ensure the size of all the cached images does not exceed the limit
2910             
2911         (WebCore::PDFDocumentImage::destroyDecodedData):
2912         * platform/graphics/cg/PDFDocumentImage.h:
2913
2914         * rendering/RenderImage.cpp:
2915         (WebCore::RenderImage::paintIntoRect):
2916             Pass the option to disable caching the PDF images to PDFDocumentImage.
2917
2918         * testing/InternalSettings.cpp:
2919         (WebCore::InternalSettings::Backup::Backup):
2920         (WebCore::InternalSettings::Backup::restoreTo):
2921         (WebCore::InternalSettings::setCachedPDFImageEnabled):
2922         * testing/InternalSettings.h:
2923         * testing/InternalSettings.idl:
2924             Add an internal option to disable caching the PDF images.
2925
2926 2016-07-18  Chris Dumez  <cdumez@apple.com>
2927
2928         The 2 first parameters to addEventListener() / removeEventListener() should be mandatory
2929         https://bugs.webkit.org/show_bug.cgi?id=158008
2930
2931         Reviewed by Darin Adler.
2932
2933         The 2 first parameters to addEventListener() / removeEventListener() should be
2934         mandatory:
2935         - https://dom.spec.whatwg.org/#interface-eventtarget
2936
2937         Firefox 46 and Chrome 50 both match the specification and throw an exception when those
2938         parameters are omitted. However, those parameters were marked as optional in WebKit and
2939         the calls were no-ops if those parameters were omitted. This patch aligns our behavior
2940         with the specification and other browsers.
2941
2942         Test: fast/dom/eventtarget-api-parameters.html
2943
2944         * bindings/scripts/CodeGeneratorJS.pm:
2945         (GetFunctionLength): Deleted.
2946         * dom/EventTarget.idl:
2947
2948 2016-07-18  Brent Fulgham  <bfulgham@apple.com>
2949
2950         Unreviewed, rolling out r203373.
2951
2952         Unaddressed
2953
2954         Reverted changeset:
2955
2956         "Don't associate form-associated elements with forms in other
2957         trees."
2958         https://bugs.webkit.org/show_bug.cgi?id=119451
2959         http://trac.webkit.org/changeset/203373
2960
2961 2016-07-18  Brent Fulgham  <bfulgham@apple.com>
2962
2963         Don't associate form-associated elements with forms in other trees.
2964         https://bugs.webkit.org/show_bug.cgi?id=119451
2965         <rdar://problem/27382946>
2966
2967         Change is based on the Blink change (patch by <adamk@chromium.org>):
2968         <https://chromium.googlesource.com/chromium/blink/+/0b33128be67e7845d495d5219614c02ccfe7a414>
2969
2970         Reviewed by Zalan Bujtas.
2971
2972         Prevent elements from being associated with forms that are not part of the same home subtree.
2973         This brings us in line with the WhatWG HTML specification as of September, 2013.
2974
2975         Tests: fast/forms/image-disconnected-during-parse.html
2976                fast/forms/input-disconnected-during-parse.html
2977
2978         * dom/NodeTraversal.h:
2979         (WebCore::NodeTraversal::highestAncestorOrSelf): Added.
2980         * html/FormAssociatedElement.cpp:
2981         (WebCore::FormAssociatedElement::insertedInto): If the element is associated with a form that
2982         is not part of the same tree, remove the association.
2983         * html/HTMLImageElement.cpp:
2984         (WebCore::HTMLImageElement::insertedInto): Ditto.
2985
2986 2016-07-18  George Ruan  <gruan@apple.com>
2987
2988         Move MediaSampleAVFObjC into its own file
2989         https://bugs.webkit.org/show_bug.cgi?id=159796
2990         <rdar://problem/27362488>
2991
2992         In preparation for a feature that uses MediaSampleAVFObjC, but does
2993         not need SourceBufferPrivateAVFObjC, it is beneficial to move
2994         MediaSampleAVFObjC to its own file.
2995
2996         Reviewed by Eric Carlson.
2997
2998         * WebCore.xcodeproj/project.pbxproj:
2999         * platform/MediaSample.h: Allow setting trackID to associate
3000         MediaSample id with MediaStreamTrackPrivate id.
3001         * platform/graphics/avfoundation/MediaSampleAVFObjC.h: Added.
3002         * platform/graphics/avfoundation/objc/MediaSampleAVFObjC.mm: Moved
3003         from MediaSampleAVFObjC
3004         (WebCore::MediaSampleAVFObjC::presentationTime):
3005         (WebCore::MediaSampleAVFObjC::decodeTime):
3006         (WebCore::MediaSampleAVFObjC::duration):
3007         (WebCore::MediaSampleAVFObjC::sizeInBytes):
3008         (WebCore::MediaSampleAVFObjC::platformSample):
3009         (WebCore::CMSampleBufferIsRandomAccess):
3010         (WebCore::MediaSampleAVFObjC::flags):
3011         (WebCore::MediaSampleAVFObjC::presentationSize):
3012         (WebCore::MediaSampleAVFObjC::dump):
3013         (WebCore::MediaSampleAVFObjC::offsetTimestampsBy):
3014         (WebCore::MediaSampleAVFObjC::setTimestamps):
3015         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
3016         Moved MediaSampleAVFObjC to its own file.
3017         (WebCore::MediaSampleAVFObjC::platformSample): Deleted.
3018         (WebCore::CMSampleBufferIsRandomAccess): Deleted.
3019         (WebCore::MediaSampleAVFObjC::flags): Deleted.
3020         (WebCore::MediaSampleAVFObjC::presentationSize): Deleted.
3021         (WebCore::MediaSampleAVFObjC::dump): Deleted.
3022         (WebCore::MediaSampleAVFObjC::offsetTimestampsBy): Deleted.
3023         (WebCore::MediaSampleAVFObjC::setTimestamps): Deleted.
3024         * platform/mock/mediasource/MockSourceBufferPrivate.cpp:
3025
3026 2016-07-18  Eric Carlson  <eric.carlson@apple.com>
3027
3028         [MSE][Mac] Pass AVSampleBufferDisplayLayer HDCP status to a newly created key session
3029         https://bugs.webkit.org/show_bug.cgi?id=159812
3030         <rdar://problem/27371624>
3031
3032         Reviewed by Jon Lee.
3033
3034         No new tests, it isn't possible to test this with our current testing infrastructure.
3035
3036         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.h:
3037         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
3038         (WebCore::SourceBufferPrivateAVFObjC::setCDMSession): Call layerDidReceiveError if there has
3039         been an HDCP error.
3040         (WebCore::SourceBufferPrivateAVFObjC::rendererDidReceiveError): Remember an HDCP error.
3041
3042 2016-07-18  Yoav Weiss  <yoav@yoav.ws>
3043
3044         Add preload to features.json
3045         https://bugs.webkit.org/show_bug.cgi?id=159872
3046
3047         Reviewed by Darin Adler.
3048
3049         No new tests but no functional change.
3050
3051         * features.json:
3052
3053 2016-07-18  Youenn Fablet  <youenn@apple.com>
3054
3055         [Streams API] ReadableStream should throw a RangeError in case of NaN highWaterMark
3056         https://bugs.webkit.org/show_bug.cgi?id=159870
3057
3058         Reviewed by Xabier Rodriguez-Calvar.
3059
3060         Covered by rebased test.
3061
3062         * Modules/streams/StreamInternals.js:
3063         (validateAndNormalizeQueuingStrategy): Throwing a RangeError in lieu of a TypeError in case of NaN highWaterMark.
3064
3065 2016-07-18  Csaba Osztrogon√°c  <ossy@webkit.org>
3066
3067         Windows buildfix after r203338
3068         https://bugs.webkit.org/show_bug.cgi?id=159875
3069
3070         Unreviewed buildfix.
3071
3072         * dom/UserGestureIndicator.h:
3073         (WebCore::UserGestureToken::addDestructionObserver):
3074
3075 2016-07-18  Carlos Garcia Campos  <cgarcia@igalia.com>
3076
3077         MemoryPressureHandler doesn't work if cgroups aren't present in Linux
3078         https://bugs.webkit.org/show_bug.cgi?id=155255
3079
3080         Reviewed by Sergio Villar Senin.
3081
3082         Allow to pass an eventFD file descriptor to the MemoryPressureHandler to be monitorized in case cgroups are not
3083         available.
3084
3085         * platform/MemoryPressureHandler.h:
3086         * platform/linux/MemoryPressureHandlerLinux.cpp:
3087
3088 2016-07-17  Gyuyoung Kim  <gyuyoung.kim@webkit.org>
3089
3090         Clean up PassRefPtr uses in Modules/encryptedmedia, Modules/speech, and Modules/quota
3091         https://bugs.webkit.org/show_bug.cgi?id=159701
3092
3093         Reviewed by Alex Christensen.
3094
3095         No new tests, no behavior changes.
3096
3097         * Modules/encryptedmedia/CDM.h:
3098         * Modules/encryptedmedia/MediaKeySession.h:
3099         * Modules/encryptedmedia/MediaKeys.h:
3100         * Modules/quota/DOMWindowQuota.cpp:
3101         * Modules/quota/StorageErrorCallback.cpp:
3102         (WebCore::StorageErrorCallback::CallbackTask::CallbackTask):
3103         * Modules/quota/StorageErrorCallback.h:
3104         * Modules/quota/StorageInfo.h:
3105         * Modules/quota/StorageQuota.h:
3106         * Modules/speech/DOMWindowSpeechSynthesis.cpp:
3107         * Modules/speech/SpeechSynthesis.cpp:
3108         (WebCore::SpeechSynthesis::getVoices):
3109         (WebCore::SpeechSynthesis::startSpeakingImmediately):
3110         (WebCore::SpeechSynthesis::speak):
3111         (WebCore::SpeechSynthesis::cancel):
3112         (WebCore::SpeechSynthesis::handleSpeakingCompleted):
3113         (WebCore::SpeechSynthesis::boundaryEventOccurred):
3114         (WebCore::SpeechSynthesis::didStartSpeaking):
3115         (WebCore::SpeechSynthesis::didPauseSpeaking):
3116         (WebCore::SpeechSynthesis::didResumeSpeaking):
3117         (WebCore::SpeechSynthesis::didFinishSpeaking):
3118         (WebCore::SpeechSynthesis::speakingErrorOccurred):
3119         * Modules/speech/SpeechSynthesis.h:
3120         * Modules/speech/SpeechSynthesisEvent.h:
3121         * Modules/speech/SpeechSynthesisUtterance.h:
3122         * Modules/speech/SpeechSynthesisVoice.cpp:
3123         (WebCore::SpeechSynthesisVoice::create):
3124         (WebCore::SpeechSynthesisVoice::SpeechSynthesisVoice):
3125         * Modules/speech/SpeechSynthesisVoice.h:
3126         * platform/PlatformSpeechSynthesizer.h:
3127         * platform/efl/PlatformSpeechSynthesisProviderEfl.cpp:
3128         (WebCore::PlatformSpeechSynthesisProviderEfl::fireSpeechEvent):
3129         * platform/mock/PlatformSpeechSynthesizerMock.cpp:
3130         (WebCore::PlatformSpeechSynthesizerMock::speakingFinished):
3131         (WebCore::PlatformSpeechSynthesizerMock::speak):
3132         (WebCore::PlatformSpeechSynthesizerMock::cancel):
3133         (WebCore::PlatformSpeechSynthesizerMock::pause):
3134         (WebCore::PlatformSpeechSynthesizerMock::resume):
3135
3136 2016-07-16  Sam Weinig  <sam@webkit.org>
3137
3138         [WebKit API] Add SPI to track multiple navigations caused by a single user gesture
3139         <rdar://problem/26554137>
3140         https://bugs.webkit.org/show_bug.cgi?id=159856
3141
3142         Reviewed by Dan Bernstein.
3143
3144         - Adds a new RefCounted object to represent a unique user gesture, called UserGestureToken.
3145         - Makes UserGestureIndicator track UserGestureToken.
3146         - Refines UserGestureIndicator's interface to use Optional and a smaller enum set
3147           to represent the different initial states.
3148         - Stores UserGestureTokens on objects that want to forward user gesture state (DOMTimer, 
3149           postMessage, and ScheduledNavigation) rather than just a boolean.
3150
3151         * accessibility/AccessibilityNodeObject.cpp:
3152         (WebCore::AccessibilityNodeObject::increment):
3153         (WebCore::AccessibilityNodeObject::decrement):
3154         * accessibility/AccessibilityObject.cpp:
3155         (WebCore::AccessibilityObject::press):
3156         * bindings/js/ScriptController.cpp:
3157         (WebCore::ScriptController::executeScriptInWorld):
3158         (WebCore::ScriptController::executeScript):
3159         Update for new UserGestureIndicator interface.
3160
3161         * dom/UserGestureIndicator.cpp:
3162         (WebCore::currentToken):
3163         (WebCore::UserGestureToken::~UserGestureToken):
3164         (WebCore::UserGestureIndicator::UserGestureIndicator):
3165         (WebCore::UserGestureIndicator::~UserGestureIndicator):
3166         (WebCore::UserGestureIndicator::currentUserGesture):
3167         (WebCore::UserGestureIndicator::processingUserGesture):
3168         (WebCore::UserGestureIndicator::processingUserGestureForMedia):
3169         (WebCore::isDefinite): Deleted.
3170         * dom/UserGestureIndicator.h:
3171         (WebCore::UserGestureToken::create):
3172         (WebCore::UserGestureToken::state):
3173         (WebCore::UserGestureToken::processingUserGesture):
3174         (WebCore::UserGestureToken::processingUserGestureForMedia):
3175         (WebCore::UserGestureToken::addDestructionObserver):
3176         (WebCore::UserGestureToken::UserGestureToken):
3177         Add UserGestureToken and track the current one explicitly.
3178
3179         * html/HTMLMediaElement.cpp:
3180         (WebCore::HTMLMediaElement::didReceiveRemoteControlCommand):
3181         * inspector/InspectorFrontendClientLocal.cpp:
3182         (WebCore::InspectorFrontendClientLocal::openInNewTab):
3183         * inspector/InspectorFrontendHost.cpp:
3184         * inspector/InspectorPageAgent.cpp:
3185         (WebCore::InspectorPageAgent::navigate):
3186         Update for new UserGestureIndicator interface.
3187
3188         * loader/NavigationAction.cpp:
3189         (WebCore::NavigationAction::NavigationAction):
3190         * loader/NavigationAction.h:
3191         (WebCore::NavigationAction::userGestureToken):
3192         (WebCore::NavigationAction::processingUserGesture):
3193         * loader/NavigationScheduler.cpp:
3194         (WebCore::ScheduledNavigation::ScheduledNavigation):
3195         (WebCore::ScheduledNavigation::~ScheduledNavigation):
3196         (WebCore::ScheduledNavigation::lockBackForwardList):
3197         (WebCore::ScheduledNavigation::wasDuringLoad):
3198         (WebCore::ScheduledNavigation::isLocationChange):
3199         (WebCore::ScheduledNavigation::userGestureToForward):
3200         (WebCore::ScheduledNavigation::clearUserGesture):
3201         (WebCore::NavigationScheduler::mustLockBackForwardList):
3202         (WebCore::NavigationScheduler::scheduleFormSubmission):
3203         (WebCore::ScheduledNavigation::wasUserGesture): Deleted.
3204         * page/DOMTimer.cpp:
3205         (WebCore::shouldForwardUserGesture):
3206         (WebCore::userGestureTokenToForward):
3207         (WebCore::DOMTimer::DOMTimer):
3208         (WebCore::DOMTimer::fired):
3209         * page/DOMTimer.h:
3210         * page/DOMWindow.cpp:
3211         (WebCore::PostMessageTimer::PostMessageTimer):
3212         Store the active UserGestureToken rather than just a bit.
3213
3214         * page/EventHandler.cpp:
3215         (WebCore::EventHandler::handleMousePressEvent):
3216         (WebCore::EventHandler::handleMouseDoubleClickEvent):
3217         (WebCore::EventHandler::handleMouseReleaseEvent):
3218         (WebCore::EventHandler::keyEvent):
3219         (WebCore::EventHandler::handleTouchEvent):
3220         * rendering/HitTestResult.cpp:
3221         (WebCore::HitTestResult::toggleMediaFullscreenState):
3222         (WebCore::HitTestResult::enterFullscreenForVideo):
3223         (WebCore::HitTestResult::toggleEnhancedFullscreenForVideo):
3224         Update for new UserGestureIndicator interface.
3225
3226 2016-07-17  Ryosuke Niwa  <rniwa@webkit.org>
3227
3228         Rename fastHasAttribute to hasAttributeWithoutSynchronization
3229         https://bugs.webkit.org/show_bug.cgi?id=159864
3230
3231         Reviewed by Chris Dumez.
3232
3233         Renamed Rename fastHasAttribute to hasAttributeWithoutSynchronization for clarity.
3234
3235         * accessibility/AccessibilityListBoxOption.cpp:
3236         (WebCore::AccessibilityListBoxOption::isEnabled):
3237         * accessibility/AccessibilityObject.cpp:
3238         (WebCore::AccessibilityObject::hasAttribute):
3239         (WebCore::AccessibilityObject::getAttribute):
3240         * accessibility/AccessibilityRenderObject.cpp:
3241         (WebCore::AccessibilityRenderObject::determineAccessibilityRole):
3242         * bindings/scripts/CodeGenerator.pm:
3243         (GetterExpression):
3244         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
3245         * bindings/scripts/test/JS/JSTestObj.cpp:
3246         (WebCore::jsTestObjReflectedBooleanAttr):
3247         (WebCore::jsTestObjReflectedCustomBooleanAttr):
3248         * bindings/scripts/test/ObjC/DOMTestObj.mm:
3249         (-[DOMTestObj reflectedBooleanAttr]):
3250         (-[DOMTestObj setReflectedBooleanAttr:]):
3251         (-[DOMTestObj reflectedCustomBooleanAttr]):
3252         (-[DOMTestObj setReflectedCustomBooleanAttr:]):
3253         * dom/Document.cpp:
3254         (WebCore::Document::hasManifest):
3255         (WebCore::Document::doctype):
3256         * dom/Element.h:
3257         (WebCore::Node::parentElement):
3258         (WebCore::Element::hasAttributeWithoutSynchronization):
3259         (WebCore::Element::fastHasAttribute): Deleted.
3260         * editing/ApplyStyleCommand.cpp:
3261         (WebCore::ApplyStyleCommand::removeEmbeddingUpToEnclosingBlock):
3262         * editing/DeleteSelectionCommand.cpp:
3263         (WebCore::DeleteSelectionCommand::makeStylingElementsDirectChildrenOfEditableRootToPreventStyleLoss):
3264         * editing/markup.cpp:
3265         (WebCore::createMarkupInternal):
3266         * html/ColorInputType.cpp:
3267         (WebCore::ColorInputType::shouldShowSuggestions):
3268         * html/FileInputType.cpp:
3269         (WebCore::FileInputType::handleDOMActivateEvent):
3270         (WebCore::FileInputType::receiveDroppedFiles):
3271         * html/FormAssociatedElement.cpp:
3272         (WebCore::FormAssociatedElement::didMoveToNewDocument):
3273         (WebCore::FormAssociatedElement::insertedInto):
3274         (WebCore::FormAssociatedElement::removedFrom):
3275         (WebCore::FormAssociatedElement::formAttributeChanged):
3276         * html/FormController.cpp:
3277         (WebCore::ownerFormForState):
3278         * html/GenericCachedHTMLCollection.cpp:
3279         (WebCore::GenericCachedHTMLCollection<traversalType>::elementMatches):
3280         * html/HTMLAnchorElement.cpp:
3281         (WebCore::HTMLAnchorElement::draggable):
3282         (WebCore::HTMLAnchorElement::href):
3283         (WebCore::HTMLAnchorElement::sendPings):
3284         * html/HTMLAppletElement.cpp:
3285         (WebCore::HTMLAppletElement::rendererIsNeeded):
3286         * html/HTMLElement.cpp:
3287         (WebCore::HTMLElement::collectStyleForPresentationAttribute):
3288         (WebCore::elementAffectsDirectionality):
3289         (WebCore::setHasDirAutoFlagRecursively):
3290         * html/HTMLEmbedElement.cpp:
3291         (WebCore::HTMLEmbedElement::rendererIsNeeded):
3292         * html/HTMLFieldSetElement.cpp:
3293         (WebCore::updateFromControlElementsAncestorDisabledStateUnder):
3294         (WebCore::HTMLFieldSetElement::disabledAttributeChanged):
3295         (WebCore::HTMLFieldSetElement::disabledStateChanged):
3296         (WebCore::HTMLFieldSetElement::childrenChanged):
3297         * html/HTMLFormControlElement.cpp:
3298         (WebCore::HTMLFormControlElement::formNoValidate):
3299         (WebCore::HTMLFormControlElement::formAction):
3300         (WebCore::HTMLFormControlElement::computeIsDisabledByFieldsetAncestor):
3301         (WebCore::shouldAutofocus):
3302         * html/HTMLFormElement.cpp:
3303         (WebCore::HTMLFormElement::formElementIndex):
3304         (WebCore::HTMLFormElement::noValidate):
3305         * html/HTMLFrameElement.cpp:
3306         (WebCore::HTMLFrameElement::noResize):
3307         (WebCore::HTMLFrameElement::didAttachRenderers):
3308         * html/HTMLFrameElementBase.cpp:
3309         (WebCore::HTMLFrameElementBase::parseAttribute):
3310         (WebCore::HTMLFrameElementBase::location):
3311         * html/HTMLHRElement.cpp:
3312         (WebCore::HTMLHRElement::collectStyleForPresentationAttribute):
3313         * html/HTMLImageElement.cpp:
3314         (WebCore::HTMLImageElement::isServerMap):
3315         * html/HTMLInputElement.cpp:
3316         (WebCore::HTMLInputElement::finishParsingChildren):
3317         (WebCore::HTMLInputElement::matchesDefaultPseudoClass):
3318         (WebCore::HTMLInputElement::isActivatedSubmit):
3319         (WebCore::HTMLInputElement::reset):
3320         (WebCore::HTMLInputElement::multiple):
3321         (WebCore::HTMLInputElement::setSize):
3322         (WebCore::HTMLInputElement::shouldUseMediaCapture):
3323         * html/HTMLMarqueeElement.cpp:
3324         (WebCore::HTMLMarqueeElement::minimumDelay):
3325         * html/HTMLMediaElement.cpp:
3326         (WebCore::HTMLMediaElement::insertedInto):
3327         (WebCore::HTMLMediaElement::selectMediaResource):
3328         (WebCore::HTMLMediaElement::loadResource):
3329         (WebCore::HTMLMediaElement::autoplay):
3330         (WebCore::HTMLMediaElement::preload):
3331         (WebCore::HTMLMediaElement::loop):
3332         (WebCore::HTMLMediaElement::setLoop):
3333         (WebCore::HTMLMediaElement::controls):
3334         (WebCore::HTMLMediaElement::setControls):
3335         (WebCore::HTMLMediaElement::muted):
3336         (WebCore::HTMLMediaElement::setMuted):
3337         (WebCore::HTMLMediaElement::selectNextSourceChild):
3338         (WebCore::HTMLMediaElement::sourceWasAdded):
3339         (WebCore::HTMLMediaElement::mediaSessionTitle):
3340         * html/HTMLObjectElement.cpp:
3341         (WebCore::HTMLObjectElement::parseAttribute):
3342         * html/HTMLOptGroupElement.cpp:
3343         (WebCore::HTMLOptGroupElement::isDisabledFormControl):
3344         (WebCore::HTMLOptGroupElement::isFocusable):
3345         * html/HTMLOptionElement.cpp:
3346         (WebCore::HTMLOptionElement::matchesDefaultPseudoClass):
3347         (WebCore::HTMLOptionElement::text):
3348         * html/HTMLProgressElement.cpp:
3349         (WebCore::HTMLProgressElement::isDeterminate):
3350         (WebCore::HTMLProgressElement::didElementStateChange):
3351         * html/HTMLScriptElement.cpp:
3352         (WebCore::HTMLScriptElement::async):
3353         (WebCore::HTMLScriptElement::setCrossOrigin):
3354         (WebCore::HTMLScriptElement::asyncAttributeValue):
3355         (WebCore::HTMLScriptElement::deferAttributeValue):
3356         (WebCore::HTMLScriptElement::hasSourceAttribute):
3357         (WebCore::HTMLScriptElement::dispatchLoadEvent):
3358         * html/HTMLSelectElement.cpp:
3359         (WebCore::HTMLSelectElement::reset):
3360         * html/HTMLTrackElement.cpp:
3361         (WebCore::HTMLTrackElement::isDefault):
3362         (WebCore::HTMLTrackElement::ensureTrack):
3363         (WebCore::HTMLTrackElement::loadTimerFired):
3364         * html/MediaElementSession.cpp:
3365         (WebCore::MediaElementSession::wirelessVideoPlaybackDisabled):
3366         (WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):
3367         (WebCore::MediaElementSession::allowsAutomaticMediaDataLoading):
3368         * html/SearchInputType.cpp:
3369         (WebCore::SearchInputType::searchEventsShouldBeDispatched):
3370         (WebCore::SearchInputType::didSetValueByUserEdit):
3371         * inspector/InspectorDOMAgent.cpp:
3372         (WebCore::InspectorDOMAgent::buildObjectForNode):
3373         * loader/FrameLoader.cpp:
3374         (WebCore::FrameLoader::shouldTreatURLAsSrcdocDocument):
3375         (WebCore::FrameLoader::findFrameForNavigation):
3376         * loader/ImageLoader.cpp:
3377         (WebCore::ImageLoader::notifyFinished):
3378         * mathml/MathMLSelectElement.cpp:
3379         (WebCore::MathMLSelectElement::getSelectedSemanticsChild):
3380         * rendering/RenderTableCell.cpp:
3381         (WebCore::RenderTableCell::computePreferredLogicalWidths):
3382         * rendering/RenderThemeIOS.mm:
3383         (WebCore::RenderThemeIOS::adjustMenuListButtonStyle):
3384         * rendering/SimpleLineLayout.cpp:
3385         (WebCore::SimpleLineLayout::canUseForWithReason):
3386         * rendering/svg/RenderSVGResourceClipper.cpp:
3387         (WebCore::RenderSVGResourceClipper::drawContentIntoMaskImage):
3388         * svg/SVGAnimateMotionElement.cpp:
3389         (WebCore::SVGAnimateMotionElement::updateAnimationPath):
3390         * svg/SVGAnimationElement.cpp:
3391         (WebCore::SVGAnimationElement::startedActiveInterval):
3392         (WebCore::SVGAnimationElement::updateAnimation):
3393         * svg/animation/SVGSMILElement.cpp:
3394         (WebCore::SVGSMILElement::insertedInto):
3395
3396 2016-07-17  Brady Eidson  <beidson@apple.com>
3397
3398         Exceptions logged to the JS console should use toString().
3399         https://bugs.webkit.org/show_bug.cgi?id=159855
3400
3401         Reviewed by Darin Adler.
3402
3403         No new tests (No change in behavior).
3404
3405         * bindings/js/JSDOMBinding.cpp:
3406         (WebCore::reportException):
3407
3408         * dom/DOMCoreException.h:
3409         (WebCore::DOMCoreException::DOMCoreException):
3410
3411         * dom/ExceptionBase.cpp:
3412         (WebCore::ExceptionBase::ExceptionBase):
3413         (WebCore::ExceptionBase::toString):
3414         (WebCore::ExceptionBase::consoleErrorMessage): Deleted.
3415         * dom/ExceptionBase.h:
3416         (WebCore::ExceptionBase::description): Deleted.
3417
3418         * svg/SVGException.h:
3419
3420         * xml/XPathException.h:
3421         (WebCore::XPathException::XPathException):
3422
3423 2016-07-17  Brady Eidson  <beidson@apple.com>
3424
3425         Update DOMCoreException to use the description in toString().
3426         https://bugs.webkit.org/show_bug.cgi?id=159857
3427
3428         Reviewed by Darin Adler.
3429
3430         No new tests (Covered by changes to existing tests).
3431
3432         * bindings/js/JSDOMBinding.cpp:
3433         (WebCore::createDOMException):
3434
3435         * dom/DOMCoreException.h:
3436         (WebCore::DOMCoreException::DOMCoreException):
3437         (WebCore::DOMCoreException::createWithDescriptionAsMessage): Deleted.
3438
3439 2016-07-17  Myles C. Maxfield  <mmaxfield@apple.com>
3440
3441         Support new emoji group candidates
3442         https://bugs.webkit.org/show_bug.cgi?id=159755
3443         <rdar://problem/27325521>
3444
3445         Reviewed by Dean Jackson.
3446
3447         There are a few code points which should be able to be joined (with ZWJ) to
3448         either U+2640 or U+2642 to change the gender of the emoji. These patterns
3449         should also work with an additional 0xFE0F variation selector. This patch
3450         adds these new patterns to our existing emoji group candidate infrastructure.
3451
3452         Tests: fast/text/emoji-gender-2-3.html
3453                fast/text/emoji-gender-2-4.html
3454                fast/text/emoji-gender-2-5.html
3455                fast/text/emoji-gender-2-6.html
3456                fast/text/emoji-gender-2-7.html
3457                fast/text/emoji-gender-2-8.html
3458                fast/text/emoji-gender-2-9.html
3459                fast/text/emoji-gender-2.html
3460                fast/text/emoji-gender-3.html
3461                fast/text/emoji-gender-4.html
3462                fast/text/emoji-gender-5.html
3463                fast/text/emoji-gender-6.html
3464                fast/text/emoji-gender-7.html
3465                fast/text/emoji-gender-8.html
3466                fast/text/emoji-gender-9.html
3467                fast/text/emoji-gender-fe0f-3.html
3468                fast/text/emoji-gender-fe0f-4.html
3469                fast/text/emoji-gender-fe0f-5.html
3470                fast/text/emoji-gender-fe0f-6.html
3471                fast/text/emoji-gender-fe0f-7.html
3472                fast/text/emoji-gender-fe0f-8.html
3473                fast/text/emoji-gender-fe0f-9.html
3474                fast/text/emoji-gender.html
3475                fast/text/emoji-num-glyphs.html
3476                fast/text/emoji-single-parent-family-2.html
3477                fast/text/emoji-single-parent-family.html
3478
3479         * platform/graphics/mac/ComplexTextControllerCoreText.mm:
3480         (WebCore::ComplexTextController::ComplexTextRun::ComplexTextRun): Removed incorrect ASSERT()s.
3481         * platform/graphics/FontCascade.cpp:
3482         (WebCore::FontCascade::characterRangeCodePath):
3483         * platform/text/CharacterProperties.h:
3484         (WebCore::isEmojiGroupCandidate):
3485
3486 2016-07-16  Brady Eidson  <beidson@apple.com>
3487
3488         Update SVGException to use the description in toString().
3489         https://bugs.webkit.org/show_bug.cgi?id=159847
3490
3491         Reviewed by Darin Adler.
3492
3493         No new tests (Covered by changes to existing tests).
3494
3495         * bindings/js/JSDOMBinding.cpp:
3496         (WebCore::reportException): use consoleErrorMessage for now.
3497
3498         * dom/ExceptionBase.cpp:
3499         (WebCore::ExceptionBase::consoleErrorMessage):
3500         * dom/ExceptionBase.h:
3501
3502         * svg/SVGException.h:
3503
3504 2016-07-16  Chris Dumez  <cdumez@apple.com>
3505
3506         Use fastHasAttribute() when possible
3507         https://bugs.webkit.org/show_bug.cgi?id=159838
3508
3509         Reviewed by Ryosuke Niwa.
3510
3511         Use fastHasAttribute() when possible, for performance.
3512
3513         * editing/DeleteSelectionCommand.cpp:
3514         (WebCore::DeleteSelectionCommand::makeStylingElementsDirectChildrenOfEditableRootToPreventStyleLoss):
3515         * editing/markup.cpp:
3516         (WebCore::createMarkupInternal):
3517         * html/HTMLAnchorElement.cpp:
3518         (WebCore::HTMLAnchorElement::draggable):
3519         * html/HTMLFrameElementBase.cpp:
3520         (WebCore::HTMLFrameElementBase::parseAttribute):
3521         * mathml/MathMLSelectElement.cpp:
3522         (WebCore::MathMLSelectElement::getSelectedSemanticsChild):
3523         * rendering/RenderThemeIOS.mm:
3524         (WebCore::RenderThemeIOS::adjustMenuListButtonStyle):
3525
3526 2016-07-16  Ryosuke Niwa  <rniwa@webkit.org>
3527
3528         Rename fastGetAttribute to attributeWithoutSynchronization
3529         https://bugs.webkit.org/show_bug.cgi?id=159852
3530
3531         Reviewed by Darin Adler.
3532
3533         Renamed fastGetAttribute to attributeWithoutSynchronization for clarity.
3534
3535         * accessibility/AXObjectCache.cpp:
3536         (WebCore::AXObjectCache::findAriaModalNodes):
3537         (WebCore::nodeHasRole):
3538         (WebCore::AXObjectCache::handleLiveRegionCreated):
3539         (WebCore::AXObjectCache::handleMenuItemSelected):
3540         (WebCore::AXObjectCache::handleAriaModalChange):
3541         (WebCore::isNodeAriaVisible):
3542         * accessibility/AccessibilityNodeObject.cpp:
3543         (WebCore::siblingWithAriaRole):
3544         (WebCore::AccessibilityNodeObject::titleElementText):
3545         (WebCore::AccessibilityNodeObject::alternativeTextForWebArea):
3546         (WebCore::AccessibilityNodeObject::hierarchicalLevel):
3547         (WebCore::AccessibilityNodeObject::stringValue):
3548         (WebCore::accessibleNameForNode):
3549         * accessibility/AccessibilityObject.cpp:
3550         (WebCore::AccessibilityObject::contentEditableAttributeIsEnabled):
3551         (WebCore::AccessibilityObject::getAttribute):
3552         * accessibility/AccessibilityRenderObject.cpp:
3553         (WebCore::AccessibilityRenderObject::stringValue):
3554         (WebCore::AccessibilityRenderObject::exposesTitleUIElement):
3555         * accessibility/AccessibilitySVGElement.cpp:
3556         (WebCore::AccessibilitySVGElement::childElementWithMatchingLanguage):
3557         (WebCore::AccessibilitySVGElement::accessibilityDescription):
3558         * bindings/objc/DOM.mm:
3559         (-[DOMHTMLLinkElement _mediaQueryMatches]):
3560         * bindings/scripts/CodeGenerator.pm:
3561         (GetterExpression):
3562         * bindings/scripts/CodeGeneratorObjC.pm:
3563         (GenerateImplementation):
3564         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
3565         * bindings/scripts/test/JS/JSTestObj.cpp:
3566         (WebCore::jsTestObjReflectedStringAttr):
3567         * dom/AuthorStyleSheets.cpp:
3568         (WebCore::AuthorStyleSheets::collectActiveStyleSheets):
3569         * dom/Document.cpp:
3570         (WebCore::Document::buildAccessKeyMap):
3571         (WebCore::Document::processBaseElement):
3572         * dom/DocumentOrderedMap.cpp:
3573         (WebCore::DocumentOrderedMap::getElementByLabelForAttribute):
3574         * dom/Element.cpp:
3575         (WebCore::Element::imageSourceURL):
3576         (WebCore::Element::rendererIsNeeded):
3577         (WebCore::Element::insertedInto):
3578         (WebCore::Element::removedFrom):
3579         (WebCore::Element::pseudo):
3580         (WebCore::Element::setPseudo):
3581         (WebCore::Element::spellcheckAttributeState):
3582         (WebCore::Element::canContainRangeEndPoint):
3583         (WebCore::Element::completeURLsInAttributeValue):
3584         * dom/Element.h:
3585         (WebCore::Element::fastHasAttribute):
3586         (WebCore::Element::attributeWithoutSynchronization):
3587         (WebCore::Element::fastGetAttribute): Deleted.
3588         * dom/InlineStyleSheetOwner.cpp:
3589         (WebCore::InlineStyleSheetOwner::createSheet):
3590         * dom/ScriptElement.cpp:
3591         (WebCore::ScriptElement::requestScript):
3592         (WebCore::ScriptElement::executeScript):
3593         * dom/SlotAssignment.cpp:
3594         (WebCore::slotNameFromSlotAttribute):
3595         (WebCore::SlotAssignment::SlotAssignment):
3596         (WebCore::recursivelyFireSlotChangeEvent):
3597         (WebCore::SlotAssignment::didChangeSlot):
3598         (WebCore::SlotAssignment::hostChildElementDidChange):
3599         (WebCore::SlotAssignment::assignedNodesForSlot):
3600         (WebCore::SlotAssignment::resolveAllSlotElements):
3601         * dom/TreeScope.cpp:
3602         (WebCore::TreeScope::labelElementForId):
3603         * dom/VisitedLinkState.cpp:
3604         (WebCore::linkAttribute):
3605         * editing/ApplyStyleCommand.cpp:
3606         (WebCore::isLegacyAppleStyleSpan):
3607         (WebCore::hasNoAttributeOrOnlyStyleAttribute):
3608         * editing/EditingStyle.cpp:
3609         (WebCore::EditingStyle::elementIsStyledSpanOrHTMLEquivalent):
3610         * editing/ReplaceSelectionCommand.cpp:
3611         (WebCore::isInterchangeNewlineNode):
3612         (WebCore::isInterchangeConvertedSpaceSpan):
3613         (WebCore::positionAvoidingPrecedingNodes):
3614         (WebCore::isMailPasteAsQuotationNode):
3615         (WebCore::isHeaderElement):
3616         (WebCore::isInlineNodeWithStyle):
3617         * editing/TextIterator.cpp:
3618         (WebCore::isRendererReplacedElement):
3619         * editing/cocoa/DataDetection.mm:
3620         (WebCore::DataDetection::isDataDetectorLink):
3621         (WebCore::DataDetection::requiresExtendedContext):
3622         (WebCore::DataDetection::dataDetectorIdentifier):
3623         (WebCore::DataDetection::shouldCancelDefaultAction):
3624         (WebCore::removeResultLinksFromAnchor):
3625         (WebCore::searchForLinkRemovingExistingDDLinks):
3626         * editing/gtk/EditorGtk.cpp:
3627         (WebCore::elementURL):
3628         * editing/htmlediting.cpp:
3629         (WebCore::isTabSpanNode):
3630         (WebCore::isTabSpanTextNode):
3631         (WebCore::isMailBlockquote):
3632         (WebCore::caretMinOffset):
3633         * editing/markup.cpp:
3634         (WebCore::createFragmentFromMarkup):
3635         * html/Autofill.cpp:
3636         (WebCore::AutofillData::createFromHTMLFormControlElement):
3637         * html/BaseTextInputType.cpp:
3638         (WebCore::BaseTextInputType::patternMismatch):
3639         * html/DateInputType.cpp:
3640         (WebCore::DateInputType::createStepRange):
3641         * html/DateTimeInputType.cpp:
3642         (WebCore::DateTimeInputType::createStepRange):
3643         * html/DateTimeLocalInputType.cpp:
3644         (WebCore::DateTimeLocalInputType::createStepRange):
3645         * html/FormAssociatedElement.cpp:
3646         (WebCore::FormAssociatedElement::findAssociatedForm):
3647         (WebCore::FormAssociatedElement::resetFormAttributeTargetObserver):
3648         (WebCore::FormAssociatedElement::formAttributeTargetChanged):
3649         * html/HTMLAnchorElement.cpp:
3650         (WebCore::HTMLAnchorElement::draggable):
3651         (WebCore::HTMLAnchorElement::href):
3652         (WebCore::HTMLAnchorElement::setHref):
3653         (WebCore::HTMLAnchorElement::target):
3654         (WebCore::HTMLAnchorElement::origin):
3655         (WebCore::HTMLAnchorElement::sendPings):
3656         (WebCore::HTMLAnchorElement::handleClick):
3657         * html/HTMLAnchorElement.h:
3658         (WebCore::HTMLAnchorElement::visitedLinkHash):
3659         * html/HTMLAppletElement.cpp:
3660         (WebCore::HTMLAppletElement::updateWidget):
3661         * html/HTMLAreaElement.cpp:
3662         (WebCore::HTMLAreaElement::target):
3663         * html/HTMLAttachmentElement.cpp:
3664         (WebCore::HTMLAttachmentElement::attachmentTitle):
3665         (WebCore::HTMLAttachmentElement::attachmentType):
3666         * html/HTMLBaseElement.cpp:
3667         (WebCore::HTMLBaseElement::target):
3668         (WebCore::HTMLBaseElement::href):
3669         * html/HTMLBodyElement.cpp:
3670         (WebCore::HTMLBodyElement::addSubresourceAttributeURLs):
3671         * html/HTMLButtonElement.cpp:
3672         (WebCore::HTMLButtonElement::value):
3673         (WebCore::HTMLButtonElement::computeWillValidate):
3674         * html/HTMLCanvasElement.cpp:
3675         (WebCore::HTMLCanvasElement::reset):
3676         * html/HTMLDocument.cpp:
3677         (WebCore::HTMLDocument::bgColor):
3678         (WebCore::HTMLDocument::setBgColor):
3679         (WebCore::HTMLDocument::fgColor):
3680         (WebCore::HTMLDocument::setFgColor):
3681         (WebCore::HTMLDocument::alinkColor):
3682         (WebCore::HTMLDocument::setAlinkColor):
3683         (WebCore::HTMLDocument::linkColor):
3684         (WebCore::HTMLDocument::setLinkColor):
3685         (WebCore::HTMLDocument::vlinkColor):
3686         (WebCore::HTMLDocument::setVlinkColor):
3687         * html/HTMLElement.cpp:
3688         (WebCore::contentEditableType):
3689         (WebCore::HTMLElement::collectStyleForPresentationAttribute):
3690         (WebCore::HTMLElement::dir):
3691         (WebCore::HTMLElement::setDir):
3692         (WebCore::HTMLElement::draggable):
3693         (WebCore::HTMLElement::setDraggable):
3694         (WebCore::HTMLElement::title):
3695         (WebCore::HTMLElement::tabIndex):
3696         (WebCore::HTMLElement::translateAttributeMode):
3697         (WebCore::HTMLElement::hasDirectionAuto):
3698         (WebCore::HTMLElement::directionality):
3699         * html/HTMLEmbedElement.cpp:
3700         (WebCore::HTMLEmbedElement::imageSourceURL):
3701         (WebCore::HTMLEmbedElement::addSubresourceAttributeURLs):
3702         * html/HTMLFormControlElement.cpp:
3703         (WebCore::HTMLFormControlElement::formEnctype):
3704         (WebCore::HTMLFormControlElement::formMethod):
3705         (WebCore::HTMLFormControlElement::formAction):
3706         (WebCore::HTMLFormControlElement::autocorrect):
3707         (WebCore::HTMLFormControlElement::autocapitalizeType):
3708         * html/HTMLFormElement.cpp:
3709         (WebCore::HTMLFormElement::autocorrect):
3710         (WebCore::HTMLFormElement::autocapitalizeType):
3711         (WebCore::HTMLFormElement::autocapitalize):
3712         (WebCore::HTMLFormElement::action):
3713         (WebCore::HTMLFormElement::setAction):
3714         (WebCore::HTMLFormElement::target):
3715         (WebCore::HTMLFormElement::wasUserSubmitted):
3716         (WebCore::HTMLFormElement::shouldAutocomplete):
3717         (WebCore::HTMLFormElement::finishParsingChildren):
3718         (WebCore::HTMLFormElement::autocomplete):
3719         * html/HTMLFrameElementBase.cpp:
3720         (WebCore::HTMLFrameElementBase::location):
3721         (WebCore::HTMLFrameElementBase::setLocation):
3722         * html/HTMLHtmlElement.cpp:
3723         (WebCore::HTMLHtmlElement::insertedByParser):
3724         * html/HTMLImageElement.cpp:
3725         (WebCore::HTMLImageElement::imageSourceURL):
3726         (WebCore::HTMLImageElement::setBestFitURLAndDPRFromImageCandidate):
3727         (WebCore::HTMLImageElement::bestFitSourceFromPictureElement):
3728         (WebCore::HTMLImageElement::selectImageSource):
3729         (WebCore::HTMLImageElement::altText):
3730         (WebCore::HTMLImageElement::createElementRenderer):
3731         (WebCore::HTMLImageElement::width):
3732         (WebCore::HTMLImageElement::height):
3733         (WebCore::HTMLImageElement::alt):
3734         (WebCore::HTMLImageElement::draggable):
3735         (WebCore::HTMLImageElement::setHeight):
3736         (WebCore::HTMLImageElement::src):
3737         (WebCore::HTMLImageElement::setSrc):
3738         (WebCore::HTMLImageElement::addSubresourceAttributeURLs):
3739         (WebCore::HTMLImageElement::didMoveToNewDocument):
3740         (WebCore::HTMLImageElement::isServerMap):
3741         (WebCore::HTMLImageElement::crossOrigin):
3742         * html/HTMLInputElement.cpp:
3743         (WebCore::HTMLInputElement::updateType):
3744         (WebCore::HTMLInputElement::initializeInputType):
3745         (WebCore::HTMLInputElement::altText):
3746         (WebCore::HTMLInputElement::value):
3747         (WebCore::HTMLInputElement::defaultValue):
3748         (WebCore::HTMLInputElement::setDefaultValue):
3749         (WebCore::HTMLInputElement::acceptMIMETypes):
3750         (WebCore::HTMLInputElement::acceptFileExtensions):
3751         (WebCore::HTMLInputElement::accept):
3752         (WebCore::HTMLInputElement::alt):
3753         (WebCore::HTMLInputElement::effectiveMaxLength):
3754         (WebCore::HTMLInputElement::src):
3755         (WebCore::HTMLInputElement::setAutoFilled):
3756         (WebCore::HTMLInputElement::dataList):
3757         (WebCore::HTMLInputElement::resetListAttributeTargetObserver):
3758         * html/HTMLKeygenElement.cpp:
3759         (WebCore::HTMLKeygenElement::isKeytypeRSA):
3760         (WebCore::HTMLKeygenElement::appendFormData):
3761         * html/HTMLLIElement.cpp:
3762         (WebCore::HTMLLIElement::didAttachRenderers):
3763         (WebCore::HTMLLIElement::parseValue):
3764         * html/HTMLLabelElement.cpp:
3765         (WebCore::HTMLLabelElement::control):
3766         * html/HTMLLinkElement.cpp:
3767         (WebCore::HTMLLinkElement::crossOrigin):
3768         (WebCore::HTMLLinkElement::process):
3769         (WebCore::HTMLLinkElement::href):
3770         (WebCore::HTMLLinkElement::rel):
3771         (WebCore::HTMLLinkElement::target):
3772         (WebCore::HTMLLinkElement::type):
3773         (WebCore::HTMLLinkElement::iconType):
3774         * html/HTMLMarqueeElement.cpp:
3775         (WebCore::HTMLMarqueeElement::scrollAmount):
3776         (WebCore::HTMLMarqueeElement::setScrollAmount):
3777         (WebCore::HTMLMarqueeElement::scrollDelay):
3778         (WebCore::HTMLMarqueeElement::setScrollDelay):
3779         (WebCore::HTMLMarqueeElement::loop):
3780         * html/HTMLMediaElement.cpp:
3781         (WebCore::HTMLMediaElement::insertedInto):
3782         (WebCore::HTMLMediaElement::crossOrigin):
3783         (WebCore::HTMLMediaElement::networkState):
3784         (WebCore::HTMLMediaElement::mediaSessionTitle):
3785         (WebCore::HTMLMediaElement::doesHaveAttribute):
3786         * html/HTMLMetaElement.cpp:
3787         (WebCore::HTMLMetaElement::process):
3788         (WebCore::HTMLMetaElement::content):
3789         (WebCore::HTMLMetaElement::httpEquiv):
3790         (WebCore::HTMLMetaElement::name):
3791         * html/HTMLMeterElement.cpp:
3792         (WebCore::HTMLMeterElement::min):
3793         (WebCore::HTMLMeterElement::setMin):
3794         (WebCore::HTMLMeterElement::max):
3795         (WebCore::HTMLMeterElement::setMax):
3796         (WebCore::HTMLMeterElement::value):
3797         (WebCore::HTMLMeterElement::low):
3798         (WebCore::HTMLMeterElement::high):
3799         (WebCore::HTMLMeterElement::optimum):
3800         * html/HTMLObjectElement.cpp:
3801         (WebCore::HTMLObjectElement::shouldAllowQuickTimeClassIdQuirk):
3802         (WebCore::HTMLObjectElement::hasValidClassId):
3803         (WebCore::HTMLObjectElement::imageSourceURL):
3804         (WebCore::HTMLObjectElement::renderFallbackContent):
3805         (WebCore::HTMLObjectElement::containsJavaApplet):
3806         (WebCore::HTMLObjectElement::addSubresourceAttributeURLs):
3807         * html/HTMLOptGroupElement.cpp:
3808         (WebCore::HTMLOptGroupElement::groupLabelText):
3809         * html/HTMLOptionElement.cpp:
3810         (WebCore::HTMLOptionElement::value):
3811         (WebCore::HTMLOptionElement::label):
3812         * html/HTMLParamElement.cpp:
3813         (WebCore::HTMLParamElement::value):
3814         (WebCore::HTMLParamElement::isURLParameter):
3815         * html/HTMLProgressElement.cpp:
3816         (WebCore::HTMLProgressElement::value):
3817         (WebCore::HTMLProgressElement::max):
3818         * html/HTMLScriptElement.cpp:
3819         (WebCore::HTMLScriptElement::crossOrigin):
3820         (WebCore::HTMLScriptElement::src):
3821         (WebCore::HTMLScriptElement::sourceAttributeValue):
3822         (WebCore::HTMLScriptElement::charsetAttributeValue):
3823         (WebCore::HTMLScriptElement::typeAttributeValue):
3824         (WebCore::HTMLScriptElement::languageAttributeValue):
3825         (WebCore::HTMLScriptElement::forAttributeValue):
3826         (WebCore::HTMLScriptElement::eventAttributeValue):
3827         (WebCore::HTMLScriptElement::asyncAttributeValue):
3828         * html/HTMLSlotElement.cpp:
3829         (WebCore::HTMLSlotElement::insertedInto):
3830         (WebCore::HTMLSlotElement::removedFrom):
3831         * html/HTMLSourceElement.cpp:
3832         (WebCore::HTMLSourceElement::media):
3833         (WebCore::HTMLSourceElement::setMedia):
3834         (WebCore::HTMLSourceElement::type):
3835         (WebCore::HTMLSourceElement::setType):
3836         * html/HTMLTableCellElement.cpp:
3837         (WebCore::HTMLTableCellElement::colSpanForBindings):
3838         (WebCore::HTMLTableCellElement::rowSpan):
3839         (WebCore::HTMLTableCellElement::rowSpanForBindings):
3840         (WebCore::HTMLTableCellElement::cellIndex):
3841         (WebCore::HTMLTableCellElement::abbr):
3842         (WebCore::HTMLTableCellElement::axis):
3843         (WebCore::HTMLTableCellElement::setColSpanForBindings):
3844         (WebCore::HTMLTableCellElement::headers):
3845         (WebCore::HTMLTableCellElement::setRowSpanForBindings):
3846         (WebCore::HTMLTableCellElement::scope):
3847         (WebCore::HTMLTableCellElement::addSubresourceAttributeURLs):
3848         (WebCore::HTMLTableCellElement::cellAbove):
3849         * html/HTMLTableColElement.cpp:
3850         (WebCore::HTMLTableColElement::width):
3851         * html/HTMLTableElement.cpp:
3852         (WebCore::HTMLTableElement::rules):
3853         (WebCore::HTMLTableElement::summary):
3854         (WebCore::HTMLTableElement::addSubresourceAttributeURLs):
3855         * html/HTMLTableSectionElement.cpp:
3856         (WebCore::HTMLTableSectionElement::align):
3857         (WebCore::HTMLTableSectionElement::setAlign):
3858         (WebCore::HTMLTableSectionElement::ch):
3859         (WebCore::HTMLTableSectionElement::setCh):
3860         (WebCore::HTMLTableSectionElement::chOff):
3861         (WebCore::HTMLTableSectionElement::setChOff):
3862         (WebCore::HTMLTableSectionElement::vAlign):
3863         (WebCore::HTMLTableSectionElement::setVAlign):
3864         * html/HTMLTextAreaElement.cpp:
3865         (WebCore::HTMLTextAreaElement::appendFormData):
3866         * html/HTMLTextFormControlElement.cpp:
3867         (WebCore::HTMLTextFormControlElement::strippedPlaceholder):
3868         (WebCore::HTMLTextFormControlElement::isPlaceholderEmpty):
3869         (WebCore::HTMLTextFormControlElement::directionForFormData):
3870         * html/HTMLTrackElement.cpp:
3871         (WebCore::HTMLTrackElement::srclang):
3872         (WebCore::HTMLTrackElement::label):
3873         (WebCore::HTMLTrackElement::isDefault):
3874         (WebCore::HTMLTrackElement::ensureTrack):
3875         (WebCore::HTMLTrackElement::mediaElementCrossOriginAttribute):
3876         * html/HTMLVideoElement.cpp:
3877         (WebCore::HTMLVideoElement::parseAttribute):
3878         (WebCore::HTMLVideoElement::imageSourceURL):
3879         * html/ImageInputType.cpp:
3880         (WebCore::ImageInputType::height):
3881         (WebCore::ImageInputType::width):
3882         * html/InputType.cpp:
3883         (WebCore::InputType::applyStep):
3884         * html/MediaElementSession.cpp:
3885         (WebCore::MediaElementSession::wirelessVideoPlaybackDisabled):
3886         * html/MonthInputType.cpp:
3887         (WebCore::MonthInputType::createStepRange):
3888         * html/NumberInputType.cpp:
3889         (WebCore::NumberInputType::createStepRange):
3890         (WebCore::NumberInputType::sizeShouldIncludeDecoration):
3891         * html/RangeInputType.cpp:
3892         (WebCore::RangeInputType::createStepRange):
3893         (WebCore::RangeInputType::handleKeydownEvent):
3894         * html/TextFieldInputType.cpp:
3895         (WebCore::TextFieldInputType::appendFormData):
3896         (WebCore::TextFieldInputType::updateAutoFillButton):
3897         * html/TimeInputType.cpp:
3898         (WebCore::TimeInputType::createStepRange):
3899         * html/ValidationMessage.cpp:
3900         (WebCore::ValidationMessage::updateValidationMessage):
3901         * html/WeekInputType.cpp:
3902         (WebCore::WeekInputType::createStepRange):
3903         * html/track/WebVTTElement.cpp:
3904         (WebCore::WebVTTElement::createEquivalentHTMLElement):
3905         * inspector/InspectorPageAgent.cpp:
3906         (WebCore::InspectorPageAgent::buildObjectForFrame):
3907         * loader/FormSubmission.cpp:
3908         (WebCore::FormSubmission::create):
3909         * loader/FrameLoader.cpp:
3910         (WebCore::FrameLoader::defaultSubstituteDataForURL):
3911         * loader/ImageLoader.cpp:
3912         (WebCore::ImageLoader::updateFromElement):
3913         * loader/SubframeLoader.cpp:
3914         (WebCore::SubframeLoader::isPluginContentAllowedByContentSecurityPolicy):
3915         * mathml/MathMLElement.cpp:
3916         (WebCore::MathMLElement::colSpan):
3917         (WebCore::MathMLElement::rowSpan):
3918         (WebCore::MathMLElement::childShouldCreateRenderer):
3919         (WebCore::MathMLElement::defaultEventHandler):
3920         (WebCore::MathMLElement::cachedMathMLLength):
3921         * mathml/MathMLFractionElement.cpp:
3922         (WebCore::MathMLFractionElement::lineThickness):
3923         (WebCore::MathMLFractionElement::cachedFractionAlignment):
3924         * mathml/MathMLSelectElement.cpp:
3925         (WebCore::MathMLSelectElement::getSelectedActionChildAndIndex):
3926         (WebCore::MathMLSelectElement::getSelectedActionChild):
3927         (WebCore::MathMLSelectElement::getSelectedSemanticsChild):
3928         (WebCore::MathMLSelectElement::defaultEventHandler):
3929         (WebCore::MathMLSelectElement::willRespondToMouseClickEvents):
3930         (WebCore::MathMLSelectElement::toggle):
3931         * page/EventHandler.cpp:
3932         (WebCore::findDropZone):
3933         * page/Frame.cpp:
3934         (WebCore::Frame::matchLabelsAgainstElement):
3935         * page/PageSerializer.cpp:
3936         (WebCore::PageSerializer::serializeFrame):
3937         * platform/win/PasteboardWin.cpp:
3938         (WebCore::Pasteboard::writeImageToDataObject):
3939         * rendering/HitTestResult.cpp:
3940         (WebCore::HitTestResult::altDisplayString):
3941         * rendering/RenderDetailsMarker.cpp:
3942         (WebCore::RenderDetailsMarker::isOpen):
3943         * rendering/RenderImage.cpp:
3944         (WebCore::RenderImage::imageMap):
3945         (WebCore::RenderImage::nodeAtPoint):
3946         * rendering/RenderMenuList.cpp:
3947         (RenderMenuList::itemAccessibilityText):
3948         (RenderMenuList::itemToolTip):
3949         * rendering/RenderSearchField.cpp:
3950         (WebCore::RenderSearchField::autosaveName):
3951         * rendering/RenderThemeIOS.mm:
3952         (WebCore::getAttachmentProgress):
3953         (WebCore::AttachmentInfo::AttachmentInfo):
3954         * rendering/RenderThemeMac.mm:
3955         (WebCore::AttachmentLayout::layOutSubtitle):
3956         (WebCore::RenderThemeMac::paintAttachment):
3957         * rendering/mathml/MathMLStyle.cpp:
3958         (WebCore::MathMLStyle::resolveMathMLStyle):
3959         * rendering/mathml/RenderMathMLFenced.cpp:
3960         (WebCore::RenderMathMLFenced::updateFromElement):
3961         * rendering/mathml/RenderMathMLOperator.cpp:
3962         (WebCore::RenderMathMLOperator::setOperatorFlagFromAttribute):
3963         (WebCore::RenderMathMLOperator::setOperatorFlagFromAttributeValue):
3964         (WebCore::RenderMathMLOperator::setOperatorProperties):
3965         * rendering/mathml/RenderMathMLScripts.cpp:
3966         (WebCore::RenderMathMLScripts::getScriptMetricsAndLayoutIfNeeded):
3967         * rendering/mathml/RenderMathMLUnderOver.cpp:
3968         (WebCore::RenderMathMLUnderOver::hasAccent):
3969         * style/StyleSharingResolver.cpp:
3970         (WebCore::Style::SharingResolver::canShareStyleWithElement):
3971         (WebCore::Style::SharingResolver::sharingCandidateHasIdenticalStyleAffectingAttributes):
3972         * svg/SVGAElement.cpp:
3973         (WebCore::SVGAElement::title):
3974         (WebCore::SVGAElement::defaultEventHandler):
3975         * svg/SVGAltGlyphElement.cpp:
3976         (WebCore::SVGAltGlyphElement::glyphRef):
3977         (WebCore::SVGAltGlyphElement::setFormat):
3978         (WebCore::SVGAltGlyphElement::format):
3979         (WebCore::SVGAltGlyphElement::childShouldCreateRenderer):
3980         * svg/SVGAnimationElement.cpp:
3981         (WebCore::SVGAnimationElement::toValue):
3982         (WebCore::SVGAnimationElement::byValue):
3983         (WebCore::SVGAnimationElement::fromValue):
3984         (WebCore::SVGAnimationElement::isAdditive):
3985         (WebCore::SVGAnimationElement::isAccumulated):
3986         * svg/SVGElement.cpp:
3987         (WebCore::SVGElement::xmlbase):
3988         (WebCore::SVGElement::setXmlbase):
3989         * svg/SVGFontFaceElement.cpp:
3990         (WebCore::SVGFontFaceElement::unitsPerEm):
3991         (WebCore::SVGFontFaceElement::xHeight):
<