Addressing post-review comments after r196322
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2016-02-10  Myles C. Maxfield  <mmaxfield@apple.com>
2
3         Addressing post-review comments after r196322
4
5         Unreviwed.
6
7         * css/CSSFontFaceSource.cpp:
8         (WebCore::CSSFontFaceSource::font):
9         * css/CSSFontFaceSource.h:
10
11 2016-02-10  Chris Dumez  <cdumez@apple.com>
12
13         Attributes on the Window instance should be configurable unless [Unforgeable]
14         https://bugs.webkit.org/show_bug.cgi?id=153920
15         <rdar://problem/24563211>
16
17         Reviewed by Darin Adler.
18
19         Attributes on the Window instance should be configurable unless [Unforgeable]:
20         1. 'constructor' property:
21            - http://www.w3.org/TR/WebIDL/#interface-prototype-object
22         2. Constructor properties (e.g. window.Node):
23            - http://www.w3.org/TR/WebIDL/#es-interfaces
24         3. IDL attributes:
25            - http://heycam.github.io/webidl/#es-attributes (configurable unless
26              [Unforgeable], e.g. window.location)
27
28         Firefox complies with the WebIDL specification but WebKit does not for 1. and 3.
29
30         Test: fast/dom/Window/window-properties-configurable.html
31
32         * bindings/js/JSDOMWindowCustom.cpp:
33         (WebCore::JSDOMWindow::getOwnPropertySlot):
34         For known Window properties (i.e. properties in the static property table),
35         if we have reified and this is same-origin access, then call
36         Base::getOwnPropertySlot() to get the property from the local property
37         storage. If we have not reified yet, or this is cross-origin access, query
38         the static property table. This is to match the behavior of Firefox and
39         Chrome which seem to keep returning the original properties upon cross
40         origin access, even if those were deleted or redefined.
41
42         (WebCore::JSDOMWindow::put):
43         The previous code used to call the static property setter for properties in
44         the static table. However, this does not do the right thing if properties
45         were reified. For example, deleting window.name and then trying to set it
46         again would not work. Therefore, update this code to only do this if the
47         properties have not been reified, similarly to what is done in
48         JSObject::putInlineSlow().
49
50         * bindings/scripts/CodeGeneratorJS.pm:
51         (ConstructorShouldBeOnInstance):
52         Add a FIXME comment indicating that window.constructor should be on
53         the prototype as per the Web IDL specification.
54
55         (GenerateAttributesHashTable):
56         - Mark 'constructor' property as configurable for Window, as per the
57           specification and consistently with other 'constructor' properties:
58           http://www.w3.org/TR/WebIDL/#interface-prototype-object
59         - Mark properties as configurable even though they are on the instance.
60           Window has its properties on the instance as per the specification:
61           1. http://heycam.github.io/webidl/#es-attributes
62           2. http://heycam.github.io/webidl/#PrimaryGlobal (window is [PrimaryGlobal]
63           However, these properties should be configurable as long as they are
64           not marked as [Unforgeable], as per 1.
65
66         * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
67         * bindings/scripts/test/JS/JSTestException.cpp:
68         * bindings/scripts/test/JS/JSTestObj.cpp:
69         Rebaseline bindings tests.
70
71 2016-02-10  Brady Eidson  <beidson@apple.com>
72
73         Modern IDB: Ref cycle between IDBObjectStore and IDBTransaction.
74         https://bugs.webkit.org/show_bug.cgi?id=154061
75
76         Reviewed by Alex Christensen.
77
78         No new tests (Currently untestable).
79
80         * Modules/indexeddb/client/IDBTransactionImpl.cpp:
81         (WebCore::IDBClient::IDBTransaction::transitionedToFinishing): Make sure the new state makes sense,
82           set the new state, and then clear the set of referenced object stores which is no longer needed.
83         (WebCore::IDBClient::IDBTransaction::abort):
84         (WebCore::IDBClient::IDBTransaction::commit):
85         * Modules/indexeddb/client/IDBTransactionImpl.h:
86
87 2016-02-10  Jer Noble  <jer.noble@apple.com>
88
89         REGRESSION(r195770): Use-after-free in ResourceLoaderOptions::cachingPolicy
90         https://bugs.webkit.org/show_bug.cgi?id=153727
91         <rdar://problem/24429886>
92
93         Reviewed by Darin Adler.
94
95         Follow-up after r195965. Only protect those parts of CachedResource::removeClient() which
96         affect the MemoryCache when allowsCaching() is false.
97
98         * loader/cache/CachedResource.cpp:
99         (WebCore::CachedResource::removeClient):
100
101 2016-02-10  Csaba Osztrogonác  <ossy@webkit.org>
102
103         Fix the !(ENABLE(SHADOW_DOM) || ENABLE(DETAILS_ELEMENT)) after r196281
104         https://bugs.webkit.org/show_bug.cgi?id=154035
105
106         Reviewed by Antti Koivisto.
107
108         * dom/ComposedTreeIterator.h:
109         (WebCore::ComposedTreeIterator::Context::Context):
110
111 2016-02-09  Carlos Garcia Campos  <cgarcia@igalia.com>
112
113         [GTK] Toggle buttons are blurry with GTK+ 3.19
114         https://bugs.webkit.org/show_bug.cgi?id=154007
115
116         Reviewed by Michael Catanzaro.
117
118         Use min-width/min-height style properties when GTK+ >= 3.19.7 to
119         get the size of toggle buttons.
120
121         * rendering/RenderThemeGtk.cpp:
122         (WebCore::setToggleSize):
123         (WebCore::paintToggle):
124
125 2016-02-09  Aakash Jain  <aakash_jain@apple.com>
126
127         Headers that use WEBCORE_EXPORT should include PlatformExportMacros.h
128         https://bugs.webkit.org/show_bug.cgi?id=146984
129
130         Reviewed by Alexey Proskuryakov.
131
132         * Modules/speech/SpeechSynthesis.h:
133         * contentextensions/ContentExtensionError.h:
134         * dom/DeviceOrientationClient.h:
135         * platform/graphics/Color.h:
136         * platform/ios/wak/WebCoreThread.h:
137         * platform/network/CacheValidation.h:
138         * platform/network/cf/CertificateInfo.h:
139
140 2016-02-09  Nan Wang  <n_wang@apple.com>
141
142         AX: Implement word related text marker functions using TextIterator
143         https://bugs.webkit.org/show_bug.cgi?id=153939
144         <rdar://problem/24269605>
145
146         Reviewed by Chris Fleizach.
147
148         Using CharacterOffset to implement word related text marker calls. Reused
149         logic from previousBoundary and nextBoundary in VisibleUnits class.
150
151         Test: accessibility/mac/text-marker-word-nav.html
152
153         * accessibility/AXObjectCache.cpp:
154         (WebCore::AXObjectCache::traverseToOffsetInRange):
155         (WebCore::AXObjectCache::rangeForNodeContents):
156         (WebCore::isReplacedNodeOrBR):
157         (WebCore::characterOffsetsInOrder):
158         (WebCore::resetNodeAndOffsetForReplacedNode):
159         (WebCore::setRangeStartOrEndWithCharacterOffset):
160         (WebCore::AXObjectCache::rangeForUnorderedCharacterOffsets):
161         (WebCore::AXObjectCache::setTextMarkerDataWithCharacterOffset):
162         (WebCore::AXObjectCache::startOrEndCharacterOffsetForRange):
163         (WebCore::AXObjectCache::startOrEndTextMarkerDataForRange):
164         (WebCore::AXObjectCache::characterOffsetForNodeAndOffset):
165         (WebCore::AXObjectCache::textMarkerDataForCharacterOffset):
166         (WebCore::AXObjectCache::previousNode):
167         (WebCore::AXObjectCache::visiblePositionFromCharacterOffset):
168         (WebCore::AXObjectCache::characterOffsetFromVisiblePosition):
169         (WebCore::AXObjectCache::textMarkerDataForVisiblePosition):
170         (WebCore::AXObjectCache::nextCharacterOffset):
171         (WebCore::AXObjectCache::previousCharacterOffset):
172         (WebCore::startWordBoundary):
173         (WebCore::endWordBoundary):
174         (WebCore::AXObjectCache::startCharacterOffsetOfWord):
175         (WebCore::AXObjectCache::endCharacterOffsetOfWord):
176         (WebCore::AXObjectCache::previousWordStartCharacterOffset):
177         (WebCore::AXObjectCache::nextWordEndCharacterOffset):
178         (WebCore::AXObjectCache::leftWordRange):
179         (WebCore::AXObjectCache::rightWordRange):
180         (WebCore::characterForCharacterOffset):
181         (WebCore::AXObjectCache::characterAfter):
182         (WebCore::AXObjectCache::characterBefore):
183         (WebCore::parentEditingBoundary):
184         (WebCore::AXObjectCache::nextWordBoundary):
185         (WebCore::AXObjectCache::previousWordBoundary):
186         (WebCore::AXObjectCache::rootAXEditableElement):
187         * accessibility/AXObjectCache.h:
188         (WebCore::AXObjectCache::removeNodeForUse):
189         (WebCore::AXObjectCache::isNodeInUse):
190         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
191         (-[WebAccessibilityObjectWrapper previousTextMarkerForNode:offset:]):
192         (-[WebAccessibilityObjectWrapper textMarkerForNode:offset:ignoreStart:]):
193         (-[WebAccessibilityObjectWrapper textMarkerForNode:offset:]):
194         (textMarkerForCharacterOffset):
195         (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:forParameter:]):
196         * editing/VisibleUnits.cpp:
197         (WebCore::rightWordPosition):
198         (WebCore::prepend):
199         (WebCore::appendRepeatedCharacter):
200         (WebCore::suffixLengthForRange):
201         (WebCore::prefixLengthForRange):
202         (WebCore::backwardSearchForBoundaryWithTextIterator):
203         (WebCore::forwardSearchForBoundaryWithTextIterator):
204         (WebCore::previousBoundary):
205         (WebCore::nextBoundary):
206         * editing/VisibleUnits.h:
207
208 2016-02-09  Daniel Bates  <dabates@apple.com>
209
210         CSP: Extract helper classes into their own files
211         https://bugs.webkit.org/show_bug.cgi?id=154040
212         <rdar://problem/24571189>
213
214         Reviewed by Brent Fulgham.
215
216         No functionality was changed. So, no new tests.
217
218         * CMakeLists.txt: Add files ContentSecurityPolicy{DirectiveList, MediaListDirective, Source, SourceList, SourceListDirective}.cpp.
219         * WebCore.xcodeproj/project.pbxproj: Ditto.
220         * page/csp/ContentSecurityPolicy.cpp: Clean up #includes. Include header ParsingUtilities.h so that we can remove our own
221         variants of skip{Exactly, Until, While}(). Update code as necessary for class renames.
222         (WebCore::skipExactly): Deleted; instead use the analogous function in ParsingUtilities.h.
223         (WebCore::skipUntil): Deleted; instead use the analogous function in ParsingUtilities.h.
224         (WebCore::skipWhile): Deleted; instead use the analogous function in ParsingUtilities.h.
225         (WebCore::isSourceListNone): Moved to file ContentSecurityPolicySourceList.cpp.
226         (WebCore::CSPSource): Deleted; moved implementation to files ContentSecurityPolicySource.{cpp, h}.
227         (WebCore::CSPSourceList): Deleted; moved implementation to files ContentSecurityPolicySourceList.{cpp, h}.
228         (WebCore::CSPDirective): Deleted; moved implementation to file ContentSecurityPolicyDirective.h.
229         (WebCore::MediaListDirective): Deleted; moved implementation to files ContentSecurityPolicyMediaListDirective.{cpp, h}.
230         (WebCore::SourceListDirective): Deleted; moved implementation to files ContentSecurityPolicySourceListDirective.{cpp, h}.
231         (WebCore::CSPDirectiveList): Deleted; moved implementation to files ContentSecurityPolicyDirectiveList.{cpp, h}.
232         * page/csp/ContentSecurityPolicy.h:
233         * page/csp/ContentSecurityPolicyDirective.h: Added.
234         * page/csp/ContentSecurityPolicyDirectiveList.cpp: Added; removed use of ternary operator where it made the code less readable.
235         Updated code to make use of the functions defined in ParsingUtilities.h.
236         (WebCore::isExperimentalDirectiveName): Moved from file ContentSecurityPolicy.cpp.
237         (WebCore::isCSPDirectiveName): Ditto.
238         (WebCore::isDirectiveNameCharacter): Ditto.
239         (WebCore::isDirectiveValueCharacter): Ditto.
240         (WebCore::isNotASCIISpace): Ditto.
241         * page/csp/ContentSecurityPolicyDirectiveList.h: Added.
242         * page/csp/ContentSecurityPolicyMediaListDirective.cpp: Added. Updated code to make use of the functions defined in ParsingUtilities.h.
243         (WebCore::isMediaTypeCharacter): Moved from file ContentSecurityPolicy.cpp.
244         (WebCore::isNotASCIISpace): Ditto.
245         * page/csp/ContentSecurityPolicyMediaListDirective.h: Added.
246         * page/csp/ContentSecurityPolicySource.cpp: Added.
247         * page/csp/ContentSecurityPolicySource.h: Added.
248         * page/csp/ContentSecurityPolicySourceList.cpp: Added. Updated code to make use of the functions defined in ParsingUtilities.h.
249         (WebCore::isSourceCharacter): Moved from file ContentSecurityPolicy.cpp.
250         (WebCore::isHostCharacter): Ditto.
251         (WebCore::isPathComponentCharacter): Ditto.
252         (WebCore::isSchemeContinuationCharacter): Ditto.
253         (WebCore::isNotColonOrSlash): Ditto.
254         (WebCore::isSourceListNone): Ditto.
255         * page/csp/ContentSecurityPolicySourceList.h: Added.
256         * page/csp/ContentSecurityPolicySourceListDirective.cpp: Added.
257         * page/csp/ContentSecurityPolicySourceListDirective.h: Added.
258
259 2016-02-09  Brady Eidson  <beidson@apple.com>
260
261         Modern IDB: TransactionOperation objects leak.
262         https://bugs.webkit.org/show_bug.cgi?id=154054
263
264         Reviewed by Alex Christensen.
265
266         No new tests (Currently untestable).
267
268         * Modules/indexeddb/client/IDBTransactionImpl.cpp:
269         (WebCore::IDBClient::IDBTransaction::abortOnServerAndCancelRequests): Remove the TransactionOperation from
270           the map, as this operation doesn't complete "normally" like most others.
271         (WebCore::IDBClient::IDBTransaction::commitOnServer): Ditto.
272         
273         * Modules/indexeddb/client/TransactionOperation.h:
274         (WebCore::IDBClient::TransactionOperation::perform): Clear the m_performFunction after use,
275           as it holds a lambda that holds a RefPtr to the IDBTransaction, as well as a self-ref.
276         (WebCore::IDBClient::TransactionOperation::completed): Clear m_completeFunction for the same reasons.
277
278 2016-02-09  Jer Noble  <jer.noble@apple.com>
279
280         [Mac] Graphical corruption in videos when enabling custom loading path
281         https://bugs.webkit.org/show_bug.cgi?id=154044
282
283         Reviewed by Alex Christensen.
284
285         The NSOperationQueue provided by AVFoundation from the AVAssetResourceLoader queue is not
286         set to be a serial queue. So when adding dataReceived operations to that queue, there exists
287         the possibility that some operations are handled before others, and the client will receieve
288         data out of order.
289
290         A real NSURLSession object will only issue another operation when the first operation
291         completes, so emulate this behavior in WebCoreNSURLSession by using a serial dispatch queue.
292         The internal queue will enqueue an operation to the resource loader's queue, and block until
293         that operation completes, thus ensuring ordering of the data (and other) operations.
294
295         * platform/network/cocoa/WebCoreNSURLSession.h:
296         * platform/network/cocoa/WebCoreNSURLSession.mm:
297         (-[WebCoreNSURLSession initWithResourceLoader:delegate:delegateQueue:]): Initialize _internalQueue
298         (-[WebCoreNSURLSession addDelegateOperation:]): Added utility method.
299         (-[WebCoreNSURLSession taskCompleted:]): Call -addDelegateOperation:
300         (-[WebCoreNSURLSession finishTasksAndInvalidate]): Ditto.
301         (-[WebCoreNSURLSession resetWithCompletionHandler:]): Ditto.
302         (-[WebCoreNSURLSession flushWithCompletionHandler:]): Ditto.
303         (-[WebCoreNSURLSession getTasksWithCompletionHandler:]): Ditto.
304         (-[WebCoreNSURLSession getAllTasksWithCompletionHandler:]): Ditto.
305         (-[WebCoreNSURLSessionDataTask resource:receivedResponse:]): Ditto.
306         (-[WebCoreNSURLSessionDataTask resource:receivedData:length:]): Ditto.
307         (-[WebCoreNSURLSessionDataTask resourceFinished:]): Ditto.
308
309         Drive-by fix:
310         (-[WebCoreNSURLSessionDataTask resource:receivedData:length:]): Set countOfBytesReceived outside the operation,
311             queue, matching NSURLSessionDataTask's behavior.
312
313 2016-02-09  Nan Wang  <n_wang@apple.com>
314
315         [iOS Simulator] accessibility/text-marker/text-marker-range-stale-node-crash.html crashing
316         https://bugs.webkit.org/show_bug.cgi?id=154039
317
318         Reviewed by Chris Fleizach.
319
320         We are accessing the derefed node in the CharacterOffset object, we should create an empty
321         CharacterOffset object if the node is not in use.
322
323         It's covered by the test accessibility/text-marker/text-marker-range-stale-node-crash.html.
324
325         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
326         (-[WebAccessibilityTextMarker characterOffset]):
327         (-[WebAccessibilityTextMarker isIgnored]):
328
329 2016-02-09  Myles C. Maxfield  <mmaxfield@apple.com>
330
331         Unreviewed build fix after r196322
332
333         Unreviewed.
334
335         * css/CSSFontFace.cpp:
336         (WebCore::CSSFontFace::font):
337
338 2016-02-09  Zalan Bujtas  <zalan@apple.com>
339
340         Outline corners do not align properly for multiline inlines.
341         https://bugs.webkit.org/show_bug.cgi?id=154025
342
343         Reviewed by David Hyatt.
344
345         Adjust border position when outline-offset > 0. This patch also
346         removes integral pixelsnapping (drawLineForBoxSide takes care of
347         device pixelsnapping). 
348
349         Test: fast/inline/outline-corners-with-offset.html
350
351         * rendering/RenderInline.cpp:
352         (WebCore::RenderInline::paintOutlineForLine):
353
354 2016-02-09  Jer Noble  <jer.noble@apple.com>
355
356         [Mac] Adopt NSURLSession properties in AVAssetResourceLoader
357
358         Rubber-stamped by Eric Carlson;
359
360         Set the correct global variable from setAVFoundationNSURLSessionEnabled().
361
362         * page/Settings.cpp:
363         (WebCore::Settings::setAVFoundationNSURLSessionEnabled):
364
365 2016-02-07  Gavin Barraclough  <barraclough@apple.com>
366
367         GetValueFunc/PutValueFunc should not take both slotBase and thisValue
368         https://bugs.webkit.org/show_bug.cgi?id=154009
369
370         Reviewed by Geoff Garen.
371
372         In JavaScript there are two types of properties - regular value properties, and accessor properties.
373         One difference between these is how they are reflected by getOwnPropertyDescriptor, and another is
374         what object they operate on in the case of a prototype access. If you access a value property of a
375         prototype object it return a value pertinent to the prototype, but in the case of a prototype object
376         returning an accessor, then the accessor function is applied to the base object of the access.
377
378         JSC supports special 'custom' properties implemented as a c++ callback, and these custom properties
379         can be used to implement either value- or accessor-like behavior. getOwnPropertyDescriptor behavior
380         is selected via the CustomAccessor attribute. Value- or accessor-like object selection is current
381         supported by passing both the slotBase and the thisValue to the callback,and hoping it uses the
382         right one. This is probably inefficient, bug-prone, and leads to crazy like JSBoundSlotBaseFunction.
383
384         Instead, just pass one thisValue to the callback functions, consistent with CustomAccessor.
385
386         * bindings/js/JSDOMBinding.cpp:
387         (WebCore::printErrorMessageForFrame):
388         (WebCore::objectToStringFunctionGetter):
389         * bindings/js/JSDOMBinding.h:
390         (WebCore::propertyNameToString):
391         (WebCore::getStaticValueSlotEntryWithoutCaching<JSDOMObject>):
392         (WebCore::nonCachingStaticFunctionGetter):
393         * bindings/js/JSDOMWindowCustom.cpp:
394         (WebCore::JSDOMWindow::visitAdditionalChildren):
395         (WebCore::childFrameGetter):
396         (WebCore::namedItemGetter):
397         (WebCore::jsDOMWindowWebKit):
398         (WebCore::jsDOMWindowIndexedDB):
399             - add missing null check, in case indexDB acessor is applied to non-window object.
400         * bindings/js/JSPluginElementFunctions.cpp:
401         (WebCore::pluginScriptObject):
402         (WebCore::pluginElementPropertyGetter):
403         * bindings/js/JSPluginElementFunctions.h:
404         * bindings/scripts/CodeGeneratorJS.pm:
405         (GenerateHeader):
406         (GenerateImplementation):
407         * bridge/runtime_array.cpp:
408         (JSC::RuntimeArray::destroy):
409         (JSC::RuntimeArray::lengthGetter):
410         * bridge/runtime_array.h:
411         * bridge/runtime_method.cpp:
412         (JSC::RuntimeMethod::finishCreation):
413         (JSC::RuntimeMethod::lengthGetter):
414         * bridge/runtime_method.h:
415         * bridge/runtime_object.cpp:
416         (JSC::Bindings::RuntimeObject::invalidate):
417         (JSC::Bindings::RuntimeObject::fallbackObjectGetter):
418         (JSC::Bindings::RuntimeObject::fieldGetter):
419         (JSC::Bindings::RuntimeObject::methodGetter):
420         * bridge/runtime_object.h:
421             - Merged slotBase & thisValue to custom property callbacks.
422
423 2016-02-09  Jer Noble  <jer.noble@apple.com>
424
425         Build-fix; add Nullibility macros around previously un-macro'd class definitions.
426
427         * platform/spi/mac/AVFoundationSPI.h:
428
429 2016-02-04  Jer Noble  <jer.noble@apple.com>
430
431         [Mac] Adopt NSURLSession properties in AVAssetResourceLoader
432         https://bugs.webkit.org/show_bug.cgi?id=153873
433
434         Reviewed by Eric Carlson.
435
436         Adopt a new AVAssetResourceLoader API allowing clients to specify a NSURLSession object to
437         use for media loading, and control the use of this property with a new Setting.
438
439         * page/Settings.cpp:
440         (WebCore::Settings::setAVFoundationNSURLSessionEnabled):
441         * page/Settings.h:
442         (WebCore::Settings::isAVFoundationNSURLSessionEnabled):
443         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
444         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVAssetForURL):
445         * platform/spi/mac/AVFoundationSPI.h:
446
447 2016-02-09  Myles C. Maxfield  <mmaxfield@apple.com>
448
449         Decouple font creation from font loading
450         https://bugs.webkit.org/show_bug.cgi?id=153414
451
452         Reviewed by Darin Adler.
453
454         Previously, CSSFontFaceSource never triggered a font download until that font was actually used. This means
455         that the function which triggers the download also has the goal of returning a font to use. However,
456         the CSS Font Loading JavaScript API requires being able to trigger a font download without this extra font
457         creation overhead.
458
459         In addition, this patch adds an explicit (and enforced) state transition diagram. The diagram looks like
460         this:
461                             => Success
462                           //
463         Pending => Loading
464                           \\
465                             => Failure
466
467         Therefore, the API for CSSFontFaceSource has changed to expose the concept of these new states. This means
468         that its user (CSSSegmentedFontFaceSource) has been updated to handle each possible state that its constituent
469         CSSFontFaceSources may be in.
470
471         No new tests because there is no behavior change.
472
473         * css/CSSFontFace.cpp:
474         (WebCore::CSSFontFace::allSourcesFailed): Renamed to make the name clearer.
475         (WebCore::CSSFontFace::addedToSegmentedFontFace): Use references instead of pointers.
476         (WebCore::CSSFontFace::removedFromSegmentedFontFace): Ditto.
477         (WebCore::CSSFontFace::adoptSource): Renamed to make the name clearer.
478         (WebCore::CSSFontFace::fontLoaded): Use references instead of pointers. Also, remove old dead code.
479         (WebCore::CSSFontFace::font): Adapt to the new API of CSSFontFaceSource.
480         (WebCore::CSSFontFace::isValid): Deleted.
481         (WebCore::CSSFontFace::addSource): Deleted.
482         (WebCore::CSSFontFace::notifyFontLoader): Deleted. Old dead code.
483         (WebCore::CSSFontFace::notifyLoadingDone): Deleted. Old dead code.
484         * css/CSSFontFace.h:
485         (WebCore::CSSFontFace::create): Remove old dead code.
486         (WebCore::CSSFontFace::CSSFontFace): Use references instead of pointers.
487         (WebCore::CSSFontFace::loadState): Deleted. Remove old dead code.
488         * css/CSSFontFaceSource.cpp:
489         (WebCore::CSSFontFaceSource::setStatus): Enforce state transitions.
490         (WebCore::CSSFontFaceSource::CSSFontFaceSource): Explicitly handle new state transitions.
491         (WebCore::CSSFontFaceSource::fontLoaded): Update for new states.
492         (WebCore::CSSFontFaceSource::load): Pulled out code from font().
493         (WebCore::CSSFontFaceSource::font): Moved code into load().
494         (WebCore::CSSFontFaceSource::isValid): Deleted.
495         (WebCore::CSSFontFaceSource::isDecodeError): Deleted.
496         (WebCore::CSSFontFaceSource::ensureFontData): Deleted.
497         * css/CSSFontFaceSource.h: Much cleaner API.
498         * css/CSSFontSelector.cpp:
499         (WebCore::createFontFace): Migrate to references instead of pointers. This requires a little
500         reorganization.
501         (WebCore::registerLocalFontFacesForFamily): Update to new CSSFontFaceSource API.
502         (WebCore::CSSFontSelector::addFontFaceRule): Ditto.
503         (WebCore::CSSFontSelector::getFontFace): Ditto.
504         * css/CSSSegmentedFontFace.cpp:
505         (WebCore::CSSSegmentedFontFace::CSSSegmentedFontFace): Migrate to references instead of pointers.
506         (WebCore::CSSSegmentedFontFace::~CSSSegmentedFontFace): Ditto.
507         (WebCore::CSSSegmentedFontFace::fontLoaded): Remove old dead code.
508         (WebCore::CSSSegmentedFontFace::appendFontFace): Cleanup.
509         (WebCore::CSSSegmentedFontFace::fontRanges): Adopt to new API.
510         (WebCore::CSSSegmentedFontFace::pruneTable): Deleted.
511         (WebCore::CSSSegmentedFontFace::isLoading): Deleted. Old dead code.
512         (WebCore::CSSSegmentedFontFace::checkFont): Deleted. Ditto.
513         (WebCore::CSSSegmentedFontFace::loadFont): Deleted. Ditto.
514         * css/CSSSegmentedFontFace.h:
515         (WebCore::CSSSegmentedFontFace::create): Migrate to references instead of pointers.
516         (WebCore::CSSSegmentedFontFace::fontSelector): Ditto.
517         (WebCore::CSSSegmentedFontFace::LoadFontCallback::~LoadFontCallback): Deleted.
518         * loader/cache/CachedFont.cpp:
519         (WebCore::CachedFont::didAddClient): Migrate to references instead of pointers.
520         (WebCore::CachedFont::checkNotify): Ditto.
521         * loader/cache/CachedFontClient.h:
522         (WebCore::CachedFontClient::fontLoaded): Ditto.
523
524 2016-02-09  Brady Eidson  <beidson@apple.com>
525
526         Modern IDB: IDBOpenDBRequests leak.
527         https://bugs.webkit.org/show_bug.cgi?id=154032
528
529         Reviewed by Alex Christensen.
530
531         No new tests (Currently untestable).
532
533         * CMakeLists.txt:
534         * WebCore.xcodeproj/project.pbxproj:
535
536         Add a simple Event subclass that holds a ref to an IDBRequest, to make sure that we
537         drop the last ref to the request after its last event fires or is otherwise destroyed:
538         * Modules/indexeddb/IDBRequestCompletionEvent.cpp: Added.
539         (WebCore::IDBRequestCompletionEvent::IDBRequestCompletionEvent):
540         * Modules/indexeddb/IDBRequestCompletionEvent.h: Added.
541         (WebCore::IDBRequestCompletionEvent::create):
542
543         * Modules/indexeddb/client/IDBOpenDBRequestImpl.cpp:
544         (WebCore::IDBClient::IDBOpenDBRequest::onError): IDBRequestCompletionEvent instead of Event.
545         (WebCore::IDBClient::IDBOpenDBRequest::fireSuccessAfterVersionChangeCommit): Ditto.
546         (WebCore::IDBClient::IDBOpenDBRequest::fireErrorAfterVersionChangeCompletion): Ditto.
547         (WebCore::IDBClient::IDBOpenDBRequest::onSuccess): Ditto.
548
549         * Modules/indexeddb/client/IDBTransactionImpl.cpp:
550         (WebCore::IDBClient::IDBTransaction::dispatchEvent): After setting up the request's 
551           completion event to fire, clear the back-ref to the request.
552
553 2016-02-09  Commit Queue  <commit-queue@webkit.org>
554
555         Unreviewed, rolling out r196286.
556         https://bugs.webkit.org/show_bug.cgi?id=154026
557
558         Looks like 5% iOS PLT regression (Requested by kling on
559         #webkit).
560
561         Reverted changeset:
562
563         "[iOS] Throw away some unlinked code when navigating to a new
564         page."
565         https://bugs.webkit.org/show_bug.cgi?id=154014
566         http://trac.webkit.org/changeset/196286
567
568 2016-02-08  Chris Dumez  <cdumez@apple.com>
569
570         Attribute getters should not require an explicit 'this' value for Window properties
571         https://bugs.webkit.org/show_bug.cgi?id=153968
572
573         Reviewed by Darin Adler.
574
575         Attribute getters should not require an explicit 'this' value for
576         Window properties. This is because the Window interface is marked
577         as [ImplicitThis]:
578         - http://heycam.github.io/webidl/#ImplicitThis
579         - https://www.w3.org/Bugs/Public/show_bug.cgi?id=29421
580
581         This matches the behavior of Firefox and the expectations of the W3C
582         web-platform-tests.
583
584         No new tests, already covered by existing tests.
585
586         * bindings/scripts/CodeGeneratorJS.pm:
587         In attribute getters of an interface marked as [ImplicitThis],
588         if 'thisValue' is undefined or null, fall back to using the
589         global object as 'thisValue'.
590
591         * bindings/scripts/IDLAttributes.txt:
592         Add support for [ImplicitThis]:
593         http://heycam.github.io/webidl/#ImplicitThis
594
595         * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
596         * bindings/scripts/test/JS/JSTestException.cpp:
597         * bindings/scripts/test/JS/JSTestInterface.cpp:
598         * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
599         * bindings/scripts/test/JS/JSTestNode.cpp:
600         * bindings/scripts/test/JS/JSTestNondeterministic.cpp:
601         * bindings/scripts/test/JS/JSTestObj.cpp:
602         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
603         * bindings/scripts/test/JS/JSTestTypedefs.cpp:
604         * bindings/scripts/test/JS/JSattribute.cpp:
605         Rebaseline bindings tests.
606
607         * page/DOMWindow.idl:
608         Mark Window as [ImplicitThis]:
609         http://heycam.github.io/webidl/#ImplicitThis
610
611 2016-02-08  Nan Wang  <n_wang@apple.com>
612
613         AX: crash at WebCore::Range::selectNodeContents(WebCore::Node*, int&)
614         https://bugs.webkit.org/show_bug.cgi?id=154018
615
616         Reviewed by Chris Fleizach.
617
618         Sometimes rangeForUnorderedCharacterOffsets call is accessing derefed node objects
619         and leading to a crash. Fixed it by checking isNodeInUse before creating the CharacterOffset
620         object.
621
622         Test: accessibility/text-marker/text-marker-range-stale-node-crash.html
623
624         * accessibility/AXObjectCache.cpp:
625         (WebCore::AXObjectCache::visiblePositionForTextMarkerData):
626         (WebCore::AXObjectCache::characterOffsetForTextMarkerData):
627         (WebCore::AXObjectCache::traverseToOffsetInRange):
628         * accessibility/AXObjectCache.h:
629         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
630         (-[WebAccessibilityObjectWrapper rangeForTextMarkerRange:]):
631         (characterOffsetForTextMarker):
632         (-[WebAccessibilityObjectWrapper characterOffsetForTextMarker:]):
633         (textMarkerForVisiblePosition):
634
635 2016-02-08  Andreas Kling  <akling@apple.com>
636
637         [iOS] Throw away some unlinked code when navigating to a new page.
638         <https://webkit.org/b/154014>
639
640         Reviewed by Gavin Barraclough.
641
642         Extended the mechanism introduced earlier to also throw away unlinked code
643         that's only relevant to the page that we're navigating away from.
644
645         The new JSC::VM API is deleteAllCodeExceptCaches() and it does what it sounds
646         like, deleting unlinked and linked code but leaving code caches alone.
647
648         This means that if the page we're navigating to wants to parse some of the
649         same JS that the page we're leaving had on it, it might still be found in the
650         JSC::CodeCache.
651
652         Doing a back navigation to a PageCache'd page may now incur some reparsing,
653         just like leaving the app or tab would.
654
655         * bindings/js/GCController.cpp:
656         (WebCore::GCController::deleteAllCodeExceptCaches):
657         (WebCore::GCController::deleteAllLinkedCode): Deleted.
658         * bindings/js/GCController.h:
659         * loader/FrameLoader.cpp:
660         (WebCore::FrameLoader::commitProvisionalLoad):
661
662 2016-02-08  Daniel Bates  <dabates@apple.com>
663
664         CSP connect-src directive should block redirects
665         https://bugs.webkit.org/show_bug.cgi?id=69359
666         <rdar://problem/24383025>
667
668         Reviewed by Brent Fulgham.
669
670         Inspired by Blink patch:
671         <https://src.chromium.org/viewvc/blink?revision=150246&view=revision>
672
673         Apply the connect-src directive of the Content Security Policy for the document or worker to the redirect URL
674         of an XMLHttpRequest and EventSource load so as to conform to section Paths and Redirects of the CSP 2.0 spec.,
675         <https://w3c.github.io/webappsec-csp/2/#source-list-paths-and-redirects> (29 August 2015).
676
677         Additionally, check that each requested script URL passed to WorkerGlobalScope.importScripts() is allowed by
678         the CSP of the worker before initiating a load for it. If some URL i is blocked by the CSP policy
679         then we do not try to load URLs j >= i.
680
681         Tests: http/tests/security/contentSecurityPolicy/worker-blob-inherits-csp-importScripts-block-aborts-all-subsequent-imports.html
682                http/tests/security/contentSecurityPolicy/worker-blob-inherits-csp-importScripts-redirect-cross-origin-blocked.html
683                http/tests/security/contentSecurityPolicy/worker-csp-blocks-xhr-redirect-cross-origin.html
684                http/tests/security/contentSecurityPolicy/worker-csp-importScripts-redirect-cross-origin-allowed.html
685                http/tests/security/contentSecurityPolicy/worker-csp-importScripts-redirect-cross-origin-blocked.html
686                http/tests/security/contentSecurityPolicy/worker-without-csp-importScripts-redirect-cross-origin-allowed.html
687                http/tests/security/isolatedWorld/bypass-main-world-csp-for-xhr-redirect.html
688                http/tests/security/isolatedWorld/bypass-main-world-csp-worker-blob-importScript-redirect-cross-origin.html
689                http/tests/security/isolatedWorld/bypass-main-world-csp-worker-importScripts-redirect-cross-origin.html
690                http/tests/security/isolatedWorld/bypass-worker-csp-for-xhr-redirect-cross-origin.html
691                http/tests/security/isolatedWorld/bypass-worker-csp-for-xhr.html
692
693         * fileapi/FileReaderLoader.cpp:
694         (WebCore::FileReaderLoader::start): Do not enforce a CSP directive as CSP is not applicable to File API.
695         * inspector/InspectorNetworkAgent.cpp:
696         (WebCore::InspectorNetworkAgent::loadResource): Do not enforce a CSP directive as CSP should not interfere
697         with the Web Inspector.
698         * loader/DocumentThreadableLoader.cpp:
699         (WebCore::DocumentThreadableLoader::loadResourceSynchronously): Modified to take an optional ContentSecurityPolicy
700         and pass it through to DocumentThreadableLoader::create().
701         (WebCore::DocumentThreadableLoader::create): Modified to take an optional ContentSecurityPolicy and pass it through
702         to DocumentThreadableLoader::DocumentThreadableLoader().
703         (WebCore::DocumentThreadableLoader::DocumentThreadableLoader): Modified to take an optional ContentSecurityPolicy.
704         Asserts that the CSP allows the load of the request URL so as to catch when a caller creates a loader for a request
705         that is not allowed by the CSP. The caller should not create a loader for such a request.
706         (WebCore::DocumentThreadableLoader::redirectReceived): Check if the CSP allows the redirect URL. If it does not
707         then notify the client that the redirect check failed.
708         (WebCore::DocumentThreadableLoader::loadRequest): Ditto.
709         (WebCore::DocumentThreadableLoader::isAllowedByContentSecurityPolicy): Checks that the specified URL is allowed
710         by the enforced CSP directive.
711         (WebCore::DocumentThreadableLoader::contentSecurityPolicy): Returns the ContentSecurityPolicy object passed to
712         DocumentThreadableLoader on instantiation or the ContentSecurityPolicy object of the associated document.
713         * loader/DocumentThreadableLoader.h: Add overloaded variants of DocumentThreadableLoader::{create, loadResourceSynchronously}()
714         that take a std::unique_ptr<ContentSecurityPolicy>&&. Remove some unnecessary headers.
715         * loader/ThreadableLoader.cpp:
716         (WebCore::ThreadableLoaderOptions::ThreadableLoaderOptions): Take the CSP directive to enforce and store it.
717         (WebCore::ThreadableLoaderOptions::isolatedCopy): Copy the CSP directive to enforce.
718         * loader/ThreadableLoader.h: Added member field to store the CSP directive to enforce (defaults to enforce the
719         directive connect-src - the most appropriate directive in most circumstances). As of the time of writing,
720         only WorkerGlobalScope.importScripts() enforces a different directive: script-src.
721         * loader/WorkerThreadableLoader.cpp:
722         (WebCore::WorkerThreadableLoader::WorkerThreadableLoader): Pass the SecurityOrigin and ContentSecurityPolicy associated
723         with the WorkerGlobalScope to WorkerThreadableLoader::MainThreadBridge::MainThreadBridge().
724         (WebCore::WorkerThreadableLoader::MainThreadBridge::MainThreadBridge): Pass a copy of the worker's ContentSecurityPolicy
725         to the DocumentThreadableLoader.
726         * loader/WorkerThreadableLoader.h:
727         * page/EventSource.cpp:
728         (WebCore::EventSource::connect): Enforce the CSP directive connect-src on redirects unless we are running in an isolated world.
729         * workers/AbstractWorker.cpp:
730         (WebCore::AbstractWorker::resolveURL): Modified to take a boolean whether to bypass the main world Content Security Policy
731         instead of querying for it directly.
732         * workers/AbstractWorker.h:
733         * workers/Worker.cpp:
734         (WebCore::Worker::create): Added FIXME to enforce child-src directive of the document's CSP to the worker's script URL
735         on redirect once we fix <https://bugs.webkit.org/show_bug.cgi?id=153562>. For now, do not enforce a CSP policy on redirect
736         of the worker's script URL.
737         * workers/WorkerGlobalScope.cpp:
738         (WebCore::WorkerGlobalScope::importScripts): Check that the requested URL is allowed by the CSP of the worker (if applicable).
739         Enforce the CSP directive script-src on redirects unless we are running in an isolated world.
740         * workers/WorkerScriptLoader.cpp:
741         (WebCore::WorkerScriptLoader::loadSynchronously): Pass SecurityOrigin and ContentSecurityPolicyEnforcement to WorkerThreadableLoader.
742         (WebCore::WorkerScriptLoader::loadAsynchronously): Ditto.
743         * workers/WorkerScriptLoader.h:
744         * xml/XMLHttpRequest.cpp:
745         (WebCore::XMLHttpRequest::createRequest): Enforce the CSP directive connect-src on redirects unless we are running in
746         an isolated world.
747
748 2016-02-08  Antti Koivisto  <antti@apple.com>
749
750         Try to fix Yosemite build.
751
752         * dom/ComposedTreeIterator.h:
753         (WebCore::ComposedTreeIterator::ComposedTreeIterator):
754         (WebCore::ComposedTreeIterator::traverseNext):
755
756 2016-02-08  Antti Koivisto  <antti@apple.com>
757
758         Implement ComposedTreeIterator in terms of ElementAndTextDescendantIterator
759         https://bugs.webkit.org/show_bug.cgi?id=154003
760
761         Reviewed by Darin Adler.
762
763         Currently ComposedTreeIterator implements tree traversal using NodeTraversal. This makes it overly complicated.
764         It can also return nodes other than Element and Text which should not be part of the composed tree.
765
766         This patch adds a new iterator type, ElementAndTextDescendantIterator, similar to the existing ElementDescendantIterator.
767         ComposedTreeIterator is then implemented using this new iterator.
768
769         When entering a shadow tree or a slot the local iterator is pushed along with the context stack and a new local
770         iterator is initialized for the new context. When leaving a shadow tree the context stack is popped and the previous
771         local iterator becomes active.
772
773         * WebCore.xcodeproj/project.pbxproj:
774         * dom/ComposedTreeIterator.cpp:
775         (WebCore::ComposedTreeIterator::ComposedTreeIterator):
776         (WebCore::ComposedTreeIterator::initializeContextStack):
777         (WebCore::ComposedTreeIterator::pushContext):
778         (WebCore::ComposedTreeIterator::traverseNextInShadowTree):
779         (WebCore::ComposedTreeIterator::traverseNextLeavingContext):
780         (WebCore::ComposedTreeIterator::advanceInSlot):
781         (WebCore::ComposedTreeIterator::traverseSiblingInSlot):
782         (WebCore::ComposedTreeIterator::initializeShadowStack): Deleted.
783         (WebCore::ComposedTreeIterator::traverseParentInShadowTree): Deleted.
784         (WebCore::ComposedTreeIterator::traverseNextSiblingSlot): Deleted.
785         (WebCore::ComposedTreeIterator::traversePreviousSiblingSlot): Deleted.
786         * dom/ComposedTreeIterator.h:
787         (WebCore::ComposedTreeIterator::operator*):
788         (WebCore::ComposedTreeIterator::operator->):
789         (WebCore::ComposedTreeIterator::operator==):
790         (WebCore::ComposedTreeIterator::operator!=):
791         (WebCore::ComposedTreeIterator::operator++):
792         (WebCore::ComposedTreeIterator::Context::Context):
793         (WebCore::ComposedTreeIterator::context):
794         (WebCore::ComposedTreeIterator::current):
795         (WebCore::ComposedTreeIterator::ComposedTreeIterator):
796         (WebCore::ComposedTreeIterator::traverseNext):
797         (WebCore::ComposedTreeIterator::traverseNextSkippingChildren):
798         (WebCore::ComposedTreeIterator::traverseNextSibling):
799         (WebCore::ComposedTreeIterator::traversePreviousSibling):
800         (WebCore::ComposedTreeDescendantAdapter::ComposedTreeDescendantAdapter):
801         (WebCore::ComposedTreeDescendantAdapter::begin):
802         (WebCore::ComposedTreeDescendantAdapter::end):
803         (WebCore::ComposedTreeDescendantAdapter::at):
804         (WebCore::ComposedTreeChildAdapter::Iterator::Iterator):
805         (WebCore::ComposedTreeChildAdapter::ComposedTreeChildAdapter):
806         (WebCore::ComposedTreeChildAdapter::begin):
807         (WebCore::ComposedTreeChildAdapter::end):
808         (WebCore::ComposedTreeChildAdapter::at):
809         (WebCore::ComposedTreeIterator::ShadowContext::ShadowContext): Deleted.
810         (WebCore::ComposedTreeIterator::traverseParent): Deleted.
811         * dom/ElementAndTextDescendantIterator.h: Added.
812
813             New iterator type that traverses Element and Text nodes (that is renderable nodes only).
814             It also tracks depth for future use.
815
816 2016-02-08  Joseph Pecoraro  <pecoraro@apple.com>
817
818         Web Inspector: copy({x:1}) should copy "{x:1}", not "[object Object]"
819         https://bugs.webkit.org/show_bug.cgi?id=148605
820
821         Reviewed by Brian Burg.
822
823         Test: inspector/console/command-line-api-copy.html
824
825         * inspector/CommandLineAPIModuleSource.js:
826         (CommandLineAPIImpl.prototype.copy):
827         Support copying different types. This is meant to be more
828         convenient then just JSON.stringify, so it handles types
829         like Node, Symbol, RegExp, and Function a bit better.
830
831 2016-02-08  Said Abou-Hallawa  <sabouhallawa@apple.com>
832
833         REGRESSION(r181345): SVG polyline and polygon leak page
834         https://bugs.webkit.org/show_bug.cgi?id=152759
835
836         Reviewed by Darin Adler.
837
838         The leak happens because of cyclic reference between SVGListPropertyTearOff 
839         and SVGAnimatedListPropertyTearOff which is derived from SVGAnimatedProperty.
840         There is also cyclic reference between SVGAnimatedProperty and SVGElement
841         and this causes the whole document to be leaked. So if the JS requests, for
842         example, an instance of SVGPolylineElement.points, the whole document will be
843         leaked.
844
845         The fix depends on having the cyclic reference as is since the owning and the
846         owned classes have to live together if any of them is referenced. But the owning
847         class caches a raw 'ref-counted' pointer of the owned class. If it is requested
848         for an instance of the owned class it returned a RefPtr<> of it. Once the owned
849         class is not used, it can delete itself. The only thing needed here is to notify
850         the owner class of the deletion so it cleans its caches and be able to create a
851         new pointer if it is requested for an instance of the owned class later.
852
853         Revert the change of r181345 in SVGAnimatedProperty::lookupOrCreateWrapper()
854         to break the cyclic reference between SVGElement and SVGAnimatedProperty.
855         
856         Also apply the same approach in SVGAnimatedListPropertyTearOff::baseVal() and
857         animVal() to break cyclic reference between SVGListPropertyTearOff and
858         SVGAnimatedListPropertyTearOff.
859
860         Test: svg/animations/smil-leak-list-property-instances.svg
861
862         * bindings/scripts/CodeGeneratorJS.pm:
863         (NativeToJSValue): The SVG non-string list tear-off properties became of
864         type RefPtr<>. So we need to use get() with the casting expressions.
865         
866         * svg/SVGMarkerElement.cpp:
867         (WebCore::SVGMarkerElement::orientType):
868         Use 'auto' type for the return of SVGAnimatedProperty::lookupWrapper().
869
870         * svg/SVGPathElement.cpp:
871         (WebCore::SVGPathElement::pathByteStream):
872         (WebCore::SVGPathElement::lookupOrCreateDWrapper):
873         Since SVGAnimatedProperty::lookupWrappe() returns a RefPtr<> we need to 
874         use get() for the casting expressions.
875         
876         (WebCore::SVGPathElement::pathSegList):
877         (WebCore::SVGPathElement::normalizedPathSegList):
878         (WebCore::SVGPathElement::animatedPathSegList):
879         (WebCore::SVGPathElement::animatedNormalizedPathSegList):
880         * svg/SVGPathElement.h:
881         Change the return value from raw pointer to RefPtr<>.
882
883         * svg/SVGPathSegWithContext.h:
884         (WebCore::SVGPathSegWithContext::animatedProperty):
885         Change the return type to be RefPtr<> to preserve the value from being deleted.
886         
887         * svg/SVGPolyElement.cpp:
888         (WebCore::SVGPolyElement::parseAttribute):
889         Since SVGAnimatedProperty::lookupWrapper() returns a RefPtr<> we need to 
890         use get() for the casting expressions.
891         
892         (WebCore::SVGPolyElement::points):
893         (WebCore::SVGPolyElement::animatedPoints):
894         * svg/SVGPolyElement.h:
895         Change the return value from raw pointer to RefPtr<>.
896         
897         * svg/SVGViewSpec.cpp:
898         (WebCore::SVGViewSpec::setTransformString):
899         Since SVGAnimatedProperty::lookupWrapper() returns a RefPtr<> we need to 
900         use get() for the casting expressions.
901
902         (WebCore::SVGViewSpec::transform):
903         * svg/SVGViewSpec.h:
904         Change the return value from raw pointer to RefPtr<>.
905         
906         * svg/properties/SVGAnimatedListPropertyTearOff.h:
907         (WebCore::SVGAnimatedListPropertyTearOff::baseVal):
908         (WebCore::SVGAnimatedListPropertyTearOff::animVal):
909         Change the return value from raw pointer to RefPtr<> and change the cached
910         value from RefPtr<> to raw pointer. If the property is null, it will be
911         created, its raw pointer will be cached and the only ref-counted RefPtr<>
912         will be returned. This will guarantee, the RefPtr<> will be deleted once
913         it is not used anymore. 
914         
915         (WebCore::SVGAnimatedListPropertyTearOff::propertyWillBeDeleted):
916         Clean the raw pointer caches m_baseVal and m_animVal upon deleting the
917         actual pointer. This function will be called from the destructor of
918         SVGListPropertyTearOff.
919         
920         (WebCore::SVGAnimatedListPropertyTearOff::findItem):
921         (WebCore::SVGAnimatedListPropertyTearOff::removeItemFromList):
922         We have to ensure the baseVal() is created before using it.
923         
924         (WebCore::SVGAnimatedListPropertyTearOff::detachListWrappers):
925         (WebCore::SVGAnimatedListPropertyTearOff::currentAnimatedValue):
926         (WebCore::SVGAnimatedListPropertyTearOff::animationStarted):
927         (WebCore::SVGAnimatedListPropertyTearOff::animationEnded):
928         (WebCore::SVGAnimatedListPropertyTearOff::synchronizeWrappersIfNeeded):
929         (WebCore::SVGAnimatedListPropertyTearOff::animValWillChange):
930         (WebCore::SVGAnimatedListPropertyTearOff::animValDidChange):
931         For animation, a separate RefPtr<> 'm_animatingAnimVal' will be assigned
932         to the animVal(). This will prevent deleting m_animVal while animation.
933         
934         * svg/properties/SVGAnimatedPathSegListPropertyTearOff.h:
935         (WebCore::SVGAnimatedPathSegListPropertyTearOff::baseVal):
936         (WebCore::SVGAnimatedPathSegListPropertyTearOff::animVal):
937         Same as what is done in SVGAnimatedListPropertyTearOff.
938         
939         (WebCore::SVGAnimatedPathSegListPropertyTearOff::findItem):
940         (WebCore::SVGAnimatedPathSegListPropertyTearOff::removeItemFromList):
941         Same as what is done in SVGAnimatedListPropertyTearOff.
942         
943         * svg/properties/SVGAnimatedProperty.h:
944         (WebCore::SVGAnimatedProperty::lookupOrCreateWrapper):
945         Change the return value from raw reference to Ref<> and change the
946         cached value from Ref<> to raw pointer. This reverts the change of
947         r181345 in this function.
948         
949         (WebCore::SVGAnimatedProperty::lookupWrapper):
950         Change the return value from raw pointer to RefPtr<>.
951         
952         * svg/properties/SVGAnimatedPropertyMacros.h:
953         Use 'auto' type for the return of SVGAnimatedProperty::lookupWrapper().
954         
955         * svg/properties/SVGAnimatedTransformListPropertyTearOff.h:
956         (WebCore::SVGAnimatedTransformListPropertyTearOff::baseVal):
957         (WebCore::SVGAnimatedTransformListPropertyTearOff::animVal):
958         Same as what is done in SVGAnimatedListPropertyTearOff.
959
960         * svg/properties/SVGListPropertyTearOff.h:
961         (WebCore::SVGListPropertyTearOff::~SVGListPropertyTearOff):
962         Call the SVGAnimatedListPropertyTearOff::propertyWillBeDeleted() to clean
963         its raw pointers when the RefPtr<> deletes itself.
964
965 2016-02-08  Carlos Garcia Campos  <cgarcia@igalia.com>
966
967         [GTK] WebKitWebView should send crossing events to the WebProcess
968         https://bugs.webkit.org/show_bug.cgi?id=153740
969
970         Reviewed by Michael Catanzaro.
971
972         Update the target element under the mouse also when only updating
973         scrollbars, so that if the mouse enters the page when the window
974         is not active, the scroll animator is notified that the mouse
975         entered the scrollable area.
976
977         * page/EventHandler.cpp:
978         (WebCore::EventHandler::handleMouseMoveEvent): Call
979         updateMouseEventTargetNode() before early returning in case of
980         only updating scrollbars.
981
982 2016-02-08  Jeremy Jones  <jeremyj@apple.com>
983
984         PiP and external playback are mutually exclusive.
985         https://bugs.webkit.org/show_bug.cgi?id=153988
986         rdar://problem/24108661
987
988         Reviewed by Eric Carlson.
989
990         Adding isPlayingOnSecondScreen to isPlayingOnExternalScreen allows AVKit to disable PiP
991         when appropriate. Testing video fullscreen mode in updateDisableExternalPlayback allows us to 
992         turn-off external playback when entering picture-in-picture.
993
994         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
995         (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenMode):
996         (WebCore::MediaPlayerPrivateAVFoundationObjC::updateDisableExternalPlayback):
997         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
998         (-[WebAVPlayerController isPlayingOnExternalScreen]):
999         (+[WebAVPlayerController keyPathsForValuesAffectingPlayingOnExternalScreen]):
1000
1001 2016-02-08  Commit Queue  <commit-queue@webkit.org>
1002
1003         Unreviewed, rolling out r196253.
1004         https://bugs.webkit.org/show_bug.cgi?id=153990
1005
1006         Caused several crashes in GTK+ bots (Requested by KaL on
1007         #webkit).
1008
1009         Reverted changeset:
1010
1011         "[GTK] WebKitWebView should send crossing events to the
1012         WebProcess"
1013         https://bugs.webkit.org/show_bug.cgi?id=153740
1014         http://trac.webkit.org/changeset/196253
1015
1016 2016-02-08  Jeremy Jones  <jeremyj@apple.com>
1017
1018         WebAVPlayerController should implement currentTimeWithinEndTimes.
1019         https://bugs.webkit.org/show_bug.cgi?id=153983
1020         rdar://problem/22864621
1021
1022         Reviewed by Eric Carlson.
1023
1024         Implement currentTimeWithinEndTimes in terms of seekToTime and AVTiming. This is a trivial
1025         implementation becuase AVPlayer start and end times aren't used.
1026
1027         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
1028         (-[WebAVPlayerController currentTimeWithinEndTimes]):
1029         (-[WebAVPlayerController setCurrentTimeWithinEndTimes:]):
1030         (+[WebAVPlayerController keyPathsForValuesAffectingCurrentTimeWithinEndTimes]):
1031
1032 2016-02-08  Carlos Garcia Campos  <cgarcia@igalia.com>
1033
1034         [GTK] WebKitWebView should send crossing events to the WebProcess
1035         https://bugs.webkit.org/show_bug.cgi?id=153740
1036
1037         Reviewed by Michael Catanzaro.
1038
1039         Update the target element under the mouse also when only updating
1040         scrollbars, so that if the mouse enters the page when the window
1041         is not active, the scroll animator is notified that the mouse
1042         entered the scrollable area.
1043
1044         * page/EventHandler.cpp:
1045         (WebCore::EventHandler::handleMouseMoveEvent): Call
1046         updateMouseEventTargetNode() before early returning in case of
1047         only updating scrollbars.
1048
1049 2016-02-08  Jeremy Jones  <jeremyj@apple.com>
1050
1051         WebVideoFullscreenInterface should handle video resizing.
1052         https://bugs.webkit.org/show_bug.cgi?id=153982
1053         rdar://problem/22031249
1054
1055         Reviewed by Eric Carlson.
1056
1057         Video fullscreen can be initiated before video dimension are available.
1058         Protect against an initial width or height of zero and observe resize events 
1059         to update once video dimensions become available or change.
1060
1061         * platform/cocoa/WebVideoFullscreenModelVideoElement.mm:
1062         (WebVideoFullscreenModelVideoElement::updateForEventName):
1063         (WebVideoFullscreenModelVideoElement::observedEventNames):
1064         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
1065         (-[WebAVPlayerLayer layoutSublayers]):
1066         (-[WebAVPlayerLayer videoRect]):
1067         (WebVideoFullscreenInterfaceAVKit::setVideoDimensions):
1068
1069 2016-02-08  Adrien Plazas  <aplazas@igalia.com>
1070
1071         Indent inline box test fails due to assertion in VisibleSelection::selectionFromContentsOfNode()
1072         https://bugs.webkit.org/show_bug.cgi?id=153824
1073
1074         Reviewed by Michael Catanzaro.
1075
1076         * editing/markup.cpp:
1077         (WebCore::highestAncestorToWrapMarkup):
1078
1079 2016-02-07  Sam Weinig  <sam@webkit.org>
1080
1081         Remove unused enum ScrollbarOverlayState.
1082
1083         Rubber-stamped by Dan Bernstein.
1084
1085         * platform/ScrollTypes.h:
1086
1087 2016-02-07  Sam Weinig  <sam@webkit.org>
1088
1089         Remove unnecessary respondsToSelector checks for methods that exist on all supported platforms
1090         https://bugs.webkit.org/show_bug.cgi?id=153970
1091
1092         Reviewed by Dan Bernstein.
1093
1094         -[NSScrollerImp mouseEnteredScroller], -[NSScrollerImp expansionTransitionProgress],
1095         -[NSScrollerImpPair contentAreaScrolledInDirection:], and -[NSScrollerImp setExpanded:]
1096         are now available on all supported OS's. No need to check for them.
1097
1098         * platform/mac/ScrollAnimatorMac.mm:
1099         (macScrollbarTheme):
1100         (-[WebScrollbarPainterDelegate scrollerImp:animateUIStateTransitionWithDuration:]):
1101         (-[WebScrollbarPainterDelegate scrollerImp:animateExpansionTransitionWithDuration:]):
1102         (WebCore::ScrollAnimatorMac::mouseEnteredScrollbar):
1103         (WebCore::ScrollAnimatorMac::mouseExitedScrollbar):
1104         (WebCore::ScrollAnimatorMac::sendContentAreaScrolled):
1105         (WebCore::ScrollAnimatorMac::sendContentAreaScrolledTimerFired):
1106         (supportsUIStateTransitionProgress): Deleted.
1107         (supportsExpansionTransitionProgress): Deleted.
1108         (supportsContentAreaScrolledInDirection): Deleted.
1109         * platform/mac/ScrollbarThemeMac.mm:
1110         (+[WebScrollbarPrefsObserver appearancePrefsChanged:]):
1111         (+[WebScrollbarPrefsObserver behaviorPrefsChanged:]):
1112         (WebCore::ScrollbarThemeMac::scrollbarThickness):
1113
1114 2016-02-07  Sam Weinig  <sam@webkit.org>
1115
1116         Use modern SPI header idiom for NSScrollerImp and NSScrollerImpPair
1117         https://bugs.webkit.org/show_bug.cgi?id=153969
1118
1119         Reviewed by Dan Bernstein.
1120
1121         * WebCore.xcodeproj/project.pbxproj:
1122         Add new file NSScrollerImpSPI.h
1123
1124         * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
1125         Use new include of NSScrollerImpSPI.h.
1126
1127         * platform/ScrollbarThemeComposite.h:
1128         Define ScrollbarPainter more precisely as NSScrollerImp * now that the type is available to us.
1129
1130         * platform/mac/NSScrollerImpDetails.h:
1131         Remove NSObject category based SPI usage with the modern one NSScrollerImpSPI.h
1132
1133         * platform/mac/NSScrollerImpDetails.mm:
1134         (WebCore::recommendedScrollerStyle):
1135         Simplify recommendedScrollerStyle() now that all OS's we ship on have +[NSScroller preferredScrollerStyle].
1136
1137         * platform/mac/ScrollAnimatorMac.mm:
1138         (supportsUIStateTransitionProgress):
1139         (supportsExpansionTransitionProgress):
1140         (supportsContentAreaScrolledInDirection):
1141         Stop using NSClassFromString now that we can reference the classes explicitly.
1142
1143         (-[WebScrollbarPainterControllerDelegate invalidate]):
1144         (-[WebScrollbarPainterControllerDelegate contentAreaRectForScrollerImpPair:]):
1145         (-[WebScrollbarPainterControllerDelegate inLiveResizeForScrollerImpPair:]):
1146         (-[WebScrollbarPainterControllerDelegate mouseLocationInContentAreaForScrollerImpPair:]):
1147         (-[WebScrollbarPainterControllerDelegate scrollerImpPair:convertContentPoint:toScrollerImp:]):
1148         (-[WebScrollbarPainterControllerDelegate scrollerImpPair:setContentAreaNeedsDisplayInRect:]):
1149         (-[WebScrollbarPainterControllerDelegate scrollerImpPair:updateScrollerStyleForNewRecommendedScrollerStyle:]):
1150         (-[WebScrollbarPainterDelegate layer]):
1151         (-[WebScrollbarPainterDelegate mouseLocationInScrollerForScrollerImp:]):
1152         (-[WebScrollbarPainterDelegate convertRectToLayer:]):
1153         (-[WebScrollbarPainterDelegate shouldUseLayerPerPartForScrollerImp:]):
1154         (-[WebScrollbarPainterDelegate setUpAlphaAnimation:scrollerPainter:part:animateAlphaTo:duration:]):
1155         (-[WebScrollbarPainterDelegate scrollerImp:animateKnobAlphaTo:duration:]):
1156         (-[WebScrollbarPainterDelegate scrollerImp:animateTrackAlphaTo:duration:]):
1157         (-[WebScrollbarPainterDelegate scrollerImp:animateUIStateTransitionWithDuration:]):
1158         (-[WebScrollbarPainterDelegate scrollerImp:animateExpansionTransitionWithDuration:]):
1159         (-[WebScrollbarPainterDelegate scrollerImp:overlayScrollerStateChangedTo:]):
1160         (WebCore::ScrollAnimatorMac::ScrollAnimatorMac):
1161         (WebCore::ScrollAnimatorMac::lockOverlayScrollbarStateToHidden):
1162         (WebCore::ScrollAnimatorMac::didAddVerticalScrollbar):
1163         (WebCore::ScrollAnimatorMac::didAddHorizontalScrollbar):
1164         (WebCore::ScrollAnimatorMac::updateScrollerStyle):
1165         Add proper conforming to protocols and replace ids with proper types.
1166
1167         * platform/mac/ScrollbarThemeMac.mm:
1168         (WebCore::supportsExpandedScrollbars):
1169         (WebCore::ScrollbarThemeMac::registerScrollbar):
1170         (WebCore::ScrollbarThemeMac::scrollbarThickness):
1171         (WebCore::ScrollbarThemeMac::setUpContentShadowLayer):
1172         Stop using NSClassFromString now that we can reference the classes explicitly.
1173
1174         * platform/spi/mac/NSScrollerImpSPI.h: Added.
1175
1176 2016-02-07  Zalan Bujtas  <zalan@apple.com>
1177
1178         Outline does not clip when ancestor has overflow: hidden and requires layer.
1179         https://bugs.webkit.org/show_bug.cgi?id=153901
1180
1181         Now that outline is part of visual overflow, we no longer need the special outline cliprect.
1182         PaintPhaseChildOutlines drawing will switch to foreground cliprect. It ensures proper overflow clipping
1183         at parent level. PaintPhaseSelfOutline drawing will start using the visual overflow inflated background cliprect.
1184         With this change, outline will be using the same cliprects as the other visual overflow properties (box-shadow etc). 
1185
1186         Reviewed by David Hyatt.
1187
1188         Test: fast/repaint/outline-with-overflow-hidden-ancestor.html
1189
1190         * rendering/LayerFragment.h:
1191         (WebCore::LayerFragment::setRects):
1192         (WebCore::LayerFragment::moveBy): Deleted.
1193         (WebCore::LayerFragment::intersect): Deleted.
1194         * rendering/RenderLayer.cpp:
1195         (WebCore::RenderLayer::collectFragments):
1196         (WebCore::RenderLayer::paintOutlineForFragments):
1197         (WebCore::RenderLayer::calculateClipRects):
1198         (WebCore::RenderLayer::paintForegroundForFragments): Deleted.
1199         * rendering/RenderLayer.h:
1200         * rendering/RenderTreeAsText.cpp:
1201         (WebCore::write):
1202         (WebCore::writeLayers):
1203
1204 2016-02-07  Daniel Bates  <dabates@apple.com>
1205
1206         CSP: Allow Web Workers initiated from an isolated world to bypass the main world Content Security Policy
1207         https://bugs.webkit.org/show_bug.cgi?id=153622
1208         <rdar://problem/24400023>
1209
1210         Reviewed by Gavin Barraclough.
1211
1212         Fixes an issue where Web Workers initiated from an isolated world (say, a Safari Content Script Extension)
1213         would be subject to the Content Security Policy of the page.
1214
1215         Currently code in an isolated world that does not execute in a Web Worker is exempt from the CSP of
1216         the page. However, code that runs inside a Web Worker that was initiated from an isolated world is
1217         subject to the CSP of the page. Instead, such Web Worker code should also be exempt from the CSP of
1218         the page.
1219
1220         Tests: http/tests/security/isolatedWorld/bypass-main-world-csp-worker-blob-eval.html
1221                http/tests/security/isolatedWorld/bypass-main-world-csp-worker-blob-xhr.html
1222                http/tests/security/isolatedWorld/bypass-main-world-csp-worker.html
1223
1224         * Modules/websockets/WebSocket.cpp:
1225         (WebCore::WebSocket::connect): Modified to ask the script execution context whether to bypass the
1226         main world Content Security Policy now that script execution context knows this information.
1227         * bindings/js/ScriptController.cpp:
1228         (WebCore::ScriptController::shouldBypassMainWorldContentSecurityPolicy): Deleted; moved logic from here...
1229         * bindings/js/ScriptController.h:
1230         * dom/Document.cpp:
1231         (WebCore::Document::shouldBypassMainWorldContentSecurityPolicy): ...to here.
1232         * dom/Document.h:
1233         * dom/ScriptExecutionContext.h:
1234         (WebCore::ScriptExecutionContext::shouldBypassMainWorldContentSecurityPolicy): Added; defaults to false -
1235         do not bypass the main world Content Security Policy.
1236         * page/EventSource.cpp:
1237         (WebCore::EventSource::create): Modified to ask the script execution context whether to bypass the
1238         main world Content Security Policy now that script execution context knows this information.
1239         * page/csp/ContentSecurityPolicy.cpp:
1240         (WebCore::ContentSecurityPolicy::shouldBypassMainWorldContentSecurityPolicy): Deleted.
1241         * page/csp/ContentSecurityPolicy.h:
1242         * workers/AbstractWorker.cpp:
1243         (WebCore::AbstractWorker::resolveURL): Bypass the main world Content Security Policy if applicable.
1244         Added FIXME comment to enforce the child-src directive of the document's CSP (as opposed to the script-src
1245         directive) on the worker's script URL. Also, scriptExecutionContext()->contentSecurityPolicy() should
1246         always be non-null just as we expect scriptExecutionContext()->securityOrigin() to be non-null. Assert
1247         this invariant to catch cases where a ScriptExecutionContext is not properly initialized.
1248         * workers/DedicatedWorkerGlobalScope.cpp:
1249         (WebCore::DedicatedWorkerGlobalScope::create): Modified to take boolean argument shouldBypassMainWorldContentSecurityPolicy
1250         as to whether to bypass the main world Content Security Policy and only apply the Content Security
1251         Policy headers when shouldBypassMainWorldContentSecurityPolicy is false.
1252         (WebCore::DedicatedWorkerGlobalScope::DedicatedWorkerGlobalScope): Pass through a boolean argument shouldBypassMainWorldContentSecurityPolicy
1253         as to whether to bypass the main world Content Security Policy.
1254         * workers/DedicatedWorkerGlobalScope.h:
1255         * workers/DedicatedWorkerThread.cpp:
1256         (WebCore::DedicatedWorkerThread::DedicatedWorkerThread): Ditto.
1257         (WebCore::DedicatedWorkerThread::createWorkerGlobalScope): Ditto.
1258         * workers/DedicatedWorkerThread.h:
1259         * workers/Worker.cpp:
1260         (WebCore::Worker::create): Store whether we should bypass the main world Content Security Policy so
1261         that we can pass it to WorkerMessagingProxy::startWorkerGlobalScope() in Worker::notifyFinished().
1262         We need to store this decision here as opposed to determining it at any later time (say, in Worker::notifyFinished())
1263         because it is dependent on the current JavaScript program stack at the time this function is invoked.
1264         (WebCore::Worker::notifyFinished): Pass whether to bypass the main world Content Security Policy.
1265         * workers/Worker.h:
1266         * workers/WorkerGlobalScope.cpp:
1267         (WebCore::WorkerGlobalScope::WorkerGlobalScope): Modified to take a boolean as to whether to bypass the
1268         main world Content Security Policy and store it in a member field. Also, always instantiate a Content
1269         Security Policy object as our current code assumes that one is always created.
1270         * workers/WorkerGlobalScope.h:
1271         * workers/WorkerGlobalScopeProxy.h:
1272         * workers/WorkerMessagingProxy.cpp:
1273         (WebCore::WorkerMessagingProxy::startWorkerGlobalScope): Pass through a boolean argument shouldBypassMainWorldContentSecurityPolicy
1274         as to whether to bypass the main world Content Security Policy.
1275         * workers/WorkerMessagingProxy.h:
1276         * workers/WorkerThread.cpp:
1277         (WebCore::WorkerThreadStartupData::WorkerThreadStartupData): Modified to take a boolean argument as to
1278         whether to bypass the main world Content Security Policy and store it in a member field.
1279         (WebCore::WorkerThread::WorkerThread): Pass through a boolean argument shouldBypassMainWorldContentSecurityPolicy
1280         as to whether to bypass the main world Content Security Policy.
1281         (WebCore::WorkerThread::workerThread): Ditto.
1282         * workers/WorkerThread.h:
1283         * xml/XMLHttpRequest.cpp:
1284         (WebCore::XMLHttpRequest::open): Modified to ask the script execution context whether to bypass the
1285         main world Content Security Policy now that script execution context knows this information.
1286
1287 2016-02-07  Dan Bernstein  <mitz@apple.com>
1288
1289         [Cocoa] Replace __has_include guards around inclusion of Apple-internal-SDK headers with USE(APPLE_INTERNAL_SDK)
1290         https://bugs.webkit.org/show_bug.cgi?id=153963
1291
1292         Reviewed by Sam Weinig.
1293
1294         * accessibility/mac/AXObjectCacheMac.mm:
1295         * crypto/CommonCryptoUtilities.cpp:
1296         * crypto/CommonCryptoUtilities.h:
1297         * editing/mac/TextUndoInsertionMarkupMac.h:
1298         * editing/mac/TextUndoInsertionMarkupMac.mm:
1299         * platform/cocoa/TelephoneNumberDetectorCocoa.cpp:
1300         * platform/graphics/cg/ImageSourceCG.cpp:
1301         * platform/graphics/mac/PDFDocumentImageMac.mm:
1302         * platform/network/ios/NetworkStateNotifierIOS.mm:
1303         * platform/network/mac/BlobDataFileReferenceMac.mm:
1304         * platform/network/mac/ResourceHandleMac.mm:
1305         * rendering/RenderThemeMac.mm:
1306
1307 2016-02-07  Carlos Garcia Campos  <cgarcia@igalia.com>
1308
1309         REGRESSION(r195661): [GTK] Scrollbar tests crashing after overlay scrollbar groundwork
1310         https://bugs.webkit.org/show_bug.cgi?id=153695
1311
1312         Reviewed by Michael Catanzaro.
1313
1314         The problem is that ScrollAnimation objects are not destroyed by
1315         the ScrollAnimator destructor, because I forgot to add a virtual
1316         destructor for ScrollAnimation in r195661.
1317
1318         * platform/ScrollAnimation.h:
1319         (WebCore::ScrollAnimation::~ScrollAnimation):
1320
1321 2016-02-06  Chris Dumez  <cdumez@apple.com>
1322
1323         Prevent cross-origin access to window.history
1324         https://bugs.webkit.org/show_bug.cgi?id=153931
1325
1326         Reviewed by Darin Adler.
1327
1328         Prevent cross-origin access to window.history to match the specification [1]
1329         and the behavior of other browsers (tested Firefox and Chrome).
1330
1331         [1] https://html.spec.whatwg.org/multipage/browsers.html#security-window
1332
1333         No new tests, already covered by existing tests that
1334         were updated in this patch.
1335
1336         * bindings/js/JSHistoryCustom.cpp:
1337         (WebCore::JSHistory::pushState):
1338         (WebCore::JSHistory::replaceState):
1339         (WebCore::JSHistory::state): Deleted.
1340         * page/DOMWindow.idl:
1341         * page/History.idl:
1342
1343 2016-02-06  Beth Dakin  <bdakin@apple.com>
1344
1345         ScrollbarPainters needs to be deallocated on the main thread
1346         https://bugs.webkit.org/show_bug.cgi?id=153932
1347         -and corresponding-
1348         rdar://problem/24015483
1349
1350         Reviewed by Dan Bernstein.
1351
1352         Darin pointed out that this was still race-y. There was still a race 
1353         condition between the destruction of the two local variables and the
1354         destruction of the lambda on the main thread. This should fix that. 
1355         * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.h:
1356         * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
1357         (WebCore::ScrollingTreeFrameScrollingNodeMac::~ScrollingTreeFrameScrollingNodeMac):
1358         (WebCore::ScrollingTreeFrameScrollingNodeMac::releaseReferencesToScrollbarPaintersOnTheMainThread):
1359         (WebCore::ScrollingTreeFrameScrollingNodeMac::updateBeforeChildren):
1360
1361 2016-02-06  Darin Adler  <darin@apple.com>
1362
1363         Finish auditing call sites of upper() and lower(), eliminate many, and rename the functions
1364         https://bugs.webkit.org/show_bug.cgi?id=153905
1365
1366         Reviewed by Sam Weinig.
1367
1368         * Modules/mediasource/MediaSource.cpp:
1369         (WebCore::MediaSource::isTypeSupported): Use convertToASCIILowercase on MIME type.
1370
1371         * accessibility/AccessibilityObject.cpp:
1372         (WebCore::AccessibilityObject::selectText): Use new names for lower and upper. Also
1373         tweaked style a tiny bit and used u_toupper rather than converting an entire
1374         string to uppercase.
1375
1376         * dom/Document.cpp:
1377         (WebCore::Document::addImageElementByCaseFoldedUsemap): Renamed to reflect the use
1378         of case folding rather than lowercasing.
1379         (WebCore::Document::removeImageElementByCaseFoldedUsemap): Ditto.
1380         (WebCore::Document::imageElementByCaseFoldedUsemap): Ditto.
1381         * dom/Document.h: Ditto.
1382         * dom/DocumentOrderedMap.cpp:
1383         (WebCore::DocumentOrderedMap::getElementByCaseFoldedMapName): Ditto.
1384         (WebCore::DocumentOrderedMap::getElementByCaseFoldedUsemap): Ditto.
1385         * dom/DocumentOrderedMap.h: Ditto.
1386
1387         * dom/TreeScope.cpp:
1388         (WebCore::TreeScope::getImageMap): Removed unneeded special case for null string.
1389         Simplified logic for cases where the URL does not have a "#" character in it.
1390         Use case folding instead of lowercase.
1391
1392         * editing/cocoa/HTMLConverter.mm:
1393         (HTMLConverter::_processText): Removed unneded special case for the empty string.
1394         Use makCapitalized instead of Cocoa function for "capitalize". Use upper and lower
1395         functions by their new names.
1396
1397         * html/HTMLImageElement.cpp:
1398         (WebCore::HTMLImageElement::parseAttribute): Use case folding instead of
1399         lowerasing for the usemap attribute.
1400         (WebCore::HTMLImageElement::insertedInto): Ditto.
1401         (WebCore::HTMLImageElement::removedFrom): Ditto.
1402         (WebCore::HTMLImageElement::matchesCaseFoldedUsemap): Ditto.
1403         * html/HTMLImageElement.h: Rename since usemap is case folded now, not lowercased.
1404
1405         * html/HTMLMapElement.cpp:
1406         (WebCore::HTMLMapElement::imageElement): Use case folding instead of lowercasing
1407         for usemap.
1408         (WebCore::HTMLMapElement::parseAttribute): Ditto.
1409
1410         * platform/Language.cpp:
1411         (WebCore::canonicalLanguageIdentifier): Use convertToASCIILowercase for language code.
1412         (WebCore::indexOfBestMatchingLanguageInList): Ditto.
1413
1414         * platform/graphics/harfbuzz/HarfBuzzShaper.cpp:
1415         (WebCore::HarfBuzzShaper::shapeHarfBuzzRuns): Use new name for the upper function.
1416
1417         * platform/network/HTTPParsers.cpp:
1418         (WebCore::parseContentTypeOptionsHeader): Use equalLettersIgnoringASCIICase instead
1419         of lowercasing to check for a specific header value.
1420
1421         * platform/network/MIMEHeader.cpp:
1422         (WebCore::retrieveKeyValuePairs): Use convertToASCIILowercase for MIME header name.
1423         (WebCore::MIMEHeader::parseContentTransferEncoding): Use equalLettersIgnoringASCIICase
1424         instead of lowercasing.
1425
1426         * platform/network/cf/ResourceHandleCFNet.cpp:
1427         (WebCore::allowsAnyHTTPSCertificateHosts): Make this hash ASCII case-insensitive.
1428         (WebCore::clientCertificates): Ditto.
1429         (WebCore::ResourceHandle::createCFURLConnection): Remove call to lower since the
1430         set is now ASCII case-insensitive.
1431         (WebCore::ResourceHandle::setHostAllowsAnyHTTPSCertificate): Ditto.
1432         (WebCore::ResourceHandle::setClientCertificate): Ditto.
1433
1434         * platform/network/curl/CookieJarCurl.cpp:
1435         (WebCore::getNetscapeCookieFormat): Use equalLettersIgnoringASCIICase instead of
1436         lowercasing.
1437
1438         * platform/network/curl/MultipartHandle.cpp:
1439         (WebCore::MultipartHandle::didReceiveResponse): Use convertToASCIILowercase to
1440         make a MIME type lowercase.
1441
1442         * platform/network/curl/ResourceHandleCurl.cpp:
1443         (WebCore::ResourceHandle::setHostAllowsAnyHTTPSCertificate): Removed unneeded
1444         conversion to lowercase now that the set is ASCII case-insensitive.
1445         (WebCore::ResourceHandle::setClientCertificate): Removed code that populates a map
1446         that is then never used for anything.
1447
1448         * platform/network/curl/ResourceHandleManager.cpp:
1449         (WebCore::headerCallback): Use convertToASCIILowercase for MIME type.
1450
1451         * platform/network/curl/SSLHandle.cpp: Made hash maps keyed by host names
1452         ASCII case-insensitive.
1453         (WebCore::addAllowedClientCertificate): Removed lowercasing since the map itself
1454         is now ASCII case insensitve.
1455         (WebCore::setSSLClientCertificate): Ditto. Also use auto for iterator type so we
1456         don't have to write out the map type.
1457         (WebCore::sslIgnoreHTTPSCertificate): Ditto.
1458         (WebCore::certVerifyCallback): Ditto.
1459
1460         * platform/network/soup/ResourceHandleSoup.cpp: Made hash maps keyed by host names
1461         ASCII case-insensitive.
1462         (WebCore::allowsAnyHTTPSCertificateHosts): Ditto.
1463         (WebCore::handleUnignoredTLSErrors): Ditto.
1464         (WebCore::ResourceHandle::setHostAllowsAnyHTTPSCertificate): Ditto.
1465         (WebCore::ResourceHandle::setClientCertificate): Ditto.
1466
1467         * platform/text/LocaleToScriptMappingDefault.cpp: Made hash maps keyed by script
1468         names ASCII case-insensitive. USE WTF_ARRAY_LENGTH as appropriate.
1469         (WebCore::scriptNameToCode): Use modern style to initialize the map. Removed
1470         unnecessary lowercasing of the script name before looking at the map.
1471         (WebCore::localeToScriptCodeForFontSelection): Ditto.
1472
1473         * platform/text/win/LocaleWin.cpp:
1474         (WebCore::convertLocaleNameToLCID): Made map ASCII case-insensitive and removed
1475         unneeded lowercasing.
1476
1477         * platform/win/PasteboardWin.cpp:
1478         (WebCore::clipboardTypeFromMIMEType): Use equalLettersIgnoringASCIICase instead
1479         of lowercasing.
1480
1481         * rendering/RenderText.cpp:
1482         (WebCore::applyTextTransform): Use new names for the upper and lower functions.
1483
1484         * xml/XMLHttpRequest.cpp:
1485         (WebCore::XMLHttpRequest::responseIsXML): Remove unneeded lowercasing, since
1486         DOMImplementation now has ASCII case-insensitive handling of MIME types.
1487
1488 2016-02-06  Zalan Bujtas  <zalan@apple.com>
1489
1490         Outline should contribute to visual overflow.
1491         https://bugs.webkit.org/show_bug.cgi?id=153299
1492
1493         This patch eliminates the special outline handling (RenderView::setMaximalOutlineSize).
1494         Now that outline is part of visual overflow, we don't have to inflate the layers to accomodate
1495         outline borders.
1496         This patch fixes several focusring related repaint issues. However when both the outline: auto
1497         and the descendant renderer are composited, we still don't paint properly in certain cases. -not a regression.
1498         (Also when parent renderer has overflow: hidden repaint does not take outline into account. -regression.)
1499         It changes column behavior (see TestExpectations) since outline behaves now like any other visual overflow properties.
1500
1501         Reviewed by David Hyatt.
1502
1503         Test: fast/repaint/focus-ring-repaint.html
1504               fast/repaint/focus-ring-repaint-with-negative-offset.html
1505
1506         * css/html.css: resetting to old behavior.
1507         (:focus):
1508         (input:focus, textarea:focus, isindex:focus, keygen:focus, select:focus):
1509         * rendering/InlineFlowBox.cpp:
1510         (WebCore::InlineFlowBox::addToLine):
1511         (WebCore::InlineFlowBox::addOutlineVisualOverflow):
1512         (WebCore::InlineFlowBox::computeOverflow):
1513         (WebCore::InlineFlowBox::paint): Deleted.
1514         * rendering/InlineFlowBox.h:
1515         * rendering/RenderBlock.cpp:
1516         (WebCore::RenderBlock::computeOverflow):
1517         (WebCore::RenderBlock::outlineStyleForRepaint):
1518         (WebCore::RenderBlock::paint): Deleted.
1519         * rendering/RenderBlockFlow.cpp:
1520         (WebCore::RenderBlockFlow::layoutBlock): Deleted.
1521         (WebCore::RenderBlockFlow::addFocusRingRectsForInlineChildren): Deleted.
1522         * rendering/RenderBlockLineLayout.cpp:
1523         (WebCore::RenderBlockFlow::addOverflowFromInlineChildren):
1524         * rendering/RenderBox.cpp:
1525         (WebCore::RenderBox::addVisualEffectOverflow):
1526         (WebCore::RenderBox::applyVisualEffectOverflow):
1527         (WebCore::RenderBox::clippedOverflowRectForRepaint): Deleted.
1528         * rendering/RenderBoxModelObject.h:
1529         * rendering/RenderDetailsMarker.cpp:
1530         (WebCore::RenderDetailsMarker::paint): Deleted.
1531         * rendering/RenderElement.cpp:
1532         (WebCore::RenderElement::insertChildInternal):
1533         (WebCore::RenderElement::styleDidChange):
1534         (WebCore::RenderElement::repaintAfterLayoutIfNeeded):
1535         (WebCore::RenderElement::issueRepaintForOutlineAuto):
1536         (WebCore::RenderElement::updateOutlineAutoAncestor):
1537         (WebCore::RenderElement::computeMaxOutlineSize): Deleted.
1538         (WebCore::RenderElement::styleWillChange): Deleted.
1539         * rendering/RenderElement.h:
1540         (WebCore::RenderElement::hasContinuation):
1541         * rendering/RenderInline.cpp:
1542         (WebCore::RenderInline::paintOutlineForLine): Deleted.
1543         * rendering/RenderLayer.cpp:
1544         (WebCore::RenderLayer::calculateClipRects):
1545         * rendering/RenderLineBoxList.cpp:
1546         (WebCore::RenderLineBoxList::anyLineIntersectsRect):
1547         (WebCore::RenderLineBoxList::lineIntersectsDirtyRect):
1548         (WebCore::RenderLineBoxList::paint):
1549         (WebCore::isOutlinePhase): Deleted.
1550         * rendering/RenderLineBoxList.h:
1551         * rendering/RenderListBox.cpp:
1552         (WebCore::RenderListBox::computePreferredLogicalWidths):
1553         * rendering/RenderListMarker.cpp:
1554         (WebCore::RenderListMarker::paint): Deleted.
1555         * rendering/RenderObject.cpp:
1556         (WebCore::RenderObject::propagateRepaintToParentWithOutlineAutoIfNeeded): The renderer with outline: auto is responsible for
1557         painting focusring around the descendants. If we issued repaint only on the descendant when it changes,
1558         the focusring would not refresh properly. We have to find the ancestor with outline: auto, inflate the repaint rect and
1559         issue the repaint on the ancestor if we crossed repaint container.
1560  
1561         (WebCore::RenderObject::repaintUsingContainer):
1562         (WebCore::RenderObject::adjustRectForOutlineAndShadow):
1563         (WebCore::RenderObject::setHasOutlineAutoAncestor):
1564         (WebCore::RenderObject::adjustRectWithMaximumOutline): Deleted.
1565         
1566         * rendering/RenderObject.h: We mark the descendants of outline: auto so that
1567         when a child renderer changes we can propagate the repaint to the ancestor with outline.
1568
1569         (WebCore::RenderObject::hasOutlineAutoAncestor):
1570         (WebCore::RenderObject::RenderObjectRareData::RenderObjectRareData):
1571         * rendering/RenderRegion.cpp:
1572         (WebCore::RenderRegion::overflowRectForFlowThreadPortion):
1573         * rendering/RenderReplaced.cpp:
1574         (WebCore::RenderReplaced::shouldPaint): Deleted.
1575         (WebCore::RenderReplaced::clippedOverflowRectForRepaint): Deleted.
1576         * rendering/RenderTable.cpp:
1577         (WebCore::RenderTable::paint): Deleted.
1578         * rendering/RenderTableCell.cpp:
1579         (WebCore::RenderTableCell::clippedOverflowRectForRepaint): Deleted.
1580         (WebCore::RenderTableCell::paintCollapsedBorders): Deleted.
1581         * rendering/RenderTableRow.cpp:
1582         (WebCore::RenderTableRow::layout):
1583         (WebCore::RenderTableRow::clippedOverflowRectForRepaint): Deleted.
1584         * rendering/RenderTableSection.cpp:
1585         (WebCore::RenderTableSection::layoutRows):
1586         (WebCore::RenderTableSection::computeOverflowFromCells): Deleted.
1587         (WebCore::RenderTableSection::paintObject): Deleted.
1588         * rendering/RenderTheme.h:
1589         (WebCore::RenderTheme::platformFocusRingWidth):
1590         * rendering/RenderView.cpp:
1591         (WebCore::RenderView::setMaximalOutlineSize): Deleted.
1592         * rendering/RenderView.h:
1593         * rendering/style/RenderStyle.cpp:
1594         (WebCore::RenderStyle::changeAffectsVisualOverflow):
1595         (WebCore::RenderStyle::outlineWidth):
1596         * rendering/style/RenderStyle.h:
1597
1598 2016-02-06  Andreas Kling  <akling@apple.com>
1599
1600         [iOS] Throw away linked code when navigating to a new page.
1601         <https://webkit.org/b/153851>
1602
1603         Reviewed by Gavin Barraclough.
1604
1605         When navigating to a new page, tell JSC to throw out any linked code it has lying around.
1606         Linked code is tied to a specific global object, and as we're creating a new one for the
1607         new page, none of it is useful to us here.
1608
1609         In the event that the user navigates back, the cost of relinking some code will be far
1610         lower than the memory cost of keeping all of it around.
1611
1612         This landed previously but was rolled out due to a Speedometer regression. I've made one
1613         minor but important change here: only throw away code if we're navigating away from an
1614         existing history item. Or in other words, don't throw away code for "force peeks" or any
1615         other navigations that are not traditional top-level main frame navigations.
1616
1617         * bindings/js/GCController.cpp:
1618         (WebCore::GCController::deleteAllLinkedCode):
1619         * bindings/js/GCController.h:
1620         * loader/FrameLoader.cpp:
1621         (WebCore::FrameLoader::commitProvisionalLoad):
1622
1623 2016-02-06  Konstantin Tokarev  <annulen@yandex.ru>
1624
1625         Added implementations of AXObjectCache methods for !HAVE(ACCESSIBILITY).
1626         https://bugs.webkit.org/show_bug.cgi?id=153924
1627
1628         Reviewed by Andreas Kling.
1629
1630         No new tests needed.
1631
1632         * accessibility/AXObjectCache.h:
1633         (WebCore::AXObjectCache::ariaModalNode): Added stub implementation.
1634         (WebCore::AXObjectCache::postLiveRegionChangeNotification): Ditto.
1635         (WebCore::AXObjectCache::rangeForNodeContents): Ditto.
1636         (WebCore::AXObjectCache::setIsSynchronizingSelection): Ditto.
1637         (WebCore::AXObjectCache::setTextSelectionIntent): Ditto.
1638         (WebCore::AXAttributeCacheEnabler::AXAttributeCacheEnabler): Ditto.
1639         (WebCore::AXAttributeCacheEnabler::~AXAttributeCacheEnabler): Ditto.
1640
1641 2016-02-04  Antti Koivisto  <antti@apple.com>
1642
1643         Use scope stack instead of nested TreeResolvers for shadow trees
1644         https://bugs.webkit.org/show_bug.cgi?id=153893
1645
1646         Reviewed by Andreas Kling.
1647
1648         Make TreeResolver per-document. This is a step towards iterative style resolve.
1649
1650         This is done replacing use of nested TreeResolvers with a scope stack that maintains
1651         the style resolver and the selector filter for the current tree scope.
1652
1653         * style/StyleTreeResolver.cpp:
1654         (WebCore::Style::ensurePlaceholderStyle):
1655         (WebCore::Style::TreeResolver::Scope::Scope):
1656         (WebCore::Style::TreeResolver::TreeResolver):
1657         (WebCore::Style::shouldCreateRenderer):
1658         (WebCore::Style::TreeResolver::styleForElement):
1659         (WebCore::Style::TreeResolver::createRenderTreeForShadowRoot):
1660         (WebCore::Style::TreeResolver::createRenderTreeForSlotAssignees):
1661         (WebCore::Style::TreeResolver::createRenderTreeRecursively):
1662         (WebCore::Style::TreeResolver::resolveLocally):
1663         (WebCore::Style::TreeResolver::resolveShadowTree):
1664         (WebCore::Style::TreeResolver::resolveBeforeOrAfterPseudoElement):
1665         (WebCore::Style::TreeResolver::resolveChildren):
1666         (WebCore::Style::TreeResolver::resolveSlotAssignees):
1667         (WebCore::Style::TreeResolver::resolveRecursively):
1668         (WebCore::Style::TreeResolver::resolve):
1669         (WebCore::Style::detachRenderTree):
1670         * style/StyleTreeResolver.h:
1671         (WebCore::Style::TreeResolver::scope):
1672         (WebCore::Style::TreeResolver::pushScope):
1673         (WebCore::Style::TreeResolver::pushEnclosingScope):
1674         (WebCore::Style::TreeResolver::popScope):
1675
1676 2016-02-06  Commit Queue  <commit-queue@webkit.org>
1677
1678         Unreviewed, rolling out r196104.
1679         https://bugs.webkit.org/show_bug.cgi?id=153940
1680
1681         Regressed Speedometer on iOS (Requested by kling on #webkit).
1682
1683         Reverted changeset:
1684
1685         "[iOS] Throw away linked code when navigating to a new page."
1686         https://bugs.webkit.org/show_bug.cgi?id=153851
1687         http://trac.webkit.org/changeset/196104
1688
1689 2016-02-05  Beth Dakin  <bdakin@apple.com>
1690
1691         ScrollbarPainters needs to be deallocated on the main thread
1692         https://bugs.webkit.org/show_bug.cgi?id=153932
1693         -and corresponding-
1694         rdar://problem/24015483
1695
1696         Reviewed by Geoff Garen.
1697
1698         Follow-up fix since the first one was still race-y.
1699         * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
1700         (WebCore::ScrollingTreeFrameScrollingNodeMac::~ScrollingTreeFrameScrollingNodeMac):
1701         (WebCore::ScrollingTreeFrameScrollingNodeMac::updateBeforeChildren):
1702
1703 2016-02-05  Beth Dakin  <bdakin@apple.com>
1704
1705         ScrollbarPainters needs to be deallocated on the main thread
1706         https://bugs.webkit.org/show_bug.cgi?id=153932
1707         -and corresponding-
1708         rdar://problem/24015483
1709
1710         Reviewed by Tim Horton.
1711
1712         Ensure the the destructor of ScrollingTreeFrameScrollingNodeMac and the 
1713         assignments done in this class are not responsible for deallocating the 
1714         ScrollbarPainter. 
1715         * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
1716         (WebCore::ScrollingTreeFrameScrollingNodeMac::~ScrollingTreeFrameScrollingNodeMac):
1717         (WebCore::ScrollingTreeFrameScrollingNodeMac::updateBeforeChildren):
1718
1719 2016-02-05  Chris Dumez  <cdumez@apple.com>
1720
1721         Instance property getters / setters cannot be called on another instance of the same type
1722         https://bugs.webkit.org/show_bug.cgi?id=153895
1723
1724         Reviewed by Gavin Barraclough.
1725
1726         It should be possible to call instance property getters / setters on
1727         other instances of the same type, as per the WEB IDL specification:
1728         - http://heycam.github.io/webidl/#dfn-attribute-getter
1729         - http://heycam.github.io/webidl/#dfn-attribute-setter
1730
1731         This matches the behavior of Firefox.
1732
1733         The issue without our bindings was that the getters / setters were
1734         using |slotBase| instead of |thisValue| and therefore ended up using
1735         the instance the getter was taken from instead of the actual target
1736         object.
1737
1738         Test:
1739         js/instance-property-getter-other-instance.html
1740         js/instance-property-setter-other-instance.html
1741
1742         * bindings/scripts/CodeGeneratorJS.pm:
1743         (GenerateImplementation):
1744         - Have instance getters / setters use thisValue instead of slotBase.
1745         - In the case of interfaces that have attributes on the instance for
1746           compatibility reasons, try the prototype object if |thisValue| does
1747           does have the right type, instead of using slotBase like previously.
1748           I believe this maintains the original compatibility intention while
1749           also behaving correctly when called on another instance.
1750
1751         * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
1752         * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
1753         * bindings/scripts/test/JS/JSTestException.cpp:
1754         * bindings/scripts/test/JS/JSTestInterface.cpp:
1755         * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
1756         * bindings/scripts/test/JS/JSTestNode.cpp:
1757         * bindings/scripts/test/JS/JSTestNondeterministic.cpp:
1758         * bindings/scripts/test/JS/JSTestObj.cpp:
1759         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
1760         * bindings/scripts/test/JS/JSTestTypedefs.cpp:
1761         * bindings/scripts/test/JS/JSattribute.cpp:
1762         Rebaseline bindings tests.
1763
1764 2016-02-05  Brady Eidson  <beidson@apple.com>
1765
1766         Modern IDB: UniqueIDBDatabase's m_databaseInfo is unsafely used from multiple threads.
1767         https://bugs.webkit.org/show_bug.cgi?id=153912
1768
1769         Reviewed by Alex Christensen.
1770
1771         No new tests (Anything testable about this patch is already covered by existing tests).
1772
1773         * Modules/indexeddb/server/IDBBackingStore.h:
1774
1775         * Modules/indexeddb/server/MemoryIDBBackingStore.cpp:
1776         (WebCore::IDBServer::MemoryIDBBackingStore::infoForObjectStore):
1777         * Modules/indexeddb/server/MemoryIDBBackingStore.h:
1778
1779         Teach the SQLiteIDBBackingStore to actually keep its m_databaseInfo up to date as it changes,
1780         and to revert it when version change transactions abort:
1781         * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
1782         (WebCore::IDBServer::SQLiteIDBBackingStore::beginTransaction):
1783         (WebCore::IDBServer::SQLiteIDBBackingStore::abortTransaction):
1784         (WebCore::IDBServer::SQLiteIDBBackingStore::commitTransaction):
1785         (WebCore::IDBServer::SQLiteIDBBackingStore::createObjectStore):
1786         (WebCore::IDBServer::SQLiteIDBBackingStore::deleteObjectStore):
1787         (WebCore::IDBServer::SQLiteIDBBackingStore::createIndex):
1788         (WebCore::IDBServer::SQLiteIDBBackingStore::deleteIndex):
1789         (WebCore::IDBServer::SQLiteIDBBackingStore::infoForObjectStore):
1790         * Modules/indexeddb/server/SQLiteIDBBackingStore.h:
1791
1792         * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
1793         (WebCore::IDBServer::UniqueIDBDatabase::performPutOrAdd): Use the IDBBackingStore's copy of the 
1794           IDBObjectStoreInfo, meant only for the database thread, instead of the UniqueIDBDatabase's copy, 
1795           which is meant only for the main thread.
1796
1797 2016-02-05  Alex Christensen  <achristensen@webkit.org>
1798
1799         Clean up Blob code
1800         https://bugs.webkit.org/show_bug.cgi?id=153910
1801
1802         Reviewed by Alexey Proskuryakov.
1803
1804         No new tests, no change in behavior.
1805
1806         * css/StyleSheet.h:
1807         * fileapi/Blob.cpp:
1808         (WebCore::Blob::Blob):
1809         (WebCore::Blob::normalizedContentType):
1810         (WebCore::Blob::isNormalizedContentType):
1811         (WebCore::Blob::registry):
1812         * fileapi/Blob.h:
1813         * fileapi/BlobURL.cpp:
1814         (WebCore::BlobURL::createPublicURL):
1815         * fileapi/BlobURL.h:
1816         (WebCore::BlobURL::BlobURL):
1817         (WebCore::BlobURL::blobProtocol): Deleted.
1818         * platform/PlatformStrategies.cpp:
1819         (WebCore::setPlatformStrategies):
1820         (WebCore::hasPlatformStrategies): Deleted.
1821         * platform/PlatformStrategies.h:
1822         * platform/network/BlobRegistry.cpp:
1823         (WebCore::blobRegistry):
1824         * platform/network/BlobRegistry.h:
1825         * platform/network/BlobRegistryImpl.cpp:
1826         (WebCore::BlobRegistryImpl::~BlobRegistryImpl):
1827         (WebCore::createResourceHandle):
1828         (WebCore::registerBlobResourceHandleConstructor):
1829         (WebCore::BlobRegistryImpl::createResourceHandle):
1830         (WebCore::BlobRegistryImpl::appendStorageItems):
1831         (WebCore::BlobRegistryImpl::registerFileBlobURL):
1832         (WebCore::BlobRegistryImpl::registerBlobURL):
1833         * platform/network/BlobRegistryImpl.h:
1834         * platform/network/BlobResourceHandle.cpp:
1835         (WebCore::BlobResourceHandle::loadResourceSynchronously):
1836         (WebCore::BlobResourceHandle::BlobResourceHandle):
1837         * platform/network/ResourceHandle.h:
1838
1839 2016-02-05  Carlos Garcia Campos  <cgarcia@igalia.com>
1840
1841         [GTK] Scrollbars incorrectly rendered with older versions of GTK+
1842         https://bugs.webkit.org/show_bug.cgi?id=153861
1843
1844         Reviewed by Michael Catanzaro.
1845
1846         The theme doesn't really know it's a scrollbar. Older versions of
1847         GTK+ require to explicitly add the scrollbar style class to the
1848         child GtkStyleContext.
1849
1850         * platform/gtk/ScrollbarThemeGtk.cpp:
1851         (WebCore::createChildStyleContext):
1852
1853 2016-02-05  Carlos Garcia Campos  <cgarcia@igalia.com>
1854
1855         [GTK] Scrollbars not correctly rendered in non GNOME environments
1856         https://bugs.webkit.org/show_bug.cgi?id=153860
1857
1858         Reviewed by Michael Catanzaro.
1859
1860         I noticed this in a matchbox environment, where there's no
1861         gnome-setting-daemon running. The problem is only with the
1862         scrollbars, because we initialize the GtkSettings in
1863         RenderThemeGtk and notify the ScrollbarTheme when it changes, but
1864         ScrollbarTheme is created before RenderThemeGtk so we initialize
1865         the theme properties before the GtkSettings have been
1866         initialized. We can just let the ScrollbarTheme monitor the
1867         theme itself instead of relying on being notified by the WebCore
1868         layer.
1869
1870         * platform/gtk/ScrollbarThemeGtk.cpp:
1871         (WebCore::themeChangedCallback):
1872         (WebCore::ScrollbarThemeGtk::ScrollbarThemeGtk):
1873         * rendering/RenderThemeGtk.cpp:
1874         (WebCore::gtkStyleChangedCallback): Deleted.
1875
1876 2016-02-05  Youenn Fablet  <youenn.fablet@crf.canon.fr>
1877
1878         Remove DOMWrapped parameter from JSKeyValueIterator
1879         https://bugs.webkit.org/show_bug.cgi?id=153859
1880
1881         Reviewed by Sam Weinig.
1882
1883         No change in behavior.
1884
1885         Using std::declval to infer DOMWrapped from JSWrapper::wrapped.
1886
1887         * bindings/js/JSFetchHeadersCustom.cpp:
1888         (WebCore::JSFetchHeaders::entries):
1889         (WebCore::JSFetchHeaders::keys):
1890         (WebCore::JSFetchHeaders::values):
1891         * bindings/js/JSKeyValueIterator.h:
1892         (WebCore::createIterator):
1893         (WebCore::JSKeyValueIterator<JSWrapper>::destroy):
1894         (WebCore::JSKeyValueIterator<JSWrapper>::next):
1895         (WebCore::JSKeyValueIteratorPrototypeFunctionNext):
1896         (WebCore::JSKeyValueIteratorPrototype<JSWrapper>::finishCreation):
1897
1898 2016-02-05  Nan Wang  <n_wang@apple.com>
1899
1900         AX: WebKit hanging when VoiceOver attempts to focus in on page
1901         https://bugs.webkit.org/show_bug.cgi?id=153899
1902         <rdar://problem/24506603>
1903
1904         Reviewed by Chris Fleizach.
1905
1906         The VisiblePosition to CharacterOffset conversion will lead to an infinite loop if the
1907         nextVisiblePostion call is returning the original VisiblePosition. Fixed it by breaking out
1908         of the loop early in that situation. 
1909
1910         Test: accessibility/text-marker/character-offset-visible-position-conversion-hang.html
1911
1912         * accessibility/AXObjectCache.cpp:
1913         (WebCore::AXObjectCache::characterOffsetFromVisiblePosition):
1914
1915 2016-02-04  Joseph Pecoraro  <pecoraro@apple.com>
1916
1917         Web Inspector: InspectorTimelineAgent doesn't need to recompile functions because it now uses the sampling profiler
1918         https://bugs.webkit.org/show_bug.cgi?id=153500
1919         <rdar://problem/24352458>
1920
1921         Reviewed by Timothy Hatcher.
1922
1923         * bindings/js/JSDOMWindowBase.cpp:
1924         (WebCore::JSDOMWindowBase::supportsLegacyProfiling):
1925         (WebCore::JSDOMWindowBase::supportsRichSourceInfo):
1926         (WebCore::JSDOMWindowBase::supportsProfiling): Deleted.
1927         * bindings/js/JSDOMWindowBase.h:
1928         * bindings/js/JSWorkerGlobalScopeBase.cpp:
1929         (WebCore::JSWorkerGlobalScopeBase::supportsLegacyProfiling):
1930         (WebCore::JSWorkerGlobalScopeBase::supportsProfiling): Deleted.
1931         * bindings/js/JSWorkerGlobalScopeBase.h:
1932         * inspector/InspectorController.h:
1933         * inspector/InspectorController.cpp:
1934         (WebCore::InspectorController::legacyProfilerEnabled):
1935         (WebCore::InspectorController::setLegacyProfilerEnabled):
1936         Be more explicit about enabling legacy profiling.
1937
1938         * inspector/InspectorTimelineAgent.cpp:
1939         (WebCore::InspectorTimelineAgent::willDestroyFrontendAndBackend):
1940         (WebCore::InspectorTimelineAgent::didCreateFrontendAndBackend): Deleted.
1941         TimelineAgent doesn't need to recompile if using the sampling profiler.
1942         This breaks console.profile, but console.profile should move to using
1943         the sampling profiler as well.
1944
1945         (WebCore::InspectorTimelineAgent::startFromConsole):
1946         (WebCore::InspectorTimelineAgent::stopFromConsole):
1947         (WebCore::startProfiling): Deleted.
1948         (WebCore::stopProfiling): Deleted.
1949         Inlined the use once static functions.
1950
1951         * page/PageConsoleClient.cpp:
1952         (WebCore::PageConsoleClient::profile):
1953         (WebCore::PageConsoleClient::profileEnd):
1954         Added FIXMEs for improving console.profile and profileEnd.
1955
1956         * testing/Internals.cpp:
1957         (WebCore::Internals::resetToConsistentState):
1958         (WebCore::Internals::setLegacyJavaScriptProfilingEnabled):
1959         (WebCore::Internals::setJavaScriptProfilingEnabled): Deleted.
1960         * testing/Internals.h:
1961         * testing/Internals.idl:
1962         Be more explicit about enabling legacy profiling.
1963
1964 2016-02-04  Brent Fulgham  <bfulgham@apple.com>
1965
1966         Follow-up: Add "WebKit built-in PDF" Plugin to set of publicly visible plugins
1967         https://bugs.webkit.org/show_bug.cgi?id=153657
1968         <rdar://problem/24413107>
1969
1970         Reviewed by Darin Adler.
1971
1972         * plugins/PluginData.cpp:
1973         (WebCore::shouldBePubliclyVisible): Revise comments to provide a
1974         better explanation of the function and why it exists.
1975
1976 2016-02-04  Jonathan Davis  <jond@apple.com>
1977
1978         Add Fetch API and CSS Variables to feature status
1979         https://bugs.webkit.org/show_bug.cgi?id=153896
1980
1981         Reviewed by Timothy Hatcher.
1982
1983         * features.json:
1984
1985 2016-02-04  Daniel Bates  <dabates@apple.com>
1986
1987         WebKit for iOS Simulator fails to build with public iOS SDK
1988         https://bugs.webkit.org/show_bug.cgi?id=153881
1989
1990         Reviewed by Alex Christensen.
1991
1992         Make constants have internal linkage to match the Apple Internal SDK.
1993
1994         * platform/spi/ios/MobileGestaltSPI.h:
1995
1996 2016-02-04  Chris Dumez  <cdumez@apple.com>
1997
1998         Object.getOwnPropertyDescriptor() returns incomplete descriptor for instance properties
1999         https://bugs.webkit.org/show_bug.cgi?id=153817
2000
2001         Reviewed by Geoffrey Garen.
2002
2003         Update the bindings generator so that property getters / setters now
2004         make sure |this| has the right type and throw a TypeError if it does
2005         not, as per:
2006         - http://heycam.github.io/webidl/#dfn-attribute-getter (step 2.4.2)
2007         - http://heycam.github.io/webidl/#dfn-attribute-setter (step 3.5)
2008
2009         This was an issue when doing something like:
2010         Object.getOwnPropertyDescriptor(window, "location").get.call(nonWindow)
2011
2012         We would call toJSDOMWindow(thisValue), which would return null as
2013         thisValue is not a JSDOMWindow. We would then dereference this null
2014         pointer and crash. We now do a null check and throw a TypeError in
2015         this case, as per the Web IDL specification.
2016
2017         The generated bindings still have some non-spec compliant behavior
2018         though:
2019         1. The getters / setters of instance properties use slotBase instead
2020            of thisValue, which means that calling instanceA's getter on
2021            instanceB returns instanceA's property insteas of instanceB's.
2022         2. Global object property getters should not require an explicit
2023            |this| so calling the following should work:
2024            - Object.getOwnPropertyDescriptor(window, "location").get.call()
2025            We currently throw in this case.
2026
2027         These issues will be addressed in follow-up patches.
2028
2029         Tests: js/getOwnPropertyDescriptor-unforgeable-attributes.html
2030                js/getOwnPropertyDescriptor-window-attributes.html
2031                js/instance-property-getter-other-instance.html
2032
2033         * bindings/scripts/CodeGeneratorJS.pm:
2034         (GenerateImplementation):
2035         * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
2036         (WebCore::jsTestActiveDOMObjectExcitingAttr):
2037         * bindings/scripts/test/JS/JSTestException.cpp:
2038         (WebCore::jsTestExceptionName):
2039         * bindings/scripts/test/JS/JSTestObj.cpp:
2040         (WebCore::jsTestObjConstructorTestSubObj):
2041         (WebCore::jsTestObjTestSubObjEnabledBySettingConstructor):
2042         (WebCore::jsTestObjConditionalAttr4Constructor):
2043         (WebCore::jsTestObjConditionalAttr5Constructor):
2044         (WebCore::jsTestObjConditionalAttr6Constructor):
2045         (WebCore::jsTestObjContentDocument):
2046         (WebCore::setJSTestObjTestSubObjEnabledBySettingConstructor):
2047         (WebCore::setJSTestObjConditionalAttr4Constructor):
2048         (WebCore::setJSTestObjConditionalAttr5Constructor):
2049         (WebCore::setJSTestObjConditionalAttr6Constructor):
2050         (WebCore::setJSTestObjConstructor): Deleted.
2051         (WebCore::setJSTestObjConstructorStaticStringAttr): Deleted.
2052         (WebCore::setJSTestObjConditionalAttr3): Deleted.
2053         * bindings/scripts/test/JS/JSTestTypedefs.cpp:
2054         (WebCore::jsTestTypedefsConstructorTestSubObj):
2055
2056 2016-02-04  Brady Eidson  <beidson@apple.com>
2057
2058         Modern IDB: LayoutTest imported/w3c/indexeddb/keyorder-private.html is flaky.
2059         https://bugs.webkit.org/show_bug.cgi?id=153438.
2060
2061         Reviewed by Alex Christensen.
2062
2063         Tests: storage/indexeddb/modern/idbkey-array-equality-private.html
2064                storage/indexeddb/modern/idbkey-array-equality.html
2065
2066         * Modules/indexeddb/IDBKeyData.cpp:
2067         (WebCore::IDBKeyData::loggingString):
2068         (WebCore::IDBKeyData::operator==): Fix obvious bug.
2069
2070 2016-02-04  Chris Dumez  <cdumez@apple.com>
2071
2072         Unreviewed, fix the EFL clean build after r196123
2073         https://bugs.webkit.org/show_bug.cgi?id=153875
2074
2075         * CMakeLists.txt:
2076         * PlatformGTK.cmake:
2077         * PlatformMac.cmake:
2078         * html/DOMSettableTokenList.h:
2079         * html/DOMSettableTokenList.idl:
2080
2081 2016-02-04  Eric Carlson  <eric.carlson@apple.com>
2082
2083         PageGroup::captionPreferences should return a reference
2084         https://bugs.webkit.org/show_bug.cgi?id=153877
2085         <rdar://problem/24506917>
2086
2087         Reviewed by Jer Noble.
2088
2089         No new tests, no functional change.
2090
2091         * Modules/mediacontrols/MediaControlsHost.cpp:
2092         (WebCore::MediaControlsHost::sortedTrackListForMenu):
2093         (WebCore::MediaControlsHost::displayNameForTrack):
2094         (WebCore::MediaControlsHost::captionMenuOffItem):
2095         (WebCore::MediaControlsHost::captionDisplayMode):
2096         * dom/Document.cpp:
2097         (WebCore::Document::registerForCaptionPreferencesChangedCallbacks):
2098         * html/HTMLMediaElement.cpp:
2099         (WebCore::HTMLMediaElement::HTMLMediaElement):
2100         (WebCore::HTMLMediaElement::addTextTrack):
2101         (WebCore::HTMLMediaElement::configureTextTrackGroup):
2102         (WebCore::HTMLMediaElement::setSelectedTextTrack):
2103         (WebCore::HTMLMediaElement::configureTextTracks):
2104         (WebCore::HTMLMediaElement::captionPreferencesChanged):
2105         (WebCore::HTMLMediaElement::mediaPlayerPreferredAudioCharacteristics):
2106         * html/shadow/MediaControlElements.cpp:
2107         (WebCore::MediaControlClosedCaptionsTrackListElement::updateDisplay):
2108         (WebCore::MediaControlClosedCaptionsTrackListElement::rebuildTrackListMenu):
2109         (WebCore::MediaControlTextTrackContainerElement::updateActiveCuesFontSize):
2110         * page/PageGroup.cpp:
2111         (WebCore::PageGroup::captionPreferencesChanged):
2112         (WebCore::PageGroup::captionPreferences):
2113         * page/PageGroup.h:
2114         * platform/cocoa/WebVideoFullscreenModelVideoElement.mm:
2115         (WebVideoFullscreenModelVideoElement::updateLegibleOptions):
2116         * testing/InternalSettings.cpp:
2117         (WebCore::InternalSettings::setShouldDisplayTrackKind):
2118         (WebCore::InternalSettings::shouldDisplayTrackKind):
2119         * testing/Internals.cpp:
2120         (WebCore::Internals::resetToConsistentState):
2121         (WebCore::Internals::Internals):
2122         (WebCore::Internals::userPreferredAudioCharacteristics):
2123         (WebCore::Internals::setUserPreferredAudioCharacteristic):
2124         (WebCore::Internals::captionsStyleSheetOverride):
2125         (WebCore::Internals::setCaptionsStyleSheetOverride):
2126         (WebCore::Internals::setPrimaryAudioTrackLanguageOverride):
2127         (WebCore::Internals::setCaptionDisplayMode):
2128
2129 2016-02-04  Konstantin Tokarev  <annulen@yandex.ru>
2130
2131         Removed unused Settings::setPrivateBrowsingEnabled.
2132         https://bugs.webkit.org/show_bug.cgi?id=153869
2133
2134         Reviewed by Alexey Proskuryakov.
2135
2136         Implementation of Settings::setPrivateBrowsingEnabled was removed
2137         in r166661, but declaration is still here.
2138
2139         No new tests needed.
2140
2141         * page/Settings.h:
2142         (WebCore::Settings::setPrivateBrowsingEnabled): Deleted.
2143
2144 2016-02-04  Eric Carlson  <eric.carlson@apple.com>
2145
2146         Don't discard in-band cues with negative start times
2147         https://bugs.webkit.org/show_bug.cgi?id=153867
2148         <rdar://problem/19588632>
2149
2150         Reviewed by Jer Noble.
2151
2152         No new tests, updated and un-skipped http/tests/media/track-in-band-hls-metadata.html.
2153
2154         * platform/graphics/avfoundation/InbandMetadataTextTrackPrivateAVF.cpp:
2155         (WebCore::InbandMetadataTextTrackPrivateAVF::addDataCue):  ASSERT if passed negative time value.
2156         (WebCore::InbandMetadataTextTrackPrivateAVF::updatePendingCueEndTimes): Ditto. Correct logging.
2157
2158         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
2159         (WebCore::MediaPlayerPrivateAVFoundationObjC::processCue): ASSERT if passed negative time value.
2160         (WebCore::MediaPlayerPrivateAVFoundationObjC::metadataDidArrive): Convert negative cue times to zero.
2161         (-[WebCoreAVFMovieObserver legibleOutput:didOutputAttributedStrings:nativeSampleBuffers:forItemTime:]):
2162           Ditto.
2163
2164 2016-02-04  Hyemi Shin  <hyemi.sin@samsung.com>
2165
2166         Specify an exception for createChannelMerger, createChannelSplitter and createPeriodicWave
2167         https://bugs.webkit.org/show_bug.cgi?id=150925
2168
2169         Reviewed by Darin Adler.
2170
2171         createChannelMerger and createChannelSplitter should throw INDEX_SIZE_ERR
2172         for invalid numberOfInputs value.
2173         createPeriodicWave should throw INDEX_SIZE_ERR for invalid lengths of parameters.
2174
2175         Tests: webaudio/audiochannelmerger-basic.html
2176                webaudio/audiochannelsplitter.html
2177                webaudio/periodicwave-lengths.html
2178
2179         * Modules/webaudio/AudioContext.cpp:
2180         (WebCore::AudioContext::createChannelSplitter):
2181         (WebCore::AudioContext::createChannelMerger):
2182         (WebCore::AudioContext::createPeriodicWave):
2183
2184 2016-02-04  Youenn Fablet  <youenn.fablet@crf.canon.fr>
2185
2186         [Fetch API] Add support for iterating over Headers
2187         https://bugs.webkit.org/show_bug.cgi?id=153787
2188
2189         Reviewed by Darin Adler.
2190
2191         Relanding, updating bindings/js/JSKeyValueIterator.h for Windows bots.
2192
2193         Covered by updated tests.
2194         Introducing template class (JSKeyValueIterator) to support key-value iterators in DOM classes.
2195         Using JSKeyValueIterator to implement Headers entries(), keys() and values() as custom methods.
2196         Binding generator should be updated to generate directly these custom methods and handle iterator Symbol.
2197
2198         * CMakeLists.txt:
2199         * Modules/fetch/FetchHeaders.cpp:
2200         (WebCore::FetchHeaders::Iterator::next):
2201         (WebCore::FetchHeaders::Iterator::Iterator):
2202         * Modules/fetch/FetchHeaders.h:
2203         (WebCore::FetchHeaders::createIterator):
2204         * Modules/fetch/FetchHeaders.idl:
2205         * WebCore.xcodeproj/project.pbxproj:
2206         * bindings/js/JSBindingsAllInOne.cpp:
2207         * bindings/js/JSDOMBinding.h:
2208         (WebCore::jsPair):
2209         * bindings/js/JSFetchHeadersCustom.cpp: Added.
2210         (WebCore::JSFetchHeaders::entries):
2211         (WebCore::JSFetchHeaders::keys):
2212         (WebCore::JSFetchHeaders::values):
2213         * bindings/js/JSKeyValueIterator.h: Added.
2214         (WebCore::JSKeyValueIteratorPrototype::create):
2215         (WebCore::JSKeyValueIteratorPrototype::createStructure):
2216         (WebCore::JSKeyValueIteratorPrototype::JSKeyValueIteratorPrototype):
2217         (WebCore::createIterator):
2218         (WebCore::DOMWrapped>::destroy):
2219         (WebCore::DOMWrapped>::next):
2220         (WebCore::DOMWrapped>::finishCreation):
2221
2222 2016-02-04  Chris Dumez  <cdumez@apple.com>
2223
2224         Merge DOMTokenList and DOMSettableTokenList
2225         https://bugs.webkit.org/show_bug.cgi?id=153677
2226         <rdar://problem/24419675>
2227
2228         Reviewed by Sam Weinig.
2229
2230         Merge DOMTokenList and DOMSettableTokenList, as per a recent
2231         specification change:
2232         - https://github.com/whatwg/dom/pull/120
2233         - https://github.com/whatwg/html/issues/361
2234
2235         No new tests, already covered by existing tests.
2236
2237         * CMakeLists.txt:
2238         * DerivedSources.cpp:
2239         * WebCore.vcxproj/WebCore.vcxproj:
2240         * WebCore.vcxproj/WebCore.vcxproj.filters:
2241         * WebCore.xcodeproj/project.pbxproj:
2242         * dom/Element.idl:
2243         * dom/Node.h:
2244         * dom/NodeRareData.h:
2245         * html/AttributeDOMTokenList.h:
2246         * html/DOMSettableTokenList.cpp: Removed.
2247         * html/DOMSettableTokenList.h:
2248         * html/DOMSettableTokenList.idl:
2249         * html/DOMTokenList.cpp:
2250         (WebCore::DOMTokenList::setValue):
2251         * html/DOMTokenList.h:
2252         * html/DOMTokenList.idl:
2253         * html/HTMLAnchorElement.idl:
2254         * html/HTMLAreaElement.idl:
2255         * html/HTMLElement.cpp:
2256         * html/HTMLElement.idl:
2257         * html/HTMLIFrameElement.cpp:
2258         (WebCore::HTMLIFrameElement::sandbox):
2259         * html/HTMLIFrameElement.h:
2260         * html/HTMLIFrameElement.idl:
2261         * html/HTMLLinkElement.cpp:
2262         (WebCore::HTMLLinkElement::sizes):
2263         * html/HTMLLinkElement.h:
2264         * html/HTMLLinkElement.idl:
2265         * html/HTMLOutputElement.cpp:
2266         (WebCore::HTMLOutputElement::htmlFor):
2267         * html/HTMLOutputElement.h:
2268         * html/HTMLOutputElement.idl:
2269         * html/HTMLTableCellElement.idl:
2270         * page/DOMWindow.cpp:
2271         * page/DOMWindow.idl:
2272
2273 2016-02-04  Youenn Fablet  <youenn.fablet@crf.canon.fr>
2274
2275         Unreviewed.
2276         Reverting r196115 and r19116, related tohttps://bugs.webkit.org/show_bug.cgi?id=153787.
2277
2278 2016-02-04  Alejandro G. Castro  <alex@igalia.com>
2279
2280         [GTK] Implement mediastream mediaplayer
2281         https://bugs.webkit.org/show_bug.cgi?id=153541
2282
2283         Reviewed by Martin Robinson.
2284
2285         Added the implementation of the mediaplayer for the
2286         mediastream. The code was implemented by Philippe Normand and
2287         Alessandro Decina.
2288
2289         * PlatformGTK.cmake: Added the file to the compilation.
2290         * html/HTMLMediaElement.cpp:
2291         (WebCore::HTMLMediaElement::setSrcObject): Set the src of the
2292         media element to the mediastream.
2293         * platform/graphics/MediaPlayer.cpp:
2294         (WebCore::buildMediaEnginesVector): Register the mediastream
2295         mediaplayer as an option in the media engines vector.
2296         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerOwr.cpp: Added.
2297         (WebCore::MediaPlayerPrivateGStreamerOwr::MediaPlayerPrivateGStreamerOwr):
2298         (WebCore::MediaPlayerPrivateGStreamerOwr::~MediaPlayerPrivateGStreamerOwr):
2299         (WebCore::MediaPlayerPrivateGStreamerOwr::play):
2300         (WebCore::MediaPlayerPrivateGStreamerOwr::pause):
2301         (WebCore::MediaPlayerPrivateGStreamerOwr::hasVideo):
2302         (WebCore::MediaPlayerPrivateGStreamerOwr::hasAudio):
2303         (WebCore::MediaPlayerPrivateGStreamerOwr::currentTime):
2304         (WebCore::MediaPlayerPrivateGStreamerOwr::load):
2305         (WebCore::MediaPlayerPrivateGStreamerOwr::loadingFailed):
2306         (WebCore::MediaPlayerPrivateGStreamerOwr::didLoadingProgress):
2307         (WebCore::MediaPlayerPrivateGStreamerOwr::internalLoad):
2308         (WebCore::MediaPlayerPrivateGStreamerOwr::stop):
2309         (WebCore::MediaPlayerPrivateGStreamerOwr::registerMediaEngine):
2310         (WebCore::MediaPlayerPrivateGStreamerOwr::getSupportedTypes):
2311         (WebCore::MediaPlayerPrivateGStreamerOwr::supportsType):
2312         (WebCore::MediaPlayerPrivateGStreamerOwr::isAvailable):
2313         (WebCore::MediaPlayerPrivateGStreamerOwr::createGSTAudioSinkBin):
2314         (WebCore::MediaPlayerPrivateGStreamerOwr::sourceStopped):
2315         (WebCore::MediaPlayerPrivateGStreamerOwr::sourceMutedChanged):
2316         (WebCore::MediaPlayerPrivateGStreamerOwr::sourceSettingsChanged):
2317         (WebCore::MediaPlayerPrivateGStreamerOwr::preventSourceFromStopping):
2318         (WebCore::MediaPlayerPrivateGStreamerOwr::createVideoSink):
2319         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerOwr.h: Added.
2320         (WebCore::MediaPlayerPrivateGStreamerOwr::engineDescription):
2321         (WebCore::MediaPlayerPrivateGStreamerOwr::load):
2322         (WebCore::MediaPlayerPrivateGStreamerOwr::cancelLoad):
2323         (WebCore::MediaPlayerPrivateGStreamerOwr::prepareToPlay):
2324         (WebCore::MediaPlayerPrivateGStreamerOwr::duration):
2325         (WebCore::MediaPlayerPrivateGStreamerOwr::seek):
2326         (WebCore::MediaPlayerPrivateGStreamerOwr::seeking):
2327         (WebCore::MediaPlayerPrivateGStreamerOwr::setRate):
2328         (WebCore::MediaPlayerPrivateGStreamerOwr::setPreservesPitch):
2329         (WebCore::MediaPlayerPrivateGStreamerOwr::paused):
2330         (WebCore::MediaPlayerPrivateGStreamerOwr::hasClosedCaptions):
2331         (WebCore::MediaPlayerPrivateGStreamerOwr::setClosedCaptionsVisible):
2332         (WebCore::MediaPlayerPrivateGStreamerOwr::maxTimeSeekable):
2333         (WebCore::MediaPlayerPrivateGStreamerOwr::buffered):
2334         (WebCore::MediaPlayerPrivateGStreamerOwr::totalBytes):
2335         (WebCore::MediaPlayerPrivateGStreamerOwr::bytesLoaded):
2336         (WebCore::MediaPlayerPrivateGStreamerOwr::canLoadPoster):
2337         (WebCore::MediaPlayerPrivateGStreamerOwr::setPoster):
2338         (WebCore::MediaPlayerPrivateGStreamerOwr::isLiveStream):
2339         (WebCore::MediaPlayerPrivateGStreamerOwr::audioSink):
2340
2341 2016-02-04  Youenn Fablet  <youenn.fablet@crf.canon.fr>
2342
2343         [Fetch API] Add support for iterating over Headers
2344         https://bugs.webkit.org/show_bug.cgi?id=153787
2345
2346         Reviewed by Darin Adler.
2347
2348         Covered by updated tests.
2349         Introducing template class (JSKeyValueIterator) to support key-value iterators in DOM classes.
2350         Using JSKeyValueIterator to implement Headers entries(), keys() and values() as custom methods.
2351         Binding generator should be updated to generate directly these custom methods and handle iterator Symbol.
2352
2353         * CMakeLists.txt:
2354         * Modules/fetch/FetchHeaders.cpp:
2355         (WebCore::FetchHeaders::Iterator::next):
2356         (WebCore::FetchHeaders::Iterator::Iterator):
2357         * Modules/fetch/FetchHeaders.h:
2358         (WebCore::FetchHeaders::createIterator):
2359         * Modules/fetch/FetchHeaders.idl:
2360         * WebCore.xcodeproj/project.pbxproj:
2361         * bindings/js/JSDOMBinding.h:
2362         (WebCore::jsPair):
2363         * bindings/js/JSBindingsAllInOne.cpp:
2364         * bindings/js/JSFetchHeadersCustom.cpp: Added.
2365         (WebCore::JSFetchHeaders::entries):
2366         (WebCore::JSFetchHeaders::keys):
2367         (WebCore::JSFetchHeaders::values):
2368         * bindings/js/JSKeyValueIterator.h: Added.
2369         (WebCore::JSKeyValueIteratorPrototype::create):
2370         (WebCore::JSKeyValueIteratorPrototype::createStructure):
2371         (WebCore::JSKeyValueIteratorPrototype::JSKeyValueIteratorPrototype):
2372         (WebCore::JSKeyValueIteratorPrototypeFuncNext):
2373
2374 2016-02-03  Carlos Garcia Campos  <cgarcia@igalia.com>
2375
2376         Do not show context menu when right clicking on a scrollbar
2377         https://bugs.webkit.org/show_bug.cgi?id=153493
2378
2379         Reviewed by Michael Catanzaro.
2380
2381         Scrollbars don't currently handle right clicks, but we are showing
2382         the context menu when they are right clicked. This is not desired
2383         at least in GTK+ and I've checked that it isn't consistent with
2384         other applications in Mac either.
2385
2386         Test: fast/events/contextmenu-on-scrollbars.html
2387
2388         * page/EventHandler.cpp:
2389         (WebCore::EventHandler::sendContextMenuEvent):
2390
2391 2016-02-03  Andreas Kling  <akling@apple.com>
2392
2393         [iOS] Throw away linked code when navigating to a new page.
2394         <https://webkit.org/b/153851>
2395
2396         Reviewed by Gavin Barraclough.
2397
2398         When navigating to a new page, tell JSC to throw out any linked code it has lying around.
2399         Linked code is tied to a specific global object, and as we're creating a new one for the
2400         new page, none of it is useful to us here.
2401         In the event that the user navigates back, the cost of relinking some code will be far
2402         lower than the memory cost of keeping all of it around.
2403
2404         * bindings/js/GCController.cpp:
2405         (WebCore::GCController::deleteAllLinkedCode):
2406         * bindings/js/GCController.h:
2407         * loader/FrameLoader.cpp:
2408         (WebCore::FrameLoader::commitProvisionalLoad):
2409
2410 2016-02-03  Alex Christensen  <achristensen@webkit.org>
2411
2412         Report wasBlocked and cannotShowURL errors when using NetworkSession
2413         https://bugs.webkit.org/show_bug.cgi?id=153846
2414
2415         Reviewed by Antti Koivisto.
2416
2417         No new tests, but this fixes http/tests/xmlhttprequest/redirect-cross-origin-2.html
2418         when using NetworkSession.
2419
2420         * platform/URL.h:
2421         WEBCORE_EXPORT because we are using portAllowed in WebKit2 now.
2422
2423 2016-02-03  Jer Noble  <jer.noble@apple.com>
2424
2425         iOS build fix after Yosemite build fix broke iOS build.
2426
2427         * platform/network/cocoa/WebCoreNSURLSession.h:
2428         * platform/network/cocoa/WebCoreNSURLSession.mm:
2429
2430 2016-02-03  Beth Dakin  <bdakin@apple.com>
2431
2432         Accepted candidates should not be autocorrected
2433         https://bugs.webkit.org/show_bug.cgi?id=153813
2434         -and corresponding-
2435         rdar://problem/24066924
2436
2437         Reviewed by Darin Adler.
2438
2439         New document marker to mark inserted candidates. This was we can treat 
2440         inserted candidates just like a RejectedCorrection and we won’t accidentally 
2441         autocorrect them later on.
2442         * dom/DocumentMarker.h:
2443         (WebCore::DocumentMarker::AllMarkers::AllMarkers):
2444         * editing/AlternativeTextController.cpp:
2445         (WebCore::AlternativeTextController::processMarkersOnTextToBeReplacedByResult):
2446
2447         When handling an acceptant candidate, set m_isHandlingAcceptedCandidate to
2448         true while the text is being inserted, and then mark the range as an accepted 
2449         candidate.
2450         * editing/Editor.cpp:
2451         (WebCore::Editor::handleAcceptedCandidate):
2452         * editing/Editor.h:
2453         (WebCore::Editor::isHandlingAcceptedCandidate):
2454
2455         If frame.editor. isHandlingAcceptedCandidate() then return early from 
2456         markMisspellingsAfterTyping.
2457         * editing/TypingCommand.cpp:
2458         (WebCore::TypingCommand::markMisspellingsAfterTyping):
2459
2460         Add some test infrastructure. 
2461         * testing/Internals.cpp:
2462         (WebCore::Internals::handleAcceptedCandidate):
2463         * testing/Internals.h:
2464         * testing/Internals.idl:
2465
2466 2016-02-03  Jer Noble  <jer.noble@apple.com>
2467
2468         [Win] Pass entire request (rather than just URL) to clients of WebCoreAVCFResourceLoader
2469         https://bugs.webkit.org/show_bug.cgi?id=153653
2470
2471         Reviewed by Brent Fulgham.
2472
2473         This will allow those clients to see the byte-range request ("Range:") header and respond
2474         appropriately.
2475
2476         * platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp:
2477         (WebCore::WebCoreAVCFResourceLoader::startLoading):
2478
2479 2016-02-03  Jer Noble  <jer.noble@apple.com>
2480
2481         Yosemite build fix; hide the entire WebCoreNSURLSessionDataTask class from Yosemite and prior.
2482
2483         * platform/network/cocoa/WebCoreNSURLSession.h:
2484         * platform/network/cocoa/WebCoreNSURLSession.mm:
2485         (-[WebCoreNSURLSessionDataTask initWithSession:identifier:URL:]):
2486         (-[WebCoreNSURLSessionDataTask initWithSession:identifier:request:]):
2487
2488 2016-02-03  Jer Noble  <jer.noble@apple.com>
2489
2490         [EME][Mac] MediaKeys.createSession() fails with initData containing a contentId whose length is > 1/2 the initData.
2491         https://bugs.webkit.org/show_bug.cgi?id=153517
2492         <rdar://problem/24303782>
2493
2494         Reviewed by Eric Carlson.
2495
2496         The length of contentId is given in bytes, not Uint16 characters. Use the former when extracting
2497         the contentId string from the initData.
2498
2499         * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
2500         (WebCore::MediaPlayerPrivateAVFoundation::extractKeyURIKeyIDAndCertificateFromInitData):
2501
2502 2016-02-03  Jer Noble  <jer.noble@apple.com>
2503
2504         [Mac] Wrap a resource and resource loader in a NSURLSession-like object for use by lower level frameworks
2505         https://bugs.webkit.org/show_bug.cgi?id=153669
2506
2507         Reviewed by Alex Christensen.
2508
2509         API Test: WebCore.WebCoreNSURLSession
2510
2511         Add a NSURLSession-like object, which wraps a CachedResourceLoader and CachedRawResource, which we can
2512         hand to lower-level frameworks, so that network loads by those frameworks use WebKit's loader.
2513
2514         * platform/network/cocoa/WebCoreNSURLSession.h: Added.
2515         * platform/network/cocoa/WebCoreNSURLSession.mm: Added.
2516         (-[WebCoreNSURLSession initWithResourceLoader:delegate:delegateQueue:]):
2517         (-[WebCoreNSURLSession dealloc]):
2518         (-[WebCoreNSURLSession copyWithZone:]):
2519         (-[WebCoreNSURLSession delegateQueue]):
2520         (-[WebCoreNSURLSession configuration]):
2521         (-[WebCoreNSURLSession loader]):
2522         (-[WebCoreNSURLSession finishTasksAndInvalidate]):
2523         (-[WebCoreNSURLSession invalidateAndCancel]):
2524         (-[WebCoreNSURLSession resetWithCompletionHandler:]):
2525         (-[WebCoreNSURLSession flushWithCompletionHandler:]):
2526         (-[WebCoreNSURLSession getTasksWithCompletionHandler:]):
2527         (-[WebCoreNSURLSession getAllTasksWithCompletionHandler:]):
2528         (-[WebCoreNSURLSession dataTaskWithRequest:]):
2529         (-[WebCoreNSURLSession dataTaskWithURL:]):
2530         (-[WebCoreNSURLSession uploadTaskWithRequest:fromFile:]):
2531         (-[WebCoreNSURLSession uploadTaskWithRequest:fromData:]):
2532         (-[WebCoreNSURLSession uploadTaskWithStreamedRequest:]):
2533         (-[WebCoreNSURLSession downloadTaskWithRequest:]):
2534         (-[WebCoreNSURLSession downloadTaskWithURL:]):
2535         (-[WebCoreNSURLSession downloadTaskWithResumeData:]):
2536         (-[WebCoreNSURLSession streamTaskWithHostName:port:]):
2537         (-[WebCoreNSURLSession streamTaskWithNetService:]):
2538         (-[WebCoreNSURLSession isKindOfClass:]):
2539
2540         Add a C++ class which can act as a CachedRawResourceClient, passing the results back to a WebCoreNSURLSessionDataTask:
2541
2542         (WebCore::WebCoreNSURLSessionDataTaskClient::WebCoreNSURLSessionDataTaskClient):
2543         (WebCore::WebCoreNSURLSessionDataTaskClient::dataSent):
2544         (WebCore::WebCoreNSURLSessionDataTaskClient::responseReceived):
2545         (WebCore::WebCoreNSURLSessionDataTaskClient::dataReceived):
2546         (WebCore::WebCoreNSURLSessionDataTaskClient::redirectReceived):
2547         (WebCore::WebCoreNSURLSessionDataTaskClient::notifyFinished):
2548
2549         Add a NSURLSessionDataTask-like object, which takes a request, then uses it to create and wrap a CachedRawResource.
2550         Becase NSURSessionDataTask is intended to be used off-main-thread, care must be taken to dispatch back to the main-
2551         (or web-) thread before calling CachedRawResource functions.
2552
2553         (-[WebCoreNSURLSessionDataTask initWithSession:identifier:URL:]):
2554         (-[WebCoreNSURLSessionDataTask initWithSession:identifier:request:]):
2555         (-[WebCoreNSURLSessionDataTask copyWithZone:]):
2556         (-[WebCoreNSURLSessionDataTask _restart]):
2557         (-[WebCoreNSURLSessionDataTask _cancel]):
2558         (-[WebCoreNSURLSessionDataTask _finish]):
2559         (-[WebCoreNSURLSessionDataTask _setDefersLoading:]):
2560         (-[WebCoreNSURLSessionDataTask cancel]):
2561         (-[WebCoreNSURLSessionDataTask suspend]):
2562         (-[WebCoreNSURLSessionDataTask resume]):
2563         (-[WebCoreNSURLSessionDataTask _timingData]):
2564         (-[WebCoreNSURLSessionDataTask resource:sentBytes:totalBytesToBeSent:]):
2565         (-[WebCoreNSURLSessionDataTask resource:receivedResponse:]):
2566         (-[WebCoreNSURLSessionDataTask resource:receivedData:length:]):
2567         (-[WebCoreNSURLSessionDataTask resource:receivedRedirect:request:]):
2568         (-[WebCoreNSURLSessionDataTask resourceFinished:]):
2569         * WebCore.xcodeproj/project.pbxproj: Add new files to project.
2570
2571 2016-02-03  Darin Adler  <darin@apple.com>
2572
2573         Convert another batch of String::lower callsites to something better, typically convertToASCIILowercase
2574         https://bugs.webkit.org/show_bug.cgi?id=153789
2575
2576         Reviewed by Sam Weinig.
2577
2578         * dom/DOMImplementation.cpp:
2579         (WebCore::DOMImplementation::isXMLMIMEType): Use equalLettersIgnoringASCIICase
2580         and the boolean argument to endsWith to ignore ASCII case.
2581         (WebCore::DOMImplementation::isTextMIMEType): Ditto. Also simplified the logic
2582         by removing an if statement.
2583
2584         * dom/Document.cpp:
2585         (WebCore::isSeparator): Deleted. Moved to WindowFeatures.cpp.
2586         (WebCore::processArguments): Ditto.
2587         (WebCore::Document::processViewport): Call the processFeaturesString function
2588         from WindowFeatures.h; the code here was originally just a pasted copy of that code!
2589         (WebCore::Document::processFormatDetection): Ditto.
2590
2591         * html/HTMLCanvasElement.cpp:
2592         (WebCore::HTMLCanvasElement::toEncodingMimeType): Remove now-unneeded
2593         lowercasing of MIME type before calling isSupportedImageMIMETypeForEncoding,
2594         since the MIME type registry now ignores ASCII case. Use convertToASCIILowercase
2595         on the return value, to preserve behavior.
2596         (WebCore::HTMLCanvasElement::toDataURL): Minor coding style tweaks.
2597
2598         * html/HTMLEmbedElement.cpp:
2599         (WebCore::HTMLEmbedElement::parseAttribute): Use convertToASCIILowercase for
2600         the service type here.
2601
2602         * html/HTMLImageElement.cpp:
2603         (WebCore::HTMLImageElement::bestFitSourceFromPictureElement): Remove now-unneeded
2604         lowercasing since MIME type registry now ignores ASCII case. And use
2605         equalLettersIgnoringASCIICase for the case here.
2606
2607         * html/HTMLInputElement.cpp:
2608         (WebCore::parseAcceptAttribute): Use convertToASCIILowercase for the type here.
2609
2610         * html/HTMLLinkElement.cpp:
2611         (WebCore::HTMLLinkElement::parseAttribute): Use convertToASCIILowercase for the
2612         media value here.
2613
2614         * html/HTMLMediaElement.cpp:
2615         (WebCore::HTMLMediaElement::canPlayType): Use convertToASCIILowercase for the
2616         content type here.
2617         (WebCore::HTMLMediaElement::selectNextSourceChild): Ditto.
2618
2619         * html/HTMLObjectElement.cpp:
2620         (WebCore::HTMLObjectElement::parseAttribute): Use convertToASCIILowercase for
2621         the service type here.
2622
2623         * html/HTMLTrackElement.cpp:
2624         (WebCore::HTMLTrackElement::parseAttribute): Use convertToASCIILowercase for
2625         the kind here.
2626         (WebCore::HTMLTrackElement::ensureTrack): Ditto. Also use fastGetAttribute
2627         since this is neither the style attribute nor an animatable SVG attribute.
2628
2629         * html/parser/HTMLTreeBuilder.cpp:
2630         (WebCore::createCaseMap): Use convertToASCIILowercase for the local names here.
2631
2632         * inspector/DOMPatchSupport.cpp:
2633         (WebCore::DOMPatchSupport::patchNode): Use containsIgnoringASCIICase instead
2634         of combining lower with find == notFound here.
2635         (WebCore::nodeName): Use convertToASCIILowercase here.
2636
2637         * inspector/InspectorOverlay.cpp:
2638         (WebCore::buildObjectForElementData): Use convertToASCIILowercase for node
2639         name here.
2640
2641         * inspector/InspectorPageAgent.cpp:
2642         (WebCore::createXHRTextDecoder): Remove a now-unneeded call to lower since
2643         DOMImplementation::isXMLMIMEType now ignores ASCII case.
2644
2645         * inspector/InspectorStyleSheet.cpp:
2646         (WebCore::lowercasePropertyName): Use convertToASCIILowercase for property
2647         names here. Also use startsWith rather than a hand-written alternative.
2648         (WebCore::InspectorStyle::populateAllProperties): Use the return value of
2649         the add function to avoid doing a double hash table lookp.
2650         (WebCore::InspectorStyle::styleWithProperties): Use convertToASCIILowercase
2651         to lowercase the property name.
2652
2653         * inspector/NetworkResourcesData.cpp:
2654         (WebCore::createOtherResourceTextDecoder): Remove unneeded call to lower since
2655         DOMImplement::isXMLMIMEType now ignores ASCII case.
2656
2657         * loader/CrossOriginAccessControl.cpp:
2658         (WebCore::createAccessControlPreflightRequest): Use convertToASCIILowercase
2659         to lowercase the access control request header field value.
2660
2661         * loader/cache/CachedScript.cpp:
2662         (WebCore::CachedScript::mimeType): Use convertToASCIILowercase on the content type.
2663
2664         * page/CaptionUserPreferencesMediaAF.cpp:
2665         (WebCore::languageIdentifier): Use convertToASCIILowercase on the language code.
2666
2667         * page/DOMWindow.cpp:
2668         (WebCore::DOMWindow::open): Call parseWindowFeatures instead of using the
2669         constructor for WindowFeatures.
2670         (WebCore::DOMWindow::showModalDialog): Call parseDialogFeatures instead of
2671         using the constructor for WindowFeatures.
2672
2673         * page/EventHandler.cpp:
2674         (WebCore::findDropZone): Remove unneeded lowercasing and empty string checking,
2675         and use the option SpaceSplitString already has to convert to lowercase.
2676         (WebCore::EventHandler::handleAccessKey): Remove unneeded call to lower since
2677         getElementByAccessKey now ignores case. Also tweaked coding style a bit.
2678
2679         * page/OriginAccessEntry.cpp:
2680         (WebCore::OriginAccessEntry::OriginAccessEntry): Use convertToASCIILowercase
2681         on the protocol and host.
2682         (WebCore::OriginAccessEntry::matchesOrigin): Ditto.
2683
2684         * page/SecurityOrigin.cpp:
2685         (WebCore::shouldTreatAsUniqueOrigin): Remove unneeded call to lower since
2686         SchemeRegistry now ignores ASCII case.
2687         (WebCore::SecurityOrigin::SecurityOrigin): Use convertToASCIILowercase on
2688         the protocol and host.
2689         (WebCore::SecurityOrigin::setDomainFromDOM): Use convertToASCIILowercase on
2690         the domain.
2691         (WebCore::SecurityOrigin::canDisplay): Remove call to lower since SchemeRegistry
2692         now ignores ASCII case and because this now uses equalIgnoringASCIICase in
2693         one place that used to use exact matching.
2694
2695         * page/WindowFeatures.cpp: Refactored so this is now some helper functions
2696         plus a struct rather than a class.
2697         (WebCore::isSeparator): Renamed this and removed special handling for NUL.
2698         (WebCore::parseWindowFeatures): Moved the code that was formerly in the
2699         WindowFeatures constructor in here. Refactored the parsing into the
2700         processFeaturesString function, shared with the functions in Document that
2701         do the same kind of parsing. Removed the code that converts the entire string
2702         to lowercase before parsing.
2703         (WebCore::processFeaturesString): Moved the improved version of this function
2704         here from Document.cpp; more efficient because it doesn't allocate strings.
2705         (WebCore::setWindowFeature): Changed to be a function private to this file
2706         with internal linkage. Use equalLettersIgnoringASCIICase so we no longer
2707         rely on converting the string to lowercase before parsing.
2708         (WebCore::parseDialogFeatures): Similar refactoring, but also changed all
2709         the default handling to use Optional<> instead of default values.
2710         (WebCore::boolFeature): Changed to use option and to ignore ASCII case.
2711         (WebCore::floatFeature): Ditto.
2712         (WebCore::parseDialogFeaturesMap): Removed the calls to lower, which are
2713         not needed any more.
2714
2715         * page/WindowFeatures.h: Added default values for all the data members,
2716         and removed all the functions from the WindowFeatures struct. Added the two
2717         functions for parsing window and dialog features. Also added the
2718         processFeaturesString function so we can share it with Document.cpp.
2719
2720         * platform/SchemeRegistry.cpp:
2721         (WebCore::SchemeRegistry::removeURLSchemeRegisteredAsLocal): Use
2722         equalLettersIgnoringASCIICase to ignore ASCII case.
2723
2724         * platform/efl/MIMETypeRegistryEfl.cpp:
2725         (WebCore::MIMETypeRegistry::getMIMETypeForExtension): Use a modern for loop,
2726         and equalIgnoringASCIICase rather than calling lower.
2727
2728         * platform/graphics/MediaPlayer.cpp:
2729         (WebCore::MediaPlayer::load): Use convertToASCIILowercase on MIME type and
2730         key system.
2731         (WebCore::MediaPlayer::generateKeyRequest): Ditto.
2732         (WebCore::MediaPlayer::addKey): Ditto.
2733         (WebCore::MediaPlayer::cancelKeyRequest): Ditto.
2734
2735         * platform/graphics/opengl/Extensions3DOpenGLCommon.cpp:
2736         (WebCore::Extensions3DOpenGLCommon::Extensions3DOpenGLCommon): Use
2737         convertToASCIILowercase on vendor string.
2738
2739         * platform/gtk/MIMETypeRegistryGtk.cpp:
2740         (WebCore::MIMETypeRegistry::getMIMETypeForExtension): Use a modern for loop,
2741         and equalIgnoringASCIICase rather than calling lower.
2742
2743         * platform/mac/PasteboardMac.mm:
2744         (WebCore::cocoaTypeFromHTMLClipboardType): Use convertToASCIILowercase
2745         on the type. Also did a bit of renaming and tweaking the logic.
2746
2747 2016-02-03  Dave Hyatt  <hyatt@apple.com>
2748
2749         Implement hanging-punctuation property parsing.
2750         https://bugs.webkit.org/show_bug.cgi?id=18109.
2751
2752         Reviewed by Zalan Bujtas.
2753
2754         Added parsing test in fast/css.
2755
2756         * css/CSSComputedStyleDeclaration.cpp:
2757         (WebCore::renderEmphasisPositionFlagsToCSSValue):
2758         (WebCore::hangingPunctuationToCSSValue):
2759         (WebCore::fillRepeatToCSSValue):
2760         (WebCore::ComputedStyleExtractor::propertyValue):
2761         * css/CSSParser.cpp:
2762         (WebCore::CSSParser::parseValue):
2763         (WebCore::CSSParser::parseTextIndent):
2764         (WebCore::CSSParser::parseHangingPunctuation):
2765         (WebCore::CSSParser::parseLineBoxContain):
2766         * css/CSSParser.h:
2767         * css/CSSPrimitiveValueMappings.h:
2768         (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
2769         (WebCore::CSSPrimitiveValue::operator HangingPunctuation):
2770         (WebCore::CSSPrimitiveValue::operator LineBreak):
2771         * css/CSSPropertyNames.in:
2772         * css/CSSValueKeywords.in:
2773         * css/StyleBuilderConverter.h:
2774         (WebCore::StyleBuilderConverter::convertRegionBreakInside):
2775         (WebCore::StyleBuilderConverter::convertHangingPunctuation):
2776         * rendering/style/RenderStyle.cpp:
2777         (WebCore::RenderStyle::changeRequiresLayout):
2778         * rendering/style/RenderStyle.h:
2779         * rendering/style/RenderStyleConstants.h:
2780         (WebCore::operator| ):
2781         (WebCore::operator|= ):
2782         * rendering/style/StyleRareInheritedData.cpp:
2783         (WebCore::StyleRareInheritedData::StyleRareInheritedData):
2784         (WebCore::StyleRareInheritedData::operator==):
2785         * rendering/style/StyleRareInheritedData.h:
2786
2787 2016-02-03  Jessie Berlin  <jberlin@webkit.org>
2788
2789         Build fix.
2790
2791         [NSEvent context] has always returned nil. Replace uses with nullptr.
2792
2793         * page/mac/EventHandlerMac.mm:
2794         (WebCore::EventHandler::sendFakeEventsAfterWidgetTracking):
2795
2796 2016-02-03  Carlos Garcia Campos  <cgarcia@igalia.com>
2797
2798         [GTK] Layout Test http/tests/appcache/different-https-origin-resource-main.html is failing
2799         https://bugs.webkit.org/show_bug.cgi?id=145253
2800
2801         Reviewed by Michael Catanzaro.
2802
2803         The problem is that when the load is cancelled while the
2804         connection is still being established,
2805         SoupMessage::notify::tls-errors is emitted and the handler calls
2806         ResourceHandleClient::didFail() which can delete the ResourceHandle.
2807
2808         * platform/network/soup/ResourceHandleSoup.cpp:
2809         (WebCore::tlsErrorsChangedCallback): Protect the ResourceHandle
2810         for the scope of the callback because
2811         ResourceHandleClient::didFail() could delete the object.
2812
2813 2016-02-03  Carlos Garcia Campos  <cgarcia@igalia.com>
2814
2815         REGRESSION(r191948): [GStreamer] 4 new timeouts on layout tests.
2816         https://bugs.webkit.org/show_bug.cgi?id=152797
2817
2818         Reviewed by Darin Adler.
2819
2820         Always schedule messages to the main thread, even when the bus
2821         sync handlder was called in the main thread. It seems that
2822         GStreamer expects things to happen in the next main loop
2823         iteration.
2824
2825         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
2826         (WebCore::MediaPlayerPrivateGStreamer::createGSTPlayBin):
2827
2828 2016-02-03  Zan Dobersek  <zdobersek@igalia.com>
2829
2830         [TexMap] CompositingCoordinator should store the overlay layer, flush it as appropriate
2831         https://bugs.webkit.org/show_bug.cgi?id=152058
2832
2833         Reviewed by Michael Catanzaro.
2834
2835         Previously, the CompositingCoordinator only added the overlay layer to the
2836         layer tree, but flushing its compositing state is also required. For that to
2837         happen, CompositingCoordinator has to store a pointer to the overlay layer
2838         object and flush it in ::flushPendingLayerChanges().
2839
2840         Overlay layers are most prominently used by the Web Inspector to highlight
2841         the DOM elements on the Web page that are being hovered in the inspector.
2842
2843         * platform/graphics/texmap/coordinated/CompositingCoordinator.cpp:
2844         (WebCore::CompositingCoordinator::CompositingCoordinator):
2845         (WebCore::CompositingCoordinator::setRootCompositingLayer):
2846         (WebCore::CompositingCoordinator::flushPendingLayerChanges):
2847         * platform/graphics/texmap/coordinated/CompositingCoordinator.h:
2848
2849 2016-02-03  Zan Dobersek  <zdobersek@igalia.com>
2850
2851         [CoordinatedGraphics] CompositingCoordinator destructor is scheduling layer flushes
2852         https://bugs.webkit.org/show_bug.cgi?id=153823
2853
2854         Reviewed by Carlos Garcia Campos.
2855
2856         Purging the backing stores during the CompositingCoordinator destructor
2857         is also scheduling layer flushes in the object's client, which is an object
2858         of the LayerTreeHost-deriving class that owns the CompositingCoordinator
2859         object in question and is also being destroyed.
2860
2861         In case of ThreadedCoordinatedLayerTreeHost, this scheduling can access
2862         the RunLoop::Timer object which has already been destroyed, causing a
2863         crash. Another problem with this is that we're invoking a virtual function
2864         on an object that's being destructed, which works well enough in this case
2865         but should be discouraged in general.
2866
2867         In order to avoid this, add the m_isDestructing boolean to the
2868         CompositingCoordinator class, flip it to true during the destruction,
2869         and check for its falseness before scheduling a layer flush.
2870
2871         * platform/graphics/texmap/coordinated/CompositingCoordinator.cpp:
2872         (WebCore::CompositingCoordinator::CompositingCoordinator):
2873         (WebCore::CompositingCoordinator::~CompositingCoordinator):
2874         (WebCore::CompositingCoordinator::notifyFlushRequired):
2875         * platform/graphics/texmap/coordinated/CompositingCoordinator.h:
2876
2877 2016-02-03  Zan Dobersek  <zdobersek@igalia.com>
2878
2879         [TexMap] Don't use RELEASE_ASSERT in TextureMapperLayer::computeTransformsRecursive()
2880         https://bugs.webkit.org/show_bug.cgi?id=153822
2881
2882         Reviewed by Carlos Garcia Campos.
2883
2884         * platform/graphics/texmap/TextureMapperLayer.cpp:
2885         (WebCore::TextureMapperLayer::computeTransformsRecursive):
2886         Use ASSERT to check that the m_children members are indeed children
2887         of the current layer, RELEASE_ASSERT probably slipped in unnoticed
2888         at some point.
2889
2890 2016-02-03  Zan Dobersek  <zdobersek@igalia.com>
2891
2892         PlatformPathCairo: Lazily allocate the path surface
2893         https://bugs.webkit.org/show_bug.cgi?id=153821
2894
2895         Reviewed by Carlos Garcia Campos.
2896
2897         Move the static variable that holds the Cairo surface into
2898         the pathSurface() function (previously getPathSurface). This
2899         way the surface will only be allocated once the function is
2900         called for the first time from the CairoPath surface.
2901
2902         No change in functionality, just a cleanup.
2903
2904         * platform/graphics/cairo/PlatformPathCairo.cpp:
2905         (WebCore::pathSurface):
2906         (WebCore::CairoPath::CairoPath):
2907         (WebCore::getPathSurface): Deleted.
2908
2909 2016-02-02  Fujii Hironori  <Hironori.Fujii@jp.sony.com>
2910
2911         ASSERTION FAILED: roundedIntPoint(rendererMappedResult) == roundedIntPoint(result)
2912         https://bugs.webkit.org/show_bug.cgi?id=153576
2913
2914         Reviewed by Darin Adler.
2915
2916         Tests: fast/block/geometry-map-assertion-with-rounding-negative-half.html
2917
2918         The results of roundedIntPoint of FloatPoint and LayoutPoint may be different
2919         because of the uniqueness of LayoutUnit::round introduced by this bug
2920         <https://bugs.webkit.org/show_bug.cgi?id=107208>.
2921         Should convert a FloatPoint to a LayoutPoint before rounding.
2922
2923         * rendering/RenderGeometryMap.cpp:
2924         (WebCore::RenderGeometryMap::mapToContainer):
2925
2926 2016-02-02  Aakash Jain  <aakash_jain@apple.com>
2927
2928         Remove references to CallFrameInlines.h
2929         https://bugs.webkit.org/show_bug.cgi?id=153810
2930
2931         Reviewed by Mark Lam.
2932
2933         * ForwardingHeaders/interpreter/CallFrameInlines.h: Removed.
2934
2935 2016-02-02  Jinyoung Hur  <hur.ims@navercorp.com>
2936
2937         WEBGL_debug_shaders should be disabled for OpenGLES backend also
2938         https://bugs.webkit.org/show_bug.cgi?id=153788
2939
2940         Reviewed by Darin Adler.
2941
2942         WEBGL_debug_shaders extension is disabled for OpenGL backed platform
2943         because the implementation is not fully compliant to the spec yet.
2944         Because this is not an OpenGL-specific problem, WEBGL_debug_shaders extension
2945         should be disabled for OpenGLES backed platforms also.
2946
2947         No new tests, already covered by existing tests.
2948
2949         * platform/graphics/opengl/Extensions3DOpenGL.cpp:
2950         (WebCore::Extensions3DOpenGL::supportsExtension): Deleted.
2951         * platform/graphics/opengl/Extensions3DOpenGLCommon.cpp:
2952         (WebCore::Extensions3DOpenGLCommon::supports):
2953
2954 2016-02-02  Brady Eidson  <beidson@apple.com>
2955
2956         Modern IDB: storage/indexeddb/cursor-primary-key-order.html fails with SQLite backend.
2957         https://bugs.webkit.org/show_bug.cgi?id=153800
2958
2959         Reviewed by Alex Christensen.
2960
2961         No new tests (Existing tests now unskipped).
2962
2963         The IndexRecords SQL schema did not order things by primaryKey.
2964         
2965         Easy fix to the schema. Sadly requires a migration...
2966
2967         * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
2968         (WebCore::IDBServer::v1IndexRecordsTableSchema):
2969         (WebCore::IDBServer::v1IndexRecordsTableSchemaAlternate):
2970         (WebCore::IDBServer::v2IndexRecordsTableSchema):
2971         (WebCore::IDBServer::v2IndexRecordsTableSchemaAlternate):
2972         (WebCore::IDBServer::SQLiteIDBBackingStore::ensureValidIndexRecordsTable):
2973         (WebCore::IDBServer::SQLiteIDBBackingStore::createAndPopulateInitialDatabaseInfo):
2974         * Modules/indexeddb/server/SQLiteIDBBackingStore.h:
2975
2976 2016-02-02  Tim Horton  <timothy_horton@apple.com>
2977
2978         <attachment> should attempt to guess the icon from the file extension if all else fails
2979         https://bugs.webkit.org/show_bug.cgi?id=153804
2980         <rdar://problem/24448146>
2981
2982         Reviewed by Anders Carlsson.
2983
2984         Test: fast/attachment/attachment-icon-from-file-extension.html
2985
2986         * platform/graphics/Icon.h:
2987         * platform/graphics/mac/IconMac.mm:
2988         (WebCore::Icon::createIconForFileExtension):
2989         * rendering/RenderThemeMac.mm:
2990         (WebCore::iconForAttachment):
2991         If we can't find an icon any other way, try assuming that the title is a filename,
2992         grab its extension, and have NSWorkspace try to work out an icon for it.
2993
2994 2016-02-02  Antti Koivisto  <antti@apple.com>
2995
2996         Factor style sharing code out of StyleResolver
2997         https://bugs.webkit.org/show_bug.cgi?id=153768
2998
2999         Reviewed by Darin Adler.
3000
3001         Move the code to a new class, Style::SharingResolver.
3002
3003         When resolving document style we query the sharing resolver first before using the regular style resolver.
3004         Other paths that call style resolver were mostly already disabling it with DisallowStyleSharing flag.
3005
3006         * WebCore.xcodeproj/project.pbxproj:
3007         * css/ElementRuleCollector.cpp:
3008         (WebCore::MatchRequest::MatchRequest):
3009         (WebCore::ElementRuleCollector::matchAllRules):
3010         (WebCore::ElementRuleCollector::hasAnyMatchingRules):
3011
3012             More const.
3013
3014         * css/ElementRuleCollector.h:
3015         (WebCore::ElementRuleCollector::setRegionForStyling):
3016         (WebCore::ElementRuleCollector::setMedium):
3017         * css/MediaQueryMatcher.cpp:
3018         (WebCore::MediaQueryMatcher::prepareEvaluator):
3019         * css/StyleMedia.cpp:
3020         (WebCore::StyleMedia::matchMedium):
3021         * css/StyleResolver.cpp:
3022         (WebCore::StyleResolver::State::cacheBorderAndBackground):
3023         (WebCore::StyleResolver::StyleResolver):
3024         (WebCore::StyleResolver::sweepMatchedPropertiesCache):
3025         (WebCore::StyleResolver::State::State):
3026         (WebCore::StyleResolver::State::setStyle):
3027         (WebCore::isAtShadowBoundary):
3028         (WebCore::StyleResolver::styleForElement):
3029         (WebCore::StyleResolver::classNamesAffectedByRules): Deleted.
3030         (WebCore::parentElementPreventsSharing): Deleted.
3031         (WebCore::StyleResolver::locateCousinList): Deleted.
3032         (WebCore::StyleResolver::styleSharingCandidateMatchesRuleSet): Deleted.
3033         (WebCore::StyleResolver::canShareStyleWithControl): Deleted.
3034         (WebCore::elementHasDirectionAuto): Deleted.
3035         (WebCore::StyleResolver::sharingCandidateHasIdenticalStyleAffectingAttributes): Deleted.
3036         (WebCore::StyleResolver::canShareStyleWithElement): Deleted.
3037         (WebCore::StyleResolver::findSiblingForStyleSharing): Deleted.
3038         (WebCore::StyleResolver::locateSharedStyle): Deleted.
3039
3040             Style sharing code moves to SharingResolver.
3041
3042         * css/StyleResolver.h:
3043         (WebCore::StyleResolver::mediaQueryEvaluator):
3044         (WebCore::StyleResolver::State::regionForStyling):
3045         (WebCore::StyleResolver::State::elementLinkState):
3046         (WebCore::StyleResolver::State::setApplyPropertyToRegularStyle):
3047         (WebCore::StyleResolver::State::setApplyPropertyToVisitedLinkStyle):
3048         (WebCore::StyleResolver::state):
3049         (WebCore::StyleResolver::setTextOrientation):
3050         (WebCore::StyleResolver::State::setElementAffectedByClassRules): Deleted.
3051         (WebCore::StyleResolver::State::elementAffectedByClassRules): Deleted.
3052         (WebCore::StyleResolver::styleNotYetAvailable): Deleted.
3053
3054             Placeholder code moves to TreeResolver.
3055
3056         * dom/VisitedLinkState.cpp:
3057         (WebCore::linkAttribute):
3058         (WebCore::VisitedLinkState::invalidateStyleForAllLinks):
3059         (WebCore::linkHashForElement):
3060         (WebCore::VisitedLinkState::invalidateStyleForLink):
3061         (WebCore::VisitedLinkState::determineLinkStateSlowCase):
3062         * dom/VisitedLinkState.h:
3063         (WebCore::VisitedLinkState::determineLinkState):
3064         * html/HTMLFormControlElement.h:
3065         * rendering/RenderElement.cpp:
3066         (WebCore::RenderElement::getUncachedPseudoStyle):
3067         * rendering/RenderNamedFlowFragment.cpp:
3068         (WebCore::RenderNamedFlowFragment::computeStyleInRegion):
3069         * rendering/style/RenderStyle.cpp:
3070         (WebCore::RenderStyle::isStyleAvailable):
3071         (WebCore::RenderStyle::hasUniquePseudoStyle):
3072         * style/StyleSharingResolver.cpp: Added.
3073         (WebCore::Style::SharingResolver::SharingResolver):
3074         (WebCore::Style::parentElementPreventsSharing):
3075         (WebCore::Style::elementHasDirectionAuto):
3076         (WebCore::Style::SharingResolver::searchSimilar):
3077         (WebCore::Style::SharingResolver::findSibling):
3078         (WebCore::Style::SharingResolver::locateCousinList):
3079         (WebCore::Style::canShareStyleWithControl):
3080         (WebCore::Style::SharingResolver::canShareStyleWithElement):
3081         (WebCore::Style::SharingResolver::styleSharingCandidateMatchesRuleSet):
3082         (WebCore::Style::SharingResolver::sharingCandidateHasIdenticalStyleAffectingAttributes):
3083         (WebCore::Style::SharingResolver::classNamesAffectedByRules):
3084         * style/StyleSharingResolver.h: Added.
3085         * style/StyleTreeResolver.cpp:
3086         (WebCore::Style::ensurePlaceholderStyle):
3087         (WebCore::Style::TreeResolver::TreeResolver):
3088         (WebCore::Style::TreeResolver::styleForElement):
3089
3090             Try to use SharingResolver first.
3091             Also move placeholder style handling here, it is only relevant when resolving document style.
3092
3093         (WebCore::Style::postResolutionCallbacksAreSuspended):
3094         (WebCore::Style::isPlaceholderStyle):
3095         * style/StyleTreeResolver.h:
3096         * svg/SVGElement.cpp:
3097         (WebCore::SVGElement::customStyleForRenderer):
3098         * svg/SVGElementRareData.h:
3099         (WebCore::SVGElementRareData::overrideComputedStyle):
3100
3101 2016-02-02  Tim Horton  <timothy_horton@apple.com>
3102
3103         <attachment> icon should be a folder for the custom MIME type multipart/x-folder
3104         https://bugs.webkit.org/show_bug.cgi?id=153795
3105         <rdar://problem/24416632>
3106
3107         Reviewed by Anders Carlsson.
3108
3109         Test: fast/attachment/attachment-folder-icon.html
3110
3111         * rendering/RenderThemeMac.mm:
3112         (WebCore::iconForAttachment):
3113         (WebCore::paintAttachmentIcon):
3114         Mail uses this special MIME type to indicate that something is a folder, which there
3115         isn't a normal non-deprecated MIME type for.
3116
3117 2016-02-02  Brady Eidson  <beidson@apple.com>
3118
3119         Modern IDB: storage/indexeddb/cursor-continue-validity.html fails.
3120         https://bugs.webkit.org/show_bug.cgi?id=153791
3121
3122         Reviewed by Alex Christensen.
3123
3124         No new tests (Existing test now unskipped).
3125
3126         There was a preexisting check in the SQLite cursor for remembering the current record and
3127         refusing to refetch it.
3128         
3129         This check was causing this bug, because we needed to refetch the current record.
3130         
3131         Removing the check (and its associated flag) doesn't regress any other test, and fixes this one.
3132
3133         * Modules/indexeddb/server/SQLiteIDBCursor.cpp:
3134         (WebCore::IDBServer::SQLiteIDBCursor::resetAndRebindStatement):
3135         (WebCore::IDBServer::SQLiteIDBCursor::internalAdvanceOnce):
3136         * Modules/indexeddb/server/SQLiteIDBCursor.h:
3137
3138 2016-02-01  Dave Hyatt  <hyatt@apple.com>
3139
3140         Add a line grid pagination SPI to WebKit.
3141         https://bugs.webkit.org/show_bug.cgi?id=153757
3142         <rdar://problem/23041598>
3143
3144         Reviewed by Anders Carlsson.
3145
3146         New tests in fast/multicol/pagination.
3147
3148         * page/Page.cpp:
3149         (WebCore::Page::setPaginationLineGridEnabled):
3150         * page/Page.h:
3151         (WebCore::Page::paginationLineGridEnabled):
3152         Add a boolean to the page to turn the line grid on and off.
3153
3154         * rendering/RenderBox.cpp:
3155         (WebCore::RenderBox::styleDidChange):
3156         Propagate the body's font up to the paginated RenderView so that
3157         it can be used to establish the line grid.
3158
3159         * style/StyleResolveForDocument.cpp:
3160         (WebCore::Style::resolveForDocument):
3161         Set up a line grid with containment snapping by default if the
3162         line grid enabled flag is set.
3163
3164         * testing/Internals.cpp:
3165         (WebCore::Internals::resetToConsistentState):
3166         (WebCore::Internals::setPagination):
3167         (WebCore::Internals::setPaginationLineGridEnabled):
3168         (WebCore::Internals::configurationForViewport):
3169         * testing/Internals.h:
3170         (WebCore::Internals::setPagination):
3171         * testing/Internals.idl:
3172         Add support for testing the grid being enabled.
3173
3174 2016-02-01  Antti Koivisto  <antti@apple.com>
3175
3176         Tab suspension code shouldn't use page cache cacheability logic
3177         https://bugs.webkit.org/show_bug.cgi?id=153680
3178
3179         Reviewed by Andreas Kling.
3180
3181         Most of PageCache::canCache() is unnecessary for tab suspension.
3182
3183         Also improve robustness and introduce 1 minute delay before suspending.
3184
3185         * page/Page.cpp:
3186         (WebCore::Page::setPageActivityState):
3187         (WebCore::Page::setIsVisible):
3188         (WebCore::Page::setIsVisibleInternal):
3189         (WebCore::Page::setIsPrerender):
3190         (WebCore::Page::canTabSuspend):
3191
3192             Include visibility test here.
3193
3194             Instead of calling PageCache::canCache() just check for each frame
3195             - that the document is loaded
3196             - that active DOM objects allow suspension
3197
3198         (WebCore::Page::setIsTabSuspended):
3199         (WebCore::Page::setTabSuspensionEnabled):
3200         (WebCore::Page::updateTabSuspensionState):
3201
3202             Refactor for robustness.
3203
3204         (WebCore::Page::tabSuspensionTimerFired):
3205
3206             Call canTabSuspend, the result might have changed.
3207
3208         (WebCore::Page::scheduleTabSuspension): Deleted.
3209         * page/Page.h:
3210
3211 2016-02-02  Yusuke Suzuki  <utatane.tea@gmail.com>
3212
3213         [JSC] Introduce BytecodeIntrinsic constant rep like @undefined
3214         https://bugs.webkit.org/show_bug.cgi?id=153737
3215
3216         Reviewed by Darin Adler.
3217
3218         * Modules/fetch/FetchHeaders.js:
3219         (initializeFetchHeaders):
3220         * Modules/streams/ReadableStream.js:
3221         (initializeReadableStream):
3222         (closeDestination):
3223         (abortDestination):
3224         (pipeTo):
3225         * Modules/streams/ReadableStreamInternals.js:
3226         (privateInitializeReadableStreamController):
3227         (teeReadableStream):
3228         (isReadableStreamReader):
3229         (errorReadableStream):
3230         (finishClosingReadableStream):
3231         (enqueueInReadableStream):
3232         (readFromReadableStreamReader):
3233         * Modules/streams/ReadableStreamReader.js:
3234         (releaseLock):
3235         * Modules/streams/StreamInternals.js:
3236         (shieldingPromiseResolve):
3237         (promiseInvokeOrNoopNoCatch):
3238         (promiseInvokeOrFallbackOrNoop):
3239         (validateAndNormalizeQueuingStrategy):
3240         * Modules/streams/WritableStream.js:
3241         (initializeWritableStream):
3242         (write):
3243         * Modules/streams/WritableStreamInternals.js:
3244         (errorWritableStream):
3245
3246 2016-02-02  Brady Eidson  <beidson@apple.com>
3247
3248         Modern IDB: storage/indexeddb/dont-wedge.html sometimes ASSERTs.
3249         https://bugs.webkit.org/show_bug.cgi?id=153790
3250
3251         Reviewed by Tim Horton.
3252
3253         No new tests (Failing test now unskipped).
3254
3255         This test uncovered an unhandled race where the main thread tried to perform an OpenDB operation 
3256         multiple times while it was already in-progress on the server thread.
3257
3258         There was already a flag meant to cover this race, and it just needed to be applied to one more site.
3259         
3260         * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
3261         (WebCore::IDBServer::UniqueIDBDatabase::performCurrentOpenOperation):
3262         (WebCore::IDBServer::UniqueIDBDatabase::openBackingStore):
3263
3264 2016-02-02  Daniel Bates  <dabates@apple.com>
3265
3266         CSP: Support checking content security policy without a script execution context
3267         https://bugs.webkit.org/show_bug.cgi?id=153748
3268         <rdar://problem/24439149>
3269
3270         Reviewed by Darin Alder.
3271
3272         Towards checking a Web Worker's content security policy against a redirected worker
3273         script load or redirected XHR request for an XHR request initiated from it, we should
3274         support instantiating a ContentSecurityPolicy object without a ScriptExecutionContext.
3275
3276         No functionality was changed. So, no new tests.
3277
3278         * dom/Document.cpp:
3279         (WebCore::Document::initSecurityContext): Pass |this| as a reference instead of as a pointer.
3280         * page/csp/ContentSecurityPolicy.cpp: Remove extraneous includes ScriptState.h, TextEncoding.h,
3281         and URL.h as they are included by ContentSecurityPolicy.h, FormDataList.h and FormData.h, respectively.
3282         (WebCore::CSPSource::CSPSource): Take a constant reference to a ContentSecurityPolicy instead
3283         of a pointer since we never expected a null pointer.
3284         (WebCore::CSPSource::schemeMatches): Move logic for checking the protocol of source "self"
3285         from here to ContentSecurityPolicy::protocolMatchesSelf() because we may not have a security
3286         origin if ContentSecurityPolicy was initiated without a ScriptExecutionContext object.
3287         (WebCore::CSPSourceList::allowSelf): Added.
3288         (WebCore::CSPSourceList::CSPSourceList): Take a constant reference to a ContentSecurityPolicy
3289         instead of a pointer since we never expected a null pointer. Remove fields from member
3290         initialization list that can be initialized using C++11 in-class initialization syntax.
3291         (WebCore::CSPSourceList::matches): Call ContentSecurityPolicy::urlMatchesSelf() to match the
3292         effective URL against the URL of source "self".
3293         (WebCore::CSPSourceList::parse): Update code as necessary now that m_policy is a reference
3294         instead of a pointer.
3295         (WebCore::CSPSourceList::parseSource): Simplify code by setting internal member fields directly
3296         instead of via member functions.
3297         (WebCore::CSPSourceList::parsePath): Update code as necessary now that m_policy is a reference
3298         instead of a pointer.
3299         (WebCore::CSPDirective::CSPDirective): Take a constant reference to a ContentSecurityPolicy
3300         instead of a pointer since we never expected a null pointer.
3301         (WebCore::CSPDirective::policy): Return a reference to a const ContentSecurityPolicy.
3302         (WebCore::MediaListDirective::MediaListDirective): Take a constant reference to a ContentSecurityPolicy
3303         instead of a pointer since we never expected a null pointer.
3304         (WebCore::MediaListDirective::parse): Update code as necessary now that m_policy is a reference
3305         instead of a pointer.
3306         (WebCore::SourceListDirective::SourceListDirective): Take a constant reference to a ContentSecurityPolicy
3307         instead of a pointer since we never expected a null pointer.
3308         (WebCore::SourceListDirective::allows): Write in terms of CSPSourceList::allowSelf() because we
3309         may not have a security origin to get a URL from if ContentSecurityPolicy was initiated without
3310         a ScriptExecutionContext object.
3311         (WebCore::CSPDirectiveList::reportURIs): Change return type from Vector<URL> to Vector<String>
3312         The caller will convert the strings to URLs with respect to the script execution context.
3313         (WebCore::CSPDirectiveList::parseReportURI): Store the report URI as a string instead of a URL
3314         because we may not have a security origin to compute the absolute URL if ContentSecurityPolicy
3315         was initiated without a ScriptExecutionContext object.
3316         (WebCore::CSPDirectiveList::CSPDirectiveList): Take a reference to a ContentSecurityPolicy
3317         instead of a pointer since we never expected a null pointer. It would be better to take a const
3318         reference to a ContentSecurityPolicy, but ContentSecurityPolicy::applySandboxPolicy() needs to set
3319         state on ContentSecurityPolicy :(
3320         (WebCore::CSPDirectiveList::create): Ditto.
3321         (WebCore::CSPDirectiveList::reportViolation): Update code as necessary now that m_policy is a reference
3322         instead of a pointer.
3323         (WebCore::CSPDirectiveList::checkEvalAndReportViolation): Ditto.
3324         (WebCore::CSPDirectiveList::checkInlineAndReportViolation): Ditto.
3325         (WebCore::CSPDirectiveList::parseDirective): Ditto.
3326         (WebCore::CSPDirectiveList::parseReportURI): Store the report URI as a string instead of a URL
3327         because we may not have a security origin to compute the absolute URL if ContentSecurityPolicy
3328         was initiated without a ScriptExecutionContext object.
3329         (WebCore::CSPDirectiveList::setCSPDirective): Update code as necessary now that m_policy is a reference
3330         instead of a pointer.
3331         (WebCore::CSPDirectiveList::applySandboxPolicy): Ditto.
3332         (WebCore::CSPDirectiveList::parseReflectedXSS): Ditto.
3333         (WebCore::CSPDirectiveList::addDirective): Ditto.
3334         (WebCore::ContentSecurityPolicy::ContentSecurityPolicy): Modified to take the ScriptExecutionObject
3335         as a reference and compute the CSPSource object for "self" and cache the protocol for "self". Removed
3336         field m_overrideInlineStyleAllowed from the member initialization list and used C++11 in-class
3337         initialization syntax to initialize it. Added overloaded constructor that takes a SecurityOrigin object.
3338         We are not making use of this overloaded constructor at this time. We will in a subsequent patch.
3339         (WebCore::ContentSecurityPolicy::didReceiveHeader): Store the eval disabled error message for
3340         the last parsed policy in a member field instead of using it as part of disabling eval execution
3341         on the script execution context because we may not have such a context.
3342         (WebCore::ContentSecurityPolicy::applyPolicyToScriptExecutionContext): Applies the content security
3343         policy eval and sandbox restrictions to the script execution context.
3344         (WebCore::ContentSecurityPolicy::urlMatchesSelf): Match the specified URL against the URL for
3345         source "self".
3346         (WebCore::ContentSecurityPolicy::protocolMatchesSelf): Match the protocol of the specified URL
3347         against the protocol for source "self".
3348         (WebCore::ContentSecurityPolicy::gatherReportURIs): Modified to use the script execution context
3349         to compute the absolute URL for each report URI.
3350         (WebCore::ContentSecurityPolicy::reportViolation): Bail out if we do not have a script execution
3351         context.
3352         (WebCore::ContentSecurityPolicy::logToConsole): Only log to the console if we have a script
3353         execution context.
3354         (WebCore::ContentSecurityPolicy::reportBlockedScriptExecutionToInspector): Only report blocked
3355         script execution to the Web Inspector if we have a script execution context.
3356         (WebCore::CSPSourceList::addSourceSelf): Deleted.
3357         (WebCore::CSPSourceList::addSourceStar): Deleted.
3358         (WebCore::CSPSourceList::addSourceUnsafeInline): Deleted.
3359         (WebCore::CSPSourceList::addSourceUnsafeEval): Deleted.
3360         (WebCore::CSPDirectiveList::gatherReportURIs): Deleted.
3361         (WebCore::ContentSecurityPolicy::securityOrigin): Deleted.
3362         (WebCore::ContentSecurityPolicy::url): Deleted.
3363         (WebCore::ContentSecurityPolicy::completeURL): Deleted.
3364         (WebCore::ContentSecurityPolicy::enforceSandboxFlags): Deleted.
3365         * page/csp/ContentSecurityPolicy.h:
3366         (WebCore::ContentSecurityPolicy::enforceSandboxFlags): Accumulates the parsed sandbox flags. We
3367         will apply the sandbox flags in ContentSecurityPolicy::applyPolicyToScriptExecutionContext().
3368         * workers/WorkerGlobalScope.cpp:
3369         (WebCore::WorkerGlobalScope::WorkerGlobalScope): Instantiate ContentSecurityPolicy.
3370         (WebCore::WorkerGlobalScope::applyContentSecurityPolicyResponseHeaders): Move instantiation of
3371         ContentSecurityPolicy from here to constructor.
3372
3373 2016-02-02  Eric Carlson  <eric.carlson@apple.com>
3374
3375         Allow ports to disable automatic text track selection
3376         https://bugs.webkit.org/show_bug.cgi?id=153761
3377         <rdar://problem/24416768>
3378
3379         Reviewed by Darin Adler.
3380
3381         Test: media/track/track-manual-mode.html
3382
3383         * Modules/mediacontrols/MediaControlsHost.cpp:
3384         (WebCore::MediaControlsHost::manualKeyword): New.
3385         (WebCore::MediaControlsHost::captionDisplayMode): Support 'manual' mode.
3386         * Modules/mediacontrols/MediaControlsHost.h:
3387
3388         * Modules/mediacontrols/mediaControlsApple.js:
3389         (Controller.prototype.buildCaptionMenu): Check the 'off' item when in manual mode.
3390
3391         * html/HTMLMediaElement.cpp:
3392         (WebCore::HTMLMediaElement::addTextTrack): Update m_captionDisplayMode when called for the first
3393           time so it is always correct. Set the track's manual selection mode as appropriate.
3394         (WebCore::HTMLMediaElement::captionPreferencesChanged): Set each track's manual selection 
3395           mode as appropriate.
3396
3397         * html/track/TextTrack.cpp:
3398         (WebCore::TextTrack::kind): Return 'subtitles' for forced tracks when in manual mode.
3399         * html/track/TextTrack.h:
3400
3401         * html/track/TrackBase.h:
3402         (WebCore::TrackBase::kind): Make virtual.
3403
3404         * page/CaptionUserPreferences.cpp:
3405         (WebCore::CaptionUserPreferences::beginBlockingNotifications): New.
3406         (WebCore::CaptionUserPreferences::endBlockingNotifications): Ditto.
3407         (WebCore::CaptionUserPreferences::notify): Don't notify when blocked.
3408         * page/CaptionUserPreferences.h:
3409
3410         * page/CaptionUserPreferencesMediaAF.cpp:
3411         (WebCore::CaptionUserPreferencesMediaAF::CaptionUserPreferencesMediaAF): Set manual mode 
3412           when appropriate.
3413         (WebCore::CaptionUserPreferencesMediaAF::captionDisplayMode): Check manual mode.
3414         (WebCore::CaptionUserPreferencesMediaAF::setCaptionDisplayMode): Ditto.
3415         (WebCore::CaptionUserPreferencesMediaAF::setPreferredLanguage): Ditto.
3416         (WebCore::CaptionUserPreferencesMediaAF::textTrackSelectionScore): Return zero when in manual mode.
3417         (WebCore::CaptionUserPreferencesMediaAF::sortedTrackListForMenu): Consider manual mode. Fix
3418           typos in logging.
3419
3420         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
3421         (WebCore::mediaDescriptionForKind): Return 'auxiliary' when in manual mode.
3422
3423         * testing/Internals.cpp:
3424         (WebCore::Internals::setCaptionDisplayMode): Support manual mode.
3425
3426 2016-02-02  Adrien Plazas  <aplazas@igalia.com>
3427
3428         REGRESSION(r195899): ASSERTION FAILED: is<Target>(source) in EventPath::retargetTouch() since r195899
3429         https://bugs.webkit.org/show_bug.cgi?id=153741
3430
3431         Reviewed by Ryosuke Niwa.
3432
3433         * dom/EventDispatcher.cpp:
3434         (WebCore::EventPath::retargetTouch):
3435
3436 2016-02-01  Joseph Pecoraro  <pecoraro@apple.com>
3437
3438         Web Inspector: High Level Memory Overview Instrument
3439         https://bugs.webkit.org/show_bug.cgi?id=153516
3440         <rdar://problem/24356378>
3441
3442         Reviewed by Brian Burg.
3443
3444         Add a new agent that gathers data from the ResourceUsageThread
3445         and sends to the frontend.
3446
3447         Test: inspector/memory/tracking.html
3448
3449         * CMakeLists.txt:
3450         * Configurations/FeatureDefines.xcconfig:
3451         * WebCore.xcodeproj/project.pbxproj:
3452         New files.
3453
3454         * inspector/InspectorController.cpp:
3455         (WebCore::InspectorController::InspectorController):
3456         Add the new agent.
3457
3458         * inspector/InspectorMemoryAgent.h: Added.
3459         * inspector/InspectorMemoryAgent.cpp: Added.
3460         (WebCore::InspectorMemoryAgent::InspectorMemoryAgent):
3461         (WebCore::InspectorMemoryAgent::didCreateFrontendAndBackend):
3462         (WebCore::InspectorMemoryAgent::willDestroyFrontendAndBackend):
3463         (WebCore::InspectorMemoryAgent::startTracking):
3464         (WebCore::InspectorMemoryAgent::stopTracking):
3465         (WebCore::InspectorMemoryAgent::collectSample):
3466         Implement the agent by adding / removing it as a ResourceUsage
3467         observer. When receiving the data forward it to the frontend.
3468
3469 2016-02-01  Alex Christensen  <achristensen@webkit.org>
3470
3471         Fix CMake build.
3472
3473         * PlatformMac.cmake:
3474
3475 2016-02-01  Brady Eidson  <beidson@apple.com>
3476
3477         Modern IDB: Cursors (still) do not keep their opening request alive.
3478         https://bugs.webkit.org/show_bug.cgi?id=153724
3479
3480         Reviewed by Alex Christensen.
3481
3482         No new tests (All existing tests pass without flakiness).
3483
3484         IDBCursors did not properly keep their JS wrappers alive.
3485         Making them ActiveDOMObjects that keep track of how many requests might be in flight fixes this.
3486         This also makes them actually keep their opening-request live via the opaque-root mechanism.
3487         
3488         IDBCursorWithValue also needed to opt in to all of these mechanisms.
3489
3490         * CMakeLists.txt:
3491         * WebCore.xcodeproj/project.pbxproj:
3492
3493         * Modules/indexeddb/IDBCursor.h:
3494         (WebCore::IDBCursor::hasPendingActivity): The base IDBCursor always has no pending activity,
3495           to maintain current behavior in LegacyIDB. This weirdness will go away when LegacyIDB does.
3496         * Modules/indexeddb/IDBCursor.idl:
3497         * Modules/indexeddb/IDBCursorWithValue.idl:
3498
3499         Track a count for all outstanding requests to keep the cursor alive as an ActiveDOMObject.
3500         * Modules/indexeddb/client/IDBCursorImpl.cpp:
3501         (WebCore::IDBClient::IDBCursor::IDBCursor):
3502         (WebCore::IDBClient::IDBCursor::update):
3503         (WebCore::IDBClient::IDBCursor::uncheckedIterateCursor):
3504         (WebCore::IDBClient::IDBCursor::deleteFunction):
3505         (WebCore::IDBClient::IDBCursor::activeDOMObjectName):
3506         (WebCore::IDBClient::IDBCursor::canSuspendForDocumentSuspension):
3507         (WebCore::IDBClient::IDBCursor::hasPendingActivity):
3508         (WebCore::IDBClient::IDBCursor::decrementOutstandingRequestCount):
3509         * Modules/indexeddb/client/IDBCursorImpl.h:
3510         
3511         Rework the "delete" family of functions on the object store to allow for returning a modern IDBRequest.
3512         A lot of this can go away when LegacyIDB does.
3513         * Modules/indexeddb/client/IDBObjectStoreImpl.cpp:
3514         (WebCore::IDBClient::IDBObjectStore::deleteFunction):
3515         (WebCore::IDBClient::IDBObjectStore::doDelete):
3516         (WebCore::IDBClient::IDBObjectStore::modernDelete):
3517         * Modules/indexeddb/client/IDBObjectStoreImpl.h:
3518         
3519         * Modules/indexeddb/client/IDBRequestImpl.cpp:
3520         (WebCore::IDBClient::IDBRequest::setSource): Setup a ScopeGuard to decrement the cursor's request
3521           count whenever it makes sense to do so.
3522         (WebCore::IDBClient::IDBRequest::dispatchEvent): Clear the ScopeGuard (if it exists) to decrement the count.
3523         (WebCore::IDBClient::IDBRequest::willIterateCursor): Set the ScopeGuard.
3524         (WebCore::IDBClient::IDBRequest::didOpenOrIterateCursor): Clear the ScopeGuard (if it exists) to decrement the count.
3525         * Modules/indexeddb/client/IDBRequestImpl.h:
3526         
3527         * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
3528         (WebCore::IDBServer::ScopeGuard::ScopeGuard): Deleted.
3529         (WebCore::IDBServer::ScopeGuard::~ScopeGuard): Deleted.
3530         (WebCore::IDBServer::ScopeGuard::enable): Deleted.
3531         (WebCore::IDBServer::ScopeGuard::disable): Deleted.
3532         
3533         * bindings/js/JSIDBCursorWithValueCustom.cpp: Added.
3534         (WebCore::JSIDBCursorWithValue::visitAdditionalChildren):
3535         
3536         * platform/ScopeGuard.h: Added.
3537         (WebCore::ScopeGuard::ScopeGuard):
3538         (WebCore::ScopeGuard::~ScopeGuard):
3539         (WebCore::ScopeGuard::enable):
3540         (WebCore::ScopeGuard::disable):
3541
3542 2016-02-01  Sun-woo Nam  <sunny.nam@samsung.com>
3543
3544         Free Colormap when XWindow is destroyed.
3545         https://bugs.webkit.org/show_bug.cgi?id=153413
3546
3547         Reviewed by Žan Doberšek.
3548
3549         Colormap is needed to create XWindow and it should be freed when XWindow is destroyed.
3550         Unless Colormap is freed before destroying XWindow, memory leak is suspected.
3551         XFreeColormap therefore is needed on X11Helper.
3552
3553         * platform/graphics/surfaces/glx/X11Helper.cpp: Added XFreeColormap.
3554         (WebCore::X11Helper::destroyWindow):
3555
3556 2016-02-01  Tim Horton  <timothy_horton@apple.com>
3557
3558         Move some SPI declarations into the appropriate SPI header
3559         https://bugs.webkit.org/show_bug.cgi?id=153755
3560
3561         Reviewed by Darin Adler.
3562
3563         * platform/graphics/cocoa/IOSurface.mm:
3564         * platform/spi/cg/CoreGraphicsSPI.h:
3565
3566 2016-02-01  Tim Horton  <timothy_horton@apple.com>
3567
3568         Snapshot surfaces are forever wired after being compressed
3569         https://bugs.webkit.org/show_bug.cgi?id=153751
3570         <rdar://problem/24354546>
3571
3572         Reviewed by Darin Adler.
3573
3574         * platform/graphics/cocoa/IOSurface.mm:
3575         (IOSurface::convertToFormat):
3576         Allow IOSurfaceAccelerator to unwire surfaces after they're transformed.
3577
3578 2016-02-01  Dan Bernstein  <mitz@apple.com>
3579
3580         <rdar://problem/20150072> [iOS] Remove some file upload code only needed before iOS 9
3581         https://bugs.webkit.org/show_bug.cgi?id=153754
3582
3583         Reviewed by Darin Adler.
3584
3585         * English.lproj/Localizable.strings: Updated for removal of WebKit2 string.
3586
3587 2016-02-01  Said Abou-Hallawa  <sabouhallawa@apple.com>
3588
3589         Cache the Path instead of creating it every time it is required
3590         https://bugs.webkit.org/show_bug.cgi?id=152939
3591
3592         Reviewed by Darin Adler.
3593
3594         Instead of creating the Path object every time it is required, we should 
3595         cache it in an LRU cache. TinyLRUCache returns a reference to the cached
3596         entry so we do not have to pay the cost of copying it either.
3597
3598         * platform/graphics/FloatRoundedRect.h:
3599         (WebCore::operator!=):
3600         Implement the inequality operator for FloatRoundedRect since it is
3601         called by TinyLRUCache.
3602         
3603         * rendering/ClipPathOperation.h:
3604         Return a reference to the path in the cache since instead of creating a
3605         new copy.
3606         
3607         * rendering/style/BasicShapes.cpp:
3608         (WebCore::SVGPathTranslatedByteStream::SVGPathTranslatedByteStream):
3609         (WebCore::SVGPathTranslatedByteStream::operator==):
3610         (WebCore::SVGPathTranslatedByteStream::operator!=):
3611         (WebCore::SVGPathTranslatedByteStream::isEmpty):
3612         (WebCore::SVGPathTranslatedByteStream::path):
3613         This struct holds an offset and an SVGPathByteStream. It is the key of 
3614         the LRU cache for the the translated SVGPathByteStream.
3615         
3616         (WebCore::EllipsePathPolicy::isKeyNull):
3617         (WebCore::EllipsePathPolicy::createValueForKey):
3618         (WebCore::RoundedRectPathPolicy::isKeyNull):
3619         (WebCore::RoundedRectPathPolicy::createValueForKey):
3620         (WebCore::PolygonPathPolicy::isKeyNull):
3621         (WebCore::PolygonPathPolicy::createValueForKey):
3622         (WebCore::TranslatedByteStreamPathPolicy::isKeyNull):
3623         (WebCore::TranslatedByteStreamPathPolicy::createValueForKey):
3624         Inherit from the LRU cache policy template, so have a specific name for
3625         the desired path contents and pass this class explicitly to the LRU cache
3626         template.
3627         
3628         (WebCore::cachedEllipsePath):
3629         (WebCore::cachedRoundedRectPath):
3630         (WebCore::cachedPolygonPath):
3631         (WebCore::cachedTranslatedByteStreamPath):
3632         Return a cached path object for specific path contents.
3633         
3634         (WebCore::BasicShapeCircle::path):
3635         (WebCore::BasicShapeEllipse::path):
3636         (WebCore::BasicShapePolygon::path):
3637         (WebCore::BasicShapePath::path):
3638         (WebCore::BasicShapeInset::path):
3639         Get the Path object from the cache; create a new one if it does not exist.
3640         
3641         * rendering/style/BasicShapes.h:
3642         Change the prototype of the path() function to return a reference to the
3643         path in the cache instead of a having to copying it.
3644         
3645         * svg/SVGPathByteStream.h:
3646         (WebCore::SVGPathByteStream::operator!=):
3647         Implement the inequality operator for SVGPathByteStream because it is
3648         called by TinyLRUCache.
3649
3650 2016-02-01  Chris Dumez  <cdumez@apple.com>
3651
3652         Move properties that use custom bindings to the prototype
3653         https://bugs.webkit.org/show_bug.cgi?id=153735
3654
3655         Reviewed by Darin Adler.
3656
3657         Move properties that use custom bindings to the prototype. Whether a
3658         property's bindings code is generated or custom-written should not
3659         impact where the property is located.
3660
3661         No new tests, already covered by existing tests.
3662
3663         * bindings/js/JSHTMLDocumentCustom.cpp:
3664         (WebCore::JSHTMLDocument::getOwnPropertySlot):
3665         Add null-check for staticPropHashTable. HTMLDocument no longer has
3666         any property on the instance so staticPropHashTable is now null.
3667
3668         * bindings/scripts/CodeGeneratorJS.pm:
3669
3670 2016-02-01  Jer Noble  <jer.noble@apple.com>
3671
3672         REGRESSION(r195770): Use-after-free in ResourceLoaderOptions::cachingPolicy
3673         https://bugs.webkit.org/show_bug.cgi?id=153727
3674         <rdar://problem/24429886>
3675
3676         Reviewed by Chris Dumez.
3677
3678         The `this` object may be freed after calling deleteIfPossible(). Make the early-return-if-
3679         deleted more explicit, and only check allowsCaching() after the deleteIfPossible() return
3680         value check.
3681
3682         * loader/cache/CachedResource.cpp:
3683         (WebCore::CachedResource::removeClient):
3684
3685 2016-02-01  Dan Bernstein  <mitz@apple.com>
3686
3687         Tried to fix a build after r195899.
3688
3689         * dom/EventContext.h: Enabled TouchEventContext type trait specialization on iOS.
3690
3691 2016-02-01  Youenn Fablet  <youenn.fablet@crf.canon.fr>
3692
3693         [Fetch API] Implement Fetch API Request
3694         https://bugs.webkit.org/show_bug.cgi?id=153437
3695
3696         Added support for Fetch Request and Body.
3697         Body is sharing functionality between Request and Response.
3698         Conversion between various body types are not implemented yet.
3699
3700         Added a FetchOptions class. Options in this class are partially redundant with ResourceLoaderOptions.
3701
3702         Fixing bug in Headers constructor.
3703         Making error reporting in case of modifying headers compliant with the spec.
3704
3705         Reviewed by Darin Adler.
3706
3707         Tests: imported/w3c/web-platform-tests/fetch/api/request/request-clone.sub.html
3708                imported/w3c/web-platform-tests/fetch/api/request/request-consume.html
3709                imported/w3c/web-platform-tests/fetch/api/request/request-disturbed.html
3710                imported/w3c/web-platform-tests/fetch/api/request/request-error.html
3711                imported/w3c/web-platform-tests/fetch/api/request/request-headers.html
3712                imported/w3c/web-platform-tests/fetch/api/request/request-idl.html
3713                imported/w3c/web-platform-tests/fetch/api/request/request-init-001.sub.html
3714                imported/w3c/web-platform-tests/fetch/api/request/request-init-002.html
3715                imported/w3c/web-platform-tests/fetch/api/request/request-init-003.sub.html
3716                imported/w3c/web-platform-tests/fetch/api/request/request-structure.html
3717
3718         * CMakeLists.txt:
3719         * DerivedSources.cpp:
3720         * DerivedSources.make:
3721         * Modules/fetch/FetchBody.cpp: Added.
3722         (WebCore::FetchBody::initBody):
3723         (WebCore::FetchBody::clear):
3724         (WebCore::FetchBody::processIfEmptyOrDisturbed):
3725         (WebCore::FetchBody::arrayBuffer):
3726         (WebCore::FetchBody::formData):
3727         (WebCore::FetchBody::blob):
3728         (WebCore::FetchBody::text):
3729         (WebCore::FetchBody::json):
3730         * Modules/fetch/FetchBody.h: Added.
3731         (WebCore::FetchBody::~FetchBody):
3732         (WebCore::FetchBody::isEmpty):
3733         (WebCore::FetchBody::isDisturbed):
3734         (WebCore::FetchBody::setDisturbed):
3735         (WebCore::FetchBody::setMimeType):
3736         (WebCore::FetchBody::mimeType):
3737         * Modules/fetch/FetchBody.idl: Added.
3738         * Modules/fetch/FetchHeaders.cpp:
3739         (WebCore::canWriteHeader):
3740         (WebCore::FetchHeaders::append):
3741         (WebCore::FetchHeaders::remove):
3742         (WebCore::FetchHeaders::set):
3743         (WebCore::FetchHeaders::fill): Helper routine implementing https://fetch.spec.whatwg.org/#concept-headers-fill
3744         * Modules/fetch/FetchHeaders.h: Adding header getter/setter for FetchRequest.
3745         (WebCore::FetchHeaders::fastGet):
3746         (WebCore::FetchHeaders::fastSet):
3747         * Modules/fetch/FetchHeaders.js: Fixing bug in constructor (covered by modified headers-basc.html test).
3748         (initializeFetchHeaders):
3749         * Modules/fetch/FetchOptions.h: Added.
3750         (WebCore::FetchOptions::FetchOptions):
3751         (WebCore::FetchOptions::type):
3752         (WebCore::FetchOptions::destination):
3753         (WebCore::FetchOptions::mode):
3754         (WebCore::FetchOptions::credentials):
3755         (WebCore::FetchOptions::cache):
3756         (WebCore::FetchOptions::redirect):
3757         (WebCore::FetchOptions::referrerPolicy):
3758         (WebCore::FetchOptions::setType):
3759         (WebCore::FetchOptions::setDestination):
3760         (WebCore::FetchOptions::setMode):
3761         (WebCore::FetchOptions::setCredentials):
3762         (WebCore::FetchOptions::setCache):
3763         (WebCore::FetchOptions::setRedirect):
3764         (WebCore::FetchOptions::setReferrerPolicy):
3765         * Modules/fetch/FetchRequest.cpp: Added.
3766         (WebCore::FetchRequest::create):
3767         (WebCore::FetchRequest::FetchRequest):
3768         (WebCore::FetchRequest::init):
3769         (WebCore::FetchRequest::setReferrer):
3770         (WebCore::FetchRequest::setReferrerPolicy):
3771         (WebCore::FetchRequest::setMode):
3772         (WebCore::FetchRequest::setCredentials):
3773         (WebCore::FetchRequest::setCache):
3774         (WebCore::FetchRequest::setRedirect):
3775         (WebCore::FetchRequest::type):
3776         (WebCore::FetchRequest::destination):
3777         (WebCore::FetchRequest::referrerPolicy):
3778         (WebCore::FetchRequest::referrer):
3779         (WebCore::FetchRequest::mode):
3780         (WebCore::FetchRequest::credentials):
3781         (WebCore::FetchRequest::cache):
3782         (WebCore::FetchRequest::redirect):
3783         (WebCore::FetchRequest::setMethod):
3784         (WebCore::FetchRequest::clone):
3785         * Modules/fetch/FetchRequest.h: Added.
3786         (WebCore::FetchRequest::method):
3787         (WebCore::FetchRequest::url):
3788         (WebCore::FetchRequest::integrity):
3789         (WebCore::FetchRequest::headers):
3790         * Modules/fetch/FetchRequest.idl: Added.
3791         * WebCore.xcodeproj/project.pbxproj:
3792         * bindings/js/Dictionary.h:
3793         (WebCore::Dictionary::execState):
3794         * bindings/js/JSDictionary.cpp:
3795         (WebCore::JSDictionary::convertValue):
3796         * bindings/js/JSDictionary.h:
3797         (WebCore::JSDictionary::get):
3798
3799 2016-01-31  Jeremy Jones  <jeremyj@apple.com>
3800
3801         Add resize event for HTMLMediaElement
3802         https://bugs.webkit.org/show_bug.cgi?id=125715
3803
3804         Reviewed by Darin Adler.
3805
3806         Tests: http/tests/media/hls/hls-video-resize.html
3807                media/video-resize.html
3808
3809         Move resize javascript event from DOMWindow.idl to GlobalEventHandlers.idl
3810         per https://html.spec.whatwg.org/multipage/webappapis.html#globaleventhandlers
3811
3812         Post resize event from video element when metadata loads and when content size changes.
3813
3814         * dom/GlobalEventHandlers.idl: Add onresize.
3815         * html/HTMLElement.cpp:
3816         (WebCore::HTMLElement::createEventHandlerNameMap): Add onresizeAttr.
3817         * html/HTMLMediaElement.cpp:
3818         (WebCore::HTMLMediaElement::setReadyState):
3819         (WebCore::HTMLMediaElement::mediaPlayerSizeChanged):
3820         * html/HTMLMediaElement.h:
3821         (WebCore::HTMLMediaElement::scheduleResizeEvent):
3822         (WebCore::HTMLMediaElement::scheduleResizeEventIfSizeChanged):
3823         * html/HTMLVideoElement.cpp:
3824         (WebCore::HTMLVideoElement::scheduleResizeEvent): Sechedule event.
3825         (WebCore::HTMLVideoElement::scheduleResizeEventIfSizeChanged): Schedule event if size has changed.
3826         * html/HTMLVideoElement.h: Add declarations.
3827         * page/DOMWindow.idl: Remove onresize.
3828
3829 2016-01-31  Darin Adler  <darin@apple.com>
3830
3831         Revert accidental behavior change from previous patch.
3832
3833         * platform/URL.cpp:
3834         (WebCore::mimeTypeFromDataURL): Restore behavior where an empty MIME type would
3835         be turned into "text/plain".
3836
3837 2016-01-31  Darin Adler  <darin@apple.com>
3838
3839         Cut down on calls to String::lower; mostly replace with convertToASCIILowercase
3840         https://bugs.webkit.org/show_bug.cgi?id=153732
3841
3842         Reviewed by Dean Jackson.
3843
3844         * Modules/mediasource/MediaSource.cpp:
3845         (WebCore::MediaSource::isTypeSupported): Added comment about mysterious call
3846         to lower(); should probably return here and remove it.
3847
3848         * Modules/navigatorcontentutils/NavigatorContentUtils.cpp:
3849         (WebCore::initProtocolHandlerWhitelist): Deleted. Moved into isProtocolWhitelisted.
3850         (WebCore::isProtocolWhitelisted): Changed set to be ASCIICaseInsensitiveHash and
3851         initialized it using a lambda instead of a separate function.
3852         (WebCore::verifyProtocolHandlerScheme): Added a FIXME about some case sensitive
3853         checking of the protocol prefix here.
3854
3855         * Modules/plugins/QuickTimePluginReplacement.mm:
3856         (WebCore::QuickTimePluginReplacement::supportsMimeType): Changed set to be
3857         ASCIICaseInsensitiveHash and initialized it using a lambda instead of using
3858         an explict check for empty.
3859         (WebCore::QuickTimePluginReplacement::supportsFileExtension): Ditto.
3860
3861         * Modules/plugins/YouTubePluginReplacement.cpp:
3862         (WebCore::queryKeysAndValues): Use convertToASCIILowercase. The keys here are
3863         going to be all ASCII.
3864         (WebCore::isYouTubeURL): Use equalLettersIgnoringASCIICase instead of lowercasing
3865         the string.
3866         (WebCore::processAndCreateYouTubeURL): Use url.protocolIsInHTTPFamily instead of
3867         listing "http" and then "https" explicitly. Use equalLettersIgnoringASCIICase
3868         instead of lowercasing a string.
3869         (WebCore::YouTubePluginReplacement::youTubeURL): Ditto.
3870
3871         * Modules/websockets/WebSocketHandshake.cpp:
3872         (WebCore::hostName): Use convertToASCIILowercase on host name.
3873         (WebCore::WebSocketHandshake::host): Ditto.
3874
3875         * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
3876         (webkitAccessibleGetAttributes): Call convertToASCIILowercase instead of lower
3877         to lowercase an element's tag name. This is a strange way to do things; typically
3878         would be better to use some other function on Element, since tagName goes out of
3879         its way to be capitalized, but some ATK expert can improve this later.
3880
3881         * css/CSSGrammar.y.in: Use the new convertToASCIILowercaseInPlace function rather
3882         than the old lower function. We only need to lowercase the ASCII letters, and it's
3883         also better to have the function have a clearer name.
3884
3885         * css/CSSParser.cpp:
3886         (WebCore::convertToASCIILowercaseInPlace): Renamed from makeLower and made it deal
3887         with only ASCII lowercasing.
3888         (WebCore::CSSParserString::convertToASCIILowercaseInPlace): Renamed from lower.
3889         (WebCore::isUniversalKeyword): Added. Helper for the function below that uses
3890         equalLettersIgnoringASCIICase rather than lowercasing the string.
3891         (WebCore::parseKeywordValue): Use isUniversalKeyword. Also clarified a comment.
3892         (WebCore::CSSParser::parseAttr): Use convertToASCIILowercaseInPlace and delay
3893         String creation until later in the function, using CSSParserString operations more.
3894
3895         * css/CSSParserValues.cpp:
3896         (WebCore::CSSParserSelector::parsePseudoElementSelector): Use
3897         convertToASCIILowercaseInPlace by its new name, with its new behavior.
3898
3899         * css/CSSParserValues.h: Tweaked comment and formatting a bit. Replaced the lower
3900         function with the convertToASCIILowercaseInPlace function.
3901
3902         * css/CSSSelector.cpp:
3903         (WebCore::CSSSelector::RareData::parseNth): Rewrote this to avoid the need to
3904         make a lowercased copy of m_argument. Use equalLettersIgnoringASCIICase, and two
3905         calls to find. Also use String::toIntStrict so we don't have to create String
3906         objects for substrings.
3907
3908         * css/MediaQuery.cpp:
3909         (WebCore::MediaQuery::MediaQuery): Use convertToASCIILowercase for media type name.
3910         * css/MediaQueryExp.cpp:
3911         (WebCore::MediaQueryExp::serialize): Use convertToASCIILowercase for media feature name.
3912
3913         * dom/Document.cpp:
3914         (WebCore::isSeparator): Tweaked formatting and removed non-helpful comment.
3915         (WebCore::processArguments): Changed this from a static member function to a non-member
3916         file internal function. Use a std::function instead of a function pointer with a void*
3917         pointer. Rewrote algorithm to simplify it and use StringView instead of String for the
3918         keys and values.
3919         (WebCore::Document::processViewport): Use a lambda instead of a function pointer to
3920         call setViewportFeature, so that function's interface is no longer dictated by
3921         the exact type of the function pointer argument to processArguments.
3922         (WebCore::Document::processFormatDetection): Use a lambda instead of the
3923         setParserFeature function above; use equalLettersIgnoringASCIICase for both the
3924         key and the value, since processArguments no longer lowercases the string.