Rebaselining bindings tests
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2016-02-10  Ryan Haddad  <ryanhaddad@apple.com>
2
3         Rebaselining bindings tests
4
5         Unreviewed test gardening.
6
7         No new tests needed.
8
9         * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
10         * bindings/scripts/test/JS/JSTestCallback.cpp:
11         * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
12         * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp:
13         * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
14         * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
15         * bindings/scripts/test/JS/JSTestEventTarget.cpp:
16         * bindings/scripts/test/JS/JSTestException.cpp:
17         * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
18         * bindings/scripts/test/JS/JSTestInterface.cpp:
19         * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
20         * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
21         * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
22         * bindings/scripts/test/JS/JSTestNondeterministic.cpp:
23         * bindings/scripts/test/JS/JSTestObj.cpp:
24         * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
25         * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
26         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
27         * bindings/scripts/test/JS/JSTestTypedefs.cpp:
28         * bindings/scripts/test/JS/JSattribute.cpp:
29         * bindings/scripts/test/JS/JSreadonly.cpp:
30
31 2016-02-10  Konstantin Tokarev  <annulen@yandex.ru>
32
33         [cmake] Consolidate CMake code related to image decoders.
34         https://bugs.webkit.org/show_bug.cgi?id=154074
35
36         Reviewed by Alex Christensen.
37
38         Common image decoder sources, includes and libs are moved to
39         platform/ImageDecoders.cmake.
40
41         Also, added include directories of libjpeg and libpng to
42         WebCore_SYSTEM_INCLUDE_DIRECTORIES.
43
44         No new tests needed.
45
46         * CMakeLists.txt: Moved common include paths to ImageDecoders.cmake.
47         * PlatformEfl.cmake: Moved common sources and libs to ImageDecoders.cmake.
48         * PlatformGTK.cmake: Ditto.
49         * PlatformWinCairo.cmake: Moved common sources to ImageDecoders.cmake.
50         * platform/ImageDecoders.cmake: Added.
51
52 2016-02-10  Myles C. Maxfield  <mmaxfield@apple.com>
53
54         CSSSegmentedFontFace does not need to be reference counted
55         https://bugs.webkit.org/show_bug.cgi?id=154083
56
57         Reviewed by Antti Koivisto.
58
59         ...There is only ever a single reference to one.
60
61         No new tests because there is no behavior change.
62
63         * css/CSSFontSelector.cpp:
64         (WebCore::CSSFontSelector::getFontFace):
65         * css/CSSFontSelector.h:
66         * css/CSSSegmentedFontFace.h:
67         (WebCore::CSSSegmentedFontFace::create): Deleted.
68
69 2016-02-10  Myles C. Maxfield  <mmaxfield@apple.com>
70
71         FontCache's clients should use references instead of pointers
72         https://bugs.webkit.org/show_bug.cgi?id=154085
73
74         Reviewed by Antti Koivisto.
75
76         They are never null.
77
78         No new tests because there is no behavior change.
79
80         * css/CSSFontSelector.cpp:
81         (WebCore::CSSFontSelector::CSSFontSelector):
82         (WebCore::CSSFontSelector::~CSSFontSelector):
83         * platform/graphics/FontCache.cpp:
84         (WebCore::FontCache::addClient):
85         (WebCore::FontCache::removeClient):
86         * platform/graphics/FontCache.h:
87
88 2016-02-10  Chris Dumez  <cdumez@apple.com>
89
90         [Web IDL] interface objects should be Function objects
91         https://bugs.webkit.org/show_bug.cgi?id=154038
92         <rdar://problem/24569358>
93
94         Reviewed by Geoffrey Garen.
95
96         interface objects should be Function objects as per Web IDL:
97         - http://heycam.github.io/webidl/#interface-object
98         - http://heycam.github.io/webidl/#es-interfaces
99
100         So window.Event should be a Function object for e.g. but in WebKit it
101         is a regular EventConstructor JSObject.
102         Firefox and Chrome match the specification.
103
104         Test: js/interface-objects.html
105
106         * bindings/js/JSDOMBinding.cpp:
107         (WebCore::callThrowTypeError):
108         (WebCore::DOMConstructorObject::getCallData):
109         When calling the interface object as a function, we throw a TypeError
110         with a message asking to use the 'new' operator to match the behavior
111         of Firefox and Chrome.
112
113         * bindings/js/JSDOMBinding.h:
114         Add JSC::TypeOfShouldCallGetCallData structure flag and implement
115         getCallData() so that typeof returns "function", as per the
116         specification and the behavior of other browsers.
117
118         (WebCore::DOMConstructorObject::className):
119         Implement className() and return "Function" to match the specification and
120         other browsers. Otherwise, it would fall back to using ClassInfo::className
121         which os the function name and interface name (e.g. "Event").
122
123         * bindings/js/JSDOMConstructor.h:
124         (WebCore::JSDOMConstructorNotConstructable::callThrowTypeError):
125         (WebCore::JSDOMConstructorNotConstructable::getCallData):
126         As per the specification, interfaces that do not have a [Constructor]
127         should throw a TypeError when called as a function. Use the "Illegal
128         constructor" error message to match Firefox and Chrome.
129
130         * bindings/js/JSDOMGlobalObject.h:
131         (WebCore::getDOMConstructor):
132         Instead of using objectPrototype as prototype for all DOM constructors,
133         we now call the prototypeForStructure() static function that is
134         generated for each bindings class. As per the Web IDL specification,
135         The [[Prototype]] internal property of an interface object for a
136         non-callback interface is determined as follows:
137         1. If the interface inherits from some other interface, the value of
138            [[Prototype]] is the interface object for that other interface.
139         2. If the interface doesn't inherit from any other interface, the value
140            of [[Prototype]] is %FunctionPrototype% ([ECMA-262], section 6.1.7.4).
141
142         * bindings/js/JSImageConstructor.cpp:
143         (WebCore::JSImageConstructor::prototypeForStructure):
144         Have the Image's interface object use HTMLElement's interface object
145         as prototype as HTMLImageElement inherits HTMLElement.
146
147         * bindings/scripts/CodeGenerator.pm:
148         (getInterfaceExtendedAttributesFromName):
149         Add a utility function to cheaply retrieve an interface's IDL extended
150         attributes without actually parsing the IDL. This is used to check if
151         an interface's parent is marked as [NoInterfaceObject] currently.
152
153         * bindings/scripts/CodeGeneratorJS.pm:
154         (GenerateHeader):
155         (GenerateImplementation):
156         (GenerateCallbackHeader):
157         (GenerateCallbackImplementation):
158         Mark JSGlobalObject* parameter as const as the implementation does not
159         alter the globalObject.
160
161         (GenerateConstructorHelperMethods):
162         - Generate prototypeForStructure() function for each bindings class that
163           is not marked as [NoInterfaceObject] so getDOMConstructor() knows which
164           prototype to use for the interface object / constructor when constructing
165           it.
166         - Use the interface name for the interface object, without the "Constructor"
167           suffix, to match the behavior of Firefox and Chrome.
168
169         * bindings/scripts/test/*:
170         Rebaseline bindings tests.
171
172 2016-02-10  Jer Noble  <jer.noble@apple.com>
173
174         [Mac] Graphical corruption in videos when enabling custom loading path
175         https://bugs.webkit.org/show_bug.cgi?id=154044
176
177         Reviewed by Alex Christensen.
178
179         Revert the "Drive-by fix" in r196345 as it breaks the WebCoreNSURLSessionTests.BasicOperation API test.
180
181         * platform/network/cocoa/WebCoreNSURLSession.mm:
182         (-[WebCoreNSURLSessionDataTask resource:receivedData:length:]):
183
184 2016-02-10  Myles C. Maxfield  <mmaxfield@apple.com>
185
186         CSSSegmentedFontFace does not need to be reference counted
187         https://bugs.webkit.org/show_bug.cgi?id=154083
188
189         Reviewed by Antti Koivisto.
190
191         ...There is only ever a single reference to one.
192
193         No new tests because there is no behavior change.
194
195         * css/CSSFontSelector.cpp:
196         (WebCore::CSSFontSelector::getFontFace):
197         * css/CSSFontSelector.h:
198         * css/CSSSegmentedFontFace.h:
199         (WebCore::CSSSegmentedFontFace::create): Deleted.
200
201 2016-02-10  Antti Koivisto  <antti@apple.com>
202
203         Optimize style invalidation after class attribute change
204         https://bugs.webkit.org/show_bug.cgi?id=154075
205         rdar://problem/12526450
206
207         Reviewed by Andreas Kling.
208
209         Currently a class attribute change invalidates style for the entire element subtree for any class found in the
210         active stylesheet set.
211
212         This patch optimizes class changes by building a new optimization structure called ancestorClassRules. It contains
213         rules that have class selectors in the portion of the complex selector that matches ancestor elements. The sets
214         of rules are hashes by the class name.
215
216         On class attribute change the existing StyleInvalidationAnalysis mechanism is used with ancestorClassRules to invalidate
217         exactly those descendants that are affected by the addition or removal of the class name. This is fast because the CSS JIT
218         makes selector matching cheap and the number of relevant rules is typically small.
219
220         This optimization is very effective on many dynamic pages. For example when focusing and unfocusing the web inspector it
221         cuts down the number of resolved elements from ~1000 to ~50. Even in PLT it reduces the number of resolved elements by ~11%.
222
223         * css/DocumentRuleSets.cpp:
224         (WebCore::DocumentRuleSets::collectFeatures):
225         (WebCore::DocumentRuleSets::ancestorClassRules):
226
227             Create optimization RuleSets on-demand when there is an actual dynamic class change.
228
229         * css/DocumentRuleSets.h:
230         (WebCore::DocumentRuleSets::features):
231         (WebCore::DocumentRuleSets::sibling):
232         (WebCore::DocumentRuleSets::uncommonAttribute):
233         * css/ElementRuleCollector.cpp:
234         (WebCore::ElementRuleCollector::ElementRuleCollector):
235
236             Add a new constructor that doesn't requires DocumentRuleSets. Only the user and author style is required.
237
238         (WebCore::ElementRuleCollector::matchAuthorRules):
239         (WebCore::ElementRuleCollector::matchUserRules):
240         * css/ElementRuleCollector.h:
241         * css/RuleFeature.cpp:
242         (WebCore::RuleFeatureSet::recursivelyCollectFeaturesFromSelector):
243
244             Collect class names that show up in the ancestor portion of the selector.
245             Make this a member.
246
247         (WebCore::RuleFeatureSet::collectFeatures):
248
249             Move this code from RuleData.
250             Add the rule to ancestorClassRules if needed.
251
252         (WebCore::RuleFeatureSet::add):
253         (WebCore::RuleFeatureSet::clear):
254         (WebCore::RuleFeatureSet::shrinkToFit):
255         (WebCore::recursivelyCollectFeaturesFromSelector): Deleted.
256         (WebCore::RuleFeatureSet::collectFeaturesFromSelector): Deleted.
257         * css/RuleFeature.h:
258         (WebCore::RuleFeature::RuleFeature):
259         (WebCore::RuleFeatureSet::RuleFeatureSet): Deleted.
260         * css/RuleSet.cpp:
261         (WebCore::RuleData::RuleData):
262         (WebCore::RuleSet::RuleSet):
263         (WebCore::RuleSet::~RuleSet):
264         (WebCore::RuleSet::addToRuleSet):
265         (WebCore::RuleSet::addRule):
266         (WebCore::RuleSet::addRulesFromSheet):
267         (WebCore::collectFeaturesFromRuleData): Deleted.
268         * css/RuleSet.h:
269         (WebCore::RuleSet::tagRules):
270         (WebCore::RuleSet::RuleSet): Deleted.
271         * css/StyleInvalidationAnalysis.cpp:
272         (WebCore::shouldDirtyAllStyle):
273         (WebCore::StyleInvalidationAnalysis::StyleInvalidationAnalysis):
274
275             Add a new constructor that takes a ready made RuleSet instead of a stylesheet.
276
277         (WebCore::StyleInvalidationAnalysis::invalidateIfNeeded):
278         (WebCore::StyleInvalidationAnalysis::invalidateStyleForTree):
279         (WebCore::StyleInvalidationAnalysis::invalidateStyle):
280         (WebCore::StyleInvalidationAnalysis::invalidateStyle):
281
282             New function for invalidating a subtree instead of the whole document.
283
284         * css/StyleInvalidationAnalysis.h:
285         (WebCore::StyleInvalidationAnalysis::dirtiesAllStyle):
286         (WebCore::StyleInvalidationAnalysis::hasShadowPseudoElementRulesInAuthorSheet):
287         * dom/Element.cpp:
288         (WebCore::classStringHasClassName):
289         (WebCore::collectClasses):
290         (WebCore::computeClassChange):
291
292             Factor to return the changed classes.
293
294         (WebCore::invalidateStyleForClassChange):
295
296             First filter out classes that don't show up in stylesheets. If something remains invalidate the current
297             element for inline style change (that is a style change that doesn't affect descendants).
298
299             Next check if there are any ancestorClassRules for the changed class. If so use the StyleInvalidationAnalysis
300             to find any affected descendants and invalidate them with inline style change as well.
301
302         (WebCore::Element::classAttributeChanged):
303
304             Invalidate for removed classes before setting new attribute value, invalidate for added classes afterwards.
305
306         (WebCore::Element::absoluteLinkURL):
307         (WebCore::checkSelectorForClassChange): Deleted.
308         * dom/ElementData.h:
309         (WebCore::ElementData::setClassNames):
310         (WebCore::ElementData::classNames):
311         (WebCore::ElementData::classNamesMemoryOffset):
312         (WebCore::ElementData::clearClass): Deleted.
313         (WebCore::ElementData::setClass): Deleted.
314
315 2016-02-10  Myles C. Maxfield  <mmaxfield@apple.com>
316
317         Addressing post-review comments after r196322
318
319         Unreviwed.
320
321         * css/CSSFontFaceSource.cpp:
322         (WebCore::CSSFontFaceSource::font):
323         * css/CSSFontFaceSource.h:
324
325 2016-02-10  Chris Dumez  <cdumez@apple.com>
326
327         Attributes on the Window instance should be configurable unless [Unforgeable]
328         https://bugs.webkit.org/show_bug.cgi?id=153920
329         <rdar://problem/24563211>
330
331         Reviewed by Darin Adler.
332
333         Attributes on the Window instance should be configurable unless [Unforgeable]:
334         1. 'constructor' property:
335            - http://www.w3.org/TR/WebIDL/#interface-prototype-object
336         2. Constructor properties (e.g. window.Node):
337            - http://www.w3.org/TR/WebIDL/#es-interfaces
338         3. IDL attributes:
339            - http://heycam.github.io/webidl/#es-attributes (configurable unless
340              [Unforgeable], e.g. window.location)
341
342         Firefox complies with the WebIDL specification but WebKit does not for 1. and 3.
343
344         Test: fast/dom/Window/window-properties-configurable.html
345
346         * bindings/js/JSDOMWindowCustom.cpp:
347         (WebCore::JSDOMWindow::getOwnPropertySlot):
348         For known Window properties (i.e. properties in the static property table),
349         if we have reified and this is same-origin access, then call
350         Base::getOwnPropertySlot() to get the property from the local property
351         storage. If we have not reified yet, or this is cross-origin access, query
352         the static property table. This is to match the behavior of Firefox and
353         Chrome which seem to keep returning the original properties upon cross
354         origin access, even if those were deleted or redefined.
355
356         (WebCore::JSDOMWindow::put):
357         The previous code used to call the static property setter for properties in
358         the static table. However, this does not do the right thing if properties
359         were reified. For example, deleting window.name and then trying to set it
360         again would not work. Therefore, update this code to only do this if the
361         properties have not been reified, similarly to what is done in
362         JSObject::putInlineSlow().
363
364         * bindings/scripts/CodeGeneratorJS.pm:
365         (ConstructorShouldBeOnInstance):
366         Add a FIXME comment indicating that window.constructor should be on
367         the prototype as per the Web IDL specification.
368
369         (GenerateAttributesHashTable):
370         - Mark 'constructor' property as configurable for Window, as per the
371           specification and consistently with other 'constructor' properties:
372           http://www.w3.org/TR/WebIDL/#interface-prototype-object
373         - Mark properties as configurable even though they are on the instance.
374           Window has its properties on the instance as per the specification:
375           1. http://heycam.github.io/webidl/#es-attributes
376           2. http://heycam.github.io/webidl/#PrimaryGlobal (window is [PrimaryGlobal]
377           However, these properties should be configurable as long as they are
378           not marked as [Unforgeable], as per 1.
379
380         * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
381         * bindings/scripts/test/JS/JSTestException.cpp:
382         * bindings/scripts/test/JS/JSTestObj.cpp:
383         Rebaseline bindings tests.
384
385 2016-02-10  Brady Eidson  <beidson@apple.com>
386
387         Modern IDB: Ref cycle between IDBObjectStore and IDBTransaction.
388         https://bugs.webkit.org/show_bug.cgi?id=154061
389
390         Reviewed by Alex Christensen.
391
392         No new tests (Currently untestable).
393
394         * Modules/indexeddb/client/IDBTransactionImpl.cpp:
395         (WebCore::IDBClient::IDBTransaction::transitionedToFinishing): Make sure the new state makes sense,
396           set the new state, and then clear the set of referenced object stores which is no longer needed.
397         (WebCore::IDBClient::IDBTransaction::abort):
398         (WebCore::IDBClient::IDBTransaction::commit):
399         * Modules/indexeddb/client/IDBTransactionImpl.h:
400
401 2016-02-10  Jer Noble  <jer.noble@apple.com>
402
403         REGRESSION(r195770): Use-after-free in ResourceLoaderOptions::cachingPolicy
404         https://bugs.webkit.org/show_bug.cgi?id=153727
405         <rdar://problem/24429886>
406
407         Reviewed by Darin Adler.
408
409         Follow-up after r195965. Only protect those parts of CachedResource::removeClient() which
410         affect the MemoryCache when allowsCaching() is false.
411
412         * loader/cache/CachedResource.cpp:
413         (WebCore::CachedResource::removeClient):
414
415 2016-02-10  Csaba Osztrogonác  <ossy@webkit.org>
416
417         Fix the !(ENABLE(SHADOW_DOM) || ENABLE(DETAILS_ELEMENT)) after r196281
418         https://bugs.webkit.org/show_bug.cgi?id=154035
419
420         Reviewed by Antti Koivisto.
421
422         * dom/ComposedTreeIterator.h:
423         (WebCore::ComposedTreeIterator::Context::Context):
424
425 2016-02-09  Carlos Garcia Campos  <cgarcia@igalia.com>
426
427         [GTK] Toggle buttons are blurry with GTK+ 3.19
428         https://bugs.webkit.org/show_bug.cgi?id=154007
429
430         Reviewed by Michael Catanzaro.
431
432         Use min-width/min-height style properties when GTK+ >= 3.19.7 to
433         get the size of toggle buttons.
434
435         * rendering/RenderThemeGtk.cpp:
436         (WebCore::setToggleSize):
437         (WebCore::paintToggle):
438
439 2016-02-09  Aakash Jain  <aakash_jain@apple.com>
440
441         Headers that use WEBCORE_EXPORT should include PlatformExportMacros.h
442         https://bugs.webkit.org/show_bug.cgi?id=146984
443
444         Reviewed by Alexey Proskuryakov.
445
446         * Modules/speech/SpeechSynthesis.h:
447         * contentextensions/ContentExtensionError.h:
448         * dom/DeviceOrientationClient.h:
449         * platform/graphics/Color.h:
450         * platform/ios/wak/WebCoreThread.h:
451         * platform/network/CacheValidation.h:
452         * platform/network/cf/CertificateInfo.h:
453
454 2016-02-09  Nan Wang  <n_wang@apple.com>
455
456         AX: Implement word related text marker functions using TextIterator
457         https://bugs.webkit.org/show_bug.cgi?id=153939
458         <rdar://problem/24269605>
459
460         Reviewed by Chris Fleizach.
461
462         Using CharacterOffset to implement word related text marker calls. Reused
463         logic from previousBoundary and nextBoundary in VisibleUnits class.
464
465         Test: accessibility/mac/text-marker-word-nav.html
466
467         * accessibility/AXObjectCache.cpp:
468         (WebCore::AXObjectCache::traverseToOffsetInRange):
469         (WebCore::AXObjectCache::rangeForNodeContents):
470         (WebCore::isReplacedNodeOrBR):
471         (WebCore::characterOffsetsInOrder):
472         (WebCore::resetNodeAndOffsetForReplacedNode):
473         (WebCore::setRangeStartOrEndWithCharacterOffset):
474         (WebCore::AXObjectCache::rangeForUnorderedCharacterOffsets):
475         (WebCore::AXObjectCache::setTextMarkerDataWithCharacterOffset):
476         (WebCore::AXObjectCache::startOrEndCharacterOffsetForRange):
477         (WebCore::AXObjectCache::startOrEndTextMarkerDataForRange):
478         (WebCore::AXObjectCache::characterOffsetForNodeAndOffset):
479         (WebCore::AXObjectCache::textMarkerDataForCharacterOffset):
480         (WebCore::AXObjectCache::previousNode):
481         (WebCore::AXObjectCache::visiblePositionFromCharacterOffset):
482         (WebCore::AXObjectCache::characterOffsetFromVisiblePosition):
483         (WebCore::AXObjectCache::textMarkerDataForVisiblePosition):
484         (WebCore::AXObjectCache::nextCharacterOffset):
485         (WebCore::AXObjectCache::previousCharacterOffset):
486         (WebCore::startWordBoundary):
487         (WebCore::endWordBoundary):
488         (WebCore::AXObjectCache::startCharacterOffsetOfWord):
489         (WebCore::AXObjectCache::endCharacterOffsetOfWord):
490         (WebCore::AXObjectCache::previousWordStartCharacterOffset):
491         (WebCore::AXObjectCache::nextWordEndCharacterOffset):
492         (WebCore::AXObjectCache::leftWordRange):
493         (WebCore::AXObjectCache::rightWordRange):
494         (WebCore::characterForCharacterOffset):
495         (WebCore::AXObjectCache::characterAfter):
496         (WebCore::AXObjectCache::characterBefore):
497         (WebCore::parentEditingBoundary):
498         (WebCore::AXObjectCache::nextWordBoundary):
499         (WebCore::AXObjectCache::previousWordBoundary):
500         (WebCore::AXObjectCache::rootAXEditableElement):
501         * accessibility/AXObjectCache.h:
502         (WebCore::AXObjectCache::removeNodeForUse):
503         (WebCore::AXObjectCache::isNodeInUse):
504         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
505         (-[WebAccessibilityObjectWrapper previousTextMarkerForNode:offset:]):
506         (-[WebAccessibilityObjectWrapper textMarkerForNode:offset:ignoreStart:]):
507         (-[WebAccessibilityObjectWrapper textMarkerForNode:offset:]):
508         (textMarkerForCharacterOffset):
509         (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:forParameter:]):
510         * editing/VisibleUnits.cpp:
511         (WebCore::rightWordPosition):
512         (WebCore::prepend):
513         (WebCore::appendRepeatedCharacter):
514         (WebCore::suffixLengthForRange):
515         (WebCore::prefixLengthForRange):
516         (WebCore::backwardSearchForBoundaryWithTextIterator):
517         (WebCore::forwardSearchForBoundaryWithTextIterator):
518         (WebCore::previousBoundary):
519         (WebCore::nextBoundary):
520         * editing/VisibleUnits.h:
521
522 2016-02-09  Daniel Bates  <dabates@apple.com>
523
524         CSP: Extract helper classes into their own files
525         https://bugs.webkit.org/show_bug.cgi?id=154040
526         <rdar://problem/24571189>
527
528         Reviewed by Brent Fulgham.
529
530         No functionality was changed. So, no new tests.
531
532         * CMakeLists.txt: Add files ContentSecurityPolicy{DirectiveList, MediaListDirective, Source, SourceList, SourceListDirective}.cpp.
533         * WebCore.xcodeproj/project.pbxproj: Ditto.
534         * page/csp/ContentSecurityPolicy.cpp: Clean up #includes. Include header ParsingUtilities.h so that we can remove our own
535         variants of skip{Exactly, Until, While}(). Update code as necessary for class renames.
536         (WebCore::skipExactly): Deleted; instead use the analogous function in ParsingUtilities.h.
537         (WebCore::skipUntil): Deleted; instead use the analogous function in ParsingUtilities.h.
538         (WebCore::skipWhile): Deleted; instead use the analogous function in ParsingUtilities.h.
539         (WebCore::isSourceListNone): Moved to file ContentSecurityPolicySourceList.cpp.
540         (WebCore::CSPSource): Deleted; moved implementation to files ContentSecurityPolicySource.{cpp, h}.
541         (WebCore::CSPSourceList): Deleted; moved implementation to files ContentSecurityPolicySourceList.{cpp, h}.
542         (WebCore::CSPDirective): Deleted; moved implementation to file ContentSecurityPolicyDirective.h.
543         (WebCore::MediaListDirective): Deleted; moved implementation to files ContentSecurityPolicyMediaListDirective.{cpp, h}.
544         (WebCore::SourceListDirective): Deleted; moved implementation to files ContentSecurityPolicySourceListDirective.{cpp, h}.
545         (WebCore::CSPDirectiveList): Deleted; moved implementation to files ContentSecurityPolicyDirectiveList.{cpp, h}.
546         * page/csp/ContentSecurityPolicy.h:
547         * page/csp/ContentSecurityPolicyDirective.h: Added.
548         * page/csp/ContentSecurityPolicyDirectiveList.cpp: Added; removed use of ternary operator where it made the code less readable.
549         Updated code to make use of the functions defined in ParsingUtilities.h.
550         (WebCore::isExperimentalDirectiveName): Moved from file ContentSecurityPolicy.cpp.
551         (WebCore::isCSPDirectiveName): Ditto.
552         (WebCore::isDirectiveNameCharacter): Ditto.
553         (WebCore::isDirectiveValueCharacter): Ditto.
554         (WebCore::isNotASCIISpace): Ditto.
555         * page/csp/ContentSecurityPolicyDirectiveList.h: Added.
556         * page/csp/ContentSecurityPolicyMediaListDirective.cpp: Added. Updated code to make use of the functions defined in ParsingUtilities.h.
557         (WebCore::isMediaTypeCharacter): Moved from file ContentSecurityPolicy.cpp.
558         (WebCore::isNotASCIISpace): Ditto.
559         * page/csp/ContentSecurityPolicyMediaListDirective.h: Added.
560         * page/csp/ContentSecurityPolicySource.cpp: Added.
561         * page/csp/ContentSecurityPolicySource.h: Added.
562         * page/csp/ContentSecurityPolicySourceList.cpp: Added. Updated code to make use of the functions defined in ParsingUtilities.h.
563         (WebCore::isSourceCharacter): Moved from file ContentSecurityPolicy.cpp.
564         (WebCore::isHostCharacter): Ditto.
565         (WebCore::isPathComponentCharacter): Ditto.
566         (WebCore::isSchemeContinuationCharacter): Ditto.
567         (WebCore::isNotColonOrSlash): Ditto.
568         (WebCore::isSourceListNone): Ditto.
569         * page/csp/ContentSecurityPolicySourceList.h: Added.
570         * page/csp/ContentSecurityPolicySourceListDirective.cpp: Added.
571         * page/csp/ContentSecurityPolicySourceListDirective.h: Added.
572
573 2016-02-09  Brady Eidson  <beidson@apple.com>
574
575         Modern IDB: TransactionOperation objects leak.
576         https://bugs.webkit.org/show_bug.cgi?id=154054
577
578         Reviewed by Alex Christensen.
579
580         No new tests (Currently untestable).
581
582         * Modules/indexeddb/client/IDBTransactionImpl.cpp:
583         (WebCore::IDBClient::IDBTransaction::abortOnServerAndCancelRequests): Remove the TransactionOperation from
584           the map, as this operation doesn't complete "normally" like most others.
585         (WebCore::IDBClient::IDBTransaction::commitOnServer): Ditto.
586         
587         * Modules/indexeddb/client/TransactionOperation.h:
588         (WebCore::IDBClient::TransactionOperation::perform): Clear the m_performFunction after use,
589           as it holds a lambda that holds a RefPtr to the IDBTransaction, as well as a self-ref.
590         (WebCore::IDBClient::TransactionOperation::completed): Clear m_completeFunction for the same reasons.
591
592 2016-02-09  Jer Noble  <jer.noble@apple.com>
593
594         [Mac] Graphical corruption in videos when enabling custom loading path
595         https://bugs.webkit.org/show_bug.cgi?id=154044
596
597         Reviewed by Alex Christensen.
598
599         The NSOperationQueue provided by AVFoundation from the AVAssetResourceLoader queue is not
600         set to be a serial queue. So when adding dataReceived operations to that queue, there exists
601         the possibility that some operations are handled before others, and the client will receieve
602         data out of order.
603
604         A real NSURLSession object will only issue another operation when the first operation
605         completes, so emulate this behavior in WebCoreNSURLSession by using a serial dispatch queue.
606         The internal queue will enqueue an operation to the resource loader's queue, and block until
607         that operation completes, thus ensuring ordering of the data (and other) operations.
608
609         * platform/network/cocoa/WebCoreNSURLSession.h:
610         * platform/network/cocoa/WebCoreNSURLSession.mm:
611         (-[WebCoreNSURLSession initWithResourceLoader:delegate:delegateQueue:]): Initialize _internalQueue
612         (-[WebCoreNSURLSession addDelegateOperation:]): Added utility method.
613         (-[WebCoreNSURLSession taskCompleted:]): Call -addDelegateOperation:
614         (-[WebCoreNSURLSession finishTasksAndInvalidate]): Ditto.
615         (-[WebCoreNSURLSession resetWithCompletionHandler:]): Ditto.
616         (-[WebCoreNSURLSession flushWithCompletionHandler:]): Ditto.
617         (-[WebCoreNSURLSession getTasksWithCompletionHandler:]): Ditto.
618         (-[WebCoreNSURLSession getAllTasksWithCompletionHandler:]): Ditto.
619         (-[WebCoreNSURLSessionDataTask resource:receivedResponse:]): Ditto.
620         (-[WebCoreNSURLSessionDataTask resource:receivedData:length:]): Ditto.
621         (-[WebCoreNSURLSessionDataTask resourceFinished:]): Ditto.
622
623         Drive-by fix:
624         (-[WebCoreNSURLSessionDataTask resource:receivedData:length:]): Set countOfBytesReceived outside the operation,
625             queue, matching NSURLSessionDataTask's behavior.
626
627 2016-02-09  Nan Wang  <n_wang@apple.com>
628
629         [iOS Simulator] accessibility/text-marker/text-marker-range-stale-node-crash.html crashing
630         https://bugs.webkit.org/show_bug.cgi?id=154039
631
632         Reviewed by Chris Fleizach.
633
634         We are accessing the derefed node in the CharacterOffset object, we should create an empty
635         CharacterOffset object if the node is not in use.
636
637         It's covered by the test accessibility/text-marker/text-marker-range-stale-node-crash.html.
638
639         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
640         (-[WebAccessibilityTextMarker characterOffset]):
641         (-[WebAccessibilityTextMarker isIgnored]):
642
643 2016-02-09  Myles C. Maxfield  <mmaxfield@apple.com>
644
645         Unreviewed build fix after r196322
646
647         Unreviewed.
648
649         * css/CSSFontFace.cpp:
650         (WebCore::CSSFontFace::font):
651
652 2016-02-09  Zalan Bujtas  <zalan@apple.com>
653
654         Outline corners do not align properly for multiline inlines.
655         https://bugs.webkit.org/show_bug.cgi?id=154025
656
657         Reviewed by David Hyatt.
658
659         Adjust border position when outline-offset > 0. This patch also
660         removes integral pixelsnapping (drawLineForBoxSide takes care of
661         device pixelsnapping). 
662
663         Test: fast/inline/outline-corners-with-offset.html
664
665         * rendering/RenderInline.cpp:
666         (WebCore::RenderInline::paintOutlineForLine):
667
668 2016-02-09  Jer Noble  <jer.noble@apple.com>
669
670         [Mac] Adopt NSURLSession properties in AVAssetResourceLoader
671
672         Rubber-stamped by Eric Carlson;
673
674         Set the correct global variable from setAVFoundationNSURLSessionEnabled().
675
676         * page/Settings.cpp:
677         (WebCore::Settings::setAVFoundationNSURLSessionEnabled):
678
679 2016-02-07  Gavin Barraclough  <barraclough@apple.com>
680
681         GetValueFunc/PutValueFunc should not take both slotBase and thisValue
682         https://bugs.webkit.org/show_bug.cgi?id=154009
683
684         Reviewed by Geoff Garen.
685
686         In JavaScript there are two types of properties - regular value properties, and accessor properties.
687         One difference between these is how they are reflected by getOwnPropertyDescriptor, and another is
688         what object they operate on in the case of a prototype access. If you access a value property of a
689         prototype object it return a value pertinent to the prototype, but in the case of a prototype object
690         returning an accessor, then the accessor function is applied to the base object of the access.
691
692         JSC supports special 'custom' properties implemented as a c++ callback, and these custom properties
693         can be used to implement either value- or accessor-like behavior. getOwnPropertyDescriptor behavior
694         is selected via the CustomAccessor attribute. Value- or accessor-like object selection is current
695         supported by passing both the slotBase and the thisValue to the callback,and hoping it uses the
696         right one. This is probably inefficient, bug-prone, and leads to crazy like JSBoundSlotBaseFunction.
697
698         Instead, just pass one thisValue to the callback functions, consistent with CustomAccessor.
699
700         * bindings/js/JSDOMBinding.cpp:
701         (WebCore::printErrorMessageForFrame):
702         (WebCore::objectToStringFunctionGetter):
703         * bindings/js/JSDOMBinding.h:
704         (WebCore::propertyNameToString):
705         (WebCore::getStaticValueSlotEntryWithoutCaching<JSDOMObject>):
706         (WebCore::nonCachingStaticFunctionGetter):
707         * bindings/js/JSDOMWindowCustom.cpp:
708         (WebCore::JSDOMWindow::visitAdditionalChildren):
709         (WebCore::childFrameGetter):
710         (WebCore::namedItemGetter):
711         (WebCore::jsDOMWindowWebKit):
712         (WebCore::jsDOMWindowIndexedDB):
713             - add missing null check, in case indexDB acessor is applied to non-window object.
714         * bindings/js/JSPluginElementFunctions.cpp:
715         (WebCore::pluginScriptObject):
716         (WebCore::pluginElementPropertyGetter):
717         * bindings/js/JSPluginElementFunctions.h:
718         * bindings/scripts/CodeGeneratorJS.pm:
719         (GenerateHeader):
720         (GenerateImplementation):
721         * bridge/runtime_array.cpp:
722         (JSC::RuntimeArray::destroy):
723         (JSC::RuntimeArray::lengthGetter):
724         * bridge/runtime_array.h:
725         * bridge/runtime_method.cpp:
726         (JSC::RuntimeMethod::finishCreation):
727         (JSC::RuntimeMethod::lengthGetter):
728         * bridge/runtime_method.h:
729         * bridge/runtime_object.cpp:
730         (JSC::Bindings::RuntimeObject::invalidate):
731         (JSC::Bindings::RuntimeObject::fallbackObjectGetter):
732         (JSC::Bindings::RuntimeObject::fieldGetter):
733         (JSC::Bindings::RuntimeObject::methodGetter):
734         * bridge/runtime_object.h:
735             - Merged slotBase & thisValue to custom property callbacks.
736
737 2016-02-09  Jer Noble  <jer.noble@apple.com>
738
739         Build-fix; add Nullibility macros around previously un-macro'd class definitions.
740
741         * platform/spi/mac/AVFoundationSPI.h:
742
743 2016-02-04  Jer Noble  <jer.noble@apple.com>
744
745         [Mac] Adopt NSURLSession properties in AVAssetResourceLoader
746         https://bugs.webkit.org/show_bug.cgi?id=153873
747
748         Reviewed by Eric Carlson.
749
750         Adopt a new AVAssetResourceLoader API allowing clients to specify a NSURLSession object to
751         use for media loading, and control the use of this property with a new Setting.
752
753         * page/Settings.cpp:
754         (WebCore::Settings::setAVFoundationNSURLSessionEnabled):
755         * page/Settings.h:
756         (WebCore::Settings::isAVFoundationNSURLSessionEnabled):
757         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
758         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVAssetForURL):
759         * platform/spi/mac/AVFoundationSPI.h:
760
761 2016-02-09  Myles C. Maxfield  <mmaxfield@apple.com>
762
763         Decouple font creation from font loading
764         https://bugs.webkit.org/show_bug.cgi?id=153414
765
766         Reviewed by Darin Adler.
767
768         Previously, CSSFontFaceSource never triggered a font download until that font was actually used. This means
769         that the function which triggers the download also has the goal of returning a font to use. However,
770         the CSS Font Loading JavaScript API requires being able to trigger a font download without this extra font
771         creation overhead.
772
773         In addition, this patch adds an explicit (and enforced) state transition diagram. The diagram looks like
774         this:
775                             => Success
776                           //
777         Pending => Loading
778                           \\
779                             => Failure
780
781         Therefore, the API for CSSFontFaceSource has changed to expose the concept of these new states. This means
782         that its user (CSSSegmentedFontFaceSource) has been updated to handle each possible state that its constituent
783         CSSFontFaceSources may be in.
784
785         No new tests because there is no behavior change.
786
787         * css/CSSFontFace.cpp:
788         (WebCore::CSSFontFace::allSourcesFailed): Renamed to make the name clearer.
789         (WebCore::CSSFontFace::addedToSegmentedFontFace): Use references instead of pointers.
790         (WebCore::CSSFontFace::removedFromSegmentedFontFace): Ditto.
791         (WebCore::CSSFontFace::adoptSource): Renamed to make the name clearer.
792         (WebCore::CSSFontFace::fontLoaded): Use references instead of pointers. Also, remove old dead code.
793         (WebCore::CSSFontFace::font): Adapt to the new API of CSSFontFaceSource.
794         (WebCore::CSSFontFace::isValid): Deleted.
795         (WebCore::CSSFontFace::addSource): Deleted.
796         (WebCore::CSSFontFace::notifyFontLoader): Deleted. Old dead code.
797         (WebCore::CSSFontFace::notifyLoadingDone): Deleted. Old dead code.
798         * css/CSSFontFace.h:
799         (WebCore::CSSFontFace::create): Remove old dead code.
800         (WebCore::CSSFontFace::CSSFontFace): Use references instead of pointers.
801         (WebCore::CSSFontFace::loadState): Deleted. Remove old dead code.
802         * css/CSSFontFaceSource.cpp:
803         (WebCore::CSSFontFaceSource::setStatus): Enforce state transitions.
804         (WebCore::CSSFontFaceSource::CSSFontFaceSource): Explicitly handle new state transitions.
805         (WebCore::CSSFontFaceSource::fontLoaded): Update for new states.
806         (WebCore::CSSFontFaceSource::load): Pulled out code from font().
807         (WebCore::CSSFontFaceSource::font): Moved code into load().
808         (WebCore::CSSFontFaceSource::isValid): Deleted.
809         (WebCore::CSSFontFaceSource::isDecodeError): Deleted.
810         (WebCore::CSSFontFaceSource::ensureFontData): Deleted.
811         * css/CSSFontFaceSource.h: Much cleaner API.
812         * css/CSSFontSelector.cpp:
813         (WebCore::createFontFace): Migrate to references instead of pointers. This requires a little
814         reorganization.
815         (WebCore::registerLocalFontFacesForFamily): Update to new CSSFontFaceSource API.
816         (WebCore::CSSFontSelector::addFontFaceRule): Ditto.
817         (WebCore::CSSFontSelector::getFontFace): Ditto.
818         * css/CSSSegmentedFontFace.cpp:
819         (WebCore::CSSSegmentedFontFace::CSSSegmentedFontFace): Migrate to references instead of pointers.
820         (WebCore::CSSSegmentedFontFace::~CSSSegmentedFontFace): Ditto.
821         (WebCore::CSSSegmentedFontFace::fontLoaded): Remove old dead code.
822         (WebCore::CSSSegmentedFontFace::appendFontFace): Cleanup.
823         (WebCore::CSSSegmentedFontFace::fontRanges): Adopt to new API.
824         (WebCore::CSSSegmentedFontFace::pruneTable): Deleted.
825         (WebCore::CSSSegmentedFontFace::isLoading): Deleted. Old dead code.
826         (WebCore::CSSSegmentedFontFace::checkFont): Deleted. Ditto.
827         (WebCore::CSSSegmentedFontFace::loadFont): Deleted. Ditto.
828         * css/CSSSegmentedFontFace.h:
829         (WebCore::CSSSegmentedFontFace::create): Migrate to references instead of pointers.
830         (WebCore::CSSSegmentedFontFace::fontSelector): Ditto.
831         (WebCore::CSSSegmentedFontFace::LoadFontCallback::~LoadFontCallback): Deleted.
832         * loader/cache/CachedFont.cpp:
833         (WebCore::CachedFont::didAddClient): Migrate to references instead of pointers.
834         (WebCore::CachedFont::checkNotify): Ditto.
835         * loader/cache/CachedFontClient.h:
836         (WebCore::CachedFontClient::fontLoaded): Ditto.
837
838 2016-02-09  Brady Eidson  <beidson@apple.com>
839
840         Modern IDB: IDBOpenDBRequests leak.
841         https://bugs.webkit.org/show_bug.cgi?id=154032
842
843         Reviewed by Alex Christensen.
844
845         No new tests (Currently untestable).
846
847         * CMakeLists.txt:
848         * WebCore.xcodeproj/project.pbxproj:
849
850         Add a simple Event subclass that holds a ref to an IDBRequest, to make sure that we
851         drop the last ref to the request after its last event fires or is otherwise destroyed:
852         * Modules/indexeddb/IDBRequestCompletionEvent.cpp: Added.
853         (WebCore::IDBRequestCompletionEvent::IDBRequestCompletionEvent):
854         * Modules/indexeddb/IDBRequestCompletionEvent.h: Added.
855         (WebCore::IDBRequestCompletionEvent::create):
856
857         * Modules/indexeddb/client/IDBOpenDBRequestImpl.cpp:
858         (WebCore::IDBClient::IDBOpenDBRequest::onError): IDBRequestCompletionEvent instead of Event.
859         (WebCore::IDBClient::IDBOpenDBRequest::fireSuccessAfterVersionChangeCommit): Ditto.
860         (WebCore::IDBClient::IDBOpenDBRequest::fireErrorAfterVersionChangeCompletion): Ditto.
861         (WebCore::IDBClient::IDBOpenDBRequest::onSuccess): Ditto.
862
863         * Modules/indexeddb/client/IDBTransactionImpl.cpp:
864         (WebCore::IDBClient::IDBTransaction::dispatchEvent): After setting up the request's 
865           completion event to fire, clear the back-ref to the request.
866
867 2016-02-09  Commit Queue  <commit-queue@webkit.org>
868
869         Unreviewed, rolling out r196286.
870         https://bugs.webkit.org/show_bug.cgi?id=154026
871
872         Looks like 5% iOS PLT regression (Requested by kling on
873         #webkit).
874
875         Reverted changeset:
876
877         "[iOS] Throw away some unlinked code when navigating to a new
878         page."
879         https://bugs.webkit.org/show_bug.cgi?id=154014
880         http://trac.webkit.org/changeset/196286
881
882 2016-02-08  Chris Dumez  <cdumez@apple.com>
883
884         Attribute getters should not require an explicit 'this' value for Window properties
885         https://bugs.webkit.org/show_bug.cgi?id=153968
886
887         Reviewed by Darin Adler.
888
889         Attribute getters should not require an explicit 'this' value for
890         Window properties. This is because the Window interface is marked
891         as [ImplicitThis]:
892         - http://heycam.github.io/webidl/#ImplicitThis
893         - https://www.w3.org/Bugs/Public/show_bug.cgi?id=29421
894
895         This matches the behavior of Firefox and the expectations of the W3C
896         web-platform-tests.
897
898         No new tests, already covered by existing tests.
899
900         * bindings/scripts/CodeGeneratorJS.pm:
901         In attribute getters of an interface marked as [ImplicitThis],
902         if 'thisValue' is undefined or null, fall back to using the
903         global object as 'thisValue'.
904
905         * bindings/scripts/IDLAttributes.txt:
906         Add support for [ImplicitThis]:
907         http://heycam.github.io/webidl/#ImplicitThis
908
909         * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
910         * bindings/scripts/test/JS/JSTestException.cpp:
911         * bindings/scripts/test/JS/JSTestInterface.cpp:
912         * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
913         * bindings/scripts/test/JS/JSTestNode.cpp:
914         * bindings/scripts/test/JS/JSTestNondeterministic.cpp:
915         * bindings/scripts/test/JS/JSTestObj.cpp:
916         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
917         * bindings/scripts/test/JS/JSTestTypedefs.cpp:
918         * bindings/scripts/test/JS/JSattribute.cpp:
919         Rebaseline bindings tests.
920
921         * page/DOMWindow.idl:
922         Mark Window as [ImplicitThis]:
923         http://heycam.github.io/webidl/#ImplicitThis
924
925 2016-02-08  Nan Wang  <n_wang@apple.com>
926
927         AX: crash at WebCore::Range::selectNodeContents(WebCore::Node*, int&)
928         https://bugs.webkit.org/show_bug.cgi?id=154018
929
930         Reviewed by Chris Fleizach.
931
932         Sometimes rangeForUnorderedCharacterOffsets call is accessing derefed node objects
933         and leading to a crash. Fixed it by checking isNodeInUse before creating the CharacterOffset
934         object.
935
936         Test: accessibility/text-marker/text-marker-range-stale-node-crash.html
937
938         * accessibility/AXObjectCache.cpp:
939         (WebCore::AXObjectCache::visiblePositionForTextMarkerData):
940         (WebCore::AXObjectCache::characterOffsetForTextMarkerData):
941         (WebCore::AXObjectCache::traverseToOffsetInRange):
942         * accessibility/AXObjectCache.h:
943         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
944         (-[WebAccessibilityObjectWrapper rangeForTextMarkerRange:]):
945         (characterOffsetForTextMarker):
946         (-[WebAccessibilityObjectWrapper characterOffsetForTextMarker:]):
947         (textMarkerForVisiblePosition):
948
949 2016-02-08  Andreas Kling  <akling@apple.com>
950
951         [iOS] Throw away some unlinked code when navigating to a new page.
952         <https://webkit.org/b/154014>
953
954         Reviewed by Gavin Barraclough.
955
956         Extended the mechanism introduced earlier to also throw away unlinked code
957         that's only relevant to the page that we're navigating away from.
958
959         The new JSC::VM API is deleteAllCodeExceptCaches() and it does what it sounds
960         like, deleting unlinked and linked code but leaving code caches alone.
961
962         This means that if the page we're navigating to wants to parse some of the
963         same JS that the page we're leaving had on it, it might still be found in the
964         JSC::CodeCache.
965
966         Doing a back navigation to a PageCache'd page may now incur some reparsing,
967         just like leaving the app or tab would.
968
969         * bindings/js/GCController.cpp:
970         (WebCore::GCController::deleteAllCodeExceptCaches):
971         (WebCore::GCController::deleteAllLinkedCode): Deleted.
972         * bindings/js/GCController.h:
973         * loader/FrameLoader.cpp:
974         (WebCore::FrameLoader::commitProvisionalLoad):
975
976 2016-02-08  Daniel Bates  <dabates@apple.com>
977
978         CSP connect-src directive should block redirects
979         https://bugs.webkit.org/show_bug.cgi?id=69359
980         <rdar://problem/24383025>
981
982         Reviewed by Brent Fulgham.
983
984         Inspired by Blink patch:
985         <https://src.chromium.org/viewvc/blink?revision=150246&view=revision>
986
987         Apply the connect-src directive of the Content Security Policy for the document or worker to the redirect URL
988         of an XMLHttpRequest and EventSource load so as to conform to section Paths and Redirects of the CSP 2.0 spec.,
989         <https://w3c.github.io/webappsec-csp/2/#source-list-paths-and-redirects> (29 August 2015).
990
991         Additionally, check that each requested script URL passed to WorkerGlobalScope.importScripts() is allowed by
992         the CSP of the worker before initiating a load for it. If some URL i is blocked by the CSP policy
993         then we do not try to load URLs j >= i.
994
995         Tests: http/tests/security/contentSecurityPolicy/worker-blob-inherits-csp-importScripts-block-aborts-all-subsequent-imports.html
996                http/tests/security/contentSecurityPolicy/worker-blob-inherits-csp-importScripts-redirect-cross-origin-blocked.html
997                http/tests/security/contentSecurityPolicy/worker-csp-blocks-xhr-redirect-cross-origin.html
998                http/tests/security/contentSecurityPolicy/worker-csp-importScripts-redirect-cross-origin-allowed.html
999                http/tests/security/contentSecurityPolicy/worker-csp-importScripts-redirect-cross-origin-blocked.html
1000                http/tests/security/contentSecurityPolicy/worker-without-csp-importScripts-redirect-cross-origin-allowed.html
1001                http/tests/security/isolatedWorld/bypass-main-world-csp-for-xhr-redirect.html
1002                http/tests/security/isolatedWorld/bypass-main-world-csp-worker-blob-importScript-redirect-cross-origin.html
1003                http/tests/security/isolatedWorld/bypass-main-world-csp-worker-importScripts-redirect-cross-origin.html
1004                http/tests/security/isolatedWorld/bypass-worker-csp-for-xhr-redirect-cross-origin.html
1005                http/tests/security/isolatedWorld/bypass-worker-csp-for-xhr.html
1006
1007         * fileapi/FileReaderLoader.cpp:
1008         (WebCore::FileReaderLoader::start): Do not enforce a CSP directive as CSP is not applicable to File API.
1009         * inspector/InspectorNetworkAgent.cpp:
1010         (WebCore::InspectorNetworkAgent::loadResource): Do not enforce a CSP directive as CSP should not interfere
1011         with the Web Inspector.
1012         * loader/DocumentThreadableLoader.cpp:
1013         (WebCore::DocumentThreadableLoader::loadResourceSynchronously): Modified to take an optional ContentSecurityPolicy
1014         and pass it through to DocumentThreadableLoader::create().
1015         (WebCore::DocumentThreadableLoader::create): Modified to take an optional ContentSecurityPolicy and pass it through
1016         to DocumentThreadableLoader::DocumentThreadableLoader().
1017         (WebCore::DocumentThreadableLoader::DocumentThreadableLoader): Modified to take an optional ContentSecurityPolicy.
1018         Asserts that the CSP allows the load of the request URL so as to catch when a caller creates a loader for a request
1019         that is not allowed by the CSP. The caller should not create a loader for such a request.
1020         (WebCore::DocumentThreadableLoader::redirectReceived): Check if the CSP allows the redirect URL. If it does not
1021         then notify the client that the redirect check failed.
1022         (WebCore::DocumentThreadableLoader::loadRequest): Ditto.
1023         (WebCore::DocumentThreadableLoader::isAllowedByContentSecurityPolicy): Checks that the specified URL is allowed
1024         by the enforced CSP directive.
1025         (WebCore::DocumentThreadableLoader::contentSecurityPolicy): Returns the ContentSecurityPolicy object passed to
1026         DocumentThreadableLoader on instantiation or the ContentSecurityPolicy object of the associated document.
1027         * loader/DocumentThreadableLoader.h: Add overloaded variants of DocumentThreadableLoader::{create, loadResourceSynchronously}()
1028         that take a std::unique_ptr<ContentSecurityPolicy>&&. Remove some unnecessary headers.
1029         * loader/ThreadableLoader.cpp:
1030         (WebCore::ThreadableLoaderOptions::ThreadableLoaderOptions): Take the CSP directive to enforce and store it.
1031         (WebCore::ThreadableLoaderOptions::isolatedCopy): Copy the CSP directive to enforce.
1032         * loader/ThreadableLoader.h: Added member field to store the CSP directive to enforce (defaults to enforce the
1033         directive connect-src - the most appropriate directive in most circumstances). As of the time of writing,
1034         only WorkerGlobalScope.importScripts() enforces a different directive: script-src.
1035         * loader/WorkerThreadableLoader.cpp:
1036         (WebCore::WorkerThreadableLoader::WorkerThreadableLoader): Pass the SecurityOrigin and ContentSecurityPolicy associated
1037         with the WorkerGlobalScope to WorkerThreadableLoader::MainThreadBridge::MainThreadBridge().
1038         (WebCore::WorkerThreadableLoader::MainThreadBridge::MainThreadBridge): Pass a copy of the worker's ContentSecurityPolicy
1039         to the DocumentThreadableLoader.
1040         * loader/WorkerThreadableLoader.h:
1041         * page/EventSource.cpp:
1042         (WebCore::EventSource::connect): Enforce the CSP directive connect-src on redirects unless we are running in an isolated world.
1043         * workers/AbstractWorker.cpp:
1044         (WebCore::AbstractWorker::resolveURL): Modified to take a boolean whether to bypass the main world Content Security Policy
1045         instead of querying for it directly.
1046         * workers/AbstractWorker.h:
1047         * workers/Worker.cpp:
1048         (WebCore::Worker::create): Added FIXME to enforce child-src directive of the document's CSP to the worker's script URL
1049         on redirect once we fix <https://bugs.webkit.org/show_bug.cgi?id=153562>. For now, do not enforce a CSP policy on redirect
1050         of the worker's script URL.
1051         * workers/WorkerGlobalScope.cpp:
1052         (WebCore::WorkerGlobalScope::importScripts): Check that the requested URL is allowed by the CSP of the worker (if applicable).
1053         Enforce the CSP directive script-src on redirects unless we are running in an isolated world.
1054         * workers/WorkerScriptLoader.cpp:
1055         (WebCore::WorkerScriptLoader::loadSynchronously): Pass SecurityOrigin and ContentSecurityPolicyEnforcement to WorkerThreadableLoader.
1056         (WebCore::WorkerScriptLoader::loadAsynchronously): Ditto.
1057         * workers/WorkerScriptLoader.h:
1058         * xml/XMLHttpRequest.cpp:
1059         (WebCore::XMLHttpRequest::createRequest): Enforce the CSP directive connect-src on redirects unless we are running in
1060         an isolated world.
1061
1062 2016-02-08  Antti Koivisto  <antti@apple.com>
1063
1064         Try to fix Yosemite build.
1065
1066         * dom/ComposedTreeIterator.h:
1067         (WebCore::ComposedTreeIterator::ComposedTreeIterator):
1068         (WebCore::ComposedTreeIterator::traverseNext):
1069
1070 2016-02-08  Antti Koivisto  <antti@apple.com>
1071
1072         Implement ComposedTreeIterator in terms of ElementAndTextDescendantIterator
1073         https://bugs.webkit.org/show_bug.cgi?id=154003
1074
1075         Reviewed by Darin Adler.
1076
1077         Currently ComposedTreeIterator implements tree traversal using NodeTraversal. This makes it overly complicated.
1078         It can also return nodes other than Element and Text which should not be part of the composed tree.
1079
1080         This patch adds a new iterator type, ElementAndTextDescendantIterator, similar to the existing ElementDescendantIterator.
1081         ComposedTreeIterator is then implemented using this new iterator.
1082
1083         When entering a shadow tree or a slot the local iterator is pushed along with the context stack and a new local
1084         iterator is initialized for the new context. When leaving a shadow tree the context stack is popped and the previous
1085         local iterator becomes active.
1086
1087         * WebCore.xcodeproj/project.pbxproj:
1088         * dom/ComposedTreeIterator.cpp:
1089         (WebCore::ComposedTreeIterator::ComposedTreeIterator):
1090         (WebCore::ComposedTreeIterator::initializeContextStack):
1091         (WebCore::ComposedTreeIterator::pushContext):
1092         (WebCore::ComposedTreeIterator::traverseNextInShadowTree):
1093         (WebCore::ComposedTreeIterator::traverseNextLeavingContext):
1094         (WebCore::ComposedTreeIterator::advanceInSlot):
1095         (WebCore::ComposedTreeIterator::traverseSiblingInSlot):
1096         (WebCore::ComposedTreeIterator::initializeShadowStack): Deleted.
1097         (WebCore::ComposedTreeIterator::traverseParentInShadowTree): Deleted.
1098         (WebCore::ComposedTreeIterator::traverseNextSiblingSlot): Deleted.
1099         (WebCore::ComposedTreeIterator::traversePreviousSiblingSlot): Deleted.
1100         * dom/ComposedTreeIterator.h:
1101         (WebCore::ComposedTreeIterator::operator*):
1102         (WebCore::ComposedTreeIterator::operator->):
1103         (WebCore::ComposedTreeIterator::operator==):
1104         (WebCore::ComposedTreeIterator::operator!=):
1105         (WebCore::ComposedTreeIterator::operator++):
1106         (WebCore::ComposedTreeIterator::Context::Context):
1107         (WebCore::ComposedTreeIterator::context):
1108         (WebCore::ComposedTreeIterator::current):
1109         (WebCore::ComposedTreeIterator::ComposedTreeIterator):
1110         (WebCore::ComposedTreeIterator::traverseNext):
1111         (WebCore::ComposedTreeIterator::traverseNextSkippingChildren):
1112         (WebCore::ComposedTreeIterator::traverseNextSibling):
1113         (WebCore::ComposedTreeIterator::traversePreviousSibling):
1114         (WebCore::ComposedTreeDescendantAdapter::ComposedTreeDescendantAdapter):
1115         (WebCore::ComposedTreeDescendantAdapter::begin):
1116         (WebCore::ComposedTreeDescendantAdapter::end):
1117         (WebCore::ComposedTreeDescendantAdapter::at):
1118         (WebCore::ComposedTreeChildAdapter::Iterator::Iterator):
1119         (WebCore::ComposedTreeChildAdapter::ComposedTreeChildAdapter):
1120         (WebCore::ComposedTreeChildAdapter::begin):
1121         (WebCore::ComposedTreeChildAdapter::end):
1122         (WebCore::ComposedTreeChildAdapter::at):
1123         (WebCore::ComposedTreeIterator::ShadowContext::ShadowContext): Deleted.
1124         (WebCore::ComposedTreeIterator::traverseParent): Deleted.
1125         * dom/ElementAndTextDescendantIterator.h: Added.
1126
1127             New iterator type that traverses Element and Text nodes (that is renderable nodes only).
1128             It also tracks depth for future use.
1129
1130 2016-02-08  Joseph Pecoraro  <pecoraro@apple.com>
1131
1132         Web Inspector: copy({x:1}) should copy "{x:1}", not "[object Object]"
1133         https://bugs.webkit.org/show_bug.cgi?id=148605
1134
1135         Reviewed by Brian Burg.
1136
1137         Test: inspector/console/command-line-api-copy.html
1138
1139         * inspector/CommandLineAPIModuleSource.js:
1140         (CommandLineAPIImpl.prototype.copy):
1141         Support copying different types. This is meant to be more
1142         convenient then just JSON.stringify, so it handles types
1143         like Node, Symbol, RegExp, and Function a bit better.
1144
1145 2016-02-08  Said Abou-Hallawa  <sabouhallawa@apple.com>
1146
1147         REGRESSION(r181345): SVG polyline and polygon leak page
1148         https://bugs.webkit.org/show_bug.cgi?id=152759
1149
1150         Reviewed by Darin Adler.
1151
1152         The leak happens because of cyclic reference between SVGListPropertyTearOff 
1153         and SVGAnimatedListPropertyTearOff which is derived from SVGAnimatedProperty.
1154         There is also cyclic reference between SVGAnimatedProperty and SVGElement
1155         and this causes the whole document to be leaked. So if the JS requests, for
1156         example, an instance of SVGPolylineElement.points, the whole document will be
1157         leaked.
1158
1159         The fix depends on having the cyclic reference as is since the owning and the
1160         owned classes have to live together if any of them is referenced. But the owning
1161         class caches a raw 'ref-counted' pointer of the owned class. If it is requested
1162         for an instance of the owned class it returned a RefPtr<> of it. Once the owned
1163         class is not used, it can delete itself. The only thing needed here is to notify
1164         the owner class of the deletion so it cleans its caches and be able to create a
1165         new pointer if it is requested for an instance of the owned class later.
1166
1167         Revert the change of r181345 in SVGAnimatedProperty::lookupOrCreateWrapper()
1168         to break the cyclic reference between SVGElement and SVGAnimatedProperty.
1169         
1170         Also apply the same approach in SVGAnimatedListPropertyTearOff::baseVal() and
1171         animVal() to break cyclic reference between SVGListPropertyTearOff and
1172         SVGAnimatedListPropertyTearOff.
1173
1174         Test: svg/animations/smil-leak-list-property-instances.svg
1175
1176         * bindings/scripts/CodeGeneratorJS.pm:
1177         (NativeToJSValue): The SVG non-string list tear-off properties became of
1178         type RefPtr<>. So we need to use get() with the casting expressions.
1179         
1180         * svg/SVGMarkerElement.cpp:
1181         (WebCore::SVGMarkerElement::orientType):
1182         Use 'auto' type for the return of SVGAnimatedProperty::lookupWrapper().
1183
1184         * svg/SVGPathElement.cpp:
1185         (WebCore::SVGPathElement::pathByteStream):
1186         (WebCore::SVGPathElement::lookupOrCreateDWrapper):
1187         Since SVGAnimatedProperty::lookupWrappe() returns a RefPtr<> we need to 
1188         use get() for the casting expressions.
1189         
1190         (WebCore::SVGPathElement::pathSegList):
1191         (WebCore::SVGPathElement::normalizedPathSegList):
1192         (WebCore::SVGPathElement::animatedPathSegList):
1193         (WebCore::SVGPathElement::animatedNormalizedPathSegList):
1194         * svg/SVGPathElement.h:
1195         Change the return value from raw pointer to RefPtr<>.
1196
1197         * svg/SVGPathSegWithContext.h:
1198         (WebCore::SVGPathSegWithContext::animatedProperty):
1199         Change the return type to be RefPtr<> to preserve the value from being deleted.
1200         
1201         * svg/SVGPolyElement.cpp:
1202         (WebCore::SVGPolyElement::parseAttribute):
1203         Since SVGAnimatedProperty::lookupWrapper() returns a RefPtr<> we need to 
1204         use get() for the casting expressions.
1205         
1206         (WebCore::SVGPolyElement::points):
1207         (WebCore::SVGPolyElement::animatedPoints):
1208         * svg/SVGPolyElement.h:
1209         Change the return value from raw pointer to RefPtr<>.
1210         
1211         * svg/SVGViewSpec.cpp:
1212         (WebCore::SVGViewSpec::setTransformString):
1213         Since SVGAnimatedProperty::lookupWrapper() returns a RefPtr<> we need to 
1214         use get() for the casting expressions.
1215
1216         (WebCore::SVGViewSpec::transform):
1217         * svg/SVGViewSpec.h:
1218         Change the return value from raw pointer to RefPtr<>.
1219         
1220         * svg/properties/SVGAnimatedListPropertyTearOff.h:
1221         (WebCore::SVGAnimatedListPropertyTearOff::baseVal):
1222         (WebCore::SVGAnimatedListPropertyTearOff::animVal):
1223         Change the return value from raw pointer to RefPtr<> and change the cached
1224         value from RefPtr<> to raw pointer. If the property is null, it will be
1225         created, its raw pointer will be cached and the only ref-counted RefPtr<>
1226         will be returned. This will guarantee, the RefPtr<> will be deleted once
1227         it is not used anymore. 
1228         
1229         (WebCore::SVGAnimatedListPropertyTearOff::propertyWillBeDeleted):
1230         Clean the raw pointer caches m_baseVal and m_animVal upon deleting the
1231         actual pointer. This function will be called from the destructor of
1232         SVGListPropertyTearOff.
1233         
1234         (WebCore::SVGAnimatedListPropertyTearOff::findItem):
1235         (WebCore::SVGAnimatedListPropertyTearOff::removeItemFromList):
1236         We have to ensure the baseVal() is created before using it.
1237         
1238         (WebCore::SVGAnimatedListPropertyTearOff::detachListWrappers):
1239         (WebCore::SVGAnimatedListPropertyTearOff::currentAnimatedValue):
1240         (WebCore::SVGAnimatedListPropertyTearOff::animationStarted):
1241         (WebCore::SVGAnimatedListPropertyTearOff::animationEnded):
1242         (WebCore::SVGAnimatedListPropertyTearOff::synchronizeWrappersIfNeeded):
1243         (WebCore::SVGAnimatedListPropertyTearOff::animValWillChange):
1244         (WebCore::SVGAnimatedListPropertyTearOff::animValDidChange):
1245         For animation, a separate RefPtr<> 'm_animatingAnimVal' will be assigned
1246         to the animVal(). This will prevent deleting m_animVal while animation.
1247         
1248         * svg/properties/SVGAnimatedPathSegListPropertyTearOff.h:
1249         (WebCore::SVGAnimatedPathSegListPropertyTearOff::baseVal):
1250         (WebCore::SVGAnimatedPathSegListPropertyTearOff::animVal):
1251         Same as what is done in SVGAnimatedListPropertyTearOff.
1252         
1253         (WebCore::SVGAnimatedPathSegListPropertyTearOff::findItem):
1254         (WebCore::SVGAnimatedPathSegListPropertyTearOff::removeItemFromList):
1255         Same as what is done in SVGAnimatedListPropertyTearOff.
1256         
1257         * svg/properties/SVGAnimatedProperty.h:
1258         (WebCore::SVGAnimatedProperty::lookupOrCreateWrapper):
1259         Change the return value from raw reference to Ref<> and change the
1260         cached value from Ref<> to raw pointer. This reverts the change of
1261         r181345 in this function.
1262         
1263         (WebCore::SVGAnimatedProperty::lookupWrapper):
1264         Change the return value from raw pointer to RefPtr<>.
1265         
1266         * svg/properties/SVGAnimatedPropertyMacros.h:
1267         Use 'auto' type for the return of SVGAnimatedProperty::lookupWrapper().
1268         
1269         * svg/properties/SVGAnimatedTransformListPropertyTearOff.h:
1270         (WebCore::SVGAnimatedTransformListPropertyTearOff::baseVal):
1271         (WebCore::SVGAnimatedTransformListPropertyTearOff::animVal):
1272         Same as what is done in SVGAnimatedListPropertyTearOff.
1273
1274         * svg/properties/SVGListPropertyTearOff.h:
1275         (WebCore::SVGListPropertyTearOff::~SVGListPropertyTearOff):
1276         Call the SVGAnimatedListPropertyTearOff::propertyWillBeDeleted() to clean
1277         its raw pointers when the RefPtr<> deletes itself.
1278
1279 2016-02-08  Carlos Garcia Campos  <cgarcia@igalia.com>
1280
1281         [GTK] WebKitWebView should send crossing events to the WebProcess
1282         https://bugs.webkit.org/show_bug.cgi?id=153740
1283
1284         Reviewed by Michael Catanzaro.
1285
1286         Update the target element under the mouse also when only updating
1287         scrollbars, so that if the mouse enters the page when the window
1288         is not active, the scroll animator is notified that the mouse
1289         entered the scrollable area.
1290
1291         * page/EventHandler.cpp:
1292         (WebCore::EventHandler::handleMouseMoveEvent): Call
1293         updateMouseEventTargetNode() before early returning in case of
1294         only updating scrollbars.
1295
1296 2016-02-08  Jeremy Jones  <jeremyj@apple.com>
1297
1298         PiP and external playback are mutually exclusive.
1299         https://bugs.webkit.org/show_bug.cgi?id=153988
1300         rdar://problem/24108661
1301
1302         Reviewed by Eric Carlson.
1303
1304         Adding isPlayingOnSecondScreen to isPlayingOnExternalScreen allows AVKit to disable PiP
1305         when appropriate. Testing video fullscreen mode in updateDisableExternalPlayback allows us to 
1306         turn-off external playback when entering picture-in-picture.
1307
1308         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
1309         (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenMode):
1310         (WebCore::MediaPlayerPrivateAVFoundationObjC::updateDisableExternalPlayback):
1311         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
1312         (-[WebAVPlayerController isPlayingOnExternalScreen]):
1313         (+[WebAVPlayerController keyPathsForValuesAffectingPlayingOnExternalScreen]):
1314
1315 2016-02-08  Commit Queue  <commit-queue@webkit.org>
1316
1317         Unreviewed, rolling out r196253.
1318         https://bugs.webkit.org/show_bug.cgi?id=153990
1319
1320         Caused several crashes in GTK+ bots (Requested by KaL on
1321         #webkit).
1322
1323         Reverted changeset:
1324
1325         "[GTK] WebKitWebView should send crossing events to the
1326         WebProcess"
1327         https://bugs.webkit.org/show_bug.cgi?id=153740
1328         http://trac.webkit.org/changeset/196253
1329
1330 2016-02-08  Jeremy Jones  <jeremyj@apple.com>
1331
1332         WebAVPlayerController should implement currentTimeWithinEndTimes.
1333         https://bugs.webkit.org/show_bug.cgi?id=153983
1334         rdar://problem/22864621
1335
1336         Reviewed by Eric Carlson.
1337
1338         Implement currentTimeWithinEndTimes in terms of seekToTime and AVTiming. This is a trivial
1339         implementation becuase AVPlayer start and end times aren't used.
1340
1341         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
1342         (-[WebAVPlayerController currentTimeWithinEndTimes]):
1343         (-[WebAVPlayerController setCurrentTimeWithinEndTimes:]):
1344         (+[WebAVPlayerController keyPathsForValuesAffectingCurrentTimeWithinEndTimes]):
1345
1346 2016-02-08  Carlos Garcia Campos  <cgarcia@igalia.com>
1347
1348         [GTK] WebKitWebView should send crossing events to the WebProcess
1349         https://bugs.webkit.org/show_bug.cgi?id=153740
1350
1351         Reviewed by Michael Catanzaro.
1352
1353         Update the target element under the mouse also when only updating
1354         scrollbars, so that if the mouse enters the page when the window
1355         is not active, the scroll animator is notified that the mouse
1356         entered the scrollable area.
1357
1358         * page/EventHandler.cpp:
1359         (WebCore::EventHandler::handleMouseMoveEvent): Call
1360         updateMouseEventTargetNode() before early returning in case of
1361         only updating scrollbars.
1362
1363 2016-02-08  Jeremy Jones  <jeremyj@apple.com>
1364
1365         WebVideoFullscreenInterface should handle video resizing.
1366         https://bugs.webkit.org/show_bug.cgi?id=153982
1367         rdar://problem/22031249
1368
1369         Reviewed by Eric Carlson.
1370
1371         Video fullscreen can be initiated before video dimension are available.
1372         Protect against an initial width or height of zero and observe resize events 
1373         to update once video dimensions become available or change.
1374
1375         * platform/cocoa/WebVideoFullscreenModelVideoElement.mm:
1376         (WebVideoFullscreenModelVideoElement::updateForEventName):
1377         (WebVideoFullscreenModelVideoElement::observedEventNames):
1378         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
1379         (-[WebAVPlayerLayer layoutSublayers]):
1380         (-[WebAVPlayerLayer videoRect]):
1381         (WebVideoFullscreenInterfaceAVKit::setVideoDimensions):
1382
1383 2016-02-08  Adrien Plazas  <aplazas@igalia.com>
1384
1385         Indent inline box test fails due to assertion in VisibleSelection::selectionFromContentsOfNode()
1386         https://bugs.webkit.org/show_bug.cgi?id=153824
1387
1388         Reviewed by Michael Catanzaro.
1389
1390         * editing/markup.cpp:
1391         (WebCore::highestAncestorToWrapMarkup):
1392
1393 2016-02-07  Sam Weinig  <sam@webkit.org>
1394
1395         Remove unused enum ScrollbarOverlayState.
1396
1397         Rubber-stamped by Dan Bernstein.
1398
1399         * platform/ScrollTypes.h:
1400
1401 2016-02-07  Sam Weinig  <sam@webkit.org>
1402
1403         Remove unnecessary respondsToSelector checks for methods that exist on all supported platforms
1404         https://bugs.webkit.org/show_bug.cgi?id=153970
1405
1406         Reviewed by Dan Bernstein.
1407
1408         -[NSScrollerImp mouseEnteredScroller], -[NSScrollerImp expansionTransitionProgress],
1409         -[NSScrollerImpPair contentAreaScrolledInDirection:], and -[NSScrollerImp setExpanded:]
1410         are now available on all supported OS's. No need to check for them.
1411
1412         * platform/mac/ScrollAnimatorMac.mm:
1413         (macScrollbarTheme):
1414         (-[WebScrollbarPainterDelegate scrollerImp:animateUIStateTransitionWithDuration:]):
1415         (-[WebScrollbarPainterDelegate scrollerImp:animateExpansionTransitionWithDuration:]):
1416         (WebCore::ScrollAnimatorMac::mouseEnteredScrollbar):
1417         (WebCore::ScrollAnimatorMac::mouseExitedScrollbar):
1418         (WebCore::ScrollAnimatorMac::sendContentAreaScrolled):
1419         (WebCore::ScrollAnimatorMac::sendContentAreaScrolledTimerFired):
1420         (supportsUIStateTransitionProgress): Deleted.
1421         (supportsExpansionTransitionProgress): Deleted.
1422         (supportsContentAreaScrolledInDirection): Deleted.
1423         * platform/mac/ScrollbarThemeMac.mm:
1424         (+[WebScrollbarPrefsObserver appearancePrefsChanged:]):
1425         (+[WebScrollbarPrefsObserver behaviorPrefsChanged:]):
1426         (WebCore::ScrollbarThemeMac::scrollbarThickness):
1427
1428 2016-02-07  Sam Weinig  <sam@webkit.org>
1429
1430         Use modern SPI header idiom for NSScrollerImp and NSScrollerImpPair
1431         https://bugs.webkit.org/show_bug.cgi?id=153969
1432
1433         Reviewed by Dan Bernstein.
1434
1435         * WebCore.xcodeproj/project.pbxproj:
1436         Add new file NSScrollerImpSPI.h
1437
1438         * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
1439         Use new include of NSScrollerImpSPI.h.
1440
1441         * platform/ScrollbarThemeComposite.h:
1442         Define ScrollbarPainter more precisely as NSScrollerImp * now that the type is available to us.
1443
1444         * platform/mac/NSScrollerImpDetails.h:
1445         Remove NSObject category based SPI usage with the modern one NSScrollerImpSPI.h
1446
1447         * platform/mac/NSScrollerImpDetails.mm:
1448         (WebCore::recommendedScrollerStyle):
1449         Simplify recommendedScrollerStyle() now that all OS's we ship on have +[NSScroller preferredScrollerStyle].
1450
1451         * platform/mac/ScrollAnimatorMac.mm:
1452         (supportsUIStateTransitionProgress):
1453         (supportsExpansionTransitionProgress):
1454         (supportsContentAreaScrolledInDirection):
1455         Stop using NSClassFromString now that we can reference the classes explicitly.
1456
1457         (-[WebScrollbarPainterControllerDelegate invalidate]):
1458         (-[WebScrollbarPainterControllerDelegate contentAreaRectForScrollerImpPair:]):
1459         (-[WebScrollbarPainterControllerDelegate inLiveResizeForScrollerImpPair:]):
1460         (-[WebScrollbarPainterControllerDelegate mouseLocationInContentAreaForScrollerImpPair:]):
1461         (-[WebScrollbarPainterControllerDelegate scrollerImpPair:convertContentPoint:toScrollerImp:]):
1462         (-[WebScrollbarPainterControllerDelegate scrollerImpPair:setContentAreaNeedsDisplayInRect:]):
1463         (-[WebScrollbarPainterControllerDelegate scrollerImpPair:updateScrollerStyleForNewRecommendedScrollerStyle:]):
1464         (-[WebScrollbarPainterDelegate layer]):
1465         (-[WebScrollbarPainterDelegate mouseLocationInScrollerForScrollerImp:]):
1466         (-[WebScrollbarPainterDelegate convertRectToLayer:]):
1467         (-[WebScrollbarPainterDelegate shouldUseLayerPerPartForScrollerImp:]):
1468         (-[WebScrollbarPainterDelegate setUpAlphaAnimation:scrollerPainter:part:animateAlphaTo:duration:]):
1469         (-[WebScrollbarPainterDelegate scrollerImp:animateKnobAlphaTo:duration:]):
1470         (-[WebScrollbarPainterDelegate scrollerImp:animateTrackAlphaTo:duration:]):
1471         (-[WebScrollbarPainterDelegate scrollerImp:animateUIStateTransitionWithDuration:]):
1472         (-[WebScrollbarPainterDelegate scrollerImp:animateExpansionTransitionWithDuration:]):
1473         (-[WebScrollbarPainterDelegate scrollerImp:overlayScrollerStateChangedTo:]):
1474         (WebCore::ScrollAnimatorMac::ScrollAnimatorMac):
1475         (WebCore::ScrollAnimatorMac::lockOverlayScrollbarStateToHidden):
1476         (WebCore::ScrollAnimatorMac::didAddVerticalScrollbar):
1477         (WebCore::ScrollAnimatorMac::didAddHorizontalScrollbar):
1478         (WebCore::ScrollAnimatorMac::updateScrollerStyle):
1479         Add proper conforming to protocols and replace ids with proper types.
1480
1481         * platform/mac/ScrollbarThemeMac.mm:
1482         (WebCore::supportsExpandedScrollbars):
1483         (WebCore::ScrollbarThemeMac::registerScrollbar):
1484         (WebCore::ScrollbarThemeMac::scrollbarThickness):
1485         (WebCore::ScrollbarThemeMac::setUpContentShadowLayer):
1486         Stop using NSClassFromString now that we can reference the classes explicitly.
1487
1488         * platform/spi/mac/NSScrollerImpSPI.h: Added.
1489
1490 2016-02-07  Zalan Bujtas  <zalan@apple.com>
1491
1492         Outline does not clip when ancestor has overflow: hidden and requires layer.
1493         https://bugs.webkit.org/show_bug.cgi?id=153901
1494
1495         Now that outline is part of visual overflow, we no longer need the special outline cliprect.
1496         PaintPhaseChildOutlines drawing will switch to foreground cliprect. It ensures proper overflow clipping
1497         at parent level. PaintPhaseSelfOutline drawing will start using the visual overflow inflated background cliprect.
1498         With this change, outline will be using the same cliprects as the other visual overflow properties (box-shadow etc). 
1499
1500         Reviewed by David Hyatt.
1501
1502         Test: fast/repaint/outline-with-overflow-hidden-ancestor.html
1503
1504         * rendering/LayerFragment.h:
1505         (WebCore::LayerFragment::setRects):
1506         (WebCore::LayerFragment::moveBy): Deleted.
1507         (WebCore::LayerFragment::intersect): Deleted.
1508         * rendering/RenderLayer.cpp:
1509         (WebCore::RenderLayer::collectFragments):
1510         (WebCore::RenderLayer::paintOutlineForFragments):
1511         (WebCore::RenderLayer::calculateClipRects):
1512         (WebCore::RenderLayer::paintForegroundForFragments): Deleted.
1513         * rendering/RenderLayer.h:
1514         * rendering/RenderTreeAsText.cpp:
1515         (WebCore::write):
1516         (WebCore::writeLayers):
1517
1518 2016-02-07  Daniel Bates  <dabates@apple.com>
1519
1520         CSP: Allow Web Workers initiated from an isolated world to bypass the main world Content Security Policy
1521         https://bugs.webkit.org/show_bug.cgi?id=153622
1522         <rdar://problem/24400023>
1523
1524         Reviewed by Gavin Barraclough.
1525
1526         Fixes an issue where Web Workers initiated from an isolated world (say, a Safari Content Script Extension)
1527         would be subject to the Content Security Policy of the page.
1528
1529         Currently code in an isolated world that does not execute in a Web Worker is exempt from the CSP of
1530         the page. However, code that runs inside a Web Worker that was initiated from an isolated world is
1531         subject to the CSP of the page. Instead, such Web Worker code should also be exempt from the CSP of
1532         the page.
1533
1534         Tests: http/tests/security/isolatedWorld/bypass-main-world-csp-worker-blob-eval.html
1535                http/tests/security/isolatedWorld/bypass-main-world-csp-worker-blob-xhr.html
1536                http/tests/security/isolatedWorld/bypass-main-world-csp-worker.html
1537
1538         * Modules/websockets/WebSocket.cpp:
1539         (WebCore::WebSocket::connect): Modified to ask the script execution context whether to bypass the
1540         main world Content Security Policy now that script execution context knows this information.
1541         * bindings/js/ScriptController.cpp:
1542         (WebCore::ScriptController::shouldBypassMainWorldContentSecurityPolicy): Deleted; moved logic from here...
1543         * bindings/js/ScriptController.h:
1544         * dom/Document.cpp:
1545         (WebCore::Document::shouldBypassMainWorldContentSecurityPolicy): ...to here.
1546         * dom/Document.h:
1547         * dom/ScriptExecutionContext.h:
1548         (WebCore::ScriptExecutionContext::shouldBypassMainWorldContentSecurityPolicy): Added; defaults to false -
1549         do not bypass the main world Content Security Policy.
1550         * page/EventSource.cpp:
1551         (WebCore::EventSource::create): Modified to ask the script execution context whether to bypass the
1552         main world Content Security Policy now that script execution context knows this information.
1553         * page/csp/ContentSecurityPolicy.cpp:
1554         (WebCore::ContentSecurityPolicy::shouldBypassMainWorldContentSecurityPolicy): Deleted.
1555         * page/csp/ContentSecurityPolicy.h:
1556         * workers/AbstractWorker.cpp:
1557         (WebCore::AbstractWorker::resolveURL): Bypass the main world Content Security Policy if applicable.
1558         Added FIXME comment to enforce the child-src directive of the document's CSP (as opposed to the script-src
1559         directive) on the worker's script URL. Also, scriptExecutionContext()->contentSecurityPolicy() should
1560         always be non-null just as we expect scriptExecutionContext()->securityOrigin() to be non-null. Assert
1561         this invariant to catch cases where a ScriptExecutionContext is not properly initialized.
1562         * workers/DedicatedWorkerGlobalScope.cpp:
1563         (WebCore::DedicatedWorkerGlobalScope::create): Modified to take boolean argument shouldBypassMainWorldContentSecurityPolicy
1564         as to whether to bypass the main world Content Security Policy and only apply the Content Security
1565         Policy headers when shouldBypassMainWorldContentSecurityPolicy is false.
1566         (WebCore::DedicatedWorkerGlobalScope::DedicatedWorkerGlobalScope): Pass through a boolean argument shouldBypassMainWorldContentSecurityPolicy
1567         as to whether to bypass the main world Content Security Policy.
1568         * workers/DedicatedWorkerGlobalScope.h:
1569         * workers/DedicatedWorkerThread.cpp:
1570         (WebCore::DedicatedWorkerThread::DedicatedWorkerThread): Ditto.
1571         (WebCore::DedicatedWorkerThread::createWorkerGlobalScope): Ditto.
1572         * workers/DedicatedWorkerThread.h:
1573         * workers/Worker.cpp:
1574         (WebCore::Worker::create): Store whether we should bypass the main world Content Security Policy so
1575         that we can pass it to WorkerMessagingProxy::startWorkerGlobalScope() in Worker::notifyFinished().
1576         We need to store this decision here as opposed to determining it at any later time (say, in Worker::notifyFinished())
1577         because it is dependent on the current JavaScript program stack at the time this function is invoked.
1578         (WebCore::Worker::notifyFinished): Pass whether to bypass the main world Content Security Policy.
1579         * workers/Worker.h:
1580         * workers/WorkerGlobalScope.cpp:
1581         (WebCore::WorkerGlobalScope::WorkerGlobalScope): Modified to take a boolean as to whether to bypass the
1582         main world Content Security Policy and store it in a member field. Also, always instantiate a Content
1583         Security Policy object as our current code assumes that one is always created.
1584         * workers/WorkerGlobalScope.h:
1585         * workers/WorkerGlobalScopeProxy.h:
1586         * workers/WorkerMessagingProxy.cpp:
1587         (WebCore::WorkerMessagingProxy::startWorkerGlobalScope): Pass through a boolean argument shouldBypassMainWorldContentSecurityPolicy
1588         as to whether to bypass the main world Content Security Policy.
1589         * workers/WorkerMessagingProxy.h:
1590         * workers/WorkerThread.cpp:
1591         (WebCore::WorkerThreadStartupData::WorkerThreadStartupData): Modified to take a boolean argument as to
1592         whether to bypass the main world Content Security Policy and store it in a member field.
1593         (WebCore::WorkerThread::WorkerThread): Pass through a boolean argument shouldBypassMainWorldContentSecurityPolicy
1594         as to whether to bypass the main world Content Security Policy.
1595         (WebCore::WorkerThread::workerThread): Ditto.
1596         * workers/WorkerThread.h:
1597         * xml/XMLHttpRequest.cpp:
1598         (WebCore::XMLHttpRequest::open): Modified to ask the script execution context whether to bypass the
1599         main world Content Security Policy now that script execution context knows this information.
1600
1601 2016-02-07  Dan Bernstein  <mitz@apple.com>
1602
1603         [Cocoa] Replace __has_include guards around inclusion of Apple-internal-SDK headers with USE(APPLE_INTERNAL_SDK)
1604         https://bugs.webkit.org/show_bug.cgi?id=153963
1605
1606         Reviewed by Sam Weinig.
1607
1608         * accessibility/mac/AXObjectCacheMac.mm:
1609         * crypto/CommonCryptoUtilities.cpp:
1610         * crypto/CommonCryptoUtilities.h:
1611         * editing/mac/TextUndoInsertionMarkupMac.h:
1612         * editing/mac/TextUndoInsertionMarkupMac.mm:
1613         * platform/cocoa/TelephoneNumberDetectorCocoa.cpp:
1614         * platform/graphics/cg/ImageSourceCG.cpp:
1615         * platform/graphics/mac/PDFDocumentImageMac.mm:
1616         * platform/network/ios/NetworkStateNotifierIOS.mm:
1617         * platform/network/mac/BlobDataFileReferenceMac.mm:
1618         * platform/network/mac/ResourceHandleMac.mm:
1619         * rendering/RenderThemeMac.mm:
1620
1621 2016-02-07  Carlos Garcia Campos  <cgarcia@igalia.com>
1622
1623         REGRESSION(r195661): [GTK] Scrollbar tests crashing after overlay scrollbar groundwork
1624         https://bugs.webkit.org/show_bug.cgi?id=153695
1625
1626         Reviewed by Michael Catanzaro.
1627
1628         The problem is that ScrollAnimation objects are not destroyed by
1629         the ScrollAnimator destructor, because I forgot to add a virtual
1630         destructor for ScrollAnimation in r195661.
1631
1632         * platform/ScrollAnimation.h:
1633         (WebCore::ScrollAnimation::~ScrollAnimation):
1634
1635 2016-02-06  Chris Dumez  <cdumez@apple.com>
1636
1637         Prevent cross-origin access to window.history
1638         https://bugs.webkit.org/show_bug.cgi?id=153931
1639
1640         Reviewed by Darin Adler.
1641
1642         Prevent cross-origin access to window.history to match the specification [1]
1643         and the behavior of other browsers (tested Firefox and Chrome).
1644
1645         [1] https://html.spec.whatwg.org/multipage/browsers.html#security-window
1646
1647         No new tests, already covered by existing tests that
1648         were updated in this patch.
1649
1650         * bindings/js/JSHistoryCustom.cpp:
1651         (WebCore::JSHistory::pushState):
1652         (WebCore::JSHistory::replaceState):
1653         (WebCore::JSHistory::state): Deleted.
1654         * page/DOMWindow.idl:
1655         * page/History.idl:
1656
1657 2016-02-06  Beth Dakin  <bdakin@apple.com>
1658
1659         ScrollbarPainters needs to be deallocated on the main thread
1660         https://bugs.webkit.org/show_bug.cgi?id=153932
1661         -and corresponding-
1662         rdar://problem/24015483
1663
1664         Reviewed by Dan Bernstein.
1665
1666         Darin pointed out that this was still race-y. There was still a race 
1667         condition between the destruction of the two local variables and the
1668         destruction of the lambda on the main thread. This should fix that. 
1669         * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.h:
1670         * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
1671         (WebCore::ScrollingTreeFrameScrollingNodeMac::~ScrollingTreeFrameScrollingNodeMac):
1672         (WebCore::ScrollingTreeFrameScrollingNodeMac::releaseReferencesToScrollbarPaintersOnTheMainThread):
1673         (WebCore::ScrollingTreeFrameScrollingNodeMac::updateBeforeChildren):
1674
1675 2016-02-06  Darin Adler  <darin@apple.com>
1676
1677         Finish auditing call sites of upper() and lower(), eliminate many, and rename the functions
1678         https://bugs.webkit.org/show_bug.cgi?id=153905
1679
1680         Reviewed by Sam Weinig.
1681
1682         * Modules/mediasource/MediaSource.cpp:
1683         (WebCore::MediaSource::isTypeSupported): Use convertToASCIILowercase on MIME type.
1684
1685         * accessibility/AccessibilityObject.cpp:
1686         (WebCore::AccessibilityObject::selectText): Use new names for lower and upper. Also
1687         tweaked style a tiny bit and used u_toupper rather than converting an entire
1688         string to uppercase.
1689
1690         * dom/Document.cpp:
1691         (WebCore::Document::addImageElementByCaseFoldedUsemap): Renamed to reflect the use
1692         of case folding rather than lowercasing.
1693         (WebCore::Document::removeImageElementByCaseFoldedUsemap): Ditto.
1694         (WebCore::Document::imageElementByCaseFoldedUsemap): Ditto.
1695         * dom/Document.h: Ditto.
1696         * dom/DocumentOrderedMap.cpp:
1697         (WebCore::DocumentOrderedMap::getElementByCaseFoldedMapName): Ditto.
1698         (WebCore::DocumentOrderedMap::getElementByCaseFoldedUsemap): Ditto.
1699         * dom/DocumentOrderedMap.h: Ditto.
1700
1701         * dom/TreeScope.cpp:
1702         (WebCore::TreeScope::getImageMap): Removed unneeded special case for null string.
1703         Simplified logic for cases where the URL does not have a "#" character in it.
1704         Use case folding instead of lowercase.
1705
1706         * editing/cocoa/HTMLConverter.mm:
1707         (HTMLConverter::_processText): Removed unneded special case for the empty string.
1708         Use makCapitalized instead of Cocoa function for "capitalize". Use upper and lower
1709         functions by their new names.
1710
1711         * html/HTMLImageElement.cpp:
1712         (WebCore::HTMLImageElement::parseAttribute): Use case folding instead of
1713         lowerasing for the usemap attribute.
1714         (WebCore::HTMLImageElement::insertedInto): Ditto.
1715         (WebCore::HTMLImageElement::removedFrom): Ditto.
1716         (WebCore::HTMLImageElement::matchesCaseFoldedUsemap): Ditto.
1717         * html/HTMLImageElement.h: Rename since usemap is case folded now, not lowercased.
1718
1719         * html/HTMLMapElement.cpp:
1720         (WebCore::HTMLMapElement::imageElement): Use case folding instead of lowercasing
1721         for usemap.
1722         (WebCore::HTMLMapElement::parseAttribute): Ditto.
1723
1724         * platform/Language.cpp:
1725         (WebCore::canonicalLanguageIdentifier): Use convertToASCIILowercase for language code.
1726         (WebCore::indexOfBestMatchingLanguageInList): Ditto.
1727
1728         * platform/graphics/harfbuzz/HarfBuzzShaper.cpp:
1729         (WebCore::HarfBuzzShaper::shapeHarfBuzzRuns): Use new name for the upper function.
1730
1731         * platform/network/HTTPParsers.cpp:
1732         (WebCore::parseContentTypeOptionsHeader): Use equalLettersIgnoringASCIICase instead
1733         of lowercasing to check for a specific header value.
1734
1735         * platform/network/MIMEHeader.cpp:
1736         (WebCore::retrieveKeyValuePairs): Use convertToASCIILowercase for MIME header name.
1737         (WebCore::MIMEHeader::parseContentTransferEncoding): Use equalLettersIgnoringASCIICase
1738         instead of lowercasing.
1739
1740         * platform/network/cf/ResourceHandleCFNet.cpp:
1741         (WebCore::allowsAnyHTTPSCertificateHosts): Make this hash ASCII case-insensitive.
1742         (WebCore::clientCertificates): Ditto.
1743         (WebCore::ResourceHandle::createCFURLConnection): Remove call to lower since the
1744         set is now ASCII case-insensitive.
1745         (WebCore::ResourceHandle::setHostAllowsAnyHTTPSCertificate): Ditto.
1746         (WebCore::ResourceHandle::setClientCertificate): Ditto.
1747
1748         * platform/network/curl/CookieJarCurl.cpp:
1749         (WebCore::getNetscapeCookieFormat): Use equalLettersIgnoringASCIICase instead of
1750         lowercasing.
1751
1752         * platform/network/curl/MultipartHandle.cpp:
1753         (WebCore::MultipartHandle::didReceiveResponse): Use convertToASCIILowercase to
1754         make a MIME type lowercase.
1755
1756         * platform/network/curl/ResourceHandleCurl.cpp:
1757         (WebCore::ResourceHandle::setHostAllowsAnyHTTPSCertificate): Removed unneeded
1758         conversion to lowercase now that the set is ASCII case-insensitive.
1759         (WebCore::ResourceHandle::setClientCertificate): Removed code that populates a map
1760         that is then never used for anything.
1761
1762         * platform/network/curl/ResourceHandleManager.cpp:
1763         (WebCore::headerCallback): Use convertToASCIILowercase for MIME type.
1764
1765         * platform/network/curl/SSLHandle.cpp: Made hash maps keyed by host names
1766         ASCII case-insensitive.
1767         (WebCore::addAllowedClientCertificate): Removed lowercasing since the map itself
1768         is now ASCII case insensitve.
1769         (WebCore::setSSLClientCertificate): Ditto. Also use auto for iterator type so we
1770         don't have to write out the map type.
1771         (WebCore::sslIgnoreHTTPSCertificate): Ditto.
1772         (WebCore::certVerifyCallback): Ditto.
1773
1774         * platform/network/soup/ResourceHandleSoup.cpp: Made hash maps keyed by host names
1775         ASCII case-insensitive.
1776         (WebCore::allowsAnyHTTPSCertificateHosts): Ditto.
1777         (WebCore::handleUnignoredTLSErrors): Ditto.
1778         (WebCore::ResourceHandle::setHostAllowsAnyHTTPSCertificate): Ditto.
1779         (WebCore::ResourceHandle::setClientCertificate): Ditto.
1780
1781         * platform/text/LocaleToScriptMappingDefault.cpp: Made hash maps keyed by script
1782         names ASCII case-insensitive. USE WTF_ARRAY_LENGTH as appropriate.
1783         (WebCore::scriptNameToCode): Use modern style to initialize the map. Removed
1784         unnecessary lowercasing of the script name before looking at the map.
1785         (WebCore::localeToScriptCodeForFontSelection): Ditto.
1786
1787         * platform/text/win/LocaleWin.cpp:
1788         (WebCore::convertLocaleNameToLCID): Made map ASCII case-insensitive and removed
1789         unneeded lowercasing.
1790
1791         * platform/win/PasteboardWin.cpp:
1792         (WebCore::clipboardTypeFromMIMEType): Use equalLettersIgnoringASCIICase instead
1793         of lowercasing.
1794
1795         * rendering/RenderText.cpp:
1796         (WebCore::applyTextTransform): Use new names for the upper and lower functions.
1797
1798         * xml/XMLHttpRequest.cpp:
1799         (WebCore::XMLHttpRequest::responseIsXML): Remove unneeded lowercasing, since
1800         DOMImplementation now has ASCII case-insensitive handling of MIME types.
1801
1802 2016-02-06  Zalan Bujtas  <zalan@apple.com>
1803
1804         Outline should contribute to visual overflow.
1805         https://bugs.webkit.org/show_bug.cgi?id=153299
1806
1807         This patch eliminates the special outline handling (RenderView::setMaximalOutlineSize).
1808         Now that outline is part of visual overflow, we don't have to inflate the layers to accomodate
1809         outline borders.
1810         This patch fixes several focusring related repaint issues. However when both the outline: auto
1811         and the descendant renderer are composited, we still don't paint properly in certain cases. -not a regression.
1812         (Also when parent renderer has overflow: hidden repaint does not take outline into account. -regression.)
1813         It changes column behavior (see TestExpectations) since outline behaves now like any other visual overflow properties.
1814
1815         Reviewed by David Hyatt.
1816
1817         Test: fast/repaint/focus-ring-repaint.html
1818               fast/repaint/focus-ring-repaint-with-negative-offset.html
1819
1820         * css/html.css: resetting to old behavior.
1821         (:focus):
1822         (input:focus, textarea:focus, isindex:focus, keygen:focus, select:focus):
1823         * rendering/InlineFlowBox.cpp:
1824         (WebCore::InlineFlowBox::addToLine):
1825         (WebCore::InlineFlowBox::addOutlineVisualOverflow):
1826         (WebCore::InlineFlowBox::computeOverflow):
1827         (WebCore::InlineFlowBox::paint): Deleted.
1828         * rendering/InlineFlowBox.h:
1829         * rendering/RenderBlock.cpp:
1830         (WebCore::RenderBlock::computeOverflow):
1831         (WebCore::RenderBlock::outlineStyleForRepaint):
1832         (WebCore::RenderBlock::paint): Deleted.
1833         * rendering/RenderBlockFlow.cpp:
1834         (WebCore::RenderBlockFlow::layoutBlock): Deleted.
1835         (WebCore::RenderBlockFlow::addFocusRingRectsForInlineChildren): Deleted.
1836         * rendering/RenderBlockLineLayout.cpp:
1837         (WebCore::RenderBlockFlow::addOverflowFromInlineChildren):
1838         * rendering/RenderBox.cpp:
1839         (WebCore::RenderBox::addVisualEffectOverflow):
1840         (WebCore::RenderBox::applyVisualEffectOverflow):
1841         (WebCore::RenderBox::clippedOverflowRectForRepaint): Deleted.
1842         * rendering/RenderBoxModelObject.h:
1843         * rendering/RenderDetailsMarker.cpp:
1844         (WebCore::RenderDetailsMarker::paint): Deleted.
1845         * rendering/RenderElement.cpp:
1846         (WebCore::RenderElement::insertChildInternal):
1847         (WebCore::RenderElement::styleDidChange):
1848         (WebCore::RenderElement::repaintAfterLayoutIfNeeded):
1849         (WebCore::RenderElement::issueRepaintForOutlineAuto):
1850         (WebCore::RenderElement::updateOutlineAutoAncestor):
1851         (WebCore::RenderElement::computeMaxOutlineSize): Deleted.
1852         (WebCore::RenderElement::styleWillChange): Deleted.
1853         * rendering/RenderElement.h:
1854         (WebCore::RenderElement::hasContinuation):
1855         * rendering/RenderInline.cpp:
1856         (WebCore::RenderInline::paintOutlineForLine): Deleted.
1857         * rendering/RenderLayer.cpp:
1858         (WebCore::RenderLayer::calculateClipRects):
1859         * rendering/RenderLineBoxList.cpp:
1860         (WebCore::RenderLineBoxList::anyLineIntersectsRect):
1861         (WebCore::RenderLineBoxList::lineIntersectsDirtyRect):
1862         (WebCore::RenderLineBoxList::paint):
1863         (WebCore::isOutlinePhase): Deleted.
1864         * rendering/RenderLineBoxList.h:
1865         * rendering/RenderListBox.cpp:
1866         (WebCore::RenderListBox::computePreferredLogicalWidths):
1867         * rendering/RenderListMarker.cpp:
1868         (WebCore::RenderListMarker::paint): Deleted.
1869         * rendering/RenderObject.cpp:
1870         (WebCore::RenderObject::propagateRepaintToParentWithOutlineAutoIfNeeded): The renderer with outline: auto is responsible for
1871         painting focusring around the descendants. If we issued repaint only on the descendant when it changes,
1872         the focusring would not refresh properly. We have to find the ancestor with outline: auto, inflate the repaint rect and
1873         issue the repaint on the ancestor if we crossed repaint container.
1874  
1875         (WebCore::RenderObject::repaintUsingContainer):
1876         (WebCore::RenderObject::adjustRectForOutlineAndShadow):
1877         (WebCore::RenderObject::setHasOutlineAutoAncestor):
1878         (WebCore::RenderObject::adjustRectWithMaximumOutline): Deleted.
1879         
1880         * rendering/RenderObject.h: We mark the descendants of outline: auto so that
1881         when a child renderer changes we can propagate the repaint to the ancestor with outline.
1882
1883         (WebCore::RenderObject::hasOutlineAutoAncestor):
1884         (WebCore::RenderObject::RenderObjectRareData::RenderObjectRareData):
1885         * rendering/RenderRegion.cpp:
1886         (WebCore::RenderRegion::overflowRectForFlowThreadPortion):
1887         * rendering/RenderReplaced.cpp:
1888         (WebCore::RenderReplaced::shouldPaint): Deleted.
1889         (WebCore::RenderReplaced::clippedOverflowRectForRepaint): Deleted.
1890         * rendering/RenderTable.cpp:
1891         (WebCore::RenderTable::paint): Deleted.
1892         * rendering/RenderTableCell.cpp:
1893         (WebCore::RenderTableCell::clippedOverflowRectForRepaint): Deleted.
1894         (WebCore::RenderTableCell::paintCollapsedBorders): Deleted.
1895         * rendering/RenderTableRow.cpp:
1896         (WebCore::RenderTableRow::layout):
1897         (WebCore::RenderTableRow::clippedOverflowRectForRepaint): Deleted.
1898         * rendering/RenderTableSection.cpp:
1899         (WebCore::RenderTableSection::layoutRows):
1900         (WebCore::RenderTableSection::computeOverflowFromCells): Deleted.
1901         (WebCore::RenderTableSection::paintObject): Deleted.
1902         * rendering/RenderTheme.h:
1903         (WebCore::RenderTheme::platformFocusRingWidth):
1904         * rendering/RenderView.cpp:
1905         (WebCore::RenderView::setMaximalOutlineSize): Deleted.
1906         * rendering/RenderView.h:
1907         * rendering/style/RenderStyle.cpp:
1908         (WebCore::RenderStyle::changeAffectsVisualOverflow):
1909         (WebCore::RenderStyle::outlineWidth):
1910         * rendering/style/RenderStyle.h:
1911
1912 2016-02-06  Andreas Kling  <akling@apple.com>
1913
1914         [iOS] Throw away linked code when navigating to a new page.
1915         <https://webkit.org/b/153851>
1916
1917         Reviewed by Gavin Barraclough.
1918
1919         When navigating to a new page, tell JSC to throw out any linked code it has lying around.
1920         Linked code is tied to a specific global object, and as we're creating a new one for the
1921         new page, none of it is useful to us here.
1922
1923         In the event that the user navigates back, the cost of relinking some code will be far
1924         lower than the memory cost of keeping all of it around.
1925
1926         This landed previously but was rolled out due to a Speedometer regression. I've made one
1927         minor but important change here: only throw away code if we're navigating away from an
1928         existing history item. Or in other words, don't throw away code for "force peeks" or any
1929         other navigations that are not traditional top-level main frame navigations.
1930
1931         * bindings/js/GCController.cpp:
1932         (WebCore::GCController::deleteAllLinkedCode):
1933         * bindings/js/GCController.h:
1934         * loader/FrameLoader.cpp:
1935         (WebCore::FrameLoader::commitProvisionalLoad):
1936
1937 2016-02-06  Konstantin Tokarev  <annulen@yandex.ru>
1938
1939         Added implementations of AXObjectCache methods for !HAVE(ACCESSIBILITY).
1940         https://bugs.webkit.org/show_bug.cgi?id=153924
1941
1942         Reviewed by Andreas Kling.
1943
1944         No new tests needed.
1945
1946         * accessibility/AXObjectCache.h:
1947         (WebCore::AXObjectCache::ariaModalNode): Added stub implementation.
1948         (WebCore::AXObjectCache::postLiveRegionChangeNotification): Ditto.
1949         (WebCore::AXObjectCache::rangeForNodeContents): Ditto.
1950         (WebCore::AXObjectCache::setIsSynchronizingSelection): Ditto.
1951         (WebCore::AXObjectCache::setTextSelectionIntent): Ditto.
1952         (WebCore::AXAttributeCacheEnabler::AXAttributeCacheEnabler): Ditto.
1953         (WebCore::AXAttributeCacheEnabler::~AXAttributeCacheEnabler): Ditto.
1954
1955 2016-02-04  Antti Koivisto  <antti@apple.com>
1956
1957         Use scope stack instead of nested TreeResolvers for shadow trees
1958         https://bugs.webkit.org/show_bug.cgi?id=153893
1959
1960         Reviewed by Andreas Kling.
1961
1962         Make TreeResolver per-document. This is a step towards iterative style resolve.
1963
1964         This is done replacing use of nested TreeResolvers with a scope stack that maintains
1965         the style resolver and the selector filter for the current tree scope.
1966
1967         * style/StyleTreeResolver.cpp:
1968         (WebCore::Style::ensurePlaceholderStyle):
1969         (WebCore::Style::TreeResolver::Scope::Scope):
1970         (WebCore::Style::TreeResolver::TreeResolver):
1971         (WebCore::Style::shouldCreateRenderer):
1972         (WebCore::Style::TreeResolver::styleForElement):
1973         (WebCore::Style::TreeResolver::createRenderTreeForShadowRoot):
1974         (WebCore::Style::TreeResolver::createRenderTreeForSlotAssignees):
1975         (WebCore::Style::TreeResolver::createRenderTreeRecursively):
1976         (WebCore::Style::TreeResolver::resolveLocally):
1977         (WebCore::Style::TreeResolver::resolveShadowTree):
1978         (WebCore::Style::TreeResolver::resolveBeforeOrAfterPseudoElement):
1979         (WebCore::Style::TreeResolver::resolveChildren):
1980         (WebCore::Style::TreeResolver::resolveSlotAssignees):
1981         (WebCore::Style::TreeResolver::resolveRecursively):
1982         (WebCore::Style::TreeResolver::resolve):
1983         (WebCore::Style::detachRenderTree):
1984         * style/StyleTreeResolver.h:
1985         (WebCore::Style::TreeResolver::scope):
1986         (WebCore::Style::TreeResolver::pushScope):
1987         (WebCore::Style::TreeResolver::pushEnclosingScope):
1988         (WebCore::Style::TreeResolver::popScope):
1989
1990 2016-02-06  Commit Queue  <commit-queue@webkit.org>
1991
1992         Unreviewed, rolling out r196104.
1993         https://bugs.webkit.org/show_bug.cgi?id=153940
1994
1995         Regressed Speedometer on iOS (Requested by kling on #webkit).
1996
1997         Reverted changeset:
1998
1999         "[iOS] Throw away linked code when navigating to a new page."
2000         https://bugs.webkit.org/show_bug.cgi?id=153851
2001         http://trac.webkit.org/changeset/196104
2002
2003 2016-02-05  Beth Dakin  <bdakin@apple.com>
2004
2005         ScrollbarPainters needs to be deallocated on the main thread
2006         https://bugs.webkit.org/show_bug.cgi?id=153932
2007         -and corresponding-
2008         rdar://problem/24015483
2009
2010         Reviewed by Geoff Garen.
2011
2012         Follow-up fix since the first one was still race-y.
2013         * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
2014         (WebCore::ScrollingTreeFrameScrollingNodeMac::~ScrollingTreeFrameScrollingNodeMac):
2015         (WebCore::ScrollingTreeFrameScrollingNodeMac::updateBeforeChildren):
2016
2017 2016-02-05  Beth Dakin  <bdakin@apple.com>
2018
2019         ScrollbarPainters needs to be deallocated on the main thread
2020         https://bugs.webkit.org/show_bug.cgi?id=153932
2021         -and corresponding-
2022         rdar://problem/24015483
2023
2024         Reviewed by Tim Horton.
2025
2026         Ensure the the destructor of ScrollingTreeFrameScrollingNodeMac and the 
2027         assignments done in this class are not responsible for deallocating the 
2028         ScrollbarPainter. 
2029         * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
2030         (WebCore::ScrollingTreeFrameScrollingNodeMac::~ScrollingTreeFrameScrollingNodeMac):
2031         (WebCore::ScrollingTreeFrameScrollingNodeMac::updateBeforeChildren):
2032
2033 2016-02-05  Chris Dumez  <cdumez@apple.com>
2034
2035         Instance property getters / setters cannot be called on another instance of the same type
2036         https://bugs.webkit.org/show_bug.cgi?id=153895
2037
2038         Reviewed by Gavin Barraclough.
2039
2040         It should be possible to call instance property getters / setters on
2041         other instances of the same type, as per the WEB IDL specification:
2042         - http://heycam.github.io/webidl/#dfn-attribute-getter
2043         - http://heycam.github.io/webidl/#dfn-attribute-setter
2044
2045         This matches the behavior of Firefox.
2046
2047         The issue without our bindings was that the getters / setters were
2048         using |slotBase| instead of |thisValue| and therefore ended up using
2049         the instance the getter was taken from instead of the actual target
2050         object.
2051
2052         Test:
2053         js/instance-property-getter-other-instance.html
2054         js/instance-property-setter-other-instance.html
2055
2056         * bindings/scripts/CodeGeneratorJS.pm:
2057         (GenerateImplementation):
2058         - Have instance getters / setters use thisValue instead of slotBase.
2059         - In the case of interfaces that have attributes on the instance for
2060           compatibility reasons, try the prototype object if |thisValue| does
2061           does have the right type, instead of using slotBase like previously.
2062           I believe this maintains the original compatibility intention while
2063           also behaving correctly when called on another instance.
2064
2065         * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
2066         * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
2067         * bindings/scripts/test/JS/JSTestException.cpp:
2068         * bindings/scripts/test/JS/JSTestInterface.cpp:
2069         * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
2070         * bindings/scripts/test/JS/JSTestNode.cpp:
2071         * bindings/scripts/test/JS/JSTestNondeterministic.cpp:
2072         * bindings/scripts/test/JS/JSTestObj.cpp:
2073         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
2074         * bindings/scripts/test/JS/JSTestTypedefs.cpp:
2075         * bindings/scripts/test/JS/JSattribute.cpp:
2076         Rebaseline bindings tests.
2077
2078 2016-02-05  Brady Eidson  <beidson@apple.com>
2079
2080         Modern IDB: UniqueIDBDatabase's m_databaseInfo is unsafely used from multiple threads.
2081         https://bugs.webkit.org/show_bug.cgi?id=153912
2082
2083         Reviewed by Alex Christensen.
2084
2085         No new tests (Anything testable about this patch is already covered by existing tests).
2086
2087         * Modules/indexeddb/server/IDBBackingStore.h:
2088
2089         * Modules/indexeddb/server/MemoryIDBBackingStore.cpp:
2090         (WebCore::IDBServer::MemoryIDBBackingStore::infoForObjectStore):
2091         * Modules/indexeddb/server/MemoryIDBBackingStore.h:
2092
2093         Teach the SQLiteIDBBackingStore to actually keep its m_databaseInfo up to date as it changes,
2094         and to revert it when version change transactions abort:
2095         * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
2096         (WebCore::IDBServer::SQLiteIDBBackingStore::beginTransaction):
2097         (WebCore::IDBServer::SQLiteIDBBackingStore::abortTransaction):
2098         (WebCore::IDBServer::SQLiteIDBBackingStore::commitTransaction):
2099         (WebCore::IDBServer::SQLiteIDBBackingStore::createObjectStore):
2100         (WebCore::IDBServer::SQLiteIDBBackingStore::deleteObjectStore):
2101         (WebCore::IDBServer::SQLiteIDBBackingStore::createIndex):
2102         (WebCore::IDBServer::SQLiteIDBBackingStore::deleteIndex):
2103         (WebCore::IDBServer::SQLiteIDBBackingStore::infoForObjectStore):
2104         * Modules/indexeddb/server/SQLiteIDBBackingStore.h:
2105
2106         * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
2107         (WebCore::IDBServer::UniqueIDBDatabase::performPutOrAdd): Use the IDBBackingStore's copy of the 
2108           IDBObjectStoreInfo, meant only for the database thread, instead of the UniqueIDBDatabase's copy, 
2109           which is meant only for the main thread.
2110
2111 2016-02-05  Alex Christensen  <achristensen@webkit.org>
2112
2113         Clean up Blob code
2114         https://bugs.webkit.org/show_bug.cgi?id=153910
2115
2116         Reviewed by Alexey Proskuryakov.
2117
2118         No new tests, no change in behavior.
2119
2120         * css/StyleSheet.h:
2121         * fileapi/Blob.cpp:
2122         (WebCore::Blob::Blob):
2123         (WebCore::Blob::normalizedContentType):
2124         (WebCore::Blob::isNormalizedContentType):
2125         (WebCore::Blob::registry):
2126         * fileapi/Blob.h:
2127         * fileapi/BlobURL.cpp:
2128         (WebCore::BlobURL::createPublicURL):
2129         * fileapi/BlobURL.h:
2130         (WebCore::BlobURL::BlobURL):
2131         (WebCore::BlobURL::blobProtocol): Deleted.
2132         * platform/PlatformStrategies.cpp:
2133         (WebCore::setPlatformStrategies):
2134         (WebCore::hasPlatformStrategies): Deleted.
2135         * platform/PlatformStrategies.h:
2136         * platform/network/BlobRegistry.cpp:
2137         (WebCore::blobRegistry):
2138         * platform/network/BlobRegistry.h:
2139         * platform/network/BlobRegistryImpl.cpp:
2140         (WebCore::BlobRegistryImpl::~BlobRegistryImpl):
2141         (WebCore::createResourceHandle):
2142         (WebCore::registerBlobResourceHandleConstructor):
2143         (WebCore::BlobRegistryImpl::createResourceHandle):
2144         (WebCore::BlobRegistryImpl::appendStorageItems):
2145         (WebCore::BlobRegistryImpl::registerFileBlobURL):
2146         (WebCore::BlobRegistryImpl::registerBlobURL):
2147         * platform/network/BlobRegistryImpl.h:
2148         * platform/network/BlobResourceHandle.cpp:
2149         (WebCore::BlobResourceHandle::loadResourceSynchronously):
2150         (WebCore::BlobResourceHandle::BlobResourceHandle):
2151         * platform/network/ResourceHandle.h:
2152
2153 2016-02-05  Carlos Garcia Campos  <cgarcia@igalia.com>
2154
2155         [GTK] Scrollbars incorrectly rendered with older versions of GTK+
2156         https://bugs.webkit.org/show_bug.cgi?id=153861
2157
2158         Reviewed by Michael Catanzaro.
2159
2160         The theme doesn't really know it's a scrollbar. Older versions of
2161         GTK+ require to explicitly add the scrollbar style class to the
2162         child GtkStyleContext.
2163
2164         * platform/gtk/ScrollbarThemeGtk.cpp:
2165         (WebCore::createChildStyleContext):
2166
2167 2016-02-05  Carlos Garcia Campos  <cgarcia@igalia.com>
2168
2169         [GTK] Scrollbars not correctly rendered in non GNOME environments
2170         https://bugs.webkit.org/show_bug.cgi?id=153860
2171
2172         Reviewed by Michael Catanzaro.
2173
2174         I noticed this in a matchbox environment, where there's no
2175         gnome-setting-daemon running. The problem is only with the
2176         scrollbars, because we initialize the GtkSettings in
2177         RenderThemeGtk and notify the ScrollbarTheme when it changes, but
2178         ScrollbarTheme is created before RenderThemeGtk so we initialize
2179         the theme properties before the GtkSettings have been
2180         initialized. We can just let the ScrollbarTheme monitor the
2181         theme itself instead of relying on being notified by the WebCore
2182         layer.
2183
2184         * platform/gtk/ScrollbarThemeGtk.cpp:
2185         (WebCore::themeChangedCallback):
2186         (WebCore::ScrollbarThemeGtk::ScrollbarThemeGtk):
2187         * rendering/RenderThemeGtk.cpp:
2188         (WebCore::gtkStyleChangedCallback): Deleted.
2189
2190 2016-02-05  Youenn Fablet  <youenn.fablet@crf.canon.fr>
2191
2192         Remove DOMWrapped parameter from JSKeyValueIterator
2193         https://bugs.webkit.org/show_bug.cgi?id=153859
2194
2195         Reviewed by Sam Weinig.
2196
2197         No change in behavior.
2198
2199         Using std::declval to infer DOMWrapped from JSWrapper::wrapped.
2200
2201         * bindings/js/JSFetchHeadersCustom.cpp:
2202         (WebCore::JSFetchHeaders::entries):
2203         (WebCore::JSFetchHeaders::keys):
2204         (WebCore::JSFetchHeaders::values):
2205         * bindings/js/JSKeyValueIterator.h:
2206         (WebCore::createIterator):
2207         (WebCore::JSKeyValueIterator<JSWrapper>::destroy):
2208         (WebCore::JSKeyValueIterator<JSWrapper>::next):
2209         (WebCore::JSKeyValueIteratorPrototypeFunctionNext):
2210         (WebCore::JSKeyValueIteratorPrototype<JSWrapper>::finishCreation):
2211
2212 2016-02-05  Nan Wang  <n_wang@apple.com>
2213
2214         AX: WebKit hanging when VoiceOver attempts to focus in on page
2215         https://bugs.webkit.org/show_bug.cgi?id=153899
2216         <rdar://problem/24506603>
2217
2218         Reviewed by Chris Fleizach.
2219
2220         The VisiblePosition to CharacterOffset conversion will lead to an infinite loop if the
2221         nextVisiblePostion call is returning the original VisiblePosition. Fixed it by breaking out
2222         of the loop early in that situation. 
2223
2224         Test: accessibility/text-marker/character-offset-visible-position-conversion-hang.html
2225
2226         * accessibility/AXObjectCache.cpp:
2227         (WebCore::AXObjectCache::characterOffsetFromVisiblePosition):
2228
2229 2016-02-04  Joseph Pecoraro  <pecoraro@apple.com>
2230
2231         Web Inspector: InspectorTimelineAgent doesn't need to recompile functions because it now uses the sampling profiler
2232         https://bugs.webkit.org/show_bug.cgi?id=153500
2233         <rdar://problem/24352458>
2234
2235         Reviewed by Timothy Hatcher.
2236
2237         * bindings/js/JSDOMWindowBase.cpp:
2238         (WebCore::JSDOMWindowBase::supportsLegacyProfiling):
2239         (WebCore::JSDOMWindowBase::supportsRichSourceInfo):
2240         (WebCore::JSDOMWindowBase::supportsProfiling): Deleted.
2241         * bindings/js/JSDOMWindowBase.h:
2242         * bindings/js/JSWorkerGlobalScopeBase.cpp:
2243         (WebCore::JSWorkerGlobalScopeBase::supportsLegacyProfiling):
2244         (WebCore::JSWorkerGlobalScopeBase::supportsProfiling): Deleted.
2245         * bindings/js/JSWorkerGlobalScopeBase.h:
2246         * inspector/InspectorController.h:
2247         * inspector/InspectorController.cpp:
2248         (WebCore::InspectorController::legacyProfilerEnabled):
2249         (WebCore::InspectorController::setLegacyProfilerEnabled):
2250         Be more explicit about enabling legacy profiling.
2251
2252         * inspector/InspectorTimelineAgent.cpp:
2253         (WebCore::InspectorTimelineAgent::willDestroyFrontendAndBackend):
2254         (WebCore::InspectorTimelineAgent::didCreateFrontendAndBackend): Deleted.
2255         TimelineAgent doesn't need to recompile if using the sampling profiler.
2256         This breaks console.profile, but console.profile should move to using
2257         the sampling profiler as well.
2258
2259         (WebCore::InspectorTimelineAgent::startFromConsole):
2260         (WebCore::InspectorTimelineAgent::stopFromConsole):
2261         (WebCore::startProfiling): Deleted.
2262         (WebCore::stopProfiling): Deleted.
2263         Inlined the use once static functions.
2264
2265         * page/PageConsoleClient.cpp:
2266         (WebCore::PageConsoleClient::profile):
2267         (WebCore::PageConsoleClient::profileEnd):
2268         Added FIXMEs for improving console.profile and profileEnd.
2269
2270         * testing/Internals.cpp:
2271         (WebCore::Internals::resetToConsistentState):
2272         (WebCore::Internals::setLegacyJavaScriptProfilingEnabled):
2273         (WebCore::Internals::setJavaScriptProfilingEnabled): Deleted.
2274         * testing/Internals.h:
2275         * testing/Internals.idl:
2276         Be more explicit about enabling legacy profiling.
2277
2278 2016-02-04  Brent Fulgham  <bfulgham@apple.com>
2279
2280         Follow-up: Add "WebKit built-in PDF" Plugin to set of publicly visible plugins
2281         https://bugs.webkit.org/show_bug.cgi?id=153657
2282         <rdar://problem/24413107>
2283
2284         Reviewed by Darin Adler.
2285
2286         * plugins/PluginData.cpp:
2287         (WebCore::shouldBePubliclyVisible): Revise comments to provide a
2288         better explanation of the function and why it exists.
2289
2290 2016-02-04  Jonathan Davis  <jond@apple.com>
2291
2292         Add Fetch API and CSS Variables to feature status
2293         https://bugs.webkit.org/show_bug.cgi?id=153896
2294
2295         Reviewed by Timothy Hatcher.
2296
2297         * features.json:
2298
2299 2016-02-04  Daniel Bates  <dabates@apple.com>
2300
2301         WebKit for iOS Simulator fails to build with public iOS SDK
2302         https://bugs.webkit.org/show_bug.cgi?id=153881
2303
2304         Reviewed by Alex Christensen.
2305
2306         Make constants have internal linkage to match the Apple Internal SDK.
2307
2308         * platform/spi/ios/MobileGestaltSPI.h:
2309
2310 2016-02-04  Chris Dumez  <cdumez@apple.com>
2311
2312         Object.getOwnPropertyDescriptor() returns incomplete descriptor for instance properties
2313         https://bugs.webkit.org/show_bug.cgi?id=153817
2314
2315         Reviewed by Geoffrey Garen.
2316
2317         Update the bindings generator so that property getters / setters now
2318         make sure |this| has the right type and throw a TypeError if it does
2319         not, as per:
2320         - http://heycam.github.io/webidl/#dfn-attribute-getter (step 2.4.2)
2321         - http://heycam.github.io/webidl/#dfn-attribute-setter (step 3.5)
2322
2323         This was an issue when doing something like:
2324         Object.getOwnPropertyDescriptor(window, "location").get.call(nonWindow)
2325
2326         We would call toJSDOMWindow(thisValue), which would return null as
2327         thisValue is not a JSDOMWindow. We would then dereference this null
2328         pointer and crash. We now do a null check and throw a TypeError in
2329         this case, as per the Web IDL specification.
2330
2331         The generated bindings still have some non-spec compliant behavior
2332         though:
2333         1. The getters / setters of instance properties use slotBase instead
2334            of thisValue, which means that calling instanceA's getter on
2335            instanceB returns instanceA's property insteas of instanceB's.
2336         2. Global object property getters should not require an explicit
2337            |this| so calling the following should work:
2338            - Object.getOwnPropertyDescriptor(window, "location").get.call()
2339            We currently throw in this case.
2340
2341         These issues will be addressed in follow-up patches.
2342
2343         Tests: js/getOwnPropertyDescriptor-unforgeable-attributes.html
2344                js/getOwnPropertyDescriptor-window-attributes.html
2345                js/instance-property-getter-other-instance.html
2346
2347         * bindings/scripts/CodeGeneratorJS.pm:
2348         (GenerateImplementation):
2349         * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
2350         (WebCore::jsTestActiveDOMObjectExcitingAttr):
2351         * bindings/scripts/test/JS/JSTestException.cpp:
2352         (WebCore::jsTestExceptionName):
2353         * bindings/scripts/test/JS/JSTestObj.cpp:
2354         (WebCore::jsTestObjConstructorTestSubObj):
2355         (WebCore::jsTestObjTestSubObjEnabledBySettingConstructor):
2356         (WebCore::jsTestObjConditionalAttr4Constructor):
2357         (WebCore::jsTestObjConditionalAttr5Constructor):
2358         (WebCore::jsTestObjConditionalAttr6Constructor):
2359         (WebCore::jsTestObjContentDocument):
2360         (WebCore::setJSTestObjTestSubObjEnabledBySettingConstructor):
2361         (WebCore::setJSTestObjConditionalAttr4Constructor):
2362         (WebCore::setJSTestObjConditionalAttr5Constructor):
2363         (WebCore::setJSTestObjConditionalAttr6Constructor):
2364         (WebCore::setJSTestObjConstructor): Deleted.
2365         (WebCore::setJSTestObjConstructorStaticStringAttr): Deleted.
2366         (WebCore::setJSTestObjConditionalAttr3): Deleted.
2367         * bindings/scripts/test/JS/JSTestTypedefs.cpp:
2368         (WebCore::jsTestTypedefsConstructorTestSubObj):
2369
2370 2016-02-04  Brady Eidson  <beidson@apple.com>
2371
2372         Modern IDB: LayoutTest imported/w3c/indexeddb/keyorder-private.html is flaky.
2373         https://bugs.webkit.org/show_bug.cgi?id=153438.
2374
2375         Reviewed by Alex Christensen.
2376
2377         Tests: storage/indexeddb/modern/idbkey-array-equality-private.html
2378                storage/indexeddb/modern/idbkey-array-equality.html
2379
2380         * Modules/indexeddb/IDBKeyData.cpp:
2381         (WebCore::IDBKeyData::loggingString):
2382         (WebCore::IDBKeyData::operator==): Fix obvious bug.
2383
2384 2016-02-04  Chris Dumez  <cdumez@apple.com>
2385
2386         Unreviewed, fix the EFL clean build after r196123
2387         https://bugs.webkit.org/show_bug.cgi?id=153875
2388
2389         * CMakeLists.txt:
2390         * PlatformGTK.cmake:
2391         * PlatformMac.cmake:
2392         * html/DOMSettableTokenList.h:
2393         * html/DOMSettableTokenList.idl:
2394
2395 2016-02-04  Eric Carlson  <eric.carlson@apple.com>
2396
2397         PageGroup::captionPreferences should return a reference
2398         https://bugs.webkit.org/show_bug.cgi?id=153877
2399         <rdar://problem/24506917>
2400
2401         Reviewed by Jer Noble.
2402
2403         No new tests, no functional change.
2404
2405         * Modules/mediacontrols/MediaControlsHost.cpp:
2406         (WebCore::MediaControlsHost::sortedTrackListForMenu):
2407         (WebCore::MediaControlsHost::displayNameForTrack):
2408         (WebCore::MediaControlsHost::captionMenuOffItem):
2409         (WebCore::MediaControlsHost::captionDisplayMode):
2410         * dom/Document.cpp:
2411         (WebCore::Document::registerForCaptionPreferencesChangedCallbacks):
2412         * html/HTMLMediaElement.cpp:
2413         (WebCore::HTMLMediaElement::HTMLMediaElement):
2414         (WebCore::HTMLMediaElement::addTextTrack):
2415         (WebCore::HTMLMediaElement::configureTextTrackGroup):
2416         (WebCore::HTMLMediaElement::setSelectedTextTrack):
2417         (WebCore::HTMLMediaElement::configureTextTracks):
2418         (WebCore::HTMLMediaElement::captionPreferencesChanged):
2419         (WebCore::HTMLMediaElement::mediaPlayerPreferredAudioCharacteristics):
2420         * html/shadow/MediaControlElements.cpp:
2421         (WebCore::MediaControlClosedCaptionsTrackListElement::updateDisplay):
2422         (WebCore::MediaControlClosedCaptionsTrackListElement::rebuildTrackListMenu):
2423         (WebCore::MediaControlTextTrackContainerElement::updateActiveCuesFontSize):
2424         * page/PageGroup.cpp:
2425         (WebCore::PageGroup::captionPreferencesChanged):
2426         (WebCore::PageGroup::captionPreferences):
2427         * page/PageGroup.h:
2428         * platform/cocoa/WebVideoFullscreenModelVideoElement.mm:
2429         (WebVideoFullscreenModelVideoElement::updateLegibleOptions):
2430         * testing/InternalSettings.cpp:
2431         (WebCore::InternalSettings::setShouldDisplayTrackKind):
2432         (WebCore::InternalSettings::shouldDisplayTrackKind):
2433         * testing/Internals.cpp:
2434         (WebCore::Internals::resetToConsistentState):
2435         (WebCore::Internals::Internals):
2436         (WebCore::Internals::userPreferredAudioCharacteristics):
2437         (WebCore::Internals::setUserPreferredAudioCharacteristic):
2438         (WebCore::Internals::captionsStyleSheetOverride):
2439         (WebCore::Internals::setCaptionsStyleSheetOverride):
2440         (WebCore::Internals::setPrimaryAudioTrackLanguageOverride):
2441         (WebCore::Internals::setCaptionDisplayMode):
2442
2443 2016-02-04  Konstantin Tokarev  <annulen@yandex.ru>
2444
2445         Removed unused Settings::setPrivateBrowsingEnabled.
2446         https://bugs.webkit.org/show_bug.cgi?id=153869
2447
2448         Reviewed by Alexey Proskuryakov.
2449
2450         Implementation of Settings::setPrivateBrowsingEnabled was removed
2451         in r166661, but declaration is still here.
2452
2453         No new tests needed.
2454
2455         * page/Settings.h:
2456         (WebCore::Settings::setPrivateBrowsingEnabled): Deleted.
2457
2458 2016-02-04  Eric Carlson  <eric.carlson@apple.com>
2459
2460         Don't discard in-band cues with negative start times
2461         https://bugs.webkit.org/show_bug.cgi?id=153867
2462         <rdar://problem/19588632>
2463
2464         Reviewed by Jer Noble.
2465
2466         No new tests, updated and un-skipped http/tests/media/track-in-band-hls-metadata.html.
2467
2468         * platform/graphics/avfoundation/InbandMetadataTextTrackPrivateAVF.cpp:
2469         (WebCore::InbandMetadataTextTrackPrivateAVF::addDataCue):  ASSERT if passed negative time value.
2470         (WebCore::InbandMetadataTextTrackPrivateAVF::updatePendingCueEndTimes): Ditto. Correct logging.
2471
2472         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
2473         (WebCore::MediaPlayerPrivateAVFoundationObjC::processCue): ASSERT if passed negative time value.
2474         (WebCore::MediaPlayerPrivateAVFoundationObjC::metadataDidArrive): Convert negative cue times to zero.
2475         (-[WebCoreAVFMovieObserver legibleOutput:didOutputAttributedStrings:nativeSampleBuffers:forItemTime:]):
2476           Ditto.
2477
2478 2016-02-04  Hyemi Shin  <hyemi.sin@samsung.com>
2479
2480         Specify an exception for createChannelMerger, createChannelSplitter and createPeriodicWave
2481         https://bugs.webkit.org/show_bug.cgi?id=150925
2482
2483         Reviewed by Darin Adler.
2484
2485         createChannelMerger and createChannelSplitter should throw INDEX_SIZE_ERR
2486         for invalid numberOfInputs value.
2487         createPeriodicWave should throw INDEX_SIZE_ERR for invalid lengths of parameters.
2488
2489         Tests: webaudio/audiochannelmerger-basic.html
2490                webaudio/audiochannelsplitter.html
2491                webaudio/periodicwave-lengths.html
2492
2493         * Modules/webaudio/AudioContext.cpp:
2494         (WebCore::AudioContext::createChannelSplitter):
2495         (WebCore::AudioContext::createChannelMerger):
2496         (WebCore::AudioContext::createPeriodicWave):
2497
2498 2016-02-04  Youenn Fablet  <youenn.fablet@crf.canon.fr>
2499
2500         [Fetch API] Add support for iterating over Headers
2501         https://bugs.webkit.org/show_bug.cgi?id=153787
2502
2503         Reviewed by Darin Adler.
2504
2505         Relanding, updating bindings/js/JSKeyValueIterator.h for Windows bots.
2506
2507         Covered by updated tests.
2508         Introducing template class (JSKeyValueIterator) to support key-value iterators in DOM classes.
2509         Using JSKeyValueIterator to implement Headers entries(), keys() and values() as custom methods.
2510         Binding generator should be updated to generate directly these custom methods and handle iterator Symbol.
2511
2512         * CMakeLists.txt:
2513         * Modules/fetch/FetchHeaders.cpp:
2514         (WebCore::FetchHeaders::Iterator::next):
2515         (WebCore::FetchHeaders::Iterator::Iterator):
2516         * Modules/fetch/FetchHeaders.h:
2517         (WebCore::FetchHeaders::createIterator):
2518         * Modules/fetch/FetchHeaders.idl:
2519         * WebCore.xcodeproj/project.pbxproj:
2520         * bindings/js/JSBindingsAllInOne.cpp:
2521         * bindings/js/JSDOMBinding.h:
2522         (WebCore::jsPair):
2523         * bindings/js/JSFetchHeadersCustom.cpp: Added.
2524         (WebCore::JSFetchHeaders::entries):
2525         (WebCore::JSFetchHeaders::keys):
2526         (WebCore::JSFetchHeaders::values):
2527         * bindings/js/JSKeyValueIterator.h: Added.
2528         (WebCore::JSKeyValueIteratorPrototype::create):
2529         (WebCore::JSKeyValueIteratorPrototype::createStructure):
2530         (WebCore::JSKeyValueIteratorPrototype::JSKeyValueIteratorPrototype):
2531         (WebCore::createIterator):
2532         (WebCore::DOMWrapped>::destroy):
2533         (WebCore::DOMWrapped>::next):
2534         (WebCore::DOMWrapped>::finishCreation):
2535
2536 2016-02-04  Chris Dumez  <cdumez@apple.com>
2537
2538         Merge DOMTokenList and DOMSettableTokenList
2539         https://bugs.webkit.org/show_bug.cgi?id=153677
2540         <rdar://problem/24419675>
2541
2542         Reviewed by Sam Weinig.
2543
2544         Merge DOMTokenList and DOMSettableTokenList, as per a recent
2545         specification change:
2546         - https://github.com/whatwg/dom/pull/120
2547         - https://github.com/whatwg/html/issues/361
2548
2549         No new tests, already covered by existing tests.
2550
2551         * CMakeLists.txt:
2552         * DerivedSources.cpp:
2553         * WebCore.vcxproj/WebCore.vcxproj:
2554         * WebCore.vcxproj/WebCore.vcxproj.filters:
2555         * WebCore.xcodeproj/project.pbxproj:
2556         * dom/Element.idl:
2557         * dom/Node.h:
2558         * dom/NodeRareData.h:
2559         * html/AttributeDOMTokenList.h:
2560         * html/DOMSettableTokenList.cpp: Removed.
2561         * html/DOMSettableTokenList.h:
2562         * html/DOMSettableTokenList.idl:
2563         * html/DOMTokenList.cpp:
2564         (WebCore::DOMTokenList::setValue):
2565         * html/DOMTokenList.h:
2566         * html/DOMTokenList.idl:
2567         * html/HTMLAnchorElement.idl:
2568         * html/HTMLAreaElement.idl:
2569         * html/HTMLElement.cpp:
2570         * html/HTMLElement.idl:
2571         * html/HTMLIFrameElement.cpp:
2572         (WebCore::HTMLIFrameElement::sandbox):
2573         * html/HTMLIFrameElement.h:
2574         * html/HTMLIFrameElement.idl:
2575         * html/HTMLLinkElement.cpp:
2576         (WebCore::HTMLLinkElement::sizes):
2577         * html/HTMLLinkElement.h:
2578         * html/HTMLLinkElement.idl:
2579         * html/HTMLOutputElement.cpp:
2580         (WebCore::HTMLOutputElement::htmlFor):
2581         * html/HTMLOutputElement.h:
2582         * html/HTMLOutputElement.idl:
2583         * html/HTMLTableCellElement.idl:
2584         * page/DOMWindow.cpp:
2585         * page/DOMWindow.idl:
2586
2587 2016-02-04  Youenn Fablet  <youenn.fablet@crf.canon.fr>
2588
2589         Unreviewed.
2590         Reverting r196115 and r19116, related tohttps://bugs.webkit.org/show_bug.cgi?id=153787.
2591
2592 2016-02-04  Alejandro G. Castro  <alex@igalia.com>
2593
2594         [GTK] Implement mediastream mediaplayer
2595         https://bugs.webkit.org/show_bug.cgi?id=153541
2596
2597         Reviewed by Martin Robinson.
2598
2599         Added the implementation of the mediaplayer for the
2600         mediastream. The code was implemented by Philippe Normand and
2601         Alessandro Decina.
2602
2603         * PlatformGTK.cmake: Added the file to the compilation.
2604         * html/HTMLMediaElement.cpp:
2605         (WebCore::HTMLMediaElement::setSrcObject): Set the src of the
2606         media element to the mediastream.
2607         * platform/graphics/MediaPlayer.cpp:
2608         (WebCore::buildMediaEnginesVector): Register the mediastream
2609         mediaplayer as an option in the media engines vector.
2610         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerOwr.cpp: Added.
2611         (WebCore::MediaPlayerPrivateGStreamerOwr::MediaPlayerPrivateGStreamerOwr):
2612         (WebCore::MediaPlayerPrivateGStreamerOwr::~MediaPlayerPrivateGStreamerOwr):
2613         (WebCore::MediaPlayerPrivateGStreamerOwr::play):
2614         (WebCore::MediaPlayerPrivateGStreamerOwr::pause):
2615         (WebCore::MediaPlayerPrivateGStreamerOwr::hasVideo):
2616         (WebCore::MediaPlayerPrivateGStreamerOwr::hasAudio):
2617         (WebCore::MediaPlayerPrivateGStreamerOwr::currentTime):
2618         (WebCore::MediaPlayerPrivateGStreamerOwr::load):
2619         (WebCore::MediaPlayerPrivateGStreamerOwr::loadingFailed):
2620         (WebCore::MediaPlayerPrivateGStreamerOwr::didLoadingProgress):
2621         (WebCore::MediaPlayerPrivateGStreamerOwr::internalLoad):
2622         (WebCore::MediaPlayerPrivateGStreamerOwr::stop):
2623         (WebCore::MediaPlayerPrivateGStreamerOwr::registerMediaEngine):
2624         (WebCore::MediaPlayerPrivateGStreamerOwr::getSupportedTypes):
2625         (WebCore::MediaPlayerPrivateGStreamerOwr::supportsType):
2626         (WebCore::MediaPlayerPrivateGStreamerOwr::isAvailable):
2627         (WebCore::MediaPlayerPrivateGStreamerOwr::createGSTAudioSinkBin):
2628         (WebCore::MediaPlayerPrivateGStreamerOwr::sourceStopped):
2629         (WebCore::MediaPlayerPrivateGStreamerOwr::sourceMutedChanged):
2630         (WebCore::MediaPlayerPrivateGStreamerOwr::sourceSettingsChanged):
2631         (WebCore::MediaPlayerPrivateGStreamerOwr::preventSourceFromStopping):
2632         (WebCore::MediaPlayerPrivateGStreamerOwr::createVideoSink):
2633         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerOwr.h: Added.
2634         (WebCore::MediaPlayerPrivateGStreamerOwr::engineDescription):
2635         (WebCore::MediaPlayerPrivateGStreamerOwr::load):
2636         (WebCore::MediaPlayerPrivateGStreamerOwr::cancelLoad):
2637         (WebCore::MediaPlayerPrivateGStreamerOwr::prepareToPlay):
2638         (WebCore::MediaPlayerPrivateGStreamerOwr::duration):
2639         (WebCore::MediaPlayerPrivateGStreamerOwr::seek):
2640         (WebCore::MediaPlayerPrivateGStreamerOwr::seeking):
2641         (WebCore::MediaPlayerPrivateGStreamerOwr::setRate):
2642         (WebCore::MediaPlayerPrivateGStreamerOwr::setPreservesPitch):
2643         (WebCore::MediaPlayerPrivateGStreamerOwr::paused):
2644         (WebCore::MediaPlayerPrivateGStreamerOwr::hasClosedCaptions):
2645         (WebCore::MediaPlayerPrivateGStreamerOwr::setClosedCaptionsVisible):
2646         (WebCore::MediaPlayerPrivateGStreamerOwr::maxTimeSeekable):
2647         (WebCore::MediaPlayerPrivateGStreamerOwr::buffered):
2648         (WebCore::MediaPlayerPrivateGStreamerOwr::totalBytes):
2649         (WebCore::MediaPlayerPrivateGStreamerOwr::bytesLoaded):
2650         (WebCore::MediaPlayerPrivateGStreamerOwr::canLoadPoster):
2651         (WebCore::MediaPlayerPrivateGStreamerOwr::setPoster):
2652         (WebCore::MediaPlayerPrivateGStreamerOwr::isLiveStream):
2653         (WebCore::MediaPlayerPrivateGStreamerOwr::audioSink):
2654
2655 2016-02-04  Youenn Fablet  <youenn.fablet@crf.canon.fr>
2656
2657         [Fetch API] Add support for iterating over Headers
2658         https://bugs.webkit.org/show_bug.cgi?id=153787
2659
2660         Reviewed by Darin Adler.
2661
2662         Covered by updated tests.
2663         Introducing template class (JSKeyValueIterator) to support key-value iterators in DOM classes.
2664         Using JSKeyValueIterator to implement Headers entries(), keys() and values() as custom methods.
2665         Binding generator should be updated to generate directly these custom methods and handle iterator Symbol.
2666
2667         * CMakeLists.txt:
2668         * Modules/fetch/FetchHeaders.cpp:
2669         (WebCore::FetchHeaders::Iterator::next):
2670         (WebCore::FetchHeaders::Iterator::Iterator):
2671         * Modules/fetch/FetchHeaders.h:
2672         (WebCore::FetchHeaders::createIterator):
2673         * Modules/fetch/FetchHeaders.idl:
2674         * WebCore.xcodeproj/project.pbxproj:
2675         * bindings/js/JSDOMBinding.h:
2676         (WebCore::jsPair):
2677         * bindings/js/JSBindingsAllInOne.cpp:
2678         * bindings/js/JSFetchHeadersCustom.cpp: Added.
2679         (WebCore::JSFetchHeaders::entries):
2680         (WebCore::JSFetchHeaders::keys):
2681         (WebCore::JSFetchHeaders::values):
2682         * bindings/js/JSKeyValueIterator.h: Added.
2683         (WebCore::JSKeyValueIteratorPrototype::create):
2684         (WebCore::JSKeyValueIteratorPrototype::createStructure):
2685         (WebCore::JSKeyValueIteratorPrototype::JSKeyValueIteratorPrototype):
2686         (WebCore::JSKeyValueIteratorPrototypeFuncNext):
2687
2688 2016-02-03  Carlos Garcia Campos  <cgarcia@igalia.com>
2689
2690         Do not show context menu when right clicking on a scrollbar
2691         https://bugs.webkit.org/show_bug.cgi?id=153493
2692
2693         Reviewed by Michael Catanzaro.
2694
2695         Scrollbars don't currently handle right clicks, but we are showing
2696         the context menu when they are right clicked. This is not desired
2697         at least in GTK+ and I've checked that it isn't consistent with
2698         other applications in Mac either.
2699
2700         Test: fast/events/contextmenu-on-scrollbars.html
2701
2702         * page/EventHandler.cpp:
2703         (WebCore::EventHandler::sendContextMenuEvent):
2704
2705 2016-02-03  Andreas Kling  <akling@apple.com>
2706
2707         [iOS] Throw away linked code when navigating to a new page.
2708         <https://webkit.org/b/153851>
2709
2710         Reviewed by Gavin Barraclough.
2711
2712         When navigating to a new page, tell JSC to throw out any linked code it has lying around.
2713         Linked code is tied to a specific global object, and as we're creating a new one for the
2714         new page, none of it is useful to us here.
2715         In the event that the user navigates back, the cost of relinking some code will be far
2716         lower than the memory cost of keeping all of it around.
2717
2718         * bindings/js/GCController.cpp:
2719         (WebCore::GCController::deleteAllLinkedCode):
2720         * bindings/js/GCController.h:
2721         * loader/FrameLoader.cpp:
2722         (WebCore::FrameLoader::commitProvisionalLoad):
2723
2724 2016-02-03  Alex Christensen  <achristensen@webkit.org>
2725
2726         Report wasBlocked and cannotShowURL errors when using NetworkSession
2727         https://bugs.webkit.org/show_bug.cgi?id=153846
2728
2729         Reviewed by Antti Koivisto.
2730
2731         No new tests, but this fixes http/tests/xmlhttprequest/redirect-cross-origin-2.html
2732         when using NetworkSession.
2733
2734         * platform/URL.h:
2735         WEBCORE_EXPORT because we are using portAllowed in WebKit2 now.
2736
2737 2016-02-03  Jer Noble  <jer.noble@apple.com>
2738
2739         iOS build fix after Yosemite build fix broke iOS build.
2740
2741         * platform/network/cocoa/WebCoreNSURLSession.h:
2742         * platform/network/cocoa/WebCoreNSURLSession.mm:
2743
2744 2016-02-03  Beth Dakin  <bdakin@apple.com>
2745
2746         Accepted candidates should not be autocorrected
2747         https://bugs.webkit.org/show_bug.cgi?id=153813
2748         -and corresponding-
2749         rdar://problem/24066924
2750
2751         Reviewed by Darin Adler.
2752
2753         New document marker to mark inserted candidates. This was we can treat 
2754         inserted candidates just like a RejectedCorrection and we won’t accidentally 
2755         autocorrect them later on.
2756         * dom/DocumentMarker.h:
2757         (WebCore::DocumentMarker::AllMarkers::AllMarkers):
2758         * editing/AlternativeTextController.cpp:
2759         (WebCore::AlternativeTextController::processMarkersOnTextToBeReplacedByResult):
2760
2761         When handling an acceptant candidate, set m_isHandlingAcceptedCandidate to
2762         true while the text is being inserted, and then mark the range as an accepted 
2763         candidate.
2764         * editing/Editor.cpp:
2765         (WebCore::Editor::handleAcceptedCandidate):
2766         * editing/Editor.h:
2767         (WebCore::Editor::isHandlingAcceptedCandidate):
2768
2769         If frame.editor. isHandlingAcceptedCandidate() then return early from 
2770         markMisspellingsAfterTyping.
2771         * editing/TypingCommand.cpp:
2772         (WebCore::TypingCommand::markMisspellingsAfterTyping):
2773
2774         Add some test infrastructure. 
2775         * testing/Internals.cpp:
2776         (WebCore::Internals::handleAcceptedCandidate):
2777         * testing/Internals.h:
2778         * testing/Internals.idl:
2779
2780 2016-02-03  Jer Noble  <jer.noble@apple.com>
2781
2782         [Win] Pass entire request (rather than just URL) to clients of WebCoreAVCFResourceLoader
2783         https://bugs.webkit.org/show_bug.cgi?id=153653
2784
2785         Reviewed by Brent Fulgham.
2786
2787         This will allow those clients to see the byte-range request ("Range:") header and respond
2788         appropriately.
2789
2790         * platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp:
2791         (WebCore::WebCoreAVCFResourceLoader::startLoading):
2792
2793 2016-02-03  Jer Noble  <jer.noble@apple.com>
2794
2795         Yosemite build fix; hide the entire WebCoreNSURLSessionDataTask class from Yosemite and prior.
2796
2797         * platform/network/cocoa/WebCoreNSURLSession.h:
2798         * platform/network/cocoa/WebCoreNSURLSession.mm:
2799         (-[WebCoreNSURLSessionDataTask initWithSession:identifier:URL:]):
2800         (-[WebCoreNSURLSessionDataTask initWithSession:identifier:request:]):
2801
2802 2016-02-03  Jer Noble  <jer.noble@apple.com>
2803
2804         [EME][Mac] MediaKeys.createSession() fails with initData containing a contentId whose length is > 1/2 the initData.
2805         https://bugs.webkit.org/show_bug.cgi?id=153517
2806         <rdar://problem/24303782>
2807
2808         Reviewed by Eric Carlson.
2809
2810         The length of contentId is given in bytes, not Uint16 characters. Use the former when extracting
2811         the contentId string from the initData.
2812
2813         * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
2814         (WebCore::MediaPlayerPrivateAVFoundation::extractKeyURIKeyIDAndCertificateFromInitData):
2815
2816 2016-02-03  Jer Noble  <jer.noble@apple.com>
2817
2818         [Mac] Wrap a resource and resource loader in a NSURLSession-like object for use by lower level frameworks
2819         https://bugs.webkit.org/show_bug.cgi?id=153669
2820
2821         Reviewed by Alex Christensen.
2822
2823         API Test: WebCore.WebCoreNSURLSession
2824
2825         Add a NSURLSession-like object, which wraps a CachedResourceLoader and CachedRawResource, which we can
2826         hand to lower-level frameworks, so that network loads by those frameworks use WebKit's loader.
2827
2828         * platform/network/cocoa/WebCoreNSURLSession.h: Added.
2829         * platform/network/cocoa/WebCoreNSURLSession.mm: Added.
2830         (-[WebCoreNSURLSession initWithResourceLoader:delegate:delegateQueue:]):
2831         (-[WebCoreNSURLSession dealloc]):
2832         (-[WebCoreNSURLSession copyWithZone:]):
2833         (-[WebCoreNSURLSession delegateQueue]):
2834         (-[WebCoreNSURLSession configuration]):
2835         (-[WebCoreNSURLSession loader]):
2836         (-[WebCoreNSURLSession finishTasksAndInvalidate]):
2837         (-[WebCoreNSURLSession invalidateAndCancel]):
2838         (-[WebCoreNSURLSession resetWithCompletionHandler:]):
2839         (-[WebCoreNSURLSession flushWithCompletionHandler:]):
2840         (-[WebCoreNSURLSession getTasksWithCompletionHandler:]):
2841         (-[WebCoreNSURLSession getAllTasksWithCompletionHandler:]):
2842         (-[WebCoreNSURLSession dataTaskWithRequest:]):
2843         (-[WebCoreNSURLSession dataTaskWithURL:]):
2844         (-[WebCoreNSURLSession uploadTaskWithRequest:fromFile:]):
2845         (-[WebCoreNSURLSession uploadTaskWithRequest:fromData:]):
2846         (-[WebCoreNSURLSession uploadTaskWithStreamedRequest:]):
2847         (-[WebCoreNSURLSession downloadTaskWithRequest:]):
2848         (-[WebCoreNSURLSession downloadTaskWithURL:]):
2849         (-[WebCoreNSURLSession downloadTaskWithResumeData:]):
2850         (-[WebCoreNSURLSession streamTaskWithHostName:port:]):
2851         (-[WebCoreNSURLSession streamTaskWithNetService:]):
2852         (-[WebCoreNSURLSession isKindOfClass:]):
2853
2854         Add a C++ class which can act as a CachedRawResourceClient, passing the results back to a WebCoreNSURLSessionDataTask:
2855
2856         (WebCore::WebCoreNSURLSessionDataTaskClient::WebCoreNSURLSessionDataTaskClient):
2857         (WebCore::WebCoreNSURLSessionDataTaskClient::dataSent):
2858         (WebCore::WebCoreNSURLSessionDataTaskClient::responseReceived):
2859         (WebCore::WebCoreNSURLSessionDataTaskClient::dataReceived):
2860         (WebCore::WebCoreNSURLSessionDataTaskClient::redirectReceived):
2861         (WebCore::WebCoreNSURLSessionDataTaskClient::notifyFinished):
2862
2863         Add a NSURLSessionDataTask-like object, which takes a request, then uses it to create and wrap a CachedRawResource.
2864         Becase NSURSessionDataTask is intended to be used off-main-thread, care must be taken to dispatch back to the main-
2865         (or web-) thread before calling CachedRawResource functions.
2866
2867         (-[WebCoreNSURLSessionDataTask initWithSession:identifier:URL:]):
2868         (-[WebCoreNSURLSessionDataTask initWithSession:identifier:request:]):
2869         (-[WebCoreNSURLSessionDataTask copyWithZone:]):
2870         (-[WebCoreNSURLSessionDataTask _restart]):
2871         (-[WebCoreNSURLSessionDataTask _cancel]):
2872         (-[WebCoreNSURLSessionDataTask _finish]):
2873         (-[WebCoreNSURLSessionDataTask _setDefersLoading:]):
2874         (-[WebCoreNSURLSessionDataTask cancel]):
2875         (-[WebCoreNSURLSessionDataTask suspend]):
2876         (-[WebCoreNSURLSessionDataTask resume]):
2877         (-[WebCoreNSURLSessionDataTask _timingData]):
2878         (-[WebCoreNSURLSessionDataTask resource:sentBytes:totalBytesToBeSent:]):
2879         (-[WebCoreNSURLSessionDataTask resource:receivedResponse:]):
2880         (-[WebCoreNSURLSessionDataTask resource:receivedData:length:]):
2881         (-[WebCoreNSURLSessionDataTask resource:receivedRedirect:request:]):
2882         (-[WebCoreNSURLSessionDataTask resourceFinished:]):
2883         * WebCore.xcodeproj/project.pbxproj: Add new files to project.
2884
2885 2016-02-03  Darin Adler  <darin@apple.com>
2886
2887         Convert another batch of String::lower callsites to something better, typically convertToASCIILowercase
2888         https://bugs.webkit.org/show_bug.cgi?id=153789
2889
2890         Reviewed by Sam Weinig.
2891
2892         * dom/DOMImplementation.cpp:
2893         (WebCore::DOMImplementation::isXMLMIMEType): Use equalLettersIgnoringASCIICase
2894         and the boolean argument to endsWith to ignore ASCII case.
2895         (WebCore::DOMImplementation::isTextMIMEType): Ditto. Also simplified the logic
2896         by removing an if statement.
2897
2898         * dom/Document.cpp:
2899         (WebCore::isSeparator): Deleted. Moved to WindowFeatures.cpp.
2900         (WebCore::processArguments): Ditto.
2901         (WebCore::Document::processViewport): Call the processFeaturesString function
2902         from WindowFeatures.h; the code here was originally just a pasted copy of that code!
2903         (WebCore::Document::processFormatDetection): Ditto.
2904
2905         * html/HTMLCanvasElement.cpp:
2906         (WebCore::HTMLCanvasElement::toEncodingMimeType): Remove now-unneeded
2907         lowercasing of MIME type before calling isSupportedImageMIMETypeForEncoding,
2908         since the MIME type registry now ignores ASCII case. Use convertToASCIILowercase
2909         on the return value, to preserve behavior.
2910         (WebCore::HTMLCanvasElement::toDataURL): Minor coding style tweaks.
2911
2912         * html/HTMLEmbedElement.cpp:
2913         (WebCore::HTMLEmbedElement::parseAttribute): Use convertToASCIILowercase for
2914         the service type here.
2915
2916         * html/HTMLImageElement.cpp:
2917         (WebCore::HTMLImageElement::bestFitSourceFromPictureElement): Remove now-unneeded
2918         lowercasing since MIME type registry now ignores ASCII case. And use
2919         equalLettersIgnoringASCIICase for the case here.
2920
2921         * html/HTMLInputElement.cpp:
2922         (WebCore::parseAcceptAttribute): Use convertToASCIILowercase for the type here.
2923
2924         * html/HTMLLinkElement.cpp:
2925         (WebCore::HTMLLinkElement::parseAttribute): Use convertToASCIILowercase for the
2926         media value here.
2927
2928         * html/HTMLMediaElement.cpp:
2929         (WebCore::HTMLMediaElement::canPlayType): Use convertToASCIILowercase for the
2930         content type here.
2931         (WebCore::HTMLMediaElement::selectNextSourceChild): Ditto.
2932
2933         * html/HTMLObjectElement.cpp:
2934         (WebCore::HTMLObjectElement::parseAttribute): Use convertToASCIILowercase for
2935         the service type here.
2936
2937         * html/HTMLTrackElement.cpp:
2938         (WebCore::HTMLTrackElement::parseAttribute): Use convertToASCIILowercase for
2939         the kind here.
2940         (WebCore::HTMLTrackElement::ensureTrack): Ditto. Also use fastGetAttribute
2941         since this is neither the style attribute nor an animatable SVG attribute.
2942
2943         * html/parser/HTMLTreeBuilder.cpp:
2944         (WebCore::createCaseMap): Use convertToASCIILowercase for the local names here.
2945
2946         * inspector/DOMPatchSupport.cpp:
2947         (WebCore::DOMPatchSupport::patchNode): Use containsIgnoringASCIICase instead
2948         of combining lower with find == notFound here.
2949         (WebCore::nodeName): Use convertToASCIILowercase here.
2950
2951         * inspector/InspectorOverlay.cpp:
2952         (WebCore::buildObjectForElementData): Use convertToASCIILowercase for node
2953         name here.
2954
2955         * inspector/InspectorPageAgent.cpp:
2956         (WebCore::createXHRTextDecoder): Remove a now-unneeded call to lower since
2957         DOMImplementation::isXMLMIMEType now ignores ASCII case.
2958
2959         * inspector/InspectorStyleSheet.cpp:
2960         (WebCore::lowercasePropertyName): Use convertToASCIILowercase for property
2961         names here. Also use startsWith rather than a hand-written alternative.
2962         (WebCore::InspectorStyle::populateAllProperties): Use the return value of
2963         the add function to avoid doing a double hash table lookp.
2964         (WebCore::InspectorStyle::styleWithProperties): Use convertToASCIILowercase
2965         to lowercase the property name.
2966
2967         * inspector/NetworkResourcesData.cpp:
2968         (WebCore::createOtherResourceTextDecoder): Remove unneeded call to lower since
2969         DOMImplement::isXMLMIMEType now ignores ASCII case.
2970
2971         * loader/CrossOriginAccessControl.cpp:
2972         (WebCore::createAccessControlPreflightRequest): Use convertToASCIILowercase
2973         to lowercase the access control request header field value.
2974
2975         * loader/cache/CachedScript.cpp:
2976         (WebCore::CachedScript::mimeType): Use convertToASCIILowercase on the content type.
2977
2978         * page/CaptionUserPreferencesMediaAF.cpp:
2979         (WebCore::languageIdentifier): Use convertToASCIILowercase on the language code.
2980
2981         * page/DOMWindow.cpp:
2982         (WebCore::DOMWindow::open): Call parseWindowFeatures instead of using the
2983         constructor for WindowFeatures.
2984         (WebCore::DOMWindow::showModalDialog): Call parseDialogFeatures instead of
2985         using the constructor for WindowFeatures.
2986
2987         * page/EventHandler.cpp:
2988         (WebCore::findDropZone): Remove unneeded lowercasing and empty string checking,
2989         and use the option SpaceSplitString already has to convert to lowercase.
2990         (WebCore::EventHandler::handleAccessKey): Remove unneeded call to lower since
2991         getElementByAccessKey now ignores case. Also tweaked coding style a bit.
2992
2993         * page/OriginAccessEntry.cpp:
2994         (WebCore::OriginAccessEntry::OriginAccessEntry): Use convertToASCIILowercase
2995         on the protocol and host.
2996         (WebCore::OriginAccessEntry::matchesOrigin): Ditto.
2997
2998         * page/SecurityOrigin.cpp:
2999         (WebCore::shouldTreatAsUniqueOrigin): Remove unneeded call to lower since
3000         SchemeRegistry now ignores ASCII case.
3001         (WebCore::SecurityOrigin::SecurityOrigin): Use convertToASCIILowercase on
3002         the protocol and host.
3003         (WebCore::SecurityOrigin::setDomainFromDOM): Use convertToASCIILowercase on
3004         the domain.
3005         (WebCore::SecurityOrigin::canDisplay): Remove call to lower since SchemeRegistry
3006         now ignores ASCII case and because this now uses equalIgnoringASCIICase in
3007         one place that used to use exact matching.
3008
3009         * page/WindowFeatures.cpp: Refactored so this is now some helper functions
3010         plus a struct rather than a class.
3011         (WebCore::isSeparator): Renamed this and removed special handling for NUL.
3012         (WebCore::parseWindowFeatures): Moved the code that was formerly in the
3013         WindowFeatures constructor in here. Refactored the parsing into the
3014         processFeaturesString function, shared with the functions in Document that
3015         do the same kind of parsing. Removed the code that converts the entire string
3016         to lowercase before parsing.
3017         (WebCore::processFeaturesString): Moved the improved version of this function
3018         here from Document.cpp; more efficient because it doesn't allocate strings.
3019         (WebCore::setWindowFeature): Changed to be a function private to this file
3020         with internal linkage. Use equalLettersIgnoringASCIICase so we no longer
3021         rely on converting the string to lowercase before parsing.
3022         (WebCore::parseDialogFeatures): Similar refactoring, but also changed all
3023         the default handling to use Optional<> instead of default values.
3024         (WebCore::boolFeature): Changed to use option and to ignore ASCII case.
3025         (WebCore::floatFeature): Ditto.
3026         (WebCore::parseDialogFeaturesMap): Removed the calls to lower, which are
3027         not needed any more.
3028
3029         * page/WindowFeatures.h: Added default values for all the data members,
3030         and removed all the functions from the WindowFeatures struct. Added the two
3031         functions for parsing window and dialog features. Also added the
3032         processFeaturesString function so we can share it with Document.cpp.
3033
3034         * platform/SchemeRegistry.cpp:
3035         (WebCore::SchemeRegistry::removeURLSchemeRegisteredAsLocal): Use
3036         equalLettersIgnoringASCIICase to ignore ASCII case.
3037
3038         * platform/efl/MIMETypeRegistryEfl.cpp:
3039         (WebCore::MIMETypeRegistry::getMIMETypeForExtension): Use a modern for loop,
3040         and equalIgnoringASCIICase rather than calling lower.
3041
3042         * platform/graphics/MediaPlayer.cpp:
3043         (WebCore::MediaPlayer::load): Use convertToASCIILowercase on MIME type and
3044         key system.
3045         (WebCore::MediaPlayer::generateKeyRequest): Ditto.
3046         (WebCore::MediaPlayer::addKey): Ditto.
3047         (WebCore::MediaPlayer::cancelKeyRequest): Ditto.
3048
3049         * platform/graphics/opengl/Extensions3DOpenGLCommon.cpp:
3050         (WebCore::Extensions3DOpenGLCommon::Extensions3DOpenGLCommon): Use
3051         convertToASCIILowercase on vendor string.
3052
3053         * platform/gtk/MIMETypeRegistryGtk.cpp:
3054         (WebCore::MIMETypeRegistry::getMIMETypeForExtension): Use a modern for loop,
3055         and equalIgnoringASCIICase rather than calling lower.
3056
3057         * platform/mac/PasteboardMac.mm:
3058         (WebCore::cocoaTypeFromHTMLClipboardType): Use convertToASCIILowercase
3059         on the type. Also did a bit of renaming and tweaking the logic.
3060
3061 2016-02-03  Dave Hyatt  <hyatt@apple.com>
3062
3063         Implement hanging-punctuation property parsing.
3064         https://bugs.webkit.org/show_bug.cgi?id=18109.
3065
3066         Reviewed by Zalan Bujtas.
3067
3068         Added parsing test in fast/css.
3069
3070         * css/CSSComputedStyleDeclaration.cpp:
3071         (WebCore::renderEmphasisPositionFlagsToCSSValue):
3072         (WebCore::hangingPunctuationToCSSValue):
3073         (WebCore::fillRepeatToCSSValue):
3074         (WebCore::ComputedStyleExtractor::propertyValue):
3075         * css/CSSParser.cpp:
3076         (WebCore::CSSParser::parseValue):
3077         (WebCore::CSSParser::parseTextIndent):
3078         (WebCore::CSSParser::parseHangingPunctuation):
3079         (WebCore::CSSParser::parseLineBoxContain):
3080         * css/CSSParser.h:
3081         * css/CSSPrimitiveValueMappings.h:
3082         (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
3083         (WebCore::CSSPrimitiveValue::operator HangingPunctuation):
3084         (WebCore::CSSPrimitiveValue::operator LineBreak):
3085         * css/CSSPropertyNames.in:
3086         * css/CSSValueKeywords.in:
3087         * css/StyleBuilderConverter.h:
3088         (WebCore::StyleBuilderConverter::convertRegionBreakInside):
3089         (WebCore::StyleBuilderConverter::convertHangingPunctuation):
3090         * rendering/style/RenderStyle.cpp:
3091         (WebCore::RenderStyle::changeRequiresLayout):
3092         * rendering/style/RenderStyle.h:
3093         * rendering/style/RenderStyleConstants.h:
3094         (WebCore::operator| ):
3095         (WebCore::operator|= ):
3096         * rendering/style/StyleRareInheritedData.cpp:
3097         (WebCore::StyleRareInheritedData::StyleRareInheritedData):
3098         (WebCore::StyleRareInheritedData::operator==):
3099         * rendering/style/StyleRareInheritedData.h:
3100
3101 2016-02-03  Jessie Berlin  <jberlin@webkit.org>
3102
3103         Build fix.
3104
3105         [NSEvent context] has always returned nil. Replace uses with nullptr.
3106
3107         * page/mac/EventHandlerMac.mm:
3108         (WebCore::EventHandler::sendFakeEventsAfterWidgetTracking):
3109
3110 2016-02-03  Carlos Garcia Campos  <cgarcia@igalia.com>
3111
3112         [GTK] Layout Test http/tests/appcache/different-https-origin-resource-main.html is failing
3113         https://bugs.webkit.org/show_bug.cgi?id=145253
3114
3115         Reviewed by Michael Catanzaro.
3116
3117         The problem is that when the load is cancelled while the
3118         connection is still being established,
3119         SoupMessage::notify::tls-errors is emitted and the handler calls
3120         ResourceHandleClient::didFail() which can delete the ResourceHandle.
3121
3122         * platform/network/soup/ResourceHandleSoup.cpp:
3123         (WebCore::tlsErrorsChangedCallback): Protect the ResourceHandle
3124         for the scope of the callback because
3125         ResourceHandleClient::didFail() could delete the object.
3126
3127 2016-02-03  Carlos Garcia Campos  <cgarcia@igalia.com>
3128
3129         REGRESSION(r191948): [GStreamer] 4 new timeouts on layout tests.
3130         https://bugs.webkit.org/show_bug.cgi?id=152797
3131
3132         Reviewed by Darin Adler.
3133
3134         Always schedule messages to the main thread, even when the bus
3135         sync handlder was called in the main thread. It seems that
3136         GStreamer expects things to happen in the next main loop
3137         iteration.
3138
3139         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
3140         (WebCore::MediaPlayerPrivateGStreamer::createGSTPlayBin):
3141
3142 2016-02-03  Zan Dobersek  <zdobersek@igalia.com>
3143
3144         [TexMap] CompositingCoordinator should store the overlay layer, flush it as appropriate
3145         https://bugs.webkit.org/show_bug.cgi?id=152058
3146
3147         Reviewed by Michael Catanzaro.
3148
3149         Previously, the CompositingCoordinator only added the overlay layer to the
3150         layer tree, but flushing its compositing state is also required. For that to
3151         happen, CompositingCoordinator has to store a pointer to the overlay layer
3152         object and flush it in ::flushPendingLayerChanges().
3153
3154         Overlay layers are most prominently used by the Web Inspector to highlight
3155         the DOM elements on the Web page that are being hovered in the inspector.
3156
3157         * platform/graphics/texmap/coordinated/CompositingCoordinator.cpp:
3158         (WebCore::CompositingCoordinator::CompositingCoordinator):
3159         (WebCore::CompositingCoordinator::setRootCompositingLayer):
3160         (WebCore::CompositingCoordinator::flushPendingLayerChanges):
3161         * platform/graphics/texmap/coordinated/CompositingCoordinator.h:
3162
3163 2016-02-03  Zan Dobersek  <zdobersek@igalia.com>
3164
3165         [CoordinatedGraphics] CompositingCoordinator destructor is scheduling layer flushes
3166         https://bugs.webkit.org/show_bug.cgi?id=153823
3167
3168         Reviewed by Carlos Garcia Campos.
3169
3170         Purging the backing stores during the CompositingCoordinator destructor
3171         is also scheduling layer flushes in the object's client, which is an object
3172         of the LayerTreeHost-deriving class that owns the CompositingCoordinator
3173         object in question and is also being destroyed.
3174
3175         In case of ThreadedCoordinatedLayerTreeHost, this scheduling can access
3176         the RunLoop::Timer object which has already been destroyed, causing a
3177         crash. Another problem with this is that we're invoking a virtual function
3178         on an object that's being destructed, which works well enough in this case
3179         but should be discouraged in general.
3180
3181         In order to avoid this, add the m_isDestructing boolean to the
3182         CompositingCoordinator class, flip it to true during the destruction,
3183         and check for its falseness before scheduling a layer flush.
3184
3185         * platform/graphics/texmap/coordinated/CompositingCoordinator.cpp:
3186         (WebCore::CompositingCoordinator::CompositingCoordinator):
3187         (WebCore::CompositingCoordinator::~CompositingCoordinator):
3188         (WebCore::CompositingCoordinator::notifyFlushRequired):
3189         * platform/graphics/texmap/coordinated/CompositingCoordinator.h:
3190
3191 2016-02-03  Zan Dobersek  <zdobersek@igalia.com>
3192
3193         [TexMap] Don't use RELEASE_ASSERT in TextureMapperLayer::computeTransformsRecursive()
3194         https://bugs.webkit.org/show_bug.cgi?id=153822
3195
3196         Reviewed by Carlos Garcia Campos.
3197
3198         * platform/graphics/texmap/TextureMapperLayer.cpp:
3199         (WebCore::TextureMapperLayer::computeTransformsRecursive):
3200         Use ASSERT to check that the m_children members are indeed children
3201         of the current layer, RELEASE_ASSERT probably slipped in unnoticed
3202         at some point.
3203
3204 2016-02-03  Zan Dobersek  <zdobersek@igalia.com>
3205
3206         PlatformPathCairo: Lazily allocate the path surface
3207         https://bugs.webkit.org/show_bug.cgi?id=153821
3208
3209         Reviewed by Carlos Garcia Campos.
3210
3211         Move the static variable that holds the Cairo surface into
3212         the pathSurface() function (previously getPathSurface). This
3213         way the surface will only be allocated once the function is
3214         called for the first time from the CairoPath surface.
3215
3216         No change in functionality, just a cleanup.
3217
3218         * platform/graphics/cairo/PlatformPathCairo.cpp:
3219         (WebCore::pathSurface):
3220         (WebCore::CairoPath::CairoPath):
3221         (WebCore::getPathSurface): Deleted.
3222
3223 2016-02-02  Fujii Hironori  <Hironori.Fujii@jp.sony.com>
3224
3225         ASSERTION FAILED: roundedIntPoint(rendererMappedResult) == roundedIntPoint(result)
3226         https://bugs.webkit.org/show_bug.cgi?id=153576
3227
3228         Reviewed by Darin Adler.
3229
3230         Tests: fast/block/geometry-map-assertion-with-rounding-negative-half.html
3231
3232         The results of roundedIntPoint of FloatPoint and LayoutPoint may be different
3233         because of the uniqueness of LayoutUnit::round introduced by this bug
3234         <https://bugs.webkit.org/show_bug.cgi?id=107208>.
3235         Should convert a FloatPoint to a LayoutPoint before rounding.
3236
3237         * rendering/RenderGeometryMap.cpp:
3238         (WebCore::RenderGeometryMap::mapToContainer):
3239
3240 2016-02-02  Aakash Jain  <aakash_jain@apple.com>
3241
3242         Remove references to CallFrameInlines.h
3243         https://bugs.webkit.org/show_bug.cgi?id=153810
3244
3245         Reviewed by Mark Lam.
3246
3247         * ForwardingHeaders/interpreter/CallFrameInlines.h: Removed.
3248
3249 2016-02-02  Jinyoung Hur  <hur.ims@navercorp.com>
3250
3251         WEBGL_debug_shaders should be disabled for OpenGLES backend also
3252         https://bugs.webkit.org/show_bug.cgi?id=153788
3253
3254         Reviewed by Darin Adler.
3255
3256         WEBGL_debug_shaders extension is disabled for OpenGL backed platform
3257         because the implementation is not fully compliant to the spec yet.
3258         Because this is not an OpenGL-specific problem, WEBGL_debug_shaders extension
3259         should be disabled for OpenGLES backed platforms also.
3260
3261         No new tests, already covered by existing tests.
3262
3263         * platform/graphics/opengl/Extensions3DOpenGL.cpp:
3264         (WebCore::Extensions3DOpenGL::supportsExtension): Deleted.
3265         * platform/graphics/opengl/Extensions3DOpenGLCommon.cpp:
3266         (WebCore::Extensions3DOpenGLCommon::supports):
3267
3268 2016-02-02  Brady Eidson  <beidson@apple.com>
3269
3270         Modern IDB: storage/indexeddb/cursor-primary-key-order.html fails with SQLite backend.
3271         https://bugs.webkit.org/show_bug.cgi?id=153800
3272
3273         Reviewed by Alex Christensen.
3274
3275         No new tests (Existing tests now unskipped).
3276
3277         The IndexRecords SQL schema did not order things by primaryKey.
3278         
3279         Easy fix to the schema. Sadly requires a migration...
3280
3281         * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
3282         (WebCore::IDBServer::v1IndexRecordsTableSchema):
3283         (WebCore::IDBServer::v1IndexRecordsTableSchemaAlternate):
3284         (WebCore::IDBServer::v2IndexRecordsTableSchema):
3285         (WebCore::IDBServer::v2IndexRecordsTableSchemaAlternate):
3286         (WebCore::IDBServer::SQLiteIDBBackingStore::ensureValidIndexRecordsTable):
3287         (WebCore::IDBServer::SQLiteIDBBackingStore::createAndPopulateInitialDatabaseInfo):
3288         * Modules/indexeddb/server/SQLiteIDBBackingStore.h:
3289
3290 2016-02-02  Tim Horton  <timothy_horton@apple.com>
3291
3292         <attachment> should attempt to guess the icon from the file extension if all else fails
3293         https://bugs.webkit.org/show_bug.cgi?id=153804
3294         <rdar://problem/24448146>
3295
3296         Reviewed by Anders Carlsson.
3297
3298         Test: fast/attachment/attachment-icon-from-file-extension.html
3299
3300         * platform/graphics/Icon.h:
3301         * platform/graphics/mac/IconMac.mm:
3302         (WebCore::Icon::createIconForFileExtension):
3303         * rendering/RenderThemeMac.mm:
3304         (WebCore::iconForAttachment):
3305         If we can't find an icon any other way, try assuming that the title is a filename,
3306         grab its extension, and have NSWorkspace try to work out an icon for it.
3307
3308 2016-02-02  Antti Koivisto  <antti@apple.com>
3309
3310         Factor style sharing code out of StyleResolver
3311         https://bugs.webkit.org/show_bug.cgi?id=153768
3312
3313         Reviewed by Darin Adler.
3314
3315         Move the code to a new class, Style::SharingResolver.
3316
3317         When resolving document style we query the sharing resolver first before using the regular style resolver.
3318         Other paths that call style resolver were mostly already disabling it with DisallowStyleSharing flag.
3319
3320         * WebCore.xcodeproj/project.pbxproj:
3321         * css/ElementRuleCollector.cpp:
3322         (WebCore::MatchRequest::MatchRequest):
3323         (WebCore::ElementRuleCollector::matchAllRules):
3324         (WebCore::ElementRuleCollector::hasAnyMatchingRules):
3325
3326             More const.
3327
3328         * css/ElementRuleCollector.h:
3329         (WebCore::ElementRuleCollector::setRegionForStyling):
3330         (WebCore::ElementRuleCollector::setMedium):
3331         * css/MediaQueryMatcher.cpp:
3332         (WebCore::MediaQueryMatcher::prepareEvaluator):
3333         * css/StyleMedia.cpp:
3334         (WebCore::StyleMedia::matchMedium):
3335         * css/StyleResolver.cpp:
3336         (WebCore::StyleResolver::State::cacheBorderAndBackground):
3337         (WebCore::StyleResolver::StyleResolver):
3338         (WebCore::StyleResolver::sweepMatchedPropertiesCache):
3339         (WebCore::StyleResolver::State::State):
3340         (WebCore::StyleResolver::State::setStyle):
3341         (WebCore::isAtShadowBoundary):
3342         (WebCore::StyleResolver::styleForElement):
3343         (WebCore::StyleResolver::classNamesAffectedByRules): Deleted.
3344         (WebCore::parentElementPreventsSharing): Deleted.
3345         (WebCore::StyleResolver::locateCousinList): Deleted.
3346         (WebCore::StyleResolver::styleSharingCandidateMatchesRuleSet): Deleted.
3347         (WebCore::StyleResolver::canShareStyleWithControl): Deleted.
3348         (WebCore::elementHasDirectionAuto): Deleted.
3349         (WebCore::StyleResolver::sharingCandidateHasIdenticalStyleAffectingAttributes): Deleted.
3350         (WebCore::StyleResolver::canShareStyleWithElement): Deleted.
3351         (WebCore::StyleResolver::findSiblingForStyleSharing): Deleted.
3352         (WebCore::StyleResolver::locateSharedStyle): Deleted.
3353
3354             Style sharing code moves to SharingResolver.
3355
3356         * css/StyleResolver.h:
3357         (WebCore::StyleResolver::mediaQueryEvaluator):
3358         (WebCore::StyleResolver::State::regionForStyling):
3359         (WebCore::StyleResolver::State::elementLinkState):
3360         (WebCore::StyleResolver::State::setApplyPropertyToRegularStyle):
3361         (WebCore::StyleResolver::State::setApplyPropertyToVisitedLinkStyle):
3362         (WebCore::StyleResolver::state):
3363         (WebCore::StyleResolver::setTextOrientation):
3364         (WebCore::StyleResolver::State::setElementAffectedByClassRules): Deleted.
3365         (WebCore::StyleResolver::State::elementAffectedByClassRules): Deleted.
3366         (WebCore::StyleResolver::styleNotYetAvailable): Deleted.
3367
3368             Placeholder code moves to TreeResolver.
3369
3370         * dom/VisitedLinkState.cpp:
3371         (WebCore::linkAttribute):
3372         (WebCore::VisitedLinkState::invalidateStyleForAllLinks):
3373         (WebCore::linkHashForElement):
3374         (WebCore::VisitedLinkState::invalidateStyleForLink):
3375         (WebCore::VisitedLinkState::determineLinkStateSlowCase):
3376         * dom/VisitedLinkState.h:
3377         (WebCore::VisitedLinkState::determineLinkState):
3378         * html/HTMLFormControlElement.h:
3379         * rendering/RenderElement.cpp:
3380         (WebCore::RenderElement::getUncachedPseudoStyle):
3381         * rendering/RenderNamedFlowFragment.cpp:
3382         (WebCore::RenderNamedFlowFragment::computeStyleInRegion):
3383         * rendering/style/RenderStyle.cpp:
3384         (WebCore::RenderStyle::isStyleAvailable):
3385         (WebCore::RenderStyle::hasUniquePseudoStyle):
3386         * style/StyleSharingResolver.cpp: Added.
3387         (WebCore::Style::SharingResolver::SharingResolver):
3388         (WebCore::Style::parentElementPreventsSharing):
3389         (WebCore::Style::elementHasDirectionAuto):
3390         (WebCore::Style::SharingResolver::searchSimilar):
3391         (WebCore::Style::SharingResolver::findSibling):
3392         (WebCore::Style::SharingResolver::locateCousinList):
3393         (WebCore::Style::canShareStyleWithControl):
3394         (WebCore::Style::SharingResolver::canShareStyleWithElement):
3395         (WebCore::Style::SharingResolver::styleSharingCandidateMatchesRuleSet):
3396         (WebCore::Style::SharingResolver::sharingCandidateHasIdenticalStyleAffectingAttributes):
3397         (WebCore::Style::SharingResolver::classNamesAffectedByRules):
3398         * style/StyleSharingResolver.h: Added.
3399         * style/StyleTreeResolver.cpp:
3400         (WebCore::Style::ensurePlaceholderStyle):
3401         (WebCore::Style::TreeResolver::TreeResolver):
3402         (WebCore::Style::TreeResolver::styleForElement):
3403
3404             Try to use SharingResolver first.
3405             Also move placeholder style handling here, it is only relevant when resolving document style.
3406
3407         (WebCore::Style::postResolutionCallbacksAreSuspended):
3408         (WebCore::Style::isPlaceholderStyle):
3409         * style/StyleTreeResolver.h:
3410         * svg/SVGElement.cpp:
3411         (WebCore::SVGElement::customStyleForRenderer):
3412         * svg/SVGElementRareData.h:
3413         (WebCore::SVGElementRareData::overrideComputedStyle):
3414
3415 2016-02-02  Tim Horton  <timothy_horton@apple.com>
3416
3417         <attachment> icon should be a folder for the custom MIME type multipart/x-folder
3418         https://bugs.webkit.org/show_bug.cgi?id=153795
3419         <rdar://problem/24416632>
3420
3421         Reviewed by Anders Carlsson.
3422
3423         Test: fast/attachment/attachment-folder-icon.html
3424
3425         * rendering/RenderThemeMac.mm:
3426         (WebCore::iconForAttachment):
3427         (WebCore::paintAttachmentIcon):
3428         Mail uses this special MIME type to indicate that something is a folder, which there
3429         isn't a normal non-deprecated MIME type for.
3430
3431 2016-02-02  Brady Eidson  <beidson@apple.com>
3432
3433         Modern IDB: storage/indexeddb/cursor-continue-validity.html fails.
3434         https://bugs.webkit.org/show_bug.cgi?id=153791
3435
3436         Reviewed by Alex Christensen.
3437
3438         No new tests (Existing test now unskipped).
3439
3440         There was a preexisting check in the SQLite cursor for remembering the current record and
3441         refusing to refetch it.
3442         
3443         This check was causing this bug, because we needed to refetch the current record.
3444         
3445         Removing the check (and its associated flag) doesn't regress any other test, and fixes this one.
3446
3447         * Modules/indexeddb/server/SQLiteIDBCursor.cpp:
3448         (WebCore::IDBServer::SQLiteIDBCursor::resetAndRebindStatement):
3449         (WebCore::IDBServer::SQLiteIDBCursor::internalAdvanceOnce):
3450         * Modules/indexeddb/server/SQLiteIDBCursor.h:
3451
3452 2016-02-01  Dave Hyatt  <hyatt@apple.com>
3453
3454         Add a line grid pagination SPI to WebKit.
3455         https://bugs.webkit.org/show_bug.cgi?id=153757
3456         <rdar://problem/23041598>
3457
3458         Reviewed by Anders Carlsson.
3459
3460         New tests in fast/multicol/pagination.
3461
3462         * page/Page.cpp:
3463         (WebCore::Page::setPaginationLineGridEnabled):
3464         * page/Page.h:
3465         (WebCore::Page::paginationLineGridEnabled):
3466         Add a boolean to the page to turn the line grid on and off.
3467
3468         * rendering/RenderBox.cpp:
3469         (WebCore::RenderBox::styleDidChange):
3470         Propagate the body's font up to the paginated RenderView so that
3471         it can be used to establish the line grid.
3472
3473         * style/StyleResolveForDocument.cpp:
3474         (WebCore::Style::resolveForDocument):
3475         Set up a line grid with containment snapping by default if the
3476         line grid enabled flag is set.
3477
3478         * testing/Internals.cpp:
3479         (WebCore::Internals::resetToConsistentState):
3480         (WebCore::Internals::setPagination):
3481         (WebCore::Internals::setPaginationLineGridEnabled):
3482         (WebCore::Internals::configurationForViewport):
3483         * testing/Internals.h:
3484         (WebCore::Internals::setPagination):
3485         * testing/Internals.idl:
3486         Add support for testing the grid being enabled.
3487
3488 2016-02-01  Antti Koivisto  <antti@apple.com>
3489
3490         Tab suspension code shouldn't use page cache cacheability logic
3491         https://bugs.webkit.org/show_bug.cgi?id=153680
3492
3493         Reviewed by Andreas Kling.
3494
3495         Most of PageCache::canCache() is unnecessary for tab suspension.
3496
3497         Also improve robustness and introduce 1 minute delay before suspending.
3498
3499         * page/Page.cpp:
3500         (WebCore::Page::setPageActivityState):
3501         (WebCore::Page::setIsVisible):
3502         (WebCore::Page::setIsVisibleInternal):
3503         (WebCore::Page::setIsPrerender):
3504         (WebCore::Page::canTabSuspend):
3505
3506             Include visibility test here.
3507
3508             Instead of calling PageCache::canCache() just check for each frame
3509             - that the document is loaded
3510             - that active DOM objects allow suspension
3511
3512         (WebCore::Page::setIsTabSuspended):
3513         (WebCore::Page::setTabSuspensionEnabled):
3514         (WebCore::Page::updateTabSuspensionState):
3515
3516             Refactor for robustness.
3517
3518         (WebCore::Page::tabSuspensionTimerFired):
3519
3520             Call canTabSuspend, the result might have changed.
3521
3522         (WebCore::Page::scheduleTabSuspension): Deleted.
3523         * page/Page.h:
3524
3525 2016-02-02  Yusuke Suzuki  <utatane.tea@gmail.com>
3526
3527         [JSC] Introduce BytecodeIntrinsic constant rep like @undefined
3528         https://bugs.webkit.org/show_bug.cgi?id=153737
3529
3530         Reviewed by Darin Adler.
3531
3532         * Modules/fetch/FetchHeaders.js:
3533         (initializeFetchHeaders):
3534         * Modules/streams/ReadableStream.js:
3535         (initializeReadableStream):
3536         (closeDestination):
3537         (abortDestination):
3538         (pipeTo):
3539         * Modules/streams/ReadableStreamInternals.js:
3540         (privateInitializeReadableStreamController):
3541         (teeReadableStream):
3542         (isReadableStreamReader):
3543         (errorReadableStream):
3544         (finishClosingReadableStream):
3545         (enqueueInReadableStream):
3546         (readFromReadableStreamReader):
3547         * Modules/streams/ReadableStreamReader.js:
3548         (releaseLock):
3549         * Modules/streams/StreamInternals.js:
3550         (shieldingPromiseResolve):
3551         (promiseInvokeOrNoopNoCatch):
3552         (promiseInvokeOrFallbackOrNoop):
3553         (validateAndNormalizeQueuingStrategy):
3554         * Modules/streams/WritableStream.js:
3555         (initializeWritableStream):
3556         (write):
3557         * Modules/streams/WritableStreamInternals.js:
3558         (errorWritableStream):
3559
3560 2016-02-02  Brady Eidson  <beidson@apple.com>
3561
3562         Modern IDB: storage/indexeddb/dont-wedge.html sometimes ASSERTs.
3563         https://bugs.webkit.org/show_bug.cgi?id=153790
3564
3565         Reviewed by Tim Horton.
3566
3567         No new tests (Failing test now unskipped).
3568
3569         This test uncovered an unhandled race where the main thread tried to perform an OpenDB operation 
3570         multiple times while it was already in-progress on the server thread.
3571
3572         There was already a flag meant to cover this race, and it just needed to be applied to one more site.
3573         
3574         * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
3575         (WebCore::IDBServer::UniqueIDBDatabase::performCurrentOpenOperation):
3576         (WebCore::IDBServer::UniqueIDBDatabase::openBackingStore):
3577
3578 2016-02-02  Daniel Bates  <dabates@apple.com>
3579
3580         CSP: Support checking content security policy without a script execution context
3581         https://bugs.webkit.org/show_bug.cgi?id=153748
3582         <rdar://problem/24439149>
3583
3584         Reviewed by Darin Alder.
3585
3586         Towards checking a Web Worker's content security policy against a redirected worker
3587         script load or redirected XHR request for an XHR request initiated from it, we should
3588         support instantiating a ContentSecurityPolicy object without a ScriptExecutionContext.
3589
3590         No functionality was changed. So, no new tests.
3591
3592         * dom/Document.cpp:
3593         (WebCore::Document::initSecurityContext): Pass |this| as a reference instead of as a pointer.
3594         * page/csp/ContentSecurityPolicy.cpp: Remove extraneous includes ScriptState.h, TextEncoding.h,
3595         and URL.h as they are included by ContentSecurityPolicy.h, FormDataList.h and FormData.h, respectively.
3596         (WebCore::CSPSource::CSPSource): Take a constant reference to a ContentSecurityPolicy instead
3597         of a pointer since we never expected a null pointer.
3598         (WebCore::CSPSource::schemeMatches): Move logic for checking the protocol of source "self"
3599         from here to ContentSecurityPolicy::protocolMatchesSelf() because we may not have a security
3600         origin if ContentSecurityPolicy was initiated without a ScriptExecutionContext object.
3601         (WebCore::CSPSourceList::allowSelf): Added.
3602         (WebCore::CSPSourceList::CSPSourceList): Take a constant reference to a ContentSecurityPolicy
3603         instead of a pointer since we never expected a null pointer. Remove fields from member
3604         initialization list that can be initialized using C++11 in-class initialization syntax.
3605         (WebCore::CSPSourceList::matches): Call ContentSecurityPolicy::urlMatchesSelf() to match the
3606         effective URL against the URL of source "self".
3607         (WebCore::CSPSourceList::parse): Update code as necessary now that m_policy is a reference
3608         instead of a pointer.
3609         (WebCore::CSPSourceList::parseSource): Simplify code by setting internal member fields directly
3610         instead of via member functions.
3611         (WebCore::CSPSourceList::parsePath): Update code as necessary now that m_policy is a reference
3612         instead of a pointer.
3613         (WebCore::CSPDirective::CSPDirective): Take a constant reference to a ContentSecurityPolicy
3614         instead of a pointer since we never expected a null pointer.
3615         (WebCore::CSPDirective::policy): Return a reference to a const ContentSecurityPolicy.
3616         (WebCore::MediaListDirective::MediaListDirective): Take a constant reference to a ContentSecurityPolicy
3617         instead of a pointer since we never expected a null pointer.
3618         (WebCore::MediaListDirective::parse): Update code as necessary now that m_policy is a reference
3619         instead of a pointer.
3620         (WebCore::SourceListDirective::SourceListDirective): Take a constant reference to a ContentSecurityPolicy
3621         instead of a pointer since we never expected a null pointer.
3622         (WebCore::SourceListDirective::allows): Write in terms of CSPSourceList::allowSelf() because we
3623         may not have a security origin to get a URL from if ContentSecurityPolicy was initiated without
3624         a ScriptExecutionContext object.
3625         (WebCore::CSPDirectiveList::reportURIs): Change return type from Vector<URL> to Vector<String>
3626         The caller will convert the strings to URLs with respect to the script execution context.
3627         (WebCore::CSPDirectiveList::parseReportURI): Store the report URI as a string instead of a URL
3628         because we may not have a security origin to compute the absolute URL if ContentSecurityPolicy
3629         was initiated without a ScriptExecutionContext object.
3630         (WebCore::CSPDirectiveList::CSPDirectiveList): Take a reference to a ContentSecurityPolicy
3631         instead of a pointer since we never expected a null pointer. It would be better to take a const
3632         reference to a ContentSecurityPolicy, but ContentSecurityPolicy::applySandboxPolicy() needs to set
3633         state on ContentSecurityPolicy :(
3634         (WebCore::CSPDirectiveList::create): Ditto.
3635         (WebCore::CSPDirectiveList::reportViolation): Update code as necessary now that m_policy is a reference
3636         instead of a pointer.
3637         (WebCore::CSPDirectiveList::checkEvalAndReportViolation): Ditto.
3638         (WebCore::CSPDirectiveList::checkInlineAndReportViolation): Ditto.
3639         (WebCore::CSPDirectiveList::parseDirective): Ditto.
3640         (WebCore::CSPDirectiveList::parseReportURI): Store the report URI as a string instead of a URL
3641         because we may not have a security origin to compute the absolute URL if ContentSecurityPolicy
3642         was initiated without a ScriptExecutionContext object.
3643         (WebCore::CSPDirectiveList::setCSPDirective): Update code as necessary now that m_policy is a reference
3644         instead of a pointer.
3645         (WebCore::CSPDirectiveList::applySandboxPolicy): Ditto.
3646         (WebCore::CSPDirectiveList::parseReflectedXSS): Ditto.
3647         (WebCore::CSPDirectiveList::addDirective): Ditto.
3648         (WebCore::ContentSecurityPolicy::ContentSecurityPolicy): Modified to take the ScriptExecutionObject
3649         as a reference and compute the CSPSource object for "self" and cache the protocol for "self". Removed
3650         field m_overrideInlineStyleAllowed from the member initialization list and used C++11 in-class
3651         initialization syntax to initialize it. Added overloaded constructor that takes a SecurityOrigin object.
3652         We are not making use of this overloaded constructor at this time. We will in a subsequent patch.
3653         (WebCore::ContentSecurityPolicy::didReceiveHeader): Store the eval disabled error message for
3654         the last parsed policy in a member field instead of using it as part of disabling eval execution
3655         on the script execution context because we may not have such a context.
3656         (WebCore::ContentSecurityPolicy::applyPolicyToScriptExecutionContext): Applies the content security
3657         policy eval and sandbox restrictions to the script execution context.
3658         (WebCore::ContentSecurityPolicy::urlMatchesSelf): Match the specified URL against the URL for
3659         source "self".
3660         (WebCore::ContentSecurityPolicy::protocolMatchesSelf): Match the protocol of the specified URL
3661         against the protocol for source "self".
3662         (WebCore::ContentSecurityPolicy::gatherReportURIs): Modified to use the script execution context
3663         to compute the absolute URL for each report URI.
3664         (WebCore::ContentSecurityPolicy::reportViolation): Bail out if we do not have a script execution
3665         context.
3666         (WebCore::ContentSecurityPolicy::logToConsole): Only log to the console if we have a script
3667         execution context.
3668         (WebCore::ContentSecurityPolicy::reportBlockedScriptExecutionToInspector): Only report blocked
3669         script execution to the Web Inspector if we have a script execution context.
3670         (WebCore::CSPSourceList::addSourceSelf): Deleted.
3671         (WebCore::CSPSourceList::addSourceStar): Deleted.
3672         (WebCore::CSPSourceList::addSourceUnsafeInline): Deleted.
3673         (WebCore::CSPSourceList::addSourceUnsafeEval): Deleted.
3674         (WebCore::CSPDirectiveList::gatherReportURIs): Deleted.
3675         (WebCore::ContentSecurityPolicy::securityOrigin): Deleted.
3676         (WebCore::ContentSecurityPolicy::url): Deleted.
3677         (WebCore::ContentSecurityPolicy::completeURL): Deleted.
3678         (WebCore::ContentSecurityPolicy::enforceSandboxFlags): Deleted.
3679         * page/csp/ContentSecurityPolicy.h:
3680         (WebCore::ContentSecurityPolicy::enforceSandboxFlags): Accumulates the parsed sandbox flags. We
3681         will apply the sandbox flags in ContentSecurityPolicy::applyPolicyToScriptExecutionContext().
3682         * workers/WorkerGlobalScope.cpp:
3683         (WebCore::WorkerGlobalScope::WorkerGlobalScope): Instantiate ContentSecurityPolicy.
3684         (WebCore::WorkerGlobalScope::applyContentSecurityPolicyResponseHeaders): Move instantiation of
3685         ContentSecurityPolicy from here to constructor.
3686
3687 2016-02-02  Eric Carlson  <eric.carlson@apple.com>
3688
3689         Allow ports to disable automatic text track selection
3690         https://bugs.webkit.org/show_bug.cgi?id=153761
3691         <rdar://problem/24416768>
3692
3693         Reviewed by Darin Adler.
3694
3695         Test: media/track/track-manual-mode.html
3696
3697         * Modules/mediacontrols/MediaControlsHost.cpp:
3698         (WebCore::MediaControlsHost::manualKeyword): New.
3699         (WebCore::MediaControlsHost::captionDisplayMode): Support 'manual' mode.
3700         * Modules/mediacontrols/MediaControlsHost.h:
3701
3702         * Modules/mediacontrols/mediaControlsApple.js:
3703         (Controller.prototype.buildCaptionMenu): Check the 'off' item when in manual mode.
3704
3705         * html/HTMLMediaElement.cpp:
3706         (WebCore::HTMLMediaElement::addTextTrack): Update m_captionDisplayMode when called for the first
3707           time so it is always correct. Set the track's manual selection mode as appropriate.
3708         (WebCore::HTMLMediaElement::captionPreferencesChanged): Set each track's manual selection 
3709           mode as appropriate.
3710
3711         * html/track/TextTrack.cpp:
3712         (WebCore::TextTrack::kind): Return 'subtitles' for forced tracks when in manual mode.
3713         * html/track/TextTrack.h:
3714
3715         * html/track/TrackBase.h:
3716         (WebCore::TrackBase::kind): Make virtual.
3717
3718         * page/CaptionUserPreferences.cpp:
3719         (WebCore::CaptionUserPreferences::beginBlockingNotifications): New.
3720         (WebCore::CaptionUserPreferences::endBlockingNotifications): Ditto.
3721         (WebCore::CaptionUserPreferences::notify): Don't notify when blocked.
3722         * page/CaptionUserPreferences.h:
3723
3724         * page/CaptionUserPreferencesMediaAF.cpp:
3725         (WebCore::CaptionUserPreferencesMediaAF::CaptionUserPreferencesMediaAF): Set manual mode 
3726           when appropriate.
3727         (WebCore::CaptionUserPreferencesMediaAF::captionDisplayMode): Check manual mode.
3728         (WebCore::CaptionUserPreferencesMediaAF::setCaptionDisplayMode): Ditto.
3729         (WebCore::CaptionUserPreferencesMediaAF::setPreferredLanguage): Ditto.
3730         (WebCore::CaptionUserPreferencesMediaAF::textTrackSelectionScore): Return zero when in manual mode.
3731         (WebCore::CaptionUserPreferencesMediaAF::sortedTrackListForMenu): Consider manual mode. Fix
3732           typos in logging.
3733
3734         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
3735         (WebCore::mediaDescriptionForKind): Return 'auxiliary' when in manual mode.
3736
3737         * testing/Internals.cpp:
3738         (WebCore::Internals::setCaptionDisplayMode): Support manual mode.
3739
3740 2016-02-02  Adrien Plazas  <aplazas@igalia.com>
3741
3742         REGRESSION(r195899): ASSERTION FAILED: is<Target>(source) in EventPath::retargetTouch() since r195899
3743         https://bugs.webkit.org/show_bug.cgi?id=153741
3744
3745         Reviewed by Ryosuke Niwa.
3746
3747         * dom/EventDispatcher.cpp:
3748         (WebCore::EventPath::retargetTouch):
3749
3750 2016-02-01  Joseph Pecoraro  <pecoraro@apple.com>
3751
3752         Web Inspector: High Level Memory Overview Instrument
3753         https://bugs.webkit.org/show_bug.cgi?id=153516
3754         <rdar://problem/24356378>
3755
3756         Reviewed by Brian Burg.
3757
3758         Add a new agent that gathers data from the ResourceUsageThread
3759         and sends to the frontend.
3760
3761         Test: inspector/memory/tracking.html
3762
3763         * CMakeLists.txt:
3764         * Configurations/FeatureDefines.xcconfig:
3765         * WebCore.xcodeproj/project.pbxproj:
3766         New files.
3767
3768         * inspector/InspectorController.cpp:
3769         (WebCore::InspectorController::InspectorController):
3770         Add the new agent.
3771
3772         * inspector/InspectorMemoryAgent.h: Added.
3773         * inspector/InspectorMemoryAgent.cpp: Added.
3774         (WebCore::InspectorMemoryAgent::InspectorMemoryAgent):
3775         (WebCore::InspectorMemoryAgent::didCreateFrontendAndBackend):
3776         (WebCore::InspectorMemoryAgent::willDestroyFrontendAndBackend):
3777         (WebCore::InspectorMemoryAgent::startTracking):
3778         (WebCore::InspectorMemoryAgent::stopTracking):
3779         (WebCore::InspectorMemoryAgent::collectSample):
3780         Implement the agent by adding / removing it as a ResourceUsage
3781         observer. When receiving the data forward it to the frontend.
3782
3783 2016-02-01  Alex Christensen  <achristensen@webkit.org>
3784
3785         Fix CMake build.
3786
3787         * PlatformMac.cmake:
3788
3789 2016-02-01  Brady Eidson  <beidson@apple.com>
3790
3791         Modern IDB: Cursors (still) do not keep their opening request alive.
3792         https://bugs.webkit.org/show_bug.cgi?id=153724
3793
3794         Reviewed by Alex Christensen.
3795
3796         No new tests (All existing tests pass without flakiness).
3797
3798         IDBCursors did not properly keep their JS wrappers alive.
3799         Making them ActiveDOMObjects that keep track of how many requests might be in flight fixes this.
3800         This also makes them actually keep their opening-request live via the opaque-root mechanism.
3801         
3802         IDBCursorWithValue also needed to opt in to all of these mechanisms.
3803
3804         * CMakeLists.txt:
3805         * WebCore.xcodeproj/project.pbxproj:
3806
3807         * Modules/indexeddb/IDBCursor.h:
3808         (WebCore::IDBCursor::hasPendingActivity): The base IDBCursor always has no pending activity,
3809           to maintain current behavior in LegacyIDB. This weirdness will go away when LegacyIDB does.
3810         * Modules/indexeddb/IDBCursor.idl:
3811         * Modules/indexeddb/IDBCursorWithValue.idl:
3812
3813         Track a count for all outstanding requests to keep the cursor alive as an ActiveDOMObject.
3814         * Modules/indexeddb/client/IDBCursorImpl.cpp:
3815         (WebCore::IDBClient::IDBCursor::IDBCursor):
3816         (WebCore::IDBClient::IDBCursor::update):
3817         (WebCore::IDBClient::IDBCursor::uncheckedIterateCursor):
3818         (WebCore::IDBClient::IDBCursor::deleteFunction):
3819         (WebCore::IDBClient::IDBCursor::activeDOMObjectName):
3820         (WebCore::IDBClient::IDBCursor::canSuspendForDocumentSuspension):
3821         (WebCore::IDBClient::IDBCursor::hasPendingActivity):
3822         (WebCore::IDBClient::IDBCursor::decrementOutstandingRequestCount):
3823         * Modules/indexeddb/client/IDBCursorImpl.h:
3824         
3825         Rework the "delete" family of functions on the object store to allow for returning a modern IDBRequest.
3826         A lot of this can go away when LegacyIDB does.
3827         * Modules/indexeddb/client/IDBObjectStoreImpl.cpp:
3828         (WebCore::IDBClient::IDBObjectStore::deleteFunction):
3829         (WebCore::IDBClient::IDBObjectStore::doDelete):
3830         (WebCore::IDBClient::IDBObjectStore::modernDelete):
3831         * Modules/indexeddb/client/IDBObjectStoreImpl.h:
3832         
3833         * Modules/indexeddb/client/IDBRequestImpl.cpp:
3834         (WebCore::IDBClient::IDBRequest::setSource): Setup a ScopeGuard to decrement the cursor's request
3835           count whenever it makes sense to do so.
3836         (WebCore::IDBClient::IDBRequest::dispatchEvent): Clear the ScopeGuard (if it exists) to decrement the count.
3837         (WebCore::IDBClient::IDBRequest::willIterateCursor): Set the ScopeGuard.
3838         (WebCore::IDBClient::IDBRequest::didOpenOrIterateCursor): Clear the ScopeGuard (if it exists) to decrement the count.
3839         * Modules/indexeddb/client/IDBRequestImpl.h:
3840         
3841         * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
3842         (WebCore::IDBServer::ScopeGuard::ScopeGuard): Deleted.
3843         (WebCore::IDBServer::ScopeGuard::~ScopeGuard): Deleted.
3844         (WebCore::IDBServer::ScopeGuard::enable): Deleted.
3845         (WebCore::IDBServer::ScopeGuard::disable): Deleted.
3846         
3847         * bindings/js/JSIDBCursorWithValueCustom.cpp: Added.
3848         (WebCore::JSIDBCursorWithValue::visitAdditionalChildren):
3849         
3850         * platform/ScopeGuard.h: Added.
3851         (WebCore::ScopeGuard::ScopeGuard):
3852         (WebCore::ScopeGuard::~ScopeGuard):
3853         (WebCore::ScopeGuard::enable):
3854         (WebCore::ScopeGuard::disable):
3855
3856 2016-02-01  Sun-woo Nam  <sunny.nam@samsung.com>
3857
3858         Free Colormap when XWindow is destroyed.
3859         https://bugs.webkit.org/show_bug.cgi?id=153413
3860
3861         Reviewed by Žan Doberšek.
3862
3863         Colormap is needed to create XWindow and it should be freed when XWindow is destroyed.
3864         Unless Colormap is freed before destroying XWindow, memory leak is suspected.
3865         XFreeColormap therefore is needed on X11Helper.
3866
3867         * platform/graphics/surfaces/glx/X11Helper.cpp: Added XFreeColormap.
3868         (WebCore::X11Helper::destroyWindow):
3869
3870 2016-02-01  Tim Horton  <timothy_horton@apple.com>
3871
3872         Move some SPI declarations into the appropriate SPI header
3873         https://bugs.webkit.org/show_bug.cgi?id=153755
3874
3875         Reviewed by Darin Adler.
3876
3877         * platform/graphics/cocoa/IOSurface.mm:
3878         * platform/spi/cg/CoreGraphicsSPI.h:
3879
3880 2016-02-01  Tim Horton  <timothy_horton@apple.com>
3881
3882         Snapshot surfaces are forever wired after being compressed
3883         https://bugs.webkit.org/show_bug.cgi?id=153751
3884         <rdar://problem/24354546>
3885
3886         Reviewed by Darin Adler.
3887
3888         * platform/graphics/cocoa/IOSurface.mm:
3889         (IOSurface::convertToFormat):
3890         Allow IOSurfaceAccelerator to unwire surfaces after they're transformed.
3891
3892 2016-02-01  Dan Bernstein  <mitz@apple.com>
3893
3894         <rdar://problem/20150072> [iOS] Remove some file upload code only needed before iOS 9
3895         https://bugs.webkit.org/show_bug.cgi?id=153754
3896
3897         Reviewed by Darin Adler.
3898
3899         * English.lproj/Localizable.strings: Updated for removal of WebKit2 string.
3900
3901 2016-02-01  Said Abou-Hallawa  <sabouhallawa@apple.com>
3902
3903         Cache the Path instead of creating it every time it is required
3904         https://bugs.webkit.org/show_bug.cgi?id=152939
3905
3906         Reviewed by Darin Adler.
3907
3908         Instead of creating the Path object every time it is required, we should 
3909         cache it in an LRU cache. TinyLRUCache returns a reference to the cached
3910         entry so we do not have to pay the cost of copying it either.
3911
3912         * platform/graphics/FloatRoundedRect.h:
3913         (WebCore::operator!=):
3914         Implement the inequality operator for FloatRoundedRect since it is
3915         called by TinyLRUCache.
3916         
3917         * rendering/ClipPathOperation.h:
3918         Return a reference to the path in the cache since instead of creating a
3919         new copy.
3920         
3921         * rendering/style/BasicShapes.cpp:
3922         (WebCore::SVGPathTranslatedByteStream::SVGPathTranslatedByteStream):
3923         (WebCore::SVGPathTranslatedByteStream::operator==):
3924         (WebCore::SVGPathTranslatedByteStream::operator!=):
3925         (WebCore::SVGPathTranslatedByteStream::isEmpty):
3926         (WebCore::SVGPathTranslatedByteStream::path):
3927         This struct holds an offset and an SVGPathByteStream. It is the key of 
3928         the LRU cache for the the translated SVGPathByteStream.
3929         
3930         (WebCore::EllipsePathPolicy::isKeyNull):
3931         (WebCore::EllipsePathPolicy::createValueForKey):
3932