2009-03-26 Darin Adler <darin@apple.com>

[WebKit-https.git] / WebCore / ChangeLog

2009-03-26  Darin Adler  <darin@apple.com>

        Reviewed by Geoff Garen.

        Removed code that casts EventListener down to derived classes
        without type checking. A crash could happen if you added event
        listeners with Objective-C and then manipulated the class with
        JavaScript.

        * bindings/js/JSDOMApplicationCacheCustom.cpp:
        (WebCore::JSDOMApplicationCache::mark): Removed all the casts
        and used the markIfNotNull function and mark functions on
        EventListener instead.
        * bindings/js/JSMessagePortCustom.cpp:
        (WebCore::JSMessagePort::mark): Ditto.
        * bindings/js/JSWorkerContextCustom.cpp:
        (WebCore::JSWorkerContext::mark): Ditto.
        * bindings/js/JSWorkerCustom.cpp:
        (WebCore::JSWorker::mark): Ditto.
        * bindings/js/JSXMLHttpRequestCustom.cpp:
        (WebCore::JSXMLHttpRequest::mark): Ditto.
        * bindings/js/JSXMLHttpRequestUploadCustom.cpp:
        (WebCore::JSXMLHttpRequestUpload::mark): Ditto.

        * bindings/js/JSEventListener.cpp:
        (WebCore::JSAbstractEventListener::handleEvent): Used function,
        the new name for what used to be called listenerObj.
        (WebCore::JSAbstractEventListener::virtualIsInline): Renamed since
        this doesn't need to be virtual for callers who have a pointer to
        this class, not the base class.
        (WebCore::JSEventListener::function): Renamed from listenerObj.
        (WebCore::JSProtectedEventListener::function): Ditto.

        * bindings/js/JSEventListener.h: Removed unneeded forward class
        declarations. Made all virtual functions private since there's no
        need to call any of them on a particular derived class, only on
        EventListener. Explicitly declare JSEventListener::mark as virtual
        since it's now overriding a function in the EventListener base class.
        Made JSProtectedEventListener::m_globalObject protected so the
        JSLazyEventListener derived class can use it directly instead of using
        a virtual function to get the pointer.

        * bindings/js/JSLazyEventListener.cpp:
        (WebCore::JSLazyEventListener::parseCode): Use m_globalObject instead
        of globalObject since the latter is a virtual function and there's no
        need to pay virtual function overhead.
        (WebCore::JSLazyEventListener::function): Renamed from listenerObj.

        * bindings/js/JSLazyEventListener.h: Moved forward declaration of the
        Node class here from JSEventListener.h.

        * bindings/scripts/CodeGeneratorJS.pm: Removed now-unneeded cast to
        JSEventListener when getting the script object from a listener.

        * dom/EventListener.h: Added virtual function and mark functions
        so we can extract the JavaScript function object or mark a JavaScript
        event listener in a type safe manner.

2009-03-26  Peter Kasting  <pkasting@google.com>

        Reviewed by Adele Peterson.

        https://bugs.webkit.org/show_bug.cgi?id=24859
        Use CSS file instead of code to adjust search field styling.

        * css/themeWin.css:
        * rendering/RenderThemeWin.cpp:
        * rendering/RenderThemeWin.h:

2009-03-26  Darin Adler  <darin@apple.com>

        Reviewed by Geoff Garen.

        Split JSLazyEventListener out into its own separate source file.
        We'll be removing JSAbstractEventListener and JSProtectedEventListener soon,
        so leave those in the same file with JSEventListener.

        * GNUmakefile.am: Added JSLazyEventListener.
        * WebCore.pro: Ditto.
        * WebCore.scons: Ditto.
        * WebCore.vcproj/WebCore.vcproj: Ditto.
        * WebCore.xcodeproj/project.pbxproj: Ditto.
        * WebCoreSources.bkl: Ditto.

        * bindings/js/JSEventListener.cpp: Removed the JSLazyEventListener part.
        Removed unneeded includes. Removed incorrect ASSERT_CLASS_FITS_IN_CELL, since
        JSAbstractEventListener is not derived from JSCell.

        * bindings/js/JSEventListener.h: Removed the JSLazyEventListener part
        and the now-unneeded include of PlatformString.h.

        * bindings/js/JSLazyEventListener.cpp: Copied from bindings/js/JSEventListener.cpp.
        Kept only the JSLazyEventListener part.
        (WebCore::eventParameterName): Made this have internal linkage by adding "static".
        Also moved the default case out of the switch statement so we will get a warning
        if we omit any cases in the future.

        * bindings/js/JSLazyEventListener.h: Copied from bindings/js/JSEventListener.h.
        Kept only the JSLazyEventListener part.

        * bindings/js/ScriptController.cpp: Removed unneeded includes and sorted the
        remanining ones. Include JSLazyEventListener.h instead of JSEventListener.h.

2009-03-26  Darin Adler  <darin@apple.com>

        Reviewed by Geoff Garen.

        Renamed JSUnprotectedEventListener to JSEventListener.
        And related renames.

        Soon Geoff will make all JavaScript event listeners use mark instead
        of protect, so there's no need to emphasize "unprotected".

        * bindings/js/JSDOMApplicationCacheCustom.cpp:
        (WebCore::JSDOMApplicationCache::mark):
        (WebCore::JSDOMApplicationCache::addEventListener):
        (WebCore::JSDOMApplicationCache::removeEventListener):
        * bindings/js/JSDOMGlobalObject.cpp:
        (WebCore::JSDOMGlobalObject::~JSDOMGlobalObject):
        (WebCore::JSDOMGlobalObject::findJSEventListener):
        (WebCore::JSDOMGlobalObject::findOrCreateJSEventListener):
        (WebCore::JSDOMGlobalObject::jsEventListeners):
        (WebCore::JSDOMGlobalObject::jsInlineEventListeners):
        * bindings/js/JSDOMGlobalObject.h:
        * bindings/js/JSDOMWindowBase.h:
        * bindings/js/JSEventListener.cpp:
        (WebCore::JSEventListener::JSEventListener):
        (WebCore::JSEventListener::~JSEventListener):
        (WebCore::JSEventListener::listenerObj):
        (WebCore::JSEventListener::globalObject):
        (WebCore::JSEventListener::clearGlobalObject):
        (WebCore::JSEventListener::mark):
        * bindings/js/JSEventListener.h:
        (WebCore::JSEventListener::create):
        * bindings/js/JSMessagePortCustom.cpp:
        (WebCore::JSMessagePort::mark):
        (WebCore::JSMessagePort::addEventListener):
        (WebCore::JSMessagePort::removeEventListener):
        * bindings/js/JSWorkerContextCustom.cpp:
        (WebCore::JSWorkerContext::mark):
        (WebCore::JSWorkerContext::addEventListener):
        (WebCore::JSWorkerContext::removeEventListener):
        * bindings/js/JSWorkerCustom.cpp:
        (WebCore::JSWorker::mark):
        (WebCore::JSWorker::addEventListener):
        (WebCore::JSWorker::removeEventListener):
        * bindings/js/JSXMLHttpRequestCustom.cpp:
        (WebCore::JSXMLHttpRequest::mark):
        (WebCore::JSXMLHttpRequest::addEventListener):
        (WebCore::JSXMLHttpRequest::removeEventListener):
        * bindings/js/JSXMLHttpRequestUploadCustom.cpp:
        (WebCore::JSXMLHttpRequestUpload::mark):
        (WebCore::JSXMLHttpRequestUpload::addEventListener):
        (WebCore::JSXMLHttpRequestUpload::removeEventListener):
        * bindings/scripts/CodeGeneratorJS.pm:
        All just renaming.

2009-03-26  Darin Adler  <darin@apple.com>

        Reviewed by Geoff Garen.

        Renamed JSEventListener to JSProtectedEventListener.
        And related renames.

        Soon Geoff will make all JavaScript event listeners use mark instead
        of protect, and so this class will be be obsolete. We will rename
        JSUnrpotectedEventListener to JSEventListener in the next check-in,
        since that one will remain.

        * bindings/js/JSDOMGlobalObject.cpp:
        (WebCore::JSDOMGlobalObject::~JSDOMGlobalObject):
        (WebCore::JSDOMGlobalObject::findJSProtectedEventListener):
        (WebCore::JSDOMGlobalObject::findOrCreateJSProtectedEventListener):
        (WebCore::JSDOMGlobalObject::jsProtectedEventListeners):
        (WebCore::JSDOMGlobalObject::jsProtectedInlineEventListeners):
        * bindings/js/JSDOMGlobalObject.h:
        * bindings/js/JSDOMWindowBase.h:
        * bindings/js/JSDOMWindowCustom.cpp:
        (WebCore::JSDOMWindow::addEventListener):
        (WebCore::JSDOMWindow::removeEventListener):
        * bindings/js/JSEventListener.cpp:
        (WebCore::JSProtectedEventListener::JSProtectedEventListener):
        (WebCore::JSProtectedEventListener::~JSProtectedEventListener):
        (WebCore::JSProtectedEventListener::listenerObj):
        (WebCore::JSProtectedEventListener::globalObject):
        (WebCore::JSProtectedEventListener::clearGlobalObject):
        (WebCore::JSLazyEventListener::JSLazyEventListener):
        (WebCore::JSLazyEventListener::parseCode):
        * bindings/js/JSEventListener.h:
        (WebCore::JSProtectedEventListener::create):
        * bindings/js/JSNodeCustom.cpp:
        (WebCore::JSNode::addEventListener):
        (WebCore::JSNode::removeEventListener):
        * bindings/js/JSSVGElementInstanceCustom.cpp:
        (WebCore::JSSVGElementInstance::addEventListener):
        (WebCore::JSSVGElementInstance::removeEventListener):
        * bindings/scripts/CodeGeneratorJS.pm:
        All just renaming.

2009-03-26  Dan Bernstein  <mitz@apple.com>

        Reviewed by Anders Carlsson.

        - fix <rdar://problem/6725042> BidiResolver::createBidiRunsForLine can
          create runs extending beyond the end

        No test because Safari does not use this version of
        createBidiRunsForLine() with the end iterator not pointing to the end
        of the text run.

        * platform/text/BidiResolver.h:
        (WebCore::BidiResolver::appendRun): Cap the end of the run at the end
        of the line and set the reachedEndOfLine flag. This mirrors the logic
        in the specialized version of appendRun() in bidi.cpp, which is why the
        problem did not show up in HTML. Also avoid creating empty runs.

2009-03-26  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Dave Hyatt
        
        https://bugs.webkit.org/show_bug.cgi?id=23914

        Tests: compositing/overflow/ancestor-overflow.html
               compositing/overflow/parent-overflow.html

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::calculateClipRects):
        * rendering/RenderLayer.h:
        (WebCore::ClipRects::infiniteRect):
        New static method that returns a large rect that is used by the clipping
        logic.
        
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateGraphicsLayerGeometry):
        Use parentClipRects(), rather than calculateRects(), to compute the overflow
        rect that we'll use to create a masking layer for composited clipping.
        
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::clippedByAncestor):
        Use parentClipRects() to see whether there's a layer between us and our
        compositing ancestor which applies clipping.
        
        (WebCore::RenderLayerCompositor::clipsCompositingDescendants):
        A layer which imposes clipping to its children doesn't have to be a stacking
        context; it might be a normal flow layer; in either case, we can rely on the
        hasCompositingDescendant() bit.

2009-03-26  Steve Falkenburg  <sfalken@apple.com>

        https://bugs.webkit.org/show_bug.cgi?id=24837
        Escape key should dismiss select menu

        Reviewed by Adam Roben.

        * platform/win/PopupMenuWin.cpp:
        (WebCore::PopupWndProc):

2009-03-26  Kevin Ollivier  <kevino@theolliviers.com>

        Reviewed by Alexey Proskuryakov.

        Make sure the script uses LF line endings even on Windows.
        
        https://bugs.webkit.org/show_bug.cgi?id=24805

        * WebCore/make-generated-sources.sh: Change svn:eol-style to LF

2009-03-26  Eli Fidler  <eli.fidler@torchmobile.com>

        Reviewed by George Staikos.

        Remove warnings all over the place by making operator precedence
        explicit in cases like x && y || z.  No functional change.

        * css/CSSFontSelector.cpp:
        (WebCore::CSSFontSelector::addFontFaceRule):
        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseValue):
        (WebCore::CSSParser::parseShadow):
        * dom/Document.cpp:
        (WebCore::Document::shouldScheduleLayout):
        * dom/Node.cpp:
        (WebCore::Node::isBlockFlowOrBlockTable):
        * dom/Node.h:
        (WebCore::Node::document):
        * dom/Position.cpp:
        (WebCore::Position::next):
        (WebCore::Position::upstream):
        (WebCore::Position::downstream):
        (WebCore::Position::getInlineBoxAndOffset):
        * dom/PositionIterator.cpp:
        (WebCore::PositionIterator::atStart):
        * dom/Range.cpp:
        (WebCore::Range::intersectsNode):
        * editing/Editor.cpp:
        (WebCore::Editor::setBaseWritingDirection):
        * editing/InsertParagraphSeparatorCommand.cpp:
        (WebCore::InsertParagraphSeparatorCommand::doApply):
        * editing/ReplaceSelectionCommand.cpp:
        (WebCore::ReplaceSelectionCommand::doApply):
        * editing/TextIterator.cpp:
        (WebCore::TextIterator::advance):
        (WebCore::SimplifiedBackwardsTextIterator::advance):
        * editing/VisiblePosition.cpp:
        (WebCore::VisiblePosition::leftVisuallyDistinctCandidate):
        (WebCore::VisiblePosition::rightVisuallyDistinctCandidate):
        (WebCore::VisiblePosition::canonicalPosition):
        * editing/htmlediting.cpp:
        (WebCore::isMailBlockquote):
        (WebCore::lineBreakExistsAtPosition):
        * html/HTMLSelectElement.cpp:
        (WebCore::HTMLSelectElement::parseMappedAttribute):
        * loader/FTPDirectoryDocument.cpp:
        (WebCore::processFileDateString):
        * loader/ImageLoader.cpp:
        (WebCore::ImageLoader::updateFromElement):
        * loader/TextResourceDecoder.cpp:
        (WebCore::TextResourceDecoder::checkForHeadCharset):
        * page/AccessibilityObject.cpp:
        (WebCore::updateAXLineStartForVisiblePosition):
        * page/EventHandler.cpp:
        (WebCore::EventHandler::sendContextMenuEvent):
        * page/animation/AnimationBase.cpp:
        (WebCore::PropertyWrapperGetter::equals):
        (WebCore::PropertyWrapperShadow::equals):
        * platform/ContextMenu.cpp:
        (WebCore::ContextMenu::populate):
        * platform/ScrollView.cpp:
        (WebCore::ScrollView::adjustScrollbarsAvoidingResizerCount):
        * platform/text/Base64.cpp:
        (WebCore::base64Encode):
        * platform/text/BidiResolver.h:
        (WebCore::::raiseExplicitEmbeddingLevel):
        (WebCore::::createBidiRunsForLine):
        * rendering/InlineTextBox.cpp:
        (WebCore::InlineTextBox::placeEllipsisBox):
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::addChild):
        (WebCore::RenderBlock::repaintOverhangingFloats):
        (WebCore::RenderBlock::fillInlineSelectionGaps):
        (WebCore::RenderBlock::positionForPoint):
        (WebCore::RenderBlock::calcInlinePrefWidths):
        (WebCore::RenderBlock::hasLineIfEmpty):
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::imageChanged):
        (WebCore::RenderBox::localCaretRect):
        (WebCore::RenderBox::positionForPoint):
        (WebCore::RenderBox::shrinkToAvoidFloats):
        * rendering/RenderObject.h:
        (WebCore::objectIsRelayoutBoundary):
        * rendering/RenderTableCell.cpp:
        (WebCore::RenderTableCell::clippedOverflowRectForRepaint):
        * rendering/RenderText.cpp:
        (WebCore::RenderText::calcPrefWidths):
        * rendering/bidi.cpp:
        (WebCore::RenderBlock::determineStartPosition):
        (WebCore::textWidth):
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::diff):
        * rendering/style/StyleInheritedData.cpp:
        (WebCore::cursorDataEquivalent):
        * rendering/style/StyleRareInheritedData.cpp:
        (WebCore::StyleRareInheritedData::shadowDataEquivalent):
        * rendering/style/StyleRareNonInheritedData.cpp:
        (WebCore::StyleRareNonInheritedData::shadowDataEquivalent):
        (WebCore::StyleRareNonInheritedData::animationDataEquivalent):
        (WebCore::StyleRareNonInheritedData::transitionDataEquivalent):

2009-03-26  Gustavo Noronha Silva  <gustavo.noronha@collabora.co.uk>

        Reviewed by Holger Freyther.

        https://bugs.webkit.org/show_bug.cgi?id=24804
        [GTK] 401 responses cause rogue content to be loaded

        Our soup code handles 401 responses itself, so we should not feed
        the headers and data of those responses to the loader.

        * platform/network/soup/ResourceHandleSoup.cpp:
        (WebCore::gotHeadersCallback):
        (WebCore::gotChunkCallback):

2009-03-25  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt and Darin Adler.
        
        Fixed <rdar://problem/6603167> Crash in WebKit!JSC::JSGlobalObject::resetPrototype
        during Stress test (#3 & #7 WER crashes for Safari 4 Beta)
        
        The problem was that allocation of the global object would, for just a
        moment, leave the global object's prototype unprotected from GC. This
        bug doesn't apply to non-global DOM objects because their prototypes are
        cached and marked by the global object.

        No test case because the crashing condition is hard to deterministically
        produce in a normal build, and in a Windows Release build with
        COLLECT_ON_EVERY_ALLOCATION set to 1, existing tests crash/hang.

        * bindings/js/JSDOMWindowShell.cpp:
        (WebCore::JSDOMWindowShell::setWindow):
        * bindings/js/WorkerScriptController.cpp:
        (WebCore::WorkerScriptController::initScript): Protect the global object's
        prototype from GC during construction, since the global object does not
        yet point to it, and therefore won't mark it.

2009-03-25  Dean Jackson  <dino@apple.com>

        Reviewed by Simon Fraser

        https://bugs.webkit.org/show_bug.cgi?id=23361

        When using hardware compositing, some images can be directly
        rendered by the hardware - no need to draw them into a separate
        context, therefore saving memory.
        Only images with certain style properties can be directly
        composited - basically anything that is not a simple image requires
        the usual rendering path (eg. if the image has borders).

        Test: compositing/direct-image-compositing.html

        * manual-tests/resources/simple_image.png: Added.
        * manual-tests/simple-image-compositing.html: Added.
        * platform/graphics/Image.h:
        (WebCore::Image::startAnimation):
            - move this to public
        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::imageChanged):
            - poke compositing layer if image has changed
        (WebCore::RenderImage::notifyFinished):
            - let the compositing layer know that it can render the image
        * rendering/RenderImage.h:
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::rendererContentChanged):
        * rendering/RenderLayer.h:
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::canUseInnerContentLayer):
        (WebCore::RenderLayerBacking::detectDrawingOptimizations):
        (WebCore::RenderLayerBacking::rendererContentChanged):
        * rendering/RenderLayerBacking.h:
            - code to hook up direct compositing of images where
              possible

2009-03-25  David Levin  <levin@chromium.org>

        Reviewed by Dimitri Glazkov.

        Chromium build fix. Fix #include in V8NodeFilterCondition.cpp due to the
        rename of V8NodeFilter to V8NodeFilterCondition.

        * bindings/v8/V8NodeFilterCondition.cpp:

2009-03-25  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Darin Adler
        
        https://bugs.webkit.org/show_bug.cgi?id=24817
        
        When the slider range is zero, avoid a divide by zero, which caused the
        thumb to be positioned off in the weeds, which broke painting.

        Test: media/video-empty-source.html

        * rendering/RenderSlider.cpp:
        (WebCore::SliderRange::proportionFromValue):
        (WebCore::SliderRange::valueFromProportion):
        (WebCore::sliderPosition):
        (WebCore::RenderSlider::setValueForPosition):

2009-03-24  Eric Seidel  <eric@webkit.org>

        Reviewed by Darin Adler.

        Remove dead code and style cleanup
        https://bugs.webkit.org/show_bug.cgi?id=24684

        * html/CanvasStyle.cpp:
        (WebCore::CanvasStyle::CanvasStyle):
          Coverty was annoyed that we didn't initialize all of our members.  I agree, but I didn't
          want to paste all 8 members each time, so I just cleaned up the existing constructors and left them.
        * page/FocusController.cpp:
        (WebCore::FocusController::setFocusedNode):
          "node" was checked just above and is already known to be non-null
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::insertOnlyThisLayer):
          We were already using parentLayer w/o a NULL check above, so just add an explicit ASSERT and use it w/o NULL check
        (WebCore::RenderLayer::resize):
          element is already ASSERTed above, no need to null check it here
        * rendering/RenderTableSection.cpp:
        (WebCore::RenderTableSection::addCell):
          currentCell.cell was just assigned to the value "cell" which is known to be non-null, no need to null check again.

2009-03-24  Eric Seidel  <eric@webkit.org>

        Reviewed by Darin Adler.

        Move ASSERT(foo) to before where foo-> is used
        https://bugs.webkit.org/show_bug.cgi?id=24684

        * platform/chromium/PasteboardChromium.cpp:
        (WebCore::Pasteboard::writeImage):
          Move ASSERTs to the top of the function, code was using "node" before ASSERT(node), once I moved
          ASSERT(node) to the top of the function it made sense to move the rest of them there too.
        * rendering/SVGRenderSupport.cpp:
        (WebCore::prepareToRenderSVGContent):
          move ASSERT(object) to *before* we use "object" :)

2009-03-24  Eric Seidel  <eric@webkit.org>

        Reviewed by Simon Fraser.

        Make TextTokenizer ASSERT that the buffer was freed
        https://bugs.webkit.org/show_bug.cgi?id=24684

        * loader/TextDocument.cpp:
        (WebCore::TextTokenizer::TextTokenizer):
        (WebCore::TextTokenizer::~TextTokenizer):
        (WebCore::TextTokenizer::finish):
          Make it clear by adding a ~TextTokenizer that finish() will always be called and the memory never leaked.

2009-03-24  Eric Seidel  <eric@webkit.org>

        Reviewed by Darin Adler.

        Fix case where lBreak.obj->isBR() when lBreak.obj was NULL
        https://bugs.webkit.org/show_bug.cgi?id=24684

        I don't have a test case where we were taking the wrong path here
        However, adding an ASSERT(lBreak.obj) before this usage caused
        multiple bidi tests to fail, so lBreak.obj can be null here.

        * rendering/bidi.cpp:
        (WebCore::RenderBlock::findNextLineBreak):
          lBreak.obj can be null, so we can't call ->isBR() on it unconditionally.

2009-03-24  Eric Seidel  <eric@webkit.org>

        Reviewed by Simon Fraser.

        Style cleanup and dead code removal in dom, editing
        https://bugs.webkit.org/show_bug.cgi?id=24684

        * dom/ContainerNode.cpp:
        (WebCore::ContainerNode::getUpperLeftCorner):
        (WebCore::ContainerNode::getLowerRightCorner):
        (WebCore::ContainerNode::getRect):
          Coverty was (rightly) confused as to what the hell "o" was being used for
          and whether or not it would ever be NULL.  I added some ASSERTS so that people (and machines)
          would be less confused about the logic in getUpperLeftCorner/getLowerRightCorner
        * dom/Document.cpp:
        (WebCore::Document::recalcStyle):
          Remove dead code, this block already checked that change == Force
        * editing/ApplyStyleCommand.cpp:
        (WebCore::ApplyStyleCommand::removeInlineStyle):
          Coverty correctly identified that traversePreviousNodePostOrder can return NULL, thus
          prev will be null, and we don't really explicitly handle it (like we probably should)
          It's OK though, because we end up creating a null position object, which may not have
          been what we intended, but we certainly don't crash.
        * editing/InsertParagraphSeparatorCommand.cpp:
        (WebCore::InsertParagraphSeparatorCommand::doApply):
          Remove dead code, insertionPosition.node() is already checked to be non-null above.
        * editing/markup.cpp:
        (WebCore::appendStartMarkup):
          removed dead code, annotate is already known to be true at this point in the file
          !annotate was checked above, and break; was called.

2009-03-24  Eric Seidel  <eric@webkit.org>

        Reviewed by Simon Fraser.

        CSS dead code removal and cleanup from Coverty errors
        https://bugs.webkit.org/show_bug.cgi?id=24684

        * css/CSSStyleSelector.cpp:
        (WebCore::CSSStyleSelector::applyProperty):
          Every other place in the code we check settings() for NULL, so I made these places
          check too, even though we should never be resolving style against a document which has
          no frame (which I believe is the only time settings() can be null)
        * css/CSSStyleSheet.cpp:
        (WebCore::CSSStyleSheet::styleSheetChanged):
          Removing dead code, "root" can never be null here.
        * css/SVGCSSStyleSelector.cpp:
        (WebCore::colorFromSVGColorCSSValue):
        (WebCore::CSSStyleSelector::applySVGProperty):
          Extra returns in the old macros caused dead code.  Removing the old macros and use modern
          ones instead. :)
          Extra null checks to value were not needed.  Added an ASSERT at the top of the function
          to make it clear that value will never be NULL.
          Added colorFromSVGColorCSSValue to clean up the code a little.

2009-03-24  Eric Seidel  <eric@webkit.org>

        Reviewed by Simon Fraser.

        Font fallback cleanup and added ASSERT for GlyphPageTreeNode
        https://bugs.webkit.org/show_bug.cgi?id=24684

        * css/CSSFontSelector.cpp:
        (WebCore::compareFontFaces):
          Coverty was concerned that it was possible to index off the end of weightFallbackRuleSets
          I can't read the code well enough to tell, so I tried to make the code clearer
          and added an ASSERT.        
        * platform/graphics/GlyphPageTreeNode.cpp:
        (WebCore::GlyphPageTreeNode::initializePage):
          Coverty believes we can crash here due to j being larger than GlyphPage::size.  I think to is already
          known to be < GlyphPage::size due to the min() statement above, but not being sure I added an ASSERT.

2009-03-24  Eric Seidel  <eric@webkit.org>

        Reviewed by Simon Fraser.

        Coverty inspired fixes in Animations/Transforms
        https://bugs.webkit.org/show_bug.cgi?id=24684

        * page/animation/AnimationBase.h:
          Fix animate() signatures to match so that the virtual methods actually override one another. :)
        * page/animation/AnimationController.cpp:
        (WebCore::AnimationControllerPrivate::removeFromStartTimeResponseWaitList):
          Attempt to fix this method, prevAnimation was never set to anything but NULL,
          as far as I can tell the author originally intended to update it at the end
          of the loop, which is what I changed this code to do.
        * page/animation/ImplicitAnimation.cpp:
        (WebCore::ImplicitAnimation::animate):
          Make method signature match AnimationBase::animate
        * page/animation/ImplicitAnimation.h:
        * page/animation/KeyframeAnimation.cpp:
        (WebCore::KeyframeAnimation::animate):
          Make method signature match AnimationBase::animate
        * page/animation/KeyframeAnimation.h:
        * platform/graphics/transforms/PerspectiveTransformOperation.cpp:
        (WebCore::PerspectiveTransformOperation::blend):
          if (blendToIdentity) already returned above.
        * platform/graphics/transforms/RotateTransformOperation.cpp:
        (WebCore::RotateTransformOperation::blend):
          if (blendToIdentity) already returned above.

2009-03-25  Eli Fidler  <eli.fidler@torchmobile.com>

        Reviewed by George Staikos.

        Fix compiler warnings regarding assignments in if statements.

        * html/HTMLFormElement.cpp:
        (WebCore::HTMLFormElement::createFormData):
        * plugins/PluginPackage.cpp:
        (WebCore::PluginPackage::compare):

2009-03-25  Dan Bernstein  <mitz@apple.com>

        Reviewed by Dave Hyatt.

        - fix <rdar://problem/6472150> repro crash in
          RenderBlock::rightmostPosition(bool, bool) const at mercotte.fr using
          menus

        Test: fast/inline/continuation-positioned-reparenting.html

        * rendering/RenderInline.cpp:
        (WebCore::RenderInline::splitFlow): When repurposing the existing
        container as the "pre" block, clear its positioned objects list, because
        positioned descendants may end up in a different block after the split.

2009-03-24  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Dave Hyatt
        
        https://bugs.webkit.org/show_bug.cgi?id=24784
        
        Length values in transform operations need to take zoom into account.

        Test: fast/transforms/transforms-with-zoom.html

        * css/CSSStyleSelector.cpp:
        (WebCore::CSSStyleSelector::createTransformOperations):

2009-03-25  David Hyatt  <hyatt@apple.com>

        Reviewed by Simon Fraser.

        https://bugs.webkit.org/show_bug.cgi?id=24809, background-clip/origin don't use the correct
        values.  Add support for the new values (while preserving the old values for backwards
        compatibility).

        Changed some existing test cases to use the new values.

        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseFillProperty):
        * css/CSSPrimitiveValueMappings.h:
        (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
        (WebCore::CSSPrimitiveValue::operator EFillBox):
        * css/CSSValueKeywords.in:

2009-03-25  Brett Wilson  <brettw@dhcp-172-22-71-191.mtv.corp.google.com>

        Reviewed by Dimitri Glazkov.

        Fix complex text opacity on the Chromium Windows port.
        https://bugs.webkit.org/show_bug.cgi?id=24757

        Test: fast/text/complex-text-opacity.html

        * platform/graphics/chromium/FontChromiumWin.cpp:
        (WebCore::):
        (WebCore::TransparencyAwareFontPainter::TransparencyAwareFontPainter::TransparencyAwareFontPainter):
        (WebCore::TransparencyAwareFontPainter::TransparencyAwareFontPainter::init):
        (WebCore::TransparencyAwareFontPainter::TransparencyAwareFontPainter::initializeForGDI):
        (WebCore::TransparencyAwareFontPainter::TransparencyAwareFontPainter::~TransparencyAwareFontPainter):
        (WebCore::TransparencyAwareFontPainter::TransparencyAwareGlyphPainter::TransparencyAwareGlyphPainter):
        (WebCore::TransparencyAwareFontPainter::TransparencyAwareGlyphPainter::~TransparencyAwareGlyphPainter):
        (WebCore::TransparencyAwareFontPainter::TransparencyAwareGlyphPainter::estimateTextBounds):
        (WebCore::TransparencyAwareFontPainter::TransparencyAwareGlyphPainter::drawGlyphs):
        (WebCore::TransparencyAwareFontPainter::TransparencyAwareUniscribePainter::hdc):
        (WebCore::TransparencyAwareFontPainter::TransparencyAwareUniscribePainter::TransparencyAwareUniscribePainter):
        (WebCore::TransparencyAwareFontPainter::TransparencyAwareUniscribePainter::~TransparencyAwareUniscribePainter):
        (WebCore::TransparencyAwareFontPainter::TransparencyAwareUniscribePainter::estimateTextBounds):
        (WebCore::Font::drawGlyphs):
        (WebCore::Font::drawComplexText):

2009-03-25  David Hyatt  <hyatt@apple.com>

        Reviewed by Eric Seidel

        Fix for bug 23198, border images should not clip to border radii.  The border-image should just ignore
        the border-radius, since the assumption is that any desired rounding will be built into the border-image
        itself.

        Note that I do not agree with this change, but I am matching the spec.

        Added fast/borders/border-image-border-radius.html

        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::paintNinePieceImage):

2009-03-25  Gustavo Noronha Silva  <gns@gnome.org>

        Reviewed by Holger Freyther.

        https://bugs.webkit.org/show_bug.cgi?id=24750
        [GTK] requests download instead of displaying page

        Fix the Content-Type headers we get from soup, so that we set a
        proper media type on the ResourceResponse.

        * platform/network/soup/ResourceHandleSoup.cpp:
        (WebCore::fillResponseFromMessage):

2009-03-25  Gustavo Noronha Silva  <gns@gnome.org>

        Reviewed by Holger Freyther.

        https://bugs.webkit.org/show_bug.cgi?id=24600
        [GTK] responses with status code >= 400 should not be given special treatment

        Do not special case requests that have HTTP responses >=
        400. Redirects are handled automatically by libsoup, but the rest
        of the responses should be treated like any other.

        * platform/network/soup/ResourceHandleSoup.cpp:
        (WebCore::):
        (WebCore::gotHeadersCallback):
        (WebCore::gotChunkCallback):
        (WebCore::finishedCallback):

2009-03-25  Darin Adler  <darin@apple.com>

        Reviewed by John Sullivan.

        Tidy up LegacyWebArchive a bit. And don't include favicons in web archives when
        they are being used only for selections, not an entire document.

        * WebCore.base.exp: Remove exported function that's not used in WebKit.

        * loader/archive/cf/LegacyWebArchive.cpp:
        (WebCore::LegacyWebArchive::createPropertyListRepresentation): Made a static member
        function so it can share private things with other member functions. Added some FIXME
        comments to a branch of code I think is dead. Changed boolean argument into a named
        one. Renamed to match other similar functions.
        (WebCore::LegacyWebArchive::createResourceResponseFromPropertyListData): Ditto.
        (WebCore::LegacyWebArchive::createResource): Ditto.
        (WebCore::LegacyWebArchive::create): Merged the create and init functions.
        (WebCore::LegacyWebArchive::rawDataRepresentation): Added some assertions because
        we should never fail to write (we can fail to read).
        (WebCore::LegacyWebArchive::createResourceResponseFromMacArchivedData): Made a static
        member function as above.
        (WebCore::LegacyWebArchive::createFromSelection): Ditto.
        (WebCore::LegacyWebArchive::create): Iterate the vector with indices rather than
        iterators. Only include the favicon if the first node is the document since we don't
        want to include the favicon when copying and pasting.

        * loader/archive/cf/LegacyWebArchive.h: Made one of the create functions private.
        Made the Mac-specific functions be static member functions. Made other helpers be
        static member functions. Removed the nit function.

        * loader/archive/cf/LegacyWebArchiveMac.mm:
        (WebCore::LegacyWebArchive::createResourceResponseFromMacArchivedData): Updated
        comment and made this a static member function.
        (WebCore::LegacyWebArchive::createPropertyListRepresentation): Ditto. Also made
        it so we only type cast in one place.

2009-03-25  Darin Adler  <darin@apple.com>

        Reviewed by David Hyatt.

        Bug 24740: crash in RenderSlider::setPositionFromValue when calling pause() after setting <video> to display: none
        https://bugs.webkit.org/show_bug.cgi?id=24740
        rdar://problem/6679873

        Bug 12104: Native Slider: When the thumb's height is specified as a percentage, it is not centered properly
        https://bugs.webkit.org/show_bug.cgi?id=12104

        Test: media/video-display-none-crash.html

        The problem here was that RenderSlider was trying to position its thumb in a way that
        requires it to call updateLayout inside rendering code. The right way to position a
        child renderer is to do layout, so I had to write a layout function. And then fix a few
        other small problems shown by the same test case.

        * rendering/RenderSlider.cpp: Made defaultTrackLength have internal linkage.
        Renamed HTMLSliderThumbElement to SliderThumbElement because we only use the HTML
        prefix for public DOM classes, not elements used as implementation details.
        Made SliderThumbElement function members private and got rid of unneeded default
        argument value for shadowParent.
        (WebCore::SliderRange::SliderRange): Added. Parses precision, max, and min attributes.
        (WebCore::SliderRange::clampValue): Added. Does standard clamping based on the above.
        (WebCore::SliderRange::valueFromElement): Added. Reads the value from the element in
        a way that clamps to the range.
        (WebCore::sliderPosition): Added. Computes the slider position: a double.
        (WebCore::SliderThumbElement::SliderThumbElement): Removed unneeded explicit
        initialization of m_initialClickPoint.
        (WebCore::SliderThumbElement::defaultEventHandler): Call setValueForPosition instead
        of calling setCurrentPosition and valueChanged.
        (WebCore::RenderSlider::RenderSlider): Remove unneeded explicit initialization of m_thumb.
        (WebCore::RenderSlider::styleDidChange): Remove unneeded second argument to createThumbStyle.
        (WebCore::RenderSlider::createThumbStyle): Remove unneeded second argument. Get rid of code
        setting the position to relative and setting the left and top. We now handle positioning
        in a custom layout function.
        (WebCore::RenderSlider::layout): Rewrote to handle positioning of the thumb as layout.
        (WebCore::RenderSlider::updateFromElement): Added code to immediately update the value
        in the element if it's out of range. This clamping used to be done as a side effect of
        setPositionFromValue. Also, this has nothing to do with the renderer, so at some point
        it could be moved into HTMLInputElement. Removed call to setPositionFromValue
        and instead just rely on the call to setNeedsLayout. Fix the setNeedsLayout call to be
        a normal setNeedsLayout(true), not a setNeedsLayout(true, false), because we do want
        this to be propagated to the parent -- it's not called during layout.
        (WebCore::RenderSlider::setValueForPosition): Refactor to use the new SliderRange
        class. Also don't call setCurrentPosition; instead just call setNeedsLayout.
        (WebCore::RenderSlider::currentPosition): Use the actual position of the renderer rather
        than the style to find the position; that means this needs to be done after layout is done.
        Also removed unneeded runtime checks and replaced them with assertions, after checking
        all callers to see they already guarantee this.
        (WebCore::RenderSlider::trackSize): Removed unneeded runtime checks and replaced them
        with assertions, after checking all callers to see they already guarantee this.
        (WebCore::RenderSlider::inDragMode): Added a null check for m_thumb so this won't
        crash if called early on a brand new RenderSlider.

        * rendering/RenderSlider.h: Made all functions private except for forwardEvent and inDragMode.
        Renamed HTMLSliderThumbElement to SliderThumbElement because we only use the HTML
        prefix for public DOM classes, not elements used as implementation details. Made the
        mouseEventIsInThumb function non-virtual. Removed the return value and argument from
        setPositionFromValue. Removed valueChanged and setCurrentPosition. Removed the oldStyle
        argument to createThumbStyle (see above). Made SliderThumbElement a friend so it can use some
        private member functions.

2009-03-25  Eli Fidler  <eli.fidler@torchmobile.com>

        Reviewed by George Staikos.

        Fix ambiguous else cases by adding braces to nested if()s with elses.

        * loader/MainResourceLoader.cpp:
        (WebCore::MainResourceLoader::continueAfterContentPolicy):
        * page/EventHandler.cpp:
        (WebCore::EventHandler::updateDragAndDrop):
        * rendering/RenderListMarker.cpp:
        (WebCore::toArmenianUnder10000):
        * rendering/TextControlInnerElements.cpp:
        (WebCore::TextControlInnerTextElement::defaultEventHandler):

2009-03-24  Eli Fidler  <eli.fidler@torchmobile.com>

        Reviewed by George Staikos.

        Move variable into proper platform block to quiet warning.

        * html/CanvasRenderingContext2D.cpp:
        (WebCore::CanvasRenderingContext2D::drawTextInternal):

2009-03-24  Eric Carlson  <eric.carlson@apple.com>

        Reviewed by Antti Koivisto.

        Fix for <rdar://problem/6719375> Deal with QTKit loadstate changes when playing streaming movies

        *  WebCore/html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::setNetworkState): Deal with media engine reviving after having
        network state of NETWORK_NO_SOURCE.

        *  WebCore/platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
        (WebCore::MediaPlayerPrivate::updateStates): Reset m_readyState at each state change since
        some types of movies currently cause QTKit's load state to bounce around. QTMovieLoadStatePlaythroughOK
        corresponds to HaveFutureData, not HaveEnoughData.

2009-03-24  Adele Peterson  <adele@apple.com>

        Reviewed by Darin Adler.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=24707
        <rdar://problem/6593021> Deleting with a caret in a blank, quoted line decreases the quoting, but does not delete the line

        * editing/TypingCommand.cpp: (WebCore::TypingCommand::deleteKeyPressed):
        After breaking out of an empty mail blockquote, we still want continue with the deletion
        so actual content will get deleted, and not just the quote style.

2009-03-24  Darin Adler  <darin@apple.com>

        Reviewed by Brady Eidson.

        <rdar://problem/6624662> REGRESSION (r39904): can't save certain web pages as web archive (ones without favicons!)

        * loader/archive/cf/LegacyWebArchive.cpp:
        (WebCore::LegacyWebArchive::create): Added a null check.

2009-03-24  Adam Langley  <agl@google.com>

        Reviewed by Darin Fisher.

        https://bugs.webkit.org/show_bug.cgi?id=24685

        The Skia drawLine function takes subpixel values and attempts to draw
        a line with subpixel precision. This is complex and slow for drawing
        scrollbars which use only vertical and horizontal lines.

        This changes the Chromium Linux scrollbar code to use drawIRect.

        * platform/chromium/ScrollbarThemeChromiumLinux.cpp:
        (WebCore::ScrollbarThemeChromium::invalidateOnMouseEnterExit):
        (WebCore::drawVertLine):
        (WebCore::drawHorizLine):
        (WebCore::drawBox):
        (WebCore::ScrollbarThemeChromium::paintTrackPiece):
        (WebCore::ScrollbarThemeChromium::paintThumb):

2009-03-24  David Kilzer  <ddkilzer@apple.com>

        Bug 23310: Setting an absolute path (/abs) on an <iframe> with no src doesn't resolve the URL properly

        <https://bugs.webkit.org/show_bug.cgi?id=23310>

        Reviewed by Darin Adler.

        Test: fast/frames/iframe-no-src-set-location.html

        * dom/Document.cpp:
        (WebCore::Document::completeURL): If m_baseURL is empty or is
        about:blank and we have a parent document, use the parent
        document's URL for the base when completing a new URL.

2009-03-24  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Dave Hyatt
        
        https://bugs.webkit.org/show_bug.cgi?id=24659
        
        When hit-testing 3d-transformed layers, it doesn't make sense to project the hitTestRect
        into the coordinate space of the layer, and doing so can result in pathalogical quads
        that break hit testing. In that case, simply use the same bounds as used for painting,
        which are the composited bounds for this layer.

        Test: transforms/3d/hit-testing/rotated-hit-test.html

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::hitTestLayer):

2009-03-24  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Dave Hyatt

        https://bugs.webkit.org/show_bug.cgi?id=24436
        
        When compositing is enabled, painting and hit testing end up using different
        clipping roots, because, for painting, every composited layer is a clipping root,
        but for hit testing only layers with transforms are. To fix this, we use
        temporary clip rects for hit testing, if the page is in compositing mode.

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::paintLayer):
        (WebCore::RenderLayer::hitTestLayer):
        (WebCore::RenderLayer::parentClipRects):
        (WebCore::RenderLayer::calculateRects):
        * rendering/RenderLayer.h:

2009-03-24  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Dan Bernstein
        
        https://bugs.webkit.org/show_bug.cgi?id=24782

        Fix regression with CSS clip rects with non-length values, by reverting to
        the original code, but passing the zoom multiplier through convertToLength().
        
        Also make stylistic change in createTransformOperations(), renaming 'inStyle'
        to 'style.
        
        Tested by existing tests.

        * css/CSSStyleSelector.cpp:
        (WebCore::convertToLength):
        (WebCore::CSSStyleSelector::applyProperty):
        (WebCore::CSSStyleSelector::createTransformOperations):

2009-03-24  David Hyatt  <hyatt@apple.com>

        Reviewed by Simon Fraser

        https://bugs.webkit.org/show_bug.cgi?id=21789, overflow:hidden elements should clip their foreground contents
        to a border-radius.

        This patch makes non-self-painting overflow layers and control clips work with border-radius.  RenderLayers
        that should be clipped by overflow ancestors with border-radius are still broken.

        Added fast/clip/overflow-border-radius-clip.html

        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::pushContentsClip):

2009-03-24  David Hyatt  <hyatt@apple.com>

        Reviewed by Simon Fraser

        https://bugs.webkit.org/show_bug.cgi?id=21789, overflow:hidden elements should clip their foreground contents.
        
        This first patch makes overflow:hidden properly clip the foreground contents of overflow:hidden replaced elements.  Common
        replaced elements now default to overflow:hidden in the UA stylesheet (this is what the spec specifically recommends be
        done).
    
        Added fast/replaced/border-radius-clip.html

        * css/html4.css:
        * rendering/RenderReplaced.cpp:
        (WebCore::RenderReplaced::paint):
        * rendering/RenderWidget.cpp:
        (WebCore::RenderWidget::paint):

2009-03-24  Adele Peterson  <adele@apple.com>

        RS by Mark Rowe.

        Only build these Mail quirks checks in on the Mac.

        * dom/Document.cpp: (WebCore::disableRangeMutation):
        * html/HTMLElement.cpp: (WebCore::HTMLElement::inEitherTagList):

2009-03-24  Brent Fulgham  <bfulgham@webkit.org>

        Build fix, no review.

        Remove ResourceLoaderCFNet.cpp from build list for Cairo Releas
        and Debug targets.

        * WebCore.vcproj/WebCore.vcproj:

2009-03-24  Eric Carlson  <eric.carlson@apple.com>

        Fix layout tests broken by r41907.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::setReadyState): Don't set "was playing" based on the new ready state

2009-03-24  Dmitry Titov  <dimich@chromium.org>

        Reviewed by Dimitri Glazkov.

        https://bugs.webkit.org/show_bug.cgi?id=24689
        Fix Chromium compilation errors.

        * bindings/v8/WorkerContextExecutionProxy.cpp:
        (WebCore::WorkerContextExecutionProxy::FindOrCreateEventListener):
        (WebCore::WorkerContextExecutionProxy::RemoveEventListener):

2009-03-24  Yury Semikhatsky  <yurys@chromium.org>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=24759
        Add missing methods Element.prototype.removeMatchingStyleClasses and
        Node.prototype.enclosingNodeOrSelfWithNodeNameInArray to SourceFrame content
        iframe. These methods are called by Element.prototype.removeStyleClass and
        Node.prototype.enclosingNodeOrSelfWithNodeName.

        * inspector/front-end/SourceFrame.js:
        (WebInspector.SourceFrame.prototype._loaded):

2009-03-24  Mark Mentovai  <mark@chromium.org>

        Reviewed by Mark Rowe.

        https://bugs.webkit.org/show_bug.cgi?id=24653
        WebKit should be buildable without prefix header injection.
        Adds missing #includes and forward declarations as needed.

        * editing/SmartReplaceCF.cpp:
        * platform/graphics/mac/ColorMac.mm:
        * platform/graphics/mac/FontCacheMac.mm:
        * platform/graphics/mac/FontCustomPlatformData.h:
        * platform/graphics/mac/FontMac.mm:
        * platform/graphics/mac/FontMacATSUI.mm:
        * platform/graphics/mac/FontPlatformData.h:
        * platform/graphics/mac/FontPlatformDataMac.mm:
        * platform/graphics/mac/GraphicsContextMac.mm:
        * platform/graphics/mac/SimpleFontDataMac.mm:
        * platform/mac/FoundationExtras.h:
        * platform/mac/LocalCurrentGraphicsContext.h:
        * platform/mac/WebCoreSystemInterface.h:
        * platform/mac/WebCoreSystemInterface.mm:
        * platform/mac/WebCoreTextRenderer.h:
        * platform/mac/WebCoreTextRenderer.mm:
        * platform/mac/WebFontCache.h:
        * platform/mac/WebFontCache.mm:
        * platform/text/PlatformString.h:
        * platform/text/mac/ShapeArabic.c:
        * platform/text/mac/StringMac.mm:
        * rendering/RenderThemeChromiumMac.h:

2009-03-24  Dan Bernstein  <mitz@apple.com>

        Reviewed by Darin Adler.

        - fix <rdar://problem/6107874> by capping the nesting depth of
          "block-level" elements generated by the parser

        Test: fast/parser/block-nesting-cap.html

        * html/HTMLParser.cpp:
        (WebCore::HTMLParser::HTMLParser):
        (WebCore::HTMLParser::insertNode):
        (WebCore::HTMLParser::pushBlock):
        (WebCore::HTMLParser::popOneBlockCommon):
        (WebCore::HTMLParser::freeBlock):
        * html/HTMLParser.h:

2009-03-23  Greg Bolsinga  <bolsinga@apple.com>

        Reviewed by David Kilzer.

        https://bugs.webkit.org/show_bug.cgi?id=24771
        
        DOMTimeStamps are based upon 1970.

        * platform/mac/GeolocationServiceMac.mm:
        (-[WebCoreCoreLocationObserver locationManager:didUpdateToLocation:fromLocation:]):

2009-03-23  Eric Seidel  <eric@webkit.org>

        Build fix, no review.

        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::createVisiblePosition): change .container to .isNotNull()

2009-03-23  Eric Seidel  <eric@webkit.org>

        Reviewed by Darin Adler.

        Rename Position::container to m_anchorNode and make it private
        https://bugs.webkit.org/show_bug.cgi?id=24760

        More code cleanup for Position.

        Change all uses of m_container to node()
        Eventually most uses of node() should change to anchorNode() to designate
        that it's the node the Position is anchored to, but not necessarily the
        container of the position (it could be the before/after neighbor).

        Remove any code which sets m_container, and change it to use a new
        Position::moveToPosition function which takes a node and offset.
        It never makes sense to change the node and leave the offset.

        * dom/Position.h:
        (WebCore::Position::Position):
        (WebCore::Position::clear):
        (WebCore::Position::anchorNode):
        (WebCore::Position::node):
        (WebCore::Position::moveToPosition):
        (WebCore::Position::moveToOffset):
        (WebCore::Position::isNull):
        (WebCore::Position::isNotNull):
        (WebCore::operator==):
        * dom/Range.cpp:
        (WebCore::Range::create):
        (WebCore::Range::compareBoundaryPoints):
        * dom/RangeBoundaryPoint.h:
        (WebCore::RangeBoundaryPoint::container):
        (WebCore::RangeBoundaryPoint::set):
        (WebCore::RangeBoundaryPoint::setOffset):
        (WebCore::RangeBoundaryPoint::setToChild):
        (WebCore::RangeBoundaryPoint::setToStart):
        (WebCore::RangeBoundaryPoint::setToEnd):

2009-03-17  Eric Seidel  <eric@webkit.org>

        Reviewed by David Hyatt.

        document.write() should be able to make a document strict mode
        https://bugs.webkit.org/show_bug.cgi?id=24336

        Remove an implicit write of "<html>" on the first document.write call
        this was added as part of a KDE import http://trac.webkit.org/changeset/798
        with no layout test or explanation.  I can't think of any reason why
        an implicit <html> write is necessary (or correct), so I'm removing it and
        adding a test for the correct behavior.  The parser will add any necessary
        HTMLHTMLElements during the write() anyway.

        Our behavior is now tested by fast/dom/Document/document-write-doctype
        and matches IE, FF fails this new test.  Mozilla bug filed:
        https://bugzilla.mozilla.org/show_bug.cgi?id=483908

        * dom/Document.cpp:
        (WebCore::Document::write):

2009-03-23  Sam Weinig  <sam@webkit.org>

        Reviewed by Dan Bernstein.

        Fix for <rdar://problem/6140966>
        Empty Caches does not clear the Cross-site XMLHttpRequest preflight cache

        * WebCore.base.exp:
        * WebCore.xcodeproj/project.pbxproj:
        * loader/CrossOriginPreflightResultCache.cpp:
        (WebCore::CrossOriginPreflightResultCache::empty):
        * loader/CrossOriginPreflightResultCache.h:

2009-03-23  Darin Adler  <darin@apple.com>

        Reviewed by Adele Peterson.

        Bug 24726: hit testing doesn't work right when the click is on anonymous content
        https://bugs.webkit.org/show_bug.cgi?id=24726
        rdar://problem/6696992

        Test: editing/selection/hit-test-anonymous.html

        * rendering/RenderBR.cpp:
        (WebCore::RenderBR::positionForPoint): Call createVisiblePosition instead of
        creating a VisiblePosition directly. It will handle finding non-anonymous
        content nearby if node() is 0.
        * rendering/RenderBlock.cpp:
        (WebCore::positionForPointRespectingEditingBoundaries): Ditto.
        (WebCore::positionForPointWithInlineChildren): Ditto.
        (WebCore::RenderBlock::positionForPoint): Ditto.
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::positionForPoint): Ditto.
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::positionForPoint): Ditto.
        (WebCore::RenderObject::createVisiblePosition): Added.
        * rendering/RenderObject.h: Added createVisiblePosition.
        * rendering/RenderReplaced.cpp:
        (WebCore::RenderReplaced::positionForPoint): Call createVisiblePosition.
        * rendering/RenderSVGInlineText.cpp:
        (WebCore::RenderSVGInlineText::positionForPoint): Ditto.
        * rendering/RenderText.cpp:
        (WebCore::RenderText::positionForPoint): Ditto.

2009-03-23  Adele Peterson  <adele@apple.com>

        Reviewed by Darin Adler & Dave Hyatt.

        Fix for <rdar://problem/6621310> REGRESSION(35185): Apple Travel HTML emails missing some style after Safari 4 upgrade

        Leopard Mail doesn't expect <style> to be in the body.  This change reverts back to the old behavior of
        moving <style> to <head> for that version of Mail.

        * html/HTMLElement.cpp: (WebCore::HTMLElement::inEitherTagList):

2009-03-23  Adele Peterson  <adele@apple.com>

        Reviewed by Mark Rowe & Dave Hyatt.

        Merge some of the individual Mail quirks into two settings that we can check for future quirks.

        * WebCore.base.exp:
        * dom/Document.cpp:
        (WebCore::disableRangeMutation):
        (WebCore::Document::nodeChildrenChanged):
        (WebCore::Document::nodeWillBeRemoved):
        (WebCore::Document::textInserted):
        (WebCore::Document::textRemoved):
        (WebCore::Document::textNodesMerged):
        (WebCore::Document::textNodeSplit):
        * page/Settings.cpp:
        (WebCore::Settings::Settings):
        (WebCore::Settings::setNeedsLeopardMailQuirks):
        (WebCore::Settings::setNeedsTigerMailQuirks):
        * page/Settings.h:
        (WebCore::Settings::needsLeopardMailQuirks):
        (WebCore::Settings::needsTigerMailQuirks):

2009-03-23  Ada Chan  <adachan@apple.com>

        https://bugs.webkit.org/show_bug.cgi?id=24762
        Support text-indent in <option> elements on windows platform.

        Reviewed by Adele Peterson.

        * css/themeWin.css:
        * platform/PopupMenuStyle.h: We don't honor font specified on <option> elements right now.  Make this
        explicit via windows themed default stylesheet.
        (WebCore::PopupMenuStyle::PopupMenuStyle): Also store text-indent and text-direction.
        (WebCore::PopupMenuStyle::textIndent):
        (WebCore::PopupMenuStyle::textDirection):
        * platform/win/PopupMenuWin.cpp:
        (WebCore::PopupMenu::paint): Adjust the text's x-coordinate if text-indent is supported for options and 
        text-indent is specified with LTR direction.
        * rendering/RenderMenuList.cpp:
        (WebCore::RenderMenuList::updateOptionsWidth): Take text-indent into account if theme supports text-indent for options.
        (WebCore::RenderMenuList::itemStyle): Use new PopupMenuStyle constructor on windows.
        (WebCore::RenderMenuList::menuStyle): Ditto.
        * rendering/RenderTextControlSingleLine.cpp:
        (WebCore::RenderTextControlSingleLine::menuStyle): Ditto.
        * rendering/RenderTheme.h:
        (WebCore::RenderTheme::popupOptionSupportsTextIndent): Added.  Default is false since we are only supporting it in windows for now.
        * rendering/RenderThemeWin.h:
        (WebCore::RenderThemeWin::popupOptionSupportsTextIndent): Returns true for windows.

2009-03-23  Sam Weinig  <sam@webkit.org>

        Reviewed by Anders Carlsson.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=24699
        REGRESSION: Java Applets broken
        <rdar://problem/6707494>

        Fix loading Java applets without a codeBase. Only pass the base (up to the
        the last path component) of the baseURL to the plug-in.

        * html/HTMLAppletElement.cpp:
        (WebCore::HTMLAppletElement::createRenderer):
        * platform/KURL.cpp:
        (WebCore::KURL::baseAsString):
        * platform/KURL.h:

2009-03-23  Darin Adler  <darin@apple.com>

        Reviewed by Sam Weinig.

        * platform/KURL.h: Removed now-incorrect comments.
        None of the parts include the separator characters any more, now that
        query doesn't include the "?", so the comments explaining which do and do
        not are no-longer helpful.

2009-03-23  David Levin  <levin@chromium.org>

        Reviewed by Dimitri Glazkov.

        https://bugs.webkit.org/show_bug.cgi?id=24764

        Renamed files V8NodeFilter -> V8NodeFilterCondition to reflect
        class names.  Also fixed some headers that got mangled in search/replace
        operations.

        No change in behavior, so no test.

        * bindings/v8/V8NodeFilter.h: Removed.
        * bindings/v8/V8NodeFilterCondition.cpp: Renamed from WebCore/bindings/v8/V8NodeFilter.cpp.
        * bindings/v8/V8NodeFilterCondition.h: Added.
        * bindings/v8/custom/V8ClipboardCustom.cpp:
        * bindings/v8/custom/V8DocumentCustom.cpp:
        * bindings/v8/custom/V8ElementCustom.cpp:
        * bindings/v8/custom/V8HTMLCanvasElementCustom.cpp:
        * bindings/v8/custom/V8NavigatorCustom.cpp:

2009-03-23  Darin Fisher  <darin@chromium.org>

        Reviewed by Antti Koivisto.

        https://bugs.webkit.org/show_bug.cgi?id=24741

        Adds a unique across-browser-sessions identifier to FormData, which may
        be used by ResourceHandle as a secondary cache key to enable cached
        form submissions.

        At issue: two otherwise identical form submissions may result in
        completely independent responses, which may each be appropriate to
        store and reuse from cache.

        * html/HTMLFormElement.cpp: Added call to FormData::setIdentifier so that
        we only enable cached form submissions for those generated by HTML.  This
        way we do not bother with POSTs generated by XMLHttpRequest.
        (WebCore::generateFormDataIdentifier):
        (WebCore::HTMLFormElement::createFormData):
        * platform/network/FormData.cpp: Initialize m_identifier to 0, which means
        the unspecified identifier.  So by default there is no identifier and
        nothing changes.
        (WebCore::FormData::FormData):
        * platform/network/FormData.h: Added m_identifier with setter and getter.
        (WebCore::FormData::setIdentifier):
        (WebCore::FormData::identifier):

2009-03-23  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Antti Koivisto
        
        https://bugs.webkit.org/show_bug.cgi?id=24733
        
        Fix media controller with full-page zoom. Previously, the media controller
        shadow nodes never saw style changes on the RenderMedia, so did not respond
        to zooming at all. Now, we update the style on the shadow renderers
        whenever RenderMedia gets a style change. Also fix the video thumb in
        the theme to be scaled properly.

        Test: media/video-controls-zoomed.html

        * rendering/MediaControlElements.cpp:
        (WebCore::MediaControlShadowRootElement::updateStyle):
        (WebCore::MediaTextDisplayElement::MediaTextDisplayElement):
        (WebCore::MediaTextDisplayElement::updateStyle):
        (WebCore::MediaControlInputElement::MediaControlInputElement):
        (WebCore::MediaControlInputElement::updateStyle):
        * rendering/MediaControlElements.h:
        * rendering/RenderMedia.cpp:
        (WebCore::RenderMedia::styleDidChange):
        * rendering/RenderMedia.h:
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::adjustSliderThumbSize):

2009-03-23  Mike Belshe  <mike@belshe.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=24739

        Rework StringImpl::create methods to try to allocate a single buffer
        rather than allocating both the StringImpl class and a separate data
        buffer.

        * platform/text/StringImpl.cpp:
        * platform/text/StringImpl.h:

2009-03-23  Darin Adler  <darin@apple.com>

        Reviewed by Antti Koivisto.

        Based on a patch by Nico Weber <nicolasweber@gmx.de>

        Bug 24755: LayoutTests/http/tests/misc/url-in-utf16le.html regression
        https://bugs.webkit.org/show_bug.cgi?id=24755

        * platform/text/TextEncoding.cpp:
        (WebCore::TextEncoding::isUTF7Encoding): Added. Checks if the current encoding
        is UTF7 without loading extended codecs.
        (WebCore::TextEncoding::encodingForFormSubmission): Use isUTF7Encoding() instead
        of comparing with UTF7Encoding(). Eliminate the explicit check of
        noExtendedTextEncodingNameUsed() because that's now handled by the functions
        that this function calls instead.

        * platform/text/TextEncoding.h: Added isUTF7Encoding function.
        Also tweaked formatting a bit.

2009-03-20  Peter Kasting  <pkasting@google.com>

        Reviewed by Darin Fisher.

        https://bugs.webkit.org/show_bug.cgi?id=24720
        RenderThemeChromium should draw something for Slider parts instead of
        dropping them on the floor.

        * platform/chromium/ChromiumBridge.h:
        * rendering/RenderThemeChromiumWin.cpp:
        (WebCore::RenderThemeChromiumWin::adjustSliderThumbSize):
        (WebCore::RenderThemeChromiumWin::paintSliderTrack):
        (WebCore::RenderThemeChromiumWin::determineSliderThumbState):
        (WebCore::RenderThemeChromiumWin::getThemeData):
        * rendering/RenderThemeChromiumWin.h:
        (WebCore::RenderThemeChromiumWin::paintSliderThumb):

2009-03-23  Glen Murphy  <glen@chromium.org>

        Reviewed by Darin Fisher.

        https://bugs.webkit.org/show_bug.cgi?id=24657

        Fix Skia drawing of highly scaled bitmaps; the conversion to
        IntRect produced visible layout test failures in highly scaled 
        coordinate systems.

        Test: svg/custom/image-small-width-height.svg

        * WebCore\platform\graphics\skia\ImageSkia.cpp:

2009-03-23  David Kilzer  <ddkilzer@apple.com>

        Provide JavaScript exception information after slow script timeout

        Reviewed by Oliver Hunt.

        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::evaluate): Changed to report
        exceptions for the Interrupted completion type as well.

2009-03-23  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Darin Adler

        https://bugs.webkit.org/show_bug.cgi?id=24736
        
        Fix three mostly-unrelated problems with full-page zoom:
        
        * dom/Document.cpp:
        (WebCore::Document::elementFromPoint):
        Document::elementFromPoint() needs to take full-page zoom into account.
        
        * dom/MouseRelatedEvent.cpp:
        (WebCore::MouseRelatedEvent::receivedTarget):
        Take full-page zoom into account when computing offsetX/offsetY.
        
        * html/HTMLSelectElement.cpp:
        (WebCore::HTMLSelectElement::listBoxDefaultEventHandler):
        Don't use offsetX/offsetY when hit testing list boxes; offsets were broken
        with full-page zoom, and using pageX/pageY is easier because we don't
        have to worry about the event target, and we already have a point in
        absolute coordinates.

        Tests: fast/forms/listbox-hit-test-zoomed.html
               fast/forms/search-zoomed.html
               fast/forms/slider-zoomed.html

2009-03-23  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Dan Bernstein

        https://bugs.webkit.org/show_bug.cgi?id=24753
        
        The rect for CSS 'clip' needs to have zooming applied to it.

        Test: fast/css/clip-zooming.html

        * css/CSSStyleSelector.cpp:
        (WebCore::CSSStyleSelector::applyProperty):

2009-03-23  Eric Carlson  <eric.carlson@apple.com>

        Reviewed by Adam Roben.

        <rdar://problem/6704282>
        https://bugs.webkit.org/show_bug.cgi?id=24719
        QTMovieWinTimer logic inversion

        Fix logic inversion in the Win32 timer used by QTMovieWin that caused it to always
        use SetTimer, even when the intervals was below USER_TIMER_MINIMUM. A side effect of
        this was that a movie timer would sometimes be blocked for significant amounts of time 
        because WM_TIMER messages are not processed when the thread's message queue has any
        higher priority messages, and WebCore/Win's timer uses PostMessage for low interval
        timers. Also change SetTimer call to use HWND and custom message instead of 
        timer function since the timer already has an HWND for processing PostMessage.

        Not possible to make a test for this because it is so timing dependant.

        * platform/graphics/win/QTMovieWinTimer.cpp:
        (TimerWindowWndProc):
        (setSharedTimerFireDelay):

2009-03-23  Eric Carlson  <eric.carlson@apple.com>

        Reviewed by Adele Peterson.

        https://bugs.webkit.org/show_bug.cgi?id=24588
        
        Update media element implementation to current HTML5 spec

        New tests: 
               media/media-constants.html
               media/video-seek-no-src-exception.html
               media/video-source-add-src.html
               media/video-src-invalid-remove.html
               media/video-src-plus-source.html
               media/video-timeupdate-during-playback.html

        * dom/EventNames.h: Remove obsolute events, add new ones.
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::HTMLMediaElement): Initialize new member vars.
        (WebCore::HTMLMediaElement::attributeChanged): Trigger load() only when we don't
        have a source.
        (WebCore::HTMLMediaElement::removedFromDocument): Deal with state name changes.
        (WebCore::HTMLMediaElement::scheduleProgressEvent): New, create a progress event and 
        add it to the event queue to be dispatch when the timer fires.
        (WebCore::HTMLMediaElement::scheduleEvent): New, create a generic event and add
        it to the event queue to be dispatch when the timer fires.
        (WebCore::HTMLMediaElement::enqueueEvent): Add an event to the queue and ticke the 
        asynch event timer.
        (WebCore::HTMLMediaElement::asyncEventTimerFired): Dispatch all pending events.
        (WebCore::HTMLMediaElement::loadTimerFired): Either trigger the initial load or
        try to load the next <source> url.
        (WebCore::HTMLMediaElement::load): Minor style change.
        (WebCore::HTMLMediaElement::loadInternal): The first part of the spec load algorithm, cleanup
        the current load (if any) and set up state for a new load.
        (WebCore::HTMLMediaElement::selectMediaResource): Deal with no 'src' or <source>, post 'loadstart'
        event, and initiate load from 'src' if present.
        (WebCore::HTMLMediaElement::loadNextSourceChild): Initiate load from next <source> url, or trigger
        noneSupported() if no more to consider.
        (WebCore::HTMLMediaElement::loadResource): Instantiate a new MediaPlayer and ask it to load a url.
        (WebCore::HTMLMediaElement::startProgressEventTimer): Start the repeating progress event timer.
        (WebCore::HTMLMediaElement::noneSupported): Post error event and set up state when no valid 
        media url was found.
        (WebCore::HTMLMediaElement::mediaEngineError): Post error event and set up state when no valid 
        media engine failed with a decode error or a network error.
        (WebCore::HTMLMediaElement::mediaPlayerNetworkStateChanged):
        (WebCore::HTMLMediaElement::setNetworkState): Updated for new spec network states.
        (WebCore::HTMLMediaElement::mediaPlayerReadyStateChanged):
        (WebCore::HTMLMediaElement::setReadyState): Updated for new spec ready state.
        (WebCore::HTMLMediaElement::progressEventTimerFired): Bail if the network is not active.
        (WebCore::HTMLMediaElement::seek): Return INVALID_STATE_ERR exception if state is too low or
        if player hasn't been set up yet. This is necessary becase load() is async. Clear the flag
        we use to guard against sending 'ended' more than once.
        (WebCore::HTMLMediaElement::duration): Don't bother calling media engine before it has metadata.
        (WebCore::HTMLMediaElement::setDefaultPlaybackRate): Remove exception param, 0 is no longer an
        invalid rate. 
        (WebCore::HTMLMediaElement::setPlaybackRate): Remove exception param, 0 is no longer an
        invalid rate. Cache rate being set so we can use it later if media engine isn't ready now.
        (WebCore::HTMLMediaElement::play): Remove exception param, play() before load() now just
        starts loading asynchronously.
        (WebCore::HTMLMediaElement::playInternal): Remove exception param. Fire 'waiting' or 'playing'
        event depending on current state.
        (WebCore::HTMLMediaElement::pause): Remove exception param, pause() before load() now just
        starts loading asynchronously.
        (WebCore::HTMLMediaElement::pauseInternal): Remove exception param.
        (WebCore::HTMLMediaElement::setVolume): dispatchEventAsync -> scheduleEvent
        (WebCore::HTMLMediaElement::setMuted): dispatchEventAsync -> scheduleEvent
        (WebCore::HTMLMediaElement::togglePlayState): Remove exception param.
        (WebCore::HTMLMediaElement::beginScrubbing): pause() doesn't take an exception param.
        (WebCore::HTMLMediaElement::startPlaybackProgressTimer): New, starts timer that fires 4 times per
        second when the movie is playing to timeupdate so we can post 'timeupdate' events.
        (WebCore::HTMLMediaElement::playbackProgressTimerFired): Timer proc.
        (WebCore::HTMLMediaElement::scheduleTimeupdateEvent): Bottleneck around scheduling a 'timeupdate'
        event because we both fire them them when the spec says we should and when the media engine
        says that time has jumped, but we don't want to fire more than one at a given movie time. We also
        use this bottleneck to keep track of the last time one was posted so we won't fire too often
        during playback.
        (WebCore::HTMLMediaElement::canPlay): readyState now tracks whether or not we have metadata.
        (WebCore::HTMLMediaElement::havePotentialSourceChild): New, checks to see if there are a <source>
        element with a 'src' attribute that we have not tried to load yet.
        (WebCore::HTMLMediaElement::nextSourceChild): New, returns the url and content type of the next
        <source> element that we haven't tried to load.
        (WebCore::HTMLMediaElement::mediaPlayerTimeChanged): Schedule 'seeked' event when seeking completes.
        Set a flag when we post the 'ended' event, clear it when time changed and we aren't at the end since
        some media engines call this proc more than once when playback reaches the end and stops, but we
        don't want to post 'ended' more than once.
        (WebCore::HTMLMediaElement::mediaPlayerDurationChanged): New, added so media engine can inform
        when the movie duration changes and we can post 'durationchanged' event.
        (WebCore::HTMLMediaElement::mediaPlayerRateChanged): New, added so media engine can inform when
        the rate changed and we can updated our cached rate. This is useful because we only want to know
        post periodic 'timeupdate' events when the movie is actually playing, and because we want to know
        the actual playback rate when it differs from what we tried to set.
        (WebCore::HTMLMediaElement::mediaPlayerSizeChanged): New, added so media engine can inform when
        a movie's intrinsic size changes and we can inform the renderer.
        (WebCore::HTMLMediaElement::potentiallyPlaying): Renamed from activelyPlaying since the spec now
        uses "actively playing" for this concept. Update logic for new state names and un-comment calls
        to stoppedDueToErrors() and pausedForUserInteraction() since the spec says those condiditons
        are part of the answer.
        (WebCore::HTMLMediaElement::endedPlayback): Update logic for new state names. 
        (WebCore::HTMLMediaElement::stoppedDueToErrors): New, spec says this logic should be part of
        the determination of "potentially playing".
        (WebCore::HTMLMediaElement::pausedForUserInteraction): New, placeholder for when (if) user
        agent supports this spec concept.
        (WebCore::HTMLMediaElement::updatePlayState): Stop timer used to fire periodic 'timeupdate' 
        events when we pauses the movie. Set the media engine rate before calling play() in case it
        wasn't set up when the rate was changed.
        (WebCore::HTMLMediaElement::stopPeriodicTimers): New, stop the progress event and 'timeupate'
        event timers.
        (WebCore::HTMLMediaElement::userCancelledLoad): New, logic pulled out of documentWillBecomeInactive
        and updated for the current spec.
        (WebCore::HTMLMediaElement::documentWillBecomeInactive): Moved some logic to userCancelledLoad.
        (WebCore::HTMLMediaElement::documentDidBecomeActive): Update comments.
        (WebCore::HTMLMediaElement::initialURL): Update for refactoring of code that determines the 
        initial url.
        * html/HTMLMediaElement.h: Change ReadyState and NetworkState enums to match names in the spec,
        update for changes in .cpp.
        (WebCore::HTMLMediaElement::):

        * html/HTMLMediaElement.idl: Update ready state and network state constants for spec changes.
        defaultPlaybackRate, playbackRate, play(), and pause() no longer raise exceptions.

        * html/HTMLSourceElement.cpp:
        (WebCore::HTMLSourceElement::insertedIntoDocument): Update for network state name changes.

        * html/HTMLVideoElement.cpp:
        (WebCore::HTMLVideoElement::updatePosterImage): Update for ready state name changes.

        * html/MediaError.h:
        (WebCore::MediaError::): add MEDIA_ERR_NONE_SUPPORTED.

        * html/MediaError.idl: add MEDIA_ERR_NONE_SUPPORTED.

        * loader/MediaDocument.cpp:
        (WebCore::MediaDocument::defaultEventHandler): play() and pause() don't take an exception.

        * platform/graphics/MediaPlayer.cpp:
        (WebCore::NullMediaPlayerPrivate::readyState): Update for newtork state name changes.
        (WebCore::MediaPlayer::sizeChanged): New, so engine can report intrinsic size changes.
        (WebCore::MediaPlayer::rateChanged): New, so engine can report rate changes.
        (WebCore::MediaPlayer::durationChanged): New, so engine can report duration changes.
        * platform/graphics/MediaPlayer.h: Update NetworkState and ReadyState enum names to match spec
        states.
        (WebCore::MediaPlayerClient::mediaPlayerDurationChanged): New.
        (WebCore::MediaPlayerClient::mediaPlayerRateChanged): New.
        (WebCore::MediaPlayerClient::mediaPlayerSizeChanged): New.
        (WebCore::MediaPlayer::):

        * platform/graphics/gtk/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivate::MediaPlayerPrivate): Update for network/ready state name changes.
        (WebCore::MediaPlayerPrivate::load): Ditto.
        (WebCore::MediaPlayerPrivate::updateStates): Ditto.
        (WebCore::MediaPlayerPrivate::loadingFailed): Ditto.

        * platform/graphics/mac/MediaPlayerPrivateQTKit.h: Update for network/ready state name changes.
        Remove endPointTimer, it is no longer necessary. Add m_enabledTrackCount and m_duration.
        (WebCore::MediaPlayerPrivate::metaDataAvailable):
        * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
        (WebCore::MediaPlayerPrivate::MediaPlayerPrivate): No more m_endPointTimer or m_endTime. Initialize
        m_enabledTrackCount and m_duration. Update for network/ready state name changes.
        (WebCore::MediaPlayerPrivate::load): Update for network/ready state name changes.
        (WebCore::MediaPlayerPrivate::play): No more m_endPointTimer.
        (WebCore::MediaPlayerPrivate::pause): Ditto.
        (WebCore::MediaPlayerPrivate::currentTime): No more m_endTime.
        (WebCore::MediaPlayerPrivate::seek): Ditto.
        (WebCore::MediaPlayerPrivate::doSeek): Ditto, plus don't call setRate(0) when the rate is
        already zero.
        (WebCore::MediaPlayerPrivate::setEndTime): No more m_endTime.
        (WebCore::MediaPlayerPrivate::updateStates): Update for network/ready state name changes. Return
        different errors depending on what causes a failure. Watch for and report duration changes.
        (WebCore::MediaPlayerPrivate::rateChanged): Report rate changes.
        (WebCore::MediaPlayerPrivate::sizeChanged): Report size changes.
        (WebCore::MediaPlayerPrivate::didEnd): No more endpoint timer.
        (WebCore::MediaPlayerPrivate::setVisible): Update for network/ready state name changes.
        (WebCore::MediaPlayerPrivate::disableUnsupportedTracks): Don't return number of unsupported
        tracks, store in m_enabledTrackCount so we can use it to help determine causes of failure.

        * platform/graphics/qt/MediaPlayerPrivatePhonon.cpp:
        (WebCore::MediaPlayerPrivate::MediaPlayerPrivate): Update for network/ready state name changes.
        (WebCore::MediaPlayerPrivate::load): Ditto.
        (WebCore::MediaPlayerPrivate::duration): Ditto.
        (WebCore::MediaPlayerPrivate::updateStates): Ditto.
        (WebCore::MediaPlayerPrivate::naturalSize): Ditto.

        * platform/graphics/win/MediaPlayerPrivateQuickTimeWin.cpp:
        (WebCore::MediaPlayerPrivate::MediaPlayerPrivate): No more m_endPointTimer. Update for 
        network/ready state name changes.
        (WebCore::MediaPlayerPrivate::load): Update for network/ready state name changes. No more
        m_endPointTimer.
        (WebCore::MediaPlayerPrivate::play): No more m_endPointTimer.
        (WebCore::MediaPlayerPrivate::pause): Ditto. 
        (WebCore::MediaPlayerPrivate::setEndTime): Ditto.
        (WebCore::MediaPlayerPrivate::updateStates): Update for network/ready state name changes.
        (WebCore::MediaPlayerPrivate::didEnd): No more m_endPointTimer.
        * platform/graphics/win/MediaPlayerPrivateQuickTimeWin.h:

        * rendering/MediaControlElements.cpp:
        (WebCore::MediaControlPlayButtonElement::defaultEventHandler): Update for network/ready state 
        name changes.
        (WebCore::MediaControlSeekButtonElement::defaultEventHandler): Ditto.

2009-03-22  Kevin Ollivier  <kevino@theolliviers.com>

        wxGTK build fix. Add missing header.

        * platform/wx/wxcode/gtk/non-kerned-drawing.cpp:

2009-03-22  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Dan Bernstein
        
        https://bugs.webkit.org/show_bug.cgi?id=24665
        
        Image-map code in RenderImage could result in RenderImage::nodeAtPoint()
        setting HitTestResult::innerNode(), but returning false, which violates
        hit testing rules. Use a temporary HitTestResult so that we only fill in
        result when we know we've hit.

        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::nodeAtPoint):

2009-03-22  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Dan Bernstein
        
        https://bugs.webkit.org/show_bug.cgi?id=24743
        
        Fix hit testing regression from r41840. We need to pass the temporary
        HitTestResult when testing sublayers, then only copy to 'result' when
        the layer is known to have been hit.

        Test: fast/layers/zindex-hit-test.html

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::hitTestLayer):

2009-03-20  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Darin Adler

        https://bugs.webkit.org/show_bug.cgi?id=24733
        
        Fix hit testing on video controls after full page zoom by fixing wider issue
        with event->pageX(), pageY() with zooming. pageX and pageY are "fixed" to be
        invariant under zooming (for JavaScript), so we keep an actual page point around
        in MouseEvent::absoluteLocation() to avoid the need to factor in zooming everywhere.

        * dom/MouseRelatedEvent.cpp:
        (WebCore::MouseRelatedEvent::initCoordinates):
        (WebCore::MouseRelatedEvent::computePageLocation):
        * dom/MouseRelatedEvent.h:
        (WebCore::MouseRelatedEvent::absoluteLocation):
        (WebCore::MouseRelatedEvent::setAbsoluteLocation):
        Member var, and getter and setter for absoluteLocation.
        New method, computePageLocation(), to compute the actual page point,
        and call it when creating and initting mouse-related events.

        * dom/Node.cpp:
        (WebCore::Node::dispatchMouseEvent):
        (WebCore::Node::dispatchWheelEvent):
        Keep non-adjusted pageX and pageY around, and call setAbsoluteLocation()
        on the event to replace a potentially rounded point.
        
        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::defaultEventHandler):
        Clean up slider handling code.
        
        * html/HTMLSelectElement.cpp:
        (WebCore::HTMLSelectElement::listBoxDefaultEventHandler):
        Add FIXME comment for use of offsetX/offsetY.
        
        * page/ContextMenuController.cpp:
        (WebCore::ContextMenuController::handleContextMenuEvent):
        Use absoluteLocation() when hit testing for context menus.
        
        * rendering/RenderFrameSet.cpp:
        (WebCore::RenderFrameSet::userResize):
        Use absoluteLocation() when resizing frames.
        
        * rendering/RenderMedia.cpp:
        (WebCore::RenderMedia::forwardEvent):
        Use absoluteLocation() when hit testing media controls.

        * rendering/RenderSlider.cpp:
        (WebCore::HTMLSliderThumbElement::defaultEventHandler):
        (WebCore::RenderSlider::mouseEventIsInThumb):
        Use absoluteLocation() when handling slider events.

        (WebCore::RenderSlider::forwardEvent):
        Factor some code out of HTMLInputElement::defaultEventHandler().
        
        * rendering/RenderTextControlSingleLine.cpp:
        (WebCore::RenderTextControlSingleLine::forwardEvent):
        Use absoluteLocation() when hit testing search field buttons, which fixees
        bugs in the search field with zooming.

2009-03-21  David Levin  <levin@chromium.org>

        Reviewed by Dimitri Glazkov.

        https://bugs.webkit.org/show_bug.cgi?id=24727
        Add V8XMLHttpRequest*.

        * bindings/v8/V8XMLHttpRequestUtilities.cpp: Added.
        * bindings/v8/V8XMLHttpRequestUtilities.h: Added.
        * bindings/v8/custom/V8XMLHttpRequestConstructor.cpp: Added.
        * bindings/v8/custom/V8XMLHttpRequestCustom.cpp: Added.
        * bindings/v8/custom/V8XMLHttpRequestUploadCustom.cpp: Added.

2009-03-21  David Levin  <levin@chromium.org>

        Reviewed by Dimitri Glazkov.

        https://bugs.webkit.org/show_bug.cgi?id=24725
        Add V8NodeFilter.

        * bindings/v8/V8NodeFilter.cpp: Added.
        * bindings/v8/V8NodeFilter.h: Added.

2009-03-21  Dan Bernstein  <mitz@apple.com>

        Rubber-stamped by Kevin Decker

        - remove some redundant #include statements

        * bindings/js/JSDOMWindowBase.cpp:

2009-03-20  Dan Bernstein  <mitz@apple.com>

        Reviewed by Mark Rowe.

        - fix <rdar://problem/6574185> REGRESSION (3.2.2-TOT): hang in text drawing code

        * platform/graphics/win/FontCGWin.cpp:
        (WebCore::drawGDIGlyphs): Changed glyph stroking to fill and stroke each
        glyph as a separate path, instead of all glyphs as a single path. This
        matches what CGContextShowGlyphsWithAdvances() does, and has comparable
        performance.

2009-03-20  Dean Jackson  <dino@apple.com>

        Reviewed by Simon Fraser

        Build fix for ENABLE(3D_RENDERING)

        * rendering/RenderObject.h:
        (WebCore::makeMatrixRenderable):

2009-03-20  Dave Moore  <davemoore@google.com>

        Reviewed by Dimitri Glazkov.

        https://bugs.webkit.org/show_bug.cgi?id=24705

        A bug in the V8 bindings is preventing chromium from setting the href on the
        location object...any attempt throws a security error, not just for javascript
        protocol

        * page/Location.idl:

2009-03-20  Craig Schlenter  <craig.schlenter@gmail.com>

        Reviewed by Dimitri Glazkov.

        https://bugs.webkit.org/show_bug.cgi?id=24608

        Include stdio.h needed for printf on gcc 4.4.0

        * platform/KURLGoogle.cpp:

2009-03-20  Mike Belshe <mike@belshe.com>

        Reviewed by Darin Fisher.

        https://bugs.webkit.org/show_bug.cgi?id=24577

        Don't let comments at the end of an event handler
        break the event handler.

        No change in behavior, so no test.

        * bindings/v8/V8LazyEventListener.cpp:
        (WebCore::V8LazyEventListener::getWrappedListenerFunction):

2009-03-20  Norbert Leser  <norbert.leser@nokia.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=24535

        Fixes missing line terminator character (;) after macro call.
        It is common practice to add the trailing ";" where macros are substituted
        and not where they are defined with #define.
        This change is consistent with other macro declarations across webkit,
        and it also solves compilation failure with symbian compilers. 
 
        No change in behavior, so no test.

        * bindings/js/JSDOMWindowShell.cpp:
        * bindings/js/JSEventListener.cpp:
        * bindings/js/JSImageConstructor.cpp:
        * bindings/js/JSInspectedObjectWrapper.cpp:
        * bindings/js/JSInspectorCallbackWrapper.cpp:
        * bindings/js/JSNamedNodesCollection.cpp:
        * bindings/js/JSNodeFilterCondition.cpp:
        * bindings/js/JSOptionConstructor.cpp:
        * bindings/js/JSQuarantinedObjectWrapper.cpp:
        * bindings/js/JSRGBColor.cpp:
        * bindings/js/JSWorkerContextBase.cpp:
        * bindings/js/JSXMLHttpRequestConstructor.cpp:
        * bindings/js/JSXSLTProcessorConstructor.cpp:
        * bindings/scripts/CodeGeneratorJS.pm:

2009-03-20  Mike Belshe  <mike@belshe.com>

        Reviewed by Dimitri Glazkov and Dave Hyatt.

        https://bugs.webkit.org/show_bug.cgi?id=24324

        Make the minimum timer configurable for different platforms.

        * page/DOMTimer.cpp:
        (WebCore::DOMTimer::DOMTimer):
        (WebCore::DOMTimer::fired):
        * page/DOMTimer.h:
        (WebCore::DOMTimer::minTimerInterval):
        (WebCore::DOMTimer::setMinTimerInterval):

2009-03-20  Dean McNamee  <deanm@chromium.org>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=22834

        Make sure to consistently match new/delete and fastMalloc/fastFree.

        * css/CSSSelectorList.cpp:
        (WebCore::CSSSelectorList::adoptSelectorVector):
        (WebCore::CSSSelectorList::deleteSelectors):

2009-03-20  Dan Bernstein  <mitz@apple.com>

        Reviewed by Dave Hyatt.

        - fix https://bugs.webkit.org/show_bug.cgi?id=23739
          <rdar://problem/6556371> REGRESSION (r36513): iframe isn't sized properly upon load

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::percentHeightDescendants): Added this accessor.
        * rendering/RenderBlock.h:
        * rendering/RenderTableSection.cpp:
        (WebCore::RenderTableSection::layoutRows): Extended the check for
        children that flex to include other descendants with percent height
        which is relative to the cell.

2009-03-20  Dmitry Titov  <dimich@chromium.org>

        Reviewed by Alexey Proskuryakov.

        https://bugs.webkit.org/show_bug.cgi?id=24706
        Remove ScriptExecutionContext::encoding() since Workers do not need it.
        WorkerContext::encoding() is simply removed, while Document::encoding()
        made non-virtual and private. Workers use UTF-8 now except when instructed
        otherwise by http header. Also updated test.

        * dom/Document.h: Made encoding() non-virtual and private.
        * dom/ScriptExecutionContext.h: removed encoding().

        * workers/Worker.cpp:
        (WebCore::Worker::Worker):
        (WebCore::Worker::notifyFinished):
        * workers/WorkerContext.cpp: removed encoding() implementation.
        (WebCore::WorkerContext::WorkerContext):
        (WebCore::WorkerContext::completeURL):
        * workers/WorkerContext.h: removed encoding()
        (WebCore::WorkerContext::create):
        * workers/WorkerContextProxy.h:
        * workers/WorkerImportScriptsClient.cpp:
        (WebCore::WorkerImportScriptsClient::didReceiveData):
        * workers/WorkerMessagingProxy.cpp:
        (WebCore::WorkerMessagingProxy::startWorkerContext):
        * workers/WorkerMessagingProxy.h:
        * workers/WorkerThread.cpp:
        (WebCore::WorkerThreadStartupData::create):
        (WebCore::WorkerThreadStartupData::WorkerThreadStartupData):
        (WebCore::WorkerThread::create):
        (WebCore::WorkerThread::WorkerThread):
        (WebCore::WorkerThread::workerThread):
        * workers/WorkerThread.h:
        In all these, removed storing encoding and 'inheriting' it from the parent.
        Instead, they are all using UTF-8 now.

2009-03-20  Timothy Hatcher  <timothy@apple.com>

        Change how threading exceptions are checked so they are reported
        by what round they were added. That way WebKit can decided the
        behavior per-round based on linked-on-or-after checks.

        <rdar://problem/6626741&6648478&6635474&6674079>

        Reviewed by Darin Adler.

        * WebCore.base.exp: Export the new symbols.
        * bindings/objc/DOMAbstractView.mm: Use the new WebCoreThreadViolationCheckRoundOne macro.
        * bindings/scripts/CodeGeneratorObjC.pm: Ditto.
        * platform/ThreadCheck.h:
        * platform/mac/ThreadCheck.mm:
        (WebCore::readThreadViolationBehaviorFromUserDefaults): Refactor how the default is read.
        (WebCore::setDefaultThreadViolationBehavior): Take a round argument.
        (WebCore::reportThreadViolation): Ditto.
        (WebCoreReportThreadViolation): Ditto.

2009-03-20  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Fixed up an out-of-date comment.

        * bindings/js/JSDOMWindowCustom.h:
        (WebCore::JSDOMWindow::customPut):

2009-03-20  Beth Dakin  <bdakin@apple.com>

        Reviewed by Dave Hyatt.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=20909 REGRESSION 
        (r35318): A press release at pfizer.com does not display correctly
        - and corresponding -
        <rdar://problem/6680073>

        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::invalidateContainerPrefWidths):
        * rendering/RenderObject.h:
        (WebCore::RenderObject::markContainingBlocksForLayout):

2009-03-20  Eric Seidel  <eric@webkit.org>

        Reviewed by Justin Garcia.

        maxDeepOffset is confusing and should be removed
        https://bugs.webkit.org/show_bug.cgi?id=24586

        Abstract some hard-to-read (but shared) logic into a new renderedAsNonInlineTableOrHR function.
        Add first/lastDeepEditingPositionForNode Position creation functions
        and deploy them to places we used to call maxDeepOffset.

        Rename Position::atStart and atEnd to atStartOfTree atEndOfTree
        Add a new Position::atFirst/atLastEditingPositionForNode() and use these
        to replace a few more callers for maxDeepOffset()
        
        Rename maxDeepOffset to lastEditingOffsetForNode (so that we mere mortals have some clue what it does)

        "Editing positions" are confusing because they have one
        of two behaviors, depending on if the container node is ignored
        by editing (if editingIgnoresContent(node) returns true) or not.
        Positions referring to nodes ignored by editing are
        neighbor-relative (they are before or after the node) where as
        positions reffering to other nodes are container-relative
        (they are between two child nodes of the container, identified
        by the offset() member).  I will be fixing this confusion in
        future patches.  These renames hopefully make the current behavior clearer.

        * dom/Position.cpp:
        (WebCore::Position::previous):
        (WebCore::Position::next):
        (WebCore::Position::atFirstEditingPositionForNode):
        (WebCore::Position::atLastEditingPositionForNode):
        (WebCore::Position::atStartOfTree):
        (WebCore::Position::atEndOfTree):
        (WebCore::Position::previousCharacterPosition):
        (WebCore::Position::nextCharacterPosition):
        (WebCore::Position::upstream):
        (WebCore::Position::isCandidate):
        (WebCore::firstDeepEditingPositionForNode):
        (WebCore::lastDeepEditingPositionForNode):
        * dom/Position.h:
        * dom/PositionIterator.cpp:
        (WebCore::PositionIterator::operator Position):
        (WebCore::PositionIterator::increment):
        (WebCore::PositionIterator::decrement):
        (WebCore::PositionIterator::atEnd):
        (WebCore::PositionIterator::atEndOfNode):
        * editing/CompositeEditCommand.cpp:
        (WebCore::CompositeEditCommand::positionAvoidingSpecialElementBoundary):
        * editing/DeleteSelectionCommand.cpp:
        (WebCore::isTableCellEmpty):
        (WebCore::DeleteSelectionCommand::removeNode):
        (WebCore::DeleteSelectionCommand::handleGeneralDelete):
        * editing/Editor.cpp:
        (WebCore::Editor::advanceToNextMisspelling):
        * editing/InsertLineBreakCommand.cpp:
        (WebCore::InsertLineBreakCommand::doApply):
        * editing/InsertListCommand.cpp:
        (WebCore::InsertListCommand::doApply):
        * editing/ReplaceSelectionCommand.cpp:
        (WebCore::ReplaceSelectionCommand::positionAtEndOfInsertedContent):
        * editing/TypingCommand.cpp:
        (WebCore::TypingCommand::forwardDeleteKeyPressed):
        * editing/VisiblePosition.cpp:
        (WebCore::VisiblePosition::previous):
        (WebCore::VisiblePosition::leftVisuallyDistinctCandidate):
        (WebCore::VisiblePosition::left):
        (WebCore::VisiblePosition::rightVisuallyDistinctCandidate):
        (WebCore::VisiblePosition::right):
        * editing/VisibleSelection.cpp:
        (WebCore::VisibleSelection::selectionFromContentsOfNode):
        (WebCore::VisibleSelection::adjustSelectionToAvoidCrossingEditingBoundaries):
        * editing/htmlediting.cpp:
        (WebCore::nextVisuallyDistinctCandidate):
        (WebCore::previousVisuallyDistinctCandidate):
        (WebCore::firstEditablePositionAfterPositionInRoot):
        (WebCore::lastEditablePositionBeforePositionInRoot):
        (WebCore::lastOffsetForEditing):
        (WebCore::isFirstPositionAfterTable):
        (WebCore::isLastPositionBeforeTable):
        (WebCore::positionBeforeNode):
        (WebCore::positionAfterNode):
        (WebCore::enclosingEmptyListItem):
        (WebCore::caretMaxOffset):
        * editing/htmlediting.h:
        * editing/visible_units.cpp:
        (WebCore::renderedAsNonInlineTableOrHR):
        (WebCore::startOfParagraph):
        (WebCore::endOfParagraph):
        (WebCore::startOfEditableContent):
        (WebCore::endOfEditableContent):
        * page/AccessibilityObject.cpp:
        (WebCore::endOfStyleRange):
        * page/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::visiblePositionRange):
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::positionForPoint):

2009-03-20  Dmitry Titov  <dimich@chromium.org>

        Reviewed by Dimitri Glazkov.

        https://bugs.webkit.org/show_bug.cgi?id=24689
        Add (upstream) V8 bindings for Workers. Mostly style cleaning.

        * bindings/v8/WorkerContextExecutionProxy.cpp: Added.
        * bindings/v8/WorkerContextExecutionProxy.h: Added.
        * bindings/v8/WorkerScriptController.cpp: Added.
        * bindings/v8/WorkerScriptController.h: Added.
        * bindings/v8/V8Index.h: Added. This is just a wrapper for v8_index.h, like V8Proxy.h
        * bindings/v8/V8Proxy.h: Added domObjectMap() function that wraps GetDOMObjectMap().
        * bindings/v8/V8WorkerContextEventListener.cpp:
        (WebCore::V8WorkerContextEventListener::callListenerFunction): TrackEvent() renamed trackEvent()

2009-03-20  Stephen White  <senorblanco@chromium.org>

        Reviewed by Eric Seidel.

        Fix for LayoutTests/fast/canvas/canvas-text-alignment.html
        on chromium/skia.  The problem was that the gradient matrix
        for text was being applied twice.  Fixed by reverting some of
        https://bugs.webkit.org/show_bug.cgi?id=23957, so that skiaDrawText
        is no longer responsible for measuring the text and scaling up
        the gradient matrix.  Instead, the text bounding box is passed
        in from SVGPaintServerGradient.  I didn't make this change for CG,
        since it uses a different method (the gradient is drawn using the
        text as a pre-rendered mask).
        https://bugs.webkit.org/show_bug.cgi?id=24687

        * platform/graphics/skia/SkiaFontWin.cpp:
        (WebCore::skiaDrawText):
        * svg/graphics/SVGPaintServerGradient.cpp:
        (WebCore::SVGPaintServerGradient::setup):

2009-03-20  Xan Lopez  <xlopez@igalia.com>

        Rubber-stamped by Holger Freyther.

        There seems to be some rounding error in cairo (or in how we use
        cairo) with some fonts, like DejaVu Sans Mono, which makes cairo
        report a height smaller than ascent + descent, which is wrong and
        confuses WebCore's layout system. Workaround this while we figure
        out what's going on.

        * platform/graphics/gtk/SimpleFontDataGtk.cpp:
        (WebCore::SimpleFontData::platformInit):
        * platform/graphics/gtk/SimpleFontDataPango.cpp:
        (WebCore::SimpleFontData::platformInit):

2009-03-19  Alexey Proskuryakov  <ap@webkit.org>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=24122
        <rdar://problem/6674179>
        REGRESSION: DOM Range extractContents/deleteContents failures seen on Moxiecode tests

        Test: fast/dom/Range/deleted-range-endpoints.html

        * dom/Range.cpp: (WebCore::Range::processContents): Set the final range in accordance
        to the specification.

2009-03-19  Anders Carlsson  <andersca@apple.com>

        Reviewed by Dan Bernstein.

        <rdar://problem/6682554> Flash content not being rendered (Shockwave Flash 10.0 r22)
        
        If calling updateWidget for some reason resulted in another widget being added to m_widgetUpdateSet, then
        that object would never be updated.
        
        * page/FrameView.cpp:
        (WebCore::FrameView::updateWidgets):
        Factor the widget updating code out into this method. Return true if the update set is empty.
        
        (WebCore::FrameView::performPostLayoutTasks):
        Loop over the update set multiple times until all widgets have been updated or until we reach the cap.
        
        * page/FrameView.h:

2009-03-18  Timothy Hatcher  <timothy@apple.com>

        Make the defered data loading timer honor the Page's scheduled runloop pairs.
        Introduces a new RunLoopTimer class that has an API mimicking Timer but
        allows it to be scheduled with one or more SchedulePairs.

        <rdar://problem/6687342> -[WebView scheduleInRunLoop:forMode:] has no affect on timers

        Reviewed by Darin Adler.

        * WebCore.xcodeproj/project.pbxproj: Adds the new RunLoopTimer.{cpp,h} files.
        * loader/MainResourceLoader.cpp:
        (WebCore::MainResourceLoader::handleDataLoadNow): Use the MainResourceLoaderTimer typedef.
        (WebCore::MainResourceLoader::startDataLoadTimer): Added. Start the timer and on
        Mac platforms also schedule with the Page's SchedulePairs.
        (WebCore::MainResourceLoader::handleDataLoadSoon): Call startDataLoadTimer().
        (WebCore::MainResourceLoader::setDefersLoading): Ditto.
        * loader/MainResourceLoader.h:
        * platform/cf/RunLoopTimerCF.cpp: Added.
        (WebCore::RunLoopTimerBase::~RunLoopTimerBase):
        (WebCore::timerFired):
        (WebCore::RunLoopTimerBase::start):
        (WebCore::RunLoopTimerBase::schedule):
        (WebCore::RunLoopTimerBase::stop):
        (WebCore::RunLoopTimerBase::isActive):
        * platform/RunLoopTimer.h: Added.
        (WebCore::RunLoopTimerBase::RunLoopTimerBase):
        (WebCore::RunLoopTimerBase::startRepeating):
        (WebCore::RunLoopTimerBase::startOneShot):
        (WebCore::RunLoopTimer::RunLoopTimer):
        (WebCore::RunLoopTimer::fired):

2009-03-19  Dimitri Glazkov  <dglazkov@chromium.org>

        Reviewed by Darin Fisher.

        https://bugs.webkit.org/show_bug.cgi?id=24702
        Upstream miscellaneous bindings changes.

        * bindings/v8/ScheduledAction.cpp:
        (WebCore::ScheduledAction::execute): Changed to call lower-case evaluate.
        * bindings/v8/ScriptCallStack.h: Added an extra include.

2009-03-19  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Dave Hyatt

        https://bugs.webkit.org/show_bug.cgi?id=24686
        
        When hit testing a RenderLayer whose parent lives in a preserves-3D hierarchy,
        we need to compare the computed z-offset with the depth-test z-offset before
        deciding that such a RenderLayer was hit. This fixes an issue, tested by the
        3d-point-mapping-overlapping.html test, where the child of a transformed element
        is found by hit testing, even when some other element with greater Z overlaps
        them both.
        
        Improved the code by adding a utility method, isHitCandidate(), which computes and tests
        z-depth when necessary.

        Tests: transforms/3d/point-mapping/3d-point-mapping-coplanar.html
               transforms/3d/point-mapping/3d-point-mapping-overlapping.html

        * rendering/RenderLayer.cpp:
        (WebCore::isHitCandidate):
        (WebCore::RenderLayer::hitTestLayer):

2009-03-19  Jeremy Moskovich  <jeremy@chromium.org>

        Reviewed by Dimitri Glazkov.

        https://bugs.webkit.org/show_bug.cgi?id=24456
        Split ColorChromium.cpp into Mac & Windows variants.
        Remove Chromium Dependency on platform/graphics/mac/ColorMac.mm since we
        ultimately need to take a different approach.  For now, createCGColor()
        is copied from ColorMac.mm.

        No observable change in behavior, so no test.

        * platform/graphics/chromium/ColorChromium.cpp:
        (WebCore::focusRingColor):
        * platform/graphics/chromium/ColorChromiumMac.mm: Added.

2009-03-19  Pavel Feldman  <pfeldman@chromium.org>

        Reviewed by Dimitri Glazkov.

        https://bugs.webkit.org/show_bug.cgi?id=24675
        Unforking frontend: add custom InspectorController methods
        implementation.

        * bindings/v8/custom/V8InspectorControllerCustom.cpp: Added.

2009-03-19  Jay Campan  <jcampan@google.com>

        Reviewed by Dimitri Glazkov.

        https://bugs.webkit.org/show_bug.cgi?id=24625
        Adding an accessor to the currently selected index in the PopupMenuChromium.
        This is required for implementing the deletion of an autocomplete entry in Chromium.

        * platform/chromium/PopupMenuChromium.cpp:
        (WebCore::PopupContainer::selectedIndex):
        * platform/chromium/PopupMenuChromium.h:

2009-03-19  Evan Stade  <estade@chromium.org>

        Reviewed by Dimitri Glazkov.

        https://bugs.webkit.org/show_bug.cgi?id=24526
        Improve windows skia text stroking.

        Test: LayoutTests/svg/custom/struct-use-09-b.svg

        * platform/graphics/skia/SkiaFontWin.cpp: Close the path representing
        each font glyph polygon, rather than only closing the path once per
        letter. This fixes stroking for letters with multiple polygons, such
        as 'A' or 'D'.
        (WebCore::getPathForGlyph):
        (WebCore::skiaDrawText):

2009-03-19  Simon Hausmann  <simon.hausmann@nokia.com>

        Reviewed by Tor Arne Vestbø.

        Fixed support for doing calls from JavaScript into NPAPI Plugins for the Qt port on Windows.

        Removed dead code for distinguishing between Widget and PluginView in the Qt port.

        * bindings/js/ScriptControllerQt.cpp:
        (WebCore::ScriptController::createScriptInstanceForWidget): Removed incorrect isNPAPI check.
        * plugins/PluginView.cpp:
        (WebCore::PluginView::PluginView): Removed m_isNPAPIPlugin variable.
        * plugins/PluginView.h: Removed setter/getter.
        * plugins/mac/PluginViewMac.cpp:
        (WebCore::PluginView::init): Removed call to setIsNPAPIPlugin.
        * plugins/qt/PluginViewQt.cpp:
        (WebCore::PluginView::init): Ditto.

2009-03-19  Cameron Zwarich  <cwzwarich@uwaterloo.ca>

        Reviewed by Oliver Hunt.

        Bug 24596: ASSERT in JSC::PropertySlot::slotBase @ iGoogle homepage
        <https://bugs.webkit.org/show_bug.cgi?id=24596>
        <rdar://problem/6686493>

        JSDOMWindow::customGetOwnPropertySlot() does an access check after calling
        JSGlobalObject::getOwnPropertySlot(). This causes the PropertySlot to be
        set twice, once to the value that is illegal to access, and then to undefined
        This causes an assertion failure in property access caching code.

        The fix is to do the access check before calling JSGlobalObject::getOwnPropertySlot().

        * bindings/js/JSDOMWindowCustom.h:
        (WebCore::JSDOMWindow::customGetOwnPropertySlot):

2009-03-18  Alexey Proskuryakov  <ap@webkit.org>

        Reviewed by Sam Weinig.

        https://bugs.webkit.org/show_bug.cgi?id=24676
        Simple cross-origin requests shouldn't dispatch upload progress events

        Test: http/tests/xmlhttprequest/simple-cross-origin-progress-events.html

        * loader/CrossOriginAccessControl.cpp: (WebCore::passesAccessControlCheck): Added a comment
        explaining the somewhat unexpected behavior of this function.

        * xml/XMLHttpRequestUpload.cpp: (WebCore::XMLHttpRequestUpload::hasListeners):
        * xml/XMLHttpRequestUpload.h:
        Report whether there are any event listeners registered.

        * xml/XMLHttpRequest.h: Added m_uploadEventsAllowed.

        * xml/XMLHttpRequest.cpp:
        (WebCore::XMLHttpRequest::createRequest): Set m_uploadEventsAllowed flag.
        (WebCore::XMLHttpRequest::makeSameOriginRequest): Ditto.
        (WebCore::XMLHttpRequest::makeCrossOriginAccessRequest): Ditto.
        (WebCore::XMLHttpRequest::makeSimpleCrossOriginAccessRequest): Set request body - it can be
        non-empty for POST requests.
        (WebCore::XMLHttpRequest::makeCrossOriginAccessRequestWithPreflight): Set m_uploadEventsAllowed flag.
        (WebCore::XMLHttpRequest::handleAsynchronousPreflightResult): Ditto.
        (WebCore::XMLHttpRequest::abort): Only dispatch upload progress events if allowed.
        (WebCore::XMLHttpRequest::networkError): Ditto.
        (WebCore::XMLHttpRequest::abortError): Ditto.
        (WebCore::XMLHttpRequest::didSendData): Ditto.

2009-03-18  Marc-Antoine Ruel  <maruel@chromium.org>

        Reviewed by Darin Fisher.

        https://bugs.webkit.org/show_bug.cgi?id=24398
        Fix a crash when loading a svg file in Chromium's test_shell and
        then reloading the page.

        * history/BackForwardListChromium.cpp:
        (WebCore::BackForwardList::BackForwardList):
        (WebCore::BackForwardList::close):

2009-03-18  Eric Carlson  <eric.carlson@apple.com>

        Reviewed by Simon Fraser.

        Fix for <rdar://problem/6685235>
        <video> element poster cannot be set dynamically if not originally set up in HTML
        
        Allocate the media engine immediately so the plug-in proxy is available for
        scripting right away.

        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::MediaPlayer):

2009-03-18  Beth Dakin  <bdakin@apple.com>

        Reviewed by Dave Hyatt.

        Fix for <rdar://problem/6636747> REGRESSION (Safari 4 PB-r41326): 
        Popup menu appears at the wrong location on page at http://
        www.signonsandiego.com/

        This was a regression from http://trac.webkit.org/changeset/40769, 
        which changed the base class of RenderInline to 
        RenderBoxModelObject rather than RenderBox.

        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::offsetParent): offsetParent should return a 
        RenderBoxModelObject rather than just a RenderBox, which is more 
        restrictive. 

2009-03-18  Anders Carlsson  <andersca@apple.com>

        Reviewed by Darin Adler.

        <rdar://problem/6504776> 
        CrashTracer: [USER] 188 crashes in Safari at com.apple.WebCore • WTF::HashTableIterator<WTF::RefPtr<WebCore::ResourceLoader>, ...

        Return early in case calling the client ends up spinning the run loop and completing/cancelling the load.
        
        * loader/NetscapePlugInStreamLoader.cpp:
        (WebCore::NetscapePlugInStreamLoader::didCancel):

2009-03-18  David Levin  <levin@chromium.org>

        Reviewed by Dimitri Glazkov.

        https://bugs.webkit.org/show_bug.cgi?id=24664
        Upstreaming v8 collection.h

        No change in behavior, so no test.

        * bindings/v8/V8Collection.h: Added.

2009-03-18  Sam Weinig  <sam@webkit.org>

        Reviewed by Simon Fraser.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=23966
        REGRESSION: Custom arrow navigation functionality doesn't work at dropular.net
        <rdar://problem/6589657>

        Match the CSSOM spec for getClientRects and getBoundingClientRect by
        returning a 0x0 rect at the correct top/left position for empty inline
        boxes.

        * rendering/RenderInline.cpp:
        (WebCore::RenderInline::absoluteRects):
        (WebCore::RenderInline::absoluteQuads):

2009-03-18  David Levin  <levin@chromium.org>

        Reviewed by Eric Seidel.

        Match the changes done for windows in the bug
        https://bugs.webkit.org/show_bug.cgi?id=24530.

        No change in behavior, so no test.

        * rendering/RenderThemeChromiumLinux.cpp:
        (WebCore::RenderThemeChromiumLinux::extraDefaultStyleSheet):

2009-03-18  Dirk Schulze  <krit@webkit.org>

        Reviewed by Holger Freyther.

        Added support for SVG's stroked texts to Qt.

        [Qt] SVGs stroked text support missing
        https://bugs.webkit.org/show_bug.cgi?id=24262

        * platform/graphics/qt/FontQt.cpp:
        (WebCore::Font::drawComplexText):

2009-03-18  Mark Rowe  <mrowe@apple.com>

        Reviewed by Alexey Proskuryakov.

        Fix fast/encoding/char-decoding.html with recent ICU.

        * platform/text/TextCodecICU.cpp:
        (WebCore::TextCodecICU::decode): Look for gb18030 case-insensitively,
        as newer versions of ICU use GB18030 as the canonical name.

2009-03-17  David Levin  <levin@chromium.org>

        Reviewed by Dimitri Glazkov.

        https://bugs.webkit.org/show_bug.cgi?id=24662
        Chromium build fixes.

        Bug https://bugs.webkit.org/show_bug.cgi?id=24663 tracks
        the invalid implementation of ScriptCallStack.

        No change in behavior, so no test.

        * bindings/v8/ScriptCallStack.h:
        (WebCore::ScriptCallStack::state):
        * platform/graphics/skia/PlatformContextSkia.cpp:
        (PlatformContextSkia::drawRect):

2009-03-17  David Carson  <dacarson@apple.com>

        Reviewed by David Hyatt.

        Add anchor elements to the simple style sheet so that applications that 
        are using WebKit just for simple text and links will also take advantage
        of the fast path.

        * css/CSSStyleSelector.cpp:
        (WebCore::elementCanUseSimpleDefaultStyle):

2009-03-17  Darin Adler  <darin@apple.com>

        Reviewed by Adele Peterson.

        <rdar://problem/6687005> Need support for new move-left/right selectors.

        * editing/EditorCommand.cpp:
        (WebCore::executeMoveToLeftEndOfLine): Added.
        (WebCore::executeMoveToLeftEndOfLineAndModifySelection): Added.
        (WebCore::executeMoveToRightEndOfLine): Added.
        (WebCore::executeMoveToRightEndOfLineAndModifySelection): Added.
        Added command entries for the functions above.

2009-03-17  Ojan Vafai  <ojan@chromium.org>

        Reviewed by Adele Peterson.

        Put the padding inside scrollbars on textareas.
        https://bugs.webkit.org/show_bug.cgi?id=24370
        
        Put the padding inside the scrollbars on textareas. This is done by moving the
        overflow from the shadowNode to the RenderTextControlMultiline. As a result,
        all of the scroll handing methods that RenderTextControl overrides can be moved
        down into RenderTextControlSingleLine since RenderTextControlMultiline can now
        just use RenderBlock's versions. This also allows RenderTextControlMultiLine to
        no longer need a custom layout method since the shadowNode can now just size
        like a regular DIV.

        * css/CSSStyleSelector.cpp:
        (WebCore::CSSStyleSelector::adjustRenderStyle):
        * rendering/RenderTextControl.cpp:
        (WebCore::RenderTextControl::styleDidChange):
        (WebCore::RenderTextControl::selection):
        (WebCore::RenderTextControl::calcHeight):
        (WebCore::RenderTextControl::hitInnerTextElement):
        * rendering/RenderTextControl.h:
        * rendering/RenderTextControlMultiLine.cpp:
        (WebCore::RenderTextControlMultiLine::nodeAtPoint):
        (WebCore::RenderTextControlMultiLine::createInnerTextStyle):
        * rendering/RenderTextControlMultiLine.h:
        * rendering/RenderTextControlSingleLine.cpp:
        (WebCore::RenderTextControlSingleLine::styleDidChange):
        (WebCore::RenderTextControlSingleLine::autoscroll):
        (WebCore::RenderTextControlSingleLine::scrollWidth):
        (WebCore::RenderTextControlSingleLine::scrollHeight):
        (WebCore::RenderTextControlSingleLine::scrollLeft):
        (WebCore::RenderTextControlSingleLine::scrollTop):
        (WebCore::RenderTextControlSingleLine::setScrollLeft):
        (WebCore::RenderTextControlSingleLine::setScrollTop):
        (WebCore::RenderTextControlSingleLine::scroll):
        * rendering/RenderTextControlSingleLine.h:
        * rendering/TextControlInnerElements.cpp:
        (WebCore::RenderTextControlInnerBlock::RenderTextControlInnerBlock):
        (WebCore::RenderTextControlInnerBlock::positionForPoint):
        (WebCore::TextControlInnerTextElement::createRenderer):

2009-03-17  Darin Adler  <darin@apple.com>

        Reviewed by David Hyatt.

        Bug 24517: REGRESSION (r41552): innerHTML does an updateLayout -- unneeded and can be slow
        https://bugs.webkit.org/show_bug.cgi?id=24517

        * editing/DeleteButtonController.cpp:
        (WebCore::DeleteButtonController::enable): Added a call to updateRendering, since
        determining whether to display the delete button involves style and updateRendering
        also updates style (should probably be named updateStyle, in fact). Not needed to fix
        this bug, but would have prevented the crash that led to this bug in the first place.

        * editing/EditCommand.cpp:
        (WebCore::EditCommand::EditCommand): Get rid of unneeded null check. All frames have
        delete button controllers.
        * editing/Editor.cpp:
        (WebCore::Editor::rangeForPoint): Ditto.

        * editing/markup.cpp:
        (WebCore::appendStartMarkup): Changed a "&" to a "&&" so that generating markup
        doesn't depend on renderers at all when the convertBlocksToInlines boolean is false.
        This allows us to omit the call to updateLayoutIgnorePendingStylesheets in the
        createMarkup function that's called by innerHTML.
        (WebCore::MarkupAccumulator::appendMarkup): Turned this into a class with a member
        function. Added a feature where the accumulator will skip a node. Moved arguments
        that don't change during recursion into an object. This function still is a bit
        inefficient, since it creates a new HashMap at every level as it recurses, but for now
        I did not tackle that. Also replaced the onlyIncludeChildren boolean with EChildrenOnly
        for consistency and clarity.
        (WebCore::createMarkup): Removed the call to updateLayoutIgnorePendingStylesheets.
        Instead of calling disable/enable on the delete button controller's container element,
        pass it in to the markup accumulator as a node to skip.

2009-03-17  Scott Violet  <sky@google.com>

        Reviewed by Eric Seidel.

        https://bugs.webkit.org/show_bug.cgi?id=24651
        Skia does not always render text fill/stroke pattern/gradient/color correctly

        Changes Skia's font rendering to only render gradient/pattern if current
        color space indicates the gradient/pattern should be used.
        This is covered by LayoutTests/fast/canvas/canvas-text-alignment.html .
    
        * platform/graphics/GraphicsContext.cpp:
        (WebCore::GraphicsContext::strokeColorSpace):
        (WebCore::GraphicsContext::fillColorSpace):
        * platform/graphics/GraphicsContext.h:
        (WebCore::):
        * platform/graphics/GraphicsContextPrivate.h:
        * platform/graphics/skia/SkiaFontWin.cpp:
        (WebCore::paintSkiaText):

2009-03-17  Adele Peterson  <adele@apple.com>

        Reviewed by Darin Adler.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=24655
        <rdar://problem/6633727> Hitting return at the end of a line with an anchor jumps me to the bottom of the message

        Test: editing/inserting/6633727.html

        This changes does a few things:
        1) Renames pos to insertionPosition.
        2) Eliminates "startNode".  It doesn't work well to consider the node separately from the insertionPosition.  
           The insertionPosition gets updated at various times, and it seems likely that startNode can get out of sync.
        3) Before building up a list of ancestors to move around when we insert the new block, make sure to use the deepest
           representation of the insertionPosition, so all ancestor nodes are correctly included.

        * editing/InsertParagraphSeparatorCommand.cpp: (WebCore::InsertParagraphSeparatorCommand::doApply):

2009-03-17  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Kevin Ollivier.

        https://bugs.webkit.org/show_bug.cgi?id=24115
        Introduce platform independent stubs for plugins.

        * plugins/PluginDataNone.cpp: Copied from WebCore/plugins/wx/PluginDataWx.cpp.
        * plugins/PluginPackageNone.cpp: Copied from WebCore/plugins/wx/PluginPackageWx.cpp.
        * plugins/PluginViewNone.cpp: Copied from WebCore/plugins/wx/PluginViewWx.cpp.
        * plugins/wx/PluginDataWx.cpp: Removed.
        * plugins/wx/PluginPackageWx.cpp: Removed.
        * plugins/wx/PluginViewWx.cpp: Removed.
        * webcore-wx.bkl:

2009-03-17  Darin Adler  <darin@apple.com>

        Earlier version reviewed by Adele Peterson.

        Bug 24304: REGRESSION (r39864): Hitting the space bar to select an <input type=radio>
        or push an <input type=button> or <button> causes the page to scroll down.

        Would be best to add a regression test for Windows eventually; tested that this has
        no effect on the Mac OS X platform.

        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::defaultEventHandler): Added FIXMEs and tweaked formatting.
        Use the code that calls the base class's defaultEventHandler early only in the cases
        where it's needed: keydown and keypress events in text fields. In other cases, do the
        more typical thing and call the default handler only at the end of the function.
        This function already had code to make sure the keypress event for space never gets
        through, but it was running too late since the scrolling code was moved into the
        base class default event handler.

2009-03-17  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Dave Hyatt

        https://bugs.webkit.org/show_bug.cgi?id=24632

        Fix repaint issues when composited layers come and go (only applies
        when ACCELERATED_COMPOSITING is turned on).
        
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::RenderLayer):
        * rendering/RenderLayer.h:
        (WebCore::RenderLayer::mustOverlayCompositedLayers):
        (WebCore::RenderLayer::setMustOverlayCompositedLayers):
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::RenderLayerBacking):
        * rendering/RenderLayerBacking.h:

        Move what used to be the 'forceCompositingLayer' flag from RenderLayerBacking
        to RenderLayer, because we don't want the side-effects of creating RenderLayerBacking
        when setting this flag.
        
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::updateLayerCompositingState):
        When a RenderLayer flips into or out of compositing mode, compute a repaint
        rect relative to the containerForRepaint, and repaint it.
        
        (WebCore::RenderLayerCompositor::computeCompositingRequirements):
        Call layer->setMustOverlayCompositedLayers() rather than setForcedCompositingLayer().
        
        (WebCore::RenderLayerCompositor::needsToBeComposited):
        (WebCore::RenderLayerCompositor::requiresCompositingLayer):
        (WebCore::RenderLayerCompositor::requiresCompositingForTransform):
        (WebCore::RenderLayerCompositor::requiresCompositingForAnimation):
        * rendering/RenderLayerCompositor.h:
        
        Rename requiresCompositingLayerForTransform() to requiresCompositingForTransform()
        and make it a class static method to match requiresCompositingForAnimation(). Both
        now take RenderObjects, rathern than RenderLayers.
        
        * rendering/style/RenderStyle.h:
        (WebCore::InheritedFlags::hasTransformRelatedProperty):
        Minor tidyup using convenience methods added in an earlier commit.

2009-03-17  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Darin Adler

        https://bugs.webkit.org/show_bug.cgi?id=24396

        * config.h:
        Add WTF_USE_ACCELERATED_COMPOSITING, defined to 0 for now, and add some
        comments to make the #ifdefs more readable.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::computedTransform):
        Add a comment to mention that we don't flatten the matrix.
        
        * css/MediaQueryEvaluator.cpp:
        (WebCore::transform_3dMediaFeatureEval):
        Have the 'transform-3d' media query evaluate to 'true' if 3d-rendering
        is supported.
        
        * platform/graphics/mac/GraphicsLayerCA.mm:
        (WebCore::GraphicsLayerCA::animateTransform):
        No need for the #ifdef here. If we don't support 3d, we will have already flattened
        the matrix.
        
        * platform/graphics/transforms/TransformationMatrix.cpp:
        (WebCore::TransformationMatrix::makeAffine):
        * platform/graphics/transforms/TransformationMatrix.h:
        New method to convert the matrix to an affine matrix by throwing a way the non-affine
        parts.
        
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::updateTransform):
        (WebCore::RenderLayer::currentTransform):
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateLayerTransform):
        If 3d rendering is not supported, convert the matrix to an affine matrix
        which can be rendered, and used for hit testing.
        
        * rendering/RenderLayerCompositor.cpp:
        Change the name of the exported symbol that webkitdirs.pm uses to know if
        3d rendering is supported. There is no other 3d-rendering-specific symbol we can sniff.
        
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::transformFromContainer):
        Only take perspective into account if 3d rendering is supported.

        * rendering/RenderObject.h:
        (WebCore::makeMatrixRenderable):
        Utility method that flattens a matrix if 3d rendering is not supported.

2009-03-17  Kevin Ollivier  <kevino@theolliviers.com>

        wx build fix. Fix typo after mouse wheel changes.

        * platform/wx/MouseWheelEventWx.cpp:
        (WebCore::PlatformWheelEvent::PlatformWheelEvent):

2009-03-17  Darin Adler  <darin@apple.com>

        * inspector/ConsoleMessage.cpp:
        (WebCore::ConsoleMessage::isEqual): Fix build, remove stray parenthesis.

2009-03-17  Darin Adler  <darin@apple.com>

        Fix crash seen right away when running run-webkit-tests.

        * inspector/ConsoleMessage.cpp:
        (WebCore::ConsoleMessage::isEqual): Restore assertion to its behavior pre-refactoring.
        Also tweaked formatting a bit.

2009-03-17  Alexey Proskuryakov  <ap@webkit.org>

        Reviewed by Darin Adler.

        HTMLSelectElement::add() doesn't look at exception code returned from insertBefore(), so 
        it doesn't need to zero it out before calling.

        * html/HTMLSelectElement.cpp: (WebCore::HTMLSelectElement::add): Removed "ec = 0" line.

2009-03-17  Dan Bernstein  <mitz@apple.com>

        Reviewed by Adam Roben.

        - WebCore part of adding a mechanism for controlling the caching of
          responses through WebFrameLoaderClient

        Mac already has such a mechanism, and this adds one for CFNetwork ports.

        * WebCore.vcproj/WebCore.vcproj: Added EmptyClients.h
        and ResourceLoaderCFNet.cpp.

        * loader/EmptyClients.h:
        (WebCore::EmptyFrameLoaderClient::shouldCacheResponse): Added an
        implementation that always returns true.

        * loader/FrameLoaderClient.h: Declared shouldCacheResponse().

        * loader/ResourceLoader.h: Ditto.

        * loader/cf/ResourceLoaderCFNet.cpp: Added.
        (WebCore::ResourceLoader::shouldCacheResponse): Added. Calls through to
        FrameLoaderClient::shouldCacheResponse().

        * platform/network/ResourceHandleClient.h:
        (WebCore::ResourceHandleClient::shouldCacheResponse): Added an
        implementation that always returns true.

        * platform/network/cf/ResourceHandleCFNet.cpp:
        (WebCore::willCacheResponse): Added a call to
        ResourceHandleClient::shouldCacheResponse(). If the client returns
        false, return 0, which will prevent CFNetwork from caching the response.

2009-03-17  Alexey Proskuryakov  <ap@webkit.org>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=13287
        Cannot change SELECT to a dynamically created option

        Tests: fast/forms/add-and-remove-option.html
               fast/forms/add-remove-option-modification-event.html
               fast/forms/add-selected-option.html
               fast/forms/select-cache-desynchronization.html

        * dom/ContainerNode.cpp:
        (WebCore::dispatchChildInsertionEvents): Increment DOM tree version. This will happen when
        dispatching DOMSubtreeModified again, but the version should be incremented for event
        listeners to have an up to date view of the DOM.
        (WebCore::dispatchChildRemovalEvents): Ditto.

        * html/HTMLOptionElement.cpp: (WebCore::HTMLOptionElement::insertedIntoTree):
        Make sure that the select element knows about its new selected option.

        * html/HTMLOptionElement.h: Use insertedIntoTree() instead of insertedIntoDocument(),
        because DOM also needs to be updated for forms that are not in document yet. Similar
        problems exist for node removing, but removedFromTree() is called at a wrong time, so
        those problems cannot be fixed without deeper refactoring.

        * html/HTMLSelectElement.cpp:
        (WebCore::HTMLSelectElement::setRecalcListItems): Reset m_activeSelectionAnchorIndex - it
        doesn't make sense to keep the anchor after programmatically changing the selection, and
        keeping it was causing a failure in fast/forms/listbox-selection.html.

        * html/HTMLSelectElement.h: Removed overrides for ContainerNode methods that only called
        base class versions.

2009-03-17  Steve Falkenburg  <sfalken@apple.com>

        <rdar://problem/6690324> Accessing FTP sites reads unallocated memory, can result in garbled entries or crashes
        
        Reviewed by Darin Adler.

        * loader/FTPDirectoryDocument.cpp:
        (WebCore::FTPDirectoryTokenizer::parseAndAppendOneLine): Assign CString to a local while we hold pointers into it.

2009-03-16  David Hyatt  <hyatt@apple.com>

        <rdar://problem/6648411> REGRESSION: Layout of page is wrong at http://www.popcap.com/

        Make sure that the initial shouldPaint check that looks at enclosingLayers properly skips over
        layers that don't paint themselves.  This is done by adding a new enclosingSelfPaintingLayer method
        so that RenderObjects can walk up the enclosing layer chain and skip any layers that don't paint
        themselves.

        Reviewed by Darin Adler.

        Added fast/block/float/overlapping-floats-with-overflow-hidden.html

        * WebCore.base.exp:
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::addOverhangingFloats):
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::enclosingSelfPaintingLayer):
        * rendering/RenderObject.h:

2009-03-17  Xan Lopez  <xlopez@igalia.com>

        Reviewed by Holger Freyther.

        https://bugs.webkit.org/show_bug.cgi?id=24592
        [GTK] Crash in FcPatternHash

        Style fixes.

        * platform/graphics/gtk/FontPlatformDataGtk.cpp:
        (WebCore::FontPlatformData::operator=):
        * platform/graphics/gtk/FontPlatformDataPango.cpp:

2009-03-17  Xan Lopez  <xlopez@igalia.com>

        Reviewed by Holger Freyther.

        https://bugs.webkit.org/show_bug.cgi?id=24592
        [GTK] Crash in FcPatternHash

        Sanitize memory management in pango fonts.

        Release memory allocated by FontPlatformDataPango in its own
        destructor instead of doing it from other classes, and add copy
        constructor and '=' operator to be able to track referenced
        objects properly.

        * platform/graphics/gtk/FontPlatformDataPango.cpp:
        (WebCore::FontPlatformData::~FontPlatformData):
        (WebCore::FontPlatformData::operator=):
        (WebCore::FontPlatformData::FontPlatformData):
        * platform/graphics/gtk/SimpleFontDataPango.cpp:

2009-03-17  Darin Adler  <darin@apple.com>

        Reviewed by Alexey Proskuryakov.

        Bug 24624: Crash in imageLoadEventTimerFired after adoptNode used on <img>,
        seen with inspector, which uses adoptNode
        https://bugs.webkit.org/show_bug.cgi?id=24624
        rdar://problem/6422850

        Test: fast/dom/HTMLImageElement/image-load-cross-document.html

        * dom/Document.cpp:
        (WebCore::Document::Document): Removed m_imageLoadEventTimer.
        (WebCore::Document::detach): Removed m_imageLoadEventDispatchSoonList and
        m_imageLoadEventDispatchingList.
        (WebCore::Document::implicitClose): Called ImageLoader::dispatchPendingLoadEvents
        instead of dispatchImageLoadEventsNow.

        * dom/Document.h: Removed ImageLoader, dispatchImageLoadEventSoon,
        dispatchImageLoadEventsNow, removeImage, m_imageLoadEventDispatchSoonList,
        m_imageLoadEventDispatchingList, m_imageLoadEventTimer, and imageLoadEventTimerFired.

        * loader/ImageLoader.cpp:
        (WebCore::loadEventSender): Added. Returns the single global ImageLoadEventSender
        object used privately as the target of the load event timer.
        (WebCore::ImageLoader::~ImageLoader): Call ImageLoadEventSender::cancelLoadEvent
        rather than Document::removeImage.
        (WebCore::ImageLoader::setImage): Use m_element directly, not element().
        (WebCore::ImageLoader::updateFromElement): Ditto. Also name the local variable
        document instead of doc.
        (WebCore::ImageLoader::notifyFinished): Call ImageLoadEventSender::dispatchLoadEventSoon
        rather than Document::dispatchImageLoadEventSoon.
        (WebCore::ImageLoader::dispatchPendingLoadEvent): Added. Handles the common logic
        about when load events can be dispatched so that dispatchLoadEvent only has to
        have the specific part for each derived class. This includes a check that the
        document is attached, which used to be handled by having documents empty out the
        image load event vectors in the detach function.
        (WebCore::ImageLoader::dispatchPendingLoadEvents): Added. Calls the appropriate
        function on the ImageLoadEventSender, which avoids the need to have that class be
        public in the ImageLoader header.
        (WebCore::ImageLoadEventSender::ImageLoadEventSender): Added. Has the code that
        was previously in the Document constructor.
        (WebCore::ImageLoadEventSender::dispatchLoadEventSoon): Added. Has the code that
        was previously in Document::dispatchImageLoadEventSoon.
        (WebCore::ImageLoadEventSender::cancelLoadEvent): Added. Has the code that was
        previously in Document::removeImage.
        (WebCore::ImageLoadEventSender::dispatchPendingLoadEvents): Added. Has the code
        that was previously in Document::dispatchImageLoadEventsNow.
        (WebCore::ImageLoadEventSender::timerFired): Added. Calls dispatchPendingLoadEvents.

        * loader/ImageLoader.h: Improved comments. Made the virtual functions private
        or protected rather than public. Added static dispatchPendingLoadEvents function
        for use by Document and private dispatchPendingLoadEvent function for use by
        ImageLoadEventSender. Made setLoadingImage private and eliminated
        setHaveFiredLoadEvent since that can all be done inside the class without any
        member functions.

        * html/HTMLImageLoader.cpp:
        (WebCore::HTMLImageLoader::dispatchLoadEvent): Removed logic to check whether a
        load event already fired and whether image() is 0. These are now both base class
        responsibilities.
        * svg/SVGImageLoader.cpp:
        (WebCore::SVGImageLoader::dispatchLoadEvent): Ditto.
        * wml/WMLImageLoader.cpp:
        (WebCore::WMLImageLoader::dispatchLoadEvent): Ditto.

2009-03-17  Dimitri Glazkov  <dglazkov@chromium.org>

        Reviewed by Timothy Hatcher.

        https://bugs.webkit.org/show_bug.cgi?id=24623
        Refactor ConsoleMessage to use ScriptFuncitonCall and eliminate JSC
        dependencies.

        * bindings/js/ScriptFunctionCall.cpp:
        (WebCore::ScriptFunctionCall::appendArgument): Added uint and ScriptString-taking methods.
        * bindings/js/ScriptFunctionCall.h:
        * bindings/js/ScriptObjectQuarantine.cpp:
        (WebCore::quarantineValue): Added generic ScriptValue quarantine helper.
        * bindings/js/ScriptObjectQuarantine.h:
        * bindings/js/ScriptValue.cpp:
        (WebCore::ScriptValue::isEqual): Added.
        * bindings/js/ScriptValue.h:
        * inspector/ConsoleMessage.cpp:
        (WebCore::ConsoleMessage::ConsoleMessage):
        (WebCore::ConsoleMessage::addToConsole): Added.
        (WebCore::ConsoleMessage::isEqual): Changed to use ScriptValue::isEqual.
        * inspector/ConsoleMessage.h:
        (WebCore::ConsoleMessage::incrementCount): Added.
        * inspector/InspectorController.cpp:
        (WebCore::InspectorController::addConsoleMessage): Changed to use ConsoleMessage::addToConsole.
        (WebCore::InspectorController::populateScriptObjects): Ditto.
        * inspector/InspectorController.h:

2009-03-17  Kevin Ollivier  <kevino@theolliviers.com>

        Reviewed by Mark Rowe.

        Get BUILDING_ON_* defines from Platform.h.
        
        https://bugs.webkit.org/show_bug.cgi?id=24630

        * WebCorePrefix.h:

2009-03-16  Xan Lopez  <xlopez@igalia.com>

        Reviewed by Holger Freyther.

        https://bugs.webkit.org/show_bug.cgi?id=24592
        [GTK] Crash in FcPatternHash

        Sanitize memory management in gtk fonts.

        Release memory allocated by FontPlatformDataGtk in its own
        destructor instead of doing it from other classes, and add copy
        constructor and '=' operator to be able to track referenced
        objects properly.

        * platform/graphics/gtk/FontPlatformData.h:
        * platform/graphics/gtk/FontPlatformDataGtk.cpp:
        (WebCore::FontPlatformData::operator=):
        (WebCore::FontPlatformData::FontPlatformData):
        (WebCore::FontPlatformData::~FontPlatformData):
        * platform/graphics/gtk/SimpleFontDataGtk.cpp:
        (WebCore::SimpleFontData::platformDestroy):

2009-03-17  Ariya Hidayat  <ariya.hidayat@nokia.com>

        Build fix for Qt < 4.5.

        As reported by Yael Aharon  <yael.aharon@nokia.com>

        * platform/graphics/qt/GraphicsContextQt.cpp:
        (WebCore::GraphicsContext::drawLine):

2009-03-17  Alexey Proskuryakov  <ap@webkit.org>

        Reviewed by Sam Weinig.

        https://bugs.webkit.org/show_bug.cgi?id=24614
        Access control checks are different in cached and uncached cases

        Test: http/tests/xmlhttprequest/access-control-basic-non-simple-deny-cached.html

        * loader/CrossOriginAccessControl.cpp:
        (WebCore::isOnAccessControlSimpleRequestMethodWhitelist): Factored out simple method
        check for use in both cached and uncached cases. In cached case, an old definition that
        omitted HEAD was still used.
        (WebCore::isOnAccessControlSimpleRequestHeaderWhitelist): Check that content type has an
        allowed value. This is needed in all call sites. Also changed to compare MIME type, not
        content type.
        (WebCore::isSimpleCrossOriginAccessRequest): Use the above methods.

        * loader/CrossOriginAccessControl.h: Expose isOnAccessControlSimpleRequestMethodWhitelist.

        * loader/CrossOriginPreflightResultCache.cpp:
        (WebCore::CrossOriginPreflightResultCacheItem::allowsCrossOriginMethod):
        (WebCore::CrossOriginPreflightResultCacheItem::allowsCrossOriginHeaders):
        Use the new checks for simple method and header.

2009-03-16  Gustavo Noronha Silva  <gns@gnome.org> and Thadeu Lima de Souza Cascardo <cascardo@holoscopio.com>

        Reviewed by Mark Rowe.

        https://bugs.webkit.org/show_bug.cgi?id=24638
        [GTK] HTML5 media tags do not work

        Add a repaint-requested signal to the video sink, and use it to
        call MediaPlayerPrivate::repaint, so that the video actually
        plays.

        * platform/graphics/gtk/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::mediaPlayerPrivateRepaintCallback):
        (WebCore::MediaPlayerPrivate::createGSTPlayBin):
        * platform/graphics/gtk/VideoSinkGStreamer.cpp:
        (webkit_video_sink_idle_func):
        (webkit_video_sink_render):
        (webkit_video_sink_class_init):

2009-03-16  Gustavo Noronha Silva  <gns@gnome.org> and Thadeu Lima de Souza Cascardo <cascardo@holoscopio.com>

        Reviewed by Holger Freyther.

        https://bugs.webkit.org/show_bug.cgi?id=24638
        [GTK] HTML5 media tags do not work

        Work-around the fact that gst_element_query_duration returns true even
        though it is unable to figure out the duration when in stream (push)
        mode.

        * platform/graphics/gtk/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivate::duration):

2009-03-16  Darin Adler  <darin@apple.com>

        Reviewed by Kevin Decker.

        <rdar://problem/6642742> Top Sites malfunction when switching text zoom mode

        * page/Frame.cpp:
        (WebCore::Frame::setNeedsReapplyStyles): Don’t do anything if the frame is
        currently showing a non-HTML view.

2009-03-16  Darin Adler  <darin@apple.com>

        Reviewed by Adele Peterson.

        Bug 24629: moving forward or backward a paragraph fails at edge of document
        https://bugs.webkit.org/show_bug.cgi?id=24629
        rdar://problem/6544413

        Test: editing/selection/move-paragraph-document-edges.html

        * editing/visible_units.cpp:
        (WebCore::previousParagraphPosition): Use the last result from
        previousLinePosition rather than going all the way back to what was originally
        passed in when we hit exception cases like null or not moving. This correctly
        inherits the behavior of previousLinePosition when we are in a paragraph at the
        edge of a document.
        (WebCore::nextParagraphPosition): Ditto.

2009-03-16  Darin Adler  <darin@apple.com>

        Reviewed by Adele Peterson.

        Bug 24619: RenderObject::selectionStartEnd does not need to be a virtual function
        https://bugs.webkit.org/show_bug.cgi?id=24619

        * rendering/RenderObject.h: Remove virtual keyword from selectionStartEnd declaration.
        * rendering/RenderView.h: Ditto.

2009-03-16  Peter Kasting  <pkasting@google.com>

        Reviewed by David Hyatt.

        https://bugs.webkit.org/show_bug.cgi?id=24368
        DOM scroll events should be based off the actual number of wheel
        ticks, not off the number of lines scrolled.  This matches IE.

        * dom/Node.cpp:
        (WebCore::Node::dispatchWheelEvent):
        * dom/WheelEvent.cpp:
        (WebCore::WheelEvent::WheelEvent):
        * dom/WheelEvent.h:
        (WebCore::WheelEvent::create):
        * platform/PlatformWheelEvent.h:
        (WebCore::PlatformWheelEvent::wheelTicksX):
        (WebCore::PlatformWheelEvent::wheelTicksY):
        * platform/gtk/WheelEventGtk.cpp:
        (WebCore::PlatformWheelEvent::PlatformWheelEvent):
        * platform/mac/WheelEventMac.mm:
        (WebCore::PlatformWheelEvent::PlatformWheelEvent):
        * platform/qt/WheelEventQt.cpp:
        * platform/win/WheelEventWin.cpp:
        (WebCore::PlatformWheelEvent::PlatformWheelEvent):
        * platform/wx/MouseWheelEventWx.cpp:
        (WebCore::PlatformWheelEvent::PlatformWheelEvent):

2009-03-16  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Eric Seidel
        
        Clean up a few issues in the Animation code:

        * page/animation/AnimationBase.cpp:
        (WebCore::AnimationBase::updateStateMachine):
        Whitespace
        
        (WebCore::AnimationBase::willNeedService):
        Don't round to float, use std::max

        * page/animation/AnimationController.cpp:
        (WebCore::AnimationControllerPrivate::startTimeResponse):
        Fix erroneously copied line to null out m_lastResponseWaiter.

2009-03-12  David Hyatt  <hyatt@apple.com>

        Reviewed by Eric Seidel

        https://bugs.webkit.org/show_bug.cgi?id=13632

        Overflow scrolling needs to account for the bottom/right padding on the object itself as well
        as for bottom/right margins on children.

        Existing tests cover this.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::lowestPosition):
        (WebCore::RenderBlock::rightmostPosition):

2009-03-16  Sam Weinig  <sam@webkit.org>

        Reviewed by Anders Carlsson.

        Fix for <rdar://problem/6320555>
        Add an upper limit for setting HTMLSelectElement.length.

        Test: fast/forms/select-max-length.html

        * html/HTMLSelectElement.cpp:
        (WebCore::HTMLSelectElement::setOption):
        (WebCore::HTMLSelectElement::setLength):

2009-03-16  Eric Carlson  <eric.carlson@apple.com>

        Reviewed by Simon Fraser.

        <rdar://problem/6686721> Media document crash in 64-bit WebKit

        * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
        (WebCore::MediaPlayerPrivate::createQTMovieView): QTMovieContentViewClass is only used when
        rendering inline with old versions of QuickTime, so don't look for it when we are in a 
        media document.

2009-03-16  Dimitri Glazkov  <dglazkov@chromium.org>

        Reviewed by Timothy Hatcher.

        https://bugs.webkit.org/show_bug.cgi?id=24590
        Refactor InspectorDOMStorageResource to use ScriptFunctionCall.

        * bindings/js/ScriptFunctionCall.cpp:
        (WebCore::ScriptFunctionCall::appendArgument): Added method for bool argument.
        * bindings/js/ScriptFunctionCall.h: Ditto, also cleaned up.
        * bindings/js/ScriptObjectQuarantine.cpp:
        (WebCore::getQuarantinedScriptObject): Added Storage helper.
        * bindings/js/ScriptObjectQuarantine.h: Ditto.
        * inspector/InspectorController.cpp:
        (WebCore::InspectorController::populateScriptObjects): Changed to use bind method.
        (WebCore::InspectorController::resetScriptObjects): Changed to use unbind method.
        (WebCore::InspectorController::didUseDOMStorage): Changed to use isSameHostAndType and bind methods.
        * inspector/InspectorController.h: Removed add/remove methods for DOM storage.
        * inspector/InspectorDOMStorageResource.cpp:
        (WebCore::InspectorDOMStorageResource::InspectorDOMStorageResource):
        (WebCore::InspectorDOMStorageResource::isSameHostAndType): Added.
        (WebCore::InspectorDOMStorageResource::bind): Added.
        (WebCore::InspectorDOMStorageResource::unbind): Added.
        * inspector/InspectorDOMStorageResource.h:

2009-03-16   Mike Belshe  <mike@belse.com>

        Reviewed by Dimitri Glazkov.

        https://bugs.webkit.org/show_bug.cgi?id=24580
        Fix query() to match KURL behavior, this time with the code that
        compiles.

        * platform/KURLGoogle.cpp:
        (WebCore::KURL::query): Fix copy/paste mistake.

2009-03-16  Alexey Proskuryakov  <ap@webkit.org>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=21752
        REGRESSION: referencing XHR constructor for a not yet loaded frame permanently breaks it

        Test: fast/dom/Window/window-early-properties-xhr.html

        For some transitions, the Window object is not replaced, but Document is. When this happened,
        window.document property was updated, but references to Document kept in cached constructors
        were not.

        * bindings/js/JSAudioConstructor.cpp:
        (WebCore::JSAudioConstructor::JSAudioConstructor):
        (WebCore::JSAudioConstructor::document):
        (WebCore::JSAudioConstructor::mark):
        * bindings/js/JSAudioConstructor.h:
        * bindings/js/JSImageConstructor.cpp:
        (WebCore::JSImageConstructor::JSImageConstructor):
        (WebCore::JSImageConstructor::document):
        (WebCore::JSImageConstructor::mark):
        * bindings/js/JSImageConstructor.h:
        * bindings/js/JSMessageChannelConstructor.cpp:
        (WebCore::JSMessageChannelConstructor::JSMessageChannelConstructor):
        (WebCore::JSMessageChannelConstructor::scriptExecutionContext):
        (WebCore::JSMessageChannelConstructor::mark):
        * bindings/js/JSMessageChannelConstructor.h:
        * bindings/js/JSOptionConstructor.cpp:
        (WebCore::JSOptionConstructor::JSOptionConstructor):
        (WebCore::JSOptionConstructor::document):
        (WebCore::JSOptionConstructor::mark):
        * bindings/js/JSOptionConstructor.h:
        * bindings/js/JSXMLHttpRequestConstructor.cpp:
        (WebCore::JSXMLHttpRequestConstructor::JSXMLHttpRequestConstructor):
        (WebCore::JSXMLHttpRequestConstructor::scriptExecutionContext):
        (WebCore::JSXMLHttpRequestConstructor::mark):
        * bindings/js/JSXMLHttpRequestConstructor.h:
        Changed cached constructors to keep a reference to Window, not Document.

2009-03-15  Alexey Proskuryakov  <ap@webkit.org>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=24549
        Impose a limit on Access-Control-Max-Age value

        * loader/CrossOriginPreflightResultCache.cpp:
        (WebCore::CrossOriginPreflightResultCacheItem::parse):

2009-03-15  Greg Bolsinga  <bolsinga@apple.com>

        Reviewed by David Kilzer.

        <rdar://problem/6668875> Normalize Geolocation results

        * platform/mac/GeolocationServiceMac.mm:
        (-[WebCoreCoreLocationObserver locationManager:didUpdateToLocation:fromLocation:]):

2009-03-15  Greg Bolsinga  <bolsinga@apple.com>

        Reviewed by David Kilzer.

        Update ::toString format as suggested by Darin Adler.

        * page/Geoposition.cpp:
        (WebCore::Geoposition::toString):

2009-03-15  David Kilzer  <ddkilzer@apple.com>

        <rdar://problem/6668238> WebCore is registering text encodings needlessly from KURL constructor.

        Reviewed by Darin Adler.

        Yet another case where we would trigger extended encoding loading needlessly.

        * platform/text/TextEncoding.cpp:
        (WebCore::TextEncoding::encodingForFormSubmission):

2009-03-15  Simon Fraser  <simon.fraser@apple.com>

        Build fix: no review.

        * rendering/style/ContentData.h:

2009-03-15  David Kilzer  <ddkilzer@apple.com>

        Bug 24542: Improve ContentData encapsulation

        <https://bugs.webkit.org/show_bug.cgi?id=24542>

        Reviewed by Simon Fraser.

        No tests since there is no change in behavior.

        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::createObject): Used getter methods
        instead of data members on ContentData class.  Used isImage()
        convenience method.
        * rendering/RenderObjectChildList.cpp:
        (WebCore::RenderObjectChildList::updateBeforeAfterContent): Ditto.

        * rendering/style/ContentData.cpp:
        (WebCore::ContentData::clear): Extracted code into
        deleteContent() method.
        (WebCore::ContentData::dataEquivalent): Added.  Extracted code
        from StyleRareNonInheritedData::contentDataEquivalent().
        (WebCore::ContentData::deleteContent): Added.  Used by setter
        methods.
        * rendering/style/ContentData.h: Made m_type, m_content and
        m_next private.
        (WebCore::ContentData::isCounter): Added.
        (WebCore::ContentData::isImage): Added.
        (WebCore::ContentData::isNone): Added.
        (WebCore::ContentData::isText): Added.
        (WebCore::ContentData::type): Added.
        (WebCore::ContentData::dataEquivalent): Added.
        (WebCore::ContentData::image): Added.
        (WebCore::ContentData::setImage): Added.
        (WebCore::ContentData::text): Added.
        (WebCore::ContentData::setText): Added.
        (WebCore::ContentData::counter): Added.
        (WebCore::ContentData::setCounter): Added.
        (WebCore::ContentData::next): Added.
        (WebCore::ContentData::setNext): Added.

        * rendering/style/CounterContent.h:
        (WebCore::operator!=): Removed.
        (WebCore::operator==): Renamed operator!=() and reversed its
        logic after extracting code from
        StyleRareNonInheritedData::contentDataEquivalent() to create
        ContentData::dataEquivalent().

        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::setContent): Used new getters and setters
        on ContentData class.  Changed first argument from a StringImpl*
        to a PassRefPtr<StrimgImpl>.  Used isText() convenience method.
        * rendering/style/RenderStyle.h:
        (WebCore::RenderStyle::setContent): Updated declaration.
        * rendering/style/StyleRareNonInheritedData.cpp:
        (WebCore::StyleRareNonInheritedData::contentDataEquivalent):
        Extracted most logic in while() loop into
        ContentData::dataEquivalent().

2009-03-15  Gustavo Noronha Silva  <gns@gnome.org>

        Reviewed by Anders Carlsson.

        https://bugs.webkit.org/show_bug.cgi?id=24602
        [Gtk] Searching in thepiratebay.org doesn't work with more than 1 word

        Reintroduce the URI into the soup message after having set it in
        the KURL, on redirects, to make sure it is properly encoded. This
        fixes bad request problems when servers give bad URIs on their
        response's Location header.