2007-04-17 Mitz Pettel <mitz@webkit.org>
[WebKit-https.git] / WebCore / ChangeLog
1 2007-04-17  Mitz Pettel  <mitz@webkit.org>
2
3         Reviewed by Darin.
4
5         - fix http://bugs.webkit.org/show_bug.cgi?id=13369
6           REGRESSION (r13366): Invisible table cell background is painted
7
8         Test: fast/table/invisible-cell-background.html
9
10         * rendering/RenderTableCell.cpp:
11         (WebCore::RenderTableCell::paintBackgroundsBehindCell): Don't paint any
12         background if the cell is not visible. This behavior matches WinIE and Opera.
13
14 2007-04-17  Justin Garcia  <justin.garcia@apple.com>
15
16         Reviewed by harrison
17
18         <rdar://problem/5119244> 
19         Crash when indenting a selected ToDo
20         
21         indentRegion() was using the old (incorrect) editable root 
22         getter, which returned null for a valid, editable position, 
23         causing the crash.
24
25         * editing/IndentOutdentCommand.cpp:
26         (WebCore::IndentOutdentCommand::indentRegion):
27         The editable root for a position is editableRootForPosition(p),
28         not p.node()->rootEditableElement(), because of VisiblePositions 
29         before/after tables, replaced elements and others.
30
31 2007-04-17  Justin Garcia  <justin.garcia@apple.com>
32
33         Reviewed by hyatt
34
35         <rdar://problem/5138441> 
36         GoogleDocs: Indented text looks like text that's been Quoted
37         
38         GoogleDocs uses FormatBlock, blockquotes and a style rule
39         for blockquotes to implement a "Quote Text" feature.  Styles
40         intended only for those blockquotes were added to the 
41         blockquotes that we use for indenting.
42
43         * css/html4.css: Removed the webkit-indent-blockquote class rule.
44         * editing/IndentOutdentCommand.cpp:
45         (WebCore::createIndentBlockquoteElement): Use custom margins
46         and turn off border and padding to override author rules for
47         blockquotes.
48
49 2007-04-17  Justin Garcia  <justin.garcia@apple.com>
50
51         Reviewed by darin
52
53         <rdar://problem/5136770> 
54         Gmail Editor: Hang when turning a particular multi-line selection into a list
55         
56         When InsertListCommand pushes content into list items, 
57         it creates an empty list item and then calls moveParagraphs.  
58         But moveParagraphs' selection preservation code fails when 
59         it encounters empty list items (list items w/o placeholders).
60         This causes InsertListCommand to lose track of where it has 
61         already been performed, which causes the hang.
62
63         * editing/InsertListCommand.cpp:
64         (WebCore::InsertListCommand::doApply): Use brs to hold open 
65         empty list items.
66
67 2007-04-17  Darin Adler  <darin@apple.com>
68
69         Oops, rolled that last change out. I'll redo it again later after making
70         som additional refinments.
71
72 2007-04-17  Darin Adler  <darin@apple.com>
73
74         Reviewed by Brady.
75
76         - a few baby steps to try to make lockHistory and userGesture less confusing
77
78         * page/FrameLoadRequest.h:
79         (WebCore::FrameLoadRequest::FrameLoadRequest): Add initialization of m_isUserGesture
80         to true.
81         (WebCore::FrameLoadRequest::shouldLockHistory): Renamed from lockHistory to avoid having
82         a getter that sounds like a verb phrase.
83         (WebCore::FrameLoadRequest::setShouldLockHistory): Ditto.
84         (WebCore::FrameLoadRequest::isUserGesture): Added.
85         (WebCore::FrameLoadRequest::setIsUserGesture): Ditto.
86
87         * loader/FrameLoader.h: Remove userGesture parameter from load that takes
88         FrameLoadRequest. Remove default values for lockHistory and userGesture parameters,
89         since that just makes it more likely we'll forget to pass them in. Remove one of
90         the overloads of urlSelected, since it's only called one place.
91
92         * loader/FrameLoader.cpp:
93         (WebCore::FrameLoader::createWindow): Remove userGesture parameter, relying on
94         the true default in FrameLoadRequest.
95         (WebCore::FrameLoader::urlSelected): Call setShouldLockHistory and setIsUserGesture
96         on the FrameLoadRequest, and call load directly; also eliminate the other urlSelected
97         overload since this was the only place it was called.
98         (WebCore::FrameLoader::load): Remove userGesture parameter, relying on the true
99         default in FrameLoadRequest. In the other overload, clean up logic to eliminate the
100         argsReferrer variable and get rid of the userGesture parameter, using the value from
101         FrameLoadRequest.
102         (WebCore::FrameLoader::submitForm): Remove userGesture parameter, relying on the value
103         in the FrameLoadRequest. This actually changes behavior.
104
105         * bindings/js/kjs_html.cpp: (KJS::JSHTMLDocument::putValueProperty): Pass
106         false for userGesture explicitly instead of relying on default argument.
107
108         * page/ContextMenuController.cpp: (WebCore::ContextMenuController::contextMenuItemSelected):
109         Remove userGesture parameter, relying on the true default in FrameLoadRequest.
110
111 2007-04-16  David Kilzer  <ddkilzer@webkit.org>
112
113         Reviewed by NOBODY (fixed misspelling).
114
115         * manual-tests/containing-block-position-chage.html: Removed.
116         * manual-tests/containing-block-position-change.html: Added.
117
118 2007-04-16  Justin Garcia  <justin.garcia@apple.com>
119
120         Reviewed by darin
121
122         <rdar://problem/5134759> 
123         GMail Editor: Hang after pasting underlined text multiple times
124         
125         The moveParagraphs call that ReplaceSelectionCommand
126         performs must receive only inline content from createMarkup, 
127         or else it will result in another call to moveParagraphs 
128         when it performs the move, resulting in infinite recursion.
129
130         * editing/markup.cpp:
131         (WebCore::startMarkup): We were only converting a block to
132         an inline if it had an inline style declaration or styles 
133         coming from matched rules.  Cleaned up this code a bit by 
134         handling an element's style separately from its other 
135         attributes.
136
137 2007-04-16  Darin Adler  <darin@apple.com>
138
139         - get layout tests going again
140
141         * page/mac/FrameMac.mm: (WebCore::Frame::setUseSecureKeyboardEntry):
142         Replace assertion with a runtime check. We can consider changing it back to
143         an assertion some day, but it's not important.
144
145 2007-04-16  Darin Adler  <darin@apple.com>
146
147         Reviewed by John Sullivan.
148
149         - fix http://bugs.webkit.org/show_bug.cgi?id=13303
150           <rdar://problem/5126341> REGRESSION: controls in a background Safari window
151           maintain active appearance if the address bar has focus (13303)
152
153         - fix a related problem where elements could look focused in non-active windows
154
155         - simplify secure keyboard entry logic in Frame::setIsActive
156
157         * WebCore.exp: Add two new symbols for use by WebKit.
158
159         * html/HTMLInputElement.cpp:
160         (WebCore::HTMLInputElement::dispatchFocusEvent): Call setUseSecureKeyboardEntryWhenActive
161         rather than calling setSecureKeyboardEntry directly -- does nothing if the frame is not active.
162         (WebCore::HTMLInputElement::dispatchBlurEvent): Ditto.
163
164         * page/Frame.cpp:
165         (WebCore::Frame::setUseSecureKeyboardEntryWhenActive): Added. Calls
166         setUseSecureKeyboardEntry only if the frame is active, but also stores away the state,
167         so that the setIsActive function doesn't have to recompute it.
168         (WebCore::Frame::setIsActive): Rewrote all the comments in the function. Removed the code
169         to manage control tints, which are not based on the whether the frame is active but rather
170         on AppKit's concept of whether the window should have "key appearance". Simplified the
171         logic about when to call setUseSecureKeyboardEntry by using the value of
172         m_useSecureKeyboardEntryWhenActive.
173         (WebCore::FramePrivate::FramePrivate): Initialize m_useSecureKeyboardEntryWhenActive.
174         * page/Frame.h: Made setSecureKeyboardEntry private and renamed it to
175         setUseSecureKeyboardEntry, removed isSecureKeyboardEntry, and
176         added a public setUseSecureKeyboardEntryWhenActive.
177         * page/FramePrivate.h: Added m_useSecureKeyboardEntryWhenActive.
178         * page/mac/FrameMac.mm: (WebCore::Frame::setUseSecureKeyboardEntry): Added an assertion,
179         and removed isSecureKeyboardEntry().
180
181         * page/FrameView.h: Added updateControlTints.
182         * page/FrameView.cpp: (WebCore::FrameView::updateControlTints): Added. Code was moved
183         here from setIsActive for two reasons: (1) it makes more sense in the view class, and
184         (2) it needs to be called at the appropriate time for AppKit, not when active changes.
185
186         * rendering/RenderTheme.cpp: (WebCore::RenderTheme::isFocused): Added an isActive
187         check here to match the logic in the implementation of the CSS pseudo-state.
188         * rendering/RenderThemeMac.mm:
189         (WebCore::RenderThemeMac::updateFocusedState): Use the isFocused function instead of
190         repeating the logic here. Removed the "need to add a key window test here" comment.
191         (WebCore::RenderThemeMac::controlSupportsTints): Added a comment about the NSCell
192         SPI that's related to the _windowChangedKeyState method we now use in WebHTMLView.
193
194 2007-04-16  Darin Adler  <darin@apple.com>
195
196         Reviewed by John Sullivan.
197
198         - fix http://bugs.webkit.org/show_bug.cgi?id=13227
199           StringImpl::isLower incorrectly assumes islower returns 1 (it can return any non-0)
200
201         * platform/StringImpl.cpp:
202         (WebCore::StringImpl::isLower): Based on test application results, changed to use &&
203         instead of trying to use & to avoid branches. Use U16_NEXT so we can handle characters
204         outside the BMP. Improved comments.
205         (WebCore::StringImpl::lower): Improved comments.
206         (WebCore::equalIgnoringCase): Changed to use && instead of trying to use & to avoid
207         branches. Improved comments. Added an assertion about the assumption we're
208         making that characters in the char* are all ASCII.
209
210 2007-04-13  David Kilzer  <ddkilzer@webkit.org>
211
212         Patch and review by hyatt.  Testing and landing by ddkilzer.
213
214         <rdar://problem/5078866>
215         tables don't inherit text-align (in strict mode; they're not supposed to in quirks mode)
216
217         Test: fast/css/table-text-align-quirk.html
218               fast/css/table-text-align-strict.html
219
220         Previous commit (r20731) removed the wrong property from WebCore/css/html4.css.  However,
221         when the correct property was removed, it caused tables to inherit alignment properties
222         from tags like <center> and <div align="center">.  This is fixed in
223         WebCore::CSSStyleSelector::adjustRenderStyle() by special-casing tables to reset the
224         text-align property.
225
226         * css/CSSComputedStyleDeclaration.cpp:
227         (WebCore::valueForTextAlign): Renamed KHTML_CENTER, KHTML_LEFT and KHTML_RIGHT to
228         WEBKIT_CENTER, WEBKIT_LEFT and WEBKIT_RIGHT.
229         * css/cssparser.cpp:
230         (WebCore::CSSParser::parseValue): Ditto.
231         * css/cssstyleselector.cpp:
232         (WebCore::CSSStyleSelector::adjustRenderStyle): Tables should not support -webkit-center,
233         -webkit-left or -webkit-right values for text-align, so reset them back to auto.
234         * css/html4.css: Removed "text-align: -webkit-auto;" property from tables selector.  It
235         was previously added to css/quirks.css in r20731.
236         * rendering/RenderBlock.cpp:
237         (WebCore::RenderBlock::determineHorizontalPosition): Renamed KHTML_* to WEBKIT_*.
238         * rendering/RenderBox.cpp:
239         (WebCore::RenderBox::calcHorizontalMargins): Ditto.
240         * rendering/RenderFlow.cpp:
241         (WebCore::RenderFlow::caretRect): Ditto.
242         * rendering/RenderStyle.h: Ditto.
243         (WebCore::):
244         * rendering/bidi.cpp:
245         (WebCore::RenderBlock::computeHorizontalPositionsForLine): Ditto.
246
247 2007-04-12  Brady Eidson  <beidson@apple.com>
248
249         Reviewed by Black Sheep
250
251         <rdar://problem/4664154> and http://bugs.webkit.org/show_bug.cgi?id=3546
252
253         When you click on a link that opens in a new window from within gmail, they first create a new window 
254         with an empty URL, then immediately document.write() into the window to schedule a redirect.
255
256         Since the initial page doesn't have a URL associated with it, a history item never gets created.  The 
257         reasonable solution?  To actually create the history item after the redirect (in updateHistoryForInternalLoad)
258
259         * loader/FrameLoader.cpp:
260         (WebCore::FrameLoader::addHistoryForCurrentLocation): Updates global and B/F history with a new history item
261         (WebCore::FrameLoader::updateHistoryForStandardLoad): Call addHistoryForCurrentLocation
262         (WebCore::FrameLoader::updateHistoryForInternalLoad): Call addHistoryForCurrentLocation if there is not already
263           a current history item
264         * loader/FrameLoader.h:
265
266 2007-04-12  Oliver Hunt  <oliver@apple.com>
267
268         Reviewed by Adam.
269
270         This fixes <rdar://problem/5060766> -- Frameset with 
271         an empty frame crashes due to null document.  Debug
272         builds hit the frame->document() assertion in 
273         EventHandler::prepareMouseEvent
274
275         This null check seems necessary now, having run through 
276         all the logic on the path to this crash it appears that
277         we can't avoid this null check.  
278
279         * page/EventHandler.cpp:
280         (WebCore::EventHandler::updateDragAndDrop):
281
282 2007-04-12  Justin Garcia  <justin.garcia@apple.com>
283
284         Reviewed by darin
285         
286         <rdar://problem/5131716> 
287         Clicking just before a ToDo doesn't put the caret before the ToDo
288         
289         * rendering/RenderBlock.cpp:
290         (WebCore::RenderBlock::positionForCoordinates):
291         Consider clicks inside the blocks padding, instead of
292         incorrectly sending them to the position before the block.
293
294 2007-04-12  John Sullivan  <sullivan@apple.com>
295
296         Reviewed by Anders
297
298         - WebCore part of fix for:
299         <rdar://problem/5128697> REGRESSION: At least one PDF context menu item isn't appearing on Leopard
300
301         * platform/ContextMenuItem.h:
302         (WebCore::):
303         add two PDF-related context menu items to enum to keep it in sync with WebKit
304
305         * platform/ContextMenu.cpp:
306         (WebCore::ContextMenu::checkOrEnableIfNeeded):
307         add the new context menu items to the do-nothing case of a big switch statement
308
309 2007-04-12  Simon Hausmann  <hausmann@kde.org>
310
311         Reviewed by Zack.
312
313         Fixed drawing of justified text in the Qt port.
314
315         * platform/qt/FontQt.cpp:
316         (Font::drawGlyphs):
317
318 2007-04-11  Oliver Hunt  <oliver@apple.com>
319
320         Reviewed by Maciej.
321
322         Adding RetainPtr to the many global obj-c pointers we use in
323         C/C++ methods.  This is necessary to prevent GC from collecting
324         globals we want to keep around.
325
326         We use RetainPtr in obj-c++ and c++ files, and CFRetain/Release in pure
327         obj-c.
328
329         Also made the Pasteboard::m_pasteboard a RetainPtr although it
330         shouldn't be necessary as the only NSPasteboard instances that 
331         should ever be inserted are the system clipboard and dragging 
332         pasteboard.  Neither of which should ever be collected.
333
334         * page/mac/WebCoreFrameBridge.mm:
335         (_getPreSmartSet):
336         (_getPostSmartSet):
337         * platform/Pasteboard.h:
338         * platform/graphics/mac/ColorMac.mm:
339         (WebCore::nsColor):
340         * platform/graphics/mac/GraphicsContextMac.mm:
341         (WebCore::GraphicsContext::drawLineForMisspellingOrBadGrammar):
342         * platform/mac/FontDataMac.mm:
343         (WebCore::webFallbackFontFamily):
344         * platform/mac/PasteboardMac.mm:
345         (WebCore::writableTypesForURL):
346         (WebCore::writableTypesForImage):
347         (WebCore::Pasteboard::clear):
348         (WebCore::Pasteboard::writeSelection):
349         (WebCore::Pasteboard::writeURL):
350         (WebCore::Pasteboard::writeFileWrapperAsRTFDAttachment):
351         (WebCore::Pasteboard::writeImage):
352         (WebCore::Pasteboard::canSmartReplace):
353         (WebCore::Pasteboard::plainText):
354         (WebCore::Pasteboard::documentFragment):
355
356 2007-04-11  Mitz Pettel  <mitz@webkit.org>
357
358         Reviewed by Dave Hyatt.
359
360         - fix http://bugs.webkit.org/show_bug.cgi?id=11362
361           Native popup with size="1" wraps options
362
363         Test: fast/forms/menulist-option-wrap.html
364
365         * css/html4.css: Added white-space declaration for select[size="0"] and
366         select[size="1"]. Added border-radius declaration for select.
367
368 2007-04-11  MorganL  <morganl.webkit@yahoo.com>
369
370         Reviewed by Maciej.
371
372         Add a Frame pointer to ChromeClient methods:
373         http://bugs.webkit.org/show_bug.cgi?id=13127
374
375         * loader/FrameLoader.cpp:
376         (WebCore::FrameLoader::createWindow):
377         * page/Chrome.cpp:
378         (WebCore::Chrome::createWindow):
379         (WebCore::Chrome::createModalDialog):
380         * page/Chrome.h:
381         * page/ChromeClient.h:
382         * page/ContextMenuController.cpp:
383         (WebCore::openNewWindow):
384         * platform/graphics/svg/SVGImageEmptyClients.h:
385         (WebCore::SVGEmptyChromeClient::createWindow):
386         (WebCore::SVGEmptyChromeClient::createModalDialog):
387
388 2007-04-11  Brady Eidson  <beidson@apple.com>
389
390         Reviewed by Ada
391
392         <rdar://problem/5080987> - Crash in DocumentLoader::frameLoader() const
393
394         This was free nil checking lost during the ObjC -> C++ conversion
395
396         * loader/FrameLoader.cpp:
397         (WebCore::FrameLoader::checkLoadCompleteForThisFrame): Null check the DocumentLoader
398
399 2007-04-11  Justin Garcia  <justin.garcia@apple.com>
400
401         Reviewed by harrison
402
403         <rdar://problem/5126166> 
404         Deleting selection starting at before ToDo checkbox to end of line, inserts a BR in the subsequent ToDo
405         
406         If a selection ends in a table cell, we shouldn't perform
407         a merge after deleting that selection.  We have code in
408         place to prevent those merges, but it failed here.
409         
410         It fails because the end of the selection was [tableCell, 0],
411         (normally not a valid VisiblePosition, but valid here
412         because the table cell is empty).  We prevent the merge
413         if the node of the position at the end of the selection 
414         has an enclosingTableCell.  Even though [tableCell, 0] has 
415         an enclosing table cell, the node tableCell doesn't, so 
416         the check fails.
417         
418         Fixed this by changing enclosingTableCell to take in
419         a position, instead of a node.  The other enclosing element
420         getters should be changed in this way as well.
421
422         * editing/DeleteSelectionCommand.cpp:
423         (WebCore::DeleteSelectionCommand::initializePositionData):
424         Call the new enclosingTableCell.
425         * editing/ReplaceSelectionCommand.cpp:
426         (WebCore::ReplaceSelectionCommand::shouldMerge): Ditto.
427         * editing/htmlediting.cpp:
428         (WebCore::enclosingTableCell): Take in a position instead
429         of a node.
430         * editing/htmlediting.h:
431
432 2007-04-12  Mark Rowe  <mrowe@apple.com>
433
434         Qt build fix.
435
436         * WebCore.pro:
437         * editing/qt/EditorQt.cpp:
438         (WebCore::Editor::markBadGrammar):
439         * history/qt/CachedPageQt.cpp: Added.
440         (WebCore::CachedPage::close):
441         * history/qt/PageCacheQt.cpp: Removed.
442
443 2007-04-11  Brady Eidson  <beidson@apple.com>
444
445         Reviewed by Antti
446
447         <rdar://problem/5125648> and http://bugs.webkit.org/show_bug.cgi?id=13326
448
449         Crash opening a link in a new window from Gmail
450
451         Problem here is that the currentHistoryItem in the new window is null.  This *shouldn't* be the case, 
452         and is the cause of a very long standing bug - 
453         http://bugs.webkit.org/show_bug.cgi?id=3546 - Can't go back to first page in new window opened from gmail
454
455         For now, adding a null check prevents this crash and restores the original, long standing regression
456  
457         * loader/FrameLoader.cpp:
458         (WebCore::FrameLoader::updateHistoryForInternalLoad): NULL check
459
460 2007-04-11  Adam Roben  <aroben@apple.com>
461
462         Reviewed by Anders.
463
464         Made image document copying more cross-platform.
465
466         All layout tests pass.
467
468         * editing/Editor.cpp:
469         (WebCore::imageNodeFromImageDocument): Added.
470         (WebCore::Editor::canCopy): Called imageNodeFromImageDocument.
471         (WebCore::Editor::copy): Ditto.
472         (WebCore::Editor::copyImage): Updated for changes to Pasteboard.
473         * platform/Pasteboard.h: Made writeImage more general, which allowed
474         getting rid of its second incarnation.
475         * platform/gdk/TemporaryLinkStubs.cpp:
476         * platform/mac/PasteboardMac.mm:
477         (WebCore::Pasteboard::writeImage): Collapsed logic from the two
478         writeImage methods into one.
479         (Pasteboard::writeImage): Updated for Pasteboard changes.
480         * platform/qt/PasteboardQt.cpp:
481         (WebCore::Pasteboard::writeImage): Ditto.
482
483 2007-04-11  Darin Adler  <darin@apple.com>
484
485         * css/CSSValueKeywords.in: Fix a comment.
486
487 2007-04-09  Justin Garcia  <justin.garcia@apple.com>
488
489         Reviewed by harrison
490         
491         <rdar://problem/4932260> 
492         Invalid attributed string for attachment range obtained via AXPreviousWordStartTextMarkerForTextMarker
493         
494         By default, text iterators don't emit anything for replaced 
495         elements.  Boundary finding code works around this but has 
496         bugs: replaced elements act as sentence boundaries and the 
497         above bug, where previousBoundary moves past the start of a 
498         word if there is a replaced element just before it. This 
499         patch fixes these issues by treating replaced elements as 
500         punctuation for boundary finding.
501
502         * editing/TextIterator.cpp:
503         (WebCore::SimplifiedBackwardsTextIterator::SimplifiedBackwardsTextIterator):
504         Set m_pastStartNode, the node after (in a reverse pre-order traversal) the 
505         last one that should be processed.
506         (WebCore::SimplifiedBackwardsTextIterator::advance):
507         Stop at m_pastStartNode.
508         Iterate over nodes in reverse pre-order (TextIterator traverses in 
509         pre-orer). This makes knowing when to emit characters after nodes vs. when
510         to emit characters before nodes easier.
511         Remove the special case for entering a new block, emitting characters 
512         after nodes can now be handled generally, in handleNonTextNode(), because
513         of the way we traverse.
514         Set m_handledChildren to false every iteration since we now do traverse in 
515         reverse pre-order.
516         (WebCore::SimplifiedBackwardsTextIterator::handleReplacedElement):
517         Emit a comma for replaced elements.  We only use this kind of iterator 
518         for finding boundaries, so we can do this unconditionally.
519         (WebCore::SimplifiedBackwardsTextIterator::handleNonTextNode):
520         Don't use emitNewline, instead specify where the newline should be positioned.
521         A node is handled before its children, so characters emitted here should 
522         be positioned after the node, not before it.
523         (WebCore::SimplifiedBackwardsTextIterator::exitNode): 
524         Don't use emitNewline, instead specify where the newline should be positioned.
525         (WebCore::CharacterIterator::CharacterIterator): 
526         Create a TextIterator that emits content for replaced elements, if requested.
527         * editing/TextIterator.h:
528         * editing/visible_units.cpp:
529         (WebCore::previousBoundary): 
530         Removed replaced element handling code.
531         If the start of the chunk that contained the boundary was in a non-text
532         node, then the boundary is not necessarily in that node.  Particularly
533         because it is only the end of the chunk that is guaranteed to be a valid
534         position in those cases.  We must iterate backwards by character from 
535         the end of the chunk to find the boundary.
536         (WebCore::nextBoundary): Removed replaced element handling code.
537
538 2007-04-10  Brady Eidson  <beidson@apple.com>
539
540         Reviewed by Darin
541
542         <rdar://problem/4887095> - PageCache and PageState should be combined
543
544         These two objects are a relic of when the PageCache was split between WebCore and WebKit
545         It just makes good sense to combine them now, and the new object is more appropriately
546         called "CachedPage"
547
548         This patch is vast in scope, but simple in depth - anywhere a PageCache or PageState object 
549         was used has been adjusted to use a CachedPage object instead.  The most notable change is
550         that HistoryItem - which always used to have a PageCache object which may or may not have 
551         had a PageState - now may or may not have a CachedPage.  This actually simplifies the 
552         HistoryItem code a bit while making the role of CachedPage much more clear.
553
554         * WebCore.exp:
555         * WebCore.xcodeproj/project.pbxproj:
556
557         * history/BackForwardList.cpp:
558         (WebCore::BackForwardList::addItem):
559         (WebCore::BackForwardList::setCapacity):
560         (WebCore::BackForwardList::setPageCacheSize):
561         (WebCore::BackForwardList::clearPageCache):
562         (WebCore::BackForwardList::close):
563
564         * history/PageCache.cpp: Removed.
565         * history/PageCache.h: Removed.
566         * page/PageState.cpp: Removed.
567         * page/PageState.h: Removed.
568         * history/CachedPage.cpp: Added.
569         (WebCore::CachedPage::create):
570         (WebCore::CachedPage::CachedPage):
571         (WebCore::CachedPage::~CachedPage):
572         (WebCore::CachedPage::restore):
573         (WebCore::CachedPage::clear):
574         (WebCore::CachedPage::setDocumentLoader):
575         (WebCore::CachedPage::documentLoader):
576         (WebCore::CachedPage::setTimeStamp):
577         (WebCore::CachedPage::setTimeStampToNow):
578         (WebCore::CachedPage::timeStamp):
579         * history/CachedPage.h: Added.
580         (WebCore::CachedPage::document):
581         (WebCore::CachedPage::mousePressNode):
582         (WebCore::CachedPage::URL):
583
584         * history/HistoryItem.cpp:
585         (WebCore::HistoryItem::HistoryItem):
586         (WebCore::HistoryItem::setCachedPage):
587         (WebCore::HistoryItem::setURL):
588         (WebCore::HistoryItem::alwaysAttemptToUseCachedPage):
589         (WebCore::HistoryItem::setAlwaysAttemptToUseCachedPage):
590         (WebCore::HistoryItem::cachedPage):
591         (WebCore::cachedPagesPendingRelease):
592         (WebCore::HistoryItem::releaseCachedPagesOrReschedule):
593         (WebCore::HistoryItem::releaseAllPendingCachedPages):
594         (WebCore::HistoryItem::scheduleCachedPageForRelease):
595         * history/HistoryItem.h:
596         * history/mac/HistoryItemMac.mm:
597
598         * history/HistoryItemTimer.cpp:
599         (WebCore::HistoryItemTimer::HistoryItemTimer):
600         (WebCore::HistoryItemTimer::callReleaseCachedPagesOrReschedule):
601         * history/HistoryItemTimer.h:
602
603         * history/mac/PageCacheMac.mm: Removed.
604         * history/mac/CachedPageMac.mm: Added.
605         (WebCore::CachedPage::close):
606         (WebCore::CachedPage::setDocumentView):
607         (WebCore::CachedPage::documentView):
608
609         * loader/DocumentLoader.cpp:
610         (WebCore::DocumentLoader::DocumentLoader):
611         (WebCore::DocumentLoader::loadFromCachedPage):
612         (WebCore::DocumentLoader::setLoadingFromCachedPage):
613         (WebCore::DocumentLoader::isLoadingFromCachedPage):
614         * loader/DocumentLoader.h:
615
616         * loader/FrameLoader.cpp:
617         (WebCore::FrameLoader::provisionalLoadStarted):
618         (WebCore::FrameLoader::commitProvisionalLoad):
619         (WebCore::FrameLoader::transitionToCommitted):
620         (WebCore::FrameLoader::open):
621         (WebCore::FrameLoader::startLoading):
622         (WebCore::FrameLoader::receivedMainResourceError):
623         (WebCore::FrameLoader::opened):
624         (WebCore::FrameLoader::continueLoadAfterNavigationPolicy):
625         (WebCore::FrameLoader::loadProvisionalItemFromCachedPage):
626         (WebCore::FrameLoader::cachePageToHistoryItem):
627         (WebCore::FrameLoader::createHistoryItem):
628         (WebCore::FrameLoader::purgePageCache):
629         (WebCore::FrameLoader::invalidateCurrentItemCachedPage):
630         (WebCore::FrameLoader::loadItem):
631         (WebCore::FrameLoader::updateHistoryForStandardLoad):
632         (WebCore::FrameLoader::updateHistoryForClientRedirect):
633         (WebCore::FrameLoader::updateHistoryForBackForwardNavigation):
634         (WebCore::FrameLoader::updateHistoryForReload):
635         (WebCore::FrameLoader::updateHistoryForInternalLoad):
636         (WebCore::FrameLoader::updateHistoryForCommit):
637         * loader/FrameLoader.h:
638         * loader/FrameLoaderClient.h:
639
640         * page/mac/WebCoreFrameBridge.h: Got rid of unused WebCorePageCacheStateKey
641         * page/mac/WebCoreFrameBridge.mm: Ditto
642
643         * platform/graphics/svg/SVGImage.cpp:
644         * platform/graphics/svg/SVGImageEmptyClients.h: Update to reflect the new names
645         (WebCore::SVGEmptyFrameLoaderClient::loadProvisionalItemFromCachedPage):
646         (WebCore::SVGEmptyFrameLoaderClient::invalidateCurrentItemCachedPage):
647         (WebCore::SVGEmptyFrameLoaderClient::loadedFromCachedPage):
648         (WebCore::SVGEmptyFrameLoaderClient::clearLoadingFromCachedPage):
649         (WebCore::SVGEmptyFrameLoaderClient::isLoadingFromCachedPage):
650         (WebCore::SVGEmptyFrameLoaderClient::setDocumentViewFromCachedPage):
651         (WebCore::SVGEmptyFrameLoaderClient::saveDocumentViewToCachedPage):
652
653 2007-04-10  Antti Koivisto  <antti@apple.com>
654
655         Reviewed by Hyatt.
656
657         Fix <rdar://5057686> 
658         Flex box layout example hangs in WebCore::RenderFlexibleBox::allowedChildFlex
659         
660         Forcibly distribute remaining pixels if the algorithm is not advancing.
661
662         * rendering/RenderFlexibleBox.cpp:
663         (WebCore::RenderFlexibleBox::layoutHorizontalBox):
664         (WebCore::RenderFlexibleBox::layoutVerticalBox):
665
666 2007-04-11  Mark Rowe  <mrowe@apple.com>
667
668         Build fix.
669
670         * bridge/mac/WebCoreAXObject.mm:
671         (-[WebCoreAXObject accessibilityDescription]):
672
673 2007-04-10  Patti Hoa <patti@apple.com>
674
675         Reviewed by Justin Garcia.
676
677         <rdar://problem/5122276> Allow focused frame to fire off notification
678         Improve accessibility support for Mail WebView embedded Notes.
679
680         * bridge/mac/AXObjectCacheMac.mm:
681         (WebCore::AXObjectCache::postNotification):
682         The focused document with the selection change should fire the selection changed notification, not the top level document
683         * bridge/mac/WebCoreAXObject.mm:
684         (-[WebCoreAXObject accessibilityDescription]):
685         Allow the name attribute of the html body to be used as the accessibility description
686
687 2007-04-09  Geoffrey Garen  <ggaren@apple.com>
688
689         Reviewed by Maciej Stachowiak.
690         
691         Support for fixing fast/forms/textarea-paste-newline.html.
692         
693         Changed clients to use new preference specifying whether a Page should 
694         allow pasting through the DOM API, instead of a global flag.
695
696         Removed old behavior of always allowing DOM paste in debug builds. In 
697         light of the new preference-based API, that behavior makes no sense anymore. 
698         Instead, developers who want to test paste inside Safari can set the 
699         preference for themselves.
700
701         * WebCore.exp:
702         * editing/CommandByName.cpp: Removed crazy hack to keep an identically 
703         named but invalid copy of the global "pate allowed" flag in this file.
704         (WebCore::Frame::enabledPaste):
705         * editing/JSEditor.cpp: Removed "always allow" behavior for debug builds.
706         (WebCore::JSEditor::queryCommandSupported):
707         * editing/JSEditor.h:
708         * page/Settings.cpp:
709         (WebCore::Settings::setDOMPasteAllowed):
710         * page/Settings.h:
711         (WebCore::Settings::isDOMPasteAllowed):
712         * rendering/RenderTreeAsText.cpp:
713         (WebCore::externalRepresentation): Removed crazy hack to allow DOM paste
714         after this function has been called.
715
716 2007-04-10  John Sullivan  <sullivan@apple.com>
717
718         Reviewed by Tim Hatcher
719
720         - fixed <rdar://problem/4859132> Grammar must always be checked in entire-sentence chunks, 
721           and shouldn't show markers for current sentence
722
723         * editing/Editor.h:
724         add markBadGrammar, now distinct from markMisspellings
725
726         * editing/mac/EditorMac.mm:
727         (WebCore::Editor::markMisspellingsAfterTypingToPosition):
728         call markMisspellings on one word, and markBadGrammar on entire sentence
729         (WebCore::markMisspellingsOrBadGrammar):
730         new static function, extracted from markMisspellings
731         (WebCore::Editor::markMisspellings):
732         now calls extracted function
733         (WebCore::Editor::markBadGrammar):
734         new method, calls extracted function
735
736         * page/Frame.cpp:
737         (WebCore::Frame::respondToChangedSelection):
738         update grammar markers for entire new and old sentences
739
740 2007-04-09  Anders Carlsson  <andersca@apple.com>
741
742         Reviewed by John.
743
744         * WebCore.exp:
745         Add __ZNK7WebCore11FrameLoader10isCompleteEv.
746         
747 2007-04-09  Brady Eidson  <beidson@apple.com>
748
749         Reviewed by Darin
750
751         Fixes <rdar://4921797> and http://bugs.webkit.org/show_bug.cgi?id=12005
752
753         The original regression was to claim that more loads were the result of a "user gesture" than really
754         were.  A lot of the ways a frame load could be kicked off didn't properly set up this flag, and it 
755         wasn't properly propagated and respected where it should've been.
756
757         This patch cleans much of that up.  One loose end is the "treatAsUserGesture" flag which is a stop
758         gap measure to keep "slow redirects" working to create a new history item.  In the future, we need
759         to cleanup the meaning and use of "userGesture" and "lockHistory."  This includes integrating them 
760         in to FrameLoadRequest and being very clear of what their meaning actually is at different stages of
761         the Frame load process.
762
763         * dom/Document.cpp:
764         (WebCore::Document::processHttpEquiv): Pass only the delay for the redirect
765
766         * html/HTMLAnchorElement.cpp:
767         (WebCore::HTMLAnchorElement::defaultEventHandler): Pass "lockHistory" false, "userGesture" true
768
769         * ksvg2/svg/SVGAElement.cpp:
770         (WebCore::SVGAElement::defaultEventHandler): Pass "lockHistory" false, "userGesture" true
771
772         * loader/FrameLoader.cpp:
773         (WebCore::ScheduledRedirection::ScheduledRedirection): Figure "lockHistory" and "userGesture" from the 
774           delay here, instead of at 3 other different sites that call this method
775         (WebCore::FrameLoader::changeLocation): Set userGesture correctly
776         (WebCore::FrameLoader::urlSelected): Propagate userGesture down
777         (WebCore::FrameLoader::requestFrame): 
778         (WebCore::FrameLoader::receivedFirstData):
779         (WebCore::FrameLoader::scheduleRedirection): Pass only the delay here
780         (WebCore::FrameLoader::redirectionTimerFired): Set userGesture correctly
781         (WebCore::FrameLoader::load):
782         (WebCore::FrameLoader::updateHistoryForInternalLoad): Insteading of asserting we aren't a redirect,
783           handle the case where we *are* a redirect by updating the previous history item
784         * loader/FrameLoader.h:
785
786 2007-04-09  Anders Carlsson  <andersca@apple.com>
787
788         Reviewed by Darin.
789
790         <rdar://problem/5120801> 
791         http://bugs.webkit.org/show_bug.cgi?id=13247
792         Closing a page during slow cloning causes crash in setJSStatusBarText (13247)
793
794         * bindings/js/kjs_window.cpp:
795         (KJS::Window::put):
796         Return early if m_frame is null. A closed window only has one property, "closed" 
797         so no properties should be settable in that case.
798
799 2007-04-09  Andrew Wellington  <proton@wiretapped.net>
800
801         Reviewed by Justin Garcia.
802         
803         Fix for http://bugs.webkit.org/show_bug.cgi?id=12959
804         "REGRESSION: Edit -> Copy not enabled on standalone images"
805
806         * dom/Document.h: Add support for determining if a document is an image
807         (WebCore::Document::isImageDocument):
808         * editing/Editor.cpp:
809         (WebCore::Editor::canCopy): Image documents are copyable
810         (WebCore::Editor::copy): If copying an image document, call appropriate pasteboard methods
811         * loader/ImageDocument.h:
812         (WebCore::ImageDocument::isImageDocument): Override to return true for image documents
813         * platform/Pasteboard.h: Add new writeImage function to pasteboard
814         * platform/mac/PasteboardMac.mm:
815         (WebCore::Pasteboard::writeImage): Add writeImage implementation that takes Node and URL
816         * platform/qt/PasteboardQt.cpp:
817         (WebCore::Pasteboard::writeImage): Stub for Qt implementation of pasteboard
818
819 2007-04-08  Oliver Hunt  <oliver@apple.com>
820
821         rs=Adam.
822
823         Add ASSERT(selectedRange) to previous change
824
825         * platform/mac/PasteboardMac.mm:
826         (WebCore::Pasteboard::writeSelection):
827
828 2007-04-08  Oliver Hunt  <oliver@apple.com>
829
830         rs=Adam.
831
832         Fix minor error when writing selection to pasteboard.
833         This shouldn't have an effect as selectedRange should be the
834         selected range from source frame, however this is safer.
835
836         * platform/mac/PasteboardMac.mm:
837         (WebCore::Pasteboard::writeSelection):
838
839 2007-04-08  David Hyatt  <hyatt@apple.com>
840
841         Fix mouseover/out failing layout tests.
842
843         Reviewed by aroben
844
845         * page/EventHandler.cpp:
846         (WebCore::EventHandler::handleMouseMoveEvent):
847         (WebCore::EventHandler::updateMouseEventTargetNode):
848         (WebCore::EventHandler::dispatchMouseEvent):
849         * page/EventHandler.h:
850
851 2007-04-08  Oliver Hunt  <oliver@apple.com>
852
853         Reviewed by Adam.
854
855         Fix for <rdar://problem/5113621> REGRESSION: Dragging PDF as image does not give any feedback
856
857         If we fail when attempting to create a drag image for a dragged
858         image, we fall back to the appropriate icon.
859
860         * page/DragController.cpp:
861         (WebCore::DragController::doImageDrag):
862
863 2007-04-08  Adam Roben  <aroben@apple.com>
864
865         Reviewed by Oliver.
866
867         Bestowed the gift of -webkit-dashboard-region upon all platforms, since
868         there's nothing Mac-specific about it other than the name. This also
869         allowed me to get rid of FrameViewMac.mm.
870
871         Removed a lot of #if PLATFORM(MAC):
872
873         * css/CSSComputedStyleDeclaration.cpp:
874         (WebCore::):
875         (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
876         * css/CSSPrimitiveValue.cpp:
877         (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
878         (WebCore::CSSPrimitiveValue::cleanup):
879         (WebCore::CSSPrimitiveValue::cssText):
880         * css/CSSPrimitiveValue.h:
881         (WebCore::CSSPrimitiveValue::getDashboardRegionValue):
882         (WebCore::CSSPrimitiveValue::):
883         * css/cssparser.cpp:
884         (WebCore::CSSParser::parseValue):
885         (WebCore::CSSParser::parseDashboardRegions):
886         * css/cssparser.h:
887         * css/cssstyleselector.cpp:
888         (WebCore::CSSStyleSelector::applyProperty):
889         * dom/Document.cpp:
890         (WebCore::Document::Document):
891         * dom/Document.h:
892         * page/Frame.cpp:
893         (WebCore::Frame::paint):
894         * page/Frame.h:
895         * page/FrameView.cpp:
896         (WebCore::FrameView::layout):
897         (WebCore::FrameView::updateDashboardRegions): Moved from FrameViewMac.mm.
898         * page/FrameView.h:
899         * page/qt/FrameQt.cpp:
900         (WebCore::Frame::dashboardRegionsChanged): Stubbed out.
901         * platform/gdk/FrameGdk.cpp:
902         (WebCore::Frame::dashboardRegionsChanged): Ditto.
903         * rendering/RenderLayer.cpp:
904         (WebCore::RenderLayer::scrollToOffset):
905         (WebCore::RenderLayer::setHasHorizontalScrollbar):
906         (WebCore::RenderLayer::setHasVerticalScrollbar):
907         (WebCore::RenderLayer::updateScrollInfoAfterLayout):
908         * rendering/RenderObject.cpp:
909         (WebCore::RenderObject::setStyle):
910
911         * WebCore.xcodeproj/project.pbxproj: Removed FrameViewMac.mm.
912         * bridge/mac/FrameViewMac.mm: Removed.
913
914 2007-04-08  Mark Rowe  <mrowe@apple.com>
915
916         Qt build fix.
917
918         * platform/qt/TemporaryLinkStubs.cpp:
919
920 2007-04-06  Geoffrey Garen  <ggaren@apple.com>
921
922         Reviewed by Beth Dakin.
923         
924         Fixed one more case of <rdar://problem/5112273> REGRESSION(TOT): 
925         Reproducible crash loading an old version of amazon.com as a web archive
926
927         * bindings/js/JSXMLHttpRequest.cpp:
928         (KJS::JSXMLHttpRequestPrototypeFunction::callAsFunction):
929
930 2007-04-06  Oliver Hunt  <oliver@apple.com>
931
932         Reviewed by Adam.
933
934         Fix MouseEvent so it's possible to distinguish between
935         a MouseMouseEvent with NoButton down, and a move with
936         LeftButton down.  It would be nice if the DOM allowed 
937         for NoButton to exist, but it doesn't so this is necessary.
938
939         * dom/EventTargetNode.cpp:
940         (WebCore::EventTargetNode::dispatchMouseEvent):
941         * dom/MouseEvent.cpp:
942         (WebCore::MouseEvent::MouseEvent):
943         (WebCore::MouseEvent::initMouseEvent):
944         * dom/MouseEvent.h:
945         (WebCore::MouseEvent::noButton):
946
947 2007-04-06  Krzysztof Kowalczyk  <kkowalczyk@gmail.com>
948
949         Not reviewed - gdk build fix.
950
951         * platform/gdk/MouseEventGdk.cpp:
952
953 2007-04-06  Krzysztof Kowalczyk  <kkowalczyk@gmail.com>
954
955         Reviewed by darin.
956
957         Coverity fix. Coverity says:
958         "Event var_deref_op: Variable "info_ptr" tracked as NULL was dereferenced."
959
960         * platform/image-decoders/png/pngrutil.c:
961         (png_handle_gAMA):
962
963 2007-04-06  Krzysztof Kowalczyk  <kkowalczyk@gmail.com>
964
965         Reviewed by darin.
966
967         Coverity fix. Coverity says:
968         "Event var_deref_model: Variable "(this)->clientptr" tracked as NULL was passed to a function that dereferences it."
969
970         * platform/image-decoders/gif/GIFImageReader.cpp:
971         (GIFImageReader::read):
972
973 2007-04-06  David Hyatt  <hyatt@apple.com>
974
975         Fix more of the layout test failures caused by fixing the slider layout test failure (sigh).  clear()
976         needs to null out the capturingMouseEventsNode in the case where a mousedown or move while captured
977         causes a navigation to another page.
978
979         * page/EventHandler.cpp:
980         (WebCore::EventHandler::clear):
981         (WebCore::EventHandler::handleMouseReleaseEvent):
982
983 2007-04-06  David Hyatt  <hyatt@apple.com>
984
985         Fix failing slider layout test.  Don't clear the subframe capture unless we really were capturing on a
986         subframe.
987
988         Reviewed by adele, darin
989
990         * page/EventHandler.cpp:
991         (WebCore::EventHandler::handleMouseReleaseEvent):
992
993 2007-04-06  Beth Dakin  <bdakin@apple.com>
994
995         Reviewed by Geoff and Darin.
996
997         Fix for <rdar://problem/4875433> WebView underlines are too thick 
998         when scaled small
999
1000         When we have a small scale factor, we should follow the line-
1001         drawing code as if we were printing. Meaning, specifically, that we 
1002         should not round to device pixels and we should antialias.
1003
1004         * platform/graphics/cg/GraphicsContextCG.cpp:
1005         (WebCore::GraphicsContext::drawLineForText):
1006
1007 2007-04-06  Geoffrey Garen  <ggaren@apple.com>
1008
1009         Reviewed by Beth Dakin.
1010         
1011         Fixed <rdar://problem/5112273> REGRESSION(TOT): Reproducible crash loading 
1012         an old version of amazon.com as a web archive
1013         
1014         The problem was JavaScript executing inside a frame with a NULL document.
1015         It's probably a bug that the document was NULL, but we don't want a minor
1016         bug to be a crasher, and we don't want the DOM to depend on the implementation
1017         details of the JS bindings, so I added NULL checks.
1018
1019         * bindings/js/kjs_window.cpp: Call FrameLoader::completeURL instead of
1020         Document::completeURL, since FrameLoader::completeURL is safe against a
1021         NULL document.
1022         (KJS::Window::put):
1023         (KJS::WindowFunc::callAsFunction):
1024         (KJS::Location::put):
1025         (KJS::LocationFunc::callAsFunction):
1026
1027 2007-04-06  David Hyatt  <hyatt@apple.com>
1028
1029         Fix for bug 13274.  Rework mouse events so that subframe capturing works again.  Make sure
1030         everything just comes down through the top FrameView even when capturing is in effect.  Update
1031         scrollbar handling logic so that scrollbars receive events correctly while capturing is in
1032         effect.  Eliminate the notion of widget capture.  Fix mouse moves so that they only fire
1033         on the innermost hit frame.
1034
1035         Reviewed by olliej
1036
1037         * page/EventHandler.cpp:
1038         (WebCore::EventHandler::handleMouseDraggedEvent):
1039         (WebCore::subframeForTargetNode):
1040         (WebCore::EventHandler::handleMousePressEvent):
1041         (WebCore::EventHandler::handleMouseMoveEvent):
1042         (WebCore::EventHandler::handleMouseReleaseEvent):
1043         * page/EventHandler.h:
1044         * platform/PopupMenu.h:
1045         (WebCore::PopupMenu::scrollbarCapturingMouse):
1046         (WebCore::PopupMenu::setScrollbarCapturingMouse):
1047         * platform/ScrollBar.h:
1048         (WebCore::Scrollbar::handleMouseReleaseEvent):
1049         * platform/Widget.h:
1050         (WebCore::Widget::geometryChanged):
1051
1052 2007-04-06  Justin Garcia  <justin.garcia@apple.com>
1053
1054         Reviewed by john
1055
1056         <rdar://problem/5115601> 
1057         REGRESSION: Crash deleting a selection that starts in an editable table cell
1058         
1059         The selection starts at the start of an editable 
1060         root that's embedded in a non-editable ToDo (table).  
1061         Removing the selection removes all editable 
1062         VisiblePositions from the root.  Then, the creation 
1063         of mergeDestination fails, and using it causes a crash.
1064
1065         * editing/DeleteSelectionCommand.cpp:
1066         (WebCore::DeleteSelectionCommand::mergeParagraphs):
1067         Nil-check mergeDestination to avoid crashing and
1068         also insert a break in that case at m_upstreamStart, 
1069         so that we can create a valid mergeDestination and
1070         perform the merge.
1071         
1072         
1073 2007-04-06  Mitz Pettel  <mitz@webkit.org>
1074
1075         Reviewed by Oliver.
1076
1077         Eliminate PlatformMouseEvent::currentEvent.
1078
1079         No test possible (no change to functionality).
1080
1081         * page/EventHandler.cpp:
1082         (WebCore::EventHandler::handleDrag):
1083         * platform/PlatformMouseEvent.h:
1084         * platform/gdk/TemporaryLinkStubs.cpp:
1085         * platform/mac/PlatformMouseEventMac.mm:
1086         (WebCore::PlatformMouseEvent::PlatformMouseEvent):
1087         * platform/qt/PlatformMouseEventQt.cpp:
1088         * platform/win/TemporaryLinkStubs.cpp:
1089
1090 2007-04-05  Oliver Hunt  <oliver@apple.com>
1091
1092         Reviewed by Maciej.
1093
1094         Fix for rdar://problem/4849948 -- JSCanvasRenderingContext2D::drawImage
1095         crashes when given invalid arguments.
1096
1097         JSCanvasRenderingContext2D frequently casts from JSValue* to JSObject*
1098         and then checks isObject *after* the cast.  JSObject::isObject is unsafe 
1099         if applied to a JSImmediate value (null, undefined, etc).  This patch 
1100         corrects the logic in a number of places by performing the isObject check
1101         before casting to JSObject.
1102
1103         * bindings/js/JSCanvasRenderingContext2DCustom.cpp:
1104         (WebCore::JSCanvasRenderingContext2D::drawImage):
1105         (WebCore::JSCanvasRenderingContext2D::drawImageFromRect):
1106         (WebCore::JSCanvasRenderingContext2D::createPattern):
1107
1108 2007-04-05  Adele Peterson  <adele@apple.com>
1109
1110         Reviewed by Oliver.
1111
1112         Fix for <rdar://problem/4965597> REGRESSION: mouseup doesn't fire for slider (causes it to always default to max)
1113
1114         Test: fast/forms/slider-mouse-events.html
1115
1116         * page/EventHandler.cpp: (WebCore::EventHandler::dispatchMouseEvent):
1117         Since the actual target node of the event can't be a shadow node, set the target node to the capturing node before adjusting it.
1118
1119 2007-04-05  Kevin McCullough  <kmccullough@apple.com>
1120
1121         Reviewed by Darin.
1122
1123         - Added reportLocalLoadFailed to FrameLoader to send an error to the console when
1124         calls to canLoad fail. 
1125
1126         * loader/Cache.cpp:
1127         (WebCore::Cache::requestResource):
1128         * loader/FrameLoader.cpp:
1129         (WebCore::FrameLoader::loadSubframe):
1130         (WebCore::FrameLoader::loadPlugin):
1131         (WebCore::FrameLoader::load):
1132         (WebCore::FrameLoader::reportLocalLoadFailed):
1133         * loader/FrameLoader.h:
1134         * loader/SubresourceLoader.cpp:
1135         (WebCore::SubresourceLoader::create):
1136
1137 2007-04-05  Adele Peterson  <adele@apple.com>
1138
1139         Reviewed by Maciej.
1140
1141         Add text-align: -webkit-auto for form controls.  Buttons already override this property to center their text.
1142
1143         * css/html4.css:
1144
1145 2007-04-05  Krzysztof Kowalczyk  <kkowalczyk@gmail.com>
1146
1147         Reviewed by rwlbuis.
1148
1149         Coverity fix. Coverity says:
1150         "Event var_deref_model: Variable "page" tracked as NULL was passed to a function that dereferences it."
1151
1152         * platform/Font.cpp:
1153         (WebCore::Font::glyphDataForCharacter):
1154
1155 2007-04-05  Krzysztof Kowalczyk  <kkowalczyk@gmail.com>
1156
1157         Reviewed by darin.
1158
1159         Coverity fix. Coverity says:
1160         "Event var_deref_model: Variable "unicode" tracked as NULL was passed to a 
1161         function that dereferences it."
1162
1163         * platform/DeprecatedString.cpp:
1164         (WebCore::DeprecatedString::DeprecatedString):
1165
1166 2007-04-05  Adele Peterson  <adele@apple.com>
1167
1168         Reviewed by Hyatt.
1169
1170         Fix for <rdar://problem/5113593> REGRESSION: Search fields in RSS pages don't show ibeam cursor
1171
1172         * css/html4.css: Set the cursor values explicitly for input, textarea (to auto), & select (to default).
1173
1174 2007-04-05  David Hyatt  <hyatt@apple.com>
1175
1176         Fix for <rdar://problem/5078866> tables should only reset text-align
1177         in quirks mode.
1178
1179         Reviewed by beth
1180
1181         * css/html4.css:
1182         * css/quirks.css:
1183
1184 2007-04-05  Adele Peterson  <adele@apple.com>
1185
1186         Fixing typo that's crashing.
1187
1188         * html/HTMLAnchorElement.cpp: (WebCore::HTMLAnchorElement::defaultEventHandler):
1189           Use evt instead of null variable k.
1190
1191 2007-04-05  Adele Peterson  <adele@apple.com>
1192
1193         Reviewed by Hyatt.
1194
1195         Fix for <rdar://problem/5021500> Cursor should stay as pointer when slider is being dragged
1196
1197         Don't set the selection ibeam cursor when there's a node that's capturing mouse events.
1198
1199         * page/EventHandler.cpp:
1200         (WebCore::selectCursor):
1201         (WebCore::EventHandler::handleMouseMoveEvent):
1202
1203 2007-04-05  Geoffrey Garen  <ggaren@apple.com>
1204
1205         Reviewed by Beth Dakin.
1206
1207         More clean-up while fixing <rdar://problem/5112273> REGRESSION(TOT): 
1208         Reproducible crash loading an old version of amazon.com as a web archive
1209         
1210         Layout tests pass.
1211         
1212         Removed more superfluous document NULL checks. (Node::document() never 
1213         returns NULL, and it asserts as much.)
1214         
1215         Merged some duplicate editing code into a static inline function.
1216         
1217         * page/mac/WebCoreFrameBridge.mm:
1218         (updateRenderingForBindings): Removed superfluous static_cast.
1219
1220 2007-04-05  Adele Peterson  <adele@apple.com>
1221
1222         Reviewed by Darin.
1223
1224         A little cleanup from my last checkin.  Always check if an Event is really a MouseEvent or a KeyboardEvent
1225         before casting it.
1226
1227         * html/HTMLAnchorElement.cpp: (WebCore::HTMLAnchorElement::defaultEventHandler):
1228         * html/HTMLSelectElement.cpp:
1229         (WebCore::HTMLSelectElement::menuListDefaultEventHandler):
1230         (WebCore::HTMLSelectElement::listBoxDefaultEventHandler):
1231         * html/HTMLTextFieldInnerElement.cpp:
1232         (WebCore::HTMLSearchFieldResultsButtonElement::defaultEventHandler):
1233         (WebCore::HTMLSearchFieldCancelButtonElement::defaultEventHandler):
1234         * ksvg2/svg/SVGAElement.cpp: (WebCore::SVGAElement::defaultEventHandler):
1235         * page/ContextMenuController.cpp: (WebCore::ContextMenuController::handleContextMenuEvent):
1236         * rendering/RenderFrameSet.cpp: (WebCore::RenderFrameSet::userResize):
1237         * rendering/RenderSlider.cpp: (WebCore::HTMLSliderThumbElement::defaultEventHandler):
1238
1239 2007-04-05  Geoffrey Garen  <ggaren@apple.com>
1240
1241         Reviewed by Beth Dakin.
1242         
1243         Some clean-up while fixing <rdar://problem/5112273> REGRESSION(TOT): 
1244         Reproducible crash loading an old version of amazon.com as a web archive
1245         
1246         Removed superfluous document NULL checks. (Node::document() never returns
1247         NULL, and it asserts as much.)
1248         
1249         Removed duplicate implementation of displayString.
1250         
1251         Layout tests pass.
1252
1253         * bindings/objc/DOMInternal.h:
1254         * bindings/objc/DOMInternal.mm:
1255         * html/HTMLGenericFormElement.cpp:
1256         (WebCore::HTMLGenericFormElement::supportsFocus):
1257         * html/HTMLPlugInElement.cpp:
1258         (WebCore::HTMLPlugInElement::createNPObject):
1259         * platform/ContextMenu.cpp:
1260         (WebCore::ContextMenu::checkOrEnableIfNeeded):
1261         * rendering/HitTestResult.cpp:
1262         (WebCore::displayString):
1263         * rendering/HitTestResult.h:
1264         * rendering/RenderLayer.cpp:
1265         (WebCore::RenderLayer::updateHoverActiveState):
1266
1267 === Safari-5522.6 ===
1268
1269 2007-04-05  Oliver Hunt  <oliver@apple.com>
1270
1271         Reviewed by Adam.
1272
1273         Fix rdar://problem/5030934 -- landscape PDFs embedded as an image are cut off
1274         also fixes scaling of pdf images
1275
1276         PDFDocumentImage was not accounting for page rotation in a number of places
1277
1278         * platform/graphics/cg/PDFDocumentImage.cpp:
1279         (WebCore::PDFDocumentImage::size):
1280           we need to account for rotation of the pdf image effecting our bounds
1281         (WebCore::PDFDocumentImage::draw):
1282           When compensating for flipped coords we need to use the correct rect for the 
1283           coordinate space.  We can't pass size() to CGContextDrawPDFDocument as it
1284           returns the rotated bounds now -- this is also save the old 
1285           FloatSize -> IntSize -> FloatSize conversions.
1286           
1287
1288 2007-04-04  Alexey Proskuryakov  <ap@webkit.org>
1289
1290         Reviewed by Darin.
1291
1292         http://bugs.webkit.org/show_bug.cgi?id=13278
1293         REGRESSION: cannot change SELECT option
1294
1295         Test: fast/forms/option-change-single-selected.html
1296
1297         * html/HTMLSelectElement.cpp:
1298         (WebCore::HTMLSelectElement::setSelectedIndex): If multiple selection is not allowed, 
1299         be sure to deselect the previous option.
1300
1301 2007-04-04  Adele Peterson  <adele@apple.com>
1302
1303         Reviewed by Oliver.
1304
1305         Fix for <rdar://5105009> Prepare for fix to send mousedown and mouseup (but not click) events when right-clicking
1306
1307         * page/EventHandler.cpp: Don't ever send click events for right-clicks.
1308         (WebCore::EventHandler::handleMouseDoubleClickEvent):
1309         (WebCore::EventHandler::handleMouseReleaseEvent):
1310         
1311         Check that the mousedown and mouseup are not with the right button before performing default behavior.
1312         * html/HTMLAnchorElement.cpp: (WebCore::HTMLAnchorElement::defaultEventHandler):
1313         * html/HTMLInputElement.cpp: (WebCore::HTMLInputElement::defaultEventHandler):
1314         * html/HTMLSelectElement.cpp:
1315         (WebCore::HTMLSelectElement::menuListDefaultEventHandler):
1316         (WebCore::HTMLSelectElement::listBoxDefaultEventHandler):
1317         * html/HTMLTextFieldInnerElement.cpp:
1318         (WebCore::HTMLSearchFieldResultsButtonElement::defaultEventHandler):
1319         (WebCore::HTMLSearchFieldCancelButtonElement::defaultEventHandler):
1320         * ksvg2/svg/SVGAElement.cpp:(WebCore::SVGAElement::defaultEventHandler):
1321         * rendering/RenderFrameSet.cpp: (WebCore::RenderFrameSet::userResize):
1322         * rendering/RenderSlider.cpp: (WebCore::HTMLSliderThumbElement::defaultEventHandler):
1323
1324 2007-04-03  Justin Garcia  <justin.garcia@apple.com>
1325
1326         Reviewed by darin
1327         
1328         <rdar://problem/5026848> Can cut/delete ToDo subunits
1329         
1330         We were removing non-editable content during a delete.
1331
1332         * editing/DeleteSelectionCommand.cpp: 
1333         (WebCore::DeleteSelectionCommand::initializePositionData): 
1334         Set m_startRoot and m_endRoot.
1335         (WebCore::DeleteSelectionCommand::removeNode): If a node
1336         is not inside both the start and end roots, remove it only
1337         if it is in editable content.
1338         * editing/DeleteSelectionCommand.h: Added m_startRoot and 
1339         m_endRoot, the editable roots that contain the start and end
1340         of the selection, respectively.  We consult these every
1341         time we remove a node, and don't want to recompute them 
1342         on every call to removeNode().
1343
1344 2007-04-03  David Hyatt  <hyatt@apple.com>
1345
1346         Fix for <rdar://problem/5108896>, make sure the assert for setEncodedSize
1347         deals with the error case.
1348
1349         Reviewed by andersca
1350
1351         * loader/CachedResource.cpp:
1352         (WebCore::CachedResource::setEncodedSize):
1353
1354 2007-04-03  Anders Carlsson  <andersca@apple.com>
1355
1356         Reviewed by Dave Hyatt.
1357
1358         * loader/ImageDocument.cpp:
1359         Don't call error() in stopParsing.
1360
1361 2007-04-03  Justin Garcia  <justin.garcia@apple.com>
1362
1363         Reviewed by darin
1364         
1365         <rdar://problem/5107422> 
1366         TOT REGRESSION: Delete key fails to delete text, and cursor disappears in Mail.app
1367         <rdar://problem/5107413> 
1368         TOT REGRESSION: Crash deleting text in email (infinite recursion in shouldInsertNode)
1369
1370         * editing/CompositeEditCommand.cpp:
1371         (WebCore::CompositeEditCommand::moveParagraphs):
1372         Back out the call to shouldInsert until we
1373         add WebViewInsertActionMoved, because Mail returns
1374         NO from shouldInsert for WebViewInsertActionPasted
1375         to override our Paste operation.
1376
1377 2007-04-03  Anders Carlsson  <andersca@apple.com>
1378
1379         Reviewed by Mitz.
1380
1381         Make window.innerWidth/innerHeight include the size of any present scrollbar to match Firefox.
1382         
1383         Make document.body.clientWidth/clientHeight return the width/height of the visible content when in
1384         quirks mode to match WinIE.
1385         
1386         * bindings/js/kjs_window.cpp:
1387         (KJS::Window::getValueProperty):
1388         Return the width and height of the scroll view, not the visible width and height.
1389         
1390         * dom/Element.cpp:
1391         (WebCore::Element::clientWidth):        
1392         (WebCore::Element::clientHeight):
1393         Return the visible size if the element is the body element and we're in quirks mode.
1394
1395 2007-04-03  Adele Peterson  <adele@apple.com>
1396
1397         Reviewed by Darin.
1398
1399         Updated fix for <rdar://problem/5107095> REGRESSION: disabled text color calculations are slowing down launchtime measurements
1400
1401         * platform/graphics/Color.cpp: Moved optimization for lightening black and darkening white into the Color class.
1402         (WebCore::Color::light):
1403         (WebCore::Color::dark):
1404         * rendering/RenderTextControl.cpp: (WebCore::disabledTextColor): Skip the difference calculation for black text, which will always be lightened.
1405
1406 2007-04-03  Anders Carlsson  <andersca@apple.com>
1407
1408         Reviewed by Tim.
1409
1410         <rdar://problem/4649516> 
1411         Turn off slow script dialog or crank up time that makes it come up
1412         
1413         * bindings/js/kjs_binding.cpp:
1414         (KJS::ScriptInterpreter::ScriptInterpreter):
1415         Increase the timeout to 10 seconds to match Firefox.
1416
1417 2007-04-03  Mitz Pettel  <mitz@webkit.org>
1418
1419         Reviewed by Darin.
1420
1421         - fix http://bugs.webkit.org/show_bug.cgi?id=13251
1422           editing/style/fontsize-1.html fails intermittently when run multiple times on Intel, generates incorrect DOM
1423
1424         Covered by existing editing tests.
1425
1426         * css/CSSPrimitiveValue.cpp:
1427         (WebCore::CSSPrimitiveValue::getFloatValue): Added ASSERTs that the requested conversion
1428         is from a scalar type to a scalar type. The intermittent failures in the test were
1429         the result of trying to convert an identifier type to a scalar type.
1430         * editing/ApplyStyleCommand.cpp:
1431         (WebCore::StyleChange::checkForLegacyHTMLStyleChange): Added a check that the
1432         font-size property value is an absolute length. If it is not (such as in the case
1433         of relative units or keywords like "x-large"), then no corresponding 'size' attribute
1434         will be generated for legacy HTML.
1435
1436 2007-04-03  Mitz Pettel  <mitz@webkit.org>
1437
1438         Reviewed by Darin.
1439
1440         - fix http://bugs.webkit.org/show_bug.cgi?id=13218
1441           <rdar://problem/5095977>
1442           Reproducible crash after call to window.close()
1443
1444         * manual-tests/stale-currentEvent.html: Added.
1445         * page/EventHandler.cpp:
1446         (WebCore::EventHandler::hoverTimerFired): Instead of faking a mouse event,
1447         just hit-test the last mouse event coordinates and update for hover state
1448         changes. This eliminates the use of currentEvent, which can be a non-mouse
1449         event or even a stale event.
1450
1451 2007-04-02  Adele Peterson  <adele@apple.com>
1452
1453         Reviewed by Maciej.
1454
1455         Fix for <rdar://problem/5107095> REGRESSION: disabled text color calculations are slowing down launchtime measurements
1456
1457         Hardcode disabled text colors for the most common cases- black and white.
1458
1459         * rendering/RenderTextControl.cpp: (WebCore::disabledTextColor):
1460
1461 2007-04-02  David Hyatt  <hyatt@apple.com>
1462
1463         Fix for <rdar://problem/5105784>, assertion failure in cache.  Encoded sizes were being set to
1464         garbage by accident because of a mismatch between derived class and base class constructors.  This
1465         patch cleans all of this up and gets rid of expiration date as a concept separate from the response.
1466
1467         Reviewed by anders
1468
1469         * dom/Document.cpp:
1470         (WebCore::Document::processHttpEquiv):
1471         * html/HTMLImageLoader.cpp:
1472         (WebCore::HTMLImageLoader::updateFromElement):
1473         * loader/Cache.cpp:
1474         (WebCore::createResource):
1475         (WebCore::Cache::requestResource):
1476         * loader/Cache.h:
1477         * loader/CachedCSSStyleSheet.cpp:
1478         (WebCore::CachedCSSStyleSheet::CachedCSSStyleSheet):
1479         * loader/CachedCSSStyleSheet.h:
1480         * loader/CachedImage.cpp:
1481         (WebCore::CachedImage::CachedImage):
1482         * loader/CachedImage.h:
1483         * loader/CachedResource.cpp:
1484         (WebCore::CachedResource::CachedResource):
1485         (WebCore::CachedResource::finish):
1486         * loader/CachedResource.h:
1487         * loader/CachedScript.cpp:
1488         (WebCore::CachedScript::CachedScript):
1489         * loader/CachedScript.h:
1490         * loader/CachedXBLDocument.cpp:
1491         (WebCore::CachedXBLDocument::CachedXBLDocument):
1492         * loader/CachedXBLDocument.h:
1493         * loader/CachedXSLStyleSheet.cpp:
1494         (WebCore::CachedXSLStyleSheet::CachedXSLStyleSheet):
1495         * loader/CachedXSLStyleSheet.h:
1496         * loader/DocLoader.cpp:
1497         (WebCore::DocLoader::DocLoader):
1498         (WebCore::DocLoader::requestResource):
1499         * loader/DocLoader.h:
1500
1501 2007-04-03  Antti Koivisto  <antti@apple.com>
1502
1503         Reviewed by Hyatt.
1504
1505         Render tree memory savings, part 3
1506         
1507         These changes shrink all RenderBlocks by additional 28 bytes. Together with parts 1 and 2
1508         RenderBlock goes from 172 bytes to 128 bytes, a saving of 26%.
1509         
1510         - Pack bitfields together in RenderFlow
1511         - Move top/bottom min/max margin values to a struct that is only allocated in case these
1512           variables have non default values. Usually this is <5% of all blocks. 
1513         - Move rarely used column variables to hash
1514
1515         * rendering/RenderBlock.cpp:
1516         (WebCore::ColumnInfo::ColumnInfo):
1517         (WebCore::RenderBlock::RenderBlock):
1518         (WebCore::RenderBlock::~RenderBlock):
1519         (WebCore::RenderBlock::layoutBlock):
1520         (WebCore::RenderBlock::collapseMargins):
1521         (WebCore::RenderBlock::clearFloatsIfNeeded):
1522         (WebCore::RenderBlock::setCollapsedBottomMargin):
1523         (WebCore::RenderBlock::layoutBlockChildren):
1524         (WebCore::RenderBlock::paintColumns):
1525         (WebCore::RenderBlock::paintObject):
1526         (WebCore::RenderBlock::fillSelectionGaps):
1527         (WebCore::RenderBlock::lowestPosition):
1528         (WebCore::RenderBlock::rightmostPosition):
1529         (WebCore::RenderBlock::leftmostPosition):
1530         (WebCore::RenderBlock::nodeAtPoint):
1531         (WebCore::RenderBlock::hitTestColumns):
1532         (WebCore::RenderBlock::positionForCoordinates):
1533         (WebCore::RenderBlock::availableWidth):
1534         (WebCore::RenderBlock::calcColumnWidth):
1535         (WebCore::RenderBlock::setDesiredColumnCountAndWidth):
1536         (WebCore::RenderBlock::desiredColumnWidth):
1537         (WebCore::RenderBlock::desiredColumnCount):
1538         (WebCore::RenderBlock::columnRects):
1539         (WebCore::RenderBlock::layoutColumns):
1540         (WebCore::RenderBlock::adjustPointToColumnContents):
1541         (WebCore::RenderBlock::adjustRectForColumns):
1542         (WebCore::RenderBlock::setMaxTopMargins):
1543         (WebCore::RenderBlock::setMaxBottomMargins):
1544         * rendering/RenderBlock.h:
1545         (WebCore::RenderBlock::maxTopMargin):
1546         (WebCore::RenderBlock::maxBottomMargin):
1547         (WebCore::RenderBlock::maxTopPosMargin):
1548         (WebCore::RenderBlock::maxTopNegMargin):
1549         (WebCore::RenderBlock::maxBottomPosMargin):
1550         (WebCore::RenderBlock::maxBottomNegMargin):
1551         (WebCore::RenderBlock::initMaxMarginValues):
1552         (WebCore::RenderBlock::MaxMargin::MaxMargin):
1553         (WebCore::RenderBlock::MaxMargin::topPosDefault):
1554         (WebCore::RenderBlock::MaxMargin::topNegDefault):
1555         (WebCore::RenderBlock::MaxMargin::bottomPosDefault):
1556         (WebCore::RenderBlock::MaxMargin::bottomNegDefault):
1557         * rendering/RenderFlexibleBox.cpp:
1558         (WebCore::RenderFlexibleBox::layoutBlock):
1559         * rendering/RenderFlow.h:
1560         (WebCore::RenderFlow::RenderFlow):
1561         (WebCore::RenderFlow::hasColumns):
1562         * rendering/RenderInline.cpp:
1563         (WebCore::RenderInline::RenderInline):
1564         * rendering/RenderInline.h:
1565
1566 2007-04-03  Antti Koivisto  <antti@apple.com>
1567
1568         Reviewed by Hyatt.
1569
1570         Fix asserts, these may also be called for rel positioned elements
1571
1572         * rendering/RenderBox.cpp:
1573         (WebCore::RenderBox::setStaticX):
1574         (WebCore::RenderBox::setStaticY):
1575
1576 2007-04-02  David Hyatt  <hyatt@apple.com>
1577
1578         Throw in an assert to try to track down a problem where an image is being set to a smaller encoded
1579         size.
1580
1581         * loader/CachedResource.cpp:
1582         (WebCore::CachedResource::setEncodedSize):
1583
1584 2007-04-02  Ada Chan  <adachan@apple.com>
1585
1586         Reviewed by Adele.
1587
1588         <rdar://5105331> Missing null check in Editor::execCommand
1589         Added null check.
1590
1591         * editing/Editor.cpp:
1592         (WebCore::Editor::execCommand):
1593
1594 2007-04-02  Justin Garcia  <justin.garcia@apple.com>
1595
1596         Reviewed by darin
1597
1598         <rdar://problem/5058163> 
1599         Hitting return inserts a new line between two To Dos, but caret is position after second ToDo
1600
1601         * editing/InsertParagraphSeparatorCommand.cpp:
1602         (WebCore::InsertParagraphSeparatorCommand::doApply):
1603         Removed refPos, it was unused.
1604         Don't assume that upstream() moves to a different
1605         node.  This assumption caused the line break to
1606         be inserted *after* the caret and a bad position
1607         to be set (added a testcase).
1608         Use isStartOfParagraph instead of checking
1609         for the existence of a br because the line might 
1610         be broken by a newline character in text that 
1611         preserves newlines.  Paragraphs that are created 
1612         in other ways, like with blocks, are handled 
1613         above (added a testcase).
1614
1615  2007-04-02  David Harrison  <harrison@apple.com>
1616
1617         Reviewed by Darin.
1618
1619         <rdar://problem/4906488> text attributes are not working for frame based web page
1620
1621         Attribute handling now treats each WebArea as its own world, rather than sometimes
1622         referring back up to the top WebArea. e.g. getting/setting the selection now
1623         operates on the WebArea containing the WebCoreAXObject that is being messaged (self).
1624         The methods that sit above this and are able to go into arbitrary WebAreas
1625         are accessibilityFocusedUIElement and doAXTextMarkerForPosition, allowing VoiceOver
1626         to navigate between frames.
1627         
1628         * bridge/mac/WebCoreAXObject.mm:
1629         (-[WebCoreAXObject topRenderer]):
1630         (-[WebCoreAXObject frameView]):
1631         (-[WebCoreAXObject topFrameView]):
1632         Removed topDocument, renamed topView to topFrameView, added frameView.
1633         
1634         (-[WebCoreAXObject accessibilityAttributeValue:]):
1635         AXSelectedTextMarkerRange, AXStartTextMarker, and AXEndTextMarker now use
1636         self's WebArea, rather than the top WebArea.
1637         
1638         (-[WebCoreAXObject doAXTextMarkerRangeForLine:]):
1639         Use self's WebArea, rather than the top WebArea.
1640
1641         (-[WebCoreAXObject doAXTextMarkerForPosition:]):
1642         Use renamed methods for accessing top WebArea.
1643          
1644         (-[WebCoreAXObject doAXBoundsForTextMarkerRange:]):
1645         Use renamed methods for accessing self's WebArea.
1646
1647         (AXAttributeStringSetColor):
1648         (AXAttributeStringSetNumber):
1649         (AXAttributeStringSetFont):
1650         (AXAttributeStringSetStyle):
1651         (AXAttributeStringSetElement):
1652         (-[WebCoreAXObject rendererForView:]):
1653         Clean up uses of nil and NULL.
1654         
1655         (-[WebCoreAXObject accessibilityFocusedUIElement]):
1656         Find the focused node on the whole page. If there is no focused node,
1657         return the WebArea for the focused document.
1658         
1659         (-[WebCoreAXObject doSetAXSelectedTextMarkerRange:]):
1660         Use self's WebArea, rather than the top WebArea.
1661
1662 2007-04-02  Antti Koivisto  <antti@apple.com>
1663
1664         Fix build. This one was not supposed to be checked in.
1665
1666         * rendering/RenderFlexibleBox.cpp:
1667         (WebCore::RenderFlexibleBox::layoutBlock):
1668
1669 2007-03-30  Antti Koivisto  <antti@apple.com>
1670
1671         Reviewed by Hyatt.
1672
1673         Render tree memory savings, part 2
1674         
1675         - Move staticX and staticY variables to RenderLayer since they are only
1676           applicable to positioned objects
1677         - Move very rarely used overrideSize variable to hash
1678         
1679         These changes shrink all box types by 12 bytes
1680
1681         * rendering/RenderBox.cpp:
1682         (WebCore::RenderBox::RenderBox):
1683         (WebCore::RenderBox::destroy):
1684         (WebCore::RenderBox::overrideSize):
1685         (WebCore::RenderBox::setOverrideSize):
1686         (WebCore::RenderBox::overrideWidth):
1687         (WebCore::RenderBox::overrideHeight):
1688         (WebCore::RenderBox::position):
1689         (WebCore::RenderBox::calcWidth):
1690         (WebCore::RenderBox::calcHeight):
1691         (WebCore::RenderBox::staticX):
1692         (WebCore::RenderBox::staticY):
1693         (WebCore::RenderBox::setStaticX):
1694         (WebCore::RenderBox::setStaticY):
1695         (WebCore::RenderBox::calcAbsoluteHorizontal):
1696         (WebCore::RenderBox::calcAbsoluteVertical):
1697         (WebCore::RenderBox::calcAbsoluteHorizontalReplaced):
1698         (WebCore::RenderBox::calcAbsoluteVerticalReplaced):
1699         * rendering/RenderBox.h:
1700         * rendering/RenderLayer.cpp:
1701         (WebCore::RenderLayer::RenderLayer):
1702         * rendering/RenderLayer.h:
1703         (WebCore::RenderLayer::staticX):
1704         (WebCore::RenderLayer::staticY):
1705         (WebCore::RenderLayer::setStaticX):
1706         (WebCore::RenderLayer::setStaticY):
1707         * rendering/RenderObject.cpp:
1708         (WebCore::RenderObject::RenderObject):
1709         * rendering/RenderObject.h:
1710         (WebCore::):
1711         (WebCore::RenderObject::hasOverrideSize):
1712         (WebCore::RenderObject::setHasOverrideSize):
1713         * rendering/RenderWidget.cpp:
1714         (WebCore::RenderWidget::destroy):
1715
1716 2007-03-31  Krzysztof Kowalczyk  <kkowalczyk@gmail.com>
1717
1718         Not reviewed - gdk build fix.
1719
1720         * platform/gdk/TemporaryLinkStubs.cpp:
1721         (Font::selectionRectForComplexText):
1722         (Font::drawComplexText):
1723
1724 2007-03-31  Alexey Proskuryakov  <ap@webkit.org>
1725
1726         Reviewed by Darin.
1727
1728         http://bugs.webkit.org/show_bug.cgi?id=12778
1729         REGRESSION: Nightly won't load Curl plugin for full page use
1730
1731         * dom/DOMImplementation.cpp:
1732         (WebCore::DOMImplementation::createDocument): Re-order cases to give more priority to plugins.
1733         This also fixes Adobe SVG Viewer and any plugins that register XML MIME types.
1734         Added a case for XHTML to avoid enumerating plugins.
1735
1736 2007-03-31  David Hyatt  <hyatt@apple.com>
1737
1738         Fix for bug 13234, layout of selected justified text is broken.  Rework TextRuns to avoid having
1739         from/to members.  Let those be passed in only by the functions that need them (drawing and selection rect).
1740
1741         Reviewed by mitz
1742
1743         fast/text/justified-selection-at-edge.html
1744
1745         * platform/Font.cpp:
1746         (WebCore::WidthIterator::WidthIterator):
1747         (WebCore::WidthIterator::advance):
1748         (WebCore::Font::canUseGlyphCache):
1749         (WebCore::Font::drawSimpleText):
1750         (WebCore::Font::drawText):
1751         (WebCore::Font::floatWidth):
1752         (WebCore::Font::floatWidthForSimpleText):
1753         (WebCore::Font::selectionRectForText):
1754         (WebCore::Font::selectionRectForSimpleText):
1755         (WebCore::Font::offsetForPositionForSimpleText):
1756         * platform/Font.h:
1757         (WebCore::TextRun::m_len):
1758         * platform/graphics/GraphicsContext.cpp:
1759         (WebCore::GraphicsContext::drawText):
1760         (WebCore::GraphicsContext::drawHighlightForText):
1761         * platform/graphics/GraphicsContext.h:
1762         * platform/mac/FontMac.mm:
1763         (WebCore::addDirectionalOverride):
1764         (WebCore::overrideLayoutOperation):
1765         (WebCore::ATSULayoutParameters::initialize):
1766         (WebCore::Font::selectionRectForComplexText):
1767         (WebCore::Font::drawComplexText):
1768         (WebCore::Font::floatWidthForComplexText):
1769         (WebCore::Font::offsetForPositionForComplexText):
1770         * platform/qt/FontQt.cpp:
1771         (WebCore::Font::drawComplexText):
1772         (WebCore::Font::floatWidthForComplexText):
1773         * platform/qt/TemporaryLinkStubs.cpp:
1774         (Font::selectionRectForComplexText):
1775         * rendering/EllipsisBox.cpp:
1776         (WebCore::EllipsisBox::paint):
1777         * rendering/InlineTextBox.cpp:
1778         (WebCore::InlineTextBox::selectionRect):
1779         (WebCore::InlineTextBox::paint):
1780         (WebCore::InlineTextBox::paintSelection):
1781         (WebCore::InlineTextBox::paintMarkedTextBackground):
1782         (WebCore::InlineTextBox::paintSpellingOrGrammarMarker):
1783         (WebCore::InlineTextBox::paintTextMatchMarker):
1784         (WebCore::InlineTextBox::offsetForPosition):
1785         (WebCore::InlineTextBox::positionForOffset):
1786         * rendering/RenderListMarker.cpp:
1787         (WebCore::RenderListMarker::paint):
1788         (WebCore::RenderListMarker::calcMinMaxWidth):
1789         (WebCore::RenderListMarker::getRelativeMarkerRect):
1790         * rendering/RenderMenuList.cpp:
1791         (WebCore::RenderMenuList::updateOptionsWidth):
1792         * rendering/RenderText.cpp:
1793         (WebCore::RenderText::widthFromCache):
1794         (WebCore::RenderText::width):
1795
1796 2007-03-31  Mitz Pettel  <mitz@webkit.org>
1797
1798         Reviewed by Darin.
1799
1800         - fix http://bugs.webkit.org/show_bug.cgi?id=13243
1801               <rdar://problem/5103226>
1802           REGRESSION (r20506): Repro crash/assert when using scroll wheel on a list box taller than its contents
1803
1804         * platform/ScrollBar.cpp:
1805         (WebCore::Scrollbar::setValue): Cleaned up a little.
1806         (WebCore::Scrollbar::scroll): Changed to apply the minimum and maximum constraints
1807         in the right order, and cleaned up a little.
1808
1809 2007-03-31  Mitz Pettel  <mitz@webkit.org>
1810
1811         Reviewed by Darin.
1812
1813         - fix http://bugs.webkit.org/show_bug.cgi?id=13242
1814           REGRESSION: Repro crash when specifying the content property for an image
1815
1816         Test: fast/images/text-content-crash.html
1817
1818         * html/HTMLImageElement.cpp:
1819         (WebCore::HTMLImageElement::parseMappedAttribute): Added a check that the
1820         renderer is an image.
1821         (WebCore::HTMLImageElement::attach): Ditto.
1822
1823 2007-03-31  Mark Rowe  <mrowe@apple.com>
1824
1825         Reviewed by Darin.
1826
1827         A more correct fix for http://bugs.webkit.org/show_bug.cgi?id=13129
1828         Bug 13129: Democracy Player dies in NSException from WebScriptObject on startup
1829
1830         The previous attempt at a fix in r20343 attempted to conditionally expose the 'count'
1831         method.  It did not work which resulted in 'count' always being hidden.  This change
1832         disables -[WebScriptObject count] completely until it can be determined whether it is
1833         needed and how to support it without breaking third-party applications.
1834
1835         * bindings/objc/WebScriptObject.mm:
1836         (-[WebScriptObject count]):
1837         * bindings/objc/WebScriptObjectPrivate.h:
1838
1839 2007-03-31  Nicholas Shanks  <webkit@nickshanks.com>
1840
1841         Reviewed by Adele.
1842
1843         http://bugs.webkit.org/show_bug.cgi?id=13184
1844         HTMLImageElement longdesc should be complete resolved URL
1845
1846         Test: fast/dom/HTMLImageElement/image-longdesc-absolute-url.html
1847
1848         * html/HTMLImageElement.cpp:
1849         (WebCore::HTMLImageElement::longDesc): Return absolute URL.
1850         Behaviour now matches Firefox and Opera.
1851
1852 2007-03-31  Mitz Pettel  <mitz@webkit.org>
1853
1854         Reviewed by Hyatt.
1855
1856         - fix http://bugs.webkit.org/show_bug.cgi?id=13209
1857           REGRESSION (r18756-18765): Incomplete list marker repaint when resizing list item
1858
1859         Test: fast/repaint/list-marker-2.html
1860
1861         A list marker can increase the horizontal overflow after layoutInlineChildren(),
1862         so made that function return only the vertical bounds of the repaint rect. As the
1863         horizontal bounds, made layoutBlock() just use the overflow bounds after layout.
1864
1865         * rendering/RenderBlock.cpp:
1866         (WebCore::RenderBlock::layoutBlock):
1867         * rendering/RenderBlock.h:
1868         * rendering/bidi.cpp:
1869         (WebCore::RenderBlock::layoutInlineChildren):
1870
1871 2007-03-31  Mitz Pettel  <mitz@webkit.org>
1872
1873         Reviewed by Hyatt.
1874
1875         - http://bugs.webkit.org/show_bug.cgi?id=13178
1876           Helvetica zero-width space has non-zero width
1877
1878         Test: fast/text/wide-zero-width-space.html
1879
1880         * platform/FontData.cpp:
1881         (WebCore::FontData::FontData): Force the ZERO WIDTH SPACE glyph to have width
1882         0, unless the SPACE character maps to the same glyph.
1883
1884 2007-03-31  Mitz Pettel  <mitz@webkit.org>
1885
1886         Reviewed by Darin.
1887
1888         - fix http://bugs.webkit.org/show_bug.cgi?id=8016
1889           REPRO: Safari hangs loading 18 MB page (deeply nested DOM tree)
1890
1891         Test: fast/tokenizer/lessthan-terminates-tags-and-attrs.html
1892
1893         * html/HTMLTokenizer.cpp:
1894         (WebCore::HTMLTokenizer::parseTag): Made "<" terminate tag and attribute
1895         names. This matches Firefox.
1896
1897 2007-03-31  Alexey Proskuryakov  <ap@webkit.org>
1898
1899         Debug build fix.
1900
1901         * xml/XPathValue.cpp:
1902         (WebCore::XPath::): Define Value::adopt.
1903
1904 2007-03-30  Alexey Proskuryakov  <ap@webkit.org>
1905
1906         Reviewed by Darin.
1907
1908         http://bugs.webkit.org/show_bug.cgi?id=13021
1909         XPath can be very slow
1910
1911         This patch finally makes us faster than Firefox 2.0 on this test case.
1912
1913         * xml/XPathFunctions.cpp:
1914         (WebCore::XPath::FunConcat::evaluate): Use a Vector buffer for faster appending.
1915         (WebCore::XPath::FunId::evaluate): Move the result NodeSet into Value instead of copying it.
1916         (WebCore::XPath::FunLocalName::evaluate): Cosmetic changes.
1917         (WebCore::XPath::FunNamespaceURI::evaluate): Ditto.
1918         (WebCore::XPath::FunName::evaluate): Ditto.
1919         (WebCore::XPath::FunNormalizeSpace::evaluate): Ditto.
1920
1921         * xml/XPathValue.cpp:
1922         (WebCore::XPath::Value::toNodeSet):
1923         (WebCore::XPath::Value::modifiableNodeSet):
1924         (WebCore::XPath::Value::toBoolean):
1925         (WebCore::XPath::Value::toNumber):
1926         (WebCore::XPath::Value::toString):
1927         * xml/XPathValue.h:
1928         (WebCore::XPath::ValueData::ValueData):
1929         (WebCore::XPath::Value::Value):
1930         Made Value copying faster by putting large data members into a separate refcounted ValueData class.
1931         Added provisions for moving a NodeSet in and out of Value without copying.
1932         Made construction safer by moving bool version to a template constructor.
1933         Removed an (almost) unused default constructor.
1934
1935         * xml/XPathPredicate.h: Store a Value for literal string and number expressions to avoid 
1936         constructing one each time.
1937
1938         * xml/XPathPath.cpp:
1939         (WebCore::XPath::Filter::evaluate):
1940         (WebCore::XPath::LocationPath::evaluate):
1941         (WebCore::XPath::Path::evaluate):
1942         * xml/XPathPath.h:
1943         * xml/XPathPredicate.cpp:
1944         (WebCore::XPath::NumericOp::evaluate):
1945         (WebCore::XPath::Union::evaluate):
1946         * xml/XPathResult.cpp:
1947         (WebCore::XPathResult::snapshotItem):
1948         * xml/XPathStep.cpp:
1949         (WebCore::XPath::Step::evaluate):
1950         (WebCore::XPath::Step::nodesInAxis):
1951         * xml/XPathStep.h:
1952         Got rid of unnecessary NodeSet copying in many cases.
1953
1954 2007-03-30  Justin Garcia  <justin.garcia@apple.com>
1955
1956         Reviewed by john
1957
1958         <rdar://problem/5076323> Only one To Do can be created by a selection in a message
1959
1960         When Mail's ToDoify operation called moveToEndOfDocument: 
1961         with a selection that started just before a ToDo, we'd 
1962         move them to the end of the document, not to the end
1963         of the editable root, because we incorrectly checked
1964         for the editability of positions before ToDos.  Then Mail
1965         would refuse to create a ToDo because the selection was 
1966         outside of the region where they allowed editing.
1967
1968         * editing/SelectionController.cpp:
1969         (WebCore::SelectionController::modifyExtendingRightForward):
1970         Check the position for editability, not the position's node,
1971         since there are editable positions of the form [node, offset]
1972         where node is contenteditable=false.
1973         Re-use pos.  Nothing that happens after it's created can invalidate
1974         it or the position and affinity used to create it.
1975         (WebCore::SelectionController::modifyMovingRightForward): Ditto.
1976         (WebCore::SelectionController::modifyExtendingLeftBackward): Ditto.
1977         (WebCore::SelectionController::modifyMovingLeftBackward): Ditto.
1978         * rendering/RenderBlock.cpp:
1979         (WebCore::RenderBlock::paintCaret): Ditto.
1980
1981 2007-03-30  Adele Peterson  <adele@apple.com>
1982
1983         Reviewed by Darin.
1984
1985         Added DeleteWordBackward and DeleteWordForward to execCommand.
1986
1987         * editing/Editor.cpp:
1988         (WebCore::execDeleteWordBackward):
1989         (WebCore::execDeleteWordForward):
1990         (WebCore::CommandEntry::):
1991
1992 2007-03-30  Simon Hausmann  <hausmann@kde.org>
1993
1994         Reviewed by Zack
1995
1996         * WebCore.pro: Fix release Qt builds.
1997
1998 2007-03-30  Antti Koivisto  <antti@apple.com>
1999
2000         Reviewed by bdash.
2001
2002         Spotted an int that should be float in previous patch.
2003
2004         * platform/Font.cpp:
2005         (WebCore::WidthIterator::advance):
2006
2007 2007-03-30  Antti Koivisto  <antti@apple.com>
2008
2009         Reviewed by Hyatt.
2010
2011         Render tree memory savings, part 1
2012         
2013         - Eliminate caching of monospace char width from RenderText. This optimization is not needed
2014           anymore since Font already caches space width (RenderText -4 bytes)
2015         - Eliminate caching of tab width from RenderBlock. Similary this optimization has become
2016           obsolete (RenderBlock -4 bytes)
2017
2018         * platform/Font.cpp:
2019         (WebCore::WidthIterator::advance):
2020         (WebCore::Font::spaceWidth):
2021         * platform/Font.h:
2022         (WebCore::Font::tabWidth):
2023         * platform/TextStyle.h:
2024         (WebCore::TextStyle::TextStyle):
2025         (WebCore::TextStyle::allowTabs):
2026         * rendering/InlineTextBox.cpp:
2027         (WebCore::InlineTextBox::selectionRect):
2028         (WebCore::InlineTextBox::paint):
2029         (WebCore::InlineTextBox::paintSelection):
2030         (WebCore::InlineTextBox::paintMarkedTextBackground):
2031         (WebCore::InlineTextBox::paintSpellingOrGrammarMarker):
2032         (WebCore::InlineTextBox::paintTextMatchMarker):
2033         (WebCore::InlineTextBox::offsetForPosition):
2034         (WebCore::InlineTextBox::positionForOffset):
2035         * rendering/RenderBlock.cpp:
2036         (WebCore:::RenderFlow):
2037         (WebCore::RenderBlock::setStyle):
2038         * rendering/RenderBlock.h:
2039         * rendering/RenderObject.cpp:
2040         * rendering/RenderObject.h:
2041         * rendering/RenderText.cpp:
2042         (WebCore::RenderText::RenderText):
2043         (WebCore::RenderText::setStyle):
2044         (WebCore::RenderText::widthFromCache):
2045         (WebCore::RenderText::trimmedMinMaxWidth):
2046         (WebCore::RenderText::calcMinMaxWidthInternal):
2047         (WebCore::RenderText::setTextInternal):
2048         (WebCore::RenderText::width):
2049         * rendering/RenderText.h:
2050         (WebCore::RenderText::allowTabs):
2051         * rendering/bidi.cpp:
2052
2053 2007-03-30  David Hyatt  <hyatt@apple.com>
2054
2055         Fix (take 2) for bug 4334, flickering when floating elements gain/lose transparency.
2056
2057         Reviewed by mitz
2058
2059         * rendering/RenderBlock.cpp:
2060         * rendering/RenderBlock.h:
2061         * rendering/RenderBox.cpp:
2062         (WebCore::RenderBox::setStyle):
2063
2064 2007-03-29  Mitz Pettel  <mitz@webkit.org>
2065
2066         Reviewed by Darin.
2067
2068         - fix http://bugs.webkit.org/show_bug.cgi?id=13166
2069           REGRESSION (2005-10-16 - 2005-10-19): Ampersands showing up in the last column of the Gmail contacts table
2070
2071         Test: fast/tokenizer/write-partial-entity.html
2072
2073         * html/HTMLTokenizer.cpp:
2074         (WebCore::HTMLTokenizer::parseTag): Reordered to avoid resetting the buffer position
2075         after script execution which can write to the buffer.
2076
2077 2007-03-29  Justin Garcia  <justin.garcia@apple.com>
2078
2079         Reviewed by john
2080
2081         <rdar://problem/5099303> Deleting after a ToDo puts the caret in the wrong position
2082         
2083         We were failing to create the correct selection 
2084         for DeleteSelectionCommand because the selection extension 
2085         operations don't skip over non-editable content for editable 
2086         selections.
2087
2088         * editing/SelectionController.cpp:
2089         (WebCore::SelectionController::modifyExtendingRightForward):
2090         When extending an editable selection, don't extend into
2091         non-editable content.
2092         (WebCore::SelectionController::modifyExtendingLeftBackward):
2093         Ditto.
2094
2095 2007-03-29  Patti Hoa  <patti@apple.com>
2096
2097         Reviewed by harrison.
2098
2099         <rdar://problem/4918397> Exception raise inspecting note contents in the background
2100         * WebCore.xcodeproj/project.pbxproj:
2101         * bridge/mac/WebCoreAXObject.mm:
2102         (-[WebCoreAXObject subrole]):
2103         (-[WebCoreAXObject title]):
2104         Check that attachment supports the attribute before requesting it.
2105
2106 2007-03-29  Justin Garcia  <justin.garcia@apple.com>
2107
2108         Reviewed by john
2109
2110         <rdar://problem/5032066> Delete should work between ToDos
2111         
2112         Stop selecting the table when the user attempts to delete
2113         the line break just after it, instead, extend the selection
2114         into the last table cell.
2115         Let deletion merge content into table cells (as long as 
2116         its not from another table cell).  
2117         Start calling shouldInsertNode:replacingDOMRange:givenAction: 
2118         when moving content with moveParagraphs, so that Mail can 
2119         modify content before it is moved into a ToDo during a delete.
2120
2121         * editing/CompositeEditCommand.cpp:
2122         (WebCore::CompositeEditCommand::moveParagraphs): Ask the
2123         delegate before performing the move.  This will let Mail
2124         prevent styles from entering a ToDo.
2125         Added a FIXME about adding a new WebViewInsertAction
2126         * editing/DeleteSelectionCommand.cpp:
2127         (WebCore::DeleteSelectionCommand::initializePositionData):
2128         Allow merging into table cells from content not in a table.
2129         * editing/SelectionController.cpp:
2130         (WebCore::SelectionController::modifyExtendingRightForward):
2131         Don't select the table when extending by character/word from
2132         just before it.  This code was here to make it easier to select
2133         tables in order to delete them, but the deletion UI makes it 
2134         largely unnecessary.
2135         (WebCore::SelectionController::modifyExtendingLeftBackward):
2136         Ditto.
2137         * editing/TypingCommand.cpp:
2138         (WebCore::isFirstPositionAfterTable): Added.
2139         (WebCore::isLastPositionBeforeTable): Ditto.
2140         (WebCore::TypingCommand::deleteKeyPressed): When pressing
2141         the delete key with a caret at the beginning of a paragraph
2142         just after a table, move the paragraph into the last table
2143         cell.
2144         Do not do this if it would mean moving a block table.
2145         Removed some old irrelevant comments.
2146         * editing/htmlediting.cpp: Removed unused functions.
2147         * editing/htmlediting.h:
2148
2149 2007-03-29  Adam Treat  <adam@staikos.net>
2150
2151         Reviewed and committed by George Staikos.
2152
2153         Remove redundant line.
2154
2155         * platform/qt/FontDataQt.cpp:
2156         (WebCore::FontData::platformInit):
2157
2158 2007-03-29  Adam Treat  <adam@staikos.net>
2159
2160         Reviewed by David Hyatt, committed by George Staikos.
2161
2162         Test: fast/text/justified-selection.html
2163
2164         Take into account the entire run length to get a proper selection.
2165
2166         * platform/Font.cpp:
2167         (WebCore::WidthIterator::WidthIterator):
2168
2169 2007-03-29  David Hyatt  <hyatt@apple.com>
2170
2171         Fix for <rdar://problem/4545060>, technorati and arstechnica fail because of getComputedStyle not
2172         reporting display:none properly when it is set.  This is bugzilla bug 13103.
2173
2174         Reviewed by mitz
2175
2176         * css/CSSComputedStyleDeclaration.cpp:
2177         (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
2178
2179 2007-03-28  Oliver Hunt  <oliver@apple.com>
2180
2181         Reviewed by Hyatt.
2182
2183         Rename DocLoader::setPasteInProgress, etc to more generic 
2184         setAllowStaleResources, etc
2185
2186         * editing/Editor.cpp:
2187         (WebCore::Editor::paste):
2188         * loader/DocLoader.cpp:
2189         (WebCore::DocLoader::DocLoader):
2190         (WebCore::DocLoader::checkForReload):
2191         * loader/DocLoader.h:
2192         (WebCore::DocLoader::setAllowStaleResources):
2193         * page/DragController.cpp:
2194         (WebCore::DragController::concludeDrag):
2195
2196 2007-03-28  Oliver Hunt  <oliver@apple.com>
2197
2198         Reviewed by Anders and Steve.
2199
2200         Add a flag to DocLoader to prevent it from reloading 
2201         when performing a paste or drop operation.
2202         
2203         Remove m_cachePolicy from CachedResource as it is never used
2204         
2205         Fixes rdar://problem/5044366 : REGRESSION: Repro ASSERT failures 
2206         dragging image into GMail message in _web_writeImage and 
2207         documentFragmentFromDragData
2208
2209         * editing/Editor.cpp:
2210         (WebCore::Editor::paste):
2211           prevent the docloader from reloading resources on paste
2212         * html/HTMLImageLoader.cpp:
2213         (WebCore::HTMLImageLoader::updateFromElement):
2214         * loader/Cache.cpp:
2215         (WebCore::createResource):
2216         * loader/CachedCSSStyleSheet.cpp:
2217         (WebCore::CachedCSSStyleSheet::CachedCSSStyleSheet):
2218         * loader/CachedCSSStyleSheet.h:
2219         * loader/CachedImage.cpp:
2220         (WebCore::CachedImage::CachedImage):
2221         * loader/CachedImage.h:
2222         * loader/CachedResource.cpp:
2223         (WebCore::CachedResource::CachedResource):
2224         * loader/CachedResource.h:
2225         * loader/CachedScript.cpp:
2226         (WebCore::CachedScript::CachedScript):
2227         * loader/CachedScript.h:
2228         * loader/CachedXBLDocument.cpp:
2229         (WebCore::CachedXBLDocument::CachedXBLDocument):
2230         * loader/CachedXBLDocument.h:
2231         * loader/CachedXSLStyleSheet.cpp:
2232         (WebCore::CachedXSLStyleSheet::CachedXSLStyleSheet):
2233         * loader/CachedXSLStyleSheet.h:
2234         * loader/DocLoader.cpp:
2235         (WebCore::DocLoader::DocLoader):
2236            Tidy up constructor initialise new field
2237         (WebCore::DocLoader::checkForReload):
2238            Prevent reload when pasting
2239         * loader/DocLoader.h:
2240         (WebCore::DocLoader::setPasteInProgress):
2241           new field and setter
2242         * page/DragController.cpp:
2243         (WebCore::DragController::concludeDrag):
2244           prevent the docloader from reloading resources on drop
2245
2246 2007-03-27  Krzysztof Kowalczyk  <kkowalczyk@gmail.com>
2247
2248         Not reviewed - fix typo in gdk build.
2249
2250         * platform/gdk/ScrollViewGdk.cpp:
2251         (WebCore::ScrollView::contentsToWindow):
2252
2253 2007-03-28  Maciej Stachowiak  <mjs@apple.com>
2254         
2255         Reviewed by Darin.
2256         
2257         - fixed <rdar://problem/4820817> Autoscroll is broken in Mail.app (message jumps around when trying to select text)
2258                 
2259         Handle scrolling external scrollviews around the webview during
2260         autoscroll or when scrolling into view.
2261         
2262         This should also restore performance on BenchJS test 6 lost due to Tim's partial fix.
2263
2264         * page/FrameView.cpp:
2265         (WebCore::FrameView::scrollRectIntoViewRecursively):
2266         * page/FrameView.h:
2267         * platform/ScrollView.h:
2268         * platform/gdk/ScrollViewGdk.cpp:
2269         (WebCore::ScrollView::visibleContentRectConsideringExternalScrollers):
2270         (WebCore::ScrollView::scrollRectIntoViewRecursively):
2271         * platform/mac/ScrollViewMac.mm:
2272         (WebCore::ScrollView::visibleContentRect):
2273         (WebCore::ScrollView::visibleContentRectConsideringExternalScrollers):
2274         (WebCore::ScrollView::scrollRectIntoViewRecursively):
2275         (WebCore::ScrollView::updateContents):
2276         * platform/qt/ScrollViewQt.cpp:
2277         (WebCore::ScrollView::visibleContentRectConsideringExternalScrollers):
2278         (WebCore::ScrollView::scrollRectIntoViewRecursively):
2279         * platform/win/ScrollViewWin.cpp:
2280         (WebCore::ScrollView::visibleContentRectConsideringExternalScrollers):
2281         * platform/win/TemporaryLinkStubs.cpp:
2282         (WebCore::ScrollView::scrollRectIntoViewRecursively):
2283         * rendering/RenderLayer.cpp:
2284         (WebCore::RenderLayer::scrollRectToVisible):
2285        
2286 2007-03-28  Jungshik Shin  <jungshik.shin@gmail.com>
2287
2288         Reviewed  and landed by Darin
2289
2290         Get rid of some misuses of |islower| and |tolower| for non-ASCII characters.
2291         http://bugs.webkit.org/show_bug.cgi?id=13138
2292
2293         * platform/StringImpl.cpp:
2294         (WebCore::StringImpl::isLower):
2295         (WebCore::StringImpl::lower):
2296         (WebCore::StringImpl::equalIgnoringCase):
2297
2298 2007-03-28  Antti Koivisto  <antti@apple.com>
2299
2300         Reviewed by Hyatt.
2301
2302         Fix <rdar://problem/5092653>
2303         REGRESSION: Image decoding making scrolling slow
2304         
2305         If decoder gave back a null frame (which I think happens regularly if you don't have full frame 
2306         data yet for image that does not decode incrementally) m_decodedSize was incremented anyway. This
2307         led to massive growth in calculated image size and eventually made cache prune constantly. 
2308         
2309         No test, I don't know how to make one for this.
2310
2311         * platform/graphics/BitmapImage.cpp:
2312         (WebCore::BitmapImage::cacheFrame):
2313
2314 2007-03-28  Adele Peterson  <adele@apple.com>
2315
2316         Reviewed by Kevin M.
2317
2318         WebCore part of fix for <rdar://problem/5095515> VitalSource Bookshelf should not pass return statements into stringByEvaluatingJavaScriptFromString
2319
2320         * page/mac/WebCoreFrameBridge.mm: (-[WebCoreFrameBridge stringByEvaluatingJavaScriptFromString:forceUserGesture:]):
2321         Convert return value to a string.  This matches the behavior in Safari 2.0.
2322
2323 2007-03-28  Alexey Proskuryakov  <ap@webkit.org>
2324
2325         Reviewed by Darin.
2326
2327         http://bugs.webkit.org/show_bug.cgi?id=13190
2328         XPath incorrectly handles namespaces on attributes
2329
2330         * xml/XPathStep.cpp:
2331         (WebCore::XPath::Step::nodesInAxis): Added a special case for faster attribute lookup; gives a slight but 
2332         measurable performance improvement for bug 13021.
2333         (WebCore::XPath::Step::nodeMatches): Fixed NameTest for attribute nodes.
2334
2335         * xml/XPathStep.h:
2336         (WebCore::XPath::Step::NodeTest::NodeTest):
2337         (WebCore::XPath::Step::NodeTest::namespaceURI):
2338         (WebCore::XPath::Step::nodeTest):
2339         (WebCore::XPath::Step::setNodeTest):
2340         Move m_namespaceURI to NodeTest, where it belongs. Removed unused m_nodeTestData (oops!).
2341
2342         * xml/XPathGrammar.y:
2343         * xml/XPathPath.cpp:
2344         (WebCore::XPath::LocationPath::optimizeStepPair):
2345         Accounted for the above change.
2346
2347 2007-03-28  Oliver Hunt  <oliver@apple.com>
2348
2349         rs=Hyatt.
2350
2351         Rollout local changes :-/
2352
2353         * loader/Cache.cpp:
2354         (WebCore::Cache::pruneAllResources):
2355         (WebCore::Cache::remove):
2356
2357 2007-03-28  Oliver Hunt  <oliver@apple.com>
2358
2359         Reviewed by Hyatt.
2360
2361         Roll out r20511 due to incredible badness
2362
2363         * loader/Cache.cpp:
2364         (WebCore::Cache::pruneAllResources):
2365         (WebCore::Cache::remove):
2366
2367 2007-03-27  Oliver Hunt  <oliver@apple.com>
2368
2369         Reviewed by Adam.
2370
2371         Don't enforce text-selection drag delay when we are
2372         going to drag an image anyway.
2373
2374         Fixes rdar://problem/4668935
2375
2376         * page/EventHandler.cpp:
2377         (WebCore::EventHandler::handleDrag):
2378
2379 2007-03-27  Justin Garcia  <justin.garcia@apple.com>
2380
2381         Build fix
2382         
2383         * editing/markup.cpp:
2384         (WebCore::startMarkup):
2385
2386 2007-03-27  Justin Garcia  <justin.garcia@apple.com>
2387
2388         Reviewed by darin
2389         
2390         <rdar://problem/5091898> REGRESSION: GMail Editor: A line of underlined text copied with Select All pastes with wrong font family
2391         
2392         createMarkup skipped elements if they were blocks
2393         when called from moveParagraphs (because that function 
2394         must receive only inline content).  This patch adds 
2395         code to inline these blocks instead of skipping them 
2396         so that we don't lose any of the style that they 
2397         contribute to the copied markup.
2398
2399         * editing/markup.cpp:
2400         (WebCore::startMarkup): Add an inlineBlocks option.
2401         Make sure to overwrite display:block coming from
2402         a style sheet or the inline style declaration.
2403         (WebCore::createMarkup): Don't refuse to include a 
2404         specialCommonAncestor that's a block if we were asked 
2405         to include only inline content, since we can now inline 
2406         block elements in startMarkup.
2407
2408 2007-03-27  Adele Peterson  <adele@apple.com>
2409
2410         Reviewed by Hyatt.
2411
2412         Fix for <rdar://problem/5026141> REGRESSION: Aperture Viewer Flashes when switching from Index Page to Detail page in Web Gallery
2413
2414         This disables the paint that occurs after WebCore finishes loading the document.  We should reenable this when we
2415         move the dispatchDidFinishLoad delegate callback to happen around the same time as the JS onload call.  See <rdar://problem/5092361>.
2416
2417         * dom/Document.cpp: (WebCore::Document::implicitClose):
2418
2419 2007-03-26  Justin Garcia  <justin.garcia@apple.com>
2420
2421         Reviewed by darin
2422         
2423         <rdar://problem/5065910> REGRESSION: In Mail and GMail, Can't apply color to pasted line of text
2424         <rdar://problem/5084241> After deleting a paragraph of colored text, can't change text color
2425         <rdar://problem/5065605> REGRESSION: Text copied with Select All + Copy loses color on Paste
2426         <rdar://problem/4916887> GMAIL: Can't apply color to text once it becomes indented
2427
2428         * css/CSSComputedStyleDeclaration.cpp:
2429         (WebCore::CSSComputedStyleDeclaration::copyInheritableProperties):
2430         If a node's text fill color is invalid, then its children use 
2431         their font-color as their text fill color (they don't inherit 
2432         it).  Likewise for stroke color.
2433
2434 2007-03-27  Anders Carlsson  <acarlsson@apple.com>
2435
2436         * platform/ScrollBar.h:
2437         Use wtf/MathExtras.h instead of math.h
2438
2439 2007-03-27  Zack Rusin  <zrusin@trolltech.com>
2440
2441         Fix the compile - when using math.h functions
2442         actually include the header with them.
2443
2444         * platform/ScrollBar.h:
2445
2446 2007-03-27  Oliver Hunt  <oliver@apple.com>
2447
2448         Reviewed by Maciej.
2449
2450         The WebArchiver needs all the subresources of a document to be accessible
2451         through the DocLoader, so we can't remove a CachedResource simultaneously
2452         from the global Cache and all DocLoaders, just because it needs to be 
2453         reloaded in one.
2454
2455         Fixes rdar://problem/5044366
2456
2457         * loader/Cache.cpp:
2458         (WebCore::Cache::remove):
2459            Don't evict the resource from all DocLoaders
2460         * manual-tests/test-iframes-loading-the-same-resource.html: Added.
2461            Alas it wasn't possible to make a nice layout test, even this manual test
2462            is not entirely deterministic
2463
2464 2007-03-27  Mark Rowe  <mrowe@apple.com>
2465
2466         Build fix.
2467
2468         * platform/GlyphBuffer.h:
2469         (WebCore::GlyphBuffer::clear):
2470
2471 2007-03-27  Dave Hyatt  <hyatt@apple.com>
2472
2473         Add support for glyph offsets to the GlyphBuffer.
2474        
2475         Reviewed by olliej
2476
2477         * platform/Font.cpp:
2478         (WebCore::Font::drawGlyphBuffer):
2479         * platform/GlyphBuffer.h:
2480         (WebCore::GlyphBuffer::clear):
2481         (WebCore::GlyphBuffer::swap):
2482         (WebCore::GlyphBuffer::offsetAt):
2483         (WebCore::GlyphBuffer::add):
2484
2485 2007-03-27  Antti Koivisto  <antti@apple.com>
2486
2487         Keep buildbot happy.
2488
2489         * platform/mac/PlatformScrollBarMac.mm:
2490         (WebCore::PlatformScrollbar::scrollbarHit):
2491
2492 2007-03-26  Antti Koivisto  <antti@apple.com>
2493
2494         Reviewed by Darin.
2495         
2496         On Mac, support fine grained wheel events generated by trackpad and Mighty Mouse.
2497         http://bugs.webkit.org/show_bug.cgi?id=13134
2498         <rdar://problem/5076249?
2499
2500         * WebCore.exp:
2501             Export _wkGetWheelEventDeltas
2502         * page/EventHandler.cpp:
2503         (WebCore::EventHandler::handleWheelEvent):
2504             Remove (0, 0) scroll event hack, it is not needed anymore.
2505             Do per-pixel scrolling for fine grained events.
2506         * platform/PlatformWheelEvent.h:
2507         (WebCore::PlatformWheelEvent::isContinuous):
2508             Add new m_isContinuous boolean to indicate fine grained wheel events.
2509         * platform/ScrollBar.cpp:
2510         (WebCore::Scrollbar::Scrollbar):
2511         (WebCore::Scrollbar::setValue):
2512         (WebCore::Scrollbar::setSteps):
2513         (WebCore::Scrollbar::scroll):
2514         * platform/ScrollBar.h:
2515         (WebCore::Scrollbar::value):
2516             Use float to represent current position to support finer grained scrolling.
2517             Add ScrollByPixel, remove ScrollByWheel (which was same as ScrollByLine anyway)
2518         * platform/ScrollTypes.h:
2519         (WebCore::):
2520         * platform/gdk/WheelEventGdk.cpp:
2521         (WebCore::PlatformWheelEvent::PlatformWheelEvent):
2522             Initalize m_isContinuous
2523         * platform/mac/WebCoreSystemInterface.h:
2524         * platform/mac/WebCoreSystemInterface.mm:
2525             Add wkGetWheelEventDeltas for getting fine grained wheel events
2526         * platform/mac/WheelEventMac.mm:
2527         (WebCore::PlatformWheelEvent::PlatformWheelEvent):
2528             Get the wheel deltas using new wkGetWheelEventDeltas interface
2529         * platform/qt/WheelEventQt.cpp:
2530         (WebCore::PlatformWheelEvent::PlatformWheelEvent):
2531             Initalize m_isContinuous
2532         * rendering/RenderListBox.cpp:
2533         (WebCore::RenderListBox::calcHeight):
2534             Pass item height to scrollbar
2535
2536 2007-03-26  Geoffrey Garen  <ggaren@apple.com>
2537
2538         Reviewed by Darin Adler.
2539
2540         Fixed <rdar://problem/5088234> REGRESSION: Crash occurs at WebCore::Node::
2541         createRendererIfNeeded() when changing map views with MS Virtual Earth 
2542         (http://www.ziprealty.com/)
2543         
2544         The cause of the crash was the insertion of a <script> element whose
2545         script removed it from the document. The <script> element would then be 
2546         garbage when the insertion routine went on to attach() it.
2547         
2548         The solution here is to check that an element is still your child before
2549         trying to attach() it. This matches the style of checks we do elsewhere
2550         in the node insertion and removal code.
2551
2552         * dom/ContainerNode.cpp:
2553         (WebCore::ContainerNode::insertBefore):
2554         (WebCore::ContainerNode::replaceChild):
2555         (WebCore::ContainerNode::appendChild):
2556
2557 2007-03-26  David Carson  <dacarson@gmail.com>
2558
2559         Reviewed by Darin, landed by Anders.
2560
2561         Manual test case for: REGRESSION (r19559): Java applet crash
2562         http://bugs.webkit.org/show_bug.cgi?id=13142
2563         <rdar://problem/5080340>
2564
2565         * manual-tests/liveconnect-applet-get-boolean.html: Added.
2566         * manual-tests/resources/CheckerApplet.class: Added.
2567         * manual-tests/resources/CheckerApplet.java: Added.
2568
2569 2007-03-26  Mitz Pettel  <mitz@webkit.org>
2570
2571         Reviewed and landed by Darin.
2572
2573         - fix http://bugs.webkit.org/show_bug.cgi?id=13194
2574           <rdar://problem/5087738>
2575           REGRESSION: Selection rects are wrong for images in search results from images.google.com
2576
2577         Test: fast/replaced/selection-rect-in-table-cell.html
2578
2579         * rendering/RenderReplaced.cpp:
2580         (WebCore::RenderReplaced::selectionRect):
2581
2582 2007-03-26  Geoffrey Garen  <ggaren@apple.com>
2583
2584         Removed now-stale #includes of <assert.h>.
2585         
2586         * WebCorePrefix.h:
2587         * config.h:
2588         * css/CSSGrammar.y:
2589         * platform/Arena.cpp:
2590         * platform/KURL.cpp:
2591         * platform/SegmentedString.h:
2592         * rendering/DataRef.h:
2593         * rendering/RenderArena.cpp:
2594
2595 2007-03-26  Geoffrey Garen  <ggaren@apple.com>
2596
2597         Reviewed by Kevin McCulough.
2598
2599         Global replace of "assert(" with "ASSERT(" to assist debugging. Removed
2600         one instance of commented-out code containing "assert(" instead of replacing it.
2601
2602 2007-03-25  Antti Koivisto  <antti@apple.com>
2603
2604         Reviewed by Adam.
2605
2606         Fix <rdar://problem/5049842>
2607         Gmail Editor: Dragging message text in the message body results in a crash at WebCore::Frame::eventHandler()
2608
2609         Null check frame in m_dragTarget, it might be gone already.
2610
2611         * page/EventHandler.cpp:
2612         (WebCore::EventHandler::updateDragAndDrop):
2613         (WebCore::EventHandler::cancelDragAndDrop):
2614         (WebCore::EventHandler::performDragAndDrop):
2615
2616 2007-03-25  Alexey Proskuryakov  <ap@webkit.org>
2617
2618         Reviewed by Darin.
2619
2620         A partial fix for http://bugs.webkit.org/show_bug.cgi?id=13021
2621         XPath can be very slow
2622
2623         * xml/XPathExpression.cpp:
2624         (WebCore::XPathExpression::evaluate): Reset a reference to the context node, as this may prevent the whole document
2625         from being destroyed in time.
2626
2627         * dom/Attr.cpp:
2628         (WebCore::Attr::createTextChild): Instead of calling appendChild(), just do the few operations it really needs to perform.
2629         * dom/ContainerNode.h:
2630         (WebCore::ContainerNode::fastSetFirstChild):
2631         (WebCore::ContainerNode::fastSetLastChild):
2632         Added operations that let Attr hack internal ContainerNode data (evil, but fast!).
2633
2634         * xml/XPathStep.cpp:
2635         (WebCore::XPath::Step::evaluate):
2636         (WebCore::XPath::Step::nodesInAxis):
2637         (WebCore::XPath::Step::nodeMatches):
2638         * xml/XPathStep.h:
2639         Merged node testing into axis enumeration. This saves a lot of Vector resizing and passing, and is necessary for future 
2640         optimizations (sometimes, we can just pick the single result node instead of enumerating and filtering the whole axis).
2641
2642 2007-03-24  Mitz Pettel  <mitz@webkit.org>
2643
2644         Reviewed by Darin.
2645
2646         - fix http://bugs.webkit.org/show_bug.cgi?id=13156
2647           REGRESSION (r19621): Pasting breakable content where wrapped line is too long to fit in a textarea fails to draw a horizontal scrollbar
2648
2649         Test: fast/text/midword-break-after-breakable-char.html
2650
2651         Breaking in the middle of the word
2652         is allowed only if no breaking opportunity between words has occurred yet. The
2653         first position on the line should not be considered "between words" even if
2654         it is a breaking opportunity.
2655         
2656         * rendering/bidi.cpp:
2657         (WebCore::RenderBlock::findNextLineBreak): Changed according to the above. Also
2658         cleaned up a couple of lines.
2659
2660 2007-03-24  David Hyatt  <hyatt@apple.com>
2661
2662         Fix for bugzilla bug 13187, place a hard limit on the amount of decoded data that WebCore will keep
2663         around even on live pages (pages being displayed in tabs/windows or in the back/forward cache).
2664         Images will decode to paint and once the decoded data exceeds the cache size, the decoded data will be
2665         tossed.
2666
2667         Refine the flushing algorithm to apply the two-pass decode/evict model to each LRU-SP queue individually, rather
2668         than to all the lists at once.  This allows the cache to evict large encoded resources before flushing small
2669         or frequently accessed decoded onces.
2670
2671         Added information on live/decoded data to the cache statistics.
2672
2673         Reviewed by darin
2674
2675         * loader/Cache.cpp:
2676         (WebCore::Cache::Cache):
2677         (WebCore::Cache::pruneLiveResources):
2678         (WebCore::Cache::pruneAllResources):
2679         (WebCore::Cache::setMaximumSize):
2680         (WebCore::Cache::remove):
2681         (WebCore::Cache::lruListFor):
2682         (WebCore::Cache::removeFromLRUList):
2683         (WebCore::Cache::insertInLRUList):
2684         (WebCore::Cache::liveLRUListFor):
2685         (WebCore::Cache::removeFromLiveResourcesList):
2686         (WebCore::Cache::insertInLiveResourcesList):
2687         (WebCore::Cache::addToLiveResourcesSize):
2688         (WebCore::Cache::removeFromLiveResourcesSize):
2689         (WebCore::Cache::adjustSize):
2690         (WebCore::Cache::getStatistics):
2691         * loader/Cache.h:
2692         (WebCore::Cache::TypeStatistic::TypeStatistic):
2693         * loader/CachedImage.cpp:
2694         (WebCore::CachedImage::decodedSizeWillChange):
2695         (WebCore::CachedImage::decodedSizeChanged):
2696         * loader/CachedImage.h:
2697         * loader/CachedResource.cpp:
2698         (WebCore::CachedResource::CachedResource):
2699         (WebCore::CachedResource::ref):
2700         (WebCore::CachedResource::deref):
2701         (WebCore::CachedResource::setEncodedSize):
2702         (WebCore::CachedResource::liveResourceAccessed):
2703         * loader/CachedResource.h:
2704         (WebCore::CachedResource::liveAccessCount):
2705         (WebCore::CachedResource::resetLiveAccessCount):
2706         (WebCore::CachedResource::increaseLiveAccessCount):
2707         * platform/graphics/BitmapImage.cpp:
2708         (WebCore::BitmapImage::destroyDecodedData):
2709         (WebCore::BitmapImage::cacheFrame):
2710         * platform/graphics/ImageObserver.h:
2711         * rendering/RenderBox.cpp:
2712         (WebCore::RenderBox::paintBackgroundExtended):
2713         * rendering/RenderImage.cpp:
2714         (WebCore::RenderImage::paint):
2715         * rendering/RenderListMarker.cpp:
2716         (WebCore::RenderListMarker::paint):
2717         * rendering/RenderObject.cpp:
2718         (WebCore::RenderObject::paintBorderImage):
2719
2720 2007-03-24  Darin Adler  <darin@apple.com>
2721
2722         Reviewed by Mitz.
2723
2724         - fix http://bugs.webkit.org/show_bug.cgi?id=13123
2725           CSS selectors that use :lang, :not, and namespaces do not serialize correctly
2726
2727         Test: fast/css/css-selector-text.html
2728
2729         * css/CSSSelector.cpp: (WebCore::CSSSelector::selectorText): Add the namespace
2730         prefix for tag or attribute names, the sub-selector for :not, and the argument
2731         for :lang.
2732
2733 2007-03-24  Brady Eidson  <beidson@apple.com>
2734
2735         Reviewed by Adam
2736
2737         <rdar://problem/5086210> - Move RetainPtr to WTF
2738
2739         * ForwardingHeaders/wtf/RetainPtr.h: Added.
2740         * WebCore.xcodeproj/project.pbxproj: Removed WebCore/RetainPtr.h
2741         
2742         * history/HistoryItem.h: Changed #include to <wtf/RetainPtr.h>
2743         * history/PageCache.h: Ditto
2744         * page/mac/WebCoreFrameBridge.mm: Ditto
2745         * platform/ContextMenu.h: Ditto
2746         * platform/ContextMenuItem.h: Ditto
2747         * platform/DragImage.h: Ditto
2748         * platform/FileChooser.h: Ditto
2749         * platform/PlatformKeyboardEvent.h: Ditto
2750         * platform/PopupMenu.h: Ditto
2751         * platform/SharedBuffer.h: Ditto
2752         * platform/cf/RetainPtr.h: Removed.
2753         * platform/graphics/Icon.h: Changed #include
2754         * platform/mac/ClipboardMac.h: Ditto
2755         * platform/mac/PasteboardMac.mm: Ditto
2756         * platform/mac/WidgetMac.mm: Ditto
2757         * platform/network/AuthenticationChallenge.h: Ditto
2758         * platform/network/ResourceError.h: Ditto
2759         * platform/network/ResourceHandle.h: Ditto
2760         * platform/network/ResourceRequest.h: Ditto
2761         * platform/network/ResourceResponse.h: Ditto
2762         * rendering/RenderThemeMac.mm: Ditto
2763
2764 2007-03-24  Mitz Pettel  <mitz@webkit.org>
2765
2766         Fix for <rdar://problem/5086797>, layoutPending is now reporting incorrect results, which will lead
2767         to all sorts of layout issues.  This is in bugzilla as 13179.
2768
2769         Reviewed by hyatt
2770
2771         - fix http://bugs.webkit.org/show_bug.cgi?id=13179
2772           REGRESSION (r20410): In debug builds, loading a certain page is suspended until redisplay is forced
2773
2774         Moved the root->needsLayout() check from layoutPending() to needsLayout()
2775         to restore the behavior before r20324.
2776
2777         * page/FrameView.cpp:
2778         (WebCore::FrameView::layoutPending):
2779         (WebCore::FrameView::needsLayout):
2780
2781 2007-03-24  Mitz Pettel  <mitz@webkit.org>
2782
2783         Reviewed by Adele.
2784
2785         - fix http://bugs.webkit.org/show_bug.cgi?id=13180
2786               <rdar://problem/5084478>
2787           Another debug build crash from ASSERTION FAILED: !needsLayout()
2788
2789         No test possible because updateRendering() is always called after script
2790         execution.
2791
2792         * page/FrameView.cpp:
2793         (WebCore::FrameView::layout): Get the layout root after calling recalcStyle()
2794         since a style recalc may result in needing to do start layout at the root.
2795
2796 2007-03-24  Nikolas Zimmermann  <zimmermann@kde.org>
2797
2798         Not reviewed. Build fix.
2799
2800         Fix FloatRect vs. IntRect confusion.
2801
2802         * rendering/RenderSVGImage.cpp:
2803         (WebCore::RenderSVGImage::nodeAtPoint):
2804
2805 2007-03-25  Mark Rowe  <mrowe@apple.com>
2806
2807         Fix incorrect radar number.
2808
2809         * platform/network/mac/ResourceHandleMac.mm:
2810         (-[WebCoreResourceHandleAsDelegate connection:willCacheResponse:]):
2811
2812 2007-03-23  Nikolas Zimmermann  <zimmermann@kde.org>
2813
2814         Reviewed by Oliver.
2815
2816         Fix all known RenderSVGImage problems.
2817
2818         Fixes: http://bugs.webkit.org/show_bug.cgi?id=12126 (RenderSVGImage seems to suffer from integer overflow)
2819         Fixes: http://bugs.webkit.org/show_bug.cgi?id=12442 (raster images disappearing during script execution (SVG))
2820         Fixes: http://bugs.webkit.org/show_bug.cgi?id=12572 (WebKit does not properly invalidate image region after image load)
2821
2822         Added test: svg/custom/scrolling-embedded-svg-file-image-repaint-problem.html
2823
2824         In RenderSVGImage::paint, do not call shouldPaint() as this will never work properly for SVG renderers, as shouldPaint
2825         doesn't take into account any special SVG transformation (localTransform/absoluteTransform). Just remove the call.
2826
2827         Fix hit detection on RenderSVGImage - it didn't work properly at all. No idea why I didn't notice before.
2828         Thanks Andreas Neumann once again for writing excellent bug reports and pointing me to them :-)
2829
2830         The carto.net navigation tools work as expected now, and also the "dock like" image effect example.
2831
2832         * rendering/RenderSVGImage.cpp:
2833         (WebCore::RenderSVGImage::paint):
2834         (WebCore::RenderSVGImage::nodeAtPoint):
2835
2836 2007-03-24  Mitz Pettel  <mitz@webkit.org>
2837
2838         Reviewed by Dave Hyatt.
2839
2840         - http://bugs.webkit.org/show_bug.cgi?id=13177
2841           Suppress control characters in the ATSUI code path
2842
2843         * platform/mac/FontMac.mm:
2844         (WebCore::overrideLayoutOperation):
2845         (WebCore::ATSULayoutParameters::initialize):
2846
2847 2007-03-24  David Hyatt  <hyatt@apple.com>
2848
2849         Fix for <rdar://problem/5086400>, images scrolled offscreen continue to animate.  Safari 2 would
2850         halt animations when images were no longer visible.
2851
2852         Reviewed by mjs, olliej
2853
2854         * platform/graphics/BitmapImage.cpp:
2855         (WebCore::BitmapImage::advanceAnimation):
2856
2857 2007-03-24  David Hyatt  <hyatt@apple.com>
2858
2859         Fix for <rdar://problem/508328>, sluggish text entry in search field.  Make sure
2860         our size actually changed before we decide to do a full repaint because of background/border
2861         complexities.
2862
2863         Reviewed by aroben
2864
2865         * rendering/RenderObject.cpp:
2866         (WebCore::RenderObject::repaintAfterLayoutIfNeeded):
2867
2868 2007-03-23  Dave Hyatt  <hyatt@apple.com>
2869
2870         Fix for <rdar://problem/5048219>, spurious glyphs in gmail.   This is bugzilla bug 13136, which
2871         will remain open to cover patching the complex text path.
2872         
2873         Reviewed by aroben
2874
2875         * platform/Font.cpp:
2876         (WebCore::Font::glyphDataForCharacter):
2877         * platform/Font.h:
2878         (WebCore::Font::treatAsZeroWidthSpace):
2879         * platform/GlyphPageTreeNode.cpp:
2880         (WebCore::GlyphPageTreeNode::initializePage):
2881
2882 2007-03-23  Mitz Pettel  <mitz@webkit.org>
2883
2884         Reviewed by Adele.
2885
2886         - fix http://bugs.webkit.org/show_bug.cgi?id=13153
2887           REGRESSION: Visual highlighting of pre-populated blank line in textarea is broken
2888
2889         - fix a bug where selecting across a soft line break did not highlight to
2890           the end of the first line if it contained skipped whitespace
2891
2892         Test: fast/text/selection-hard-linebreak.html
2893
2894         * rendering/InlineTextBox.cpp:
2895         (WebCore::InlineTextBox::selectionState): Changed to treat a selection that ends on the
2896         end of a hard line break as if it ends after the line break. Fixed the case of a selection
2897         that starts and ends in the same text object as the box but does not intersect it
2898         to return SelectionNone instead of selectionBoth.
2899
2900 2007-03-23  Mitz Pettel  <mitz@webkit.org>
2901
2902         Reviewed by Adele.
2903
2904         - fix http://bugs.webkit.org/show_bug.cgi?id=13124
2905           REGRESSION: Reproducible crash in Widget::getView
2906
2907         Test: fast/frames/hover-timer-crash.html
2908
2909         * page/Frame.cpp:
2910         (WebCore::Frame::setView): Added a call to EventHandler::clear().
2911
2912 2007-03-23  Justin Garcia  <justin.garcia@apple.com>
2913
2914         Reviewed by adele
2915
2916         <rdar://problem/5078739> 
2917         Crash in in ReplaceSelectionCommand if the fragment contains only a style span
2918
2919         * editing/ReplaceSelectionCommand.cpp:
2920         (WebCore::ReplaceSelectionCommand::doApply): Check 
2921         for an empty fragment after removing a redundant
2922         style span instead of before.
2923
2924 2007-03-23  David Hyatt  <hyatt@apple.com>
2925
2926         <rdar://problem/5085063>
2927
2928         Fix non-looping animation on cuteoverload.com. Just always flush
2929         decoded data for large animated images to avoid our cache getting
2930         out of sync with the image source.
2931
2932         Reviewed by ggaren
2933
2934         * platform/graphics/BitmapImage.cpp:
2935         (WebCore::BitmapImage::advanceAnimation):
2936
2937 2007-03-23  Adele Peterson  <adele@apple.com>
2938
2939         Reviewed by Darin.
2940
2941         Fix for <rdar://problem/5061024> REGRESSION: Returning false from onkeypress event on Input is ignored when key is Tab
2942         http://bugs.webkit.org/show_bug.cgi?id= 13020
2943
2944         No known way to add a layout test for this.  We would need a way to know exactly how the event was consumed.
2945
2946         * page/EventHandler.cpp: (WebCore::EventHandler::defaultKeyboardEventHandler):
2947           If the keypress event has its default behavior prevented, then we should consider the keydown event handled.
2948
2949 2007-03-23  Justin Garcia  <justin.garcia@apple.com>
2950
2951         Reviewed by darin
2952
2953         <rdar://problem/5080333> 
2954         REGRESSION: Selection changes when changing the alignment of an image
2955         
2956         Regression occurred when we started using moveParagraphs
2957         to move content in applyBlockStyle.  moveParagraphs 
2958         moves by copying, deleting and reinserting content, and
2959         so must be accompanied by selection preservation code.
2960         That code uses rangeFromLocationAndLength and rangeLength,
2961         which use TextIterators, which don't emit anything for images 
2962         and other replaced elements, causing this bug.
2963
2964         * editing/ApplyStyleCommand.cpp:
2965         (WebCore::ApplyStyleCommand::applyBlockStyle): Ask rangeLength 
2966         and rangeFromLocationAndLength to request that their
2967         TextIterators emit spaces for replaced elements.
2968         Use rangeCompliantEquivalent()s when creating a Range from
2969         VisiblePositions, since some VisiblePositions have illegal
2970         deepEquivalent()s.
2971         * editing/CompositeEditCommand.cpp:
2972         (WebCore::CompositeEditCommand::moveParagraphs): Ditto.
2973         * editing/TextIterator.cpp:
2974         (WebCore::TextIterator::TextIterator):
2975         (WebCore::TextIterator::handleReplacedElement): Emit
2976         a space if requested.
2977         (WebCore::TextIterator::representNodeOffsetZero): Emit
2978         ranges before m_node, not around m_lastTextNode.  These
2979         ranges should represent the part of the document associated
2980         with the emitted character. 
2981         (WebCore::TextIterator::rangeLength): Take in the new bool.
2982         (WebCore::TextIterator::rangeFromLocationAndLength): Ditto.
2983         Also, don't loop an extra time after finding the end of the
2984         range when we're looking for zero length ranges.  This appeared
2985         to be a workaround for the bugs fixed in representNodeOffsetZero
2986         in this patch.
2987         * editing/TextIterator.h:
2988
2989 2007-03-24  Mark Rowe  <mrowe@apple.com>
2990
2991         Rubber-stamped by Darin.
2992
2993         * Configurations/WebCore.xcconfig: Remove unnecessary INFOPLIST_PREPROCESS.
2994
2995 2007-03-23  Darin Adler  <darin@apple.com>
2996
2997         * html/HTMLBodyElement.cpp: Fix comment typo.
2998
2999 2007-03-23  Adam Treat  <adam@staikos.net>
3000
3001         Reviewed and committed by George.
3002
3003         Patch from Adam Treat to make the Qt build work without SVG and XSLT.
3004         XMLNames is required in any case.
3005
3006         * WebCore.pro:
3007
3008 2007-03-23  Darin Adler  <darin@apple.com>
3009
3010         Reviewed by Hyatt.
3011
3012         - <rdar://problem/5074439> handle margins on frame and iframe elements
3013           without involving FrameView, FrameLoader, etc.
3014
3015         * html/HTMLBodyElement.cpp: (WebCore::HTMLBodyElement::insertedIntoDocument):
3016         Grab the margin from the frame directly here. There was no real benefit
3017         to doing this via FrameView. Later we can delete quite a bit of unneeded code
3018         here and in WebKit that exists only to set up the margin values in FrameView,
3019         which are now unused.
3020
3021 2007-03-23  Adele Peterson  <adele@apple.com>
3022
3023         Reviewed by Darin.
3024
3025         Fix for <rdar://problem/5080428> REGRESSION: getting value for hidden input element fails after the fix for Bug 11866
3026         http://bugs.webkit.org/show_bug.cgi?id=13121
3027
3028         Rolled out the change for 11866 that made hidden input elements store the value separately from the value attribute.
3029         Added an m_originalValue field that gets set when the element is done being parsed (in closeRenderer).  In reset,
3030         use the m_originalValue for hidden input elements.
3031
3032         * html/HTMLInputElement.cpp:
3033         (WebCore::HTMLInputElement::closeRenderer):
3034         (WebCore::HTMLInputElement::reset):
3035         (WebCore::HTMLInputElement::setValue):
3036         (WebCore::HTMLInputElement::storesValueSeparateFromAttribute):
3037         * html/HTMLInputElement.h:
3038
3039 2007-03-23  Mitz Pettel  <mitz@webkit.org>
3040
3041         Reviewed by Dave Hyatt.
3042
3043         - fix http://bugs.webkit.org/show_bug.cgi?id=13157
3044               <rdar://problem/5083995>
3045           List markers positioned incorrectly and don't repaint properly on Oxford homepage
3046
3047         Test: fast/lists/marker-image-error.html
3048
3049         * rendering/RenderListMarker.cpp:
3050         (WebCore::RenderListMarker::imageChanged): Mark ourselves for relayout if
3051         the image failed to load, since that means we will use a bullet instead.
3052
3053 2007-03-23  Zack Rusin  <zrusin@trolltech.com>
3054
3055         Fix the compile.
3056
3057         * platform/graphics/qt/ImageSourceQt.cpp:
3058
3059 2007-03-22  Dave Hyatt  <hyatt@apple.com>
3060
3061         Fix for <rdar://problem/5083072>.
3062
3063         * page/Frame.cpp:
3064         (WebCore::Frame::setPrinting):
3065         (WebCore::Frame::forceLayoutWithPageWidthRange):
3066         * page/Frame.h:
3067         * page/mac/WebCoreFrameBridge.mm:
3068         (-[WebCoreFrameBridge forceLayoutWithMinimumPageWidth:maximumPageWidth:adjustingViewSize:]):
3069
3070 2007-03-22  Anders Carlsson  <acarlsson@apple.com>
3071
3072         Reviewed by Ada.
3073
3074         <rdar://problem/5074974>
3075         CrashTracer: [USER] repro crash in Safari at com.apple.WebCore: WebCore::FrameLoader::activeDocumentLoader const + 6
3076         
3077         * loader/mac/NetscapePlugInStreamLoaderMac.mm:
3078         (WebCore::NetscapePlugInStreamLoader::didReceiveResponse):
3079         Don't use ResourceResponse:isHTTP here since that only looks at the protocol instead of if the response came from a 
3080         HTTP server (and not a web archive).
3081
3082 2007-03-22  Krzysztof Kowalczyk  <kkowalczyk@gmail.com>
3083
3084         Not reviewed - gdk build fix.
3085
3086         * platform/graphics/cairo/ImageSourceCairo.cpp:
3087
3088 2007-03-22  Dave Hyatt  <hyatt@apple.com>
3089
3090         Fix for <rdar://problem/5083473>.  Make sure wheeling still forwards to the frame view even
3091         when no node is hit.  Technically not ever hitting a node is a regression from the RenderView
3092         size changes (making it be the size of the initial containing block according to CSS2.1), but
3093         we should still handle this case gracefully in case it comes up again.
3094        
3095         Reviewed by olliej
3096
3097         * page/EventHandler.cpp:
3098         (WebCore::EventHandler::handleWheelEvent):
3099
3100 2007-03-22  Justin Garcia  <justin.garcia@apple.com>
3101
3102         Reviewed by kevin
3103
3104         <rdar://problem/5081257> 
3105         REGRESSION: New Mail signatures start out empty
3106
3107         * editing/VisiblePosition.cpp:
3108         (WebCore::VisiblePosition::canonicalPosition): Allow
3109         descent from positions inside the document into an 
3110         editable body.
3111
3112 2007-03-22  Brady Eidson  <beidson@apple.com>
3113
3114         Reviewed by Adele and John
3115
3116         <rdar://5043528> - Prepare for new API
3117         
3118         * platform/network/ResourceHandle.cpp:
3119         (WebCore::ResourceHandle::clearAuthentication): Clear CF type
3120
3121 2007-03-22  Beth Dakin  <bdakin@apple.com>
3122
3123         Patch by Hyatt, reviewed and committed by me.
3124
3125         Does not reproduce consistently, so a layout test does not seem 
3126         possible.
3127
3128         Fix for <rdar://problem/5082421> Constantly hitting ASSERT(!
3129         needsLayout()) in RenderView::paint()
3130
3131         * page/FrameView.cpp:
3132         (WebCore::FrameView::layoutPending): It is not enough to ask if the 
3133         layout timer is active. There may be times that we don't have a 
3134         body yet so we cannot schedule layout yet, but the root still needs 
3135         layout.  
3136
3137 2007-03-22  John Sullivan  <sullivan@apple.com>
3138
3139         Reviewed by Darin
3140         
3141         Followup for recent fix to 5079700, found by assertion added to Safari.
3142
3143         * page/mac/FrameMac.mm:
3144         (WebCore::Frame::searchForLabelsBeforeElement):
3145         Fixed another place in this method where an empty NSString was being returned instead of nil.
3146         Cleaned up the style a little too.
3147
3148 2007-03-22  David Hyatt  <hyatt@apple.com>
3149
3150         Remove unnecessary destroyFrameAtIndex call.  Now that we throw away
3151         the image source, it is no longer needed.
3152
3153         Reviewed by beth
3154
3155         * platform/graphics/BitmapImage.cpp:
3156         (WebCore::BitmapImage::destroyDecodedData):
3157
3158 2007-03-22  David Harrison  <harrison@apple.com>
3159
3160         Reviewed by Geoff, Darin.
3161
3162         <rdar://problem/5077892> In RapidWeaver 3.5.1, a crash occurs when attempting to load Safari Bookmarks in iMedia Browser
3163         
3164         * platform/mac/ThreadCheck.mm:
3165         (WebCore::_WebCoreThreadViolationCheck):
3166         Change default on Tiger to NSLog rather than raise an exception.
3167
3168 2007-03-22  Darin Adler  <darin@apple.com>
3169
3170         Reviewed by Brady.
3171
3172         - use binary_search instead of hash table; slightly better performance and
3173           less memory use
3174
3175         * platform/network/ResourceHandle.cpp: (WebCore::ResourceHandle::portAllowed):
3176         Use binary_search.
3177
3178 2007-03-22  Darin Adler  <darin@apple.com>
3179
3180         Reviewed by Adele.
3181
3182         - fix <rdar://problem/5074630> detachChildren call should move from WebKit to WebCore
3183
3184         * loader/FrameLoader.cpp: (WebCore::FrameLoader::setDocumentLoader):
3185         Add a call to detachChildren() after the call to prepareForDataSourceReplacement().
3186         There was no reason for this crucial loading step to be left to the client.
3187
3188 2007-03-22  David Hyatt  <hyatt@apple.com>
3189
3190         Minor refactoring and cleanup of the bridge calls that want to control layout settings on the RenderView.
3191         Have the bridge talk through the FrameView instead of just asking for the RenderView directly.
3192
3193         Add an assert to help catch situations where the RenderView needs layout at paint time, since this is a known
3194         catastrophic scenario that will (much of the time) result in a crash in RenderTableSection::paint.
3195
3196         Reviewed by aroben
3197
3198         * page/FrameView.cpp:
3199         (WebCore::FrameView::adjustViewSize):
3200         (WebCore::FrameView::needsLayout):
3201         (WebCore::FrameView::setNeedsLayout):
3202         * page/FrameView.h:
3203         * page/mac/WebCoreFrameBridge.mm:
3204         (-[WebCoreFrameBridge needsLayout]):
3205         (-[WebCoreFrameBridge setNeedsLayout]):
3206         * rendering/RenderView.cpp:
3207         (WebCore::RenderView::paint):
3208
3209 2007-03-21  Geoffrey Garen  <ggaren@apple.com>
3210
3211         Reviewed by Beth Dakin.
3212         
3213         Re-worked the fix in r20375. 'M' and 'm' are not the only commands that
3214         accept "extra" coordinates -- virtually all commands accept them.
3215
3216         * ksvg2/svg/SVGParserUtilities.cpp:
3217         (WebCore::SVGPathParser::parseSVG):
3218
3219 2007-03-21  David Harrison  <harrison@apple.com>
3220
3221         Reviewed by hyatt.
3222
3223         <rdar://problem/5072460> CrashTracer: [USER] 1 crashes in Xcode at com.apple.ImageIO.framework: getBandProcPNG + 168
3224
3225         An NSData object was being alloc/init'd, then returned callers who cast the pointer as a
3226         CFDataRef, including calling CFRelease on it. The problem is that under garbage collection, the NS
3227         retain count is ignored (it's always 0), but the CFRetain and CFRelease are not ignored. This
3228         caused the object to be over-released. The solution that works in both GC and non-GC is to "transfer"
3229         the initial NS retain count to the CF retain count, using HardRetainWithNSRelease.
3230         
3231         The creator of the NSData was SharedBuffer::createNSData. The callers were PDFDocumentImage::dataChanged()
3232         and ImageSource::setData(). This particular crash involved the ImageSource::setData() case.
3233
3234         * platform/SharedBuffer.h:
3235         Declare createCFData().
3236         
3237         * platform/graphics/cg/ImageSourceCG.cpp:
3238         (WebCore::ImageSource::setData):
3239         Call createCFData instead of createNSData.
3240         
3241         * platform/graphics/cg/PDFDocumentImage.cpp:
3242         (WebCore::PDFDocumentImage::dataChanged):
3243         Call createCFData instead of createNSData.
3244         
3245        * platform/mac/SharedBufferMac.mm:
3246         (WebCore::SharedBuffer::createCFData):
3247         Implement createCFData(). Use HardRetainWithNSRelease for gc safety.
3248         
3249 2007-03-21  Mitz Pettel  <mitz@webkit.org>
3250
3251         Reviewed by Darin.
3252
3253         - fix http://bugs.webkit.org/show_bug.cgi?id=13145
3254           Regression: Scrollbar not resizing after display none
3255
3256         Test: fast/dynamic/view-overflow.html
3257
3258         * rendering/RenderView.cpp:
3259         (WebCore::RenderView::layout): Reset overflowHeight() and overflowWidth()
3260         before calling docHeight() and docWidth(), since the former act as a lower
3261         bound for the latter.
3262
3263 2007-03-21  Geoffrey Garen  <ggaren@apple.com>
3264
3265         Reviewed by Beth Dakin.
3266         
3267         A little cleanup based work I've been doing on the SVG parsers.
3268
3269         * ksvg2/svg/SVGParserUtilities.h:
3270         (WebCore::skipString):
3271         * ksvg2/svg/SVGPreserveAspectRatio.cpp: Moved checkString into
3272         SVGParserUtilities.h, so it could be with all its friends. Renamed 
3273         "checkString" to "skipString" to match the rest of the code and to be 
3274         clear about which functions move the buffer pointer.
3275         (WebCore::SVGPreserveAspectRatio::parsePreserveAspectRatio):
3276         * ksvg2/svg/SVGTransformable.cpp:
3277         (WebCore::SVGTransformable::parseTransformAttribute): Changed gotos into 
3278         returns. Removed unnecessary magic number.
3279
3280 2007-03-21  Geoffrey Garen  <ggaren@apple.com>
3281
3282         Reviewed by Beth Dakin.
3283         
3284         Fixed <rdar://problem/5078471> SVG rgb color parser runs past end of 
3285         buffer when running fuzzing test
3286
3287         * ksvg2/svg/SVGColor.cpp:
3288         (WebCore::parseNumberOrPercent): Check for past the end condition.
3289         (WebCore::SVGColor::colorFromRGBColorString): Reversed "read past end
3290         of buffer, then check if you're past the end" logic.
3291
3292 2007-03-21  Geoffrey Garen  <ggaren@apple.com>
3293
3294         Reviewed by Beth Dakin.
3295         
3296         Fixed <rdar://problem/5079410> SVG path parser hangs, exhausts memory when 
3297         running fuzzer test
3298
3299         * ksvg2/svg/SVGParserUtilities.cpp:
3300         (WebCore::SVGPathParser::parseSVG): Don't assume that extra digits are
3301         always preceded by an 'M' or an 'm'.
3302
3303 2007-03-21  John Sullivan  <sullivan@apple.com>
3304
3305         Reviewed by Adam
3306         
3307         - fixed <rdar://problem/5079700> REGRESSION (r19702): Name/password aren't autofilled 
3308           or saved for .Mac homepage login
3309
3310         * page/mac/FrameMac.mm:
3311         (WebCore::Frame::searchForLabelsBeforeElement):
3312         don't count empty strings as valid results
3313
3314 2007-03-21  Justin Garcia  <justin.garcia@apple.com>
3315
3316         Reviewed by darin
3317
3318         * editing/markup.cpp:
3319         (WebCore::styleFromMatchedRulesAndInlineDecl): 
3320         Release the RefPtr to avoid increasing/decreasing
3321         the refcount unnecessarily.
3322         (WebCore::propertyMissingOrEqualToNone): Added and used
3323         instead of converting values to strings.
3324         (WebCore::elementHasTextDecorationProperty): 
3325         (WebCore::createMarkup):
3326
3327 2007-03-21  Justin Garcia  <justin.garcia@apple.com>
3328
3329         Reviewed by oliver
3330
3331         <rdar://problem/5075944> 
3332         REGRESSION: Partially selected underlined content pastes as plain text
3333         
3334         We stopped adding markup for all the ancestors
3335         of lastClosed up to the commonAncestorBlock
3336         because it was adding a lot of unnecessary markup.
3337         This caused us to lose underlining when copying a 
3338         partially selected underlined element (even though 
3339         we put all styles that the copied markup inherits 
3340         into a style span, because the text-decoration 
3341         isn't inheritable).
3342
3343         * editing/markup.cpp:
3344         (WebCore::styleFromMatchedRulesAndInlineDecl): Moved
3345         code here.
3346         (WebCore::elementHasTextDecorationProperty): Added.
3347         (WebCore::createMarkup): If the copied markup has a
3348         text-decoration because some common ancestor has
3349         a text-decoration property set, include that ancestor
3350         and all its descendants in the copied markup.
3351
3352 2007-03-21  Oliver Hunt  <oliver@apple.com>
3353
3354         Reviewed by Antti.
3355
3356         Update a few SVG attribute parsers to be more defensive against
3357         reading beyond the end of input. 
3358
3359         Fixes rdar://problem/5077218 -- SVG transform parser runs past
3360         end of buffer when running fuzzing test
3361
3362         * ksvg2/svg/SVGParserUtilities.cpp:
3363         (WebCore::SVGPathParser::parseSVG):
3364         * ksvg2/svg/SVGParserUtilities.h:
3365         (WebCore::skipOptionalSpacesOrDelimiter):
3366         * ksvg2/svg/SVGTransformable.cpp:
3367         (WebCore::parseTransformParamList):
3368         (WebCore::SVGTransformable::parseTransformAttribute):
3369
3370 2007-03-21  Alexey Proskuryakov  <ap@webkit.org>
3371
3372         Reviewed by Mitz.
3373
3374         http://bugs.webkit.org/show_bug.cgi?id=13140
3375         Crash after loading SVG fragment with XMLHttpRequest (Yosemite Map Geology Layer)
3376
3377         Test: svg/carto.net/frameless-svg-parse-error.html
3378
3379         * ksvg2/misc/SVGDocumentExtensions.cpp:
3380         (WebCore::SVGDocumentExtensions::reportError): Added a null check.
3381         (WebCore::SVGDocumentExtensions::reportWarning): Ditto.
3382
3383 2007-03-21  Beth Dakin  <bdakin@apple.com>
3384
3385         Reviewed by Geoff.
3386
3387         Fix for <rdar://problem/5072678> Crash in
3388         RenderLayer::scrollRectToVisible with MallocScribble enabled
3389
3390         I tried to fix this earlier today but my fix caused a regression
3391         scrolling through RSS pages. It turns out that sometimes scroll
3392         events need to propagate immediately, and sometimes they must be
3393         delayed or they risk deleting objects that are expected to be
3394         around after the event has propagated. Mitz's original fix made
3395         sheduleEvent() only delay events that happen during layout. This
3396         fix marks two other places in addition to layout where events also
3397         need to be delayed. These two places are places that were marked
3398         with FIXMEs that Mitz removed in his original patch. (There was a
3399         third FIXME in RenderLayer::updateScrollInfoAfterLayout() but that
3400         case is only called through layout and is covered by Mitz's
3401         original patch.)
3402
3403         * page/FrameView.cpp:
3404         (WebCore::FrameView::~FrameView): Added assertion.
3405         (WebCore::FrameView::layout): Call new functions to increment and 
3406         decrement the queued events count.
3407         (WebCore::FrameView::pauseScheduledEvents):
3408         (WebCore::FrameView::resumeScheduledEvents): Decrement queued 
3409         events count and dispatch events if the count has zeroed.
3410         * page/FrameView.h:
3411         * rendering/RenderLayer.cpp:
3412         (WebCore::RenderLayer::scrollRectToVisible):
3413         (WebCore::Marquee::start):
3414
3415 2007-03-21  Mitz Pettel  <mitz@webkit.org>
3416
3417         Reviewed by John Sullivan.
3418
3419         - fix http://bugs.webkit.org/show_bug.cgi?id=13130
3420           REGRESSION: Sometimes a frame resizer keeps following the mouse after mouseup
3421
3422         * rendering/RenderFrameSet.cpp:
3423         (WebCore::RenderFrameSet::userResize): Reordered the code to allow resizing
3424         to be terminated by a mouseup event regardless of whether the frameset needs
3425         layout.
3426
3427 2007-03-20  Anders Carlsson  <acarlsson@apple.com>
3428
3429         Reviewed by Oliver.
3430
3431         <rdar://problem/5077252> 
3432         In NetNewsWire 2.1.1 and 3.0d62, a crash occurs after triple-clicking a link on the page
3433         
3434         * loader/FrameLoader.cpp:
3435         (WebCore::FrameLoader::load):
3436         Move the m_inStopAllLoaders check to the load function that's common for loading a request or substitute data.
3437
3438 2007-03-20  Brady Eidson  <beidson@apple.com>
3439
3440         Reviewed by Anders.
3441
3442         <rdar://problem/5073391> and http://bugs.webkit.org/show_bug.cgi?id=13137
3443
3444         Crash in IconDatabase when private browsing is enabled.
3445
3446         The problem was caused by http://trac.webkit.org/projects/webkit/changeset/20182 
3447         which changed many uses of char[] and Vector<char> to SharedBuffer.  The patch
3448         tended to literally replace a Vector<char> with RefPtr<SharedBuffers> but forgot
3449         to enforce the concept that Vector<char>'s always exist, whereas RefPtr<SharedBuffers>
3450         can be null.  This led to derefs.
3451
3452         I took the opportunity to rework the iconDB functions to live in a SharedBuffer 
3453         world, as that didn't exist when they were originally written - now they just return
3454         SharedBuffers instead of taking a Vector<char>& as a parameter
3455
3456         * loader/icon/IconDatabase.cpp:
3457         (WebCore::IconDatabase::imageDataForIconURL): Return a SharedBuffer
3458         (WebCore::IconDatabase::iconForPageURL): Null check the SharedBuffer before asking
3459           it if it's empty
3460         (WebCore::IconDatabase::imageDataForIconURLQuery): Return a new SharedBuffer
3461
3462         * loader/icon/IconDatabase.h: Return SharedBuffer's instead of taking Vector<char>&'s
3463
3464 2007-03-20  Adam Roben  <aroben@apple.com>
3465
3466         Rubberstamped by Adele.
3467
3468         Roll out r20348 because it was causing crashes.
3469
3470         * page/FrameView.cpp:
3471         (WebCore::FrameViewPrivate::FrameViewPrivate):
3472         (WebCore::FrameView::layout):
3473         (WebCore::FrameView::scheduleEvent):
3474
3475 2007-03-20  Timothy Hatcher  <timothy@apple.com>
3476
3477         Reviewed by Kevin Decker.
3478
3479         Rolling out part of r19828 that caused a scrolling regression in Mail.
3480
3481         <rdar://problem/4820817> Message jumps around when trying to select text
3482
3483         * platform/mac/ScrollViewMac.mm:
3484         (WebCore::ScrollView::visibleContentRect):
3485         (WebCore::ScrollView::updateContents):
3486
3487 2007-03-20  Brady Eidson  <beidson@apple.com>
3488
3489         Reviewed by John
3490
3491         <rdar://5071341> - Crash in IconLoader::finishLoading()
3492         
3493         Though the reproducibility of the crash is still elusive, there's been a crasher likely uncovered 
3494         Hyatt's recent caching changings to the IconLoader.  This crash tends to hit on sites without favicons,
3495         that serve up complex 404 pages, often when the load is cancelled or redirected.  Occasionally, it *seems*
3496         the IconLoader is getting failed/cancelled twice.
3497         
3498         This patch adds some assertions and a "fail gracefully in a release build" check that will have to
3499         serve us until we know more about the cause.
3500
3501         * loader/icon/IconLoader.cpp:
3502         (WebCore::IconLoader::didFail): Add an assertion to catch this case
3503         (WebCore::IconLoader::finishLoading): Add an assertion to catch the case, and fail
3504           gracefully in debug builds.  Also add an efficiency check to not commit to the DB if there is no
3505           IconURL
3506
3507 2007-03-20  Antti Koivisto  <antti@apple.com>
3508
3509         Reviewed by Darin.
3510
3511         - fix http://bugs.webkit.org/show_bug.cgi?id=10747
3512         REGRESSION: Using two fingers on a trackpad to scroll inside a text area makes the whole page move
3513         <rdar://problem/5045710>
3514         
3515         Eat smooth scroll events in WebCore if pointer is over scrollable area. Not
3516         really a good fix, smooth scrolling should be supported properly. It should do for now.
3517
3518         * page/EventHandler.cpp:
3519         (WebCore::EventHandler::handleWheelEvent):
3520         * rendering/RenderListBox.cpp:
3521         (WebCore::RenderListBox::isScrollable):
3522         * rendering/RenderListBox.h:
3523         * rendering/RenderObject.cpp:
3524         (WebCore::RenderObject::isScrollable):
3525         * rendering/RenderObject.h:
3526         * rendering/RenderTextControl.cpp:
3527         (WebCore::RenderTextControl::isScrollable):
3528         * rendering/RenderTextControl.h:
3529
3530 2007-03-20  Beth Dakin  <bdakin@apple.com>
3531
3532         Reviewed by Geoff.
3533
3534         Covered by existing test case.
3535
3536         Fix for <rdar://problem/5072678> Crash in 
3537         RenderLayer::scrollRectToVisible with MallocScribble enabled
3538
3539         This removes some code that was added with http://bugs.webkit.org/
3540         show_bug.cgi?id=8360. This code was not needed to fix that bug, but 
3541         the idea behind it was that there are times when it is safe for 
3542         scheduleEvent() to propagate the event immediately. The 
3543         MallocScribble crash revealed that this assumption was a bit too 
3544         broad; the cause of the crash was that we were propagating events 
3545         immediately when it was not safe. Mitz and I discussed this online 
3546         and we agree that the safest solution is to revert to the old 
3547         behavior here, and always delay the propagation of the event. 
3548
3549         * page/FrameView.cpp:
3550         (WebCore::FrameViewPrivate::FrameViewPrivate):
3551         (WebCore::FrameView::layout):
3552         (WebCore::FrameView::scheduleEvent):
3553
3554 2007-03-20  Brady Eidson  <beidson@apple.com>
3555
3556         Reviewed by John Sullivan
3557
3558         Add some very helpful logging to the IconLoader's SubresourceLoaderClient impl.
3559
3560         * loader/icon/IconLoader.cpp:
3561         (WebCore::IconLoader::didReceiveResponse):
3562         (WebCore::IconLoader::didReceiveData):
3563         (WebCore::IconLoader::didFail):
3564         (WebCore::IconLoader::didFinishLoading):
3565
3566 2007-03-20  Justin Garcia  <justin.garcia@apple.com>
3567
3568         Reviewed by darin
3569
<