Get the size from the shared buffer.
[WebKit-https.git] / WebCore / ChangeLog
1 2007-03-14  Administrator  <acarlsson@apple.com>
2
3         Get the size from the shared buffer.
4         
5         * platform/graphics/cg/ImageSourceCG.cpp:
6         (WebCore::ImageSource::setData):
7         * platform/graphics/cg/PDFDocumentImage.cpp:
8         (WebCore::PDFDocumentImage::dataChanged):
9
10 2007-03-14  Mitz Pettel  <mitz@webkit.org>
11
12         Reviewed by Hyatt, thumbs up by Darin.
13
14         - fix http://bugs.webkit.org/show_bug.cgi?id=12782
15           Reproducible crash in BidiContext::deref
16
17         Test: fast/dynamic/anonymous-block-orphaned-lines.html
18
19         * rendering/InlineBox.cpp:
20         (WebCore::InlineBox::root): Added an assertion that we return a root inline box.
21         * rendering/RenderBlock.cpp:
22         (WebCore::RenderBlock::removeChild): Added code to adopt the line boxes of
23         anonymous blocks being destroyed instead of leaving them orphaned, which
24         is what caused this crash. The boxes will be deleted on the next layout, but
25         this ensures consistency in the mean time.
26
27 2007-03-14  Lars Knoll <lars@trolltech.com>
28
29         Reviewed by Antti.
30
31         Fix the Qt build.
32         Add a getter to SharedBuffer that returns a reference to the internal
33         Vector to avoid an extra copy of the data.
34
35         * platform/SharedBuffer.h:
36         (WebCore::SharedBuffer::buffer):
37         * platform/graphics/qt/ImageQt.cpp:
38         (WebCore::Image::loadPlatformResource):
39         * platform/graphics/qt/ImageSourceQt.cpp:
40         (WebCore::detectImageFormat):
41         (WebCore::createDecoder):
42         (WebCore::ImageSource::setData):
43
44 2007-03-14  Antti Koivisto  <antti@apple.com>
45
46         Reviewed by Mitz.
47         
48         Fix <rdar://problem/5058774>
49         REGRESSION: In Mail, caret appears oversized when typing in a To Do note
50         
51         Horizontal and vertical were switched. Was regression from
52         http://trac.webkit.org/projects/webkit/changeset/20103
53
54         * rendering/RootInlineBox.cpp:
55         (WebCore::RootInlineBox::addHighlightOverflow):
56
57 2007-03-14  David Hyatt  <hyatt@apple.com>
58
59         Tweak the data() functions of stylesheets and scripts to be internally consistent.
60
61         * loader/CachedCSSStyleSheet.cpp:
62         (WebCore::CachedCSSStyleSheet::data):
63         * loader/CachedScript.cpp:
64         (WebCore::CachedScript::data):
65         * loader/CachedXSLStyleSheet.cpp:
66         (WebCore::CachedXSLStyleSheet::data):
67
68 2007-03-14  David Hyatt  <hyatt@apple.com>
69
70         Fix Radar 5050688.  
71
72         For large animated GIFs, destroy and recreate the source for every animation frame.  This keeps
73         the memory consumption down while giant images are animating.
74
75         Reviewed by andersca
76
77         * platform/graphics/BitmapImage.cpp:
78         (WebCore::BitmapImage::BitmapImage):
79         (WebCore::BitmapImage::destroyDecodedData):
80         (WebCore::BitmapImage::dataChanged):
81         (WebCore::BitmapImage::advanceAnimation):
82         * platform/graphics/BitmapImage.h:
83
84 2007-03-14  David Hyatt  <hyatt@apple.com>
85
86         Make sure to use CFDataCreateWithBytesNoCopy where we can.
87
88         Reviewed by andersca
89
90         * platform/graphics/cg/ImageSourceCG.cpp:
91         (WebCore::ImageSource::setData):
92         * platform/graphics/cg/PDFDocumentImage.cpp:
93         (WebCore::PDFDocumentImage::dataChanged):
94
95 2007-03-13  David Hyatt  <hyatt@apple.com>
96
97         Fix for bugzilla bug 13050 and also radar p1 5050645.
98
99         This patch reworks resource loading to avoid having redundant buffers in the icon database and in cached
100         images in the WebCore cache.  It also avoids overcopying in top-level image documents and in the icon
101         database.
102
103         There is now only one SharedBuffer for a resource and everybody observes that buffer now instead of ever
104         making their own.  Even ImageIO uses the SharedBuffer while decoding.
105
106         The page in 13050 dropped from 145mb down to 45mb of memory use with this change for a stunning savings
107         of 100mb.
108
109         Reviewed by olliej, mjs
110
111         * WebCore.exp:
112         * loader/CachedCSSStyleSheet.cpp:
113         (WebCore::CachedCSSStyleSheet::data):
114         * loader/CachedCSSStyleSheet.h:
115         * loader/CachedImage.cpp:
116         (WebCore::CachedImage::data):
117         * loader/CachedImage.h:
118         * loader/CachedResource.cpp:
119         (WebCore::CachedResource::CachedResource):
120         (WebCore::CachedResource::~CachedResource):
121         * loader/CachedResource.h:
122         (WebCore::CachedResource::data):
123         * loader/CachedScript.cpp:
124         (WebCore::CachedScript::data):
125         * loader/CachedScript.h:
126         * loader/CachedXSLStyleSheet.cpp:
127         (WebCore::CachedXSLStyleSheet::data):
128         * loader/CachedXSLStyleSheet.h:
129         * loader/DocLoader.cpp:
130         (WebCore::DocLoader::checkCacheObjectStatus):
131         * loader/ImageDocument.cpp:
132         (WebCore::ImageTokenizer::writeRawData):
133         (WebCore::ImageTokenizer::finish):
134         * loader/icon/IconDataCache.cpp:
135         (WebCore::IconDataCache::setImageData):
136         (WebCore::IconDataCache::writeToDatabase):
137         * loader/icon/IconDataCache.h:
138         * loader/icon/IconDatabase.cpp:
139         (WebCore::IconDatabase::imageDataForIconURL):
140         (WebCore::IconDatabase::iconForPageURL):
141         (WebCore::IconDatabase::setIconDataForIconURL):
142         (WebCore::IconDatabase::setHaveNoIconForIconURL):
143         (WebCore::IconDatabase::imageDataForIconURLQuery):
144         * loader/icon/IconDatabase.h:
145         * loader/icon/IconLoader.cpp:
146         (WebCore::IconLoader::startLoading):
147         (WebCore::IconLoader::didReceiveResponse):
148         (WebCore::IconLoader::didReceiveData):
149         (WebCore::IconLoader::didFail):
150         (WebCore::IconLoader::finishLoading):
151         (WebCore::IconLoader::clearLoadingState):
152         * loader/icon/IconLoader.h:
153         * loader/icon/SQLStatement.cpp:
154         (WebCore::SQLStatement::getColumnBlobAsVector):
155         (WebCore::SQLStatement::isExpired):
156         * loader/icon/SQLStatement.h:
157         * loader/loader.cpp:
158         (WebCore::Loader::didFinishLoading):
159         (WebCore::Loader::didReceiveData):
160         * page/mac/WebCoreFrameBridge.mm:
161         (-[WebCoreFrameBridge getData:andResponse:forURL:]):
162         (-[WebCoreFrameBridge getAllResourceDatas:andResponses:]):
163         * platform/SharedBuffer.h:
164         (WebCore::SharedBuffer::isEmpty):
165         * platform/graphics/BitmapImage.cpp:
166         (WebCore::BitmapImage::destroyDecodedData):
167         (WebCore::BitmapImage::dataChanged):
168         * platform/graphics/BitmapImage.h:
169         * platform/graphics/Image.cpp:
170         (WebCore::Image::setData):
171         * platform/graphics/Image.h:
172         (WebCore::Image::dataChanged):
173         (WebCore::Image::data):
174         * platform/graphics/ImageSource.h:
175         * platform/graphics/cg/ImageSourceCG.cpp:
176         (WebCore::ImageSource::setData):
177         * platform/graphics/cg/PDFDocumentImage.cpp:
178         (WebCore::PDFDocumentImage::dataChanged):
179         * platform/graphics/cg/PDFDocumentImage.h:
180         * platform/graphics/mac/ImageMac.mm:
181         (WebCore::Image::loadPlatformResource):
182         * platform/graphics/svg/SVGImage.cpp:
183         (WebCore::SVGImage::setData):
184         * platform/mac/PasteboardMac.mm:
185         (WebCore::fileWrapperForImage):
186
187 2007-03-13  Justin Garcia  <justin.garcia@apple.com>
188
189         Reviewed by darin
190         
191         <rdar://problem/5046875> 
192         Gmail Editor: Applying alignment to selected text in message also applies alignment to signature
193
194         * editing/ApplyStyleCommand.cpp:
195         (WebCore::ApplyStyleCommand::doApply): Don't call applyBlockStyle unless
196         there is a block style to apply.
197         (WebCore::ApplyStyleCommand::applyBlockStyle): Don't do the remove step.
198         It was unnecessary and removed properties from blocks that could contain 
199         content outside the range being operated on (added a testcase).
200         (WebCore::ApplyStyleCommand::addBlockStyleIfNeeded): Used an early return
201         instead of if-nesting.
202         * editing/ApplyStyleCommand.h:
203         * editing/CompositeEditCommand.cpp:
204         (WebCore::CompositeEditCommand::moveParagraphContentsToNewBlockIfNecessary):
205         Return the new block, if one was created.  Use moveParagraphs to move
206         paragraphs into the new block, instead of moving nodes.  The old code moved
207         too much (added a testcase).
208         * editing/CompositeEditCommand.h:
209
210 2007-03-13  Oliver Hunt  <oliver@apple.com>
211
212         Reviewed by Brady.
213
214         To fix <rdar://problem/5044366> we now pass a NSString
215         representation of the URL extracted with _web_originalDataAsString
216         instead of relying on [NSURL absoluteString] in the bridge
217
218         * page/mac/WebCoreFrameBridge.h:
219         * page/mac/WebCoreFrameBridge.mm:
220         (-[WebCoreFrameBridge getData:andResponse:forURL:]):
221
222 2007-03-13  Brady Eidson  <beidson@apple.com>
223
224         Reviewed by Anders
225
226         <rdar://problem/5048818> - REGRESSION: Incompletely loaded resources being saved to the object cache
227
228         Due to a subtle change in loader behavior back in 10904, we would stop all loaders before calling 
229         didFail() on them in the Cache loader.  As a result, we basically cleared all of the Subresource Loaders 
230         out of the Cache loader before more properly failing them as errored out.  The result?  Partially loaded
231         resources being cached.
232         
233         Since Loader::didFail() both calls error() on the object *and* removes the loader, the solution is to call 
234         didFail() for all cancelled loaders instead of *only* removing them from the set of active loaders.
235         
236         In addition, pages that didn't completely load were being saved to the back/forward cache.  To fix that,
237         I added a null check on the DocumentLoader's error to see if the page ended in an error, or did indeed 
238         completely load.
239
240         Note that the layout test for this - if possible - will require other enhancements including possibly adding
241         support for window.stop().  That task is documented in <rdar://problem/5061826>
242
243         * loader/FrameLoader.cpp:
244         (WebCore::FrameLoader::provisionalLoadStarted): Fixed a few bugs relating to my original BFCache rewrite to
245           more perfectly restore the original behavior - including only caching HTML documents via the 
246           m_client->canCachePage() call
247         (WebCore::FrameLoader::canCachePage): Don't make the call to m_client->canCachePage() as that serves a different
248           purpose
249           - Check the mainDocumentError to see if the load ended in error as a further criteria in determining the 
250           cachability of a page
251
252         * loader/loader.cpp:
253         (WebCore::Loader::cancelRequests): Call didFail(cancelledError()) instead of just removing the loaders from the 
254           loaders-in-progress set.  This adds the effect of properly cleaning up the cached object.
255
256 2007-03-13  Beth Dakin  <bdakin@apple.com>
257
258         Rendering part reviewed by Hyatt. Editing part consulted with and 
259         rubber stamped by Justin and Harrison.
260
261         Fix for <rdar://problem/5025925> A hang occurs in Safari when 
262         attempting to print page at http://www.pcadvisor.co.uk
263
264         * rendering/RenderBlock.cpp:
265         (WebCore::RenderBlock::makeChildrenNonInline): 
266         RenderBlock::makeChildrenNonInline() takes a block's inline 
267         children and turns them into block children. If the children had 
268         line boxes, those boxes were being leaked. In the layout test I 
269         added with the change (and at pcadvisor.co.uk during printing) 
270         children were being made non-inline, and then they were being made 
271         inline again. This meant that some of the children ended up 
272         pointing to totally stale line boxes that are normally just leaked. 
273         This caused an infinite loop in RenderFlow::destroy(). This patch 
274         simply deletes everyone's line boxes in 
275         RenderBlock::makeChildrenNonInline()
276
277         * editing/InsertParagraphSeparatorCommand.cpp:
278         (WebCore::InsertParagraphSeparatorCommand::doApply): The other part 
279         of this fix is that I added a call to updateLayout in 
280         InsertParagraphSeparatorCommand::doApply(). One layout test 
281         (editing/spelling/spelling.html) was changed by my patch to 
282         RenderBlock. doApply() inserts a node into the render tree. In at 
283         least one case in spelling.html, that caused some line boxes to be 
284         deleted. Back in doApply() this meant that the RenderTree was out-
285         of-date, and we mistakenly thought we were at the end of the 
286         paragraph. This caused us to insert a RenderBR() at the end of the 
287         tree instead of an empty RenderText(). No one seems to know exactly 
288         why we insert either, or if the change is necessarily a problem. It 
289         is clear, though, that the RenderTree in doApply() is out-of-date 
290         after inserting the node and deleting some line boxes, so it seems 
291         prudent to call into updateLayout().
292
293 2007-03-13  Adam Roben  <aroben@apple.com>
294
295         Reviewed by Anders.
296
297         * platform/FontData.h: Added m_isSystemFont parameter to match NSFont.
298
299 2007-03-13  Beth Dakin  <bdakin@apple.com>
300
301         Reviewed by Maciej.
302
303         Export DocumentLoader::setFrame(). Part of fix for <rdar://
304         problem/4277074> 8F32: Help Viewer crashed on clicking link - 
305         KHTMLView::viewportMouseReleaseEvent (12647)
306
307         * WebCore.exp:
308
309 2007-03-13  Darin Adler  <darin@apple.com>
310
311         Reviewed by Maciej.
312
313         - fix http://bugs.webkit.org/show_bug.cgi?id=12794
314           <rdar://problem/5028154> REGRESSION: TripTik planner at aaa.com never
315           finishes loading due to unclosed canvas tag (12794)
316
317         Change <canvas> elements so that their contents are parsed normally,
318         but not rendered. This change fixes the bug, because normal parsing
319         rules close the <canvas> element in that case. The special parser
320         stuff was just getting in the way.
321
322         Also do some basic cleanup to the HTML parser. This was motivated by
323         an earlier version of this patch that made even more changes to the
324         parser, but the cleanup is still worth landing.
325
326         Test: fast/canvas/canvas-hides-fallback.html
327         Test: fast/canvas/script-inside-canvas-fallback.html
328         Test: fast/canvas/unclosed-canvas-1.html
329         Test: fast/canvas/unclosed-canvas-2.html
330         Test: fast/canvas/unclosed-canvas-3.html
331         Test: fast/canvas/unclosed-canvas-4.html
332
333         * html/HTMLCanvasElement.h: Added a data member to keep track of whether the
334         renderer is a RenderHTMLCanvas or not.
335         * html/HTMLCanvasElement.cpp:
336         (WebCore::HTMLCanvasElement::createRenderer): If JavaScript is enabled, create
337         a RenderHTMLCanvas. If it's not, let the default code create the default type
338         of renderer, which will result in fallback content being visible. The
339         RenderHTMLCanvas class already hides all of its children. Set the m_rendererIsCanvas
340         boolean accordingly. Since the actual storage for the canvas is allocated lazily
341         when you actually get a drawing context, we don't need to do anything special
342         to prevent it when JavaScript is disabled; the relevant functions won't be called.
343         (WebCore::HTMLCanvasElement::reset): Protect the code that manipulates the
344         RenderHTMLCanvas with a check of m_rendererIsCanvas. This is the only code inside
345         the DOM element that relies on the renderer type.
346
347         * html/HTMLParser.h: Removed unneeded includes. Marked HTMLParser as
348         Noncopyable. Changed the Document parameter to the constructor to instead
349         be HTMLDocument. Renamed discard_until to m_skipModeTag for clarity.
350         Removed unused noSpaces function and unneeded public doc() function.
351         Moved data members all down to the end so you can see them together in order.
352         Renamed map to m_currentMapElement and isindex to m_isindexElement.
353         Removed unused end and headLoaded data members.  Renamed m_fragment to
354         m_isParsingFragment to make it clearer that it's a boolean, not a fragment.
355
356         * html/HTMLParser.cpp:
357         (WebCore::HTMLParser::HTMLParser): Changed to use member construction
358         syntax instead of calling reset(). This is especially helpful in the
359         fragment case, where calling reset() later on is illegal, so not using
360         it in the constructor lets us assert.
361         (WebCore::HTMLParser::~HTMLParser): Did an explicit deref instead of
362         calling setCurrent for its side effect.
363         (WebCore::HTMLParser::reset): Updated for member name changes and removal
364         and to use document instead of doc().
365         (WebCore::HTMLParser::setCurrent): Use document instead of doc().
366         (WebCore::HTMLParser::setSkipMode): Added. No longer inline. Now sets the
367         m_inCanvasBeforeFirstOpenTag data member to false.
368         (WebCore::HTMLParser::parseToken): Tightened up the skip mode logic at the
369         top of the function, and added a FIXME about the strange case there where
370         we don't skip yet stay in skip mode. Updated for renaming and doc().
371         (WebCore::HTMLParser::insertNode): Updated for renaming and doc().
372         (WebCore::HTMLParser::handleError): Ditto.
373         (WebCore::HTMLParser::framesetCreateErrorCheck): Ditto.
374         (WebCore::HTMLParser::isindexCreateErrorCheck): Changed to use RefPtr.
375         (WebCore::HTMLParser::noscriptCreateErrorCheck): Updated for renaming and doc().
376         (WebCore::HTMLParser::mapCreateErrorCheck): Ditto.
377         (WebCore::HTMLParser::getNode): Removed the special case for canvas here.
378         Canvas fallback is now handled in the DOM, not the parser. Updated for
379         renaming and doc().
380         (WebCore::HTMLParser::allowNestedRedundantTag): Changed a #define into a C++
381         constant.
382         (WebCore::HTMLParser::processCloseTag): Updated for renaming and doc().
383         (WebCore::HTMLParser::isInline): Ditto.
384         (WebCore::HTMLParser::tagIsOnStack): Added. Used by new canvas logic.
385         (WebCore::HTMLParser::popBlock): Updated for renaming and doc(). Also renamed
386         the local variable Elem to elem.
387         (WebCore::HTMLParser::createHead): Ditto.
388         (WebCore::HTMLParser::handleIsindex): Changed to use RefPtr.
389         (WebCore::HTMLParser::startBody): Updated for renaming and doc().
390         (WebCore::HTMLParser::finished): Ditto.
391
392 2007-03-13  David Hyatt  <hyatt@apple.com>
393
394         Two more cleanup fixes to the cache.  Don't call destroyDecodedData in the BitmapImage destructor, since
395         clearing the image source and calling setData on it again causes it to do an extra copy of the encoded
396         data.  Since we're about to be destroyed this is just wasteful.
397
398         When the cache prunes, don't allow it to destroy the decoded data of an image that is still actively loading,
399         since we've established that ImageIO can actually crash if you yank the rug out from under it like that.
400
401         Reviewed by ggaren
402
403         * loader/Cache.cpp:
404         (WebCore::Cache::prune):
405         * platform/graphics/BitmapImage.cpp:
406         (WebCore::BitmapImage::~BitmapImage):
407
408 2007-03-13  Anders Carlsson  <acarlsson@apple.com>
409
410         Try fixing the Qt build.
411         
412         * editing/Editor.h:
413         (WebCore::Editor::setStartNewKillRingSequence):
414
415 2007-03-13  David Harrison  <harrison@apple.com>
416
417         Reviewed by Justin.
418
419         <rdar://problem/5031181> cntl-k at end of paragraph adds nothing to the kill ring
420         <rdar://problem/5031189> REGRESSION: cntl-y yanks only the most recently killed content
421
422         For rdar://5031181, properly extend the selection before the killring handling, and
423         make sure plainText of that selection returns a linefeed.
424         
425         For rdar://5031189, restore Editor::deleteRange() code that continued current killring,
426         even though the range deletion implicitly stopped it via changing the selection.
427         
428         A byproduct of this change is the elimination of RUNDFINDER vs CONTENT TextIterator. The
429         only difference between the two was whether to emit a newline when the range started
430         with a blockflow element. No callers actually need that any more.
431
432         Tests added:
433         * editing/pasteboard/emacs-ctrl-k-y-001-expected.checksum: Added.
434         * editing/pasteboard/emacs-ctrl-k-y-001-expected.png: Added.
435         * editing/pasteboard/emacs-ctrl-k-y-001-expected.txt: Added.
436         * editing/pasteboard/emacs-ctrl-k-y-001.html: Added.
437
438         * editing/Editor.cpp:
439         (WebCore::Editor::deleteRange):
440         Clear the "start new kill ring sequence" setting, because it was set to true
441         when the selection was updated by deleting the range.
442         
443         (WebCore::Editor::deleteWithDirection):
444         If extending the selection to the end of paragraph resulted in a caret selection,
445         extend by character, to handle the case when the selection started as a caret at
446         the end of paragraph.
447         
448         * editing/TextIterator.cpp:
449         (WebCore::TextIterator::TextIterator):
450         Initialize new member variables for tracking handling of the beginning of the range.
451         
452         (WebCore::TextIterator::advance):
453         Call representNodeOffsetZero on the m_endContainer.
454         Move visibility checks into handleTextNode and handleReplacedElement.
455         
456         (WebCore::TextIterator::handleTextNode):
457         (WebCore::TextIterator::handleTextBox):
458         Call emitText.
459         
460         (WebCore::TextIterator::handleReplacedElement):
461         Moved visibility check into here.
462         
463         (WebCore::shouldEmitNewlinesBeforeAndAfterNode):
464         
465         (WebCore::TextIterator::shouldRepresentNodeOffsetZero):
466         (WebCore::TextIterator::representNodeOffsetZero):
467         New. Emits proper sequence when encountering offset 0 of a node, including the
468         m_endContainer. Started with code from handleNonTextNode.
469         
470         (WebCore::TextIterator::handleNonTextNode):
471         Call representNodeOffsetZero.
472         
473         (WebCore::TextIterator::exitNode):
474         Similar to shouldRepresentNodeOffsetZero, do not emit the newline if the node
475         was collapsed, and before any other emitted content.
476         
477         (WebCore::TextIterator::emitCharacter):
478         
479         (WebCore::TextIterator::emitText):
480         New. Consolidates code used by handleText and handleTextBox.
481         
482         (WebCore::CharacterIterator::CharacterIterator):
483         Removed RUNFINDER.
484
485         (WebCore::WordAwareIterator::WordAwareIterator):
486         Removed RUNFINDER.
487         
488         (WebCore::WordAwareIterator::advance):
489         Formatting.
490
491         (WebCore::TextIterator::rangeLength):
492         Formatting.
493         
494         * editing/TextIterator.h:
495         Added member variables for tracking handling of the beginning of the range.
496         Eliminated concept of RUNDFINDER vs CONTENT TextIterator.
497         
498         * editing/visible_units.cpp:
499         (WebCore::nextBoundary):
500         Eliminated concept of RUNDFINDER vs CONTENT TextIterator.
501
502 2007-03-13  David Hyatt  <hyatt@apple.com>
503
504         Clean up the null image case in CachedImage::data to make sure the size totals will stay accurate.
505         I'm not convinced this case can even be hit, but I'm cleaning it up just in case.
506
507         * loader/CachedImage.cpp:
508         (WebCore::CachedImage::data):
509
510 2007-03-13  David Hyatt  <hyatt@apple.com>
511
512         Reorder the call to allReferencesRemoved, since otherwise the live object size will become
513         incorrect.
514
515         * loader/CachedResource.cpp:
516         (WebCore::CachedResource::deref):
517
518 2007-03-13  Antti Koivisto  <antti@apple.com>
519
520         Reviewed by Darin.
521         
522         Fix http://bugs.webkit.org/show_bug.cgi?id=11083
523         REGRESSION: Typing tab key fails to insert a tab character in Google Docs editable area
524         <rdar://problem/4757650>
525         
526         Allow inserting tabs in designMode. Backtab behaves like before (matches FF).
527
528         * page/EventHandler.cpp:
529         (WebCore::EventHandler::defaultTabEventHandler):
530
531 2007-03-13  David Hyatt  <hyatt@apple.com>
532
533         Fix two counting errors in the decoded size of objects in the WebCore cache.  We need to explicitly
534         destroy decoded data when clearing out a partially loaded image that had an error, since the destructor
535         (although it does destroy the data) disconnects the observer so that the notification doesn't happen.
536
537         Some CachedImages aren't in the cache (like image documents).  When the decoded size of such an image
538         changes we should not notify the cache, since - newsflash - we aren't actually in it.
539
540         Reviewed by ggaren
541
542         * loader/CachedImage.cpp:
543         (WebCore::CachedImage::clear):
544         (WebCore::CachedImage::decodedSizeChanged):
545
546 2007-03-13  Darin Adler  <darin@apple.com>
547
548         Reviewed by Tim Hatcher and John Sullivan.
549
550         - fix <rdar://problem/4915303> CrashTracer: 36 crashes in Safari at
551           com.apple.AppKit: -[NSView getRectsBeingDrawn:count:] + 502
552
553         * page/mac/FrameMac.mm: (WebCore::Frame::imageFromRect):
554         This was calling drawRect: directly, but NSView's getRectsBeingDrawn:count:
555         method was never really safe to call unless it was AppKit that called your
556         drawRect: method. Changed it to call drawSingleRect: instead. A little ugly,
557         but seems to work and will almost certainly fix the bug.
558
559 2007-03-13  Nikolas Zimmermann  <zimmermann@kde.org>
560
561         Reviewed by Maciej.
562
563         Fixes: http://bugs.webkit.org/show_bug.cgi?id=12974
564
565         Call forgetGenericContext in JSSVGPathSeg destructor, otherwhise
566         we'll hit an ASSERT in a debug build, when running svg/custom/js-update-path-changes.svg
567         a few dozen times in a single WebKit instance. The ASSERT is good and just warns that
568         there was already a generic context pointer registered, and the new "to be registered"
569         object already exists, but pointing to a different object. That's because garbage collection
570         calls the JSSVGPathSeg destructor, but that didn't cleanup the generic context map.
571
572         Only JSSVGPathSeg is hit by this problem, as it's the only non SVGAnimated* type
573         using the generic context system while using a custom JSSVGPathSegList implementation.
574
575         Also cleanup JSSVGPathSegListCustom code to call the static forgetGenericContext
576         method instead of doing the same using custom code.
577
578         * bindings/js/JSSVGPathSegListCustom.cpp:
579         (WebCore::removeFromPathSegContextMap):
580         (WebCore::JSSVGPathSegList::clear):
581         (WebCore::JSSVGPathSegList::removeItem):
582         * bindings/scripts/CodeGeneratorJS.pm:
583
584 2007-03-13  Darin Adler  <darin@apple.com>
585
586         Reviewed by Adele.
587
588         - fix http://bugs.webkit.org/show_bug.cgi?id=12595
589           <rdar://problem/4722863> REGRESSION: Can't add item to cart at lnt.com
590           (JS type error) (12595)
591
592         Test: fast/forms/old-names.html
593
594         * bindings/js/JSHTMLFormElementCustom.cpp:
595         (WebCore::JSHTMLFormElement::canGetItemsForName): If the form collection has
596         nothing for a given name, try the form's oldNamedElement function.
597         (WebCore::JSHTMLFormElement::nameGetter): Ditto.
598
599         * bindings/js/kjs_dom.h: Removed the DOMNamedNodesCollection. Instead we will use
600         a class derived from NodeList.
601         * bindings/js/kjs_dom.cpp: Ditto.
602
603         * bindings/js/kjs_html.cpp:
604         (KJS::VectorNodeList::VectorNodeList): Added. Constructor for a new class derived
605         from NodeList to be used for the named items result from a collection -- uses a
606         vector of node pointers.
607         (KJS::VectorNodeList::length): Added.
608         (KJS::VectorNodeList::item): Added.
609         (KJS::JSHTMLCollection::getNamedItems): Use VectorNodeList and the existing wrapper
610         for NodeList rather than a custom JavaScript class, DOMNamedNodesCollection.
611
612         * dom/ChildNodeList.h:
613         * dom/ChildNodeList.cpp:
614         (WebCore::ChildNodeList::ChildNodeList): Updated to derive from TreeNodeList,
615         since NodeList is now a simpler class.
616         (WebCore::ChildNodeList::elementMatches): Updated for name and parameter change.
617
618         * dom/NameNodeList.h:
619         * dom/NameNodeList.cpp:
620         (WebCore::NameNodeList::NameNodeList): Updated to derive from TreeNodeList,
621         since NodeList is now a simpler class.
622         (WebCore::NameNodeList::rootNodeAttributeChanged): Updated for name and
623         parameter change.
624
625         * dom/Node.h: Change register/unregister functions to take TreeNodeList.
626         * dom/Node.cpp:
627         (WebCore::TagNodeList::TagNodeList): Updated to derive from TreeNodeList,
628         since NodeList is now a simpler abstract class.
629         (WebCore::TagNodeList::elementMatches): Updated for name and parameter change.
630         (WebCore::Node::registerNodeList): Changed type from NodeList to TreeNodeList.
631         (WebCore::Node::unregisterNodeList): Ditto.
632
633         * dom/NodeList.h: Broke NodeList into a simpler base class and a derived class
634         with the machinery for iterating a tree, called TreeNodeList.
635         * dom/NodeList.cpp:
636         (WebCore::NodeList::~NodeList): Added.
637         (WebCore::NodeList::itemWithName): Factored out of the old itemWithName.
638         (WebCore::TreeNodeList::TreeNodeList): Renamed from NodeList.
639         (WebCore::TreeNodeList::~TreeNodeList): Ditto.
640         (WebCore::TreeNodeList::recursiveLength): Ditto.
641         (WebCore::TreeNodeList::itemForwardsFromCurrent): Ditto.
642         (WebCore::TreeNodeList::itemBackwardsFromCurrent): Ditto.
643         (WebCore::TreeNodeList::recursiveItem): Ditto.
644         (WebCore::TreeNodeList::itemWithName): Factored half of this into this function,
645         the other half in NodeList::itemWithName.
646         (WebCore::TreeNodeList::rootNodeAttributeChanged): Added. No longer inline.
647         (WebCore::TreeNodeList::rootNodeChildrenChanged): Renamed from NodeList.
648
649         * html/HTMLFormElement.h: Added formElementNameChanged and oldNamedElement
650         fucntions, and a map called m_oldNames. Also removed m_boundary, which I
651         thought I had already done.
652         * html/HTMLFormElement.cpp:
653         (WebCore::HTMLFormElement::HTMLFormElement): Initialize m_oldNames to 0.
654         Switched the rest of the members to initialization syntax.
655         (WebCore::HTMLFormElement::~HTMLFormElement): Delete m_oldNames.
656         (WebCore::HTMLFormElement::formElementNameChanged): Added. Stores a reference
657         to one element under each of its old names.
658         (WebCore::HTMLFormElement::oldNamedElement): Added. Returns the old element
659         that once had a given name.
660
661         * html/HTMLGenericFormElement.h:
662         * html/HTMLGenericFormElement.cpp:
663         (WebCore::HTMLGenericFormElement::parseMappedAttribute): When the name
664         attribute changes, tell the form about the old name.
665         (WebCore::HTMLGenericFormElement::insertedIntoTree): When telling a form
666         about an element, also store away the old name so that we can use it
667         when the name changes later.
668
669         * html/HTMLInputElement.cpp:
670         (WebCore::HTMLInputElement::parseMappedAttribute): Added a call to the
671         base class in the nameAttr case, so the code in HTMLGenericFormElement
672         above will get called in the input element case.
673
674 2007-03-13  Antti Koivisto  <antti@apple.com>
675
676         Reviewed by Alexey.
677
678         Alexey spotted a DOS by using string of 64k unbreakable character in
679         fix for http://bugs.webkit.org/show_bug.cgi?id=12833
680
681         * dom/Text.cpp:
682         (WebCore::Text::createWithLengthLimit):
683
684 2007-03-13  Lars Knoll <lars@trolltech.com>
685
686         Fix the Qt build
687
688         * WebCore.pro:
689
690 2007-03-13  Rob Buis  <buis@kde.org>
691
692         Reviewed by Darin.
693
694         http://bugs.webkit.org/show_bug.cgi?id=12576
695         WebKit does not support xlink:show attributes
696
697         Make an exception for non-empty targets, these should be opened
698         in a new window, unless the value is _self.
699
700         * ksvg2/svg/SVGAElement.cpp:
701         (WebCore::SVGAElement::defaultEventHandler):
702
703 2007-03-13  David Hyatt  <hyatt@apple.com>
704
705         - fix cache issues seen in http://bugs.webkit.org/show_bug.cgi?id=13050
706           6 objects and ~200MB leaked after opening then closing tab
707           <rdar://problem/5058714>
708
709         Double the encoded size of images for now.  We do this to account for a bug in ImageIO where they hold
710         a separate copy of image data.  See <rdar://problem/5050645>.
711
712         Reviewed by aroben.
713
714         * loader/CachedImage.cpp:
715         (WebCore::CachedImage::data):
716
717 2007-03-12  Krzysztof Kowalczyk  <kkowalczyk@gmail.com>
718
719         Not reviewed - gdk build fix.
720
721         * platform/gdk/TemporaryLinkStubs.cpp:
722         (SearchPopupMenu::enabled): add missing stub.
723
724 2007-03-12  David Kilzer  <ddkilzer@kilzer.net>
725
726         Reviewed by Darin.
727
728         - fix http://bugs.webkit.org/show_bug.cgi?id=13045
729           REGRESSION: Blackboard CourseWare Error with Nightlies after Mar 8
730
731         * html/HTMLFormElement.cpp:
732         (WebCore::getUniqueBoundaryString): Speculative fix: remove dashes from
733         the boundary prefix that appear after non-dash characters.
734
735 2007-03-12  Mitz Pettel  <mitz@webkit.org>
736
737         Reviewed by Anders.
738
739         - fix http://bugs.webkit.org/show_bug.cgi?id=13015
740           REGRESSION (r17233-r17241): Repro crash when leaving a page whose unload handler submits a form
741
742         Test: fast/loader/onunload-form-submit-crash-2.html
743
744         * loader/DocumentLoader.cpp:
745         (WebCore::DocumentLoader::finishedLoading): Added null check.
746
747 2007-03-12  Anders Carlsson  <acarlsson@apple.com>
748
749         Reviewed by Darin.
750
751         <rdar://problem/4900071>
752         http://bugs.webkit.org/show_bug.cgi?id=6454
753         ASSERTION: Navigating 'back' in frameset: !_private->previousItem (6454)
754
755         Change back the behavior of checkLoadComplete to traverse the entire frame tree instead of
756         just the parent frames of the current frame. This is needed in order to reset the previous history item
757         for all frames when doing a frame navigation. (This was changed in revision 11819)
758         
759         * loader/FrameLoader.cpp:
760         (WebCore::FrameLoader::recursiveCheckLoadComplete):
761         (WebCore::FrameLoader::checkLoadComplete):
762         * loader/FrameLoader.h:
763
764 2007-03-12  Justin Garcia  <justin.garcia@apple.com>
765
766         Reviewed by darin
767         
768         <rdar://problem/5056619> 
769         REGRESSION: Gmail Editor: Dragging text into Reply (textarea) field results in a crash at WebCore::InsertNodeBeforeCommand::doApply()
770         
771         * editing/SelectionController.cpp:
772         (WebCore::removingNodeRemovesPosition): Added.
773         (WebCore::SelectionController::nodeWillBeRemoved): Clear the
774         selection if it's inside a shadow tree.
775         * page/DragController.cpp:
776         (WebCore::setSelectionToDragCaret): Return false to signal to
777         clients that a drop shouldn't be performed if the second attempt
778         to set a selection ends up in non-editable content.
779
780 2007-03-12  Darin Adler  <darin@apple.com>
781
782         Reviewed by Tim Hatcher.
783
784         - fixed JavaScript wrapper classes to be correct for a variety of cases
785           that a new test uncovered: was broken for at least 5 classes
786
787         - fixed Objective-C wrapper classes to be correct for a variety of cases
788           that a test case uncovered: was broken for ast least 50 classes
789
790         - added missing DOM API for creating OverflowEvent and WheelEvent instances
791
792         Test: fast/dom/wrapper-classes.html
793
794         * DerivedSources.make: Added missing bindings: HTMLCanvasElement for ObjC,
795         CDATASection, Comment, and EntityReference for JavaScript.
796         * WebCore.xcodeproj/project.pbxproj: Added those new generated files.
797
798         * bindings/js/JSHTMLElementWrapperFactory.cpp:
799         (WebCore::createJSHTMLWrapper): Corrected the wrapper classes for <keygen>,
800         which needs an HTMLSelectElement wrapper, and <xmp>, which needs an
801         HTMLPreElement wrapper.
802
803         * bindings/objc/DOMInternal.h: Updated for new naming scheme.
804         Also moved createDOMWrapper from the KJS namespace to the WebCore namespace.
805         * bindings/objc/DOMUtility.mm:
806         (KJS::createDOMWrapper): Broke the core function into a separate one, and
807         left it in the KJS namespace because Objective-C++ rules make it impossible
808         for it to work in the WebCore namespace. Used a macro-based implementation
809         to cut down on repeated code, and added missing cases for Counter,
810         HTMLOptionsCollection, Range, XPathExpression, XPathResult, Event, RGBColor,
811         Rect, Window, DOMImplementation, NodeIterator, TreeWalker, and HTMLCollection.
812         (WebCore::createDOMWrapper): The other half of the function.
813
814         * bindings/objc/DOM.mm:
815         (WebCore::createElementClassMap): Corrected the wrapper classes for
816         <canvas>, which needs a DOMHTMLCanvasElement wrapper, <del>, which needs
817         a DOMHTMLModElement wrapper, <embed>, which needs a DOMHTMLEmbedElement
818         wrapper, <ins>, which needs a DOMHTMLModElement wrapper, <th>, which needs
819         a DOMHTMLTableCellElement wrapper, and <xmp>, which needs an
820         DOMHTMLPreElement wrapper.
821         (+[DOMNode _wrapNode:]): Updated for new naming scheme.
822         (+[DOMNode _wrapEventTarget:]): Ditto.
823         (+[DOMNodeFilter _wrapNodeFilter:]): Ditto.
824         (ObjCNodeFilterCondition::acceptNode): Ditto.
825         (-[DOMDocument createNodeIterator:whatToShow:filter:expandEntityReferences:]): Ditto.
826         (-[DOMDocument createTreeWalker:whatToShow:filter:expandEntityReferences:]): Ditto.
827         (WebCore::ObjCEventListener::handleEvent): Ditto.
828
829         * dom/Document.cpp: (WebCore::Document::createEvent):
830         Added cases for OverflowEvent and WheelEvent.
831
832         * dom/OverflowEvent.h: Added empty constructor and initOverflowEvent.
833         * dom/OverflowEvent.cpp:
834         (WebCore::OverflowEvent::OverflowEvent): Added.
835         (WebCore::OverflowEvent::initOverflowEvent): Added.
836         * dom/OverflowEvent.idl: Added initOverflowEvent.
837
838         * bindings/objc/PublicDOMInterfaces.h: Added initOverflowEvent.
839
840         * bindings/objc/DOMCSS.mm:
841         (+[DOMStyleSheet _wrapStyleSheet:]): Updated for new naming scheme.
842         (+[DOMCSSRule _wrapCSSRule:]): Corrected wrapper for CSSUnknownRule.
843         (+[DOMCSSValue _wrapCSSValue:]): Updated for new naming scheme.
844
845         * bindings/js/kjs_css.h:
846         (KJS::DOMRGBColor::impl): Added. Used when making an ObjC wrapper.
847         (KJS::DOMRect::impl): Ditto.
848
849         * bindings/js/kjs_dom.cpp: (KJS::toJS): Corrected the wrapper classes for
850         CDATASection, Comment, and EntityReference.
851
852         * bindings/js/kjs_html.cpp: Corrected the class name for HTMLElement
853         (was "DOMHTMLElement") and HTMLCollection (was "Collection").
854
855         * bindings/objc/DOMImplementationFront.h:
856         * bindings/objc/DOMImplementationFront.cpp:
857         (WebCore::implementationFront): Added new overload that returns a front given
858         a JavaScript wrapper. Needed by the code that makes the Objective-C wrapper.
859
860         * bindings/objc/WebScriptObject.mm:
861         (+[WebScriptObject _convertValueToObjcValue:originRootObject:rootObject:]):
862         Updated since createDOMWrapper is now in the WebCore namespace.
863
864         * bindings/scripts/CodeGeneratorObjC.pm: Update the naming scheme for the
865         wrapper creation functions to use _wrapElement: rather then _elementWith:
866         style. Removed now-unneeded special cases for things that needed to stay
867         upper-case, since we don't have to do the whole lcfirst thing.
868
869         * html/HTMLCanvasElement.idl: Added #if so we can successfully generate the
870         Objective-C wrapper for this class, even though we can't yet handle the
871         DOMObject return type.
872
873         * html/HTMLOptionsCollection.idl: Added GenerateNativeConverter so we get
874         an appropriate toJS function.
875
876         * bindings/objc/DOMEvents.mm:
877         (+[DOMEvent _wrapEvent:]):
878         * bindings/objc/DOMHTML.mm:
879         (-[DOMHTMLDocument createDocumentFragmentWithMarkupString:baseURL:]):
880         (-[DOMHTMLDocument createDocumentFragmentWithText:]):
881         * bindings/objc/DOMObject.mm:
882         (-[DOMObject sheet]):
883         * bindings/objc/DOMRGBColor.mm:
884         (-[DOMRGBColor red]):
885         (-[DOMRGBColor green]):
886         (-[DOMRGBColor blue]):
887         (-[DOMRGBColor alpha]):
888         (+[DOMRGBColor _wrapRGBColor:]):
889         * bindings/objc/DOMSVGPathSegInternal.mm:
890         (+[DOMSVGPathSeg _wrapSVGPathSeg:]):
891         * bindings/objc/DOMXPath.mm:
892         (+[DOMNativeXPathNSResolver _wrapXPathNSResolver:]):
893         * page/mac/WebCoreFrameBridge.mm:
894         (-[WebCoreFrameBridge nodesFromList:]):
895         (-[WebCoreFrameBridge elementWithName:inForm:]):
896         (-[WebCoreFrameBridge formForElement:]):
897         (-[WebCoreFrameBridge currentForm]):
898         (-[WebCoreFrameBridge controlsInForm:]):
899         (-[WebCoreFrameBridge rangeByAlteringCurrentSelection:SelectionController::direction:SelectionController::granularity:]):
900         (-[WebCoreFrameBridge convertNSRangeToDOMRange:]):
901         (-[WebCoreFrameBridge markDOMRange]):
902         (-[WebCoreFrameBridge markedTextDOMRange]):
903         (-[WebCoreFrameBridge smartDeleteRangeForProposedRange:]):
904         (-[WebCoreFrameBridge documentFragmentWithMarkupString:baseURLString:]):
905         (-[WebCoreFrameBridge documentFragmentWithText:inContext:]):
906         (-[WebCoreFrameBridge documentFragmentWithNodesAsParagraphs:]):
907         (-[WebCoreFrameBridge replaceSelectionWithNode:selectReplacement:smartReplace:matchStyle:]):
908         (-[WebCoreFrameBridge replaceSelectionWithText:selectReplacement:smartReplace:]):
909         (-[WebCoreFrameBridge increaseSelectionListLevel]):
910         (-[WebCoreFrameBridge increaseSelectionListLevelOrdered]):
911         (-[WebCoreFrameBridge increaseSelectionListLevelUnordered]):
912         (-[WebCoreFrameBridge dragCaretDOMRange]):
913         (-[WebCoreFrameBridge editableDOMRangeForPoint:]):
914         (-[WebCoreFrameBridge characterRangeAtPoint:]):
915         (-[WebCoreFrameBridge typingStyle]):
916         (-[WebCoreFrameBridge rangeOfCharactersAroundCaret]):
917         * platform/mac/ClipboardMac.mm:
918         (WebCore::ClipboardMac::declareAndWriteDragImage):
919         * platform/mac/PasteboardMac.mm:
920         (WebCore::Pasteboard::writeSelection):
921         Updated for new naming scheme.
922
923 2007-03-12  Timothy Hatcher  <timothy@apple.com>
924
925         Reviewed by Darin.
926
927         <rdar://problem/4990691> REGRESSION: Selecting text in Adium's Messages field causes horizontal shift
928
929         Corrected the recursive point conversion and scrolling done in scrollPointRecursively to use the
930         document view of each NSClipView.
931
932         * platform/mac/ScrollViewMac.mm:
933         (WebCore::ScrollView::scrollPointRecursively): Call convertPoint:fromView: on the document views,
934         not the clip views as we encounter them. Then call constrainScrollPoint: on the converted point to
935         constrain to the document view bounds. And finally call scrollPoint: on the document view, not the clip view.
936
937 2007-03-12  Antti Koivisto  <antti@apple.com>
938
939         Reviewed by Alexey.
940
941         Fix http://bugs.webkit.org/show_bug.cgi?id=12833
942         REGRESSION: Selecting text in 6.6MB txt file is sluggish as of the Feb 19th nightly
943         <rdar://problem/5028159>
944         
945         Divide large text blocks (>64kB) over multiple text nodes. This limits linebox searches to
946         a manageable subset.
947         
948         * dom/Text.cpp:
949         (WebCore::Text::createWithLengthLimit):
950         * dom/Text.h:
951         * html/HTMLParser.cpp:
952         (WebCore::HTMLParser::parseToken):
953         * loader/TextDocument.cpp:
954         (WebCore::TextTokenizer::write):
955
956 2007-03-12  David Hyatt  <hyatt@apple.com>
957
958         Fix a regression in printing.  Printer fonts need to be part of the
959         font cache key, since printer fonts have different glyph widths.
960         (Integer antialiasing is used for screen fonts but not for printer fonts.)
961
962         Reviewed by aroben
963
964         * platform/FontCache.cpp:
965         (WebCore::FontPlatformDataCacheKey::FontPlatformDataCacheKey):
966         (WebCore::FontPlatformDataCacheKey::operator==):
967         (WebCore::computeHash):
968         (WebCore::FontCache::getCachedFontPlatformData):
969
970 2007-03-12  Lars Knoll <lars@trolltech.com>
971
972         add missing symbol to fix the Qt build again.
973
974         * platform/qt/SearchPopupMenuQt.cpp:
975         (WebCore::SearchPopupMenu::enabled):
976
977 2007-03-12  Adele Peterson  <adele@apple.com>
978
979         Reviewed by Oliver.
980
981         Adding the ability to enable or disable a SearchPopupMenu.
982
983         * platform/SearchPopupMenu.h:
984         * platform/mac/SearchPopupMenuMac.mm: (WebCore::SearchPopupMenu::enabled):
985         * rendering/RenderTextControl.cpp: (WebCore::RenderTextControl::showPopup):
986
987 2007-03-12  Rob Buis  <buis@kde.org>
988
989         Reviewed by Nikolas Zimmermann.
990
991         http://bugs.webkit.org/show_bug.cgi?id=12500
992         SVG fails to correctly handle all link style selectors
993         http://bugs.webkit.org/show_bug.cgi?id=12567
994         <text> elements ignore <a> children
995
996         Allow <a> inside svg text and handle xlink:show.
997
998         * ksvg2/svg/SVGAElement.cpp:
999         (WebCore::SVGAElement::createRenderer):
1000         (WebCore::SVGAElement::defaultEventHandler):
1001         (WebCore::SVGAElement::childShouldCreateRenderer):
1002         * ksvg2/svg/SVGAElement.h:
1003         * ksvg2/svg/SVGElement.h:
1004         (WebCore::SVGElement::isTextContent):
1005         * ksvg2/svg/SVGTextContentElement.h:
1006         (WebCore::SVGTextContentElement::isTextContent):
1007         * ksvg2/svg/SVGTextElement.cpp:
1008         (WebCore::SVGTextElement::childShouldCreateRenderer):
1009         * rendering/SVGInlineFlowBox.cpp:
1010         (WebCore::translateBox):
1011         (WebCore::placePositionedBoxesHorizontally):
1012         (WebCore::placeBoxesVerticallyWithAbsBaseline):
1013
1014 2007-03-12  Adele Peterson  <adele@apple.com>
1015
1016         Reviewed by Oliver.
1017
1018         Add a missing parameter to the constructor.
1019
1020         * platform/PlatformKeyboardEvent.h:
1021         * platform/win/KeyEventWin.cpp: (WebCore::PlatformKeyboardEvent::PlatformKeyboardEvent):
1022
1023 2007-03-12  Lars Knoll <lars@trolltech.com>
1024
1025         Fix the Qt build. I still get crashes though :/
1026
1027         * platform/graphics/qt/ImageDecoderQt.cpp:
1028         (WebCore::ImageDecoderQt::clearFrame):
1029         * platform/graphics/qt/ImageDecoderQt.h:
1030         * platform/graphics/qt/ImageSourceQt.cpp:
1031         (WebCore::ImageSource::setData):
1032         (WebCore::ImageSource::frameIsCompleteAtIndex):
1033         (WebCore::ImageSource::clear):
1034         (WebCore::ImageSource::destroyFrameAtIndex):
1035         * platform/qt/ClipboardQt.cpp:
1036         (WebCore::ClipboardQt::ClipboardQt):
1037         * platform/qt/ClipboardQt.h:
1038         * platform/qt/DragDataQt.cpp:
1039         (WebCore::DragData::createClipboard):
1040
1041 2007-03-11  Krzysztof Kowalczyk  <kkowalczyk@gmail.com>
1042
1043         Not reviewed - gdk build fixes.
1044
1045         * platform/gdk/EditorClientGdk.cpp:
1046         (WebCore::EditorClientGdk::respondToChangedSelection): add stub
1047         * platform/gdk/EditorClientGdk.h:
1048         * platform/gdk/FrameGdk.cpp:
1049         * platform/gdk/TemporaryLinkStubs.cpp:
1050         (Editor::markMisspellings): add stub
1051
1052 2007-03-11  Alexey Proskuryakov  <ap@webkit.org>
1053
1054         Reviewed by Adele.
1055
1056         http://bugs.webkit.org/show_bug.cgi?id=12560
1057         W3C XPath test Text_Nodes.svg fails
1058
1059         * xml/XPathStep.cpp:
1060         (WebCore::XPath::Step::nodeTestMatches): Revert the fix, as the behavior doesn't appear 
1061         all that desirable as it did at first glance.
1062
1063 2007-03-11  Oliver Hunt  <oliver@apple.com>
1064
1065         Reviewed by hyatt.
1066
1067         Fix for <rdar://problem/5055690> ASSERTION failure on drop into 
1068         editable element with content changed on drop 
1069
1070         After setting the selection for a drop into an editable region 
1071         we make sure the we succeeded.  If we didn't we assume a focus handler
1072         or similar altered the element contents and try again, if the second
1073         attempt fails we bail out.
1074
1075         * page/DragController.cpp:
1076         (WebCore::setSelectionToDragCaret):
1077         (WebCore::DragController::concludeDrag):
1078
1079 2007-03-11  Oliver Hunt  <oliver@apple.com>
1080
1081         Reviewed by Adele.
1082
1083         Moving Frame{Mac}::respondToChangedSelection to Frame.cpp
1084         Added new EditorClient method to handle old bridge function
1085         
1086         * bridge/EditorClient.h:
1087            Added respondToChangedSelection to replace old bridge function
1088         * editing/Editor.cpp:
1089         (WebCore::Editor::respondToChangedSelection):
1090            Add client call to replace old bridge call from Frame::respondToChangedSelection
1091         * editing/SelectionController.cpp:
1092         (WebCore::SelectionController::setSelection):
1093            No longer directly call Editor as Frame::respondToChangedSelection
1094            makes the call
1095         * page/Frame.cpp:
1096         (WebCore::Frame::respondToChangedSelection):
1097            Moved from FrameMac, replaced bridge call with call to Editor
1098         * page/mac/FrameMac.mm:
1099            Moved respondToChangedSelection to Frame.cpp
1100         * page/mac/WebCoreFrameBridge.h:
1101            Removed respondToChangedSelection from bridge
1102         * page/qt/FrameQt.cpp:
1103            Remove stub method for respondToChangedSelection
1104
1105 2007-03-11  Krzysztof Kowalczyk  <kkowalczyk@gmail.com>
1106
1107         Reviewed by Brady Eidson.
1108
1109         Linux/gdk fix.
1110
1111         * loader/gdk/FrameLoaderClientGdk.cpp:
1112         (WebCore::FrameLoaderClientGdk::shouldGoToHistoryItem): return true so
1113         that FrameLoader:goBackOrForwards() works.
1114
1115 2007-03-10  Geoffrey Garen  <ggaren@apple.com>
1116
1117         Reviewed by Darin Adler.
1118
1119         Fixed <rdar://problem/4587763> PAC file: lock inversion between QT and 
1120         JSCore causes a hang @ www.panoramas.dk
1121         
1122         See JavaScriptCore ChangeLog for details.
1123         
1124         * bindings/objc/WebScriptObject.mm:
1125         (_didExecute): Added helpful ASSERT.
1126         (+[WebScriptObject throwException:]): Added missing JSLock.
1127
1128 2007-03-11  Antti Koivisto  <antti@apple.com>
1129
1130         Reviewed by Hyatt.
1131
1132         Optimize linebox memory consumption:
1133         - move all bitfields to baseclass compacting them
1134         - make InlineTextBox::m_truncation unsigned short and make it relative to m_start
1135         - remove extremely rarely used EllipsisBox pointer from RootInlineBox and instead
1136           use a global hashmap to store it if needed
1137         - use minimum required number of bits to store BidiStatus enum variables in RootInlineBox
1138         - move overflow variables in RootInlineBox to a separate struct that is instantiated
1139           only if any of the variables is set to a value that can't trivially be derived from 
1140           box x, y, width and height
1141           
1142         As a result line box objects shrink:
1143             InlineBox: 44 -> 44 bytes
1144             InlineTextBox: 68 -> 60 bytes
1145             InlineFlowBox: 68 -> 64 bytes
1146             RootInlineBox: 128 -> 88 bytes
1147             
1148         The optimizations possiblity was noticed when debugging http://bugs.webkit.org/show_bug.cgi?id=12833
1149         Bug 12833: REGRESSION: Selecting text in 6.6MB txt file is sluggish as of the Feb 19th nightly
1150         <rdar://problem/5028159>
1151         
1152         On that page the patch saves 11.5MB or some 21% of linebox memory consumption. It also
1153         actually improves selection performance somewhat by improving memory locality.
1154
1155         * rendering/InlineBox.h:
1156         (WebCore::InlineBox::InlineBox):
1157         * rendering/InlineFlowBox.h:
1158         (WebCore::InlineFlowBox::InlineFlowBox):
1159         * rendering/InlineTextBox.cpp:
1160         (WebCore::InlineTextBox::placeEllipsisBox):
1161         (WebCore::InlineTextBox::nodeAtPoint):
1162         (WebCore::InlineTextBox::paint):
1163         (WebCore::InlineTextBox::paintDecoration):
1164         (WebCore::InlineTextBox::paintSpellingOrGrammarMarker):
1165         (WebCore::InlineTextBox::paintMarkedTextUnderline):
1166         * rendering/InlineTextBox.h:
1167         (WebCore::InlineTextBox::InlineTextBox):
1168         * rendering/RootInlineBox.cpp:
1169         (WebCore::throw):
1170         (WebCore::RootInlineBox::Overflow::operator delete):
1171         (WebCore::RootInlineBox::Overflow::destroy):
1172         (WebCore::RootInlineBox::destroy):
1173         (WebCore::RootInlineBox::detachEllipsisBox):
1174         (WebCore::RootInlineBox::clearTruncation):
1175         (WebCore::RootInlineBox::placeEllipsis):
1176         (WebCore::RootInlineBox::paintEllipsisBox):
1177         (WebCore::RootInlineBox::addHighlightOverflow):
1178         (WebCore::RootInlineBox::nodeAtPoint):
1179         (WebCore::RootInlineBox::adjustPosition):
1180         (WebCore::RootInlineBox::selectionTop):
1181         (WebCore::RootInlineBox::setLineBreakInfo):
1182         (WebCore::RootInlineBox::ellipsisBox):
1183         (WebCore::RootInlineBox::setVerticalOverflowPositions):
1184         (WebCore::RootInlineBox::setHorizontalOverflowPositions):
1185         (WebCore::RootInlineBox::setVerticalSelectionPositions):
1186         * rendering/RootInlineBox.h:
1187         (WebCore::RootInlineBox::RootInlineBox):
1188         (WebCore::RootInlineBox::topOverflow):
1189         (WebCore::RootInlineBox::bottomOverflow):
1190         (WebCore::RootInlineBox::leftOverflow):
1191         (WebCore::RootInlineBox::rightOverflow):
1192         (WebCore::RootInlineBox::lineBreakBidiStatus):
1193         (WebCore::RootInlineBox::selectionBottom):
1194         (WebCore::RootInlineBox::Overflow::Overflow):
1195
1196 2007-03-11  Alexey Proskuryakov  <ap@webkit.org>
1197
1198         Reviewed by Darin.
1199
1200         A partial fix for http://bugs.webkit.org/show_bug.cgi?id=13021
1201         XPath can be very slow
1202
1203         * xml/XPathExpression.cpp:
1204         (WebCore::XPathExpression::evaluate): Cache evaluationContext in a local variable.
1205
1206         * xml/XPathExpressionNode.cpp:
1207         (WebCore::XPath::Expression::evaluationContext):
1208         * xml/XPathExpressionNode.h:
1209         (WebCore::XPath::Expression::addSubExpression):
1210         (WebCore::XPath::Expression::subExprCount):
1211         (WebCore::XPath::Expression::subExpr):
1212         * xml/XPathFunctions.cpp:
1213         * xml/XPathFunctions.h:
1214         (WebCore::XPath::Function::setName):
1215         (WebCore::XPath::Function::arg):
1216         (WebCore::XPath::Function::argCount):
1217         (WebCore::XPath::Function::name):
1218         Made one-liners critical for performance inline.
1219
1220         * xml/XPathGrammar.y: Fully parse NodeTests, so that strings are no longer passed for what is
1221         essentially an enum. Use LocationPath accessors to add steps, instead of directly manipulating
1222         internal data members.
1223
1224         * xml/XPathParser.cpp:
1225         (WebCore::XPath::Parser::parseStatement):
1226         (WebCore::XPath::Parser::registerNodeTest):
1227         (WebCore::XPath::Parser::deleteNodeTest):
1228         * xml/XPathParser.h:
1229         Added support methods for changes in XPathGrammar.y.
1230
1231         * xml/XPathPath.cpp:
1232         (WebCore::XPath::Filter::evaluate): Cache evaluationContext in a local variable. Use swap() to avoid
1233         performing vector assignments.
1234         (WebCore::XPath::LocationPath::evaluate): Use swap() to avoid performing vector assignments.
1235         (WebCore::XPath::LocationPath::optimizeStepPair): This new method is called during LocationPath construction, 
1236         to simplify the path as it's being built. Currently, the only optimized case is "//*" - it is a basis for
1237         important operations that cannot be efficiently written in XPath 1.0, but can be optimized with a little bit
1238         of XPath 2.0.
1239         (WebCore::XPath::LocationPath::appendStep): A new accessor that modifies m_steps and calls optimizeStepPair().
1240         (WebCore::XPath::LocationPath::insertFirstStep): Ditto.
1241         * xml/XPathPath.h:
1242         (WebCore::XPath::LocationPath::setAbsolute): A new accessor.
1243
1244         * xml/XPathStep.h:
1245         (WebCore::XPath::Step::NodeTest::):
1246         (WebCore::XPath::Step::NodeTest::NodeTest):
1247         (WebCore::XPath::Step::NodeTest::kind):
1248         (WebCore::XPath::Step::NodeTest::data):
1249         Step::NodeTest is a new sub-class that represents a fully parsed NodeTest.
1250         (WebCore::XPath::Step::axis):
1251         (WebCore::XPath::Step::nodeTest):
1252         (WebCore::XPath::Step::nodeTestData):
1253         (WebCore::XPath::Step::namespaceURI):
1254         (WebCore::XPath::Step::predicates):
1255         (WebCore::XPath::Step::setAxis):
1256         (WebCore::XPath::Step::setNodeTest):
1257         (WebCore::XPath::Step::setNodeTestData):
1258         (WebCore::XPath::Step::setNamespaceURI):
1259         (WebCore::XPath::Step::setPredicates):
1260         New accessors that let optimizeStepPair() manipulate Step data.
1261
1262         * xml/XPathStep.cpp:
1263         (WebCore::XPath::Step::Step): Use the new NodeTest class.
1264         (WebCore::XPath::Step::evaluate): Cache evaluationContext in a local variable. Use swap() to avoid
1265         performing unneeded vector assignments.
1266         (WebCore::XPath::Step::nodesInAxis): Cosmetic changes.
1267         (WebCore::XPath::Step::nodeTestMatches): Use NodeTest instead of parsing the test from string each time.
1268         Added a partial implementation of XPath 2.0 element() node test.
1269
1270 2007-03-10  Alexey Proskuryakov  <ap@webkit.org>
1271
1272         Reviewed by Darin.
1273
1274         http://bugs.webkit.org/show_bug.cgi?id=12249
1275         FCKeditor: <hr>, <ul> and <ol> have id="undefined"
1276
1277         This fixes the attached reduction, but not the original issue.
1278
1279         Test: editing/execCommand/default-parameters.html
1280
1281         * dom/Document.h:
1282         * dom/Document.idl:
1283         Make second and third execCommand() parameters optional.
1284
1285 2007-03-10  Adele Peterson  <adele@apple.com>
1286
1287         Reviewed by Maciej.
1288
1289         Fix for http://bugs.webkit.org/show_bug.cgi?id=13028
1290         REGRESSION: textField:doCommandBySelector:inFrame: not being called properly
1291
1292         * html/HTMLInputElement.cpp: (WebCore::HTMLInputElement::defaultEventHandler):
1293           Before calling the base class defaultEventHandler, which will call handleKeypress, call doTextFieldCommandFromEvent.        
1294
1295 2007-03-10  Mitz Pettel  <mitz@webkit.org>
1296
1297         Reviewed by Darin.
1298
1299         - fix http://bugs.webkit.org/show_bug.cgi?id=13013
1300           REGRESSION: Selection box does not scroll to where the focus jumps when pressing an alphanumeric key
1301
1302         Test: fast/forms/listbox-typeahead-scroll.html
1303
1304         * html/HTMLSelectElement.cpp:
1305         (WebCore::HTMLSelectElement::setSelectedIndex): Reordered to set the active selection's
1306         anchor and end before selecting the option, since the active selection is used to
1307         decide where to scroll when the selection is made.
1308         (WebCore::HTMLSelectElement::defaultEventHandler): Removed redundant check.
1309
1310 2007-03-10  Mitz Pettel  <mitz@webkit.org>
1311
1312         Reviewed by Darin.
1313
1314         - fix http://bugs.webkit.org/show_bug.cgi?id=12973
1315           REGRESSION: Reproducible assert while loading this test file if css is already in the cache
1316
1317         Test: fast/dom/css-cached-import-rule.html
1318
1319         Replaced some direct calls to document->stylesheetLoaded() with calls to
1320         the sheet's checkLoaded(). The latter calls back to the element's sheetLoaded() --
1321         which notifies the document of the load -- and then updates the sheet's
1322         loadCompleted() flag, ensuring that it stays in sync with whether the stylesheet
1323         is still considered pending by the document.
1324
1325         * dom/ProcessingInstruction.cpp:
1326         (WebCore::ProcessingInstruction::parseStyleSheet):
1327         * dom/StyleElement.cpp:
1328         (WebCore::StyleElement::childrenChanged):
1329         * html/HTMLLinkElement.cpp:
1330         (WebCore::HTMLLinkElement::process):
1331         (WebCore::HTMLLinkElement::setCSSStyleSheet):
1332         * ksvg2/svg/SVGStyleElement.cpp:
1333         (WebCore::SVGStyleElement::sheetLoaded):
1334         * ksvg2/svg/SVGStyleElement.h:
1335
1336 2007-03-10  David Kilzer  <ddkilzer@webkit.org>
1337
1338         Reviewed by Darin.
1339
1340         - fix http://bugs.webkit.org/show_bug.cgi?id=9609
1341           REGRESSION: Missing image icon needs to be moved back to WebKit
1342
1343         * WebCore.exp: Export WebCore::Image::loadPlatformResource(const char*) for use in
1344         [WebHTMLView _startDraggingImage:at:operation:event:sourceIsDHTML:DHTMLWroteData:].
1345
1346 2007-03-09  Darin Adler  <darin@apple.com>
1347
1348         Reviewed by Justin.
1349
1350         - fix http://bugs.webkit.org/show_bug.cgi?id=8928
1351           <rdar://problem/5045708> REPRODUCIBLE ASSERT: Cannot paste HTML into a
1352           contenteditable region in an XHTML document (8928)
1353
1354         Test: editing/pasteboard/paste-xml.xhtml
1355
1356         * editing/markup.cpp: (WebCore::createFragmentFromMarkup): Added a check for 0
1357         here, since createContextualFragment can return 0 for XML documents that fail
1358         to parse. In my testing, callers all seem equipped to handle 0.
1359
1360 2007-03-09  Mitz Pettel  <mitz@webkit.org>
1361
1362         Reviewed by Darin.
1363
1364         - fix http://bugs.webkit.org/show_bug.cgi?id=9929
1365           REGRESSION: crash on logging in on mijnpostbank.nl
1366
1367         Test: http/tests/misc/onload-remove-iframe-crash-2.html
1368
1369         The resulted from an iframe's load event handler removing the iframe
1370         from the document.
1371
1372         * dom/Document.cpp:
1373         (WebCore::Document::implicitClose): Bail out early if an event handler
1374         removed the frame.
1375         * loader/FrameLoader.cpp:
1376         (WebCore::FrameLoader::FrameLoader):
1377         (WebCore::FrameLoader::clear):
1378         (WebCore::FrameLoader::checkCompleted): Protect the frame from deletion
1379         by event handlers.
1380         (WebCore::FrameLoader::checkCompletedTimerFired):
1381         (WebCore::FrameLoader::scheduleCheckCompleted):
1382         (WebCore::FrameLoader::detachFromParent): Schedule a completion check
1383         on the parent (in case the child is what has been keeping it from completing).
1384         * loader/FrameLoader.h:
1385
1386 2007-03-08  David Kilzer  <ddkilzer@webkit.org>
1387
1388         Reviewed by Beth.
1389
1390         - fix http://bugs.webkit.org/show_bug.cgi?id=13019
1391           REGRESSION (r20074): Forms don't submit on a variety of websites
1392
1393         No tests added since LayoutTests/fast/forms/document-write.html was timing out
1394         and causing a layout test failure.
1395
1396         * html/HTMLFormElement.cpp:
1397         (WebCore::HTMLFormElement::submit): Removed stray code.
1398
1399 2007-03-08  Krzysztof Kowalczyk  <kkowalczyk@gmail.com>
1400
1401         Not reviewed - gdk build fix.
1402
1403         * platform/graphics/cairo/ImageSourceCairo.cpp:
1404         (WebCore::ImageSource::frameIsCompleteAtIndex): add empty stub
1405
1406 2007-03-08  Justin Garcia  <justin.garcia@apple.com>
1407
1408         Reviewed by harrison
1409         
1410         <rdar://problem/4903193> 
1411         On particular page, Copy is so slow it seems like a hang
1412         
1413         ~2x speedup copying:
1414         http://shakespeare.mit.edu/henryviii/full.html 
1415         Also produces less bloated markup.
1416
1417         * editing/markup.cpp:
1418         (WebCore::startMarkup): Don't wrap text nodes in style spans.
1419         For Elements, don't inline styles inherited from ancestors.
1420         (WebCore::createMarkup): No longer necessary to find 
1421         the root's default style and pass it to startMarkup.
1422         Add a wrapper span around the markup with the styles
1423         that all nodes in the markup inherit (the inheritable 
1424         styles from the common ancestor container's computed style).
1425         Added a FIXME about unecessary markup for inline ancestors 
1426         up to the commonAncestorBlock.
1427
1428 2007-03-08  Darin Adler  <darin@apple.com>
1429
1430         Reviewed by Adele.
1431
1432         - <rdar://problem/4470381> multipart/form-data boundary security vulnerability
1433
1434         By making the form data boundary a string with some random data in it, we reduce
1435         the possibility that anyone could take advantage of it by creating a file that
1436         intentionally has the boundary string in it.
1437
1438         * html/HTMLFormElement.h: Removed boundary(), setBoundary(), and m_boundary.
1439         Marked a lot more stuff private.
1440         * html/HTMLFormElement.cpp:
1441         (WebCore::HTMLFormElement::HTMLFormElement): Removed code to initialize
1442         m_boundary.
1443         (WebCore::randomNumber): Added. Function that returns a random number, including
1444         seeding the random number generator the first time it's called. For now, usees the more
1445         random function random() on Mac OS X and the more-standard rand() on other platforms.
1446         (WebCore::HTMLFormElement::formData): Take a parameter with the form boundary string,
1447         and use that instead of m_boundary.
1448         (WebCore::getUniqueBoundaryString): Added. Makes a boundary string using random numbers
1449         and base 64 encoding.
1450         (WebCore::HTMLFormElement::submit): Call getUniqueBoundaryString and pass the boundary
1451         string into formData for multipart form posts.
1452
1453 2007-03-08  Maciej Stachowiak  <mjs@apple.com>
1454
1455         Reviewed by Adele.
1456         
1457         <rdar://problem/4646563> REGRESSION: Unable to send text message from Verizon text message website: vtext.com (12588)
1458         http://bugs.webkit.org/show_bug.cgi?id=12588
1459
1460         Carefully revised which focus operations restore previous selection, which clear it, and which
1461         select the whole control contents.
1462         
1463         Tests:
1464         fast/forms/focus-selection-input.html
1465         fast/forms/focus-selection-textarea.html
1466         
1467         * dom/Element.cpp:
1468         (WebCore::Element::focus):
1469         * dom/Element.h:
1470         * html/HTMLInputElement.cpp:
1471         (WebCore::HTMLInputElement::focus):
1472         (WebCore::HTMLInputElement::accessKeyAction):
1473         * html/HTMLInputElement.h:
1474         * html/HTMLLabelElement.cpp:
1475         (WebCore::HTMLLabelElement::focus):
1476         (WebCore::HTMLLabelElement::accessKeyAction):
1477         * html/HTMLLabelElement.h:
1478         * html/HTMLLegendElement.cpp:
1479         (WebCore::HTMLLegendElement::focus):
1480         * html/HTMLLegendElement.h:
1481         * html/HTMLTextAreaElement.cpp:
1482         (WebCore::HTMLTextAreaElement::focus):
1483         * html/HTMLTextAreaElement.h:
1484         * page/FocusController.cpp:
1485         (WebCore::FocusController::advanceFocus):
1486
1487 2007-03-08  Justin Garcia  <justin.garcia@apple.com>
1488
1489         Reviewed by harrison
1490
1491         <http://bugs.webkit.org/show_bug.cgi?id=12244>
1492         FCKeditor: Find dialog doesn't work
1493
1494         * bindings/js/kjs_window.cpp:
1495         (KJS::Window::find): Added.  This function doesn't yet 
1496         support whole word searches, searching in subframes, or
1497         opening the find dialog.
1498         (KJS::WindowFunc::callAsFunction):
1499         * bindings/js/kjs_window.h:
1500         (KJS::Window::):
1501
1502 2007-03-08  David Hyatt  <hyatt@apple.com>
1503
1504         Fix regression from throwing away frames of large animated images.  Alter
1505         animated images so that they refuse to advance the animation until the
1506         current displayed frame has been fully decoded.
1507
1508         Reviewed by ggaren
1509
1510         * platform/graphics/BitmapImage.cpp:
1511         (WebCore::BitmapImage::startAnimation):
1512         (WebCore::BitmapImage::advanceAnimation):
1513         * platform/graphics/ImageSource.h:
1514         * platform/graphics/cg/ImageSourceCG.cpp:
1515         (WebCore::ImageSource::frameIsCompleteAtIndex):
1516
1517 2007-03-08  David Hyatt  <hyatt@apple.com>
1518
1519         Fix 2% performance regression on the PLT.  Increase the large animated
1520         image cutoff from 1MB to 5MB.
1521
1522         In addition when pruning we will aggressively discard image sources.
1523
1524         Reviewed by ggaren
1525
1526         * platform/graphics/BitmapImage.cpp:
1527         (WebCore::BitmapImage::destroyDecodedData):
1528
1529 2007-03-08  Timothy Hatcher  <timothy@apple.com>
1530
1531         Reviewed by John.
1532
1533         <rdar://problem/4664697> highlighter SPI needs a node parameter to give more context
1534
1535         Pass the RenderObject's node to customHighlightLineRect and paintCustomHighlight.
1536
1537         * page/Frame.h:
1538         * page/mac/FrameMac.mm:
1539         (WebCore::Frame::customHighlightLineRect):
1540         (WebCore::Frame::paintCustomHighlight):
1541         * page/mac/WebCoreFrameBridge.h:
1542         * rendering/InlineTextBox.cpp:
1543         (WebCore::InlineTextBox::paintCustomHighlight):
1544         * rendering/RenderBox.cpp:
1545         (WebCore::RenderBox::paintCustomHighlight):
1546         * rendering/RootInlineBox.cpp:
1547         (WebCore::RootInlineBox::addHighlightOverflow):
1548         (WebCore::RootInlineBox::paintCustomHighlight):
1549
1550 2007-03-08  Justin Garcia  <justin.garcia@apple.com>
1551
1552         Reviewed by harrison
1553         
1554         <http://bugs.webkit.org/show_bug.cgi?id=13000>
1555         Range.createContextualFragment is not supported
1556
1557         * dom/Range.cpp:
1558         (WebCore::Range::createContextualFragment): The
1559         "startContainer" may not be a container, if the
1560         range starts inside text.  In that case, look
1561         to the parent of the start node for an HTMLElement.
1562
1563 2007-03-08  Justin Garcia  <justin.garcia@apple.com>
1564
1565         Reviewed by harrison
1566         
1567         <rdar://problem/5049671>
1568         Gmail Editor: With linked text, Remove Formatting doesn't always remove underline
1569
1570         * editing/Editor.cpp:
1571         (WebCore::Editor::removeFormattingAndStyle): Clear removed
1572         anchors after the deletion.
1573
1574 2007-03-08  David Kilzer  <ddkilzer@webkit.org>
1575
1576         Reviewed by NOBODY (build fix).
1577
1578         Added missing file for r20059:
1579         <rdar://problem/4708689> -- REGRESSION: Some symbols with 2-byte display as garbage in Hotmail.
1580
1581         File was taken from this svn repository which contained versions of ucnv.h and ucnv_err.h
1582         that were identical to ours:
1583         http://source.icu-project.org/repos/icu/icu/tags/release-3-2/source/common/unicode/ucnv_cb.h
1584
1585         * icu/unicode/ucnv_cb.h: Added.
1586
1587 2007-03-08  Shrikant Gangoda  <shrikant.gangoda@celunite.com>
1588
1589         Gdk build fix.
1590
1591         * platform/graphics/cairo/ImageSourceCairo.cpp:
1592         (WebCore::ImageSource::~ImageSource):
1593         (WebCore::ImageSource::clear):
1594
1595 2007-03-08  Oliver Hunt  <oliver@apple.com>
1596
1597         Reviewed by Adam.
1598
1599         To match old TEC behaviour when using ICU we need to use 
1600         a few manual fallback encodings for the GBK/EUC-CN charsets
1601
1602         <rdar://problem/4708689> -- REGRESSION: Some symbols with 2-byte display as garbage in Hotmail.
1603
1604         * platform/TextCodecICU.cpp:
1605         (WebCore::TextCodecICU::TextCodecICU):
1606         (WebCore::TextCodecICU::createICUConverter):
1607         (WebCore::gbkEscapes):
1608         (WebCore::gbkCallbackEscape):
1609         (WebCore::gbkCallbackSubstitute):
1610         (WebCore::TextCodecICU::encode):
1611         * platform/TextCodecICU.h:
1612         (WebCore::TextCodecICU::needsGBKFallbacks):
1613         (WebCore::TextCodecICU::setNeedsGBKFallbacks):
1614
1615 2007-03-08  Alexey Proskuryakov  <ap@webkit.org>
1616
1617         Build fix.
1618
1619         * xml/XPathUtil.cpp:
1620         (WebCore::XPath::stringValue):
1621
1622 2007-03-08  David Hyatt  <hyatt@apple.com>
1623
1624         This patch dramatically reduces the memory consumed by animated images.  For large animated GIFs (defined for
1625         now as >1mb in terms of decoded frame buffer size), we will now aggressively flush previous frames of the
1626         animated GIF and just re-decode them on the fly if the animation loops.
1627
1628         Whenever a large animated GIF has its animation reset, we will also just throw out everything and start
1629         the animation over (in order to get rid of any cached detritus held in the ImageSource).
1630
1631         With this patch and the sample GIF used to test, WebKit's memory consumption went from 160MB down to 16MB.
1632
1633         Reviewed by mjs
1634
1635         * platform/graphics/BitmapImage.cpp:
1636         (WebCore::BitmapImage::destroyDecodedData):
1637         (WebCore::BitmapImage::resetAnimation):
1638         (WebCore::BitmapImage::advanceAnimation):
1639         * platform/graphics/ImageSource.h:
1640         * platform/graphics/cg/ImageSourceCG.cpp:
1641         (WebCore::ImageSource::~ImageSource):
1642         (WebCore::ImageSource::clear):
1643
1644 2007-03-08  Alexey Proskuryakov  <ap@webkit.org>
1645
1646         Reviewed by Darin.
1647
1648         http://bugs.webkit.org/show_bug.cgi?id=13006
1649         XPath string-value is broken for some node types
1650
1651         Test: fast/xpath/string-value.html
1652
1653         * xml/XPathUtil.cpp:
1654         (WebCore::XPath::stringValue): Fix it :-)
1655
1656 2007-03-07  Anders Carlsson  <acarlsson@apple.com>
1657
1658         Reviewed by Adam.
1659
1660         <rdar://problem/4981000> 
1661         http://bugs.webkit.org/show_bug.cgi?id=12634
1662         REGRESSION: crash loading web archive (12634)
1663         
1664         The reason this bug wasn't always reproducible is that it involved sending an event to a plugin while 
1665         the page was loading. Before we send the event to the plugin we defer loads. The problem was that
1666         MainResourceLoader::setDefersLoad would not work with data loads.
1667         
1668         * loader/DocumentLoader.cpp:
1669         (WebCore::DocumentLoader::setRequest):
1670         Only set m_committed to false if we also have a valid unreachable URL.
1671         
1672         * loader/MainResourceLoader.cpp:
1673         (WebCore::MainResourceLoader::setDefersLoading):
1674         Make sure to stop and start data loads.
1675
1676 2007-03-07  Krzysztof Kowalczyk  <kkowalczyk@gmail.com>
1677
1678         Not reviewed.
1679
1680         Gdk build fixes.
1681
1682         * platform/gdk/EditorClientGdk.cpp:
1683         (WebCore::EditorClientGdk::handleKeypress): renamed
1684         (WebCore::EditorClientGdk::handleInputMethodKeypress): add a stub
1685         * platform/gdk/EditorClientGdk.h:
1686         * platform/graphics/cairo/ImageSourceCairo.cpp:
1687         (WebCore::ImageSource::destroyFrameAtIndex): add a stub
1688
1689 2007-03-07  Alexey Proskuryakov  <ap@webkit.org>
1690
1691         Reviewed by Darin.
1692
1693         http://bugs.webkit.org/show_bug.cgi?id=13004
1694         Repeatedly calling XPathExpression.evaluate() causes crashes or memory leaks
1695
1696         Removed XPath::Expression::optimize() and related methods, since they were buggy and almost useless.
1697         Merged doEvaluate() into evaluate(), since this was all evaluate() was doing after the above changes.
1698
1699         Test: fast/xpath/evaluate-twice.html
1700
1701         * xml/XPathExpression.cpp:
1702         (WebCore::XPathExpression::evaluate):
1703         * xml/XPathExpressionNode.cpp:
1704         (WebCore::XPath::Expression::Expression):
1705         (WebCore::XPath::Expression::~Expression):
1706         * xml/XPathExpressionNode.h:
1707         * xml/XPathFunctions.cpp:
1708         (WebCore::XPath::FunLast::evaluate):
1709         (WebCore::XPath::FunPosition::evaluate):
1710         (WebCore::XPath::FunId::evaluate):
1711         (WebCore::XPath::FunLocalName::evaluate):
1712         (WebCore::XPath::FunNamespaceURI::evaluate):
1713         (WebCore::XPath::FunName::evaluate):
1714         (WebCore::XPath::FunCount::evaluate):
1715         (WebCore::XPath::FunString::evaluate):
1716         (WebCore::XPath::FunConcat::evaluate):
1717         (WebCore::XPath::FunStartsWith::evaluate):
1718         (WebCore::XPath::FunContains::evaluate):
1719         (WebCore::XPath::FunSubstringBefore::evaluate):
1720         (WebCore::XPath::FunSubstringAfter::evaluate):
1721         (WebCore::XPath::FunSubstring::evaluate):
1722         (WebCore::XPath::FunStringLength::evaluate):
1723         (WebCore::XPath::FunNormalizeSpace::evaluate):
1724         (WebCore::XPath::FunTranslate::evaluate):
1725         (WebCore::XPath::FunBoolean::evaluate):
1726         (WebCore::XPath::FunNot::evaluate):
1727         (WebCore::XPath::FunTrue::evaluate):
1728         (WebCore::XPath::FunLang::evaluate):
1729         (WebCore::XPath::FunFalse::evaluate):
1730         (WebCore::XPath::FunNumber::evaluate):
1731         (WebCore::XPath::FunSum::evaluate):
1732         (WebCore::XPath::FunFloor::evaluate):
1733         (WebCore::XPath::FunCeiling::evaluate):
1734         (WebCore::XPath::FunRound::evaluate):
1735         * xml/XPathPath.cpp:
1736         (WebCore::XPath::Filter::evaluate):
1737         (WebCore::XPath::LocationPath::evaluate):
1738         (WebCore::XPath::Path::evaluate):
1739         * xml/XPathPath.h:
1740         * xml/XPathPredicate.cpp:
1741         (WebCore::XPath::Number::evaluate):
1742         (WebCore::XPath::StringExpression::evaluate):
1743         (WebCore::XPath::Negative::evaluate):
1744         (WebCore::XPath::NumericOp::evaluate):
1745         (WebCore::XPath::EqTestOp::evaluate):
1746         (WebCore::XPath::LogicalOp::evaluate):
1747         (WebCore::XPath::Union::evaluate):
1748         * xml/XPathPredicate.h:
1749         * xml/XPathStep.cpp:
1750         * xml/XPathStep.h:
1751         * xml/XPathVariableReference.cpp:
1752         (WebCore::XPath::VariableReference::evaluate):
1753         * xml/XPathVariableReference.h:
1754
1755 2007-03-07  Sam Weinig  <sam@webkit.org>
1756
1757         Reviewed by Tim H.
1758
1759         Remove unused #import from Objective-C bindings and cleanup the order of #imports.
1760
1761         * bindings/scripts/CodeGeneratorObjC.pm:
1762
1763 2007-03-07  Sam Weinig  <sam@webkit.org>
1764
1765         Reviewed by Tim H.
1766
1767         Make sure the baseURI attribute generates for private Objective-C bindings.
1768
1769         * dom/Node.idl:
1770
1771 2007-03-07  Anders Carlsson  <acarlsson@apple.com>
1772
1773         Reviewed by Maciej.
1774
1775         <rdar://problem/4874059>
1776         REGRESSION: Painter IX:register - Crash in WebCore:: ResourceLoader::willSendRequest()
1777
1778         If a load is done from inside of an error delegate method that is called because we cancel another load, 
1779         the first load should be ignored since this is what shipping WebKit does. 
1780         
1781         (Actually, it does load the page in the data source but doesn't do anything with it since the data source
1782         won't have a web frame).
1783         
1784         * loader/FrameLoader.cpp:
1785         (WebCore::FrameLoader::load):
1786         Just bail out if m_isStoppingLoad is true.
1787
1788 2007-03-07  David Hyatt  <hyatt@apple.com>
1789
1790         Use CGImageRelease instead of CFRelease.
1791
1792         Reviewed by aroben
1793
1794         * platform/graphics/cg/ImageCG.cpp:
1795         (WebCore::FrameData::clear):
1796         * platform/graphics/cg/ImageSourceCG.cpp:
1797         (WebCore::ImageSource::destroyFrameAtIndex):
1798
1799 2007-03-07  David Hyatt  <hyatt@apple.com>
1800
1801         Fix a regression where the cache size overflows because of a double
1802         subtraction per resource when they got removed from the cache.  Add an
1803         assert to adjustSize to detect this case in the future.
1804
1805         Fix ImageSourceCG so that when we flush decoded data from our cache that
1806         we also flush it from the ImageSource.
1807
1808         Reviewed by mjs
1809
1810         * loader/Cache.cpp:
1811         (WebCore::Cache::adjustSize):
1812         * platform/graphics/BitmapImage.cpp:
1813         (WebCore::BitmapImage::~BitmapImage):
1814         (WebCore::BitmapImage::destroyDecodedData):
1815         * platform/graphics/Image.h:
1816         * platform/graphics/ImageSource.h:
1817         * platform/graphics/cg/ImageSourceCG.cpp:
1818         (WebCore::ImageSource::setData):
1819         (WebCore::ImageSource::destroyFrameAtIndex):
1820
1821 2007-03-07  Mitz Pettel  <mitz@webkit.org>
1822
1823         Reviewed by Darin.
1824
1825         - fix http://bugs.webkit.org/show_bug.cgi?id=13002
1826           Incomplete repaint of inset outlines
1827
1828         Test: fast/repaint/outline-inset.html
1829
1830         * rendering/RenderObject.cpp:
1831         (WebCore::RenderObject::repaintAfterLayoutIfNeeded):
1832
1833 2007-03-07  Oliver Hunt  <oliver@apple.com>
1834
1835         Reviewed by Antti.
1836
1837         Reset mouse down/drag state variables on mouse button release
1838         
1839         Fixes <rdar://problem/5044654>: Drag out of some QuickTime plug-ins converting into image drag
1840
1841         * page/EventHandler.cpp:
1842         (WebCore::EventHandler::handleMouseReleaseEvent):
1843
1844 2007-03-07  Adele Peterson  <adele@apple.com>
1845
1846         Reviewed by Darin.
1847
1848         WebCore part of fix for:
1849         http://bugs.webkit.org/show_bug.cgi?id=10871
1850         http://bugs.webkit.org/show_bug.cgi?id=12677
1851         <rdar://problem/4823129> REGRESSION: IME key events different in nightly
1852         <rdar://problem/4759563> REGRESSION: Return key is always sent when you confirm a clause in kotoeri
1853
1854         * page/EventHandler.cpp: (WebCore::EventHandler::defaultKeyboardEventHandler): Call handleInputMethodKeypress before actually dispatching the keypress event
1855           so that input methods have a chance to handle the event.  
1856           If the input method handles the event (by marking or unmarking text), then we don't need to send the keypress event.
1857           If an input method doesn't handle the event, then we'll save the data we need to perform the correct action (like what text to insert or what selector to use) 
1858           when we dispatch the keypress event.
1859
1860         * dom/KeyboardEvent.h: Added Mac-specific KeypressCommand struct, so we can store command info during handleInputMethodKeypress, and use it during handleKeypress.
1861         (WebCore::KeyboardEvent::keypressCommand):
1862         (WebCore::KeyboardEvent::setKeypressCommand):
1863
1864         * bridge/EditorClient.h:
1865         * editing/Editor.cpp:
1866         (WebCore::Editor::handleKeypress): Changed handleKeyPress to handleKeypress.
1867         (WebCore::Editor::handleInputMethodKeypress): Added.
1868         * editing/Editor.h:
1869
1870         * platform/graphics/svg/SVGImageEmptyClients.h:
1871         (WebCore::SVGEmptyEditorClient::handleKeypress): Changed handleKeyPress to handleKeypress.
1872         (WebCore::SVGEmptyEditorClient::handleInputMethodKeypress): Added.
1873
1874 2007-03-07  Rob Buis  <buis@kde.org>
1875
1876         Reviewed by Darin.
1877
1878         http://bugs.webkit.org/show_bug.cgi?id=12579
1879         WebKit fails SVG xml:base test
1880
1881         Implement DOM3 properties baseURI and documentURI to fix
1882         the testcase in bug 12579.
1883
1884         * bindings/js/kjs_dom.cpp:
1885         (KJS::DOMNode::getValueProperty):
1886         * bindings/js/kjs_domnode.h:
1887         (KJS::DOMNode::):
1888         * dom/Document.cpp:
1889         (WebCore::Document::documentURI):
1890         (WebCore::Document::setDocumentURI):
1891         (WebCore::Document::baseURI):
1892         * dom/Document.h:
1893         * dom/Document.idl:
1894         * dom/DocumentType.cpp:
1895         (WebCore::DocumentType::baseURI):
1896         * dom/DocumentType.h:
1897         * dom/Element.cpp:
1898         (WebCore::Element::baseURI):
1899         * dom/Element.h:
1900         * dom/Node.cpp:
1901         (WebCore::Node::baseURI):
1902         * dom/Node.h:
1903         * ksvg2/misc/SVGImageLoader.cpp:
1904         (WebCore::SVGImageLoader::updateFromElement):
1905         * ksvg2/svg/SVGImageElement.cpp:
1906         (WebCore::SVGImageElement::parseMappedAttribute):
1907         (WebCore::SVGImageElement::attach):
1908
1909 2007-03-07  Anders Carlsson  <acarlsson@apple.com>
1910
1911         Reviewed by Brady.
1912
1913         Remove some methods in FrameLoader that just calls down to the active document loader. Since each
1914         resource loader now has a pointer to its document loader, we can just call directly to the
1915         document loader.
1916
1917         * WebCore.exp:
1918         * loader/FrameLoader.cpp:
1919         * loader/FrameLoader.h:
1920         * loader/MainResourceLoader.cpp:
1921         (WebCore::MainResourceLoader::willSendRequest):
1922         (WebCore::MainResourceLoader::didReceiveResponse):
1923         * loader/SubresourceLoader.cpp:
1924         (WebCore::SubresourceLoader::SubresourceLoader):
1925         (WebCore::SubresourceLoader::didFinishLoading):
1926         (WebCore::SubresourceLoader::didFail):
1927         (WebCore::SubresourceLoader::didCancel):
1928         * loader/mac/NetscapePlugInStreamLoaderMac.mm:
1929         (WebCore::NetscapePlugInStreamLoader::didFinishLoading):
1930         (WebCore::NetscapePlugInStreamLoader::didFail):
1931         (WebCore::NetscapePlugInStreamLoader::didCancel):
1932
1933 2007-03-06  Geoffrey Garen  <ggaren@apple.com>
1934
1935         Reviewed by Maciej Stachowiak.
1936         
1937         Fixed <rdar://problem/4576242> | http://bugs.webkit.org/show_bug.cgi?id=12586
1938         PAC file: malloc deadlock sometimes causes a hang @ www.apple.com/pro/profiles/ (12586)
1939         
1940         No test because this is very difficult to repro, and the new ASSERTs in 
1941         JavaScriptCore catch the underlying cause while running normal layout tests.
1942         
1943         This is a modified version of r14752 on the branch.
1944         
1945         The fix is to use a bit inside each node, instead of a hash table, to track 
1946         which node subtrees are in the process of being marked. This avoids a call 
1947         to malloc inside mark().
1948         
1949         * bindings/js/kjs_binding.cpp:
1950         (KJS::domObjects):
1951         (KJS::domNodesPerDocument):
1952         * bindings/js/kjs_dom.cpp:
1953         (KJS::DOMNode::mark):
1954         * dom/Node.cpp:
1955         (WebCore::Node::Node):
1956         * dom/Node.h:
1957
1958 2007-03-06  David Hyatt  <hyatt@apple.com>
1959
1960         This patch reworks the WebCore memory cache to significantly reduce the amount of memory consumed by
1961         images in the cache and to enhance the accuracy of the cache size as an absolute bound for the objects
1962         contained within it.  WebCore's memory use over time should significantly improve as a result of these
1963         changes.
1964
1965         Cached resources now have both an encoded size (the original data stream) and a decoded size (an estimate of
1966         the amount of memory consumed by an expanded version of that resource, e.g., the decoded frames of an image).
1967         Both sizes now count towards the total size of the object and towards the allowed memory cache total.
1968
1969         By including both totals the reported size of resources will now be larger, and the cache will therefore become
1970         much more aggressive about flushing.
1971
1972         Objects are stored in size-adjusted and popularity-aware LRU lists as before, but encoded size is now always
1973         used when determining the correct LRU list.
1974
1975         The flush algorithm for the memory cache has been rewritten to first destroy decoded data before evicting
1976         resources.  By being able to compact its resources without evicting them, the memory cache can now hold many more
1977         unique resources (encoded) in the same amount of space.  Depending on how much of a hit we want to take from
1978         re-decoding images, the memory cache could in theory have its size significantly reduced now while still holding
1979         more resources than it did at the larger size!
1980
1981         Reviewed by mjs
1982
1983         * WebCore.xcodeproj/project.pbxproj:
1984         * loader/Cache.cpp:
1985         (WebCore::Cache::requestResource):
1986         (WebCore::Cache::prune):
1987         (WebCore::Cache::remove):
1988         (WebCore::Cache::lruListFor):
1989         (WebCore::Cache::adjustSize):
1990         * loader/Cache.h:
1991         * loader/CachedCSSStyleSheet.cpp:
1992         (WebCore::CachedCSSStyleSheet::data):
1993         * loader/CachedImage.cpp:
1994         (WebCore::CachedImage::CachedImage):
1995         (WebCore::CachedImage::allReferencesRemoved):
1996         (WebCore::CachedImage::clear):
1997         (WebCore::CachedImage::data):
1998         (WebCore::CachedImage::destroyDecodedData):
1999         (WebCore::CachedImage::decodedSize):
2000         (WebCore::CachedImage::decodedSizeChanged):
2001         (WebCore::CachedImage::shouldPauseAnimation):
2002         * loader/CachedImage.h:
2003         * loader/CachedResource.cpp:
2004         (WebCore::CachedResource::CachedResource):
2005         (WebCore::CachedResource::deref):
2006         (WebCore::CachedResource::setEncodedSize):
2007         * loader/CachedResource.h:
2008         (WebCore::CachedResource::allReferencesRemoved):
2009         (WebCore::CachedResource::size):
2010         (WebCore::CachedResource::encodedSize):
2011         (WebCore::CachedResource::decodedSize):
2012         (WebCore::CachedResource::destroyDecodedData):
2013         * loader/CachedScript.cpp:
2014         (WebCore::CachedScript::data):
2015         * loader/CachedXSLStyleSheet.cpp:
2016         (WebCore::CachedXSLStyleSheet::data):
2017         * platform/graphics/BitmapImage.cpp:
2018         (WebCore::BitmapImage::BitmapImage):
2019         (WebCore::BitmapImage::~BitmapImage):
2020         (WebCore::BitmapImage::destroyDecodedData):
2021         (WebCore::BitmapImage::pruneDecodedDataIfNeeded):
2022         (WebCore::BitmapImage::cacheFrame):
2023         (WebCore::BitmapImage::setNativeData):
2024         (WebCore::BitmapImage::shouldAnimate):
2025         (WebCore::BitmapImage::advanceAnimation):
2026         * platform/graphics/BitmapImage.h:
2027         (WebCore::BitmapImage::decodedSize):
2028         * platform/graphics/Image.cpp:
2029         (WebCore::Image::Image):
2030         * platform/graphics/Image.h:
2031         (WebCore::Image::destroyDecodedData):
2032         (WebCore::Image::decodedSize):
2033         (WebCore::Image::imageObserver):
2034         * platform/graphics/ImageAnimationObserver.h: Removed.
2035         * platform/graphics/ImageObserver.h: Added.
2036         (WebCore::ImageObserver::~ImageObserver):
2037         * platform/graphics/svg/SVGImage.cpp:
2038         (WebCore::SVGImage::SVGImage):
2039         * platform/graphics/svg/SVGImage.h:
2040
2041 2007-03-06  Alexey Proskuryakov  <ap@webkit.org>
2042
2043         Reviewed by Sam Weinig.
2044
2045         http://bugs.webkit.org/show_bug.cgi?id=12987
2046         Fix and import 4XPath test_numeric_expr.html
2047
2048         * xml/XPathPredicate.cpp:
2049         (WebCore::XPath::Negative::doEvaluate): Convert the argument to number.
2050         (WebCore::XPath::NumericOp::doEvaluate): Convert the arguments to numbers. Use a correct operation for mod.
2051         * xml/XPathStep.cpp:
2052         (WebCore::XPath::Step::nodesInAxis): Do not append parent node if there is none.
2053         * xml/XPathValue.cpp:
2054         (WebCore::XPath::Value::toNumber): Do not convert to DeprecatedString just to trim whitespace and to convert to double.
2055         * platform/DeprecatedString.cpp:
2056         (WebCore::DeprecatedStringData::makeAscii): Added a FIXME about unreliable makeAscii() behavior.
2057
2058 2007-03-06  Maciej Stachowiak  <mjs@apple.com>
2059
2060         Reviewed by Adele.
2061
2062         <rdar://problem/4619663> REGRESSION (NativePopup): Popup menu doesn't draw at the correct vertical position (9816)
2063         
2064         * platform/mac/PopupMenuMac.mm:
2065         (WebCore::PopupMenu::show): Make a temporary dummy view with the
2066         passed in rect, since AppKit will use the view bounds to determine
2067         what area to exclude when popping up a menu moved to the top of
2068         the screen.
2069
2070 2007-03-06  Geoffrey Garen  <ggaren@apple.com>
2071
2072         Reviewed by Maciej Stachowiak.
2073
2074         Fixed all known crashers exposed by run-webkit-tests --threaded [*]. See 
2075         JavaScriptCore ChangeLog for more details.
2076
2077         * bindings/js/kjs_binding.cpp:
2078         (KJS::domNodesPerDocument): Added thread safety ASSERT.
2079         (KJS::ScriptInterpreter::mark): Removed obsolete logic for marking unsafe
2080         objects when collecting on a secondary thread. The Collector takes care
2081         of this now.
2082
2083         * bindings/js/kjs_binding.h:
2084         (KJS::DOMObject::DOMObject): Used new API for specifying that WebCore
2085         objects should be garbage collected on the main thread only.
2086
2087         * bindings/js/kjs_window.cpp:
2088         (KJS::ScheduledAction::execute): Moved JSLock to cover implementedsCall() call,
2089         which, for some subclasses, ends up allocating garbage collected objects.
2090         (This fix was speculative. I didn't actually see a crash from this.)
2091         (KJS::Window::timerFired): Added JSLock around ScheduleAction destruction,
2092         since it destroys a KJS::List.
2093
2094         * bindings/objc/WebScriptObject.mm:
2095         (-[WebScriptObject setException:]): Added JSLock. (This fix was speculative. 
2096         I didn't actually see a crash from this.)
2097
2098         * bridge/mac/WebCoreScriptDebugger.mm:
2099         (-[WebCoreScriptCallFrame evaluateWebScript:]): Added JSLock. (This fix 
2100         was speculative. I didn't actually see a crash from this.)
2101
2102         * dom/Document.cpp:
2103         (WebCore::Document::~Document): Added JSLock around modification to 
2104         domNodesPerDocument(), which can be accessed concurrently during garbage 
2105         collection.
2106         * dom/Node.cpp:
2107         (WebCore::Node::setDocument): ditto.
2108         
2109         [*] fast/js/toString-stack-overflow.html is an exception. --threaded mode
2110         crashes this test because it causes the garbage collector to run frequently,
2111         and this test crashes if you happen to garbage collect while it's running.
2112         This is a known issue with stack overflow during the mark phase. It's
2113         not related to threading.
2114
2115 2007-03-06  Mark Rowe  <mrowe@apple.com>
2116
2117         Reviewed by Sam Weinig.
2118
2119         Fix http://bugs.webkit.org/show_bug.cgi?id=12942
2120         Bug 12942: ASSERTION FAILURE: qantas.com.au changing selected item in <select> via JS
2121
2122         Test: fast/dom/select-selectedIndex-bug-12942.html.
2123
2124         * html/HTMLSelectElement.cpp:
2125         (WebCore::HTMLSelectElement::recalcListItems): Reset m_lastOnChangeIndex when recalculating list items.
2126         * html/HTMLSelectElement.h:
2127
2128 2007-03-06  Brady Eidson  <beidson@apple.com>
2129
2130         Rubberstamped by Kevin Decker
2131
2132         20,000!
2133
2134         * ChangeLog: Point out revision 20,000
2135
2136 2007-03-06  Krzysztof Kowalczyk  <kkowalczyk@gmail.com>
2137
2138         Not reviewed.
2139
2140         Gdk build fix.
2141
2142         * loader/gdk/FrameLoaderClientGdk.cpp: update userAgent() signature.
2143         (WebCore::FrameLoaderClientGdk::userAgent):
2144         * loader/gdk/FrameLoaderClientGdk.h: ditto.
2145
2146 2007-03-06  Mitz Pettel  <mitz@webkit.org>
2147
2148         Reviewed by Adele.
2149
2150         - fix http://bugs.webkit.org/show_bug.cgi?id=12986
2151           REGRESSION(NativeListBox): Listboxes not updated when resized dynamically
2152
2153         Test: fast/forms/select-change-listbox-size.html
2154
2155         * html/HTMLSelectElement.cpp:
2156         (WebCore::HTMLSelectElement::parseMappedAttribute): Reattach on list box size change.
2157
2158 2007-03-06  Mitz Pettel  <mitz@webkit.org>
2159
2160         Reviewed by Dave Hyatt.
2161
2162         - fix http://bugs.webkit.org/show_bug.cgi?id=12885
2163           REGRESSION (r19696): Incomplete background repaint
2164
2165         Tests: fast/repaint/content-into-overflow.html
2166                fast/repaint/overflow-into-content.html
2167
2168         Changed repaintAfterLayoutIfNeeded() to take, in addition to the clipped overflow
2169         rect, the unclipped border box plus outline, and to repaint any areas that
2170         were added or removed from that box, in addition to any areas added or removed
2171         from the clipped overflow rect.
2172
2173         * platform/graphics/svg/SVGResourceMarker.cpp:
2174         (WebCore::SVGResourceMarker::draw):
2175         * rendering/RenderBlock.cpp:
2176         (WebCore::RenderBlock::layoutBlock):
2177         * rendering/RenderBox.cpp:
2178         (WebCore::RenderBox::absoluteClippedOverflowRect): Renamed getAbsoluteRepaintRect() to
2179         this.
2180         * rendering/RenderBox.h:
2181         * rendering/RenderFlexibleBox.cpp:
2182         (WebCore::RenderFlexibleBox::layoutBlock):
2183         * rendering/RenderFlow.cpp:
2184         (WebCore::RenderFlow::absoluteClippedOverflowRect):
2185         * rendering/RenderFlow.h:
2186         * rendering/RenderForeignObject.cpp:
2187         (WebCore::RenderForeignObject::layout):
2188         * rendering/RenderHTMLCanvas.cpp:
2189         (WebCore::RenderHTMLCanvas::layout):
2190         * rendering/RenderImage.cpp:
2191         (WebCore::RenderImage::layout):
2192         * rendering/RenderLayer.cpp:
2193         (WebCore::RenderLayer::RenderLayer):
2194         (WebCore::RenderLayer::checkForRepaintOnResize):
2195         (WebCore::RenderLayer::updateLayerPositions):
2196         * rendering/RenderLayer.h:
2197         * rendering/RenderObject.cpp:
2198         (WebCore::RenderObject::repaint):
2199         (WebCore::RenderObject::repaintAfterLayoutIfNeeded):
2200         (WebCore::RenderObject::getAbsoluteRepaintRectWithOutline):
2201         (WebCore::RenderObject::absoluteClippedOverflowRect):
2202         (WebCore::RenderObject::absoluteOutlineBox):
2203         * rendering/RenderObject.h:
2204         * rendering/RenderPath.cpp:
2205         (WebCore::RenderPath::layout):
2206         (WebCore::RenderPath::absoluteClippedOverflowRect):
2207         (WebCore::RenderPath::absoluteRects):
2208         (WebCore::RenderPath::drawMarkersIfNeeded):
2209         * rendering/RenderPath.h:
2210         * rendering/RenderSVGContainer.cpp:
2211         (WebCore::RenderSVGContainer::layout):
2212         (WebCore::RenderSVGContainer::absoluteClippedOverflowRect):
2213         (WebCore::RenderSVGContainer::absoluteRects):
2214         * rendering/RenderSVGContainer.h:
2215         * rendering/RenderSVGHiddenContainer.cpp:
2216         (WebCore::RenderSVGHiddenContainer::absoluteClippedOverflowRect):
2217         * rendering/RenderSVGHiddenContainer.h:
2218         * rendering/RenderSVGImage.cpp:
2219         (WebCore::RenderSVGImage::imageChanged):
2220         (WebCore::RenderSVGImage::absoluteClippedOverflowRect):
2221         (WebCore::RenderSVGImage::absoluteRects):
2222         * rendering/RenderSVGImage.h:
2223         * rendering/RenderSVGText.cpp:
2224         (WebCore::RenderSVGText::absoluteClippedOverflowRect):
2225         (WebCore::RenderSVGText::layout):
2226         (WebCore::RenderSVGText::absoluteRects):
2227         * rendering/RenderSVGText.h:
2228         * rendering/RenderTable.cpp:
2229         (WebCore::RenderTable::layout):
2230         * rendering/RenderTableCell.cpp:
2231         (WebCore::RenderTableCell::absoluteClippedOverflowRect):
2232         * rendering/RenderTableCell.h:
2233         * rendering/RenderTableCol.cpp:
2234         (WebCore::RenderTableCol::absoluteClippedOverflowRect):
2235         * rendering/RenderTableCol.h:
2236         * rendering/RenderTableRow.cpp:
2237         (WebCore::RenderTableRow::absoluteClippedOverflowRect):
2238         * rendering/RenderTableRow.h:
2239         * rendering/RenderText.cpp:
2240         (WebCore::RenderText::absoluteClippedOverflowRect):
2241         * rendering/RenderText.h:
2242
2243 2007-03-06  Ian Eng <ian.eng.webkit@gmail.com>
2244
2245         Reviewed by Maciej.
2246
2247         - fixed http://bugs.webkit.org/show_bug.cgi?id=12720
2248         Bug 12720: Re-defining window.location.toString function keeps re-loading forever
2249
2250         * bindings/js/kjs_window.cpp:
2251         Disallow replacing functions in LocationTable, and return early without updating URL.
2252
2253 2007-03-06  Kevin McCullough  <kmccullough@apple.com>
2254
2255         Reviewed by Darin.
2256
2257         <http://bugs.webkit.org/show_bug.cgi?id=12686>
2258         REGRESSION: Bloglines.com Feeds tab cannot expand folders in TOT
2259         - Now all class constructors implement implementsHasInstance.
2260
2261         * bindings/scripts/CodeGeneratorJS.pm:
2262
2263 2007-03-07  Nikolas Zimmermann  <zimmermann@kde.org>
2264
2265         Reviewed by Rob & Oliver.
2266
2267         Preparations for the new SVG text engine.
2268
2269         Handle baseline-shift / kerning css values correctly.
2270         Recognize missing svg presentation attribute "font-size-adjust".
2271         Add all missing svg<->css property mappings in mapToEntry().
2272
2273         Doesn't affect any layout test (as these properties are not used w/o my text patch).
2274         While I'm at it, unify the macro names (RS_ -> SVG_RS_) & cleanup style a bit.
2275
2276         * ksvg2/css/CSSPropertyNames.in:
2277         * ksvg2/css/SVGCSSParser.cpp:
2278         (WebCore::CSSParser::parseSVGValue):
2279         * ksvg2/css/SVGCSSStyleSelector.cpp:
2280         (WebCore::CSSStyleSelector::applySVGProperty):
2281         * ksvg2/css/SVGRenderStyle.cpp:
2282         (WebCore::SVGRenderStyle::SVGRenderStyle):
2283         (WebCore::SVGRenderStyle::operator==):
2284         (WebCore::SVGRenderStyle::inheritedNotEqual):
2285         (WebCore::SVGRenderStyle::inheritFrom):
2286         * ksvg2/css/SVGRenderStyle.h:
2287         (WebCore::SVGRenderStyle::NonInheritedFlags::):
2288         (WebCore::SVGRenderStyle::setBitDefaults):
2289         * ksvg2/css/SVGRenderStyleDefs.cpp:
2290         (StyleTextData::StyleTextData):
2291         (StyleTextData::operator==):
2292         (StyleMiscData::StyleMiscData):
2293         (StyleMiscData::operator==):
2294         * ksvg2/css/SVGRenderStyleDefs.h:
2295         (WebCore::):
2296         (WebCore::StyleTextData::operator!=):
2297         * ksvg2/svg/SVGStyledElement.cpp:
2298         (WebCore::SVGStyledElement::cssPropertyIdForSVGAttributeName):
2299
2300 2007-03-06  Justin Garcia  <justin.garcia@apple.com>
2301
2302         Reviewed by kevin
2303         
2304         <http://bugs.webkit.org/show_bug.cgi?id=12245>
2305         FCKeditor: Remove Format sometimes doesn't work
2306         <rdar://problem/4786404>
2307         Underline style is not removed from selection after performing Remove Format
2308
2309         * editing/Editor.cpp:
2310         (WebCore::Editor::removeFormattingAndStyle): Re-wrote this.
2311
2312 2007-03-07  Nikolas Zimmermann  <zimmermann@kde.org>
2313
2314         Reviewed by Oliver.
2315
2316         Fixes: http://bugs.webkit.org/show_bug.cgi?id=12979
2317         Fixes: http://bugs.webkit.org/show_bug.cgi?id=12981
2318
2319         Guard against registering pending resources with empty id.
2320         Be careful with calling recalcStyle() in SVGUseElement, when change is "Detach" we
2321         have to use special code, as calling attach() on the shadow tree root element will crash,
2322         because it has no (direct) parent node, only a shadow parent node element.
2323
2324         * ksvg2/misc/SVGDocumentExtensions.cpp:
2325         (WebCore::SVGDocumentExtensions::addPendingResource):
2326         * ksvg2/svg/SVGUseElement.cpp:
2327         (WebCore::SVGUseElement::recalcStyle):
2328
2329 2007-03-06  Kevin Decker  <kdecker@apple.com>
2330
2331         Reviewed by Adele.
2332
2333         Fixed: <rdar://problem/5041660> REGRESSION: <keygen> element broken, prevents users from signing up for Thawte email certs
2334         
2335         * bindings/objc/DOM.mm:
2336         (WebCore::createElementClassMap): Added <keygen> to the DOM bindings so it can be accessed from Objective-C.
2337         * css/html4.css: Apply the look of the <select> element to <keygen>.
2338         * html/HTMLElementFactory.cpp:
2339         (WebCore::keygenConstructor): Added. 
2340         (WebCore::createFunctionMap): Added keygen.
2341         * html/HTMLSelectElement.cpp: Made const typeAheadTimeout variable static const. 
2342         (WebCore::HTMLSelectElement::HTMLSelectElement):  Fix both HTMLSelectElement constructors to initialize the
2343          same number of member variables. The fact that some fields were not initialized could (and would) crash the
2344          keygen element when selecting different items. Also removed m_typedString(String()) from the constructor
2345          initialization because this is not needed.
2346
2347 2007-03-06  Kevin McCullough  <kmccullough@apple.com>
2348
2349         Reviewed by Darin.
2350
2351         - Rename a function to clarify its purpose.
2352
2353         * WebCore.exp:
2354         * loader/FrameLoader.cpp:
2355         (WebCore::FrameLoader::registerURLSchemeAsLocal):
2356         * loader/FrameLoader.h:
2357
2358 2007-03-06  Adam Roben  <aroben@apple.com>
2359
2360         Build fix.
2361
2362         * WebCore.exp: Updated symbols.
2363
2364 2007-03-06  Adam Roben  <aroben@apple.com>
2365
2366         Reviewed by Anders.
2367
2368         Added a parameter to all StringTruncator methods to specify whether
2369         rounding hacks should be on or off.
2370
2371         No layout test possible.
2372
2373         * platform/StringTruncator.cpp:
2374         (WebCore::stringWidth): Added disableRoundingHacks parameter.
2375         (WebCore::truncateString): Ditto.
2376         (WebCore::StringTruncator::centerTruncate): Ditto.
2377         (WebCore::StringTruncator::rightTruncate): Ditto.
2378         (WebCore::StringTruncator::width): Ditto.
2379         * platform/StringTruncator.h: Ditto.
2380         * platform/mac/FileChooserMac.mm:
2381         (WebCore::FileChooser::basenameForWidth): Pass in false to
2382         centerTruncate so that the truncation matches the way the text will be
2383         rendered.
2384
2385 2007-03-06  Anders Carlsson  <acarlsson@apple.com>
2386
2387         Reviewed by Maciej.
2388
2389         <rdar://problem/5035045>
2390         REGRESSION: WebKit browser doesn't display image at http://www.metoffice.gov.uk/weather/satellite/index.html
2391         
2392         It turns out WinIE does allow you to access images by their id as special document properties. However, this is only
2393         allowed when the element also has a name attribute. The value of the name attribute is ignored and can even be empty!
2394         
2395         * bindings/js/kjs_html.cpp:
2396         (KJS::JSHTMLDocument::namedItemGetter):
2397         Return jsUndefined() if the collection is empty.
2398         
2399         * html/HTMLImageElement.cpp:
2400         (WebCore::HTMLImageElement::parseMappedAttribute):
2401         (WebCore::HTMLImageElement::insertedIntoDocument):
2402         (WebCore::HTMLImageElement::removedFromDocument):
2403         * html/HTMLImageElement.h:
2404         Add the id attribute value to the extra named item map.
2405         
2406         * html/HTMLNameCollection.cpp:
2407         (WebCore::HTMLNameCollection::traverseNextItem):
2408         Check for images with name attributes that match, as well as elements with id attributes that match where
2409         the element also has a name attribute.
2410
2411 2007-03-06  Anders Carlsson  <acarlsson@apple.com>
2412
2413         Reviewed by Adam.
2414
2415         WebCore part of patch to make it possible to have different user agents for different URLs.
2416
2417         * bindings/js/kjs_navigator.cpp:
2418         (KJS::Navigator::getValueProperty):
2419         * bindings/js/kjs_proxy.cpp:
2420         (WebCore::KJSProxy::initScriptIfNeeded):
2421         * loader/DocumentLoader.cpp:
2422         (WebCore::DocumentLoader::setLoading):
2423         * loader/FrameLoader.cpp:
2424         (WebCore::FrameLoader::userAgent):
2425         (WebCore::FrameLoader::loadResourceSynchronously):
2426         (WebCore::FrameLoader::applyUserAgent):
2427         * loader/FrameLoader.h:
2428         * loader/FrameLoaderClient.h:
2429         * platform/graphics/svg/SVGImageEmptyClients.h:
2430         (WebCore::SVGEmptyFrameLoaderClient::userAgent):
2431
2432 2007-03-05  Kevin McCullough  <kmccullough@apple.com>
2433
2434         Reviewed by Mark and Dave H.
2435
2436         - rdar://problem/5038491
2437         An oversight of the security fix that prevented remote from loading local is that it
2438         prevents user style sheets when the site is remote.  This fixes that.
2439
2440         * loader/Cache.cpp: Propogate and check user style sheet flag.
2441         (WebCore::createResource):
2442         (WebCore::Cache::requestResource):
2443         * loader/Cache.h: Propogate user style sheet flag.
2444         * loader/CachedCSSStyleSheet.cpp: Propogate user style sheet flag.
2445         (WebCore::CachedCSSStyleSheet::CachedCSSStyleSheet):
2446         * loader/CachedCSSStyleSheet.h: Propogate user style sheet flag.
2447         * loader/DocLoader.cpp: Propogate user style sheet flag.
2448         (WebCore::DocLoader::requestResource):
2449         * loader/SubresourceLoader.cpp: Propogate and check user style sheet flag.
2450         (WebCore::SubresourceLoader::create):
2451         * loader/SubresourceLoader.h: Add check for user style sheet flag.
2452         * loader/loader.cpp: Propogate user style sheet flag.
2453         (WebCore::Loader::load):
2454         (WebCore::Loader::servePendingRequests):
2455         * loader/loader.h: Propogate user style sheet flag.
2456
2457 2007-03-06  Nikolas Zimmermann  <zimmermann@kde.org>
2458
2459         Reviewed by Darin.
2460
2461         Fixes: http://bugs.webkit.org/show_bug.cgi?id=12936 (Master bug used to track all current use problems.)
2462
2463         Fixes: http://bugs.webkit.org/show_bug.cgi?id=12926 (transform attribute not respected in nested <use> elements)
2464         Fixes: http://bugs.webkit.org/show_bug.cgi?id=12267 (getElementById broken for <use>)
2465         Fixes: http://bugs.webkit.org/show_bug.cgi?id=12916 (use instance in symbol definition does not work)
2466         Fixes: http://bugs.webkit.org/show_bug.cgi?id=12917 (mouseout event does not occur after scaling use instance)
2467         Fixes: http://bugs.webkit.org/show_bug.cgi?id=12838 (SVG <use> DOM broken for script)
2468
2469         Added test: svg/custom/use-nested-transform.svg
2470         Added test: svg/custom/struct-use-09-b.svg (not yet official W3C-SVG-1.1 testcase)
2471         Fixes test: svg/custom/use-elementInstance-event-target.svg (rectangle now turns green on first click)
2472
2473         Fix all (except one) known <use> bug. The remaining bug (12630) is not crucical at all.
2474         Enable <use> again as default SVG feature, as discussed on webkit-dev.
2475
2476         dom/Element.cpp needed following tweak: set hasParentStyle to true, if there is no parentNode
2477         available - which happens for <use> nodes, as it's a shadow node. This fixes recalcStyle behaviour.
2478         Override recalcStyle() in SVGUseElement, and properly forward the call to the shadow tree root element.
2479         The shadow tree now receives proper style updates (without having to recreate the whole tree!).
2480
2481         Override attributeChanged() in SVGUseElement and only call notifyAttributeChange if one of x/y/width/height/xlink:href
2482         attribute changed - otherwhise we'll end up recreating the tree for every transform/style/(non-existing-attribute) change.
2483
2484         Do not override transform in nested use situations, but correctly append (right-sided) the translation of the <use> element.
2485         Some cosmetic fixes: don't add transform="translate(0 0)" attributes if both x/y values are null in the shadow tree.
2486
2487         Factor out logic for replacing symbol/svg tags in the shadow tree, and also invoke it during expandUseElementsInShadowTree -
2488         otherwhise <symbol><use xlink:href="#someOtherSymbol"></symbol> the <use> gets expanded to a <symbol>. Though no one expands
2489         the <symbol> element - and we're end up in hitting an assertion. Avoid that.
2490
2491         * bindings/js/JSSVGElementWrapperFactory.cpp:
2492         * bindings/js/kjs_dom.cpp:
2493         (KJS::toJS):
2494         * bindings/objc/DOM.mm:
2495         (WebCore::createElementClassMap):
2496         * dom/Element.cpp:
2497         (WebCore::Element::recalcStyle):
2498         * ksvg2/svg/SVGElement.cpp:
2499         (WebCore::shadowTreeParentElementForShadowTreeElement):
2500         (WebCore::SVGElement::dispatchEvent):
2501         * ksvg2/svg/SVGElementInstance.cpp:
2502         * ksvg2/svg/SVGElementInstance.h:
2503         * ksvg2/svg/SVGElementInstance.idl:
2504         * ksvg2/svg/SVGElementInstanceList.cpp:
2505         * ksvg2/svg/SVGElementInstanceList.h:
2506         * ksvg2/svg/SVGElementInstanceList.idl:
2507         * ksvg2/svg/SVGStyledElement.cpp:
2508         (WebCore::SVGStyledElement::notifyAttributeChange):
2509         (WebCore::SVGStyledElement::updateElementInstance):
2510         * ksvg2/svg/SVGStyledElement.h:
2511         * ksvg2/svg/SVGUseElement.cpp:
2512         (WebCore::SVGUseElement::attributeChanged):
2513         (WebCore::SVGUseElement::notifyAttributeChange):
2514         (WebCore::SVGUseElement::recalcStyle):
2515         (WebCore::SVGUseElement::buildPendingResource):
2516         (WebCore::SVGUseElement::buildShadowTreeForSymbolTag):
2517         (WebCore::SVGUseElement::alterShadowTreeForSVGTag):
2518         (WebCore::SVGUseElement::buildShadowTree):
2519         (WebCore::SVGUseElement::expandUseElementsInShadowTree):
2520         (WebCore::SVGUseElement::attachShadowTree):
2521         * ksvg2/svg/SVGUseElement.h:
2522         * ksvg2/svg/SVGUseElement.idl:
2523         * ksvg2/svg/svgtags.in:
2524
2525 2007-03-05  Brady Eidson  <beidson@apple.com>
2526
2527         Reviewed by John
2528
2529         Fixes <rdar://problem/4974258>
2530         Adds some key null checking
2531
2532         * bindings/js/kjs_html.cpp:
2533         (KJS::JSHTMLElement::implementsCall): Null check doc/frame
2534         * bindings/objc/DOMInternal.mm:
2535         (-[WebScriptObject _initializeScriptDOMNodeImp]): Null check doc/frame
2536
2537 2007-03-06  Nikolas Zimmermann  <zimmermann@kde.org>
2538
2539         Reviewed by Darin.
2540
2541         Path::normalAngleAtLength() / Path::pointAtLength() don't work correctly.
2542         pointAtLength() was not implemented, basically and normalAngleAtLength()
2543         had a bug in the tangent slope calculation.
2544
2545         The normalAngleAtLength() stuff can only be tested with my local textPath support.
2546         New LayoutTest: svg/custom/path-textPath-simulation.svg
2547
2548         * platform/graphics/Path.cpp:
2549         (WebCore::pathLengthApplierFunction):
2550         * platform/graphics/PathTraversalState.cpp:
2551         (WebCore::PathTraversalState::quadraticBezierTo):
2552         (WebCore::PathTraversalState::cubicBezierTo):
2553         * platform/graphics/PathTraversalState.h:
2554         (WebCore::PathTraversalState::):
2555
2556 2007-03-05  Alexey Proskuryakov  <ap@webkit.org>
2557
2558         Reviewed by Darin.
2559
2560         http://bugs.webkit.org/show_bug.cgi?id=12970
2561         Fix and import 4XPath test_core_functions.html test
2562
2563         * xml/XPathExpression.cpp:
2564         (WebCore::XPathExpression::evaluate): Fully initialize the evaluation context.
2565
2566         * xml/XPathFunctions.cpp:
2567         (WebCore::XPath::FunSubstring::doEvaluate): Fixed handling of edge cases.
2568         (WebCore::XPath::FunRound::round): Reimplemented to match the spec; exposed FunRound::round() to be used in
2569         other functions.
2570
2571 2007-03-05  Alexey Proskuryakov  <ap@webkit.org>
2572
2573         Reviewed by Darin.
2574
2575         http://bugs.webkit.org/show_bug.cgi?id=12954
2576         XPath relative operations are implemented incorrectly
2577
2578         * xml/XPathPredicate.cpp:
2579         (WebCore::XPath::NumericOp::doEvaluate):
2580         (WebCore::XPath::EqTestOp::compare):
2581         (WebCore::XPath::EqTestOp::doEvaluate):
2582         Reimplemented relative equality operations to match the spec.
2583
2584         * xml/XPathPredicate.h:
2585         (WebCore::XPath::NumericOp::):
2586         (WebCore::XPath::EqTestOp::):
2587         Moved relative operations to EqTestOp.
2588
2589         * xml/XPathGrammar.y:
2590         * xml/XPathParser.cpp:
2591         (WebCore::XPath::Parser::nextTokenInternal):
2592         (WebCore::XPath::Parser::lex):
2593         Adapted for the above changes.
2594
2595 2007-03-05  Mark Rowe  <mrowe@apple.com>
2596
2597         Reviewed by Lars.
2598
2599         Fix http://bugs.webkit.org/show_bug.cgi?id=12947
2600         Bug 12947: REGRESSION: ASSERTION FAILED: maxWidth >= 0 in StringTruncator.cpp:109 in WebCore::truncateString()
2601
2602         Handle nil window correctly in toUserSpace and toDeviceSpace.  On Intel Macs a message to nil that returns a
2603         float will return 0.0.  We use this as the divisor in calculating a scale factor, which results in NaN being
2604         introduced into our rect.
2605
2606         * platform/mac/ScreenMac.mm:
2607         (WebCore::toUserSpace):
2608         (WebCore::toDeviceSpace):
2609
2610 2007-03-05  Rob Buis  <buis@kde.org>
2611
2612         Reviewed by Darin.
2613
2614         http://bugs.webkit.org/show_bug.cgi?id=12868
2615         parts of the CSS classes in this simple SVG example are not applied
2616
2617         Make sure the xml stylesheets are parsed in strict mode.
2618
2619         * dom/ProcessingInstruction.cpp:
2620         (WebCore::ProcessingInstruction::parseStyleSheet):
2621
2622 2007-03-04  Adele Peterson  <adele@apple.com>
2623
2624         Reviewed by Darin.
2625
2626         Change to dispatch the keypress event during the defaultEventHandler for keydown events.  This matches IE behavior.
2627         This is preparation for fixing event dispatch with input methods (http://bugs.webkit.org/show_bug.cgi?id=10871)
2628
2629         Test: fast/events/keydown-keypress-preventDefault.html
2630
2631         * dom/EventTargetNode.cpp: (WebCore::EventTargetNode::defaultEventHandler): Call the defaultKeyboardEventHandler for keydown events.
2632         * page/EventHandler.cpp:
2633         (WebCore::eventTargetNodeForDocument): Return 0 instead of false since the return type in EventTargetNode.
2634         (WebCore::EventHandler::keyEvent): Removed dispatch of keypress event, since this is now done in the default event handler.
2635         (WebCore::EventHandler::defaultKeyboardEventHandler): For keydown events, create and dispatch a keypress event.
2636
2637 2007-03-04  Alexey Proskuryakov  <ap@webkit.org>
2638
2639         Reviewed by Nikolas Zimmermann (yay!).
2640
2641         http://bugs.webkit.org/show_bug.cgi?id=12962
2642         4XPath tests crash on lang() function
2643
2644         Covered by 4XPath tests, to be landed later.
2645
2646         * platform/StringImpl.cpp:
2647         (WebCore::StringImpl::reverseFind): Do not crash with empty strings.
2648         * xml/XPathFunctions.cpp:
2649         (WebCore::XPath::FunLang::doEvaluate): Do not crash when an element has no
2650         attributes. Use a proper namespace for xml:lang (not sure where "xms" came from).
2651         Rewrote the algorithm for suffix removing to match the spec.
2652
2653 2007-03-02  Anders Carlsson  <acarlsson@apple.com>
2654
2655         Reviewed by Darin.
2656
2657         <rdar://problem/5028165> 
2658         http://bugs.webkit.org/show_bug.cgi?id=12915
2659         REGRESSION: XMLHttpRequest.abort() does not stop loading (12915)
2660         
2661         * loader/DocumentLoader.cpp:
2662         (WebCore::DocumentLoader::stopLoading):
2663         Save the value of m_loading since calling FrameLoader::stopLoading could set it to false.
2664         
2665         * loader/SubresourceLoader.cpp:
2666         (WebCore::SubresourceLoader::didCancel):
2667         * loader/SubresourceLoader.h:
2668         Get rid of didCancel now, it's not needed anymore.
2669         
2670         * xml/xmlhttprequest.cpp:
2671         (WebCore::XMLHttpRequest::abort):
2672         Call cancel() instead of stopLoading(). Also, set m_aborted to true so the XMLHttpRequest object
2673         won't be dereferenced in didFail when aborting.
2674
2675 2007-03-04  Krzysztof Kowalczyk  <kkowalczyk@gmail.com>
2676
2677         Reviewed by Nikolas Zimmermann.
2678
2679         Move ScrollView stubs to ScrollViewGdk.cpp
2680
2681         * platform/gdk/FrameGdk.h: remove comment that no longer makes sense
2682         * platform/gdk/ScrollViewGdk.cpp:
2683         (WebCore::ScrollView::addChild):
2684         (WebCore::ScrollView::removeChild):
2685         (WebCore::ScrollView::scrollPointRecursively):
2686         (WebCore::ScrollView::inWindow):
2687         (WebCore::ScrollView::wheelEvent):
2688         (WebCore::ScrollView::updateScrollbars):
2689         (WebCore::ScrollView::updateScrollInfo):
2690         (WebCore::ScrollView::windowToContents):
2691         (WebCore::ScrollView::contentsToWindow):
2692         (WebCore::ScrollView::scrollbarUnderMouse):
2693         * platform/gdk/TemporaryLinkStubs.cpp:
2694
2695 2007-03-02  Kevin McCullough  <kmccullough@apple.com>
2696
2697         Reviewed by Geoff.
2698
2699         - rdar://problem/4922454
2700         - This fixes a security issue by making remote referrers not able to access local
2701         resources, unless they register their schemes to be treated as local. The result is
2702         that those schemes can access local resources and cannot be accessed by remote
2703         referrers.
2704         Because this behavior is new a link-on-or-after check is made to determine if the
2705         app should use the older, less safe, behavior.
2706
2707         * WebCore.exp: added exported functions
2708         * bindings/objc/DOM.mm: consolodated function to base class
2709         (-[DOMElement image]):
2710         (-[DOMElement _imageTIFFRepresentation]):
2711         * dom/Document.cpp: Cache the document's ability to load local resources.
2712         (WebCore::Document::Document):
2713         (WebCore::Document::setURL):
2714         (WebCore::Document::shouldBeAllowedToLoadLocalResources):
2715         (WebCore::Document::stylesheetLoaded):
2716         * dom/Document.h: Cache the docuent's ability to load local resources.
2717         (WebCore::Document::getPendingSheet):
2718         (WebCore::Document::isAllowedToLoadLocalResources):
2719         * html/HTMLImageLoader.cpp: Moved functionality into base class.
2720         (WebCore::HTMLImageLoader::updateFromElement):
2721         (WebCore::HTMLImageLoader::dispatchLoadEvent):
2722         * html/HTMLLinkElement.cpp: Handles null returns correctly now.
2723         * html/HTMLTokenizer.cpp: Moved functionality into base class.
2724         (WebCore::HTMLTokenizer::notifyFinished):
2725         * ksvg2/misc/SVGImageLoader.cpp: Moved functionality into base class.
2726         (WebCore::SVGImageLoader::dispatchLoadEvent):
2727         * loader/Cache.cpp: Checks if the cached resource can be loaded.
2728         (WebCore::Cache::requestResource):
2729         * loader/CachedCSSStyleSheet.cpp: Moved functionality into base class.
2730         (WebCore::CachedCSSStyleSheet::ref):
2731         (WebCore::CachedCSSStyleSheet::error):
2732         * loader/CachedImage.cpp: Moved functionality into base class.
2733         (WebCore::CachedImage::CachedImage):
2734         * loader/CachedImage.h: Moved functionality into base class.
2735         (WebCore::CachedImage::canRender):
2736         * loader/CachedResource.cpp: Cache if the CachedResource should be treated as local
2737         (WebCore::CachedResource::CachedResource):
2738         * loader/CachedResource.h: Moved functionality into base class.
2739         (WebCore::CachedResource::errorOccurred):
2740         (WebCore::CachedResource::shouldTreatAsLocal):
2741         * loader/CachedScript.cpp: Moved functionality into base class.
2742         (WebCore::CachedScript::CachedScript):
2743         * loader/CachedScript.h: Moved functionality into base class.
2744         (WebCore::CachedScript::schedule):
2745         * loader/CachedXBLDocument.cpp: Moved functionality into base class.
2746         (WebCore::CachedXBLDocument::error):
2747         * loader/CachedXSLStyleSheet.cpp: Moved functionality into base class.
2748         (WebCore::CachedXSLStyleSheet::error):
2749         * loader/FrameLoader.cpp: See comments for each function below.
2750         (WebCore::FrameLoader::loadSubframe): Use new canLoad.
2751         (WebCore::FrameLoader::restrictAccessToLocal): return value of linked-on-or-after check.
2752         (WebCore::FrameLoader::setRestrictAccessToLocal): set value for linked-on-or-after check.
2753         (WebCore::localSchemes): Return set of schemes that are to be treated as local.
2754         (WebCore::FrameLoader::loadPlugin): Use new canLoad.
2755         (WebCore::FrameLoader::canLoad): Now multiple functions that each do the same work but some can take advantage of the cached values, if they were computed previously.
2756         (WebCore::FrameLoader::shouldHideReferrer): Extracted out the logic to determine if the referrer should be hidden so it is only calculated when needed.
2757         (WebCore::FrameLoader::loadResourceSynchronously): No longer calls canLoad to get hideReferrer info.
2758         (WebCore::FrameLoader::registerSchemeAsLocal): Functionality to register a scheme to be treated as local.
2759         (WebCore::FrameLoader::treatURLAsLocal): Given a URL this function determines if it should be treated as local.
2760         * loader/FrameLoader.h: Declared functions for this security fix.  See above.
2761         * loader/MainResourceLoader.cpp: Optized order of bools to regain performance.
2762         (WebCore::MainResourceLoader::continueAfterContentPolicy):
2763         * loader/SubresourceLoader.cpp: Now restricts remote from loading local resources.
2764         (WebCore::SubresourceLoader::create):
2765         * page/EventHandler.cpp: Moved functionality into base class.
2766         (WebCore::selectCursor):
2767         * platform/KURL.cpp: KURLs need to check all the registered schemes now.
2768         (WebCore::KURL::isLocalFile):
2769         * rendering/HitTestResult.cpp: Moved functionality into base class.
2770         (WebCore::HitTestResult::image):
2771         * rendering/RenderImage.cpp: Moved functionality into base class.
2772         (WebCore::RenderImage::setCachedImage):
2773         (WebCore::RenderImage::imageChanged):
2774         (WebCore::RenderImage::paint):
2775         (WebCore::RenderImage::layout):
2776         (WebCore::RenderImage::calcAspectRatioWidth):
2777         (WebCore::RenderImage::calcAspectRatioHeight):
2778         * rendering/RenderImage.h: Moved functionality into base class.
2779         (WebCore::RenderImage::errorOccurred):
2780         * rendering/RenderListItem.cpp: Moved functionality into base class.
2781         (WebCore::RenderListItem::setStyle):
2782         * rendering/RenderListMarker.cpp: Moved functionality into base class.
2783         (WebCore::RenderListMarker::isImage):
2784         * xml/xmlhttprequest.cpp: Check doc's cached value instead of determining independently.
2785         (WebCore::XMLHttpRequest::urlMatchesDocumentDomain):
2786
2787 2007-03-02  Justin Garcia  <justin.garcia@apple.com>
2788
2789         Reviewed by kevin
2790         
2791         <rdar://problem/5028447>
2792         REGRESSION: Gmail Editor: Copied message text pastes at the wrong font size
2793
2794         * editing/markup.cpp:
2795         (WebCore::createMarkup): The style of the div that holds
2796         a fully selected body's styles didn't include styles inherited
2797         from the body's ancestors.
2798         
2799 2007-03-02  Justin Garcia  <justin.garcia@apple.com>
2800
2801         Reviewed by harrison
2802
2803         <rdar://problem/4545040>
2804         innerHTML does not HTML-escape text nodes inside PRE elements
2805         <rdar://problem/5027857>
2806         Pasting into Mail from Safari's view-source window renders the HTML
2807
2808         * editing/HTMLInterchange.cpp:
2809         (WebCore::convertHTMLTextToInterchangeFormat): Send this function
2810         the node that the text comes from as a parameter.  It shouldn't convert
2811         '\n's to spaces/nbsps if the text is coming from text where newlines are
2812         preserved.
2813         * editing/HTMLInterchange.h:
2814         * editing/markup.cpp:
2815         (WebCore::startMarkup): Escape text inside the children of PREs.
2816
2817 2007-03-02  Sam Weinig  <sam@webkit.org>
2818
2819         Reviewed by Anders.
2820
2821         Try to fix the Qt build.
2822
2823         * platform/qt/TemporaryLinkStubs.cpp: Add stubs.
2824         (WebCore::searchMenuNoRecentSearchesText):
2825         (WebCore::searchMenuRecentSearchesText):
2826         (WebCore::searchMenuClearRecentSearchesText):
2827         (WebCore::AXWebAreaText):
2828         (WebCore::AXLinkText):
2829         (WebCore::AXListMarkerText):
2830         (WebCore::AXImageMapText):
2831         (WebCore::AXHeadingText):
2832
2833 2007-03-02  David Harrison  <harrison@apple.com>
2834
2835         Suggested by Darin.
2836
2837         A more efficient solution to rdar://4961431.
2838
2839         * bridge/mac/WebCoreAXObject.mm:
2840         (-[WebCoreAXObject accessibilityIsIgnored]):
2841
2842 2007-03-01  Justin Garcia  <justin.garcia@apple.com>
2843
2844         Reviewed by john
2845         
2846         <rdar://problem/5032095>
2847         Gmail Editor: Copied text pastes on a new line instead of current line
2848         
2849         Start merge failed to occur because positionAtStartOfInsertedContent
2850         had a bug.
2851
2852         * editing/ReplaceSelectionCommand.cpp:
2853         (WebCore::ReplaceSelectionCommand::positionAtStartOfInsertedContent):
2854         Was failing when inserting <span><div>foo/div></span>. Return the 
2855         inserted content's first VisiblePosition.
2856
2857 2007-03-02  Dave Hyatt  <hyatt@apple.com>
2858
2859         Fix crasher in glyph map code (buffer overrun).
2860
2861         Reviewed by darin
2862
2863         * platform/win/GlyphPageTreeNodeWin.cpp:
2864         (WebCore::GlyphPage::fill):
2865
2866 2007-03-01  Antti Koivisto  <antti@apple.com>
2867
2868         Reviewed by Maciej.
2869
2870         Fix for http://bugs.webkit.org/show_bug.cgi?id=12895
2871         REGRESSION: imagemap: pointer cursor is shown everywhere
2872         <rdar://problem/5028163>
2873  
2874         Image with imagemap should never itself be URLElement in hit test results. 
2875                
2876         No layout test, cursor state can't be captured.
2877
2878         * rendering/RenderLayer.cpp:
2879         (WebCore::RenderLayer::hitTest):
2880
2881 2007-03-01  Antti Koivisto  <antti@apple.com>
2882
2883         Reviewed by Maciej.
2884         
2885         Fix http://bugs.webkit.org/show_bug.cgi?id=12690
2886         REGRESSION: can not log in to bank of america with TOT webkit
2887         <rdar://problem/4990044>
2888         
2889         and http://bugs.webkit.org/show_bug.cgi?id=12604
2890         REGRESSION: After closing the "Would you like to save password" sheet, the form fails 
2891         to submit automatically at http://www.mac.com/WebObjects/HomePage.woa
2892         <rdar://problem/4871752>
2893         
2894         and http://bugs.webkit.org/show_bug.cgi?id=12020
2895         REGRESSION: Flickr uploading broken
2896         <rdar://problem/4928662>
2897         
2898         Turn protection against multiple forms submission back on. This approach is buggy 
2899         but it is way better than not having it at all. Not protecting against this
2900         breaks number of major sites.
2901         
2902         * bridge/mac/WebCoreAXObject.mm:
2903         (-[WebCoreAXObject accessibilityPerformAction:]):
2904         * loader/FrameLoader.cpp:
2905         (WebCore::FrameLoader::resetMultipleFormSubmissionProtection):
2906         (WebCore::FrameLoader::submitForm):
2907         (WebCore::FrameLoader::receivedMainResourceError):
2908         * loader/FrameLoader.h:
2909         * page/EventHandler.cpp:
2910         (WebCore::EventHandler::keyEvent):
2911         * page/Frame.cpp:
2912         (WebCore::Frame::setView):
2913         * page/mac/EventHandlerMac.mm:
2914         (WebCore::EventHandler::mouseDown):
2915
2916 2007-03-01  Kevin McCullough  <kmccullough@apple.com>
2917
2918         Reviewed by Adam.
2919
2920         - Added the test case: external-script-URL-location.html
2921         - Fix an issue where the url of a document is null after an open if the document
2922         has no parent.
2923
2924         * dom/Document.cpp:
2925         (WebCore::Document::open):
2926
2927 2007-03-01  Anders Carlsson  <acarlsson@apple.com>
2928
2929         Reviewed by Darin.
2930
2931         <rdar://problem/4960250> 
2932         http://bugs.webkit.org/show_bug.cgi?id=11627
2933         REGRESSION: Reproducible crash at IMDb in WebCore::FrameLoader::stopLoadingSubframes
2934         
2935         In rare cases, we could end up calling checkLoadComplete twice for the same frame. This would cause the 
2936         didFailProvisionalLoad delegate method to be called twice for the same frame, and also cause the provisional document loader
2937         to be reset to null when other code wasn't expecting it.
2938         
2939         This regressed in revision 10904 with the fix for <rdar://problem/4184719>. The fix is to only call stopLoading on the frame
2940         if either the document loader is loading, or the document is still being parsed. I've verified that the bug is still fixed and
2941         that no leaks occur.
2942         
2943         * loader/DocumentLoader.cpp:
2944         (WebCore::DocumentLoader::stopLoading):
2945
2946 2007-03-01  Krzysztof Kowalczyk  <kkowalczyk@gmail.com>
2947
2948         Reviewed by Darin.
2949
2950         Fix ARM crash due to accessing non-4-byte-aligned memory
2951         as 32-bit values.
2952
2953         * platform/AtomicString.cpp:
2954         (WebCore::UCharBufferTranslator::equal):
2955
2956 2007-03-01  David Harrison  <harrison@apple.com>
2957
2958         Reviewed by Darin.
2959
2960         <rdar://problem/5033905> Have the DOM secondary thread check raise an exception by default
2961
2962         * platform/mac/ThreadCheck.mm:
2963         (WebCore::_WebCoreThreadViolationCheck):
2964         Initialize threadViolationIsException to true.
2965
2966 2007-03-01  Brady Eidson  <beidson@apple.com>
2967
2968         Reviewed by Darin
2969
2970         <rdar://problem/5030628> - Crash opening a new window with the
2971         "New windows open to the same page" pref set
2972
2973         * history/HistoryItem.cpp:
2974         (WebCore::HistoryItem::HistoryItem): Set the m_subItems vector capacity correctly
2975
2976 2007-03-01  Alexey Proskuryakov  <ap@webkit.org>
2977
2978         Reviewed by Maciej.
2979
2980         http://bugs.webkit.org/show_bug.cgi?id=12801
2981         Assertion failure in createMarkup() (root) when doing Select All, Copy in an SVG document
2982
2983         Test: editing/pasteboard/createMarkup-assert.xml
2984
2985         * editing/markup.cpp:
2986         (WebCore::createMarkup): Removed the assertion, because it's wrong in a non-HTML world.
2987
2988 2007-02-28  Adam Roben  <aroben@apple.com>
2989
2990         Reviewed by Oliver and Hyatt.
2991
2992         Fix <rdar://problem/5024233> Crash while using Find on empty document
2993
2994         No layout test possible, as this involves a null document.
2995
2996         * dom/Range.cpp:
2997         (WebCore::rangeOfContents): Added an ASSERT.
2998         * page/Frame.cpp:
2999         (WebCore::Frame::findString): Added a null-check for document().
3000         (WebCore::Frame::markAllMatchesForText): Ditto.
3001
3002 2007-02-28  Krzysztof Kowalczyk  <kkowalczyk@gmail.com>
3003
3004         Not reviewed - simple gdk build fix.
3005
3006         Add stubs for newly introduced localized strings.
3007
3008         * platform/gdk/TemporaryLinkStubs.cpp:
3009         (WebCore::searchMenuNoRecentSearchesText):
3010         (WebCore::searchMenuRecentSearchesText):
3011         (WebCore::searchMenuClearRecentSearchesText):
3012
3013 2007-02-28  Brady Eidson  <beidson@apple.com>
3014
3015         Reviewed by Beth
3016
3017         Move the Thread Safety Check functions into their own header for export to WebKit
3018
3019         * WebCore.exp: Export the function
3020         * WebCore.xcodeproj/project.pbxproj: 
3021         * bindings/scripts/CodeGeneratorObjC.pm: Include the new header
3022         * platform/Logging.h: Move stuff to ThreadCheck.h
3023         * platform/ThreadCheck.h: Added.
3024         * platform/mac/LoggingMac.mm: Move stuff to ThreadCheck.mm
3025         * platform/mac/ThreadCheck.mm: Added.
3026         (WebCore::_WebCoreThreadViolationCheck):
3027         (WebCoreReportThreadViolation):
3028
3029 2007-02-28  Beth Dakin  <bdakin@apple.com>
3030
3031         Reviewed by Brady.
3032
3033         Fix for http://bugs.webkit.org/show_bug.cgi?id=12923 REGRESSION: 
3034         Assertion failure copying standalone image
3035
3036         * platform/mac/PasteboardMac.mm:
3037         (WebCore::Pasteboard::writeImage): Use the CachedImage as the 
3038         resource. This makes more sense anyway. There is no need to null-
3039         check the renderer or the CachedImage since we return early if 
3040         there is no Image* and the HitTestResult::image() function checks 
3041         for these things.
3042
3043 2007-02-28  Adele Peterson  <adele@apple.com>
3044
3045         Reviewed by Beth.
3046
3047         Fix for <rdar://problem/4887423> REGRESSION: search results popup menu strings are not localized
3048         and <rdar://problem/3517227> accessibility-related strings in WebCore are not localized
3049
3050         Use localized strings from WebKit instead of hard coded strings.
3051
3052         * bridge/mac/WebCoreAXObject.mm: (-[WebCoreAXObject roleDescription]):
3053         * page/mac/WebCoreViewFactory.h:
3054         * platform/LocalizedStrings.h:
3055         * platform/mac/LocalizedStringsMac.mm:
3056         (WebCore::searchMenuNoRecentSearchesText):
3057         (WebCore::searchMenuRecentSearchesText):
3058         (WebCore::searchMenuClearRecentSearchesText):
3059         (WebCore::AXWebAreaText):
3060         (WebCore::AXLinkText):
3061         (WebCore::AXListMarkerText):
3062         (WebCore::AXImageMapText):
3063         (WebCore::AXHeadingText):
3064         * rendering/RenderTextControl.cpp: (WebCore::RenderTextControl::itemText):
3065
3066 2007-02-27  Antti Koivisto  <antti@apple.com>
3067
3068         Reviewed by Maciej.
3069
3070         - fix http://bugs.webkit.org/show_bug.cgi?id=12911
3071         GoogleDocs: Ordered lists don't update immediately when start attribute changed
3072         
3073         Update list marker value when start attribute changes.
3074
3075         * html/HTMLOListElement.cpp:
3076         (WebCore::HTMLOListElement::parseMappedAttribute):
3077
3078 2007-02-28  Nikolas Zimmermann  <zimmermann@kde.org>
3079
3080         Reviewed by Maciej.
3081
3082         Corrected the use of the new ENABLE() macros in some ksvg2/svg files.
3083         Add new build-webkit flags "--(no-)xpath" / "--(no-)xslt", to be able
3084         to switch off build features easily. Also add "--(no-)svg-experimental-features"
3085         flag, to be able to test filters/animations/use/foreignObject easily.
3086
3087         * DerivedSources.make:
3088         * ksvg2/scripts/make_names.pl:
3089         * ksvg2/svg/SVGFEDiffuseLightingElement.cpp:
3090         * ksvg2/svg/SVGStyledElement.cpp:
3091         * ksvg2/svg/SVGUseElement.cpp:
3092
3093 2007-02-28  Rob Buis  <buis@kde.org>
3094
3095         Reviewed by Maciej.
3096
3097         http://bugs.webkit.org/show_bug.cgi?id=12609
3098         Any SVG element will create renderers even when children of HTML elements
3099
3100         Allow creation of svg renderers only when parent is SVG, except for
3101         the <svg> element.
3102
3103         * ksvg2/svg/SVGAElement.h:
3104         * ksvg2/svg/SVGAnimationElement.h:
3105         * ksvg2/svg/SVGCircleElement.h:
3106         * ksvg2/svg/SVGClipPathElement.h:
3107         (WebCore::SVGClipPathElement::rendererIsNeeded):
3108         * ksvg2/svg/SVGDefsElement.cpp:
3109         * ksvg2/svg/SVGDefsElement.h:
3110         * ksvg2/svg/SVGDescElement.h:
3111         (WebCore::SVGDescElement::rendererIsNeeded):
3112         * ksvg2/svg/SVGElement.cpp:
3113         * ksvg2/svg/SVGEllipseElement.h:
3114         * ksvg2/svg/SVGFilterElement.h:
3115         (WebCore::SVGFilterElement::rendererIsNeeded):
3116         * ksvg2/svg/SVGFilterPrimitiveStandardAttributes.h:
3117         (WebCore::SVGFilterPrimitiveStandardAttributes::rendererIsNeeded):
3118         * ksvg2/svg/SVGForeignObjectElement.h:
3119         * ksvg2/svg/SVGGElement.h:
3120         * ksvg2/svg/SVGGradientElement.h:
3121         * ksvg2/svg/SVGImageElement.h:
3122         * ksvg2/svg/SVGLineElement.h:
3123         * ksvg2/svg/SVGMarkerElement.h:
3124         * ksvg2/svg/SVGMaskElement.h:
3125         * ksvg2/svg/SVGPathElement.h:
3126         * ksvg2/svg/SVGPatternElement.h:
3127         * ksvg2/svg/SVGPolyElement.h:
3128         * ksvg2/svg/SVGRectElement.h:
3129         * ksvg2/svg/SVGStopElement.h:
3130         * ksvg2/svg/SVGStyledElement.cpp:
3131         (WebCore::SVGStyledElement::rendererIsNeeded):
3132         * ksvg2/svg/SVGStyledElement.h:
3133         * ksvg2/svg/SVGSwitchElement.h:
3134         * ksvg2/svg/SVGSymbolElement.h:
3135         (WebCore::SVGSymbolElement::rendererIsNeeded):
3136         * ksvg2/svg/SVGTRefElement.h:
3137         * ksvg2/svg/SVGTSpanElement.h:
3138         * ksvg2/svg/SVGTextElement.h:
3139         * ksvg2/svg/SVGTitleElement.h:
3140         (WebCore::SVGTitleElement::rendererIsNeeded):
3141         * ksvg2/svg/SVGUseElement.h:
3142         * ksvg2/svg/SVGViewElement.h:
3143         (WebCore::SVGViewElement::rendererIsNeeded):
3144
3145 2007-02-28  Rob Buis  <buis@kde.org>
3146
3147         Reviewed by Maciej.
3148
3149         http://bugs.webkit.org/show_bug.cgi?id=12913
3150         Markers do not render in webkit when it misses markerWidth or markerHeight attribute
3151
3152         Set defaults for markerWidth/markerHeight so markers that do not specify them render.
3153
3154         * ksvg2/svg/SVGMarkerElement.cpp:
3155         (WebCore::SVGMarkerElement::SVGMarkerElement):
3156
3157 2007-02-27  Anders Carlsson  <acarlsson@apple.com>
3158
3159         * loader/ResourceLoader.cpp:
3160         (WebCore::ResourceLoader::~ResourceLoader):
3161         Remove comment.
3162
3163 2007-02-27  Justin Garcia  <justin.garcia@apple.com>
3164
3165         Reviewed by oliver
3166
3167         <rdar://problem/5027300>
3168         REGRESSION: Images inserted with align left/right are lost
3169
3170         * editing/ReplaceSelectionCommand.cpp:
3171         (WebCore::ReplaceSelectionCommand::shouldMerge):
3172         Don't attempt to merge to or from a position before 
3173         or after a block because it will be a no-op and
3174         lead to infinite recursion.
3175         In this case it instead resulted in content loss because 
3176         of bugs in start/endOfParagraph (5027702).
3177         * editing/visible_units.cpp: Added two FIXMEs for
3178         the problems with start/endOfParagraph.
3179
3180 2007-02-27  Anders Carlsson  <acarlsson@apple.com>
3181
3182         Reviewed by Geoff.
3183
3184         Make resource load delegate methods pass the right document loader.
3185         
3186         * loader/FrameLoader.cpp:
3187         (WebCore::FrameLoader::willSendRequest):
3188         (WebCore::FrameLoader::didReceiveResponse):
3189         (WebCore::FrameLoader::didReceiveData):
3190         (WebCore::FrameLoader::didFailToLoad):
3191         (WebCore::FrameLoader::didFinishLoad):
3192         (WebCore::FrameLoader::didReceiveAuthenticationChallenge):
3193         (WebCore::FrameLoader::didCancelAuthenticationChallenge):
3194         Use the resource loader's document loader instead of the active one.
3195         
3196         * loader/MainResourceLoader.cpp:
3197         (WebCore::MainResourceLoader::receivedError):
3198         Make it so we send the frame load delegate method before the resource load delegate method.
3199         This was a regression from 2.0 and was caused by the fix to rdar://problem/4609195. Because the way the loader
3200         now works, both delegate methods will be called.
3201         
3202         * loader/ResourceLoader.cpp:
3203         (WebCore::ResourceLoader::ResourceLoader):
3204         * loader/ResourceLoader.h:
3205         (WebCore::ResourceLoader::documentLoader):
3206         Add document loader pointer to ResourceLoader.
3207
3208 2007-02-27  Mitz Pettel  <mitz@webkit.org>
3209
3210         Reviewed by Hyatt.
3211
3212         - fix http://bugs.webkit.org/show_bug.cgi?id=12910
3213           REGRESSION (r18756-r18765): list-bullet doesn't redraw properly when changing the list's content using JavaScript
3214
3215         Test: fast/repaint/list-marker.html
3216
3217         * rendering/RenderListItem.cpp:
3218         (WebCore::RenderListItem::positionListMarker): Add the marker to the visual
3219         overflow of all its ancestor blocks up to the list item. This needs to be
3220         done here since the marker is positioned only after those blocks have been
3221         laid out.
3222
3223 2007-02-27  Antti Koivisto  <antti@apple.com>
3224
3225         Reviewed by Hyatt.
3226         
3227         - fix http://bugs.webkit.org/show_bug.cgi?id=12918
3228         REGRESSION: Google Finance dropdown Flickers
3229         <rdar://4988039>
3230         
3231         If a node dies while mouse is over it, it is still supposed to receive
3232         mouseout event (wasn't case in Tiger webkit). However this event should 
3233         not propagate to any other nodes. This patch matches Firefox behavior in
3234         this respect.
3235
3236         * dom/EventTargetNode.cpp:
3237         (WebCore::EventTargetNode::dispatchGenericEvent):
3238
3239 2007-02-27  Geoffrey Garen  <ggaren@apple.com>
3240
3241         Reviewed by Maciej Stachowiak.
3242         
3243         Fixed http://bugs.webkit.org/show_bug.cgi?id=12659 | <rdar://problem/4954306>
3244         JS objects not collected after closing window @ ebay.com/maps.google.com
3245
3246         Garbage collect in the KJSProxy destructor, after clearing our reference
3247         to the interpreter, because that's when the interpreter has torn down fully.
3248
3249         (Technically speaking, we can't *prove* that we have the only reference to 
3250         our interpreter, but that's how it works in practice, and manual garbage 
3251         collection is just an opportunistic optimization, so it's OK for it to 
3252         work in practice even if it can't be proven in theory.)
3253         
3254         Layout tests pass. No leaks reported.
3255
3256         * bindings/js/kjs_proxy.cpp:
3257         (WebCore::KJSProxy::~KJSProxy):
3258         * bindings/js/kjs_proxy.h:
3259         * page/Page.cpp:
3260         (WebCore::Page::~Page): Merged pageDestroyed() calls. Moved debug-only
3261         code to the bottom.
3262         * page/Frame.cpp:
3263         (WebCore::Frame::~Frame): Don't call getObject() because globalObject()
3264         returns a JSObject* already, and the call can leave a pointer to the Window
3265         object on the stack. Don't check for NULL because it is an invariant of
3266         JavaScriptCore that no JSObject* can be NULL. Do use a volatile pointer
3267         for w because the 'w = 0' assignment just screams to the compiler, "Don't
3268         generate any code for me!"
3269
3270 2007-02-27  Rob Buis  <buis@kde.org>
3271
3272         Reviewed by David Hyatt.
3273
3274         http://bugs.webkit.org/show_bug.cgi?id=4128
3275         !important is ignored in inline styling.
3276
3277         Handle properties with !important flag better in inline
3278         style declarations.
3279
3280         * css/CSSMutableStyleDeclaration.cpp:
3281         (WebCore::CSSMutableStyleDeclaration::addParsedProperties):
3282
3283 2007-02-27  David Hyatt  <hyatt@apple.com>
3284
3285         Bug 11435.  Make sure RenderViews always paintBoxDecorations.  They used to before I removed RenderView's
3286         paint method.  This fix restores the original behavior.
3287
3288         Reviewed by mitz
3289
3290         * rendering/RenderBox.cpp:
3291         (WebCore::RenderBox::setStyle):
3292
3293 2007-02-27  David Hyatt  <hyatt@apple.com>
3294
3295         Fix for bug 12094, make sure setMinMaxKnown starts off false for the weird/rare case of empty
3296         plaintext documents (which really are buggy and should be fixed to generate root elements).
3297
3298         Reviewed by mitz
3299
3300         * rendering/RenderView.cpp:
3301         (WebCore::RenderView::RenderView):
3302
3303 2007-02-27  Dex Deacon  <occupant4@gmail.com>
3304
3305         Reviewed by Darin.
3306
3307         Fixed the case where a BackForwardList of capacity==1 would grow without bound.
3308
3309         * history/BackForwardList.cpp:
3310         (WebCore::BackForwardList::addItem):
3311
3312 2007-02-22  Lars Naesbye Christensen  <lars@naesbye.dk>
3313
3314         Reviewed by Maciej.
3315
3316         http://bugs.webkit.org/show_bug.cgi?id=12848
3317         Help cursor should have a white outline
3318
3319         * Resources/helpCursor.png:
3320
3321 2007-02-27  Alexey Proskuryakov  <ap@webkit.org>
3322
3323         Reviewed by Maciej.
3324
3325         http://bugs.webkit.org/show_bug.cgi?id=12594
3326         REGRESSION: Strange highlight in active input area
3327
3328         No automated test possible.
3329
3330         * rendering/InlineTextBox.cpp:
3331         (WebCore::InlineTextBox::paint): Restore a check lost in r12792.
3332
3333 2007-02-27  Darin Adler  <darin@apple.com>
3334
3335         Reviewed by Mitz.
3336
3337         - fix http://bugs.webkit.org/show_bug.cgi?id=12908
3338           crash in http/tests/incremental/frame-focus-before-load.html
3339
3340         * page/mac/EventHandlerMac.mm: (WebCore::EventHandler::focusDocumentView):
3341         Add null checks.
3342
3343 2007-02-27  Darin Adler  <darin@apple.com>
3344
3345         Reviewed by Alexey.
3346
3347         - fix http://bugs.webkit.org/show_bug.cgi?id=12909
3348           should use ICU, not TEC, for MacRoman decoding
3349
3350         * platform/TextCodecICU.cpp: (WebCore::TextCodecICU::registerEncodingNames):
3351         Add "macroman" as an alias for "macintosh". We have seen that in use in mail,
3352         although I'm not sure it's used on the web.
3353
3354         * platform/mac/mac-encodings.txt: Remove MacRoman line, which was added back
3355         as part of the patch for bug 4971226. But by adding it to this file rather
3356         than the ICU codec, we get it only on Mac OS X. And long term we are trying to
3357         get rid of the use of TEC entirely, so we want this file to be as empty as
3358         possible.
3359
3360 2007-02-27  Rob Buis  <buis@kde.org>
3361
3362         Reviewed by Maciej.
3363
3364         http://bugs.webkit.org/show_bug.cgi?id=12905
3365         Not all svg shapes should support markers
3366
3367         Restrict marker usage to svg shapes polyline, polygon, line and path.
3368
3369         * ksvg2/svg/SVGLineElement.h:
3370         (WebCore::SVGLineElement::supportsMarkers):
3371         * ksvg2/svg/SVGPathElement.h:
3372         (WebCore::SVGPathElement::supportsMarkers):
3373         * ksvg2/svg/SVGPolyElement.h:
3374         (WebCore::SVGPolyElement::supportsMarkers):
3375         * ksvg2/svg/SVGStyledElement.h:
3376         (WebCore::SVGStyledElement::supportsMarkers):
3377         * rendering/RenderPath.cpp:
3378         (WebCore::RenderPath::paint):
3379
3380 2007-02-26  Adele Peterson  <adele@apple.com>
3381
3382         Reviewed by Lars.
3383
3384         Fix for http://bugs.webkit.org/show_bug.cgi?id=12902
3385         <rdar://problem/5012679> REGRESSION: Pressing return key doesn't 
3386         move caret to next line after applying a font color in GMail
3387
3388         Test: fast/frames/iframe-window-focus-2.html
3389
3390         * page/EventHandler.h: Make focusDocumentView public.
3391         * page/Frame.cpp: (WebCore::Frame::focusWindow): Instead of just setting the focused frame,
3392           we should set also focus the document view.  The bug here was that since the subframe view
3393           wasn't the first responder, the key down event was going to the wrong frame.
3394
3395 2007-02-26  Maciej Stachowiak  <mjs@apple.com>
3396
3397         Reviewed by Oliver.
3398
3399         - fixed <rdar://problem/4946881> Recursive loop with <marker> not caught, crashes in WebCore::SVGPaintServer::draw (11244)
3400         http://bugs.webkit.org/show_bug.cgi?id=11244
3401
3402         * platform/graphics/svg/SVGResourceMarker.cpp:
3403         (WebCore::SVGResourceMarker::draw): Use a HashSet to guard against
3404         reference cycles.
3405
3406 2007-02-26  Maciej Stachowiak  <mjs@apple.com>
3407
3408         Reviewed by Kevin McCullough.
3409
3410         - fix Qt build for earlier SVG changes.
3411
3412         * platform/graphics/svg/qt/SVGResourceFilterQt.cpp:
3413
3414 2007-02-26  Oliver Hunt  <oliver@apple.com>
3415
3416         Reviewed by Maciej.
3417
3418         Fix for <rdar://problem/4827378>: Canvas with large height 
3419         uses lots of memory, computer almost stops responding
3420          
3421         Put cap on maximum area of canvas, size is similar too the 
3422         maximum size allowed by firefox (firefox seems to to cut off 
3423         at area == 32767 * 9358). 
3424
3425         Also protect renderer against the possibility of a null context
3426         (this was triggering a CG warning)
3427
3428         * html/HTMLCanvasElement.cpp:
3429         (WebCore::HTMLCanvasElement::createDrawingContext):
3430            Apply maximum canvas area
3431         (WebCore::HTMLCanvasElement::createPlatformImage):
3432            Protect against null CG Context
3433
3434 2007-02-26  Mitz Pettel  <mitz@webkit.org>
3435
3436         Reviewed by Antti Koivisto.
3437
3438         - fix http://bugs.webkit.org/show_bug.cgi?id=12899
3439           Ordered lists not updating dynamically with new styles
3440
3441         Test: fast/lists/list-style-type-dynamic-change.html
3442
3443         * rendering/RenderListMarker.cpp:
3444         (WebCore::RenderListMarker::setStyle): Made changing the marker type trigger
3445         updating of the marker.
3446
3447 2007-02-26  Adele Peterson  <adele@apple.com>
3448
3449         Reviewed by Maciej.
3450
3451         Fix for <rdar://problem/5012761> REGRESSION: form submit invokes wrong event handler
3452
3453         Test: fast/events/submit-reset-nested-bubble.html
3454
3455         * dom/EventTargetNode.h: Made handleLocalEvents virtual.
3456         * html/HTMLFormElement.cpp: (WebCore::HTMLFormElement::handleLocalEvents): If we're
3457           not in the capture phase, and the target is a different form, and we're handling
3458           the submitEvent or the resetEvent, then stop propagation of the event.  This matches
3459           Firefox behavior.  You can only get in this situation if misnested tags cause
3460           forms to be nested.
3461         * html/HTMLFormElement.h: Added handleLocalEvents.
3462
3463 2007-02-26  Darin Adler  <darin@apple.com>
3464
3465         Reviewed by Oliver Hunt.
3466
3467         - <rdar://problem/5021555> TextCodecICU does not use fallback mappings; it should
3468
3469         * platform/TextCodecICU.cpp: (WebCore::TextCodecICU::createICUConverter):
3470         Added a call to ucnv_setFallback(TRUE).
3471
3472 2007-02-26  Oliver Hunt  <oliver@apple.com>
3473
3474         Reviewed by Adam.
3475
3476         Fix for rdar://problem/5021127 
3477
3478         Need to add null check to node -- original Obj-C didn't need 
3479         the null check due to the Obj-C null messaging semantics
3480
3481         * editing/Editor.cpp:
3482         (WebCore::Editor::shouldInsertFragment):
3483
3484 2007-02-26  David Hyatt  <hyatt@apple.com>
3485
3486         Make text files render using white-space: pre-wrap instead of white-space: pre.
3487         
3488         Reviewed by aroben
3489
3490         * loader/TextDocument.cpp:
3491         (WebCore::TextTokenizer::write):
3492
3493 2007-02-26  David Hyatt  <hyatt@apple.com>
3494
3495         Back out the change to add fullyClippedContentRect.  The layout test
3496         was actually showing more correct results.
3497
3498         * page/Frame.cpp:
3499         (WebCore::Frame::visibleSelectionRect):
3500         (WebCore::Frame::setIsActive):
3501         (WebCore::Frame::markAllMatchesForText):
3502         * platform/ScrollView.h:
3503         * platform/mac/ScrollViewMac.mm:
3504         * rendering/RenderLayer.cpp:
3505         (WebCore::RenderLayer::scrollRectToVisible):
3506
3507 2007-02-26  David Hyatt  <hyatt@apple.com>
3508
3509         Add support for a new property called -webkit-border-fit.  This property
3510         has two values: border and lines.  The "border" value means the border and
3511         background paint normally at the border box level.  The "lines" value indicates
3512         that the border and background should shrink dynamically to snugly hug the
3513         line boxes of normal flow descendants.
3514
3515         Reviewed by darin
3516
3517         fast/borders/border-fit.html
3518
3519         * WebCore.xcodeproj/project.pbxproj:
3520         * css/CSSComputedStyleDeclaration.cpp:
3521         (WebCore::):
3522         (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
3523         * css/CSSPropertyNames.in:
3524         * css/CSSValueKeywords.in:
3525         * css/cssparser.cpp:
3526         (WebCore::CSSParser::parseValue):
3527         * css/cssstyleselector.cpp:
3528         (WebCore::CSSStyleSelector::applyProperty):
3529         * rendering/RenderBlock.cpp:
3530         (WebCore::RenderBlock::adjustForBorderFit):
3531         (WebCore::RenderBlock::borderFitAdjust):
3532         * rendering/RenderBlock.h: