JavaScriptCore:
[WebKit-https.git] / WebCore / ChangeLog
1 2007-03-17  Timothy Hatcher  <timothy@apple.com>
2
3         Reviewed by Mark Rowe.
4
5         Made Version.xcconfig smarter when building for different configurations.
6         Now uses the 522+ OpenSource version for Debug and Release, while using the
7         full 522.4 version for Production builds. The system prefix is also computed
8         based on the current system, so 4522.4 on Tiger and 5522.4 on Leopard.
9
10         * Configurations/Version.xcconfig:
11         * Configurations/WebCore.xcconfig:
12
13 2007-03-17  Antti Koivisto  <antti@apple.com>
14
15         Reviewed by Adele.
16
17         Fix http://bugs.webkit.org/show_bug.cgi?id=12595
18         REGRESSION: Can't add item to cart at lnt.com (JS type error)
19         <rdar://problem/4722863>
20         
21         Emulate Firefox behavior where form elements accessed by a name
22         can be accessed with that name later even if the name changes or
23         even if element is removed from the document.
24         
25         This is loosely based on Darin's earlier patch for the same problem but
26         is much less expansive. It takes somewhat different approach to more closely
27         mimic Firefox behavior. Includes expanded test case.
28
29         * bindings/js/JSHTMLFormElementCustom.cpp:
30         (WebCore::JSHTMLFormElement::canGetItemsForName):
31             Use new the HTMLFormElement::getNamedElements() method
32         (WebCore::JSHTMLFormElement::nameGetter):
33             Use new the HTMLFormElement::getNamedElements() method
34         * html/HTMLFormElement.cpp:
35         (WebCore::HTMLFormElement::HTMLFormElement):
36         (WebCore::HTMLFormElement::~HTMLFormElement):
37         (WebCore::HTMLFormElement::elementForAlias):
38         (WebCore::HTMLFormElement::addElementAlias):
39             Maintain a map of known element aliases
40         (WebCore::HTMLFormElement::getNamedElements):
41             Get a list of elements matching the name, based both their
42             current names and known aliases (earlier names).
43             Keep the alias list in sync.
44         * html/HTMLFormElement.h:
45
46 2007-03-17  Adele Peterson  <adele@apple.com>
47
48         Reviewed by Hyatt.
49
50         Fix for <rdar://problem/4990050> REGRESSION: onchange gets fired when clicking on a programmatically selected element in a listbox
51         http://bugs.webkit.org/show_bug.cgi?id=12725
52
53         Test: updated fast/forms/listbox-onchange.html
54
55         Added HTMLSelectElement::saveLastSelection that is called before changing a selection that could result
56         in onChange being called.  m_lastOnChangeIndex and m_lastOnChangeSelection no longer have to be up-to date all the time, 
57         they just have to be up-to-date before we execute an action that may trigger onChange.
58
59         * html/HTMLOptionElement.cpp: (WebCore::HTMLOptionElement::setSelectedState): Added.
60           The HTMLSelectElement will only set an option's selected state with this method.  This ensures
61           that notifyOptionSelected won't get called when the call originates from the select element.
62         * html/HTMLOptionElement.h:
63
64         * html/HTMLSelectElement.cpp:
65         (WebCore::HTMLSelectElement::deselectItems): Calls setSelectedState.
66         (WebCore::HTMLSelectElement::setSelectedIndex): ditto. Don't update the last selection variables here.  Scroll to the new selection.
67          The scrolling call used to only be in notifyOptionSelected.  There's no reason we shouldn't scroll when the selection is set through
68          the HTMLSelectElement.
69         (WebCore::HTMLSelectElement::setValue): Call setSelectedIndex to update all options selected state.
70         (WebCore::HTMLSelectElement::restoreState): Call setSelectedState.
71         (WebCore::HTMLSelectElement::selectAll): Call saveLastSelection before making the selection, and calling onChange.
72         (WebCore::HTMLSelectElement::recalcListItems): Call setSelectedState.  Don't need to save selection here anymore, 
73          since it will get saved before we call onChange.
74         (WebCore::HTMLSelectElement::reset): ditto.
75         (WebCore::HTMLSelectElement::dispatchFocusEvent): Added. Call saveLastSelection for menu lists, since onChange can be fired
76          on blur.
77         (WebCore::HTMLSelectElement::dispatchBlurEvent): Call menuListOnChange.
78         (WebCore::HTMLSelectElement::menuListDefaultEventHandler): Call saveLastSelection before showing the popup window.
79         (WebCore::HTMLSelectElement::listBoxDefaultEventHandler):  Call saveLastSelection during mousedown (to prepare for an 
80          onchange during mouseup, or after autoscroll).
81         (WebCore::HTMLSelectElement::updateListBoxSelection): Call setSelectedState.
82
83         (WebCore::HTMLSelectElement::menuListOnChange): Added. Compares the m_lastOnChangeIndex to the selectedIndex().
84         (WebCore::HTMLSelectElement::listBoxOnChange): Move the m_lastOnChangeSelection creation to saveLastSelection.
85         (WebCore::HTMLSelectElement::saveLastSelection): Added. Sets m_lastOnChangeIndex or m_lastOnChangeSelection.
86         * html/HTMLSelectElement.h:
87         * platform/PopupMenu.h:
88
89 2007-03-16  Oliver Hunt  <oliver@apple.com>
90
91         Reviewed by Hyatt.
92
93         The old canSaveAsWebArchive call was necessary as stand alone
94         images used to be rendered by ImageDocument.
95
96         Fixes rdar://problem/5061252
97
98         * dom/Clipboard.cpp:
99         * dom/Clipboard.h:
100         (WebCore::Clipboard::setDragHasStarted):
101         * page/DragClient.h:
102         (WebCore::DragClient::declareAndWriteDragImage):
103         * platform/mac/ClipboardMac.mm:
104         (WebCore::ClipboardMac::declareAndWriteDragImage):
105
106 2007-03-16  Anders Carlsson  <acarlsson@apple.com>
107
108         Reviewed by Maciej.
109
110         <rdar://problem/4869095>
111         default content type changed for XMLHttpRequest POSTs changed (breaks Flickrator 0.1 widget)
112         
113         * xml/xmlhttprequest.cpp:
114         (WebCore::XMLHttpRequest::send):
115
116 2007-03-16  Brady Eidson  <beidson@apple.com>
117
118         Rubberstamped by Tim Hatcher
119
120         Update the hash table header for Window object properties
121
122         * bindings/js/kjs_window.cpp:
123
124 2007-03-16  Brady Eidson  <beidson@apple.com>
125
126         Reviewed by Anders
127
128         <rdar://problem/5061826> and
129         http://bugs.webkit.org/show_bug.cgi?id=12863
130         Implement window.stop()
131
132         * bindings/js/kjs_window.cpp:
133         (KJS::WindowFunc::callAsFunction): Add case Window::Stop
134         * bindings/js/kjs_window.h:
135         (KJS::Window::): Add "Stop"
136
137 2007-03-16  Geoffrey Garen  <ggaren@apple.com>
138
139         Reviewed by Brady Eidson.
140
141         Fixed dir creation to account for already existing dirs and missing leading
142         dirs in path.
143         
144         * loader/icon/IconDatabase.cpp:
145         (WebCore::makeAllDirectories):
146
147 2007-03-16  David Hyatt  <hyatt@apple.com>
148
149         Fix for 13084, assertion failure in the Cache.  Convert the client list
150         to a HashCountedSet so that multiple refs and derefs are allowed.
151
152         Fix RenderImage so that if it has the same image used as a background/border
153         and as the foreground that it will repaint properly (can be tested using
154         border-image and a foreground image).
155
156         Optimize list marker so that it doesn't waste time in the base class method,
157         since list markers don't support background or border images.
158
159         Reviewed by andersca
160
161         * ChangeLog:
162         * loader/CachedResource.cpp:
163         (WebCore::CachedResource::ref):
164         * loader/CachedResource.h:
165         * loader/CachedResourceClientWalker.cpp:
166         (WebCore::CachedResourceClientWalker::CachedResourceClientWalker):
167         * loader/CachedResourceClientWalker.h:
168         * rendering/RenderImage.cpp:
169         (WebCore::RenderImage::imageChanged):
170         * rendering/RenderListMarker.cpp:
171         (WebCore::RenderListMarker::imageChanged):
172
173 2007-03-16  Geoffrey Garen  <ggaren@apple.com>
174
175         Reviewed by Anders Carlsson.
176         
177         Fixed <rdar://problem/5065399> REGRESSION: leaks in Frame::bindingRootObject 
178         seen on buildbot
179
180         The problem was that we were initializing the same WebScriptObject twice.
181         This caused it to leak its original set of ivars.
182         
183         I think some refactoring could prevent this situation from arising in the
184         first place, but I'm just adding a check at the call site for now, to do 
185         the simplest thing.
186
187         * bindings/objc/WebScriptObject.mm:
188         (-[WebScriptObject _setImp:originRootObject:rootObject:]): Added ASSERTs
189         against multiple calls.
190
191         * bindings/objc/WebScriptObjectPrivate.h: Renamed _initializeWithObjectImp
192         to setImp because "init" vs "initialize" was a too subtle indication that
193         one was a Cocoa initializer and one was not.
194
195 2007-03-16  Lars Knoll <lars@trolltech.com>
196
197         don't use #import in .cpp files.
198
199         * editing/qt/EditorQt.cpp:
200
201 2007-03-16  Lars Knoll <lars@trolltech.com>
202
203         Fix the Qt build once again.
204
205         * platform/qt/PasteboardQt.cpp:
206         (WebCore::Pasteboard::Pasteboard):
207         (WebCore::Pasteboard::writeSelection):
208         (WebCore::Pasteboard::plainText):
209         (WebCore::Pasteboard::documentFragment):
210         (WebCore::Pasteboard::writeURL):
211         (WebCore::Pasteboard::writeImage):
212         (WebCore::Pasteboard::clear):
213
214 2007-03-15  Shrikant Gangoda  <shrikant.gangoda@celunite.com>
215
216         Gdk build fix.
217
218         * loader/gdk/FrameLoaderClientGdk.cpp:
219         (WebCore::FrameLoaderClientGdk::blockedError):
220         * loader/gdk/FrameLoaderClientGdk.h:
221
222 2007-03-15  Beth Dakin  <bdakin@apple.com>
223
224         Reviewed by Geoff.
225
226         Fix for http://bugs.webkit.org/show_bug.cgi?id=13088 REGRESSION
227         (r19761-19779): Copy image no longer includes image address 
228         (rdar://5067927)
229
230         writeURL() does not need an isImage parameter. Now that it accepts 
231         the types as a parameter, we can just declare the appropriate image 
232         types within writeImage and send them to writeURL(). Also, 
233         declaring the types twice is what broke this.
234
235         * platform/Pasteboard.h:
236         * platform/mac/PasteboardMac.mm:
237         (WebCore::Pasteboard::writeURL):
238         (WebCore::Pasteboard::writeImage):
239
240 2007-03-15  Adele Peterson  <adele@apple.com>
241
242         Reviewed by Kevin Decker.
243
244         Fix for <rdar://problem/4926179> Text in menulist control should never update if menu is open
245
246         * rendering/RenderMenuList.cpp: (WebCore::RenderMenuList::updateFromElement):
247           Only setTextFromOption if the menu isn't visible.
248
249 2007-03-15  Brady Eidson  <beidson@apple.com>
250
251         Reviewed by Oliver
252
253         A few platform specific tweaks
254
255         * platform/cf/RetainPtr.h:
256         (WebCore::RetainPtr::releaseRef): Fixed releaseRef to work with CF
257         
258         * platform/network/ResourceHandle.h: Added a "releaseRef" style call
259
260 2007-03-15  Maciej Stachowiak  <mjs@apple.com>
261
262         Reviewed by Geoff and Steve.
263
264         * config.h: Remove unneeded hack.
265
266 2007-03-15  Justin Garcia  <justin.garcia@apple.com>
267
268         Reviewed by john
269         
270         <rdar://problem/5062376> 
271         REGRESSION: In Mail and Gmail, can't change alignment to text after it has been applied
272         
273         Bring back the remove step in applyBlockStyle.  It's 
274         necessary because addBlockStyleIfNeeded assumes that 
275         the properties it adds aren't already on the block that 
276         it adds them to.
277
278         * editing/ApplyStyleCommand.cpp:
279         (WebCore::ApplyStyleCommand::applyBlockStyle): 
280         Bring back the remove step (added a testcase).
281         Don't do the add step if m_removeOnly is true (no testcase
282         because there aren't any clients using removeOnly functionality
283         to remove styles yet, only styled elemets).
284         Moved the code for creating new blocks up one level
285         to this function so that we can pass blocks to removeCSSStyle.
286         When converting VisiblePositions to indices and vice versa,
287         use the highest node in the shadow tree if we're in one as
288         the scope (working on a testcase).
289         (WebCore::ApplyStyleCommand::addBlockStyle): Moved code to
290         applyBlockStyle.
291         * editing/ApplyStyleCommand.h: 
292
293 2007-03-15  Brady Eidson  <beidson@apple.com>
294
295         Reviewed by Maciej
296
297         <rdar://problem/4429701>
298         Implements a port blocking black list that matches Firefox's
299
300         * loader/FrameLoader.cpp:
301         (WebCore::FrameLoader::blockedError): Call through to the client for blockedError 
302         * loader/FrameLoader.h:
303
304         * loader/FrameLoaderClient.h: Get the "port blocked" error for the current platform
305
306         * loader/ResourceLoader.cpp:
307         (WebCore::ResourceLoader::wasBlocked): ResourceHandleClient method to pass on the didFail(error)
308         (WebCore::ResourceLoader::blockedError): Following the pattern of "CancelledError()", get the 
309           error to fail with for the didFail() call
310         * loader/ResourceLoader.h:
311
312         * platform/graphics/svg/SVGImageEmptyClients.h:
313         (WebCore::SVGEmptyFrameLoaderClient::blockedError): Added stub
314
315         * platform/network/ResourceHandle.cpp:
316         (WebCore::ResourceHandle::create): If the port is blocked, create the handle but schedule it for
317           deferred failure on a timer
318         (WebCore::ResourceHandle::scheduleBlockedFailure): Do the timer scheduling
319         (WebCore::ResourceHandle::fireBlockedFailure): Fire the timer here
320         (WebCore::ResourceHandle::portAllowed): Implements checking of Mozilla's
321         * platform/network/ResourceHandle.h:
322         * platform/network/ResourceHandleClient.h:
323         (WebCore::ResourceHandleClient::wasBlocked): Virtual for clients to get the "blocked" message
324
325 2007-03-15  Beth Dakin  <bdakin@apple.com>
326
327         Reviewed by Hyatt.
328
329         Fix for <rdar://problem/5065396> REGRESSION: leaks in 
330         RenderBlock::layoutInlineChildren seen on buildbot
331
332         This leak appeared after http://trac.webkit.org/projects/webkit/
333         changeset/20188. This change shifted line boxes around in 
334         removeChild(). But since removeChild() calls 
335         setNeedsLayoutAndMinMaxRecalc(), all of the line boxes will be 
336         removed once we actually lay out anyway. So this patch fixes the 
337         leak by deleting the line boxes instead of shifting them around. 
338
339         * editing/IndentOutdentCommand.cpp:
340         (WebCore::IndentOutdentCommand::outdentParagraph): Call into 
341         updateLayout(). This fixes an assertion I got in editing/
342         execCommand/4976800.html This is very similar to the line box fix I 
343         made recently (http://trac.webkit.org/projects/webkit/changeset/
344         20177). We need to update layout before relying on VisiblePositions 
345         after removing a node.
346         * rendering/RenderBlock.cpp:
347         (WebCore::RenderBlock::deleteLinesForBlock): New helper function 
348         since this functionality is needed in three places now.
349         (WebCore::RenderBlock::makeChildrenNonInline): Call into new 
350         deleteLinesForBlock().
351         (WebCore::RenderBlock::removeChild): Same.
352         * rendering/RenderBlock.h:
353
354 2007-03-15  Timothy Hatcher  <timothy@apple.com>
355
356         Reviewed by John.
357
358         * Factored out most of our common build settings into .xcconfig files. Anything that was common in
359           each build configuration was factored out into the shared .xcconfig file.
360         * Adds a Version.xcconfig file to define the current framework version, to be used in other places.
361         * Use the new $(BUNDLE_VERSION) (defined in Version.xcconfig) in the preprocessed Info.plist.
362         * Use the versions defined in Version.xcconfig to set $(DYLIB_CURRENT_VERSION).
363
364         * Configurations/Base.xcconfig: Added.
365         * Configurations/DebugRelease.xcconfig: Added.
366         * Configurations/Version.xcconfig: Added.
367         * Configurations/WebCore.xcconfig: Added.
368         * Info.plist:
369         * WebCore.xcodeproj/project.pbxproj:
370
371 2007-03-15  Krzysztof Kowalczyk  <kkowalczyk@gmail.com>
372
373         Not reviewed - gdk build fixes.
374
375         * platform/gdk/EditorClientGdk.cpp:
376         (WebCore::EditorClientGdk::handleKeypress):
377         * platform/graphics/cairo/ImageSourceCairo.cpp:
378         (WebCore::ImageSource::setData):
379         * platform/graphics/gdk/ImageGdk.cpp:
380         (WebCore::Image::loadPlatformResource):
381
382 2007-03-14  Justin Garcia  <justin.garcia@apple.com>
383
384         Reviewed by john
385         
386         ~2x speed up of 5k rich text paste:
387         http://shakespeare.mit.edu/hamlet/full.html        
388
389         * editing/ReplaceSelectionCommand.cpp:
390         (WebCore::ReplaceSelectionCommand::doApply): Remove the top 
391         level style span if its unnecessary before inserting
392         into the document, its faster than doing it after.
393         * editing/ReplaceSelectionCommand.h: Exposed 
394         ReplacementFragment::removeNodePreservingChildren so that
395         the style span can be removed using non-undoable removes,
396         like the rest of the removes done on the ReplacementFragment.
397         * editing/markup.cpp:
398         (WebCore::createMarkup): Make the style span the top level
399         element, otherwise it's useless.  This also facilitates the
400         optimization mentioned above.
401         When including markup for a fully selected root, include markup
402         for all the nodes beneath that fully selected root, to preserve 
403         the structure and appearance of the copied markup.  Did this
404         by merging with the code for adding markup for descendants of
405         special commonAncestorBlocks.
406
407 2007-03-15  Beth Dakin  <bdakin@apple.com>
408
409         Rubber-stamped by Adele.
410
411         Rolling out http://trac.webkit.org/projects/webkit/changeset/20148 
412         (which is a fix for http://bugs.webkit.org/show_bug.cgi?id=12595 
413         and rdar://4722863) because it causes a horrible memory-trasher. 
414
415         * bindings/js/JSHTMLFormElementCustom.cpp:
416         (WebCore::JSHTMLFormElement::canGetItemsForName):
417         (WebCore::JSHTMLFormElement::nameGetter):
418         * bindings/js/kjs_dom.cpp:
419         (KJS::):
420         (KJS::DOMNamedNodesCollection::DOMNamedNodesCollection):
421         (KJS::DOMNamedNodesCollection::lengthGetter):
422         (KJS::DOMNamedNodesCollection::indexGetter):
423         (KJS::DOMNamedNodesCollection::getOwnPropertySlot):
424         * bindings/js/kjs_dom.h:
425         (KJS::DOMNamedNodesCollection::classInfo):
426         * bindings/js/kjs_html.cpp:
427         (KJS::JSHTMLCollection::getNamedItems):
428         * dom/ChildNodeList.cpp:
429         (WebCore::ChildNodeList::ChildNodeList):
430         (WebCore::ChildNodeList::length):
431         (WebCore::ChildNodeList::item):
432         (WebCore::ChildNodeList::nodeMatches):
433         * dom/ChildNodeList.h:
434         * dom/NameNodeList.cpp:
435         (WebCore::NameNodeList::NameNodeList):
436         (WebCore::NameNodeList::item):
437         (WebCore::NameNodeList::nodeMatches):
438         * dom/NameNodeList.h:
439         (WebCore::NameNodeList::rootNodeAttributeChanged):
440         * dom/Node.cpp:
441         (WebCore::TagNodeList::TagNodeList):
442         (WebCore::TagNodeList::nodeMatches):
443         (WebCore::Node::registerNodeList):
444         (WebCore::Node::unregisterNodeList):
445         * dom/Node.h:
446         * dom/NodeList.cpp:
447         (WebCore::NodeList::NodeList):
448         (WebCore::NodeList::~NodeList):
449         (WebCore::NodeList::recursiveLength):
450         (WebCore::NodeList::itemForwardsFromCurrent):
451         (WebCore::NodeList::itemBackwardsFromCurrent):
452         (WebCore::NodeList::recursiveItem):
453         (WebCore::NodeList::itemWithName):
454         (WebCore::NodeList::rootNodeChildrenChanged):
455         * dom/NodeList.h:
456         (WebCore::NodeList::rootNodeAttributeChanged):
457         * html/HTMLFormElement.cpp:
458         (WebCore::HTMLFormElement::HTMLFormElement):
459         (WebCore::HTMLFormElement::~HTMLFormElement):
460         (WebCore::HTMLFormElement::formData):
461         (WebCore::HTMLFormElement::parseMappedAttribute):
462         (WebCore::HTMLFormElement::removeFormElement):
463         * html/HTMLFormElement.h:
464         * html/HTMLGenericFormElement.cpp:
465         (WebCore::HTMLGenericFormElement::parseMappedAttribute):
466         (WebCore::HTMLGenericFormElement::insertedIntoTree):
467         * html/HTMLGenericFormElement.h:
468         * html/HTMLInputElement.cpp:
469         (WebCore::HTMLInputElement::parseMappedAttribute):
470
471 2007-03-15  Geoffrey Garen  <ggaren@apple.com>
472
473         Added an assert to help catch a bug. Hopefully someone will hit it!
474         
475         * bindings/js/kjs_proxy.cpp:
476         (WebCore::KJSProxy::~KJSProxy):
477
478 2007-03-14  Oliver Hunt  <oliver@apple.com>
479
480         Reviewed by Adele.
481
482         Fix for rdar://problem/5061737.
483         
484         This was a regression from the original Objective-C -> C++ conversion
485         for the drag logic.  We don't need to call Range::startNode as we just
486         need the document that contains the range.   
487
488         * page/DragController.cpp:
489         (WebCore::documentFragmentFromDragData):
490
491 2007-03-14  Mitz Pettel  <mitz@webkit.org>
492
493         Reviewed by Hyatt.
494
495         - http://bugs.webkit.org/show_bug.cgi?id=13071
496           REGRESSION: Plain text files no longer wrap lines longer than the width of the browser window
497
498         Test: fast/loader/text-document-wrapping.html
499
500         * loader/TextDocument.cpp:
501         (WebCore::TextTokenizer::write): Specified word-wrap:break-word for the <pre> element.
502
503 2007-03-14  Mitz Pettel  <mitz@webkit.org>
504
505         Reviewed by Hyatt.
506
507         - fix http://bugs.webkit.org/show_bug.cgi?id=13072
508           REGRESSION (r15617): white-space: pre-wrap breaks off the last character of a wide word
509
510         Test: fast/text/whitespace/pre-wrap-last-char.html
511
512         * rendering/bidi.cpp:
513         (WebCore::RenderBlock::findNextLineBreak): Undid the change from r15617.
514
515 2007-03-14  David Hyatt  <hyatt@apple.com>
516
517         Add asserts to help catch double refs and double derefs of CachedResources.
518
519         Reviewed by mjs
520
521         * loader/CachedResource.cpp:
522         (WebCore::CachedResource::ref):
523         (WebCore::CachedResource::deref):
524
525 2007-03-14  Alice Liu  <alice.liu@apple.com>
526
527         Rubber-stamped by Hyatt.
528
529         Adding null check to prevent the crash that happens on 2nd run of iBench HTML load test
530
531         * loader/icon/IconDataCache.cpp:
532         (WebCore::IconDataCache::writeToDatabase):
533
534 === Safari-5522.4 ===
535
536 2007-03-14  Adele Peterson  <adele@apple.com>
537
538         Reviewed by Adam.
539
540         Fix for <rdar://problem/5062898> REGRESSION: autocomplete window in text fields doesn't come up
541
542         When we moved the initialization of a bunch of variables in the HTMLFormElement constructor, m_autocomplete accidently got initialized to false.
543
544         * html/HTMLFormElement.cpp: (WebCore::HTMLFormElement::HTMLFormElement):
545
546 2007-03-14  Steve Falkenburg  <sfalken@apple.com>
547
548         Reviewed by Adam.
549
550         Added missing null check in case this is called on a subframe
551         that hasn't started loading.
552
553         * page/Frame.cpp:
554         (WebCore::Frame::setMarkedTextMatchesAreHighlighted): Check for a null document.
555
556 2007-03-14  Antti Koivisto  <antti@apple.com>
557
558         Reviewed by Geoff.
559
560         Fix http://bugs.webkit.org/show_bug.cgi?id=13060
561         REGRESSION: Repro ASSERT failure in Cache::adjustSize running layout tests
562         <rdar://5060208>
563         
564         Script evaluation may have dereffed the CachedScript object already, causing double deref and
565         eventually m_liveResourcesSize underflow.
566
567         * html/HTMLScriptElement.cpp:
568         (WebCore::HTMLScriptElement::notifyFinished):
569
570 2007-03-14  Adele Peterson  <adele@apple.com>
571
572         Reviewed by Darin.
573
574         Added InsertTab, InsertBacktab, InsertLineBreak, and InsertNewline to the editing command table.
575         Added Event parameter to execCommand, and to all of the enabled and exec functions.  Right now,
576         the event is only used by the newly added commands.  But in the future, many (and possibly all) of
577         these editing commands will need to consider the event so they are applied to the correct selection.
578
579         * WebCore.exp:
580         * editing/Editor.cpp:
581         (WebCore::execCopy):
582         (WebCore::execCut):
583         (WebCore::execDelete):
584         (WebCore::execBackwardDelete):
585         (WebCore::execForwardDelete):
586         (WebCore::execMoveBackward):
587         (WebCore::execMoveBackwardAndModifySelection):
588         (WebCore::execMoveUpByPageAndModifyCaret):
589         (WebCore::execMoveDown):
590         (WebCore::execMoveDownAndModifySelection):
591         (WebCore::execMoveForward):
592         (WebCore::execMoveForwardAndModifySelection):
593         (WebCore::execMoveDownByPageAndModifyCaret):
594         (WebCore::execMoveLeft):
595         (WebCore::execMoveLeftAndModifySelection):
596         (WebCore::execMoveRight):
597         (WebCore::execMoveRightAndModifySelection):
598         (WebCore::execMoveToBeginningOfDocument):
599         (WebCore::execMoveToBeginningOfDocumentAndModifySelection):
600         (WebCore::execMoveToBeginningOfSentence):
601         (WebCore::execMoveToBeginningOfSentenceAndModifySelection):
602         (WebCore::execMoveToBeginningOfLine):
603         (WebCore::execMoveToBeginningOfLineAndModifySelection):
604         (WebCore::execMoveToBeginningOfParagraph):
605         (WebCore::execMoveToBeginningOfParagraphAndModifySelection):
606         (WebCore::execMoveToEndOfDocument):
607         (WebCore::execMoveToEndOfDocumentAndModifySelection):
608         (WebCore::execMoveToEndOfSentence):
609         (WebCore::execMoveToEndOfSentenceAndModifySelection):
610         (WebCore::execMoveToEndOfLine):
611         (WebCore::execMoveToEndOfLineAndModifySelection):
612         (WebCore::execMoveToEndOfParagraph):
613         (WebCore::execMoveToEndOfParagraphAndModifySelection):
614         (WebCore::execMoveParagraphBackwardAndModifySelection):
615         (WebCore::execMoveParagraphForwardAndModifySelection):
616         (WebCore::execMoveUp):
617         (WebCore::execMoveUpAndModifySelection):
618         (WebCore::execMoveWordBackward):
619         (WebCore::execMoveWordBackwardAndModifySelection):
620         (WebCore::execMoveWordForward):
621         (WebCore::execMoveWordForwardAndModifySelection):
622         (WebCore::execMoveWordLeft):
623         (WebCore::execMoveWordLeftAndModifySelection):
624         (WebCore::execMoveWordRight):
625         (WebCore::execMoveWordRightAndModifySelection):
626         (WebCore::execPaste):
627         (WebCore::execSelectAll):
628         (WebCore::execToggleBold):
629         (WebCore::execToggleItalic):
630         (WebCore::execRedo):
631         (WebCore::execUndo):
632         (WebCore::execInsertTab):
633         (WebCore::execInsertBacktab):
634         (WebCore::execInsertNewline):
635         (WebCore::execInsertLineBreak):
636         (WebCore::enabled):
637         (WebCore::canPaste):
638         (WebCore::hasEditableSelection):
639         (WebCore::hasEditableRangeSelection):
640         (WebCore::hasRangeSelection):
641         (WebCore::hasRichlyEditableSelection):
642         (WebCore::canRedo):
643         (WebCore::canUndo):
644         (WebCore::CommandEntry::):
645         (WebCore::Editor::toggleBold):
646
647         (WebCore::Editor::execCommand): Added optional event parameter.
648         (WebCore::Editor::insertText): Added.  Calls handleTextInputEvent.
649         (WebCore::Editor::insertTextWithoutSendingTextEvent): Renamed from insertText.
650          Performs the actual insertion without dispatching any event.
651         * editing/Editor.h:
652         * page/EventHandler.cpp: (WebCore::EventHandler::defaultTextInputEventHandler):
653           Call insertTextWithoutSendingTextEvent.
654
655 2007-03-14  Justin Garcia  <justin.garcia@apple.com>
656
657         Reviewed by darin
658         
659         ~3x speedup pasting 5k lines of rich text:
660         http://shakespeare.mit.edu/hamlet/full.html
661         ~2x speedup pasting 10k lines of plain text
662         
663         * css/CSSComputedStyleDeclaration.cpp:
664         (WebCore::computedStyle): Added for convenience.
665         * css/CSSComputedStyleDeclaration.h:
666         * editing/ReplaceSelectionCommand.cpp:
667         (WebCore::ReplaceSelectionCommand::removeRedundantStyles):
668         The code that pushed down the top level style span had
669         a bug in it that made it do unnecessary work.  Instead of
670         fixing the bug I removed the code because it was used to 
671         help see more redundancies in second level style spans, but 
672         createMarkup now *only* creates a top level style span.
673         Only remove redundant styles from style spans and only remove
674         unstyled elements if they are style spans.  FF doesn't
675         remove redundant styles from elements, or remove redundant 
676         font tags on copy/paste.  We could offer this functionality 
677         through a separate "cleanup" command.
678         * editing/markup.cpp:
679         (WebCore::createMarkup): Only add markup for ancestors of 
680         lastClosed if we're including markup for acommonAncestorBlock 
681         (we do this for commonAncestorBlocks like tables and lists),
682         otherwise it's unnecessary/redundant.
683
684 2007-03-14  Anders Carlsson  <acarlsson@apple.com>
685
686         Reviewed by Ada.
687
688         Make sure to call ResourceLoader::didReceiveData to ensure that there's a shared buffer with the resource
689         data, since SubresourceLoaderClients now make use of that buffer.
690         
691         * loader/SubresourceLoader.cpp:
692         (WebCore::SubresourceLoader::didReceiveData):
693
694 2007-03-14  Administrator  <acarlsson@apple.com>
695
696         Get the size from the shared buffer.
697         
698         * platform/graphics/cg/ImageSourceCG.cpp:
699         (WebCore::ImageSource::setData):
700         * platform/graphics/cg/PDFDocumentImage.cpp:
701         (WebCore::PDFDocumentImage::dataChanged):
702
703 2007-03-14  Mitz Pettel  <mitz@webkit.org>
704
705         Reviewed by Hyatt, thumbs up by Darin.
706
707         - fix http://bugs.webkit.org/show_bug.cgi?id=12782
708           Reproducible crash in BidiContext::deref
709
710         Test: fast/dynamic/anonymous-block-orphaned-lines.html
711
712         * rendering/InlineBox.cpp:
713         (WebCore::InlineBox::root): Added an assertion that we return a root inline box.
714         * rendering/RenderBlock.cpp:
715         (WebCore::RenderBlock::removeChild): Added code to adopt the line boxes of
716         anonymous blocks being destroyed instead of leaving them orphaned, which
717         is what caused this crash. The boxes will be deleted on the next layout, but
718         this ensures consistency in the mean time.
719
720 2007-03-14  Lars Knoll <lars@trolltech.com>
721
722         Reviewed by Antti.
723
724         Fix the Qt build.
725         Add a getter to SharedBuffer that returns a reference to the internal
726         Vector to avoid an extra copy of the data.
727
728         * platform/SharedBuffer.h:
729         (WebCore::SharedBuffer::buffer):
730         * platform/graphics/qt/ImageQt.cpp:
731         (WebCore::Image::loadPlatformResource):
732         * platform/graphics/qt/ImageSourceQt.cpp:
733         (WebCore::detectImageFormat):
734         (WebCore::createDecoder):
735         (WebCore::ImageSource::setData):
736
737 2007-03-14  Antti Koivisto  <antti@apple.com>
738
739         Reviewed by Mitz.
740         
741         Fix <rdar://problem/5058774>
742         REGRESSION: In Mail, caret appears oversized when typing in a To Do note
743         
744         Horizontal and vertical were switched. Was regression from
745         http://trac.webkit.org/projects/webkit/changeset/20103
746
747         * rendering/RootInlineBox.cpp:
748         (WebCore::RootInlineBox::addHighlightOverflow):
749
750 2007-03-14  David Hyatt  <hyatt@apple.com>
751
752         Tweak the data() functions of stylesheets and scripts to be internally consistent.
753
754         * loader/CachedCSSStyleSheet.cpp:
755         (WebCore::CachedCSSStyleSheet::data):
756         * loader/CachedScript.cpp:
757         (WebCore::CachedScript::data):
758         * loader/CachedXSLStyleSheet.cpp:
759         (WebCore::CachedXSLStyleSheet::data):
760
761 2007-03-14  David Hyatt  <hyatt@apple.com>
762
763         Fix Radar 5050688.  
764
765         For large animated GIFs, destroy and recreate the source for every animation frame.  This keeps
766         the memory consumption down while giant images are animating.
767
768         Reviewed by andersca
769
770         * platform/graphics/BitmapImage.cpp:
771         (WebCore::BitmapImage::BitmapImage):
772         (WebCore::BitmapImage::destroyDecodedData):
773         (WebCore::BitmapImage::dataChanged):
774         (WebCore::BitmapImage::advanceAnimation):
775         * platform/graphics/BitmapImage.h:
776
777 2007-03-14  David Hyatt  <hyatt@apple.com>
778
779         Make sure to use CFDataCreateWithBytesNoCopy where we can.
780
781         Reviewed by andersca
782
783         * platform/graphics/cg/ImageSourceCG.cpp:
784         (WebCore::ImageSource::setData):
785         * platform/graphics/cg/PDFDocumentImage.cpp:
786         (WebCore::PDFDocumentImage::dataChanged):
787
788 2007-03-13  David Hyatt  <hyatt@apple.com>
789
790         Fix for bugzilla bug 13050 and also radar p1 5050645.
791
792         This patch reworks resource loading to avoid having redundant buffers in the icon database and in cached
793         images in the WebCore cache.  It also avoids overcopying in top-level image documents and in the icon
794         database.
795
796         There is now only one SharedBuffer for a resource and everybody observes that buffer now instead of ever
797         making their own.  Even ImageIO uses the SharedBuffer while decoding.
798
799         The page in 13050 dropped from 145mb down to 45mb of memory use with this change for a stunning savings
800         of 100mb.
801
802         Reviewed by olliej, mjs
803
804         * WebCore.exp:
805         * loader/CachedCSSStyleSheet.cpp:
806         (WebCore::CachedCSSStyleSheet::data):
807         * loader/CachedCSSStyleSheet.h:
808         * loader/CachedImage.cpp:
809         (WebCore::CachedImage::data):
810         * loader/CachedImage.h:
811         * loader/CachedResource.cpp:
812         (WebCore::CachedResource::CachedResource):
813         (WebCore::CachedResource::~CachedResource):
814         * loader/CachedResource.h:
815         (WebCore::CachedResource::data):
816         * loader/CachedScript.cpp:
817         (WebCore::CachedScript::data):
818         * loader/CachedScript.h:
819         * loader/CachedXSLStyleSheet.cpp:
820         (WebCore::CachedXSLStyleSheet::data):
821         * loader/CachedXSLStyleSheet.h:
822         * loader/DocLoader.cpp:
823         (WebCore::DocLoader::checkCacheObjectStatus):
824         * loader/ImageDocument.cpp:
825         (WebCore::ImageTokenizer::writeRawData):
826         (WebCore::ImageTokenizer::finish):
827         * loader/icon/IconDataCache.cpp:
828         (WebCore::IconDataCache::setImageData):
829         (WebCore::IconDataCache::writeToDatabase):
830         * loader/icon/IconDataCache.h:
831         * loader/icon/IconDatabase.cpp:
832         (WebCore::IconDatabase::imageDataForIconURL):
833         (WebCore::IconDatabase::iconForPageURL):
834         (WebCore::IconDatabase::setIconDataForIconURL):
835         (WebCore::IconDatabase::setHaveNoIconForIconURL):
836         (WebCore::IconDatabase::imageDataForIconURLQuery):
837         * loader/icon/IconDatabase.h:
838         * loader/icon/IconLoader.cpp:
839         (WebCore::IconLoader::startLoading):
840         (WebCore::IconLoader::didReceiveResponse):
841         (WebCore::IconLoader::didReceiveData):
842         (WebCore::IconLoader::didFail):
843         (WebCore::IconLoader::finishLoading):
844         (WebCore::IconLoader::clearLoadingState):
845         * loader/icon/IconLoader.h:
846         * loader/icon/SQLStatement.cpp:
847         (WebCore::SQLStatement::getColumnBlobAsVector):
848         (WebCore::SQLStatement::isExpired):
849         * loader/icon/SQLStatement.h:
850         * loader/loader.cpp:
851         (WebCore::Loader::didFinishLoading):
852         (WebCore::Loader::didReceiveData):
853         * page/mac/WebCoreFrameBridge.mm:
854         (-[WebCoreFrameBridge getData:andResponse:forURL:]):
855         (-[WebCoreFrameBridge getAllResourceDatas:andResponses:]):
856         * platform/SharedBuffer.h:
857         (WebCore::SharedBuffer::isEmpty):
858         * platform/graphics/BitmapImage.cpp:
859         (WebCore::BitmapImage::destroyDecodedData):
860         (WebCore::BitmapImage::dataChanged):
861         * platform/graphics/BitmapImage.h:
862         * platform/graphics/Image.cpp:
863         (WebCore::Image::setData):
864         * platform/graphics/Image.h:
865         (WebCore::Image::dataChanged):
866         (WebCore::Image::data):
867         * platform/graphics/ImageSource.h:
868         * platform/graphics/cg/ImageSourceCG.cpp:
869         (WebCore::ImageSource::setData):
870         * platform/graphics/cg/PDFDocumentImage.cpp:
871         (WebCore::PDFDocumentImage::dataChanged):
872         * platform/graphics/cg/PDFDocumentImage.h:
873         * platform/graphics/mac/ImageMac.mm:
874         (WebCore::Image::loadPlatformResource):
875         * platform/graphics/svg/SVGImage.cpp:
876         (WebCore::SVGImage::setData):
877         * platform/mac/PasteboardMac.mm:
878         (WebCore::fileWrapperForImage):
879
880 2007-03-13  Justin Garcia  <justin.garcia@apple.com>
881
882         Reviewed by darin
883         
884         <rdar://problem/5046875> 
885         Gmail Editor: Applying alignment to selected text in message also applies alignment to signature
886
887         * editing/ApplyStyleCommand.cpp:
888         (WebCore::ApplyStyleCommand::doApply): Don't call applyBlockStyle unless
889         there is a block style to apply.
890         (WebCore::ApplyStyleCommand::applyBlockStyle): Don't do the remove step.
891         It was unnecessary and removed properties from blocks that could contain 
892         content outside the range being operated on (added a testcase).
893         (WebCore::ApplyStyleCommand::addBlockStyleIfNeeded): Used an early return
894         instead of if-nesting.
895         * editing/ApplyStyleCommand.h:
896         * editing/CompositeEditCommand.cpp:
897         (WebCore::CompositeEditCommand::moveParagraphContentsToNewBlockIfNecessary):
898         Return the new block, if one was created.  Use moveParagraphs to move
899         paragraphs into the new block, instead of moving nodes.  The old code moved
900         too much (added a testcase).
901         * editing/CompositeEditCommand.h:
902
903 2007-03-13  Oliver Hunt  <oliver@apple.com>
904
905         Reviewed by Brady.
906
907         To fix <rdar://problem/5044366> we now pass a NSString
908         representation of the URL extracted with _web_originalDataAsString
909         instead of relying on [NSURL absoluteString] in the bridge
910
911         * page/mac/WebCoreFrameBridge.h:
912         * page/mac/WebCoreFrameBridge.mm:
913         (-[WebCoreFrameBridge getData:andResponse:forURL:]):
914
915 2007-03-13  Brady Eidson  <beidson@apple.com>
916
917         Reviewed by Anders
918
919         <rdar://problem/5048818> - REGRESSION: Incompletely loaded resources being saved to the object cache
920
921         Due to a subtle change in loader behavior back in 10904, we would stop all loaders before calling 
922         didFail() on them in the Cache loader.  As a result, we basically cleared all of the Subresource Loaders 
923         out of the Cache loader before more properly failing them as errored out.  The result?  Partially loaded
924         resources being cached.
925         
926         Since Loader::didFail() both calls error() on the object *and* removes the loader, the solution is to call 
927         didFail() for all cancelled loaders instead of *only* removing them from the set of active loaders.
928         
929         In addition, pages that didn't completely load were being saved to the back/forward cache.  To fix that,
930         I added a null check on the DocumentLoader's error to see if the page ended in an error, or did indeed 
931         completely load.
932
933         Note that the layout test for this - if possible - will require other enhancements including possibly adding
934         support for window.stop().  That task is documented in <rdar://problem/5061826>
935
936         * loader/FrameLoader.cpp:
937         (WebCore::FrameLoader::provisionalLoadStarted): Fixed a few bugs relating to my original BFCache rewrite to
938           more perfectly restore the original behavior - including only caching HTML documents via the 
939           m_client->canCachePage() call
940         (WebCore::FrameLoader::canCachePage): Don't make the call to m_client->canCachePage() as that serves a different
941           purpose
942           - Check the mainDocumentError to see if the load ended in error as a further criteria in determining the 
943           cachability of a page
944
945         * loader/loader.cpp:
946         (WebCore::Loader::cancelRequests): Call didFail(cancelledError()) instead of just removing the loaders from the 
947           loaders-in-progress set.  This adds the effect of properly cleaning up the cached object.
948
949 2007-03-13  Beth Dakin  <bdakin@apple.com>
950
951         Rendering part reviewed by Hyatt. Editing part consulted with and 
952         rubber stamped by Justin and Harrison.
953
954         Fix for <rdar://problem/5025925> A hang occurs in Safari when 
955         attempting to print page at http://www.pcadvisor.co.uk
956
957         * rendering/RenderBlock.cpp:
958         (WebCore::RenderBlock::makeChildrenNonInline): 
959         RenderBlock::makeChildrenNonInline() takes a block's inline 
960         children and turns them into block children. If the children had 
961         line boxes, those boxes were being leaked. In the layout test I 
962         added with the change (and at pcadvisor.co.uk during printing) 
963         children were being made non-inline, and then they were being made 
964         inline again. This meant that some of the children ended up 
965         pointing to totally stale line boxes that are normally just leaked. 
966         This caused an infinite loop in RenderFlow::destroy(). This patch 
967         simply deletes everyone's line boxes in 
968         RenderBlock::makeChildrenNonInline()
969
970         * editing/InsertParagraphSeparatorCommand.cpp:
971         (WebCore::InsertParagraphSeparatorCommand::doApply): The other part 
972         of this fix is that I added a call to updateLayout in 
973         InsertParagraphSeparatorCommand::doApply(). One layout test 
974         (editing/spelling/spelling.html) was changed by my patch to 
975         RenderBlock. doApply() inserts a node into the render tree. In at 
976         least one case in spelling.html, that caused some line boxes to be 
977         deleted. Back in doApply() this meant that the RenderTree was out-
978         of-date, and we mistakenly thought we were at the end of the 
979         paragraph. This caused us to insert a RenderBR() at the end of the 
980         tree instead of an empty RenderText(). No one seems to know exactly 
981         why we insert either, or if the change is necessarily a problem. It 
982         is clear, though, that the RenderTree in doApply() is out-of-date 
983         after inserting the node and deleting some line boxes, so it seems 
984         prudent to call into updateLayout().
985
986 2007-03-13  Adam Roben  <aroben@apple.com>
987
988         Reviewed by Anders.
989
990         * platform/FontData.h: Added m_isSystemFont parameter to match NSFont.
991
992 2007-03-13  Beth Dakin  <bdakin@apple.com>
993
994         Reviewed by Maciej.
995
996         Export DocumentLoader::setFrame(). Part of fix for <rdar://
997         problem/4277074> 8F32: Help Viewer crashed on clicking link - 
998         KHTMLView::viewportMouseReleaseEvent (12647)
999
1000         * WebCore.exp:
1001
1002 2007-03-13  Darin Adler  <darin@apple.com>
1003
1004         Reviewed by Maciej.
1005
1006         - fix http://bugs.webkit.org/show_bug.cgi?id=12794
1007           <rdar://problem/5028154> REGRESSION: TripTik planner at aaa.com never
1008           finishes loading due to unclosed canvas tag (12794)
1009
1010         Change <canvas> elements so that their contents are parsed normally,
1011         but not rendered. This change fixes the bug, because normal parsing
1012         rules close the <canvas> element in that case. The special parser
1013         stuff was just getting in the way.
1014
1015         Also do some basic cleanup to the HTML parser. This was motivated by
1016         an earlier version of this patch that made even more changes to the
1017         parser, but the cleanup is still worth landing.
1018
1019         Test: fast/canvas/canvas-hides-fallback.html
1020         Test: fast/canvas/script-inside-canvas-fallback.html
1021         Test: fast/canvas/unclosed-canvas-1.html
1022         Test: fast/canvas/unclosed-canvas-2.html
1023         Test: fast/canvas/unclosed-canvas-3.html
1024         Test: fast/canvas/unclosed-canvas-4.html
1025
1026         * html/HTMLCanvasElement.h: Added a data member to keep track of whether the
1027         renderer is a RenderHTMLCanvas or not.
1028         * html/HTMLCanvasElement.cpp:
1029         (WebCore::HTMLCanvasElement::createRenderer): If JavaScript is enabled, create
1030         a RenderHTMLCanvas. If it's not, let the default code create the default type
1031         of renderer, which will result in fallback content being visible. The
1032         RenderHTMLCanvas class already hides all of its children. Set the m_rendererIsCanvas
1033         boolean accordingly. Since the actual storage for the canvas is allocated lazily
1034         when you actually get a drawing context, we don't need to do anything special
1035         to prevent it when JavaScript is disabled; the relevant functions won't be called.
1036         (WebCore::HTMLCanvasElement::reset): Protect the code that manipulates the
1037         RenderHTMLCanvas with a check of m_rendererIsCanvas. This is the only code inside
1038         the DOM element that relies on the renderer type.
1039
1040         * html/HTMLParser.h: Removed unneeded includes. Marked HTMLParser as
1041         Noncopyable. Changed the Document parameter to the constructor to instead
1042         be HTMLDocument. Renamed discard_until to m_skipModeTag for clarity.
1043         Removed unused noSpaces function and unneeded public doc() function.
1044         Moved data members all down to the end so you can see them together in order.
1045         Renamed map to m_currentMapElement and isindex to m_isindexElement.
1046         Removed unused end and headLoaded data members.  Renamed m_fragment to
1047         m_isParsingFragment to make it clearer that it's a boolean, not a fragment.
1048
1049         * html/HTMLParser.cpp:
1050         (WebCore::HTMLParser::HTMLParser): Changed to use member construction
1051         syntax instead of calling reset(). This is especially helpful in the
1052         fragment case, where calling reset() later on is illegal, so not using
1053         it in the constructor lets us assert.
1054         (WebCore::HTMLParser::~HTMLParser): Did an explicit deref instead of
1055         calling setCurrent for its side effect.
1056         (WebCore::HTMLParser::reset): Updated for member name changes and removal
1057         and to use document instead of doc().
1058         (WebCore::HTMLParser::setCurrent): Use document instead of doc().
1059         (WebCore::HTMLParser::setSkipMode): Added. No longer inline. Now sets the
1060         m_inCanvasBeforeFirstOpenTag data member to false.
1061         (WebCore::HTMLParser::parseToken): Tightened up the skip mode logic at the
1062         top of the function, and added a FIXME about the strange case there where
1063         we don't skip yet stay in skip mode. Updated for renaming and doc().
1064         (WebCore::HTMLParser::insertNode): Updated for renaming and doc().
1065         (WebCore::HTMLParser::handleError): Ditto.
1066         (WebCore::HTMLParser::framesetCreateErrorCheck): Ditto.
1067         (WebCore::HTMLParser::isindexCreateErrorCheck): Changed to use RefPtr.
1068         (WebCore::HTMLParser::noscriptCreateErrorCheck): Updated for renaming and doc().
1069         (WebCore::HTMLParser::mapCreateErrorCheck): Ditto.
1070         (WebCore::HTMLParser::getNode): Removed the special case for canvas here.
1071         Canvas fallback is now handled in the DOM, not the parser. Updated for
1072         renaming and doc().
1073         (WebCore::HTMLParser::allowNestedRedundantTag): Changed a #define into a C++
1074         constant.
1075         (WebCore::HTMLParser::processCloseTag): Updated for renaming and doc().
1076         (WebCore::HTMLParser::isInline): Ditto.
1077         (WebCore::HTMLParser::tagIsOnStack): Added. Used by new canvas logic.
1078         (WebCore::HTMLParser::popBlock): Updated for renaming and doc(). Also renamed
1079         the local variable Elem to elem.
1080         (WebCore::HTMLParser::createHead): Ditto.
1081         (WebCore::HTMLParser::handleIsindex): Changed to use RefPtr.
1082         (WebCore::HTMLParser::startBody): Updated for renaming and doc().
1083         (WebCore::HTMLParser::finished): Ditto.
1084
1085 2007-03-13  David Hyatt  <hyatt@apple.com>
1086
1087         Two more cleanup fixes to the cache.  Don't call destroyDecodedData in the BitmapImage destructor, since
1088         clearing the image source and calling setData on it again causes it to do an extra copy of the encoded
1089         data.  Since we're about to be destroyed this is just wasteful.
1090
1091         When the cache prunes, don't allow it to destroy the decoded data of an image that is still actively loading,
1092         since we've established that ImageIO can actually crash if you yank the rug out from under it like that.
1093
1094         Reviewed by ggaren
1095
1096         * loader/Cache.cpp:
1097         (WebCore::Cache::prune):
1098         * platform/graphics/BitmapImage.cpp:
1099         (WebCore::BitmapImage::~BitmapImage):
1100
1101 2007-03-13  Anders Carlsson  <acarlsson@apple.com>
1102
1103         Try fixing the Qt build.
1104         
1105         * editing/Editor.h:
1106         (WebCore::Editor::setStartNewKillRingSequence):
1107
1108 2007-03-13  David Harrison  <harrison@apple.com>
1109
1110         Reviewed by Justin.
1111
1112         <rdar://problem/5031181> cntl-k at end of paragraph adds nothing to the kill ring
1113         <rdar://problem/5031189> REGRESSION: cntl-y yanks only the most recently killed content
1114
1115         For rdar://5031181, properly extend the selection before the killring handling, and
1116         make sure plainText of that selection returns a linefeed.
1117         
1118         For rdar://5031189, restore Editor::deleteRange() code that continued current killring,
1119         even though the range deletion implicitly stopped it via changing the selection.
1120         
1121         A byproduct of this change is the elimination of RUNDFINDER vs CONTENT TextIterator. The
1122         only difference between the two was whether to emit a newline when the range started
1123         with a blockflow element. No callers actually need that any more.
1124
1125         Tests added:
1126         * editing/pasteboard/emacs-ctrl-k-y-001-expected.checksum: Added.
1127         * editing/pasteboard/emacs-ctrl-k-y-001-expected.png: Added.
1128         * editing/pasteboard/emacs-ctrl-k-y-001-expected.txt: Added.
1129         * editing/pasteboard/emacs-ctrl-k-y-001.html: Added.
1130
1131         * editing/Editor.cpp:
1132         (WebCore::Editor::deleteRange):
1133         Clear the "start new kill ring sequence" setting, because it was set to true
1134         when the selection was updated by deleting the range.
1135         
1136         (WebCore::Editor::deleteWithDirection):
1137         If extending the selection to the end of paragraph resulted in a caret selection,
1138         extend by character, to handle the case when the selection started as a caret at
1139         the end of paragraph.
1140         
1141         * editing/TextIterator.cpp:
1142         (WebCore::TextIterator::TextIterator):
1143         Initialize new member variables for tracking handling of the beginning of the range.
1144         
1145         (WebCore::TextIterator::advance):
1146         Call representNodeOffsetZero on the m_endContainer.
1147         Move visibility checks into handleTextNode and handleReplacedElement.
1148         
1149         (WebCore::TextIterator::handleTextNode):
1150         (WebCore::TextIterator::handleTextBox):
1151         Call emitText.
1152         
1153         (WebCore::TextIterator::handleReplacedElement):
1154         Moved visibility check into here.
1155         
1156         (WebCore::shouldEmitNewlinesBeforeAndAfterNode):
1157         
1158         (WebCore::TextIterator::shouldRepresentNodeOffsetZero):
1159         (WebCore::TextIterator::representNodeOffsetZero):
1160         New. Emits proper sequence when encountering offset 0 of a node, including the
1161         m_endContainer. Started with code from handleNonTextNode.
1162         
1163         (WebCore::TextIterator::handleNonTextNode):
1164         Call representNodeOffsetZero.
1165         
1166         (WebCore::TextIterator::exitNode):
1167         Similar to shouldRepresentNodeOffsetZero, do not emit the newline if the node
1168         was collapsed, and before any other emitted content.
1169         
1170         (WebCore::TextIterator::emitCharacter):
1171         
1172         (WebCore::TextIterator::emitText):
1173         New. Consolidates code used by handleText and handleTextBox.
1174         
1175         (WebCore::CharacterIterator::CharacterIterator):
1176         Removed RUNFINDER.
1177
1178         (WebCore::WordAwareIterator::WordAwareIterator):
1179         Removed RUNFINDER.
1180         
1181         (WebCore::WordAwareIterator::advance):
1182         Formatting.
1183
1184         (WebCore::TextIterator::rangeLength):
1185         Formatting.
1186         
1187         * editing/TextIterator.h:
1188         Added member variables for tracking handling of the beginning of the range.
1189         Eliminated concept of RUNDFINDER vs CONTENT TextIterator.
1190         
1191         * editing/visible_units.cpp:
1192         (WebCore::nextBoundary):
1193         Eliminated concept of RUNDFINDER vs CONTENT TextIterator.
1194
1195 2007-03-13  David Hyatt  <hyatt@apple.com>
1196
1197         Clean up the null image case in CachedImage::data to make sure the size totals will stay accurate.
1198         I'm not convinced this case can even be hit, but I'm cleaning it up just in case.
1199
1200         * loader/CachedImage.cpp:
1201         (WebCore::CachedImage::data):
1202
1203 2007-03-13  David Hyatt  <hyatt@apple.com>
1204
1205         Reorder the call to allReferencesRemoved, since otherwise the live object size will become
1206         incorrect.
1207
1208         * loader/CachedResource.cpp:
1209         (WebCore::CachedResource::deref):
1210
1211 2007-03-13  Antti Koivisto  <antti@apple.com>
1212
1213         Reviewed by Darin.
1214         
1215         Fix http://bugs.webkit.org/show_bug.cgi?id=11083
1216         REGRESSION: Typing tab key fails to insert a tab character in Google Docs editable area
1217         <rdar://problem/4757650>
1218         
1219         Allow inserting tabs in designMode. Backtab behaves like before (matches FF).
1220
1221         * page/EventHandler.cpp:
1222         (WebCore::EventHandler::defaultTabEventHandler):
1223
1224 2007-03-13  David Hyatt  <hyatt@apple.com>
1225
1226         Fix two counting errors in the decoded size of objects in the WebCore cache.  We need to explicitly
1227         destroy decoded data when clearing out a partially loaded image that had an error, since the destructor
1228         (although it does destroy the data) disconnects the observer so that the notification doesn't happen.
1229
1230         Some CachedImages aren't in the cache (like image documents).  When the decoded size of such an image
1231         changes we should not notify the cache, since - newsflash - we aren't actually in it.
1232
1233         Reviewed by ggaren
1234
1235         * loader/CachedImage.cpp:
1236         (WebCore::CachedImage::clear):
1237         (WebCore::CachedImage::decodedSizeChanged):
1238
1239 2007-03-13  Darin Adler  <darin@apple.com>
1240
1241         Reviewed by Tim Hatcher and John Sullivan.
1242
1243         - fix <rdar://problem/4915303> CrashTracer: 36 crashes in Safari at
1244           com.apple.AppKit: -[NSView getRectsBeingDrawn:count:] + 502
1245
1246         * page/mac/FrameMac.mm: (WebCore::Frame::imageFromRect):
1247         This was calling drawRect: directly, but NSView's getRectsBeingDrawn:count:
1248         method was never really safe to call unless it was AppKit that called your
1249         drawRect: method. Changed it to call drawSingleRect: instead. A little ugly,
1250         but seems to work and will almost certainly fix the bug.
1251
1252 2007-03-13  Nikolas Zimmermann  <zimmermann@kde.org>
1253
1254         Reviewed by Maciej.
1255
1256         Fixes: http://bugs.webkit.org/show_bug.cgi?id=12974
1257
1258         Call forgetGenericContext in JSSVGPathSeg destructor, otherwhise
1259         we'll hit an ASSERT in a debug build, when running svg/custom/js-update-path-changes.svg
1260         a few dozen times in a single WebKit instance. The ASSERT is good and just warns that
1261         there was already a generic context pointer registered, and the new "to be registered"
1262         object already exists, but pointing to a different object. That's because garbage collection
1263         calls the JSSVGPathSeg destructor, but that didn't cleanup the generic context map.
1264
1265         Only JSSVGPathSeg is hit by this problem, as it's the only non SVGAnimated* type
1266         using the generic context system while using a custom JSSVGPathSegList implementation.
1267
1268         Also cleanup JSSVGPathSegListCustom code to call the static forgetGenericContext
1269         method instead of doing the same using custom code.
1270
1271         * bindings/js/JSSVGPathSegListCustom.cpp:
1272         (WebCore::removeFromPathSegContextMap):
1273         (WebCore::JSSVGPathSegList::clear):
1274         (WebCore::JSSVGPathSegList::removeItem):
1275         * bindings/scripts/CodeGeneratorJS.pm:
1276
1277 2007-03-13  Darin Adler  <darin@apple.com>
1278
1279         Reviewed by Adele.
1280
1281         - fix http://bugs.webkit.org/show_bug.cgi?id=12595
1282           <rdar://problem/4722863> REGRESSION: Can't add item to cart at lnt.com
1283           (JS type error) (12595)
1284
1285         Test: fast/forms/old-names.html
1286
1287         * bindings/js/JSHTMLFormElementCustom.cpp:
1288         (WebCore::JSHTMLFormElement::canGetItemsForName): If the form collection has
1289         nothing for a given name, try the form's oldNamedElement function.
1290         (WebCore::JSHTMLFormElement::nameGetter): Ditto.
1291
1292         * bindings/js/kjs_dom.h: Removed the DOMNamedNodesCollection. Instead we will use
1293         a class derived from NodeList.
1294         * bindings/js/kjs_dom.cpp: Ditto.
1295
1296         * bindings/js/kjs_html.cpp:
1297         (KJS::VectorNodeList::VectorNodeList): Added. Constructor for a new class derived
1298         from NodeList to be used for the named items result from a collection -- uses a
1299         vector of node pointers.
1300         (KJS::VectorNodeList::length): Added.
1301         (KJS::VectorNodeList::item): Added.
1302         (KJS::JSHTMLCollection::getNamedItems): Use VectorNodeList and the existing wrapper
1303         for NodeList rather than a custom JavaScript class, DOMNamedNodesCollection.
1304
1305         * dom/ChildNodeList.h:
1306         * dom/ChildNodeList.cpp:
1307         (WebCore::ChildNodeList::ChildNodeList): Updated to derive from TreeNodeList,
1308         since NodeList is now a simpler class.
1309         (WebCore::ChildNodeList::elementMatches): Updated for name and parameter change.
1310
1311         * dom/NameNodeList.h:
1312         * dom/NameNodeList.cpp:
1313         (WebCore::NameNodeList::NameNodeList): Updated to derive from TreeNodeList,
1314         since NodeList is now a simpler class.
1315         (WebCore::NameNodeList::rootNodeAttributeChanged): Updated for name and
1316         parameter change.
1317
1318         * dom/Node.h: Change register/unregister functions to take TreeNodeList.
1319         * dom/Node.cpp:
1320         (WebCore::TagNodeList::TagNodeList): Updated to derive from TreeNodeList,
1321         since NodeList is now a simpler abstract class.
1322         (WebCore::TagNodeList::elementMatches): Updated for name and parameter change.
1323         (WebCore::Node::registerNodeList): Changed type from NodeList to TreeNodeList.
1324         (WebCore::Node::unregisterNodeList): Ditto.
1325
1326         * dom/NodeList.h: Broke NodeList into a simpler base class and a derived class
1327         with the machinery for iterating a tree, called TreeNodeList.
1328         * dom/NodeList.cpp:
1329         (WebCore::NodeList::~NodeList): Added.
1330         (WebCore::NodeList::itemWithName): Factored out of the old itemWithName.
1331         (WebCore::TreeNodeList::TreeNodeList): Renamed from NodeList.
1332         (WebCore::TreeNodeList::~TreeNodeList): Ditto.
1333         (WebCore::TreeNodeList::recursiveLength): Ditto.
1334         (WebCore::TreeNodeList::itemForwardsFromCurrent): Ditto.
1335         (WebCore::TreeNodeList::itemBackwardsFromCurrent): Ditto.
1336         (WebCore::TreeNodeList::recursiveItem): Ditto.
1337         (WebCore::TreeNodeList::itemWithName): Factored half of this into this function,
1338         the other half in NodeList::itemWithName.
1339         (WebCore::TreeNodeList::rootNodeAttributeChanged): Added. No longer inline.
1340         (WebCore::TreeNodeList::rootNodeChildrenChanged): Renamed from NodeList.
1341
1342         * html/HTMLFormElement.h: Added formElementNameChanged and oldNamedElement
1343         fucntions, and a map called m_oldNames. Also removed m_boundary, which I
1344         thought I had already done.
1345         * html/HTMLFormElement.cpp:
1346         (WebCore::HTMLFormElement::HTMLFormElement): Initialize m_oldNames to 0.
1347         Switched the rest of the members to initialization syntax.
1348         (WebCore::HTMLFormElement::~HTMLFormElement): Delete m_oldNames.
1349         (WebCore::HTMLFormElement::formElementNameChanged): Added. Stores a reference
1350         to one element under each of its old names.
1351         (WebCore::HTMLFormElement::oldNamedElement): Added. Returns the old element
1352         that once had a given name.
1353
1354         * html/HTMLGenericFormElement.h:
1355         * html/HTMLGenericFormElement.cpp:
1356         (WebCore::HTMLGenericFormElement::parseMappedAttribute): When the name
1357         attribute changes, tell the form about the old name.
1358         (WebCore::HTMLGenericFormElement::insertedIntoTree): When telling a form
1359         about an element, also store away the old name so that we can use it
1360         when the name changes later.
1361
1362         * html/HTMLInputElement.cpp:
1363         (WebCore::HTMLInputElement::parseMappedAttribute): Added a call to the
1364         base class in the nameAttr case, so the code in HTMLGenericFormElement
1365         above will get called in the input element case.
1366
1367 2007-03-13  Antti Koivisto  <antti@apple.com>
1368
1369         Reviewed by Alexey.
1370
1371         Alexey spotted a DOS by using string of 64k unbreakable character in
1372         fix for http://bugs.webkit.org/show_bug.cgi?id=12833
1373
1374         * dom/Text.cpp:
1375         (WebCore::Text::createWithLengthLimit):
1376
1377 2007-03-13  Lars Knoll <lars@trolltech.com>
1378
1379         Fix the Qt build
1380
1381         * WebCore.pro:
1382
1383 2007-03-13  Rob Buis  <buis@kde.org>
1384
1385         Reviewed by Darin.
1386
1387         http://bugs.webkit.org/show_bug.cgi?id=12576
1388         WebKit does not support xlink:show attributes
1389
1390         Make an exception for non-empty targets, these should be opened
1391         in a new window, unless the value is _self.
1392
1393         * ksvg2/svg/SVGAElement.cpp:
1394         (WebCore::SVGAElement::defaultEventHandler):
1395
1396 2007-03-13  David Hyatt  <hyatt@apple.com>
1397
1398         - fix cache issues seen in http://bugs.webkit.org/show_bug.cgi?id=13050
1399           6 objects and ~200MB leaked after opening then closing tab
1400           <rdar://problem/5058714>
1401
1402         Double the encoded size of images for now.  We do this to account for a bug in ImageIO where they hold
1403         a separate copy of image data.  See <rdar://problem/5050645>.
1404
1405         Reviewed by aroben.
1406
1407         * loader/CachedImage.cpp:
1408         (WebCore::CachedImage::data):
1409
1410 2007-03-12  Krzysztof Kowalczyk  <kkowalczyk@gmail.com>
1411
1412         Not reviewed - gdk build fix.
1413
1414         * platform/gdk/TemporaryLinkStubs.cpp:
1415         (SearchPopupMenu::enabled): add missing stub.
1416
1417 2007-03-12  David Kilzer  <ddkilzer@kilzer.net>
1418
1419         Reviewed by Darin.
1420
1421         - fix http://bugs.webkit.org/show_bug.cgi?id=13045
1422           REGRESSION: Blackboard CourseWare Error with Nightlies after Mar 8
1423
1424         * html/HTMLFormElement.cpp:
1425         (WebCore::getUniqueBoundaryString): Speculative fix: remove dashes from
1426         the boundary prefix that appear after non-dash characters.
1427
1428 2007-03-12  Mitz Pettel  <mitz@webkit.org>
1429
1430         Reviewed by Anders.
1431
1432         - fix http://bugs.webkit.org/show_bug.cgi?id=13015
1433           REGRESSION (r17233-r17241): Repro crash when leaving a page whose unload handler submits a form
1434
1435         Test: fast/loader/onunload-form-submit-crash-2.html
1436
1437         * loader/DocumentLoader.cpp:
1438         (WebCore::DocumentLoader::finishedLoading): Added null check.
1439
1440 2007-03-12  Anders Carlsson  <acarlsson@apple.com>
1441
1442         Reviewed by Darin.
1443
1444         <rdar://problem/4900071>
1445         http://bugs.webkit.org/show_bug.cgi?id=6454
1446         ASSERTION: Navigating 'back' in frameset: !_private->previousItem (6454)
1447
1448         Change back the behavior of checkLoadComplete to traverse the entire frame tree instead of
1449         just the parent frames of the current frame. This is needed in order to reset the previous history item
1450         for all frames when doing a frame navigation. (This was changed in revision 11819)
1451         
1452         * loader/FrameLoader.cpp:
1453         (WebCore::FrameLoader::recursiveCheckLoadComplete):
1454         (WebCore::FrameLoader::checkLoadComplete):
1455         * loader/FrameLoader.h:
1456
1457 2007-03-12  Justin Garcia  <justin.garcia@apple.com>
1458
1459         Reviewed by darin
1460         
1461         <rdar://problem/5056619> 
1462         REGRESSION: Gmail Editor: Dragging text into Reply (textarea) field results in a crash at WebCore::InsertNodeBeforeCommand::doApply()
1463         
1464         * editing/SelectionController.cpp:
1465         (WebCore::removingNodeRemovesPosition): Added.
1466         (WebCore::SelectionController::nodeWillBeRemoved): Clear the
1467         selection if it's inside a shadow tree.
1468         * page/DragController.cpp:
1469         (WebCore::setSelectionToDragCaret): Return false to signal to
1470         clients that a drop shouldn't be performed if the second attempt
1471         to set a selection ends up in non-editable content.
1472
1473 2007-03-12  Darin Adler  <darin@apple.com>
1474
1475         Reviewed by Tim Hatcher.
1476
1477         - fixed JavaScript wrapper classes to be correct for a variety of cases
1478           that a new test uncovered: was broken for at least 5 classes
1479
1480         - fixed Objective-C wrapper classes to be correct for a variety of cases
1481           that a test case uncovered: was broken for ast least 50 classes
1482
1483         - added missing DOM API for creating OverflowEvent and WheelEvent instances
1484
1485         Test: fast/dom/wrapper-classes.html
1486
1487         * DerivedSources.make: Added missing bindings: HTMLCanvasElement for ObjC,
1488         CDATASection, Comment, and EntityReference for JavaScript.
1489         * WebCore.xcodeproj/project.pbxproj: Added those new generated files.
1490
1491         * bindings/js/JSHTMLElementWrapperFactory.cpp:
1492         (WebCore::createJSHTMLWrapper): Corrected the wrapper classes for <keygen>,
1493         which needs an HTMLSelectElement wrapper, and <xmp>, which needs an
1494         HTMLPreElement wrapper.
1495
1496         * bindings/objc/DOMInternal.h: Updated for new naming scheme.
1497         Also moved createDOMWrapper from the KJS namespace to the WebCore namespace.
1498         * bindings/objc/DOMUtility.mm:
1499         (KJS::createDOMWrapper): Broke the core function into a separate one, and
1500         left it in the KJS namespace because Objective-C++ rules make it impossible
1501         for it to work in the WebCore namespace. Used a macro-based implementation
1502         to cut down on repeated code, and added missing cases for Counter,
1503         HTMLOptionsCollection, Range, XPathExpression, XPathResult, Event, RGBColor,
1504         Rect, Window, DOMImplementation, NodeIterator, TreeWalker, and HTMLCollection.
1505         (WebCore::createDOMWrapper): The other half of the function.
1506
1507         * bindings/objc/DOM.mm:
1508         (WebCore::createElementClassMap): Corrected the wrapper classes for
1509         <canvas>, which needs a DOMHTMLCanvasElement wrapper, <del>, which needs
1510         a DOMHTMLModElement wrapper, <embed>, which needs a DOMHTMLEmbedElement
1511         wrapper, <ins>, which needs a DOMHTMLModElement wrapper, <th>, which needs
1512         a DOMHTMLTableCellElement wrapper, and <xmp>, which needs an
1513         DOMHTMLPreElement wrapper.
1514         (+[DOMNode _wrapNode:]): Updated for new naming scheme.
1515         (+[DOMNode _wrapEventTarget:]): Ditto.
1516         (+[DOMNodeFilter _wrapNodeFilter:]): Ditto.
1517         (ObjCNodeFilterCondition::acceptNode): Ditto.
1518         (-[DOMDocument createNodeIterator:whatToShow:filter:expandEntityReferences:]): Ditto.
1519         (-[DOMDocument createTreeWalker:whatToShow:filter:expandEntityReferences:]): Ditto.
1520         (WebCore::ObjCEventListener::handleEvent): Ditto.
1521
1522         * dom/Document.cpp: (WebCore::Document::createEvent):
1523         Added cases for OverflowEvent and WheelEvent.
1524
1525         * dom/OverflowEvent.h: Added empty constructor and initOverflowEvent.
1526         * dom/OverflowEvent.cpp:
1527         (WebCore::OverflowEvent::OverflowEvent): Added.
1528         (WebCore::OverflowEvent::initOverflowEvent): Added.
1529         * dom/OverflowEvent.idl: Added initOverflowEvent.
1530
1531         * bindings/objc/PublicDOMInterfaces.h: Added initOverflowEvent.
1532
1533         * bindings/objc/DOMCSS.mm:
1534         (+[DOMStyleSheet _wrapStyleSheet:]): Updated for new naming scheme.
1535         (+[DOMCSSRule _wrapCSSRule:]): Corrected wrapper for CSSUnknownRule.
1536         (+[DOMCSSValue _wrapCSSValue:]): Updated for new naming scheme.
1537
1538         * bindings/js/kjs_css.h:
1539         (KJS::DOMRGBColor::impl): Added. Used when making an ObjC wrapper.
1540         (KJS::DOMRect::impl): Ditto.
1541
1542         * bindings/js/kjs_dom.cpp: (KJS::toJS): Corrected the wrapper classes for
1543         CDATASection, Comment, and EntityReference.
1544
1545         * bindings/js/kjs_html.cpp: Corrected the class name for HTMLElement
1546         (was "DOMHTMLElement") and HTMLCollection (was "Collection").
1547
1548         * bindings/objc/DOMImplementationFront.h:
1549         * bindings/objc/DOMImplementationFront.cpp:
1550         (WebCore::implementationFront): Added new overload that returns a front given
1551         a JavaScript wrapper. Needed by the code that makes the Objective-C wrapper.
1552
1553         * bindings/objc/WebScriptObject.mm:
1554         (+[WebScriptObject _convertValueToObjcValue:originRootObject:rootObject:]):
1555         Updated since createDOMWrapper is now in the WebCore namespace.
1556
1557         * bindings/scripts/CodeGeneratorObjC.pm: Update the naming scheme for the
1558         wrapper creation functions to use _wrapElement: rather then _elementWith:
1559         style. Removed now-unneeded special cases for things that needed to stay
1560         upper-case, since we don't have to do the whole lcfirst thing.
1561
1562         * html/HTMLCanvasElement.idl: Added #if so we can successfully generate the
1563         Objective-C wrapper for this class, even though we can't yet handle the
1564         DOMObject return type.
1565
1566         * html/HTMLOptionsCollection.idl: Added GenerateNativeConverter so we get
1567         an appropriate toJS function.
1568
1569         * bindings/objc/DOMEvents.mm:
1570         (+[DOMEvent _wrapEvent:]):
1571         * bindings/objc/DOMHTML.mm:
1572         (-[DOMHTMLDocument createDocumentFragmentWithMarkupString:baseURL:]):
1573         (-[DOMHTMLDocument createDocumentFragmentWithText:]):
1574         * bindings/objc/DOMObject.mm:
1575         (-[DOMObject sheet]):
1576         * bindings/objc/DOMRGBColor.mm:
1577         (-[DOMRGBColor red]):
1578         (-[DOMRGBColor green]):
1579         (-[DOMRGBColor blue]):
1580         (-[DOMRGBColor alpha]):
1581         (+[DOMRGBColor _wrapRGBColor:]):
1582         * bindings/objc/DOMSVGPathSegInternal.mm:
1583         (+[DOMSVGPathSeg _wrapSVGPathSeg:]):
1584         * bindings/objc/DOMXPath.mm:
1585         (+[DOMNativeXPathNSResolver _wrapXPathNSResolver:]):
1586         * page/mac/WebCoreFrameBridge.mm:
1587         (-[WebCoreFrameBridge nodesFromList:]):
1588         (-[WebCoreFrameBridge elementWithName:inForm:]):
1589         (-[WebCoreFrameBridge formForElement:]):
1590         (-[WebCoreFrameBridge currentForm]):
1591         (-[WebCoreFrameBridge controlsInForm:]):
1592         (-[WebCoreFrameBridge rangeByAlteringCurrentSelection:SelectionController::direction:SelectionController::granularity:]):
1593         (-[WebCoreFrameBridge convertNSRangeToDOMRange:]):
1594         (-[WebCoreFrameBridge markDOMRange]):
1595         (-[WebCoreFrameBridge markedTextDOMRange]):
1596         (-[WebCoreFrameBridge smartDeleteRangeForProposedRange:]):
1597         (-[WebCoreFrameBridge documentFragmentWithMarkupString:baseURLString:]):
1598         (-[WebCoreFrameBridge documentFragmentWithText:inContext:]):
1599         (-[WebCoreFrameBridge documentFragmentWithNodesAsParagraphs:]):
1600         (-[WebCoreFrameBridge replaceSelectionWithNode:selectReplacement:smartReplace:matchStyle:]):
1601         (-[WebCoreFrameBridge replaceSelectionWithText:selectReplacement:smartReplace:]):
1602         (-[WebCoreFrameBridge increaseSelectionListLevel]):
1603         (-[WebCoreFrameBridge increaseSelectionListLevelOrdered]):
1604         (-[WebCoreFrameBridge increaseSelectionListLevelUnordered]):
1605         (-[WebCoreFrameBridge dragCaretDOMRange]):
1606         (-[WebCoreFrameBridge editableDOMRangeForPoint:]):
1607         (-[WebCoreFrameBridge characterRangeAtPoint:]):
1608         (-[WebCoreFrameBridge typingStyle]):
1609         (-[WebCoreFrameBridge rangeOfCharactersAroundCaret]):
1610         * platform/mac/ClipboardMac.mm:
1611         (WebCore::ClipboardMac::declareAndWriteDragImage):
1612         * platform/mac/PasteboardMac.mm:
1613         (WebCore::Pasteboard::writeSelection):
1614         Updated for new naming scheme.
1615
1616 2007-03-12  Timothy Hatcher  <timothy@apple.com>
1617
1618         Reviewed by Darin.
1619
1620         <rdar://problem/4990691> REGRESSION: Selecting text in Adium's Messages field causes horizontal shift
1621
1622         Corrected the recursive point conversion and scrolling done in scrollPointRecursively to use the
1623         document view of each NSClipView.
1624
1625         * platform/mac/ScrollViewMac.mm:
1626         (WebCore::ScrollView::scrollPointRecursively): Call convertPoint:fromView: on the document views,
1627         not the clip views as we encounter them. Then call constrainScrollPoint: on the converted point to
1628         constrain to the document view bounds. And finally call scrollPoint: on the document view, not the clip view.
1629
1630 2007-03-12  Antti Koivisto  <antti@apple.com>
1631
1632         Reviewed by Alexey.
1633
1634         Fix http://bugs.webkit.org/show_bug.cgi?id=12833
1635         REGRESSION: Selecting text in 6.6MB txt file is sluggish as of the Feb 19th nightly
1636         <rdar://problem/5028159>
1637         
1638         Divide large text blocks (>64kB) over multiple text nodes. This limits linebox searches to
1639         a manageable subset.
1640         
1641         * dom/Text.cpp:
1642         (WebCore::Text::createWithLengthLimit):
1643         * dom/Text.h:
1644         * html/HTMLParser.cpp:
1645         (WebCore::HTMLParser::parseToken):
1646         * loader/TextDocument.cpp:
1647         (WebCore::TextTokenizer::write):
1648
1649 2007-03-12  David Hyatt  <hyatt@apple.com>
1650
1651         Fix a regression in printing.  Printer fonts need to be part of the
1652         font cache key, since printer fonts have different glyph widths.
1653         (Integer antialiasing is used for screen fonts but not for printer fonts.)
1654
1655         Reviewed by aroben
1656
1657         * platform/FontCache.cpp:
1658         (WebCore::FontPlatformDataCacheKey::FontPlatformDataCacheKey):
1659         (WebCore::FontPlatformDataCacheKey::operator==):
1660         (WebCore::computeHash):
1661         (WebCore::FontCache::getCachedFontPlatformData):
1662
1663 2007-03-12  Lars Knoll <lars@trolltech.com>
1664
1665         add missing symbol to fix the Qt build again.
1666
1667         * platform/qt/SearchPopupMenuQt.cpp:
1668         (WebCore::SearchPopupMenu::enabled):
1669
1670 2007-03-12  Adele Peterson  <adele@apple.com>
1671
1672         Reviewed by Oliver.
1673
1674         Adding the ability to enable or disable a SearchPopupMenu.
1675
1676         * platform/SearchPopupMenu.h:
1677         * platform/mac/SearchPopupMenuMac.mm: (WebCore::SearchPopupMenu::enabled):
1678         * rendering/RenderTextControl.cpp: (WebCore::RenderTextControl::showPopup):
1679
1680 2007-03-12  Rob Buis  <buis@kde.org>
1681
1682         Reviewed by Nikolas Zimmermann.
1683
1684         http://bugs.webkit.org/show_bug.cgi?id=12500
1685         SVG fails to correctly handle all link style selectors
1686         http://bugs.webkit.org/show_bug.cgi?id=12567
1687         <text> elements ignore <a> children
1688
1689         Allow <a> inside svg text and handle xlink:show.
1690
1691         * ksvg2/svg/SVGAElement.cpp:
1692         (WebCore::SVGAElement::createRenderer):
1693         (WebCore::SVGAElement::defaultEventHandler):
1694         (WebCore::SVGAElement::childShouldCreateRenderer):
1695         * ksvg2/svg/SVGAElement.h:
1696         * ksvg2/svg/SVGElement.h:
1697         (WebCore::SVGElement::isTextContent):
1698         * ksvg2/svg/SVGTextContentElement.h:
1699         (WebCore::SVGTextContentElement::isTextContent):
1700         * ksvg2/svg/SVGTextElement.cpp:
1701         (WebCore::SVGTextElement::childShouldCreateRenderer):
1702         * rendering/SVGInlineFlowBox.cpp:
1703         (WebCore::translateBox):
1704         (WebCore::placePositionedBoxesHorizontally):
1705         (WebCore::placeBoxesVerticallyWithAbsBaseline):
1706
1707 2007-03-12  Adele Peterson  <adele@apple.com>
1708
1709         Reviewed by Oliver.
1710
1711         Add a missing parameter to the constructor.
1712
1713         * platform/PlatformKeyboardEvent.h:
1714         * platform/win/KeyEventWin.cpp: (WebCore::PlatformKeyboardEvent::PlatformKeyboardEvent):
1715
1716 2007-03-12  Lars Knoll <lars@trolltech.com>
1717
1718         Fix the Qt build. I still get crashes though :/
1719
1720         * platform/graphics/qt/ImageDecoderQt.cpp:
1721         (WebCore::ImageDecoderQt::clearFrame):
1722         * platform/graphics/qt/ImageDecoderQt.h:
1723         * platform/graphics/qt/ImageSourceQt.cpp:
1724         (WebCore::ImageSource::setData):
1725         (WebCore::ImageSource::frameIsCompleteAtIndex):
1726         (WebCore::ImageSource::clear):
1727         (WebCore::ImageSource::destroyFrameAtIndex):
1728         * platform/qt/ClipboardQt.cpp:
1729         (WebCore::ClipboardQt::ClipboardQt):
1730         * platform/qt/ClipboardQt.h:
1731         * platform/qt/DragDataQt.cpp:
1732         (WebCore::DragData::createClipboard):
1733
1734 2007-03-11  Krzysztof Kowalczyk  <kkowalczyk@gmail.com>
1735
1736         Not reviewed - gdk build fixes.
1737
1738         * platform/gdk/EditorClientGdk.cpp:
1739         (WebCore::EditorClientGdk::respondToChangedSelection): add stub
1740         * platform/gdk/EditorClientGdk.h:
1741         * platform/gdk/FrameGdk.cpp:
1742         * platform/gdk/TemporaryLinkStubs.cpp:
1743         (Editor::markMisspellings): add stub
1744
1745 2007-03-11  Alexey Proskuryakov  <ap@webkit.org>
1746
1747         Reviewed by Adele.
1748
1749         http://bugs.webkit.org/show_bug.cgi?id=12560
1750         W3C XPath test Text_Nodes.svg fails
1751
1752         * xml/XPathStep.cpp:
1753         (WebCore::XPath::Step::nodeTestMatches): Revert the fix, as the behavior doesn't appear 
1754         all that desirable as it did at first glance.
1755
1756 2007-03-11  Oliver Hunt  <oliver@apple.com>
1757
1758         Reviewed by hyatt.
1759
1760         Fix for <rdar://problem/5055690> ASSERTION failure on drop into 
1761         editable element with content changed on drop 
1762
1763         After setting the selection for a drop into an editable region 
1764         we make sure the we succeeded.  If we didn't we assume a focus handler
1765         or similar altered the element contents and try again, if the second
1766         attempt fails we bail out.
1767
1768         * page/DragController.cpp:
1769         (WebCore::setSelectionToDragCaret):
1770         (WebCore::DragController::concludeDrag):
1771
1772 2007-03-11  Oliver Hunt  <oliver@apple.com>
1773
1774         Reviewed by Adele.
1775
1776         Moving Frame{Mac}::respondToChangedSelection to Frame.cpp
1777         Added new EditorClient method to handle old bridge function
1778         
1779         * bridge/EditorClient.h:
1780            Added respondToChangedSelection to replace old bridge function
1781         * editing/Editor.cpp:
1782         (WebCore::Editor::respondToChangedSelection):
1783            Add client call to replace old bridge call from Frame::respondToChangedSelection
1784         * editing/SelectionController.cpp:
1785         (WebCore::SelectionController::setSelection):
1786            No longer directly call Editor as Frame::respondToChangedSelection
1787            makes the call
1788         * page/Frame.cpp:
1789         (WebCore::Frame::respondToChangedSelection):
1790            Moved from FrameMac, replaced bridge call with call to Editor
1791         * page/mac/FrameMac.mm:
1792            Moved respondToChangedSelection to Frame.cpp
1793         * page/mac/WebCoreFrameBridge.h:
1794            Removed respondToChangedSelection from bridge
1795         * page/qt/FrameQt.cpp:
1796            Remove stub method for respondToChangedSelection
1797
1798 2007-03-11  Krzysztof Kowalczyk  <kkowalczyk@gmail.com>
1799
1800         Reviewed by Brady Eidson.
1801
1802         Linux/gdk fix.
1803
1804         * loader/gdk/FrameLoaderClientGdk.cpp:
1805         (WebCore::FrameLoaderClientGdk::shouldGoToHistoryItem): return true so
1806         that FrameLoader:goBackOrForwards() works.
1807
1808 2007-03-10  Geoffrey Garen  <ggaren@apple.com>
1809
1810         Reviewed by Darin Adler.
1811
1812         Fixed <rdar://problem/4587763> PAC file: lock inversion between QT and 
1813         JSCore causes a hang @ www.panoramas.dk
1814         
1815         See JavaScriptCore ChangeLog for details.
1816         
1817         * bindings/objc/WebScriptObject.mm:
1818         (_didExecute): Added helpful ASSERT.
1819         (+[WebScriptObject throwException:]): Added missing JSLock.
1820
1821 2007-03-11  Antti Koivisto  <antti@apple.com>
1822
1823         Reviewed by Hyatt.
1824
1825         Optimize linebox memory consumption:
1826         - move all bitfields to baseclass compacting them
1827         - make InlineTextBox::m_truncation unsigned short and make it relative to m_start
1828         - remove extremely rarely used EllipsisBox pointer from RootInlineBox and instead
1829           use a global hashmap to store it if needed
1830         - use minimum required number of bits to store BidiStatus enum variables in RootInlineBox
1831         - move overflow variables in RootInlineBox to a separate struct that is instantiated
1832           only if any of the variables is set to a value that can't trivially be derived from 
1833           box x, y, width and height
1834           
1835         As a result line box objects shrink:
1836             InlineBox: 44 -> 44 bytes
1837             InlineTextBox: 68 -> 60 bytes
1838             InlineFlowBox: 68 -> 64 bytes
1839             RootInlineBox: 128 -> 88 bytes
1840             
1841         The optimizations possiblity was noticed when debugging http://bugs.webkit.org/show_bug.cgi?id=12833
1842         Bug 12833: REGRESSION: Selecting text in 6.6MB txt file is sluggish as of the Feb 19th nightly
1843         <rdar://problem/5028159>
1844         
1845         On that page the patch saves 11.5MB or some 21% of linebox memory consumption. It also
1846         actually improves selection performance somewhat by improving memory locality.
1847
1848         * rendering/InlineBox.h:
1849         (WebCore::InlineBox::InlineBox):
1850         * rendering/InlineFlowBox.h:
1851         (WebCore::InlineFlowBox::InlineFlowBox):
1852         * rendering/InlineTextBox.cpp:
1853         (WebCore::InlineTextBox::placeEllipsisBox):
1854         (WebCore::InlineTextBox::nodeAtPoint):
1855         (WebCore::InlineTextBox::paint):
1856         (WebCore::InlineTextBox::paintDecoration):
1857         (WebCore::InlineTextBox::paintSpellingOrGrammarMarker):
1858         (WebCore::InlineTextBox::paintMarkedTextUnderline):
1859         * rendering/InlineTextBox.h:
1860         (WebCore::InlineTextBox::InlineTextBox):
1861         * rendering/RootInlineBox.cpp:
1862         (WebCore::throw):
1863         (WebCore::RootInlineBox::Overflow::operator delete):
1864         (WebCore::RootInlineBox::Overflow::destroy):
1865         (WebCore::RootInlineBox::destroy):
1866         (WebCore::RootInlineBox::detachEllipsisBox):
1867         (WebCore::RootInlineBox::clearTruncation):
1868         (WebCore::RootInlineBox::placeEllipsis):
1869         (WebCore::RootInlineBox::paintEllipsisBox):
1870         (WebCore::RootInlineBox::addHighlightOverflow):
1871         (WebCore::RootInlineBox::nodeAtPoint):
1872         (WebCore::RootInlineBox::adjustPosition):
1873         (WebCore::RootInlineBox::selectionTop):
1874         (WebCore::RootInlineBox::setLineBreakInfo):
1875         (WebCore::RootInlineBox::ellipsisBox):
1876         (WebCore::RootInlineBox::setVerticalOverflowPositions):
1877         (WebCore::RootInlineBox::setHorizontalOverflowPositions):
1878         (WebCore::RootInlineBox::setVerticalSelectionPositions):
1879         * rendering/RootInlineBox.h:
1880         (WebCore::RootInlineBox::RootInlineBox):
1881         (WebCore::RootInlineBox::topOverflow):
1882         (WebCore::RootInlineBox::bottomOverflow):
1883         (WebCore::RootInlineBox::leftOverflow):
1884         (WebCore::RootInlineBox::rightOverflow):
1885         (WebCore::RootInlineBox::lineBreakBidiStatus):
1886         (WebCore::RootInlineBox::selectionBottom):
1887         (WebCore::RootInlineBox::Overflow::Overflow):
1888
1889 2007-03-11  Alexey Proskuryakov  <ap@webkit.org>
1890
1891         Reviewed by Darin.
1892
1893         A partial fix for http://bugs.webkit.org/show_bug.cgi?id=13021
1894         XPath can be very slow
1895
1896         * xml/XPathExpression.cpp:
1897         (WebCore::XPathExpression::evaluate): Cache evaluationContext in a local variable.
1898
1899         * xml/XPathExpressionNode.cpp:
1900         (WebCore::XPath::Expression::evaluationContext):
1901         * xml/XPathExpressionNode.h:
1902         (WebCore::XPath::Expression::addSubExpression):
1903         (WebCore::XPath::Expression::subExprCount):
1904         (WebCore::XPath::Expression::subExpr):
1905         * xml/XPathFunctions.cpp:
1906         * xml/XPathFunctions.h:
1907         (WebCore::XPath::Function::setName):
1908         (WebCore::XPath::Function::arg):
1909         (WebCore::XPath::Function::argCount):
1910         (WebCore::XPath::Function::name):
1911         Made one-liners critical for performance inline.
1912
1913         * xml/XPathGrammar.y: Fully parse NodeTests, so that strings are no longer passed for what is
1914         essentially an enum. Use LocationPath accessors to add steps, instead of directly manipulating
1915         internal data members.
1916
1917         * xml/XPathParser.cpp:
1918         (WebCore::XPath::Parser::parseStatement):
1919         (WebCore::XPath::Parser::registerNodeTest):
1920         (WebCore::XPath::Parser::deleteNodeTest):
1921         * xml/XPathParser.h:
1922         Added support methods for changes in XPathGrammar.y.
1923
1924         * xml/XPathPath.cpp:
1925         (WebCore::XPath::Filter::evaluate): Cache evaluationContext in a local variable. Use swap() to avoid
1926         performing vector assignments.
1927         (WebCore::XPath::LocationPath::evaluate): Use swap() to avoid performing vector assignments.
1928         (WebCore::XPath::LocationPath::optimizeStepPair): This new method is called during LocationPath construction, 
1929         to simplify the path as it's being built. Currently, the only optimized case is "//*" - it is a basis for
1930         important operations that cannot be efficiently written in XPath 1.0, but can be optimized with a little bit
1931         of XPath 2.0.
1932         (WebCore::XPath::LocationPath::appendStep): A new accessor that modifies m_steps and calls optimizeStepPair().
1933         (WebCore::XPath::LocationPath::insertFirstStep): Ditto.
1934         * xml/XPathPath.h:
1935         (WebCore::XPath::LocationPath::setAbsolute): A new accessor.
1936
1937         * xml/XPathStep.h:
1938         (WebCore::XPath::Step::NodeTest::):
1939         (WebCore::XPath::Step::NodeTest::NodeTest):
1940         (WebCore::XPath::Step::NodeTest::kind):
1941         (WebCore::XPath::Step::NodeTest::data):
1942         Step::NodeTest is a new sub-class that represents a fully parsed NodeTest.
1943         (WebCore::XPath::Step::axis):
1944         (WebCore::XPath::Step::nodeTest):
1945         (WebCore::XPath::Step::nodeTestData):
1946         (WebCore::XPath::Step::namespaceURI):
1947         (WebCore::XPath::Step::predicates):
1948         (WebCore::XPath::Step::setAxis):
1949         (WebCore::XPath::Step::setNodeTest):
1950         (WebCore::XPath::Step::setNodeTestData):
1951         (WebCore::XPath::Step::setNamespaceURI):
1952         (WebCore::XPath::Step::setPredicates):
1953         New accessors that let optimizeStepPair() manipulate Step data.
1954
1955         * xml/XPathStep.cpp:
1956         (WebCore::XPath::Step::Step): Use the new NodeTest class.
1957         (WebCore::XPath::Step::evaluate): Cache evaluationContext in a local variable. Use swap() to avoid
1958         performing unneeded vector assignments.
1959         (WebCore::XPath::Step::nodesInAxis): Cosmetic changes.
1960         (WebCore::XPath::Step::nodeTestMatches): Use NodeTest instead of parsing the test from string each time.
1961         Added a partial implementation of XPath 2.0 element() node test.
1962
1963 2007-03-10  Alexey Proskuryakov  <ap@webkit.org>
1964
1965         Reviewed by Darin.
1966
1967         http://bugs.webkit.org/show_bug.cgi?id=12249
1968         FCKeditor: <hr>, <ul> and <ol> have id="undefined"
1969
1970         This fixes the attached reduction, but not the original issue.
1971
1972         Test: editing/execCommand/default-parameters.html
1973
1974         * dom/Document.h:
1975         * dom/Document.idl:
1976         Make second and third execCommand() parameters optional.
1977
1978 2007-03-10  Adele Peterson  <adele@apple.com>
1979
1980         Reviewed by Maciej.
1981
1982         Fix for http://bugs.webkit.org/show_bug.cgi?id=13028
1983         REGRESSION: textField:doCommandBySelector:inFrame: not being called properly
1984
1985         * html/HTMLInputElement.cpp: (WebCore::HTMLInputElement::defaultEventHandler):
1986           Before calling the base class defaultEventHandler, which will call handleKeypress, call doTextFieldCommandFromEvent.        
1987
1988 2007-03-10  Mitz Pettel  <mitz@webkit.org>
1989
1990         Reviewed by Darin.
1991
1992         - fix http://bugs.webkit.org/show_bug.cgi?id=13013
1993           REGRESSION: Selection box does not scroll to where the focus jumps when pressing an alphanumeric key
1994
1995         Test: fast/forms/listbox-typeahead-scroll.html
1996
1997         * html/HTMLSelectElement.cpp:
1998         (WebCore::HTMLSelectElement::setSelectedIndex): Reordered to set the active selection's
1999         anchor and end before selecting the option, since the active selection is used to
2000         decide where to scroll when the selection is made.
2001         (WebCore::HTMLSelectElement::defaultEventHandler): Removed redundant check.
2002
2003 2007-03-10  Mitz Pettel  <mitz@webkit.org>
2004
2005         Reviewed by Darin.
2006
2007         - fix http://bugs.webkit.org/show_bug.cgi?id=12973
2008           REGRESSION: Reproducible assert while loading this test file if css is already in the cache
2009
2010         Test: fast/dom/css-cached-import-rule.html
2011
2012         Replaced some direct calls to document->stylesheetLoaded() with calls to
2013         the sheet's checkLoaded(). The latter calls back to the element's sheetLoaded() --
2014         which notifies the document of the load -- and then updates the sheet's
2015         loadCompleted() flag, ensuring that it stays in sync with whether the stylesheet
2016         is still considered pending by the document.
2017
2018         * dom/ProcessingInstruction.cpp:
2019         (WebCore::ProcessingInstruction::parseStyleSheet):
2020         * dom/StyleElement.cpp:
2021         (WebCore::StyleElement::childrenChanged):
2022         * html/HTMLLinkElement.cpp:
2023         (WebCore::HTMLLinkElement::process):
2024         (WebCore::HTMLLinkElement::setCSSStyleSheet):
2025         * ksvg2/svg/SVGStyleElement.cpp:
2026         (WebCore::SVGStyleElement::sheetLoaded):
2027         * ksvg2/svg/SVGStyleElement.h:
2028
2029 2007-03-10  David Kilzer  <ddkilzer@webkit.org>
2030
2031         Reviewed by Darin.
2032
2033         - fix http://bugs.webkit.org/show_bug.cgi?id=9609
2034           REGRESSION: Missing image icon needs to be moved back to WebKit
2035
2036         * WebCore.exp: Export WebCore::Image::loadPlatformResource(const char*) for use in
2037         [WebHTMLView _startDraggingImage:at:operation:event:sourceIsDHTML:DHTMLWroteData:].
2038
2039 2007-03-09  Darin Adler  <darin@apple.com>
2040
2041         Reviewed by Justin.
2042
2043         - fix http://bugs.webkit.org/show_bug.cgi?id=8928
2044           <rdar://problem/5045708> REPRODUCIBLE ASSERT: Cannot paste HTML into a
2045           contenteditable region in an XHTML document (8928)
2046
2047         Test: editing/pasteboard/paste-xml.xhtml
2048
2049         * editing/markup.cpp: (WebCore::createFragmentFromMarkup): Added a check for 0
2050         here, since createContextualFragment can return 0 for XML documents that fail
2051         to parse. In my testing, callers all seem equipped to handle 0.
2052
2053 2007-03-09  Mitz Pettel  <mitz@webkit.org>
2054
2055         Reviewed by Darin.
2056
2057         - fix http://bugs.webkit.org/show_bug.cgi?id=9929
2058           REGRESSION: crash on logging in on mijnpostbank.nl
2059
2060         Test: http/tests/misc/onload-remove-iframe-crash-2.html
2061
2062         The resulted from an iframe's load event handler removing the iframe
2063         from the document.
2064
2065         * dom/Document.cpp:
2066         (WebCore::Document::implicitClose): Bail out early if an event handler
2067         removed the frame.
2068         * loader/FrameLoader.cpp:
2069         (WebCore::FrameLoader::FrameLoader):
2070         (WebCore::FrameLoader::clear):
2071         (WebCore::FrameLoader::checkCompleted): Protect the frame from deletion
2072         by event handlers.
2073         (WebCore::FrameLoader::checkCompletedTimerFired):
2074         (WebCore::FrameLoader::scheduleCheckCompleted):
2075         (WebCore::FrameLoader::detachFromParent): Schedule a completion check
2076         on the parent (in case the child is what has been keeping it from completing).
2077         * loader/FrameLoader.h:
2078
2079 2007-03-08  David Kilzer  <ddkilzer@webkit.org>
2080
2081         Reviewed by Beth.
2082
2083         - fix http://bugs.webkit.org/show_bug.cgi?id=13019
2084           REGRESSION (r20074): Forms don't submit on a variety of websites
2085
2086         No tests added since LayoutTests/fast/forms/document-write.html was timing out
2087         and causing a layout test failure.
2088
2089         * html/HTMLFormElement.cpp:
2090         (WebCore::HTMLFormElement::submit): Removed stray code.
2091
2092 2007-03-08  Krzysztof Kowalczyk  <kkowalczyk@gmail.com>
2093
2094         Not reviewed - gdk build fix.
2095
2096         * platform/graphics/cairo/ImageSourceCairo.cpp:
2097         (WebCore::ImageSource::frameIsCompleteAtIndex): add empty stub
2098
2099 2007-03-08  Justin Garcia  <justin.garcia@apple.com>
2100
2101         Reviewed by harrison
2102         
2103         <rdar://problem/4903193> 
2104         On particular page, Copy is so slow it seems like a hang
2105         
2106         ~2x speedup copying:
2107         http://shakespeare.mit.edu/henryviii/full.html 
2108         Also produces less bloated markup.
2109
2110         * editing/markup.cpp:
2111         (WebCore::startMarkup): Don't wrap text nodes in style spans.
2112         For Elements, don't inline styles inherited from ancestors.
2113         (WebCore::createMarkup): No longer necessary to find 
2114         the root's default style and pass it to startMarkup.
2115         Add a wrapper span around the markup with the styles
2116         that all nodes in the markup inherit (the inheritable 
2117         styles from the common ancestor container's computed style).
2118         Added a FIXME about unecessary markup for inline ancestors 
2119         up to the commonAncestorBlock.
2120
2121 2007-03-08  Darin Adler  <darin@apple.com>
2122
2123         Reviewed by Adele.
2124
2125         - <rdar://problem/4470381> multipart/form-data boundary security vulnerability
2126
2127         By making the form data boundary a string with some random data in it, we reduce
2128         the possibility that anyone could take advantage of it by creating a file that
2129         intentionally has the boundary string in it.
2130
2131         * html/HTMLFormElement.h: Removed boundary(), setBoundary(), and m_boundary.
2132         Marked a lot more stuff private.
2133         * html/HTMLFormElement.cpp:
2134         (WebCore::HTMLFormElement::HTMLFormElement): Removed code to initialize
2135         m_boundary.
2136         (WebCore::randomNumber): Added. Function that returns a random number, including
2137         seeding the random number generator the first time it's called. For now, usees the more
2138         random function random() on Mac OS X and the more-standard rand() on other platforms.
2139         (WebCore::HTMLFormElement::formData): Take a parameter with the form boundary string,
2140         and use that instead of m_boundary.
2141         (WebCore::getUniqueBoundaryString): Added. Makes a boundary string using random numbers
2142         and base 64 encoding.
2143         (WebCore::HTMLFormElement::submit): Call getUniqueBoundaryString and pass the boundary
2144         string into formData for multipart form posts.
2145
2146 2007-03-08  Maciej Stachowiak  <mjs@apple.com>
2147
2148         Reviewed by Adele.
2149         
2150         <rdar://problem/4646563> REGRESSION: Unable to send text message from Verizon text message website: vtext.com (12588)
2151         http://bugs.webkit.org/show_bug.cgi?id=12588
2152
2153         Carefully revised which focus operations restore previous selection, which clear it, and which
2154         select the whole control contents.
2155         
2156         Tests:
2157         fast/forms/focus-selection-input.html
2158         fast/forms/focus-selection-textarea.html
2159         
2160         * dom/Element.cpp:
2161         (WebCore::Element::focus):
2162         * dom/Element.h:
2163         * html/HTMLInputElement.cpp:
2164         (WebCore::HTMLInputElement::focus):
2165         (WebCore::HTMLInputElement::accessKeyAction):
2166         * html/HTMLInputElement.h:
2167         * html/HTMLLabelElement.cpp:
2168         (WebCore::HTMLLabelElement::focus):
2169         (WebCore::HTMLLabelElement::accessKeyAction):
2170         * html/HTMLLabelElement.h:
2171         * html/HTMLLegendElement.cpp:
2172         (WebCore::HTMLLegendElement::focus):
2173         * html/HTMLLegendElement.h:
2174         * html/HTMLTextAreaElement.cpp:
2175         (WebCore::HTMLTextAreaElement::focus):
2176         * html/HTMLTextAreaElement.h:
2177         * page/FocusController.cpp:
2178         (WebCore::FocusController::advanceFocus):
2179
2180 2007-03-08  Justin Garcia  <justin.garcia@apple.com>
2181
2182         Reviewed by harrison
2183
2184         <http://bugs.webkit.org/show_bug.cgi?id=12244>
2185         FCKeditor: Find dialog doesn't work
2186
2187         * bindings/js/kjs_window.cpp:
2188         (KJS::Window::find): Added.  This function doesn't yet 
2189         support whole word searches, searching in subframes, or
2190         opening the find dialog.
2191         (KJS::WindowFunc::callAsFunction):
2192         * bindings/js/kjs_window.h:
2193         (KJS::Window::):
2194
2195 2007-03-08  David Hyatt  <hyatt@apple.com>
2196
2197         Fix regression from throwing away frames of large animated images.  Alter
2198         animated images so that they refuse to advance the animation until the
2199         current displayed frame has been fully decoded.
2200
2201         Reviewed by ggaren
2202
2203         * platform/graphics/BitmapImage.cpp:
2204         (WebCore::BitmapImage::startAnimation):
2205         (WebCore::BitmapImage::advanceAnimation):
2206         * platform/graphics/ImageSource.h:
2207         * platform/graphics/cg/ImageSourceCG.cpp:
2208         (WebCore::ImageSource::frameIsCompleteAtIndex):
2209
2210 2007-03-08  David Hyatt  <hyatt@apple.com>
2211
2212         Fix 2% performance regression on the PLT.  Increase the large animated
2213         image cutoff from 1MB to 5MB.
2214
2215         In addition when pruning we will aggressively discard image sources.
2216
2217         Reviewed by ggaren
2218
2219         * platform/graphics/BitmapImage.cpp:
2220         (WebCore::BitmapImage::destroyDecodedData):
2221
2222 2007-03-08  Timothy Hatcher  <timothy@apple.com>
2223
2224         Reviewed by John.
2225
2226         <rdar://problem/4664697> highlighter SPI needs a node parameter to give more context
2227
2228         Pass the RenderObject's node to customHighlightLineRect and paintCustomHighlight.
2229
2230         * page/Frame.h:
2231         * page/mac/FrameMac.mm:
2232         (WebCore::Frame::customHighlightLineRect):
2233         (WebCore::Frame::paintCustomHighlight):
2234         * page/mac/WebCoreFrameBridge.h:
2235         * rendering/InlineTextBox.cpp:
2236         (WebCore::InlineTextBox::paintCustomHighlight):
2237         * rendering/RenderBox.cpp:
2238         (WebCore::RenderBox::paintCustomHighlight):
2239         * rendering/RootInlineBox.cpp:
2240         (WebCore::RootInlineBox::addHighlightOverflow):
2241         (WebCore::RootInlineBox::paintCustomHighlight):
2242
2243 2007-03-08  Justin Garcia  <justin.garcia@apple.com>
2244
2245         Reviewed by harrison
2246         
2247         <http://bugs.webkit.org/show_bug.cgi?id=13000>
2248         Range.createContextualFragment is not supported
2249
2250         * dom/Range.cpp:
2251         (WebCore::Range::createContextualFragment): The
2252         "startContainer" may not be a container, if the
2253         range starts inside text.  In that case, look
2254         to the parent of the start node for an HTMLElement.
2255
2256 2007-03-08  Justin Garcia  <justin.garcia@apple.com>
2257
2258         Reviewed by harrison
2259         
2260         <rdar://problem/5049671>
2261         Gmail Editor: With linked text, Remove Formatting doesn't always remove underline
2262
2263         * editing/Editor.cpp:
2264         (WebCore::Editor::removeFormattingAndStyle): Clear removed
2265         anchors after the deletion.
2266
2267 2007-03-08  David Kilzer  <ddkilzer@webkit.org>
2268
2269         Reviewed by NOBODY (build fix).
2270
2271         Added missing file for r20059:
2272         <rdar://problem/4708689> -- REGRESSION: Some symbols with 2-byte display as garbage in Hotmail.
2273
2274         File was taken from this svn repository which contained versions of ucnv.h and ucnv_err.h
2275         that were identical to ours:
2276         http://source.icu-project.org/repos/icu/icu/tags/release-3-2/source/common/unicode/ucnv_cb.h
2277
2278         * icu/unicode/ucnv_cb.h: Added.
2279
2280 2007-03-08  Shrikant Gangoda  <shrikant.gangoda@celunite.com>
2281
2282         Gdk build fix.
2283
2284         * platform/graphics/cairo/ImageSourceCairo.cpp:
2285         (WebCore::ImageSource::~ImageSource):
2286         (WebCore::ImageSource::clear):
2287
2288 2007-03-08  Oliver Hunt  <oliver@apple.com>
2289
2290         Reviewed by Adam.
2291
2292         To match old TEC behaviour when using ICU we need to use 
2293         a few manual fallback encodings for the GBK/EUC-CN charsets
2294
2295         <rdar://problem/4708689> -- REGRESSION: Some symbols with 2-byte display as garbage in Hotmail.
2296
2297         * platform/TextCodecICU.cpp:
2298         (WebCore::TextCodecICU::TextCodecICU):
2299         (WebCore::TextCodecICU::createICUConverter):
2300         (WebCore::gbkEscapes):
2301         (WebCore::gbkCallbackEscape):
2302         (WebCore::gbkCallbackSubstitute):
2303         (WebCore::TextCodecICU::encode):
2304         * platform/TextCodecICU.h:
2305         (WebCore::TextCodecICU::needsGBKFallbacks):
2306         (WebCore::TextCodecICU::setNeedsGBKFallbacks):
2307
2308 2007-03-08  Alexey Proskuryakov  <ap@webkit.org>
2309
2310         Build fix.
2311
2312         * xml/XPathUtil.cpp:
2313         (WebCore::XPath::stringValue):
2314
2315 2007-03-08  David Hyatt  <hyatt@apple.com>
2316
2317         This patch dramatically reduces the memory consumed by animated images.  For large animated GIFs (defined for
2318         now as >1mb in terms of decoded frame buffer size), we will now aggressively flush previous frames of the
2319         animated GIF and just re-decode them on the fly if the animation loops.
2320
2321         Whenever a large animated GIF has its animation reset, we will also just throw out everything and start
2322         the animation over (in order to get rid of any cached detritus held in the ImageSource).
2323
2324         With this patch and the sample GIF used to test, WebKit's memory consumption went from 160MB down to 16MB.
2325
2326         Reviewed by mjs
2327
2328         * platform/graphics/BitmapImage.cpp:
2329         (WebCore::BitmapImage::destroyDecodedData):
2330         (WebCore::BitmapImage::resetAnimation):
2331         (WebCore::BitmapImage::advanceAnimation):
2332         * platform/graphics/ImageSource.h:
2333         * platform/graphics/cg/ImageSourceCG.cpp:
2334         (WebCore::ImageSource::~ImageSource):
2335         (WebCore::ImageSource::clear):
2336
2337 2007-03-08  Alexey Proskuryakov  <ap@webkit.org>
2338
2339         Reviewed by Darin.
2340
2341         http://bugs.webkit.org/show_bug.cgi?id=13006
2342         XPath string-value is broken for some node types
2343
2344         Test: fast/xpath/string-value.html
2345
2346         * xml/XPathUtil.cpp:
2347         (WebCore::XPath::stringValue): Fix it :-)
2348
2349 2007-03-07  Anders Carlsson  <acarlsson@apple.com>
2350
2351         Reviewed by Adam.
2352
2353         <rdar://problem/4981000> 
2354         http://bugs.webkit.org/show_bug.cgi?id=12634
2355         REGRESSION: crash loading web archive (12634)
2356         
2357         The reason this bug wasn't always reproducible is that it involved sending an event to a plugin while 
2358         the page was loading. Before we send the event to the plugin we defer loads. The problem was that
2359         MainResourceLoader::setDefersLoad would not work with data loads.
2360         
2361         * loader/DocumentLoader.cpp:
2362         (WebCore::DocumentLoader::setRequest):
2363         Only set m_committed to false if we also have a valid unreachable URL.
2364         
2365         * loader/MainResourceLoader.cpp:
2366         (WebCore::MainResourceLoader::setDefersLoading):
2367         Make sure to stop and start data loads.
2368
2369 2007-03-07  Krzysztof Kowalczyk  <kkowalczyk@gmail.com>
2370
2371         Not reviewed.
2372
2373         Gdk build fixes.
2374
2375         * platform/gdk/EditorClientGdk.cpp:
2376         (WebCore::EditorClientGdk::handleKeypress): renamed
2377         (WebCore::EditorClientGdk::handleInputMethodKeypress): add a stub
2378         * platform/gdk/EditorClientGdk.h:
2379         * platform/graphics/cairo/ImageSourceCairo.cpp:
2380         (WebCore::ImageSource::destroyFrameAtIndex): add a stub
2381
2382 2007-03-07  Alexey Proskuryakov  <ap@webkit.org>
2383
2384         Reviewed by Darin.
2385
2386         http://bugs.webkit.org/show_bug.cgi?id=13004
2387         Repeatedly calling XPathExpression.evaluate() causes crashes or memory leaks
2388
2389         Removed XPath::Expression::optimize() and related methods, since they were buggy and almost useless.
2390         Merged doEvaluate() into evaluate(), since this was all evaluate() was doing after the above changes.
2391
2392         Test: fast/xpath/evaluate-twice.html
2393
2394         * xml/XPathExpression.cpp:
2395         (WebCore::XPathExpression::evaluate):
2396         * xml/XPathExpressionNode.cpp:
2397         (WebCore::XPath::Expression::Expression):
2398         (WebCore::XPath::Expression::~Expression):
2399         * xml/XPathExpressionNode.h:
2400         * xml/XPathFunctions.cpp:
2401         (WebCore::XPath::FunLast::evaluate):
2402         (WebCore::XPath::FunPosition::evaluate):
2403         (WebCore::XPath::FunId::evaluate):
2404         (WebCore::XPath::FunLocalName::evaluate):
2405         (WebCore::XPath::FunNamespaceURI::evaluate):
2406         (WebCore::XPath::FunName::evaluate):
2407         (WebCore::XPath::FunCount::evaluate):
2408         (WebCore::XPath::FunString::evaluate):
2409         (WebCore::XPath::FunConcat::evaluate):
2410         (WebCore::XPath::FunStartsWith::evaluate):
2411         (WebCore::XPath::FunContains::evaluate):
2412         (WebCore::XPath::FunSubstringBefore::evaluate):
2413         (WebCore::XPath::FunSubstringAfter::evaluate):
2414         (WebCore::XPath::FunSubstring::evaluate):
2415         (WebCore::XPath::FunStringLength::evaluate):
2416         (WebCore::XPath::FunNormalizeSpace::evaluate):
2417         (WebCore::XPath::FunTranslate::evaluate):
2418         (WebCore::XPath::FunBoolean::evaluate):
2419         (WebCore::XPath::FunNot::evaluate):
2420         (WebCore::XPath::FunTrue::evaluate):
2421         (WebCore::XPath::FunLang::evaluate):
2422         (WebCore::XPath::FunFalse::evaluate):
2423         (WebCore::XPath::FunNumber::evaluate):
2424         (WebCore::XPath::FunSum::evaluate):
2425         (WebCore::XPath::FunFloor::evaluate):
2426         (WebCore::XPath::FunCeiling::evaluate):
2427         (WebCore::XPath::FunRound::evaluate):
2428         * xml/XPathPath.cpp:
2429         (WebCore::XPath::Filter::evaluate):
2430         (WebCore::XPath::LocationPath::evaluate):
2431         (WebCore::XPath::Path::evaluate):
2432         * xml/XPathPath.h:
2433         * xml/XPathPredicate.cpp:
2434         (WebCore::XPath::Number::evaluate):
2435         (WebCore::XPath::StringExpression::evaluate):
2436         (WebCore::XPath::Negative::evaluate):
2437         (WebCore::XPath::NumericOp::evaluate):
2438         (WebCore::XPath::EqTestOp::evaluate):
2439         (WebCore::XPath::LogicalOp::evaluate):
2440         (WebCore::XPath::Union::evaluate):
2441         * xml/XPathPredicate.h:
2442         * xml/XPathStep.cpp:
2443         * xml/XPathStep.h:
2444         * xml/XPathVariableReference.cpp:
2445         (WebCore::XPath::VariableReference::evaluate):
2446         * xml/XPathVariableReference.h:
2447
2448 2007-03-07  Sam Weinig  <sam@webkit.org>
2449
2450         Reviewed by Tim H.
2451
2452         Remove unused #import from Objective-C bindings and cleanup the order of #imports.
2453
2454         * bindings/scripts/CodeGeneratorObjC.pm:
2455
2456 2007-03-07  Sam Weinig  <sam@webkit.org>
2457
2458         Reviewed by Tim H.
2459
2460         Make sure the baseURI attribute generates for private Objective-C bindings.
2461
2462         * dom/Node.idl:
2463
2464 2007-03-07  Anders Carlsson  <acarlsson@apple.com>
2465
2466         Reviewed by Maciej.
2467
2468         <rdar://problem/4874059>
2469         REGRESSION: Painter IX:register - Crash in WebCore:: ResourceLoader::willSendRequest()
2470
2471         If a load is done from inside of an error delegate method that is called because we cancel another load, 
2472         the first load should be ignored since this is what shipping WebKit does. 
2473         
2474         (Actually, it does load the page in the data source but doesn't do anything with it since the data source
2475         won't have a web frame).
2476         
2477         * loader/FrameLoader.cpp:
2478         (WebCore::FrameLoader::load):
2479         Just bail out if m_isStoppingLoad is true.
2480
2481 2007-03-07  David Hyatt  <hyatt@apple.com>
2482
2483         Use CGImageRelease instead of CFRelease.
2484
2485         Reviewed by aroben
2486
2487         * platform/graphics/cg/ImageCG.cpp:
2488         (WebCore::FrameData::clear):
2489         * platform/graphics/cg/ImageSourceCG.cpp:
2490         (WebCore::ImageSource::destroyFrameAtIndex):
2491
2492 2007-03-07  David Hyatt  <hyatt@apple.com>
2493
2494         Fix a regression where the cache size overflows because of a double
2495         subtraction per resource when they got removed from the cache.  Add an
2496         assert to adjustSize to detect this case in the future.
2497
2498         Fix ImageSourceCG so that when we flush decoded data from our cache that
2499         we also flush it from the ImageSource.
2500
2501         Reviewed by mjs
2502
2503         * loader/Cache.cpp:
2504         (WebCore::Cache::adjustSize):
2505         * platform/graphics/BitmapImage.cpp:
2506         (WebCore::BitmapImage::~BitmapImage):
2507         (WebCore::BitmapImage::destroyDecodedData):
2508         * platform/graphics/Image.h:
2509         * platform/graphics/ImageSource.h:
2510         * platform/graphics/cg/ImageSourceCG.cpp:
2511         (WebCore::ImageSource::setData):
2512         (WebCore::ImageSource::destroyFrameAtIndex):
2513
2514 2007-03-07  Mitz Pettel  <mitz@webkit.org>
2515
2516         Reviewed by Darin.
2517
2518         - fix http://bugs.webkit.org/show_bug.cgi?id=13002
2519           Incomplete repaint of inset outlines
2520
2521         Test: fast/repaint/outline-inset.html
2522
2523         * rendering/RenderObject.cpp:
2524         (WebCore::RenderObject::repaintAfterLayoutIfNeeded):
2525
2526 2007-03-07  Oliver Hunt  <oliver@apple.com>
2527
2528         Reviewed by Antti.
2529
2530         Reset mouse down/drag state variables on mouse button release
2531         
2532         Fixes <rdar://problem/5044654>: Drag out of some QuickTime plug-ins converting into image drag
2533
2534         * page/EventHandler.cpp:
2535         (WebCore::EventHandler::handleMouseReleaseEvent):
2536
2537 2007-03-07  Adele Peterson  <adele@apple.com>
2538
2539         Reviewed by Darin.
2540
2541         WebCore part of fix for:
2542         http://bugs.webkit.org/show_bug.cgi?id=10871
2543         http://bugs.webkit.org/show_bug.cgi?id=12677
2544         <rdar://problem/4823129> REGRESSION: IME key events different in nightly
2545         <rdar://problem/4759563> REGRESSION: Return key is always sent when you confirm a clause in kotoeri
2546
2547         * page/EventHandler.cpp: (WebCore::EventHandler::defaultKeyboardEventHandler): Call handleInputMethodKeypress before actually dispatching the keypress event
2548           so that input methods have a chance to handle the event.  
2549           If the input method handles the event (by marking or unmarking text), then we don't need to send the keypress event.
2550           If an input method doesn't handle the event, then we'll save the data we need to perform the correct action (like what text to insert or what selector to use) 
2551           when we dispatch the keypress event.
2552
2553         * dom/KeyboardEvent.h: Added Mac-specific KeypressCommand struct, so we can store command info during handleInputMethodKeypress, and use it during handleKeypress.
2554         (WebCore::KeyboardEvent::keypressCommand):
2555         (WebCore::KeyboardEvent::setKeypressCommand):
2556
2557         * bridge/EditorClient.h:
2558         * editing/Editor.cpp:
2559         (WebCore::Editor::handleKeypress): Changed handleKeyPress to handleKeypress.
2560         (WebCore::Editor::handleInputMethodKeypress): Added.
2561         * editing/Editor.h:
2562
2563         * platform/graphics/svg/SVGImageEmptyClients.h:
2564         (WebCore::SVGEmptyEditorClient::handleKeypress): Changed handleKeyPress to handleKeypress.
2565         (WebCore::SVGEmptyEditorClient::handleInputMethodKeypress): Added.
2566
2567 2007-03-07  Rob Buis  <buis@kde.org>
2568
2569         Reviewed by Darin.
2570
2571         http://bugs.webkit.org/show_bug.cgi?id=12579
2572         WebKit fails SVG xml:base test
2573
2574         Implement DOM3 properties baseURI and documentURI to fix
2575         the testcase in bug 12579.
2576
2577         * bindings/js/kjs_dom.cpp:
2578         (KJS::DOMNode::getValueProperty):
2579         * bindings/js/kjs_domnode.h:
2580         (KJS::DOMNode::):
2581         * dom/Document.cpp:
2582         (WebCore::Document::documentURI):
2583         (WebCore::Document::setDocumentURI):
2584         (WebCore::Document::baseURI):
2585         * dom/Document.h:
2586         * dom/Document.idl:
2587         * dom/DocumentType.cpp:
2588         (WebCore::DocumentType::baseURI):
2589         * dom/DocumentType.h:
2590         * dom/Element.cpp:
2591         (WebCore::Element::baseURI):
2592         * dom/Element.h:
2593         * dom/Node.cpp:
2594         (WebCore::Node::baseURI):
2595         * dom/Node.h:
2596         * ksvg2/misc/SVGImageLoader.cpp:
2597         (WebCore::SVGImageLoader::updateFromElement):
2598         * ksvg2/svg/SVGImageElement.cpp:
2599         (WebCore::SVGImageElement::parseMappedAttribute):
2600         (WebCore::SVGImageElement::attach):
2601
2602 2007-03-07  Anders Carlsson  <acarlsson@apple.com>
2603
2604         Reviewed by Brady.
2605
2606         Remove some methods in FrameLoader that just calls down to the active document loader. Since each
2607         resource loader now has a pointer to its document loader, we can just call directly to the
2608         document loader.
2609
2610         * WebCore.exp:
2611         * loader/FrameLoader.cpp:
2612         * loader/FrameLoader.h:
2613         * loader/MainResourceLoader.cpp:
2614         (WebCore::MainResourceLoader::willSendRequest):
2615         (WebCore::MainResourceLoader::didReceiveResponse):
2616         * loader/SubresourceLoader.cpp:
2617         (WebCore::SubresourceLoader::SubresourceLoader):
2618         (WebCore::SubresourceLoader::didFinishLoading):
2619         (WebCore::SubresourceLoader::didFail):
2620         (WebCore::SubresourceLoader::didCancel):
2621         * loader/mac/NetscapePlugInStreamLoaderMac.mm:
2622         (WebCore::NetscapePlugInStreamLoader::didFinishLoading):
2623         (WebCore::NetscapePlugInStreamLoader::didFail):
2624         (WebCore::NetscapePlugInStreamLoader::didCancel):
2625
2626 2007-03-06  Geoffrey Garen  <ggaren@apple.com>
2627
2628         Reviewed by Maciej Stachowiak.
2629         
2630         Fixed <rdar://problem/4576242> | http://bugs.webkit.org/show_bug.cgi?id=12586
2631         PAC file: malloc deadlock sometimes causes a hang @ www.apple.com/pro/profiles/ (12586)
2632         
2633         No test because this is very difficult to repro, and the new ASSERTs in 
2634         JavaScriptCore catch the underlying cause while running normal layout tests.
2635         
2636         This is a modified version of r14752 on the branch.
2637         
2638         The fix is to use a bit inside each node, instead of a hash table, to track 
2639         which node subtrees are in the process of being marked. This avoids a call 
2640         to malloc inside mark().
2641         
2642         * bindings/js/kjs_binding.cpp:
2643         (KJS::domObjects):
2644         (KJS::domNodesPerDocument):
2645         * bindings/js/kjs_dom.cpp:
2646         (KJS::DOMNode::mark):
2647         * dom/Node.cpp:
2648         (WebCore::Node::Node):
2649         * dom/Node.h:
2650
2651 2007-03-06  David Hyatt  <hyatt@apple.com>
2652
2653         This patch reworks the WebCore memory cache to significantly reduce the amount of memory consumed by
2654         images in the cache and to enhance the accuracy of the cache size as an absolute bound for the objects
2655         contained within it.  WebCore's memory use over time should significantly improve as a result of these
2656         changes.
2657
2658         Cached resources now have both an encoded size (the original data stream) and a decoded size (an estimate of
2659         the amount of memory consumed by an expanded version of that resource, e.g., the decoded frames of an image).
2660         Both sizes now count towards the total size of the object and towards the allowed memory cache total.
2661
2662         By including both totals the reported size of resources will now be larger, and the cache will therefore become
2663         much more aggressive about flushing.
2664
2665         Objects are stored in size-adjusted and popularity-aware LRU lists as before, but encoded size is now always
2666         used when determining the correct LRU list.
2667
2668         The flush algorithm for the memory cache has been rewritten to first destroy decoded data before evicting
2669         resources.  By being able to compact its resources without evicting them, the memory cache can now hold many more
2670         unique resources (encoded) in the same amount of space.  Depending on how much of a hit we want to take from
2671         re-decoding images, the memory cache could in theory have its size significantly reduced now while still holding
2672         more resources than it did at the larger size!
2673
2674         Reviewed by mjs
2675
2676         * WebCore.xcodeproj/project.pbxproj:
2677         * loader/Cache.cpp:
2678         (WebCore::Cache::requestResource):
2679         (WebCore::Cache::prune):
2680         (WebCore::Cache::remove):
2681         (WebCore::Cache::lruListFor):
2682         (WebCore::Cache::adjustSize):
2683         * loader/Cache.h:
2684         * loader/CachedCSSStyleSheet.cpp:
2685         (WebCore::CachedCSSStyleSheet::data):
2686         * loader/CachedImage.cpp:
2687         (WebCore::CachedImage::CachedImage):
2688         (WebCore::CachedImage::allReferencesRemoved):
2689         (WebCore::CachedImage::clear):
2690         (WebCore::CachedImage::data):
2691         (WebCore::CachedImage::destroyDecodedData):
2692         (WebCore::CachedImage::decodedSize):
2693         (WebCore::CachedImage::decodedSizeChanged):
2694         (WebCore::CachedImage::shouldPauseAnimation):
2695         * loader/CachedImage.h:
2696         * loader/CachedResource.cpp:
2697         (WebCore::CachedResource::CachedResource):
2698         (WebCore::CachedResource::deref):
2699         (WebCore::CachedResource::setEncodedSize):
2700         * loader/CachedResource.h:
2701         (WebCore::CachedResource::allReferencesRemoved):
2702         (WebCore::CachedResource::size):
2703         (WebCore::CachedResource::encodedSize):
2704         (WebCore::CachedResource::decodedSize):
2705         (WebCore::CachedResource::destroyDecodedData):
2706         * loader/CachedScript.cpp:
2707         (WebCore::CachedScript::data):
2708         * loader/CachedXSLStyleSheet.cpp:
2709         (WebCore::CachedXSLStyleSheet::data):
2710         * platform/graphics/BitmapImage.cpp:
2711         (WebCore::BitmapImage::BitmapImage):
2712         (WebCore::BitmapImage::~BitmapImage):
2713         (WebCore::BitmapImage::destroyDecodedData):
2714         (WebCore::BitmapImage::pruneDecodedDataIfNeeded):
2715         (WebCore::BitmapImage::cacheFrame):
2716         (WebCore::BitmapImage::setNativeData):
2717         (WebCore::BitmapImage::shouldAnimate):
2718         (WebCore::BitmapImage::advanceAnimation):
2719         * platform/graphics/BitmapImage.h:
2720         (WebCore::BitmapImage::decodedSize):
2721         * platform/graphics/Image.cpp:
2722         (WebCore::Image::Image):
2723         * platform/graphics/Image.h:
2724         (WebCore::Image::destroyDecodedData):
2725         (WebCore::Image::decodedSize):
2726         (WebCore::Image::imageObserver):
2727         * platform/graphics/ImageAnimationObserver.h: Removed.
2728         * platform/graphics/ImageObserver.h: Added.
2729         (WebCore::ImageObserver::~ImageObserver):
2730         * platform/graphics/svg/SVGImage.cpp:
2731         (WebCore::SVGImage::SVGImage):
2732         * platform/graphics/svg/SVGImage.h:
2733
2734 2007-03-06  Alexey Proskuryakov  <ap@webkit.org>
2735
2736         Reviewed by Sam Weinig.
2737
2738         http://bugs.webkit.org/show_bug.cgi?id=12987
2739         Fix and import 4XPath test_numeric_expr.html
2740
2741         * xml/XPathPredicate.cpp:
2742         (WebCore::XPath::Negative::doEvaluate): Convert the argument to number.
2743         (WebCore::XPath::NumericOp::doEvaluate): Convert the arguments to numbers. Use a correct operation for mod.
2744         * xml/XPathStep.cpp:
2745         (WebCore::XPath::Step::nodesInAxis): Do not append parent node if there is none.
2746         * xml/XPathValue.cpp:
2747         (WebCore::XPath::Value::toNumber): Do not convert to DeprecatedString just to trim whitespace and to convert to double.
2748         * platform/DeprecatedString.cpp:
2749         (WebCore::DeprecatedStringData::makeAscii): Added a FIXME about unreliable makeAscii() behavior.
2750
2751 2007-03-06  Maciej Stachowiak  <mjs@apple.com>
2752
2753         Reviewed by Adele.
2754
2755         <rdar://problem/4619663> REGRESSION (NativePopup): Popup menu doesn't draw at the correct vertical position (9816)
2756         
2757         * platform/mac/PopupMenuMac.mm:
2758         (WebCore::PopupMenu::show): Make a temporary dummy view with the
2759         passed in rect, since AppKit will use the view bounds to determine
2760         what area to exclude when popping up a menu moved to the top of
2761         the screen.
2762
2763 2007-03-06  Geoffrey Garen  <ggaren@apple.com>
2764
2765         Reviewed by Maciej Stachowiak.
2766
2767         Fixed all known crashers exposed by run-webkit-tests --threaded [*]. See 
2768         JavaScriptCore ChangeLog for more details.
2769
2770         * bindings/js/kjs_binding.cpp:
2771         (KJS::domNodesPerDocument): Added thread safety ASSERT.
2772         (KJS::ScriptInterpreter::mark): Removed obsolete logic for marking unsafe
2773         objects when collecting on a secondary thread. The Collector takes care
2774         of this now.
2775
2776         * bindings/js/kjs_binding.h:
2777         (KJS::DOMObject::DOMObject): Used new API for specifying that WebCore
2778         objects should be garbage collected on the main thread only.
2779
2780         * bindings/js/kjs_window.cpp:
2781         (KJS::ScheduledAction::execute): Moved JSLock to cover implementedsCall() call,
2782         which, for some subclasses, ends up allocating garbage collected objects.
2783         (This fix was speculative. I didn't actually see a crash from this.)
2784         (KJS::Window::timerFired): Added JSLock around ScheduleAction destruction,
2785         since it destroys a KJS::List.
2786
2787         * bindings/objc/WebScriptObject.mm:
2788         (-[WebScriptObject setException:]): Added JSLock. (This fix was speculative. 
2789         I didn't actually see a crash from this.)
2790
2791         * bridge/mac/WebCoreScriptDebugger.mm:
2792         (-[WebCoreScriptCallFrame evaluateWebScript:]): Added JSLock. (This fix 
2793         was speculative. I didn't actually see a crash from this.)
2794
2795         * dom/Document.cpp:
2796         (WebCore::Document::~Document): Added JSLock around modification to 
2797         domNodesPerDocument(), which can be accessed concurrently during garbage 
2798         collection.
2799         * dom/Node.cpp:
2800         (WebCore::Node::setDocument): ditto.
2801         
2802         [*] fast/js/toString-stack-overflow.html is an exception. --threaded mode
2803         crashes this test because it causes the garbage collector to run frequently,
2804         and this test crashes if you happen to garbage collect while it's running.
2805         This is a known issue with stack overflow during the mark phase. It's
2806         not related to threading.
2807
2808 2007-03-06  Mark Rowe  <mrowe@apple.com>
2809
2810         Reviewed by Sam Weinig.
2811
2812         Fix http://bugs.webkit.org/show_bug.cgi?id=12942
2813         Bug 12942: ASSERTION FAILURE: qantas.com.au changing selected item in <select> via JS
2814
2815         Test: fast/dom/select-selectedIndex-bug-12942.html.
2816
2817         * html/HTMLSelectElement.cpp:
2818         (WebCore::HTMLSelectElement::recalcListItems): Reset m_lastOnChangeIndex when recalculating list items.
2819         * html/HTMLSelectElement.h:
2820
2821 2007-03-06  Brady Eidson  <beidson@apple.com>
2822
2823         Rubberstamped by Kevin Decker
2824
2825         20,000!
2826
2827         * ChangeLog: Point out revision 20,000
2828
2829 2007-03-06  Krzysztof Kowalczyk  <kkowalczyk@gmail.com>
2830
2831         Not reviewed.
2832
2833         Gdk build fix.
2834
2835         * loader/gdk/FrameLoaderClientGdk.cpp: update userAgent() signature.
2836         (WebCore::FrameLoaderClientGdk::userAgent):
2837         * loader/gdk/FrameLoaderClientGdk.h: ditto.
2838
2839 2007-03-06  Mitz Pettel  <mitz@webkit.org>
2840
2841         Reviewed by Adele.
2842
2843         - fix http://bugs.webkit.org/show_bug.cgi?id=12986
2844           REGRESSION(NativeListBox): Listboxes not updated when resized dynamically
2845
2846         Test: fast/forms/select-change-listbox-size.html
2847
2848         * html/HTMLSelectElement.cpp:
2849         (WebCore::HTMLSelectElement::parseMappedAttribute): Reattach on list box size change.
2850
2851 2007-03-06  Mitz Pettel  <mitz@webkit.org>
2852
2853         Reviewed by Dave Hyatt.
2854
2855         - fix http://bugs.webkit.org/show_bug.cgi?id=12885
2856           REGRESSION (r19696): Incomplete background repaint
2857
2858         Tests: fast/repaint/content-into-overflow.html
2859                fast/repaint/overflow-into-content.html
2860
2861         Changed repaintAfterLayoutIfNeeded() to take, in addition to the clipped overflow
2862         rect, the unclipped border box plus outline, and to repaint any areas that
2863         were added or removed from that box, in addition to any areas added or removed
2864         from the clipped overflow rect.
2865
2866         * platform/graphics/svg/SVGResourceMarker.cpp:
2867         (WebCore::SVGResourceMarker::draw):
2868         * rendering/RenderBlock.cpp:
2869         (WebCore::RenderBlock::layoutBlock):
2870         * rendering/RenderBox.cpp:
2871         (WebCore::RenderBox::absoluteClippedOverflowRect): Renamed getAbsoluteRepaintRect() to
2872         this.
2873         * rendering/RenderBox.h:
2874         * rendering/RenderFlexibleBox.cpp:
2875         (WebCore::RenderFlexibleBox::layoutBlock):
2876         * rendering/RenderFlow.cpp:
2877         (WebCore::RenderFlow::absoluteClippedOverflowRect):
2878         * rendering/RenderFlow.h:
2879         * rendering/RenderForeignObject.cpp:
2880         (WebCore::RenderForeignObject::layout):
2881         * rendering/RenderHTMLCanvas.cpp:
2882         (WebCore::RenderHTMLCanvas::layout):
2883         * rendering/RenderImage.cpp:
2884         (WebCore::RenderImage::layout):
2885         * rendering/RenderLayer.cpp:
2886         (WebCore::RenderLayer::RenderLayer):
2887         (WebCore::RenderLayer::checkForRepaintOnResize):
2888         (WebCore::RenderLayer::updateLayerPositions):
2889         * rendering/RenderLayer.h:
2890         * rendering/RenderObject.cpp:
2891         (WebCore::RenderObject::repaint):
2892         (WebCore::RenderObject::repaintAfterLayoutIfNeeded):
2893         (WebCore::RenderObject::getAbsoluteRepaintRectWithOutline):
2894         (WebCore::RenderObject::absoluteClippedOverflowRect):
2895         (WebCore::RenderObject::absoluteOutlineBox):
2896         * rendering/RenderObject.h:
2897         * rendering/RenderPath.cpp:
2898         (WebCore::RenderPath::layout):
2899         (WebCore::RenderPath::absoluteClippedOverflowRect):
2900         (WebCore::RenderPath::absoluteRects):
2901         (WebCore::RenderPath::drawMarkersIfNeeded):
2902         * rendering/RenderPath.h:
2903         * rendering/RenderSVGContainer.cpp:
2904         (WebCore::RenderSVGContainer::layout):
2905         (WebCore::RenderSVGContainer::absoluteClippedOverflowRect):
2906         (WebCore::RenderSVGContainer::absoluteRects):
2907         * rendering/RenderSVGContainer.h:
2908         * rendering/RenderSVGHiddenContainer.cpp:
2909         (WebCore::RenderSVGHiddenContainer::absoluteClippedOverflowRect):
2910         * rendering/RenderSVGHiddenContainer.h:
2911         * rendering/RenderSVGImage.cpp:
2912         (WebCore::RenderSVGImage::imageChanged):
2913         (WebCore::RenderSVGImage::absoluteClippedOverflowRect):
2914         (WebCore::RenderSVGImage::absoluteRects):
2915         * rendering/RenderSVGImage.h:
2916         * rendering/RenderSVGText.cpp:
2917         (WebCore::RenderSVGText::absoluteClippedOverflowRect):
2918         (WebCore::RenderSVGText::layout):
2919         (WebCore::RenderSVGText::absoluteRects):
2920         * rendering/RenderSVGText.h:
2921         * rendering/RenderTable.cpp:
2922         (WebCore::RenderTable::layout):
2923         * rendering/RenderTableCell.cpp:
2924         (WebCore::RenderTableCell::absoluteClippedOverflowRect):
2925         * rendering/RenderTableCell.h:
2926         * rendering/RenderTableCol.cpp:
2927         (WebCore::RenderTableCol::absoluteClippedOverflowRect):
2928         * rendering/RenderTableCol.h:
2929         * rendering/RenderTableRow.cpp:
2930         (WebCore::RenderTableRow::absoluteClippedOverflowRect):
2931         * rendering/RenderTableRow.h:
2932         * rendering/RenderText.cpp:
2933         (WebCore::RenderText::absoluteClippedOverflowRect):
2934         * rendering/RenderText.h:
2935
2936 2007-03-06  Ian Eng <ian.eng.webkit@gmail.com>
2937
2938         Reviewed by Maciej.
2939
2940         - fixed http://bugs.webkit.org/show_bug.cgi?id=12720
2941         Bug 12720: Re-defining window.location.toString function keeps re-loading forever
2942
2943         * bindings/js/kjs_window.cpp:
2944         Disallow replacing functions in LocationTable, and return early without updating URL.
2945
2946 2007-03-06  Kevin McCullough  <kmccullough@apple.com>
2947
2948         Reviewed by Darin.
2949
2950         <http://bugs.webkit.org/show_bug.cgi?id=12686>
2951         REGRESSION: Bloglines.com Feeds tab cannot expand folders in TOT
2952         - Now all class constructors implement implementsHasInstance.
2953
2954         * bindings/scripts/CodeGeneratorJS.pm:
2955
2956 2007-03-07  Nikolas Zimmermann  <zimmermann@kde.org>
2957
2958         Reviewed by Rob & Oliver.
2959
2960         Preparations for the new SVG text engine.
2961
2962         Handle baseline-shift / kerning css values correctly.
2963         Recognize missing svg presentation attribute "font-size-adjust".
2964         Add all missing svg<->css property mappings in mapToEntry().
2965
2966         Doesn't affect any layout test (as these properties are not used w/o my text patch).
2967         While I'm at it, unify the macro names (RS_ -> SVG_RS_) & cleanup style a bit.
2968
2969         * ksvg2/css/CSSPropertyNames.in:
2970         * ksvg2/css/SVGCSSParser.cpp:
2971         (WebCore::CSSParser::parseSVGValue):
2972         * ksvg2/css/SVGCSSStyleSelector.cpp:
2973         (WebCore::CSSStyleSelector::applySVGProperty):
2974         * ksvg2/css/SVGRenderStyle.cpp:
2975         (WebCore::SVGRenderStyle::SVGRenderStyle):
2976         (WebCore::SVGRenderStyle::operator==):
2977         (WebCore::SVGRenderStyle::inheritedNotEqual):
2978         (WebCore::SVGRenderStyle::inheritFrom):
2979         * ksvg2/css/SVGRenderStyle.h:
2980         (WebCore::SVGRenderStyle::NonInheritedFlags::):
2981         (WebCore::SVGRenderStyle::setBitDefaults):
2982         * ksvg2/css/SVGRenderStyleDefs.cpp:
2983         (StyleTextData::StyleTextData):
2984         (StyleTextData::operator==):
2985         (StyleMiscData::StyleMiscData):
2986         (StyleMiscData::operator==):
2987         * ksvg2/css/SVGRenderStyleDefs.h:
2988         (WebCore::):
2989         (WebCore::StyleTextData::operator!=):
2990         * ksvg2/svg/SVGStyledElement.cpp:
2991         (WebCore::SVGStyledElement::cssPropertyIdForSVGAttributeName):
2992
2993 2007-03-06  Justin Garcia  <justin.garcia@apple.com>
2994
2995         Reviewed by kevin
2996         
2997         <http://bugs.webkit.org/show_bug.cgi?id=12245>
2998         FCKeditor: Remove Format sometimes doesn't work
2999         <rdar://problem/4786404>
3000         Underline style is not removed from selection after performing Remove Format
3001
3002         * editing/Editor.cpp:
3003         (WebCore::Editor::removeFormattingAndStyle): Re-wrote this.
3004
3005 2007-03-07  Nikolas Zimmermann  <zimmermann@kde.org>
3006
3007         Reviewed by Oliver.
3008
3009         Fixes: http://bugs.webkit.org/show_bug.cgi?id=12979
3010         Fixes: http://bugs.webkit.org/show_bug.cgi?id=12981
3011
3012         Guard against registering pending resources with empty id.
3013         Be careful with calling recalcStyle() in SVGUseElement, when change is "Detach" we
3014         have to use special code, as calling attach() on the shadow tree root element will crash,
3015         because it has no (direct) parent node, only a shadow parent node element.
3016
3017         * ksvg2/misc/SVGDocumentExtensions.cpp:
3018         (WebCore::SVGDocumentExtensions::addPendingResource):
3019         * ksvg2/svg/SVGUseElement.cpp:
3020         (WebCore::SVGUseElement::recalcStyle):
3021
3022 2007-03-06  Kevin Decker  <kdecker@apple.com>
3023
3024         Reviewed by Adele.
3025
3026         Fixed: <rdar://problem/5041660> REGRESSION: <keygen> element broken, prevents users from signing up for Thawte email certs
3027         
3028         * bindings/objc/DOM.mm:
3029         (WebCore::createElementClassMap): Added <keygen> to the DOM bindings so it can be accessed from Objective-C.
3030         * css/html4.css: Apply the look of the <select> element to <keygen>.
3031         * html/HTMLElementFactory.cpp:
3032         (WebCore::keygenConstructor): Added. 
3033         (WebCore::createFunctionMap): Added keygen.
3034         * html/HTMLSelectElement.cpp: Made const typeAheadTimeout variable static const. 
3035         (WebCore::HTMLSelectElement::HTMLSelectElement):  Fix both HTMLSelectElement constructors to initialize the
3036          same number of member variables. The fact that some fields were not initialized could (and would) crash the
3037          keygen element when selecting different items. Also removed m_typedString(String()) from the constructor
3038          initialization because this is not needed.
3039
3040 2007-03-06  Kevin McCullough  <kmccullough@apple.com>
3041
3042         Reviewed by Darin.
3043
3044         - Rename a function to clarify its purpose.
3045
3046         * WebCore.exp:
3047         * loader/FrameLoader.cpp:
3048         (WebCore::FrameLoader::registerURLSchemeAsLocal):
3049         * loader/FrameLoader.h:
3050
3051 2007-03-06  Adam Roben  <aroben@apple.com>
3052
3053         Build fix.
3054
3055         * WebCore.exp: Updated symbols.
3056
3057 2007-03-06  Adam Roben  <aroben@apple.com>
3058
3059         Reviewed by Anders.
3060
3061         Added a parameter to all StringTruncator methods to specify whether
3062         rounding hacks should be on or off.
3063
3064         No layout test possible.
3065
3066         * platform/StringTruncator.cpp:
3067         (WebCore::stringWidth): Added disableRoundingHacks parameter.
3068         (WebCore::truncateString): Ditto.
3069         (WebCore::StringTruncator::centerTruncate): Ditto.
3070         (WebCore::StringTruncator::rightTruncate): Ditto.
3071         (WebCore::StringTruncator::width): Ditto.
3072         * platform/StringTruncator.h: Ditto.
3073         * platform/mac/FileChooserMac.mm:
3074         (WebCore::FileChooser::basenameForWidth): Pass in false to
3075         centerTruncate so that the truncation matches the way the text will be
3076         rendered.
3077
3078 2007-03-06  Anders Carlsson  <acarlsson@apple.com>
3079
3080         Reviewed by Maciej.
3081
3082         <rdar://problem/5035045>
3083         REGRESSION: WebKit browser doesn't display image at http://www.metoffice.gov.uk/weather/satellite/index.html
3084         
3085         It turns out WinIE does allow you to access images by their id as special document properties. However, this is only
3086         allowed when the element also has a name attribute. The value of the name attribute is ignored and can even be empty!
3087         
3088         * bindings/js/kjs_html.cpp:
3089         (KJS::JSHTMLDocument::namedItemGetter):
3090         Return jsUndefined() if the collection is empty.
3091         
3092         * html/HTMLImageElement.cpp:
3093         (WebCore::HTMLImageElement::parseMappedAttribute):
3094         (WebCore::HTMLImageElement::insertedIntoDocument):
3095         (WebCore::HTMLImageElement::removedFromDocument):
3096         * html/HTMLImageElement.h:
3097         Add the id attribute value to the extra named item map.
3098         
3099         * html/HTMLNameCollection.cpp:
3100         (WebCore::HTMLNameCollection::traverseNextItem):
3101         Check for images with name attributes that match, as well as elements with id attributes that match where
3102         the element also has a name attribute.
3103
3104 2007-03-06  Anders Carlsson  <acarlsson@apple.com>
3105
3106         Reviewed by Adam.
3107
3108         WebCore part of patch to make it possible to have different user agents for different URLs.
3109
3110         * bindings/js/kjs_navigator.cpp:
3111         (KJS::Navigator::getValueProperty):
3112         * bindings/js/kjs_proxy.cpp:
3113         (WebCore::KJSProxy::initScriptIfNeeded):
3114         * loader/DocumentLoader.cpp:
3115         (WebCore::DocumentLoader::setLoading):
3116         * loader/FrameLoader.cpp:
3117         (WebCore::FrameLoader::userAgent):
3118         (WebCore::FrameLoader::loadResourceSynchronously):
3119         (WebCore::FrameLoader::applyUserAgent):
3120         * loader/FrameLoader.h:
3121         * loader/FrameLoaderClient.h:
3122         * platform/graphics/svg/SVGImageEmptyClients.h:
3123         (WebCore::SVGEmptyFrameLoaderClient::userAgent):
3124
3125 2007-03-05  Kevin McCullough  <kmccullough@apple.com>
3126
3127         Reviewed by Mark and Dave H.
3128
3129         - rdar://problem/5038491
3130         An oversight of the security fix that prevented remote from loading local is that it
3131         prevents user style sheets when the site is remote.  This fixes that.
3132
3133         * loader/Cache.cpp: Propogate and check user style sheet flag.
3134         (WebCore::createResource):
3135         (WebCore::Cache::requestResource):
3136         * loader/Cache.h: Propogate user style sheet flag.
3137         * loader/CachedCSSStyleSheet.cpp: Propogate user style sheet flag.
3138         (WebCore::CachedCSSStyleSheet::CachedCSSStyleSheet):
3139         * loader/CachedCSSStyleSheet.h: Propogate user style sheet flag.
3140         * loader/DocLoader.cpp: Propogate user style sheet flag.
3141         (WebCore::DocLoader::requestResource):
3142         * loader/SubresourceLoader.cpp: Propogate and check user style sheet flag.
3143         (WebCore::SubresourceLoader::create):
3144         * loader/SubresourceLoader.h: Add check for user style sheet flag.
3145         * loader/loader.cpp: Propogate user style sheet flag.
3146         (WebCore::Loader::load):
3147         (WebCore::Loader::servePendingRequests):
3148         * loader/loader.h: Propogate user style sheet flag.
3149
3150 2007-03-06  Nikolas Zimmermann  <zimmermann@kde.org>
3151
3152         Reviewed by Darin.
3153
3154         Fixes: http://bugs.webkit.org/show_bug.cgi?id=12936 (Master bug used to track all current use problems.)
3155
3156         Fixes: http://bugs.webkit.org/show_bug.cgi?id=12926 (transform attribute not respected in nested <use> elements)
3157         Fixes: http://bugs.webkit.org/show_bug.cgi?id=12267 (getElementById broken for <use>)
3158         Fixes: http://bugs.webkit.org/show_bug.cgi?id=12916 (use instance in symbol definition does not work)
3159         Fixes: http://bugs.webkit.org/show_bug.cgi?id=12917 (mouseout event does not occur after scaling use instance)
3160         Fixes: http://bugs.webkit.org/show_bug.cgi?id=12838 (SVG <use> DOM broken for script)
3161
3162         Added test: svg/custom/use-nested-transform.svg
3163         Added test: svg/custom/struct-use-09-b.svg (not yet official W3C-SVG-1.1 testcase)
3164         Fixes test: svg/custom/use-elementInstance-event-target.svg (rectangle now turns green on first click)
3165
3166         Fix all (except one) known <use> bug. The remaining bug (12630) is not crucical at all.
3167         Enable <use> again as default SVG feature, as discussed on webkit-dev.
3168
3169         dom/Element.cpp needed following tweak: set hasParentStyle to true, if there is no parentNode
3170         available - which happens for <use> nodes, as it's a shadow node. This fixes recalcStyle behaviour.
3171         Override recalcStyle() in SVGUseElement, and properly forward the call to the shadow tree root element.
3172         The shadow tree now receives proper style updates (without having to recreate the whole tree!).
3173
3174         Override attributeChanged() in SVGUseElement and only call notifyAttributeChange if one of x/y/width/height/xlink:href
3175         attribute changed - otherwhise we'll end up recreating the tree for every transform/style/(non-existing-attribute) change.
3176
3177         Do not override transform in nested use situations, but correctly append (right-sided) the translation of the <use> element.
3178         Some cosmetic fixes: don't add transform="translate(0 0)" attributes if both x/y values are null in the shadow tree.
3179
3180         Factor out logic for replacing symbol/svg tags in the shadow tree, and also invoke it during expandUseElementsInShadowTree -
3181         otherwhise <symbol><use xlink:href="#someOtherSymbol"></symbol> the <use> gets expanded to a <symbol>. Though no one expands
3182         the <symbol> element - and we're end up in hitting an assertion. Avoid that.
3183
3184         * bindings/js/JSSVGElementWrapperFactory.cpp:
3185         * bindings/js/kjs_dom.cpp:
3186         (KJS::toJS):
3187         * bindings/objc/DOM.mm:
3188         (WebCore::createElementClassMap):
3189         * dom/Element.cpp:
3190         (WebCore::Element::recalcStyle):
3191         * ksvg2/svg/SVGElement.cpp:
3192         (WebCore::shadowTreeParentElementForShadowTreeElement):
3193         (WebCore::SVGElement::dispatchEvent):
3194         * ksvg2/svg/SVGElementInstance.cpp:
3195         * ksvg2/svg/SVGElementInstance.h:
3196         * ksvg2/svg/SVGElementInstance.idl:
3197         * ksvg2/svg/SVGElementInstanceList.cpp:
3198         * ksvg2/svg/SVGElementInstanceList.h:
3199         * ksvg2/svg/SVGElementInstanceList.idl:
3200         * ksvg2/svg/SVGStyledElement.cpp:
3201         (WebCore::SVGStyledElement::notifyAttributeChange):
3202         (WebCore::SVGStyledElement::updateElementInstance):
3203         * ksvg2/svg/SVGStyledElement.h:
3204         * ksvg2/svg/SVGUseElement.cpp:
3205         (WebCore::SVGUseElement::attributeChanged):
3206         (WebCore::SVGUseElement::notifyAttributeChange):
3207         (WebCore::SVGUseElement::recalcStyle):
3208         (WebCore::SVGUseElement::buildPendingResource):
3209         (WebCore::SVGUseElement::buildShadowTreeForSymbolTag):
3210         (WebCore::SVGUseElement::alterShadowTreeForSVGTag):
3211         (WebCore::SVGUseElement::buildShadowTree):
3212         (WebCore::SVGUseElement::expandUseElementsInShadowTree):
3213         (WebCore::SVGUseElement::attachShadowTree):
3214         * ksvg2/svg/SVGUseElement.h:
3215         * ksvg2/svg/SVGUseElement.idl:
3216         * ksvg2/svg/svgtags.in:
3217
3218 2007-03-05  Brady Eidson  <beidson@apple.com>
3219
3220         Reviewed by John
3221
3222         Fixes <rdar://problem/4974258>
3223         Adds some key null checking
3224
3225         * bindings/js/kjs_html.cpp:
3226         (KJS::JSHTMLElement::implementsCall): Null check doc/frame
3227         * bindings/objc/DOMInternal.mm:
3228         (-[WebScriptObject _initializeScriptDOMNodeImp]): Null check doc/frame
3229
3230 2007-03-06  Nikolas Zimmermann  <zimmermann@kde.org>
3231
3232         Reviewed by Darin.
3233
3234         Path::normalAngleAtLength() / Path::pointAtLength() don't work correctly.
3235         pointAtLength() was not implemented, basically and normalAngleAtLength()
3236         had a bug in the tangent slope calculation.
3237
3238         The normalAngleAtLength() stuff can only be tested with my local textPath support.
3239         New LayoutTest: svg/custom/path-textPath-simulation.svg
3240
3241         * platform/graphics/Path.cpp:
3242         (WebCore::pathLengthApplierFunction):
3243         * platform/graphics/PathTraversalState.cpp:
3244         (WebCore::PathTraversalState::quadraticBezierTo):
3245         (WebCore::PathTraversalState::cubicBezierTo):
3246         * platform/graphics/PathTraversalState.h:
3247         (WebCore::PathTraversalState::):
3248
3249 2007-03-05  Alexey Proskuryakov  <ap@webkit.org>
3250
3251         Reviewed by Darin.
3252
3253         http://bugs.webkit.org/show_bug.cgi?id=12970
3254         Fix and import 4XPath test_core_functions.html test
3255
3256         * xml/XPathExpression.cpp:
3257         (WebCore::XPathExpression::evaluate): Fully initialize the evaluation context.
3258
3259         * xml/XPathFunctions.cpp:
3260         (WebCore::XPath::FunSubstring::doEvaluate): Fixed handling of edge cases.
3261         (WebCore::XPath::FunRound::round): Reimplemented to match the spec; exposed FunRound::round() to be used in
3262         other functions.
3263
3264 2007-03-05  Alexey Proskuryakov  <ap@webkit.org>
3265
3266         Reviewed by Darin.
3267
3268         http://bugs.webkit.org/show_bug.cgi?id=12954
3269         XPath relative operations are implemented incorrectly
3270
3271         * xml/XPathPredicate.cpp:
3272         (WebCore::XPath::NumericOp::doEvaluate):
3273         (WebCore::XPath::EqTestOp::compare):
3274         (WebCore::XPath::EqTestOp::doEvaluate):
3275         Reimplemented relative equality operations to match the spec.
3276
3277         * xml/XPathPredicate.h:
3278         (WebCore::XPath::NumericOp::):
3279         (WebCore::XPath::EqTestOp::):
3280         Moved relative operations to EqTestOp.
3281
3282         * xml/XPathGrammar.y:
3283         * xml/XPathParser.cpp:
3284         (WebCore::XPath::Parser::nextTokenInternal):
3285         (WebCore::XPath::Parser::lex):
3286         Adapted for the above changes.
3287
3288 2007-03-05  Mark Rowe  <mrowe@apple.com>
3289
3290         Reviewed by Lars.
3291
3292         Fix http://bugs.webkit.org/show_bug.cgi?id=12947
3293         Bug 12947: REGRESSION: ASSERTION FAILED: maxWidth >= 0 in StringTruncator.cpp:109 in WebCore::truncateString()
3294
3295         Handle nil window correctly in toUserSpace and toDeviceSpace.  On Intel Macs a message to nil that returns a
3296         float will return 0.0.  We use this as the divisor in calculating a scale factor, which results in NaN being
3297         introduced into our rect.
3298
3299         * platform/mac/ScreenMac.mm:
3300         (WebCore::toUserSpace):
3301         (WebCore::toDeviceSpace):
3302
3303 2007-03-05  Rob Buis  <buis@kde.org>
3304
3305         Reviewed by Darin.
3306
3307         http://bugs.webkit.org/show_bug.cgi?id=12868
3308         parts of the CSS classes in this simple SVG example are not applied
3309
3310         Make sure the xml stylesheets are parsed in strict mode.
3311
3312         * dom/ProcessingInstruction.cpp:
3313         (WebCore::ProcessingInstruction::parseStyleSheet):
3314
3315 2007-03-04  Adele Peterson  <adele@apple.com>
3316
3317         Reviewed by Darin.
3318
3319         Change to dispatch the keypress event during the defaultEventHandler for keydown events.  This matches IE behavior.
3320         This is preparation for fixing event dispatch with input methods (http://bugs.webkit.org/show_bug.cgi?id=10871)
3321
3322         Test: fast/events/keydown-keypress-preventDefault.html
3323
3324         * dom/EventTargetNode.cpp: (WebCore::EventTargetNode::defaultEventHandler): Call the defaultKeyboardEventHandler for keydown events.
3325         * page/EventHandler.cpp:
3326         (WebCore::eventTargetNodeForDocument): Return 0 instead of false since the return type in EventTargetNode.
3327         (WebCore::EventHandler::keyEvent): Removed dispatch of keypress event, since this is now done in the default event handler.
3328         (WebCore::EventHandler::defaultKeyboardEventHandler): For keydown events, create and dispatch a keypress event.
3329
3330 2007-03-04  Alexey Proskuryakov  <ap@webkit.org>
3331
3332         Reviewed by Nikolas Zimmermann (yay!).
3333
3334         http://bugs.webkit.org/show_bug.cgi?id=12962
3335         4XPath tests crash on lang() function
3336
3337         Covered by 4XPath tests, to be landed later.
3338
3339         * platform/StringImpl.cpp:
3340         (WebCore::StringImpl::reverseFind): Do not crash with empty strings.
3341         * xml/XPathFunctions.cpp:
3342         (WebCore::XPath::FunLang::doEvaluate): Do not crash when an element has no
3343         attributes. Use a proper namespace for xml:lang (not sure where "xms" came from).
3344         Rewrote the algorithm for suffix removing to match the spec.
3345
3346 2007-03-02  Anders Carlsson  <acarlsson@apple.com>
3347
3348         Reviewed by Darin.
3349
3350         <rdar://problem/5028165> 
3351         http://bugs.webkit.org/show_bug.cgi?id=12915
3352         REGRESSION: XMLHttpRequest.abort() does not stop loading (12915)
3353         
3354         * loader/DocumentLoader.cpp:
3355         (WebCore::DocumentLoader::stopLoading):
3356         Save the value of m_loading since calling FrameLoader::stopLoading could set it to false.
3357         
3358         * loader/SubresourceLoader.cpp:
3359         (WebCore::SubresourceLoader::didCancel):
3360         * loader/SubresourceLoader.h:
3361         Get rid of didCancel now, it's not needed anymore.
3362         
3363         * xml/xmlhttprequest.cpp:
3364         (WebCore::XMLHttpRequest::abort):
3365         Call cancel() instead of stopLoading(). Also, set m_aborted to true so the XMLHttpRequest object
3366         won't be dereferenced in didFail when aborting.
3367
3368 2007-03-04  Krzysztof Kowalczyk  <kkowalczyk@gmail.com>
3369
3370         Reviewed by Nikolas Zimmermann.
3371
3372         Move ScrollView stubs to ScrollViewGdk.cpp
3373
3374         * platform/gdk/FrameGdk.h: remove comment that no longer makes sense
3375         * platform/gdk/ScrollViewGdk.cpp:
3376         (WebCore::ScrollView::addChild):
3377         (WebCore::ScrollView::removeChild):
3378         (WebCore::ScrollView::scrollPointRecursively):
3379         (WebCore::ScrollView::inWindow):
3380         (WebCore::ScrollView::wheelEvent):
3381         (WebCore::ScrollView::updateScrollbars):
3382         (WebCore::ScrollView::updateScrollInfo):
3383         (WebCore::ScrollView::windowToContents):
3384         (WebCore::ScrollView::contentsToWindow):
3385         (WebCore::ScrollView::scrollbarUnderMouse):
3386         * platform/gdk/TemporaryLinkStubs.cpp:
3387
3388 2007-03-02  Kevin McCullough  <kmccullough@apple.com>
3389
3390         Reviewed by Geoff.
3391
3392         - rdar://problem/4922454
3393         - This fixes a security issue by making remote referrers not able to access local
3394         resources, unless they register their schemes to be treated as local. The result is
3395         that those schemes can access local resources and cannot be accessed by remote
3396         referrers.
3397         Because this behavior is new a link-on-or-after check is made to determine if the
3398         app should use the older, less safe, behavior.
3399
3400         * WebCore.exp: added exported functions
3401         * bindings/objc/DOM.mm: consolodated function to base class
3402         (-[DOMElement image]):
3403         (-[DOMElement _imageTIFFRepresentation]):
3404         * dom/Document.cpp: Cache the document's ability to load local resources.
3405         (WebCore::Document::Document):
3406         (WebCore::Document::setURL):
3407         (WebCore::Document::shouldBeAllowedToLoadLocalResources):
3408         (WebCore::Document::stylesheetLoaded):
3409         * dom/Document.h: Cache the docuent's ability to load local resources.
3410         (WebCore::Document::getPendingSheet):
3411         (WebCore::Document::isAllowedToLoadLocalResources):
3412         * html/HTMLImageLoader.cpp: Moved functionality into base class.
3413         (WebCore::HTMLImageLoader::updateFromElement):
3414         (WebCore::HTMLImageLoader::dispatchLoadEvent):
3415         * html/HTMLLinkElement.cpp: Handles null returns correctly now.
3416         * html/HTMLTokenizer.cpp: Moved functionality into base class.
3417         (WebCore::HTMLTokenizer::notifyFinished):
3418         * ksvg2/misc/SVGImageLoader.cpp: Moved functionality into base class.
3419         (WebCore::SVGImageLoader::dispatchLoadEvent):
3420         * loader/Cache.cpp: Checks if the cached resource can be loaded.
3421         (WebCore::Cache::requestResource):
3422         * loader/CachedCSSStyleSheet.cpp: Moved functionality into base class.
3423         (WebCore::CachedCSSStyleSheet::ref):
3424         (WebCore::CachedCSSStyleSheet::error):
3425         * loader/CachedImage.cpp: Moved functionality into base class.
3426         (WebCore::CachedImage::CachedImage):
3427         * loader/CachedImage.h: Moved functionality into base class.
3428         (WebCore::CachedImage::canRender):
3429         * loader/CachedResource.cpp: Cache if the CachedResource should be treated as local
3430         (WebCore::CachedResource::CachedResource):
3431         * loader/CachedResource.h: Moved functionality into base class.
3432         (WebCore::CachedResource::errorOccurred):
3433         (WebCore::CachedResource::shouldTreatAsLocal):
3434         * loader/CachedScript.cpp: Moved functionality into base class.
3435         (WebCore::CachedScript::CachedScript):
3436         * loader/CachedScript.h: Moved functionality into base class.
3437         (WebCore::CachedScript::schedule):
3438         * loader/CachedXBLDocument.cpp: Moved functionality into base class.
3439         (WebCore::CachedXBLDocument::error):
3440         * loader/CachedXSLStyleSheet.cpp: Moved functionality into base class.
3441         (WebCore::CachedXSLStyleSheet::error):
3442         * loader/FrameLoader.cpp: See comments for each function below.
3443         (WebCore::FrameLoader::loadSubframe): Use new canLoad.
3444         (WebCore::FrameLoader::restrictAccessToLocal): return value of linked-on-or-after check.
3445         (WebCore::FrameLoader::setRestrictAccessToLocal): set value for linked-on-or-after check.
3446         (WebCore::localSchemes): Return set of schemes that are to be treated as local.
3447         (WebCore::FrameLoader::loadPlugin): Use new canLoad.
3448         (WebCore::FrameLoader::canLoad): Now multiple functions that each do the same work but some can take advantage of the cached values, if they were computed previously.
3449         (WebCore::FrameLoader::shouldHideReferrer): Extracted out the logic to determine if the referrer should be hidden so it is only calculated when needed.
3450         (WebCore::FrameLoader::loadResourceSynchronously): No longer calls canLoad to get hideReferrer info.
3451         (WebCore::FrameLoader::registerSchemeAsLocal): Functionality to register a scheme to be treated as local.
3452         (WebCore::FrameLoader::treatURLAsLocal): Given a URL this function determines if it should be treated as local.
3453         * loader/FrameLoader.h: Declared functions for this security fix.  See above.
3454         * loader/MainResourceLoader.cpp: Optized order of bools to regain performance.
3455         (WebCore::MainResourceLoader::continueAfterContentPolicy):
3456         * loader/SubresourceLoader.cpp: Now restricts remote from loading local resources.
3457         (WebCore::SubresourceLoader::create):
3458         * page/EventHandler.cpp: Moved functionality into base class.
3459         (WebCore::selectCursor):
3460         * platform/KURL.cpp: KURLs need to check all the registered schemes now.
3461         (WebCore::KURL::isLocalFile):
3462         * rendering/HitTestResult.cpp: Moved functionality into base class.
3463         (WebCore::HitTestResult::image):
3464         * rendering/RenderImage.cpp: Moved functionality into base class.
3465         (WebCore::RenderImage::setCachedImage):
3466         (WebCore::RenderImage::imageChanged):
3467         (WebCore::RenderImage::paint):
3468         (WebCore::RenderImage::layout):
3469         (WebCore::RenderImage::calcAspectRatioWidth):
3470         (WebCore::RenderImage::calcAspectRatioHeight):
3471         * rendering/RenderImage.h: Moved functionality into base class.
3472         (WebCore::RenderImage::errorOccurred):
3473         * rendering/RenderListItem.cpp: Moved functionality into base class.
3474         (WebCore::RenderListItem::setStyle):
3475         * rendering/RenderListMarker.cpp: Moved functionality into base class.
3476         (WebCore::RenderListMarker::isImage):
3477         * xml/xmlhttprequest.cpp: Check doc's cached value instead of determining independently.
3478         (WebCore::XMLHttpRequest::urlMatchesDocumentDomain):
3479
3480 2007-03-02  Justin Garcia  <justin.garcia@apple.com>
3481
3482         Reviewed by kevin
3483         
3484         <rdar://problem/5028447>
3485         REGRESSION: Gmail Editor: Copied message text pastes at the wrong font size
3486
3487         * editing/markup.cpp:
3488         (WebCore::createMarkup): The style of the div that holds
3489         a fully selected body's styles didn't include styles inherited
3490         from the body's ancestors.
3491         
3492 2007-03-02  Justin Garcia  <justin.garcia@apple.com>
3493
3494         Reviewed by harrison
3495
3496         <rdar://problem/4545040>
3497         innerHTML does not HTML-escape text nodes inside PRE elements
3498         <rdar://problem/5027857>
3499         Pasting into Mail from Safari's view-source window renders the HTML
3500
3501         * editing/HTMLInterchange.cpp:
3502         (WebCore::convertHTMLTextToInterchangeFormat): Send this function
3503         the node that the text comes from as a parameter.  It shouldn't convert
3504         '\n's to spaces/nbsps if the text is coming from text where newlines are
3505         preserved.
3506         * editing/HTMLInterchange.h:
3507         * editing/markup.cpp:
3508         (WebCore::startMarkup): Escape text inside the children of PREs.
3509
3510 2007-03-02  Sam Weinig  <sam@webkit.org>
3511
3512         Reviewed by Anders.
3513