Crash in the hit testing code via HTMLPlugInElement::isReplacementObscured()
[WebKit-https.git] / Source / WebCore / ChangeLog
index aa7fdbc..06bd2d0 100644 (file)
+2019-02-15  Ryosuke Niwa  <rniwa@webkit.org>
+
+        Crash in the hit testing code via HTMLPlugInElement::isReplacementObscured()
+        https://bugs.webkit.org/show_bug.cgi?id=194691
+
+        Reviewed by Simon Fraser.
+
+        The crash was caused by HTMLPlugInElement::isReplacementObscured updating the document
+        without updating the layout of ancestor documents (i.e. documents in which frame owner
+        elements appear) even though it hit-tests against the top-level document's RenderView.
+
+        Fixed the bug by updating the layout of the top-level document as needed.
+
+        Test: plugins/unsupported-plugin-with-replacement-in-iframe-crash.html
+
+        * html/HTMLPlugInElement.cpp:
+        (WebCore::HTMLPlugInElement::isReplacementObscured):
+
+2019-02-15  Ross Kirsling  <ross.kirsling@sony.com>
+
+        [WTF] Add environment variable helpers
+        https://bugs.webkit.org/show_bug.cgi?id=192405
+
+        Reviewed by Michael Catanzaro.
+
+        * platform/NotImplemented.h:
+        * platform/cocoa/SystemVersion.mm:
+        (WebCore::createSystemMarketingVersion):
+        * platform/graphics/gstreamer/GStreamerCommon.cpp:
+        (WebCore::initializeGStreamer):
+        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
+        (WebCore::MediaPlayerPrivateGStreamer::createGSTPlayBin):
+        * platform/graphics/nicosia/NicosiaPaintingEngine.cpp:
+        (Nicosia::PaintingEngine::create):
+        * platform/graphics/texmap/TextureMapperFPSCounter.cpp:
+        (WebCore::TextureMapperFPSCounter::TextureMapperFPSCounter):
+        * platform/graphics/x11/PlatformDisplayX11.cpp:
+        (WebCore::PlatformDisplayX11::create):
+        * platform/gtk/RenderThemeWidget.cpp:
+        (WebCore::RenderThemeScrollbar::RenderThemeScrollbar):
+        * platform/gtk/ScrollbarThemeGtk.cpp:
+        (WebCore::ScrollbarThemeGtk::ScrollbarThemeGtk):
+        * platform/network/curl/CurlContext.cpp:
+        (WebCore::CurlContext::CurlContext):
+        (WebCore::EnvironmentVariableReader::read): Deleted.
+        (WebCore::EnvironmentVariableReader::defined): Deleted.
+        (WebCore::EnvironmentVariableReader::readAs): Deleted.
+        (WebCore::EnvironmentVariableReader::sscanTemplate): Deleted.
+        (WebCore::EnvironmentVariableReader::sscanTemplate<signed>): Deleted.
+        (WebCore::EnvironmentVariableReader::sscanTemplate<unsigned>): Deleted.
+        * platform/network/curl/NetworkStorageSessionCurl.cpp:
+        (WebCore::defaultCookieJarPath):
+        * platform/network/playstation/CurlSSLHandlePlayStation.cpp:
+        (WebCore::getCACertPathEnv):
+        * platform/network/win/CurlSSLHandleWin.cpp:
+        (WebCore::getCACertPathEnv):
+        * platform/text/hyphen/HyphenationLibHyphen.cpp:
+        (WebCore::topLevelPath):
+        (WebCore::webkitBuildDirectory):
+        * platform/unix/LoggingUnix.cpp:
+        (WebCore::logLevelString):
+        * platform/win/LoggingWin.cpp:
+        (WebCore::logLevelString):
+        Utilize WTF::Environment where possible.
+
+2019-02-15  Antoine Quint  <graouts@apple.com>
+
+        Add a method to dispatch a PointerEvent based on a PlatformTouchEvent
+        https://bugs.webkit.org/show_bug.cgi?id=194702
+        <rdar://problem/48109355>
+
+        Reviewed by Dean Jackson.
+
+        * page/EventHandler.cpp:
+        (WebCore::EventHandler::dispatchPointerEventForTouchAtIndex):
+        * page/EventHandler.h:
+
+2019-02-15  Per Arne Vollan  <pvollan@apple.com>
+
+        [WebVTT] Inline WebVTT styles should start with '::cue'
+        https://bugs.webkit.org/show_bug.cgi?id=194227
+
+        Reviewed by Eric Carlson.
+
+        The original fix in r241203 is not sufficient, since it only checks if the CSS string starts
+        with '::cue'. Before accepting a CSS string from a WebVTT file, it should be checked that
+        all selectors starts with '::cue'.
+
+        Test: media/track/track-cue-css.html
+
+        * html/track/WebVTTParser.cpp:
+        (WebCore::WebVTTParser::checkAndStoreStyleSheet):
+
+2019-02-15  Youenn Fablet  <youenn@apple.com>
+
+        Add binding tests for ContextAllowsMediaDevices and ContextHasServiceWorkerScheme
+        https://bugs.webkit.org/show_bug.cgi?id=194713
+
+        Reviewed by Eric Carlson.
+
+        Binding tests covering mediaDevices and serviceWorker attributes.
+
+        * bindings/scripts/test/JS/JSTestObj.cpp:
+        (WebCore::JSTestObjPrototype::finishCreation):
+        (WebCore::jsTestObjMediaDevices1Getter):
+        (WebCore::jsTestObjMediaDevices1):
+        (WebCore::jsTestObjMediaDevices2Getter):
+        (WebCore::jsTestObjMediaDevices2):
+        (WebCore::jsTestObjServiceWorkers1Getter):
+        (WebCore::jsTestObjServiceWorkers1):
+        (WebCore::jsTestObjServiceWorkers2Getter):
+        (WebCore::jsTestObjServiceWorkers2):
+        * bindings/scripts/test/TestObj.idl:
+
+2019-02-15  Beth Dakin  <bdakin@apple.com>
+
+        Build fix.
+
+        * rendering/RenderThemeIOS.mm:
+        (WebCore::iconForAttachment):
+
+2019-02-15  Youenn Fablet  <youenn@apple.com>
+
+        Make ServiceWorkerClientFetch closer to WebResourceLoader
+        https://bugs.webkit.org/show_bug.cgi?id=194651
+
+        Reviewed by Alex Christensen.
+
+        Check for redirection response and if so call a specific client API.
+        Ensure ServiceWorkerFetch::Client gets called in the service worker thread proxy
+        so that its m_connection is only accessed on that thread.
+
+        Covered by existing tests.
+
+        * platform/network/FormData.h:
+        * platform/network/ResourceErrorBase.h:
+        * workers/service/context/ServiceWorkerFetch.cpp:
+        (WebCore::ServiceWorkerFetch::processResponse):
+        * workers/service/context/ServiceWorkerFetch.h:
+        * workers/service/context/ServiceWorkerThreadProxy.cpp:
+        (WebCore::ServiceWorkerThreadProxy::cancelFetch):
+        (WebCore::ServiceWorkerThreadProxy::continueDidReceiveFetchResponse):
+        * workers/service/context/ServiceWorkerThreadProxy.h:
+
+2019-02-15  Youenn Fablet  <youenn@apple.com>
+
+        Make navigator.mediaDevices SecureContext
+        https://bugs.webkit.org/show_bug.cgi?id=194666
+
+        Reviewed by Eric Carlson.
+
+        Make navigator.mediaDevices SecureContext.
+        This can still be enabled for unsecure context using the existing page settings.
+        To cover that case, introduce ContextHasMediaDevices custom IDL keyword.
+
+        Covered by API test.
+
+        * Modules/mediastream/NavigatorMediaDevices.idl:
+        * bindings/scripts/CodeGeneratorJS.pm:
+        (GenerateRuntimeEnableConditionalString):
+        * bindings/scripts/IDLAttributes.json:
+        * dom/ScriptExecutionContext.cpp:
+        (WebCore::ScriptExecutionContext::hasMediaDevices const):
+        (WebCore::ScriptExecutionContext::hasServiceWorkerScheme const):
+        * dom/ScriptExecutionContext.h:
+
+2019-02-15  Youenn Fablet  <youenn@apple.com>
+
+        WebSocket should not fire events after being stopped
+        https://bugs.webkit.org/show_bug.cgi?id=194690
+
+        Reviewed by Geoffrey Garen.
+
+        dispatchOrQueueErrorEvent is scheduled using RunLoop::main().dispatch or dispatch_async.
+        This makes it possible to dispatch an event while WebSocket is already stopped.
+        Instead, use Document::postTask so that the task is only executed if WebSocket is not stopped.
+
+        As a refactoring, make use of PendingActivity to keep track of setPendingActivity/unsetPendingActivity more easily.
+
+        * Modules/websockets/WebSocket.cpp:
+        (WebCore::WebSocket::stop):
+        (WebCore::WebSocket::connect):
+        * Modules/websockets/WebSocket.h:
+
+2019-02-15  Youenn Fablet  <youenn@apple.com>
+
+        Performance should not fire events when its context is stopped
+        https://bugs.webkit.org/show_bug.cgi?id=194689
+
+        Reviewed by Alex Christensen.
+
+        Stop the timer when its context is destroyed.
+        Add an assertion to ensure the timer does not fire after context is destroyed.
+
+        * page/Performance.cpp:
+        (WebCore::Performance::stop):
+
+2019-02-15  Alex Christensen  <achristensen@webkit.org>
+
+        REGRESSION: ( r240978-r240985 ) [ iOS Release ] Layout Test imported/w3c/web-platform-tests/xhr/send-redirect-post-upload.htm is crashing
+        https://bugs.webkit.org/show_bug.cgi?id=194523
+
+        Reviewed by Geoffrey Garen.
+
+        The scope of the FormCreationContext was limited to the scope of createHTTPBodyCFReadStream,
+        so when it was used in formCreate it was lucky to get the same context if the stack hadn't been overwritten
+        and if the FormData hadn't been freed.  Instead, keep it alive with new/delete like we do the FormStreamFields.
+        A younger me should've noticed this when reviewing r218517.
+
+        * platform/network/cf/FormDataStreamCFNet.cpp:
+        (WebCore::formCreate):
+        (WebCore::createHTTPBodyCFReadStream):
+
+2019-02-15  Commit Queue  <commit-queue@webkit.org>
+
+        Unreviewed, rolling out r241559 and r241566.
+        https://bugs.webkit.org/show_bug.cgi?id=194710
+
+        Causes layout test crashes under GuardMalloc (Requested by
+        ryanhaddad on #webkit).
+
+        Reverted changesets:
+
+        "[WTF] Add environment variable helpers"
+        https://bugs.webkit.org/show_bug.cgi?id=192405
+        https://trac.webkit.org/changeset/241559
+
+        "Unreviewed build fix for WinCairo Debug after r241559."
+        https://trac.webkit.org/changeset/241566
+
+2019-02-15  Youenn Fablet  <youenn@apple.com>
+
+        Stop the endpoint synchronously in RTCPeerConnection::close
+        https://bugs.webkit.org/show_bug.cgi?id=194688
+
+        Reviewed by Eric Carlson.
+
+        In the case where the peer connection is being closed, it was asynchronously stopping the endpoint.
+        But the endpoint, before being stopped, could try to fire an event.
+        If the context is gone in between, we end up with a null pointer dereference.
+
+        * Modules/mediastream/RTCPeerConnection.cpp:
+        (WebCore::RTCPeerConnection::close):
+
+2019-02-15  Zalan Bujtas  <zalan@apple.com>
+
+        [LFC] Out-of-flow box is never a float box
+        https://bugs.webkit.org/show_bug.cgi?id=194704
+
+        Reviewed by Antti Koivisto.
+
+        We can't have it both ways. Absolute positioning wins.
+
+        Test: fast/block/block-only/out-of-flow-is-never-float-box.html
+
+        * layout/layouttree/LayoutBox.cpp:
+        (WebCore::Layout::Box::isFloatingPositioned const):
+        (WebCore::Layout::Box::isLeftFloatingPositioned const):
+        (WebCore::Layout::Box::isRightFloatingPositioned const):
+
+2019-02-15  Philippe Normand  <pnormand@igalia.com>
+
+        [GStreamer] Simplify GObject class name check
+        https://bugs.webkit.org/show_bug.cgi?id=194537
+
+        Reviewed by Michael Catanzaro.
+
+        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
+        (WebCore::MediaPlayerPrivateGStreamer::uriDecodeBinElementAddedCallback):
+        Use G_OBJECT_TYPE_NAME() to filter out uridecodebin child
+        elements.
+
+2019-02-15  Wenson Hsieh  <wenson_hsieh@apple.com>
+
+        Refactor EditingStyle::textDirection to return an Optional<WritingDirection> instead of a bool
+        https://bugs.webkit.org/show_bug.cgi?id=194686
+
+        Reviewed by Ryosuke Niwa.
+
+        Changes EditingStyle::textDirection to return an Optional<WritingDirection>, instead of taking a reference to
+        the resulting WritingDirection. No change in behavior.
+
+        * editing/ApplyStyleCommand.cpp:
+        (WebCore::ApplyStyleCommand::splitAncestorsWithUnicodeBidi):
+        (WebCore::ApplyStyleCommand::applyInlineStyle):
+        * editing/EditingStyle.cpp:
+        (WebCore::EditingStyle::textDirection const):
+        (WebCore::EditingStyle::textDirectionForSelection):
+        * editing/EditingStyle.h:
+
+2019-02-10  Darin Adler  <darin@apple.com>
+
+        Replace more uses of String::format with StringConcatenate (mostly non-Apple platform-specific cases)
+        https://bugs.webkit.org/show_bug.cgi?id=194487
+
+        Reviewed by Daniel Bates.
+
+        * accessibility/win/AccessibilityObjectWrapperWin.cpp:
+        (WebCore::AccessibilityObjectWrapper::accessibilityAttributeValue): Use makeString
+        instead of String::format.
+
+        * page/linux/ResourceUsageOverlayLinux.cpp:
+        (WebCore::formatByteNumber): Use String::number instead of String::format.
+
+        * platform/audio/gstreamer/AudioSourceProviderGStreamer.cpp:
+        (WebCore::AudioSourceProviderGStreamer::AudioSourceProviderGStreamer):
+        Use makeString instead of String::format.
+        * platform/glib/UserAgentGLib.cpp:
+        (WebCore::platformVersionForUAString): Ditto.
+        * platform/graphics/gstreamer/GStreamerCommon.cpp:
+        (WebCore::simpleBusMessageCallback): Ditto.
+        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
+        (WebCore::MediaPlayerPrivateGStreamer::handleMessage): Ditto.
+        * platform/graphics/gstreamer/mse/AppendPipeline.cpp:
+        (WebCore::AppendPipeline::AppendPipeline): Ditto.
+        (WebCore::AppendPipeline::handleStateChangeMessage): Ditto.
+        (WebCore::AppendPipeline::resetParserState): Ditto.
+        * platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:
+        (WebCore::MediaPlayerPrivateGStreamerMSE::load): Ditto.
+        (WebCore::MediaPlayerPrivateGStreamerMSE::doSeek): Ditto.
+
+        * platform/graphics/gtk/ImageBufferGtk.cpp:
+        (WebCore::encodeImage): Use String::number instead of String::format.
+
+        * platform/mediastream/gstreamer/GStreamerAudioCaptureSource.cpp:
+        (WebCore::GStreamerAudioCaptureSource::create): Use makeString instead of
+        String::format.
+        * platform/mediastream/gstreamer/GStreamerCaptureDeviceManager.cpp:
+        (WebCore::GStreamerCaptureDeviceManager::addDevice): Ditto.
+        * platform/mediastream/gstreamer/GStreamerMediaStreamSource.cpp:
+        (WebCore::webkitMediaStreamSrcAddPad): Ditto.
+        * platform/mediastream/gstreamer/GStreamerVideoCaptureSource.cpp:
+        (WebCore::GStreamerVideoCaptureSource::create): Ditto.
+        * platform/network/curl/CookieJarDB.cpp:
+        (WebCore::CookieJarDB::verifySchemaVersion): Ditto.
+        * platform/win/SearchPopupMenuDB.cpp:
+        (WebCore::SearchPopupMenuDB::verifySchemaVersion): Ditto.
+
+2019-02-15  Philippe Normand  <pnormand@igalia.com>
+
+        [GStreamer] Decoding media-capabilities configuration initial support
+        https://bugs.webkit.org/show_bug.cgi?id=191191
+
+        Reviewed by Xabier Rodriguez-Calvar.
+
+        This patch enables basic platform probing for GStreamer decoders,
+        optionally using Hardware decoding capabilities. The previous code
+        for decoders/demuxers probing partially duplicated between the MSE
+        player and its parent class was moved to a new module called
+        GStreamerRegistryScanner. There is one instance of it for the MSE player
+        and one for the parent class.
+
+        The scanner can check for the presence of the GstElement Hardware
+        metadata classifier in decoders and thus advise the
+        MediaEngineConfigurationFactoryGStreamer that hardware decoding is
+        supported or not. This is only a first step though. The scanner
+        should also probably attempt a NULL->READY transition on decoders
+        to validate specific input caps are supported. As this might
+        require changes in GStreamer, this part of the patch wasn't
+        included.
+
+        This patch is covered by the existing media tests.
+
+        * platform/GStreamer.cmake: New files.
+        * platform/graphics/MediaPlayer.cpp: Add support for converting
+        SupportsType enum to string.
+        (WebCore::convertEnumerationToString):
+        * platform/graphics/MediaPlayer.h: Ditto.
+        * platform/graphics/MediaPlayerEnums.h: Ditto.
+        * platform/graphics/gstreamer/GStreamerCommon.cpp: Move
+        gstRegistryHasElementForMediaType to GStreamerRegistryScanner.
+        * platform/graphics/gstreamer/GStreamerCommon.h: Ditto.
+        * platform/graphics/gstreamer/GStreamerRegistryScanner.cpp: Added.
+        (WebCore::GStreamerRegistryScanner::singleton):
+        (WebCore::GStreamerRegistryScanner::GStreamerRegistryScanner): Initialize
+        supported mime-types and codecs from the GStreamer registry.
+        (WebCore::GStreamerRegistryScanner::~GStreamerRegistryScanner): Free the element factories.
+        (WebCore::GStreamerRegistryScanner::gstRegistryHasElementForMediaType):
+        Check the input caps are supported, optionally using hardware
+        device.
+        (WebCore::GStreamerRegistryScanner::fillMimeTypeSetFromCapsMapping):
+        Moved from MediaPlayerPrivateGStreamer{,MSE}.
+        (WebCore::GStreamerRegistryScanner::initialize): Ditto.
+        (WebCore::GStreamerRegistryScanner::supportsCodec const): Ditto.
+        (WebCore::GStreamerRegistryScanner::supportsAllCodecs const): Ditto.
+        (WebCore::GStreamerRegistryScanner::isDecodingSupported const): Check
+        the given configuration is supported. For now hardware support is
+        checked for video configurations only as it is quite uncommon
+        anyway to have hardware-enabled audio decoders.
+        * platform/graphics/gstreamer/GStreamerRegistryScanner.h: Added.
+        (WebCore::GStreamerRegistryScanner::mimeTypeSet):
+        (WebCore::GStreamerRegistryScanner::supportsContainerType const):
+        (WebCore::GStreamerRegistryScanner::RegistryLookupResult::operator bool const):
+        * platform/graphics/gstreamer/MediaEngineConfigurationFactoryGStreamer.cpp: Added.
+        (WebCore::createMediaPlayerDecodingConfigurationGStreamer):
+        * platform/graphics/gstreamer/MediaEngineConfigurationFactoryGStreamer.h: Added.
+        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
+        Rely on new GStreamerRegistryScanner and add some debugging macros.
+        (WebCore::MediaPlayerPrivateGStreamer::getSupportedTypes):
+        (WebCore::MediaPlayerPrivateGStreamer::supportsType):
+        * platform/graphics/gstreamer/mse/AppendPipeline.cpp: Ditto. Also
+        plug qtdemux for AAC containers, this is an explicit consequence
+        of finer-grained codecs probing.
+        (WebCore::AppendPipeline::AppendPipeline):
+        (WebCore::AppendPipeline::parseDemuxerSrcPadCaps):
+        * platform/graphics/gstreamer/mse/GStreamerRegistryScannerMSE.cpp: Added.
+        (WebCore::GStreamerRegistryScannerMSE::singleton):
+        (WebCore::GStreamerRegistryScannerMSE::GStreamerRegistryScannerMSE):
+        * platform/graphics/gstreamer/mse/GStreamerRegistryScannerMSE.h: Added.
+        * platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:
+        Rely on new GStreamerRegistryScanner and add some debugging macros.
+        (WebCore::MediaPlayerPrivateGStreamerMSE::getSupportedTypes):
+        (WebCore::MediaPlayerPrivateGStreamerMSE::supportsType):
+        * platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.h:
+        * platform/mediacapabilities/MediaEngineConfigurationFactory.cpp:
+        (WebCore::factories): GStreamer support.
+
+2019-02-14  Joseph Pecoraro  <pecoraro@apple.com>
+
+        Web Inspector: Occasional crash under WebCore::CSSStyleSheet::item called from Inspector
+        https://bugs.webkit.org/show_bug.cgi?id=194671
+        <rdar://problem/47628191>
+
+        Reviewed by Devin Rousso.
+
+        * css/CSSStyleSheet.cpp:
+        (WebCore::CSSStyleSheet::item):
+        A crash may happen if the m_childRuleCSSOMWrappers Vector gets out of
+        sync with the m_contents list of rules. In particular if the wrappers
+        vector is shorter than the rule list. We tried exercising code paths
+        that modify these lists but were not able to reproduce the crash.
+        To avoid a crash we can make this access safer and avoid the original
+        overflow. At the same time we will keep and promote the assertion that
+        would catch the lists getting out of sync in debug builds.
+
+2019-02-14  Ross Kirsling  <ross.kirsling@sony.com>
+
+        Unreviewed build fix for WinCairo Debug after r241559.
+
+        * platform/network/curl/CurlContext.cpp:
+        (WebCore::CurlContext::CurlContext):
+
+2019-02-14  Ross Kirsling  <ross.kirsling@sony.com>
+
+        [WTF] Add environment variable helpers
+        https://bugs.webkit.org/show_bug.cgi?id=192405
+
+        Reviewed by Michael Catanzaro.
+
+        * platform/NotImplemented.h:
+        * platform/cocoa/SystemVersion.mm:
+        (WebCore::createSystemMarketingVersion):
+        * platform/graphics/gstreamer/GStreamerCommon.cpp:
+        (WebCore::initializeGStreamer):
+        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
+        (WebCore::MediaPlayerPrivateGStreamer::createGSTPlayBin):
+        * platform/graphics/nicosia/NicosiaPaintingEngine.cpp:
+        (Nicosia::PaintingEngine::create):
+        * platform/graphics/texmap/TextureMapperFPSCounter.cpp:
+        (WebCore::TextureMapperFPSCounter::TextureMapperFPSCounter):
+        * platform/graphics/x11/PlatformDisplayX11.cpp:
+        (WebCore::PlatformDisplayX11::create):
+        * platform/gtk/RenderThemeWidget.cpp:
+        (WebCore::RenderThemeScrollbar::RenderThemeScrollbar):
+        * platform/gtk/ScrollbarThemeGtk.cpp:
+        (WebCore::ScrollbarThemeGtk::ScrollbarThemeGtk):
+        * platform/network/curl/CurlContext.cpp:
+        (WebCore::CurlContext::CurlContext):
+        (WebCore::EnvironmentVariableReader::read): Deleted.
+        (WebCore::EnvironmentVariableReader::defined): Deleted.
+        (WebCore::EnvironmentVariableReader::readAs): Deleted.
+        (WebCore::EnvironmentVariableReader::sscanTemplate): Deleted.
+        (WebCore::EnvironmentVariableReader::sscanTemplate<signed>): Deleted.
+        (WebCore::EnvironmentVariableReader::sscanTemplate<unsigned>): Deleted.
+        * platform/network/curl/NetworkStorageSessionCurl.cpp:
+        (WebCore::defaultCookieJarPath):
+        * platform/network/playstation/CurlSSLHandlePlayStation.cpp:
+        (WebCore::getCACertPathEnv):
+        * platform/network/win/CurlSSLHandleWin.cpp:
+        (WebCore::getCACertPathEnv):
+        * platform/text/hyphen/HyphenationLibHyphen.cpp:
+        (WebCore::topLevelPath):
+        (WebCore::webkitBuildDirectory):
+        * platform/unix/LoggingUnix.cpp:
+        (WebCore::logLevelString):
+        * platform/win/LoggingWin.cpp:
+        (WebCore::logLevelString):
+        Utilize WTF::Environment where possible.
+
+2019-02-14  Chris Dumez  <cdumez@apple.com>
+
+        [PSON] Introduce a WebContent Process cache
+        https://bugs.webkit.org/show_bug.cgi?id=194594
+        <rdar://problem/46793397>
+
+        Reviewed by Geoff Garen.
+
+        Update localizable strings.
+
+        * en.lproj/Localizable.strings:
+
+2019-02-14  Commit Queue  <commit-queue@webkit.org>
+
+        Unreviewed, rolling out r241486.
+        https://bugs.webkit.org/show_bug.cgi?id=194655
+
+        causing API failures in builds (Requested by ShawnRoberts on
+        #webkit).
+
+        Reverted changeset:
+
+        "[Cocoa] Media elements will restart network buffering just
+        before suspending"
+        https://bugs.webkit.org/show_bug.cgi?id=193691
+        https://trac.webkit.org/changeset/241486
+
+2019-02-13  Brian Burg  <bburg@apple.com>
+
+        Web Inspector: don't include accessibility role in DOM.Node object payloads
+        https://bugs.webkit.org/show_bug.cgi?id=194623
+        <rdar://problem/36384037>
+
+        Reviewed by Devin Rousso.
+
+        Accessibility properties are complicated to fetch at all the points where we want to build and push nodes immediately.
+        Turning on AX often indirectly causes style recalc and layout. This is bad because we are often building nodes in the
+        first place due to a DOM node tree update (i.e., NodeInserted).
+
+        It turns out that DOM.getAccessibilityPropertiesForNode is called every time we display
+        the computed role in the Elements Tab > Nodes Sidebar > Accessibility Section. So it is not
+        necessary to collect this information in a problematic way when initially pushing the node, as
+        it will be updated anyway.
+
+        No new tests, no change in behavior.
+
+        * inspector/agents/InspectorDOMAgent.cpp:
+        (WebCore::InspectorDOMAgent::buildObjectForNode):
+
+2019-02-14  Zalan Bujtas  <zalan@apple.com>
+
+        [LFC][BFC][MarginCollapse] Replaced boxes don't collapse through their margins
+        https://bugs.webkit.org/show_bug.cgi?id=194622
+
+        Reviewed by Antti Koivisto.
+
+        Ensure that block replaced boxes don't collapse through their vertical margins. 
+
+        Test: fast/block/block-only/block-replaced-with-vertical-margins.html
+
+        * layout/blockformatting/BlockMarginCollapse.cpp:
+        (WebCore::Layout::BlockFormattingContext::MarginCollapse::marginsCollapseThrough):
+        * page/FrameViewLayoutContext.cpp:
+        (WebCore::layoutUsingFormattingContext):
+
+2019-02-14  Zalan Bujtas  <zalan@apple.com>
+
+        [LFC] Shrink-to-fit-width should be constrained by min/max width
+        https://bugs.webkit.org/show_bug.cgi?id=194653
+
+        Reviewed by Antti Koivisto.
+
+        Use the fixed value of min-width/max-width to constrain the computed preferred width.
+
+        * layout/FormattingContext.h:
+        * layout/FormattingContextGeometry.cpp:
+        (WebCore::Layout::FormattingContext::Geometry::constrainByMinMaxWidth):
+        * layout/blockformatting/BlockFormattingContextGeometry.cpp:
+        (WebCore::Layout::BlockFormattingContext::Geometry::intrinsicWidthConstraints):
+        * layout/inlineformatting/InlineFormattingContext.cpp:
+        (WebCore::Layout::InlineFormattingContext::computeIntrinsicWidthConstraints const):
+
+2019-02-13  Ryosuke Niwa  <rniwa@webkit.org>
+
+        Crash in DOMTimer::fired
+        https://bugs.webkit.org/show_bug.cgi?id=194638
+
+        Reviewed by Brent Fulgham.
+
+        This patch continues the saga of hunting down timer related crashes after r239814, r225985, r227934.
+
+        The crash was caused by the bug that we don't remove a DOMTimer from NestedTimersMap if a DOMTimer
+        is created & installed inside another DOMTimer's callback (via execute call in DOMTimer::fired).
+
+        Fixed the crash by using a Ref in NestedTimersMap. This will keep the timer alive until we exit
+        from DOMTimer::fired. Because DOMTimer::fired always calls stopTracking() which clears the map
+        we would not leak these DOM timers.
+
+        We could, alternatively, use WeakPtr in NestedTimersMap but that would unnecessarily increase the
+        size of DOMTimer for a very marginal benefit of DOMTimer objcets being deleted slightly earlier.
+        Deleting itself in DOMTimer's destructor involves more logic & house keeping in the timer code,
+        and is no longer the preferred approach when dealing with these classes of bugs in WebKit.
+
+        Test: fast/dom/timer-destruction-during-firing.html
+
+        * page/DOMTimer.cpp:
+        (WebCore::NestedTimersMap::add):
+        (WebCore::DOMTimer::install):
+        (WebCore::DOMTimer::fired):
+
+2019-02-13  Joseph Pecoraro  <pecoraro@apple.com>
+
+        Web Inspector: Crash when inspecting an element that constantly changes visibility
+        https://bugs.webkit.org/show_bug.cgi?id=194632
+        <rdar://problem/48060258>
+
+        Reviewed by Matt Baker and Devin Rousso.
+
+        * inspector/agents/InspectorDOMAgent.h:
+        * inspector/agents/InspectorDOMAgent.cpp:
+        (WebCore::InspectorDOMAgent::processAccessibilityChildren):
+        (WebCore::InspectorDOMAgent::buildObjectForAccessibilityProperties):
+        Don't use rvalue-references as that was taking ownership and deleting
+        the object we want to keep around. Instead simplify this to just use
+        references so no ref counting changes happen.
+
+2019-02-13  Chris Fleizach  <cfleizach@apple.com>
+
+        AX: Crash in handleMenuOpen
+        https://bugs.webkit.org/show_bug.cgi?id=194627
+
+        Reviewed by Zalan Bujtas.
+
+        Tests run under libGuardMalloc will cause crashes.
+
+        This list of objects is a Node list, not an Element list, so we were
+        not removing some nodes when they were being deallocated.
+
+        * accessibility/AXObjectCache.cpp:
+        (WebCore::AXObjectCache::remove):
+
+2019-02-13  Jer Noble  <jer.noble@apple.com>
+
+        [Mac] PiP window can get "stuck" if PiP is closed while Safari window is minimized.
+        https://bugs.webkit.org/show_bug.cgi?id=194621
+        <rdar://problem/48002560>
+
+        Reviewed by Eric Carlson.
+
+        When Safari is minimized, no rAF() requests are executed. Don't gate responding to presentation
+        change events in the media-controller.js on rAF().
+
+        * Modules/modern-media-controls/media/media-controller.js:
+        (MediaController.prototype._returnMediaLayerToInlineIfNeeded):
+
+2019-02-13  John Wilander  <wilander@apple.com>
+
+        Ignore Ad Click Attribution where source and destination are same-site
+        https://bugs.webkit.org/show_bug.cgi?id=194620
+        <rdar://problem/47890018>
+
+        Reviewed by Jiewen Tan.
+
+        Updated the existing test.
+
+        We should not accept Ad Click Attribution requests where the site of the
+        anchor tag and its addestination attribute are same-site. Such attributions
+        don’t make sense (the site can track intra-site clicks through better means)
+        and would just lead to increased memory use where are the pending
+        attributions are stored.
+
+        For ports that don't have access to the Public Suffix List, this patch
+        only checks that the hosts don't match, i.e. not just eTLD+1.
+
+        * html/HTMLAnchorElement.cpp:
+        (WebCore::HTMLAnchorElement::parseAdClickAttribution const):
+            Now returns WTF::nullopt if the current document and the
+            addestination are same site. Also fixed a console message
+            typo.
+
+2019-02-13  Eric Carlson  <eric.carlson@apple.com> and Youenn Fablet  <youenn@apple.com>
+
+        getUserMedia with an ideal deviceId constraint doesn't always select the correct device
+        https://bugs.webkit.org/show_bug.cgi?id=193614
+
+        Reviewed by Eric Carlson.
+
+        Compute a fitness score based on constraints.
+        For each constraint, a fitness score is computed from the distance.
+        The smaller the distance, the higher the score.
+        Fitness scores are then summed to give a device fitness score.
+        Matching devices are then sorted according the fitness score.
+
+        For important constraints, deviceId and facingMode, add a more important weight.
+        This ensures that should any of these ideal constraints are set, they will be respected.
+
+        Restrict our automatic setting of default constraints to not add a default ideal facingMode in case of existing deviceId constraint.
+        Do not set a default ideal frameRate if width and height are already set.
+
+        Covered by updated test.
+
+        * platform/mediastream/MediaConstraints.cpp:
+        (WebCore::FlattenedConstraint::set):
+        (WebCore::MediaConstraints::setDefaultVideoConstraints):
+        * platform/mediastream/RealtimeMediaSource.cpp:
+        (WebCore::RealtimeMediaSource::fitnessDistance):
+        (WebCore::RealtimeMediaSource::selectSettings):
+        (WebCore::RealtimeMediaSource::supportsConstraints):
+        (WebCore::RealtimeMediaSource::applyConstraints):
+        * platform/mediastream/RealtimeMediaSource.h:
+        * platform/mediastream/RealtimeMediaSourceCenter.cpp:
+        (WebCore::RealtimeMediaSourceCenter::validateRequestConstraints):
+
+2019-02-13  Eric Carlson  <eric.carlson@apple.com>
+
+        [iOS] Add a hack to work around buggy video control library
+        https://bugs.webkit.org/show_bug.cgi?id=194615
+        <rdar://problem/46146946>
+
+        Reviewed by Jer Noble.
+
+        Test: media/ios/video-volume-ios-quirk.html
+
+        * html/HTMLMediaElement.cpp:
+        (WebCore::HTMLMediaElement::setVolume): Change m_volume for one turn of the runloop.
+        (WebCore::HTMLMediaElement::cancelPendingTasks): Clear the task queue used to restore m_volume.
+        (WebCore::HTMLMediaElement::closeTaskQueues): Close it.
+        * html/HTMLMediaElement.h:
+
+2019-02-13  Jer Noble  <jer.noble@apple.com>
+
+        [Cocoa] Media elements will restart network buffering just before suspending
+        https://bugs.webkit.org/show_bug.cgi?id=193691
+
+        Reviewed by Eric Carlson.
+
+        API Test: WebKit.ProcessSuspendMediaBuffering
+
+        Allow the Page to suspend all media buffering in its child Documents.
+
+        * dom/Document.cpp:
+        (WebCore::Document::suspendAllMediaBuffering):
+        (WebCore::Document::resumeAllMediaBuffering):
+        * dom/Document.h:
+        * html/MediaElementSession.cpp:
+        (WebCore::MediaElementSession::dataBufferingPermitted const):
+        (WebCore::MediaElementSession::suspendBuffering):
+        (WebCore::MediaElementSession::resumeBuffering):
+        (WebCore::MediaElementSession::bufferingSuspended const):
+        * html/MediaElementSession.h:
+        * page/Page.cpp:
+        (WebCore::Page::suspendAllMediaBuffering):
+        (WebCore::Page::resumeAllMediaBuffering):
+        * page/Page.h:
+        (WebCore::Page::mediaPlaybackIsSuspended const):
+        (WebCore::Page::mediaBufferingIsSuspended const):
+        (WebCore::Page::mediaPlaybackIsSuspended): Deleted.
+        * platform/audio/PlatformMediaSession.h:
+        (WebCore::PlatformMediaSession::suspendBuffering):
+        (WebCore::PlatformMediaSession::resumeBuffering):
+        * platform/audio/PlatformMediaSessionManager.cpp:
+        (WebCore::PlatformMediaSessionManager::suspendAllMediaBufferingForDocument):
+        (WebCore::PlatformMediaSessionManager::resumeAllMediaBufferingForDocument):
+        * platform/audio/PlatformMediaSessionManager.h:
+
+2019-02-13  Jer Noble  <jer.noble@apple.com>
+
+        Entering fullscreen inside a shadow root will not set fullscreen pseudoclasses outside of root
+        https://bugs.webkit.org/show_bug.cgi?id=194516
+        <rdar://problem/44678353>
+
+        Reviewed by Antoine Quint.
+
+        Test: fast/shadow-dom/fullscreen-in-shadow-full-screen-ancestor.html
+
+        When walking up the element ancestor chain, use parentElementInComposedTree() to
+        walk past the shadow root boundary.
+
+        * dom/Element.cpp:
+        (WebCore::parentCrossingFrameBoundaries):
+
+2019-02-13  Chris Dumez  <cdumez@apple.com>
+
+        Unreviewed, update localizable strings.
+
+        * en.lproj/Localizable.strings:
+
+2019-02-12  Jiewen Tan  <jiewen_tan@apple.com>
+
+        Further restricting webarchive loads
+        https://bugs.webkit.org/show_bug.cgi?id=194567
+        <rdar://problem/47610130>
+
+        Reviewed by Youenn Fablet.
+
+        This patch futher restricts main frame webarchive loads to the followings:
+        1) loaded by clients;
+        2) loaded by drag;
+        3) reloaded from any of the previous two.
+
+        It moves setAlwaysAllowLocalWebarchive, which is used for testing only, from Document
+        to FrameLoader such that the option is remembered during redirections.
+
+        Covered by API tests.
+
+        * dom/Document.h:
+        (WebCore::Document::setAlwaysAllowLocalWebarchive): Deleted.
+        (WebCore::Document::alwaysAllowLocalWebarchive const): Deleted.
+        * loader/DocumentLoader.cpp:
+        (WebCore::DocumentLoader::disallowWebArchive const):
+        * loader/DocumentLoader.h:
+        (WebCore::DocumentLoader::setAllowsWebArchiveForMainFrame):
+        (WebCore::DocumentLoader::allowsWebArchiveForMainFrame):
+        * loader/FrameLoadRequest.h:
+        (WebCore::FrameLoadRequest::setIsRequestFromClientOrUserInput):
+        (WebCore::FrameLoadRequest::isRequestFromClientOrUserInput):
+        * loader/FrameLoader.cpp:
+        (WebCore::FrameLoader::load):
+        (WebCore::FrameLoader::reload):
+        * loader/FrameLoader.h:
+        (WebCore::FrameLoader::setAlwaysAllowLocalWebarchive):
+        (WebCore::FrameLoader::alwaysAllowLocalWebarchive const):
+        * page/DragController.cpp:
+        (WebCore::DragController::performDragOperation):
+        * testing/Internals.cpp:
+        (WebCore::Internals::setAlwaysAllowLocalWebarchive const):
+        * testing/Internals.h:
+        * testing/Internals.idl:
+
+2019-02-13  Jer Noble  <jer.noble@apple.com>
+
+        Null-deref crash at SourceBufferPrivateAVFObjC::outputObscuredDueToInsufficientExternalProtectionChanged()
+        https://bugs.webkit.org/show_bug.cgi?id=194613
+        <rdar://problem/48023912>
+
+        Reviewed by Eric Carlson.
+
+        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
+        (WebCore::SourceBufferPrivateAVFObjC::outputObscuredDueToInsufficientExternalProtectionChanged):
+
+2019-02-13  Michael Catanzaro  <mcatanzaro@igalia.com>
+
+        Unreviewed, fix unused variable warnings after r241148/r241251
+        https://bugs.webkit.org/show_bug.cgi?id=194348
+        <rdar://problem/47566449>
+
+        * Modules/mediasource/SourceBuffer.cpp:
+        (WebCore::SourceBuffer::sourceBufferPrivateDidReceiveRenderingError):
+        (WebCore::SourceBuffer::evictCodedFrames):
+        (WebCore::SourceBuffer::provideMediaData):
+
+2019-02-13  Sihui Liu  <sihui_liu@apple.com>
+
+        REGRESSION: [ Mac Debug WK2 ] Layout Test storage/indexeddb/key-type-infinity-private.html is a flaky crash
+        https://bugs.webkit.org/show_bug.cgi?id=194413
+        <rdar://problem/47897254>
+
+        Reviewed by Brady Eidson.
+
+        IDB clients expected transaction operations to be executed in order, but in 
+        UniqueIDBDatabase::immediateCloseForUserDelete, callbacks in callback map were errored out randomly.
+        This patch added a callback queue to UniqueIDBDatabase to make sure callbacks will be called in the same order
+        as IDB Server receives the request.
+
+        * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
+        (WebCore::IDBServer::UniqueIDBDatabase::storeCallbackOrFireError):
+        (WebCore::IDBServer::UniqueIDBDatabase::immediateCloseForUserDelete):
+        (WebCore::IDBServer::UniqueIDBDatabase::performErrorCallback):
+        (WebCore::IDBServer::UniqueIDBDatabase::performKeyDataCallback):
+        (WebCore::IDBServer::UniqueIDBDatabase::performGetResultCallback):
+        (WebCore::IDBServer::UniqueIDBDatabase::performGetAllResultsCallback):
+        (WebCore::IDBServer::UniqueIDBDatabase::performCountCallback):
+        (WebCore::IDBServer::UniqueIDBDatabase::forgetErrorCallback):
+        * Modules/indexeddb/server/UniqueIDBDatabase.h:
+
+2019-02-13  John Wilander  <wilander@apple.com>
+
+        Store Ad Click Attribution requests in the network process
+        https://bugs.webkit.org/show_bug.cgi?id=194510
+        <rdar://problem/47650118>
+
+        Reviewed by Alex Christensen and Daniel Bates.
+
+        Test: http/tests/adClickAttribution/store-ad-click-attribution.html
+
+        This patch adds support functions for validation and storage of
+        WebCore::AdClickAttribution objects. It also adds WTF::HashTraits so that
+        WebCore::AdClickAttribution::Source and WebCore::AdClickAttribution::Destination
+        can be used in a HashMap.
+
+        * loader/AdClickAttribution.cpp:
+        (WebCore::AdClickAttribution::toString const):
+        * loader/AdClickAttribution.h:
+        (WebCore::AdClickAttribution::Source::operator== const):
+        (WebCore::AdClickAttribution::Source::deletedValue):
+        (WebCore::AdClickAttribution::Source::constructDeletedValue):
+        (WebCore::AdClickAttribution::Source::deleteValue):
+        (WebCore::AdClickAttribution::Source::isDeletedValue const):
+        (WebCore::AdClickAttribution::SourceHash::hash):
+        (WebCore::AdClickAttribution::SourceHash::equal):
+        (WebCore::AdClickAttribution::Destination::operator== const):
+        (WebCore::AdClickAttribution::Destination::matches const):
+            This convenience function allows matching of a WTF::URL object.
+        (WebCore::AdClickAttribution::Destination::deletedValue):
+        (WebCore::AdClickAttribution::Destination::constructDeletedValue):
+        (WebCore::AdClickAttribution::Destination::deleteValue):
+        (WebCore::AdClickAttribution::Destination::isDeletedValue const):
+        (WebCore::AdClickAttribution::DestinationHash::hash):
+        (WebCore::AdClickAttribution::DestinationHash::equal):
+        (WebCore::AdClickAttribution::source const):
+        (WebCore::AdClickAttribution::destination const):
+            Getters added to support mapped storage based on source and destination.
+        (WTF::HashTraits<WebCore::AdClickAttribution::Source>::emptyValue):
+        (WTF::HashTraits<WebCore::AdClickAttribution::Source>::constructDeletedValue):
+        (WTF::HashTraits<WebCore::AdClickAttribution::Source>::isDeletedValue):
+        (WTF::HashTraits<WebCore::AdClickAttribution::Destination>::emptyValue):
+        (WTF::HashTraits<WebCore::AdClickAttribution::Destination>::constructDeletedValue):
+        (WTF::HashTraits<WebCore::AdClickAttribution::Destination>::isDeletedValue):
+        * loader/NavigationAction.h:
+        (WebCore::NavigationAction::adClickAttribution const):
+        (WebCore::NavigationAction::adClickAttribution): Deleted.
+            Corrected the constness of this function.
+
+2019-02-13  Eric Carlson  <eric.carlson@apple.com>
+
+        Revert r240434
+        https://bugs.webkit.org/show_bug.cgi?id=194600
+        <rdar://problem/48044566>
+
+        Reviewed by Brent Fulgham.
+
+        * html/HTMLMediaElement.cpp:
+        (WebCore::HTMLMediaElement::setVolume):
+        (WebCore::HTMLMediaElement::mediaPlayerVolumeChanged):
+        (WebCore::HTMLMediaElement::updateVolume):
+        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
+        (WebCore::MediaPlayerPrivateAVFoundationObjC::setVolume):
+
+2019-02-13  Alex Christensen  <achristensen@webkit.org>
+
+        Stop using setDefersLoading from WebCore
+        https://bugs.webkit.org/show_bug.cgi?id=194315
+
+        Reviewed by Jer Noble.
+
+        That is what CompletionHandlers are for.
+
+        * loader/MediaResourceLoader.cpp:
+        (WebCore::MediaResource::responseReceived):
+        (WebCore::MediaResource::setDefersLoading): Deleted.
+        * loader/MediaResourceLoader.h:
+        * platform/graphics/PlatformMediaResourceLoader.h:
+        (WebCore::PlatformMediaResourceClient::responseReceived):
+        (WebCore::PlatformMediaResource::stop):
+        (WebCore::PlatformMediaResource::setDefersLoading): Deleted.
+        * platform/network/cocoa/WebCoreNSURLSession.mm:
+        (WebCore::WebCoreNSURLSessionDataTaskClient::responseReceived):
+        (-[WebCoreNSURLSessionDataTask resource:receivedResponse:completionHandler:]):
+        (-[WebCoreNSURLSessionDataTask _setDefersLoading:]): Deleted.
+        (-[WebCoreNSURLSessionDataTask resource:receivedResponse:]): Deleted.
+
+2019-02-13  Jer Noble  <jer.noble@apple.com>
+
+        [Cocoa] Switch to CVPixelBufferGetBytesPerRow() for calculating CVPixelBuffer base address size.
+        https://bugs.webkit.org/show_bug.cgi?id=194580
+        <rdar://problem/42727739>
+
+        Reviewed by Eric Carlson.
+
+        * platform/cocoa/CoreVideoSoftLink.cpp:
+        * platform/cocoa/CoreVideoSoftLink.h:
+        * platform/graphics/cv/PixelBufferConformerCV.cpp:
+        (WebCore::CVPixelBufferGetBytePointerCallback):
+        (WebCore::PixelBufferConformerCV::createImageFromPixelBuffer):
+
+2019-02-13  Antoine Quint  <graouts@apple.com>
+
+        Support simulated mouse events on iOS based on a PlatformTouchEvent
+        https://bugs.webkit.org/show_bug.cgi?id=194501
+        <rdar://problem/46910790>
+
+        Reviewed by Dean Jackson.
+
+        Add support for two new internal runtime flags to control whether simulated mouse events should be dipatched along with touch events and
+        whether simulated mousemove events dispatched should automatically trigger the behavior preventDefault() would also trigger. To facilitate
+        that, we allow for a MouseEvent to be created, much like a PointerEvent, based on a PlatformTouchEvent. Then, we set a flag on Event within
+        EventTarget::innerInvokeEventListeners() to see whether any page code has been evaluated as a result of a mousemove event being dispatched.
+        Finally, we also track mouse events when invalidating touch regions provided the required internal runtime flag is on.
+
+        Test: fast/events/touch/ios/mouse-events-dispatch-with-touch.html
+
+        * SourcesCocoa.txt:
+        * WebCore.xcodeproj/project.pbxproj:
+        * dom/Event.cpp:
+        * dom/Event.h:
+        (WebCore::Event::hasEncounteredListener const):
+        (WebCore::Event::setHasEncounteredListener):
+        * dom/EventNames.h:
+        (WebCore::EventNames::isTouchRelatedEventType const):
+        (WebCore::EventNames::touchRelatedEventNames const):
+        (WebCore::EventNames::extendedTouchRelatedEventNames const):
+        (WebCore::EventNames::isTouchEventType const): Deleted.
+        (WebCore::EventNames::touchAndPointerEventNames const): Deleted.
+        * dom/EventTarget.cpp:
+        (WebCore::EventTarget::innerInvokeEventListeners):
+        * dom/MouseEvent.h:
+        * dom/Node.cpp:
+        (WebCore::Node::moveNodeToNewDocument):
+        (WebCore::tryAddEventListener):
+        (WebCore::tryRemoveEventListener):
+        (WebCore::Node::defaultEventHandler):
+        * dom/ios/MouseEventIOS.cpp: Added.
+        (WebCore::mouseEventType):
+        (WebCore::MouseEvent::create):
+        * dom/ios/PointerEventIOS.cpp:
+        (WebCore::pointerEventType):
+        (WebCore::PointerEvent::create):
+        (WebCore::eventType): Deleted.
+        * page/DOMWindow.cpp:
+        (WebCore::DOMWindow::addEventListener):
+        (WebCore::DOMWindow::removeEventListener):
+        * page/EventHandler.h:
+        * page/RuntimeEnabledFeatures.h:
+        (WebCore::RuntimeEnabledFeatures::mouseEventsSimulationEnabled const):
+        (WebCore::RuntimeEnabledFeatures::setMouseEventsSimulationEnabled):
+        (WebCore::RuntimeEnabledFeatures::mousemoveEventHandlingPreventsDefaultEnabled const):
+        (WebCore::RuntimeEnabledFeatures::setMousemoveEventHandlingPreventsDefaultEnabled):
+
+2019-02-13  Carlos Garcia Campos  <cgarcia@igalia.com>
+
+        [FreeType] Unable to render some Hebrew characters
+        https://bugs.webkit.org/show_bug.cgi?id=194498
+
+        Reviewed by Michael Catanzaro.
+
+        We are failing to find a font for some of the combining character sequences because normalization is failing due
+        to overflow error. In case of overflow, normalize returns the required length for the normalized characters, so
+        we should handle that case to resize the output buffer and try again.
+
+        * platform/graphics/cairo/FontCairoHarfbuzzNG.cpp:
+        (WebCore::FontCascade::fontForCombiningCharacterSequence const):
+
+2019-02-13  Ryosuke Niwa  <rniwa@webkit.org>
+
+        Release assert in PolicyCheckIdentifier::isValidFor via WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction
+        https://bugs.webkit.org/show_bug.cgi?id=194582
+
+        Reviewed by Antti Koivisto.
+
+        Check the zero-ness of m_policyCheck first so that we can differentiate process ID being wrong
+        from the non-generated identifier being sent to us as it was the case in this failure.
+
+        * loader/PolicyChecker.cpp:
+        (WebCore::PolicyCheckIdentifier::isValidFor):
+
+2019-02-13  Commit Queue  <commit-queue@webkit.org>
+
+        Unreviewed, rolling out r241273.
+        https://bugs.webkit.org/show_bug.cgi?id=194579
+
+        This change is causing a flaky assertion failure crash in High
+        Sierra Debug (Requested by ShawnRoberts on #webkit).
+
+        Reverted changeset:
+
+        "Stop using setDefersLoading from WebCore"
+        https://bugs.webkit.org/show_bug.cgi?id=194315
+        https://trac.webkit.org/changeset/241273
+
+2019-02-12  Mark Lam  <mark.lam@apple.com>
+
+        Remove unnecessary null check in bindings.
+        https://bugs.webkit.org/show_bug.cgi?id=194581
+
+        Reviewed by Yusuke Suzuki.
+
+        It is always safe to call visitor.containsOpaqueRoot(root) with a null root pointer.
+        It will just return false.  Since we don't expect the root pointer to be null in
+        the common case, having a null check here is also not optimal.  We'll remove this
+        unneeded null check.
+
+        * bindings/scripts/CodeGeneratorJS.pm:
+        (GenerateImplementation):
+        * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
+        (WebCore::JSTestGenerateIsReachableOwner::isReachableFromOpaqueRoots):
+
+2019-02-12  Rob Buis  <rbuis@igalia.com>
+
+        Align with Fetch on data: URLs
+        https://bugs.webkit.org/show_bug.cgi?id=182325
+
+        Reviewed by Alex Christensen.
+
+        The MIME type part of the data url should be serialized as
+        specified in step 3 under "data" [1].
+
+        Test: web-platform-tests/fetch/data-urls/processing.any.js
+
+        [1] https://fetch.spec.whatwg.org/#concept-scheme-fetch 
+
+        * platform/network/DataURLDecoder.cpp:
+        (WebCore::DataURLDecoder::parseMediaType):
+
+2019-02-12  Alex Christensen  <achristensen@webkit.org>
+
+        Build fix after r241320
+        https://bugs.webkit.org/show_bug.cgi?id=194271
+
+        * page/Frame.cpp:
+        (WebCore::Frame::requestDOMPasteAccess):
+
+2019-02-12  Justin Fan  <justin_fan@apple.com>
+
+        [WebGPU] Remove WebGPUBufferDescriptor/Usage and use GPU versions
+        https://bugs.webkit.org/show_bug.cgi?id=194552
+
+        Reviewed by Dean Jackson.
+
+        WebGPUBufferDescriptor/Usage have been renamed to GPUBufferDescriptor/Usage in the Web GPU API.
+        Consolidate the two versions of these classes in our implementation.
+
+        Affected layout tests updated with new names. No change in behavior.
+
+        * CMakeLists.txt:
+        * DerivedSources-input.xcfilelist:
+        * DerivedSources-output.xcfilelist:
+        * DerivedSources.make:
+        * Modules/webgpu/GPUBufferDescriptor.idl: Renamed from Source/WebCore/Modules/webgpu/WebGPUBufferDescriptor.idl.
+        * Modules/webgpu/GPUBufferUsage.idl: Renamed from Source/WebCore/Modules/webgpu/WebGPUBufferUsage.idl.
+        * Modules/webgpu/WebGPUBufferUsage.h: Removed.
+        * Modules/webgpu/WebGPUDevice.cpp:
+        (WebCore::WebGPUDevice::createBuffer const):
+        * Modules/webgpu/WebGPUDevice.h:
+        * Modules/webgpu/WebGPUDevice.idl:
+        * Sources.txt:
+        * WebCore.xcodeproj/project.pbxproj:
+        * bindings/js/WebCoreBuiltinNames.h:
+        * platform/graphics/gpu/GPUBufferDescriptor.h: Moved out GPUBufferUsage.
+        * platform/graphics/gpu/GPUBufferUsage.h: Moved from GPUBufferDescriptor.h.
+
+2019-02-12  Wenson Hsieh  <wenson_hsieh@apple.com>
+
+        Unreviewed, try to fix the internal iOS build after r241321
+
+        * accessibility/mac/WebAccessibilityObjectWrapperBase.mm:
+
+2019-02-12  Wenson Hsieh  <wenson_hsieh@apple.com>
+
+        Allow pages to trigger programmatic paste from script on iOS
+        https://bugs.webkit.org/show_bug.cgi?id=194271
+        <rdar://problem/47808810>
+
+        Reviewed by Tim Horton.
+
+        Tests: editing/pasteboard/ios/dom-paste-confirmation.html
+               editing/pasteboard/ios/dom-paste-consecutive-confirmations.html
+               editing/pasteboard/ios/dom-paste-rejection.html
+               editing/pasteboard/ios/dom-paste-requires-user-gesture.html
+
+        * dom/UserGestureIndicator.cpp:
+        (WebCore::UserGestureIndicator::~UserGestureIndicator):
+
+        Reset a gesture token's DOM paste access when exiting the scope of a user gesture. This prevents DOM paste
+        access permissions from leaking into `setTimeout()` callbacks when we forward user gesture tokens.
+
+        * dom/UserGestureIndicator.h:
+        (WebCore::UserGestureToken::resetDOMPasteAccess):
+
+2019-02-12  Chris Fleizach  <cfleizach@apple.com>
+
+        AX: IsolatedTree: Implement more attributes
+        https://bugs.webkit.org/show_bug.cgi?id=193911
+        <rdar://problem/47599217>
+
+        Reviewed by Daniel Bates.
+
+        Make use of new HIServices SPI to use a secondary AX thread.
+        Store root node/focused node status in IsolatedTree rather than on the element.
+        Implement the following attributes: children, parent, isIgnored, isTree, isTreeItem, relativeFrame, speechHint, title, description.
+        Implement hit-testing using relative-frames.
+        Ensure that WKAccessibilityWebPageObject queries happen on main thread when they need to.
+
+        * SourcesCocoa.txt:
+        * WebCore.xcodeproj/project.pbxproj:
+        * accessibility/AXObjectCache.cpp:
+        (WebCore::AXObjectCache::generateIsolatedAccessibilityTree):
+        * accessibility/AXObjectCache.h:
+        (WebCore::AXObjectCache::focusedUIElementForPage):
+        * accessibility/AccessibilityAttachment.cpp:
+        (WebCore::AccessibilityAttachment::accessibilityText const):
+        (WebCore::AccessibilityAttachment::accessibilityText): Deleted.
+        * accessibility/AccessibilityAttachment.h:
+        * accessibility/AccessibilityImageMapLink.cpp:
+        (WebCore::AccessibilityImageMapLink::accessibilityText const):
+        (WebCore::AccessibilityImageMapLink::accessibilityText): Deleted.
+        * accessibility/AccessibilityImageMapLink.h:
+        * accessibility/AccessibilityMediaControls.cpp:
+        (WebCore::AccessibilityMediaControl::accessibilityText const):
+        (WebCore::AccessibilityMediaControl::accessibilityText): Deleted.
+        * accessibility/AccessibilityMediaControls.h:
+        * accessibility/AccessibilityNodeObject.cpp:
+        (WebCore::AccessibilityNodeObject::accessibilityText const):
+        (WebCore::AccessibilityNodeObject::accessibilityText): Deleted.
+        * accessibility/AccessibilityNodeObject.h:
+        * accessibility/AccessibilityObject.cpp:
+        (WebCore::AccessibilityObject::convertFrameToSpace const):
+        (WebCore::AccessibilityObject::relativeFrame const):
+        (WebCore::AccessibilityObject::elementAccessibilityHitTest const):
+        (WebCore::AccessibilityObject::focusedUIElement const):
+        * accessibility/AccessibilityObject.h:
+        (WebCore::AccessibilityObject::accessibilityText const):
+        (WebCore::AccessibilityObject::isLink const): Deleted.
+        (WebCore::AccessibilityObject::isImage const): Deleted.
+        (WebCore::AccessibilityObject::isAttachment const): Deleted.
+        (WebCore::AccessibilityObject::isFileUploadButton const): Deleted.
+        (WebCore::AccessibilityObject::isImageMapLink const): Deleted.
+        (WebCore::AccessibilityObject::isMediaControlLabel const): Deleted.
+        (WebCore::AccessibilityObject::isTree const): Deleted.
+        (WebCore::AccessibilityObject::isTreeItem const): Deleted.
+        (WebCore::AccessibilityObject::isScrollbar const): Deleted.
+        (WebCore::AccessibilityObject::accessibilityHitTest const): Deleted.
+        (WebCore::AccessibilityObject::accessibilityText): Deleted.
+        (WebCore::AccessibilityObject::roleValue const): Deleted.
+        (WebCore::AccessibilityObject::wrapper const): Deleted.
+        * accessibility/AccessibilityObjectInterface.h: Replaced.
+        * accessibility/AccessibilityRenderObject.cpp:
+        (WebCore::AccessibilityRenderObject::isTabItemSelected const):
+        (WebCore::AccessibilityRenderObject::remoteSVGElementHitTest const):
+        (WebCore::AccessibilityRenderObject::elementAccessibilityHitTest const):
+        (WebCore::AccessibilityRenderObject::accessibilityHitTest const):
+        (WebCore::AccessibilityRenderObject::selectedChildren):
+        * accessibility/AccessibilityRenderObject.h:
+        * accessibility/AccessibilitySVGElement.cpp:
+        (WebCore::AccessibilitySVGElement::accessibilityText const):
+        (WebCore::AccessibilitySVGElement::accessibilityText): Deleted.
+        * accessibility/AccessibilitySVGElement.h:
+        * accessibility/AccessibilityScrollView.cpp:
+        (WebCore::AccessibilityScrollView::accessibilityHitTest const):
+        * accessibility/AccessibilityScrollView.h:
+        * accessibility/ios/AccessibilityObjectIOS.mm:
+        (WebCore::AccessibilityObject::fileUploadButtonReturnsValueInTitle const):
+        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
+        (-[WebAccessibilityObjectWrapper fileUploadButtonReturnsValueInTitle]): Deleted.
+        * accessibility/isolatedtree: Replaced.
+        * accessibility/isolatedtree/AXIsolatedTree.cpp: Added.
+        (WebCore::AXIsolatedTree::treePageCache):
+        (WebCore::AXIsolatedTree::AXIsolatedTree):
+        (WebCore::AXIsolatedTree::nodeInTreeForID):
+        (WebCore::AXIsolatedTree::nodeForID const):
+        (WebCore::AXIsolatedTree::focusedUIElement):
+        (WebCore::AXIsolatedTree::setRootNodeID):
+        (WebCore::AXIsolatedTree::setFocusedNodeID):
+        (WebCore::AXIsolatedTree::setInitialRequestInProgress):
+        (WebCore::AXIsolatedTree::applyPendingChanges):
+        * accessibility/isolatedtree/AXIsolatedTree.h: Added.
+        * accessibility/isolatedtree/AXIsolatedTreeNode.cpp: Added.
+        (WebCore::AXIsolatedTreeNode::AXIsolatedTreeNode):
+        (WebCore::AXIsolatedTreeNode::~AXIsolatedTreeNode):
+        (WebCore::AXIsolatedTreeNode::initializeAttributeData):
+        (WebCore::AXIsolatedTreeNode::setProperty):
+        (WebCore::AXIsolatedTreeNode::setParent):
+        (WebCore::AXIsolatedTreeNode::setTreeIdentifier):
+        (WebCore::AXIsolatedTreeNode::focusedUIElement const):
+        (WebCore::AXIsolatedTreeNode::parentObjectInterfaceUnignored const):
+        (WebCore::AXIsolatedTreeNode::accessibilityHitTest const):
+        (WebCore::AXIsolatedTreeNode::tree const):
+        (WebCore::AXIsolatedTreeNode::rectAttributeValue const):
+        (WebCore::AXIsolatedTreeNode::stringAttributeValue const):
+        * accessibility/isolatedtree/AXIsolatedTreeNode.h: Added.
+        * accessibility/mac/AXObjectCacheMac.mm:
+        (WebCore::AXObjectCache::associateIsolatedTreeNode):
+        * accessibility/mac/AccessibilityObjectBase.mm: Added.
+        (WebCore::AccessibilityObject::speechHintAttributeValue const):
+        (WebCore::AccessibilityObject::descriptionAttributeValue const):
+        (WebCore::AccessibilityObject::titleAttributeValue const):
+        (WebCore::AccessibilityObject::helpTextAttributeValue const):
+        * accessibility/mac/AccessibilityObjectMac.mm:
+        (WebCore::AccessibilityObject::fileUploadButtonReturnsValueInTitle const):
+        * accessibility/mac/WebAccessibilityObjectWrapperBase.h:
+        * accessibility/mac/WebAccessibilityObjectWrapperBase.mm:
+        (addChildToArray):
+        (convertToNSArray):
+        (-[WebAccessibilityObjectWrapperBase isolatedTreeNode]):
+        (-[WebAccessibilityObjectWrapperBase detach]):
+        (-[WebAccessibilityObjectWrapperBase updateObjectBackingStore]):
+        (-[WebAccessibilityObjectWrapperBase accessibilityObject]):
+        (-[WebAccessibilityObjectWrapperBase baseAccessibilityTitle]):
+        (-[WebAccessibilityObjectWrapperBase axBackingObject]):
+        (-[WebAccessibilityObjectWrapperBase baseAccessibilityDescription]):
+        (-[WebAccessibilityObjectWrapperBase baseAccessibilitySpeechHint]):
+        (-[WebAccessibilityObjectWrapperBase baseAccessibilityHelpText]):
+        (convertPathToScreenSpaceFunction):
+        (-[WebAccessibilityObjectWrapperBase convertRectToSpace:space:]):
+        (-[WebAccessibilityObjectWrapperBase ariaLandmarkRoleDescription]):
+        (-[WebAccessibilityObjectWrapperBase titleTagShouldBeUsedInDescriptionField]): Deleted.
+        (-[WebAccessibilityObjectWrapperBase fileUploadButtonReturnsValueInTitle]): Deleted.
+        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
+        (-[WebAccessibilityObjectWrapper IGNORE_WARNINGS_END]):
+        (-[WebAccessibilityObjectWrapper childrenVectorSize]):
+        (-[WebAccessibilityObjectWrapper childrenVectorArray]):
+        (-[WebAccessibilityObjectWrapper position]):
+        (-[WebAccessibilityObjectWrapper subrole]):
+        (-[WebAccessibilityObjectWrapper roleDescription]):
+        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):
+        (-[WebAccessibilityObjectWrapper accessibilityFocusedUIElement]):
+        (-[WebAccessibilityObjectWrapper accessibilityHitTest:]):
+        (-[WebAccessibilityObjectWrapper accessibilityIndexOfChild:]):
+        (-[WebAccessibilityObjectWrapper accessibilityArrayAttributeCount:]):
+        (-[WebAccessibilityObjectWrapper accessibilityArrayAttributeValues:index:maxCount:]):
+
+2019-02-12  Wenson Hsieh  <wenson_hsieh@apple.com>
+
+        Allow pages to trigger programmatic paste from script on iOS
+        https://bugs.webkit.org/show_bug.cgi?id=194271
+        <rdar://problem/47808810>
+
+        Reviewed by Ryosuke Niwa.
+
+        Add support for allowing script to trigger programmatic paste commands. Currently on macOS and iOS, the ability
+        to trigger programmatic paste (i.e. `document.execCommand('Paste');`) is disabled by default, such that
+        execCommand is simply a no-op that returns false. This policy is a privacy measure (common among other major
+        browsers) that prevents untrusted web content from sniffing content from the system pasteboard (even on user
+        interaction, since unintended user interaction occasionally happens as well!).
+
+        In order to make it possible for web pages to programmatically paste without opening the door to privacy and
+        security issues, we make paste commands triggered from bindings present platform UI on iOS, in the form of a
+        callout bar with the single option to paste. This UI is dismissed upon any user interaction; furthermore, any
+        user interaction short of explicitly triggering the "Paste" action subsequently prevents the page from executing
+        the paste (and causes execCommand to return false). However, if the paste action is chosen by the user, we
+        instead follow through with the programmatic paste command.
+
+        New tests to come in a followup patch.
+
+        * WebCore.xcodeproj/project.pbxproj:
+        * dom/DOMPasteAccessPolicy.h: Added.
+        * dom/UserGestureIndicator.h:
+        (WebCore::UserGestureToken::domPasteAccessPolicy const):
+        (WebCore::UserGestureToken::didRequestDOMPasteAccess):
+
+        Add helpers on UserGestureToken to update and query the current DOM paste access policy. The access policies are
+        "NotRequestedYet" (i.e. pending a response from the user), "Granted" (the user has granted DOM paste access to
+        the page), or "Denied" (the user has prevented the page from reading the contents of the clipboard). When DOM
+        paste access is granted or rejected, make this decision sticky until the end of the current user gesture.
+
+        * editing/EditorCommand.cpp:
+        (WebCore::executePaste):
+        (WebCore::executePasteAndMatchStyle):
+        (WebCore::executePasteAsPlainText):
+        (WebCore::executePasteAsQuotation):
+
+        When executing a paste command where the source is DOM bindings, request DOM paste if needed before proceeding
+        with the paste.
+
+        (WebCore::supportedPaste):
+        * loader/EmptyClients.cpp:
+        * page/EditorClient.h:
+        * page/Frame.cpp:
+        (WebCore::Frame::requestDOMPasteAccess):
+
+        Add a helper method that requests access to the clipboard on behalf of script when pasting.
+
+        * page/Frame.h:
+        * page/Settings.yaml:
+
+        Introduce a new WebCore setting, used to gate DOM paste access requests.
+
+2019-02-12  Alex Christensen  <achristensen@webkit.org>
+
+        Remove setDefersLoading infrastructure from WebKit2
+        https://bugs.webkit.org/show_bug.cgi?id=194506
+
+        Reviewed by Brady Eidson.
+
+        setDefersLoading is inherently racy from WebCore to the NetworkProcess,
+        it adds unwanted complexity to the initialization and use of network objects,
+        and it has led to many unrecoverable hang bugs over the years.
+        We needed to force it into WebKit2 to transition some existing clients who relied on it,
+        but we have recently finished transitioning those clients to other solutions, mostly
+        completion handlers.
+
+        * inspector/PageScriptDebugServer.cpp:
+        (WebCore::PageScriptDebugServer::setJavaScriptPaused):
+
+2019-02-12  Michael Catanzaro  <mcatanzaro@igalia.com>
+
+        Unreviewed, fix build warnings after content extensions enablement
+        https://bugs.webkit.org/show_bug.cgi?id=193622
+        <rdar://problem/47982850>
+
+        * contentextensions/DFABytecode.h:
+        (WebCore::ContentExtensions::instructionSizeWithArguments):
+        * contentextensions/DFABytecodeCompiler.h:
+        * contentextensions/URLFilterParser.cpp:
+        (WebCore::ContentExtensions::URLFilterParser::statusString):
+
+2019-02-12  Justin Fan  <justin_fan@apple.com>
+
+        [Web GPU] DepthStencilAttachment implementation
+        https://bugs.webkit.org/show_bug.cgi?id=194458
+        <rdar://problem/47932446>
+
+        Reviewed by Dean Jackson.
+
+        Implement ability to provide a depth attachment to the render pass encoder. Also implement
+        GPULoad/StoreOp and update color attachments' implementation for full functionality.
+
+        Test: webgpu/depth-enabled-triangle-strip.html
+
+        Update project files for new symbols:
+        * CMakeLists.txt:
+        * DerivedSources-input.xcfilelist:
+        * DerivedSources-output.xcfilelist:
+        * DerivedSources.make:
+        * Sources.txt:
+        * WebCore.xcodeproj/project.pbxproj:
+
+        * Modules/webgpu/GPUColor.idl: Renamed from WebGPUColor.idl
+        * Modules/webgpu/GPULoadOp.idl: Added. Interface for attachment operation enum.
+        * Modules/webgpu/GPUStoreOp.idl: Ditto.
+        * Modules/webpug/WebGPUColor.h: Removed.
+        * Modules/webgpu/WebGPUCommandBuffer.cpp: Refactored descriptor validation logic out of this file.
+        (WebCore::WebGPUCommandBuffer::beginRenderPass):
+        * Modules/webgpu/WebGPURenderPassDescriptor.cpp: Added. Now owns code for validating descriptors.
+        (WebCore::WebGPURenderPassDescriptor::validateAndConvertToGPUVersion const):
+        * Modules/webgpu/WebGPURenderPassColorAttachmentDescriptor.h/idl: Removed. Code moved into WebGPURenderPassDescriptor.
+        * Modules/webgpu/WebGPURenderPassDescriptor.h: Move sub-descriptor definitions into this file.
+        * Modules/webgpu/WebGPURenderPassDescriptor.idl: Ditto.
+        * Modules/webgpu/WebGPURenderPipelineDescriptor.h: Make depthStencilState optional to match API update.
+        * Modules/webgpu/WebGPURenderPipelineDescriptor.idl: Ditto.
+        * Modules/webgpu/WebGPUTextureView.h:
+        * platform/graphics/gpu/GPULoadOp.h: Added.
+        * platform/graphics/gpu/GPURenderPassColorAttachmentDescriptor.h: Removed (moved into GPURenderPassDescriptor).
+        * platform/graphics/gpu/GPURenderPassDescriptor.h: Mirror WebGPU* changes.
+        * platform/graphics/gpu/GPURenderPipelineDescriptor.h: Make depthStencilState optional.
+        (WebCore::GPURenderPipelineDescriptor::GPURenderPipelineDescriptor):
+        * platform/graphics/gpu/GPUStoreOp.h: Added.
+        * platform/graphics/gpu/GPUTexture.h:
+        * platform/graphics/gpu/cocoa/GPURenderPassEncoderMetal.mm:
+        (WebCore::loadActionForGPULoadOp): Added.
+        (WebCore::storeActionForGPUStoreOp): Added.
+        (WebCore::populateMtlColorAttachmentsArray): Added. Create all expected color attachments, rather than just the first.
+        (WebCore::populateMtlDepthStencilAttachment): Added.
+        (WebCore::GPURenderPassEncoder::create):
+        * platform/graphics/gpu/cocoa/GPURenderPipelineMetal.mm: Make depthStencilState optional.
+        (WebCore::GPURenderPipeline::create):
+
+2019-02-12  David Kilzer  <ddkilzer@apple.com>
+
+        REGRESSION (r238955, r240494): Soft-linking optional Lookup.framework triggers release assertion when missing
+        <https://webkit.org/b/194529>
+        <rdar://problem/47924449>
+
+        Reviewed by Eric Carlson.
+
+        * SourcesCocoa.txt:
+        - Do not include DataDetectorsCoreSoftLink.mm in unified
+          sources.
+        * WebCore.xcodeproj/project.pbxproj:
+        - Add DataDetectorsCoreSoftLink.mm to the WebCore target now
+          that it isn't part of the unifed sources.
+        * platform/cocoa/DataDetectorsCoreSoftLink.mm:
+        - Switch from using SOFT_LINK_PRIVATE_FRAMEWORK_OPTIONAL() to
+          SOFT_LINK_PRIVATE_FRAMEWORK_FOR_SOURCE() when linking
+          DataDetectorsCore.framework. None of the other macros assume
+          this framework is optional, and it was likely made optional
+          originally because the framework was new to iOS and thus
+          didn't exist on older versions.
+        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
+        - Change use of SOFT_LINK_CLASS_FOR_SOURCE() macros to
+          SOFT_LINK_CLASS() since the latter can only be used with
+          SOFT_LINK_FRAMEWORK_OPTIONAL(AVFoundation).  This broke after
+          the fix for <wtf/SoftLinking.h> was applied.
+
+2019-02-12  Youenn Fablet  <youenn@apple.com>
+
+        Make use of is<SubresourceLoader>
+        https://bugs.webkit.org/show_bug.cgi?id=194541
+
+        Reviewed by Alex Christensen.
+
+        No change of behavior.
+
+        * inspector/agents/InspectorNetworkAgent.cpp:
+        (WebCore::InspectorNetworkAgent::didReceiveResponse):
+        * loader/SubresourceLoader.h:
+        (isType):
+
+2019-02-12  Mark Lam  <mark.lam@apple.com>
+
+        Add some null checks in JSNodeCustom.h's root() and generated isReachableFromOpaqueRoots() functions.
+        https://bugs.webkit.org/show_bug.cgi?id=194530
+        <rdar://problem/47973274>
+
+        Reviewed by Chris Dumez.
+
+        This is needed to fix a null pointer dereference that arises from the following scenario:
+        1. a Document detaches from its StyleSheetList.
+        2. the JSStyleSheetList that is associated with the detached StyleSheetList has yet
+           to be scanned and collected by the GC.
+        3. the GC eventually looks for the opaque root of the StyleSheetList's owner, and
+           discovers a null owner pointer.
+
+        This patch fixes this issue by applying the following null checks:
+
+        1. Add a null check in JSNodeCustom.h's root().
+
+           root() is called from a isReachableFromOpaqueRoots() generated by CodeGeneratorJS.pm.
+           isReachableFromOpaqueRoots() calls a ownerNode() method and passes its result
+           to root().  However, depending on which class the ownerNode() method belongs to,
+           it can either return a pointer or a reference.  The null check only makes sense
+           in the pointer case.
+
+           To accommodate the 2 forms, root() itself is has an overload that takes a
+           reference instead of a pointer.
+
+           Since CodeGeneratorJS.pm can't tell what the generated class' ownerNode()
+           returns, it can't discern when the result is a pointer and apply the null check.
+           Instead, we just add the null check to the version of root() that takes a
+           pointer.  If the node pointer is null, we'll return a null opaque root.
+
+        2. Fix CodeGeneratorJS.pm to null check the opaque root before using it.
+
+        * bindings/js/JSNodeCustom.h:
+        (WebCore::root):
+        * bindings/scripts/CodeGeneratorJS.pm:
+        (GenerateImplementation):
+        * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
+        (WebCore::JSTestGenerateIsReachableOwner::isReachableFromOpaqueRoots):
+
+2019-02-12  Andy Estes  <aestes@apple.com>
+
+        [iOSMac] Enable Parental Controls Content Filtering
+        https://bugs.webkit.org/show_bug.cgi?id=194521
+        <rdar://39732376>
+
+        Reviewed by Tim Horton.
+
+        * Configurations/FeatureDefines.xcconfig:
+        * platform/ContentFilterUnblockHandler.h:
+        * platform/cocoa/ContentFilterUnblockHandlerCocoa.mm:
+        * platform/cocoa/ParentalControlsContentFilter.mm:
+
+2019-02-11  Jer Noble  <jer.noble@apple.com>
+
+        Unreviewed build fix; add a HAVE_CELESTIAL guard around Celestial framework usage.
+
+        * platform/audio/ios/MediaSessionManagerIOS.h:
+        * platform/audio/ios/MediaSessionManagerIOS.mm:
+        (WebCore::MediaSessionManageriOS::providePresentingApplicationPIDIfNecessary):
+
+2019-02-12  Antti Koivisto  <antti@apple.com>
+
+        Crash in WebCore::ScrollingTree::updateTreeFromStateNode
+        https://bugs.webkit.org/show_bug.cgi?id=194538
+        <rdar://problem/47841926>
+
+        Reviewed by Zalan Bujtas.
+
+        * page/scrolling/ScrollingTree.cpp:
+        (WebCore::ScrollingTree::updateTreeFromStateNode):
+
+        Make sure we don't leave node entry behind in m_nodeMap in case we failed to add it to the parent.
+
+2019-02-12  Zalan Bujtas  <zalan@apple.com>
+
+        [LFC] Remove redundant InlineFormattingContext::computeBorderAndPadding
+        https://bugs.webkit.org/show_bug.cgi?id=194540
+
+        Reviewed by Antti Koivisto.
+
+        Use FormattingContext::computeBorderAndPadding instead.
+
+        * layout/FormattingContext.cpp:
+        (WebCore::Layout::FormattingContext::computeBorderAndPadding const):
+        * layout/FormattingContext.h:
+        * layout/inlineformatting/InlineFormattingContext.cpp:
+        (WebCore::Layout::InlineFormattingContext::computeBorderAndPadding const): Deleted.
+        * layout/inlineformatting/InlineFormattingContext.h:
+
+2019-02-12  Zalan Bujtas  <zalan@apple.com>
+
+        [LFC][IFC] Add intrinsic width support for float boxes.
+        https://bugs.webkit.org/show_bug.cgi?id=194528
+
+        Reviewed by Antti Koivisto.
+
+        This patch implements a very simple float box support for intrinsic width.
+
+        * layout/inlineformatting/InlineFormattingContext.cpp:
+        (WebCore::Layout::InlineFormattingContext::computeIntrinsicWidthConstraints const):
+        (WebCore::Layout::InlineFormattingContext::computeIntrinsicWidthForFloatBox const):
+        (WebCore::Layout::InlineFormattingContext::computeIntrinsicWidthForInlineBlock const):
+        (WebCore::Layout::InlineFormattingContext::computeMargin const):
+        (WebCore::Layout::InlineFormattingContext::computeIntrinsicWidthForFormattingContextRoot const): Deleted.
+        * layout/inlineformatting/InlineFormattingContext.h:
+
+2019-02-12  Rob Buis  <rbuis@igalia.com>
+
+        Implement serializing in MIME type parser
+        https://bugs.webkit.org/show_bug.cgi?id=193909
+
+        Reviewed by Darin Adler.
+
+        Implement serializing in MIME type parser [1], to preserve the parameter
+        order the Vector m_parameterNames is introduced, since HashMaps do not
+        guarantee any order.
+
+        Test: ParsedContentType.Serialize
+
+        [1] https://mimesniff.spec.whatwg.org/#serializing-a-mime-type
+
+        * platform/network/ParsedContentType.cpp:
+        (WebCore::skipSpaces):
+        (WebCore::parseQuotedString):
+        (WebCore::ParsedContentType::parseContentType):
+        (WebCore::ParsedContentType::parameterValueForName const):
+        (WebCore::ParsedContentType::parameterCount const):
+        (WebCore::ParsedContentType::setContentType):
+        (WebCore::ParsedContentType::setContentTypeParameter):
+        (WebCore::ParsedContentType::serialize const):
+        * platform/network/ParsedContentType.h:
+
+2019-02-08  Chris Fleizach  <cfleizach@apple.com>
+
+        AXObjectCache::childrenChanged shouldn't update layout or style during another style recalc
+        https://bugs.webkit.org/show_bug.cgi?id=182280
+        <rdar://problem/37018386>
+
+        Reviewed by Alan Bujtas.
+
+        Remove the possibility that changing children calls back into updating layout by
+        handling children changes in a deferred manner.
+
+        This follows the same architecture as many other deferred changes, but also requires us to check deferred changes
+        in updateBackingStore, because things like aria-hidden changes won't trigger a layout, but will require us to update children.
+
+        A few tests had to be modified to no longer change the tree and then check the children immediately. 
+
+        * accessibility/AXObjectCache.cpp:
+        (WebCore::AXObjectCache::remove):
+        (WebCore::AXObjectCache::childrenChanged):
+        (WebCore::AXObjectCache::prepareForDocumentDestruction):
+        (WebCore::AXObjectCache::performDeferredCacheUpdate):
+        * accessibility/AXObjectCache.h:
+        * accessibility/AccessibilityObject.cpp:
+        (WebCore::AccessibilityObject::updateBackingStore):
+        * accessibility/mac/WebAccessibilityObjectWrapperBase.mm:
+        (convertToNSArray):
+        (-[WebAccessibilityObjectWrapperBase updateObjectBackingStore]):
+
+2019-02-11  Myles C. Maxfield  <mmaxfield@apple.com>
+
+        [Cocoa] Ask platform for generic font family mappings
+        https://bugs.webkit.org/show_bug.cgi?id=187723
+        <rdar://problem/41892438>
+
+        Reviewed by Brent Fulgham.
+
+        WebKit API allows setting the generic font families for the USCRIPT_COMMON script.
+        When trying to style a character with a generic font family, we first look to see if
+        we have a mapping for the particular script the character is rendered with, and if we
+        don't find a match, we then check USCRIPT_COMMON.
+
+        In the Cocoa ports, the only way families get set for non-USCRIPT_COMMON scripts (aka
+        the only scripts which won't use the API families) is in
+        SettingsBase::initializeDefaultFontFamilies(). That function only sets the families
+        for the CJK scripts.
+
+        The mappings inside SettingsBase are incorrect and conflict with our policy regarding
+        user-installed fonts. Instead, we should be consulting with the platform for some of
+        these mappings, by calling CTFontDescriptorCreateForCSSFamily(). However, the WebKit
+        API still has to work to set the mappings for untagged content. Therefore, we use the
+        system mappings for language-tagged content, and the API mappings for non-language-tagged
+        content. This is a good balance that makes sure we always have a good mapping for every
+        language, but API clients can still set the mappings, too.
+
+        Test: fast/text/ja-sans-serif.html
+
+        * css/CSSComputedStyleDeclaration.cpp:
+        * css/CSSFontSelector.cpp:
+        (WebCore::resolveGenericFamily):
+        * css/parser/CSSPropertyParser.cpp:
+        (WebCore::consumeFontFamily):
+        * page/cocoa/SettingsBaseCocoa.mm:
+        (WebCore::SettingsBase::initializeDefaultFontFamilies):
+        (WebCore::osakaMonoIsInstalled): Deleted.
+        * platform/graphics/FontDescription.cpp:
+        (WebCore::FontDescription::platformResolveGenericFamily):
+        * platform/graphics/FontDescription.h:
+        * platform/graphics/cocoa/FontDescriptionCocoa.cpp:
+        (WebCore::computeSpecializedChineseLocale):
+        (WebCore::cachedSpecializedChineseLocale):
+        (WebCore::languageChanged):
+        (WebCore::FontDescription::platformResolveGenericFamily):
+        * platform/graphics/cocoa/SystemFontDatabaseCoreText.cpp:
+        (WebCore::SystemFontDatabaseCoreText::clear):
+        (WebCore::genericFamily):
+        (WebCore::SystemFontDatabaseCoreText::serifFamily):
+        (WebCore::SystemFontDatabaseCoreText::sansSerifFamily):
+        (WebCore::SystemFontDatabaseCoreText::cursiveFamily):
+        (WebCore::SystemFontDatabaseCoreText::fantasyFamily):
+        (WebCore::SystemFontDatabaseCoreText::monospaceFamily):
+        * platform/graphics/cocoa/SystemFontDatabaseCoreText.h:
+
+2019-02-11  Adrian Perez de Castro  <aperez@igalia.com>
+
+        [GTK][WPE] Add content extensions support in WKTR and unskip layout tests
+        https://bugs.webkit.org/show_bug.cgi?id=193622
+
+        Reviewed by Michael Catanzaro.
+
+        No new tests needed.
+
+        * SourcesCocoa.txt: Remove loader/ResourceLoadInfo.cpp, it's not Cocoa-specific anymore.
+        * Sources.txt: Add loader/ResourceLoadInfo.cpp, all ports use it now.
+
+2019-02-11  Daniel Bates  <dabates@apple.com>
+
+        [iOS] Mouse/Touch/Pointer events are missing modifier keys
+        https://bugs.webkit.org/show_bug.cgi?id=191446
+        <rdar://problem/45929460>
+
+        Reviewed by Tim Horton.
+
+        Extract the modifier flags from the WebEvent. This code is only used by Legacy WebKit
+        on iOS and we will need to fix <rdar://problem/47929759> in order for modifier flags
+        to be passed to WebKit.
+
+        Tests: fast/events/touch/ios/mouse-events-with-modifiers.html
+               fast/events/touch/ios/pointer-events-with-modifiers.html
+               fast/events/touch/ios/touch-events-with-modifiers.html
+
+        * platform/ios/PlatformEventFactoryIOS.mm:
+        (WebCore::PlatformMouseEventBuilder::PlatformMouseEventBuilder):
+        * platform/ios/WebEvent.h:
+        * platform/ios/WebEvent.mm:
+        (-[WebEvent initWithMouseEventType:timeStamp:location:]):
+        (-[WebEvent initWithMouseEventType:timeStamp:location:modifiers:]):
+
+2019-02-11  Jer Noble  <jer.noble@apple.com>
+
+        [Cocoa] Notify AVSystemController of our presenting PID before registering as a Now Playing app.
+        https://bugs.webkit.org/show_bug.cgi?id=194504
+
+        Reviewed by Eric Carlson.
+
+        This allows the MediaRemote framework to associate the WebContent process with its host application.
+
+        * Modules/mediastream/UserMediaRequest.cpp:
+        (WebCore::UserMediaRequest::start):
+        * platform/audio/PlatformMediaSessionManager.h:
+        (WebCore::PlatformMediaSessionManager::prepareToSendUserMediaPermissionRequest):
+        * platform/audio/cocoa/MediaSessionManagerCocoa.h:
+        * platform/audio/cocoa/MediaSessionManagerCocoa.mm:
+        (MediaSessionManagerCocoa::prepareToSendUserMediaPermissionRequest):
+        (MediaSessionManagerCocoa::providePresentingApplicationPIDIfNecessary):
+        (MediaSessionManagerCocoa::updateNowPlayingInfo):
+
+2019-02-11  Commit Queue  <commit-queue@webkit.org>
+
+        Unreviewed, rolling out r241272 and r241276.
+        https://bugs.webkit.org/show_bug.cgi?id=194514
+
+        Broke the Apple Internal build and the fix requires human
+        intervention :( (Requested by dydz on #webkit).
+
+        Reverted changesets:
+
+        "[iOS] Mouse/Touch/Pointer events are missing modifier keys"
+        https://bugs.webkit.org/show_bug.cgi?id=191446
+        https://trac.webkit.org/changeset/241272
+
+        "Fix internal iOS build after r241272"
+        https://bugs.webkit.org/show_bug.cgi?id=191446
+        https://trac.webkit.org/changeset/241276
+
 2019-02-11  Alex Christensen  <achristensen@webkit.org>
 
         Stop using setDefersLoading from WebCore
         * WebCore.xcodeproj/project.pbxproj:
         * bindings/js/WebCoreBuiltinNames.h:
 
-2019-02-06  Dean Jackson  <dino@apple.com>
+2019-02-12  Dean Jackson  <dino@apple.com>
 
-        Fix potential build error in GPUDevice
-        https://bugs.webkit.org/show_bug.cgi?id=194359
+        BitmapRenderer should handle existing ImageBuffers
+        https://bugs.webkit.org/show_bug.cgi?id=194555
+        <rdar://problem/47857150>
 
-        Reviewed by Joseph Pecoraro.
+        Reviewed by Tim Horton.
 
-        Add an UNUSED_PARAM for non-macOS platforms.
+        Our logic in ImageBitmapRenderingContext assumed that
+        it had always created the ImageBuffer being used. However, it's
+        valid to call something like toBlob() or toDataURL() before creating
+        a context, so we need to handle the case where an ImageBuffer
+        already exists.
 
-        * platform/graphics/gpu/cocoa/GPUDeviceMetal.mm:
-        (WebCore::GPUDevice::create):
+        Test: fast/canvas/bitmaprenderer-created-after-toBlob.html
+
+        * html/HTMLCanvasElement.cpp:
+        (WebCore::HTMLCanvasElement::createImageBuffer const): Move some logic into setImageBuffer.
+        (WebCore::HTMLCanvasElement::setImageBuffer const): Make sure to clear the state saver.
 
 2019-02-06  Daniel Bates  <dabates@apple.com>