REGRESSION (r220112): reCAPTCHA images render off screen on Twitch.tv app Log In...
[WebKit-https.git] / Source / WebCore / ChangeLog
index 7a75f3b..74df252 100644 (file)
@@ -1,3 +1,386 @@
+2018-04-23  Antti Koivisto  <antti@apple.com>
+
+        REGRESSION (r220112): reCAPTCHA images render off screen on Twitch.tv app Log In or Sign Up
+        https://bugs.webkit.org/show_bug.cgi?id=182859
+        <rdar://problem/37595065>
+
+        Reviewed by Zalan Bujtas.
+
+        Roll out this change from the trunk as the issue it fixed no longer occurs.
+
+        * css/MediaQueryEvaluator.cpp:
+        (WebCore::orientationEvaluate):
+        (WebCore::aspectRatioEvaluate):
+        (WebCore::heightEvaluate):
+        (WebCore::widthEvaluate):
+        * page/FrameView.cpp:
+        (WebCore::FrameView::layoutSizeForMediaQuery const): Deleted.
+        * page/FrameView.h:
+        * page/LayoutContext.cpp:
+        (WebCore::LayoutContext::handleLayoutWithFrameFlatteningIfNeeded):
+
+2018-04-23  Daniel Bates  <dabates@apple.com>
+
+        Another attempt to fix the Windows build following r230921
+        (https://bugs.webkit.org/show_bug.cgi?id=159464)
+
+        Pass dictionary key name using a string instead of a constant and pass CFURL* to
+        siteForCookies().
+
+        * platform/network/cf/ResourceRequestCFNet.cpp:
+        (WebCore::ResourceRequest::doUpdatePlatformRequest):
+        (WebCore::ResourceRequest::doUpdateResourceRequest):
+
+2018-04-23  Zalan Bujtas  <zalan@apple.com>
+
+        [LayoutFormattingContext] Initial commit.
+        https://bugs.webkit.org/show_bug.cgi?id=184896
+
+        Reviewed by Antti Koivisto.
+
+        This is the initial commit of the new layout component -class definitions only (and mostly public functions).
+        See the header files (and Tools/LayoutReloaded project) for more information.
+
+        // Top level layout.
+        rootContainer = TreeBuilder::createLayoutTree(document);
+        rootDisplayBox = new Display::Box();
+        rootDisplayBox->setSize(viewportSize);
+        layoutContext = new LayoutContext(rootContainer, rootDisplayBox);
+        layoutContext->layout(rootContainer);
+
+        Driven by build time flag (currently off). Not testable yet.
+
+        * Configurations/FeatureDefines.xcconfig:
+        * Sources.txt:
+        * WebCore.xcodeproj/project.pbxproj:
+        * layout/BlockFormatting/BlockFormattingContext.cpp: Added.
+        * layout/BlockFormatting/BlockFormattingContext.h: Added.
+        * layout/BlockFormatting/BlockFormattingState.cpp: Added.
+        * layout/BlockFormatting/BlockFormattingState.h: Added.
+        * layout/BlockFormatting/BlockMarginCollapse.cpp: Added.
+        * layout/BlockFormatting/BlockMarginCollapse.h: Added.
+        * layout/DisplayTree/DisplayBox.cpp: Added.
+        * layout/DisplayTree/DisplayBox.h: Added.
+        * layout/FloatingContext.cpp: Added.
+        * layout/FloatingContext.h: Added.
+        * layout/FloatingState.cpp: Added.
+        * layout/FloatingState.h: Added.
+        * layout/FormattingContext.cpp: Added.
+        * layout/FormattingContext.h: Added.
+        * layout/FormattingState.cpp: Added.
+        * layout/FormattingState.h: Added.
+        * layout/InlineFormatting/InlineFormattingContext.cpp: Added.
+        * layout/InlineFormatting/InlineFormattingContext.h: Added.
+        * layout/InlineFormatting/InlineFormattingState.cpp: Added.
+        * layout/InlineFormatting/InlineFormattingState.h: Added.
+        * layout/LayoutCtx.cpp: Added.
+        * layout/LayoutCtx.h: Added.
+        * layout/LayoutTree/LayoutBlockContainer.cpp: Added.
+        * layout/LayoutTree/LayoutBlockContainer.h: Added.
+        * layout/LayoutTree/LayoutBox.cpp: Added.
+        * layout/LayoutTree/LayoutBox.h: Added.
+        * layout/LayoutTree/LayoutContainer.cpp: Added.
+        * layout/LayoutTree/LayoutContainer.h: Added.
+        * layout/LayoutTree/LayoutCtx.h: Added.
+        * layout/LayoutTree/LayoutInlineBox.cpp: Added.
+        * layout/LayoutTree/LayoutInlineBox.h: Added.
+        * layout/LayoutTree/LayoutInlineContainer.cpp: Added.
+        * layout/LayoutTree/LayoutInlineContainer.h: Added.
+
+2018-04-23  Daniel Bates  <dabates@apple.com>
+
+        Attempt to fix the Mac and iOS build after r230921
+        (https://bugs.webkit.org/show_bug.cgi?id=159464)
+
+        Pass strings for the dictionary key names instead of using an extern constant as the
+        latter may not be available on all systems.
+
+        * platform/network/mac/CookieJarMac.mm:
+        (WebCore::setHTTPCookiesForURL):
+
+2018-04-23  Daniel Bates  <dabates@apple.com>
+
+        Attempt to fix the build after r230921
+        (https://bugs.webkit.org/show_bug.cgi?id=159464)
+
+        Pass Same-Site info through.
+
+        * platform/network/cf/CookieJarCFNet.cpp:
+        (WebCore::cookieRequestHeaderFieldValue):
+        * platform/network/curl/CookieJarCurl.cpp:
+        (WebCore::cookieRequestHeaderFieldValue):
+        * platform/network/curl/CookieJarCurlDatabase.cpp:
+        (WebCore::CookieJarCurlDatabase::cookieRequestHeaderFieldValue const):
+        * platform/network/soup/CookieJarSoup.cpp:
+        (WebCore::cookieRequestHeaderFieldValue):
+
+2018-04-23  Ryan Haddad  <ryanhaddad@apple.com>
+
+        Unreviewed, speculative macOS build fix attempt.
+
+        * Modules/mediasource/SourceBuffer.cpp:
+        (WebCore::SourceBuffer::provideMediaData):
+
+2018-04-23  Daniel Bates  <dabates@apple.com>
+
+        Implement Same-Site cookies
+        https://bugs.webkit.org/show_bug.cgi?id=159464
+        <rdar://problem/27196358>
+
+        Reviewed by Brent Fulgham.
+
+        Implements support for Same-Site cookies as per <https://tools.ietf.org/html/draft-ietf-httpbis-cookie-same-site-00>.
+        The implementation is materially consistent with the spec. though implements the computation
+        for a document's "site for cookies" indirectly as part of loading its frame. This is done to
+        avoid traversing the frame tree on each subresource request initiated by the document or one
+        of its workers. We take advantage of the fact that Web Workers and Service Workers use their
+        host document's loader to load resources on their behalf to use the correct "site for cookies"
+        for requests (e.g. fetch()) initiating by them without the need to duplicate and store the
+        host document's "site for cookies" in the worker's script execution context.
+
+        The implementation differs from the spec. in the handling of about: URLs and the empty URL
+        and makes the implementation in WebKit match the behavior of Chrome and Firefox as well as
+        consistent with origin inheritance as described in <https://html.spec.whatwg.org/multipage/browsers.html#origin>
+        (16 April 2018). Specifically, requests to about:blank, about:srcdoc and the empty URL ("")
+        are treated as same-site because these URLs inherit their origin from their owner.
+
+        Tests: http/tests/cookies/same-site/fetch-after-navigating-iframe-in-cross-origin-page.html
+               http/tests/cookies/same-site/fetch-after-top-level-navigation-from-cross-origin-page.html
+               http/tests/cookies/same-site/fetch-after-top-level-navigation-initiated-from-iframe-in-cross-origin-page.html
+               http/tests/cookies/same-site/fetch-cookies-set-in-about-blank-iframe.html
+               http/tests/cookies/same-site/fetch-in-about-blank-page.html
+               http/tests/cookies/same-site/fetch-in-cross-origin-iframe.html
+               http/tests/cookies/same-site/fetch-in-cross-origin-page.html
+               http/tests/cookies/same-site/fetch-in-cross-origin-service-worker.html
+               http/tests/cookies/same-site/fetch-in-cross-origin-worker.html
+               http/tests/cookies/same-site/fetch-in-same-origin-page.html
+               http/tests/cookies/same-site/fetch-in-same-origin-service-worker.html
+               http/tests/cookies/same-site/fetch-in-same-origin-srcdoc-iframe.html
+               http/tests/cookies/same-site/fetch-in-same-origin-worker.html
+               http/tests/cookies/same-site/popup-cross-site-post.html
+               http/tests/cookies/same-site/popup-cross-site.html
+               http/tests/cookies/same-site/popup-same-site-post.html
+               http/tests/cookies/same-site/popup-same-site-via-cross-site-redirect.html
+               http/tests/cookies/same-site/popup-same-site-via-same-site-redirect.html
+               http/tests/cookies/same-site/popup-same-site.html
+
+        * Sources.txt: Add source file SameSiteInfo.cpp.
+        * WebCore.xcodeproj/project.pbxproj: Add source files SameSiteInfo.{cpp, h}.
+        * dom/Document.cpp:
+        (WebCore::Document::initSecurityContext): Modified to call SecurityPolicy::shouldInheritSecurityOriginFromOwner().
+        (WebCore::Document::shouldInheritContentSecurityPolicyFromOwner const): Ditto.
+        (WebCore::shouldInheritSecurityOriginFromOwner): Deleted; moved to SecurityPolicy.
+        * dom/Document.h:
+        (WebCore::Document::firstPartyForSameSiteCookies const): Added.
+        (WebCore::Document::setFirstPartyForSameSiteCookies): Added.
+        * loader/CookieJar.cpp:
+        (WebCore::sameSiteInfo): Returns the same-site info for the request used to load the specified document.
+        (WebCore::cookies): Pass the same-site info down to the platform.
+        (WebCore::cookieRequestHeaderFieldProxy): Ditto.
+        (WebCore::setCookies): Ditto.
+        (WebCore::cookieRequestHeaderFieldValue): Ditto.
+        (WebCore::getRawCookies): Ditto.
+        * loader/DocumentLoader.cpp:
+        (WebCore::DocumentLoader::willSendRequest): Add same-site info to the request.
+        (WebCore::DocumentLoader::startLoadingMainResource): Update a FIXME comment to explain that
+        we can simplify ResourceRequestBase if we can remove the call to addExtraFieldsToMainResourceRequest()
+        here. Specifically, we would not need to differentiate between a request with an unspecified
+        same-site state (default state of a new request) from a request whose same-site state has
+        been explicitly set if we can assume that the same-site state of a request is set exactly
+        once. In absence of this guarantee we need an "unspecified" state to avoid overriding existing
+        same-site information computed with a null initiating document (the case of a new address bar
+        initiated load) from a load initiated by the document associated with this loader.
+        * loader/FrameLoader.cpp:
+        (WebCore::FrameLoader::setFirstPartyForCookies): Modified to also update the first party for
+        same-site cookies ("site for cookies").
+        (WebCore::FrameLoader::load): Add same-site info to the request.
+        (WebCore::FrameLoader::reload): Ditto.
+        (WebCore::FrameLoader::setOriginalURLForDownloadRequest): Ditto.
+        (WebCore::FrameLoader::addExtraFieldsToRequest): If the request does not already have
+        same-site info then compute it and add it to the request. Mark main frame main resource
+        requests as a "top-site".
+        (WebCore::FrameLoader::addSameSiteInfoToRequestIfNeeded): Implements the "'Same-site' and 'cross-site'
+        Requests" algorithm from <https://tools.ietf.org/html/draft-ietf-httpbis-cookie-same-site-00#section-2.1>.
+        (WebCore::createWindow): Add same-site info to the request.
+        * loader/FrameLoader.h:
+        * loader/ResourceLoader.cpp:
+        (WebCore::ResourceLoader::init): Ditto.
+        * page/DOMWindow.cpp:
+        (WebCore::DOMWindow::createWindow): Ditto.
+        * page/SecurityPolicy.cpp:
+        (WebCore::SecurityPolicy::shouldInheritSecurityOriginFromOwner): Moved from Document.cpp.
+        * page/SecurityPolicy.h:
+        * platform/CookiesStrategy.h:
+        * platform/network/CacheValidation.cpp:
+        (WebCore::headerValueForVary): Pass the same-site info down to the platform.
+        * platform/network/CookieRequestHeaderFieldProxy.h:
+        (WebCore::CookieRequestHeaderFieldProxy::encode const): Encode same-site bits.
+        (WebCore::CookieRequestHeaderFieldProxy::decode): Decode same-site bits.
+        * platform/network/PlatformCookieJar.h:
+        * platform/network/ResourceRequestBase.cpp:
+        (WebCore::ResourceRequestBase::setAsIsolatedCopy): Added.
+        (WebCore::ResourceRequestBase::isSameSite const): Added.
+        (WebCore::ResourceRequestBase::setIsSameSite): Added.
+        (WebCore::ResourceRequestBase::isTopSite const): Added.
+        (WebCore::ResourceRequestBase::setIsTopSite): Added.
+        (WebCore::equalIgnoringHeaderFields):
+        * platform/network/ResourceRequestBase.h:
+        (WebCore::ResourceRequestBase::isSameSiteUnspecified const): Added. See comment for DocumentLoader::startLoadingMainResource()
+        for more details.
+        (WebCore::registrableDomainsAreEqual): Added.
+        (WebCore::ResourceRequestBase::encodeBase const): Encode same-site bits.
+        (WebCore::ResourceRequestBase::decodeBase): Decode same-site bits.
+        * platform/network/SameSiteInfo.cpp: Added.
+        (WebCore::SameSiteInfo::create):
+        * platform/network/SameSiteInfo.h: Added.
+        (WebCore::SameSiteInfo::encode const):
+        (WebCore::SameSiteInfo::decode):
+        * platform/network/cf/CookieJarCFNet.cpp:
+        (WebCore::setCookiesFromDOM): Pass Same-Site info down.
+        (WebCore::cookiesForDOM): Ditto.
+        (WebCore::cookieRequestHeaderFieldValue): Ditto.
+        (WebCore::getRawCookies): Ditto.
+        * platform/network/cf/ResourceRequestCFNet.cpp:
+        (WebCore::siteForCookies): Added.
+        (WebCore::ResourceRequest::doUpdatePlatformRequest): Update platform request with same-site info.
+        (WebCore::ResourceRequest::doUpdateResourceRequest): Ditto.
+        * platform/network/cocoa/ResourceRequestCocoa.mm:
+        (WebCore::ResourceRequest::doUpdateResourceRequest): Ditto.
+        (WebCore::siteForCookies): Added.
+        (WebCore::ResourceRequest::doUpdatePlatformRequest): Update platform request with same-site info.
+        * platform/network/curl/CookieJarCurl.cpp:
+        (WebCore::cookiesForDOM): Pass Same-Site info down.
+        (WebCore::setCookiesFromDOM): Ditto.
+        (WebCore::cookieRequestHeaderFieldValue): Ditto.
+        (WebCore::getRawCookies): Ditto.
+        * platform/network/curl/CookieJarCurl.h:
+        * platform/network/curl/CookieJarCurlDatabase.cpp:
+        (WebCore::CookieJarCurlDatabase::setCookiesFromDOM const): Ditto.
+        (WebCore::CookieJarCurlDatabase::cookiesForDOM const): Ditto.
+        (WebCore::CookieJarCurlDatabase::cookieRequestHeaderFieldValue const): Ditto.
+        (WebCore::CookieJarCurlDatabase::getRawCookies const): Ditto.
+        * platform/network/curl/CookieJarCurlDatabase.h:
+        * platform/network/curl/ResourceHandleCurl.cpp:
+        (WebCore::ResourceHandle::createCurlRequest): Ditto.
+        * platform/network/mac/CookieJarMac.mm:
+        (WebCore::cookiesForURL): Added; shared function to return the cookies based on the specified criterion. 
+        (WebCore::setHTTPCookiesForURL): Moved from the bottom of the file to top to be closer to the other
+        CFNetwork helper functions. Modified to support fetching same-site cookies.
+        (WebCore::httpCookiesForURL): Moved to be under setHTTPCookiesForURL(). Modified to call cookiesForURL().
+        Note the SPI used in cookiesForURL() apply the same criterion for whether to fetch secure cookies as we
+        were computing here. That is, the CFNetwork SPI only returns secure cookies if the specified URL's scheme
+        case-insensitively matches "https".
+        (WebCore::cookiesInPartitionForURL): Wrote in terms of cookiesForURL().
+        (WebCore::cookiesForSession): Pass the Same-Site info.
+        (WebCore::cookiesForDOM): Ditto.
+        (WebCore::cookieRequestHeaderFieldValue): Ditto.
+        (WebCore::setCookiesFromDOM): Ditto.
+        (WebCore::getRawCookies): Ditto.
+        (WebCore::deleteCookie): Pass std::nullopt for the Same-Site info so that we do not consider the SameSite
+        attribute when fetching cookies to delete.
+        * platform/network/soup/CookieJarSoup.cpp:
+        (WebCore::setCookiesFromDOM): Pass the Same-Site info.
+        (WebCore::cookiesForDOM): Ditto.
+        (WebCore::cookieRequestHeaderFieldValue): Ditto.
+        (WebCore::getRawCookies): Ditto.
+        * workers/service/context/ServiceWorkerThreadProxy.cpp:
+        (WebCore::createPageForServiceWorker): Set the first party for same site cookies ("site for cookies") to
+        the script URL.
+        * xml/XSLTProcessor.cpp:
+        (WebCore::XSLTProcessor::createDocumentFromSource): Copy the first party for same-site cookies to the
+        new document.
+
+2018-04-23  Chris Dumez  <cdumez@apple.com>
+
+        HTML String load cannot be prevented by responding 'Cancel' asynchronously in decidePolicyForNavigationAction
+        https://bugs.webkit.org/show_bug.cgi?id=184848
+        <rdar://problem/39145306>
+
+        Reviewed by Brady Eidson.
+
+        When calling loadHTMLString on a WebView, we end up doing a load for 'about:blank'
+        with substitute data. In such case, we want to do a regular asynchronous policy
+        delegate check, there is no reason we need it to be synchronous. Update our check
+        to make sure we only do a synchronous policy check for initial 'about:blank' loads
+        that do not have substitute data.
+
+        * loader/PolicyChecker.cpp:
+        (WebCore::PolicyChecker::checkNavigationPolicy):
+
+2018-04-23  Wenson Hsieh  <wenson_hsieh@apple.com>
+
+        [Extra zoom mode] 100vw is roughly half of the viewport width in extra zoom mode
+        https://bugs.webkit.org/show_bug.cgi?id=184871
+        <rdar://problem/39477595>
+
+        Reviewed by Andy Estes.
+
+        Currently, when computing CSS viewport units, we use ViewportConfiguration::initialScaleIgnoringContentSize().
+        This method computes an initial scale from the layout width and height without relying on any information
+        derived from the current content size. This is done to ensure that the content size and viewport dimensions for
+        CSS viewport units should not be simultaneously dependent on each other.
+
+        Since shrink-to-fit heuristics depend on content size, we currently assume that shrink-to-fit is disabled when
+        computing initialScaleIgnoringContentSize, by always passing in `false` for `shouldIgnoreScalingConstraints`.
+        However, in extra zoom mode, the opposite is true: since we force both `m_canIgnoreScalingConstraints` and
+        `m_forceHorizontalShrinkToFit` to be `true` in this mode, we will always try to shrink-to-fit regardless of
+        content size.
+
+        Because of this shrink-to-fit disparity between `initialScale` and `initialScaleIgnoringContentSize`, viewport
+        units in extra zoom mode are currently computed assuming an initial scale set by the page, whereas the real
+        viewport is scaled to fit, which causes any lengths computed in terms of vw and vh to be incorrect. To fix this,
+        we introduce a version of shouldIgnoreScalingConstraints() that returns `true` iff scaling constraints are
+        always ignored, regardless of content size. We then use this in initialScaleIgnoringContentSize, instead of
+        always passing in `false` for `shouldIgnoreScalingConstraints`.
+
+        Test: fast/css/extrazoom/viewport-units-shrink-to-fit.html
+
+        * page/ViewportConfiguration.cpp:
+        (WebCore::ViewportConfiguration::shouldIgnoreScalingConstraintsRegardlessOfContentSize const):
+        (WebCore::ViewportConfiguration::initialScaleIgnoringContentSize const):
+        * page/ViewportConfiguration.h:
+
+2018-04-23  Zalan Bujtas  <zalan@apple.com>
+
+        [Simple line layout] Generate inline boxtree using simple line layout runs.
+        https://bugs.webkit.org/show_bug.cgi?id=184833
+
+        Reviewed by Antti Koivisto.
+
+        RenderBlockFlow::ensureLineBoxes triggers line layout on the block content to replace
+        the simple line layout runs with an inline boxtree. The runs generated by the fast path
+        should always match the inline tree boxes.
+        In this patch instead of triggering layout, we just convert the simple line runs to
+        inline boxes.
+        Currently, it works with only one, non-paginated text renderer, but we should be
+        able to extend it to all the simple line layout content.   
+
+        Covered by existing tests.
+
+        * rendering/InlineBox.h:
+        (WebCore::InlineBox::setHasHyphen):
+        (WebCore::InlineBox::setCanHaveLeadingExpansion):
+        (WebCore::InlineBox::setCanHaveTrailingExpansion):
+        (WebCore::InlineBox::setForceTrailingExpansion):
+        (WebCore::InlineBox::setForceLeadingExpansion):
+        (WebCore::InlineBox::hasHyphen const):
+        (WebCore::InlineBox::canHaveLeadingExpansion const):
+        (WebCore::InlineBox::canHaveTrailingExpansion const):
+        (WebCore::InlineBox::forceTrailingExpansion const):
+        * rendering/RenderBlockFlow.cpp:
+        (WebCore::RenderBlockFlow::ensureLineBoxes):
+        * rendering/RenderBlockFlow.h:
+        * rendering/SimpleLineLayoutFlowContents.h:
+        (WebCore::SimpleLineLayout::FlowContents::segmentForRun const):
+        * rendering/SimpleLineLayoutFunctions.cpp:
+        (WebCore::SimpleLineLayout::canUseForLineBoxTree):
+        (WebCore::SimpleLineLayout::initializeInlineBox):
+        (WebCore::SimpleLineLayout::generateLineBoxTree):
+        * rendering/SimpleLineLayoutFunctions.h:
+        * rendering/SimpleLineLayoutResolver.cpp:
+        (WebCore::SimpleLineLayout::RunResolver::rangeForLine const):
+        * rendering/SimpleLineLayoutResolver.h:
+
 2018-04-23  Zan Dobersek  <zdobersek@igalia.com>
 
         [CoordGraphics] Remove unused trajectory cruft in CoordinatedLayerTreeHost, CoordinatedGraphicsLayer