REGRESSION (r220112): reCAPTCHA images render off screen on Twitch.tv app Log In...
[WebKit-https.git] / Source / WebCore / ChangeLog
index d0949df..74df252 100644 (file)
@@ -1,3 +1,542 @@
+2018-04-23  Antti Koivisto  <antti@apple.com>
+
+        REGRESSION (r220112): reCAPTCHA images render off screen on Twitch.tv app Log In or Sign Up
+        https://bugs.webkit.org/show_bug.cgi?id=182859
+        <rdar://problem/37595065>
+
+        Reviewed by Zalan Bujtas.
+
+        Roll out this change from the trunk as the issue it fixed no longer occurs.
+
+        * css/MediaQueryEvaluator.cpp:
+        (WebCore::orientationEvaluate):
+        (WebCore::aspectRatioEvaluate):
+        (WebCore::heightEvaluate):
+        (WebCore::widthEvaluate):
+        * page/FrameView.cpp:
+        (WebCore::FrameView::layoutSizeForMediaQuery const): Deleted.
+        * page/FrameView.h:
+        * page/LayoutContext.cpp:
+        (WebCore::LayoutContext::handleLayoutWithFrameFlatteningIfNeeded):
+
+2018-04-23  Daniel Bates  <dabates@apple.com>
+
+        Another attempt to fix the Windows build following r230921
+        (https://bugs.webkit.org/show_bug.cgi?id=159464)
+
+        Pass dictionary key name using a string instead of a constant and pass CFURL* to
+        siteForCookies().
+
+        * platform/network/cf/ResourceRequestCFNet.cpp:
+        (WebCore::ResourceRequest::doUpdatePlatformRequest):
+        (WebCore::ResourceRequest::doUpdateResourceRequest):
+
+2018-04-23  Zalan Bujtas  <zalan@apple.com>
+
+        [LayoutFormattingContext] Initial commit.
+        https://bugs.webkit.org/show_bug.cgi?id=184896
+
+        Reviewed by Antti Koivisto.
+
+        This is the initial commit of the new layout component -class definitions only (and mostly public functions).
+        See the header files (and Tools/LayoutReloaded project) for more information.
+
+        // Top level layout.
+        rootContainer = TreeBuilder::createLayoutTree(document);
+        rootDisplayBox = new Display::Box();
+        rootDisplayBox->setSize(viewportSize);
+        layoutContext = new LayoutContext(rootContainer, rootDisplayBox);
+        layoutContext->layout(rootContainer);
+
+        Driven by build time flag (currently off). Not testable yet.
+
+        * Configurations/FeatureDefines.xcconfig:
+        * Sources.txt:
+        * WebCore.xcodeproj/project.pbxproj:
+        * layout/BlockFormatting/BlockFormattingContext.cpp: Added.
+        * layout/BlockFormatting/BlockFormattingContext.h: Added.
+        * layout/BlockFormatting/BlockFormattingState.cpp: Added.
+        * layout/BlockFormatting/BlockFormattingState.h: Added.
+        * layout/BlockFormatting/BlockMarginCollapse.cpp: Added.
+        * layout/BlockFormatting/BlockMarginCollapse.h: Added.
+        * layout/DisplayTree/DisplayBox.cpp: Added.
+        * layout/DisplayTree/DisplayBox.h: Added.
+        * layout/FloatingContext.cpp: Added.
+        * layout/FloatingContext.h: Added.
+        * layout/FloatingState.cpp: Added.
+        * layout/FloatingState.h: Added.
+        * layout/FormattingContext.cpp: Added.
+        * layout/FormattingContext.h: Added.
+        * layout/FormattingState.cpp: Added.
+        * layout/FormattingState.h: Added.
+        * layout/InlineFormatting/InlineFormattingContext.cpp: Added.
+        * layout/InlineFormatting/InlineFormattingContext.h: Added.
+        * layout/InlineFormatting/InlineFormattingState.cpp: Added.
+        * layout/InlineFormatting/InlineFormattingState.h: Added.
+        * layout/LayoutCtx.cpp: Added.
+        * layout/LayoutCtx.h: Added.
+        * layout/LayoutTree/LayoutBlockContainer.cpp: Added.
+        * layout/LayoutTree/LayoutBlockContainer.h: Added.
+        * layout/LayoutTree/LayoutBox.cpp: Added.
+        * layout/LayoutTree/LayoutBox.h: Added.
+        * layout/LayoutTree/LayoutContainer.cpp: Added.
+        * layout/LayoutTree/LayoutContainer.h: Added.
+        * layout/LayoutTree/LayoutCtx.h: Added.
+        * layout/LayoutTree/LayoutInlineBox.cpp: Added.
+        * layout/LayoutTree/LayoutInlineBox.h: Added.
+        * layout/LayoutTree/LayoutInlineContainer.cpp: Added.
+        * layout/LayoutTree/LayoutInlineContainer.h: Added.
+
+2018-04-23  Daniel Bates  <dabates@apple.com>
+
+        Attempt to fix the Mac and iOS build after r230921
+        (https://bugs.webkit.org/show_bug.cgi?id=159464)
+
+        Pass strings for the dictionary key names instead of using an extern constant as the
+        latter may not be available on all systems.
+
+        * platform/network/mac/CookieJarMac.mm:
+        (WebCore::setHTTPCookiesForURL):
+
+2018-04-23  Daniel Bates  <dabates@apple.com>
+
+        Attempt to fix the build after r230921
+        (https://bugs.webkit.org/show_bug.cgi?id=159464)
+
+        Pass Same-Site info through.
+
+        * platform/network/cf/CookieJarCFNet.cpp:
+        (WebCore::cookieRequestHeaderFieldValue):
+        * platform/network/curl/CookieJarCurl.cpp:
+        (WebCore::cookieRequestHeaderFieldValue):
+        * platform/network/curl/CookieJarCurlDatabase.cpp:
+        (WebCore::CookieJarCurlDatabase::cookieRequestHeaderFieldValue const):
+        * platform/network/soup/CookieJarSoup.cpp:
+        (WebCore::cookieRequestHeaderFieldValue):
+
+2018-04-23  Ryan Haddad  <ryanhaddad@apple.com>
+
+        Unreviewed, speculative macOS build fix attempt.
+
+        * Modules/mediasource/SourceBuffer.cpp:
+        (WebCore::SourceBuffer::provideMediaData):
+
+2018-04-23  Daniel Bates  <dabates@apple.com>
+
+        Implement Same-Site cookies
+        https://bugs.webkit.org/show_bug.cgi?id=159464
+        <rdar://problem/27196358>
+
+        Reviewed by Brent Fulgham.
+
+        Implements support for Same-Site cookies as per <https://tools.ietf.org/html/draft-ietf-httpbis-cookie-same-site-00>.
+        The implementation is materially consistent with the spec. though implements the computation
+        for a document's "site for cookies" indirectly as part of loading its frame. This is done to
+        avoid traversing the frame tree on each subresource request initiated by the document or one
+        of its workers. We take advantage of the fact that Web Workers and Service Workers use their
+        host document's loader to load resources on their behalf to use the correct "site for cookies"
+        for requests (e.g. fetch()) initiating by them without the need to duplicate and store the
+        host document's "site for cookies" in the worker's script execution context.
+
+        The implementation differs from the spec. in the handling of about: URLs and the empty URL
+        and makes the implementation in WebKit match the behavior of Chrome and Firefox as well as
+        consistent with origin inheritance as described in <https://html.spec.whatwg.org/multipage/browsers.html#origin>
+        (16 April 2018). Specifically, requests to about:blank, about:srcdoc and the empty URL ("")
+        are treated as same-site because these URLs inherit their origin from their owner.
+
+        Tests: http/tests/cookies/same-site/fetch-after-navigating-iframe-in-cross-origin-page.html
+               http/tests/cookies/same-site/fetch-after-top-level-navigation-from-cross-origin-page.html
+               http/tests/cookies/same-site/fetch-after-top-level-navigation-initiated-from-iframe-in-cross-origin-page.html
+               http/tests/cookies/same-site/fetch-cookies-set-in-about-blank-iframe.html
+               http/tests/cookies/same-site/fetch-in-about-blank-page.html
+               http/tests/cookies/same-site/fetch-in-cross-origin-iframe.html
+               http/tests/cookies/same-site/fetch-in-cross-origin-page.html
+               http/tests/cookies/same-site/fetch-in-cross-origin-service-worker.html
+               http/tests/cookies/same-site/fetch-in-cross-origin-worker.html
+               http/tests/cookies/same-site/fetch-in-same-origin-page.html
+               http/tests/cookies/same-site/fetch-in-same-origin-service-worker.html
+               http/tests/cookies/same-site/fetch-in-same-origin-srcdoc-iframe.html
+               http/tests/cookies/same-site/fetch-in-same-origin-worker.html
+               http/tests/cookies/same-site/popup-cross-site-post.html
+               http/tests/cookies/same-site/popup-cross-site.html
+               http/tests/cookies/same-site/popup-same-site-post.html
+               http/tests/cookies/same-site/popup-same-site-via-cross-site-redirect.html
+               http/tests/cookies/same-site/popup-same-site-via-same-site-redirect.html
+               http/tests/cookies/same-site/popup-same-site.html
+
+        * Sources.txt: Add source file SameSiteInfo.cpp.
+        * WebCore.xcodeproj/project.pbxproj: Add source files SameSiteInfo.{cpp, h}.
+        * dom/Document.cpp:
+        (WebCore::Document::initSecurityContext): Modified to call SecurityPolicy::shouldInheritSecurityOriginFromOwner().
+        (WebCore::Document::shouldInheritContentSecurityPolicyFromOwner const): Ditto.
+        (WebCore::shouldInheritSecurityOriginFromOwner): Deleted; moved to SecurityPolicy.
+        * dom/Document.h:
+        (WebCore::Document::firstPartyForSameSiteCookies const): Added.
+        (WebCore::Document::setFirstPartyForSameSiteCookies): Added.
+        * loader/CookieJar.cpp:
+        (WebCore::sameSiteInfo): Returns the same-site info for the request used to load the specified document.
+        (WebCore::cookies): Pass the same-site info down to the platform.
+        (WebCore::cookieRequestHeaderFieldProxy): Ditto.
+        (WebCore::setCookies): Ditto.
+        (WebCore::cookieRequestHeaderFieldValue): Ditto.
+        (WebCore::getRawCookies): Ditto.
+        * loader/DocumentLoader.cpp:
+        (WebCore::DocumentLoader::willSendRequest): Add same-site info to the request.
+        (WebCore::DocumentLoader::startLoadingMainResource): Update a FIXME comment to explain that
+        we can simplify ResourceRequestBase if we can remove the call to addExtraFieldsToMainResourceRequest()
+        here. Specifically, we would not need to differentiate between a request with an unspecified
+        same-site state (default state of a new request) from a request whose same-site state has
+        been explicitly set if we can assume that the same-site state of a request is set exactly
+        once. In absence of this guarantee we need an "unspecified" state to avoid overriding existing
+        same-site information computed with a null initiating document (the case of a new address bar
+        initiated load) from a load initiated by the document associated with this loader.
+        * loader/FrameLoader.cpp:
+        (WebCore::FrameLoader::setFirstPartyForCookies): Modified to also update the first party for
+        same-site cookies ("site for cookies").
+        (WebCore::FrameLoader::load): Add same-site info to the request.
+        (WebCore::FrameLoader::reload): Ditto.
+        (WebCore::FrameLoader::setOriginalURLForDownloadRequest): Ditto.
+        (WebCore::FrameLoader::addExtraFieldsToRequest): If the request does not already have
+        same-site info then compute it and add it to the request. Mark main frame main resource
+        requests as a "top-site".
+        (WebCore::FrameLoader::addSameSiteInfoToRequestIfNeeded): Implements the "'Same-site' and 'cross-site'
+        Requests" algorithm from <https://tools.ietf.org/html/draft-ietf-httpbis-cookie-same-site-00#section-2.1>.
+        (WebCore::createWindow): Add same-site info to the request.
+        * loader/FrameLoader.h:
+        * loader/ResourceLoader.cpp:
+        (WebCore::ResourceLoader::init): Ditto.
+        * page/DOMWindow.cpp:
+        (WebCore::DOMWindow::createWindow): Ditto.
+        * page/SecurityPolicy.cpp:
+        (WebCore::SecurityPolicy::shouldInheritSecurityOriginFromOwner): Moved from Document.cpp.
+        * page/SecurityPolicy.h:
+        * platform/CookiesStrategy.h:
+        * platform/network/CacheValidation.cpp:
+        (WebCore::headerValueForVary): Pass the same-site info down to the platform.
+        * platform/network/CookieRequestHeaderFieldProxy.h:
+        (WebCore::CookieRequestHeaderFieldProxy::encode const): Encode same-site bits.
+        (WebCore::CookieRequestHeaderFieldProxy::decode): Decode same-site bits.
+        * platform/network/PlatformCookieJar.h:
+        * platform/network/ResourceRequestBase.cpp:
+        (WebCore::ResourceRequestBase::setAsIsolatedCopy): Added.
+        (WebCore::ResourceRequestBase::isSameSite const): Added.
+        (WebCore::ResourceRequestBase::setIsSameSite): Added.
+        (WebCore::ResourceRequestBase::isTopSite const): Added.
+        (WebCore::ResourceRequestBase::setIsTopSite): Added.
+        (WebCore::equalIgnoringHeaderFields):
+        * platform/network/ResourceRequestBase.h:
+        (WebCore::ResourceRequestBase::isSameSiteUnspecified const): Added. See comment for DocumentLoader::startLoadingMainResource()
+        for more details.
+        (WebCore::registrableDomainsAreEqual): Added.
+        (WebCore::ResourceRequestBase::encodeBase const): Encode same-site bits.
+        (WebCore::ResourceRequestBase::decodeBase): Decode same-site bits.
+        * platform/network/SameSiteInfo.cpp: Added.
+        (WebCore::SameSiteInfo::create):
+        * platform/network/SameSiteInfo.h: Added.
+        (WebCore::SameSiteInfo::encode const):
+        (WebCore::SameSiteInfo::decode):
+        * platform/network/cf/CookieJarCFNet.cpp:
+        (WebCore::setCookiesFromDOM): Pass Same-Site info down.
+        (WebCore::cookiesForDOM): Ditto.
+        (WebCore::cookieRequestHeaderFieldValue): Ditto.
+        (WebCore::getRawCookies): Ditto.
+        * platform/network/cf/ResourceRequestCFNet.cpp:
+        (WebCore::siteForCookies): Added.
+        (WebCore::ResourceRequest::doUpdatePlatformRequest): Update platform request with same-site info.
+        (WebCore::ResourceRequest::doUpdateResourceRequest): Ditto.
+        * platform/network/cocoa/ResourceRequestCocoa.mm:
+        (WebCore::ResourceRequest::doUpdateResourceRequest): Ditto.
+        (WebCore::siteForCookies): Added.
+        (WebCore::ResourceRequest::doUpdatePlatformRequest): Update platform request with same-site info.
+        * platform/network/curl/CookieJarCurl.cpp:
+        (WebCore::cookiesForDOM): Pass Same-Site info down.
+        (WebCore::setCookiesFromDOM): Ditto.
+        (WebCore::cookieRequestHeaderFieldValue): Ditto.
+        (WebCore::getRawCookies): Ditto.
+        * platform/network/curl/CookieJarCurl.h:
+        * platform/network/curl/CookieJarCurlDatabase.cpp:
+        (WebCore::CookieJarCurlDatabase::setCookiesFromDOM const): Ditto.
+        (WebCore::CookieJarCurlDatabase::cookiesForDOM const): Ditto.
+        (WebCore::CookieJarCurlDatabase::cookieRequestHeaderFieldValue const): Ditto.
+        (WebCore::CookieJarCurlDatabase::getRawCookies const): Ditto.
+        * platform/network/curl/CookieJarCurlDatabase.h:
+        * platform/network/curl/ResourceHandleCurl.cpp:
+        (WebCore::ResourceHandle::createCurlRequest): Ditto.
+        * platform/network/mac/CookieJarMac.mm:
+        (WebCore::cookiesForURL): Added; shared function to return the cookies based on the specified criterion. 
+        (WebCore::setHTTPCookiesForURL): Moved from the bottom of the file to top to be closer to the other
+        CFNetwork helper functions. Modified to support fetching same-site cookies.
+        (WebCore::httpCookiesForURL): Moved to be under setHTTPCookiesForURL(). Modified to call cookiesForURL().
+        Note the SPI used in cookiesForURL() apply the same criterion for whether to fetch secure cookies as we
+        were computing here. That is, the CFNetwork SPI only returns secure cookies if the specified URL's scheme
+        case-insensitively matches "https".
+        (WebCore::cookiesInPartitionForURL): Wrote in terms of cookiesForURL().
+        (WebCore::cookiesForSession): Pass the Same-Site info.
+        (WebCore::cookiesForDOM): Ditto.
+        (WebCore::cookieRequestHeaderFieldValue): Ditto.
+        (WebCore::setCookiesFromDOM): Ditto.
+        (WebCore::getRawCookies): Ditto.
+        (WebCore::deleteCookie): Pass std::nullopt for the Same-Site info so that we do not consider the SameSite
+        attribute when fetching cookies to delete.
+        * platform/network/soup/CookieJarSoup.cpp:
+        (WebCore::setCookiesFromDOM): Pass the Same-Site info.
+        (WebCore::cookiesForDOM): Ditto.
+        (WebCore::cookieRequestHeaderFieldValue): Ditto.
+        (WebCore::getRawCookies): Ditto.
+        * workers/service/context/ServiceWorkerThreadProxy.cpp:
+        (WebCore::createPageForServiceWorker): Set the first party for same site cookies ("site for cookies") to
+        the script URL.
+        * xml/XSLTProcessor.cpp:
+        (WebCore::XSLTProcessor::createDocumentFromSource): Copy the first party for same-site cookies to the
+        new document.
+
+2018-04-23  Chris Dumez  <cdumez@apple.com>
+
+        HTML String load cannot be prevented by responding 'Cancel' asynchronously in decidePolicyForNavigationAction
+        https://bugs.webkit.org/show_bug.cgi?id=184848
+        <rdar://problem/39145306>
+
+        Reviewed by Brady Eidson.
+
+        When calling loadHTMLString on a WebView, we end up doing a load for 'about:blank'
+        with substitute data. In such case, we want to do a regular asynchronous policy
+        delegate check, there is no reason we need it to be synchronous. Update our check
+        to make sure we only do a synchronous policy check for initial 'about:blank' loads
+        that do not have substitute data.
+
+        * loader/PolicyChecker.cpp:
+        (WebCore::PolicyChecker::checkNavigationPolicy):
+
+2018-04-23  Wenson Hsieh  <wenson_hsieh@apple.com>
+
+        [Extra zoom mode] 100vw is roughly half of the viewport width in extra zoom mode
+        https://bugs.webkit.org/show_bug.cgi?id=184871
+        <rdar://problem/39477595>
+
+        Reviewed by Andy Estes.
+
+        Currently, when computing CSS viewport units, we use ViewportConfiguration::initialScaleIgnoringContentSize().
+        This method computes an initial scale from the layout width and height without relying on any information
+        derived from the current content size. This is done to ensure that the content size and viewport dimensions for
+        CSS viewport units should not be simultaneously dependent on each other.
+
+        Since shrink-to-fit heuristics depend on content size, we currently assume that shrink-to-fit is disabled when
+        computing initialScaleIgnoringContentSize, by always passing in `false` for `shouldIgnoreScalingConstraints`.
+        However, in extra zoom mode, the opposite is true: since we force both `m_canIgnoreScalingConstraints` and
+        `m_forceHorizontalShrinkToFit` to be `true` in this mode, we will always try to shrink-to-fit regardless of
+        content size.
+
+        Because of this shrink-to-fit disparity between `initialScale` and `initialScaleIgnoringContentSize`, viewport
+        units in extra zoom mode are currently computed assuming an initial scale set by the page, whereas the real
+        viewport is scaled to fit, which causes any lengths computed in terms of vw and vh to be incorrect. To fix this,
+        we introduce a version of shouldIgnoreScalingConstraints() that returns `true` iff scaling constraints are
+        always ignored, regardless of content size. We then use this in initialScaleIgnoringContentSize, instead of
+        always passing in `false` for `shouldIgnoreScalingConstraints`.
+
+        Test: fast/css/extrazoom/viewport-units-shrink-to-fit.html
+
+        * page/ViewportConfiguration.cpp:
+        (WebCore::ViewportConfiguration::shouldIgnoreScalingConstraintsRegardlessOfContentSize const):
+        (WebCore::ViewportConfiguration::initialScaleIgnoringContentSize const):
+        * page/ViewportConfiguration.h:
+
+2018-04-23  Zalan Bujtas  <zalan@apple.com>
+
+        [Simple line layout] Generate inline boxtree using simple line layout runs.
+        https://bugs.webkit.org/show_bug.cgi?id=184833
+
+        Reviewed by Antti Koivisto.
+
+        RenderBlockFlow::ensureLineBoxes triggers line layout on the block content to replace
+        the simple line layout runs with an inline boxtree. The runs generated by the fast path
+        should always match the inline tree boxes.
+        In this patch instead of triggering layout, we just convert the simple line runs to
+        inline boxes.
+        Currently, it works with only one, non-paginated text renderer, but we should be
+        able to extend it to all the simple line layout content.   
+
+        Covered by existing tests.
+
+        * rendering/InlineBox.h:
+        (WebCore::InlineBox::setHasHyphen):
+        (WebCore::InlineBox::setCanHaveLeadingExpansion):
+        (WebCore::InlineBox::setCanHaveTrailingExpansion):
+        (WebCore::InlineBox::setForceTrailingExpansion):
+        (WebCore::InlineBox::setForceLeadingExpansion):
+        (WebCore::InlineBox::hasHyphen const):
+        (WebCore::InlineBox::canHaveLeadingExpansion const):
+        (WebCore::InlineBox::canHaveTrailingExpansion const):
+        (WebCore::InlineBox::forceTrailingExpansion const):
+        * rendering/RenderBlockFlow.cpp:
+        (WebCore::RenderBlockFlow::ensureLineBoxes):
+        * rendering/RenderBlockFlow.h:
+        * rendering/SimpleLineLayoutFlowContents.h:
+        (WebCore::SimpleLineLayout::FlowContents::segmentForRun const):
+        * rendering/SimpleLineLayoutFunctions.cpp:
+        (WebCore::SimpleLineLayout::canUseForLineBoxTree):
+        (WebCore::SimpleLineLayout::initializeInlineBox):
+        (WebCore::SimpleLineLayout::generateLineBoxTree):
+        * rendering/SimpleLineLayoutFunctions.h:
+        * rendering/SimpleLineLayoutResolver.cpp:
+        (WebCore::SimpleLineLayout::RunResolver::rangeForLine const):
+        * rendering/SimpleLineLayoutResolver.h:
+
+2018-04-23  Zan Dobersek  <zdobersek@igalia.com>
+
+        [CoordGraphics] Remove unused trajectory cruft in CoordinatedLayerTreeHost, CoordinatedGraphicsLayer
+        https://bugs.webkit.org/show_bug.cgi?id=184881
+
+        Reviewed by Michael Catanzaro.
+
+        Remove the redundant findFirstDescendantWithContentsRecursively() and
+        setVisibleContentRectTrajectoryVector() methods on the
+        CoordinatedGraphicsLayer class.
+
+        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
+        (WebCore::CoordinatedGraphicsLayer::findFirstDescendantWithContentsRecursively): Deleted.
+        (WebCore::CoordinatedGraphicsLayer::setVisibleContentRectTrajectoryVector): Deleted.
+        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
+
+2018-04-23  Zan Dobersek  <zdobersek@igalia.com>
+
+        [CoordGraphics] TiledBackingStore unnecessarily tracks alpha support value
+        https://bugs.webkit.org/show_bug.cgi?id=184880
+
+        Reviewed by Michael Catanzaro.
+
+        Drop the m_supportsAlpha member from the TiledBackingStore class. The
+        member value was unused. TiledBackingStore::setSupportsAlpha() method
+        is removed.
+
+        TiledBackingStore::setSupportsAlpha() invalidated the backing store,
+        so CoordinatedGraphicsLayer::setContentsOpaque() now enforces the same
+        behavior by manually updating the m_needsDisplay struct. This means
+        that during the following layer flush the backing store is repainted
+        in its entirety.
+
+        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
+        (WebCore::CoordinatedGraphicsLayer::setContentsOpaque):
+        (WebCore::CoordinatedGraphicsLayer::createBackingStore):
+        * platform/graphics/texmap/coordinated/TiledBackingStore.cpp:
+        (WebCore::TiledBackingStore::TiledBackingStore):
+        (WebCore::TiledBackingStore::setSupportsAlpha): Deleted.
+        * platform/graphics/texmap/coordinated/TiledBackingStore.h:
+
+2018-04-23  Thibault Saunier  <tsaunier@igalia.com>
+
+        [GStreamer] Start implementing Audio/VideoTrackPrivateGSTreamer::kind method
+        https://bugs.webkit.org/show_bug.cgi?id=184650
+
+        Reviewed by Philippe Normand.
+
+        In the playbin3 case we can assume that if the GstStream is selected by default,
+        it is the Main track of that kind.
+
+        No new tests are added as:
+            * It relies on playbin3 case which support might be compiled out
+            * we already have a few test that are currently disabled in the mediastream
+              testsuite. This patch is part of the work to enable them.
+
+        * platform/graphics/gstreamer/AudioTrackPrivateGStreamer.cpp:
+        (WebCore::AudioTrackPrivateGStreamer::kind const):
+        * platform/graphics/gstreamer/AudioTrackPrivateGStreamer.h:
+        * platform/graphics/gstreamer/VideoTrackPrivateGStreamer.cpp:
+        (WebCore::VideoTrackPrivateGStreamer::kind const):
+        * platform/graphics/gstreamer/VideoTrackPrivateGStreamer.h:
+
+2018-04-23  Alicia Boya GarcĂ­a  <aboya@igalia.com>
+
+        [MSE] Add allSamplesInTrackEnqueued event
+        https://bugs.webkit.org/show_bug.cgi?id=184737
+
+        MediaSource has a .endOfStream() method to signal when there are no more frames
+        after the ones currently buffered.
+
+        This bit of data is important for some multimedia frameworks. For instance, in
+        GStreamer a stream of frames being decoded should be terminated by a
+        'end-of-stream' (EOS) event that has a similar meaning. Some GStreamer elements
+        will expect this event in order to work properly under some circumstances.
+
+        Unfortunately currently WebKit provides no mechanism for this: an event of
+        sorts should be emitted after no more frames are going to be enqueued to signal
+        the end of the stream. The closest mechanism WebKit has for this is
+        `markEndOfStream()`, but it's not exactly the same: markEndOfStream() informs
+        that -- as far as network buffering is concerned -- we are done; but at that
+        point there may still be (and often are) many frames waiting in the
+        decodeQueue, so it would be wrong to signal the decoder that there are no more
+        frames.
+
+        This patch introduces a new optional method in SourceBufferPrivate,
+        `allSamplesInTrackEnqueued(const AtomicString& trackID)` that is called
+        whenever the MediaSource is in "ended" state (the user has called
+        `MediaSource.endOfStream()`) and the decodeQueue is empty. Media framework
+        implementations can use this method to send a EOS event to a decoder that needs
+        it.
+
+        Reviewed by Xabier Rodriguez-Calvar.
+
+        * Modules/mediasource/MediaSource.cpp:
+        (WebCore::MediaSource::streamEndedWithError):
+        * Modules/mediasource/SourceBuffer.cpp:
+        (WebCore::SourceBuffer::provideMediaData):
+        (WebCore::SourceBuffer::trySignalAllSamplesInTrackEnqueued):
+        (WebCore::SourceBuffer::trySignalAllSamplesEnqueued):
+        * Modules/mediasource/SourceBuffer.h:
+        * platform/graphics/SourceBufferPrivate.h:
+        (WebCore::SourceBufferPrivate::allSamplesInTrackEnqueued):
+        * platform/graphics/gstreamer/mse/MediaSourceClientGStreamerMSE.cpp:
+        (WebCore::MediaSourceClientGStreamerMSE::allSamplesInTrackEnqueued):
+        * platform/graphics/gstreamer/mse/MediaSourceClientGStreamerMSE.h:
+        * platform/graphics/gstreamer/mse/PlaybackPipeline.cpp:
+        (WebCore::PlaybackPipeline::allSamplesInTrackEnqueued):
+        * platform/graphics/gstreamer/mse/PlaybackPipeline.h:
+        * platform/graphics/gstreamer/mse/SourceBufferPrivateGStreamer.cpp:
+        (WebCore::SourceBufferPrivateGStreamer::allSamplesInTrackEnqueued):
+        * platform/graphics/gstreamer/mse/SourceBufferPrivateGStreamer.h:
+
+2018-04-23  Ms2ger  <Ms2ger@igalia.com>
+
+        Avoid uninitialized memory read.
+        https://bugs.webkit.org/show_bug.cgi?id=184505
+        <rdar://problem/39348325>
+
+        Reviewed by Dean Jackson.
+
+        Test: imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-bounds.html
+
+        * html/ImageBitmap.cpp:
+        (WebCore::croppedSourceRectangleWithFormatting):
+
+2018-04-23  Zan Dobersek  <zdobersek@igalia.com>
+
+        [TexMap] Drop RefCounted inheritance off of TextureMapperBackingStore
+        https://bugs.webkit.org/show_bug.cgi?id=184810
+
+        Reviewed by Carlos Garcia Campos.
+
+        Turn TextureMapperBackingStore into a simple interface that doesn't
+        inherit from RefCounted<>. Instead, push that inheritance off to the
+        classes that implement the TextureMapperBackingStore interface. This
+        narrows down the purpose of TextureMapperBackingStore towards a simple
+        interface that TextureMapper algorithms can work with.
+
+        TextureMapperLayer has its m_backingStore member variable turn into
+        a simple pointer instead of a RefPtr<>. Setter method and call sites of
+        that method are updated to reflect that.
+
+        TextureMapperTiledBackingStore now inherits from RefCounted<> directly,
+        instead of through TextureMapperBackingStore.
+
+        * platform/graphics/texmap/GraphicsLayerTextureMapper.cpp:
+        (WebCore::GraphicsLayerTextureMapper::commitLayerChanges):
+        (WebCore::GraphicsLayerTextureMapper::updateBackingStoreIfNeeded):
+        * platform/graphics/texmap/GraphicsLayerTextureMapper.h:
+        * platform/graphics/texmap/TextureMapperBackingStore.h:
+        * platform/graphics/texmap/TextureMapperLayer.cpp:
+        (WebCore::TextureMapperLayer::setBackingStore):
+        * platform/graphics/texmap/TextureMapperLayer.h:
+        * platform/graphics/texmap/TextureMapperTiledBackingStore.h:
+
 2018-04-22  Zan Dobersek  <zdobersek@igalia.com>
 
         [AsyncScrolling] Add generic ScrollingThread implementation