2011-01-27 Oliver Hunt <oliver@apple.com>
[WebKit-https.git] / Source / WebCore / ChangeLog
index f2632ea..a35c813 100644 (file)
@@ -1,3 +1,643 @@
+2011-01-27  Oliver Hunt  <oliver@apple.com>
+
+        Reviewed by Geoffrey Garen.
+
+        Convert markstack to a slot visitor API
+        https://bugs.webkit.org/show_bug.cgi?id=53219
+
+        Update WebCore to the new marking apis, correct bindings
+        codegen. 
+
+        * ForwardingHeaders/runtime/WriteBarrier.h: Added.
+        * WebCore.exp.in:
+        * bindings/js/DOMWrapperWorld.h:
+        (WebCore::DOMWrapperWorld::globalData):
+        * bindings/js/JSAudioConstructor.cpp:
+        (WebCore::JSAudioConstructor::JSAudioConstructor):
+        * bindings/js/JSDOMBinding.cpp:
+        (WebCore::markDOMNodesForDocument):
+        (WebCore::markDOMObjectWrapper):
+        (WebCore::markDOMNodeWrapper):
+        * bindings/js/JSDOMGlobalObject.cpp:
+        (WebCore::JSDOMGlobalObject::markChildren):
+        (WebCore::JSDOMGlobalObject::setInjectedScript):
+        (WebCore::JSDOMGlobalObject::injectedScript):
+        * bindings/js/JSDOMGlobalObject.h:
+        (WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData::JSDOMGlobalObjectData):
+        (WebCore::getDOMConstructor):
+        * bindings/js/JSDOMWindowCustom.cpp:
+        (WebCore::JSDOMWindow::setLocation):
+        (WebCore::DialogHandler::dialogCreated):
+        * bindings/js/JSDOMWindowShell.cpp:
+        (WebCore::JSDOMWindowShell::JSDOMWindowShell):
+        (WebCore::JSDOMWindowShell::setWindow):
+        (WebCore::JSDOMWindowShell::markChildren):
+        (WebCore::JSDOMWindowShell::unwrappedObject):
+        * bindings/js/JSDOMWindowShell.h:
+        (WebCore::JSDOMWindowShell::window):
+        (WebCore::JSDOMWindowShell::setWindow):
+        * bindings/js/JSEventListener.cpp:
+        (WebCore::JSEventListener::JSEventListener):
+        (WebCore::JSEventListener::markJSFunction):
+        * bindings/js/JSEventListener.h:
+        (WebCore::JSEventListener::jsFunction):
+        * bindings/js/JSHTMLDocumentCustom.cpp:
+        (WebCore::JSHTMLDocument::setAll):
+        * bindings/js/JSImageConstructor.cpp:
+        (WebCore::JSImageConstructor::JSImageConstructor):
+        * bindings/js/JSImageDataCustom.cpp:
+        (WebCore::toJS):
+        * bindings/js/JSJavaScriptCallFrameCustom.cpp:
+        (WebCore::JSJavaScriptCallFrame::scopeChain):
+        (WebCore::JSJavaScriptCallFrame::scopeType):
+        * bindings/js/JSNodeFilterCondition.cpp:
+        (WebCore::JSNodeFilterCondition::markAggregate):
+        (WebCore::JSNodeFilterCondition::acceptNode):
+        * bindings/js/JSNodeFilterCondition.h:
+        * bindings/js/JSNodeFilterCustom.cpp:
+        * bindings/js/JSOptionConstructor.cpp:
+        (WebCore::JSOptionConstructor::JSOptionConstructor):
+        * bindings/js/JSSQLResultSetRowListCustom.cpp:
+        (WebCore::JSSQLResultSetRowList::item):
+        * bindings/js/ScriptCachedFrameData.cpp:
+        (WebCore::ScriptCachedFrameData::restore):
+        * bindings/js/ScriptObject.cpp:
+        (WebCore::ScriptGlobalObject::set):
+        * bindings/js/SerializedScriptValue.cpp:
+        (WebCore::CloneDeserializer::putProperty):
+        * bindings/scripts/CodeGeneratorJS.pm:
+        * dom/Document.h:
+
+2011-01-28  Sam Weinig  <sam@webkit.org>
+
+        Reviewed by Anders Carlsson.
+
+        Keyboard scrolling doesn’t work in WebKit2
+        <rdar://problem/8909672>
+
+        * platform/mac/ScrollAnimatorMac.mm:
+        (-[ScrollAnimationHelperDelegate convertSizeToBacking:]):
+        (-[ScrollAnimationHelperDelegate convertSizeFromBacking:]):
+        Add additional necessary delegate methods.
+
+2011-01-29  Darin Adler  <darin@apple.com>
+
+        Reviewed by Dan Bernstein.
+
+        Re-land this patch with the missing null check that caused crashes in layout tests.
+
+        Changing cursor style has no effect until the mouse moves
+        https://bugs.webkit.org/show_bug.cgi?id=14344
+        rdar://problem/7563712
+
+        No tests added because we don't have infrastructure for testing actual cursor
+        changes (as opposed to cursor style computation) at this time. We might add it later.
+
+        * page/EventHandler.cpp:
+        (WebCore::EventHandler::dispatchFakeMouseMoveEventSoon): Added.
+        * page/EventHandler.h: Ditto.
+
+        * rendering/RenderObject.cpp:
+        (WebCore::areNonIdenticalCursorListsEqual): Added.
+        (WebCore::areCursorsEqual): Added.
+        (WebCore::RenderObject::styleDidChange): Call dispatchFakeMouseMoveEventSoon if
+        cursor styles changed.
+
+2011-01-28  Justin Schuh  <jschuh@chromium.org>
+
+        Reviewed by Eric Seidel.
+
+        We should hold RefPtrs to SVG font faces
+        https://bugs.webkit.org/show_bug.cgi?id=53270
+
+        Test: svg/custom/use-multiple-on-nested-disallowed-font.html
+
+        * css/CSSFontFaceSource.cpp:
+        (WebCore::CSSFontFaceSource::getFontData):
+        * css/CSSFontFaceSource.h:
+        * svg/SVGFontFaceElement.cpp:
+        (WebCore::SVGFontFaceElement::associatedFontElement):
+        * svg/SVGFontFaceElement.h:
+
+2011-01-28  Zhenyao Mo  <zmo@google.com>
+
+        Reviewed by Kenneth Russell.
+
+        uniformN*v should generate INVALID_VALUE of the array size is not a multiple of N
+        https://bugs.webkit.org/show_bug.cgi?id=53306
+
+        * html/canvas/WebGLRenderingContext.cpp:
+        (WebCore::WebGLRenderingContext::validateUniformMatrixParameters):
+
+2011-01-28  Tom Sepez  <tsepez@chromium.org>
+
+        Reviewed by Eric Seidel.
+
+        NULL pointer crash in TextIterator::handleTextBox()
+        https://bugs.webkit.org/show_bug.cgi?id=53267
+
+        Test: fast/css/rtl-nth-child-first-letter-crash.html
+
+        * editing/TextIterator.cpp:
+        (WebCore::TextIterator::handleTextBox):
+
+2011-01-28  Adrienne Walker  <enne@google.com>
+
+        Reviewed by Kenneth Russell.
+
+        [chromium] Remove a spurious diagnostic CRASH check.
+        https://bugs.webkit.org/show_bug.cgi?id=52379
+
+        * platform/graphics/chromium/LayerTilerChromium.cpp:
+        (WebCore::LayerTilerChromium::invalidateRect):
+
+2011-01-28  Dan Bernstein  <mitz@apple.com>
+
+        Reviewed by Sam Weinig.
+
+        <rdar://problem/4761512> <select> can't display right-to-left (rtl) languages
+        https://bugs.webkit.org/show_bug.cgi?id=19785
+
+        Changed <select> pop-up menus on Mac OS X Snow Leopard and later to have their items aligned in the
+        direction corresponding to the writing direction of the <select> element, with the checkmarks
+        on the "start" side, and use the <option>'s writing direction rather than "natural". Made the
+        pop-up button match the menu by adding a Chrome boolean function, selectItemAlignmentFollowsMenuWritingDirection(),
+        which returns true for this pop-up behavior.
+
+        * loader/EmptyClients.h:
+        (WebCore::EmptyChromeClient::selectItemAlignmentFollowsMenuWritingDirection): Added.
+        * manual-tests/pop-up-alignment-and-direction.html: Added.
+        * page/Chrome.cpp:
+        (WebCore::Chrome::selectItemAlignmentFollowsMenuWritingDirection): Added. Calls through to the
+        client.
+        * page/Chrome.h:
+        * page/ChromeClient.h:
+        * platform/PopupMenuStyle.h:
+        (WebCore::PopupMenuStyle::PopupMenuStyle): Added hasTextDirectionOverride parameter and member
+        variable initialization.
+        (WebCore::PopupMenuStyle::hasTextDirectionOverride): Added this accessor.
+        * platform/mac/PopupMenuMac.mm:
+        (WebCore::PopupMenuMac::populate): Set the pop-up's layout direction and items' text alignment
+        to match the menu's writing direction. Set items' writing direction and direction override
+        according to their styles.
+        * rendering/RenderMenuList.cpp:
+        (WebCore::RenderMenuList::RenderMenuList): Removed unncesaary initialization of a smart pointer.
+        (WebCore::RenderMenuList::adjustInnerStyle): If the alignment of items in the menu follows the
+        menu's writing direction, use that alignment for the button as well. Also in this mode, use the
+        item's writing direction and override setting.
+        (WebCore::RenderMenuList::setTextFromOption): Store the option element's style.
+        (WebCore::RenderMenuList::itemStyle): Pass the text direction override value.
+        (WebCore::RenderMenuList::menuStyle): Ditto. Also use the button's direction, not the inner text's.
+        * rendering/RenderMenuList.h:
+        * rendering/RenderTextControlSingleLine.cpp:
+        (WebCore::RenderTextControlSingleLine::menuStyle): Pass the text direction override value.
+
+2011-01-28  Adam Barth  <abarth@webkit.org>
+
+        Reviewed by Daniel Bates.
+
+        Teach XSSFilter how to filter <script> elements
+        https://bugs.webkit.org/show_bug.cgi?id=53279
+
+        This patch adds the ability for the XSSFilter to block injected
+        <script> elements.  Handling script elements is slightly subtle because
+        these elements act very differently depending on whether they have a
+        src attribute.
+        
+        In the "src case", which check whether the src attribute was present in
+        the request.  In the "non-src case", we check whether the start tag and
+        the body of the script element was included in the request.  Checking
+        for the whole start tag means we miss out on some attribute splitting
+        attacks inside of script tags, but that doesn't seem like that big a
+        deal.
+
+        This patch also introduces some amount of state into the XSSFilter
+        because inline script elements span multiple tokens.  There's a lot of
+        tuning and optimization left in these cases, some of which I've noted
+        with FIXMEs.
+
+        To test this patch, I played around with some of the existing
+        XSSAuditor tests.  Hopefully I'll be able to run the test suite more
+        systematically in the future.
+
+        * html/parser/HTMLToken.h:
+        (WebCore::HTMLToken::eraseCharacters):
+        (WebCore::HTMLToken::eraseValueOfAttribute):
+        * html/parser/XSSFilter.cpp:
+        (WebCore::HTMLNames::hasName):
+        (WebCore::HTMLNames::findAttributeWithName):
+        (WebCore::HTMLNames::isNameOfScriptCarryingAttribute):
+        (WebCore::XSSFilter::XSSFilter):
+        (WebCore::XSSFilter::filterToken):
+        (WebCore::XSSFilter::filterTokenAfterScriptStartTag):
+        (WebCore::XSSFilter::filterScriptToken):
+        (WebCore::XSSFilter::snippetForRange):
+        (WebCore::XSSFilter::snippetForAttribute):
+        * html/parser/XSSFilter.h:
+
+2011-01-28  Adam Barth  <abarth@webkit.org>
+
+        Reviewed by Daniel Bates.
+
+        Sketch out new XSS filter design (disabled by default)
+        https://bugs.webkit.org/show_bug.cgi?id=53205
+
+        This patch adds a basic sketch of the new XSS filter design.  Rather
+        than watching scripts as they execute, in this design, we watch tokens
+        emitted by the tokenizer.  We then map the tokens directly back into
+        input characters, which lets us skip all the complicated logic related
+        to HTML entities and double-decoding of JavaScript URLs.
+
+        This patch contains only the bare essentially machinery.  I'll add more
+        in future patches and eventually remove the previous code once this
+        code is up and running correctly.
+
+        * Android.mk:
+        * CMakeLists.txt:
+        * GNUmakefile.am:
+        * WebCore.gypi:
+        * WebCore.pro:
+        * WebCore.vcproj/WebCore.vcproj:
+        * WebCore.xcodeproj/project.pbxproj:
+        * html/parser/HTMLDocumentParser.cpp:
+        (WebCore::HTMLDocumentParser::HTMLDocumentParser):
+        (WebCore::HTMLDocumentParser::pumpTokenizer):
+        (WebCore::HTMLDocumentParser::sourceForToken):
+        * html/parser/HTMLDocumentParser.h:
+        * html/parser/XSSFilter.cpp: Added.
+        * html/parser/XSSFilter.h: Added.
+
+2011-01-28  Michael Saboff  <msaboff@apple.com>
+
+        Reviewed by Geoffrey Garen.
+
+        Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
+        https://bugs.webkit.org/show_bug.cgi?id=53271
+
+        Reapplying this patch with the change that the second ASSERT in 
+        RootObject::removeRuntimeObject was changed to use
+        .uncheckedGet() instead of the failing .get().  The object in question
+        could be in the process of being GC'ed.  The get() call will not return
+        such an object while the uncheckedGet() call will return the (unsafe) 
+        object.  This is the behavior we want.
+
+        Precautionary change.
+        Changed RootObject to use WeakGCMap instead of HashSet.
+        Found will looking for another issue, but can't produce a test case
+        that is problematic.  THerefore there aren't any new tests.
+
+        * bridge/runtime_root.cpp:
+        (JSC::Bindings::RootObject::invalidate):
+        (JSC::Bindings::RootObject::addRuntimeObject):
+        (JSC::Bindings::RootObject::removeRuntimeObject):
+        * bridge/runtime_root.h:
+
+2011-01-28  Adam Roben  <aroben@apple.com>
+
+        Notify CACFLayerTreeHost when the context is flushed
+
+        LegacyCACFLayerTreeHost was keeping this a secret, which meant that WebCore's animation
+        timers were never starting.
+
+        Fixes <http://webkit.org/b/53302> [Windows 7 Release Tests] changesets 76853, 76856, and
+        76858 broke ~36 animations, compositing, and transitions tests
+
+        Reviewed by Sam Weinig.
+
+        * platform/graphics/ca/win/LegacyCACFLayerTreeHost.cpp:
+        (WebCore::LegacyCACFLayerTreeHost::contextDidChange): Call up to the base class after we
+        start our render timer.
+
+2011-01-28  Antti Koivisto  <antti@apple.com>
+
+        Reviewed by Dan Bernstein.
+
+        Remove dead code that tried to map from CSS values to parser values
+        https://bugs.webkit.org/show_bug.cgi?id=53318
+
+        * css/CSSFunctionValue.cpp:
+        * css/CSSFunctionValue.h:
+        * css/CSSPrimitiveValue.cpp:
+        * css/CSSPrimitiveValue.h:
+        * css/CSSValue.h:
+        * css/CSSValueList.cpp:
+        * css/CSSValueList.h:
+
+2011-01-28  Enrica Casucci  <enrica@apple.com>
+
+        Reviewed by Adam Roben.
+
+        Some drag and drop tests fail since r76824
+        https://bugs.webkit.org/show_bug.cgi?id=53304
+
+        There were '||' instead of '&&' in the checks for valid
+        clipboard content.
+        
+        * platform/win/ClipboardWin.cpp:
+        (WebCore::ClipboardWin::getData):
+        (WebCore::ClipboardWin::types):
+        (WebCore::ClipboardWin::files):
+
+2011-01-28  Martin Robinson  <mrobinson@igalia.com>
+
+        [GTK] AudioProcessingEvent.h and JSJavaScriptAudioNode.h: No such file or directory
+        https://bugs.webkit.org/show_bug.cgi?id=52889
+
+        Build fix for WebAudio. Include WebAudio source files on the source
+        list when WebAudio is enabled.
+
+        * GNUmakefile.am: Include missing source files.
+
+2011-01-28  Sam Weinig  <sam@webkit.org>
+
+        Reviewed by Maciej Stachowiak.
+
+        Add basic rubber banding support
+        <rdar://problem/8219429>
+        https://bugs.webkit.org/show_bug.cgi?id=53277
+
+        * page/EventHandler.cpp:
+        (WebCore::EventHandler::handleGestureEvent):
+        Pass gesture events to the FrameView.
+
+        * platform/ScrollAnimator.cpp:
+        (WebCore::ScrollAnimator::handleGestureEvent):
+        * platform/ScrollAnimator.h:
+        Add stubbed out implementation.
+
+        * platform/ScrollView.cpp:
+        (WebCore::ScrollView::ScrollView):
+        (WebCore::ScrollView::overhangAmount):
+        (WebCore::ScrollView::wheelEvent):
+        * platform/ScrollView.h:
+        * platform/ScrollableArea.cpp:
+        (WebCore::ScrollableArea::ScrollableArea):
+        (WebCore::ScrollableArea::handleGestureEvent):
+        * platform/ScrollableArea.h:
+        (WebCore::ScrollableArea::constrainsScrollingToContentEdge):
+        (WebCore::ScrollableArea::setConstrainsScrollingToContentEdge):
+        Move constrains scrolling bit to ScrollableArea from ScrollView.
+
+        (WebCore::ScrollableArea::contentsSize):
+        (WebCore::ScrollableArea::overhangAmount):
+        Add additional virtual functions for information needed by the animator.
+
+        * platform/mac/ScrollAnimatorMac.h:
+        * platform/mac/ScrollAnimatorMac.mm:
+        (WebCore::ScrollAnimatorMac::ScrollAnimatorMac):
+        (WebCore::ScrollAnimatorMac::immediateScrollByDeltaX):
+        (WebCore::ScrollAnimatorMac::immediateScrollByDeltaY):
+        (WebCore::elasticDeltaForTimeDelta):
+        (WebCore::elasticDeltaForReboundDelta):
+        (WebCore::reboundDeltaForElasticDelta):
+        (WebCore::scrollWheelMultiplier):
+        (WebCore::ScrollAnimatorMac::handleWheelEvent):
+        (WebCore::ScrollAnimatorMac::handleGestureEvent):
+        (WebCore::ScrollAnimatorMac::pinnedInDirection):
+        (WebCore::ScrollAnimatorMac::allowsVerticalStretching):
+        (WebCore::ScrollAnimatorMac::allowsHorizontalStretching):
+        (WebCore::ScrollAnimatorMac::smoothScrollWithEvent):
+        (WebCore::ScrollAnimatorMac::beginScrollGesture):
+        (WebCore::ScrollAnimatorMac::endScrollGesture):
+        (WebCore::ScrollAnimatorMac::snapRubberBand):
+        (WebCore::roundTowardZero):
+        (WebCore::roundToDevicePixelTowardZero):
+        (WebCore::ScrollAnimatorMac::snapRubberBandTimerFired):
+        Implement basic rubber banding.
+
+2011-01-28  Dan Bernstein  <mitz@apple.com>
+
+        Reviewed by Anders Carlsson.
+
+        Changing unicode-bidi doesn’t force layout
+        https://bugs.webkit.org/show_bug.cgi?id=53311
+
+        Test: fast/dynamic/unicode-bidi.html
+
+        * rendering/style/RenderStyle.cpp:
+        (WebCore::RenderStyle::diff): Return a layout difference if unicode-bidi values differ.
+
+2011-01-27  Dimitri Glazkov  <dglazkov@chromium.org>
+
+        Reviewed by Kent Tamura.
+
+        Change HTMLInputElement-derived parts of media element shadow DOM to use shadowPseudoId.
+        https://bugs.webkit.org/show_bug.cgi?id=53122
+
+        This is the first step in converting HTMLMediaElement to the new shadow DOM.
+
+        Should not regress any existing tests. No observable change in behavior.
+
+        * css/CSSSelector.cpp:
+        (WebCore::CSSSelector::pseudoId): Removed now-unnecessary hard-coded pseudo-element selectors.
+        (WebCore::nameToPseudoTypeMap): Ditto.
+        (WebCore::CSSSelector::extractPseudoType): Ditto.
+        * css/CSSSelector.h: Ditto.
+        * css/mediaControls.css: Added proper initial values, now that elements use the proper selector pipeline.
+        * rendering/MediaControlElements.cpp:
+        (WebCore::MediaControlInputElement::MediaControlInputElement): Removed the switch statement,
+            which is now replaced with virtual shadowPseudoId on each corresponding class.
+        (WebCore::MediaControlInputElement::styleForElement): Changed to use element pipeline.
+        (WebCore::MediaControlMuteButtonElement::MediaControlMuteButtonElement): Changed to set
+            display type in constructor.
+        (WebCore::MediaControlMuteButtonElement::create): Changed to not take PseudoId as
+            constructor argument.
+        (WebCore::MediaControlMuteButtonElement::shadowPseudoId): Added.
+        (WebCore::MediaControlVolumeSliderMuteButtonElement::MediaControlVolumeSliderMuteButtonElement): Added
+            to disambiguate from the MediaControlMuteButtonElement.
+        (WebCore::MediaControlVolumeSliderMuteButtonElement::create): Added.
+        (WebCore::MediaControlVolumeSliderMuteButtonElement::shadowPseudoId): Added.
+        (WebCore::MediaControlPlayButtonElement::MediaControlPlayButtonElement): Changed to not take PseudoId as
+            constructor argument.
+        (WebCore::MediaControlPlayButtonElement::shadowPseudoId): Added.
+        (WebCore::MediaControlSeekButtonElement::MediaControlSeekButtonElement): Changed to not take PseudoId as
+            constructor argument.
+        (WebCore::MediaControlSeekForwardButtonElement::MediaControlSeekForwardButtonElement): Added.
+        (WebCore::MediaControlSeekForwardButtonElement::create): Added.
+        (WebCore::MediaControlSeekForwardButtonElement::shadowPseudoId): Added.
+        (WebCore::MediaControlSeekBackButtonElement::MediaControlSeekBackButtonElement): Added.
+        (WebCore::MediaControlSeekBackButtonElement::create): Added.
+        (WebCore::MediaControlSeekBackButtonElement::shadowPseudoId): Added.
+        (WebCore::MediaControlRewindButtonElement::MediaControlRewindButtonElement): Added.
+        (WebCore::MediaControlRewindButtonElement::shadowPseudoId): Added.
+        (WebCore::MediaControlReturnToRealtimeButtonElement::MediaControlReturnToRealtimeButtonElement): Changed to not take PseudoId as
+            constructor argument.
+        (WebCore::MediaControlReturnToRealtimeButtonElement::shadowPseudoId): Added.
+        (WebCore::MediaControlToggleClosedCaptionsButtonElement::MediaControlToggleClosedCaptionsButtonElement): Changed to not take PseudoId as
+            constructor argument.
+        (WebCore::MediaControlToggleClosedCaptionsButtonElement::shadowPseudoId): Added.
+        (WebCore::MediaControlTimelineElement::MediaControlTimelineElement): Changed to not take PseudoId as
+            constructor argument.
+        (WebCore::MediaControlTimelineElement::shadowPseudoId): Added.
+        (WebCore::MediaControlVolumeSliderElement::MediaControlVolumeSliderElement): Changed to not take PseudoId as
+            constructor argument.
+        (WebCore::MediaControlVolumeSliderElement::shadowPseudoId): Added.
+        (WebCore::MediaControlFullscreenButtonElement::MediaControlFullscreenButtonElement): Changed to not take PseudoId as
+            constructor argument.
+        (WebCore::MediaControlFullscreenButtonElement::shadowPseudoId): Added.
+        * rendering/MediaControlElements.h:
+        (WebCore::MediaControlSeekForwardButtonElement::isForwardButton): Added.
+        (WebCore::MediaControlSeekBackButtonElement::isForwardButton): Added.
+        * rendering/RenderMedia.cpp:
+        (WebCore::RenderMedia::createMuteButton): Changed to use new constructor.
+        (WebCore::RenderMedia::createSeekBackButton): Ditto.
+        (WebCore::RenderMedia::createSeekForwardButton): Ditto.
+        (WebCore::RenderMedia::createVolumeSliderMuteButton): Ditto.
+        * rendering/style/RenderStyleConstants.h: Removed constants that are no longer used.
+
+2011-01-27  Dimitri Glazkov  <dglazkov@chromium.org>
+
+        Reviewed by Eric Carlson.
+
+        Split MediaControls out of RenderMedia.
+        https://bugs.webkit.org/show_bug.cgi?id=53252
+
+        Near-mechanical moving of stuff, no change in behavior, thus no new tests.
+
+        * Android.mk: Added MediaControls to build system.
+        * CMakeLists.txt: Ditto.
+        * GNUmakefile.am: Ditto.
+        * WebCore.gypi: Ditto.
+        * WebCore.pro: Ditto.
+        * WebCore.vcproj/WebCore.vcproj: Ditto.
+        * WebCore.xcodeproj/project.pbxproj: Ditto.
+        * html/HTMLMediaElement.cpp:
+        (WebCore::HTMLMediaElement::defaultEventHandler): Changed to forward events to MediaControls.
+        * html/shadow/MediaControls.cpp: Copied all controls-related methods from
+            Source/WebCore/rendering/RenderMedia.cpp, pulled them into their own class called MediaControls. 
+        * html/shadow/MediaControls.h: Ditto from Source/WebCore/rendering/RenderMedia.h.
+        * rendering/MediaControlElements.cpp:
+        (WebCore::MediaControlTimelineElement::defaultEventHandler): Changed to use MediaControls.
+        * rendering/RenderMedia.cpp:
+        (WebCore::RenderMedia::RenderMedia): Moved relevant constructor initializers out to MediaControls.
+        (WebCore::RenderMedia::destroy): Changed to use MediaControls.
+        (WebCore::RenderMedia::styleDidChange): Ditto.
+        (WebCore::RenderMedia::layout): Ditto.
+        (WebCore::RenderMedia::updateFromElement): Ditto.
+        * rendering/RenderMedia.h: Updated defs accordingly and removed player() accessor, which
+            is only used by sub-class RenderVideo.
+        (WebCore::RenderMedia::controls): Added.
+        * rendering/RenderVideo.cpp:
+        (WebCore::RenderVideo::~RenderVideo): Changed to access MediaPlayer* directly from mediaElement().
+        (WebCore::RenderVideo::calculateIntrinsicSize): Ditto.
+        (WebCore::RenderVideo::paintReplaced): Ditto.
+        (WebCore::RenderVideo::updatePlayer): Ditto.
+        (WebCore::RenderVideo::supportsAcceleratedRendering): Ditto.
+        (WebCore::RenderVideo::acceleratedRenderingStateChanged): Ditto.
+
+2011-01-28  Pavel Feldman  <pfeldman@chromium.org>
+
+        Reviewed by Yury Semikhatsky.
+
+        Web Inspector: allow remote debugging with front-end
+        served from the cloud.
+        https://bugs.webkit.org/show_bug.cgi?id=53303
+
+        * inspector/front-end/inspector.js:
+
+2011-01-28  Aparna Nandyal  <aparna.nand@wipro.com>
+
+        Reviewed by Andreas Kling.
+
+        Setting value of m_PressedPos to make scrolling smooth
+
+        Page scroll popup menu "Scroll here" option not working when cliking above scroll slider/handler.
+        https://bugs.webkit.org/show_bug.cgi?id=51349
+
+        The value of m_PressedPos was getting set before moveThumb() call
+        in all other scenarios except when "Scroll Here" option is used.
+        Hence scrolling with this option was not as expected even in cases
+        where scrolling was happening. The thumb would move in unexpected
+        direction. m_PressedPos is now set to pressed position so delta is
+        calculated.
+        Unable to write a test case as the test needs to click on "Scroll
+        Here" option of context sensitive menu and QTest is unable to do it.
+        Besides no new functionality introduced.
+
+        * platform/qt/ScrollbarQt.cpp:
+        (WebCore::Scrollbar::contextMenu):
+
+2011-01-28  Andrey Kosyakov  <caseq@chromium.org>
+
+        Reviewed by Pavel Feldman.
+
+        Web Inspector: [Extensions API] add JSON schema for extensions API
+        https://bugs.webkit.org/show_bug.cgi?id=53236
+
+        * inspector/front-end/ExtensionAPISchema.json: Added.
+
+2011-01-27  Zhenyao Mo  <zmo@google.com>
+
+        Reviewed by Kenneth Russell.
+
+        Remove _LENGTH enumerants
+        https://bugs.webkit.org/show_bug.cgi?id=53259
+
+        * html/canvas/WebGLRenderingContext.cpp: Remove queries for *LENGTH.
+        (WebCore::WebGLRenderingContext::getProgramParameter):
+        (WebCore::WebGLRenderingContext::getShaderParameter):
+        * html/canvas/WebGLRenderingContext.idl: Remove *LENGTH.
+
+2011-01-28  Alexander Pavlov  <apavlov@chromium.org>
+
+        Reviewed by Yury Semikhatsky.
+
+        Web Inspector: syntax highlight inline JS and CSS in HTML resources
+        https://bugs.webkit.org/show_bug.cgi?id=30831
+
+        * inspector/front-end/SourceHTMLTokenizer.js:
+        (WebInspector.SourceHTMLTokenizer):
+        (WebInspector.SourceHTMLTokenizer.prototype.set line):
+        (WebInspector.SourceHTMLTokenizer.prototype.nextToken):
+        * inspector/front-end/SourceHTMLTokenizer.re2js:
+
+2011-01-28  Alexander Pavlov  <apavlov@chromium.org>
+
+        Reviewed by Yury Semikhatsky.
+
+        Web Inspector: [STYLES] Up/Down-suggestion breaks an existing keyword
+        https://bugs.webkit.org/show_bug.cgi?id=53295
+
+        Select the current word suffix before switching to the next suggestion.
+
+        * inspector/front-end/StylesSidebarPane.js:
+        ():
+
+2011-01-28  Alejandro G. Castro  <alex@igalia.com>
+
+        Reviewed by Xan Lopez.
+
+        [GTK] Fix dist compilation for the release
+        https://bugs.webkit.org/show_bug.cgi?id=53290
+
+        * GNUmakefile.am: Added inspector files to the extra dist.
+
+2011-01-28  Ilya Sherman  <isherman@chromium.org>
+
+        Reviewed by Andreas Kling.
+
+        Const-correct HTMLSelectElement and WebSelectElement
+        https://bugs.webkit.org/show_bug.cgi?id=53293
+
+        * html/HTMLSelectElement.cpp:
+        (WebCore::HTMLSelectElement::value): const.
+        * html/HTMLSelectElement.h:
+
+2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>
+
+        Unreviewed, rolling out r76893.
+        http://trac.webkit.org/changeset/76893
+        https://bugs.webkit.org/show_bug.cgi?id=53287
+
+        It made some tests crash on GTK and Qt debug bots (Requested
+        by Ossy on #webkit).
+
+        * bridge/runtime_root.cpp:
+        (JSC::Bindings::RootObject::invalidate):
+        (JSC::Bindings::RootObject::addRuntimeObject):
+        (JSC::Bindings::RootObject::removeRuntimeObject):
+        * bridge/runtime_root.h:
+
 2011-01-27  Greg Coletta  <greg.coletta@nokia.com>
 
         Reviewed by Laszlo Gombos.