WebKit-https.git
9 years ago2011-01-29 Daniel Bates <dbates@rim.com>
dbates@webkit.org [Sat, 29 Jan 2011 23:14:22 +0000 (23:14 +0000)]
2011-01-29  Daniel Bates  <dbates@rim.com>

        Reviewed by Maciej Stachowiak.

        Remove reference to ${CMAKE_SOURCE_DIR}/Source in CMake files
        https://bugs.webkit.org/show_bug.cgi?id=53382

        Our file system hierarchy ensures that CMAKE_SOURCE_DIR is defined to be /Source.
        So, ${CMAKE_SOURCE_DIR}/Source evaluates to the non-existent directory /Source/Source.
        Therefore, we should remove such references.

        * Source/cmake/OptionsCommon.cmake:
2011-01-29  Daniel Bates  <dbates@rim.com>

        Reviewed by Maciej Stachowiak.

        Remove reference to ${CMAKE_SOURCE_DIR}/Source in CMake files
        https://bugs.webkit.org/show_bug.cgi?id=53382

        Our file system hierarchy ensures that CMAKE_SOURCE_DIR is defined to be /Source.
        So, ${CMAKE_SOURCE_DIR}/Source evaluates to the non-existent directory /Source/Source.
        Therefore, we should remove such references.

        * CMakeLists.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77073 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-29 Maciej Stachowiak <mjs@apple.com>
mjs@apple.com [Sat, 29 Jan 2011 23:10:21 +0000 (23:10 +0000)]
2011-01-29  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Daniel Bates.

        Skip a test that uses unimplemented DRT API
        https://bugs.webkit.org/show_bug.cgi?id=53381

        * platform/mac-wk2/Skipped:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77072 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years agoFix 32-bit build on the Mac.
weinig@apple.com [Sat, 29 Jan 2011 22:19:01 +0000 (22:19 +0000)]
Fix 32-bit build on the Mac.

Reviewed by Jon Honeycutt.

* platform/mac/ScrollAnimatorMac.mm:
(WebCore::roundTowardZero):
(WebCore::roundToDevicePixelTowardZero):
Use floats instead of doubles to avoid double-to-float conversion
issues.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77071 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-29 Daniel Bates <dbates@rim.com>
dbates@webkit.org [Sat, 29 Jan 2011 22:17:43 +0000 (22:17 +0000)]
2011-01-29  Daniel Bates  <dbates@rim.com>

        Reviewed by Eric Seidel.

        Move wince/mt19937ar.c to ThirdParty and make it a policy choice
        https://bugs.webkit.org/show_bug.cgi?id=53253

        Move implementation of Mersenne Twister pseudorandom number generator to
        ThirdParty since it is a third party library.

        * Source/ThirdParty/mt19937ar.c: Copied from Source/JavaScriptCore/wtf/wince/mt19937ar.c.
2011-01-29  Daniel Bates  <dbates@rim.com>

        Reviewed by Eric Seidel.

        Move wince/mt19937ar.c to ThirdParty and make it a policy choice
        https://bugs.webkit.org/show_bug.cgi?id=53253

        Make inclusion of MT19937 a policy decision.

        Currently, we hardcoded to  use MT19937 when building for
        Windows CE. Instead, we should make this a policy decision
        with the Windows CE port using this by default.

        * JavaScriptCore.pri: Append Source/ThirdParty to the end
        of the list include directories.
        * wtf/CMakeLists.txt: Ditto.
        * wtf/Platform.h: Defined WTF_USE_MERSENNE_TWISTER_19937 when
        building for Windows CE.
        * wtf/RandomNumber.cpp:
        (WTF::randomNumber): Substituted USE(MERSENNE_TWISTER_19937) for OS(WINCE).

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77070 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-29 Gustavo Noronha Silva <gns@gnome.org>
kov@webkit.org [Sat, 29 Jan 2011 22:00:07 +0000 (22:00 +0000)]
2011-01-29  Gustavo Noronha Silva  <gns@gnome.org>

        [GTK] REGRESSION:  http/tests/media/video-{cookie,referer}.html failing
        https://bugs.webkit.org/show_bug.cgi?id=53379

        Skip tests failing likely by the usage of a newer version of soup.

        * platform/gtk/Skipped:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77069 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-29 Ryosuke Niwa <rniwa@webkit.org>
rniwa@webkit.org [Sat, 29 Jan 2011 20:47:24 +0000 (20:47 +0000)]
2011-01-29  Ryosuke Niwa  <rniwa@webkit.org>

        Unreviewed Chromium rebaselines.

        * platform/chromium-linux/fast/block/positioning/001-expected.checksum: Added.
        * platform/chromium-linux/fast/block/positioning/001-expected.png: Added.
        * platform/chromium-linux/svg/clip-path/clip-in-mask-objectBoundingBox-expected.checksum: Added.
        * platform/chromium-linux/svg/clip-path/clip-in-mask-objectBoundingBox-expected.png: Added.
        * platform/chromium-linux/svg/clip-path/clip-in-mask-userSpaceOnUse-expected.checksum: Added.
        * platform/chromium-linux/svg/clip-path/clip-in-mask-userSpaceOnUse-expected.png: Added.
        * platform/chromium-win/svg/clip-path/clip-in-mask-objectBoundingBox-expected.checksum: Added.
        * platform/chromium-win/svg/clip-path/clip-in-mask-objectBoundingBox-expected.png: Added.
        * platform/chromium-win/svg/clip-path/clip-in-mask-userSpaceOnUse-expected.checksum: Added.
        * platform/chromium-win/svg/clip-path/clip-in-mask-userSpaceOnUse-expected.png: Added.
        * platform/chromium-win/svg/custom/missing-xlink-expected.txt:
        * platform/chromium/test_expectations.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77068 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years agoBug 53374 - Remove uses of unsafe string functions in debugging code
cwzwarich@webkit.org [Sat, 29 Jan 2011 20:31:29 +0000 (20:31 +0000)]
Bug 53374 - Remove uses of unsafe string functions in debugging code
https://bugs.webkit.org/show_bug.cgi?id=53374

Reviewed by David Kilzer.

* runtime/RegExp.cpp:
(JSC::RegExp::printTraceData):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77067 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years agoFix ChangeLog date.
cwzwarich@webkit.org [Sat, 29 Jan 2011 20:27:41 +0000 (20:27 +0000)]
Fix ChangeLog date.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77066 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years agoJavaScriptCoreUseJIT environment variable broken
cwzwarich@webkit.org [Sat, 29 Jan 2011 20:18:34 +0000 (20:18 +0000)]
JavaScriptCoreUseJIT environment variable broken
https://bugs.webkit.org/show_bug.cgi?id=53372

Reviewed by Oliver Hunt.

* runtime/JSGlobalData.cpp:
(JSC::JSGlobalData::JSGlobalData): Check the actual value in the string returned
by getenv() rather than just doing a NULL check on the return value.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77065 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Simon Fraser <simon.fraser@apple.com>
simon.fraser@apple.com [Sat, 29 Jan 2011 19:43:41 +0000 (19:43 +0000)]
2011-01-28  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Adam Barth.

        Use clampToInteger() functions in a few places
        https://bugs.webkit.org/show_bug.cgi?id=53363

        * css/CSSStyleSelector.cpp:
        (WebCore::CSSStyleSelector::applyProperty): Use clampToInteger() for z-index.
        (WebCore::CSSStyleSelector::createTransformOperations): Use clampToPositiveInteger().
        * platform/graphics/transforms/PerspectiveTransformOperation.cpp: Ditto.
        (WebCore::PerspectiveTransformOperation::blend): Ditto.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77064 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-29 Ryosuke Niwa <rniwa@webkit.org>
rniwa@webkit.org [Sat, 29 Jan 2011 18:50:14 +0000 (18:50 +0000)]
2011-01-29  Ryosuke Niwa  <rniwa@webkit.org>

        Unreviewed Chromium test expectation update; removed http/tests/appcache/online-whitelist.html
        from the test expectation, because it has been passing on Chromium Windows.

        * platform/chromium/test_expectations.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77063 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-29 Patrick Gansterer <paroga@webkit.org>
paroga@webkit.org [Sat, 29 Jan 2011 17:04:51 +0000 (17:04 +0000)]
2011-01-29  Patrick Gansterer  <paroga@webkit.org>

        Reviewed by David Kilzer.

        Move CharacterNames.h into WTF directory
        https://bugs.webkit.org/show_bug.cgi?id=49618

        * GNUmakefile.am:
        * JavaScriptCore.gypi:
        * JavaScriptCore.vcproj/WTF/WTF.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * wtf/CMakeLists.txt:
        * wtf/unicode/CharacterNames.h: Renamed from WebCore/platform/text/CharacterNames.h.
        * wtf/unicode/UTF8.cpp:
2011-01-29  Patrick Gansterer  <paroga@webkit.org>

        Reviewed by David Kilzer.

        Move CharacterNames.h into WTF directory
        https://bugs.webkit.org/show_bug.cgi?id=49618

        * ForwardingHeaders/wtf/unicode/CharacterNames.h: Added.
        * GNUmakefile.am:
        * WebCore.gypi:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * accessibility/AccessibilityObject.cpp:
        * accessibility/AccessibilityRenderObject.cpp:
        * bindings/cpp/WebDOMHTMLDocumentCustom.cpp:
        * bindings/js/JSHTMLDocumentCustom.cpp:
        * dom/Position.cpp:
        * dom/SelectElement.cpp:
        * editing/CompositeEditCommand.cpp:
        * editing/Editor.cpp:
        * editing/HTMLInterchange.cpp:
        * editing/InsertTextCommand.cpp:
        * editing/MarkupAccumulator.cpp:
        * editing/TextIterator.cpp:
        * editing/VisibleSelection.cpp:
        * editing/htmlediting.cpp:
        * editing/htmlediting.h:
        * editing/markup.cpp:
        * html/FTPDirectoryDocument.cpp:
        * html/HTMLFormControlElement.cpp:
        * html/parser/HTMLTreeBuilder.cpp:
        * loader/appcache/ManifestParser.cpp:
        * platform/chromium/PopupMenuChromium.cpp:
        * platform/graphics/Font.h:
        * platform/graphics/FontFastPath.cpp:
        * platform/graphics/GlyphPageTreeNode.cpp:
        * platform/graphics/StringTruncator.cpp:
        * platform/graphics/mac/ComplexTextController.cpp:
        * platform/graphics/mac/ComplexTextControllerATSUI.cpp:
        * platform/graphics/wince/GraphicsContextWinCE.cpp:
        * platform/mac/PasteboardMac.mm:
        * platform/text/TextCodecICU.cpp:
        * platform/text/mac/TextCodecMac.cpp:
        * platform/text/transcoder/FontTranscoder.cpp:
        * rendering/RenderBlockLineLayout.cpp:
        * rendering/RenderFlexibleBox.cpp:
        * rendering/RenderListMarker.cpp:
        * rendering/RenderText.cpp:
        * rendering/RenderTextControl.cpp:
        * rendering/RenderTreeAsText.cpp:
        * rendering/break_lines.cpp:
        * rendering/mathml/RenderMathMLOperator.h:
        * websockets/WebSocketHandshake.cpp:
        * wml/WMLTableElement.cpp:
2011-01-29  Patrick Gansterer  <paroga@webkit.org>

        Reviewed by David Kilzer.

        Move CharacterNames.h into WTF directory
        https://bugs.webkit.org/show_bug.cgi?id=49618

        * src/ChromeClientImpl.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77062 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-29 Dan Winship <danw@gnome.org>
commit-queue@webkit.org [Sat, 29 Jan 2011 11:39:57 +0000 (11:39 +0000)]
2011-01-29  Dan Winship  <danw@gnome.org>

        Reviewed by Xan Lopez.

        [GTK] Require the latest glib and libsoup, and remove conditional
        support for older versions
        https://bugs.webkit.org/show_bug.cgi?id=50675

        * autotools/webkit.m4: use AM_PATH_GLIB_2_0 rather than doing
        basically the same work by hand
        * configure.ac:
2011-01-29  Dan Winship  <danw@gnome.org>

        Reviewed by Xan Lopez.

        [GTK] Remove HAVE_LIBSOUP_2_29_90 conditionals; we depend on
        libsoup 2.33.1 now.
        https://bugs.webkit.org/show_bug.cgi?id=50675

        * platform/network/soup/CookieJarSoup.cpp:
        (WebCore::defaultCookieJar):
        (WebCore::setCookies):
        * platform/network/soup/ResourceHandleSoup.cpp:
        (WebCore::ResourceHandle::prepareForURL):
        (WebCore::restartedCallback):
        (WebCore::startHttp):
        * platform/network/soup/ResourceRequestSoup.cpp:
        (WebCore::ResourceRequest::updateSoupMessage):
        (WebCore::ResourceRequest::toSoupMessage):
        (WebCore::ResourceRequest::updateFromSoupMessage):
2011-01-29  Dan Winship  <danw@gnome.org>

        Reviewed by Xan Lopez.

        [GTK] Remove HAVE_LIBSOUP_2_29_90 conditionals; we depend on
        libsoup 2.33.1 now.
        https://bugs.webkit.org/show_bug.cgi?id=50675

        * ewk/ewk_cookies.cpp:
        (ewk_cookies_file_set):
        (ewk_cookies_policy_set):
        (ewk_cookies_policy_get):
2011-01-29  Dan Winship  <danw@gnome.org>

        Reviewed by Xan Lopez.

        [GTK] Remove HAVE_LIBSOUP_2_29_90 and HAVE_GSETTINGS conditionals;
        we depend on glib 2.27.4 and libsoup 2.33.1 now.
        https://bugs.webkit.org/show_bug.cgi?id=50675

        * GNUmakefile.am:
        * WebCoreSupport/InspectorClientGtk.cpp:
        (WebKit::InspectorClient::storeSetting):
        * webkit/webkitprivate.cpp:
        (inspectorGSettings):
        * webkit/webkitprivate.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77061 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-29 Adam Barth <abarth@webkit.org>
abarth@webkit.org [Sat, 29 Jan 2011 09:22:18 +0000 (09:22 +0000)]
2011-01-29  Adam Barth  <abarth@webkit.org>

        Reviewed by Daniel Bates.

        XSSFilter should replace URLs with about:blank instead of the empty string
        https://bugs.webkit.org/show_bug.cgi?id=53370

        Using the empty string will make the URL complete to the current
        document's URL, which isn't really what we want.  Instead, we want to
        use about:blank, which is safe.

        * html/parser/XSSFilter.cpp:
        (WebCore::XSSFilter::filterObjectToken):
        (WebCore::XSSFilter::filterEmbedToken):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77060 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-29 Adam Barth <abarth@webkit.org>
abarth@webkit.org [Sat, 29 Jan 2011 09:20:44 +0000 (09:20 +0000)]
2011-01-29  Adam Barth  <abarth@webkit.org>

        Reviewed by Daniel Bates.

        XSSFilter should pass xssAuditor/script-tag-addslashes*
        https://bugs.webkit.org/show_bug.cgi?id=53365

        We need to canonicalize strings to avoid being tricked by addslashes.

        * html/parser/XSSFilter.cpp:
        (WebCore::HTMLNames::isNonCanonicalCharacter):
            - This function is copied from the XSSAuditor (with some tweaks).
              We'll eventually remove the XSSAuditor once we've got XSSFilter
              working properly.
        (WebCore::HTMLNames::canonicalize):
        (WebCore::HTMLNames::decodeURL):
        (WebCore::XSSFilter::isContainedInRequest):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77059 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-29 Adam Barth <abarth@webkit.org>
abarth@webkit.org [Sat, 29 Jan 2011 09:19:21 +0000 (09:19 +0000)]
2011-01-29  Adam Barth  <abarth@webkit.org>

        Reviewed by Daniel Bates.

        XSSFilter should pass xssAuditor/script-tag-with-source-same-host.html
        and xssAuditor/script-tag-post-*
        https://bugs.webkit.org/show_bug.cgi?id=53364

        We're supposed to allow loading same-origin resources even if they
        appear as part of the request.

        Also, we're supposed to look at the POST data too.  :)

        * html/parser/XSSFilter.cpp:
        (WebCore::XSSFilter::eraseAttributeIfInjected):
        (WebCore::XSSFilter::isSameOriginResource):
            - Copy/paste from XSSAuditor::isSameOriginResource.  We'll
              eventually remove the XSSAuditor version when XSSFilter is done.
        * html/parser/XSSFilter.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77058 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-29 Adam Barth <abarth@webkit.org>
abarth@webkit.org [Sat, 29 Jan 2011 09:17:55 +0000 (09:17 +0000)]
2011-01-29  Adam Barth  <abarth@webkit.org>

        Reviewed by Daniel Bates.

        XSSFilter should pass 16 of the xssAuditor/script-tag* tests
        https://bugs.webkit.org/show_bug.cgi?id=53362

        Turns out we need to replace the src attribute of script tags with
        about:blank to avoid loading the main document URL as a script.  Also,
        move misplaced return statement that was triggering the console message
        too often.

        * html/parser/HTMLToken.h:
        (WebCore::HTMLToken::appendToAttributeValue):
        * html/parser/XSSFilter.cpp:
        (WebCore::XSSFilter::filterScriptToken):
        (WebCore::XSSFilter::eraseAttributeIfInjected):
        * html/parser/XSSFilter.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77057 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-29 Ryosuke Niwa <rniwa@webkit.org>
rniwa@webkit.org [Sat, 29 Jan 2011 09:11:11 +0000 (09:11 +0000)]
2011-01-29  Ryosuke Niwa  <rniwa@webkit.org>

        Unreviewed Chromium test expectation update.

        * platform/chromium/test_expectations.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77056 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years agoDownloads in WK2 on Windows should write resume data to bundle
jhoneycutt@apple.com [Sat, 29 Jan 2011 08:34:46 +0000 (08:34 +0000)]
Downloads in WK2 on Windows should write resume data to bundle
https://bugs.webkit.org/show_bug.cgi?id=53282
<rdar://problem/8753077>

Reviewed by Alice Liu.

Source/WebCore:

* WebCore.vcproj/WebCore.vcproj:
Added new files to project.

* platform/network/cf/DownloadBundle.h: Added.
* platform/network/win/DownloadBundleWin.cpp: Added.
(WebCore::DownloadBundle::magicNumber):
Moved from WebKit's WebDownload so that WebKit and WebKit2 can share
it.
(WebCore::DownloadBundle::fileExtension):
Ditto.
(WebCore::DownloadBundle::appendResumeData):
Ditto - but modified to return bool rather than HRESULT and to clean up
whitespace.
(WebCore::DownloadBundle::extractResumeData):
Ditto - modified to clean up whitespace.

Source/WebKit/win:

* WebDownload.cpp:
(WebDownload::bundlePathForTargetPath):
Use the new WebCore::DownloadBundle function.
(WebDownload::request):

* WebDownload.h:
Removed declarations for functions that were moved to a new location.

* WebDownloadCFNet.cpp:
(WebDownload::initToResumeWithBundle):
Use the new WebCore::DownloadBundle function.
(WebDownload::cancelForResume):
Fix a leak of the resume data CFDataRef by using adoptCF(). Use the new
WebCore::DownloadBundle function.

Source/WebKit2:

* WebProcess/Downloads/Download.cpp:
(WebKit::Download::decideDestinationWithSuggestedFilename):
Call didDecideDestination(), now that the destination is decided.

* WebProcess/Downloads/Download.h:
Declare didDecideDestination(). Added member variables to hold the
destination file path and the download bundle path.
(WebKit::Download::destination):
Return the path to the final destination for this download.

* WebProcess/Downloads/cf/DownloadCFNet.cpp:
(WebKit::Download::start):
Remove the name of an unused param.
(WebKit::Download::startWithHandle):
Ditto.
(WebKit::Download::cancel):
Tell CFNetwork not to delete the file upon failure, and tell it to
cancel the download. Copy the resume data for the download, and append
it to the download bundle. Call didCancel() with an empty
DataReference, since we have written our own resume data.
(WebKit::decideDestinationWithSuggestedObjectNameCallback):
Remove some unused param names. Removed the call to
CFURLDownloadSetDestination() - this is now handled in
Download::didDecideDestination().
(WebKit::didCreateDestinationCallback):
Report that the final destination was created, rather than the download
bundle, matching old WebKit.
(WebKit::Download::didDecideDestination):
Store the final destination and the download bundle paths, and call
CFURLDownloadSetDestination(), passing the path to the download bundle.

* WebProcess/Downloads/curl/DownloadCurl.cpp:
(WebKit::Download::didDecideDestination):
Stubbed.

* WebProcess/Downloads/mac/DownloadMac.mm:
(WebKit::Download::didDecideDestination):
Stubbed - unneeded on the Mac.

* WebProcess/Downloads/qt/DownloadQt.cpp:
(WebKit::Download::didDecideDestination):
Stubbed.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77055 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-29 Jeff Miller <jeffm@apple.com>
commit-queue@webkit.org [Sat, 29 Jan 2011 08:27:23 +0000 (08:27 +0000)]
2011-01-29  Jeff Miller  <jeffm@apple.com>

        Reviewed by Anders Carlsson.

        Support find bouncy in WebKit2 on Windows
        https://bugs.webkit.org/show_bug.cgi?id=53329
        <rdar://problem/8565843>
        The Mac implements the find bouncy inside of WebKit in the UI process for WebKit2, but we need to do this inside Safari for WebKit2 on Windows.
        Add infrastructure to call back into the app when the find indicator changes.

        * UIProcess/API/C/win/WKView.cpp: Cleanup some code style violations.
        (WKViewSetFindIndicatorCallback): Added.
        (WKViewGetFindIndicatorCallback): Added.
        * UIProcess/API/C/win/WKView.h: Cleanup some code style violations.
        * UIProcess/FindIndicator.cpp:
        (WebKit::FindIndicator::create):
        (WebKit::FindIndicator::FindIndicator):
        (WebKit::FindIndicator::frameRect):
        (WebKit::FindIndicator::draw):
        Rename m_selectionRect to m_selectionRectInWindowCoordinates and m_textRects to m_textRectsInSelectionRectCoordinates (along with similarly named local variables) to be more explict about the coordinate system.
        * UIProcess/FindIndicator.h:
        (WebKit::FindIndicator::selectionRectInWindowCoordinates): Added.
        (WebKit::FindIndicator::textRects): Rename m_textRects to m_textRectsInSelectionRectCoordinates.
        * UIProcess/WebPageProxy.cpp:
        (WebKit::WebPageProxy::setFindIndicator): Rename selectionRect to selectionRectInWindowCoordinates and textRects to textRectsInSelectionRectCoordinates to be more explict about the coordinate system.
        * UIProcess/WebPageProxy.h: Ditto.
        * UIProcess/win/WebView.cpp:
        (WebKit::WebView::WebView):
        (WebKit::WebView::setFindIndicator): Added.
        (WebKit::WebView::setFindIndicatorCallback): Added.
        (WebKit::WebView::getFindIndicatorCallback): Added.
        * UIProcess/win/WebView.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77054 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-29 Sheriff Bot <webkit.review.bot@gmail.com>
rniwa@webkit.org [Sat, 29 Jan 2011 08:23:45 +0000 (08:23 +0000)]
2011-01-29  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r77050.
        http://trac.webkit.org/changeset/77050
        https://bugs.webkit.org/show_bug.cgi?id=53371

        Caused a crash in Chromium's test_shell_tests (Requested by
        rniwa on #webkit).

        * resources/performance-test.js: Removed.
        * tiny-innerHTML.html: Removed.
2011-01-29  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r77050.
        http://trac.webkit.org/changeset/77050
        https://bugs.webkit.org/show_bug.cgi?id=53371

        Caused a crash in Chromium's test_shell_tests (Requested by
        rniwa on #webkit).

        * html/parser/HTMLTreeBuilder.cpp:
        (WebCore::HTMLTreeBuilder::FragmentParsingContext::FragmentParsingContext):
        (WebCore::HTMLTreeBuilder::FragmentParsingContext::document):
        (WebCore::HTMLTreeBuilder::FragmentParsingContext::finished):
        * html/parser/HTMLTreeBuilder.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77053 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-29 Ryosuke Niwa <rniwa@webkit.org>
rniwa@webkit.org [Sat, 29 Jan 2011 08:13:42 +0000 (08:13 +0000)]
2011-01-29  Ryosuke Niwa  <rniwa@webkit.org>

        Unreviewed rebaselines and test expectation updates for Chromium Linux.

        * platform/chromium-linux/fast/forms/select-dirty-parent-pref-widths-expected.checksum: Added.
        * platform/chromium-linux/fast/forms/select-dirty-parent-pref-widths-expected.png: Added.
        * platform/chromium-linux/fast/forms/select-dirty-parent-pref-widths-expected.txt: Added.
        * platform/chromium/test_expectations.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77052 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Alexey Proskuryakov <ap@apple.com>
ap@apple.com [Sat, 29 Jan 2011 07:56:02 +0000 (07:56 +0000)]
2011-01-28  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Dan Bernstein.

        https://bugs.webkit.org/show_bug.cgi?id=53367
        <rdar://problem/8926460> Remove dysfunctional code from -[WKPrintingView _isPrintingPreview].

        * UIProcess/API/mac/WKPrintingView.mm: (-[WKPrintingView _isPrintingPreview]): The common
        branch works fine for now, no need to make platforms different.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77051 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Eric Seidel <eric@webkit.org>
eric@webkit.org [Sat, 29 Jan 2011 07:37:58 +0000 (07:37 +0000)]
2011-01-28  Eric Seidel  <eric@webkit.org>

        Reviewed by Darin Adler.

        HTML5 TreeBuilder regressed a Peacekeeper DOM test by 40%
        https://bugs.webkit.org/show_bug.cgi?id=48719

        It's unclear exactly what the Peacekeeper benchmark is testing,
        because I haven't found a way to run it myself.

        However, I constructed a benchmark which shows at least one possible slow point.
        The HTML5 spec talks about creating a new document for every time we use
        the fragment parsing algorithm.  Document() it turns out, it a huge bloated
        mess, and the constructor and destructor do a huge amount of work.
        To avoid constructing (or destructing) documents for each innerHTML call,
        this patch adds a shared dummy document used by all innerHTML calls.

        * benchmarks/parser/tiny-innerHTML.html: Added.
2011-01-28  Eric Seidel  <eric@webkit.org>

        Reviewed by Darin Adler.

        HTML5 TreeBuilder regressed a Peacekeeper DOM test by 40%
        https://bugs.webkit.org/show_bug.cgi?id=48719

        It's unclear exactly what the Peacekeeper benchmark is testing,
        because I haven't found a way to run it myself.

        However, I constructed a benchmark which shows at least one possible slow point.
        The HTML5 spec talks about creating a new document for every time we use
        the fragment parsing algorithm.  Document() it turns out, it a huge bloated
        mess, and the constructor and destructor do a huge amount of work.
        To avoid constructing (or destructing) documents for each innerHTML call,
        this patch adds a shared dummy document used by all innerHTML calls.

        This patch brings us from 7x slower than Safari 5 on tiny-innerHTML
        to only 1.5x slower than Safari 5.  I'm sure there is more work to do here.

        Saving a shared Document like this is error prone.  Currently
        DummyDocumentFactory::releaseDocument() calls removeAllChildren()
        in an attempt to clear the Document's state. However it's possible
        that that call is not sufficient and we'll have future bugs here.

        * html/parser/HTMLTreeBuilder.cpp:
        (WebCore::DummyDocumentFactory::createDummyDocument):
        (WebCore::DummyDocumentFactory::releaseDocument):
        (WebCore::HTMLTreeBuilder::FragmentParsingContext::FragmentParsingContext):
        (WebCore::HTMLTreeBuilder::FragmentParsingContext::document):
        (WebCore::HTMLTreeBuilder::FragmentParsingContext::finished):
        * html/parser/HTMLTreeBuilder.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77050 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Johnny Ding <jnd@chromium.org>
jnd@chromium.org [Sat, 29 Jan 2011 07:06:57 +0000 (07:06 +0000)]
2011-01-28  Johnny Ding  <jnd@chromium.org>

        Reviewed by Adam Barth.

        Gesture API, disallow popup bypass with using iframe src.
        https://bugs.webkit.org/show_bug.cgi?id=53244

        * fast/events/popup-blocked-from-iframe-src-expected.txt: Added.
        * fast/events/popup-blocked-from-iframe-src.html: Added.
2011-01-28  Johnny Ding  <jnd@chromium.org>

        Reviewed by Adam Barth.

        Gesture API: Don't use current gesture status to set "forceUserGesture" parameter when calling ScriptController::executeScript.
        The "forceUserGesture" parameter should be only set when you are definitely sure that the running script is from a hyper-link.
        https://bugs.webkit.org/show_bug.cgi?id=53244

        Test: fast/events/popup-blocked-from-iframe-src.html

        * bindings/ScriptControllerBase.cpp:
        (WebCore::ScriptController::executeIfJavaScriptURL):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77049 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Ryosuke Niwa <rniwa@webkit.org>
rniwa@webkit.org [Sat, 29 Jan 2011 07:00:26 +0000 (07:00 +0000)]
2011-01-28  Ryosuke Niwa  <rniwa@webkit.org>

        Unreviewed; removed Chromium test expectations for tests that have been steadily passing.

        In particular, many ietestcenter tests have been passing since V8 is updated to
        version 3.0.12 in Chromium r72940.

        * platform/chromium/test_expectations.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77048 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Ryosuke Niwa <rniwa@webkit.org>
rniwa@webkit.org [Sat, 29 Jan 2011 06:25:57 +0000 (06:25 +0000)]
2011-01-28  Ryosuke Niwa  <rniwa@webkit.org>

        Unreviewed; roll WebKit Chromium revision from 72894 to 73048.

        * DEPS:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77047 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years agoUpdated test results after r76983.
mitz@apple.com [Sat, 29 Jan 2011 05:56:31 +0000 (05:56 +0000)]
Updated test results after r76983.

Rubber-stamped by Maciej Stachowiak.

* platform/mac-leopard/fast/forms/select-writing-direction-natural-expected.txt: Copied from LayoutTests/platform/mac/fast/forms/select-writing-direction-natural-expected.txt.
* platform/mac-leopard/fast/text/international/bidi-menulist-expected.txt: Copied from LayoutTests/platform/mac/fast/text/international/bidi-menulist-expected.txt.
* platform/mac/fast/forms/select-writing-direction-natural-expected.checksum:
* platform/mac/fast/forms/select-writing-direction-natural-expected.png:
* platform/mac/fast/forms/select-writing-direction-natural-expected.txt:
* platform/mac/fast/text/international/bidi-menulist-expected.checksum:
* platform/mac/fast/text/international/bidi-menulist-expected.png:
* platform/mac/fast/text/international/bidi-menulist-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77046 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Simon Fraser <simon.fraser@apple.com>
simon.fraser@apple.com [Sat, 29 Jan 2011 05:02:31 +0000 (05:02 +0000)]
2011-01-28  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Gavin Barraclough.

        Add various clampToInt() methods to MathExtras.h
        https://bugs.webkit.org/show_bug.cgi?id=52910

        Use clampToInteger() from MathExtras.h

        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseCounter):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77045 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Sheriff Bot <webkit.review.bot@gmail.com>
rniwa@webkit.org [Sat, 29 Jan 2011 04:06:04 +0000 (04:06 +0000)]
2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r77006 and r77020.
        http://trac.webkit.org/changeset/77006
        http://trac.webkit.org/changeset/77020
        https://bugs.webkit.org/show_bug.cgi?id=53360

        "Broke Windows tests" (Requested by rniwa on #webkit).

        * API/JSCallbackObject.h:
        (JSC::JSCallbackObjectData::setPrivateProperty):
        (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
        (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
        (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
        (JSC::JSCallbackObject::setPrivateProperty):
        * API/JSCallbackObjectFunctions.h:
        (JSC::::put):
        (JSC::::staticFunctionGetter):
        * API/JSObjectRef.cpp:
        (JSObjectMakeConstructor):
        (JSObjectSetPrivateProperty):
        * API/JSWeakObjectMapRefInternal.h:
        * JavaScriptCore.exp:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::markAggregate):
        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::globalObject):
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::BytecodeGenerator):
        (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
        (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
        (JSC::BytecodeGenerator::findScopedProperty):
        * debugger/Debugger.cpp:
        (JSC::evaluateInGlobalCallFrame):
        * debugger/DebuggerActivation.cpp:
        (JSC::DebuggerActivation::DebuggerActivation):
        (JSC::DebuggerActivation::markChildren):
        * debugger/DebuggerActivation.h:
        * debugger/DebuggerCallFrame.cpp:
        (JSC::DebuggerCallFrame::evaluate):
        * interpreter/CallFrame.h:
        (JSC::ExecState::exception):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::resolve):
        (JSC::Interpreter::resolveSkip):
        (JSC::Interpreter::resolveGlobal):
        (JSC::Interpreter::resolveGlobalDynamic):
        (JSC::Interpreter::resolveBaseAndProperty):
        (JSC::Interpreter::unwindCallFrame):
        (JSC::appendSourceToError):
        (JSC::Interpreter::execute):
        (JSC::Interpreter::tryCacheGetByID):
        (JSC::Interpreter::privateExecute):
        * jit/JITStubs.cpp:
        (JSC::JITThunks::tryCacheGetByID):
        (JSC::DEFINE_STUB_FUNCTION):
        * jsc.cpp:
        (GlobalObject::GlobalObject):
        * runtime/ArgList.cpp:
        (JSC::MarkedArgumentBuffer::markLists):
        * runtime/Arguments.cpp:
        (JSC::Arguments::markChildren):
        (JSC::Arguments::getOwnPropertySlot):
        (JSC::Arguments::getOwnPropertyDescriptor):
        (JSC::Arguments::put):
        * runtime/Arguments.h:
        (JSC::Arguments::setActivation):
        (JSC::Arguments::Arguments):
        * runtime/ArrayConstructor.cpp:
        (JSC::ArrayConstructor::ArrayConstructor):
        (JSC::constructArrayWithSizeQuirk):
        * runtime/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncSplice):
        * runtime/BatchedTransitionOptimizer.h:
        (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
        (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
        * runtime/BooleanConstructor.cpp:
        (JSC::BooleanConstructor::BooleanConstructor):
        (JSC::constructBoolean):
        (JSC::constructBooleanFromImmediateBoolean):
        * runtime/BooleanPrototype.cpp:
        (JSC::BooleanPrototype::BooleanPrototype):
        * runtime/ConservativeSet.cpp:
        (JSC::ConservativeSet::grow):
        * runtime/ConservativeSet.h:
        (JSC::ConservativeSet::~ConservativeSet):
        (JSC::ConservativeSet::mark):
        * runtime/DateConstructor.cpp:
        (JSC::DateConstructor::DateConstructor):
        * runtime/DateInstance.cpp:
        (JSC::DateInstance::DateInstance):
        * runtime/DatePrototype.cpp:
        (JSC::dateProtoFuncSetTime):
        (JSC::setNewValueFromTimeArgs):
        (JSC::setNewValueFromDateArgs):
        (JSC::dateProtoFuncSetYear):
        * runtime/ErrorConstructor.cpp:
        (JSC::ErrorConstructor::ErrorConstructor):
        * runtime/ErrorInstance.cpp:
        (JSC::ErrorInstance::ErrorInstance):
        * runtime/ErrorPrototype.cpp:
        (JSC::ErrorPrototype::ErrorPrototype):
        * runtime/FunctionConstructor.cpp:
        (JSC::FunctionConstructor::FunctionConstructor):
        * runtime/FunctionPrototype.cpp:
        (JSC::FunctionPrototype::FunctionPrototype):
        * runtime/GetterSetter.cpp:
        (JSC::GetterSetter::markChildren):
        * runtime/GetterSetter.h:
        (JSC::GetterSetter::GetterSetter):
        (JSC::GetterSetter::getter):
        (JSC::GetterSetter::setGetter):
        (JSC::GetterSetter::setter):
        (JSC::GetterSetter::setSetter):
        * runtime/GlobalEvalFunction.cpp:
        (JSC::GlobalEvalFunction::GlobalEvalFunction):
        (JSC::GlobalEvalFunction::markChildren):
        * runtime/GlobalEvalFunction.h:
        (JSC::GlobalEvalFunction::cachedGlobalObject):
        * runtime/Heap.cpp:
        (JSC::Heap::markProtectedObjects):
        (JSC::Heap::markTempSortVectors):
        (JSC::Heap::markRoots):
        * runtime/InternalFunction.cpp:
        (JSC::InternalFunction::InternalFunction):
        * runtime/JSAPIValueWrapper.h:
        (JSC::JSAPIValueWrapper::value):
        (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
        * runtime/JSActivation.cpp:
        (JSC::JSActivation::markChildren):
        (JSC::JSActivation::put):
        * runtime/JSArray.cpp:
        (JSC::JSArray::JSArray):
        (JSC::JSArray::getOwnPropertySlot):
        (JSC::JSArray::getOwnPropertyDescriptor):
        (JSC::JSArray::put):
        (JSC::JSArray::putSlowCase):
        (JSC::JSArray::deleteProperty):
        (JSC::JSArray::increaseVectorLength):
        (JSC::JSArray::setLength):
        (JSC::JSArray::pop):
        (JSC::JSArray::push):
        (JSC::JSArray::unshiftCount):
        (JSC::JSArray::sort):
        (JSC::JSArray::fillArgList):
        (JSC::JSArray::copyToRegisters):
        (JSC::JSArray::compactForSorting):
        * runtime/JSArray.h:
        (JSC::JSArray::getIndex):
        (JSC::JSArray::setIndex):
        (JSC::JSArray::uncheckedSetIndex):
        (JSC::JSArray::markChildrenDirect):
        * runtime/JSByteArray.cpp:
        (JSC::JSByteArray::JSByteArray):
        * runtime/JSCell.h:
        (JSC::JSCell::JSValue::toThisObject):
        (JSC::JSCell::MarkStack::append):
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::JSFunction):
        (JSC::JSFunction::getOwnPropertySlot):
        * runtime/JSGlobalData.h:
        * runtime/JSGlobalObject.cpp:
        (JSC::markIfNeeded):
        (JSC::JSGlobalObject::reset):
        (JSC::JSGlobalObject::resetPrototype):
        (JSC::JSGlobalObject::markChildren):
        * runtime/JSGlobalObject.h:
        (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
        (JSC::JSGlobalObject::regExpConstructor):
        (JSC::JSGlobalObject::errorConstructor):
        (JSC::JSGlobalObject::evalErrorConstructor):
        (JSC::JSGlobalObject::rangeErrorConstructor):
        (JSC::JSGlobalObject::referenceErrorConstructor):
        (JSC::JSGlobalObject::syntaxErrorConstructor):
        (JSC::JSGlobalObject::typeErrorConstructor):
        (JSC::JSGlobalObject::URIErrorConstructor):
        (JSC::JSGlobalObject::evalFunction):
        (JSC::JSGlobalObject::objectPrototype):
        (JSC::JSGlobalObject::functionPrototype):
        (JSC::JSGlobalObject::arrayPrototype):
        (JSC::JSGlobalObject::booleanPrototype):
        (JSC::JSGlobalObject::stringPrototype):
        (JSC::JSGlobalObject::numberPrototype):
        (JSC::JSGlobalObject::datePrototype):
        (JSC::JSGlobalObject::regExpPrototype):
        (JSC::JSGlobalObject::methodCallDummy):
        (JSC::Structure::prototypeForLookup):
        (JSC::constructArray):
        * runtime/JSONObject.cpp:
        (JSC::Stringifier::Holder::object):
        (JSC::Stringifier::markAggregate):
        (JSC::Stringifier::stringify):
        (JSC::Stringifier::Holder::appendNextProperty):
        (JSC::Walker::callReviver):
        (JSC::Walker::walk):
        * runtime/JSObject.cpp:
        (JSC::JSObject::defineGetter):
        (JSC::JSObject::defineSetter):
        (JSC::JSObject::removeDirect):
        (JSC::JSObject::putDirectFunction):
        (JSC::JSObject::putDirectFunctionWithoutTransition):
        (JSC::putDescriptor):
        (JSC::JSObject::defineOwnProperty):
        * runtime/JSObject.h:
        (JSC::JSObject::getDirectOffset):
        (JSC::JSObject::putDirectOffset):
        (JSC::JSObject::flattenDictionaryObject):
        (JSC::JSObject::putDirectInternal):
        (JSC::JSObject::putDirect):
        (JSC::JSObject::putDirectFunction):
        (JSC::JSObject::putDirectWithoutTransition):
        (JSC::JSObject::putDirectFunctionWithoutTransition):
        (JSC::JSValue::putDirect):
        (JSC::JSObject::allocatePropertyStorageInline):
        (JSC::JSObject::markChildrenDirect):
        * runtime/JSPropertyNameIterator.cpp:
        (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
        (JSC::JSPropertyNameIterator::get):
        * runtime/JSPropertyNameIterator.h:
        * runtime/JSStaticScopeObject.cpp:
        (JSC::JSStaticScopeObject::markChildren):
        * runtime/JSString.cpp:
        (JSC::StringObject::create):
        * runtime/JSValue.h:
        * runtime/JSWrapperObject.cpp:
        (JSC::JSWrapperObject::markChildren):
        * runtime/JSWrapperObject.h:
        (JSC::JSWrapperObject::internalValue):
        (JSC::JSWrapperObject::setInternalValue):
        * runtime/LiteralParser.cpp:
        (JSC::LiteralParser::parse):
        * runtime/Lookup.cpp:
        (JSC::setUpStaticFunctionSlot):
        * runtime/Lookup.h:
        (JSC::lookupPut):
        * runtime/MarkStack.h:
        (JSC::MarkStack::appendValues):
        * runtime/MathObject.cpp:
        (JSC::MathObject::MathObject):
        * runtime/NativeErrorConstructor.cpp:
        (JSC::NativeErrorConstructor::NativeErrorConstructor):
        * runtime/NativeErrorPrototype.cpp:
        (JSC::NativeErrorPrototype::NativeErrorPrototype):
        * runtime/NumberConstructor.cpp:
        (JSC::NumberConstructor::NumberConstructor):
        (JSC::constructWithNumberConstructor):
        * runtime/NumberObject.cpp:
        (JSC::constructNumber):
        * runtime/NumberPrototype.cpp:
        (JSC::NumberPrototype::NumberPrototype):
        * runtime/ObjectConstructor.cpp:
        (JSC::ObjectConstructor::ObjectConstructor):
        (JSC::objectConstructorGetOwnPropertyDescriptor):
        * runtime/Operations.h:
        (JSC::normalizePrototypeChain):
        (JSC::resolveBase):
        * runtime/PrototypeFunction.cpp:
        (JSC::PrototypeFunction::PrototypeFunction):
        * runtime/PutPropertySlot.h:
        (JSC::PutPropertySlot::setExistingProperty):
        (JSC::PutPropertySlot::setNewProperty):
        (JSC::PutPropertySlot::base):
        * runtime/RegExpConstructor.cpp:
        (JSC::RegExpConstructor::RegExpConstructor):
        * runtime/ScopeChain.cpp:
        (JSC::ScopeChainNode::print):
        * runtime/ScopeChain.h:
        (JSC::ScopeChainNode::~ScopeChainNode):
        (JSC::ScopeChainIterator::operator*):
        (JSC::ScopeChainIterator::operator->):
        (JSC::ScopeChain::top):
        * runtime/ScopeChainMark.h:
        (JSC::ScopeChain::markAggregate):
        * runtime/SmallStrings.cpp:
        (JSC::isMarked):
        (JSC::SmallStrings::markChildren):
        * runtime/SmallStrings.h:
        (JSC::SmallStrings::emptyString):
        (JSC::SmallStrings::singleCharacterString):
        (JSC::SmallStrings::singleCharacterStrings):
        * runtime/StringConstructor.cpp:
        (JSC::StringConstructor::StringConstructor):
        * runtime/StringObject.cpp:
        (JSC::StringObject::StringObject):
        * runtime/StringObject.h:
        * runtime/StringPrototype.cpp:
        (JSC::StringPrototype::StringPrototype):
        * runtime/Structure.cpp:
        (JSC::Structure::Structure):
        (JSC::Structure::addPropertyTransition):
        (JSC::Structure::toDictionaryTransition):
        (JSC::Structure::flattenDictionaryStructure):
        * runtime/Structure.h:
        (JSC::Structure::storedPrototype):
        * runtime/WeakGCMap.h:
        (JSC::WeakGCMap::uncheckedGet):
        (JSC::WeakGCMap::isValid):
        (JSC::::get):
        (JSC::::take):
        (JSC::::set):
        (JSC::::uncheckedRemove):
        * runtime/WriteBarrier.h: Removed.
2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r77006 and r77020.
        http://trac.webkit.org/changeset/77006
        http://trac.webkit.org/changeset/77020
        https://bugs.webkit.org/show_bug.cgi?id=53360

        "Broke Windows tests" (Requested by rniwa on #webkit).

        * JSValueWrapper.cpp:
        (JSValueWrapper::JSObjectMark):
2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r77006 and r77020.
        http://trac.webkit.org/changeset/77006
        http://trac.webkit.org/changeset/77020
        https://bugs.webkit.org/show_bug.cgi?id=53360

        "Broke Windows tests" (Requested by rniwa on #webkit).

        * WebView/WebScriptDebugDelegate.mm:
        (-[WebScriptCallFrame scopeChain]):
2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r77006 and r77020.
        http://trac.webkit.org/changeset/77006
        http://trac.webkit.org/changeset/77020
        https://bugs.webkit.org/show_bug.cgi?id=53360

        "Broke Windows tests" (Requested by rniwa on #webkit).

        * ForwardingHeaders/runtime/WriteBarrier.h: Removed.
        * WebCore.exp.in:
        * bindings/js/DOMWrapperWorld.h:
        * bindings/js/JSAudioConstructor.cpp:
        (WebCore::JSAudioConstructor::JSAudioConstructor):
        * bindings/js/JSDOMBinding.cpp:
        (WebCore::markDOMNodesForDocument):
        (WebCore::markDOMObjectWrapper):
        (WebCore::markDOMNodeWrapper):
        * bindings/js/JSDOMGlobalObject.cpp:
        (WebCore::JSDOMGlobalObject::markChildren):
        (WebCore::JSDOMGlobalObject::setInjectedScript):
        (WebCore::JSDOMGlobalObject::injectedScript):
        * bindings/js/JSDOMGlobalObject.h:
        (WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData::JSDOMGlobalObjectData):
        (WebCore::getDOMConstructor):
        * bindings/js/JSDOMWindowCustom.cpp:
        (WebCore::JSDOMWindow::setLocation):
        (WebCore::DialogHandler::dialogCreated):
        * bindings/js/JSDOMWindowShell.cpp:
        (WebCore::JSDOMWindowShell::JSDOMWindowShell):
        (WebCore::JSDOMWindowShell::setWindow):
        (WebCore::JSDOMWindowShell::markChildren):
        (WebCore::JSDOMWindowShell::unwrappedObject):
        * bindings/js/JSDOMWindowShell.h:
        (WebCore::JSDOMWindowShell::window):
        (WebCore::JSDOMWindowShell::setWindow):
        * bindings/js/JSDeviceMotionEventCustom.cpp:
        (WebCore::createAccelerationObject):
        (WebCore::createRotationRateObject):
        * bindings/js/JSEventListener.cpp:
        (WebCore::JSEventListener::JSEventListener):
        (WebCore::JSEventListener::markJSFunction):
        * bindings/js/JSEventListener.h:
        (WebCore::JSEventListener::jsFunction):
        * bindings/js/JSHTMLDocumentCustom.cpp:
        (WebCore::JSHTMLDocument::setAll):
        * bindings/js/JSImageConstructor.cpp:
        (WebCore::JSImageConstructor::JSImageConstructor):
        * bindings/js/JSImageDataCustom.cpp:
        (WebCore::toJS):
        * bindings/js/JSJavaScriptCallFrameCustom.cpp:
        (WebCore::JSJavaScriptCallFrame::scopeChain):
        (WebCore::JSJavaScriptCallFrame::scopeType):
        * bindings/js/JSNodeFilterCondition.cpp:
        (WebCore::JSNodeFilterCondition::markAggregate):
        (WebCore::JSNodeFilterCondition::acceptNode):
        * bindings/js/JSNodeFilterCondition.h:
        * bindings/js/JSNodeFilterCustom.cpp:
        * bindings/js/JSOptionConstructor.cpp:
        (WebCore::JSOptionConstructor::JSOptionConstructor):
        * bindings/js/JSSQLResultSetRowListCustom.cpp:
        (WebCore::JSSQLResultSetRowList::item):
        * bindings/js/ScriptCachedFrameData.cpp:
        (WebCore::ScriptCachedFrameData::restore):
        * bindings/js/ScriptObject.cpp:
        (WebCore::ScriptGlobalObject::set):
        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::CloneDeserializer::putProperty):
        * bindings/scripts/CodeGeneratorJS.pm:
        * bridge/qt/qt_runtime.cpp:
        (JSC::Bindings::QtRuntimeMetaMethod::QtRuntimeMetaMethod):
        (JSC::Bindings::QtRuntimeMetaMethod::markChildren):
        (JSC::Bindings::QtRuntimeMetaMethod::connectGetter):
        (JSC::Bindings::QtRuntimeMetaMethod::disconnectGetter):
        * bridge/qt/qt_runtime.h:
        * bridge/runtime_root.cpp:
        (JSC::Bindings::RootObject::invalidate):
        * bridge/runtime_root.h:
        * dom/Document.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77044 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Maciej Stachowiak <mjs@apple.com>
mjs@apple.com [Sat, 29 Jan 2011 03:45:17 +0000 (03:45 +0000)]
2011-01-28  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Dan Bernstein.

        WKPageGetEstimatedProgress returns wrong value after a mainframe provisional load has started
        https://bugs.webkit.org/show_bug.cgi?id=53358

        * UIProcess/WebPageProxy.cpp:
        (WebKit::WebPageProxy::didStartProgress): Start progress at the magic initial value, not 0.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77043 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Maciej Stachowiak <mjs@apple.com>
mjs@apple.com [Sat, 29 Jan 2011 02:25:32 +0000 (02:25 +0000)]
2011-01-28  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Darin Adler.

        WebKitTestRunner needs layoutTestController.setPOSIXLocale
        https://bugs.webkit.org/show_bug.cgi?id=42682

        * platform/mac-wk2/Skipped:
2011-01-28  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Darin Adler.

        WebKitTestRunner needs layoutTestController.setPOSIXLocale
        https://bugs.webkit.org/show_bug.cgi?id=42682

        * WebKitTestRunner/InjectedBundle/Bindings/LayoutTestController.idl:
        * WebKitTestRunner/InjectedBundle/InjectedBundle.cpp:
        (WTR::InjectedBundle::resetLocalSettings):
        (WTR::InjectedBundle::didReceiveMessage):
        * WebKitTestRunner/InjectedBundle/InjectedBundle.h:
        * WebKitTestRunner/InjectedBundle/LayoutTestController.cpp:
        (WTR::LayoutTestController::setPOSIXLocale):
        * WebKitTestRunner/InjectedBundle/LayoutTestController.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77042 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Adam Barth <abarth@webkit.org>
abarth@webkit.org [Sat, 29 Jan 2011 02:08:44 +0000 (02:08 +0000)]
2011-01-28  Adam Barth  <abarth@webkit.org>

        Reviewed by Eric Seidel.

        XSSFilter should log to the console when it blocks something
        https://bugs.webkit.org/show_bug.cgi?id=53354

        This patch refactors a bunch of methods in XSSFilter to return a bool
        indicating whether they blocked anything.  Using this bool, we decide
        whether to log to the console.  We're using the same log message as the
        XSSAuditor, but it seems likely we can improve this message in the
        future (especially by piping in the correct line number, which is now
        accessible via the parser).

        * html/parser/XSSFilter.cpp:
        (WebCore::HTMLNames::isNameOfInlineEventHandler):
        (WebCore::XSSFilter::filterToken):
        (WebCore::XSSFilter::filterTokenInitial):
        (WebCore::XSSFilter::filterTokenAfterScriptStartTag):
        (WebCore::XSSFilter::filterScriptToken):
        (WebCore::XSSFilter::filterObjectToken):
        (WebCore::XSSFilter::filterEmbedToken):
        (WebCore::XSSFilter::filterAppletToken):
        (WebCore::XSSFilter::filterMetaToken):
        (WebCore::XSSFilter::filterBaseToken):
        (WebCore::XSSFilter::eraseInlineEventHandlersIfInjected):
        * html/parser/XSSFilter.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77041 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Dirk Pranke <dpranke@chromium.org>
dpranke@chromium.org [Sat, 29 Jan 2011 02:08:00 +0000 (02:08 +0000)]
2011-01-28  Dirk Pranke  <dpranke@chromium.org>

         Reviewed by Mihai Parparita.

         test-webkitpy: fix webkitpy.layout_tests.port.mac_unittest.MacTest.test_skipped_file_paths

         This patch re-enables this test and changes it to
         handle all of the mac platform versions, not just the one
         it is running on.

         https://bugs.webkit.org/show_bug.cgi?id=53356

         * Scripts/webkitpy/layout_tests/port/mac_unittest.py:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77039 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Dirk Pranke <dpranke@chromium.org>
dpranke@chromium.org [Sat, 29 Jan 2011 01:41:51 +0000 (01:41 +0000)]
2011-01-28  Dirk Pranke  <dpranke@chromium.org>

        Unreviewed, build fix.

        Take two. The fix in 77023 didn't work, because we were
        still calling path.abspath_to_uri, which calls _cygpath under
        the covers, and it appears the cygpath on the bots does
        something different than it does on my machine. This patch
        removes the calls to path.abspath_to_uri, so it should be safe.
        If it doesn't work, I'll roll it out along with r76982 and 77023.

        https://bugs.webkit.org/show_bug.cgi?id=53126

        * Scripts/webkitpy/layout_tests/port/test.py:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77038 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Adam Barth <abarth@webkit.org>
abarth@webkit.org [Sat, 29 Jan 2011 00:58:36 +0000 (00:58 +0000)]
2011-01-28  Adam Barth  <abarth@webkit.org>

        Reviewed by Daniel Bates.

        Wire up settings->xssAuditorEnabled to XSSFilter
        https://bugs.webkit.org/show_bug.cgi?id=53345

        * html/parser/XSSFilter.cpp:
        (WebCore::XSSFilter::XSSFilter):
        (WebCore::XSSFilter::filterToken):
        * html/parser/XSSFilter.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77034 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Adam Barth <abarth@webkit.org>
abarth@webkit.org [Sat, 29 Jan 2011 00:57:05 +0000 (00:57 +0000)]
2011-01-28  Adam Barth  <abarth@webkit.org>

        Reviewed by Daniel Bates.

        Teach XSSFilter about <meta> and <base> tags
        https://bugs.webkit.org/show_bug.cgi?id=53339

        I'm not 100% sure we need to block <meta http-equiv>, but it seems
        prudent given how powerful that attribute is.  We definitely need to
        block injection of <base href> because that can redirect script tags
        that use relative URLs.

        * html/parser/XSSFilter.cpp:
        (WebCore::XSSFilter::filterToken):
        (WebCore::XSSFilter::filterMetaToken):
        (WebCore::XSSFilter::filterBaseToken):
        * html/parser/XSSFilter.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77033 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Adam Barth <abarth@webkit.org>
abarth@webkit.org [Sat, 29 Jan 2011 00:55:37 +0000 (00:55 +0000)]
2011-01-28  Adam Barth  <abarth@webkit.org>

        Reviewed by Daniel Bates.

        Teach XSSFilter about <applet>
        https://bugs.webkit.org/show_bug.cgi?id=53338

        HTML5 is pretty light on information about how the <applet> tag works.
        According to this site:

        http://download.oracle.com/javase/1.4.2/docs/guide/misc/applet.html

        The "code" and "object" attributes are the essential attributes for
        determining which piece of Java to run.  We might need to expand to the
        codebase and archive attributes at some point, but hopefully code and
        object will be sufficient.

        * html/parser/XSSFilter.cpp:
        (WebCore::XSSFilter::filterToken):
        (WebCore::XSSFilter::filterAppletToken):
        * html/parser/XSSFilter.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77032 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Adam Barth <abarth@webkit.org>
abarth@webkit.org [Sat, 29 Jan 2011 00:53:57 +0000 (00:53 +0000)]
2011-01-28  Adam Barth  <abarth@webkit.org>

        Reviewed by Daniel Bates.

        Teach the XSSFilter about object and embed tags
        https://bugs.webkit.org/show_bug.cgi?id=53336

        For <object> and <embed>, we filter out attribute values that either
        indicate which piece of media to load or which plugin to load.  In a
        perfect world, we'd only need to filter out the URLs of the media, but
        some plug-ins (like Flash) have lots of fun places you can hide the
        URL (e.g., the "movie" <param>).

        * html/parser/XSSFilter.cpp:
        (WebCore::XSSFilter::filterToken):
        (WebCore::XSSFilter::filterScriptToken):
        (WebCore::XSSFilter::filterObjectToken):
        (WebCore::XSSFilter::filterEmbedToken):
        (WebCore::XSSFilter::eraseAttributeIfInjected):
        * html/parser/XSSFilter.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77031 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years agoAdded link to bug in ChangeLog.
ddkilzer@apple.com [Sat, 29 Jan 2011 00:53:14 +0000 (00:53 +0000)]
Added link to bug in ChangeLog.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77030 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years agoYet another build fix (What was I thinking?)
andersca@apple.com [Sat, 29 Jan 2011 00:50:19 +0000 (00:50 +0000)]
Yet another build fix (What was I thinking?)

* WebProcess/Downloads/Download.h:
* WebProcess/Plugins/PluginProxy.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77029 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago<rdar://problem/8930699> build-webkit gives a bogus warning with newer versions of...
ddkilzer@apple.com [Sat, 29 Jan 2011 00:46:59 +0000 (00:46 +0000)]
<rdar://problem/8930699> build-webkit gives a bogus warning with newer versions of Xcode

Reviewed by Mark Rowe.

* Scripts/webkitdirs.pm:
(checkRequiredSystemConfig): Check the Xcode marketing version
in addition to the DevCoreTools build version before complaining
about an old version of Xcode.  Also make the Mac OS X version
check use Perl's built-in version string comparitor.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77028 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Ryosuke Niwa <rniwa@webkit.org>
rniwa@webkit.org [Sat, 29 Jan 2011 00:39:05 +0000 (00:39 +0000)]
2011-01-28  Ryosuke Niwa  <rniwa@webkit.org>

        Unreviewed; Fixed Chromium test expectation.

        * platform/chromium/test_expectations.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77027 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years agoBuild fix.
andersca@apple.com [Sat, 29 Jan 2011 00:35:38 +0000 (00:35 +0000)]
Build fix.

Update WKSI.

* WebKitSystemInterface.h:
* libWebKitSystemInterfaceLeopard.a:
* libWebKitSystemInterfaceSnowLeopard.a:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77026 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years agohttps://bugs.webkit.org/show_bug.cgi?id=53352
barraclough@apple.com [Sat, 29 Jan 2011 00:35:17 +0000 (00:35 +0000)]
https://bugs.webkit.org/show_bug.cgi?id=53352
Heavy external fragmentation in FixedVMPoolAllocator can lead to a CRASH().

Reviewed by Geoff Garen.

The FixedVMPoolAllocator currently uses a best fix policy -
switch to first fit, this is less prone to external fragmentation.

* jit/ExecutableAllocatorFixedVMPool.cpp:
(JSC::AllocationTableSizeClass::AllocationTableSizeClass):
(JSC::AllocationTableSizeClass::blockSize):
(JSC::AllocationTableSizeClass::blockCount):
(JSC::AllocationTableSizeClass::blockAlignment):
(JSC::AllocationTableSizeClass::size):
(JSC::AllocationTableLeaf::AllocationTableLeaf):
(JSC::AllocationTableLeaf::~AllocationTableLeaf):
(JSC::AllocationTableLeaf::allocate):
(JSC::AllocationTableLeaf::free):
(JSC::AllocationTableLeaf::isEmpty):
(JSC::AllocationTableLeaf::isFull):
(JSC::AllocationTableLeaf::size):
(JSC::AllocationTableLeaf::classForSize):
(JSC::AllocationTableLeaf::dump):
(JSC::LazyAllocationTable::LazyAllocationTable):
(JSC::LazyAllocationTable::~LazyAllocationTable):
(JSC::LazyAllocationTable::allocate):
(JSC::LazyAllocationTable::free):
(JSC::LazyAllocationTable::isEmpty):
(JSC::LazyAllocationTable::isFull):
(JSC::LazyAllocationTable::size):
(JSC::LazyAllocationTable::dump):
(JSC::LazyAllocationTable::classForSize):
(JSC::AllocationTableDirectory::AllocationTableDirectory):
(JSC::AllocationTableDirectory::~AllocationTableDirectory):
(JSC::AllocationTableDirectory::allocate):
(JSC::AllocationTableDirectory::free):
(JSC::AllocationTableDirectory::isEmpty):
(JSC::AllocationTableDirectory::isFull):
(JSC::AllocationTableDirectory::size):
(JSC::AllocationTableDirectory::classForSize):
(JSC::AllocationTableDirectory::dump):
(JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
(JSC::FixedVMPoolAllocator::alloc):
(JSC::FixedVMPoolAllocator::free):
(JSC::FixedVMPoolAllocator::allocated):
(JSC::FixedVMPoolAllocator::isValid):
(JSC::FixedVMPoolAllocator::classForSize):
(JSC::FixedVMPoolAllocator::offsetToPointer):
(JSC::FixedVMPoolAllocator::pointerToOffset):
(JSC::ExecutableAllocator::committedByteCount):
(JSC::ExecutableAllocator::isValid):
(JSC::ExecutableAllocator::underMemoryPressure):
(JSC::ExecutablePool::systemAlloc):
(JSC::ExecutablePool::systemRelease):
* wtf/PageReservation.h:
(WTF::PageReservation::PageReservation):
(WTF::PageReservation::commit):
(WTF::PageReservation::decommit):
(WTF::PageReservation::committed):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77025 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years agoFix Windows build.
andersca@apple.com [Sat, 29 Jan 2011 00:33:45 +0000 (00:33 +0000)]
Fix Windows build.

* Shared/PrintInfo.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77024 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Dirk Pranke <dpranke@chromium.org>
dpranke@chromium.org [Sat, 29 Jan 2011 00:32:20 +0000 (00:32 +0000)]
2011-01-28  Dirk Pranke  <dpranke@chromium.org>

        Unreviewed, build fix.

        Work around breakage on Win 7 Release bot caused by r76982
        and the fact that windows ports use "file:////" instead of
        "file:///". Ideally the test code should be isolated from
        this, but it isn't yet. Will fix properly in a bit.

        * Scripts/webkitpy/layout_tests/port/mock_drt_unittest.py:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77023 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago[Windows 7 Release Tests] fast/repaint/select-option-background-color.html failing...
jberlin@webkit.org [Sat, 29 Jan 2011 00:30:24 +0000 (00:30 +0000)]
[Windows 7 Release Tests] fast/repaint/select-option-background-color.html failing since
introduction in r76826.
https://bugs.webkit.org/show_bug.cgi?id=53327

Add the pixel-test results missing from http://trac.webkit.org/changeset/76976. Unreviewed.

* platform/win/fast/repaint/select-option-background-color-expected.checksum: Added.
* platform/win/fast/repaint/select-option-background-color-expected.png: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77021 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years agoFixed Qt build.
oliver@apple.com [Sat, 29 Jan 2011 00:29:41 +0000 (00:29 +0000)]
Fixed Qt build.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77020 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years agoCSS styles are shared based on uninitialized property values
antti@apple.com [Sat, 29 Jan 2011 00:23:39 +0000 (00:23 +0000)]
CSS styles are shared based on uninitialized property values
https://bugs.webkit.org/show_bug.cgi?id=53285

Reviewed by Simon Fraser.

Null test.

* dom/NamedNodeMap.cpp:
(WebCore::NamedNodeMap::mappedMapsEquivalent):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77019 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Ryosuke Niwa <rniwa@webkit.org>
rniwa@webkit.org [Sat, 29 Jan 2011 00:12:26 +0000 (00:12 +0000)]
2011-01-28  Ryosuke Niwa  <rniwa@webkit.org>

        Unreviewed Chromium test expectation update.

        * platform/chromium/test_expectations.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77014 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years agoFix tyop.
andersca@apple.com [Sat, 29 Jan 2011 00:08:55 +0000 (00:08 +0000)]
Fix tyop.

* Shared/mac/CoreAnimationRenderer.mm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77013 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Anders Carlsson <andersca@apple.com>
andersca@apple.com [Sat, 29 Jan 2011 00:06:49 +0000 (00:06 +0000)]
2011-01-28  Anders Carlsson  <andersca@apple.com>

        Reviewed by Sam Weinig.

        Add CoreAnimationRenderer class
        https://bugs.webkit.org/show_bug.cgi?id=53343

        * Shared/mac/CoreAnimationRenderer.h: Added.
        * Shared/mac/CoreAnimationRenderer.mm: Added.

        (WebKit::CoreAnimationRenderer::CoreAnimationRenderer):
        Initialize the underlying CARenderer object and hook up a notification observer.

        (WebKit::CoreAnimationRenderer::~CoreAnimationRenderer):
        Assert that the client is null. It has been set to null by the call to invalidate().

        (WebKit::CoreAnimationRenderer::setBounds):
        Update the bounds on the CARenderer and the root layer.

        (WebKit::CoreAnimationRenderer::render):
        Ask the renderer to render and return the next frame time.

        (WebKit::CoreAnimationRenderer::invalidate):
        Remove the change observer and reset the client.

        (WebKit::CoreAnimationRenderer::rendererDidChange):
        Call the client member function.

        * WebKit2.xcodeproj/project.pbxproj:
        Add new files.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77012 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Anders Carlsson <andersca@apple.com>
andersca@apple.com [Fri, 28 Jan 2011 23:42:37 +0000 (23:42 +0000)]
2011-01-28  Anders Carlsson  <andersca@apple.com>

        Reviewed by Sam Weinig.

        Add an OBJC_CLASS macro for forward declaring an Objective-C class
        https://bugs.webkit.org/show_bug.cgi?id=53337

        * Shared/NativeWebKeyboardEvent.h:
        * Shared/PrintInfo.h:
        * UIProcess/ChunkedUpdateDrawingAreaProxy.h:
        * UIProcess/LayerBackedDrawingAreaProxy.h:
        * UIProcess/WebInspectorProxy.h:
        * UIProcess/mac/WebContextMenuProxyMac.h:
        * UIProcess/mac/WebPopupMenuProxyMac.h:
        * WebProcess/Downloads/Download.h:
        * WebProcess/Plugins/PluginProxy.h:
        * WebProcess/WebPage/LayerBackedDrawingArea.h:
        * WebProcess/WebPage/WebPage.h:
        * config.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77007 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-27 Oliver Hunt <oliver@apple.com>
oliver@apple.com [Fri, 28 Jan 2011 23:39:54 +0000 (23:39 +0000)]
2011-01-27  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoffrey Garen.

        Convert markstack to a slot visitor API
        https://bugs.webkit.org/show_bug.cgi?id=53219

        Move the MarkStack over to a slot based marking API.

        In order to avoiding aliasing concerns there are two new types
        that need to be used when holding on to JSValues and JSCell that
        need to be marked: WriteBarrier and DeprecatedPtr.  WriteBarrier
        is expected to be used for any JSValue or Cell that's lifetime and
        marking is controlled by another GC object.  DeprecatedPtr is used
        for any value that we need to rework ownership for.

        The change over to this model has produced a large amount of
        code changes, but they are mostly mechanical (forwarding JSGlobalData,
        etc).

        * API/JSCallbackObject.h:
        (JSC::JSCallbackObjectData::setPrivateProperty):
        (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
        (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
        (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
        (JSC::JSCallbackObject::setPrivateProperty):
        * API/JSCallbackObjectFunctions.h:
        (JSC::::put):
        (JSC::::staticFunctionGetter):
        * API/JSObjectRef.cpp:
        (JSObjectMakeConstructor):
        (JSObjectSetPrivateProperty):
        * API/JSWeakObjectMapRefInternal.h:
        * JavaScriptCore.exp:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::markAggregate):
        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::globalObject):
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::BytecodeGenerator):
        (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
        (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
        (JSC::BytecodeGenerator::findScopedProperty):
        * debugger/DebuggerActivation.cpp:
        (JSC::DebuggerActivation::DebuggerActivation):
        (JSC::DebuggerActivation::markChildren):
        * debugger/DebuggerActivation.h:
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::resolve):
        (JSC::Interpreter::resolveSkip):
        (JSC::Interpreter::resolveGlobalDynamic):
        (JSC::Interpreter::resolveBaseAndProperty):
        (JSC::Interpreter::unwindCallFrame):
        (JSC::appendSourceToError):
        (JSC::Interpreter::execute):
        (JSC::Interpreter::privateExecute):
        * interpreter/Register.h:
        (JSC::Register::jsValueSlot):
        * jit/JITStubs.cpp:
        (JSC::JITThunks::tryCacheGetByID):
        (JSC::DEFINE_STUB_FUNCTION):
        * jsc.cpp:
        (GlobalObject::GlobalObject):
        * runtime/Arguments.cpp:
        (JSC::Arguments::markChildren):
        (JSC::Arguments::getOwnPropertySlot):
        (JSC::Arguments::getOwnPropertyDescriptor):
        (JSC::Arguments::put):
        * runtime/Arguments.h:
        (JSC::Arguments::setActivation):
        (JSC::Arguments::Arguments):
        * runtime/ArrayConstructor.cpp:
        (JSC::ArrayConstructor::ArrayConstructor):
        (JSC::constructArrayWithSizeQuirk):
        * runtime/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncSplice):
        * runtime/BatchedTransitionOptimizer.h:
        (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
        (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
        * runtime/BooleanConstructor.cpp:
        (JSC::BooleanConstructor::BooleanConstructor):
        (JSC::constructBoolean):
        (JSC::constructBooleanFromImmediateBoolean):
        * runtime/BooleanPrototype.cpp:
        (JSC::BooleanPrototype::BooleanPrototype):
        * runtime/ConservativeSet.h:
        (JSC::ConservativeSet::mark):
        * runtime/DateConstructor.cpp:
        (JSC::DateConstructor::DateConstructor):
        * runtime/DateInstance.cpp:
        (JSC::DateInstance::DateInstance):
        * runtime/DatePrototype.cpp:
        (JSC::dateProtoFuncSetTime):
        (JSC::setNewValueFromTimeArgs):
        (JSC::setNewValueFromDateArgs):
        (JSC::dateProtoFuncSetYear):
        * runtime/ErrorConstructor.cpp:
        (JSC::ErrorConstructor::ErrorConstructor):
        * runtime/ErrorInstance.cpp:
        (JSC::ErrorInstance::ErrorInstance):
        * runtime/ErrorPrototype.cpp:
        (JSC::ErrorPrototype::ErrorPrototype):
        * runtime/FunctionConstructor.cpp:
        (JSC::FunctionConstructor::FunctionConstructor):
        * runtime/FunctionPrototype.cpp:
        (JSC::FunctionPrototype::FunctionPrototype):
        * runtime/GetterSetter.cpp:
        (JSC::GetterSetter::markChildren):
        * runtime/GetterSetter.h:
        (JSC::GetterSetter::GetterSetter):
        (JSC::GetterSetter::getter):
        (JSC::GetterSetter::setGetter):
        (JSC::GetterSetter::setter):
        (JSC::GetterSetter::setSetter):
        * runtime/GlobalEvalFunction.cpp:
        (JSC::GlobalEvalFunction::GlobalEvalFunction):
        (JSC::GlobalEvalFunction::markChildren):
        * runtime/GlobalEvalFunction.h:
        (JSC::GlobalEvalFunction::cachedGlobalObject):
        * runtime/Heap.cpp:
        (JSC::Heap::markProtectedObjects):
        (JSC::Heap::markTempSortVectors):
        (JSC::Heap::markRoots):
        * runtime/InternalFunction.cpp:
        (JSC::InternalFunction::InternalFunction):
        * runtime/JSAPIValueWrapper.h:
        (JSC::JSAPIValueWrapper::value):
        (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
        * runtime/JSActivation.cpp:
        (JSC::JSActivation::put):
        * runtime/JSArray.cpp:
        (JSC::JSArray::JSArray):
        (JSC::JSArray::getOwnPropertySlot):
        (JSC::JSArray::getOwnPropertyDescriptor):
        (JSC::JSArray::put):
        (JSC::JSArray::putSlowCase):
        (JSC::JSArray::deleteProperty):
        (JSC::JSArray::increaseVectorLength):
        (JSC::JSArray::setLength):
        (JSC::JSArray::pop):
        (JSC::JSArray::push):
        (JSC::JSArray::unshiftCount):
        (JSC::JSArray::sort):
        (JSC::JSArray::fillArgList):
        (JSC::JSArray::copyToRegisters):
        (JSC::JSArray::compactForSorting):
        * runtime/JSArray.h:
        (JSC::JSArray::getIndex):
        (JSC::JSArray::setIndex):
        (JSC::JSArray::uncheckedSetIndex):
        (JSC::JSArray::markChildrenDirect):
        * runtime/JSByteArray.cpp:
        (JSC::JSByteArray::JSByteArray):
        * runtime/JSCell.h:
        (JSC::JSCell::MarkStack::append):
        (JSC::JSCell::MarkStack::appendCell):
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::JSFunction):
        (JSC::JSFunction::getOwnPropertySlot):
        * runtime/JSGlobalObject.cpp:
        (JSC::markIfNeeded):
        (JSC::JSGlobalObject::reset):
        (JSC::JSGlobalObject::resetPrototype):
        (JSC::JSGlobalObject::markChildren):
        * runtime/JSGlobalObject.h:
        (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
        (JSC::JSGlobalObject::regExpConstructor):
        (JSC::JSGlobalObject::errorConstructor):
        (JSC::JSGlobalObject::evalErrorConstructor):
        (JSC::JSGlobalObject::rangeErrorConstructor):
        (JSC::JSGlobalObject::referenceErrorConstructor):
        (JSC::JSGlobalObject::syntaxErrorConstructor):
        (JSC::JSGlobalObject::typeErrorConstructor):
        (JSC::JSGlobalObject::URIErrorConstructor):
        (JSC::JSGlobalObject::evalFunction):
        (JSC::JSGlobalObject::objectPrototype):
        (JSC::JSGlobalObject::functionPrototype):
        (JSC::JSGlobalObject::arrayPrototype):
        (JSC::JSGlobalObject::booleanPrototype):
        (JSC::JSGlobalObject::stringPrototype):
        (JSC::JSGlobalObject::numberPrototype):
        (JSC::JSGlobalObject::datePrototype):
        (JSC::JSGlobalObject::regExpPrototype):
        (JSC::JSGlobalObject::methodCallDummy):
        (JSC::constructArray):
        * runtime/JSONObject.cpp:
        (JSC::Stringifier::Holder::object):
        (JSC::Stringifier::Holder::objectSlot):
        (JSC::Stringifier::markAggregate):
        (JSC::Stringifier::stringify):
        (JSC::Stringifier::Holder::appendNextProperty):
        (JSC::Walker::callReviver):
        (JSC::Walker::walk):
        * runtime/JSObject.cpp:
        (JSC::JSObject::defineGetter):
        (JSC::JSObject::defineSetter):
        (JSC::JSObject::removeDirect):
        (JSC::JSObject::putDirectFunction):
        (JSC::JSObject::putDirectFunctionWithoutTransition):
        (JSC::putDescriptor):
        (JSC::JSObject::defineOwnProperty):
        * runtime/JSObject.h:
        (JSC::JSObject::putDirectOffset):
        (JSC::JSObject::putUndefinedAtDirectOffset):
        (JSC::JSObject::flattenDictionaryObject):
        (JSC::JSObject::putDirectInternal):
        (JSC::JSObject::putDirect):
        (JSC::JSObject::putDirectFunction):
        (JSC::JSObject::putDirectWithoutTransition):
        (JSC::JSObject::putDirectFunctionWithoutTransition):
        (JSC::JSValue::putDirect):
        (JSC::JSObject::allocatePropertyStorageInline):
        (JSC::JSObject::markChildrenDirect):
        * runtime/JSStaticScopeObject.cpp:
        (JSC::JSStaticScopeObject::markChildren):
        * runtime/JSString.cpp:
        (JSC::StringObject::create):
        * runtime/JSValue.h:
        * runtime/JSWrapperObject.cpp:
        (JSC::JSWrapperObject::markChildren):
        * runtime/JSWrapperObject.h:
        (JSC::JSWrapperObject::internalValue):
        (JSC::JSWrapperObject::setInternalValue):
        * runtime/LiteralParser.cpp:
        (JSC::LiteralParser::parse):
        * runtime/Lookup.cpp:
        (JSC::setUpStaticFunctionSlot):
        * runtime/Lookup.h:
        (JSC::lookupPut):
        * runtime/MarkStack.h:
        * runtime/MathObject.cpp:
        (JSC::MathObject::MathObject):
        * runtime/NativeErrorConstructor.cpp:
        (JSC::NativeErrorConstructor::NativeErrorConstructor):
        * runtime/NativeErrorPrototype.cpp:
        (JSC::NativeErrorPrototype::NativeErrorPrototype):
        * runtime/NumberConstructor.cpp:
        (JSC::NumberConstructor::NumberConstructor):
        (JSC::constructWithNumberConstructor):
        * runtime/NumberObject.cpp:
        (JSC::constructNumber):
        * runtime/NumberPrototype.cpp:
        (JSC::NumberPrototype::NumberPrototype):
        * runtime/ObjectConstructor.cpp:
        (JSC::ObjectConstructor::ObjectConstructor):
        (JSC::objectConstructorGetOwnPropertyDescriptor):
        * runtime/Operations.h:
        (JSC::normalizePrototypeChain):
        (JSC::resolveBase):
        * runtime/PrototypeFunction.cpp:
        (JSC::PrototypeFunction::PrototypeFunction):
        * runtime/PutPropertySlot.h:
        (JSC::PutPropertySlot::setExistingProperty):
        (JSC::PutPropertySlot::setNewProperty):
        (JSC::PutPropertySlot::base):
        * runtime/RegExpConstructor.cpp:
        (JSC::RegExpConstructor::RegExpConstructor):
        * runtime/ScopeChain.cpp:
        (JSC::ScopeChainNode::print):
        * runtime/ScopeChain.h:
        (JSC::ScopeChainNode::~ScopeChainNode):
        (JSC::ScopeChainIterator::operator*):
        (JSC::ScopeChainIterator::operator->):
        (JSC::ScopeChain::top):
        * runtime/ScopeChainMark.h:
        (JSC::ScopeChain::markAggregate):
        * runtime/SmallStrings.cpp:
        (JSC::isMarked):
        (JSC::SmallStrings::markChildren):
        * runtime/SmallStrings.h:
        (JSC::SmallStrings::emptyString):
        (JSC::SmallStrings::singleCharacterString):
        (JSC::SmallStrings::singleCharacterStrings):
        * runtime/StringConstructor.cpp:
        (JSC::StringConstructor::StringConstructor):
        * runtime/StringObject.cpp:
        (JSC::StringObject::StringObject):
        * runtime/StringObject.h:
        * runtime/StringPrototype.cpp:
        (JSC::StringPrototype::StringPrototype):
        * runtime/Structure.cpp:
        (JSC::Structure::flattenDictionaryStructure):
        * runtime/Structure.h:
        (JSC::Structure::storedPrototypeSlot):
        * runtime/WeakGCMap.h:
        (JSC::WeakGCMap::uncheckedGet):
        (JSC::WeakGCMap::uncheckedGetSlot):
        (JSC::::get):
        (JSC::::take):
        (JSC::::set):
        (JSC::::uncheckedRemove):
        * runtime/WriteBarrier.h: Added.
        (JSC::DeprecatedPtr::DeprecatedPtr):
        (JSC::DeprecatedPtr::get):
        (JSC::DeprecatedPtr::operator*):
        (JSC::DeprecatedPtr::operator->):
        (JSC::DeprecatedPtr::slot):
        (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
        (JSC::DeprecatedPtr::operator!):
        (JSC::WriteBarrierBase::set):
        (JSC::WriteBarrierBase::get):
        (JSC::WriteBarrierBase::operator*):
        (JSC::WriteBarrierBase::operator->):
        (JSC::WriteBarrierBase::slot):
        (JSC::WriteBarrierBase::operator UnspecifiedBoolType*):
        (JSC::WriteBarrierBase::operator!):
        (JSC::WriteBarrier::WriteBarrier):
        (JSC::operator==):
2011-01-27  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoffrey Garen.

        Convert markstack to a slot visitor API
        https://bugs.webkit.org/show_bug.cgi?id=53219

        There's no reason to recurse here, the value we
        were marking was protected.

        * JSValueWrapper.cpp:
        (JSValueWrapper::JSObjectMark):
2011-01-27  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoffrey Garen.

        Convert markstack to a slot visitor API
        https://bugs.webkit.org/show_bug.cgi?id=53219

        Update WebCore to the new marking apis, correct bindings
        codegen.

        * ForwardingHeaders/runtime/WriteBarrier.h: Added.
        * WebCore.exp.in:
        * bindings/js/DOMWrapperWorld.h:
        (WebCore::DOMWrapperWorld::globalData):
        * bindings/js/JSAudioConstructor.cpp:
        (WebCore::JSAudioConstructor::JSAudioConstructor):
        * bindings/js/JSDOMBinding.cpp:
        (WebCore::markDOMNodesForDocument):
        (WebCore::markDOMObjectWrapper):
        (WebCore::markDOMNodeWrapper):
        * bindings/js/JSDOMGlobalObject.cpp:
        (WebCore::JSDOMGlobalObject::markChildren):
        (WebCore::JSDOMGlobalObject::setInjectedScript):
        (WebCore::JSDOMGlobalObject::injectedScript):
        * bindings/js/JSDOMGlobalObject.h:
        (WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData::JSDOMGlobalObjectData):
        (WebCore::getDOMConstructor):
        * bindings/js/JSDOMWindowCustom.cpp:
        (WebCore::JSDOMWindow::setLocation):
        (WebCore::DialogHandler::dialogCreated):
        * bindings/js/JSDOMWindowShell.cpp:
        (WebCore::JSDOMWindowShell::JSDOMWindowShell):
        (WebCore::JSDOMWindowShell::setWindow):
        (WebCore::JSDOMWindowShell::markChildren):
        (WebCore::JSDOMWindowShell::unwrappedObject):
        * bindings/js/JSDOMWindowShell.h:
        (WebCore::JSDOMWindowShell::window):
        (WebCore::JSDOMWindowShell::setWindow):
        * bindings/js/JSEventListener.cpp:
        (WebCore::JSEventListener::JSEventListener):
        (WebCore::JSEventListener::markJSFunction):
        * bindings/js/JSEventListener.h:
        (WebCore::JSEventListener::jsFunction):
        * bindings/js/JSHTMLDocumentCustom.cpp:
        (WebCore::JSHTMLDocument::setAll):
        * bindings/js/JSImageConstructor.cpp:
        (WebCore::JSImageConstructor::JSImageConstructor):
        * bindings/js/JSImageDataCustom.cpp:
        (WebCore::toJS):
        * bindings/js/JSJavaScriptCallFrameCustom.cpp:
        (WebCore::JSJavaScriptCallFrame::scopeChain):
        (WebCore::JSJavaScriptCallFrame::scopeType):
        * bindings/js/JSNodeFilterCondition.cpp:
        (WebCore::JSNodeFilterCondition::markAggregate):
        (WebCore::JSNodeFilterCondition::acceptNode):
        * bindings/js/JSNodeFilterCondition.h:
        * bindings/js/JSNodeFilterCustom.cpp:
        * bindings/js/JSOptionConstructor.cpp:
        (WebCore::JSOptionConstructor::JSOptionConstructor):
        * bindings/js/JSSQLResultSetRowListCustom.cpp:
        (WebCore::JSSQLResultSetRowList::item):
        * bindings/js/ScriptCachedFrameData.cpp:
        (WebCore::ScriptCachedFrameData::restore):
        * bindings/js/ScriptObject.cpp:
        (WebCore::ScriptGlobalObject::set):
        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::CloneDeserializer::putProperty):
        * bindings/scripts/CodeGeneratorJS.pm:
        * dom/Document.h:
2011-01-27  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoffrey Garen.

        Convert markstack to a slot visitor API
        https://bugs.webkit.org/show_bug.cgi?id=53219

        Update to new marking api

        * WebView/WebScriptDebugDelegate.mm:
        (-[WebScriptCallFrame scopeChain]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77006 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Dirk Pranke <dpranke@chromium.org>
dpranke@chromium.org [Fri, 28 Jan 2011 23:33:27 +0000 (23:33 +0000)]
2011-01-28  Dirk Pranke  <dpranke@chromium.org>

        Reviewed by Tony Chang.

        new-run-webkit-tests: change worker model values to
        "old-inline", "old-threads" in preparation for test_runner2 /
        multiprocessing changes.

        https://bugs.webkit.org/show_bug.cgi?id=53156

        * Scripts/webkitpy/layout_tests/layout_package/test_runner.py:
        * Scripts/webkitpy/layout_tests/port/base.py:
        * Scripts/webkitpy/layout_tests/port/chromium_mac.py:
        * Scripts/webkitpy/layout_tests/port/mac.py:
        * Scripts/webkitpy/layout_tests/run_webkit_tests.py:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77004 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years agoKeyboard scrolling doesn’t work in WebKit2
weinig@apple.com [Fri, 28 Jan 2011 23:21:00 +0000 (23:21 +0000)]
Keyboard scrolling doesn’t work in WebKit2
<rdar://problem/8909672>

Reviewed by Anders Carlsson.

* platform/mac/ScrollAnimatorMac.mm:
(-[ScrollAnimationHelperDelegate convertSizeToBacking:]):
(-[ScrollAnimationHelperDelegate convertSizeFromBacking:]):
Add additional necessary delegate methods.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77003 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years agoDon't put config.h in the message headers.
andersca@apple.com [Fri, 28 Jan 2011 23:12:47 +0000 (23:12 +0000)]
Don't put config.h in the message headers.

Reviewed by Sam Weinig.

* Scripts/webkit2/messages.py:
* Scripts/webkit2/messages_unittest.py:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77000 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years agoRe-land this patch with the missing null check that caused crashes in layout tests.
darin@apple.com [Fri, 28 Jan 2011 23:12:32 +0000 (23:12 +0000)]
Re-land this patch with the missing null check that caused crashes in layout tests.

Reviewed by Dan Bernstein.

Changing cursor style has no effect until the mouse moves
https://bugs.webkit.org/show_bug.cgi?id=14344
rdar://problem/7563712

No tests added because we don't have infrastructure for testing actual cursor
changes (as opposed to cursor style computation) at this time. We might add it later.

* page/EventHandler.cpp:
(WebCore::EventHandler::dispatchFakeMouseMoveEventSoon): Added.
* page/EventHandler.h: Ditto.

* rendering/RenderObject.cpp:
(WebCore::areNonIdenticalCursorListsEqual): Added.
(WebCore::areCursorsEqual): Added.
(WebCore::RenderObject::styleDidChange): Call dispatchFakeMouseMoveEventSoon if
cursor styles changed.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76999 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Dirk Pranke <dpranke@chromium.org>
dpranke@chromium.org [Fri, 28 Jan 2011 23:12:27 +0000 (23:12 +0000)]
2011-01-28  Dirk Pranke  <dpranke@chromium.org>

        Reviewed by Tony Chang.

        committers.py - add an IRC nickname for dpranke
        https://bugs.webkit.org/show_bug.cgi?id=53335

        * Scripts/webkitpy/common/config/committers.py:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76998 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years agoFix build.
andersca@apple.com [Fri, 28 Jan 2011 23:03:16 +0000 (23:03 +0000)]
Fix build.

* Shared/mac/ShareableSurface.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76996 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years agoTry to unbreak the Windows build.
andersca@apple.com [Fri, 28 Jan 2011 22:55:13 +0000 (22:55 +0000)]
Try to unbreak the Windows build.

* UIProcess/cf/WebPageProxyCF.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76995 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Tony Chang <tony@chromium.org>
tony@chromium.org [Fri, 28 Jan 2011 22:51:09 +0000 (22:51 +0000)]
2011-01-28  Tony Chang  <tony@chromium.org>

        Unreviewed, a chromium win/linux rebaseline.  The mac result was
        rebaselined in r76735.

        * platform/chromium-linux/fast/overflow/overflow-rtl-vertical-expected.checksum:
        * platform/chromium-linux/fast/overflow/overflow-rtl-vertical-expected.png:
        * platform/chromium-win/fast/overflow/overflow-rtl-vertical-expected.checksum:
        * platform/chromium-win/fast/overflow/overflow-rtl-vertical-expected.png:
        * platform/chromium-win/fast/overflow/overflow-rtl-vertical-expected.txt:
        * platform/chromium/test_expectations.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76994 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years agohttps://bugs.webkit.org/show_bug.cgi?id=53330
beidson@apple.com [Fri, 28 Jan 2011 22:48:35 +0000 (22:48 +0000)]
https://bugs.webkit.org/show_bug.cgi?id=53330
Need InjectedBundle API to get the response MIMEType for a URL

Reviewed by John Sullivan.

* WebProcess/InjectedBundle/API/c/WKBundleFrame.cpp:
(WKBundleFrameCopyMIMETypeForResourceWithURL):
* WebProcess/InjectedBundle/API/c/WKBundleFrame.h:

Get the MIMEType from the in-memory cache, or cachedResponseMIMETypeForURL() if not available:
* WebProcess/WebPage/WebFrame.cpp:
(WebKit::WebFrame::mimeTypeForResourceWithURL):
* WebProcess/WebPage/WebFrame.h:

Get the MIMEType from the platform's disk cache if available:
* WebProcess/WebPage/WebPage.h:
* WebProcess/WebPage/mac/WebPageMac.mm:
(WebKit::WebPage::cachedResponseMIMETypeForURL):
* WebProcess/WebPage/qt/WebPageQt.cpp:
(WebKit::WebPage::cachedResponseMIMETypeForURL):
* WebProcess/WebPage/win/WebPageWin.cpp:
(WebKit::WebPage::cachedResponseMIMETypeForURL):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76993 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years agoClean up the mess introduced when config.h was added to the project:
andersca@apple.com [Fri, 28 Jan 2011 22:31:11 +0000 (22:31 +0000)]
Clean up the mess introduced when config.h was added to the project:

Reviewed by Sam Weinig.

- Remove the contents of WebKit2Prefix.h that is now in config.h, to avoid including everything
  twice in each file, probably slowing down compile time.

- Add config.h to all the files that were forgotten in order to keep the build from breaking.

- Added trap to ensure that config.h is included at the top of every implementation file. If this
  had been added it would have caught the previous issue.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76991 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Justin Schuh <jschuh@chromium.org>
jschuh@chromium.org [Fri, 28 Jan 2011 22:26:19 +0000 (22:26 +0000)]
2011-01-28  Justin Schuh  <jschuh@chromium.org>

        Reviewed by Eric Seidel.

        We should hold RefPtrs to SVG font faces
        https://bugs.webkit.org/show_bug.cgi?id=53270

        * svg/custom/use-multiple-on-nested-disallowed-font-expected.txt: Added.
        * svg/custom/use-multiple-on-nested-disallowed-font.html: Added.
2011-01-28  Justin Schuh  <jschuh@chromium.org>

        Reviewed by Eric Seidel.

        We should hold RefPtrs to SVG font faces
        https://bugs.webkit.org/show_bug.cgi?id=53270

        Test: svg/custom/use-multiple-on-nested-disallowed-font.html

        * css/CSSFontFaceSource.cpp:
        (WebCore::CSSFontFaceSource::getFontData):
        * css/CSSFontFaceSource.h:
        * svg/SVGFontFaceElement.cpp:
        (WebCore::SVGFontFaceElement::associatedFontElement):
        * svg/SVGFontFaceElement.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76990 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago<rdar://problem/8857651> Implement unregisterWorld for WebKit2
slewis@apple.com [Fri, 28 Jan 2011 22:26:06 +0000 (22:26 +0000)]
<rdar://problem/8857651> Implement unregisterWorld for WebKit2
Rename unregisterWorld to clearWrappers.  Clearing the wrappers reduces the
memory use of isolated worlds.

Reviewed by Geoff Garen.

* WebProcess/InjectedBundle/API/c/WKBundleScriptWorld.cpp:
(WKBundleScriptWorldClearWrappers):
* WebProcess/InjectedBundle/API/c/WKBundleScriptWorld.h:
* WebProcess/InjectedBundle/InjectedBundleScriptWorld.cpp:
(WebKit::InjectedBundleScriptWorld::clearWrappers):
* WebProcess/InjectedBundle/InjectedBundleScriptWorld.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76989 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Zhenyao Mo <zmo@google.com>
zmo@google.com [Fri, 28 Jan 2011 22:20:31 +0000 (22:20 +0000)]
2011-01-28  Zhenyao Mo  <zmo@google.com>

        Reviewed by Kenneth Russell.

        uniformN*v should generate INVALID_VALUE of the array size is not a multiple of N
        https://bugs.webkit.org/show_bug.cgi?id=53306

        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::validateUniformMatrixParameters):
2011-01-28  Zhenyao Mo  <zmo@google.com>

        Reviewed by Kenneth Russell.

        uniformN*v should generate INVALID_VALUE of the array size is not a multiple of N
        https://bugs.webkit.org/show_bug.cgi?id=53306

        * fast/canvas/webgl/gl-uniform-arrays-expected.txt:
        * fast/canvas/webgl/gl-uniform-arrays.html:
        * fast/canvas/webgl/gl-uniformmatrix4fv-expected.txt:
        * fast/canvas/webgl/gl-uniformmatrix4fv.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76988 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Tom Sepez <tsepez@chromium.org>
commit-queue@webkit.org [Fri, 28 Jan 2011 22:17:24 +0000 (22:17 +0000)]
2011-01-28  Tom Sepez  <tsepez@chromium.org>

        Reviewed by Eric Seidel.

        NULL pointer crash in TextIterator::handleTextBox()
        https://bugs.webkit.org/show_bug.cgi?id=53267

        * fast/css/rtl-nth-child-first-letter-crash-expected.txt: Added.
        * fast/css/rtl-nth-child-first-letter-crash.html: Added.
2011-01-28  Tom Sepez  <tsepez@chromium.org>

        Reviewed by Eric Seidel.

        NULL pointer crash in TextIterator::handleTextBox()
        https://bugs.webkit.org/show_bug.cgi?id=53267

        Test: fast/css/rtl-nth-child-first-letter-crash.html

        * editing/TextIterator.cpp:
        (WebCore::TextIterator::handleTextBox):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76987 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Dimitri Glazkov <dglazkov@chromium.org>
dglazkov@chromium.org [Fri, 28 Jan 2011 22:08:41 +0000 (22:08 +0000)]
2011-01-28  Dimitri Glazkov  <dglazkov@chromium.org>

        Skip webkitAudioPannerNode from the test. It's not yet implemented across
        all ports/platforms.

        * fast/dom/script-tests/prototype-inheritance.js: Skipped webkitAudioPannerNode.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76986 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Adrienne Walker <enne@google.com>
enne@google.com [Fri, 28 Jan 2011 21:55:49 +0000 (21:55 +0000)]
2011-01-28  Adrienne Walker  <enne@google.com>

        Reviewed by Kenneth Russell.

        [chromium] Remove a spurious diagnostic CRASH check.
        https://bugs.webkit.org/show_bug.cgi?id=52379

        * platform/graphics/chromium/LayerTilerChromium.cpp:
        (WebCore::LayerTilerChromium::invalidateRect):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76984 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years agoSource/WebCore: <rdar://problem/4761512> <select> can't display right-to-left (rtl...
mitz@apple.com [Fri, 28 Jan 2011 21:34:55 +0000 (21:34 +0000)]
Source/WebCore: <rdar://problem/4761512> <select> can't display right-to-left (rtl) languages
https://bugs.webkit.org/show_bug.cgi?id=19785

Reviewed by Sam Weinig.

Changed <select> pop-up menus on Mac OS X Snow Leopard and later to have their items aligned in the
direction corresponding to the writing direction of the <select> element, with the checkmarks
on the "start" side, and use the <option>'s writing direction rather than "natural". Made the
pop-up button match the menu by adding a Chrome boolean function, selectItemAlignmentFollowsMenuWritingDirection(),
which returns true for this pop-up behavior.

* loader/EmptyClients.h:
(WebCore::EmptyChromeClient::selectItemAlignmentFollowsMenuWritingDirection): Added.
* manual-tests/pop-up-alignment-and-direction.html: Added.
* page/Chrome.cpp:
(WebCore::Chrome::selectItemAlignmentFollowsMenuWritingDirection): Added. Calls through to the
client.
* page/Chrome.h:
* page/ChromeClient.h:
* platform/PopupMenuStyle.h:
(WebCore::PopupMenuStyle::PopupMenuStyle): Added hasTextDirectionOverride parameter and member
variable initialization.
(WebCore::PopupMenuStyle::hasTextDirectionOverride): Added this accessor.
* platform/mac/PopupMenuMac.mm:
(WebCore::PopupMenuMac::populate): Set the pop-up's layout direction and items' text alignment
to match the menu's writing direction. Set items' writing direction and direction override
according to their styles.
* rendering/RenderMenuList.cpp:
(WebCore::RenderMenuList::RenderMenuList): Removed unncesaary initialization of a smart pointer.
(WebCore::RenderMenuList::adjustInnerStyle): If the alignment of items in the menu follows the
menu's writing direction, use that alignment for the button as well. Also in this mode, use the
item's writing direction and override setting.
(WebCore::RenderMenuList::setTextFromOption): Store the option element's style.
(WebCore::RenderMenuList::itemStyle): Pass the text direction override value.
(WebCore::RenderMenuList::menuStyle): Ditto. Also use the button's direction, not the inner text's.
* rendering/RenderMenuList.h:
* rendering/RenderTextControlSingleLine.cpp:
(WebCore::RenderTextControlSingleLine::menuStyle): Pass the text direction override value.

Source/WebKit/chromium: <select> can't display right-to-left (rtl) languages
https://bugs.webkit.org/show_bug.cgi?id=19785

Reviewed by Sam Weinig.

* src/AutoFillPopupMenuClient.cpp:
(WebKit::AutoFillPopupMenuClient::initialize): Pass hasTextDirectionOverride to the PopupMenuStyle
constructor.
* src/ChromeClientImpl.cpp:
(WebKit::ChromeClientImpl::selectItemAlignmentFollowsMenuWritingDirection): Added.
* src/ChromeClientImpl.h:
* tests/PopupMenuTest.cpp:
(WebKit::TestPopupMenuClient::itemStyle): Pass hasTextDirectionOverride to the PopupMenuStyle
constructor.

Source/WebKit/efl: <select> can't display right-to-left (rtl) languages
https://bugs.webkit.org/show_bug.cgi?id=19785

Reviewed by Sam Weinig.

* WebCoreSupport/ChromeClientEfl.cpp:
(WebCore::ChromeClientEfl::selectItemAlignmentFollowsMenuWritingDirection): Added.
* WebCoreSupport/ChromeClientEfl.h:

Source/WebKit/gtk: <select> can't display right-to-left (rtl) languages
https://bugs.webkit.org/show_bug.cgi?id=19785

Reviewed by Sam Weinig.

* WebCoreSupport/ChromeClientGtk.cpp:
(WebKit::ChromeClient::selectItemAlignmentFollowsMenuWritingDirection): Added.
* WebCoreSupport/ChromeClientGtk.h:

Source/WebKit/haiku: <select> can't display right-to-left (rtl) languages
https://bugs.webkit.org/show_bug.cgi?id=19785

Reviewed by Sam Weinig.

* WebCoreSupport/ChromeClientHaiku.cpp:
(WebCore::ChromeClientHaiku::selectItemAlignmentFollowsMenuWritingDirection): Added.
* WebCoreSupport/ChromeClientHaiku.h:

Source/WebKit/mac: <select> can't display right-to-left (rtl) languages
https://bugs.webkit.org/show_bug.cgi?id=19785

Reviewed by Sam Weinig.

* WebCoreSupport/WebChromeClient.h:
* WebCoreSupport/WebChromeClient.mm:
(WebChromeClient::selectItemWritingDirectionIsNatural): Changed to return false.
(WebChromeClient::selectItemAlignmentFollowsMenuWritingDirection): Added. Returns true.

Source/WebKit/qt: <select> can't display right-to-left (rtl) languages
https://bugs.webkit.org/show_bug.cgi?id=19785

Reviewed by Sam Weinig.

* WebCoreSupport/ChromeClientQt.cpp:
(WebCore::ChromeClientQt::selectItemAlignmentFollowsMenuWritingDirection): Added.
* WebCoreSupport/ChromeClientQt.h:

Source/WebKit/win: <select> can't display right-to-left (rtl) languages
https://bugs.webkit.org/show_bug.cgi?id=19785

Reviewed by Sam Weinig.

* WebCoreSupport/WebChromeClient.cpp:
(WebChromeClient::selectItemAlignmentFollowsMenuWritingDirection): Added.
* WebCoreSupport/WebChromeClient.h:

Source/WebKit/wince: <select> can't display right-to-left (rtl) languages
https://bugs.webkit.org/show_bug.cgi?id=19785

Reviewed by Sam Weinig.

* WebCoreSupport/ChromeClientWinCE.cpp:
(WebKit::ChromeClientWinCE::selectItemAlignmentFollowsMenuWritingDirection): Added.
* WebCoreSupport/ChromeClientWinCE.h:

Source/WebKit/wx: <select> can't display right-to-left (rtl) languages
https://bugs.webkit.org/show_bug.cgi?id=19785

Reviewed by Sam Weinig.

* WebKitSupport/ChromeClientWx.cpp:
(WebCore::ChromeClientWx::selectItemAlignmentFollowsMenuWritingDirection): Added.
* WebKitSupport/ChromeClientWx.h:

Source/WebKit2: <select> can't display right-to-left (rtl) languages
https://bugs.webkit.org/show_bug.cgi?id=19785

Reviewed by Sam Weinig.

* Shared/WebPopupItem.cpp:
(WebKit::WebPopupItem::WebPopupItem): Added initializers for m_textDirection and m_hasTextDirectionOverride.
(WebKit::WebPopupItem::encode): Encode the item's writing direction and direction override values.
(WebKit::WebPopupItem::decode): Decode the item's writing direction and direction override values.
* Shared/WebPopupItem.h:
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::showPopupMenu): Added a parameter for the menu's text direction.
* UIProcess/WebPageProxy.h:
* UIProcess/WebPageProxy.messages.in: Ditto.
* UIProcess/WebPopupMenuProxy.h:
* UIProcess/mac/WebPopupMenuProxyMac.h:
* UIProcess/mac/WebPopupMenuProxyMac.mm:
(WebKit::WebPopupMenuProxyMac::populate): Added a parameter for the menu's text direction.
Set items' text alignment to match the menu's writing direction. Set items' writing direction
and direction override according to their styles.
(WebKit::WebPopupMenuProxyMac::showPopupMenu): Set the pop-up's layout direction.
* WebProcess/WebCoreSupport/WebChromeClient.cpp:
(WebKit::WebChromeClient::selectItemWritingDirectionIsNatural): Changed to return false.
(WebKit::WebChromeClient::selectItemAlignmentFollowsMenuWritingDirection): Added.
* WebProcess/WebCoreSupport/WebChromeClient.h:
* WebProcess/WebCoreSupport/WebPopupMenu.cpp:
(WebKit::WebPopupMenu::populateItems): Initialize items' writing direction and direction override
values.
(WebKit::WebPopupMenu::show): Pass the menu's writing direction.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76983 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Dirk Pranke <dpranke@chromium.org>
dpranke@chromium.org [Fri, 28 Jan 2011 21:34:02 +0000 (21:34 +0000)]
2011-01-28  Dirk Pranke  <dpranke@chromium.org>

        Reviewed by Tony Chang.

        new-run-webkit-tests: add a "mock DRT" port implementation
        and a separate class that emulates what we expect the
        DumpRenderTree behavior to be.

        This will eventually replace port/dryrun.py and allow us to get
        better test coverage of the new-run-webkit-tests code as well as
        a reference for what new-run-webkit-tests expects from DRT.

        This is the first attempt at this, and it is pretty bare-boned. It
        really only has been tested on the 'mac' port (and a little on
        the 'chromium-mac' port.

        https://bugs.webkit.org/show_bug.cgi?id=53126

        * Scripts/webkitpy/common/system/filesystem_mock.py:
        * Scripts/webkitpy/layout_tests/port/dryrun.py:
        * Scripts/webkitpy/layout_tests/port/factory.py:
        * Scripts/webkitpy/layout_tests/port/mock_drt.py: Added.
        * Scripts/webkitpy/layout_tests/port/mock_drt_unittest.py: Added.
        * Scripts/webkitpy/layout_tests/port/test.py:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76982 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Adam Barth <abarth@webkit.org>
abarth@webkit.org [Fri, 28 Jan 2011 21:31:06 +0000 (21:31 +0000)]
2011-01-28  Adam Barth  <abarth@webkit.org>

        Reviewed by Daniel Bates.

        Teach XSSFilter how to filter <script> elements
        https://bugs.webkit.org/show_bug.cgi?id=53279

        This patch adds the ability for the XSSFilter to block injected
        <script> elements.  Handling script elements is slightly subtle because
        these elements act very differently depending on whether they have a
        src attribute.

        In the "src case", which check whether the src attribute was present in
        the request.  In the "non-src case", we check whether the start tag and
        the body of the script element was included in the request.  Checking
        for the whole start tag means we miss out on some attribute splitting
        attacks inside of script tags, but that doesn't seem like that big a
        deal.

        This patch also introduces some amount of state into the XSSFilter
        because inline script elements span multiple tokens.  There's a lot of
        tuning and optimization left in these cases, some of which I've noted
        with FIXMEs.

        To test this patch, I played around with some of the existing
        XSSAuditor tests.  Hopefully I'll be able to run the test suite more
        systematically in the future.

        * html/parser/HTMLToken.h:
        (WebCore::HTMLToken::eraseCharacters):
        (WebCore::HTMLToken::eraseValueOfAttribute):
        * html/parser/XSSFilter.cpp:
        (WebCore::HTMLNames::hasName):
        (WebCore::HTMLNames::findAttributeWithName):
        (WebCore::HTMLNames::isNameOfScriptCarryingAttribute):
        (WebCore::XSSFilter::XSSFilter):
        (WebCore::XSSFilter::filterToken):
        (WebCore::XSSFilter::filterTokenAfterScriptStartTag):
        (WebCore::XSSFilter::filterScriptToken):
        (WebCore::XSSFilter::snippetForRange):
        (WebCore::XSSFilter::snippetForAttribute):
        * html/parser/XSSFilter.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76981 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Adam Barth <abarth@webkit.org>
abarth@webkit.org [Fri, 28 Jan 2011 21:29:31 +0000 (21:29 +0000)]
2011-01-28  Adam Barth  <abarth@webkit.org>

        Reviewed by Daniel Bates.

        Sketch out new XSS filter design (disabled by default)
        https://bugs.webkit.org/show_bug.cgi?id=53205

        This patch adds a basic sketch of the new XSS filter design.  Rather
        than watching scripts as they execute, in this design, we watch tokens
        emitted by the tokenizer.  We then map the tokens directly back into
        input characters, which lets us skip all the complicated logic related
        to HTML entities and double-decoding of JavaScript URLs.

        This patch contains only the bare essentially machinery.  I'll add more
        in future patches and eventually remove the previous code once this
        code is up and running correctly.

        * Android.mk:
        * CMakeLists.txt:
        * GNUmakefile.am:
        * WebCore.gypi:
        * WebCore.pro:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * html/parser/HTMLDocumentParser.cpp:
        (WebCore::HTMLDocumentParser::HTMLDocumentParser):
        (WebCore::HTMLDocumentParser::pumpTokenizer):
        (WebCore::HTMLDocumentParser::sourceForToken):
        * html/parser/HTMLDocumentParser.h:
        * html/parser/XSSFilter.cpp: Added.
        * html/parser/XSSFilter.h: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76980 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Martin Robinson <mrobinson@igalia.com>
mrobinson@webkit.org [Fri, 28 Jan 2011 21:29:07 +0000 (21:29 +0000)]
2011-01-28  Martin Robinson  <mrobinson@igalia.com>

        [GTK] Build failure with --enable-indexed-database
        https://bugs.webkit.org/show_bug.cgi?id=50954

        Build fix for IndexedDB support.

        * configure.ac: Change the autogen.sh option --enable-indexeddb to
        --enable-indexed-database to match the build-webkit option.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76979 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Dimitri Glazkov <dglazkov@chromium.org>
dglazkov@chromium.org [Fri, 28 Jan 2011 21:27:34 +0000 (21:27 +0000)]
2011-01-28  Dimitri Glazkov  <dglazkov@chromium.org>

        [Chromium] Added expectations for a passing test.

        * platform/chromium-mac/fast/dom/isindex-002-expected.checksum: Added.
        * platform/chromium-mac/fast/dom/isindex-002-expected.png: Added.
        * platform/chromium-mac/fast/dom/isindex-002-expected.txt: Removed.
        * platform/chromium/test_expectations.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76978 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Dimitri Glazkov <dglazkov@chromium.org>
dglazkov@chromium.org [Fri, 28 Jan 2011 21:22:40 +0000 (21:22 +0000)]
2011-01-28  Dimitri Glazkov  <dglazkov@chromium.org>

        Updated Chromium baselines for a bug that was fixed.
        https://bugs.webkit.org/show_bug.cgi?id=45527

        * platform/chromium-linux/fast/dom/replaceChild-expected.checksum:
        * platform/chromium-linux/fast/dom/replaceChild-expected.png:
        * platform/chromium-mac/fast/dom/replaceChild-expected.checksum: Added.
        * platform/chromium-mac/fast/dom/replaceChild-expected.png: Added.
        * platform/chromium-win/fast/dom/replaceChild-expected.checksum:
        * platform/chromium-win/fast/dom/replaceChild-expected.png:
        * platform/chromium/test_expectations.txt: Removed expectation of failure.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76977 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago[Windows 7 Release Tests] fast/repaint/select-option-background-color.html failing...
jberlin@webkit.org [Fri, 28 Jan 2011 21:04:56 +0000 (21:04 +0000)]
[Windows 7 Release Tests] fast/repaint/select-option-background-color.html failing since introduction in r76826
https://bugs.webkit.org/show_bug.cgi?id=53327

Unreviewed, adding Windows-specific results to get the Windows 7 Release Test bot green.

* platform/win/fast/repaint/select-option-background-color-expected.txt: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76976 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years agoChromium build fix after r76967
aroben@apple.com [Fri, 28 Jan 2011 20:51:34 +0000 (20:51 +0000)]
Chromium build fix after r76967

* wtf/ThreadingPrimitives.h: Use OS(WINDOWS) instead of PLATFORM(WIN), to match other
similar macros in this file.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76975 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Anders Carlsson <andersca@apple.com>
andersca@apple.com [Fri, 28 Jan 2011 20:39:53 +0000 (20:39 +0000)]
2011-01-28  Anders Carlsson  <andersca@apple.com>

        Reviewed by Adam Roben.

        Add ShareableSurface class
        https://bugs.webkit.org/show_bug.cgi?id=53313

        * Shared/mac/ShareableSurface.cpp: Added.
        (WebKit::ShareableSurface::Handle::Handle):
        Initialize the mach port.

        (WebKit::ShareableSurface::Handle::~Handle):
        Deallocate our send right if needed.

        (WebKit::ShareableSurface::Handle::encode):
        Encode the send right, and then null it out.

        (WebKit::ShareableSurface::Handle::decode):
        Decode the send right.

        (WebKit::createIOSurface):
        Create an IOSurface with the given size.

        (WebKit::ShareableSurface::create):
        Create an IOSurface, either from a size or from a handle.

        (WebKit::ShareableSurface::~ShareableSurface):
        Delete the texture and framebuffer.

        (WebKit::ShareableSurface::createHandle):
        Create a mach port from the surface.

        (WebKit::ShareableSurface::attach):
        Create an FBO if needed and bind it.

        (WebKit::ShareableSurface::detach):
        Unbind the FBO.

        (WebKit::ShareableSurface::textureID):
        Generate a new texture and bind it to the IOSurface.

        * Shared/mac/ShareableSurface.h: Added.

        * WebKit2.xcodeproj/project.pbxproj:
        Add new files.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76974 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years agoUnreviewed. Removing .swp file checked in by mistake.
psolanki@apple.com [Fri, 28 Jan 2011 20:35:10 +0000 (20:35 +0000)]
Unreviewed. Removing .swp file checked in by mistake.

* Scripts/.webkitdirs.pm.swp: Removed.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76973 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Adam Klein <adamk@chromium.org>
commit-queue@webkit.org [Fri, 28 Jan 2011 20:33:51 +0000 (20:33 +0000)]
2011-01-28  Adam Klein  <adamk@chromium.org>

        Reviewed by Kent Tamura.

        [Chromium] Remove deprecated openFileSystem method signature
        https://bugs.webkit.org/show_bug.cgi?id=53262

        Chromium still builds after this patch.

        * public/WebFrameClient.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76972 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Pratik Solanki <psolanki@apple.com>
psolanki@apple.com [Fri, 28 Jan 2011 20:27:22 +0000 (20:27 +0000)]
2011-01-28  Pratik Solanki  <psolanki@apple.com>

        Reviewed by David Kilzer.

        Space not necessary for undefined feature
        https://bugs.webkit.org/show_bug.cgi?id=53317

        * Scripts/build-webkit:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76971 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Ryosuke Niwa <rniwa@webkit.org>
rniwa@webkit.org [Fri, 28 Jan 2011 20:26:04 +0000 (20:26 +0000)]
2011-01-28  Ryosuke Niwa  <rniwa@webkit.org>

        Unreviewed Chromium rebaselines.

        Check in the same result as fast/dom/window-domurl-crash-expected.txt because Windows port
        intentionally added a failing result in http://trac.webkit.org/changeset/76953.

        The Windows port's bug is tracked by https://bugs.webkit.org/show_bug.cgi?id=53310.

        * platform/chromium-win/fast/dom/window-domurl-crash-expected.txt: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76970 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Michael Saboff <msaboff@apple.com>
msaboff@apple.com [Fri, 28 Jan 2011 20:21:07 +0000 (20:21 +0000)]
2011-01-28  Michael Saboff  <msaboff@apple.com>

        Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
        https://bugs.webkit.org/show_bug.cgi?id=53271

        Reapplying this this change.  No change from prior patch in
        JavaScriptCore.

        Added new isValid() methods to check if a contained object in
        a WeakGCMap is valid when using an unchecked iterator.

        * runtime/WeakGCMap.h:
        (JSC::WeakGCMap::isValid):
2011-01-28  Michael Saboff  <msaboff@apple.com>

        Reviewed by Geoffrey Garen.

        Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
        https://bugs.webkit.org/show_bug.cgi?id=53271

        Reapplying this patch with the change that the second ASSERT in
        RootObject::removeRuntimeObject was changed to use
        .uncheckedGet() instead of the failing .get().  The object in question
        could be in the process of being GC'ed.  The get() call will not return
        such an object while the uncheckedGet() call will return the (unsafe)
        object.  This is the behavior we want.

        Precautionary change.
        Changed RootObject to use WeakGCMap instead of HashSet.
        Found will looking for another issue, but can't produce a test case
        that is problematic.  THerefore there aren't any new tests.

        * bridge/runtime_root.cpp:
        (JSC::Bindings::RootObject::invalidate):
        (JSC::Bindings::RootObject::addRuntimeObject):
        (JSC::Bindings::RootObject::removeRuntimeObject):
        * bridge/runtime_root.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76969 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years agoNotify CACFLayerTreeHost when the context is flushed
aroben@apple.com [Fri, 28 Jan 2011 20:16:58 +0000 (20:16 +0000)]
Notify CACFLayerTreeHost when the context is flushed

LegacyCACFLayerTreeHost was keeping this a secret, which meant that WebCore's animation
timers were never starting.

Fixes <http://webkit.org/b/53302> [Windows 7 Release Tests] changesets 76853, 76856, and
76858 broke ~36 animations, compositing, and transitions tests

Reviewed by Sam Weinig.

Source/WebCore:

* platform/graphics/ca/win/LegacyCACFLayerTreeHost.cpp:
(WebCore::LegacyCACFLayerTreeHost::contextDidChange): Call up to the base class after we
start our render timer.

LayoutTests:

Unskip compositing-related tests that are now fixed

* platform/win/Skipped:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76968 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years agoChange BinarySemaphore to wrap an auto-reset Win32 event on Windows
aroben@apple.com [Fri, 28 Jan 2011 20:16:02 +0000 (20:16 +0000)]
Change BinarySemaphore to wrap an auto-reset Win32 event on Windows

Fixes <http://webkit.org/b/53208> <rdar://problem/8922490>.

Reviewed by Dave Hyatt.

Source/WebKit2:

* Platform/CoreIPC/BinarySemaphore.cpp: Wrap this implementation in #if !PLATFORM(WIN).

* Platform/CoreIPC/BinarySemaphore.h: Make the Windows implementation have a single HANDLE
member that holds the event.

* Platform/CoreIPC/win/BinarySemaphoreWin.cpp: Copied from Source/WebKit2/Platform/CoreIPC/BinarySemaphore.cpp.
(CoreIPC::BinarySemaphore::BinarySemaphore): Create our event.
(CoreIPC::BinarySemaphore::~BinarySemaphore): Destory our event.
(CoreIPC::BinarySemaphore::signal): Signal the event.
(CoreIPC::BinarySemaphore::wait): Convert the absolute time to a wait interval, then wait
for the event to be signaled or for the interval to elapse.

* win/WebKit2.vcproj: Added BinarySemaphoreWin.cpp. Also let VS have its way with the file.

Source/JavaScriptCore:

Extract code to convert a WTF absolute time to a Win32 wait interval into a separate
function

* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Export the new function.

* wtf/ThreadingPrimitives.h: Declare the new function.

* wtf/ThreadingWin.cpp:
(WTF::ThreadCondition::timedWait): Moved code to convert the absolute time to a wait
interval from here...
(WTF::absoluteTimeToWaitTimeoutInterval): ...to here.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76967 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years agoRemove dead code that tried to map from CSS values to parser values
antti@apple.com [Fri, 28 Jan 2011 20:15:28 +0000 (20:15 +0000)]
Remove dead code that tried to map from CSS values to parser values
https://bugs.webkit.org/show_bug.cgi?id=53318

Reviewed by Dan Bernstein.

* css/CSSFunctionValue.cpp:
* css/CSSFunctionValue.h:
* css/CSSPrimitiveValue.cpp:
* css/CSSPrimitiveValue.h:
* css/CSSValue.h:
* css/CSSValueList.cpp:
* css/CSSValueList.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76966 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago[Windows 7 Release Tests] fast/text/justify-ideograph-complex/simple/vertical.html...
jberlin@webkit.org [Fri, 28 Jan 2011 20:14:58 +0000 (20:14 +0000)]
[Windows 7 Release Tests] fast/text/justify-ideograph-complex/simple/vertical.html failing since introduction in r76743.
https://bugs.webkit.org/show_bug.cgi?id=53321

Unreviewed, checking in failing expected results to get the Windows 7 Release Tests bots green.

* platform/win/fast/text/justify-ideograph-complex-expected.txt: Added.
* platform/win/fast/text/justify-ideograph-simple-expected.txt: Added.
* platform/win/fast/text/justify-ideograph-vertical-expected.txt: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76965 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Dimitri Glazkov <dglazkov@chromium.org>
dglazkov@chromium.org [Fri, 28 Jan 2011 20:11:34 +0000 (20:11 +0000)]
2011-01-28  Dimitri Glazkov  <dglazkov@chromium.org>

        Remove now-passing test from expectations.

        * platform/chromium/test_expectations.txt: Expectation of failure removed.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76964 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Dimitri Glazkov <dglazkov@chromium.org>
dglazkov@chromium.org [Fri, 28 Jan 2011 20:08:10 +0000 (20:08 +0000)]
2011-01-28  Dimitri Glazkov  <dglazkov@chromium.org>

        Update expectations for prototype-inheritance to match platform/mac.

        * platform/chromium/fast/dom/prototype-inheritance-expected.txt: Updated.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76963 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-27 Chris Marrin <cmarrin@apple.com>
cmarrin@apple.com [Fri, 28 Jan 2011 19:48:51 +0000 (19:48 +0000)]
2011-01-27  Chris Marrin  <cmarrin@apple.com>

        Reviewed by Anders Carlsson.

        WebKit2: Page flashes just before accelerated compositing animation
        https://bugs.webkit.org/show_bug.cgi?id=53274

        When switching out of compositing mode, the new ChunkedUpdateDrawingAreaProxy
        is getting created with the current page size. When the setSize() call is
        subsequently made, the sizeDidChange() call is not made (which does the initial
        render of the page) because the old size and new size are the same. The solution
        is to skip the setting of the size in the ctor and let it go through a size
        change sequence.

        * UIProcess/DrawingAreaProxy.cpp:
        (WebKit::DrawingAreaProxy::DrawingAreaProxy):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76962 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years agoSome drag and drop tests fail since r76824
enrica@apple.com [Fri, 28 Jan 2011 19:46:19 +0000 (19:46 +0000)]
Some drag and drop tests fail since r76824
https://bugs.webkit.org/show_bug.cgi?id=53304

Reviewed by Adam Roben.

Source/WebCore:

There were '||' instead of '&&' in the checks for valid
clipboard content.

* platform/win/ClipboardWin.cpp:
(WebCore::ClipboardWin::getData):
(WebCore::ClipboardWin::types):
(WebCore::ClipboardWin::files):

LayoutTests:

Removing platform-specific tests after fixing the cause of the failure.

* platform/win/editing/pasteboard/get-data-text-plain-paste-expected.txt: Removed.
* platform/win/editing/pasteboard/onpaste-text-html-expected.txt: Removed.
* platform/win/fast/events/drag-and-drop-dataTransfer-types-nocrash-expected.txt: Removed.
* platform/win/fast/events/ondrop-text-html-expected.txt: Removed.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76961 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Martin Robinson <mrobinson@igalia.com>
mrobinson@webkit.org [Fri, 28 Jan 2011 19:29:02 +0000 (19:29 +0000)]
2011-01-28  Martin Robinson  <mrobinson@igalia.com>

        [GTK] AudioProcessingEvent.h and JSJavaScriptAudioNode.h: No such file or directory
        https://bugs.webkit.org/show_bug.cgi?id=52889

        Build fix for WebAudio. Include WebAudio source files on the source
        list when WebAudio is enabled.

        * GNUmakefile.am: Include missing source files.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76960 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years agoRemove the Windows-specific failing results for media/audio-data-url.html, since...
jberlin@webkit.org [Fri, 28 Jan 2011 19:18:47 +0000 (19:18 +0000)]
Remove the Windows-specific failing results for media/audio-data-url.html, since it appears
to be passing on the bots now. Unreviewed.
https://bugs.webkit.org/show_bug.cgi?id=51518

* platform/win/media/audio-data-url-expected.txt: Removed.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76959 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Chang Shu <chang.shu@nokia.com>
chang.shu@nokia.com [Fri, 28 Jan 2011 19:16:18 +0000 (19:16 +0000)]
2011-01-28  Chang Shu  <chang.shu@nokia.com>

        Reviewed by Andreas Kling.

        Unskipp auth.html after fix.
        https://bugs.webkit.org/show_bug.cgi?id=36688

        * platform/qt/Skipped:
2011-01-28  Chang Shu  <chang.shu@nokia.com>

        Reviewed by Andreas Kling.

        Reset NetworkAccessManager to clean up credentials from previous tests.
        This change causes no performance overhead either.
        https://bugs.webkit.org/show_bug.cgi?id=36688

        * DumpRenderTree/qt/DumpRenderTreeQt.cpp:
        (WebCore::DumpRenderTree::resetToConsistentStateBeforeTesting):
        (WebCore::DumpRenderTree::open):
        * DumpRenderTree/qt/DumpRenderTreeQt.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76958 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years ago2011-01-28 Dimitri Glazkov <dglazkov@chromium.org>
dglazkov@chromium.org [Fri, 28 Jan 2011 19:06:46 +0000 (19:06 +0000)]
2011-01-28  Dimitri Glazkov  <dglazkov@chromium.org>

        Added newly-failing tests to expectations, will be fixing them shortly.
        https://bugs.webkit.org/show_bug.cgi?id=53314

        * platform/chromium/test_expectations.txt: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76957 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years agoAdd basic rubber banding support
weinig@apple.com [Fri, 28 Jan 2011 19:05:43 +0000 (19:05 +0000)]
Add basic rubber banding support
<rdar://problem/8219429>
https://bugs.webkit.org/show_bug.cgi?id=53277

Reviewed by Maciej Stachowiak.

Source/JavaScriptCore:

* wtf/Platform.h: Add ENABLE for rubber banding.

Source/WebCore:

* page/EventHandler.cpp:
(WebCore::EventHandler::handleGestureEvent):
Pass gesture events to the FrameView.

* platform/ScrollAnimator.cpp:
(WebCore::ScrollAnimator::handleGestureEvent):
* platform/ScrollAnimator.h:
Add stubbed out implementation.

* platform/ScrollView.cpp:
(WebCore::ScrollView::ScrollView):
(WebCore::ScrollView::overhangAmount):
(WebCore::ScrollView::wheelEvent):
* platform/ScrollView.h:
* platform/ScrollableArea.cpp:
(WebCore::ScrollableArea::ScrollableArea):
(WebCore::ScrollableArea::handleGestureEvent):
* platform/ScrollableArea.h:
(WebCore::ScrollableArea::constrainsScrollingToContentEdge):
(WebCore::ScrollableArea::setConstrainsScrollingToContentEdge):
Move constrains scrolling bit to ScrollableArea from ScrollView.

(WebCore::ScrollableArea::contentsSize):
(WebCore::ScrollableArea::overhangAmount):
Add additional virtual functions for information needed by the animator.

* platform/mac/ScrollAnimatorMac.h:
* platform/mac/ScrollAnimatorMac.mm:
(WebCore::ScrollAnimatorMac::ScrollAnimatorMac):
(WebCore::ScrollAnimatorMac::immediateScrollByDeltaX):
(WebCore::ScrollAnimatorMac::immediateScrollByDeltaY):
(WebCore::elasticDeltaForTimeDelta):
(WebCore::elasticDeltaForReboundDelta):
(WebCore::reboundDeltaForElasticDelta):
(WebCore::scrollWheelMultiplier):
(WebCore::ScrollAnimatorMac::handleWheelEvent):
(WebCore::ScrollAnimatorMac::handleGestureEvent):
(WebCore::ScrollAnimatorMac::pinnedInDirection):
(WebCore::ScrollAnimatorMac::allowsVerticalStretching):
(WebCore::ScrollAnimatorMac::allowsHorizontalStretching):
(WebCore::ScrollAnimatorMac::smoothScrollWithEvent):
(WebCore::ScrollAnimatorMac::beginScrollGesture):
(WebCore::ScrollAnimatorMac::endScrollGesture):
(WebCore::ScrollAnimatorMac::snapRubberBand):
(WebCore::roundTowardZero):
(WebCore::roundToDevicePixelTowardZero):
(WebCore::ScrollAnimatorMac::snapRubberBandTimerFired):
Implement basic rubber banding.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76956 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9 years agoAdding tests broken on Windows 7 Release in 76853,76856,76858 to the Skipped list...
jberlin@webkit.org [Fri, 28 Jan 2011 19:05:35 +0000 (19:05 +0000)]
Adding tests broken on Windows 7 Release in 76853,76856,76858 to the Skipped list to get the
Windows 7 Release Bot green. Unreviewed.
https://bugs.webkit.org/show_bug.cgi?id=53302

* platform/win/Skipped:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@76955 268f45cc-cd09-0410-ab3c-d52691b4dbfc