129cc52342efb1ee9dcf79c4b9bb6f4071efbb50
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2014-07-31  Carlos Alberto Lopez Perez  <clopez@igalia.com>
2
3         [EFL] Add support for building with Geoclue2.
4         https://bugs.webkit.org/show_bug.cgi?id=135455
5
6         Reviewed by Gyuyoung Kim.
7
8         No new tests required, no new functionality.
9
10         * PlatformEfl.cmake: Generate derived sources for Geoclue2Interface
11         and include gio-unix path.
12
13 2014-07-31  Zalan Bujtas  <zalan@apple.com>
14
15         Subpixel rendering: Region painting needs to take subpixel accumulation into account.
16         https://bugs.webkit.org/show_bug.cgi?id=135469
17
18         Similar to non-region painting, when the context is translated, we need to propagate
19         the subpixel difference so that renderers get snapped to the same position as if they
20         were not part of a region.
21
22         Reviewed by Simon Fraser.
23
24         Covered by existing tests/not testable (webkit.org/b/135470)
25
26         * html/shadow/MediaControlElements.cpp:
27         (WebCore::MediaControlTextTrackContainerElement::createTextTrackRepresentationImage):
28         * page/FrameView.cpp:
29         (WebCore::FrameView::paintContents):
30         * rendering/RenderLayer.cpp:
31         (WebCore::RenderLayer::paint):
32         (WebCore::RenderLayer::calculateClipRects):
33         * rendering/RenderLayer.h:
34
35 2014-07-31  Jer Noble  <jer.noble@apple.com>
36
37         [iOS] Video in an <embed> has a bad aspect ratio when in fullscreen mode.
38         https://bugs.webkit.org/show_bug.cgi?id=135481
39
40         Reviewed by Simon Fraser.
41
42         Do not change the gravity of our AVPlayerLayer when in full screen mode; its gravity
43         is controlled by setVideoFullscreenGravity(), and should not be affected by style changes.
44
45         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
46         (WebCore::MediaPlayerPrivateAVFoundationObjC::updateVideoLayerGravity):
47
48 2014-07-31  Beth Dakin  <bdakin@apple.com>
49
50         Hit-testing broken in WebKit 1 views with AppKit's contentInsets
51         https://bugs.webkit.org/show_bug.cgi?id=135434
52         -and corresponding-
53         <rdar://problem/17850323>
54
55         Reviewed by Benjamin Poulain.
56
57         AppKit's contentInsets are factored into scroll positions and mouse positions, but
58         in WebCore, we generally want all of those things to be factored out so that, for
59         example, the scroll position of a document pinned to the top is the same whether
60         or not there is a contentInset. So to fix hit-testing in WebKit 1 views with
61         contentInsets, this patch factors the inset out or into of all coordinate
62         conversion methods just like we do for the WebKit2 contentInset.
63         
64         This patch also adds the ability to test WK1 platformContentInsets with
65         window.internals, and it re-names convertFromRenderer to 
66         convertFromRendererToContainingView and also re-names convertToRenderer to
67         convertFromContainingViewToRenderer.
68
69         ScrollView::topContentInset() takes an optional parameter indicating whether the
70         caller wants the WebCore::Page contentInset or the platform content inset. It’s
71         necessary to distinguish between these cases because there is a lot of code that
72         only wants the WebCore::Page contentInset since that feature is actually
73         implemented in WebCore as opposed to being implemented at the platform level.
74         * WebCore.exp.in:
75         * page/FrameView.cpp:
76         (WebCore::FrameView::topContentInset):
77
78         For layout test purposes, set the platforTopContentInset here if there is a 
79         platformWidget().
80         (WebCore::FrameView::topContentInsetDidChange):
81
82         Re-named functions, also all coordinate conversion functions call 
83         topContentInset(ManualOrPlatformContentInset)
84         (WebCore::FrameView::convertFromContainingViewToRenderer):
85         (WebCore::FrameView::convertToContainingView):
86         (WebCore::FrameView::convertFromContainingView):
87         (WebCore::FrameView::convertFromRenderer): Deleted.
88         (WebCore::FrameView::convertToRenderer): Deleted.
89         * page/FrameView.h:
90         * page/Page.cpp:
91         (WebCore::Page::setTopContentInset):
92         * platform/ScrollView.cpp:
93         (WebCore::ScrollView::documentScrollOffsetRelativeToViewOrigin):
94         (WebCore::ScrollView::documentScrollPositionRelativeToViewOrigin):
95         (WebCore::ScrollView::contentsToRootView):
96         (WebCore::ScrollView::rootViewToTotalContents):
97         (WebCore::ScrollView::contentsToWindow):
98         (WebCore::ScrollView::platformTopContentInset):
99         (WebCore::ScrollView::platformSetTopContentInset):
100         * platform/ScrollView.h:
101         (WebCore::ScrollView::topContentInset):
102         * platform/ios/ScrollViewIOS.mm:
103         (WebCore::ScrollView::platformTopContentInset):
104         (WebCore::ScrollView::platformSetTopContentInset):
105
106         Implement new platform inset-related functions using AppKit's implementation.
107         * platform/mac/ScrollViewMac.mm:
108         (WebCore::ScrollView::platformTopContentInset):
109         (WebCore::ScrollView::platformSetTopContentInset):
110         
111         When we set the scroll position for the documentView, we have to factor the inset
112         back into the WebCore scroll position.
113         (WebCore::ScrollView::platformSetScrollPosition):
114         
115         Re-named functions.
116         * rendering/RenderLayer.cpp:
117         (WebCore::RenderLayer::convertFromScrollbarToContainingView):
118         (WebCore::RenderLayer::convertFromContainingViewToScrollbar):
119         * rendering/RenderListBox.cpp:
120         (WebCore::RenderListBox::convertFromScrollbarToContainingView):
121         (WebCore::RenderListBox::convertFromContainingViewToScrollbar):
122
123 2014-07-31  Dean Jackson  <dino@apple.com>
124
125         Default buttons do not pulse in OS X 10.10
126         https://bugs.webkit.org/show_bug.cgi?id=135447
127         <rdar://problem/17875896>
128
129         Reviewed by Dan Bernstein.
130
131         OS X Yosemite does not have the animated pulsing default
132         buttons seen in previous releases. We don't need to have
133         a timer in RenderButton constantly triggering repaints.
134
135         * platform/mac/ThemeMac.mm:
136         (WebCore::paintButton): No need to advance the animation.
137         * rendering/RenderButton.cpp:
138         (WebCore::RenderButton::styleDidChange): Ask the theme if it
139         should advance the animation.
140         * rendering/RenderTheme.h:
141         (WebCore::RenderTheme::defaultButtonHasAnimation): Virtual function
142         indicating if the button needs to repaint.
143         * rendering/RenderThemeMac.h:
144         * rendering/RenderThemeMac.mm:
145         (WebCore::RenderThemeMac::defaultButtonHasAnimation): Provide platform
146         specific result on Yosemite and above.
147
148 2014-07-31  Tim Horton  <timothy_horton@apple.com>
149
150         DOM::renderedImageForcingBlackText returns an image with the wrong logical size on 2x displays
151         https://bugs.webkit.org/show_bug.cgi?id=135442
152         <rdar://problem/17614632>
153
154         Reviewed by Simon Fraser.
155
156         * bindings/objc/DOM.mm:
157         (-[DOMRange renderedImageForcingBlackText:renderedImageForcingBlackText:]):
158         Scale the NSImage size by the device scale factor,
159         similar to what we did for drag images in r167403.
160         Ideally this scaling would happen in the code that
161         generates the images, but this is a much larger change
162         with much more regression potential.
163
164 2014-07-31  Bear Travis  <betravis@adobe.com>
165
166         [CSS Font Loading] Rename document.fontloader to document.fonts
167         https://bugs.webkit.org/show_bug.cgi?id=135393
168
169         Reviewed by Bem Jones-Bey.
170
171         The most recent version of the specification has renamed
172         document.fontloader to document.fonts. This change updates the
173         names in WebCore and LayoutTests.
174
175         Fixed up existing tests under LayoutTests/fast/css/fontloader-*
176         and LayoutTests/http/webfont/fontloader-*
177
178         * css/CSSFontFace.cpp:
179         (WebCore::CSSFontFace::notifyFontLoader):
180         (WebCore::CSSFontFace::notifyLoadingDone):
181         * dom/Document.cpp:
182         (WebCore::Document::fonts):
183         (WebCore::Document::fontloader): Deleted.
184         * dom/Document.h:
185         * dom/Document.idl:
186         * page/FrameView.cpp:
187         (WebCore::FrameView::performPostLayoutTasks):
188
189 2014-07-31  Andrei Bucur  <abucur@adobe.com>
190
191         REGRESSION: Search highlight is broken in RTL multicolumn content
192         https://bugs.webkit.org/show_bug.cgi?id=135452
193
194         Reviewed by Simon Fraser.
195
196         The offsets for elements inside RTL multi-column elements are incorrectly computed because
197         the columns don't calculate their left position according to the writing direction.
198
199         The patch extracts the column position computation in two helper functions (for top and left)
200         so they can be used when needed in different parts of the code. In our case, the |columnLogicalLeft|
201         function should be used inside |columnTranslationForOffset|.
202
203         Test: fast/multicol/content-bounding-box-rtl.html
204
205         * rendering/RenderMultiColumnSet.cpp:
206         (WebCore::RenderMultiColumnSet::columnLogicalLeft): Return the logical left of a column relative to the set.
207         (WebCore::RenderMultiColumnSet::columnLogicalTop): Return the logical top of a column relative to the set.
208         (WebCore::RenderMultiColumnSet::columnRectAt): Split the code between columnLogicalLeft and columnLogicalTop.
209         (WebCore::RenderMultiColumnSet::collectLayerFragments): Make code clearer by adding a new line.
210         (WebCore::RenderMultiColumnSet::columnTranslationForOffset): Use columnLogicalLeft instead of duplicating logic.
211         * rendering/RenderMultiColumnSet.h:
212
213 2014-07-31  Martin Hodovan  <mhodovan.u-szeged@partner.samsung.com>
214
215         Eliminate "FractionConversion" from CSSPrimitiveValue::convertToLength
216         https://bugs.webkit.org/show_bug.cgi?id=135377
217
218         Reviewed by Darin Adler.
219
220         The FractionConversion argument in CSSPrimitiveValue::convertToLength
221         doesn't seem to actually have a purpose. It is for converting numbers
222         into Length(x * 100, Percent), but this case shouldn't be reachable.
223         The original patch introducing it doesn't shed any light either:
224         [https://bugs.webkit.org/show_bug.cgi?id=74913
225
226         This patch removes the now unused FractionConversion argument. Note
227         that we can probably also merge the two Fixed conversions, as the
228         two only differ in clamping large numbers (probably unintended).
229
230         Patch by Timothy Loh, backported from Blink: https://codereview.chromium.org/71253002
231
232         No new tests.
233
234         * css/CSSCalculationValue.cpp:
235         (WebCore::determineCategory):
236         * css/CSSParser.cpp:
237         (WebCore::parseTransformTranslateArguments):
238         (WebCore::parseTranslateTransformValue):
239         (WebCore::parseTransformArguments): Deleted.
240         * css/CSSPrimitiveValueMappings.h:
241         (WebCore::CSSPrimitiveValue::convertToLength):
242         * css/DeprecatedStyleBuilder.cpp:
243         (WebCore::ApplyPropertyClip::convertToLength):
244         * css/StyleResolver.cpp:
245         (WebCore::StyleResolver::convertToIntLength):
246         (WebCore::StyleResolver::convertToFloatLength):
247         * css/TransformFunctions.cpp:
248         (WebCore::convertToFloatLength):
249
250 2014-07-31  Joseph Pecoraro  <pecoraro@apple.com>
251
252         Web Inspector: console.profile missing profile information
253         https://bugs.webkit.org/show_bug.cgi?id=135432
254
255         Reviewed by Timothy Hatcher.
256
257         By switching console.profile to start/stop the timeline we would
258         not have a chance to recompile JS functions with profiling information.
259         This used to work because whenever the inspector was open we would
260         have profiling information enabled. Go back to that behavior.
261
262         * inspector/InspectorController.cpp:
263         (WebCore::InspectorController::profilerEnabled):
264         Instead of checking if the timeline agent has started, check if the
265         timeline agent has been created. Going back to the normal behavior
266         of always having profiling information when the inspector is open.
267
268         * inspector/InspectorTimelineAgent.h:
269         * inspector/InspectorTimelineAgent.cpp:
270         (WebCore::InspectorTimelineAgent::didCreateFrontendAndBackend):
271         Recompile initializing the timeline agent to include profiling information.
272
273         (WebCore::InspectorTimelineAgent::willDestroyFrontendAndBackend):
274         Recompile destrying the timeline agent, only if needed.
275
276         (WebCore::InspectorTimelineAgent::willCallFunction):
277         (WebCore::InspectorTimelineAgent::didCallFunction):
278         (WebCore::InspectorTimelineAgent::willEvaluateScript):
279         (WebCore::InspectorTimelineAgent::didEvaluateScript):
280         Using a boolean to track nested calls would not give expected
281         behavior when un-nesting. Switch to a counter to ensure that
282         as we start profiling in the outermost level we then stop
283         profiling at that same level and not inside an inner nesting.
284
285 2014-07-31  Wenson Hsieh  <wenson_hsieh@apple.com>
286
287         Refactor EventHandler to call ScrollAnimator::handleWheelEvent for overflow scrolling
288         https://bugs.webkit.org/show_bug.cgi?id=135195
289
290         Reviewed by Beth Dakin.
291
292         ScrollableArea::handleWheelEvent is not currently being used to handle wheel events for overflow scrolling; it instead directly invokes ScrollableArea::scroll.
293         In order to expose wheel phases on Mac, the PlatformWheelEvent itself should propagate down to ScrollableArea, not just the scroll granularity, direction and
294         multiplier required by ScrollableArea::scroll. With this patch, PlatformWheelEvent will be "shipped" along with the WheelEvent.
295
296         No new tests, since behavior should not have changed.
297
298         * page/EventHandler.cpp:
299         (WebCore::didScrollInScrollableAreaForSingleAxis): Calls ScrollableArea::scroll directly using WheelEvent's data. Used to handle programmatic WheelEvents, e.g. from JavaScript.
300         (WebCore::handleWheelEventInAppropriateEnclosingBoxForSingleAxis): Finds the correct ScrollableArea and attempts to scroll it using the information contained in the WheelEvent via ScrollableArea::handleWheelEvent
301         (WebCore::EventHandler::defaultWheelEventHandler): Updated to use handleWheelEventInAppropriateEnclosingBoxForSingleAxis instead of scrollNode.
302         (WebCore::scrollNode): Deleted.
303         * rendering/RenderListBox.h: Made RenderListBox::scroll public so it can be invoked from EventHandler::handleWheelEventInAppropriateEnclosingBoxForSingleAxis.
304         * rendering/RenderNamedFlowThread.cpp: Refactored to let EventHandler update nextScrollBlock in the case of isRenderNamedFlowThread().
305         (WebCore::RenderNamedFlowThread::fragmentFromRenderBoxAsRenderBlock): 
306         * rendering/RenderNamedFlowThread.h:
307
308 2014-07-31  Dan Bernstein  <mitz@apple.com>
309
310         WebCore part of: Server trust authentication challenges aren’t sent to the navigation delegate
311         https://bugs.webkit.org/show_bug.cgi?id=135327
312
313         Reviewed by Alexey Proskuryakov.
314
315         * platform/network/cf/ResourceHandleCFNet.cpp:
316         (WebCore::ResourceHandle::receivedCredential): Don’t try to change the persistence of
317         credentials used for server trust, because the platform doesn’t support persistence values
318         other than Session for server trust.
319         * platform/network/mac/ResourceHandleMac.mm:
320         (WebCore::ResourceHandle::receivedCredential): Ditto.
321
322 2014-07-31  Dan Bernstein  <mitz@apple.com>
323
324         Tried to fix building with the OS X 10.9 SDK while targeting OS X 10.8.
325
326         * platform/network/cocoa/CredentialCocoa.mm:
327         (WebCore::toCredentialPersistence):
328
329 2014-07-31  Dan Bernstein  <mitz@apple.com>
330
331         Reverted r171854, because it broke building with the OS X 10.8 SDK.
332
333         * platform/network/cocoa/CredentialCocoa.mm:
334         (WebCore::toCredentialPersistence):
335
336 2014-07-31  Dan Bernstein  <mitz@apple.com>
337
338         Tried to fix building with the OS X 10.9 SDK while targeting OS X 10.8.
339
340         * platform/network/cocoa/CredentialCocoa.mm:
341         (WebCore::toCredentialPersistence):
342
343 2014-07-31  Jer Noble  <jer.noble@apple.com>
344
345         REGRESSION(??): [iOS] Disabling MediaPlaybackRequiresUserGesture does not remove user gesture requirement for entering full screen.
346         https://bugs.webkit.org/show_bug.cgi?id=135443
347
348         Reviewed by Dean Jackson.
349
350         Allow full screen mode to be entered without a user gesture if the gesture requirement for media playback
351         has been unset.
352
353         * html/HTMLMediaElement.cpp:
354         (WebCore::HTMLMediaElement::HTMLMediaElement):
355
356 2014-07-31  Andrei Bucur  <abucur@adobe.com>
357
358         [CSS Multicolumn] Clear the lines when switching to multi-column layout
359         https://bugs.webkit.org/show_bug.cgi?id=135127
360
361         Reviewed by Alexandru Chiculita.
362
363         When switching an element to multi-column layout it becomes a container of block
364         children. When this happens the existing line boxes must be deleted in addition
365         to clearing the hasInlineChildren flag.
366
367         Tests: fast/multicol/inline-container-to-multicol.html
368                fast/multicol/inline-container-to-multicol-float.html
369                fast/multicol/inline-container-to-multicol-positioned.html
370
371         * rendering/RenderBlockFlow.cpp:
372         (WebCore::RenderBlockFlow::createMultiColumnFlowThread):
373
374 2014-07-30  Andreas Kling  <akling@apple.com>
375
376         PropertyName's internal string is always atomic.
377         <https://webkit.org/b/135451>
378
379         Use PropertyName::publicName() directly instead of taking the slow route
380         through AtomicString::findStringWithHash().
381
382         These strings are always atomic, and findStringWithHash() would trudge
383         through a full hash lookup just to discover that indeed, they are!
384
385         Reviewed by Benjamin Poulain.
386
387         * bindings/js/JSDOMBinding.cpp:
388         (WebCore::findAtomicString): Deleted.
389         * bindings/js/JSDOMBinding.h:
390         * bindings/js/JSDOMWindowCustom.cpp:
391         (WebCore::namedItemGetter):
392         (WebCore::JSDOMWindow::getOwnPropertySlot):
393         (WebCore::JSDOMWindow::getOwnPropertySlotByIndex):
394         * bindings/js/JSHTMLDocumentCustom.cpp:
395         (WebCore::JSHTMLDocument::canGetItemsForName):
396         (WebCore::JSHTMLDocument::nameGetter):
397
398 2014-07-30  Benjamin Poulain  <benjamin@webkit.org>
399
400         ElementRuleCollector: group the shadow tree code
401         https://bugs.webkit.org/show_bug.cgi?id=135410
402
403         Reviewed by Andreas Kling.
404
405         * css/ElementRuleCollector.cpp:
406         (WebCore::ElementRuleCollector::collectMatchingRules):
407         Little cleanup: group the shadow tree rule collection in the same block.
408
409 2014-07-30  Benjamin Poulain  <benjamin@webkit.org>
410
411         Cleanup DetailsMarkerControl
412         https://bugs.webkit.org/show_bug.cgi?id=135429
413
414         Reviewed by Andreas Kling.
415
416         Remove the override of shadowPseudoId(). This is a simple type of shadowId,
417         it should use the generic pseudo() path.
418
419         Move DetailsMarkerControl::create() out-of-line. One could justify inlining the constructor,
420         inlining the ::create() function has little value.
421
422         * html/shadow/DetailsMarkerControl.cpp:
423         (WebCore::DetailsMarkerControl::create):
424         (WebCore::DetailsMarkerControl::DetailsMarkerControl):
425         (WebCore::DetailsMarkerControl::rendererIsNeeded):
426         (WebCore::DetailsMarkerControl::shadowPseudoId): Deleted.
427         (WebCore::DetailsMarkerControl::summaryElement): Deleted.
428         * html/shadow/DetailsMarkerControl.h:
429         (WebCore::DetailsMarkerControl::create): Deleted.
430
431 2014-07-30  Benjamin Poulain  <bpoulain@apple.com>
432
433         Remove UploadButtonElement::shadowPseudoId()
434         https://bugs.webkit.org/show_bug.cgi?id=135435
435
436         Reviewed by Andreas Kling.
437
438         Use the generic pseudo() path instead of a custom shadowPseudoId().
439
440         * html/FileInputType.cpp:
441         (WebCore::UploadButtonElement::create):
442         (WebCore::UploadButtonElement::createForMultiple):
443         (WebCore::UploadButtonElement::UploadButtonElement):
444         Set the type in the common constructor instead of the call sites.
445         (WebCore::UploadButtonElement::shadowPseudoId): Deleted.
446         * html/FileInputType.h:
447
448 2014-07-30  Benjamin Poulain  <bpoulain@apple.com>
449
450         Remove SpinButtonElement::shadowPseudoId
451         https://bugs.webkit.org/show_bug.cgi?id=135436
452
453         Reviewed by Andreas Kling.
454
455         Use the generic pseudo.
456
457         * html/shadow/SpinButtonElement.cpp:
458         (WebCore::SpinButtonElement::SpinButtonElement):
459         (WebCore::SpinButtonElement::shadowPseudoId): Deleted.
460         * html/shadow/SpinButtonElement.h:
461
462 2014-07-30  Benjamin Poulain  <bpoulain@apple.com>
463
464         Clean up YouTubeEmbedShadowElement
465         https://bugs.webkit.org/show_bug.cgi?id=135437
466
467         Reviewed by Andreas Kling.
468
469         * html/shadow/YouTubeEmbedShadowElement.cpp:
470         (WebCore::YouTubeEmbedShadowElement::YouTubeEmbedShadowElement):
471         (WebCore::YouTubeEmbedShadowElement::pluginElement): Deleted.
472         This is unused in WebCore.
473
474         (WebCore::YouTubeEmbedShadowElement::shadowPseudoId): Deleted.
475         Use the generic pseudo path instead of a custom shadowPseudoId.
476         * html/shadow/YouTubeEmbedShadowElement.h:
477
478 2014-07-30  Benjamin Poulain  <bpoulain@apple.com>
479
480         Remove shadowPseudoId() from InputFieldSpeechButtonElement and SearchFieldCancelButtonElement
481         https://bugs.webkit.org/show_bug.cgi?id=135438
482
483         Reviewed by Andreas Kling.
484
485         Use the generic path.
486
487         * html/shadow/TextControlInnerElements.cpp:
488         (WebCore::SearchFieldCancelButtonElement::SearchFieldCancelButtonElement):
489         (WebCore::InputFieldSpeechButtonElement::InputFieldSpeechButtonElement):
490         (WebCore::SearchFieldCancelButtonElement::shadowPseudoId): Deleted.
491         (WebCore::InputFieldSpeechButtonElement::shadowPseudoId): Deleted.
492         * html/shadow/TextControlInnerElements.h:
493
494 2014-07-30  Andy Estes  <aestes@apple.com>
495
496         USE(CONTENT_FILTERING) should be ENABLE(CONTENT_FILTERING)
497         https://bugs.webkit.org/show_bug.cgi?id=135439
498
499         Reviewed by Tim Horton.
500
501         We now support two different platform content filters, and will soon support a mock content filter (as part of
502         webkit.org/b/128858). This makes content filtering a feature of WebKit, not just an adoption of a third-party
503         library. ENABLE() is the correct macro to use for such a feature.
504
505         * Configurations/FeatureDefines.xcconfig:
506         * WebCore.exp.in:
507         * loader/DocumentLoader.cpp:
508         (WebCore::DocumentLoader::finishedLoading):
509         (WebCore::DocumentLoader::responseReceived):
510         (WebCore::DocumentLoader::commitData):
511         (WebCore::DocumentLoader::dataReceived):
512         * loader/DocumentLoader.h:
513         * loader/FrameLoaderClient.h:
514         * platform/ContentFilter.h:
515         * platform/ios/ContentFilterIOS.mm:
516         * platform/mac/ContentFilterMac.mm:
517
518 2014-07-30  Andreas Kling  <akling@apple.com>
519
520         Static hash tables no longer need to be coupled with a VM.
521         <https://webkit.org/b/135421>
522
523         Update for JSC::ClassInfo changes.
524         
525         Remove the JSNoStaticTables mode for IDL code generation, which was used to
526         ensure that each VM had its own unique copy of certain static tables.
527         This was used for interfaces that could be used in workers, and now there's
528         no need to manually annotate these things anymore.
529
530         Also remove the DOMObjectHashTableMap class that was only used for this.
531
532         Reviewed by Geoffrey Garen.
533
534         * Modules/indexeddb/IDBAny.idl:
535         * Modules/indexeddb/IDBCursor.idl:
536         * Modules/indexeddb/IDBCursorWithValue.idl:
537         * Modules/indexeddb/IDBDatabase.idl:
538         * Modules/indexeddb/IDBFactory.idl:
539         * Modules/indexeddb/IDBIndex.idl:
540         * Modules/indexeddb/IDBKeyRange.idl:
541         * Modules/indexeddb/IDBObjectStore.idl:
542         * Modules/indexeddb/IDBOpenDBRequest.idl:
543         * Modules/indexeddb/IDBRequest.idl:
544         * Modules/indexeddb/IDBTransaction.idl:
545         * Modules/indexeddb/IDBVersionChangeEvent.idl:
546         * Modules/webdatabase/Database.idl:
547         * Modules/webdatabase/DatabaseSync.idl:
548         * Modules/webdatabase/SQLError.idl:
549         * Modules/webdatabase/SQLException.idl:
550         * Modules/webdatabase/SQLResultSet.idl:
551         * Modules/webdatabase/SQLResultSetRowList.idl:
552         * Modules/webdatabase/SQLTransaction.idl:
553         * Modules/webdatabase/SQLTransactionSync.idl:
554         * Modules/websockets/CloseEvent.idl:
555         * Modules/websockets/WebSocket.idl:
556         * WebCore.xcodeproj/project.pbxproj:
557         * bindings/js/DOMObjectHashTableMap.cpp: Removed.
558         * bindings/js/DOMObjectHashTableMap.h: Removed.
559         * bindings/js/JSDOMBinding.cpp:
560         (WebCore::getHashTableForGlobalData): Deleted.
561         * bindings/js/JSDOMBinding.h:
562         (WebCore::getStaticValueSlotEntryWithoutCaching):
563         * bindings/js/JSDOMGlobalObject.cpp:
564         * bindings/js/JSDOMWindowBase.cpp:
565         * bindings/js/JSDOMWindowCustom.cpp:
566         (WebCore::JSDOMWindow::getOwnPropertySlot):
567         (WebCore::JSDOMWindow::put):
568         * bindings/js/JSDOMWindowShell.cpp:
569         * bindings/js/JSImageConstructor.cpp:
570         * bindings/js/JSLocationCustom.cpp:
571         (WebCore::JSLocation::putDelegate):
572         * bindings/js/JSStorageCustom.cpp:
573         (WebCore::JSStorage::deleteProperty):
574         (WebCore::JSStorage::putDelegate):
575         * bindings/js/JSWorkerGlobalScopeBase.cpp:
576         * bindings/js/WebCoreJSClientData.h:
577         * bindings/scripts/CodeGeneratorJS.pm:
578         (GenerateGetOwnPropertySlotBody):
579         (GenerateImplementation):
580         (GenerateConstructorHelperMethods):
581         (hashTableAccessor): Deleted.
582         (prototypeHashTableAccessor): Deleted.
583         (constructorHashTableAccessor): Deleted.
584         * bindings/scripts/IDLAttributes.txt:
585         * bridge/c/CRuntimeObject.cpp:
586         * bridge/c/c_instance.cpp:
587         * bridge/objc/ObjCRuntimeObject.mm:
588         * bridge/objc/objc_instance.mm:
589         * bridge/objc/objc_runtime.mm:
590         * bridge/runtime_array.cpp:
591         * bridge/runtime_method.cpp:
592         * bridge/runtime_object.cpp:
593         * crypto/CryptoKey.idl:
594         * css/CSSFontFaceLoadEvent.idl:
595         * dom/DOMCoreException.idl:
596         * dom/DOMStringList.idl:
597         * dom/ErrorEvent.idl:
598         * dom/Event.idl:
599         * dom/EventException.idl:
600         * dom/EventListener.idl:
601         * dom/MessageChannel.idl:
602         * dom/MessageEvent.idl:
603         * dom/MessagePort.idl:
604         * dom/ProgressEvent.idl:
605         * fileapi/Blob.idl:
606         * fileapi/File.idl:
607         * fileapi/FileError.idl:
608         * fileapi/FileException.idl:
609         * fileapi/FileList.idl:
610         * fileapi/FileReader.idl:
611         * fileapi/FileReaderSync.idl:
612         * html/DOMURL.idl:
613         * page/EventSource.idl:
614         * page/WorkerNavigator.idl:
615         * workers/DedicatedWorkerGlobalScope.idl:
616         * workers/SharedWorkerGlobalScope.idl:
617         * workers/WorkerGlobalScope.idl:
618         * workers/WorkerLocation.idl:
619         * xml/XMLHttpRequest.idl:
620         * xml/XMLHttpRequestException.idl:
621         * xml/XMLHttpRequestProgressEvent.idl:
622         * xml/XMLHttpRequestUpload.idl:
623
624 2014-07-30  Dan Bernstein  <mitz@apple.com>
625
626         <rdar://problem/17199364> [Mac] Popup button arrows appear on the left, underlapping text, when the UI layout direction is right-to-left
627         https://bugs.webkit.org/show_bug.cgi?id=135426
628
629         Reviewed by Dean Jackson.
630
631         No test, because the UI layout direction in the test harness is always left-to-right.
632
633         * rendering/RenderThemeMac.mm:
634         (WebCore::RenderThemeMac::popupButton): Forced the user interface layout direction of the
635         NSPopUpButtonCell to left-to-right. Added a FIXME about how we could make this vary based on
636         the direction of the <select>, though that would require additional changes elsewhere.
637
638 2014-07-30  Dan Bernstein  <mitz@apple.com>
639
640         Made Credential hold onto an NSURLCredential when needed.
641         Work towards fixing https://bugs.webkit.org/show_bug.cgi?id=135327
642
643         Reviewed by Alexey Proskuryakov.
644
645         No change in functionality.
646
647         * WebCore.exp.in: Updated.
648
649         * platform/network/Credential.h: Removed definition of CERTIFICATE_CREDENTIALS_SUPPORTED,
650         which is not used anymore.
651
652         * platform/network/CredentialBase.h:
653         (WebCore::CredentialBase::encodingRequiresPlatformData): Added a base implementation that
654         returns false.
655
656         * platform/network/cf/AuthenticationCF.cpp:
657         Changed to use the Credential constructor that takes an CFURLCredential, and the new
658         cfCredential member function. Made the createCF and core functions Windows-only and
659         therefore removed the CERTIFICATE_CREDENTIALS_SUPPORTED code from them.
660         * platform/network/cf/AuthenticationCF.h:
661
662         * platform/network/cf/CredentialStorageCFNet.cpp:
663         (WebCore::CredentialStorage::getFromPersistentStorage): Changed to construct a Credential
664         from a CFURLCredential.
665         (WebCore::CredentialStorage::saveToPersistentStorage): Changed to use the new cfCredential
666         member function.
667
668         * platform/network/cf/ResourceHandleCFNet.cpp:
669         (WebCore::ResourceHandle::didReceiveAuthenticationChallenge): Ditto to both.
670         (WebCore::ResourceHandle::receivedCredential): Ditto.
671
672         * platform/network/cocoa/CredentialCocoa.h:
673         Replaced the m_identity, m_certificates and m_type member variables with an m_nsCredential
674         one holding onto an NSURLCredential. Declared constructors from and getters for
675         NSURLCredential and CFURLCredentialRef.
676         (WebCore::Credential::encodingRequiresPlatformData): Override that checks the
677         NSURLCredential if necessary.
678
679         * platform/network/cocoa/CredentialCocoa.mm:
680         (WebCore::toNSURLCredentialPersistence): New helper function.
681         (WebCore::toCredentialPersistence): Ditto.
682         (WebCore::Credential::Credential): Defined constructors to create or take an
683         NSURLCredential.
684         (WebCore::Credential::cfCredential): Added.
685         (WebCore::Credential::nsCredential): Added. Returns nil for the empty credential.
686         (WebCore::Credential::isEmpty): Changed to check m_nsCredential.
687         (WebCore::Credential::platformCompare): Changed to compare m_nsCredential if needed.
688         (WebCore::Credential::encodingRequiresPlatformData): Returns true if the credential is not
689         a user and a password.
690
691         * platform/network/mac/AuthenticationMac.h: Removed mac and core functions for Credential.
692         * platform/network/mac/AuthenticationMac.mm:
693         (-[WebCoreAuthenticationClientAsChallengeSender useCredential:forAuthenticationChallenge:]):
694         Changed to use Credential constructor that takes an NSURLCredential.
695         (WebCore::AuthenticationChallenge::AuthenticationChallenge): Ditto. Also use the
696         nsCredential getter.
697
698         * platform/network/mac/CredentialStorageMac.mm:
699         (WebCore::CredentialStorage::getFromPersistentStorage): Use new Credential constructor.
700
701         * platform/network/mac/ResourceHandleMac.mm:
702         (WebCore::ResourceHandle::didReceiveAuthenticationChallenge): Ditto. Also use the
703         nsCredential getter.
704         (WebCore::ResourceHandle::receivedCredential): Ditto.
705
706 2014-07-30  Sergio Villar Senin  <svillar@igalia.com>
707
708         [GTK] Build depends on OpenGL ES
709         https://bugs.webkit.org/show_bug.cgi?id=135289
710
711         Reviewed by Martin Robinson.
712
713         Guard the OpenGL ES code with USE(OPENGL_ES_2).
714
715         * platform/graphics/opengl/Extensions3DOpenGLES.cpp:
716         * platform/graphics/opengl/Extensions3DOpenGLES.h:
717
718 2014-07-30  Radu Stavila  <stavila@adobe.com>
719
720         Member name collision in RenderView and SelectionSubtreeRoot
721         https://bugs.webkit.org/show_bug.cgi?id=135233
722
723         Reviewed by Mihnea Ovidenie.
724
725         The selectionStart/End members in RenderView have been renamed to fix confusion caused by the fact that
726         RenderView inherits SelectionSubtreeRoot, which also has the same selectionStart/End members.
727
728         No new tests required, no new functionality.
729
730         * rendering/RenderBlock.cpp:
731         (WebCore::RenderBlock::isSelectionRoot):
732         * rendering/RenderView.cpp:
733         (WebCore::RenderView::RenderView):
734         (WebCore::RenderView::setSelection):
735         (WebCore::RenderView::getSelection):
736         * rendering/RenderView.h:
737
738 2014-07-30  Zan Dobersek  <zdobersek@igalia.com>
739
740         [TexMap] Move TextureMapperLayer::textureMapper() definition into the header
741         https://bugs.webkit.org/show_bug.cgi?id=135384
742
743         Reviewed by Martin Robinson.
744
745         Move the definitions of TextureMapperLayer::textureMapper() and TextureMapperLayer::rootLayer()
746         into the TextureMapperLayer header. This makes both functions inline-able, removing unnecessary
747         calling overhead in GraphicsLayerTextureMapper::flushCompositingState() and
748         GraphicsLayerTextureMapper::updateBackingStoreIfNeeded().
749
750         TextureMapperLayer::rootLayer() now also returns a reference.
751
752         * platform/graphics/texmap/TextureMapperLayer.cpp:
753         (WebCore::TextureMapperLayer::~TextureMapperLayer):
754         (WebCore::TextureMapperLayer::rootLayer): Deleted.
755         (WebCore::TextureMapperLayer::textureMapper): Deleted.
756         * platform/graphics/texmap/TextureMapperLayer.h:
757         (WebCore::TextureMapperLayer::textureMapper):
758         (WebCore::TextureMapperLayer::rootLayer):
759
760 2014-07-29  Andreas Kling  <akling@apple.com>
761
762         Crash when using 'em' units to specify font-size inside animation keyframe.
763         <https://webkit.org/b/135395>
764         <rdar://problem/17851910>
765
766         We'd forgotten to initialize the "parent style" when resolving keyframe
767         styles, and this led to a crash in length conversion where the code
768         assumes a parent style will be present.
769
770         To keep this fix minimal, simply make the "parent style" a clone of the
771         base element style.
772
773         Reviewed by Simon Fraser.
774
775         Test: fast/animation/keyframe-with-font-size-in-em-units.html
776
777         * css/StyleResolver.cpp:
778         (WebCore::StyleResolver::styleForKeyframe):
779
780 2014-07-29  Pratik Solanki  <psolanki@apple.com>
781
782         [iOS] REGRESSION(r171526): PDF documents fail to load in WebKit1 with disk image caching enabled
783         https://bugs.webkit.org/show_bug.cgi?id=135359
784         <rdar://problem/17824645>
785
786         Reviewed by Darin Adler.
787
788         r171526 broke the case where we have a memory mapped file from the DiskImageCache in the
789         SharedBuffer. In such a case, m_buffer is empty and createCFData() returned an
790         WebCoreSharedBufferData with an empty buffer.
791
792         Fix this by taking the easy route of bringing back the old code for the disk image cache
793         file backed case. In the long run we probably want to remove the iOS specific disk image
794         cache anyway.
795
796         Review also uncovered another bug in r171526 where we were balancing an Objective-C alloc
797         with a CFRelease which is incorrect when running under GC. Fix that by using adoptNS along
798         with adoptCF which is what the code did before.
799
800         No new tests because the bug only occurs on device and we can't run tests on device yet.
801
802         * platform/mac/SharedBufferMac.mm:
803         (-[WebCoreSharedBufferData initWithDiskImageSharedBuffer:]):
804         (-[WebCoreSharedBufferData length]):
805         (-[WebCoreSharedBufferData bytes]):
806         (WebCore::SharedBuffer::createCFData):
807
808 2014-07-29  Benjamin Poulain  <bpoulain@apple.com>
809
810         VisitedLinkState::determineLinkState should take a reference
811         https://bugs.webkit.org/show_bug.cgi?id=135375
812
813         Reviewed by Sam Weinig.
814
815         * css/StyleResolver.cpp:
816         (WebCore::StyleResolver::State::initElement):
817         * dom/VisitedLinkState.h:
818         (WebCore::VisitedLinkState::determineLinkState):
819
820 2014-07-29  Brady Eidson  <beidson@apple.com>
821
822         Make WKOriginDataManager actually operate on IndexedDatabases.
823         https://bugs.webkit.org/show_bug.cgi?id=135346
824
825         Reviewed by Sam Weinig (and David Kilzer and Alex Christensen)
826
827         * WebCore.exp.in:
828
829 2014-07-29  Dan Bernstein  <mitz@apple.com>
830
831         Moved the Cocoa-specific parts of CredentialBase into a Cocoa-specific Credential class.
832         Work towards fixing https://bugs.webkit.org/show_bug.cgi?id=135327
833
834         Reviewed by Alexey Proskuryakov.
835
836         No change in functionality.
837
838         * WebCore.exp.in: Updated for functions moved in the class hierarchy.
839
840         * WebCore.xcodeproj/project.pbxproj: Added CredentialCocoa.{h,mm}.
841
842         * platform/network/Credential.h: For Cocoa, include CredentialCocoa.h instead of the generic
843         class.
844         (WebCore::Credential::Credential): Removed #if CERTIFICATE_CREDENTIALS_SUPPORTED code.
845
846         * platform/network/CredentialBase.cpp:
847         (WebCore::CredentialBase::CredentialBase): Changed to use emptyString instead of "", removed
848         #if CERTIFICATE_CREDENTIALS_SUPPORTED code.
849         (WebCore::CredentialBase::isEmpty): Ditto.
850         (WebCore::CredentialBase::compare): Renamed operator== to this, removed
851         #if CERTIFICATE_CREDENTIALS_SUPPORTED code, but changed the end to call platformCompare.
852         (WebCore::CredentialBase::identity): Deleted.
853         (WebCore::CredentialBase::certificates): Deleted.
854         (WebCore::CredentialBase::type): Deleted.
855         * platform/network/CredentialBase.h: Removed #if CERTIFICATE_CREDENTIALS_SUPPORTED members.
856         (WebCore::CredentialBase::platformCompare): Added a base implementation that returns true.
857         (WebCore::operator==): Changed to use CredentialBase::compare.
858
859         * platform/network/cocoa/CredentialCocoa.h: Added.
860         (WebCore::Credential::Credential):
861         * platform/network/cocoa/CredentialCocoa.mm: Added.
862         (WebCore::Credential::Credential): Moved the constructor that takes an identity and
863         certificates here.
864         (WebCore::Credential::isEmpty): Moved here.
865         (WebCore::Credential::identity): Ditto.
866         (WebCore::Credential::certificates): Ditto.
867         (WebCore::Credential::type): Ditto.
868         (WebCore::Credential::platformCompare): Moved the code that compares client-certificate
869         credentials here.
870
871         * platform/network/mac/AuthenticationMac.mm:
872         (WebCore::mac): Removed #if CERTIFICATE_CREDENTIALS_SUPPORTED guards in this Cocoa-only
873         file.
874         (WebCore::core): Ditto.
875
876 2014-07-29  Daniel Bates  <dabates@apple.com>
877
878         Use WTF::move() instead of std::move() to help ensure move semantics
879         https://bugs.webkit.org/show_bug.cgi?id=135351
880
881         Reviewed by Alexey Proskuryakov.
882
883         * page/CaptionUserPreferences.cpp:
884         (WebCore::CaptionUserPreferences::updateCaptionStyleSheetOveride):
885
886 2014-07-29  Mihnea Ovidenie  <mihnea@adobe.com>
887
888         [CSSRegions] Assertion failure hit testing a region-based multicolumn in a region
889         https://bugs.webkit.org/show_bug.cgi?id=135385
890
891         Reviewed by Andrei Bucur.
892
893         When a region-based multicolumn element is displayed and hit tested in a region,
894         we have to disable the named flow region information not only for painting,
895         but also for hit-testing. This is a follow-up for https://bugs.webkit.org/show_bug.cgi?id=132121,
896         which provided the fix for painting.
897
898         Test: fast/regions/assert-hit-test-multicol-in-region.html
899
900         * rendering/RenderLayer.cpp:
901         (WebCore::RenderLayer::hitTestLayer):
902
903 2014-07-29  Zalan Bujtas  <zalan@apple.com>
904
905         Cleanup RenderSelectionInfoBase/RenderSelectionInfo/RenderBlockSelectionInfo.
906         https://bugs.webkit.org/show_bug.cgi?id=135326
907
908         Reviewed by Darin Adler.
909
910         1. Move implementation to RenderSelectInfo.cpp
911         2. RenderSelectionInfoBase/RenderSelectionInfo/RenderBlockSelectionInfo take Render* reference.
912         3. Remove unused functions.
913         4. Add RenderSelectionInfoBase::repaintRectangle()
914
915         No change in behavior.
916
917         * WebCore.xcodeproj/project.pbxproj:
918         * rendering/RenderSelectionInfo.cpp: Added.
919         (WebCore::RenderSelectionInfoBase::RenderSelectionInfoBase):
920         (WebCore::RenderSelectionInfoBase::repaintRectangle):
921         (WebCore::RenderSelectionInfo::RenderSelectionInfo):
922         (WebCore::RenderSelectionInfo::repaint):
923         (WebCore::RenderBlockSelectionInfo::RenderBlockSelectionInfo):
924         (WebCore::RenderBlockSelectionInfo::repaint):
925         * rendering/RenderSelectionInfo.h:
926         (WebCore::RenderSelectionInfo::collectedSelectionRects):
927         (WebCore::RenderSelectionInfoBase::RenderSelectionInfoBase): Deleted.
928         (WebCore::RenderSelectionInfoBase::object): Deleted.
929         (WebCore::RenderSelectionInfo::RenderSelectionInfo): Deleted.
930         (WebCore::RenderSelectionInfo::repaint): Deleted.
931         (WebCore::RenderSelectionInfo::rects): Deleted.
932         (WebCore::RenderBlockSelectionInfo::RenderBlockSelectionInfo): Deleted.
933         (WebCore::RenderBlockSelectionInfo::repaint): Deleted.
934         (WebCore::RenderBlockSelectionInfo::block): Deleted.
935         * rendering/RenderView.cpp:
936         (WebCore::RenderView::subtreeSelectionBounds):
937         (WebCore::RenderView::repaintSubtreeSelection):
938         (WebCore::RenderView::clearSubtreeSelection):
939         (WebCore::RenderView::applySubtreeSelection):
940
941 2014-07-28  Pratik Solanki  <psolanki@apple.com>
942
943         Get SharedBuffer.h out of ResourceBuffer.h (and a few other places)
944         https://bugs.webkit.org/show_bug.cgi?id=131782
945
946         Original patch by Tim Horton.
947         Reviewed by Darin Adler.
948
949         No new tests because no functional changes.
950
951         * Modules/indexeddb/IDBCallbacks.h:
952         * Modules/indexeddb/IDBCursorBackend.h:
953         * loader/ios/DiskImageCacheIOS.h:
954         Forward declare SharedBuffer in headers.
955
956         * Modules/indexeddb/IDBRequest.cpp:
957         * loader/cache/CachedImage.cpp:
958         * loader/icon/IconLoader.cpp:
959         * loader/ios/DiskImageCacheIOS.mm:
960         * loader/cache/MemoryCache.cpp:
961         * loader/mac/ResourceBuffer.mm:
962         Include SharedBuffer.h in implementation files.
963
964         * Modules/notifications/Notification.h:
965         * loader/appcache/ApplicationCacheGroup.h:
966         Remove unnecessary includes.
967
968         * loader/ResourceBuffer.cpp:
969         (WebCore::ResourceBuffer::adoptSharedBuffer):
970         * loader/ResourceBuffer.h:
971         Out-of-line adoptSharedBuffer so that the PassRefPtr doesn't require including SharedBuffer.h.
972
973         * platform/graphics/opentype/OpenTypeMathData.cpp:
974         * platform/graphics/opentype/OpenTypeMathData.h:
975         Out-of-line destructor to avoid requiring SharedBuffer.h for the RefPtr.
976         Forward-declare SharedBuffer in the header, include in implementation.
977
978 2014-07-29  Zan Dobersek  <zdobersek@igalia.com>
979
980         [TexMap] GraphicsLayerTextureMapper::addAnimation() box size parameter should be FloatSize
981         https://bugs.webkit.org/show_bug.cgi?id=135237
982
983         Reviewed by Martin Robinson.
984
985         * platform/graphics/texmap/GraphicsLayerTextureMapper.cpp:
986         (WebCore::GraphicsLayerTextureMapper::addAnimation):
987         * platform/graphics/texmap/GraphicsLayerTextureMapper.h: The boxSize parameter of the
988         addAnimation() method must be of the same type as the parameter in the base class
989         declaration -- a const FloatSize reference. Only then is the base virtual method
990         actually overriden.
991
992 2014-07-28  Dan Bernstein  <mitz@apple.com>
993
994         iOS build fix.
995
996         * WebCore.exp.in:
997
998 2014-07-28  Dan Bernstein  <mitz@apple.com>
999
1000         Introduced CredentialBase and made Credential derive from it
1001         Work towards fixing https://bugs.webkit.org/show_bug.cgi?id=135327
1002
1003         Reviewed by Darin Adler.
1004
1005         No change in functionality.
1006
1007         * CMakeLists.txt: Updated for source file rename.
1008
1009         * WebCore.exp.in: Changed to export CredentialBase symbols.
1010
1011         * WebCore.vcxproj/WebCore.vcxproj: Updated for source file rename and new header.
1012         * WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.
1013
1014         * WebCore.xcodeproj/project.pbxproj: Ditto.
1015
1016         * platform/network/Credential.cpp: Renamed to CredentialBase.cpp.
1017
1018         * platform/network/Credential.h: Defined Credential to derive from CredentialBase.
1019
1020         * platform/network/CredentialBase.cpp: Renamed Credential.cpp to this. Updated for the new
1021         name.
1022
1023         * platform/network/CredentialBase.h: Copied from Credential.h, renamed the class to
1024         CredentialBase, and made the constructors protected.
1025
1026 2014-07-28  Zalan Bujtas  <zalan@apple.com>
1027
1028         REGRESSION(r164133): Selection disappears after scrolling on nytimes.com
1029         https://bugs.webkit.org/show_bug.cgi?id=135361
1030
1031         Reviewed by Ryosuke Niwa.
1032
1033         Ensure that when a RenderElement, part of the current selection is removed,
1034         we recalculate and update the selection soon after layout.
1035
1036         Test: fast/dynamic/selection-gets-cleared-when-part-of-it-gets-removed.html
1037
1038         * editing/FrameSelection.cpp:
1039         (WebCore::FrameSelection::setNeedsSelectionUpdate):
1040         (WebCore::FrameSelection::didLayout): didLayout name reflects its functionality better.
1041         (WebCore::FrameSelection::layoutDidChange): Deleted.
1042         * editing/FrameSelection.h: : move some functions to private.
1043         * page/FrameView.cpp:
1044         (WebCore::FrameView::performPostLayoutTasks):
1045         * rendering/RenderBlockFlow.cpp:
1046         (WebCore::RenderBlockFlow::willBeDestroyed):
1047         * rendering/RenderElement.cpp:
1048         (WebCore::RenderElement::removeChildInternal):
1049         * rendering/RenderInline.cpp:
1050         (WebCore::RenderInline::willBeDestroyed):
1051
1052 2014-07-28  Dean Jackson  <dino@apple.com>
1053
1054         [Media iOS] Touching play button feels unresponsive
1055         https://bugs.webkit.org/show_bug.cgi?id=135370
1056         <rdar://problem/17756281>
1057
1058         Reviewed by Simon Fraser.
1059
1060         Add an :active rule that shows a slightly darker button when touched.
1061
1062         * Modules/mediacontrols/mediaControlsiOS.css:
1063         (audio::-webkit-media-controls-start-playback-button:active):
1064
1065 2014-07-28  Brady Eidson  <beidson@apple.com>
1066
1067         REGRESSION(168376): Standalone images pasted to Outlook 2011 don't display
1068         <rdar://problem/17768371> and https://bugs.webkit.org/show_bug.cgi?id=135363
1069
1070         Reviewed by Tim Horton.
1071
1072         Outlook isn’t prepared to handle the resource load callbacks when sent synchronously.
1073
1074         r168376 was an optimization that we no longer need, so the simplest fix is to roll it out.
1075
1076         * editing/mac/EditorMac.mm:
1077         (WebCore::Editor::WebContentReader::readImage):
1078
1079         * loader/archive/ArchiveResource.cpp:
1080         (WebCore::ArchiveResource::ArchiveResource):
1081         * loader/archive/ArchiveResource.h:
1082         (WebCore::ArchiveResource::setShouldLoadImmediately): Deleted.
1083         (WebCore::ArchiveResource::shouldLoadImmediately): Deleted.
1084
1085         * loader/cache/CachedResourceLoader.cpp:
1086         (WebCore::CachedResourceLoader::requestResource):
1087
1088 2014-07-28  Mark Hahnenberg  <mhahnenberg@apple.com>
1089
1090         ASSERTION FAILED: m_heap->vm()->currentThreadIsHoldingAPILock()
1091         https://bugs.webkit.org/show_bug.cgi?id=135352
1092
1093         Reviewed by Oliver Hunt.
1094
1095         * Modules/plugins/QuickTimePluginReplacement.mm:
1096         (WebCore::QuickTimePluginReplacement::ensureReplacementScriptInjected): This should be taking a 
1097         JSLock like its sibling methods do (e.g. installReplacement).
1098
1099 2014-07-28  Antti Koivisto  <antti@apple.com>
1100
1101         <embed> videos flashes constantly while playing inline on iPad, making it unwatchable
1102         https://bugs.webkit.org/show_bug.cgi?id=135356
1103         <rdar://problem/16828238>
1104
1105         Reviewed by Simon Fraser.
1106         
1107         The shadow tree for media controls is scheduling style recalc. The general silliness of
1108         HTMLPlugInImageElement::willRecalcStyle/willDetachRenderers is turning those into render
1109         tree reconstructions causing flicker.
1110
1111         * html/HTMLPlugInImageElement.cpp:
1112         (WebCore::HTMLPlugInImageElement::willRecalcStyle):
1113         
1114             Don't do the forced renderer reconstruction if there is no style change for the element
1115             or its ancestors. This way recalcs scheduled by the shadow tree don't trigger the widget
1116             update code path.
1117
1118 2014-07-27  Brent Fulgham  <bfulgham@apple.com>
1119
1120         [Mac, iOS] Paint-on closed captions get out-of-order in Safari
1121         https://bugs.webkit.org/show_bug.cgi?id=135332
1122         <rdar://problem/15317278>
1123
1124         Reviewed by Jer Noble.
1125
1126         * html/shadow/MediaControlElements.cpp:
1127         (WebCore::MediaControlTextTrackContainerElement::updateDisplay): If the
1128         number of active cues is greater than the current set of CSS boxes representing
1129         the cues, throw away the CSS boxes and re-layout all the cues.
1130         * html/track/InbandGenericTextTrack.cpp:
1131         (WebCore::InbandGenericTextTrack::addGenericCue): Add some logging.
1132         (WebCore::InbandGenericTextTrack::removeGenericCue): Ditto.
1133         * html/track/TextTrackCueGeneric.cpp:
1134         (WebCore::TextTrackCueGeneric::isOrderedBefore): Revise ordering rules so that we put
1135         newer cues earlier in the layout order so they are drawn towards the bottom
1136         of the screen. Only do this for Generic captions.
1137         * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp:
1138         (WebCore::InbandTextTrackPrivateAVF::processAttributedStrings): Adjust logging
1139         messages.
1140         (WebCore::InbandTextTrackPrivateAVF::removeCompletedCues): Add logging.
1141
1142 2014-07-28  Andreas Kling  <akling@apple.com>
1143
1144         REGRESSION (r160806): CSS zoom property doesn't work on anything inside anchors.
1145         <https://webkit.org/b/135344>
1146         <rdar://problem/17759577>
1147
1148         When DeprecatedStyleBuilder applies the CSS zoom property (ApplyPropertyZoom)
1149         it first resets the "effective zoom" by calling RenderStyle::setEffectiveZoom().
1150
1151         This mechanism was not resistent to being called multiple times, due to the
1152         optimization in RenderStyle::setZoom() to avoid copy-on-writing the shared data
1153         when setting some property to the already-set value.
1154
1155         The bug would happen in this sequence:
1156
1157         ApplyPropertyZoom:
1158             - setEffectiveZoom(1);
1159             - setZoom(2); // this updates the effective zoom
1160         ApplyPropertyZoom:
1161             - setEffectiveZoom(1);
1162             - setZoom(2); // this doesn't update the effective zoom
1163
1164         When we run the second setZoom(2); call, the RenderStyle's zoom value is 2
1165         already and we'll early return without updating the effective zoom.
1166
1167         This change moves the updating of the effective zoom in setZoom() to take place
1168         before the early return due to overwriting with the same value.
1169
1170         Note: the fact that we're apply the zoom property twice is an inefficiency that
1171         we should figure out a way to avoid in the future.
1172
1173         Reviewed by Simon Fraser.
1174
1175         Test: fast/css/zoom-inside-link.html
1176
1177         * rendering/style/RenderStyle.h:
1178         (WebCore::RenderStyle::setZoom):
1179
1180 2014-07-28  Bear Travis  <betravis@adobe.com>
1181
1182         [CSS Font Loading] Update Font Loading Code
1183         https://bugs.webkit.org/show_bug.cgi?id=135340
1184
1185         Reviewed by Antti Koivisto.
1186
1187         Update the Font Loading code to build again, as trunk has evolved
1188         since the feature was originally written. Mostly, this requires
1189         updating the code to work with the new Font representation.
1190
1191         The original tests were enabled only for the Chromium port.
1192         They will need to be updated when the feature is enabled by default.
1193
1194         * WebCore.xcodeproj/project.pbxproj: Add missing files.
1195         * css/FontLoader.cpp: Update to new Font representation.
1196         (WebCore::LoadFontCallback::createFromParams):
1197         (WebCore::LoadFontCallback::~LoadFontCallback):
1198         (WebCore::FontLoader::loadFont):
1199         (WebCore::FontLoader::checkFont):
1200         (WebCore::applyPropertyToCurrentStyle):
1201         (WebCore::FontLoader::resolveFontStyle):
1202
1203 2014-07-28  Wenson Hsieh  <wenson_hsieh@apple.com>
1204
1205         Let WheelEvent wrap a PlatformWheelEvent
1206         https://bugs.webkit.org/show_bug.cgi?id=135244
1207
1208         WheelEvent now wraps a PlatformWheelEvent. m_directionInvertedFromDevice, as well as m_phase and m_momentumPhase
1209         have been removed, since the information is redundant in PlatformWheelEvent. Note that deltaX and deltaY have
1210         NOT been replaced, since we need double precision instead of float precision.
1211
1212         Reviewed by Beth Dakin.
1213
1214         No new tests, since behavior should not have changed.
1215
1216         * dom/WheelEvent.cpp:
1217         (WebCore::WheelEvent::WheelEvent):
1218         (WebCore::WheelEvent::initWheelEvent):
1219         * dom/WheelEvent.h:
1220         (WebCore::WheelEvent::wheelEvent): Returns a non-null pointer to the PlatformWheelEvent iff WheelEvent was initialized by PlatformWheelEvent.
1221         (WebCore::WheelEvent::webkitDirectionInvertedFromDevice): Updated to use PlatformWheelEvent.
1222         (WebCore::WheelEvent::phase): Updated to use PlatformWheelEvent.
1223         (WebCore::WheelEvent::momentumPhase): Updated to use PlatformWheelEvent.
1224
1225 2014-07-28  Brent Fulgham  <bfulgham@apple.com>
1226
1227         Unreviewed 'merge' fix.
1228
1229         * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp:
1230         Correct line endings to allow EWS merges again.
1231
1232 2014-07-28  Zoltan Horvath  <zoltan@webkit.org>
1233
1234         [CSS3-Text] Adjust text-justify implementation to the latest spec
1235         https://bugs.webkit.org/show_bug.cgi?id=135317
1236
1237         Reviewed by Darin Adler.
1238
1239         Text-justify no longer accepts the following values: Inter-ideograph, inter-
1240         cluster, and kashida. This patch removes them and updates the tests as well.
1241
1242         [1] http://dev.w3.org/csswg/css-text-3/#propdef-text-justify
1243
1244         Updated existing tests.
1245
1246         * css/CSSParser.cpp:
1247         (WebCore::isValidKeywordPropertyAndValue):
1248         * css/CSSPrimitiveValueMappings.h:
1249         (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
1250         (WebCore::CSSPrimitiveValue::operator TextJustify):
1251         * css/CSSValueKeywords.in:
1252         * rendering/style/RenderStyle.cpp:
1253         (WebCore::RenderStyle::changeRequiresLayout):
1254         * rendering/style/RenderStyleConstants.h:
1255         * rendering/style/StyleRareInheritedData.h:
1256
1257 2014-07-28  Radu Stavila  <stavila@adobe.com>
1258
1259         REGRESSION (r169105): Crash in selection
1260         https://bugs.webkit.org/show_bug.cgi?id=134303
1261
1262         Reviewed by Mihnea Ovidenie.
1263
1264         When splitting the selection between different subtrees, all subtrees must have their selection cleared before
1265         starting to apply the new selection. Otherwise, when selecting objects in a named flow thread and going up
1266         its containing block chain, we can end up in the view's selection root, which has not yet been updated and so
1267         we get inconsistent data.
1268
1269         To achieve this goal, the selection update was split into a "clear" and an "apply" method. The updateSelectionForSubtrees
1270         method first iterates through all subtrees and performs the "clear" method and then starts all over again
1271         and performs the "apply" method.
1272
1273         Test: fast/regions/selection/crash-deselect.html
1274
1275         * WebCore.xcodeproj/project.pbxproj:
1276         * rendering/RenderSelectionInfo.h:
1277         * rendering/RenderView.cpp:
1278         (WebCore::RenderView::setSelection):
1279         (WebCore::RenderView::splitSelectionBetweenSubtrees):
1280         (WebCore::RenderView::updateSelectionForSubtrees): Added, clears and re-applies selection for all selection subtrees.
1281         (WebCore::RenderView::clearSubtreeSelection): Added, clears selection and returns previously selected information.
1282         (WebCore::RenderView::applySubtreeSelection): Added, updates the selection status of all objects inside the selection tree, compares old and new data and repaints accordingly.
1283         (WebCore::RenderView::setSubtreeSelection): Deleted.
1284         * rendering/RenderView.h:
1285         * rendering/SelectionSubtreeRoot.cpp:
1286         (WebCore::SelectionSubtreeRoot::SelectionSubtreeRoot):
1287         * rendering/SelectionSubtreeRoot.h:
1288         (WebCore::SelectionSubtreeRoot::OldSelectionData::OldSelectionData):
1289
1290 2014-07-28  Yusuke Suzuki  <utatane.tea@gmail.com>
1291
1292         CSS: Fix :visited behavior for SubSelectors
1293         https://bugs.webkit.org/show_bug.cgi?id=135324
1294
1295         Reviewed by Benjamin Poulain.
1296
1297         Disable :visited match for the selectors that has SubSelectors.
1298
1299         Tests: fast/history/nested-visited-test-complex.html
1300                fast/history/sibling-visited-test-complex.html
1301
1302         * css/SelectorChecker.cpp:
1303         (WebCore::SelectorChecker::matchRecursively):
1304
1305 2014-07-27  Ryuan Choi  <ryuan.choi@samsung.com>
1306
1307         Remove GraphicsSurfaceGLX.cpp
1308         https://bugs.webkit.org/show_bug.cgi?id=135279
1309
1310         Reviewed by Darin Adler.
1311
1312         GraphicsSurfaceGLX.cpp is not used since Qt dropped and Efl port changed at r146458
1313
1314         * platform/graphics/surfaces/glx/GraphicsSurfaceGLX.cpp: Removed.
1315
1316 2014-07-27  Bruno de Oliveira Abinader  <bruno.d@partner.samsung.com>
1317
1318         Support for :enabled selector on Anchor & Area elements
1319         https://bugs.webkit.org/show_bug.cgi?id=134826
1320
1321         Reviewed by Darin Adler.
1322
1323         Updates the PseudoClassEnabled selector checker to check for Anchor & Area
1324         elements with a 'href' attribute.
1325
1326         Spec: http://html.spec.whatwg.org/#selector-enabled
1327
1328         Test: fast/css/css-selector-enabled-links.html
1329
1330         * css/SelectorCheckerTestFunctions.h:
1331         (WebCore::isEnabled): Added check for anchor & area elements.
1332
1333 2014-07-27  Daniel Bates  <dabates@apple.com>
1334
1335         [WK2] Crash when accessing window.localStorage after calling window.close()
1336         https://bugs.webkit.org/show_bug.cgi?id=135328
1337         <rdar://problem/17315237>
1338
1339         Reviewed by Sam Weinig.
1340
1341         Fixes an issue where accessing local storage for the first time after calling window.close()
1342         causes a crash.
1343
1344         For now, we should disallow accessing local storage after calling window.close() regardless of
1345         whether it's the first access to local storage as this seems like a bad idiom to support. Note,
1346         this represents a change in behavior from WebKit1. If such usage of window.localStorage turns
1347         out to be reasonable then we can visit this decision again in <https://bugs.webkit.org/show_bug.cgi?id=135330>.
1348
1349         Tests: storage/domstorage/localstorage/access-storage-after-window-close.html
1350                storage/domstorage/localstorage/access-storage-then-set-value-in-storage-after-window-close.html
1351                storage/domstorage/localstorage/set-value-in-storage-after-window-close.html
1352
1353         * page/DOMWindow.cpp:
1354         (WebCore::DOMWindow::localStorage): Modified to only return the cached local storage or
1355         create a new local storage so long as the page isn't being closed. Also, substitute nullptr
1356         for 0.
1357         (WebCore::DOMWindow::close): Call Page::setIsClosing() to mark that the page is closing.
1358         * page/Page.cpp:
1359         (WebCore::Page::Page): Initialize m_isClosing to false.
1360         * page/Page.h:
1361         (WebCore::Page::setIsClosing): Added.
1362         (WebCore::Page::isClosing): Added.
1363
1364 2014-07-27  Filip Pizlo  <fpizlo@apple.com>
1365
1366         Merge r170090, r170092, r170129, r170141, r170161, r170215, r170275, r170375, r170376, r170382, r170383, r170399, r170436, r170489, r170490, r170556 from ftlopt.
1367         
1368         This fixes the previous mismerge and adds test coverage for the thing that went wrong.
1369         Also, this adds some helpers for making it easier to inspect JavaScript values.
1370
1371         * testing/Internals.cpp:
1372         (WebCore::Internals::description):
1373         * testing/Internals.h:
1374         * testing/Internals.idl:
1375
1376     2014-07-25  Mark Lam  <mark.lam@apple.com>
1377     
1378             [ftlopt] Renamed DebuggerActivation to DebuggerScope.
1379             <https://webkit.org/b/134273>
1380     
1381             Reviewed by Michael Saboff.
1382     
1383             No new tests.
1384     
1385             * ForwardingHeaders/debugger/DebuggerActivation.h: Removed.
1386             - Removed because this is not used.
1387     
1388 2014-07-26  Brian J. Burg  <burg@cs.washington.edu>
1389
1390         Web Replay: log and enforce session/segment state machine transitions
1391         https://bugs.webkit.org/show_bug.cgi?id=135224
1392
1393         Reviewed by Timothy Hatcher.
1394
1395         For debugging purposes, log session and segment state transitions.
1396         Assert that segment state transitions are valid.
1397
1398         No new tests. No behavior was changed.
1399
1400         * replay/ReplayController.cpp:
1401         (WebCore::logDispatchedDOMEvent):
1402         (WebCore::sessionStateToString):
1403         (WebCore::segmentStateToString):
1404         (WebCore::ReplayController::setSessionState):
1405         (WebCore::ReplayController::setSegmentState):
1406         (WebCore::ReplayController::createSegment):
1407         (WebCore::ReplayController::completeSegment): Remove a wrong state transition.
1408         (WebCore::ReplayController::loadSegmentAtIndex):
1409         (WebCore::ReplayController::unloadSegment): Fix a now-erroneous assertion.
1410         (WebCore::ReplayController::startPlayback):
1411         (WebCore::ReplayController::pausePlayback):
1412         (WebCore::ReplayController::willDispatchEvent):
1413         (WebCore::ReplayController::cancelPlayback):
1414         * replay/ReplayController.h:
1415
1416 2014-07-26  Filip Pizlo  <fpizlo@apple.com>
1417
1418         Unreviewed, roll out r171641-r171644. It broke some tests; will investigate and
1419         reland later.
1420
1421         * ForwardingHeaders/debugger/DebuggerActivation.h: Added.
1422
1423 2014-07-26  Timothy Horton  <timothy_horton@apple.com>
1424
1425         Crash in Web Content Process under ~PDFDocument under clearTouchEventListeners at topDocument()
1426         https://bugs.webkit.org/show_bug.cgi?id=135319
1427         <rdar://problem/17315168>
1428
1429         Reviewed by Darin Adler and Antti Koivisto.
1430
1431         * dom/Document.h:
1432         * dom/Document.cpp:
1433         (WebCore::Document::Document):
1434         (WebCore::Document::prepareForDestruction):
1435         Add a flag on Document, m_hasPreparedForDestruction, which ensures
1436         that each Document only goes through prepareForDestruction() once.
1437         prepareForDestruction() can be called a number of times during teardown,
1438         but it's only necessary to actually execute it once.
1439         
1440         This was previously achieved by virtue of all callers of prepareForDestruction()
1441         first checking hasLivingRenderTree, and prepareForDestruction() tearing down
1442         the render tree, but that meant that prepareForDestruction() was not called
1443         for Documents who never had a render tree in the first place.
1444
1445         The only part of prepareForDestruction() that is now predicated on hasLivingRenderTree()
1446         is the call to destroyRenderTree(); the rest of the function has the potential to be relevant
1447         for non-rendered placeholder documents and can safely deal with them in other ways.
1448
1449         It is important to call prepareForDestruction() on non-rendered placeholder documents
1450         because some of the cleanup (like disconnectFromFrame()) is critical to safe destruction.
1451
1452         * loader/FrameLoader.cpp:
1453         (WebCore::FrameLoader::clear):
1454         Call prepareForDestruction() even if we don't have a living render tree.
1455         For the sake of minimizing change, removeFocusedNodeOfSubtree still
1456         depends on having a living render tree before calling prepareForDestruction().
1457
1458         * page/Frame.cpp:
1459         (WebCore::Frame::setView):
1460         (WebCore::Frame::setDocument):
1461         Call prepareForDestruction() even if we don't have a living render tree.
1462
1463 2014-07-25  Filip Pizlo  <fpizlo@apple.com>
1464
1465         Merge r170090, r170092, r170129, r170141, r170161, r170215, r170275, r170375, r170376, r170382, r170383, r170399, r170436, r170489, r170490, r170556 from ftlopt.
1466
1467     2014-07-25  Mark Lam  <mark.lam@apple.com>
1468     
1469             [ftlopt] Renamed DebuggerActivation to DebuggerScope.
1470             <https://webkit.org/b/134273>
1471     
1472             Reviewed by Michael Saboff.
1473     
1474             No new tests.
1475     
1476             * ForwardingHeaders/debugger/DebuggerActivation.h: Removed.
1477             - Removed because this is not used.
1478     
1479 2014-07-25  Zalan Bujtas  <zalan@apple.com>
1480
1481         Subpixel rendering: Rounded rect gets non-renderable at certain subpixel size.
1482         https://bugs.webkit.org/show_bug.cgi?id=135314
1483         <rdar://problem/17812921>
1484
1485         Reviewed by Tim Horton.
1486
1487         While calculating the rounded rect for painting, the radius is adjusted to compensate
1488         for the pixel snapped size. However while scaling the radius, certain values overflow
1489         (float) mantissa and it produces a non-renderable rounded rect where the radius becomes bigger
1490         than the rectangle dimensions. In such cases, we need to shrink the radius to make it
1491         renderable again.
1492
1493         Test: transitions/rounded-rect-becomes-non-renderable-while-transitioning.html
1494
1495         * platform/graphics/RoundedRect.cpp:
1496         (WebCore::RoundedRect::pixelSnappedRoundedRectForPainting): shrink the radius by
1497         one device pixel. It is as good as any other small value.
1498
1499 2014-07-25  Jer Noble  <jer.noble@apple.com>
1500
1501         [EME][Mac] CDM error messages not piped through to MediaKeySession correctly; clients don't receive error events
1502         https://bugs.webkit.org/show_bug.cgi?id=135312
1503         <rdar://problem/17817223>
1504
1505         Reviewed by Brent Fulgham.
1506
1507         Set (and clear) the client interface so that errors can be piped from the CDMSession up to the MediaKeySession.
1508
1509         * Modules/encryptedmedia/MediaKeySession.cpp:
1510         (WebCore::MediaKeySession::MediaKeySession):
1511         (WebCore::MediaKeySession::close):
1512
1513 2014-07-25  Jer Noble  <jer.noble@apple.com>
1514
1515         [MSE] Playback stalls & readyState drops to HAVE_CURRENT_DATA at end of stream with unbalanced buffered SourceBuffers
1516         https://bugs.webkit.org/show_bug.cgi?id=135291
1517         <rdar://problem/17715503>
1518
1519         Reviewed by Sam Weinig.
1520
1521         Test: media/media-source/media-source-end-of-stream-buffered.html
1522
1523         When determining the correct ReadyState for the MediaSource in monitorSourceBuffers(), use the same
1524         definition of "buffered" as is used in the calculation of HTMLMediaElement.buffered and in the
1525         Stream Ended algorithm. Namely, when the stream has ended, treat each SourceBuffer as if its last
1526         buffered range extends to the duration of the stream. This allows playback to continue through to
1527         the duration without stalling due to monitorSourceBuffers().
1528
1529         * Modules/mediasource/SourceBuffer.cpp:
1530         (WebCore::SourceBuffer::bufferedAccountingForEndOfStream): Added; extends the last range in buffered
1531             to MediaSource::duration() if the MediaSource is ended.
1532         (WebCore::SourceBuffer::hasCurrentTime): Uses bufferedAccountingForEndOfStream().
1533         (WebCore::SourceBuffer::hasFutureTime): Ditto.
1534         (WebCore::SourceBuffer::canPlayThrough): Ditto.
1535         * Modules/mediasource/SourceBuffer.h:
1536
1537         Add a convenience method for determining whether the MediaSource has ended:
1538         * Modules/mediasource/MediaSource.cpp:
1539         (WebCore::MediaSource::isEnded):
1540         * Modules/mediasource/MediaSource.h:
1541
1542         Add start() and end() methods that don't take a (usually ignored) isValid inout parameter. Add duration()
1543         and maximumBufferedTime() convenience methods:
1544         * platform/graphics/PlatformTimeRanges.cpp:
1545         (WebCore::PlatformTimeRanges::start):
1546         (WebCore::PlatformTimeRanges::end):
1547         (WebCore::PlatformTimeRanges::duration):
1548         (WebCore::PlatformTimeRanges::maximumBufferedTime):
1549         * platform/graphics/PlatformTimeRanges.h:
1550
1551 2014-07-25  Pratik Solanki  <psolanki@apple.com>
1552
1553         [iOS] REGRESSION(r171526): Images fail to load sometimes
1554         https://bugs.webkit.org/show_bug.cgi?id=135304
1555         <rdar://problem/17811922>
1556
1557         Reviewed by Alexey Proskuryakov.
1558
1559         SharedBuffer::createCFData() calls data() as a way to coalesce the data array elements and
1560         segments into m_buffer. However, data() has an optimization where if we had a single element
1561         in the data array, it would just return that and not do coalescing. So when we passed
1562         m_buffer to WebCoreSharedData, we passed a buffer with no data in it.
1563
1564         Fix this by bringing the optimization to createCFData() and return the CFDataRef from the
1565         data array if we just have a single element.
1566
1567         No new tests. Should be covered by existing tests.
1568
1569         * platform/mac/SharedBufferMac.mm:
1570         (WebCore::SharedBuffer::createCFData):
1571
1572 2014-07-25  Jer Noble  <jer.noble@apple.com>
1573
1574         [MSE] High CPU usage in SampleMap::findSamplesWithinPresentationRange() with a large number of buffered samples.
1575         https://bugs.webkit.org/show_bug.cgi?id=135247
1576
1577         Reviewed by Geoffrey Garen.
1578
1579         Anchor our search for overlapping frames to the end of the search range when the overlap range is sufficiently
1580         close to the end of the search range. The common case for this search is when a sample is about to be appended
1581         to the end of the sample queue, so this should turn most searches into no-ops.
1582
1583         * Modules/mediasource/SampleMap.cpp:
1584         (WebCore::PresentationOrderSampleMap::findSamplesWithinPresentationRangeFromEnd):
1585         * Modules/mediasource/SampleMap.h:
1586         * Modules/mediasource/SourceBuffer.cpp:
1587         (WebCore::SourceBuffer::sourceBufferPrivateDidReceiveSample):
1588
1589 2014-07-25  Gavin Barraclough  <baraclough@apple.com>
1590
1591         Yosemite version number is 101000
1592         https://bugs.webkit.org/show_bug.cgi?id=135301
1593
1594         Reviewed by Sam Weinig.
1595
1596         * WebCore.exp.in:
1597         * platform/ContentFilter.h:
1598         * platform/mac/ScrollViewMac.mm:
1599         (WebCore::ScrollView::platformVisibleContentRect):
1600         * platform/mac/ThemeMac.mm:
1601         (WebCore::updateStates):
1602         (WebCore::paintToggleButton):
1603         * platform/network/cf/CookieJarCFNet.cpp:
1604         (WebCore::copyCookiesForURLWithFirstPartyURL):
1605         * platform/network/cf/ResourceRequest.h:
1606         (WebCore::ResourceRequest::resourcePrioritiesEnabled):
1607         * rendering/RenderThemeMac.mm:
1608         (WebCore::RenderThemeMac::search):
1609
1610 2014-07-25  David Hyatt  <hyatt@apple.com>
1611
1612         [New Multicolumn] RenderViews paginated as RL or LR don't handle percentage widths correctly.
1613         REGRESSION: Images don’t scale to fit in page in vertical text books
1614
1615         https://bugs.webkit.org/show_bug.cgi?id=135204
1616         <rdar://problem/17043792>
1617         
1618         Reviewed by Simon Fraser.
1619
1620         Added fast/multicol/pagination/RightToLeft-max-width.html
1621
1622         * rendering/RenderView.cpp:
1623         (WebCore::RenderView::availableLogicalHeight):
1624         Put back in the same code that used to exist for the old columns (but ported to the new
1625         columns).
1626     
1627 2014-07-25  Dan Bernstein  <mitz@apple.com>
1628
1629         [Mac] Unneeded MobileMe workaround in ResourceHandle::receivedCredential
1630         https://bugs.webkit.org/show_bug.cgi?id=135297
1631
1632         Reviewed by Alexey Proskuryakov.
1633
1634         * platform/network/mac/ResourceHandleMac.mm:
1635         (WebCore::ResourceHandle::receivedCredential): Removed the site-specific behavior for
1636         gallery.me.com.
1637
1638 2014-07-25  Commit Queue  <commit-queue@webkit.org>
1639
1640         Unreviewed, rolling out r171480.
1641         https://bugs.webkit.org/show_bug.cgi?id=135300
1642
1643         it broke replaced elements in pagination (Requested by dhyatt_
1644         on #webkit).
1645
1646         Reverted changeset:
1647
1648         "Ensure we compute the min and max height of replaced elements
1649         to 'none' or 0 when appropriate."
1650         https://bugs.webkit.org/show_bug.cgi?id=135181
1651         http://trac.webkit.org/changeset/171480
1652
1653 2014-07-25  Commit Queue  <commit-queue@webkit.org>
1654
1655         Unreviewed, rolling out r171587.
1656         https://bugs.webkit.org/show_bug.cgi?id=135294
1657
1658         Made fast/dom/HTMLObjectElement/beforeload-set-text-
1659         crash.xhtml crash again (Requested by ap on #webkit).
1660
1661         Reverted changeset:
1662
1663         "REGRESSION (r169105): Crash in selection"
1664         https://bugs.webkit.org/show_bug.cgi?id=134303
1665         http://trac.webkit.org/changeset/171587
1666
1667 2014-07-25  Dan Bernstein  <mitz@apple.com>
1668
1669         ResourceErrorBase::compare doesn’t call the right platformCompare override
1670         https://bugs.webkit.org/show_bug.cgi?id=135240
1671
1672         Reviewed by Alexey Proskuryakov.
1673
1674         * platform/network/ResourceErrorBase.cpp:
1675         (WebCore::ResourceErrorBase::compare): Changed to call ResourceError::platformCompare.
1676         * platform/network/cf/ResourceError.h: Made platformCompare public.
1677         * platform/network/soup/ResourceError.h: Ditto.
1678
1679 2014-07-25  Dan Bernstein  <mitz@apple.com>
1680
1681         [Cocoa] WebProtectionSpace::receivesCredentialSecurely incorrectly returns false in some cases
1682         https://bugs.webkit.org/show_bug.cgi?id=135241
1683
1684         Reviewed by Alexey Proskuryakov.
1685
1686         * WebCore.exp.in: Export ProtectionSpace::receivesCredentialSecurely.
1687
1688         * platform/network/cocoa/ProtectionSpaceCocoa.h: Declare override of receivesCredentialSecurely.
1689         * platform/network/cocoa/ProtectionSpaceCocoa.mm:
1690         (WebCore::ProtectionSpace::receivesCredentialSecurely): Use -[NSURLProtectionSpace receivesCredentialSecurely].
1691
1692 2014-07-25  Zalan Bujtas  <zalan@apple.com>
1693
1694         Subpixel rendering: iOS video playback controls look blurry.
1695         https://bugs.webkit.org/show_bug.cgi?id=135245
1696         <rdar://problem/16878037>
1697
1698         Reviewed by Simon Fraser.
1699
1700         This patch introduces a compositing parent of the overlay control panel so that
1701         the transformed overlay panel becomes sharp. This is a workaround for webkit.org/b/135246.
1702
1703         Can't find a way to test it yet.
1704
1705         * Modules/mediacontrols/mediaControlsApple.css:
1706         (video::-webkit-media-controls-panel-composited-parent):
1707         * Modules/mediacontrols/mediaControlsApple.js:
1708         (Controller.prototype.createControls):
1709         (Controller.prototype.addControls):
1710         * Modules/mediacontrols/mediaControlsiOS.css:
1711         (video::-webkit-media-controls-panel-composited-parent):
1712         * Modules/mediacontrols/mediaControlsiOS.js: This is a workaround for webkit.org/b/135248
1713         It pushes the overlay panel down to close the gap with the video element. Since the
1714         panel's size in css pixels is scale dependent, the gap needs to be scale dependent too.
1715         (ControllerIOS.prototype.set pageScaleFactor):
1716
1717 2014-07-24  Dirk Schulze  <krit@webkit.org>
1718
1719         Turn x/y to presentation attributes
1720         https://bugs.webkit.org/show_bug.cgi?id=135215
1721
1722         Reviewed by Dean Jackson.
1723
1724         This follows the patch for width and height presentation attributes and
1725         turns x and y to presentation attributes as well:
1726
1727         http://trac.webkit.org/changeset/171341
1728
1729         Tests: svg/css/parse-length.html
1730                transitions/svg-layout-transition.html
1731
1732         Added copyright where I forgot it in previous patch.
1733
1734         * css/CSSComputedStyleDeclaration.cpp: Computed style of x and y.
1735         (WebCore::ComputedStyleExtractor::propertyValue):
1736         * css/CSSParser.cpp:
1737         (WebCore::isSimpleLengthPropertyID): Add x and y to list.
1738         * css/DeprecatedStyleBuilder.cpp:
1739         (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder): Resolve x and y.
1740         * css/SVGCSSParser.cpp:
1741         (WebCore::CSSParser::parseSVGValue): Parse x and y property.
1742         * css/SVGCSSPropertyNames.in: Add x and y to list of names.
1743         * css/StyleResolver.h:
1744         * page/animation/CSSPropertyAnimation.cpp: Animate x and y as Length.
1745         (WebCore::CSSPropertyAnimationWrapperMap::CSSPropertyAnimationWrapperMap):
1746         * rendering/style/RenderStyle.h: Add x and y setters and getters.
1747         * rendering/style/SVGRenderStyle.cpp: Add x and y setters for StyleLayoutData.
1748         (WebCore::SVGRenderStyle::SVGRenderStyle):
1749         (WebCore::SVGRenderStyle::operator==):
1750         (WebCore::SVGRenderStyle::copyNonInheritedFrom):
1751         (WebCore::SVGRenderStyle::diff):
1752         * rendering/style/SVGRenderStyle.h:
1753         (WebCore::SVGRenderStyle::setX):
1754         (WebCore::SVGRenderStyle::setY):
1755         (WebCore::SVGRenderStyle::x):
1756         (WebCore::SVGRenderStyle::y):
1757         * rendering/style/SVGRenderStyleDefs.cpp: Add StyleLayoutData for style storing.
1758         (WebCore::StyleLayoutData::StyleLayoutData):
1759         (WebCore::StyleLayoutData::copy):
1760         (WebCore::StyleLayoutData::operator==):
1761         * rendering/style/SVGRenderStyleDefs.h:
1762         (WebCore::StyleLayoutData::create):
1763         (WebCore::StyleLayoutData::operator!=):
1764         * rendering/svg/RenderSVGRect.cpp:
1765         (WebCore::RenderSVGRect::updateShapeFromElement):
1766         * rendering/svg/SVGPathData.cpp: Use RenderStyle values rather than attribute values.
1767         (WebCore::updatePathFromRectElement):
1768         * svg/SVGAnimationElement.cpp:
1769         (WebCore::SVGAnimationElement::isTargetAttributeCSSProperty): Fix text detection.
1770         * svg/SVGElement.cpp: Add x and y to the relevant property lists.
1771         (WebCore::populateAttributeNameToCSSPropertyIDMap):
1772         (WebCore::populateCSSPropertyWithSVGDOMNameToAnimatedPropertyTypeMap):
1773         * svg/SVGFilterElement.cpp: Style update on change of x and y.
1774         (WebCore::SVGFilterElement::svgAttributeChanged):
1775         * svg/SVGMaskElement.cpp: Ditto.
1776         (WebCore::SVGMaskElement::svgAttributeChanged):
1777         * svg/SVGPatternElement.cpp: Ditto.
1778         (WebCore::SVGPatternElement::svgAttributeChanged):
1779         * svg/SVGRectElement.cpp: Ditto.
1780         (WebCore::SVGRectElement::svgAttributeChanged):
1781         * svg/SVGTextPositioningElement.cpp: Exclude x and y of text elements since they
1782             are lists instead of individual values. Solution about to be discussed
1783             in the WG. Keep current behavior for now.
1784         (WebCore::SVGTextPositioningElement::collectStyleForPresentationAttribute):
1785         (WebCore::SVGTextPositioningElement::isPresentationAttribute):
1786         * svg/SVGTextPositioningElement.h:
1787
1788 2014-07-24  Yusuke Suzuki  <utatane.tea@gmail.com>
1789
1790         CSS JIT: Implement Pseudo Element
1791         https://bugs.webkit.org/show_bug.cgi?id=134835
1792
1793         Reviewed by Benjamin Poulain.
1794
1795         Implement Pseudo Element handling for CSS JIT SelectorCompiler.
1796         At first, we start with the simple implementation. We handle limited number of pseudo element,
1797         before, after, first-line, first-letter.
1798
1799         Tests: fast/selectors/pseudo-element-inside-any.html
1800                fast/selectors/querySelector-pseudo-element-inside-functional-pseudo-class-any.html
1801                fast/selectors/querySelector-pseudo-element-inside-functional-pseudo-class-not.html
1802                fast/selectors/querySelector-pseudo-element.html
1803
1804         * css/ElementRuleCollector.cpp:
1805         (WebCore::ElementRuleCollector::ruleMatches):
1806         * css/SelectorChecker.cpp:
1807         (WebCore::SelectorChecker::matchRecursively):
1808         * cssjit/SelectorCompiler.cpp:
1809         (WebCore::SelectorCompiler::SelectorFragment::SelectorFragment):
1810         (WebCore::SelectorCompiler::constructFragments):
1811         (WebCore::SelectorCompiler::SelectorCodeGenerator::generateSelectorChecker):
1812         (WebCore::SelectorCompiler::SelectorCodeGenerator::loadCheckingContext):
1813         (WebCore::SelectorCompiler::SelectorCodeGenerator::branchOnResolvingModeWithCheckingContext):
1814         (WebCore::SelectorCompiler::SelectorCodeGenerator::branchOnResolvingMode):
1815         (WebCore::SelectorCompiler::SelectorCodeGenerator::jumpIfNotResolvingStyle):
1816         (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementMatching):
1817         (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsActive):
1818         (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsHovered):
1819         (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementHasPseudoElement):
1820         (WebCore::SelectorCompiler::SelectorCodeGenerator::generateRequestedPseudoElementEqualsToSelectorPseudoElement):
1821         (WebCore::SelectorCompiler::SelectorCodeGenerator::generateMarkPseudoStyleForPseudoElement):
1822         * cssjit/SelectorCompiler.h:
1823         * rendering/style/RenderStyle.h:
1824         * rendering/style/RenderStyleConstants.h:
1825
1826 2014-07-24  Radu Stavila  <stavila@adobe.com>
1827
1828         REGRESSION (r169105): Crash in selection
1829         https://bugs.webkit.org/show_bug.cgi?id=134303
1830
1831         Patch by Radu Stavila <stavila@adobe.com> on 2014-07-24
1832         Reviewed by David Hyatt.
1833
1834         When splitting the selection between different subtrees, all subtrees must have their selection cleared before
1835         starting to apply the new selection. Otherwise, when selecting objects in a named flow thread and going up
1836         its containing block chain, we can end up in the view's selection root, which has not yet been updated and so
1837         we get inconsistent data.
1838
1839         To achieve this goal, the selection update was split into a "clear" and an "apply" method. The updateSelectionForSubtrees
1840         method first iterates through all subtrees and performs the "clear" method and then starts all over again
1841         and performs the "apply" method.
1842
1843         Test: fast/regions/selection/crash-deselect.html
1844
1845         * WebCore.xcodeproj/project.pbxproj:
1846         * rendering/RenderSelectionInfo.h:
1847         * rendering/RenderView.cpp:
1848         (WebCore::RenderView::setSelection):
1849         (WebCore::RenderView::splitSelectionBetweenSubtrees):
1850         (WebCore::RenderView::updateSelectionForSubtrees): Added, clears and re-applies selection for all selection subtrees.
1851         (WebCore::RenderView::clearSubtreeSelection): Added, clears selection and returns previously selected information.
1852         (WebCore::RenderView::applySubtreeSelection): Added, updates the selection status of all objects inside the selection tree, compares old and new data and repaints accordingly.
1853         (WebCore::RenderView::setSubtreeSelection): Deleted.
1854         * rendering/RenderView.h:
1855         * rendering/SelectionSubtreeRoot.cpp:
1856         (WebCore::SelectionSubtreeRoot::SelectionSubtreeRoot):
1857         * rendering/SelectionSubtreeRoot.h:
1858         (WebCore::SelectionSubtreeRoot::OldSelectionData::OldSelectionData):
1859
1860 2014-07-24  Ryosuke Niwa  <rniwa@webkit.org>
1861
1862         REGRESSION(r164401): Placing a caret doesn't bring up autocorrection panel
1863         https://bugs.webkit.org/show_bug.cgi?id=135278
1864
1865         Reviewed by Tim Horton.
1866
1867         The bug was caused by editorUIUpdateTimerFired calling respondToChangedSelection only if the selection was
1868         triggered by dictation instead of only if it was NOT triggered by dictation.
1869
1870         Prior to r164401, AlternativeTextController::respondToMarkerAtEndOfWord exited early when SetSelectionOptions
1871         had DictationTriggered set. r164401 intended to move this check to editorUIUpdateTimerFired to avoid passing
1872         options around but the boolean condition was erroneously flipped.
1873
1874         Fixed the bug by negating the condition in editorUIUpdateTimerFired.
1875
1876         No new tests for now since autocorrection panel cannot be tested automatically. (We should really automate this!)
1877
1878         * editing/Editor.cpp:
1879         (WebCore::Editor::editorUIUpdateTimerFired):
1880
1881 2014-07-24  Pratik Solanki  <psolanki@apple.com>
1882
1883         REGRESSION(r171526): [GTK] Massive crashes.
1884         https://bugs.webkit.org/show_bug.cgi?id=135283
1885
1886         Unreviewed. GTK build fix after r171526. Initialize m_buffer in SharedBuffer constructor.
1887
1888         * platform/soup/SharedBufferSoup.cpp:
1889         (WebCore::SharedBuffer::SharedBuffer):
1890
1891 2014-07-24  Tim Horton  <timothy_horton@apple.com>
1892
1893         Crashes under scanSelectionForTelephoneNumbers in Range::text() on some sites
1894         https://bugs.webkit.org/show_bug.cgi?id=135281
1895         <rdar://problem/17803347>
1896
1897         Reviewed by Ryosuke Niwa.
1898
1899         * editing/Editor.cpp:
1900         (WebCore::Editor::scanSelectionForTelephoneNumbers):
1901         toNormalizedRange is not guaranteed to return a non-null range.
1902         If it returns null, pass the empty markedRanges down to the client as our new set.
1903
1904 2014-07-24  Dan Bernstein  <mitz@apple.com>
1905
1906         WebCore part of <rdar://problem/17593701> Assertion failure in WebPage::reload (!m_pendingNavigationID) when reloading after a same-document back navigation
1907         https://bugs.webkit.org/show_bug.cgi?id=135129
1908
1909         Reviewed by Darin Adler.
1910
1911         * WebCore.exp.in: Exported equalIgnoringFragmentIdentifier(const URL&, const URL&).
1912
1913 2014-07-24  Simon Fraser  <simon.fraser@apple.com>
1914
1915         [iOS WK1] CSS viewport units use the wrong viewport size in WebKit1
1916         https://bugs.webkit.org/show_bug.cgi?id=135254
1917         <rdar://problem/17781423>
1918
1919         Reviewed by Tim Horton.
1920
1921         Test: fast/css/viewport-units-dynamic.html
1922         
1923         In WebKit1 on iOS, we want to resolve viewport units against the visible
1924         viewport, not the legacy WK1 notion of the "viewport" which is the entire document.
1925         
1926         Fixes rendering of medium.com articles in WK1 views on iPad.
1927
1928         * page/FrameView.cpp:
1929         (WebCore::FrameView::viewportSizeForCSSViewportUnits):
1930
1931 2014-07-24  Myles C. Maxfield  <mmaxfield@apple.com>
1932
1933         Crash when measuring a glyphs from a fallback SVG font
1934         https://bugs.webkit.org/show_bug.cgi?id=135264
1935
1936         Reviewed by Simon Fraser.
1937
1938         We can't realize font data for all fallback fonts ahead
1939         of time, but we don't have all the necessary context to
1940         realize SVG fallback data when it's needed. For now, we
1941         can just bail; however, a larger, more invasive fix is
1942         in order.
1943
1944         Test: svg/text/svg-fallback-font-crash.html
1945
1946         * platform/graphics/WidthIterator.cpp:
1947         (WebCore::applyFontTransforms):
1948
1949 2014-07-24  Daniel Bates  <dabates@apple.com>
1950             And Alexey Proskuryakov  <ap@apple.com>
1951
1952         [iOS] REGRESSION (WebKit2): Can't login to Wordpress.com, facebook.com when always allowing cookies
1953         https://bugs.webkit.org/show_bug.cgi?id=135273
1954         <rdar://problem/17598815>
1955
1956         Reviewed by Alexey Proskuryakov.
1957
1958         Fixes an issue where cookies may be created in the wrong cookie store.
1959
1960         Currently, when we update the CFURLRequest object associated with a ResourceRequest object
1961         we explicitly set a cookie storage, cookie accept policy, and SSL properties based on the
1962         corresponding values in the old CFURLRequest object (if we have one). This ultimately leads
1963         to CFNetwork associating the cookies for the request with a different cookie store when we
1964         handle the request in the NetworkProcess. Instead, we shouldn't set these properties
1965         explicitly as we already copy them implicitly earlier (via CFURLRequestCreateMutableCopy()).
1966
1967         * platform/network/cf/ResourceRequestCFNet.cpp:
1968         (WebCore::ResourceRequest::doUpdatePlatformRequest):
1969
1970 2014-07-24  Peyton Randolph  <prandolph@apple.com>
1971
1972         Rename feature flag for long-press gesture on Mac.                                                                   
1973         https://bugs.webkit.org/show_bug.cgi?id=135259                                                                  
1974
1975         Reviewed by Beth Dakin.
1976
1977         * Configurations/FeatureDefines.xcconfig:
1978         Rename LINK_LONG_PRESS to MAC_LONG_PRESS.
1979
1980 2014-07-24  Dan Bernstein  <mitz@apple.com>
1981
1982         Fixed Windows build fix.
1983
1984         * platform/network/cf/AuthenticationCF.cpp:
1985
1986 2014-07-24  Dan Bernstein  <mitz@apple.com>
1987
1988         Attempted Windows build fix.
1989
1990         * platform/network/cf/AuthenticationCF.cpp:
1991         (WebCore::AuthenticationChallenge::AuthenticationChallenge):
1992         * platform/network/cf/CredentialStorageCFNet.cpp:
1993         (WebCore::CredentialStorage::getFromPersistentStorage):
1994         * platform/network/cf/ProtectionSpaceCFNet.cpp:
1995         (WebCore::ProtectionSpace::receivesCredentialSecurely):
1996         (WebCore::ProtectionSpaceBase::receivesCredentialSecurely): Deleted.
1997
1998 2014-07-24  Dan Bernstein  <mitz@apple.com>
1999
2000         <rdar://problem/17766348> [Cocoa] WebCore::ProtectionSpace doesn’t preserve all NSURLProtectionSpace properties, such as the distinguishedNames array
2001         https://bugs.webkit.org/show_bug.cgi?id=135229
2002
2003         Reviewed by Alexey Proskuryakov.
2004
2005         * CMakeLists.txt: Updated for rename of a source file.
2006
2007         * WebCore.exp.in: Updated.
2008
2009         * WebCore.vcxproj/WebCore.vcxproj: Updated for rename of source files, added
2010         ProtectionSpaceCFNet.{cpp,h}.
2011         * WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.
2012
2013         * WebCore.xcodeproj/project.pbxproj: Updated for rename of source files, added
2014         ProtectionSpaceCococa.{h.mm}.
2015
2016         * platform/network/ProtectionSpace.cpp: Renamed to ProtectionSpaceBase.cpp.
2017         * platform/network/ProtectionSpace.h: This file was renamed to ProtectionSpaceBase.h, and
2018         in its place added a generic ProtectionSpace class that just derives from
2019         ProtectionSpaceBase. For Cocoa and CFNetwork, ProtectionSpace{Cocoa,CFNet}.h is included
2020         instead of the generic class.
2021
2022         * platform/network/ProtectionSpaceBase.cpp: Renamed ProtectionSpace.cpp to this.
2023         (WebCore::ProtectionSpaceBase::ProtectionSpaceBase): Updated for rename.
2024         (WebCore::ProtectionSpaceBase::host): Ditto.
2025         (WebCore::ProtectionSpaceBase::port): Ditto.
2026         (WebCore::ProtectionSpaceBase::serverType): Ditto.
2027         (WebCore::ProtectionSpaceBase::isProxy): Ditto.
2028         (WebCore::ProtectionSpaceBase::realm): Ditto.
2029         (WebCore::ProtectionSpaceBase::authenticationScheme): Ditto.
2030         (WebCore::ProtectionSpaceBase::receivesCredentialSecurely): Removed CFNetwork-specific part,
2031         which is now implemented in ProtectionSpaceCFNet.cpp.
2032         (WebCore::ProtectionSpaceBase::compare): Replaced operator== with this, and made it call
2033         ProtectionSpace::platformCompare at the end if needed.
2034
2035         * platform/network/ProtectionSpaceBase.h: Renamed ProtectionSpace.h to this.
2036         (WebCore::ProtectionSpaceBase::encodingRequiresPlatformData): Added with a default
2037         implementation that returns false, for ProtectionSpace implementations to override.
2038         (WebCore::ProtectionSpaceBase::platformCompare): Added with a default implementation that
2039         returns true, for ProtectionSpace implementations to override.
2040         (WebCore::operator==): Changed to call compare.
2041
2042         * platform/network/cf/AuthenticationCF.cpp:
2043         (WebCore::AuthenticationChallenge::AuthenticationChallenge): Changed to use the
2044         ProtectionSpace constructor that takes a CFURLProtectionSpaceRef.
2045         (WebCore::createCF): Changed to use ProtectionSpace::cfSpace.
2046
2047         * platform/network/cf/AuthenticationCF.h: Guarded a couple of functiosn that aren’t used in
2048         Cocoa with #if PLATFORM(WIN).
2049
2050         * platform/network/cf/CredentialStorageCFNet.cpp:
2051         (WebCore::CredentialStorage::getFromPersistentStorage): Changed to use
2052         ProtectionSpace::cfSpace.
2053         (WebCore::CredentialStorage::saveToPersistentStorage): Ditto.
2054
2055         * platform/network/cf/ProtectionSpaceCFNet.cpp: Added.
2056         (WebCore::ProtectionSpaceBase::receivesCredentialSecurely): Override with the
2057         CFNetwork-specific test that was previously in ProtectionSpace.cpp.
2058
2059         * platform/network/cf/ProtectionSpaceCFNet.h: Copied from Source/WebCore/platform/network/ProtectionSpace.h.
2060         Declare ProtectionSpace and override receivesCredentialSecurely.
2061
2062         * platform/network/mac/AuthenticationMac.h: Deleted the ProtectionSpace core() and mac().
2063         * platform/network/mac/AuthenticationMac.mm:
2064         (WebCore::AuthenticationChallenge::AuthenticationChallenge): Changed to use the
2065         ProtectionSpace constructor that takes an NSURLProtectionSpace.
2066         (WebCore::mac): Changed to use ProtectionSpace::nsSpace.
2067
2068         * platform/network/mac/CredentialStorageMac.mm:
2069         (WebCore::CredentialStorage::getFromPersistentStorage): Ditto.
2070
2071         * platform/network/mac/ResourceHandleMac.mm:
2072         (WebCore::ResourceHandle::receivedCredential): Changed to use the ProtectionSpace
2073         constructor that takes an NSURLProtectionSpace.
2074
2075         * platform/network/mac/WebCoreResourceHandleAsDelegate.mm:
2076         (-[WebCoreResourceHandleAsDelegate connection:canAuthenticateAgainstProtectionSpace:]):
2077         Ditto.
2078
2079         * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:
2080         (-[WebCoreResourceHandleAsOperationQueueDelegate connection:canAuthenticateAgainstProtectionSpace:]):
2081         Ditto.
2082
2083 2014-07-24  Benjamin Poulain  <benjamin@webkit.org>
2084
2085         [WK2] Fixed/Sticky layers can get mispositioned when the layer tree commit change their position or size
2086         https://bugs.webkit.org/show_bug.cgi?id=135227
2087         <rdar://problem/17279500>
2088
2089         Reviewed by Simon Fraser.
2090
2091         Keep track of the creation/destruction of Fixed and Sticky nodes in the ScrollingTree.
2092
2093         * page/scrolling/ScrollingTree.cpp:
2094         (WebCore::ScrollingTree::ScrollingTree):
2095         * page/scrolling/ScrollingTree.h:
2096         (WebCore::ScrollingTree::hasFixedOrSticky):
2097         (WebCore::ScrollingTree::fixedOrStickyNodeAdded):
2098         (WebCore::ScrollingTree::fixedOrStickyNodeRemoved):
2099         * page/scrolling/mac/ScrollingTreeFixedNode.mm:
2100         (WebCore::ScrollingTreeFixedNode::ScrollingTreeFixedNode):
2101         (WebCore::ScrollingTreeFixedNode::~ScrollingTreeFixedNode):
2102         * page/scrolling/mac/ScrollingTreeStickyNode.mm:
2103         (WebCore::ScrollingTreeStickyNode::ScrollingTreeStickyNode):
2104         (WebCore::ScrollingTreeStickyNode::~ScrollingTreeStickyNode):
2105
2106 2014-07-24  Wenson Hsieh  <wenson_hsieh@apple.com>
2107
2108         Let WheelEvent wrap a PlatformWheelEvent
2109         https://bugs.webkit.org/show_bug.cgi?id=135244
2110
2111         When WheelEvent is initialized with a PlatformWheelEvent, store that PlatformWheelEvent for future use.
2112
2113         Reviewed by Beth Dakin.
2114
2115         No new tests because behavior should not have changed.
2116
2117         * dom/WheelEvent.cpp: Added method to access the PlatformWheelEvent.
2118         (WebCore::WheelEvent::WheelEvent):
2119         * dom/WheelEvent.h: Added field to store PlatformWheelEvent, if initialized via PlatformWheelEvent.
2120         (WebCore::WheelEvent::wheelEvent):
2121
2122 2014-07-24  Brian J. Burg  <burg@cs.washington.edu>
2123
2124         Web Replay: don't encode/decode primitive types that lack explicit sizes
2125         https://bugs.webkit.org/show_bug.cgi?id=133430
2126
2127         Reviewed by Anders Carlsson.
2128
2129         Remove uses of unsigned long in encode/decode methods because the type lacks an
2130         explicit size. Move frame index serialization away from using unsigned long.
2131
2132         * replay/ReplayController.cpp:
2133         (WebCore::logDispatchedDOMEvent): Fix the format string.
2134         * replay/SerializationMethods.cpp:
2135         (WebCore::frameIndexFromDocument):
2136         (WebCore::frameIndexFromFrame):
2137         (WebCore::documentFromFrameIndex):
2138         (WebCore::frameFromFrameIndex):
2139         (JSC::EncodingTraits<PluginData>::encodeValue):
2140         (JSC::EncodingTraits<PluginData>::decodeValue):
2141         * replay/SerializationMethods.h:
2142         * replay/WebInputs.json: Remove primitive types without explicit sizes.
2143
2144 2014-07-24  Pratik Solanki  <psolanki@apple.com>
2145
2146         Sharing SharedBuffer between WebCore and ImageIO is racy and crash prone
2147         https://bugs.webkit.org/show_bug.cgi?id=135069
2148         <rdar://problem/17470655>
2149
2150         Reviewed by Simon Fraser.
2151
2152         When passing image data to ImageIO for decoding, we pass an NSData subclass that is a wraper
2153         around SharedBuffer. This can be a problem when ImageIO tries to access the data on the CA
2154         thread. End result is data corruption on large image loads and potential crashes. The fix is
2155         to have SharedBuffer create a copy of its data if the data has been passed to ImageIO and
2156         might be accessed concurrently.
2157
2158         Since Vector is not refcounted, we do this by having a new refcounted object in SharedBuffer
2159         that contains the buffer and we pass that in our NSData subclass WebCoreSharedBufferData.
2160         Code that would result in the Vector memory moving e.g. append(), resize(), now checks to
2161         see if the buffer was shared and if so, will create a new copy of the vector. This ensures
2162         that the main thread does not end up invalidating the vector memory that we have passed it
2163         to ImageIO.
2164
2165         No new tests because no functional changes.
2166
2167         * loader/cache/CachedResource.cpp:
2168         (WebCore::CachedResource::makePurgeable):
2169             Remove early return - createPurgeableMemory() has the correct check now.
2170         * platform/SharedBuffer.cpp:
2171         (WebCore::SharedBuffer::SharedBuffer):
2172         (WebCore::SharedBuffer::adoptVector):
2173         (WebCore::SharedBuffer::createPurgeableBuffer):
2174             Don't create purgeable buffer if we are sharing the buffer.
2175         (WebCore::SharedBuffer::append):
2176         (WebCore::SharedBuffer::clear):
2177         (WebCore::SharedBuffer::copy):
2178         (WebCore::SharedBuffer::duplicateDataBufferIfNecessary): Added.
2179             Create a new copy of the data if we have shared the buffer and if appending to it would
2180             exceed the capacity of the vector resulting in memmove.
2181         (WebCore::SharedBuffer::appendToInternalBuffer): Added.
2182         (WebCore::SharedBuffer::clearInternalBuffer): Added.
2183         (WebCore::SharedBuffer::buffer):
2184             Create a new copy of the buffer if we have shared it.
2185         (WebCore::SharedBuffer::getSomeData):
2186         * platform/SharedBuffer.h:
2187         * platform/cf/SharedBufferCF.cpp:
2188         (WebCore::SharedBuffer::SharedBuffer):
2189         (WebCore::SharedBuffer::singleDataArrayBuffer):
2190         (WebCore::SharedBuffer::maybeAppendDataArray):
2191         * platform/mac/SharedBufferMac.mm:
2192             Pass the InternalBuffer object to WebCoreSharedBufferData
2193         (-[WebCoreSharedBufferData dealloc]):
2194         (-[WebCoreSharedBufferData initWithSharedBufferInternalBuffer:]):
2195         (-[WebCoreSharedBufferData length]):
2196         (-[WebCoreSharedBufferData bytes]):
2197         (WebCore::SharedBuffer::createNSData):
2198             Call createCFData() instead of duplicating code.
2199         (WebCore::SharedBuffer::createCFData):
2200             If the data is in purgeable memory, make a copy of it since m_buffer was cleared when
2201             creating the purgeable buffer.
2202         (-[WebCoreSharedBufferData initWithSharedBuffer:]): Deleted.
2203
2204 2014-07-24  peavo@outlook.com  <peavo@outlook.com>
2205
2206         [Curl] Enable file logging.
2207         https://bugs.webkit.org/show_bug.cgi?id=135202
2208
2209         Reviewed by Alex Christensen.
2210
2211         The Curl api offers the possibility to write log messages to file. Enable this for debugging purposes.
2212
2213         * platform/network/curl/ResourceHandleManager.cpp:
2214         (WebCore::ResourceHandleManager::ResourceHandleManager):
2215         (WebCore::ResourceHandleManager::~ResourceHandleManager):
2216         (WebCore::ResourceHandleManager::initializeHandle):
2217         * platform/network/curl/ResourceHandleManager.h:
2218
2219 2014-07-24  Tibor Meszaros  <tmeszaros.u-szeged@partner.samsung.com>
2220
2221         Sort WebCore.exp.in after r171252
2222         https://bugs.webkit.org/show_bug.cgi?id=135239
2223
2224         Reviewed by Csaba Osztrogonác.
2225
2226         * WebCore.exp.in:
2227
2228 2014-07-24  Mihnea Ovidenie  <mihnea@adobe.com>
2229
2230         [New Multicolumn] Assertion failure when an input element has multicolumn style
2231         https://bugs.webkit.org/show_bug.cgi?id=135234
2232
2233         Reviewed by Andrei Bucur.
2234
2235         Restrict the assertion in RenderBlock::canComputeRegionRangeForBox
2236         only to RenderNamedFlowThread objects since for RenderMultiColumnFlowThread
2237         objects we can compute a range of regions during their parent block layout.   
2238
2239         Test: fast/multicol/newmulticol/input-as-multicol.html
2240
2241         * rendering/RenderBlock.cpp:
2242         (WebCore::canComputeRegionRangeForBox):
2243
2244 2014-07-23  Jeremy Jones  <jeremyj@apple.com>
2245
2246         Transparent fullscreen background when video is not present.
2247         https://bugs.webkit.org/show_bug.cgi?id=135226
2248
2249         Reviewed by Simon Fraser.
2250
2251         Set background to black just before beginning the animation to fullscreen.
2252
2253         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
2254         (WebVideoFullscreenInterfaceAVKit::enterFullscreen): set background color black.
2255
2256 2014-07-23  Joseph Pecoraro  <pecoraro@apple.com>
2257
2258         ScriptController::updateDocument ASSERT mutating map while iterating map
2259         https://bugs.webkit.org/show_bug.cgi?id=135211
2260
2261         Reviewed by Oliver Hunt.
2262
2263         Avoid iterating over m_windowShells in more places. This prevents
2264         the possibility of a collection during JSC allocation which might
2265         cause a mutation to m_windowShells (HTMLMediaElement destruction).
2266
2267         Have ScriptController defriend ScriptCachedFrameData by providing
2268         a getter for the list of window shells.
2269
2270         * bindings/js/ScriptCachedFrameData.cpp:
2271         (WebCore::ScriptCachedFrameData::ScriptCachedFrameData):
2272         (WebCore::ScriptCachedFrameData::restore):
2273         * bindings/js/ScriptController.cpp:
2274         (WebCore::ScriptController::windowShells):
2275         (WebCore::ScriptController::clearWindowShell):
2276         (WebCore::ScriptController::attachDebugger):
2277         (WebCore::ScriptController::updateDocument):
2278         * bindings/js/ScriptController.h:
2279
2280 2014-07-23  Commit Queue  <commit-queue@webkit.org>
2281
2282         Unreviewed, rolling out r171498.
2283         https://bugs.webkit.org/show_bug.cgi?id=135223
2284
2285         It will regress some scroll position restoration on navigation
2286         (r167916). (Requested by smfr on #webkit).
2287
2288         Reverted changeset:
2289
2290         "[iOS WK2] Header bar on nytimes articles lands in the wrong
2291         place after rubberbanding"
2292         https://bugs.webkit.org/show_bug.cgi?id=135221
2293         http://trac.webkit.org/changeset/171498
2294
2295 2014-07-23  Tim Horton  <timothy_horton@apple.com>
2296
2297         REGRESSION (r171376): Sometimes we detect less than the whole phone number
2298         https://bugs.webkit.org/show_bug.cgi?id=135220
2299         <rdar://problem/17783423>
2300
2301         Reviewed by Brady Eidson.
2302
2303         * editing/Editor.cpp:
2304         (WebCore::Editor::scanSelectionForTelephoneNumbers):
2305         Use the visible selection's start and end instead of base and extent, because they'll
2306         always be in the right order in the case of a directional selection (base can be *after* extent
2307         if you select from right to left). This fixes the code that expands the selection.
2308
2309         Pass the *entire* expanded selection to DataDetectors, instead of using TextIterator.
2310         This way, we will find each number only once, and will never get part of a phone number once
2311         and then the whole phone number later.
2312
2313 2014-07-23  Simon Fraser  <simon.fraser@apple.com>
2314
2315         [iOS WK2] Header bar on nytimes articles lands in the wrong place after rubberbanding
2316         https://bugs.webkit.org/show_bug.cgi?id=135221
2317
2318         Reviewed by Tim Horton.
2319
2320         Add a function on GraphicsLayer to force a flush of the layer position
2321         to the underlying graphics system, so that when layers cease being
2322         scroll-coordinated, we can ensure that their layers are repositioned
2323         in the correct location.
2324
2325         * WebCore.exp.in:
2326         * platform/graphics/GraphicsLayer.h:
2327         (WebCore::GraphicsLayer::forcePositionUpdate):
2328         * platform/graphics/ca/GraphicsLayerCA.cpp:
2329         (WebCore::GraphicsLayerCA::forcePositionUpdate):
2330         * platform/graphics/ca/GraphicsLayerCA.h:
2331         * rendering/RenderLayerCompositor.cpp:
2332         (WebCore::RenderLayerCompositor::detachScrollCoordinatedLayer):
2333
2334 2014-07-23  Pratik Solanki  <psolanki@apple.com>
2335
2336         Get rid of SharedBuffer::NSDataRetainPtrWithoutImplicitConversionOperator
2337         https://bugs.webkit.org/show_bug.cgi?id=135219
2338
2339         Reviewed by Anders Carlsson.
2340
2341         No new tests because no functional changes.
2342
2343         * loader/ResourceBuffer.h:
2344         * loader/mac/ResourceBuffer.mm:
2345         (WebCore::ResourceBuffer::createNSData):
2346         * platform/SharedBuffer.h:
2347         (WebCore::SharedBuffer::NSDataRetainPtrWithoutImplicitConversionOperator::NSDataRetainPtrWithoutImplicitConversionOperator): Deleted.
2348         * platform/mac/SharedBufferMac.mm:
2349         (WebCore::SharedBuffer::createNSData):
2350
2351 2014-07-23  Zalan Bujtas  <zalan@apple.com>
2352
2353         Subpixel rendering: Cleanup RenderLayerCompositor::deviceScaleFactor()
2354         https://bugs.webkit.org/show_bug.cgi?id=135208
2355
2356         Reviewed by Simon Fraser.
2357
2358         Use m_renderView.document() to retrieve device scale factor value. m_renderView.document()
2359         is always available while this->page() is not.
2360
2361         No change in behavior.
2362
2363         * rendering/RenderLayerBacking.cpp:
2364         (WebCore::RenderLayerBacking::updateTransform):
2365         (WebCore::RenderLayerBacking::computeTransformOriginForPainting):
2366         * rendering/RenderLayerCompositor.cpp:
2367         (WebCore::RenderLayerCompositor::deviceScaleFactor):
2368
2369 2014-07-23  peavo@outlook.com  <peavo@outlook.com>
2370
2371         [WinCairo] Gstreamer rendering is not working.
2372         https://bugs.webkit.org/show_bug.cgi?id=135201
2373
2374         Reviewed by Alex Christensen.
2375
2376         WinCairo does not support accelerated rendering yet.
2377
2378         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
2379         (WebCore::MediaPlayerPrivateGStreamerBase::supportsAcceleratedRendering):
2380
2381 2014-07-23  Commit Queue  <commit-queue@webkit.org>
2382
2383         Unreviewed, rolling out r171455.
2384         https://bugs.webkit.org/show_bug.cgi?id=135209
2385
2386         completely broke selection highlight invalidation (Requested
2387         by thorton on #webkit).
2388
2389         Reverted changeset:
2390
2391         "REGRESSION (r169105): Crash in selection"
2392         https://bugs.webkit.org/show_bug.cgi?id=134303
2393         http://trac.webkit.org/changeset/171455
2394
2395 2014-07-23  Alex Christensen  <achristensen@webkit.org>
2396
2397         Compile window-inactive and fullscreen pseudoclasses in css selectors.
2398         https://bugs.webkit.org/show_bug.cgi?id=135200
2399
2400         Reviewed by Benjamin Poulain.
2401
2402         * css/SelectorChecker.cpp:
2403         (WebCore::SelectorChecker::checkOne):
2404         Removed the check of context.hasSelectionPseudo for a window-inactive pseudoclass.
2405         Moved logic to SelectorCheckerTestFunctions.h to share with the selector compiler.
2406         * css/SelectorCheckerTestFunctions.h:
2407         (WebCore::isWindowInactive):
2408         (WebCore::matchesFullScreenAnimatingFullScreenTransitionPseudoClass):
2409         (WebCore::matchesFullScreenAncestorPseudoClass):
2410         (WebCore::matchesFullScreenDocumentPseudoClass):
2411         Added from SelectorChecker.cpp.
2412         * cssjit/SelectorCompiler.cpp:
2413         (WebCore::SelectorCompiler::addPseudoClassType):
2414         Added unoptimized pseudoclass cases for window-inactive and fullscreen pseudoclasses.
2415         Explicitly listed uncompiled pseudoclasses for future work instead of using a default.
2416
2417 2014-07-23  Brent Fulgham  <bfulgham@apple.com>
2418
2419         [Win] Use NO_RETURN_DUE_TO_CRASH on Windows.
2420         https://bugs.webkit.org/show_bug.cgi?id=13519
2421
2422         Reviewed by Mark Lam.
2423
2424         * svg/SVGZoomAndPan.h: Add NO_RETURN_DUE_TO_CRASH to
2425         header so function declarations match implementation.
2426
2427 2014-07-23  Joseph Pecoraro  <pecoraro@apple.com>
2428
2429         JSDOMWindowShell leaks on pages with media elements
2430         https://bugs.webkit.org/show_bug.cgi?id=135178
2431
2432         Reviewed by Oliver Hunt.
2433
2434         The DOMWindowWorld for HTMLMediaElements with MEDIA_CONTROLS_SCRIPT
2435         was not getting cleared and removed.
2436
2437         * bindings/js/ScriptController.cpp:
2438         (WebCore::ScriptController::clearWindowShell):
2439         Iterate over a copy of the values. A sweep / garbage collection caused by
2440         any JSC allocation during iteration could trigger a mutation of the m_windowShells
2441         table that was being iterating. So instead iterate a list that won't mutate.
2442
2443         * html/HTMLMediaElement.cpp:
2444         (WebCore::HTMLMediaElement::~HTMLMediaElement):
2445         If we had an isolated world, release as much memory as possible.
2446
2447 2014-07-23  Bem Jones-Bey  <bjonesbe@adobe.com>
2448
2449         Ensure we compute the min and max height of replaced elements to 'none' or 0 when appropriate.
2450         https://bugs.webkit.org/show_bug.cgi?id=135181
2451
2452         Reviewed by David Hyatt.
2453
2454         If a replaced element has a percentage min or max height specified then that height value should
2455         compute to 'none' for max-height and 0 for min-height when its containing block
2456         does not have a height 'specified explicitly'.
2457
2458         This is based on a Blink patch by Robert Hogan.
2459
2460         Tests: css2.1/20110323/max-height-percentage-003.html
2461                fast/replaced/max-height-percentage-quirks.html
2462                fast/replaced/min-height-percentage-quirks.html
2463                fast/replaced/min-height-percentage.html
2464
2465         * rendering/RenderBox.cpp:
2466         (WebCore::RenderBox::logicalHeightComputesAsNone):
2467         (WebCore::RenderBox::computeReplacedLogicalHeightRespectingMinMaxHeight):
2468         * rendering/RenderBox.h:
2469
2470 2014-07-23  Bem Jones-Bey  <bjonesbe@adobe.com>
2471
2472         Remove CSS_EXCLUSIONS compile flag and leftover code
2473         https://bugs.webkit.org/show_bug.cgi?id=135175
2474
2475         Reviewed by Zoltan Horvath.
2476
2477         At this point, the CSS_EXCLUSIONS flag guards nothing but some useless
2478         stubs. This removes the flag and the useless code.
2479
2480         No new tests, just removing code.
2481
2482         * Configurations/FeatureDefines.xcconfig:
2483         * bindings/generic/RuntimeEnabledFeatures.cpp:
2484         (WebCore::RuntimeEnabledFeatures::RuntimeEnabledFeatures):
2485         * bindings/generic/RuntimeEnabledFeatures.h:
2486         (WebCore::RuntimeEnabledFeatures::setCSSExclusionsEnabled): Deleted.
2487         (WebCore::RuntimeEnabledFeatures::cssExclusionsEnabled): Deleted.
2488         * testing/InternalSettings.cpp:
2489         (WebCore::InternalSettings::Backup::Backup):
2490         (WebCore::InternalSettings::Backup::restoreTo):
2491         (WebCore::InternalSettings::setCSSExclusionsEnabled): Deleted.
2492         * testing/InternalSettings.h:
2493         * testing/InternalSettings.idl:
2494
2495 2014-07-23  Jer Noble  <jer.noble@apple.com>
2496
2497         [MSE][Mac] Support abort() in SourceBufferPrivateAVFObjC.
2498         https://bugs.webkit.org/show_bug.cgi?id=135163
2499
2500         Reviewed by Brent Fulgham.
2501
2502         Recreate the parser when asked to abort().
2503
2504         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
2505         (WebCore::SourceBufferPrivateAVFObjC::abort):
2506
2507 2014-07-23  Myles C. Maxfield  <mmaxfield@apple.com>
2508
2509         Migrate accessibility/ to using nullptr instead of 0
2510         https://bugs.webkit.org/show_bug.cgi?id=135185
2511
2512         Reviewed by Simon Fraser.
2513
2514         No new tests because there is no behavior change.
2515
2516         * accessibility/AXObjectCache.cpp:
2517         (WebCore::AXObjectCache::focusedImageMapUIElement):
2518         (WebCore::AXObjectCache::focusedUIElementForPage):
2519         (WebCore::AXObjectCache::get):
2520         (WebCore::AXObjectCache::getOrCreate):
2521         (WebCore::AXObjectCache::rootObject):
2522         (WebCore::AXObjectCache::rootObjectForFrame):
2523         * accessibility/AXObjectCache.h:
2524         (WebCore::AXObjectCache::focusedUIElementForPage):
2525         (WebCore::AXObjectCache::get):
2526         (WebCore::AXObjectCache::getOrCreate):
2527         (WebCore::AXObjectCache::rootObject):
2528         (WebCore::AXObjectCache::rootObjectForFrame):
2529         (WebCore::AXObjectCache::rootAXEditableElement):
2530         * accessibility/AccessibilityARIAGridRow.cpp:
2531         (WebCore::AccessibilityARIAGridRow::disclosedByRow):
2532         * accessibility/AccessibilityImageMapLink.cpp:
2533         (WebCore::AccessibilityImageMapLink::AccessibilityImageMapLink):
2534         (WebCore::AccessibilityImageMapLink::parentObject):
2535         * accessibility/AccessibilityListBox.cpp:
2536         (WebCore::AccessibilityListBox::listBoxOptionAccessibilityObject):
2537         (WebCore::AccessibilityListBox::elementAccessibilityHitTest):
2538         * accessibility/AccessibilityListBoxOption.cpp:
2539         (WebCore::AccessibilityListBoxOption::AccessibilityListBoxOption):
2540         (WebCore::AccessibilityListBoxOption::parentObject):
2541         (WebCore::AccessibilityListBoxOption::listBoxOptionParentNode):
2542         * accessibility/AccessibilityMenuListPopup.cpp:
2543         (WebCore::AccessibilityMenuListPopup::menuListOptionAccessibilityObject):
2544         * accessibility/AccessibilityMockObject.cpp:
2545         (WebCore::AccessibilityMockObject::AccessibilityMockObject):
2546         * accessibility/AccessibilityMockObject.h:
2547         * accessibility/AccessibilityNodeObject.cpp:
2548         (WebCore::AccessibilityNodeObject::detach):
2549         (WebCore::AccessibilityNodeObject::firstChild):
2550         (WebCore::AccessibilityNodeObject::lastChild):
2551         (WebCore::AccessibilityNodeObject::previousSibling):
2552         (WebCore::AccessibilityNodeObject::nextSibling):
2553         (WebCore::AccessibilityNodeObject::parentObject):
2554         (WebCore::AccessibilityNodeObject::document):
2555         (WebCore::AccessibilityNodeObject::anchorElement):
2556         (WebCore::nativeActionElement):
2557         (WebCore::AccessibilityNodeObject::actionElement):
2558         (WebCore::AccessibilityNodeObject::mouseButtonListener):
2559         (WebCore::AccessibilityNodeObject::labelForElement):
2560         (WebCore::AccessibilityNodeObject::menuItemElementForMenu):
2561         (WebCore::AccessibilityNodeObject::menuButtonForMenu):
2562         * accessibility/AccessibilityObject.cpp:
2563         (WebCore::AccessibilityObject::AccessibilityObject):
2564         (WebCore::AccessibilityObject::detach):
2565         (WebCore::AccessibilityObject::firstAccessibleObjectFromNode):
2566         (WebCore::AccessibilityObject::findMatchingObjects):
2567         (WebCore::renderListItemContainerForNode):
2568         (WebCore::AccessibilityObject::accessibilityObjectForPosition):
2569         (WebCore::AccessibilityObject::document):
2570         (WebCore::AccessibilityObject::page):
2571         (WebCore::AccessibilityObject::documentFrameView):
2572         (WebCore::AccessibilityObject::anchorElementForNode):
2573         (WebCore::AccessibilityObject::headingElementForNode):
2574         (WebCore::AccessibilityObject::firstAnonymousBlockChild):
2575         (WebCore::AccessibilityObject::element):
2576         (WebCore::AccessibilityObject::focusedUIElement):
2577         (WebCore::AccessibilityObject::scrollToMakeVisibleWithSubFocus):
2578         * accessibility/AccessibilityObject.h:
2579         (WebCore::AccessibilityObject::node):
2580         (WebCore::AccessibilityObject::renderer):
2581         (WebCore::AccessibilityObject::selectedRadioButton):
2582         (WebCore::AccessibilityObject::selectedTabItem):
2583         (WebCore::AccessibilityObject::accessibilityHitTest):
2584         (WebCore::AccessibilityObject::firstChild):
2585         (WebCore::AccessibilityObject::lastChild):
2586         (WebCore::AccessibilityObject::previousSibling):
2587         (WebCore::AccessibilityObject::nextSibling):
2588         (WebCore::AccessibilityObject::parentObjectIfExists):
2589         (WebCore::AccessibilityObject::observableObject):
2590         (WebCore::AccessibilityObject::titleUIElement):
2591         (WebCore::AccessibilityObject::correspondingLabelForControlElement):
2592         (WebCore::AccessibilityObject::correspondingControlForLabelElement):
2593         (WebCore::AccessibilityObject::scrollBar):
2594         (WebCore::AccessibilityObject::anchorElement):
2595         (WebCore::AccessibilityObject::actionElement):
2596         (WebCore::AccessibilityObject::widget):
2597         (WebCore::AccessibilityObject::widgetForAttachmentView):
2598         (WebCore::AccessibilityObject::activeDescendant):
2599         (WebCore::AccessibilityObject::mathRadicandObject):
2600         (WebCore::AccessibilityObject::mathRootIndexObject):
2601         (WebCore::AccessibilityObject::mathUnderObject):
2602         (WebCore::AccessibilityObject::mathOverObject):
2603         (WebCore::AccessibilityObject::mathNumeratorObject):
2604         (WebCore::AccessibilityObject::mathDenominatorObject):
2605         (WebCore::AccessibilityObject::mathBaseObject):
2606         (WebCore::AccessibilityObject::mathSubscriptObject):
2607         (WebCore::AccessibilityObject::mathSuperscriptObject):
2608         (WebCore::AccessibilityObject::getScrollableAreaIfScrollable):
2609         * accessibility/AccessibilityProgressIndicator.cpp:
2610         (WebCore::AccessibilityProgressIndicator::progressElement):
2611         (WebCore::AccessibilityProgressIndicator::meterElement):
2612         * accessibility/AccessibilityRenderObject.cpp:
2613         (WebCore::AccessibilityRenderObject::detach):
2614         (WebCore::AccessibilityRenderObject::renderBoxModelObject):
2615         (WebCore::AccessibilityRenderObject::firstChild):
2616         (WebCore::AccessibilityRenderObject::lastChild):
2617         (WebCore::startOfContinuations):
2618         (WebCore::childBeforeConsideringContinuations):
2619         (WebCore::AccessibilityRenderObject::previousSibling):
2620         (WebCore::AccessibilityRenderObject::nextSibling):
2621         (WebCore::nextContinuation):
2622         (WebCore::AccessibilityRenderObject::renderParentObject):
2623         (WebCore::AccessibilityRenderObject::parentObject):
2624         (WebCore::AccessibilityRenderObject::anchorElement):
2625         (WebCore::AccessibilityRenderObject::textUnderElement):
2626         (WebCore::AccessibilityRenderObject::node):
2627         (WebCore::AccessibilityRenderObject::labelElementContainer):
2628         (WebCore::AccessibilityRenderObject::internalLinkElement):
2629         (WebCore::AccessibilityRenderObject::titleUIElement):
2630         (WebCore::AccessibilityRenderObject::setFocused):
2631         (WebCore::AccessibilityRenderObject::topRenderer):
2632         (WebCore::AccessibilityRenderObject::document):
2633         (WebCore::AccessibilityRenderObject::widget):
2634         (WebCore::AccessibilityRenderObject::accessibilityParentForImageMap):
2635         (WebCore::AccessibilityRenderObject::documentFrameView):
2636         (WebCore::AccessibilityRenderObject::widgetForAttachmentView):
2637         (WebCore::AccessibilityRenderObject::rootEditableElementForPosition):
2638         (WebCore::AccessibilityRenderObject::visiblePositionForPoint):
2639         (WebCore::AccessibilityRenderObject::accessibilityImageMapHitTest):
2640         (WebCore::AccessibilityRenderObject::remoteSVGElementHitTest):
2641         (WebCore::AccessibilityRenderObject::accessibilityHitTest):
2642         (WebCore::AccessibilityRenderObject::correspondingControlForLabelElement):
2643         (WebCore::AccessibilityRenderObject::correspondingLabelForControlElement):
2644         (WebCore::AccessibilityRenderObject::observableObject):
2645         (WebCore::AccessibilityRenderObject::inheritsPresentationalRole):
2646         (WebCore::AccessibilityRenderObject::detachRemoteSVGRoot):
2647         (WebCore::AccessibilityRenderObject::addHiddenChildren):
2648         (WebCore::AccessibilityRenderObject::setAccessibleName):
2649         (WebCore::AccessibilityRenderObject::getScrollableAreaIfScrollable):
2650         (WebCore::AccessibilityRenderObject::mathRadicandObject):
2651         (WebCore::AccessibilityRenderObject::mathRootIndexObject):
2652         (WebCore::AccessibilityRenderObject::mathNumeratorObject):
2653         (WebCore::AccessibilityRenderObject::mathDenominatorObject):
2654         (WebCore::AccessibilityRenderObject::mathUnderObject):
2655         (WebCore::AccessibilityRenderObject::mathOverObject):
2656         (WebCore::AccessibilityRenderObject::mathBaseObject):
2657         (WebCore::AccessibilityRenderObject::mathSubscriptObject):
2658         (WebCore::AccessibilityRenderObject::mathSuperscriptObject):
2659         * accessibility/AccessibilitySVGRoot.cpp:
2660         (WebCore::AccessibilitySVGRoot::AccessibilitySVGRoot):
2661         * accessibility/AccessibilityScrollView.cpp:
2662         (WebCore::AccessibilityScrollView::detach):
2663         (WebCore::AccessibilityScrollView::scrollBar):
2664         (WebCore::AccessibilityScrollView::updateScrollbars):
2665         (WebCore::AccessibilityScrollView::addChildScrollbar):
2666         (WebCore::AccessibilityScrollView::clearChildren):
2667         (WebCore::AccessibilityScrollView::webAreaObject):
2668         (WebCore::AccessibilityScrollView::accessibilityHitTest):
2669         (WebCore::AccessibilityScrollView::documentFrameView):
2670         (WebCore::AccessibilityScrollView::parentObject):
2671         (WebCore::AccessibilityScrollView::parentObjectIfExists):
2672         * accessibility/AccessibilityScrollbar.cpp:
2673         (WebCore::AccessibilityScrollbar::document):
2674         * accessibility/AccessibilitySpinButton.cpp:
2675         (WebCore::AccessibilitySpinButton::AccessibilitySpinButton):
2676         * accessibility/AccessibilityTable.cpp:
2677         (WebCore::AccessibilityTable::AccessibilityTable):
2678         (WebCore::AccessibilityTable::clearChildren):
2679         (WebCore::AccessibilityTable::cellForColumnAndRow):
2680         * accessibility/AccessibilityTableCell.cpp:
2681         (WebCore::AccessibilityTableCell::parentTable):
2682         (WebCore::AccessibilityTableCell::titleUIElement):
2683         * accessibility/AccessibilityTableColumn.cpp:
2684         (WebCore::AccessibilityTableColumn::headerObject):
2685         (WebCore::AccessibilityTableColumn::headerObjectForSection):
2686         * accessibility/AccessibilityTableRow.cpp:
2687         (WebCore::AccessibilityTableRow::parentTable):
2688         (WebCore::AccessibilityTableRow::headerObject):
2689         * accessibility/ios/AXObjectCacheIOS.mm:
2690         (WebCore::AXObjectCache::detachWrapper):
2691         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
2692         (-[WebAccessibilityObjectWrapper detach]):
2693         (-[WebAccessibilityObjectWrapper tableCellParent]):
2694         (-[WebAccessibilityObjectWrapper tableParent]):
2695         (-[WebAccessibilityObjectWrapper convertPointToScreenSpace:]):
2696         (-[WebAccessibilityObjectWrapper convertRectToScreenSpace:]):
2697         (rendererForView):
2698         (-[WebAccessibilityObjectWrapper _convertToDOMRange:]):
2699         * accessibility/mac/AXObjectCacheMac.mm:
2700         (WebCore::AXObjectCache::detachWrapper):
2701         * accessibility/mac/AccessibilityObjectMac.mm:
2702         (WebCore::AccessibilityObject::detachFromParent):
2703         (WebCore::AccessibilityObject::accessibilityIgnoreAttachment):
2704         * accessibility/mac/WebAccessibilityObjectWrapperBase.mm:
2705         (-[WebAccessibilityObjectWrapperBase detach]):
2706         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
2707         (CreateCGColorIfDifferent):
2708         (-[WebAccessibilityObjectWrapper convertPointToScreenSpace:]):
2709         (rendererForView):
2710         (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:forParameter:]):
2711         * accessibility/win/AccessibilityObjectWrapperWin.h:
2712         (WebCore::AccessibilityObjectWrapper::AccessibilityObjectWrapper):
2713
2714 2014-07-23  Mihnea Ovidenie  <mihnea@adobe.com>
2715
2716         ASSERTION FAILED: generatingElement() in WebCore::RenderNamedFlowFragment::regionOversetState
2717         https://bugs.webkit.org/show_bug.cgi?id=135153
2718
2719         Reviewed by David Hyatt.
2720
2721         Even though the CSSRegions spec defines the behaviour of a multicolumn region,
2722         we currently do not support this functionality. This patch ensures that a multicolumn
2723         element does not become a region. In the future, when we will implement the multicolumn
2724         as region functionality, http://dev.w3.org/csswg/css-regions/#multi-column-regions, we
2725         will remove this restriction.
2726
2727         Test: fast/regions/multicol-as-region-prevented.html
2728
2729         * rendering/RenderBlockFlow.cpp:
2730         (WebCore::RenderBlockFlow::createRenderNamedFlowFragmentIfNeeded):
2731
2732 2014-07-23  Zan Dobersek  <zdobersek@igalia.com>
2733
2734         [CMake] Avoid building WebCore with ANGLE's OpenGL/EGL headers
2735         https://bugs.webkit.org/show_bug.cgi?id=135167
2736
2737         Reviewed by Martin Robinson.
2738
2739         * CMakeLists.txt: Don't add ANGLE/include to the WebCore_INCLUDE_DIRECTORIES list
2740         as this results in ANGLE's OpenGL and EGL headers being included, instead of the
2741         headers that are provided by the system. Only the ANGLESupport library should be built
2742         with that specific header inclusion path.
2743
2744 2014-07-10  Radu Stavila  <stavila@adobe.com>
2745
2746         REGRESSION (r169105): Crash in selection
2747         https://bugs.webkit.org/show_bug.cgi?id=134303
2748
2749         Reviewed by David Hyatt.
2750
2751         When splitting the selection between different subtrees, all subtrees must have their selection cleared before
2752         starting to apply the new selection. Otherwise, when selecting objects in a named flow thread and going up
2753         its containing block chain, we can end up in the view's selection root, which has not yet been updated and so
2754         we get inconsistent data.
2755
2756         To achieve this goal, the selection update was split into a "clear" and an "apply" method. The updateSelectionForSubtrees
2757         method first iterates through all subtrees and performs the "clear" method and then starts all over again
2758         and performs the "apply" method.
2759
2760         Also, the selectionStart/End members in RenderView have been renamed to fix problems caused by the fact that
2761         RenderView inherits SelectionSubtreeRoot, which also has the same selectionStart/End members.
2762
2763         Test: fast/regions/selection/crash-deselect.html
2764
2765         * WebCore.xcodeproj/project.pbxproj:
2766         * rendering/RenderBlock.cpp:
2767         (WebCore::RenderBlock::isSelectionRoot):
2768         * rendering/RenderSelectionInfo.h:
2769         * rendering/RenderView.cpp:
2770         (WebCore::RenderView::RenderView):
2771         (WebCore::RenderView::setSelection): Renamed m_selectionStart/End to m_unsplitSelectionStart/End
2772         (WebCore::RenderView::splitSelectionBetweenSubtrees):
2773         (WebCore::RenderView::updateSelectionForSubtrees): Added, clears and re-applies selection for all selection subtrees.
2774         (WebCore::RenderView::clearSubtreeSelection): Added, clears selection and returns previously selected information.
2775         (WebCore::RenderView::applySubtreeSelection): Added, updates the selection status of all objects inside the selection tree, compares old and new data and repaints accordingly.
2776         (WebCore::RenderView::getSelection): Renamed m_selectionStart/End to m_unsplitSelectionStart/End
2777         (WebCore::RenderView::setSubtreeSelection): Deleted.
2778         * rendering/RenderView.h:
2779         * rendering/SelectionSubtreeRoot.cpp:
2780         (WebCore::SelectionSubtreeRoot::SelectionSubtreeRoot):
2781         * rendering/SelectionSubtreeRoot.h:
2782         (WebCore::SelectionSubtreeRoot::OldSelectionData::OldSelectionData):
2783
2784 2014-07-22  Brent Fulgham  <bfulgham@apple.com>
2785
2786         [Win] Build fix for bot.
2787
2788         * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
2789         (WebCore::createLegibleOutputSubtypes): Declare 'wvtt' locally, rather
2790         than relying on potentially unavailable declaration.
2791
2792 2014-07-22  Brent Fulgham  <bfulgham@apple.com>
2793
2794         [Win] Build fix for Windows bots
2795
2796         * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp: Provide missing
2797         structure definition when needed by bot.
2798
2799 2014-07-22  Brent Fulgham  <bfulgham@apple.com>
2800
2801         [Win] Build fix for EWS bots.
2802
2803         * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp: Forward declare
2804         structure definition.
2805
2806 2014-07-22  Brent Fulgham  <bfulgham@apple.com>
2807
2808         [Win] Fix Crash when handling Legible Output callbacks
2809         https://bugs.webkit.org/show_bug.cgi?id=134946
2810
2811         Reviewed by Dean Jackson.
2812
2813         Relanding after adding fixes to support build bots.
2814
2815         * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp:
2816         (WebCore::InbandTextTrackPrivateAVF::processNativeSamples): Remove
2817         Windows-specific 'ASSERT_NOT_REACHED' code path.
2818         * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
2819         (WebCore::createLegibleOutputSubtypes): Added.
2820         (WebCore::AVFWrapper::createPlayerItem): Updated to request native
2821         samples from AVFoundationCF.
2822
2823 2014-07-16  Myles C. Maxfield  <mmaxfield@apple.com>
2824
2825         Copying and pasting trivial H2 content causes a crash in firstPositionInNode
2826         https://bugs.webkit.org/show_bug.cgi?id=134897
2827
2828         Reviewed by Ryosuke Niwa.
2829
2830         ReplaceSelectionCommand::makeInsertedContentRoundTrippableWithHTMLTreeBuilder() attempts
2831         to move pasted headings out of existed headings, with out regard to if the existing
2832         heading is the contenteditable root.
2833
2834         Test: editing/pasteboard/heading-crash.html
2835
2836         * editing/ReplaceSelectionCommand.cpp:
2837         (WebCore::ReplaceSelectionCommand::makeInsertedContentRoundTrippableWithHTMLTreeBuilder):
2838
2839 2014-07-22  Ryuan Choi  <ryuan.choi@samsung.com>
2840
2841         Remove dead APIs from TiledBackingStore
2842         https://bugs.webkit.org/show_bug.cgi?id=135158
2843
2844         Reviewed by Gyuyoung Kim.
2845
2846         setContentsFrozen and related code of TiledBackingStore are not used since Qt port is removed.
2847
2848         * platform/graphics/TiledBackingStore.cpp:
2849         (WebCore::TiledBackingStore::TiledBackingStore):
2850         (WebCore::TiledBackingStore::updateTileBuffers):
2851         (WebCore::TiledBackingStore::setContentsScale):
2852         (WebCore::TiledBackingStore::createTiles):
2853         (WebCore::TiledBackingStore::startTileBufferUpdateTimer):
2854         (WebCore::TiledBackingStore::startBackingStoreUpdateTimer):
2855         (WebCore::TiledBackingStore::commitScaleChange): Deleted.
2856         (WebCore::TiledBackingStore::isBackingStoreUpdatesSuspended): Deleted.
2857         (WebCore::TiledBackingStore::isTileBufferUpdatesSuspended): Deleted.
2858         (WebCore::TiledBackingStore::setContentsFrozen): Deleted.
2859         * platform/graphics/TiledBackingStore.h:
2860         (WebCore::TiledBackingStore::contentsFrozen): Deleted.
2861
2862 2014-07-22  Alex Christensen  <achristensen@webkit.org>
2863
2864         Fix window-inactive css selectors when using querySelector.
2865         https://bugs.webkit.org/show_bug.cgi?id=135149
2866
2867         Reviewed by Tim Horton.
2868
2869         Test: fast/selectors/querySelector-window-inactive.html
2870
2871         * css/SelectorChecker.cpp:
2872         (WebCore::SelectorChecker::checkOne):
2873         Removed default and implemented case PseudoClassWindowInactive.
2874
2875 2014-07-22  Tim Horton  <timothy_horton@apple.com>
2876
2877         REGRESSION (r171016): Reproducible infinite spin selecting phone number
2878         https://bugs.webkit.org/show_bug.cgi?id=135183
2879         <rdar://problem/17727342>
2880
2881         Reviewed by Ryosuke Niwa.
2882
2883         * editing/Editor.cpp:
2884         (WebCore::Editor::scanRangeForTelephoneNumbers):
2885         Make use of TextIterator::subrange, which knows how to make a subrange from character positions,
2886         instead of assuming that our character positions translate directly to positions in the incoming range.
2887         Make use of DocumentMarkerController::addMarker, which takes a range and applies the marker to
2888         all text nodes inside the range as appropriate.
2889         Fix naming of the shadowed 'length' local.
2890         Fix a typo in the comment.
2891
2892 2014-07-22  Myles C. Maxfield  <mmaxfield@apple.com>
2893
2894         [iOS] [OSX] Don't transcode WOFF on platforms that support it natively
2895         https://bugs.webkit.org/show_bug.cgi?id=134904
2896
2897         Reviewed by Andreas Kling.
2898
2899         No new tests because there is no behavior change.
2900
2901         * loader/cache/CachedFont.cpp:
2902         (WebCore::CachedFont::ensureCustomFontData):
2903
2904 2014-07-22  peavo@outlook.com  <peavo@outlook.com>
2905
2906         [Win] Crash after plugin is unloaded.
2907         https://bugs.webkit.org/show_bug.cgi?id=119044
2908
2909         Reviewed by Darin Adler.
2910
2911         We need to invalidate all runtime objects when a plugin view is destroyed, in case the plugin is unloaded,
2912         and one of these runtime objects accesses the plugin function table upon destruction afterwards, which will cause a crash.
2913         If we use the weak pointer to the runtime object when invalidating, it will be null if it's in the WeakImpl::Dead state.
2914         This means the runtime object will not be invalidated, possibly causing a crash if the plugin is unloaded.
2915         It should be safe to use the raw pointer to the runtime object when invalidating, since finalized runtime objects
2916         will be removed from the set of runtime objects in the method RootObject::finalize().
2917
2918         * bridge/runtime_root.cpp:
2919         (JSC::Bindings::RootObject::invalidate): Make sure all runtime objects are invalidated by getting the raw runtime object pointer from the hash key.
2920
2921 2014-07-22  Enrica Casucci  <enrica@apple.com>
2922
2923         REGRESSION (WebKit2): Selection inside accelerated overflow:scroll doesn't track scrolling.
2924         https://bugs.webkit.org/show_bug.cgi?id=135180
2925         <rdar://problem/16721055>
2926
2927         Reviewed by Simon Fraser.
2928
2929         AsyncScrollingCoordinator will force a selection update on iOS
2930         when scrolling terminates in an overflow scroll.
2931
2932         * loader/EmptyClients.h:
2933         * page/EditorClient.h:
2934         * page/scrolling/AsyncScrollingCoordinator.cpp:
2935         (WebCore::AsyncScrollingCoordinator::updateScrollPositionAfterAsyncScroll):
2936         * page/scrolling/ScrollingTree.h:
2937         (WebCore::ScrollingTree::scrollingTreeNodeWillStartScroll):
2938         (WebCore::ScrollingTree::scrollingTreeNodeDidEndScroll):
2939
2940 2014-07-22  Myles C. Maxfield  <mmaxfield@apple.com>
2941
2942         [Mac] Cocoa throws exception when the return type of NSAccessibilityLinkedUIElementsAttribute is not an array
2943         https://bugs.webkit.org/show_bug.cgi?id=135165
2944
2945         Reviewed by Simon Fraser.
2946
2947         Return an empty array instead of nil.
2948
2949         Updated tests.
2950
2951         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
2952         (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):
2953
2954 2014-07-22  Commit Queue  <commit-queue@webkit.org>
2955
2956         Unreviewed, rolling out r171357.
2957         https://bugs.webkit.org/show_bug.cgi?id=135173
2958
2959         broke Windows build. (Requested by bfulgham on #webkit).
2960
2961         Reverted changeset:
2962
2963         "[Win] Fix Crash when handling Legible Output callbacks"
2964         https://bugs.webkit.org/show_bug.cgi?id=134946
2965         http://trac.webkit.org/changeset/171357
2966
2967 2014-07-22  Brent Fulgham  <bfulgham@apple.com>
2968
2969         [Win] Fix Crash when handling Legible Output callbacks
2970         https://bugs.webkit.org/show_bug.cgi?id=134946
2971
2972         Reviewed by Dean Jackson.
2973
2974         * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp:
2975         (WebCore::InbandTextTrackPrivateAVF::processNativeSamples): Remove
2976         Windows-specific 'ASSERT_NOT_REACHED' code path.
2977         * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
2978         (WebCore::createLegibleOutputSubtypes): Added.
2979         (WebCore::AVFWrapper::createPlayerItem): Updated to request native
2980         samples from AVFoundationCF.
2981
2982 2014-07-21  Sam Weinig  <sam@webkit.org>
2983
2984         [Cocoa] WKScriptMessageHandlers don't seem to function properly after navigating
2985         https://bugs.webkit.org/show_bug.cgi?id=135148
2986
2987         Reviewed by Geoffrey Garen.
2988
2989         The "webkit" property on the window was not getting installed for subsequent
2990         loads due to intricate dance playing setting the JSDOMWindow where the DOMWindow
2991         object is not yet in a Frame when the JSDOMWindow is created. Since we were
2992         adding the "webkit" property on construction, the property was returning null
2993         thinking it had no Frame and was in a bad state. We can fix this by making the
2994         "webkit" property behave like all the other window properties moving its getting
2995         to JSDOMWindow::getOwnPropertySlot.
2996
2997         Added API test (WebKit2Cocoa/UserContentController).
2998
2999         * bindings/js/JSDOMWindowBase.cpp:
3000         (WebCore::JSDOMWindowBase::finishCreation):
3001         * bindings/js/JSDOMWindowCustom.cpp:
3002         (WebCore::jsDOMWindowWebKit):
3003         (WebCore::JSDOMWindow::getOwnPropertySlot):
3004
3005 2014-07-22  Brent Fulgham  <bfulgham@apple.com>
3006
3007         [Win] Fix Leak in WebCore::createGlobalImageFileDescriptor 
3008         https://bugs.webkit.org/show_bug.cgi?id=134423
3009         <rdar://problem/17492758>
3010
3011         Reviewed by Geoffrey Garen.
3012
3013         * platform/win/PasteboardWin.cpp:
3014         (WebCore::createGlobalImageFileDescriptor): Unlock and release the
3015         HGLOBAL when exiting early.
3016
3017 2014-07-21  Myles C. Maxfield  <mmaxfield@apple.com>
3018
3019         Clicking on links while accessibility is enabled sometimes crashes
3020         https://bugs.webkit.org/show_bug.cgi?id=135074
3021
3022         Reviewed by Chris Fleizach.
3023
3024         When an accessibility request comes in from the system, we call updateBackingStore() on the
3025         relevant AccessibilityObject, which triggers a relayout of the entire document. This relayout
3026         might delete that accessibility node and its parent, which would cause the node to be deleted.
3027         After the stack unwinds, we then call a member function on the node without checking for this
3028         condition.
3029
3030         Test: accessibility/parent-delete.html
3031
3032         * accessibility/AccessibilityObject.cpp:
3033         (WebCore::AccessibilityObject::updateBackingStore): Retain the node for the duration of the
3034         function.
3035
3036 2014-07-22  Jeremy Jones  <jeremyj@apple.com>
3037
3038         Don't create new UIWindow for video fullscreen.
3039         https://bugs.webkit.org/show_bug.cgi?id=135038
3040
3041         Reviewed by Darin Adler.
3042
3043         * WebCore.exp.in:
3044         * platform/ios/WebVideoFullscreenControllerAVKit.h: use UIView instead of UIScreen.
3045         * platform/ios/WebVideoFullscreenControllerAVKit.mm:
3046         (-[WebVideoFullscreenController enterFullscreen:]): provide parent UIView.
3047         * platform/ios/WebVideoFullscreenInterfaceAVKit.h: remove UIWindow.
3048         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm: 
3049         (WebVideoFullscreenInterfaceAVKit::setupFullscreen): ditto 
3050         (WebVideoFullscreenInterfaceAVKit::cleanupFullscreen): ditto
3051         (WebVideoFullscreenInterfaceAVKit::invalidate): ditto
3052         (WebVideoFullscreenInterfaceAVKit::requestHideAndExitFullscreen): ditto
3053
3054 2014-07-22  Carlos Alberto Lopez Perez  <clopez@igalia.com>
3055
3056         [GTK] Rollout r170529 due to ~10% performance regression on the
3057         perf test Animation/balls.
3058         https://bugs.webkit.org/show_bug.cgi?id=134972
3059
3060         Reviewed by Martin Robinson.
3061
3062         Reverted changeset:
3063         "Increase priority on SharedTimer source."
3064         https://trac.webkit.org/r170529
3065
3066 2014-07-18  Dirk Schulze  <krit@webkit.org>
3067
3068         Turn width/height to presentation attributes
3069         https://bugs.webkit.org/show_bug.cgi?id=135046
3070
3071         Reviewed by Dean Jackson.
3072
3073         The elements <svg>, <image>, <pattern>, <mask> and <foreignObject> have the
3074         'width' and 'height' attributes. So far they can just be set by SVG DOM or
3075         setAttribute. Furthermore, animations just work with SVG Animation - No support
3076         for CSS Animations and CSS Transitions. We started to turn the width and height
3077         attributes on SVG roots to presentation attributes already. A presentation
3078         attribute is a CSS property that can also be set by DOM (or now by SVG DOM).
3079
3080         This patch turns all width and height attributes to presentation attributes. It
3081         basically allows authors to style width and height with CSS as well. Width and
3082         height can now be set with CSS style sheets and can be animated with CSS.
3083
3084         To some degree it made it possible to remove code duplication. However, since
3085         SVG DOM requires us to use SVGLength types and since we did not turn all
3086         SVG attributes to the CSS length values (and our internal Length struct) yet,
3087         we still need a hybrid - a bridge between SVGLength (for SVG DOM) and Length (for
3088         RenderStyle). Once we move all attributes to use the Length struct, we can make SVGLength
3089         a wrapper for Length and can move more code to the render tree.
3090
3091         The current challenge is to synchronize SVG DOM, normal DOM and RenderStyle.
3092         With this patch we handle most part in RenderStyle. SVG DOM changes are
3093         synchronized to DOM and RenderStyle will call needsStyleRecalc. Furthermore,
3094         SVG Animations will continue to animate the SVG DOM (and synchronize the changes
3095         back to RenderStyle) if the element has a JS property for the currently animated
3096         attribute.
3097
3098         Short example:
3099
3100             <rect>
3101                 <animate attributeName="width">
3102             </rect>
3103
3104         The <rect> element has the SVG DOM property 'width'. Therefore, we animate the SVG DOM
3105         property and synchronize RenderStyle.
3106
3107             <ellipse>
3108                 <animate attributeName="width">
3109             </ellipse>
3110
3111         The <ellipse> element does NOT have the SVG DOM property 'width'. Therefore, we
3112         animate the CSS property directly. With synchronizing RenderStyle in all cases, we
3113         make sure that the CSS cascade works even on animating on multiple SVG hierarchy
3114         levels (animation of 'width' on <g> and inheriting the property value on a child
3115         <rect>).
3116
3117         With using presentation attributes, we also inherit the CSS property parsing for
3118         SVG attributes. <rect width="  100px  "> is possible now. (Note the trailing whitespaces.)
3119         This follows a recent resolution of the SVG WG.
3120
3121         Since we turned width and height to presentation attributes, the layout optimization
3122         selfHasRelativeLengths() in the DOM can't be used anymore. selfHasRelativeLengths() was
3123         intended to solve a problem where we did not layout relatively position/sized elements
3124         when the parent changes its size. However, as a side effect it did not call layout
3125         for absolutely positioned/sized elements since the layout does not change. I run
3126         all performance tests that we have and even wrote a test with hundreds of elements
3127         that would be affected by this optimization. The differences were inside the sigma
3128         of a normal test run. (Means I couldn't measure a performance difference.)
3129         Therefore, it is not worth it to keep the "optimization" around and I will probably
3130         remove it entirely for all basic shapes but <path> and <polygon> in future patches.
3131
3132         Tests: svg/css/parse-height.html
3133                svg/css/parse-width.html
3134                svg/css/width-height-presentation-attribute-expected.svg
3135                svg/css/width-height-presentation-attribute.svg
3136
3137         * css/CSSComputedStyleDeclaration.cpp:
3138         (WebCore::ComputedStyleExtractor::propertyValue): We never calculated the computed
3139             value of width/height for SVG elements and returned auto instead. This is based
3140             on a rule of CSS 2 and needs to be fixed in CSS3.
3141         * css/DeprecatedStyleBuilder.cpp:
3142         (WebCore::ApplyPropertyLength::applyValue): Length always incorporates the zoom level.
3143             In SVG we still apply the zoom after all operations by scaling the context. We need
3144             to take this in account for Length and don't apply zoom on SVG inline elements.
3145         * css/StyleResolver.cpp:
3146         (WebCore::StyleResolver::useSVGZoomRulesForLength):
3147             See above.
3148         * css/StyleResolver.h:
3149         * rendering/svg/RenderSVGRect.cpp:
3150         (WebCore::RenderSVGRect::updateShapeFromElement): Do not call width() and height() on
3151             SVG DOM but use the values of RenderStyle instead.
3152         * rendering/svg/SVGPathData.cpp:
3153         (WebCore::updatePathFromRectElement): Ditto.
3154         * svg/SVGAnimateElement.cpp:
3155         (WebCore::SVGAnimateElement::resetAnimatedType): We need to differ between CSS properties
3156             with and without SVG DOM on the current element. In the later case we animate the 
3157             SVG DOM and need to synch RenderStyle.
3158         (WebCore::SVGAnimateElement::clearAnimatedType): Ditto.
3159         (WebCore::SVGAnimateElement::applyResultsToTarget): Ditto.
3160         * svg/SVGAnimationElement.cpp:
3161         (WebCore::SVGAnimationElement::isTargetAttributeCSSProperty): This checks if the CSS property
3162             has to be synched with SVG DOM.
3163         (WebCore::SVGAnimationElement::shouldApplyAnimation): Ditto.
3164         * svg/SVGAnimationElement.h:
3165         * svg/SVGElement.cpp:
3166         (WebCore::populateAttributeNameToCSSPropertyIDMap): Add width and heigth to the CSS property
3167             list for presentation attributes.
3168         (WebCore::populateCSSPropertyWithSVGDOMNameToAnimatedPropertyTypeMap): CSS properties with
3169             SVG DOM synchronization need to be treated differently. Collect them in a separate map.
3170         (WebCore::cssPropertyWithSVGDOMNameToAnimatedPropertyTypeMap): Caller for the map.
3171         (WebCore::SVGElement::animatedPropertyTypeForAttribute): We need to check both maps here:
3172             CSS properties and CSS properties with SVG DOM synch.
3173         (WebCore::SVGElement::isAnimatableCSSProperty): Ditto.
3174         (WebCore::SVGElement::isPresentationAttributeWithSVGDOM): Just return true if the property name
3175             is in the map of properties with SVG DOM for the current element.
3176         * svg/SVGElement.h:
3177         (WebCore::SVGElement::invalidateSVGPresentationAttributeStyle): Call needsStyleRecalc.
3178         * svg/SVGFilterElement.cpp: Make width/height presentation attribute.
3179         (WebCore::SVGFilterElement::svgAttributeChanged):
3180         (WebCore::SVGFilterElement::selfHasRelativeLengths): Deleted.
3181         * svg/SVGFilterElement.h: Ditto.
3182         * svg/SVGForeignObjectElement.cpp:
3183         (WebCore::SVGForeignObjectElement::svgAttributeChanged):
3184         (WebCore::SVGForeignObjectElement::selfHasRelativeLengths): Deleted.
3185         * svg/SVGForeignObjectElement.h:
3186         * svg/SVGImageElement.cpp: Ditto.
3187         (WebCore::SVGImageElement::svgAttributeChanged):
3188         (WebCore::SVGImageElement::isPresentationAttribute): Deleted.
3189         (WebCore::SVGImageElement::collectStyleForPresentationAttribute): Deleted.
3190         (WebCore::SVGImageElement::selfHasRelativeLengths): Deleted.
3191         * svg/SVGImageElement.h:
3192         * svg/SVGLength.h: Transform an Length value to an absolute value by taking the SVG viewport
3193             into account. (An SVG viewport is not the same as the CSS viewport.)
3194         * svg/SVGLengthContext.cpp: Ditto.
3195         (WebCore::SVGLengthContext::valueForLength):
3196         * svg/SVGLengthContext.h:
3197         * svg/SVGMaskElement.cpp: Make width/height presentation attribute.
3198         (WebCore::SVGMaskElement::svgAttributeChanged):
3199         (WebCore::SVGMaskElement::selfHasRelativeLengths): Deleted.
3200         * svg/SVGMaskElement.h:
3201         * svg/SVGPatternElement.cpp: Ditto.
3202         (WebCore::SVGPatternElement::svgAttributeChanged):
3203         (WebCore::SVGPatternElement::selfHasRelativeLengths): Deleted.
3204         * svg/SVGPatternElement.h:
3205         * svg/SVGRectElement.cpp: Ditto.
3206         (WebCore::SVGRectElement::svgAttributeChanged):
3207         (WebCore::SVGRectElement::selfHasRelativeLengths): Deleted.
3208         * svg/SVGRectElement.h:
3209         * svg/SVGSVGElement.cpp: Ditto.
3210         (WebCore::SVGSVGElement::svgAttributeChanged): Clean up redundant layout calls.
3211         (WebCore::SVGSVGElement::isPresentationAttribute): Deleted.
3212         (WebCore::SVGSVGElement::collectStyleForPresentationAttribute): Deleted.
3213         * svg/SVGSVGElement.h:
3214         * svg/properties/SVGAnimatedProperty.cpp: Synchronize SVG DOM with DOM.
3215         (WebCore::SVGAnimatedProperty::commitChange):
3216
3217 2014-07-22  Adrian Perez de Castro  <aperez@igalia.com>
3218
3219         [GStreamer] [GTK] WebKit does not build with GStreamer 1.4
3220         https://bugs.webkit.org/show_bug.cgi?id=135114
3221
3222         Reviewed by Philippe Normand.
3223
3224         Fix build with GStreamer 1.4
3225
3226         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
3227         Change GstMpegTs-prefixed types to use the GstMpegts prefix.
3228         (WebCore::MediaPlayerPrivateGStreamer::handleMessage):
3229         (WebCore::MediaPlayerPrivateGStreamer::processMpegTsSection):
3230         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
3231         Ditto.
3232
3233 2014-07-21  Benjamin Poulain  <bpoulain@apple.com>
3234
3235         [iOS][WK2] Improve event throttling for Scroll Events
3236         https://bugs.webkit.org/show_bug.cgi?id=135082
3237         <rdar://problem/17445266>
3238
3239         Reviewed by Simon Fraser.
3240
3241         This patch is composed of two parts. The first part in the WebKit layer
3242         track an approximate measurement of the main thread responsiveness.
3243         The second part in WebCore use that information to avoid sending events
3244         if a page is unresponsive.
3245
3246         In WebCore, this patch only consider scroll events so far. Hopefully the concept
3247         should be easy to generalize.
3248
3249         * loader/EmptyClients.h:
3250         * page/ChromeClient.h:
3251         Chrome client provides us with one information: how long an incoming event should be delayed.
3252         Every port is free to implement whatever logic is suitable for them.
3253
3254         * page/FrameView.cpp:
3255         (WebCore::FrameView::FrameView):
3256         (WebCore::FrameView::reset):
3257         (WebCore::FrameView::delayedScrollEventTimerFired):
3258         (WebCore::FrameView::scrollPositionChanged):
3259         (WebCore::FrameView::sendScrollEvent):
3260         * page/FrameView.h:
3261         Scroll events do not have any associated information so they can be coalesced by just skipping
3262         all input hapenning during the throttling delay.
3263
3264         The implementation is done by using a timer to delay the events.
3265
3266 2014-07-21  Tim Horton  <timothy_horton@apple.com>
3267
3268         Avoid putting empty-sized surfaces into IOSurfacePool
3269         https://bugs.webkit.org/show_bug.cgi?id=135136
3270
3271         Reviewed by Simon Fraser.
3272
3273         * platform/graphics/cg/IOSurfacePool.cpp:
3274         (WebCore::IOSurfacePool::addSurface):
3275         Avoid adding 0x0 surfaces to the pool, because they will wreak havoc
3276         when their size is used as the key in the CachedSurfaceMap.
3277         Additionally, avoid any empty sizes, because they're just pointless.
3278
3279 2014-07-21  Beth Dakin  <bdakin@apple.com>
3280
3281         WK1 should always setAcceleratedCompositingForFixedPositionEnabled(true) on 
3282         Yosemite
3283         https://bugs.webkit.org/show_bug.cgi?id=135135
3284
3285         Reviewed by Darin Adler.
3286
3287         This patch gets rid of the ChromeClient function that was introduced with 
3288         http://trac.webkit.org/changeset/171308 We’ll just enable the Setting instead.
3289         * css/StyleResolver.cpp:
3290         (WebCore::StyleResolver::adjustRenderStyle):
3291         (WebCore::fixedPositionCreatesStackingContext): Deleted.
3292         * page/ChromeClient.h:
3293         (WebCore::ChromeClient::requiresAcceleratedCompositingForViewportConstrainedPosition): Deleted.
3294         * rendering/RenderLayerCompositor.cpp:
3295         (WebCore::RenderLayerCompositor::requiresCompositingForPosition):
3296
3297 2014-07-21  Simon Fraser  <simon.fraser@apple.com>
3298
3299         [iOS WK2] Turn off position:fixed behavior when the keyboard is up
3300         https://bugs.webkit.org/show_bug.cgi?id=132537
3301
3302         Reviewed by Benjamin Poulain.
3303
3304         Export RenderObject::localToContainerPoint().
3305
3306         * WebCore.exp.in:
3307
3308 2014-07-21  Jer Noble  <jer.noble@apple.com>
3309
3310         [MSE] YouTube video decode error when variant-switching
3311         https://bugs.webkit.org/show_bug.cgi?id=135128
3312
3313         Reviewed by Brent Fulgham.
3314
3315         Test: media/media-source/media-source-overlapping-decodetime.html
3316
3317         When variant-switching, the situation can arise where an existing sample with a presentation
3318         timestamp of N and a decode timestamp of M, and a new sample with a presentation timestamp > N
3319         and the same decode timestamp of M, will keep the new sample from being added to the SampleMap.
3320         This can result in a decode error when samples depending on that new, missing sample are enqueued.
3321
3322         The MSE spec is silent on the issue of overlapping decode timestamps. However, it guarantees that
3323         presentation timestamps are non-overlapping. So instead of using just the decode timestamp as a key
3324         for storing the samples in decode order, use both the decode timestamp and the presentation timestamp.
3325         That ensures that samples with different presentation times but equal decode times are both inserted
3326         into the decode queue, and in the correct order.
3327
3328         * Modules/mediasource/SampleMap.cpp:
3329         (WebCore::SampleIsRandomAccess::operator()): Update the parameter type to match the new KeyType.
3330         (WebCore::SampleMap::addSample): Pass both decodeTime and presentationTime as the key to decodeOrder.
3331         (WebCore::SampleMap::removeSample): Ditto.
3332         (WebCore::DecodeOrderSampleMap::findSampleWithDecodeKey): Renamed from findSampleWithDecodeTime.
3333         (WebCore::DecodeOrderSampleMap::reverseFindSampleWithDecodeKey): renamed from reverseFindSampleWithDecodeTime.
3334         (WebCore::DecodeOrderSampleMap::findSyncSamplePriorToPresentationTime): Use renamed version of above.
3335         (WebCore::DecodeOrderSampleMap::findSyncSampleAfterPresentationTime): Ditto.
3336         (WebCore::DecodeOrderSampleMap::findDependentSamples): Ditto.
3337         (WebCore::DecodeOrderSampleMap::findSampleWithDecodeTime): Deleted.
3338         (WebCore::DecodeOrderSampleMap::reverseFindSampleWithDecodeTime): Deleted.
3339         * Modules/mediasource/SampleMap.h:
3340         * Modules/mediasource/SourceBuffer.cpp:
3341         (WebCore::SourceBuffer::removeCodedFrames): Ditto.
3342         (WebCore::SourceBuffer::sourceBufferPrivateDidReceiveSample): Ditto.
3343         (WebCore::SourceBuffer::reenqueueMediaForTime): Ditto.
3344
3345 2014-07-21  Andy Estes  <aestes@apple.com>
3346
3347         [iOS] Handle QuickLook ResourceLoaders in the web process
3348         https://bugs.webkit.org/show_bug.cgi?id=135113
3349
3350         Reviewed by David Kilzer.
3351
3352         No new tests. QuickLook is not testable from WebKit.
3353
3354         * WebCore.exp.in:
3355         * loader/ResourceLoadScheduler.cpp:
3356         (WebCore::ResourceLoadScheduler::maybeLoadQuickLookResource): Start loading the ResourceLoader if it is for a QuickLook resource.
3357         * loader/ResourceLoadScheduler.h:
3358
3359 2014-07-21  Alexey Proskuryakov  <ap@apple.com>
3360
3361         Case sensitive file system build fix.
3362
3363         * page/scrolling/ScrollingStateTree.cpp:
3364
3365 2014-07-21  Beth Dakin  <bdakin@apple.com>
3366
3367         Put position:fixed elements into layers when a WK1 view is layer-backed
3368         https://bugs.webkit.org/show_bug.cgi?id=135075
3369
3370         Reviewed by Darin Adler.
3371
3372         This patch adds a new ChromeClient function called 
3373         requiresAcceleratedCompositingForViewportConstrainedPosition(). Since a view can 
3374         go in and out of layer backing, we need a ChromeClient method that can be 
3375         dynamically re-evaluated rather than using the existing settings for enabling 
3376         accelerated fixed and fixed that creates a stacking context.
3377
3378         Ensure that fixed elements create a stacking context when 
3379         requiresAcceleratedCompositingForViewportConstrainedPosition is true.
3380         * css/StyleResolver.cpp:
3381         (WebCore::StyleResolver::adjustRenderStyle):
3382
3383         New ChromeClient function.
3384         * page/ChromeClient.h:
3385
3386 2014-07-21  Simon Fraser  <simon.fraser@apple.com>
3387
3388         Add helper functions to dump the scrolling state tree from the debugger
3389         https://bugs.webkit.org/show_bug.cgi?id=135101
3390
3391         Reviewed by Darin Adler.
3392
3393         Add debug-only showScrollingStateTree() functions that take a ScrollingStateTree* and ScrollingStateNode*
3394         for use while debugging.
3395
3396         * page/scrolling/ScrollingStateTree.cpp:
3397         (showScrollingStateTree):
3398         * page/scrolling/ScrollingStateTree.h:
3399
3400 2014-07-20  Simon Fraser  <simon.fraser@apple.com>
3401
3402         [iOS WK1] Single touch div scrolling doesn't work in framesets (breaks Word previews)
3403         https://bugs.webkit.org/show_bug.cgi?id=135103
3404         <rdar://problem/11830219>
3405
3406         Reviewed by Darin Adler.
3407
3408         After r166117 all layer flushing starts on the root frame; we no longer flush layers
3409         for each frame during painting. However, flushing GraphicsLayers can set some state
3410         on a subframe RenderLayerCompositor that is now never processed, which breaks scroll
3411         layer registration.
3412         
3413         Fix by doing a walk of the Frame tree, and calling didFlushLayers() on subframe RenderLayerCompositors
3414         before calling didFlushLayers() on self.
3415
3416         * rendering/RenderLayerCompositor.cpp:
3417         (WebCore::RenderLayerCompositor::flushPendingLayerChanges):
3418         (WebCore::RenderLayerCompositor::didFlushLayers):
3419         (WebCore::RenderLayerCompositor::notifySubframesAfterLayerFlush):
3420         (WebCore::RenderLayerCompositor::enclosingCompositorFlushingLayers): Drive-by nullptr.
3421         * rendering/RenderLayerCompositor.h:
3422
3423 2014-07-21  Eric Carlson  <eric.carlson@apple.com>
3424
3425         [iOS] a Paused media session is not active
3426         https://bugs.webkit.org/show_bug.cgi?id=135108
3427
3428         Reviewed by Darin Adler.
3429
3430         Activating the shared AudioSession will pause audio playing in another application,
3431         so only report a Playing media sessions as active.
3432
3433         * platform/audio/MediaSessionManager.cpp:
3434         * platform/audio/MediaSessionManager.h:
3435         (WebCore::MediaSessionManager::activeAudioSessionRequired): Renamed from hasActive to make
3436         clear what it does. Only return true for a session that is Playing.
3437
3438         * platform/audio/mac/MediaSessionManagerMac.cpp:
3439         (MediaSessionManager::updateSessionState): hasActive renamed to activeAudioSessionRequired.
3440
3441 2014-07-21  Carlos Garcia Campos  <cgarcia@igalia.com>
3442
3443         Unreviewed. Update GObject DOM bindings test results after r171285.
3444
3445         * bindings/scripts/test/GObject/WebKitDOMTestActiveDOMObject.cpp:
3446         * bindings/scripts/test/GObject/WebKitDOMTestCallback.cpp:
3447         * bindings/scripts/test/GObject/WebKitDOMTestCustomNamedGetter.cpp:
3448         * bindings/scripts/test/GObject/WebKitDOMTestEventConstructor.cpp:
3449         * bindings/scripts/test/GObject/WebKitDOMTestEventTarget.cpp:
3450         * bindings/scripts/test/GObject/WebKitDOMTestException.cpp:
3451         * bindings/scripts/test/GObject/WebKitDOMTestGenerateIsReachable.cpp:
3452         * bindings/scripts/test/GObject/WebKitDOMTestInterface.cpp:
3453         * bindings/scripts/test/GObject/WebKitDOMTestMediaQueryListListener.cpp:
3454         * bindings/scripts/test/GObject/WebKitDOMTestNamedConstructor.cpp:
3455         * bindings/scripts/test/GObject/WebKitDOMTestNode.cpp:
3456         * bindings/scripts/test/GObject/WebKitDOMTestNondeterministic.cpp:
3457         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
3458         * bindings/scripts/test/GObject/WebKitDOMTestOverloadedConstructors.cpp:
3459         * bindings/scripts/test/GObject/WebKitDOMTestSerializedScriptValueInterface.cpp:
3460         * bindings/scripts/test/GObject/WebKitDOMTestTypedefs.cpp:
3461         * bindings/scripts/test/GObject/WebKitDOMattribute.cpp:
3462         * bindings/scripts/test/GObject/WebKitDOMreadonly.cpp:
3463
3464 2014-07-20  Pratik Solanki  <psolanki@apple.com>
3465
3466         Reduce the chances of a race condition when sharing SharedBuffer
3467         https://bugs.webkit.org/show_bug.cgi?id=135060
3468         <rdar://problem/17729444>
3469
3470         Reviewed by Darin Adler.
3471
3472         We currently pass a SharedBuffer wrapped in WebCoreSharedBufferData to ImageIO for image
3473         decoding. This is not thread safe since ImageIO will access this buffer on a separate
3474         thread. We access SharedBuffer::buffer() on the other thread which resizes the Vector
3475         m_buffer if m_size is greater than the vector size. Since the code in SharedBuffer::append()
3476         sets m_size before appending the data to the buffer, m_size is out of sync with the m_buffer
3477         size for the entire duration of the Vector append which could be doing a lot of copying if
3478         the resource is large. While this change does not fix the race condition, we can at least
3479         reduce the chances of SharedBuffer::buffer() calling resize() by setting m_size after the
3480         cector has finished appending.
3481
3482         No new tests because no functional changes.
3483
3484         * platform/SharedBuffer.cpp:
3485         (WebCore::SharedBuffer::append):
3486
3487 2014-07-20  Jeremy Jones  <jeremyj@apple.com>
3488
3489         Fix test crashes when cloning video layer since r171286
3490         https://bugs.webkit.org/show_bug.cgi?id=135112
3491
3492         Unreviewed. Fix crashing tests by conditionalizing inline video layer change.
3493         compositing/video/video-reflection.html [ Crash ]
3494         media/video-layer-crash.html [ Crash ]
3495
3496         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h: add conditional
3497         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm: ditto
3498         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerLayer): ditto
3499         (WebCore::MediaPlayerPrivateAVFoundationObjC::destroyVideoLayer): ditto
3500         (WebCore::MediaPlayerPrivateAVFoundationObjC::platformLayer): ditto
3501
3502 2014-07-20  Jeremy Jones  <jeremyj@apple.com>
3503
3504         Disable ff/rw based on canPlayFastForward and canPlayFastRewind.
3505         https://bugs.webkit.org/show_bug.cgi?id=134894
3506
3507         Reviewed by Darin Adler.
3508
3509         * WebCore.exp.in: add symbol for canPlayFastReverse
3510         * html/HTMLMediaElement.cpp: Add two new accessors
3511         (WebCore::HTMLMediaElement::nextScanRate): possibly limit scanRate
3512         (WebCore::HTMLMediaElement::canPlayFastForward): added
3513         (WebCore::HTMLMediaElement::canPlayFastReverse): added
3514         * html/HTMLMediaElement.h: declare two new methods
3515         * platform/graphics/MediaPlayer.cpp: Plumb through two new accessors
3516         (WebCore::MediaPlayer::maxFastForwardRate): added
3517         (WebCore::MediaPlayer::minFastReverseRate): added
3518         * platform/graphics/MediaPlayer.h: Declare new methods
3519         * platform/graphics/MediaPlayerPrivate.h: Added two new methods.
3520         (WebCore::MediaPlayerPrivateInterface::maxFastForwardRate): added
3521         (WebCore::MediaPlayerPrivateInterface::minFastReverseRate): added
3522         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h: member to cache ff/rw enabled state
3523         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
3524         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayer): observe on item canPlayFastForward canPlayFastReverse
3525         (WebCore::MediaPlayerPrivateAVFoundationObjC::canPlayFastForwardDidChange): added
3526         (WebCore::MediaPlayerPrivateAVFoundationObjC::canPlayFastReverseDidChange): added
3527         (WebCore::itemKVOProperties): observe canPlayFastForward canPlayFastRewind
3528         (-[WebCoreAVFMovieObserver observeValueForKeyPath:ofObject:change:context:]): ditto
3529         * platform/ios/WebVideoFullscreenInterface.h: add new method
3530         * platform/ios/WebVideoFullscreenInterfaceAVKit.h: ditto
3531         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm: ditto
3532         (WebVideoFullscreenInterfaceAVKit::setCanPlayFastReverse): Set value on WebAVPlayerController.
3533         (-[WebAVPlayerController canScanBackward]): Deleted.
3534         (+[WebAVPlayerController keyPathsForValuesAffectingCanScanBackward]): Deleted.
3535         * platform/ios/WebVideoFullscreenModelMediaElement.mm:
3536         (WebVideoFullscreenModelMediaElement::updateForEventName): update canPlayFastReverse.
3537
3538 2014-07-18  Gavin Barraclough  <baraclough@apple.com>
3539
3540         HTMLMediaElement should registerWithDocument on iOS
3541         https://bugs.webkit.org/show_bug.cgi?id=135084
3542         <rdar://problem/17702531>
3543
3544         Reviewed by Andreas Kling.
3545
3546         Otherwise it won't know when the visibility changes!
3547
3548         * html/HTMLMediaElement.cpp:
3549         (WebCore::HTMLMediaElement::registerWithDocument):
3550         (WebCore::HTMLMediaElement::unregisterWithDocument):
3551
3552 2014-07-20  Jeremy Jones  <jeremyj@apple.com>
3553
3554         Decrease flicker when enter and exit fullscreen.
3555         https://bugs.webkit.org/show_bug.cgi?id=134919
3556
3557         Reviewed by Simon Fraser.
3558
3559         Put AVPlayerLayer in a container layer so moving it between inline and fullscreen
3560         is as easy as adding and removing it from a containter layer; no need to do a layout.
3561
3562         Make sure fullscreen layers are transparent before moving moving the AVPlayerLayer
3563         between inline and fullscreen so you don't briefly see the empty fullscreen layers.
3564
3565         * html/HTMLMediaElement.cpp:
3566         (WebCore::HTMLMediaElement::platformLayer): remove fullscreen special case.
3567         (WebCore::HTMLMediaElement::setVideoFullscreenLayer): no need to recalc style
3568         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h: add inline container layer
3569         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm: 
3570         add WebVideoContainerLayer to contain AVPlayerLayer and keep layout correct.
3571         (-[WebVideoContainerLayer setBounds:]): forward setbounds to set child frame.
3572         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerLayer): create the video container layer
3573         (WebCore::MediaPlayerPrivateAVFoundationObjC::destroyVideoLayer): destroy the video container layer
3574         (WebCore::MediaPlayerPrivateAVFoundationObjC::platformLayer): use container layer instead of video layer
3575         (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenLayer): use transactions to prevent unwanted animation.
3576         (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenFrame): ditto
3577         * platform/graphics/ca/mac/PlatformCALayerMac.mm:
3578         (PlatformCALayerMac::layerTypeForPlatformLayer): WebVideoContainerLayer is a kind of AVPlayerLayer
3579         * platform/ios/WebVideoFullscreenControllerAVKit.mm:
3580         (-[WebVideoFullscreenController didCleanupFullscreen]): remove video fullscreen layer first
3581         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
3582         (WebVideoFullscreenInterfaceAVKit::setupFullscreen): make background transparent during transition.
3583            dispatch_async to allow CATransaction to complete before calling didSetupFullscreen()
3584
3585 2014-07-20  Ryuan Choi  <ryuan.choi@samsung.com>
3586
3587         Move ExceptionCodeDescription.h into the files that actually need it
3588         https://bugs.webkit.org/show_bug.cgi?id=134968
3589
3590         Reviewed by Darin Adler.
3591
3592         No new tests because no functional changes.
3593
3594         * Modules/indexeddb/IDBDatabaseException.cpp:
3595         * Modules/webdatabase/SQLException.cpp:
3596         * bindings/js/JSDOMBinding.cpp:
3597         * bindings/objc/ExceptionHandlers.mm:
3598         * bindings/scripts/CodeGeneratorGObject.pm:
3599         (Generate):
3600         * dom/DOMCoreException.cpp:
3601         * dom/EventException.cpp:
3602         * dom/ExceptionBase.cpp:
3603         * dom/ExceptionCode.h:
3604         * dom/RangeException.cpp:
3605         * fileapi/FileException.cpp:
3606         * inspector/DOMEditor.cpp:
3607         * inspector/InspectorDOMAgent.cpp:
3608         * svg/SVGException.cpp:
3609         * xml/XMLHttpRequestException.cpp:
3610         * xml/XPathException.cpp:
3611
3612 2014-07-20  Dan Bernstein  <mitz@apple.com>
3613
3614         <rdar://problems/17742611> -[_WKActivatedElementInfo image] is often empty
3615         https://bugs.webkit.org/show_bug.cgi?id=135107
3616
3617         Reviewed by Sam Weinig.
3618
3619         Test: TestWebKitAPI/Tests/mac/RenderedImageFromDOMNode.mm
3620
3621         * page/FrameView.cpp:
3622         (WebCore::FrameView::paintContents): To work around http://webkit.org/b/135106, replace the
3623         paint root with its nearest ancestor that isn’t an inline with culled line boxes, if needed.
3624
3625 2014-07-20  Darin Adler  <darin@apple.com>
3626
3627         Crashes seen in wheel event handling
3628         https://bugs.webkit.org/show_bug.cgi?id=135102
3629
3630         Reviewed by Beth Dakin.
3631
3632         Speculative fix based on guesses about what could be crashing.
3633         The crash seems to be calling ref on an event target, and my guess is that this
3634         has something to do with latching.
3635
3636         * page/EventHandler.cpp:
3637         (WebCore::EventHandler::platformPrepareForWheelEvents): Updated argument types.
3638         (WebCore::EventHandler::handleWheelEvent): Refactored a little and made some local
3639         variables use RefPtr instead of raw pointers. Also added some comments.
3640
3641         * page/EventHandler.h: Changed argument types to RefPtr.
3642
3643         * page/mac/EventHandlerMac.mm:
3644         (WebCore::EventHandler::platformPrepareForWheelEvents): Updated argument types.
3645         Also added a FIXME.
3646
3647 2014-07-20  Simon Fraser  <simon.fraser@apple.com>
3648
3649         Print layerIDs in GraphicsLayer dumps
3650         https://bugs.webkit.org/show_bug.cgi?id=135100
3651
3652         Reviewed by Darin Adler.
3653
3654         When calling showGraphicsLayerTree() from the debugger, it's useful to show
3655         layerIDs so they can be correlated with remote layer tree transactions. So
3656         when dumping with debug info, dump the primary layer ID.
3657
3658         * platform/graphics/GraphicsLayer.cpp:
3659         (WebCore::GraphicsLayer::dumpProperties):
3660
3661 2014-07-20  Eric Carlson  <eric.carlson@apple.com>
3662
3663         [iOS] ignore requests to set volume
3664         https://bugs.webkit.org/show_bug.cgi?id=135081
3665
3666         Applied post-review comments from Darin Adler.
3667
3668         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
3669         (WebCore::MediaPlayerPrivateAVFoundationObjC::setVolume): Don't include unreachable
3670             code on iOS.
3671
3672 2014-07-19  Mark Rowe  <mrowe@apple.com>
3673
3674         <https://webkit.org/b/135085> Ensure that make_names.pl generates the same result when run multiple times.
3675
3676         Perl 5.18 introduced hash randomization. This results in the iteration order of hashes being different
3677         from one run to the next. To ensure identical output we can iterate over the hash keys in sorted order.
3678
3679         Reviewed by Alexey Proskuryakov.
3680
3681         * bindings/scripts/StaticString.pm:
3682         (GenerateStrings):
3683         (GenerateStringAsserts):
3684         * dom/make_names.pl:
3685
3686 2014-07-19  Zan Dobersek  <zdobersek@igalia.com>
3687
3688         Document::unregisterNodeListforInvalidation() and Document::unregisterCollection() have incorrect assertions
3689         https://bugs.webkit.org/show_bug.cgi?id=134869
3690
3691         Reviewed by Darin Adler.
3692
3693         Both methods should assert that the relevant HashMap is either empty if invalidation originates
3694         from Document::invalidateNodeListAndCollectionCaches() or acutally contains the element that is
3695         being invalidated. In the first case the HashMap is empty because its entries were moved out in
3696         the Document::invalidateNodeListAndCollectionCaches().
3697
3698         This was exposed by r170995 (later rolled out in r170999) which introduced move constructor and
3699         move assignment operators for HashTable. The assertions in the titular methods won't be passing
3700         until r170995 relands.
3701
3702         * dom/Document.cpp:
3703         (WebCore::Document::unregisterNodeListForInvalidation):
3704
3705 2014-07-18  Eric Carlson  <eric.carlson@apple.com>
3706
3707         [iOS] ignore requests to set volume
3708         https://bugs.webkit.org/show_bug.cgi?id=135081
3709
3710         Reviewed by Jer Noble.
3711
3712         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
3713         (WebCore::MediaPlayerPrivateAVFoundationObjC::setVolume): Do nothing on iOS.
3714
3715 2014-07-18  Andy Estes  <aestes@apple.com>
3716
3717         [iOS] Tapping "Allow Website" on a restricted page does not bring up the keypad
3718         https://bugs.webkit.org/show_bug.cgi?id=135072
3719         <rdar://problem/17528188>
3720
3721         Reviewed by David Kilzer.
3722
3723         No new tests. Content filtering is not testable from WebKit.
3724
3725         * WebCore.exp.in: Exported necessary ContentFilter symbols.
3726         * loader/DocumentLoader.cpp:
3727         (WebCore::DocumentLoader::finishedLoading): Called FrameLoaderClient::contentFilterDidBlockLoad().
3728         (WebCore::DocumentLoader::responseReceived): Created a new ContentFilter.
3729         (WebCore::DocumentLoader::dataReceived): Called FrameLoaderClient::contentFilterDidBlockLoad().
3730         (WebCore::DocumentLoader::setContentFilterForBlockedLoad): Deleted.
3731         (WebCore::DocumentLoader::handleContentFilterRequest): Deleted.
3732         * loader/DocumentLoader.h:
3733         * loader/FrameLoaderClient.h:
3734         (WebCore::FrameLoaderClient::contentFilterDidBlockLoad):
3735         * loader/PolicyChecker.cpp:
3736         (WebCore::PolicyChecker::checkNavigationPolicy): Removed the check for unblock navigations, as this is now
3737         handled at the WebKit layer.
3738         * platform/ContentFilter.h: ContentFilter no longer needs to be RefCounted, so made various changes in order to
3739         make it compatible with unique_ptr.
3740         * platform/ios/ContentFilterIOS.mm:
3741         (WebCore::scheme): Changed from a public member function to a static inline free function.
3742         (WebCore::ContentFilter::handleUnblockRequestAndDispatchIfSuccessful): Renamed from requestUnblockAndDispatchIfSuccessful.
3743         * platform/mac/ContentFilterMac.mm:
3744         (WebCore::ContentFilter::ContentFilter): Added a default constructor for use during message decoding.
3745         (WebCore::ContentFilter::addData): Removed calls to ref() and deref(). These were never actually needed since
3746         we were dispatching the block synchronously.
3747         (WebCore::ContentFilter::finishedAddingData): Ditto.
3748         (WebCore::ContentFilter::encode): Encoded m_platformContentFilter to the NSKeyedArchiver if it conforms to NSSecureCoding.
3749         (WebCore::ContentFilter::decode): Decoded m_platformContentFilter from the NSKeyedUnarchiver if it conforms to NSSecureCoding.
3750         (WebCore::ContentFilter::create): Deleted.
3751
3752 2014-07-18  Simon Fraser  <simon.fraser@apple.com>
3753
3754         [iOS WK2] position:fixed in iframes with programmatic scroll could end up in the wrong place
3755         https://bugs.webkit.org/show_bug.cgi?id=135078
3756         <rdar://problem/17401823>
3757
3758         Reviewed by Tim Horton.
3759         
3760         When the UI-side scrolling tree receives a requested scroll position update, it scrolls
3761         the node (e.g. a frame) then traverses child nodes to update them, e.g. for fixed position.
3762         However, we would always use a viewport rect for the main document (from the scrolling tree),
3763         which is not appropriate for subframes. Subframes should just use their own visible
3764         rect to position fixed children.
3765
3766         Test: platform/mac-wk2/tiled-drawing/scrolling/frames/fixed-inside-frame.html
3767
3768         * page/scrolling/ios/ScrollingTreeFrameScrollingNodeIOS.mm:
3769         (WebCore::ScrollingTreeFrameScrollingNodeIOS::updateChildNodesAfterScroll):
3770
3771 2014-07-18  Beth Dakin  <bdakin@apple.com>
3772
3773         Fixed position elements are misplaced when a WK1 view has contentInsets set
3774         https://bugs.webkit.org/show_bug.cgi?id=135031
3775         -and corresponding-
3776         <rdar://problem/17682335>
3777
3778         Reviewed by Tim Horton.
3779
3780         [NSScrollView documentVisibleRect] includes content that is within the inset-area 
3781         of a view, but WebCore is interested in the content that is fully visible, so we 
3782         need to factor the inset sizes out of this rect.
3783
3784         Implement contract() to avoid the awkwardness of calling expand() with negative 
3785         values.
3786         * platform/graphics/IntSize.h:
3787         (WebCore::IntSize::contract):
3788
3789         Factor out insets
3790         * platform/mac/ScrollViewMac.mm:
3791         (WebCore::ScrollView::platformVisibleContentRect):
3792         (WebCore::ScrollView::platformVisibleContentSize):
3793
3794 2014-07-18  Tim Horton  <timothy_horton@apple.com>
3795
3796         Take navigation snapshots whenever the current back-forward item is going to change
3797         https://bugs.webkit.org/show_bug.cgi?id=135058
3798         <rdar://problem/17464515>
3799
3800         Reviewed by Dan Bernstein.
3801
3802         * loader/HistoryController.cpp:
3803         (WebCore::HistoryController::updateForCommit):
3804         (WebCore::HistoryController::recursiveUpdateForCommit):
3805         (WebCore::HistoryController::recursiveUpdateForSameDocumentNavigation):
3806         (WebCore::HistoryController::createItem):
3807         Use setCurrentItem instead of duplicating the contents of it inside each of these functions.
3808
3809         (WebCore::HistoryController::setCurrentItem):
3810         (WebCore::HistoryController::replaceCurrentItem):
3811         When setting or replacing the current item, let the FrameLoaderClient know that we're going
3812         to change which history item is "current".
3813
3814         * loader/FrameLoaderClient.h:
3815         (WebCore::FrameLoaderClient::willChangeCurrentHistoryItem): Added.
3816
3817 2014-07-18  Commit Queue  <commit-queue@webkit.org>
3818
3819         Unreviewed, rolling out r171207.
3820         https://bugs.webkit.org/show_bug.cgi?id=135056
3821
3822         Broke multiple tests on Yosemite (Requested by ap on #webkit).
3823
3824         Reverted changeset:
3825
3826         "Fixed position elements are misplaced when a WK1 view has
3827         contentInsets set"
3828         https://bugs.webkit.org/show_bug.cgi?id=135031
3829         http://trac.webkit.org/changeset/171207
3830
3831 2014-07-18  Commit Queue  <commit-queue@webkit.org>
3832
3833         Unreviewed, rolling out r171218.
3834         https://bugs.webkit.org/show_bug.cgi?id=135055
3835
3836         Made fast/dom/HTMLObjectElement/beforeload-set-text-
3837         crash.xhtml crash (Requested by ap on #webkit).
3838
3839         Reverted changeset:
3840
3841         "REGRESSION (r169105): Crash in selection"
3842         https://bugs.webkit.org/show_bug.cgi?id=134303
3843         http://trac.webkit.org/changeset/171218
3844
3845 2014-07-18  Radu Stavila  <stavila@adobe.com>
3846
3847         REGRESSION (r169105): Crash in selection
3848         https://bugs.webkit.org/show_bug.cgi?id=134303
3849
3850         Reviewed by Ryosuke Niwa.
3851
3852         When splitting the selection between different subtrees, all subtrees must have their selection cleared before
3853         starting to apply the new selection. Otherwise, when selecting objects in a named flow thread and going up
3854         its containing block chain, we can end up in the view's selection root, which has not yet been updated and so
3855         we get inconsistent data.
3856
3857         To achieve this goal, the selection update was split into a "clear" and an "apply" method. The updateSelectionForSubtrees
3858         method first iterates through all subtrees and performs the "clear" method and then starts all over again
3859         and performs the "apply" method.
3860
3861         Also, the selectionStart/End members in RenderView have been renamed to fix problems caused by the fact that
3862         RenderView inherits SelectionSubtreeRoot, which also has the same selectionStart/End members.
3863
3864         Test: fast/regions/selection/crash-deselect.html
3865
3866         * WebCore.xcodeproj/project.pbxproj:
3867         * rendering/RenderBlock.cpp:
3868         (WebCore::RenderBlock::isSelectionRoot):
3869         * rendering/RenderSelectionInfo.h:
3870         * rendering/RenderView.cpp:
3871         (WebCore::RenderView::RenderView):
3872         (WebCore::RenderView::setSelection): Renamed m_selectionStart/End to m_unsplitSelectionStart/End
3873         (WebCore::RenderView::splitSelectionBetweenSubtrees):
3874         (WebCore::RenderView::updateSelectionForSubtrees): Added, clears and re-applies selection for all selection subtrees.
3875         (WebCore::RenderView::clearSubtreeSelection): Added, clears selection and returns previously selected information.
3876         (WebCore::RenderView::applySubtreeSelection): Added, updates the selection status of all objects inside the selection tree, compares old and new data and repaints accordingly.
3877         (WebCore::RenderView::getSelection): Renamed m_selectionStart/End to m_unsplitSelectionStart/End
3878         (WebCore::RenderView::setSubtreeSelection): Deleted.
3879         * rendering/RenderView.h:
3880         * rendering/SelectionSubtreeRoot.cpp:
3881         (WebCore::SelectionSubtreeRoot::SelectionSubtreeRoot):
3882         * rendering/SelectionSubtreeRoot.h:
3883         (WebCore::SelectionSubtreeRoot::OldSelectionData::OldSelectionData):
3884
3885 2014-07-17  Jer Noble  <jer.noble@apple.com>
3886
3887         [MSE] Re-enqueue after a removeCodedFrames() only if the removed frames overlap what may have possibly been enqueued but undisplayed.
3888         https://bugs.webkit.org/show_bug.cgi?id=135039
3889
3890         Reviewed by Eric Carlson.
3891
3892         When a client calls removeCodedFrames(), we must re-enqueue those ranges if the removed samples overlap with
3893         enqueued but possibly un-displayed samples. Otherwise, replacement samples may lead to decode errors as those
3894         new samples dependencies are not met. But if we re-enqueue too frequently, this may cause subtle but noticible
3895         display timing glitches, so only re-enqueue when removeCodedFrames have a possiblity of removing enqueued, but
3896         not yet displayed samples.
3897
3898         * Modules/mediasource/SourceBuffer.cpp:
3899         (WebCore::SourceBuffer::removeCodedFrames):
3900
3901 2014-07-17  David Kilzer  <ddkilzer@apple.com>
3902
3903         SECTORDER_FLAGS should be defined in target's xcconfig file, not Base.xcconfig
3904         <http://webkit.org/b/135006>
3905
3906         Reviewed by Darin Adler.
3907
3908         * Configurations/Base.xcconfig: Move SECTORDER_FLAGS to
3909         WebCore.xcconfig.
3910         * Configurations/DebugRelease.xcconfig: Remove empty
3911         SECTORDER_FLAGS definition.
3912         * Configurations/WebCoreTestShim.xcconfig: Ditto.
3913         * Configurations/WebCoreTestSupport.xcconfig: Ditto.
3914         * Configurations/WebCore.xcconfig: Use $(CONFIGURATION) so
3915         SECTORDER_FLAGS is only set on Production builds.
3916
3917 2014-07-17  Zalan Bujtas  <zalan@apple.com>
3918
3919         Subpixel rendering: Embedded non-compositing rotate transform paints to wrong position.
3920         https://bugs.webkit.org/show_bug.cgi?id=135028
3921
3922         Reviewed by Simon Fraser.
3923
3924         CTM always translates to where the layer's renderer() is going to paint.
3925         It ensures that the pixel snapped renderer() always end up painting to (0, 0) which is
3926         required to be able to position properly on transformed context.
3927
3928         Test: fast/layers/hidpi-transform-on-child-content-is-mispositioned.html
3929
3930         * rendering/RenderLayer.cpp:
3931         (WebCore::RenderLayer::beginTransparencyLayers):
3932         (WebCore::RenderLayer::clipToRect):
3933         (WebCore::RenderLayer::paintLayerByApplyingTransform):
3934         (WebCore::RenderLayer::paintBackgroundForFragments):
3935         (WebCore::RenderLayer::paintForegroundForFragmentsWithPhase):
3936         (WebCore::RenderLayer::paintOutlineForFragments):
3937         (WebCore::RenderLayer::paintMaskForFragments):
3938         (WebCore::RenderLayer::paintOverflowControlsForFragments):
3939         (WebCore::RenderLayer::calculateClipRects):
3940         * rendering/RenderLayer.h:
3941
3942 2014-07-17  Beth Dakin  <bdakin@apple.com>
3943
3944         Fixed position elements are misplaced when a WK1 view has contentInsets set
3945         https://bugs.webkit.org/show_bug.cgi?id=135031
3946         -and corresponding-
3947         <rdar://problem/17682335>
3948
3949         Reviewed by Tim Horton.
3950
3951         [NSScrollView documentVisibleRect] is not the rect that we are looking for when 
3952         this function is called. WebCore is interested in the rect that does not include 
3953         content that is within the inset region.
3954
3955         Implement contract() to avoid the awkwardness of calling expand() with negative 
3956         values.
3957         * platform/graphics/IntSize.h:
3958         (WebCore::IntSize::contract):
3959
3960         Use _insetBounds instead of documentVisibleRect, and when it’s necessary to use 
3961         the frame’s dimensions, extract the inset from that size.
3962         * platform/mac/ScrollViewMac.mm:
3963         (WebCore::ScrollView::platformVisibleContentRect):
3964         (WebCore::ScrollView::platformVisibleContentSize):
3965
3966 2014-07-17  Enrica Casucci  <enrica@apple.com>
3967
3968         [REGRESSION WK2]The menu bar does not show up when tapping on the caret.
3969         https://bugs.webkit.org/show_bug.cgi?id=135023
3970         <rdar://problem/17617282>
3971
3972         Reviewed by Benjamin Poulain.
3973
3974         Adding some exports.
3975         
3976         * WebCore.exp.in:
3977
3978 2014-07-17  Timothy Hatcher  <timothy@apple.com>
3979
3980         Make console.profile record to the Timeline.
3981
3982         https://bugs.webkit.org/show_bug.cgi?id=134643
3983
3984         Reviewed by Joseph Pecoraro.
3985
3986         Passes existing profiler tests in fast/profiler.
3987
3988         * bindings/js/ScriptState.cpp:
3989         (WebCore::domWindowFromExecState):
3990         (WebCore::frameFromExecState):
3991         (WebCore::scriptExecutionContextFromExecState):
3992         (WebCore::mainWorldExecState):
3993         (WebCore::execStateFromNode):
3994         * bindings/js/ScriptState.h:
3995         * inspector/InspectorController.cpp:
3996         (WebCore::InspectorController::InspectorController):
3997         (WebCore::InspectorController::profilerEnabled):