Crash when measuring a glyphs from a fallback SVG font
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2014-07-24  Myles C. Maxfield  <mmaxfield@apple.com>
2
3         Crash when measuring a glyphs from a fallback SVG font
4         https://bugs.webkit.org/show_bug.cgi?id=135264
5
6         Reviewed by Simon Fraser.
7
8         We can't realize font data for all fallback fonts ahead
9         of time, but we don't have all the necessary context to
10         realize SVG fallback data when it's needed. For now, we
11         can just bail; however, a larger, more invasive fix is
12         in order.
13
14         Test: svg/text/svg-fallback-font-crash.html
15
16         * platform/graphics/WidthIterator.cpp:
17         (WebCore::applyFontTransforms):
18
19 2014-07-24  Daniel Bates  <dabates@apple.com>
20             And Alexey Proskuryakov  <ap@apple.com>
21
22         [iOS] REGRESSION (WebKit2): Can't login to Wordpress.com, facebook.com when always allowing cookies
23         https://bugs.webkit.org/show_bug.cgi?id=135273
24         <rdar://problem/17598815>
25
26         Reviewed by Alexey Proskuryakov.
27
28         Fixes an issue where cookies may be created in the wrong cookie store.
29
30         Currently, when we update the CFURLRequest object associated with a ResourceRequest object
31         we explicitly set a cookie storage, cookie accept policy, and SSL properties based on the
32         corresponding values in the old CFURLRequest object (if we have one). This ultimately leads
33         to CFNetwork associating the cookies for the request with a different cookie store when we
34         handle the request in the NetworkProcess. Instead, we shouldn't set these properties
35         explicitly as we already copy them implicitly earlier (via CFURLRequestCreateMutableCopy()).
36
37         * platform/network/cf/ResourceRequestCFNet.cpp:
38         (WebCore::ResourceRequest::doUpdatePlatformRequest):
39
40 2014-07-24  Peyton Randolph  <prandolph@apple.com>
41
42         Rename feature flag for long-press gesture on Mac.                                                                   
43         https://bugs.webkit.org/show_bug.cgi?id=135259                                                                  
44
45         Reviewed by Beth Dakin.
46
47         * Configurations/FeatureDefines.xcconfig:
48         Rename LINK_LONG_PRESS to MAC_LONG_PRESS.
49
50 2014-07-24  Dan Bernstein  <mitz@apple.com>
51
52         Fixed Windows build fix.
53
54         * platform/network/cf/AuthenticationCF.cpp:
55
56 2014-07-24  Dan Bernstein  <mitz@apple.com>
57
58         Attempted Windows build fix.
59
60         * platform/network/cf/AuthenticationCF.cpp:
61         (WebCore::AuthenticationChallenge::AuthenticationChallenge):
62         * platform/network/cf/CredentialStorageCFNet.cpp:
63         (WebCore::CredentialStorage::getFromPersistentStorage):
64         * platform/network/cf/ProtectionSpaceCFNet.cpp:
65         (WebCore::ProtectionSpace::receivesCredentialSecurely):
66         (WebCore::ProtectionSpaceBase::receivesCredentialSecurely): Deleted.
67
68 2014-07-24  Dan Bernstein  <mitz@apple.com>
69
70         <rdar://problem/17766348> [Cocoa] WebCore::ProtectionSpace doesn’t preserve all NSURLProtectionSpace properties, such as the distinguishedNames array
71         https://bugs.webkit.org/show_bug.cgi?id=135229
72
73         Reviewed by Alexey Proskuryakov.
74
75         * CMakeLists.txt: Updated for rename of a source file.
76
77         * WebCore.exp.in: Updated.
78
79         * WebCore.vcxproj/WebCore.vcxproj: Updated for rename of source files, added
80         ProtectionSpaceCFNet.{cpp,h}.
81         * WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.
82
83         * WebCore.xcodeproj/project.pbxproj: Updated for rename of source files, added
84         ProtectionSpaceCococa.{h.mm}.
85
86         * platform/network/ProtectionSpace.cpp: Renamed to ProtectionSpaceBase.cpp.
87         * platform/network/ProtectionSpace.h: This file was renamed to ProtectionSpaceBase.h, and
88         in its place added a generic ProtectionSpace class that just derives from
89         ProtectionSpaceBase. For Cocoa and CFNetwork, ProtectionSpace{Cocoa,CFNet}.h is included
90         instead of the generic class.
91
92         * platform/network/ProtectionSpaceBase.cpp: Renamed ProtectionSpace.cpp to this.
93         (WebCore::ProtectionSpaceBase::ProtectionSpaceBase): Updated for rename.
94         (WebCore::ProtectionSpaceBase::host): Ditto.
95         (WebCore::ProtectionSpaceBase::port): Ditto.
96         (WebCore::ProtectionSpaceBase::serverType): Ditto.
97         (WebCore::ProtectionSpaceBase::isProxy): Ditto.
98         (WebCore::ProtectionSpaceBase::realm): Ditto.
99         (WebCore::ProtectionSpaceBase::authenticationScheme): Ditto.
100         (WebCore::ProtectionSpaceBase::receivesCredentialSecurely): Removed CFNetwork-specific part,
101         which is now implemented in ProtectionSpaceCFNet.cpp.
102         (WebCore::ProtectionSpaceBase::compare): Replaced operator== with this, and made it call
103         ProtectionSpace::platformCompare at the end if needed.
104
105         * platform/network/ProtectionSpaceBase.h: Renamed ProtectionSpace.h to this.
106         (WebCore::ProtectionSpaceBase::encodingRequiresPlatformData): Added with a default
107         implementation that returns false, for ProtectionSpace implementations to override.
108         (WebCore::ProtectionSpaceBase::platformCompare): Added with a default implementation that
109         returns true, for ProtectionSpace implementations to override.
110         (WebCore::operator==): Changed to call compare.
111
112         * platform/network/cf/AuthenticationCF.cpp:
113         (WebCore::AuthenticationChallenge::AuthenticationChallenge): Changed to use the
114         ProtectionSpace constructor that takes a CFURLProtectionSpaceRef.
115         (WebCore::createCF): Changed to use ProtectionSpace::cfSpace.
116
117         * platform/network/cf/AuthenticationCF.h: Guarded a couple of functiosn that aren’t used in
118         Cocoa with #if PLATFORM(WIN).
119
120         * platform/network/cf/CredentialStorageCFNet.cpp:
121         (WebCore::CredentialStorage::getFromPersistentStorage): Changed to use
122         ProtectionSpace::cfSpace.
123         (WebCore::CredentialStorage::saveToPersistentStorage): Ditto.
124
125         * platform/network/cf/ProtectionSpaceCFNet.cpp: Added.
126         (WebCore::ProtectionSpaceBase::receivesCredentialSecurely): Override with the
127         CFNetwork-specific test that was previously in ProtectionSpace.cpp.
128
129         * platform/network/cf/ProtectionSpaceCFNet.h: Copied from Source/WebCore/platform/network/ProtectionSpace.h.
130         Declare ProtectionSpace and override receivesCredentialSecurely.
131
132         * platform/network/mac/AuthenticationMac.h: Deleted the ProtectionSpace core() and mac().
133         * platform/network/mac/AuthenticationMac.mm:
134         (WebCore::AuthenticationChallenge::AuthenticationChallenge): Changed to use the
135         ProtectionSpace constructor that takes an NSURLProtectionSpace.
136         (WebCore::mac): Changed to use ProtectionSpace::nsSpace.
137
138         * platform/network/mac/CredentialStorageMac.mm:
139         (WebCore::CredentialStorage::getFromPersistentStorage): Ditto.
140
141         * platform/network/mac/ResourceHandleMac.mm:
142         (WebCore::ResourceHandle::receivedCredential): Changed to use the ProtectionSpace
143         constructor that takes an NSURLProtectionSpace.
144
145         * platform/network/mac/WebCoreResourceHandleAsDelegate.mm:
146         (-[WebCoreResourceHandleAsDelegate connection:canAuthenticateAgainstProtectionSpace:]):
147         Ditto.
148
149         * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:
150         (-[WebCoreResourceHandleAsOperationQueueDelegate connection:canAuthenticateAgainstProtectionSpace:]):
151         Ditto.
152
153 2014-07-24  Benjamin Poulain  <benjamin@webkit.org>
154
155         [WK2] Fixed/Sticky layers can get mispositioned when the layer tree commit change their position or size
156         https://bugs.webkit.org/show_bug.cgi?id=135227
157         <rdar://problem/17279500>
158
159         Reviewed by Simon Fraser.
160
161         Keep track of the creation/destruction of Fixed and Sticky nodes in the ScrollingTree.
162
163         * page/scrolling/ScrollingTree.cpp:
164         (WebCore::ScrollingTree::ScrollingTree):
165         * page/scrolling/ScrollingTree.h:
166         (WebCore::ScrollingTree::hasFixedOrSticky):
167         (WebCore::ScrollingTree::fixedOrStickyNodeAdded):
168         (WebCore::ScrollingTree::fixedOrStickyNodeRemoved):
169         * page/scrolling/mac/ScrollingTreeFixedNode.mm:
170         (WebCore::ScrollingTreeFixedNode::ScrollingTreeFixedNode):
171         (WebCore::ScrollingTreeFixedNode::~ScrollingTreeFixedNode):
172         * page/scrolling/mac/ScrollingTreeStickyNode.mm:
173         (WebCore::ScrollingTreeStickyNode::ScrollingTreeStickyNode):
174         (WebCore::ScrollingTreeStickyNode::~ScrollingTreeStickyNode):
175
176 2014-07-24  Wenson Hsieh  <wenson_hsieh@apple.com>
177
178         Let WheelEvent wrap a PlatformWheelEvent
179         https://bugs.webkit.org/show_bug.cgi?id=135244
180
181         When WheelEvent is initialized with a PlatformWheelEvent, store that PlatformWheelEvent for future use.
182
183         Reviewed by Beth Dakin.
184
185         No new tests because behavior should not have changed.
186
187         * dom/WheelEvent.cpp: Added method to access the PlatformWheelEvent.
188         (WebCore::WheelEvent::WheelEvent):
189         * dom/WheelEvent.h: Added field to store PlatformWheelEvent, if initialized via PlatformWheelEvent.
190         (WebCore::WheelEvent::wheelEvent):
191
192 2014-07-24  Brian J. Burg  <burg@cs.washington.edu>
193
194         Web Replay: don't encode/decode primitive types that lack explicit sizes
195         https://bugs.webkit.org/show_bug.cgi?id=133430
196
197         Reviewed by Anders Carlsson.
198
199         Remove uses of unsigned long in encode/decode methods because the type lacks an
200         explicit size. Move frame index serialization away from using unsigned long.
201
202         * replay/ReplayController.cpp:
203         (WebCore::logDispatchedDOMEvent): Fix the format string.
204         * replay/SerializationMethods.cpp:
205         (WebCore::frameIndexFromDocument):
206         (WebCore::frameIndexFromFrame):
207         (WebCore::documentFromFrameIndex):
208         (WebCore::frameFromFrameIndex):
209         (JSC::EncodingTraits<PluginData>::encodeValue):
210         (JSC::EncodingTraits<PluginData>::decodeValue):
211         * replay/SerializationMethods.h:
212         * replay/WebInputs.json: Remove primitive types without explicit sizes.
213
214 2014-07-24  Pratik Solanki  <psolanki@apple.com>
215
216         Sharing SharedBuffer between WebCore and ImageIO is racy and crash prone
217         https://bugs.webkit.org/show_bug.cgi?id=135069
218         <rdar://problem/17470655>
219
220         Reviewed by Simon Fraser.
221
222         When passing image data to ImageIO for decoding, we pass an NSData subclass that is a wraper
223         around SharedBuffer. This can be a problem when ImageIO tries to access the data on the CA
224         thread. End result is data corruption on large image loads and potential crashes. The fix is
225         to have SharedBuffer create a copy of its data if the data has been passed to ImageIO and
226         might be accessed concurrently.
227
228         Since Vector is not refcounted, we do this by having a new refcounted object in SharedBuffer
229         that contains the buffer and we pass that in our NSData subclass WebCoreSharedBufferData.
230         Code that would result in the Vector memory moving e.g. append(), resize(), now checks to
231         see if the buffer was shared and if so, will create a new copy of the vector. This ensures
232         that the main thread does not end up invalidating the vector memory that we have passed it
233         to ImageIO.
234
235         No new tests because no functional changes.
236
237         * loader/cache/CachedResource.cpp:
238         (WebCore::CachedResource::makePurgeable):
239             Remove early return - createPurgeableMemory() has the correct check now.
240         * platform/SharedBuffer.cpp:
241         (WebCore::SharedBuffer::SharedBuffer):
242         (WebCore::SharedBuffer::adoptVector):
243         (WebCore::SharedBuffer::createPurgeableBuffer):
244             Don't create purgeable buffer if we are sharing the buffer.
245         (WebCore::SharedBuffer::append):
246         (WebCore::SharedBuffer::clear):
247         (WebCore::SharedBuffer::copy):
248         (WebCore::SharedBuffer::duplicateDataBufferIfNecessary): Added.
249             Create a new copy of the data if we have shared the buffer and if appending to it would
250             exceed the capacity of the vector resulting in memmove.
251         (WebCore::SharedBuffer::appendToInternalBuffer): Added.
252         (WebCore::SharedBuffer::clearInternalBuffer): Added.
253         (WebCore::SharedBuffer::buffer):
254             Create a new copy of the buffer if we have shared it.
255         (WebCore::SharedBuffer::getSomeData):
256         * platform/SharedBuffer.h:
257         * platform/cf/SharedBufferCF.cpp:
258         (WebCore::SharedBuffer::SharedBuffer):
259         (WebCore::SharedBuffer::singleDataArrayBuffer):
260         (WebCore::SharedBuffer::maybeAppendDataArray):
261         * platform/mac/SharedBufferMac.mm:
262             Pass the InternalBuffer object to WebCoreSharedBufferData
263         (-[WebCoreSharedBufferData dealloc]):
264         (-[WebCoreSharedBufferData initWithSharedBufferInternalBuffer:]):
265         (-[WebCoreSharedBufferData length]):
266         (-[WebCoreSharedBufferData bytes]):
267         (WebCore::SharedBuffer::createNSData):
268             Call createCFData() instead of duplicating code.
269         (WebCore::SharedBuffer::createCFData):
270             If the data is in purgeable memory, make a copy of it since m_buffer was cleared when
271             creating the purgeable buffer.
272         (-[WebCoreSharedBufferData initWithSharedBuffer:]): Deleted.
273
274 2014-07-24  peavo@outlook.com  <peavo@outlook.com>
275
276         [Curl] Enable file logging.
277         https://bugs.webkit.org/show_bug.cgi?id=135202
278
279         Reviewed by Alex Christensen.
280
281         The Curl api offers the possibility to write log messages to file. Enable this for debugging purposes.
282
283         * platform/network/curl/ResourceHandleManager.cpp:
284         (WebCore::ResourceHandleManager::ResourceHandleManager):
285         (WebCore::ResourceHandleManager::~ResourceHandleManager):
286         (WebCore::ResourceHandleManager::initializeHandle):
287         * platform/network/curl/ResourceHandleManager.h:
288
289 2014-07-24  Tibor Meszaros  <tmeszaros.u-szeged@partner.samsung.com>
290
291         Sort WebCore.exp.in after r171252
292         https://bugs.webkit.org/show_bug.cgi?id=135239
293
294         Reviewed by Csaba Osztrogonác.
295
296         * WebCore.exp.in:
297
298 2014-07-24  Mihnea Ovidenie  <mihnea@adobe.com>
299
300         [New Multicolumn] Assertion failure when an input element has multicolumn style
301         https://bugs.webkit.org/show_bug.cgi?id=135234
302
303         Reviewed by Andrei Bucur.
304
305         Restrict the assertion in RenderBlock::canComputeRegionRangeForBox
306         only to RenderNamedFlowThread objects since for RenderMultiColumnFlowThread
307         objects we can compute a range of regions during their parent block layout.   
308
309         Test: fast/multicol/newmulticol/input-as-multicol.html
310
311         * rendering/RenderBlock.cpp:
312         (WebCore::canComputeRegionRangeForBox):
313
314 2014-07-23  Jeremy Jones  <jeremyj@apple.com>
315
316         Transparent fullscreen background when video is not present.
317         https://bugs.webkit.org/show_bug.cgi?id=135226
318
319         Reviewed by Simon Fraser.
320
321         Set background to black just before beginning the animation to fullscreen.
322
323         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
324         (WebVideoFullscreenInterfaceAVKit::enterFullscreen): set background color black.
325
326 2014-07-23  Joseph Pecoraro  <pecoraro@apple.com>
327
328         ScriptController::updateDocument ASSERT mutating map while iterating map
329         https://bugs.webkit.org/show_bug.cgi?id=135211
330
331         Reviewed by Oliver Hunt.
332
333         Avoid iterating over m_windowShells in more places. This prevents
334         the possibility of a collection during JSC allocation which might
335         cause a mutation to m_windowShells (HTMLMediaElement destruction).
336
337         Have ScriptController defriend ScriptCachedFrameData by providing
338         a getter for the list of window shells.
339
340         * bindings/js/ScriptCachedFrameData.cpp:
341         (WebCore::ScriptCachedFrameData::ScriptCachedFrameData):
342         (WebCore::ScriptCachedFrameData::restore):
343         * bindings/js/ScriptController.cpp:
344         (WebCore::ScriptController::windowShells):
345         (WebCore::ScriptController::clearWindowShell):
346         (WebCore::ScriptController::attachDebugger):
347         (WebCore::ScriptController::updateDocument):
348         * bindings/js/ScriptController.h:
349
350 2014-07-23  Commit Queue  <commit-queue@webkit.org>
351
352         Unreviewed, rolling out r171498.
353         https://bugs.webkit.org/show_bug.cgi?id=135223
354
355         It will regress some scroll position restoration on navigation
356         (r167916). (Requested by smfr on #webkit).
357
358         Reverted changeset:
359
360         "[iOS WK2] Header bar on nytimes articles lands in the wrong
361         place after rubberbanding"
362         https://bugs.webkit.org/show_bug.cgi?id=135221
363         http://trac.webkit.org/changeset/171498
364
365 2014-07-23  Tim Horton  <timothy_horton@apple.com>
366
367         REGRESSION (r171376): Sometimes we detect less than the whole phone number
368         https://bugs.webkit.org/show_bug.cgi?id=135220
369         <rdar://problem/17783423>
370
371         Reviewed by Brady Eidson.
372
373         * editing/Editor.cpp:
374         (WebCore::Editor::scanSelectionForTelephoneNumbers):
375         Use the visible selection's start and end instead of base and extent, because they'll
376         always be in the right order in the case of a directional selection (base can be *after* extent
377         if you select from right to left). This fixes the code that expands the selection.
378
379         Pass the *entire* expanded selection to DataDetectors, instead of using TextIterator.
380         This way, we will find each number only once, and will never get part of a phone number once
381         and then the whole phone number later.
382
383 2014-07-23  Simon Fraser  <simon.fraser@apple.com>
384
385         [iOS WK2] Header bar on nytimes articles lands in the wrong place after rubberbanding
386         https://bugs.webkit.org/show_bug.cgi?id=135221
387
388         Reviewed by Tim Horton.
389
390         Add a function on GraphicsLayer to force a flush of the layer position
391         to the underlying graphics system, so that when layers cease being
392         scroll-coordinated, we can ensure that their layers are repositioned
393         in the correct location.
394
395         * WebCore.exp.in:
396         * platform/graphics/GraphicsLayer.h:
397         (WebCore::GraphicsLayer::forcePositionUpdate):
398         * platform/graphics/ca/GraphicsLayerCA.cpp:
399         (WebCore::GraphicsLayerCA::forcePositionUpdate):
400         * platform/graphics/ca/GraphicsLayerCA.h:
401         * rendering/RenderLayerCompositor.cpp:
402         (WebCore::RenderLayerCompositor::detachScrollCoordinatedLayer):
403
404 2014-07-23  Pratik Solanki  <psolanki@apple.com>
405
406         Get rid of SharedBuffer::NSDataRetainPtrWithoutImplicitConversionOperator
407         https://bugs.webkit.org/show_bug.cgi?id=135219
408
409         Reviewed by Anders Carlsson.
410
411         No new tests because no functional changes.
412
413         * loader/ResourceBuffer.h:
414         * loader/mac/ResourceBuffer.mm:
415         (WebCore::ResourceBuffer::createNSData):
416         * platform/SharedBuffer.h:
417         (WebCore::SharedBuffer::NSDataRetainPtrWithoutImplicitConversionOperator::NSDataRetainPtrWithoutImplicitConversionOperator): Deleted.
418         * platform/mac/SharedBufferMac.mm:
419         (WebCore::SharedBuffer::createNSData):
420
421 2014-07-23  Zalan Bujtas  <zalan@apple.com>
422
423         Subpixel rendering: Cleanup RenderLayerCompositor::deviceScaleFactor()
424         https://bugs.webkit.org/show_bug.cgi?id=135208
425
426         Reviewed by Simon Fraser.
427
428         Use m_renderView.document() to retrieve device scale factor value. m_renderView.document()
429         is always available while this->page() is not.
430
431         No change in behavior.
432
433         * rendering/RenderLayerBacking.cpp:
434         (WebCore::RenderLayerBacking::updateTransform):
435         (WebCore::RenderLayerBacking::computeTransformOriginForPainting):
436         * rendering/RenderLayerCompositor.cpp:
437         (WebCore::RenderLayerCompositor::deviceScaleFactor):
438
439 2014-07-23  peavo@outlook.com  <peavo@outlook.com>
440
441         [WinCairo] Gstreamer rendering is not working.
442         https://bugs.webkit.org/show_bug.cgi?id=135201
443
444         Reviewed by Alex Christensen.
445
446         WinCairo does not support accelerated rendering yet.
447
448         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
449         (WebCore::MediaPlayerPrivateGStreamerBase::supportsAcceleratedRendering):
450
451 2014-07-23  Commit Queue  <commit-queue@webkit.org>
452
453         Unreviewed, rolling out r171455.
454         https://bugs.webkit.org/show_bug.cgi?id=135209
455
456         completely broke selection highlight invalidation (Requested
457         by thorton on #webkit).
458
459         Reverted changeset:
460
461         "REGRESSION (r169105): Crash in selection"
462         https://bugs.webkit.org/show_bug.cgi?id=134303
463         http://trac.webkit.org/changeset/171455
464
465 2014-07-23  Alex Christensen  <achristensen@webkit.org>
466
467         Compile window-inactive and fullscreen pseudoclasses in css selectors.
468         https://bugs.webkit.org/show_bug.cgi?id=135200
469
470         Reviewed by Benjamin Poulain.
471
472         * css/SelectorChecker.cpp:
473         (WebCore::SelectorChecker::checkOne):
474         Removed the check of context.hasSelectionPseudo for a window-inactive pseudoclass.
475         Moved logic to SelectorCheckerTestFunctions.h to share with the selector compiler.
476         * css/SelectorCheckerTestFunctions.h:
477         (WebCore::isWindowInactive):
478         (WebCore::matchesFullScreenAnimatingFullScreenTransitionPseudoClass):
479         (WebCore::matchesFullScreenAncestorPseudoClass):
480         (WebCore::matchesFullScreenDocumentPseudoClass):
481         Added from SelectorChecker.cpp.
482         * cssjit/SelectorCompiler.cpp:
483         (WebCore::SelectorCompiler::addPseudoClassType):
484         Added unoptimized pseudoclass cases for window-inactive and fullscreen pseudoclasses.
485         Explicitly listed uncompiled pseudoclasses for future work instead of using a default.
486
487 2014-07-23  Brent Fulgham  <bfulgham@apple.com>
488
489         [Win] Use NO_RETURN_DUE_TO_CRASH on Windows.
490         https://bugs.webkit.org/show_bug.cgi?id=13519
491
492         Reviewed by Mark Lam.
493
494         * svg/SVGZoomAndPan.h: Add NO_RETURN_DUE_TO_CRASH to
495         header so function declarations match implementation.
496
497 2014-07-23  Joseph Pecoraro  <pecoraro@apple.com>
498
499         JSDOMWindowShell leaks on pages with media elements
500         https://bugs.webkit.org/show_bug.cgi?id=135178
501
502         Reviewed by Oliver Hunt.
503
504         The DOMWindowWorld for HTMLMediaElements with MEDIA_CONTROLS_SCRIPT
505         was not getting cleared and removed.
506
507         * bindings/js/ScriptController.cpp:
508         (WebCore::ScriptController::clearWindowShell):
509         Iterate over a copy of the values. A sweep / garbage collection caused by
510         any JSC allocation during iteration could trigger a mutation of the m_windowShells
511         table that was being iterating. So instead iterate a list that won't mutate.
512
513         * html/HTMLMediaElement.cpp:
514         (WebCore::HTMLMediaElement::~HTMLMediaElement):
515         If we had an isolated world, release as much memory as possible.
516
517 2014-07-23  Bem Jones-Bey  <bjonesbe@adobe.com>
518
519         Ensure we compute the min and max height of replaced elements to 'none' or 0 when appropriate.
520         https://bugs.webkit.org/show_bug.cgi?id=135181
521
522         Reviewed by David Hyatt.
523
524         If a replaced element has a percentage min or max height specified then that height value should
525         compute to 'none' for max-height and 0 for min-height when its containing block
526         does not have a height 'specified explicitly'.
527
528         This is based on a Blink patch by Robert Hogan.
529
530         Tests: css2.1/20110323/max-height-percentage-003.html
531                fast/replaced/max-height-percentage-quirks.html
532                fast/replaced/min-height-percentage-quirks.html
533                fast/replaced/min-height-percentage.html
534
535         * rendering/RenderBox.cpp:
536         (WebCore::RenderBox::logicalHeightComputesAsNone):
537         (WebCore::RenderBox::computeReplacedLogicalHeightRespectingMinMaxHeight):
538         * rendering/RenderBox.h:
539
540 2014-07-23  Bem Jones-Bey  <bjonesbe@adobe.com>
541
542         Remove CSS_EXCLUSIONS compile flag and leftover code
543         https://bugs.webkit.org/show_bug.cgi?id=135175
544
545         Reviewed by Zoltan Horvath.
546
547         At this point, the CSS_EXCLUSIONS flag guards nothing but some useless
548         stubs. This removes the flag and the useless code.
549
550         No new tests, just removing code.
551
552         * Configurations/FeatureDefines.xcconfig:
553         * bindings/generic/RuntimeEnabledFeatures.cpp:
554         (WebCore::RuntimeEnabledFeatures::RuntimeEnabledFeatures):
555         * bindings/generic/RuntimeEnabledFeatures.h:
556         (WebCore::RuntimeEnabledFeatures::setCSSExclusionsEnabled): Deleted.
557         (WebCore::RuntimeEnabledFeatures::cssExclusionsEnabled): Deleted.
558         * testing/InternalSettings.cpp:
559         (WebCore::InternalSettings::Backup::Backup):
560         (WebCore::InternalSettings::Backup::restoreTo):
561         (WebCore::InternalSettings::setCSSExclusionsEnabled): Deleted.
562         * testing/InternalSettings.h:
563         * testing/InternalSettings.idl:
564
565 2014-07-23  Jer Noble  <jer.noble@apple.com>
566
567         [MSE][Mac] Support abort() in SourceBufferPrivateAVFObjC.
568         https://bugs.webkit.org/show_bug.cgi?id=135163
569
570         Reviewed by Brent Fulgham.
571
572         Recreate the parser when asked to abort().
573
574         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
575         (WebCore::SourceBufferPrivateAVFObjC::abort):
576
577 2014-07-23  Myles C. Maxfield  <mmaxfield@apple.com>
578
579         Migrate accessibility/ to using nullptr instead of 0
580         https://bugs.webkit.org/show_bug.cgi?id=135185
581
582         Reviewed by Simon Fraser.
583
584         No new tests because there is no behavior change.
585
586         * accessibility/AXObjectCache.cpp:
587         (WebCore::AXObjectCache::focusedImageMapUIElement):
588         (WebCore::AXObjectCache::focusedUIElementForPage):
589         (WebCore::AXObjectCache::get):
590         (WebCore::AXObjectCache::getOrCreate):
591         (WebCore::AXObjectCache::rootObject):
592         (WebCore::AXObjectCache::rootObjectForFrame):
593         * accessibility/AXObjectCache.h:
594         (WebCore::AXObjectCache::focusedUIElementForPage):
595         (WebCore::AXObjectCache::get):
596         (WebCore::AXObjectCache::getOrCreate):
597         (WebCore::AXObjectCache::rootObject):
598         (WebCore::AXObjectCache::rootObjectForFrame):
599         (WebCore::AXObjectCache::rootAXEditableElement):
600         * accessibility/AccessibilityARIAGridRow.cpp:
601         (WebCore::AccessibilityARIAGridRow::disclosedByRow):
602         * accessibility/AccessibilityImageMapLink.cpp:
603         (WebCore::AccessibilityImageMapLink::AccessibilityImageMapLink):
604         (WebCore::AccessibilityImageMapLink::parentObject):
605         * accessibility/AccessibilityListBox.cpp:
606         (WebCore::AccessibilityListBox::listBoxOptionAccessibilityObject):
607         (WebCore::AccessibilityListBox::elementAccessibilityHitTest):
608         * accessibility/AccessibilityListBoxOption.cpp:
609         (WebCore::AccessibilityListBoxOption::AccessibilityListBoxOption):
610         (WebCore::AccessibilityListBoxOption::parentObject):
611         (WebCore::AccessibilityListBoxOption::listBoxOptionParentNode):
612         * accessibility/AccessibilityMenuListPopup.cpp:
613         (WebCore::AccessibilityMenuListPopup::menuListOptionAccessibilityObject):
614         * accessibility/AccessibilityMockObject.cpp:
615         (WebCore::AccessibilityMockObject::AccessibilityMockObject):
616         * accessibility/AccessibilityMockObject.h:
617         * accessibility/AccessibilityNodeObject.cpp:
618         (WebCore::AccessibilityNodeObject::detach):
619         (WebCore::AccessibilityNodeObject::firstChild):
620         (WebCore::AccessibilityNodeObject::lastChild):
621         (WebCore::AccessibilityNodeObject::previousSibling):
622         (WebCore::AccessibilityNodeObject::nextSibling):
623         (WebCore::AccessibilityNodeObject::parentObject):
624         (WebCore::AccessibilityNodeObject::document):
625         (WebCore::AccessibilityNodeObject::anchorElement):
626         (WebCore::nativeActionElement):
627         (WebCore::AccessibilityNodeObject::actionElement):
628         (WebCore::AccessibilityNodeObject::mouseButtonListener):
629         (WebCore::AccessibilityNodeObject::labelForElement):
630         (WebCore::AccessibilityNodeObject::menuItemElementForMenu):
631         (WebCore::AccessibilityNodeObject::menuButtonForMenu):
632         * accessibility/AccessibilityObject.cpp:
633         (WebCore::AccessibilityObject::AccessibilityObject):
634         (WebCore::AccessibilityObject::detach):
635         (WebCore::AccessibilityObject::firstAccessibleObjectFromNode):
636         (WebCore::AccessibilityObject::findMatchingObjects):
637         (WebCore::renderListItemContainerForNode):
638         (WebCore::AccessibilityObject::accessibilityObjectForPosition):
639         (WebCore::AccessibilityObject::document):
640         (WebCore::AccessibilityObject::page):
641         (WebCore::AccessibilityObject::documentFrameView):
642         (WebCore::AccessibilityObject::anchorElementForNode):
643         (WebCore::AccessibilityObject::headingElementForNode):
644         (WebCore::AccessibilityObject::firstAnonymousBlockChild):
645         (WebCore::AccessibilityObject::element):
646         (WebCore::AccessibilityObject::focusedUIElement):
647         (WebCore::AccessibilityObject::scrollToMakeVisibleWithSubFocus):
648         * accessibility/AccessibilityObject.h:
649         (WebCore::AccessibilityObject::node):
650         (WebCore::AccessibilityObject::renderer):
651         (WebCore::AccessibilityObject::selectedRadioButton):
652         (WebCore::AccessibilityObject::selectedTabItem):
653         (WebCore::AccessibilityObject::accessibilityHitTest):
654         (WebCore::AccessibilityObject::firstChild):
655         (WebCore::AccessibilityObject::lastChild):
656         (WebCore::AccessibilityObject::previousSibling):
657         (WebCore::AccessibilityObject::nextSibling):
658         (WebCore::AccessibilityObject::parentObjectIfExists):
659         (WebCore::AccessibilityObject::observableObject):
660         (WebCore::AccessibilityObject::titleUIElement):
661         (WebCore::AccessibilityObject::correspondingLabelForControlElement):
662         (WebCore::AccessibilityObject::correspondingControlForLabelElement):
663         (WebCore::AccessibilityObject::scrollBar):
664         (WebCore::AccessibilityObject::anchorElement):
665         (WebCore::AccessibilityObject::actionElement):
666         (WebCore::AccessibilityObject::widget):
667         (WebCore::AccessibilityObject::widgetForAttachmentView):
668         (WebCore::AccessibilityObject::activeDescendant):
669         (WebCore::AccessibilityObject::mathRadicandObject):
670         (WebCore::AccessibilityObject::mathRootIndexObject):
671         (WebCore::AccessibilityObject::mathUnderObject):
672         (WebCore::AccessibilityObject::mathOverObject):
673         (WebCore::AccessibilityObject::mathNumeratorObject):
674         (WebCore::AccessibilityObject::mathDenominatorObject):
675         (WebCore::AccessibilityObject::mathBaseObject):
676         (WebCore::AccessibilityObject::mathSubscriptObject):
677         (WebCore::AccessibilityObject::mathSuperscriptObject):
678         (WebCore::AccessibilityObject::getScrollableAreaIfScrollable):
679         * accessibility/AccessibilityProgressIndicator.cpp:
680         (WebCore::AccessibilityProgressIndicator::progressElement):
681         (WebCore::AccessibilityProgressIndicator::meterElement):
682         * accessibility/AccessibilityRenderObject.cpp:
683         (WebCore::AccessibilityRenderObject::detach):
684         (WebCore::AccessibilityRenderObject::renderBoxModelObject):
685         (WebCore::AccessibilityRenderObject::firstChild):
686         (WebCore::AccessibilityRenderObject::lastChild):
687         (WebCore::startOfContinuations):
688         (WebCore::childBeforeConsideringContinuations):
689         (WebCore::AccessibilityRenderObject::previousSibling):
690         (WebCore::AccessibilityRenderObject::nextSibling):
691         (WebCore::nextContinuation):
692         (WebCore::AccessibilityRenderObject::renderParentObject):
693         (WebCore::AccessibilityRenderObject::parentObject):
694         (WebCore::AccessibilityRenderObject::anchorElement):
695         (WebCore::AccessibilityRenderObject::textUnderElement):
696         (WebCore::AccessibilityRenderObject::node):
697         (WebCore::AccessibilityRenderObject::labelElementContainer):
698         (WebCore::AccessibilityRenderObject::internalLinkElement):
699         (WebCore::AccessibilityRenderObject::titleUIElement):
700         (WebCore::AccessibilityRenderObject::setFocused):
701         (WebCore::AccessibilityRenderObject::topRenderer):
702         (WebCore::AccessibilityRenderObject::document):
703         (WebCore::AccessibilityRenderObject::widget):
704         (WebCore::AccessibilityRenderObject::accessibilityParentForImageMap):
705         (WebCore::AccessibilityRenderObject::documentFrameView):
706         (WebCore::AccessibilityRenderObject::widgetForAttachmentView):
707         (WebCore::AccessibilityRenderObject::rootEditableElementForPosition):
708         (WebCore::AccessibilityRenderObject::visiblePositionForPoint):
709         (WebCore::AccessibilityRenderObject::accessibilityImageMapHitTest):
710         (WebCore::AccessibilityRenderObject::remoteSVGElementHitTest):
711         (WebCore::AccessibilityRenderObject::accessibilityHitTest):
712         (WebCore::AccessibilityRenderObject::correspondingControlForLabelElement):
713         (WebCore::AccessibilityRenderObject::correspondingLabelForControlElement):
714         (WebCore::AccessibilityRenderObject::observableObject):
715         (WebCore::AccessibilityRenderObject::inheritsPresentationalRole):
716         (WebCore::AccessibilityRenderObject::detachRemoteSVGRoot):
717         (WebCore::AccessibilityRenderObject::addHiddenChildren):
718         (WebCore::AccessibilityRenderObject::setAccessibleName):
719         (WebCore::AccessibilityRenderObject::getScrollableAreaIfScrollable):
720         (WebCore::AccessibilityRenderObject::mathRadicandObject):
721         (WebCore::AccessibilityRenderObject::mathRootIndexObject):
722         (WebCore::AccessibilityRenderObject::mathNumeratorObject):
723         (WebCore::AccessibilityRenderObject::mathDenominatorObject):
724         (WebCore::AccessibilityRenderObject::mathUnderObject):
725         (WebCore::AccessibilityRenderObject::mathOverObject):
726         (WebCore::AccessibilityRenderObject::mathBaseObject):
727         (WebCore::AccessibilityRenderObject::mathSubscriptObject):
728         (WebCore::AccessibilityRenderObject::mathSuperscriptObject):
729         * accessibility/AccessibilitySVGRoot.cpp:
730         (WebCore::AccessibilitySVGRoot::AccessibilitySVGRoot):
731         * accessibility/AccessibilityScrollView.cpp:
732         (WebCore::AccessibilityScrollView::detach):
733         (WebCore::AccessibilityScrollView::scrollBar):
734         (WebCore::AccessibilityScrollView::updateScrollbars):
735         (WebCore::AccessibilityScrollView::addChildScrollbar):
736         (WebCore::AccessibilityScrollView::clearChildren):
737         (WebCore::AccessibilityScrollView::webAreaObject):
738         (WebCore::AccessibilityScrollView::accessibilityHitTest):
739         (WebCore::AccessibilityScrollView::documentFrameView):
740         (WebCore::AccessibilityScrollView::parentObject):
741         (WebCore::AccessibilityScrollView::parentObjectIfExists):
742         * accessibility/AccessibilityScrollbar.cpp:
743         (WebCore::AccessibilityScrollbar::document):
744         * accessibility/AccessibilitySpinButton.cpp:
745         (WebCore::AccessibilitySpinButton::AccessibilitySpinButton):
746         * accessibility/AccessibilityTable.cpp:
747         (WebCore::AccessibilityTable::AccessibilityTable):
748         (WebCore::AccessibilityTable::clearChildren):
749         (WebCore::AccessibilityTable::cellForColumnAndRow):
750         * accessibility/AccessibilityTableCell.cpp:
751         (WebCore::AccessibilityTableCell::parentTable):
752         (WebCore::AccessibilityTableCell::titleUIElement):
753         * accessibility/AccessibilityTableColumn.cpp:
754         (WebCore::AccessibilityTableColumn::headerObject):
755         (WebCore::AccessibilityTableColumn::headerObjectForSection):
756         * accessibility/AccessibilityTableRow.cpp:
757         (WebCore::AccessibilityTableRow::parentTable):
758         (WebCore::AccessibilityTableRow::headerObject):
759         * accessibility/ios/AXObjectCacheIOS.mm:
760         (WebCore::AXObjectCache::detachWrapper):
761         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
762         (-[WebAccessibilityObjectWrapper detach]):
763         (-[WebAccessibilityObjectWrapper tableCellParent]):
764         (-[WebAccessibilityObjectWrapper tableParent]):
765         (-[WebAccessibilityObjectWrapper convertPointToScreenSpace:]):
766         (-[WebAccessibilityObjectWrapper convertRectToScreenSpace:]):
767         (rendererForView):
768         (-[WebAccessibilityObjectWrapper _convertToDOMRange:]):
769         * accessibility/mac/AXObjectCacheMac.mm:
770         (WebCore::AXObjectCache::detachWrapper):
771         * accessibility/mac/AccessibilityObjectMac.mm:
772         (WebCore::AccessibilityObject::detachFromParent):
773         (WebCore::AccessibilityObject::accessibilityIgnoreAttachment):
774         * accessibility/mac/WebAccessibilityObjectWrapperBase.mm:
775         (-[WebAccessibilityObjectWrapperBase detach]):
776         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
777         (CreateCGColorIfDifferent):
778         (-[WebAccessibilityObjectWrapper convertPointToScreenSpace:]):
779         (rendererForView):
780         (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:forParameter:]):
781         * accessibility/win/AccessibilityObjectWrapperWin.h:
782         (WebCore::AccessibilityObjectWrapper::AccessibilityObjectWrapper):
783
784 2014-07-23  Mihnea Ovidenie  <mihnea@adobe.com>
785
786         ASSERTION FAILED: generatingElement() in WebCore::RenderNamedFlowFragment::regionOversetState
787         https://bugs.webkit.org/show_bug.cgi?id=135153
788
789         Reviewed by David Hyatt.
790
791         Even though the CSSRegions spec defines the behaviour of a multicolumn region,
792         we currently do not support this functionality. This patch ensures that a multicolumn
793         element does not become a region. In the future, when we will implement the multicolumn
794         as region functionality, http://dev.w3.org/csswg/css-regions/#multi-column-regions, we
795         will remove this restriction.
796
797         Test: fast/regions/multicol-as-region-prevented.html
798
799         * rendering/RenderBlockFlow.cpp:
800         (WebCore::RenderBlockFlow::createRenderNamedFlowFragmentIfNeeded):
801
802 2014-07-23  Zan Dobersek  <zdobersek@igalia.com>
803
804         [CMake] Avoid building WebCore with ANGLE's OpenGL/EGL headers
805         https://bugs.webkit.org/show_bug.cgi?id=135167
806
807         Reviewed by Martin Robinson.
808
809         * CMakeLists.txt: Don't add ANGLE/include to the WebCore_INCLUDE_DIRECTORIES list
810         as this results in ANGLE's OpenGL and EGL headers being included, instead of the
811         headers that are provided by the system. Only the ANGLESupport library should be built
812         with that specific header inclusion path.
813
814 2014-07-10  Radu Stavila  <stavila@adobe.com>
815
816         REGRESSION (r169105): Crash in selection
817         https://bugs.webkit.org/show_bug.cgi?id=134303
818
819         Reviewed by David Hyatt.
820
821         When splitting the selection between different subtrees, all subtrees must have their selection cleared before
822         starting to apply the new selection. Otherwise, when selecting objects in a named flow thread and going up
823         its containing block chain, we can end up in the view's selection root, which has not yet been updated and so
824         we get inconsistent data.
825
826         To achieve this goal, the selection update was split into a "clear" and an "apply" method. The updateSelectionForSubtrees
827         method first iterates through all subtrees and performs the "clear" method and then starts all over again
828         and performs the "apply" method.
829
830         Also, the selectionStart/End members in RenderView have been renamed to fix problems caused by the fact that
831         RenderView inherits SelectionSubtreeRoot, which also has the same selectionStart/End members.
832
833         Test: fast/regions/selection/crash-deselect.html
834
835         * WebCore.xcodeproj/project.pbxproj:
836         * rendering/RenderBlock.cpp:
837         (WebCore::RenderBlock::isSelectionRoot):
838         * rendering/RenderSelectionInfo.h:
839         * rendering/RenderView.cpp:
840         (WebCore::RenderView::RenderView):
841         (WebCore::RenderView::setSelection): Renamed m_selectionStart/End to m_unsplitSelectionStart/End
842         (WebCore::RenderView::splitSelectionBetweenSubtrees):
843         (WebCore::RenderView::updateSelectionForSubtrees): Added, clears and re-applies selection for all selection subtrees.
844         (WebCore::RenderView::clearSubtreeSelection): Added, clears selection and returns previously selected information.
845         (WebCore::RenderView::applySubtreeSelection): Added, updates the selection status of all objects inside the selection tree, compares old and new data and repaints accordingly.
846         (WebCore::RenderView::getSelection): Renamed m_selectionStart/End to m_unsplitSelectionStart/End
847         (WebCore::RenderView::setSubtreeSelection): Deleted.
848         * rendering/RenderView.h:
849         * rendering/SelectionSubtreeRoot.cpp:
850         (WebCore::SelectionSubtreeRoot::SelectionSubtreeRoot):
851         * rendering/SelectionSubtreeRoot.h:
852         (WebCore::SelectionSubtreeRoot::OldSelectionData::OldSelectionData):
853
854 2014-07-22  Brent Fulgham  <bfulgham@apple.com>
855
856         [Win] Build fix for bot.
857
858         * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
859         (WebCore::createLegibleOutputSubtypes): Declare 'wvtt' locally, rather
860         than relying on potentially unavailable declaration.
861
862 2014-07-22  Brent Fulgham  <bfulgham@apple.com>
863
864         [Win] Build fix for Windows bots
865
866         * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp: Provide missing
867         structure definition when needed by bot.
868
869 2014-07-22  Brent Fulgham  <bfulgham@apple.com>
870
871         [Win] Build fix for EWS bots.
872
873         * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp: Forward declare
874         structure definition.
875
876 2014-07-22  Brent Fulgham  <bfulgham@apple.com>
877
878         [Win] Fix Crash when handling Legible Output callbacks
879         https://bugs.webkit.org/show_bug.cgi?id=134946
880
881         Reviewed by Dean Jackson.
882
883         Relanding after adding fixes to support build bots.
884
885         * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp:
886         (WebCore::InbandTextTrackPrivateAVF::processNativeSamples): Remove
887         Windows-specific 'ASSERT_NOT_REACHED' code path.
888         * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
889         (WebCore::createLegibleOutputSubtypes): Added.
890         (WebCore::AVFWrapper::createPlayerItem): Updated to request native
891         samples from AVFoundationCF.
892
893 2014-07-16  Myles C. Maxfield  <mmaxfield@apple.com>
894
895         Copying and pasting trivial H2 content causes a crash in firstPositionInNode
896         https://bugs.webkit.org/show_bug.cgi?id=134897
897
898         Reviewed by Ryosuke Niwa.
899
900         ReplaceSelectionCommand::makeInsertedContentRoundTrippableWithHTMLTreeBuilder() attempts
901         to move pasted headings out of existed headings, with out regard to if the existing
902         heading is the contenteditable root.
903
904         Test: editing/pasteboard/heading-crash.html
905
906         * editing/ReplaceSelectionCommand.cpp:
907         (WebCore::ReplaceSelectionCommand::makeInsertedContentRoundTrippableWithHTMLTreeBuilder):
908
909 2014-07-22  Ryuan Choi  <ryuan.choi@samsung.com>
910
911         Remove dead APIs from TiledBackingStore
912         https://bugs.webkit.org/show_bug.cgi?id=135158
913
914         Reviewed by Gyuyoung Kim.
915
916         setContentsFrozen and related code of TiledBackingStore are not used since Qt port is removed.
917
918         * platform/graphics/TiledBackingStore.cpp:
919         (WebCore::TiledBackingStore::TiledBackingStore):
920         (WebCore::TiledBackingStore::updateTileBuffers):
921         (WebCore::TiledBackingStore::setContentsScale):
922         (WebCore::TiledBackingStore::createTiles):
923         (WebCore::TiledBackingStore::startTileBufferUpdateTimer):
924         (WebCore::TiledBackingStore::startBackingStoreUpdateTimer):
925         (WebCore::TiledBackingStore::commitScaleChange): Deleted.
926         (WebCore::TiledBackingStore::isBackingStoreUpdatesSuspended): Deleted.
927         (WebCore::TiledBackingStore::isTileBufferUpdatesSuspended): Deleted.
928         (WebCore::TiledBackingStore::setContentsFrozen): Deleted.
929         * platform/graphics/TiledBackingStore.h:
930         (WebCore::TiledBackingStore::contentsFrozen): Deleted.
931
932 2014-07-22  Alex Christensen  <achristensen@webkit.org>
933
934         Fix window-inactive css selectors when using querySelector.
935         https://bugs.webkit.org/show_bug.cgi?id=135149
936
937         Reviewed by Tim Horton.
938
939         Test: fast/selectors/querySelector-window-inactive.html
940
941         * css/SelectorChecker.cpp:
942         (WebCore::SelectorChecker::checkOne):
943         Removed default and implemented case PseudoClassWindowInactive.
944
945 2014-07-22  Tim Horton  <timothy_horton@apple.com>
946
947         REGRESSION (r171016): Reproducible infinite spin selecting phone number
948         https://bugs.webkit.org/show_bug.cgi?id=135183
949         <rdar://problem/17727342>
950
951         Reviewed by Ryosuke Niwa.
952
953         * editing/Editor.cpp:
954         (WebCore::Editor::scanRangeForTelephoneNumbers):
955         Make use of TextIterator::subrange, which knows how to make a subrange from character positions,
956         instead of assuming that our character positions translate directly to positions in the incoming range.
957         Make use of DocumentMarkerController::addMarker, which takes a range and applies the marker to
958         all text nodes inside the range as appropriate.
959         Fix naming of the shadowed 'length' local.
960         Fix a typo in the comment.
961
962 2014-07-22  Myles C. Maxfield  <mmaxfield@apple.com>
963
964         [iOS] [OSX] Don't transcode WOFF on platforms that support it natively
965         https://bugs.webkit.org/show_bug.cgi?id=134904
966
967         Reviewed by Andreas Kling.
968
969         No new tests because there is no behavior change.
970
971         * loader/cache/CachedFont.cpp:
972         (WebCore::CachedFont::ensureCustomFontData):
973
974 2014-07-22  peavo@outlook.com  <peavo@outlook.com>
975
976         [Win] Crash after plugin is unloaded.
977         https://bugs.webkit.org/show_bug.cgi?id=119044
978
979         Reviewed by Darin Adler.
980
981         We need to invalidate all runtime objects when a plugin view is destroyed, in case the plugin is unloaded,
982         and one of these runtime objects accesses the plugin function table upon destruction afterwards, which will cause a crash.
983         If we use the weak pointer to the runtime object when invalidating, it will be null if it's in the WeakImpl::Dead state.
984         This means the runtime object will not be invalidated, possibly causing a crash if the plugin is unloaded.
985         It should be safe to use the raw pointer to the runtime object when invalidating, since finalized runtime objects
986         will be removed from the set of runtime objects in the method RootObject::finalize().
987
988         * bridge/runtime_root.cpp:
989         (JSC::Bindings::RootObject::invalidate): Make sure all runtime objects are invalidated by getting the raw runtime object pointer from the hash key.
990
991 2014-07-22  Enrica Casucci  <enrica@apple.com>
992
993         REGRESSION (WebKit2): Selection inside accelerated overflow:scroll doesn't track scrolling.
994         https://bugs.webkit.org/show_bug.cgi?id=135180
995         <rdar://problem/16721055>
996
997         Reviewed by Simon Fraser.
998
999         AsyncScrollingCoordinator will force a selection update on iOS
1000         when scrolling terminates in an overflow scroll.
1001
1002         * loader/EmptyClients.h:
1003         * page/EditorClient.h:
1004         * page/scrolling/AsyncScrollingCoordinator.cpp:
1005         (WebCore::AsyncScrollingCoordinator::updateScrollPositionAfterAsyncScroll):
1006         * page/scrolling/ScrollingTree.h:
1007         (WebCore::ScrollingTree::scrollingTreeNodeWillStartScroll):
1008         (WebCore::ScrollingTree::scrollingTreeNodeDidEndScroll):
1009
1010 2014-07-22  Myles C. Maxfield  <mmaxfield@apple.com>
1011
1012         [Mac] Cocoa throws exception when the return type of NSAccessibilityLinkedUIElementsAttribute is not an array
1013         https://bugs.webkit.org/show_bug.cgi?id=135165
1014
1015         Reviewed by Simon Fraser.
1016
1017         Return an empty array instead of nil.
1018
1019         Updated tests.
1020
1021         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
1022         (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):
1023
1024 2014-07-22  Commit Queue  <commit-queue@webkit.org>
1025
1026         Unreviewed, rolling out r171357.
1027         https://bugs.webkit.org/show_bug.cgi?id=135173
1028
1029         broke Windows build. (Requested by bfulgham on #webkit).
1030
1031         Reverted changeset:
1032
1033         "[Win] Fix Crash when handling Legible Output callbacks"
1034         https://bugs.webkit.org/show_bug.cgi?id=134946
1035         http://trac.webkit.org/changeset/171357
1036
1037 2014-07-22  Brent Fulgham  <bfulgham@apple.com>
1038
1039         [Win] Fix Crash when handling Legible Output callbacks
1040         https://bugs.webkit.org/show_bug.cgi?id=134946
1041
1042         Reviewed by Dean Jackson.
1043
1044         * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp:
1045         (WebCore::InbandTextTrackPrivateAVF::processNativeSamples): Remove
1046         Windows-specific 'ASSERT_NOT_REACHED' code path.
1047         * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
1048         (WebCore::createLegibleOutputSubtypes): Added.
1049         (WebCore::AVFWrapper::createPlayerItem): Updated to request native
1050         samples from AVFoundationCF.
1051
1052 2014-07-21  Sam Weinig  <sam@webkit.org>
1053
1054         [Cocoa] WKScriptMessageHandlers don't seem to function properly after navigating
1055         https://bugs.webkit.org/show_bug.cgi?id=135148
1056
1057         Reviewed by Geoffrey Garen.
1058
1059         The "webkit" property on the window was not getting installed for subsequent
1060         loads due to intricate dance playing setting the JSDOMWindow where the DOMWindow
1061         object is not yet in a Frame when the JSDOMWindow is created. Since we were
1062         adding the "webkit" property on construction, the property was returning null
1063         thinking it had no Frame and was in a bad state. We can fix this by making the
1064         "webkit" property behave like all the other window properties moving its getting
1065         to JSDOMWindow::getOwnPropertySlot.
1066
1067         Added API test (WebKit2Cocoa/UserContentController).
1068
1069         * bindings/js/JSDOMWindowBase.cpp:
1070         (WebCore::JSDOMWindowBase::finishCreation):
1071         * bindings/js/JSDOMWindowCustom.cpp:
1072         (WebCore::jsDOMWindowWebKit):
1073         (WebCore::JSDOMWindow::getOwnPropertySlot):
1074
1075 2014-07-22  Brent Fulgham  <bfulgham@apple.com>
1076
1077         [Win] Fix Leak in WebCore::createGlobalImageFileDescriptor 
1078         https://bugs.webkit.org/show_bug.cgi?id=134423
1079         <rdar://problem/17492758>
1080
1081         Reviewed by Geoffrey Garen.
1082
1083         * platform/win/PasteboardWin.cpp:
1084         (WebCore::createGlobalImageFileDescriptor): Unlock and release the
1085         HGLOBAL when exiting early.
1086
1087 2014-07-21  Myles C. Maxfield  <mmaxfield@apple.com>
1088
1089         Clicking on links while accessibility is enabled sometimes crashes
1090         https://bugs.webkit.org/show_bug.cgi?id=135074
1091
1092         Reviewed by Chris Fleizach.
1093
1094         When an accessibility request comes in from the system, we call updateBackingStore() on the
1095         relevant AccessibilityObject, which triggers a relayout of the entire document. This relayout
1096         might delete that accessibility node and its parent, which would cause the node to be deleted.
1097         After the stack unwinds, we then call a member function on the node without checking for this
1098         condition.
1099
1100         Test: accessibility/parent-delete.html
1101
1102         * accessibility/AccessibilityObject.cpp:
1103         (WebCore::AccessibilityObject::updateBackingStore): Retain the node for the duration of the
1104         function.
1105
1106 2014-07-22  Jeremy Jones  <jeremyj@apple.com>
1107
1108         Don't create new UIWindow for video fullscreen.
1109         https://bugs.webkit.org/show_bug.cgi?id=135038
1110
1111         Reviewed by Darin Adler.
1112
1113         * WebCore.exp.in:
1114         * platform/ios/WebVideoFullscreenControllerAVKit.h: use UIView instead of UIScreen.
1115         * platform/ios/WebVideoFullscreenControllerAVKit.mm:
1116         (-[WebVideoFullscreenController enterFullscreen:]): provide parent UIView.
1117         * platform/ios/WebVideoFullscreenInterfaceAVKit.h: remove UIWindow.
1118         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm: 
1119         (WebVideoFullscreenInterfaceAVKit::setupFullscreen): ditto 
1120         (WebVideoFullscreenInterfaceAVKit::cleanupFullscreen): ditto
1121         (WebVideoFullscreenInterfaceAVKit::invalidate): ditto
1122         (WebVideoFullscreenInterfaceAVKit::requestHideAndExitFullscreen): ditto
1123
1124 2014-07-22  Carlos Alberto Lopez Perez  <clopez@igalia.com>
1125
1126         [GTK] Rollout r170529 due to ~10% performance regression on the
1127         perf test Animation/balls.
1128         https://bugs.webkit.org/show_bug.cgi?id=134972
1129
1130         Reviewed by Martin Robinson.
1131
1132         Reverted changeset:
1133         "Increase priority on SharedTimer source."
1134         https://trac.webkit.org/r170529
1135
1136 2014-07-18  Dirk Schulze  <krit@webkit.org>
1137
1138         Turn width/height to presentation attributes
1139         https://bugs.webkit.org/show_bug.cgi?id=135046
1140
1141         Reviewed by Dean Jackson.
1142
1143         The elements <svg>, <image>, <pattern>, <mask> and <foreignObject> have the
1144         'width' and 'height' attributes. So far they can just be set by SVG DOM or
1145         setAttribute. Furthermore, animations just work with SVG Animation - No support
1146         for CSS Animations and CSS Transitions. We started to turn the width and height
1147         attributes on SVG roots to presentation attributes already. A presentation
1148         attribute is a CSS property that can also be set by DOM (or now by SVG DOM).
1149
1150         This patch turns all width and height attributes to presentation attributes. It
1151         basically allows authors to style width and height with CSS as well. Width and
1152         height can now be set with CSS style sheets and can be animated with CSS.
1153
1154         To some degree it made it possible to remove code duplication. However, since
1155         SVG DOM requires us to use SVGLength types and since we did not turn all
1156         SVG attributes to the CSS length values (and our internal Length struct) yet,
1157         we still need a hybrid - a bridge between SVGLength (for SVG DOM) and Length (for
1158         RenderStyle). Once we move all attributes to use the Length struct, we can make SVGLength
1159         a wrapper for Length and can move more code to the render tree.
1160
1161         The current challenge is to synchronize SVG DOM, normal DOM and RenderStyle.
1162         With this patch we handle most part in RenderStyle. SVG DOM changes are
1163         synchronized to DOM and RenderStyle will call needsStyleRecalc. Furthermore,
1164         SVG Animations will continue to animate the SVG DOM (and synchronize the changes
1165         back to RenderStyle) if the element has a JS property for the currently animated
1166         attribute.
1167
1168         Short example:
1169
1170             <rect>
1171                 <animate attributeName="width">
1172             </rect>
1173
1174         The <rect> element has the SVG DOM property 'width'. Therefore, we animate the SVG DOM
1175         property and synchronize RenderStyle.
1176
1177             <ellipse>
1178                 <animate attributeName="width">
1179             </ellipse>
1180
1181         The <ellipse> element does NOT have the SVG DOM property 'width'. Therefore, we
1182         animate the CSS property directly. With synchronizing RenderStyle in all cases, we
1183         make sure that the CSS cascade works even on animating on multiple SVG hierarchy
1184         levels (animation of 'width' on <g> and inheriting the property value on a child
1185         <rect>).
1186
1187         With using presentation attributes, we also inherit the CSS property parsing for
1188         SVG attributes. <rect width="  100px  "> is possible now. (Note the trailing whitespaces.)
1189         This follows a recent resolution of the SVG WG.
1190
1191         Since we turned width and height to presentation attributes, the layout optimization
1192         selfHasRelativeLengths() in the DOM can't be used anymore. selfHasRelativeLengths() was
1193         intended to solve a problem where we did not layout relatively position/sized elements
1194         when the parent changes its size. However, as a side effect it did not call layout
1195         for absolutely positioned/sized elements since the layout does not change. I run
1196         all performance tests that we have and even wrote a test with hundreds of elements
1197         that would be affected by this optimization. The differences were inside the sigma
1198         of a normal test run. (Means I couldn't measure a performance difference.)
1199         Therefore, it is not worth it to keep the "optimization" around and I will probably
1200         remove it entirely for all basic shapes but <path> and <polygon> in future patches.
1201
1202         Tests: svg/css/parse-height.html
1203                svg/css/parse-width.html
1204                svg/css/width-height-presentation-attribute-expected.svg
1205                svg/css/width-height-presentation-attribute.svg
1206
1207         * css/CSSComputedStyleDeclaration.cpp:
1208         (WebCore::ComputedStyleExtractor::propertyValue): We never calculated the computed
1209             value of width/height for SVG elements and returned auto instead. This is based
1210             on a rule of CSS 2 and needs to be fixed in CSS3.
1211         * css/DeprecatedStyleBuilder.cpp:
1212         (WebCore::ApplyPropertyLength::applyValue): Length always incorporates the zoom level.
1213             In SVG we still apply the zoom after all operations by scaling the context. We need
1214             to take this in account for Length and don't apply zoom on SVG inline elements.
1215         * css/StyleResolver.cpp:
1216         (WebCore::StyleResolver::useSVGZoomRulesForLength):
1217             See above.
1218         * css/StyleResolver.h:
1219         * rendering/svg/RenderSVGRect.cpp:
1220         (WebCore::RenderSVGRect::updateShapeFromElement): Do not call width() and height() on
1221             SVG DOM but use the values of RenderStyle instead.
1222         * rendering/svg/SVGPathData.cpp:
1223         (WebCore::updatePathFromRectElement): Ditto.
1224         * svg/SVGAnimateElement.cpp:
1225         (WebCore::SVGAnimateElement::resetAnimatedType): We need to differ between CSS properties
1226             with and without SVG DOM on the current element. In the later case we animate the 
1227             SVG DOM and need to synch RenderStyle.
1228         (WebCore::SVGAnimateElement::clearAnimatedType): Ditto.
1229         (WebCore::SVGAnimateElement::applyResultsToTarget): Ditto.
1230         * svg/SVGAnimationElement.cpp:
1231         (WebCore::SVGAnimationElement::isTargetAttributeCSSProperty): This checks if the CSS property
1232             has to be synched with SVG DOM.
1233         (WebCore::SVGAnimationElement::shouldApplyAnimation): Ditto.
1234         * svg/SVGAnimationElement.h:
1235         * svg/SVGElement.cpp:
1236         (WebCore::populateAttributeNameToCSSPropertyIDMap): Add width and heigth to the CSS property
1237             list for presentation attributes.
1238         (WebCore::populateCSSPropertyWithSVGDOMNameToAnimatedPropertyTypeMap): CSS properties with
1239             SVG DOM synchronization need to be treated differently. Collect them in a separate map.
1240         (WebCore::cssPropertyWithSVGDOMNameToAnimatedPropertyTypeMap): Caller for the map.
1241         (WebCore::SVGElement::animatedPropertyTypeForAttribute): We need to check both maps here:
1242             CSS properties and CSS properties with SVG DOM synch.
1243         (WebCore::SVGElement::isAnimatableCSSProperty): Ditto.
1244         (WebCore::SVGElement::isPresentationAttributeWithSVGDOM): Just return true if the property name
1245             is in the map of properties with SVG DOM for the current element.
1246         * svg/SVGElement.h:
1247         (WebCore::SVGElement::invalidateSVGPresentationAttributeStyle): Call needsStyleRecalc.
1248         * svg/SVGFilterElement.cpp: Make width/height presentation attribute.
1249         (WebCore::SVGFilterElement::svgAttributeChanged):
1250         (WebCore::SVGFilterElement::selfHasRelativeLengths): Deleted.
1251         * svg/SVGFilterElement.h: Ditto.
1252         * svg/SVGForeignObjectElement.cpp:
1253         (WebCore::SVGForeignObjectElement::svgAttributeChanged):
1254         (WebCore::SVGForeignObjectElement::selfHasRelativeLengths): Deleted.
1255         * svg/SVGForeignObjectElement.h:
1256         * svg/SVGImageElement.cpp: Ditto.
1257         (WebCore::SVGImageElement::svgAttributeChanged):
1258         (WebCore::SVGImageElement::isPresentationAttribute): Deleted.
1259         (WebCore::SVGImageElement::collectStyleForPresentationAttribute): Deleted.
1260         (WebCore::SVGImageElement::selfHasRelativeLengths): Deleted.
1261         * svg/SVGImageElement.h:
1262         * svg/SVGLength.h: Transform an Length value to an absolute value by taking the SVG viewport
1263             into account. (An SVG viewport is not the same as the CSS viewport.)
1264         * svg/SVGLengthContext.cpp: Ditto.
1265         (WebCore::SVGLengthContext::valueForLength):
1266         * svg/SVGLengthContext.h:
1267         * svg/SVGMaskElement.cpp: Make width/height presentation attribute.
1268         (WebCore::SVGMaskElement::svgAttributeChanged):
1269         (WebCore::SVGMaskElement::selfHasRelativeLengths): Deleted.
1270         * svg/SVGMaskElement.h:
1271         * svg/SVGPatternElement.cpp: Ditto.
1272         (WebCore::SVGPatternElement::svgAttributeChanged):
1273         (WebCore::SVGPatternElement::selfHasRelativeLengths): Deleted.
1274         * svg/SVGPatternElement.h:
1275         * svg/SVGRectElement.cpp: Ditto.
1276         (WebCore::SVGRectElement::svgAttributeChanged):
1277         (WebCore::SVGRectElement::selfHasRelativeLengths): Deleted.
1278         * svg/SVGRectElement.h:
1279         * svg/SVGSVGElement.cpp: Ditto.
1280         (WebCore::SVGSVGElement::svgAttributeChanged): Clean up redundant layout calls.
1281         (WebCore::SVGSVGElement::isPresentationAttribute): Deleted.
1282         (WebCore::SVGSVGElement::collectStyleForPresentationAttribute): Deleted.
1283         * svg/SVGSVGElement.h:
1284         * svg/properties/SVGAnimatedProperty.cpp: Synchronize SVG DOM with DOM.
1285         (WebCore::SVGAnimatedProperty::commitChange):
1286
1287 2014-07-22  Adrian Perez de Castro  <aperez@igalia.com>
1288
1289         [GStreamer] [GTK] WebKit does not build with GStreamer 1.4
1290         https://bugs.webkit.org/show_bug.cgi?id=135114
1291
1292         Reviewed by Philippe Normand.
1293
1294         Fix build with GStreamer 1.4
1295
1296         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
1297         Change GstMpegTs-prefixed types to use the GstMpegts prefix.
1298         (WebCore::MediaPlayerPrivateGStreamer::handleMessage):
1299         (WebCore::MediaPlayerPrivateGStreamer::processMpegTsSection):
1300         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
1301         Ditto.
1302
1303 2014-07-21  Benjamin Poulain  <bpoulain@apple.com>
1304
1305         [iOS][WK2] Improve event throttling for Scroll Events
1306         https://bugs.webkit.org/show_bug.cgi?id=135082
1307         <rdar://problem/17445266>
1308
1309         Reviewed by Simon Fraser.
1310
1311         This patch is composed of two parts. The first part in the WebKit layer
1312         track an approximate measurement of the main thread responsiveness.
1313         The second part in WebCore use that information to avoid sending events
1314         if a page is unresponsive.
1315
1316         In WebCore, this patch only consider scroll events so far. Hopefully the concept
1317         should be easy to generalize.
1318
1319         * loader/EmptyClients.h:
1320         * page/ChromeClient.h:
1321         Chrome client provides us with one information: how long an incoming event should be delayed.
1322         Every port is free to implement whatever logic is suitable for them.
1323
1324         * page/FrameView.cpp:
1325         (WebCore::FrameView::FrameView):
1326         (WebCore::FrameView::reset):
1327         (WebCore::FrameView::delayedScrollEventTimerFired):
1328         (WebCore::FrameView::scrollPositionChanged):
1329         (WebCore::FrameView::sendScrollEvent):
1330         * page/FrameView.h:
1331         Scroll events do not have any associated information so they can be coalesced by just skipping
1332         all input hapenning during the throttling delay.
1333
1334         The implementation is done by using a timer to delay the events.
1335
1336 2014-07-21  Tim Horton  <timothy_horton@apple.com>
1337
1338         Avoid putting empty-sized surfaces into IOSurfacePool
1339         https://bugs.webkit.org/show_bug.cgi?id=135136
1340
1341         Reviewed by Simon Fraser.
1342
1343         * platform/graphics/cg/IOSurfacePool.cpp:
1344         (WebCore::IOSurfacePool::addSurface):
1345         Avoid adding 0x0 surfaces to the pool, because they will wreak havoc
1346         when their size is used as the key in the CachedSurfaceMap.
1347         Additionally, avoid any empty sizes, because they're just pointless.
1348
1349 2014-07-21  Beth Dakin  <bdakin@apple.com>
1350
1351         WK1 should always setAcceleratedCompositingForFixedPositionEnabled(true) on 
1352         Yosemite
1353         https://bugs.webkit.org/show_bug.cgi?id=135135
1354
1355         Reviewed by Darin Adler.
1356
1357         This patch gets rid of the ChromeClient function that was introduced with 
1358         http://trac.webkit.org/changeset/171308 We’ll just enable the Setting instead.
1359         * css/StyleResolver.cpp:
1360         (WebCore::StyleResolver::adjustRenderStyle):
1361         (WebCore::fixedPositionCreatesStackingContext): Deleted.
1362         * page/ChromeClient.h:
1363         (WebCore::ChromeClient::requiresAcceleratedCompositingForViewportConstrainedPosition): Deleted.
1364         * rendering/RenderLayerCompositor.cpp:
1365         (WebCore::RenderLayerCompositor::requiresCompositingForPosition):
1366
1367 2014-07-21  Simon Fraser  <simon.fraser@apple.com>
1368
1369         [iOS WK2] Turn off position:fixed behavior when the keyboard is up
1370         https://bugs.webkit.org/show_bug.cgi?id=132537
1371
1372         Reviewed by Benjamin Poulain.
1373
1374         Export RenderObject::localToContainerPoint().
1375
1376         * WebCore.exp.in:
1377
1378 2014-07-21  Jer Noble  <jer.noble@apple.com>
1379
1380         [MSE] YouTube video decode error when variant-switching
1381         https://bugs.webkit.org/show_bug.cgi?id=135128
1382
1383         Reviewed by Brent Fulgham.
1384
1385         Test: media/media-source/media-source-overlapping-decodetime.html
1386
1387         When variant-switching, the situation can arise where an existing sample with a presentation
1388         timestamp of N and a decode timestamp of M, and a new sample with a presentation timestamp > N
1389         and the same decode timestamp of M, will keep the new sample from being added to the SampleMap.
1390         This can result in a decode error when samples depending on that new, missing sample are enqueued.
1391
1392         The MSE spec is silent on the issue of overlapping decode timestamps. However, it guarantees that
1393         presentation timestamps are non-overlapping. So instead of using just the decode timestamp as a key
1394         for storing the samples in decode order, use both the decode timestamp and the presentation timestamp.
1395         That ensures that samples with different presentation times but equal decode times are both inserted
1396         into the decode queue, and in the correct order.
1397
1398         * Modules/mediasource/SampleMap.cpp:
1399         (WebCore::SampleIsRandomAccess::operator()): Update the parameter type to match the new KeyType.
1400         (WebCore::SampleMap::addSample): Pass both decodeTime and presentationTime as the key to decodeOrder.
1401         (WebCore::SampleMap::removeSample): Ditto.
1402         (WebCore::DecodeOrderSampleMap::findSampleWithDecodeKey): Renamed from findSampleWithDecodeTime.
1403         (WebCore::DecodeOrderSampleMap::reverseFindSampleWithDecodeKey): renamed from reverseFindSampleWithDecodeTime.
1404         (WebCore::DecodeOrderSampleMap::findSyncSamplePriorToPresentationTime): Use renamed version of above.
1405         (WebCore::DecodeOrderSampleMap::findSyncSampleAfterPresentationTime): Ditto.
1406         (WebCore::DecodeOrderSampleMap::findDependentSamples): Ditto.
1407         (WebCore::DecodeOrderSampleMap::findSampleWithDecodeTime): Deleted.
1408         (WebCore::DecodeOrderSampleMap::reverseFindSampleWithDecodeTime): Deleted.
1409         * Modules/mediasource/SampleMap.h:
1410         * Modules/mediasource/SourceBuffer.cpp:
1411         (WebCore::SourceBuffer::removeCodedFrames): Ditto.
1412         (WebCore::SourceBuffer::sourceBufferPrivateDidReceiveSample): Ditto.
1413         (WebCore::SourceBuffer::reenqueueMediaForTime): Ditto.
1414
1415 2014-07-21  Andy Estes  <aestes@apple.com>
1416
1417         [iOS] Handle QuickLook ResourceLoaders in the web process
1418         https://bugs.webkit.org/show_bug.cgi?id=135113
1419
1420         Reviewed by David Kilzer.
1421
1422         No new tests. QuickLook is not testable from WebKit.
1423
1424         * WebCore.exp.in:
1425         * loader/ResourceLoadScheduler.cpp:
1426         (WebCore::ResourceLoadScheduler::maybeLoadQuickLookResource): Start loading the ResourceLoader if it is for a QuickLook resource.
1427         * loader/ResourceLoadScheduler.h:
1428
1429 2014-07-21  Alexey Proskuryakov  <ap@apple.com>
1430
1431         Case sensitive file system build fix.
1432
1433         * page/scrolling/ScrollingStateTree.cpp:
1434
1435 2014-07-21  Beth Dakin  <bdakin@apple.com>
1436
1437         Put position:fixed elements into layers when a WK1 view is layer-backed
1438         https://bugs.webkit.org/show_bug.cgi?id=135075
1439
1440         Reviewed by Darin Adler.
1441
1442         This patch adds a new ChromeClient function called 
1443         requiresAcceleratedCompositingForViewportConstrainedPosition(). Since a view can 
1444         go in and out of layer backing, we need a ChromeClient method that can be 
1445         dynamically re-evaluated rather than using the existing settings for enabling 
1446         accelerated fixed and fixed that creates a stacking context.
1447
1448         Ensure that fixed elements create a stacking context when 
1449         requiresAcceleratedCompositingForViewportConstrainedPosition is true.
1450         * css/StyleResolver.cpp:
1451         (WebCore::StyleResolver::adjustRenderStyle):
1452
1453         New ChromeClient function.
1454         * page/ChromeClient.h:
1455
1456 2014-07-21  Simon Fraser  <simon.fraser@apple.com>
1457
1458         Add helper functions to dump the scrolling state tree from the debugger
1459         https://bugs.webkit.org/show_bug.cgi?id=135101
1460
1461         Reviewed by Darin Adler.
1462
1463         Add debug-only showScrollingStateTree() functions that take a ScrollingStateTree* and ScrollingStateNode*
1464         for use while debugging.
1465
1466         * page/scrolling/ScrollingStateTree.cpp:
1467         (showScrollingStateTree):
1468         * page/scrolling/ScrollingStateTree.h:
1469
1470 2014-07-20  Simon Fraser  <simon.fraser@apple.com>
1471
1472         [iOS WK1] Single touch div scrolling doesn't work in framesets (breaks Word previews)
1473         https://bugs.webkit.org/show_bug.cgi?id=135103
1474         <rdar://problem/11830219>
1475
1476         Reviewed by Darin Adler.
1477
1478         After r166117 all layer flushing starts on the root frame; we no longer flush layers
1479         for each frame during painting. However, flushing GraphicsLayers can set some state
1480         on a subframe RenderLayerCompositor that is now never processed, which breaks scroll
1481         layer registration.
1482         
1483         Fix by doing a walk of the Frame tree, and calling didFlushLayers() on subframe RenderLayerCompositors
1484         before calling didFlushLayers() on self.
1485
1486         * rendering/RenderLayerCompositor.cpp:
1487         (WebCore::RenderLayerCompositor::flushPendingLayerChanges):
1488         (WebCore::RenderLayerCompositor::didFlushLayers):
1489         (WebCore::RenderLayerCompositor::notifySubframesAfterLayerFlush):
1490         (WebCore::RenderLayerCompositor::enclosingCompositorFlushingLayers): Drive-by nullptr.
1491         * rendering/RenderLayerCompositor.h:
1492
1493 2014-07-21  Eric Carlson  <eric.carlson@apple.com>
1494
1495         [iOS] a Paused media session is not active
1496         https://bugs.webkit.org/show_bug.cgi?id=135108
1497
1498         Reviewed by Darin Adler.
1499
1500         Activating the shared AudioSession will pause audio playing in another application,
1501         so only report a Playing media sessions as active.
1502
1503         * platform/audio/MediaSessionManager.cpp:
1504         * platform/audio/MediaSessionManager.h:
1505         (WebCore::MediaSessionManager::activeAudioSessionRequired): Renamed from hasActive to make
1506         clear what it does. Only return true for a session that is Playing.
1507
1508         * platform/audio/mac/MediaSessionManagerMac.cpp:
1509         (MediaSessionManager::updateSessionState): hasActive renamed to activeAudioSessionRequired.
1510
1511 2014-07-21  Carlos Garcia Campos  <cgarcia@igalia.com>
1512
1513         Unreviewed. Update GObject DOM bindings test results after r171285.
1514
1515         * bindings/scripts/test/GObject/WebKitDOMTestActiveDOMObject.cpp:
1516         * bindings/scripts/test/GObject/WebKitDOMTestCallback.cpp:
1517         * bindings/scripts/test/GObject/WebKitDOMTestCustomNamedGetter.cpp:
1518         * bindings/scripts/test/GObject/WebKitDOMTestEventConstructor.cpp:
1519         * bindings/scripts/test/GObject/WebKitDOMTestEventTarget.cpp:
1520         * bindings/scripts/test/GObject/WebKitDOMTestException.cpp:
1521         * bindings/scripts/test/GObject/WebKitDOMTestGenerateIsReachable.cpp:
1522         * bindings/scripts/test/GObject/WebKitDOMTestInterface.cpp:
1523         * bindings/scripts/test/GObject/WebKitDOMTestMediaQueryListListener.cpp:
1524         * bindings/scripts/test/GObject/WebKitDOMTestNamedConstructor.cpp:
1525         * bindings/scripts/test/GObject/WebKitDOMTestNode.cpp:
1526         * bindings/scripts/test/GObject/WebKitDOMTestNondeterministic.cpp:
1527         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
1528         * bindings/scripts/test/GObject/WebKitDOMTestOverloadedConstructors.cpp:
1529         * bindings/scripts/test/GObject/WebKitDOMTestSerializedScriptValueInterface.cpp:
1530         * bindings/scripts/test/GObject/WebKitDOMTestTypedefs.cpp:
1531         * bindings/scripts/test/GObject/WebKitDOMattribute.cpp:
1532         * bindings/scripts/test/GObject/WebKitDOMreadonly.cpp:
1533
1534 2014-07-20  Pratik Solanki  <psolanki@apple.com>
1535
1536         Reduce the chances of a race condition when sharing SharedBuffer
1537         https://bugs.webkit.org/show_bug.cgi?id=135060
1538         <rdar://problem/17729444>
1539
1540         Reviewed by Darin Adler.
1541
1542         We currently pass a SharedBuffer wrapped in WebCoreSharedBufferData to ImageIO for image
1543         decoding. This is not thread safe since ImageIO will access this buffer on a separate
1544         thread. We access SharedBuffer::buffer() on the other thread which resizes the Vector
1545         m_buffer if m_size is greater than the vector size. Since the code in SharedBuffer::append()
1546         sets m_size before appending the data to the buffer, m_size is out of sync with the m_buffer
1547         size for the entire duration of the Vector append which could be doing a lot of copying if
1548         the resource is large. While this change does not fix the race condition, we can at least
1549         reduce the chances of SharedBuffer::buffer() calling resize() by setting m_size after the
1550         cector has finished appending.
1551
1552         No new tests because no functional changes.
1553
1554         * platform/SharedBuffer.cpp:
1555         (WebCore::SharedBuffer::append):
1556
1557 2014-07-20  Jeremy Jones  <jeremyj@apple.com>
1558
1559         Fix test crashes when cloning video layer since r171286
1560         https://bugs.webkit.org/show_bug.cgi?id=135112
1561
1562         Unreviewed. Fix crashing tests by conditionalizing inline video layer change.
1563         compositing/video/video-reflection.html [ Crash ]
1564         media/video-layer-crash.html [ Crash ]
1565
1566         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h: add conditional
1567         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm: ditto
1568         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerLayer): ditto
1569         (WebCore::MediaPlayerPrivateAVFoundationObjC::destroyVideoLayer): ditto
1570         (WebCore::MediaPlayerPrivateAVFoundationObjC::platformLayer): ditto
1571
1572 2014-07-20  Jeremy Jones  <jeremyj@apple.com>
1573
1574         Disable ff/rw based on canPlayFastForward and canPlayFastRewind.
1575         https://bugs.webkit.org/show_bug.cgi?id=134894
1576
1577         Reviewed by Darin Adler.
1578
1579         * WebCore.exp.in: add symbol for canPlayFastReverse
1580         * html/HTMLMediaElement.cpp: Add two new accessors
1581         (WebCore::HTMLMediaElement::nextScanRate): possibly limit scanRate
1582         (WebCore::HTMLMediaElement::canPlayFastForward): added
1583         (WebCore::HTMLMediaElement::canPlayFastReverse): added
1584         * html/HTMLMediaElement.h: declare two new methods
1585         * platform/graphics/MediaPlayer.cpp: Plumb through two new accessors
1586         (WebCore::MediaPlayer::maxFastForwardRate): added
1587         (WebCore::MediaPlayer::minFastReverseRate): added
1588         * platform/graphics/MediaPlayer.h: Declare new methods
1589         * platform/graphics/MediaPlayerPrivate.h: Added two new methods.
1590         (WebCore::MediaPlayerPrivateInterface::maxFastForwardRate): added
1591         (WebCore::MediaPlayerPrivateInterface::minFastReverseRate): added
1592         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h: member to cache ff/rw enabled state
1593         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
1594         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayer): observe on item canPlayFastForward canPlayFastReverse
1595         (WebCore::MediaPlayerPrivateAVFoundationObjC::canPlayFastForwardDidChange): added
1596         (WebCore::MediaPlayerPrivateAVFoundationObjC::canPlayFastReverseDidChange): added
1597         (WebCore::itemKVOProperties): observe canPlayFastForward canPlayFastRewind
1598         (-[WebCoreAVFMovieObserver observeValueForKeyPath:ofObject:change:context:]): ditto
1599         * platform/ios/WebVideoFullscreenInterface.h: add new method
1600         * platform/ios/WebVideoFullscreenInterfaceAVKit.h: ditto
1601         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm: ditto
1602         (WebVideoFullscreenInterfaceAVKit::setCanPlayFastReverse): Set value on WebAVPlayerController.
1603         (-[WebAVPlayerController canScanBackward]): Deleted.
1604         (+[WebAVPlayerController keyPathsForValuesAffectingCanScanBackward]): Deleted.
1605         * platform/ios/WebVideoFullscreenModelMediaElement.mm:
1606         (WebVideoFullscreenModelMediaElement::updateForEventName): update canPlayFastReverse.
1607
1608 2014-07-18  Gavin Barraclough  <baraclough@apple.com>
1609
1610         HTMLMediaElement should registerWithDocument on iOS
1611         https://bugs.webkit.org/show_bug.cgi?id=135084
1612         <rdar://problem/17702531>
1613
1614         Reviewed by Andreas Kling.
1615
1616         Otherwise it won't know when the visibility changes!
1617
1618         * html/HTMLMediaElement.cpp:
1619         (WebCore::HTMLMediaElement::registerWithDocument):
1620         (WebCore::HTMLMediaElement::unregisterWithDocument):
1621
1622 2014-07-20  Jeremy Jones  <jeremyj@apple.com>
1623
1624         Decrease flicker when enter and exit fullscreen.
1625         https://bugs.webkit.org/show_bug.cgi?id=134919
1626
1627         Reviewed by Simon Fraser.
1628
1629         Put AVPlayerLayer in a container layer so moving it between inline and fullscreen
1630         is as easy as adding and removing it from a containter layer; no need to do a layout.
1631
1632         Make sure fullscreen layers are transparent before moving moving the AVPlayerLayer
1633         between inline and fullscreen so you don't briefly see the empty fullscreen layers.
1634
1635         * html/HTMLMediaElement.cpp:
1636         (WebCore::HTMLMediaElement::platformLayer): remove fullscreen special case.
1637         (WebCore::HTMLMediaElement::setVideoFullscreenLayer): no need to recalc style
1638         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h: add inline container layer
1639         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm: 
1640         add WebVideoContainerLayer to contain AVPlayerLayer and keep layout correct.
1641         (-[WebVideoContainerLayer setBounds:]): forward setbounds to set child frame.
1642         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerLayer): create the video container layer
1643         (WebCore::MediaPlayerPrivateAVFoundationObjC::destroyVideoLayer): destroy the video container layer
1644         (WebCore::MediaPlayerPrivateAVFoundationObjC::platformLayer): use container layer instead of video layer
1645         (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenLayer): use transactions to prevent unwanted animation.
1646         (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenFrame): ditto
1647         * platform/graphics/ca/mac/PlatformCALayerMac.mm:
1648         (PlatformCALayerMac::layerTypeForPlatformLayer): WebVideoContainerLayer is a kind of AVPlayerLayer
1649         * platform/ios/WebVideoFullscreenControllerAVKit.mm:
1650         (-[WebVideoFullscreenController didCleanupFullscreen]): remove video fullscreen layer first
1651         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
1652         (WebVideoFullscreenInterfaceAVKit::setupFullscreen): make background transparent during transition.
1653            dispatch_async to allow CATransaction to complete before calling didSetupFullscreen()
1654
1655 2014-07-20  Ryuan Choi  <ryuan.choi@samsung.com>
1656
1657         Move ExceptionCodeDescription.h into the files that actually need it
1658         https://bugs.webkit.org/show_bug.cgi?id=134968
1659
1660         Reviewed by Darin Adler.
1661
1662         No new tests because no functional changes.
1663
1664         * Modules/indexeddb/IDBDatabaseException.cpp:
1665         * Modules/webdatabase/SQLException.cpp:
1666         * bindings/js/JSDOMBinding.cpp:
1667         * bindings/objc/ExceptionHandlers.mm:
1668         * bindings/scripts/CodeGeneratorGObject.pm:
1669         (Generate):
1670         * dom/DOMCoreException.cpp:
1671         * dom/EventException.cpp:
1672         * dom/ExceptionBase.cpp:
1673         * dom/ExceptionCode.h:
1674         * dom/RangeException.cpp:
1675         * fileapi/FileException.cpp:
1676         * inspector/DOMEditor.cpp:
1677         * inspector/InspectorDOMAgent.cpp:
1678         * svg/SVGException.cpp:
1679         * xml/XMLHttpRequestException.cpp:
1680         * xml/XPathException.cpp:
1681
1682 2014-07-20  Dan Bernstein  <mitz@apple.com>
1683
1684         <rdar://problems/17742611> -[_WKActivatedElementInfo image] is often empty
1685         https://bugs.webkit.org/show_bug.cgi?id=135107
1686
1687         Reviewed by Sam Weinig.
1688
1689         Test: TestWebKitAPI/Tests/mac/RenderedImageFromDOMNode.mm
1690
1691         * page/FrameView.cpp:
1692         (WebCore::FrameView::paintContents): To work around http://webkit.org/b/135106, replace the
1693         paint root with its nearest ancestor that isn’t an inline with culled line boxes, if needed.
1694
1695 2014-07-20  Darin Adler  <darin@apple.com>
1696
1697         Crashes seen in wheel event handling
1698         https://bugs.webkit.org/show_bug.cgi?id=135102
1699
1700         Reviewed by Beth Dakin.
1701
1702         Speculative fix based on guesses about what could be crashing.
1703         The crash seems to be calling ref on an event target, and my guess is that this
1704         has something to do with latching.
1705
1706         * page/EventHandler.cpp:
1707         (WebCore::EventHandler::platformPrepareForWheelEvents): Updated argument types.
1708         (WebCore::EventHandler::handleWheelEvent): Refactored a little and made some local
1709         variables use RefPtr instead of raw pointers. Also added some comments.
1710
1711         * page/EventHandler.h: Changed argument types to RefPtr.
1712
1713         * page/mac/EventHandlerMac.mm:
1714         (WebCore::EventHandler::platformPrepareForWheelEvents): Updated argument types.
1715         Also added a FIXME.
1716
1717 2014-07-20  Simon Fraser  <simon.fraser@apple.com>
1718
1719         Print layerIDs in GraphicsLayer dumps
1720         https://bugs.webkit.org/show_bug.cgi?id=135100
1721
1722         Reviewed by Darin Adler.
1723
1724         When calling showGraphicsLayerTree() from the debugger, it's useful to show
1725         layerIDs so they can be correlated with remote layer tree transactions. So
1726         when dumping with debug info, dump the primary layer ID.
1727
1728         * platform/graphics/GraphicsLayer.cpp:
1729         (WebCore::GraphicsLayer::dumpProperties):
1730
1731 2014-07-20  Eric Carlson  <eric.carlson@apple.com>
1732
1733         [iOS] ignore requests to set volume
1734         https://bugs.webkit.org/show_bug.cgi?id=135081
1735
1736         Applied post-review comments from Darin Adler.
1737
1738         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
1739         (WebCore::MediaPlayerPrivateAVFoundationObjC::setVolume): Don't include unreachable
1740             code on iOS.
1741
1742 2014-07-19  Mark Rowe  <mrowe@apple.com>
1743
1744         <https://webkit.org/b/135085> Ensure that make_names.pl generates the same result when run multiple times.
1745
1746         Perl 5.18 introduced hash randomization. This results in the iteration order of hashes being different
1747         from one run to the next. To ensure identical output we can iterate over the hash keys in sorted order.
1748
1749         Reviewed by Alexey Proskuryakov.
1750
1751         * bindings/scripts/StaticString.pm:
1752         (GenerateStrings):
1753         (GenerateStringAsserts):
1754         * dom/make_names.pl:
1755
1756 2014-07-19  Zan Dobersek  <zdobersek@igalia.com>
1757
1758         Document::unregisterNodeListforInvalidation() and Document::unregisterCollection() have incorrect assertions
1759         https://bugs.webkit.org/show_bug.cgi?id=134869
1760
1761         Reviewed by Darin Adler.
1762
1763         Both methods should assert that the relevant HashMap is either empty if invalidation originates
1764         from Document::invalidateNodeListAndCollectionCaches() or acutally contains the element that is
1765         being invalidated. In the first case the HashMap is empty because its entries were moved out in
1766         the Document::invalidateNodeListAndCollectionCaches().
1767
1768         This was exposed by r170995 (later rolled out in r170999) which introduced move constructor and
1769         move assignment operators for HashTable. The assertions in the titular methods won't be passing
1770         until r170995 relands.
1771
1772         * dom/Document.cpp:
1773         (WebCore::Document::unregisterNodeListForInvalidation):
1774
1775 2014-07-18  Eric Carlson  <eric.carlson@apple.com>
1776
1777         [iOS] ignore requests to set volume
1778         https://bugs.webkit.org/show_bug.cgi?id=135081
1779
1780         Reviewed by Jer Noble.
1781
1782         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
1783         (WebCore::MediaPlayerPrivateAVFoundationObjC::setVolume): Do nothing on iOS.
1784
1785 2014-07-18  Andy Estes  <aestes@apple.com>
1786
1787         [iOS] Tapping "Allow Website" on a restricted page does not bring up the keypad
1788         https://bugs.webkit.org/show_bug.cgi?id=135072
1789         <rdar://problem/17528188>
1790
1791         Reviewed by David Kilzer.
1792
1793         No new tests. Content filtering is not testable from WebKit.
1794
1795         * WebCore.exp.in: Exported necessary ContentFilter symbols.
1796         * loader/DocumentLoader.cpp:
1797         (WebCore::DocumentLoader::finishedLoading): Called FrameLoaderClient::contentFilterDidBlockLoad().
1798         (WebCore::DocumentLoader::responseReceived): Created a new ContentFilter.
1799         (WebCore::DocumentLoader::dataReceived): Called FrameLoaderClient::contentFilterDidBlockLoad().
1800         (WebCore::DocumentLoader::setContentFilterForBlockedLoad): Deleted.
1801         (WebCore::DocumentLoader::handleContentFilterRequest): Deleted.
1802         * loader/DocumentLoader.h:
1803         * loader/FrameLoaderClient.h:
1804         (WebCore::FrameLoaderClient::contentFilterDidBlockLoad):
1805         * loader/PolicyChecker.cpp:
1806         (WebCore::PolicyChecker::checkNavigationPolicy): Removed the check for unblock navigations, as this is now
1807         handled at the WebKit layer.
1808         * platform/ContentFilter.h: ContentFilter no longer needs to be RefCounted, so made various changes in order to
1809         make it compatible with unique_ptr.
1810         * platform/ios/ContentFilterIOS.mm:
1811         (WebCore::scheme): Changed from a public member function to a static inline free function.
1812         (WebCore::ContentFilter::handleUnblockRequestAndDispatchIfSuccessful): Renamed from requestUnblockAndDispatchIfSuccessful.
1813         * platform/mac/ContentFilterMac.mm:
1814         (WebCore::ContentFilter::ContentFilter): Added a default constructor for use during message decoding.
1815         (WebCore::ContentFilter::addData): Removed calls to ref() and deref(). These were never actually needed since
1816         we were dispatching the block synchronously.
1817         (WebCore::ContentFilter::finishedAddingData): Ditto.
1818         (WebCore::ContentFilter::encode): Encoded m_platformContentFilter to the NSKeyedArchiver if it conforms to NSSecureCoding.
1819         (WebCore::ContentFilter::decode): Decoded m_platformContentFilter from the NSKeyedUnarchiver if it conforms to NSSecureCoding.
1820         (WebCore::ContentFilter::create): Deleted.
1821
1822 2014-07-18  Simon Fraser  <simon.fraser@apple.com>
1823
1824         [iOS WK2] position:fixed in iframes with programmatic scroll could end up in the wrong place
1825         https://bugs.webkit.org/show_bug.cgi?id=135078
1826         <rdar://problem/17401823>
1827
1828         Reviewed by Tim Horton.
1829         
1830         When the UI-side scrolling tree receives a requested scroll position update, it scrolls
1831         the node (e.g. a frame) then traverses child nodes to update them, e.g. for fixed position.
1832         However, we would always use a viewport rect for the main document (from the scrolling tree),
1833         which is not appropriate for subframes. Subframes should just use their own visible
1834         rect to position fixed children.
1835
1836         Test: platform/mac-wk2/tiled-drawing/scrolling/frames/fixed-inside-frame.html
1837
1838         * page/scrolling/ios/ScrollingTreeFrameScrollingNodeIOS.mm:
1839         (WebCore::ScrollingTreeFrameScrollingNodeIOS::updateChildNodesAfterScroll):
1840
1841 2014-07-18  Beth Dakin  <bdakin@apple.com>
1842
1843         Fixed position elements are misplaced when a WK1 view has contentInsets set
1844         https://bugs.webkit.org/show_bug.cgi?id=135031
1845         -and corresponding-
1846         <rdar://problem/17682335>
1847
1848         Reviewed by Tim Horton.
1849
1850         [NSScrollView documentVisibleRect] includes content that is within the inset-area 
1851         of a view, but WebCore is interested in the content that is fully visible, so we 
1852         need to factor the inset sizes out of this rect.
1853
1854         Implement contract() to avoid the awkwardness of calling expand() with negative 
1855         values.
1856         * platform/graphics/IntSize.h:
1857         (WebCore::IntSize::contract):
1858
1859         Factor out insets
1860         * platform/mac/ScrollViewMac.mm:
1861         (WebCore::ScrollView::platformVisibleContentRect):
1862         (WebCore::ScrollView::platformVisibleContentSize):
1863
1864 2014-07-18  Tim Horton  <timothy_horton@apple.com>
1865
1866         Take navigation snapshots whenever the current back-forward item is going to change
1867         https://bugs.webkit.org/show_bug.cgi?id=135058
1868         <rdar://problem/17464515>
1869
1870         Reviewed by Dan Bernstein.
1871
1872         * loader/HistoryController.cpp:
1873         (WebCore::HistoryController::updateForCommit):
1874         (WebCore::HistoryController::recursiveUpdateForCommit):
1875         (WebCore::HistoryController::recursiveUpdateForSameDocumentNavigation):
1876         (WebCore::HistoryController::createItem):
1877         Use setCurrentItem instead of duplicating the contents of it inside each of these functions.
1878
1879         (WebCore::HistoryController::setCurrentItem):
1880         (WebCore::HistoryController::replaceCurrentItem):
1881         When setting or replacing the current item, let the FrameLoaderClient know that we're going
1882         to change which history item is "current".
1883
1884         * loader/FrameLoaderClient.h:
1885         (WebCore::FrameLoaderClient::willChangeCurrentHistoryItem): Added.
1886
1887 2014-07-18  Commit Queue  <commit-queue@webkit.org>
1888
1889         Unreviewed, rolling out r171207.
1890         https://bugs.webkit.org/show_bug.cgi?id=135056
1891
1892         Broke multiple tests on Yosemite (Requested by ap on #webkit).
1893
1894         Reverted changeset:
1895
1896         "Fixed position elements are misplaced when a WK1 view has
1897         contentInsets set"
1898         https://bugs.webkit.org/show_bug.cgi?id=135031
1899         http://trac.webkit.org/changeset/171207
1900
1901 2014-07-18  Commit Queue  <commit-queue@webkit.org>
1902
1903         Unreviewed, rolling out r171218.
1904         https://bugs.webkit.org/show_bug.cgi?id=135055
1905
1906         Made fast/dom/HTMLObjectElement/beforeload-set-text-
1907         crash.xhtml crash (Requested by ap on #webkit).
1908
1909         Reverted changeset:
1910
1911         "REGRESSION (r169105): Crash in selection"
1912         https://bugs.webkit.org/show_bug.cgi?id=134303
1913         http://trac.webkit.org/changeset/171218
1914
1915 2014-07-18  Radu Stavila  <stavila@adobe.com>
1916
1917         REGRESSION (r169105): Crash in selection
1918         https://bugs.webkit.org/show_bug.cgi?id=134303
1919
1920         Reviewed by Ryosuke Niwa.
1921
1922         When splitting the selection between different subtrees, all subtrees must have their selection cleared before
1923         starting to apply the new selection. Otherwise, when selecting objects in a named flow thread and going up
1924         its containing block chain, we can end up in the view's selection root, which has not yet been updated and so
1925         we get inconsistent data.
1926
1927         To achieve this goal, the selection update was split into a "clear" and an "apply" method. The updateSelectionForSubtrees
1928         method first iterates through all subtrees and performs the "clear" method and then starts all over again
1929         and performs the "apply" method.
1930
1931         Also, the selectionStart/End members in RenderView have been renamed to fix problems caused by the fact that
1932         RenderView inherits SelectionSubtreeRoot, which also has the same selectionStart/End members.
1933
1934         Test: fast/regions/selection/crash-deselect.html
1935
1936         * WebCore.xcodeproj/project.pbxproj:
1937         * rendering/RenderBlock.cpp:
1938         (WebCore::RenderBlock::isSelectionRoot):
1939         * rendering/RenderSelectionInfo.h:
1940         * rendering/RenderView.cpp:
1941         (WebCore::RenderView::RenderView):
1942         (WebCore::RenderView::setSelection): Renamed m_selectionStart/End to m_unsplitSelectionStart/End
1943         (WebCore::RenderView::splitSelectionBetweenSubtrees):
1944         (WebCore::RenderView::updateSelectionForSubtrees): Added, clears and re-applies selection for all selection subtrees.
1945         (WebCore::RenderView::clearSubtreeSelection): Added, clears selection and returns previously selected information.
1946         (WebCore::RenderView::applySubtreeSelection): Added, updates the selection status of all objects inside the selection tree, compares old and new data and repaints accordingly.
1947         (WebCore::RenderView::getSelection): Renamed m_selectionStart/End to m_unsplitSelectionStart/End
1948         (WebCore::RenderView::setSubtreeSelection): Deleted.
1949         * rendering/RenderView.h:
1950         * rendering/SelectionSubtreeRoot.cpp:
1951         (WebCore::SelectionSubtreeRoot::SelectionSubtreeRoot):
1952         * rendering/SelectionSubtreeRoot.h:
1953         (WebCore::SelectionSubtreeRoot::OldSelectionData::OldSelectionData):
1954
1955 2014-07-17  Jer Noble  <jer.noble@apple.com>
1956
1957         [MSE] Re-enqueue after a removeCodedFrames() only if the removed frames overlap what may have possibly been enqueued but undisplayed.
1958         https://bugs.webkit.org/show_bug.cgi?id=135039
1959
1960         Reviewed by Eric Carlson.
1961
1962         When a client calls removeCodedFrames(), we must re-enqueue those ranges if the removed samples overlap with
1963         enqueued but possibly un-displayed samples. Otherwise, replacement samples may lead to decode errors as those
1964         new samples dependencies are not met. But if we re-enqueue too frequently, this may cause subtle but noticible
1965         display timing glitches, so only re-enqueue when removeCodedFrames have a possiblity of removing enqueued, but
1966         not yet displayed samples.
1967
1968         * Modules/mediasource/SourceBuffer.cpp:
1969         (WebCore::SourceBuffer::removeCodedFrames):
1970
1971 2014-07-17  David Kilzer  <ddkilzer@apple.com>
1972
1973         SECTORDER_FLAGS should be defined in target's xcconfig file, not Base.xcconfig
1974         <http://webkit.org/b/135006>
1975
1976         Reviewed by Darin Adler.
1977
1978         * Configurations/Base.xcconfig: Move SECTORDER_FLAGS to
1979         WebCore.xcconfig.
1980         * Configurations/DebugRelease.xcconfig: Remove empty
1981         SECTORDER_FLAGS definition.
1982         * Configurations/WebCoreTestShim.xcconfig: Ditto.
1983         * Configurations/WebCoreTestSupport.xcconfig: Ditto.
1984         * Configurations/WebCore.xcconfig: Use $(CONFIGURATION) so
1985         SECTORDER_FLAGS is only set on Production builds.
1986
1987 2014-07-17  Zalan Bujtas  <zalan@apple.com>
1988
1989         Subpixel rendering: Embedded non-compositing rotate transform paints to wrong position.
1990         https://bugs.webkit.org/show_bug.cgi?id=135028
1991
1992         Reviewed by Simon Fraser.
1993
1994         CTM always translates to where the layer's renderer() is going to paint.
1995         It ensures that the pixel snapped renderer() always end up painting to (0, 0) which is
1996         required to be able to position properly on transformed context.
1997
1998         Test: fast/layers/hidpi-transform-on-child-content-is-mispositioned.html
1999
2000         * rendering/RenderLayer.cpp:
2001         (WebCore::RenderLayer::beginTransparencyLayers):
2002         (WebCore::RenderLayer::clipToRect):
2003         (WebCore::RenderLayer::paintLayerByApplyingTransform):
2004         (WebCore::RenderLayer::paintBackgroundForFragments):
2005         (WebCore::RenderLayer::paintForegroundForFragmentsWithPhase):
2006         (WebCore::RenderLayer::paintOutlineForFragments):
2007         (WebCore::RenderLayer::paintMaskForFragments):
2008         (WebCore::RenderLayer::paintOverflowControlsForFragments):
2009         (WebCore::RenderLayer::calculateClipRects):
2010         * rendering/RenderLayer.h:
2011
2012 2014-07-17  Beth Dakin  <bdakin@apple.com>
2013
2014         Fixed position elements are misplaced when a WK1 view has contentInsets set
2015         https://bugs.webkit.org/show_bug.cgi?id=135031
2016         -and corresponding-
2017         <rdar://problem/17682335>
2018
2019         Reviewed by Tim Horton.
2020
2021         [NSScrollView documentVisibleRect] is not the rect that we are looking for when 
2022         this function is called. WebCore is interested in the rect that does not include 
2023         content that is within the inset region.
2024
2025         Implement contract() to avoid the awkwardness of calling expand() with negative 
2026         values.
2027         * platform/graphics/IntSize.h:
2028         (WebCore::IntSize::contract):
2029
2030         Use _insetBounds instead of documentVisibleRect, and when it’s necessary to use 
2031         the frame’s dimensions, extract the inset from that size.
2032         * platform/mac/ScrollViewMac.mm:
2033         (WebCore::ScrollView::platformVisibleContentRect):
2034         (WebCore::ScrollView::platformVisibleContentSize):
2035
2036 2014-07-17  Enrica Casucci  <enrica@apple.com>
2037
2038         [REGRESSION WK2]The menu bar does not show up when tapping on the caret.
2039         https://bugs.webkit.org/show_bug.cgi?id=135023
2040         <rdar://problem/17617282>
2041
2042         Reviewed by Benjamin Poulain.
2043
2044         Adding some exports.
2045         
2046         * WebCore.exp.in:
2047
2048 2014-07-17  Timothy Hatcher  <timothy@apple.com>
2049
2050         Make console.profile record to the Timeline.
2051
2052         https://bugs.webkit.org/show_bug.cgi?id=134643
2053
2054         Reviewed by Joseph Pecoraro.
2055
2056         Passes existing profiler tests in fast/profiler.
2057
2058         * bindings/js/ScriptState.cpp:
2059         (WebCore::domWindowFromExecState):
2060         (WebCore::frameFromExecState):
2061         (WebCore::scriptExecutionContextFromExecState):
2062         (WebCore::mainWorldExecState):
2063         (WebCore::execStateFromNode):
2064         * bindings/js/ScriptState.h:
2065         * inspector/InspectorController.cpp:
2066         (WebCore::InspectorController::InspectorController):
2067         (WebCore::InspectorController::profilerEnabled):
2068         (WebCore::InspectorController::setProfilerEnabled):
2069         * inspector/InspectorController.h:
2070         * inspector/InspectorInstrumentation.cpp:
2071         (WebCore::InspectorInstrumentation::startProfilingImpl):
2072         (WebCore::InspectorInstrumentation::stopProfilingImpl):
2073         * inspector/InspectorTimelineAgent.cpp:
2074         (WebCore::InspectorTimelineAgent::didCreateFrontendAndBackend):
2075         (WebCore::InspectorTimelineAgent::willDestroyFrontendAndBackend):
2076         (WebCore::InspectorTimelineAgent::start):
2077         (WebCore::InspectorTimelineAgent::stop):
2078         (WebCore::startProfiling):
2079         (WebCore::stopProfiling):
2080         (WebCore::InspectorTimelineAgent::startFromConsole):
2081         (WebCore::InspectorTimelineAgent::stopFromConsole):
2082         (WebCore::InspectorTimelineAgent::didWriteHTML):
2083         (WebCore::InspectorTimelineAgent::breakpointActionProbe):
2084         (WebCore::toProtocol):
2085         (WebCore::InspectorTimelineAgent::addRecordToTimeline):
2086         (WebCore::InspectorTimelineAgent::didCompleteRecordEntry):
2087         (WebCore::InspectorTimelineAgent::didCompleteCurrentRecord):
2088         (WebCore::InspectorTimelineAgent::InspectorTimelineAgent):
2089         (WebCore::InspectorTimelineAgent::sendEvent):
2090         (WebCore::InspectorTimelineAgent::createRecordEntry):
2091         (WebCore::InspectorTimelineAgent::pushCurrentRecord):
2092         * inspector/InspectorTimelineAgent.h:
2093         (WebCore::InspectorTimelineAgent::TimelineRecordEntry::TimelineRecordEntry):
2094         (WebCore::InspectorTimelineAgent::pushCurrentRecord):
2095         * inspector/InstrumentingAgents.cpp:
2096         (WebCore::InstrumentingAgents::InstrumentingAgents):
2097         (WebCore::InstrumentingAgents::reset):
2098         * inspector/InstrumentingAgents.h:
2099         (WebCore::InstrumentingAgents::persistentInspectorTimelineAgent):
2100         (WebCore::InstrumentingAgents::setPersistentInspectorTimelineAgent):
2101         * inspector/TimelineRecordFactory.cpp:
2102         (WebCore::TimelineRecordFactory::createConsoleProfileData):
2103         * inspector/TimelineRecordFactory.h:
2104         * inspector/protocol/Timeline.json:
2105         * page/PageConsole.cpp:
2106         (WebCore::PageConsole::profileEnd):
2107
2108 2014-07-16  Sam Weinig  <sam@webkit.org>
2109
2110         Don't send geolocation permission requests when the page is not visible
2111         <rdar://problem/17208715>
2112         https://bugs.webkit.org/show_bug.cgi?id=134989
2113
2114         Reviewed by Darin Adler.
2115
2116         Instead of eagerly requesting geolocation permission for pages that aren't visible,
2117         store a set of pending requests, and send them only once the page has become visible.
2118
2119         * Modules/geolocation/GeolocationController.cpp:
2120         (WebCore::GeolocationController::GeolocationController):
2121         (WebCore::GeolocationController::~GeolocationController):
2122         (WebCore::GeolocationController::requestPermission):
2123         (WebCore::GeolocationController::cancelPermissionRequest):
2124         (WebCore::GeolocationController::viewStateDidChange):
2125         (WebCore::provideGeolocationTo):
2126         * Modules/geolocation/GeolocationController.h:
2127         Store pending requests to be fired once the page is visible.
2128
2129         * WebCore.xcodeproj/project.pbxproj:
2130         Add ViewStateChangeObserver.h
2131
2132         * page/Page.cpp:
2133         (WebCore::Page::addViewStateChangeObserver):
2134         (WebCore::Page::removeViewStateChangeObserver):
2135         (WebCore::Page::setViewState):
2136         * page/Page.h:
2137         Add a set of registered view state observers, and notify them when the
2138         view state changes.
2139
2140         * page/ViewStateChangeObserver.h: Added.
2141         (WebCore::ViewStateChangeObserver::~ViewStateChangeObserver):
2142         Add an observer that can register with the page for view state changes.
2143
2144 2014-07-17  Jer Noble  <jer.noble@apple.com>
2145
2146         Enable legacy fullscreen API in media controls
2147         https://bugs.webkit.org/show_bug.cgi?id=134985
2148
2149         Reviewed by Eric Carlson.
2150
2151         Allow clients who have not enabled HTML5 Fullscreen APIs to still use fullscreen mode
2152         with <video> elements by using the legacy, video-element-specific fullscreen APIs in
2153         the <video> media controls.
2154
2155         * Modules/mediacontrols/mediaControlsApple.js:
2156         (Controller):
2157         (Controller.prototype.handleReadyStateChange):
2158         (Controller.prototype.isFullScreen):
2159         (Controller.prototype.handlePlayButtonClicked):
2160         (Controller.prototype.updateFullscreenButton):
2161         (Controller.prototype.handleFullscreenButtonClicked):
2162
2163 2014-07-17  Vineet Chaudhary  <code.vineet@gmail.com>
2164
2165         [GObject] StrictTypeChecking extended attribute fails for methods with sequence<T>.
2166         https://bugs.webkit.org/show_bug.cgi?id=121698
2167
2168         Reviewed by Antonio Gomes.
2169
2170         GodeGenerator was including wrong heeaders as WebKitDOMlong[] for methods with
2171         array parameters and StrictTypeChecking extended attribute.
2172         No new tests. TestObj.idl covers the tests.
2173
2174         * bindings/scripts/CodeGenerator.pm:
2175         (GetArrayOrSequenceType):
2176         * bindings/scripts/CodeGeneratorGObject.pm:
2177         (GenerateFunction):
2178         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
2179         (webkit_dom_test_obj_strict_function_with_array):
2180         * bindings/scripts/test/GObject/WebKitDOMTestObj.h:
2181         * bindings/scripts/test/GObject/WebKitDOMTestTypedefs.cpp:
2182         (webkit_dom_test_typedefs_func):
2183         (webkit_dom_test_typedefs_nullable_array_arg):
2184         * bindings/scripts/test/GObject/WebKitDOMTestTypedefs.h:
2185         * bindings/scripts/test/TestObj.idl:
2186
2187 2014-07-17  Yusuke Suzuki  <utatane.tea@gmail.com>
2188
2189         CSS JIT: Clean up return path
2190         https://bugs.webkit.org/show_bug.cgi?id=135011
2191
2192         Reviewed by Benjamin Poulain.
2193
2194         Clean up the existing CSS JIT return path before adding new early return path
2195         for pseudo elements.
2196
2197         * cssjit/SelectorCompiler.cpp:
2198         (WebCore::SelectorCompiler::SelectorCodeGenerator::generateSelectorChecker):
2199         * cssjit/StackAllocator.h:
2200         (WebCore::StackAllocator::StackReference::StackReference):
2201         (WebCore::StackAllocator::StackReference::isValid):
2202         (WebCore::StackAllocator::popAndDiscard): Deleted.
2203
2204 2014-07-16  Zalan Bujtas  <zalan@apple.com>
2205
2206         Subpixel rendering: Adjust cliprect with devicePixelFractionFromRenderer() before painting.
2207         https://bugs.webkit.org/show_bug.cgi?id=134950
2208         <rdar://problem/17617994>
2209
2210         Reviewed by Simon Fraser.
2211
2212         The cliprect coming from the graphics layer needs to be adjusted with the subpixel gap
2213         from renderer. This is symmetric with the offsetting we do, when the dirty rect is sent off to the GraphicsLayer.
2214         It puts us back to the correct coordinating system for intersecting with renderers.
2215
2216         Test: compositing/hidpi-compositing-layer-with-tile-layers-on-subpixel-position.html
2217
2218         * rendering/RenderLayer.cpp:
2219         (WebCore::RenderLayer::beginTransparencyLayers):
2220         (WebCore::RenderLayer::clipToRect):
2221
2222 2014-07-16  Simon Fraser  <simon.fraser@apple.com>
2223
2224         Fix a typo noticed by Darin.
2225         
2226         * rendering/RenderBox.cpp:
2227         (WebCore::shouldApplyContainersClipAndOffset):
2228         (WebCore::RenderBox::computeRectForRepaint):
2229         (WebCore::shouldAppyContainersClipAndOffset): Deleted.
2230
2231 2014-07-16  Simon Fraser  <simon.fraser@apple.com>
2232
2233         Improve showTree() logging
2234         https://bugs.webkit.org/show_bug.cgi?id=134997
2235
2236         Reviewed by Tim Horton.
2237
2238         Have the debug showTree(), which dumps the Node/Element tree, show which nodes need
2239         style recalc, and print element renderers.
2240
2241         * dom/Node.cpp:
2242         (WebCore::Node::showNode):
2243
2244 2014-07-16  Simon Fraser  <simon.fraser@apple.com>
2245
2246         [iOS] Expose the points on WebEventRegion
2247         https://bugs.webkit.org/show_bug.cgi?id=134978
2248
2249         Reviewed by Tim Horton.
2250
2251         Expose WebEventRegion's points so that UIKit can get at them.
2252
2253         * page/ios/WebEventRegion.h:
2254         * page/ios/WebEventRegion.mm:
2255         (-[WebEventRegion p1]):
2256         (-[WebEventRegion p2]):
2257         (-[WebEventRegion p3]):
2258         (-[WebEventRegion p4]):
2259
2260 2014-07-16  Brady Eidson  <beidson@apple.com>
2261
2262         Add WebSecurityOrigin "webSecurityOriginFromDatabaseIdentifier" SPI and change _websiteDataURLForContainerWithURL: SPI
2263         <rdar://problem/17454712> and https://bugs.webkit.org/show_bug.cgi?id=134984
2264
2265         Reviewed by Dan Bernstein.
2266
2267         Change _websiteDataURLForContainerWithURL: SPI to include an optional bundle identifier argument:
2268         * UIProcess/API/Cocoa/WKProcessPool.mm:
2269         (+[WKProcessPool _websiteDataURLForContainerWithURL:bundleIdentifierIfNotInContainer:]):
2270         (+[WKProcessPool _websiteDataURLForContainerWithURL:]): Deleted.
2271         * UIProcess/API/Cocoa/WKProcessPoolPrivate.h:
2272
2273         Add a big shiny comment in a few key places:
2274         * DatabaseProcess/DatabaseProcess.cpp:
2275         (WebKit::DatabaseProcess::initializeDatabaseProcess):
2276         * DatabaseProcess/IndexedDB/UniqueIDBDatabase.cpp:
2277         (WebKit::UniqueIDBDatabase::UniqueIDBDatabase):
2278         * UIProcess/WebContext.cpp:
2279         (WebKit::WebContext::applyPlatformSpecificConfigurationDefaults):
2280         (WebKit::WebContext::ensureDatabaseProcess):
2281
2282 2014-07-16  Roger Fong  <roger_fong@apple.com>
2283
2284         Captions container should not clip content.
2285         https://bugs.webkit.org/show_bug.cgi?id=134840.
2286         <rdar://problem/14553608>.
2287
2288         Reviewed by Simon Fraser.
2289
2290         Tests: media/track/track-in-band-subtitles-too-large.html
2291                media/track/track-long-word-container-sizing.html
2292
2293         * Modules/mediacontrols/mediaControlsApple.css:
2294         (video::-webkit-media-text-track-container):
2295         Set word break property of WebCTT cues to normal to make it consistent with in-band cues.
2296         * html/track/TextTrackCueGeneric.cpp:
2297         (WebCore::TextTrackCueGenericBoxElement::applyCSSProperties):
2298         Set -webkit-min-content on min-width/min-height property of the text track display.
2299         * html/track/VTTCue.cpp:
2300         (WebCore::VTTCueBox::applyCSSProperties):
2301         Do the same for WebVTT cues.
2302
2303 2014-07-16  Eric Carlson  <eric.carlson@apple.com>
2304
2305         [Mac] replace AVPlayerItem on the main thread
2306         https://bugs.webkit.org/show_bug.cgi?id=134983
2307
2308         Reviewed by Jer Noble.
2309
2310         No new tests, this fixes a problem with a thread configuration not present in the
2311         test environment.
2312
2313         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
2314         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
2315         (WebCore::MediaPlayerPrivateAVFoundationObjC::setAVPlayerItem): New, when called off of 
2316             the main thread, dispatch to the main thread before setting AVPlayerItem.
2317         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayer): Call setAVPlayerItem.
2318         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerItem): Ditto.
2319         (WebCore::MediaPlayerPrivateAVFoundationObjC::setShouldBufferData): Ditto.
2320
2321 2014-07-16  Jer Noble  <jer.noble@apple.com>
2322
2323         [MSE] http/tests/media/media-source/mediasource-buffered.html is flakey
2324         https://bugs.webkit.org/show_bug.cgi?id=134949
2325
2326         Reviewed by Eric Carlson.
2327
2328         Depending on which SourceBuffer is successfully parsed first, the order of activeSourceBuffers
2329         may change from run to run, breaking the http/tests/media/media-source/mediasource-buffered.html
2330         test. Make the order of activeSourceBuffers the same as (a subset of) sourceBuffers, by replacing
2331         calls to activeSourceBuffers->add() and with a new call to regenerateActiveSourceBuffers(), which
2332         swaps the contents of the SourceBufferList with a new, ordered Vector.
2333
2334         * Modules/mediasource/MediaSource.cpp:
2335         (WebCore::MediaSource::addSourceBuffer):
2336         (WebCore::MediaSource::sourceBufferDidChangeAcitveState):
2337         (WebCore::MediaSource::regenerateActiveSourceBuffers):
2338         * Modules/mediasource/MediaSource.h:
2339         * Modules/mediasource/SourceBufferList.cpp:
2340         (WebCore::SourceBufferList::swap):
2341         * Modules/mediasource/SourceBufferList.h:
2342
2343 2014-07-16  Mike West  <mkwst@chromium.org>
2344
2345         CSP: Drop 'script-nonce' directive.
2346         https://bugs.webkit.org/show_bug.cgi?id=134926
2347
2348         Reviewed by Darin Adler.
2349
2350         This patch drops the outdated 'script-nonce' Content Security
2351         Policy directive. It was removed from the spec, and replaced in
2352         CSP2 with a new 'script-src' syntax. We should implement that
2353         instead.
2354
2355         Until then, removing the outdated syntax will ensure that no one
2356         ends up relying on it in WebKit's implementation.
2357
2358         This should have limited web-visible impact, as the feature is
2359         behind the CSP_NEXT flag, which is not enabled by default.
2360
2361         * dom/ScriptElement.cpp:
2362         (WebCore::ScriptElement::requestScript):
2363         (WebCore::ScriptElement::executeScript):
2364         * page/ContentSecurityPolicy.cpp:
2365         (WebCore::CSPDirectiveList::allowJavaScriptURLs):
2366         (WebCore::CSPDirectiveList::allowInlineEventHandlers):
2367         (WebCore::CSPDirectiveList::addDirective):
2368         (WebCore::NonceDirective::NonceDirective): Deleted.
2369         (WebCore::NonceDirective::allows): Deleted.
2370         (WebCore::NonceDirective::parse): Deleted.
2371         (WebCore::CSPDirectiveList::checkNonce): Deleted.
2372         (WebCore::CSPDirectiveList::checkNonceAndReportViolation): Deleted.
2373         (WebCore::CSPDirectiveList::allowScriptNonce): Deleted.
2374         (WebCore::isAllowedByAllWithNonce): Deleted.
2375         (WebCore::ContentSecurityPolicy::allowScriptNonce): Deleted.
2376         (WebCore::ContentSecurityPolicy::reportInvalidNonce): Deleted.
2377         * page/ContentSecurityPolicy.h:
2378
2379 2014-07-16  Jer Noble  <jer.noble@apple.com>
2380
2381         REGRESSION(r171069) 75% repro crash in WebCore::AudioHardwareListenerMac::processIsRunningChanged()
2382         https://bugs.webkit.org/show_bug.cgi?id=134986
2383
2384         Reviewed by Eric Carlson.
2385
2386         Add a WeakPtrFactory to AudioHardwareListenerMac, so that if CoreAudio calls our block after
2387         being unregistered, we can bail early instead of calling into a deleted object.
2388
2389         * platform/audio/mac/AudioHardwareListenerMac.cpp:
2390         (WebCore::AudioHardwareListenerMac::AudioHardwareListenerMac):
2391         * platform/audio/mac/AudioHardwareListenerMac.h:
2392
2393 2014-07-16  Jer Noble  <jer.noble@apple.com>
2394
2395         [MSE] REGRESSION(r171033): ASSERT in WebCore::MediaSource::onReadyStateChange()
2396         https://bugs.webkit.org/show_bug.cgi?id=134941
2397
2398         Reviewed by Eric Carlson.
2399
2400         Only do our modified-order change of the readyState if the error parameter is empty,
2401         as that's the only case where a duration change will cause an inadvertant readyState
2402         change.
2403
2404         * Modules/mediasource/MediaSource.cpp:
2405         (WebCore::MediaSource::streamEndedWithError):
2406
2407 2014-07-16  Alexey Proskuryakov  <ap@apple.com>
2408
2409         Remove svn:executable property erroneously added in <http://trac.webkit.org/changeset/171144> somehow.
2410
2411         * ChangeLog: Removed property svn:executable.
2412         * svg/SVGSVGElement.h: Removed property svn:executable.
2413         * svg/animation/SVGSMILElement.h: Removed property svn:executable.
2414
2415 2014-07-16  Daniel Bates  <dabates@apple.com>
2416
2417         Substitute CGRectZero for NSZeroRect in -[DOMNode hrefFrame].
2418
2419         Rubber-stamped by Zalan Bujtas.
2420
2421         The method -[DOMNode hrefFrame] returns a CGRect. So, when we don't have a renderer
2422         we should return CGRectZero instead of a NSZeroRect.
2423
2424         * bindings/objc/DOM.mm:
2425         (-[DOMNode hrefFrame]): Also, fix up some code style issues.
2426
2427 2014-07-16  Jeongeun Kim  <je_julie.kim@samsung.com>
2428
2429         mutable pointers from const methods, timeContainer().
2430         https://bugs.webkit.org/show_bug.cgi?id=134757
2431
2432         Reviewed by Alexey Proskuryakov.
2433
2434         Avoid return mutable pointers from const methods.
2435         No new tests, no behavior change.
2436
2437         * svg/SVGSVGElement.h:
2438         * svg/animation/SVGSMILElement.h:
2439         (WebCore::SVGSMILElement::timeContainer):
2440
2441 2014-07-15  Yusuke Suzuki  <utatane.tea@gmail.com>
2442
2443         CSS: Generalize CSS First Letter treatment
2444         https://bugs.webkit.org/show_bug.cgi?id=134936
2445
2446         Reviewed by Benjamin Poulain.
2447
2448         first-letter pseudo element rule is handled differently from the other rules
2449         such as first-line. This patch removes this special handling in SelectorChecker
2450         and handles it in RulesFeatureSet.
2451
2452         * css/RuleFeature.cpp:
2453         (WebCore::RuleFeatureSet::collectFeaturesFromSelector):
2454         (WebCore::RuleFeatureSet::add):
2455         (WebCore::RuleFeatureSet::clear):
2456         * css/RuleFeature.h:
2457         (WebCore::RuleFeatureSet::RuleFeatureSet):
2458         * css/SelectorChecker.cpp:
2459         (WebCore::SelectorChecker::matchRecursively):
2460         * css/StyleResolver.h:
2461         (WebCore::StyleResolver::usesFirstLetterRules):
2462         * dom/DocumentStyleSheetCollection.cpp:
2463         (WebCore::DocumentStyleSheetCollection::combineCSSFeatureFlags):
2464         (WebCore::DocumentStyleSheetCollection::resetCSSFeatureFlags):
2465         * dom/DocumentStyleSheetCollection.h:
2466         (WebCore::DocumentStyleSheetCollection::setUsesFirstLetterRules): Deleted.
2467
2468 2014-07-15  Simon Fraser  <simon.fraser@apple.com>
2469
2470         Fix non-iOS builds.
2471
2472         * rendering/RenderBox.cpp:
2473         (WebCore::shouldAppyContainersClipAndOffset):
2474
2475 2014-07-15  Simon Fraser  <simon.fraser@apple.com>
2476
2477         [iOS] Fix touches inside accelerated overflow:scroll
2478         https://bugs.webkit.org/show_bug.cgi?id=134961
2479         <rdar://problem/16088789>
2480
2481         Reviewed by Benjamin Poulain.
2482
2483         When individual elements inside an overflow:scroll with -webkit-overflow-scrolling: touch
2484         had touch event listeners, we would fail to take the scroll offset into account when
2485         building the touch event region, causing touches on those elements to fail after scrolling.
2486         
2487         Touch event region building uses RenderObject::absoluteClippedOverflowRect(), and that
2488         code path tries to fix up repaint rects to work correctly in composited overflow:scroll.
2489         However, that broke the touch region computation.
2490         
2491         Fix by only ignoring the scroll offset for calls to computeRectForRepaint() which
2492         have a non-null repaintContainer (which indicates that we're doing a repaint in the
2493         compositing layer), and for which the repaintContainer is the containing block
2494         which is using composited scrolling. This restores correct behavior to the event region
2495         code which always calls this with a null repaintContainer.
2496
2497         * rendering/RenderBox.cpp:
2498         (WebCore::shouldAppyContainersClipAndOffset):
2499         (WebCore::RenderBox::computeRectForRepaint):
2500
2501 2014-07-15  Simon Fraser  <simon.fraser@apple.com>
2502
2503         [iOS] Fix issues drawing subsampled image elements and CSS images
2504         https://bugs.webkit.org/show_bug.cgi?id=134944
2505         <rdar://problem/17634095>
2506
2507         Reviewed by Dean Jackson.
2508
2509         After r170675 it is important for BitmapImage::draw() to be given a srcRect computed
2510         using the original size of the image, not the subsampled size.
2511         
2512         So fix various code paths that end up in image drawing to use the originalSize(),
2513         which requires giving Image a virtual function that just returns size(), and hence has
2514         a FloatSize return value.
2515         
2516         Tested by setting a very low subsampling threshold and browsing various sites.
2517         
2518         A better longterm fix will happen via bug 134916.
2519
2520         * platform/graphics/BitmapImage.cpp:
2521         (WebCore::BitmapImage::originalSize):
2522         * platform/graphics/BitmapImage.h:
2523         * platform/graphics/GraphicsContext.cpp:
2524         (WebCore::GraphicsContext::drawImage):
2525         * platform/graphics/Image.cpp:
2526         (WebCore::Image::drawTiled):
2527         (WebCore::Image::computeIntrinsicDimensions):
2528         * platform/graphics/Image.h:
2529         (WebCore::Image::originalSize):
2530         * platform/graphics/cg/BitmapImageCG.cpp:
2531         (WebCore::BitmapImage::BitmapImage): Just use m_size for initializing the other members.
2532         (WebCore::BitmapImage::draw):
2533         * platform/graphics/cg/GraphicsContext3DCG.cpp:
2534         (WebCore::GraphicsContext3D::ImageExtractor::extractImage):
2535         * platform/graphics/cg/ImageCG.cpp:
2536         (WebCore::Image::drawPattern):
2537
2538 2014-07-15  Brent Fulgham  <bfulgham@apple.com>
2539
2540         [Win] Unreviewed build fix after r171069.
2541
2542         Add missing AudioHardwareListener implementation on Windows.
2543
2544         * WebCore.vcxproj/WebCore.vcxproj:
2545         * WebCore.vcxproj/WebCore.vcxproj.filters:
2546
2547 2014-07-15  Antti Koivisto  <antti@apple.com>
2548
2549         REGRESSION (r155957): Invalid cast in WebCore::RenderNamedFlowThread::getRanges
2550         https://bugs.webkit.org/show_bug.cgi?id=134888
2551
2552         Reviewed by Mihnea Ovidenie.
2553
2554         Test: fast/regions/flowthread-getranges-box-cast.html
2555
2556         * rendering/RenderNamedFlowThread.cpp:
2557         (WebCore::RenderNamedFlowThread::getRanges): Test the type before casting.
2558
2559 2014-07-15  Carlos Alberto Lopez Perez  <clopez@igalia.com>
2560
2561         [GTK] Update GObject DOM bindings symbols file after r171014.
2562         https://bugs.webkit.org/show_bug.cgi?id=134907
2563
2564         Reviewed by Philippe Normand.
2565
2566         * bindings/gobject/webkitdom.symbols: Update to the current API.
2567
2568 2014-07-15  Manuel Rego Casasnovas  <rego@igalia.com>
2569
2570         Unreviwed fix wrong indentation from r171082.
2571
2572         * rendering/RenderGrid.cpp:
2573         (WebCore::RenderGrid::placeAutoMajorAxisItemOnGrid):
2574
2575 2014-07-14  Zalan Bujtas  <zalan@apple.com>
2576
2577         Subpixel rendering: Zero sized compositing container's content positioned off by one device pixel.
2578         https://bugs.webkit.org/show_bug.cgi?id=134903
2579
2580         Reviewed by Simon Fraser.
2581
2582         The compositing layer boundaries are calculated using its renderer()'s and the renderer()'s
2583         descendants' bounds. However when the renderer() is zero sized, its bounds are omitted.
2584         In such cases, when the child content has offset from the renderer(), the subpixel adjustment
2585         of the compositing layer becomes negative (-meaning that the compositing layer is to the right/bottom
2586         direction from its renderer()). Remove fabs() to be able to express such direction.
2587
2588         Test: compositing/hidpi-compositing-layer-with-zero-sized-container.html
2589
2590         * rendering/RenderLayerBacking.cpp:
2591         (WebCore::RenderLayerBacking::updateGeometry):
2592
2593 2014-07-14  Jeremy Jones  <jeremyj@apple.com>
2594
2595         Fix crash on WebVideoFullscreenManagerProxy construction.
2596         https://bugs.webkit.org/show_bug.cgi?id=134909
2597
2598         Unreviewed fix crash from r171089
2599
2600         Remove unnecessary dispatch to main queue since it can happen during construction.
2601
2602         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
2603         (WebVideoFullscreenInterfaceAVKit::setWebVideoFullscreenModel): remove dispatch_async
2604
2605 2014-07-14  Jeremy Jones  <jeremyj@apple.com>
2606
2607         WebVideoFullscreenInterfaceAVKit should only call the UI from main thread.
2608         https://bugs.webkit.org/show_bug.cgi?id=134890
2609
2610         Reviewed by Eric Carlson.
2611
2612         dispatch_async to the main thread before setting properties that would affect the UI.
2613
2614         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
2615         (WebVideoFullscreenInterfaceAVKit::setWebVideoFullscreenModel): wrap in call to dispatch_async
2616         (WebVideoFullscreenInterfaceAVKit::setDuration): ditto
2617         (WebVideoFullscreenInterfaceAVKit::setCurrentTime): ditto
2618         (WebVideoFullscreenInterfaceAVKit::setRate): ditto
2619         (WebVideoFullscreenInterfaceAVKit::setVideoDimensions): ditto
2620         (WebVideoFullscreenInterfaceAVKit::setSeekableRanges): ditto
2621         (WebVideoFullscreenInterfaceAVKit::setAudioMediaSelectionOptions): ditto
2622         (WebVideoFullscreenInterfaceAVKit::setLegibleMediaSelectionOptions): ditto
2623         (WebVideoFullscreenInterfaceAVKit::setExternalPlayback): ditto
2624
2625 2014-07-14  Tibor Meszaros  <tmeszaros.u-szeged@partner.samsung.com>
2626
2627         Fix the !ENABLE(FILTERS) && !ENABLE(CSS_FILTERS) build after r167497
2628         https://bugs.webkit.org/show_bug.cgi?id=134679
2629
2630         Reviewed by Darin Adler.
2631
2632         * html/ImageData.cpp:
2633         * platform/graphics/cairo/ImageBufferCairo.cpp:
2634
2635 2014-07-14  Manuel Rego Casasnovas  <rego@igalia.com>
2636
2637         [CSS Grid Layout] Support sparse in auto-placement algorithm
2638         https://bugs.webkit.org/show_bug.cgi?id=134544
2639
2640         Reviewed by Sergio Villar Senin.
2641
2642         This patch implements sparse mode for auto-placement algorithm, which is
2643         the default mode in the new grid-auto-flow syntax. It keeps track of the
2644         auto-placement cursor in
2645         RenderGrid::placeAutoMajorAxisItemsOnGrid() and updates it accordingly
2646         when auto-positioned items are placed.
2647         If we're in dense mode it resets the cursor after each item (which keeps
2648         the old behavior that was using dense mode by default).
2649
2650         GridIterator has been adapted to look for empty areas from a given
2651         position in both directions.
2652
2653         Test: fast/css-grid-layout/grid-auto-flow-sparse.html
2654
2655         * rendering/RenderGrid.cpp:
2656         (WebCore::RenderGrid::GridIterator::GridIterator): Modify constructor to
2657         add an optional argument for the varying index. This allows to look for
2658         empty areas in both axis.
2659         (WebCore::RenderGrid::placeAutoMajorAxisItemsOnGrid): Defined the
2660         auto-placement cursor and rested after each item if we're in dense mode.
2661         (WebCore::RenderGrid::placeAutoMajorAxisItemOnGrid): Use auto-placement
2662         cursor to look for empty areas from the last auto-positioned item
2663         placed.
2664         * rendering/RenderGrid.h: Modify placeAutoMajorAxisItemOnGrid() header
2665         to receive the auto-placement cursor.
2666
2667 2014-07-14  Brent Fulgham  <bfulgham@apple.com>
2668
2669         [iOS] Some videos play as inline audio-only content
2670         https://bugs.webkit.org/show_bug.cgi?id=134898.
2671         <rdar://problem/17629379>
2672
2673         Reviewed by Eric Carlson.
2674
2675         Add a new 'presentationType' accessor that indicates if the media
2676         element is playing in 'audio' mode. This can happen if a video
2677         element plays an HLS stream that starts off in audio-only mode.
2678
2679         * html/HTMLMediaElement.cpp:
2680         (WebCore::HTMLMediaElement::presentationType): Added.
2681         * html/HTMLMediaElement.h:
2682         * platform/audio/MediaSession.cpp:
2683         (WebCore::MediaSession::presentationType): Added.
2684         * platform/audio/MediaSession.h:
2685         * platform/audio/MediaSessionManager.cpp: 
2686         (WebCore::MediaSessionManager::sessionRestrictsInlineVideoPlayback):
2687         Use the presentationType, rather than the mediaType to control
2688         inline playback behavior.
2689         * platform/audio/ios/AudioDestinationIOS.h:
2690         (WebCore::AudioDestinationMac::presentationType): Add presentationType.
2691         * platform/audio/mac/AudioDestinationMac.h:
2692         (WebCore::AudioDestinationMac::presentationType): Ditto.
2693
2694 2014-07-14  Bear Travis  <betravis@adobe.com>
2695
2696         [Feature Queries] Enable Feature Queries on Mac
2697         https://bugs.webkit.org/show_bug.cgi?id=134404
2698
2699         Reviewed by Antti Koivisto.
2700
2701         Enable Feature Queries on Mac and resume running the
2702         feature tests.
2703
2704         * Configurations/FeatureDefines.xcconfig: Turn on
2705         ENABLE_CSS3_CONDITIONAL_RULES.
2706
2707 2014-07-11  David Hyatt  <hyatt@apple.com>
2708
2709         <rdar://problem/17305458> Cannot interact with video controls in ePubs
2710         Bug 134836 - [New Multicolumn] Crawl to check for compositing between us and the enclosingPaginationLayer
2711         https://bugs.webkit.org/show_bug.cgi?id=134836
2712
2713         Reviewed by Dean Jackson.
2714
2715         The paginatedAndComposited bit being set in updateLayerPositions just didn't work, since compositing states
2716         can change without triggering that function. This patch just gets rid of the bit and does a crawl every time
2717         to check. This ensures that changes in compositing states don't necessitate any changes in pagination,
2718         since the lookup will always check the current compositing state.
2719         
2720         The new function that does this check is hasCompositedLayerInEnclosingPaginationChain.
2721         
2722         I have been unable to reproduce this issue, and this is therefore a purely speculative fix. I have no test
2723         case to provide because of this.
2724
2725         * rendering/RenderLayer.cpp:
2726         (WebCore::RenderLayer::RenderLayer):
2727         (WebCore::RenderLayer::updateLayerPositions):
2728         (WebCore::RenderLayer::hasCompositedLayerInEnclosingPaginationChain):
2729         (WebCore::RenderLayer::updatePagination):
2730         * rendering/RenderLayer.h:
2731
2732 2014-07-14  Zalan Bujtas  <zalan@apple.com>
2733
2734         Move composite bounds calculation to RenderLayerBacking.
2735         https://bugs.webkit.org/show_bug.cgi?id=134864
2736
2737         Reviewed by Darin Adler.
2738
2739         No change in functionality.
2740
2741         * rendering/RenderLayerBacking.cpp:
2742         (WebCore::RenderLayerBacking::updateCompositedBounds):
2743         * rendering/RenderLayerCompositor.cpp: it was just proxying the calculateLayerBounds()
2744         to the RenderLayer.
2745         (WebCore::RenderLayerCompositor::calculateCompositedBounds): Deleted.
2746         * rendering/RenderLayerCompositor.h:
2747
2748 2014-07-14  Tim Horton  <timothy_horton@apple.com>
2749
2750         Fix the build.
2751
2752         * platform/audio/MediaSessionManager.h:
2753
2754 2014-07-14  Eric Carlson  <eric.carlson@apple.com>
2755
2756         [Mac] don't enable low power audio mode on external output devices
2757         https://bugs.webkit.org/show_bug.cgi?id=134877
2758
2759         Reviewed by Sam Weinig.
2760
2761         No new tests, this deals with changes to the audio hardware at runtime.
2762
2763         * WebCore.xcodeproj/project.pbxproj: Remove AudioSessionListener.h.
2764         * WebCore.vcxproj/WebCore.vcxproj: Ditto.
2765
2766         * platform/audio/AudioHardwareListener.cpp:
2767         (WebCore::AudioHardwareListener::AudioHardwareListener): Initialize m_outputDeviceSupportsLowPowerMode
2768             to true on iOS.
2769         * platform/audio/AudioHardwareListener.h:
2770         (WebCore::AudioHardwareListener::outputDeviceSupportsLowPowerMode): New accessor.
2771         (WebCore::AudioHardwareListener::setHardwareActivity): New setter for derived classes.
2772         (WebCore::AudioHardwareListener::setOutputDeviceSupportsLowPowerMode): Ditto.
2773
2774         Remove AudioSessionListener interface, it wasn't being used.
2775         * platform/audio/AudioSession.cpp:
2776         (WebCore::AudioSession::addListener): Deleted.
2777         (WebCore::AudioSession::removeListener): Deleted.
2778         (WebCore::AudioSession::beganAudioInterruption): Deleted.
2779         (WebCore::AudioSession::endedAudioInterruption): Deleted.
2780         * platform/audio/AudioSession.h:
2781         * platform/audio/AudioSessionListener.h: Removed.
2782
2783         * platform/audio/MediaSessionManager.cpp:
2784         (WebCore::MediaSessionManager::addSession): Allocate the AudioHardwareListener if necessary.
2785         (WebCore::MediaSessionManager::removeSession): Free the AudioHardwareListener if necessary.
2786         (WebCore::MediaSessionManager::audioOutputDeviceChanged): AudioHardwareListener client interface
2787             called when the output device changes, call updateSessionState to make sure we are using
2788             the correct buffer size.
2789         * platform/audio/MediaSessionManager.h:
2790
2791         * platform/audio/ios/AudioDestinationIOS.h:
2792         * platform/audio/ios/AudioSessionIOS.mm:
2793         (WebCore::AudioSessionPrivate::AudioSessionPrivate): Drive-by cleanup, remove ObjC helper object
2794             that was used to listen for OS notifications, it is no longer used.
2795         (SOFT_LINK_POINTER): Deleted.
2796         (-[WebAudioSessionHelper initWithCallback:]): Deleted.
2797         (-[WebAudioSessionHelper dealloc]): Deleted.
2798         (-[WebAudioSessionHelper interruption:]): Deleted.
2799
2800         * platform/audio/mac/AudioHardwareListenerMac.cpp:
2801         (WebCore::currentDeviceSupportsLowPowerBufferSize): New, return true only if using build-in 
2802             transport device.
2803         (WebCore::processIsRunningPropertyDescriptor): Return reference to static AudioObjectPropertyAddress
2804             for kAudioHardwarePropertyProcessIsRunning instead of declaring one in every method
2805             that needs one.
2806         (WebCore::outputDevicePropertyDescriptor): Return reference to static AudioObjectPropertyAddress
2807             for kAudioHardwarePropertyDefaultOutputDevice.
2808         (WebCore::AudioHardwareListenerMac::AudioHardwareListenerMac): Restructure and add audio object
2809             listener for default output device.
2810         (WebCore::AudioHardwareListenerMac::~AudioHardwareListenerMac): *Remove* listener audio object
2811             property listener instead of *Adding* a new one. Remove new listener.
2812         (WebCore::AudioHardwareListenerMac::propertyChanged): Enumerate the properties that changed,
2813             call appropriate method.
2814         (WebCore::AudioHardwareListenerMac::processIsRunningChanged): Renamed from setHardwareActive, 
2815             cleanup.
2816         (WebCore::AudioHardwareListenerMac::outputDeviceChanged): New, call client.audioHardwareOutputDeviceChanged.
2817         (WebCore::AudioHardwareListenerMac::setHardwareActive): Deleted, renamed processIsRunningChanged.
2818         * platform/audio/mac/AudioHardwareListenerMac.h:
2819
2820         * platform/audio/mac/MediaSessionManagerMac.cpp:
2821         (MediaSessionManager::updateSessionState): Only set the output buffer size to 4K when hardware
2822             supports it.
2823
2824 2014-07-13  Benjamin Poulain  <benjamin@webkit.org>
2825
2826         Remove SelectorCheckerFastPath from the style resolution algorithm
2827         https://bugs.webkit.org/show_bug.cgi?id=134866
2828
2829         Reviewed by Antti Koivisto.
2830
2831         SelectorCheckerFastPath is now pure overhead because it can almost never match
2832         if the CSS JIT was unable to compile.
2833
2834         * css/ElementRuleCollector.cpp:
2835         (WebCore::ElementRuleCollector::ruleMatches):
2836         The "pre-filter" behind fastCheckableSelector had two parts:
2837         1) Filtering the pseudoID.
2838         2) Filtering on the rule hash.
2839
2840         The first part has been generalized (RuleDatacanMatchPseudoElement())
2841         and moved to collectMatchingRulesForList(). 
2842
2843         (WebCore::ElementRuleCollector::collectMatchingRulesForList):
2844         * css/RuleSet.cpp:
2845         (WebCore::selectorCanMatchPseudoElement):
2846         (WebCore::RuleData::RuleData):
2847         (WebCore::RuleSet::addRegionRule):
2848         (WebCore::RuleSet::addRulesFromSheet):
2849         * css/RuleSet.h:
2850         (WebCore::RuleData::canMatchPseudoElement):
2851         (WebCore::RuleData::hasFastCheckableSelector): Deleted.
2852         * css/StyleResolver.cpp:
2853
2854 2014-07-13  Benjamin Poulain  <benjamin@webkit.org>
2855
2856         Remove an useless check from SelectorChecker
2857         https://bugs.webkit.org/show_bug.cgi?id=134868
2858
2859         Reviewed by Darin Adler.
2860
2861         * css/SelectorChecker.cpp:
2862         (WebCore::SelectorChecker::matchRecursively):
2863         The condition of this if() branch can never be met for the mode "QueryingRules".
2864
2865         The next condition in that if() is "dynamicPseudo != NOPSEUDO", which implies
2866         a pseudo element was matched prior to the current context/simple selector.
2867         This cannot happen with QueryingRules, since we never match pseudo elements for
2868         SelectorQuery.
2869
2870 2014-07-12  Nikos Andronikos  <nikos.andronikos-webkit@cisra.canon.com.au>
2871
2872         Elements with rendering disabled due to dimensions should not contribute to parent bounding box
2873         https://bugs.webkit.org/show_bug.cgi?id=134184
2874
2875         Reviewed by Dirk Schulze.
2876
2877         SVG elements that have rendering disabled should not contribute to any ancestor elements bounding box.
2878         Examples of elements with rendering disabled:
2879         - basic shape with width <= 0 or height <= 0
2880         - path with no path data (d attribute missing or empty)
2881         - polyline or polygon element with no point data (points attribute missing or empty)
2882
2883         To achieve this a method (isRenderingDisabled) was added to RenderSVGShape and it's derived classes.
2884         This is used to determine if an element is included when creating the union of child bounding boxes
2885         in a container element.
2886
2887         Tests: svg/custom/GetBBox-path-nodata.html
2888                svg/custom/GetBBox-polygon-nodata.html
2889                svg/custom/GetBBox-polyline-nodata.html
2890                svg/custom/getBBox-container-hiddenchild.html
2891
2892         * rendering/svg/RenderSVGEllipse.cpp:
2893         (WebCore::RenderSVGEllipse::isRenderingDisabled):
2894         New method added. Checks bounding box to determine if rendering is disabled.
2895         * rendering/svg/RenderSVGEllipse.h:
2896         * rendering/svg/RenderSVGPath.cpp:
2897         (WebCore::RenderSVGPath::isRenderingDisabled):
2898         New method added. Checks bounding box to determine if rendering is disabled.
2899         * rendering/svg/RenderSVGPath.h:
2900         * rendering/svg/RenderSVGRect.cpp:
2901         (WebCore::RenderSVGRect::isRenderingDisabled):
2902         New method added. Checks bounding box to determine if rendering is disabled.
2903         * rendering/svg/RenderSVGRect.h:
2904         * rendering/svg/RenderSVGShape.h:
2905         (WebCore::RenderSVGShape::isRenderingDisabled):
2906         New method added. Always returns false so that derived classes that do not
2907         implement this method retain the existing behaviour.
2908         * rendering/svg/SVGRenderSupport.cpp:
2909         (WebCore::SVGRenderSupport::computeContainerBoundingBoxes):
2910         For each element potentially being included in the unioned bounding box of
2911         a container, check isRenderingDisabled and skip that element if true.
2912
2913         * rendering/svg/RenderSVGEllipse.cpp:
2914         (WebCore::RenderSVGEllipse::isRenderingDisabled):
2915         * rendering/svg/RenderSVGEllipse.h:
2916         * rendering/svg/RenderSVGPath.cpp:
2917         (WebCore::RenderSVGPath::isRenderingDisabled):
2918         * rendering/svg/RenderSVGPath.h:
2919         * rendering/svg/RenderSVGRect.cpp:
2920         (WebCore::RenderSVGRect::isRenderingDisabled):
2921         * rendering/svg/RenderSVGRect.h:
2922         * rendering/svg/RenderSVGShape.h:
2923         * rendering/svg/SVGRenderSupport.cpp:
2924         (WebCore::SVGRenderSupport::computeContainerBoundingBoxes):
2925
2926 2014-07-12  Benjamin Poulain  <benjamin@webkit.org>
2927
2928         Rename selectorListContainsUncommonAttributeSelector() to selectorListContainsAttributeSelector()
2929         https://bugs.webkit.org/show_bug.cgi?id=134862
2930
2931         Reviewed by Sam Weinig.
2932
2933         Unlike containsUncommonAttributeSelector(), selectorListContainsUncommonAttributeSelector() does not
2934         evaluate the attribute for "uncommon" types.
2935
2936         It would be possible to change the function instead to evaluate common attributes based
2937         on the match type and the pseudo class type. Such change would be more risky
2938         and we would get very little benefit from it, I leave that for later if that ever becomes useful.
2939
2940         * css/RuleSet.cpp:
2941         (WebCore::selectorListContainsAttributeSelector):
2942         (WebCore::containsUncommonAttributeSelector):
2943         (WebCore::selectorListContainsUncommonAttributeSelector): Deleted.
2944
2945 2014-07-12  Zan Dobersek  <zdobersek@igalia.com>
2946
2947         Use braced-init-list to create one-item Vector object in insertPerformanceEntry
2948         https://bugs.webkit.org/show_bug.cgi?id=133675
2949
2950         Reviewed by Darin Adler.
2951
2952         * page/PerformanceUserTiming.cpp:
2953         (WebCore::insertPerformanceEntry): Avoid wasting three lines for creating a
2954         Vector object with just one item that in the end gets copied. Use the
2955         braced-init-list syntax instead, leveraging Vector's std::initializer_list
2956         constructor.
2957
2958 2014-07-12  Allan Sandfeld Jensen  <allan.jensen@digia.com>
2959
2960         Memory leaks with autoLoadImages off
2961         https://bugs.webkit.org/show_bug.cgi?id=124411
2962
2963         Reviewed by Darin Adler.
2964
2965         Do not emit notifyFinished for images with deferred load,
2966         and allow deferred loads to be cancelled.
2967
2968         * loader/cache/CachedResource.cpp:
2969         (WebCore::CachedResource::checkNotify):
2970         (WebCore::CachedResource::cancelLoad):
2971
2972 2014-07-11  Jer Noble  <jer.noble@apple.com>
2973
2974         [MSE] http/tests/media/media-source/mediasource-duration.html is failing.
2975         https://bugs.webkit.org/show_bug.cgi?id=134852
2976
2977         Reviewed by Eric Carlson.
2978
2979         Fixes the following tests:
2980         http/tests/media/media-source/mediasource-config-change-mp4-a-bitrate.html
2981         http/tests/media/media-source/mediasource-config-change-mp4-av-audio-bitrate.html
2982         http/tests/media/media-source/mediasource-config-change-mp4-av-video-bitrate.html
2983         http/tests/media/media-source/mediasource-config-change-mp4-v-bitrate.html
2984         http/tests/media/media-source/mediasource-config-change-mp4-v-framerate.html
2985         http/tests/media/media-source/mediasource-duration.html
2986         http/tests/media/media-source/mediasource-play.html
2987
2988         The primary change necessary to fix the mediasource-duration.html test was to add support
2989         for delaying the completion of a seek operation until the HTMLMediaElement's readyState
2990         rises to > HAVE_CURRENT_DATA. This is accomplished by modifying MediaSourcePrivate to have
2991         waitForSeekCompleted() and seekCompleted() virtual methods. These are called by MediaSource
2992         when a seek operation results in the current time moving outside the currently buffered time
2993         ranges, and when an append operation results in the readyState changing, respectively.
2994
2995         A number of other drive-by fixes were necessary to get this test fully passing, as noted
2996         below.
2997
2998         Make the MediaSource the primary owner of the media's duration, rather than the MediaSourcePrivate.
2999         Move the MediaSourcePrivateClient pointer to the MediaSourcePrivate from the MediaPlayerPrivate, so
3000         the MediaSource's duration can be retrieved.  While we're at it, do the same thing for buffered.
3001
3002         * Modules/mediasource/MediaSource.cpp:
3003         (WebCore::MediaSource::MediaSource): Initialize m_duration.
3004         (WebCore::MediaSource::duration): Simple accessor.
3005         (WebCore::MediaSource::setDurationInternal): Bring 'duration change algorithm' up to spec.
3006         (WebCore::MediaSource::setReadyState): Reset m_duration on close.
3007         * Modules/mediasource/MediaSource.h:
3008         * platform/graphics/MediaSourcePrivate.h:
3009         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
3010         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::load): Do not call setPrivateAndOpen().
3011         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::durationDouble): Pass through to MediaSourcePrivateAVFObjC.
3012         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::buffered): Ditto.
3013         * platform/graphics/avfoundation/objc/MediaSourcePrivateAVFObjC.h:
3014         * platform/graphics/avfoundation/objc/MediaSourcePrivateAVFObjC.mm:
3015         (WebCore::MediaSourcePrivateAVFObjC::create): Call setPrivateAndOpen().
3016         (WebCore::MediaSourcePrivateAVFObjC::MediaSourcePrivateAVFObjC): Set m_client.
3017         (WebCore::MediaSourcePrivateAVFObjC::duration): Pass through to MediaSourcePrivateClient.
3018         (WebCore::MediaSourcePrivateAVFObjC::buffered): Ditto.
3019         (WebCore::MediaSourcePrivateAVFObjC::durationChanged): Pass through to MediaPlayerPrivateMediaSourceAVFObjC.
3020         (WebCore::MediaSourcePrivateAVFObjC::setDuration): Deleted.
3021         * platform/graphics/gstreamer/MediaSourceGStreamer.cpp:
3022         (WebCore::MediaSourceGStreamer::open): Pass in MediaSourcePrivateClient.
3023         (WebCore::MediaSourceGStreamer::MediaSourceGStreamer): Initialize m_mediaSource.
3024         (WebCore::MediaSourceGStreamer::durationChanged): Retrieve the duration from MediaSourcePrivateClient.
3025         (WebCore::MediaSourceGStreamer::markEndOfStream): Remove unnecssary ASSERT.
3026         (WebCore::MediaSourceGStreamer::unmarkEndOfStream): Ditto.
3027         (WebCore::MediaSourceGStreamer::setDuration): Deleted.
3028         * platform/graphics/gstreamer/MediaSourceGStreamer.h:
3029         * platform/mock/mediasource/MockMediaPlayerMediaSource.cpp:
3030         (WebCore::MockMediaPlayerMediaSource::load): Do not call setPrivateAndOpen().
3031         (WebCore::MockMediaPlayerMediaSource::buffered): Pass through to MockMediaSourcePrivate.
3032         (WebCore::MockMediaPlayerMediaSource::durationDouble): Ditto.
3033         (WebCore::MockMediaPlayerMediaSource::advanceCurrentTime): Ditto.
3034         * platform/mock/mediasource/MockMediaSourcePrivate.cpp:
3035         (WebCore::MockMediaSourcePrivate::create): Call setPrivateAndOpen().
3036         (WebCore::MockMediaSourcePrivate::MockMediaSourcePrivate): Set m_client.
3037         (WebCore::MockMediaSourcePrivate::duration): Pass through to MediaSourcePrivateClient.
3038         (WebCore::MockMediaSourcePrivate::buffered): Ditto.
3039         (WebCore::MockMediaSourcePrivate::durationChanged): Pass thorugh to MockMediaPlayerMediaSource.
3040         (WebCore::MockMediaSourcePrivate::setDuration): Deleted.
3041
3042         Route seekToTime through MediaSource, rather than through MediaSourcePrivate, so that
3043         the time can be compared against the buffered ranges, and trigger the delay of the seek
3044         operation if necessary. Add a seekTimer to MediaPlayerPrivateMediaSourceAVFObjC, as this
3045         guarantees the order of asynchronous operations, rather than callOnMainThread, which can
3046         cause async operations to occur out of order.
3047
3048         * Modules/mediasource/MediaSource.cpp:
3049         (WebCore::MediaSource::seekToTime): Bring up to spec.
3050         (WebCore::MediaSource::completeSeek): Ditto.
3051         (WebCore::MediaSource::monitorSourceBuffers): Call completeSeek() when appropriate.
3052         * Modules/mediasource/SourceBuffer.cpp:
3053         (WebCore::SourceBuffer::sourceBufferPrivateSeekToTime): Deleted.
3054         (WebCore::SourceBuffer::seekToTime): Renamed from sourceBufferPrivateSeekToTime().
3055         * platform/graphics/MediaSourcePrivate.h:
3056         * platform/graphics/MediaSourcePrivateClient.h:
3057         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
3058         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
3059         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::MediaPlayerPrivateMediaSourceAVFObjC): Add seekTimer. Only
3060             call timeChanged() if no longer seeking, thereby triggering a 'seeked' event.
3061         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::~MediaPlayerPrivateMediaSourceAVFObjC): Clear m_seekTimer.
3062         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::seekWithTolerance): Use m_seekTimer.
3063         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::seekTimerFired): Call seekInternal.
3064         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::seekInternal): Add logging.
3065         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::waitForSeekCompleted): Added.
3066         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::seekCompleted): Added; trigger 'seeked'.
3067         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setReadyState): No longer attempt to finish seek when
3068             readyState changes here; this has been moved up to MediaSource.cpp.
3069         * platform/graphics/avfoundation/objc/MediaSourcePrivateAVFObjC.h:
3070         * platform/graphics/avfoundation/objc/MediaSourcePrivateAVFObjC.mm:
3071         (WebCore::MediaSourcePrivateAVFObjC::waitForSeekCompleted): Pass through to MediaPlayerPrivateMediaSourceAVFObjC.
3072         (WebCore::MediaSourcePrivateAVFObjC::seekCompleted): Ditto.
3073         (WebCore::MediaSourcePrivateAVFObjC::seekToTime): Pass through to MediaSourcePrivateClient.
3074         (WebCore::MediaSourcePrivateAVFObjC::fastSeekTimeForMediaTime): Ditto.
3075         * platform/mock/mediasource/MockMediaPlayerMediaSource.cpp:
3076         (WebCore::MockMediaPlayerMediaSource::MockMediaPlayerMediaSource): Initialize m_seekCompleted.
3077         (WebCore::MockMediaPlayerMediaSource::seeking): Check for an uncompleted seek operation. 
3078         (WebCore::MockMediaPlayerMediaSource::seekWithTolerance): Ditto.
3079         (WebCore::MockMediaPlayerMediaSource::waitForSeekCompleted): Added.
3080         (WebCore::MockMediaPlayerMediaSource::seekCompleted): Added; trigger 'seeked'.
3081         * platform/mock/mediasource/MockMediaPlayerMediaSource.h:
3082         * platform/mock/mediasource/MockMediaSourcePrivate.cpp:
3083         (WebCore::MockMediaSourcePrivate::waitForSeekCompleted): Pass through to MockMediaPlayerMediaSource.
3084         (WebCore::MockMediaSourcePrivate::seekCompleted): Ditto.
3085         * platform/mock/mediasource/MockMediaSourcePrivate.h:
3086
3087         Drive-by fixes.
3088
3089         * Modules/mediasource/MediaSource.cpp:
3090         (WebCore::MediaSource::streamEndedWithError): Re-order the steps in streamEndedWithError()
3091             to avoid the MediaSource being closed and re-opened by the resulting duration change
3092             operation.
3093         * Modules/mediasource/MediaSource.h:
3094         * Modules/mediasource/SourceBuffer.cpp:
3095         (WebCore::SourceBuffer::remove): Added logging.
3096         (WebCore::SourceBuffer::removeCodedFrames): Ditto.
3097         (WebCore::SourceBuffer::hasFutureTime): Swap an ASSERT for an early-return; it's possible
3098             for currentTime() to be outside of a buffered area.
3099         * Modules/mediasource/SourceBuffer.h:
3100         * html/HTMLMediaElement.cpp:
3101         (WebCore::HTMLMediaElement::parseAttribute): Do not issue an additional 'timeupdate' event
3102             after finishSeek() issues one of its own.
3103         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
3104         (WebCore::globalDataParserQueue): Allow parsing operations to happen concurrently on
3105             background queues.
3106
3107 2014-07-12  Eric Carlson  <eric.carlson@apple.com>
3108
3109         [iOS] update control type when playback state changes
3110         https://bugs.webkit.org/show_bug.cgi?id=134856
3111
3112         Reviewed by Dean Jackson.
3113
3114         Check to make sure the correct type of media controls are showing when playback state
3115         changes so we don't end up with the wrong type of controls during playback.
3116
3117         * Modules/mediacontrols/mediaControlsApple.js: 
3118         (Controller.prototype.HandledVideoEvents): Drive-by fix, call handlePlay on 'playing' instead
3119             of 'play' so controls don't hide too early.
3120         * Modules/mediacontrols/mediaControlsiOS.js:
3121         (ControllerIOS.prototype.setPlaying): New, call updateControls to make sure inline
3122             controls are shown when appropriate.
3123
3124 2014-07-12  Dean Jackson  <dino@apple.com>
3125
3126         [iOS Media] Start playback button should indicate when it can't play
3127         https://bugs.webkit.org/show_bug.cgi?id=134851
3128
3129         Post-commit review with Eric Carlson on IRC.
3130
3131         * Modules/mediacontrols/mediaControlsiOS.js:
3132         (ControllerIOS.prototype.updateStatusDisplay): Remove the line that sets the
3133         class on the inline play button.
3134
3135 2014-07-11  Dean Jackson  <dino@apple.com>
3136
3137         [iOS Media] Start playback button should indicate when it can't play
3138         https://bugs.webkit.org/show_bug.cgi?id=134851
3139
3140         Reviewed by Sam Weinig.
3141
3142         If a video element has errors and cannot play, then the start
3143         playback button should use the "broken" icon.
3144
3145         * Modules/mediacontrols/mediaControlsApple.js: Add a new "failed" class.
3146         * Modules/mediacontrols/mediaControlsiOS.js:
3147         (ControllerIOS.prototype.shouldHaveStartPlaybackButton): We need a playback button
3148         even when there is an error.
3149         (ControllerIOS.prototype.handleWirelessPickerButtonTouchStart): Don't offer Airplay
3150         if we're in an error state.
3151         (ControllerIOS.prototype.updateStatusDisplay): Set the "failed" class on
3152         the playback buttons if we are in an error state.
3153
3154 2014-07-11  Benjamin Poulain  <benjamin@webkit.org>
3155
3156         Partition the CSS rules based on the most specific filter of the rightmost fragment
3157         https://bugs.webkit.org/show_bug.cgi?id=134828
3158
3159         Reviewed by Andreas Kling.
3160
3161         Previously, RuleSet was partitioning each rule based on the rightmost filter.
3162         While fast, this had the side effect of putting many selectors with ID match in the class
3163         bucket (because the selectors are generally written starting with the ID).
3164
3165         This patch replace the code of findBestRuleSetAndAdd() by a simple loop going over all
3166         the simple selectors in the rightmost fragment to find the best bucket.
3167
3168         * css/ElementRuleCollector.cpp:
3169         (WebCore::ElementRuleCollector::ruleMatches):
3170         * css/RuleSet.cpp:
3171         (WebCore::isSelectorMatchingHTMLBasedOnRuleHash):
3172         I unified ruleData.hasRightmostSelectorMatchingHTMLBasedOnRuleHash() and hasMultipartSelector().
3173
3174         (WebCore::RuleData::RuleData):
3175         (WebCore::rulesCountForName):
3176         (WebCore::RuleSet::addRule):
3177         I removed the recursive part of findBestRuleSetAndAdd() (which was wrong anyway). The function
3178         was useless so I just moved the algorithm to addRule() directly.
3179
3180         We first loop over all the CSSSelectors related by SubSelector, this correspond to the rightmost fragment.
3181         If a filter with high specificity is found, we add the rule immediately and end there.
3182         If a filter that is not very specific is found, we keep a pointer to the selector to use it later.
3183
3184         (WebCore::RuleSet::findBestRuleSetAndAdd): Deleted.
3185         * css/RuleSet.h:
3186         (WebCore::RuleData::hasMultipartSelector): Deleted.
3187
3188 2014-07-11  Alex Christensen  <achristensen@webkit.org>
3189
3190         [WinCairo] Unreviewed build fix after r170937.
3191
3192         * WebCore.vcxproj/WebCoreGeneratedWinCairo.make:
3193         Update and apply changes applied to WebCoreGenerated.make in r170937.
3194
3195 2014-07-11  Joseph Pecoraro  <pecoraro@apple.com>
3196
3197         Web Inspector: Crash when using a stale InspectableNode Node
3198         https://bugs.webkit.org/show_bug.cgi?id=134849
3199
3200         Reviewed by Timothy Hatcher.
3201
3202         * inspector/PageConsoleAgent.cpp:
3203
3204 2014-07-11  Jer Noble  <jer.noble@apple.com>
3205
3206         [MSE] Separate MediaSource logging into its own log channel
3207         https://bugs.webkit.org/show_bug.cgi?id=134809
3208
3209         Reviewed by Eric Carlson.
3210
3211         Separate out MediaSource logging (which can be quite verbose) into its own log channel,
3212         distinct from the Media log channel. Add some per-sample logging and further sequester that
3213         logging into its own MediaSourceSamples log channel.
3214
3215         Add the MediaSource and MediaSourceSamples channels:
3216         * platform/Logging.h:
3217
3218         Move LOG(Media) -> LOG(MediaSource):
3219         * Modules/mediasource/MediaSource.cpp:
3220         (WebCore::MediaSource::MediaSource):
3221         (WebCore::MediaSource::~MediaSource):
3222         (WebCore::MediaSource::setReadyState):
3223         (WebCore::MediaSource::addSourceBuffer):
3224         (WebCore::MediaSource::removeSourceBuffer):
3225         (WebCore::MediaSource::isTypeSupported):
3226         * Modules/mediasource/SourceBuffer.cpp:
3227         (WebCore::SourceBuffer::sourceBufferPrivateSeekToTime):
3228         (WebCore::SourceBuffer::sourceBufferPrivateAppendComplete):
3229         (WebCore::SourceBuffer::sourceBufferPrivateDidReceiveSample):
3230         (WebCore::SourceBuffer::sourceBufferPrivateDidBecomeReadyForMoreSamples):
3231         (WebCore::SourceBuffer::provideMediaData):
3232         (WebCore::SourceBuffer::monitorBufferingRate):
3233         (WebCore::SourceBuffer::textTrackAddCues):
3234         (WebCore::SourceBuffer::hasFutureTime):
3235         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
3236         (WebCore::SourceBufferPrivateAVFObjC::didParseStreamDataAsAsset):
3237         (WebCore::SourceBufferPrivateAVFObjC::didFailToParseStreamDataWithError):
3238         (WebCore::SourceBufferPrivateAVFObjC::processCodedFrame):
3239         (WebCore::SourceBufferPrivateAVFObjC::didProvideContentKeyRequestInitializationDataForTrackID):
3240         (WebCore::SourceBufferPrivateAVFObjC::append):
3241         (WebCore::SourceBufferPrivateAVFObjC::layerDidReceiveError):
3242         (WebCore::SourceBufferPrivateAVFObjC::rendererDidReceiveError):
3243         (WebCore::SourceBufferPrivateAVFObjC::flushAndEnqueueNonDisplayingSamples):
3244         (WebCore::SourceBufferPrivateAVFObjC::enqueueSample):
3245
3246 2014-07-11  Brady Eidson  <beidson@apple.com>
3247
3248         Phone numbers that span two lines are not detected.
3249         <rdar://problem/17601146> and https://bugs.webkit.org/show_bug.cgi?id=134808
3250
3251         Reviewed by Tim Horton.
3252
3253         * editing/Editor.cpp:
3254         (WebCore::Editor::scanSelectionForTelephoneNumbers): After scanning a range from the TextIterator,
3255             create an "edge range" window around the end of the TextIterator range, and scan it.
3256             Also make sure to not accumulate duplicate ranges that might have showed up in both the
3257             TextIterator range and the edge window range.
3258
3259 2014-07-11  Enrica Casucci  <enrica@apple.com>
3260
3261         Implement textStylingAtPosition in WK2.
3262         https://bugs.webkit.org/show_bug.cgi?id=134843
3263         <rdar://problem/17614981>
3264         
3265         Reviewed by Benjamin Poulain.
3266
3267         Adding some exports and making styleForSelectionStart public.
3268
3269         * WebCore.exp.in:
3270         * editing/Editor.h:
3271
3272 2014-07-11  Zalan Bujtas  <zalan@apple.com>
3273
3274         REGRESSION (r168868): eBay 'see all' links fail due to different JS bindings conversion behavior.
3275         https://bugs.webkit.org/show_bug.cgi?id=134841
3276         <rdar://problem/17577563>
3277
3278         Reviewed by Simon Fraser.
3279
3280         Revert back to type int for Element.scroll* APIs in order to preserve exception handling
3281         behavior.
3282
3283         Test: cssom/non-subpixel-scroll-top-left-values.html
3284
3285         * dom/Element.cpp:
3286         (WebCore::Element::scrollLeft):
3287         (WebCore::Element::scrollTop):
3288         (WebCore::Element::setScrollLeft):
3289         (WebCore::Element::setScrollTop):
3290         (WebCore::Element::scrollWidth):
3291         (WebCore::Element::scrollHeight):
3292         * dom/Element.h:
3293         * dom/Element.idl:
3294         * html/HTMLBodyElement.cpp:
3295         (WebCore::adjustForZoom):
3296         (WebCore::HTMLBodyElement::scrollLeft):
3297         (WebCore::HTMLBodyElement::setScrollLeft):
3298         (WebCore::HTMLBodyElement::scrollTop):
3299         (WebCore::HTMLBodyElement::setScrollTop):
3300         (WebCore::HTMLBodyElement::scrollHeight):
3301         (WebCore::HTMLBodyElement::scrollWidth):
3302         * html/HTMLBodyElement.h:
3303
3304 2014-07-11  Joseph Pecoraro  <pecoraro@apple.com>
3305
3306         Web Inspector: Debugger Pause button does not work
3307         https://bugs.webkit.org/show_bug.cgi?id=134785
3308
3309         Reviewed by Timothy Hatcher.
3310
3311         * CMakeLists.txt:
3312         * DerivedSources.make:
3313         * inspector/CommandLineAPIModuleSource.js:
3314         Minification strips the sourceURL command. Add it back with minification.
3315
3316 2014-07-11  Andreas Kling  <akling@apple.com>
3317
3318         Use the bare minimum tile coverage rect when under memory pressure.
3319         <https://webkit.org/b/134837>
3320
3321         When the browser is under critical memory pressure, don't generate any
3322         more tiles than are needed to cover the exposed viewport rect.
3323
3324         Reviewed by Pratik Solanki.
3325
3326         * page/FrameView.cpp:
3327         (WebCore::FrameView::computeCoverageRect):
3328
3329 2014-07-11  Javier Fernandez  <jfernandez@igalia.com>
3330
3331         [CSS Grid Layout] Implement justify-self css property
3332         https://bugs.webkit.org/show_bug.cgi?id=134419
3333
3334         Reviewed by Dean Jackson.
3335
3336         This change adds the justify-self property from CSS 3 Box Alignment
3337         and implements the parsing.
3338
3339         From Blink r164685 by <jchaffraix@chromium.org>
3340
3341         Test: fast/css/parse-justify-self.html
3342
3343         * css/CSSComputedStyleDeclaration.cpp:
3344         (WebCore::ComputedStyleExtractor::propertyValue):
3345         * css/CSSParser.cpp:
3346         (WebCore::isValidKeywordPropertyAndValue):
3347         (WebCore::CSSParser::parseValue):
3348         (WebCore::isItemPositionKeyword):
3349         (WebCore::CSSParser::parseJustifySelf):
3350         * css/CSSParser.h:
3351         * css/CSSPrimitiveValueMappings.h:
3352         (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
3353         (WebCore::CSSPrimitiveValue::operator EJustifySelf):
3354         (WebCore::CSSPrimitiveValue::operator EJustifySelfOverflowAlignment):
3355         * css/CSSPropertyNames.in:
3356         * css/CSSValueKeywords.in:
3357         * css/DeprecatedStyleBuilder.cpp:
3358         (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
3359         * css/StyleResolver.cpp:
3360         (WebCore::StyleResolver::applyProperty):
3361         * rendering/style/RenderStyle.h:
3362         * rendering/style/RenderStyleConstants.h:
3363         * rendering/style/StyleRareNonInheritedData.cpp:
3364         (WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData):
3365         (WebCore::StyleRareNonInheritedData::operator==):
3366         * rendering/style/StyleRareNonInheritedData.h:
3367
3368 2014-07-11  Bear Travis  <betravis@adobe.com>
3369
3370         [Feature Queries] Feature Query CSS Grammar Productions Should Return a Value
3371         https://bugs.webkit.org/show_bug.cgi?id=134810
3372
3373         Reviewed by Antti Koivisto.
3374
3375         The parsing return values are used to determine if a feature query is valid. Two
3376         grammar productions have been updated to correctly return a value.
3377
3378         Tests exist for this feature but will not be run until the feature is turned on.
3379         See https://bugs.webkit.org/show_bug.cgi?id=134404.
3380
3381         * css/CSSGrammar.y.in: Adding return values for two valid feature query productions.
3382
3383 2014-07-10  Brent Fulgham  <bfulgham@apple.com>
3384
3385         Use a separate backdrop element to allow cues to have highlight and background color
3386         https://bugs.webkit.org/show_bug.cgi?id=134821
3387         <rdar://problem/15999721>
3388
3389         Reviewed by Eric Carlson.
3390
3391         Add a new <div> element wrapping the existing cue <span>. This allows
3392         us to have a highlight on the cue (in the <span> background), as well
3393         as an overall background color.
3394
3395         * Modules/mediacontrols/mediaControlsApple.css:
3396         (video::-webkit-media-text-track-display-backdrop): New markup for
3397         the backdrop element of the caption.
3398         * html/track/VTTCue.cpp:
3399         (WebCore::VTTCue::cueBackdropShadowPseudoId): Added to
3400         allow user customization of the cue backdrop.
3401         (WebCore::VTTCue::initialize): Rename the old "m_cueBackgroundBox" to
3402