679683f19f6eeee563213279ad472765781ed0e3
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2018-03-23  Chris Dumez  <cdumez@apple.com>
2
3         NetworkStateNotifier::updateStateWithoutNotifying() is inefficient
4         https://bugs.webkit.org/show_bug.cgi?id=183760
5         <rdar://problem/37093299>
6
7         Reviewed by Ryosuke Niwa.
8
9         Update NetworkStateNotifier::updateStateWithoutNotifying() to stop calling
10         SCDynamicStoreCopyKeyList(). SCDynamicStoreCopyKeyList() is expensive as it
11         expects its key parameter to be a regular expression and it can match several
12         keys. It is also unnecessary in our case since we already have an exact key.
13         We now call the more efficient SCDynamicStoreCopyValue() instead, which is
14         the right thing to call when we have an exact key.
15
16         This change was suggested by the SC team.
17
18         This was tested manually as there is no easy way to write an automated test
19         for this.
20
21         In a follow-up, I also plan to call this code in the UIProcess (or NetworkProcess)
22         to avoid calling it once per WebProcess.
23
24         * platform/network/mac/NetworkStateNotifierMac.cpp:
25         (WebCore::NetworkStateNotifier::updateStateWithoutNotifying):
26
27 2018-03-23  Daniel Bates  <dabates@apple.com>
28
29         Unreviewed, rolling out r229868.
30
31         Caused media controls tests to timeout. Will investigate
32         offline.
33
34         Reverted changeset:
35
36         "CSS mask images should be retrieved using potentially CORS-
37         enabled fetch"
38         https://bugs.webkit.org/show_bug.cgi?id=179983
39         https://trac.webkit.org/changeset/229868
40
41 2018-03-23  Mark Lam  <mark.lam@apple.com>
42
43         Add pointer profiling hooks to the CSS JIT.
44         https://bugs.webkit.org/show_bug.cgi?id=183947
45         <rdar://problem/38803593>
46
47         Reviewed by JF Bastien.
48
49         No new tests needed.  Covered by existing tests.
50
51         * bindings/scripts/CodeGeneratorJS.pm:
52         (GenerateImplementation):
53         - Added a missing application of WTF_PREPARE_VTBL_POINTER_FOR_INSPECTION().
54
55         * bindings/scripts/test/JS/JSInterfaceName.cpp:
56         (WebCore::toJSNewlyCreated):
57         * bindings/scripts/test/JS/JSMapLike.cpp:
58         (WebCore::toJSNewlyCreated):
59         * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp:
60         (WebCore::toJSNewlyCreated):
61         * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
62         (WebCore::toJSNewlyCreated):
63         * bindings/scripts/test/JS/JSTestCEReactions.cpp:
64         (WebCore::toJSNewlyCreated):
65         * bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp:
66         (WebCore::toJSNewlyCreated):
67         * bindings/scripts/test/JS/JSTestCallTracer.cpp:
68         (WebCore::toJSNewlyCreated):
69         * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
70         (WebCore::toJSNewlyCreated):
71         * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp:
72         (WebCore::toJSNewlyCreated):
73         * bindings/scripts/test/JS/JSTestEnabledBySetting.cpp:
74         (WebCore::toJSNewlyCreated):
75         * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
76         (WebCore::toJSNewlyCreated):
77         * bindings/scripts/test/JS/JSTestEventTarget.cpp:
78         (WebCore::toJSNewlyCreated):
79         * bindings/scripts/test/JS/JSTestException.cpp:
80         (WebCore::toJSNewlyCreated):
81         * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
82         (WebCore::toJSNewlyCreated):
83         * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
84         (WebCore::toJSNewlyCreated):
85         * bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.cpp:
86         (WebCore::toJSNewlyCreated):
87         * bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.cpp:
88         (WebCore::toJSNewlyCreated):
89         * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp:
90         (WebCore::toJSNewlyCreated):
91         * bindings/scripts/test/JS/JSTestIterable.cpp:
92         (WebCore::toJSNewlyCreated):
93         * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
94         (WebCore::toJSNewlyCreated):
95         * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp:
96         (WebCore::toJSNewlyCreated):
97         * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp:
98         (WebCore::toJSNewlyCreated):
99         * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp:
100         (WebCore::toJSNewlyCreated):
101         * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
102         (WebCore::toJSNewlyCreated):
103         * bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.cpp:
104         (WebCore::toJSNewlyCreated):
105         * bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.cpp:
106         (WebCore::toJSNewlyCreated):
107         * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp:
108         (WebCore::toJSNewlyCreated):
109         * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.cpp:
110         (WebCore::toJSNewlyCreated):
111         * bindings/scripts/test/JS/JSTestNamedGetterCallWith.cpp:
112         (WebCore::toJSNewlyCreated):
113         * bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.cpp:
114         (WebCore::toJSNewlyCreated):
115         * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.cpp:
116         (WebCore::toJSNewlyCreated):
117         * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp:
118         (WebCore::toJSNewlyCreated):
119         * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp:
120         (WebCore::toJSNewlyCreated):
121         * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp:
122         (WebCore::toJSNewlyCreated):
123         * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp:
124         (WebCore::toJSNewlyCreated):
125         * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp:
126         (WebCore::toJSNewlyCreated):
127         * bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.cpp:
128         (WebCore::toJSNewlyCreated):
129         * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.cpp:
130         (WebCore::toJSNewlyCreated):
131         * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.cpp:
132         (WebCore::toJSNewlyCreated):
133         * bindings/scripts/test/JS/JSTestNode.cpp:
134         (WebCore::toJSNewlyCreated):
135         * bindings/scripts/test/JS/JSTestObj.cpp:
136         (WebCore::toJSNewlyCreated):
137         * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
138         (WebCore::toJSNewlyCreated):
139         * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp:
140         (WebCore::toJSNewlyCreated):
141         * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
142         (WebCore::toJSNewlyCreated):
143         * bindings/scripts/test/JS/JSTestPluginInterface.cpp:
144         (WebCore::toJSNewlyCreated):
145         * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp:
146         (WebCore::toJSNewlyCreated):
147         * bindings/scripts/test/JS/JSTestSerialization.cpp:
148         (WebCore::toJSNewlyCreated):
149         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
150         (WebCore::toJSNewlyCreated):
151         * bindings/scripts/test/JS/JSTestStringifier.cpp:
152         (WebCore::toJSNewlyCreated):
153         * bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.cpp:
154         (WebCore::toJSNewlyCreated):
155         * bindings/scripts/test/JS/JSTestStringifierNamedOperation.cpp:
156         (WebCore::toJSNewlyCreated):
157         * bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.cpp:
158         (WebCore::toJSNewlyCreated):
159         * bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.cpp:
160         (WebCore::toJSNewlyCreated):
161         * bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.cpp:
162         (WebCore::toJSNewlyCreated):
163         * bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.cpp:
164         (WebCore::toJSNewlyCreated):
165         * bindings/scripts/test/JS/JSTestTypedefs.cpp:
166         (WebCore::toJSNewlyCreated):
167         * css/ElementRuleCollector.cpp:
168         (WebCore::ElementRuleCollector::ruleMatches):
169         * cssjit/SelectorCompiler.cpp:
170         (WebCore::SelectorCompiler::SelectorCodeGenerator::compile):
171         (WebCore::SelectorCompiler::SelectorCodeGenerator::generateSelectorChecker):
172         * cssjit/SelectorCompiler.h:
173         (WebCore::SelectorCompiler::ruleCollectorSimpleSelectorCheckerFunction):
174         (WebCore::SelectorCompiler::querySelectorSimpleSelectorCheckerFunction):
175         (WebCore::SelectorCompiler::ruleCollectorSelectorCheckerFunctionWithCheckingContext):
176         (WebCore::SelectorCompiler::querySelectorSelectorCheckerFunctionWithCheckingContext):
177         * dom/SelectorQuery.cpp:
178         (WebCore::SelectorDataList::executeCompiledSingleMultiSelectorData const):
179         (WebCore::SelectorDataList::execute const):
180
181 2018-03-23  Sihui Liu  <sihui_liu@apple.com>
182
183         Local storage getItem() for an empty string returned UNDEFINED value.
184         https://bugs.webkit.org/show_bug.cgi?id=69138
185         <rdar://problem/13410974>
186
187         Reviewed by Brady Eidson.
188
189         * platform/sql/SQLiteStatement.cpp:
190         (WebCore::SQLiteStatement::getColumnBlobAsString):
191
192 2018-03-23  Chris Dumez  <cdumez@apple.com>
193
194         Promptly terminate service worker processes when they are no longer needed
195         https://bugs.webkit.org/show_bug.cgi?id=183873
196         <rdar://problem/38676995>
197
198         Reviewed by Youenn Fablet.
199
200         The StorageProcess now keeps track of service worker clients for each security
201         origin. When there is no longer any clients for a given security origin, the
202         StorageProcess asks the service worker process for the given origin to terminate
203         and severs its connection to it.
204
205         Change is covered by API test.
206
207         * workers/service/server/SWServer.cpp:
208         (WebCore::SWServer::markAllWorkersForOriginAsTerminated):
209         Pass the security origin since this is called when a service worker process
210         crashes. When a service worker process for origin A crashes, we only want
211         to mark service workers in origin A as terminated, not ALL of them.
212
213         (WebCore::SWServer::registerServiceWorkerClient):
214         (WebCore::SWServer::unregisterServiceWorkerClient):
215         (WebCore::SWServer::needsServerToContextConnectionForOrigin const):
216         Tweak logic so that we only relaunch a service worker process if we still
217         have clients for its security origin.
218
219         * workers/service/server/SWServer.h:
220         (WebCore::SWServer::disableServiceWorkerProcessTerminationDelay):
221         Add a way to disable the service worker termination delay to facilitate
222         testing.
223
224         * workers/service/server/SWServerToContextConnection.h:
225
226 2018-03-23  Brady Eidson  <beidson@apple.com>
227
228         Go to back/forward list items after a process-swapped navigation.
229         <rdar://problem/38690544> and https://bugs.webkit.org/show_bug.cgi?id=183920
230
231         Reviewed by Andy Estes.
232
233         Covered by new API test.
234
235         Most of the changes to WebCore are teaching HistoryItem navigations to know when they should
236         do a policy check or not.
237
238         * WebCore.xcodeproj/project.pbxproj:
239
240         * history/BackForwardController.cpp:
241         (WebCore::BackForwardController::goBackOrForward):
242         (WebCore::BackForwardController::goBack):
243         (WebCore::BackForwardController::goForward):
244
245         * history/HistoryItem.cpp:
246         (WebCore::HistoryItem::setStateObject): Actually push state object changes to the UIProcess.
247           This was a long standing bug that made it difficult to effectively test this change.
248
249         * loader/FrameLoader.cpp:
250         (WebCore::FrameLoader::loadURLIntoChildFrame):
251         (WebCore::FrameLoader::loadDifferentDocumentItem):
252         (WebCore::FrameLoader::loadItem):
253         (WebCore::FrameLoader::retryAfterFailedCacheOnlyMainResourceLoad):
254         * loader/FrameLoader.h:
255         * loader/FrameLoaderTypes.h:
256
257         * loader/HistoryController.cpp:
258         (WebCore::HistoryController::goToItem):
259         (WebCore::HistoryController::setDefersLoading):
260         (WebCore::HistoryController::recursiveGoToItem):
261         * loader/HistoryController.h:
262
263         * loader/NavigationPolicyCheck.h:
264
265         * page/Page.cpp:
266         (WebCore::Page::goToItem):
267         * page/Page.h:
268
269 2018-03-23  John Wilander  <wilander@apple.com>
270
271         Resource Load Statistics: Fix decoder key isPrevalentResource->isVeryPrevalentResource
272         https://bugs.webkit.org/show_bug.cgi?id=183950
273         <rdar://problem/38806275>
274
275         Reviewed by Brent Fulgham.
276
277         * loader/ResourceLoadStatistics.cpp:
278         (WebCore::ResourceLoadStatistics::decode):
279             Now isVeryPrevalentResource is decoded to the correct field.
280
281 2018-03-23  Youenn Fablet  <youenn@apple.com>
282
283         WebProcessPool should not ask to register all clients for each service worker process creation
284         https://bugs.webkit.org/show_bug.cgi?id=183941
285
286         Reviewed by Chris Dumez.
287
288         Covered by existing unit tests.
289         Register all Documents of a process no matter its session ID when asked to.
290         Make sure that whenever a WebProcess is asked to do so, any further Document will be registered
291         by calling setMayHaveRegisteredServiceWorkers().
292         This ensures that a WebProcess created before any service worker but empty at the time a service worker is created
293         will actually register all its future clients.
294
295         Add some assertions to ensure that a client is not registered twice.
296
297         * workers/service/ServiceWorkerProvider.cpp:
298         (WebCore::ServiceWorkerProvider::registerServiceWorkerClients):
299         * workers/service/ServiceWorkerProvider.h:
300         * workers/service/server/SWServer.cpp:
301         (WebCore::SWServer::registerServiceWorkerClient):
302
303 2018-03-23  Eric Carlson  <eric.carlson@apple.com>
304
305         HTMLElement factory doesn't need to call MediaPlayer::isAvailable
306         https://bugs.webkit.org/show_bug.cgi?id=183946
307         <rdar://problem/38802687>
308
309         Reviewed by Youenn Fablet.
310
311         Test: media/media-disabled.html
312
313         * dom/make_names.pl:
314         (printConstructorInterior):
315         * page/Settings.yaml:
316         * page/SettingsDefaultValues.h:
317
318 2018-03-23  David Kilzer  <ddkilzer@apple.com>
319
320         Stop using dispatch_set_target_queue()
321         <https://webkit.org/b/183908>
322         <rdar://problem/33553533>
323
324         Reviewed by Daniel Bates.
325
326         No new tests since no change in behavior.
327
328         * platform/mediastream/mac/AVMediaCaptureSource.mm:
329         (WebCore::globaVideoCaptureSerialQueue): Remove use of
330         dispatch_set_target_queue() by changing dispatch_queue_create()
331         to dispatch_queue_create_with_target().
332
333 2018-03-23  Youenn Fablet  <youenn@apple.com>
334
335         Use libwebrtc ObjectiveC H264 encoder and decoder
336         https://bugs.webkit.org/show_bug.cgi?id=183912
337
338         Reviewed by Eric Carlson.
339
340         No observable change of behavior.
341         Made use of libwebrtc WebKit utilities.
342         Updated RealtimeINcomingVideoSourceCocoa as it now receives ObjcVideoFrame.
343
344         * Configurations/WebCore.xcconfig:
345         * SourcesCocoa.txt:
346         * WebCore.xcodeproj/project.pbxproj:
347         * platform/mediastream/libwebrtc/LibWebRTCProviderCocoa.cpp:
348         (WebCore::LibWebRTCProviderCocoa::~LibWebRTCProviderCocoa):
349         (WebCore::LibWebRTCProviderCocoa::setH264HardwareEncoderAllowed):
350         (WebCore::LibWebRTCProviderCocoa::createDecoderFactory):
351         (WebCore::LibWebRTCProviderCocoa::createEncoderFactory):
352         (WebCore::LibWebRTCProviderCocoa::setActive):
353         * platform/mediastream/libwebrtc/LibWebRTCProviderCocoa.h:
354         * platform/mediastream/mac/RealtimeIncomingVideoSourceCocoa.mm: Renamed from Source/WebCore/platform/mediastream/mac/RealtimeIncomingVideoSourceCocoa.cpp.
355         (WebCore::RealtimeIncomingVideoSourceCocoa::pixelBufferFromVideoFrame):
356         (WebCore::RealtimeIncomingVideoSourceCocoa::OnFrame):
357         * testing/Internals.cpp: Removed commented out include.
358
359 2018-03-23  Youenn Fablet  <youenn@apple.com>
360
361         DocumentThreadableLoader should send credentials after redirections and preflight if fetch option credentials is include
362         https://bugs.webkit.org/show_bug.cgi?id=183928
363
364         Reviewed by Chris Dumez.
365
366         Tests: imported/w3c/web-platform-tests/fetch/api/cors/cors-cookies-redirect.any.html
367                imported/w3c/web-platform-tests/fetch/api/cors/cors-cookies-redirect.any.worker.html
368
369         In case mode is include, keep sending credentials even after redirection with preflight.
370
371         * loader/DocumentThreadableLoader.cpp:
372         (WebCore::DocumentThreadableLoader::redirectReceived):
373
374 2018-03-23  Tim Horton  <timothy_horton@apple.com>
375
376         Fix the build after r229858
377
378         * platform/graphics/cocoa/GraphicsContext3DCocoa.mm:
379
380 2018-03-23  Youenn Fablet  <youenn@apple.com>
381
382         Allow fully whitelisted plug-ins to match non HTTP URLs
383         https://bugs.webkit.org/show_bug.cgi?id=183938
384         rdar://problem/38534312
385
386         Reviewed by Chris Dumez.
387
388         Covered by manual testing and unit testing.
389
390         * platform/URL.cpp:
391         (WebCore::URL::isMatchingDomain const):
392
393 2018-03-23  Youenn Fablet  <youenn@apple.com>
394
395         ActiveDOMObject should assert that they are destroyed in the thread they are created
396         https://bugs.webkit.org/show_bug.cgi?id=183671
397
398         Reviewed by Chris Dumez.
399
400         No change of behavior.
401         Moved MessagePort assertion to ActiveDOMObject.
402
403         * dom/ActiveDOMObject.cpp:
404         (WebCore::ActiveDOMObject::~ActiveDOMObject):
405         * dom/ActiveDOMObject.h:
406         * dom/MessagePort.cpp:
407         (WebCore::MessagePort::~MessagePort):
408         * dom/MessagePort.h:
409
410 2018-03-23  Youenn Fablet  <youenn@apple.com>
411
412         Safari WebKitWebRTCAudioModule crash during <video> tag update when audio track present in MediaStream
413         https://bugs.webkit.org/show_bug.cgi?id=181180
414         <rdar://problem/36302375>
415
416         Reviewed by Eric Carlson.
417
418         Test: webrtc/video-update-often.html
419
420         AudioTrackPrivateMediaStreamCocoa needs to be destroyed in the main thread since it owns a Ref to its MediaStreamTrackPrivate.
421         We can still ref it on a background thread but we always deref it on the main thread.
422
423         * platform/mediastream/mac/AudioTrackPrivateMediaStreamCocoa.cpp:
424         (WebCore::AudioTrackPrivateMediaStreamCocoa::audioSamplesAvailable):
425         (WebCore::AudioTrackPrivateMediaStreamCocoa::render):
426
427 2018-03-23  Sergio Villar Senin  <svillar@igalia.com>
428
429         [css-grid] Fix auto repeat tracks computation with definite min sizes
430         https://bugs.webkit.org/show_bug.cgi?id=183933
431
432         Reviewed by Javier Fernandez.
433
434         Indefinitely sized containers use the specified definite min-size (if any) as available
435         space in order to compute the number of auto repeat tracks to create. A bug in that code was
436         causing the grid to be one track larger than expected. That was only happening in the case
437         of the free space being a multiple of the total size of the autorepeat tracks.
438
439         Test: imported/w3c/web-platform-tests/css/css-grid/grid-definition/grid-inline-auto-repeat-001.html
440
441         * rendering/RenderGrid.cpp:
442         (WebCore::RenderGrid::computeAutoRepeatTracksCount const):
443
444 2018-03-23  Miguel Gomez  <magomez@igalia.com>
445
446         [GTK][WPE] Avoid software color conversion inside BitmapTextureGL
447         https://bugs.webkit.org/show_bug.cgi?id=183892
448
449         Reviewed by Žan Doberšek.
450
451         Always use RGBA format on BitmapTextureGL (when no other format is specifically requested). When
452         the texture is updated from BGRA content, use a flag to indicate the shader to perform a color
453         conversion during the painting. This way we don't need to swap the R and B components on the CPU.
454         Also, remove one of the lists in BitmapTexturePool as now all of them have the same format, and
455         remove the UpdateContentsFlag as we never need to modify the original image data.
456
457         Covered by existent tests.
458
459         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
460         (WebCore::MediaPlayerPrivateGStreamerBase::updateTexture):
461         * platform/graphics/texmap/BitmapTexture.cpp:
462         (WebCore::BitmapTexture::updateContents):
463         * platform/graphics/texmap/BitmapTexture.h:
464         * platform/graphics/texmap/BitmapTextureGL.cpp:
465         (WebCore::BitmapTextureGL::BitmapTextureGL):
466         (WebCore::BitmapTextureGL::didReset):
467         (WebCore::BitmapTextureGL::updateContents):
468         (WebCore::BitmapTextureGL::applyFilters):
469         (WebCore::swizzleBGRAToRGBA): Deleted.
470         (WebCore::BitmapTextureGL::updateContentsNoSwizzle): Deleted.
471         * platform/graphics/texmap/BitmapTextureGL.h:
472         (WebCore::BitmapTextureGL::colorConvertFlags const):
473         * platform/graphics/texmap/BitmapTexturePool.cpp:
474         (WebCore::BitmapTexturePool::acquireTexture):
475         (WebCore::BitmapTexturePool::releaseUnusedTexturesTimerFired):
476         * platform/graphics/texmap/BitmapTexturePool.h:
477         * platform/graphics/texmap/GraphicsLayerTextureMapper.cpp:
478         (WebCore::GraphicsLayerTextureMapper::updateBackingStoreIfNeeded):
479         * platform/graphics/texmap/TextureMapperContextAttributes.cpp:
480         (WebCore::TextureMapperContextAttributes::get):
481         * platform/graphics/texmap/TextureMapperContextAttributes.h:
482         * platform/graphics/texmap/TextureMapperGL.cpp:
483         (WebCore::TextureMapperGL::drawNumber):
484         (WebCore::TextureMapperGL::drawTexture):
485         * platform/graphics/texmap/TextureMapperGL.h:
486         * platform/graphics/texmap/TextureMapperLayer.cpp:
487         (WebCore::TextureMapperLayer::paintIntoSurface):
488         * platform/graphics/texmap/TextureMapperPlatformLayerBuffer.cpp:
489         (WebCore::TextureMapperPlatformLayerBuffer::paintToTextureMapper):
490         * platform/graphics/texmap/TextureMapperTile.cpp:
491         (WebCore::TextureMapperTile::updateContents):
492         * platform/graphics/texmap/TextureMapperTile.h:
493         * platform/graphics/texmap/TextureMapperTiledBackingStore.cpp:
494         (WebCore::TextureMapperTiledBackingStore::updateContentsFromImageIfNeeded):
495         (WebCore::TextureMapperTiledBackingStore::updateContents):
496         * platform/graphics/texmap/TextureMapperTiledBackingStore.h:
497
498 2018-03-23  Yusuke Suzuki  <utatane.tea@gmail.com>
499
500         [WTF] Add standard containers with FastAllocator specialization
501         https://bugs.webkit.org/show_bug.cgi?id=183789
502
503         Reviewed by Darin Adler.
504
505         * Modules/indexeddb/IDBKeyData.h:
506         * Modules/mediasource/SampleMap.h:
507         * Modules/mediasource/SourceBuffer.cpp:
508         * Modules/webauthn/cbor/CBORValue.h:
509         It did not use FastAllocator for its container.
510
511         * page/WheelEventTestTrigger.h:
512         * platform/audio/PlatformMediaSessionManager.h:
513         * platform/graphics/avfoundation/objc/ImageDecoderAVFObjC.h:
514         * platform/graphics/avfoundation/objc/ImageDecoderAVFObjC.mm:
515         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
516         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
517         * platform/graphics/cv/VideoTextureCopierCV.cpp:
518         (WebCore::YCbCrToRGBMatrixForRangeAndTransferFunction):
519         * platform/mock/mediasource/MockSourceBufferPrivate.cpp:
520         * platform/wpe/PlatformPasteboardWPE.cpp:
521         * rendering/OrderIterator.h:
522
523 2018-03-23  Antoine Quint  <graouts@apple.com>
524
525         [Web Animations] infinite repeat counts aren't reflected for CSS Animations
526         https://bugs.webkit.org/show_bug.cgi?id=183932
527
528         Reviewed by Dean Jackson.
529
530         The "infinite" value for animation-repeat-count is reflected as a special value which resolves to -1. We need to check
531         for this special value before setting the iterations count on the AnimationEffectTimingReadOnly object.
532
533         * animation/CSSAnimation.cpp:
534         (WebCore::CSSAnimation::syncPropertiesWithBackingAnimation):
535
536 2018-03-22  Antoine Quint  <graouts@apple.com>
537
538         [Web Animations] Correctly cancel animations when a parent gets a "display: none" style or when an element is removed
539         https://bugs.webkit.org/show_bug.cgi?id=183919
540
541         Reviewed by Dean Jackson.
542
543         The old CSSAnimationController provided a cancelAnimations(Element&) method that allowed for animations for a given element
544         to be canceled when a parent element in the hierarchy gets a "display: none" style or if an element with animations is removed.
545         We add a similar cancelAnimationsForElement(Element&) method on AnimationTimeline and update CSSAnimationController::cancelAnimations()
546         call sites to use AnimationTimeline::cancelAnimationsForElement() when the flag to use Web Animations is on.
547
548         * animation/AnimationTimeline.cpp:
549         (WebCore::AnimationTimeline::cancelAnimationsForElement): Iterate over all animations for the provided element and call cancel() on them.
550         * animation/AnimationTimeline.h:
551         * animation/DocumentTimeline.cpp:
552         (WebCore::DocumentTimeline::animatedStyleForRenderer): Drive-by fix while I was reviewed call sites to animationsForElement() to make
553         sure we don't create extra RefPtr<> objects.
554         * dom/Element.cpp:
555         (WebCore::Element::removedFromAncestor): Call AnimationTimeline::cancelAnimationsForElement() if the Web Animations flag is on when an
556         element is removed.
557         * dom/PseudoElement.cpp:
558         (WebCore::PseudoElement::clearHostElement): Call AnimationTimeline::cancelAnimationsForElement() if the Web Animations flag is on when
559         a pseudo-element is removed.
560         * rendering/updating/RenderTreeUpdater.cpp:
561         (WebCore::RenderTreeUpdater::tearDownRenderers): Call AnimationTimeline::cancelAnimationsForElement() if the Web Animations flag is on
562         for all children elements when an element gets a "display: none" style.
563
564 2018-03-23  Antoine Quint  <graouts@apple.com>
565
566         [Web Animations] Animated transform styles are ignored when calling getComputedStyle()
567         https://bugs.webkit.org/show_bug.cgi?id=183918
568
569         Reviewed by Dean Jackson.
570
571         Strictly looking at whether the renderer has a transform is a bad idea when determining whether a
572         transform is applied for an element. Looking at the RenderStyle is preferable because in the case
573         of animations running on the compositor, such as a transform-only animation or transition, the
574         renderer doesn't necessarily have a transform style on it, since we don't blend properties in
575         software as the animation progresses. Instead, all of the blending is performed by the compositor,
576         and only the computed style object has the software-blended transform style on it.
577
578         We do need to account for inline renderers though as these do not support transforms.
579
580         * css/CSSComputedStyleDeclaration.cpp:
581         (WebCore::computedTransform):
582
583 2018-03-22  Antoine Quint  <graouts@apple.com>
584
585         [Web Animations] Support "transition: all" for CSS Transitions as Web Animations
586         https://bugs.webkit.org/show_bug.cgi?id=183917
587
588         Reviewed by Dean Jackson.
589
590         We now support "transition: all" CSS Transitions by iterating over all known CSS properties should the mode
591         of the backing animation be AnimateAll. Any property that we find to have a different value in the previous
592         and current style will have a backing CSSTransition object created for it. To support this, we now explicitly
593         provide a CSSPropertyID when creating a CSSTransition since we can no longer infer the transition property
594         from the backing animation, as Animation objects with mode AnimateAll report CSSPropertyInvalid as their
595         property.
596
597         * animation/AnimationTimeline.cpp:
598         (WebCore::shouldBackingAnimationBeConsideredForCSSTransition): New method that checks whether a given backing
599         Animation object is suitable for consideration as a CSSTransition, where the mode must not be either AnimateNone
600         or AnimateUnknownProperty, and should the mode be AnimateSingleProperty, the property must not be CSSPropertyInvalid.
601         (WebCore::AnimationTimeline::updateCSSTransitionsForElement): We now assemble the list of previously animated
602         properties by looking at the m_elementToCSSTransitionByCSSPropertyID map and getting its keys. Then we compile
603         all backing Animation objects found in the old style that match the conditions enforced by the new method
604         shouldBackingAnimationBeConsideredForCSSTransition(). Then as we iterate over backing Animation objects found
605         in the new style, we iterate over all known CSS properties if the mode is AnimateAll, indicating that we're dealing
606         with a "transition: all" style. If we're dealing with a single property, we only process that single property.
607         * animation/CSSTransition.cpp:
608         (WebCore::CSSTransition::create): Expect a new CSSPropertyID parameter when creating a new CSSTransition since
609         we can no longer infer it from the backing Animation object.
610         (WebCore::CSSTransition::CSSTransition): Expect a new CSSPropertyID parameter when creating a new CSSTransition
611         since we can no longer infer it from the backing Animation object.
612         (WebCore::CSSTransition::matchesBackingAnimationAndStyles const): We can no longer use the == overloaded operator
613         for backing Animation objects to determine whether their respective properties match since this would compare the
614         "property" member of both Animation objects and when going from a "transition: all" style to one targeting a single
615         property, we would falsely identify mis-matching Animation objects. Instead, we pass a false flag to animationsMatch()
616         which indicates that we don't care about matching the transition property itself.
617         * animation/CSSTransition.h: Expose a new property() accessor which returns the CSSPropertyID passed at construction.
618         * animation/KeyframeEffectReadOnly.cpp:
619         (WebCore::KeyframeEffectReadOnly::computeCSSTransitionBlendingKeyframes): Use the new property() accessor on
620         CSSTransition to get at the transition property.
621         * platform/animation/Animation.cpp:
622         (WebCore::Animation::animationsMatch const): Replace the boolean parameter, which was not in use in WebCore, to indicate
623         whether we should match the property-related fields. We need this in CSSTransition::matchesBackingAnimationAndStyles().
624         * platform/animation/Animation.h:
625
626 2018-03-22  Tim Horton  <timothy_horton@apple.com>
627
628         Adopt WK_ALTERNATE_FRAMEWORKS_DIR in WebCore
629         https://bugs.webkit.org/show_bug.cgi?id=183930
630         <rdar://problem/38782249>
631
632         Reviewed by Dan Bernstein.
633
634         * Configurations/Base.xcconfig:
635         * Configurations/WebCore.xcconfig:
636         * Configurations/WebCoreTestSupport.xcconfig:
637
638 2018-03-22  Commit Queue  <commit-queue@webkit.org>
639
640         Unreviewed, rolling out r229876.
641         https://bugs.webkit.org/show_bug.cgi?id=183929
642
643         Some webrtc tests are timing out on iOS simulator (Requested
644         by youenn on #webkit).
645
646         Reverted changeset:
647
648         "Use libwebrtc ObjectiveC H264 encoder and decoder"
649         https://bugs.webkit.org/show_bug.cgi?id=183912
650         https://trac.webkit.org/changeset/229876
651
652 2018-03-22  Megan Gardner  <megan_gardner@apple.com>
653
654         Expose more system colors via CSS
655         https://bugs.webkit.org/show_bug.cgi?id=183764
656         <rdar://problem/36975898>
657
658         Reviewed by Tim Horton.
659
660         Test: fast/css/apple-system-control-colors.html
661
662         Expose Apple specific system colors via CSS.
663
664         * rendering/RenderThemeMac.mm:
665         (WebCore::RenderThemeMac::systemColor const):
666
667 2018-03-22  Nan Wang  <n_wang@apple.com>
668
669         AX: Web table row count is incorrect when role row is added to <tr> in DOM
670         https://bugs.webkit.org/show_bug.cgi?id=183922
671
672         Reviewed by Chris Fleizach.
673
674         Although the parent table for an ARIA grid row should be an ARIA table, we
675         should return the native table if the row is native <tr>.
676
677         Test: accessibility/row-with-aria-role-in-native-table.html
678
679         * accessibility/AccessibilityARIAGridRow.cpp:
680         (WebCore::AccessibilityARIAGridRow::parentTable const):
681
682 2018-03-22  Chris Dumez  <cdumez@apple.com>
683
684         Include security origin in the service worker process name
685         https://bugs.webkit.org/show_bug.cgi?id=183913
686
687         Reviewed by Youenn Fablet.
688
689         Updated localizable strings.
690
691         * English.lproj/Localizable.strings:
692
693 2018-03-22  Youenn Fablet  <youenn@apple.com>
694
695         Use libwebrtc ObjectiveC H264 encoder and decoder
696         https://bugs.webkit.org/show_bug.cgi?id=183912
697
698         Reviewed by Eric Carlson.
699
700         No observable change of behavior.
701         Made use of libwebrtc WebKit utilities.
702         Updated RealtimeINcomingVideoSourceCocoa as it now receives ObjcVideoFrame.
703
704         * Configurations/WebCore.xcconfig:
705         * SourcesCocoa.txt:
706         * WebCore.xcodeproj/project.pbxproj:
707         * platform/mediastream/libwebrtc/LibWebRTCProviderCocoa.cpp:
708         (WebCore::LibWebRTCProviderCocoa::~LibWebRTCProviderCocoa):
709         (WebCore::LibWebRTCProviderCocoa::setH264HardwareEncoderAllowed):
710         (WebCore::LibWebRTCProviderCocoa::createDecoderFactory):
711         (WebCore::LibWebRTCProviderCocoa::createEncoderFactory):
712         (WebCore::LibWebRTCProviderCocoa::setActive):
713         * platform/mediastream/libwebrtc/LibWebRTCProviderCocoa.h:
714         * platform/mediastream/mac/RealtimeIncomingVideoSourceCocoa.mm: Renamed from Source/WebCore/platform/mediastream/mac/RealtimeIncomingVideoSourceCocoa.cpp.
715         (WebCore::RealtimeIncomingVideoSourceCocoa::pixelBufferFromVideoFrame):
716         (WebCore::RealtimeIncomingVideoSourceCocoa::OnFrame):
717         * testing/Internals.cpp: Removed commented out include.
718
719 2018-03-22  Michael Catanzaro  <mcatanzaro@gnome.org>
720
721         Unreviewed, fix format string warnings in service worker code
722
723         On Linux x86_64, uint64_t is unsigned long, not unsigned long long.
724
725         * workers/service/ServiceWorkerContainer.cpp:
726         (WebCore::ServiceWorkerContainer::addRegistration):
727         (WebCore::ServiceWorkerContainer::removeRegistration):
728         (WebCore::ServiceWorkerContainer::updateRegistration):
729         (WebCore::ServiceWorkerContainer::jobFailedWithException):
730         (WebCore::ServiceWorkerContainer::jobResolvedWithRegistration):
731         (WebCore::ServiceWorkerContainer::jobResolvedWithUnregistrationResult):
732         (WebCore::ServiceWorkerContainer::startScriptFetchForJob):
733         (WebCore::ServiceWorkerContainer::jobFinishedLoadingScript):
734         (WebCore::ServiceWorkerContainer::jobFailedLoadingScript):
735
736 2018-03-22  Daniel Bates  <dabates@apple.com>
737
738         Expose SchemeRegistry::registerAsCanDisplayOnlyIfCanRequest() as WebKit SPI
739         https://bugs.webkit.org/show_bug.cgi?id=183907
740         <rdar://problem/38759127>
741
742         Reviewed by Alex Christensen.
743
744         Exports SchemeRegistry::registerAsCanDisplayOnlyIfCanRequest() so that we can use it from WebKit.
745
746         * platform/SchemeRegistry.h:
747
748 2018-03-22  Daniel Bates  <dabates@apple.com>
749
750         CSS mask images should be retrieved using potentially CORS-enabled fetch
751         https://bugs.webkit.org/show_bug.cgi?id=179983
752         <rdar://problem/35678149>
753
754         Reviewed by Brent Fulgham.
755
756         As per <https://drafts.fxtf.org/css-masking-1/#priv-sec> (Editor's Draft, 23 December 2017)
757         we should fetch CSS mask images using a potentially CORS-enabled fetch.
758
759         Both cross-origin CSS shape-outside images and CSS mask images may be sensitive to timing
760         attacks that can be used to reveal their pixel data when retrieved without regard to CORS.
761         For the same reason that we fetch CSS shape-outside images using a potentially CORS-enabled
762         fetch we should fetch CSS mask the same way. This also makes the behavior of WebKit more
763         closely align with the behavior in the spec.
764
765         Test: http/tests/security/css-mask-image.html
766
767         * style/StylePendingResources.cpp: Substitute LoadPolicy::NoCORS and LoadPolicy::Anonymous for
768         LoadPolicy::Normal and LoadPolicy::ShapeOutside, respectively, to match the terminology used
769         in the HTML, CSS Shapes Module Level 1, and CSS Masking Module Level 1 specs.
770         (WebCore::Style::loadPendingImage): Ditto.
771         (WebCore::Style::loadPendingResources): Use load policy LoadPolicy::Anonymous when fetching
772         a mask image or shape-outside image.
773
774 2018-03-22  Zalan Bujtas  <zalan@apple.com>
775
776         [Simple line layout] Text with letter spacing is not positioned properly.
777         https://bugs.webkit.org/show_bug.cgi?id=183079
778         <rdar://problem/38762569>
779
780         Reviewed by Antti Koivisto.
781
782         We need to recompute RenderText::m_canUseSimplifiedTextMeasuring when the font cascade changes
783         since we might not be able to use the fast path anymore.
784
785         Test: fast/text/simple-line-layout-dynamic-letter-word-spacing.html
786
787         * rendering/RenderText.cpp:
788         (WebCore::RenderText::styleDidChange):
789
790 2018-03-21  Antoine Quint  <graouts@apple.com>
791
792         [Web Animations] Make imported/mozilla/css-animations/test_event-dispatch.html pass reliably
793         https://bugs.webkit.org/show_bug.cgi?id=183845
794
795         Reviewed by Dean Jackson.
796
797         Finish the work to get DOM events for CSS Animations and CSS Transitions dispatching as specified.
798
799         * animation/AnimationEffectReadOnly.cpp: Move timeEpsilon to be shared as part of WebAnimationUtilities.h since we now need it in
800         WebAnimation::timeToNextRequiredTick().
801         * animation/AnimationTimeline.cpp:
802         (WebCore::AnimationTimeline::updateCSSAnimationsForElement): We add a pre-emptive return clause when we know that the AnimationList
803         for previous and current styles are a match.
804         * animation/CSSTransition.cpp:
805         (WebCore::CSSTransition::matchesBackingAnimationAndStyles const): Ensure we have a valid effect before downcasting it.
806         * animation/DeclarativeAnimation.cpp:
807         (WebCore::DeclarativeAnimation::initialize): We need to call pause() for declarative animations that aren't playing so that the animation's
808         playState is set correctly and the animation is not idle.
809         * animation/DocumentTimeline.cpp:
810         (WebCore::DocumentTimeline::updateAnimationSchedule): We no longer need to pass the current time to timeToNextRequiredTick() since the method has
811         been reworked to use the animation's current time, which is based on the timeline's current time.
812         (WebCore::DocumentTimeline::updateAnimations): Avoid creating a copy when iterating over pending hardware animations.
813         * animation/KeyframeEffectReadOnly.cpp:
814         (WebCore::KeyframeEffectReadOnly::stylesWouldYieldNewCSSTransitionsBlendingKeyframes const): We should never generate new blending keyframes if the
815         old and new styles contain the same value, since there would be no transition between two equal values, and we should only look at whether the new
816         style value and the recorded target value differ to determine if new blending keyframes are necessary.
817         * animation/WebAnimation.cpp:
818         (WebCore::WebAnimation::timeToNextRequiredTick const): We correct our scheduling code which was shown to be broken in several of the newly-imported
819         Mozilla tests. Any running animation is now scheduled to invalidate again on the next tick, and we use timeEpsilon from WebAnimationUtilities.h to
820         correctly check if we're right at the active threshold, when we also invalidate on the next tick. If our current time is negative, in other words
821         when the animation has not yet started, we schedule this animation's next tick to be the negative of that value. In all other cases, no invalidation
822         needs to be scheduled.
823         * animation/WebAnimation.h: We move updateFinishedState() to private since this method is not actually used outside of WebAnimation.cpp.
824         * animation/WebAnimationUtilities.h: Move timeEpsilon to be shared as part of WebAnimationUtilities.h.
825
826 2018-03-22  Tim Horton  <timothy_horton@apple.com>
827
828         Improve readability of WebCore's OTHER_LDFLAGS
829         https://bugs.webkit.org/show_bug.cgi?id=183909
830         <rdar://problem/38760992>
831
832         Reviewed by Dan Bernstein.
833
834         * Configurations/Base.xcconfig:
835         * Configurations/FeatureDefines.xcconfig:
836         * Configurations/WebCore.xcconfig:
837
838 2018-03-22  Tim Horton  <timothy_horton@apple.com>
839
840         Adopt USE(OPENGL[_ES]) in more places
841         https://bugs.webkit.org/show_bug.cgi?id=183882
842         <rdar://problem/37912195>
843
844         Reviewed by Dan Bernstein.
845
846         * platform/graphics/GraphicsContext3D.h:
847         * platform/graphics/cocoa/GraphicsContext3DCocoa.mm:
848         (WebCore::hasMuxableGPU):
849         (WebCore::GraphicsContext3DManager::updateHighPerformanceState):
850         (WebCore::GraphicsContext3D::GraphicsContext3D):
851         (WebCore::GraphicsContext3D::~GraphicsContext3D):
852         (WebCore::GraphicsContext3D::makeContextCurrent):
853         (WebCore::GraphicsContext3D::checkGPUStatus):
854         (WebCore::GraphicsContext3D::texImageIOSurface2D):
855         * platform/graphics/cocoa/WebGLLayer.h:
856         * platform/graphics/cocoa/WebGLLayer.mm:
857         (-[WebGLLayer initWithGraphicsContext3D:]):
858         (-[WebGLLayer copyImageSnapshotWithColorSpace:]):
859         (-[WebGLLayer display]):
860         * platform/graphics/ios/GraphicsContext3DIOS.h:
861         * platform/graphics/opengl/Extensions3DOpenGL.cpp:
862         (WebCore::Extensions3DOpenGL::blitFramebuffer):
863         (WebCore::Extensions3DOpenGL::createVertexArrayOES):
864         (WebCore::Extensions3DOpenGL::deleteVertexArrayOES):
865         (WebCore::Extensions3DOpenGL::isVertexArrayOES):
866         (WebCore::Extensions3DOpenGL::bindVertexArrayOES):
867         * platform/graphics/opengl/Extensions3DOpenGL.h:
868         * platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:
869         (WebCore::GraphicsContext3D::reshapeFBOs):
870         (WebCore::GraphicsContext3D::resolveMultisamplingIfNecessary):
871         (WebCore::GraphicsContext3D::renderbufferStorage):
872         (WebCore::GraphicsContext3D::getIntegerv):
873         (WebCore::GraphicsContext3D::texImage2D):
874         (WebCore::GraphicsContext3D::depthRange):
875         (WebCore::GraphicsContext3D::clearDepth):
876         * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
877         (WebCore::GraphicsContext3D::paintRenderingResultsToCanvas):
878         Make it a bit more clear which code is platform-dependent and which code is GL/GLES-dependent.
879
880 2018-03-22  Zan Dobersek  <zdobersek@igalia.com>
881
882         [TexMap] Make TextureMapperContextAttributes thread-specific
883         https://bugs.webkit.org/show_bug.cgi?id=183895
884
885         Reviewed by Carlos Garcia Campos.
886
887         Store the TextureMapperContextAttributes in a thread-specific manner.
888         The TextureMapperContextAttributes::get() method is now used to retrieve
889         a reference to that thread-specific object. If it's not been initialized
890         yet, then the current GL context is used for the initialization, as it
891         used to be done in the now-removed initialize() method.
892
893         TextureMapperPlatformLayerBuffer::clone() method now doesn't need to
894         be passed a TextureMapperGL object, since the texture can be created
895         directly by calling BitmapTextureGL::create(), passing the
896         TextureMapperContextAttributes object that's retrieved from the
897         thread-specific storage. This further simplifies the
898         TextureMapperPlatformLayerProxy::Compositor interface, removing the
899         texmapGL() getter from it.
900
901         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
902         (WebCore::MediaPlayerPrivateGStreamerBase::pushTextureToCompositor):
903         * platform/graphics/texmap/TextureMapperContextAttributes.cpp:
904         (WebCore::threadSpecificAttributes):
905         (WebCore::TextureMapperContextAttributes::get):
906         (WebCore::TextureMapperContextAttributes::initialize): Deleted.
907         * platform/graphics/texmap/TextureMapperContextAttributes.h:
908         * platform/graphics/texmap/TextureMapperGL.cpp:
909         (WebCore::TextureMapperGL::TextureMapperGL):
910         * platform/graphics/texmap/TextureMapperPlatformLayerBuffer.cpp:
911         (WebCore::TextureMapperPlatformLayerBuffer::clone):
912         * platform/graphics/texmap/TextureMapperPlatformLayerBuffer.h:
913         * platform/graphics/texmap/TextureMapperPlatformLayerProxy.cpp:
914         (WebCore::TextureMapperPlatformLayerProxy::dropCurrentBufferWhilePreservingTexture):
915         * platform/graphics/texmap/TextureMapperPlatformLayerProxy.h:
916
917 2018-03-22  Zalan Bujtas  <zalan@apple.com>
918
919         SVG root is skipped while marking percentage height descendants dirty.
920         https://bugs.webkit.org/show_bug.cgi?id=183877
921
922         Reviewed by Antti Koivisto.
923
924         Calling continingBlock() to get to the correct container works as long as the ancestor inline element
925         renderers are wrapped in anonymous blocks (continuation for example).
926
927         While the SVG root renderer is an inline renderer, it is not wrapped or normalized in any way,
928         so containingBlock() will elegantly skip it and return an SVG root ancestor.
929         dirtyForLayoutFromPercentageHeightDescendants calls containingBlock() to walk up
930         on the ancestor chain to mark elements dirty. This fails when there's an SVG subtree in the block chain.
931         This patch marks the SVG subtree chain dirty to ensure that layout will get to all the dirty leaf renderers 
932         (note that the SVG subtree is supposed to have only statically positioned elements so parent == containing block).
933
934         Covered by existing tests.
935
936         * rendering/RenderBlock.cpp:
937         (WebCore::RenderBlock::dirtyForLayoutFromPercentageHeightDescendants):
938
939 2018-03-22  Adrian Perez de Castro  <aperez@igalia.com>
940
941         [WPE][GTK] Build failure when ENABLE_VIDEO, ENABLE_WEB_AUDIO and ENABLE_XSLT are disabled
942         https://bugs.webkit.org/show_bug.cgi?id=183896
943
944         Reviewed by Yusuke Suzuki.
945
946         No new tests needed.
947
948         * bindings/js/JSWebAnimationCustom.cpp: Add missing #include of Document.h
949
950 2018-03-21  Chris Dumez  <cdumez@apple.com>
951
952         Regression(r229828): WebKit.NoHistoryItemScrollToFragment API test is failing on iOS
953         https://bugs.webkit.org/show_bug.cgi?id=183886
954
955         Reviewed by Wenson Hsieh.
956
957         Since r229828, the FrameLoader needs to call FrameLoaderClient::didDecidePolicyForNavigationAction()
958         whenever a navigation policy decision is made. I added such a call r229828 to
959         FrameLoader::continueLoadAfterNavigationPolicy() but forgot to add one to
960         FrameLoader::continueFragmentScrollAfterNavigationPolicy(), which is the equivalent
961         for fragment navigations.
962
963         * loader/FrameLoader.cpp:
964         (WebCore::FrameLoader::continueFragmentScrollAfterNavigationPolicy):
965
966 2018-03-21  Said Abou-Hallawa  <sabouhallawa@apple.com>
967
968         Disconnect the SVGPathSegList items from their SVGPathElement before rebuilding a new list
969         https://bugs.webkit.org/show_bug.cgi?id=183723
970         <rdar://problem/38517871>
971
972         Reviewed by Daniel Bates.
973
974         When setting the "d" attribute directly on a path, we rebuild the list
975         of path segments held for creating the property tear off. The old path
976         segments need to get disconnected from the path element. We already do 
977         that when a path segment is replaced or removed.
978
979         Test: svg/dom/reuse-pathseg-after-changing-d.html
980
981         * svg/SVGPathElement.cpp:
982         (WebCore::SVGPathElement::svgAttributeChanged):
983         * svg/SVGPathSegList.cpp:
984         (WebCore::SVGPathSegList::clear): SVGPathSegListValues::clearContextAndRoles()
985         will now be called from SVGPathSegListValues::clear() via SVGListProperty::clearValues().
986         (WebCore::SVGPathSegList::replaceItem):
987         (WebCore::SVGPathSegList::removeItem):
988         (WebCore::SVGPathSegList::clearContextAndRoles): Deleted.
989         * svg/SVGPathSegList.h: SVGPathSegListValues::clearContextAndRoles() will
990         now be called from SVGPathSegListValues::clear() via SVGListProperty::initializeValues().
991         * svg/SVGPathSegListValues.cpp:
992         (WebCore::SVGPathSegListValues::clearItemContextAndRole):
993         (WebCore::SVGPathSegListValues::clearContextAndRoles):
994         * svg/SVGPathSegListValues.h:
995         (WebCore::SVGPathSegListValues::operator=):
996         (WebCore::SVGPathSegListValues::clear):
997
998 2018-03-21  Antoine Quint  <graouts@apple.com>
999
1000         [Web Animations] Ensure animationcancel and transitioncancel events are dispatched
1001         https://bugs.webkit.org/show_bug.cgi?id=183864
1002
1003         Reviewed by Dean Jackson.
1004
1005         In order to correctly dispatch animationcancel and transitioncancel events, we must call cancel() on CSSAnimation and CSSTransitions
1006         objects that are removed while in a play or pause phase. Additionally, we cancel declarative animations that are moving from a valid
1007         to a null timeline. Finally, when cancel() is called on a declarative animation, we record the timestamp and manually call
1008         invalidateDOMEvents() passing that timestamp in to ensure that the right phase change is recorded and results in the queuing of
1009         animationcancel and transitioncancel events.
1010
1011         * animation/AnimationTimeline.cpp:
1012         (WebCore::AnimationTimeline::updateCSSAnimationsForElement): Make sure we cancel all recorded CSS Animations when we newly get a
1013         "display: none" style. We also call the new cancelOrRemoveDeclarativeAnimation() method, instead of removing animations outright,
1014         for all animations that previously existed but are no longer listed in the current style.
1015         (WebCore::AnimationTimeline::updateCSSTransitionsForElement): Like in updateCSSAnimationsForElement(), we cancel all recorded CSS
1016         Transitions when we newly get a "display: none" style. We now use the refactored removeDeclarativeAnimation() method to remove an
1017         a transition for a property that was already transitioned in the previous style but has a new backing Animation object. Finally,
1018         like in updateCSSAnimationsForElement(), we call the new cancelOrRemoveDeclarativeAnimation() method, instead of removing transitions
1019         outright, for all transitions that previously existed but are no longer listed in the current style.
1020         (WebCore::AnimationTimeline::removeDeclarativeAnimation): Refactor code into this new method to remove a declarative animation.
1021         (WebCore::AnimationTimeline::cancelOrRemoveDeclarativeAnimation): Cancels a DeclarativeAnimation if it's active or removes it right away.
1022         * animation/AnimationTimeline.h:
1023         * animation/DeclarativeAnimation.cpp:
1024         (WebCore::DeclarativeAnimation::setTimeline): If we're moving from a valid timeline to a null timeline, call cancel() on this animation
1025         such that an animationcancel or transitioncancel event can be dispatched.
1026         (WebCore::DeclarativeAnimation::cancel): Cancelations require the computation of the time at which a declarative animation was canceled,
1027         so we record the animation's active time as it's canceled and manually call invalidateDOMEvents() with that time after the general cancel()
1028         code has run.
1029         (WebCore::DeclarativeAnimation::invalidateDOMEvents): Accept an explicit timestamp for cancel events.
1030         * animation/DeclarativeAnimation.h:
1031         * animation/WebAnimation.h:
1032
1033 2018-03-21  Chris Dumez  <cdumez@apple.com>
1034
1035         ScrollViewInsetTests.RestoreInitialContentOffsetAfterCrash API test is failing with async delegates
1036         https://bugs.webkit.org/show_bug.cgi?id=183787
1037
1038         Reviewed by Wenson Hsieh.
1039
1040         * loader/FrameLoader.cpp:
1041         (WebCore::FrameLoader::continueLoadAfterNavigationPolicy):
1042         * loader/FrameLoaderClient.h:
1043
1044 2018-03-21  Eric Carlson  <eric.carlson@apple.com>
1045
1046         Clean up platform VideoFullscreenLayerManager
1047         https://bugs.webkit.org/show_bug.cgi?id=183859
1048         <rdar://problem/38715419>
1049
1050         Reviewed by Jer Noble.
1051
1052         No new tests, no functional change.
1053
1054         * WebCore.xcodeproj/project.pbxproj:
1055         * platform/graphics/VideoFullscreenLayerManager.h: Copied from Source/WebCore/platform/graphics/avfoundation/objc/VideoFullscreenLayerManager.h.
1056         (WebCore::VideoFullscreenLayerManager::~VideoFullscreenLayerManager):
1057         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
1058         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
1059         (WebCore::MediaPlayerPrivateAVFoundationObjC::MediaPlayerPrivateAVFoundationObjC):
1060         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerLayer):
1061         (WebCore::MediaPlayerPrivateAVFoundationObjC::destroyVideoLayer):
1062         (WebCore::MediaPlayerPrivateAVFoundationObjC::platformLayer const):
1063         (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenLayer):
1064         (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenFrame):
1065         (WebCore::MediaPlayerPrivateAVFoundationObjC::updateVideoLayerGravity):
1066         (WebCore::MediaPlayerPrivateAVFoundationObjC::requiresTextTrackRepresentation const):
1067         (WebCore::MediaPlayerPrivateAVFoundationObjC::syncTextTrackBounds):
1068         (WebCore::MediaPlayerPrivateAVFoundationObjC::setTextTrackRepresentation):
1069         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
1070         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
1071         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::MediaPlayerPrivateMediaSourceAVFObjC):
1072         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::platformLayer const):
1073         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::ensureLayer):
1074         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::destroyLayer):
1075         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setVideoFullscreenLayer):
1076         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setVideoFullscreenFrame):
1077         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::requiresTextTrackRepresentation const):
1078         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::syncTextTrackBounds):
1079         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setTextTrackRepresentation):
1080         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
1081         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
1082         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::MediaPlayerPrivateMediaStreamAVFObjC):
1083         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::ensureLayers):
1084         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::destroyLayers):
1085         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::platformLayer const):
1086         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::setVideoFullscreenLayer):
1087         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::setVideoFullscreenFrame):
1088         * platform/graphics/avfoundation/objc/VideoFullscreenLayerManagerObjC.h: Renamed from Source/WebCore/platform/graphics/avfoundation/objc/VideoFullscreenLayerManager.h.
1089         * platform/graphics/avfoundation/objc/VideoFullscreenLayerManagerObjC.mm: Renamed from Source/WebCore/platform/graphics/avfoundation/objc/VideoFullscreenLayerManager.mm.
1090         (-[WebVideoContainerLayer setBounds:]):
1091         (-[WebVideoContainerLayer setPosition:]):
1092         (WebCore::VideoFullscreenLayerManagerObjC::VideoFullscreenLayerManagerObjC):
1093         (WebCore::VideoFullscreenLayerManagerObjC::setVideoLayer):
1094         (WebCore::VideoFullscreenLayerManagerObjC::setVideoFullscreenLayer):
1095         (WebCore::VideoFullscreenLayerManagerObjC::setVideoFullscreenFrame):
1096         (WebCore::VideoFullscreenLayerManagerObjC::didDestroyVideoLayer):
1097         (WebCore::VideoFullscreenLayerManagerObjC::requiresTextTrackRepresentation const):
1098         (WebCore::VideoFullscreenLayerManagerObjC::syncTextTrackBounds):
1099         (WebCore::VideoFullscreenLayerManagerObjC::setTextTrackRepresentation):
1100
1101 2018-03-21  Antoine Quint  <graouts@apple.com>
1102
1103         [Web Animations] Dispatch DOM events for CSS Transitions and CSS Animations implemented as Web Animations
1104         https://bugs.webkit.org/show_bug.cgi?id=183781
1105
1106         Reviewed by Dean Jackson.
1107
1108         Now that we've implemented CSS Animations and CSS Transitions as Web Animations (webkit.org/b/183504) we can dispatch DOM events
1109         for targets of DeclarativeAnimation objects. To do that, we add a new invalidateDOMEvents() method on DeclarativeAnimations which
1110         is called when the timer scheduled after the timing model has been invalidated fires in DocumentTimeline::performInvalidationTask().
1111         When we check for DOM events to dispatch, we look at the last recorded phase and iteration and determine whether the state of the
1112         animation has changed. We use a GenericEventQueue to enqueue the events such that they are dispatched asynchronously at a moment
1113         when it is safe to evaluate script.
1114
1115         * animation/AnimationEffectReadOnly.h: Make currentIteration() public since we now need it in DeclarativeAnimation::invalidateDOMEvents().
1116         * animation/CSSAnimation.cpp:
1117         (WebCore::CSSAnimation::create): Pass the animation target to the constructor instead of its document.
1118         (WebCore::CSSAnimation::CSSAnimation): Pass the animation target to the superclass instead of its document.
1119         * animation/CSSAnimation.h:
1120         * animation/CSSTransition.cpp:
1121         (WebCore::CSSTransition::create): Pass the animation target to the constructor instead of its document.
1122         (WebCore::CSSTransition::CSSTransition): Pass the animation target to the superclass instead of its document.
1123         * animation/CSSTransition.h:
1124         * animation/DeclarativeAnimation.cpp:
1125         (WebCore::DeclarativeAnimation::DeclarativeAnimation): Expect an Element instead of a Document and use that element as the target of the
1126         GenericEventQueue that we initialize. We also register this element as our m_target.
1127         (WebCore::DeclarativeAnimation::~DeclarativeAnimation): Close the GenericEventQueue member upon destruction.
1128         (WebCore::DeclarativeAnimation::initialize): We need to call pause() for declarative animations that aren't playing so that the animation's
1129         playState is set correctly and the animation is not idle.
1130         (WebCore::DeclarativeAnimation::phaseWithoutEffect const): Because we may need to get an animation's current phase in invalidateDOMEvents()
1131         after an animation's effect has been removed, we provide an alternate way to compute the phase just by looking at the animation's current time.
1132         (WebCore::DeclarativeAnimation::invalidateDOMEvents): Based on the previous and current pending state, iteration and phase, we enqueue animation
1133         and transition DOM events as specified by the CSS Animations Level 2 and CSS Transitions Level 2 specifications.
1134         (WebCore::DeclarativeAnimation::enqueueDOMEvent): Enqueue an event on the GenericEventQueue based on the animation type.
1135         * animation/DeclarativeAnimation.h:
1136         * animation/DocumentTimeline.cpp:
1137         (WebCore::DocumentTimeline::performInvalidationTask): We call invalidateDOMEvents() on all declarative animations registered with this timeline
1138         now that the timing model has been invalidated.
1139         * dom/EventNames.h: Add the names of newly-implemented events (animationcancel, transitioncancel, transitionrun and transitionstart).
1140         * dom/GlobalEventHandlers.idl: Add new attribute-based event handlers for the newly-implemented events.
1141         * html/HTMLAttributeNames.in: Add new attribute-based event handlers for the newly-implemented events.
1142         * html/HTMLElement.cpp:
1143         (WebCore::HTMLElement::createEventHandlerNameMap): Add new attribute-based event handlers for the newly-implemented events.
1144
1145 2018-03-21  Per Arne Vollan  <pvollan@apple.com>
1146
1147         Compile error when not using IOSurface canvas backing store.
1148         https://bugs.webkit.org/show_bug.cgi?id=183855
1149
1150         Reviewed by Brent Fulgham.
1151
1152         The method IOSurface::createFromImageBuffer is only referenced when IOSurface
1153         is used as canvas backing store.
1154
1155         * platform/graphics/cocoa/IOSurface.h:
1156         * platform/graphics/cocoa/IOSurface.mm:
1157
1158 2018-03-21  Zan Dobersek  <zdobersek@igalia.com>
1159
1160         [CoordGraphics] Track dirty rects that need update in CoordinatedGraphicsLayer
1161         https://bugs.webkit.org/show_bug.cgi?id=175376
1162
1163         Reviewed by Carlos Garcia Campos.
1164
1165         Follow the GraphicsLayerCA class and track rectangles in need of display
1166         in a Vector object. In case the whole layer needs updating, it's marked
1167         separately, and further rects are ignored.
1168
1169         During layer flush, all the rects are used to invalidate the backing
1170         store, or a single layer-sized rect is used in case the whole layer has
1171         to be updated. We can also bail early from updateContentBuffers() if
1172         there are no dirty rects recorded and there's no pending visible rect
1173         adjustment.
1174
1175         At the end of updateContentBuffers() we now test for an existing
1176         previous backing store before inquiring the backing store if the visible
1177         area is already covered, enabling deletion of this backing store.
1178
1179         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
1180         (WebCore::CoordinatedGraphicsLayer::setNeedsDisplay):
1181         (WebCore::CoordinatedGraphicsLayer::setNeedsDisplayInRect):
1182         (WebCore::CoordinatedGraphicsLayer::updateContentBuffers):
1183         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
1184
1185 2018-03-21  Carlos Alberto Lopez Perez  <clopez@igalia.com>
1186
1187         [WPE] Build failure with ENABLE_VIDEO=OFF when GStreamer is not available
1188         https://bugs.webkit.org/show_bug.cgi?id=183811
1189
1190         Reviewed by Philippe Normand.
1191
1192         Add build guards for USE_GSTREAMER.
1193
1194         No new tests, it is a build fix.
1195
1196         * platform/graphics/gstreamer/GStreamerUtilities.h:
1197
1198 2018-03-21  Zan Dobersek  <zdobersek@igalia.com>
1199
1200         [Cairo] Draw Cairo patterns with cairo_paint_with_alpha()
1201         https://bugs.webkit.org/show_bug.cgi?id=183774
1202
1203         Reviewed by Carlos Garcia Campos.
1204
1205         In the drawPatternToCairoContext() helper in CairoOperations.cpp source
1206         file, always clip the painting region to the specified rectangle and
1207         then use cairo_paint_with_alpha() to paint the passed-in pattern object,
1208         not relaying rasterization to cairo_fill() when using opaque alpha. We
1209         still clamp the alpha value to the 0.0 - 1.0 range.
1210
1211         No new tests -- no change in behavior.
1212
1213         * platform/graphics/cairo/CairoOperations.cpp:
1214         (WebCore::Cairo::drawPatternToCairoContext):
1215
1216 2018-03-21  Zan Dobersek  <zdobersek@igalia.com>
1217
1218         [TexMap] Have TextureMapperLayer::applyAnimationsRecursively() return running animation status
1219         https://bugs.webkit.org/show_bug.cgi?id=183771
1220
1221         Reviewed by Carlos Garcia Campos.
1222
1223         TextureMapperLayer::applyAnimationsRecursively() should return true when
1224         the TextureMapperLayer tree has currently-running animations that
1225         require continuous scene update.
1226
1227         TextureMapperAnimation::ApplicationResult gains the hasRunningAnimation
1228         member that's set to true if any of the applied animations are still in
1229         playing state. That information is then returned in syncAnimations(),
1230         and the result is accumulated in the top applyAnimationsRecursively()
1231         call and returned there to the caller.
1232
1233         No new tests -- no change in behavior.
1234
1235         * platform/graphics/texmap/TextureMapperAnimation.cpp:
1236         (WebCore::TextureMapperAnimation::apply):
1237         * platform/graphics/texmap/TextureMapperAnimation.h:
1238         * platform/graphics/texmap/TextureMapperLayer.cpp:
1239         (WebCore::TextureMapperLayer::applyAnimationsRecursively):
1240         (WebCore::TextureMapperLayer::syncAnimations):
1241         * platform/graphics/texmap/TextureMapperLayer.h:
1242
1243 2018-03-21  Zan Dobersek  <zdobersek@igalia.com>
1244
1245         Use-after-move in SWContextManager::terminateWorker() with Linux x86_64 calling convention
1246         https://bugs.webkit.org/show_bug.cgi?id=183783
1247
1248         Reviewed by Chris Dumez.
1249
1250         In SWContextManager::terminateWorker(), some calling conventions can
1251         end up moving the ServiceWorkerThreadProxy RefPtr into the lambda struct
1252         before that proxy's thread (on which the lambda is bound to execute) is
1253         retrieved.
1254
1255         Avoid this by taking a reference to the thread in a separate earlier
1256         expression, before the RefPtr is moved into the lambda in the following
1257         one.
1258
1259         * workers/service/context/SWContextManager.cpp:
1260         (WebCore::SWContextManager::terminateWorker):
1261
1262 2018-03-21  Timothy Horton  <timothy_horton@apple.com>
1263
1264         Fix the build
1265
1266         * platform/network/cf/FormDataStreamCFNet.cpp:
1267
1268 2018-03-20  Tim Horton  <timothy_horton@apple.com>
1269
1270         Introduce HAVE_MEDIA_PLAYER and HAVE_CORE_VIDEO
1271         https://bugs.webkit.org/show_bug.cgi?id=183803
1272         <rdar://problem/38690487>
1273
1274         Reviewed by Sam Weinig.
1275
1276         * platform/audio/ios/MediaSessionManagerIOS.mm:
1277         (WebCore::MediaSessionManageriOS::configureWireLessTargetMonitoring):
1278         (WebCore::MediaSessionManageriOS::updateNowPlayingInfo):
1279         (-[WebMediaSessionHelper initWithCallback:]):
1280         (-[WebMediaSessionHelper dealloc]):
1281         (-[WebMediaSessionHelper hasWirelessTargetsAvailable]):
1282         * platform/cocoa/CoreVideoSoftLink.cpp:
1283         * platform/cocoa/CoreVideoSoftLink.h:
1284         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
1285         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
1286         (WebCore::MediaPlayerPrivateAVFoundationObjC::createVideoLayer):
1287         (WebCore::MediaPlayerPrivateAVFoundationObjC::hasAvailableVideoFrame const):
1288         (WebCore::MediaPlayerPrivateAVFoundationObjC::updateLastImage):
1289         * platform/graphics/avfoundation/objc/MediaSampleAVFObjC.mm:
1290         (WebCore::MediaSampleAVFObjC::getRGBAImageData const):
1291         * platform/graphics/cv/PixelBufferConformerCV.cpp:
1292         * platform/graphics/cv/PixelBufferConformerCV.h:
1293         * platform/graphics/cv/TextureCacheCV.h:
1294         * platform/graphics/cv/TextureCacheCV.mm:
1295         * platform/graphics/cv/VideoTextureCopierCV.cpp:
1296         * platform/graphics/cv/VideoTextureCopierCV.h:
1297         Make it possible to disable our dependency on MediaPlayer and CoreVideo.
1298
1299 2018-03-20  Tim Horton  <timothy_horton@apple.com>
1300
1301         Enable the minimal simulator feature flag when appropriate
1302         https://bugs.webkit.org/show_bug.cgi?id=183807
1303
1304         Reviewed by Dan Bernstein.
1305
1306         * Configurations/FeatureDefines.xcconfig:
1307
1308 2018-03-19  Ryosuke Niwa  <rniwa@webkit.org>
1309
1310         Expose content attributes on _WKLinkIconParameters
1311         https://bugs.webkit.org/show_bug.cgi?id=183768
1312
1313         Reviewed by Alex Christensen.
1314
1315         Collect a vector of content attributes upon finding touch and fav-icons in order to expose it in a WebKit API.
1316
1317         Tests: IconLoading.DefaultFavicon
1318
1319         * html/LinkIconCollector.cpp:
1320         (WebCore::LinkIconCollector::iconsOfTypes): Collect attributes.
1321         * loader/DocumentLoader.cpp:
1322         (WebCore::DocumentLoader::startIconLoading): Use an empty vector for /favicon.ico.
1323         * platform/LinkIcon.h:
1324         (WebCore::LinkIcon::encode const): Encode the vector of content attributes.
1325         (WebCore::LinkIcon::decode): Ditto for decoding.
1326
1327 2018-03-20  Zalan Bujtas  <zalan@apple.com>
1328
1329         RenderTreeNeedsLayoutChecker fails with absolutely positioned svg and <use>
1330         https://bugs.webkit.org/show_bug.cgi?id=183718
1331
1332         Reviewed by Antti Koivisto.
1333
1334         This patch ensures after resolving the style for an SVG element with a corresponding element (<use>),
1335         we adjust this style for the cloned SVG element too.
1336
1337         Test: svg/in-html/path-with-absolute-positioned-svg-and-use-crash.html
1338
1339         * css/StyleResolver.cpp:
1340         (WebCore::StyleResolver::adjustSVGElementStyle):
1341         (WebCore::StyleResolver::adjustRenderStyle):
1342         * css/StyleResolver.h:
1343         * svg/SVGElement.cpp:
1344         (WebCore::SVGElement::resolveCustomStyle):
1345
1346 2018-03-20  Brady Eidson  <beidson@apple.com>
1347
1348         First piece of process swapping on navigation.
1349         https://bugs.webkit.org/show_bug.cgi?id=183665
1350
1351         Reviewed by Andy Estes.
1352
1353         Covered by API test(s)
1354
1355         This patch:
1356         - A new PolicyAction::Suspend for future use in this feature
1357         - Makes sure that loads triggered as part of a process swap do *not* re-consult the policy delegate
1358
1359         * loader/DocumentLoader.cpp:
1360         (WebCore::DocumentLoader::continueAfterContentPolicy):
1361
1362         * loader/FrameLoadRequest.h:
1363         (WebCore::FrameLoadRequest::setShouldCheckNavigationPolicy):
1364         (WebCore::FrameLoadRequest::shouldCheckNavigationPolicy const):
1365
1366         * loader/FrameLoader.cpp:
1367         (WebCore::FrameLoader::load):
1368         (WebCore::FrameLoader::loadWithDocumentLoader):
1369         * loader/FrameLoader.h:
1370
1371         * loader/FrameLoaderTypes.h: Add a new Policy type "Suspend" to be used in the future
1372           by the process-swap-on-navigation mechanism.
1373
1374         * loader/PolicyChecker.cpp:
1375         (WebCore::PolicyChecker::checkNavigationPolicy):
1376         (WebCore::PolicyChecker::checkNewWindowPolicy):
1377
1378 2018-03-20  Chris Dumez  <cdumez@apple.com>
1379
1380         QuickLook.NavigationDelegate API test is failing on iOS with async policy delegates
1381         https://bugs.webkit.org/show_bug.cgi?id=183791
1382
1383         Reviewed by Alex Christensen.
1384
1385         Update PreviewLoader to not send data (or call finishFinishLoading) until
1386         the resource response has been processed.
1387
1388         * loader/ios/PreviewLoader.mm:
1389         (-[WebPreviewLoader _sendDidReceiveResponseIfNecessary]):
1390         (-[WebPreviewLoader connection:didReceiveData:lengthReceived:]):
1391         (-[WebPreviewLoader connectionDidFinishLoading:]):
1392
1393 2018-03-20  Antoine Quint  <graouts@apple.com>
1394
1395         [Web Animations] Update the timing model when pending tasks schedule changes
1396         https://bugs.webkit.org/show_bug.cgi?id=183785
1397
1398         Reviewed by Dean Jackson.
1399
1400         Changing the time at which a pending play or pause task is scheduled changes the pending
1401         state of the animation and thus should notify that the timing model has changed and invalidate
1402         the effect.
1403
1404         * animation/WebAnimation.cpp:
1405         (WebCore::WebAnimation::setTimeToRunPendingPlayTask):
1406         (WebCore::WebAnimation::setTimeToRunPendingPauseTask):
1407         (WebCore::WebAnimation::updatePendingTasks):
1408
1409 2018-03-20  Tim Horton  <timothy_horton@apple.com>
1410
1411         Add and adopt WK_PLATFORM_NAME and adjust default feature defines
1412         https://bugs.webkit.org/show_bug.cgi?id=183758
1413         <rdar://problem/38017644>
1414
1415         Reviewed by Dan Bernstein.
1416
1417         * Configurations/Base.xcconfig:
1418         * Configurations/FeatureDefines.xcconfig:
1419         * WebCore.xcodeproj/project.pbxproj:
1420
1421 2018-03-19  Tim Horton  <timothy_horton@apple.com>
1422
1423         Apply some SDK checks in LocalDefaultSystemAppearance
1424         https://bugs.webkit.org/show_bug.cgi?id=183767
1425         <rdar://problem/38649611>
1426
1427         Reviewed by Zalan Bujtas.
1428
1429         * platform/mac/LocalDefaultSystemAppearance.h:
1430         * platform/mac/LocalDefaultSystemAppearance.mm:
1431         (WebCore::LocalDefaultSystemAppearance::LocalDefaultSystemAppearance):
1432         (WebCore::LocalDefaultSystemAppearance::~LocalDefaultSystemAppearance):
1433
1434 2018-03-19  Chris Dumez  <cdumez@apple.com>
1435
1436         Have one service worker process per security origin
1437         https://bugs.webkit.org/show_bug.cgi?id=183600
1438         <rdar://problem/35280128>
1439
1440         Reviewed by Brady Eidson.
1441
1442         Split service workers from different origins into their own processes
1443         for security reasons.
1444
1445         * workers/service/server/SWServer.cpp:
1446         (WebCore::SWServer::addRegistrationFromStore):
1447         (WebCore::SWServer::clear):
1448         (WebCore::SWServer::tryInstallContextData):
1449         (WebCore::SWServer::serverToContextConnectionCreated):
1450         (WebCore::SWServer::installContextData):
1451         (WebCore::SWServer::runServiceWorkerIfNecessary):
1452         (WebCore::SWServer::markAllWorkersAsTerminated):
1453         * workers/service/server/SWServer.h:
1454         * workers/service/server/SWServerToContextConnection.cpp:
1455         (WebCore::SWServerToContextConnection::SWServerToContextConnection):
1456         (WebCore::SWServerToContextConnection::~SWServerToContextConnection):
1457         (WebCore::SWServerToContextConnection::connectionForOrigin):
1458         * workers/service/server/SWServerToContextConnection.h:
1459         (WebCore::SWServerToContextConnection::origin):
1460         * workers/service/server/SWServerWorker.cpp:
1461         (WebCore::SWServerWorker::SWServerWorker):
1462         (WebCore::SWServerWorker::securityOrigin const):
1463         (WebCore::SWServerWorker::contextConnection):
1464         * workers/service/server/SWServerWorker.h:
1465
1466 2018-03-19  Megan Gardner  <megan_gardner@apple.com>
1467
1468         Have select element respect current appearance
1469         https://bugs.webkit.org/show_bug.cgi?id=183753
1470
1471         Reviewed by Tim Horton.
1472
1473         Not currently testable, will add tests in a later patch.
1474
1475         Have the menu lists/select elements follow the system colors.
1476
1477         * rendering/RenderThemeMac.mm:
1478         (WebCore::RenderThemeMac::adjustMenuListStyle const):
1479
1480 2018-03-19  Nan Wang  <n_wang@apple.com>
1481
1482         AX: embedded attachments do not work correctly with text marker APIs on macOS
1483         https://bugs.webkit.org/show_bug.cgi?id=183751
1484
1485         Reviewed by Chris Fleizach.
1486
1487         In WebKit1, embedded attachments are not working well with text marker APIs.
1488         We should use the corresponding attachment view in the following cases:
1489         1. Hit testing on an attachment object.
1490         2. Getting the attachment object at a text marker position.
1491         3. Asking for the associated element with NSAccessibilityAttachmentTextAttribute. 
1492
1493         Not able to construct a layout test because it relies on embedded attachments.
1494
1495         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
1496         (AXAttributeStringSetElement):
1497         (-[WebAccessibilityObjectWrapper accessibilityHitTest:]):
1498         (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:forParameter:]):
1499
1500 2018-03-19  Jiewen Tan  <jiewen_tan@apple.com>
1501
1502         Unreviewed, another quick fix for r229699
1503
1504         Restricts ENABLE_WEB_AUTHN to only macOS and iOS.
1505
1506         * Configurations/FeatureDefines.xcconfig:
1507
1508 2018-03-19  Daniel Bates  <dabates@apple.com>
1509
1510         Fix case of Strong Password localized string
1511
1512         * English.lproj/Localizable.strings:
1513         * platform/LocalizedStrings.cpp:
1514         (WebCore::autoFillStrongPasswordLabel):
1515
1516 2018-03-19  Chris Dumez  <cdumez@apple.com>
1517
1518         WebKit.WebsitePoliciesAutoplayQuirks API test times out with async policy delegates
1519         https://bugs.webkit.org/show_bug.cgi?id=183702
1520         <rdar://problem/38566060>
1521
1522         Reviewed by Alex Christensen.
1523
1524         The issue is that the test calls loadHTMLString then loadRequest right after, without
1525         waiting for the first load to complete first. loadHTMLString is special as it relies
1526         on substitute data and which schedules a timer to commit the data. When doing the
1527         navigation policy check for the following loadRequest(), the substitute data timer
1528         would fire and commit its data and load. This would in turn cancel the pending
1529         navigation policy check for the loadRequest().
1530
1531         With sync policy delegates, this is not an issue because we take care of stopping
1532         all loaders when receiving the policy decision, which happens synchronously. However,
1533         when the policy decision happens asynchronously, the pending substitute data load
1534         does not get cancelled in time and it gets committed.
1535
1536         To address the issue, we now cancel any pending provisional load before doing the
1537         navigation policy check.
1538
1539         Test: fast/loader/inner-iframe-loads-data-url-into-parent-on-unload-crash-async-delegate.html
1540
1541         * loader/FrameLoader.cpp:
1542         (WebCore::FrameLoader::clearProvisionalLoadForPolicyCheck):
1543         * loader/FrameLoader.h:
1544         * loader/PolicyChecker.cpp:
1545         (WebCore::PolicyChecker::checkNavigationPolicy):
1546         Cancel any pending provisional load before starting the navigation policy check. This call
1547         needs to be here rather than in the call site of policyChecker().checkNavigationPolicy()
1548         because there is code in PolicyChecker::checkNavigationPolicy() which relies on
1549         FrameLoader::activeDocumentLoader().
1550         Also, we only cancel the provisional load if there is a policy document loader. In some
1551         rare cases (when we receive a redirect after navigation policy has been decided for the
1552         initial request), the provisional document loader needs to receive navigation policy
1553         decisions so we cannot clear the provisional document loader in such case.
1554
1555 2018-03-19  Eric Carlson  <eric.carlson@apple.com>
1556
1557         [Extra zoom mode] Require fullscreen for video playback
1558         https://bugs.webkit.org/show_bug.cgi?id=183742
1559         <rdar://problem/38235862>
1560
1561         Reviewed by Jer Noble.
1562
1563         * Modules/modern-media-controls/media/playback-support.js:
1564         (PlaybackSupport.prototype.syncControl): Always show the play button.
1565         * html/HTMLMediaElement.cpp:
1566         (WebCore::HTMLMediaElement::updatePlayState): Return immediately if playback requires fullscreen
1567         (WebCore::HTMLMediaElement::didBecomeFullscreenElement): Call updatePlayState in case 
1568         playback is pending.
1569         * html/HTMLMediaElement.h:
1570         * platform/cocoa/VideoFullscreenModel.h:
1571         (WebCore::VideoFullscreenModel::presentingViewController): New.
1572         (WebCore::VideoFullscreenModel::createVideoFullscreenViewController): New.
1573         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
1574         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerLayer):
1575         (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenMode):
1576         * platform/ios/PlaybackSessionInterfaceAVKit.mm:
1577         (WebCore::PlaybackSessionInterfaceAVKit::seekableRangesChanged):
1578
1579         * platform/ios/VideoFullscreenInterfaceAVKit.h:
1580         * platform/ios/VideoFullscreenInterfaceAVKit.mm: Wrap AVPlayerLayerView so we can change its
1581         behavior.
1582         (WebAVPlayerLayerView_playerLayer):
1583         (WebAVPlayerLayerView_videoView):
1584         (allocWebAVPlayerLayerViewInstance):
1585         (-[WebAVPlayerViewController initWithFullscreenInterface:]):
1586         (-[WebAVPlayerViewController playerViewControllerShouldHandleDoneButtonTap:]):
1587         (-[WebAVPlayerViewController enterFullScreenAnimated:completionHandler:]):
1588         (-[WebAVPlayerViewController exitFullScreenAnimated:completionHandler:]):
1589         (-[WebAVPlayerViewController NO_RETURN_DUE_TO_ASSERT]):
1590         (-[WebAVPlayerViewController isPictureInPicturePossible]):
1591         (-[WebAVPlayerViewController isPictureInPictureActive]):
1592         (-[WebAVPlayerViewController isPictureInPictureSuspended]):
1593         (-[WebAVPlayerViewController pictureInPictureActive]):
1594         (-[WebAVPlayerViewController pictureInPictureWasStartedWhenEnteringBackground]):
1595         (-[WebAVPlayerViewController view]):
1596         (-[WebAVPlayerViewController showsPlaybackControls]):
1597         (-[WebAVPlayerViewController setShowsPlaybackControls:]):
1598         (-[WebAVPlayerViewController setAllowsPictureInPicturePlayback:]):
1599         (-[WebAVPlayerViewController setDelegate:]):
1600         (-[WebAVPlayerViewController setPlayerController:]):
1601         (-[WebAVPlayerViewController avPlayerViewController]):
1602         (-[WebAVPlayerViewController removeFromParentViewController]):
1603         (VideoFullscreenInterfaceAVKit::setupFullscreen):
1604         (fallbackViewController):
1605         (VideoFullscreenInterfaceAVKit::presentingViewController):
1606         (VideoFullscreenInterfaceAVKit::shouldExitFullscreenWithReason):
1607         (VideoFullscreenInterfaceAVKit::doSetup):
1608         (WebCore::supportsPictureInPicture):
1609
1610 2018-03-19  Per Arne Vollan  <pvollan@apple.com>
1611
1612         When the WebContent process is blocked from accessing the WindowServer, the call CVDisplayLinkCreateWithCGDisplay will fail.
1613         https://bugs.webkit.org/show_bug.cgi?id=183604
1614         <rdar://problem/38305109>
1615
1616         Reviewed by Brent Fulgham.
1617
1618         The call to CVDisplayLinkCreateWithCGDisplay can instead be made in the UIProcess. Notify the WebContent process
1619         about display updates by sending a message from the UIProcess on each screen update. This patch adds an extra
1620         IPC step when notifying the WebContent process about display updates. However, the MotionMark benchmark shows no
1621         performance regression when running it with this patch. A possible explanation for this is that the high priority
1622         display link thread is now running in the UIProcess instead of the WebContent process, which means there will be
1623         more available CPU resources for the WebContent process. A run loop observer is added to make sure that only one
1624         display callback (for each display observer) is executed in a single iteration of the run loop. This will make
1625         sure we are not filling the IPC message queue with unhandled display link messages.
1626
1627         No new tests, covered by existing tests. 
1628
1629         * platform/graphics/DisplayRefreshMonitor.h:
1630         (WebCore::DisplayRefreshMonitor::displayLinkFired):
1631         * platform/graphics/DisplayRefreshMonitorManager.cpp:
1632         (WebCore::DisplayRefreshMonitorManager::displayWasUpdated):
1633         * platform/graphics/DisplayRefreshMonitorManager.h:
1634         * platform/graphics/mac/DisplayRefreshMonitorMac.h:
1635
1636 2018-03-19  Megan Gardner  <megan_gardner@apple.com>
1637
1638         Ensure local appearance actually mirrors the app's appearance
1639         https://bugs.webkit.org/show_bug.cgi?id=183743
1640
1641         Reviewed by Tim Horton.
1642
1643         Not currently testable, will add tests in a later patch.
1644
1645         Current appearance isn't always accurate by default and needs to be set manually.
1646
1647         * platform/mac/LocalDefaultSystemAppearance.mm:
1648         (WebCore::LocalDefaultSystemAppearance::LocalDefaultSystemAppearance):
1649
1650 2018-03-19  Zan Dobersek  <zdobersek@igalia.com>
1651
1652         Unreviewed GCC 4.9 build-fix after r229672.
1653
1654         * platform/graphics/nicosia/cairo/NicosiaCairoOperationRecorder.cpp:
1655         (Nicosia::createCommand): Don't depend on implicit conversion of the
1656         returning std::unique_ptr<> object, and instead only wrap the
1657         heap-allocated PaintingOperation-derived in a std::unique_ptr<> at the
1658         point of return.
1659
1660 2018-03-18  Commit Queue  <commit-queue@webkit.org>
1661
1662         Unreviewed, rolling out r229689.
1663         https://bugs.webkit.org/show_bug.cgi?id=183735
1664
1665         Causes fast/loader/inner-iframe-loads-data-url-into-parent-on-
1666         unload-crash.html to fail with async delegates (Requested by
1667         cdumez_ on #webkit).
1668
1669         Reverted changeset:
1670
1671         "WebKit.WebsitePoliciesAutoplayQuirks API test times out with
1672         async policy delegates"
1673         https://bugs.webkit.org/show_bug.cgi?id=183702
1674         https://trac.webkit.org/changeset/229689
1675
1676 2018-03-17  Tim Horton  <timothy_horton@apple.com>
1677
1678         Correct redefined fnfErr type
1679         https://bugs.webkit.org/show_bug.cgi?id=183728
1680         <rdar://problem/38590063>
1681
1682         Reviewed by Dan Bernstein.
1683
1684         * platform/network/cf/FormDataStreamCFNet.cpp:
1685         CFStreamError's error parameter takes a SInt32, not an int.
1686         Make sure our redefinition has a compatible type.
1687
1688 2018-03-17  Jiewen Tan  <jiewen_tan@apple.com>
1689
1690         [WebAuthN] Implement authenticatorMakeCredential
1691         https://bugs.webkit.org/show_bug.cgi?id=183527
1692         <rdar://problem/35275886>
1693
1694         Reviewed by Brent Fulgham.
1695
1696         This patch does the following few things:
1697         1) It implements the authenticatorMakeCredential logic from the spec: https://www.w3.org/TR/webauthn/#op-make-cred.
1698         2) It tweaks enocding and deocding of PublicKeyCredentialCreationOptions between UIProccess and WebProcess.
1699         3) It soft links LocalAuthentication.Framework to WebCore, which was linked to WebKit.
1700         4) It creates SPI header for DeviceIdentity.Framework, and provides stubs to link it to WebCore.
1701
1702         Here is a detailed explanantion of 1):
1703         1. A helper class called LocalAuthenticator is crafted to represent Apple platform attached authenticator, i.e.
1704         the devices themselves. All operations are currently restricted to iOS at this moment as macOS lacks attestation
1705         support.
1706         2. To do testing, this helper class is then moved from WebKit to WebCore even though all operations can only happens
1707         in the UIProcess. We currently lack the ability to pretend a https environment in TestWebKitAPI which is required by
1708         the WebAuthN API, and thus it is moved to WebCore to perform unit tesing flavor API tests. This is not enough as it
1709         can't test message exchange between the UI and Web processes. We will address this in a subsequent patch.
1710         3. More on testing: The attestation process is abstracted into a protected method such that the testing enviroment can
1711         override it with self attestation as network access is restricted in the WebKit testing enviroment. Also, swizzlers of
1712         LocalAuthentication API are provided to override the behavoir of LAContext.
1713         4. More on testing: The actual Apple attestation can only happen in real device and with network access, therefore
1714         it can only be covered by manual tests at this moment.
1715         5. Back to LocalAuthenticator, it currently has two public methods:
1716                 5.1. makeCredential(): This method is the one does all the magic.
1717                 + It first checks some parameters.
1718                 + It then invokes LAContext to get user consent.
1719                 + It then talks to Apple Attestation Privacy CA to do attestations.
1720                 + It then stores necessary information into the Keychain.
1721                 + Finally it generates the attestation object.
1722                 5.2 isAvailable():
1723                 To check if a LocalAuthenticator is available or not.
1724         6. Even though files are of .mm format, they are written in a way that mixes NS, CF and C++ types. Here is the rule:
1725                 6.1 Use CF type only if it is requested by APIs.
1726                 6.2 Use NS type to manipulate all Objc objects.
1727                 6.3 Use C++ otherwise.
1728
1729         Covered by API tests.
1730
1731         * Configurations/WebCore.xcconfig:
1732         * Modules/credentialmanagement/CredentialsMessenger.cpp:
1733         (WebCore::getIdFromAttestationObject): Deleted.
1734         Decoding attestation object is tedious. UIProcess will instead return credential ID and attestation object
1735         at the same time. Therefore, this method is removed.
1736         * Modules/credentialmanagement/CredentialsMessenger.h:
1737         (WebCore::CreationReturnBundle::CreationReturnBundle): Deleted.
1738         (WebCore::AssertionReturnBundle::AssertionReturnBundle): Deleted.
1739         * Modules/webauthn/COSEConstants.h: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredentialType.h.
1740         * Modules/webauthn/PublicKeyCredentialCreationOptions.h:
1741         (WebCore::PublicKeyCredentialCreationOptions::isolatedPartialCopyPtr const):
1742         (WebCore::PublicKeyCredentialCreationOptions::Parameters::encode const):
1743         (WebCore::PublicKeyCredentialCreationOptions::Parameters::decode):
1744         (WebCore::PublicKeyCredentialCreationOptions::encode const):
1745         (WebCore::PublicKeyCredentialCreationOptions::decode):
1746         * Modules/webauthn/PublicKeyCredentialDescriptor.h:
1747         (WebCore::PublicKeyCredentialDescriptor::encode const):
1748         (WebCore::PublicKeyCredentialDescriptor::decode):
1749         * Modules/webauthn/PublicKeyCredentialType.h:
1750         * Modules/webauthn/cocoa/LocalAuthenticator.h: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredentialCreationOptions.h.
1751         * Modules/webauthn/cocoa/LocalAuthenticator.mm: Added.
1752         (WebCore::LocalAuthenticatorInternal::freePtrs):
1753         (WebCore::LocalAuthenticator::makeCredential const):
1754         (WebCore::LocalAuthenticator::isAvailable const):
1755         (WebCore::LocalAuthenticator::issueClientCertificate const):
1756         * SourcesCocoa.txt:
1757         * WebCore.xcodeproj/project.pbxproj:
1758         * platform/cocoa/LocalAuthenticationSoftLink.h: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredentialType.h.
1759         * platform/cocoa/LocalAuthenticationSoftLink.mm: Added.
1760         * testing/MockCredentialsMessenger.cpp:
1761         (WebCore::MockCredentialsMessenger::setCreationReturnBundle):
1762         (WebCore::MockCredentialsMessenger::makeCredential):
1763         (WebCore::MockCredentialsMessenger::makeCredentialReply):
1764         (WebCore::MockCredentialsMessenger::setAttestationObject): Deleted.
1765         * testing/MockCredentialsMessenger.h:
1766         * testing/MockCredentialsMessenger.idl:
1767
1768 2018-03-16  Brent Fulgham  <bfulgham@apple.com>
1769
1770         Correct debug assertion in Range::borderAndTextRects
1771         https://bugs.webkit.org/show_bug.cgi?id=183710
1772         <rdar://problem/38466976>
1773
1774         Reviewed by Ryosuke Niwa.
1775
1776         A debug assertion will fire if Range::borderAndTextRects is asked to evaluate a set of selected elements, where one of the elements does not have a parent.
1777
1778         We should consider a nullptr parent as satisfying the condition of a parent not being present in the selection set.
1779
1780         Tests: fast/dom/range/range-selection-empty-body.html
1781
1782         * dom/Range.cpp:
1783         (WebCore::Range::borderAndTextRects const):
1784
1785 2018-03-15  Filip Pizlo  <fpizlo@apple.com>
1786
1787         Put the DOM in IsoHeaps
1788         https://bugs.webkit.org/show_bug.cgi?id=183546
1789
1790         Reviewed by Daniel Bates.
1791
1792         No new tests because no change in behavior.
1793         
1794         This puts all descendants of WebCore::Node in isoheaps, so that UAFs on the DOM cannot be
1795         used for RCE attacks. This probably also makes it harder to use UAFs for UXSS, since it means
1796         that DOM UAFs cannot be used for universal read gadgets.
1797         
1798         This looks neutral on Speedometer and membuster, though I did have one round of testing
1799         that led me to believe that membuster was regressed - I just wasn't able to reproduce that
1800         result on subsequent testing.
1801
1802         * Sources.txt:
1803         * WebCore.xcodeproj/project.pbxproj:
1804         * dom/Attr.cpp:
1805         * dom/Attr.h:
1806         * dom/CDATASection.cpp:
1807         * dom/CDATASection.h:
1808         * dom/CharacterData.cpp:
1809         * dom/CharacterData.h:
1810         * dom/Comment.cpp:
1811         * dom/Comment.h:
1812         * dom/ContainerNode.cpp:
1813         * dom/ContainerNode.h:
1814         * dom/Document.cpp:
1815         * dom/Document.h:
1816         * dom/DocumentFragment.cpp:
1817         * dom/DocumentFragment.h:
1818         * dom/DocumentType.cpp:
1819         * dom/DocumentType.h:
1820         * dom/Node.cpp:
1821         * dom/Node.h:
1822         * dom/ProcessingInstruction.cpp:
1823         * dom/ProcessingInstruction.h:
1824         * dom/PseudoElement.cpp:
1825         * dom/PseudoElement.h:
1826         * dom/ShadowRoot.cpp:
1827         * dom/ShadowRoot.h:
1828         * dom/StyledElement.cpp:
1829         * dom/StyledElement.h:
1830         * dom/TemplateContentDocumentFragment.cpp: Added.
1831         * dom/TemplateContentDocumentFragment.h:
1832         * dom/Text.cpp:
1833         * dom/Text.h:
1834         * dom/XMLDocument.cpp: Added.
1835         * dom/XMLDocument.h:
1836         * html/FTPDirectoryDocument.cpp:
1837         * html/FTPDirectoryDocument.h:
1838         * html/FileInputType.cpp:
1839         * html/HTMLAnchorElement.cpp:
1840         * html/HTMLAnchorElement.h:
1841         * html/HTMLAppletElement.cpp:
1842         * html/HTMLAppletElement.h:
1843         * html/HTMLAreaElement.cpp:
1844         * html/HTMLAreaElement.h:
1845         * html/HTMLAttachmentElement.cpp:
1846         * html/HTMLAttachmentElement.h:
1847         * html/HTMLBDIElement.cpp: Added.
1848         * html/HTMLBDIElement.h:
1849         * html/HTMLBRElement.cpp:
1850         * html/HTMLBRElement.h:
1851         * html/HTMLBaseElement.cpp:
1852         * html/HTMLBaseElement.h:
1853         * html/HTMLBodyElement.cpp:
1854         * html/HTMLBodyElement.h:
1855         * html/HTMLButtonElement.cpp:
1856         * html/HTMLButtonElement.h:
1857         * html/HTMLCanvasElement.cpp:
1858         * html/HTMLCanvasElement.h:
1859         * html/HTMLDListElement.cpp:
1860         * html/HTMLDListElement.h:
1861         * html/HTMLDataElement.cpp:
1862         * html/HTMLDataElement.h:
1863         * html/HTMLDataListElement.cpp:
1864         * html/HTMLDataListElement.h:
1865         * html/HTMLDetailsElement.cpp:
1866         * html/HTMLDetailsElement.h:
1867         * html/HTMLDirectoryElement.cpp:
1868         * html/HTMLDirectoryElement.h:
1869         * html/HTMLDivElement.cpp:
1870         * html/HTMLDivElement.h:
1871         * html/HTMLDocument.cpp:
1872         * html/HTMLDocument.h:
1873         * html/HTMLElement.cpp:
1874         * html/HTMLElement.h:
1875         * html/HTMLEmbedElement.cpp:
1876         * html/HTMLEmbedElement.h:
1877         * html/HTMLFieldSetElement.cpp:
1878         * html/HTMLFieldSetElement.h:
1879         * html/HTMLFontElement.cpp:
1880         * html/HTMLFontElement.h:
1881         * html/HTMLFormControlElement.cpp:
1882         * html/HTMLFormControlElement.h:
1883         * html/HTMLFormControlElementWithState.cpp:
1884         * html/HTMLFormControlElementWithState.h:
1885         * html/HTMLFormElement.cpp:
1886         * html/HTMLFormElement.h:
1887         * html/HTMLFrameElement.cpp:
1888         * html/HTMLFrameElement.h:
1889         * html/HTMLFrameElementBase.cpp:
1890         * html/HTMLFrameElementBase.h:
1891         * html/HTMLFrameOwnerElement.cpp:
1892         * html/HTMLFrameOwnerElement.h:
1893         * html/HTMLFrameSetElement.cpp:
1894         * html/HTMLFrameSetElement.h:
1895         * html/HTMLHRElement.cpp:
1896         * html/HTMLHRElement.h:
1897         * html/HTMLHeadElement.cpp:
1898         * html/HTMLHeadElement.h:
1899         * html/HTMLHeadingElement.cpp:
1900         * html/HTMLHeadingElement.h:
1901         * html/HTMLHtmlElement.cpp:
1902         * html/HTMLHtmlElement.h:
1903         * html/HTMLIFrameElement.cpp:
1904         * html/HTMLIFrameElement.h:
1905         * html/HTMLImageElement.cpp:
1906         * html/HTMLImageElement.h:
1907         * html/HTMLInputElement.cpp:
1908         * html/HTMLInputElement.h:
1909         * html/HTMLKeygenElement.cpp:
1910         * html/HTMLKeygenElement.h:
1911         * html/HTMLLIElement.cpp:
1912         * html/HTMLLIElement.h:
1913         * html/HTMLLabelElement.cpp:
1914         * html/HTMLLabelElement.h:
1915         * html/HTMLLegendElement.cpp:
1916         * html/HTMLLegendElement.h:
1917         * html/HTMLLinkElement.cpp:
1918         * html/HTMLLinkElement.h:
1919         * html/HTMLMapElement.cpp:
1920         * html/HTMLMapElement.h:
1921         * html/HTMLMarqueeElement.cpp:
1922         * html/HTMLMarqueeElement.h:
1923         * html/HTMLMenuElement.cpp:
1924         * html/HTMLMenuElement.h:
1925         * html/HTMLMenuItemElement.cpp:
1926         * html/HTMLMenuItemElement.h:
1927         * html/HTMLMetaElement.cpp:
1928         * html/HTMLMetaElement.h:
1929         * html/HTMLMeterElement.cpp:
1930         * html/HTMLMeterElement.h:
1931         * html/HTMLModElement.cpp:
1932         * html/HTMLModElement.h:
1933         * html/HTMLOListElement.cpp:
1934         * html/HTMLOListElement.h:
1935         * html/HTMLObjectElement.cpp:
1936         * html/HTMLObjectElement.h:
1937         * html/HTMLOptGroupElement.cpp:
1938         * html/HTMLOptGroupElement.h:
1939         * html/HTMLOptionElement.cpp:
1940         * html/HTMLOptionElement.h:
1941         * html/HTMLOutputElement.cpp:
1942         * html/HTMLOutputElement.h:
1943         * html/HTMLParagraphElement.cpp:
1944         * html/HTMLParagraphElement.h:
1945         * html/HTMLParamElement.cpp:
1946         * html/HTMLParamElement.h:
1947         * html/HTMLPictureElement.cpp:
1948         * html/HTMLPictureElement.h:
1949         * html/HTMLPlugInElement.cpp:
1950         * html/HTMLPlugInElement.h:
1951         * html/HTMLPlugInImageElement.cpp:
1952         * html/HTMLPlugInImageElement.h:
1953         * html/HTMLPreElement.cpp:
1954         * html/HTMLPreElement.h:
1955         * html/HTMLProgressElement.cpp:
1956         * html/HTMLProgressElement.h:
1957         * html/HTMLQuoteElement.cpp:
1958         * html/HTMLQuoteElement.h:
1959         * html/HTMLScriptElement.cpp:
1960         * html/HTMLScriptElement.h:
1961         * html/HTMLSelectElement.cpp:
1962         * html/HTMLSelectElement.h:
1963         * html/HTMLSlotElement.cpp:
1964         * html/HTMLSlotElement.h:
1965         * html/HTMLSourceElement.cpp:
1966         * html/HTMLSourceElement.h:
1967         * html/HTMLSpanElement.cpp:
1968         * html/HTMLSpanElement.h:
1969         * html/HTMLStyleElement.cpp:
1970         * html/HTMLStyleElement.h:
1971         * html/HTMLSummaryElement.cpp:
1972         * html/HTMLSummaryElement.h:
1973         * html/HTMLTableCaptionElement.cpp:
1974         * html/HTMLTableCaptionElement.h:
1975         * html/HTMLTableCellElement.cpp:
1976         * html/HTMLTableCellElement.h:
1977         * html/HTMLTableColElement.cpp:
1978         * html/HTMLTableColElement.h:
1979         * html/HTMLTableElement.cpp:
1980         * html/HTMLTableElement.h:
1981         * html/HTMLTablePartElement.cpp:
1982         * html/HTMLTablePartElement.h:
1983         * html/HTMLTableRowElement.cpp:
1984         * html/HTMLTableRowElement.h:
1985         * html/HTMLTableSectionElement.cpp:
1986         * html/HTMLTableSectionElement.h:
1987         * html/HTMLTemplateElement.cpp:
1988         * html/HTMLTemplateElement.h:
1989         * html/HTMLTextAreaElement.cpp:
1990         * html/HTMLTextAreaElement.h:
1991         * html/HTMLTextFormControlElement.cpp:
1992         * html/HTMLTextFormControlElement.h:
1993         * html/HTMLTimeElement.cpp:
1994         * html/HTMLTimeElement.h:
1995         * html/HTMLTitleElement.cpp:
1996         * html/HTMLTitleElement.h:
1997         * html/HTMLTrackElement.cpp:
1998         * html/HTMLTrackElement.h:
1999         * html/HTMLUListElement.cpp:
2000         * html/HTMLUListElement.h:
2001         * html/HTMLUnknownElement.cpp: Added.
2002         * html/HTMLUnknownElement.h:
2003         * html/HTMLWBRElement.cpp:
2004         * html/HTMLWBRElement.h:
2005         * html/ImageDocument.cpp:
2006         * html/ImageDocument.h:
2007         * html/LabelableElement.cpp:
2008         * html/LabelableElement.h:
2009         * html/MediaController.cpp:
2010         (MediaController::create): Deleted.
2011         (MediaController::MediaController): Deleted.
2012         (MediaController::addMediaElement): Deleted.
2013         (MediaController::removeMediaElement): Deleted.
2014         (MediaController::containsMediaElement const): Deleted.
2015         (MediaController::buffered const): Deleted.
2016         (MediaController::seekable const): Deleted.
2017         (MediaController::played): Deleted.
2018         (MediaController::duration const): Deleted.
2019         (MediaController::currentTime const): Deleted.
2020         (MediaController::setCurrentTime): Deleted.
2021         (MediaController::unpause): Deleted.
2022         (MediaController::play): Deleted.
2023         (MediaController::pause): Deleted.
2024         (MediaController::setDefaultPlaybackRate): Deleted.
2025         (MediaController::playbackRate const): Deleted.
2026         (MediaController::setPlaybackRate): Deleted.
2027         (MediaController::setVolume): Deleted.
2028         (MediaController::setMuted): Deleted.
2029         (playbackStateWaiting): Deleted.
2030         (playbackStatePlaying): Deleted.
2031         (playbackStateEnded): Deleted.
2032         (MediaController::playbackState const): Deleted.
2033         (MediaController::reportControllerState): Deleted.
2034         (eventNameForReadyState): Deleted.
2035         (MediaController::updateReadyState): Deleted.
2036         (MediaController::updatePlaybackState): Deleted.
2037         (MediaController::updateMediaElements): Deleted.
2038         (MediaController::bringElementUpToSpeed): Deleted.
2039         (MediaController::isBlocked const): Deleted.
2040         (MediaController::hasEnded const): Deleted.
2041         (MediaController::scheduleEvent): Deleted.
2042         (MediaController::asyncEventTimerFired): Deleted.
2043         (MediaController::clearPositionTimerFired): Deleted.
2044         (MediaController::hasAudio const): Deleted.
2045         (MediaController::hasVideo const): Deleted.
2046         (MediaController::hasClosedCaptions const): Deleted.
2047         (MediaController::setClosedCaptionsVisible): Deleted.
2048         (MediaController::supportsScanning const): Deleted.
2049         (MediaController::beginScrubbing): Deleted.
2050         (MediaController::endScrubbing): Deleted.
2051         (MediaController::beginScanning): Deleted.
2052         (MediaController::endScanning): Deleted.
2053         (MediaController::canPlay const): Deleted.
2054         (MediaController::isLiveStream const): Deleted.
2055         (MediaController::hasCurrentSrc const): Deleted.
2056         (MediaController::returnToRealtime): Deleted.
2057         (MediaController::startTimeupdateTimer): Deleted.
2058         (MediaController::scheduleTimeupdateEvent): Deleted.
2059         * html/MediaDocument.cpp:
2060         * html/MediaDocument.h:
2061         * html/PluginDocument.cpp:
2062         * html/PluginDocument.h:
2063         * html/RubyElement.cpp:
2064         * html/RubyElement.h:
2065         * html/RubyTextElement.cpp:
2066         * html/RubyTextElement.h:
2067         * html/TextDocument.cpp:
2068         * html/TextDocument.h:
2069         * html/shadow/AutoFillButtonElement.cpp:
2070         * html/shadow/AutoFillButtonElement.h:
2071         * html/shadow/DetailsMarkerControl.cpp:
2072         * html/shadow/DetailsMarkerControl.h:
2073         * html/shadow/ImageControlsRootElement.cpp:
2074         * html/shadow/ImageControlsRootElement.h:
2075         * html/shadow/MediaControlElementTypes.cpp:
2076         * html/shadow/MediaControlElementTypes.h:
2077         * html/shadow/MediaControlElements.cpp:
2078         * html/shadow/MediaControlElements.h:
2079         * html/shadow/MediaControls.cpp:
2080         * html/shadow/MediaControls.h:
2081         * html/shadow/ProgressShadowElement.cpp:
2082         * html/shadow/ProgressShadowElement.h:
2083         * html/shadow/SliderThumbElement.cpp:
2084         * html/shadow/SliderThumbElement.h:
2085         * html/shadow/SpinButtonElement.cpp:
2086         * html/shadow/SpinButtonElement.h:
2087         * html/shadow/TextControlInnerElements.cpp:
2088         * html/shadow/TextControlInnerElements.h:
2089         * html/shadow/YouTubeEmbedShadowElement.cpp:
2090         * html/shadow/YouTubeEmbedShadowElement.h:
2091         * html/shadow/mac/ImageControlsButtonElementMac.cpp:
2092         * html/shadow/mac/ImageControlsButtonElementMac.h:
2093         * html/shadow/mac/ImageControlsRootElementMac.cpp:
2094         * html/shadow/mac/ImageControlsRootElementMac.h:
2095         * html/track/TextTrackCueGeneric.cpp:
2096         * html/track/VTTCue.cpp:
2097         * html/track/VTTCue.h:
2098         * html/track/WebVTTElement.cpp:
2099         * html/track/WebVTTElement.h:
2100         * loader/SinkDocument.cpp:
2101         * loader/SinkDocument.h:
2102         * mathml/MathMLAnnotationElement.cpp:
2103         * mathml/MathMLAnnotationElement.h:
2104         * mathml/MathMLElement.cpp:
2105         * mathml/MathMLElement.h:
2106         * mathml/MathMLFractionElement.cpp:
2107         * mathml/MathMLFractionElement.h:
2108         * mathml/MathMLMathElement.cpp:
2109         * mathml/MathMLMathElement.h:
2110         * mathml/MathMLMencloseElement.cpp:
2111         * mathml/MathMLMencloseElement.h:
2112         * mathml/MathMLOperatorElement.cpp:
2113         * mathml/MathMLOperatorElement.h:
2114         * mathml/MathMLPaddedElement.cpp:
2115         * mathml/MathMLPaddedElement.h:
2116         * mathml/MathMLPresentationElement.cpp:
2117         * mathml/MathMLPresentationElement.h:
2118         * mathml/MathMLRootElement.cpp:
2119         * mathml/MathMLRootElement.h:
2120         * mathml/MathMLRowElement.cpp:
2121         * mathml/MathMLRowElement.h:
2122         * mathml/MathMLScriptsElement.cpp:
2123         * mathml/MathMLScriptsElement.h:
2124         * mathml/MathMLSelectElement.cpp:
2125         * mathml/MathMLSelectElement.h:
2126         * mathml/MathMLSpaceElement.cpp:
2127         * mathml/MathMLSpaceElement.h:
2128         * mathml/MathMLTokenElement.cpp:
2129         * mathml/MathMLTokenElement.h:
2130         * mathml/MathMLUnderOverElement.cpp:
2131         * mathml/MathMLUnderOverElement.h:
2132         * mathml/MathMLUnknownElement.cpp: Added.
2133         * mathml/MathMLUnknownElement.h:
2134         * svg/SVGAElement.cpp:
2135         * svg/SVGAElement.h:
2136         * svg/SVGAltGlyphDefElement.cpp:
2137         * svg/SVGAltGlyphDefElement.h:
2138         * svg/SVGAltGlyphElement.cpp:
2139         * svg/SVGAltGlyphElement.h:
2140         * svg/SVGAltGlyphItemElement.cpp:
2141         * svg/SVGAltGlyphItemElement.h:
2142         * svg/SVGAnimateColorElement.cpp:
2143         * svg/SVGAnimateColorElement.h:
2144         * svg/SVGAnimateElement.cpp:
2145         * svg/SVGAnimateElement.h:
2146         * svg/SVGAnimateElementBase.cpp:
2147         * svg/SVGAnimateElementBase.h:
2148         * svg/SVGAnimateMotionElement.cpp:
2149         * svg/SVGAnimateMotionElement.h:
2150         * svg/SVGAnimateTransformElement.cpp:
2151         * svg/SVGAnimateTransformElement.h:
2152         * svg/SVGAnimationElement.cpp:
2153         * svg/SVGAnimationElement.h:
2154         * svg/SVGCircleElement.cpp:
2155         * svg/SVGCircleElement.h:
2156         * svg/SVGClipPathElement.cpp:
2157         * svg/SVGClipPathElement.h:
2158         * svg/SVGComponentTransferFunctionElement.cpp:
2159         * svg/SVGComponentTransferFunctionElement.h:
2160         * svg/SVGCursorElement.cpp:
2161         * svg/SVGCursorElement.h:
2162         * svg/SVGDefsElement.cpp:
2163         * svg/SVGDefsElement.h:
2164         * svg/SVGDescElement.cpp:
2165         * svg/SVGDescElement.h:
2166         * svg/SVGDocument.cpp:
2167         * svg/SVGDocument.h:
2168         * svg/SVGElement.cpp:
2169         * svg/SVGElement.h:
2170         * svg/SVGEllipseElement.cpp:
2171         * svg/SVGEllipseElement.h:
2172         * svg/SVGFEBlendElement.cpp:
2173         * svg/SVGFEBlendElement.h:
2174         * svg/SVGFEColorMatrixElement.cpp:
2175         * svg/SVGFEColorMatrixElement.h:
2176         * svg/SVGFEComponentTransferElement.cpp:
2177         * svg/SVGFEComponentTransferElement.h:
2178         * svg/SVGFECompositeElement.cpp:
2179         * svg/SVGFECompositeElement.h:
2180         * svg/SVGFEConvolveMatrixElement.cpp:
2181         * svg/SVGFEConvolveMatrixElement.h:
2182         * svg/SVGFEDiffuseLightingElement.cpp:
2183         * svg/SVGFEDiffuseLightingElement.h:
2184         * svg/SVGFEDisplacementMapElement.cpp:
2185         * svg/SVGFEDisplacementMapElement.h:
2186         * svg/SVGFEDropShadowElement.cpp:
2187         * svg/SVGFEDropShadowElement.h:
2188         * svg/SVGFEFloodElement.cpp:
2189         * svg/SVGFEFloodElement.h:
2190         * svg/SVGFEGaussianBlurElement.cpp:
2191         * svg/SVGFEGaussianBlurElement.h:
2192         * svg/SVGFEImageElement.cpp:
2193         * svg/SVGFEImageElement.h:
2194         * svg/SVGFELightElement.cpp:
2195         * svg/SVGFELightElement.h:
2196         * svg/SVGFEMergeElement.cpp:
2197         * svg/SVGFEMergeElement.h:
2198         * svg/SVGFEMergeNodeElement.cpp:
2199         * svg/SVGFEMergeNodeElement.h:
2200         * svg/SVGFEMorphologyElement.cpp:
2201         * svg/SVGFEMorphologyElement.h:
2202         * svg/SVGFEOffsetElement.cpp:
2203         * svg/SVGFEOffsetElement.h:
2204         * svg/SVGFESpecularLightingElement.cpp:
2205         * svg/SVGFESpecularLightingElement.h:
2206         * svg/SVGFETileElement.cpp:
2207         * svg/SVGFETileElement.h:
2208         * svg/SVGFETurbulenceElement.cpp:
2209         * svg/SVGFETurbulenceElement.h:
2210         * svg/SVGFilterElement.cpp:
2211         * svg/SVGFilterElement.h:
2212         * svg/SVGFilterPrimitiveStandardAttributes.cpp:
2213         * svg/SVGFilterPrimitiveStandardAttributes.h:
2214         * svg/SVGFontFaceElement.cpp:
2215         * svg/SVGFontFaceElement.h:
2216         * svg/SVGFontFaceFormatElement.cpp:
2217         * svg/SVGFontFaceFormatElement.h:
2218         * svg/SVGFontFaceNameElement.cpp:
2219         * svg/SVGFontFaceNameElement.h:
2220         * svg/SVGFontFaceSrcElement.cpp:
2221         * svg/SVGFontFaceSrcElement.h:
2222         * svg/SVGFontFaceUriElement.cpp:
2223         * svg/SVGFontFaceUriElement.h:
2224         * svg/SVGForeignObjectElement.cpp:
2225         * svg/SVGForeignObjectElement.h:
2226         * svg/SVGGElement.cpp:
2227         * svg/SVGGElement.h:
2228         * svg/SVGGlyphElement.cpp:
2229         * svg/SVGGlyphElement.h:
2230         * svg/SVGGlyphRefElement.cpp:
2231         * svg/SVGGlyphRefElement.h:
2232         * svg/SVGGradientElement.cpp:
2233         * svg/SVGGradientElement.h:
2234         * svg/SVGGraphicsElement.cpp:
2235         * svg/SVGGraphicsElement.h:
2236         * svg/SVGHKernElement.cpp:
2237         * svg/SVGHKernElement.h:
2238         * svg/SVGImageElement.cpp:
2239         * svg/SVGImageElement.h:
2240         * svg/SVGLineElement.cpp:
2241         * svg/SVGLineElement.h:
2242         * svg/SVGLinearGradientElement.cpp:
2243         * svg/SVGLinearGradientElement.h:
2244         * svg/SVGMPathElement.cpp:
2245         * svg/SVGMPathElement.h:
2246         * svg/SVGMarkerElement.cpp:
2247         * svg/SVGMarkerElement.h:
2248         * svg/SVGMaskElement.cpp:
2249         * svg/SVGMaskElement.h:
2250         * svg/SVGMetadataElement.cpp:
2251         * svg/SVGMetadataElement.h:
2252         * svg/SVGMissingGlyphElement.cpp:
2253         * svg/SVGMissingGlyphElement.h:
2254         * svg/SVGPathElement.cpp:
2255         * svg/SVGPathElement.h:
2256         * svg/SVGPatternElement.cpp:
2257         * svg/SVGPatternElement.h:
2258         * svg/SVGPolyElement.cpp:
2259         * svg/SVGPolyElement.h:
2260         * svg/SVGPolygonElement.cpp:
2261         * svg/SVGPolygonElement.h:
2262         * svg/SVGPolylineElement.cpp:
2263         * svg/SVGPolylineElement.h:
2264         * svg/SVGRadialGradientElement.cpp:
2265         * svg/SVGRadialGradientElement.h:
2266         * svg/SVGRectElement.cpp:
2267         * svg/SVGRectElement.h:
2268         * svg/SVGSVGElement.cpp:
2269         * svg/SVGSVGElement.h:
2270         * svg/SVGScriptElement.cpp:
2271         * svg/SVGScriptElement.h:
2272         * svg/SVGSetElement.cpp:
2273         * svg/SVGSetElement.h:
2274         * svg/SVGStopElement.cpp:
2275         * svg/SVGStopElement.h:
2276         * svg/SVGStyleElement.cpp:
2277         * svg/SVGStyleElement.h:
2278         * svg/SVGSwitchElement.cpp:
2279         * svg/SVGSwitchElement.h:
2280         * svg/SVGSymbolElement.cpp:
2281         * svg/SVGSymbolElement.h:
2282         * svg/SVGTRefElement.cpp:
2283         * svg/SVGTRefElement.h:
2284         * svg/SVGTSpanElement.cpp:
2285         * svg/SVGTSpanElement.h:
2286         * svg/SVGTextContentElement.cpp:
2287         * svg/SVGTextContentElement.h:
2288         * svg/SVGTextElement.cpp:
2289         * svg/SVGTextElement.h:
2290         * svg/SVGTextPathElement.cpp:
2291         * svg/SVGTextPathElement.h:
2292         * svg/SVGTextPositioningElement.cpp:
2293         * svg/SVGTextPositioningElement.h:
2294         * svg/SVGTitleElement.cpp:
2295         * svg/SVGTitleElement.h:
2296         * svg/SVGUnknownElement.cpp: Added.
2297         * svg/SVGUnknownElement.h:
2298         * svg/SVGUseElement.cpp:
2299         * svg/SVGUseElement.h:
2300         * svg/SVGVKernElement.cpp:
2301         * svg/SVGVKernElement.h:
2302         * svg/SVGViewElement.cpp:
2303         * svg/SVGViewElement.h:
2304         * svg/animation/SVGSMILElement.cpp:
2305         * svg/animation/SVGSMILElement.h:
2306
2307 2018-03-16  Youenn Fablet  <youenn@apple.com>
2308
2309         Ensure Document::responseReceived and clearResource are called on the main thread
2310         https://bugs.webkit.org/show_bug.cgi?id=183709
2311
2312         Reviewed by Chris Dumez.
2313
2314         No change of behavior.
2315
2316         * loader/DocumentLoader.cpp:
2317         (WebCore::DocumentLoader::responseReceived):
2318         (WebCore::DocumentLoader::clearMainResource):
2319
2320 2018-03-16  Chris Dumez  <cdumez@apple.com>
2321
2322         WebKit.WebsitePoliciesAutoplayQuirks API test times out with async policy delegates
2323         https://bugs.webkit.org/show_bug.cgi?id=183702
2324
2325         Reviewed by Alex Christensen.
2326
2327         The issue is that the test calls loadHTMLString then loadRequest right after, without
2328         waiting for the first load to complete first. loadHTMLString is special as it relies
2329         on substitute data and which schedules a timer to commit the data. When doing the
2330         navigation policy check for the following loadRequest(), the substitute data timer
2331         would fire and commit its data and load. This would in turn cancel the pending
2332         navigation policy check for the loadRequest().
2333
2334         With sync policy delegates, this is not an issue because we take care of stopping
2335         all loaders when receiving the policy decision, which happens synchronously. However,
2336         when the policy decision happens asynchronously, the pending substitute data load
2337         does not get cancelled in time and it gets committed.
2338
2339         To address the issue, this patch updates loadWithDocumentLoader() to cancel any
2340         provisional load when there is an asynchronous navigation policy decision pending.
2341
2342         Change covered by new API test.
2343
2344         * loader/FrameLoader.cpp:
2345         (WebCore::FrameLoader::loadWithDocumentLoader):
2346
2347 2018-03-16  Brent Fulgham  <bfulgham@apple.com>
2348
2349         Set a trap to catch an infrequent form-related nullptr crash
2350         https://bugs.webkit.org/show_bug.cgi?id=183704
2351         <rdar://problem/37579354>
2352
2353         Reviewed by Ryosuke Niwa.
2354
2355         Make FormState a FrameDestructionObserver. We expect all relevant FormState objects to have been
2356         cleaned up prior to the frame being destroyed. If we find such a case, we'd like to see the
2357         stack trace to see what's going on.
2358
2359         * loader/FormState.cpp:
2360         (WebCore::FormState::FormState):
2361         (WebCore::FormState::willDetachPage): RELEASE_ASSERT_NOT_REACHED if we ever get here.
2362         * loader/FormState.h:
2363
2364 2018-03-16  Joanmarie Diggs  <jdiggs@igalia.com>
2365
2366         AX: AccessibilityNodeObject::textForLabelElement() doesn't follow AccName calculation rules
2367         https://bugs.webkit.org/show_bug.cgi?id=183661
2368
2369         Reviewed by Chris Fleizach.
2370
2371         Have AccessibilityNodeObject::textForLabelElement() return the value from
2372         accessibleNameForNode() instead of innerText(). The former falls back on
2373         the latter if there is no author-provided accessible name.
2374
2375         Tests: accessibility/aria-label-on-label-element.html
2376                accessibility/label-with-pseudo-elements.html
2377
2378         * accessibility/AccessibilityNodeObject.cpp:
2379         (WebCore::AccessibilityNodeObject::textForLabelElement const):
2380         (WebCore::AccessibilityNodeObject::titleElementText const):
2381
2382 2018-03-16  Basuke Suzuki  <Basuke.Suzuki@sony.com>
2383
2384         [Curl] Fix crash on websocket with bad handshake message.
2385         https://bugs.webkit.org/show_bug.cgi?id=183686
2386
2387         Reviewed by Youenn Fablet.
2388
2389         The closing cleanup was called multiple times. Add flag to detect
2390         it is already closed or not.
2391
2392         No new tests because it is covered by existing test:
2393         - LayoutTests/http/tests/websocket/tests/hybi/bad-handshake-crash.html
2394
2395         * platform/network/curl/SocketStreamHandleImpl.h:
2396         * platform/network/curl/SocketStreamHandleImplCurl.cpp:
2397         (WebCore::SocketStreamHandleImpl::platformClose):
2398         (WebCore::SocketStreamHandleImpl::didReceiveData):
2399
2400 2018-03-16  Jer Noble  <jer.noble@apple.com>
2401
2402         Make Fullscreen API an Experimental Feature
2403         https://bugs.webkit.org/show_bug.cgi?id=183662
2404
2405         Reviewed by Jon Lee.
2406
2407         The Fullscreen APIs should be guarded by a Setting, so they are not present in the DOM when the
2408         Experimental Feature is disabled.
2409
2410         * dom/Document.idl:
2411         * dom/Element.idl:
2412
2413 2018-03-16  Megan Gardner  <megan_gardner@apple.com>
2414
2415         Ensure that style is updated when the effective appearance changes
2416         https://bugs.webkit.org/show_bug.cgi?id=183690
2417         <rdar://problem/38385900>
2418
2419         Reviewed by Tim Horton and Wenson Hsieh.
2420
2421         Only exposing a function to outside WebCore, no tests needed.
2422
2423         * page/Page.h:
2424
2425 2018-03-16  Chris Dumez  <cdumez@apple.com>
2426
2427         WebKit.RestoreSessionStateContainingScrollRestorationDefault API test is failing with async policy delegates
2428         https://bugs.webkit.org/show_bug.cgi?id=183679
2429
2430         Reviewed by Alex Christensen.
2431
2432         Update CachedRawResource::didAddClient() to not send data until we've received
2433         the policy decision for the response.
2434
2435         No new tests, covered by new API test.
2436
2437         * loader/DocumentLoader.cpp:
2438         (WebCore::DocumentLoader::handleSubstituteDataLoadNow):
2439         (WebCore::DocumentLoader::responseReceived):
2440         * loader/DocumentLoader.h:
2441         * loader/DocumentThreadableLoader.cpp:
2442         (WebCore::DocumentThreadableLoader::responseReceived):
2443         * loader/DocumentThreadableLoader.h:
2444         * loader/MediaResourceLoader.cpp:
2445         (WebCore::MediaResource::responseReceived):
2446         * loader/MediaResourceLoader.h:
2447         * loader/appcache/ApplicationCacheResourceLoader.cpp:
2448         (WebCore::ApplicationCacheResourceLoader::responseReceived):
2449         * loader/appcache/ApplicationCacheResourceLoader.h:
2450         * loader/cache/CachedRawResource.cpp:
2451         (WebCore::CachedRawResource::didAddClient):
2452         (WebCore::CachedRawResource::responseReceived):
2453         * loader/cache/CachedRawResourceClient.h:
2454         (WebCore::CachedRawResourceClient::responseReceived):
2455         * loader/cache/KeepaliveRequestTracker.cpp:
2456         (WebCore::KeepaliveRequestTracker::responseReceived):
2457         * loader/cache/KeepaliveRequestTracker.h:
2458         * platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.h:
2459         * platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm:
2460         (WebCore::WebCoreAVFResourceLoader::responseReceived):
2461
2462 2018-03-16  Youenn Fablet  <youenn@apple.com>
2463
2464         Name Service Worker threads differently from regular Worker threads
2465         https://bugs.webkit.org/show_bug.cgi?id=183698
2466
2467         Reviewed by Chris Dumez.
2468
2469         No observable change of behavior.
2470         For debugging purposes, knowing that a thread is a service worker thread might help give context.
2471         It might also identify on a crash log whether the process is a service worker process or a regular web process.
2472
2473         * workers/WorkerThread.cpp:
2474         (WebCore::WorkerThread::start):
2475         * workers/WorkerThread.h:
2476         (WebCore::WorkerThread::isServiceWorkerThread const):
2477         * workers/service/context/ServiceWorkerThread.h:
2478
2479 2018-03-16  Youenn Fablet  <youenn@apple.com>
2480
2481         IceCandidates leak on webrtc/datachannel/basic.html and other tests
2482         https://bugs.webkit.org/show_bug.cgi?id=183676
2483         <rdar://problem/36116228>
2484
2485         Reviewed by Eric Carlson.
2486
2487         Covered by manual testing using --leaks option on WK1.
2488         WebKit should not release the candidates since libwebrtc is not taking ownership.
2489
2490         * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.cpp:
2491         (WebCore::LibWebRTCPeerConnectionBackend::doSetLocalDescription):
2492         (WebCore::LibWebRTCPeerConnectionBackend::doSetRemoteDescription):
2493
2494 2018-03-16  Zan Dobersek  <zdobersek@igalia.com>
2495
2496         [Nicosia] Add Cairo-specific GraphicsContext operation recorder
2497         https://bugs.webkit.org/show_bug.cgi?id=183593
2498
2499         Reviewed by Carlos Garcia Campos.
2500
2501         Add Nicosia::CairoOperationRecorder, GraphicsContextImpl implementation
2502         that records all GraphicsContext operations for deferred replay on a
2503         different thread. Recording here mostly consists of storing all the
2504         Cairo resources in a thread-safe manner, which is eased by the atomic
2505         reference counting used in Cairo.
2506
2507         Nicosia::PaintingOperation derivatives are used for operations or state
2508         updates that require recording. Instances of these classes are appended
2509         to a Vector<> object that is then pushed into a thread pool in
2510         Nicosia::PaintingEngineThreaded , replaying all the operations against
2511         the Cairo context established from an associated target Nicosia::Buffer.
2512
2513         This GraphicsContextImpl implementation is now used in the
2514         PaintingContextCairo::ForRecording constructor to construct the
2515         GraphicsContext implementation that will be used for recording.
2516
2517         * platform/TextureMapper.cmake:
2518         * platform/graphics/nicosia/cairo/NicosiaCairoOperationRecorder.cpp: Added.
2519         (Nicosia::getContext):
2520         (Nicosia::OperationData::arg const const):
2521         (Nicosia::createCommand):
2522         (Nicosia::CairoOperationRecorder::CairoOperationRecorder):
2523         (Nicosia::m_commandList):
2524         (Nicosia::CairoOperationRecorder::updateState):
2525         (Nicosia::CairoOperationRecorder::clearShadow):
2526         (Nicosia::CairoOperationRecorder::setLineCap):
2527         (Nicosia::CairoOperationRecorder::setLineDash):
2528         (Nicosia::CairoOperationRecorder::setLineJoin):
2529         (Nicosia::CairoOperationRecorder::setMiterLimit):
2530         (Nicosia::CairoOperationRecorder::fillRect):
2531         (Nicosia::CairoOperationRecorder::fillRoundedRect):
2532         (Nicosia::CairoOperationRecorder::fillRectWithRoundedHole):
2533         (Nicosia::CairoOperationRecorder::fillPath):
2534         (Nicosia::CairoOperationRecorder::fillEllipse):
2535         (Nicosia::CairoOperationRecorder::strokeRect):
2536         (Nicosia::CairoOperationRecorder::strokePath):
2537         (Nicosia::CairoOperationRecorder::strokeEllipse):
2538         (Nicosia::CairoOperationRecorder::clearRect):
2539         (Nicosia::CairoOperationRecorder::drawGlyphs):
2540         (Nicosia::CairoOperationRecorder::drawImage):
2541         (Nicosia::CairoOperationRecorder::drawTiledImage):
2542         (Nicosia::CairoOperationRecorder::drawNativeImage):
2543         (Nicosia::CairoOperationRecorder::drawPattern):
2544         (Nicosia::CairoOperationRecorder::drawRect):
2545         (Nicosia::CairoOperationRecorder::drawLine):
2546         (Nicosia::CairoOperationRecorder::drawLinesForText):
2547         (Nicosia::CairoOperationRecorder::drawLineForDocumentMarker):
2548         (Nicosia::CairoOperationRecorder::drawEllipse):
2549         (Nicosia::CairoOperationRecorder::drawPath):
2550         (Nicosia::CairoOperationRecorder::drawFocusRing):
2551         (Nicosia::CairoOperationRecorder::save):
2552         (Nicosia::CairoOperationRecorder::restore):
2553         (Nicosia::CairoOperationRecorder::translate):
2554         (Nicosia::CairoOperationRecorder::rotate):
2555         (Nicosia::CairoOperationRecorder::scale):
2556         (Nicosia::CairoOperationRecorder::concatCTM):
2557         (Nicosia::CairoOperationRecorder::setCTM):
2558         (Nicosia::CairoOperationRecorder::getCTM):
2559         (Nicosia::CairoOperationRecorder::beginTransparencyLayer):
2560         (Nicosia::CairoOperationRecorder::endTransparencyLayer):
2561         (Nicosia::CairoOperationRecorder::clip):
2562         (Nicosia::CairoOperationRecorder::clipOut):
2563         (Nicosia::CairoOperationRecorder::clipPath):
2564         (Nicosia::CairoOperationRecorder::clipBounds):
2565         (Nicosia::CairoOperationRecorder::applyDeviceScaleFactor):
2566         (Nicosia::CairoOperationRecorder::roundToDevicePixels):
2567         (Nicosia::CairoOperationRecorder::append):
2568         * platform/graphics/nicosia/cairo/NicosiaCairoOperationRecorder.h: Added.
2569         * platform/graphics/nicosia/cairo/NicosiaPaintingContextCairo.cpp:
2570         (Nicosia::PaintingContextCairo::ForRecording::ForRecording):
2571
2572 2018-03-16  Zan Dobersek  <zdobersek@igalia.com>
2573
2574         [TexMap] Clean up TextureMapperLayer constructor
2575         https://bugs.webkit.org/show_bug.cgi?id=183634
2576
2577         Reviewed by Michael Catanzaro.
2578
2579         In the TextureMapperLayer header, only declare the constructor, and move
2580         all the previous member initialization to the point of declaration of
2581         these member variables.
2582
2583         In the TextureMapperLayer implementation file, the constructor and
2584         destructor are moved into proper order at the top of the file. The
2585         former is defaulted, and the latter remains unchanged.
2586
2587         No change in behavior.
2588
2589         * platform/graphics/texmap/TextureMapperLayer.cpp:
2590         (WebCore::TextureMapperLayer::~TextureMapperLayer):
2591         * platform/graphics/texmap/TextureMapperLayer.h:
2592
2593 2018-03-16  Miguel Gomez  <magomez@igalia.com>
2594
2595         [GTK] When using EGL, request an OpenGL core profile when possible
2596         https://bugs.webkit.org/show_bug.cgi?id=178719
2597
2598         Reviewed by Carlos Garcia Campos.
2599
2600         When using EGL and OpenGL, try to request a context with version >= 3.2 with a core profile
2601         whenever possible. In order to to this, we require EGL version 1.5 or version 1.4 with the
2602         extension EGL_KHR_create_context. If EGL requirements are not met, or we cannot get a
2603         context with version >= 3.2 then use whatever EGL gives us.
2604
2605         Covered by existent tests.
2606
2607         * platform/graphics/egl/GLContextEGL.cpp:
2608         (WebCore::GLContextEGL::createWindowContext):
2609         (WebCore::GLContextEGL::createPbufferContext):
2610         (WebCore::GLContextEGL::createSurfacelessContext):
2611         (WebCore::GLContextEGL::createContextForEGLVersion):
2612         * platform/graphics/egl/GLContextEGL.h:
2613         * platform/graphics/egl/GLContextEGLWPE.cpp:
2614         (WebCore::GLContextEGL::createWPEContext):
2615         * platform/graphics/egl/GLContextEGLWayland.cpp:
2616         (WebCore::GLContextEGL::createWaylandContext):
2617         * platform/graphics/egl/GLContextEGLX11.cpp:
2618         (WebCore::GLContextEGL::createPixmapContext):
2619
2620 2018-03-16  Zan Dobersek  <zdobersek@igalia.com>
2621
2622         [TexMap] Don't use the TextureMapperAnimation::Client interface to apply animation
2623         https://bugs.webkit.org/show_bug.cgi?id=183656
2624
2625         Reviewed by Carlos Garcia Campos.
2626
2627         Don't have the TextureMapperLayer class inherit from the
2628         TextureMapperAnimation::Client interface just for the purposes of
2629         synchronization of animation-affected attributes in syncAnimations().
2630         For that purpose it's enough to provide a struct that is passed to that
2631         method, and with the TextureMapperAnimation class filling out any of the
2632         animated attributes that need to be updated.
2633
2634         TextureMapperAnimation::ApplicationResult struct is introducted for that
2635         purpose. std::optional<> members in it are assigned values during the
2636         application process, if an appropriate animation affects them. The
2637         relevant member values in TextureMapperLayer are then updated, or value
2638         from the default state is used.
2639
2640         TextureMapperAnimation::Client is removed.
2641
2642         No new tests -- no change in behavior.
2643
2644         * platform/graphics/texmap/TextureMapperAnimation.cpp:
2645         (WebCore::TextureMapperAnimation::apply):
2646         (WebCore::TextureMapperAnimation::applyInternal):
2647         (WebCore::TextureMapperAnimations::apply):
2648         * platform/graphics/texmap/TextureMapperAnimation.h:
2649         * platform/graphics/texmap/TextureMapperLayer.cpp:
2650         (WebCore::TextureMapperLayer::syncAnimations):
2651         (WebCore::TextureMapperLayer::setAnimatedTransform): Deleted.
2652         (WebCore::TextureMapperLayer::setAnimatedOpacity): Deleted.
2653         (WebCore::TextureMapperLayer::setAnimatedFilters): Deleted.
2654         * platform/graphics/texmap/TextureMapperLayer.h:
2655
2656 2018-03-16  Devin Rousso  <webkit@devinrousso.com>
2657
2658         Web Inspector: Canvas Tab: main WebGL canvas on acko.net has no reported size
2659         https://bugs.webkit.org/show_bug.cgi?id=178798
2660         <rdar://problem/35175740>
2661
2662         Reviewed by Brian Burg.
2663
2664         When the main frame navigates, the DOMAgent would recieve two InspectorInstrumentation calls,
2665         one when the frame begins its navigation and the other when the document for that frame has
2666         loaded. Both of these would discard the DOMAgent's bindings, which included the map of
2667         `nodeId`s. This was an issue for canvases, as the frontend would be notified whenever any
2668         canvas is created, which would usually occur before the `DOMContentLoaded` event is fired.
2669         As a result, the canvases would attempt to retrieve their associated node, only to have the
2670         DOMAgent discard those bindings quickly thereafter.
2671
2672         This patch removes DOMAgent's and DOMDebuggerAgent's (parity) instrumentation hooks for the
2673         latter event, ensuring that the bindings are only discarded once.
2674
2675         * inspector/agents/InspectorDOMAgent.h:
2676         * inspector/agents/InspectorDOMAgent.cpp:
2677         (WebCore::InspectorDOMAgent::mainFrameDOMContentLoaded): Deleted.
2678
2679         * inspector/agents/InspectorDOMDebuggerAgent.h:
2680         * inspector/agents/InspectorDOMDebuggerAgent.cpp:
2681         (WebCore::InspectorDOMDebuggerAgent::frameDocumentUpdated): Added.
2682         (WebCore::InspectorDOMDebuggerAgent::mainFrameDOMContentLoaded): Deleted.
2683
2684         * inspector/InspectorInstrumentation.cpp:
2685         (WebCore::InspectorInstrumentation::domContentLoadedEventFiredImpl):
2686         (WebCore::InspectorInstrumentation::frameDocumentUpdatedImpl):
2687
2688 2018-03-15  Tim Horton  <timothy_horton@apple.com>
2689
2690         Include CADisplayLink explicitly where needed, instead of all of CA
2691         https://bugs.webkit.org/show_bug.cgi?id=183689
2692         <rdar://problem/38528719>
2693
2694         Reviewed by Wenson Hsieh.
2695
2696         * platform/graphics/ios/DisplayRefreshMonitorIOS.mm:
2697
2698 2018-03-15  Tim Horton  <timothy_horton@apple.com>
2699
2700         Include MobileCoreServices in the WebCore prefix header
2701         https://bugs.webkit.org/show_bug.cgi?id=183688
2702         <rdar://problem/38527621>
2703
2704         Reviewed by Dan Bernstein.
2705
2706         * WebCorePrefix.h:
2707
2708 2018-03-15  Megan Gardner  <megan_gardner@apple.com>
2709
2710         Create MediaQueryParserContext to provide additional context for the evaluation of media queries
2711         https://bugs.webkit.org/show_bug.cgi?id=183677
2712
2713         Reviewed by Tim Horton.
2714
2715         We need additional context for parsing media queries to make sure they are parsed correctly and valid.
2716
2717         Not currently testable, will add tests in a later patch.
2718
2719         * WebCore.xcodeproj/project.pbxproj:
2720         * css/MediaList.cpp:
2721         (WebCore::MediaQuerySet::create):
2722         (WebCore::MediaQuerySet::set):
2723         (WebCore::MediaQuerySet::add):
2724         (WebCore::MediaQuerySet::remove):
2725         * css/MediaList.h:
2726         * css/MediaQueryEvaluator.cpp:
2727         (WebCore::MediaQueryEvaluator::mediaAttributeMatches):
2728         * css/MediaQueryExpression.cpp:
2729         (WebCore::featureWithValidIdent):
2730         (WebCore::featureWithValidDensity):
2731         (WebCore::featureWithValidPositiveLength):
2732         (WebCore::featureWithPositiveInteger):
2733         (WebCore::featureWithPositiveNumber):
2734         (WebCore::featureWithZeroOrOne):
2735         (WebCore::isFeatureValidWithoutValue):
2736         (WebCore::MediaQueryExpression::MediaQueryExpression):
2737         * css/MediaQueryExpression.h:
2738         * css/MediaQueryMatcher.cpp:
2739         (WebCore::MediaQueryMatcher::matchMedia):
2740         * css/MediaQueryParserContext.cpp: Added.
2741         (WebCore::MediaQueryParserContext::MediaQueryParserContext):
2742         * css/MediaQueryParserContext.h: Added.
2743         (WebCore::MediaQueryParserContext::MediaQueryParserContext):
2744         * css/StyleMedia.cpp:
2745         (WebCore::StyleMedia::matchMedium const):
2746         * css/StyleRuleImport.cpp:
2747         (WebCore::StyleRuleImport::StyleRuleImport):
2748         (WebCore::StyleRuleImport::setCSSStyleSheet):
2749         * css/parser/CSSParser.cpp:
2750         (WebCore::CSSParserContext::CSSParserContext):
2751         (WebCore::operator==):
2752         * css/parser/CSSParserImpl.cpp:
2753         (WebCore::CSSParserImpl::consumeImportRule):
2754         (WebCore::CSSParserImpl::consumeMediaRule):
2755         * css/parser/MediaQueryParser.cpp:
2756         (WebCore::MediaQueryParser::parseMediaQuerySet):
2757         (WebCore::MediaQueryParser::parseMediaCondition):
2758         (WebCore::MediaQueryParser::MediaQueryParser):
2759         (WebCore::MediaQueryData::addExpression):
2760         * css/parser/MediaQueryParser.h:
2761         (WebCore::MediaQueryData::setMediaQueryParserContext):
2762         * css/parser/SizesAttributeParser.cpp:
2763         (WebCore::SizesAttributeParser::parse):
2764         * dom/DOMImplementation.cpp:
2765         (WebCore::DOMImplementation::createCSSStyleSheet):
2766         * dom/InlineStyleSheetOwner.cpp:
2767         (WebCore::InlineStyleSheetOwner::createSheet):
2768         * dom/ProcessingInstruction.cpp:
2769         (WebCore::ProcessingInstruction::setCSSStyleSheet):
2770         * html/HTMLImageElement.cpp:
2771         (WebCore::HTMLImageElement::bestFitSourceFromPictureElement):
2772         * html/HTMLLinkElement.cpp:
2773         (WebCore::HTMLLinkElement::process):
2774         (WebCore::HTMLLinkElement::initializeStyleSheet):
2775         (WebCore::HTMLLinkElement::setCSSStyleSheet):
2776         * html/HTMLLinkElement.h:
2777         * html/HTMLMediaElement.cpp:
2778         (WebCore::HTMLMediaElement::selectNextSourceChild):
2779         * html/HTMLSourceElement.cpp:
2780         (WebCore::HTMLSourceElement::parsedMediaAttribute const):
2781         * html/HTMLSourceElement.h:
2782         * html/HTMLStyleElement.cpp:
2783         (WebCore::HTMLStyleElement::parseAttribute):
2784         * html/parser/HTMLPreloadScanner.cpp:
2785         (WebCore::TokenPreloadScanner::StartTagScanner::processAttribute):
2786
2787 2018-03-15  Commit Queue  <commit-queue@webkit.org>
2788
2789         Unreviewed, rolling out r229639.
2790         https://bugs.webkit.org/show_bug.cgi?id=183683
2791
2792         it is causing a crash in API tests (Requested by youenn on
2793         #webkit).
2794
2795         Reverted changeset:
2796
2797         "ActiveDOMObject should assert that they are destroyed in the
2798         thread they are created"
2799         https://bugs.webkit.org/show_bug.cgi?id=183671
2800         https://trac.webkit.org/changeset/229639
2801
2802 2018-03-15  Youenn Fablet  <youenn@apple.com>
2803
2804         Bad configuration parameters should make RTCPeerConnection constructor throw
2805         https://bugs.webkit.org/show_bug.cgi?id=183615
2806
2807         Reviewed by Eric Carlson.
2808
2809         Implement more of https://w3c.github.io/webrtc-pc/#set-pc-configuration.
2810         Throw an error whenever underlying libwebrtc set configuration fails.
2811
2812         Covered by rebased test.
2813
2814         * Modules/mediastream/PeerConnectionBackend.h:
2815         * Modules/mediastream/RTCPeerConnection.cpp:
2816         (WebCore::iceServersFromConfiguration):
2817         (WebCore::RTCPeerConnection::initializeConfiguration):
2818         (WebCore::RTCPeerConnection::setConfiguration):
2819         * Modules/mediastream/RTCPeerConnection.js:
2820         (initializeRTCPeerConnection):
2821         * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.h:
2822
2823 2018-03-15  Youenn Fablet  <youenn@apple.com>
2824
2825         replaceTrack triggers negotiationneeded
2826         https://bugs.webkit.org/show_bug.cgi?id=180342
2827         <rdar://problem/35822426>
2828
2829         Reviewed by Eric Carlson.
2830
2831         Covered by updated test.
2832         Fix the case of replacing a track for which data is already flowing.
2833         We should probably do the same for null tracks when fully implementing transceivers.
2834
2835         * Modules/mediastream/RTCPeerConnection.cpp:
2836         (WebCore::RTCPeerConnection::enqueueReplaceTrackTask):
2837
2838 2018-03-15  Keith Rollin  <krollin@apple.com>
2839
2840         Telemetry for stalled webpage loads
2841         https://bugs.webkit.org/show_bug.cgi?id=183221
2842         <rdar://problem/36549013>
2843
2844         Reviewed by Chris Dumez.
2845
2846         Add telemetry for page loads, tracking the pages that succeed, fail,
2847         or are canceled. This information will be used to track the overall
2848         health of our page loading as time goes on.
2849
2850         No new tests -- no new/changed user-level functionality.
2851
2852         * page/DiagnosticLoggingKeys.cpp:
2853         (WebCore::DiagnosticLoggingKeys::telemetryPageLoadKey):
2854         (WebCore::DiagnosticLoggingKeys::timedOutKey):
2855         (WebCore::DiagnosticLoggingKeys::canceledLessThan2SecondsKey):
2856         (WebCore::DiagnosticLoggingKeys::canceledLessThan5SecondsKey):
2857         (WebCore::DiagnosticLoggingKeys::canceledLessThan20SecondsKey):
2858         (WebCore::DiagnosticLoggingKeys::canceledMoreThan20SecondsKey):
2859         (WebCore::DiagnosticLoggingKeys::failedLessThan2SecondsKey):
2860         (WebCore::DiagnosticLoggingKeys::failedLessThan5SecondsKey):
2861         (WebCore::DiagnosticLoggingKeys::failedLessThan20SecondsKey):
2862         (WebCore::DiagnosticLoggingKeys::failedMoreThan20SecondsKey):
2863         (WebCore::DiagnosticLoggingKeys::occurredKey):
2864         (WebCore::DiagnosticLoggingKeys::succeededLessThan2SecondsKey):
2865         (WebCore::DiagnosticLoggingKeys::succeededLessThan5SecondsKey):
2866         (WebCore::DiagnosticLoggingKeys::succeededLessThan20SecondsKey):
2867         (WebCore::DiagnosticLoggingKeys::succeededMoreThan20SecondsKey):
2868         * page/DiagnosticLoggingKeys.h:
2869         * platform/network/cf/ResourceError.h:
2870         (WebCore::ResourceError::ResourceError):
2871         * platform/network/mac/ResourceErrorMac.mm:
2872         (WebCore::ResourceError::ResourceError):
2873         (WebCore::ResourceError::getNSURLErrorDomain const):
2874         (WebCore::ResourceError::getCFErrorDomainCFNetwork const):
2875         (WebCore::ResourceError::mapPlatformError):
2876
2877 2018-03-15  Youenn Fablet  <youenn@apple.com>
2878
2879         ActiveDOMObject should assert that they are destroyed in the thread they are created
2880         https://bugs.webkit.org/show_bug.cgi?id=183671
2881
2882         Reviewed by Chris Dumez.
2883
2884         No change of behavior.
2885         Moved MessagePort assertion to ActiveDOMObject.
2886
2887         * dom/ActiveDOMObject.cpp:
2888         (WebCore::ActiveDOMObject::~ActiveDOMObject):
2889         * dom/ActiveDOMObject.h:
2890         * dom/MessagePort.cpp:
2891         (WebCore::MessagePort::~MessagePort):
2892         * dom/MessagePort.h:
2893
2894 2018-03-15  Youenn Fablet  <youenn@apple.com>
2895
2896         MessagePort is not always destroyed on the right thread
2897         https://bugs.webkit.org/show_bug.cgi?id=183619
2898         <rdar://problem/38204711>
2899
2900         Reviewed by Chris Dumez.
2901
2902         Add assertion to ensure MessagePort is destroyed in the right thread.
2903         Modify methods taking a ref in a lambda to rely on weak pointers and refing the WorkerThread if in a worker context.
2904         It is safe to ref the WorkerThread since it is thread safe ref counted and we are passing the ref to the main thread
2905         where the WorkerThread is expected to be destroyed.
2906
2907         Test: http/tests/workers/worker-messageport-2.html
2908
2909         * dom/MessagePort.cpp:
2910         (WebCore::MessagePort::~MessagePort):
2911         (WebCore::MessagePort::dispatchMessages):
2912         (WebCore::MessagePort::updateActivity):
2913         (WebCore::MessagePort::hasPendingActivity const):
2914         * dom/MessagePort.h:
2915
2916 2018-03-15  Jer Noble  <jer.noble@apple.com>
2917
2918         Adopt new AVURLAssetUseClientURLLoadingExclusively AVURLAsset creation option.
2919         https://bugs.webkit.org/show_bug.cgi?id=183660
2920
2921         Reviewed by Jon Lee.
2922
2923         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
2924         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVAssetForURL):
2925
2926 2018-03-15  Chris Dumez  <cdumez@apple.com>
2927
2928         Unreviewed, fix tiny mistake in r229615 that caused API tests failures.
2929
2930         * workers/service/server/SWServer.cpp:
2931         (WebCore::SWServer::addRegistrationFromStore):
2932
2933 2018-03-15  Zan Dobersek  <zdobersek@igalia.com>
2934
2935         [TexMap] Remove TextureMapperLayer::texture()
2936         https://bugs.webkit.org/show_bug.cgi?id=183635
2937
2938         Reviewed by Michael Catanzaro.
2939
2940         Remove the unused TextureMapperLayer::texture() method. This enables
2941         removing the virtual TextureMapperBackingStore::texture() method, as
2942         well as the implementations of it in TextureMapperTiledBackingStore and
2943         CoordinatedBackingStore classes.
2944
2945         No change in behavior.
2946
2947         * platform/graphics/texmap/TextureMapperBackingStore.h:
2948         * platform/graphics/texmap/TextureMapperLayer.h:
2949         * platform/graphics/texmap/TextureMapperTiledBackingStore.cpp:
2950         (WebCore::TextureMapperTiledBackingStore::texture const): Deleted.
2951         * platform/graphics/texmap/TextureMapperTiledBackingStore.h:
2952
2953 2018-03-15  Zan Dobersek  <zdobersek@igalia.com>
2954
2955         [TexMap] Don't bother caching pattern transform matrix
2956         https://bugs.webkit.org/show_bug.cgi?id=183633
2957
2958         Reviewed by Michael Catanzaro.
2959
2960         Remove the m_patternTransform and m_patternTransformDirty member
2961         variables from the TextureMapperLayer class. These unnecessarily
2962         complicate the state update methods that need to compare the given
2963         attribute against the current state, and only update it if it has
2964         changed.
2965
2966         Instead, compute the pattern TransformationMatrix value on-the-fly in
2967         the paintSelf() method, if at all necessary.
2968
2969         No change in functionality.
2970
2971         * platform/graphics/texmap/TextureMapperLayer.cpp:
2972         (WebCore::TextureMapperLayer::paintSelf):
2973         (WebCore::TextureMapperLayer::setContentsRect):
2974         (WebCore::TextureMapperLayer::setContentsTileSize):
2975         (WebCore::TextureMapperLayer::setContentsTilePhase):
2976         (WebCore::TextureMapperLayer::computePatternTransformIfNeeded): Deleted.
2977         * platform/graphics/texmap/TextureMapperLayer.h:
2978
2979 2018-03-14  John Wilander  <wilander@apple.com>
2980
2981         Resource Load Statistics: Add clearing of storage access to WebResourceLoadStatisticsStore::clearInMemory()
2982         https://bugs.webkit.org/show_bug.cgi?id=183641
2983         <rdar://problem/38469497>
2984
2985         Reviewed by Brent Fulgham and Chris Dumez.
2986
2987         No new tests. This change is to stabilize existing layout tests.
2988         See Ryan Haddad's comment in https://bugs.webkit.org/show_bug.cgi?id=183620.
2989
2990         * platform/network/NetworkStorageSession.h:
2991         * platform/network/cf/NetworkStorageSessionCFNet.cpp:
2992         (WebCore::NetworkStorageSession::removeAllStorageAccess):
2993             New function to clear out all storage access entries.
2994
2995 2018-03-14  Youenn Fablet  <youenn@apple.com>
2996
2997         imported/w3c/web-platform-tests/WebCryptoAPI/wrapKey_unwrapKey/wrapKey_unwrapKey.worker.html is crashing
2998         https://bugs.webkit.org/show_bug.cgi?id=183602
2999
3000         Reviewed by Chris Dumez.
3001
3002         Introduce a map of ScriptExecutionContext that is read/write protected using a Lock.
3003         This allows introducing postTaskTo taking a ScriptExecutionContext identifier and callable from any thread.
3004         Use that method in Crypto instead of refing/unrefing  the context.
3005         Lock only happens if context does some postTask activity. This is governed by calling or not the new contextIdentifier() getter.
3006
3007         Covered by crypto tests no longer failing m_workerGlobalScope->hasOneRef() assertion.
3008
3009         * crypto/CryptoAlgorithm.cpp:
3010         (WebCore::dispatchAlgorithmOperation):
3011         * crypto/algorithms/CryptoAlgorithmECDH.cpp:
3012         (WebCore::CryptoAlgorithmECDH::deriveBits):
3013         * crypto/algorithms/CryptoAlgorithmSHA1.cpp:
3014         (WebCore::CryptoAlgorithmSHA1::digest):
3015         * crypto/algorithms/CryptoAlgorithmSHA224.cpp:
3016         (WebCore::CryptoAlgorithmSHA224::digest):
3017         * crypto/algorithms/CryptoAlgorithmSHA256.cpp:
3018         (WebCore::CryptoAlgorithmSHA256::digest):
3019         * crypto/algorithms/CryptoAlgorithmSHA384.cpp:
3020         (WebCore::CryptoAlgorithmSHA384::digest):
3021         * crypto/algorithms/CryptoAlgorithmSHA512.cpp:
3022         (WebCore::CryptoAlgorithmSHA512::digest):
3023         * crypto/gcrypt/CryptoKeyRSAGCrypt.cpp:
3024         (WebCore::CryptoKeyRSA::generatePair):
3025         * crypto/mac/CryptoKeyRSAMac.cpp:
3026         (WebCore::CryptoKeyRSA::generatePair):
3027         * dom/Document.cpp:
3028         (WebCore::Document::~Document):
3029         * dom/ScriptExecutionContext.cpp:
3030         (WebCore::allScriptExecutionContextsMapLock):
3031         (WebCore::ScriptExecutionContext::ScriptExecutionContext):
3032         (WebCore::ScriptExecutionContext::removeFromContextsMap):
3033         (WebCore::ScriptExecutionContext::checkConsistency const):
3034         (WebCore::ScriptExecutionContext::postTaskTo):
3035         * dom/ScriptExecutionContext.h:
3036         (WebCore::ScriptExecutionContext::contextIdentifier const):
3037         * workers/WorkerGlobalScope.cpp:
3038         (WebCore::WorkerGlobalScope::~WorkerGlobalScope):
3039
3040 2018-03-14  Chris Dumez  <cdumez@apple.com>
3041
3042         Reduce use of SWServerToContextConnection::globalServerToContextConnection()
3043         https://bugs.webkit.org/show_bug.cgi?id=183626
3044
3045         Reviewed by Youenn Fablet.
3046
3047         Reduce use of SWServerToContextConnection::globalServerToContextConnection() as we are moving towards
3048         having multiple context connections.
3049
3050         No new tests, no expected behavior change.
3051
3052         * workers/service/server/SWServer.cpp:
3053         (WebCore::SWServer::matchAll):
3054         (WebCore::SWServer::serverToContextConnectionCreated):
3055         (WebCore::SWServer::runServiceWorkerIfNecessary):
3056         (WebCore::SWServer::runServiceWorker):
3057         (WebCore::SWServer::terminateWorkerInternal):
3058         (WebCore::SWServer::markAllWorkersAsTerminated):
3059         (WebCore::SWServer::workerContextTerminated):
3060         (WebCore::SWServer::fireInstallEvent):
3061         (WebCore::SWServer::fireActivateEvent):
3062         * workers/service/server/SWServer.h:
3063         * workers/service/server/SWServerToContextConnection.cpp:
3064         (WebCore::SWServerToContextConnection::findClientByIdentifier):
3065         (WebCore::SWServerToContextConnection::matchAll):
3066         (WebCore::SWServerToContextConnection::claim):
3067         * workers/service/server/SWServerWorker.cpp:
3068         (WebCore::SWServerWorker::contextConnection):
3069         (WebCore::SWServerWorker::matchAll):
3070         * workers/service/server/SWServerWorker.h:
3071
3072 2018-03-14  Youenn Fablet  <youenn@apple.com>
3073
3074         MessagePort should remove its listeners when being closed
3075         https://bugs.webkit.org/show_bug.cgi?id=183644
3076
3077         Reviewed by Chris Dumez.
3078
3079         Test: http/tests/workers/worker-messageport.html
3080
3081         * dom/MessagePort.cpp:
3082         (WebCore::MessagePort::close):
3083         (WebCore::MessagePort::contextDestroyed):
3084
3085 2018-03-14  Chris Dumez  <cdumez@apple.com>
3086
3087         Drop unnecessary StorageToWebProcessConnection::workerContextProcessConnectionCreated()
3088         https://bugs.webkit.org/show_bug.cgi?id=183624
3089
3090         Reviewed by Youenn Fablet.
3091
3092         Pass in context connection to SWServer::serverToContextConnectionCreated() to avoid
3093         relying on the deprecated globalServerToContextConnection().
3094
3095         No new tests, no expected behavior change.
3096
3097         * workers/service/server/SWServer.cpp:
3098         (WebCore::SWServer::serverToContextConnectionCreated):
3099         * workers/service/server/SWServer.h:
3100
3101 2018-03-14  Mark Lam  <mark.lam@apple.com>
3102
3103         Enhance the MacroAssembler and LinkBuffer to support pointer profiling.
3104         https://bugs.webkit.org/show_bug.cgi?id=183623
3105         <rdar://problem/38443314>
3106
3107         Reviewed by Michael Saboff.
3108
3109         No new tests.  Just adding PtrTags required by new MacroAssembler API.
3110
3111         * cssjit/FunctionCall.h:
3112         (WebCore::FunctionCall::prepareAndCall):
3113         * cssjit/SelectorCompiler.cpp:
3114         (WebCore::SelectorCompiler::SelectorCodeGenerator::compile):
3115
3116 2018-03-14  Chris Fleizach  <cfleizach@apple.com>
3117
3118         AX: Implement accessible dismiss action on iOS
3119         https://bugs.webkit.org/show_bug.cgi?id=183352
3120         <rdar://problem/38161500>
3121
3122         Reviewed by Zalan Bujtas.
3123
3124         Test: accessibility/ios-simulator/AOM-dismiss-event.html
3125
3126         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
3127         (-[WebAccessibilityObjectWrapper accessibilityPerformEscape]):
3128
3129 2018-03-14  Youenn Fablet  <youenn@apple.com>
3130
3131         Update libwebrtc up to 36af4e9614f707f733eb2340fae66d6325aaac5b
3132         https://bugs.webkit.org/show_bug.cgi?id=183481
3133
3134         Reviewed by Eric Carlson.
3135
3136         Covered by existing tests.
3137         Updated libwebrtc binding code.
3138
3139         * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
3140         (WebCore::fillEncodingParameters):
3141         * platform/mediastream/libwebrtc/LibWebRTCAudioModule.h:
3142
3143 2018-03-14  Tim Horton  <timothy_horton@apple.com>
3144
3145         Fix the build after r229567
3146
3147         * Configurations/FeatureDefines.xcconfig:
3148
3149 2018-03-13  John Wilander  <wilander@apple.com>
3150
3151         Resource Load Statistics: Immediately forward cookie access for domains with previous user interaction when there's an opener document
3152         https://bugs.webkit.org/show_bug.cgi?id=183620
3153         <rdar://problem/38431469>
3154
3155         Reviewed by Brent Fulgham.
3156
3157         Tests: http/tests/storageAccess/deny-storage-access-under-opener.html
3158                http/tests/storageAccess/grant-storage-access-under-opener.html
3159
3160         It turns out the fix in https://bugs.webkit.org/show_bug.cgi?id=183577
3161         wasn't enough to address the compatibility issues with popups. Some of
3162         them just detect their unpartitioned cookies, auto-dismiss themselves,
3163         and expect their unpartitioned cookies to be available under the opener
3164         afterwards. We should grant them access if the popup's domain has had
3165         user interaction _previously_.
3166
3167         Note that we still need https://bugs.webkit.org/show_bug.cgi?id=183577
3168         because if the popup's domain has not received user interaction
3169         previously, we will not grant it storage access on just the window open.
3170
3171         * dom/Document.cpp:
3172         (WebCore::Document::hasRequestedPageSpecificStorageAccessWithUserInteraction):
3173         (WebCore::Document::setHasRequestedPageSpecificStorageAccessWithUserInteraction):
3174         (WebCore::Document::hasGrantedPageSpecificStorageAccess): Deleted.
3175         (WebCore::Document::setHasGrantedPageSpecificStorageAccess): Deleted.
3176             Renamed from *Granted* to *Requested* since there is now a case
3177             where access will not be granted, i.e. when the popup domain has
3178             not had user interaction previously.
3179         * dom/Document.h:
3180         * loader/ResourceLoadObserver.cpp:
3181         (WebCore::ResourceLoadObserver::setRequestStorageAccessUnderOpenerCallback):
3182             Renamed *Grant* to *Request*.
3183         (WebCore::ResourceLoadObserver::logUserInteractionWithReducedTimeResolution):
3184         (WebCore::ResourceLoadObserver::logWindowCreation):
3185             New function called from DOMWindow::createWindow().
3186         (WebCore::ResourceLoadObserver::requestStorageAccessUnderOpener):
3187             New convenience function.
3188         (WebCore::ResourceLoadObserver::setGrantStorageAccessUnderOpenerCallback): Deleted.
3189             Renamed *Grant* to *Request*.
3190         * loader/ResourceLoadObserver.h:
3191         * page/DOMWindow.cpp:
3192         (WebCore::DOMWindow::createWindow):
3193             Now calls ResourceLoadObserver::logWindowCreation() if a window
3194             was created and the opener has a document and a page ID.
3195
3196 2018-03-13  Chris Dumez  <cdumez@apple.com>
3197
3198         fast/loader/javascript-url-iframe-remove-on-navigate.html is a flaky crash on iOS with async delegates
3199         https://bugs.webkit.org/show_bug.cgi?id=183610
3200
3201         Reviewed by Youenn Fablet.
3202
3203         The issue was that in DocumentLoader::loadMainResource(), the call to requestMainResource() which
3204         return null due to the load getting cancelled synchronously. If this load is the parent frame's last
3205         pending load, then the 'load' event gets fired in the parent frame. In the test, the parent frame's
3206         load event handler does a document.write() call which blows away the iframe. As a result, when
3207         we return from the requestMainResource(), m_frame is null and we crash later on dereferencing it.
3208
3209         No new tests, covered by fast/loader/javascript-url-iframe-remove-on-navigate-async-delegate.html
3210         which was crashing flakily.
3211
3212         * loader/DocumentLoader.cpp:
3213         (WebCore::DocumentLoader::loadMainResource):
3214
3215 2018-03-13  Jer Noble  <jer.noble@apple.com>
3216
3217         [iOS] Muted media playback can interrupt out-of-process audio
3218         https://bugs.webkit.org/show_bug.cgi?id=183606
3219         <rdar://problem/37466253>
3220
3221         Reviewed by Eric Carlson.
3222
3223         Test: Updated TestWebKitAPI test to verify the correct AVAudioSession category is set.
3224
3225         A non-playing, non-muted media element will cause the AVAudioSession category to be set to
3226         "playing" when a muted media element begins playback. Ignore these non-playing elements for
3227         the purposes of determining the AVAudioSession category.
3228
3229         * platform/audio/cocoa/MediaSessionManagerCocoa.cpp:
3230         (PlatformMediaSessionManager::updateSessionState):
3231
3232 2018-03-13  Youenn Fablet  <youenn@apple.com>
3233
3234         Calling removeTrack with RTCRtpSender does not set SenderTrack to null
3235         https://bugs.webkit.org/show_bug.cgi?id=183308
3236
3237         Reviewed by Eric Carlson.
3238
3239         Covered by updated test.
3240
3241         * Modules/mediastream/RTCRtpSender.cpp:
3242         (WebCore::RTCRtpSender::stop): Set track to null when being stopped i.e. removed.
3243         * Modules/mediastream/RTCRtpSender.h:
3244
3245 2018-03-13  Youenn Fablet  <youenn@apple.com>
3246
3247         Changing link element rel attribute from preload to stylesheet should succeed loading the stylesheet
3248         https://bugs.webkit.org/show_bug.cgi?id=183601
3249         <rdar://problem/38309441>
3250
3251         Reviewed by Antti Koivisto.
3252
3253         Test: http/wpt/preload/change-link-rel-attribute.html
3254
3255         * loader/LinkPreloadResourceClients.h:
3256         (WebCore::LinkPreloadResourceClient::clearResource): Remove the call to CachedResource::cancelLoad.
3257         This call is expected to be called by ResourceLoader when cancelling the load from below CachedResource.
3258         * loader/cache/CachedResource.cpp:
3259         (WebCore::CachedResource::allClientsRemoved): In case of preload,
3260         cancel the load if not finished when there is no more client attached to it.
3261         * loader/cache/CachedResource.h:
3262
3263 2018-03-12  John Wilander  <wilander@apple.com>
3264
3265         Resource Load Statistics: Immediately forward cookie access at user interaction when there's an opener document
3266         https://bugs.webkit.org/show_bug.cgi?id=183577
3267         <rdar://problem/38266987>
3268
3269         Reviewed by Brent Fulgham.
3270
3271         Tested manually on live websites.
3272         No new automated tests because of a bug in WebKitTestRunner:
3273         https://bugs.webkit.org/show_bug.cgi?id=183578
3274         The event sender triggers gestures in the opener rather than
3275         in the popup.
3276
3277         * dom/Document.cpp:
3278         (WebCore::Document::removedLastRef):
3279             Clears the new m_primaryDomainsGrantedPageSpecificStorageAccess.
3280         (WebCore::Document::hasGrantedPageSpecificStorageAccess):
3281         (WebCore::Document::setHasGrantedPageSpecificStorageAccess):
3282         * dom/Document.h:
3283             Added member m_primaryDomainsGrantedPageSpecificStorageAccess
3284             where we store domains that have been granted access.
3285         * loader/ResourceLoadObserver.cpp:
3286         (WebCore::ResourceLoadObserver::setGrantStorageAccessUnderOpenerCallback):
3287         (WebCore::ResourceLoadObserver::logUserInteractionWithReducedTimeResolution):
3288             Now checks if there is a cross-origin opener and if so, immediately
3289             grants cookie access to the popup's domain if it is partitioned or
3290             blocked. 
3291         * loader/ResourceLoadObserver.h:
3292         * platform/network/NetworkStorageSession.h:
3293             Added member m_pagesGrantedStorageAccess.
3294         * platform/network/cf/NetworkStorageSessionCFNet.cpp:
3295         (WebCore::NetworkStorageSession::cookieStoragePartition const):
3296         (WebCore::NetworkStorageSession::hasStorageAccess const):
3297             Renamed from hasStorageAccessForFrame since the frameID now is optional.
3298         (WebCore::NetworkStorageSession::grantStorageAccess):
3299             Renamed from grantStorageAccessForFrame since the frameID now is optional.
3300         (WebCore::NetworkStorageSession::removeStorageAccessForAllFramesOnPage):
3301             Now removes the pageID entry in m_pagesGrantedStorageAccess.
3302         (WebCore::NetworkStorageSession::hasStorageAccessForFrame const): Deleted.
3303             Renamed since the frameID now is optional.
3304         (WebCore::NetworkStorageSession::grantStorageAccessForFrame): Deleted.
3305             Renamed since the frameID now is optional.
3306
3307 2018-03-12  Tim Horton  <timothy_horton@apple.com>
3308
3309         Stop using SDK conditionals to control feature definitions
3310         https://bugs.webkit.org/show_bug.cgi?id=183430
3311         <rdar://problem/38251619>
3312
3313         Reviewed by Dan Bernstein.
3314
3315         * Configurations/FeatureDefines.xcconfig:
3316         * Configurations/WebKitTargetConditionals.xcconfig: Renamed.
3317
3318 2018-03-12  Chris Dumez  <cdumez@apple.com>
3319
3320         Return boolean from DOMTokenList's replace() method
3321         https://bugs.webkit.org/show_bug.cgi?id=183567
3322
3323         Reviewed by Youenn Fablet.
3324
3325         Have DOMTokenList's replace() method return a boolean indicating if the
3326         token was replaced, as per:
3327         - https://dom.spec.whatwg.org/#dom-domtokenlist-replace
3328
3329         This is a recent addition to the DOM specification:
3330         - https://github.com/whatwg/dom/pull/582
3331
3332         No new tests, rebaselined existing test.
3333
3334         * html/DOMTokenList.cpp:
3335         (WebCore::replaceInOrderedSet):
3336         (WebCore::DOMTokenList::replace):
3337         * html/DOMTokenList.h:
3338         * html/DOMTokenList.idl:
3339
3340 2018-03-12  Brian Burg  <bburg@apple.com>
3341
3342         Ignore some deprecation warnings encountered when compiling with newer versions of ICU
3343         https://bugs.webkit.org/show_bug.cgi?id=183584
3344         <rdar://problem/38395317>
3345
3346         Reviewed by Daniel Bates.
3347
3348         Ignore new deprecation warnings. Where a function has more than one
3349         deprecation warning, mark out the entire function so it remains readable.
3350
3351         * editing/TextIterator.cpp:
3352         * platform/graphics/SurrogatePairAwareTextIterator.cpp:
3353         (WebCore::SurrogatePairAwareTextIterator::normalizeVoicingMarks):
3354         * platform/text/TextEncoding.cpp:
3355
3356 2018-03-12  Yoav Weiss  <yoav@yoav.ws>
3357
3358         Runtime flag for link prefetch and remove link subresource.
3359         https://bugs.webkit.org/show_bug.cgi?id=183540
3360
3361         Reviewed by Chris Dumez.
3362
3363         This patch removes the LINK_PREFETCH build time flag, removes
3364         link subresource, adds an off-by-default runtime flag for link
3365         prefetch and makes sure link prefetch only works when this flag is on.
3366
3367         Subresource is removed as it's not a part of any spec, nor supported by any
3368         other browser. It was replaced by link preload.
3369
3370         No new tests as this is not adding any new functionality.
3371
3372         * Configurations/FeatureDefines.xcconfig: Remove the LINK_PREFETCH flag.
3373         * html/LinkRelAttribute.cpp:
3374         (WebCore::LinkRelAttribute::LinkRelAttribute): Put prefetch support behind the runtime flag.
3375         (WebCore::LinkRelAttribute::isSupported): Add prefetch.
3376         * html/LinkRelAttribute.h: Remove the LINK_PREFETCH flag.
3377         * loader/LinkLoader.cpp:
3378         (WebCore::createLinkPreloadResourceClient): Remove the LINK_PREFETCH flag.
3379         (WebCore::LinkLoader::prefetchIfNeeded): Move the prefetch code to `prefetchIfNeeded()`. Remove subresource bits.
3380         (WebCore::LinkLoader::loadLink): Call `prefetchIfNeeded()`.
3381         * loader/LinkLoader.h:
3382         * loader/ResourceLoadInfo.cpp:
3383         (WebCore::toResourceType): Remove the LINK_PREFETCH flag as well as subresource.
3384         * loader/SubresourceLoader.cpp:
3385         (WebCore::logResourceLoaded): Remove the LINK_PREFETCH flag as well as subresource.
3386         * loader/cache/CachedResource.cpp:
3387         (WebCore::CachedResource::defaultPriorityForResourceType): Remove the LINK_PREFETCH flag as well as subresource.
3388         (WebCore::CachedResource::load): Remove the LINK_PREFETCH flag.
3389         * loader/cache/CachedResource.h:
3390         (WebCore::CachedResource::ignoreForRequestCount const): Remove the LINK_PREFETCH flag as well as subresource.
3391         * loader/cache/CachedResourceLoader.cpp:
3392         (WebCore::createResource): Remove the LINK_PREFETCH flag as well as subresource.
3393         (WebCore::CachedResourceLoader::requestLinkResource): Remove subresource.
3394         (WebCore::contentTypeFromResourceType): Remove the LINK_PREFETCH flag as well as subresource.
3395         (WebCore::CachedResourceLoader::checkInsecureContent const): Remove the LINK_PREFETCH flag as well as subresource.
3396         (WebCore::CachedResourceLoader::shouldUpdateCachedResourceWithCurrentRequest): Remove the LINK_PREFETCH flag as well as subresource.
3397         * loader/cache/CachedResourceLoader.h:
3398         * page/RuntimeEnabledFeatures.h:
3399         (WebCore::RuntimeEnabledFeatures::setLinkPrefetchEnabled): Set the prefetch flag.
3400         (WebCore::RuntimeEnabledFeatures::linkPrefetchEnabled const): Get the prefetch flag.
3401
3402 2018-03-12  Youenn Fablet  <youenn@apple.com>
3403
3404         RTCPeerConnection's close method should update signalingState
3405         https://bugs.webkit.org/show_bug.cgi?id=174314
3406         <rdar://problem/33267977>
3407
3408         Reviewed by Eric Carlson.
3409
3410         Covered by rebased test.
3411         Add closed as signalingState enum value.
3412         Set peer connection signaling state to closed once close is called.
3413
3414         * Modules/mediastream/RTCPeerConnection.cpp:
3415         (WebCore::RTCPeerConnection::doClose):
3416         * Modules/mediastream/RTCSignalingState.idl:
3417         * platform/mediastream/RTCSignalingState.h:
3418
3419 2018-03-12  Mark Lam  <mark.lam@apple.com>
3420
3421         Make a NativeFunction into a class to support pointer profiling.
3422         https://bugs.webkit.org/show_bug.cgi?id=183573
3423         <rdar://problem/38384697>
3424
3425         Reviewed by Filip Pizlo.
3426
3427         No new tests because there's no new behavior.  Only updating bindings.
3428
3429         * bindings/scripts/CodeGeneratorJS.pm:
3430         (GenerateHashTableValueArray):
3431         * bindings/scripts/test/JS/JSMapLike.cpp:
3432         * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp:
3433         * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
3434         * bindings/scripts/test/JS/JSTestCEReactions.cpp:
3435         * bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp:
3436         * bindings/scripts/test/JS/JSTestCallTracer.cpp:
3437         * bindings/scripts/test/JS/JSTestDOMJIT.cpp:
3438         * bindings/scripts/test/JS/JSTestEnabledBySetting.cpp:
3439         * bindings/scripts/test/JS/JSTestEventTarget.cpp:
3440         * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
3441         * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp:
3442         * bindings/scripts/test/JS/JSTestInterface.cpp:
3443         * bindings/scripts/test/JS/JSTestIterable.cpp:
3444         * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
3445         * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
3446         * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp:
3447         * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp:
3448         * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.cpp:
3449         * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp:
3450         * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp:
3451         * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp:
3452         * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.cpp:
3453         * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.cpp:
3454         * bindings/scripts/test/JS/JSTestNode.cpp:
3455         * bindings/scripts/test/JS/JSTestObj.cpp:
3456         * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
3457         * bindings/scripts/test/JS/JSTestSerialization.cpp:
3458         * bindings/scripts/test/JS/JSTestSerializationInherit.cpp:
3459         * bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp:
3460         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
3461         * bindings/scripts/test/JS/JSTestStringifier.cpp:
3462         * bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.cpp:
3463         * bindings/scripts/test/JS/JSTestStringifierNamedOperation.cpp:
3464         * bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.cpp:
3465         * bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.cpp:
3466         * bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.cpp:
3467         * bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.cpp:
3468         * bindings/scripts/test/JS/JSTestTypedefs.cpp:
3469
3470 2018-03-12  Tim Horton  <timothy_horton@apple.com>
3471
3472         Use a different SPI header for some AudioToolbox enums
3473         https://bugs.webkit.org/show_bug.cgi?id=183574
3474         <rdar://problem/38385889>
3475
3476         Reviewed by Anders Carlsson.
3477
3478         * platform/audio/ios/AudioDestinationIOS.cpp:
3479         * platform/mediastream/mac/AudioTrackPrivateMediaStreamCocoa.cpp:
3480         Adjust SPI imports.
3481
3482 2018-03-12  Danyao Wang  <danyao@chromium.org>
3483
3484         Add a query and fragment exception to history API's unique origin restriction.
3485         https://bugs.webkit.org/show_bug.cgi?id=183028
3486
3487         Reviewed by Brent Fulgham.
3488
3489         Tests: http/tests/navigation/pushstate-at-unique-origin-denied.php
3490                Tools/TestWebKitAPI/Tests/WebCore/URL.cpp
3491
3492         * page/History.cpp:
3493         (WebCore::History::stateObjectAdded):
3494
3495 2018-03-12  Antti Koivisto  <antti@apple.com>
3496
3497         Don't invalidate descendants for nth pseudo classes unless needed
3498         https://bugs.webkit.org/show_bug.cgi?id=183566
3499
3500         Reviewed by Zalan Bujtas.
3501
3502         We currently invalidate the whole subtrees that may match :nth-child and similar. In many common
3503         cases we know that only the direct siblings may be affected.
3504
3505         * css/SelectorChecker.cpp:
3506         (WebCore::localContextForParent):
3507         (WebCore::SelectorChecker::matchRecursively const):
3508
3509             Track if the context matches the subject element if the selector or its siblings only.
3510
3511         (WebCore::SelectorChecker::checkOne const):
3512
3513             Use different bits of descendant and child invalidation cases.
3514
3515         * cssjit/SelectorCompiler.cpp:
3516         (WebCore::SelectorCompiler::fragmentMatchesRightmostOrAdjacentElement):
3517         (WebCore::SelectorCompiler::constructFragmentsInternal):
3518
3519             Track if the context matches the subject element if the selector or its siblings only.
3520
3521         (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsNthChild):
3522         (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsNthChildOf):
3523         (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsNthLastChild):
3524
3525             Use different bits of descendant and child invalidation cases.
3526
3527         * dom/Element.cpp:
3528         (WebCore::invalidateForForwardPositionalRules):
3529         (WebCore::invalidateForBackwardPositionalRules):
3530
3531             Invalidate more precisely based on the new bits.
3532
3533         (WebCore::checkForSiblingStyleChanges):
3534         (WebCore::Element::setDescendantsAffectedByForwardPositionalRules):
3535         (WebCore::Element::setDescendantsAffectedByBackwardPositionalRules):
3536         (WebCore::Element::hasFlagsSetDuringStylingOfChildren const):
3537         (WebCore::Element::rareDataDescendantsAffectedByForwardPositionalRules const):
3538         (WebCore::Element::rareDataDescendantsAffectedByBackwardPositionalRules const):
3539
3540             New bits.
3541
3542         * dom/Element.h:
3543         (WebCore::Element::descendantsAffectedByForwardPositionalRules const):
3544         (WebCore::Element::descendantsAffectedByBackwardPositionalRules const):
3545         * dom/ElementRareData.h:
3546         (WebCore::ElementRareData::descendantsAffectedByForwardPositionalRules const):
3547         (WebCore::ElementRareData::setDescendantsAffectedByForwardPositionalRules):
3548         (WebCore::ElementRareData::descendantsAffectedByBackwardPositionalRules const):
3549         (WebCore::ElementRareData::setDescendantsAffectedByBackwardPositionalRules):
3550         (WebCore::ElementRareData::ElementRareData):
3551         (WebCore::ElementRareData::resetStyleRelations):
3552         * style/StyleRelations.cpp:
3553         (WebCore::Style::commitRelationsToRenderStyle):
3554         (WebCore::Style::commitRelations):
3555         * style/StyleRelations.h:
3556
3557 2018-03-12  Javier Fernandez  <jfernandez@igalia.com>
3558
3559         Remove GridLayout runtime flag
3560         https://bugs.webkit.org/show_bug.cgi?id=183484
3561
3562         Reviewed by Myles C. Maxfield.
3563
3564         The Grid Layout feature has been enabled by default for almost a
3565         year, so I think it's time to remove the runtime flag and the
3566         codepath run when the feature is disabled.
3567
3568         No new tests, because there are no changes in functionality.
3569
3570         * css/CSSComputedStyleDeclaration.cpp:
3571         (WebCore::valueForContentPositionAndDistributionWithOverflowAlignment):
3572         (WebCore::ComputedStyleExtractor::valueForPropertyinStyle):
3573         * css/StyleBuilderConverter.h:
3574         (WebCore::StyleBuilderConverter::convertContentAlignmentData):
3575         * css/parser/CSSParser.cpp:
3576         (WebCore::CSSParserContext::CSSParserContext):
3577         (WebCore::operator==):
3578         * css/parser/CSSParserFastPaths.cpp:
3579         (WebCore::CSSParserFastPaths::isValidKeywordPropertyAndValue):
3580         (WebCore::CSSParserFastPaths::isKeywordPropertyID):
3581         * css/parser/CSSParserMode.h:
3582         (WebCore::CSSParserContextHash::hash):
3583         * css/parser/CSSPropertyParser.cpp:
3584         (WebCore::CSSPropertyParser::parseSingleValue):
3585         * dom/Document.cpp:
3586         * dom/Document.h:
3587         * page/RuntimeEnabledFeatures.h:
3588         * rendering/RenderFlexibleBox.cpp:
3589         (WebCore::alignmentOffset):
3590         * rendering/style/RenderStyle.cpp:
3591         * rendering/style/RenderStyle.h:
3592         (WebCore::RenderStyle::initialDefaultAlignment):
3593         * testing/InternalSettings.cpp:
3594         (WebCore::InternalSettings::Backup::Backup):
3595         (WebCore::InternalSettings::Backup::restoreTo):
3596         * testing/InternalSettings.h:
3597         * testing/InternalSettings.idl:
3598
3599 2018-03-12  Antoine Quint  <graouts@apple.com>
3600
3601         [Web Animations] Implement CSS Animations and CSS Transitions as Web Animations
3602         https://bugs.webkit.org/show_bug.cgi?id=183504
3603         <rdar://problem/38372965>
3604
3605         Reviewed by Dean Jackson and Jon Lee.
3606
3607         Tests: webanimations/css-animations.html
3608                webanimations/css-transitions.html
3609
3610         This patch implements CSS Animations and CSS Transitions as Web Animations. The main changes are:
3611
3612         * StyleTreeResolver: StyleTreeResolver now has a code path to add CSSAnimation and CSSTransition objects onto the DocumentTimeline
3613         to be picked up by the Web Animations engine. The previous CSSAnimationController code path is preserved if the runtime flag is disabled.
3614
3615         * AnimationTimeline: we add two new methods, updateCSSAnimationsForElement() and updateCSSTransitionsForElement() which are called from
3616         TreeResolver::createAnimatedElementUpdate(). These look at the AnimationList for the old and new RenderStyle objects and create, update
3617         and remove matching CSSAnimation and CSSTransition instances.
3618
3619         * DeclarativeAnimation: a new superclass to both CSSAnimation and CSSTransition which introduces the concept of a backingAnimation(),
3620         which is an Animation held by the RenderStyle objects, and two virtual methods with base implementations, initialize() which is called
3621         upon creating by create() methods in subclasses, and syncPropertiesWithBackingAnimation() which ensures that properties on the
3622         DeclarativeAnimation objects (Web Animations side) match the backing animation (CSS side).
3623
3624         * KeyframeEffectReadOnly: two new important methods to create blending keyframes (KeyframeList) based on backing Animation objects,
3625         computeCSSAnimationBlendingKeyframes() and computeCSSTransitionBlendingKeyframes().
3626
3627         * Sources.txt:
3628         * WebCore.xcodeproj/project.pbxproj:
3629         * animation/AnimationEffectReadOnly.h:
3630         (WebCore::AnimationEffectReadOnly::isKeyframeEffectReadOnly const): We fix this method such that calling it on a KeyframeEffect, which
3631         is a subclass of KeyframeEffectReadOnly, returns true.
3632         * animation/AnimationEffectTimingReadOnly.cpp: In order for DeclarativeAnimation::syncPropertiesWithBackingAnimation() to set the timing
3633         function for a declarative animation's effect, we need a public method to set an effect's timing function outside of just the "easing"
3634         property setter exposed via the JS API. So we introduce a setTimingFunction() method and call it from setEasing().
3635         (WebCore::AnimationEffectTimingReadOnly::setEasing):
3636         (WebCore::AnimationEffectTimingReadOnly::setTimingFunction):
3637         * animation/AnimationEffectTimingReadOnly.h:
3638         * animation/AnimationTimeline.cpp:
3639         (WebCore::AnimationTimeline::~AnimationTimeline): Clear all maps and sets containing WebAnimation references to ensure these get destructed
3640         when the AnimationTimeline is being destructed and should no longer hold a reference to them.
3641         (WebCore::AnimationTimeline::relevantMapForAnimation): We store various subclasses of WebAnimation in dedicated maps so we can composite
3642         animations in the correct order when animating. This function returns the correct map for a given animation such that animationWasAddedToElement()
3643         and animationWasRemovedFromElement() mutate the right map.
3644         (WebCore::AnimationTimeline::animationWasAddedToElement):
3645         (WebCore::AnimationTimeline::animationWasRemovedFromElement):
3646         (WebCore::AnimationTimeline::animationsForElement): Make sure to look for animations in the lists of CSS Animations and CSS Transitions as well
3647         as Web Animations.
3648         (WebCore::AnimationTimeline::updateCSSAnimationsForElement): This method is called by TreeResolver::createAnimatedElementUpdate() during style
3649         resolution. It compares the AnimationList of the previous style and the new style for a given element, checks that animations with a given name
3650         that were not present in the old AnimationList have a new matching CSSAnimation object for them added to the AnimationTimeline, that animations
3651         with a given name that are no longer present in the new AnimationList have their matching CSSAnimation object removed from the AnimationTimeline,
3652         and that animations with a given name that are present in both the old and new AnimationList have their matching CSSAnimation updated to match
3653         the current state of the animation in the AnimationList.
3654         (WebCore::AnimationTimeline::updateCSSTransitionsForElement): Similarly to updateCSSAnimationsForElement(), this method is called during style
3655         resolution by TreeResolver::createAnimatedElementUpdate(). Its role is to create or remove CSSTransition objects based on the AnimationList found
3656         in the old and new styles for a given element. It follows a slightly different logic than updateCSSAnimationsForElement() since for CSS Transitions,
3657         there is no need to update CSSTransition objects for a CSS property existing in both the old and new AnimationList, since when a CSS transitions
3658         property is changed, a whole new transition is initiated. However, it's important to check that different Animation objects and styles would actually
3659         result in different timing properties and blending keyframes, so check for this as well before creating new CSSTransition objects.
3660         * animation/AnimationTimeline.h:
3661         (WebCore::AnimationTimeline::animations const): Change the m_animations type from HashSet to ListHashSet to guarantee we preserve the insertion order which is
3662         required by getAnimations().
3663         (WebCore::AnimationTimeline::hasElementAnimations const): Indicates to DocumentTimeline::updateAnimations() that there are animations targeting the provided element.
3664         (WebCore::AnimationTimeline::elementToAnimationsMap):
3665         (WebCore::AnimationTimeline::elementToCSSAnimationsMap):
3666         (WebCore::AnimationTimeline::elementToCSSTransitionsMap):
3667         * animation/CSSAnimation.cpp: CSSAnimation is now a subclass of DeclarativeAnimation and subclasses initialize() and syncPropertiesWithBackingAnimation()
3668         to perform work specific to CSS Animations.
3669         (WebCore::CSSAnimation::create): Set the animationName property based on the provided backing animation.
3670         (WebCore::CSSAnimation::CSSAnimation):
3671         (WebCore::CSSAnimation::initialize): Create the blending keyframes for this CSSAnimation.
3672         (WebCore::CSSAnimation::syncPropertiesWithBackingAnimation): Reflect the animation-fill-mode, animation-direction, animation-iteration-count and
3673         animation-play-state CSS properties on the AnimationEffectTimingReadOnly object associated with this CSSAnimation.
3674         * animation/CSSAnimation.h:
3675         * animation/CSSTransition.cpp: CSSTransition is now a subclass of DeclarativeAnimation.
3676         (WebCore::CSSTransition::create): Set the transitionProperty property based on the provided backing animation.
3677         (WebCore::CSSTransition::CSSTransition):
3678         (WebCore::CSSTransition::matchesBackingAnimationAndStyles const):
3679         (WebCore::CSSTransition::canBeListed const): Subclass this method such that we also check that we have blending keyframes for a CSSTransition to be
3680         listed by calls to getAnimations().
3681         * animation/CSSTransition.h:
3682         * animation/DeclarativeAnimation.cpp: Added. This new WebAnimation subclass now is the common base class for both CSSAnimation and CSSTransition.
3683         It establishes a relationship with a "backing animation", which is an Animation obtained from a style's AnimationList while resolving styles.
3684         These backing animations contain all of the parsed CSS styles related to CSS Animations and CSS Transitions and we use those to set matching properties
3685         of the Web Animations timing model in the new syncPropertiesWithBackingAnimation() virtual method, which subclasses can override to perform further
3686         work that is specific to a given declarative animation type. The initialize() method is called during create() methods to perform common animation
3687         setup work. Note that while both initialize() and syncPropertiesWithBackingAnimation() are called, we suspend invalidation to that animation's effect
3688         since these methods are meant to be called during style invalidation and we would hit an assertion if we followed the usual route of calling
3689         updateStyleIfNeeded() on the target's document during invalidation.
3690         (WebCore::DeclarativeAnimation::DeclarativeAnimation):
3691         (WebCore::DeclarativeAnimation::setBackingAnimation):
3692         (WebCore::DeclarativeAnimation::initialize): Create a KeyframeEffectReadOnly for this animation and set the provided element as its target, set that
3693         element's document's timeline and play the animation if the backing animation's play state is playing.
3694         (WebCore::DeclarativeAnimation::syncPropertiesWithBackingAnimation): Reflect the {animation|transition}-delay, {animation|transition}-duration and
3695         {animation|transition}-timing-function properties as set on the backing animation.
3696         * animation/DeclarativeAnimation.h: Added.
3697         (WebCore::DeclarativeAnimation::backingAnimation const):
3698         * animation/DocumentTimeline.cpp:
3699         (WebCore::DocumentTimeline::updateAnimations): Trigger style invalidation for elements targeted not just by WebAnimation instances, but also by any
3700         of the DeclarativeAnimation subclasses. We also remove the call to updateFinishedState() which should have been removed when we implemented correct
3701         support for asynchronous WebAnimation operations.
3702         (WebCore::DocumentTimeline::animatedStyleForRenderer): Declarative animations are backed by KeyframeEffectReadOnly effects, so make sure we check
3703         for KeyframeEffectReadOnly or one of its subclasses and not just KeyframeEffect since there now are animation types that use the ReadOnly variant.
3704         (WebCore::DocumentTimeline::runningAnimationsForElementAreAllAccelerated): Same as for animatedStyleForRenderer, check for KeyframeEffectReadOnly
3705         and not simply KeyframeEffect.
3706         * animation/KeyframeEffectReadOnly.cpp:
3707         (WebCore::invalidateElement): Stop forcing a style resolution as we invalidate element, marking them as dirty is sufficient. Calls to getAnimations()
3708         already force a style resolution as needed.
3709         (WebCore::KeyframeEffectReadOnly::create): Add a new create() method that only provides a target and which is used by DeclarativeAnimation::initialize().
3710         (WebCore::KeyframeEffectReadOnly::getKeyframes): The previous implementation of getKeyframes() used the ParsedKeyframe list held as m_parsedKeyframes
3711         to compute keyframes. In the case of declarative animations, there are no ParsedKeyframe since the JS API was not involved, so we use the blending keyframes
3712         to look for keyframe data.
3713         (WebCore::KeyframeEffectReadOnly::computeCSSAnimationBlendingKeyframes): Called by CSSAnimation::initialize(), this function creates blending keyframes by
3714         looking up the keyframes date obtained from the @keyframes rule with this backing animation's name.
3715         (WebCore::KeyframeEffectReadOnly::computeCSSTransitionBlendingKeyframes): Called by CSSTransition::create(), this function creates blending keyframes by
3716         creating a 0-offset keyframe with the old style and a 1-offset keyframe with the new style as provided during TreeResolver::createAnimatedElementUpdate().
3717         (WebCore::KeyframeEffectReadOnly::stylesWouldYieldNewCSSTransitionsBlendingKeyframes const): Called by AnimationTimeline::updateCSSTransitionsForElement()
3718         to check that a provided backing Animation and a pair of old and new RenderStyles that may be different objects actually would yield different timing
3719         properties and keyframe CSS values for a given CSS transition to avoid the deletion and creation of CSSTransition objects.
3720         (WebCore::KeyframeEffectReadOnly::shouldRunAccelerated): We mistakenly assumed we always had blending keyframes, which is not always the case with a
3721         CSSTransition where the transition style itself might be set first, but the target value after. So we should only run accelerated provided there are blending
3722         keyframes at least, the function already returning false if it finds a blending keyframe animating a non-accelerated CSS property.
3723         (WebCore::KeyframeEffectReadOnly::setAnimatedPropertiesInStyle): Check that there actually is a matching ParsedKeyframe to read the timing function from.
3724         * animation/KeyframeEffectReadOnly.h:
3725         (WebCore::KeyframeEffectReadOnly::hasBlendingKeyframes const):
3726         * animation/WebAnimation.cpp:
3727         (WebCore::WebAnimation::~WebAnimation): We used to do something very wrong when a WebAnimation was destroyed which uncovered crashes when dealing with
3728         declarative animations. In AnimationTimeline's updateCSSAnimationsForElement() and updateCSSTransitionsForElement(), when we identify that a DeclarativeAnimation
3729         no longer matches an Animation from the current style's AnimationList, we set that DeclarativeAnimation's effect to null and call removeAnimation() on
3730         the timeline. This removes all references from AnimationTimeline to this DeclarativeAnimation and leads to ~WebAnimation being called. Calling removeAnimation()
3731         again in the destructor means that we'd hit ASSERT_WITH_SECURITY_IMPLICATION(!m_deletionHasBegun) in ref(). It was also meaningless to perform this work in
3732         the WebAnimation destructor since an animation could never be destroyed if it were still registered on a timeline.
3733         (WebCore::WebAnimation::suspendEffectInvalidation): DeclarativeAnimation instances have their timing model properties set during style invalidation, so we need
3734         a mechanism to allow the usual effect invalidation to be suspended in this case. We now maintain a simple m_suspendCount count that increases and decreases with
3735         calls to this method and unsuspendEffectInvalidation() and a isEffectInvalidationSuspended() method returning true whenever that count is positive.
3736         (WebCore::WebAnimation::unsuspendEffectInvalidation):
3737         (WebCore::WebAnimation::timingModelDidChange): Check that effect invalidation is not suspended before proceeding with invalidating the effect.
3738         (WebCore::WebAnimation::setEffect): Check for KeyframeEffectReadOnly and not just KeyframeEffect since declarative animations have ReadOnly effects.
3739         (WebCore::WebAnimation::setTimeline): Check for KeyframeEffectReadOnly and not just KeyframeEffect since declarative animations have ReadOnly effects.
3740         (WebCore::WebAnimation::scheduleMicrotaskIfNeeded): Ensure that the WebAnimation's lifecycle is extended at least to the completion of the scheduled microtask.
3741         This would otherwise cause crashes after declarative animations were destroyed when they were no longer applied.
3742         (WebCore::WebAnimation::runPendingPlayTask): Only fulfill the "ready" promise if it hasn't already been, which might have been the case if multiple calls to play()
3743         are made as a result of updating the animation play state in CSSAnimation::syncPropertiesWithBackingAnimation().
3744         (WebCore::WebAnimation::runPendingPauseTask): Same as above but with multiple pause() calls.
3745         (WebCore::WebAnimation::startOrStopAccelerated): Check for KeyframeEffectReadOnly and not just KeyframeEffect since declarative animations have ReadOnly effects.
3746         (WebCore::WebAnimation::canBeListed const): This new method is called by {Document|Element}::getAnimations() to check that an animation is in the correct state to
3747         be listed. The Web Animations spec explains that only animations "that have an associated target effect which is current or in effect" can be listed. We implement
3748         this behavior as specified.
3749         * animation/WebAnimation.h:
3750         (WebCore::WebAnimation::isDeclarativeAnimation const):
3751         (WebCore::WebAnimation::isEffectInvalidationSuspended):
3752         * dom/Document.cpp:
3753         (WebCore::Document::getAnimations): Ensure that the document's pending styles are resolved before returning animations to ensure that any pending declarative
3754         animations are created. Additionally, we ensure that we only list qualifying animations that have effects targeting elements that are children of thi document.
3755         * dom/Element.cpp:
3756         (WebCore::Element::getAnimations): Same as Document::getAnimations().
3757         * style/StyleTreeResolver.cpp:
3758         (WebCore::Style::TreeResolver::createAnimatedElementUpdate): When resolving styles, call into the AnimationTimeline if the runtime flag to enable CSS Animations and
3759         CSS Transitions as Web Animations is on. Otherwise, use CSSAnimationController.
3760
3761 2018-03-12  Michael Catanzaro  <mcatanzaro@igalia.com>
3762
3763         [GTK] Crash in WebCore::PlatformDisplayWayland::~PlatformDisplayWayland
3764         https://bugs.webkit.org/show_bug.cgi?id=176490
3765
3766         Reviewed by Žan Doberšek.
3767
3768         Destroy the wl_display with wl_display_disconnect() (client process API), not
3769         wl_display_destroy() (server process API). It has to be destroyed last, so explicitly
3770         destroy the wl_registry and wl_compositor first.
3771
3772         * platform/graphics/wayland/PlatformDisplayWayland.cpp:
3773         (WebCore::PlatformDisplayWayland::~PlatformDisplayWayland):
3774
3775 2018-03-10  Megan Gardner  <megan_gardner@apple.com>
3776
3777         Media query for default appearance
3778         https://bugs.webkit.org/show_bug.cgi?id=183539
3779         <rdar://problem/38326388>
3780
3781         Reviewed by Tim Horton.
3782
3783         Not currently testable, will add tests in a later patch.
3784
3785         Write a media query to evaluate appearance.
3786
3787         * css/CSSValueKeywords.in:
3788         * css/MediaFeatureNames.h:
3789         * css/MediaQueryEvaluator.cpp:
3790         (WebCore::defaultAppearanceEvaluate):
3791         * css/MediaQueryExpression.cpp:
3792         (WebCore::featureWithValidIdent):
3793         (WebCore::isFeatureValidWithoutValue):
3794         * page/Page.h:
3795         (WebCore::Page::defaultAppearance const):
3796         (WebCore::Page::setDefaultAppearance):
3797
3798 2018-03-10  Daniel Bates  <dabates@apple.com>
3799
3800         InlineTextBox should own shadow data
3801         https://bugs.webkit.org/show_bug.cgi?id=183359
3802         <rdar://problem/38171343>
3803
3804         Reviewed by Darin Adler.
3805
3806         Following r229147 we recompute the selection style, including any shadow data, whenever we
3807         paint the inline text box. Therefore, InlineTextBox needs to take ownership of the shadow
3808         data or it may be deallocated before it can be used.
3809
3810         Covered by existing tests.
3811
3812         * rendering/InlineTextBox.cpp: Changed data type of InlineTextBox::MarkedTextStyle::textShadow
3813         from const ShadowData* to std::optional<ShadowData>. Also removed explicitly deleted equality
3814         and inequality operators as they are unnecessary. Layout tests should catch if these are ever
3815         implemented and used when painting because the painted results will be wrong.
3816         (WebCore::InlineTextBox::computeStyleForUnmarkedMarkedText const): Clone ShadowData.
3817         (WebCore::InlineTextBox::resolveStyleForMarkedText): Simplified logic.
3818         (WebCore::InlineTextBox::paintMarkedTextForeground): Modified code now that MarkedTextStyle
3819         holds a std::optional<ShadowData>.
3820         (WebCore::InlineTextBox::paintMarkedTextDecoration): Ditto.
3821         * rendering/TextPaintStyle.cpp:
3822         (WebCore::computeTextSelectionPaintStyle): Changed the out parameter type from const ShadowData*
3823         to std::optional<ShadowData>& and modified code as needed.
3824         * rendering/TextPaintStyle.h:
3825         * rendering/style/ShadowData.cpp: Removed unncessary #include of header LayoutRect.h.
3826         This header will be included via ShadowData.h.
3827         (WebCore::ShadowData::clone): Convenience method that returns an std::optional to a
3828         cloned ShadowData object.
3829         * rendering/style/ShadowData.h:
3830
3831 2018-03-09  Zalan Bujtas  <zalan@apple.com>
3832
3833         Turn off offset*/scroll* optimization for input elements with shadow content
3834         https://bugs.webkit.org/show_bug.cgi?id=182383
3835         <rdar://problem/37114190>
3836
3837         Reviewed by Antti Koivisto.
3838
3839         We normally ensure clean tree before calling offsetHeight/Width, scrollHeight/Width.
3840         In certain cases (see updateLayoutIfDimensionsOutOfDate() for details), it's okay to return
3841         the previously computed values even when some part of the tree is dirty.
3842         In case of shadow content, updateLayoutIfDimensionsOutOfDate() might return false (no need to layout)
3843         for the root, while true (needs layout) for the shadow content.
3844         This could confuse the caller (Element::scrollWidth/Height etc) and lead to incorrect result.
3845
3846         Test: fast/forms/scrollheight-with-mutation-crash.html
3847
3848         * dom/Document.cpp:
3849         (WebCore::Document::updateLayoutIfDimensionsOutOfDate):
3850
3851 2018-03-10  Wenson Hsieh  <wenson_hsieh@apple.com>
3852
3853         [macOS] Copying a table from the Numbers app and pasting into iCloud Numbers fails
3854         https://bugs.webkit.org/show_bug.cgi?id=183485
3855         <rdar://problem/38041984>
3856
3857         Reviewed by Ryosuke Niwa.
3858
3859         After r222656, WebKit now treats raw image data on the pasteboard as files for the purposes of computing
3860         DataTransfer.files and DataTransfer.types. However, this is combined with existing policies that suppress
3861         DataTransfer.getData and DataTransfer.setData when the pasteboard contains files (generalized to copy/paste in
3862         r222688). This means we now don't allow web pages to access "text/plain" in the case where the user copies part
3863         of a table from the native Numbers app since Numbers additionally writes a snapshot of the table to the platform
3864         pasteboard.
3865
3866         This restriction on getData/setData was intended to prevent web pages from extracting users' file paths when
3867         pasting or dropping, so it doesn't make sense to enforce this restriction even when there is only in-memory
3868         image data on the pasteboard. To fix this bug, we make Pasteboard::fileContentState() differentiate between
3869         cases where there are (real) files on the pasteboard, and cases where we've fallen back to treating image data
3870         as files.
3871
3872         Rebaselined existing LayoutTests to match new behavior.
3873         Also covered by 4 new API tests:
3874             - PasteMixedContent.ImageDataAndPlainText
3875             - PasteMixedContent.ImageDataAndPlainTextAndURL
3876             - PasteMixedContent.ImageDataAndPlainTextAndURLAndHTML
3877             - UIPasteboardTests.DataTransferGetDataWhenPastingImageAndText
3878
3879         * dom/DataTransfer.cpp:
3880         (WebCore::DataTransfer::shouldSuppressGetAndSetDataToAvoidExposingFilePaths const):
3881
3882         If custom pasteboard data is enabled, suppress getData and setData if and only if we might actually expose file
3883         paths (see Pasteboard::fileContentState).
3884
3885         (WebCore::DataTransfer::types const):
3886
3887         Only allow "text/html" or "text/uri-list" in the case where there are actual files in the pasteboard. If there's
3888         only image data, add all of the DOM-safe types back into the list of types.
3889
3890         * platform/Pasteboard.h:
3891         * platform/StaticPasteboard.h:
3892
3893         Add an enum type to represent the result of Pasteboard::fileContentState.
3894         -   NoFileOrImageData indicates that there was nothing on the pasteboard that could be considered a file
3895             from the point of view of the page.
3896         -   InMemoryImage indicates that there are no files on the pasteboard, but there is image data that we consider
3897             to be files, exposed via DataTransfer API.
3898         -   MayContainFilePaths indicates that there might be file paths on the pasteboard. This means that the source
3899             has either written file paths to the pasteboard (for example, through NSFilenamesPboardType) or the source
3900             has written image data along with a URL type of some sort that does not match one of the allowed URL schemes
3901             that are safe to expose (currently, these are http-family, data, or blob).
3902
3903         * platform/cocoa/PasteboardCocoa.mm:
3904         (WebCore::Pasteboard::fileContentState):
3905
3906         Refactor to return one of the three enum types described above.
3907
3908         (WebCore::Pasteboard::containsFiles): Deleted.
3909         * platform/gtk/PasteboardGtk.cpp:
3910         (WebCore::Pasteboard::fileContentState):